jdeathe/containerised-local-dnsmasq.sh

## containerised-local-dnsmasq.sh
# - Create an DNS container on localhost exposing the default tcp + udp port 53.
# - Disable the SSH features and process - using local docker.
# - Create a loopback alias with on 192.168.127.1/24 to allow routing between
#   host and containers.
# - http://www.thekelleys.org.uk/dnsmasq/doc.html
# - http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html

LOOPBACK_ALIAS="192.168.127.1/24"
LOOPBACK_ALIAS_IP="${LOOPBACK_ALIAS%%/*}"

# Alias for loopback interface.
# Note this is not persistent accross reboots.
if [[ $(uname) == Darwin ]]; then
  sudo ifconfig lo0 alias ${LOOPBACK_ALIAS} up
else
  sudo ip addr add ${LOOPBACK_ALIAS} dev lo:0
fi

docker network create --driver bridge local_infra 2> /dev/null || true

LOCAL_INFRA_GATEWAY="$(
	docker network inspect -f '{{ index (index .IPAM.Config 0).Gateway }}' local_infra | awk -F/ '{ print $1; }'
)"

eval "sudo -E $(
    docker inspect \
    -f "{{.ContainerConfig.Labels.install}}" \
    jdeathe/centos-ssh:centos-7-2.1.2
  ) install \
  --name=dnsmasq.1.0 \
  --env='SSH_AUTOSTART_SSHD=false' \
  --env='SSH_AUTOSTART_SSHD_BOOTSTRAP=false' \
  --env='DOCKER_PORT_MAP_TCP_22=NULL' \
  --setopt='--network local_infra' \
  --setopt='--expose 53' \
  --setopt='--expose 67' \
  --setopt='--publish ${LOOPBACK_ALIAS_IP}:53:53' \
  --setopt='--publish ${LOOPBACK_ALIAS_IP}:53:53/udp'
"

docker exec -i dnsmasq.1.0 yum -y install dnsmasq

docker exec -i dnsmasq.1.0 tee /etc/supervisord.d/dnsmasq.conf 1> /dev/null <<-CONFIG
[program:dnsmasq]
priority = 100
command = /usr/sbin/dnsmasq --no-daemon --keep-in-foreground --bogus-priv --domain-needed --no-resolv
startsecs = 0
autorestart = true
redirect_stderr = true
stdout_logfile = /var/log/dnsmasq.log
stdout_events_enabled = true
CONFIG

docker exec -i dnsmasq.1.0 tee /etc/dnsmasq.d/localdomain.conf 1> /dev/null <<-CONFIG
cache-size=10000
log-queries
host-record=container-host,${LOCAL_INFRA_GATEWAY},300

# Local wildcard match
address=/.local/${LOOPBACK_ALIAS_IP}
address=/.localdomain/${LOOPBACK_ALIAS_IP}

# Internal LAN forwarder
#server=/.lan/10.0.0.53
#server=/.lan/10.0.0.54

# Google public servers
server=8.8.8.8
server=8.8.4.4

# OpenDNS public servers
server=208.67.222.222
server=208.67.220.220
CONFIG

# Restarting the container allows supervisord start the dnsmask process. If you
# Upload a new configuration you will need restart for the changes to apply.
docker restart dnsmasq.1.0

# Test it's working for localdomain hosts
dig @${LOOPBACK_ALIAS_IP} any-host.localdomain

# Tail the logs - Note: Use Ctl + c to exit.
docker logs -f --tail=30 dnsmasq.1.0

echo "Set up your network connection to use ${LOOPBACK_ALIAS_IP} for DNS."
	# - Create an DNS container on localhost exposing the default tcp + udp port 53.
	# - Disable the SSH features and process - using local docker.
	# - Create a loopback alias with on 192.168.127.1/24 to allow routing between
	# host and containers.
	# - http://www.thekelleys.org.uk/dnsmasq/doc.html
	# - http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html

	LOOPBACK_ALIAS="192.168.127.1/24"
	LOOPBACK_ALIAS_IP="${LOOPBACK_ALIAS%%/*}"

	# Alias for loopback interface.
	# Note this is not persistent accross reboots.
	if [[ $(uname) == Darwin ]]; then
	sudo ifconfig lo0 alias ${LOOPBACK_ALIAS} up
	else
	sudo ip addr add ${LOOPBACK_ALIAS} dev lo:0
	fi

	docker network create --driver bridge local_infra 2> /dev/null \|\| true

	LOCAL_INFRA_GATEWAY="$(
	docker network inspect -f '{{ index (index .IPAM.Config 0).Gateway }}' local_infra \| awk -F/ '{ print $1; }'
	)"

	eval "sudo -E $(
	docker inspect \
	-f "{{.ContainerConfig.Labels.install}}" \
	jdeathe/centos-ssh:centos-7-2.1.2
	) install \
	--name=dnsmasq.1.0 \
	--env='SSH_AUTOSTART_SSHD=false' \
	--env='SSH_AUTOSTART_SSHD_BOOTSTRAP=false' \
	--env='DOCKER_PORT_MAP_TCP_22=NULL' \
	--setopt='--network local_infra' \
	--setopt='--expose 53' \
	--setopt='--expose 67' \
	--setopt='--publish ${LOOPBACK_ALIAS_IP}:53:53' \
	--setopt='--publish ${LOOPBACK_ALIAS_IP}:53:53/udp'
	"

	docker exec -i dnsmasq.1.0 yum -y install dnsmasq

	docker exec -i dnsmasq.1.0 tee /etc/supervisord.d/dnsmasq.conf 1> /dev/null <<-CONFIG
	[program:dnsmasq]
	priority = 100
	command = /usr/sbin/dnsmasq --no-daemon --keep-in-foreground --bogus-priv --domain-needed --no-resolv
	startsecs = 0
	autorestart = true
	redirect_stderr = true
	stdout_logfile = /var/log/dnsmasq.log
	stdout_events_enabled = true
	CONFIG

	docker exec -i dnsmasq.1.0 tee /etc/dnsmasq.d/localdomain.conf 1> /dev/null <<-CONFIG
	cache-size=10000
	log-queries
	host-record=container-host,${LOCAL_INFRA_GATEWAY},300

	# Local wildcard match
	address=/.local/${LOOPBACK_ALIAS_IP}
	address=/.localdomain/${LOOPBACK_ALIAS_IP}

	# Internal LAN forwarder
	#server=/.lan/10.0.0.53
	#server=/.lan/10.0.0.54

	# Google public servers
	server=8.8.8.8
	server=8.8.4.4

	# OpenDNS public servers
	server=208.67.222.222
	server=208.67.220.220
	CONFIG

	# Restarting the container allows supervisord start the dnsmask process. If you
	# Upload a new configuration you will need restart for the changes to apply.
	docker restart dnsmasq.1.0

	# Test it's working for localdomain hosts
	dig @${LOOPBACK_ALIAS_IP} any-host.localdomain

	# Tail the logs - Note: Use Ctl + c to exit.
	docker logs -f --tail=30 dnsmasq.1.0

	echo "Set up your network connection to use ${LOOPBACK_ALIAS_IP} for DNS."