From bcc914d77aa52a6adda4318385c05e7309d6e276 Mon Sep 17 00:00:00 2001
From: Hyperling <me@hyperling.com>
Date: Sat, 29 Jul 2023 11:44:00 -0700
Subject: [PATCH] Filled out all files for DNS. Ready for testing.

---
 .gitignore                                    |  3 ++
 Config/DNS/Dockerfile                         |  9 +++---
 Config/DNS/README.md                          |  5 +++
 Config/DNS/config/dnsmasq.conf.example        | 31 +++++++++++++++++++
 Config/DNS/config/hosts.example               | 20 ++++++++++++
 Config/DNS/config/resolv.conf.example         | 21 +++++++++++++
 ...ker-compose.yml.tbd => docker-compose.yml} |  8 +++--
 7 files changed, 90 insertions(+), 7 deletions(-)
 create mode 100644 Config/DNS/README.md
 rename Config/DNS/{docker-compose.yml.tbd => docker-compose.yml} (76%)

diff --git a/.gitignore b/.gitignore
index 7749165..7ab2c18 100644
--- a/.gitignore
+++ b/.gitignore
@@ -24,3 +24,6 @@ private.key
 
 # Ignore secrets for Invidious.
 Config/Invidious/*.env
+
+# Ignore DNS config files, contain private settings.
+Config/DNS/config/*
diff --git a/Config/DNS/Dockerfile b/Config/DNS/Dockerfile
index 8445267..a38d013 100644
--- a/Config/DNS/Dockerfile
+++ b/Config/DNS/Dockerfile
@@ -1,9 +1,10 @@
 # 2023-07-29
-# Create website in node container and run it.
+#
+# Create a Debian container which runs dnsmasq.
+# https://wiki.debian.org/dnsmasq
+#
 
-# Using Debian testing so that we use PHP >8. Otherwise the shebangs from
-# the include files (#!/usr/bin/php) show up on the website.
-FROM debian:testing
+FROM debian
 
 # Install Dependencies
 RUN apt update && apt install -y dnsmasq
diff --git a/Config/DNS/README.md b/Config/DNS/README.md
new file mode 100644
index 0000000..f6f0767
--- /dev/null
+++ b/Config/DNS/README.md
@@ -0,0 +1,5 @@
+# Local DNS
+Host a local DNS server in case your router/gateway is not cutting it. Allows
+the ability to use simple names across the network witrhout editing `/etc/hosts`
+on each machine. The IP of this server should be added to the router/gateway's
+settings so that all machines on the network know to use it and can benefit.
diff --git a/Config/DNS/config/dnsmasq.conf.example b/Config/DNS/config/dnsmasq.conf.example
index e69de29..17f01fb 100644
--- a/Config/DNS/config/dnsmasq.conf.example
+++ b/Config/DNS/config/dnsmasq.conf.example
@@ -0,0 +1,31 @@
+# 2023-07-29
+#
+# Description:
+#   Settings specific to DNS Masquerade. The parameters in this file are the
+#   same which can be passed to the dnsmasq program directly using '--', but the
+#   '--' is not necessary in this file. Otherwise this file has no manpage.
+#
+# Futher Reading:
+#   Commands:
+#     https://manpages.debian.org/bookworm/dnsmasq-base/dnsmasq.8.en.html
+#   Tutorials:
+#     Basic:
+#       https://www.howtoforge.com/how-to-setup-local-dns-server-using-dnsmasq-on-ubuntu-20-04/
+#     Split DNS:
+#       https://www.gluster.org/use-dnsmasq-for-separating-dns-queries/
+
+# Who this server is.
+port=53
+domain=example.com
+
+# FQDN must be provided in order for this server to check upstream for it.
+domain-needed
+
+# Do not forward requests for private IPs to upstream domains.
+bogus-priv
+
+# Automatically add FQDN to any simple names in /etc/hosts.
+#expand-hosts
+
+# Default cache size is 150. 0 disables caching. Large values lower performance.
+cache-size=1000
diff --git a/Config/DNS/config/hosts.example b/Config/DNS/config/hosts.example
index e69de29..5549c2a 100644
--- a/Config/DNS/config/hosts.example
+++ b/Config/DNS/config/hosts.example
@@ -0,0 +1,20 @@
+# 2023-07-29
+#
+# Description:
+#   Example file of how to use the hosts file. It contains local servers running
+#   inside the domain that need accessed directly rather than traversing outside
+#   the WAN. This saves time and prevents some routers from dropping data.
+#
+# Format:
+#   XXX.XXX.XXX.XXX subdomain.domain.extension subdomain
+#
+# Futher Reading:
+#   https://manpages.debian.org/bookworm/manpages/hosts.5.en.html
+#
+
+127.0.0.1 localhost
+127.0.1.1 dns.example.com dns
+
+192.168.1.22 ssh.example.com  ssh
+192.168.1.25 mail.example.com mail
+192.168.1.80 www.example.com  www
diff --git a/Config/DNS/config/resolv.conf.example b/Config/DNS/config/resolv.conf.example
index e69de29..039a181 100644
--- a/Config/DNS/config/resolv.conf.example
+++ b/Config/DNS/config/resolv.conf.example
@@ -0,0 +1,21 @@
+# 2023-07-29
+#
+# Description:
+#   Generic DNS settings unrelated to dnsmasq are provided here.
+#
+# Futher Reading:
+#   https://manpages.debian.org/bookworm/manpages/resolv.conf.5.en.html
+#
+
+# The local domains being hosted.
+search example.com anotherdomain.com
+
+# Explicitly set local caching with /etc/hosts on.
+nameserver 127.0.0.1
+
+# Add any extra settings.
+options rotate
+
+# Use Cloudflare for upstream DNS.
+nameserver 1.1.1.1
+nameserver 1.0.0.1
diff --git a/Config/DNS/docker-compose.yml.tbd b/Config/DNS/docker-compose.yml
similarity index 76%
rename from Config/DNS/docker-compose.yml.tbd
rename to Config/DNS/docker-compose.yml
index 86b71b3..01f18ae 100644
--- a/Config/DNS/docker-compose.yml.tbd
+++ b/Config/DNS/docker-compose.yml
@@ -1,13 +1,15 @@
 # 2023-07-29
+#
 # Local DNS server which properly handles DNS splitting.
 # Necessary when using junk ISP gateways and running a domain.
-# https://wiki.debian.org/dnsmasq
+# https://thekelleys.org.uk/dnsmasq/doc.html
+#
 
 version: '3'
 
 services:
   app:
-    restart: always
     build: ./
+    restart: always
     ports:
-      - 8317:8080
+      - "53:53"