48 lines
954 B
YAML
48 lines
954 B
YAML
version: '3.7'
|
|
|
|
x-logging: &json-log
|
|
driver: 'json-file'
|
|
options:
|
|
max-size: 20m
|
|
max-file: '5'
|
|
|
|
networks:
|
|
tig_monitoring:
|
|
external: true
|
|
#host:
|
|
# external: true
|
|
backend:
|
|
driver: overlay
|
|
attachable: true
|
|
driver_opts:
|
|
encrypted: "true"
|
|
|
|
services:
|
|
unbound:
|
|
image: localhost:5000/unbound:latest
|
|
deploy:
|
|
mode: global
|
|
restart_policy:
|
|
condition: any
|
|
update_config:
|
|
parallelism: 2
|
|
delay: 5s
|
|
order: stop-first
|
|
failure_action: rollback
|
|
logging: *json-log
|
|
volumes:
|
|
- "/etc/hosts:/etc/hosts:ro"
|
|
ports:
|
|
- target: 5353
|
|
published: 53
|
|
protocol: tcp
|
|
mode: host
|
|
- target: 5353
|
|
published: 53
|
|
protocol: udp # Potentially vulnerable without any ratelimits, see https://www.us-cert.gov/ncas/alerts/TA14-017A
|
|
mode: host
|
|
networks:
|
|
#- host
|
|
- backend
|
|
- tig_monitoring
|