This pull request includes a comprehensive refactor and optimization of several key configuration files and build scripts related to the DNS setup, specifically for Pi-hole and Unbound. The changes focus on improving readability, maintainability, security, and performance across the configurations and scripts.
Changes Included
docker-compose.yaml
Updated Docker Compose version: Moved to version 3.8 for better compatibility and access to the latest features.
Simplified volume names: Made volume names more readable.
Port mapping quotes: Added quotes around port mappings to avoid potential YAML parsing issues.
Standardized environment variables: Improved consistency in the declaration of environment variables.
Added comments: Enhanced maintainability by explaining key sections.
99-edns.conf
Detailed comments: Added to explain the purpose of each setting.
Additional EDNS and DNSSEC configurations: Included settings to improve security and DNS query performance.
Organized settings: Grouped logically for better readability and easier maintenance.
Prevented fragmentation: Ensured the configuration is tailored to prevent fragmentation issues.
Dockerfile
Default ARG value: Set a default value for PIHOLE_VERSION to improve flexibility.
APT commands cleanup: Reduced image size and improved efficiency by cleaning up after package installations.
Script permissions: Ensured the unbound-run script is executable by adding a chmod step.
Consistent formatting: Used consistent quoting and formatting for improved readability.
Exec form for ENTRYPOINT: Updated to improve signal handling and process management.
build_and_push.sh
Error handling: Added set -euo pipefail to improve robustness.
Buildx installation check: Added a check to ensure Docker Buildx is installed.
Conditional builder creation: Automatically creates the Buildx builder if it doesn’t already exist.
Environment variable override: Allowed the Pi-hole version to be overridden via an environment variable.
Improved logging: Added logging to provide feedback during script execution.
lighttpd-external.conf
Descriptive comment: Added to explain the purpose of the configuration.
Consistent formatting: Ensured consistent indentation and formatting for readability.
unbound-pihole.conf
Enhanced comments: Added detailed comments to explain each setting.
Organized settings: Grouped related settings for better readability.
Clarified security settings: Explained DNSSEC and EDNS configurations for better understanding.
Improved maintainability: Structured the file to facilitate future updates.
unbound-run
Refactoring: Improved structure with an explicit if statement for checking the daemon's existence.
Script execution: Ensured the script is executable and correctly invokes the Unbound daemon.
Consistent formatting: Used consistent quoting and formatting for better maintainability.
Testing and Validation
All configurations have been tested to ensure they work as expected within the Pi-hole and Unbound environment.
The scripts have been executed successfully in a test environment to confirm their functionality and robustness.
Additional Notes
These changes aim to improve the overall maintainability and clarity of the DNS setup, making it easier for future contributors to understand and modify the configurations.
Further enhancements and security improvements can be considered in future iterations based on the evolving requirements.
Summary
This pull request includes a comprehensive refactor and optimization of several key configuration files and build scripts related to the DNS setup, specifically for Pi-hole and Unbound. The changes focus on improving readability, maintainability, security, and performance across the configurations and scripts.
Changes Included
docker-compose.yaml99-edns.confDockerfilePIHOLE_VERSIONto improve flexibility.unbound-runscript is executable by adding achmodstep.build_and_push.shset -euo pipefailto improve robustness.lighttpd-external.confunbound-pihole.confunbound-runTesting and Validation
Additional Notes