Remote & on-site IT support across Australia & New Zealand · 24/7 emergency line
0485 011 911 info@trendsit.com
Client Portal Call 0485 011 911

Deploy and Configure Technitium – DNS Server

By /
Setup Docker Container
services:
  traefik:
    image: traefik:latest
    container_name: traefik
    restart: unless-stopped
    environment:
      DOCKER_API_VERSION: "1.44"
    command:
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--providers.docker.network=traefik-public"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.websecure.address=:443"
      - "--entrypoints.web.http.redirections.entrypoint.to=websecure"
      - "--entrypoints.web.http.redirections.entrypoint.scheme=https"
      - "--certificatesresolvers.le.acme.httpchallenge=true"
      - "--certificatesresolvers.le.acme.httpchallenge.entrypoint=web"
      - "--certificatesresolvers.le.acme.email=${LETSENCRYPT_EMAIL}"
      - "--certificatesresolvers.le.acme.storage=/letsencrypt/acme.json"
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./letsencrypt:/letsencrypt
    networks:
      - traefik-public

  dns-server:
    image: technitium/dns-server:latest
    container_name: dns-server
    restart: unless-stopped
    environment:
      - TZ=Australia/Sydney
      - DNS_SERVER_DOMAIN=${DOMAIN}
    ports:
      - "53:53/udp"
      - "53:53/tcp"
    volumes:
      - ./config:/etc/dns
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.dns.rule=Host(`${DOMAIN}`)"
      - "traefik.http.routers.dns.entrypoints=websecure"
      - "traefik.http.routers.dns.tls=true"
      - "traefik.http.routers.dns.tls.certresolver=le"
      - "traefik.http.services.dns.loadbalancer.server.port=5380"
    networks:
      - traefik-public
Prepare Docker
# Add tradfic-public network to Docker
docker network create traefik-public

# Edit .env file, update dns host and email
# Create dns record for the host in .env file above
Configure Settings

Disable internal Blocking service

  1. Settings > Block > uncheck “Enable Blocking” > Save Settings
Install Apps
  1. Install and configure Advanced Blocking App

Advanced Blocking app using .NET Regular Expression, and can be added to your whitelist.txt.

  • “allowListUrls:” only accept domain names.
  • “regexAllowListUrls” accept regular expressions.
  • “allowedRegex” and “blockedRegex” required Json regular expression.
      "allowListUrls": ["http://local-web/technitium/whitelist.txt"],
      "blockListUrls": [
        "https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-gambling-porn-social/hosts",
        "https://blocklistproject.github.io/Lists/phishing.txt",
        "https://big.oisd.nl/domainswild2",
        "https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/wildcard/ultimate-onlydomains.txt",
        "https://v.firebog.net/hosts/Easylist.txt",
        "https://v.firebog.net/hosts/Easyprivacy.txt",
        "https://perflyst.github.io/PiHoleBlocklist/SmartTV-AGH.txt"
      ],
      "allowedRegex": [],
      "blockedRegex": [
        "^ads\."
      ],
      "regexAllowListUrls": ["http://local-web/technitium/whitelist.txt"],

2. Install Query Logs (sqlite)

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top