services:
  technitium:
    image: technitium/dns-server:latest
    container_name: dns01
    hostname: dns01
    mem_limit: 4g
    cpu_shares: 1024
    security_opt:
      - no-new-privileges:true
    network_mode: host
    volumes:
      - /volume1/docker/technitium/config:/etc/dns:rw
    environment:
      - DNS_SERVER_DOMAIN=dns01.dns-cluster.internal
      - DNS_SERVER_ADMIN_PASSWORD=admin
      - DNS_SERVER_WEB_SERVICE_ENABLE_HTTPS=true
      - DNS_SERVER_WEB_SERVICE_HTTPS_PORT=53443
      - DNS_SERVER_WEB_SERVICE_USE_SELF_SIGNED_CERT=true
      - DNS_SERVER_FORWARDERS=https://dns10.quad9.net/dns-query
      - DNS_SERVER_FORWARDER_PROTOCOL=Https
      - DNS_SERVER_ENABLE_BLOCKING=true
      - TZ=America/Los_Angeles
    restart: unless-stopped