Dima/prosody-docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Allow overriding DNS resolver

Browse Source 
Nice to have on its own, but also useful to point at a DNSSEC-capable
resolver.
This commit is contained in:
Kim Alvefur
2026-03-03 20:23:03 +01:00
parent 370bca28c0
commit 6270bc329f
3 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+1
View File
@@ -60,6 +60,7 @@ Volumes can be mounted at the following locations for adding in files:
* `PROSODY_TURN_SECRET` - Shared secret for TURN
* `PROSODY_TURN_TLS_PORT` - Port number for STUN over TLS
* `PROSODY_RETENTION_DAYS` - How many days worth of message archives and shared file to keep.
* `PROSODY_DNS_RESOLVERS` - Comma-separated list of DNS resolvers to use instead of what `/etc/resolv.conf` points to.
* `PROSODY_USE_DANE` - Whether to enable [DANE](https://prosody.im/doc/dane) (requires [DNSSEC](https://prosody.im/doc/dnssec) aware resolvers).
* `PROSODY_S2S_SECURE_AUTH` - Whether to require that remote servers present valid certificates. Enabled by default.
* `PROSODY_C2S_RATE_LIMIT` - Rate limit for client-to-server connections. Defaults to `10kb/s`.
configs/prosody-13.0.cfg.lua
+1
View File
@@ -128,6 +128,7 @@ use_dane = ENV_PROSODY_USE_DANE
unbound = {
-- on Debian this file is included in the package 'dns-root-data'
trustfile = ENV_PROSODY_USE_DANE and "/usr/share/dns/root.ds";
forward = _split(ENV_PROSODY_DNS_RESOLVERS);
}
-- Some servers have invalid or self-signed certificates. You can list
configs/prosody-trunk.cfg.lua
+1
View File
@@ -128,6 +128,7 @@ use_dane = ENV_PROSODY_USE_DANE
unbound = {
-- on Debian this file is included in the package 'dns-root-data'
trustfile = ENV_PROSODY_USE_DANE and "/usr/share/dns/root.ds";
forward = _split(ENV_PROSODY_DNS_RESOLVERS);
}
-- Some servers have invalid or self-signed certificates. You can list