rsp2k/coredns
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

coredns: production port defaults (5353 plain DNS, 8081 health)

Browse Source 
Deployed to dell01.mer.idahomuellers.net with firewall NAT'ing
public requests in to host:5353/tcp+udp.

Port changes baked in as new defaults so future hosts inherit them:
- DNS_PORT: 1053 -> 5353 (dev was 1053 because avahi-daemon owns
  5353 on Arch desktops; production hosts typically don't run avahi
  and 5353 is the conventional non-privileged DNS port — mDNS uses
  multicast 224.0.0.251:5353 which never conflicts with a unicast bind)
- HEALTH_PORT: 8080 -> 8081 (8080 collided with a python3 service
  on dell01; 8081 is less commonly contested)
This commit is contained in:
Ryan Malloy 2026-05-16 13:59:33 -06:00
parent c1afe77b27
commit 3d47d67e89
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.env
View File

@ -5,9 +5,10 @@ COREDNS_IMAGE=coredns/coredns:1.11.3
# Host ports. systemd-resolved usually binds 53, so default to 5353.
# Override to 53 if you actually want this to be the host's resolver.
DNS_PORT=1053
DNS_PORT=5353
METRICS_PORT=9153
HEALTH_PORT=8080
# 8080 is famously contested (dev servers, alternate HTTP). 8081 less so.
HEALTH_PORT=8081
# DoT (DNS-over-TLS, RFC 7858) — IANA port 853. Host port 8853 to
# stay unprivileged.