Skip to content

Instantly share code, notes, and snippets.

@cretudorin

cretudorin/nginx_dns_proxy.md

Last active April 11, 2021 16:40
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save cretudorin/2b8b5bceb4bc8259922c61f405073308 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save cretudorin/2b8b5bceb4bc8259922c61f405073308 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
nginx_dns_proxy.md

Use nginx as a dns loadbalancer on Debian 10

add deb-src

deb https://*/ buster main contrib non-free => deb-src https://*/ buster main contrib non-free

install build-dep

sudo apt build-dep nginx

find the right version for your system

ngx_version=$(apt-cache policy nginx | grep Candidate | awk -F ':' '{print $2}' | awk -F '-' '{print $1}' | awk '{ gsub(/ /,""); print }')

get nginx and extract (https://nginx.org/download)

wget "https://nginx.org/download/nginx-$ngx_version.tar.gz" && tar zxvf nginx-$ngx_version.tar.gz && cd nginx-$ngx_version

configure --with-stream

./configure --prefix=/etc/nginx \
            --sbin-path=/usr/sbin/nginx \
            --conf-path=/etc/nginx/nginx.conf \
            --error-log-path=/var/log/nginx/error.log \
            --pid-path=/var/run/nginx.pid \
            --lock-path=/var/run/nginx.lock \
            --user=nginx \
            --group=nginx \
            --build=Debian \
            --with-stream

make and install

make && sudo make install

does it work?

sudo nginx -V

replace nginx.conf

sudo nano /etc/nginx/nginx.conf

user  www-data;
worker_processes  8;

error_log  logs/error.log;
error_log off;

events {
    worker_connections  1024;
}

stream {
    upstream dns_servers {
        server 192.168.999.999:53;
        server 1.1.1.1:53 backup;
        server 8.8.8.8:53 backup;
    }

    server {
        listen 53  udp;
        listen 53; #tcp
        proxy_pass dns_servers;
        proxy_responses 1;
        proxy_timeout   1s;
        error_log  /var/log/nginx.dns.log info;
    }
}

add systemd unit file

sudo nano /etc/systemd/system/nginx.service

[Unit]
Description=nginx - high performance web server
Documentation=https://nginx.org/en/docs/
After=network-online.target remote-fs.target nss-lookup.target
Wants=network-online.target

[Service]
Type=forking
PIDFile=/var/run/nginx.pid
ExecStartPre=/usr/sbin/nginx -t -c /etc/nginx/nginx.conf
ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s TERM $MAINPID

[Install]
WantedBy=multi-user.target

enable and start

sudo systemctl enable nginx.service
sudo systemctl start nginx.service

src:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment