a docker container which runs the cloudflared proxy-dns at port 5054 based on alpine with some parameters to enable DNS over HTTPS proxy for pi-hole based on tutorials from Oliver Hough and Scott Helme
$ docker run --name cloudflared --rm --net host visibilityspots/cloudflared:latest
$ docker-compose up
$ docker run --name cloudflared --rm --net host -e UPSTREAM1=https://dns.google/dns-query visibilityspots/cloudflared:latest
$ docker run --name cloudflared --rm --net host -e PORT=5053 visibilityspots/cloudflared:latest
$ docker run --name cloudflared --rm --net host -e ADDRESS=:: visibilityspots/cloudflared:latest
$ docker run --name cloudflared --rm --net host -e MAX_UPSTREAM_CONNS=5 visibilityspots/cloudflared:latest
$ dig +short @10.0.0.2 -p 5054 visibilityspots.org
13.225.238.129
13.225.238.53
13.225.238.9
13.225.238.61
Build against pinned upstream release
$ docker build -t visibilityspots/cloudflared:latest .
Build against a specific upstream release
$ docker build -t visibilityspots/cloudflared:latest . --build-arg UPSTREAM_RELEASE_TAG=2021.5.10
$ docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
$ docker buildx build -t visibilityspots/cloudflared:latest --platform linux/amd64,linux/arm/v6,linux/arm/v7 --push .
I wrote some tests in a goss.yaml file which can be executed by dgoss to test the created image
$ dgoss run --name cloudflared --rm -ti visibilityspots/cloudflared:latest
INFO: Starting docker container
INFO: Container ID: e5bd35d3
INFO: Sleeping for 0.2
INFO: Running Tests
Process: cloudflared: running: matches expectation: [true]
Package: ca-certificates: installed: matches expectation: [true]
Command: cloudflared --version | head -1: exit-status: matches expectation: [0]
Command: cloudflared --version | head -1: stdout: matches expectation: [cloudflared version DEV (built unknown)]
Total Duration: 0.028s
Count: 4, Failed: 0, Skipped: 0
INFO: Deleting container
Distributed under the MIT license