container/pdns/docker-compose-traefik.yml

version: "3.9"

services:
  powerdns:
    image: ${PDNS_IMAGE:-powerdns/pdns:latest}
    container_name: ${PDNS_CONTAINER_NAME:-powerdns}
    restart: unless-stopped
    
    # Die Umgebungsvariablen dienen jetzt nur noch als Futter für das Script
    environment:
      PDNS_API_KEY: ${PDNS_API_KEY:-changeme}
      PDNS_API_ALLOW_FROM: ${PDNS_API_ALLOW_FROM:-0.0.0.0/0,::/0}
      PDNS_LAUNCH: ${PDNS_LAUNCH:-gsqlite3}
      PDNS_GSQLITE3_DATABASE: ${PDNS_GSQLITE3_DATABASE:-/data/pdns.sqlite3}
      PDNS_GPGSQL_HOST: ${PDNS_GPGSQL_HOST:-}
      PDNS_GPGSQL_PORT: ${PDNS_GPGSQL_PORT:-5432}
      PDNS_GPGSQL_USER: ${PDNS_GPGSQL_USER:-}
      PDNS_GPGSQL_PASSWORD: ${PDNS_GPGSQL_PASSWORD:-}
      PDNS_GPGSQL_DBNAME: ${PDNS_GPGSQL_DBNAME:-}
      PDNS_LOG_LEVEL: ${PDNS_LOG_LEVEL:-6}

    entrypoint: ["/bin/sh","-lc"]
    command:
      - |
        set -eu
        mkdir -p /etc/powerdns/pdns.d
        
        # Sicherstellen, dass der /data Ordner existiert und beschreibbar ist
        mkdir -p /data
        chmod 777 /data
        
        PDNS_BIN=$$(which pdns_server || echo "/usr/local/sbin/pdns_server")
        
        if [ "$${PDNS_LAUNCH}" = "gsqlite3" ] && [ ! -f "$${PDNS_GSQLITE3_DATABASE}" ]; then
          echo "SQLite database not found. Creating and importing schema..."
          
          # Suche nach dem Schema-File
          for f in /usr/local/share/doc/pdns/schema.sqlite3.sql /usr/share/doc/pdns/schema.sqlite3.sql /etc/powerdns/schema.sqlite3.sql; do
            if [ -f "$$f" ]; then SCHEMA_PATH="$$f"; break; fi
          done
          
          if [ -n "$${SCHEMA_PATH:-}" ]; then
             # Erstelle die Datei und setze sofort Rechte
             touch "$${PDNS_GSQLITE3_DATABASE}"
             chmod 666 "$${PDNS_GSQLITE3_DATABASE}"
             sqlite3 "$${PDNS_GSQLITE3_DATABASE}" < "$$SCHEMA_PATH"
             echo "Schema imported successfully."
          else
             echo "Warning: No schema file found. Initializing empty file."
             touch "$${PDNS_GSQLITE3_DATABASE}"
             chmod 666 "$${PDNS_GSQLITE3_DATABASE}"
          fi
        fi

        # Konfiguration schreiben
        cat > /etc/powerdns/pdns.d/99-env.conf <<EOF
        api=yes
        webserver=yes
        webserver-address=0.0.0.0
        webserver-port=8081
        api-key=$${PDNS_API_KEY}
        webserver-allow-from=$${PDNS_API_ALLOW_FROM}
        loglevel=$${PDNS_LOG_LEVEL}
        launch=$${PDNS_LAUNCH}
        gsqlite3-database=$${PDNS_GSQLITE3_DATABASE}
        EOF

        echo "Starting PowerDNS..."
        exec $$PDNS_BIN --daemon=no --guardian=no --control-console


    volumes:
      - ${PDNS_DATA_PATH:-pdns-data}:/data

    networks:
      - proxy

    ports:
      - "${PDNS_PUBLIC_IPV4:-0.0.0.0}:${PDNS_PUBLIC_PORT:-53}:53/tcp"
      - "${PDNS_PUBLIC_IPV4:-0.0.0.0}:${PDNS_PUBLIC_PORT:-53}:53/udp"
      - "[${PDNS_PUBLIC_IPV6:-::}]:${PDNS_PUBLIC_PORT6:-53}:53/tcp"
      - "[${PDNS_PUBLIC_IPV6:-::}]:${PDNS_PUBLIC_PORT6:-53}:53/udp"

    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.powerdns.rule=Host(`${PDNS_TRAEFIK_HOST:-dns.example.com}`)"
      - "traefik.http.routers.powerdns.entrypoints=${PDNS_TRAEFIK_ENTRYPOINT:-websecure}"
      - "traefik.http.routers.powerdns.tls=true"
      - "traefik.http.routers.powerdns.tls.certresolver=${PDNS_TRAEFIK_CERTRESOLVER:-letsencrypt}"
      - "traefik.http.services.powerdns.loadbalancer.server.port=8081"
      - "traefik.http.routers.powerdns-insecure.rule=Host(`${PDNS_TRAEFIK_HOST:-dns.example.com}`)"
      - "traefik.http.routers.powerdns-insecure.entrypoints=web"
      - "traefik.http.routers.powerdns-insecure.middlewares=powerdns-redirect"
      - "traefik.http.middlewares.powerdns-redirect.redirectscheme.scheme=https"

volumes:
  pdns-data:

networks:
  proxy:
    external: true