From dccf1b97c8cb6ebf7503970d132e566ace26195d Mon Sep 17 00:00:00 2001 From: stratself Date: Mon, 30 Mar 2026 09:14:08 +0000 Subject: [PATCH] docs(docker): Rewrite Docker DNS workaround with custom resolv.conf Instead of /etc/resolv.conf on host. This works around the systemd-resolved footgunning issue and provide an inline way to configure resolvers, separate from that of the host system. --- docs/deploying/docker.mdx | 30 +++++++++------ .../deploying/docker-compose.for-traefik.yml | 9 +++++ .../docker-compose.with-caddy-labels.yml | 12 +++++- .../deploying/docker-compose.with-caddy.yml | 37 +++++++++++-------- .../deploying/docker-compose.with-traefik.yml | 11 +++++- docs/public/deploying/docker-compose.yml | 10 +++++ 6 files changed, 78 insertions(+), 31 deletions(-) diff --git a/docs/deploying/docker.mdx b/docs/deploying/docker.mdx index 450010001..27b7e578c 100644 --- a/docs/deploying/docker.mdx +++ b/docs/deploying/docker.mdx @@ -112,19 +112,25 @@ See the [reference configuration](../reference/config) page for all config optio These examples include reverse proxy configurations for Matrix federation, which will route your Matrix domain (and optionally .well-known paths) to Continuwuity. -:::note DNS Performance -Docker's default DNS resolver can cause performance issues with Matrix -federation. If you experience slow federation or DNS timeouts, you may need to -use your host's DNS resolver instead. Add this volume mount to the -`continuwuity` service: +:::note Docker DNS Performance +Docker's default DNS resolver are known to cause issues for Matrix federation, such as very slow federation or DNS timeout. As a workaround, we will mount a custom `/etc/resolv.conf` config file into the Continuwuity service, in order to bypass Docker and use a more performant resolver. -```yaml -volumes: - - /etc/resolv.conf:/etc/resolv.conf:ro +```yaml title='docker-compose.yml' +services: + homeserver: + # ... + configs: + - source: continuwuity-resolv.conf + target: /etc/resolv.conf + +configs: + continuwuity-resolv.conf: + content: | + nameserver 1.0.0.1 + nameserver 1.1.1.1 ``` -See [Troubleshooting - DNS Issues](../troubleshooting.mdx#potential-dns-issues-when-using-docker) -for more details and alternative solutions. +See [**Troubleshooting - DNS Issues**](../troubleshooting.mdx#potential-dns-issues-when-using-docker) for more details and alternative solutions. ::: #### Caddy (using Caddyfile) @@ -197,9 +203,9 @@ You will then need to point your reverse proxy towards Continuwuity at `127.0.0. ### Starting Your Server -1. Choose your compose file and rename it to `docker-compose.yml` +1. Choose your compose file from the above, and rename it to `docker-compose.yml`. Edit values as you see fit. 2. If using the override file, rename it to `docker-compose.override.yml` and - edit your values + edit your values. 3. Start the server: ```bash diff --git a/docs/public/deploying/docker-compose.for-traefik.yml b/docs/public/deploying/docker-compose.for-traefik.yml index 9878bf07a..36ef07c01 100644 --- a/docs/public/deploying/docker-compose.for-traefik.yml +++ b/docs/public/deploying/docker-compose.for-traefik.yml @@ -39,6 +39,9 @@ services: nofile: soft: 1048567 hard: 1048567 + configs: # using custom resolver instead of Docker's + - source: continuwuity-resolv.conf + target: /etc/resolv.conf volumes: db: @@ -48,3 +51,9 @@ networks: # name, don't forget to change it here and in the docker-compose.override.yml proxy: external: true + +configs: + continuwuity-resolv.conf: + content: | + nameserver 1.0.0.1 + nameserver 1.1.1.1 \ No newline at end of file diff --git a/docs/public/deploying/docker-compose.with-caddy-labels.yml b/docs/public/deploying/docker-compose.with-caddy-labels.yml index fd80a9856..306f78aa5 100644 --- a/docs/public/deploying/docker-compose.with-caddy-labels.yml +++ b/docs/public/deploying/docker-compose.with-caddy-labels.yml @@ -24,7 +24,6 @@ services: command: /sbin/conduwuit volumes: - db:/var/lib/continuwuity - - /etc/resolv.conf:/etc/resolv.conf:ro # Use the host's DNS resolver rather than Docker's. #- ./continuwuity.toml:/etc/continuwuity.toml environment: CONTINUWUITY_SERVER_NAME: example.com # EDIT THIS @@ -41,9 +40,18 @@ services: labels: caddy: matrix.example.com caddy.reverse_proxy: "{{upstreams 8008}}" - + configs: # using custom resolver instead of Docker's + - source: continuwuity-resolv.conf + target: /etc/resolv.conf volumes: db: networks: caddy: + +configs: + continuwuity-resolv.conf: + content: | + nameserver 1.0.0.1 + nameserver 1.1.1.1 + diff --git a/docs/public/deploying/docker-compose.with-caddy.yml b/docs/public/deploying/docker-compose.with-caddy.yml index 609d67fd8..46c357938 100644 --- a/docs/public/deploying/docker-compose.with-caddy.yml +++ b/docs/public/deploying/docker-compose.with-caddy.yml @@ -1,16 +1,3 @@ -networks: - caddy: - -volumes: - db: - -configs: - dynamic.yml: - content: | - https://example.com, https://example.com:8448 { - reverse_proxy http://homeserver:8008 - } - services: caddy: image: docker.io/caddy:latest @@ -33,7 +20,6 @@ services: command: /sbin/conduwuit volumes: - db:/var/lib/continuwuity - - /etc/resolv.conf:/etc/resolv.conf:ro # Use the host's DNS resolver rather than Docker's. #- ./continuwuity.toml:/etc/continuwuity.toml environment: CONTINUWUITY_SERVER_NAME: example.com @@ -42,4 +28,25 @@ services: CONTINUWUITY_PORT: 8008 #CONTINUWUITY_CONFIG: '/etc/continuwuity.toml' # Uncomment if you mapped config toml above networks: - - caddy \ No newline at end of file + - caddy + configs: # using custom resolvers instead of Docker's + - source: continuwuity-resolv.conf + target: /etc/resolv.conf + +networks: + caddy: + +volumes: + db: + +configs: + dynamic.yml: + content: | + https://example.com, https://example.com:8448 { + reverse_proxy http://homeserver:8008 + } + + continuwuity-resolv.conf: + content: | + nameserver 1.0.0.1 + nameserver 1.1.1.1 diff --git a/docs/public/deploying/docker-compose.with-traefik.yml b/docs/public/deploying/docker-compose.with-traefik.yml index 9bb25084d..e6815be83 100644 --- a/docs/public/deploying/docker-compose.with-traefik.yml +++ b/docs/public/deploying/docker-compose.with-traefik.yml @@ -7,7 +7,6 @@ services: command: /sbin/conduwuit volumes: - db:/var/lib/continuwuity - - /etc/resolv.conf:/etc/resolv.conf:ro # Use the host's DNS resolver rather than Docker's. #- ./continuwuity.toml:/etc/continuwuity.toml networks: - proxy @@ -37,6 +36,9 @@ services: nofile: soft: 1048567 hard: 1048567 + configs: # using custom resolver instead of Docker's + - source: continuwuity-resolv.conf + target: /etc/resolv.conf traefik: image: "traefik:latest" @@ -48,7 +50,6 @@ services: volumes: - "/var/run/docker.sock:/var/run/docker.sock:z" - "acme:/etc/traefik/acme" - #- "./traefik_config:/etc/traefik:z" labels: - "traefik.enable=true" @@ -90,3 +91,9 @@ volumes: networks: proxy: + +configs: + continuwuity-resolv.conf: + content: | + nameserver 1.0.0.1 + nameserver 1.1.1.1 \ No newline at end of file diff --git a/docs/public/deploying/docker-compose.yml b/docs/public/deploying/docker-compose.yml index ff472e54c..0737bca39 100644 --- a/docs/public/deploying/docker-compose.yml +++ b/docs/public/deploying/docker-compose.yml @@ -16,6 +16,16 @@ services: CONTINUWUITY_ADDRESS: 0.0.0.0 CONTINUWUITY_PORT: 8008 #CONTINUWUITY_CONFIG: '/etc/continuwuity.toml' # Uncomment if you mapped config toml above + configs: # using custom resolver instead of Docker's + - source: continuwuity-resolv.conf + target: /etc/resolv.conf + volumes: db: + +configs: + continuwuity-resolv.conf: + content: | + nameserver 1.0.0.1 + nameserver 1.1.1.1 \ No newline at end of file