From b9de99ab6f7bd1486d439dc00d0c9becacc984d4 Mon Sep 17 00:00:00 2001
From: Matt Speer <mwspeer@gmail.com>
Date: Mon, 15 Dec 2025 11:07:55 -0600
Subject: [PATCH] initial commit

---
 README.MD           | 25 +++++++++++++++++++++++++
 docker-compose.yaml | 11 +++++++++++
 etc/dnsmasq.conf    | 11 +++++++++++
 3 files changed, 47 insertions(+)
 create mode 100644 README.MD
 create mode 100644 docker-compose.yaml
 create mode 100644 etc/dnsmasq.conf

diff --git a/README.MD b/README.MD
new file mode 100644
index 0000000..f6a9c51
--- /dev/null
+++ b/README.MD
@@ -0,0 +1,25 @@
+# DNSMASQ
+
+Service Criticality:  Low
+
+## Description
+DNSmasq is a lightweight, open-source service that provides DNS (Domain Name System) and DHCP (Dynamic Host Configuration Protocol) services to a network.
+
+## Use
+We use dnsmasq to resolve hosts within the home network.  This allows us to use the same URLs both inside and outside the network.  Inside the network, the hosts resolve to an internal network address using dnsmasq.
+
+## Installation/Recovery
+
+Pre-requisites
+* Portainer
+* Gitlab
+
+Create a new stack named dnsmasq
+Choose *Repository* for the Build Method
+Enable the authentication slider
+The repository URL is https://gitlab.speerfam.net/mattspeer/dnsmasq
+
+## Backup
+The one file that should be backed up is 'dnsmasq.conf'.  It is mounted on the host in '/home/mattspeer/docker/dnsmasq'
+
+https://hub.docker.com/r/strm/dnsmasq
\ No newline at end of file
diff --git a/docker-compose.yaml b/docker-compose.yaml
new file mode 100644
index 0000000..3150065
--- /dev/null
+++ b/docker-compose.yaml
@@ -0,0 +1,11 @@
+services:
+  dnsmasq:
+    restart: always
+    image: strm/dnsmasq
+    container_name: dnsmasq
+    volumes:
+      - /home/mattspeer/docker/dnsmasq/dnsmasq.conf:/etc/dnsmasq.conf
+    ports:
+      - "192.168.4.20:53:53/udp"
+    cap_add:
+      - NET_ADMIN
\ No newline at end of file
diff --git a/etc/dnsmasq.conf b/etc/dnsmasq.conf
new file mode 100644
index 0000000..cc60064
--- /dev/null
+++ b/etc/dnsmasq.conf
@@ -0,0 +1,11 @@
+#log all dns queries
+log-queries
+#dont use hosts nameservers
+no-resolv
+#use Cloudflare for families (malware blocking) as default nameservers
+server=1.1.1.2
+server=1.0.0.2
+#explicitly define host-ip mappings
+address=/speerfam.net/192.168.4.20
+#Baylor's domain DNS forwarding
+server=/netx/192.168.4.64
\ No newline at end of file