Deploy mailserver with Docker: customize config of service unbound

Hello,
I’m considering to migrate to a docker based mailserver deployment. This deployment includes several services, e.g. Unbound.
However I need to understand how to customize unbound configuration to enhance DNSSEC, DoT, unbound-control, etc.
This would result in an override of /etc/unbound.conf with

# The following line includes additional configuration files from the
# /etc/unbound/unbound.conf.d directory.
include-toplevel: "/etc/unbound/unbound.conf.d/*.conf"

The relevant section in docker-compose.yml file is this:

 resolver:
    image: ${DOCKER_ORG:-ghcr.io/mailu}/${DOCKER_PREFIX:-}unbound:${MAILU_VERSION:-2.0}
    env_file: mailu.env
    restart: always
    networks:
      default:
        ipv4_address: 172.16.1.254

Can you please advise how to proceed?
Or can you consider this as a feature request?

THX

If you want to change a file in a Docker container, you can

  1. Create a new image from the original one, and add the updated config to it
  2. Run the container from the original image and mount the updated config file, for example with a bind mount from a local file on host.

Is it not possible to create a volume and write all relevant configuration files to this volume?

That’s possible, too. Just a tiny bit more complicated. Sorry I haven’t mentioned it.

I think it makes sense to follow the approach that’s a combination of both, means

  • create new image from original
  • add volume for /etc/unbound/unbound.conf.d
  • modify configuration file /etc/unbound.conf and include include-toplevel: "/etc/unbound/unbound.conf.d/*.conf"