Deploy coredns as a proxy to Docker's internal DNS

ansible/roles/coredns/files/Corefile

@@ -0,0 +1,21 @@
+. {
+    errors
+    cancel
+
+    # Only allow requests to `.docker` records
+    view docker {
+        expr name() matches '^[a-zA-Z0-9-_]+\\.docker\\.$'
+    }
+
+    # Strip the `.docker` suffix
+    rewrite name suffix .docker . answer auto
+
+    # Forward requests to Docker's DNS server
+    forward . 127.0.0.11
+}
+
+. {
+    acl {
+        block
+    }
+}

ansible/roles/coredns/files/docker-compose.yml

@@ -0,0 +1,16 @@
+version: "2.3"
+
+services:
+  coredns:
+    image: coredns/coredns:latest
+    volumes:
+      - ./Corefile:/home/nonroot/Corefile:ro
+    ports:
+      - "{{ private_ip }}:5353:53/udp"
+    networks:
+      - default
+      - traefik
+
+networks:
+  traefik:
+    external: true