simono41/docker-pihole-unbound
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Updating README and cleaning up docker-compose

Browse source
This commit is contained in:
Chris Crowe 2019-02-02 16:53:58 -08:00
parent 6bfcb147fe
commit a4c8e0932f
2 changed files with 50 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

50
README.md
View file

@ -1,4 +1,52 @@
# docker-pihole-unbound # Pi-Hole + Unbound on Docker (works on Synology)
## Description
Running Pi-Hole in Docker can be challenging due to networking requirements by Pi-Hole, this is especially true when the ports that Pi-Hole uses are shared by the host it's running on (this is true for Synology in the default configuration).
This project uses a [`macvlan` Docker network](https://docs.docker.com/network/macvlan/) to place your containers on your main network, with their own IP addresses and MAC addresses. Pi-Hole uses Unbound as it's resolver, and Unbound uses Cloudflare (1.1.1.1) upstream in order to support DNSSEC and DNS-over-TLS.
- Uses 2 Containers
- Pi-Hole ([pihole/pihole](https://hub.docker.com/r/pihole/pihole)) - Official from Pi-Hole
- Unbound ([mvance/unbound](https://hub.docker.com/r/mvance/unbound))
## Instructions
#### Before running
- Update some things in the docker compose, such as your IP addresses/subnets.
- Add a `.env` file next to the docker-compose.yaml so you can pass in the `${WEBPASSWORD}`
- Update the secondary/backup nameserver in the `resolv.conf` file
- Lastly you might want to provide some manual DNS entries in the `dnsmasq.conf` and/or `hosts` files
#### Then run it
```bash
sudo docker-compose up -d
```
#### After
Test your configuration with dig:
```bash
dig @192.168.1.248 google.com
# Expecting "status: NOERROR"
```
You can also test for DNSSEC functionality:
```bash
dig sigfail.verteiltesysteme.net @ 192.168.1.248
# Expecting "status: SERVFAIL"
dig sigok.verteiltesysteme.net @ 192.168.1.248
# Expecting "status: NOERROR"
```
If all looks good, configure your router/DHCP server to serve your new Pi-Hole IP address (`192.168.1.248`) to your clients.
### Acknowledgements ### Acknowledgements

6
docker-compose.yaml
View file

@ -5,7 +5,6 @@ services:
container_name: pihole container_name: pihole
image: pihole/pihole:latest image: pihole/pihole:latest
hostname: syn-hole hostname: syn-hole
# domainname: my.network
mac_address: d0:ca:ab:cd:ef:01 mac_address: d0:ca:ab:cd:ef:01
cap_add: cap_add:
- NET_ADMIN - NET_ADMIN
@ -13,12 +12,11 @@ services:
- 443/tcp - 443/tcp
- 53/tcp - 53/tcp
- 53/udp - 53/udp
# - 67/udp # - 67/udp # Uncomment if you want to use Pi-Hole for DHCP
- 80/tcp - 80/tcp
environment: environment:
ServerIP: 192.168.1.248 ServerIP: 192.168.1.248
WEBPASSWORD: ${WEBPASSWORD} WEBPASSWORD: ${WEBPASSWORD}
# VIRTUAL_HOST: pihole.my.network
DNS1: 192.168.1.249 DNS1: 192.168.1.249
DNS2: 192.168.1.13 DNS2: 192.168.1.13
volumes: volumes:
@ -36,8 +34,6 @@ services:
image: mvance/unbound:latest image: mvance/unbound:latest
hostname: syn-unbound hostname: syn-unbound
mac_address: d0:ca:ab:cd:ef:02 mac_address: d0:ca:ab:cd:ef:02
# cap_add:
# - NET_ADMIN
ports: ports:
- 53/tcp - 53/tcp
- 53/udp - 53/udp