simono41/docker-pihole-unbound
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
docker-pihole-unbound/README.md
Chris Crowe c663694b53 Updating README
2019-02-02 17:04:08 -08:00

59 lines
No EOL
2 KiB
Markdown
Raw Blame History

# Pi-Hole + Unbound on Docker (works on Synology)
## Description
Running Pi-Hole in Docker can be challenging due to networking requirements by Pi-Hole, this is especially true when the ports that Pi-Hole uses are shared by the host it's running on (this is true for Synology in the default configuration).
This project uses a [`macvlan` Docker network](https://docs.docker.com/network/macvlan/) to place your containers on your main network, with their own IP addresses and MAC addresses. Pi-Hole uses Unbound as it's resolver, and Unbound uses Cloudflare (1.1.1.1) upstream in order to support DNSSEC and DNS-over-TLS.
- Uses 2 Containers
- Pi-Hole ([pihole/pihole](https://hub.docker.com/r/pihole/pihole)) - Official from Pi-Hole
- Unbound ([mvance/unbound](https://hub.docker.com/r/mvance/unbound))
## Instructions
### Before running...
- Update some things in the docker compose, such as your IP addresses/subnets.
- Add a `.env` file next to the docker-compose.yaml so you can pass in the `${WEBPASSWORD}`
- Update the secondary/backup nameserver in the `resolv.conf` file
- Lastly you might want to provide some manual DNS entries in the `dnsmasq.conf` and/or `hosts` files
### Run it!
```bash
sudo docker-compose up -d
```
### Test it!
Test your configuration with dig:
```bash
dig google.com @192.168.1.248
# Expecting "status: NOERROR"
```
You can also test for DNSSEC functionality:
```bash
dig sigfail.verteiltesysteme.net @192.168.1.248
# Expecting "status: SERVFAIL"
dig sigok.verteiltesysteme.net @192.168.1.248
# Expecting "status: NOERROR"
```
### Serve it!
If all looks good, configure your router/DHCP server to serve your new Pi-Hole IP address (`192.168.1.248`) to your clients.
## Acknowledgements
- [http://tonylawrence.com/posts/unix/synology/free-your-synology-ports/][link1]
- [https://github.com/MatthewVance/unbound-docker][link2]
[link1]: http://tonylawrence.com/posts/unix/synology/free-your-synology-ports/
[link2]: https://github.com/MatthewVance/unbound-docker
Reference in a new issue View git blame Copy permalink