awesome-compose/pihole-cloudflared-DoH/README.md

108 lines
4.3 KiB
Markdown
Raw Normal View History

## Pi-hole with cloudflared DoH (DNS-Over-HTTPS)
This example provides a base setup for using [Pi-hole](https://docs.pi-hole.net/) with the [cloudflared DoH](https://docs.pi-hole.net/guides/dns/cloudflared/) service.
More details on how to customize the installation and the compose file can be found in [Docker Pi-hole documentation](https://github.com/pi-hole/docker-pi-hole).
Project structure:
```
.
├── .env
├── compose.yaml
└── README.md
```
[_compose.yaml_](compose.yaml)
``` yaml
services:
pihole:
image: pihole/pihole:latest
ports:
- "53:53/tcp"
- "53:53/udp"
- "67:67/udp"
- "8080:80/tcp"
- "8443:443/tcp"
...
cloudflared:
image: visibilityspots/cloudflared
ports:
- "5054:5054/tcp"
- "5054:5054/udp"
...
```
## Configuration
### .env
Before deploying this setup, you need to configure the following values in the [.env](.env) file.
- TZ ([time zone](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones))
- PIHOLE_PW (admin password)
- PIHOLE_ROUTER_IP (only needed for activated conditional forwarding)
- PIHOLE_NETWORK_DOMAIN (only needed for activated conditional forwarding)
- PIHOLE_HOST_IP (IPv4 address of your Pi-hole - needs to be static)
- PIHOLE_HOST_IPV6 (IPv6 address of your Pi-hole - can be empty if you only use IPv4)
### Conditional forwarding (optional, default: enabled)
If you would like to disable conditional forwarding, delete the environment variables starting with "CONDITIONAL_FORWARDING"
### Container DNS (optional, default: disabled)
In the docker compose file, dns is added as a comment. To enable dns remove '#' in front of the following lines:
``` yaml
dns:
- 127.0.0.1 # "Sets your container's resolve settings to localhost so it can resolve DHCP hostnames [...]" - github.com/pi-hole/docker-pi-hole
- 1.1.1.1 # Backup server
```
## Deploy with docker compose
When deploying this setup, the admin web interface will be available on port 8080 (e.g. http://localhost:8080/admin).
``` shell
$ docker compose up -d
Starting cloudflared ... done
Starting pihole ... done
```
## Expected result
Check containers are running and the port mapping:
```
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
afcf5ca4214c pihole/pihole:latest "/s6-init" 3 seconds ago Up 3 seconds (health: starting) 0.0.0.0:53->53/udp, 0.0.0.0:53->53/tcp, 0.0.0.0:67->67/udp, 0.0.0.0:8080->80/tcp, 0.0.0.0:8443->443/tcp pihole
dfd49ab7a372 visibilityspots/cloudflared "/bin/sh -c '/usr/lo…" 4 seconds ago Up 3 seconds (health: starting) 0.0.0.0:5054->5054/tcp, 0.0.0.0:5054->5054/udp cloudflared
```
Navigate to `http://localhost:8080` in your web browser to access the installed Pi-hole web interface.
Stop the containers with
``` shell
$ docker compose down
# To delete all data run:
$ docker compose down -v
```
## Troubleshooting
### - Starting / Stopping pihole-FTL loop:
Sometimes, it can happen that there occurs a problem starting pihole-FTL.
I personally had this issue when adding this line to the shared volumes:
```
- "/pihole/pihole.log:/var/log/pihole.log"
```
To fix this issue, I found this [issue](https://github.com/pi-hole/docker-pi-hole/issues/645#issuecomment-670809672),
which suggested adding an empty file (`touch /pihole/pihole.log`) to prevent it from creating a directory.
The directory would not allow starting pihole-FTL and result in something like this:
```
# Starting pihole-FTL (no-daemon) as root
# Stopping pihole-FTL
...
```
If you created an empty file, you may also check the ownership to prevent permission problems.
### - Installing on Ubuntu may conflict with `systemd-resolved` - see [Installing on Ubuntu](https://github.com/pi-hole/docker-pi-hole#installing-on-ubuntu-or-fedora) for help.
### - Environment variables are version-dependent
Environment variables like "CONDIIONAL_FORWARDING*" and "DNS1" are deprecated and replaced by e.g. "REV_SERVER*" and "PIHOLE_DNS" in version 5.8+.
Current information about environment variables can be found here: https://github.com/pi-hole/docker-pi-hole