version: '3.7'
services:
  cloudflared:
    image: visibilityspots/cloudflared
    container_name: cloudflared
    ports:
      - "5054:5054/tcp"
      - "5054:5054/udp"
    environment:
      - TZ=${TIMEZONE}
      - PORT=5054
      - ADDRESS=0.0.0.0
    restart: always
    networks:
      dns-net:
        ipv4_address: 172.20.0.2

  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "67:67/udp"
      - "8080:80/tcp"
      - "8443:443/tcp"
    environment:
      - TZ=${TIMEZONE}
      - PIHOLE_DNS_=172.20.0.2#5054;1.1.1.1 # referencing by name results in "Invalid IP detected in PIHOLE_DNS_: cloudflared#5054"
      - WEBPASSWORD=${PIHOLE_PW}
      - REV_SERVER=true
      - REV_SERVER_TARGET=${PIHOLE_ROUTER_IP}
      - REV_SERVER_DOMAIN=${PIHOLE_NETWORK_DOMAIN}
      - REV_SERVER_CIDR=${PIHOLE_REVERSE_DNS}
      - ServerIP=${PIHOLE_HOST_IP}
      - ServerIPv6=${PIHOLE_HOST_IPV6}
    #dns:
      #- 127.0.0.1 # "Sets your container's resolve settings to localhost so it can resolve DHCP hostnames [...]" - github.com/pi-hole/docker-pi-hole
      #- 1.1.1.1 # Backup server
    volumes: # store your data between container upgrades
      - "/etc/pihole/:/etc/pihole/"
      - "/etc/dnsmasq.d/:/etc/dnsmasq.d/"
    cap_add:
      - NET_ADMIN # Recommended but not required (DHCP needs NET_ADMIN) https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
    depends_on:
      - "cloudflared"
    restart: always
    networks:
      - dns-net

networks:
  dns-net:
    ipam:
      config:
        - subnet: 172.20.0.0/24