-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.yml
46 lines (43 loc) · 1.43 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
version: "3.7"
services:
dns-server:
image: pihole/pihole:2022.12
restart: unless-stopped
# volumes:
# - $PWD/custom_hosts:/etc/pihole/custom.list:rw # use this for persistent custom hosts
# - $PWD/gravity.db:/etc/pihole/gravity.db:rw # use this for persistent adlists
ports:
- 54:80/tcp
- 53:53/udp
- 53:53/tcp
secrets:
- pihole_password
environment:
- WEBPASSWORD_FILE=/run/secrets/pihole_password
- DNSMASQ_LISTENING=all # required due to our internal subnet. remove this if you only intend to use cloudhole from within the subnet
- PIHOLE_DNS_=172.16.1.5#5054
extra_hosts:
cloudflared: 172.16.1.5 # optional - adds a readable hostname for the upstream resolver in the pi-hole web UI
# extra.host.domain.one: 192.168.1.2
# ...
networks:
default:
ipv4_address: 172.16.1.4
doh-proxy:
image: visibilityspots/cloudflared:2022.12.1-alpine-3.17
restart: unless-stopped
# environment: # if you want to change from the default cloudflare
# - UPSTREAM1=https://8.8.8.8/dns-query # Google DoH
# - UPSTREAM2=https://9.9.9.9/dns-query # Quad9 DoH
networks:
default:
ipv4_address: 172.16.1.5
networks:
default:
driver: bridge
ipam:
config:
- subnet: 172.16.1.0/29 # i think this is the smallest we can go
secrets:
pihole_password:
file: ./pwd # put the web password in this file