-
Notifications
You must be signed in to change notification settings - Fork 0
/
pihole-compose.yml
executable file
·44 lines (42 loc) · 1.53 KB
/
pihole-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
# ------------------------------------------------------------------------------------
# Pi-Hole is an ad-blocking DNS sinkhole that runs to block ads for connected devices.
# I run it in bridge mode, but it can also be run on host network and via macvlan.
# Bridge is the best of both worlds for me because it can be set up with reverse proxy
# and easily run on the entire network seamlessly. It should be noted that bridge mode
# means that it *necessarily* blocks across the entire network, so if there are
# incorrect blockers then Pi-Hole will have to be temporarily disabled or whitelisted.
# ------------------------------------------------------------------------------------
secrets:
pihole-webpassword:
file: /volume1/docker/secrets/pihole_webpassword
services:
pihole:
image: pihole/pihole:latest
container_name: pihole
hostname: NAS
cap_add:
- CAP_NET_RAW
- CAP_NET_BIND_SERVICE
- CAP_CHOWN
secrets:
- pihole-webpassword
environment:
- PIHOLE_UID=${UID}
- PIHOLE_GID=${GID}
- WEB_UID=${UID}
- WEB_GID=${GID}
- TZ=America/New_York
- WEBPASSWORD_FILE=/run/secrets/pihole-webpassword
- DNSMASQ_LISTENING=local
- WEB_PORT=8000
- DNSMASQ_USER=pihole
- FTLCONF_LOCAL_IPV4=192.168.1.100
- FTLCONF_CHECK_LOAD=false
volumes:
- /volume1/docker/pihole/dnsmasq.d:/etc/dnsmasq.d
- /volume1/docker/pihole/pihole:/etc/pihole
ports:
- 8001:8000
- 53:53/udp
network_mode: synobridge
restart: unless-stopped