devzwf/pihole-dot-doh

docker

Hub

By devzwf

•Updated about 8 hours ago

Official pihole docker both DoT (DNS over TLS) , DoH (DNS over HTTPS) and unbound.

Image

Networking

Security

50K+

Overview Tags

pihole-dot-doh

Official pihole docker with both DoT (DNS over TLS) and DoH (DNS over HTTPS) clients. Don't browse the web securely and yet still send your DNS queries in plain text!

Usage:

For docker parameters, refer to official pihole docker readme⁠. Below is an docker compose example.

services:
  pihole:
    container_name: pihole-dot-doh
    image: devzwf/pihole-dot-doh:latest
    hostname: pihole1
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "67:67/udp"
      - "82:80/tcp"
    environment:
      TZ: 'America/Toronto'
      #WEBPASSWORD: 'password'
      PIHOLE_DNS_: '127.1.1.1#5153;127.2.2.2#5253'
      #INTERFACE: 'br0'
      FTLCONF_LOCAL_IPV4: '<IP of the docker host>'
      FTLCONF_LOCAL_IPV6: ''
      IPv6: 'False'
      DNSMASQ_LISTENING: 'all'
      # Use boxed layout (helpful when working on large screens)
      #WEBUI BOXED LAYOUT: 'boxed'
    # Volumes store your data between container upgrades
    volumes:
      - './pihole/:/etc/pihole/'
      - './dnsmasq.d/:/etc/dnsmasq.d/'
      - './config/:/config'
      - './log/pihole/:/var/log/pihole
      #Unbound Log if you need it
      #- './log/unbound/:/var/log/unbound
    cap_add:
      - NET_ADMIN
    restart: unless-stopped

Notes:

Remember to set pihole env DNS1 and DNS2 to use the DoH / DoT IP below. If either DNS1 or DNS2 is NOT set, Pihole will use a non-encrypted service.
- DoH service (cloudflared) runs at 127.1.1.1#5153. Uses cloudflare (1.1.1.1 / 1.0.0.1) by default
- DoT service (stubby) runs at 127.2.2.2#5253. Uses google (8.8.8.8 / 8.8.4.4) by default
- Unbound service run at 127.0.0.1#5335
In addition to the 2 official paths, you can also map container /config to expose configuration yml files for cloudflared (cloudflared.yml) and stubby (stubby.yml).
- Edit these files to add / remove services as you wish. The flexibility is yours.
Credits:
- Pihole base image is the official pihole/pihole:latest
- Cloudflared client was obtained from official site⁠
- Stubby is a standard debian package
- doh and dot was based from https://github.com/testdasi/pihole-dot-doh⁠
- Joly0 for the unbound integration (https://github.com/Joly0⁠)
- updated since other container was falling behind version : Github repo⁠

Support

Docker Pull Command

docker pull devzwf/pihole-dot-doh