I am…

  • 👽 Owner and operator of the grey.fail ecosystem.
  • ✋ Based in Grand Rapids.
  • 🔥 Bad at computers.

I like…

  • ✅ #python
  • ✅ #docker
  • ✅ #LiminalSpace
  • ✅ #linux
  • ✅ #BlackCats
  • 0 Posts
  • 15 Comments
Joined 5 months ago
cake
Cake day: January 6th, 2025

help-circle
  • services:
    
      pihole:
        container_name: pihole
        image: pihole/pihole:latest
        hostname: sheldon
        environment:
          HOST_CONTAINERNAME: pihole
          TZ: ${TZ}
          WEBPASSWORD: ${WEBPASSWORD}
          DNSMASQ_LISTENING: "all"
          PIHOLE_DNS_1: "unbound#53"
        ports:
          - "53:53/tcp"
          - "53:53/udp"
          - "67:67/udp" # Only required if you are using Pi-hole as your DHCP server
          - "8080:80/tcp"
        # network_mode: host
        dns:
          - 127.0.0.1
        networks:
          dns:
            ipv4_address: 172.22.0.2
        volumes:
          - /mnt/appdata/pihole/etc-pihole:/etc/pihole
          - /mnt/appdata/pihole/etc-dnsmasq.d:/etc/dnsmasq.d
        restart: unless-stopped
        depends_on:
          unbound:
            condition: service_healthy
    
      unbound:
        container_name: unbound
        image: klutchell/unbound:latest
        networks:
          dns:
            ipv4_address: 172.22.0.3
        volumes:
          - /mnt/appdata/unbound:/opt/unbound/etc/unbound/custom
        restart: unless-stopped
        healthcheck:
          test: ["CMD", "dig", "google.com", "@127.0.0.1"]
          interval: 10s
          timeout: 5s
          retries: 5
    
      wg-easy:
        container_name: wg-easy
        image: ghcr.io/wg-easy/wg-easy:15
        ports:
          - "51820:51820/udp"
          - "51821:51821/tcp"
        # environment:
        #   TZ: ${TZ}
        #   LANG: en
        #   WG_HOST: ${WG_HOST}
        #   PASSWORD_HASH: ${PASSWORD_HASH}
        #   WG_DEFAULT_DNS: 172.22.0.2
        #   WG_MTU: 1420
        networks:
          dns:
            ipv4_address: 172.22.0.4
        volumes:
          - /mnt/appdata/wg-easy:/etc/wireguard
          - /lib/modules:/lib/modules:ro
        cap_add:
          - NET_ADMIN
          - SYS_MODULE
        sysctls:
          - net.ipv4.ip_forward=1
          - net.ipv4.conf.all.src_valid_mark=1
          - net.ipv6.conf.all.disable_ipv6=0
          - net.ipv6.conf.all.forwarding=1
          - net.ipv6.conf.default.forwarding=1
        restart: unless-stopped
    
    networks:
      dns:
        external: true
    

    Feel free to just delete the wg-easy service.