Beware: After using this some time, I installed pi-hole
directly on the host pi, as I didn't want to fiddle around to get the actual client IPs in the web UI of the dockerized Pi-Hole (all client IPs were the same because of the NAT/bridge networking). If you don't care about specific group/client rules for your pi-hole, docker setup might still be okay. If you know a solution, post it in the comments (DNSMASQ_LISTENING: all
is not the solution).
snap install rpi-imager
and write Raspberry Pi OS image to sdcardtouch ssh
inboot
partition to enable ssh (see/mnt/
)- put sdcard into raspberry pi and connect via lan cable to router and power the pi up
- go to router web ui and make sure the
raspberry
host always gets the same ip ssh pi@IP
(passwordraspberry
)sudo raspi-confi
(change password, set locales etc.)sudo apt-get update
sudo apt-get dist-upgrade
sudo apt-get install vim dnsutils apt-transport-https ca-certificates software-properties-common -y
Heimnetz > Heimnetzübersicht > Netzwerkeinstellungen > IPv6-Adressen
Unique Local Addresses (ULA) immer zuweisen
ULA-Präfix manuell festlegen
fd00::
Heimnetz > Netzwerk > raspberry/pihole > Bearbeiten
- Name
pihole
Diesem Netzwerkgerät immer die gleiche IPv4-Adresse zuweisen.
- Name
curl -sSL -o install.sh https://get.docker.com
sh install.sh
sudo usermod -aG docker pi
sudo docker info
sudo systemctl enable docker
sudo vim /etc/docker/daemon.json
(see ip inip -6 a
or fritzbox UI for the device)
{
"ipv6": true,
"omgomgomg": "fd00::/64",
"fixed-cidr-v6": "fd00::1c52:23ac:3c11:a24d/64"
}
sudo systemctl reload docker
sudo systemctl status docker
docker network create --ipv6 --driver bridge --subnet "fd01::/64" ipv6
sudo pip3 install docker-compose
mkdir pihole && cd pihole
vim docker-compose.yml
version: "3"
# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/
services:
pihole:
container_name: pihole
image: pihole/pihole:latest
ports:
- "53:53/tcp"
- "53:53/udp"
# - "67:67/udp"
- "80:80/tcp"
- "443:443/tcp"
environment:
TZ: 'Europe/Berlin'
WEBPASSWORD: 'yoursecretpassword'
IPv6: 'true'
ServerIP: '192.168.178.31'
ServerIPv6: 'fd00::1c52:23ac:3c11:a24d'
VIRTUAL_HOST: 'pihole.local'
DNS1: '1.1.1.1'
DNS2: '8.8.8.8'
# local | all | NIC
DNSMASQ_LISTENING: 'local'
dns:
- 127.0.0.1
- 1.1.1.1
- 8.8.8.8
sysctls:
- net.ipv6.conf.all.disable_ipv6=0
restart: unless-stopped
# Volumes store your data between container upgrades
volumes:
- './etc-pihole/:/etc/pihole/'
- './etc-dnsmasq.d/:/etc/dnsmasq.d/'
# Recommended but not required (DHCP needs NET_ADMIN) https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
#cap_add:
# - NET_ADMIN
networks:
default:
external:
name: ipv6
sudo docker-compose up --detach
dig AAAA heise.de -6 @pihole
sudo docker-compose logs
Heimnetz > Heimnetzübersicht > Netzwerkeinstellungen > IPv6-Adressen
- set fixed fd00 ipv6 address as local DNS server
Heimnetz > Heimnetzübersicht > Netzwerkeinstellungen > IPv4-Konfiguration
- set fixed ipv4 address as local DNS server
- Alternative: put Fritzbox IP in Pi-Hole WebUI as custom upstream DNS server (this might lead to guest wifi being w/o pi-hole DNS)
sudo vim /boot/config
and adddtoverlay=disable-wifi
anddtoverlay=disable-bt
- to disable LEDs try this in boot config:
# Disable the PWR LED
dtparam=pwr_led_trigger=none
dtparam=pwr_led_activelow=off
# Disable the Activity LED
dtparam=act_led_trigger=none
dtparam=act_led_activelow=off
# Disable Ethernet LEDs
dtparam=eth_led0=14
dtparam=eth_led1=14
- manually turn off the power LED:
sudo sh -c 'echo 0 > /sys/class/leds/led1/brightness'
- manually turn off the action LED:
sudo sh -c 'echo 0 > /sys/class/leds/led0/brightness'