Pihole and Unbound in Docker

1st Official Post

    I used the Docker Compose file supplied by macom in this thread to set up Pihole and Unbound. But similar to the OP of this thread, I have a container deployed successfully but the logs stop at "[✗] DNS resolution is currently unavailable" and I can't access anything. Here is my compose file:


    The logs are as follows:


    My router is 192.168.1.1 and my lan is on that same scheme. But my impression was that you didn't want to use those addresses because you are creating a separate VLAN. Any help is appreciated.

    • Official Post

    Here is a procedure to create a vlan for pihole with the compose plugin. https://wiki.omv-extras.org/do…_the_same_lan_as_the_host

    I see a few issues, you have pointed your pihole container to unbound but you have to configure PiHole to use unbound separately. You can do this by either logging into your pihole and selecting settings-DNS and add a custom dns entry that points to your unbound or add "- PIHOLE_DNS_=192.168.0.14" under DNS2 in the env section of pihole. A much easier way to do this is use the combined pihole-unbound image. I've modified my working compose file so you only have to change the volume locations and it should work for you in a singe container.


    Main-Srv: Xeon E5-2650 V4 32gb, OMV7 - 6.5.11-7-pve, Compose 7.0.3, Backup 7.0, Kernel 7.0.3, KVM 7.0.1, Resetperms 7.0, Sharerootfs 7.0-1, Wetty 7.0-1

    Mini-Srv: Intel N95 8gb, OMV6 - 6.2.16-20-pve, Compose 6.11.3, Kernel 6.4.9, MergFS 6.3.8, Resetperms 6.0.3, Sharerootfs 6.0.3-1, Wetty 6.0.7-1

    Inlaw's Srv: AMD A10-7800 16gb, OMV6 - 6.2.16-20-pve, Compose 6.11.3, Kernel 6.4.9, MergFS 6.3.8, Resetperms 6.0.3, Sharerootfs 6.0.3-1, Wetty 6.0.7-1

    being on topic... I would also like to install pihole with docker compose... but I have doubts!!

    1 I have a router inside my house that connects to a manager modem

    2 I have services on my Nas Omv in my home network such as Qbitorrent Jellyfin etc...

    3 I want all the devices connected to my local network to have no connection problems... on the contrary

    4 I also have home assistants in my network who manage my home automation..

    Could someone help me get pihole without making my life impossible on the internet?? sorry I'm inexperienced

    I've given up using Pihole on Docker in OMV. Because of my solar system, I wanted to have internet available at all times. But the NAS doesn't. Due to power consumption, OMV should only be available when it is needed. Nobody needs that at night. In the summer, there are also many periods when no one accesses the NAS. I outsourced Pihole/Unbound to a Dell Wyse 3040, consuming about 24 Wh per day (about 9kWh per year). The consumption is more than sufficiently compensated by the autoshutdown of the OMV server or you save electricity. If you use a Pi Zero 2 instead of a Dell Wyse 3040, the power consumption is even lower. So I'm satisfied. Pihole does not affect the local network.

    Quote from mischka

    I've given up using Pihole on Docker in OMV. Because of my solar system, I wanted to have internet available at all times. But the NAS doesn't. Due to power consumption, OMV should only be available when it is needed. Nobody needs that at night. In the summer, there are also many periods when no one accesses the NAS. I outsourced Pihole/Unbound to a Dell Wyse 3040, consuming about 24 Wh per day (about 9kWh per year). The consumption is more than sufficiently compensated by the autoshutdown of the OMV server or you save electricity. If you use a Pi Zero 2 instead of a Dell Wyse 3040, the power consumption is even lower. So I'm satisfied. Pihole does not affect the local network.

    so it's fine... thanks... but do I have to create a virtual network in the compose file to avoid having problems?? also because I use qbittorent a lot and then I have a Wireguard VPN that I use with OMV

    Quote from opennas

    so it's fine... thanks... but do I have to create a virtual network in the compose file to avoid having problems?? also because I use qbittorent a lot and then I have a Wireguard VPN that I use with OMV

    Under Services/Compose/Network you create a macVLAN and map it in the compose file of pihole. Here's an example of a pihole yml using a macvlan network called "pinet".


    How to set up a vlan interface is described here (below): https://wiki.omv-extras.org/do…v6_plugins:docker_compose

    Quote from mischka

    Under Services/Compose/Network you create a macVLAN and map it in the compose file of pihole. Here's an example of a pihole yml using a macvlan network called "pinet".


    How to set up a vlan interface is described here (below): https://wiki.omv-extras.org/do…v6_plugins:docker_compose

    thanks... I'll try it and see what happens

    I tried running pihole without a MacVLan or a bridge (in a VM) and it wouldn't bind to port 53 so it wouldn't work. I didn't look into the issue to far, I just run a MacVLan with docker and a bridge with a VM. The disadvantage with a MacVLan is the machine that is running the docker cannot connect to pihole. There is a way to configure it so it can loop into the MacVLan pihole for DNS, I configured it once but haven't since. If you run pihole in a VM with a bridge (br0) then the host can use it. I actually prefer running it in a small VM, Debian 12 and installed directly (not in docker), I find it more resilient to network disconnects. The VM fits in a 3gb image and uses less than 300mb of ram while running with almost no impact on cpu usage.

    Main-Srv: Xeon E5-2650 V4 32gb, OMV7 - 6.5.11-7-pve, Compose 7.0.3, Backup 7.0, Kernel 7.0.3, KVM 7.0.1, Resetperms 7.0, Sharerootfs 7.0-1, Wetty 7.0-1

    Mini-Srv: Intel N95 8gb, OMV6 - 6.2.16-20-pve, Compose 6.11.3, Kernel 6.4.9, MergFS 6.3.8, Resetperms 6.0.3, Sharerootfs 6.0.3-1, Wetty 6.0.7-1

    Inlaw's Srv: AMD A10-7800 16gb, OMV6 - 6.2.16-20-pve, Compose 6.11.3, Kernel 6.4.9, MergFS 6.3.8, Resetperms 6.0.3, Sharerootfs 6.0.3-1, Wetty 6.0.7-1

    Quote from jml79

    Ho provato a eseguire pihole senza un MacVLan o un bridge (in una VM) e non si legava alla porta 53, quindi non funzionava. Non ho esaminato il problema fino a fondo, ho solo eseguito un MacVLan con docker e un bridge con una VM. Lo svantaggio di un MacVLan è che la macchina che esegue il docker non può connettersi a pihole. C'è un modo per configurarlo in modo che possa collegarsi al foro MacVLan per DNS, l'ho configurato una volta ma da allora non l'ho più fatto. Se si esegue pihole in una macchina virtuale con un bridge (br0), l'host può usarlo. In realtà preferisco eseguirlo in una piccola VM, Debian 12 e installato direttamente (non in docker), lo trovo più resiliente alle disconnessioni di rete. La macchina virtuale si adatta a un'immagine da 3 GB e utilizza meno di 300 MB di RAM durante l'esecuzione senza quasi alcun impatto sull'utilizzo della CPU.

    Ok

    There is a good (German) tutorial though I didn't complete it yet:

    External Content www.youtube.com
    Content embedded from external sources will not be displayed without your consent.
    Through the activation of external content, you agree that personal data may be transferred to third party platforms. We have provided more information on this in our privacy policy.


    I managed to get my Pihole running in a docker container by follwing this guide after many unsuccessful attempts with other guieds.

    The next step will be adding unbound.


    But I still struggle understanding macvlan...

    OMV7.x

    AMD Ryzen 5 5600G

    ASRock B550M Pro4

    Crucial DIMM 16GB

    Western Digital WD Blue SN570

    Seagate IronWolf 8TB/WD Red 8TB

    AeroCool CS-102

    Thanks 1

    Maybe I can help with the experiences I made til I got this "beast" running:


    Target: Using pihole and unbound each in a separate docker container to avoid any port conflict. Using macvlan


    Start: Setting up MACVLAN

    Go to "Services -> Compose -> Networks" and add a new network.

    - Name: Choose unique name, like "myvlan"

    - Driver: macvlan

    - Parent network: Select adapter, where your vlan should be linked to

    - Subnet: E.g. "192.168.1.0/24", your IP network

    - Gateway: Usually your router, e.g. "192.168.1.1"

    - IP range: You can reserve a certain amount of IP addresses to be used with docker. Very late I learned, that this is only optional. So if you manage your IP addresses outside DHCP on your own, just leave this blank to save a lot of trouble with potential misconfigurations

    Save


    Next: Setting up pihole

    Go to "Services -> Compose -> Files" and add a new file

    - Enter name and description

    - Add this text to the file section and change all values to your network needs:




    Next: Setting up Unbound

    Go to "Services -> Compose -> Files" and add a new file (I choose a separate file for Unbound to be more flexible, some guides put all in one file)

    - Enter name and description

    - Add this text to the file section and change all values to your network needs:




    Final: Start both containers

    In the Files section use the "Up" button to start both containers.

    Dude!!!! you are amazing and that is the exact thing I have been looking for. I tried a lot of other ones with faking ports and creating custom config files...but your instructions works perfectly with the new OMV6 Docker inside of OMV.

    Thanks for the work and I appreciate you posting it.

    the only thing I would add is Point your DNS address to the PiHole IP that you assign. that is the only bit of instruction that I think you left off. But if anyone needs that info, they might be in over their head.


    JE :)

    Thanks a lot!! It works perfectly! 2 Tipps: If someone try to set this up like me on an a Raspberry-Pi 5 based device you need to use this unbound image: mvance/unbound-rpi:latest


    And to access the pi-Hole Web interface you have add an /admin to your Pi-Hole IP Address.



    I had also to make mi Pi-Hole to act as my DHCP Server because my router doesn't allow me to define a custom DNS. For this you need to add


    cap_add:

    - NET_ADMIN #necessary if you wanna Pi-Hole to act as your DHCP Server


    • Official Post
    Quote from Suroid

    Pi-Hole could do this also, but I couldn’t figure it out how to start the Container with NET_ADMIN rights.

    GitHub - pi-hole/docker-pi-hole: Pi-hole in a docker container
    Pi-hole in a docker container. Contribute to pi-hole/docker-pi-hole development by creating an account on GitHub.
    github.com

    Everything is working fine.

    I have the question, is there any option to add to change the name in Pihole " unbound.name_macvlan#53, when I put my DNS unbound on OPNsense I see OPNsense.my_nethome#53, where my_nethome is my domainname.

    I tryied with unbound added domainname:, but itsn't work.

    Can i ask a question about this as well? Haschmi's asnwer above seems like it will do the trick if I launch both containers, but before i do, im not sure on 1 point.


    I initially setup piHole, and had it working for a couple days, but decided to take it down to do some tweaking, and figure out unbound. I had added the piHole IP address to my routes DNS. Again, this worked. Looking at examples of how to setup unbound, including the above, it looks like unbound gets its own IP address, which is referenced by piHole. Iv seen this be a 127.0.0.1, or something like 192.168.1.251 (which is the IP i would use in my application, as iv reserved the last few IPs in the range).


    So up to this point it all makes sense, but what im not clear on is if the router DNS keeps the piHole IP? Or do i change the router to use the unBound IP? From what im read and seen, its seems like the router looks at piHole, and piHole looks at unBound which acts on its own, and then piHole gives the info back to the router.


    Long story short... do i keep the router set to the piHole DNS? or switch to the unbound DNS?


    thanks

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!

Register Yourself Login