compose.yml

# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/
#
# Example .env:
# TZ=CHANGEME
# MACVLAN_IPV4_ADDRESS=CHANGEME
# MACVLAN_IPV4_SUBNET=CHANGEME
# FTLCONF_LOCAL_IPV4=CHANGEME
# REV_SERVER_TARGET=CHANGEME
# REV_SERVER_DOMAIN=lan
# REV_SERVER_CIDR=CHANGEME
# WEBPASSWORD=CHANGEME
# TUNNEL_DNS_UPSTREAM=CHANGEME
# VIRTUAL_HOST=pi.hole

services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    environment:
      TZ:
      WEBPASSWORD:
      FTLCONF_LOCAL_IPV4:
      PIHOLE_DNS_: 127.0.0.1#5053
      DNSSEC: "true"
      REV_SERVER: "true"
      REV_SERVER_TARGET:
      REV_SERVER_DOMAIN:
      REV_SERVER_CIDR:
      VIRTUAL_HOST:
    volumes:
      - 'pihole:/etc/pihole/'
      - 'dnsmasq:/etc/dnsmasq.d/'
    dns:
      - 127.0.0.1
      - 1.1.1.1
    # Recommended but not required (DHCP needs NET_ADMIN)
    #   https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
    cap_add:
      - NET_ADMIN
    restart: always
    networks:
      macvlan:
        ipv4_address: ${MACVLAN_IPV4_ADDRESS}

  proxy-dns:
    image: cloudflare/cloudflared:latest
    command: proxy-dns --port=5053 --max-upstream-conns 50
    environment:
      TUNNEL_DNS_UPSTREAM:
    restart: always
    network_mode: "container:pihole"

volumes:
  pihole:
  dnsmasq:

networks:
  macvlan:
    driver: macvlan
    driver_opts:
      parent: eth0
    ipam:
      config:
        - subnet: ${MACVLAN_IPV4_SUBNET}