This tutorial will show you how to install and run Pi-Hole as a Docker container.
Pi-Hole is a software that act as your DNS provider to actively block internet ads and trackers. It does this by filtering the DNS requests and sending any blocked domains into a blackhole, so the request is never completed.
Another cool thing about Pi-Hole is that it can also work well to monitor your network traffic, as you can set it to log any DNS requests that the server receives.
While this software is perfect for devices like the Raspberry Pi, you can install it on any Linux machine. Or, when using Docker, you can even run Pi-Hole on a Windows device.
1 second of 1 minute, 30 secondsVolume 0%
You can run Pi-Hole on your devices in many ways, but one of the easiest is to use Docker. The advantage of using Docker is that everything you need is set up within the container.
Please note that we tested the following steps for installing Pi-Hole through a Docker container on an Ubuntu system. However, they should work fine on any system where you can install “Docker” and “Docker Compose”.
Preparing your System to Run Pi-Hole as a Container
These first few steps will get your Linux system set up to run Pi-Hole through a Docker container. If you already have Docker installed on your system, you can skip to the “Installing the Pi-Hole Docker Container” section.
1. If you are running a Debian-based operating system such as Ubuntu, you will need to update the package list cache before we can install the software needed to run Pi-Hole.
You can update the package list by using the following command.
sudo apt update
2. The only package we need to get Pi-Hole running with Docker is the Docker runtime.
This process is straightforward as long as your operating system has Docker available in its main package repository. Popular operating systems like Ubuntu already have Docker available in its repository.
If it is available, you can install Docker-compose by using the relevant command below in the terminal.
Systems Using the apt Package Manager (Debian, Ubuntu, Raspberry Pi OS, Linux Mint, etc.)
For Debian-based systems such as Ubuntu, you can use the following command.
sudo apt install docker-compose
Systems Using the dnf Package Manager (RHEL 8+, Fedora 22+, CentOS 8+, etc)
If you are using a system that uses the DNF package manager, you can run the command below.
sudo dnf install docker-compose
Systems Using the yum Package Manager (RHEL7, Fedora 21, CentOS 7, etc)
For systems that use the yum Package manager, you can use the below command.
sudo yum install docker-compose
3. That is all the software you need on your Linux system to run Pi-Hole within a Docker container.
Any additional software that is needed will all be stored within the container. This greatly simplifies getting Pi-Hole running on Linux-based systems such as Ubuntu.
Installing the Pi-Hole Docker Container
This section will show you the process of installing Pi-Hole as a Docker container on your Linux-based system. All we need to do within this section is to write a “docker-compose
” configuration file.
This file tells Docker what containers it needs to download and what ports it needs to open.
Creating a Directory for Pi-Hole
1. Start by creating a directory where you will store the configuration file for the Pi-Hole docker container.
We will do this by using the mkdir command to create a directory called “pihole
” in our user’s home directory.
root@xcozy:~# mkdir /data/docker-data/pi-hole
2. Let us move into our newly created directory by using the cd command.
<code>cd ~/pihole</coroot@xcozy:/data/docker-data/pi-hole# mkdir etc-dnsmasq.d etc-pihole root@xcozy:/data/docker-data/pi-hole# ls -l total 12 -rw-r--r-- 1 root root 448 Jul 30 16:27 docker-compose.yml drwxr-xr-x 2 root root 4096 Jul 30 16:27 etc-dnsmasq.d drwxr-xr-x 2 root root 4096 Jul 30 16:27 etc-pihole root@xcozy:/data/docker-data/pi-hole#de><a href="https://pimylifeup.com/pi-hole-docker/#copy">Copy</a>
Writing the Docker-Compose Configuration File
3. Our next step is writing the “docker-compose.yml
” file. This file is where we will define the Pi-Hole docker container and the options we want passed to the container.
nano docker-compose.yml
4. Within this file, you will want to enter the following lines. We will explain the pieces you may want to modify shortly.
version: "3" services: pihole: container_name: pihole image: pihole/pihole:latest ports: - "53:53/tcp" - "53:53/udp" - "67:67/udp" - "80:80/tcp" environment: TZ: 'Asia/Jakarta' WEBPASSWORD: 'MyPiHol3' volumes: - './etc-pihole:/etc/pihole' - './etc-dnsmasq.d:/etc/dnsmasq.d' cap_add: - NET_ADMIN restart: unless-stopped
Configuring the Pi-Hole Configuration File
5. Before you save this file, there are three Docker options that you will want to reconfigure for Pi-Hole to suit your setup better.
Setting the Password for the Pi-Hole Web Interface
Out of all the things to configure, you will want to set a secure password before running the Pi-Hole container. Pi-Hole will randomly generate the password if you don’t set a value.
Begin by looking for the following line within the configuration file.
# WEBPASSWORD: 'set a secure password here or it will be random'
Replace with the following, switching out “SECUREPASSWORD
” with a secure password of your own. Try and use letters, numbers, and symbols.
WEBPASSWORD: 'SECUREPASSWORD'
Configuring the Web Interface Port of Pi-Hole
By default, we will set up the Docker container so Pi-Hole will be accessible through port80
on your system. This could be problematic if you already have something operating on port 80
.
To change this, you will want to find the following line and change the number on the left side of the colon (:
).
- "80:80/tcp"
For example, to change the port to “8080
“, you would replace that line with the following.
- "8080:80/tcp"
Setting the Time Zone for the Pi-Hole Docker Container
By default, the Pi-Hole docker container has been configured to use the “Chicago
” time zone. It is possible, however, to adjust this to your local time zone.
You can find a list of valid time zone values on Wikipedia. The value you want to use is in the “TZ database name” column.
To adjust the time zone, find the following line within the file.
TZ: 'Asia/Jakarta'
Adjust this value to match your time zone. For example, for Hobart, Australia, we would utilize the line below.
TZ: 'Australia/Hobart'
Saving the Docker-Compose File
6. Once you have made the above changes to the file, save and quit by pressing CTRL + X, followed by Y, then the ENTER key.
Disabling the Systemd-Resolve Service (Ubuntu Only)
7. If you are using an Ubuntu to run the Pi-Hole Docker container, you may need to disable the Systemd-resolve service.
Check the status of systemd-resolved service
sudo systemctl status systemd-resolved
root@xcozy:/data/docker-data/pi-hole# sudo systemctl status systemd-resolved ● systemd-resolved.service - Network Name Resolution Loaded: loaded (/lib/systemd/system/systemd-resolved.service; enabled; vendor preset: enabled) Active: active (running) since Sun 2023-07-30 16:25:04 WIB; 7min ago Docs: man:systemd-resolved.service(8) https://www.freedesktop.org/wiki/Software/systemd/resolved https://www.freedesktop.org/wiki/Software/systemd/writing-network-configuration-managers https://www.freedesktop.org/wiki/Software/systemd/writing-resolver-clients Main PID: 28815 (systemd-resolve) Status: "Processing requests..." Tasks: 1 (limit: 1085) Memory: 4.9M CGroup: /system.slice/systemd-resolved.service └─28815 /lib/systemd/systemd-resolved Jul 30 16:25:04 xcozy systemd[1]: Starting Network Name Resolution... Jul 30 16:25:04 xcozy systemd-resolved[28815]: Positive Trust Anchors: Jul 30 16:25:04 xcozy systemd-resolved[28815]: . IN DS 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d Jul 30 16:25:04 xcozy systemd-resolved[28815]: Negative trust anchors: 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-addr.arpa 18.172.in-addr.arpa 19.172.in-addr.arpa 20.172.in-addr.arpa 21.172.in-addr.ar> Jul 30 16:25:04 xcozy systemd-resolved[28815]: Using system hostname 'xcozy'. Jul 30 16:25:04 xcozy systemd[1]: Started Network Name Resolution. root@xcozy:/data/docker-data/pi-hole#
The operating system uses this service to provide network name resolution. As Pi-Hole will want to operate on the same part the resolve service does, we need to disable it.
Start by stopping the systemd-resolve service by using the following command.
sudo systemctl stop systemd-resolved
8. With the service stopped, you will also want to disable it by using the command below.
Disabling the service will stop Ubuntu from starting it back up the next time you restart your device.
sudo systemctl disable systemd-resolved
9. With the “systemd-resolve
” service now disabled, our next step is to modify the “/etc/resolv.conf
” file to point to a different nameserver. By default, the nameserver will be configured to the systemd service.
Use the command below to begin modifying the configuration file.
sudo nano /etc/resolv.conf
10. You will want to find and replace the following line within this file.
nameserver 127.0.0.53
Replace it with the following. This changes the nameserver to Cloudflare’s 1.1.1.1 service dan Google DNS 8.8.8.8
nameserver 1.1.1.1 nameserver 8.8.8.8
root@xcozy:~# cat /etc/resolv.conf # Generated by NetworkManager nameserver 1.1.1.1 nameserver 8.8.8.8 root@xcozy:~#
11. Once you have made changes to this file, save and quit by pressing CTRL + X, followed by Y, then the ENTER key.
Starting the Pi-Hole Docker Container
12. We can finally start up Pi-Hole’s Docker container on our Linux system.
All you need to do now is run the following command within the terminal.
sudo docker-compose up -d
Please note this process can take a couple of minutes, depending on your device’s internet connection.
Accessing the Pi-Hole Web Interface
Now that we have the Pi-Hole docker container up and running on your system, we can proceed to use its web interface.
This web interface allows you to control all aspects of Pi-Hole on your system, so you won’t have to mess around with configuration files.
1. Before we begin, you will need to know the IP address of your device so that you can access the web interface.
The easiest way to get the local IP address is to use the hostname command.
hostname -I
2. With your local IP address, you will want to go to the following within your web browser.
Ensure you replace “IPADDRESS
” with the IP you got in the previous step.
http://IPADDRESS/admin
If you changed the port away from “80
“, you need to insert the port like shown below.
http://IPADDRESS:PORT/admin
3. You should now be greeted with the login page for Pi-Hole.
To log in, you must type in the password (1.) you set when writing the Docker configuration file earlier.
With your password typed in, click the “Log In
” button (2.)
4. You now have access to the Pi-Hole dashboard running from within the Docker container.
5. With access to the dashboard, now is a good time to start changing your device’s DNS to use Pi-Hole.
We won’t be covering how exactly to do this in this guide. However, we have a guide that shows you how to change the DNS servers on Ubuntu.
When setting the DNS servers, you must use the IP belonging to the device you are running Pi-Hole on.
Conclusion
This tutorial shows you how to run Pi-Hole within a docker container on a Linux system.
Pi-Hole is a neat software that allows you to run a network-wide ad blocker easily. It works by handling your DNS requests and blocking domain names associated with ads.