Man, what a struggle! I’ve been running close to the datacap for most of the year and figured, if I block the ads, and particularly the video ads, I gotta same some data. You can see how I’ve slowly been building out my containerized workload; this should be a snap!
I found a ton of great resources that were collected into my final Docker Compose file:
- This guy had the initial stuff and links to Gravity lists – https://github.com/Tech-Bandit/pi-hole
- This is the official GIT for pi-hole – https://github.com/pi-hole/docker-pi-hole/tree/master
- They recommended this guy for getting it working on Synology – https://sreeninet.wordpress.com/2016/05/29/docker-macvlan-and-ipvlan-network-plugins/
- But I like this guy’s videos on doing stuff with Synologies – https://www.wundertech.net/how-to-setup-pi-hole-on-a-synology-nas-two-methods/comment-page-2/
- Both of which highlighted the need for a MACVLAN network, official documentation – https://docs.docker.com/network/network-tutorial-macvlan/
- And the Portainer explanation – https://docs.portainer.io/user/docker/networks#supported-network-types
So I gathered snippets of this and that and made a configuration for myself. But when I tried to deploy the Stack, only errors! First was the volumes, totally messed up but reread my page on it and looked at the Wundertech example. The container would start but I couldn’t reach it. I learned that having both MACVLAN and Bridge network would allow Portainer/Docker to talk to the container while giving me the unique IP needed for the domain controller to point towards on Port 53. Then I watched this guy. He mentioned, in passing, how he selected the values for his MACVLAN network.
Well, in the end, I was trying to be too fancy. When I wrote the subnet description to fit in between my Unifi gateway address on 192.168.1.1 and the majority of my servers on 192.168.1.100+, it worked. This matched the subnet already on eth0 of my docker host. This seems to explain the technical bits of why – https://github.com/moby/libnetwork/blob/master/docs/macvlan.md. When I was trying to use 192.168.60.0/24, it was not routable. There might have been a solution manually adding a route on the gateway, that’s outside of my knowledge now.
If you look at the github readme in my repo, you can see a diagram of what I made. Once the container was up, could talk to the internet, could talk to the local network, a change to the DC to only use the PiHole was trivial. Last, I added a DNS entry so I can find the webpage for managing it. In the first day, it’s dropped 25-30% of all DNS lookups, mostly known ad and tracking URL. In a few weeks I’ll know if I actually get any data savings…
The only thing to edit, once this was running, adding a jetpack URL to the white list so I could even get to the editor page in WordPress.