aboutsummaryrefslogtreecommitdiff
path: root/unsorted/docker_compose_stacks/pihole-via-tailscale
diff options
context:
space:
mode:
Diffstat (limited to 'unsorted/docker_compose_stacks/pihole-via-tailscale')
-rw-r--r--unsorted/docker_compose_stacks/pihole-via-tailscale/README.md34
-rw-r--r--unsorted/docker_compose_stacks/pihole-via-tailscale/docker-compose.yaml30
2 files changed, 64 insertions, 0 deletions
diff --git a/unsorted/docker_compose_stacks/pihole-via-tailscale/README.md b/unsorted/docker_compose_stacks/pihole-via-tailscale/README.md
new file mode 100644
index 0000000..47b6869
--- /dev/null
+++ b/unsorted/docker_compose_stacks/pihole-via-tailscale/README.md
@@ -0,0 +1,34 @@
+# Pi-hole via Tailscale
+
+A Docker Compose stack that runs [Pi-hole](https://pi-hole.net/) behind [Tailscale](https://tailscale.com/), making your Pi-hole instance accessible only via your Tailnet.
+
+## Services
+
+- **Pi-hole** - Network-wide ad blocking DNS server
+- **Tailscale** - Secure mesh VPN for private network access
+
+## Setup
+
+1. Change the `WEBPASSWORD` environment variable in `docker-compose.yaml` to a secure password
+2. Start the stack:
+ ```bash
+ docker compose up -d
+ ```
+3. Get the Tailscale login URL:
+ ```bash
+ docker compose logs -f tailscale
+ ```
+4. Open the login URL in your browser to authenticate with Tailscale
+5. Access Pi-hole's admin interface at `http://pihole:80/admin` from any device on your Tailnet
+
+## Configuration
+
+- **Timezone**: Set via `TZ` environment variable (default: `Europe/London`)
+- **Web Password**: Set via `WEBPASSWORD` environment variable
+- **DNS Listening Mode**: Set to `ALL` to accept queries from all origins
+
+## Volumes
+
+- `./etc-pihole` - Pi-hole configuration
+- `./etc-dnsmasq.d` - dnsmasq configuration
+- `./tailscale-data` - Tailscale state
diff --git a/unsorted/docker_compose_stacks/pihole-via-tailscale/docker-compose.yaml b/unsorted/docker_compose_stacks/pihole-via-tailscale/docker-compose.yaml
new file mode 100644
index 0000000..f5a8070
--- /dev/null
+++ b/unsorted/docker_compose_stacks/pihole-via-tailscale/docker-compose.yaml
@@ -0,0 +1,30 @@
+services:
+ pihole:
+ image: pihole/pihole:2025.11.1
+ network_mode: service:tailscale
+ environment:
+ TZ: "Europe/London"
+ WEBPASSWORD: "CHANGEME"
+ FTLCONF_dns_listeningMode: "ALL"
+ volumes:
+ - "./etc-pihole:/etc/pihole"
+ - "./etc-dnsmasq.d:/etc/dnsmasq.d"
+ restart: unless-stopped
+ cap_add:
+ - SYS_NICE
+ depends_on:
+ - tailscale
+
+ tailscale:
+ image: tailscale/tailscale:v1.92.4
+ hostname: pihole
+ environment:
+ - TS_AUTH_ONCE="true"
+ - TS_STATE_DIR=/var/lib/tailscale
+ volumes:
+ - ./tailscale-data:/var/lib/tailscale
+ - /dev/net/tun:/dev/net/tun
+ cap_add:
+ - NET_ADMIN
+ - NET_RAW
+ restart: unless-stopped
generated by cgit v1.2.3 (git 2.25.1) at 2026-06-21 16:25:16 +0000