Can’t access pihole externally using reverse proxy on docker

emrsmsrli · October 26, 2023, 12:11pm

Hi everybody,

I'm pretty new to this whole networking environment, like docker, pihole and stuff.

Every service I run is on docker on a rpi, including pihole and caddy for reverse proxy. The issue I'm facing is: after setting up everything on docker compose and caddy, I can't access pihole using my domain name. Basically I get redirected to the admin page, then it returns 502 code for some reason.

Though, It is accessible if I use the local ip of the rpi and the port I've assigned to pihole. And I know my domain/DNS setup works because I can access other services using the domain name.

Here's the docker compose file:

version: '3'

services:
  caddy:
    container_name: caddy
    image: caddy:2
    restart: always
    ports:
      - "80:80"
      - "443:443"
      - "443:443/udp"
    volumes:
      - /home/docker/caddy/Caddyfile:/etc/caddy/Caddyfile:ro
      - /home/docker/caddy/config:/config
      - /home/docker/caddy/data:/data
      
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    restart: unless-stopped
    network_mode: host
    volumes:
      - /home/docker/pihole:/etc/pihole
      - /home/docker/pihole/dnsmasq.d:/etc/dnsmasq.d
    cap_add:
      - NET_ADMIN
    environment:
      - TZ=Europe/Stockholm
      - PIHOLE_DNS_=8.8.8.8;8.8.4.4
      - FTLCONF_LOCAL_IPV4=192.168.0.143 # local ip of the raspberrypi
      - DNSMASQ_LISTENING=all
      - WEB_PORT=8125

  #...other services

and the caddy file basically contains this for pihole:

pihole.mydomain.com {
  reverse_proxy pihole:8125
}

#...other services

I've also tried removing the network_mode: host and exposing ports instead but it still has the same issue. For the record, I'd like to use DHCP so I prefer this to stay.

Has anybody have any idea about this? Thanks in advance!

Blockhead · October 27, 2023, 5:54am

I don't know much about reverse proxy, but perhaps setting a Local DNS of pihole.mydomain.com to 192.168.0.143#8125 would work?

emrsmsrli · October 27, 2023, 11:38am

Does not work unfortunately, I still get 502. And relevant Caddy log is below if anyone knows about it:

{"level":"error","ts":1698406602.5773423,"logger":"http.log.error.log2","msg":"dial tcp: lookup host.docker.internal on 127.0.0.11:53: no such host","request":{"remote_ip":"192.168.0.1","remote_port":"50443","client_ip":"192.168.0.1","proto":"HTTP/2.0","method":"GET","host":"pihole.MYHOST.com","uri":"/admin/","headers":{"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8"],"Accept-Language":["en-GB,en;q=0.5"],"Sec-Fetch-User":["?1"],"Te":["trailers"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/119.0"],"Accept-Encoding":["gzip, deflate, br"],"Dnt":["1"],"Upgrade-Insecure-Requests":["1"],"Sec-Fetch-Dest":["document"],"Sec-Fetch-Mode":["navigate"],"Sec-Fetch-Site":["none"],"Sec-Gpc":["1"]},"tls":{"resumed":false,"version":772,"cipher_suite":4867,"proto":"h2","server_name":"pihole.MYHOST.com"}},"duration":0.035136537,"status":502,"err_id":"t7aj6iqib","err_trace":"reverseproxy.statusError (reverseproxy.go:1265)"}

emrsmsrli · October 27, 2023, 12:44pm

OK I've solved the issue, turns out if a container is running with network_mode: host, you can't put container name in the Caddyfile, putting in the local ip of the raspberry pi solved the issue