Hey there !
I've my full stack docker with pi-hole, configured as DHCP and DNS for my lan.
I use the bridge mode (with a traefik as reverse, but not for the 53/UDP because it's useless).
My last domain configured was ".lan".
In the Query Log, and despite the fact that I changed it everywhere (it seem to), everything concerning the docker host remains in .lan.
I have already restarted the FTL service, and restart the whole stack...
On all file/trace below :
-
x.x.x.x
is lan IP -
y.y.y.y
is docker stack IP -
z.z.z.z
is wan IP
My pihole version (latest on docker hub):
Docker Tag 2022.01.1 Pi-hole v5.8.1 FTL v5.13 Web Interface v5.10.1
Example (from the web interface):
2022-01-19 11:48:38 AAAA pihole.mydomain.tld host.lan OK (cache) CNAME (0.0ms)
2022-01-19 11:48:38 A pihole.mydomain.tld host.lan OK (cache) CNAME (0.0ms)
Exemple from logs (CLI on the container):
Jan 19 11:55:41 dnsmasq[405]: query[A] pihole.mydomain.tld from x.x.x.1
Jan 19 11:55:41 dnsmasq[405]: config pihole.mydomain.tld is <CNAME>
Jan 19 11:55:41 dnsmasq[405]: /etc/pihole/custom.list host.mydomain.tld is y.y.y.50
Jan 19 11:55:41 dnsmasq[405]: query[AAAA] pihole.mydomain.tld from x.x.x.1
Jan 19 11:55:41 dnsmasq[405]: config pihole.mydomain.tld is <CNAME>
CLI on the container:
root@containerid:/etc# host y.y.y.50
50.y.y.y.in-addr.arpa domain name pointer host.mydomain.tld.
root@containerid:/etc# host 127.0.0.1
1.0.0.127.in-addr.arpa domain name pointer localhost.mydomain.tld.
My docker-compose configuration (It's not the original file, I only put useful information for my problem) :
---
version: '3.8'
networks:
my_net:
driver: bridge
ipam:
driver: default
config: [{subnet: x.x.x.0/24, gateway: x.x.x.1}]
services:
traefik:
container_name: traefik
image: traefik:latest
ports:
- 80:80
- 443:443
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./traefik/conf/traefik.yml:/etc/traefik/traefik.yml:ro
- /etc/localtime:/etc/localtime:ro
- /etc/timezone:/etc/timezone:ro
depends_on:
- pihole
networks:
my_net:
ipv4_address: x.x.x.10
restart: unless-stopped
pihole:
container_name: pihole
image: pihole/pihole:latest
env_file:
- "./pihole/.env"
volumes:
- ./pihole/pihole/:/etc/pihole/:rw
- ./pihole/dnsmasq.d/:/etc/dnsmasq.d/:rw
ports:
- 53:53/udp
- 53:53
dns:
- 127.0.0.1
- 1.1.1.1
cap_add:
- NET_ADMIN
depends_on:
- dhcphelper
labels:
- "traefik.enable=true"
- "traefik.http.routers.pihole-http.rule=Host(`pihole.mydomain.tld`)"
- "traefik.http.routers.pihole-http.entrypoints=http"
- "traefik.http.routers.pihole-http.service=pihole-80"
- "traefik.http.services.pihole-80.loadbalancer.server.port=80"
- "traefik.http.routers.pihole-http.middlewares=onlylan-whitelist@file"
networks:
my_net:
ipv4_address: x.x.x.15
restart: unless-stopped
dhcphelper:
container_name: dhcphelper
build:
context: './dhcphelper'
network_mode: "host"
command: -s x.x.x.15
cap_add:
- NET_ADMIN
restart: unless-stopped
My pi-hole ".env" file :
ServerIP=x.x.x.50
VIRTUAL_HOST=pihole.mydomain.tld
TZ=Europe/Paris
WEBPASSWORD=xxxxx
PIHOLE_DNS_1=z.z.z.z
PIHOLE_DNS_2=z.z.z.z
PIHOLE_DNS_3=z.z.z.z
PIHOLE_DNS_4=z.z.z.z
PIHOLE_DNS_5=z.z.z.z
PIHOLE_DNS_6=z.z.z.z
PIHOLE_DNS_7=x.x.x.15#5053
DNSMASQ_LISTENING=all
The dnsmasq.d/02-pihole-dhcp.conf
file:
dhcp-authoritative
dhcp-range=y.y.y.101,y.y.y.251,24h
dhcp-option=option:router,y.y.y.1
dhcp-leasefile=/etc/pihole/dhcp.leases
#quiet-dhcp
domain=mydomain.tld
local=/mydomain.tld/
The dnsmasq.d/05-pihole-custom-cname.conf
file:
cname=pihole.mydomain.tld,host.mydomain.tld
The setupVars.conf
file:
WEBPASSWORD=xxxxx
ADMIN_EMAIL=
WEBUIBOXEDLAYOUT=boxed
WEBTHEME=default-dark
PIHOLE_DNS_1=z.z.z.z
PIHOLE_DNS_2=z.z.z.z
PIHOLE_DNS_3=z.z.z.z
PIHOLE_DNS_4=z.z.z.z
PIHOLE_DNS_5=z.z.z.z
PIHOLE_DNS_6=z.z.z.z
PIHOLE_DNS_7=x.x.x.15#5053
DNS_FQDN_REQUIRED=true
DNS_BOGUS_PRIV=true
DNSSEC=false
REV_SERVER=false
IPV4_ADDRESS=y.y.y.50
BLOCKING_ENABLED=true
DHCP_ACTIVE=true
DHCP_START=y.y.y.101
DHCP_END=y.y.y.251
DHCP_ROUTER=y.y.y.1
DHCP_LEASETIME=24
PIHOLE_DOMAIN=mydomain.tld
DHCP_IPv6=false
DHCP_rapid_commit=false
INSTALL_WEB_SERVER=true
INSTALL_WEB_INTERFACE=true
PIHOLE_INTERFACE=eth0
DNSMASQ_LISTENING=all
QUERY_LOGGING=true
The custom.list
:
y.y.y.50 host.mydomain.tld
If anyone know where the problem is...
Thanks in advance !