Hi, I'd like to run Pi-hole as a container, but with unbound in the same container and its own IP address with macvlan. I couldn't find a guide to do exactly this, so here's my mash up of GitHub - mpgirro/docker-pihole-unbound: Run Pi-Hole + Unbound on Docker
Dockerfile and included files are the same as one container version, but since I want macvlan docker-compose.yaml is different:
version: '2'
volumes:
etc_pihole-unbound:
etc_pihole_dnsmasq-unbound:
services:
pihole:
container_name: pihole
image: christian/pihole-unbound:latest
hostname: pi-hole
mac_address: d0:ca:ab:cd:ef:01
cap_add:
- NET_ADMIN
ports:
- 443/tcp
- 53/tcp
- 53/udp
- 67/udp
- 80/tcp
environment:
- FTLCONF_LOCAL_IPV4=192.168.0.2
- TZ=My/Timezone
- WEBPASSWORD=my_password
- WEBTHEME=default-darker
- PIHOLE_DNS_=127.0.0.1#5335
- DNSSEC="true"
- DHCP_ACTIVE="true"
- DHCP_START=192.168.0.4
- DHCP_END=192.168.0.250
- DHCP_rapid_commit="true"
- SKIPGRAVITYONBOOT=1
volumes:
- etc_pihole-unbound:/etc/pihole:rw
- etc_pihole_dnsmasq-unbound:/etc/dnsmasq.d:rw
networks:
home:
ipv4_address: 192.168.0.2
restart: unless-stopped
networks:
home:
driver: macvlan
driver_opts:
parent: br0
ipam:
config:
- subnet: 192.168.0.0/24
gateway: 192.168.0.1
ip_range: 192.168.0.2/32
One thing that confused me is that when using macvlan, the containers are not reachable from the host.
Then I found this: https://www.networkshinobi.com/docker-host-cant-access-containers-running-on-macvlan/
So here's my nmcli configuration commands to run on the host:
sudo nmcli connection add con-name dockerrouteif type macvlan ifname dockerrouteif ipv4.addresses 192.168.0.251 dev br0 mode bridge
sudo nmcli connection modify dockerrouteif ipv4.method manual
sudo nmcli connection modify dockerrouteif +ipv4.routes "192.168.0.2/32"
sudo nmcli connection up dockerrouteif
Hope this will be useful to someone else.
Regards.
Christian