Setting up DoH / DoT using Docker containers

robd003 · August 7, 2024, 5:51pm

I've been searching around trying to find a guide to setting up an all Docker based configuration that would have Pi Hole resolving queries using DoH or DoT.

Is the best method by "subclassing" the currently published Pi Hole Docker image and adding unbound to it?

FROM pihole/pihole:2024.07.0
RUN apt-get install unbound
RUN cat << EOF > /etc/unbound/unbound.conf
server:
    tls-cert-bundle: /etc/ssl/certs/ca-certificates.crt

forward-zone:
    name: "."
    forward-tls-upstream: yes
    forward-addr: 208.67.222.222@853
    forward-addr: 208.67.220.220@853
EOF
# something to add starting unbound in start.sh
ENTRYPOINT ["/sbin/tini" "--" "start.sh"]

Bucking_Horn · August 8, 2024, 11:29pm

Routers may allow you to enable DoT or DoH for their upstream DNS servers.

If yours does, probably the easiest way would be to enable that in your router, and configure Pi-hole to use your router as its only upstream.

system · August 15, 2024, 11:29pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.