背景
家里的网络要去广告,需要pi-hole来处理。
Pi-Hole对外请求通过cloudflare doh来加密,避免isp获取你的访问记录,保护你的隐私。
操作
部署pi-hole
dockerhub上有现成的docker-compose.yml
,
https://hub.docker.com/r/pihole/pihole
一些问题
ERROR: for pihole Cannot start service pihole: driver failed programming external connectivity on endpoint pihole (fffc000d3cdb71d6bfa5dabd6ea4df4ff4ac83025282d302cbe709c4c57626e1): Error starting userland proxy: listen tcp4 0.0.0.0:53: bind: address already in use
ERROR: Encountered errors while bringing up the project.
需要停用自带的systemd-resolved
服务
sudo systemctl stop systemd-resolved
sudo systemctl disable systemd-resolved
增加cloudflare doh
最终配置如下。
version: "3"
services:
cloudflared:
container_name: cloudflared
image: visibilityspots/cloudflared
restart: unless-stopped
networks:
pihole_net:
ipv4_address: 10.0.0.2
pihole:
container_name: pihole
image: pihole/pihole:latest
ports:
- "53:53/tcp"
- "53:53/udp"
- "67:67/udp"
- "80:80/tcp"
environment:
- DNS1=10.0.0.2#5054
- DNS2=8.8.8.8#53
- IPv6=false
- TZ=Asia/Shanghai
- WEBPASSWORD=你的密码
- PIHOLELOG=/dev/null
# Volumes store your data between container upgrades
volumes:
- './etc-pihole/:/etc/pihole/'
- './etc-dnsmasq.d/:/etc/dnsmasq.d/'
# Recommended but not required (DHCP needs NET_ADMIN)
# https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
extra_hosts:
- "gateway.lan:192.168.50.192"
- "router.lan:192.168.50.1"
networks:
pihole_net:
ipv4_address: 10.0.0.3
dns:
- 127.0.0.1
- 1.1.1.1
cap_add:
- NET_ADMIN
restart: unless-stopped
networks:
pihole_net:
driver: bridge
ipam:
config:
- subnet: 10.0.0.0/29
碰到的问题
Temporary failure in name resolution
ERROR: Get https://registry-1.docker.io/v2/: dial tcp: lookup registry-1.docker.io: Temporary failure in name resolution
在/etc/resolve.conf
中添加dns配置即可
nameserver 8.8.8.8
nameserver 127.0.0.53
options edns0 trust-ad
Be First to Comment