Adds PiHole

2018-06-09 10:03:35 +00:00 · 2018-06-09 10:03:35 +00:00 · c7cf4c7db3
commit c7cf4c7db3
parent 2cfcaf03f7
3 changed files with 47 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -2,3 +2,4 @@ postgres-data
 wallabag
 nginx-log
 certs
+pihole-data
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -19,6 +19,7 @@ services:
      - SYMFONY__ENV__DOMAIN_NAME=https://bookmarks.abhinavsarkar.net
    depends_on:
      - db
+      - smtp
    volumes:
      - ./wallabag/images:/var/www/wallabag/web/assets/images
  db:
@ -46,3 +47,18 @@ services:
    image: namshi/smtp
    environment:
      MAILNAME: space.abhinavsarkar.net
+  pihole:
+    image: diginc/pi-hole:latest
+    environment:
+      ServerIP: ${PH_SERVER_IP}
+      WEBPASSWORD: ${PH_PASSWORD}
+      DNS1: 1.1.1.1
+      DNS2: 1.0.0.1
+      VIRTUAL_HOST: pihole.abhinavsarkar.net
+    ports:
+      - "53:53/tcp"
+      - "53:53/udp"
+    restart: unless-stopped
+    volumes:
+      - ./pihole-data/pihole:/etc/pihole
+      - ./pihole-data/dnsmasq:/etc/dnsmasq.d
--- a/nginx-conf/pihole.conf
+++ b/nginx-conf/pihole.conf
@ -0,0 +1,30 @@
+server {
+    listen 443 ssl;
+    server_name pihole.abhinavsarkar.net;
+
+    ssl_certificate /etc/nginx/certs/fullchain1.pem;
+    ssl_certificate_key /etc/nginx/certs/privkey1.pem;
+
+    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+    ssl_prefer_server_ciphers on;
+    ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
+
+    proxy_set_header X-Real-IP  $remote_addr; # pass on real client IP
+
+    location / {
+            proxy_pass http://pihole;
+    }
+}
+
+server {
+    listen 80;
+    server_name pihole.abhinavsarkar.net;
+    return 301 https://$host$request_uri;
+}
+
+server {
+    listen 80 default_server;
+    location / {
+            proxy_pass http://pihole;
+    }
+}