-
Notifications
You must be signed in to change notification settings - Fork 101
/
docker-compose.yml
99 lines (93 loc) · 2.43 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
version: "2.1"
volumes:
pihole_config: {}
dnsmasq_config: {}
tailscale: {}
services:
pihole:
build: pihole
cap_add:
- SYS_TTY_CONFIG
- NET_ADMIN
volumes:
- "pihole_config:/etc/pihole"
- "dnsmasq_config:/etc/dnsmasq.d"
dns:
- "127.0.0.1"
- "1.1.1.1"
network_mode: host
labels:
io.balena.features.dbus: "1"
devices:
- /dev/tty0
- /dev/tty1
tmpfs:
- /var/log/pihole
environment:
DNSMASQ_LISTENING: all
PIHOLE_DNS_: 1.1.1.1;1.0.0.1
FONTFACE: Terminus
FONTSIZE: 8x14
WEBPASSWORD: balena
VIRTUAL_HOST: balena-devices.com
WEB_BIND_ADDR: 0.0.0.0
unbound:
build: unbound
cap_add:
- NET_ADMIN
ports:
- "5053:5053/tcp"
- "5053:5053/udp"
# https://github.com/balena-labs-projects/fbcp
# https://hub.balena.io/blocks/1792683/fbcp
fbcp:
image: bh.cr/balenalabs/fbcp/1.0.4
privileged: true
# https://github.com/balenablocks/hostname
# https://hub.balena.io/blocks/1918776/hostname-rpi
hostname:
image: bh.cr/g_tomas_migone1/hostname-rpi/0.2.1
restart: no
labels:
io.balena.features.supervisor-api: 1
environment:
SET_HOSTNAME: pihole
# https://hub.docker.com/r/tailscale/tailscale
# https://github.com/tailscale/tailscale/blob/main/cmd/containerboot/main.go
# https://tailscale.com/kb/1282/docker
# https://tailscale.com/kb/1278/tailscaled
# https://tailscale.com/kb/1241/tailscale-up
# https://tailscale.com/kb/1242/tailscale-serve
# https://tailscale.com/kb/1311/tailscale-funnel
tailscale:
image: tailscale/tailscale:v1.76.6@sha256:da35f0fbeb3037754049e3b079cb30c58c140576a50b54be107c0ff6ad0ec0e9
restart: unless-stopped
environment:
TS_STATE_DIR: /var/lib/tailscale
TS_SOCKET: /var/run/tailscale/tailscaled.sock
TS_USERSPACE: false
TS_AUTH_ONCE: false
TS_HOSTNAME: pi-hole
TS_EXTRA_ARGS: --accept-dns=false --reset
network_mode: host
cap_add:
- NET_ADMIN
- NET_RAW
- SYS_MODULE
labels:
io.balena.features.kernel-modules: 1
tmpfs:
- /tmp
- /run
volumes:
- tailscale:/var/lib/tailscale
entrypoint:
- /bin/sh
- -c
command:
- |
modprobe tun || true
modprobe wireguard || true
mkdir -p /dev/net
[ ! -c /dev/net/tun ] && mknod /dev/net/tun c 10 200
/usr/local/bin/containerboot