pi-hole in docker & cloudflared DNS-Over-HTTPS (DoH)
If you’ve followed this tutorial to set up DoH for pi-hole but happen to run pi-hole in a docker container, you’ve probably got some trouble resolving DNS entries since they’re using
127.0.0.1#5053 for the DNS configuration. This doesn’t work when pi-hole is running in a docker container since the
cloudflared daemon is either running on the host system or within another docker container.
Ideally, you’d run
cloudflared in another docker container and get the IP address fixed somehow and use this one in pi-hole. but since we’re at home and kinda lazy, we just followed the tutorial and need another way to use DoH.
let’s just bind
cloudflared to listen on all interfaces for DNS queries, then we can just put in the host ip of the raspberry pi into the DNS configuration within pi-hole. to do this, edit the created
/etc/cloudflared/config.yml config file and add this somewhere:
mine looks like this now
proxy-dns: true proxy-dns-address: 0.0.0.0 proxy-dns-port: 5053 proxy-dns-upstream: - https://184.108.40.206/dns-query - https://220.127.116.11/dns-query - https://[2606:4700:4700::1111]/dns-query - https://[2606:4700:4700::1001]/dns-query
Just restart cloudflared with
service restart cloudflared and set
your-rpi-ip#5053 as the IP address in the pi-hole settings. should look like this then:
I was also running
ufw on my pi, so I had to open up port
5053 as well.
ufw allow 5053/tcp
ufw allow 5053/udp