If you’ve followed this tutorial to set up DoH for pi-hole but happen to run pi-hole in a docker container, you’ve probably got some trouble resolving DNS entries since they’re using 127.0.0.1#5053 for the DNS configuration. This doesn’t work when pi-hole is running in a docker container since the cloudflared daemon is either running on the host system or within another docker container.

Ideally, you’d run cloudflared in another docker container and get the IP address fixed somehow and use this one in pi-hole. but since we’re at home and kinda lazy, we just followed the tutorial and need another way to use DoH.

let’s just bind cloudflared to listen on all interfaces for DNS queries, then we can just put in the host ip of the raspberry pi into the DNS configuration within pi-hole. to do this, edit the created /etc/cloudflared/config.yml config file and add this somewhere:

proxy-dns-address: 0.0.0.0

mine looks like this now

proxy-dns: true
proxy-dns-address: 0.0.0.0
proxy-dns-port: 5053
proxy-dns-upstream:
  - https://1.1.1.1/dns-query
  - https://1.0.0.1/dns-query
  - https://[2606:4700:4700::1111]/dns-query
  - https://[2606:4700:4700::1001]/dns-query

Just restart cloudflared with service restart cloudflared and set your-rpi-ip#5053 as the IP address in the pi-hole settings. should look like this then:

pi-hole config

I was also running ufw on my pi, so I had to open up port 5053 as well.

  • ufw allow 5053/tcp
  • ufw allow 5053/udp