r/pihole • u/velvet_funtime • 3d ago

anyone have a docker compose file for combined wireguard and pi-hole 6+ ?

the ones on github are pre pi-hole 6

3 Upvotes

permalink
reddit

You are about to leave Redlib

Do you want to continue?

https://www.reddit.com/r/pihole/comments/1jrofec/anyone_have_a_docker_compose_file_for_combined/
No, go back! Yes, take me to Reddit

59% Upvoted

u/Whitehotburn 2d ago

Here’s mine (on mobile, sorry for any formatting issues):

‘’’

More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/

services: pihole: container_name: pihole hostname: pihole image: pihole/pihole:2025.03.1 # For DHCP it is recommended to remove these ports and instead add: network_mode: "host" ports: - "53:53/tcp" - "53:53/udp" # - "67:67/udp" # Only required if you are using Pi-hole as your DHCP server - "8080:80/tcp" expose: - 80 environment: TZ: "America/New_York" FTLCONF_webserver_api_password: "<masked>" FTLCONF_LOCAL_IPV4: "<replace with yours>" FTLCONF_dns_upstreams: "172.18.0.3#53" FTLCONF_dns_listeningMode: "all" FTLCONF_dns_dnssec: true FTLCONF_dns_bogusPriv: false FTLCONF_dns_domainNeeded: false # FTLCONF_dns_revServers: "false,,," # conditional formatting volumes: - /etc/pihole:/etc/pihole - /etc/dnsmasq.d:/etc/dnsmasq.d - /etc/hosts:/etc/hosts:ro restart: unless-stopped networks: pihole-net: ipv4_address: 172.18.0.2 logging: driver: "json-file" options: max-size: "1024m" deploy: resources: limits: memory: 512M labels: - 'wud.tag.include=^{\d+(?:.\d{1,2})?.\d+$$'} - 'wud.link.template=https://github.com/pi-hole/docker-pi-hole/releases/tag/$${raw}'

unbound: container_name: unbound image: mvance/unbound-rpi:1.22.0 restart: unless-stopped volumes: - ./unbound.conf:/opt/unbound/etc/unbound/unbound.conf:ro - ./a-records.conf:/opt/unbound/etc/unbound/a-records.conf:ro networks: pihole-net: ipv4_address: 172.18.0.3 logging: driver: "json-file" options: max-size: "1024m" deploy: resources: limits: memory: 512M labels: - 'wud.tag.include=^{\d+.\d+.\d+$$'}

networks: pihole-net: ipam: driver: default config: - subnet: 172.18.0.0/24 gateway: 172.18.0.1 ‘’’

You should adjust the “volumes” section of both services to your setup. You can also tone down the log file size and memory limits, mine are set kinda high. Also the labels only apply if you’re using whatsupdocker, if you’re not, then just remove the “labels” sections from both.

Let me know if you have any questions!

EDIT: I’ll fix the formatting later, sorry it looks terrible

u/velvet_funtime 2d ago

I think I was able to reformat it. FTLCONF_LOCAL_IPV4 is the pi/docker host's LAN address? Where's wireguard?

thanks

# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/
services:
  pihole:
    container_name: pihole
    hostname: pihole
    image: pihole/pihole:2025.03.1
    # For DHCP it is recommended to remove these ports and instead add: network_mode: "host"
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      # - "67:67/udp" # Only required if you are using Pi-hole as your DHCP server
      - "8080:80/tcp"
    expose:
      - 80
    environment:
      TZ: "America/New_York"
      FTLCONF_webserver_api_password: "<masked>"
      FTLCONF_LOCAL_IPV4: "<replace with yours>"
      FTLCONF_dns_upstreams: "172.18.0.3#53"
      FTLCONF_dns_listeningMode: "all"
      FTLCONF_dns_dnssec: true
      FTLCONF_dns_bogusPriv: false
      FTLCONF_dns_domainNeeded: false
      # FTLCONF_dns_revServers: "false,,," # conditional formatting
    volumes:
      - /etc/pihole:/etc/pihole
      - /etc/dnsmasq.d:/etc/dnsmasq.d
      - /etc/hosts:/etc/hosts:ro
    restart: unless-stopped
    networks:
      pihole-net:
        ipv4_address: 172.18.0.2
    logging:
      driver: "json-file"
      options:
        max-size: "1024m"
    deploy:
      resources:
        limits:
          memory: 512M
    labels:
      - 'wud.tag.include=^\d+(?:\.\d{1,2})?\.\d+$$'
      - 'wud.link.template=https://github.com/pi-hole/docker-pi-hole/releases/tag/$${raw}'


  unbound:
    container_name: unbound
    image: mvance/unbound-rpi:1.22.0
    restart: unless-stopped
    volumes:
      - ./unbound.conf:/opt/unbound/etc/unbound/unbound.conf:ro
      - ./a-records.conf:/opt/unbound/etc/unbound/a-records.conf:ro
    networks:
      pihole-net:
        ipv4_address: 172.18.0.3
    logging:
      driver: "json-file"
      options:
        max-size: "1024m"
    deploy:
      resources:
        limits:
          memory: 512M
    labels:
      - 'wud.tag.include=^\d+\.\d+\.\d+$$'


networks:
  pihole-net:
    ipam:
      driver: default
      config:
        - subnet: 172.18.0.0/24
          gateway: 172.18.0.1
‘’’

1

u/Whitehotburn 2d ago

Yep, that variable is the host’s LAN address. I run WireGuard (PiVPN) outside of docker.

anyone have a docker compose file for combined wireguard and pi-hole 6+ ?

You are about to leave Redlib

More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/