Running Pi-Hole as a Docker Container

This tutorial will show you how to install and run Pi-Hole as a Docker container.

Pi-Hole is a software that act as your DNS provider to actively block internet ads and trackers. It does this by filtering the DNS requests and sending any blocked domains into a blackhole, so the request is never completed.

Another cool thing about Pi-Hole is that it can also work well to monitor your network traffic, as you can set it to log any DNS requests that the server receives.

While this software is perfect for devices like the Raspberry Pi, you can install it on any Linux machine. Or, when using Docker, you can even run Pi-Hole on a Windows device.

You can run Pi-Hole on your devices in many ways, but one of the easiest is to use Docker. The advantage of using Docker is that everything you need is set up within the container.

Please note that we tested the following steps for installing Pi-Hole through a Docker container on an Ubuntu system. However, they should work fine on any system where you can install “Docker” and “Docker Compose”.

Preparing your System to Run Pi-Hole as a Container

These first few steps will get your Linux system set up to run Pi-Hole through a Docker container. If you already have Docker installed on your system, you can skip to the “Installing the Pi-Hole Docker Container” section.

1. If you are running a Debian-based operating system such as Ubuntu, you will need to update the package list cache before we can install the software needed to run Pi-Hole.

You can update the package list by using the following command.

sudo apt update

2. The only package we need to get Pi-Hole running with Docker is the Docker runtime.

Thanks to a convenience script the Docker team provides, installing this runtime is straightforward. While you could install Docker from your package repository, it can be significantly out-of-date.

To install Docker on any supported operating system, run the command below.

curl -sSL https://get.docker.com | sh

3. After installing Docker, it is helpful to add your current user to the “docker” group it created. Adding your user to the group is as easy as using the usermod command.

We want to add your user to this group because it makes controlling the Pi-Hole Docker container easier. We don’t have to worry about using “sudo” to interact with the containers.

sudo usermod -aG docker $USER

4. Because we made changes to our user’s groups you will need to log out.

You can easily log out from the terminal by running the following command.

logout

Alternatively, you can just restart your machine by using the reboot command.

sudo reboot

5. That is all the software you need on your Linux system to run Pi-Hole within a Docker container.

Any additional software that is needed will all be stored within the container. This greatly simplifies getting Pi-Hole running on Linux-based systems such as Ubuntu.

Installing the Pi-Hole Docker Container

This section will show you the process of installing Pi-Hole as a Docker container on your Linux-based system. All we need to do within this section is to write a “docker-compose” configuration file.

This file tells Docker what containers it needs to download and what ports it needs to open.

Creating a Directory for Pi-Hole

1. Start by creating a directory where you will store the configuration file for the Pi-Hole docker container.

We will do this by using the mkdir command to create a directory called “pihole” in our user’s home directory.

sudo mkdir -p /opt/stacks/pihole

2. Let us move into our newly created directory by using the cd command.

cd /opt/stacks/pihole

Writing the Docker-Compose Configuration File

3. Our next step is writing the “compose.yaml” file. This file is where we will define the Pi-Hole docker container and the options we want passed to the container.

nano compose.yaml

4. Within this file, you will want to enter the following lines. We will explain the pieces you may want to modify shortly.

version: "3"

services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "67:67/udp"
      - "80:80/tcp"
    environment:
      TZ: 'America/Chicago'
      # WEBPASSWORD: 'set a secure password here or it will be random'
    volumes:
      - './etc-pihole:/etc/pihole'
      - './etc-dnsmasq.d:/etc/dnsmasq.d'
    cap_add:
      - NET_ADMIN
    restart: unless-stopped

Configuring the Pi-Hole Configuration File

5. Before you save this file, there are three Docker options that you will want to reconfigure for Pi-Hole to suit your setup better.

Setting the Password for the Pi-Hole Web Interface

Out of all the things to configure, you will want to set a secure password before running the Pi-Hole container. Pi-Hole will randomly generate the password if you don’t set a value.

Begin by looking for the following line within the configuration file.

      # WEBPASSWORD: 'set a secure password here or it will be random'

Replace with the following, switching out “SECUREPASSWORD” with a secure password of your own. Try and use letters, numbers, and symbols.

If you want to generate secure passwords and store them securely, we recommend you check out the NordPass password manager (Affiliate link).

      WEBPASSWORD: 'SECUREPASSWORD'

Configuring the Web Interface Port of Pi-Hole

By default, we will set up the Docker container so Pi-Hole will be accessible through port 80 on your system. This could be problematic if you already have something operating on port 80.

To change this, you will want to find the following line and change the number on the left side of the colon (:).

      - "80:80/tcp"

For example, to change the port to “8080“, you would replace that line with the following.

      - "8080:80/tcp"

Setting the Time Zone for the Pi-Hole Docker Container

By default, the Pi-Hole docker container has been configured to use the “Chicago” time zone. It is possible, however, to adjust this to your local time zone.

You can find a list of valid time zone values on Wikipedia. The value you want to use is in the “TZ database name” column.

To adjust the time zone, find the following line within the file.

      TZ: 'America/Chicago'

Adjust this value to match your time zone. For example, for Hobart, Australia, we would utilize the line below.

      TZ: 'Australia/Hobart'

Saving the Docker-Compose File

6. Once you have made the above changes to the file, save and quit by pressing CTRL + X, followed by Y, then the ENTER key.

Disabling the Systemd-Resolve Service (Ubuntu Only)

7. If you are using an Ubuntu to run the Pi-Hole Docker container, you may need to disable the Systemd-resolve service.

The operating system uses this service to provide network name resolution. As Pi-Hole will want to operate on the same part the resolve service does, we need to disable it.

Start by stopping the systemd-resolve service by using the following command.

sudo systemctl stop systemd-resolve

8. With the service stopped, you will also want to disable it by using the command below.

Disabling the service will stop Ubuntu from starting it back up the next time you restart your device.

sudo systemctl disable systemd-resolve

9. With the “systemd-resolve” service now disabled, our next step is to modify the “/etc/resolv.conf” file to point to a different nameserver. By default, the nameserver will be configured to the systemd service.

Use the command below to begin modifying the configuration file.

sudo nano /etc/resolv.conf

10. You will want to find and replace the following line within this file.

nameserver 127.0.0.53

Replace it with the following. This changes the nameserver to Cloudflare’s 1.1.1.1 service.

nameserver 1.1.1.1

11. Once you have made changes to this file, save and quit by pressing CTRL + X, followed by Y, then the ENTER key.

Starting the Pi-Hole Docker Container

12. We can finally start up Pi-Hole’s Docker container on our Linux system.

All you need to do now is run the following command within the terminal.

sudo docker compose up -d

Please note this process can take a couple of minutes, depending on your device’s internet connection.

Accessing the Pi-Hole Web Interface

Now that we have the Pi-Hole docker container up and running on your system, we can proceed to use its web interface.

This web interface allows you to control all aspects of Pi-Hole on your system, so you won’t have to mess around with configuration files.

1. Before we begin, you will need to know the IP address of your device so that you can access the web interface.

The easiest way to get the local IP address is to use the hostname command.

hostname -I

2. With your local IP address, you will want to go to the following within your web browser.

Ensure you replace “IPADDRESS” with the IP you got in the previous step.

http://IPADDRESS/admin

If you changed the port away from “80“, you need to insert the port like shown below.

http://IPADDRESS:PORT/admin

3. You should now be greeted with the login page for Pi-Hole.

To log in, you must type in the password (1.) you set when writing the Docker configuration file earlier.

With your password typed in, click the “Log In” button (2.)

4. You now have access to the Pi-Hole dashboard running from within the Docker container.

5. With access to the dashboard, now is a good time to start changing your device’s DNS to use Pi-Hole.

We won’t be covering how exactly to do this in this guide. However, we have a guide that shows you how to change the DNS servers on Ubuntu.

When setting the DNS servers, you must use the IP belonging to the device you are running Pi-Hole on.

Updating the Pi-Hole Docker Container

Since we used Compose to set up the Pi-Hole Docker container, updating the software is straightforward.

In just a few short steps, you will upgrade to the latest available image.

1. Our first task is to change to the directory where we wrote the Compose file earlier.

You can change to this directory by running the command below.

cd /opt/stacks/pihole

2. After changing to this directory, we will want to tell Docker to download the latest version of the Pi-Hole image.

This is as simple as using “docker compose” followed by the “pull” command.

docker compose pull

3. The previous command pulls the latest image, but won’t update your already running container. Don’t worry, getting Docker to update a container to a new version is pretty simple.

Use the following command within the terminal to tell Docker to start up our Compose file. Docker will detect that Pi-Hole is already running and see that a new image is available. Upon detecting a new image, it will stop the current container and start it back up using the new one.

docker compose up -d

Conclusion

This tutorial shows you how to run Pi-Hole within a docker container on a Linux system.

Pi-Hole is a neat software that allows you to run a network-wide ad blocker easily. It works by handling your DNS requests and blocking domain names associated with ads.

Please comment below if you have any issues getting Pi-Hole to work within Docker.

We also have numerous other tutorials showing what you can achieve with Ubuntu.

Weekly Updates Straight To Your Inbox

Receive our Raspberry Pi projects, coding tutorials, Linux guides and more!

Subscribe