Pihole DNS

Created on July 10, 2025

2025   ·   homelab   ·   sysadmin

Purpose</u>

Docker Compose

Pi hole is a custom self-hosted DNS, DHCP and NTP server. It is primarily used for network-wide domain blocking for domains that are known to supply ads. It can also resolve local domains by adding them to a something list.

Pi hole can be good for gathering statistics on a network, act as a layer of defence blocking potentially known sites that could supply harmful material and also gives DNSSEC, allowing for a more private and secure DNS query.

services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    ports:
      - 53:53
      - 53:53/udp
    environment:
      PIHOLE_UID: pihole    # set to pihole user and group
      PIHOLE_GID: pihole
      TZ: auto
      FTLCONF_webserver_api_password: 'placeholder'
      FTLCONF_dns_listeningMode: 'all'
    volumes:
      - '/usr/pihole:/etc/pihole'
    restart: always

Pi hole seems to get picky when it comes to privileges and doesn’t like its capabilities dropped or have the no new privileges security opt assigned to it. The container needs to be run as root but can be run as another user inside the container using its environment variables.

There should be no outside access to this container anyway to the risk is low.



Enjoy Reading This Article?

Here are some more articles you might like to read next:

  • picoCTF - DISKO
  • picoCTF - Forensics in CTF's IV
  • picoCTF - Forensics in CTF's III