Acasă Explorează Ajutor
Autentificare
LBP
/
ChristianLempa_Boilerplates
oglindă de https://github.com/ChristianLempa/boilerplates.git
4
0
Bifurcare 0
Fisiere Probleme 0 Wiki
Arbore: 54f648fd59
Ramuri Etichete
ChristianLempa_...
/
library
/
compose
/
pihole
/
services
/
pihole.yaml.j2

pihole.yaml.j2 4.8 KB
Istoric Crud

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133 
  1. {#
    2. 

  2.   Pi-hole: Network-wide ad blocking and DNS privacy
    3. 

  3.   Provides DNS, DHCP, and ad blocking services
    4. 

  4. #}
    5. 

  5. services:
    6. 

  6.   {{ service_name }}:
    7. 

  7.     image: docker.io/pihole/pihole:2025.11.0
    8. 

  8.     {% if not swarm_enabled %}
    9. 

  9.     restart: {{ restart_policy }}
    10. 

  10.     {% if container_name %}
    11. 

  11.     container_name: {{ container_name }}
    12. 

  12.     {% endif %}
    13. 

  13.     {% endif %}
    14. 

  14.     {% if container_hostname %}
    15. 

  15.     hostname: {{ container_hostname }}
    16. 

  16.     {% endif %}
    17. 

  17.     environment:
    18. 

  18.       - TZ={{ container_timezone }}
    19. 

  19.       - PIHOLE_UID={{ user_uid }}
    20. 

  20.       - PIHOLE_GID={{ user_gid }}
    21. 

  21.       {% if swarm_enabled %}
    22. 

  22.       - WEBPASSWORD_FILE={{ service_name }}_webpassword
    23. 

  23.       {% else %}
    24. 

  24.       - FTLCONF_webserver_api_password=${WEBPASSWORD}
    25. 

  25.       {% endif %}
    26. 

  26.       {% if network_mode == 'bridge' %}
    27. 

  27.       - FTLCONF_dns_listeningMode=all
    28. 

  28.       {% endif %}
    29. 

  29.     {% if network_mode == 'host' %}
    30. 

  30.     network_mode: host
    31. 

  31.     {% elif network_mode == 'bridge' or network_mode == 'macvlan' or traefik_enabled %}
    32. 

  32.     networks:
    33. 

  33.       {% if traefik_enabled %}
    34. 

  34.       {{ traefik_network }}:
    35. 

  35.       {% endif %}
    36. 

  36.       {% if network_mode == 'macvlan' %}
    37. 

  37.       {{ network_name }}:
    38. 

  38.         ipv4_address: {{ network_macvlan_ipv4_address }}
    39. 

  39.       {% elif network_mode == 'bridge' %}
    40. 

  40.       {{ network_name }}:
    41. 

  41.       {% endif %}
    42. 

  42.     {% endif %}
    43. 

  43.     {% if network_mode == '' or network_mode == 'bridge' or traefik_enabled %}
    44. 

  44.     ports:
    45. 

  45.       {% if not traefik_enabled %}
    46. 

  46.       {% if swarm_enabled %}
    47. 

  47.       - target: 80
    48. 

  48.         published: {{ ports_http }}
    49. 

  49.         protocol: tcp
    50. 

  50.         mode: host
    51. 

  51.       - target: 443
    52. 

  52.         published: {{ ports_https }}
    53. 

  53.         protocol: tcp
    54. 

  54.         mode: host
    55. 

  55.       {% else %}
    56. 

  56.       - "{{ ports_http }}:80/tcp"
    57. 

  57.       - "{{ ports_https }}:443/tcp"
    58. 

  58.       {% endif %}
    59. 

  59.       {% endif %}
    60. 

  60.       {% if swarm_enabled %}
    61. 

  61.       - target: 53
    62. 

  62.         published: {{ ports_dns }}
    63. 

  63.         protocol: tcp
    64. 

  64.         mode: host
    65. 

  65.       - target: 53
    66. 

  66.         published: {{ ports_dns }}
    67. 

  67.         protocol: udp
    68. 

  68.         mode: host
    69. 

  69.       - target: 123
    70. 

  70.         published: {{ ports_ntp }}
    71. 

  71.         protocol: udp
    72. 

  72.         mode: host
    73. 

  73.       {% else %}
    74. 

  74.       - "{{ ports_dns }}:53/tcp"
    75. 

  75.       - "{{ ports_dns }}:53/udp"
    76. 

  76.       - "{{ ports_ntp }}:123/udp"
    77. 

  77.       {% endif %}
    78. 

  78.     {% endif %}
    79. 

  79.     volumes:
    80. 

  80.       {% if volume_mode == 'mount' %}
    81. 

  81.       - {{ volume_mount_path }}/dnsmasq:/etc/dnsmasq.d:rw
    82. 

  82.       - {{ volume_mount_path }}/pihole:/etc/pihole:rw
    83. 

  83.       {% else %}
    84. 

  84.       - {{ service_name }}-dnsmasq:/etc/dnsmasq.d
    85. 

  85.       - {{ service_name }}-pihole:/etc/pihole
    86. 

  86.       {% endif %}
    87. 

  87.     cap_add:
    88. 

  88.       - NET_ADMIN
    89. 

  89.       - SYS_TIME
    90. 

  90.     {% if swarm_enabled %}
    91. 

  91.     secrets:
    92. 

  92.       - {{ service_name }}_webpassword
    93. 

  93.     deploy:
    94. 

  94.       mode: replicated
    95. 

  95.       replicas: 1
    96. 

  96.       placement:
    97. 

  97.         constraints:
    98. 

  98.           - node.hostname == {{ swarm_placement_host }}
    99. 

  99.       restart_policy:
    100. 

  100.         condition: on-failure
    101. 

  101.       {% if traefik_enabled %}
    102. 

  102.       labels:
    103. 

  103.         - traefik.enable=true
    104. 

  104.         - traefik.docker.network={{ traefik_network }}
    105. 

  105.         - traefik.http.services.{{ service_name }}-web.loadBalancer.server.port=80
    106. 

  106.         - traefik.http.routers.{{ service_name }}-http.service={{ service_name }}-web
    107. 

  107.         - traefik.http.routers.{{ service_name }}-http.rule=Host(`{{ traefik_host }}.{{ traefik_domain }}`)
    108. 

  108.         - traefik.http.routers.{{ service_name }}-http.entrypoints={{ traefik_entrypoint }}
    109. 

  109.         {% if traefik_tls_enabled %}
    110. 

  110.         - traefik.http.routers.{{ service_name }}-https.service={{ service_name }}-web
    111. 

  111.         - traefik.http.routers.{{ service_name }}-https.rule=Host(`{{ traefik_host }}.{{ traefik_domain }}`)
    112. 

  112.         - traefik.http.routers.{{ service_name }}-https.entrypoints={{ traefik_tls_entrypoint }}
    113. 

  113.         - traefik.http.routers.{{ service_name }}-https.tls=true
    114. 

  114.         - traefik.http.routers.{{ service_name }}-https.tls.certresolver={{ traefik_tls_certresolver }}
    115. 

  115.         {% endif %}
    116. 

  116.       {% endif %}
    117. 

  117.     {% endif %}
    118. 

  118.     {% if traefik_enabled and not swarm_enabled %}
    119. 

  119.     labels:
    120. 

  120.       - traefik.enable=true
    121. 

  121.       - traefik.docker.network={{ traefik_network }}
    122. 

  122.       - traefik.http.services.{{ service_name }}-web.loadBalancer.server.port=80
    123. 

  123.       - traefik.http.routers.{{ service_name }}-http.service={{ service_name }}-web
    124. 

  124.       - traefik.http.routers.{{ service_name }}-http.rule=Host(`{{ traefik_host }}.{{ traefik_domain }}`)
    125. 

  125.       - traefik.http.routers.{{ service_name }}-http.entrypoints={{ traefik_entrypoint }}
    126. 

  126.       {% if traefik_tls_enabled %}
    127. 

  127.       - traefik.http.routers.{{ service_name }}-https.service={{ service_name }}-web
    128. 

  128.       - traefik.http.routers.{{ service_name }}-https.rule=Host(`{{ traefik_host }}.{{ traefik_domain }}`)
    129. 

  129.       - traefik.http.routers.{{ service_name }}-https.entrypoints={{ traefik_tls_entrypoint }}
    130. 

  130.       - traefik.http.routers.{{ service_name }}-https.tls=true
    131. 

  131.       - traefik.http.routers.{{ service_name }}-https.tls.certresolver={{ traefik_tls_certresolver }}
    132. 

  132.       {% endif %}
    133. 

  133.     {% endif %}
    134.