Pi-hole in a Docker Container on a Raspberry Pi

While I was disappearing down a rabbit hole investigating unbound as a DNS Privacy server, I came across Pi-Hole – A black hole for Internet advertisements.

I’ve always used uBlock Origin for ad blocking but that is a per client thing which is a bit of a hassle.

Pi-hole provides ad blocking for all clients on the network, seamlessly.  I just configure DNS on each client, via DHCP, to point towards the Pi-Hole server.

Obviously, I love Docker so it’s in a Docker Container on a Raspberry Pi.

Currently, I’ve sacrificed DNS privacy but I’ll work on that later in terms of getting Pi-hole to send all DNS queries through my own DNS server.

This is how I implemented it.  Obviously, these aren’t detailed instructions but more of a reference to jog my memory if I need it!

Note: Substitute the IP address of the host that the Container is running on for ${IP} and ${IPv6}

docker run -d \
    --name=pihole \
    --hostname=pihole \
    -p 53:53/tcp -p 53:53/udp -p 80:80 \
    -e ServerIP="${IP}" \
    -e ServerIPv6="${IPv6}" \
    -v pihole_data_1:/etc/pihole/ \
    -v pihole_data_2:/etc/dnsmasq.d/ \
    --restart=unless-stopped \



Raspberry Pi Docker Container to send all LAN DNS requests to Cloudflare’s DNS over TLS

I wanted to implement this on a Raspberry Pi that I have running Docker.  However, I wasn’t able to find an image in Docker Hub for the ARM architecture that the Raspberry Pi uses so I made my own based on the x86-64 image, here.

  • Place the Dockerfile and unbound.conf in the same directory.
  • Docker file:
FROM arm32v6/alpine:3.7
EXPOSE 53/udp
RUN apk add --update --no-cache -q --progress unbound && \
    rm -rf /etc/unbound/unbound.conf /var/cache/apk/*
COPY unbound.conf /etc/unbound/unbound.conf
ENTRYPOINT unbound -d
  • unbound.conf:
  verbosity: 0
  use-syslog: no
  qname-minimisation: yes
  do-tcp: yes
  prefetch: yes
  rrset-roundrobin: yes
  use-caps-for-id: yes
  do-ip4: yes
  do-ip6: no
  access-control: allow
  name: "."
  forward-addr: [email protected]
  forward-addr: [email protected]
  forward-ssl-upstream: yes


  • Build the Docker image:
docker build -t itinnovations/cloudflaretlsdns:latest .


  • Start a container as a daemon from the above image:
docker run -d \
  --name=CloudflareTLSDNS \
  --restart=unless-stopped \
  -p 53:53/udp \


  • Configure all clients to point to the IP address of the Docker Host for DNS.