Pihole with nginx-proxy-manager

[samad20]

Since port 80 and 443 is reserved for Nginx, how can i install pi hole on docker?

[bpycinski]

There is no problem at all. Just map the port to anything other, e.g. 8080 See my docker-compose, it works very well:

services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    ports:
    - "8080:80/tcp"
    - "53:53/tcp"
    - "53:53/udp"
    - "67:67/udp"
    environment:
    - WEBPASSWORD=asecret
    - INTERFACE=eth0
    - USER_UID=1000
    - USER_GID=1000
    volumes:
    - ./volumes/pihole/etc-pihole/:/etc/pihole/
    - ./volumes/pihole/etc-dnsmasq.d/:/etc/dnsmasq.d/
    restart: unless-stopped
    networks:
    - internal_nw

But you can even get rid of publishing port 80. Just use npm to forward pihole.mydomain.com to pihole:80.

[scottpageindysoft]

I run the same on my network, and the solution above is correct. Have your router point 80 and 443 to NPM, then have NPM reverse proxy to all other sites, including PiHole web interface, internally

I've had zero issues with this, and I run 80 sites exposed through NPM.

All other internal sites can use any other port that doesn't conflict with others.

[asyba]

I run the same on my network, and the solution above is correct. Have your router point 80 and 443 to NPM, then have NPM reverse proxy to all other sites, including PiHole web interface, internally

I've had zero issues with this, and I run 80 sites exposed through NPM.

All other internal sites can use any other port that doesn't conflict with others.

what about using only for lan local? for example if I want to access some service with a NPM domain name example.service to 192.168.1.100:8989 ? I have pihole and NPM docker compose, but going to example.service is not happening nothing.

[BenJule]

i get an ERR_CONNECTION_TIMED_OUT in my browser!

Nginx-Proxy-Manager

version: '3'
services:
  nginx-proxy-manager:
    container_name: nginx-proxy-manager
    hostname: nginx-proxy-manager
    image: 'jc21/nginx-proxy-manager:latest'
    restart: unless-stopped
    ports:
      - '80:80'
      - '81:81'
      - '443:443'
    volumes:
      - /home/benlue/Docker/Nginx-Proxy-Manager/data:/data
      - /home/benlue/Docker/Nginx-Proxy-Manager/letsencrypt:/etc/letsencrypt

ip a

[root@docker-nginx-proxy-manager:/app]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
136: eth1@if137: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 172.17.0.2/16 brd 172.17.255.255 scope global eth1
       valid_lft forever preferred_lft forever

Pi-Hole:

version: "3"
 
services:
  pihole:
    container_name: pihole
    hostname: pi-hole
    image: pihole/pihole:latest
    ports:
      - "82:80/tcp"
      - "53:53/tcp"
      - "53:53/udp"
      - "67:67/udp"
    environment:
      TZ: 'Europe/Berlin'
      WEBPASSWORD: 'AweSomePass'
      INTERFACE: 'enp0s3'
    volumes:
      - '/var/run/docker.sock:/docker.sock'
      - '/home/benlue/Docker/Pihole/etc:/etc/pihole/'
      - '/home/benlue/Docker/Pihole/dnsmasq:/etc/dnsmasq.d/'
      - '/home/benlue/Docker/etc/resolv.conf:/etc/resolv.conf'
 
    restart: unless-stopped

ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
138: eth1@if139: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 172.17.0.3/16 brd 172.17.255.255 scope global eth1
       valid_lft forever preferred_lft forever

[valyrian84]

I have a similar setup and not sure why but all other containers are accessible, except my Pihole. I get HTTP ERROR 404.

The frustration is killing me. :)

[bmmmm]

@valyrian84 , if you want help, you need to provide more information about your concrete case. Such as providing your configuration / docker-compose from the relevant services and describe the situation/issue/ use case/ how you access it, with your own words. Looking forward to help you 😊

[valyrian84]

@bmmmm Absolutely. Here you go -

I have a few containers which includes a pihole instance and a nginx proxy manager instance and a few more.

I also run an UDM which is default-gateway to all the various VLANs and subnets that I have in the network. The Internet connection is directly to the UDM. I have ports 80-81, 443 forwarded to Nginx host in UDM.

I have also registered a few FQDNs in DuckDNS and I can see that I am able to resolve and PING from the internet fine.

I have added the FQDNs in the environment variables in my local DuckDNS container.

I have proxy hosts set in my Nginx Proxy for the target on the right host port for PiHole its set to the correct port which for me is 1010 which translates to 80 for the container. But I am not able to access it neither from inside or outside.

Local access using IP Address and port works fine.

I even removed SSL for the host to see if becomes accessible but it showed same results.

Note - I am able to access other containers from public internet fine with the same setup and configurations.

[bmmmm]

@valyrian84 - I haven't prepared an answer yet. in the last picture you expose your domain. just because you masqueraded it before ;)

What I think ^^: The machine is in your local network, right? I assume that UDM is your router, right?

screenshot from the browser: 404 because you enter via port 80 (http) and you might have no webserver running on your pihole on port 80.

telnet screenshot: you want to enter your network (router) on port 1010, but as you mentioned before, you only opened 80,81 and 443. If this device is in your local network, I wouldn't expose port 81 to the internet.

Feel free to correct me if I misunderstood your setup :)

[valyrian84]

@bmmmm Thanks for pointing out my naivety. The snippet has now been removed.

Coming back to the topic, my pihole is running on a Pi (along with other containers). The host port of 1010 is mapped to Pihole container's 80. As for the NPM config, I only have 80 and 443 opened in the NPM. The NPM is redirecting the incoming requests to actual hosting inside ports (1010 in the case of Pihole) based off the FQ URL.

I hope I was able to clarify your queries.

[crispybegs]

I run the same on my network, and the solution above is correct. Have your router point 80 and 443 to NPM, then have NPM reverse proxy to all other sites, including PiHole web interface, internally I've had zero issues with this, and I run 80 sites exposed through NPM. All other internal sites can use any other port that doesn't conflict with others.

what about using only for lan local? for example if I want to access some service with a NPM domain name example.service to 192.168.1.100:8989 ? I have pihole and NPM docker compose, but going to example.service is not happening nothing.

did you ever work this out? trying to find out how to do it myself at the moment

[github-actions[bot]]

Issue is now considered stale. If you want to keep it open, please comment :+1:

[flyingoctopus]

👍

[github-actions[bot]]

Issue is now considered stale. If you want to keep it open, please comment :+1: