Here is an easy way to setup a Wireguard VPN server, Pi-hole & Unbound on a Raspberry Pi.
Note:
- Set
private-domain: "ketanvijayvargiya.com"in unbound.conf file and restart the container. (In Portainer, it was located in the /var/lib/docker/volumes/wireguard-pihole-unbound_unbound_config/_data directory.)
version: "3.8"
services:
unbound:
image: mvance/unbound-rpi:latest
restart: unless-stopped
volumes:
- unbound_config:/opt/unbound/etc/unbound/
networks:
wg-easy:
ipv4_address: 10.8.1.4
wg-easy:
depends_on: [unbound, pihole]
environment:
- WG_HOST=...
- PASSWORD=
- WG_DEFAULT_DNS=10.8.1.3
- WG_DEFAULT_ADDRESS=10.8.0.x
image: weejewel/wg-easy
volumes:
- wg-easy:/etc/wireguard
ports:
- "51820:51820/udp"
- "51821:51821/tcp"
restart: unless-stopped
cap_add:
- NET_ADMIN
- SYS_MODULE
sysctls:
- net.ipv4.ip_forward=1
- net.ipv4.conf.all.src_valid_mark=1
networks:
wg-easy:
ipv4_address: 10.8.1.2
pihole:
depends_on: [unbound]
image: pihole/pihole
dns:
- 127.0.0.1
environment:
- TZ=America/Los_Angeles
- WEBPASSWORD=
- ServerIP=10.8.1.3
- PIHOLE_DNS_=10.8.1.4
- DNSSEC=true
volumes:
- pihole_config:/etc/pihole
- pihole_dnsmasq:/etc/dnsmasq.d
ports:
- "9001:80/tcp"
cap_add:
- NET_ADMIN
restart: unless-stopped
networks:
wg-easy:
ipv4_address: 10.8.1.3
networks:
wg-easy:
ipam:
config:
- subnet: 10.8.1.0/24
volumes:
pihole_config:
pihole_dnsmasq:
wg-easy:
unbound_config: