From 6c8f7d83b6aa6e9e867c4bab91ca302bc4475569 Mon Sep 17 00:00:00 2001 From: Joey Hafner Date: Sat, 4 Mar 2023 20:55:13 -0800 Subject: [PATCH] Add wyse pihole to traefik --- router/config/StrongCommission.conf | 107 +++++++++++++++++++++++ router/config/pihole.md | 40 +++++++++ server/config/traefik/config/pihole.yaml | 15 +++- 3 files changed, 161 insertions(+), 1 deletion(-) create mode 100644 router/config/StrongCommission.conf create mode 100644 router/config/pihole.md diff --git a/router/config/StrongCommission.conf b/router/config/StrongCommission.conf new file mode 100644 index 0000000..24061d7 --- /dev/null +++ b/router/config/StrongCommission.conf @@ -0,0 +1,107 @@ +container { + name pihole { + description Pihole + environment PIHOLE_DNS_ { + value "1.1.1.1;8.8.8.8" + } + environment QUERY_LOGGING { + value false + } + environment TZ { + value America/Eastern + } + image pihole/pihole:latest + network pihole-net { + address 172.20.0.10 + } + } + network pihole-net { + prefix 172.20.0.0/24 + } +} +interfaces { + ethernet eth0 { + address dhcp + } + ethernet eth1 { + address 10.0.0.1/24 + } + loopback lo { + } +} +nat { + source { + rule 100 { + outbound-interface eth0 + source { + address 10.0.0.0/24 + } + translation { + address masquerade + } + } + } +} +service { + dns { + forwarding { + allow-from 10.0.0.0/24 + cache-size 0 + listen-address 10.0.0.1 + name-server 172.20.0.10 + } + } + ssh { + port 22 + } +} +system { + config-management { + commit-revisions 100 + } + conntrack { + modules { + ftp + h323 + nfs + pptp + sip + sqlnet + tftp + } + } + console { + device ttyS0 { + speed 115200 + } + } + host-name vyos + login { + user vyos { + authentication { + encrypted-password REDACTED + plaintext-password "" + } + } + } + name-server 1.1.1.1 + name-server 8.8.8.8 + ntp { + server time1.vyos.net { + } + server time2.vyos.net { + } + server time3.vyos.net { + } + } + syslog { + global { + facility all { + level info + } + facility protocols { + level debug + } + } + } +} diff --git a/router/config/pihole.md b/router/config/pihole.md new file mode 100644 index 0000000..858b7c5 --- /dev/null +++ b/router/config/pihole.md @@ -0,0 +1,40 @@ +Adding a Pihole container has hit a few roadblocks. +Here is the basic container configuration I attempted to use: + +``` +container name pihole { + cap-add net-admin + environment TZ { + value America/Los_Angeles + } + environment WEBPASSWORD { + value Raider8-Payable-Veto-Dictation + } + image pihole/pihole + memory 256 + network default { + address 172.18.0.2 + } + port dns { + destination 53 + source 53 + } + port webui { + destination 80 + source 80 + } + volume pihole_dnsmasq { + destination /etc/dnsmasq + source /home/vyos/container/pihole/dnsmasq + } + volume pihole_pihole { + destination /etc/pihole + source /home/vyos/container/pihole/pihole + } +} +network default { + prefix 172.18.0.0/16 +} +``` + +With this configuration, we see the Pihole is failing to bring up the DNS service due to a port collision. \ No newline at end of file diff --git a/server/config/traefik/config/pihole.yaml b/server/config/traefik/config/pihole.yaml index 785fab0..5d34115 100644 --- a/server/config/traefik/config/pihole.yaml +++ b/server/config/traefik/config/pihole.yaml @@ -8,9 +8,22 @@ http: service: "pi-pihole@file" tls: certResolver: "lets-encrypt" + wyse-pihole: + rule: "Host(`wyse.pihole.jafner.net`)" + entryPoints: "websecure" + middlewares: + - "lan-only@file" + service: "wyse-pihole@file" + tls: + certResolver: "lets-encrypt" + services: pi-pihole: loadBalancer: servers: - - url: "http://192.168.1.21/" \ No newline at end of file + - url: "http://192.168.1.21/" + wyse-pihole: + loadBalancer: + servers: + - url: "http://192.168.1.32/" \ No newline at end of file