Pi-hole and Cloudflare Tunnel Client Using Docker Compose

Using Docker Compose to run Pi-hole and Cloudflare Tunnel Client together to achieve DNS-Over-HTTPS.

Requirements

• macOS Monterey (12.16.x) or later
• Docker Desktop 4.14.x or later

Instructions

1. In ./web-password directory, rename password.sample.txt to password.txt

2. Change the content of password.txt file to set a password for Pi-hole's administrative UI.

3. Make sure Docker Desktop is running by running the following command in the terminal.

docker --version

It should return something like this

Docker version 20.10.21, build baeda1f

4. You can change the configuration values of Pi-hole and Cloudflare Tunnel Client in the docker-compose.yml file.

   • Docker Pi-Hole's Environment Variables
   • Cloudflare Tunnel Client's Environment Variables

5. To start run start-pihole.sh

sudo ./start-pihole.sh

This bash script will:

1. Start Docker Compose in detached mode.
2. Clear the WiFi DNS server
3. Set the WiFi DNS server to localhost (127.0.0.1) which Pi-hole will run on TCP port 53

Stop Docker Compose and Reset WiFi DNS

Run stop-pihole.sh

sudo ./stop-pihole.sh

Pi-hole Web Admin

Once the Pi-hole docker started, you can access Pi-hole's web admin UI at http://localhost:8061/admin.

Enter a password you set in ./web-password/password.txt file.

You can check the Upstream DNS Serves settings and you should see it set to Cloudflare Tunnel Client.