version: '3.7' services: pihole: image: cbcrowe/pihole-unbound:latest ports: - 53:53/tcp - 53:53/udp - 45677:80 environment: - TZ=Europe/Paris - WEBPASSWORD=z9w1r0FvKKvuLdXIygDlhidUhinERhOKZTBJtOXCMaFLi1dZvh0f2vsy9miDqsFu - WEBTHEME=default-dark - REV_SERVER=false - PIHOLE_DNS_=127.0.0.1#5335 - DNSSEC=true - DNSMASQ_LISTENING=all - FTLCONF_REPLY_ADDR4=192.168.1.220 - FTLCONF_RATE_LIMIT=0/0 - FTL_CMD=debug - DNSMASQ_USER=root volumes: - /mnt/nfs/pihole/config:/etc/pihole - /mnt/nfs/pihole/dnsmasq.d:/etc/dnsmasq.d networks: - external deploy: mode: replicated replicas: 1 restart_policy: condition: any max_attempts: 3 labels: - "traefik.enable=true" - "traefik.http.routers.pihole.rule=Host(`pihole.bxl.bhasher.com`)" - "traefik.http.routers.pihole.entrypoints=internalsecure" - "traefik.http.services.pihole.loadbalancer.server.port=80" - "traefik.http.routers.pihole.tls=true" - "traefik.http.routers.pihole.tls.certresolver=http" placement: constraints: - node.labels.POWER == true depends_on: - system_traefik - system_nfs networks: external: external: true