services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    hostname: pihole
    domainname: ${DOMAIN_NAME} # your local domain name
    #mac_address: de:ad:be:ef:ff:01 # can change or leave this
    #cap_add: # only needed if doing DHCP
     # - NET_ADMIN
    restart: unless-stopped
    
    secrets:
      - piholepass
    
    networks:
      pihole_network: # same as network specified below
        ipv4_address: ${Pihole_IP} # the IP of the pihole container
    
    dns:
      - 127.0.0.1 # use local DNS 
    
    ports:
      - "53:53/tcp" #DNS
      - "53:53/udp" #DNS
     #- "67:67/udp" #DHCP
      - "80:80/tcp" #HTTP
      - "443:443/tcp" #HTTPS
    
    volumes: # mount our data volumes.
      - "/srv/docker/pihole/pihole:/etc/pihole"
      - "/srv/docker/pihole/dnsmasq.d:/etc/dnsmasq.d"
    
    environment: # set variables for pihole configuration.
      ServerIP: ${Pihole_IP} # must match ipv4_address above
      FTLCONF_LOCAL_IPV4: ${Pihole_IP}
      PIHOLE_DNS_: ${Pihole_IP}
      DNSSEC: "false"
      VIRTUAL_HOST: ${SERVICE_NAME}.${DOMAIN_NAME}  # Must be hostname + domainname from above
      #WEBPASSWORD: "randompassword"
      WEBPASSWORD_FILE: "/run/secrets/piholepass"
      TZ: "America/Chicago"
    labels:
      ### Auto create icon on Flame dashboard
      - flame.type=application
      - flame.name=${SERVICE_NAME}
      - flame.url=https://${SERVICE_NAME}.${DOMAIN_NAME}/admin
      - flame.icon=https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/svg/pi-hole.svg
      ### Enable Traefik
      #- traefik.enable=true
      #- traefik.docker.network=traefik_network
      ### For HTTP
      #- traefik.http.routers.${SERVICE_NAME}.rule=Host(`${SERVICE_NAME}.${DOMAIN_NAME}`)
      #- traefik.http.routers.${SERVICE_NAME}.entrypoints=web
      ### For HTTPS
      #- traefik.http.routers.${SERVICE_NAME}-https.tls=true
      #- traefik.http.routers.${SERVICE_NAME}-https.tls.certresolver=cloudflare
      #- traefik.http.routers.${SERVICE_NAME}-https.entrypoints=websecure
      #- traefik.http.routers.${SERVICE_NAME}-https.rule=Host(`${SERVICE_NAME}.${DOMAIN_NAME}`)
      ### Monitor with uptime-kuma
      - kuma.monitoring.group.name=Docker Containers
      - kuma.${SERVICE_NAME}.docker.parent_name=monitoring
      - kuma.${SERVICE_NAME}.docker.name=${SERVICE_NAME}
      - kuma.${SERVICE_NAME}.docker.type=docker
      - kuma.${SERVICE_NAME}.docker.docker_container=${SERVICE_NAME}
      - kuma.${SERVICE_NAME}.docker.docker_host=1
      - 'kuma.${SERVICE_NAME}.docker.tag_names=[{"name": "docker_tag"}]'

secrets:
  piholepass:
    file: "/srv/docker/pihole/piholepass.txt"
    
networks:
  pihole_network:   # externally created network
    external: true