Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Save shawnhank/9b3435aa6ef002bc8e6d5cc544b3ca7c to your computer and use it in GitHub Desktop.
Save shawnhank/9b3435aa6ef002bc8e6d5cc544b3ca7c to your computer and use it in GitHub Desktop.
Add a PiHole instance on a macvlan enabled Docker network (Synology eth0 example)
#!/bin/bash
# NAS IP: 192.168.1.10 in this example
# DHCP scope reservation for macvlan: 192.168.1.210/28 (Details below)
## Network: 192.168.1.210/28
## HostMin: 192.168.1.211
## HostMax: 192.168.1.224
## Hosts/Net: 14
# Create a Synology macvlan0 bridge network attached to the physical eth0, and add the ip range scope (sudo)
ip link add macvlan0 link eth0 type macvlan mode bridge
# Specify part of the eth0 scope you'd like to reserve for macvlan0
ip addr add 192.168.1.210/28 dev macvlan0
# Bring up the macvlan0 adapter
ip link set macvlan0 up
# Check virtual adapter status with ifconfig
ifconfig
# Output should be something like this:
macvlan0 Link encap:Ethernet HWaddr 92:8D:43:0E:E2:D8
inet addr:192.168.1.210 Bcast:0.0.0.0 Mask:255.255.255.240
inet6 addr: fe80::908d:43ff:fe0e:e2d8/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:79 errors:0 dropped:0 overruns:0 frame:0
TX packets:48 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:34863 (34.0 KiB) TX bytes:16322 (15.9 KiB)
# Create a macvlan Docker network using eth0
docker network create --driver=macvlan --gateway=192.168.1.1 --subnet=192.168.1.0/24 --ip-range=192.168.1.210/28 -o parent=eth0 macvlan
# It's also possible to create a scheduled task at startup as the root user, it's wise to append the following in front of the above commands
while ! ip link show eth0 | grep -q 'state UP'; do
sleep 1
done
# Perform a basic test with NGINX
docker run --net=macvlan -dit --name nginx-test-01 --ip=192.168.1.211 nginx:alpine nginx-debug -g 'daemon off;'
# Browse to http://192.168.1.211 in your local network, you should see the nginx welcome page! ...Don't forget to remove the container afterwards...
docker rm nginx-test-01 --force
# Now start PiHole on a macvlan enabled IP address f.e.
# Also I've added a fake mac address so the container always uses the samen mac, handy to make a reservation in your DHCP scope or do whatever you like to do with it.
DOCKERHOME=<some path>
NAME=pihole-macvlan
IMAGE=pihole/pihole
docker run --detach \
--name ${NAME} \
--restart always \
--volume /etc/localtime:/etc/localtime:ro \
--volume ${DOCKERHOME}/data/${NAME}/config:/etc/pihole \
--volume ${DOCKERHOME}/data/${NAME}/dnsmasq.d:/etc/dnsmasq.d \
--cap-add NET_ADMIN \
--dns=127.0.0.1 \
--dns=1.1.1.1 \
--env "DNS1=1.1.1.1" \
--env "DNS2=1.0.0.1" \
--env "ServerIP=192.168.1.212" \
--env "DNSMASQ_LISTENING=all" \
--env "WEBPASSWORD=<secret>" \
--env "TZ=Europe/Amsterdam" \
--network macvlan \
--ip "192.168.1.212" \
--mac-address "02:42:c0:a8:01:d7" \
${IMAGE}
# Cleanup macvlan
ip link set macvlan0 down
ip link delete macvlan0
docker network rm macvlan
# Happy days!
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment