Forked from xirixiz/pihole-macvlan-synology-docker.txt
Created
August 6, 2021 21:47
-
-
Save shawnhank/9b3435aa6ef002bc8e6d5cc544b3ca7c to your computer and use it in GitHub Desktop.
Add a PiHole instance on a macvlan enabled Docker network (Synology eth0 example)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# NAS IP: 192.168.1.10 in this example | |
# DHCP scope reservation for macvlan: 192.168.1.210/28 (Details below) | |
## Network: 192.168.1.210/28 | |
## HostMin: 192.168.1.211 | |
## HostMax: 192.168.1.224 | |
## Hosts/Net: 14 | |
# Create a Synology macvlan0 bridge network attached to the physical eth0, and add the ip range scope (sudo) | |
ip link add macvlan0 link eth0 type macvlan mode bridge | |
# Specify part of the eth0 scope you'd like to reserve for macvlan0 | |
ip addr add 192.168.1.210/28 dev macvlan0 | |
# Bring up the macvlan0 adapter | |
ip link set macvlan0 up | |
# Check virtual adapter status with ifconfig | |
ifconfig | |
# Output should be something like this: | |
macvlan0 Link encap:Ethernet HWaddr 92:8D:43:0E:E2:D8 | |
inet addr:192.168.1.210 Bcast:0.0.0.0 Mask:255.255.255.240 | |
inet6 addr: fe80::908d:43ff:fe0e:e2d8/64 Scope:Link | |
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 | |
RX packets:79 errors:0 dropped:0 overruns:0 frame:0 | |
TX packets:48 errors:0 dropped:0 overruns:0 carrier:0 | |
collisions:0 txqueuelen:1 | |
RX bytes:34863 (34.0 KiB) TX bytes:16322 (15.9 KiB) | |
# Create a macvlan Docker network using eth0 | |
docker network create --driver=macvlan --gateway=192.168.1.1 --subnet=192.168.1.0/24 --ip-range=192.168.1.210/28 -o parent=eth0 macvlan | |
# It's also possible to create a scheduled task at startup as the root user, it's wise to append the following in front of the above commands | |
while ! ip link show eth0 | grep -q 'state UP'; do | |
sleep 1 | |
done | |
# Perform a basic test with NGINX | |
docker run --net=macvlan -dit --name nginx-test-01 --ip=192.168.1.211 nginx:alpine nginx-debug -g 'daemon off;' | |
# Browse to http://192.168.1.211 in your local network, you should see the nginx welcome page! ...Don't forget to remove the container afterwards... | |
docker rm nginx-test-01 --force | |
# Now start PiHole on a macvlan enabled IP address f.e. | |
# Also I've added a fake mac address so the container always uses the samen mac, handy to make a reservation in your DHCP scope or do whatever you like to do with it. | |
DOCKERHOME=<some path> | |
NAME=pihole-macvlan | |
IMAGE=pihole/pihole | |
docker run --detach \ | |
--name ${NAME} \ | |
--restart always \ | |
--volume /etc/localtime:/etc/localtime:ro \ | |
--volume ${DOCKERHOME}/data/${NAME}/config:/etc/pihole \ | |
--volume ${DOCKERHOME}/data/${NAME}/dnsmasq.d:/etc/dnsmasq.d \ | |
--cap-add NET_ADMIN \ | |
--dns=127.0.0.1 \ | |
--dns=1.1.1.1 \ | |
--env "DNS1=1.1.1.1" \ | |
--env "DNS2=1.0.0.1" \ | |
--env "ServerIP=192.168.1.212" \ | |
--env "DNSMASQ_LISTENING=all" \ | |
--env "WEBPASSWORD=<secret>" \ | |
--env "TZ=Europe/Amsterdam" \ | |
--network macvlan \ | |
--ip "192.168.1.212" \ | |
--mac-address "02:42:c0:a8:01:d7" \ | |
${IMAGE} | |
# Cleanup macvlan | |
ip link set macvlan0 down | |
ip link delete macvlan0 | |
docker network rm macvlan | |
# Happy days! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment