# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/
# Generally I would not suggest sharing your pihole publicly without restriction so I will not be including anything here that would allow that.
services:
  tailscale-pihole:
      hostname: pihole # Assign a name this so that you can set your domain name ex. https://pihole.penguin-dory.ts.net 
      ports:
        - 53:53/tcp
        - 53:53/udp
        - 80:80/tcp
      image: tailscale/tailscale:latest
      environment:
        - TS_AUTHKEY= # BE SURE TO ADD YOUR KEY AS NOTHING WILL WORK          
        #- TS_EXTRA_ARGS=--advertise-tags=tag:container # Uncomment this if you want to add a tag to your node. Useful for access control lists.
        - TS_STATE_DIR=/var/lib/tailscale
        - TS_USERSPACE=true
        - TS_ACCEPT_DNS=false
        - TS_SERVE_CONFIG=/config/funnel.json
      volumes:
        - ${PWD}/config:/config
        - ${PWD}/tailscale:/var/lib/tailscale
        - /dev/net/tun:/dev/net/tun
      cap_add:
        - net_admin
        - sys_module
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    # For DHCP it is recommended to remove these ports and instead add: network_mode: "host"
    # ports:
    #   - "53:53/tcp"
    #   - "53:53/udp"
    #   - "67:67/udp" # Only required if you are using Pi-hole as your DHCP server
    #   - "80:80/tcp"
    environment:
      TZ: America/New_York
      WEBPASSWORD: #'set a secure password here or it will be random'
    # Volumes store your data between container upgrades
    volumes:
      - ./etc-pihole:/etc/pihole
      - ./etc-dnsmasq.d:/etc/dnsmasq.d
    #   https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
    #cap_add:
    #  - NET_ADMIN # Required if you are using Pi-hole as your DHCP server, else not needed
    restart: unless-stopped
    depends_on:
      - tailscale-pihole
    network_mode: service:tailscale-pihole