docker-pi-hole VS caddy-docker-proxy

My setup is on a nanopi running FriendlyWRT/OpenWRT with Docker installed. PiHole is easy to run from docker - have a look at https://github.com/pi-hole/docker-pi-hole/

Pi-hole (Docker Tag 2024.07.0 Pi-hole v5.18.3 FTL v5.25.2 Web Interface v5.21) configuration

Yesterday I deployed the official pi hole docker container on my raspberry pi 3 and set a custom DNS address on my phone addressing to the pi.

#pihole   pihole:     container_name: pihole     image: pihole/pihole:latest     ports:       - target: 53         published: 53         protocol: tcp         mode: host       - target: 53         published: 53         protocol: udp         mode: host       - "67:67/udp"       - "8070:80/tcp"       - "8073:443/tcp"     environment:       TZ: 'America/Indianapolis'       WEBPASSWORD: #'TEMP_PASSWORD' #'set a secure password here or it will be random'       WEBPASSWORD_FILE: '/etc/pihole/adminpw.txt'     # Volumes store your data between container upgrades     volumes:       - '~/pihole/etc-pihole:/etc/pihole'       - '~/pihole/etc-dnsmasq.d:/etc/dnsmasq.d'     #   https://github.com/pi-hole/docker-pi-hole#note-on-capabilities     cap_add:       - NET_ADMIN # Recommended but not required (DHCP needs NET_ADMIN)     #network_mode: host     restart: unless-stopped     #UPTIME KUMA   uptime_kuma:     image: louislam/uptime-kuma:1     container_name: uptime-kuma     volumes:      - uptime-kuma:/app/data     ports:      - 8060:3001     restart: always

version: "3" # More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/ networks: dns_net: driver: bridge ipam: config: - subnet: 10.2.0.0/24 services: pihole: depends_on: [unbound] container_name: pihole image: pihole/pihole:latest hostname: pihole networks: dns_net: ipv4_address: 10.2.0.100 ports: - "5335:53/tcp" - "5335:53/udp" - "7000:80/tcp" environment: TZ: ${TZ} WEBPASSWORD: ${PWD} FTLCONF_LOCAL_IPV4: ${HOST_IP} # Set to server's LAN IP, used by web block modes. PIHOLE_DNS_: 10.2.0.200 # Upstream DNS server(s) for Pi-hole to forward queries to, separated by a semicolon DNSMASQ_LISTENING: all # "Listen on all interfaces, permit all origins" # Volumes store your data between container upgrades volumes: - /var/lib/docker/volumes/pihole/etc-pihole:/etc/pihole - /var/lib/docker/volumes/pihole/etc-dnsmasq.d:/etc/dnsmasq.d healthcheck: disable: true restart: unless-stopped unbound: # https://github.com/MatthewVance/unbound-docker container_name: unbound image: mvance/unbound:latest hostname: unbound networks: dns_net: ipv4_address: 10.2.0.200 ports: - "${HOST_IP}:53:53/udp" - "${HOST_IP}:53:53/tcp" healthcheck: disable: true restart: unless-stopped

services: pihole: container_name: pihole image: pihole/pihole:latest hostname: pihole # Container hostname (optional) domainname: mynetwork.local # Container domain (optional) mac_address: f7:55:63:b0:68:83 # Random MAC address (optional) networks: virtualnet: # Name of macvlan ipv4_address: 192.168.100.249 # Desired IP for pihole dns: - 127.0.0.1 - 1.1.1.1 ports: - "53:53/tcp" - "53:53/udp" - "67:67/udp" - "80:80/tcp" - "443:443/tcp" volumes: - ./pihole-configs/:/etc/pihole/ - ./dnsmasq.d-configs/:/etc/dnsmasq.d/ # DNSMASQ_USER # https://github.com/pi-hole/docker-pi-hole/issues/963 # https://github.com/pi-hole/docker-pi-hole/blob/master/README.md#upgrade-notes environment: FTLCONF_LOCAL_IPV4: 10.59.0.6 # Desired IP for pihole VIRTUAL_HOST: pihole.mynetwork.local DNSMASQ_USER: root PIHOLE_DNS_: 1.1.1.1;1.0.0.1;2606:4700:4700::1111;2606:4700:4700::1001 restart: unless-stopped # Set container to always restart

You could have a look at docker and try to run a more recent Ubuntu image on the Nano https://github.com/pi-hole/docker-pi-hole

My advice would be either use the docker-pi-hole documentation/quick start, or contact the content creator.

Sticky sessions are supported: https://caddyserver.com/docs/caddyfile/directives/reverse_pr..., and yes it's pluggable so you could write your own LB policy. Very easy, just copy the code from Caddy's source to write your own plugin. Let us know if you need help.

Also yes, Caddy does service discovery if you use https://github.com/lucaslorentz/caddy-docker-proxy, configuration via Docker labels. Or you can use dynamic upstreams (built-in) https://caddyserver.com/docs/caddyfile/directives/reverse_pr... to use A/AAAA or SRV DNS records to load your list of upstreams.

Caddy via Caddy Docker Proxy (network).

https://github.com/lucaslorentz/caddy-docker-proxy

It handles the routing to multiple dockerized projects on one server, by scanning docker compose files for labels and automatically setting up the required caddy configuration.

My go to is always this instead:

https://github.com/lucaslorentz/caddy-docker-proxy

Single label to a docker container and with correct DNS you’ll have an automatically managed certificate right away.

I have had a great experience with using this: https://github.com/lucaslorentz/caddy-docker-proxy

It combines caddy with docker-compose labels, making it super easy to spin up new projects that can immediately be exposed.

If you want a slightly heavier but more robust solution, caddy-docker-proxy[0] is a plugin that listens to the Docker socket and automatically updates the Caddy configuration based on Docker labels you add to containers.

I.e. it makes Caddy act a bit more like Traefik. Most of the time, you'll just add the label `caddy.reverse_proxy={{upstreams http 8080}}` to your containers and the plugin will regenerate Caddy's configuration whenever the container is modified.

[0] https://github.com/lucaslorentz/caddy-docker-proxy

I disagree, Caddy works great in Docker. See https://caddyserver.com/docs/running#docker-compose, and CDP is a project that autoconfigures Caddy from labels https://github.com/lucaslorentz/caddy-docker-proxy. Regarding plugins, it's super simple to write a Dockerfile to add plugins, we ship a builder image variant that can be used to compile in any plugins you want.

````

This way, Caddy will buffer the request and give 30 seconds for your new service to get online when you're deploying a new version.

Ideally, during deployment of a new version the new version should go live and healthy before caddy starts using it (and kills the old container). I've looked at https://github.com/Wowu/docker-rollout and https://github.com/lucaslorentz/caddy-docker-proxy but haven't had time to prioritize it yet.

Docker labels support is available via a plugin https://github.com/lucaslorentz/caddy-docker-proxy