This web page (Set up a PiHole using Docker MacVlan Networks) is great and got me there, but here are notes on how I fixed it globally. I use many stacks.
You need MACVLAN network to fake an external IP for the DNS/DHCP server or it does not work (the requests don’t come through docker). But if you make a macvlan IP address, by design the host cannot see that IP address! You have to make a bridge.
If that bridge is local to the docker compose file, then only that stack can see it. For all stacks to see it you need to make a new macvlan and bridge network globally (I did this in portainer).
Steps to create:
1. Make a macvlan configuration
name: pihole-macvlan-config
Interface: eth0
IPV4 Subnet - 192.168.0.0/24 IPV4 Gateway - 192.168.0.1
IPV4 IP Range - 192.168.0.8/29
2. Make the macvlan using that configuration (just select the configuration and give it a name)
name: pihole-macvlan
driver: macvlan
3. Set up the bridge
name: pihole-bridge
IPV4 Subnet - 10.123.0.0/24
4. In pihole set up the brige ip address.
networks:
pihole-macvlan:
ipv4_address: 192.168.0.10
pihole-bridge:
ipv4_address: 10.123.0.2
5. Use nmtui to change the host “dockerbox” DNS to 10.123.0.2 and give it a fixed IP address. All the containers will look for that for the DNS but need pihole-bridge network to see it.
sudo nmtui
6. In each container that needs pihole you add the network pihole-bridge
e.g.
tasmoadmin:
container_name: tasmoadmin
image: ghcr.io/tasmoadmin/tasmoadmin:latest
volumes:
- ./tasmoadmin-data:/data
ports:
- 9541:80
restart: unless-stopped
depends_on:
- homeassistant
networks:
- mqtt
- pihole-bridge