shad0w/homelab-voyager
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
homelab-voyager/dns/compose.yaml
Hardik 10b772807d feat: initial homelab docker stack commit 
Sets up the complete self-hosted infrastructure on Voyager (HP t630 thin client):

DNS Stack (dns/):
- Pi-hole for network-wide ad blocking
- Unbound as recursive DNS resolver
- dnscrypt-proxy for DNS-over-HTTPS via Cloudflare/Quad9

Services:
- Vaultwarden - self-hosted password manager (Bitwarden compatible)
- Forgejo - self-hosted git mirror (primary on PMS1, mirror here)
- Karakeep - self-hosted bookmark manager
- Resilio Sync - P2P sync for PMS1 database backups

Tunneling:
- Newt - Pangolin tunnel client for exposing services via
  tunnel.pelagiamarine.com without open ports

All services exposed externally via Pangolin reverse proxy on PMS1.
Local DNS resolves through Pi-hole → Unbound → dnscrypt-proxy chain.
2026-06-03 23:45:19 +00:00

57 lines
1.3 KiB
YAML
Raw Blame History

networks:
dns_net:
driver: bridge
ipam:
config:
- subnet: 172.20.0.0/24
services:
dnscrypt-proxy:
image: klutchell/dnscrypt-proxy:latest
container_name: dnscrypt-proxy
restart: unless-stopped
networks:
dns_net:
ipv4_address: 172.20.0.3
volumes:
- ./dnscrypt/dnscrypt-proxy.toml:/config/dnscrypt-proxy.toml:ro
- ./dnscrypt/cache:/config
healthcheck:
test: ["CMD", "wget", "-q", "--spider", "http://localhost:8053"]
interval: 10s
timeout: 5s
retries: 5
unbound:
build: ./unbound
container_name: unbound
restart: unless-stopped
networks:
dns_net:
ipv4_address: 172.20.0.2
volumes:
- ./unbound/unbound.conf:/etc/unbound/unbound.conf:ro
- ./unbound/root.hints:/etc/unbound/root.hints:ro
pihole:
image: pihole/pihole:latest
container_name: pihole
restart: unless-stopped
networks:
dns_net:
ipv4_address: 172.20.0.4
ports:
- "53:53/tcp"
- "53:53/udp"
- "80:80/tcp"
- "443:443/tcp"
environment:
TZ: 'Asia/Kolkata'
FTLCONF_webserver_api_password: 'changeme'
FTLCONF_dns_listeningMode: 'all'
FTLCONF_dns_upstreams: '172.20.0.2#5335'
volumes:
- ./etc-pihole:/etc/pihole
cap_add:
- NET_ADMIN
Reference in a new issue View git blame Copy permalink