matthauck · October 7, 2018 20:45 · Oct 7, 2018
diff --git a/1. run.sh b/1. run.sh
@@ -0,0 +1,51 @@
+#!/bin/bash
+
+set -e
+
+pushd cloudflared
+docker build . -t cloudflared
+popd
+
+set +e
+
+docker stop pihole && docker rm pihole
+docker stop cloudflared && docker rm cloudflared
+docker network rm dns-net
+
+set -e
+
+docker network create --driver bridge --subnet=172.19.1.0/24 dns-net
+
+IP="<HOST-MACHINES-IP>"
+IPv6=""
+
+DNS1="172.19.1.8"
+DNS2="172.19.1.8"
+
+DOCKER_CONFIGS="/home/rancher/pihole-etc"
+
+WEBPASSWORD="<PASSWORD>"
+
+docker run -d \
+    --name pihole \
+    --network dns-net \
+    -p 53:53/tcp -p 53:53/udp \
+    -p 80:80 \
+    -p 443:443 \
+    -v "${DOCKER_CONFIGS}/pihole/:/etc/pihole/" \
+    -v "${DOCKER_CONFIGS}/dnsmasq.d/:/etc/dnsmasq.d/" \
+    -e ServerIP="${IP}" \
+    -e ServerIPv6="${IPv6}" \
+    -e DNS1="$DNS1" \
+    -e DNS2="$DNS2" \
+    -e WEBPASSWORD="${WEBPASSWORD}" \
+    --restart=unless-stopped \
+    pihole/pihole:latest
+
+docker run -d \
+  --name cloudflared \
+  --network dns-net \
+  --ip 172.19.1.8 \
+  --add-host doh.cleanbrowsing.org:185.228.168.168 \
+  --restart=unless-stopped \
+  cloudflared:latest
diff --git a/2. cloudflared_Dockerfile b/2. cloudflared_Dockerfile
@@ -0,0 +1,21 @@
+# borrowed much from https://github.com/visibilityspots/dockerfile-cloudflared
+
+FROM golang:alpine as gobuild
+
+RUN apk update; \
+    apk add git gcc build-base; \
+    go get -v github.com/cloudflare/cloudflared/cmd/cloudflared
+
+WORKDIR /go/src/github.com/cloudflare/cloudflared/cmd/cloudflared
+
+RUN go build ./
+
+FROM alpine:latest
+
+RUN apk add --no-cache ca-certificates; \
+        rm -rf /var/cache/apk/*;
+
+COPY --from=gobuild /go/src/github.com/cloudflare/cloudflared/cmd/cloudflared/cloudflared /usr/local/bin/cloudflared
+
+# https://doh.cleanbrowsing.org/doh/adult-filter/
+CMD ["/bin/sh", "-c", "/usr/local/bin/cloudflared proxy-dns --address 0.0.0.0 --port 53 --upstream https://doh.cleanbrowsing.org/doh/adult-filter/" ]