version: "3.7"

services:
  pihole:
    container_name: pihole
    image: pihole/pihole:2023.02.2
    restart: unless-stopped
    hostname: pihole
    dns:
      - 127.0.0.1
    ports:
      - ${NETWORK_INTERFACE:-0.0.0.0}:53:53/tcp
      - ${NETWORK_INTERFACE:-0.0.0.0}:53:53/udp
      - ${APP_PORT}:80
    volumes:
      - ${APP_DATA_DIR}/data/pihole:/etc/pihole
      - ${APP_DATA_DIR}/data/dnsmasq:/etc/dnsmasq.d
    environment:
      TZ: ${TZ}
      WEBPASSWORD: ${APP_PASSWORD}
      FTLCONF_REPLY_ADDR4: 10.21.21.201
    cap_add:
      - NET_ADMIN
    networks:
      tipi_main_network:
        ipv4_address: 10.21.21.201
    labels:
      traefik.enable: ${APP_EXPOSED}
      traefik.http.routers.pihole.rule: Host(`${APP_DOMAIN}`)
      traefik.http.routers.pihole.entrypoints: websecure
      traefik.http.routers.pihole.service: pihole
      traefik.http.routers.pihole.tls.certresolver: myresolver
      traefik.http.services.pihole.loadbalancer.server.port: 80