How to: Install PiHole (DNS-Adblocker) and WG-Easy (Wireguard) on Ubuntu with Docker

# install docker
curl -sSL https://get.docker.com | sh
sudo usermod -aG docker $(whoami)
exit
# prepare ubuntu system to free up port 53
# otherwise binding port 53 for pihole will fail
sudo apt purge systemd-resolved
# create a password for the docker-compose.yml file

sudo docker run -it ghcr.io/wg-easy/wg-easy wgpw MYPASSWORD

# you will get something like:
$2a$12$G7fBEP5FxTecqGugvcfufeTpUiDRYqNuVY1eNxcHFHcZQYNARR/D.

# replace $ with $$ and copy it to the clipboard:
$$2a$$12$$G7fBEP5FxTecqGugvcfufeTpUiDRYqNuVY1eNxcHFHcZQYNARR/D.
# nano docker-compose.yml

services:
  wg-easy:
    environment:
      - WG_HOST=CHANGEME
      - WG_PORT=51820
      - PASSWORD_HASH=INSERTFROMCLIPBOARD
      - WG_DEFAULT_DNS=10.8.1.3 # pihole containers IP address
      - WG_DEFAULT_ADDRESS=10.8.0.x
      - LANG=en
      - WG_ALLOWED_IPS=10.8.1.3,192.168.0.1/24
      - UI_TRAFFIC_STATS=true
      - UI_CHART_TYPE=2 # (0 disabled, 1 Line, 2 Area, 3 Bar)
    image: ghcr.io/wg-easy/wg-easy
    container_name: wg-easy
    volumes:
      - ~/.wg-easy:/etc/wireguard
    ports:
      - "51820:51820/udp" # must fit to WG_PORT above
      - "51821:51821/tcp"
    restart: unless-stopped
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    sysctls:
      - net.ipv4.ip_forward=1
      - net.ipv4.conf.all.src_valid_mark=1
    networks:
      wg-easy:
        ipv4_address: 10.8.1.2

  pihole:
    image: pihole/pihole
    container_name: pihole
    environment:
      - WEBPASSWORD=CHANGEME # WebUI password
    volumes:
      - '~/.pihole/etc-pihole:/etc/pihole'
      - './.pihole/etc-dnsmasq.d:/etc/dnsmasq.d'
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "5353:80/tcp"
    restart: unless-stopped
    networks:
      wg-easy:
        ipv4_address: 10.8.1.3

networks:
  wg-easy:
    ipam:
      config:
        - subnet: 10.8.1.0/24
# run it
sudo docker compose up -d

# now you can access it via browser:
pihole: http://YOURIP:5353/admin
wireguard: http://YOURIP:51821

Screenshot

Sources

Metadata

Last update: Dec 2024
Tested on: Ubuntu 24.04 Server