Move pihole from infrastructure to core stack

Changes: - docker-compose/core/docker-compose.yml: Added pihole service with full Traefik configuration - docker-compose/infrastructure/docker-compose.yml: Removed pihole service - docker-compose/dockge/docker-compose.yml.template: Deleted (no longer needed) Pihole is now part of core infrastructure alongside Traefik, Authelia, and DuckDNS. This ensures DNS services are always available on the core server.
2026-02-08 15:11:52 -05:00
parent 043e1cb64a
commit 9e71d202cb
3 changed files with 52 additions and 114 deletions
--- a/docker-compose/infrastructure/docker-compose.yml
+++ b/docker-compose/infrastructure/docker-compose.yml
@@ -36,57 +36,6 @@ services:
      - homelab.category=infrastructure
      - homelab.description=Docker socket proxy for security

-  # Pi-hole - Network-wide ad blocker and DNS server
-  # DNS service must always run for network-wide ad blocking
-  pihole:
-    image: pihole/pihole:2024.01.0
-    deploy:
-      resources:
-        limits:
-          cpus: '0.25'
-          memory: 128M
-          pids: 256
-        reservations:
-          cpus: '0.10'
-          memory: 64M
-    container_name: pihole
-    restart: unless-stopped
-    networks:
-      - homelab-network
-      - traefik-network
-    ports:
-      - '53:53/tcp'    # DNS TCP
-      - '53:53/udp'    # DNS UDP
-    volumes:
-      - ./pihole/etc-pihole:/etc/pihole
-      - ./pihole/etc-dnsmasq.d:/etc/dnsmasq.d
-    environment:
-      - TZ=America/New_York
-      - WEBPASSWORD=${PIHOLE_PASSWORD}
-      - FTLCONF_LOCAL_IPV4=192.168.4.4
-    dns:
-      - 127.0.0.1
-      - 1.1.1.1
-    cap_add:
-      - NET_ADMIN
-    labels:
-      # TRAEFIK CONFIGURATION
-      # ==========================================
-      # Service metadata
-      - 'homelab.category=infrastructure'
-      - 'homelab.description=Network-wide ad blocking and DNS'
-      # Traefik reverse proxy (comment/uncomment to disable/enable)
-      # IMPORTANT: On REMOTE SERVERS (where Traefik runs elsewhere):
-      #   - COMMENT OUT all traefik.* labels below (don't delete them)
-      #   - Routes are configured via external YAML files on the core server
-      #   - This prevents conflicts between Docker labels and file provider
-      - 'traefik.enable=true'
-      - 'traefik.docker.network=traefik-network'
-      - 'traefik.http.routers.pihole.rule=Host(`pihole.${DOMAIN}`)'
-      - 'traefik.http.routers.pihole.entrypoints=websecure'
-      - 'traefik.http.routers.pihole.tls.certresolver=letsencrypt'
-      - 'traefik.http.routers.pihole.middlewares=authelia@docker'
-      - 'traefik.http.services.pihole.loadbalancer.server.port=80'

  # Watchtower - Automatic container updates
  watchtower: