Skip to content

Pi-hole & Unbound in Container Manager on a Synology NAS

Published by Dr_Frankenstein

Last updated on 27 February 2025

Host

Drop the compose below into your Project YAML section, if you are also setting up Unbound copy the additional YAML below the Pi-hole compose

YAML
services:
  pihole:
    image: pihole/pihole:latest
    container_name: pihole-host
    cap_add:
      - CAP_NET_RAW
      - CAP_NET_BIND_SERVICE
      - CAP_CHOWN
#      - CAP_NET_ADMIN #uncomment if you want to use DHCP
      - CAP_SYS_NICE
      - CAP_SYS_TIME
    environment:
      - PIHOLE_UID=1234 #CHANGE_TO_YOUR_UID
      - PIHOLE_GID=65432 #CHANGE_TO_YOUR_GID
      - TZ=Europe/London #CHANGE_TO_YOUR_TZ
      - FTLCONF_webserver_api_password=YOURPASSWORD
      - FTLCONF_webserver_port=8000
      - DNSMASQ_USER=pihole
    volumes:
      - /volume1/docker/pihole:/etc/pihole
    network_mode: host
    labels:
      - com.centurylinklabs.watchtower.enable=false
    restart: unless-stopped

# if using unbound paste it here

YAML
  unbound:
    image: klutchell/unbound
    container_name: unbound
    ports:
      - 5335:53/tcp
      - 5335:53/udp
    volumes:
      - /volume1/docker/unbound:/etc/unbound/custom.conf.d
    restart: unless-stopped

We are now changing some settings to the YAML based on your User IDs and Timezone etc

SectionExplanation
PIHOLE_UID=This UID is the one you obtained when setting up your dockerlimited user in the earlier guide at the start of the page. This tells Pi-hole to run under this user rather than root and gives it access to the folders we created.
PIHOLE_GID=As per the above this line will be the GID you obtained earlier.
TZ=You will need to change this line to your own timezone code – you can find the correct list of ones to use on wikipedia.org/wiki/List_of_tz_database_time_zones
FTLCONF_webserver_
api_password=		Change this to the password you would like to use for the Web UI
FTLCONF_webserver_portI have used port 8000 as the default you can amend this if you wish, if you do amend the port keep this in mind when you access the UI later.

You can now jump ahead to Page 5 for the final configuration.

Pages: 1 2 3 4 5

Published inAd-Blocking / DNS 7.2DockerSynology

167 Comments

  1. Ryan Ryan

    I’ve used plenty of your guides and today I’ve encountered my first problem — I made my changes to the pihole YAML code, pasted it in and all looked fine, but when I paste the YAML for the unbound portion of the project I get the error “Property unbound is not allowed” and can not progress any further this is on a Synology DS1819+ running DSM 7.2.2.-72806 update 3.

    Given the updated guide was just posted today I’m hoping there might be a minor syntax/formatting issue that I’m just not seeing. Any help you can offer will be appreciated.

    # 27 February 2025 Reply
  2. NeaMielu NeaMielu

    Amazing job, I finally managed to put a pihole on my Synology. Now, quick question. Few days after 6.0 upgrade and reinstall everything from scratch, they updated again to some 6.0.3 build. Following your guide, I used the docker update feature, it worked fine and pihole is working properly, but now I have two containers:
    pihole-pihole-1 pihole/pihole:latest greyed out
    pihole-macvlan pihole/pihole:latest green
    Question is, am I supposed to delete the first one?

    # 21 February 2025 Reply
    • Dr_Frankenstein Dr_Frankenstein

      Hey – So the update should have removed the first install. You can safely delete it.

      # 21 February 2025 Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

drfrankenstein.co.uk – writing Synology Docker Guides since 2016 – Join My Discord!