adguardhome-docker/compose.yaml at master · azagramac/adguardhome-docker · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
---
version: "3.8"

services:
  adguard:
    image: adguard/adguardhome:latest
    container_name: adguard
    restart: always
    deploy:
      replicas: 1
      placement:
        constraints:
          - node.role == manager   # Run on manager node
      restart_policy:
        condition: on-failure
      resources:
        limits:
          memory: 256M
        reservations:
          memory: 64M
    healthcheck:
      test: ["CMD-SHELL", "/opt/adguardhome/AdGuardHome --check-config -w /opt/adguardhome/work -c /opt/adguardhome/conf/AdGuardHome.yaml"]
      interval: 45s
      timeout: 30s
      retries: 3
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Europe/Madrid
    volumes:
      - $HOME/docker/adguardhome/work:/opt/adguardhome/work:rw
      - $HOME/docker/adguardhome/conf:/opt/adguardhome/conf:rw
      - /etc/hosts:/etc/hosts:ro
    cap_add:
      - NET_ADMIN
      # SYS_MODULE not needed unless you load kernel modules
    ports:
      # Mandatory DNS ports
      - target: 53
        published: 53
        protocol: tcp
        mode: host
      - target: 53
        published: 53
        protocol: udp
        mode: host

      # Optional / recommended
      - target: 443
        published: 443
        protocol: tcp
        mode: host   # DoH + dashboard HTTPS
      #- target: 784
      #  published: 784
      #  protocol: udp
      #  mode: host   # DoQ (experimental)
      - target: 853
        published: 853
        protocol: tcp
        mode: host   # DoT
      #- target: 3000
      #  published: 3000
      #  protocol: tcp
      #  mode: host   # Dashboard initial config
      #- target: 5443
      #  published: 5443
      #  protocol: tcp
      #  mode: host   # DNSCrypt / alternative DoH
      #- target: 5443
      #  published: 5443
      #  protocol: udp
      #  mode: host   # DNSCrypt depends on TCP
      #- target: 67
      #  published: 67
      #  protocol: udp
      #  mode: host   # DHCP server (optional, only if AdGuard handles DHCP)
      #- target: 68
      #  published: 68
      #  protocol: udp
      #  mode: host
      #- target: 6060
      #  published: 6060
      #  protocol: tcp
      #  mode: host   # Internal API - do not expose
      #- target: 8853
      #  published: 8853
      #  protocol: udp
      #  mode: host   # DNS mTLS (beta)