Skip to content
/ constantine Public

Ad blocking VPN with DNS over HTTPS using cloudflared + pihole + WireGuard. Currently running on a Raspberry Pi 4 Docker Composed

13 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ahsandar/constantine

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
cloudflared
cloudflared
 
 
pihole
pihole
 
 
wireguard
wireguard
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
constantine.jpeg
constantine.jpeg
 
 
docker-compose.yml
docker-compose.yml
 
 
docker-compsoe@.service
docker-compsoe@.service
 
 
local_resolver_start.sh
local_resolver_start.sh
 
 
local_resolver_stop.sh
local_resolver_stop.sh
 
 
vars
vars
 
 

Repository files navigation

On github its a mirror of a private gitlab repo

Constantine

Constanine

Ad blocking VPN with DNS over HTTPS using cloudflared + pihole + WireGuard. Currently running on a Raspberry Pi 4

Pi hole

VARS

export TZ=<set value> # set timezone for your origin for e.g. Asia/Singapore
export WEBPASSWORD=<set value> # set password for pi hole dashboard
export DNS1=<set value> # set to the docker IP assigned to cloudflared
export DNS2=<set value> # set any public DNS Quad9 Cloudflare Google OpenDNS

Cloudflared

VARS

export CLOUDFLARED_DNS1=<set value> # set any public DNS Quad9 Cloudflare Google OpenDNS
export CLOUDFLARED_DNS2=<set value> # set any public DNS Quad9 Cloudflare Google OpenDNS

WireGuard

VARS

export PEERS=<set value> #total number of peers
export PUID=<set value> # find usinng -> id <username>
export PGID=<set value> # find usinng -> id <username>

To run

Turn off local resolver

Use the script local_resolver_stop.sh

./local_resolver_stop.sh

If you stop the containers, local resolver will need to be started to have your device be able to connect to internet use the script local_resolver_start.sh

./local_resolver_start.sh

Build containers

After turning off you system resolver make sure you have your variables set before building the containers.

docker-compose build

Start container

docker-compose up

or if you want to run in background

docker-compose up -d

If you want to set it up as a systemd service use the docker-compose@.service file and place it in /etc/systemd/system/ and update the WorkingDirectory

Then you can start and stop it as such

systemctl start docker-compose@constantine

systemctl stop docker-compose@constantine

WireGuard QR Codes

To find out QR Codes to setup the clients use

docker-compose logs -f wireguard

also they are stored under the docker volume constantine_wireguard_data along with the conf and are most likely stored in a similar path

/var/lib/docker/volumes/constantine_wireguard_data/_data/

WireGuard connections

To look for the active connections can monitor the wg show

docker exec -it constantine_wireguard_1 wg show

Port Forwarding

On your router remember to forward the port you have mapped on your device to the WireGuard container. In the project docker-compose.yml port mapping is set as 52828:51820 which means device port 52828 is mapped to WireGuard container port 51820. So on your router make sure you forward port 52828 to your deivce's IP address to route all incoming traffic on your public IP via the router to the device running WireGuard.

Official Docs

cloudflared

https://github.com/visibilityspots/dockerfile-cloudflared

Pi hole

https://hub.docker.com/r/pihole/pihole

WireGuard

https://docs.linuxserver.io/images/docker-wireguard

About

Ad blocking VPN with DNS over HTTPS using cloudflared + pihole + WireGuard. Currently running on a Raspberry Pi 4 Docker Composed

Resources

Readme
Activity

Stars

13 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages