Fairy similar to what I did except I used proxmox and lxc not docker compose. Since proxmox is addressable via cli you can ansible against it to deploy stuff. There is also a module for it but I skipped that.
I’d suggest blocking port 53 at the firewall too. I was surprised how much stuff doesn’t go through the cloudflared tunnel. You think it’s all going through the Pihole but there is so much rogue stuff
I’d suggest blocking port 53 at the firewall too. I was surprised how much stuff doesn’t go through the cloudflared tunnel. You think it’s all going through the Pihole but there is so much rogue stuff