AdGuard Home
Network-wide ad and tracker blocking DNS server.
Overview
AdGuard Home is a network-wide DNS server that blocks ads, trackers, and malicious domains at the network level before they reach your devices. Originally developed as a self-hosted alternative to cloud-based DNS filtering services, AdGuard Home operates by intercepting DNS requests and filtering them against comprehensive blocklists, effectively preventing unwanted content from loading across your entire network. Unlike browser-based ad blockers that only protect individual applications, AdGuard Home protects all devices on your network including smart TVs, IoT devices, mobile apps, and any device that makes DNS queries.
This Docker deployment creates a centralized DNS filtering solution that replaces your standard DNS resolver with an intelligent filtering layer. AdGuard Home processes all DNS requests from your network, checks them against configured blocklists and custom rules, then either blocks malicious/unwanted domains or forwards legitimate requests to upstream DNS servers. The system supports modern encrypted DNS protocols including DNS-over-HTTPS, DNS-over-TLS, and DNS-over-QUIC, ensuring your DNS queries remain private while maintaining comprehensive ad and tracker blocking.
This configuration is ideal for privacy-conscious users, families wanting parental controls, small businesses seeking network-level protection, and homelab enthusiasts who want to reduce bandwidth usage and improve browsing speeds across all connected devices. The self-hosted nature means you maintain complete control over your DNS filtering policies, query logs, and network traffic patterns without relying on third-party services that may log or monetize your browsing data.
Key Features
- DNS-over-HTTPS, DNS-over-TLS, and DNS-over-QUIC support for encrypted DNS queries
- Real-time query logging and detailed analytics showing blocked vs allowed requests
- Comprehensive parental controls with safe search enforcement across major search engines
- Custom filtering rules with support for AdBlock syntax and hosts file formats
- Built-in DHCP server functionality to automatically configure network devices
- Multiple upstream DNS server support with load balancing and failover
- Mobile companion apps for iOS and Android with encrypted DNS profiles
- Whitelist and blacklist management with regex pattern matching capabilities
Common Use Cases
- 1Home network ad blocking to eliminate ads from smart TVs, gaming consoles, and mobile devices
- 2Small office DNS filtering to block malicious domains and improve productivity
- 3Family-friendly internet with parental controls and safe search enforcement
- 4Privacy-focused network setup with encrypted DNS queries and no third-party logging
- 5Bandwidth optimization by blocking ad networks and tracking domains at DNS level
- 6Homelab DNS server with custom domain resolution and local network management
- 7Guest network protection providing clean browsing experience for visitors
Prerequisites
- Minimum 256MB RAM available for DNS query processing and blocklist storage
- Network access to ports 53 (DNS), 80 (web interface), and 3000 (initial setup)
- Router configuration access to change DHCP DNS settings or manual device DNS configuration
- Understanding of DNS concepts and network routing for proper deployment
- Firewall configuration allowing DNS traffic from network devices to container host
- Static IP address for the Docker host to ensure consistent DNS server availability
For development & testing. Review security settings, change default credentials, and test thoroughly before production use. See Terms
docker-compose.yml
docker-compose.yml
1services: 2 adguard: 3 image: adguard/adguardhome:latest4 container_name: adguard5 restart: unless-stopped6 volumes: 7 - adguard_work:/opt/adguardhome/work8 - adguard_conf:/opt/adguardhome/conf9 ports: 10 - "53:53/tcp"11 - "53:53/udp"12 - "3000:3000"13 - "80:80"1415volumes: 16 adguard_work: 17 adguard_conf: .env Template
.env
1# No additional config neededUsage Notes
- 1Docs: https://adguard.com/kb/adguard-home/
- 2Setup wizard at http://localhost:3000 on first launch
- 3After setup, web UI moves to port 80 (http://localhost)
- 4Point router/devices DNS to AdGuard IP for network-wide blocking
- 5DNS-over-HTTPS/TLS available for encrypted queries
- 6Import blocklists from settings - many community lists available
Quick Start
terminal
1# 1. Create the compose file2cat > docker-compose.yml << 'EOF'3services:4 adguard:5 image: adguard/adguardhome:latest6 container_name: adguard7 restart: unless-stopped8 volumes:9 - adguard_work:/opt/adguardhome/work10 - adguard_conf:/opt/adguardhome/conf11 ports:12 - "53:53/tcp"13 - "53:53/udp"14 - "3000:3000"15 - "80:80"1617volumes:18 adguard_work:19 adguard_conf:20EOF2122# 2. Create the .env file23cat > .env << 'EOF'24# No additional config needed25EOF2627# 3. Start the services28docker compose up -d2930# 4. View logs31docker compose logs -fOne-Liner
Run this command to download and set up the recipe in one step:
terminal
1curl -fsSL https://docker.recipes/api/recipes/adguard-home/run | bashTroubleshooting
- Port 53 already in use: Stop systemd-resolved with 'sudo systemctl disable systemd-resolved' or change host port mapping
- Web interface shows 'not found' after setup: Setup wizard moves from port 3000 to port 80 after initial configuration
- Devices not using AdGuard DNS: Configure router DHCP to use AdGuard IP or manually set DNS on each device
- Blocked websites still loading: Check if devices are using cached DNS or hardcoded DNS servers like 8.8.8.8
- High memory usage: Reduce query log retention period and disable unnecessary blocklists in settings
- DNS queries timing out: Verify upstream DNS servers are responding and consider adding backup resolvers
Community Notes
Loading...
Loading notes...
Download Recipe Kit
Get all files in a ready-to-deploy package
Includes docker-compose.yml, .env template, README, and license
Ad Space
Shortcuts: C CopyF FavoriteD Download