diff --git a/pihole/.env-example b/pihole/.env-example
new file mode 100644
index 0000000..ec83c15
--- /dev/null
+++ b/pihole/.env-example
@@ -0,0 +1,5 @@
+# PiHole Version (Standard: latest)
+PIHOLE_VERSION=latest
+
+# PiHole Domain
+PIHOLE_DOMAIN=pihole.example.com
\ No newline at end of file
diff --git a/pihole/README.md b/pihole/README.md
new file mode 100644
index 0000000..e69de29
diff --git a/pihole/docker-compose.yml b/pihole/docker-compose.yml
new file mode 100644
index 0000000..e86ab93
--- /dev/null
+++ b/pihole/docker-compose.yml
@@ -0,0 +1,55 @@
+# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/
+services:
+  pihole:
+    image: pihole/pihole:${PIHOLE_VERSION:-latest}
+    container_name: pihole
+    restart: unless-stopped
+    networks:
+      - traefik
+    ports:
+      # DNS Ports
+      - "53:53/tcp"
+      - "53:53/udp"
+      # Default HTTP Port
+      - "80:80/tcp"
+      # Default HTTPs Port. FTL will generate a self-signed certificate
+      - "443:443/tcp"
+      # Uncomment the line below if you are using Pi-hole as your DHCP server
+      #- "67:67/udp"
+      # Uncomment the line below if you are using Pi-hole as your NTP server
+      #- "123:123/udp"
+    environment:
+      # Set the appropriate timezone for your location (https://en.wikipedia.org/wiki/List_of_tz_database_time_zones), e.g:
+      TZ: 'Europe/Berlin'
+      # Set a password to access the web interface. Not setting one will result in a random password being assigned
+      FTLCONF_webserver_api_password: '${PIHOLE_PASSWORD}'
+      # If using Docker's default `bridge` network setting the dns listening mode should be set to 'all'
+      FTLCONF_dns_listeningMode: 'all'
+    # Volumes store your data between container upgrades
+    volumes:
+      # For persisting Pi-hole's databases and common configuration file
+      - './data/etc-pihole:/etc/pihole'
+    cap_add:
+      # See https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
+      # Required if you are using Pi-hole as your DHCP server, else not needed
+      #- NET_ADMIN
+      # Required if you are using Pi-hole as your NTP client to be able to set the host's system time
+      #- SYS_TIME
+      # Optional, if Pi-hole should get some more processing time
+      #- SYS_NICE
+    labels:
+      - "traefik.enable=true"
+      - "traefik.docker.network=traefik"
+      - "traefik.http.routers.pihole.entrypoints=http"
+      - "traefik.http.routers.pihole.rule=Host(`${PIHOLE_DOMAIN:?error}`)"
+      - "traefik.http.middlewares.pihole-https-redirect.redirectscheme.scheme=https"
+      - "traefik.http.routers.pihole.middlewares=pihole-https-redirect"
+      - "traefik.http.routers.pihole-secure.entrypoints=https"
+      - "traefik.http.routers.pihole-secure.rule=Host(`${PIHOLE_DOMAIN:?error}`)"
+      - "traefik.http.routers.pihole-secure.tls=true"
+      - "traefik.http.routers.pihole-secure.service=pihole"
+      - "traefik.http.services.pihole.loadbalancer.server.port=80"
+
+networks:
+  traefik:
+    external: true
\ No newline at end of file