Setting up Pi-hole

Man of Honour
Joined
20 Sep 2006
Posts
33,883
Ah, I too bite from the shiny Apple. I'm currently running Patched Sur on my mid-2012 MBP (Core i5, 16GB RAM, Samsung Evo 850 SSD). I'm glad it's working now. Give it a week and have a play around - the DNS over HTTPS/TLS/QUIC, DNSCrypt and other baked in features are quite nice and make for an easier life over Pi-Hole. I haven't spun up the latter for some time - mostly due to needing to mess with cloudflared or stubby for upstream DoH - but I might have a play in Docker to see what's new.

My work MacBook is a 2018 Pro 15" with i7, 32GB RAM and a 1 TB SSD. But it has all sorts of MDM stuff on it so it's never been brilliant and following home networking concepts. As an example, DNS resolvers are somehow baked in to use the servers at the other end of our VPN. I absolutely cannot get it to use any home kit to resolve names so I have to resort to editing /etc/hosts which isn't ideal. I think it's configured to use public resolvers if the VPN isn't available. I also use an Air M1 which is a dream to use in comparison and feels every bit as quick.

I need to read into it all, to me DNS is just DNS - all of the new secure stuff is a completely new concept. Which in turn means lots of reading to understand what's going on and more importantly not cause an outage for SWMBO.
 
Soldato
Joined
29 Apr 2004
Posts
4,881
Location
Bath
I'm enjoying Adguard as it's fire and forget (well for me anyway). It updates the blocklist automatically and it updates itself as it was installed as a snap.
 
Associate
Joined
13 Jun 2016
Posts
1,499
Location
UK
The only blocklist you 'need' is OISD's aptly-named #1 Blocklist. It ingests dozens of sources including Steven Black's, Energizer, BadBoyz, Easylist/Easyprivacy and tons of others. It removes all dead links, all known false positives, and concatenates them into a single file.
Just wanted to say thanks for sharing this - had to rebuild my PiHole running on my Pi 4 and was wanting to mirror the Pi Hole docker I have on my NAS. I've now reduced all the blocklists to just the https://dbl.oisd.nl/ :D
 
Associate
Joined
13 Jun 2016
Posts
1,499
Location
UK
How did you set that up to block that?
  • Login to the PiHole admin interface
  • Group Management -> Adlists
  • In 'List of configured adlists' click the red bin for each existing list
  • Tools -> Update gravity and update the gravity database - should now see zero blocked domains, unless you have specified any via local regex
  • Group Management -> Adlists
  • In the 'Add a new adlist' section, copy and paste https://dbl.oisd.nl/ into the address field and clock the 'add' button
  • Tools -> Update gravity and update the gravity database - should now see circa 1,127,209 blocked domains
:)
 
Associate
Joined
13 Jun 2016
Posts
1,499
Location
UK
Soldato
Joined
18 Aug 2007
Posts
9,689
Location
Liverpool
Just wanted to say thanks for sharing this - had to rebuild my PiHole running on my Pi 4 and was wanting to mirror the Pi Hole docker I have on my NAS. I've now reduced all the blocklists to just the https://dbl.oisd.nl/ :D

No worries, I've been using it for yonks and it's never let me down. :)

That number of blocked domains worries me for false positives but I'll give it a try for a bit.

As I said when I first posted it, the list has very few FP. I encountered maybe two in well over a year (two?), and the dev replied to my mail and updated the list in less than 15 mins. Very nice list and the dev is a nice guy.
 
Soldato
Joined
7 Apr 2008
Posts
24,070
Location
Lorville - Hurston
  • Login to the PiHole admin interface
  • Group Management -> Adlists
  • In 'List of configured adlists' click the red bin for each existing list
  • Tools -> Update gravity and update the gravity database - should now see zero blocked domains, unless you have specified any via local regex
  • Group Management -> Adlists
  • In the 'Add a new adlist' section, copy and paste https://dbl.oisd.nl/ into the address field and clock the 'add' button
  • Tools -> Update gravity and update the gravity database - should now see circa 1,127,209 blocked domains
:)
i dont seem to have a Group management section.

umm it could be because i need to update the web interface?
 
Soldato
Joined
18 Aug 2007
Posts
9,689
Location
Liverpool
Has anyone set up Cloudflared on a synology/docker/pihole? The available guides aren't great (the ones I've found).

Not to derail, but if you get stuck then AdGuardHome has built in DoH, DoT, DoQuic, DNSCrypt and more. It's just point and click (everything's in the GUI out of the box) and it works for both the upstream DNS server - eg Cloudflare - as well as for all your connections back to the server. Seamless and no messing. I have it running in Docker on my DiskStation DS218+. There should be a way to get cloudflared running for your PiHole install though, as Docker is after all just a Linux abstraction layer on top of an existing Linux install. I just added this to give you options.
 
Soldato
Joined
20 Oct 2002
Posts
15,989
Location
North West
Not to derail, but if you get stuck then AdGuardHome has built in DoH, DoT, DoQuic, DNSCrypt and more. It's just point and click (everything's in the GUI out of the box) and it works for both the upstream DNS server - eg Cloudflare - as well as for all your connections back to the server. Seamless and no messing. I have it running in Docker on my DiskStation DS218+. There should be a way to get cloudflared running for your PiHole install though, as Docker is after all just a Linux abstraction layer on top of an existing Linux install. I just added this to give you options.
There is, it’s just a mix of unclear instructions to me (probably me and it should be assumed knowledge).

Edit: I'll give adguard home a try in the mean time.
 
Last edited:
Man of Honour
Joined
20 Sep 2006
Posts
33,883
Not to derail, but if you get stuck then AdGuardHome has built in DoH, DoT, DoQuic, DNSCrypt and more. It's just point and click (everything's in the GUI out of the box) and it works for both the upstream DNS server - eg Cloudflare - as well as for all your connections back to the server. Seamless and no messing. I have it running in Docker on my DiskStation DS218+. There should be a way to get cloudflared running for your PiHole install though, as Docker is after all just a Linux abstraction layer on top of an existing Linux install. I just added this to give you options.
+1 for AdGuard Home.
 
Associate
Joined
13 Jun 2016
Posts
1,499
Location
UK
Is anyone using more than on Pi-Hole instance with the Gravity Sync project?


Looks pretty cool and would mean I could keep my primary Docker instance sync'ed with my Raspberry Pi instance, all automatically :)

Thinking of giving it a go when Unraid has finished the parity copy that it is running at the moment.
 
Soldato
Joined
24 Sep 2015
Posts
3,657
Prior to current major release of Pi-Hole I kept my 2 instances in sync using a simple rsync over SSH script (I'm sure it's posted somewhere in this thread) which worked very well. Since they moved to a DB I've been meaning to knock up something to keep them in sync but I make so few changes that I didn't get around to it yet.

I'll have a look at Gravity Sync.
 
Soldato
Joined
19 Oct 2002
Posts
6,820
Location
Bath
Is anyone using more than on Pi-Hole instance with the Gravity Sync project?


Looks pretty cool and would mean I could keep my primary Docker instance sync'ed with my Raspberry Pi instance, all automatically :)

Thinking of giving it a go when Unraid has finished the parity copy that it is running at the moment.
Yes I've been using this since inception on my netbook and VM instances, works great.
 
Back
Top Bottom