Setting up Pi-hole

bledd · 12 Aug 2017 at 15:01

Can do both on one

Not used this, but it looks good/easy.

http://www.pivpn.io/

Feek · 14 Aug 2017 at 13:03

I do both on one - There's a thread in here with some more details where a couple of us were doing it at the same time. Here it is, to save the search

Sp00n · 14 Aug 2017 at 13:42

https://github.com/pi-hole/pi-hole/wiki/OpenVPN-server:-Dual-operation:-LAN-&-VPN-at-the-same-time

Pawnless Endgame · 14 Aug 2017 at 21:35

Thanks guys regarding the 2-in-1 Pi-Hole and VPN.

Another question - should be an easier one

I have set Crontab (task scheduler) to update Pi-Hole every day at 0700. Shall I use all 3 lines or just the 1st one? 1st line is to update Pi-Hole at 0700, 2nd line is to update the ads definition file at 0710 then restart the DNS server at 0720. I'm just not sure whether pihole -up includes the ad definitions as well or not.

the-evaluator · 15 Aug 2017 at 07:09

I'd be a little wary of doing -up in that way, there was a release not that long ago that set a password on the web interface and if it wasn't for me seeing the output of -up on the console I wouldn't have known and would have had problems logging into the web interface until I found how to change, or remove the password.

I do schedule an update of the block lists but rather than doing two separate comments through crontab which would potentially leave you without DNS for up to 10 minutes I have both commands in the same script so they fire one after the other without a gap.

Code:

#/bin/sh
/usr/local/bin/pihole -g
/usr/local/bin/pihole restartdns

That script is called /root/pihole_update.sh and that's called at 4am by crontab.

Code:

0  4    * * *   root    /root/pihole_update.sh

Feek · 15 Aug 2017 at 08:13

It effectively does a pinhole -g itself on a regular basis. I don't bother with any of the above although as said previously, I do have an alert via PRTG to tell me if there's an update available so I can go and grab it manually.

I don't think there's any need to manually restart the dns service either, -g does that at the end of the process.

Steveocee · 15 Aug 2017 at 13:57

As per others, I'd advise to not have the pihole -up set on crontab.

I had got it set to go once a week on my second box but that thing had it's own problems.

If you feel you MUST have an update run periodically then simply pihole -g is enough to run daily.

Pawnless Endgame · 15 Aug 2017 at 15:01

Thanks guys. I'll reduce it to the 1 line :-)

EYEREX · 24 Aug 2017 at 10:41

Think i've got most Domains covered

picnic · 24 Aug 2017 at 13:09

Wow it is just me or are you blocking ~1.4 million more domains that a standard install? Where have you garnered these extra domains from?

EYEREX · 24 Aug 2017 at 13:41

picnic said:
Wow it is just me or are you blocking ~1.4 million more domains that a standard install? Where have you garnered these extra domains from?

Using this list https://raw.githubusercontent.com/CamelCase11/UnifiedHosts/master/hosts

picnic · 24 Aug 2017 at 16:07

Thanks for that, that's a big list!

The1nonly1 · 25 Aug 2017 at 12:15

How do I add these to pi-hole?

EYEREX · 25 Aug 2017 at 15:54

The1nonly1 said:
How do I add these to pi-hole?

Login to PiHole then Settings and on the right you will see Pi-Hole's Block Lists and you can add the address of list down the bottom and then do a save and update

picnic · 25 Aug 2017 at 20:44

Seems this new link is quite aggressive in what it includes. You'll probably all shout at me but I use feedly for my RSS feeds, which it blocked, and it seems to have killed Skype. There is no way I could get everyone to move away and use something else andadly I've not been able to workout which domains to whitelist to get Skype working. Don't suppose anyone knows?

maj · 25 Aug 2017 at 23:53

picnic said:
Seems this new link is quite aggressive in what it includes. You'll probably all shout at me but I use feedly for my RSS feeds, which it blocked, and it seems to have killed Skype. There is no way I could get everyone to move away and use something else andadly I've not been able to workout which domains to whitelist to get Skype working. Don't suppose anyone knows?

Try whitelisting s.gateway.messenger.live.com ui.skype.com pricelist.skype.com apps.skype.com m.hotmail.com s.gateway.messenger.live.com sa.symcb.com s{1..5}.symcb.com

Feek · 26 Aug 2017 at 11:03

Far to aggressive for me, I tried adding some additional blacklists a while back and many useful sites were blocked. I've gone back to the original Pi-hole supplied lists now and that's enough.

The1nonly1 · 26 Aug 2017 at 21:25

EYEREX said:
Login to PiHole then Settings and on the right you will see Pi-Hole's Block Lists and you can add the address of list down the bottom and then do a save and update

Thanks

picnic · 27 Aug 2017 at 08:45

maj said:
Try whitelisting s.gateway.messenger.live.com ui.skype.com pricelist.skype.com apps.skype.com m.hotmail.com s.gateway.messenger.live.com sa.symcb.com s{1..5}.symcb.com

Thanks for these, it helps but it's not the whole list, also added

arc.msn.com channel.skype.com conn.skype.com crl.microsoft.com live.com login.live.com mscrl.microsoft.com settings-win.data.microsoft.com ssw.live.com

Feek said:
Far to aggressive for me, I tried adding some additional blacklists a while back and many useful sites were blocked. I've gone back to the original Pi-hole supplied lists now and that's enough.

I'm close to following. It takes quite a long time for each domain to be whitelisted and then it doesn't always fix what you're trying to resolve, so a slow old process.

maj · 27 Aug 2017 at 10:34

I found this to have a decent collection of blocklists. Here is also a list of common domains to whitelist.