Pihole | Nico Maas

Pihole is an awesome little DNS Server with Blacklists for Ad Sites and the ideal tool to install a small and powerful ad filter for the whole network (Intro Video here).

As diginc designed an Docker Image around the Pihole server (which was normally run on a RPi :)) - and made it x86, you can also run it on your normal Homeserver :)!

Important things just before we start: The Docker container needs to bind to ports 53 (DNS) and 80 (HTTP) - so, if you need to run your own DNS - that could interfere. If you need port 80 for some other website - you'll have to make an reverse proxy.

To make the setup easier, I wrote an little docker-compose.yml:

pihole:
  restart: unless-stopped
  container_name: pihole
  image: diginc/pi-hole:alpine
  volumes:
    - /var/pihole:/etc/pihole
  environment:
    - ServerIP=YOURLANIPHERE
  cap_add:
    - NET_ADMIN
  ports:
    - "53:53/tcp"
    - "53:53/udp"
    - "80:80"

You'll need to change the YOURLANIPHERE to the IP Address of your Servers LAN Interface - and you'll need to create the folder /var/pihole and make it writable for your Docker User.

sudo mkdir /var/pihole
sudo chown -R MYLINUXUSER:MYLINUXUSER /var/pihole

After that, we can start the service via docker-compose up -d.

You'll have access to the Web interface of pihole on YOURLANIPHERE/admin

However, this interface is NOT protected - so we'll do this now:

docker exec -it pihole /bin/bash
# create an password protection for your pihole web interface
pihole -a -p somepasswordhere
# You can also remove the password by not passing an argument.
pihole -a -p

Also, pihole does create a lot of log files, which should be removed from time to time, the block lists should be updated and pihole itself should be updated. This can also be achieved via an cron file, available here.

# [...]

# Your container name goes here:
DOCKER_NAME=pihole
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

# Pi-hole: Update the ad sources once a week on Sunday at 01:59
#          Download any updates from the adlists
59 1    * * 7   root    PATH="$PATH:/usr/local/bin/" docker exec $DOCKER_NAME pihole updateGravity > /dev/null

# Update docker-pi-hole by pulling the latest docker image ane re-creating your container.
# pihole software update commands are unsupported in docker!
30 2    * * 7   root    PATH="$PATH:/usr/local/bin/" docker exec $DOCKER_NAME pihole updatePihole > /dev/null

# Pi-hole: Flush the log daily at 00:00 so it doesn't get out of control
#          Stats will be viewable in the Web interface thanks to the cron job above
00 00   * * *   root    PATH="$PATH:/usr/local/bin/" docker exec $DOCKER_NAME pihole flush > /dev/null

I actually did just open my cron with crontab -e and entered the last lines into there - so that should work. You can now test your new Adblocker by entering the IP of your Server as DNS on your Clients - and if you're happy with it, just replace the DNS server entry on your DHCP server with that IP - to rollout pihole to your complete network :).

More Info:

https://github.com/diginc/docker-pi-hole

https://discourse.pi-hole.net/t/how-do-i-set-or-reset-the-web-interface-password/1328

https://www.reddit.com/r/pihole/comments/5rudb3/running_pihole_in_a_docker_container/

Tag: Pihole

How to run pi-hole in a Docker container