Skip to main content

Pi-Hole

the infinite dns sinkhole.

DNS is very very complicated. Actually, no it's not. Basically DNS maps IP addresses to domain names. e.g. 1.1.1.1 to Cloudflare.com or something. Every conceivable service on the Internet most likely has a domain name (the DN part of DNS, for Domain Name Service) for simplicity's sake.

However, if we want to run our own services at home, we don't really want to memorize allat. That's why we have a DNS server. To have devices on our home network recognize custom domain names. Also, please make sure to use a TLD that isn't routable across the internet, like .home or .box.

Pi-hole is ridiculously funny because it works as a DNS server. That we can configure. We can also get blocklists to prevent DNS entries that match adware or malware from being recognized by our network. Completely. That's it. Free ad-blocking. You read that right.

Setup

there is raw and via docker. raw is usually done on a raspberry pi. docker is, well, done with a docker image.

curl -sSL https://install.pi-hole.net | bash for docker install

uhhh docker compose. always use docker compose

---
services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    ports:
      # DNS Ports
      - "53:53/tcp"
      - "53:53/udp"
      # Default HTTP Port
      - "80:80/tcp"
      # Default HTTPs Port. FTL will generate a self-signed certificate
      - "443:443/tcp"
      # Uncomment the line below if you are using Pi-hole as your DHCP server
      #- "67:67/udp"
      # Uncomment the line below if you are using Pi-hole as your NTP server
      #- "123:123/udp"
    environment:
      # Set the appropriate timezone for your location (https://en.wikipedia.org/wiki/List_of_tz_database_time_zones), e.g:
      TZ: 'Europe/London'
      # Set a password to access the web interface. Not setting one will result in a random password being assigned
      FTLCONF_webserver_api_password: 'correct horse battery staple'
      # If using Docker's default `bridge` network setting the dns listening mode should be set to 'ALL'
      FTLCONF_dns_listeningMode: 'ALL'
    # Volumes store your data between container upgrades
    volumes:
      # For persisting Pi-hole's databases and common configuration file
      - './etc-pihole:/etc/pihole'
      # Uncomment the below if you have custom dnsmasq config files that you want to persist. Not needed for most starting fresh with Pi-hole v6. If you're upgrading from v5 you and have used this directory before, you should keep it enabled for the first v6 container start to allow for a complete migration. It can be removed afterwards. Needs environment variable FTLCONF_misc_etc_dnsmasq_d: 'true'
      #- './etc-dnsmasq.d:/etc/dnsmasq.d'
    cap_add:
      # See https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
      # Required if you are using Pi-hole as your DHCP server, else not needed
      - NET_ADMIN
      # Required if you are using Pi-hole as your NTP client to be able to set the host's system time
      - SYS_TIME
      # Optional, if Pi-hole should get some more processing time
      - SYS_NICE
    restart: unless-stopped
    ```

    (copy+pasted directly from the pihole website lmao)
Back to top