Màj 06-04-2024

2024-04-06 09:54:09 +02:00
parent cd8cebe7cb
commit 259b9c6a24
76 changed files with 5126 additions and 229 deletions
--- a/docs/Raspberry/pi-hole.md
+++ b/docs/Raspberry/pi-hole.md
@@ -0,0 +1,187 @@
+# pi-hole & unbound
+
+
+
+#### RasbianOS
+
+| **Version** | **Code name** | **Current status** | **Release date** | **End-of-life ([LTS](https://wiki.debian.org/LTS))** |
+| ----------- | ------------- | ------------------ | ---------------- | ---------------------------------------------------- |
+| 11          | Bullseye      | oldstable          | 2021-08-14       | 2024-08-14 (2026-08-31)                              |
+| 12          | Bookworm      | stable             | 2023-06-10       | 2026-06-10 (2028-06-30)                              |
+| 13          | Trixie        | testing            | 2025-06-??       | 2028-06-?? (2030-06-??)                              |
+
+
+
+##### Installer Pi-Hole et Unbound:
+
+https://www.crosstalksolutions.com/the-worlds-greatest-pi-hole-and-unbound-tutorial-2023/
+
+https://mediacenterz.com/tutoriel-complete-pi-hole-bloqueur-dannonces-pour-toute-la-maison/
+
+##### Installer Gravity Sync:
+
+https://github.com/vmstan/gravity-sync
+
+##### Installer keepalived:
+
+https://davidshomelab.com/pi-hole-failover-with-keepalived/
+
+
+
+##### Version de Pi-Hole
+
+```bash
+$ pihole -v
+  Pi-hole version is v5.17.3 (Latest: v5.17.3)
+  web version is v5.21 (Latest: v5.21)
+  FTL version is v5.25 (Latest: v5.25.1)
+```
+
+##### Mise-à-jour de Pi-Hole:
+
+```bash
+$ pihole -up
+```
+
+##### Changer le mot de passe de l’interface Web PiHole
+
+```bash
+$ pihole -a -p
+```
+
+##### Liste noire:
+
+- **`pihole -b -l`** – Liste des domaines sur la liste noire
+- **`pihole -b exemple.com`** – Ajouter example.com à la liste noire
+- **`pihole -b -d example.com`** – Supprimer exemple.com de la liste noire
+
+##### Liste blanche:
+
+- **`pihole -w -l`** – Liste des domaines dans la liste blanche
+- **`pihole -w exemple.com`** – Ajouter example.com à la liste blanche
+- **`pihole -w -d example.com`** – Supprimer exemple.com de la liste blanche
+
+##### Activer / désactiver Pi-Hole:
+
+- **`pihole enable`** – Activer PiHole
+- **`pihole disable`**– Désactiver PiHole en permanence
+- **`pihole disable 10m`** – Désactiver PiHole pendant 10 minutes
+- **`pihole disable 60s`** – Désactiver PiHole pendant 1 min
+
+
+
+
+
+### Activer la résolution local sur le PiHole (Loopback)
+
+Se connecter sur le Pi-Hole en ssh, puis:
+
+```bash
+echo "addn-hosts=/etc/pihole/lan.list" | sudo tee /etc/dnsmasq.d/02-lan.conf
+```
+
+On crée le fichier `/etc/pihole/lan.list`
+
+```bash
+nano /etc/pihole/lan.list
+```
+
+que l'on remplit avec les IP/serveurs
+
+```bash
+Adresse IP         nom de domaine       nom du serveur
+192.168.1.xx service.nomdedomaine       nomduserveur
+```
+
+```bash
+192.168.2.57    navidrome.photos-nas.ovh        navidrome
+192.168.2.57    ds923.photos-nas.ovh            dsm
+192.168.2.57    maloja.photos-nas.ovh           maloja
+192.168.2.57    photos.photos-nas.ovh           photos
+192.168.2.57    change.photos-nas.ovh           changedetection
+192.168.2.57    search.photos-nas.ovh           searxng
+192.168.2.57    vault.photos-nas.ovh            vaultwarten
+192.168.2.1     asus.photos-nas.ovh             asus
+192.168.2.1     www.asusrouter.com              et12
+192.168.2.116   pihole1.photos-nas.ovh          dietpi1
+192.168.2.216   pihole2.photos-nas.ovh          dietpi2
+```
+
+On redémarre le service DNS:
+
+```bash
+pihole restartdns
+```
+
+https://induste.com/threads/utiliser-un-pihole-pour-creer-une-loopback-orange-bouygues-etc.634410/
+
+
+
+### Liens:
+
+https://www.reddit.com/r/pihole/comments/tsperl/comment/i2sr22h/
+
+https://discourse.pi-hole.net/t/pihole-unbound-not-working-as-it-should/51381/12
+
+https://docs.pi-hole.net/guides/dns/unbound/#disable-resolvconf-for-unbound-optional
+
+https://alain-michel.canoprof.fr/eleve/tutoriels/raspberry/utiliser-pi-hole-pour-bloquer-les-pubs/
+
+https://nicolasforcet.com/nettoyer-base-de-donnees-pihole-ftldb-log/
+
+https://nicolasforcet.com/raspberry-pi-limiter-drastiquement-les-logs-et-les-mettre-en-ram-pour-preserver-sa-carte-sd/
+
+Using “sudo nmtui” I was able to change my network settings. I
+
+The Fireborg : The Big Blocklist Collection
+
+https://firebog.net
+
+Gravity Sync:
+
+https://github.com/vmstan/gravity-sync
+
+https://github.com/azlux/log2ram
+
+https://dnscheck.tools
+
+```
+vcgencmd get_throttled <-- will give you info on conditions that may have caused throttling.
+```
+
+
+
+```
+Great write up, thanks.
+Instead of a firewall rule, blocking all DNS queries except to Pihole, better create a NAT Port Forward rule, so that all DNS queries except router or a Pihole are redirected to the pihole address. Thus DNS resolution will continue working (for allowed domains) even if somebody (or some malicious IoT device) use custom DNS.
+I have an OPNsense (pfSense fork) with Unbound installed onboard (192.168.0.1), and a PiHole on another box (192.168.0.100).
+All devices by default query DNS from the router (192.168.0.1).
+Above mentioned NAT Port Forward rule redirects all DNS queries to the Pihole (192.168.0.100).
+Pihole has Unbound on a router as an upstream (192.168.0.1).
+SO, unfortunately, there are some networks hops to and fro, but I can’t install Pihole on an OPNsense router (it’s FreeBSD and not Linux).
+
+```
+
+
+
+```
+Hopefully CrossTalk sees this, but this guide needs to be updated. As of the 10/10/2023 of Debian Bookworm. Debian (and by extension Raspberry Pi OS) does not use dhcpcd as the networking interface. Instead, it uses the more complex/robust NetworkManager. This change can be found in the release notes for RaspberyPi OS here: https://downloads.raspberrypi.com/raspios_lite_arm64/release_notes.txt.
+This means that the dhcpcd.conf file will not exist under /etc as the guide suggest. There are ways to use nmcli (the command the interact with NetworkManager) to set a static IP. However, I recommend simply setting up a DHCP reservation using your router. Either way, you cannot set up a static IP using dhcpcd.conf. Hope this helps anyone on their PiHole journey!
+```
+
+
+
+```
+static IP on Bookworm:
+credits to https://raspberrypi-guide.github.io/networking/set-up-static-ip-address
+So I used ‘nmtui’ command to set up a static ip on bookworm. Looks like they got rid of dhcpcd by default and are going with NetworkManager.
+1. type ‘sudo nmtui’ so you have the right permissions
+2. edit the connection you want
+4. change ipv4 config to manual
+5. Enter your desired ip address into addresses (with a trailing /24, e.g. 192.168.1.77/24)
+6. I put my routers ip in the gateway and DNS fields, and also added a second 8.8.8.8 for DNS
+7. Exit out of nmtui
+8. reboot and it should work
+
+```
+