Divers/mkdocs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
master
mkdocs/docs/Raspberry/pi-hole.md
Bruno21 259b9c6a24 Màj 06-04-2024
2024-04-06 09:54:09 +02:00

6.3 KiB
Raw Permalink Blame History

pi-hole & unbound

RasbianOS

Version Code name Current status Release date End-of-life (LTS)
11 Bullseye oldstable 2021-08-14 2024-08-14 (2026-08-31)
12 Bookworm stable 2023-06-10 2026-06-10 (2028-06-30)
13 Trixie testing 2025-06-?? 2028-06-?? (2030-06-??)
Installer Pi-Hole et Unbound:

https://www.crosstalksolutions.com/the-worlds-greatest-pi-hole-and-unbound-tutorial-2023/

https://mediacenterz.com/tutoriel-complete-pi-hole-bloqueur-dannonces-pour-toute-la-maison/

Installer Gravity Sync:

https://github.com/vmstan/gravity-sync

Installer keepalived:

https://davidshomelab.com/pi-hole-failover-with-keepalived/

Version de Pi-Hole
$ pihole -v
  Pi-hole version is v5.17.3 (Latest: v5.17.3)
  web version is v5.21 (Latest: v5.21)
  FTL version is v5.25 (Latest: v5.25.1)
Mise-à-jour de Pi-Hole:
$ pihole -up
Changer le mot de passe de linterface Web PiHole
$ pihole -a -p
Liste noire:
  • pihole -b -l Liste des domaines sur la liste noire
  • pihole -b exemple.com Ajouter example.com à la liste noire
  • pihole -b -d example.com Supprimer exemple.com de la liste noire
Liste blanche:
  • pihole -w -l Liste des domaines dans la liste blanche
  • pihole -w exemple.com Ajouter example.com à la liste blanche
  • pihole -w -d example.com Supprimer exemple.com de la liste blanche
Activer / désactiver Pi-Hole:
  • pihole enable Activer PiHole
  • pihole disable Désactiver PiHole en permanence
  • pihole disable 10m Désactiver PiHole pendant 10 minutes
  • pihole disable 60s Désactiver PiHole pendant 1 min

Activer la résolution local sur le PiHole (Loopback)

Se connecter sur le Pi-Hole en ssh, puis:

echo "addn-hosts=/etc/pihole/lan.list" | sudo tee /etc/dnsmasq.d/02-lan.conf

On crée le fichier /etc/pihole/lan.list

nano /etc/pihole/lan.list

que l'on remplit avec les IP/serveurs

Adresse IP         nom de domaine       nom du serveur
192.168.1.xx service.nomdedomaine       nomduserveur

192.168.2.57    navidrome.photos-nas.ovh        navidrome
192.168.2.57    ds923.photos-nas.ovh            dsm
192.168.2.57    maloja.photos-nas.ovh           maloja
192.168.2.57    photos.photos-nas.ovh           photos
192.168.2.57    change.photos-nas.ovh           changedetection
192.168.2.57    search.photos-nas.ovh           searxng
192.168.2.57    vault.photos-nas.ovh            vaultwarten
192.168.2.1     asus.photos-nas.ovh             asus
192.168.2.1     www.asusrouter.com              et12
192.168.2.116   pihole1.photos-nas.ovh          dietpi1
192.168.2.216   pihole2.photos-nas.ovh          dietpi2

On redémarre le service DNS:

pihole restartdns

https://induste.com/threads/utiliser-un-pihole-pour-creer-une-loopback-orange-bouygues-etc.634410/

Liens:

https://www.reddit.com/r/pihole/comments/tsperl/comment/i2sr22h/

https://discourse.pi-hole.net/t/pihole-unbound-not-working-as-it-should/51381/12

https://docs.pi-hole.net/guides/dns/unbound/#disable-resolvconf-for-unbound-optional

https://alain-michel.canoprof.fr/eleve/tutoriels/raspberry/utiliser-pi-hole-pour-bloquer-les-pubs/

https://nicolasforcet.com/nettoyer-base-de-donnees-pihole-ftldb-log/

https://nicolasforcet.com/raspberry-pi-limiter-drastiquement-les-logs-et-les-mettre-en-ram-pour-preserver-sa-carte-sd/

Using “sudo nmtui” I was able to change my network settings. I

The Fireborg : The Big Blocklist Collection

https://firebog.net

Gravity Sync:

https://github.com/vmstan/gravity-sync

https://github.com/azlux/log2ram

https://dnscheck.tools

vcgencmd get_throttled <-- will give you info on conditions that may have caused throttling.

Great write up, thanks.
Instead of a firewall rule, blocking all DNS queries except to Pihole, better create a NAT Port Forward rule, so that all DNS queries except router or a Pihole are redirected to the pihole address. Thus DNS resolution will continue working (for allowed domains) even if somebody (or some malicious IoT device) use custom DNS.
I have an OPNsense (pfSense fork) with Unbound installed onboard (192.168.0.1), and a PiHole on another box (192.168.0.100).
All devices by default query DNS from the router (192.168.0.1).
Above mentioned NAT Port Forward rule redirects all DNS queries to the Pihole (192.168.0.100).
Pihole has Unbound on a router as an upstream (192.168.0.1).
SO, unfortunately, there are some networks hops to and fro, but I cant install Pihole on an OPNsense router (its FreeBSD and not Linux).


Hopefully CrossTalk sees this, but this guide needs to be updated. As of the 10/10/2023 of Debian Bookworm. Debian (and by extension Raspberry Pi OS) does not use dhcpcd as the networking interface. Instead, it uses the more complex/robust NetworkManager. This change can be found in the release notes for RaspberyPi OS here: https://downloads.raspberrypi.com/raspios_lite_arm64/release_notes.txt.
This means that the dhcpcd.conf file will not exist under /etc as the guide suggest. There are ways to use nmcli (the command the interact with NetworkManager) to set a static IP. However, I recommend simply setting up a DHCP reservation using your router. Either way, you cannot set up a static IP using dhcpcd.conf. Hope this helps anyone on their PiHole journey!

static IP on Bookworm:
credits to https://raspberrypi-guide.github.io/networking/set-up-static-ip-address
So I used nmtui command to set up a static ip on bookworm. Looks like they got rid of dhcpcd by default and are going with NetworkManager.
1. type sudo nmtui so you have the right permissions
2. edit the connection you want
4. change ipv4 config to manual
5. Enter your desired ip address into addresses (with a trailing /24, e.g. 192.168.1.77/24)
6. I put my routers ip in the gateway and DNS fields, and also added a second 8.8.8.8 for DNS
7. Exit out of nmtui
8. reboot and it should work
Reference in New Issue View Git Blame Copy Permalink