Ubuntu/Bespin/PiHole

From charlesreid1

Main article: Ubuntu/Bespin

Running PiHole via Docker on Ubuntu 18.04

Notes on Networking and Ports

PiHole acts as a DNS server for Bespin, listening on port 53 by default. This complicates things for us:

  • We already set up dnsmasq to run as a DNS and DHCP server for the wireless AP hotspot
  • If we hadn't set up dnsmasq, Ubuntu already has a built-in DNS server (systemd-resolvd) running on port 53 (see Ubuntu/Bespin for instructions to disable)

PiHole on Non-Standard Port

We are using dnsmasq as DNS for the wifi AP - dnsmasq handles requests from clients on the AP.

The dnsmasq server passes along DNS requests it doesn't know how to resolve. We define the upstream DNS servers that dnsmasq uses. Instead of using 1.1.1.1 or 8.8.8.8, we can point to the PiHole DNS server.

Now, if a client on the AP requests "github.com", the request will go to dnsmasq. dnsmasq will not find it in /etc/hosts so it will pass the request on to the upstream DNS server - the PiHole. The PiHole checks whether the request should be filtered, and whether it can answer the request. If not, it forwards the request on to another DNS server.

In other words, the PiHole sits between the system DNS server and external DNS servers and acts as a kind of DNS proxy.

Install Stuff

Docker

Thanks to the Ansible step covered on the Ubuntu/Bespin page, Docker is already installed on Bespin. 

$ which docker
/usr/bin/docker

$ which docker-compose
/usr/local/bin/docker-compose

PiHole Docker Image

Pull the latest pihole docker image: 

docker pull pihole/pihole:latest
Main article: Ubuntu/Bespin

Create Docker Compose File

  pihole:
    container_name: pihole
    domainname: docker
    hostname: pihole
    image: pihole/pihole:latest
    ports:
      - '53:53/tcp'
      - '53:53/udp'
      # - '67:67/udp'
      - '80:80'
      - '443:443'
    restart: unless-stopped
    volumes:
      - ${USERDIR}/docker/pihole/pihole:/etc/pihole
      # - ${USERDIR}/docker/pihole/pihole.log:/var/log/pihole.log
      - ${USERDIR}/docker/pihole/dnsmasq.d:/etc/dnsmasq.d
    cap_add:
      - NET_ADMIN
    environment:
      - ServerIP=${SERVER_IP}
      - TZ=${TZ}
      - WEBPASSWORD=PIHOLEWEBPASSWORD
      - DNS1=127.0.0.1
      - DNS2=1.1.1.1

Create Startup Service

Create a startup service:

/etc/systemd/system/pihole.service 

[Unit]
Description=charlesreid1 docker pod
Requires=docker.service
After=docker.service

[Service]
Restart=always
StandardError=null
StandardOutput=null
ExecStart=/usr/local/bin/docker-compose -f /path/to/docker-compose.yml up
ExecStop=/usr/local/bin/docker-compose  -f /path/to/docker-compose.yml stop

[Install]
WantedBy=default.target

Related Flags

Retrieved from "https://charlesreid1.com/w/index.php?title=Ubuntu/Bespin/PiHole&oldid=28015"