Ultimate Pi-hole configuration guide, SSL certificates, automatic updates, automatic sync, more!
Pi-hole is an awesome solution to run in your home network to keep your Internet free of ads, malicous traffic, and tracking data. Would you like to learn how to setup a Pi-hole instance in your home lab based on Docker? We take an in-depth look at setting up Pi-hole with Docker in the home lab, how to set up using the Docker run command line, Docker-compose, and then also Docker-compose with Traefik and Pi-hole.
Subscribe to the channel: https://www.youtube.com/channel/UCrxcWtpd1IGHG9RbD_9380A?sub_confirmation=1
My blog:
https://www.virtualizationhowto.com
_____________________________________________________
Social Media:
Tweets by vspinmaster
LinkedIn:
https://www.linkedin.com/in/brandon-lee-vht/
Github:
https://github.com/brandonleegit
Introduction to Pihole, with Docker, SSL certificates, and synchronization – 0:00
Pihole, DNS, and network level ad blocking improving Internet browsing at home – 0:59
What is Pihole? – 1:16
Intercepting DNS requests in your home network – 1:34
Overview of installing Pihole with Docker – 2:14
Using the Docker command line to install Pihole – 2:30
Going through the Docker run command to install Pi-hole – 2:45
Spinning up the Pihole container – 3:54
Issuing Docker ps to see the running Pihole container – 4:13
Browsing out to the web interface of our Pihole container – 4:35
Using Docker Compose to move to HTTPS and SSL certificates – 5:00
Stepping through the Docker Compose file – 5:38
Looking at the Pihole container configuration in Docker Compose – 6:31
Setting the names of the Pihole host in Docker Compose – 7:30
Running the Docker Compose file with Docker up -d – 8:11
Docker-compose ps to view state – 8:35
Browsing out to the Pihole container on the DNS name configured over HTTPS SSL – 8:50
Configuring proper SSL certificates on your Pi-hole container – 9:32
Using Traefik to pull proper SSL certificates – 9:52
Looking at Docker Compose to add Letsencrypt certificates and Cloudflare to pull proper SSL certificates – 10:06
Configuring TLS domains and wildcard certificates from Letsencrypt – 11:15
Entering your Cloudflare email address and API token – 11:47
Talking public DNS – 12:35
Adding a Watchtower container to automatically update your Pi-hole container – 12:47
Running docker-compose up -d – No certificate errors – 13:14
Running multiple Pihole instances for high availability – 13:38
Overview of Gravity sync from VMStan – 13:58
Configuring Gravity Sync – 14:33
Running Gravity sync – 15:00
Wrapping up thoughts on Pi-hole ultimate configuration guide – 16:03
pfSense pfBlockerNG vs Pihole Pros and Cons:
https://www.virtualizationhowto.com/2022/04/pfsense-pfblockerng-vs-pihole-pros-and-cons/
Pihole Local DNS Records synchronized from Active Directory:
https://www.virtualizationhowto.com/2022/01/pihole-local-dns-records-synchronized-from-active-directory/
How to install Pihole on Hyper-V with Debian:
https://www.virtualizationhowto.com/2023/02/how-to-install-pi-hole-on-hyper-v-with-debian/
by VirtualizationHowto
linux dns server
Hi Brandon, can you share the scripts? I can't seem to locate them on your site.Thanks !
I'm a huge fan of what this tech can do, but I really don't want to have to mess around with setting everything up myself. Do you know any reputable seller that I can buy a few of these from?
ok..I want to run this. can you point to the docker file used in the video
gravity sync seems to support only bind mounts in case of containerized pihole… How did you manage your pihole container using Docker volumes and not bind mounts with gravity sync?
Excellent video, best tutorial I have found on this.
Thank you very much! This is an excellent explanation. Can you also include unbound in the mix, and do it in a Proxmox VM or LXC? That will be awesome!
Thanks again
don't waste your time following this guide, it doesn't work.
I liked your teaching, because I'm Brazilian and new to English and your calm speaking helps me understand. Thank you very much
Missing unbound.
Is a copy of the docker compose file available somewhere?
can you add mobile devices/tv's into pi-hole to block ads on those devices
Out of interest, can you have two services request wildcard certificates on the same domain? I already have a similar configuration setup using AMCE on my firewall. I use that to give my firewall a certificate, and other services via haproxy. If I then set traefik up with a wildcard will that confuse everything?
GravitySync is really one part of a High Availability (HA) setup for PiHole.
The second part for a HA setup is to install keepalived on each PiHole and you have to create a configuration file where you specify a virtual IP address that is established between the two devices and you then use this virtual IP address as the DNS address in your DHCP scopes or manually entered on statically any configured devices instead of one or the other or both PiHole IPs.
When the primary PiHole is down for any reason, the secondary becomes the master and instantly picks up to continue serving as the network's DNS server and, because GravitySync is also synchronizing from the primary on a frequent basis, your adlists and other blocking config are already up to date.
When the primary comes back online, it resumes as the master and retakes control.
Could you write down the script in video for us to follow? It is too hard to follow your steps in screen! thanks.
Help>>> After typing docker script
docker run -dit -p 80:80 -p 53:53/udp -p 53:53/tcp -v $(pwd)/etc-pihole:/etc/pihole -v $(pwd)/etc-dnsmasq.d:/etc/dnsmasq.d –name piholetest pihole/pihole:latest
I got the following error.
Emulate Docker CLI using podman. Create /etc/containers/nodocker to quiet msg.
Error: short-name "pihole/pihole:latest" did not resolve to an alias and no unqualified-search registries are defined in "/etc/containers/registries.conf"
Great video. Could you please write a small documentation with the scripts to all of the steps in the video? That would be very helpful to those of us that may make a typo and cause an error that we can't find. Thank you.
When I try to login to pihole. I can oly logo to RaspAP. Can I run both?
How do I set up pihole on my UDM pro once configured?
Hello. I have been watching your videos for a while.
It could be more helpfull if you provide us a link with the code for the docker compose.
Hello, I have tried following your tutorial and have gotten stuck in the beginning. I tried running the command:
docker run -dit -p 80:80 -p 53:53/udp -p 53:53/tcp -v $(pwd)/etc-pihole:etc/pihole -v $(pwd)/etc-dnsmasq.d:/etc/dnsmasq.d –name piholetest pihole/pihole:latest
and I get this error message:
docker: Error response from daemon: invalid volume specification: '/home/pihole2/etc-pihole:etc/pihole': invalid mount config for type "bind": invalid mount path: 'etc/pihole' mount path must be absolute.
Can you please let me know what I am doing wrong?
Thanks for the helpful videos!
You mentioned your local DNS resolver but didn’t say what it was. Just curious what you’re using to resolve local DNS records on your network.
Awesome! Thank you!
A friend installed pi-hole and opnsense in virtualbox which now crashes. I don't know the cause of the problem even when searchingfor the error code. since then I transferred both vm's into vmware andI am trying to find a solution to link pi-hole and opnsense in vmware without starting from the beginning. both vm's work independently without any problem. could you make a small tuto for this kind of problem, please?🙏🙏 thank you very much
Hi great video, its a long time that im searching for pihole DNS setup. Have you the docker compose on GitHub? Many thanx
Thanks for the tutorial, where can we find the tutorial's documentation? The complete docker compose script. Thanks once again
I have recently started watching your videos and I find your content very unique. I'm amazed how your try to solve very specific and real world problems Ops/Admins face. Thank you for the amazing content.
I just have one suggestion. The audio is not very good. It would awesome if the audio quality is improved a bit. Better mics, acoustic panels would improve the audio quality manifold.
Thank you once again!
What if I run win2k19 as my main DNS server already how can I make pihole play nice with that? I want the security of Pihole and would like it to be my recursive DNS server but I want all my records stored on win server.
What if I run win2k19 as my main DNS server already how can I make pihole play nice with that? I want the security of Pihole and would like it to be my recursive DNS server but I want all my records stored on win server.
I'm not sure whether the SSL dropdown contains the same url, but when you're blurring the url make sure to also blur the dropdown when you click the certificate. Depending on whether you wanted to hide the domain or the uri. (You're showing the domain in the video)
Hi sir i hope you will answer me ,opening porte 53 in cloud instance will invite unknown people to use my pihole dns as recursive dns so how i can secure my pihole without vpn allowing traffic just for specific mac addresses , i used iptables but it didn't work
I'll check this out now. Does this pihole container include unbound? Thanks for sharing. I love your content and format
Where exactly to install the pi-hole and how to connect it to a specific network vlan? I didn't see any configuration of Pi-hole here, just the installation
Curious to see if I’m missing anything. I use gravity sync to keep three piholes in sync currently
This was a really good watch ! Awesome job.
Hey! I have a question about virtualized firewalls on two different nodes, where one functions as a failover in case the main node is down for maintenance. How do you accomplish this, if you only have access to a single wan connection? Idea for a new video perhaps? Haven’t seen any covering this exact topic.
Awesome video. Still trying to wrap my head around Traefik 😅