Set Up Pi-Hole On Raspberry Pi 3

A few weeks ago I switched to DuckDuckGo from Google (sometimes I still need to Google, but overall it is great). About that time I found out about DNS Sinkhole for ads - Pi-Hole. I use AdGuard on my laptop, but I thought that blocking ads and trackers on DNS level is a great idea and it will block ads and trackers on my Android phone also, so I decided to set it up on my secondary Raspberry Pi 3 (Model B v1.2).


Installing OS (Arch Linux)

I installed Arch Linux [AArch64] (on Ubuntu bsdtar = tar) on this Raspberry Pi, because I have the same OS for Raspberry Pi devices at my work. If you follow guide from link above - it will be easy, this installation even enables SSH server by default.

SSH into the device and run some basic commands to make things easy and secure (make sure you run all commands from guide above first):

# Change alarm user password for something more secure than alarm
passwd
# Become root
su
# Update system
pacman -Syu
# Install sudo
pacman -S sudo
# Yeah, vi is not for me, yet
export EDITOR=nano
# Add line "alarm ALL=(ALL) ALL"
visudo
# Change root password for something random and long (32+ symbols)
passwd

Now your alarm user is sudoer and you can logout from root user and proceed as alarm user:

# Change your SSH configuration for more security
# (disable password authentications and root login for example)
sudo nano /etc/ssh/sshd_config
# Change your timezone
sudo timedatectl set-timezone Europe/Tallinn
# Change your hostname
sudo hostnamectl set-hostname igor-pi-secondary

Install Pi-Hole

I use command from their website (I know that this is not secure):

curl -sSL https://install.pi-hole.net | sudo bash

And I get first problem:

[alarm@igor-pi-secondary ~]$ curl -sSL https://install.pi-hole.net | sudo bash
[sudo] password for alarm: 
stty: 'standard input': Inappropriate ioctl for device

  [✓] Root user check

        .;;,.
        .ccccc:,.
         :cccclll:.      ..,,
          :ccccclll.   ;ooodc
           'ccll:;ll .oooodc
             .;cll.;;looo:.
                 .. ','.
                .',,,,,,'.
              .',,,,,,,,,,.
            .',,,,,,,,,,,,....
          ....''',,,,,,,'.......
        .........  ....  .........
        ..........      ..........
        ..........      ..........
        .........  ....  .........
          ........,,,,,,,'......
            ....',,,,,,,,,,,,.
               .',,,,,,,,,'.
                .',,,,,,'.
                  ..'''.

  [✗] OS distribution not supported

My reaction when I remember that Docker exists:

So I just install Docker with docker-compose to make it work:

sudo pacman -S docker
sudo systemctl enable docker.service
sudo pacman -S python-pip
sudo pip install docker-compose

sudo pacman -S git
# Add content of "~/.ssh/id_rsa.pub" as your GitHub account SSH key
ssh-keygen
git clone git@github.com:pi-hole/docker-pi-hole.git
cd docker-pi-hole

# Port 53 is reserved by systemd-resolved, disable this service
sudo systemctl stop systemd-resolved
sudo systemctl disable systemd-resolved

Then you need to change docker-compose.yml file to something like this:

version: "3"
services:
  pihole:
    image: pihole/pihole:latest
    cap_add:
      - NET_ADMIN
    dns:
      - 127.0.0.1
      - 1.1.1.1
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "80:80/tcp"
      - "443:443/tcp"
    environment:
      ServerIP: '192.168.42.5'
      TZ: 'Europe/Tallinn'
      WEBPASSWORD: 'yoursecurepass'
      DNS1: '1.1.1.1'
      DNS2: '8.8.8.8'
      IPv6: 'False'
    volumes:
      - '/home/alarm/docker-pi-hole/etc:/etc/pihole'
      - '/home/alarm/docker-pi-hole/dnsmasq.d:/etc/dnsmasq.d'
    restart: always

It should work as soon as you run it via:

sudo docker-compose up -d

Set it as your DNS server in your device's network configuration and go to http://pi.hole/admin to configure it as you like.

P.S. Because it is Docker - it should work the same on any platform :)

Happy Experimenting!


[UPDATE 1]

How To Update

Go to folder with repository and execute commands below:

sudo docker-compose pull
sudo docker-compose down
sudo docker-compose up -d
comments powered by Disqus