dankone's User Avatar

@dankone

in /technology 4 months ago

Signup / Login

Posting self hosted software every day until we have communities - Day 1 - Pihole

Hi, it’s me. Your favorite Digg user. We don’t have a self hosted community and I’m not fond of the consumer technology articles that I seem to see here so frequently. So, until I can post to a homelab dedicated community, you’re stuck with me here. I’m kicking off this series with one of the most beginner friendly pieces of self-hosted software with pihole: the ultimate network guardian that nukes ads before they even hit your devices. I personally prefer Technitium for all of this, but we have to start somewhere. At its core, pihole acts as a DNS sinkhole, intercepting requests to known ad-serving domains and blocking them flat out, which means ad-free browsing across your entire home network without needing extensions on every browser or app. It’s domain-based, so it shines on web ads and trackers but might miss some in-app or embedded ads. Still, for most folks, it’s a tool that can cut data usage and speed up your typical webpage load time simply by nature of cached DNS queries using recursive DNS. I’ll post a link at the end of this article showing an installation along with unbound. There are other (better, in my opinion) ways to go about this without unbound, but this is just day 1. Once you’re up and running, you’ll need a blocklist. These are like flavors of ice cream and everyone’s got their favorite. StevenBlack’s unified hosts file for broad coverage, the Firebog curated lists (grab the ticked ones for a balanced mix without overblocking), and OISD’s are decent starting places. Beyond ads, pihole’s DNS server lets you override resolutions network-wide, which opens the door to other highly useful things like mapping custom domains to your local servers. Think pointing “mynas.local” straight to your home storage box without messing with hosts files on every device or needing to memorize IP addresses and port numbers. Pi-hole isn’t just DNS. Enable its DHCP server and it can hand out IPs to your devices, making it a solid backup to your router/firewall’s built-in DHCP server for redundancy. Pair it with some basic scripts on your main server to sniff DHCP request packets (tcpdump or Python’s scapy), and you can automate failover or logging if your primary DHCP flakes out. Go a step further and you can hand out leases on separate subnets to keep things clean after restoration of typical services. I use this across 20+ remote sites for DHCP resiliency at work as a hyper cheap solution that hasn’t failed me in the two years I’ve had it set up. Grab it from pi-hole.net and spin it up on a Raspberry Pi, N100/N150, or as a small VM. Older pihole + unbound video from Craft Computing that also addresses upstream DNS configuration: https://youtu.be/FnFtWsZ8IP0

8 Comments