Pi-Hole - Network wide Ad blocking

  • @UZI

    • Thanks for your reply. I have never used vbox before, so I'm a little apprehensive about setting it up, especially on a headless machine like my OMV NAS is. Are there any guides out there for using the vbox plugin? I haven't found anything thus far.
    • I would have to hook up to the machine to get into the bios to enable virtualization cause I think it's disabled by default :(
    • I agree that using VM makes sense for this. My OMV box has a Pentium G4560 so it should have plenty of horsepower to run VM's. OMV doesn't tax it much except when doing a snapraid scrub.
    • I have never heard of NextCloud, but I read some about it, and now I want it! So your nextcloud files are all in OMV shares that you access through SMB? That's cool because then those files would be protected by raid or snapraid or rsync or whatever you're using.
  • Virtualbox is pretty simple. You can download the virtualbox software on your PC and try it. It is almost the same for the Webinterface version besides you have less settings to configure. There´s not much you can do wrong here. If you get stuck anywhere, you can just create a thread here :)

  • I was able to install Pi-Hole (current version as of today, 3.1) directly on my RPi1 running OMV 2.2.14.
    Installation worked great, the only thing I had to do afterwards is to configure a different port for lighttpd and restart it:


    curl -sSL https://install.pi-hole.net | bash
    nano /etc/lighttpd/lighttpd.conf
    -> set server.port to something that is not used by OMV (I used 8080)


    /etc/init.d/lighttpd restart


    Then I was able to log into the web interface using http://openmediavault:8080/admin
    Works great :) Would be nice to have Pi-Hole as an OMV-plugin though ...

  • the only thing I had to do afterwards is to configure a different port for lighttpd and restart it:

    Thanks mate, it worked on my PcDuino 3 Nano altogether with OMV 3.0!

    24/7 PCDuino3 Nano OMV 4 (custom built armbian with debian 9), 1drive
    OMV 4, AMD A8-5600k + 16gb, 8 drives, 26TB of storage, zalman r1 with custom hdd bracing

    test OMV 5, AMD e350 + 4gb, 1 drive , DIY enclosure from Nokia D-Box 2 case.

  • This thread popped up again, so as an update from me, I've been running Pi-hole in vbox for over a year now. I'm using a Dietpi VM and it works great. No OS installation necessary. http://www.dietpi.com


    I love pi-hole so much, I setup a VPN on my router so I could surf ad-free on my phone from anywhere, not just at home.

    • Offizieller Beitrag

    No OS installation necessary.

    If you run pihole in a docker, no OS installation is necessary either :)

    omv 7.0.4-2 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.10 | compose 7.1.2 | k8s 7.0-6 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

    • Offizieller Beitrag

    True, but can you update pi-hole when new updates are available? All I need to do is SSH into the VM and do a "pihole -up".

    Sure. You shutdown the old container and spin up a new one (assuming you have the right tags). It will start using the latest code. watchtower can do it automagically for you.

    omv 7.0.4-2 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.10 | compose 7.1.2 | k8s 7.0-6 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

  • Neat. But what about flmaxey's pi-hole docker tutorial that says this:


    ** If upgrading to the latest image, it is recommended that the previous container is stopped/deleted, delete the previous image, delete the macvlan driver in the networks tab and delete the file contents of /dockerparms/pihole . Then proceed with the installation of the new image as follows.**


    Sounds a lot more involved than what you describe. Sounds like starting over every time.

  • I have 2 OMV servers, one is on PcDuino 3 Nano (ARM CPU + 1 SATA) and one X86 with 7 HDDs, it's noisy and I don't need it all the time. So no docker on pcduino etc, but no noise also.

    24/7 PCDuino3 Nano OMV 4 (custom built armbian with debian 9), 1drive
    OMV 4, AMD A8-5600k + 16gb, 8 drives, 26TB of storage, zalman r1 with custom hdd bracing

    test OMV 5, AMD e350 + 4gb, 1 drive , DIY enclosure from Nokia D-Box 2 case.

  • I have 2 OMV servers, one is on PcDuino 3 Nano (ARM CPU + 1 SATA) and one X86 with 7 HDDs, it's noisy and I don't need it all the time. So no docker on pcduino etc, but no noise also.

    That works. Honestly I'd like to get an SBC to run Pi-hole simply because then I don't need the NAS powered up in order for the internet to work. If the power goes out, I can shutdown the server and the UPS could keep the modem, router and pi-hole running for hours.

    • Offizieller Beitrag

    Sounds a lot more involved than what you describe. Sounds like starting over every time.

    That is his method. Do some searching and you will find plenty of people using the method I described. Use whatever works for you.

    omv 7.0.4-2 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.10 | compose 7.1.2 | k8s 7.0-6 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!


  • And think twice about using Google's DNS as 'some tutorial' suggest if your use case (Pi-Hole) is about privacy. Handing out everything what happens in your local network to Google is most probably not exactly what you want in this case.


    Agree 100%. I use pi-hole with my ISP's DNS.

    • Offizieller Beitrag

    And think twice about using Google's DNS as 'some tutorial' suggest if your use case (Pi-Hole) is about privacy. Handing out everything what happens in your local network to Google is most probably not exactly what you want in this case.

    Privacy on the internet... What an entertaining notion... Without really good VPN equipment or, better yet, Class A encryption point to point, there's no such thing as "privacy" on the internet. It's simply a matter of "who" collects a users ephemerous networking data. On the other hand Pi-hole can, and does, block Microsoft's "known" telemetry servers from coming into a user's LAN and plugging directly into Windows clients.


    I used the Google server as an "example", in a HOW-TO. An example is, by definition "one". While there are others, Google supports DNSSEC and ANYCAST which, in the vast majority of cases, will locate the nearest end point server and provide some protection from "man in the middle" DNS attacks and cache poisoning.
    But as I've repeatedly pointed out, there are several public DNS server choices. There are also plenty, within that group, that support both DNSSEC and ANYCAST.


    Of course, if I botched it in your opinion, feel free to write a better Pi-hole How-To. We'll see how that goes... :)


    Agree 100%. I use pi-hole with my ISP's DNS.

    The question to be asked is, how do you know your ISP's DNS server, is actually a DNS server? It's easy to set up a proxy server that appears to be a DNS server, but actually forwards requests up-line to an authoritative public server. Some ISP's do this and it's not easy to detect.


    To look at it clearly, ISP's route data for money and it's all about the money. In attempts to "traffic shape", ISP's have a number of tools at their disposal which include DNS redirects, point-to-point tunnels, BGP, eBGP (protocols that route by policy, with cost as a primary metric), and others. ISP's can, and do, route traffic half way around the planet, if it will save a few dollars, rather than take a direct route. (And that longer path might be used for your high bandwidth Netflix streaming account.) In the bottom line, your ISP does not always have your best interests at heart.


    While it's impossible to prevent all forms of traffic shaping:
    In my case, I chose not to grant my ISP all the tools they typically use to easily track what I'm doing, throttle my traffic, etc. Since the vast majority of users hand them this information, the small percentage who do not are, for the most part, lost in the noise.


    Setting aside ISP's known manipulation of DNS, I believe better security is offered on public servers, so I use public servers. But that's just my opinion, and it's all about choices and what we're comfortable with. Since it obviously works, there's nothing wrong with using your ISP's DNS.

    • Offizieller Beitrag

    Neat. But what about flmaxey's pi-hole docker tutorial that says this:


    ** If upgrading to the latest image, it is recommended that the previous container is stopped/deleted, delete the previous image, delete the macvlan driver in the networks tab and delete the file contents of /dockerparms/pihole . [/b]Then proceed with the installation of the new image as follows.**


    Sounds a lot more involved than what you describe. Sounds like starting over every time.

    The How-To was written to cover as many cases as possible. From PM's and threads, in a couple cases, problems were experienced in upgrading the image and container to the latest version, when the older volumes and bind points were retained. In one case, the macvlan interface refused to be reused. In these cases, if the older bind volumes and points and the macvlan interface are deleted, the new Pi-hole container works as intended. Since there's no way to determine how many are affected, it made sense to edit the How-To to take these issues into account.


    When I upgrade, I've had no problem with reusing the macvlan interface and the older volumes and bind points merged seamlessly into the new version. (Which retains custom black and white lists and other settings.)
    Thinking about it, perhaps an update is order, so that those without the fringe issues (the majority) can merge their settings into a new container.

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!