Using Pi-hole with Unbound: Difference between revisions
Prabuanand (talk | contribs) (created page with instructions based on working pizero2W) |
Prabuanand (talk | contribs) m (https does not work) |
||
| (8 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
This page documents the steps to use Pi-hole with | This page documents the steps to use [https://pi-hole.net/ Pi-hole] with [[Setting_up_unbound_DNS_server|unbound]] as an All-Around DNS Solution along with ad-blocker functionality by using a publicly available blacklist. | ||
== Prerequisites == | == Prerequisites == | ||
| Line 9: | Line 9: | ||
Currently the {{pkg|pihole}} is available in the [[Repositories#Testing|testing]] repository. It can be safely installed by following the [[Repositories#Using_testing_repository|guidelines]] for enabling the testing repo and for installing such packages with the use of the ''@testing'' tag. | Currently the {{pkg|pihole}} is available in the [[Repositories#Testing|testing]] repository. It can be safely installed by following the [[Repositories#Using_testing_repository|guidelines]] for enabling the testing repo and for installing such packages with the use of the ''@testing'' tag. | ||
The command below installs the Alpine Linux pihole package:{{cmd| | The command below installs the Alpine Linux pihole package:{{cmd|$ doas apk add pihole@testing}} | ||
== Configuration == | == Configuration == | ||
{{ | Add your local user to the 'pihole' group as follows: {{cmd|$ doas addgroup $USER pihole}} | ||
{{Note|This section uses 192.168.1.3 as IP address of Pi-hole server, while the Internet gateway router/DHCP server is at 192.168.1.1}} | |||
=== Unbound configuration === | |||
Create a file {{Path|/etc/unbound/unbound.conf.d/pi-hole.conf}} based on the content given in [https://docs.pi-hole.net/guides/dns/unbound unbound page of Pi-hole website]. | Create a file {{Path|/etc/unbound/unbound.conf.d/pi-hole.conf}} based on the content given in [https://docs.pi-hole.net/guides/dns/unbound unbound page of Pi-hole website]. | ||
[[Setting_up_unbound_DNS_server#Download root hints|Download root hints]] for the Unbound server. | |||
Ensure that | Ensure that the {{Path|/etc/unbound/unbound.conf}} file has only the following line uncommented:{{Cat|/etc/unbound/unbound.conf|# All lines are to be commented out like this, except the below ... | ||
include-toplevel: "/etc/unbound/unbound.conf.d/*.conf"}} | include-toplevel: "/etc/unbound/unbound.conf.d/*.conf"}} | ||
Once the above changes are made, [[Setting_up_unbound_DNS_server#Service_management|check the unbound config and restart the unbound service]]. | Once the above changes are made, [[Setting_up_unbound_DNS_server#Service_management|check the unbound config and restart the unbound service]]. | ||
Start the {{ic|pihole}} service as per command given in [[#Service management|Service management]] section. | Start the {{ic|pihole}} service as per command given in [[#Service management|Service management]] section. Once the {{ic|pihole}} service is started, connect to pihole admin interface: https://192.168.1.3/admin/ | ||
=== Enable recursive DNS === | |||
Add unbound to the Custom DNS servers section on the admin page: https://192.168.1.3/admin/settings/dns as follows:''' 127.0.0.1#5335''' | Add unbound to the Custom DNS servers section on the admin page: https://192.168.1.3/admin/settings/dns as follows:'''127.0.0.1#5335''' | ||
Remember to '''Save&Apply''' to make the changes to Pi-hole permanent. | Remember to '''Save&Apply''' to make the changes to Pi-hole permanent. | ||
| Line 34: | Line 38: | ||
=== Add blocklist file === | === Add blocklist file === | ||
On the Subscribed lists group management page at https://192.168.1.3/admin/groups/lists, add stevenblack list by adding an entry '''http://sbc.io/hosts/hosts''' and Click '''Add blocklist''' button. | On the Subscribed lists group management page at https://192.168.1.3/admin/groups/lists, add stevenblack list by adding an entry '''http://sbc.io/hosts/hosts''' and Click '''Add blocklist''' button. | ||
To load the blocklist, Update Gravity (list of blocked domains) by clicking '''Update''' on the page https://192.168.1.3/admin/gravity or running the command: {{Cmd|$ pihole -g}} | To load the blocklist, Update Gravity (list of blocked domains) by clicking '''Update''' on the page https://192.168.1.3/admin/gravity or running the command: {{Cmd|$ pihole -g}} | ||
| Line 40: | Line 44: | ||
Ensure that your clients point their DNS to Pi-hole ip address:192.168.1.3 | Ensure that your clients point their DNS to Pi-hole ip address:192.168.1.3 | ||
Enjoy Ad-Free browsing! | Enjoy Ad-Free browsing! | ||
== Service management == | == Service management == | ||
| Line 46: | Line 50: | ||
Add the {{ic|pihole}} service to auto-start using [[OpenRC]]: {{Cmd|$ doas rc-update add pihole default}} | Add the {{ic|pihole}} service to auto-start using [[OpenRC]]: {{Cmd|$ doas rc-update add pihole default}} | ||
{{ic|pihole}} service can be managed using standard start|stop|restart [[OpenRC]] commands. To start the service immediately:{{Cmd|$ doas rc-service pihole start}} | {{ic|pihole}} service can be managed using standard '''start|stop|restart''' [[OpenRC]] commands. To start the service immediately:{{Cmd|$ doas rc-service pihole start}} | ||
== See also == | == See also == | ||
| Line 54: | Line 58: | ||
* [https://docs.pi-hole.net/ Official Pi-hole documentation] | * [https://docs.pi-hole.net/ Official Pi-hole documentation] | ||
* [https://docs.pi-hole.net/guides/dns/unbound/ Pi-hole as All-Around DNS Solution] | * [https://docs.pi-hole.net/guides/dns/unbound/ Pi-hole as All-Around DNS Solution] | ||
[[Category:Networking]] | |||
Latest revision as of 17:53, 3 November 2025
This page documents the steps to use Pi-hole with unbound as an All-Around DNS Solution along with ad-blocker functionality by using a publicly available blacklist.
Prerequisites
Installation
Currently the pihole is available in the testing repository. It can be safely installed by following the guidelines for enabling the testing repo and for installing such packages with the use of the @testing tag.
The command below installs the Alpine Linux pihole package:
$ doas apk add pihole@testing
Configuration
Add your local user to the 'pihole' group as follows:
$ doas addgroup $USER pihole
Unbound configuration
Create a file /etc/unbound/unbound.conf.d/pi-hole.conf based on the content given in unbound page of Pi-hole website.
Download root hints for the Unbound server.
Ensure that the /etc/unbound/unbound.conf file has only the following line uncommented:
Contents of /etc/unbound/unbound.conf
Once the above changes are made, check the unbound config and restart the unbound service.
Start the pihole service as per command given in Service management section. Once the pihole service is started, connect to pihole admin interface: https://192.168.1.3/admin/
Enable recursive DNS
Add unbound to the Custom DNS servers section on the admin page: https://192.168.1.3/admin/settings/dns as follows:127.0.0.1#5335
Remember to Save&Apply to make the changes to Pi-hole permanent.
Add blocklist file
On the Subscribed lists group management page at https://192.168.1.3/admin/groups/lists, add stevenblack list by adding an entry http://sbc.io/hosts/hosts and Click Add blocklist button.
To load the blocklist, Update Gravity (list of blocked domains) by clicking Update on the page https://192.168.1.3/admin/gravity or running the command:
$ pihole -g
Ensure that your clients point their DNS to Pi-hole ip address:192.168.1.3
Enjoy Ad-Free browsing!
Service management
Add the pihole service to auto-start using OpenRC:
$ doas rc-update add pihole default
pihole service can be managed using standard start|stop|restart OpenRC commands. To start the service immediately:
$ doas rc-service pihole start