Installing Pi-Hole on to the Raspberry Pi

First we need to disable linux dns server running on port 53 (if it is there)

sudo systemctl stop system-resolved.service
sudo systemctl disable system-resolved.service

change the nameserver

sudo nano /etc/resolv.conf

nameserver 8.8.8.8

1. To set up our network-wide adblocker, we are going to utilize a piece of software called Pi-hole.

Pi-Hole is the software package that will be handling everything for us. It sets up and configures a DNS server that can be configured to whitelist and block individual domain names.

It also provides a fancy web frontend to the whole system. This frontend allows you to see the statistics in real-time and make changes to the Pi-hole configuration. This includes the ability to whitelist or blacklist specific URLs.

The Pi-hole install script automatically installs the Lighttpd web server. You don’t have to worry about setting your own up beforehand.

We can run this single command to download and run the Pi-hole install script.

curl -sSL https://install.pi-hole.net | sudo bash

While we know Pi-hole is safe, if you want to check the script that we will be running yourself, go to the Pi-hole install domain in your web browser.

2. Once you have run the command, it will download and run the script that begins setting up your device for Pi-hole.

A few of the tasks it does are verifying the amount of available free disk space, updating the package list, and several other things.

3. The first screen informs you that you are about to transform your Raspberry Pi into a network-wide adblocker.

Press the ENTER key to continue to the next screen.

4. You will be informed that you can donate to help with the development of Pi-Hole.

If you would like to help the team out, follow the link shown within this step.

Press the ENTER key to continue with the setup process.

5. Next, is a screen informing you that you must have a static IP address.

The installation script will handle this process for you. However, it is best to set the IP through your router using DHCP reservation as well.

Continue to the first set up steps by pressing ENTER.

6. You can now choose an upstream DNS provider for PiHole to use.

Whenever Pi-hole has a request that isn’t cached or blocked, it will contact the upstream provider for the IP address.

For our tutorial, we will be using Cloudflare as our DNS provider.

You can select your option by using the ARROW keys. Once chosen, press the ENTER key.

7. Here we can deselect some of the third party lists that will be enabled by default.

These lists are used by Pi-hole to know what domains it should block from loading.

Use the ARROW keys and SPACEBAR to select or deselect a list.

Once you are happy with the selected lists, you can press the ENTER key to continue.

8. Now we have to select the protocols we want to utilize.

Unless you have a reason, you don’t want to block ads over a particular protocol, leave these options.

Press the ENTER key to continue.

9. You will now be asked if the current network settings are fine to use for the static IP address setup.

You can see the IP address that it will use on this screen (1.).

If you are happy with the settings, select <Yes>, then press the ENTER key.

10. You will now be warned that there is a chance the router will assign this IP address to another device.

However, most routers will try and avoid this from becoming a problem. To completely solve this problem, you will need to use DHCP reservation as well.

Press the ENTER key to continue.

11. You will now be asked if you want to set up the Pi-hole web admin interface on your Raspberry Pi.

We recommend installing the web interface as it gives you access to an easy way to configure Pi-hole and check on statistics.

Use the ARROW keys, and SPACEBAR to select the option you want.

Once selected, press the ENTER key to continue.

12. You will now be prompted if you want to install the Lighttpd web server.

Unless you have a web server installed that you want to use, select the On option.

Once selected, press the ENTER key.

13. Now you will be asked if you want to log the DNS queries.

We recommend that you leave this switched to “On” as it allows you to keep track of the domain names loaded and have some neat statistics.

Press the ENTER key to continue with the installation.

14. We can configure the level of privacy we want our Pi-hole DNS server to have.

For our guide, we will be sticking with “0 Show everything“. This setting allows us to retain the most statistics.

Use the ARROW keys, and SPACEBAR to select your privacy setting. Once set, press the ENTER key.

15. Installation of the Pi-hole server on your Raspberry Pi has now completed.

This screen will tell you how you can gain access to the Pi-hole web interface (1.).

As well as show you the password that you need to use to log in to the admin account (2.).

A Quick Look into the Pi-hole Web Interface

1. To get to The Raspberry Pi Pi-hole web interface, all we need to do is go to the following web address in your favorite web browser.

Make sure you swap out 192.168.1.105 with the IP address that was displayed in the last step of the previous section.

http://192.168.1.105/admin/

2. You will be greeted with the following screen. At the moment, this will not show any real stats as we haven’t hooked it up to anything.

For now, let’s just go straight to the Login page. You can find this by clicking “Login” in the sidebar.

3. On here, you need to enter the password that you got at the end of the installation of Pi-hole to log in.

4. You will now be presented with the admin dashboard.

This dashboard is just like the normal one with a couple more graphs and access to all of the configuration pages.

Below we will go through some of the pages that are available within the Pi-hole interface.

• Query Log – The query log shows all the most recent queries that have been made to the DNS server. It is an easy way to find a recent address that may have been loaded and blacklist them.
• Whitelist – This screen allows you to add certain domain names to Pi-hole’s whitelist. This whitelist means those websites will no longer be blocked by the DNS server. However, if that domain is blocked by a wildcard, then it will continue to be blocked.
• Blacklist – This screen allows you to add certain domain names into Pi-hole’s blacklist. This means those websites will be blocked by the DNS server.
• Disable – These options allow you to temporarily or permanently disable the blocking functionality of Pi-hole. It will continue to function as a normal DNS server while disabled but will no longer block DNS requests.

Tools

• Update Lists -This tool allows you to trigger an update of the ad blocking lists. It is useful for ensuring you are running the latest versions of the ad block lists.
• Query Adlists – This tool allows you to find out if a certain URL is being included in the ad blocking lists, it is useful for checking why a certain URL might be getting blocked.
• Tail pihole.log – This tool shows the last lines of the pihole.log file and continually updates live, this is useful for checking to see what Pi-hole is doing to requests.
• Settings – This section contains some configurable settings, this allows you to change the way your DNS works, what upstream DNS providers you want to use among several other options. You can even enable DNSSEC in the options.

For the average user, you will not need to change these options unless you made a mistake in the initial installation.

To change the password given

sudo pihole -a -p

Add php-sqlite3 if you plan to use apache

sudo apt install php-sqlite3
sudo apt install libsqlite3-dev

Add www-data to pihole group

usermod -aG pihole www-data

To see any log:

sudo tailf /var/log/apache2/error.log

To repair or run the setup wizard again

pihole -r

Block list:
https://firebog.net/
https://chadmayfield.com/2017/06/29/blocking-porn-with-pihole/
https://github.com/crpietschmann/pi-hole-blocklist

Youtube: https://raw.githubusercontent.com/kboghdady/youTube_ads_4_pi-hole/master/youtubelist.txt

Porn: https://raw.githubusercontent.com/chadmayfield/my-pihole-blocklists/master/lists/pi_blocklist_porn_all.list

Docker Setup

Create two volumes

docker volume create pihole_app
docker volume create dns_config
docker volume ls

or use a path like /dkr/pihole/data/

Disable the default dns resolver

sudo systemctl stop systemd-resolved
sudo systemctl disable systemd-resolved

version: "3"

# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/
services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    # For DHCP it is recommended to remove these ports and instead add: network_mode: "host"
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "67:67/udp" # Only required if you are using Pi-hole as your DHCP server
      - "80:80/tcp"
    environment:
      TZ: 'America/Dhaka'
      WEBPASSWORD: YOUR_VERY_SECURE_PASSWD
    # Volumes store your data between container upgrades
    volumes:
      - './etc-pihole:/etc/pihole'
      - './etc-dnsmasq.d:/etc/dnsmasq.d'    
    #   https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
    cap_add:
      - NET_ADMIN # Recommended but not required (DHCP needs NET_ADMIN)      
    restart: unless-stopped
    dns:
      - 127.0.0.1
      - 8.8.8.8

My docker-compose.yml

version: "3"

services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "67:67/udp"
      - "81:80/tcp"
    environment:
      TZ: 'America/Dhaka'
      WEBPASSWORD: I_WONT_TELL_YOU_MY_PASSWORD
    volumes:
      - '/dkr/pihole/data:/etc/pihole'
      - '/dkr/pihole/dnsmasq.d:/etc/dnsmasq.d'
    cap_add:
      - NET_ADMIN   
    restart: unless-stopped
    dns:
      - 127.0.0.1
      - 8.8.8.8

Clear the dns cache and check

ipconfig /flushdns
ping youtube.com