Block Internet advertising across the network - Pi-hole/Docker

Diese Seite gibt es auch in Deutsch

By using an adblocker, it is possible to hide a large part of the advertisements displayed on the Internet. If you are looking for a central adblocker for your home network, you should take a look at the adblocker Pi-hole. Pi-hole is an open source DNS server with integrated tracking and ad blocker. Pi-hole runs on popular Linux systems and can thus be run on a Raspberry Pi or in a Docker container, among other things.

Docker Basics

Docker allows applications to be launched by command in a so-called container.
A container is an isolated environment independent of the operating system (OS):
When a container is first launched, Docker independently loads all the necessary sources
from the internet.
Docker can be installed on Windows, macOS or an Linux Distribution

To ensure that the DNS queries of all devices in the network are answered by Pi-hole, the IP address of Pi-hole can be stored centrally on the router as a DNS server. Devices with automatic address assignment: DHCP, thereby use Pi-hole as DNS and thus its advertising filter.

📢 A new post will probably be linked here on 2022-10-06: My OpenWRT-Setup allow push notifications?
I use Pi-hole as Docker container on my NAS, see also: Build NAS yourself: flexible, power saving and cheap [HowTo].

docker-compose.yml

Since port 80 on my NAS is already occupied elsewhere, I use a slightly customized version of the manufacturer's docker-compose.yml:

version: "3"

# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/
services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "67:67/udp"
      - "84:80/tcp"
    environment:
      TZ: 'Europe/Amsterdam'
      WEBPASSWORD: 'password'
    # Volumes store your data between container upgrades
    volumes:
      - './etc-pihole/:/etc/pihole/'
      - './etc-dnsmasq.d/:/etc/dnsmasq.d/'
    # Recommended but not required (DHCP needs NET_ADMIN)
    #   https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
    cap_add:
      - NET_ADMIN
    restart: always

In the file, port 84 is mapped to 80. Accordingly, the admin interface is later accessible under the IP address of the NAS with port 84. In addition, I have filled the variable "WEBPASSWORD" with a secure password. The example uses bind mounts and not docker volumes to permanently store data.

📢 A new post will probably be linked here on 2022-10-13: Docker Volumes vs Bind Mounts allow push notifications?

The container is started in the terminal with the following command: 

docker-compose up

At the first start I had a problem with port 53, it was already occupied on my NAS:

Ubuntu/Debian port 53 occupied.

Since my NAS uses Debian, the systemd-resolv service blocks DNS port 53. So that port 53 can be used for the Pi-hole Docker container, I disabled the systemd-resolv service.

user@rechner:/docker/pi-hole$ sudo netstat -tulpn | grep LISTEN
...
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      1279/systemd-resolv
...
user@rechner:/docker/pi-hole$ sudo systemctl disable systemd-resolved.service
Removed /etc/systemd/system/dbus-org.freedesktop.resolve1.service.
Removed /etc/systemd/system/multi-user.target.wants/systemd-resolved.service.
user@rechner:/docker/pi-hole$  sudo systemctl stop systemd-resolved

Admin interface

The admin interface is called in the browser with the IP address of the NAS and the previously used port 84:

http://x.x.x.x:84/admin

Pi-hole uses a predefined blacklist and shows statistics about the clients and the allowed, as well as blocked domains already on the start page:

In addition to Pi-hole, I currently use the DNS servers of OpenDNS as upstream DNS servers to banish adult content from the home network as far as possible.

📢 A new post will be linked here shortly: child-safe Internet via the home network allow push notifications?

In Pi-hole, the setting for the upstream DNS server is located under Settings/DNS:

 

 

positive Bewertung({{pro_count}})
Rate Post:
{{percentage}} % positive
negative Bewertung({{con_count}})

THANK YOU for your review!

Publication: 2022-09-23 from Bernhard


Top articles in this section


Home Assistant Docker Conbee 2 and Zigbee2MQTT / deCONZ
Thanks to numerous integration options,Home Assistant is a simple platform for controlling a wide range of smart home devices. Compared to ioBroker, I found it much easier to get started with Home Assistant. While for ioBroker I was still searching for which frontend I could use for my dashboards, with Home-Assistant I had a ready-made system out of the box. Home Assistant's Lovelance dashboards can be easily clicked together in the GUI and adapted for special customizations in the code editor...

Nextcloud Server Docker | Setup + https: Let's Encrypt [ssl]
To synchronize contacts, appointments, and photos of my NAS, I tested Nextcloud and thus turned my back on other cloud providers for my private data. Thanks to Docker, the installation is easier and more flexible than ever, allowing Nextcloud to run on almost any hardware.

Running Bitwarden in Docker - Setup step by step
Bitwarden is a web-based password manager, similar to LastPass, but open source and the ability to run (host) it yourself. How Bitwarden compares to other password managers, I considered on the following page: Password Managers Secure? KeePass vs LastPass vs Bitwarden.

Questions / Comments


By continuing to browse the site, you agree to our use of cookies. More Details