Block Internet advertising across the network - Pi-hole/Docker

 

By using an adblocker, it is possible to hide a large part of the advertisements displayed on the Internet. If you are looking for a central adblocker for your home network, you should take a look at the adblocker Pi-hole. Pi-hole is an open source DNS server with integrated tracking and ad blocker. Pi-hole runs on popular Linux systems and can thus be run on a Raspberry Pi or in a Docker container, among other things.

Docker Basics

Docker allows applications to be launched by command in a so-called container.
A container is an isolated environment independent of the operating system (OS):
When a container is first launched, Docker independently loads all the necessary sources
from the internet.
Docker can be installed on Windows, macOS or an Linux Distribution

To ensure that the DNS queries of all devices in the network are answered by Pi-hole, the IP address of Pi-hole can be stored centrally on the router as a DNS server. Devices with automatic address assignment: DHCP, thereby use Pi-hole as DNS and thus its advertising filter. As an example, in the free router firmware OpenWRT, the DNS can be adjusted as follows: OpenWRT - my setup. I use Pi-hole as Docker container on my NAS, see also: Build NAS yourself: flexible, power saving and cheap [HowTo].

docker-compose.yml

Since port 80 on my NAS is already occupied elsewhere, I use a slightly customized version of the manufacturer's docker-compose.yml:

version: "3"

# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/
services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "67:67/udp"
      - "84:80/tcp"
    environment:
      TZ: 'Europe/Amsterdam'
      WEBPASSWORD: 'password'
    # Volumes store your data between container upgrades
    volumes:
      - './etc-pihole/:/etc/pihole/'
      - './etc-dnsmasq.d/:/etc/dnsmasq.d/'
    # Recommended but not required (DHCP needs NET_ADMIN)
    #   https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
    cap_add:
      - NET_ADMIN
    restart: always

In the file, port 84 is mapped to 80. Accordingly, the admin interface is later accessible under the IP address of the NAS with port 84. In addition, I have filled the variable "WEBPASSWORD" with a secure password. The example uses bind mounts and not docker volumes to permanently store data. See: Docker data storage: Docker Volumes vs. Host Folders

The container is started in the terminal with the following command: 

docker-compose up

At the first start I had a problem with port 53, it was already occupied on my NAS:

Ubuntu/Debian port 53 occupied.

Since my NAS uses Debian, the systemd-resolv service blocks DNS port 53. So that port 53 can be used for the Pi-hole Docker container, I disabled the systemd-resolv service.

user@rechner:/docker/pi-hole$ sudo netstat -tulpn | grep LISTEN
...
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      1279/systemd-resolv
...
user@rechner:/docker/pi-hole$ sudo systemctl disable systemd-resolved.service
Removed /etc/systemd/system/dbus-org.freedesktop.resolve1.service.
Removed /etc/systemd/system/multi-user.target.wants/systemd-resolved.service.
user@rechner:/docker/pi-hole$  sudo systemctl stop systemd-resolved

Admin interface

The admin interface is called in the browser with the IP address of the NAS and the previously used port 84:

http://x.x.x.x:84/admin

Pi-hole uses a predefined blacklist and shows statistics about the clients and the allowed, as well as blocked domains already on the start page:

In addition to Pi-hole, I currently use the DNS servers of OpenDNS as upstream DNS servers to banish adult content from the home network as far as possible. See: child-safe Internet via the home network - DNS on the router

In Pi-hole, the setting for the upstream DNS server is located under Settings/DNS:

 

 

positive Bewertung({{pro_count}})
Rate Post:
{{percentage}} % positive
negative Bewertung({{con_count}})

THANK YOU for your review!
Updated: 2022-10-14 von Bernhard | Übersetzung Deutsch |🔔 | Comments:0
Self-hosting GIT repositories: launch GitLab as a Docker container | Container

Top articles in this section

Nextcloud Server Docker | Setup + https: Let's Encrypt [ssl]

To synchronize contacts, appointments, and photos of my NAS, I tested Nextcloud and thus turned my back on other cloud providers for my private data. Thanks to Docker, the installation is easier and more flexible than ever, allowing Nextcloud to run on almost any hardware.

Send signal messages via script / API: signal-cli-rest-api

The well-known Signal Messenger can besides the app also be used via command line or from other systems. The signal-cli-rest-api, which is available in the form of a Docker container, offers a simple option for this. For the API to work, it has to be coupled via the Signal app beforehand.

Commissioning Zigbee2MQTT in Docker - step by step

Zigbee2MQTT is an open source Zigbee bridge which can be easily integrated into existing smart home solutions thanks to the MQTT network protocol. As an example, Zigbee2MQTT combined with MQTT broker Mosquitto and Home Assistant can collect, display, record and control data from Zigbee devices. The setup described here uses Docker as a base. Manufacturer's website: https://www.zigbee2mqtt.io

Questions / Comments


Table of Contents
  1. docker-compose.yml
  2. Admin interface
Pages that link to this page
By continuing to browse the site, you agree to our use of cookies. More Details