Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Navigation

    Cloudron Forum

    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    Pi Hole - network-wide ad blocking

    App Wishlist
    18
    54
    1198
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • girish
      girish Staff last edited by

      We can also use it on a VPS and point the DNS to the VPS. Sure, dns queries are a bit slower but maybe websites load faster because of the ad block 🙂

      luckow 1 Reply Last reply Reply Quote 1
      • luckow
        luckow @girish last edited by

        @girish yep. Perfectly understandable. But a raspberry pi costs $50, and you can install your smarthome system (e.g. homeassistant or openHAB.) on the same pi. And then it runs on your local network. I'm just thinking. 🙂

        1 Reply Last reply Reply Quote 0
        • imc67
          imc67 last edited by imc67

          Pi-Hole on Cloudron is useless IMHO for only internal "filtering".

          Only in combination with a VPN like WireGuard it's a perfect combination to be online, outside of your 'safe home wifi', without sniffing of mobile providers proxies and "free open wifi", and with a kind of safetynet by Pi-Hole.

          @luckow yes I do have a RaspberryPi with Wireguard AND Pi-Hole at home, but as an extra "external" backup its very welcome (and very easy) to have Pi-Hole+WireGuard in a Cloudron app. 😉

          Mallewax M 2 Replies Last reply Reply Quote 2
          • doodlemania2
            doodlemania2 App Dev last edited by

            Actually, one could do this (if you know what you're doing) by offering the pihole externally. In order to be safe, you would want to make sure to whitelist ONLY the IPs coming in to connect to it you intend to allow, otherwise you open your self up to DNS hijacking. I do this now by exposing a pihole on Azure that only my home router can connect to. Works great. FWIW, I took a look at packaging pihole the other day, cause of my use case. It looks...possible, but there are a LOT of moving parts and it really wants some pretty low level access, so, challenges will persist.

            1 Reply Last reply Reply Quote 0
            • S
              savity last edited by

              looking really forward for PI-Hole and Wireguard really 🙂

              1 Reply Last reply Reply Quote 2
              • Mallewax
                Mallewax @imc67 last edited by Mallewax

                @imc67 @doodlemania2 Right now I am using this setup on a separate, cloud hosted VM. Wireguard and Pihole, configured so that the system can only be accessed over VPN, not by external parties. Works beautifully and would be so cool, if this was working on Cloudron.

                https://www.sethenoka.com/build-your-own-wireguard-vpn-server-with-pi-hole-for-dns-level-ad-blocking/

                Excellent idea and request. Thanks for bringing this up.

                1 Reply Last reply Reply Quote 2
                • girish
                  girish Staff last edited by girish

                  Currently, what is holding back pi-hole is a couple of Cloudron limitations:

                  • Cloudron reserves port 53 (dns) on the server. Have to fix unbound to listen only on internal interfaces (we listen on 0.0.0.0 and rely on firewall and access control policies to block requests).

                  • Some IP based firewall as @savity has been requesting in another thread. This is required to block requests to pi-hole to just your machines/network.

                  imc67 1 Reply Last reply Reply Quote 1
                  • imc67
                    imc67 @girish last edited by

                    @girish you don't have these issues if you combine with Wireguard.

                    1 Reply Last reply Reply Quote 3
                    • girish
                      girish Staff last edited by

                      @imc67 indeed. If we bundle them together, it's not a problem. Is this the "preferred" way to package pi-hole?

                      Mallewax imc67 2 Replies Last reply Reply Quote 5
                      • S
                        savity last edited by savity

                        yeah i mean it would be for me 🙂 i would never create pihole acessable for others its for private reasons vpn+pihole. So pihole would be listening, lets say on 10.9.0.0

                        Maybe in the future the idea could to configure other apps only availaie in the same VPN Network

                        1 Reply Last reply Reply Quote 2
                        • Mallewax
                          Mallewax @girish last edited by

                          @girish @imc67 Same here, I think the combination is awesome and makes a lot of sense. PLEASE, PLEASE...Yes...:-)

                          S 1 Reply Last reply Reply Quote 2
                          • S
                            savity @Mallewax last edited by

                            @Mallewax i think this would lead also to new people using cloudron 🙂

                            Mallewax 1 Reply Last reply Reply Quote 2
                            • Mallewax
                              Mallewax @savity last edited by

                              @savity couldn’t agree more. For me it would be a killer feature. And would make for a nice campaign on Twitter, Reddit et. all. Just look how many people google this and try to establish it manually....this is a mainstream feature, that would be appreciated by the entire user base, much more than specific applications that appeal only to certain users.... my opinion

                              1 Reply Last reply Reply Quote 2
                              • imc67
                                imc67 @girish last edited by

                                @girish definately! 🙂

                                1 Reply Last reply Reply Quote 1
                                • marcusquinn
                                  marcusquinn last edited by

                                  Haha, Pie Hole / Cake Hole is British for your mouth, as in; shut your pie hole 😮

                                  https://www.urbandictionary.com/define.php?term=Pie Hole

                                  Hillside502 1 Reply Last reply Reply Quote 0
                                  • Hillside502
                                    Hillside502 @marcusquinn last edited by

                                    @marcusquinn
                                    Pi-hole, not Pie hole

                                    marcusquinn 1 Reply Last reply Reply Quote 0
                                    • marcusquinn
                                      marcusquinn @Hillside502 last edited by

                                      @Hillside502 3.14159265359... hole 🙂

                                      1 Reply Last reply Reply Quote 1
                                      • T
                                        timbo last edited by

                                        How is the progress here?

                                        S 1 Reply Last reply Reply Quote 2
                                        • S
                                          savity @timbo last edited by

                                          @timbo Yeah any information this ?

                                          1 Reply Last reply Reply Quote 0
                                          • girish
                                            girish Staff last edited by

                                            Last I checked it was quite tricky to deploy pi-hole with docker. Does anyone have experience with this style of deployment? It was really made like a "distribution"/"OS" instead of a separate app.

                                            iamthefij 1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post