Categories
Hardware Software

Pi-Hole config guide

Pi Rasperry Pi-Hole config quide:
Howdy and welcome to another thread.  I have a history of not being a fan of advertisements and do not run those banners on this site.  Besides a security concern, I think advertisement gets really creepy online.
Pi-Hole is an Operating System with dns capabilties and use of adblocking lists.  The added benefit of the request being denied even without plugin-based web browsing, is pretty handy.

Before you install, be sure if you are using a RaspberryPi or whatever device, that your user password is one of your own.  You do not want to go default with your LAN traffic.  If you wanna log a fun time, you can use one of these for short-term logging a little CTF monitoring style.  Logs are configured to purge after a few days on your standard Pi-Hole install. Please be sure to update your OS image with latest patches via said package manager.  In my case I set the primary network connection to a static address.  I have the service connection IP address details to use the actual router as DNS server.  Since all your other network DNS will be set to the fixed IP Address you bound to your Pi-Hole installed device.
SSH is likely disabled.  I like to administer my SSH session by serial to usb in the case of my Raspberry Pi installs.

Follow the install guide and advisory on their site about the bash | pipe install.  Quick comes at a trade off when you do not review the install process part for part.  If you go for the easy install and read the disclaimer, you can run the single line install:

curl -sSL https://install.pi-hole.net | bash

This thread is for administering and keeping yours updated, as with my configuration I ran into update issues using just the one connection.  Details ahead cover enabling a second connection to fetch updates, since you will have the primary network connection with a set IP address that handles DNS requests handed off from your router / main DNS device on your network.

To do updates to the OS and Pi-Hole local web services device / OS, I disable the service network connection to resolve conflicts of web requests to get out locally.  All the LAN clients will be fine getting pages.  In this case, I suspect the localhost calls in the Pi-Hole logs relate to my network layout and the device being bound to serve back to itself.  When logged into the [deviceIP]/admin configuration page I would also get failures to resolve list update servers.

Having plugged in a second USB NIC or using Wireless as an update connection, I ran the following commands to handle my network adapters.  Turning off the static address service NIC. In most cases likely eth0 as shown below

sudo ifconfig eth0 down

Do some pings and the like to see they should now resolve.  Do your updates etc for the OS.  In my case, Raspbian on a Pi 3.

Once those finish, load up the Web Admin panel for your Pi-hole install. Get your ip address for the active network connection with:

ifconfig

Connect to that IP address in a web browser and add ‘/admin’ into the address bar at the end of the IP Address without the quotes around the path.

Login with your admin password to the admin panel and you should now be able to see updates are pending.  You need to start with the FTL update.  To do this, return to your SSH session.  As I mentioned I am working with serial over USB, but you can enable SSH over network if you so desire.  One more service for a network heavy component, so choose of your own accord in concern to security to conveinence.
On that SSH console, run:

pihole -up

Wait for the updater to get and deploy the new FTL version.  You will likely also be treated to the Web Interface and Pi-Hole version also being to current revisions.  Great!  Almost updated and running live AdBlocking again.
Still on your console, seeing the update completed you want to turn back on the main network connection we disabled for updating.

sudo ifconfig eth0 up

Overviewing network setup above:
Main Internet router will be your DNS server on the Pi-Hole device.  Manually set client DNS or change your DHCP server to set client DNS to the static address of your Pi-Hole install. (192.168.0.1 default-ish router)  Check your current IP config to get details if you do not know current network base configuration.
On the Pi-Hole install, set the primary network adapter to an address in that subnet (say 192.168.0.10)  Make sure DHCP server /or/ router will not also try to assign that address in it’s pool.  The Pi-Hole DNS primary will be set to your local router (as above default-ish router 192.168.0.1)

I hope to have avoided huge gaps or inflected confusion in this thread. Jolly adblocking.  Even if you like making money from it, you have to know it is a vulnerable vector and kind of a shaky market.  I’m not here to tell you what to do, I’m sharing details to help block them on places that run them without respect to visitors.

Categories
Uncategorized

Community resources and projects

I want this to be short, yet more detailed than a tweet or lost in a string of them. I have to say there is an issue with contributing to a public project, that is when you are eternally expected to maintain said thing. Especially with no compensation or expectation of support timeline. I know that can sound rude, but the context I am especially honing in on, is stuff like game mods or application support by a person or community, that the OEM / vendor ignored.

There comes a point when if you want to improve something or add features to it, you need to roll up your sleeves and figure it out yourself, instead of ranting on reddit for someone who did a kind deed of the original contribution, to somehow become the permanent dev to your whim. This applies to games as well, because it seems like smaller developers get bombarded with this syndrome, while a major game studio just gets a shrug and ‘oh that’s the best we will get from them’ replies from the same people making outlandish demands from the smaller developers and studios.

Sharing another story, I know a person who wrote a Gamefaqs guide and still had people emailing for intricate details about a thing, 9 years later. I’m sorry (but not really sorry), people probably moved onto other projects, especially in that span of time. It seems like if you give a huge effort, you are presumed to own it forever. Don’t get me wrong, kind people do pick up the torch on projects and move forward, but the issue of insane expectations is a real thing.

If you can ask the question and understand the basic of how something works, if you apply some effort into research and working out the problem, you can likely contribute, if not completely solve the issue itself. I feel many people get burnt out trying to contribute to communities for reasons like this. Throwing in a video game trope; when I played Final Fantasy XI heavily, many of the newer members always showed up for the leet boss fights, but were never to be seen or magically went afk, when the core team was farming triggers (items required to actually fight the leet bosses), because the trigger part takes time and does not directly lead to an immediate reward.

That ends my rant. Please be courteous of people who produce content and products to help others. Donate them some loot for good work, if you want to help debugging and giving feature requests, do not write snarky comments about how dumb they are for omitting your favorite feature. Especially because it may already be there, you just didn’t see it or it has another name for that flag option.
I don’t know about you, but working a day job, upkeeping around the home, finding time to spend with friends and family, getting some recreational and sleep, can be a struggle. Especially when day job requires after-hours maintenance. Please be cool to others. If someone is releasing a tool or something cool, remember they are people too, or at least some sort of advanced AI that probably has some feeling registers too.

Let’s try to avoid pushing people to burn out faster. It’s hard enough to avoid without the crowd heckling that can be this social media age. Thanks for reading and visiting :)