An example guide to run pihole in a raspberry pi 3b for your local network

• Raspberry pi device
• SD Card
• Host with card reader or an external card reader
• Host machine with the following tools installed:
  • openssh
  • Raspberry Pi Imager
  • nmap

1. Insert your SD card to your host

2. In your host open Raspberry Pi Imager and choose the OS and SD card.

   

3. Follow the required steps to have your OS installed in your SD card.

4. Once the OS is installed, insert your SD card in the raspberry pi and connect it to a power supply and in the same network where your host machine is connected.

1. Find the raspberry pi IP using nmap from your host

   $ nmap -sp 192.168.100.0/24
   Starting Nmap 7.91 ( https://nmap.org ) at 2021-04-17 19:27 -03
   Nmap scan report for 192.168.100.1
   Host is up (0.035s latency).
   Nmap scan report for 192.168.100.4
   Host is up (0.00034s latency).
   Nmap scan report for 192.168.100.39
   Host is up (0.024s latency).
   Nmap done: 256 IP addresses (3 hosts up) scanned in 10.32 seconds

   in my case I know my host IP is 192.168.100.4 and 192.168.100.1 is my modem/router adress so my rasberry pi address is 192.168.100.39

2. Connect to your rasberry pi using ssh (you may have configure the default user/password in the install process). In my case I just used the default user ubuntu and set ubuntu as password

   $ ssh [email protected]
   [email protected]'s password:

   • Once you are connected to your device, become sudo

     sudo su
     root@ubuntu:~$ 

hostnamectl set-hostname rasp3b

You must disconect and connect to see the hostname change applied

• Create your static ip config

  touch /etc/netplan/99_config.yaml
  vim /etc/netplan/99_config.yaml

  • Paste the following config and match the values with your network settings

  network:
  version: 2
  renderer: networkd
  ethernets:
    eth0:
      addresses:
        - 192.168.100.8/24
      gateway4: 192.168.100.1
      nameservers:
        addresses: [8.8.8.8, 1.1.1.1]

• Deactivate the cloud network config

  • Create a new file in /etc/cloud/cloud.cfg.d/

    vim /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg

  • Add the following contents

    network: {config: disabled}

• Remove the cloud ip file

  • remove /etc/netplan/50-cloud-init.yaml file

    rm /etc/netplan/50-cloud-init.yaml

• Apply the changes

  sudo netplan apply

• Verify your address

  ip a | grep 192.168.100.8

1. in your host create a ssh key to connect to the rasberry without using password

   • Open a terminal in your host and create the key pair

   $ ssh-keygen -t rsa -b 4096 -c "my host"
   Generating public/private rsa key pair.
   Enter file in which to save the key (/Users/me/.ssh/id_rsa): /Users/me/.ssh/rasp3b

2. Config ssh in your host to connect using private key

   • Add a new host on your ~/.ssh/config file

   #Pihole rasp3b
   Host pi3b-0
     User rasp3b
     HostName 192.168.100.8
     referredauthentications publickey
     IdentityFile ~/.ssh/rasp3b

3. Create and config a new user for pihole in your raspberry pi

• Create the user and follow the steps and set an easy password

  $ adduser rasp3b
  Adding user `rasp3b' ...
  Adding new group `rasp3b' (1000) ...
  Adding new user `rasp3b' (1000) with group `rasp3b' ...
  Creating home directory `/home/rasp3b' ...
  Copying files from `/etc/skel' ...
  New password:
  Retype new password:
  passwd: password updated successfully
  Changing the user information for rasp3b
  Enter the new value, or press ENTER for the default
    Full Name []:
    Room Number []:
    Work Phone []:
    Home Phone []:
    Other []:
  Is the information correct? [Y/n] y

• config private key authentication

  • Create the .ssh directory for your user

    sudo su raspb3
    mkdir ~/.ssh
    chmod 700 ~/.ssh
    touch ~/.ssh/authorized_keys
    chmod 644 ~/.ssh/authorized_keys

  • Copy the public key to the authorized_keys

    • In your host

      ssh-copy-id -i ~/.ssh/rasp3b [email protected]

    • follow the steps and login with your password

• test connecting using keys

  • In your host

    ssh pi3b-0

• remove ubuntu user (optional)

  userdel ubuntu

• remove password for pihole user (optional)

  sudo visudo

  • add at the end of the file:

  rasp3b  ALL=(ALL) NOPASSWD:ALL

  • save and exit

Connected to your raspberry pi as raspb3 user:

• Installing docker and net-tools

  sudo apt update && sudo apt upgrade -y && sudo apt install -yqq \
  docker \
  docker-compose \
  net-tools

• Giving permission to rasp3b user to use docker

  sudo usermod -aG docker $USER

disconnect and connect again to your device to changes take effect

• disable dns service

  sudo systemctl disable systemd-resolved
  sudo systemctl stop systemd-resolved

• In the raspb3 user home directory create the following file:

  • docker-compose.yaml

    version: '3.7'
    
    services:
      pihole:
        container_name: pihole
        image: pihole/pihole:v5.8
        ports:
          - "53:53/tcp"
          - "53:53/udp"
          - "67:67/udp"
          - "80:80/tcp"
          - "443:443/tcp"
        environment:
          TZ: 'America/Cordoba'
          WEBPASSWORD: 'testpihole'
        volumes:
          - './etc-pihole/:/etc/pihole/'
          - './etc-dnsmasq.d/:/etc/dnsmasq.d/'
        cap_add:
          - NET_ADMIN
        restart: unless-stopped

docker-compose up -d

• Config your host DNS to use the rasberry pi IP

this change for every OS network settings

• Open a web broser and load a page with ads
• Enjoy your less ads browsing

• In your web browser open the raspberry pi IP https://192.168.100.8/admin

• Click login and see the metrics collected

• open https://192.168.100.8/admin/groups-adlists.php

• Select the community files that blocks the sites/ads you prefer

• add a new entry with the link to the file

• go to https://pihole/admin/gravity.php and click the update button