_                        _ _  __  __
   _ __ ___   __ _ _ __| | __   ___ __ _ _ __ __| (_)/ _|/ _|
| '_ ` _ \ / _` | '__| |/ /  / __/ _` | '__/ _` | | |_| |
  | | | | | | (_| | |  |   <  | (_| (_| | | | (_| | |  _|  _|
|_| |_| |_|\__,_|_|  |_|\_\  \___\__,_|_|  \__,_|_|_| |_|
Home Hacker Stuff Hobby Stuff Car Stuff Other Stuff My CV

INSTALLING AND CONFIGURING PIHOLE

What is pihole?


Pihole takes the role of a DNS server in ytour network.

It also has the added bonus of sink-holing any DNS queries you might not want or need, such as ads.


I have previously run pihole on a pi zero and it worked well, but I wanted to run this on my Synology NAS for better reliability.


I have installed pihole on my NAS running DSM 7.2. This version of DSM has replaced the Docker app with Container Manager app.

I previously had this running on older versions with the Docker app, when I upgraded it broke.


The steps are:

1. create folders that will store the config (and logs).

I am using a folder named 'docker' on my NAS to store any docker related files.

In this folder I created a folder named 'pihole' containing these 3 folders:

pihole

dnsnmasq.d

logs


2. create the container

This is done following a guide by mariushosting:

https://mariushosting.com/how-to-install-pi-hole-on-your-synology-nas/

I based my install script on his.

We are using the scheduled task feature of the NAS to run the command.


Navigate to Control Panel > Task Scheduler > Create > Scheduled Task > User-defined script.


SCRIPT FOR TASK:

docker run -d --name=pihole \

-e WEB_PORT=8100 \

-e WEBPASSWORD=strongPassword \

-e WEB_BIND_ADDR=192.168.1.45 \

-e TZ=Europe/Dublin \

-e DNSMASQ_USER=root \

-e DNSMASQ_LISTENING=local \

-v /volume1/docker/pihole/dnsmasq.d:/etc/dnsmasq.d \

-v /volume1/docker/pihole/pihole:/etc/pihole \

-v /volume1/docker/pihole/log:/var/log/pihole \

--net=host \

--restart always \

pihole/pihole


With this, you can edit the name, password, timezone to suit your needs.

We are also mapping the 3 folders within the container.

We map the dnsmasq and pihole fodler so the container can be restarted without losing this information.

I am mapping the logs file in order to forward these to QRadar later.


IMPORTANT: If you want this pihole container to take over DHCP, it will need to run with high privilege.

After creating the container and letting it complete its first startup (wait for the webportal to be ready).

Stop the container, and using settings ensure Execute using high priv is checked.


Depending on your NAS config, you may need to edit the NAS firewall to allow port 53 and the admin port.