I’m trying to run ResinOS on an RPi3 configured as a hotspot and router. The setup works well using the hotspot example from the docs, but now I’d like to set up pi-hole for network-wide ad-blocking. The recently-released pi-hole 4.0 ships an official Docker container, so it should definitely run in a container.
Unfortunately, it won’t launch because port 53 is in use. I did some poking around, and it looks like NetworkManager launches a dnsmasq instance for shared connections. To disable DNS in this instance and only use DHCP, you’d likely edit a file in /etc/NetworkManager/dnsmasq-shared.d and set
port = 0.
I’ve spent a couple hours trying to figure out a way to do this. I understand that the root partition is read-only, and that files in the state partition are whitelisted. Is there some other way to disable DNS on the dnsmasq instance NetworkManager manages for shared connections so I can run a pi-hole container?
Note that I don’t want to change what DNS value my DHCP server returns. I’m fine with it returning what it does. I just want to run my own DNS server at that location.
I’ve also tried
systemctl stop dnsmasq, but this only affects the upstream dnsmasq, not the one NetworkManager launches for shared connections. I also found a thread about running pi-hole, but it seems to imply that you can bind containers to the interface IP, which I don’t think is the case when NetworkManager is sharing the connection.
Thanks for any help.