Pi-hole project using balenaOS - help with configuration

raspberrypi3
pi-hole

#1

Hi, the project to install pi-hole (https://www.balena.io/blog/deploy-network-wide-ad-blocking-with-pi-hole-and-a-raspberry-pi/) is pretty awesome, thanks for the writeup. I’ve actually successfully deployed it but I have some questions.

  • How do you configure the dnscrypt-proxy / unbound / dohnut applications?
  • Importantly, I’d like to be able to point the DNS resolvers to my OpenDNS setup, for home use, to prevent kids from getting inappropriate content.

Otherwise, it’s a really cool project and just works!

Thanks very much!


#4

Hello @billagee, great to know that you are enjoying your Pi-Hole setup with balena.

  • For the DNS resolver, I believe you can point to your OpenDNS setup on http:///admin/settings.php?tab=dns, in Upstream DNS Server.

As for configuring the applications, I would like to suggest that you ask in the pi-hole community forums about specifics of the platform, they will be more knowledgeable about it.

Cheers :wink:


#7

Hi @billagee

You can use either of the other upstream resolvers by adjusting your configuration in the Pi-hole admin, as per the notes in the docker-compose.yml file here: https://github.com/klutchell/balena-pihole/blob/master/docker-compose.yml

For example if you wanted to use Unbound you’d set the DNS1 and DNS2 service configuration entries as per our tutorial. If you’re looking to use OpenDNS then you would set these two variables to OpenDNS instead.

Unbound is a recursive resolver which means it doesn’t rely on any other service (and hence takes a little longer) so you couldn’t use that with OpenDNS.

I hope this helps!


#9

Hi Chris, thanks! This is really helpful. I had previously had pi-hole and dnscrypt running on my RPi, and the dnscrypt settings used Cisco (OpenDNS) and I’m trying to replicate that type of arrangement with this great project. Do you think I can change the unbound.conf file per below and limit to OpenDNS? Many thanks, now I can at least move around between the three options!

Best regards,

Bill

from unbound.conf file:

Use the following forward-zone to forward all queries to Google DNS,
OpenDNS.com or your local ISP’s dns servers for example. To test resolution
speeds use “drill calomel.org @8.8.8.8” and look for the “Query time:” in
milliseconds.

forward-zone:
name: “.”
forward-addr: 1.1.1.1@53#one.one.one.one
forward-addr: 8.8.8.8@53#dns.google
forward-addr: 9.9.9.9@53#dns.quad9.net
forward-addr: 1.0.0.1@53#one.one.one.one
forward-addr: 8.8.4.4@53#dns.google
forward-addr: 149.112.112.112@53#dns.quad9.net


#11

Hi again Bill, if you update your project now you’ll find that dnscrypt is back as the primary (and only) resolver, so you may well be able to configure it in the same way as you used to!