antipaucity

fighting the lack of good ideas

results from running pi-hole for several weeks

I came across pi-hole recently – an ad blocker and DNS service that you can run on a Raspberry Pi in Raspian (or any Debian or Ubuntu (ie Debian-like)) system. Using pi-hole should obviate the need for running ad-blockers in your browser (so long as you’re on a network that is running DNS queries through pi-hole).

I’ve seen some people running it on CentOS – but I’ve had issues with that combination, so am keeping to the .deb-based distros (specifically, I’m running it on the smallest droplet size from Digital Ocean with Ubuntu 16.04).

First the good – it is truly stupidly-simple to get setup and running. A little too simple – not because tools should have to be hard to use, but because there’s not much configuration that goes in the automated script. Also, updating the blacklist and whitelist are easy – though they don’t always update via the web portal as you’d hope.

Second, configuration is almost all manual: so, if you want to use more than 2 upstream DNS hosts (I personally want to hit both Google and Freenom upstream), for example, there is manual file editing. Or if you want to have basic auth enabled for the web portal, you need to not only add it manually, but you need to re-add it manually after any updates.

Third, the bad. This is not a pi-hole issue, per se, but it is still relevant: most devices that you would configure to use DNS for your home (or maybe even enterprise) want at least two entries (eg your cable modem, or home wifi router). You can set only one DNS provider with some devices, but not all. Which goes towards showing how pi-hole might not be best run outside your network – if you run piggy-back DHCP and DNS both off your RPi, and not off the wireless router you’re probably running, then you’re OK. But if your wireless router / cable modem demands multiple DNS entries, you either need to run multiple pi-hole servers somewhere, or you need to realize not everything will end up going through the hole.

Pi-hole sets up lighttpd instance (which you don’t have to use) so you can see a pretty admin panel:

pihole

I added basic authentication to the admin subdirectory by adding the following lines to /etc/lighttpd/lighttpd.conf after following this tutorial:

#add http basic auth
auth.backend = "htdigest"
auth.backend.htdigest.userfile = "/etc/lighttpd/.htpasswd/lighttpd-htdigest.user"
auth.require = ("/admin" =>
( "method" => "digest",
"realm" => "rerss",
"require" => "valid-user" )
)

I also have 4 upstream DNS providers in /etc/dnsmasq.d/01-pihole.conf:

server=80.80.80.80
server=8.8.8.8
server=8.8.4.4
server=80.80.81.81

I still need to SSLify the page, but that’s coming.

The 8.8.* addresses are Google’s public DNS. The 80.80.* addresses are Freenom’s. There are myriad more free DNS providers out there – these are just the ones I use.

So what’s my tl;dr on pi-hole? It’s pretty good. It needs a little work to get it more stable between updates – but it’s very close. And I bet if I understood a little more of the setup process, I could probably make a fix to the update script that wouldn’t clobber (or would restore) any custom settings I have in place.

reviewing

I was contacted by Packt a few months ago to be a possible author of an eBook on the Raspberry Pi. As fun as that sounds like it would’ve been, I am in no way qualified to write on the topic, as I’ve both never used one, and don’t really have the time to play with one.

Fast forward to last month, and now instead of writing the book, they’d like me to be a “reviewer”. That sounds kinda fun – you get your name in the credits, and get to help maybe sell a couple copies by giving feedback on the content, structure, flow, etc.

The problem with this has been, so far, that the author(s) have such a poor command of English that the book sounds more-or-less like it’s been written by a grade schooler. So, instead of “reviewing”, I’ve put on my editor’s hat, and am trying to help the fella that wrote it bring it up to a level folks can understand 🙂

next bglug meeting: topic ‘raspberry pi’; speaker jordan keyes; 1900 (7p) 20 september @collexion hackerspace

After several months, the Bluegrass Linux User Group (see also G+ page) is resuming regular meetings in conjunction With Collexion – a hackerspace in Lexington KY.

Our first (next) topic is “The Raspberry Pi“, presented by Jordan Keyes (creator of twil.tv (also on youtube: http://youtube.com/twildottv)), at 1845 (6:45p) at Collexion. We’ll plan to “start” at 1900 (7p).

Collexion is located 109 E. Loudon Ave in Lexington.

We are looking forward to a good time being had by all.

Please bring a small donation for dinner (planning to order-in pizza) – any leftover cash will be left as a “thank you” to the kind folks at Collexion for letting us use their space.

Also to note: the new regular meeting day will be the third Thursday of each month.