Guide: How to install Pi-Hole on Gold/Purple (Beta)

Follow

Comments

102 comments

  • Avatar
    Chris Hewitt

    Here is the script I use.

    $ cat update_pihole.sh

    #!/bin/bash

    cd /home/pi/.firewalla/run/docker/pi-hole

    sudo docker-compose pull
    sudo docker-compose down
    sudo docker-compose up --detach
    sudo systemctl start docker-compose@pi-hole

    1
    Comment actions Permalink
  • Avatar
    Alex M

    @ chris, I also run this at the end:

    sudo docker system prune -a

    to remove unused old Docker containers

    1
    Comment actions Permalink
  • Avatar
    Lynk

    Looking at pihole-FTL.conf, i do not see these lines below. Are we to manually add them in?

    DBINTERVAL=60
    MAXDBDAYS=30

    0
    Comment actions Permalink
  • Avatar
    kyee99

    Does anyone have trouble with failing IPv6 tests at sites like internet.nl and https://test-ipv6.com/ 

    0
    Comment actions Permalink
  • Avatar
    Alex M

    Yes, same here @kyee99

    0
    Comment actions Permalink
  • Avatar
    Alex M

    Having done a bit of research, it appears this is linked to how Docker handles IPv6.

    Does anyone know how to tackle that?

    0
    Comment actions Permalink
  • Avatar
    Alex M

    @firewalla , any support for this pls?

    0
    Comment actions Permalink
  • Avatar
    daniel

    Hi all,

    if you want to update your Pi-Hole (pihole) on Firewalla, I've written a short update procedure, which I'd like to share:
    (assuming your FW is on IP 192.168.218.1)

    connect to Firewalla via SSH (use Terminal on Mac / Command prompt on Win):
    -----------------------------------------


    ssh pi@192.168.218.1
(Password from Firewalls App - SSH Console)

    -----------------------------------------

    
copy-paste these commands in terminal and press enter:


    -----------------------------------------


    cd /home/pi/.firewalla/run/docker/pi-hole/
    sudo docker-compose pull
sudo docker-compose down
sudo docker-compose up --detach
sudo systemctl start docker-compose@pi-hole


    -----------------------------------------

    take care.

    0
    Comment actions Permalink
  • Avatar
    Donny

    Firewalla, with all of this effort trying to hack it together, can't we just get a built in DNS server?

    0
    Comment actions Permalink
  • Avatar
    Alak

    @Donny - Firewalla has plenty of built-in DNS services available.  See these articles for more info. 

    https://help.firewalla.com/hc/en-us/articles/4570608120979-Firewalla-DNS-Services-Introduction

    https://help.firewalla.com/hc/en-us/articles/360007210473-Where-Firewalla-Can-Block-

    Installing Pi-hole on Firewalla is for advanced users who would prefer to use Pi-hole instead of Firewalla's built in services for DNS based ad blocking.  You may be fine simply using the built in services provided by Firewalla.  It's just nice that Firewalla does allow expansion like this to add enhanced functionality where needed.

     

    2
    Comment actions Permalink
  • Avatar
    Chris Hewitt

    @Donny Pi Hole is much more than a DNS server. It’s a means of blocking access to malicious and unwanted sites.

    Creating, maintaining, and running a DNS server is nontrivial. It takes storage and CPU. if you really want to manage your own DNS function you can always use the /etc/hosts file.

    Maybe I am missing something. Why do you want Firewalla to add DNS to the Gold?

    0
    Comment actions Permalink
  • Avatar
    Donny

    @Chris

    I have a small data center at home (5 servers, 20 services, 8 pieces of network gear, 10 cameras, etc.). I used to run a Fortigate (it EOL'ed). Everyone has gotten use to referring to resources by name. The FW/GW is a convenient location to host DNS services as everything is already pointed there anyway.

    DNS is such a basic service that I assumed any gateway of this level would support it. I would love to open the Firewalla app, go to DNS, go to create zone, name it home.local, add some internal records, and then attach it to an interface.

    Maybe after that, I create some empty zones for known Internet junk so that my users simply receive a not found response.

    Hosts files are extremely antiquated. We access services by friendly names like files, camera1, VCS, etc.

    0
    Comment actions Permalink

Please sign in to leave a comment.