DIY: Making your home (almost) Ad-free with Pi-hole

Posted bySami LahtiPosted inRaspberry PiTags:,

I have “No Ads, please!” label on my physical mailbox, but that works only for traditional ads. For my devices, I need to install an ad blocker to each browser and for some devices like my smart TV such doesn’t exist. Luckily, there is a solution for that and it is called Pi-hole.

Pi-Hole is a network-wide ad blocker. Instead of installing an ad blocker on every browser (and device), you can have a Pi-hole in your home network. It will block ads on all your devices, also on the smart TV. But it’s not a perfect solution, if ads are served from the same domain address, it will not block them. So unfortunately, you will still see ads on Youtube and some other services.

I listed a few benefits of using Pi-hole:

  • It will make your network faster, because when an ad is blocked, it’s actually prevented from being downloaded. And since these ad images, videos, and sounds are not being downloaded, your network will perform better.
  • It will protect your network from malware. You can also add additional block lists to your installation that will prevent the domains that are known to serve malware or act as a phishing site from ever entering your network.
  • It will block the ads in non-traditional places. Since the ads are prevented at the network level (before the ads reach the device), you can prevent ads from appearing on Internet-connected devices that aren’t Web browsers.
  • You can use it as a network monitoring tool too. You can find out what sort of traffic is happening on your network. (I have turned this feature off for privacy and to save my SD card wearing out)

It works as an internal private DNS server for your network. Usually this service is already running on your router, but when DNS queries are routed to Pi-hole, it will intercept any queries for known ad-serving domains and deny them to access.

I made a very simple setup guide for you and you just need a few things before starting:

  • Raspberry Pi with a case
  • Power Supply for Raspberry Pi (I used the official version)
  • SD Card (2GB+)
  • Network cable (not needed if you use a wireless connection)
Here is mine installed to cross-connect cabinet.

I won’t go to details how to install a Raspberry Pi OS, because there is good resources for that in here:

https://www.raspberrypi.org/documentation/installation/installing-images/

Remember to configure basic settings like:

  • Hostname
  • Password
  • Timezone
  • Enable SSH
  • Keyboard settings
  • Also, update OS to latest version

After you are done, connect to your Raspberry Pi with SSH.

First you need to set a static ip-address for your Raspberry Pi, you can achieve this with by configuring the file in /etc/dhcpcd.conf directory. Add following text to file and replace bolded characters with ip-addresses suitable for your home network:

interface eth0 #if you prefer wireless, use wlan0 instead of eth0
static ip_address=x.x.x.x/24 #replace x.x.x.x with preferred ip-address for your raspberry
static routers=x.x.x.x #replace x.x.x.x with you routers ip-address
static domain_name_servers=x.x.x.x #replace x.x.x.x with you routers ip-address

Reboot with command: sudo reboot. Remember to use your new ip-address when connecting to after reboot. Then run the following commands in terminal:

#Install Docker
curl -sSL https://get.docker.com | sh
sudo systemctl enable docker
sudo systemctl start docker
sudo usermod -aG docker pi
docker pull pihole/pihole
#Install Docker Compose
sudo apt-get install libffi-dev libssl-dev
sudo apt install python3-dev
sudo apt-get install -y python3 python3-pip
sudo pip3 install docker-compose
#Create a directory and docker-compose YAML file
mkdir /home/pi/docker
cd /home/pi/docker
touch /home/pi/docker/docker-compose.yml

Type sudo nano /home/pi/docker/docker-compose.yml and paste following info replacing bolded lines with your preferred settings.

pihole:
     container_name: pihole
     domainname: docker
     hostname: (type your hostname)
     image: pihole/pihole:latest
     ports:
       - '53:53/tcp'
       - '53:53/udp'
       - "80:80/tcp"
       - "443:443/tcp"
     restart: unless-stopped
     volumes:
       - /home/pi/docker/pihole/pihole:/etc/pihole
       - /home/pi/docker/pihole/dnsmasq.d:/etc/dnsmasq.d
     cap_add:
       - NET_ADMIN
     environment:
       - ServerIP=(type your raspberry ip-address)
       - PROXY_LOCATION=(type your hostname)
       - VIRTUAL_HOST=(type your hostname.domain)
       - VIRTUAL_PORT=80
       - TZ=$(Type your Timezone example: Europe/Helsinki)
       - WEBPASSWORD=(Type preferred password)
       - DNS1=127.0.0.1
       - DNS2=1.1.1.1
     labels:
       - "traefik.enable=true"
       - "traefik.backend=pihole"
       - "traefik.port=80"
       - "traefik.frontend.rule=HostRegexp:pihole.(domain),{catchall:.*}"
       - "traefik.frontend.priority=1"
       - traefik.frontend.headers.SSLRedirect=true
       - traefik.frontend.headers.STSSeconds=315360000
       - traefik.frontend.headers.browserXSSFilter=true
       - traefik.frontend.headers.contentTypeNosniff=true
       - traefik.frontend.headers.forceSTSHeader=true
       - traefik.frontend.headers.SSLHost=local
       - traefik.frontend.headers.STSIncludeSubdomains=true
       - traefik.frontend.headers.STSPreload=true
       - traefik.frontend.headers.frameDeny=true

Finally, create a Docker container with the following command

sudo docker-compose -f docker-compose.yml up -d

You should be now able to connect your Pi-hole with a browser: http://ip-address (or hostname like http://hostname.local). Click Login and type your password.

I changed the privacy level to the Anonymous mode from Settings -> Privacy, because I have no need to track what queries are done and perhaps it will extend lifetime of the SD card.

Also Disabled query logging from Settings -> System for the same reason.

To have Pi-hole automatically used by all the clients on your network, you have to reconfigure your home router to use a different DNS server. By replacing the DNS server that your router uses with Pi-hole’s DNS server, it will mean all the devices on your network which get an IP address from the router, will use Pi-hole for DNS.

  • Log into your router as an admin.
  • Set the primary and secondary DNS server to be the ip-address of your Pi-hole you configured (You may also want to configure 1.1.1.1 has secondary DNS Server, if Pi-hole is down, but that may lead some queries forwarded to it even the Pi-hole is up and running)
  • If you don’t know how to change it, use Google. There are too many different routers to give step-by-step instructions, so try using Google by using the model of your router and “change dns server settings” phrase with it.
  • Save settings and reboot the devices.

Login to your Pi-Hole and you should start to to see the number of queries increasing.

Your Pi-hole setup is done, congrats!

P.S There are free mobile apps for controlling your Pi-hole in App Store / Play Store

Update:
If you need to update your Pi-Hole, just login with SSH to your Raspberry Pi and execute following commands (in same directory where your docker-compose.yml is):

docker pull pihole/pihole
sudo docker-compose -f docker-compose.yml up -d

Leave a comment