Published June 8, 2023, 6:20 p.m. by Jerald Waisoki
Huge thanks to Linode for bringing you this video. Wanting your own personal cloud services, but don't have the time, money, or space to set up your own server rack? Let Linode host them for you! Visit https://linode.com/CraftComputing and get a $100 60-Day credit just for signing up.
Pi-Hole is an awesome service to run in your house. It keeps ads from loading on every device, and will run on any Raspberry Pi, Docker container or virtual machine you'd like. But did you know it can do SO much more than just block ads? You can also completely bypass 3rd party DNS servers like 8.8.8.8, 1.1.1.1, 208.67. 222.222, or the ones ran by your ISP.
Freigeist Bierkultur's Aufschneider, a 'Hoppy German-style Hefeweizen Ale'. This reminded me a lot of a Radler... you know, a lager mixed with grapefruit soda? But think of a Hefe mixed with a Pale Ale. It's better than it sounds, but it's also neither a Pale Ale, nor a Hefe. Not bad, but not for me.
Install Ubuntu Server 20.04 (https://ubuntu.com/download/server)
Install Pi-Hole - sudo curl -sSL https://install.pi-hole.net | bash
Set the Web Admin Password - pihole -a -p [password]
Create Unbound Configuration File - sudo nano /etc/unbound/unbound.conf.d/pi-hole.conf
Copy example config - https://docs.pi-hole.net/guides/dns/unbound/
Restart Unbound to apply Configuration - sudo service unbound restart
And you're done! Bonus points for sending all DNS traffic through a VPN Gateway to encrypt all outbound requests - https://youtu.be/xFficDCEv3c
Find the parts I recommend on my Amazon store: https://www.amazon.com/shop/craftcomputing
Support me on Patreon or Floatplane and get access to my exclusive Discord server. Chat with myself and the other hosts on Talking Heads all week long.
Link: https://filmmusic.io/song/3800-george-street-shuffle
You may also like to read about:
a couple months ago i promised a brand
new tutorial on getting piehole up and
running as the ultimate do-it-yourself
dns server
and this is finally that video today i'm
going to walk through installing pihole
getting it set up as a recursive dns
server and eliminating the need to
forward your dns requests to third
parties like
google opendns or your internet service
provider
let's get started
[Music]
welcome back to craft computing everyone
as always i'm jeff
today's video is all about setting up
piehole as your own personal and private
dns server that you can host yourself
first up let's talk about what pihul
actually is it's a dns server that you
can host yourself
that blocks ads when you attempt to
visit web pages so for example if i
visit the webpage hackaday.com
you can see there are ads at the top and
side of the web page
but if we visit it through a pie hole
dns connection those ads disappear
in its standard configuration pihol is
what's known as a forwarding dns server
in that it only has a very specific list
of websites that it has the ip address
for resolution
and if it doesn't have that address it
will forward you on to the next dns
provider that you've configured
so if you type in the website
hackaday.com into your web browser that
request is forwarded onto pihole
since pihold doesn't know where
hackaday.com is since it's not an ad
serving website
it will forward that request onto the
next dns server that you've configured
that dns server will then forward back
down the ip address for hack a day
through piehole and into your pc
however while hackaday is loading it
also wants to load up a whole bunch of
websites that contain ads
when those requests go to pihole it is
in the adblock list and so they are
filtered out
everybody got that good because i'm not
saying it again
so by default pie hole runs great for
its advertised features
however there is a lot more power under
the hood with a little bit of tweaking
and that's what we're going to do today
we're going to set a pie pihol as what's
called a recursive dns server
that is essentially what you forward on
your request from pihole to such as
google and
opendns when you ask pyhol where is
hackaday.com
if it doesn't know the answer it will
actually seek out what's called the
authoritative domain
server of hackaday.com and get the
answer from them directly
on the very first request of a website
this will take a little bit longer than
usual
however pihl will also cache that
information for future use so the next
time you visit the website
it loads much much faster what's more
rather than sending all of your dns
requests to a third party
you're going to be getting your
information directly from the ip server
itself
and cutting out the middleman entirely
so not only will the third party dns
servers no longer be able to compile a
complete list of your internet browsing
history based off the websites that you
visit
you're also going to be safer from dns
spoofing such as serving up a fake
website when you try to visit your bank
so with all the introductions out of the
way let's go ahead and get to building
our piehole server
first up i'm going to create a new
virtual machine inside of proxmox
however you can run this on a raspberry
pi or on your own hypervisor of your
choice
i'm going to go to create new virtual
machine i'm going to number it number
410
i'm going to name it homelab dash pie
hole dash
ftl go ahead and click on next under os
we're going to select the ubuntu 20.04
live server iso
now again ubuntu 2004 server is my linux
distro of choice
this isn't the time for that argument so
use what you like i'll use what i like
the commands are the same click on next
under hard drive i'm going to go and
give this thing
40 gigabytes no real reason for that i
just have lots of space on the server
and i'm going to select my local server
for storage click on next
under cpu i'm gonna give this four cpu
cores which is again
way more than enough but i have lots of
headroom
click on next i'm gonna give this four
gigabytes of ram
click on next i'm gonna leave network
settings at default click
on next and then click on finish once
that's been created i'm going to open up
the console and we'll go ahead and get
ubuntu installed
for the installation we're going to
leave pretty much everything at the
default so english as our main language
we're not going to read the release
notes we're going to verify that we have
a us language keyboard
i'm going to leave this at dhcp for
right now we're going to give our server
a name so home lab dash
pihole ftl pick a username
i usually go with administrator on a lot
of my servers give it a password
and we are going to install openssh
server because that will make the
installation easier later on
so go ahead and check that box and click
on done
click on done again and now we just wait
for the installation to complete
once ubuntu is back up and running we're
going to go ahead and log in it with the
credentials you set up during
installation
and the only thing we need to do here is
find out the ip address
so we can ssh into the box so i'm going
to type in ipspace address
and listed right here is my ip address
so 192.168.1.99
and that's all i need so i'm going to go
ahead and exit out of this session
now that we have the ip address go ahead
and log into the server over ssh with
the ssh terminal of your choosing
in this case i am using putty but again
you can use whatever you'd like
this isn't the place for that argument
if i could type today that would really
help things out
first things first we're going to
install pi hole exactly as we usually
would
and there's a handy little script right
here that you can get off either the
github or pi hole websites
so i'm just going to copy that i'm going
to type in sudo
paste in that script and then hit enter
and pi-hole will automatically install
itself and while we're waiting on this
to happen it's a good time to introduce
today's video sponsor
lenode a lot of my audience watches for
the home lab content like you all are
doing right now
but not everyone has the finances or
wants to dedicate an entire room to
setting up their own home lab
i mean just think about what i've gone
through here i added two 20 amp circuits
to my house plus an air conditioner
dedicated for my rack
not everyone wants the noise of a full
data center in their garage
rather than hosting your own personal
cloud let lenode host it for you
if it runs on linux it'll run on the
node and that includes the software in
today's video tutorial
you can set up your own ad blocking
recursive dns server
or set up your own personal vpn tunnel
so you can browse the web securely
wherever you're at from any device
linux makes it easy to deploy and manage
your own cloud services
with solutions starting from a single
shared cpu to massive multi-core virtual
machines
with shared cpu plans that start at as
little as five dollars per month
and scaling up to as high as you need to
go you'll be able to find a hosting plan
that fits your needs
install your favorite server apps and
services from scratch or start with one
of the many pre-configured one-click
installs from the lenode app marketplace
even if you do host your own servers you
can use lenode to keep a backup of your
systems off-site
visit lenode.com craft computing and
receive a 100
60-day credit when starting a new
account and get your home lab up and
running today
that's lenode.com craft computing and
now
back to the piehole installer we're
pretty much going to use nothing but the
default settings in the installer itself
so it lets us know that it will
transform our device into a network-wide
ad blocker but
we're gonna do just a little bit more
than that so go ahead and click on ok
first thing it'll ask you is to set up
an upstream dns server this is so the
dns forwarder inside of pi hole can work
now for right now we're just going to
select google however later on we will
be removing that entry and letting pi
hole get its own dns
by default right now pihole comes with
the stevenblock adblock list and that's
pretty much all you need to move forward
so go ahead and click on ok
we're going to block ads over ipv4 and
over ipv6 so again go ahead and click on
ok
and then it's going to ask if you want
to convert your dhcp address into a
static address i'm going to go ahead and
click on yes because this is only going
to be a temporary solution for me
you can also click on no and assign it a
new dhcp address
or set it whatever static address you
want do you wish to install the web
admin interface
of course i do yes you want to install
the web server and require php modules
of course also yes
do you want to log queries now this will
keep a comprehensive list of all of your
dns requests
however that kind of spits in the face
of the privacy aspect of it
for my use case i'm going to go ahead
and select yes because i don't care if
my dns queries are logged on my own
server but if that's a concern of yours
click no if you selected that you want
to keep logs there are four different
modes the default is show
everything which keeps a record of a
client and what website they tried to
access
there's hide domains there's hide
clients and domains and then there's
anonymous mode
again for my use case i'm going to show
everything
and after about 60 seconds or so pie
hole should be completely installed and
we can bring it up inside of a web
browser
and installation is now complete now the
one thing you need to take note of is
how do you actually access the web
interface
so for most people it's going to be the
ip address forward slash admin
there's also a password right here that
you need to take note of
or you can reset the password from the
ssh session you're in right now
if you do want to set up a custom
password for the pi hole web interface
the command is hole dash a dash
p and then whatever your password will
be so i'm gonna type in password
one i know nice and secure once the
password has been set it's a good idea
to try to log into the web interface to
make sure it's correct
so i'm gonna go to 192.168.1.99
forward slash admin if pihul is up and
running correctly you should see this
interface right here
i'm going to go down to the login tab
and then i'm going to enter the password
that i set inside the terminal so
password1
if that's successful you'll have a bunch
more options here on the left hand side
and you know you have admin access
and now for the secret sauce that
transforms this standard ad blocking
installation of pi-hole
into a full recursive dns server and for
that we're going to install unbound
now down in the video description i will
have a link to the full written tutorial
over on the pi hole website
i do recommend definitely clicking on
that as you're going to want to get in
on that copy pasta action
so first up we're going to go ahead and
update our app repository so
sudo apt update
once that's done we're gonna install
unbound so sudo
apt install unbound
and yes i would like to continue once
inbound has been installed
the fun part starts we actually need to
write our own configuration for unbound
to actually work
lucky for us there is an example
configuration file on the pi hole
website
so again you're going to want to go down
there and copy that but for right now
let's go ahead and create that
configuration file first
so i'm going to go up to this directory
right here and copy that from the pi
hole website
i'm going to do sudo nano and then paste
that directory in that will create that
configuration file for us and next i'm
going to copy this configuration file
right here so
copy that and then paste it in with all
of that pasted in there i'm going to hit
ctrl
x to exit i'm going to hit y to save and
i'm going to hit enter to confirm the
file name
now part of that configuration file was
actually to change the dns port inside
of unbound from 53 to
5335 now why would we do something like
that when all of the clients on your
network are expecting port 53
well pihul is already listening on port
53
and you can't listen on the same port
with two different services
so the way your network will be set up
now is pihole will be your dns server
that all of your clients communicate
with
and since it's on port 53 there's no
configuration change you need to make on
the clients
pyhol will then forward those requests
to unbound via port 5335 as a standard
dns request on a secondary port
from there unbound goes out to the
internet and finds the authoritative
domain server you were looking for
forwards that request back to pi hole pi
hole strips out all of the advertiser ip
addresses out
and feeds you the end client a clean ip
address
so we're going to go back to our pi hole
main page here i'm going to go to
settings
i'm going to click on the dns tab up at
the top i'm going to uncheck the two
google dns servers that we set up during
the installation process and scroll down
to upstream dns servers
i'm going to check the box on custom 1
ipv4 and type in 127.0.0.1
pound 5335 sorry
i'm old once that is done go ahead and
scroll all the way to the bottom of the
page and click on
save and with that your pi hole server
should now be up and running as a full
recursive dns server with everything set
up and ready to go let's go ahead and
test pi hole both as an ad blocker and
as a recursive dns server
so as you can see on the left side i
have my pi hole logging and on the right
hand side
i have msn one of the most notorious ad
heavy websites in existence like
why would anyone come here this is an ad
at the top this is an ad in the middle
this is an ad right here mixed in with
some news headlines but most of them
sponsored
over here is topics for you which are
all ads honestly it's just
terrible so let's see if we can fix it
just a little bit
i'm going to bring up my network
interfaces we're going to open up my
ethernet connection i'm going to go down
to properties
i'm going to go to ipv4 connections and
then down at the bottom i'm going to say
use the following dns server address and
i'm going to type in the ip address of
my pi hole server so 192.168.1.99
hit ok and close we're going to open up
a new tab and i'm going to go to msn.com
again
now this website is not a great example
again because microsoft likes to host a
lot of their own ads
but as you can see a good number of them
have gone away it's no longer asking me
to switch to edge chromium from firefox
in a banner up at the top
there's no ads right here in the center
although the logo for add choice is
still right there
and this big large video player is now
also gone
now let's see what happened inside a pie
hole down here at the bottom of our log
history you can see a bunch of requests
that say forward it on to localhost
5335.
that is pi hole responding saying i
don't know what the dns is asking for
i'm going to forward this on to unbound
so unbound can find the actual domain
route
as we scroll up a little bit you see a
bunch of results that are starting to
say okay
cached those are websites that pihl has
actually
cached the data of so it knows the ip
address directly and can serve that
query directly to the client
rather than forwarding that query off to
unbound and having unbound find the
domain root off on the internet
pihul can respond to that request
directly which is exactly what a
recursive dns server does
you can also see a bunch of requests
that are being blocked and that is pi
hole saying that is part of my ad
repository
you're not allowed in so there you go an
ad blocking and recursive dns server all
in one very tidy package
but for home lappers there's one more
very important feature that i'd like to
draw your attention to
and that's that pi hole can now respond
to local dns queries now pihole could
kind of always do this and i've used it
for this purpose before
but before you had to go into the pie
hole hosts file
and manually add in the ip address of
any local dns queries you wanted to
respond to
now there's actually a dedicated tab
just for local dns
so if i go down here to the local dns
tab and dns records
i can create dns records based off
internal services that i run
in my server stack that is pretty cool
with that
i think you have everything you need to
get up and running with pi hole as a
recursive dns
server ad blocker and even a local dns
authority
if you have any questions or comments
about this video go ahead and leave them
down below and i will do my best to
respond
on your way down there make sure to drop
this video a like and subscribe to craft
computing if you haven't done so already
follow me on twitter at craft computing
to keep up with my daily shenanigans
and if you like the content you see on
this channel and want to help support me
in what i do consider joining the
patreon or float plane links are also
down in the video description
as a bonus you'll get exclusive access
to the discord server where you can chat
with myself and join the ever-growing
community over there
and it gives you an opportunity to pick
my brain without blasting me with
twitter dms
that's gonna do it for me in this one
thank you all so much for watching and
as always i will see you
in the next video cheers guys
[Music]
today's beer is from fry geist beer
culture and it is the elf schneider
hoppy german style hefeweizen ale
6.0 percent they are out of st louis
missouri
and appear to possibly be a gypsy brewer
as it says on the side brewed and canned
by urban chestnut brewing company st
louis missouri for fry geist
so uh using someone else's facility to
brew your own beer
it's got kind of an interesting smell to
it um
let me see if there's any hint about
what hops they're using fried ice was
founded in 2009 with a mission to revive
germany's lost artisanal ales we now
offer bold american influence
american brood twists on our homeland's
most popular beer styles
generous editions of cascade and mosaic
cops gives this german style hypervison
ale its
tropical fruity notes an extra burst of
american style bitterness
okay so cascade and mosaicops i thought
i smelled mosaic but
those cascades were kind of throwing me
for a loop that is definitely an
interesting beer
i think i like it but i'm not quite sure
yet
this reminds me kind of like doing a
shandy though with uh
like grapefruit soda and a lager but
it's an ipa and a hypovision
like it's definitely tropical but it's
much more of like a melon
kind of tropical it's not citrusy uh
it's very interesting
yeah your brain tells you ipa and then
there's that
rich banana kind of like flavor from the
german malt
that just kind of carries the back of
the flavor but i'm also missing some of
those
quintessential hepa vise and spices and
and and taste that are usually so
predominant in half
beers um it's a little conflicting it's
it's weird i'll say this one is
interesting um
i'm not disappointed in it it's not a
bad beer but it's not
it's not doing it for me either um if it
is being called a half i'd prefer it be
a little bit more towards the heifen and
a little bit less americanized
however it's not quite americanized
enough for me either
as the hop flavor just really isn't
quite
there to be fair it's a fine drinkable
beer
i just don't think this one's for me
you
2CUTURL
Created in 2013, 2CUTURL has been on the forefront of entertainment and breaking news. Our editorial staff delivers high quality articles, video, documentary and live along with multi-platform content.
© 2CUTURL. All Rights Reserved.