Four Ways To Install Pi-hole DNS

0 Comments

What is Pi-hole

Pi-Hole is a light weight DNS server originally made for the Raspberry Pi. Although it was designed for the Raspberry Pi it can be run on many different favors of Linux. It allows for a user to control DNS and do network wide ad blocking.

Requirements

System Specs

Min. 2GB free space, 4GB recommended
512MB RAM
* Pi-hole is very light weight since it was designed for the Raspberry Pi

Operating Systems

LinuxReleaseArchitecture
Raspberry Pi OSBuster / BullseyeARM
Armbian OSAnyARM / x86_64 / riscv64
Debian20.x / 22.x / 23.xARM / x86_64 / i386
Fedora38 / 39ARM / x86_64
CentOS Stream8 / 9x86_64
Ubuntu10 / 11 / 12ARM / x86_64
* Pi-hole will work with other Linux builds, but these are the ones that are officially supported.

Required Firewall Ports

ServicePortProtocol
pihole-FTL53 (DNS)TCP/UDP
pihole-FTL67 (DHCP)IPv4 UDP
pihole-FTL547 (DHCPv6)IPv6 UDP
lighttpd80 (HTTP)TCP
pihole-FTL4711TCP
* If IPv6 will not be used port 547 is not necessary

Installing Pi-hole

There are four recommended ways to install Pi-Hole. The first is to install it using the Pi-Hole script. It second is to install it using Docker. The third is a cloning the Pi-hole repository. The fourth is a manual install. We will cover all of these below. We will be installing in a Debian 12 container.

Before setting Pi-hole we should open up the firewall. Although it will work without setting the firewall it is best practice to have a firewall in place.

ufw allow 80/tcp
ufw allow 53/tcp
ufw allow 53/udp
ufw allow 67/tcp
ufw allow 67/udp

If you plan on using IPv6 add the following line. If not leave it out.

ufw allow 546:547/udp

Method 1: Installing via a one-step automated script.

This is the easiest way have installing Pi-hole.

First we will need to install a few other packages including sudo. We will first need to run update then install sudo. Some Linux packages already include sudo. Sudo allows a non-privileged user to act as a root. From a security stand point it is safer than running commands directly from root.

apt-get update
apt-get install sudo -y

Now we can create a user

adduser <userid>

We now must add the user to the sudo group.

moduser -aG sudo <userid>

We can now login using our newly created account and install curl.

apt-get install curl -y

We are now ready to install Pi-hole from a script.

curl -sSL https://install.pi-hole.net | bash

Answer yes to all the questions. It will has for an upstream DNS provider. I would recommend Google or Cloudflare. It will then install everything and give you login information.

Method 2: Clone the Pi-hole Repository

In this method we will use the automated install script but will use a cloned repository to run it. It is very similar to method one and will require sudo. It also will require git.

We will first need to run update then install sudo. Some Linux packages already include sudo. Sudo allows a non-privileged user to act as a root. From a security stand point it is safer than running commands directly from root.

apt-get update
apt-get install sudo -y

Now we can create a user.

adduser <userid>

We now must add the user to the sudo group.

pihole@piholedemo:~$ sudo apt-get install git -y

Simply run the following command.

git clone --depth 1 https://github.com/pi-hole/pi-hole.git Pi-hole
cd "Pi-hole/automated install/"
sudo bash basic-install.sh

Answer yes to all the questions. It will has for an upstream DNS provider. I would recommend Google or Cloudflare. It will then install everything and give you login information.

Method 3: Installing in a Docker container

We will be using Docker and Docker Compose to install Pi-hole in a Docker container. It will require us to install Docker and the Docker Compose plugin along with sudo if not already added.

We will first need to run update then install sudo. Some Linux packages already include sudo. Sudo allows a non-privileged user to act as a root. From a security stand point it is safer than running commands directly from root.

apt-get update
apt-get install sudo -y

Simply run the following commands to install Docker and Docker Compose

sudo apt-get install docker -y
sudo apt-get install docker -y

We will make a directory for the container and cd into it.

mkdir pihole
cd pihole

Use your favorite editor to create “docker-compose.yml” that will hold all server parameters.

nano docker-compose.yml

Paste the following syntax into the file modifying it for your needs and time zone.

version: "3"

# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/
services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    # For DHCP it is recommended to remove these ports and instead add: network_mode: "host"
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "67:67/udp" # Only required if you are using Pi-hole as your DHCP server
      - "80:80/tcp"
    environment:
      TZ: 'America/New_York'
      # WEBPASSWORD: 'set a secure password here or it will be random'
    # Volumes store your data between container upgrades
    volumes:
      - './etc-pihole:/etc/pihole'
      - './etc-dnsmasq.d:/etc/dnsmasq.d'
    #   https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
    cap_add:
      - NET_ADMIN # Required if you are using Pi-hole as your DHCP server, else not needed
    restart: unless-stopped

Ctrl-X to exit and save.

Run the Docker Compose command to bring up the container. Depending on your system it will be “docker compose up -d” or “docker-compose up -d”

sudo docker-compose up -d

We now must change the password to access the web interface. The command would be pihole -a -p, but since we are running it in a container the command must be run inside the container.

sudo docker exec -ti <container name>  pihole -a -p

Pi-hole is now set up.

Method 4: Manual Install

This method involves downloading the binaries to the server and installing them locally. This was is a little slower, but is still straight forward.

We will first need to run update then install sudo. Some Linux packages already include sudo. Sudo allows a non-privileged user to act as a root. From a security stand point it is safer than running commands directly from root.

apt-get update
apt-get install sudo -y

We will use wget to download the binaries from the web and run them locally

wget -O basic-install.sh https://install.pi-hole.net
sudo bash basic-install.sh

Answer yes to all the questions. It will has for an upstream DNS provider. I would recommend Google or Cloudflare. It will then install everything and give you login information.

Conclusion

With any luck you should have access the admin page of Pi-hole.

Categories:

Leave a Reply

Your email address will not be published. Required fields are marked *