Official NixOS Wiki

Pi-Hole: Difference between revisions

← Older edit
J7 (talk | contribs)
10 edits
VisualWikitext
J7 (talk | contribs)
10 edits
J7 (talk | contribs)
10 edits
typos
 
(3 intermediate revisions by the same user not shown)
Line 5: Line 5:
services.pihole-ftl = {
services.pihole-ftl = {
   enable = true;
   enable = true;
  openFirewallDNS = true;    # Open port 53 (DNS traffic)
   settings = {
   settings = {               # See <https://docs.pi-hole.net/ftldns/configfile/>
    # See <https://docs.pi-hole.net/ftldns/configfile/>
     dns.upstreams = [ "9.9.9.9" "1.1.1.1" ];   # Use Quad9/Cloudflare's DNS Servers
 
     hosts = [ "192.168.1.188 some.domain" ];   # Optionally resolve local domains
    # External DNS Servers quad9 and cloudflare
     dns.upstreams = [ "9.9.9.9" "1.1.1.1" ];
 
    # Optionally resolve local hosts (domain is optional)
     dns.hosts = [ "192.168.1.188 hostname.domain" ];
   };
   };
};
};
</syntaxhighlight>
</syntaxhighlight>


You can test it's working
Test if it's working


<syntaxhighlight>
<syntaxhighlight>
  systemctl status pihole-ftl.service
$ systemctl status pihole-ftl.service
  dig @localhost nixos.org
$ nslookup nixos.org localhost
$ nslookup hostname.domain localhost
</syntaxhighlight>
</syntaxhighlight>


Now, setting your routers DNS server to your IP will direct your traffic to the Pi-Hole. Blocked domains will not be resolved.
== Adding lists and enabling web interface ==
 
== Adding lists ==
<syntaxhighlight lang="nix">
<syntaxhighlight lang="nix">
services.pihole-ftl = {
services.pihole-ftl = {
   enable = true;
   enable = true;
  openFirewallDNS = true;    # Open port 53 (DNS traffic)
   settings = {
   settings = {               # See <https://docs.pi-hole.net/ftldns/configfile/>
    # See <https://docs.pi-hole.net/ftldns/configfile/>
     dns.upstreams = [ "9.9.9.9" "1.1.1.1" ];   # Use Quad9/Cloudflare's DNS Servers
 
     hosts = [ "192.168.1.188 some.domain" ];   # Optionally resolve local domains
    # External DNS Servers quad9 and cloudflare
     dns.upstreams = [ "9.9.9.9" "1.1.1.1" ];
 
    # Optionally resolve local hosts (domain is optional)
     dns.hosts = [ "192.168.1.188 hostname.domain" ];
   };
   };
   lists = [    # Lists can be added via URL
   lists = [    # Lists can be added via URL
     {
     {
Line 36: Line 44:
       type = "block";
       type = "block";
       enabled = true;
       enabled = true;
       description = "Sample blocklist by hagezi";
       description = "hagezi blocklist";
     }
     }
   ];
   ];
};
};
services.pihole-web = { # If lists are enabled then pihole-web must be configured
 
services.pihole-web = {
   enable = true;
   enable = true;
   ports = [ "443s" ];
   ports = [ "443s" ];
};
};
</syntaxhighlight>
</syntaxhighlight>
Test pihole web interface at https://localhost:443


Now you can access pihole web interface at https://localhost:443
Now you can set your router's DNS server to the IP of the host running pihole and blocked domains should not be resolved.
Retrieved from "https://wiki.nixos.org/wiki/Pi-Hole"