Introducing Pi-hole v6 (pi-hole.net)
from jwr1@kbin.earth to selfhosted@lemmy.world on 18 Feb 22:48
https://kbin.earth/m/selfhosted@lemmy.world/t/943922

#selfhosted

threaded - newest

Junkernaught@lemmy.dbzer0.com on 18 Feb 22:55 next collapse

Looks like a great release!

Coldmoon@sh.itjust.works on 19 Feb 00:28 next collapse

Anyone got screenshots of the new UI?

drkt@scribe.disroot.org on 19 Feb 01:32 collapse

https://u.drkt.eu/PZJz6H.png I don’t know how to embed an image link

It’s not fundamentally different

Coldmoon@sh.itjust.works on 19 Feb 01:39 next collapse

Thanks for sharing! I need to get mine running again.

madame_gaymes@programming.dev on 19 Feb 01:57 next collapse

just for future reference (click the source button to see how I embedded your image)

![alt text](https://image.link)

<img alt="pihole v6 ui" src="https://u.drkt.eu/PZJz6H.png">

kratoz29@lemm.ee on 19 Feb 07:04 next collapse

Thanks, I haven’t used pi-hole in a while, but it looks the same for me.

lilith267@lemmy.blahaj.zone on 19 Feb 15:56 next collapse

Top premitted domain: e621.net

A fellow sysadmin furry I see

drkt@scribe.disroot.org on 19 Feb 18:36 collapse

😏

EncryptKeeper@lemmy.world on 19 Feb 16:53 collapse

It doesn’t really look different at all

henfredemars@infosec.pub on 19 Feb 01:14 next collapse

Neutrino emissions detected!

21Cabbage@lemmynsfw.com on 19 Feb 02:20 next collapse

I just found a ad-blocker build for the esp-32 so I’m gonna grab a 3-pack of the s3 model and some other electronics and play some games.

muhyb@programming.dev on 19 Feb 02:36 next collapse

It seems PADD got borked. Permission thing is happening again.

ramble81@lemm.ee on 19 Feb 03:03 next collapse

How much is Pi-hole worth it assuming I’m using UBO and also have most non-ad based streaming services?

I’m thinking phones and less often used devices?

4am@lemm.ee on 19 Feb 03:55 next collapse

I’m partial to AdGuardHome myself, but PiHole does the job well

froggycar360@slrpnk.net on 19 Feb 04:01 next collapse

I love my pihole. Even gets rid of the ads on my roku homescreen.

DarkDarkHouse@lemmy.sdf.org on 19 Feb 04:13 next collapse

It’s extra protection, especially if you use non-browser apps on your devices it can limit tracking.

clmbmb@lemmy.dbzer0.com on 19 Feb 08:51 next collapse

I can tell you something: I’m using some free apps on my Android phone and never notice ads at home, but when I’m on the mobile network or on a different wifi (at work or some public place) I start seeing them.

Confused_Emus@lemmy.dbzer0.com on 19 Feb 17:48 collapse

This is one of the reasons why I set up a Wireguard VPN connection to my home network, and an on-demand VPN connection on my phone that automatically turns on anytime I’m not on the home network. Even away from home I get the benefits of my Pi-hole+Unbound (running as recursive resolver) setup.

OminousOrange@lemmy.ca on 19 Feb 20:30 collapse

This is my setup too. I use WG-Tunnel to manage the VPN connection on my phone. It just monitors whenever you disconnect from your trusted WiFi network and automatically enables the VPN.

Only hiccup I’ve found is wireless Android Auto isn’t a fan of a VPN.

TK420@lemmy.world on 19 Feb 14:28 next collapse

I layer up. Always pihole, and whatever I can run locally on a machine or browser.

csm10495@sh.itjust.works on 19 Feb 16:21 next collapse

I have both but just use pihole as a local DNS server/forwarder. I bump into too many random times where sites or redirects don’t work properly since they get blocked.

Darkassassin07@lemmy.ca on 19 Feb 17:21 collapse

It’s really nice for random browsing/apps. Games, free tools, general web browsing; none of it loads ads.

Some mobile games will even attempt to load ads, fail, then give you the reward for ‘watching’ the ad.

It also stops devices from phoning home to upload telemetry and blocks known malware domains. (depends on the lists you use, heres a source for some lists)

DarkDarkHouse@lemmy.sdf.org on 19 Feb 03:25 next collapse

Be careful upgrading Docker versions, it has breaking changes.

registry.hub.docker.com/r/pihole/pihole/

fmstrat@lemmy.nowsci.com on 19 Feb 12:23 collapse

Whew, this is why I pin on sha256. I fear for the latest crowd.

Edit: At least it seems updating the container doesn’t break things:

Replacing any v5 image (2024.07.0 and earlier) with a v6 image will result in updated configuration files. These changes are irreversible.

sugar_in_your_tea@sh.itjust.works on 19 Feb 14:11 next collapse

I don’t use pihole, but everything I use is pinned by major release version. No problem yet with surprise breakage.

JustEnoughDucks@feddit.nl on 20 Feb 15:20 collapse

Live on the edge

Pin to develop

sic_semper_tyrannis@lemmy.today on 19 Feb 05:59 next collapse

Why would someone pick PiHole over say a customized NextDNS on your router?

KarnaSubarna@lemmy.ml on 19 Feb 06:17 next collapse

NextDNS doesn’t support unlimited DNS query for free, I think.

interdimensionalmeme@lemmy.ml on 19 Feb 06:35 next collapse

Not open source so hell no

sic_semper_tyrannis@lemmy.today on 19 Feb 14:56 collapse

Fair

sic_semper_tyrannis@lemmy.today on 19 Feb 14:56 next collapse

That’s a good point

Morphit@feddit.uk on 19 Feb 15:46 collapse

Ah, I saw another comment about this. The free plan is 300,000 queries a month. That’d last me almost a week before it stops working.

Darkassassin07@lemmy.ca on 19 Feb 17:32 collapse

Little of column A little of column B.

I use pihole on the LAN, then upstream is cloudflared translating DNS to DOH using NextDNS as the primary and Quad9 as the fallback.

Looking at the last 24hrs; my whole LAN network has made 91k DNS requests, 14.5% of that being passed to the upstream (the rest is locally cached responses or blocked) so ~12.7k served by NextDNS. When/if that 300k limit is reached, cloudflared will just fallback to Quad9.

With this I get the blocking from NextDNS as well as whatever additional lists I want to use; plus pihole serves local only records for self-hosted services and fixed names for LAN devices (I find standard broadcasted hostnames unreliable at best).

sic_semper_tyrannis@lemmy.today on 20 Feb 00:55 collapse

Thank you. That’s incredibly insightful. When I get the cash I’ll setup a PiHole

KarnaSubarna@lemmy.ml on 19 Feb 06:20 next collapse

If Pi-Hole starts supporting DoH out-of-the-box, I’ll happily switch from AdguardHome.

uninvitedguest@lemmy.ca on 19 Feb 12:24 next collapse

What is DoH?

rumba@lemmy.zip on 19 Feb 13:29 next collapse

DNS Over Https

Not to be confused with

DNS Over TLS

It’s just a way of keeping your ISP from reading your DNS requests.

KairuByte@lemmy.dbzer0.com on 19 Feb 13:55 collapse

Not just reading. A while back, some ISPs moved towards replacing DNS queries to known DNS servers with their own replies.

rumba@lemmy.zip on 19 Feb 18:38 collapse

Yeah, I still want to be over ISPs replacing DNS failures with their own search engines been happening for decades

GenderNeutralBro@lemmy.sdf.org on 19 Feb 16:31 collapse

DNS over HTTPS. It allows encrypted DNS lookup with a URL, which allows for url-based customizations not possible with traditional DNS lookups (e.g. the server could have /ads or /trackers endpoints so you can choose what to block).

DNS Over TLS (DoT) is similar, but it doesn’t use URLs, just IP addresses like generic DNS. Both are encrypted.

TK420@lemmy.world on 19 Feb 14:26 collapse

docs.pi-hole.net/guides/dns/cloudflared/

Is this not that, or is Cloudflare on the naughty list these days?

KarnaSubarna@lemmy.ml on 19 Feb 18:19 collapse

No native support for DoH in Pi-Hole yet. Additional setup is required to enable it on Pi-Hole[1].

[1] docs.pi-hole.net/guides/dns/cloudflared/

FauxLiving@lemmy.world on 19 Feb 20:03 collapse

I use it in this configuration.

It works well except, if you lose connection temporarily the cloudflared stops responding until some, long (60s or so) timeout period.

A minor annoyance, I usually just manuirestart the service… but I cannot find the setting that is causing this.

interdimensionalmeme@lemmy.ml on 19 Feb 06:35 next collapse

Can you run pi-hole in lxc without also needing docker ?

wintermute@discuss.tchncs.de on 19 Feb 09:20 collapse

Yes , that’s how I run it in my Proxmox. Just create the lxc, wget the installer and run it.

interdimensionalmeme@lemmy.ml on 19 Feb 10:54 next collapse

Cool!

Fedegenerate@lemmynsfw.com on 19 Feb 22:01 collapse

+1 for running pihole in an LXC, and a redundant pihole in a docker container.

They never update at the same time, or in the same way so near as dammit constant uptime.

dingdongitsabear@lemmy.ml on 19 Feb 07:06 next collapse

upgrade went without a hitch (docker), only thing needed changing is the web UI password in docker-compose.yml. everything works, UI is infinitely faster, first impressions very positive.

Lemmling@lemm.ee on 19 Feb 09:40 next collapse

Good news! Hope they implement detailed query log and support for upstream DoH DNS next.

Darkassassin07@lemmy.ca on 19 Feb 17:15 collapse

They’ve added a bit more info to the query log, when you click on individual items.

It’s still not a native feature, but; You can add DOH using cloudflared, incl configuring which upstream(s) to use (you don’t have to use cloudflare itself, just the tool).

There’s even a docker version.

sugar_in_your_tea@sh.itjust.works on 19 Feb 14:29 next collapse

Has anyone tried https://github.com/hickory-dns/hickory-dns? It seems to be a complete DNS server instead of what looks like a bunch of bash config for a standard Linux tool. There are block lists you can configure as well, and it supports pretty much everything.

It’s way overkill, but hey, why not?

possiblylinux127@lemmy.zip on 19 Feb 17:18 collapse

I probably would just stick with dnsmasq

const_void@lemmy.ml on 19 Feb 15:21 next collapse

I still prefer NextDNS

Morphit@feddit.uk on 19 Feb 15:43 next collapse

That says it will only function for 300,000 queries per month. Based on my last 24 hours from pi-hole, that wouldn’t even last a week. Are you using a paid plan?

Artaca@lemdro.id on 19 Feb 19:02 collapse

I am. Paid plan equates to like $2-3 per month. Tied it into Tailscale (I think TS has official docs explaining how) and haven’t given it another thought.

EncryptKeeper@lemmy.world on 19 Feb 16:52 next collapse

NextDNS isn’t selfhosted, is it?

MrPoopbutt@lemmy.world on 19 Feb 20:28 collapse

What does nextdns do that pihole can’t?

const_void@lemmy.ml on 21 Feb 04:08 collapse

The biggest feature for me is the ability to use it on any network (cellular, vpn, WiFi, etc). I never see ads. Pihole can’t (easily) do that.

chriscrutch@lemm.ee on 19 Feb 21:15 next collapse

I was running Pi-hole on an actual Raspberry Pi 4 that was apparently running Raspbian 10. My upgrade did not go smoothly. But I got it and I’m liking the new version. The only issue I see so far is that the admin panel in v5 used to have a “remember me for 7 days” checkbox when logging in, this version does not.

Fedegenerate@lemmynsfw.com on 19 Feb 22:08 collapse

Update went fine on a bare metal install. Customising the webUI port is a little easier now, instead of editing lighttdp.conf I think you can do it in the UI.

I struggled to find some settings, I looked for ages for the API token. Found it in all settings: expert, scroll for half a mile down the webUI API section.

Also, struggled with adding CNAMES in bulk, I thought you could do that in the old UI. You might be able to in the new UI. I just 'one by one’d them.

Docker update went flawlessly.

I have an lxc and to go which is a task for another day, unless TTeck’s updater beats me to it.