Tuesday, December 31, 2024
Google search engine
HomeGuest BlogsRunning Pi-hole ad blocking software in Docker Container

Running Pi-hole ad blocking software in Docker Container

When surfing over the web, you may be pestered with pop-up ads when reading articles. It is possible to block them by installing centralized ads and trackers blocking solution known as Pi-hole.

Pi-hole is open-source software available for Linux operation systems. Its main function is to block tracking and adverts running on your website, application, or product. Advertisements generate revenue for most online websites including ours, but with the growing fractions of flawed advertising, many people tend o use AdBlockers and integrate them with their browsers.

With Pi-hole, one can set up an internal DNS server that routes all the network traffic. By doing so, the desired filters can be made across the network and annoying ads segregated.

The cool features brought by Pi-hole are:

  • Lightweight: It is able to run on minimal hardware and software requirements
  • Robust: with a command-line interface that is quality assured for interoperability
  • Versatile: it can optionally be used as a DHCP server, ensuring all your devices are protected automatically
  • Scalable: it has the ability to handle hundreds of millions of queries when installed on server-grade hardware
  • Modern: it blocks ads over both IPv4 and IPv6
  • Easy-to-install: the installation process takes less than ten minutes
  • Responsive: It seamlessly speeds up the feel of everyday browsing by caching DNS queries
  • Resolute: content is blocked in non-browser locations, such as ad-laden mobile apps and smart TVs

Install Pi-hole on Linux

Pi-hole can be installed quickly using the automated script below:

curl -sSL https://install.pi-hole.net | bash

There are other methods such as cloning the repo:

git clone --depth 1 https://github.com/pi-hole/pi-hole.git Pi-hole
cd "Pi-hole/automated install/"
sudo bash basic-install.sh

Or manually download the installer:

wget -O basic-install.sh https://install.pi-hole.net
sudo bash basic-install.sh

The method covered here is by using Docker containers. The steps below can be used to run the Pi-hole ad blocking software in Docker Containers:

Step 1 – Install Docker on Linux

The first step is to ensure that you have Docker installed on your system. If not, use the guide below to achieve this:

Start and enable docker

sudo systemctl start docker && sudo systemctl enable docker

Add your system user to the docker group:

sudo usermod -aG docker $USER
newgrp docker

Check the installed docker version.

$ docker -v
Docker version 20.10.17, build 100c701

You can also install docker-compose using the aid in the guide below:

Step 2 – Create Persistent storage volumes

When setting up Pi-hole, it is recommended that you create two docker volumes, one for Pi-hole and the other for dnsmasq

Accomplish that using the commands:

docker volume create pihole_app
docker volume create dns_config

Check the created volumes:

$ docker volume ls
DRIVER    VOLUME NAME
local     dns_config
local     pihole_app

Step 3 – Run Pi-hole in Docker Container

Begin by disabling the system-resolved service running on port 53.

sudo systemctl stop systemd-resolved
sudo systemctl disable systemd-resolved

Now Pi-hole can be run using the following command with environment variables declared:

sudo docker run -d \
  --name pihole \
  -p 53:53/tcp  \
  -p 53:53/udp  \
  -p 67:67 -p 80:80  \
  -p 443:443  \
  -e TZ="Africa/Nairobi"   \
  -e WEBPASSWORD=password \
  --dns=1.1.1.1  \
  --dns=127.0.0.1 \
  --restart=unless-stopped  \
  --hostname pi.hole  \
  -v pihole_app:/etc/pihole/  \
  -v dns_config:/etc/dnsmasq.d/  \
  pihole/pihole:latest 

Just to explain the above variables:

  • Name pihole – Names the container to pihole.
  • TZ = “Africa/Nairobi” – Specifies the time zone.
  • -p – Releases ports 53 (DNS), 67 (DHCP), 80 (Webadmin), 443 (HTTPS Webadmin) on the host system.
  • DNS = 127.0.0.1 – Specifies a forced DNS server for the container. In this case the container pi-hole itself.
  • -e WEBPASSWORD=password – sets a password for the Pi-hole interface.
  • -e ServerIP = “127.0.0.1 ″- Defines the LAN IP address for the Web and Lighttpd modules.

It is possible to run the above container using docker-compose. First, create the YAML file.

vim docker-compose.yml

Add the below lines to the container, replacing where required:

version: "3"

services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "67:67/udp"
      - "80:80/tcp"
      - "443:443/tcp"
    environment:
      TZ: 'Africa/Nairobi'
      WEBPASSWORD: 'password'
    volumes:
      - './pihole_app:/etc/pihole'
      - './dns_config:/etc/dnsmasq.d'
    dns:
      - 127.0.0.1
      - 1.1.1.1
    cap_add:
      - NET_ADMIN
    restart: unless-stopped

Run the container with the command:

docker-compose up -d

Verify if the container is running:

$ docker ps
CONTAINER ID   IMAGE                  COMMAND      CREATED         STATUS                            PORTS                                                                                                                                                                                       NAMES
b0e8bfc3e2a4   pihole/pihole:latest   "/s6-init"   4 seconds ago   Up 3 seconds (health: starting)   0.0.0.0:53->53/tcp, :::53->53/tcp, 0.0.0.0:67->67/tcp, :::67->67/tcp, 0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:53->53/udp, :::443->443/tcp, :::53->53/udp, 67/udp   pihole

Step 4 – Access the Pi-hole Dashboard Web Interface

At this time the, Pi-hole web interface is available on port 80 and can be accessed with the URL http://IP_address/admin or http://domain_name/admin

Running Pi hole ad blocking software in Docker Container 3

Login using the created password and proceed to access the dashboard.

Running Pi hole ad blocking software in Docker Container 4

Now on this dashboard, there are several activities one needs to perform. They include:

1. Set DNS in router or PC to block ads

For Pi-hole to act as a DNS server for your network, you need to supply the IP Address of the Pi-hole server as the DNS of all systems.

There are two methods how to achieve this:

Home Network-Wide Blocking via Router Settings

This can be done by navigating to your router network settings. This hasn’t been covered since routers differ in models. But you can get a specific way to achieve that online.

Configuring a Single Device’s DNS

Alternatively, you can configure the DNS manually on each system. For example on

Linux

Running Pi hole ad blocking software in Docker Container

On Windows:

Open Adapter properties.

Running Pi hole ad blocking software in Docker Container 1

Provide the IP Address of the Pi-hole server.

Running Pi hole ad blocking software in Docker Container 2

You can also make the same configuration on a mobile phone.

2. Block or unblock Websites via Pi-hole Dashboard

The easiest method to block or unblock a site is by using the blacklist feature. For example, you want to block adult sites, social media e.t.c for kids or office use.

To Whitelist a site, navigate to the Whitelist option and select “Add Domain as Wildcard”. Provide the URL of the site and add it.

Running Pi hole ad blocking software in Docker Container 5

To block a site, proceed to the blacklist tab then provide the name of the site and click Add to Blacklist

Running Pi hole ad blocking software in Docker Container 6

3. Disable Ad-block for a Given period of time

From the dashboard, you can disable the Ad-block features for a specific time. This can be done by navigating to disable

Running Pi hole ad blocking software in Docker Container 7

4. Update list of blocked domains(Gravity)

By default, Pi-hole comes with a list of blocked sites/ads provided in the Gravity database. With time the list starts creating junk by when domains are added. This feature will flush the database. This can be done from the command line with the command:

docker exec -it pihole /bin/bash
pihole -g

From the web, you can still perform the action under Settings -> Update Gravity

Running Pi hole ad blocking software in Docker Container 8

Step 5 – Manage the Pi-hole Container

The Pi-hole container can be configured to start automatically on system boot by creating a systemd file as shown.

sudo vim /etc/systemd/system/Pi-hole_container.service

Add the lines below to the file:

[Unit]
Description=Pi-hole container

[Service]
Restart=always
ExecStart=/usr/bin/docker start -a pihole
ExecStop=/usr/bin/docker stop -t 2 pihole

[Install]
WantedBy=local.target

Save the file and reload daemons:

sudo systemctl daemon-reload

The container can be restarted, stopped, and enabled just like any other systemd service:

sudo systemctl start Pi-hole_container
sudo systemctl enable Pi-hole_container

Check the status of the service:

$ systemctl status Pi-hole_container
● Pi-hole_container.service - Pi-hole container
     Loaded: loaded (/etc/systemd/system/Pi-hole_container.service; disabled; vendor preset: enabled)
     Active: active (running) since Sun 2022-06-12 14:45:04 UTC; 3s ago
   Main PID: 73206 (docker)
      Tasks: 5 (limit: 4607)
     Memory: 17.2M
     CGroup: /system.slice/Pi-hole_container.service
             └─73206 /usr/bin/docker start -a pihole

Jun 12 14:45:05 ubuntu docker[73206]:   AdminLTE version is v5.12 (Latest: v5.12)
Jun 12 14:45:05 ubuntu docker[73206]:   FTL version is v5.15 (Latest: v5.15)
Jun 12 14:45:05 ubuntu docker[73206]:   Container tag is: 2022.05
Jun 12 14:45:05 ubuntu docker[73206]: [cont-init.d] 20-start.sh: exited 0.
Jun 12 14:45:05 ubuntu docker[73206]: [cont-init.d] done.

Final Thoughts

This tutorial has provided the required steps on how to run Pi-hole ad blocking software in Docker Container. Now perform your desired blocking. I hope this was significant.

Related:

RELATED ARTICLES

Most Popular

Recent Comments