While internet advertising is a significant source of revenue for your favorite websites, some individuals want to prevent it for a variety of reasons, including performance or privacy concerns. You could install blocking software on each of your devices, but the most efficient method is to use Pi-hole to establish a server that filters all of your web traffic at the local network level. #pihole
The best explanation on what is Pi-hole you can find on the Pi-hole® official website.
The Pi-hole® is a DNS sinkhole that protects your devices from unwanted content, without installing any client-side software.
- Easy-to-install: our versatile installer walks you through the process and takes less than ten minutes
- Resolute: content is blocked in non-browser locations, such as ad-laden mobile apps and smart TVs
- Responsive: seamlessly speeds up the feel of everyday browsing by caching DNS queries
- Lightweight: runs smoothly with minimal hardware and software requirements
- Robust: a command-line interface that is quality assured for interoperability
- Insightful: a beautiful responsive Web Interface dashboard to view and control your Pi-hole
- Versatile: can optionally function as a DHCP server, ensuring all your devices are protected automatically
- Scalable: capable of handling hundreds of millions of queries when installed on server-grade hardware
- Modern: blocks ads over both IPv4 and IPv6
- Free: open-source software which helps ensure you are the sole person in control of your privacy
This post should be as simple as possible and for everyone with a couple of bucks for the Raspberry Pi with an ethernet capability. An even better idea for those with a dust-collecting RPi somewhere in the room.
This post will use Raspberry Pi 4 with 4GB of RAM as an example, but it really does not matter since Pi-hole as long as you have a device with at least 512 MB of RAM and 2 GB of space.
Requirements
- An internet connection
- A computer with a microSD card reader
- Raspberry Pi with ethernet capabilities
- A microSD card (at least 8GB, 16GB is recommended)
- A monitor with HDMI
- A micro HDMI cable (if you have Raspberry Pi 4)
- A USB keyboard
Process
Installing Operating System
We need to set up an operating system (OS) on our microSD card which will be used as persistence on Raspberry Pi. I will be using Ubuntu Server 20.04 LTS x64 for that purpose, but you can use any other Ubuntu version or Raspberry Pi OS.
The easiest way to format and install the required OS on a microSD card is by using the existing tool which can be downloaded from Raspberry Pi Imager.
Insert the microSD card into your computer, and start already installed Raspberry Pi Imager.
From the initial screen, select CHOOSE OS and get your preferred operating system. Ubuntu can be found under the Other general-purpose OS group.
Select the image, open the SD Card menu, and select the inserted microSD card. Click WRITE and wait a couple of minutes for the operating system to be downloaded, installed, and verified on microSD. Once the process is complete, you will be notified that you can safely remove the microSD card from the slot.
Booting Up
Make sure your Raspberry Pi is off before you insert the microSD card into the dedicated slot. Connect the ethernet cable to the router, keyboard, monitor, and finally Raspberry Pi power supply. Wait a bit and you will see the operating system booting up.
Ubuntu Server does not have graphical installation, but the process is pretty straightforward.
Once the system is booted up, you will see a login prompt, but don't do anything for now. Wait for a couple of minutes for everything to set up and then perform the login. The default username and password for Ubuntu Server 20.04 LTS is:
username: ubuntu
password: ubuntu
After the successful login, it will ask for a new password, so be sure to create a secure password and remember it. That is your sudo
password which grants you administrative privileges, and it will be used frequently.
Update the OS
I know we did the clean install of the operating system, but it does not mean that the Raspberry Pi Imager has always up-to-date repositories. To update your system and packages with the latest patches, just run:
sudo apt update
sudo apt upgrade
If the Linux kernel is updated, you will need to reboot the system. You can do it with:
sudo reboot
Static IP
While we are at it, we should set up the static IP address for our device right from the start. It will be necessary for the Pi-hole later.
Ubuntu Server 20.04 LTS uses Netplan for the network configuration and can be found in /etc/netplan/
directory. There should be a file already in one of these forms:
- 01-netcfg.yaml
- 01-network-manager-all.yaml
- 50-cloud-init.yaml
Otherwise, if you cannot find the configuration file, you can try to generate a new one, executing:
$ sudo netplan generate
To configure a static IP address, you need to change the configuration in the file. This is how mine looks like:
# This file is generated from information provided by the datasource. Changes
# to it will not persist across an instance reboot. To disable cloud-init's
# network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
network:
ethernets:
eth0:
dhcp4: no
addresses: [192.168.0.50/24]
gateway4: 192.168.0.1
nameservers:
addresses: [8.8.8.8,8.8.4.4]
version: 2
This configuration indicates that the static IP address will be 192.168.0.50 and the gateway (routers') IP address is 192.168.0.1. Please check your router IP address so you can change values accordingly.
Remote Access
I don't like having Raspberry Pi connected to anything except the network, so I prefer using Secure Shell (SSH) to operate with Raspberry Pi. If you have a device on the same network, it is pretty easy. Don't disconnect the peripherals yet, we need some basic information. By default, SSH on Ubuntu Server obtained from Raspberry Pi Imager repository has SSH enabled. We can check this by checking the status with the command sudo systemctl status ssh
:
$ sudo systemctl status ssh
● ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2021-12-25 12:54:10 UTC; 12min ago
Docs: man:sshd(8)
man:sshd_config(5)
Process: 1733 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=0/SUCCESS)
Main PID: 1777 (sshd)
Tasks: 1 (limit: 4435)
CGroup: /system.slice/ssh.service
└─1777 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups
Dec 25 12:54:09 ubuntu systemd[1]: Starting OpenBSD Secure Shell server...
Dec 25 12:54:10 ubuntu sshd[1777]: Server listening on 0.0.0.0 port 22.
Dec 25 12:54:10 ubuntu sshd[1777]: Server listening on :: port 22.
Dec 25 12:54:10 ubuntu systemd[1]: Started OpenBSD Secure Shell server.
Dec 25 12:54:36 ubuntu sshd[1966]: Accepted password for ubuntu from 192.168.0.183 port 63829 ssh2
Dec 25 12:54:36 ubuntu sshd[1966]: pam_unix(sshd:session): session opened for user ubuntu by (uid=0)
If our SSH has the status Active: active (running)
, we are ready to continue. We need the IP address of the Raspberry Pi which we can obtain by running the next command (it should be a static IP address that we specified earlier):
$ hostname -I
192.168.0.50
Since we already know our username is ubuntu, we can now safely disconnect everything from the Raspberry Pi except the ethernet cable.
I use PowerShell to connect from my Windows 11 machine, but you can use whatever command-line program you prefer.
Don't forget you need to be on the same network
To log in remotely, use previously obtained information about your hostname and IP address. The command format is ssh hostname@IPaddress
If you like this PowerShell look, there is a great blog post from @Scott Hanselman HERE
Unable to resolve host
If you get the following error
sudo: unable to resolve host ubuntu: No address associated with hostname
It means that your hostname is not configured for the IP address. To solve it, add the hostname in /etc/hosts
file. To find the hostname, you can check it in the /etc/hostname
file using cat
command:
$ cat /etc/hostname
ubuntu # <-- this is your hostname
Now you can edit your hosts
file
$ sudo nano /etc/hosts
Add your hostname, obtained with the previous command, to the row where localhost is defined:
127.0.0.1 localhost heregoesyourhostname # <- instead of this
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
Pi-hole Installation
Installation of Pi-hole is pretty straightforward, and you can do it from your computer if you obtained information for the SSH connection.
$ curl -sSL https://install.pi-hole.net | bash
You will be prompted a couple of times to select configuration:
Every screen contains information about the configuration installation.
We already set up a static IP address, so we can just continue with the process. For the rest of the process, you can choose default options (including Web admin interface). Once we complete all the steps, we will have the final screen with the Web interface password.
You can access to Web admin interface by navigating to the IP address we specified through the browser
#<predefined static IP addres>/admin
192.168.0.50/admin
Change Password
Change your Pi-hole Web interface password using:
$ sudo pihole -a -p
Router Configuration
Once we have everything installed, it is necessary to tell our router to use Pi-hole as DNS. For this process, we need to have access to the network router (to which Raspberry Pi is connected to). A lot of ISPs allow this kind of configuration, but unfortunately, mine doesn't.
I have Technicolor CGA2121 DOCSIS 3.0 Wireless Gateway, and no option to manually change upstream DNS for DHCP connection (I don't have a static IP from my ISP). Thankfully, there is a way to override that behavior using Pi-holes' integrated DHCP server. For that purpose, we need to disable the DHCP server on the router and turn on DHCP on Pi-hole.
To disable the routers' DHCP, we need to log in and disable it manually.
Blocklists
Pi-hole comes with an optional blocklist that you could select during the installation process, and it is usually sufficient for most people.
https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
This blocklist is well-maintained and provides effective blocking without interfering with routine operations. While this may be sufficient for many, users frequently discover that they want to add their own custom lists to improve blocking capabilities.
Blocklist Collections
The Firebog, DeveloperDan and you can check Reddit or Google Search.
The easiest way to update the blocklist is through the Web interface. From the blocklist websites above, select lists that you want to use (I suggest reading a bit about them, so you don't come across some unwanted behavior while browsing).
To update the blocklist on your Pi-hole, you need to paste selected lists into the Adlists group management tab.
After that, we need to update the Pi-hole Gravity.
Tip
Strange things will happen while browsing, for sure, especially if you put a lot of blocklists. To check if that something is because of the Pi-hole configuration, there is an option to disable the Pi-hole for some time.
While the Pi-hole is disabled, you can try what you intended, and after the countdown, everything will go back as it was before.
Final words
I hope this post helped you set up the Pi-hole for a better internet browsing experience, and I'm sure this will be one of the best improvements you could make for your home or business network.
Happy browsing without ads!
P.S. Read the documentation, please.
Top comments (0)