pi-hole:setup_pi-hole_running_in_lxc:not_working
Differences
This shows you the differences between two versions of the page.
| pi-hole:setup_pi-hole_running_in_lxc:not_working [2021/01/03 20:36] – created peter | pi-hole:setup_pi-hole_running_in_lxc:not_working [2021/01/03 20:38] (current) – peter | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== Pi-Hole - Setup Pi-Hole running in LXC - Not Working ====== | ====== Pi-Hole - Setup Pi-Hole running in LXC - Not Working ====== | ||
| + | |||
| + | <WRAP todo> | ||
| + | **TODO: | ||
| + | |||
| + | Best to not use lxc-xxxx but instead the lxc xxxx instructions. | ||
| + | |||
| + | </ | ||
| + | |||
| + | ---- | ||
| + | |||
| + | ===== Create an LXC Container ===== | ||
| + | |||
| + | <code bash> | ||
| + | lxc-create -t download -n pihole -- --keyserver hkp:// | ||
| + | </ | ||
| + | |||
| + | <WRAP info> | ||
| + | **NOTE: | ||
| + | |||
| + | <code bash> | ||
| + | lxc-create -t ubuntu -n pihole -- -r bionic --package=cron, | ||
| + | </ | ||
| + | |||
| + | </ | ||
| + | |||
| + | |||
| + | ---- | ||
| + | |||
| + | ===== Start the Container ===== | ||
| + | |||
| + | <code bash> | ||
| + | lxc-start -n pihole | ||
| + | </ | ||
| + | |||
| + | ---- | ||
| + | |||
| + | ===== Check the status ===== | ||
| + | |||
| + | <code bash> | ||
| + | lxc-info -n pihole | ||
| + | </ | ||
| + | |||
| + | ---- | ||
| + | |||
| + | ===== Get a Shell inside the Container ===== | ||
| + | |||
| + | <code bash> | ||
| + | lxc-attach -n pihole | ||
| + | </ | ||
| + | |||
| + | ---- | ||
| + | |||
| + | ===== Install additional packages ===== | ||
| + | |||
| + | <code bash> | ||
| + | sudo apt install cron curl wget openssh-server vim ca-certificates | ||
| + | </ | ||
| + | |||
| + | <WRAP info> | ||
| + | **NOTE: | ||
| + | |||
| + | The **ca-certificates** package is needed to prevent errors later with curl. | ||
| + | |||
| + | Without this, errors such as: **curl: (60) SSL certificate problem: unable to get local issuer certificate** may be seen. | ||
| + | |||
| + | Of course, this package, as well as any other package can be installed later with commands such as: | ||
| + | |||
| + | <code bash> | ||
| + | apt install ca-certificates | ||
| + | </ | ||
| + | |||
| + | </ | ||
| + | |||
| + | |||
| + | |||
| + | ---- | ||
| + | |||
| + | ===== Check the Network ===== | ||
| + | |||
| + | Ensure that LXC is configured properly in that it is able to access the internet. | ||
| + | |||
| + | <code bash> | ||
| + | ip a | ||
| + | </ | ||
| + | |||
| + | Determine the IP subnet. | ||
| + | |||
| + | Try to ping. | ||
| + | |||
| + | <code bash> | ||
| + | ping 192.168.1.1 -c 1 | ||
| + | </ | ||
| + | |||
| + | <WRAP info> | ||
| + | **NOTE: | ||
| + | |||
| + | |||
| + | LXC should ideally be configured in macvlan mode: | ||
| + | |||
| + | See [[LXC:Make your LXD containers get IP addresses from your LAN using macvlan|Make your LXD containers get IP addresses from your LAN using macvlan]] | ||
| + | |||
| + | </ | ||
| + | |||
| + | ---- | ||
| + | |||
| + | ===== Install Pi-Hole ===== | ||
| + | |||
| + | <code bash> | ||
| + | curl -sSL https:// | ||
| + | </ | ||
| + | |||
| + | or | ||
| + | |||
| + | <code bash> | ||
| + | curl -sSL https:// | ||
| + | </ | ||
| + | |||
| + | <WRAP alert> | ||
| + | **NOTE: | ||
| + | |||
| + | This is a little safer, as it allows you to check the code in the script against trojans etc. Once you are sure it is okay then run: | ||
| + | |||
| + | <code bash> | ||
| + | bash pihole.sh | ||
| + | </ | ||
| + | |||
| + | </ | ||
| + | |||
| + | Select the defaults until the DNS screen and then choose Cloudflare as your DNS. | ||
| + | |||
| + | * Accept all the rest of the defaults and be careful not to change them. This will assure that you get the admin web interface and that statistics are logged. | ||
| + | * The installation will continue for a few minutes after you answer the prompts. | ||
| + | * After your installation completes, you will receive a message telling you to set up the DHCP settings on your router to make the address of your Pi-Hole the primary DNS for your network. | ||
| + | * That will insert the Pi-Hole as the “man-in-the-middle” to scrutinize all DNS names before they are either passed to the Internet or “Pi-Holed”. | ||
| + | |||
| + | When you return to the prompt in the terminal session, enter the following command to set your Pi-hole password: | ||
| + | |||
| + | <code bash> | ||
| + | pihole -a -p | ||
| + | </ | ||
| + | |||
| + | ---- | ||
| + | |||
| + | ===== Have the LXC Container Start Automatically ===== | ||
| + | |||
| + | By default, LXC containers may not start automatically. | ||
| + | |||
| + | To fix this, edit the container config file: | ||
| + | |||
| + | <file bash / | ||
| + | lxc.start.auto = 1 | ||
| + | lxc.start.delay = 1 | ||
| + | </ | ||
| + | |||
| + | <WRAP info> | ||
| + | **NOTE: | ||
| + | |||
| + | When the host system boots, LXC decides the order and the delay between each startup. | ||
| + | |||
| + | In this case: | ||
| + | |||
| + | * The first line actually does the autostart. | ||
| + | * The second line is optional and will delay the start of this container to give the current container time to begin initialization and reduce overloading the host system. | ||
| + | |||
| + | </ | ||
| + | |||
| + | ---- | ||
| + | |||
pi-hole/setup_pi-hole_running_in_lxc/not_working.1609706213.txt.gz · Last modified: 2021/01/03 20:36 by peter