====== Pi-Hole - Setup Pi-Hole running in LXC - Not Working ====== **TODO:** These instructions do not work completely. Best to not use lxc-xxxx but instead the lxc xxxx instructions. ---- ===== Create an LXC Container ===== lxc-create -t download -n pihole -- --keyserver hkp://p80.pool.sks-keyservers.net:80 -d ubuntu -r xenial -a amd64 **NOTE:** Some versions of lxc allow this, which would replaced the installation of additional packages below: lxc-create -t ubuntu -n pihole -- -r bionic --package=cron,curl,wget,openssh-server,vim,ping,ca-certificates ---- ===== Start the Container ===== lxc-start -n pihole ---- ===== Check the status ===== lxc-info -n pihole ---- ===== Get a Shell inside the Container ===== lxc-attach -n pihole ---- ===== Install additional packages ===== sudo apt install cron curl wget openssh-server vim ca-certificates **NOTE:** Some of these additional packages may already be installed. Not a concern. The **ca-certificates** package is needed to prevent errors later with curl. Without this, errors such as: **curl: (60) SSL certificate problem: unable to get local issuer certificate** may be seen. Of course, this package, as well as any other package can be installed later with commands such as: apt install ca-certificates ---- ===== Check the Network ===== Ensure that LXC is configured properly in that it is able to access the internet. ip a Determine the IP subnet. Try to ping. ping 192.168.1.1 -c 1 **NOTE:** Change the ping address as needed to the correct subnet. LXC should ideally be configured in macvlan mode: See [[LXC:Make your LXD containers get IP addresses from your LAN using macvlan|Make your LXD containers get IP addresses from your LAN using macvlan]] ---- ===== Install Pi-Hole ===== curl -sSL https://install.pi-hole.net | bash or curl -sSL https://install.pi-hole.net -o pihole.sh **NOTE:** The 2nd option here just downloads the script. It does not actually install Pi-Hole until it is run. This is a little safer, as it allows you to check the code in the script against trojans etc. Once you are sure it is okay then run: bash pihole.sh Select the defaults until the DNS screen and then choose Cloudflare as your DNS. * Accept all the rest of the defaults and be careful not to change them. This will assure that you get the admin web interface and that statistics are logged. * The installation will continue for a few minutes after you answer the prompts. * After your installation completes, you will receive a message telling you to set up the DHCP settings on your router to make the address of your Pi-Hole the primary DNS for your network. * That will insert the Pi-Hole as the “man-in-the-middle” to scrutinize all DNS names before they are either passed to the Internet or “Pi-Holed”. When you return to the prompt in the terminal session, enter the following command to set your Pi-hole password: pihole -a -p ---- ===== Have the LXC Container Start Automatically ===== By default, LXC containers may not start automatically. To fix this, edit the container config file: lxc.start.auto = 1 lxc.start.delay = 1 **NOTE:** Autostart is mainly used to select which containers to start. When the host system boots, LXC decides the order and the delay between each startup. In this case: * The first line actually does the autostart. * The second line is optional and will delay the start of this container to give the current container time to begin initialization and reduce overloading the host system. ----