====== Pi-Hole - Setup Pi-Hole running in LXC - Not Working ======
**TODO:** These instructions do not work completely.
Best to not use lxc-xxxx but instead the lxc xxxx instructions.
----
===== Create an LXC Container =====
lxc-create -t download -n pihole -- --keyserver hkp://p80.pool.sks-keyservers.net:80 -d ubuntu -r xenial -a amd64
**NOTE:** Some versions of lxc allow this, which would replaced the installation of additional packages below:
lxc-create -t ubuntu -n pihole -- -r bionic --package=cron,curl,wget,openssh-server,vim,ping,ca-certificates
----
===== Start the Container =====
lxc-start -n pihole
----
===== Check the status =====
lxc-info -n pihole
----
===== Get a Shell inside the Container =====
lxc-attach -n pihole
----
===== Install additional packages =====
sudo apt install cron curl wget openssh-server vim ca-certificates
**NOTE:** Some of these additional packages may already be installed. Not a concern.
The **ca-certificates** package is needed to prevent errors later with curl.
Without this, errors such as: **curl: (60) SSL certificate problem: unable to get local issuer certificate** may be seen.
Of course, this package, as well as any other package can be installed later with commands such as:
apt install ca-certificates
----
===== Check the Network =====
Ensure that LXC is configured properly in that it is able to access the internet.
ip a
Determine the IP subnet.
Try to ping.
ping 192.168.1.1 -c 1
**NOTE:** Change the ping address as needed to the correct subnet.
LXC should ideally be configured in macvlan mode:
See [[LXC:Make your LXD containers get IP addresses from your LAN using macvlan|Make your LXD containers get IP addresses from your LAN using macvlan]]
----
===== Install Pi-Hole =====
curl -sSL https://install.pi-hole.net | bash
or
curl -sSL https://install.pi-hole.net -o pihole.sh
**NOTE:** The 2nd option here just downloads the script. It does not actually install Pi-Hole until it is run.
This is a little safer, as it allows you to check the code in the script against trojans etc. Once you are sure it is okay then run:
bash pihole.sh
Select the defaults until the DNS screen and then choose Cloudflare as your DNS.
* Accept all the rest of the defaults and be careful not to change them. This will assure that you get the admin web interface and that statistics are logged.
* The installation will continue for a few minutes after you answer the prompts.
* After your installation completes, you will receive a message telling you to set up the DHCP settings on your router to make the address of your Pi-Hole the primary DNS for your network.
* That will insert the Pi-Hole as the “man-in-the-middle” to scrutinize all DNS names before they are either passed to the Internet or “Pi-Holed”.
When you return to the prompt in the terminal session, enter the following command to set your Pi-hole password:
pihole -a -p
----
===== Have the LXC Container Start Automatically =====
By default, LXC containers may not start automatically.
To fix this, edit the container config file:
lxc.start.auto = 1
lxc.start.delay = 1
**NOTE:** Autostart is mainly used to select which containers to start.
When the host system boots, LXC decides the order and the delay between each startup.
In this case:
* The first line actually does the autostart.
* The second line is optional and will delay the start of this container to give the current container time to begin initialization and reduce overloading the host system.
----