Table of Contents

Pi-Hole - Setup Pi-Hole running in LXC - Not Working

TODO: These instructions do not work completely.

Best to not use lxc-xxxx but instead the lxc xxxx instructions.


Create an LXC Container

lxc-create -t download -n pihole -- --keyserver hkp://p80.pool.sks-keyservers.net:80 -d ubuntu -r xenial -a amd64

NOTE: Some versions of lxc allow this, which would replaced the installation of additional packages below:

lxc-create -t ubuntu -n pihole -- -r bionic --package=cron,curl,wget,openssh-server,vim,ping,ca-certificates

Start the Container

lxc-start -n pihole

Check the status

lxc-info -n pihole

Get a Shell inside the Container

lxc-attach -n pihole

Install additional packages

sudo apt install cron curl wget openssh-server vim ca-certificates

NOTE: Some of these additional packages may already be installed. Not a concern.

The ca-certificates package is needed to prevent errors later with curl.

Without this, errors such as: curl: (60) SSL certificate problem: unable to get local issuer certificate may be seen.

Of course, this package, as well as any other package can be installed later with commands such as:

apt install ca-certificates

Check the Network

Ensure that LXC is configured properly in that it is able to access the internet.

ip a

Determine the IP subnet.

Try to ping.

ping 192.168.1.1 -c 1

NOTE: Change the ping address as needed to the correct subnet.

LXC should ideally be configured in macvlan mode:

See Make your LXD containers get IP addresses from your LAN using macvlan


Install Pi-Hole

curl -sSL https://install.pi-hole.net | bash

or

curl -sSL https://install.pi-hole.net -o pihole.sh

NOTE: The 2nd option here just downloads the script. It does not actually install Pi-Hole until it is run.

This is a little safer, as it allows you to check the code in the script against trojans etc. Once you are sure it is okay then run:

bash pihole.sh

Select the defaults until the DNS screen and then choose Cloudflare as your DNS.

When you return to the prompt in the terminal session, enter the following command to set your Pi-hole password:

pihole -a -p

Have the LXC Container Start Automatically

By default, LXC containers may not start automatically.

To fix this, edit the container config file:

/var/lib/lxc/pihole/config
lxc.start.auto = 1
lxc.start.delay = 1

NOTE: Autostart is mainly used to select which containers to start.

When the host system boots, LXC decides the order and the delay between each startup.

In this case:

  • The first line actually does the autostart.
  • The second line is optional and will delay the start of this container to give the current container time to begin initialization and reduce overloading the host system.