Thread - Nostr Hypermedia

Derek Ross derekross@grownostr.org 2 years ago

Happy #FOSSFriday! Today, we're going to talk about another piece of software that I've used for a few years. Pi-hole. Pi-hole is a free and open-source DNS sinkhole that helps to block ads and trackers on your network. It works by intercepting DNS requests from your devices and redirecting them to a local server that has been configured to block ads. This can significantly improve the performance and privacy of your network. Pi-hole is a software application that can be installed on a Raspberry Pi or other compatible device. You can even install it via certain "node" OS platforms like Umbrel. It is very easy to set up and use, and there are many tutorials available online. To use Pi-hole, you will need to configure your devices to use it as their DNS server. This can be done on most devices by going to the network settings and changing the DNS server to the IP address of your Pi-hole device or by simply configuring your router's LAN's DHCP settings to use the Pi-Hole.

Pi-hole – Network-wide Ad Blocking

Replies (24)

npub1ljv5...a29n 2 years ago

Pi-hole is nice but I prefer adguard-home

2 replies ↓

(>0_0)> 0_0@Nostr-Check.com 2 years ago

Love Pi-hole! I’ve been running mine for nearly 7 years

1 replies ↓

Keysa - Simplest Bitcoin Edu simplestbitcoinbook@nostrplebs.com 2 years ago

Thanks Derek, seen it on Umbrel but haven’t looked into it. A clearly non-tech savvy question: Can you use pi-hole with a VPN?

3 replies ↓

geeknik geeknik@deepforkcyber.com 2 years ago

pihole is pretty good, not gonna lie. but i've been running pfsense for over a decade (#freebsd ftw) and i much prefer the power of pfblockerng. 🤙🏻

1 replies ↓

npub1grae...q8tr 2 years ago

These Friday bonus content are very helpful. I’m new to all of this and your making us aware of better options and tools out there to help us.

1 replies ↓

armstrys armstrys@nostr.directory 2 years ago

Don’t forget pihole combined with Tailscale magic DNS to get blocking on the go! I also recommend installing unbound during the pihole installation to make your server also handle the DNS resolution. Easy, better privacy, I never noticed a performance drop.

4 replies ↓

Enki enki@sovbit.host 2 years ago

Love my pihole.

armstrys armstrys@nostr.directory 2 years ago

The internet makes it seem like some VPN providers may allow you to specify your own local DNS resolution. Otherwise you might be stuck with alternative solutions. If you’re willing to run a VPS server and use it like a VPN you can do achieve similar outcomes using Tailscale and pihole together. View quoted note →

Derek Ross derekross@grownostr.org 2 years ago

this is a good idea. thanks for the recommendation.

Derek Ross derekross@grownostr.org 2 years ago

pfsense is awesome 😉

Derek Ross derekross@grownostr.org 2 years ago

im glad you find it useful 😉

Enki enki@sovbit.host 2 years ago

+1 for unbound.

Derek Ross derekross@grownostr.org 2 years ago

it's not easy to do or not easily supported as by default a VPN provider has you using their DNS servers for requests. some VPN providers come with these types of services built in to block trackers and ads though.

Derek Ross derekross@grownostr.org 2 years ago

i have never used adguard, but i've seen people speak highly of it.

Derek Ross derekross@grownostr.org 2 years ago

armstrys armstrys@nostr.directory 2 years ago

I should have said Tailscale “nameservers” not MagicDNS. Setting a Tailscale nameserver lets you route the DNS requests back home without routing all data through your home network.

1 replies ↓

Derek Ross derekross@grownostr.org 2 years ago

i knew what you meant :) ive played with their MagicDNS.

nobody 2 years ago

Tailscale has some performance drawbacks. If you have the skills to host things yourself, wireguard will give you the best performance. I use this container and it's so good

GitHub

GitHub - wg-easy/wg-easy: The easiest way to run WireGuard VPN + Web-based Admin UI.

The easiest way to run WireGuard VPN + Web-based Admin UI. - wg-easy/wg-easy

2 replies ↓

nobody 2 years ago

But I otherwise have the same setup: pihole, unbound, VPN is the mobile on the go powerhouse set up.

JSTR jstr@nostrplebs.com 2 years ago

Pi-hole is the best thing ever! Have been running for a year now… highly recommend

armstrys armstrys@nostr.directory 2 years ago

Thanks for the setup! I’ll definitely look into it. Tailscale is just so damn easy :)

1 replies ↓

nobody 2 years ago

You bet man! Wireguard can run in kernelspace which will be faster than Tailscale which runs userspace wireguard. Worth it for me because I have cloud instances connecting to home for things and need the speed. If you're just doing normal browsing you likely wouldn't notice.

₿lack Swan npub1swan7cn5gq7vze7qncxa6av90wfn2y99nnp5t5tdvln04clcwrts5h2049 2 years ago

Why?

₿lack Swan npub1swan7cn5gq7vze7qncxa6av90wfn2y99nnp5t5tdvln04clcwrts5h2049 2 years ago

You can, but you would want to be careful. If using a VPN client on a client device (PC / Phone), this would leak DNS queries and make analysis far easier to conduct. Alternatively, you could configure your router so that all egress traffic traverses the VPN. This would mean that DNS queries to external resolvers would also go out over the VPN link!