Building a Pi-Hole
Now I’ve got your attention 🤣 How would you like to browse the web with fewer adverts? Play mobile games on your phone or tablet without unnecessary ads? or even better, reduce the amount of tracking your devices collect of your browsing habits? Sound too good to be true? Probably, but you can give yourself an edge by building a very cheap and simple Ad and Tracking blocker for the cost of a of a round of drinks and a packet of crisps to build this project.
I’d heard of Pi-Hole for a while and always planned on looking further into it, until a friend contacted me to ask if I’d built one yet? Now I’m not one to say that Mark is competitive but within half an hour of that conversation, he’d already got his up and running, sharing stats of his findings and how much tracking and ads his devices are calling out.
The challenge was set, I had no choice but to put my other hacking projects on hold and build one, though Mark still owns the gloating rights… meh!
This project is probably one of the easiest to achieve and I’ll walk you through the basics. Of course you can find more info from the official site https://pi-hole.net, I say easy… If it was that easy, then why aren’t more people doing this? and that’s a good question. Building one is straight forward, configuring it and slotting it into your home network can be the tricky bit for the non-IT Savvy folk out there, stick with me and you’ll be ok.
What do I need?
| Stuff | Where? | Notes | Cost |
|---|---|---|---|
| Any Raspberry Pi | https://thepihut.com/collections/raspberry-pi | I use a Pi Zero W | <£10 |
| microSD Card | https://smile.amazon.co.uk/SanDisk-microSDHC-Memory-Adapter-Performance/dp/B073K14CVB | 16gb is more than enough for this project. | <£5 |
| micro USB Cable | https://thepihut.com/products/power-supply-uk-plug-5v-2a | I have plenty of these in my junk cable box. | ~£8 |
| Case/Dongle | https://thepihut.com/products/solderless-zero-dongle-for-raspberry-pi-zero | Solderless Dongle (optional) | <£5 |
| Heat Sink | https://thepihut.com/products/raspberry-pi-heatsink | Optional | £1 |
| Raspberry Pi Imager | https://www.raspberrypi.org/downloads/ | Or Balena Etcher | Free |
| PiHole | https://pi-hole.net | The Clever Bit! | OpenSource |
| DietPi | https://dietpi.com | The OS we’ll deploy to our Pi. I use the 32Bit Version since 64Bit is still in Beta | OpenSource |
| £15 – £25 |
I’m using one of these nifty solder less zero dongles for the RPi-0, they’re extremely handy, plus the router I will be connecting to has a USB slot that can power the Pi, reducing cable clutter. I’ve added a heatsink to the CPU, however the RPi-0 doesn’t run hot enough to really need one, if you’re on a budget, don’t worry about it.
Observations
My initial concern was whether the RPi0 would act as a bottleneck on my home network. There’s plenty of reports when searching online about slow WiFi speeds for the Zero and that will tail off the further away from the router you are. That won’t be an issue since the RPi will be sitting next to the router.
My network speed is pretty good, when measured during peak traffic time it’s a healthy 370mbs. Higher when off-peak. The PiZero WiFi module isn’t capable of those speeds, so should I use a higher spec Pi or USB Ethernet Connector?
Turns out the answer is no. The above Speedtest was taken from my home network with Pi-Hole connected and inline with my network doing it’s thing! Pi-Hole runs happily on Pi-Zero W with it’s single core and I haven’t noticed any drop in speed or degradation of service to my network. The device consumes minimal power and runs at lower temperatures too. This is the current load with 50 clients connected to the service.
Let’s Crack On
Enough pre-amble, you will need to install Raspberry Pi Imager or Balena Etcher, and download DietPi from the links provided earlier in this article. I will be using the official Raspberry Pi Imager.
The basic steps are :-
- Download DietPi and Flash you microSD Card.
- Edit the dietpi.txt and dietpi-wifi.txt files to enable relevant options.
- Insert microSD Card to RPi to complete first initial boot.
- SSH or PuTTY into the DietPi to complete first boot installation and configuration.
- Install and Configure PiHole.
- Connect your RPi to your network and modify Router settings.
- Sit back, enjoy your new browsing experience whilst watching the stats as you see how much traffic is being blocked.
You can use Raspian Lite for this project, I chose DietPi given it’s a lightweight minimal linux implementation that only uses services/daemons necessary therefore freeing up resources, CPU overhead and reduces power consumption.
There’s some very passionate people who argue that full blown Raspbian installation won’t make a difference and once running only reduces CPU overhead by 1% point. You may want to consider that, however, as this device will sit on my network without a keyboard or monitor attached, using less CPU generates less heat which is my little way of helping the planet.
DietPi is compressed using 7Zip, you may need to use your favourite program like WinZip, WinRar, Unarchiver or download 7-Zip https://www.7-zip.org to extract the .IMG file.
I’ve selected the DietPi OS, and 16gb microSD Card, just hit write. After a couple of minutes the DietDi OS is written to your card and automatically unmounted, therefore you’ll need to physically eject and re-insert the card as we’ll need to make edits before loading it up in our Pi.
Configuring WiFi Before First Boot
If you won’t be connecting the RPi to a monitor and keyboard, you’ll need to make the following edits.
From the /Boot partition open the file dietpi.txt in your favourite editor make the following changes highlighted in Yellow.
##### Language/Regional Options # Locale: eg: "en_GB.UTF-8" / "de_DE.UTF-8" | One entry and UTF-8 ONLY! AUTO_SETUP_LOCALE=en_GB.UTF-8 #### Networking Options # Enable Ethernet or WiFi adapter: 1=enable | 0=disable # - If both Ethernet and WiFi are enabled, WiFi will take priority and # Ethernet will be disabled. # - If using WiFi, please edit dietpi-wifi.txt to pre-enter credentials. AUTO_SETUP_NET_ETHERNET_ENABLED=0 AUTO_SETUP_NET_WIFI_ENABLED=1 # WiFi country code: 2 uppercase character value (e.g. GB US DE JP): # https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2 AUTO_SETUP_NET_WIFI_COUNTRY_CODE=GB # Enter your Static Network details below, if applicable. AUTO_SETUP_NET_USESTATIC=1 AUTO_SETUP_NET_STATIC_IP=192.168.0.254 AUTO_SETUP_NET_STATIC_MASK=255.255.255.0 AUTO_SETUP_NET_STATIC_GATEWAY=192.168.0.1 AUTO_SETUP_NET_STATIC_DNS=9.9.9.9 # Hostname AUTO_SETUP_NET_HOSTNAME=PiHole2
| Parameter | Info |
|---|---|
| AUTO_SETUP_LOCALE | Set this to your language, a list can be found here: https://docs.oracle.com/cd/E23824_01/html/E26033/glset.html |
| AUTO_SETUP_NET_WIFI_ENABLED | If you are not going to connect via Ethernet, you will need to set this option to 1 |
| AUTO_SETUP_NET_WIFI_COUNTRY_CODE | This is a legal requirement as it defines the frequency and channel range the WiFi module can connect to. |
| AUTO_SETUP_NET_USESTATIC | We will set this to 1 since we will define a static IP address for this module. |
| AUTO_SETUP_NET_STATIC_IP | The IP Address we will assign to this module. This will be an address in range of your router. Typically 192.168.0.1, though check your router. |
| AUTO_SETUP_NET_STATIC_GATEWAY | This is the IP Address of your Router/Modem that connects to the internet, i.e. Sky Broadband, BT Openreach, Virgin, TalkTalk etc. Typically its 192.168.0.1 but check first. |
| AUTO_SETUP_NET_HOSTNAME | The Hostname you’d like to call your PiHole, give it a memorable name. |
I’ve provided example parameter changes, you will need to check your modem/router to determine its IP address. If you can log into your router using 192.168.0.1 then you’re all set, otherwise you may need to contact your service provider.
Next up, edit the dietpi-wifi.txt to add your WiFI SSID (Name) and Password (Key), note that the PiZero only supports connections to 2.4ghz WiFi access points. 5Ghz is not supported and therefore will fail to connect. You can add up to 5 WiFi Access points in the configuration, DietPi will choose the access point with the strongest signal. I’m only adding one to the list, if you have more, then make the same edits to the additional entries in the config file, there’s aWIFI_*[0]..aWIFI_*[4]
#--------------------------------------------------------------- #Entry 0 #- WiFi SSID: required, case sensitive aWIFI_SSID[0]='myWifiName' #- WiFi key: If no key/open, leave this blank aWIFI_KEY[0]='myWifiKey' #- Key type: NONE (no key/open) | WPA-PSK | WEP | WPA-EAP (then use settings below) aWIFI_KEYMGR[0]='WPA-PSK' #- WPA-EAP options: Only fill if WPA-EAP is set above aWIFI_PROTO[0]='' aWIFI_PAIRWISE[0]='' aWIFI_AUTH_ALG[0]='' aWIFI_EAP[0]='' aWIFI_IDENTITY[0]='' aWIFI_PASSWORD[0]='' aWIFI_PHASE1[0]='' aWIFI_PHASE2[0]='' # - Path to the certificate file, e.g.: /boot/mycert.cer aWIFI_CERT[0]=''
Save the two configuration files back to the microSD Card and you’re ready to fire her up!
On first boot it may take up to five minutes for the OS to make the necessary configurations, resizing of partitions etc, so please be patient. To show you whats going on, I’ve added the video below to show you the first start up sequence. (The video has been speeded up). You may want to jump to 38 seconds into the video to see the configuration from the command line.
Once DietPi has finalised its first time boot, you will need to log in and complete the installation process. You can either connect the RPi to a display and keyboard, or much easier to SSH or PuTTY into the device. The IP Address was defined as 192.168.0.254 when we set the static IP address. With PuTTY you have a nice UI to connect, SSH is Terminal/Command Line only.
Username: root Password: dietpi
PuTTY
SSH
Using Terminal, enter the following command.
ssh root@192.168.0.254
Connecting
On first connection, your client will show you a warning about connecting to the client and whether to trust it, since you’re on your own private network you can say yes and carry on.
You will be asked to accept the GPLv2 licence, where DietPi will continue its installation and setup, you will be asked if you want to change the passwords for Global and root. I would recommend you change these since the default passwords are well known.
Follow the instructions in the above video from 38 seconds in, until DietPi completes it’s installation.
Phew, that’s the tricky bit over with, lets crack on with PiHole installation and we’re nearly there!
DietPi Installation
Installing DietPi is very straight forward. Following the example above, you need to log back in to your DietPi.
At the command line enter :-
curl -sSL https://install.pi-hole.net | bashThe security conscious of your would say, don’t trust piping commands from the web when you’re root, or indeed any other user, thankfully the PiHole project have included two additional ways to install the software that will allow you to review the scripts before hand, there’s even a docker package that can be deployed, but that’s an article for another day.
The official instructions are available at https://github.com/pi-hole/pi-hole/#one-step-automated-install
# Method 2
git clone --depth 1 https://github.com/pi-hole/pi-hole.git Pi-hole
cd "Pi-hole/automated install/"
sudo bash basic-install.sh
# Method 3
wget -O basic-install.sh https://install.pi-hole.net
sudo bash basic-install.sh
The actual installation took around 10 minutes on the RPi-0 and that depends on connection speeds, and model of Pi you’re using. There’s a couple of screens that need you to confirm advising what the package is, that although the software is offered for free, if you make good use of it, then a donation to the project won’t go a miss. A reminder that the server needs a static IP address to work properly, before confirming the DNS Servers you prefer. I’ve selected Quad9 filtered with DNSSEC (Security) and the default block lists for Ads and Malware.
Once the setup is complete, you will be presented with a screen showing you a randomly assigned password for the admin portal of your PiHole!
We’re on the home stretch now, if all has gone well, you will be able to log into the administrator portal of your PiHole.
The PiHole Dashboard
Open up your favourite web browser and enter the address for your DietPi
http://192.168.0.254/admin
You will need the password assigned to you at the previous step (Watch the DietPi Installation video) and hopefully you wrote it down.
Once signed in, you need to go to Settings and Enable DHCP Server and assign a range of IP Addresses, I’ve used the range 192.168.0.10 thru to 192.168.0.251 hit Save and we’re at the final stage of adding the PiHole to your router.
Configuring the PiHole with your Router
This is the tricky bit, you will need the login details for your router, this is not the same as your WiFi password. Most routers provided by your ISP these days has a sticker on the bottom with the IP Address and admin password, you need to take note of that, unless you’ve changed it from the default supplied.
In advanced settings you will find DHCP settings, these need to be disabled like below.
Sometimes you may need to reboot your router and your devices, if all is running well, you’ll see the metrics on the Web portal start to change as you see traffic flowing through your network and the percentage of trackers/ad services that have been blocked.
You can play around with the interface and the dashboard to get more information on what your devices are doing, where your computer is calling and it can be an eyeopener, at one point a major supermarket was making calls to 14 different trackers and metric providers before you even landed no their page.
My XBox ONE X made over 93,000 calls back to Microsoft in 24 hours, that’s a staggering amount of network traffic.
Block Lists
The default blocklists that are configured with the PiHole are more than adequate for most browsing, that said, you can Whitelist (Allow), or Blacklist (Deny) certain websites you find. Want to stop the kids going on social media? well you can add rules to block access, or if you’re unix savvy, set up a cron job to add and remove these lists at set times.
There’s also a wide repository of block lists (Thanks Mark!) available here https://firebog.net which can be added (I’ll cover that off in a separate entry).
Thanks for reading!
If you enjoyed this article, why not consider subscribing, have a question, let me know.
Thanks for tuning in and here’s to a better web experience.
www.muckypaws.com 
1 Comment »