14
Floydian
75d

Looking for some help to setup Pi-Hole on Arduino.

I am extremely noob when it comes to coding or Linux stuff.

However, I would really love to setup Pi-Hole on my home network.

Can anybody here share any YouTube videos or websites which have setup by setup guide to set it up from scratch?

Please just do not say that it's easy and do this that and done.

I really need some hand holding as this is my first time don't want to fuck up. I'd be happy if I am able to setup one.

Comments
  • 3
    *holds hands*

    I think this one should help a bit: https://blog.cryptoaustralia.org.au/...

    I'll check in my bookmarks in case it's not enough.

    Good luck!
  • 3
    You can’t fuck it up, it’s completely guided installation. In worst case you erase the memory card and start again.
  • 7
    Pi-Hole on Arduino?
  • 1
    @Jilano This is really easy, helpful and interesting. Will try something this weekend.

    Also, does the process work on Arduino as well?
  • 0
    @Stark Why not?

    I mean, I am not sure but would be great if it works.
  • 1
    Its easy, do that and this

    To a more serious note, if at the end of the day you have not yet succeeded Ill write something for you
  • 1
    @Floydian because an arduino as a firewall which is actually designed for 4 cores sounds weird.
  • 0
    @Codex404 Write something for me as in?

    script to do it?

    Man that means a lot. Thanks. You have always helped me.
  • 0
    @nitwhiz Not much idea on that. Will try.
  • 1
  • 0
    @Codex404 Even that would work. :D
  • 3
    I didn't know it could be a S.O. on Arduino, or did you mean Raspberry PI?

    I used to mix their names before buying an Arduino, so I will no be surprised if this happens with someone else. :) But I will not be surprised if you say that it is possible to have an OS on an Arduino as well.
  • 4
    @brunofontes wait on an arduino? Misread that. Sorry Floydian, cant help you there, sorry
  • 5
    @Floydian arduino? It's like preparing to do 1000m running in a swimming pool. Can work, but very unlikely
    And see the name. It is PI hole, not AR hole
  • 3
    @Floydian Damn, sorry. I must have mentally blocked the word "Arduino". I don't know much about them, but I'll try to find more information on the subject.

    As long as you are able to get a barebone system, I do believe it should work, but who knows.

    PS: Do tell if you manage to install it!
  • 4
    I don't think you can run Linux on Arduino.

    Get a Raspberry Pi Zero or other ARM based single-board computer.

    This post on StackExchange seems to describe the problem better then I could.

    https://arduino.stackexchange.com/q...
  • 4
    @CozyPlanes You could create an excellent pun out of it...

    AR**Hole
  • 2
    While Pi Hole was made to be run on Raspberries, you can put it on any compatible Linux distro.

    That said, I'm not sure Arduino are capable of running a compatible linux distro... I'm completely unimformes about the latest models but I remember them all being pretty limited and could only execute programs uploaded into their memory.
  • 5
    @s0LA "Arduino Super Edition Hole" or "ARseHole" if you will.
  • 3
    @Jilano Genius! You're a bloody genius!
  • 3
    @Jilano getting hot 🔥
  • 4
    @Jilano @CozyPlanes @Codex404 @brunofontes I meant Arduino, not Pi.

    I am not confused, I just don't know the difference and their purpose because technically (as everyone here knows) I am illiterate :P

    Also, stop trolling me guys. Haha I did not know and I mentioned Arduino because a friend has it and I can use it for experimentation.
  • 7
    @Floydian arduino is a board with a fucken cheapass 8-bit chip on it. You can make a blinky light with it. That's it.

    Raspberry Pi is whole computer. You can make firewalls (or stuff like pi-hole) with it.
  • 3
    @nitwhiz Got that. Will look out for a Rasp now.

    Which would you suggest?
  • 5
    @Floydian go for the latest, raspberry pi 3b (I think there's also a + version?). The performance difference is always a great improvement (ie: you can do more stuff with it without it getting stuck)
  • 6
    @Floydian Depends on your use case. If you don't have a large network, a Raspberry Pi 2 should suffice, but I'd suggest you get the Raspberry Pi 3.
    The 3 is way faster for just a slightly higher price.
  • 4
    @endor Yep, there is a 3 B+ version.
    It's a bit faster than the normal 3, but I've not been able to run it for long periods of time without active cooling.
  • 3
    @PrivateGER @endor My use case is, I want to run Pi-Hole along side a VPN server so that I can be connected to my home network all the time and also block ads.

    I recently learned that my 5 year old router degraded in terms of performance with time. The hardware wore off due to heat and dust by constant use.

    So I assume, Rasp Pi will be used continuously alongside WiFi router, I am looking for longer life expectancy with decent performance.

    I will also be upgrading my internet plan from 1 MBPS to 10 MBPS so if that matters.

    Thank you guys :)
  • 4
    Yeah, for that any Pi should be sufficient, as long as you give it a nice ethernet connection.
  • 2
    @PrivateGER Okay thanks.
  • 3
    Or otherwise Orange pi for gigabit network
  • 2
    @Floydian I used rasp 3 before moving to a new house but I am planning to upgrade to 3b as well

    Rasp pi 3 is sufficient with using with my custom ad blocking and VPN solution with live logs.
    I also run a home server to show cctv of my room in the kitchen due to mom request
    Also a custom cloud solution(CZcloud) with high secret compressing algorithm (seriously, not a joke) to stream movies anywhere less than 500mb data usage

    All with rasp pi with some stuff more

    Possibilities r endless
  • 4
    And, if you buy any of SoC cards, do remember that they ars arm based single chip board for tinkering and not an Intel xeon server

    Don't load it too much or else you will complain on many things like slow response on ssh and more.
    Keep X11 service closed. I'll give you a script/ set of scripts to handle a few of these things like turn on vnc and x11 together at the time you need a GUI and close otherwise.

    Approximately at 65°C it throttles and thus due to the temperature here, I'd recommend buying a sink

    And Mumbai mein baarish bohot h
    To cover bhi khareed lena

    If the place is well ventilated, and has less chances of spillage, you can open the top of cover. ( Mera 60 se seedha 50°C pe aa gaya tha. Mere college hostel mein hawa achhi chalti h garmi mein chalti h)

    Also, a static DNS is recommended
  • 3
    @CozyPlanes could you tell more about CZcloud? I'd like to install that
  • 2
    @gitlog got that question from many places, some companies trying to buy it lol

    But I say NO

    I use some proprietary code from the company that makes these stuff, some parts, so I Have NDA with them, and the code is so messy it takes literally 32 hours to download the whole project

    If I release it, I will do it under the name CZenter as a package
    Thanks for the interest!

    The fundamentals of the cloud is based in owncloud
  • 2
    Forgot to tell you one thing.
    Raspbian no more has ssh on out of the box
    Please save a file named ssh in the boot partition in Pi when you start at first. And the using sudo raspi-config , turn on ssh for the next boots
  • 1
    @Floydian yep, you can easily run pi-hole and openvpn on an RPi, and I'd also reccommend some form of cooling (though you shouldn't see very high temps if you're not doing much else - my VPS basically idles at <5% with both programs (and much more) running in the background 24/7.
    I'd also suggest running i2p in the background, if you're into the privacy stuff (though you should read up on it first, if you don't know what it is - it's somewhat like TOR, but with a different mindset)
  • 1
    @gitlog wtf? No more ssh server in a stock Raspbian install? Why?
  • 2
    @endor it's been long time
    For security
    Especially when people don't change the password
  • 2
    @gitlog on the one hand, I see the point.
    On the other...
    https://youtu.be/XZxzJGgox_E
  • 4
    @Floydian I swear I was not trolling you! My brain, being a selective cunt, just read: "Setup... Pi-hole... Please... Hold hands"

    Anyway, glad to see you're progressing on the issue!
  • 3
    @gitlog Never knew something like Orange Pi existed.

    Also, all the other details you mentioned really went over my head. Discord pe samjha.

    @Cozyplanes Whoa!! that's interesting. Where and how do you learn all this stuff?

    @endor explain more on i2p please.

    @Jilano hahaha Ofc I know you weren't trolling. Even my mind does the selective reading these days. Yes, want to learn and implement more and more.
  • 2
    @Floydian close relatives and some Microsoft employees I have contact with
  • 2
    @Floydian it's a p2p network with a focus on encryption anonimity, and privacy. Kinda like TOR, except every user/node is equal, and it's not really meant to be used as a proxy for the regular web. A node that stays on 24/7 would definitely benefit the network, even if you don't have a fast connection.
    You should look it up, if you're interested in that sort of projects.
  • 0
    @endor I read the Wikipedia. Do I need to install other programs or just installing i2p would automatically route me through the network?
  • 0
    @Floydian you just install i2p and then use it as a web proxy for your browser when you want to browse i2p websites or use other services.
    https://geti2p.net/ has a very simple setup guide
  • 0
    @endor But then I cannot access the regular internet once I switched to i2P proxy (and vice versa), right?
  • 0
    @Floydian yep, that's exactly the idea (unless you're using an outproxy, but it's not reccomended). You just gotta manually enable/disable the proxy settting in your browser.

    There's also a way to transparently redirect all i2p traffic to i2p without mixing it with regular web stuff, but I have yet to try it (and I'd suggest figuring out the basics first): https://grepular.com/Transparent_Ac...
  • 0
    @endor

    >unless you're using an outproxy, but it's not reccomended

    That'd defeat the purpose of being on i2p network.

    But I don't know what special will I access on the TOR network for which I must install i2p on my pi
  • 1
    @Floydian
    > outproxy defeats the purpose of i2p
    Technically not, since there is no direct way to tell where the traffic originated. However, the owner of the outproxy will be the first one to get in trouble if you use their service to do shady stuff.

    > i2p and TOR
    They are two different networks. Similar purpose, but fundamentally different implementation. I2p is still a smaller project, while TOR is pretty popular nowadays, but both have great utility and potential.
  • 0
    @endor Do they completely anonymise my presence on internet?
  • 2
    @Floydian the purpose is to break any traceability of the source of the traffic, so that the server does not know your real IP (but without relying on another central server that could still watch what you do, like a VPN).
    If you log in on facebook through tor (you actually can, they have a tor address), facebook will still know it's you - they just won't know where you are (assuming you don't share your position in other ways).

    Point is: tor and i2p hide the path between you and the other computers you connect to - but not the contents of your interactions.
    By running i2p 24/7, you help provide that service for other i2p users too (kinda like a tor relay node)
  • 0
    @endor how is it different from VPN?
  • 1
    @Floydian because a VPN is still a single server, or a centralized service anyway. Whoever controls it can potentially see all your traffic - wether you trust them about it or not, that's up to you.
    With tor and i2p, that's not possible at all, even if anyone wanted to (assuming no bugs in the implementation)
  • 1
    @endor So it won't slow down the internet speed?
  • 2
    @gitlog well, i2p is still pretty slow (typically in the 50-200 kb/s range for users), mainly because each connection is as slow as the slowest node in the chain. But if you stay online continuously for prolonged periods (more than 24h) you should still see consistent speeds, because it spreads your load across many peers (ie: each connection is slow, but you have many of them, so it kinda balances out)
  • 1
    @endor okay so basically it is, what I thought it was. And then I wouldn't need a VPN to hide my stuff from my ISP.

    However, the drawback is crazy. As @gitlog mentioned, about the speed.

    Here I am paying for 10 MBPS speed and I have to browse/download based on the slowest node.

    Definitely a no go for me.

    However, my purpose of installing OpenVPN on my Rasp Pi is that I can connect to my home network even while outside and can have an ad free experience.

    I appreciate your gesture of suggesting me this. I have been thinking of using TOR since a long time. The only reason I am not motivated to do so is because it affects my internet speed. And yet my bandwidth is consumed to be a node of the network.

    Great idea, mediocre implementation.
  • 2
    @Floydian I was thinking of i2p as an extra addition, on top of the other stuff. You still use your VPN to connect to your Rpi from wherever, and by doing so you also gain access to the i2p/tor network.

    My comparison of i2p vs vpn was referring just to the common commercial vpn services, which nowadays are just used as web proxies to spoof your ip.
    I use openvpn to create a proper private network, behind which I'm running all kinds of private services (such as my pi-hole admin page, which is not exposed to the internet *).

    That way, you can do this:
    You > VPN > Rpi > (Web + i2p/tor + other stuff)

    * about the pi-hole web admin page: by default, it runs on port 80 on all interfaces. That means, that if your rpi is reachable from the internet, anyone will be able to access your login page and try to bruteforce it. A quick google search for pi-hole will reveal multiple such instances. Make sure to change that.
  • 1
    @endor we are thinking to allow login on ssh via key only
    And, I would try to tell him a bit about docker and also, ask him to not use port 80

    Further as he won't be having a static IP, we would have a script to tell a server it's public IP address continuously

    Maybe heroku or free webhost or even digitalocean using the free credits I've got link for due to Hacktoberfest
  • 1
    @endor also, Google search won't reveal that as we aren't buying a domain name and also not indexing it
  • 2
    @gitlog check out freemyip.org for a simple reverse DNS. I have my server with an hourly cronjob updating my ip address through a simple curl command.

    Also, while it may not show up on google, you'll still be found by all the port scanners (get ready for thousands of port scans every day, even for a tiny, unknown server). And if a scanner gets a response from your port 80, they'll definitely try to bruteforce your login to the web console.

    Speaking of which: you should also set up fail2ban, at least for ssh - my small minecraft server gets over 10k ssh login attempts every month (and that's 2 months after starting). Definitely set up pubkey authentication and disable password login entirely, especially for root. Changing the default username (pi) would also be a good idea, since it's a pretty common bruteforce attempt.
  • 2
    @gitlog also, connection to the vpn can be done through client certificates, so you can leave port 1194 open and connect to it automatically even without connecting through ssh - in fact, that's the whole point of the vpn: you can access all the services behind it without having to manually connect via ssh and set up port forwarding
  • 1
    Ok
    Also, could you tell more about the cronjob?

    What's your server?
    And maybe please tell the code if possible.
  • 1
    @endor no he may need to handle the pi remotely
  • 1
    @gitlog just look those up and you'll have a much more better explanation of how things work.

    To edit your cron table: crontab -e (or open /etc/crontab with any editor)
    Also check https://crontab.guru/ to figure out how to set up the timers.

    Check the faq freemyip.org for the command to update your rDNS. Put that in a .sh script and make it run from cron.

    Honestly, just get the rpi and slowly start experimenting with stuff, taking notes on what is happening and trying to understand why. I've been dumping a lot of information on you, and there's a lot more you'll have to figure out over time - it took me almost a year to get to the point where I am now, and I have yet a ton more to learn.

    Personal suggestion, try to figure things out in the following order:
    1) ssh (and how to secure it)
    2) fail2ban (automatically ban ip addresses that attempt to bruteforce your ssh server)
    3) iptables (software firewall - block all ports and only leave the ones you need open)
    4) openvpn
    5) pi-hole
  • 1
    @gitlog I have *both* services running: ssh on port 22 for console access, and openvpn on port 1194 to connect my devices to the vpn without requiring a prior ssh connection
  • 1
    No like on which server are you sending your IP?

    As in digitalocean or aws or sth?

    For getting IP address I would just curl to something like ifconfig.co
  • 2
    @gitlog just go to the faq page on freemyip.org and you'll understand how it works. Keep in mind, they are acting as a DNS server.
  • 1
    @endor ok I'll see it later

    Was a part of CTF and now am going to sleep
    Its 0238 here I should sleep now
  • 2
    @endor damn!! That's so much knowledge here. I have lots to learn on this.

    I hope @giltog understood all this stuff and can help me. Haha...
  • 2
    @endor Got your point. They've got the APIs which I was planning to implement manually and then host it.

    Thanks. Also, it's freemyip.com and not org
  • 2
    @gitlog woops, brain fart, my bad
  • 2
    I went from misreading this post as “pi-hole on raspberry pi” to “pi-hole on Android” before finally realizing “pi-hole on raspberry Arduino” @_@

    Arduinos don’t have an OS, it’s more of a low level assembly event loop with interrupts and timers.
  • 0
    @toriyuno Haha yes, I got to know from community. Still learning :)
Your Job Suck?
Get a Better Job
Add Comment