Pihole standalone install

From wikinotes

NOTE:

as far as I know, this is an archlinux-specific configuration (mostly of dnsmasq), but it could be ported to other OSs

Archlinux

Install

pacaur -S pi-hole-standalone

# update domain denylist
sudo systemctl start pi-hole-gravity.timer
pihole -g

Free port 53

You'll also need to start pihole-FTL.service, which listens on port 53.
If this port is already occupied, you'll need to free it.

# is port 53 in use?
netstat -an | grep ':53'

# try identifying program using it
lsof -i :53

systemd-resolved.service may be using port-53.
If this is the case, disable the stub listener. 

# /etc/systemd/resolved.conf

[Resolve]
DNSStubListener=no

Configure dnsmasq

If you're leasing IPs with DHCP, update your dnsmasq configuration. 

# /etc/dnsmasq.conf

bind-interfaces

Enable DNS

sudo systemctl enable pihole-FTL.service
sudo systemctl start pihole-FTL.service

# make sure it started alright
sudo journalctl -u pihole-FTL.service

Once running, confirm DNS resolves with host or drill. 

drill @127.0.0.1 A google.com
host 127.0.0.1 google.com

DNS with pihole

Configure your network manager so that it uses 127.0.0.1 as it's DNS server.

NOTE:

Before changing your nameserver, be sure to test queries using host google.com 127.0.0.1.
If this does not work, apparently your router may have rebind protection enabled.

troubleshooting 


tail -f /run/log/pihole/pihole.log  # lists nameservers, hosts, interfaces ...

# confirm server is listening
netstat -ln46 | grep :53

# confirm there is a route for DNS queries to be performed
netstat -r  # show routing table

# test DNS resolution
host google.com 127.0.0.1       # with 'host'
drill @127.0.0.1 A google.com   # with 'drill'


Use pi-hole for DNS

First, confirm pi-hole DNS is working with ldns drill. 

drill @127.0.0.1 google.com

NetworkManager


NetworkManager also runs an instance of dnsmasq.
You'll need to disable it to use pi-hole. 

# /etc/NetworkManager/NetworkManager.conf

[Main]
dns=none

Configure NetworkManager to use pihole. 

nmcli con  # list all connections
nmcli con mod <connectionName> ipv4.dns "127.0.0.1"
nmcli con mod <connectionName> ipv4.ignore-auto-dns yes
sudo systemctl restart NetworkManager.service


netctl

todo


Confirm Working

pihole status         # confirm pihole DNS is started
cat /etc/resolv.conf  # only nameserver should be 127.0.0.1

Service Tweaks

I've had issues with the network interfaces not being brought up before pi-hole,
which prevents dnsmasq from starting.

You can fix this by restarting pi-hole, but I don't have a better fix just yet. 

systemctl restart pihole-FTL.service
Retrieved from "http://willpittman.net:8080/index.php?title=Pihole_standalone_install&oldid=27875"