So, check this little idea that I have - I want to browse the internet without all sorts of unscrupulous actors collecting every little bit of metadata on me and my family they can possibly get their hands on.
I’ve been thinking of setting one up for a while, if I have a home server would I be better off hosting it on that or as a separate device? What are the alternatives to a raspberry pi? They’ve shot up in price over the years.
If your using docker and the ports are bound you can just use the network mode host so the container gets it’s own ip. It’s how I have adguard running on my unraid server
That’s not how that works. network_mode: host shares the network namespace with the container host, so it doesn’t do any NAT, it only exists on the host’s IP. It would be akin to running a natively installed app, rather than in a container. macvlan networking is what gives a container its own IP on the logical network, without the layer of NAT that the default bridge mode networking that docker typically does.
Thanks for the clarification I had mixed up the details and went to check my containers. You sir are correct. I added some documentation to my post regarding macvlan network creation.
I personally like it on a dedicated Pi simplly because I don’t want DNS to die if i’m doing other server maintenance. the Pi is pretty much set it and forget it.
But i guerss you might as well try it on your server first and you can always buy a Pi if you find it to be too much of a pain.
I put it onto my home server and it is working great. I can’t tell you about all the options, but it was so easy to start another VM for it that I didn’t look at other options too carefully.
if you’ve already got something running 24/7, you could just put it there. it doesn’t need much for resources.
pihole does not need it’s own box. it can run as a container (docker instructions in the official docs) or in a small vm.
i have two small vm running dietpi and used that to install pihole. i fully expected to run a few more things on them, that’s why i chose dietpi–just have never gotten that far (it’s only been like three years now).
I run mine on a Intel N100 based mini PC from Beelink running Proxmox. It’s just about the only thing it does at the moment so I’ve had no concerns about bottlenecking.
It’s much more powerful than a pi and costs a not too dissimilar amount to one after you factor in a case, storage, power supply.
I’ve been thinking of setting one up for a while, if I have a home server would I be better off hosting it on that or as a separate device? What are the alternatives to a raspberry pi? They’ve shot up in price over the years.
If you have a server running, I wouldn’t buy more hardware. They have good example documentation for just such a configuration:
https://docs.pi-hole.net/docker/
If your server already has those ports bound (specifically the DNS port 53) you are going to have to get creative; otherwise it’ll work well!
Worst case, a cheapo pi 3 will do the job. At one point I had it running on a pi zero, so hardware requirements are pretty low.
If your using docker and the ports are bound you can just use the network mode host so the container gets it’s own ip. It’s how I have adguard running on my unraid server
edit: Sorry I mixed up the details as @starkzarn@infosec.pub pointed out. It’s a macvlan configuration. My intention was to point out it’s possible. Here’s some documentation https://docs.docker.com/engine/network/drivers/macvlan/
Thanks, PoopMonster, that’s a good tip!
That’s not how that works.
network_mode: hostshares the network namespace with the container host, so it doesn’t do any NAT, it only exists on the host’s IP. It would be akin to running a natively installed app, rather than in a container.macvlannetworking is what gives a container its own IP on the logical network, without the layer of NAT that the defaultbridgemode networking that docker typically does.Thanks for the clarification I had mixed up the details and went to check my containers. You sir are correct. I added some documentation to my post regarding macvlan network creation.
I personally like it on a dedicated Pi simplly because I don’t want DNS to die if i’m doing other server maintenance. the Pi is pretty much set it and forget it.
But i guerss you might as well try it on your server first and you can always buy a Pi if you find it to be too much of a pain.
I put it onto my home server and it is working great. I can’t tell you about all the options, but it was so easy to start another VM for it that I didn’t look at other options too carefully.
if you’ve already got something running 24/7, you could just put it there. it doesn’t need much for resources.
pihole does not need it’s own box. it can run as a container (docker instructions in the official docs) or in a small vm.
i have two small vm running dietpi and used that to install pihole. i fully expected to run a few more things on them, that’s why i chose dietpi–just have never gotten that far (it’s only been like three years now).
Setup and run two.
This way if one goes down, the other takes over (also makes updates / maintenance easier)
I run mine on a Intel N100 based mini PC from Beelink running Proxmox. It’s just about the only thing it does at the moment so I’ve had no concerns about bottlenecking.
It’s much more powerful than a pi and costs a not too dissimilar amount to one after you factor in a case, storage, power supply.