Mirrored_Repos/unifios-utilities
1
0
Fork 0
mirror of https://github.com/unifi-utilities/unifios-utilities.git synced 2024-08-30 18:32:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add DoTe instructions to PiHole for DNS-over-TLS. (#252)

Browse Source
This commit is contained in:
Chris
2021-10-21 06:30:34 +01:00
committed by GitHub
parent f841ee1ac3
commit 2a1631c052
3 changed files with 47 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
run-pihole/Dockerfile_DoTe Normal file
View File

@ -0,0 +1,4 @@
FROM pihole/pihole:latest
ENV DOTE_OPTS="-s 127.0.0.1:5053"
RUN echo -e "#!/bin/sh\ncurl -fsSLo /opt/dote https://github.com/chrisstaite/DoTe/releases/latest/download/dote_arm64\nchmod +x /opt/dote\n/opt/dote \\\$DOTE_OPTS -d\n" > /etc/cont-init.d/10-dote.sh

18
run-pihole/README.md
View File

@ -98,3 +98,21 @@
-e IPv6="False" \ -e IPv6="False" \
boostchicken/pihole:latest boostchicken/pihole:latest
``` ```
## PiHole with DoTe
The cloudflared command is written in Go and is not very lightweight. In my
experience, it's not made for long-term running. Instead, the project DoTe
has a tiny memory footprint and operates on an event loop with some major
optimisations for connection caching. It allows you to forward traffic to any
DNS-over-TLS provider.
Simply copy the `upd_pihole_dote.sh` script to `/mnt/data/scripts` and run it
to forward all DNS traffic over TLS to Cloudflare 1.1.1.1. You can modify the
script to forward to different services with ease and full configuration
options including certificate pinning is available in the DoTe README here:
https://github.com/chrisstaite/DoTe/
Whenever pihole says an update is available, simply re-run the script to
update it to the latest. DoTe will automatically download the latest version
on every restart of the container.

25
run-pihole/upd_pihole_dote.sh Executable file
View File

@ -0,0 +1,25 @@
#!/bin/sh
podman pull pihole/pihole:latest
podman build -t pihole:latest --format docker -f /dev/fd/0 <<EOF
FROM pihole/pihole:latest
ENV DOTE_OPTS="-s 127.0.0.1:5053"
RUN echo -e "#!/bin/sh\ncurl -fsSLo /opt/dote https://github.com/chrisstaite/DoTe/releases/latest/download/dote_arm64\nchmod +x /opt/dote\n/opt/dote \\\$DOTE_OPTS -d\n" > /etc/cont-init.d/10-dote.sh
EOF
podman stop pihole
podman rm pihole
podman run -d --network dns --restart always \
--name pihole \
-e TZ="America/Chicago" \
-v "/mnt/data/etc-pihole/:/etc/pihole/" \
-v "/mnt/data/pihole/etc-dnsmasq.d/:/etc/dnsmasq.d/" \
--dns=127.0.0.1 \
--hostname pi.hole \
-e DOTE_OPTS="-s 127.0.0.1:5053 -m 10" \
-e VIRTUAL_HOST="pi.hole" \
-e PROXY_LOCATION="pi.hole" \
-e PIHOLE_DNS_="127.0.0.1#5053" \
-e ServerIP="10.0.5.3" \
-e IPv6="False" \
pihole:latest