mirror of
https://github.com/unifi-utilities/unifios-utilities.git
synced 2024-08-30 18:32:21 +00:00
Added "AdguardHome" (#7)
* Update README.md Added AdguardHome * AdguardHome Added AdguardHome setup * Update README.md
This commit is contained in:
parent
881856cbff
commit
2b90b4f156
47
AdguardHome/README.md
Normal file
47
AdguardHome/README.md
Normal file
@ -0,0 +1,47 @@
|
||||
# Run AdguardHome on your UDM
|
||||
|
||||
### Features
|
||||
1. Run AdguardHome on your UDM with a completely isolated network stack. This will not port conflict or be influenced by any changes on by Ubiquiti
|
||||
2. Persists through reboots and firmware updates.
|
||||
|
||||
### Requirements
|
||||
1. You have setup the on boot script described [here](https://github.com/boostchicken/udmpro-utilities/tree/master/on-boot-script)
|
||||
2. AdguardHome persists through firmware updates as it will store the configuration in a folder (you need to create this)
|
||||
It needs 2 folders, a Work and Configuration folder. Plese create the 2 folder in "/mnt/data/". In my example I created "AdguardHome-Confdir" and "AdguardHome-Workdir"
|
||||
The on-boot script needs to be setup after firmware update of UDM. When on-boot script is recreated, everything should work.
|
||||
|
||||
### Customization
|
||||
* Feel free to change [20-dns.conflist](https://github.com/boostchicken/udm-utilities/blob/master/AdguardHome/udm-files/20-dns.conflist) to change the IP address of the container. Make sure to update all ip references and the iptables rules in [on_boot.sh](https://github.com/boostchicken/udm-utilities/blob/master/AdguardHome/udm-files/on_boot.sh). The IP address can be anywhere from x.x.x.3 to x.x.x.254. .1 is reserved for the gateway and .2 is reserved for the macvlan bridge.
|
||||
* If you don't want to use vlan5, just replace br5 with br(vlanid) in [on_boot.sh](https://github.com/boostchicken/udm-utilities/blob/master/AdguardHome/udm-files/on_boot.sh) and [20-dns.conflist](https://github.com/boostchicken/udm-utilities/blob/master/AdguardHome/udm-files/20-dns.conflist), also update all the ips accordingly
|
||||
|
||||
### Steps
|
||||
1. On your controller, make a Corporate network with no DHCP server and give it a VLAN. For this example we are using VLAN 5.
|
||||
2. Install the CNI plugins with by executing [install-cni-plugins.sh](https://github.com/boostchicken/udm-utilities/blob/master/AdguardHome/install-cni-plugins.sh) on your UDM
|
||||
3. Copy [20-dns.conflist](https://github.com/boostchicken/udm-utilities/blob/master/AdguardHome/udm-files/20-dns.conflist) to /mnt/data/podman/cni (or a place of your choosing and update [on_boot.sh](https://github.com/boostchicken/udm-utilities/blob/master/AdguardHome/udm-files/on_boot.sh) symlink). This will create your podman macvlan network
|
||||
4. Update your on_boot.sh to include the commands in [on_boot.sh](https://github.com/boostchicken/udm-utilities/blob/master/AdguardHome/udm-files/on_boot.sh). You can leave out the iptables rules if you don't want to DNAT all DNS calls to your PiHole
|
||||
5. Execute on_boot.sh
|
||||
6. Run the AdguardHome docker container, be sure to make the directories for your persistent AdguardHome configuration. They are mounted as volumes in the command below.
|
||||
|
||||
```
|
||||
podman run -d --network dns \
|
||||
--name adguardhome \
|
||||
-v "/mnt/data/AdguardHome-Confdir/:/opt/adguardhome/conf/" \
|
||||
-v "/mnt/data/AdguardHome-Workdir/:/opt/adguardhome/work/" \
|
||||
--dns=127.0.0.1 --dns=1.1.1.1 \
|
||||
--hostname adguardhome \
|
||||
adguard/adguardhome:arm64-latest
|
||||
```
|
||||
|
||||
7. Change on_boot.sh line 17
|
||||
From
|
||||
```
|
||||
#podman start AdguardHome
|
||||
```
|
||||
To
|
||||
```
|
||||
podman start AdguardHome
|
||||
```
|
||||
This makes sure that the AdguardHome container will start after reboot of UDM.
|
||||
8. Browse to 10.0.5.3:3000 and follow the setup wizard
|
||||
9. Update your DNS Servers to 10.0.5.3 (or your custom ip) in all your DHCP configs.
|
||||
10. Access the AdguardHome like you would normally.
|
6
AdguardHome/install-cni-plugins.sh
Normal file
6
AdguardHome/install-cni-plugins.sh
Normal file
@ -0,0 +1,6 @@
|
||||
#!/bin/sh
|
||||
cd /tmp
|
||||
curl -L https://github.com/containernetworking/plugins/releases/download/v0.8.6/cni-plugins-linux-arm64-v0.8.6.tgz -o cni.tgz
|
||||
|
||||
mkdir -p /mnt/data/podman/cni/
|
||||
tar xf cni.tgz -C /mnt/data/podman/cni/
|
23
AdguardHome/udm-files/20-dns.conflist
Normal file
23
AdguardHome/udm-files/20-dns.conflist
Normal file
@ -0,0 +1,23 @@
|
||||
{
|
||||
"cniVersion": "0.4.0",
|
||||
"name": "dns",
|
||||
"plugins": [
|
||||
{
|
||||
"type": "macvlan",
|
||||
"mode": "bridge",
|
||||
"master": "br5",
|
||||
"ipam": {
|
||||
"type": "static",
|
||||
"addresses": [
|
||||
{
|
||||
"address": "10.0.5.3/24",
|
||||
"gateway": "10.0.5.1"
|
||||
}
|
||||
],
|
||||
"routes": [
|
||||
{"dst": "0.0.0.0/0"}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
23
AdguardHome/udm-files/on_boot.sh
Normal file
23
AdguardHome/udm-files/on_boot.sh
Normal file
@ -0,0 +1,23 @@
|
||||
#!/bin/sh
|
||||
|
||||
mkdir -p /opt/cni
|
||||
ln -s /mnt/data/podman/cni/ /opt/cni/bin
|
||||
ln -s /mnt/data/podman/cni/20-dns.conflist /etc/cni/net.d/20-dns.conflist
|
||||
|
||||
# Create a new bridge interface so the host can talk to containers inside the podman macvlan network
|
||||
# Assumes your Podman network made in the controller is on VLAN 5
|
||||
# Adjust the IP to match the address in your cni configuration
|
||||
ip link add br5.mac link br5 type macvlan mode bridge
|
||||
ip link set br5 promisc on
|
||||
ip link set br5.mac promisc on
|
||||
ip addr add 10.0.5.2/24 dev br5.mac
|
||||
ip link set br5.mac up
|
||||
ip route add 10.0.5.3/32 dev br5.mac proto static scope link
|
||||
#Remove the # on the line below when Docker container is deployed.
|
||||
#podman start AdguardHome
|
||||
|
||||
#Adjust these rules to your setup and interfaces
|
||||
iptables -t nat -C PREROUTING -i br0 -p udp ! --source 10.0.5.3 ! --destination 10.0.5.3 --dport 53 -j DNAT --to 10.0.5.3 || iptables -t nat -A PREROUTING -i br0 -p udp ! --source 10.0.5.3 ! --destination 10.0.5.3 --dport 53 -j DNAT --to 10.0.5.3
|
||||
iptables -t nat -C PREROUTING -i br0 -p tcp ! --source 10.0.5.3 ! --destination 10.0.5.3 --dport 53 -j DNAT --to 10.0.5.3 || iptables -t nat -A PREROUTING -i br0 -p tcp ! --source 10.0.5.3 ! --destination 10.0.5.3 --dport 53 -j DNAT --to 10.0.5.3
|
||||
iptables -t nat -C POSTROUTING -o br0 -d 10.0.5.3 -p tcp --dport 53 -j MASQUERADE || iptables -t nat -A POSTROUTING -o br0 -d 10.0.5.3 -p tcp --dport 53 -j MASQUERADE
|
||||
iptables -t nat -C POSTROUTING -o br0 -d 10.0.5.3 -p udp --dport 53 -j MASQUERADE || iptables -t nat -A POSTROUTING -o br0 -d 10.0.5.3 -p udp --dport 53 -j MASQUERADE
|
@ -10,5 +10,8 @@ Run pihole on your UDM with podman. Utilizes macvlan cni plugins to completely
|
||||
### nextdns
|
||||
Run NextDNS on your UDM with podman. Utilizes macvlan cni plugins to completely isolate the network stack.
|
||||
|
||||
### AdguardHome
|
||||
Run AdguardHome on your UDM with podman. Utilizes macvlan cni plugins to completely isolate the network stack.
|
||||
|
||||
### python
|
||||
If you need python3 on your UDM, generally not recommended, can always use it in unifi-os container
|
||||
If you need python3 on your UDM, generally not recommended, can always use it in unifi-os container
|
||||
|
Loading…
Reference in New Issue
Block a user