Mirrored_Repos/unifios-utilities
1
0
Fork 0
mirror of https://github.com/unifi-utilities/unifios-utilities.git synced 2024-08-30 18:32:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added "AdguardHome" (#7)

Browse Source 
* Update README.md

Added AdguardHome

* AdguardHome

Added AdguardHome setup

* Update README.md
This commit is contained in:
Mitchell Bakker 2020-06-14 16:43:31 +02:00 committed by GitHub
parent 881856cbff
commit 2b90b4f156
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 103 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
AdguardHome/README.md Normal file
View File

@ -0,0 +1,47 @@
# Run AdguardHome on your UDM
### Features
1. Run AdguardHome on your UDM with a completely isolated network stack. This will not port conflict or be influenced by any changes on by Ubiquiti
2. Persists through reboots and firmware updates.
### Requirements
1. You have setup the on boot script described [here](https://github.com/boostchicken/udmpro-utilities/tree/master/on-boot-script)
2. AdguardHome persists through firmware updates as it will store the configuration in a folder (you need to create this)
It needs 2 folders, a Work and Configuration folder. Plese create the 2 folder in "/mnt/data/". In my example I created "AdguardHome-Confdir" and "AdguardHome-Workdir"
The on-boot script needs to be setup after firmware update of UDM. When on-boot script is recreated, everything should work.
### Customization
* Feel free to change [20-dns.conflist](https://github.com/boostchicken/udm-utilities/blob/master/AdguardHome/udm-files/20-dns.conflist) to change the IP address of the container. Make sure to update all ip references and the iptables rules in [on_boot.sh](https://github.com/boostchicken/udm-utilities/blob/master/AdguardHome/udm-files/on_boot.sh). The IP address can be anywhere from x.x.x.3 to x.x.x.254. .1 is reserved for the gateway and .2 is reserved for the macvlan bridge.
* If you don't want to use vlan5, just replace br5 with br(vlanid) in [on_boot.sh](https://github.com/boostchicken/udm-utilities/blob/master/AdguardHome/udm-files/on_boot.sh) and [20-dns.conflist](https://github.com/boostchicken/udm-utilities/blob/master/AdguardHome/udm-files/20-dns.conflist), also update all the ips accordingly
### Steps
1. On your controller, make a Corporate network with no DHCP server and give it a VLAN. For this example we are using VLAN 5.
2. Install the CNI plugins with by executing [install-cni-plugins.sh](https://github.com/boostchicken/udm-utilities/blob/master/AdguardHome/install-cni-plugins.sh) on your UDM
3. Copy [20-dns.conflist](https://github.com/boostchicken/udm-utilities/blob/master/AdguardHome/udm-files/20-dns.conflist) to /mnt/data/podman/cni (or a place of your choosing and update [on_boot.sh](https://github.com/boostchicken/udm-utilities/blob/master/AdguardHome/udm-files/on_boot.sh) symlink). This will create your podman macvlan network
4. Update your on_boot.sh to include the commands in [on_boot.sh](https://github.com/boostchicken/udm-utilities/blob/master/AdguardHome/udm-files/on_boot.sh). You can leave out the iptables rules if you don't want to DNAT all DNS calls to your PiHole
5. Execute on_boot.sh
6. Run the AdguardHome docker container, be sure to make the directories for your persistent AdguardHome configuration. They are mounted as volumes in the command below.
```
podman run -d --network dns \
--name adguardhome \
-v "/mnt/data/AdguardHome-Confdir/:/opt/adguardhome/conf/" \
-v "/mnt/data/AdguardHome-Workdir/:/opt/adguardhome/work/" \
--dns=127.0.0.1 --dns=1.1.1.1 \
--hostname adguardhome \
adguard/adguardhome:arm64-latest
```
7. Change on_boot.sh line 17
From
```
#podman start AdguardHome
```
To
```
podman start AdguardHome
```
This makes sure that the AdguardHome container will start after reboot of UDM.
8. Browse to 10.0.5.3:3000 and follow the setup wizard
9. Update your DNS Servers to 10.0.5.3 (or your custom ip) in all your DHCP configs.
10. Access the AdguardHome like you would normally.

6
AdguardHome/install-cni-plugins.sh Normal file
View File

@ -0,0 +1,6 @@
#!/bin/sh
cd /tmp
curl -L https://github.com/containernetworking/plugins/releases/download/v0.8.6/cni-plugins-linux-arm64-v0.8.6.tgz -o cni.tgz
mkdir -p /mnt/data/podman/cni/
tar xf cni.tgz -C /mnt/data/podman/cni/

23
AdguardHome/udm-files/20-dns.conflist Normal file
View File

@ -0,0 +1,23 @@
{
"cniVersion": "0.4.0",
"name": "dns",
"plugins": [
{
"type": "macvlan",
"mode": "bridge",
"master": "br5",
"ipam": {
"type": "static",
"addresses": [
{
"address": "10.0.5.3/24",
"gateway": "10.0.5.1"
}
],
"routes": [
{"dst": "0.0.0.0/0"}
]
}
}
]
}

23
AdguardHome/udm-files/on_boot.sh Normal file
View File

@ -0,0 +1,23 @@
#!/bin/sh
mkdir -p /opt/cni
ln -s /mnt/data/podman/cni/ /opt/cni/bin
ln -s /mnt/data/podman/cni/20-dns.conflist /etc/cni/net.d/20-dns.conflist
# Create a new bridge interface so the host can talk to containers inside the podman macvlan network
# Assumes your Podman network made in the controller is on VLAN 5
# Adjust the IP to match the address in your cni configuration
ip link add br5.mac link br5 type macvlan mode bridge
ip link set br5 promisc on
ip link set br5.mac promisc on
ip addr add 10.0.5.2/24 dev br5.mac
ip link set br5.mac up
ip route add 10.0.5.3/32 dev br5.mac proto static scope link
#Remove the # on the line below when Docker container is deployed.
#podman start AdguardHome
#Adjust these rules to your setup and interfaces
iptables -t nat -C PREROUTING -i br0 -p udp ! --source 10.0.5.3 ! --destination 10.0.5.3 --dport 53 -j DNAT --to 10.0.5.3 || iptables -t nat -A PREROUTING -i br0 -p udp ! --source 10.0.5.3 ! --destination 10.0.5.3 --dport 53 -j DNAT --to 10.0.5.3
iptables -t nat -C PREROUTING -i br0 -p tcp ! --source 10.0.5.3 ! --destination 10.0.5.3 --dport 53 -j DNAT --to 10.0.5.3 || iptables -t nat -A PREROUTING -i br0 -p tcp ! --source 10.0.5.3 ! --destination 10.0.5.3 --dport 53 -j DNAT --to 10.0.5.3
iptables -t nat -C POSTROUTING -o br0 -d 10.0.5.3 -p tcp --dport 53 -j MASQUERADE || iptables -t nat -A POSTROUTING -o br0 -d 10.0.5.3 -p tcp --dport 53 -j MASQUERADE
iptables -t nat -C POSTROUTING -o br0 -d 10.0.5.3 -p udp --dport 53 -j MASQUERADE || iptables -t nat -A POSTROUTING -o br0 -d 10.0.5.3 -p udp --dport 53 -j MASQUERADE

3
README.md
View File

@ -10,5 +10,8 @@ Run pihole on your UDM with podman. Utilizes macvlan cni plugins to completely
### nextdns
Run NextDNS on your UDM with podman. Utilizes macvlan cni plugins to completely isolate the network stack.
### AdguardHome
Run AdguardHome on your UDM with podman. Utilizes macvlan cni plugins to completely isolate the network stack.
### python
If you need python3 on your UDM, generally not recommended, can always use it in unifi-os container