Deploying Pi-hole on Ubuntu

Posted on by Matt Adam

Introduction

In today’s digital age, online privacy and security are more important than ever. Ads, trackers, and malicious websites can not only slow down your browsing experience but also compromise your privacy. Pi-hole is a powerful, open-source network-wide ad blocker that acts as a DNS sinkhole, blocking unwanted content before it even reaches your devices. By deploying Pi-hole on an Ubuntu server, you can take control of your network’s traffic and enhance your online experience.

In this blog, we’ll walk through the process of deploying Pi-hole on Ubuntu. This guide is designed to be highly technical yet approachable, with step-by-step instructions, explanations of key concepts, and images to help you along the way. Whether you’re a seasoned sysadmin or a curious hobbyist, this guide will equip you with the knowledge to set up and manage Pi-hole effectively.

1. What is Pi-hole?

Pi-hole is a network-wide ad blocker that operates at the DNS level. It works by intercepting DNS queries and blocking requests to known ad-serving domains. Unlike browser-based ad blockers, Pi-hole protects all devices on your network, including IoT devices, smart TVs, and mobile phones.

Key features of Pi-hole include:

  • Network-wide ad blocking: Blocks ads on all devices connected to your network.
  • DNS sinkhole: Prevents access to malicious domains.
  • Custom blocklists: Allows you to add or remove domains from blocklists.
  • Detailed analytics: Provides insights into DNS queries and blocked requests.
  • Lightweight: Runs efficiently on low-power hardware like Raspberry Pi.

2. Why Deploy Pi-hole on Ubuntu?

Ubuntu is one of the most popular Linux distributions for servers due to its stability, security, and extensive community support. Deploying Pi-hole on Ubuntu offers several advantages:

  • Flexibility: Ubuntu can run on a wide range of hardware, from Raspberry Pi to enterprise-grade servers.
  • Ease of use: Ubuntu’s package management system simplifies software installation and updates.
  • Scalability: Ubuntu is well-suited for both small home labs and large-scale deployments.
  • Security: Ubuntu receives regular security updates, ensuring a secure environment for Pi-hole.

3. Prerequisites

Before we begin, ensure you have the following:

  • Hardware: A server or virtual machine running Ubuntu Server (20.04 LTS or later recommended).
  • Network Access: Administrative access to your router or network configuration.
  • Static IP Address: Assign a static IP address to your Ubuntu server to ensure Pi-hole remains accessible.
  • SSH Access: Enable SSH on your Ubuntu server for remote management.

4. Step-by-Step Deployment Guide

4.1 Setting Up Ubuntu Server

  1. Install Ubuntu Server: Download the latest Ubuntu Server ISO from the official website and install it on your hardware or virtual machine. During installation, configure a static IP address for your server.
  2. Update the System: After installation, log in to your server and update the system:
    • sudo apt update && sudo apt upgrade -y
  3. Enable SSH: If SSH is not already enabled, install and start the SSH service:
    • sudo apt install openssh-server -y sudo systemctl enable –now ssh

4.2 Installing Pi-hole

  1. Download the Pi-hole Installer: Pi-hole provides an automated installation script. Run the following command to download and execute the script: curl -sSL https://install.pi-hole.net | bash
  2. Follow the Installation Wizard: The script will guide you through the installation process. Key steps include:
    • Selecting an upstream DNS provider (e.g., Google DNS, Cloudflare).
    • Configuring the web interface and admin password.
    • Enabling logging (recommended for analytics).
  3. Complete the Installation: Once the installation is complete, the script will display a summary, including the IP address of your Pi-hole admin interface.

4.3 Configuring Pi-hole

  1. Access the Pi-hole Admin Interface: Open a web browser and navigate to http://<your-server-ip>/admin. Log in using the password you set during installation.
  2. Explore the Dashboard: The Pi-hole dashboard provides an overview of DNS queries, blocked domains, and system performance.
  3. Update Gravity: Pi-hole uses blocklists stored in a database called Gravity. Update Gravity to ensure you have the latest blocklists:
    • pihole -g

4.4 Setting Up Pi-hole as Your DNS Server

  1. Configure Your Router: Log in to your router’s admin interface and set the Pi-hole server’s IP address as the primary DNS server. This ensures all devices on your network use Pi-hole for DNS resolution.
  2. Test DNS Resolution: On a device connected to your network, run a DNS query to verify Pi-hole is working:
    • nslookup example.com
  3. Verify Blocking: Visit a website with ads and check the Pi-hole dashboard to see if ads are being blocked.

4.5 Customizing Blocklists

  1. Add Blocklists: Pi-hole allows you to add custom blocklists. Navigate to the Group Management > Adlists section in the admin interface and add URLs of blocklists.
  2. Update Gravity: After adding new blocklists, update Gravity to apply the changes:
    • pihole -g
  3. Whitelist Domains: If Pi-hole blocks a legitimate domain, you can whitelist it in the Whitelist section.

4.6 Enabling DHCP on Pi-hole (Optional)

If you want Pi-hole to handle DHCP for your network, follow these steps:

  1. Disable DHCP on Your Router: Log in to your router and disable its DHCP server.
  2. Enable DHCP on Pi-hole: In the Pi-hole admin interface, go to Settings > DHCP and configure the DHCP range.
  3. Restart Pi-hole: Apply the changes and restart Pi-hole:
    • sudo systemctl restart pihole-FTL

5. Advanced Configuration

5.1 Configuring Upstream DNS Servers

Pi-hole allows you to specify custom upstream DNS servers. To configure this:

  1. Go to Settings > DNS in the admin interface.
  2. Select or add upstream DNS servers (e.g., Cloudflare, OpenDNS).

5.2 Whitelisting and Blacklisting Domains

  • Whitelist: Add domains to the whitelist to allow access.
  • Blacklist: Add domains to the blacklist to block them explicitly.

5.3 Monitoring and Logging

Pi-hole provides detailed logs of DNS queries and blocked requests. Use the Query Log section in the admin interface to monitor activity.

5.4 Securing Your Pi-hole Installation

  • Change the Admin Password: Use the following command to change the Pi-hole admin password:
    • pihole -a -p
  • Enable HTTPS: Use a reverse proxy like Nginx to enable HTTPS for the admin interface.

6. Troubleshooting Common Issues

  • DNS Not Working: Ensure your router is configured to use Pi-hole as the DNS server.
  • Blocklists Not Updating: Check your internet connection and run pihole -g manually.
  • Web Interface Unreachable: Verify the Pi-hole service is running:
    • sudo systemctl status pihole-FTL

7. Conclusion

Deploying Pi-hole on Ubuntu is a powerful way to take control of your network’s DNS traffic and block unwanted content. By following this guide, you’ve learned how to set up Pi-hole, configure it for your network, and customize it to meet your needs.

Pi-hole is not just an ad blocker; it’s a tool for enhancing privacy, security, and performance across your entire network. Whether you’re a home user or an IT professional, Pi-hole is a valuable addition to your toolkit.

Final Thoughts

Remember, Pi-hole is highly customizable, so don’t hesitate to experiment with different configurations and blocklists. With time, you’ll fine-tune your setup to achieve the perfect balance between blocking unwanted content and maintaining a seamless browsing experience.