Building Pi-holes for family members

I have plans to build a few pi-hole server for members of my family so they can benefit.

Can I get some opinions from others as to how they may go about building 4 pi-hole servers as close to a plug-in soultion with little setup as possible. My idea is to have them plug it into their ISP provided modem which in most cases are 192.168.1.1 and so i may be able to get away with the pi-hole default recommendation of 192.168.1.4. I am also thinking of how I may be able to remotely support it via vpn in the event they need help.

Your responses are appreciated.
Thanks,
Gary

You have to change the DNS from ISP modem to Pi-Hole. Or use Pi-Hole to serve both DHCP and DNS for the LAN, but you still have to disable DHCP from ISP modem.

Why you just setup one Pi-Hole in the cloud and remotely change all your family members DNS to that cloud one?

I didn't know you can set up a pi-hole in the cloud. Can you share your setup?
-Gary

I have setup several PiHoles for others. I used a Pi ZeroW, got the software installed and tested at home (I use the 192.168.0.x range), then cloned the card for each subsequent install. I didn't go crazy with blacklists, I used the defaults and the ticked lists from wally3k ([https://firebog.net]).

I keep a record of the MAC ID, password and installed IP for each Pi I set up, helps to troubleshoot later.

To get the Zero W to talk to their wireless network, I put a "wpa_supplicant.conf" file in the root directory of the Pi I set up for each person. This file has the details of their wireless network so the Pi can connect. Contents are as follows:

ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
network={
ssid="putSSIDhere"
psk="putpasswordhere"
key_mgmt=WPA-PSK
}

Then, once the Pi is on their network, log in to Pi via SSH or VNC or whatever you use, and run pihole -r to get the Pi IP address where you want, and then make this a reservation on the modem. Then change the modem DNS settings to the Pi (sometimes you have to list the Pi IP twice, as some routers insist on two DNS addresses).

I also changed the Pi password to something of their choosing.

Lastly, reboot any IOT devices and disconnect/reconnect other devices from the network, so they will get the new DNS address. You may have to flush DNS caches, depending on the device.

I usually monitor the Pi for just bit by tailing the PiHole log and ensuring that the devices are talking to it.

I haven't set up VPN for remote support. My sister and brother live 1500 miles away, and I had them call me on Skype when the devices arrived in the mail. We screen shared and I walked them through the setup steps with no problems.

In my opinion, having a local PiHole is going to be much faster than serving one remotely in the cloud, and at an installed cost of less than $30 it's not very expensive.

2 Likes

I forgot I had this checklist on my phone - comes in handy:

Prepping a PiHole

  • [ ] Put wpa_supplicant.conf file in /boot for network that will be used.
  • [ ] Change timezone to install location
  • [ ] Change password for both the Pi and the admin console
  • [ ] update pihole “pihole -up”
  • [ ] flush logs in admin console
  • [ ] pihole -up for updates

On Setup

  • [ ] pihole -r to set IP address on the LAN, ensure IP address correct for PiHole
  • [ ] point router to piHole for DNS
  • [ ] use WiFi scanner or something similar, check every device on network and ensure it gets DNS of piHole.

Keep in mind if you clone:

1 Like

This is very helpful and confirmed an approach I was thinking. Thank you JFB.
I have a RP Zero W and will use it as the Beta and see if I can get wpa_supplicant.conf ro work. It always kicks my butt.

I am not interested in cloud based Pi-hole in the least.
-Gary

keep in moind cloud based needs to be well secured. it is not safe to run an open resolver so provided you can talk them through VPN setup you will be fine. otherwise there are ways to lock down using iptables etc