How do I install Pi-hole on a Synology NAS?


#1

How do I install Pi-hole on a Synology NAS

This is a basic functional installation, it does not take into account any special servers/services that you may have running on your DSM. This was done succesfully on DSM 5.2-5967 and DSM 6.0.2-8451 Update 2. It uses Debian chroot to run Pi-hole and should take less than 30 minutes to install.


Install Chroot

In DSM:

Open a terminal/use putty, ssh to your NAS
On the command line, make sure you are root.
In DSM 6 use sudo su -
Login with your admin password:

/var/packages/debian-chroot/scripts/start-stop-status start
/var/packages/debian-chroot/scripts/start-stop-status chroot

You may receive a locale error, can be ignored - the prompt should have changed.
Now you are on the chroot prompt, which enables you to install many packages that are available for Debian.

Enter one by one:

apt-get update
apt-get upgrade
apt-get install locales
sed -i 's/^# *\(en_US.UTF-8\)/\1/' /etc/locale.gen && locale-gen

This may take a while (5-10 minutes depending on CPU speed)

dpkg-reconfigure tzdata
apt-get install curl

mount /proc
cat /proc/mounts > /etc/mtab

This is to fix a filesystem issue.


Install Pi-hole

curl -L https://install.pi-hole.net | bash

Just follow the steps…

The Pi-hole webserver runs on port 80, which is usually already occupied by the webserver, so we need to modify the webserver config:

nano /etc/lighttpd/lighttpd.conf

modify server.port = xxxx to a suitable port (higher than 1023)
ctrl+x to save

crontab /etc/cron.d/pihole
crontab -l

Verify that you see several entries for pihole.

sudo service cron restart
sudo service lighttpd restart
sudo service dnsmasq restart

This will restart the webserver, dnsmasq and cron with the new config.
Now you should be able to access it with your browser on http://ip:port/admin/

If you see the admin page of Pi-hole you can modify your devices: change the DNS IP address to the NAS IP.


Autostart after reboot

As nothing in chroot is started automatically we need to make a startup script that survives a reboot:

exit (from chroot - should still be root)

Retrieve the RC script - in this file it is assumed that you use /volume1:

cd;wget https://gist.githubusercontent.com/bakman2/dcfe3fdfd02c9ff8326bbf35da539f27/raw/c177d818b878ab2ee5c7de54af35116e0ded2a37/gistfile1.txt
mv gistfile1.txt /usr/local/etc/rc.d/S99pihole.sh
chmod +x /usr/local/etc/rc.d/S99pihole.sh

Test the script:

/usr/local/etc/rc.d/S99pihole.sh restart

If succesful, pi-hole and all the services should automatically start after a reboot.


Additional info:

If pi-hole does not work you can retry the install from chroot

curl -L https://install.pi-hole.net | bash
service dnsmasq restart
service lighttpd restart

To get into chroot from your dsm you can use /var/packages/debian-chroot/scripts/start-stop-status chroot
or to enable ssh in chroot, follow this blog post

If you are using dhcp in your network, configure your router to use the DNS on your NAS.


Update Pi-hole

from chroot:

pihole -up

change the webserver port again:

nano /etc/lighttpd/lighttpd.conf - change the port
ctrl+x y,enter to save
service lighttpd restart
service dnsmasq restart

Pi-hole on Synology diskstations
Synology Install/Whitelist Not Working
Synology: 0 domains blocked. Several files missing (SetupVars.conf, multiple .list files)
Lost password
Following the Install on Synology FAQ, I get [ERROR]: Unable to parse results from queryads.php: Unhandled error message ()
Spotify is blocked despite whitelist ... but ... works from IE
#2

Bakman2, thank you for a great tutorial! I managed to complete the install and pull up the admin page. When I point my router or laptop dns to the IP of the synology I do not see any stats show up and I do not see any ads blocked. Are there more apps that need to be installed like the DNS app or are there certain settings that need to be made to allow my router to talk to pi-hole on the synology?


#3

Strange. First thing is to check if it is actually working, on commandline in chroot:

head /var/log/pihole.log

You should see something similar to:

Oct 20 17:37:32 dnsmasq[21330]: started, version 2.72 cachesize 10000
Oct 20 17:37:32 dnsmasq[21330]: compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset auth DNSSEC loop-detect
Oct 20 17:37:32 dnsmasq[21330]: warning: ignoring resolv-file flag because no-resolv is set
Oct 20 17:37:32 dnsmasq[21330]: using nameserver 4.2.2.2#53
Oct 20 17:37:32 dnsmasq[21330]: using nameserver 4.2.2.1#53
Oct 20 17:37:32 dnsmasq[21330]: read /etc/hosts - 3 addresses
Oct 20 17:37:32 dnsmasq[21330]: bad name at /etc/pihole/gravity.list line 29670
Oct 20 17:37:32 dnsmasq[21330]: bad name at /etc/pihole/gravity.list line 100224
Oct 20 17:37:32 dnsmasq[21330]: read /etc/pihole/gravity.list - 100224 addresses

if not, you may need to restart dnsmasq, while in chroot:

service dnsmasq restart

On your laptop do a nslookup google.com - verify that it the server that responds is the pi-hole ip.
If not, back in chroot, install pi-hole once again:

curl -L https://install.pi-hole.net | bash

after that restart both the webserver and dnsmasq again

service dnsmasq restart
service lighttpd restart   

check the log once again

head /var/log/pihole.log

this is as far as I can take you :baby:


#4

Hi,

Excellent tutorial, I got a lot further than I thought I would. But I’m stuck at the final hurdle.

I’ve edited the port of lighttpd, to be 999, per instructins and it serves up the standard ‘welcome’ index.html page at my Synology IP http://192.168.1.158:999 but when I try http://192.168.1.158:999/admin I get a 403 (Forbidden)

Any ideas?

Thanks.

Steve


#5

Actually the port number should be anything between 1024-65535, as 1-1023 are so called well-known ports and are reserved in the network stack. Not sure if that is causing your issue, but good to know :wink:

I read that someone had luck by entering (in chroot):

lighty-enable-mod fastcgi
lighty-enable-mod fastcgi-php
/etc/init.d/lighttpd force-reload
/etc/init.d/lighttpd restart

Does that work for you ?


#6

Found my mistake. My Synology has four network ports. I must have gone through the pi hole installer too fast. I selected the wrong interface. Now things are working as they should.

New problem with your auto restart script.

I get an error

nano /usr/local/etc/rc.d/S99pihole.sh

I paste in your text
press ctrl x
type y enter and get the below error.

Error writing /usr/local/etc/rc.d/S99pihole.sh: No Such file or directory

root@DSDS1813:/# cd /usr/
root@DSDS1813:/usr# ls
bin games include lib local sbin share src
root@DSDS1813:/usr# cd local
root@DSDS1813:/usr/local# ls
bin etc games include lib man sbin share src
root@DSDS1813:/usr/local# cd etc
root@DSDS1813:/usr/local/etc# ls
root@DSDS1813:/usr/local/etc#

I apologize as an am not much of a linux guy…


#7

You are root and are on DSM and not in chroot ?
Actually, you are in chroot, you can tell by the # - you have to exit


#8

this is what I get when I exit out of chroot

root@DSDS1813:/usr/local/etc# exit
exit
ash-4.3# nano /usr/local/etc/rc.d/S99pihole.sh
ash: nano: command not found
ash-4.3# cd /usr
ash-4.3#


#9

Ah I assumed you have nano installed, my mistake, is your DSM bootstrapped with ipkg ?
If not:

vi /usr/local/etc/rc.d/S99pihole.sh

copy/paste the data, now:

press: escape
press: : 
enter: wq!
press: enter

Sorry vi is complicated if you have never used it before.


#10

edited post as not required


#11

I actually installed it tonight on DSM 6.0.2-8451 Update 2 without any issue, I followed my own steps to verify it was working and it was.

When you install chroot - it is essential that you “start” it.

This was essential to make it working:

cat /proc/mounts > /etc/mtab

#12

I am using DSM 6.0.2-8451 Update 2 and this works as bakman2 says.

bakman2 does the formatting need to be changed for vi? I have never used it before and when I pasted in your code the formatting is very different from your code on the webpage. I am using putty and right click to paste. Then follow your commands. I rebooted the synology and waiting about 20 min and pihole never started. chroot was started and running.


#13

I see what is happening, the tabs are converted.
try the following instead, copy&paste all:

cd;wget https://gist.githubusercontent.com/bakman2/dcfe3fdfd02c9ff8326bbf35da539f27/raw/0c59b7b62b0d351276895744e6d0750c8baf5be5/gistfile1.txt
mv gistfile1.txt /usr/local/etc/rc.d/S99pihole.sh
chmod +x /usr/local/etc/rc.d/S99pihole.sh

test it with:

/usr/local/etc/rc.d/S99pihole.sh restart

hopefully this works for you


#14

I will give it another go then :slight_smile: thx.


#15

That worked after reboot. Thank you!


#16

Yeah I tried again, following each step exactly on a DS1813+ (using sudo instead of su),

Doesn’t work for me, during the pi-hole install i get;

::: Configuring iptables for httpd and dnsmasq…
modprobe: ERROR: …/libkmod/libkmod.c:557 kmod_search_moddep() could not open mo ddep file ‘/lib/modules/3.10.77/modules.dep.bin’
iptables v1.4.21: can’t initialize iptables table `filter’: Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

I also noticed the chmod stopped at some point and I needed to start it again.
All good must be an issue on my end, I will edit my previous post. thx.


#17

@eraser
Not sure it will help, but I used sudo su before running any commands


#18

Did you uninstall chroot and reinstalled it ?
The previous mentioned changes could have done something unwanted.

When I google your error, I find things related to missing CPU/kernel support, not sure if this is the case.
FYI you can also directly connect as root@nas


#19

Thank you for this tutorial that works pretty well.

Can be should it indicate that we must do a dsm 6 on “sudo -i” for the root user. "

Always add the EN-US language (I’m French I didn’t add it).

However the white list and black list does not work in my house. It’s the same at home?


#20

I have added the sudo su- for DSM 6.
What do you mean with the white/blacklist does not work ?