How do I install Pi-hole on a Synology NAS?


sudo su- should be sudo su - (with a space before the -). Small thing but took me a while to find out (still very novice with linux!)


`shouldn’[quote=“DL6ER, post:60, topic:289”]
won’t have to do anything

shouldn’t have to do anything :wink:


Hello everyone!
I’ve followed the tutorial on my DS213 and it has worked as expected.

If I go on the Tools > Update List section of the (web-)admin interface I get this error:

::: WARNING: /etc/pihole/setupVars.conf missing. Possible installation failure.
:::          Please run 'pihole -r', and choose the 'reconfigure' option to reconfigure.

What am I doing wrong ?

P.S. = I do also have errors if I try to modify the config values from the admin page


We have a pull request under review to fix the issue.


The pull request probably will not work with Synology installs. I don’t have a device to test with, and there appears to be a problem with the chroot not bringing in the modules for the kernel, or at least the /lib/modules directory doesn’t exist. So as soon as we attempt to load the IPTABLES ruleset, the install bails out when the set -e is hit. (Non-geek, the system says “What are you trying to do??” and we expect that it already knows, so the system stops talking and the script just drops out.) We need to either try to grab the IPTables module info, or defensively program the install script to try to detect every instance where there could be a failure and code the response, which will take a while to do. We could also check to see if IPTables is set to INPUT ACCEPT and then pass the whole section, because there’s no need to add rulesets to a wide open firewall…


what has changed that the install fails after the commits ?


We check to see if the iptables binary is installed, and if we find it, we attempt to add 3 rules to the INPUT chain. Adding a rule for the first time triggers an insmod for the iptables modules, and they aren’t in the place the kernel expects them to be, so it errors out. The set -e sees that untrapped error and terminates the script, without any messages, so it looks like the script processed fully, but only half of the Pi-hole was actually installed. So there’s 4 or 5 things to cover, but I think we can find a way out of those options to fix this.


I think the issue (setupVars) is with synology configurations that have not enabled the firewall.
iptables is available from chroot when the firewall is enabled.


Unfortunately I cannot edit the post anylonger, don’t understand why, must be a discourse thing.


enable the firewall in DSM and reinstall pihole.


Tried to update to Web Admin v2.3 with the manual edits from above to auth.php still in place and couldn’t get the update to take unless I did a hard git reset. Posting here in case others run into the same thing.

I’m guessing that now the fix for non-standard ports is part of the master, this won’t be an issue going forward.

short version:

cd /var/www/html/admin
sudo git reset --hard
sudo git checkout master
sudo git pull

long version:

root@xxx01:/# pihole -up
::: Checking for updates...
::: Updating Everything
::: Checking for existing repository...
:::     Updating repository in /etc/.pihole... done!
::: You are root.
::: --unattended passed to install script, no whiptail dialogs will be displayed
::: Verifying free disk space...
::: Updating local cache of available packages... done!
::: Checking apt-get for upgraded packages.... done!
::: Kernel update detected, please reboot your system and try again if your installation fails.
:::    Checking for apt-utils... installed!
:::    Checking for debconf... installed!
:::    Checking for dhcpcd5... installed!
:::    Checking for git... installed!
:::    Checking for whiptail... installed!
::: Checking for existing repository...
:::    Updating repo in /etc/.pihole... done!
::: Checking for existing repository...
:::    Updating repo in /var/www/html/admin...!!! Unable to clone into /var/www/html/admin, unable to continue.
Unable to complete update, contact Pi-hole

root@xxx01:/# pihole -up
::: Checking for updates...
::: Pi-hole Web Admin files out of date
::: Checking for existing repository...
:::     Updating repository in /var/www/html/admin... done!
::: Web Admin version is now at v2.2
::: If you had made any changes in '/var/www/html/admin/', they have been stashed using 'git stash'

root@xxx01:/# cd /var/www/html/admin/

root@xxx01:/var/www/html/admin# sudo git reset --hard
HEAD is now at 83f19bc Merge pull request #291 from pi-hole/devel

root@xxx01:/var/www/html/admin# sudo git checkout master
Already on 'master'
Your branch is behind 'origin/master' by 120 commits, and can be fast-forwarded.
  (use "git pull" to update your local branch)

root@xxx01:/var/www/html/admin# sudo git pull
Updating 83f19bc..f76317b
 .user.php.ini                                                                  |   2 ++

{{clipped git pull content}}

 rename {css => style/vendor}/skin-blue.min.css (100%)

root@xxx01:/var/www/html/admin# pihole -up
::: Checking for updates...
::: Pi-hole version is v2.11
::: Web Admin version is v2.3
::: Everything is up to date!

edit: minor grammer


Update worked smoothly … I had only to search for the procedure to create a new admin password to see the stats.
Thanks to all!


I’ve got one question … Domains Being Blocked = 1 … the one domain I’ve added manually.

root@DS213:/# pihole -g

Neutrino emissions detected...

No custom adlist file detected, reading from default file.../opt/pihole/ line 71: /etc/pihole/adlists.default: No such file or directory

Aggregating list of domains... done!
Formatting list of domains to remove comments.... done!
0 domains being pulled in by gravity...
Removing duplicate domains.... done!
0 unique domains trapped in the event horizon.

Adding adlist sources to the whitelist... done!
Whitelisting 0 domains... done!
Blacklisting 1 domain... done!
Formatting domains into a HOSTS file... done!

Cleaning up un-needed files... done!

Refresh lists in dnsmasq...Running in chroot, ignoring request.
DNS service is running
Pi-hole blocking is Enabled

And that’s all …



I’ve manually added the /etc/pihole/adlists.default file from Github repo.
And now the web interface tells me I have 94,733 domain blocked…

Still testing!

Seems to work but no sitw has been blocked (and I’ve visited on pourpose a couple of p0rn websites with ads… that have loaded :frowning:


This worked for me, however when i do a pihole -up i get an error:
Update script has malfunctioned, fallthrough reached. Please contact support

I ran /etc/.pihole/automated\ install/ --unattended and it ran succesfully - some files seemed missing, after that pihole -up worked fine.


Just to be clear though, you are not seeing the Fallthrough error again are you? That’s more of a stop gap that really should never be seen, so if you can reproduce, definitely let us know and we’ll dig some more.


I was wondering how I ended up there in the script (was reading it) - but I did go the exotic way by resetting the git head for the webadmin, not sure if that has anything to do with it. The ‘manual’ install stated that index.php and index.css were missing, after that all was ok again.

btw in adlists.default - there is a link to - this link is dead (503) - blocked domains have dropped to 55000+ (was 106000+ before)


It looks like that site is currently down. :frowning: However, if you have already run gravity with that ad list, it should use the cached version:

::: Getting list... done
:::   Status: Status 503
:::   List download failed, using cached list (list not updated!)


I just verified that is still works for me. See the last line:

::: Getting list... done
:::   Status: Status 503
:::   List download failed, using cached list (list not updated!)
::: Getting list... done
:::   Status: Success (OK)
:::   List updated, transport successful!
::: Aggregating list of domains... done!
::: Formatting list of domains to remove comments.... done!
::: 129945 domains being pulled in by gravity...
::: Removing duplicate domains.... done!
::: 105893 unique domains trapped in the event horizon


Cached, thus not working.