Hello Pi-hole Community,
I wanted to share a project I’ve been refining for the Raspberry Pi and Debian community: Pi-hole Ultimate Installation Suite (v1.4.8).
The goal of this script is to provide a "one-command" deployment for a hardened, high-performance privacy stack that is 100% persistent across reboots and power outages.
The Stack
The script automates the installation and complex configuration of:
-
Pi-hole: Network-wide ad-blocking.
-
Unbound: Configured as a local recursive DNS resolver (no upstream leaks).
-
DNSCrypt-Proxy: Secondary encrypted failover for ultimate privacy.
-
WireGuard: Secure remote access to your DNS stack.
Key "Set-and-Forget" Features:
-
Dynamic Port Persistence: Automatically detects and saves available ports for DNSCrypt to prevent service conflicts on reboot.
-
Thermal Monitoring: A built-in background service that logs CPU temps and alerts you at 75°C/80°C (critical for headless Pi 4/5 setups).
-
Automated Backups: Weekly cron-scheduled Teleporter backups with a 7-day retention policy.
-
Static IP Reinforcement: Automatically detects your active interface (Eth/WiFi) and locks the IP to prevent "DNS blackouts" after router restarts.
-
D-Bus & Service Repair: Auto-fixes common Debian/Pi-OS system message bus issues before the final reboot.
Why I built this:
I noticed many users struggle with the manual "piping" required to get Unbound and DNSCrypt working perfectly with Pi-hole's setupVars.conf. This script handles the strict-order and no-resolv hardening automatically to ensure no leaks to your ISP.
Installation:
Bash
curl -sSL https://raw.githubusercontent.com/waelisa/pi-hole-full-Installation-with-dns/main/pihole-auto-installation-with-dns.sh | sudo bash
I’d love to hear your thoughts, especially regarding the thermal monitoring logic and the Unbound configuration parameters I've chosen.
GitHub Repository: https://github.com/waelisa/pi-hole-full-Installation-with-dns
Thanks for the amazing work on Pi-hole!