Wildcard domain is blocked even when added to whitelist

Cryotize · November 15, 2020, 8:38pm

Installation & Hardware

Raspberry Pi 4b Cluster is being used
K3s installation of Pi-hole
Installation used: GitHub - David-VTUK/k8spihole
Ubuntu Server 20.04 Installation

Problem

I have a Grafana install, together with Prometheus which should be accessible over a wildcard domain.
I used "grafana.192.168.1.200.nip.io", but Pi-hole blocks the domain due to not being on any blacklist, which i don't understand. Same goes for "xip.io" domains.

When adding the wildcard domain to the whitelist, it is still getting blocked, with the reason being:"Manually Blacklisted by Wildcard". I just whitelisted it, how can it be blacklisted? When blacklisting the wildcard domain it also displays the message above.

I don't know if i do something wrong or if it's a bug, it's my first time setting up Pi-hole and i couldn't find a solution online. I have added some screenshots.

Any help would be appreciated

Debug Token:

Debug Token: https://tricorder.pi-hole.net/gnok8vxq1o

yubiuser · November 16, 2020, 5:28am

I think the error is misleading. What it really shows (if you would use another blocking mode like NULL) is 404 - page noch found.

Try to run from a client

nslookup grafana.192.168.1.200.nip.io

DanSchaper · November 16, 2020, 5:44am

*** [ DIAGNOSING ]: Setup variables
    QUERY_LOGGING=true
    INSTALL_WEB_SERVER=true
    INSTALL_WEB_INTERFACE=true
    LIGHTTPD_ENABLED=
    IPV4_ADDRESS=0.0.0.0

You've told Pi-hole that it's running on 0.0.0.0, which is not possible. Put the right IPv4 address in there.

Cryotize · November 16, 2020, 7:27pm

Aight, so i did the nslookup and got this:

Does that help in any way?

DanSchaper · November 16, 2020, 7:39pm

Sure, means that the IP address is correctly returned.

What does curl -I 192.168.1.200 show and curl -I http://grafana.192.168.1.200.nip.io show?

DanSchaper · November 16, 2020, 7:40pm

Note that 192.168.1.1 isn't what you've configured Pi-hole's network address to be:

*** [ DIAGNOSING ]: Networking
[✓] IPv4 address(es) bound to the eth0 interface:
   10.42.3.73/24 does not match the IP found in /etc/pihole/setupVars.conf (https://discourse.pi-hole.net/t/use-ipv6-ula-addresses-for-pi-hole/2127)

Cryotize · November 16, 2020, 7:47pm

I'm sorry, but i'm really new to K3s clustering, and i can't figure out how to edit this config. I also don't know where it is stored, cause it's not at its usual locaton.

Anyway, here is the output of those curls:

DanSchaper · November 16, 2020, 7:50pm

You'll need to ask the GitHub - David-VTUK/k8spihole for assistance with K8s.

Does curl -I http://192.168.1.200/admin/ show an X-Pi-hole output? If so, then 192.168.1.200 is Pi-hole and not your grafana install.

Cryotize · November 16, 2020, 7:53pm

Yes, this curl does give me an X-Pi-hole output. But because it is a cluster, i can access Pi-hole on multiple IP adresses, same goes for Grafana. Those adresses go from 192.168.1.200-203 (i got 4 Pi's)

DanSchaper · November 16, 2020, 7:55pm

That's a K8s/K3s issue then and not Pi-hole. Pi-hole is responding as it was designed. It has no idea that grafana is on the same IP address as Pi-hole, they should not be the same IP.

Cryotize · November 16, 2020, 7:58pm

Would it help if i chose a different port instead of a wildcard domain? For ex. 192.168.1.200:8080 for grafana?

DanSchaper · November 16, 2020, 7:59pm

I have no advice to give you. You need to ask the person that wrote the K8s configs.

Cryotize · November 16, 2020, 8:00pm

Alright then, thank you very much for your help. I'll open an issue on the k8spihole github.