kandi background
Explore Kits

pi-hole | A black hole for Internet advertisements | Privacy library

 by   pi-hole Shell Version: v5.10 License: Non-SPDX

 by   pi-hole Shell Version: v5.10 License: Non-SPDX

Download this library from

kandi X-RAY | pi-hole Summary

pi-hole is a Shell library typically used in Security, Privacy applications. pi-hole has no bugs and it has medium support. However pi-hole has 4 vulnerabilities and it has a Non-SPDX License. You can download it from GitHub.
The Pi-hole® is a DNS sinkhole that protects your devices from unwanted content without installing any client-side software.
Support
Support
Quality
Quality
Security
Security
License
License
Reuse
Reuse

kandi-support Support

  • pi-hole has a medium active ecosystem.
  • It has 35862 star(s) with 2262 fork(s). There are 703 watchers for this library.
  • There were 2 major release(s) in the last 6 months.
  • There are 18 open issues and 2473 have been closed. On average issues are closed in 56 days. There are 9 open pull requests and 0 closed requests.
  • It has a neutral sentiment in the developer community.
  • The latest version of pi-hole is v5.10
pi-hole Support
Best in #Privacy
Average in #Privacy
pi-hole Support
Best in #Privacy
Average in #Privacy

quality kandi Quality

  • pi-hole has 0 bugs and 0 code smells.
pi-hole Quality
Best in #Privacy
Average in #Privacy
pi-hole Quality
Best in #Privacy
Average in #Privacy

securitySecurity

  • pi-hole has 4 vulnerability issues reported (0 critical, 2 high, 2 medium, 0 low).
  • pi-hole code analysis shows 0 unresolved vulnerabilities.
  • There are 0 security hotspots that need review.
pi-hole Security
Best in #Privacy
Average in #Privacy
pi-hole Security
Best in #Privacy
Average in #Privacy

license License

  • pi-hole has a Non-SPDX License.
  • Non-SPDX licenses can be open source with a non SPDX compliant license, or non open source licenses, and you need to review them closely before use.
pi-hole License
Best in #Privacy
Average in #Privacy
pi-hole License
Best in #Privacy
Average in #Privacy

buildReuse

  • pi-hole releases are available to install and integrate.
  • Installation instructions, examples and code snippets are available.
  • It has 1840 lines of code, 59 functions and 12 files.
  • It has low code complexity. Code complexity directly impacts maintainability of the code.
pi-hole Reuse
Best in #Privacy
Average in #Privacy
pi-hole Reuse
Best in #Privacy
Average in #Privacy
Top functions reviewed by kandi - BETA

Coming Soon for all Libraries!

Currently covering the most popular Java, JavaScript and Python libraries. See a SAMPLE HERE.
kandi's functional review helps you automatically verify the functionalities of the libraries and avoid rework.

pi-hole Key Features

Total number of domains being blocked

Total number of DNS queries today

Total number of ads blocked today

Percentage of ads blocked

Unique domains

Queries forwarded (to your chosen upstream DNS server)

Queries cached

Unique clients

Method 1: Clone our repository and run

copy iconCopydownload iconDownload
git clone --depth 1 https://github.com/pi-hole/pi-hole.git Pi-hole
cd "Pi-hole/automated install/"
sudo bash basic-install.sh

Method 2: Manually download the installer and run

copy iconCopydownload iconDownload
wget -O basic-install.sh https://install.pi-hole.net
sudo bash basic-install.sh

nginx listen on private ip instead of 0.0.0.0 with multiple sites

copy iconCopydownload iconDownload
server {
  server_name a.mysite.com 192.168.1.10;

  location / {
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
    proxy_redirect   off;
    proxy_pass       http://127.0.0.1:9117;
  }
    ssl_dhparam /etc/ssl/certs/a.mysite.pem;


    listen 192.168.1.10:443 ssl;
    ssl_certificate /etc/letsencrypt/live/a.mysite.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/a.mysite.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
#    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
    if ($host = a.mysite.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


  server_name a.mysite.com 192.168.1.10;


    listen 192.168.1.10:80;
    return 404; # managed by Certbot


}

How can I do a 301 redirect towards an URL ending in a slash with Nginx?

copy iconCopydownload iconDownload
location /pihole/ {
  proxy_set_header Host $host;
  proxy_set_header X-Real-IP $remote_addr;
  proxy_pass http://127.0.0.1:31480/;
  proxy_redirect http://servername.xyz/admin/ http://servername.xyz/pihole/admin/;
}

Lighttpd Reverse Proxy with Pi-hole

copy iconCopydownload iconDownload
$HTTP["host"] =~ "pi-hole.local" {   
  proxy.server  = ( "" => ("" => ( "host" => "192.168.1.254", "port" => 8080 ))) 
}
server.modules += ("mod_redirect")
$HTTP["host"] =~ "pi-hole.local" {   
  url.redirect = ("" => "http://pi-hole.local:8080${url.path}${qsa}")
}
-----------------------
$HTTP["host"] =~ "pi-hole.local" {   
  proxy.server  = ( "" => ("" => ( "host" => "192.168.1.254", "port" => 8080 ))) 
}
server.modules += ("mod_redirect")
$HTTP["host"] =~ "pi-hole.local" {   
  url.redirect = ("" => "http://pi-hole.local:8080${url.path}${qsa}")
}

Port mapping in docker container with multiple networks

copy iconCopydownload iconDownload
- name: Create the pihole container
  docker_container:
    name: "{{ pihole_docker_container }}"
    image: "{{ pihole_docker_tag }}"
    pull: yes
    restart_policy: unless-stopped
    networks_cli_compatible: yes
    networks:
      - name: "{{ traefik_docker_network }}"
    volumes:
      - "{{ pihole_config_dir }}:/etc/pihile/"
      - "{{ pihole_dnsmasq_dir }}:/etc/dnsmasq.d/"
    env:
      TZ: "{{ pihole_tz }}"
      WEBPASSWORD: ""
      DNS1: "{{ pihole_container_dns1 }}"
      DNS2: "{{ pihole_container_dns2 }}"
      REV_SERVER: "{{ pihole_server_rev }}"
      REV_SERVER_DOMAIN: "{{ pihole_server_domain }}"
      REV_SERVER_TARGET: "{{ pihole_server_gateway }}"
      REV_SERVER_CIDR: "{{ pihole_server_subnet }}"
    dns_servers:
      - 127.0.0.1
      - "{{ pihole_container_dns1 }}"
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "853:853"
    labels:
      traefik.enable: "true"

      traefik.http.routers.pihole.entrypoints: "websecure"
      traefik.http.routers.pihole.rule: "Host(`{{ pihole_public_domain }}`)"
      traefik.http.routers.pihole.middlewares: "pihole-admin"
      traefik.http.routers.pihole.service: "pihole"
      traefik.http.routers.pihole.tls: "true"
      traefik.http.routers.pihole.tls.certresolver: "le"

      traefik.http.middlewares.pihole-admin.addprefix.prefix: "/admin"

      traefik.http.routers.pihole_http.entrypoints: "web"
      traefik.http.routers.pihole_http.rule: "Host(`{{ pihole_public_domain }}`)"
      traefik.http.routers.pihole_http.middlewares: "redirect-to-https"

      traefik.http.services.pihole.loadBalancer.server.port: "80"

yaml for pihole container on QNAP

copy iconCopydownload iconDownload
# you need file version 2 in order to use options in ipam
# the file you copied it from is also using version 2
version: '2'

services:
  pihole:
    ...
  # this one (qnet_dhcp) is the name of another service. 
  # In your original code the indention is incorrect.
  # It should be aligned with the other services.
  qnet_dhcp:
    ...
  qnet_static:
    ...

networks:
  qnet-dhcp:
    ...
    ipam:
      ...
      # as mentioned above,
      # this is only valid in version 2
      options:
        ...

Make a division of a stat/number from another stat/number in bash

copy iconCopydownload iconDownload
sudo unbound-control stats_noreset | awk -F '=' '$1 == "total.num.queries" {queries=$NF} $1 == "total.num.cachehits" {hits=$NF}END{print hits, hits/queries*100"%"}'
sudo unbound-control stats_noreset | 
   awk -F '=' '$1 == "total.num.queries" { queries = $NF }
               $1 == "total.num.cachehits" { hits = $NF }
               END { print hits, hits / queries * 100 "%" }'
1344 25.8511%
END { printf "%d %.1f%%\n", hits, hits / queries * 100 }
-----------------------
sudo unbound-control stats_noreset | awk -F '=' '$1 == "total.num.queries" {queries=$NF} $1 == "total.num.cachehits" {hits=$NF}END{print hits, hits/queries*100"%"}'
sudo unbound-control stats_noreset | 
   awk -F '=' '$1 == "total.num.queries" { queries = $NF }
               $1 == "total.num.cachehits" { hits = $NF }
               END { print hits, hits / queries * 100 "%" }'
1344 25.8511%
END { printf "%d %.1f%%\n", hits, hits / queries * 100 }
-----------------------
sudo unbound-control stats_noreset | awk -F '=' '$1 == "total.num.queries" {queries=$NF} $1 == "total.num.cachehits" {hits=$NF}END{print hits, hits/queries*100"%"}'
sudo unbound-control stats_noreset | 
   awk -F '=' '$1 == "total.num.queries" { queries = $NF }
               $1 == "total.num.cachehits" { hits = $NF }
               END { print hits, hits / queries * 100 "%" }'
1344 25.8511%
END { printf "%d %.1f%%\n", hits, hits / queries * 100 }
-----------------------
sudo unbound-control stats_noreset | awk -F '=' '$1 == "total.num.queries" {queries=$NF} $1 == "total.num.cachehits" {hits=$NF}END{print hits, hits/queries*100"%"}'
sudo unbound-control stats_noreset | 
   awk -F '=' '$1 == "total.num.queries" { queries = $NF }
               $1 == "total.num.cachehits" { hits = $NF }
               END { print hits, hits / queries * 100 "%" }'
1344 25.8511%
END { printf "%d %.1f%%\n", hits, hits / queries * 100 }

How do I edit live css using tampermonkey without using Amino: Live CSS Editor

copy iconCopydownload iconDownload
document.getElementById("tvcap").style.display = "none";
-----------------------
// ==UserScript==
// @name         Block google ads
// @namespace    http://tampermonkey.net/
// @version      0.1
// @description  try to take over the world!
// @author       You, credit: https://stackoverflow.com/users/5053475/daniele-rugginenti
// @match        https://*/*
// @grant        none
// ==/UserScript==



(function() {
    'use strict';

    document.getElementById("tvcap").style.display = "none";
})();

Print correct MHz or GHZ number depends of CPU scaling

copy iconCopydownload iconDownload
awk 'length==6{printf("%.0f MHz\n", $0/10^3); next} length==7{printf("%.1f GHz\n", $0/10^6)}' /sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq
600 MHz
750 MHz
1.0 GHz
1.5 GHz
-----------------------
awk 'length==6{printf("%.0f MHz\n", $0/10^3); next} length==7{printf("%.1f GHz\n", $0/10^6)}' /sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq
600 MHz
750 MHz
1.0 GHz
1.5 GHz

Community Discussions

Trending Discussions on pi-hole
  • nginx listen on private ip instead of 0.0.0.0 with multiple sites
  • How to fix Android "Connected but no internet" with static IP?
  • How can I do a 301 redirect towards an URL ending in a slash with Nginx?
  • SwiftUI crashing <<<opaque return type of View.contextMenu<A>(menuItems:)>>
  • Lighttpd Reverse Proxy with Pi-hole
  • Port mapping in docker container with multiple networks
  • yaml for pihole container on QNAP
  • Make a division of a stat/number from another stat/number in bash
  • WLAN bandwidth throttling
  • How do I edit live css using tampermonkey without using Amino: Live CSS Editor
Trending Discussions on pi-hole

QUESTION

nginx listen on private ip instead of 0.0.0.0 with multiple sites

Asked 2022-Jan-28 at 04:11

I've recently setup a pihole on a pi I had lying around and it's great. When a domain is blocked it's returning ip address 0.0.0.0 as per its default config of BLOCKINGMODE=NULL.

The problem I'm facing is that when I'm browsing the web from my server, that hosts multiple subdomains via nginx, it's constantly trying to connect to my nginx sites and it filling up its logs with 404s.

I believe the solution is to update my nginx configs to point to my private ip instead of 0.0.0.0. I thought it would be as easy as updating listen 443 ssl; to listen 192.168.1.10:443 ssl;

Unfortunately, after I made that change all my subdomains are all pointing to one of them at random. Ex. a.mysite.com, b.mysite.com, c.mysite.com are all directing to a.mysite.com

Most of my sites are forwarding a docker instance to 443 and a few that simply serve up local files.

I originally asked on the pihole forums and they pointed me in the right direction, but I'm not sure how to get nginx working using my private ip instead of 0.0.0.0. https://discourse.pi-hole.net/t/blockingmode-null-vs-nodata/53016/7

The easy solution would be to leave my nginx configs alone and update pihole from BLOCKINGMODE=NULL to BLOCKINGMODE=NXDOMAIN or BLOCKINGMODE=NODATA, but as per their help docs, "Similar to NULL blocking, but experiments suggest that clients may try to resolve blocked domains more often compared to NULL blocking." https://docs.pi-hole.net/ftldns/blockingmode/

Thanks for reading!

mrplow@dan-server:~$ dig ads.facebook.com

; <<>> DiG 9.16.15-Ubuntu <<>> ads.facebook.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37291
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;ads.facebook.com.              IN      A

;; ANSWER SECTION:
ads.facebook.com.       2       IN      A       0.0.0.0

;; Query time: 3 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Thu Jan 27 14:50:46 PST 2022
;; MSG SIZE  rcvd: 61
mrplow@dan-server:~$ date && curl ads.facebook.com && tail -n 1 /var/log/nginx/access.log
Thu 27 Jan 2022 03:00:19 PM PST
<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.18.0 (Ubuntu)</center>
</body>
</html>
127.0.0.1 - - [27/Jan/2022:15:00:19 -0800] "GET / HTTP/1.1" 404 162 "-" "curl/7.74.0"

Sample nginx conf file

server {
  server_name a.mysite.com;

  location / {
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
    proxy_redirect   off;
    proxy_pass       http://127.0.0.1:9117;
  }
    ssl_dhparam /etc/ssl/certs/a.mysite.pem;


    listen 443 ssl; # managed by Certbot
#    listen 192.168.1.10:443 ssl;
    ssl_certificate /etc/letsencrypt/live/a.mysite.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/a.mysite.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
#    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
    if ($host = a.mysite.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


  server_name a.mysite.com;


    listen 80;
#    listen 192.168.1.10:80;
    return 404; # managed by Certbot


}

ANSWER

Answered 2022-Jan-28 at 04:10

Figured it out.

I was correct with including the private ip in the listen directives. But, I also needed to update all my server_name directives to include the private ip address.

After I updated all my nginx configurations it is no longer listening on 0.0.0.0 and when I curl a blocked site it now gives the proper curl: (7) Failed to connect to ads.facebook.com port 80: Connection refused response.

Working example:

server {
  server_name a.mysite.com 192.168.1.10;

  location / {
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
    proxy_redirect   off;
    proxy_pass       http://127.0.0.1:9117;
  }
    ssl_dhparam /etc/ssl/certs/a.mysite.pem;


    listen 192.168.1.10:443 ssl;
    ssl_certificate /etc/letsencrypt/live/a.mysite.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/a.mysite.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
#    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
    if ($host = a.mysite.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


  server_name a.mysite.com 192.168.1.10;


    listen 192.168.1.10:80;
    return 404; # managed by Certbot


}

Source https://stackoverflow.com/questions/70886968

Community Discussions, Code Snippets contain sources that include Stack Exchange Network

Vulnerabilities

No vulnerabilities reported

Install pi-hole

Those who want to get started quickly and conveniently may install Pi-hole using the following command:.
Piping to bash is controversial, as it prevents you from reading code that is about to run on your system. Therefore, we provide these alternative installation methods which allow code review before installation:.

Support

There are many reoccurring costs involved with maintaining free, open source, and privacy-respecting software; expenses which our volunteer developers pitch in to cover out-of-pocket. This is just one example of how strongly we feel about our software and the importance of keeping it maintained.

DOWNLOAD this Library from

Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from
over 430 million Knowledge Items
Find more libraries
Reuse Solution Kits and Libraries Curated by Popular Use Cases

Save this library and start creating your kit

Explore Related Topics

Share this Page

share link
Reuse Pre-built Kits with pi-hole
Compare Privacy Libraries with Highest Reuse
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from
over 430 million Knowledge Items
Find more libraries
Reuse Solution Kits and Libraries Curated by Popular Use Cases

Save this library and start creating your kit

  • © 2022 Open Weaver Inc.