Automated Installation of PiHole and DNS Over HTTPS using Cloudflared proxy. It also installs Log2ram to prevent constant writes to SD card. Aim of this project is to provide user with 1-click (or minimal) set up capability for PiHole along with DNS Over HTTPS.
Connect to your Raspberry Pi via SSH (or directly using Terminal) and follow installation instructions. It would be quicker if you have updated your Pi before proceeding with installation. You can use below commands to update your Pi:
sudo apt-get update && sudo apt-get upgrade -y && sudo apt-get dist-upgrade -y && sudo apt-get autoclean -y && sudo apt-get autoremove -y
The script is self contained and fetches necessary files from github repo.
For installation, run below commands from your Pi terminal (or SSH session) :
Update the permissions on the downloaded file using:
chmod 755 DNS_Over_HTTPS_Via_Cloudflare.sh
Now run below script and follow prompts:
./DNS_Over_HTTPS_Via_Cloudflare.sh |& tee DNS_Over_HTTPS_Via_Cloudflare.log
Note: For advacned installation options, refer to Custom Installation section.
Your Pi would reboot upon completion of script.
Once it is back up, connect to your Pi (via SSH or terminal) and change the password for PiHole Admin using the command given below:
pihole -a -p YourNewPassword
For confirming successful installation open the log (DNS_Over_HTTPS_Via_Cloudflare.log) and search for below listed lines:
Presence of these lines means that everything went as expected.
These steps are for advacned users who need to customize the installation as per their need. setupVArs.conf: During the course of execution, this script downloads setupVars.conf file which is used to install PiHole in unattended mode. In case you want to adjust the installation as per your need (Ex: using your existing web server), you can update the file and PiHole installation would proceed accordingly. The script stops in the middle for user to modify the file (in another terminal) and continues upon user confirmation. Possible configurations:
INSTALL_WEB_SERVER=true
in the setupVars.conf A lot of devices like Chromecast, Fire TV, Roku etc have hardcoded DNS and escape PiHole filters. This raises a need to force these devices to use PiHole by adding a Pre Routing rule on the router. I did this on my Asus router but it should be similar for other DD WRT based routers.
This script assumes you have set up key based authentication between your Pi and DD-WRT router. If not, please follow relevant script/tutorial to set that up before proceeding. The script dynamically fetches the PiHole IP and SSHs into the Router (using IP fetched by script) to execute another script. As the router flushes any changes to pre routing on each restart, the router script on Pi should be added to cron and executed via SSH.
This script contains commands executed on DD-WRT router (with SSH enabled and configured to use key) to add PiHole IP in the pre routing rules. The script checks if the rule is already present and only updates if it is missing. Please update the port at which your router is listening for SSH.
If everything went well, you have a working Pi Hole with Cloudflared proxy setup but now you still need to update your router confing to utilize PiHole as DNS. Please note you need to update your DNS setting on the LAN tab as well as WAN tab on your router admin page.
Once you have updated router config and restarted (or flushed DNS cache on client), run extended tests on https://www.dnsleaktest.com (or http://en.conn.internet.nl/connection/ ) and you should see only 1 Cloudflare server in results.
For checking PiHole status, run pihole status
.
For testing Log2Ram, run df -h | grep log2ram
and non empty result would confirm the new mount folder created by Log2Ram.
Piyush Kumar - (https://github.com/piyushkumarjiit)
This project is licensed under the Apache License - see the LICENSE.md file for details
Thanks to below URLs for providing me the necessary understanding and material to come up with this script.