This is Hacker Public Radio Episode 3,937 for Tuesday the 5th of September 2023.
Today's show is entitled, Adventures in Py-Hole.
It is the first show by new host noodles and is about 8 minutes long.
It carries a clean flag.
The summary is noodles recounts their experience getting a Py-Hole server.
Hello listeners of Hacker Public Radio.
I'm Nate, also known as Noodles, which is probably the name I'll put in the title as my host
name.
I know Hacker Public Radio is constantly asking for contributors, so I figured I'd
start and contribute my own.
I'm going to put this in the Emergency Q, so I figure not much of this will change
over time, especially since it's just a recount of exactly what my experience in this was,
but yeah, I hope you guys enjoy.
So this is titled, Adventures in Py-Hole, and pretty much just in aftermath story, I've already
done the setup for the Py-Hole, and I wrote it down after I set up the Py-Hole.
So if I'm missing a few details, but you'll get the general list of how this went down.
So what exactly is Py-Hole first off?
Well, it's a DNS and DHCP server that allows for easy network side ad blocking along
with the nice customizations of being that.
A DNS server is kind of the server that you're a computer might ask, so if it asks,
hey, what's google.com that DNS server will be churn the IP address of google.com.
And a DHCP server is the server that gives out the IP addresses on your network.
So the first step here is to actually get it running.
And I did this using Docker Compose on my NAS, which even though I call it NAS, it's
really my centralized server, that's just kind of what I call it.
After a quick copy and paste from the Py-Hole's read me, I was pretty much up and running.
I set up a singular system and use this as a DNS server and after that, I figured
I was setting ready to go.
But I wasn't quite satisfied there.
I wanted automatic DNS setting for any device that connects to my network.
Of course, I could just set the DNS upstream.
I used open WRT router, so I could just set the DNS server in there, but not good enough
for me.
This means it'll be missing out on automatic per client information since when setting
up a DNS server for your open WRT, it only sets itself to forward any DNS requests
up to this DNS server, which means from Py-Hole's perspective, all the requests are coming
from the router and nowhere else, and I wanted per client information.
The solution here is to set up Py-Hole as a DHCP server.
Keep in mind, I'm not giving it a tutorial or anything, so let's just go through what I
did first.
The first step was to turn on the DHCP server in Py-Hole.
This was pretty easy, just a checkbox and click save.
Awesome.
I disabled the DHCP server in open WRT, and it was all set.
A few restarting of some network devices later, like my phone and my laptop that I was using
to set this up and they all automatically connected to the Py-Hole server, worked like
a charm, they got IP addresses from it and everything else like that.
Next up, I set up tail scale.
I use head scale, which is kind of like the server side of tail scale, but one that you
can host yourself.
But the setup is pretty much exactly the same as if you were using tail scales, you
why.
I set in the config to override the local DNS, set the name server to the tail scale IP address
of the server, and turn on magic DNS.
Voila.
Now to restarting the tail scale nodes, and make sure that on the server you set it not
to accept the DNS from tail scale.
If you don't do that, you'll get an endless loop of trying to use itself as a DNS
server.
It's just no good.
All right.
And after that, it's all set.
I checked the dashboard and it's already blocking DNS requests.
I can see all my tail scale devices in there.
Perfect.
Awesome.
And I made a bit of a whip-sease.
It was fine and great, but what I went to reboot my server, which I do weekly, something
bad happened.
The interface for the server didn't come up.
The problem is that it's the DHCP server from a network, so without that networking, the
network was dead in the water.
It can't give out IP addresses.
What's going on?
I go ahead and access my server directly, no matter how hard I try, I cannot connect
to the interface.
What's the big deal?
Well, this is actually pretty simple, and a question popped away ahead that got me
there.
How does the server even get its IP address?
When I set up Python, it was just using the IP address that the router had given
it earlier, which was more than happy to use.
But the moment the router didn't have a DHCP server, the NAS had no way to get its own
IP address.
So, what's the answer here?
Well, it's actually pretty simple.
Just give the server a static IP.
Make sure you set a static lease in the DHCP server of Python, and then I use network manager.
You just set a quick static IP, and make sure it's DNS points to local host.
And then everything is done.
It worked like a charm.
All right, crisis-averted, just a missing networking knowledge, happens to the best of us.
So what's next up on the list?
The default AdList is kind of small, let's go see if we could find some new AdLists.
Apparently, this is a little bit more difficult than you'd think.
A quick search on duck.go only came up with an equivalent search on GitHub.
Not very useful.
I have no idea the trustworthiness and stability of these AdLists.
So another search leads to a Reddit article, and that leads to a different list.
Awesome.
An AdList list.
This is FireballFireBog.net, and it's exactly what I needed.
I went ahead and looked into these lists and added a few of them.
Perfect.
FireBog automatically sorts them by most stable to lease stable.
So most likely it'll work versus a little bit more aggressive, but might break things
in the process.
All right, and the fifth step is maintenance.
So what exactly do I do for maintenance of this server?
Well, I used Docker Compose Pool, and then I used Docker Compose Up.
Of course, this isn't always it.
I use an AB update scheme, so I'll actually copy the container over to a different container,
update that, run it, and if that doesn't work,
I also, I still have that old container that I can go back to, but you still get the idea.
Update your taken care of automatically by this, and just keep the server up as long as possible
since this is what runs your DHCP server.
I don't know, of course, I wasn't happy with just that.
I wanted to move it off of my main NAS, there are a few reasons why I wanted to do that.
For first, I liked having the magic DNS from tail scale on my server.
I like being able to access my other computers using the server as kind of like a jump
post.
Number two, I wanted to have a computer that I can have on all the time.
If I needed to update my server, it ends up taking down my whole network, so, or maybe
some other problem happens with my server, and then I'm dead in the water for my network.
And I don't like that dependency there.
What I did was I ran it on a Raspberry Pi 3.
I used Arch Linux ARM, which is what I already run on my NAS.
I used Arch Linux on there.
And then I just followed the same exact steps for that.
I made sure that I set it as a static IP and just set it up on there, and it works wonderfully.
I don't have to worry about whether, oh, I need to reboot my server because I changed
this configuration file.
I don't need to worry about that anymore.
It's on a different computer now.
So yeah, that's mainly my adventures in Pi Hope.
I hope you guys enjoyed this pretty short recounting.
And if you have any feedback or anything like that, I will have some contact information
in the show notes.
And I'll also have the original article that I wrote in the show notes as well.
Thank you guys for listening and make sure you support hacker public radio, contribute yourself.
And more importantly, just enjoy the content that it releases.
Thank you guys for listening.
You have been listening to hacker public radio at hacker public radio.org.
Today's show was contributed by a HBR listening like yourself.
If you ever thought of recording podcast, click on our contributally to find out how easy it
means.
Hosting for HBR has been kindly provided by an onsthost.com.
Internet archive and our sing.net.
On this advice stated, today's show is released on our Creative Commons.
Attribution for.0. International license.