Pi-hole で広告をブロックする

takeharak

March 17, 2023

Pi-hole で広告をブロックしてネットワーク負荷を軽減する

今回の環境

Requirements

Docker

TL;DR

１. DNSStubListner を無効化

  # /etc/systemd/resolved.conf
  ...

  [Resolve]
  # Some examples of DNS servers which may be used for DNS= and FallbackDNS=:
  # Cloudflare: 1.1.1.1#cloudflare-dns.com 1.0.0.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com 2606:4700:4700::1001#cloudflare-dns.com
  ...
  #CacheFromLocalhost=no
- #DNSStubListener=yes
+ DNSStubListener=no
  #DNSStubListenerExtra=
  ...

sudo systemctl restart systemd-resolved.service

２. Docker バージョンの確認

docker version
Client: Docker Engine - Community
 Version:           23.0.1
 API version:       1.42
 Go version:        go1.19.5
 Git commit:        a5ee5b1
 Built:             Thu Feb  9 19:46:30 2023
 OS/Arch:           linux/arm64
 Context:           default

Server: Docker Engine - Community
 Engine:
  Version:          23.0.1
  API version:      1.42 (minimum version 1.12)
  Go version:       go1.19.5
  Git commit:       bc3805a
  Built:            Thu Feb  9 19:46:30 2023
  OS/Arch:          linux/arm64
  Experimental:     false
 containerd:
  Version:          1.6.18
  GitCommit:        2456e983eb9e37e47538f59ea18f2043c9a73640
 runc:
  Version:          1.1.4
  GitCommit:        v1.1.4-0-g5fd4c4d
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0
docker compose version
Docker Compose version v2.16.0

３. docker-compose.yml ファイルを追加

  curl -LSso docker-compose.yml \
  https://raw.githubusercontent.com/pi-hole/docker-pi-hole/mast
  er/examples/docker-compose.yml.example

  # docker-compose.yml

  version: "3"

  # https://github.com/pi-hole/docker-pi-hole/blob/master/README.md

  services:
    pihole:
      container_name: pihole
      image: pihole/pihole:latest
      # For DHCP it is recommended to remove these ports and instead add: network_mode: "host"
      ports:
        - "53:53/tcp"
        - "53:53/udp"
-       - "67:67/udp"
        - "80:80/tcp"
      environment:
-       TZ: 'America/Chicago'
+       TZ: 'Asia/Tokyo'
        # WEBPASSWORD: 'set a secure password here or it will be random'
      # Volumes store your data between container upgrades
      volumes:
        - './etc-pihole:/etc/pihole'
        - './etc-dnsmasq.d:/etc/dnsmasq.d'
      #   https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
-     cap_add:
-       - NET_ADMIN
      restart: unless-stopped # Recommended but not required (DHCP needs NET_ADMIN)

４. Pi-hole を起動

docker compose up -d
[+] Running 1/1
⠿ Container pihole      Started                            1.1s

５. 試してみる

dig +short @127.0.0.1 ads.google.com
0.0.0.0

６. DNS 設定

ルーターのマニュアルを参照

７. WEBPASSWORD の確認

docker compose logs pihole | grep random
pihole  |   [i] Assigning random password: ********

８. ログイン

open http://pi.hole/admin

Pi-hole - 4ac67b590550

９. ダッシュボードで確認