Installing Pi-Hole inside a Proxmox LXC Container
Now that we have our Proxmox cluster built, its time to buld a couple of virtual machines to run on it.
The first machine I am going to set up is PiHole. Now for those unfamiliar with Pi-hole, Pi-hole is a network-wide DNS management system that primarily blocks advertising content when you're browsing the internet. But this is not all it does. It can also be used as a DNS server. Why do I need a DNS server? I hear you ask. Well, in part, it's to make it easier to find things on your network as you can give them fully qualified domain names without needing to set up an external DNS server and have those services public-facing on the internet. This, in part, also gets rid of the annoying security error because you now have a domain name that matches the certificate. This applies to both Proxmox and Home assistant.
I would love to take credit for the instructions I am about to show here. But credit where credit is due. The instructions on how to do this are, for the most part, from this website. https://www.datahoards.com/installing-pi-hole-inside-a-proxmox-lxc-container/
One of the significant advantages that Proxmox offers over other hypervisors like Virtual box is it easy to deploy a Linux Container; this applies to both Pihole and Home Assistant. So the instructions we are going to follow use scripting to fetch a container, then fetch the distribution of Pihole and then deploy it.
we need to do is make sure all the available containers are up to date. To do this, go to the Shell in Proxmox from any node and issue the following command.
pveam update
6.Next, click on the local node to open it out to show the storage tags. Click on the local storage for node 1.
7. Select “CT Templates” then select “Templates.”
8. This will display all the available templates to download. I’m going to use Debian because I’m most familiar with this distro.
9. In the search box, type Debian and select the Debian-10-standard
NOTE: If you prefer Ubuntu or any other flavor of linux you see in the list of templates, feel free to choose that.
10. Click “Download” and wait for the template to be downloaded from the Internet.
11. After a few minutes, the distro will be available on your system for deployment.
12. Fill in the information for the container; if you wish to, you can select a different node to deploy this container. But for now, we will use prox1
13. Proceed through the remaining steps, selecting your preferred template; if this is the first time you have done this and have only downloaded one template so far, you will only see one in the list.
14. In the root disk tab, set the disk size to be whatever you like; Pi-hole is very lightweight, so I am going very lean on my settings. For the disk size, I set it to 2GB
15. CPU I am using 1 CPU core, and 256MB of memory, with a 512Mib swap
16. Pi-Hole needs a static IP address (because the other devices on your network will need to point to it). Assign one that makes sense in your environment. For me, I'm going to choose 10.110.10.8/24, which is the next IP address in this small network. Enter your gateway (10.110.10.1 for me) and click "Next".
17. Leave the DNS servers to "use host settings" and click "Next". During the Pi-Hole installation later, we'll be selecting the upstream DNS servers separately. If everything looks in order, click "Start after created" and then "Finish".
18. Now that our new Linux container is built. we need to install PiHole.
19. Click on your newly created container, and if it is not running, select start in the top right-hand side of the screen
20. Once the Operating System Instance is running, click “Console”.
21. Log in with the username “root” and the password you chose earlier.
21. Issue the following command; this will update all the packages.
apt update && apt upgrade
22. The Pi-Hole installer relies on a tool known as “curl”. Curl can be thought of as a downloader, which we’ll have to first install. Issue the following command
apt install curl
23. To get the Pi-Hole install underway, issue the following command
curl -sSL https://install.pi-hole.net | bash
24. If all goes well, the Pi-Hole installer should perform a few pre-flight checks and then start asking you for some configuration details.
25. The first choice you need to make is regarding your upstream DNS provider. This is the DNS server that you’d like to use to lookup permitted requests. I like to use Cloudflare as they don’t log your requests to later analyse them for commercial purposes
26. The next step will ask you whether or not to use the default blacklists. I'm going to use both of the defaults for now. We can tweak these later.
27. I de-select IPv6 during the next step as I don't use it on my network. If you do use IPv6, then, by all means, leave it enabled.
28. The next couple of steps ask you to confirm your static IP address and provide a warning about IP conflicts. Read these and decide if they affect you or not. I just skipped over them because everything was fine.
29. Pi-Hole can be administered through a pretty Web interface, which makes tasks like adding blacklist and whitelist entries very easy. The Web interface requires that Pi-Hole installs a lightweight Web server in the background. I personally want this nice interface, so I'm going to select "On" for these next steps. If you're not familiar with Pi-Hole, then I would definitely recommend leaving these selections on; it just makes life so much easier.
30. You can choose to enable or disable query logging. I find it useful to have logging enabled. It really helps when you're trying to work out why certain ads aren't being blocked. Especially if the ads are within apps rather than Web pages, making the source code difficult to inspect. Earlier when creating the container, I allocated 2GB of disk space because Pi-Hole likes around 1GB, leaving 1GB for log files. Again, make your own decision on this.
31. As this server is going to be for personal use, I'm going to set the logging level to "Show everything". If you have some privacy concerns, you can choose a different level at this point.
32. You'll now see the installer downloading any dependencies along with the actual Pi-Hole software from Github. It shouldn't take too long, around 30 seconds on my machine. Once completed, you'll be presented with an automatically generated password, make a note of this, if you dont intend to change it (in the next step). Assuming you chose to install the Web interface, you'll be told the URL of that too.
33. At this point, I like to change the admin password, issue the following command
pihole -a -p
34. You'll be prompted to enter the new password. thats it, your all set. next we will do some configuration of Pihole.