We are running three PiHole installations, which enable load balancing and high availability for our DNS services. We also use a Cloudflare encrypted tunnel to protect information in external DNS queries via the Internet.
Our PiHole instances are deployed on a combination of Docker host VMs in our Proxmox Cluster and a stand-alone Raspberry Pi Docker host.
Deploy PiHole with a Cloudflare Tunnel
Our software service stack for our dockerPiHole installs Pi includes the following applications:
- PiHole – Ad blocking DNS server
- Cloudflare Tunnel – For encrypted DNS lookups via the Internet
Our combined stack was created using information in the following video:
Deploy PiHole with Cloudflare Tunnel in Docker
Ubuntu Port 53 Fix
Unubtu VMs include a DNS caching server on port 53, which prevents Pihole from being deployed. To fix this, run the commands at this link on the host Ubuntu VM before installing the Pihole and Cloudflare Tunnel containers.
Scheduled Block List Updates
We must update our piHole block list by doing a Gravity pull. We do this daily via a cron job. This can be configured on the RPi host using the following commands –
# Edit the user crontab sudo crontab -u <user-id> -e # The following to the user crontab min hr * * * su ubuntu -c /usr/bin/docker exec pihole pihole -g | /usr/bin/mailx -s"RPi Docker - Gravity Pull" [email protected]