This is meant to be a quick tutorial for utilizing Docker and using Pi-Hole as an example install. This can run on your desktop as your own personal DNS resolver to block ads!
I was disappointed to find that the latest version of Docker does not work on Windows 10 Home edition as Home does not support virtualization. To work around this, we’ll use the legacy Docker Toolbox which uses VirtualBox to get us access to the Linux side of Docker without the Windows Native functionality. If you have Pro, you can skip this and go to the newest version of Docker.
https://docs.docker.com/toolbox/toolbox_install_windows/
Run the Docker Quickstart Icon and let the app do its work
You’ll know you’re done when you’re greeted with the Docker Shipping Container Whale.
Now I wanted to be able to access this container from the network, so I added some needlessly complex steps, if you want to this only on your desktop, you can skip this part and hardcode in the IP circled in the previous step.
- Step 1: Open the VirtualBox shortcut
- Step 2: Stop the “default” machine and click “Settings”
- Step 3: Go to “Network”
- Step 4: Click the “Adapter 3” tab
- Step 5: Add a “Bridge Network” with your adapter, in Advanced select Adapter Type: Intel Pro/1000 MT Desktop
We’ll be following this guide loosely, for reference; but I’ve included the necessary steps below: https://hub.docker.com/r/pihole/pihole/
First lets grab the image, this is ~175MB in size and will be cached. If you want to upgrade, just kill the container, run this command again, and start!
In the console opened by Docker Quickstart Tutorial, type docker pull pihole/pihole
$ docker pull pihole/pihole Using default tag: latest latest: Pulling from pihole/pihole f17d81b4b692: Pull complete f173a7e32ba0: Pull complete 789a21c8d73f: Pull complete 18b9c4527d4c: Pull complete fb59b1419096: Pull complete 1579ff407b87: Pull complete a177c6f65516: Pull complete 5e9feae54ea7: Pull complete Digest: sha256:1f0e73d50ef5d824f24f90ccf71a4039ecd23aa18d9b6a329f2e6f78d407e859 Status: Downloaded newer image for pihole/pihole:latest
My docker_run.sh is slightly modified and shown below and works for this Windows 10 Home version. I’ve saved this run script in the place I want to store my persistent configurations: C:/docker/pihole/docker_run.sh
(The original linux based run script) https://raw.githubusercontent.com/pi-hole/docker-pi-hole/master/docker_run.sh
#!/bin/bash IP=$(docker-machine ssh default ifconfig eth2 | grep 'inet addr' | cut -d: -f2 | awk '{print $1}') DOCKER_CONFIGS="$(pwd)" docker run -d \ --name pihole \ -p 53:53/tcp -p 53:53/udp \ -p 67:67/udp \ -p 80:80 \ -p 443:443 \ -v "${DOCKER_CONFIGS}/pihole/:/etc/pihole/" \ -v "${DOCKER_CONFIGS}/dnsmasq.d/:/etc/dnsmasq.d/" \ -e ServerIP="${IP}" \ --restart=unless-stopped \ --cap-add=NET_ADMIN \ --dns=127.0.0.1 --dns=1.1.1.1 \ pihole/pihole:latest echo -n "Your password for http://${IP}/admin/ is " docker logs pihole 2> /dev/null | grep 'password:'
If it works, you should see the below output:
$ ./docker_run.sh WARNING: Localhost DNS setting (--dns=127.0.0.1) may fail in containers. 214196c10827827e0e63320c73cd818b6e5818ccc9a275089565f22881430396 Your password for http://(DHCP PROVIDED IP)/admin/ is Assigning random password: (RANDOM GENERATED PASSWORD)
Congrats, your server is up! You should be able to open a browser and go to the link shown.
Now to configure Pi-Hole to do something interesting:
Log in
Update the Gravity files:
Change your DNS server to the PI-Hole address on your computer:
Use a site like this https://pi-hole.net/pages-to-test-ad-blocking-performance/ to test the DNS blocker:
Check out your statistics!
Congratulations, you have a perfectly functioning prototype to test DNS level ad blockers. I have mine configured in my DNS servers to force all clients to use my DNS blocker. You couldn’t imagine what it’s like not having ads in Words With Friends (mobile app) or popping up on my consoles or wherever else DNS is used to grab advertisements.