Currently have nice long docker compose file that hosts my PiHole V6 container (along with a bunch of other containers) however, reason i ask this question is because whenever I go to pull an updated image and recreate the container I experience about 20 minutes of no DNS resolution which to my knowledge is due to the NTP clock being out of sync.
What’s the best way to host a DNS sinkhole/resolver that can mitigate this issue?
Was thinking of utilizing Proxmox & LXC but I suspect I’ll get the same experience.
Update: Turns out PiHole doesn’t support two instances, I got both of them on separate devices also set the 2nd DNS server in my routers WAN & LAN DNS settings which did in fact split DNS between both instances however, I lost access to my routers web-ui, my Traefik instance & reverse proxies died and I lost all internet access.
So, don’t do what I did.
Update 2: So everything I said in my first update let’s disregard that, turns out I had my router forcing all DNS to PiHole server 1 which caused my issues mentioned above.
Two servers appears to work!
You must log in or register to comment.
How do you host your DNS sinkhole/resolver?
Like this, baby:
services.adguardhome = { enable = true; mutableSettings = false; openFirewall = true; settings = { dns = { # Web Interface bootstrap_dns = ["9.9.9.9" "149.112.112.112"]; upstream_dns = ["https://dns.quad9.net/dns-query"]; fallback_dns = ["tls://dns.quad9.net"]; }; filters = [ { name = "AdGuard DNS filter"; url = "https://adguardteam.github.io/HostlistsRegistry/assets/filter_1.txt"; enabled = true; } ]; filtering = { blocked_services = { ids = [ ]; }; protection_enabled = true; filtering_enabled = true; rewrites = [ ]; };Deploy to the main home server, and the backup instance. NixOS is fucking awesome. No sync tool needed.
How do I use nixos for docker? I’ve tried before but what I want is to be able to pull docker compose from a git and deploy it. I haven’t been able to find an easy way to do that on docker
Most of the time you don’t need docker. NixOS isolates runtimes.
That being said, you could use nix to build the docker container, and then run it using the built-in oci-container options.
If you have the
docker-compose.ymllocally, you cannix run github:aksiksi/compose2nixto translate it into a nix file for inclusion in your nixos system config. I think that could be done in the config itself with a git url but I’m not that great at nix. You will surely still need some manual config to e.g. set environment variables for paths and secrets.
If you run a single DNS server, you will always have downtime when it’s restarted.
The only way to mitigate that, is to run 2 DNS servers.
I setup my network to use pihole as the first DNS and the router as the second, most of the time pihole is used. Unless it’s down
Why wouldn’t you just use DNS on your router
Router may not have a function you want.
Instead of paying for a raspberry Pi you could just get a OpenWRT device. You can get the router equivalent of a rust bucket since chances are you are not using the Wireless portion anyway.
Sure, OpenWRT is good and there’s an Adguard Home plugin for it. You don’t need to buy any hardware to use Pihole though, many people run it in a container on an existing machine. So it comes down to the functionality you need or want and the software you prefer, right?
I’m looking into Technitium, which doesn’t get a ton of attention here. It looks to be much more feature packed than PiHole (DNS over HTTPS, for example), and similar to AdGuard Home.
Man, I was excited about Technitium, but I’ve had a hell of a time trying to get it to work. I’m not sure if it’s intended to be on a DMZ in order to get TLS working or something, but I’ve not been able to get it to acknowledge a single DNS request, even when I think I’ve shut down DNSSec entirely.
