2022-08-05 11:07:59 -04:00
|
|
|
This is Pi-hole.
|
|
|
|
It blocks advertisements and internet trackers by providing a DNS sinkhole.
|
|
|
|
|
|
|
|
The package will create a new standalone qube, sys-pihole.
|
|
|
|
It is a drop in replacement for sys-firewall.
|
|
|
|
Sys-pihole is attached to sys-net.
|
|
|
|
If you have sys-firewall as the default netvm, this will be changed to sys-pihole.
|
|
|
|
sys-firewall will *not* be removed, so you can still use it for some qubes if you want.
|
|
|
|
To use sys-pihole simply change the netvm.
|
|
|
|
If you want to change all your qubes from sys-firewall to sys-pihole, a script is provided:
|
|
|
|
Run `sudo /srv/salt/pihole/change_netvm.sh` .
|
|
|
|
|
|
|
|
If you want to use Tor, then you should reconfigure your system like this:
|
|
|
|
qubes -> sys-pihole -> Tor-gateway -> sys-firewall -> sys-net
|
|
|
|
|
|
|
|
You can clone sys-pihole, and use each in different places:
|
|
|
|
qubes -> sys-pihole -> sys-net
|
|
|
|
qubes -> sys-pihole -> Tor-gateway -> sys-firewall -> sys-net
|
|
|
|
You will have to adjust the network settings for eth0 in the clone.
|
|
|
|
|
|
|
|
Pi-hole will be installed with these default settings:
|
|
|
|
The DNS provider is Quad9 (filtered, DNSSEC)
|
|
|
|
StevenBlack's Unified Hosts List is included
|
|
|
|
The web interface is availble at http://localhost
|
|
|
|
Query logging is enabled to show everything.
|
|
|
|
|
|
|
|
You can change these settings by logging in to the admin interface at http://localhost.
|
|
|
|
The default Admin Webpage login password is UpSNQsy4
|
|
|
|
You should change this on first use, by running:
|
|
|
|
`pihole -a -p`
|
|
|
|
|
|
|
|
|
2022-08-05 11:23:21 -04:00
|
|
|
The implementation is based on work by Patrizio Tufarolo,
|
|
|
|
(https://blog.tufarolo.eu/how-to-configure-pihole-in-qubesos-proxyvm/ ),
|
|
|
|
and updated for Qubes 4.1
|
|
|
|
|
2022-08-05 11:07:59 -04:00
|
|
|
for i in `qvm-ls -O NAME,NETVM | awk '/ sys-firewall/{ print $1 }'`; do qvm-prefs $i netvm sys-pihole; done
|
|
|
|
if [[ $(qubes-prefs default_netvm sys-firewall |grep sys-firewall ) ]]; then qubes-prefs default_netvm sys-pihole; fi
|
|
|
|
|