Selfhosted

44284 readers

815 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago

MODERATORS

[email protected]

How do you host your DNS sinkhole/resolver? (self.selfhosted)

submitted 3 days ago* (last edited 2 days ago) by ohshit604 to c/[email protected]

53 comments fedilink hide all child comments

Currently have nice long docker compose file that hosts my PiHole V6 container (along with a bunch of other containers) however, reason i ask this question is because whenever I go to pull an updated image and recreate the container I experience about 20 minutes of no DNS resolution which to my knowledge is due to the NTP clock being out of sync.

What’s the best way to host a DNS sinkhole/resolver that can mitigate this issue?

Was thinking of utilizing Proxmox & LXC but I suspect I’ll get the same experience.

~~Update: Turns out PiHole doesn’t support two instances, I got both of them on separate devices also set the 2nd DNS server in my routers WAN & LAN DNS settings which did in fact split DNS between both instances however, I lost access to my routers web-ui, my Traefik instance & reverse proxies died and I lost all internet access.~~

~~So, don’t do what I did.~~

Update 2: So everything I said in my first update let’s disregard that, turns out I had my router forcing all DNS to PiHole server 1 which caused my issues mentioned above.

Two servers appears to work!

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 2 points 1 day ago* (last edited 1 day ago) (1 children)

How do you host your DNS sinkhole/resolver?

Like this, baby:

services.adguardhome = {
      enable = true;
      mutableSettings = false;
      openFirewall = true;
      settings = {
        dns = {
          # Web Interface
          bootstrap_dns = ["9.9.9.9" "149.112.112.112"];
          upstream_dns = ["https://dns.quad9.net/dns-query"];
          fallback_dns = ["tls://dns.quad9.net"];
        };
        filters = [
          {
            name = "AdGuard DNS filter";
            url = "https://adguardteam.github.io/HostlistsRegistry/assets/filter_1.txt";
            enabled = true;
          }
        ];
        filtering = {
          blocked_services = {
            ids = [
            ];
          };
          protection_enabled = true;
          filtering_enabled = true;
          rewrites = [
          ];
        };

Deploy to the main home server, and the backup instance. NixOS is fucking awesome. No sync tool needed.

[–] [email protected] 0 points 1 day ago (2 children)

How do I use nixos for docker? I've tried before but what I want is to be able to pull docker compose from a git and deploy it. I haven't been able to find an easy way to do that on docker

[–] [email protected] 2 points 18 hours ago

If you have the docker-compose.yml locally, you can nix run github:aksiksi/compose2nix to translate it into a nix file for inclusion in your nixos system config. I think that could be done in the config itself with a git url but I'm not that great at nix. You will surely still need some manual config to e.g. set environment variables for paths and secrets.

[–] [email protected] 2 points 1 day ago

Most of the time you don't need docker. NixOS isolates runtimes.

That being said, you could use nix to build the docker container, and then run it using the built-in oci-container options.