this post was submitted on 01 Feb 2024
15 points (77.8% liked)

Selfhosted

40296 readers
296 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

-all *arr apps in docker containers using docker compose -tailscale has friendly tailnet name -...magicdns enabled -...global nameservers have mullvad public dns in them

not very confident here, can I just follow this guide (link: https://tailscale.com/kb/1114/pi-hole/) and it works or do I need to change some settings? I notice it tells me to add a custom DNS but mullvad is already in there? how does it know which to use or in which order?

all 9 comments
sorted by: hot top controversial new old
[–] [email protected] 3 points 9 months ago (1 children)

Setup pihole in a docker container.

Or use this as an “excuse” to buy another Pi. ;-)

[–] funkless_eck 1 points 9 months ago (1 children)

wouldn't the second pi have to be linked to the first?

[–] [email protected] 2 points 9 months ago* (last edited 9 months ago)
[–] [email protected] 3 points 9 months ago* (last edited 9 months ago)

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:

Fewer Letters More Letters
DNS Domain Name Service/System
HTTP Hypertext Transfer Protocol, the Web
HTTPS HTTP over SSL
IP Internet Protocol
SSL Secure Sockets Layer, for transparent encryption
TLS Transport Layer Security, supersedes SSL
VPN Virtual Private Network

4 acronyms in this thread; the most compressed thread commented on today has 7 acronyms.

[Thread #475 for this sub, first seen 2nd Feb 2024, 13:25] [FAQ] [Full list] [Contact] [Source code]

[–] [email protected] 2 points 9 months ago* (last edited 9 months ago) (1 children)

I would install AdGuard as docker container and set the IP with which this Container is reachable as Nameserver (DNS) in tailscail

You can most likely leave the DNS server of mullvad as second priority so you have a backup if your AdGuard container is not reachable

But im just a noob with a sysadmin friend, lol

[–] [email protected] 3 points 9 months ago* (last edited 9 months ago) (1 children)

You can most likely leave the DNS server of mullvad as second priority so you have a backup if your AdGuard container is not reachable

That's not really how DNS works. If you have two DNS servers configured, the OS will usually do either one of two things:

  1. Balance the requests between them; or
  2. Send the request to both servers and use the one that replied faster

If you mix Mullvad and AdGuardHome DNS servers, you'll very likely end up with a mix of both being used. The DNS servers configured on your clients should either be all AdGuardHome or all Mullvad so that you don't confuse yourself ("why are some ads blocked but not others??") :)

If you want to continue using Mullvad's DNS servers, that's fine, but you'd set them as upstream servers in AdGuardHome, and then configure all devices to use the AdGuardHome DNS. Ideally use their DNS servers using DNS-over-HTTPS or DNS-over-TLS: https://mullvad.net/en/help/dns-over-https-and-dns-over-tls

[–] [email protected] 1 points 9 months ago* (last edited 9 months ago) (1 children)

😮really, that would be really not intuitive design, have to check this on my OpnSense, in that case

But generally, ads are always blocked, tho.

Edit: See pic for how tailscale describes it:

I understand it so, that your DHCP (your tailscale and for me OpnSense) will give the complete DNS list to devices, and those decide how to handle DNS lookups and may prefer mullvard prior AdGuard and thus will show ads. If that happen, you have to disable mulvards DNS server by removing it from the list.

[–] [email protected] 2 points 9 months ago

You got it. :)

I'd recommend running two AdGuard Home servers on two different devices, and keeping them in sync with AdGuardHome-Sync. That's useful because if you ever have to reboot one of them, the internet won't break.