[Pihole-Unbound Daily Update]

Origamiofficial's Pihole-Unbound Community Applications Template

 

Welcome to the support page of the Origamiofficial's Pihole-Unbound Community Applications template. This template installs Pi-Hole & Unbound in the same docker container.  The repo aims for daily updates, so that your pihole & unbound versions always stay up to date.

 

Pi-hole includes a caching and forwarding DNS server, now known as FTLDNS. After applying the blocking lists, it forwards requests made by the clients to configured upstream DNS server(s). However, this leads to some privacy concerns as it ultimately raises questions about whom you trust with the all the dns lookup data from your household.

 

You have a few options of whom to trust:
 

1.  Your ISP

Pi-hole -> FTLDNS -> Your ISP -> Authoratative Server

Pros - Easy.  Works out of the box.  Just plugin and turn on your ISP provided setup.

Cons - Your ISP is collecting all your DNS searches, building a profile on you, and selling that data.

 

2. A third party DNS service (ie. Quad9, Cloudflare, Google, etc).

Pi-hole -> FTLDNS -> Cloudflare -> Authoratative Server

Pros - You're circumventing your ISP

Cons - You're still trusting a third party company, so choose carefully.

 

3. Run your own recursive DNS server, like Unbound! (.....Aka this container!)

Pi-hole -> FTLDNS -> Unbound -> Authoritative Server

Pros - You're circumventing your ISP.  You're not trusting a 3rd party.  You're self hosting Unbound.  If Unbound doesn't have the DNS record cached already, it'll go upstream directly to the Authoritative Server.  No intermediaries!

Cons - No Authoratative Servers support DOT/DOH yet.

 

I am happy to help to the best of my abilities, but I am only publishing this template to community apps to make it easy for other users.  See here for the official github page for the project and support documentation:

https://github.com/origamiofficial/docker-pihole-unbound

[[SUPPORT] - Community Applications - redbot]

Sorry for the trouble! The template already defaults to config = /mnt/user/appdata/redbot.  That should be your persistent data storage.  What else did you set? Thanks

[[SUPPORT] - Community Applications - pihole-unbound]

On 1/29/2024 at 9:44 AM, Jabberwocky said:

Thanks for the clarification!

Learned a lot in the last few days about Docker and how to run everything on unraid

I had Pihole & Unbound set up manually on a Raspberry before and never used Docker before.

 

Please correct me if i am worng but with Unbound being the upstream server, to which upstream DNS servers will it talk to? And how (DOT/DOH)?

https://unbound.docs.nlnetlabs.nl/en/latest/topics/privacy/dns-over-https.html#

 

So the DNS Request goes like this:

Your PC ---> Pihole ---> Unbound ---> ?

 

I checked your link to Github/Pihole but can i pass / check the configuration with environemnt variables to unbound, too?

 

 

Your PC ---> Pihole ---> Unbound ---> Authoritative DNS Server

 

There are no authoritative servers that support DOT/DOH yet, unfortunately.

 

I don't know how you would adjust unbound settings.  I'd check with the github page for the container.  I'm not sure why you'd want to though.  It's one of the perks of the container.  It automatically coordinates the pihole/unbound stack for you.  Pihole starts up automatically pointing at the unbound server and everything.... simply load your adlist of choice. 

[[SUPPORT] - Community Applications - pihole-unbound]

On 1/25/2024 at 9:21 AM, Jabberwocky said:

Just for a better understanding - there is currently no updated version of the Docker Container (as seen here (https://github.com/chriscrowe/docker-pihole-unbound/tree/main)) to get rid of the "Update available"-Message, correct?

 

And is there maybe a way to look into the unbound.conf to make some adjustements like DOH / DOT / Upstream Servers.. ?

Hi!  You are correct, you simply wait for the github repo to update, then restart the container.  The docker container will always pull the newest version on restart.  Right now, there is nothing to do except wait.

 

You should not be attempting to make changes in unbound.conf (I'm guessing you're reading a bunch of different guides...).  You should make changes by adding or updating environment variables to the docker container.  Check the github page for a list of common options:

https://github.com/pi-hole/docker-pi-hole/#environment-variables

 

I simply created the template to make it easy for the community to use pihole+unbound on Unraid.  I'm not affiliated with the github project, but I am happy to help when possible.

 

Upstream Servers are irrelevant.  Unbound is the upstream server, but locally hosted. Thats why it points at 127.x.x.x.  Eliminating reliance on a 3rd party like google/cloudflare/etc.

 

See here for relevant discussion on doh/dot/unbound:

 

this was a helpful dns primer:

https://threat.media/definition/what-is-an-authoritative-dns-server/
 

 

[[SUPPORT] - Community Applications - pihole-unbound]

On 1/22/2024 at 10:30 AM, Sic79 said:

Thanks for the Docker, but it seems like the Git is not updated so often

There is another project identical to this that is maintained regulary here: https://github.com/origamiofficial/docker-pihole-unbound

Maybe worth to take a look at instead?

I always understood that stars are good indicator of projects on github.  This one has 900+ stars and was updated inside of a month, so I figured it was widely adopted/well regarded.

[[SUPPORT] - Community Applications - pihole-unbound]

Pihole-Unbound Community Applications Template

 

Welcome to the support page of the Pihole-Unbound Community Applications template. This runs both Pi-Hole and Unbound in a single container.  The base image for the container is the official Pi-Hole container, with an extra build step added to install the Unbound resolver directly into to the container based on instructions provided directly by the Pi-Hole team.

 

Pi-hole includes a caching and forwarding DNS server, now known as FTLDNS. After applying the blocking lists, it forwards requests made by the clients to configured upstream DNS server(s). However, this leads to some privacy concerns as it ultimately raises questions about whom you trust with the all the dns lookup data from your household.    

 

You have a few options of whom to trust:
 

1.  Your ISP.  Unfortunately, they often monetize and sell this marketing data.

Example: Pi-hole -> FTLDNS -> Your ISP -> Authoratative Server

 

2. A third party DNS service (ie. Quad9, Cloudflare, Google, etc). 

Unblocked DNS requests from Pi-hole will hit FTLDNS then pass to third party DNS.  You're still trusting a third party company, so choose carefully.

Example: Pi-hole -> FTLDNS -> Cloudflare -> Authoratative Server

 

3. Run your own recursive DNS server, like Unbound!

This is what this template does.  Unblocked DNS requests from Pi-hole will hit Unbound then be made directly to the authoritative servers instead of routing through a third party dns services.  This way you & only you, maintain full control of your DNS data. 

Example: Pi-hole -> Unbound -> Authoritative Server

 

This template installs the one-container (new) version of the docker container described at the github for the project:

https://github.com/chriscrowe/docker-pihole-unbound/tree/main

[[SUPPORT] - Community Applications - redbot]

##----Temporary Location! I will relocate this post to Docker Container forum when new template is approved, and added to Community Apps----##

 

Red-DiscordBot V3 Community Applications Template

 

Welcome to the support page of the Red-DiscordBot V3 Community Applications template. This template installs the newest Red-DiscordBot in a convenient multi-arch container. Red is self hosted, fully modular, Discord bot – meaning all features and commands can be enabled/disabled to your liking, making it completely customizable.

 

The default set of modules includes and is not limited to:

• Moderation features (kick/ban/softban/hackban, mod-log, filter, chat cleanup)
• Trivia (lists are included and can be easily added)
• Music features (YouTube, SoundCloud, local files, playlists, queues)
• Stream alerts (Twitch, Youtube, Picarto)
• Bank (slot machine, user credits)
• Custom commands
• Imgur/gif search
• Admin automation (self-role assignment, cross-server announcements, mod-mail reports)
• Customisable command permissions
• Additionally, other cogs (plugins) can be easily found and added from our growing community of cog repositories.

GitHub Repositories

Cog-Creators Red DiscordBot: https://github.com/Cog-Creators/Red-DiscordBot

PhasecoreX's Docker Container: https://github.com/PhasecoreX/docker-red-discordbot
Docker Hub: https://hub.docker.com/r/jonasbonno/discordbot
Cog Repository: https://index.discord.red/

Example to launch a new Red Bot in your Discord, and load the Audio Cog so you can play music from youtube etc:

1. Create a new bot in the Discord Developer Portal: https://discord.com/developers/applications
2. Enable Administrator Permissions
3. Enable Privileged Gateway Intents
4. Create and Copy the Token for use in the Unraid Template
5. Install the Template using the new Bot Token
6. Invite the Bot to the server using the link generated and displayed in logs Example:
   1. I am assuming your chosen prefix = .
7. Load the Audio cog by sending a message to the bot on discord with: .load audio

 

Check here for a list of audio commands, and more details:
https://docs.discord.red/en/latest/cog_guides/audio.html#basic-audio-use

[X570 AORUS ELITE WIFI with AMD Ryzen 5 5600 - Hang at Idle]

Hello!  I have the Gigabyte X570 AORUS ELITE WIFI with Bios F38d and AMD Ryzen 5 5600 processor.  While doing a parity check for 15 hrs etc, there is no issue and the system is very responsive.  If the system is idling though it inevitably hangs.  It becomes non responsive via gui/ssh/etc.  I'm thinking it's an AMD bios thing...super frustrating.

 

Things I've tried:

SVM Mode -> Enable

IOMMU -> Enable

Global C States Disabled

Typical Idle Current

CSM Enabled & Legacy Boot

 

I have recorded a syslog, and attached it.  Any guidance would be incredible.  I've been struggling with this for wayyyyyy too long tbh.

 

Edit:

Made a few tweaks, and fired it back up.....  Will report back.

- I found an udpated bios.  Updated to F38e

- ACS Enable -> Enable

- Enable AER Cap -> Enable

 

syslog

[Slow NIC speeds]

Is it possible that it’s simply because I don’t have an SSD cache drive and I’m writing directly to the array? 

[Slow NIC speeds]

On 7/24/2020 at 8:00 AM, johnnie.black said:

Just wan slow or LAN transfers also? Did you run an iperf test?

Only the WAN is slow.  LAN is testing normally with iperf between unraid server and my hardwired laptop.  I added an Intel gigabit pci nic to rule out issues with the onboard realtek nic.  I also reran diagnostics and attached them after the new hardware was added.  Anything else I can try?

 

 

untux-diagnostics-20200728-2006.zip

 

Edit:

I tried to test iperf speed between my unraid box and a public iperf test server.  Results looked good- see below.  Then I thought maybe my usenet provider was the culprit, so I installed Transmission linuxserver container, and downloaded the latest Ubunutu release.  I clocked 25-27 MB/s.  Still far slower than 80+MB/s I was getting when running synology software on the same hardware, but a huge step in the right direction. Thoughts?

 

 

[Slow NIC speeds]

Can any insightful people offer an opinion, please? I moved forward and purchased an unraid license because I liked the software.  But still suffer with the slow speeds.

 

My motherboard has one pcie x1 slot.  I’m considering buying an Intel EXPI9301CTBLK Nic to drop in there.  That said, I don’t want to blindly buy a NIC, if that isn’t the real problem.   

[Slow NIC speeds]

I've attached the systems diagnostic zip as requested! Thanks

diagnostics-20200528-2248.zip

[Slow NIC speeds]

Specs:

Asrock Q1900-ITX with J1900 processor

Realtek RTL8111GR

16GB DDR3

1x12 TB parity

2x10TB + 1x12TB hd storage

No cache drive

Unraid 6.8.3

Gigabit Fiber ISP

 

I'm new to unraid, and have had a great experience so far except my NIC speeds are prohibitively slow.  NZBGet typically downloads ~ 10 MB/s.  I ran a speedtest with my docker service disabled to prevent overloading cpu/ram.  CPU was ~10% at idle, and tons of free ram:

 

I then plugged my old Thinkpad into the same lan cable, and repeated the speedtest:

 

Any idea how to fix this slow NIC speed?  I ran windows/linux/xpenology on this box in the past.  Most recent was xpenology, and it would download ~90MB/s on NZBGet.  Have never had any issues with the NIC being slow like this, which makes me think that maybe the driver support for my Realtek nic is possibly really terrible?

[Zoom Sucks: Riot Chat + Jitsi Video Conference Setup]

Fantastic guide! Thank you for your effort on this! One thing that caused me a lot of tripped me up

4. Under `listeners:` and `- port: 8008` change `bind_address: ['0.0.0.0']`

I didn't realize what you meant.  Ended up spinning my wheels for a few hours.  Just in case someone else runs into issues, your line should look like this:

 

   bind_addresses: ['0.0.0.0']

I didn't know the first part had to be removed, because you didn't explicitly say it.  I kept leaving it in there and only changing the second ip to 0.0.0.0.  Dumb.  I know   But just in case another idiot comes along