TeddyTux Posted January 20 Share Posted January 20 (edited) Pihole-Unbound Community Applications Template Welcome to the support page of the Pihole-Unbound Community Applications template. This runs both Pi-Hole and Unbound in a single container. The base image for the container is the official Pi-Hole container, with an extra build step added to install the Unbound resolver directly into to the container based on instructions provided directly by the Pi-Hole team. Pi-hole includes a caching and forwarding DNS server, now known as FTLDNS. After applying the blocking lists, it forwards requests made by the clients to configured upstream DNS server(s). However, this leads to some privacy concerns as it ultimately raises questions about whom you trust with the all the dns lookup data from your household. You have a few options of whom to trust: 1. Your ISP. Unfortunately, they often monetize and sell this marketing data. Example: Pi-hole -> FTLDNS -> Your ISP -> Authoratative Server 2. A third party DNS service (ie. Quad9, Cloudflare, Google, etc). Unblocked DNS requests from Pi-hole will hit FTLDNS then pass to third party DNS. You're still trusting a third party company, so choose carefully. Example: Pi-hole -> FTLDNS -> Cloudflare -> Authoratative Server 3. Run your own recursive DNS server, like Unbound! This is what this template does. Unblocked DNS requests from Pi-hole will hit Unbound then be made directly to the authoritative servers instead of routing through a third party dns services. This way you & only you, maintain full control of your DNS data. Example: Pi-hole -> Unbound -> Authoritative Server This template installs the one-container (new) version of the docker container described at the github for the project: https://github.com/chriscrowe/docker-pihole-unbound/tree/main Edited January 22 by TeddyTux 1 1 Quote Link to comment
Wimpie Posted January 22 Share Posted January 22 Thanks for the template. It installed ok on my server (got it's own IP). Now looking to configure it. 1 Quote Link to comment
Sic79 Posted January 22 Share Posted January 22 Thanks for the Docker, but it seems like the Git is not updated so often There is another project identical to this that is maintained regulary here: https://github.com/origamiofficial/docker-pihole-unbound Maybe worth to take a look at instead? Quote Link to comment
Jabberwocky Posted January 24 Share Posted January 24 (edited) Installed fine on my new system but was wondering: where can i take a look at my unbound.conf? Could not find it in /mnt/user/appdata/pihole-unbound and its subfolders i have a notification on the pihole interface about an available update (see screenshot). Usually i would just go for an "pihole -up" but as i understood, that's not the way with Docker. How can i install the update instead? My apology for asking for seemingly obvious things - i am srsly new to Docker and Unraid. Any help is highly appreciated! @Sic79 I am happy to try the other one but unfortunatelly i failed at the installation. Can you maybe point me to some beginner-friendly tutorial how to install it? Edited January 24 by Jabberwoocky Quote Link to comment
TeddyTux Posted January 25 Author Share Posted January 25 (edited) On 1/22/2024 at 10:30 AM, Sic79 said: Thanks for the Docker, but it seems like the Git is not updated so often There is another project identical to this that is maintained regulary here: https://github.com/origamiofficial/docker-pihole-unbound Maybe worth to take a look at instead? I always understood that stars are good indicator of projects on github. This one has 900+ stars and was updated inside of a month, so I figured it was widely adopted/well regarded. Edited January 25 by TeddyTux Quote Link to comment
Jabberwocky Posted January 25 Share Posted January 25 Just for a better understanding - there is currently no updated version of the Docker Container (as seen here (https://github.com/chriscrowe/docker-pihole-unbound/tree/main)) to get rid of the "Update available"-Message, correct? And is there maybe a way to look into the unbound.conf to make some adjustements like DOH / DOT / Upstream Servers.. ? Quote Link to comment
TeddyTux Posted January 27 Author Share Posted January 27 (edited) On 1/25/2024 at 9:21 AM, Jabberwocky said: Just for a better understanding - there is currently no updated version of the Docker Container (as seen here (https://github.com/chriscrowe/docker-pihole-unbound/tree/main)) to get rid of the "Update available"-Message, correct? And is there maybe a way to look into the unbound.conf to make some adjustements like DOH / DOT / Upstream Servers.. ? Hi! You are correct, you simply wait for the github repo to update, then restart the container. The docker container will always pull the newest version on restart. Right now, there is nothing to do except wait. You should not be attempting to make changes in unbound.conf (I'm guessing you're reading a bunch of different guides...). You should make changes by adding or updating environment variables to the docker container. Check the github page for a list of common options: https://github.com/pi-hole/docker-pi-hole/#environment-variables I simply created the template to make it easy for the community to use pihole+unbound on Unraid. I'm not affiliated with the github project, but I am happy to help when possible. Upstream Servers are irrelevant. Unbound is the upstream server, but locally hosted. Thats why it points at 127.x.x.x. Eliminating reliance on a 3rd party like google/cloudflare/etc. See here for relevant discussion on doh/dot/unbound: this was a helpful dns primer: https://threat.media/definition/what-is-an-authoritative-dns-server/ Edited January 28 by TeddyTux Quote Link to comment
Jabberwocky Posted January 29 Share Posted January 29 Thanks for the clarification! Learned a lot in the last few days about Docker and how to run everything on unraid I had Pihole & Unbound set up manually on a Raspberry before and never used Docker before. Please correct me if i am worng but with Unbound being the upstream server, to which upstream DNS servers will it talk to? And how (DOT/DOH)? https://unbound.docs.nlnetlabs.nl/en/latest/topics/privacy/dns-over-https.html# So the DNS Request goes like this: Your PC ---> Pihole ---> Unbound ---> ? I checked your link to Github/Pihole but can i pass / check the configuration with environemnt variables to unbound, too? Quote Link to comment
TeddyTux Posted February 1 Author Share Posted February 1 On 1/29/2024 at 9:44 AM, Jabberwocky said: Thanks for the clarification! Learned a lot in the last few days about Docker and how to run everything on unraid I had Pihole & Unbound set up manually on a Raspberry before and never used Docker before. Please correct me if i am worng but with Unbound being the upstream server, to which upstream DNS servers will it talk to? And how (DOT/DOH)? https://unbound.docs.nlnetlabs.nl/en/latest/topics/privacy/dns-over-https.html# So the DNS Request goes like this: Your PC ---> Pihole ---> Unbound ---> ? I checked your link to Github/Pihole but can i pass / check the configuration with environemnt variables to unbound, too? Your PC ---> Pihole ---> Unbound ---> Authoritative DNS Server There are no authoritative servers that support DOT/DOH yet, unfortunately. I don't know how you would adjust unbound settings. I'd check with the github page for the container. I'm not sure why you'd want to though. It's one of the perks of the container. It automatically coordinates the pihole/unbound stack for you. Pihole starts up automatically pointing at the unbound server and everything.... simply load your adlist of choice. Quote Link to comment
Jabberwocky Posted February 8 Share Posted February 8 I agree with having an easy installation and setup with just adding one container but, no offence, especially when it comes to data privacy & security (why else would you add Unbound to PiHole?), i prefer to have some more details about the internal configuration. I'll take a look at running pihole & unbound in separate containers to have some more controll over it Quote Link to comment
granite Posted February 22 Share Posted February 22 Just tried to install this, however it errored out. I assume it's a syntax issue with the template? docker: invalid spec: :REV_SERVER_TARGET:rw: empty section between colons. See 'docker run --help'. The command failed. Quote Link to comment
JonathanM Posted February 22 Share Posted February 22 Install the docker patch plugin in apps. 1 Quote Link to comment
granite Posted February 22 Share Posted February 22 8 hours ago, JonathanM said: Install the docker patch plugin in apps. Thanks, that worked. Sorry, I'm new here. Quote Link to comment
TekWarren Posted March 14 Share Posted March 14 Super noob to pihole and unbound but sounded like using the double wammy was the way to go. I'm figuring out pihole but not sure how to really tell if unbound is "working"? When I'm looking at the query log and it shows "answered by 172.0.0.11 #53" does that mean unbound had to go look for that record? 1 Quote Link to comment
TekWarren Posted March 14 Share Posted March 14 I am also getting this error on the settings page: There was a problem applying your settings. Debugging information: PHP error (2): fopen(/etc/pihole/dns-servers.conf): failed to open stream: No such file or directory in /var/www/html/admin/scripts/pi-hole/php/savesettings.php:110 Quote Link to comment
ephdisk Posted March 19 Share Posted March 19 (edited) On 2/22/2024 at 5:00 PM, granite said: Just tried to install this, however it errored out. I assume it's a syntax issue with the template? docker: invalid spec: :REV_SERVER_TARGET:rw: empty section between colons. See 'docker run --help'. The command failed. The template line for REV_SERVER_TARGET is incorrectly set as a Path instead of Variable. I created a REV_SERVER_TARGET variable line and deleted the original path entry. That got rid of my errors and also helped it start faster. Aside from that Unbound fails to start intermittently and the container stops responding to DNS unless you restart it a few times. As much as I love this idea, I had to revert back to the official. I will be keeping tabs on this though. Please keep up the great work. Edited March 19 by ephdisk Quote Link to comment
fmorgan101 Posted April 5 Share Posted April 5 On 2/22/2024 at 4:05 PM, JonathanM said: Install the docker patch plugin in apps. Whats the name of the plugin? Quote Link to comment
JorgeB Posted April 6 Share Posted April 6 12 hours ago, fmorgan101 said: Whats the name of the plugin? Update to latest release and the plugin is no longer necessary. Quote Link to comment
Spiritvs Posted April 23 Share Posted April 23 3 weeks and still no docker update to the latest version????? Quote Link to comment
drmetro Posted May 7 Share Posted May 7 How to know if unbound is working? Any unbound logs ? Quote Link to comment
Stanley Posted May 15 Share Posted May 15 If your DNS is set to CUSTOM1 127.0.0.1#5335 in the settings, and pihole is working, then unbound is working. I think there's a way to enable logging in unbound, but I've never bothered since it's never given me any issues. I've been testing this docker container and it's been running fine. The updates seem a bit sporadic, but I haven't had any issues. Quote Link to comment
marklevark Posted July 24 Share Posted July 24 I'm having the exact same issue as this person: https://www.reddit.com/r/pihole/comments/199hsd8/cant_access_nginx_proxy_hosts_with_unbound_as_dns/ Their solution was in editing the unbound conf file. Is there any way to do that? Specifically adding in a "private-domain: mydomain.com" line. Can that happen with env variables? I'm dumb. Help! Quote Link to comment
mraudi Posted August 6 Share Posted August 6 (edited) My router won't accept 127.0.0.1#5335 because it says invalid IP address. I really don't know what to do now? Edit: So the dumbass me was suppoed to use my unraid IP BUT even after doing that, I still can't it to work. I tried it on my windows pc and router dns page as well. Edited August 6 by mraudi Quote Link to comment
eagleswings Posted September 6 Share Posted September 6 how do you configure this to support multi-network (VLAN)? I have another pihole on my QNAP NAS it supports multi-network by selecting "Respond only on interface eth0" on Settings - DNS - Interface Settings. But doing the same settings here in pihole-unbound doesn't do the trick, only 1 network can get out of the internet which is my default VLAN where my pihole-unbound is sitting and the rest of my vlan cannot get out of the internet... well, other vlans can get out but not resolving the domain names only IP address. Thanks in advance. Quote Link to comment
eagleswings Posted September 7 Share Posted September 7 On 9/6/2024 at 11:50 AM, eagleswings said: how do you configure this to support multi-network (VLAN)? I have another pihole on my QNAP NAS it supports multi-network by selecting "Respond only on interface eth0" on Settings - DNS - Interface Settings. But doing the same settings here in pihole-unbound doesn't do the trick, only 1 network can get out of the internet which is my default VLAN where my pihole-unbound is sitting and the rest of my vlan cannot get out of the internet... well, other vlans can get out but not resolving the domain names only IP address. Thanks in advance. Ok, I figured out what was the issue. I have firewall and forgot to add the new pihole ip address. So I added in the new pihole IP address in the policy but still the other vlans could not resolve the domain names if I only have the unbound as upstream DNS server. Other vlans can only browse the internet if I tick any of the public DNS - Cloudflare, Google, etc. Looks like the unbound only serves the eth0 network. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.