Setting up the Synology

First, find your synology:
http://find.synology.com
which will scan your local network for your NAS (this is pretty slick, the way it works, tbh).

Log in. Go to the app center.

The synology app center doesn’t have an app for Pi Hole. But it does have docker! The setup is pretty easy.

Next, we’ll setup the pi hole docker image.

Docker should give you a cool gui in unraid. Search, and install the pihole image as show in the video.

Now, we just need to configure it.

you can leave port 67 (dhcp) alone, but update DNS ports (53) to be 53, instead of auto.

Update the web ports (80, 443) to be something else, anything else, and make a note of it because that’s what you’ll use to update your nas.

Whitelisting Domains

You want to support Level1 and other content creators, right? If you feel like you can tolerate Google’s ad services, but want to keep the other stuff filtered, you can whitelist domains.

There is a great thread about whitelisting here:

– Simply run the terminal from the Pi Hole page in the Docker gui on synology, and run the commands indicated for what you want to whitelist. It’s that easy!

Interesting use for Synology, I always support that box of junk with a great OS

That said I have one at serverhousing company - such a great value over time and this might be great for mobile since I already use it for VPN and cloud.

Copy from my Patreon comment:

Did exactly that setup at home a few weeks back. Would not recommend doing it this way.
There are some common synology apps that will take up those ports and you will not even be able to start your pi-hole container. Pi-hole devs say it is recommended to keep port 80 available and synology DHCP server is taking up both port 53 and 67 even if you only run DHCP service without DNS.
The alternative is slightly more involved but well worth it. Try a cusom compose file with its own ip address on the network. Way easier to manage. Check this reddit post:

This is a good comment for edge cases. I had started to do it where your pi hole gets it’s own ip, which solves a lot of these issues, but was unhappy with how complex the vid turned out. So this is a good plan b if you are using your Synology as a DHCP server.

I just replaced my bind docker service with this, and am quite pleased.
I never really used bind as any more than a query caching service, and pihole has a fantastic little gui for the logs.

Heck, they even have in the GUI a way to add custom entries instead of having to directly add things to dnsmasq! I don’t even lose functionality with this.

That’s fair. Even the writeup could use a bit more commentary.
My sticking point is that it doesn’t interfere with otherwise simple to setup services that Synology app store provides.

Thought it was a good video. Having both a Synology and running pi-hole on a raspberry pi would be good to repurposed the pi for other things. It was dead simple to get running and transfer all the rules over.

Can we talk lists for a moment?
Did the piHole change to regex or something similar?
I cant see the lists and dns config in the video, what is it filtering for and what dns is the pihole requesting, 853 cloudflare?

I configured the piHole lists on my pfsense dnsbl 2 years ago but it’s not yet capable of doing regex url’s. I think that’s the reason why I still have ads in certain apps (Twitter). Is that correct?

Here is a screen shot of the default block lists

screen997×453 45.7 KB

Here are the urls in that screenshot.
https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
https://mirror1.malwaredomains.com/files/justdomains
https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt

I do not think the raw lists do regex, but I am not sure if it blocks all subdomains.
But interestingly, the project does seem to support wildcards and regex for manually added domains.

So unchanged, yes they don’t do regex yet. Thank you for this information. Yes, regex is very powerful and capable next-gen blocking.

I also use the AdAway lists for years, at least the main list is very precise with no false positives https://github.com/AdAway/AdAway/wiki/HostsSources with main list https://adaway.org/hosts.txt

Can one run a pihole docker container locally? Or would it make sense just o manage a hosts file?

Like, on ones main machine, as an inefficient dns lookup?

(speaking about using a linux system) If you want to host PiHole locally, you will need to disable the local lookup service. It might be systemd-resolved or dnsmasq; the problem is both services will try to use the same port 53 for DNS, so you need to disable them. But yes, totally possible. Docker will let you know if something has already reserved the port when you try to start the container.

Just a hosts file though? That is an idea… Maybe a weekly cron job to just download one of the block lists to /etc/hosts? I have no clue about the lookup speed with this method.

That’s what Spybot on Windows used to do. Probably still does.

I prefer to free up the resourses of my devices by putting Pi-hole on a separate box. This way phones in my household get some help blocking ads and pc browser ad blockers have to filter a lot less, which should be better resource wise.

Not having much luck with this. Mainly, I can’t seem to change the password for it. I tried opening the terminal and doing a sudo pihole -a -p but it doesn’t look like it really accepts commands. I can get to the web page fine, but I can’t make any changes to it through the built-in terminal in the docker. Not a linux or docker wizard. This was actually going to be my fist bit of playing with docker on my synology. I’m not sure exactly what I’m doing wrong. Got it running on a Pi 3 sometime ago without issues.

I set this up in a docker a little while ago after some uneducated users on my network downloaded some malicious software to there computer from after clicking on an ad. This software is supper useful and I would highly recommend checking it out if you haven’t yet. Particularly if you share a network with people who like to click on things they shouldn’t.

I have my pihole running in a VM on my QNAP NAS and I find that works with its own dedicated Ethernet port. One thing I am curious about is which blocklists you use which unless I wasnt paying enough attention you didn’t mention specfically.

EDIT: FYI for anyone wanting DNS over HTTPS this guide is handy. It uses Cloudflare though.
https://docs.pi-hole.net/guides/dns-over-https/

Hey
I am a bit new to all this networking stuff. I find it interesting but due to limitations i am always left to just watch the YouTube videos and wonder. On a serious note i was wondering if i were to setup docker on my windows laptop and setup pi hole in a container and configure my dns settings (of the host machine) to point to it will it work. I ask this because at some point pi-hole will need to communicate to the internet and if the host machine dns will cause network issues or not. I have to do this because i just have one laptop and usually i am on the go (like over mobile data) so it is not possible to have a dedicated device just for that.

i did something similar with my PC at work. never had an issue.

How much difference will switches make on dns latency? I’m running my pihole on a PoE powered RPi 4, but it has to go through two extra gigabit switches to get there compared to hosting it as an lxc/docker on my server.

Should be near 1ms-3ms or less.