Hey guys, I recently bought an orange pi zero 2 and, as the title suggests, I want to put an ad blocker on it. Those are the options. I also will put openvpn for external connection to my network.
Does anyone have experience with them? What would you suggest?
Heey iam using pihole for a few years now i realy like that it works good with no problems so far. Even have unbound pared wirh it and for tunneling home i use wireguard never tried adguard or blocky
No the one you asked, but I’m running pihole on a lenovo M93 (fedora server) with 8Gb of ram. No kill like overkill, I guess.
The only time any of the cpu cores pops above 1% is when I’m updating the config, and at the moment it is hovering at 293 MB of RAM used according to the free command.
I’ve read about unbound but not knowledgeable enough to understand what it does. Could you king of eli5 it to me? Also, is wireguard better than openvpn?
Started on PiHole a long time ago, went to AdGuardhome, then have moved over to Technitium DNS (https://technitium.com/dns/). That might be another option to investigate, it allows Ad blocking as well as a lot more than AdGuardhome and Pihole.
I also started on pihole, but switched to Blocky because Blocky is way more DevOps friendly (I run this stuff on microk8s on a Pi cluster).
Then I just ditched it altogether and now use NextDNS. Well worth paying the small fee for. But you obviously don’t get the same DIY satisfaction out of it.
Tbh I just run pihole as a background service on my PC since I can’t easily access router to change DNS for the whole network anyway. It never seemed that much work, what devops issues were you running into with it and Blocky to justify paying a service for it?
My main issue with PiHole was that the container wouldn’t work on later versions of Ubuntu for some reason (if I remember correctly, anything later than 18.04). I never did figure it out. The other reason was since I was running it in Kubernetes, the whole point is to have multiple replicas running for redundancy, but PiHole’s UI is coupled with its backend DNS service so if you have 3 PiHole instances running, you had 3 GUI instances as well. You could load balance the DNS requests (I used MetalLB), but visiting the UI was pointless.
Also, the config was very scripty and not really container friendly - I mean it worked but it wasn’t designed as a cloud native application. No fault of its own but it didn’t really suit the way I like to do things.
Enter Blocky, which doesn’t have a UI and has a very simple YAML config that is easily mounted to a container. It scaled much easier, used way less resources and was just simpler to manage. It was really exactly what I was looking for.
However, ultimately running the DNS service for my house out of a Pi cluster wasn’t really my best idea. It has to work 100% of the time, and I would have frequent outages. We are a family of 5, so imagine lots of ‘Dad! The TV’s not working!!’ and stuff like that every time. This thing was a pet project, and I didn’t have it set up as a ‘production’ service, which is what it really should be. Sometimes the metallb pods would fall over, or the kubernetes TLS certificates would expire for the cluster, etc. I didn’t have proper monitoring and alerting setup, etc. I just couldn’t be bothered putting the effort into it that it required.
NextDNS does exactly the same thing, with probably even better controls, is more reliable, has great logging and costs bugger all.
EDIT: meant to add, I used it for more than just adblocking, but also for parental controls. NextDNS is great for that as well.
Well it’s a service I’m paying for, so yes a bit of trust is required. Their privacy policy looks decent as well. As it stands, I trust them more with it than I would my ISP, Google or Microsoft.
You can choose what region to log to (I chose Switzerland) and you can also configure the retention period.
I’ve been using adgaurd home from the official truenas apps. Running for about 3 or 4 months. It’s doing it’s job but it’s no silver bullet. Also added a good few custom lists.
I’ve been using adgaurd home from the official truenas apps. Running for about 3 or 4 months. It’s doing it’s job but it’s no silver bullet. Also added a good few custom lists.
It’s not just about trusting the code (which anyway isn’t a small task to review it, and all future PRs, and run your own builds from reviewed code) but also there are some people who will avoid Russian developed stuff at the moment for moral reasons, you know, because of the whole Ukraine thing.
Which I don’t find reasonable tbh, at least for open source stuff. You are not actively supporting the Russian government, and a lot of Russians also don’t support the war. But to each their own.
As a counterpoint I’ve had pihole running in various configurations for 7 or 8 years and the only problem I’ve had was a log file got too big or something. Works great.
Tried all three over the years… I have to say AdGuard Home due to how feature-rich it is. Currently have two instances running, one at home the other for remote usage. AGH is better than the other two at nearly everything.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !selfhosted@lemmy.world
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.
Rules:
Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
removed by mod
I use AGH myself, it runs great and stays out of the way. I have not tried pihole so can’t speak on it
Heey iam using pihole for a few years now i realy like that it works good with no problems so far. Even have unbound pared wirh it and for tunneling home i use wireguard never tried adguard or blocky
Another vote for PiHole.
Also, thanks for turning me on to Unbound. Which Pi are you running those services on and how’s the performance?
No the one you asked, but I’m running pihole on a lenovo M93 (fedora server) with 8Gb of ram. No kill like overkill, I guess.
The only time any of the cpu cores pops above 1% is when I’m updating the config, and at the moment it is hovering at 293 MB of RAM used according to the
freecommand.Ha — no kill like overkill. Indeed! Thanks for sharing!
I’m currently running pihole on a Pi 3B. It’s been solid for about a year on that hardware.
I’m going to do a little digging on the compute needed per WireGuard connection. Cheers!
Iam running it a raspberry 3b its doing fine we are with 3 ppl in house so there are not that many request
I’ve read about unbound but not knowledgeable enough to understand what it does. Could you king of eli5 it to me? Also, is wireguard better than openvpn?
Started on PiHole a long time ago, went to AdGuardhome, then have moved over to Technitium DNS (https://technitium.com/dns/). That might be another option to investigate, it allows Ad blocking as well as a lot more than AdGuardhome and Pihole.
Last I tried Technitium, it took over 100ms to resolve domain names that take 1ms otherwise.
Hmmm…I’ve never noticed any lag on my end, but then again, I don’t time my DNS ms resolutions myself. :) Good to know though!
I also started on pihole, but switched to Blocky because Blocky is way more DevOps friendly (I run this stuff on microk8s on a Pi cluster).
Then I just ditched it altogether and now use NextDNS. Well worth paying the small fee for. But you obviously don’t get the same DIY satisfaction out of it.
Tbh I just run pihole as a background service on my PC since I can’t easily access router to change DNS for the whole network anyway. It never seemed that much work, what devops issues were you running into with it and Blocky to justify paying a service for it?
My main issue with PiHole was that the container wouldn’t work on later versions of Ubuntu for some reason (if I remember correctly, anything later than 18.04). I never did figure it out. The other reason was since I was running it in Kubernetes, the whole point is to have multiple replicas running for redundancy, but PiHole’s UI is coupled with its backend DNS service so if you have 3 PiHole instances running, you had 3 GUI instances as well. You could load balance the DNS requests (I used MetalLB), but visiting the UI was pointless. Also, the config was very scripty and not really container friendly - I mean it worked but it wasn’t designed as a cloud native application. No fault of its own but it didn’t really suit the way I like to do things.
Enter Blocky, which doesn’t have a UI and has a very simple YAML config that is easily mounted to a container. It scaled much easier, used way less resources and was just simpler to manage. It was really exactly what I was looking for.
However, ultimately running the DNS service for my house out of a Pi cluster wasn’t really my best idea. It has to work 100% of the time, and I would have frequent outages. We are a family of 5, so imagine lots of ‘Dad! The TV’s not working!!’ and stuff like that every time. This thing was a pet project, and I didn’t have it set up as a ‘production’ service, which is what it really should be. Sometimes the metallb pods would fall over, or the kubernetes TLS certificates would expire for the cluster, etc. I didn’t have proper monitoring and alerting setup, etc. I just couldn’t be bothered putting the effort into it that it required.
NextDNS does exactly the same thing, with probably even better controls, is more reliable, has great logging and costs bugger all.
EDIT: meant to add, I used it for more than just adblocking, but also for parental controls. NextDNS is great for that as well.
But NextDNS is closed source isn’t it? Personally I wouldn’t trust proprietary software with my entire DNS request history.
Well it’s a service I’m paying for, so yes a bit of trust is required. Their privacy policy looks decent as well. As it stands, I trust them more with it than I would my ISP, Google or Microsoft.
You can choose what region to log to (I chose Switzerland) and you can also configure the retention period.
https://nextdns.io/privacy
I’ve been using adgaurd home from the official truenas apps. Running for about 3 or 4 months. It’s doing it’s job but it’s no silver bullet. Also added a good few custom lists.
I’ve been using adgaurd home from the official truenas apps. Running for about 3 or 4 months. It’s doing it’s job but it’s no silver bullet. Also added a good few custom lists.
This might not be a factor you care about, but Adguard is developed in Russia.
Even if that were true, it would not matter since the source code is open and you can take a look at it to put this phobia of yours to rest.
Also FYI, AdGuard is based in Cyprus.
It’s not just about trusting the code (which anyway isn’t a small task to review it, and all future PRs, and run your own builds from reviewed code) but also there are some people who will avoid Russian developed stuff at the moment for moral reasons, you know, because of the whole Ukraine thing.
Which I don’t find reasonable tbh, at least for open source stuff. You are not actively supporting the Russian government, and a lot of Russians also don’t support the war. But to each their own.
Lots of love for Adguard home, I’m inclined to go for that. Thanks all
As a counterpoint I’ve had pihole running in various configurations for 7 or 8 years and the only problem I’ve had was a log file got too big or something. Works great.
With AdGuard Home you don’t even need to have log files, there’s built in options to store it in-memory.
Two instances of AdGuardHome … though tempted to switch to the new Gravity.
+1 to AdguardHome. Set it up on a Synology NAS via docker following some written guides found online. Been rock solid for years.
Tried all three over the years… I have to say AdGuard Home due to how feature-rich it is. Currently have two instances running, one at home the other for remote usage. AGH is better than the other two at nearly everything.