I’ve been aware of pi-hole for a while now, but never bothered with it because I do most web browsing on a laptop where browser extensions like uBlock origin are good enough. However, with multiple streaming services starting to insert adds into my paid subscriptions, I’m looking to upgrade to a network blocker that will also cover the apps on my smart TV.

I run most of my self hosted services on a proxmox server, so I’d like something that’ll run as an LXC container or a VM. I’m also vaguely aware that various competing applications have come out since pi-hole first gained popularity. Is pi-hole still the best thing going, or are there better options?

  • bdonvr@thelemmy.club
    link
    fedilink
    English
    arrow-up
    12
    ·
    11 months ago

    Pi-hole is great, but unfortunately ads in YouTube or other streaming services is not one of the things it blocks.

    • HexagonSun@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      2
      ·
      11 months ago

      Glad I read this - all my other devices block ads perfectly well already, but was wondering if I could block YouTube ads on my Apple TV… I guess not!

    • dontblink@feddit.it
      link
      fedilink
      English
      arrow-up
      1
      ·
      11 months ago

      I wonder why we don’t have AI browser extensions that can recognise and obscure possible ads / unwanted content yet

    • dan@upvote.au
      link
      fedilink
      English
      arrow-up
      1
      ·
      11 months ago

      PiHole and similar services just use DNS blocking, which only works if the ads are served via a third-party ad server. Sites with their own ad inventory (YouTube, Facebook, Twitter, etc) can’t be blocked this way since they can just serve the ads from the same domain as their regular content.

  • Rookeh@startrek.website
    link
    fedilink
    English
    arrow-up
    8
    ·
    11 months ago

    I use both. Pi-hole running in a docker container on one of my home servers which my gateway is configured to assign as the default DNS for all clients, and uBlock Origin on all my browsers to catch everything else.

    Pihole is pretty good at catching ads on platforms that are not suited to browser based blockers (IoT devices, streaming boxes etc) but it isn’t perfect and is best used in conjunction with another solution.

  • Decronym@lemmy.decronym.xyzB
    link
    fedilink
    English
    arrow-up
    6
    ·
    edit-2
    11 months ago

    Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:

    Fewer Letters More Letters
    DNS Domain Name Service/System
    HTTP Hypertext Transfer Protocol, the Web
    HTTPS HTTP over SSL
    IP Internet Protocol
    IoT Internet of Things for device controllers
    LXC Linux Containers
    PiHole Network-wide ad-blocker (DNS sinkhole)
    SSL Secure Sockets Layer, for transparent encryption
    VPN Virtual Private Network

    7 acronyms in this thread; the most compressed thread commented on today has 5 acronyms.

    [Thread #431 for this sub, first seen 15th Jan 2024, 23:55] [FAQ] [Full list] [Contact] [Source code]

  • Dandroid@dandroid.app
    link
    fedilink
    English
    arrow-up
    4
    ·
    11 months ago

    I set up pihole a few months ago. I added a few dozen of the highest recommended block lists, but I wasn’t impressed at all. It didn’t seem very effective at blocking ads in both real world tests and tests that I found online specifically for testing your adblocker.

    • khorak@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      7
      ·
      11 months ago

      The best test I have is my wife complaining, that ads in Google results cannot be opened. It seems to work flawlessly for me 😂

      On a more serious note, what tests are these? The thing is, the ad domain is either in the blocklist or not. Ads inside apps are hard to block (I even have adaway on my android, and some slip through as eg Instagram reuses the backend domains/endpoints for ad delivery).

  • Fedegenerate@lemmynsfw.com
    link
    fedilink
    English
    arrow-up
    4
    ·
    11 months ago

    I went with a pi running pi-hole. I got it as a project where the tool is the project. But, it’s essential infrastructure now and I don’t want to mess with it incase I break it. I’m an idiot with a poor history with pi guides so far, so I will break it. It’s running the adblock fine, I assume it’s doing the tracking and malware blocking fine too.

    Sadly, that’s where I leave the project for now, I had intended to give it a HDD and some… other… software but I really don’t want to break it. I tried convincing the better half that I obviously need to N+1 but she wisely did not see reason.

    • khorak@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      2
      ·
      11 months ago

      If you want to try setting it up in high availability with failover, give me a poke. And until then - go to Teleporter in the settings, and download the backup. You can restore from there.

      One thing worth saying is this - you can grab a cheap refurbished ssd (the smaller - the better), check it’s SMART data for any red flags, and attach it to the pi as OS disk. It will be much more reliable than SD, but overkill if you only run pi on the box. Alternatively look into log2ram, it keeps your SD card alive for longer :D but backup first!

      • Fedegenerate@lemmynsfw.com
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        11 months ago

        Thanks. I already have Log2Ram running to prolong the life of the SD. My planned disaster relief is a spare SD, already set up and taped to the box ready to swap and reboot in case of emergency. SD cards are cheap so chucking <£10 at the setup once in a while is no big thing. A fresh install on the new SD allows me to improve on what I’ve already done, for example the new SD I’ll run DietOS instead of Raspbian, and reinforce skills. Less time efficient but that’s no matter when the box is working and it’s a hobby. I can then keep the old SD card taped inside the case as a physical back up. Perhaps more expensive in the long run, but an SD card taped to the inside of the case with simple instructions is an easy sell to the fiancée.

        My experience with guides has shaken my confidence quite a bit. Which is fine, I’ll get over myself and the point is to learn, so me hitting snags is a good thing. But, until I have a functioning back up I’m not going to be fucking with it. Facebook cannot go down on account of my education.

        But if I may, I have one question, a bunch of recommendations have the setup “segregated” (I dunno the word) in Docker and Portainers but I don’t understand the rationale. I wasn’t intending on doing this, instead opting to install Pi-hole, Log2Ram, UFW, and the… other… softwares directly to the OS for simplicity. Why would one set up a Pi-hole et al in a containers instead of directly?

        My current set up is Raspbian OS running Pi-hole as ad, tracker, malware block and DHCP (the ISP router is a Sky2 box so no IP or DNS customisation), Log2Ram and UncomplicatedFireWall.

        • khorak@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          2
          ·
          11 months ago

          I wasn’t intending on doing this, instead opting to install Pi-hole, Log2Ram, UFW, and the… other… softwares directly to the OS for simplicity. Why would one set up a Pi-hole et al in a containers instead of directly?

          So there are many reasons, and this is something I nowadays almost always do. But keep in mind that some of us have used Docker for our applications at work for over half a decade now. Some of these points might be relevant to you, others might seem or be unimportant.

          • The first and most important thing you gain is a declarative way to describe the environment (OS, dependencies, environment variables, configuration).
          • Then there is the packaging format. Containers are a way to package an application with its dependencies, and distribute it easily through the docker hub (or other registries). Redeploying is a matter of running a script and specifying the image and the tag (never use latest) of the image. You will never ask yourself again “What did I need to do to install this again? Run some random install.sh script off a github URL?”.
          • Networking with docker is a bit hit and miss, but the big thing about it is that you can have whatever software running on any port inside the container, and expose it on another port on the host. Eg two apps run on port :8080 natively, and one of them will fail to start due to the port being taken. You can keep them running on their preferred ports, but expose one on 18080 and another on 19080 instead.
          • You keep your host simple and empty of installed software and packages. Less of a problem with apps that come packaged as native executables, but there are languages out there which will require you to install a runtime to be able to start the app. Think .NET, Java but there is also Python out there which requires you to install it on the host and have the versions be compatible (there are virtual environments for that but im going into too much detail already).

          Basically I have a very simple host setup with only a few packages installed. Then I would remotely configure and start up my containers, expose ports etc. And I can cleanly define where my configuration is, back up only that particular folder for example and keep the rest of the setup easy to redeploy.

          • Fedegenerate@lemmynsfw.com
            link
            fedilink
            English
            arrow-up
            2
            ·
            edit-2
            11 months ago

            I have nothing to add, and an upvote isn’t enough. Truly, thank you for your time, there’s a lot to think about.

            I think for this initial iteration I’m going to direct install in the name of keeping it simple. Next go around I’ll try containerising, just to learn if nothing else. If I out-grow the Pi4 they’ll be good skills to have.

        • dan@upvote.au
          link
          fedilink
          English
          arrow-up
          1
          ·
          11 months ago

          It works well! I have one AdGuardHome instance running on my home server and one running on a Raspberry Pi, both using Docker. Having two prevents the internet from breaking in case I have to shut down one of them for some reason.

    • guajojo@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      11 months ago

      Pihole user for more than 5 years,.can confirm that it is indeed better, made the switch few months ago

      • Maximilious@kbin.social
        link
        fedilink
        arrow-up
        1
        ·
        11 months ago

        What makes it better other than the UI? I’m weary of using it because it is developed by Russian developers.

  • Father_Redbeard@lemmy.ml
    link
    fedilink
    English
    arrow-up
    4
    ·
    11 months ago

    I ran Pi-hole for years. Switched to adguardhome running on 2 servers (primary and secondary) with AGH sync keeping the two instances identical. I like the UI better, dns rewrites, and the ability to simply block services entirely with a single click.

    • Flying_Hellfish@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      11 months ago

      I did this as well, I still have 2 pihole instances running with gravitysync for now, but AGH sync is much easier to setup and maintain. My 2 pihole instances are running for my guest network only and AGH is running everything else.

  • philpo@feddit.de
    link
    fedilink
    English
    arrow-up
    3
    ·
    11 months ago

    If you are more into a full DNS solution that can also block Technitium DNS is a reasonable choice. It is fairly userfriendly, can be run in an LXC easily (I am doing exactly that), able to use multiple block lists in any combination you want, can be controlled by an API, is regularly updated,etc.

    I couldn’t be happier with it, even though the learning curve is somewhat steep, when you are new to DNS. It is a fully fledged DNS server after all.

  • Codilingus@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    2
    ·
    11 months ago

    Adguard home is like pihole, but has built in encrypted DNS options. For easy mode NextDNS.

    They pretty much all have the same block lists to choose from.

  • uranibaba@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    ·
    11 months ago

    If someone really wants this service but do not want to (or cannot) host it themself, https://ovpn.com offer this in their client. I used to have a pi-hole selfhosted but not anymore. Using their client on my phone as well solved the problem with blocking ads while not at home.

  • Dhrystone@infosec.pub
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    2
    ·
    11 months ago

    I actually had a lot of fun a couple years ago deploying PiHole on one of my RaspberryPi’s and routing all my household machines through it. It worked great UNTIL… my kid was turning in empty homework on Google Classroom and his teachers were getting up him about it. We chastised him thinking it was his fault until I finally discovered that Pihole was messing up his uploads to GC and literally causing this problem. I got super angry with it and walked away without even trying to troubleshoot. Had to profusely apologise not only to his teachers but to him.

  • Darkassassin07@lemmy.ca
    link
    fedilink
    English
    arrow-up
    1
    ·
    11 months ago

    DNS based ad blocking does not block video ads served by streaming services. You’ll need a modified client specific to the service you want to block ads for to achieve that.