https://github.com/igladi/pi-dnstack
Pi-DNStack is an automated solution for deploying a containerized DNS management stack, including Pi-hole, Unbound, and Cloudflared.
https://github.com/igladi/pi-dnstack
cloudflared dns pi-hole unbound
Last synced: about 2 months ago
JSON representation
Pi-DNStack is an automated solution for deploying a containerized DNS management stack, including Pi-hole, Unbound, and Cloudflared.
- Host: GitHub
- URL: https://github.com/igladi/pi-dnstack
- Owner: IGLADI
- License: mit
- Created: 2024-11-13T12:24:06.000Z (7 months ago)
- Default Branch: main
- Last Pushed: 2025-03-12T20:44:32.000Z (3 months ago)
- Last Synced: 2025-04-22T13:18:09.389Z (about 2 months ago)
- Topics: cloudflared, dns, pi-hole, unbound
- Language: PowerShell
- Homepage:
- Size: 113 KB
- Stars: 51
- Watchers: 1
- Forks: 3
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Pi-DNStack
## Overview
Pi-DNStack is an automated solution for deploying a containerized DNS management stack, including:
- [**Pi-hole**](https://pi-hole.net): Network-wide ad blocking and DNS management
- [**Unbound**](https://docs.pi-hole.net/guides/dns/unbound/): Local recursive DNS resolver
- [**Cloudflared**](https://docs.pi-hole.net/guides/dns/cloudflared/): DNS-over-HTTPS (DoH) proxy## Features
- Automated Preconfigured Deployment
- Declarative (and idempotent) Configuration: Compares your .psd1 with the current state and only applies necessary changes
- Multi-host deployment support
- Automatic dependency installation
- Optional Windows DHCP configuration## Prerequisites
### System Requirements
- **Target Server(s)**:
- Linux-based operating system
- Debian-based: Ubuntu, Raspbian, etc.
- RPM-based: Fedora, CentOS, RHEL, SUSE, etc.
- Other distributions if dependencies are pre-installed
- Sufficient privileges- **Management Workstation**:
- PowerShell 7+
- SSH access to the target server(s) through [public key authentication](https://www.digitalocean.com/community/tutorials/how-to-configure-ssh-key-based-authentication-on-a-linux-server)
- Supported platforms:
- Linux Workstation (Physical or Virtual)
- Debian-based: using `apt`
- RedHat-based: using `dnf`
- Arch-based: using `pacman`
- Other distributions if dependencies are pre-installed
- Windows users can use [WSL2](https://docs.microsoft.com/en-us/windows/wsl/install)## Quick Start
1. **Clone Repository**
```bash
git clone https://github.com/IGLADI/Pi-DNStack && cd Pi-DNStack
```2. **Configure Target Hosts**
Create an inventory file ([`inventory.ini`](https://docs.ansible.com/ansible/latest/collections/ansible/builtin/ini_inventory.html)) listing your target servers:
```bash
nano inventory.ini
```Example `inventory.ini`:
```ini
192.168.1.10 ansible_user=ansible
```3. **Configure Deployment**
Copy and modify the configuration template:
```bash
cp main.psd1.example main.psd1
nano main.psd1
```> ⚠️ At minimum, change the default Pi-hole password in the configuration file!
4. **Deploy the Stack**
```bash
pwsh ./main.ps1 -ConfigPath ./main.psd1
```5. **Enjoy!**
After deployment, access the Pi-hole web interface at: `http://:/admin/login.php`, [configure your clients](https://www.windowscentral.com/how-change-your-pcs-dns-settings-windows-10#:~:text=HOW%20TO%20CHANGE%20DNS%20SETTINGS%20USING%20SETTINGS%20ON%20WINDOWS%2010) to use Pi-DNStack as DNS server and enjoy your new DNS management stack!
## Windows DHCP Configuration
Pi-DNStack can automatically configure a Windows DHCP server to use Pi-hole. This feature requires:
### Prerequisites
- Windows Server with DHCP role installed
- [Powershell SSH remoting access](https://learn.microsoft.com/th-th/powershell/scripting/security/remoting/ssh-remoting-in-powershell?view=powershell-7.4) to the target server(s)
- Network connectivity between:
- Windows DHCP server and Pi-hole server
- Management workstation and Windows DHCP server### Network Considerations
1. **Docker Network Mode**:
- If using `bridge` mode, ensure Pi-hole's DNS port is published (`piholeDnsPort = "53"`)
- If using `host` mode (recomenden when using this feature), ensure the host's firewall allows DNS traffic and unbound is disabled (both containers would use port 53)2. **Pi-hole Listen Configuration**:
- Ensure Pi-hole is configured to listen to the required interfaces.### Configuration
To enable DHCP integration, edit the `#region DHCP Configuration` section in your `main.psd1` file. The configuration file contains detailed comments and examples for all available DHCP options.
## Troubleshooting
- Check the log file at `~/log/pi-dnstack/main.log` for detailed deployment information
- Verify network connectivity and port availability on target hosts
- For unresolved issues, please check [GitHub Issues](https://github.com/IGLADI/Pi-DNStack/issues)