Pi-Hole on Synology in Docker

(This post is now outdated as the technique does not work with Pi-Hole version 4. Here is the technique for Version 4)

This is just a short note on installing this. It is a very quick process, but it took me way longer than it should have because I misunderstood a couple of things.

Why? Pi-Hole is a very lightweight DNS server that you can place on your network. It will ignore calls to most advertising sites, effectively getting rid of advertisements. It’s great because it does not require anything installed on individual devices, works for your entire network and is simple to set up.

Here’s a link to the Pi-Hole site

I have plenty of spare Raspberry Pi devices but I wanted to do this without adding another device to the network. I have plenty of computing power already, so I made the decision to add the service as a Docker appliance on my Synology DS1817+

Here’s a youtube video about this-

Unfortunately this doesn’t show the installation, but it does show critical elements of port forwarding. The installation is pretty easy though….

To upgrade the Pi-Hole you are supposed to trash the old one, download a new one and install it. When I did that a few weeks later it wouldn’t work, so I’ve spent ages trying to recreate my original work because I didn’t document it well enough here. Sigh, here it is in proper full colour detail-

Add Docker to your Synology through the Package Centre, open Docker, go to ‘Registry’ and search for ‘Diginc’. Click on ‘diginc/pi-hole’ and add it.

The image will download and appear in ‘Image’, click on that and click ‘Launch’ and this is where the important settings are-

next click on ‘Advanced Settings’

Auto restart and a shortcut sounds like a good idea….

And there’s where the magic happens- setting the ‘Local Port’ to an unused port, because if you’re like me, you already have ‘Web Station’ running on port 80…..

*There is one more quirk that you need to know- you will also need to change the ‘Auto’ port selection under ‘Local Port’ so your Docker can answer on the correct port, so change both of these to ’53’ otherwise your Docker will be running, but never answer DNS queries. Ask me how I know this…..

From here, you can manage your Pi-Hole at

ip-address:8181/admin/

Next tasks are-

  1. Set up your DNS lookups. This is in Settings/ DNS. I am using 54.252.183.5 and 54.252.183.4 as these are the Getflix DNS servers in Sydney to avoid geo-blocking on my Netflix account.
  2. Turn off Google DNS lookups in Settings/DNS. This will disallow access to Google DNS from devices on my network, for instance many apps like Netflix will try to use this to figure out where I am, and stop me watching all those tasty shows.
  3. Tell my router to forward all DNS requests to the Pi-Hole. As I use a Meraki router this is pretty simple in Security Appliance/ DHCP/ Custom Nameservers.
  4. If you are doing all this to geo-dodge Netflix as well as save bandwidth from ads, then you also need to block the some DNS servers at router level, those details here

One of the mistakes I made was wanting to give a static IP address to the Pi-Hole appliance, but I found out that Docker is specifically designed to stop stuff like this. You can do it, but Docker wants you to be able to install a whole bunch of appliances and only expose the required ports to each- not whole IP addresses. This makes sense but it did drive me crazy for a while.

Results? Amazing- my internet seems faster because it isn’t downloading ads. For instance loading smh.com.au went down from 3.2 seconds to 1.7 seconds- that’s 50% off at no extra cost! So, where’s the steak knives?

Downsides-
a lot of emails that you receive have links that go to a marketing website first then to the URL you want. I had some encoded with Aweber yesterday and I couldn’t get to the article I wanted to read. This is easily fixed by using a de-obfuscator, but adds an extra step in some cases. Here’s an example-

I can’t open this link because it goes to Aweber, who are a marketing company
But if I go to a website like Wheregoes.com it can show me the final destination, which is
http://www.citypages.com/…/super-bowl-save…/472326323

Recent posts