Piehole (or other) on Synology NAS Docker?

janhoedt
janhoedt used Ask the Experts™
on
Hi,

I would like to use Piehole (or another add blocking/security enabling feature) for my home network.
My Synology NAS supports Docker, so I stumbled upon this article: http://tonylawrence.com/posts/unix/synology/free-your-synology-ports/
Not going to buy a Pie, my Synology is good enough and dont want extra hardware to buy/maintain/configure anyway.
 
I like the idea of Docker/containers since I do think it is the future, I have no Docker experience whatsoever for now. My questions:
-is Piehole the right protection tool to use or are there better (Docker) solutions?
-if I follow the procedure described, what to do then, just point my dhcp dns to the ip of Synology? Any config I can do to the Piehole? Then where?  Not clear to me.
-I also have a Synology Router mc2200 ac, can/should I combine it's security features?

Thanks for your input!
J
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
David FavorFractional CTO
Distinguished Expert 2018

Commented:
1) -is Piehole the right protection tool to use or are there better (Docker) solutions?

If you're talking about https://github.com/pi-hole/pi-hole then makes no difference where you install this code... what machine... the only consideration is pointing your DNS on all machines to the DNS server providing Pi-Hole blocking.

Without understanding the actual problem you're trying to solve. No way to answer your question.

If you're just trying to block ads... Pi-Hole is like hunting houseflies with a howitzer.

Easier to just use a browser plugin/extension, like uOrigin or one of the many other Ad Blockers.

2) -if I follow the procedure described, what to do then, just point my dhcp dns to the ip of Synology? Any config I can do to the Piehole? Then where?  Not clear to me.

Tip: Pi-Hole is complex to setup + maintain, if you have any questions at all, as it's tech is simple + plumbing across all machines is complex.

Generally you will use their install instructions from the link above.

If... curling a file into bash makes your head spin, best use browser Ad Blockers.

3) -I also have a Synology Router mc2200 ac, can/should I combine it's security features?

With no description of exact problem you're trying to solve, tough to answer.

Author

Commented:
Easier to just use a browser plugin/extension, like uOrigin or one of the many other Ad Blockers.

>Piehole does more then that, it protects every device in the network = all computers, mobile devices. A popup blocker just one.

>Piehole does not look complex to setup, specifically when using docker.

>rest were open questions, what I try to do I clearly described: securing and add blocking

Lets not discuss if question was clear or not.
Dont see much added value in your answer.
If no answers anymore, I ll just start the Piehole Docker setup.
David FavorFractional CTO
Distinguished Expert 2018

Commented:
First verify we're actually talking about https://github.com/pi-hole/pi-hole or if you're talking about some other software, specify the URL of whatever Piehole might be.
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

David FavorFractional CTO
Distinguished Expert 2018
Commented:
If you really are talking about Pi-Hole + you're savvy enough to change DNS for all your client machines, then just follow the github instructions from the project site.

1) -is Piehole the right protection tool to use?

Only you can answer this, as this is subjective.

There are many solutions. They all work basically the same. Setting Ad Network names to localhost or some other local IP.

2) or are there better (Docker) solutions?

Whether you run a solution in Docker, or LXD or at machine level. The result is all the same.

Better to just choose software providing a good solution for you, then determine how to run the code.

Tip: Use LXD rather than Docker + you'll save a massive amount of time... because Docker provides no persistent data, even for config file, so you'll have to manage data in Docker volumes. With LXD, all your data persists across container restarts (like a machine reboot) as each container is basically a bootable machine.

Pi-Hole does provide it's own Docker mechanism, so might be easy to deploy.

You'll have to determine if this is true or not, for you.

3) -if I follow the procedure described, what to do then, just point my dhcp dns to the ip of Synology? Any config I can do to the Piehole? Then where?  Not clear to me.

The docs clarify this.

You have 2x options, just use Pi-Hole as a caching DNS server (the easy way) or replumbing all hardware in your network to use the include DHCP server (the hard + time consuming way).

4) -I also have a Synology Router mc2200 ac, can/should I combine it's security features?

Best to ask this in a separate question, after this question if complete.
Software Engineer
Distinguished Expert 2018
Commented:
If you want to block apps on all kinds of devices that pi-hole is a solution.
If you want it for browsers then uMatrix is my favorite.
If you want to block apps on Android devices check blokada this might be more effective. (it can definitely block access from any app trying to gains access to graph.facebook.com etc. (and a whole bunch of trackers.. just enable a few extra repositoiries

If you want to use docker you will need some management tool to add/remove docker volumes. I am not sure what synology uses for this.
I can suggest portainer to use for this as it also allows for persistent data volumes to be created & maintained.

This article tells how to use those:
https://homenetworkguy.com/how-to/install-pihole-on-raspberry-pi-with-docker-and-portainer/

If your synology has a portainer like app running already then just create the required persistent volume, & port and use those.

This still leaves the setting up & enabling this DNS server in your network  like David showed you before.

Author

Commented:
Thanks!
Just did a quick check on the Docker app in Synology found this in registry: https://hub.docker.com/r/pihole/pihole/ clicked install and its running. Not sure now how though to reach/configure it.
Will have to dive into the manual I guess.
David FavorFractional CTO
Distinguished Expert 2018

Commented:
You're welcome!

Glad you got your setup working!

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial