This is an old revision of the document!
Pi-hole DNS Blocking
The Pi-hole project is a “DNS sinkhole” that protects your devices from unwanted content, without installing any client-side software.
Pi-hole is a perfect example to use with AstLinux within a LXC. Begin as with the “Quick Start Guide” but use the name pi-hole.
First, it is assumed the lxcbr0 interface is setup per the Quick Start Guide → Enable LXC Support.
Then from the CLI:
lxc-create -t download -n pi-hole -- -d debian -r buster -a amd64 --no-validate
service lxc init
lxc-attach pi-hole passwd apt update apt install openssh-server iputils-ping curl ... exit
Tip -> Optionally you may want to also…
apt install sudo nano
Tip -> Set PermitRootLogin yes for sshd and restart sshd. Type exit to leave the container and do the rest via ssh.
Install Pi-hole:
Either with lxc-attach pi-hole or ssh root@pi-hole_ip_address
curl -sSL https://install.pi-hole.net -o pihole.sh # Comment out the "set -e" in pihole.sh, then bash pihole.sh
Follow the dialogs and answer the questions.
Change Pi-hole WebGUI password:
/usr/local/bin/pihole -a -p
Tip -> If lighttpd is not started after the Pi-hole installation (⇒ netstat -tlp):
apt remove lighttpd bash pihole.sh # choose "Update"
The Pi-hole LXC container uses about 40-50 MB of RAM.