Selfhosted

49494 readers

901 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago

MODERATORS

[email protected]

Pi-hole client filtering without DHCP? (lemmy.world)

submitted 2 days ago* (last edited 1 day ago) by [email protected] to c/[email protected]

35 comments fedilink hide all child comments

Hi all - please tell me if I'm doing this wrong:

My 12yo spends all day on YouTube shorts. I want to block it, but can only block YouTube entirely. Blocking for everyone would upset my 15yo, so I need per-client domain filtering.

That was easy on Pi-hole. But my Raspberry died and I heard praise for Adguard Home so now I run that as a Docker container.

I can't figure out how to block YouTube for only some devices. Is that not possible with Adguard? Claude gives me complicated nonsense; you can easily do better.

I want to ditch Adguard and go back to Pihole. The caveat is that I must let Pihole run the DHCP server, in order to get correct per-client blocking. That's a pity, as I have a neat UniFi network set up.

Can I get Pihole's per-client blocking without Pihole as DHCP?

I don't mind setting it all up in Pihole again (as yet another container) because I know it works (it's how I had it before the Raspberry died). But I would love to know if I am going about this the wrong way? Thank you!

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 24 points 2 days ago (2 children)

Just so you know, you can run pi-hole as a container as well

About dhcp, I don't know about unifi, but I guess in the firewall you can configure static dhcp leases. So son1 devices always get same ip. Then you can configure a hairpin port forwarding, so any requests for ports tcp/udp53 from his devices get forwarded to pi-hole. That is assuming that in the "general" dhcp config you assign an external dns.

Otherwise you could try creating two different dhcp pools, one with pi-hole (and make sure son1 devices get a static lease in there) and one for everyone else.

As a side note, I recommend looking into self hosting your piped instance, so even son2 can enjoy YouTube without all the ads! (And the tracking)

[–] [email protected] 3 points 2 days ago (1 children)

Posting here so I remember to share my UniFi setup later. Off the top of my head UniFi manages my DHCP leases like normal, and I set my DNS to my Pihole server with I forget what logging option on so I get full metrics in Pihole of what clients are what for each DNS request.

[–] [email protected] 3 points 2 days ago

That sounds pretty similar to how I have my network setup:

PiHole has conditional forwarding configured (true,192.168.0.0/24,192.168.1.1,lan note: .lan is optional here, I uss it for my internal TLD) to get device names from router
PiHole uses Unifi as the upstream DNS and DHCP
Unifi uses cloudflare as the upstream DNS
Unifi hands out the PiHole as the DNS via DHCP config

That way I get stats in all the places and can use Unifi for DHCP.

[–] [email protected] 2 points 2 days ago

I have it running in a container in my closet server. It's got It's own IP address using a macvlan setup.