this post was submitted on 29 Nov 2024
143 points (100.0% liked)

Selfhosted

46321 readers
536 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
143
My setup for using Pi-hole outside my home (axel.leroy.sh)
submitted 4 months ago by [email protected] to c/[email protected]
33 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 18 points 4 months ago* (last edited 4 months ago) (9 children)

Use ddns on your router with a domain so you can then get something like wireguard.example.com and then use that as the endpoint in your wireguard.

Set the wireguard DNS as your pihole.

To make life easier set your home network IP space to something that another WiFi would never use, ie 192.168.46.xx

That way it will never conflict if you are on a public WiFi and you can access anything on your home lab when you need.

I've been using this setup for years on laptop, phone etc

[–] [email protected] 4 points 4 months ago (7 children)

I do exactly this as well. Works great! Dynamic DNS is kind of a hilarious hack.

Quick question: since I use wireguard, do I need to use DNS-over-HTTPS for security? My assumption is that my entire session is already encrypted with my wireguard keys, so it doesn't matter. But I figured I should double check.

[–] [email protected] 3 points 4 months ago (1 children)

Depends, do you have pihole/unbound setup to only recursively resolve? Or do you forward requests to an upstream (either as a fallback or just as a primary). If that's the case, and depending on your threat model, you'll want to set up DoH or DoT as your DNS requests will be forwarded in plaintext

[–] [email protected] 1 points 4 months ago

Fortunately I set up unbound ages ago, and disabled every other upstream option in my pi.hole. However, I imagine that still "leaks" some information about my DNS queries, just indirectly -- it's not like my pi.hole has every domain mapped all the time!

load more comments (5 replies)
load more comments (6 replies)