40
Adblock and VPN all in one? (lemmy.world)
submitted 3 weeks ago by damnthefilibuster@lemmy.world to c/selfhosted@lemmy.world
25 comments fedilink hide all child comments

I love PiHole. I've used it in the past and it was powerful! I also use an OpenVPN/Wireguard based VPN.

So is there a service that combines the two features? Lets me import adblock lists and also VPN configurations?

Preferably something that runs in a docker container that I can throw upon portainer and running within minutes!

Thanks!

top 25 comments
sorted by: hot top controversial new old
[-] ptz@dubvee.org 9 points 3 weeks ago* (last edited 3 weeks ago)

If you don't get any other answers:

I run OpenWRT on my router (x86 hardware), and have Adguard Home and Wireguard installed on it.

AdGuard has its own webUI, and Wireguard peers can be managed through LuCI in OpenWRT. It also supports OpenVPN as well as other VPN types.

So you could run a VM with OpenWRT and get all that.

[-] damnthefilibuster@lemmy.world 1 points 3 weeks ago

Ah, I'm not going there yet. OpenWRT is an eventual goal. But right now I'm stuck with devices that do not support it. I'm ok with alternate solutions.

[-] michel@friend.ketterle.ch 6 points 3 weeks ago

@damnthefilibuster
For Android I recommend Rethink
It has Wireguard, DNS and Firewall (per app and per IP/Domain)

[-] damnthefilibuster@lemmy.world 1 points 3 weeks ago

Nice app! I do have an android device sitting around doing nothing. Will use this app if I ever get into it!

[-] Decronym@lemmy.decronym.xyz 4 points 3 weeks ago* (last edited 3 weeks ago)

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:

Fewer Letters More Letters
DNS Domain Name Service/System
IP Internet Protocol
VPN Virtual Private Network
VPS Virtual Private Server (opposed to shared hosting)

4 acronyms in this thread; the most compressed thread commented on today has 14 acronyms.

[Thread #816 for this sub, first seen 18th Jun 2024, 20:45] [FAQ] [Full list] [Contact] [Source code]

[-] LodeMike@lemmy.today 3 points 3 weeks ago

Good bot

[-] undefined@links.hackliberty.org 4 points 3 weeks ago

I run a VPS with its own DNS resolver (to load blocklists), then it tunnels the traffic down a multi-hop VPN and it’s pretty excellent.

[-] ErwinLottemann@feddit.de 3 points 3 weeks ago

you can just set your pihole as the dns server for all your wireguard clients i guess

[-] aordogvan@lemmy.world 3 points 3 weeks ago

This runs a combination of both. Been using this for years and works like magic

[-] jjlinux@lemmy.ml 1 points 3 weeks ago

This is gold. Thank you.

[-] Cyber@feddit.uk 2 points 3 weeks ago

Maybe not a docker solution, but you could throw pfSense into a VM and do all that from there

I use it (as it's intended) as my firewall, but I used to use these as general purpose network security VMs in the past (just because I know the product well)

So for you: no firewall rules, just setup DNS with pfBlocker (for the advert blocking) and setup the VPN as required...

Just an idea...

[-] Andromxda@lemmy.dbzer0.com 2 points 3 weeks ago

Check out WireHole or openvpn-pihole

[-] ShellMonkey@lemmy.socdojo.com 2 points 3 weeks ago

I know some VPN providers have their own DNS service that you can use similar to other filtered public DNS. If you mean an in house DNS/VPN gateway then what you want is probably best served by something like a firewall distro (opnsense/pfsense) to handle both of them.

[-] dogsnest@lemmy.world 2 points 3 weeks ago

There are "public" pihole servers: use their dns, or the many other ad-blocking servers out there as the dns for your VPN.

Tbh, I've stopped the selfhosted vpn route and use tailscale (which can be selfhosted/has a docker image). It doesn't get simpler.

[-] theorangeninja@lemmy.today 6 points 3 weeks ago

There's also Netbird as an open source alternative to Tailscale. @damnthefilibuster@lemmy.world

[-] dogsnest@lemmy.world 3 points 3 weeks ago

Appreciate this.

[-] damnthefilibuster@lemmy.world 3 points 3 weeks ago

huh. Never thought about public pihole servers. So nice of those folks running them.

I don't understand how you're saying you've stopped self-hosting VPN and are still using tailscale. Are you using their SaaS service? Does that allow you to set your own DNS? Do they have speed limits? Are they zero-logs?

[-] dogsnest@lemmy.world 3 points 3 weeks ago* (last edited 3 weeks ago)

Tailscale uses wireshark, which is peer-to-peer. Their "free" plan allows you to set up a network using their "coordination" server, which simplifies administration of your tailnet.

You control dns, exit nodes, etc, so tailscale isn't involved with the vpn itself, hence no speed limits.

You ultimately determine what tailscale collects as far as client logging.

If you block client logging, Tailscale may not be able to provide technical support.

I imagine the docker image serves to eliminate tailscale from the equation.

ETA: there are quite a few ad-blocking dns servers.

I currently use nextdns.io

[-] damnthefilibuster@lemmy.world 3 points 3 weeks ago

So do you run a tailscale exit node on one of the public clouds or a VPS provider like DigitalOcean?

[-] dogsnest@lemmy.world 1 points 3 weeks ago* (last edited 3 weeks ago)

Exit node is a VPS (Racknerd)

eta: it's quite the deal tbh

[-] pyrosis@lemmy.world 1 points 3 weeks ago

You might look at gluetun. It lets you configure various VPN services from a docker container. The interesting part is that you can point other docker containers to utilize gluetun for networking. Essentially piping them through the configured VPN.

[-] chili1553@lemmy.world 1 points 3 weeks ago

Not self hosted, but I've been using tailscale with nextdns and it has been very reliable. I got tired of worrying about availability of hosting my own

[-] jjlinux@lemmy.ml 1 points 3 weeks ago

In this same subject, is there a way to set up pihole as DoT or at least DoH? Full disclosure, I have not done any research on this. The thought just came up while reading this thread.

[-] EmperorHenry@discuss.tchncs.de -1 points 3 weeks ago

Adguard? Although I don't know if they have a firewall based Killswitch so it might be vulnerable to tunnel vision if it's not being used in a VPN router

You might need to replace your pi-hole with adguard home to make it work

this post was submitted on 18 Jun 2024
40 points (97.6% liked)

Selfhosted

37915 readers
216 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz