Pi-Hole
So one thing I was interested in was taking some control over my DNS. I could go with Bind but I heard about Pi-Hole and thought it would be interesting to check out.
Verify Prerequisites
So looking through the prerequisites it looks like the only item of concern is for the servers to have static IP addresses. Easy enough.
Create Virtual Machines
So I have three Hyper-V hosts in my humble little home lab. I'm going to set up two virtual machines to run Pi-Hole on. Then perhaps later I'll look into setting up some sort of high availability on the third host.
On the HV-01 host I set up a virtual machine running Debian named PH-01. Then on the HV-02 host I set up a virtual machine running Debian named PH-02. From here on out I can mirror the steps I perform on PH-01 with PH-02.
Configure Operating System
Configure Sudo
Steps performed on PH-01 and PH-02
apt updateapt install sudo/sbin/adduser david sudoAdding user 'david' to group 'sudo' ...Done.
Configure Network
I went to configure the IP address with ifconfig but I get an error message that it is being depreciated. Holy cow I am rusty aren't I?
Steps performed on PH-01 and PH-02
nano /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# Interface eth0 static configuration
auto eth0
iface eth0 inet static
address 10.10.10.XXX
gateway 10.10.10.254
netmask 255.255.255.0
systemctl restart networkingreboot
Configure Firewall
Steps performed on PH-01 and PH-02
sudo apt install ufwsudo ufw enablesudo ufw allow sshsudo ufw allow 80/tcpsudo ufw allow 53/tcpsudo ufw allow 53/udpsudo ufw allow 67/tcpsudo ufw allow 67/udp
Configure SSH Keys
So I'm wanting to practice with Windows Terminal and move away from PUTTY so it's time to set up an SSH key to PH-01 and PH-02.
Steps performed on desktop via Windows Terminal
ssh-keygen -t ed25519Move-Item -Path c:\Users\david\filename* -Destination c:\Users\david\.ssh -Force
Then I open "Settings" from Windows Terminal, and then open the JSON file and add the following:
{
"colorScheme": "Ubuntu-ColorScheme",
"commandline": "ssh -i \"~/.ssh/ph-01\" [email protected]",
"experimental.retroTerminalEffect": false,
"font":
{
"face": "Cascadia Code"
},
"guid": "{0caa0dad-35be-5f56-a8ff-XXXXXXXXXXXX}",
"hidden": false,
"name": "PH-01",
"tabTitle": "PH-01"
},
making sure the guid is unique. This gives me a nice shortcut inside terminal to connect to this server.
Configure SSH
Now that I have my keys set up I'll need to configure them on PH-01 and PH-02.
Steps performed on PH-01 and PH-02
mkdir ~/.sshnano ~/.ssh/authorized_keys- And I paste in the public key I generated above, then save the file.
chmod 600 ~/.ssh/authorized_keyssudo nano /etc/ssh/sshd_config- I modify the following lines:
PermitRootLogin no
PubkeyAuthentication yes
PubkeyAcceptedKeyTypes ssh-ed25519
PasswordAuthentication no
AuthorizedKeyFiles /home/david/.ssh/authorized_keys
sudo sshd -tsudo systemctl restart ssh
Installing Pi-Hole
wget -O basic-install.sh https://install.pi-hole.netsudo bash basic-install.shsudo reboot
Configure Pi-Hole
Updating Lists
Now I can browse to http://10.10.10.XXX in Firefox and I see the login page. Once logged in I can go to Tools>Update Gravity>Update to update the default gravity list.
Test DNS Queries
From Windows Terminal I can run nslookup.
PS C:\Users\david> nslookup
Default Server: pi.hole
Address: 10.10.10.XXX
> yahoo.com
Server: pi.hole
Address: 10.10.10.XXX
Non-authoritative answer:
Name: yahoo.com
Addresses: 2001:4998:44:3507::8000
2001:4998:44:3507::8001
2001:4998:124:1507::f000
2001:4998:24:120d::1:1
2001:4998:24:120d::1:0
2001:4998:124:1507::f001
74.6.143.26
74.6.231.21
74.6.143.25
98.137.11.163
74.6.231.20
98.137.11.164
> exit
Super cool! I have to functioning DNS servers now. All I need to do now is update my DHCP server to point to PH-01 and PH-02 and I'm all done here!