BLOCK EVERYTHING w/ PiHole on Docker, OpenDNS and IFTTT

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

okay I hope you have your coffee ready because this one's a big one piehole docker flask Python all kinds of stuff we're gonna be using that to protect you your family's network and you from all kinds of distractions now this video is part two the first video we set up OpenDNS to protect your family's network it's a very simple and elegant solution but we're gonna go a bit nerdier and geekier on this one so if you love messing around with Linux or docker containers or raspberry PI's like this is this is the one for you and if you haven't already setup Open DNS go back to that first video and watch it it's gonna be included in this one too we're gonna combine the powers of Open DNS with piehole oh yeah and I'll also show you how to do what I kind of gave you a sneak peek of in the first video this this is my piehole this is my black list of things I'm blocking nothing right now alexa break the internet netflix hulu and all the other fun stuff has been blocked uh and if i refresh this page there it all is being blocked and if i want to have fun again let's do this alexa unblock my stuff yay more tiger king and let's see if it happens and it's gone [Music] a real quick the sponsor of today's video is CBT Nuggets this is the place you want to go when you want to learn all about IT this is how I got my start in IT it's actually how I became a network engineer so if you love IT if you loved tinkering and you want to turn this into a career you want to turn that hobby into a passion and a way to make money check out CBT Nuggets you'll find me on there I have courses on there as well so link below to check out my courses and you can pretty much learn whatever you want CCNA + CCMP security hacking it's all there now we're going to have pie hole living inside a docker container and that docker container is going to live on a Linux machine in my case I'll be using a flavor of Linux called Ubuntu now you don't have to use Ubuntu that's the beauty of docker you can run this thing anywhere so whatever pretty much whatever flavor of Linux you have it'll work great and I'm gonna do mine actually in the cloud my actual machine will be in the cloud you can run yours in the cloud if you want you can run this on a virtual machine in your own home on your computer wherever and of course you can run piehole on a raspberry of high but we're doing docker because I think that's more fun so let's do this so I'm gonna pick one of my cloud providers and spin up a new virtual machine for myself it's gonna choose the latest flavor of Ubuntu the boo 220 and once I have this thing spun up and ready we'll get started alright my virtual machine is ready I'll grab this public IP address and launch my favorite SSH program Solar putty I highly encourage you to download this program link below it's free totally free and it helps out this channel just a little bit so go do it all right so I'm gonna SSH into this machine I have here now there's one thing we're gonna do real quick and it's kind of an annoying thing that the later versions of Ubuntu do they run their own DNS server on the machine which is normally fine but because we're installing piehole to run as our DNS server it's gonna have a bit of a conflict so we're gonna have to disable that DNS server like function on Ubuntu and don't worry it's just two commands let's do it real quick the first command will stop the service so I'll use sudo systemctl now this is boon to specific if you're not using a boot - this probably won't be a problem and I'll say stop system D - resolve the service that will stop it and then we will disable it changing the stop to disable and disabling now we have a new problem though if I try to ping google.com it doesn't work because we disabled the DNS service easy fix though check this out I'm gonna quickly edit the resolver file here and boom - I'll do my favorite editor so sudo nano which is the editor here and then I'll edit the etc resolve without the e.com and I'll get on down here where it says name server UC name server is looking at itself and we're gonna change this to something whatever it could be your open DNS server I'm just gonna say Google for now do control X yes get out of there so now when I ping Google it works like a charm cool clear that out now that we have the DNS thing figured out we need to install docker if you don't already have it installed luckily it's pretty easy so we'll do a quick apt update to update our repositories again that was apt update and that's not upgrading that's just updating our list of what can be upgraded now we can install docker so I'll do sudo apt install and the package is docker dot IO do I want to install yes and here we go okay docker installed now time to set up a container now if you watched my docker video where I talked about what docker is we even play with it it was oh so fun you'll know that when we start with create a docker container we use the docker container run command here we are going to do that but we're going to use a bash script that I have prepared to make this a bit easier because there are a lot of parameters and things like you'll see watch this I'll go out to my github right here and let me zoom in a bit cuz it's tiny oh by the way the majority of the script and pretty pretty much all of it actually I got from the PI whole people so they are amazing and check it out it's just a bash script that's running the same commands we would normally run on the command line the only difference being is that if you go down the route here when we're specifying what docker container we're going to use I have one that I created now again I stole this from the PI whole people I grabbed their container and then I modified a few things mainly to do what I mentioned in the beginning of this video to include alexa and our fund but again this container is living out in the docker world here it is in docker hub i just uploaded it in seven people have already used it that's weird and i haven't talked about it yet so that script will be creating this docker container using this docker image that i created earlier so what we're gonna do with this well we're gonna copy it let's take all this script right here copy and then getting back into my Linux machine I will create a new file sudo nano and I'll name this piehole dot Sh I'll jump in there and now I'm editing this file I'll just paste my stuff in there ctrl X & Y to get out of there so if I list the contents of my stuff right here I've got PI holy Sh now let's try to launch the script I'll do dot /pi a whole sh this is one of the ways we can execute bash scripts watch what happens ah permission denied why is it because I didn't use sudo let's try that ah command not found why well because the file isn't executable it has to have that attribute to be able to be executed we can change that right now let's do it so we'll do sudo we'll use a command chmod or change modification and then we'll use u + X in the file name pi hold Sh we're changing the attributes of this file to be executable ok whew buckle your seat belts time to create docker container running piehole and flask and all kinds of stuff so I'll do sudo dot forward slash to run our script and then it'll be PI whole Sh you ready there we go whoa look at that go pulling down my my image because it didn't already have it sorry is quite large and now it's starting up my container and what the script is doing is it'll make sure the PI whole container starts up beautifully and then I'll provide you a quick password you can use to log in and we are done then here's the password it gave us we can actually change that cuz I'm never gonna remember that and I'll show you that here in a moment let's make sure it's running so I'll do sudo docker PS to see our running containers there he is he's been up for 56 seconds he's healthy and look at all our ports mapped now at this point PI holds up is ready let's go check it out let's grab my password here fire up my web browser and I'll navigate to the IP address now when you go straight there I'll take you to this page if you want to go to the admin panel they'll do forward slash admin to get you there piehole whoa we're here now this page will show you some pretty stuff but you want to log in and actually see some stuff don't you so let's log in click on login on the left here type in that new password and log in we are in not now okay now just like that piehole is running in a docker container it's beautiful it works and if you point your dns at it you better believe it's gonna work now let's change two things real quick first let's set our password let's change it from that crazy password and then we'll change the upstream DNS so pie-holes gonna look to another DNS server to resolve its queries right now I don't know what it's looking at but we can change that to Open DNS because you know we already have Open DNS configured from the last video right did you not do that go back and do that so let's go check into a password real quick we'll get back into our Linux machine here let me clear my page here and we're gonna jump into our docker container we're gonna jump inside like the matrix or Inception yes both both of those apply comment below which is your favorite movie matrix or Inception ayats that's hard that's a tie for me I love those movies anyways onto the command sudo sudo docker exec I'll do the switch - I - T or just do - i T specify my container name which is piehole if you use my script it yours will be piehole as well and then I want to jump into the bash shell I'm in you'll know you're in when you see the Machine change before I was in localhost now I'm in every W up there which is my container ID to change our password we'll enter the command PI hold - a - P easy enough right and to your new password in once more that was it pretty easy right now let's go change our upstream DNS server we'll go back to our web browser and this is actually crazy easy I'll go to settings on the Left panel here yeah I gotta log back in thankfully I have a new password that I actually know yeah zoom in a bit we'll go to DNS on the top here the tab and we can select our upstream DNS servers here I want to use Open DNS so I'll select both of these here and if you don't like Open DNS you have other options as well or even go down here and enter your own upstream DNS servers and then I'll scroll down all the way to the bottom and click Save and that was it to update it for Open DNS like that was super simple right that's done no I don't like seeing zero here in my dashboard so I'm gonna update my computer to use this real quick I'm gonna point my dns to the IP address of my piehole let's test it out real quick we'll do nslookup let's try Google com it works try facebook.com and it's so cool actually shows and resolves my my DNS server to being at Leno to my cloud service provider right now and if I go to yeah what happened ah look at that all these queries not my computer sending to pie hole so we know what's working that's great oh I get excited about this kind of stuff don't you ah look it's already blocking stuff man that's amazing pie hole is it's pretty cool like it's made stuff fast for me now time for the really really fun stuff let's get Alexa involved let's have her automate our blocking or we're really whatever you want to do but I want to show you blocking specifically so here in pie hole we have a white list and a black list our black list of course is sites we want to disallow block you can do it manually here that's fine Netflix calm at it as a regex that and it will block everything but that's boring we want to do it automatically with a bit of automation let's try it out I'm gonna hop back into my docker container sudo docker exact IT piehole bash 10 times Tabasco I'm gonna jump into my home directory real quick by doing CD or a change directory go home and if I do LS to list what's in here I have one folder a network you all have the same thing it's gonna be identical because I created this docker container and it's just the way I want it to be it's so cool I'll jump into network so CD network and I'll list what's in there now here's the secret sauce this guy right here in the middle network dot pi that's a Python script we're going to run that script that's a magic that's gonna make everything happen and then we have to bash scripts one script to block the domains we want to block and then one to unblock them and we want to actually watch TV again let me show you those real quick because it might be something you want to change if I jump into a beam nano block domains Sh all it is is a command piehole - - regex and then e domains I'm wanting to block in case you don't know what regex is this is just a bunch of gobbledygook that makes sure that everything that has to do with Hulu comm is blocked same for Netflix Disney Plus and blah - blah blah yadda yadda yadda and you can just copy this format and substitute this middle term for whatever domain you wanna block Amazon whatever and then looking at the other script on block domains it's doing the exact opposite it's nearly the exact same command but we have - B - D the - DS for delete and the B actually means block so it's block but then delete these from your blacklist what do you say we test it out real quick let's test it so I'm going to do sudo python 3 and then the file we have the Python script Network dot PI we're gonna run this sucker and it's running it's good but how do we use it let's see that right now I'm gonna fire up a web browser real quick and notice right now that my blacklist is empty come up a number another window here I'm also going to navigate to the same address but on a different port notice that when I look at my script here it's running on port 8080 so that's what we're gonna do we're gonna go to port 8080 and then forward slash is how we determine what we want to do block or unblock let's might feel weird and unintuitive and why would we even do this I'll show you why first let's put in block and it did it now this might scare you but it's ok it's ok it probably worked let's go look at our terminal here if I scroll up we can see that actually ran that that's the command line output you want to see if I go back and look at my piehole stuff I'll refresh this page boom all that stuff was just blocked amazing let's go unblock it click on this URL you get from block 2 you unblock it should have done it let's refresh it's now taken away look at that automate it but then how do we add that to Alexa well we're gonna use IFTTT tttttt you ever used that before look it up I'm gonna navigate on over to IFTTT t-t-t-t-t-t-t-t-t-t if you don't already have an account get an account this thing is amazing I've been using it for years it stands for if this than that and it does a lot of stuff this is not a video about that service though I'm gonna click explore the top right and then click create my own recipe now you must already have an Alexa or really at this point any anything any voice assistant or any anything that could trigger something so I'll click on if this I'll choose Alexa Alexa and I'll do it off a specific phrase so break everything so when I say break everything it'll do it and then my vet and this is what you need to pay attention to right here this is the secret sauce but that will be something called a webhook search for web it'll come up right here web hook make a web request and we'll do it right here the URL is what we just did so looking back here at my block URL if I change this from unblock to block copy this paste that in there that's what we want to see now I know many of you may be doing this on a native machine meaning it has a private IP address in your home network so it might be one ninety one sixty eight dot whatever IFTTT is gonna have trouble accessing that URL you need to have a public IP address like what you see here now this is not a video on how to port forward on your router but exactly what you have to do so you'll have your public IP address of your home so if you do to Google right now and go what's my IP address that's what you'll put in there you know specify port 8080 but then in your router you need to port forward 8080 to the private IP address of that linux server and once you have that done and it looks like this that's all you need I'll scroll down to the bottom and say create action and finish and that's it you'll create a similar one for unblocking and whatever verbage you want to put in there or whatever trigger you wanna have so if I say Alexa trigger break everything it should work let's refresh it BAM just like that that is pure magic I love that so much so it is blocking right now let's go test it let me go to Disney Plus calm nope any happening maybe Hulu comm nothing and if I go look at piehole and look at my query log I can see Hulu comm was very much indeed blocked I can see why right here regex beautiful oh also Disney Plus down here I love it when I can take what I want to learn and apply it to a real life project and for me that's this was that like PI hold docker containers Open DNS Linux like we hit a bunch of things and if you get to play with this it's a lot and if you were able to set this up that's amazing like you have some skills and if you want to build on those skills and take it bit further and become more of a professional and have a job in a career that's amazing kind of like what I do link below CBT Nuggets comm is how I did it it's who I work for now we have the yeah it's the best training in the world he's gotta tell you the best IT training out there so check that out now if you did have some trouble going through the steps fine like this is some advanced stuff if you want some help we do have a whole group of people that can help you out so check out the link below join my discord server we have over 8,000 people in there who are probably more excited about IT that I am and they're willing to help out and some of you might be wondering is piehole even worth it I think it is like check out my dashboard right now I've been running this in my network for about a week and wow look at all these queries um 26% of all the requests were blocked those are ads that don't even need to be in my network and before they even reach the internet before they even use my internet bandwidth at my ISP level they're blocked so things are being blocked I'm protected it's wicked fast I highly recommend it and when you combine it with a tool like Open DNS which will do more of the content filtering that piehole really doesn't do natively you got a perfect solution well guys that's about it if you like this video well like it and let me know below if you want to see more of stuff like this let me know if you're able to deploy this in your network it's fun I just I had so much fun making this video so I hope you had fun putting this into your network and just watching the video and if you haven't already subscribe if you like what I do here if you want to see more of it hit that button well whew that's all I got go forth and prosper keep learning keep studying they'll block stuff in your network pack I don't care do it all I'll get you guys later [Music]

Info

Channel: NetworkChuck

Views: 407,162

Rating: undefined out of 5

Keywords: ad blocker, pihole docker, docker container, pihole setup, docker pihole, pi-hole docker, pi hole, ad block, pi-hole install, raspberry pi 4, raspberry pi projects, raspberry pi, how to, pi-hole setup guide, pihole setup guide, ad blocking, raspberry pi 3

Id: dH3DdLy574M

Channel Id: undefined

Length: 18min 38sec (1118 seconds)

Published: Sat May 02 2020