Created
October 22, 2019 14:43
-
-
Save EinPinsel/e8c1a4c06e1764c4e310e77310d3560a to your computer and use it in GitHub Desktop.
PiHole HA Setup
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash -x | |
# README | |
:' | |
Credit to redditor /u/jvinch76 https://www.reddit.com/user/jvinch76 for creating the basis for this modification. | |
I had been thinking of a script like his to keep my primary and secondary pihole raspberry pis in sync, but could not find the motivation to create it. | |
/u/jvinch76 did the heavy lifting and I made changes I hope you find useful. | |
I modified the code to increase the frequency of the sync to every 5 minutes and reduce the file writes by using rsync to compare the files and only transfer changes. | |
Furthermore, gravity will be updated and services restarted only if files are modified and a sync occurs. | |
I am unsure of the performance cost, but it is likely there is a trade-off with rsync being more cpu heavy, but this script reduces the disk write to minimal amounts if no sync is necessary. | |
Why run dual piholes? | |
If you are not, you really, really should be. If the primary pihole is being updated, undergoing maintenance, running a backup, or simply failed you will not have a backup pihole available. | |
This will happen on your network. Your only other option during an outage (usually unexpected) is to configure your DHCP server to forward to a non-pihole, public DNS, thusly defeating why you have pihole installed in the first place. | |
Furthermore, DNS is load balanced by design and the secondary\tertiary DNS always receives 10%-20% of the DNS traffic and if configured with a public DNS IP, your devices will be bypassing the safety of pihole blocking. | |
If you are running a single pihole and have that pihole listed as the only DNS entry in your DHCP setting, all devices on your network will immediately be unable to resolve DNS if that pihole goes offline. | |
I recommend running a PI3 as your primary and a PI3/PI2/ZeroW as your secondary. PI2/ZeroW is more than sufficient as a secondary and emergency failover. | |
What about using my pihole for DHCP? | |
I still prefer to use my router for DHCP, if you need help refer to /u/jvinch76 post https://www.reddit.com/r/pihole/comments/9gw6hx/sync_two_piholes_bash_script/ | |
or other docs about using pihole for DHCP with this script. | |
/u/LandlordTiberius | |
' | |
# INSTALLATION STEPS ON PRIMARY PIHOLE | |
: ' | |
1. Login to pihole | |
2. type "SUDO NANO ~/piholesync.rsync.sh" to create file | |
3. cut and paste all information in this code snippet | |
4. edit PIHOLE2, HAUSER, HAPASS to match your SECONDARY pihole settings | |
5. save and exit | |
6. type "chmod +x ~/piholesync.rsync.sh" to make file executable | |
# CREATE SSH file transfer permissions | |
7. type "ssh-keygen" | |
8. type "ssh-copy-id user@192.168.1.3" <- type the same IP as PIHOLE2, this IP is specific to your network, 192.168.1.3 is an example only | |
9. type "yes" - YOU MUST TYPE "yes", not "y" | |
10. type the password of your secondary pihole | |
# INSTALL CRON Job | |
11. type "crontab -e" | |
12. scroll to the bottom of the editor, and on a new blank line, | |
13. type "*/5 * * * * /bin/bash /root/piholesync.rsync.sh" <- this will run rsync every 5 minutes, edit per your preferences\tolerence, see https://crontab.guru/every-5-minutes for help | |
14. save and exit | |
# DONE | |
' | |
#VARS | |
FILES=(black.list blacklist.txt regex.list whitelist.txt) #list of files you want to sync | |
PIHOLEDIR=/etc/pihole #working dir of pihole | |
PIHOLE2=192.168.1.3 #IP of 2nd PiHole | |
HAUSER=pi #user of second pihole | |
HAPASS=raspberry #password of second pihole | |
#LOOP FOR FILE TRANSFER | |
RESTART=0 # flag determine if service restart is needed | |
for FILE in ${FILES[@]} | |
do | |
RSYNC_COMMAND=$(rsync -ai $PIHOLEDIR/$FILE $HAUSER@$PIHOLE2:$PIHOLEDIR) | |
if [[ -n "${RSYNC_COMMAND}" ]]; then | |
# rsync copied changes | |
RESTART=1 # restart flagged | |
# else | |
# no changes | |
fi | |
done | |
FILE="adlists.list" | |
RSYNC_COMMAND=$(rsync -ai $PIHOLEDIR/$FILE $HAUSER@$PIHOLE2:$PIHOLEDIR) | |
if [[ -n "${RSYNC_COMMAND}" ]]; then | |
# rsync copied changes, update GRAVITY | |
ssh $HAUSER@$PIHOLE2 "echo $HAPASS | sudo -S pihole -g" | |
# else | |
# no changes | |
fi | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello, thank you for this great project.
I have two PI4b and i want to run two Piholes in HA like you showed but i didn't understand very well what shall i do on the secondary Pi and where and how to save the script with the variables. Thank you.