stevejenkins/Pi-hole on UC-CK 0.13.6

## Pi-hole on UC-CK 0.13.6
# Instructions for installing Pi-hole 4.2 on UniFi CloudKey Gen 1 (UC-CK) running firmware 0.13.6
# Pi-hole will need to be completely re-installed after every FW update or if CloudKey is reset to defaults.

# Verify UC-CK is running firmware v0.13.6 (or later) before installing Pi-hole. If not, do:
ubnt-systool fwupdate https://dl.ubnt.com/unifi/stage/cloudkey/firmware/UCK/UCK.mtk7623.v0.13.6.7ad551e.190225.0939.bin

# UC-CK firmware v0.13.6 downgrades UniFi Controller to 5.10.17. Upgrade to 5.10.19 with:
cd /tmp
wget https://dl.ubnt.com/unifi/5.10.19/unifi_sysvinit_all.deb
dpkg -i unifi_sysvinit_all.deb

# All following commands will executed with sudo
sudo -i

# Update local package lists
apt-get update

# Install dnsmasq
apt-get install dnsmasq

# Downgrade to a specific 'libsqlite3-0' so Pi-hole script can install 'sqlite3'
apt-get install libsqlite3-0=3.8.7.1-1+deb8u4

# Install back-ported version of 'ifupdown' so Pi-hole script can install 'resolvconf'
apt-get install ifupdown=0.8.13~bpo8+1

# See that port 53 already in use by 'systemd-resolved'
netstat -plnt | grep :53

#Turn off local 'systemd-resolved'
sudo systemctl stop systemd-resolved
sudo systemctl disable systemd-resolved.service

# Download Pi-hole installation script and run locally
cd /tmp
wget -O basic-install.sh https://install.pi-hole.net
bash basic-install.sh

# During install, select 'eth0' for adapter, otherwise use all defaults

# Following install, set Pi-hole admin password
pihole -a -p

# Test Pi-hole DNS resolution -- resulting IP address(es) should be valid
dig @127.0.0.1 ui.com

# Test Pi-hole blocking -- resulting IP address should be '0.0.0.0'
dig @127.0.0.1 googleadservices.com

# Change Pi-hole web admin interface to port 81 (port 80 already used by UC-CK GUI)
sed -ie 's/= 80/= 81/g' /etc/lighttpd/lighttpd.conf

#Restart Pi-hole web admin interface
/etc/init.d/lighttpd restart

# Show Pi-hole chronometer (CTRL + C to exit)
pihole -c

# Go to http://ip.addr.of.cloudkey:81/admin/ to configure additional settings.

# OPTIONAL: UC-CK also supports these instructions for running unbound so your UC-CK can be an all-around DNS solution:
# https://docs.pi-hole.net/guides/unbound/
	# Instructions for installing Pi-hole 4.2 on UniFi CloudKey Gen 1 (UC-CK) running firmware 0.13.6
	# Pi-hole will need to be completely re-installed after every FW update or if CloudKey is reset to defaults.

	# Verify UC-CK is running firmware v0.13.6 (or later) before installing Pi-hole. If not, do:
	ubnt-systool fwupdate https://dl.ubnt.com/unifi/stage/cloudkey/firmware/UCK/UCK.mtk7623.v0.13.6.7ad551e.190225.0939.bin

	# UC-CK firmware v0.13.6 downgrades UniFi Controller to 5.10.17. Upgrade to 5.10.19 with:
	cd /tmp
	wget https://dl.ubnt.com/unifi/5.10.19/unifi_sysvinit_all.deb
	dpkg -i unifi_sysvinit_all.deb

	# All following commands will executed with sudo
	sudo -i

	# Update local package lists
	apt-get update

	# Install dnsmasq
	apt-get install dnsmasq

	# Downgrade to a specific 'libsqlite3-0' so Pi-hole script can install 'sqlite3'
	apt-get install libsqlite3-0=3.8.7.1-1+deb8u4

	# Install back-ported version of 'ifupdown' so Pi-hole script can install 'resolvconf'
	apt-get install ifupdown=0.8.13~bpo8+1

	# See that port 53 already in use by 'systemd-resolved'
	netstat -plnt \| grep :53

	#Turn off local 'systemd-resolved'
	sudo systemctl stop systemd-resolved
	sudo systemctl disable systemd-resolved.service

	# Download Pi-hole installation script and run locally
	cd /tmp
	wget -O basic-install.sh https://install.pi-hole.net
	bash basic-install.sh

	# During install, select 'eth0' for adapter, otherwise use all defaults

	# Following install, set Pi-hole admin password
	pihole -a -p

	# Test Pi-hole DNS resolution -- resulting IP address(es) should be valid
	dig @127.0.0.1 ui.com

	# Test Pi-hole blocking -- resulting IP address should be '0.0.0.0'
	dig @127.0.0.1 googleadservices.com

	# Change Pi-hole web admin interface to port 81 (port 80 already used by UC-CK GUI)
	sed -ie 's/= 80/= 81/g' /etc/lighttpd/lighttpd.conf

	#Restart Pi-hole web admin interface
	/etc/init.d/lighttpd restart

	# Show Pi-hole chronometer (CTRL + C to exit)
	pihole -c

	# Go to http://ip.addr.of.cloudkey:81/admin/ to configure additional settings.

	# OPTIONAL: UC-CK also supports these instructions for running unbound so your UC-CK can be an all-around DNS solution:
	# https://docs.pi-hole.net/guides/unbound/