Run Pi-hole as a container with Podman on openSUSE
There is arguably no better way to protect devices on your local network from unwanted content than Pi-hole. Add a machine running Pi-hole to your network, and it will quietly scrub all incoming traffic from pesky stuff like ads and trackers in the background. As the name suggests, Pi-hole was initially designed to run on a Raspberry Pi. But if you already have a machine running openSUSE on your network, you can deploy a Pi-hole container on it instead. And to make things a bit more interesting, you can use Podman instead of Docker for that.
Installing Podman on openSUSE 15.2 is a matter of running the sudo zypper install podman
command. A Pi-hole container needs the 80 and 53 ports, so make sure that these ports are available on your machine. Once you’ve done that, pull the Pi-hole image and start a container by running the following command:
sudo podman run -d \ --name=pihole \ -e TZ=Europe/Berlin \ -e WEBPASSWORD=password \ -e SERVERIP=127.0.0.1 \ -v pihole:/etc/pihole \ -v dnsmasq:/etc/dnsmasq.d \ -p 80:80 \ -p 53:53/tcp \ -p 53:53/udp \ --restart=unless-stopped \ pihole/pihole
Replace the example values of the TZ
, WEBPASSWORD
, and SERVERIP
parameters with the correct timezone (see the timezone database), the desired password, and the IP of the host machine.
In most cases, you’d want the container to start automatically when the server starts and when you reboot it. One way to make it happen is to create a systemd service that automatically starts the container on boot. Use the sudo nano /etc/systemd/system/pihole.service
command to create a system unit and open it for editing in the nano text editor. Specify the following configuration:
[Unit] Description=Pi-hole Podman container Wants=syslog.service [Service] Restart=always ExecStart=/usr/bin/podman start -a pihole ExecStop=/usr/bin/podman stop -t 10 pihole [Install] WantedBy=multi-user.target
Save the changes, then enable and start the service:
sudo systemctl enable pihole.service sudo systemctl start pihole.service
Reboot the machine, point the browser to http://127.0.0.1/admin (replace 127.0.0.1 with the IP address of the machine running the Pi-hole container), and you should see Pi-hole’s web interface. You can then log in using the specified password.
Finally, configure the router to use Pi-hole as a DNS server, and you’re done.
Related Articles
Nov 01st, 2022
Enforcing Compliance of Container Environment Variables
May 28th, 2024
No comments yet