From b3a43542168dff6be4c1c521f657d7d41117a8a3 Mon Sep 17 00:00:00 2001 From: Justin Ward Date: Sat, 16 Nov 2024 14:22:34 -0500 Subject: [PATCH 1/4] Updated readme with correct instructions for freeing port 53 on Fedora 33+. Signed-off-by: Justin Ward --- README.md | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index db388db2..435d5615 100644 --- a/README.md +++ b/README.md @@ -162,7 +162,7 @@ Here is a rundown of other arguments for your docker-compose / docker run. - Docker's default network mode `bridge` isolates the container from the host's network. This is a more secure setting, but requires setting the Pi-hole DNS option for _Interface listening behavior_ to "Listen on all interfaces, permit all origins". - If you're using a Red Hat based distribution with an SELinux Enforcing policy, add `:z` to line with volumes. -### Installing on Ubuntu or Fedora +## Installing on Ubuntu or Debian Modern releases of Ubuntu (17.10+) and Fedora (33+) include [`systemd-resolved`](http://manpages.ubuntu.com/manpages/bionic/man8/systemd-resolved.service.8.html) which is configured by default to implement a caching DNS stub resolver. This will prevent pi-hole from listening on port 53. The stub resolver should be disabled with: `sudo sed -r -i.orig 's/#?DNSStubListener=yes/DNSStubListener=no/g' /etc/systemd/resolved.conf`. @@ -193,6 +193,24 @@ If you choose to disable the service, you will need to manually set the nameserv Users of older Ubuntu releases (circa 17.04) will need to disable dnsmasq. +## Installing on Fedora +Modern releases of Fedora (33+) include systemd-resolved, which is configured by default to implement a caching DNS stub resolver. This may conflict with Pi-hole's DNS server by preventing it from listening on port 53. To avoid this conflict, you need to disable the DNS stub resolver. +Disable the DNS Stub Resolver + +Run the following commands to free port 53 and allow pihole to run: +1. Ensure the directory /etc/systemd/resolved.conf.d exists. +2. Create a configuration file (/etc/systemd/resolved.conf.d/10-pihole.conf) to override the default settings. +3. Add the DNSStubListener=no directive, which disables the local DNS stub listener. +4. Restart `systemd-resolved` to apply the new configuration. +``` +[ -d /etc/systemd/resolved.conf.d ] || sudo mkdir /etc/systemd/resolved.conf.d +echo '[Resolve]' | sudo tee /etc/systemd/resolved.conf.d/10-pihole.conf +echo 'DNSStubListener=no' | sudo tee -a /etc/systemd/resolved.conf.d/10-pihole.conf +sudo systemctl restart systemd-resolved +``` + +Note that by default in Fedora, /etc/resolv.conf already points to /run/systemd/resolve/resolv.conf, so DNS resolution continues to work even when the stub listener is disabled. + ## Installing on Dokku [@Rikj000](https://github.com/Rikj000/) has produced a guide to assist users [installing Pi-hole on Dokku](https://github.com/Rikj000/Pihole-Dokku-Installation). From 2ead861ff29e398bcac418354a3845b58dd60f09 Mon Sep 17 00:00:00 2001 From: Justin Ward Date: Sat, 16 Nov 2024 14:24:51 -0500 Subject: [PATCH 2/4] fixed inline code Signed-off-by: Justin Ward --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 435d5615..894ad44b 100644 --- a/README.md +++ b/README.md @@ -209,7 +209,7 @@ echo 'DNSStubListener=no' | sudo tee -a /etc/systemd/resolved.conf.d/10-pihole.c sudo systemctl restart systemd-resolved ``` -Note that by default in Fedora, /etc/resolv.conf already points to /run/systemd/resolve/resolv.conf, so DNS resolution continues to work even when the stub listener is disabled. +Note that by default in Fedora, `/etc/resolv.conf` already points to `/run/systemd/resolve/resolv.conf`, so DNS resolution continues to work even when the stub listener is disabled. ## Installing on Dokku From 053edc52e53e355e61553622b12f6041ed85ebc4 Mon Sep 17 00:00:00 2001 From: Justin <89470376+OptimoSupreme@users.noreply.github.com> Date: Sat, 16 Nov 2024 14:51:15 -0500 Subject: [PATCH 3/4] Corrected section subtext. Removed references to Fedora. Signed-off-by: Justin <89470376+OptimoSupreme@users.noreply.github.com> --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 894ad44b..4fa0fc6e 100644 --- a/README.md +++ b/README.md @@ -164,7 +164,7 @@ Here is a rundown of other arguments for your docker-compose / docker run. ## Installing on Ubuntu or Debian -Modern releases of Ubuntu (17.10+) and Fedora (33+) include [`systemd-resolved`](http://manpages.ubuntu.com/manpages/bionic/man8/systemd-resolved.service.8.html) which is configured by default to implement a caching DNS stub resolver. This will prevent pi-hole from listening on port 53. +Modern releases of Ubuntu (17.10+) and Debian (12+) include [`systemd-resolved`](http://manpages.ubuntu.com/manpages/bionic/man8/systemd-resolved.service.8.html) which is configured by default to implement a caching DNS stub resolver. This will prevent pi-hole from listening on port 53. The stub resolver should be disabled with: `sudo sed -r -i.orig 's/#?DNSStubListener=yes/DNSStubListener=no/g' /etc/systemd/resolved.conf`. This will not change the nameserver settings, which point to the stub resolver thus preventing DNS resolution. Change the `/etc/resolv.conf` symlink to point to `/run/systemd/resolve/resolv.conf`, which is automatically updated to follow the system's [`netplan`](https://netplan.io/): From 4654facc31a72c7bcb892f3ad0ae2d94b9712fef Mon Sep 17 00:00:00 2001 From: Justin <89470376+OptimoSupreme@users.noreply.github.com> Date: Sat, 16 Nov 2024 14:57:16 -0500 Subject: [PATCH 4/4] Reemoved uneeded text. Signed-off-by: Justin <89470376+OptimoSupreme@users.noreply.github.com> --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 4fa0fc6e..bee44e15 100644 --- a/README.md +++ b/README.md @@ -195,7 +195,6 @@ Users of older Ubuntu releases (circa 17.04) will need to disable dnsmasq. ## Installing on Fedora Modern releases of Fedora (33+) include systemd-resolved, which is configured by default to implement a caching DNS stub resolver. This may conflict with Pi-hole's DNS server by preventing it from listening on port 53. To avoid this conflict, you need to disable the DNS stub resolver. -Disable the DNS Stub Resolver Run the following commands to free port 53 and allow pihole to run: 1. Ensure the directory /etc/systemd/resolved.conf.d exists.