For quite some time, I avoided acquiring any Rasbperry Pis. I already have four VPS, and I genuinely wanted to avoid expanding the number of Linux instances I was responsible for. My hesitation was for good reason; less than a month after acquiring my first Pi 3, I found a reason to add a second to our home network.
To be clear, I’ve nothing against the Raspberry Pi; I simply knew that my addictive personality would compel me to find ever-more uses for the devices, compelling their multiplication.
With the deepest appreciation, I blame my colleague Scott for my Pi addiction. At our meetup in February, he demoed his Pi, including what he’d done with Node-RED. I’d already been thinking about improvements I could make to the apartment I share with my husband, and the automation potential of a Raspberry Pi strengthened my interest. When Scott alerted me to Home Assistant a few months later, I knew a Pi was in my future.
As I’ve already written about, we’ve adopted Home Assistant wholeheartedly, and the Pi has facilitated many custom integrations. SmartThings is connected via MQTT. Our August locks are controlled via node. Amazon’s Dash buttons control Samsung’s Smart Home Monitor and various lights, also via two node applications. Thus far, nothing necessitated a second Pi; then Scott informed me of Pi Hole.
Disclaimer: I’ve generally been against ad blockers, preferring to pay for subscriptions to the media outlets I regularly consume. To that end, I currently pay $15 per month to Google Contributor, in addition to subscribing to the Los Angeles Times, Ventura County Star, The Wall Street Journal, New York Times, Washington Post, Fortune, and Wired. Despite my subscriptions, most of these outlets’ sites still present me with ads, including interstitials.
Local, unblockable ad blocking with Pi Hole
Unlike traditional ad blockers, which operate in browsers, Pi Hole does its work at the DNS level. It compiles a number of lists of ad-providers’ domains, then ensures that those domains don’t load. Pi Hole does so by manipulating a local DNS server to block unwanted destinations.
To be most effective, a Pi Hole instance should be set as your router’s authoritative DNS server. Doing so eliminates any device-specific configuration, as all devices connected to the network are covered. Accordingly, with a few modifications to Pi Hole, I configured our network to use the Pi as its DNS. In doing so, I necessitated a second Pi on our network; by using the existing Pi for DNS, it became a single point of failure in our infrastructure, something I couldn’t permit. After all, I’ve put considerable effort into ensuring our network’s durability.
Enter the second Raspberry Pi, which ensures that one device’s downtime doesn’t cripple our network. Both run the same modified
dnsmasq configuration, which consists of these changes:
- include Google’s IPv6 addresses, as we’re connected over both protocols and IPv6 is often faster; and
dnsmasqto query all servers, but only accept the fastest response.
With these additions to
dnsmasq will provide the fastest-possible local DNS.
diff --git a/etc/dnsmasq.d/01-pihole.conf b/etc/dnsmasq.d/01-pihole.conf index 9b14c88..552f002 100644 --- a/etc/dnsmasq.d/01-pihole.conf +++ b/etc/dnsmasq.d/01-pihole.conf @@ -33,6 +33,9 @@ no-resolv # non-public domains. server=18.104.22.168 server=22.214.171.124 +server=2001:4860:4860::8888 +server=2001:4860:4860::8844 +all-servers # If you want dnsmasq to listen for DHCP and DNS requests only on # specified interfaces (and the loopback) give the name of the
I was apprehensive at first, given my aversion to ad-blocking, but after a few weeks, I’m convinced of Pi Hole’s utility. My browser uses far less resources, and sites that were unusable, like LA Weekly, are now places I can visit without immediately dumping the article into Pocket.
Other fun with a second Pi
Beyond DNS redundancy, the second Pi has provided an excellent testing space.
To start, I’ve been experimenting with high-capacity USB flash drives in
RAID1 configuration as a potential storage medium for Apple’s native Time Machine backup functionality.
Having a second Bluetooth Low-Energy device, located roughly in the middle of our apartment, also introduces interesting opportunities, such as replacing our hacked Dash buttons with Flic buttons (they’ve a Linux client already 🎉).
Lastly, given the increasing number of services that leverage MySQL in some way, using the second Pi as a read-only slave may alleviate some of the burden on our primary Pi.