Adblock and VPN all in one?
Adblock and VPN all in one?
I love PiHole. I've used it in the past and it was powerful! I also use an OpenVPN/Wireguard based VPN.
So is there a service that combines the two features? Lets me import adblock lists and also VPN configurations?
Preferably something that runs in a docker container that I can throw upon portainer and running within minutes!
Thanks!
If you don't get any other answers:
I run OpenWRT on my router (x86 hardware), and have Adguard Home and Wireguard installed on it.
AdGuard has its own webUI, and Wireguard peers can be managed through LuCI in OpenWRT. It also supports OpenVPN as well as other VPN types.
So you could run a VM with OpenWRT and get all that.
Ah, I'm not going there yet. OpenWRT is an eventual goal. But right now I'm stuck with devices that do not support it. I'm ok with alternate solutions.
@damnthefilibuster
For Android I recommend Rethink
It has Wireguard, DNS and Firewall (per app and per IP/Domain)Nice app! I do have an android device sitting around doing nothing. Will use this app if I ever get into it!
you can just set your pihole as the dns server for all your wireguard clients i guess
I run a VPS with its own DNS resolver (to load blocklists), then it tunnels the traffic down a multi-hop VPN and it’s pretty excellent.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:
Fewer Letters More Letters DNS Domain Name Service/System IP Internet Protocol VPN Virtual Private Network VPS Virtual Private Server (opposed to shared hosting)
4 acronyms in this thread; the most compressed thread commented on today has 14 acronyms.
[Thread #816 for this sub, first seen 18th Jun 2024, 20:45] [FAQ] [Full list] [Contact] [Source code]
This runs a combination of both. Been using this for years and works like magic
Check out WireHole or openvpn-pihole
Thanks!
Maybe not a docker solution, but you could throw pfSense into a VM and do all that from there
I use it (as it's intended) as my firewall, but I used to use these as general purpose network security VMs in the past (just because I know the product well)
So for you: no firewall rules, just setup DNS with pfBlocker (for the advert blocking) and setup the VPN as required...
Just an idea...
There are "public" pihole servers: use their dns, or the many other ad-blocking servers out there as the dns for your VPN.
Tbh, I've stopped the selfhosted vpn route and use tailscale (which can be selfhosted/has a docker image). It doesn't get simpler.
huh. Never thought about public pihole servers. So nice of those folks running them.
I don't understand how you're saying you've stopped self-hosting VPN and are still using tailscale. Are you using their SaaS service? Does that allow you to set your own DNS? Do they have speed limits? Are they zero-logs?
Tailscale uses wireshark, which is peer-to-peer. Their "free" plan allows you to set up a network using their "coordination" server, which simplifies administration of your tailnet.
You control dns, exit nodes, etc, so tailscale isn't involved with the vpn itself, hence no speed limits.
You ultimately determine what tailscale collects as far as client logging.
If you block client logging, Tailscale may not be able to provide technical support.
I imagine the docker image serves to eliminate tailscale from the equation.
ETA: there are quite a few ad-blocking dns servers.
I currently use nextdns.io
I know some VPN providers have their own DNS service that you can use similar to other filtered public DNS. If you mean an in house DNS/VPN gateway then what you want is probably best served by something like a firewall distro (opnsense/pfsense) to handle both of them.
You might look at gluetun. It lets you configure various VPN services from a docker container. The interesting part is that you can point other docker containers to utilize gluetun for networking. Essentially piping them through the configured VPN.
Not self hosted, but I've been using tailscale with nextdns and it has been very reliable. I got tired of worrying about availability of hosting my own