Pi-Hole HA using Gravity SYNC and Tailscale | Proxmox Home Server Series | Proxmox Home Lab
Рет қаралды 5,718
Күн бұрын
@toolbelt 10 ай бұрын
Fantastic video. Thanks for all the Proxmox tutorials. I’ve learned so much from you. I’m eager to try this out.
@vinaduro 10 ай бұрын
You could also use the VPS to run Headscale, if you were so inclined. Great video, as always.
@MRPtech 10 ай бұрын
I do have headscale running on my main proxmox. Not fully deployed, more like a sandbox style. Checking all prons and cons of using Headscale for my home lab. Once that is done - i will definitely get video done on that.
@ayhanersin 10 ай бұрын
Thank you for another great tutorial.
@data01010 8 ай бұрын
🎯 Key Takeaways for quick navigation: 00:00 🛠️ *Setting up Pi-Hole in Proxmox* - Setting up Pi-Hole in Proxmox and a cloud server for syncing. - Using privileged containers in Proxmox for ease of configuration. - Installing TailScale for network communication. 09:38 🔒 *Securing and Configuring Pi-Hole* - Updating and upgrading the system in the Proxmox and cloud servers. - Installing TailScale and configuring SSH access via TailScale. - Installing Pi-Hole with specific settings for network access. 16:14 🔄 *Setting up Gravity Sync* - Configuring DNS settings for Pi-Hole to permit all origins. - Synchronizing DNS settings between the local and cloud Pi-Hole instances using Gravity Sync. 21:11 🔒 *Setting up SSH connection and installing Gravity Sync* - Setting up SSH connection for installation. - Installing Gravity Sync on the main Pi-hole. - Choosing the user for the connection (root or user). 22:09 🌐 *Configuring Gravity Sync with TailScale* - Configuring Gravity Sync with the TailScale private network. - Setting the PyOl Cloud address for Gravity Sync. - Choosing the user for the connection (root or user). 23:18 🔄 *Pushing Settings to Remote Pi-hole* - Using Gravity Sync to push settings to the remote Pi-hole. - Ensuring local DNS records are synchronized. - Achieving synchronization between both Pi-holes. 24:25 🕒 *Automating Gravity Sync* - Automating Gravity Sync using crontab. - Setting up a scheduled task for Gravity Sync. - Ensuring continuous synchronization between Pi-holes. 27:12 🛡️ *Securing SSH Access with UFW* - Securing SSH access using the Uncomplicated Firewall (UFW). - Allowing access through TailScale while blocking public IP access. - Configuring UFW to enhance security. 29:11 🚫 *Restricting Public IP Access* - Restricting access from public IP addresses. - Allowing TailScale connections. - Enhancing server security using UFW. 30:18 🌐 *Configuring TailScale Access Controls* - Configuring TailScale access controls. - Creating ACL tags for different devices. - Allowing specific devices to connect to each other. 32:03 🚀 *Allowing TailScale SSH Access* - Allowing SSH access through TailScale without a password. - Enabling seamless SSH connections within the TailScale network. - Demonstrating secure access to the server. 34:43 📝 *Summary and Home Lab Setup* - Recap of the entire setup process. - Explanation of the benefits of Pi-hole synchronization. - Ensuring that both Pi-holes are in sync and functioning correctly. Made with HARPA AI
@jonassaso 3 ай бұрын
Subscribed and Liked! Very detailed tutorial.
@MRPtech 3 ай бұрын
Thank you!
@freshnews8538 5 ай бұрын
Thanks for the video MRP! Can you make a video with Tailscale, nginx proxy manager for https with domain name for services like Jellyfin, photoprism, or website host on homelab ?
@MRPtech 5 ай бұрын
Hi, Tailscale + nginx + domain access to self-hosted services. You want to access your services from outsite network? I would go via Cloudflare Tunnel setup. Instead of hosting tailscale and nginx to manage your remote access, go via CF Tunnel with access rules setup. For example, if you want to access your jellyfin.domain.com from outside network, CF Tunnel will ask for your email address which will receive pin code. if email address whitelisted, pin code will show up and you can access your services from outside network. Taiscale option is great if you want to RDP or SSH into home server hosted sservices. CF Tunnel allows that but there is a lot of stuff to configure to make that work.
@freshnews8538 5 ай бұрын
Yes and share it with family for Jellyfin! I don’t think Cloudflare tunnel allow for Jellyfin
@MRPtech 5 ай бұрын
i use CF Tunnel to share my Plex with others. So far it's been working fine. I been doing that for over a year and i had Jellyfin going via CF Tunnel for a while. It is agents Cloudflare terms and conditions to use their service for video streaming - how much data you will send via cloudflare. maybe 1 - 2 movies a week / month. I don't think Cloudflare will even check your bandwidth.
@Nayu8790 5 ай бұрын
Thank you so much for this tutorial! Awesome work
@Froggie92 10 ай бұрын
are you sure you needed to make it privileged? you directions for the commands you copied say: 'To bring up Tailscale in an UNPRIVILEGED container, access to the /dev/tun device can be enabled in the config for the LXC...'
@MRPtech 10 ай бұрын
Yes. and later you need to do mode stuff to make that container work property with tailscale.
@EddieArgenals 3 ай бұрын
Just to clarify, are you using the server exclusively for pihole? I wondered if I could install docker and other services in the VPS and run pihole as container
@MRPtech 3 ай бұрын
You can do that 100% You can run PiHole as a docker with no problems. Once thing you need to watch out - setting up PiHole to be DNS destination. There is a chance that when you will try to run PiHole as docker container - container logs will complain that port 53 already in use: discourse.pi-hole.net/t/docker-unable-to-bind-to-port-53/45082/7
@EddieArgenals 3 ай бұрын
@@MRPtech Thanks for the advice! I am a big fan of your work. As a beginner trying to find my bearings, I find your content extremely straightforward and useful.
@MRPtech 3 ай бұрын
Hi, Thank you for your comment / Feedback. I really do appreciate. When i tarted my Home-Lab journey - i spent hours looking only for help and guides to setup/create what i wanted. There are a lot of guides and tutorials that will help me to get to the end goal ... but ... most of them feels like speed-run, get to the end as fast as you can skipping all minor details. "Why you need to select this option" "Why i don't recommend to do this or that" These minor details can cause big problems in a future if you don't fully understand why these options exists. This is what i am aiming - cover as much as i can regardless if my video will be 15, 20, 30,60min in length. If you want my video and you get all setup without looking for additional information somewhere else - that means i done my video guide correctly. I win because you watched my video and You win because you don't need to spend more time trying to fill the gaps of information i maybe missed.
@EddieArgenals 3 ай бұрын
@@MRPtech found a solution for port 53 issue in Jim’s Garage. #run these commands to fix port bind error sudo sed -r -i.orig 's/#?DNSStubListener=yes/DNSStubListener=no/g' /etc/systemd/resolved.conf sudo sh -c 'rm /etc/resolv.conf && ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf' systemctl restart systemd-resolved
@AviDarks 9 ай бұрын
Thanks for the video and the professional explanation. One thing I didn't understand, how do I implement the blocking in the network at home? Need to add a DNS IP address on the router? And there is synchronization, what happens if one of them falls? How the block will be confirmed. In my case I installed PIHOLE on the main PROXMOX, and another one on the raspberry pi, and there is synchronization using Tailscale.
@MRPtech 9 ай бұрын
Inside Tailscale dashboard under DNS option you can add your own DNS server IPs. I have added both in that list. If one fails, tailscale DNS will point all queries to node-2. Inside my house router i have option to add up to 3 DNS servers and that would work great while i am at home, but when i am outside my home network and still want to use my PiHole for DNS i am using Tailscale. As i don't want to swtich Tailscale On and Off every time i leave my house i set that everything in my house and all my devices sends DNS requests via tailscale which then forwards them to PiHole#1 and PiHole#2.
@AviDarks 9 ай бұрын
@@MRPtech thank you for the answer. And what IP address do I put on my router? Or not... I didn't understand that part. I'm talking about my router 192.168.1.1 - what IP address do I put there? of Tailscale?
@AviDarks 9 ай бұрын
@@MRPtech Can you take a picture of your main router? The zone of DNS?
@MRPtech 9 ай бұрын
How to change DNS server IPs inside your home ISP router will change depending on what router you have. I have FritzBox 7530 [ en.avm.de/service/knowledge-base/dok/FRITZ-Box-7530/165_Configuring-different-DNS-servers-in-the-FRITZ-Box/ ]
@AviDarks 9 ай бұрын
@@MRPtech You probably didn't understand me. How to change DNS I know (I use opensenes), I ask which IP address to put the pihole-man, or the address of tailscale
حرف إبداعية للمنزل في 5 دقائق
Рет қаралды 43 МЛН
Craft Computing
Рет қаралды 1,3 МЛН