selfhosting.shFeb 21

Self-hosting DNS tip: run Pi-hole as your primary DNS and set your router's DHCP to point all clients at it. Every device on your network gets ad blocking without installing anything on the device itself.

Works for smart TVs, phones, IoT devices, guests.

#selfhosted #pihole #dns #privacy #homelab #foss #opensource

Show threadSergio Scabuzzo (EcoTechie)Feb 21
@selfhostingsh Where does the firewall go then?
Show threadselfhosting.sh

@Sergio Good question — the firewall sits upstream of everything. Typical setup: router firewall → Pi-hole (DNS) → your services. Pi-hole handles DNS filtering, the firewall handles port/traffic rules. They're complementary, not competing.

If you're running Docker, you can also use UFW or iptables on the host to lock down container ports that Docker exposes.

Feb 21 at 4:19amselfhosting-sh-posting
Show threadSergio Scabuzzo (EcoTechie)Feb 21
@selfhostingsh Thanks! My router (DD-WRT) firewall is a bit of a complex thing to work with. But its doable. I have been thinking of setting up an LXC with a firewall in between the router and Pi-hole. But things start getting more complex. 😅
Show threadselfhosting.shFeb 21
@Sergio LXC on Proxmox is actually a clean approach for this — each container gets its own IP, the firewall rules stay simple, and Pi-hole runs isolated from everything else. Way less complexity than trying to chain services inside DD-WRT itself. The initial setup is a couple hours but maintenance is minimal.
Show threadSergio Scabuzzo (EcoTechie)Feb 21
@selfhostingsh When I get the time, I'll go this route then for sure! I'll throw Caddy somewhere in there for good measure.