Ad-blocking with a cloud-hole

Ad-blocking is an ongoing war of developers and advertisers. For some people, removing all ads is as simple as installing an ad-blocking extension. For mobile users, things get trickier. For consoles and embedded devices, your chances of successfully blocking ads take a sharp dive.

What if you could block all ads on all devices on your entire network by changing a single setting in your router?

Lets take a quick look at the pieces I put together to make this happen:

  • A suitable cloud VM; I happened to have an EC2 t2.micro instance handy
  • Docker/Compose; makes my life easier every day, including for this task
  • Pi-Hole, an awesome DNS-level solution designed to run on the Raspberry Pi
  • A containerised Pi-Hole for Docker by diginc
  • And this blog post by David Anson about running Pi-Hole in the cloud

My EC2 instance was already loaded up with Ubuntu 14.04 and Docker, which you’ll want to do as well. Additionally, we need to make sure that the firewall allows access to our server on ports 80 and 53. In AWS, this meant setting and adding security groups to the t2.micro instance in question.

Next we’ll want to ready a docker-compose file, because the settings required get quite inconvenient if you have to chain them all into one long command. Make a suitable project directory (e.g. /opt/cloud-hole ) and consider the following docker-compose.yml :

We’ll need to make sure we touch conf/pihole.log first or Docker will try to make it for you, and it’ll make a directory instead. Replace the ServerIP environmental variable with the external IP address of your instance, otherwise Pi-Hole won’t be able to replace ads with blank spaces properly.

We can also fill in the VIRTUAL_HOST variable, which will make Pi-Hole available from another domain you might wish to point at your server (for remote administration, for example). When it’s all set up and in use, we’ll be able to access it via http://pi.hole/admin regardless.

Once it’s ready, start it up with docker-compose up -d  and give it a minute. While it’s booting we’ll need to add some crontab entries – open up the crontab editor with crontab -e  and add these two lines:

This will flush your logs every night (otherwise they become quite massive) and update adblock lists every Sunday night.

Finally, in your network router’s configuration, specify the primary DNS server to be your server’s external IP address and the secondary to be as a fallback. If you can get a webpage by loading up http://pi.hole/admin, you’re done! Ads blocked.