OrangePi SBC, Armbian, Pihole – quick and dirty
Preamble (just skip it or click and read it, whatever)
A quick way to get yourself your LAN - well not ad-free but way ad-less.
This blog post will be some weird mix between this existing post [here]fixlater, updates for it and less verbiage.
Just a side note: Browser-based ad blocking is way more efficient rather than filtering using DNS filter lists. The reason for this is that those in-browsing scripts can adjust the appearance of a website directly while DNS based blocking simply does not allow content from specific domains to be loaded. Depending on the used browser the result may vary.
So why wasting time and money to set something up like this? Three reasons:
- Especially on mobile devices you cannot simply install ad filtering software without enhanced access to your device (like “rooting”). Yes, there are apps like Block This! but maybe you need your VPN capabilities elsewhere
- Other apps do not depend on browsers and sideload their ads other way, like the YouTube app on Android or any ad-funded app. If you cannot attack the enemy from within you have to surround him.
- You have lots of devices and/or share your LAN/WiFi with others and want to serve your legacy of ad-free browsing with just being connected to the network
To be clear: This tutorial is way not bulletproof nor it is dedicated to total newbies and there will probably be tons of room for improvements. Some basic knowledge about Linux, especially Debian and networking is highly recommended. Though if you have questions do not hesitate to get in touch with me on Twitter I may do a kind of bulletproof tutorial from scratch if someone sponsors me a new OrangePi One SBC or any other more expensive board :-P. I decided to continue this in English as you may have noticed. Simply to get more reach.
Gather stuff
This is the hardware you need:
- An Orange Pi One
Originally I planned this for the OrangePi Zero, however I decided to go for the OrangePi One instead for a couple of reasons. Like newer OPi Zero boards suffering from wrong temperature values, have no barrel plug for powering and coming with crappy WiFi which we will not use anyways. - 5V 2A DC power source
To say if you have a spare wall power plug from your mobile phone this should be fine. No worries about QuickCharge, does not matter. And no, the board will NOT consume 2 amps all the time. I ran my [OrangePi Zero] board for month on the USB connector of my Fritzbox which is capped to 500mA and it even survived the booting process, so no worries here either. However if you plan go to for a desktop installation, connect HDMI or whatever the current draw will increase. - A USB to 4.0×1.7mm DC jack cable
- A microSD card with at least 8GB space. The faster/higher the quality the better.
- A microSD card reading/writing device for your PC
- A common patch cable with RJ45 connectors
- A UART USB-TTL adapter like this (optional, only for troubleshooting)
- A HDMI monitor (optional, only for troubleshooting)
SD card preparation
Get a tool to write sd card images to sd cards like Etcher. The portable version will do it perfectly fine.
Grab the latest Armbian Debian-based image for OrangePi One and write it to the SD card. Etcher is pretty self explaining. Start the tool, insert SD, select it, select the unpacked image and go. Linux users should know how to write an image to a SD card by themselves.
Wiring it up and boot
Insert the SD card. Connect ethernet and power last. Then wait.
The first boot will take a while as the filesystem will expand itself across the whole SD card. Depending on its size this may take a while. So help yourself to a cup of tea. As there is no visible indicator like a flashing LED when the boot process is finished you may connect either your serial connector or HDMI monitor to get console output if you are interested. If not just give the system up to 15 minutes to do the first boot.
Armbian will try to acquire IP addresses from a DHCP server. So for this scenario you need a DHCP server in your local network. This is most likely the case if you have something like cable- or DSL-router.
Go for your DHCPs (to say router) interface and check the connected devices in your LAN to find out which IP has been allocated to your board.
Connect through SSH with the user root and password 1234.
Software preparations
To get a good base to start with I recommend updating the whole system by running apt update && apt upgrade
.
Then we have to give your board static IP addresses. You can skip this, but then be prepared to being blamed for doing so by Pi-Hole installer. Edit your /etc/network/interfaces
file to something like this:
auto eth0
iface eth0 inet static
address 192.168.0.252
netmask 24
gateway 192.168.0.1
dns-nameservers 91.239.100.100
auto eth0
iface eth0 inet6 static
address fd00::142b:bbf1:4321:1234
netmask 64
gateway fe80::1
When done restart networking (or the entire board if you did a kernel update before) and check ifconfig
if everything is set up correctly.
PiHole
The installation of PiHole is pretty simple as their installer script does most of the work for you. Simply run this command:
curl -sSL https://install.pi-hole.net | bash
After a while you should be greeted with the link to your web interface as well as the admin password. The rest like adding more or custom filter lists is up to you.
Use it in your LAN
tl;dr: Tell your DHCP server to distribute the IP of your new local DNS server to your devices.
If you suffer from slow performance on Android devices try disabling RFC5006 announcement.