Pi-hole proxy VM stopped working

After recent updates(Mostly within 1-2 week), My Pi-hole proxy VM has stopped working for downstream VMs. I am on Qubes 4.1 fully updated and using Debian 10 as base for Pi-hole VM. This same Pi was working correctly until around 1-2 week back (most probably until 6 days back). I have used this guide to create my Pi-hole VM-
https://github.com/92VV3M42d3v8/PiHole/blob/master/PiHole%20Cloudflared
I have enquired a little and there were some recent Networking and firewall related PR merging I think, maybe those may be cause of it.

1 Like

it was for a while at a qubes 4.0 system. There I set up pi-hole with a Mullvad vpn next to this description: How to configure PiHole in QubesOS (ProxyVM) | Patrizio Tufarolo
and I combined it with the tutorial how to set up a mullvad vpn in qubes. So I could get it working. But I don’t know if it is working at 4.1,too. I will try these this days!

I am trying it on debian-11 today or tomorrow and will tell u if I get it working. Last times it was no problem.
I found that description based on a fed-31 template, too and much newer as the other one. Maybe anybody likes to try it that way on a new fed-32/33 standalone vm. Perhaps I will try it ,too. If the old method doesn’t work anymore then certainly :wink:

Of course u should not use that install patch for security reason and I never tested that. Maybe the solution is in the topic and u can do it step by step without using it.

Working for me:
I set up my pihole again, too at a deb-10 standalone vm, like ur guide said in the 2nd method. But I changed the upstreamDNS in the pi webinterface to that one of my VPN, for example mullvad or whatever u use and set the iptables like here: Mullvad on Qubes OS 4 - Guider | Mullvad VPN and my appvm are connected to the vpn and to pihole adblock. If u like to get pi-hole working in the pi-hole standalone vm u need to do a name resolution in /etc/resolv.conf and add the ip of the pi-vm-qube to the top of it and make it persistent sudo chattr +i /etc/resolv.conf .But that is only if u just want to use pi-hole in that vm, which is installed, too and usually the doesn’t make sense, I think.
Have nice weekend :slight_smile:

But I like to use adguard Home in the future ,cause it filter ist much bigger as the pi-hole filter and it blocks youtube adds and such things,too. Do u think it is possible on the same way to set it up as a netvm?

Did you tried it in Qubes 4.1 current testing @rasta?
Cause I wasn’t able to get it working for atleast two month now. My Pi-VM forward to applied DNS but downstream ones don’t use Pi. But I haven’t use Mullvad DNS-Hijack but followed guide as it is.