I know there is a script to install Pi-Hole.
That script is
curl -sSL https://install.pi-hole.net | bash
So would I just create a standalone VM with networking services based on Debian-xfce-12 for this? Or is there something else I would need to do?
I can’t run that script in an actual template, that would make no sense.
unless I cloned the template.
I could clone the template and make debian-12-xfce-pi and then install it in the template
It would be nice to be able to create multiple piholes for different things (like to put in front of a whonix qube and also to put one in front of a different VPN).
Has anyone done this? Unman used to have a way to automatically do it, but it stopped working in 4.2. Does that work again?
I used to run Pi-Hole. I still do on some of our routers. I also ran Ad Guard Home. Don’t really need them anymore though. Most vpn providers provide multiple dns servers, including ad blocking like pihole and adguardhome. You should use a vpn, and you should use the dns servers provided by the vpn. It’s best practice these days, but of course, feel free to use any config you like.
But to answer your question, yes, just create an AppVM, doesn’t have to be standalone, and run the above command. It may work in a qube, not sure if there will be conflicts, certainly easy enough to try. Probably easiest to flag it as “provides networking” then add it to your networking chain of vm’s.
I had pi-hole working in a standalone vm in r4.1, but decided to go with opensnitch instead. It’s easier set up in Qubes and is included in the Debian-12 repos.