Pi-Hole Config for pi-hole in Docker container

pihole_config.sh

#!/bin/bash
#
# After you start your Pi-Hole in a Docker container according
# to this: https://github.com/diginc/docker-pi-hole
#
# NOTE: On the Mac, I had to add "-h $(scutil --get LocalHostName)" to 
# the "docker run" command. Otherwise, the Mac hostname was being reset
# to the random hostname generated for the container.
#
# Run this to replicate Will's setup here:
# https://hobo.house/2018/02/27/block-advertising-with-pi-hole-and-raspberry-pi/
#
# Once this is running, you can visit http://localhost/admin and set the DNS
# settings to CloudFlare's 1.1.1.1 servers.
#

docker exec -i pihole pihole -a -p < /dev/null

ADD=$(docker exec -i pihole grep 'USER ADDED' /etc/pihole/adlists.list)
if [ -z "$ADD" ]; then
docker exec -i pihole tee -a /etc/pihole/adlists.list >/dev/null << EOF

# USER ADDED: Additional block lists
https://hosts-file.net/exp.txt
https://hosts-file.net/emd.txt
https://hosts-file.net/psh.txt
https://v.firebog.net/hosts/Airelle-hrsk.txt
https://v.firebog.net/hosts/Shalla-mal.txt
https://ransomwaretracker.abuse.ch/downloads/RW_DOMBL.txt
https://ransomwaretracker.abuse.ch/downloads/LY_C2_DOMBL.txt
https://ransomwaretracker.abuse.ch/downloads/CW_C2_DOMBL.txt
https://ransomwaretracker.abuse.ch/downloads/TC_C2_DOMBL.txt
https://ransomwaretracker.abuse.ch/downloads/TL_C2_DOMBL.txt
http://www.networksec.org/grabbho/block.txt
https://isc.sans.edu/feeds/suspiciousdomains_Medium.txt
http://someonewhocares.org/hosts/hosts
https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt
http://www.joewein.net/dl/bl/dom-bl.txt
https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/win10/spy.txt
https://v.firebog.net/hosts/static/SamsungSmart.txt
https://gist.githubusercontent.com/anudeepND/adac7982307fec6ee23605e281a57f1a/raw/5b8582b906a9497624c3f3187a49ebc23a9cf2fb/Test.txt
https://raw.githubusercontent.com/StevenBlack/hosts/master/data/KADhosts/hosts
https://reddestdream.github.io/Projects/MinimalHosts/etc/MinimalHostsBlocker/minimalhosts
https://raw.githubusercontent.com/StevenBlack/hosts/master/data/add.Spam/hosts
https://v.firebog.net/hosts/static/w3kbl.txt
EOF
fi
docker exec -it pihole pihole -g

docker exec -i pihole pihole -w youtu.be opensubtitles.org www.opensubtitles.org t.co
docker exec -i pihole pihole -w pubsub.plex.tv plugins.plex.tv chapterdb.plex.tv cloudfront.net \
plex.direct csi.gstatic.com dl.opensubtitles.org speedvideo.net ton.twimg.com \
twimg.com chapterdb.plex.tv tinyurl.com bit.ly ton.twimg.com dropbox.com \
pubsub.plex.bz fonts.gstatic.com assets.adobedtm.com www.googletagmanager.com \
links.services.disqus.com ump.plex.tv meta.plex.tv goo.gl

docker exec -i pihole pihole -b dxp.baidu.com hmma.baidu.com pasta.esfile.duapps.com \
neweegg.net config.a-mo.net nrc.tapas.net xpu.samsungelectronics.com \
upu.samsungelectronics.com dns.msftncsi.com bn2wns1b.wns.windows.com \
a-0001.a-msedge.net msnbot-65-52-108-90.search.msn.com a-0011.a-msedge.net \
bn2ap002.device.ra.live.com a.ads1.msn.com a.ads2.msn.com ad.doubleclick.net \
adnexus.net adnxs.com ads.msn.com ads1.msads.net ads1.msn.com \
az361816.vo.msecnd.net az512334.vo.msecnd.net ca.telemetry.microsoft.com \
cache.datamart.windows.com choice.microsoft.com corp.sts.microsoft.com \
choice.microsoft.com.nsatc.net choice.microsoft.com.nstac.net \
choice.microsoft.com.nstac.net compatexchange.cloudapp.net corp.sts.microsoft.com \
corpext.msitadfs.glbdns2.microsoft.com cs1.wpc.v0cdn.net \
db3wns2011111.wns.windows.com df.telemetry.microsoft.com \
diagnostics.support.microsoft.com fe2.update.microsoft.com.akadns.net \
fe3.delivery.dsp.mp.microsoft.com.nsatc.net feedback.microsoft-hohm.com \
feedback.search.microsoft.com feedback.windows.com i1.services.social.microsoft.com \
i1.services.social.microsoft.com.nsatc.net msnbot-207-46-194-33.search.msn.com \
oca.telemetry.microsoft.com oca.telemetry.microsoft.com.nsatc.net \
pre.footprintpredict.com preview.msn.com rad.msn.com \
redir.metaservices.microsoft.com reports.wes.df.telemetry.microsoft.com \
settings-sandbox.data.microsoft.com settings-win.data.microsoft.com \
settings.data.microsof.com sls.update.microsoft.com.akadns.net spynet2.microsoft.com \
spynetalt.microsoft.com sqm.df.telemetry.microsoft.com sqm.telemetry.microsoft.com \
sqm.telemetry.microsoft.com.nsatc.net ssw.live.com statsfe1.ws.microsoft.com \
statsfe2.update.microsoft.com.akadns.net statsfe2.ws.microsoft.com \
survey.watson.microsoft.com telecommand.telemetry.microsoft.com \
telecommand.telemetry.microsoft.com.nsatc.net telemetry.appex.bing.net \
telemetry.microsoft.com telemetry.urs.microsoft.com view.atdmt.com \
v10.vortex-win.data.microsoft.com vortex-sandbox.data.microsoft.com \
vortex-win.data.microsoft.com vortex.data.microsoft.com watson.live.com \
watson.microsoft.com watson.ppe.telemetry.microsoft.com \
watson.telemetry.microsoft.com watson.telemetry.microsoft.com.nsatc.net \
wes.df.telemetry.microsoft.com win10.ipv6.microsoft.com adservice.google.com \
ads.aws.viber.com stats.appsflyer.com adservice.google.ie referrer.disqus.com \
browser.pipe.aria.microsoft.com tracking.campaign-tracking-service.placelocal.com \
primoitaliablob.blob.core.windows.net srv.dc-1.net \
wdcpeurope.microsoft.akadns.net wdcp.microsoft.akadns.net

docker exec -i pihole -wild bidr.io 88-f.net mythings.com

docker exec -i pihole pihole -g

cat <<EOF

NOW set the DNS to 1.1.1.1:

IPv4 DNS #1 -> 1.1.1.1
IPv4 DNS #2 -> 1.0.0.1
IPv6 DNS #1 -> 2606:4700:4700::1111
IPv6 DNS #2 -> 2606:4700:4007::1001
EOF

Hey @ksylvan I also added this recently:

pihole -wild bidr.io 88-f.net mythings.com 

@sadsfae Thanks. Made that change.

@ksylvan looks like the pihole -wild commands don't work quite right containerized.

rpc error: code = 2 desc = oci runtime error: exec failed: container_linux.go:247: starting container process caused "exec: \"-wild\": executable file not found in $PATH"
rpc error: code = 2 desc = oci runtime error: exec failed: container_linux.go:247: starting container process caused "exec: \"-wild\": executable file not found in $PATH"
rpc error: code = 2 desc = oci runtime error: exec failed: container_linux.go:247: starting container process caused "exec: \"-wild\": executable file not found in $PATH"

Running this manually it seems to break pi-hole as well, my guess is because of the way it's writing out to /etc/dnsmasq.d/03-pihole-wildcard.conf

root@2212eaa2d5ff:/# pihole -wild badterribledomain.com
  [i] Adding badterribledomain.com to wildcard blacklist...

  [i] Using cached Event Horizon list...
  [i] 464997 unique domains trapped in the Event Horizon
  [i] Number of blacklisted domains: 93
  [i] Number of wildcard blocked domains: 1

  [✓] Restarting DNS service
  [✗] DNS service is NOT running

@ksylvan here's my updated blocklist as well below, I also made a modified gist that does what your script does pretty much here:

https://gist.github.com/sadsfae/ec07f4b227b91ccd9f13fec2902d67c7

Here's the blocklists

https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts 	
https://mirror1.malwaredomains.com/files/justdomains 	
http://sysctl.org/cameleon/hosts 	
https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist 	
https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt 	
https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt 	
https://hosts-file.net/ad_servers.txt 	
https://hosts-file.net/exp.txt 	
https://hosts-file.net/emd.txt 	
https://hosts-file.net/psh.txt 	
https://v.firebog.net/hosts/Airelle-hrsk.txt 	
https://v.firebog.net/hosts/Shalla-mal.txt 	
https://ransomwaretracker.abuse.ch/downloads/RW_DOMBL.txt 	
https://ransomwaretracker.abuse.ch/downloads/LY_C2_DOMBL.txt 	
https://ransomwaretracker.abuse.ch/downloads/CW_C2_DOMBL.txt 	
https://ransomwaretracker.abuse.ch/downloads/TC_C2_DOMBL.txt 	
https://ransomwaretracker.abuse.ch/downloads/TL_C2_DOMBL.txt 	
http://www.networksec.org/grabbho/block.txt 	
https://isc.sans.edu/feeds/suspiciousdomains_Medium.txt 	
http://someonewhocares.org/hosts/hosts 	
https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt 	
http://www.joewein.net/dl/bl/dom-bl.txt 	
https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/win10/spy.txt 	
https://v.firebog.net/hosts/static/SamsungSmart.txt 	
https://gist.githubusercontent.com/anudeepND/adac7982307fec6ee23605e281a57f1a/raw/5b8582b906a9497624c3f3187a49ebc23a9cf2fb/Test.txt 	
https://raw.githubusercontent.com/StevenBlack/hosts/master/data/KADhosts/hosts 	
https://reddestdream.github.io/Projects/MinimalHosts/etc/MinimalHostsBlocker/minimalhosts 	
https://raw.githubusercontent.com/StevenBlack/hosts/master/data/add.Spam/hosts 	
https://v.firebog.net/hosts/static/w3kbl.txt

Cool. Thanks @sadsfae

So the additional lists for the adlist.list are these: (the first 7 lines are already in the setup by default).

https://hosts-file.net/exp.txt 	
https://hosts-file.net/emd.txt 	
https://hosts-file.net/psh.txt 	
https://v.firebog.net/hosts/Airelle-hrsk.txt 	
https://v.firebog.net/hosts/Shalla-mal.txt 	
https://ransomwaretracker.abuse.ch/downloads/RW_DOMBL.txt 	
https://ransomwaretracker.abuse.ch/downloads/LY_C2_DOMBL.txt 	
https://ransomwaretracker.abuse.ch/downloads/CW_C2_DOMBL.txt 	
https://ransomwaretracker.abuse.ch/downloads/TC_C2_DOMBL.txt 	
https://ransomwaretracker.abuse.ch/downloads/TL_C2_DOMBL.txt 	
http://www.networksec.org/grabbho/block.txt 	
https://isc.sans.edu/feeds/suspiciousdomains_Medium.txt 	
http://someonewhocares.org/hosts/hosts 	
https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt 	
http://www.joewein.net/dl/bl/dom-bl.txt 	
https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/win10/spy.txt 	
https://v.firebog.net/hosts/static/SamsungSmart.txt 	
https://gist.githubusercontent.com/anudeepND/adac7982307fec6ee23605e281a57f1a/raw/5b8582b906a9497624c3f3187a49ebc23a9cf2fb/Test.txt 	
https://raw.githubusercontent.com/StevenBlack/hosts/master/data/KADhosts/hosts 	
https://reddestdream.github.io/Projects/MinimalHosts/etc/MinimalHostsBlocker/minimalhosts 	
https://raw.githubusercontent.com/StevenBlack/hosts/master/data/add.Spam/hosts 	
https://v.firebog.net/hosts/static/w3kbl.txt

And that looks like it's exactly what is added at line 23 of the script.