stevejenkins · December 31, 2024 13:58 · baraque · Jan 10, 2021
diff --git a/Pi-hole on UC-CK 0.13.6 b/Pi-hole on UC-CK 0.13.6
 # Instructions for installing Pi-hole 4.2 on UniFi CloudKey Gen 1 (UC-CK) running firmware 0.13.6
 # Pi-hole will need to be completely re-installed after every FW update or if CloudKey is reset to defaults.

 # Verify UC-CK is running firmware v0.13.6 (or later) before installing Pi-hole. If not, do:
 ubnt-systool fwupdate https://dl.ubnt.com/unifi/stage/cloudkey/firmware/UCK/UCK.mtk7623.v0.13.6.7ad551e.190225.0939.bin

 # UC-CK firmware v0.13.6 downgrades UniFi Controller to 5.10.17. Upgrade to 5.10.19 with:
 cd /tmp
 wget https://dl.ubnt.com/unifi/5.10.19/unifi_sysvinit_all.deb
 dpkg -i unifi_sysvinit_all.deb

 # All following commands will executed with sudo
 sudo -i

 # Update local package lists
 apt-get update

 # Install dnsmasq
 apt-get install dnsmasq

 # Downgrade to a specific 'libsqlite3-0' so Pi-hole script can install 'sqlite3'
 apt-get install libsqlite3-0=3.8.7.1-1+deb8u4

 # Install back-ported version of 'ifupdown' so Pi-hole script can install 'resolvconf'
 apt-get install ifupdown=0.8.13~bpo8+1

 # See that port 53 already in use by 'systemd-resolved'
 netstat -plnt | grep :53

 #Turn off local 'systemd-resolved'
 sudo systemctl stop systemd-resolved
 sudo systemctl disable systemd-resolved.service

 # Download Pi-hole installation script and run locally
 cd /tmp
 wget -O basic-install.sh https://install.pi-hole.net
 bash basic-install.sh

 # During install, select 'eth0' for adapter, otherwise use all defaults

 # Following install, set Pi-hole admin password
 pihole -a -p

 # Test Pi-hole DNS resolution -- resulting IP address(es) should be valid
 dig @127.0.0.1 ui.com

 # Test Pi-hole blocking -- resulting IP address should be '0.0.0.0'
 dig @127.0.0.1 googleadservices.com

 # Change Pi-hole web admin interface to port 81 (port 80 already used by UC-CK GUI)
 sed -ie 's/= 80/= 81/g' /etc/lighttpd/lighttpd.conf

 #Restart Pi-hole web admin interface
 /etc/init.d/lighttpd restart

 # Show Pi-hole chronometer (CTRL + C to exit)
 pihole -c

 # Go to http://ip.addr.of.cloudkey:81/admin/ to configure additional settings.

 # OPTIONAL: UC-CK also supports these instructions for running unbound so your UC-CK can be an all-around DNS solution:
 # https://docs.pi-hole.net/guides/unbound/
	# Instructions for installing Pi-hole 4.2 on UniFi CloudKey Gen 1 (UC-CK) running firmware 0.13.6
	# Pi-hole will need to be completely re-installed after every FW update or if CloudKey is reset to defaults.

	# Verify UC-CK is running firmware v0.13.6 (or later) before installing Pi-hole. If not, do:
	ubnt-systool fwupdate https://dl.ubnt.com/unifi/stage/cloudkey/firmware/UCK/UCK.mtk7623.v0.13.6.7ad551e.190225.0939.bin

	# UC-CK firmware v0.13.6 downgrades UniFi Controller to 5.10.17. Upgrade to 5.10.19 with:
	cd /tmp
	wget https://dl.ubnt.com/unifi/5.10.19/unifi_sysvinit_all.deb
	dpkg -i unifi_sysvinit_all.deb

	# All following commands will executed with sudo
	sudo -i

	# Update local package lists
	apt-get update

	# Install dnsmasq
	apt-get install dnsmasq

	# Downgrade to a specific 'libsqlite3-0' so Pi-hole script can install 'sqlite3'
	apt-get install libsqlite3-0=3.8.7.1-1+deb8u4

	# Install back-ported version of 'ifupdown' so Pi-hole script can install 'resolvconf'
	apt-get install ifupdown=0.8.13~bpo8+1

	# See that port 53 already in use by 'systemd-resolved'
	netstat -plnt \| grep :53

	#Turn off local 'systemd-resolved'
	sudo systemctl stop systemd-resolved
	sudo systemctl disable systemd-resolved.service

	# Download Pi-hole installation script and run locally
	cd /tmp
	wget -O basic-install.sh https://install.pi-hole.net
	bash basic-install.sh

	# During install, select 'eth0' for adapter, otherwise use all defaults

	# Following install, set Pi-hole admin password
	pihole -a -p

	# Test Pi-hole DNS resolution -- resulting IP address(es) should be valid
	dig @127.0.0.1 ui.com

	# Test Pi-hole blocking -- resulting IP address should be '0.0.0.0'
	dig @127.0.0.1 googleadservices.com

	# Change Pi-hole web admin interface to port 81 (port 80 already used by UC-CK GUI)
	sed -ie 's/= 80/= 81/g' /etc/lighttpd/lighttpd.conf

	#Restart Pi-hole web admin interface
	/etc/init.d/lighttpd restart

	# Show Pi-hole chronometer (CTRL + C to exit)
	pihole -c

	# Go to http://ip.addr.of.cloudkey:81/admin/ to configure additional settings.

	# OPTIONAL: UC-CK also supports these instructions for running unbound so your UC-CK can be an all-around DNS solution:
	# https://docs.pi-hole.net/guides/unbound/