How to Set Up Pi-hole on a Synology NAS

  • Post author:WunderTech
  • Post published:April 28, 2024
  • Post last modified:May 24, 2024
  • Post category:Synology
  • Reading time:18 mins read

Share what you're reading!

In this tutorial, we are going to look at how to set up Pi-hole on a Synology NAS. Before we get started, I want to be clear that this process changed drastically after DSM 7.2 was released in May of 2023. Now, Container Manager is used as opposed to Docker and the UI is entirely different.

It is incredibly important to note that having redundant DNS servers is very important. Losing DNS resolution has similar consequences to losing internet from your ISP – you might think the internet is down, but you really just lost DNS resolution.

I highly suggest that you purchase a cheap Raspberry Pi and configure Pi-hole on it so that you have two Pi-hole DNS servers. This will ensure that when your NAS is rebooted, your clients do not lose DNS resolution services.

How to Set Up Pi-hole on a Synology NAS

Before we configure the container itself for Pi-hole on a Synology NAS, we need to create a few folders which we’ll mount the container volumes.

1. Configuring the Volume Mappings

1. Install Container Manager from Synology’s Package Center. This will automatically create a docker shared folder on your NAS. This is what we’ll use to configure Pi-hole.

2. There are two folders that we will map our Docker image to that we need to create. Inside of the docker folder, we are going to create a folder named pihole.

Inside that folder, we are going to create two subfolders. Create one folder named pihole and another folder named dnsmasq.d. From a navigational perspective, the paths will look like this:

docker > pihole > pihole
docker > pihole > dnsmasq.d
docker pi-hole folder creation. how to setup pi-hole on a synology nas.

2. Configuring the Macvlan Network Interface

As mentioned above, we’re configuring a macvlan network interface so that our Pi-hole container will have an entirely separate IP address and ports. To be clear, this means our Pi-hole instance will have a completely separate set of ports.

There are port conflicts if you use the host network interface, and this will bypass all of them. You’ll also access Pi-hole on a separate IP address than your NAS has.

1. Ensure you can SSH into your Synology NAS. Open Control Panel, select Terminal & SNMP, and Enable SSH service. If you are using Synology’s Firewall, ensure that you allow port 22 traffic.

synology nas control panel ssh settings

2. SSH into your Synology NAS using your favorite SSH tool. The first thing that we need to do is create a docker macvlan network interface. First, we need to determine what network interfaces currently exist (on your Synology NAS) and note down the adapter name.

To do this, run the command below and note down the network interface name that has your Synology NAS’s IP address (in this example, mine is eth0).

ifconfig
synology nas pi-hole setup - ifconfig settings

3. Next, you need to run the command below while substituting the correct subnet (most are 192.168.1.0/24 by default). You also need to pick an IP address that you’d like to use that’s not currently in use. I will be using 192.168.1.198.

NOTE: ph_network will be the name of the network (you can substitute this as you’d like). The values in red might have to be altered

sudo docker network create -d macvlan -o parent=eth0 --subnet=192.168.1.0/24 --gateway=192.168.1.1 --ip-range=192.168.1.198/32 ph_network
create macvlan network interface command

Our network is now created. We can then exit our SSH session and disable it in DSM (if you won’t be using it). If you are disabling it and you created a firewall rule for it, you should inactivate the firewall rule as well.

3. Creating the Docker Compose File for Pi-Hole

Thanks to DSM 7.2 and the addition of Docker Compose, the steps below to install Pi-hole on a Synology NAS will be significantly easier than they were in prior versions.

1. Open Container Manager, select Project, then Create.

selecting project in container manager

2. Enter pihole as the Project Name, then select the pihole folder and select Create docker-compose.yml.

creating a new project in container manager.

3. There are a few changes you might have to make to the docker-compose file before creating it. I have highlighted in red what might need to be updated, but in general, you’ll potentially change the volume number, timezone, and most importantly, password.

  • WEBPASSWORD: password that you’d like to access the admin portal with.
  • TZ: Current timezone.
version: "3"
# Instructions: https://www.wundertech.net/how-to-setup-pi-hole-on-a-synology-nas-two-methods/
services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "67:67/udp" # Only required if you are using Pi-hole as your DHCP server
      - "80:80/tcp"
    networks:
     - ph_network
     - ph_bridge
    environment:
      TZ: 'America/Chicago'
      WEBPASSWORD: 'password'
      DNSMASQ_LISTENING: local
    # Volumes store your data between container upgrades
    volumes:
      - '/volume1/docker/pihole/pihole:/etc/pihole'
      - '/volume1/docker/pihole/dnsmasq.d:/etc/dnsmasq.d'
    cap_add:
      - NET_ADMIN # Required if you are using Pi-hole as your DHCP server, else not needed
    restart: unless-stopped
networks:
    ph_bridge:
      driver: bridge
      ipam:
        config:
          - subnet: 192.168.10.0/24
            gateway: 192.168.10.1
            ip_range: 192.168.10.2/32
    ph_network:
      name: ph_network
      external: true

4. Add the Docker Compose file above with your changes to the editor, and select Next.

pi-hole on a synology nas setup example

5. Select Next until you can view the summary, then select Done to create the container.

creating the container.

6. The container is now created and Pi-hole is running!

confirming pi-hole is running.

4. Configuring the Pi-hole Application

Pi-hole is now installed and can be accessed by following the IP address of your macvlan network interface and signing in with the password specified above!

http://[ph_network_IP_ADDRESS]/admin
Synology NAS Pi-hole Setup - pi-hole webpage

From here, you can configure Local DNS Records, and add or change various blocklists! Pi-hole is now functional, but there are still DNS changes that must be made.

5. Updating DNS for using Pi-hole on a Synology NAS

Now that the Pi-hole setup is complete, we need to determine a way to point our clients to our DNS server. There are two main ways to do this:

  • Point your router’s DNS server to your Pi-hole server IP address. This will ensure that any device connected will use Pi-hole as its DNS server.
  • Point each client to your DNS server. This is beneficial if you only want certain clients to use Pi-hole as a DNS server.

I point my router’s DNS servers to my Pi-hole server as I want to ensure every device connects to it. This is different for every router, so you might have to look up where exactly it is on your device.

dns server changes on router

Now, all devices on my local network will automatically use these DNS servers and Pi-hole adblocking will work for all devices!

Using Bridge Network Interface for NAS to Pi-hole Communication

If you are interested in connecting directly from the NAS to the Container for DNS, you MUST use the Bridge network interface created in the Docker Compose file.

networks:
    ph_bridge:
      driver: bridge
      ipam:
        config:
          - subnet: 192.168.10.0/24
            gateway: 192.168.10.1
            ip_range: 192.168.10.2/32
    ph_network:
      name: ph_network
      external: true

The IP address in this tutorial is 192.168.10.2. If you use this IP address from the NAS directly (and only the NAS), you will be able to use Pi-hole as the DNS server.

pi-hole dns example on the Synology NAS.

6. Troubleshooting Steps

In prior versions of DSM and the Pi-hole container, I had DNS issues with the container itself. In situations like this, I found that manually specifying the DNS servers was necessary. Follow the steps below if you’re having issues with the container starting.

1. SSH into your Synology NAS and run these commands, but substitute your volume.

cd /[VOLUME_#]/docker/pihole
sudo vi resolv.conf
synology nas pi-hole setup - create resolv.conf file

If you aren’t sure what volume you’re using, open the Control Panel, select Shared Folder, then look at what’s listed for docker folder and use that number:

checking the docker volume number.

2. In the file that is created, enter the two lines below and save the file. If you aren’t sure how to use the vi editor, you can learn how to use it here.

In summary, from the editor, press i (for insert mode), add the nameservers listed below, then press the ESC key (to exit editing), then type :wq, then enter to write the changes and exit.

NOTE: If you have trouble with this, just create a local file named resolv.conf with the two lines below and upload it to your pihole folder in DSM.

nameserver 127.0.0.1
nameserver 8.8.8.8
synology nas pi-hole setup - nameserver changes for macvlan network interface

After the file is created, you should see it (resolv.conf) in the pihole folder in DSM.

showing the resolv.conf file created

3. Recreate the container using the Docker Compose file below which will utilize this file. I have highlighted in red what might be updated, but in general, you’ll potentially change the volume number, timezone, and most importantly, password.

  • WEBPASSWORD: password that you’d like to access the admin portal with.
  • TZ: Current timezone.
version: "3"
# Instructions: https://www.wundertech.net/how-to-setup-pi-hole-on-a-synology-nas-two-methods/
services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "67:67/udp" # Only required if you are using Pi-hole as your DHCP server
      - "80:80/tcp"
    networks:
     - ph_network
     - ph_bridge
    environment:
      TZ: 'America/Chicago'
      WEBPASSWORD: 'password'
      DNSMASQ_LISTENING: local
    # Volumes store your data between container upgrades
    volumes:
      - '/volume1/docker/pihole/pihole:/etc/pihole'
      - '/volume1/docker/pihole/dnsmasq.d:/etc/dnsmasq.d'
      - '/volume1/docker/pihole/resolv.conf:/etc/resolv.conf'
    cap_add:
      - NET_ADMIN # Required if you are using Pi-hole as your DHCP server, else not needed
    restart: unless-stopped
networks:
    ph_bridge:
      driver: bridge
      ipam:
        config:
          - subnet: 192.168.10.0/24
            gateway: 192.168.10.1
            ip_range: 192.168.10.2/32
    ph_network:
      name: ph_network
      external: true

Conclusion & Final Thoughts: Synology NAS Pi-hole Configuration

The process of setting up Pi-hole on a Synology NAS isn’t too bad and Pi-hole is awesome! I’ve been using it for a while and while I run into the occasional issue where it blocks something I need, finding it and whitelisting it is a fairly easy process.

Once again, I will point out the importance of redundant Pi-hole servers. There are so many benefits to having a second DNS server, and with Raspberry Pi Zero kits being as cheap as $25, it’s worth it for redundancy purposes.