Sync Pi-hole Dockers with Gravity Sync

If you are running multiple Pi-hole servers in your network, you may find a difficulties updating these servers or keep it in sync (blacklists, adlist, whitelists. Etc). there are several options to keep your Pihole in sync. However, I am going to explain how to achieve it with Gravity-Sync project

Prerequisites

1. Two Pi-hole servers (obviously)
2. SSH Connection between these servers
3. Some Time

Pi-Hole Docker Container.

In case if you don't have a Pi-Hole server, I would recommend to create one at least for your network wide adblocking. below sample docker-compose file can help you to create a simple Pihole instance or follow the official guide

version: '2'

services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    hostname: piserver01
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "8080:80/tcp"
    environment:
      - WEBPASSWORD='Somerandompassword'
      - DNSSEC=true
      - TZ=Asia/Kolkata
    volumes:
      - './pihole:/etc/pihole'
      - './dnsmasq.d:/etc/dnsmasq.d'
    restart: unless-stopped

You can always modify the stack based on your setup.

Configure Gravity Sync

at this point I believe you have two pihole machine, one will act as primary and another will be secondary

On Primary Pi-Hole Machine

login to the primary machine and execute below script command

curl -sSL https://raw.githubusercontent.com/vmstan/gs-install/main/gs-install.sh | bash

the script will automatically check for dependencies and install them. during the process you may need to enter the remote pihole IP address ( secondary) machine ip address and username.

1. IP : Enter IP address of secondary pihole
2. User: Enter user that used to login to the secondary machine
3. Private and Public key location

Note : Copy the publickey from /etc/gravity-sync/gravity-sync.rsa.pub to ~/.ssh/authorized_keys on secondary machine.

Once the script exits, you need to modify the gravity-sync.conf

cd /etc/gravity-sync
sudo nano gravity-sync.conf

# REQUIRED SETTINGS ##########################

REMOTE_HOST='192.168.10.12'
REMOTE_USER='admin'

# CUSTOM VARIABLES ###########################

# Pi-hole Folder/File Customization - Only need to be customized when using containers
LOCAL_PIHOLE_DIRECTORY='/home/admin/pihole/pihole'
REMOTE_PIHOLE_DIRECTORY='/home/remoteuser/pihole/pihole'                        # Remote Pi-hole data directory
LOCAL_DNSMASQ_DIRECTORY='/home/admin/pihole/dnsmasq.d'
REMOTE_DNSMASQ_DIRECTORY='/home/remoteuser/pihole/dnsmasq.d'               # Remote DNSMASQ/FTL data directory
LOCAL_FILE_OWNER='999:999'
REMOTE_FILE_OWNER='999:999'                      # Remote file owner for Pi-hole

# Pi-hole Docker/Podman container name - Docker will pattern match anything set below
LOCAL_DOCKER_CONTAINER='primary-pihole'
# REMOTE_DOCKER_CONTAINER='secondary-pihole'                            # Remote Pi-hole container name

# HIDDEN FIGURES #############################
# See https://github.com/vmstan/gravity-sync/wiki/Hidden-Figures

1. REMOTE_HOST= "Secondary Pihole IP address"
2. REMOTE_USER= "Secondary Pihole user"
3. LOCAL_PIHOLE_DIRECTORY= Primary Pihole installation directory (docker volume)
4. REMOTE_PIHOLE_DIRECTORY= Secondary Pihole installation directory (docker volume)
5. LOCAL_DNSMASQ_DIRECTORY=Primary Pihole dnsmasq directory (docker volume)
6. REMOTE_DNSMASQ_DIRECTORY= Secondary Pihole dnsmasq directory (docker volume)
7. LOCAL_FILE_OWNER= 999:999 root,
8. REMOTE_FILE_OWNER= 999:999 root,

Once you done save the file and exit.

On Secondary Pi-Hole

You need to repeat the same steps that I mentioned above on primary machine. this time instead of secondary ip address, you need to provide primary ip address and user.

Initiate Gravity Sync

Once you configured both servers, log back to primary pihole. and issue below command

gravity-sync compare

This command will check if there is any diffrence between both pihole gravity database.

To Initiate the sync issue below command on primary machine. you can enter gravity-sync or gravity-push this will start sync process

gravity-sync

Verify your both machine and check if everything copied.

You can tweak the schedule based on your requirement, you may need to follow official guide.

Alternatives

As I mentioned there are several alternatives available to sync your Pi-holes, here are some options.

Orbital Sync

Orbital Sync uses the built-in "teleporter" backup function of Pi-hole, to backup your configuration and then restore that backup to any number of Pi-hole. It may be better in some contexts where running Gravity Sync directly on the Pi-hole device isn't really practical. (Synology, Unraid, etc.). Orbital Sync's approach is designed to rely less on the servers running Pi-hole by instead acting on their admin interface just like you would. It can also run from inside it's own Docker container.

• Project: https://github.com/mattwebbio/orbital-sync
• Developer: Matt Webb

Pi-Hole Cloudsync

• Project: https://github.com/stevejenkins/pihole-cloudsync
• Developer: Steve Jenkins

Cloudsync performs many of the same functions as Gravity Sync, the fundamental difference is that Cloudsync uses the cloud (hence the name) to be the authoritative source for multiple Pi-hole instances. Where Gravity Sync is designed to function in a peer model, with both instances either on the same network or accessible through a VPN or other tunnel, Cloudsync pushes changes GitHub to store them and then multiple Pi-hole instances can connect to GitHub and pull them.