If you are running multiple Pi-hole servers in your network, you may find a difficulties updating these servers or keep it in sync (blacklists, adlist, whitelists. Etc). there are several options to keep your Pihole in sync. However, I am going to explain how to achieve it with Gravity-Sync project
Prerequisites
- Two Pi-hole servers (obviously)
- SSH Connection between these servers
- Some Time
Pi-Hole Docker Container.
In case if you don't have a Pi-Hole server, I would recommend to create one at least for your network wide adblocking. below sample docker-compose
file can help you to create a simple Pihole instance or follow the official guide
version: '2'
services:
pihole:
container_name: pihole
image: pihole/pihole:latest
hostname: piserver01
ports:
- "53:53/tcp"
- "53:53/udp"
- "8080:80/tcp"
environment:
- WEBPASSWORD='Somerandompassword'
- DNSSEC=true
- TZ=Asia/Kolkata
volumes:
- './pihole:/etc/pihole'
- './dnsmasq.d:/etc/dnsmasq.d'
restart: unless-stopped
You can always modify the stack based on your setup.
Configure Gravity Sync
at this point I believe you have two pihole machine, one will act as primary
and another will be secondary
On Primary Pi-Hole Machine
login to the primary
machine and execute below script command
curl -sSL https://raw.githubusercontent.com/vmstan/gs-install/main/gs-install.sh | bash
the script will automatically check for dependencies and install them. during the process you may need to enter the remote pihole IP address ( secondary
) machine ip address and username.
IP
: Enter IP address ofsecondary
piholeUser
: Enter user that used to login to thesecondary
machinePrivate
andPublic
key location
Note : Copy the public
key from /etc/gravity-sync/gravity-sync.rsa.pub
to ~/.ssh/authorized_keys
on secondary
machine.
Once the script exits, you need to modify the gravity-sync.conf
cd /etc/gravity-sync
sudo nano gravity-sync.conf
# REQUIRED SETTINGS ##########################
REMOTE_HOST='192.168.10.12'
REMOTE_USER='admin'
# CUSTOM VARIABLES ###########################
# Pi-hole Folder/File Customization - Only need to be customized when using containers
LOCAL_PIHOLE_DIRECTORY='/home/admin/pihole/pihole'
REMOTE_PIHOLE_DIRECTORY='/home/remoteuser/pihole/pihole' # Remote Pi-hole data directory
LOCAL_DNSMASQ_DIRECTORY='/home/admin/pihole/dnsmasq.d'
REMOTE_DNSMASQ_DIRECTORY='/home/remoteuser/pihole/dnsmasq.d' # Remote DNSMASQ/FTL data directory
LOCAL_FILE_OWNER='999:999'
REMOTE_FILE_OWNER='999:999' # Remote file owner for Pi-hole
# Pi-hole Docker/Podman container name - Docker will pattern match anything set below
LOCAL_DOCKER_CONTAINER='primary-pihole'
# REMOTE_DOCKER_CONTAINER='secondary-pihole' # Remote Pi-hole container name
# HIDDEN FIGURES #############################
# See https://github.com/vmstan/gravity-sync/wiki/Hidden-Figures
REMOTE_HOST
= "Secondary Pihole IP address"REMOTE_USER
= "Secondary Pihole user"LOCAL_PIHOLE_DIRECTORY
=Primary
Pihole installation directory (docker volume)REMOTE_PIHOLE_DIRECTORY
=Secondary
Pihole installation directory (docker volume)LOCAL_DNSMASQ_DIRECTORY
=Primary
Piholednsmasq
directory (docker volume)REMOTE_DNSMASQ_DIRECTORY
=Secondary
Piholednsmasq
directory (docker volume)LOCAL_FILE_OWNER
=999:999
root,REMOTE_FILE_OWNER
=999:999
root,
Once you done save the file and exit.
On Secondary Pi-Hole
You need to repeat the same steps that I mentioned above on primary machine. this time instead of secondary
ip address, you need to provide primary
ip address and user.
Initiate Gravity Sync
Once you configured both servers, log back to primary
pihole. and issue below command
gravity-sync compare
This command will check if there is any diffrence between both pihole
gravity database.
To Initiate the sync
issue below command on primary
machine. you can enter gravity-sync
or gravity-push
this will start sync process
gravity-sync
Verify your both machine and check if everything copied.
You can tweak the schedule based on your requirement, you may need to follow official guide.
Alternatives
As I mentioned there are several alternatives available to sync your Pi-holes, here are some options.
Orbital Sync
Orbital Sync uses the built-in "teleporter" backup function of Pi-hole, to backup your configuration and then restore that backup to any number of Pi-hole. It may be better in some contexts where running Gravity Sync directly on the Pi-hole device isn't really practical. (Synology, Unraid, etc.). Orbital Sync's approach is designed to rely less on the servers running Pi-hole by instead acting on their admin interface just like you would. It can also run from inside it's own Docker container.
- Project: https://github.com/mattwebbio/orbital-sync
- Developer: Matt Webb
Pi-Hole Cloudsync
- Project: https://github.com/stevejenkins/pihole-cloudsync
- Developer: Steve Jenkins
Cloudsync performs many of the same functions as Gravity Sync, the fundamental difference is that Cloudsync uses the cloud (hence the name) to be the authoritative source for multiple Pi-hole instances. Where Gravity Sync is designed to function in a peer model, with both instances either on the same network or accessible through a VPN or other tunnel, Cloudsync pushes changes GitHub to store them and then multiple Pi-hole instances can connect to GitHub and pull them.