Install Pi-hole on your Mac in 5 minutes
Adblockers: I assume a majority of my audience uses them, such as Ublock Origin, 1blocker, Ghostery, and so on. The problem is that these require browser extensions, but how will I block ads on my Sony TV or make sure my Hue lights aren't spying on me?
Well, we have an answer: Pi-hole. As the name implies, Pi-hole is a web utility originally designed to run on a Raspberry Pi, although we can run it almost anywhere. I'll cover first on a Mac and then a few other devices, and it's really set up. Like, we are talking about 5 minutes.
Pi-hole blocks pesky advertisements and data harvesting by replacing your domain name server with your own self-hosted option that intercepts DNS requests before passing them to another DNS server. To break that down into plain speak, when you type in "YouTube.com," a domain name server functions like a phone book for every name and returns a number, something I now realize my younger audience probably hasn't ever seen before... I think I have a better analogy: it's like a digital map. Ask it where Jacksonville, Oregon is, and it returns coordinates as a long and lat from a database of all the cities in the world. The same thing happens with a DNS. It contains a list of all the IPs associated with every domain name worldwide.
Pi-hole maintains lists of known hosts for advertisements. If a request asks for a domain on the blocklist, it returns a null or fake address, thus preventing an advertisement or tracking script from loading.
This approach is awesome because it's platform agnostic. It requires manually configuring your devices or home network to use the Pihole instead of a regular DNS.
Pi-hole has a nice, easy-to-use interface that is also easy to adjust so you can whitelist potential sites.
The Tutorial
I have a MacBook 2017, and like all Intel Macs, it'll soon be unable to run modern macOS, even with OpenCore. The MacBook 2017 is an oddball model. I love this machine, but it's pretty underpowered, so there's not really a huge use case for it. It has one thing that makes it exceptionally attractive: a power draw. This guy can only draw 29w max but generally draws more than 10w even with the display on. Plus, its CPU is positively monstrous compared to the CPUs found in Raspberry Pis.
If you don't have an old Mac, I suggest getting a Raspberry Pi Zero 2 W as they're under $25, and the official Raspbery Pi website has an excellent tutorial/
Step 1: We need docker. Grab it from the official site Docker is a utility that lets you run containers and think of micro virtual machines. Download it and install it. Docker has Linux and Windows versions as well and I'll touch on the Linux using two different NAS systems.
Step 2: Run the following command below, also on github gist and embedded at the bottom.
docker run -d --name pihole \
-e TZ=America/Los_Angeles \
-e FTLCONF_webserver_api_password=MakeSureYouChangeThis \
-e FTLCONF_dns_upstreams='1.1.1.1;1.0.0.1' \
-e FTLCONF_dns_listeningMode=all \
-p 80:80 -p 53:53/tcp -p 53:53/udp -p 443:443 \
-v ~/pihole/:/etc/pihole/ \
--dns=127.0.0.1 --dns=1.1.1.1 \
--cap-add=NET_ADMIN \
--restart=unless-stopped \
pihole/pihole:latest
What each Docker setting does:
-d- Runs the container in detached mode (in the background)--name pihole- Names the container "pihole" for easy reference-e TZ=America/Los_Angeles- Sets the timezone. Other examples:America/New_York,Europe/London,Asia/Tokyo,Australia/Sydney. Find your timezone on Wikipedia's TZ database list-e FTLCONF_webserver_api_password=MakeSureYouChangeThis- Sets the admin password for the web interface (change this!)-e FTLCONF_dns_upstreams='1.1.1.1;1.0.0.1'- Sets upstream DNS servers (Cloudflare in this case)-e FTLCONF_dns_listeningMode=all- Allows Pi-hole to listen on all network interfaces-p 80:80 -p 53:53/tcp -p 53:53/udp -p 443:443- Maps ports from host to container (web interface on 80/443, DNS on 53)-v ~/pihole/:/etc/pihole/- Mounts a local directory to store Pi-hole configuration and data--dns=127.0.0.1 --dns=1.1.1.1- Sets DNS servers for the container itself--cap-add=NET_ADMIN- Gives the container network administration capabilities--restart=unless-stopped- Automatically restarts the container unless manually stoppedpihole/pihole:latest- The Docker image to use (Pi-hole's official image)
This will go fast, as this project is very lean.
Step 3: Go to http://127.0.0.1/ and use the password to confirm it's working. We can also see our application in the Docker.
Step 4: On your Mac, change your DNS to 127.0.0.1.
This is done in the system settings, see Apple's documentation as it covers how to, from High Sierra to current.
Step 5: Get your Mac's local IP. Select your network, and then click on details. Click TCP/IP and make a note of your IP address. This is your Mac's IP address. Alternatively you can grab it via the terminal, for most Macs this will be the wifi interface, ipconfig getifaddr en0 however if you have wired internet and wifi, your internet connection could be different. Use ifconfig | grep "inet " | grep -v 127.0.0.1 and make note of the inet addresses.
You can assign this as your DNS server to any device on your internal network, be it a Roku, Smart appliance, or another computer. However, you can set the DNS server to your Mac's IP address if you have a router. This way, all devices on your network will use the Pi-hole as their DNS server.
From my router, I can configure my DNS to use the PiHole. Just point the DNS setting to the Mac. Now, if you're on DHCP, which almost everyone is, your router likely has a setting to reserve an IP for a device. DHCP leases out IPs so they can change. That means a computer might one day be 192.168.10.105 and, after reconnecting or a router reboot, assigned a different IP, 192.168.10.124. If your DNS is set to the old address, this would be a problem, as you wouldn't have a DNS server until it was manually changed. Reserving an IP prevents a device from ever getting a different IP on the local network.
By pointing your home network at your Mac’s Pi-hole, you’ll enjoy ad-free browsing on any device. Go ahead—reserve that Mac’s IP in your router, and reclaim your bandwidth today.
You don't need a Mac
Pi-hole can be run almost anywhere due to it's lightweight nature, and being designed for a Raspberry Pi. This means you can set it up on any Linux machine, Windows, NAS or even in a virtual machine on your existing hardware.
For example, if you have a Synology or Ugreen NAS, you can run Pi-hole in Docker. The process is similar to the Mac setup, but you'll need to use the Synology Docker interface to create and manage your containers.
Instead of using the docker command, you'll want to create a container using a docker-compose file. This is a YAML file that defines the services, networks, and volumes for your application. Here's an example of a docker-compose file for Pi-hole:
version: '3.8'
services:
pihole:
container_name: pihole
image: pihole/pihole:latest
ports:
# DNS Ports (using alternative ports to avoid conflicts)
- "1053:53/tcp"
- "1053:53/udp"
# HTTP Port (using alternative port to avoid DSM conflict)
- "8080:80/tcp"
# HTTPS Port (using alternative port to avoid DSM conflict)
- "8443:443/tcp"
environment:
# Timezone
TZ: 'America/Los_Angeles'
# Web interface password from your original command
FTLCONF_webserver_api_password: 'MakeSureYouChangeThis'
# DNS upstreams (DNS servers you'd like to use)
FTLCONF_dns_upstreams: '1.1.1.1;1.0.0.1'
# DNS listening mode
FTLCONF_dns_listeningMode: 'all'
volumes:
# Volume mapping - using full NAS path
- '/volume1/docker/pihole:/etc/pihole'
dns:
# DNS settings from your original command
- 127.0.0.1
- 1.1.1.1
cap_add:
# Capabilities for network administration
- NET_ADMIN
restart: unless-stopped
This is a basic example, and you may need to adjust the configuration based on your specific setup and requirements. Once you have your docker-compose file ready, you can use the Docker interface on your NAS to deploy the Pi-hole container. As a pro-tip, AI is excellent for interpreting and diagnosing issues, bew it Claude, ChatGPT, or Gemini.