AdGuard Home with other services on the same system?

iroc409

[H]ard|Gawd
Joined
Jun 17, 2006
Messages
1,384
I have been using Pi-Hole for a while now, and pretty happy with it. I have no real compelling issue to switch, except one small issue. PiHole, at least the last time I've tried (and what I've read) is that PiHole basically expects to be the only web service running on the host, so if you try other things it's... well it doesn't play nice and it's easier not to have anything else on the machine. I have a second container with a small network appliance (for lack of better terms) that runs a home page and SmokePing for my network monitoring (my needs are not great).

I see AdGuard Home has a native FreeBSD install, which has my interest. I'd like to get away from two separate containers and run all this stuff on one machine. Is this possible with AdGuard Home? I know, I need to try it but haven't spooled up the hardware yet so hoping someone has some experience.
 

Vermillion

Supreme [H]ardness
Joined
Apr 5, 2007
Messages
4,346
You can build a firewall using OPNsense and there's a plugin for Adguard that is well supported. That way you get everything(dhcp/dns) on a single device.

Now some may argue against that, and rightfully so, but doing it this way is also very convenient.

That said I'll be keeping my pihiole and OPNsense in their current config. That way I don't have a single point if failure.
 

iroc409

[H]ard|Gawd
Joined
Jun 17, 2006
Messages
1,384
You can build a firewall using OPNsense and there's a plugin for Adguard that is well supported. That way you get everything(dhcp/dns) on a single device.

Now some may argue against that, and rightfully so, but doing it this way is also very convenient.

That said I'll be keeping my pihiole and OPNsense in their current config. That way I don't have a single point if failure.

That's a good point, I should probably look into that. I guess I've stayed away from the *senses when all that purse swinging was going on and I didn't follow it. It would certainly be easier to use someone else's product, and I'm sure you can install smokeping on it (or maybe it has something built in).

If either of those fail, don't you still basically lose connectivity anyway? If OPNsense supports CARP, you should be able to almost eliminate failure--but I've never personally played with doing that.

I posted on the discussions over there, but I don't think I've had the question answered yet--unless I'm too dumb to notice. I will probably have to just carve out some time and try it out and see what happens. Since switching to a Synology server, I've become kind of lazy with some of this stuff. It can eat an awful lot of time.
 

SamirD

Supreme [H]ardness
Joined
Mar 22, 2015
Messages
5,240
I will probably have to just carve out some time and try it out and see what happens. Since switching to a Synology server, I've become kind of lazy with some of this stuff. It can eat an awful lot of time.
The thing I have almost found is that when I've taken the time to find a solution that fits my needs, and not what some vendor has decided fits my needs, I always come out far ahead in cost and reliability/serviceability. Sure, it takes time to design and implement, but when you're building your own personal 'Rome', it's it worth it? ;)

(Case in point are the 2x Penitum 4 system I cobbled together and put windows steadystate on. It took me 12hrs each to sit down and configure these exactly perfectly for my senior citizen parents--and both systems outlived my parents. It's bittersweet thinking about it, but the systems worked reliably and allowed my parents to do work that they needed to do with a completely minimal amount of assistance from me. And the systems are still alive and well today--I haven't had the heart to move anything from their workspaces--it's just too soon. :cry:)
 

Vermillion

Supreme [H]ardness
Joined
Apr 5, 2007
Messages
4,346
That's a good point, I should probably look into that. I guess I've stayed away from the *senses when all that purse swinging was going on and I didn't follow it. It would certainly be easier to use someone else's product, and I'm sure you can install smokeping on it (or maybe it has something built in).

If either of those fail, don't you still basically lose connectivity anyway? If OPNsense supports CARP, you should be able to almost eliminate failure--but I've never personally played with doing that.

I posted on the discussions over there, but I don't think I've had the question answered yet--unless I'm too dumb to notice. I will probably have to just carve out some time and try it out and see what happens. Since switching to a Synology server, I've become kind of lazy with some of this stuff. It can eat an awful lot of time.
Yes OPNsense does CARP. https://docs.opnsense.org/manual/how-tos/carp.html

OPNsense is really quite powerful and I'm quite happy with it so far.

For the house I don't need to worry about redundancy. If the power goes out the Internet is out anyways. For my Pi-hole if it goes down I just switch the system to a regular DNS. Takes about 30 seconds. Thankfully my Pi-hole only ever crashed while I was on vacation (which meant my VPN connected phone no longer had filtering :( ). Got home got it working long enough to build the replacement and swapped it out. Probably 30 minutes of work.

And while updating my pi-hole just now I saw this new blog post for Pi-hole and OPNsense. I may just have to move my network to this configuration.
https://pi-hole.net/2021/09/30/pi-hole-and-opnsense/#page-content
 

iroc409

[H]ard|Gawd
Joined
Jun 17, 2006
Messages
1,384
The thing I have almost found is that when I've taken the time to find a solution that fits my needs, and not what some vendor has decided fits my needs, I always come out far ahead in cost and reliability/serviceability.

I do find that to be true in a lot of cases, sometimes it just takes a lot of time to figure out LOL. I switched from plain FreeBSD to Synology, and while I like the Synology for the primary server I'm not sure I gained a lot and it isn't without its own headaches.

I haven't really gotten a complete answer, so I'll just have to play with it when I get things set up and have the time. Maybe take a day off next week to get caught up around home and work on rebuilding my network. I'll post some results if/when I get around to testing it.
 
Top