Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- STEP 1
- cd /etc/lighttpd/certs
- openssl req -new -x509 -keyout lighttpd.pem -out lighttpd.pem -days 365 -nodes
- chmod 400 lighttpd.pem
- STEP 2
- $HTTP["host"] == "pi.hole" {
- # Ensure the Pi-hole Block Page knows that this is not a blocked domain
- setenv.add-environment = ("fqdn" => "true")
- # Enable the SSL engine with a LE cert, only for this specific host
- $SERVER["socket"] == ":443" {
- ssl.engine = "enable"
- ssl.pemfile = "/etc/lighttpd/certs/lighttpd.pem"
- }
- # Redirect HTTP to HTTPS
- $HTTP["scheme"] == "http" {
- $HTTP["host"] =~ ".*" {
- url.redirect = (".*" => "https://%0$0")
- }
- }
- }
- STEP 3
- apt install lighttpd-mod-openssl
- STEP 4
- chmod g+w /etc/pihole
- STEP 5
- sed -i '$ a BLOCKINGMODE=IP-NODATA-AAAA' /etc/pihole/pihole-FTL.conf
- sed -i '$ a RATE_LIMIT=0/0' /etc/pihole/pihole-FTL.conf
- sed -i 's/memory_limit = 128M/memory_limit = 1024M/g' /etc/php/7.4/cgi/php.ini
- STEP 6
- edns-packet-max=1232
- dns-forward-max=1024
- /etc/dnsmasq.d/99-edns.conf
- STEP 7
- service pihole-FTL restart
- service unbound restart
- /etc/init.d/lighttpd reload
- https://redmine.lighttpd.net/projects/1/wiki/HowToSimpleSSL
- https://docs.pi-hole.net/
- https://docs.pi-hole.net/guides/dns/unbound/
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement