Advertisement
niammuddin

install pihole openssl

Jan 29th, 2022 (edited)
784
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 1.21 KB | None | 0 0
  1. STEP 1
  2. cd /etc/lighttpd/certs
  3. openssl req -new -x509 -keyout lighttpd.pem -out lighttpd.pem -days 365 -nodes
  4. chmod 400 lighttpd.pem
  5.  
  6. STEP 2
  7. $HTTP["host"] == "pi.hole" {
  8.   # Ensure the Pi-hole Block Page knows that this is not a blocked domain
  9.   setenv.add-environment = ("fqdn" => "true")
  10.  
  11.   # Enable the SSL engine with a LE cert, only for this specific host
  12. $SERVER["socket"] == ":443" {
  13.   ssl.engine = "enable"
  14.   ssl.pemfile = "/etc/lighttpd/certs/lighttpd.pem"
  15. }
  16.  
  17.   # Redirect HTTP to HTTPS
  18.   $HTTP["scheme"] == "http" {
  19.     $HTTP["host"] =~ ".*" {
  20.       url.redirect = (".*" => "https://%0$0")
  21.     }
  22.   }
  23. }
  24.  
  25. STEP 3
  26. apt install lighttpd-mod-openssl
  27.  
  28. STEP 4
  29. chmod g+w /etc/pihole
  30.  
  31. STEP 5
  32. sed -i '$ a BLOCKINGMODE=IP-NODATA-AAAA' /etc/pihole/pihole-FTL.conf
  33. sed -i '$ a RATE_LIMIT=0/0' /etc/pihole/pihole-FTL.conf
  34. sed -i 's/memory_limit = 128M/memory_limit = 1024M/g' /etc/php/7.4/cgi/php.ini
  35.  
  36. STEP 6
  37. edns-packet-max=1232
  38. dns-forward-max=1024
  39. /etc/dnsmasq.d/99-edns.conf
  40.  
  41. STEP 7
  42. service pihole-FTL restart
  43. service unbound restart
  44. /etc/init.d/lighttpd reload
  45.  
  46.  
  47. https://redmine.lighttpd.net/projects/1/wiki/HowToSimpleSSL
  48. https://docs.pi-hole.net/
  49. https://docs.pi-hole.net/guides/dns/unbound/
  50.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement