Home Assistant Community Add-on: Pi-hole

The message is clear, it can not find the cert file you have in the config. If you don’t have a cert you have two options.

  • Create a cert, and use that. (best option)
  • Set ssl: false in the add-on config

Sorry about, that @frenck, Do you have any thoughts on my current network problem? Despite removing the PiHole from Hass (as it broke DarkSky and Yr.no) and removing the PiHole DNS settings from my router, several of my attached devices will not “forget” about the PiHole…
I’ve tried reloading my router config file from a couple of days ago (long before the PiHole), pointing my router’s DNS to 8.8.8.8 and restarting/rebooting left right and centre.
I appreciate this problem can’t really be a PiHole problem, it must somehow be linked to my router. Just can’t understand it at the moment.

Hi, yes I get that I need to create an ssl cert but how can I do it.
I tried to search but I couldn’t find a clear instruction on how to do it,can you please help me with it:)

The easiest way is to use this https://www.home-assistant.io/addons/duckdns/
with

"accept_terms": true,

0.77.2 and still getting the same errors in the hass log:

2018-09-01 23:51:38 ERROR (MainThread) [hole] Can not load data from *hole: localhost:4865
2018-09-01 23:51:38 ERROR (MainThread) [homeassistant.components.sensor.pi_hole] Unable to fetch data from Pi-hole
2018-09-01 23:56:48 ERROR (MainThread) [hole] Can not load data from *hole: localhost:4865
2018-09-01 23:56:48 ERROR (MainThread) [homeassistant.components.sensor.pi_hole] Unable to fetch data from Pi-hole

Pi-hole config:

{
  "log_level": "info",
  "password": "Sup3rPazzw0rd",
  "update_lists_on_start": false,
  "admin_port": 4865,
  "dns_port": 53,
  "ssl": true,
  "certfile": "fullchain.pem",
  "keyfile": "privkey.pem",
  "interface": "",
  "ipv6": true,
  "ipv4_address": "",
  "ipv6_address": "",
  "virtual_host": "mydomain.duckdns.org",
  "hosts": []
}

And sensor config:

  - platform: pi_hole
    host: localhost:4865
    monitored_conditions:
      - ads_blocked_today
      - dns_queries_today
      - unique_clients

I can access it fine both through local IP and my duckdns adress but hass.io refuses to get any connection to it. Do I need to enter the password somewhere in the sensor config to?

Hi @Naesstrom,
I observe the same error in my setup. However, only in one condition. The error occurs when I reboot my whole system. After a restart of HA (only) this error doesn’t show up.
If you think about it, it seems quite logic:

  • After a reboot everything needs to start again. HA, and the sensor, boots faster than the Pi-hole Addon itself. At that time the sensor tries to access Pi-hole, which is simply not started yet.
  • After restarting HA only (e.g. for a config change), the Pi-hole addon is still running, therefore available. This is the situation where the error does not show up in my logs.

Please can you let us know if you rebooted or restarted your system at the time the logs where created?
Anyway I am afraid this will bring us into another direction: Can you disable a sensor?

Hey, hope someone can help me. When I’m trying to update my blocklist I get,

  • [i] Status: Pending…
  • [✗] Status: Connection Refused
  • [✗] List download failed: no cached list available

I don’t know how to fix it, Pi-Hole has been working earlier, but not anymore. I’ve tried reinstalling and rebooting several times.

This is my debug log:

e[He[2Je[3JThis process collects information from your Pi-hole, and optionally uploads it to a unique and random directory on tricorder.pi-hole.net.

The intent of this script is to allow users to self-diagnose their installations. This is accomplished by running tests against our software and providing the user with links to FAQ articles when a problem is detected. Since we are a small team and Pi-hole has been growing steadily, it is our hope that this will help us spend more time on development.

NOTE: All log files auto-delete after 48 hours and ONLY the Pi-hole developers can access your data via the given token. We have taken these extra steps to secure your data and will work to further reduce any personal information gathered.

*** [ INITIALIZING ]
[i] 2018-09-13:14:41:42 debug log has been initialized.

*** [ INITIALIZING ] Sourcing setup variables
[i] Sourcing /etc/pihole/setupVars.conf…

*** [ DIAGNOSING ]: Core version
[i] Core: v4.0 (How do I update Pi-hole? - FAQs - Pi-hole Userspace)
[i] Branch: master
[i] Commit: v4.0-0-gddbdb51-dirty

*** [ DIAGNOSING ]: Web version
[i] Web: v4.0 (How do I update Pi-hole? - FAQs - Pi-hole Userspace)
[i] Branch: master
[i] Commit: v4.0-0-gaf8c926-dirty

*** [ DIAGNOSING ]: FTL version
[✓] FTL: v4.0-dirty (How do I update Pi-hole? - FAQs - Pi-hole Userspace)

*** [ DIAGNOSING ]: dnsmasq version
[i] 340:

*** [ DIAGNOSING ]: lighttpd version
[i] opt

*** [ DIAGNOSING ]: php version
[i] 7.2.8

*** [ DIAGNOSING ]: Operating system
[✗] Alpine Linux v3.8 (Hardware/Software Requirements - FAQs - Pi-hole Userspace)

*** [ DIAGNOSING ]: SELinux
[i] SELinux not detected

*** [ DIAGNOSING ]: Processor
[✓] armv7l

*** [ DIAGNOSING ]: Networking
[✓] IPv4 address(es) bound to the eth0 interface:
192.168.2.132/24 matches the IP found in /etc/pihole/setupVars.conf

[✓] IPv6 address(es) bound to the eth0 interface:
fe80::1740:3194:18c6:9d6c does not match the IP found in /etc/pihole/setupVars.conf (Use IPv6 ULA addresses for Pi-hole - FAQs - Pi-hole Userspace)

^ Please note that you may have more than one IP address listed.
As long as one of them is green, and it matches what is in /etc/pihole/setupVars.conf, there is no need for concern.

The link to the FAQ is for an issue that sometimes occurs when the IPv6 address changes, which is why we check for it.

[i] Default IPv4 gateway: 192.168.2.1

*** [ DIAGNOSING ]: Ports in use
1 ()
1 ()
1 ()
9 ()
9 ()
9 ()
9 ()
9 ()
9 ()
35 ()
35 ()
35 ()
35 ()
35 ()
35 ()
1358 ()
1358 ()
1358 ()
1358 ()
1358 ()
1358 ()
1359 ()
1359 ()
1359 ()
1359 ()
1359 ()
1359 ()
1361 ()
1361 ()
1361 ()
1361 ()
1361 ()
1361 ()
1362 ()
1362 ()
1362 ()
1362 ()
1362 ()
1362 ()
1364 ()
1364 ()
1364 ()
1364 ()
1364 ()
1364 ()
1364 ()
1364 ()
1364 ()
1365 ()
1365 ()
1365 ()
1365 ()
1365 ()
1365 ()
1365 ()
1365 ()
1367 ()
1367 ()
1367 ()
1529 ()
1529 ()
1529 ()
1529 ()
1530 ()
1530 ()
1530 ()
1530 ()
1530 ()
1530 ()
1530 ()
1802 ()
1802 ()
1802 ()
1802 ()

*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✗] Failed to resolve via localhost (127.0.0.1)
[✗] Failed to resolve via Pi-hole (192.168.2.132)
[✓] doubleclick.com is 172.217.19.206 via a remote, public DNS server (8.8.8.8)

*** [ DIAGNOSING ]: Pi-hole processes
[✗] dnsmasq daemon is
[✗] lighttpd daemon is
[✗] pihole-FTL daemon is

*** [ DIAGNOSING ]: Setup variables
PIHOLE_INTERFACE=eth0
IPV4_ADDRESS=192.168.2.132/24
IPV6_ADDRESS=
QUERY_LOGGING=true
DNSMASQ_LISTENING=single
PIHOLE_DNS_1=208.67.222.222
PIHOLE_DNS_2=208.67.220.220
DNS_FQDN_REQUIRED=true
DNS_BOGUS_PRIV=true
DNSSEC=false
CONDITIONAL_FORWARDING=false

*** [ DIAGNOSING ]: Dashboard and block page
[✗] Block page X-Header: X-Header does not match or could not be retrieved.

[✗] Web interface X-Header: X-Header does not match or could not be retrieved.

*** [ DIAGNOSING ]: Gravity list
-rw-r–r-- 1 root root 0 Sep 13 14:40 /etc/pihole/gravity.list
-----head of gravity.list------

-----tail of gravity.list------

*** [ DIAGNOSING ]: contents of /etc/pihole

-rw-r–r-- 1 root root 632 Sep 13 13:25 /etc/pihole/adlists.list
https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
https://mirror1.malwaredomains.com/files/justdomains
http://sysctl.org/cameleon/hosts
https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist
https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
https://hosts-file.net/ad_servers.txt

-rw-r–r-- 1 root root 53 Sep 13 14:40 /etc/pihole/local.list
192.168.2.132 a0d7b954-pi-hole
192.168.2.132 pi.hole

*** [ DIAGNOSING ]: contents of /etc/dnsmasq.d

-rw-r–r-- 1 root root 1548 Sep 13 14:35 /etc/dnsmasq.d/01-pihole.conf
addn-hosts=/etc/pihole/gravity.list
addn-hosts=/etc/pihole/local.list
addn-hosts=/etc/pihole/black.list
localise-queries
no-resolv
cache-size=10000
log-queries=extra
log-facility=/data/log/pihole.log
local-ttl=2
log-async
server=208.67.222.222
server=208.67.220.220
domain-needed
bogus-priv
interface=eth0

*** [ DIAGNOSING ]: contents of /etc/lighttpd
/etc/lighttpd does not exist.

*** [ DIAGNOSING ]: contents of /etc/cron.d

-rw-rw-rw- 1 root root 1123 Jun 15 22:45 /etc/cron.d/pihole
59 1 * * 7 root PATH=“$PATH:/usr/local/bin/” pihole updateGravity
00 00 * * * root PATH=“$PATH:/usr/local/bin/” pihole flush once quiet
@reboot root /usr/sbin/logrotate /etc/logrotate.d/pihole

*** [ DIAGNOSING ]: contents of /var/log/lighttpd
/var/log/lighttpd does not exist.

*** [ DIAGNOSING ]: contents of /var/log

lrwxrwxrwx 1 root root 24 Sep 13 14:35 /var/log/pihole-FTL.log → /data/log/pihole-FTL.log
-----head of pihole-FTL.log------
[2018-09-13 13:26:03.403] ########## FTL started! ##########
[2018-09-13 13:26:03.405] FTL branch: master
[2018-09-13 13:26:03.406] FTL version: v4.0
[2018-09-13 13:26:03.406] FTL commit: 8493df4-dirty
[2018-09-13 13:26:03.406] FTL date: 2018-08-05 13:40:30 -0700
[2018-09-13 13:26:03.406] FTL user: root
[2018-09-13 13:26:03.406] WARNING: Starting pihole-FTL as user root is not recommended
[2018-09-13 13:26:03.406] Starting config file parsing (/etc/pihole/pihole-FTL.conf)
[2018-09-13 13:26:03.406] SOCKET_LISTENING: only local
[2018-09-13 13:26:03.406] AAAA_QUERY_ANALYSIS: Show AAAA queries
[2018-09-13 13:26:03.406] MAXDBDAYS: max age for stored queries is 365 days
[2018-09-13 13:26:03.406] RESOLVE_IPV6: Resolve IPv6 addresses
[2018-09-13 13:26:03.406] RESOLVE_IPV4: Resolve IPv4 addresses
[2018-09-13 13:26:03.406] DBINTERVAL: saving to DB file every minute
[2018-09-13 13:26:03.406] DBFILE: Using /etc/pihole/pihole-FTL.db
[2018-09-13 13:26:03.407] MAXLOGAGE: Importing up to 24.0 hours of log data
[2018-09-13 13:26:03.407] PRIVACYLEVEL: Set to 0
[2018-09-13 13:26:03.407] IGNORE_LOCALHOST: Show queries from localhost
[2018-09-13 13:26:03.407] BLOCKINGMODE: Null IPs for blocked domains
[2018-09-13 13:26:03.407] REGEX_DEBUGMODE: Inactive
[2018-09-13 13:26:03.407] Finished config file parsing
[2018-09-13 13:26:03.407] INFO: No Regex file found
[2018-09-13 13:26:03.408] db_init() - Cannot open database (14): unable to open database file
[2018-09-13 13:26:03.408] Creating new (empty) database
[2018-09-13 13:26:04.006] Database successfully initialized
[2018-09-13 13:26:04.008] Imported 0 queries from the long-term database
[2018-09-13 13:26:04.008] → Total DNS queries: 0
[2018-09-13 13:26:04.008] → Cached DNS queries: 0
[2018-09-13 13:26:04.008] → Forwarded DNS queries: 0
[2018-09-13 13:26:04.008] → Exactly blocked DNS queries: 0
[2018-09-13 13:26:04.009] → Unknown DNS queries: 0
[2018-09-13 13:26:04.009] → Unique domains: 0
[2018-09-13 13:26:04.009] → Unique clients: 0
[2018-09-13 13:26:04.009] → Known forward destinations: 0
[2018-09-13 13:26:04.009] Successfully accessed setupVars.conf

-----tail of pihole-FTL.log------
[2018-09-13 14:36:12.886] PRIVACYLEVEL: Set to 0
[2018-09-13 14:36:12.886] IGNORE_LOCALHOST: Show queries from localhost
[2018-09-13 14:36:12.886] BLOCKINGMODE: Null IPs for blocked domains
[2018-09-13 14:36:12.886] REGEX_DEBUGMODE: Inactive
[2018-09-13 14:36:12.886] Finished config file parsing
[2018-09-13 14:36:12.886] INFO: No Regex file found
[2018-09-13 14:36:12.888] Database successfully initialized
[2018-09-13 14:36:12.889] Notice: Increasing queries struct size from 0 to 10000
[2018-09-13 14:36:12.889] Notice: Increasing domains struct size from 0 to 1000
[2018-09-13 14:36:12.889] Notice: Increasing clients struct size from 0 to 10
[2018-09-13 14:36:12.890] New forward server: 208.67.220.220 (0/0)
[2018-09-13 14:36:12.890] Notice: Increasing forwarded struct size from 0 to 4
[2018-09-13 14:36:12.890] Notice: Increasing overTime struct size from 0 to 100
[2018-09-13 14:36:12.890] New forward server: 208.67.222.222 (1/4)
[2018-09-13 14:36:12.892] Notice: Increasing clients struct size from 10 to 20
[2018-09-13 14:36:12.893] Imported 384 queries from the long-term database
[2018-09-13 14:36:12.893] → Total DNS queries: 384
[2018-09-13 14:36:12.893] → Cached DNS queries: 77
[2018-09-13 14:36:12.893] → Forwarded DNS queries: 307
[2018-09-13 14:36:12.893] → Exactly blocked DNS queries: 0
[2018-09-13 14:36:12.893] → Unknown DNS queries: 0
[2018-09-13 14:36:12.893] → Unique domains: 179
[2018-09-13 14:36:12.893] → Unique clients: 12
[2018-09-13 14:36:12.893] → Known forward destinations: 2
[2018-09-13 14:36:12.893] Successfully accessed setupVars.conf
[2018-09-13 14:36:13.295] PID of FTL process: 1363
[2018-09-13 14:36:13.296] Listening on port 4711 for incoming IPv4 telnet connections
[2018-09-13 14:36:13.296] Listening on port 4711 for incoming IPv6 telnet connections
[2018-09-13 14:36:13.297] Listening on Unix socket
[2018-09-13 14:36:13.297] INFO: No Regex file found
[2018-09-13 14:36:13.298] /etc/pihole/black.list: parsed 0 domains (took 0.0 ms)
[2018-09-13 14:36:13.298] /etc/pihole/gravity.list: parsed 0 domains (took 0.0 ms)
[2018-09-13 14:40:43.690] INFO: No Regex file found
[2018-09-13 14:40:43.691] /etc/pihole/black.list: parsed 0 domains (took 0.0 ms)
[2018-09-13 14:40:43.691] /etc/pihole/gravity.list: parsed 0 domains (took 0.0 ms)

*** [ DIAGNOSING ]: Locale

*** [ DIAGNOSING ]: Pi-hole log
lrwxrwxrwx 1 root root 20 Sep 13 14:35 /var/log/pihole.log → /data/log/pihole.log
-----head of pihole.log------
Sep 13 13:26:04 dnsmasq[1223]: started, version pi-hole-2.79 cachesize 10000
Sep 13 13:26:04 dnsmasq[1223]: compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth DNSSEC loop-detect inotify
Sep 13 13:26:04 dnsmasq[1223]: using nameserver 8.8.4.4#53
Sep 13 13:26:04 dnsmasq[1223]: using nameserver 8.8.8.8#53
Sep 13 13:26:04 dnsmasq[1223]: read /etc/hosts.list - 2 addresses
Sep 13 13:26:04 dnsmasq[1223]: read /etc/pihole/black.list - 0 addresses
Sep 13 13:26:04 dnsmasq[1223]: read /etc/pihole/local.list - 0 addresses
Sep 13 13:26:04 dnsmasq[1223]: failed to load names from /etc/pihole/gravity.list: No such file or directory
Sep 13 13:26:25 dnsmasq[1223]: 1 192.168.2.95/55949 query[A] docs.google.com from 192.168.2.95
Sep 13 13:26:25 dnsmasq[1223]: 1 192.168.2.95/55949 forwarded docs.google.com to 8.8.4.4
Sep 13 13:26:25 dnsmasq[1223]: 1 192.168.2.95/55949 forwarded docs.google.com to 8.8.8.8
Sep 13 13:26:25 dnsmasq[1223]: 1 192.168.2.95/55949 reply docs.google.com is 172.217.20.78
Sep 13 13:26:30 dnsmasq[1223]: 2 192.168.2.95/58897 query[A] cerberus.easyanticheat.net from 192.168.2.95
Sep 13 13:26:30 dnsmasq[1223]: 2 192.168.2.95/58897 forwarded cerberus.easyanticheat.net to 8.8.4.4
Sep 13 13:26:30 dnsmasq[1223]: 2 192.168.2.95/58897 reply cerberus.easyanticheat.net is
Sep 13 13:26:30 dnsmasq[1223]: 2 192.168.2.95/58897 reply cerberus.eac-front.com is
Sep 13 13:26:30 dnsmasq[1223]: 2 192.168.2.95/58897 reply cerberus-eu.eac-front.com is
Sep 13 13:26:30 dnsmasq[1223]: 2 192.168.2.95/58897 reply cerberus-eu-lb-776396454.eu-west-1.elb.amazonaws.com is 34.252.137.127
Sep 13 13:26:30 dnsmasq[1223]: 2 192.168.2.95/58897 reply cerberus-eu-lb-776396454.eu-west-1.elb.amazonaws.com is 34.249.149.167
Sep 13 13:26:30 dnsmasq[1223]: 2 192.168.2.95/58897 reply cerberus-eu-lb-776396454.eu-west-1.elb.amazonaws.com is 34.254.143.156



[✓] ** FINISHED DEBUGGING! **

  • The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only.
  • For more information, see: Crack Our Medical Tricorder, Win A Raspberry Pi 3 – Pi-hole
  • If available, we’ll use openssl to upload the log, otherwise it will fall back to netcat.
    [i] Debug script running in automated mode
  • Using openssl for transmission.
    [✗] There was an error uploading your debug log.
    • Please try again or contact the Pi-hole team for assistance.
    • A local copy of the debug log can be found at: /var/log/pihole_debug-sanitized.log

Have you configured your Hassio device with a static IP address and an fixed external DNS server(s)?

I believe so. It has worked before with the settings that I’ve got on my router now.

1 Like

I have encountered issue, I have odroid c2 diepi, docker installed, Hassio and plex, ssh, all are working I tried pi hole and after installation and config setup I hit start and it not working, on the log everything is good until:

> 99-message.sh: executing... 
-----------------------------------------------------------
                Oops! Something went wrong.

We are so sorry, but something went terribly wrong when
 starting or running this add-on.

Be sure to check the log above, line by line, for hints.
-----------------------------------------------------------
[cont-finish.d] 99-message.sh: exited 0.
[cont-finish.d] done.
[s6-finish] syncing disks.
[s6-finish] sending all processes the TERM signal.

Any idea what could be wrong, I have only one as dietpi use ifupdown not network manager it might be it?

Cheers

That is not all… there is something above that probably… usually you should look for something like FATAL:, but a lot more errors can happen.

So look above that part OR provide a full log so we can help you debug.

Hi,
After the last update, the “page blocked” isn’t showing and the DHCP feature isn’t working, how can I downgrade?

This is normal for Pi-hole v4 since they changed the (default) blocking mode. This is stated in the add-on changelog as well:

For more info about this, check out the blog from Pi-hole itself: Pi-hole v4.0 Released With FTLDNS, Improved Blocking Modes, Regex, Docker, and More – Pi-hole

Regarding DHCP, what’s not working? Please provide some more info if possible.

Never mind, I rebooted odroid and … it is working so all good, sorry for inconvenience.

Cheers

@frenck is it possible to edit the options.json file of this add-on via hassio ssh? Reason is that I only have remote ssh access to my parents network. I conducted a hassio update of the addon but since we never included a password in the original setup, it now fails to start:

[cont-init.d] 00-banner.sh: exited 0.
[cont-init.d] 01-log-level.sh: executing...
Log level is set to INFO
[cont-init.d] 01-log-level.sh: exited 0.
[cont-init.d] 02-updates.sh: executing...
INFO: You are running the latest version of this add-on
[cont-init.d] 02-updates.sh: exited 0.
[cont-init.d] 10-requirements.sh: executing...
FATAL: You need to set a password!
[cont-init.d] 10-requirements.sh: exited 1.
[cont-finish.d] executing container finish scripts...
[cont-finish.d] 99-message.sh: executing...
-----------------------------------------------------------
                Oops! Something went wrong.

 We are so sorry, but something went terribly wrong when
 starting or running this add-on.

 Be sure to check the log above, line by line, for hints.
-----------------------------------------------------------
[cont-finish.d] 99-message.sh: exited 0.
[cont-finish.d] done.
[s6-finish] syncing disks.
[s6-finish] sending all processes the TERM signal. 

Haven’t had time to setup a direct VPN into their network.

Yep, you can use the hassio cli for that

Guys… I set a bunch of hosts in the addon config panel, but I still get the IP’s on the dashboard showing the requests. Is this normal behaviour? Shoulnd’t I be seeing the names instead?

After installing and enabling Pi-hole on my HA instance (went fine!) I am unable to use HA Cloud and also sending messages to Pushover stopped working. When I stop the Pi-hole addin everything works fine again.

I adjusted my DHCP so it sets the address of HA as DNS, my Pi is also on DHCP so it has its own DNS. Is this the issue and what is the best workaround for it? Entering static DNS?

Yes set a static DNS like google dns: 8.8.8.8

That works great indeed!

For any other who finds this: if you are running Resin OS you can place a file (by example resin-eth0 as filename) on you SD card in the folder /system-connections/ with this content (adjusted to your needs):

[connection]
id=Ethernet
type=ethernet
interface-name=eth0

[ipv4]
method=manual
address1=192.168.2.5/24,192.168.2.1;
dns=192.168.2.1;