Howto: pi-hole ad-blocker on Seagate Dockstar

In case this is useful for anyone else, here's my notes on

How to install pi-hole 5.0 on Seagate Dockstar running Debian 10
---------------------------------------------------------

This was performed on a fresh install of the standard install ( Debian-5.2.9-kirkwood-tld-1-rootfs-bodhi.tar.bz2 )

install curl:

# apt install curl

Download pi-hole installscript. But first, install latest ca-certificates if you don't have them , otherwise curl refuses to connect to some https sites

# apt install ca-certificates

# curl -sSL https://install.pi-hole.net > pihole-basic-install.sh

Note: had to edit the install script to change 'binary' to 'l_binary' on one line in pihole-basic-install.sh, as otherwise it exited during the 'FTL Checks' section -

...
 	 	printf "%b  %b Detected ARM architecture\\n" "${OVER}" "${TICK}"
     		# set the binary to be used
     -->        l_binary="pihole-FTL-arm-linux-gnueabi"
    ...

# bash pihole-basic-install.sh

The install script runs through lots of checks, asks you some questions, then downloads lighttpd, php, dnsmasq etc

....
...
   FTL Checks...

  [â] Detected ARM architecture
   Checking for existing FTL binary...
  [â] Downloading and Installing FTL
  [â] Installing scripts from /etc/.pihole

   Installing configs from /etc/.pihole...
  [â] No dnsmasq.conf found... restoring default dnsmasq.conf...
...
.....
  [â] Swapping databases
   Number of gravity domains: 87259 (84818 unique domains)
   Number of exact blacklisted domains: 0
   Number of regex blacklist filters: 0
   Number of exact whitelisted domains: 0
   Number of regex whitelist filters: 0
  [â] pihole-FTL: no process found
  [â] Cleaning up stray matter
  [â] Restarting DNS server

  [â] DNS service is NOT running
/opt/pihole/updatecheck.sh: line 77: /usr/bin/pihole-FTL: No such file or directory
/opt/pihole/updatecheck.sh: line 91: /usr/bin/pihole-FTL: No such file or directory
   Web Interface password: xxxx
   This can be changed using 'pihole -a -p'

   View the web interface at http://pi.hole/admin or http://192.168.17.39/admin

   You may now configure your devices to use the Pi-hole as their DNS server
   Pi-hole DNS (IPv4): 192.168.17.39
   If you set a new IP address, please restart the server running the Pi-hole

   The install log is located at: /etc/pihole/install.log
Installation Complete!

Looks good, however looks like there was a problem with getting the pre-compiled pihole-FTL binary ( which is the core part of pi-hole) :

# /usr/bin/pihole-FTL --version
-bash: /usr/bin/pihole-FTL: No such file or directory
# ls -l /usr/bin/pihole-FTL
-rwxr-xr-x 1 root root 6860972  May 27 08:59 /usr/bin/pihole-FTL

How strange : 'No such file' error , but it's clearly there - have we got some weird filesystem corruption or something ?!

# od -c /usr/bin/pihole-FTL |head
0000000 177   E   L   F 001 001 001  \0  \0  \0  \0  \0  \0  \0  \0  \0
0000020 003  \0   (  \0 001  \0  \0  \0 240 356 001  \0   4  \0  \0  \0
0000040 330 375   x  \0 002 004  \0 005   4  \0      \0  \t  \0   (  \0
0000060   (  \0   %  \0 001  \0  \0   p 324   , 033  \0 324   , 033  \0
....

# file /usr/bin/pihole-FTL
/usr/bin/pihole-FTL: ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, for GNU/Linux 2.6.32, with debug_info, not stripped
# ldd /usr/bin/pihole-FTL
 not a dynamic executable

So looks like no filesystem corruption, it's probably just compiled for a different ARM architecture than what we have

So we have to build FTL from source :
( taken from instructions at https://docs.pi-hole.net/ftldns/compile/ :

# apt install build-essential libgmp-dev m4

Although libnettle (for DNSSEC) was already installed by the main pihole installer above, we are going to need the header files etc, so best build nettle too :

# wget https://ftp.gnu.org/gnu/nettle/nettle-3.6.tar.gz
# tar -xvzf nettle-3.6.tar.gz
# cd nettle-3.6
# ./configure
# make
# make install

Note: before compiling FTL, make sure you have at least 256MB of swap available, as it is a memory-hungry compile.

# apt install libsqlite3-dev

# git clone https://github.com/pi-hole/FTL.git
# cd FTL
# make
# make install
# service pihole-FTL restart

NOTE : If it still runs out of RAM during the make ( e.g. gcc dies unexpectedly after 10 min with something like

cc: fatal error: Killed signal terminated program cc1
   compilation terminated.
   make: *** [Makefile:146: build/database/sqlite3.o] Error 1

then one way to reduce RAM usage during compile is to reduce the amount of optimisation gcc does by editing the Makefile and changing -O3 to -O1 or even -O0 :

HARDENING_FLAGS=-fstack-protector-strong -Wp,-D_FORTIFY_SOURCE=2 -O1 -Wl,-z,relro,-z,now  .......

-O1 worked for me on a Dockstar with 128MB of RAM and 192MB of swap.

You should now see pihole-FTL process running, listening on port 53 , and can configure your laptop etc to use it as a DNS resolver.

You can use pi-hole's handy web-admin interface (URL shown above) to view what it's doing, update the blacklists and to whitelist domains/sites if required.

Cheers
Rob

edit : added swap space info



Edited 1 time(s). Last edit at 05/29/2020 02:59AM by rsinklair.

Thanks Rob,

Very nice. Another Pi-hole tutorial to add to the Wiki!

-bodhi
===========================
Forum Wiki
bodhi's corner (buy bodhi a beer)

I've added Rob's tutorial to the Wiki:

Quote
https://forum.doozan.com/read.php?2,23630,23630#msg-23630

Home Automation & Tools

X10
CALDav Calendar Server using Radicale
Pogoplug Network Stack with PiHole: pics, and description
Pi-hole on Pogoplug Mobile
Pi-hole on Pogoplug Pro V3 (OXNAS)
Pi-hole ad-blocker on Seagate Dockstar

-bodhi
===========================
Forum Wiki
bodhi's corner (buy bodhi a beer)

SOLVED:
I can't install llibsqlite3-dev. This is the error I get even though I have done an apt clean:

root@dockstar:~# apt install libsqlite3-dev
Reading package lists... Done
Building dependency tree       
Reading state information... Done
Suggested packages:
  sqlite3-doc
The following NEW packages will be installed:
  libsqlite3-dev
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 714 kB of archives.
After this operation, 1967 kB of additional disk space will be used.
E: You don't have enough free space in /var/cache/apt/archives/.

root@dockstar:~# du -ch /var/cache/apt/archives/
4.0K	/var/cache/apt/archives/partial
8.0K	/var/cache/apt/archives/
8.0K	total

Turns out I had run out of space usb stick. duh!



Edited 1 time(s). Last edit at 07/04/2020 04:43PM by jshand.

Well I just tried to update pihole and ran into the same snag with the FTL file. So i tried to recompile as per your instructions but it doesn't use make anymore it uses cmake. So I installed cmake but I get the following error:

root@dockstar:/FTL/cmake# cmake ..
-- The C compiler identification is GNU 8.3.0
-- Check for working C compiler: /usr/bin/cc
-- Check for working C compiler: /usr/bin/cc -- works
-- Detecting C compiler ABI info
-- Detecting C compiler ABI info - done
-- Detecting C compile features
-- Detecting C compile features - done
-- Looking for pthread.h
-- Looking for pthread.h - found
-- Looking for pthread_create
-- Looking for pthread_create - not found
-- Check if compiler accepts -pthread
-- Check if compiler accepts -pthread - yes
-- Found Threads: TRUE  
CMake Error: The following variables are used in this project, but they are set to NOTFOUND.
Please set them or make sure they are set and tested correctly in the CMake files:
IDN
    linked by target "pihole-FTL" in directory /FTL/src

-- Configuring incomplete, errors occurred!
See also "/FTL/cmake/CMakeFiles/CMakeOutput.log".
See also "/FTL/cmake/CMakeFiles/CMakeError.log".

This was just updated 7/15/2020. So perhaps you could take a look at it and update your instructions.
Thanks
-john

Just tried compiling new pihole version on a new Debian Stretch rootfs with latest kernel, worked fine. Just had to make sure i was using a swap file as noted by rsinklair.

Hi and thanks for the tutorial. It helped a lot, and finally my old dockstar has again something to do.

Just ran into the mentioned error described in

NOTE : If it still runs out of RAM during the make ( e.g. gcc dies unexpectedly after 10 min with something like
cc: fatal error: Killed signal terminated program cc1
   compilation terminated.
   make: *** [Makefile:146: build/database/sqlite3.o] Error 1

but could not change the compile options due to the change in FTL from make to cmake.

My solution was to follow the instructions on https://docs.pi-hole.net/ftldns/compile/ (especially additionally install libidn11-dev and cmake) and install swapspace

sudo apt-get install swapspace

afterward the FTL ./build.sh script ran about more than half a day (mainly at 98% on the sqlite3 step) but in the end suceeded.

-yafbu

Edit: the pihole-FTL-armel-native binary seems to crash the moment someone tries to connect. Disregard post.

So I was looking through the pihole installer when I noticed they provide a pre-built armel compatible binary in their repository. The problem is the way they go about detecting your device architecture is somewhat flawed. It will only download the armel binary if it detects you're running the script from within a docker environment. These are the relevant variables:

machine=$(uname -m)
rev=$(uname -m | sed "s/[^0-9]//g;")
lib=$(ldd /bin/ls | grep -E '^\s*/lib' | awk '{ print $1 }')

The script itself has no direct checks that I could see for an armel environment it just downloads pihole-FTL-arm-linux-gnueabi (hard float?) by default once the $rev variable is determined not to be greater than "6". It's meant to handle anything that's ARMv6 and lower. If you add this bit here after line 2425 it should detect things correctly and download the correct binary:

        elif [[ "${lib}" == "/lib/ld-linux.so.3" ]]; then
            #
            if [[ "${rev}" -lt 6 ]]; then
                printf "%b  %b Detected ARM soft float architecture\\n" "${OVER}" "${TICK}"
                # set the binary to be used
                l_binary="pihole-FTL-armel-native"
            fi

I've tested this already on a fresh Debian Stretch install running SysVinit and can confirm it works. If you're on systemd the script fails at the "restarting lighttpd service" step. Not entirely sure why that is.



Edited 3 time(s). Last edit at 08/30/2020 12:22PM by alexr.

Thanks for posting your findings...

yafbu Wrote:
-------------------------------------------------------
> Hi and thanks for the tutorial. It helped a lot,
> and finally my old dockstar has again something to
> do.
>
> Just ran into the mentioned error described in
>

> NOTE : If it still runs out of RAM during the make
> ( e.g. gcc dies unexpectedly after 10 min with
> something like
> cc: fatal error: Killed signal terminated program
> cc1
>    compilation terminated.
>    make: *** [Makefile:146:
> build/database/sqlite3.o] Error 1
>

> but could not change the compile options due to
> the change in FTL from make to cmake.
>
> My solution was to follow the instructions on
> https://docs.pi-hole.net/ftldns/compile/
> (especially additionally install libidn11-dev and
> cmake) and install swapspace
>

> sudo apt-get install swapspace 
>

> afterward the FTL ./build.sh script ran about more
> than half a day (mainly at 98% on the sqlite3
> step) but in the end suceeded.
>
> -yafbu

All spot on, I installed on a PP V4 ... no USB drive, just a 32GB mmc that I had laying around with Bodhi’s latest Debian rootfs on it.

I can confirm a compile time of a little more than 12 hours. I was shocked that it actually worked utilizing mmc for swap, perhaps in some aspects, space is space.

davygravy,

Good to see you posting again :)

If you are running my later kernel version, or turned on BFQ IO Scheduler (CONFIG_IOSCHED_BFQ) in your own compiled kernel, it might explain the improvement in swapping. Also perhaps io_uring (CONFIG_IO_URING) play a role in this improvement too.

Quote

Updated 23 Aug 2020:

Kernel linux-5.8.3-kirkwood-tld-1 package has been uploaded. The following features were added/updated:

- BFQ IO Scheduler is now the default in the kernel. This is an improvement in making the system more responsive when under memory stress (Note: use a large swap space to avoid OOM killer).

-bodhi
===========================
Forum Wiki
bodhi's corner (buy bodhi a beer)

Kirkwood users may get a treat soon... If things go as planned, our plugs may be officially supported soon. (not holding my breath... one can still build one's own, but here's hoping...)

https://discourse.pi-hole.net/t/build-for-pihole-ftl-arm-soft-float/39254/22

=====================================================

• davy's Github Repo's rescue-dg

I upgraded PiHole-FTL and the rest of the package set... no hiccups. It looks like our Kirkwood devices are finally supported in mainline PiHole.

=====================================================

• davy's Github Repo's rescue-dg

davygravy Wrote:
-------------------------------------------------------
> I upgraded PiHole-FTL and the rest of the package
> set... no hiccups. It looks like our Kirkwood
> devices are finally supported in mainline PiHole.

Really good to hear! I was considering running Pihole on a Dockstar, and thought to check here if anyone else had got it right first. What is the performance like? And how much swap space have you given it?