A Windows System Admin's Blog

Covering Server Administration, Endpoint Management, Scripting and Network Management

Sync multiple Pi-Hole Configs

,

For my home network, I run Pi-Hole in docker containers in separate hosts. Whenever making a change such as creating a local DNS entry on one Pi-hole means logging into the other Pi-hole and making the same change, not ideal. So I’ve tried looking for a solution to this. I did give Gravity sync a go however seemed a little hard to get going. Doing my Google search I also stumbled on Orbital-Sycn on GitHub which seems to do the same thing albeit much easier to configure and get going.

Using Orbital sync, it behaves similar to a HA pair where one becomes the primary and the config is synchronised to the secondary nodes. It was super simple to get going, making sure that it was on the correct docker network so it can see all the Pi-Hole containers in my network I then just creating the additional container using the docker compose file below.

version: '3'
services:
  orbital-sync:
    image: mattwebbio/orbital-sync:1
    environment:
      PRIMARY_HOST_BASE_URL: 'https://pihole1.home.lab'
      PRIMARY_HOST_PASSWORD: 'supersecretpassword'
      SECONDARY_HOSTS_1_BASE_URL: 'https://pihole2.home.lab'
      SECONDARY_HOSTS_1_PASSWORD: 'supersecretpassword'
      INTERVAL_MINUTES: 5

Replace the environment variables with settings for your setup. Based on this compose file, orbital-sync connects my two Pi-Hole containers and synchronises them every 5 minutes.

Additional configuration variables can be found on the CONFIG page on the orbital-sync GitHub.

Leave a Reply

More Posts

Procurve Switches and Windows Network Load Balancing in Multicast Mode causing high collision and drop rates

Over the last few days we have been looking at getting a Client Access Array going for our Exchange 2010 setup for basic redundancy and load balancing. I thought I would outline an issue we discovered with using Windows Network Load Balancing in a HP switching environment. The first is whether to use Unicast or […]

How to allow an Active Directory Certificate Authority to generate Certificates with a Subject Alternative Name attribute

Starting with Google Chrome 58, Chrome no longer trusts certificates without the Subject Alternative Name attribute, so this makes it a little troublesome for those with internal CAs where you rely on them for Software Development. We noticed last week that some end users couldn’t hit an internal application over HTTPS, but was fine in […]

Using WireGuard on Windows with no local administrator rights

I’ve recently been helping a non-profit uplift their security – we’ve put in a UniFi Gateway along with cleaning up their 365 tenancy and endpoint management. As part of this, we’ve implemented a WireGuard VPN back to their NAS as well as remove local admin rights from end users. Unfortunately, WireGuard by default requires local […]