I have https://pi-hole.net installed. I want to use Caddy as web server because of https.
I tried these two guides:
So far I changed the port. But proxying it to port 80 using Caddy doesn’t add https. Pi Hole in my case runs on an VPS, so I really want to make sure that the password for the admin page is transferred secure.
Is it possible to secure Pi Hole with https threw Caddy ? And furthermore is it possible to proxy that to a subdomain?
Yep, it’s doable. I used to run it on a VPS, too, until I got myself flagged on http://www.openresolverproject.org/ so I took it down. Nowadays I just run pfBlockerNG with the Pi-Hole lists set in DNSBL for the local network.
My setup was Docker-based, but the Caddy configuration was quite simple.
Hey, thank you for your reply. Thank you also for mentioning the open resolver project. I have to mention now that my resolver of course is not open and its probably firewalled.
You could have blocked access to your resolver by ip-/ip6tables.
I give your configuration a try and come back !
EDIT: That works - thanks. I added an redirect to open the admin panel because otherwise you’ll get some php error.
Aye, that’d work. In my case, it was serving residential connections, so I’d probably have had to whitelist their ISP’s address pools. I found it simpler just to set it up inside the private networks of the people I was hosting it for.
@Whitestrake Do you remember ? When you a website was on an blocklist, an pihole page should show up, where you could enter your password, to whitelist it. It doesn’t seem to work the way I reverse proxy it out with caddy. Was that something that did work for you ?
Also I’m not sure about the :80 catch-all.
Hmm, no, I never had that - I never used Pi-Hole outside of a Caddy rev proxy.
The :80 catch-all was to allow Pi-Hole to fill the ad’s space with a blank section, so the structure of a page was preserved and there were no page errors.