Configure Ubuntu Pi-hole for Cloudflare DNS over HTTPS


#1

Originally published at: https://www.cyberciti.biz/faq/configure-ubuntu-pi-hole-for-cloudflare-dns-over-https/

I installed OpenVPN VPN solutions on Ubuntu for my businesses to secure all data communications. I also set up Pin-hole ad blocker on Ubuntu server along with OpenVPN. How do I force Pi-hole to use Cloudflare DNS over HTTPS (DoH) to increase my privacy and security by preventing eavesdropping and manipulation of DNS data by man-in-the-middle attacks?


#2

So, I have also setup pihole Using https via cloud flare. But After the user connect via OpenVPN, how do you set the client to point to PIHole DNS with OpenVPN? The openvpn tend to use google DNS.


#3

Edit openvpn config /etc/openvpn/server.conf on server.

vi /etc/openvpn/server.conf

Delete or comment out existing DNS entries:

##Stop using Google DNS for our OpenVPN###
#push "dhcp-option DNS 8.8.8.8"
#push "dhcp-option DNS 8.8.4.4"

Next add our PI-Hole DNS IP address i.e. OpenVPN DNS address:

push "dhcp-option DNS 10.8.0.1"

Save and close the file. Restart the OpenVPN server:

sudo systemctl restart openvpn@server

Read for more info (see section Update OpenVPN config to push our PI-hole dns server):

Once done. Test your DNS using any online service that shows your current DNS. It should now show cloudflare. For example (look for Cloudflare):

curl http://$RANDOM.dns.whatsmydnsserver.com/api