GitHub

How it started

How I got my first VMs and home hosted services !

So I discovered that my ISP’s box came with a hypervisor built in, which was something I had not expected to find on a comercial grade box. I guess it made sense, since my ISP (Free; French ISP) has always had a reputation for building products with power users in mind, so the Freebox Delta is a good example of that philosophy in action. Not exactly a powerhouse, but certainly more than enough for the mini homelab I had in mind. After some googling I found out it was shipping a Marvell 88F8041 chip with 2 cores running at ~2.0GHz (not quite sure), paired with 2GB of RAM. It also had 4 2.5" drive bays, I could use.

Since I had a spare 4GB RAM stick and a 250GB SSD sitting around, I swapped out the original stick, dropped in the drive, and just like that, I was up and running.

The first VM

Ads. Are in my opinion one of the most painful things to experience on any digital device. Everything that revolves around advertisement these days deeply bothers me on every level. With these two lines I just conviced myself I would write a post on that topic. My heart is full.

Anyways, I decided my first home hosted service would be - who whould’ve guessed - an Ad blocker of some sorts.

Creating a new VM was very intuitive and the setup screen was very clear. I added in my Debian 12 ISO image and got through the installation process easily. On the networking side of things, I just added a static lease to attribute ip .53 to the machine as a reminder of it’s function.

A few different options

Many viable options are available out there, I just stuck with the most popular DNS sinkholes.

PiHole: As I’ve come to understand, this is THE classic self-hosted option, originally designed to run on a Raspberry Pi but would run on a 10 year old’s ben 10 watch. It is lightweight, transparent, and keeps everything local, which is exactly what I was looking for, except, it has no support for DoH, wich is something in planned on setting up further down the line.

NextDNS: This one is a cloud-based solution, so nothing to host locally. And this means someone else aside from my ISP, knows the color of my barbie house. So no, not this one.

AdGuard Home: This one has a sexy, polished, feature-rich UI. It supports DNS-over-HTTPS and DNS-over-TLS natively, and comes with detailed query logging. Yay !

Both PiHole and AdguardHome offer containerized versions of their software.

To docker or not to docker

When in doubt, always containerize. That’s from me and it might not be true at all, but I followed my heart. Here is the docker command to run Adguard home, this is a simple copy paste from their documentation.

$ docker run --name adguardhome\
    --restart unless-stopped\
    -v /opt/adguard/workdir:/opt/adguardhome/work\
    -v /opt/adguard/confdir:/opt/adguardhome/conf\
    -p 53:53/tcp -p 53:53/udp\
    -p 67:67/udp -p 68:68/udp\
    -p 80:80/tcp -p 443:443/tcp -p 443:443/udp -p 3000:3000/tcp\
    -p 853:853/tcp\
    -p 784:784/udp -p 853:853/udp -p 8853:8853/udp\
    -p 5443:5443/tcp -p 5443:5443/udp\
    -d adguard/adguardhome

Once that is done, I set up Quad9 to be my upstream and configured my box to advertise for .53 as the primary local DNS.

The filtering lists

And done.