How do I run DietPi-Software and install optimised software items?
To install any of the DietPi optimised software items listed below run from the command line:
Choose Browse Software and select one or more items. Finally select
DietPi will do all the necessary steps to install and start these software items.
To see all the DietPi configurations options, review the DietPi Tools section.
Pi-hole is a DNS sinkhole with web interface that will block ads for any device on your network.
- Also Installs: Webserver stack
The web interface of Pi-hole can be accessed via:
- URL =
- Password =
The configuration contains setting devices (e.g. router) to use Pi-hole for DNS resolution.
Option 1 - Setup single devices to use the Pi-hole DNS server
Simply change your DNS settings to use the IP address of your Pi-hole device. This will need to be done for each device that you want Pi-hole to work with.
- My Pi-hole device has the IP address of 192.168.0.100
- On my PC, I would set the DNS address to 192.168.0.100
- Tutorial The Ultimate Guide to Changing Your DNS settings.
Option 2 - Setup your router to use the Pi-hole DNS server
This method will automatically point every device (that uses DHCP) on your network to Pi-hole. On your routers control panel web page, you will need to find a option called “DNS server”. This should be located under DHCP settings.
Simply enter the IP address of your Pi-hole device under “DNS server”:
On your Pi-hole device, you will need to set a different DNS server.
Depending on your router configuration, if you don’t do this step, the Pi-hole device may not be able to access the internet. It’s highly recommended to have the device running Pi-hole, pointing to a DNS server outside your network.
- Run the following command:
dietpi-config 8 1
- Select: Ethernet
- If you are running in DHCP mode, select Change Mode, then select: Copy Current address to Static
- Select Static DNS from the list, then choose a DNS server, or manually enter a custom entry.
- Once completed, select Apply to save the changes.
Pi-hole can be updated via the shell command
You can use
pihole -r to repair or reconfigure your Pi-hole instance.
Do NOT select to install Lighttpd
Do NOT select to install Lighttpd when being asked, as this will mix our own webserver stack setup with the different one provided by the Pi-hole installer, which causes various issues.
If you forgot your login password for the Pi-hole admin web page, you can set it with the shell command
pihole -a -p on your Pi-hole device.
There are many sites in the web giving blocklists and whitelists for Pi-hole. They can be used when you want to have more blocking as the standard installation gives you. Here are some examples:
To allow (OpenVPN or WireGuard) VPN clients accessing your local Pi-hole instance, you need to allow DNS requests from all network interfaces:
pihole -a -i local.
DietPi-CloudShell has a Pi-hole scene included, which can be used to monitor the most important DNS query and block statistics. Simply run
Scenes and assure that
8 Pi-hole is selected. Toggle
Output Display to choose whether to print the output to the current console or the main screen, then select
Start / Restart to start the output.
YouTube video tutorial #1: Raspberry Pi / Pi-hole / Diet-Pi / Network wide Ad Blocker !!!!.
YouTube video tutorial #2:
Block ads everywhere with Pi-hole and PiVPN on DietPi
YouTube video tutorial #3 (German language):
Raspberry Pi & DietPi : Pi-hole der Werbeblocker für Netzwerke mit Anleitung für AVM FritzBox
YouTube video tutorial #4 (German language):
Raspberry Pi Zero W mit Pi-hole - günstiger Werbeblocker & Schritt für Schritt Anleitung unter DietPi
Blog entry with YouTube video #5 (German language):
Unbound Installation für PiHole unter DietPi
Unbound is a validating, recursive, caching DNS resolver. It can resolve hostnames by querying the root name servers directly, replacing ISP/public DNS resolvers. Eliminating one player involved in handling your DNS requests, increases your internet privacy. Additionally Unbound can be configured to use the encrypted DoT protocol, which requires again a public DNS provider, but masks requests for your LAN operator and ISP instead. For more info, see the “Activating DNS over TLS (DoT)” tab below.
- Default DNS port: 53
- DNS port when Pi-hole is installed: 5335
The configuration directory is located there:
View the log files:
journalctl -u unbound
Update to latest version:
apt update apt upgrade
DoT sends DNS requests encrypted, masking them from your LAN operator and ISP. But it requires again a public DNS provider, to query the root name servers, which is otherwise, thanks to Unbound, not required. Root name server requests can only be unencrypted, either sent directly from Unbound (default) or by a public provider (when using DoT). Whether DoT (or any other encrypted DNS wrapper protocol) is preferable or not, depends on your individual case and needs, i.e. if you trust your LAN operator and ISP more, or a public DNS provider. You can activate DoT by copying and executing the following command block:
cat << '_EOF_' > /etc/unbound/unbound.conf.d/dietpi-dot.conf # Adding DNS-over-TLS support server: tls-cert-bundle: /etc/ssl/certs/ca-certificates.crt forward-zone: name: "." forward-tls-upstream: yes ## Cloudflare forward-addr: 184.108.40.206@853#cloudflare-dns.com forward-addr: 220.127.116.11@853#cloudflare-dns.com ## Quad9 forward-addr: 18.104.22.168@853#dns.quad9.net forward-addr: 22.214.171.124@853#dns.quad9.net _EOF_
The used DNS servers are examples only and can be replaced by your favorite one.
A list of public DNS providers, their IP addresses and their in cases included ad blocking / adult content blocking features are available on Wikipedia:
For the change to take effect, the Unbound service needs to be restarted:
systemctl restart unbound
Official website: https://www.nlnetlabs.nl/projects/unbound/about/
Official documentation: https://nlnetlabs.nl/documentation/unbound/unbound
New WIP documentation: https://unbound.readthedocs.io/
Source code: NLnetLabs/unbound
Blog entry with YouTube video (German language):
Unbound Installation für PiHole unter DietPi