How do I run DietPi-Software and install optimised software ?
To install any of the DietPi optimised software listed below run from the command line:
Choose Software Optimised and select one or more items. Finally click on
Install. DietPi will do all the necessary steps to install and start these software items.
To see all the DietPi configurations options, review DietPi Tools section.
Pi-hole is a DNS sinkhole with web interface that will block ads for any device on your network.
- Also Installs: Webserver stack
The web interface of Pi-hole can be accessed via:
- Password =
The configuration contains setting devices (e.g. router) to use Pi-hole for DNS resolution.
Option 1 - Setup single devices to use the Pi-hole DNS server¶
Simply change your DNS settings to use the IP address of your Pi-hole device. This will need to be done for each device that you want Pi-hole to work with.
- My Pi-hole device has the IP address of 192.168.0.100
- On my PC, I would set the DNS address to 192.168.0.100
- Tutorial The Ultimate Guide to Changing Your DNS settings.
Option 2 - Setup your router to use the Pi-hole DNS server¶
This method will automatically point every device (that uses DHCP) on your network to Pi-hole. On your routers control panel web page, you will need to find a option called “DNS server”. This should be located under DHCP settings.
Simply enter the IP address of your Pi-hole device under “DNS server”:
On your Pi-hole device, you will need to set a different DNS server.
Depending on your router configuration, if you don’t do this step, the Pi-hole device may not be able to access the internet. It’s highly recommended to have the device running Pi-hole, pointing to a DNS server outside your network.
- Run the following command:
dietpi-config 8 1
- Select: Ethernet
- If you are running in DHCP mode, select Change Mode, then select: Copy Current address to Static
- Select Static DNS from the list, then choose a DNS server, or manually enter a custom entry.
- Once completed, select Apply to save the changes.
Pi-hole can be updated via the shell command
You can use
pihole -r to repair or reconfigure your Pi-hole instance.
No selection of Lighttpd during repair procedure
Do NOT select to install Lighttpd when being asked, as this will mix our own webserver stack setup with a different once provided by the Pi-hole installer, which causes various issues.
If you forgot your login password for the Pi-hole admin web page, you can set it with the shell command
pihole -a -p on your Pi-hole device.
There are many sites in the web giving blocklists and whitelists for Pi-hole. They can be used when you want to have more blocking as the standard installation gives you. Here are some examples:
To allow (OpenVPN or WireGuard) VPN clients accessing your local Pi-hole instance, you need to allow DNS requests from all network interfaces:
pihole -a -i local.
The monitoring of a Pi-hole system via Netdata is described there: https://learn.netdata.cloud/guides/monitor/pi-hole-raspberry-pi.
YouTube video tutorial #1: Raspberry Pi / Pi-hole / Diet-Pi / Network wide Ad Blocker !!!!.
YouTube video tutorial #2:
Block ads everywhere with Pi-hole and PiVPN on DietPi
YouTube video tutorial #3 (German language):
Raspberry Pi & DietPi : Pi-hole der Werbeblocker für Netzwerke mit Anleitung für AVM FritzBox
YouTube video tutorial #4 (German language):
Raspberry Pi Zero W mit Pi-hole - günstiger Werbeblocker & Schritt für Schritt Anleitung unter DietPi
Unbound is a validating, recursive, caching DNS resolver.
For more details see unbound “about” description.
- Default DNS port: 53
- DNS port when Pi-hole is installed: 5335
The configuration directory is located there:
View the log files:
journalctl -u unbound
Update to latest version:
apt update && apt upgrade
If required, you can activate DoT. Simply copy/execute following section:
cat << '_EOF_' > /etc/unbound/unbound.conf.d/dietpi-dot.conf # Adding DNS-over-TLS support server: tls-cert-bundle: /etc/ssl/certs/ca-certificates.crt forward-zone: name: "." forward-tls-upstream: yes ## Cloudflare forward-addr: 184.108.40.206@853#cloudflare-dns.com forward-addr: 220.127.116.11@853#cloudflare-dns.com ## Quad9 forward-addr: 18.104.22.168@853#dns.quad9.net forward-addr: 22.214.171.124@853#dns.quad9.net _EOF_
Once done, Unbound service would need to be restarted
systemctl restart unbound
The used DNS servers are examples only and can be replaced by your favorite one. A list of public DNS providers, their IP addresses and their in cases included ad blocking / adult content blocking features are available on Wikipedia:
Source code: NLnetLabs/unbound.
Official documentation: https://nlnetlabs.nl/documentation/unbound resp. https://nlnetlabs.nl/documentation/unbound/unbound