Dietpi und pihole v6 Dashboard Problem

Troubleshooting
1

After updating to pihole v6, everything seems to have worked perfectly so far.
Today I carried out the latest DietPi update and probably made a crucial mistake. A message regarding lighttp and php appeared, at least in the temporal context, and I may have mistakenly deselected both options.
Now my Pihole dashboard no longer seems to work.
A pihole -r with “repair ‘as well as ’reconfigure” did not solve the problem.

Is there still a way to bring the dashboard back to life without reinstalling?
As I am waiting for more Pihole, what would be the correct choice?

2

Duplicate to DietPi 9.11.2 changes Pi-Hole default web server port to 8089 makes web UI inaccessible without specifying port?
This should help you.

1 Like
3

Thank you once again :wink:

I edited the file manually, but it should be easier with the following command?

sudo pihole-FTL --config webserver.port 80o,443os,[::]:80o,[::]:443os

So that the whole thing is not even necessary, what should you correctly select or deselect when the query for lighttpd and php appears, or do you always have to intervene because of the update of pihole?

4

Our script will set port 8089 on new installation or once during DietPi update to DietPi version v9.11.

You can switch to any other port like 80 manually. This would be a one time activity

1 Like
5

Port 8089 works. Before the Dietpi-Update Port 8080 worked also.

Do you have instructions to SSL the pihole Dash-Board?

6

basically should be working according PiHole docs (not sure if they are already updated to reflect changes on v6)

Do you use a web server with SSL/https enabled already? If yes you can use it as revers proxy. If not, you can enable https within PiHole configuration (web interface or command line).

7

Well, then I should know how to proceed.

8

Hello, after updating dietpi 9.11.2 and pihole v6, I lost external access via reverse proxy.
I use nginx and I used to access it >> https://myproxyreverse/admin/
Now I can only access it through my internal address >>> http://192.168..***:8089/admin/login
How can I use reverse proxy via subfolder again for pihole?

9

You need to change your proxy to forward to the PiHole own web server using port 8089.

Anyway I don’t think you really setup a reverse proxy. Because on PiHole v5, it was accessible via web server directly without a special proxy configuration. Something you would need to add now.

10

ok .
is the /etc/nginx/sites-dietpi/dietpi-pihole.conf file useful if I am going to use a reverse proxy method?
or can I delete it?

11

I’m not 100% sure on the content but should be fine to remove.

12 
# Based on: https://github.com/pi-hole/pi-hole/blob/9840b428474262fc4f2cb6bae48e7e61174bba86/advanced/pihole-admin.conf

# Admin panel
location ~ ^(?:/html|)/admin(?:$|/) {
	# Block public access to admin page, if enabled
	# - To enable: cd /etc/nginx/sites-dietpi; mv dietpi-pihole-block_public_admin.off dietpi-pihole-block_public_admin.on
	# - To disable: cd /etc/nginx/sites-dietpi; mv dietpi-pihole-block_public_admin.on dietpi-pihole-block_public_admin.off
	include sites-dietpi/dietpi-pihole-block_public_admin.*on;

	# Block . files from being served, such as .git, .github, .gitignore
	location ~ ^(?:/html|)/admin/\. { return 404; }

	# Add response headers
	add_header X-Pi-hole "The Pi-hole Web interface is working!";
	add_header X-Content-Type-Options "nosniff";
	set $frame_options "deny";
	add_header X-Frame-Options "$frame_options";
	add_header X-XSS-Protection "0";
	add_header X-Robots-Tag "noindex, nofollow";
	add_header X-Permitted-Cross-Domain-Policies "none";
	add_header Referrer-Policy "same-origin";
	add_header Content-Security-Policy "default-src 'self' 'unsafe-inline'";

	# Standard PHP handler block
	try_files $uri $uri/ =404;
	location ~ .+\.php(?:$|/) {
		fastcgi_pass php;
		include snippets/fastcgi-php.conf;

		# Allow teleporter and API QR code iframes on settings page
		set $frame_options "sameorigin";
		if ($uri !~ ^(?:/html|)/admin/scripts/pi-hole/php/(?:teleporter|api_token)\.php$) {
			set $frame_options "deny";
		}
		if ($http_referer !~ /admin/settings\.php) {
			set $frame_options "deny";
		}
	}
}

# 404 page
location ~ ^(?:/html|)/pihole(?:$|/) {
	# Block public access
	allow 127.0.0.0/8;
	allow 192.168.0.0/16;
	allow 10.0.0.0/8;
	allow 172.16.0.0/12;
	allow ::1/128;
	allow fe80::/10;
	allow fc00::/7;
	deny all;

	# Standard PHP handler block
	try_files $uri $uri/ =404;
	location ~ .+\.php(?:$|/) {
		fastcgi_pass php;
		include snippets/fastcgi-php.conf;
	}
}
13

this is the old configuration file and can be removed. Usually it should have been removed during DietPi update to version 9.11

At least if you were already on PiHole v6 before the DietPi update :thinking:

However, you can create a new configuration

nano /etc/nginx/sites-dietpi/pihole.conf

and add the following

        location /admin/ {
                proxy_set_header Host $host;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_pass http://127.0.0.1:8089/admin/;
        }
        location /api/ {
                proxy_set_header Host $host;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_pass http://127.0.0.1:8089/api/;
        }

Then save and restart Nginx

systemctl restart nginx.service
14

Thank you very much, I was searching on the internet and tried some conf files and they gave an error in nginx, I was already thinking about using a tunnel in cloudfare for my external access, your settings worked perfectly.

15

It took me some time to find the configuration. For whatever reason, /api must also be forwarded. Luckily I found the post in the PiHole forum Can't get v6 webinterface behind nginx reverse proxy to work - #4 by stefan - Beta 6.0 - Pi-hole Userspace