Optimized DietPi software?

So I see in the menu there is “optimized” DietPi software. What does that mean?
I found pihole, but I installed pihole according to their website guide. I was afraid to install the one in the DietPi menu and have issues. I also installed unbound using the :

sudo apt install unbound

Not from the DietPi menu.

Am I better or worse off?


optimized software means, that these are normal software title but we performed some tweak to have them performing together without huge configurations steps needed by the end user. If you would have selected PiHole + unbound from dietpi-software, nothing would need to be configured from your side.

Especially if you install PiHole according their docu, it will install a WebServer dedicated to PiHole and you would have issues if you like to host other software like NextCloud (which require a Webserver as well).

I always would recommend to use to use dietpi-software

Am I better or worse off?

If you know how to set it up or want to customise it much, a manual install is pretty fine.

dietpi-software does mostly the same, Pi-hole is installed via the official installer, Unbound is installed via the APT package. What dietpi-software does on top is some auto-configuration, like adding a hardened default configuration for Unbound, setting it up to work with Pi-hole automatically, if Pi-hole is installed as well, and in case of Pi-hole it can be installed with Apache2 or Nginx webserver as well while dietpi-software takes care of the PHP and webserver configuration to match as good as possible the official Pi-hole Lighttpd configuration, allowing easy HTTPS integration as well.

The multi-purpose compatible installs has been mentioned by Joulinar already: The Pi-hole installer sets up Lighttpd a way that it can work only with Pi-hole and nothing else easily in parallel, i.e. a single-purpose setup. Adding other websites/applications is quite difficult then, especially the PHP-CGI integration instead of PHP-FPM is difficult to handle, as the Pi-hole updater reverts any changes to the lighttpd.conf.

Thanks for replying to my question

I used pihole installer because I was told installing vie the dietpi-software is unsupported by them and have to come here for support. I thought I play it safe.

it depends how you are looking on it. From a PiHole Dev point of view, of course I would request to use the own installer to ensure a working system as it was designed. Because PiHole believe to be the only one on an SBC and there are no other apps using the web server stack. However from DietPi point of view, we need to tweak some apps to ensure proper operation for all of them. Means that you are able to combine them on DietPi as you like. Because most of our users like to use run more than PiHole :wink:

aha ok, so in my case I am running PiHole+Unbound , do they conflict or these 2 are ok working with each other without using the DietPi installer?

yes they will work together. But you are missing DietPi tweaks and hardening for Unbound, if not set by yourself. :wink:

But should not be a problem if it’s working for you

Pi-hole and Unbound are a very popular reasonable combination, so Pi-hole has the required setup well documented: https://docs.pi-hole.net/guides/dns/unbound/
When you install Pi-hole or Unbound via dietpi-software, and the other one is installed already or in the same turn, they are automatically configured to work together, not identical but quite similar to what the Pi-hole docs suggest. So it’s mainly a time-saver here :slight_smile:. If you’re interested in our Unbound config: https://github.com/MichaIng/DietPi/blob/dev/.conf/dps_182/unbound.conf (the port is switched to 5335 when Pi-hole is installed).
The main difference is that it does not allow to be used from public IPs by default, but only from LAN address ranges. Not an issue when you have a NAT that does not forward ports 53/5335 anyway, but usually you don’t want your private instance to be used by any random host out there :wink:.

Incompatibilities are more likely to happen when you’re going to install other web applications that use a regular webserver, like Nextcloud, Wordpress, Ampache and such. The Pi-hole Lighttpd config, with php-cgi instead of php-fpm and the additional effort required to setup HTTPS and directory-based application configs, makes it not the best to start with. It’s simply not designed and intended to be used as one of several applications/sites on the same server, but as the one web interface on that server, which is perfectly fine it that is the case.

thank you very much for this…
So people from outside can access my unbound to resolve DNS quieres? I thought my network (192.168.1.x) is inaccessible to the outside internet.

this is not what is stated above. Your systems are not reachable from internet as long as you don’t open actively a port on your internet router

As said, our config prevents public access on application level, but without that every service is accessible from www, when the router forwards the port or the device is attached to www without a router, like a VPS (virtual private server) + no firewall blocking it.