Pi-Hole blocking access via Tailscale

Ok, I’ve just hit my very own Achilles’s hell…

I’ve got Pi-Hole and Tailscale, and everything run smoothly, but I cannot for the life of my figure out how to properly configure the dietpi-pihole-block_public_admin.on list so that my 100.x.x.x addresses on tailscale can access the admin interface. I’m sure it’s got something to do with the /XX added at the end, I must enter the wrong one, and I’ve never quite understood IP addressing so I’m turning to the forum. What should be the line I add for the Tailscale IPs ? :wink:

Did you set your interface settings on the pihole web panel to Permit all origins like mentioned in the tailscale docs?

1 Like

There is a web server configuration to block public access if you activated it during installation. Depending on the choosen web server the location is different.

What is your web server installed?

Yep, but as @Joulinar said, it’s definitely within (in my case) the nginx config. There’s a lot of addresses already configured, but I do have to allow my own Tailscale IP range as per OG message.

I already know where the allow/block list is located though. I really just need to enter the right config for my IP and that’s where I fail :wink:

Currently it has the following:

allow ::1/128;
allow fe80::/10;
allow fc00::/7;
deny all;

I guess I’d have to enter, but that’s the /Xpart that I’m clueless !

What do you mean by /X part?

This is CIDR notation and the number behind the / defines the subnet.

Edit: Since Tailscale assings a IP in the range 100.x.y.z. I would go with

1 Like

Ah yeah you are right

Sweet, thank you. That’s the thing. I’ll be damned if I ever get to understand those subnet :sweat_smile: Works flawlessly !

I don’t know if it is relevant at all, but maybe it is something to check if someone installed Tailscale to add to the file? Or maybe just a not in the docs really !

Well we can’t cover each and every use case on each and every software installation. We try to be generic as possible to give access for local network ranges.

1 Like

this is just cool as heck!!!