Tag: Homelab

Compared to your average home internet user I (and lets face it probably you, the reader) have a way more complicated home network than necessary;

• I don’t just have an ISP supplied router, I’ve got Omada network switches and routers and access points.
• I’ve got multiple small servers running network services like DNS or VPN tunnels.

I thought I’d been a good little IT professional and had ensured that my maintenance (unplanned or otherwise) wouldn’t affect my families Netflix or Paramount+ streaming by having not one but two synchronised Adguard Home powered DNS servers. I’d ensured both were communicated out via DHCP (or statically configured) as the primary and secondary DNS services so that no matter what I was doing no one would be stuck without working entertainment.

But then the RaspberryPi powered device died a death, and my network fell over¹; because, as it turns out, not all devices do the sensible thing and what “secondary DNS server” actually means is “try this one after 30 seconds of hanging about”.

If you’re anything like me you’ll have a bunch of IoT smart home devices; if you’re anywhere as cheap as me, a number of those will only work on 2.4GHz networks which makes using the Google Wifi a right pain¹. I did eventually get the devices registered but only after many many repeated pairing/registration attempts. Presumably they would randomly latch onto the 2.4GHz network and be able to complete the process but it was frustrating work.

The internet also tells us just how all these cheap devices are realistically insecure and that you should be keeping them on a separate network so with that I decided to upgrade my network gear so I could implement secure things, like VLANs and ACLs and all of that fun stuff but I was using a Google WiFi mesh and although it did the job pretty well it just didn’t offer any power user features at all - primarily it didn’t do VLANs, or even more than one WiFi network which meant getting any sort of separation from my potentially badly behaved devices was next to impossible.

So I upgraded the hardware.

If you want to run Pi-hole on your network but not have the entire family grumble that the internet isn’t working when you need to reboot the machine it’s running on then you’ll need to run two Pi-holes. To run two Pi-holes properly they need to a) be on separate machines (I use my main homelab server and a RaspberryPi) and b) be configured on your client devices appropriately.¹

If you’ve got all that working but have been getting annoyed that adding any new service means duplicating manual configuration steps in a clunky Pi-hole web interface then you’ll likely have been searching for some sort of automation to handle it. Fortunately I came across a Terraform provider for Pi-hole that got me most of the way there. I just needed to put together a playbook/plan for it.

So with that. I present STPFMMP (Simple Terraform Playbook For Managing Multiple Pi-holes)