Thanks to the people of pihole-discourse and reddit. This is just a collection of other people's work in a nice package. I do not claim credit for anything other than creating this series of scripts.
- This is a custom install for my pi! I am a tinkerer, and when I tinker, I tend to break things!!!
- I started this as a much simpler script to help assist me in getting things back up and running as fast as possible.
- A few of these things are easily done with raspi-config,, but this streamlines the process.
- I am not a programmer, but I know enough to get into trouble.
I will be updating this with new stuff all the time. you can always run git pull the /etc/piadvanced to download any changes.
- Will ask you many yes/no questions. If you don't want to install something, simply say NO!
- Is set up like "modules" I plan on adding more pi projects to it later. If it can be automated, it should go here. Message me if you have any reccomendations to add.
I suggest that you use the removedefaultpiuser script below. This will bolster your pi's security by not using the default username.
- You can find the backups in /etc/piadvanced/backups
- This is based on what you choose to install.
- All traffic to the pi is blocked unless there is a rule that allows the traffic.
- Rules can be added/removed with sudo /etc/iptables.firewall.rules
- Set the timezone
- Change your NTP servers
- Add a script to update the time every half hour.
- on/off
- fail2ban
- Helps protect against brute-forcing
- psad
- Greatly helps when the system needs to randomize something.
- Set the memory split.
- Use an experimental tweak to unlock 16MB of ram on the pi2 or pi3.
- Set the hostname
- Set a static ip for eth0
- Connect to wifi easily
- Set a static ip for wlan0
- This makes the login message much nicer than a bloc of text
- For details see:
(if curious what it installs, look at the script files)
Handy if you want to get email from your device when things happen, or you need updates.
- Apticron
- Exim4
- No-IP DUC (Dynamic Update Client)
- DDClient, which I believe works with dyndns
- Port 1194 defualt
- OpenVPN
- piVPN
- Webmin
- Port 10000
- Usermin
- Port 20000
- Rpi Monitor
- Port 8889
- This let's you remote-in to your pi, using the Windows native Remote Desktop program.
- I have found this handy when fail2ban locks me out due to invalid password attempts.
- Gives the option to use the version 2.77test4.
This is fully functional, and works!
- Asks you to change the password for the webui immediately.
- A dark theme, thanks to LKD70
- NOTE: DOES NOT WORK WITH Pi-Hole 3.0 update.
- Refer to for details.
- The Wally3k adlists.
- Configure this with sudo nano /etc/pihole/adlists.list
- The Wally3k Block Page
- Refer to for details.
- Configure with sudo nano /var/phbp.ini
- The ability to bypass by mac address.
- Configure with sudo nano /etc/dnsmasq.d/04-bypass.conf
- The ability to add additional interfaces to allow dnsmasq to listen on.
- Configure with sudo nano /etc/dnsmasq.d/05-addint.conf
- The ability to add your Windows Active-Directory DNS.
- Configure with sudo nano /etc/dnsmasq.d/06-activedirectory.conf
- The ability to add custom redirects.
- Configure with sudo nano /etc/dnsmasq.d/07-customredirect.conf
- and /etc/piadvanced/installscripts/customRedirect.list
- The ability to set permanent static ip's. Helpful if your re-install often
- Configure with sudo nano /etc/dnsmasq.d/08-staticip.conf
- The ability to block a mac address from recieving an IP address.
- Configure with sudo nano /etc/dnsmasq.d/09-noip4you.conf
- The ability to make pihole -up run every half-hour.
- The ability to make pihole -g run every 6 hours.
- The ability to remove stale lists once weekly.
- A way to Parse lists not compatible with Pihole.
- Configure this with sudo nano /etc/piadvanced/piholetweaks/ublockpihole/lists.lst
- A Second way to parse lists.
- Configure with sudo nano /var/www/html/admin/parser.php
- A way to tweet daily blockings. * Configure this with sudo nano /etc/piadvanced/piholetweaks/
- HenningVanRaumle's Youtube Adblock List
With the webservers, you can set the ip address and ports to listen on. This helps with port conflict issues.
- Lightttpd
- Apache
- Nginx
- I have stuff in the works for nginx, stay tuned.
- Refer to
- Set up a RDP/VNC/Gateway for your home network.
- It runs on Tomcat using Port 8080
- The default username and password is guacadmin
- These have the potential of being setup to function transparently alongside pihole.
- Privoxy
- Squid/Squidguard
- This is probably the nicest printer server software out there.
- Refer to for more information.
- Anything that is installed by this will need a firewall rule added.
- See for details.
- See for details.
- I had to cobble the installation a bit to make sure dependencies worked.
- I also have it set to remove the reboot instruction from their install script.
- I can't guarantee success on this one, my success has been hit or miss.
- Steam Cache
- PXE Server
- Moboticz
- Nagios
- OpenVAS
- ShellinaBox
- Plexboard
- A wake-on-lan solution
- Samba share
- A script that makes regular backups to a directory with date/time stamps. maybe weekly.
- Cerbot Let's Encrypt
- Setting up / mounting a usb device for permanent storage.
- Email server
- A way to load in a pihole teleport.
sudo git clone /etc/piadvanced/
sudo bash /etc/piadvanced/
If you are paranoid,,, make it something secure, use a password generator if needbe. Or simply don't be connected to a network for this step.
sudo passwd root
sudo bash /etc/piadvanced/
passwd -dl root
sudo reboot
after it reboots, login as your new user.