Sync custom DNS entries in Pi-hole to OPNsense dnsmasq.
Go to file
Cyberes 1789f11c3f expand readme 2024-02-28 14:29:14 -07:00
.gitignore add files 2024-02-26 14:26:05 -07:00 expand readme 2024-02-28 14:29:14 -07:00
pihole-opnsense-sync.service update readme and service 2024-02-26 14:43:04 -07:00
requirements.txt add files 2024-02-26 14:26:05 -07:00 fix insecure, expand readme 2024-02-28 14:26:50 -07:00


Sync custom DNS entries in Pi-hole to OPNsense Unbound.

This little service watches Pi-hole's /etc/pihole/custom.list file and when a change is made, it syncs it with your OPNsense router's Unbound host overrides. This is useful because if your Pi-hole goes offline then you will still be able to resolve your custom domains.


  1. Install pip requirements:
    pip install -r requirements.txt
  2. Create your secrets file at /etc/secrets/pihole-opnsense-sync with your API details:
  3. Give your user the Services: Unbound DNS: Edit Host and Domain Override permision.
  4. Set the permissions on this file:
    sudo chown root:root /etc/secrets/pihole-opnsense-sync
    sudo chmod 600 /etc/secrets/pihole-opnsense-sync
  5. Copy the systemd service file:
    sudo cp pihole-opnsense-sync.service /etc/systemd/system/pihole-opnsense-sync.service
    The service is configured to run as the pihole:pihole user.
  6. Edit the service file. You might need to modify --opnsense and add --insecure. 7Enable and start the service:
    sudo systemctl enable --now pihole-opnsense-sync
    sleep 2
    sudo systemctl status pihole-opnsense-sync