# pihole-opnsense-sync

_Sync custom DNS entries in Pi-hole to OPNsense Unbound._

This little service watches Pi-hole's `/etc/pihole/custom.list` file and when a change is made, it syncs it with your
OPNsense router's Unbound host overrides. This is useful because if your Pi-hole goes offline then you will still be
able to resolve your custom domains.

## Install

1. Install pip requirements:
    ```shell
    pip install -r requirements.txt
    ```
2. Create your secrets file at `/etc/secrets/pihole-opnsense-sync` with your API details:
    ```bash
   OPNSENSE_API_KEY='...'
   OPNSENSE_API_SECRET='...'
   ```
3. Give your user the `Services: Unbound DNS: Edit Host and Domain Override` permision.
4. Set the permissions on this file:
    ```shell
   sudo chown root:root /etc/secrets/pihole-opnsense-sync
   sudo chmod 600 /etc/secrets/pihole-opnsense-sync
   ```
5. Copy the systemd service file:
   ```shell
   sudo cp pihole-opnsense-sync.service /etc/systemd/system/pihole-opnsense-sync.service
   ```
   The service is configured to run as the `pihole:pihole` user.
6. Edit the service file. You might need to modify `--opnsense` and add `--insecure`.
   7Enable and start the service:
   ```shell
   sudo systemctl enable --now pihole-opnsense-sync
   sleep 2
   sudo systemctl status pihole-opnsense-sync
   ```