- network-wide ads & tracker blocking DNS server
- free and open source
- Github
- plenty of chicken and egg scenario’s - so plan your network out before hand, literally to the smallest detail
- “it’s always DNS” is true - it’ll always speed things up (especially on the same net), but I recommend putting in a secondary DNS server whilst making changes
- DHCP (and IP address clashes) are almost always the issue on a home network..
- static fix your most important devices at the end of the DHCP range and work backwards
- router logs are gold
- always leave yourself an out (or technically, in), aka a working device to connect and make changes
- name: Stop systemd-resolved service
ansible.builtin.service:
name: systemd-resolved
state: stopped
- name: Disable systemd-resolved service
ansible.builtin.service:
name: systemd-resolved
enabled: no
- name: Create AdGuard working directory
ansible.builtin.file:
path: /var/lib/adguard/work
state: directory
mode: '0755'
- name: Create AdGuard config directory
ansible.builtin.file:
path: /var/lib/adguard/conf
state: directory
mode: '0755'
- name: Create a data container
docker_container:
name: adguard
state: started
restart_policy: unless-stopped
image: adguard/adguardhome
network_mode: host
volumes:
- /var/lib/adguard/work:/opt/adguardhome/work\
- /var/lib/adguard/conf:/opt/adguardhome/conf\
- disable systemd-resolved service
- docs
# sudo lsof -i :53
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
systemd-r 316 systemd-resolve 13u IPv4 23920 0t0 UDP localhost:domain
systemd-r 316 systemd-resolve 14u IPv4 23921 0t0 TCP localhost:domain (LISTEN)
- use like typical hosts file
- after changing will probably need to flush cache on devices
# Chrome
chrome://net-internals/#dns
# MacOS
sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder
# Linux
# (except AdGuard Home itself, as doesn't use systemd-resolved)
sudo systemd-resolve --flush-caches
# Android
chrome://net-internals/#dns
- install and enable Tailscale app
- ensure dns rewrite is setup to map AdGuard hostname to its Tailscale IP
- Private DNS settings > dns.adguard.com
- flush DNS cache via Chrome
- use to block/unblock specific domains
- hosts file syntax (but is not the hosts files itself)