Home image
- clean raspberry pi OS
- sudo apt update
- sudo apt upgrade
- setup DNS over HTTPS (cloudflared)
- download cloudflared
wget https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-arm64
sudo mv -f ./cloudflared-linux-arm64 /usr/local/bin/cloudflared
sudo chmod +x /usr/local/bin/cloudflared
cloudflared -vconfigure cloudflared to run on startup sudo useradd -s /usr/sbin/nologin -r -M cloudflared
create a config file for cloudflared sudo nano /etc/default/cloudflared CLOUDFLARED_OPTS=--port 5053 --upstream https://cloudflare-dns.com/dns-query
update the permissions for the configuration file and cloudflared binary to allow access for the cloudflared user sudo chown cloudflared:cloudflared /etc/default/cloudflared sudo chown cloudflared:cloudflared /usr/local/bin/cloudflared
Create the systemd script that will control the running of the service and allow it to run on startup sudo nano /etc/systemd/system/cloudflared.service [Unit] Description=cloudflared DNS over HTTPS proxy After=syslog.target network-online.target
[Service] Type=simple User=cloudflared EnvironmentFile=/etc/default/cloudflared ExecStart=/usr/local/bin/cloudflared proxy-dns $CLOUDFLARED_OPTS Restart=on-failure RestartSec=10 KillMode=process
[Install] WantedBy=multi-user.target
- enable the systemd service to run on startup, start the service and check status
sudo systemctl enable cloudflared
sudo systemctl start cloudflared
sudo systemctl status cloudflared ┌──────────────────────Installation Complete!────────────────────────┐
│ Configure your devices to use the Pi-hole as their DNS server │
│ using: │
│ │
│ IPv4: 192.168.0.244 │
│ IPv6: 2a02:a317:628f:2080:5567:5d9a:5ea7:c6d2 │
│ If you have not done so already, the above IP should be set to │
│ static. │
│ View the web interface at http://pi.hole/admin or │
│ http://192.168.0.244/admin │
│ │
│ Your Admin Webpage login password is gdrzHZ09 │
│ │
│ │
│ │
│ │
│ │
├────────────────────────────────────────────────────────────────────┤
│ < OK > │
└────────────────────────────────────────────────────────────────────┘- cloudflare tunnel to expose xdd.tyziniec.com to the internet
sudo apt install curl lsb-release
cloudflared tunnel login
cloudflared tunnel create RASPTUNNEL
cloudflared tunnel route dns RASPTUNNEL xdd.tyziniec.com
cloudflared tunnel run --url ➜ ~ ssh 192.168.0.244- to use DNS over HTTPS and expose xdd.tyziniec.com Replace the entire contents of /etc/cloudflared/config.yml with something like:
tunnel: RASPTUNNEL
credentials-file: /home/wtznc/.cloudflared/f160ee35-0f03-4856-84f4-e4257c9e026c.json
# Enable DNS over HTTPS on localhost
proxy-dns: true
proxy-dns-port: 5053
proxy-dns-address: 127.0.0.1
proxy-dns-upstream:
- https://1.1.1.1/dns-query
- https://1.0.0.1/dns-query
# Ingress rules: direct xdd.tyziniec.com to Pi-hole's web port
ingress:
- hostname: "xdd.tyziniec.com"
service: "http://localhost:8080"
# Catch-all for anything else
- service: http_status:404sudo cloudflared --config /etc/cloudflared/config.yml service install
sudo systemctl enable cloudflared
sudo systemctl start cloudflared
sudo systemctl status cloudflaredBackup raspberry image remotely
ssh wtznc@192.168.0.244 "sudo dd if=/dev/mmcblk0 bs=1M status=progress | gzip -" | dd of=/Users/wtznc/Desktop/raspberry_backup/backup.gz