Table of Contents
Pi-Hole - Configure Pi-Hole behind NginX
NOTE: The assumption is that NginX is installed onto same device on which Pi-Hole will be installed.
Pi-hole by default installs lighttpd as its web-server. This lighttpd server usually handles and web traffic to Port 80, and the admin dashboard for pi-hole can be accessed using the IP of the device it is installed on, such as http://192.168.1.25/admin/.
But with NginX installed onto this device, means that it is actually NginX that would process any web traffic to Port 80; and therefore this would result in a conflict in that lighttpd would not be able to process Port 80 as well.
The solution is to keep lighttpd running on an alternate port (such as 81) and let NginX proxy all requests to pi-hole to that port.
Change the server port for lighttpd
- /etc/lighttpd/lighttpd.conf
... server.port = 81 ...
Restart lighttpd
sudo systemctl restart lighttpd.service
Check lighttpd is running
sudo systemctl status lighttpd.service
Edit NginX Configuration
- /etc/nginx/sites-available/pi.hole
server { listen 80; listen [::]:80; server_name pi.hole; return https://$host$request_uri; } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name pi.hole; ssl_certificate 'ssl/pi.hole.crt'; ssl_certificate_key 'ssl/pi.hole.key'; location / { proxy_pass http://localhost:81; include proxy.conf; } # let's go directly to the login page location = / { return $scheme://$host/admin/index.php?login; } }
The proxy.conf file:
- proxy.conf
proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme;
Restart NginX
sudo systemctl restart nginx.service
Check NginX is running
sudo systemctl status nginx.service
Usage
Whenever someone visits https://pi.hole, it redirects to https://pi.hole/admin/index.php?login which is the login page for pi-hole admin dashboard.