Pi-Hole-on-Google-Compute-Engine-Free-Tier-with-Full-Tunnel-and-Split-Tunnel-Wireguard-VPN-Configs icon indicating copy to clipboard operation
Pi-Hole-on-Google-Compute-Engine-Free-Tier-with-Full-Tunnel-and-Split-Tunnel-Wireguard-VPN-Configs copied to clipboard

Published 20 hours ago verified publisher icon rajannpatel

How to make this work with my Roku Smart TV?

Open TidusWulf opened this issue 3 years ago • 5 comments

I have the server up and running. I have wireguard on my phone and it's performing well, just as intended. But as for the smart TV in my house, I would like to set that up to use pihole with Google Cloud as well. The Roku software doesn't allow for custom DNS. Is there something I can do in my router firmware to point my Smart TV at the Google Cloud pihole? I have a Netgear Nighthawk R6900 with stock firmware.

TidusWulf avatar Jul 01 '22 04:07 TidusWulf

Best practice is to connect your router to the pi-hole instead of every device.

dd8zc avatar Jul 01 '22 06:07 dd8zc

Yeah, that doesn't seem to work though. I lose internet connectivity when I change my DNS to the reserved Google Cloud IP.

TidusWulf avatar Jul 01 '22 17:07 TidusWulf

Do you made your gcp pihole public? Don't do this. Please refer to https://www.reddit.com/r/selfhosted/comments/a3eym1/pihole_on_a_public_server_good_bad/.

Is the VPN connection between your router and the gcp pihole working proper?

dd8zc avatar Jul 01 '22 17:07 dd8zc

I did not deviate from the instructions at all.

There is no VPN connection between my router and gcp pihole.

On my phone, I'm using the wireguard VPN. On the router, it looks like I have only a tool to make my home network a VPN for when I'm not home, but not to enable a VPN that applies to the devices within my home network. I've done a little more research and it seems OpenWRT would work, but I'm wary of installing a custom firmware on a router that otherwise works very well for me, since low-skill with networking. The hardest thing I've ever done (before this) is turn my router into an AP, and connect a wireless printer to it.

I'm guessing the risk of disabling the VPN and making the pihole public is because then a bad actor could access the server, reprogram it, and hijack/hack me next time I connect, right?

Attached is a photo of the VPN settings page on my router.

Screenshot (6)

TidusWulf avatar Jul 01 '22 17:07 TidusWulf

Well old thread, but might be useful for others.

I'm guessing the risk of disabling the VPN and making the pihole public is because then a bad actor could access the server, reprogram it, and hijack/hack me next time I connect, right?

Well, the main risk is that everyone can use your server as their DNS resolver. It will get a lot of requests and you run out from the Google Cloud free tier limits. What you described is also possible, but requires some security vulnerabilities in Pi-Hole.

Other possible issues, like server being used for DDoS attacks: https://developers.google.com/speed/public-dns/docs/security

spinpwr avatar Jun 08 '23 16:06 spinpwr