Setting up Nebula Sync for two Pi-hole instances (worksheet)
THE TUTORIAL IS MEANT TO BE USED WITH THIS VIDEO!
YouTube tutorials can be a pain to actually follow, so here’s the worksheet that accompanies the video - for your convenience.
I recommend both printing this out, to use as a checklist, and keeping the page up, so you can copy-and-paste the entries.
What you need:
2 instances of Pi-hole
SSH access to both Pi-holes
Pi-hole web UI passwords for both Pi-hole instances
STEP 1: Designate Primary and Secondary Pi-hole Instances
Record hostname and IP of your primary Pi-hole here:
_____________/_____________
Record hostname and IP of your secondary Pi-hole here:
_____________/_____________
STEP 2: Prepare Secondary Pi-hole
Connect to your secondary Pi-hole instance via SSH:
open a terminal window on your Windows computer, WIN + R > cmd > Enter
[copy/paste >] ssh USERNAME@IP_ADDRESS_OF_RPi (for example: ssh netserv@192.168.0.11)
Enter password from step 1, #6 of the primary Pi-hole’s worksheet
[copy/paste >] sudo pihole-FTL --config webserver.api.app_sudo true[copy/paste >] sudo systemctl restart pihole-FTLSTEP 3: Download and Install Nebula Sync
Connect to your primary Pi-hole instance via SSH:
[copy/paste >] cd /tmpThe rest of the lines in this step need to be modified if you are not using an arm64 device (like a Raspberry Pi 3, Zero 2, or higher). Depending on the CPU architecture, you’ll need to change it something like amd64, armv7m, or rv64gc. This will affect the curl, tar, and rm steps.
[copy/paste >] URL=$(curl -s https://api.github.com/repos/lovelaze/nebula-sync/releases/latest | grep "browser_download_url.*linux_arm64.tar.gz" | cut -d '"' -f 4)[copy/paste >] wget $URL[copy/paste >] tar -xvf nebula-sync_*_linux_arm64.tar.gz[copy/paste >] sudo mv nebula-sync /usr/local/bin/[copy/paste >] sudo chmod +x /usr/local/bin/nebula-sync[copy/paste >] rm nebula-sync_*_linux_arm64.tar.gzSTEP 4: Create Nebula Sync Config
(still in SSH on the primary Pi-hole):
Replace netserv with the username that you use to connect via SSH!
[copy/paste >] mkdir -p /home/netserv/.config/nebula-sync[copy/paste >] nano /home/netserv/.config/nebula-sync/nebula.envcopy from here>
PRIMARY=http://192.168.0.11|pihole REPLICAS=http://192.168.0.12|pihole FULL_SYNC=true RUN_GRAVITY=true
<to here, and paste it into nano
Note: changing the IP addresses of your primary and secondary instances, and changing the passwords to what you had at the end of Step 4 on the original Pi-hole setup worksheets. If you copy and pasted the setpassword line as-is, your passwords may also be set to “pihole”
Exit (Control-X) and Save (yes)
STEP 5: Create the Service File
(still in SSH on the primary Pi-hole):
[copy/paste >] sudo nano /etc/systemd/system/nebula-sync.servicecopy from here>
[Unit] Description=Nebula Sync Service After=network.target [Service] Type=oneshot User=netserv ExecStart=/usr/local/bin/nebula-sync run --env-file /home/netserv/.config/nebula-sync/nebula.env
<to here, and paste it into nano
Note: change the user from netserv to what you had at Step 1 #6 on the original Pi-hole setup worksheet
Exit (Control-X) and Save (yes)
STEP 6: Create the Timer File
(still in SSH on the primary Pi-hole):
[copy/paste >] sudo nano /etc/systemd/system/nebula-sync.timercopy from here>
[Unit] Description=Run Nebula Sync every 15 minutes [Timer] OnBootSec=2min OnUnitActiveSec=15min [Install] WantedBy=timers.target
<to here, and paste it into nano
Exit (Control-X) and Save (yes)
[copy/paste >] sudo systemctl daemon-reload[copy/paste >] sudo systemctl enable --now nebula-sync.timerSTEP 7: Manual Test
(still in SSH on the primary Pi-hole):
Replace netserv with the username that you use to connect via SSH!
[copy/paste >] sudo -u netserv /usr/local/bin/nebula-sync run --env-file /home/netserv/.config/nebula-sync/nebula.envNOTE: If you have any issues, please comment on the original video for assistance
