Skip to content

Alpine ssl #1256

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Alpine ssl #1256

wants to merge 3 commits into from

Conversation

DavidTanner
Copy link

Thank you for your contribution to the Pi-hole Community!

Please read the comments below to help us consider your Pull Request.

We are all volunteers and completing the process outlined will help us review your commits quicker.

Please make sure you

  1. Base your code and PRs against the repositories developmental branch.
  2. Sign Off all commits as we enforce the DCO for all contributions
  3. Sign all your commits as they must have verified signatures
  4. File a pull request for any change that requires changes to our documentation at our documentation repo

What does this PR aim to accomplish?:

I recently set up pihole on Alpine linux bare metal with an SSL certificate signed by LetsEncrypt. The process took a bit of effort to put everything together, and I want to share what I learned with others.

How does this PR accomplish the above?:

Using the instructions here, users should be able to set up Dehydrated for Alpine, and CloudFlare for DNS, to get SSL certificates for their PiHole running on Alpine baremetal

Link documentation PRs if any are needed to support this PR:

N/A

By submitting this pull request, I confirm the following:

  1. I have read and understood the contributors guide, as well as this entire template. I understand which branch to base my commits and Pull Requests against.
  2. I have commented my proposed changes within the code and I have tested my changes.
  3. I am willing to help maintain this change if there are issues with it later.
  4. It is compatible with the EUPL 1.2 license
  5. I have squashed any insignificant commits. (git rebase)
  6. I have checked that another pull request for this purpose does not exist.
  7. I have considered, and confirmed that this submission will be valuable to others.
  8. I accept that this submission may not be used, and the pull request closed at the will of the maintainer.
  9. I give this submission freely, and claim no ownership to its content.
  • I have read the above and my PR is ready for review. Check this box to confirm

@DavidTanner DavidTanner requested a review from a team as a code owner July 2, 2025 14:47
@netlify Netlify
Copy link

netlify bot commented Jul 2, 2025
edited
Loading

Deploy Preview for pihole-docs ready!

Name Link
🔨 Latest commit a20dbc2
🔍 Latest deploy log https://app.netlify.com/projects/pihole-docs/deploys/686ec7c082751000081b39aa
😎 Deploy Preview https://deploy-preview-1256--pihole-docs.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@DavidTanner
Copy link
Author

@rrobgill or @yubiuser what do I need to do to get a code review?

@rrobgill
Copy link
Contributor

I have no special insight on when reviews happen, I'm just another contributor.

But I'm happy to give my input here.

My concern would be that although dehydrated is listed on the Let's encrypt ACME Client Implementations page, cfhookbash is not.

cfhokbash seems to be quite a small project and also has not updated for some time (last code change was 18 months ago, last issue was raised in 2021). If users run into problems with it are they going to be able to get assistance?

@DavidTanner
Copy link
Author

As for the hook being small, it really is small. For support I'm not really sure. This is how I got things set up, and it has been working. Version 4.9.0 was a PR that was merged last year. It doesn't feel right to me to say that because a project hasn't had issues means it isn't supported or can't be fixed. What would be your recommendation?

yubiuser
yubiuser reviewed Aug 4, 2025
View reviewed changes
Copy link
Member

@yubiuser yubiuser left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure how to judge this PR best. I'm not using Pi-hole on Alpine and any of these tools to setup SSL encryption.
The other thing is: this is a highly specific topic which (wild guess!) is only interesting to a handful of users out there. Should we really include and maintain such a guide?

@PromoFaux
Copy link
Member

Should we really include and maintain such a guide?

It's a good point. We used to have some guides for alternative webservers - which I guess kinda sorta loosely falls under the same category.

IIRC those guides were removed when we transitioned from v5->v6 because they were outdated and we haven't rewritten them.

Personally I think I would prefer a much more generic guide on how to auto generate SSL certs on multiple distros (and even how to just stick it behind a reverse proxy with SSL generation built into it)

@rdwebdesign
Copy link
Member

Personally I think I would prefer a much more generic guide ...

I agree.

Currently no member of the development team uses Alpine Linux (which is probably why it took us so long to review this PR).

If an Alpine update changes something that breaks Pi-hole, we won't know right away and probably won't be able to fix/maintain the guide.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yubiuser yubiuser yubiuser left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@DavidTanner @rrobgill @PromoFaux @rdwebdesign @yubiuser