Not sure as I don't use or need the feature, was just aware it existed.
PiHole’s API commands are all listed here:
http://pi.hole/api/docs (yes this is hosted locally on a pi-hole instance assuming you have one)
If this driver hits an API endpoint, it’s probably possible to hit others.
1 Like
Hello, I understand your concern and after reading the API docs (and the locally hosted API docs), I dont see a way to do per client blocking. If you find out where I can find more information, I'd be happy to look into implementing the feature request.
FWIW, I do 2 minute unblocks from my iPhone Homekit App whenever I need to click on a necessary email link or run through a login page that's misbehaving. I settled on 2 minutes as the maximum amount of time I'd take to fumble through certain pages. Hope this helps.
1 Like
Just thinking out loud:
What if the device driver has a button to change the client groups association for XX minutes? I personally dont use GROUPS in my setup so will need to really understand if you can have such a thing as an UNBLOCKED GROUP.
This will not work with clients that have roaming IP addresses or other changing network details.
1 Like
Thank you for considering this. I was thinking the same thing - add and remove a device from a group. I thought it was hacky, but after looking at the API, there doesn't seem to be any other option.
There isn't a unblocked group, per say. In my example, I'm thinking that I would "allow" the google ad domain for a specific group.
And assign the allowed rule to the group:
So this worked when I added my phone to the group. However, when I removed my phone (aka 2 minutes to quickly shop), I am still able to access those ad links. The domain is being cached (pihole and/or phone).
Before you attempt an implementation, I need to see if there is a way to set a short TTL for a specific domain. Pihole seems to have started blocking again once the device was removed from the group, but the phone is caching it, even though it was in a private Safari tab, tab was closed, and Safari quit and opened again, and a new search made.
1 Like
There may need to be a logic to clear the caches whenever a group gets updated... and as I understand it, this could get expensive as part of the Pi-hole allure is local DNS caching so that you're not waiting on upstream DNS responses.
I agree, clearing the pihole cache would defeat the purpose of quick and local. Personally, I wouldn't mind the hit to clear the cache if that's what it took, as shopping is quite a rare occurrence.
The pihole cache doesn't seem to be the issue. Pihole blocks requests again when the device is removed from the group, as per my previous screen capture. There "appears" to be something on the phone/browser end. The domain is re-blocked by pihole, but the phone is still able to get around it. Three hours after removing and I can still click those ad links.
I'll keep testing. Again, thanks for considering this.
@walksonair Further testing has shown that the caching is on the device side, NOT pihole. I have found a solution to this caching issue. I have created a Shortcut which can flip a virtual HE switch, waits for 15 min, turn the switch off, wait 10 seconds and then clears the device's DNS cache (if macos: run 2 terminal commands, otherwise ios: turn on airplane mode, wait 10 seconds, turn off airplane mode).
I have everything in place. My request, at your convenience, is adding a command to add and remove a device from a group. Thank you.
Sounds like it will be a good evolution of the driver. I will setup an issue and branch to do the dev work this weekend...can you PM me your email so I can add you to it?
2 Likes
Done.
Another idea is to be able to add/remove domains. I don't see anything about turning a domain on/off. Use case: I needed to temporarily unblock a domain for my daughter yesterday. I logged into pihole and clicked the domain off. I would like for my wife to be able to do so, and the simplest way is via homekit - a virtual switch to allow or disallow a specific domain - and a backend rule to delete and then add that blocked domain.
Another idea is to be able to actually enter a domain to block via the HE device page. The reason is that I can do that remotely if I have to, where I can't with the pihole interface. I'm NOT looking to include all functionality, just a couple or 3. I know that setting up a VPN could do this, but I haven't succeeded in that, and the HE device would be simpler for just the few functions.
Thank you @walksonair for doing this! Just like last time, I've been slow to update my pi-hole, so was just now starting to update the original fork and saw you got to it already and made it way better.
Been running it since last night and it works wonderfully. Thank you!
1 Like
@walksonair - What does the updateBlockingResumeTime call do?
I have my polling set at 10min, but I'm seeing this scheduled for every minute or so, but I'm not sure what it is updating or why so often.
Not concerning, I just tend to scrutinize what events are triggering on my Hub given historical performance issues. lol
1 Like
Hey there neighbor! Thanks for digging into the driver—knowing someone else is poking around actually makes me feel better.
The reason you’re seeing that “updateBlockingResumeTime” job fire every minute is because, whenever blocking is turned off, I schedule it to:
1. Refresh the “blockingWillResumeAt” timestamp in the UI so you always see an up-to-date resume time, and
2. Double-check the timer and immediately re-enable blocking the moment it expires.
I chose the every-minute approach because I was worried a single runIn(..., onResume) job might get lost if the Hub ever rebooted during the countdown. Do you happen to know whether Hubitat’s runIn schedules survive a reboot? Or—if you’ve got a more bulletproof pattern for this—I’d love to hear your recommendations!
Awesome.
I don't have a recommendation (will think about that), but I think I might be hitting a bug then, I see that updateBlockingResumeTime running even when I'm in normal 'blocking' is on mode, which is what I wasn't expecting. And it sounds like it should only be running when in blocking is off. For example I've been in blocking is on mode for the last 5+ hours but still seeing that every minute.
Does that make sense?
I think you may be missing a:
unschedule("updateBlockingResumeTime") somewhere in around line 215?
Or perhaps instead of using runEvery1Min, you could just run once and check before rescheduling like you are doing with polling instead of a runevery10
Hello @walksonair thanks for spending the time to write this plugin. I forked a copy of your code and working on adding support to https & support for a fqdn instead of just an ip and am floundering a bit. My PiHole fleet is running on these free vps's and serves my friends & family. I first struggled with the pingPiHole function and I got that sorted out with some AI help.
Now I am stuck on the sendRequest function specifically here, can you give me some pointers on what's going on here and how can I refactor this code to handle https endpoints?
def hubAction = new hubitat.device.HubAction([
method: method,
path: "/api${endpoint}",
headers: headers,
body: safePayload,
], null, [callback: callbackMethod])
for the time being I am going with the homebridge option to expose my pihole fleet to my iOS + Alexa devices and it works like a charm.
I'll have to look at how much it'll take to get fqdn support in...
Yes I think you're right...oopsie. Will push an update this weekend!
3 Likes
Awesome, thank you!
Ok, I did a quick update. If you have any recommended dev simulation tools - I would love to learn more on how to get my hubitat dev environment better. I dont want to buy new HW to test on, though. Let me know if I need to change the code further...will look at adding the extra features, @neerav.modi and @govardha, as soon as able.
2 Likes
Thank you, installing now!
On dev environment. Not really. I do have an extra HUB I use sometimes for this, but honestly typically just do it on my main home machine, as it's easier to know if it's really working or not for me
