Pihole or Adguard on fly.io using the free-tier

Hi. I want to host pihole or adguard dns on fly.io. Is it possible to do that? How much bandwidth would pihole use? Whould that be under free-tier bandwidth?

Also, are the IP’s assigned to the app static? Because I have to point to the IP address to resolve DNS queries.

By the way, I want to host using Docker.


We have a blog on configuring Pi-hole on Fly - Stuff Your Pi-Hole From Anywhere · Fly - which uses the official Pi-hole Docker image.

The IPV4 address is static while the app is active (though we are planning to reclaim IPV4 addresses on suspended apps, we aren’t doing that yet).

As for the bandwidth question, that would depend on how many DNS queries you do. Unless you are a special high traffic case, it would be unlikely that you’d approach the current free tier limit of 160GB of traffic in a month.


Okay. Thanks for the reply.

By the way, what if the VM restarts(maybe due to maintenance done by fly.io)? Will the IP change in that case?

And with which VM do I go with? Obviously I would go with the shared CPU, but what about RAM requirements? Is 512MB RAM enough?

No, the IP is static even in that situation.

And [checks notes], yes, pihole docs list 512MB as the minimum required for pihole, at least on physical hardware so go with that.

And how would I set the RAM of the VM?

Also how do I disable the scaling of the app automatically, as I want to be under free-tier usage?

When you set the VM type, use --memory to set the RAM in MB. e.g

flyctl scale vm shared-cpu-1x --memory 1024

And by default, autoscaling is off and only happens if you specifically enable it, so you don’t have to do anythng to disable it.

(Updated to reflect lower end memory increments are 256, 1024, 2048…)

And where is the pihole config saved? In a volume? What about after I restart the app? Would the data still persist?

Environment variables (which is how pihole docker is generally configured (see docs) can be set in the fly.toml file and then retained with the image at deployment time.

If you wanted to run a persistant cache with the DNS responses, then you would have to configure a volume and configure pihole to persist data to that volume.

Other changes may require that you edit the Dockerfile to pass particular arguments to the app or copy over locally held config to build to include that in the image.

Okay, and one more question. This is a bit off-topic. Is there a way to know how much bandwidth my app used?

You can find that information in the web ui at https://fly.io/organizations/personal/usage

Oh yes, as I was just reminded, the lowest memory you can have (over the base 256) is 1024, 1GB, so more than enough headroom for pi-hole.

You mean 512Mb is not possible?

Correct, you can’t have 512MB memory configured. 256MB or 1024MB and then upwards in 1024MB increments.

For what it’s worth, pi-hole seems to do just fine with 256MB of RAM. There’s not much overhead in the Fly VMs.

If you are hosting pi-hole please please don’t expose it to the internet, use it through a private network.

From time to time vulnerabilities in DNS servers like dnsmasq (the DNS server that pihole use) are discovered, like this new one: Pi-hole FTL v5.5 released – UPDATE TODAY – Pi-hole.

Exposing it to the internet could for example allow attackers to use your pihole as a way to execute Denial of Service against other services.

This is good advice. You’re better off using our Wireguard peering to connect to private services than exposing them publicly.