How do you run the scripts.
Also is it only /opt/AdGuardhome.yaml where you edit the IP?
Im just setting mine up but would it be possible to set it up on tempory IP then just edit the above to actual IP later?
you need to make them executeable with chmod +x <nameofscript.sh>
The manual install method installs to /opt/AdGuardHome/ the yaml file is in there.
Are you installing this on your router? or on a separate device? You can manually edit IPs but just be very careful as yaml files are sensitive to extra spaces or formatting.
cheers, i did run the Chmod, is it just then a case of typing the script name?
I currently have a standard router set up, but that will be replaced with the nano r4s, just trying to get as much set up, so once its ready, change a few IPs enable DCHP then plug this in instead
./scriptname.sh
You should install AGH on the R4S with the script but take the shortcut of copying your yaml file over the default file, (Once you edit the ips you require) or set it up again.
1 Like
cheers got this working fine
When running test, it does bog down to 50ms resposes, but thats under a high load. but its not the CPU thats hitting max, so might be just how it processes
Bit of a space update for AGH.
On a full install to the /opt folder you really require about 100mb of space.
35mb for the AGH binary and again for when it backups and upgrades. (that's in the agh-backup folder)
My Filters take 20mb for me. (Again you can raise or lower this depending on what lists you use)
However you will need to tweak your logging to keep things smaller.
I am keeping
- 90 days of statistics (2mb file at present)
- 7 days of query logs (last 7 days was 53mb)
You can turn these off or down as required. I've included my listings of the folders to give an overview.
root@OpenWrt:/opt/AdGuardHome# ll -h
drwxrwxrwx 4 root root 3.4K May 13 20:50 ./
drwxr-xr-x 7 root root 4.0K May 12 22:15 ../
-rwxr-xr-x 1 root root 34.0M May 13 20:50 AdGuardHome*
-rw-rw-rw- 1 root root 331 May 13 20:50 AdGuardHome.sig
-rw-r--r-- 1 root root 6.5K May 13 20:50 AdGuardHome.yaml
-rw-r--r-- 1 root root 41.2K May 13 20:50 CHANGELOG.md
-rw-r--r-- 1 root root 34.3K May 13 20:50 LICENSE.txt
-rw-r--r-- 1 root root 22.7K May 13 20:50 README.md
drwxr-xr-x 2 root root 3.4K May 13 20:50 agh-backup/
drwxr-xr-x 3 root root 3.4K May 19 23:21 data/
root@OpenWrt:/opt/AdGuardHome/data# ll -h
drwxr-xr-x 3 root root 3.4K May 19 23:21 ./
drwxrwxrwx 4 root root 3.4K May 13 20:50 ../
drwxr-xr-x 2 root root 3.4K May 20 18:51 filters/
-rw-r--r-- 1 root root 10.9M May 21 18:02 querylog.json
-rw-r--r-- 1 root root 52.9M May 19 21:32 querylog.json.1
-rw-r--r-- 1 root root 32.0K May 18 21:09 sessions.db
-rw-r--r-- 1 root root 2.0M May 21 18:00 stats.db
root@OpenWrt:/opt/AdGuardHome/data/filters# ll -h
drwxr-xr-x 2 root root 3.4K May 20 18:51 ./
drwxr-xr-x 3 root root 3.4K May 19 23:21 ../
-rw-r--r-- 1 root root 865.8K May 20 18:50 1.txt
-rw-r--r-- 1 root root 10.4K May 20 18:50 1625359387.txt
-rw-r--r-- 1 root root 7.9K May 20 18:50 1625359388.txt
-rw-r--r-- 1 root root 3.5M May 20 18:50 1625359390.txt
-rw-r--r-- 1 root root 5.9K May 20 18:50 1625359391.txt
-rw-r--r-- 1 root root 3.6K May 20 18:51 1625359392.txt
-rw-r--r-- 1 root root 266.1K May 20 18:50 1625359393.txt
-rw-r--r-- 1 root root 13.3M May 20 18:50 1633201708.txt
-rw-r--r-- 1 root root 1.3M May 20 18:50 1635888815.txt
-rw-r--r-- 1 root root 18.1K May 20 18:50 1639602953.txt
-rw-r--r-- 1 root root 359.9K May 20 18:50 1639602955.txt
-rw-r--r-- 1 root root 83.8K May 20 18:51 1639602956.txt
1 Like
Many thanks for this comprehensive writeup and all your efforts in helping bringing this awesome tool to the openwrt community.
I updated my x86/64 based router yesterday to OpenWrt 21.02.3 r16554-1d4dea6d4f using the Attended SysUpgrade, which obviously removed AdGuardHome (edge) setup, included in my previously installed ImageBuilder generated image.
Since this newly updated version was not ImageBuilder generated, I decided to try your scripts to get a better understanding of your stance on AdGuardHome. I'm happy to say that, after resizing the /dev/sda2 partition to use all the remaining disk space, I was able to use your very clear instructions with ease.
Thank you very much @mercygroundabyss !
2 Likes
You are very welcome. It was confusing instructions and mishmash of information combined with changes in AGH and OpenWrt that made me re-write the original 2 year long post into a much more current affair. However, it is not all my work. A number of other contributors have helped, also the wiki editors too. So where possible I have noted their contributions too.
The end result is much clearer instructions and cleaner way to add AGH. It has also resulted in improvements to AGH as feedback and issues were raised to make them aware and deploy fixes.
Long term I am hoping that AGH becomes a stable package and we can make the install simpler by using AGH's DHCP services. That will make the switchover much easier. It would be nice to just be able to opkg install and it do everything for you and make it much more friendly to newer users.
It would also make this thread redundant i guess 
but if it brings adblocking and content filtering to more users and improving things then I'm happy for that to happen. 
2 Likes
Well mine was all working then m cable modem went faulty, so was with out internet for 3 days.
the nano pi r4s was left on but rebooted a few times to try and fix the internet connection
So finally got the new modem and thought it would be a case of plug everything back and boot up.
But internet didnt work, when you opened adgaurd it said it couldnt update etc. so was thinking it was justthe modem not connecting to router correctly, when i opened adgaurd it showed it had some queuries but date was 2013
So tried to updated time in openwrt
Then all the internet worked, So is this adgaurd or what
Any ideas, on solution so this doesnt happen in future, I am looking at battery for the R4S but unsure if it will fit in case
Both in past have been fine on reboots, even if its both router and modem
Is there any way to update blocklists (filters) via command line?
Every time when i reboot router the blocklists (filters) is empty and to start blocking i need manually press the button "Check for Updates".
So i was wondering if there is any command which i will put at System -> Startup -> Local Startup of OpenWRT
Its a little of both. If you had rebooted again after getting the new modem it would have picked up an NTP update and thus fixed itself. What happened is with your modem out, and you rebooting the R4S, it lost its time (because it doesnt have a RTC). Without a proper time sync, you cannot do encrypted dns lookups as it requires proper time/date to be set. Once you updated the time, it all fell back in place and carried on. This is why we either use unencrpyted DNS for NTP updates or put a NTP bypass in place.
Regarding the battery for the R4S, I investigated that and if you look on the R4S thread and on the wiki, i have posted pictures showing a rtc battery vs the case of the r4s. It would not be an easy fit. Potentially you could drill a hole in the external case and just tape the battery to the side or maybe use a smaller battery.
You are using the opkg version which writes those filters to the /tmp folder and thus looses them on reboot. The wiki has details on this https://openwrt.org/docs/guide-user/services/dns/adguard-home#installation
The default configured working directory will mean query logs and statistics will be lost on a reboot. To avoid this you should configure a persistent storage path such as /opt or /mnt with external storage and update the working directory accordingly.
Either switch to using the edge or stable version which will install to /opt or change the working directory for your existing install which can be configured in /etc/config/adguardhome. Be aware you do require about 100mb of space if you are making AGH persist in /opt.
However I suspect an easier fix would be to change the init script to run a bit later as the default values currently being used may be bringing AGH up before your internet is ready so the filters fail to update automatically on reboot. This would still keep your filters/data on /tmp but add a delay to AGH starting so the internet is up when it starts and updates filters.
@jamesmacwhite Is the opkg version using differing start / stop times still? I recall there was bit of discussion on it from last time this popped up?
1 Like
added
[/pool.ntp.org/]1.1.1.1
[/pool.ntp.org/]1.0.0.1
[/pool.ntp.org/]2606:4700:4700::1111
[/pool.ntp.org/]2606:4700:4700::1001
to the uptreams, openwrt has set to the below
How would i tell that its not encrypting it?
If you followed my instructions, your router is either using your ISP's DNS or you used my script to set it to cloudflare (or whatever provider you chose), then your router will be using unencrypted standard DNS. This avoids the issue of NTP updates being a problem as the time can now be set properly after it boots as usual.
AGH will use encrypted DNS for your LAN devices. The reason it wasn't working was because its time was wrong and thus would not get a https session to do DNS Lookups due to the invalid time/date. Once you updated the time it would have kicked back in and continued working.
Adding those entries wont hurt anything. It will just make it explicit to let those pass as unencrypted.
(edit - you can use sniffer tools to dump dns packets if you really want to get technical and check to make sure but it is rather bit of a technical skill to do)
Router /Adgaurd are on same NanoPi R4s, then fllowed your instructions and set this, if this is part you mean
That bit is for the PTR or Reverse DNS lookups. It tells AGH to pass any <host>.lan and <host> to goto dnsmasq instead.
Because we use OpenWrt to do dhcp we need to let AGH know to use dnsmasq (which we moved to port 5353) to look up internal DNS addresses. It should just be handled by the Reverse DNS part lower down but there was some "wierdness" in earlier builds. They have since updated PTR code as others were seeing PTR requests go upstream instead of being left to dnsmasq.
Isnt the top line to do with the encrypted cloudfare?
the green mark was just to serparete what you used and bellow what i added
yes. the topline is the encrypted cloudflare upstream
[lan]
[//]
are the ptr lookups
(edit - technically you only really require these if you are running multiple networks. its a catch all to force internal requests to go to to dnsmasq as per my previous post)
and then your ntp bypasses are the bottom.
I use 127.0.0.1 for local PTR requests because it shows up in the stats for easier tracking.
You can also use the local ip of the router (eg 192.168.1.1)
(edit 2 - And all of this can be avoided if you disable OpenWrt's DHCP and use AGH's DHCP because it will do it internally. However unless you have a fairly simple network I would take care before you try that route. AGH team still have yet to fix some DHCPv4/v6 issues and I am unable to test that yet. You are welcome to try but over there... there may be dragons! 
)
Its detailed in this post.
Cheers
Yeah I wouldnt want to switch any DHCP to AG, I do have allot of reserved addresses and MAC bindings for WOL.
As long as it can get the NTP after reboots/modem ever fails again, it should be fine.
Just left me head scratching for a hour, as to where issue was
It might be worth in your set up instuctions to possibly add them lines if its a router etc with no rtc battery etc
This bit is in my first post but it is a giant wall of text. The opkg version is detailed on the wiki and thus is easier to read.
I have pondered if i should do the same maybe. That being said, a fair amount between the two versions is identical due to essentially the same process but different packaging.
Technically my "manual" process isn't "official" OpenWrt as its not packaged. The wiki is more for OpenWrt stuff directly. My scripting does however enable easier integration of AGH by making it more "new to linux" friendly. AGH's wiki expects you to understand what you are doing and thus the consequences of what you do.