ClawSkills logoClawSkills

Pi-hole Control

Control Pi-hole v6 DNS ad blocker: check status, view stats, enable/disable block, and analyze blocked domains via API.

Visit Website

Introduction

# Pi-hole Skill

Control your Pi-hole DNS ad blocker via the Pi-hole v6 API.

## Setup

Set your Pi-hole API configuration in Clawdbot config:

```yaml skills: entries: pihole: apiUrl: "https://pi-hole.local/api" # v6 API path apiToken: "your-app-password-here" # Get from Pi-hole Admin insecure: false # Set to true for self-signed certs ```

Alternatively, set environment variables: ```bash export PIHOLE_API_URL="https://pi-hole.local/api" export PIHOLE_API_TOKEN="your-app-password-here" export PIHOLE_INSECURE="false" ```

### Getting API Credentials

1. Open Pi-hole Admin at `http://pi-hole.local/admin` 2. Navigate to **Settings** > **API** 3. Generate an app password 4. Use that password as `apiToken`

## Capabilities

### Status - Get current Pi-hole status (enabled/disabled) - View stats: queries blocked, queries today, domains being blocked, active clients - See recent query activity

### Controls - **Enable/Disable**: Turn Pi-hole on or off - **Disable for 5 minutes**: Temporarily disable ad blocking for a short period - **Disable for custom duration**: Set specific disable time (in minutes)

### Block Analysis - **Check blocked domains**: See what domains were blocked in a time window - **Show top blocked**: Most frequently blocked domains

## Usage Examples

``` # Check Pi-hole status "pihole status"

# Turn off ad blocking "pihole off"

# Turn on ad blocking "pihole on"

# Disable for 5 minutes (for a site that needs ads) "pihole disable 5m"

# Disable for 30 minutes "pihole disable 30"

# See what was blocked in the last 30 minutes "pihole blocked"

# See blocked domains in last 10 minutes (600 seconds) "pihole blocked 600"

# Show statistics "pihole stats" ```

## API Endpoints (Pi-hole v6)

### Authentication ``` POST /api/auth Content-Type: application/json {"password":"your-app-password"}

Response: { "session": { "sid": "session-token-here", "validity": 1800 } } ```

### Status ``` GET /api/dns/blocking Headers: sid: <session-token>

Response: { "blocking": "enabled" | "disabled", "timer": 30 // seconds until re-enable (if disabled with timer) } ```

### Enable/Disable ``` POST /api/dns/blocking Headers: sid: <session-token> Content-Type: application/json

Enable: {"blocking":true}

Disable: {"blocking":false}

Disable with timer (seconds): {"blocking":false,"timer":300} ```

### Stats ``` GET /api/stats/summary Headers: sid: <session-token>

Response: { "queries": { "total": 233512, "blocked": 23496, "percent_blocked": 10.06 }, "gravity": { "domains_being_blocked": 165606 }, "clients": { "active": 45 } } ```

### Queries ``` GET /api/queries?start=-<seconds> Headers: sid: <session-token>

Response: { "queries": [ { "domain": "example.com", "status": "GRAVITY", "time": 1768363900, "type": "A" } ] } ```

## v5 vs v6 API Changes

Pi-hole v6 introduced significant API changes:

| Feature | v5 API | v6 API | |---------|----------|----------| | Base URL | `/admin/api.php` | `/api` | | Auth | Token in URL/headers | Session-based | | Status | `?status` | `/api/dns/blocking` | | Stats | `?summaryRaw` | `/api/stats/summary` | | Queries | `?recentBlocked` | `/api/queries` | | Whitelist | Supported via API | **Not available via API** |

**Important:** Domain whitelisting is no longer available via the v6 API. You must whitelist domains through the Pi-hole Admin UI.

## SSL Certificates

### Production (Valid Cert) ```yaml { "apiUrl": "https://pi-hole.example.com/api", "apiToken": "...", "insecure": false } ```

### Self-Signed/Local Cert ```yaml { "apiUrl": "https://pi-hole.local/api", "apiToken": "...", "insecure": true } ```

The `insecure` flag adds the `-k` option to curl to bypass certificate validation.

## Security Notes

- Session tokens expire after 30 minutes (1800 seconds) - API password is sent in JSON body, not URL - All requests have a 30-second timeout - Token is not visible in process list (passed via environment)

## Troubleshooting

### "Failed to authenticate" - Check that `apiToken` matches your Pi-hole app password - Verify `apiUrl` is correct (must end in `/api`) - Ensure Pi-hole is accessible from your network

### "Could not determine status" - Check API URL is reachable - If using HTTPS with self-signed cert, set `insecure: true` - Verify API password is correct

### Network Errors - Ensure clawdbot's machine can reach the Pi-hole - Check firewall rules allow API access - Verify URL scheme (http vs https)

## Requirements

- Pi-hole v6 or later - App password generated in Pi-hole Admin - Network access to Pi-hole API - `curl`, `jq` (installed on most Unix systems)

Back

More Products

self-improving-agent

Productivity & Tasks

Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Claude

26.4K

Find Skills

Productivity & Tasks

Helps users discover and install agent skills when they ask questions like "how do I do X", "find a skill for X", "is there a skill that can...", or express int

22.1K

Sonoscli

Productivity & Tasks

Control Sonos speakers (discover/status/play/volume/group).

18.5K