First of all, what is wildcard DNS and why should you care? Well, you know when you go to the local DNS settings of your Pi-hole interface and you add an entry for a new domain? Let’s say you just spun up a Jellyfin instance so you add jellyfin.yourdomain. You would then need to create an entry in your reverse proxy, then another one in Pi-hole’s local DNS list.

Well, imagine if instead we could create only one DNS entry so that every subdomain of a given domain point to the same IP. One DNS entry to rule them all. A wildcard DNS entry

This is where this handy trick comes in. We’re gonna make it that you never need to add an entry in your Pi-hole’s local DNS again, unless you add a new domain or a new reverse proxy instance on another ip address. It’s not doable through the Pi-hole interface but it’s very simple nonetheless.

Here’s how you do it.

All you need is to drop a file in /etc/dnsmasq.d/ let’s call it 99-nginx-proxy-manager.conf (or whatever else you reverse proxy is called, but the 99- is important).

Inside that file, add the following:

address=/.local.domain/192.168.2.102

Change local.domain to your actual local domain name and the ip with yours pointing at your reverse proxy. Pi-hole uses dnsmasq but for some reasons doesn’t implement this feature in their UI.

With this configuration file, we’re telling Pi-hole that if it gets a DNS request for any subdomain that is followed by .local.domain, it should forward it to your reverse proxy. That’s where the 99- is important. It means it’s the last configuration file that will be read, meaning it has priority over those that preceded.

That’s it! Just run pihole restartdns and you’re all set. Next time you add a new service to your homelab, you only need to add it to your reverse proxy. Pi-hole knows where to find it.