Spitballing ideas:
- Run PiHole on a public facing server/port. You’ll probably need to plan out the security aspects of it, but then your friends could then just set their devices to use the PiHole DNS (much like how people can set their devices to use 1.1.1.1 or 8.8.8.8).
- Drop a Pi with PiHole in their network that is managed with some fleet/IOT management platform like Balena. That’ll in theory get you PiHole running in a container, and you’ll have a management platform to actually remotely connect to the Pi to manage it.
You may be already aware, but be mindful of the danger associated with having an ounce of responsibility for their DNS uptime. The bonus of option #1 is that you could also empower your friends to “bypass” PiHole should it go belly up.
Thanks for the explicit mention, I should have been less vague with my “planning the security aspects” comment. I was thinking firewall rules would mitigate that, but could moot if the friends are on a dynamic lease.
VPN is a bit of a non starter since that would require installing and running a VPN client 24/7 on all devices, else you’re dropping in a site to site VPN device on the network… At that point you might as well cut out the extra complication and just run PiHole on that point.
I actually learned about public AdGuard servers in this thread! I’d definitely lean that way if I were OP (because I personally do not want to field “the internet is not working” calls in the middle of the night).