Markdown representation of all the guides available at https://privacyinternational.org/act. Suggestions, improvements and updates welcome, all PR accepted will be reflected on the appropriate website page.
Surely you should not have the Pi-Hole on the WAN side of your network. This will potentially expose clients on your network because there is no firewall on the Pi-Hole. Should be Client DNS > PiHole > Router.
On your Pi-Hole guidance https://github.com/privacyint/website-guides/blob/master/guide-steps/en/raspberry-pi-setup-and-run-pi-hole.md
Surely you should not have the Pi-Hole on the WAN side of your network. This will potentially expose clients on your network because there is no firewall on the Pi-Hole. Should be Client DNS > PiHole > Router.