Merge branch 'master' into dev

2021-09-06 22:43:22 +01:00 · 2021-09-06 22:43:22 +01:00 · 0cceed3c83
parent d821dcb2f0 300fcf0c9e
commit 0cceed3c83
3 changed files with 11 additions and 1 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -0,0 +1,7 @@
+version: 2
+updates:
+  # Maintain dependencies for GitHub Actions
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
--- a/.github/workflows/nightly-build
+++ b/.github/workflows/nightly-build
@ -1,4 +1,4 @@
-name: Build & Deploy Nightly images
+name: Build & Deploy Nightly Beta 5.9 images
 on:
  schedule:
    - cron: '0 1 * * *'
--- a/README.md
+++ b/README.md
@ -277,6 +277,9 @@ DNSMasq / [FTLDNS](https://docs.pi-hole.net/ftldns/in-depth/#linux-capabilities)
 - `CAP_NET_BIND_SERVICE`: Allows FTLDNS binding to TCP/UDP sockets below 1024 (specifically DNS service on port 53)
 - `CAP_NET_RAW`: use raw and packet sockets (needed for handling DHCPv6 requests, and verifying that an IP is not in use before leasing it)
 - `CAP_NET_ADMIN`: modify routing tables and other network-related operations (in particular inserting an entry in the neighbor table to answer DHCP requests using unicast packets)
+- `CAP_SYS_NICE`: FTL sets itself as an important process to get some more processing time if the latter is running low
+- `CAP_IPC_LOCK`: it gives FTL the ability to lock a region of virtual memory into physical RAM
+- `CAP_CHOWN`: we need to be able to change ownership of log files and databases in case FTL is started as a different user than `pihole`

 This image automatically grants those capabilities, if available, to the FTLDNS process, even when run as non-root.\
 By default, docker does not include the `NET_ADMIN` capability for non-privileged containers, and it is recommended to explicitly add it to the container using `--cap-add=NET_ADMIN`.\