Merge pull request #13 from diginc/pihole_script_fix_cron_and_readme

Pihole script fix cron and readme
2016-05-24 22:10:36 -05:00 · 2016-05-24 22:10:36 -05:00 · 123a64311c
parent e02f4bd837 cb266e3946
commit 123a64311c
12 changed files with 91 additions and 37 deletions
--- a/README.md
+++ b/README.md
@ -1,28 +1,32 @@
-A Docker project to make lightweight x86 continers with [pi-hole](https://pi-hole.net) functionality.  
+A [Docker](https://www.docker.com/what-docker) project to make lightweight x86 continers with [pi-hole](https://pi-hole.net) functionality.  Why?  Maybe you don't have a Raspberry Pi lying around but you do have a Docker server.

 [![Build Status](https://travis-ci.org/diginc/docker-pi-hole.svg?branch=master)](https://travis-ci.org/diginc/docker-pi-hole)

-**April 25, 2016 Update**: piholeIP env var replaced by ServerIP env var, update your docker run/docker-compose configs accordingly please.
+**April 25, 2016 Update**: the 'piholeIP' env var has been replaced by 'ServerIP' env var, update your docker run/docker-compose configs accordingly please.

-## Basic Docker Usage
+## Running Pi-Hole Docker

-If you have no other dockers using port 80 (if you do, read the list below for reverse proxy advice), the minimum options required to run this container are in the script [docker_run.sh](https://github.com/diginc/docker-pi-hole/blob/master/docker_run.sh): 
+[Dockerhub](https://hub.docker.com/r/diginc/pi-hole/) automatically builds the latest docker-pi-hole changes into images which can easily be pulled and ran with a simple `docker run` command.  

-To customize your upstream DNS servers you use docker environment varibales of *DNS1* and *DNS2* passed into docker at runtime.  The default servers are Google's 8.8.8.8 and 8.8.4.4.
+One crucuial thing to know before starting is docker-pi-hole container needs port 53 and port 80, 2 very popular ports that may conflict with existing applications.  If you have no other services or dockers using port 53/80 (if you do, keep reading below for a reverse proxy example), the minimum options required to run this container are in the script [docker_run.sh](https://github.com/diginc/docker-pi-hole/blob/master/docker_run.sh) or summarized here: 

 ```
 IP=$(ip addr show eth0 | grep "inet\b" | awk '{print $2}' | cut -d/ -f1)
 docker run -p 53:53/tcp -p 53:53/udp -p 80:80 --cap-add=NET_ADMIN -e ServerIP="$IP" --name pihole -d diginc/pi-hole
 ```

-* ServerIP environment variable is required because default pi-hole scripts autodetect and give ads the private docker ip address that is not on your network so it just won't work.
- * A good way to test things are working right is by loading this page: [http://pi-hole.isworking.ok/admin/](http://pi-hole.isworking.ok/admin/)
- * [Here is an example of running with jwilder/proxy](https://github.com/diginc/docker-pi-hole/blob/master/jwilder-proxy-example-doco.yml) (an nginx auto-configuring docker reverse proxy for docker) on my port 80 with pihole on another porg.  Pi-hole needs to be `DEFAULT_HOST` env in jwilder/proxy and you need to set the matching `VIRTUAL_HOST` for the pihole.  Please read jwilder/proxy readme for more info if you have trouble.  I tested this basic exmaple which is based off what I run.
- * If you have something else taking up port 80 then the ads may not transform into blank ads correctly.  The solution to this is to make sure whatever you do have as the 'default' port 80 virtual host is redirect to this container.  
+**Automatic Updates** - [docker-pi-hole.cron](https://github.com/diginc/docker-pi-hole/blob/master/docker-pi-hole.cron) is a modified verion of upstream pi-hole's crontab entries using `docker exec` to run the same update scripts inside the docker container.  **Fill in your container's DOCKER_NAME** into the variable in the cron file before copying it to /etc/cron.d/ to use it.  It updates ad lists and cleans up your logs nightly.
+
+**Tips**
+* To customize your upstream DNS servers you use docker environment varibales of *DNS1* and *DNS2* passed into docker at runtime.  The default servers are Google's 8.8.8.8 and 8.8.4.4.
+* A good way to test things are working right is by loading this page: [http://pi-hole.isworking.ok/admin/](http://pi-hole.isworking.ok/admin/)
+* Ubuntu users especially may need to shutoff dnsmasq on your docker server so it can run in the container on port 53
+* If you have another site/service using port 80 by default then the ads may not transform into blank ads correctly.  To make sure docker-pi-hole plays nicely with an exising webserver you run you'll probably need a reverse proxy websever config if you don't have one already.  Pi-Hole has to be the default web app on said proxy e.g. if you goto your host by IP instead of domain pi-hole is served out instead of any other sites hosted by the proxy. This behavior is taken advantage of so any ad domain can be directed to your webserver and get blank html/images/videos instead of ads.
+ * [Here is an example of running with jwilder/proxy](https://github.com/diginc/docker-pi-hole/blob/master/jwilder-proxy-example-doco.yml) (an nginx auto-configuring docker reverse proxy for docker) on my port 80 with pihole on another port.  Pi-hole needs to be `DEFAULT_HOST` env in jwilder/proxy and you need to set the matching `VIRTUAL_HOST` for the pihole's container.  Please read jwilder/proxy readme for more info if you have trouble.  I tested this basic exmaple which is based off what I run.
+* ServerIP environment variable is required to override/prevent pi-hole's script from returning a unreachable docker IP instead of your server's IP for ads.
 * dnsmasq requires NET_ADMIN capabilities to run correctly in docker.

-**Updating ad sources** - Just run a `docker restart your_pihole_name` to kick off the gravity script which updates all the ad lists.
-
+**Volume Mounts**
 Here are some useful volume mount options to persist your history of stats in the admin interface, or add custom whitelists/blacklists.  **Create these files on the docker host first or you'll get errors**:

 * `docker run -v /var/log/pihole.log:/var/log/pihole.log ...` (plus all of the minimum options added)
@ -30,7 +34,7 @@ Here are some useful volume mount options to persist your history of stats in th
 * `docker run -v /etc/pihole/whitelist.txt:/etc/pihole/whitelist.txt ...` (plus all of the minimum options added)
 * if you use this you should probably read the Advanced Usage section

-All of these options get really long when strung together in one command, which is why I'm not going to show all the full commands variations.  This is where [docker-compose](https://docs.docker.com/compose/install/) yml files come in handy for representing [really long docker commands in a readable file format](https://github.com/diginc/docker-pi-hole/blob/master/doco-example.yml).
+All of these options get really long when strung together in one command, which is why I'm not showing all the full `docker run` commands variations here.  This is where [docker-compose](https://docs.docker.com/compose/install/) yml files come in handy for representing [really long docker commands in a readable file format](https://github.com/diginc/docker-pi-hole/blob/master/doco-example.yml).


 ## Docker tags
@ -46,11 +50,11 @@ This is an optimized docker using [alpine](https://hub.docker.com/_/alpine/) as
 This version of the docker aims to be as close to a standard pi-hole installation by using the same base OS and the exact configs and scripts (minimally modified to get them working).  This serves as a nice baseline for merging and testing upstream repository pi-hole changes.


-## Advanced Usage and Notes
+## Persistence and Customizations

 The standard pi-hole customization abilities apply to this docker, but with docker twists such as using docker volume mounts to map host stored file configurations over the container defaults.  Volumes are also important to persist the configuration incase you have remove the pi-hole container which is a typical docker upgrade pattern.

-### Customizing with volume mounts
+### Volumes

 Here are some relevant wiki pages from pi-hole's documentation and example volume mappings to optionally add to the basic example:

@ -60,11 +64,16 @@ Here are some relevant wiki pages from pi-hole's documentation and example volum
 * `-v your-whitelist:/etc/pihole/whitelist.txt` Your version should probably start with the existing defaults for this file.
 * `-v your-blacklist:/etc/pihole/blacklist.txt` This one is empty by default

-### Scripts inside the docker
+### Scripts

-The original pi-hole scripts are in the container, so they should work **for the debian version**, via `docker exec` like so:
+The original pi-hole scripts are in the container so they should work via `docker exec <container> <command>` like so:

+* `docker exec pihole_container_name pihole updateGravity`
 * `docker exec pihole_container_name whitelist.sh some-good-domain.com`
 * `docker exec pihole_container_name blacklist.sh some-bad-domain.com`

-`diginc/pi-hole:debian` has working `service` command functionality, which the original scripts also use to reload after configuration changes. `diginc/pi-hole:alpine` does **not** use `service`, so while the scripts may (or may not) work, to make the changes scripts make take effect please run `docker restart pihole`.
+### Customizations
+
+Any configuration files you volume mount into `/etc/dnsmasq.d/` will be loaded by dnsmasq when the container starts or restarts or if you need to modify the pi-hole config it is located at `/etc/dnsmasq.d/01-pihole.conf`.  The docker start scripts runs a config test prior to starting so it should tell you about any errors in the docker log.
+
+Similarly for the webserver you can customize configs in /etc/nginx (*:alpine* tag) and /etc/lighttpd (*:debian* tag).
--- a/alpine.docker
+++ b/alpine.docker
@ -5,7 +5,7 @@ RUN apk add --update \
        dnsmasq \
        nginx \
        ca-certificates \
-        php-fpm php-json libxml2 \
+        php5-fpm php5-json libxml2 \
        bc bash curl perl && \
    apk add --update --repository http://dl-1.alpinelinux.org/alpine/edge/testing/ tini && \
    rm -rf /var/cache/apk/*
@ -17,6 +17,7 @@ COPY ./alpine/nginx.conf /etc/nginx/nginx.conf
 COPY ./pi-hole/adlists.default /etc/pihole/
 COPY ./pi-hole/pihole /usr/local/bin/
 COPY ./pi-hole/advanced/Scripts/* /usr/local/bin/
+RUN mkdir -p /opt/ && ln -s /usr/local/bin /opt/pihole
 COPY ./pi-hole/advanced/dnsmasq.conf.original /etc/dnsmasq.conf
 COPY ./pi-hole/advanced/01-pihole.conf /etc/dnsmasq.d/
 COPY ./pi-hole/advanced/index.html /var/www/html/pihole/index.html
--- a/alpine/gravity.sh
+++ b/alpine/gravity.sh
@ -27,7 +27,7 @@ else
 	fi
 fi

-piholeIPfile=/tmp/piholeIP
+piholeIPfile=/etc/pihole/piholeIP
 piholeIPv6file=/etc/pihole/.useIPv6

 adListFile=/etc/pihole/adlists.list
@ -38,7 +38,7 @@ blacklistScript=/opt/pihole/blacklist.sh
 if [[ -f $piholeIPfile ]];then
    # If the file exists, it means it was exported from the installation script and we should use that value instead of detecting it in this script
    piholeIP=$(cat $piholeIPfile)
-    rm $piholeIPfile
+    #rm $piholeIPfile
 else
    # Otherwise, the IP address can be taken directly from the machine, which will happen when the script is run by the user and not the installation script
    IPv4dev=$(ip route get 8.8.8.8 | awk '{for(i=1;i<=NF;i++)if($i~/dev/)print $(i+1)}')
@ -320,10 +320,10 @@ function gravity_reload() {

 	if [[ $dnsmasqPid ]]; then
 		# service already running - reload config
-		$SUDO kill -HUP "$dnsmasqPid"
+		$SUDO killall -s HUP dnsmasq
 	else
 		# service not running, start it up
-		$SUDO service dnsmasq start
+		$SUDO dnsmasq -7 /etc/dnsmasq.d
 	fi
 	echo " done!"
 }
@ -337,4 +337,4 @@ gravity_hostFormat
 gravity_blackbody
 gravity_Whitelist
 gravity_Blacklist
-#gravity_reload
+gravity_reload
--- a/alpine/start.sh
+++ b/alpine/start.sh
@ -1,7 +1,7 @@
 #!/bin/sh
 if [ -n "$ServerIP" ] ; then
  # /tmp/piholeIP is the current override of auto-lookup in gravity.sh
-  echo "$ServerIP" > /tmp/piholeIP;
+  echo "$ServerIP" > /etc/pihole/piholeIP;
 else
  echo "ERROR: To function correctly you must pass an environment variables of 'ServerIP' into the docker container with the IP of your docker host from which you are passing web (80) and dns (53) ports from"
  exit 1
@ -22,7 +22,7 @@ dnsmasq --test -7 /etc/dnsmasq.d || exit 1
 php-fpm -t || exit 1
 nginx -t || exit 1

-gravity.sh # pi-hole version without 'service dnsmasq start'
+gravity.sh
 dnsmasq -7 /etc/dnsmasq.d
 php-fpm
 nginx
--- a/debian.docker
+++ b/debian.docker
@ -22,6 +22,7 @@ COPY ./pi-hole/gravity.sh /usr/local/bin/
 COPY ./pi-hole/adlists.default /etc/pihole/
 COPY ./pi-hole/pihole /usr/local/bin/
 COPY ./pi-hole/advanced/Scripts/* /usr/local/bin/
+RUN mkdir -p /opt/ && ln -s /usr/local/bin /opt/pihole
 COPY ./pi-hole/advanced/lighttpd.conf /etc/lighttpd/lighttpd.conf
 COPY ./pi-hole/advanced/dnsmasq.conf.original /etc/dnsmasq.conf
 COPY ./pi-hole/advanced/01-pihole.conf /etc/dnsmasq.d/
--- a/debian/start.sh
+++ b/debian/start.sh
@ -1,7 +1,7 @@
 #!/bin/sh
 if [ -n "$ServerIP" ] ; then
  # /tmp/piholeIP is the current override of auto-lookup in gravity.sh
-  echo "$ServerIP" > /tmp/piholeIP;
+  echo "$ServerIP" > /etc/pihole/piholeIP;
 else
  echo "ERROR: It is required you pass an environment variables of 'ServerIP' with the IP of your docker host which you are passing 80/53 from"
  exit 1
--- a/docker-pi-hole.cron
+++ b/docker-pi-hole.cron
@ -0,0 +1,30 @@
+# Pi-hole: A black hole for Internet advertisements
+# (c) 2015, 2016 by Jacob Salmela
+# Network-wide ad blocking via your Raspberry Pi
+# http://pi-hole.net
+# Updates ad sources every week
+#
+# Pi-hole is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 2 of the License, or
+# (at your option) any later version.
+
+# Your container name goes here:
+DOCKER_NAME=pihole
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+
+# Pi-hole: Update the ad sources once a week on Sunday at 01:59
+#          Download any updates from the adlists
+59 1    * * 7   root    docker exec $DOCKER_NAME pihole updateGravity > /dev/null
+
+# Pi-hole: Update the Web interface shortly after gravity runs
+#          This should also update the version number if it is changed in the dashboard repo
+#30 2    * * 7   root    docker exec $DOCKER_NAME pihole updateDashboard > /dev/null
+
+# Pi-hole: Parse the log file before it is flushed and save the stats to a database
+#          This will be used for a historical view of your Pi-hole's performance
+#50 23  * * *   root    docker exec $DOCKER_NAME dailyLog.sh # note: this is outdated > /dev/null
+
+# Pi-hole: Flush the log daily at 11:58 so it doesn't get out of control
+#          Stats will be viewable in the Web interface thanks to the cron job above
+58 23   * * *   root    docker exec $DOCKER_NAME pihole flush > /dev/null
--- a/docker_dev.sh
+++ b/docker_dev.sh
@ -1,13 +1,15 @@
-#!/bin/bash
-docker build -f alpine.docker -t dockerpihole_alpine .
-docker build -f debian.docker -t dockerpihole_debian .
+#!/bin/bash -e
+docker build -f alpine.docker -t diginc/pi-hole:alpine .
+docker tag diginc/pi-hole:alpine diginc/pi-hole:latest
+docker build -f debian.docker -t diginc/pi-hole:debian .

 IP=$(ip addr show eth0 | grep "inet\b" | awk '{print $2}' | cut -d/ -f1)

+# Alternative ports to not conflict with my real instance
 docker run -it --rm --cap-add=NET_ADMIN \
  -p 5053:53/tcp \
  -p 5053:53/udp \
  -p 5080:80 \
  -e ServerIP="$IP" \
  $@ \
-  dockerpihole_${image:-alpine}
+  diginc/pi-hole:${image:-alpine}
--- a/doco-alpine.yml
+++ b/doco-alpine.yml
@ -1,6 +1,5 @@
 alpine:
-  build: .
-  dockerfile: alpine.docker
+  image: diginc/pi-hole:alpine
  environment:
    # Your docker host IP is required if you run RUN (not build)
    ServerIP: 192.168.1.55
--- a/2
+++ b/2
@ -1 +1 @@
-Subproject commit 38539972958fa66d21dd7cec1ec5c1141d4c85cb
+Subproject commit c03268707a1f85bd3079c32c7fc3f43ae5702b5e
--- a/pi-hole_version.txt
+++ b/pi-hole_version.txt
@ -1 +1 @@
-v2.6.2
+v2.6.3
--- a/update.sh
+++ b/update.sh
@ -1,7 +1,19 @@
-#!/bin/bash
+#!/bin/bash -x

+# Grab newest code and update version files
 git submodule foreach git pull origin master;
-cp pi-hole/gravity.sh alpine/;
-sed -i '/^gravity_reload/ c\#gravity_reload' alpine/gravity.sh
 pushd pi-hole ; git describe --tags --abbrev=0 > ../pi-hole_version.txt ; popd ;
 pushd AdminLTE ; git describe --tags --abbrev=0 > ../AdminLTE_version.txt ; popd ;
+
+# Copy latest gravity and modify to not use `service` command
+cp pi-hole/gravity.sh alpine/;
+sed -i 's|service dnsmasq start|dnsmasq -7 /etc/dnsmasq.d|g' alpine/gravity.sh
+
+# Copy latest crontab and modify to use docker exec commands
+cron='./docker-pi-hole.cron'
+cp -f pi-hole/advanced/pihole.cron ${cron};
+sed -i '/Update the ad sources/ i\# Your container name goes here:\nDOCKER_NAME=pihole\nPATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin\n' ${cron};
+sed -i 's|/usr/local/bin/|docker exec $DOCKER_NAME |g' ${cron};
+sed -i '/docker exec/ s|$| > /dev/null|g' ${cron};
+# docker-pi-hole users update their docker images, not git code
+sed -i '/pihole updateDashboard/ s/^/#/' ${cron};