docker/docker-pi-hole
1
0
Fork 0
mirror of https://github.com/pi-hole/docker-pi-hole.git synced 2024-06-20 14:36:39 +02:00
Code Issues Releases Wiki Activity

Merge pull request #1225 from pi-hole/dev

Browse Source 
Dev -> master before release
This commit is contained in:
Adam Warner 2022-10-10 22:02:18 +01:00 committed by GitHub
commit b9f3aada94
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 13 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/stale.yml vendored
View File

@ -13,7 +13,7 @@ jobs:
issues: write
steps:
- uses: actions/stale@v5
- uses: actions/stale@v6
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
days-before-stale: 30

2
README.md
View File

@ -15,7 +15,7 @@
_If you absolutely cannot do this, some users [have reported](https://github.com/pi-hole/docker-pi-hole/issues/1042#issuecomment-1086728157) success in updating `libseccomp2` via backports on debian, or similar via updates on Ubuntu. You can try this workaround at your own risk_ (Note, you may also find that you need the latest `docker.io` (more details [here](https://blog.samcater.com/fix-workaround-rpi4-docker-libseccomp2-docker-20/))
- Some users [have reported issues](https://github.com/pi-hole/docker-pi-hole/issues/963#issuecomment-1095602502) with using the `--privileged` flag on `2022.04` and above. TL;DR, don't use that that mode, and be [explicit with the permitted caps](https://github.com/pi-hole/docker-pi-hole#note-on-capabilities) (if needed) instead
- Some users [have reported issues](https://github.com/pi-hole/docker-pi-hole/issues/963#issuecomment-1095602502) with using the `--privileged` flag on `2022.04` and above. TL;DR, don't use that mode, and be [explicit with the permitted caps](https://github.com/pi-hole/docker-pi-hole#note-on-capabilities) (if needed) instead
- As of `2022.04.01`, setting `CAP_NET_ADMIN` is only required if you are using Pi-hole as your DHCP server. The container will only try to set caps that are explicitly granted (or natively available)

7
src/Dockerfile
View File

@ -2,11 +2,7 @@ ARG PIHOLE_BASE
FROM "${PIHOLE_BASE:-ghcr.io/pi-hole/docker-pi-hole-base:bullseye-slim}"
ARG PIHOLE_DOCKER_TAG
ENV PIHOLE_DOCKER_TAG "${PIHOLE_DOCKER_TAG}"
ENV S6_OVERLAY_VERSION v3.1.1.2
ENV PIHOLE_INSTALL /etc/.pihole/automated\ install/basic-install.sh
RUN echo "${PIHOLE_DOCKER_TAG}" > /pihole.docker.tag
ENTRYPOINT [ "/s6-init" ]
@ -33,7 +29,6 @@ ENV S6_KEEP_ENV 1
ENV S6_BEHAVIOUR_IF_STAGE2_FAILS 2
ENV S6_CMD_WAIT_FOR_SERVICES_MAXTIME 0
ENV FTLCONF_LOCAL_IPV4 0.0.0.0
ENV FTL_CMD no-daemon
ENV DNSMASQ_USER pihole

5
src/s6/debian-root/etc/s6-overlay/s6-rc.d/pihole-FTL/run
View File

@ -11,14 +11,13 @@ rm /run/pihole/FTL.sock 2> /dev/null
# install /dev/null files to ensure they exist (create if non-existing, preserve if existing)
mkdir -pm 0755 /run/pihole /var/log/pihole
[[ ! -f /run/pihole-FTL.pid ]] && install /dev/null /run/pihole-FTL.pid
[[ ! -f /run/pihole-FTL.port ]] && install /dev/null /run/pihole-FTL.port
[[ ! -f /var/log/pihole/FTL.log ]] && install /dev/null /var/log/pihole/FTL.log
[[ ! -f /var/log/pihole/pihole.log ]] && install /dev/null /var/log/pihole/pihole.log
[[ ! -f /etc/pihole/dhcp.leases ]] && install /dev/null /etc/pihole/dhcp.leases
# Ensure that permissions are set so that pihole-FTL can edit all necessary files
chown pihole:pihole /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole/FTL.log /var/log/pihole/pihole.log /etc/pihole/dhcp.leases /run/pihole /etc/pihole
chmod 0644 /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole/FTL.log /var/log/pihole/pihole.log /etc/pihole/dhcp.leases
chown pihole:pihole /run/pihole-FTL.pid /var/log/pihole/FTL.log /var/log/pihole/pihole.log /etc/pihole/dhcp.leases /run/pihole /etc/pihole
chmod 0644 /run/pihole-FTL.pid /var/log/pihole/FTL.log /var/log/pihole/pihole.log /etc/pihole/dhcp.leases
# Ensure that permissions are set so that pihole-FTL can edit the files. We ignore errors as the file may not (yet) exist
chmod -f 0644 /etc/pihole/macvendor.db

2
src/s6/debian-root/usr/local/bin/_startup.sh
View File

@ -9,7 +9,7 @@ fi
. /usr/local/bin/bash_functions.sh
# shellcheck source=/dev/null
SKIP_INSTALL=true . "${PIHOLE_INSTALL}"
SKIP_INSTALL=true . /etc/.pihole/automated\ install/basic-install.sh
echo " [i] Starting docker specific checks & setup for docker pihole/pihole"

11
src/s6/debian-root/usr/local/bin/install.sh
View File

@ -16,7 +16,7 @@ detect_arch() {
amd64)
S6_ARCH="x86_64";;
armel)
S6_ARCH="arm";;
S6_ARCH="armhf";;
armhf)
S6_ARCH="armhf";;
arm64)
@ -27,8 +27,9 @@ esac
}
DOCKER_TAG=$(cat /pihole.docker.tag)
# Helps to have some additional tools in the dev image when debugging
if [[ "${PIHOLE_DOCKER_TAG}" = 'nightly' || "${PIHOLE_DOCKER_TAG}" = 'dev' ]]; then
if [[ "${DOCKER_TAG}" = 'nightly' || "${DOCKER_TAG}" = 'dev' ]]; then
apt-get update
apt-get install --no-install-recommends -y nano less
rm -rf /var/lib/apt/lists/*
@ -36,6 +37,8 @@ fi
detect_arch
S6_OVERLAY_VERSION=v3.1.1.2
curl -L -s "https://github.com/just-containers/s6-overlay/releases/download/${S6_OVERLAY_VERSION}/s6-overlay-noarch.tar.xz" | tar Jxpf - -C /
curl -L -s "https://github.com/just-containers/s6-overlay/releases/download/${S6_OVERLAY_VERSION}/s6-overlay-${S6_ARCH}.tar.xz" | tar Jxpf - -C /
@ -66,7 +69,7 @@ export PIHOLE_SKIP_OS_CHECK=true
curl -sSL https://install.pi-hole.net | bash -sex -- --unattended
# At this stage, if we are building a :nightly tag, then switch the Pi-hole install to dev versions
if [[ "${PIHOLE_DOCKER_TAG}" = 'nightly' ]]; then
if [[ "${DOCKER_TAG}" = 'nightly' ]]; then
yes | pihole checkout dev
fi
@ -92,4 +95,4 @@ ln -s /macvendor.db /etc/pihole/macvendor.db
if [ ! -f /.piholeFirstBoot ]; then
touch /.piholeFirstBoot
fi
echo 'Docker install successful'
echo 'Docker install successful'