FTLCONF_REPLY_ADDR4/6 are now deprecated. Use FTLCONF_LOCAL_IPV4/6 instead
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
This commit is contained in:
parent
66aeeb8542
commit
cb38190b50
|
@ -99,7 +99,7 @@ There are other environment variables if you want to customize various things in
|
|||
| -------- | ------- | ----- | ---------- |
|
||||
| `TZ` | UTC | `<Timezone>` | Set your [timezone](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones) to make sure logs rotate at local midnight instead of at UTC midnight.
|
||||
| `WEBPASSWORD` | random | `<Admin password>` | http://pi.hole/admin password. Run `docker logs pihole \| grep random` to find your random pass.
|
||||
| `FTLCONF_REPLY_ADDR4` | unset | `<Host's IP>` | Set to your server's LAN IP, used by web block modes and lighttpd bind address.
|
||||
| `FTLCONF_LOCAL_IPV4` | unset | `<Host's IP>` | Set to your server's LAN IP, used by web block modes and lighttpd bind address.
|
||||
|
||||
### Optional Variables
|
||||
|
||||
|
@ -122,7 +122,7 @@ There are other environment variables if you want to customize various things in
|
|||
| `PIHOLE_DOMAIN` | `lan` | `<domain>` | Domain name sent by the DHCP server.
|
||||
| `DHCP_IPv6` | `false` | `<"true"\|"false">` | Enable DHCP server IPv6 support (SLAAC + RA).
|
||||
| `DHCP_rapid_commit` | `false` | `<"true"\|"false">` | Enable DHCPv4 rapid commit (fast address assignment).
|
||||
| `VIRTUAL_HOST` | `$FTLCONF_REPLY_ADDR4` | `<Custom Hostname>` | What your web server 'virtual host' is, accessing admin through this Hostname/IP allows you to make changes to the whitelist / blacklists in addition to the default 'http://pi.hole/admin/' address
|
||||
| `VIRTUAL_HOST` | `$FTLCONF_LOCAL_IPV4` | `<Custom Hostname>` | What your web server 'virtual host' is, accessing admin through this Hostname/IP allows you to make changes to the whitelist / blacklists in addition to the default 'http://pi.hole/admin/' address
|
||||
| `IPv6` | `true` | `<"true"\|"false">` | For unraid compatibility, strips out all the IPv6 configuration from DNS/Web services when false.
|
||||
| `TEMPERATUREUNIT` | `c` | `<c\|k\|f>` | Set preferred temperature unit to `c`: Celsius, `k`: Kelvin, or `f` Fahrenheit units.
|
||||
| `WEBUIBOXEDLAYOUT` | `boxed` | `<boxed\|traditional>` | Use boxed layout (helpful when working on large screens)
|
||||
|
@ -140,7 +140,7 @@ There are other environment variables if you want to customize various things in
|
|||
| `CORS_HOSTS` | unset | `<FQDNs delimited by ,>` | List of domains/subdomains on which CORS is allowed. Wildcards are not supported. Eg: `CORS_HOSTS: domain.com,home.domain.com,www.domain.com`.
|
||||
| `CUSTOM_CACHE_SIZE` | `10000` | Number | Set the cache size for dnsmasq. Useful for increasing the default cache size or to set it to 0. Note that when `DNSSEC` is "true", then this setting is ignored.
|
||||
| `FTL_CMD` | `no-daemon` | `no-daemon -- <dnsmasq option>` | Customize the options with which dnsmasq gets started. e.g. `no-daemon -- --dns-forward-max 300` to increase max. number of concurrent dns queries on high load setups. |
|
||||
| `FTLCONF_[SETTING]` | unset | As per documentation | Customize pihole-FTL.conf with settings described in the [FTLDNS Configuration page](https://docs.pi-hole.net/ftldns/configfile/). For example, to customize REPLY_ADDR6, ensure you have the `FTLCONF_REPLY_ADDR6` environment variable set.
|
||||
| `FTLCONF_[SETTING]` | unset | As per documentation | Customize pihole-FTL.conf with settings described in the [FTLDNS Configuration page](https://docs.pi-hole.net/ftldns/configfile/). For example, to customize LOCAL_IPV4, ensure you have the `FTLCONF_LOCAL_IPV4` environment variable set.
|
||||
|
||||
### Experimental Variables
|
||||
| Variable | Default | Value | Description |
|
||||
|
@ -165,6 +165,8 @@ While these may still work, they are likely to be removed in a future version. W
|
|||
| `DNS2` | Secondary upstream DNS provider, default is google DNS, `no` if only one DNS should used | `PIHOLE_DNS_` |
|
||||
| `ServerIP` | Set to your server's LAN IP, used by web block modes and lighttpd bind address | `FTLCONF_REPLY_ADDR4` |
|
||||
| `ServerIPv6` | **If you have a v6 network** set to your server's LAN IPv6 to block IPv6 ads fully | `FTLCONF_REPLY_ADDR6` |
|
||||
| `FTLCONF_REPLY_ADDR4` | Set to your server's LAN IP, used by web block modes and lighttpd bind address | `FTLCONF_LOCAL_IPV4` |
|
||||
| `FTLCONF_REPLY_ADDR6` | **If you have a v6 network** set to your server's LAN IPv6 to block IPv6 ads fully | `FTLCONF_LOCAL_IPV6` |
|
||||
|
||||
To use these env vars in docker run format style them like: `-e DNS1=1.1.1.1`
|
||||
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
PIHOLE_BASE="${PIHOLE_BASE:-$(pwd)}"
|
||||
[[ -d "$PIHOLE_BASE" ]] || mkdir -p "$PIHOLE_BASE" || { echo "Couldn't create storage directory: $PIHOLE_BASE"; exit 1; }
|
||||
|
||||
# Note: FTLCONF_REPLY_ADDR4 should be replaced with your external ip.
|
||||
# Note: FTLCONF_LOCAL_IPV4 should be replaced with your external ip.
|
||||
docker run -d \
|
||||
--name pihole \
|
||||
-p 53:53/tcp -p 53:53/udp \
|
||||
|
@ -18,7 +18,7 @@ docker run -d \
|
|||
--hostname pi.hole \
|
||||
-e VIRTUAL_HOST="pi.hole" \
|
||||
-e PROXY_LOCATION="pi.hole" \
|
||||
-e FTLCONF_REPLY_ADDR4="127.0.0.1" \
|
||||
-e FTLCONF_LOCAL_IPV4="127.0.0.1" \
|
||||
pihole/pihole:latest
|
||||
|
||||
printf 'Starting up pihole container '
|
||||
|
|
|
@ -37,7 +37,7 @@ ENV S6_LOGGING 0
|
|||
ENV S6_KEEP_ENV 1
|
||||
ENV S6_BEHAVIOUR_IF_STAGE2_FAILS 2
|
||||
|
||||
ENV FTLCONF_REPLY_ADDR4 0.0.0.0
|
||||
ENV FTLCONF_LOCAL_IPV4 0.0.0.0
|
||||
ENV FTL_CMD no-daemon
|
||||
ENV DNSMASQ_USER pihole
|
||||
|
||||
|
|
|
@ -5,8 +5,12 @@
|
|||
[ -n "${QUERY_LOGGING}" ] && export QUERY_LOGGING_OVERRIDE="${QUERY_LOGGING}"
|
||||
|
||||
# Legacy Env Vars preserved for backwards compatibility - convert them to FTLCONF_ equivalents
|
||||
[ -n "${ServerIP}" ] && echo "ServerIP is deprecated. Converting to FTLCONF_REPLY_ADDR4" && export "FTLCONF_REPLY_ADDR4"="$ServerIP"
|
||||
[ -n "${ServerIPv6}" ] && echo "ServerIPv6 is deprecated. Converting to FTLCONF_REPLY_ADDR6" && export "FTLCONF_REPLY_ADDR6"="$ServerIPv6"
|
||||
[ -n "${ServerIP}" ] && echo "ServerIP is deprecated. Converting to FTLCONF_LOCAL_IPV4" && export "FTLCONF_LOCAL_IPV4"="$ServerIP"
|
||||
[ -n "${ServerIPv6}" ] && echo "ServerIPv6 is deprecated. Converting to FTLCONF_LOCAL_IPV6" && export "FTLCONF_LOCAL_IPV6"="$ServerIPv6"
|
||||
|
||||
# Previously used FTLCONF_ equivalent has since been deprecated, also convert this one
|
||||
[ -n "${FTLCONF_REPLY_ADDR4}" ] && echo "FTLCONF_REPLY_ADDR4 is deprecated. Converting to FTLCONF_LOCAL_IPV4" && export "FTLCONF_LOCAL_IPV4"="$FTLCONF_REPLY_ADDR4"
|
||||
[ -n "${FTLCONF_REPLY_ADDR6}" ] && echo "FTLCONF_REPLY_ADDR6 is deprecated. Converting to FTLCONF_LOCAL_IPV6" && export "FTLCONF_LOCAL_IPV6"="$FTLCONF_REPLY_ADDR6"
|
||||
|
||||
# Some of the bash_functions use utilities from Pi-hole's utils.sh
|
||||
# shellcheck disable=SC2154
|
||||
|
@ -78,24 +82,24 @@ ensure_basic_configuration() {
|
|||
}
|
||||
|
||||
validate_env() {
|
||||
# Optional FTLCONF_REPLY_ADDR4 is a valid IP
|
||||
# Optional FTLCONF_LOCAL_IPV4 is a valid IP
|
||||
# nc won't throw any text based errors when it times out connecting to a valid IP, otherwise it complains about the DNS name being garbage
|
||||
# if nc doesn't behave as we expect on a valid IP the routing table should be able to look it up and return a 0 retcode
|
||||
if [[ "$(nc -4 -w1 -z "$FTLCONF_REPLY_ADDR4" 53 2>&1)" != "" ]] && ! ip route get "$FTLCONF_REPLY_ADDR4" > /dev/null ; then
|
||||
echo "ERROR: FTLCONF_REPLY_ADDR4 Environment variable ($FTLCONF_REPLY_ADDR4) doesn't appear to be a valid IPv4 address"
|
||||
if [[ "$(nc -4 -w1 -z "$FTLCONF_LOCAL_IPV4" 53 2>&1)" != "" ]] && ! ip route get "$FTLCONF_LOCAL_IPV4" > /dev/null ; then
|
||||
echo "ERROR: FTLCONF_LOCAL_IPV4 Environment variable ($FTLCONF_LOCAL_IPV4) doesn't appear to be a valid IPv4 address"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Optional IPv6 is a valid address
|
||||
if [[ -n "$FTLCONF_REPLY_ADDR6" ]] ; then
|
||||
if [[ "$FTLCONF_REPLY_ADDR6" == 'kernel' ]] ; then
|
||||
if [[ -n "$FTLCONF_LOCAL_IPV6" ]] ; then
|
||||
if [[ "$FTLCONF_LOCAL_IPV6" == 'kernel' ]] ; then
|
||||
echo "ERROR: You passed in IPv6 with a value of 'kernel', this maybe because you do not have IPv6 enabled on your network"
|
||||
unset FTLCONF_REPLY_ADDR6
|
||||
unset FTLCONF_LOCAL_IPV6
|
||||
exit 1
|
||||
fi
|
||||
if [[ "$(nc -6 -w1 -z "$FTLCONF_REPLY_ADDR6" 53 2>&1)" != "" ]] && ! ip route get "$FTLCONF_REPLY_ADDR6" > /dev/null ; then
|
||||
echo "ERROR: FTLCONF_REPLY_ADDR6 Environment variable ($FTLCONF_REPLY_ADDR6) doesn't appear to be a valid IPv6 address"
|
||||
echo " TIP: If your server is not IPv6 enabled just remove '-e FTLCONF_REPLY_ADDR6' from your docker container"
|
||||
if [[ "$(nc -6 -w1 -z "$FTLCONF_LOCAL_IPV6" 53 2>&1)" != "" ]] && ! ip route get "$FTLCONF_LOCAL_IPV6" > /dev/null ; then
|
||||
echo "ERROR: FTLCONF_LOCAL_IPV6 Environment variable ($FTLCONF_LOCAL_IPV6) doesn't appear to be a valid IPv6 address"
|
||||
echo " TIP: If your server is not IPv6 enabled just remove '-e FTLCONF_LOCAL_IPV6' from your docker container"
|
||||
exit 1
|
||||
fi
|
||||
fi;
|
||||
|
@ -286,8 +290,8 @@ setup_FTL_ProcessDNSSettings(){
|
|||
}
|
||||
|
||||
setup_lighttpd_bind() {
|
||||
local serverip="${FTLCONF_REPLY_ADDR4}"
|
||||
# if using '--net=host' only bind lighttpd on $FTLCONF_REPLY_ADDR6 and localhost
|
||||
local serverip="${FTLCONF_LOCAL_IPV4}"
|
||||
# if using '--net=host' only bind lighttpd on $FTLCONF_LOCAL_IPV4 and localhost
|
||||
if grep -q "docker" /proc/net/dev && [[ $serverip != 0.0.0.0 ]]; then #docker (docker0 by default) should only be present on the host system
|
||||
if ! grep -q "server.bind" /etc/lighttpd/lighttpd.conf ; then # if the declaration is already there, don't add it again
|
||||
sed -i -E "s/server\.port\s+\=\s+([0-9]+)/server.bind\t\t = \"${serverip}\"\nserver.port\t\t = \1\n"\$SERVER"\[\"socket\"\] == \"127\.0\.0\.1:\1\" \{\}/" /etc/lighttpd/lighttpd.conf
|
||||
|
@ -297,7 +301,7 @@ setup_lighttpd_bind() {
|
|||
|
||||
setup_web_php_env() {
|
||||
if [ -z "$VIRTUAL_HOST" ] ; then
|
||||
VIRTUAL_HOST="$FTLCONF_REPLY_ADDR4"
|
||||
VIRTUAL_HOST="$FTLCONF_LOCAL_IPV4"
|
||||
fi;
|
||||
|
||||
for config_var in "VIRTUAL_HOST" "CORS_HOSTS" "PHP_ERROR_LOG" "PIHOLE_DOCKER_TAG" "TZ"; do
|
||||
|
@ -331,7 +335,7 @@ setup_web_port() {
|
|||
return
|
||||
fi
|
||||
echo "Custom WEB_PORT set to $web_port"
|
||||
echo "INFO: Without proper router DNAT forwarding to $FTLCONF_REPLY_ADDR4:$web_port, you may not get any blocked websites on ads"
|
||||
echo "INFO: Without proper router DNAT forwarding to $FTLCONF_LOCAL_IPV4:$web_port, you may not get any blocked websites on ads"
|
||||
|
||||
# Update lighttpd's port
|
||||
sed -i '/server.port\s*=\s*80\s*$/ s/80/'"${WEB_PORT}"'/g' /etc/lighttpd/lighttpd.conf
|
||||
|
|
|
@ -32,7 +32,7 @@ def args_volumes():
|
|||
|
||||
@pytest.fixture()
|
||||
def args_env():
|
||||
return '-e FTLCONF_REPLY_ADDR4="127.0.0.1"'
|
||||
return '-e FTLCONF_LOCAL_IPV4="127.0.0.1"'
|
||||
|
||||
@pytest.fixture()
|
||||
def args(args_volumes, args_env):
|
||||
|
|
|
@ -8,11 +8,11 @@ import time
|
|||
# If the test runs /start.sh, do not let s6 run it too! Kill entrypoint to avoid race condition/duplicated execution
|
||||
@pytest.mark.parametrize('entrypoint,cmd', [('--entrypoint=tail','-f /dev/null')])
|
||||
@pytest.mark.parametrize('args,error_msg,expect_rc', [
|
||||
('-e FTLCONF_REPLY_ADDR4="1.2.3.z"', "FTLCONF_REPLY_ADDR4 Environment variable (1.2.3.z) doesn't appear to be a valid IPv4 address",1),
|
||||
('-e FTLCONF_REPLY_ADDR4="1.2.3.4" -e FTLCONF_REPLY_ADDR6="1234:1234:1234:ZZZZ"', "Environment variable (1234:1234:1234:ZZZZ) doesn't appear to be a valid IPv6 address",1),
|
||||
('-e FTLCONF_REPLY_ADDR4="1.2.3.4" -e FTLCONF_REPLY_ADDR6="kernel"', "ERROR: You passed in IPv6 with a value of 'kernel'",1),
|
||||
('-e FTLCONF_LOCAL_IPV4="1.2.3.z"', "FTLCONF_LOCAL_IPV4 Environment variable (1.2.3.z) doesn't appear to be a valid IPv4 address",1),
|
||||
('-e FTLCONF_LOCAL_IPV4="1.2.3.4" -e FTLCONF_LOCAL_IPV6="1234:1234:1234:ZZZZ"', "Environment variable (1234:1234:1234:ZZZZ) doesn't appear to be a valid IPv6 address",1),
|
||||
('-e FTLCONF_LOCAL_IPV4="1.2.3.4" -e FTLCONF_LOCAL_IPV6="kernel"', "ERROR: You passed in IPv6 with a value of 'kernel'",1),
|
||||
])
|
||||
def test_ftlconf_reply_addr_invalid_ips_triggers_exit_error(docker, error_msg, expect_rc):
|
||||
def test_ftlconf_local_addr_invalid_ips_triggers_exit_error(docker, error_msg, expect_rc):
|
||||
start = docker.run('/start.sh')
|
||||
assert start.rc == expect_rc
|
||||
assert 'ERROR' in start.stdout
|
||||
|
|
Loading…
Reference in New Issue