docker
/
docker-pi-hole
mirror of https://github.com/pi-hole/docker-pi-hole.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #628 from SuperSandro2000/patch-1 

Don't bind to 127.0.0.1 when listening on all ports
This commit is contained in:
Adam Hill 2020-05-30 14:25:55 -05:00 committed by GitHub
parent b093aaabd9 e7bb456701
commit ce3d6e866e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 76 additions and 73 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
.github/ISSUE_TEMPLATE.md vendored
View File

@ -1,52 +1,48 @@
<!-- Provide a general summary of the issue in the Title above -->
<!-- Note: these are comments that don't show up in the actual issue, no need to delete them as you fill out the template -->
This is a... <!-- To choose ONE, put an [x] in the box that applies -->
<!-- IMPORTANT Complete the entire template please, the info gathered here is usually needed to debug issues anyway so it saves time in the long run. Incomplete/stock template issues may be closed -->
- [ ] Request for a new or modified feature
- [ ] Issue trying to run the docker image
- [ ] Issue trying to build / test / develop the docker image
<!-- pick ONE: Bug,
Feature Request,
Run Issue (running Pi-hole container failing),
Build Issue (Building image failing)
Enter in line below: -->
This is a: **FILL ME IN**
## Description
<!-- Provide a more detailed introduction to the issue or feature -->
## Expected Behavior
<!-- Tell us what should happen -->
## Details
<!-- Provide a more detailed introduction to the issue or feature, try not to duplicate info from lower sections by reviewing the entire template first -->
## Actual Behavior
<!-- Tell us what happens instead -->
## Related Issues
- [ ] I have searched this repository/Pi-hole forums for existing issues and pull requests that look similar
<!-- Add links below! -->
## Possible Fix
<!-- Not obligatory, but suggest a fix or reason for the bug -->
<!------- FEATURE REQUESTS CAN STOP FILLING IN TEMPLATE HERE -------->
<!------- ISSUES SHOULD FILL OUT REMAINDER OF TEMPLATE -------->
## Steps to Reproduce and debugging done
<!-- Reproduce this bug. Include code to reproduce, if relevant -->
e.g. your docker run command, pages to visit, CLI commands you ran
1.
2.
3.
4.
## How to reproduce the issue
## Debug steps I have tried
<!-- Please attempt these debug steps to see if it helps you resolve or understand your own issue -->
1. Environment data
* Operating System: **ENTER HERE** <!-- Debian, Ubuntu, Rasbian, etc -->
* Hardware: <!-- PC, RasPi B/2B/3B/4B, Mac, Synology, QNAP, etc -->
* Kernel Architecture: <!-- x86/amd64, ArmV7, ArmV8 32bit, ArmV8 64bit, etc -->
* Docker Install Info and version:
- Software source: <!-- official docker-ce, OS provided package, Hypriot -->
- Supplimentary Software: <!-- synology, portainer, etc -->
* Hardware architecture: <!-- ARMv7, x86 -->
- [ ] I have tried destroying my container instance, pulling the newest image version, and re-creating a new container
- [ ] I have tried running the nearly stock `docker run` example in the readme (removing any customizations I added)
2. docker-compose.yml contents, docker run shell command, or paste a screenshot of any UI based configuration of containers here
3. any additional info to help reproduce
## These common fixes didn't work for my issue
<!-- IMPORTANT! Help me help you! Ordered with most common fixes first. -->
- [ ] I have tried removing/destroying my container, and re-creating a new container
- [ ] I have tried fresh volume data by backing up and moving/removing the old volume data
- [ ] I have tried running the stock `docker run` example(s) in the readme (removing any customizations I added)
- [ ] I have tried a newer or older version of Docker Pi-hole (depending what version the issue started in for me)
- [ ] I have tried running without my volume data mounts to eliminate volumes as the cause
- [ ] I have searched this repository for existing issues and pull requests that look similar <!-- Add links below! -->
<!-- Note: If volumes are your issue, I strongly recommend just starting with fresh volume data -->
<!-- Add any other debugging steps you've taken that maybe relevant information -->
## Context and extra information
<!-- How has this bug affected you? What were you trying to accomplish? -->
<!-- Got any other relevant links to similar issues? -->
## Your Environment
<!--- Include as many relevant details about the environment you experienced the bug in -->
* Docker Host Operating System and OS Version:
* Docker Version:
* Hardware architecture: <!-- ARMv7, x86 -->
If the above debugging / fixes revealed any new information note it here.
Add any other debugging steps you've taken or theories on root cause that may help.

2
bash_functions.sh
View File

@ -221,7 +221,7 @@ setup_dnsmasq_hostnames() {
setup_lighttpd_bind() {
local serverip="$1"
# if using '--net=host' only bind lighttpd on $ServerIP and localhost
if grep -q "docker" /proc/net/dev ; then #docker (docker0 by default) should only be present on the host system
if grep -q "docker" /proc/net/dev && [[ $serverip != 0.0.0.0 ]]; then #docker (docker0 by default) should only be present on the host system
if ! grep -q "server.bind" /etc/lighttpd/lighttpd.conf ; then # if the declaration is already there, don't add it again
sed -i -E "s/server\.port\s+\=\s+([0-9]+)/server.bind\t\t = \"${serverip}\"\nserver.port\t\t = \1\n"\$SERVER"\[\"socket\"\] == \"127\.0\.0\.1:\1\" \{\}/" /etc/lighttpd/lighttpd.conf
fi

70
docker-compose-traefik-proxy.md
View File

@ -1,6 +1,6 @@
Please note the following about this [traefik](https://traefik.io/) example for Docker Pi-hole
- Still requires standard Pi-hole setup steps, make sure you've gone through the [README](https://github.com/pihole/docker-pi-hole/blob/master/README.md) and understand how to setup Pi-hole without traefik first
- Still requires standard Pi-hole setup steps, make sure you've gone through the [README](https://github.com/pi-hole/docker-pi-hole/blob/master/README.md) and understand how to setup Pi-hole without traefik first
- Update these things before using:
- set instances of `homedomain.lan` below to your home domain (typically set in your router)
- set your Pi-hole ENV WEBPASSWORD if you don't want a random admin pass
@ -12,26 +12,31 @@ Please note the following about this [traefik](https://traefik.io/) example for
- There is some delay after starting your container before traefik forwards the HTTP traffic correctly, give it a minute
```
version: '3'
version: '3.8'
services:
#
traefik:
container_name: traefik
domainname: homedomain.lan
image: traefik
image: traefik:v2.2
restart: unless-stopped
# Note I opt to whitelist certain apps for exposure to traefik instead of auto discovery
# use `--docker.exposedbydefault=true` if you don't want to have to do this
command: "--web --docker --docker.domain=homedomain.lan --docker.exposedbydefault=false --logLevel=DEBUG"
# use `--providers.docker.exposedbydefault=true` if you don't want to have to do this
command:
- "--providers.docker=true"
- "--providers.docker.network=discovery"
- "--providers.docker.exposedbydefault=false"
- "--api.insecure=true"
- "--api.dashboard=true"
- "--entrypoints.http.address=:80"
- "--log.level=DEBUG"
ports:
- "80:80"
- "443:443"
- "8080:8080"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /dev/null:/traefik.toml
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
- default
- discovery
@ -44,6 +49,8 @@ services:
domainname: homedomain.lan
image: pihole/pihole:latest
networks:
- discovery
dns:
- 127.0.0.1
- 1.1.1.1
@ -66,13 +73,12 @@ services:
# WEBPASSWORD:
restart: unless-stopped
labels:
# required when using --docker.exposedbydefault=false
# required when using --providers.docker.exposedbydefault=false
- "traefik.enable=true"
# https://www.techjunktrunk.com/docker/2017/11/03/traefik-default-server-catch-all/
- "traefik.frontend.rule=HostRegexp:pihole.homedomain.lan,{catchall:.*}"
- "traefik.frontend.priority=1"
- "traefik.backend=pihole"
- "traefik.port=80"
- "traefik.http.routers.pihole.rule=Host(`pihole.homedomain.lan`)"
- "traefik.http.routers.pihole.entrypoints=http"
- "traefik.docker.network=discovery"
- "traefik.http.services.pihole.loadbalancer.server.port=80"
networks:
# Discovery is manually created to avoid forcing any order of docker-compose stack creation (`docker network create discovery`)
@ -85,24 +91,24 @@ networks:
After running `docker-compose up -d` you should see this if you look at logs on traefik `docker-compose logs -f traefik`
```
traefik | time="2018-03-07T18:57:41Z" level=debug msg="Provider event received {Status:health_status: healthy ID:33567e94e02c5adba3d47fa44c391e94fdea359fb05eecb196c95de288ffb861 From:pihole/pihole:latest Type:container Action:health_status: healthy Actor:{ID:33567e94
e02c5adba3d47fa44c391e94fdea359fb05eecb196c95de288ffb861 Attributes:map[com.docker.compose.project:traefik image:pihole/pihole:latest traefik.frontend.priority:1 com.docker.compose.container-number:1 com.docker.compose.service:pihole com.docker.compose.version:1.19.0 name:pihole traefik.enable:true url:https://www.github.com/pihole/docker-pi-hole com.docker.compose.oneoff:False maintainer:adam@diginc.us traefik.backend:pihole traefik.frontend.rule:HostRegexp:pihole.homedomain.lan,{catchall:.*} traefik.port:80 com.docker.compose.config-
hash:7551c3f4bd11766292c7dad81473ef21da91cae8666d1b04a42d1daab53fba0f]} Scope:local Time:1520449061 TimeNano:1520449061934970670}"
traefik | time="2018-03-07T18:57:42Z" level=debug msg="Filtering disabled container /traefik"
traefik | time="2018-03-07T18:57:42Z" level=debug msg="Could not load traefik.frontend.whitelistSourceRange labels"
traefik | time="2018-03-07T18:57:42Z" level=debug msg="Could not load traefik.frontend.entryPoints labels"
traefik | time="2018-03-07T18:57:42Z" level=debug msg="Could not load traefik.frontend.auth.basic labels"
traefik | time="2018-03-07T18:57:42Z" level=debug msg="Validation of load balancer method for backend backend-pihole failed: invalid load-balancing method ''. Using default method wrr."
traefik | time="2018-03-07T18:57:42Z" level=debug msg="Configuration received from provider docker: {"backends":{"backend-pihole":{"servers":{"server-pihole":{"url":"http://172.18.0.2:80","weight":0}},"loadBalancer":{"method":"wrr"}}},"frontends":{"frontend-HostRegexp
-pihole-homedomain-lan-catchall-0":{"entryPoints":["http"],"backend":"backend-pihole","routes":{"route-frontend-HostRegexp-pihole-homedomain-lan-catchall-0":{"rule":"HostRegexp:pihole.homedomain.lan,{catchall:.*}"}},"passHostHeader":true,"priority":1,"basicAuth":[]}}}"
traefik | time="2018-03-07T18:57:42Z" level=debug msg="Creating frontend frontend-HostRegexp-pihole-homedomain-lan-catchall-0"
traefik | time="2018-03-07T18:57:42Z" level=debug msg="Wiring frontend frontend-HostRegexp-pihole-homedomain-lan-catchall-0 to entryPoint http"
traefik | time="2018-03-07T18:57:42Z" level=debug msg="Creating route route-frontend-HostRegexp-pihole-homedomain-lan-catchall-0 HostRegexp:pihole.homedomain.lan,{catchall:.*}"
traefik | time="2018-03-07T18:57:42Z" level=debug msg="Creating backend backend-pihole"
traefik | time="2018-03-07T18:57:42Z" level=debug msg="Creating load-balancer wrr"
traefik | time="2018-03-07T18:57:42Z" level=debug msg="Creating server server-pihole at http://172.18.0.2:80 with weight 0"
traefik | time="2018-03-07T18:57:42Z" level=info msg="Server configuration reloaded on :80"
traefik | time="2018-03-07T18:57:42Z" level=info msg="Server configuration reloaded on :8080"
traefik | time="2020-05-11T12:25:15Z" level=debug msg="Provider event received {Status:health_status: healthy ID:3befdc0a97908de7a679109c8cf1d2a6bf8a78c9018faae697b7251f1ff38932 From:pihole/pihole:latest Type:container Action:health_status: healthy Actor:{ID:3befdc0a97908de7a679109c8cf1d2a6bf8a78c9018faae697b7251f1ff38932 Attributes:map[com.docker.compose.config-hash:b2785684a80ef0cc97b7c34697e239ad90ef68580f2cc286f183c95d966f6eae com.docker.compose.container-number:1 com.docker.compose.oneoff:False com.docker.compose.project:pi-hole com.docker.compose.project.config_files:docker-compose.yml com.docker.compose.project.working_dir:/opt/pi-hole com.docker.compose.service:pihole com.docker.compose.version:1.25.5 image:pihole/pihole:latest maintainer:adam@diginc.us name:pihole traefik.docker.network:discovery traefik.enable:true traefik.http.routers.pihole.entrypoints:http traefik.http.routers.pihole.rule:Host(`pihole.homedomain.lan`) traefik.http.services.pihole.loadbalancer.server.port:80 url:https://www.github.com/pi-hole/docker-pi-hole]} Scope:local Time:1589199915 TimeNano:1589199915511243989}" providerName=docker
traefik | time="2020-05-11T12:25:15Z" level=debug msg="Filtering disabled container" providerName=docker container=traefik-pi-hole-c5847115be3d90c73a89824f80f1e6882bd8de60c50063f56be9d224192a14f4
traefik | time="2020-05-11T12:25:15Z" level=debug msg="Configuration received from provider docker: {\"http\":{\"routers\":{\"pihole\":{\"entryPoints\":[\"http\"],\"service\":\"pihole\",\"rule\":\"Host(`pihole.homedomain.lan`)\"}},\"services\":{\"pihole\":{\"loadBalancer\":{\"servers\":[{\"url\":\"http://172.18.0.3:80\"}],\"passHostHeader\":true}}}},\"tcp\":{},\"udp\":{}}" providerName=docker
traefik | time="2020-05-11T12:25:15Z" level=debug msg="Creating middleware" middlewareType=Pipelining entryPointName=http routerName=pihole@docker serviceName=pihole middlewareName=pipelining
traefik | time="2020-05-11T12:25:15Z" level=debug msg="Creating load-balancer" entryPointName=http routerName=pihole@docker serviceName=pihole
traefik | time="2020-05-11T12:25:15Z" level=debug msg="Creating server 0 http://172.18.0.3:80" entryPointName=http serverName=0 routerName=pihole@docker serviceName=pihole
traefik | time="2020-05-11T12:25:15Z" level=debug msg="Added outgoing tracing middleware pihole" entryPointName=http routerName=pihole@docker middlewareName=tracing middlewareType=TracingForwarder
traefik | time="2020-05-11T12:25:15Z" level=debug msg="Creating middleware" entryPointName=http middlewareName=traefik-internal-recovery middlewareType=Recovery
traefik | time="2020-05-11T12:25:15Z" level=debug msg="Added outgoing tracing middleware dashboard@internal" middlewareType=TracingForwarder entryPointName=traefik routerName=dashboard@internal middlewareName=tracing
traefik | time="2020-05-11T12:25:15Z" level=debug msg="Creating middleware" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_stripprefix@internal middlewareType=StripPrefix
traefik | time="2020-05-11T12:25:15Z" level=debug msg="Adding tracing to middleware" entryPointName=traefik routerName=dashboard@internal middlewareName=dashboard_stripprefix@internal
traefik | time="2020-05-11T12:25:15Z" level=debug msg="Creating middleware" middlewareName=dashboard_redirect@internal middlewareType=RedirectRegex entryPointName=traefik routerName=dashboard@internal
traefik | time="2020-05-11T12:25:15Z" level=debug msg="Setting up redirection from ^(http:\\/\\/[^:\\/]+(:\\d+)?)\\/$ to ${1}/dashboard/" middlewareName=dashboard_redirect@internal middlewareType=RedirectRegex entryPointName=traefik routerName=dashboard@internal
traefik | time="2020-05-11T12:25:15Z" level=debug msg="Adding tracing to middleware" routerName=dashboard@internal middlewareName=dashboard_redirect@internal entryPointName=traefik
traefik | time="2020-05-11T12:25:15Z" level=debug msg="Added outgoing tracing middleware api@internal" entryPointName=traefik routerName=api@internal middlewareName=tracing middlewareType=TracingForwarder
traefik | time="2020-05-11T12:25:15Z" level=debug msg="Creating middleware" entryPointName=traefik middlewareName=traefik-internal-recovery middlewareType=Recovery
traefik | time="2020-05-11T12:25:15Z" level=debug msg="No default certificate, generating one"
```
Also your port 8080 should list the Route/Rule for pihole and backend-pihole container.

3
docker_run.sh
View File

@ -5,6 +5,7 @@
PIHOLE_BASE="${PIHOLE_BASE:-$(pwd)}"
[[ -d "$PIHOLE_BASE" ]] || mkdir -p "$PIHOLE_BASE" || { echo "Couldn't create storage directory: $PIHOLE_BASE"; exit 1; }
# Note: ServerIP should be replaced with your external ip.
docker run -d \
--name pihole \
-p 53:53/tcp -p 53:53/udp \
@ -18,7 +19,7 @@ docker run -d \
--hostname pi.hole \
-e VIRTUAL_HOST="pi.hole" \
-e PROXY_LOCATION="pi.hole" \
-e ServerIP="127.0.0.1" \ # should be replaced with your external ip
-e ServerIP="127.0.0.1" \
pihole/pihole:latest
printf 'Starting up pihole container '