Merge branch 'dev' of github.com:pi-hole/docker-pi-hole into beta-v5.0
This commit is contained in:
commit
d444a11ad1
|
@ -17,7 +17,6 @@ Examples:
|
|||
"""
|
||||
|
||||
|
||||
from docopt import docopt
|
||||
from jinja2 import Environment, FileSystemLoader
|
||||
from docopt import docopt
|
||||
import os
|
||||
|
|
|
@ -44,6 +44,6 @@ LABEL image="{{ pihole.name }}:{{ pihole.version }}_{{ pihole.arch }}"
|
|||
LABEL maintainer="{{ pihole.maintainer }}"
|
||||
LABEL url="https://www.github.com/pi-hole/docker-pi-hole"
|
||||
|
||||
HEALTHCHECK CMD dig @127.0.0.1 pi.hole || exit 1
|
||||
HEALTHCHECK CMD dig +norecurse +retry=0 @127.0.0.1 pi.hole || exit 1
|
||||
|
||||
SHELL ["/bin/bash", "-c"]
|
||||
|
|
|
@ -44,6 +44,6 @@ LABEL image="pihole/pihole:release-v5.0_amd64"
|
|||
LABEL maintainer="adam@diginc.us"
|
||||
LABEL url="https://www.github.com/pi-hole/docker-pi-hole"
|
||||
|
||||
HEALTHCHECK CMD dig @127.0.0.1 pi.hole || exit 1
|
||||
HEALTHCHECK CMD dig +norecurse +retry=0 @127.0.0.1 pi.hole || exit 1
|
||||
|
||||
SHELL ["/bin/bash", "-c"]
|
|
@ -44,6 +44,6 @@ LABEL image="pihole/pihole:release-v5.0_arm64"
|
|||
LABEL maintainer="adam@diginc.us"
|
||||
LABEL url="https://www.github.com/pi-hole/docker-pi-hole"
|
||||
|
||||
HEALTHCHECK CMD dig @127.0.0.1 pi.hole || exit 1
|
||||
HEALTHCHECK CMD dig +norecurse +retry=0 @127.0.0.1 pi.hole || exit 1
|
||||
|
||||
SHELL ["/bin/bash", "-c"]
|
|
@ -44,6 +44,6 @@ LABEL image="pihole/pihole:release-v5.0_armel"
|
|||
LABEL maintainer="adam@diginc.us"
|
||||
LABEL url="https://www.github.com/pi-hole/docker-pi-hole"
|
||||
|
||||
HEALTHCHECK CMD dig @127.0.0.1 pi.hole || exit 1
|
||||
HEALTHCHECK CMD dig +norecurse +retry=0 @127.0.0.1 pi.hole || exit 1
|
||||
|
||||
SHELL ["/bin/bash", "-c"]
|
|
@ -44,6 +44,6 @@ LABEL image="pihole/pihole:release-v5.0_armhf"
|
|||
LABEL maintainer="adam@diginc.us"
|
||||
LABEL url="https://www.github.com/pi-hole/docker-pi-hole"
|
||||
|
||||
HEALTHCHECK CMD dig @127.0.0.1 pi.hole || exit 1
|
||||
HEALTHCHECK CMD dig +norecurse +retry=0 @127.0.0.1 pi.hole || exit 1
|
||||
|
||||
SHELL ["/bin/bash", "-c"]
|
|
@ -75,7 +75,7 @@ A [Docker](https://www.docker.com/what-docker) project to make a lightweight x86
|
|||
|
||||
This container uses 2 popular ports, port 53 and port 80, so **may conflict with existing applications ports**. If you have no other services or docker containers using port 53/80 (if you do, keep reading below for a reverse proxy example), the minimum arguments required to run this container are in the script [docker_run.sh](https://github.com/pi-hole/docker-pi-hole/blob/master/docker_run.sh)
|
||||
|
||||
If you're using a Red Hat based distrubution with an SELinux Enforcing policy add `:z` to line with volumes like so:
|
||||
If you're using a Red Hat based distribution with an SELinux Enforcing policy add `:z` to line with volumes like so:
|
||||
|
||||
```
|
||||
-v "$(pwd)/etc-pihole/:/etc/pihole/:z" \
|
||||
|
@ -152,6 +152,7 @@ The stub resolver should be disabled with: `sudo sed -r -i.orig 's/#?DNSStubList
|
|||
|
||||
This will not change the nameserver settings, which point to the stub resolver thus preventing DNS resolution. Change the `/etc/resolv.conf` symlink to point to `/run/systemd/resolve/resolv.conf`, which is automatically updated to follow the system's [`netplan`](https://netplan.io/):
|
||||
`sudo sh -c 'rm /etc/resolv.conf && ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf'`
|
||||
After making these changes, you should restart systemd-resolved using `systemctl restart systemd-resolved`
|
||||
|
||||
Once pi-hole is installed, you'll want to configure your clients to use it ([see here](https://discourse.pi-hole.net/t/how-do-i-configure-my-devices-to-use-pi-hole-as-their-dns-server/245)). If you used the symlink above, your docker host will either use whatever is served by DHCP, or whatever static setting you've configured. If you want to explicitly set your docker host's nameservers you can edit the netplan(s) found at `/etc/netplan`, then run `sudo netplan apply`.
|
||||
Example netplan:
|
||||
|
@ -178,7 +179,7 @@ The primary docker tags / versions are explained in the following table. [Click
|
|||
| tag | architecture | description | Dockerfile |
|
||||
| --- | ------------ | ----------- | ---------- |
|
||||
| `latest` | auto detect | x86, arm, or arm64 container, docker auto detects your architecture. | [Dockerfile](https://github.com/pi-hole/docker-pi-hole/blob/master/Dockerfile_amd64) |
|
||||
| `v4.0.0-1` | auto detect | Versioned tags, if you want to pin against a specific version, use one of thesse | |
|
||||
| `v4.0.0-1` | auto detect | Versioned tags, if you want to pin against a specific version, use one of these | |
|
||||
| `v4.0.0-1_<arch>` | based on tag | Specific architectures tags | |
|
||||
| `dev` | auto detect | like latest tag, but for the development branch (pushed occasionally) | |
|
||||
|
||||
|
|
|
@ -287,6 +287,14 @@ setup_web_port() {
|
|||
|
||||
}
|
||||
|
||||
load_web_password_secret() {
|
||||
# If WEBPASSWORD is not set at all, attempt to read password from WEBPASSWORD_FILE,
|
||||
# allowing secrets to be passed via docker secrets
|
||||
if [ -z "${WEBPASSWORD+x}" ] && [ -n "${WEBPASSWORD_FILE}" ] && [ -r "${WEBPASSWORD_FILE}" ]; then
|
||||
WEBPASSWORD=$(<"${WEBPASSWORD_FILE}")
|
||||
fi;
|
||||
}
|
||||
|
||||
generate_password() {
|
||||
if [ -z "${WEBPASSWORD+x}" ] ; then
|
||||
# Not set at all, give the user a random pass
|
||||
|
|
|
@ -37,13 +37,15 @@ if [[ "$CIRCLE_PR_NUMBER" == "" ]]; then
|
|||
images+=($arch_image)
|
||||
done
|
||||
|
||||
docker manifest create $MULTIARCH_IMAGE ${images[*]}
|
||||
for arch in *; do
|
||||
arch_image=$(cat $arch)
|
||||
docker pull $arch_image
|
||||
annotate "$MULTIARCH_IMAGE" "$arch_image" "$arch"
|
||||
done
|
||||
for docker_tag in $MULTIARCH_IMAGE $LATEST_IMAGE; do
|
||||
docker manifest create $docker_tag ${images[*]}
|
||||
for arch in *; do
|
||||
arch_image=$(cat $arch)
|
||||
docker pull $arch_image
|
||||
annotate "$docker_tag" "$arch_image" "$arch"
|
||||
done
|
||||
|
||||
docker manifest inspect "$MULTIARCH_IMAGE"
|
||||
docker manifest push "$MULTIARCH_IMAGE"
|
||||
docker manifest inspect "$docker_tag"
|
||||
docker manifest push --purge "$docker_tag"
|
||||
done;
|
||||
fi
|
||||
|
|
|
@ -32,6 +32,17 @@ if [[ -n "$DOCKER_TAG" ]]; then
|
|||
# latest- sometimes has a trailing slash, remove it
|
||||
ARCH_IMAGE="${ARCH_IMAGE/%-/}"
|
||||
fi
|
||||
|
||||
# To get latest released, cut a release on https://github.com/pi-hole/docker-pi-hole/releases (manually gated for quality control)
|
||||
latest_tag=''
|
||||
if ! latest_tag=$(curl -sI https://github.com/pi-hole/docker-pi-hole/releases/latest | grep --color=never -i Location | awk -F / '{print $NF}' | tr -d '[:cntrl:]'); then
|
||||
print "Failed to retrieve latest docker-pi-hole release metadata"
|
||||
else
|
||||
if [[ "$DOCKER_TAG" == "$latest_tag" ]] ; then
|
||||
LATEST_IMAGE="$BASE_IMAGE:latest"
|
||||
fi
|
||||
fi
|
||||
|
||||
MULTIARCH_IMAGE="$BASE_IMAGE:$DOCKER_TAG"
|
||||
|
||||
set +a
|
||||
|
|
|
@ -12,6 +12,10 @@ docker run -d \
|
|||
-v "$(pwd)/etc-dnsmasq.d/:/etc/dnsmasq.d/" \
|
||||
--dns=127.0.0.1 --dns=1.1.1.1 \
|
||||
--restart=unless-stopped \
|
||||
--hostname pi.hole \
|
||||
-e VIRTUAL_HOST="pi.hole" \
|
||||
-e PROXY_LOCATION="pi.hole" \
|
||||
-e ServerIP="127.0.0.1" \ # should be replaced with your external ip
|
||||
pihole/pihole:latest
|
||||
|
||||
printf 'Starting up pihole container '
|
||||
|
|
|
@ -4,7 +4,7 @@ mkdir -p /etc/pihole/
|
|||
mkdir -p /var/run/pihole
|
||||
# Production tags with valid web footers
|
||||
export CORE_VERSION="$(cat /etc/docker-pi-hole-version)"
|
||||
export WEB_VERSION="$(cat /etc/docker-pi-hole-version)"
|
||||
export WEB_VERSION="v4.3.3"
|
||||
|
||||
# Only use for pre-production / testing
|
||||
export CHECKOUT_BRANCHES=false
|
||||
|
|
1
start.sh
1
start.sh
|
@ -42,6 +42,7 @@ docker_checks
|
|||
#fi
|
||||
|
||||
fix_capabilities
|
||||
load_web_password_secret
|
||||
generate_password
|
||||
validate_env || exit 1
|
||||
prepare_configs
|
||||
|
|
|
@ -24,7 +24,7 @@ def args_volumes():
|
|||
|
||||
@pytest.fixture()
|
||||
def args_env():
|
||||
return '-e ServerIP="127.0.0.1" -e ServerIPv6="::1"'
|
||||
return '-e ServerIP="127.0.0.1"'
|
||||
|
||||
@pytest.fixture()
|
||||
def args(args_dns, args_volumes, args_env):
|
||||
|
@ -120,7 +120,7 @@ def persist_args_volumes():
|
|||
|
||||
@pytest.fixture(scope='module')
|
||||
def persist_args_env():
|
||||
return '-e ServerIP="127.0.0.1" -e ServerIPv6="::1"'
|
||||
return '-e ServerIP="127.0.0.1"'
|
||||
|
||||
@pytest.fixture(scope='module')
|
||||
def persist_args(persist_args_dns, persist_args_volumes, persist_args_env):
|
||||
|
|
|
@ -65,7 +65,7 @@ def test_override_default_servers_with_DNS_EnvVars(Docker, Slow, args_env, expec
|
|||
function = Docker.run('. /bash_functions.sh ; eval `grep "^setup_dnsmasq " /start.sh`')
|
||||
assert expected_stdout in function.stdout
|
||||
expected_servers = 'server={}\n'.format(dns1) if dns2 == None else 'server={}\nserver={}\n'.format(dns1, dns2)
|
||||
Slow(lambda: expected_servers == Docker.run('grep "^server=" /etc/dnsmasq.d/01-pihole.conf').stdout)
|
||||
Slow(lambda: expected_servers == Docker.run('grep "^server=[^/]" /etc/dnsmasq.d/01-pihole.conf').stdout)
|
||||
|
||||
|
||||
#@pytest.mark.skipif(os.environ.get('CI') == 'true',
|
||||
|
@ -106,7 +106,7 @@ def test_DNS_Envs_are_secondary_to_setupvars(Docker, Slow, args_env, expected_st
|
|||
expected_servers = ['server={}'.format(dns1)]
|
||||
if dns2:
|
||||
expected_servers.append('server={}'.format(dns2))
|
||||
Slow(lambda: Docker.run('grep "^server=" /etc/dnsmasq.d/01-pihole.conf').stdout.strip().split('\n') == \
|
||||
Slow(lambda: Docker.run('grep "^server=[^/]" /etc/dnsmasq.d/01-pihole.conf').stdout.strip().split('\n') == \
|
||||
expected_servers)
|
||||
|
||||
|
||||
|
|
Loading…
Reference in New Issue