Merge pull request #451 from mabunixda/k8s

Use volume for configuration directory

Dockerfile.py

@@ -38,7 +38,8 @@ os_base_vars = {
 __version__ = None
 dot = os.path.abspath('.')
 with open('{}/VERSION'.format(dot), 'r') as v:
-    __version__ = v.read().strip()
+    raw_version = v.read().strip()
+    __version__ = raw_version.replace('release/', 'release-')
 
 images = {
     __version__: [

Dockerfile.template

@@ -1,5 +1,6 @@
 FROM {{ pihole.base }}
 
+ENV CONFIG_DIR /etc/pihole
 ENV S6OVERLAY_RELEASE https://github.com/just-containers/s6-overlay/releases/download/{{ pihole.s6_version }}/s6-overlay-{{ pihole.s6arch }}.tar.gz
 COPY install.sh /usr/local/bin/install.sh
 COPY VERSION /etc/docker-pi-hole-version
@@ -44,5 +45,6 @@ LABEL maintainer="{{ pihole.maintainer }}"
 LABEL url="https://www.github.com/pi-hole/docker-pi-hole"
 
 HEALTHCHECK CMD dig @127.0.0.1 pi.hole || exit 1
+VOLUME $CONFIG_DIR
 
 SHELL ["/bin/bash", "-c"]

Dockerfile_aarch64

@@ -1,5 +1,6 @@
 FROM multiarch/debian-debootstrap:arm64-stretch-slim
 
+ENV CONFIG_DIR /etc/pihole
 ENV S6OVERLAY_RELEASE https://github.com/just-containers/s6-overlay/releases/download/v1.21.7.0/s6-overlay-aarch64.tar.gz
 COPY install.sh /usr/local/bin/install.sh
 COPY VERSION /etc/docker-pi-hole-version
@@ -35,14 +36,15 @@ ENV ServerIP 0.0.0.0
 ENV FTL_CMD no-daemon
 ENV DNSMASQ_USER root
 
-ENV VERSION v4.2.1
+ENV VERSION v4.3
 ENV ARCH aarch64
 ENV PATH /opt/pihole:${PATH}
 
-LABEL image="pihole/pihole:v4.2.1_aarch64"
+LABEL image="pihole/pihole:v4.3_aarch64"
 LABEL maintainer="adam@diginc.us"
 LABEL url="https://www.github.com/pi-hole/docker-pi-hole"
 
 HEALTHCHECK CMD dig @127.0.0.1 pi.hole || exit 1
+VOLUME $CONFIG_DIR
 
 SHELL ["/bin/bash", "-c"]

Dockerfile_amd64

@@ -1,5 +1,6 @@
 FROM pihole/debian-base:latest
 
+ENV CONFIG_DIR /etc/pihole
 ENV S6OVERLAY_RELEASE https://github.com/just-containers/s6-overlay/releases/download/v1.21.7.0/s6-overlay-amd64.tar.gz
 COPY install.sh /usr/local/bin/install.sh
 COPY VERSION /etc/docker-pi-hole-version
@@ -35,14 +36,15 @@ ENV ServerIP 0.0.0.0
 ENV FTL_CMD no-daemon
 ENV DNSMASQ_USER root
 
-ENV VERSION v4.2.1
+ENV VERSION v4.3
 ENV ARCH amd64
 ENV PATH /opt/pihole:${PATH}
 
-LABEL image="pihole/pihole:v4.2.1_amd64"
+LABEL image="pihole/pihole:v4.3_amd64"
 LABEL maintainer="adam@diginc.us"
 LABEL url="https://www.github.com/pi-hole/docker-pi-hole"
 
 HEALTHCHECK CMD dig @127.0.0.1 pi.hole || exit 1
+VOLUME $CONFIG_DIR
 
 SHELL ["/bin/bash", "-c"]

Dockerfile_armel

@@ -1,5 +1,6 @@
 FROM multiarch/debian-debootstrap:armel-stretch-slim
 
+ENV CONFIG_DIR /etc/pihole
 ENV S6OVERLAY_RELEASE https://github.com/just-containers/s6-overlay/releases/download/v1.21.7.0/s6-overlay-arm.tar.gz
 COPY install.sh /usr/local/bin/install.sh
 COPY VERSION /etc/docker-pi-hole-version
@@ -35,14 +36,15 @@ ENV ServerIP 0.0.0.0
 ENV FTL_CMD no-daemon
 ENV DNSMASQ_USER root
 
-ENV VERSION v4.2.1
+ENV VERSION v4.3
 ENV ARCH armel
 ENV PATH /opt/pihole:${PATH}
 
-LABEL image="pihole/pihole:v4.2.1_armel"
+LABEL image="pihole/pihole:v4.3_armel"
 LABEL maintainer="adam@diginc.us"
 LABEL url="https://www.github.com/pi-hole/docker-pi-hole"
 
 HEALTHCHECK CMD dig @127.0.0.1 pi.hole || exit 1
+VOLUME $CONFIG_DIR
 
 SHELL ["/bin/bash", "-c"]

Dockerfile_armhf

@@ -1,5 +1,6 @@
 FROM multiarch/debian-debootstrap:armhf-stretch-slim
 
+ENV CONFIG_DIR /etc/pihole
 ENV S6OVERLAY_RELEASE https://github.com/just-containers/s6-overlay/releases/download/v1.21.7.0/s6-overlay-armhf.tar.gz
 COPY install.sh /usr/local/bin/install.sh
 COPY VERSION /etc/docker-pi-hole-version
@@ -35,14 +36,15 @@ ENV ServerIP 0.0.0.0
 ENV FTL_CMD no-daemon
 ENV DNSMASQ_USER root
 
-ENV VERSION v4.2.1
+ENV VERSION v4.3
 ENV ARCH armhf
 ENV PATH /opt/pihole:${PATH}
 
-LABEL image="pihole/pihole:v4.2.1_armhf"
+LABEL image="pihole/pihole:v4.3_armhf"
 LABEL maintainer="adam@diginc.us"
 LABEL url="https://www.github.com/pi-hole/docker-pi-hole"
 
 HEALTHCHECK CMD dig @127.0.0.1 pi.hole || exit 1
+VOLUME $CONFIG_DIR
 
 SHELL ["/bin/bash", "-c"]

README.md

@@ -44,9 +44,9 @@ services:
 
 ## Upgrade Notices:
 
-### Docker Pi-Hole v4.2.1-1+
+### Docker Pi-Hole v4.2.2
 
-- ServerIP no longer a required enviroment variable!  Feel free to remove it unless you need it to customize lighttpd
+- ServerIP no longer a required enviroment variable **unless you run network 'host' mode**!  Feel free to remove it unless you need it to customize lighttpd
 - --cap-add NET_ADMIN no longer required unless using DHCP, leaving in examples for consistency
 
 ### Docker Pi-Hole v4.1.1+
@@ -102,7 +102,7 @@ There are other environment variables if you want to customize various things in
 | `WEBPASSWORD: <Admin password>`<br/> **Recommended** *Default: random* | http://pi.hole/admin password. Run `docker logs pihole \| grep random` to find your random pass.
 | `DNS1: <IP>`<br/> *Optional* *Default: 8.8.8.8* | Primary upstream DNS provider, default is google DNS
 | `DNS2: <IP>`<br/> *Optional* *Default: 8.8.4.4* | Secondary upstream DNS provider, default is google DNS, `no` if only one DNS should used
-| `ServerIP: <Host's IP>`<br/> **Recommended** | Set to your server's LAN IP, used by web block modes and lighttpd bind address
+| `ServerIP: <Host's IP>`<br/> **Recommended** | **--net=host mode requires** Set to your server's LAN IP, used by web block modes and lighttpd bind address
 | `ServerIPv6: <Host's IPv6>`<br/> *Required if using IPv6* | **If you have a v6 network** set to your server's LAN IPv6 to block IPv6 ads fully
 | `VIRTUAL_HOST: <Custom Hostname>`<br/> *Optional* *Default: $ServerIP*   | What your web server 'virtual host' is, accessing admin through this Hostname/IP allows you to make changes to the whitelist / blacklists in addition to the default 'http://pi.hole/admin/' address
 | `IPv6: <True\|False>`<br/> *Optional* *Default: True* | For unraid compatibility, strips out all the IPv6 configuration from DNS/Web services when false.
@@ -117,7 +117,7 @@ Here is a rundown of other arguments for your docker-compose / docker run.
 
 | Docker Arguments | Description |
 | ---------------- | ----------- |
-| `-p <port>:<port>` **Recommended** | Ports to expose (54, 80, 67, 443), the bare minimum ports required for Pi-holes HTTP and DNS services
+| `-p <port>:<port>` **Recommended** | Ports to expose (53, 80, 67, 443), the bare minimum ports required for Pi-holes HTTP and DNS services
 | `--restart=unless-stopped`<br/> **Recommended** | Automatically (re)start your Pi-hole on boot or in the event of a crash
 | `-v $(pwd)/etc-pihole:/etc/pihole`<br/> **Recommended** | Volumes for your Pi-hole configs help persist changes across docker image updates
 | `-v $(pwd)/etc-dnsmasq.d:/etc/dnsmasq.d`<br/> **Recommended** | Volumes for your dnsmasq configs help persist changes across docker image updates

VERSION

@@ -1 +1 @@
-v4.2.1
+v4.3

bash_functions.sh

@@ -54,7 +54,7 @@ prepare_configs() {
     touch /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole.log
     chown pihole:pihole /var/run/pihole /var/log/pihole
     test -f /var/run/pihole/FTL.sock && rm /var/run/pihole/FTL.sock
-    chown pihole:pihole /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port /etc/pihole /etc/pihole/dhcp.leases /var/log/pihole.log
+    chown pihole:pihole /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port $CONFIG_DIR $CONFIG_DIR/dhcp.leases /var/log/pihole.log
     chmod 0644 /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole.log
     set -e
     # Update version numbers
@@ -116,8 +116,7 @@ setup_dnsmasq_dns() {
         dnsType='custom'
     fi;
 
-    # TODO With the addition of this to /start.sh this needs a refactor
-    if [ ! -f /.piholeFirstBoot ] ; then
+    if [ ! -f $CONFIG_DIR/.piholeFirstBoot ] ; then
         local setupDNS1="$(grep 'PIHOLE_DNS_1' ${setupVars})"
         local setupDNS2="$(grep 'PIHOLE_DNS_2' ${setupVars})"
         setupDNS1="${setupDNS1/PIHOLE_DNS_1=/}"

deploy_docker.sh

@@ -1,5 +1,5 @@
 #!/bin/bash -e
-# Script for manually pushing the docker arm images for diginc only
+# Script for manually pushing the docker arm images for pi-hole org members only
 # (no one else has docker repo permissions)
 if [ ! -f ~/.docker/config.json ] ; then
     echo "Error: You should setup your docker push authorization first"
@@ -7,7 +7,9 @@ if [ ! -f ~/.docker/config.json ] ; then
 fi
 
 parse_git_branch() {
-  git branch 2> /dev/null | sed -e '/^[^*]/d' -e 's/* \(.*\)/\1/'
+    var="$(git branch 2> /dev/null | sed -e '/^[^*]/d' -e 's/* \(.*\)/\1/')"
+    # convert release/ to release-
+    echo "${var/release\//release-}"
 }
 
 annotate() {
@@ -44,7 +46,7 @@ if [[ "$version" == 'unset' ]]; then
     if [[ "$branch" == "master" ]]; then
         echo "Version number var is unset and master branch needs a version...pass in \$version variable!"
         exit 1
-    elif [[ "$branch" = "release/"* ]]; then
+    elif [[ "$branch" == "release-"* ]]; then
         version="$(echo $branch | grep -Po 'v[\d\w\.-]*')"
         echo "Version number is being taken from this release branch $version"
     else

docker-compose-traefik-proxy.md

@@ -15,11 +15,11 @@ Please note the following about this [traefik](https://traefik.io/) example for
 version: '3'
 
 services:
-  # 
+  #
   traefik:
     container_name: traefik
     domainname: homedomain.lan
-    
+
     image: traefik
     restart: unless-stopped
     # Note I opt to whitelist certain apps for exposure to traefik instead of auto discovery
@@ -42,7 +42,7 @@ services:
   pihole:
     container_name: pihole
     domainname: homedomain.lan
-    
+
     image: pihole/pihole:latest
     dns:
       - 127.0.0.1
@@ -106,4 +106,3 @@ traefik    | time="2018-03-07T18:57:42Z" level=info msg="Server configuration re
 ```
 
 Also your port 8080 should list the Route/Rule for pihole and backend-pihole container.
-

install.sh

@@ -1,29 +1,29 @@
 #!/bin/bash -ex
 
-mkdir -p /etc/pihole/
+mkdir -p $CONFIG_DIR/
 mkdir -p /var/run/pihole
 # Production tags with valid web footers
-export CORE_TAG="$(cat /etc/docker-pi-hole-version)"
-# 4.2.1 -> 4.2 since no patch release for web
-export WEB_TAG="${CORE_TAG/.1/}"
+export CORE_VERSION="$(cat /etc/docker-pi-hole-version)"
+export WEB_VERSION="${CORE_VERSION}"
+
 # Only use for pre-production / testing
-export USE_CUSTOM_BRANCHES=false
+export CHECKOUT_BRANCHES=false
+# Search for release/* branch naming convention for custom checkouts
+if [[ "$CORE_VERSION" == *"release/"* ]] ; then
+    CHECKOUT_BRANCHES=true
+fi
 
 apt-get update
 apt-get install -y curl procps
 curl -L -s $S6OVERLAY_RELEASE | tar xvzf - -C /
 mv /init /s6-init
 
-if [[ $USE_CUSTOM_BRANCHES == true ]] ; then
-    CORE_TAG="release/$(cat /etc/docker-pi-hole-version)"
-fi
-
 # debconf-apt-progress seems to hang so get rid of it too
 which debconf-apt-progress
 mv "$(which debconf-apt-progress)" /bin/no_debconf-apt-progress
 
 # Get the install functions
-curl https://raw.githubusercontent.com/pi-hole/pi-hole/${CORE_TAG}/automated%20install/basic-install.sh > "$PIHOLE_INSTALL" 
+curl https://raw.githubusercontent.com/pi-hole/pi-hole/${CORE_VERSION}/automated%20install/basic-install.sh > "$PIHOLE_INSTALL"
 PH_TEST=true . "${PIHOLE_INSTALL}"
 
 # Preseed variables to assist with using --unattended install
@@ -67,27 +67,28 @@ FTLdetect 2>&1 | tee "${tmpLog}"
 installPihole 2>&1 | tee "${tmpLog}"
 mv "${tmpLog}" /
 
-if [[ $USE_CUSTOM_BRANCHES == true ]] ; then
+if [[ $CHECKOUT_BRANCHES == true ]] ; then
     ln -s /bin/true /usr/local/bin/service
     ln -s /bin/true /usr/local/bin/update-rc.d
-    echo y | bash -x pihole checkout core ${CORE_TAG}
-    echo y | bash -x pihole checkout web ${CORE_TAG}
-    echo y | bash -x pihole checkout ftl ${CORE_TAG}
-    # If the v is forgotten: ${CORE_TAG/v/}
+    echo y | bash -x pihole checkout core ${CORE_VERSION}
+    echo y | bash -x pihole checkout web ${WEB_VERSION}
+    echo y | bash -x pihole checkout ftl tweak/overhaul_overTime
+    # If the v is forgotten: ${CORE_VERSION/v/}
     unlink /usr/local/bin/service
     unlink /usr/local/bin/update-rc.d
 else
     # Reset to our tags so version numbers get detected correctly
-    pushd "${PI_HOLE_LOCAL_REPO}"; git reset --hard "${CORE_TAG}"; popd;
-    pushd "${webInterfaceDir}"; git reset --hard "${WEB_TAG}"; popd;
+    pushd "${PI_HOLE_LOCAL_REPO}"; git reset --hard "${CORE_VERSION}"; popd;
+    pushd "${webInterfaceDir}"; git reset --hard "${WEB_VERSION}"; popd;
 fi
 
 sed -i 's/readonly //g' /opt/pihole/webpage.sh
+sed -i '/^WEBPASSWORD/d' $CONFIG_DIR/setupVars.conf
 
 # Replace the call to `updatePiholeFunc` in arg parse with new `unsupportedFunc`
 sed -i $'s/helpFunc() {/unsupportedFunc() {\\\n  echo "Function not supported in Docker images"\\\n  exit 0\\\n}\\\n\\\nhelpFunc() {/g' /usr/local/bin/pihole
 sed -i $'s/)\s*updatePiholeFunc/) unsupportedFunc/g' /usr/local/bin/pihole
 
-touch /.piholeFirstBoot
+touch $CONFIG_DIR/.piholeFirstBoot
 
 echo 'Docker install successful'

start.sh

@@ -15,7 +15,7 @@ export DNSMASQ_LISTENING_BEHAVIOUR="$DNSMASQ_LISTENING"
 export IPv6
 export WEB_PORT
 
-export adlistFile='/etc/pihole/adlists.list'
+export adlistFile='$CONFIG_DIR/adlists.list'
 
 # The below functions are all contained in bash_functions.sh
 . /bash_functions.sh
@@ -27,16 +27,12 @@ echo " ::: Starting docker specific checks & setup for docker pihole/pihole"
 
 docker_checks
 
-# TODO:
-#if [ ! -f /.piholeFirstBoot ] ; then
-#    echo " ::: Not first container startup so not running docker's setup, re-create container to run setup again"
-#else
-#    regular_setup_functions
-#fi
-
 fix_capabilities
-generate_password
 validate_env || exit 1
+
+if [ -f $CONFIG_DIR/.piholeFirstBoot ] || [ -z "$(ls -A $CONFIG_DIR)" ] ; then
+
+generate_password
 prepare_configs
 change_setting "IPV4_ADDRESS" "$ServerIP"
 change_setting "IPV6_ADDRESS" "$ServerIPv6"
@@ -48,8 +44,9 @@ setup_dnsmasq_hostnames "$ServerIP" "$ServerIPv6" "$HOSTNAME"
 setup_ipv4_ipv6
 setup_lighttpd_bind "$ServerIP"
 setup_blocklists
+fi
 test_configs
 
-[ -f /.piholeFirstBoot ] && rm /.piholeFirstBoot
+[ -f $CONFIG_DIR/.piholeFirstBoot ] && rm $CONFIG_DIR/.piholeFirstBoot
 
 echo " ::: Docker start setup complete"

test/conftest.py

@@ -9,7 +9,8 @@ check_output = testinfra.get_backend(
 __version__ = None
 dotdot = os.path.abspath(os.path.join(os.path.abspath(__file__), os.pardir, os.pardir))
 with open('{}/VERSION'.format(dotdot), 'r') as v:
-    __version__ = v.read().strip()
+    raw_version = v.read().strip()
+    __version__ = raw_version.replace('release/', 'release-')
 
 @pytest.fixture()
 def args_dns():

test/test_bash_functions.py

@@ -21,7 +21,7 @@ def test_IPv6_not_True_removes_ipv6(Docker, Slow, test_args, expected_ipv6, expe
     # On overlay2(?) docker sometimes writes to disk are slow enough to break some tests...
     expected_ipv6_check = lambda: (\
         IPV6_LINE in Docker.run('grep \'use-ipv6.pl\' {}'.format(WEB_CONFIG)).stdout
-    ) == expected_ipv6 
+    ) == expected_ipv6
     Slow(expected_ipv6_check)
 
 
@@ -66,7 +66,7 @@ def test_bad_input_to_WEB_PORT(Docker, test_args, expected_error):
 def test_override_default_servers_with_DNS_EnvVars(Docker, Slow, args_env, expected_stdout, dns1, dns2):
     ''' on first boot when DNS vars are NOT set explain default google DNS settings are used
                    or when DNS vars are set override the pihole DNS settings '''
-    assert Docker.run('test -f /.piholeFirstBoot').rc == 0
+    assert Docker.run('test -f $CONFIG_DIR/.piholeFirstBoot').rc == 0
     function = Docker.run('. /bash_functions.sh ; eval `grep "^setup_dnsmasq " /start.sh`')
     assert expected_stdout in function.stdout
     expected_servers = 'server={}\n'.format(dns1) if dns2 == None else 'server={}\nserver={}\n'.format(dns1, dns2)
@@ -90,7 +90,7 @@ def test_DNS_Envs_are_secondary_to_setupvars(Docker, Slow, args_env, expected_st
     ''' on second boot when DNS vars are set just use pihole DNS settings
                     or when DNS vars and FORCE_DNS var are set override the pihole DNS settings '''
     # Given we are not booting for the first time
-    assert Docker.run('rm /.piholeFirstBoot').rc == 0
+    assert Docker.run('rm $CONFIG_DIR/.piholeFirstBoot').rc == 0
 
     # and a user already has custom pihole dns variables in setup vars
     dns_count = 1