Privileged containers do not list each cap by name,
instead they lead with =eip and selectively remove
caps with cap_foo_bar-eip.
Instead we can use the --has-p flag of capsh to check
for the permitted cap.
Signed-off-by: Kyle Harding <kyle@balena.io>
Update fix_capabilities to only apply net_admin and sys_nice if they are actually available to the container
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
- reorder some stuff in the main Dockerfile
- Remove the CORE/WEB/FTL_VERSION args/env vars
- tweaks to GHA build script after some hints from @crazy-max
- always checkout dev versions of Pi-hole for nightly build, also make sure we're using dev branch of this repo
- keep pihole checkout enabled for dev and nightly tags
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
First git clone the repos, next checkout the relevant branches and finally run the install script. Simples.
`sed`ed out a couple of other unsupported functions
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
When setting the password, explicitly disable bash logging. Leave the
re-enable code so that other functions work as expected. Additionally,
do not remove the print in generate_password so randomly generated
passwords are still logged for user consistency.
Signed-off-by: Kyle Kurz <kyle@doublekaudio.com>
The distro_check function includes updating the APT cache, checking for dependencies, which is both not required on Docker start where all required packages are installed already. The only required steps from this function is the webserver user and config file names, which can be applied directly instead since we know that the Pi-hole Docker container is based on Debian.
Furthermore this solves the issue that updating the APT cache fails, when Pi-hole itself is used for DNS resolution, since pihole-FTL has not yet been started at this stage. That failure was not visible since "apt-get update" does not exist with error code (currently) when facing DNS resolving issues, even if not a single list could have been updated, and no other step is done that would require DNS resolving, until pihole-FTL is started. For a regular (non-Docker) install or update it is however reasonable to error out directly when the APT cache could not have been updated, to not defer the exit unnecessarily to a harder-to-debug stage.
Signed-off-by: MichaIng <micha@dietpi.com>
If not set, keep existing values in setupVars
if no existing values in setupVars - fall back to defaults
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
* Added new docker tag variations to specify the debian version ('stretch', and 'buster').
* Arch images are alway as specific as possible: pihole/pihole:master-amd64-stretch
* Multiarch images have both the specific debian version tags as well as the generic non-debian tags: pihole/pihole:master-stretch & pihole/pihole:master
* Currently, the non-specific tags point to the 'stretch' images. Eventaully it can be migrated to 'buster'.
* Use GitHub actions to do the builds. Although the script names include 'gh-actions' to differentiate them from the 'circle' scripts, there is zero logic that is specific to Github (ie. no Github environment variables).
* 'armhf:buster' & 'arm64:buster' has an issue with `ip route get`. I think the issue is related to 'qemu', but I'm not sure. Update the `validate_env` function to only use `ip route get` if `nc` reports something strange.
Signed-off-by: Daniel <daniel@developerdan.com>
* Refactored the prepare_configs function in bash_functions.sh
* Now able to set settings via the UI or ENV Variables - ENV Variables override when restarted
* Added ENV Variables for ADMIN_EMAIL, TEMPERATUREUNIT, and WEBUIBOXEDLAYOUT
- Created setup_temp_unit function in bash_functions.sh
- Created setup_ui_layout function in bash_functions.sh
- Created setup_admin_email function in bash_functions.sh
* Updated README.md
- Added docs on new ENV Variables
- Updated True/False settings docs so they were quoted, otherwise misleading to k8s users and not "true" booleans
Signed-off-by: Andrew J. Huffman <ahuffman@vmware.com>