#!/usr/bin/with-contenv bash s6-echo "Starting pihole-FTL ($FTL_CMD) as ${DNSMASQ_USER}" # Remove possible leftovers from previous pihole-FTL processes rm -f /dev/shm/FTL-* 2> /dev/null rm /run/pihole/FTL.sock 2> /dev/null # install /dev/null files to ensure they exist (create if non-existing, preserve if existing) mkdir -pm 0755 /run/pihole /var/log/pihole [[ ! -f /run/pihole-FTL.pid ]] && install /dev/null /run/pihole-FTL.pid [[ ! -f /run/pihole-FTL.port ]] && install /dev/null /run/pihole-FTL.port [[ ! -f /var/log/pihole/FTL.log ]] && install /dev/null /var/log/pihole/FTL.log [[ ! -f /var/log/pihole/pihole.log ]] && install /dev/null /var/log/pihole/pihole.log [[ ! -f /etc/pihole/dhcp.leases ]] && install /dev/null /etc/pihole/dhcp.leases # Ensure that permissions are set so that pihole-FTL can edit all necessary files chown pihole:pihole /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole/FTL.log /var/log/pihole/pihole.log /etc/pihole/dhcp.leases /run/pihole /etc/pihole chmod 0644 /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole/FTL.log /var/log/pihole/pihole.log /etc/pihole/dhcp.leases # Ensure that permissions are set so that pihole-FTL can edit the files. We ignore errors as the file may not (yet) exist chmod -f 0644 /etc/pihole/macvendor.db # Chown database files to the user FTL runs as. We ignore errors as the files may not (yet) exist chown -f pihole:pihole /etc/pihole/pihole-FTL.db /etc/pihole/gravity.db /etc/pihole/macvendor.db # Chown database file permissions so that the pihole group (web interface) can edit the file. We ignore errors as the files may not (yet) exist chmod -f 0664 /etc/pihole/pihole-FTL.db # Backward compatibility for user-scripts that still expect log files in /var/log instead of /var/log/pihole/ # Should be removed with Pi-hole v6.0 if [ ! -f /var/log/pihole.log ]; then ln -s /var/log/pihole/pihole.log /var/log/pihole.log chown -h pihole:pihole /var/log/pihole.log fi if [ ! -f /var/log/pihole-FTL.log ]; then ln -s /var/log/pihole/FTL.log /var/log/pihole-FTL.log chown -h pihole:pihole /var/log/pihole-FTL.log fi # Call capsh with the detected capabilities capsh --inh=${CAP_STR:1} --addamb=${CAP_STR:1} --user=$DNSMASQ_USER --keep=1 -- -c "/usr/bin/pihole-FTL $FTL_CMD >/dev/null 2>&1" # Notes on above: # - DNSMASQ_USER default of pihole is in Dockerfile & can be overwritten by runtime container env # - /var/log/pihole/pihole*.log has FTL's output that no-daemon would normally print in FG too # prevent duplicating it in docker logs by sending to dev null