[SUPPORT] pihole for unRaid - Spants repo


Recommended Posts

3 hours ago, subagon said:

I've been using pihole running on a raspberry pi for a few months and no problems. I migrated over to this docker but have a problem. My sonarr docker is no longer unable to resolve dns lookups. The sonarr docker is running on 192.168.1.2 (same as the unraid server) and pihole is on 192.168.1.10 (same ip I was using when running on raspberry pi). No other docker is using port 53 or 67. If I shutdown the pihole docker and restart the raspberry pi, sonarr starts resolving dns again.

 

I feel like I'm missing something basic... Ideas?

I believe this is from the default segregation of docker from the host. I have the same issue. If you give Sonarr a dedicated IP, then the communication between the two should be allowed. I can't find the post but I think it was release 6.4 that added dockers not being able to communicate with the host. 

Link to comment
6 hours ago, peteknot said:

I believe this is from the default segregation of docker from the host. I have the same issue. If you give Sonarr a dedicated IP, then the communication between the two should be allowed. I can't find the post but I think it was release 6.4 that added dockers not being able to communicate with the host. 

Thanks, I try putting sonarr on an ip other than the unRaid server's ip.

 

Update: That seems to have fixed it. Only issue was I had to re-ip several dockers off of the unRaid server ip to get sonarr talking to all of them (sabnzbd,deluge,jackett,nzbhydra2). I guess the lesson learned is to give each docker it's own ip and not share it with unRaid.

Edited by subagon
update
Link to comment

How does the cache work? I see everything is getting forwarded to my router. Well my router is the DHCP server. 

 

I find things working slower than before. 

 

image.png.33e1535d1e1dd8b221cfbedd03b2f0ab.png

 

My current setup is

-Pihole in bridge mode (created a docker network called piholenet)

-Static route created in my router so it can see piholenet (address 172.22.0.0 | subnetmask 255.255.0.0 | gateway unraid.server.ip.address

-router set with pihole IP as primary dns

 

So far it works. The reason I didn't do custom br0, was because most of my light switches and smart home devices lost access to internet, also my VPN couldn't reach the pihole because that's how docker network works by standard. 

Link to comment

Hey all, just updated this evening to the latest release, and I'm getting this in my logs.  Any ideas?

 

::: Starting docker specific setup for docker pihole/pihole
WARNING Misconfigured DNS in /etc/resolv.conf: Two DNS servers are recommended, 127.0.0.1 and any backup server

WARNING Misconfigured DNS in /etc/resolv.conf: Primary DNS should be 127.0.0.1 (found 127.0.0.11)


nameserver 127.0.0.11

It quickly just fails and stops after this error.  Didn't have any issues with it prior to the update (and no config changes either).

Edited by mbezzo
  • Upvote 1
Link to comment
11 hours ago, mbezzo said:

Hey all, just updated this evening to the latest release, and I'm getting this in my logs.  Any ideas?

 


::: Starting docker specific setup for docker pihole/pihole
WARNING Misconfigured DNS in /etc/resolv.conf: Two DNS servers are recommended, 127.0.0.1 and any backup server

WARNING Misconfigured DNS in /etc/resolv.conf: Primary DNS should be 127.0.0.1 (found 127.0.0.11)


nameserver 127.0.0.11

It quickly just fails and stops after this error.  Didn't have any issues with it prior to the update (and no config changes either).

 

+1. I had the exact same issue. Disabled pihole on my router to get around it

Link to comment

Hi there,


since the last update of the pihole-docker I am kind of insecure concerning a few things. I am also not quiet sure if everything runs as intended. 
Because I was not really confident about the recent template changes, I reinstalled the docker with the new template (including extra parameters containing --cap-add=NET_ADMIN --dns 127.0.0.1 --dns 1.1.1.1 --restart=unless-stopped)

Pihole has a static IP, I can login, seems to run but still i get some weird infos from the logs that I cant asses.

Could somebody maybe have a look and explain, how I could get rid of the messages / errors and how to get DNS resolution running?


From the logs (just a few snippets that matter):

Pi-hole blocking is enabled
DNS resolution is currently unavailable
DNS service is running

Stopping pihole-FTL
Starting pihole-FTL (no-daemon)
Stopping pihole-FTL
Starting pihole-FTL (no-daemon)

WARNING Misconfigured DNS in /etc/resolv.conf: Primary DNS should be 127.0.0.1 (found 127.0.0.11)

nameserver 127.0.0.11

My questions:
- concerning docker config: As DNS is already set in extra parameters, what should be entered in the docker config under Key 5 (Container Variable: DNS 1) and Key 6 (Container Variable: DNS 2)? Right now, there is 127.0.0.1 for DNS 1 and 1.1.1.1 for DNS 2, so basically the same as in extra parameters. Is that right?

- concerning nameserver: although there is 127.0.0.1 setup in the config, the logs spit out 127.0.0.11. Does that matter? AFAIK it is the docker localhost. Modifying /etc/resolv.conf does not help or change anything. Any suggestions?

- concerning pihole-docker itself: As soon as i am restarting the docker, the service does no longer start but loops between quits and restart trials (extra parameter: --restart=unless-stopped). Starting the docker from the docker-config (click into name for docker-config, change and rechange a parameter, click apply) on the other hand, succeeds and runs the docker without any certain errors. Weird??? Is that a bug or am I missing something?

 

Thanks for your help

Edited by hi2hello
Link to comment

I would guess so to, but does that imply, that I’d have to change or overwrite my resolv.conf everytime manually?

So far that did not work with nano, neither did the docker write the mandatory IPs into the resolv.conf.

The entries are not 127.0.0.1 and 1.1.1.1 as they are supposed to.

 

So is there a way in UnRaid to have a docker that is doing required steps on startup without the need for manual changes?

 

Besides the nameserver issue I also get some other messages, that do not seem to be correct, such as "inappropriate ioctl", "dnsmasq.conf is not a Pi-hole file" and a chown error.

 

Please see the attached log file

I am just using the current docker template where I did not changes except IP. Would be awesome if somebody could explain what kind of additions or changes would be needed to fix my pi-hole. 

Please see the attached screenshot of my docker.conf settings

 

 

Thanks a lot!

log.txt

docker-settings-pihole.jpg

Edited by hi2hello
Link to comment

I think the --dns argument in combination with the network type set to Custom: br0 doesn't play nice together.

Just in testing, when I set the network type to Host, start the container, and check the log, the DNS sets properly to 127.0.0.1.

I didn't try Bridge mode because there is a conflict with port 80 and I don't feel like messing with those settings right now but that is something else to look into.

 

I don't have enough knowledge of unraid and how the container networking works to offer a solution.  All I can do is point to the behavior I notice and hope that someone with more experience can shed some light.

 

I get those other messages in my log as well but I don't see what negative repercussions there are from that so I personally am not concerned about those.

 

At the end of the day, the 127.0.0.1 issue results in the container failing to resolve DHCP hostnames so you just see IP addresses in the dashboard.  Mainly a cosmetic issue.

Link to comment

I seem to be having a hard time setting this up... Using the default settings (minus redefining port 80 for the webinterface) I get the following error when trying to launch this docker:

 

/usr/bin/docker: Error response from daemon: driver failed programming external connectivity on endpoint pihole (846d19887a647cd73a7f4d9d940d6dd7ae3b7c3943a6b6df336c1c2705227f32): Error starting userland proxy: listen tcp 0.0.0.0:53: bind: address already in use.

The command failed.

Any ideas?

Link to comment
17 hours ago, FDM80 said:

I think the --dns argument in combination with the network type set to Custom: br0 doesn't play nice together.

Just in testing, when I set the network type to Host, start the container, and check the log, the DNS sets properly to 127.0.0.1.

I didn't try Bridge mode because there is a conflict with port 80 and I don't feel like messing with those settings right now but that is something else to look into.

 

I don't have enough knowledge of unraid and how the container networking works to offer a solution.  All I can do is point to the behavior I notice and hope that someone with more experience can shed some light.

 

I get those other messages in my log as well but I don't see what negative repercussions there are from that so I personally am not concerned about those.

 

At the end of the day, the 127.0.0.1 issue results in the container failing to resolve DHCP hostnames so you just see IP addresses in the dashboard.  Mainly a cosmetic issue.

You are right, with docker set to host, nameserver is set as intended. BUT than i get the following error message: 

dnsmasq: failed to create listening socket for port 53: Address already in use

and the docker terminates itself. 

 

Furthermore, within the install process, there is a warning

WARNING: Localhost DNS setting (--dns=127.0.0.1) may fail in containers.

and it obviously really does fail.

 

I dont know how to implement a stronger argument in the unRaid Docker settings such as mentioned earlier

$ echo -e "nameserver 127.0.0.1\nnameserver 1.1.1.1" > overwrite_resolv.conf
$ docker run -it -v $(pwd)/overwrite_resolv.conf:/etc/resolv.conf debian cat /etc/resolv.conf

 

 

Please, could anyone help out with working settings for an unRaid Docker? Right now, this is just not running properly and for sure no longer as shown in the video in the very first post of this thread. 

 

Thanks so much!

Edited by hi2hello
Link to comment
2 hours ago, hi2hello said:

Please, could anyone help out with working settings for an unRaid Docker?

Here's my config (with a few things redacted, and IPv6 stuff removed / disabled to make it a bit simpler).

I've had it running for quite a while now, so it's far from a fresh install.

 

If you haven't already, I'd recommend reading the config guide on Docker Hub: https://hub.docker.com/r/pihole/pihole

Particularly the Important Upgrade Notes and Environment Variables sections, as they explain in more detail the various "DNS" entries.

Repository: pihole/pihole:latest
Docker Hub URL: https://hub.docker.com/r/pihole/pihole

Icon URL: https://i.imgur.com/OWkNcEn.png
WebUI: http://[IP]:[PORT:80]/admin

Extra Parameters: --cap-add=NET_ADMIN --dns 127.0.0.1 --dns 1.1.1.1

Network Type: 'Custom: br0'
Fixed IP address (optional): 10.1.1.100

Privileged: Off


Variables ('Key'='Value')
'ServerIP'='10.1.1.100'
'WEBPASSWORD'='my password'
'DNS1'='1.1.1.1'
'DNS2'='1.0.0.1'
'IPv6'='False'
'INTERFACE'='eth0'
'DNSMASQ_LISTENING'='all'

Ports (host port : connection type)
53 : TCP
53 : UDP
80 : TCP

Paths ('container path' : 'host path' : 'access mode')
'/etc/pihole/' : '/mnt/cache/appdata/pihole/pihole/' : 'Read/Write'
'/etc/dnsmasq.d/': '/mnt/cache/appdata/pihole/dnsmasq.d/' : 'Read/Write'

 

Edited by Tyler
Link to comment

Thank you @Tyler: Except for a different Docker Hub URL (i was using the diginc Docker, so the one you find in Community Applications - which was renamed), there is no real difference to my settings. And as no surprise, still I get the same errors from the Pi-Hole Docker Logs

 

WARNING Misconfigured DNS in /etc/resolv.conf: Two DNS servers are recommended, 127.0.0.1 and any backup server

WARNING Misconfigured DNS in /etc/resolv.conf: Primary DNS should be 127.0.0.1 (found 127.0.0.11)

nameserver 127.0.0.11
options ndots:0
stty: 'standard input': Inappropriate ioctl for device
[i] Existing PHP installation detected : PHP version 7.0.33-0+deb9u1

[i] Installing configs from /etc/.pihole...
[i] Existing dnsmasq.conf found... it is not a Pi-hole file, leaving alone!
chown: cannot access '/etc/pihole/dhcp.leases': No such file or directory

You dont get these errors?

Edited by hi2hello
Link to comment
2 hours ago, Sinister said:

I apologize if this is a noob question but how do you update this docker? pi hole tells me there is an update available but any CLI commands i try dont work

 

thanks in advance

We are waiting for the official docker container to be updated.  Once that happens, we will have caught up with the rest of the group.

https://hub.docker.com/r/pihole/pihole/

If you look at the Tags tab, you can see the one we normally use (latest) is 7 days old and there is a dev version that is 3 days old.

  • Like 1
Link to comment
  • 2 weeks later...

I got Pi-Hole up & running for a few days. It seems like it's working and is the DHCP & DNS server for my house. It doesn't seem like it's blocking much though.

 

In Safari, I have ghostery and never really noticed may ads or things like that. But if I try Chrome or another browser, I still see tons of ads on websites.

 

Is there a setting to check or adjust?

 

 

 

Screen Shot 2019-02-26 at 6.46.27 AM.png

Link to comment
12 hours ago, shaunvis said:

I got Pi-Hole up & running for a few days. It seems like it's working and is the DHCP & DNS server for my house. It doesn't seem like it's blocking much though.

 

In Safari, I have ghostery and never really noticed may ads or things like that. But if I try Chrome or another browser, I still see tons of ads on websites.

 

Is there a setting to check or adjust?

 

 

 

Screen Shot 2019-02-26 at 6.46.27 AM.png

Your total "Domains on Blocklist" could be considered pretty low. The youtube tutorial on the original post provides some good information and has a link to some nice categorized block lists. There are also several other references for blocking lists on the Pi-Hole community. 

Currently I have about 900,000 on my blocklist. This is not close to what is possible and certainly not a recommended number. I am just providing it for reference. With the list I have, the percent blocked bounces around 15-20%. Also consider that the amount of blocked queries is only applicable to your usage. If you have a blocklist primarily for malware domains, but your internet usage stays in the safer domains, then you wont have a lot of hits. If you are blocking adverts and do a lot of online shopping, that hit count is going to shoot up.

Link to comment
12 hours ago, shaunvis said:

I got Pi-Hole up & running for a few days. It seems like it's working and is the DHCP & DNS server for my house. It doesn't seem like it's blocking much though.

 

In Safari, I have ghostery and never really noticed may ads or things like that. But if I try Chrome or another browser, I still see tons of ads on websites.

 

Is there a setting to check or adjust?

 

 

 

Screen Shot 2019-02-26 at 6.46.27 AM.png

You should check out this website.

Ad blocking, telemetry, malicious sites, etc. that you can add to your pihole.

https://firebog.net/

 

For starters, I'd recommend the below list which is all the ones on the website with a check mark next to them.

It is the list that is least likely to interfere with normal browsing habits (ie: not as aggressive as some of the other lists)

https://v.firebog.net/hosts/lists.php?type=tick

 

  • Like 1
Link to comment
30 minutes ago, FDM80 said:

You should check out this website.

Ad blocking, telemetry, malicious sites, etc. that you can add to your pihole.

https://firebog.net/

 

For starters, I'd recommend the below list which is all the ones on the website with a check mark next to them.

It is the list that is least likely to interfere with normal browsing habits (ie: not as aggressive as some of the other lists)

https://v.firebog.net/hosts/lists.php?type=tick

 

Thanks, I'll give those a shot. 

 

Link to comment
54 minutes ago, ShovelHead said:

Your total "Domains on Blocklist" could be considered pretty low. The youtube tutorial on the original post provides some good information and has a link to some nice categorized block lists. There are also several other references for blocking lists on the Pi-Hole community. 

Currently I have about 900,000 on my blocklist. This is not close to what is possible and certainly not a recommended number. I am just providing it for reference. With the list I have, the percent blocked bounces around 15-20%. Also consider that the amount of blocked queries is only applicable to your usage. If you have a blocklist primarily for malware domains, but your internet usage stays in the safer domains, then you wont have a lot of hits. If you are blocking adverts and do a lot of online shopping, that hit count is going to shoot up.

Thanks. I followed Spaceinvaders video & added the lists he had. 

I'm more concerned with ads, tracking from the likes of google, FB, etc. and things like that. I guess I just need to play around with lists

Link to comment
41 minutes ago, shaunvis said:

Thanks. I followed Spaceinvaders video & added the lists he had. 

I'm more concerned with ads, tracking from the likes of google, FB, etc. and things like that. I guess I just need to play around with lists

Glad you got it worked out. I recommend taking your time and adding a few URL lists at a time. Pi-Hole makes it easy to add items to the whitelist, but it can be frustrating if you start blocking to much at once. I am currently trying to verify Pi-Hole is not part of my recent automation issues. 

Link to comment
22 minutes ago, ShovelHead said:

Glad you got it worked out. I recommend taking your time and adding a few URL lists at a time. Pi-Hole makes it easy to add items to the whitelist, but it can be frustrating if you start blocking to much at once. I am currently trying to verify Pi-Hole is not part of my recent automation issues. 

I think initially I was adding more malware oriented lists and not ad oriented lists. 

 

The things that's surprised me with piehole is my freaking Roku and Onkyo receiver are chattering nonstop to things, even when they're "off".  

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.