[SUPPORT] testdasi repo


Recommended Posts

I code for fun and my dockers are mostly about adding niche features to stuff.

DockerHub: https://hub.docker.com/u/testdasi

 

If you like my work, a donation to my burger fund is very much appreciated.

Donate

 

List:

  1. Grafana Unraid Stack
  2. OpenVPN HyRoSa
  3. OpenVPN HyDeSa
  4. OpenVPN AIO Client
  5. Pi-Hole DoT DoH
  6. DNS DoH companion

 

Grafana Unraid Stack

Meet Gus! He has everything you need to start monitoring Unraid (Grafana - Influxdb - Telegraf - Loki - Promtail). Comes with GUS dashboard and falconexe's Ultimate UNRAID Dashboard v1.3 pre-installed.

  • Choice of HDDTemp or S.M.A.R.T for HDD/SSD monitoring. (Hint: both GUS and UUD use S.M.A.R.T)
  • Ability to view Unraid syslog in a Grafana panel with Loki and Promtail.

NOTE: uses Host network by default. If you want to run at with Bridge network, remember to map port 3006 to access Grafana. Don't change the port ENV variables unless you are comfortable changing the various config files as things are very tightly integrated.

For more detailed instructions, please refer to Docker Hub / Github links below.

      Docker Hub: https://hub.docker.com/r/testdasi/grafana-unraid-stack

      Github: https://github.com/testdasi/grafana-unraid-stack

      Ultimate UNRAID Dashboard official thread: https://forums.unraid.net/topic/96895-ultimate-unraid-dashboard-uud/

 

 

OpenVPN HyRoSa

(NZB)Hydra2 - RTorrent (Flood GUI) - Sabnzbd.

  • Same as OpenVPN HyDeSa except with rTorrent instead of Deluge.
    • I personally prefer rTorrent + Flood over the alternatives.
  • Port-forwarding is unfortunately not supported at the moment (and it also requires your VPN service to provide a way to do it). Torrent still works fine without port-forwarding but if it's critical to you, I recommend binhex/arch-rtorrentvpn.

NOTE: You must create an openvpn subfolder under your appdata folder and place the OpenVPN configuration there (must include openvpn.ovpn + credentials + certs).

For more detailed instructions, please refer to Docker Hub / Github links below.

      Docker Hub: https://hub.docker.com/r/testdasi/openvpn-hyrosa

      Github: https://github.com/testdasi/openvpn-hyrosa

 

 

OpenVPN HyDeSa

(NZB)Hydra2 - Deluge - Sabnzbd.

  • Now your torrent and usenet are protected behind OpenVPN Client (with kill switch) and DNS-over-TLS.
  • Socks5 + HTTP proxy are also included for your convenience e.g. to also send Sonarr and Radarr web traffic through the VPN.
  • Port-forwarding is unfortunately not supported at the moment (and it also requires your VPN service to provide a way to do it). Torrent still works fine without port-forwarding but if it's critical to you, I recommend binhex/arch-delugevpn.

NOTE: You must create an openvpn subfolder under your appdata folder and place the OpenVPN configuration there (must include openvpn.ovpn + credentials + certs).

For more detailed instructions, please refer to Docker Hub / Github links below.

      Docker Hub: https://hub.docker.com/r/testdasi/openvpn-hydesa

      Github: https://github.com/testdasi/openvpn-hydesa

 

 

OpenVPN AIO Client

An "all-in-one" docker for all your private browsing needs.

  • Including OpenVPN client with nftables kill switch
  • DNS server to DoT (DNS-over-TLS) services
  • Socks5 + HTTP proxy to both VPN and TOR with (additional) piping kill switch for the proxies.
    • Default repository with VPN + TOR: testdasi/openvpn-client-aio:stable-amd64
    • Optional repository with only VPN: testdasi/openvpn-client-aio:stable-torless-amd64

NOTE: you must place your own OpenVPN configuration to the host path that is mapped to /etc/openvpn (The ovpn file must be named openvpn.ovpn. Credentials + certs can be in the same file or split out into other files - the flexibility is yours.)

For more detailed instructions, please refer to Docker Hub / Github links below.

      Docker Hub: https://hub.docker.com/r/testdasi/openvpn-client-aio

      Github: https://github.com/testdasi/openvpn-client-aio

 

 

Pi-Hole DoT DoH

Official pihole docker with added DNS-over-TLS (DoT) and DNS-over-HTTPS (DoH).

  • DoH uses cloudflare (1.1.1.1/1.0.0.1) and DoT uses google (8.8.8.8/8.8.4.4). Config files are exposed so you can modify them as you wish e.g. to add more services.

This docker supercedes my previous Pi-Hole with DoH and Pi-Hole with DoT dockers.

For more detailed instructions, please refer to Docker Hub / Github links below.

      Docker Hub: https://hub.docker.com/r/testdasi/pihole-dot-doh

      Github: https://github.com/testdasi/pihole-dot-doh

 

 

DNS DoH companion

Simple DNS server to connect to DNS-over-HTTPS. Easy fast way to add DNS functionality to an OpenVPN docker (using --network=container:) and/or enable DNS encryption for your local network / devices.

Emphasis on simplicity (hence a "companion"). If you want bells and whistles, I recommend ICH777's DoH Client.

 

 

Update (23/09/2020):

  • Grafana Unraid Stack changes:
    • Expose Influxdb RPC port and change it to a rarer default value (58083) instead of the original common 8088.
    • Added falconexe's Ultimate UNRAID Dashboard v1.3

 

Edited by testdasi
Update (23/09/2020)
  • Like 3
  • Thanks 4
Link to comment

Hello, 

 

Thanks for this docker. I was using the original pi-hole without DOH support. I would like to use this but after installing, I can see the pi-hole resolving the websites in the query log but I can't browse the websites, get an error that cannot resolve dns name.

 

I left the DNS1 and DNS2 as instructed to 127.1.1.1#5153, if I select any of the other upstream servers such as Cloudflare or Quad9, then I can browse the internet. Am I suppose to choose another Upstream server along with the 2 custom  127.1.1.1#5153? 

 

Thanks

  • Thanks 1
Link to comment
7 hours ago, mikegiann said:

Hello, 

 

Thanks for this docker. I was using the original pi-hole without DOH support. I would like to use this but after installing, I can see the pi-hole resolving the websites in the query log but I can't browse the websites, get an error that cannot resolve dns name.

 

I left the DNS1 and DNS2 as instructed to 127.1.1.1#5153, if I select any of the other upstream servers such as Cloudflare or Quad9, then I can browse the internet. Am I suppose to choose another Upstream server along with the 2 custom  127.1.1.1#5153? 

 

Thanks

That sounds like the cloudflared service failed to start. Try removing the path mapping for cloudflared in your Docker config (the 3rd path mapping).

Link to comment
root@localhost:# /usr/local/emhttp/plugins/dynamix.docker.manager/scripts/docker run -d --name='pihole-with-doh' --net='bridge' -e TZ="Europe/Berlin" -e HOST_OS="Unraid" -e 'DNS1'='127.1.1.1#5153' -e 'DNS2'='127.1.1.1#5153' -e 'TZ'='Europe/Amsterdam' -e 'WEBPASSWORD'='password' -e 'INTERFACE'='br0' -e 'ServerIP'='192.168.1.7' -e 'ServerIPv6'='' -e 'IPv6'='False' -e 'DNSMASQ_LISTENING'='all' -p '53:53/tcp' -p '53:53/udp' -p '67:67/udp' -p '80:80/tcp' -p '443:443/tcp' -v '/mnt/user/appdata/pihole-doh/pihole/':'/etc/pihole/':'rw' -v '/mnt/user/appdata/pihole-doh/dnsmasq.d/':'/etc/dnsmasq.d/':'rw' --cap-add=NET_ADMIN --restart=unless-stopped 'testdasi/pihole-with-doh'

39f5fd7455f1fa5dfed989b1cefa10fdebea845722d37b2dc8861afc9b8c0203
/usr/bin/docker: Error response from daemon: driver failed programming external connectivity on endpoint pihole-with-doh (ec98edf36e66ae40c9ead8078e625cbcc65563379fd10c2073956e49ac008095): Error starting userland proxy: listen tcp 0.0.0.0:443: bind: address already in use.

The command failed.

Whatever I do, I can't seem to get it running.

Link to comment
2 hours ago, Julius said:

root@localhost:# /usr/local/emhttp/plugins/dynamix.docker.manager/scripts/docker run -d --name='pihole-with-doh' --net='bridge' -e TZ="Europe/Berlin" -e HOST_OS="Unraid" -e 'DNS1'='127.1.1.1#5153' -e 'DNS2'='127.1.1.1#5153' -e 'TZ'='Europe/Amsterdam' -e 'WEBPASSWORD'='password' -e 'INTERFACE'='br0' -e 'ServerIP'='192.168.1.7' -e 'ServerIPv6'='' -e 'IPv6'='False' -e 'DNSMASQ_LISTENING'='all' -p '53:53/tcp' -p '53:53/udp' -p '67:67/udp' -p '80:80/tcp' -p '443:443/tcp' -v '/mnt/user/appdata/pihole-doh/pihole/':'/etc/pihole/':'rw' -v '/mnt/user/appdata/pihole-doh/dnsmasq.d/':'/etc/dnsmasq.d/':'rw' --cap-add=NET_ADMIN --restart=unless-stopped 'testdasi/pihole-with-doh'

39f5fd7455f1fa5dfed989b1cefa10fdebea845722d37b2dc8861afc9b8c0203
/usr/bin/docker: Error response from daemon: driver failed programming external connectivity on endpoint pihole-with-doh (ec98edf36e66ae40c9ead8078e625cbcc65563379fd10c2073956e49ac008095): Error starting userland proxy: listen tcp 0.0.0.0:443: bind: address already in use.

The command failed.

Whatever I do, I can't seem to get it running.

You need to give the docker its own IP. There's something using port 443 according to the error.

Alternatively map port 443 to a different port.

 

20 minutes ago, numblock699 said:

Sweet job on these, thanks for the work. Any change of one with pi-hole and unbound?

Unbound has very high latency. About 75-100ms slower. Plus I think it does caching, which overlaps what Pihole already does.

Link to comment
12 hours ago, testdasi said:

You need to give the docker its own IP. There's something using port 443 according to the error.

Alternatively map port 443 to a different port.

Already tried both options, and more. It doesn't work. Unraid runs on 2 interfaces (eth0 and eth1, as bond0) with 192.168.1.11, I've set the docker to use a free IP 192.168.1.7, but even when I set it to use the same IP and different ports (81 and 445 for example), there's no pihole web-ui running. The docker keeps failing to start, and when it does start it says it's using 192.168.1.11, which I did not set. Attached are the network config and docker config. (Good grief, what do people see in those docker containers? It's a complete flaky network-mess, full of translations, redirections and proxies, adding latency and complexity. And extra webservers running just for one app. I keep saying it; VM's are more efficient, easier to maintain and easier to make accessible. But much to my surprise, pi-hole doesn't even properly support being installed on Debian 10, with the shipped php-fpm and nginx, otherwise I already would have done that in the VM's I run on this unraid server.

netunraid.jpg

piholedock.jpg

Link to comment
On 8/28/2020 at 10:11 PM, Julius said:

root@localhost:# /usr/local/emhttp/plugins/dynamix.docker.manager/scripts/docker run -d --name='pihole-with-doh' --net='bridge' -e TZ="Europe/Berlin" -e HOST_OS="Unraid" -e 'DNS1'='127.1.1.1#5153' -e 'DNS2'='127.1.1.1#5153' -e 'TZ'='Europe/Amsterdam' -e 'WEBPASSWORD'='password' -e 'INTERFACE'='br0' -e 'ServerIP'='192.168.1.7' -e 'ServerIPv6'='' -e 'IPv6'='False' -e 'DNSMASQ_LISTENING'='all' -p '53:53/tcp' -p '53:53/udp' -p '67:67/udp' -p '80:80/tcp' -p '443:443/tcp' -v '/mnt/user/appdata/pihole-doh/pihole/':'/etc/pihole/':'rw' -v '/mnt/user/appdata/pihole-doh/dnsmasq.d/':'/etc/dnsmasq.d/':'rw' --cap-add=NET_ADMIN --restart=unless-stopped 'testdasi/pihole-with-doh'

39f5fd7455f1fa5dfed989b1cefa10fdebea845722d37b2dc8861afc9b8c0203
/usr/bin/docker: Error response from daemon: driver failed programming external connectivity on endpoint pihole-with-doh (ec98edf36e66ae40c9ead8078e625cbcc65563379fd10c2073956e49ac008095): Error starting userland proxy: listen tcp 0.0.0.0:443: bind: address already in use.

The command failed.

Whatever I do, I can't seem to get it running.

Same issue. Looks great but unfortunately I can't free up port 80 or port 443 because I am using them with LetsEncrypt. The other PiHole container works fine though without any conflicts right from the beginning.

 

EDIT: I changed to use port 8080 and 3443 for this container but I am still getting an error that a port is in use. Also, shouldn't both these ports be different in the default config? Either way, I'm getting a server error and the container won't even start.

 

hmmmmmm.png

uhf.png

 

EDIT FINAL: Well I worked out that it has to be set at its own I.P. address like OP said. I read that but didn't really get it because it looked like it was just an option in the container config at the bottom. So setting it to "Custom: br0" and giving it its own I.P. address solved the problem completely using default settings.

 

After adding lists it works great. Though it did crash when I attempted to update 65 lists at the same time. It seemed to add the lists successfully but when updating them it crashed. So rebooting caused them to all be updated before the PiHole container finished starting.

 

Big thanks to the OP. I've been looking for something with HTTPS over DNS for ages.

Edited by plantsandbinary
Link to comment
2 hours ago, plantsandbinary said:

So setting it to "Custom: br0" and giving it its own I.P. address solved the problem completely using default settings.

 

 

There is no "Custom: br0" under my docker Network type options. Already gave it its own IP (as I clearly wrote), still it fails saying its IP is 0.0.0.0, which it is not.

 

I switched off docker support for my unraid entirely. Back to using VMs for all, much easier to maintain, to secure (csf/lfd firewall), no strange translations, soft-linking or proxying, and I found a very good config for pihole using a nginx server.conf with php-fpm here.

Edited by Julius
Link to comment

 

Hi! 

Tried to replace my old pihole docker with this one but i cant get it running.
I have the original docker running at IP .12 and the Unraid DNS pointing to that.
Deploying this new docker at IP .123 is no problem. Works like a charm.
But stopping or removing the old .12 pihole and the new wont deploy (or even restart). Doesn't matter what IP i give the new one. And the old one, if it's anything but .12 new new one wont start.
The problem is that lighttpd wont work. It accepts DNS queries and all. But no web GUI. The docker log shows.
 

Added ENV to php:
"PHP_ERROR_LOG" => "/var/log/lighttpd/error.log",


Tried manually starting lighttpd. Worked for a few seconds and then it died.

# service lighttpd status
s6 service not found for lighttpd, exiting...
# lighttpd
2020-09-03 16:31:52: (server.c.1073) No configuration available. Try using -f option. 
# lighttpd -f 
lighttpd: option requires an argument -- 'f'
lighttpd/1.4.53 (ssl) - a light and fast webserver
usage:
 -f <name>  filename of the config-file
 -m <name>  module directory (default: /usr/lib/lighttpd)
 -i <secs>  graceful shutdown after <secs> of inactivity
 -1         process single (one) request on stdin socket, then exit
 -p         print the parsed config-file in internal form, and exit
 -t         test config-file syntax, then exit
 -tt        test config-file syntax, load and init modules, then exit
 -D         don't go to background (default: go to background)
 -v         show version
 -V         show compile-time features
 -h         show this help

# lighttpd -f /etc/lighttpd/lighttpd.conf


I tried
 - Removing all pihole containers and it's appdata and redownload them.
 - Change the Unraid DNS to the new pihole (.123). and then tried to deploy the new pihole-doh at .12. No luck.
 - Deploy pihole-template (original), that works. But not pihole-doh.



Solved by workaround.
Changed Unraid DNS to 1.1.1.1 and it worked.

Edited by Daggr
Link to comment

Just got back from holiday and am glad to see some folks found my dockers useful. 🧐

 

On 8/31/2020 at 1:08 PM, Julius said:

There is no "Custom: br0" under my docker Network type options. Already gave it its own IP (as I clearly wrote), still it fails saying its IP is 0.0.0.0, which it is not.

 

I switched off docker support for my unraid entirely. Back to using VMs for all, much easier to maintain, to secure (csf/lfd firewall), no strange translations, soft-linking or proxying, and I found a very good config for pihole using a nginx server.conf with php-fpm here.

Settings -> Docker -> activate "IPv4 custom network on interface br0".

What it does is Unraid would create a macvlan custom docker network so you can assign custom IP for any docker.

Caveat: if your VM uses the same bridge as the dockers then under kernel 5.x (Unraid 6.9.0+), you will have spurious errors spamming your syslog. The workarounds for this Linux kernel annoyance is outlined in the Unraid 6.9.0 release notes.

 

On 9/3/2020 at 5:07 PM, Daggr said:

Solved by workaround.
Changed Unraid DNS to 1.1.1.1 and it worked.

It's not a workaround but a requirement. Pointing Unraid network config to an Unraid docker just won't work.

So Settings -> Network Settings has to use DNS server not hosted on the Unraid server itself.

Hence, I have a RPi4 for this.

Link to comment

Thanks for the containers. I'm hoping you can point me in the right direction. I've been using regular Pi-hole for a very long time. I have a br0 custom network and all containers have their own IP. Of course, unRAID points itself at an external DNS. As far as I can tell, I have everything set up correctly, However, when I try to use either the DoH container or the Pi-hole/DoH container, I cannot get DNS resolution. Here's the log from the standalone DoH container. This is all it does after the container starts.
 

[36mINFO[0m[2020-09-07T12:29:43-05:00] Version 2020.8.2

[36mINFO[0m[2020-09-07T12:29:43-05:00] GOOS: linux, GOVersion: go1.14.7, GoArch: amd64
[36mINFO[0m[2020-09-07T12:29:43-05:00] Environment variables map[config:/etc/cloudflared/config.yml proxy-dns:true proxy-dns
address:0.0.0.0 proxy-dns-port:53 proxy-dns-upstream:https://1.1.1.1/dns-query, https://1.0.0.1/dns-query]
[36mINFO[0m[2020-09-07T12:29:43-05:00] Adding DNS upstream - url: https://1.1.1.1/dns-query
[36mINFO[0m[2020-09-07T12:29:43-05:00] Adding DNS upstream - url: https://1.0.0.1/dns-query
[36mINFO[0m[2020-09-07T12:29:43-05:00] Starting DNS over HTTPS proxy server on: dns://0.0.0.0:53
[36mINFO[0m[2020-09-07T12:29:43-05:00] Starting metrics server on 127.0.0.1:45489/metrics
[36mINFO[0m[2020-09-07T12:29:43-05:00] Autoupdate frequency is set to 24h0m0s
[31mERROR[0m[2020-09-07T12:29:53-05:00] update check failed: Post "https://update.equinox.io/check": dial tcp: lookup
update.equinox.io on 127.0.0.11:53: read udp 127.0.0.1:35256->127.0.0.11:53: i/o timeout

Any ideas as to what I'm doing wrong? Thanks!

Edited by JasonM
Link to comment
15 hours ago, JasonM said:

Thanks for the containers. I'm hoping you can point me in the right direction. I've been using regular Pi-hole for a very long time. I have a br0 custom network and all containers have their own IP. Of course, unRAID points itself at an external DNS. As far as I can tell, I have everything set up correctly, However, when I try to use either the DoH container or the Pi-hole/DoH container, I cannot get DNS resolution. Here's the log from the standalone DoH container. This is all it does after the container starts.
 


[36mINFO[0m[2020-09-07T12:29:43-05:00] Version 2020.8.2

[36mINFO[0m[2020-09-07T12:29:43-05:00] GOOS: linux, GOVersion: go1.14.7, GoArch: amd64
[36mINFO[0m[2020-09-07T12:29:43-05:00] Environment variables map[config:/etc/cloudflared/config.yml proxy-dns:true proxy-dns
address:0.0.0.0 proxy-dns-port:53 proxy-dns-upstream:https://1.1.1.1/dns-query, https://1.0.0.1/dns-query]
[36mINFO[0m[2020-09-07T12:29:43-05:00] Adding DNS upstream - url: https://1.1.1.1/dns-query
[36mINFO[0m[2020-09-07T12:29:43-05:00] Adding DNS upstream - url: https://1.0.0.1/dns-query
[36mINFO[0m[2020-09-07T12:29:43-05:00] Starting DNS over HTTPS proxy server on: dns://0.0.0.0:53
[36mINFO[0m[2020-09-07T12:29:43-05:00] Starting metrics server on 127.0.0.1:45489/metrics
[36mINFO[0m[2020-09-07T12:29:43-05:00] Autoupdate frequency is set to 24h0m0s
[31mERROR[0m[2020-09-07T12:29:53-05:00] update check failed: Post "https://update.equinox.io/check": dial tcp: lookup
update.equinox.io on 127.0.0.11:53: read udp 127.0.0.1:35256->127.0.0.11:53: i/o timeout

Any ideas as to what I'm doing wrong? Thanks!

 

I'll try to help. From the Dashboard, click on the Docker and then Console. On the new console window, what do you see for this command?

dig @127.0.0.1 google.com

Check the ANSWER SECTION:. If it resolves successfully then it would look something like this (likely different IP but should be a real IP):

;; ANSWER SECTION:
google.com.             94      IN      A       172.217.20.14

 

If it's successful then you probably have something else in your network blocking the equinox.io domain.

Maybe cuz it's ".io" which isn't a typical domain, I have seen these being arbitrarily / errorneously blocked.

 

If it's not sucessful then your docker network is probably the problem. That would be quite a bit harder to fix.

 

 

 

 

Link to comment
2 hours ago, testdasi said:

 

I'll try to help. From the Dashboard, click on the Docker and then Console. On the new console window, what do you see for this command?


dig @127.0.0.1 google.com

Check the ANSWER SECTION:. If it resolves successfully then it would look something like this (likely different IP but should be a real IP):


;; ANSWER SECTION:
google.com.             94      IN      A       172.217.20.14

 

If it's successful then you probably have something else in your network blocking the equinox.io domain.

Maybe cuz it's ".io" which isn't a typical domain, I have seen these being arbitrarily / errorneously blocked.

 

If it's not sucessful then your docker network is probably the problem. That would be quite a bit harder to fix.

 

 

 

 

This was my output:

# dig @127.0.0.1 google.com
; <<>> DiG 9.11.5-P4-5.1+deb10u2-Debian <<>> @127.0.0.1 google.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 33845
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: ffc3245ab568ee35 (echoed)
;; QUESTION SECTION:
;google.com.                    IN      A
;; Query time: 1151 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Sep 08 06:31:18 CDT 2020
;; MSG SIZE  rcvd: 51
# 

I also verified that equinox.io resolves in a browser. Appears to be something with the Docker network. You've given me something to work with. Thanks again!

Edited by JasonM
Link to comment

Update (16/09/2020):

  • Added Pi-Hole with DoT
  • Made changes so Pi-Hole-based dockers work on both Raspberry Pi and Unraid
  • Fixed various missing TemplateURL
  • Ponder if I should make a Pi-Hole with both DoH and DoT (cuz that's what I run on my actual RPi4)

 

 

10 hours ago, jmbailey2000 said:

I might have missed it but can't seem to add more then a single torrent link at a time in the Add Link URL field. It takes multiples and appears to see multiples but only recognizes/adds the first link. 

 

Is there a way to paste a block of links in to ruTorrent?

 

Thanks!

 

Perhaps see if this works?

 

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.