Closed danlo315 closed 2 years ago
Looks like your run command is missing --dns 127.0.0.1
. Add it in front of your current one so it is primary and 1.1.1.1 is secondary: --dns 127.0.0.1 --dns 1.1.1.1
Adding --dns 127.0.0.1 (or adding --dns
It looks like I was able to isolate the issue to local.list file. If I remove the file before restarting the container, piHole re-runs the gravity lists, recreates the local.list file, and everything is back up and running. My local.list file is:
danlo315, you're a genius (or, at least, appear that way to people who are definitely not geniuses)
This solves the problem we've been having with the Synology docker container as well. (https://discourse.pi-hole.net/t/4-1-dns-service-wont-successfully-restart-on-synology-docker/15561/4)
After a failed restart, I open a shell, delete local.list, and pihole starts up normally at the next attempt.
Hopefully this will help resurrect pihole for us in the next hotfix.
I posted this same issue on the PiHole subreddit. A "permanent" solution is to add --cap-add=NET_ADMIN to the docker run command. I'm not exactly sure why 4.1 requires this capability though.
Awesome! It worked! Rather than wade through the Synology DSM file system, I ended up using a hack to work within the Synology GUI..... notably:
) export json settings of a standard (won't restart) pihole 4.1 container ) edit json file to include "cap_add" : [ "NET_ADMIN" ], *) import edited json file to create new container with high privileges
I'm sure there's a better way, but at least we've got a successfully restarting container now. Cheers.
*) import edited json file to create new container with high privileges
Is it required to run this container with high privileges now? I previously was running an entirely isolated container without high privileges with no issues, but after updating to 4.1 and mapping the config/dnsmasq.d folders outside of the container I'm running into issues executing without high privileges.
Where does this "high privileges" come from? The correct solution is to add --cap-add=NET_ADMIN
to the docker run command as has already been mentioned above.
Is it required to run this container with high privileges now?
At least with NET_ADMIN privilege. Our readme is being updated to reflect this and other common issues with startup : https://github.com/pi-hole/docker-pi-hole/pull/384/files#diff-04c6e90faac2675aa89e2176d2eec7d8
Sorry, that comment was specifically for BigSnicker and in relation specifically to running as a docker container within the Synology DSM environment. High Privileges gives the container root privileges. I'm running into issues running without high privileges even after applying cap-add=NET_ADMIN
Sorry, that comment was specifically for BigSnicker and in relation specifically to running as a docker container within the Synology DSM environment. High Privileges gives the container root privileges. I'm running into issues running without high privileges even after applying cap-add=NET_ADMIN
Yep. I'm no expert and kinda brute forced my way into this hack, but I also needed High Privileges for it to function, which I suspect is probably due to DSM being stingy about letting containers get any privileges above the most basic.
Hopefully someone will know if there's a way to finesse this. My router recently detected my Synology sending traffic to a domain ending in *.su (ex-Soviet Union), which was flagged as suspect.... so I'm not a huge fan of leaving it on high priv. lol
@diginc I know the requirement for NET_ADMIN privilege was removed for for version 4.2.2+ but I believe it is still necessary.
If I do not run it with those privileges it will just be stuck in the [✗] DNS resolution is currently unavailable
loop.
Per one of the earlier comments by @danlo315 I can remove the local.lists
file and it work for the initial boot but not for following restarts, only re-adding the CAP_ADMIN privilege has fixed this.
Hi, I have exactly the same problem. When I start the pihole
--name pihole \
-p 53:53/tcp -p 53:53/udp \
-p 80:80 \
-p 443:443 \
-e TZ="America/Chicago" \
-v "$(pwd)/etc-pihole/:/etc/pihole/" \
-v "$(pwd)/etc-dnsmasq.d/:/etc/dnsmasq.d/" \
--dns=127.0.0.1 --dns=1.1.1.1 \
--cap-add=NET_ADMIN \
--restart=unless-stopped \
pihole/pihole:latest
I'm not able to restart the pihole afther a reboot of the docker container afther a reboot of the os.
The error I get is:
::: Testing pihole-FTL DNS: FTL started!
::: Testing lighttpd config: Syntax OK
::: All config checks passed, cleared for startup ...
::: Docker start setup complete
[i] Pi-hole blocking is enabled
[✗] DNS resolution is currently unavailable
Came here because of Google Search. Same issue.
same issue
Hopefully you're not still running version 4.
Hopefully you're not still running version 4.
Existing DNS servers used (127.0.0.1 & 1.1.1.1)
i tried to modify setupvars.conf DNS1 and DNS 2 but nothing my network is all down
I have pihole on a synology with ip same as the synology and i was getting with ip:8080
i restarted the synology and all dead... i have no idea of what to do
I just downloaded :latest todaty from synology , so i guess i have last version
::: Testing pihole-FTL DNS: sudo: unable to resolve host pihole-pihole1: Connection timed out FTL started! ::: Testing lighttpd config: Syntax OK ::: All config checks passed, cleared for startup ... ::: Docker start setup complete [✗] DNS resolution is currently unavailable
Open a new issue with the template fully filled out, answer every question.
Hello,
I'm running into a new issue (under 4.1) that didn't exist for 4.0. If I create a brand new docker container via command below with a brand new config directory, it works. However, if I perform a restart of the container, I get an error in the log of DNS service not started. I also cannot log into my web console. This is my docker run command:
docker run -d \ --name pihole \ --net=host \ -v "/etc/pihole/:/etc/pihole/" \ -v "/etc/pihole/dnsmasq.d/:/etc/dnsmasq.d/" \ -e ServerIP="serverip" \ -e DNS1=1.1.1.1 -e DNS2=1.0.0.1 \ --dns 1.1.1.1 \ -e WEBPASSWORD= \
--restart=unless-stopped \
pihole/pihole:latest
There must be some command that is written to my /etc/pihole/ directory but I can't seem to figure out what it is.
docker version Client: Version: 17.05.0-ce API version: 1.29 Go version: go1.7.5 Git commit: 89658be Built: Thu May 4 22:10:54 2017 OS/Arch: linux/amd64
Server: Version: 17.05.0-ce API version: 1.29 (minimum version 1.12) Go version: go1.7.5 Git commit: 89658be Built: Thu May 4 22:10:54 2017 OS/Arch: linux/amd64 Experimental: false