Docker version - Githubissues

godshades commented 2 years ago

Hi, thanks for a great project Would you mind if make a docker version of this pj Or tutorial how to use with adguard (docker)

oijkn commented 2 years ago

Then if you are in a 192.168.100.0/24 subnet you have to adapt the network configuration accordingly. So you have to replace 192.168.1.xxx by 192.168.100.xxx. I guess your gateway should be 192.168.100.1, right?

@trinib like as said before, you have to adapt network configuration with your subnet.

@Monirzadeh I will try to embed the service cron in adguardhome to avoid the problem with creating default network.

trinib commented 2 years ago

@oijkn i tried that already and i got

Monirzadeh commented 2 years ago

@oijkn i tried that already and i got

@trinib

can you post complete network part of your config that you get this error

trinib commented 2 years ago

it is the same config file i just change network

Monirzadeh commented 2 years ago

.........
.........
    networks:
      macvlan0:
        ipv4_address: 192.168.100.11  # IP of the container
.....
.....
networks:
  macvlan0:
    driver: macvlan
    driver_opts:
      parent: eth0
    ipam:
      config:
        - subnet: 192.168.100.0/24      # Subnet of the container
          gateway: 192.168.100.1        # Gateway of the container
          ip_range: 192.168.100.10/28  # Usable Host IP Range: 192.168.1.97 - 192.168.100.110
          aux_addresses:
            rpi-srv: 192.168.100.10    # Reserved for RPi Server

it is "exactly" like above?

trinib commented 2 years ago

yea

oijkn commented 2 years ago

@oijkn i tried that already and i got

@trinib Use docker-compose down and try to run docker-compose up -d or try to docker network rm the network that was previously created.

trinib commented 2 years ago

@oijkn why do you have a - in the middle ? how did you install docker?

Monirzadeh commented 2 years ago

@oijkn why do you have a - in the middle ? how did you install docker?

https://docs.docker.com/compose/reference/

trinib commented 2 years ago

@oijkn i still get after changing to 192.168.100.xxx

trinib commented 2 years ago

@oijkn why do you have a - in the middle ? how did you install docker?

docs.docker.com/compose/reference

i use docker compose up -d .. with no dash

trinib commented 2 years ago

@oijkn i know this is some simple issue . your not giving much to work with ..

Monirzadeh commented 2 years ago

@oijkn i know this is some simple issue . your not giving much to work with ..

before run that command be sure docker network ls has only bridge host and none

oijkn commented 2 years ago

@oijkn why do you have a - in the middle ? how did you install docker?

docs.docker.com/compose/reference

i use docker compose up -d .. with no dash

The -d option if for detached mode (run containers in the background).

trinib commented 2 years ago

@oijkn why do you have a - in the middle ? how did you install docker?

docs.docker.com/compose/reference

i use docker compose up -d .. with no dash

The -d option if for detached mode (run containers in the background).

no not -d .. docker-compose

oijkn commented 2 years ago

@oijkn why do you have a - in the middle ? how did you install docker?

docs.docker.com/compose/reference

i use docker compose up -d .. with no dash

The -d option if for detached mode (run containers in the background).

no not -d .. docker-compose

I don't understand, sorry. To use docker-compose.yml file you need to install docker-compose in your Raspberry Pi (a lot of tuto over internet). Or use Portainer to manage this stack 😉

trinib commented 2 years ago

can you please show how YOU installed docker.

trinib commented 2 years ago

@oijkn im gonna try a different method and see.. I will let you know

oijkn commented 2 years ago

can you please show how YOU installed docker.

@trinib try this tuto : https://dev.to/elalemanyo/how-to-install-docker-and-docker-compose-on-raspberry-pi-1mo

trinib commented 2 years ago

@oijkn same Restarting (255) issue. freshly installed pi os

oijkn commented 2 years ago

@oijkn same Restarting (255) issue. freshly installed pi os

@trinib to avoid any network configuration problem, can you post the result of the following commands :

ip a
ip route list
dig 1.1.1.1 | grep "SERVER:"
docker ps
docker network ls

And also post the content of the docker-compose.yml and network/interfaces.d/eth0 files.

oijkn commented 2 years ago

@Monirzadeh I just pushed the new version without the cron service in the docker-compose (which will solve your problem Creating network "adguardhome-doh-dot_default"), you have to clone the new project from Github and pul new image from dockerhub.

trinib commented 2 years ago

@oijkn

# Ethernet interface (eth0)
allow-hotplug eth0
iface eth0 inet static
    address 192.168.100.100
    netmask 255.255.255.0
    gateway 192.168.100.1
    dns-nameservers 192.168.100.110

    # create a new network macvlan interface on top of eth0
    pre-up ip link add macvlan-shim link eth0 type macvlan mode bridge

    # assign an IP and the network space to the new network interface
    pre-up ip addr add 192.168.100.99/32 dev macvlan-shim

    # bring up the new network interface
    up ip link set macvlan-shim up

    # add a route to the container
    post-up ip route add 192.168.100.110/32 dev macvlan-shim

version: "2"

services:
  adguardhome:
    image: oijkn/adguardhome-doh-dot:latest
    container_name: adguardhome
    hostname: rpi-adguard
    environment:
      - PUID=1000
      - PGID=100
      - TZ=Europe/Paris
      - LANG=fr_FR.UTF8
      - LANGUAGE=fr_FR.UTF8
    tmpfs:
      - /run
      - /run/lock
      - /tmp
#    labels:
#      - "com.centurylinklabs.watchtower.enable=true"
    volumes:
      - /sys/fs/cgroup:/sys/fs/cgroup:ro
      - /home/pi/adguardhome-doh-dot/adguardhome/conf:/opt/AdGuardHome/conf
      - /home/pi/adguardhome-doh-dot/adguardhome/work:/opt/AdGuardHome/work
      - /home/pi/adguardhome-doh-dot/unbound/root.hints:/var/lib/unbound/root.hints
    cap_add:
      - NET_ADMIN
    networks:
      macvlan0:
        ipv4_address: 192.168.100.110  # IP of the container
    restart: unless-stopped

networks:
  macvlan0:
    driver: macvlan
    driver_opts:
      parent: eth0
    ipam:
      config:
        - subnet: 192.168.100.0/24      # Subnet of the container
          gateway: 192.168.100.1        # Gateway of the container
          ip_range: 192.168.100.100/28  # Usable Host IP Range: 192.168.1.97 - 192.168.1.110
          aux_addresses:
            rpi-srv: 192.168.100.100    # Reserved for RPi Server

oijkn commented 2 years ago

@trinib your network configuration is not good, I will give you the good one.

Edit: @trinib your ip address is not good to make range, the easiest way is to change the ip address of your rasp from 192.168.100.192 to 192.168.100.100

Monirzadeh commented 2 years ago

@Monirzadeh I just pushed the new version without the cron service in the docker-compose (which will solve your problem Creating network "adguardhome-doh-dot_default"), you have to clone the new project from Github and pul new image from dockerhub.

@trinib i remove cron part but again get this error

failed to deploy a stack: Creating Adguardhome ... [1A[2K Creating Adguardhome ... [31merror[0m [1B ERROR: for Adguardhome Cannot start service adguardhome: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error mounting "/containersFiles/unbound/root.hints" to rootfs at "/var/lib/unbound/root.hints": mount /containersFiles/unbound/root.hints:/var/lib/unbound/root.hints (via /proc/self/fd/6), flags: 0x5000: not a directory: unknown: Are you trying to mount a directory onto a file (or vice-versa)? Check if the specified host path exists and is the expected type ERROR: for adguardhome Cannot start service adguardhome: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error mounting "/containersFiles/unbound/root.hints" to rootfs at "/var/lib/unbound/root.hints": mount /containersFiles/unbound/root.hints:/var/lib/unbound/root.hint

this is my compose file something is wrong with this part

 - /containersFiles/unbound/root.hints:/var/lib/unbound/root.hints

but i don't know what it is

version: "2"                                                           # Docker Compose version for Portainer

services:
  adguardhome:
    image: oijkn/adguardhome-doh-dot:latest
    container_name: Adguardhome
    hostname: rpi-adguard
    environment:
      - PUID=1000                                                      # User ID (UID)
      - PGID=100                                                       # Group ID (GID)
      - TZ=Europe/London                                                 # Timezone
      - LANG=en_US.UTF8                                                # Language
      - LANGUAGE=en_US.UTF8                                            # Language (same as LANG)
    tmpfs:
      - /run
      - /run/lock
      - /tmp
#    labels:
#      - "com.centurylinklabs.watchtower.enable=true"                  # Watchtower (auto update)
    volumes:
      - /sys/fs/cgroup:/sys/fs/cgroup:ro
      - /containersFiles/adguardhome/conf:/opt/AdGuardHome/conf          # Configure '<path_to_data>' to your needs
      - /containersFiles/adguardhome/work:/opt/AdGuardHome/work          # Configure '<path_to_data>' to your needs
      - /containersFiles/unbound/root.hints:/var/lib/unbound/root.hints  # Configure '<path_to_data>' to your needs
    cap_add:
      - NET_ADMIN
    networks:
      - MyMacVlan

    restart: unless-stopped
networks:
  MyMacVlan:
    external: true

old image removed and portainer get new one. network not created anymore :+1:

oijkn commented 2 years ago

@Monirzadeh so the new docker image works for you? 😊

Monirzadeh commented 2 years ago

@Monirzadeh so the new docker image works for you? blush

@oijkn not completely. it just crated but not starting

get this error while deploy

failed to deploy a stack: Creating Adguardhome ... [1A[2K Creating Adguardhome ... [31merror[0m [1B ERROR: for Adguardhome Cannot start service adguardhome: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error mounting "/containersFiles/unbound/root.hints" to rootfs at "/var/lib/unbound/root.hints": mount /containersFiles/unbound/root.hints:/var/lib/unbound/root.hints (via /proc/self/fd/6), flags: 0x5000: not a directory: unknown: Are you trying to mount a directory onto a file (or vice-versa)? Check if the specified host path exists and is the expected type ERROR: for adguardhome Cannot start service adguardhome: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error mounting "/containersFiles/unbound/root.hints" to rootfs at "/var/lib/unbound/root.hints": mount /containersFiles/unbound/root.hints:/var/lib/unbound/root.hint

oijkn commented 2 years ago

@Monirzadeh can you type tree /containersFiles/ and post result?

Monirzadeh commented 2 years ago

tree /containersFiles/

@oijkn

tree adguardhome/ unbound/
adguardhome/
├── conf
└── work
unbound/
└── root.hints

other folder in containersFiles is related to other container

oijkn commented 2 years ago

@Monirzadeh like is written in the guide in my github repo, you need to clone it and then put the path to docker-compose.yml file. In the result of the tree command I don't see all needed directories/files.

Monirzadeh commented 2 years ago

@oijkn is there any way to do that all inside portainer?

oijkn commented 2 years ago

Portainer is a tool to manage only stack or container. You can't use git commands.

From your host, you must git clone my repo, to have all needed files/conf for running the stack.

You can git clone repo from your /containersFiles directory, that will create a subfolder adguardhome-doh-dot.

Monirzadeh commented 2 years ago

Portainer is a tool to manage only stack or container. You can't use git commands.

From your host, you must git clone my repo, to have all needed files/conf for running the stack.

You can git clone repo from your /containersFiles directory, that will create a subfolder adguardhome-doh-dot.

@oijkn i do this steps: 1 - i clone your repository in containersFiles/adguardhome-doh-dot

deploy this stack in portainer


version: "2"                                                           # Docker Compose version for Portainer

services: adguardhome: image: oijkn/adguardhome-doh-dot:latest container_name: Adguardhome hostname: rpi-adguard environment:

PUID=1000 # User ID (UID)
PGID=100 # Group ID (GID)
TZ=Eroup/London # Timezone
LANG=en_US.UTF8 # Language
LANGUAGE=en_US.UTF8 # Language (same as LANG) tmpfs:
/run
/run/lock
/tmp
labels:

- "com.centurylinklabs.watchtower.enable=true" # Watchtower (auto update)

volumes:
/sys/fs/cgroup:/sys/fs/cgroup:ro
/containersFiles/adguardhome-doh-dot/adguardhome/conf:/opt/AdGuardHome/conf # Configure '' to your needs
/containersFiles/adguardhome-doh-dot/adguardhome/work:/opt/AdGuardHome/work # Configure '' to your needs
/containersFiles/adguardhome-doh-dot/unbound/root.hints:/var/lib/unbound/root.hints # Configure '' to your needs cap_add:
NET_ADMIN networks:
MyMacVlan

restart: unless-stopped networks: MyMacVlan: external: true
```
it is tree of adguardhome-doh-dot
```
adguardhome-doh-dot/ ├── adguardhome │ ├── conf │ └── work ├── cloudflare │ └── cloudflared.service ├── crontab │ └── root ├── distribution │ └── Dockerfile ├── docker-compose.yml ├── LICENSE ├── network │ ├── interfaces │ └── interfaces.d │ └── eth0 ├── README.md ├── stubby │ └── stubby.yml └── unbound ├── root.hints └── unbound.conf

container deploy without error but is is not work.
i cant attach to that in log i have bellow masseage

No log line matching the '' filter


**Update:**
i clone repository and run that from terminal but again same result.

Before running our DNS resolvers, it is a good idea to turn off systemd-resolved.

Edit the file /etc/systemd/resolved.conf as below :+1:


above part from read me is necessary or optional?

oijkn commented 2 years ago

@Monirzadeh what's the result of the command : docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' adguardhome.

For example if it's 192.1.68.1.110, then you have to open your web browser to http://192.168.1.110:3000 and follow the installation wizard.

To answer to your question, editing /ets/systemd/resolved.conf it's recommended from @trinib guide.

Monirzadeh commented 2 years ago

@Monirzadeh what's the result of the command : docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' adguardhome.

For example if it's 192.1.68.1.110, then you have to open your web browser to http://192.168.1.110:3000 and follow the installation wizard.

To answer to your question, editing /ets/systemd/resolved.conf it's recommended from @trinib guide.

it is return nothing

docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' Adguardhome

in portainer that not get ip.

i am not sure but how should i change containersFiles/adguardhome-doh-dot/network/interfaces.d/eth0 if it is my details of MyMacVlan?

IPV4 Subnet - 192.168.1.0/26
IPV4 Gateway - 192.168.1.1
IPV4 IP range - 192.168.1.2/24
my device name is enp1s3

should i change eth0 to enp1s3 or something like that?

update: is it wrong?

# Ethernet interface (eth0)
allow-hotplug enp2s0
iface enp2s0 inet static
    address 192.168.1.15
    netmask 255.255.255.0
    gateway 192.168.1.1
    dns-nameservers 192.168.1.16

    # create a new network macvlan interface on top of eth0
    pre-up ip link add macvlan-shim link eth0 type macvlan mode bridge

    # assign an IP and the network space to the new network interface
    pre-up ip addr add 192.168.1.2/24 dev MyMacVlan

    # bring up the new network interface
    up ip link set MyMacVlan up

    # add a route to the container
    post-up ip route add 192.168.1.2/24 dev MyMacVlan

To answer to your question, editing /ets/systemd/resolved.conf it's recommended from @trinib guide.

so for now it is not the problem

trinib commented 2 years ago

@oijkn do you think i have some permission issue ?

oijkn commented 2 years ago

@Monirzadeh you have to leave the default docker interface at eth0.

Try to use this conf :

# Ethernet interface (eth0)
allow-hotplug eth0
iface eth0 inet static
    address 192.168.1.15
    netmask 255.255.255.0
    gateway 192.168.1.1
    dns-nameservers 192.168.1.16

    # create a new network macvlan interface on top of eth0
    pre-up ip link add macvlan-shim link eth0 type macvlan mode bridge

    # assign an IP and the network space to the new network interface
    pre-up ip addr add 192.168.1.14/32 dev macvlan-shim

    # bring up the new network interface
    up ip link set macvlan-shim up

    # add a route to the container
    post-up ip route add 192.168.1.xxx/32 dev macvlan-shim     <<==== replace xxx by the IP address of your host

Monirzadeh commented 2 years ago

@Monirzadeh you have to leave the default docker interface at eth0.

Try to use this conf :

# Ethernet interface (eth0)
allow-hotplug eth0
iface eth0 inet static
    address 192.168.1.15
    netmask 255.255.255.0
    gateway 192.168.1.1
    dns-nameservers 192.168.1.16

    # create a new network macvlan interface on top of eth0
    pre-up ip link add macvlan-shim link eth0 type macvlan mode bridge

    # assign an IP and the network space to the new network interface
    pre-up ip addr add 192.168.1.14/32 dev macvlan-shim

    # bring up the new network interface
    up ip link set macvlan-shim up

    # add a route to the container
    post-up ip route add 192.168.1.xxx/32 dev macvlan-shim     <<==== replace xxx by the IP address of your host

@oijkn i test that and this not work

Monirzadeh commented 2 years ago

is it possible docker get variable environment from user and generate automatically all config files that it need? or some health check mechanism that clarify the problem?

trinib commented 2 years ago

@trinib your network configuration is not good, I will give you the good one.

Edit: @trinib your ip address is not good to make range, the easiest way is to change the ip address of your rasp from 192.168.100.192 to 192.168.100.100

@oijkn

oijkn commented 2 years ago

Ok, I must investigate how to add some logs.... I'm sorry but in my Rasp PI all works good...

@trinib & @Monirzadeh In the meantime, can you give me the result of the command : docker exec adguardhome journalctl

Monirzadeh commented 2 years ago

@oijkn container is runnig but i get this error

Error response from daemon: Container 16c247e132c13216349815da286faee08faf3268a810c797b1199b770466ba45 is restarting, wait until the container is running

is it possible to move all the config(in your git repository) to the container image?

oijkn commented 2 years ago

@oijkn container is runnig but i get this error
Error response from daemon: Container 16c247e132c13216349815da286faee08faf3268a810c797b1199b770466ba45 is restarting, wait until the container is running
is it possible to move all the config(in your git repository) to the container image?

It's not a good idea because people will want/need to edit config depending their needs.

Monirzadeh commented 2 years ago

@oijkn container is runnig but i get this error
Error response from daemon: Container 16c247e132c13216349815da286faee08faf3268a810c797b1199b770466ba45 is restarting, wait until the container is running
is it possible to move all the config(in your git repository) to the container image?
It's not a good idea because people will want/need to edit config depending their needs.

i mean remove step that need to clone repository config files came with image and people can edit them after running or with environment variable. in this way always we have a docker that always run correctly and people can config that too

trinib commented 2 years ago

@oijkn

trinib commented 2 years ago

@oijkn were you using pi OS desktop or lite when testing docker?

oijkn commented 2 years ago

docker exec adguardhome journalctl

I'm using the lite version. For your info I'm starting from scratch based on the official AdGuardHome docker image, I try to integrate third party applications like Unbound, Cloudflared etc...

I'll keep you posted as soon as it's ready because it's a lot of work and testing.

trinib commented 2 years ago

docker exec adguardhome journalctl

I'm using the lite version. For your info I'm starting from scratch based on the official AdGuardHome docker image, I try to integrate third party applications like Unbound, Cloudflared etc...

I'll keep you posted as soon as it's ready because it's a lot of work and testing.

thanks. It has to be a network thing.

ps

64bit OS does work on Pi4 20220528_122955

trinib commented 2 years ago

@oijkn before I forget. You left out DNSStubListener. It's like saying to turn of systemd-resolved service when is just its DNSStubListener feature. It should be like systemd-resolved - DNSStubListener. .

oijkn commented 2 years ago

@oijkn before I forget. You left out DNSStubListener. It's like saying to turn of systemd-resolved service when is just its DNSStubListener feature. It should be like systemd-resolved - DNSStubListener. .

In the guide, it's indicated to modify the value of DNSStubListener to no

Screenshot_20220529_101918_com.github.android_edit_235018174617263.jpg

trinib / AdGuard-WireGuard-Unbound-DNScrypt

Docker version #8

labels:

- "com.centurylinklabs.watchtower.enable=true" # Watchtower (auto update)