$ hostnamectl
Static hostname: pihole1
Icon name: computer
Operating System: Raspbian GNU/Linux 11 (bullseye)
Kernel: Linux 5.10.63-v7l+
Architecture: arm
Configuration summary:
Fresh install of Raspberry Pi OS Lite 5.10
Static IP assigned
Install Docker and Docker-Compose
Set up .env file for container variables in /srv/pihole/ as here:
# User ID and Group ID
PUID=1000
PGID=1000
# Timezone from https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
TZ=America/Edmonton
# Application Details
WEBPASSWORD=[password]
DIRECTORY_PIHOLE=/srv/pihole/etc-pihole/
DIRECTORY_DNSMASQ=/srv/pihole/etc-dnsmasq.d/
When querying pihole in the docker container I can see that the DNS server won't stay up:
$ sudo docker exec -it pihole bash
root@id-pihole1:/# pihole status
[✗] DNS service is NOT listening
root@id-pihole1:/# pihole restartdns
[✓] Restarting DNS server
root@id-pihole1:/# pihole status
[✗] DNS service is NOT listening
I expect this is because something else is listening on port 53 on the bare metal OS. Netstat indicates that 53 is just bound to docker, so I can't work out the issue:
I have done a lot of investigation into this and there isn't an easily found solution. I assume I need to disable DNS on my Raspberry Pi so port 53 can be made available to the docker container. According to the Github and Docker readme files, there is a documented method of disabling systemd-resolved but are the instructions here suitable for Raspberry Pi OS? I know both Ubuntu and RPiOS are Debian flavours, but...
Can the support crew have a look at the logs to confirm this, and if so is there a guide to disabling DNS for Raspbian bullseye?
I have the same issue. It appears to have started when I updated to the latest Docker build overnight.
There is an Enable menu option in the web interface. When I press it, the status changes to "Running". But as soon as I refresh the page, the status returns to "DNS is not running".
But the issue is cosmetic only, right? The dns runs the api just isn't picking it up, so if I don't mind that I don't have to give it the sys_ptrace cap if I understand it correctly?
Seen this running on my setup as well (Docker Container). Again so far as I can figure out it is working but the interface is unhappy. Option to re-enable works, but shows as 'DNS service not running' on each page change/refresh.
First time installer and got the same thing here. Installed on Windows docker'd WSL. Everything seems to be running, but GUI says DNS Service is not running. Bash sudo service pihole-FTL status shows a proper uptime
After my attempt to fix this yesterday my Raspberry Pi 4B was left in an altered state (I had disabled and enabled some system daemons, and messed with some hosts files). I decided to quickly reinstall the image and performed the following steps:
Fresh install of Raspberry Pi OS Lite 5.10
Use sudo raspi-config to set initial configuration
Perform apt-get update and apt-get dist-upgrade
Assign the same static IP to ethernet and wireless adapters
Enable SSH access
Configure shared network folders
Install Docker and Docker-Compose and add user pi to docker admin group
Set up .env file for container variables in /srv/pihole/
Set up docker-compose.yml in /srv/pihole/
Started container with sudo docker-compose up -d
This resulted in the following output from docker-compose logs pihole:
$ docker-compose logs pihole
Attaching to pihole
pihole | [s6-init] making user provided files available at /var/run/s6/etc...exited 0.
pihole | [s6-init] ensuring user provided files have correct perms...exited 0.
pihole | [fix-attrs.d] applying ownership & permissions fixes...
pihole | [fix-attrs.d] 01-resolver-resolv: applying...
pihole | [fix-attrs.d] 01-resolver-resolv: exited 1.
pihole | [fix-attrs.d] done.
pihole | [cont-init.d] executing container initialization scripts...
pihole | [cont-init.d] 20-start.sh: executing...
pihole | ::: Starting docker specific checks & setup for docker pihole/pihole
pihole |
pihole | [i] Installing configs from /etc/.pihole...
pihole | [i] Existing dnsmasq.conf found... it is not a Pi-hole file, leaving alone!
[✓] Installed /etc/dnsmasq.d/01-pihole.conf
[✓] Installed /etc/dnsmasq.d/06-rfc6761.conf
pihole | Existing DNS servers detected in setupVars.conf. Leaving them alone
pihole | ::: Pre existing WEBPASSWORD found
pihole | DNSMasq binding to default interface: eth0
pihole | Added ENV to php:
pihole | "PIHOLE_DOCKER_TAG" => "2022.01",
pihole | "PHP_ERROR_LOG" => "/var/log/lighttpd/error.log",
pihole | "ServerIP" => "0.0.0.0",
pihole | "CORS_HOSTS" => "",
pihole | "VIRTUAL_HOST" => "0.0.0.0",
pihole | Using IPv4 and IPv6
pihole | ::: setup_blocklists now setting default blocklists up:
pihole | ::: TIP: Use a docker volume for /etc/pihole/adlists.list if you want to customize for first boot
pihole | ::: Blocklists (/etc/pihole/adlists.list) now set to:
pihole | https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
pihole | ::: Testing pihole-FTL DNS: FTL started!
pihole | ::: Testing lighttpd config: Syntax OK
pihole | ::: All config checks passed, cleared for startup ...
pihole | ::: Enabling Query Logging
pihole | [i] Enabling logging...
[✓] Logging has been enabled!
pihole | ::: Docker start setup complete
pihole | Checking if custom gravity.db is set in /etc/pihole/pihole-FTL.conf
pihole | Pi-hole version is v5.7 (Latest: v5.7)
pihole | AdminLTE version is v5.9 (Latest: v5.9)
pihole | FTL version is v5.12.1 (Latest: v5.12.1)
pihole | Container tag is: 2022.01
pihole | [cont-init.d] 20-start.sh: exited 0.
pihole | [cont-init.d] done.
pihole | [services.d] starting services
pihole | Starting lighttpd
pihole | Starting crond
pihole | [services.d] done.
pihole | Starting pihole-FTL (no-daemon) as root
Further confirmation is found by querying the status inside the docker container:
$ sudo docker exec -it pihole bash
root@pihole1:/# pihole status
[✓] DNS service is listening
[✓] UDP (IPv4)
[✓] TCP (IPv4)
[✓] UDP (IPv6)
[✓] TCP (IPv6)
[✓] Pi-hole blocking is enabled
Additionally, the web interface reports that the service is Active, and the "Enable" button disappears.
The use of DNSMASQ_USER fixes this problem but a further question remains - is this to be the expected approach in future and if so, should the docker documentation be updated to reflect this?