Hello, in the docker documentation these two options seem to be set to true by default
DNS_FQDN_REQUIRED: true
DNS_BOGUS_PRIV: true
But if I don't put them in the docker-compose explicitly, they are not used
And one question, I use the option
DNSMASQ_LISTENING: local
How to know the interface ?
Please share your docker-compose file.
services:
pihole:
container_name: pihole
image: pihole/pihole:latest
hostname: pihole
network_mode: "host"
environment:
TZ: 'Europe/Paris'
DHCP_ACTIVE: "true"
DHCP_ROUTER: 192.168.1.1
DHCP_START: 192.168.1.x
DHCP_END: 192.168.1.x
WEBPASSWORD:
WEBTHEME: "default-darker"
DNSMASQ_LISTENING: local
DNS_FQDN_REQUIRED: true
DNS_BOGUS_PRIV: true
INTERFACE: eno1
volumes:
- './etc-pihole:/etc/pihole'
- './etc-dnsmasq.d:/etc/dnsmasq.d'
cap_add:
- NET_ADMIN # Required if you are using Pi-hole as your DHCP server, else not needed
restart: unless-stopped
Your docker-compose does not currently pass an INTERFACE into your Pi-hole container, so setting DNSMASQ_LISTENING to local would have your Pi-hole accept DNS queries from all interfaces that it is aware of. In the case of Docker's host network mode, this would comprise all interfaces of the machine hosting Docker.
Your docker-compose is missing a volume for /etc/dnsmasq.d/.
It would be customary to also mount that, in order to persist configuration changes as initiated via Pi-hole's UI.
With regard to your observation:
Could you check /etc/dnsmasq.d/01-pihole.conf within(!) your container for the existence of domain-needed and bogus-priv options while omitting them from your config?
Thanks for your help, so I have to use these two parameters together?
DNSMASQ_LISTENING: local
INTERFACE: eno1
On my host machine, eno1 is the interface with the inet assigned
I edited the docker compose it was copied incorrectly, how can I make it persistent ?
domain-needed and bogus-priv are not present in the /etc/dnsmasq.d/01-pihole.conf within the container if i remove the options in the docker-compose.yml
That would depend on your personal requirements.
Pi-hole would default to local listening, and that commonly works for most dockered Pi-holes.
You'd usually add an interface if you'd plan to switch to one of the other listening modes, and/or if your Docker's network driver in conjunction with other services would make restricting to a specific interface desirable for your environment.
If you do not have any special requirements, it should not be necessary to provide an INTERFACE - you should be fine with the defaults.
As far as DNS_FQDN_REQUIRED and DNS_BOGUS_PRIV are concerned, your observation seems to suggest that indeed the documentation would differ from actual behaviour.
@Promofaux, it would seem the current v5 image would not populate DNS_FQDN_REQUIRED and DNS_BOGUS_PRIV with true as documented?
I'm not able to test it right now (it's Saturday night and it's late), but reading the code I think the default values are set when the environment variables are empty.
The startup script sources basic-install.sh script:
If no values are initially set, then the default value (true) are set by these lines (in basic-install.sh):
And these lines finally save the values in SetupVars.conf:
I don't remember any similar complaints, but this doesn't mean your observation is wrong.
Let's wait for PromoFaux's answer. Maybe he has a more detailed explanation.
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.