I use Pi-hole on a Raspberry Pi as a Docker container. When I stop the Pi-Hole container manually I can't start it again, always get the Failure "Request failed with status code 403". I have to click on duplicate and then deploy the container without changing anything, Pi-Hole will start again.
Pi-Hole also doesn't start again automatically if I restart the Raspberry Pi or Watchtower just changed the Pi-Hole image. What can I do to enable a automatically restart? RESTART POLICIES is set to Always of course.
I don't have Portainer, but that error message seems to suggest one wouldn't be able to just run Docker's CLI when using Portainer, unless Portainer would somehow expose its configuration details for a container to be consumed by Docker directly.
Either that, or something could be off with your container's network configuration.
In that latter case, I'd have expected Portainer to show the same Error response from daemon you've encountered via CLI.
The 403 response code you see instead would point to some kind of permission issue, which makes it look more like a Portainer specific issue.
Maybe someone running Portainer will be able to help you further.
You could also consider to consult Portainer's support for more knowledgable advice.
I see only entries for stopping the container in the Log, but I tried to start it without success. So again I click on Duplicate/Edit, Deploy the container and overwrite everyhing without any change, then the container start again:
[i] List stayed unchanged
[i] Building tree...
[✓] Building tree
[i] Swapping databases...
[✓] Swapping databases
[✓] The old database remains available
[i] Number of gravity domains: 2177800 (1831257 unique domains)
[i] Number of exact blacklisted domains: 0
[i] Number of regex blacklist filters: 0
[i] Number of exact whitelisted domains: 16
[i] Number of regex whitelist filters: 0
[i] Flushing DNS cache...
[✓] Flushing DNS cache
[i] Cleaning up stray matter...
[✓] Cleaning up stray matter
[✓] FTL is listening on port 53
[✓] UDP (IPv4)
[✓] TCP (IPv4)
[✓] UDP (IPv6)
[✓] TCP (IPv6)
[✓] Pi-hole blocking is enabled
Pi-hole version is v5.17.1 (Latest: v5.17.1)
AdminLTE version is v5.20.1 (Latest: v5.20.1)
FTL version is v5.23 (Latest: v5.23)
Container tag is: 2023.05.2
s6-rc: info: service legacy-services: stopping
s6-rc: info: service legacy-services successfully stopped
s6-rc: info: service _postFTL: stopping
s6-rc: info: service _postFTL successfully stopped
s6-rc: info: service lighttpd: stopping
s6-rc: info: service lighttpd successfully stopped
s6-rc: info: service pihole-FTL: stopping
s6-rc: info: service pihole-FTL successfully stopped
s6-rc: info: service _startup: stopping
s6-rc: info: service _startup successfully stopped
s6-rc: info: service _uid-gid-changer: stopping
s6-rc: info: service _uid-gid-changer successfully stopped
s6-rc: info: service cron: stopping
s6-rc: info: service cron successfully stopped
s6-rc: info: service legacy-cont-init: stopping
s6-rc: info: service legacy-cont-init successfully stopped
s6-rc: info: service fix-attrs: stopping
s6-rc: info: service fix-attrs successfully stopped
s6-rc: info: service s6rc-oneshot-runner: stopping
s6-rc: info: service s6rc-oneshot-runner successfully stopped
Next time it refuses to start, please copy all the logs and paste here. I hope we find the reason on the logs.
You can also turn on the "Display timestamps" control. This would show the time when the container stopped.
The log shows the container was stopped.
Did you stop the container on purpose or did it stop by itself?
I think (90% sure) this is causing the error message:
I still don't know how the container is working when you initially start it, but this is very likely the issue.
You should not use the netConf network.
Looking at the image:
net is the macvlan network (you should use this one) and
netConf is a template configuration for the other network. There is no network driver attached to it (the driver column is showingnull).
Recreate the container using only the macvlan (net) network.
After the container finishes starting, stop it and then verify if it starts again.
On more thing: You don't need to set ports when using macvlan. They are actually ignored with macvlan.
This network mode creates the container with its own IP and every port is already accessible.
It is, but when I try to leave the network I get "Failure container xxx is not connected to network netConf". So I guess I have to stop the container, then delete netConfig and net and create a new net?
It was half a year ago, but according to the tutorial I mentioned before, I did that.
Edit: I guess I solved it. I deleted the old net and netConfig networks and create both new with exactly the same details. Then redeployed the pihole container and now I can start and stop the container as it should be. Thank you for your help.