PiHole docker container is now encountering a start/stop/restart loop

Help docker
1

Here’s my container log. I’m not sure when this started happening. It might have been after upgrading Ubuntu. What’s standing out in this log is dnsmasq: cannot read /etc/dnsmasq.conf: Permission denied

Any suggestions?


 ::: Starting docker specific checks & setup for docker pihole/pihole

  [i] Installing configs from /etc/.pihole...
  [i] Existing dnsmasq.conf found... it is not a Pi-hole file, leaving alone!
  [i] Installing /etc/dnsmasq.d/01-pihole.conf...
  [✓] Installed /etc/dnsmasq.d/01-pihole.conf
  [i] Installing /etc/.pihole/advanced/06-rfc6761.conf...
  [✓] Installed /etc/dnsmasq.d/06-rfc6761.conf
Converting DNS1 to PIHOLE_DNS_
Converting DNS2 to PIHOLE_DNS_
Setting DNS servers based on PIHOLE_DNS_ variable
::: Pre existing WEBPASSWORD found
DNSMasq binding to default interface: eth0
Added ENV to php:
			"PIHOLE_DOCKER_TAG" => "2022.01.1",
			"PHP_ERROR_LOG" => "/var/log/lighttpd/error.log",
			"ServerIP" => "0.0.0.0",
			"CORS_HOSTS" => "",
			"VIRTUAL_HOST" => "0.0.0.0",
Using IPv4 and IPv6
::: Preexisting ad list /etc/pihole/adlists.list detected ((exiting setup_blocklists early))
https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts

dnsmasq: cannot read /etc/dnsmasq.conf: Permission denied
::: Testing pihole-FTL DNS: [cont-init.d] 20-start.sh: exited 1.
[cont-finish.d] executing container finish scripts...
[cont-finish.d] done.
[s6-finish] waiting for services.
[s6-finish] sending all processes the TERM signal.
[s6-finish] sending all processes the KILL signal and exiting.
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] 01-resolver-resolv: applying... 
[fix-attrs.d] 01-resolver-resolv: exited 1.
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 20-start.sh: executing... 
 ::: Starting docker specific checks & setup for docker pihole/pihole

  [i] Installing configs from /etc/.pihole...
  [i] Existing dnsmasq.conf found... it is not a Pi-hole file, leaving alone!
  [i] Installing /etc/dnsmasq.d/01-pihole.conf...
  [✓] Installed /etc/dnsmasq.d/01-pihole.conf
  [i] Installing /etc/.pihole/advanced/06-rfc6761.conf...
  [✓] Installed /etc/dnsmasq.d/06-rfc6761.conf
Converting DNS1 to PIHOLE_DNS_
Converting DNS2 to PIHOLE_DNS_
Setting DNS servers based on PIHOLE_DNS_ variable
::: Pre existing WEBPASSWORD found
DNSMasq binding to default interface: eth0
Added ENV to php:
			"PIHOLE_DOCKER_TAG" => "2022.01.1",
			"PHP_ERROR_LOG" => "/var/log/lighttpd/error.log",
			"ServerIP" => "0.0.0.0",
			"CORS_HOSTS" => "",
			"VIRTUAL_HOST" => "0.0.0.0",
Using IPv4 and IPv6
::: Preexisting ad list /etc/pihole/adlists.list detected ((exiting setup_blocklists early))
https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts

dnsmasq: cannot read /etc/dnsmasq.conf: Permission denied
::: Testing pihole-FTL DNS: [cont-init.d] 20-start.sh: exited 1.
[cont-finish.d] executing container finish scripts...
[cont-finish.d] done.
[s6-finish] waiting for services.
[s6-finish] sending all processes the TERM signal.
[s6-finish] sending all processes the KILL signal and exiting.
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] 01-resolver-resolv: applying... 
[fix-attrs.d] 01-resolver-resolv: exited 1.
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 20-start.sh: executing... 
 ::: Starting docker specific checks & setup for docker pihole/pihole

  [i] Installing configs from /etc/.pihole...
  [i] Existing dnsmasq.conf found... it is not a Pi-hole file, leaving alone!
  [i] Installing /etc/dnsmasq.d/01-pihole.conf...
  [✓] Installed /etc/dnsmasq.d/01-pihole.conf
  [i] Installing /etc/.pihole/advanced/06-rfc6761.conf...
  [✓] Installed /etc/dnsmasq.d/06-rfc6761.conf
Converting DNS1 to PIHOLE_DNS_
Converting DNS2 to PIHOLE_DNS_
Setting DNS servers based on PIHOLE_DNS_ variable
::: Pre existing WEBPASSWORD found
DNSMasq binding to default interface: eth0
Added ENV to php:
			"PIHOLE_DOCKER_TAG" => "2022.01.1",
			"PHP_ERROR_LOG" => "/var/log/lighttpd/error.log",
			"ServerIP" => "0.0.0.0",
			"CORS_HOSTS" => "",
			"VIRTUAL_HOST" => "0.0.0.0",
Using IPv4 and IPv6
::: Preexisting ad list /etc/pihole/adlists.list detected ((exiting setup_blocklists early))
https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts

dnsmasq: cannot read /etc/dnsmasq.conf: Permission denied
::: Testing pihole-FTL DNS: [cont-init.d] 20-start.sh: exited 1.
[cont-finish.d] executing container finish scripts...
[cont-finish.d] done.
[s6-finish] waiting for services.
[s6-finish] sending all processes the TERM signal.
[s6-finish] sending all processes the KILL signal and exiting.
2

Please post your docker run command line or docker-compose.yml file.

3

Here it is


version: "3.3"
services:

  pihole:
    container_name: pihole
    domainname: docker
    hostname: ${PIHOLE_HOST}
    image: pihole/pihole:latest #4.2.1
    dns:
      - 127.0.0.1
      - 1.1.1.2
    ports:
      - 53:53/tcp
      - 53:53/udp
      - 80:80
      - 443:443
    restart: unless-stopped
    cap_add:
      - NET_ADMIN
    volumes:
      - ${USERDIR}/${REPODIR}/pihole/pihole:/etc/pihole
      - ${USERDIR}/${REPODIR}/pihole/dnsmasq.d:/etc/dnsmasq.d
      - ${USERDIR}/${REPODIR}/pihole/scripts:/etc/scripts
    environment:
      - VIRTUAL_PORT=80
      - TZ=${TZ}
      - WEBPASSWORD=${PIHOLE_PASSWORD}
      - DNS1=1.1.1.2
      - DNS2=1.0.0.2
    extra_hosts:
      - mariadb:${SERVER_IP}
      - ${DOMAINNAME}:${SERVER_IP}
      - vpn.${DOMAINNAME}:${SERVER_IP}
      - pihole.${DOMAINNAME}:${SERVER_IP}
      - esphome.${DOMAINNAME}:${SERVER_IP}
      - homeassistant.${DOMAINNAME}:${SERVER_IP}
      - c9.${DOMAINNAME}:${SERVER_IP}
      - portainer.${DOMAINNAME}:${SERVER_IP}
      - prowlarr.${DOMAINNAME}:${SERVER_IP}
      - sonarr.${DOMAINNAME}:${SERVER_IP}
      - radarr.${DOMAINNAME}:${SERVER_IP}
      - plex.${DOMAINNAME}:${SERVER_IP}
      - traefik.${DOMAINNAME}:${SERVER_IP}
      - docker.${DOMAINNAME}:${SERVER_IP}
      - qbittorrent.${DOMAINNAME}:${SERVER_IP}
      - tautulli.${DOMAINNAME}:${SERVER_IP}
      - phpmyadmin.${DOMAINNAME}:${SERVER_IP}
      - example.${DOMAINNAME}:${SERVER_IP}
      - example:${SERVER_IP}
      - docker:${SERVER_IP}
      - zwavejs2mqtt:${SERVER_IP}
      - dmz:192.168.0.1
    restart: unless-stopped      

  wg-easy:
    environment:
      - WG_HOST=${WG_HOST}
      - PASSWORD=${WG_PASSWORD}
      - WG_PORT=${WG_PORT}
      - WG_DEFAULT_DNS=172.16.68.1
    image: weejewel/wg-easy
    container_name: wg-easy
    volumes:
      - ${HOME}/${REPODIR}/wg-easy:/etc/wireguard
    ports:
      - "51820:51820/udp"
      - "51821:51821/tcp"
    restart: unless-stopped
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    sysctls:
      - net.ipv4.ip_forward=1
      - net.ipv4.conf.all.src_valid_mark=1

  cloud9:
    image: lscr.io/linuxserver/cloud9
    container_name: cloud9
    environment:
      - PUID=$PUID
      - PGID=$PGID
      - TZ=${TZ}
      - GITURL=https://github.com/linuxserver/docker-cloud9.git #optional
      - USERNAME=${CLOUD9_USER}
      - PASSWORD=${CLOUD9_PASSWORD}
    volumes:
      - $HOME:/code #optional
      - $HOME/${REPODIR}:/workspace #optional
      - /var/run/docker.sock:/var/run/docker.sock #optional
    ports:
      - 8000:8000
    restart: unless-stopped

  portainer:
    image: portainer/portainer-ce:latest
    container_name: portainer
    restart: always
    command: -H unix:///var/run/docker.sock
    ports:
      - 9000:9000
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - ${HOME}/${REPODIR}/portainer/data:/data
    environment:
      - TZ=${TZ}

  cloudflare-ddns:
    image: oznu/cloudflare-ddns:latest
    container_name: cloudflare-ddns
    restart: unless-stopped
    environment:
      - EMAIL=${CLOUDFLARE_EMAIL}
      - API_KEY=${CLOUDFLARE_API_KEY}
      - ZONE=${DOMAINNAME}
      - SUBDOMAIN=${CLOUDFLARE_SUBDOMAIN}
      - PROXIED=false
5

@DanSchaper I reverted to 2021.12.1 and that works. It is the latest tag that doesn’t work, so something must have been introduced after that which is causing the error. How can I report this?

6

If it helps, I’m running Ubuntu 18.04 on a Pine/Rock64 SBC