Pihole Docker no adlists, permissions issue?

Arnoldo_Bertoncini · August 19, 2020, 3:29pm

I've been trying to get the pihole/pihole docker image to run on my RPi4 docker swarm. I can get the GUI up and running. I see the tail pihole log entries flowing, but there are no adlists and it's not possible to add one. The GUI reports:

Error, something went wrong!
While preparing statement: no such table: adlist

There appears to be a problem creating the databases. I've mounted a CIFS folder owned by pi:docker to store the pihole configs for /etc/pihole/ and /etc/dnsmasq.d/

The relevant line from /etc/fstab:

//192.168.1.6/public/docker /mnt/docker cifs _netdev,auto,user=pi,password=xxxxxxxx,rw,uid=pi,gid=docker 0 0

Here's the docker stack config:

version: 3.3
services:
pihole:
image: pihole/pihole:latest
environment:
ServerIP: 192.168.1.5
TZ: America/New_York
WEBPASSWORD: xxxxxxxx
ports:
- 53:53
- 53:53/udp
- 67:67/udp
- 80:80
- 443:443
volumes:
- /mnt/docker/picluster1/etc-pihole:/etc/pihole/
- /mnt/docker/picluster1/etc-dnsmasq.d:/etc/dnsmasq.d/
networks:
- pihole_default
logging:
driver: json-file
networks:
pihole_default:
external: true

I see a lot of "Error: no such table" messages in the docker service logs:

 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [s6-init] making user provided files available at /var/run/s6/etc...exited 0.
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [s6-init] ensuring user provided files have correct perms...exited 0.
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [fix-attrs.d] applying ownership & permissions fixes...
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [fix-attrs.d] 01-resolver-resolv: applying...
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [fix-attrs.d] 01-resolver-resolv: exited 0.
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [fix-attrs.d] done.
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [cont-init.d] executing container initialization scripts...
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [cont-init.d] 20-start.sh: executing...
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) ::: Starting docker specific checks & setup for docker pihole/pihole
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [i] Update local cache of available packages... e[K [✓] Update local cache of available packages
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [i] Existing PHP installation detected : PHP version 7.0.33-0+deb9u8
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1)
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [i] Installing configs from /etc/.pihole...
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [i] Existing dnsmasq.conf found... it is not a Pi-hole file, leaving alone!
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [i] Copying 01-pihole.conf to /etc/dnsmasq.d/01-pihole.conf... e[K [✓] Copying 01-pihole.conf to /etc/dnsmasq.d/01-pihole.conf
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) chown: cannot access '': No such file or directory
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) chmod: cannot access '': No such file or directory
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) chown: cannot access '/etc/pihole/dhcp.leases': No such file or directory
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) Added ENV to php:
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) "PHP_ERROR_LOG" => "/var/log/lighttpd/error.log",
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) "ServerIP" => "192.168.1.5",
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) "VIRTUAL_HOST" => "192.168.1.5",
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) Using IPv4 and IPv6
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) ::: Preexisting ad list /etc/pihole/adlists.list detected ((exiting setup_blocklists early))
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) ::: Testing pihole-FTL DNS: FTL started!
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) ::: Testing lighttpd config: Syntax OK
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) ::: All config checks passed, cleared for startup ...
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) ::: Docker start setup complete
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) Error: no such table: info
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [✗] DNS resolution is currently unavailable
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [i] Time until retry: 120 e[K [i] Time until retry: 120 e[K [i] Time until retry: 119 e[K [i] Time until retry: 118 e[K [i] Time until retry: 117 e[K [i] Time until retry: 116 e[K [i] Time until retry: 115 e[K [i] Time until retry: 114 e[K [i] Time until retry: 113 e[K [i] Time until retry: 112 e[K [✓] DNS resolution is now available
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1)
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [i] Neutrino emissions detected...
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) e[K [✗] Pulling blocklist source list into range
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [i] No source list found, or it is empty
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1)
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [i] Building tree...
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [✗] Unable to build gravity tree in /etc/pihole/gravity_temp.db
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) Error: no such table: main.gravity
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1)
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [✗] Unable to update gravity timestamp in database /etc/pihole/gravity.db
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) Error: near line 2: no such table: info
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) Error: no such table: vw_gravity
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) Error: no such table: vw_gravity
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [i] Number of gravity domains: ( unique domains)
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) Error: near ")": syntax error
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) Error: no such table: vw_blacklist
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [i] Number of exact blacklisted domains:
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) Error: no such table: vw_regex_blacklist
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [i] Number of regex blacklist filters:
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) Error: no such table: vw_whitelist
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [i] Number of exact whitelisted domains:
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) Error: no such table: vw_regex_whitelist
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [i] Number of regex whitelist filters:
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [i] Cleaning up stray matter... e[K [✓] Cleaning up stray matter
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1)
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [✓] DNS service is running
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [✓] Pi-hole blocking is Enabled
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) Pi-hole version is v5.1.2 (Latest: v5.1.2)
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) AdminLTE version is v5.1.1 (Latest: v5.1.1)
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) FTL version is v5.2 (Latest: v5.2)
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [cont-init.d] 20-start.sh: exited 0.
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [cont-init.d] done.
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [services.d] starting services
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) Starting lighttpd
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) Starting pihole-FTL (no-daemon) as root
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) Starting crond
 
 [lt40j ](http://192.168.1.5:888/#/tasks/lt40jemz8w0z0o56aqhpo67ra?log=1) [services.d] done.

That looks like a permission issue. So I listed the folder I'm trying to use:

/mnt/docker/picluster1 $ ls -lh
total 1.0M
-rwxr-xr-x 1 pi docker 805 Aug 18 15:39 docker-compose.pihole.yml
drwxr-xr-x 2 pi docker 0 Aug 19 10:15 etc-dnsmasq.d
drwxr-xr-x 2 pi docker 0 Aug 19 10:15 etc-pihole

I'm doing something stupid, but I'm not sure where. Any ideas?

DanSchaper · August 28, 2020, 11:41pm

8 posts were split to a new topic: Network mounted filesystem for Docker

DanSchaper · August 28, 2020, 11:45pm

A post was merged into an existing topic: Network mounted filesystem for Docker

Arnoldo_Bertoncini · August 29, 2020, 11:40pm

Still not getting anywhere where with this. Any suggestions as to where I should look to resolve it?

diginc · August 31, 2020, 6:43pm

Using network file shares often causes permission issues, yes. the file ACLs can sometimes be the issue. I've seen a couple reports of running docker containers in privileged mode helping with similar issues too.

The issue template on github for docker-pi-hole covers the most common debug steps, I'd skip to the last one where you remove the volumes to see if that helps.

The issue template also has a list of info needed to help diagnose. Swarm has slightly different behaviors than stock dockers that we test on and most users use too.

Arnoldo_Bertoncini · September 1, 2020, 3:47am

I found a post that mentioned copying /etc/pihole/adlists.list to /etc/pihole/migration_backup, then running a gravity update. That got the default adlists to appear. I was then able to import my teleporter backup from my stand-alone pihole.

I rearranged things a bit and moved the shared storage off of CIFS and onto GlusterFS bricks running on USB 3.1 flash drives on each swarm node. I’ve got two of my Docker swarm nodes running pihole. That causes some other complications with the UI and login tokens. But all things considered it’s a workable dual legged solution.

Arnoldo_Bertoncini · September 1, 2020, 3:59am

This post looks promisimg. He used MACVLAN to overcome some of the Docker mesh routing issues.