The FTL service is offline! on two separate raspi using Docker and unbound

Help
1

(Using a Fritz!Box 7590ax router/modem on FTTN)
Using RasPi 4, Raspberry Pi OS lite (64-bit)

Apps:-
Open Media Vault (OMV) + one USB external drive.
Installed Docker and Portainer from OMV Extras

Installed PiHole + (Mvance) Unbound in a Portainer Stack with this script:-

version: '2'

services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    hostname: PiHole
    #mac_address:  00:1e:06:ad:2f:01
    #cap_add:       # Recommended but not required (DHCP needs NET_ADMIN)
    #  - NET_ADMIN
    ports:
      - 443/tcp
      - 53/tcp
      - 53/udp
      # - 67/udp # Uncomment if you want to use Pi-Hole for DHCP
      - 80/tcp
      - 22/tcp
    environment:
      TZ: Australia/Canberra   
      ServerIP: 192.168.178.201
      WEBPASSWORD: "dietpi"
      DNS1: 192.168.178.202
      DNS2: 192.168.178.202
      #DNS2: 1.0.0.1
      #PROXY_LOCATION: pihole
    volumes:
     - /var/lib/docker/volumes/etc-pihole/_data:/etc/pihole/:rw
      #- /srv/dev-disk-by-label-dataos/docker/pihole/config/hosts:/etc/hosts:ro
      #- /srv/dev-disk-by-label-dataos/docker/pihole/config/resolv.conf:/etc/resolv.conf:ro
     - /var/lib/docker/volumes/etc-dnsmasq.d/_data:/etc/dnsmasq.d/:rw
      #- /srv/dev-disk-by-label-dataos/docker/pihole/config/pihole-FTL.conf:/etc/pihole/pihole-FTL.conf:ro
    networks:
      homepi:
        ipv4_address: 192.168.178.201
    restart: always

  unbound:
    container_name: unbound
    image: mvance/unbound-rpi:latest
    hostname: unbound
    cap_add:
      - NET_ADMIN
    networks:
      homepi:
        ipv4_address: 192.168.178.202
    volumes:
    - /srv/dev-disk-by-label-dataos/docker/unbound:/etc/unbound:rw
    ports:
    - "5053:5053/tcp"
    - "5053:5053/udp"
        # healthcheck:
     # disable: true
    restart: always

  searxng:
    container_name: searxng
    image: searxng/searxng:latest
    hostname: syn-searxng
    #mac_address: 00:1e:06:ad:2f:02
    cap_add:
      - NET_ADMIN
    ports:
      - 8080:8080/tcp
    volumes:
      - /var/lib/docker/volumes/etc-searxng/_data:/etc/searxng:rw
    environment:
      TZ: Australia/Canberra
    networks:
      homepi:
        ipv4_address: 192.168.178.203
    restart: always

networks:
  homepi:                                 # Name of network
    driver: macvlan                       # Use the macvlan network driver
    driver_opts:
      parent: eth0  # Name of the Network Interface (check in OMV GUI in Network >> Interfaces >> Name
    ipam:
      config:
        - subnet: 192.168.178.0/24          # Specify subnet
          gateway: 192.168.178.1            # Gateway address / address of router
          ip_range: 192.168.178.201/30       # 192.168.0.13 and 192.168.0.14

Expected Behaviour:

FTL service not to be stopped / Offline.

FTL version is v5.22 (Latest: v5.22)
Container tag is: 2023.03.0
Stopping pihole-FTL
Stopping pihole-FTL
Stopping pihole-FTL

and

FTL Information

The FTL service is offline!

Actual Behaviour:

I can log into PH on address 192.16.178.201 and using Unbound on IP 192.168.178.203.
(Raspi is on IP 192.168.178.5 for OMV & Portainer).

PiHole appears to be working and I can resolve DNS and get to web sites.

When I 'Restart DNS reslover' from the Settings/sytems PiHole web page I then get this messsage at the top of the page:-

### FTL Information

*******The FTL service is offline!***

Thanks. I have this also on another Pi and get the same;
I deleted the container and recreated - no change
I have reloaded all from a fresh Pi OS install - no change.

Debug Token:

[āœ“] Your debug token is: https://tricorder.pi-hole.net/mPKSHsa3/

2

So, After 59 views (in the Pihole forum???) nobody has any idea on how to fix this?

Am I the only person that has installed PiHole in a container? Any searching I have done has not been able to resolve this issue although there are plenty of instances where the FtL has been stopped and /or the FTL is offline.

3

Sometimes things get missed - staff members are all volunteers and unfortunately "real life" gets in the way from time to time.

Why are you mounting docker named volumes as though they are host mounts?

volumes:
     - /var/lib/docker/volumes/etc-pihole/_data:/etc/pihole/:rw

I'm not saying that's the issue - but it doesn't look right. e.g, in my own I have:

    volumes:
      - pihole_etc_pihole:/etc/pihole/
      - pihole_etc_dnsmasqd:/etc/dnsmasq.d/

# ... other stuff

volumes:
  pihole_etc_pihole:
  pihole_etc_dnsmasqd:

That said:

When I 'Restart DNS reslover ' from the Settings/sytems PiHole web page I then get this messsage at the top of the page:-

I can reproduce this. It seems that the Restart DNS Resolver button from the web interface just doesn't work on the container. I've not got time to debug this fully at the moment, but looking at the code behind it, it is just calling pihole -a restartdns - which I can run on the CLI of the container with no issues - so it is probably a permissions thing. Always a fun one with Docker

That said again... Why are you pressing this button? I've never had to use it in all my years of running a Pi-hole container....

5

Thanks, Adam / PromoFaux,

I apologise as I may have sounded grumpy..... But my concern is that the thread will be closed after 3 weeks.... Anyway, moving on.

Thank you for the reply and the great PiHole - I have made several donations to help development; real life does get in the way of many things..

Why are you mounting docker named volumes as though they are host mounts?

I am no expert (just an enthusiastic amateur) by any means and that was the Docker / Container .yaml file I found somewhere on the web (there is a lot of crap and mis-information on the web and it is a matter of getting the correct information if you can).

I have since found on github under the PiHole logo as part of my testing (playing), that has the volumes as you have shown but I still have the DNS refresh issue I am sorry I do not understand how it all hangs together. I also see in the container log (from the .yaml file I just referenced) :-
Stopping pihole-FTL
Several times - I do not know whether or not that this is an issue. (I do not see any message saying FTL has restarted after applying pihole -a restartdns in the docker CLI
Thankyou for the volumes correction; I will change that...

6

I noticed there are 2 different things happening when you click on "Restart DNS resolver" button:
(tested using Portainer)

  1. you see a message on Portainer logs saying "Stopping pihole-FTL".

    Explanation:

    When you click on the button, the page executes pihole -a restartdns, which in turn executes service pihole-FTL restart internally.

    This second command always sends "Stopping pihole-FTL" message to the docker log.

    The service is stopped and then restarted, but no message is shown confirming the successful restart (only the stop message is logged). I agree this might cause confusion.

    As a test, you can run pihole -a restartdns or service pihole-FTL restart on the command line and you will see the same message on the log.

  1. you see "The FTL service is offline!" message on the web interface.

    Explanation:

    As explained above the FTL service is really restarted when you click on the button.

    The problem you reported happens because, in some cases, PHP executes and reloads the page faster than FTL service is restarted.

    When this happens the page is created before FTL is fully restarted and the "Offline" information is shown.
    A few milliseconds later the service is restarted, but the page was already sent to the browser.

    There is a pull request addressing this web interface issue, but it needs some testing before approval.

Note:

You don't need to worry. FTL is running (the problem here is cosmetic).
To be sure, just click on the Settings menu item again.
The page should load with the new information, showing FTL is running.

7

OK thanks - It does cause confusion - that clears that up!
OK, so FTL is running after all.

Thanks - With all the search terms I was using (with SearXNG in a docker container), I did not find that reference.

Thanks for all this information - this has now been answered and there is nothing to be concerned about.

(I had better make another donation) :grin:

1 Like
8

Since I now have a better understanding of the (erroneous) messages being displayed with my docker install, PiHole + Unbound has been working very well on a RasPi 4 with an M.2 drive (Argon Case).

It is blocking 71.3% of unnecessary queries.

Thanks for the help.

9

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.