From 4b181a8a9fef8c19d68256b3e00c2dae995c367f Mon Sep 17 00:00:00 2001 From: sujiba <65259334+sujiba@users.noreply.github.com> Date: Sat, 22 Mar 2025 11:30:15 +0000 Subject: [PATCH] migrate to pi-hole v6 and alpine container image --- .github/workflows/docker_build_push_dev.yml | 72 ++++++++--------- .github/workflows/docker_build_push_main.yml | 74 +++++++++--------- .gitignore | 1 + README.md | 82 +++++++++++--------- compose.yml | 30 +++++++ docker-build/99-edns.conf | 2 +- docker-build/Dockerfile | 34 ++++---- docker-build/README.md | 20 ----- docker-build/VERSION | 2 +- docker-build/build_and_push.sh | 2 - docker-build/unbound-entrypoint.sh | 20 +++++ docker-build/unbound-pihole.conf | 25 ++++-- docker-build/unbound-run | 24 ------ docker-compose.yml | 37 --------- etc-dnsmasq.d/10-pihole-extra.conf | 6 -- example.env | 49 ------------ example.pihole.env | 35 +++++++++ resolv.conf | 2 - 18 files changed, 237 insertions(+), 280 deletions(-) create mode 100755 compose.yml delete mode 100755 docker-build/README.md delete mode 100755 docker-build/build_and_push.sh create mode 100644 docker-build/unbound-entrypoint.sh delete mode 100755 docker-build/unbound-run delete mode 100755 docker-compose.yml delete mode 100755 etc-dnsmasq.d/10-pihole-extra.conf delete mode 100755 example.env create mode 100755 example.pihole.env delete mode 100755 resolv.conf diff --git a/.github/workflows/docker_build_push_dev.yml b/.github/workflows/docker_build_push_dev.yml index 03dc4aa..8b703ed 100755 --- a/.github/workflows/docker_build_push_dev.yml +++ b/.github/workflows/docker_build_push_dev.yml @@ -1,43 +1,43 @@ -name: Build and push pihole-unbound-hyperlocal with tag dev +name: build dev image on: push: branches: [ dev ] + jobs: - build: + build-dev: runs-on: ubuntu-latest steps: - - - name: Checkout - uses: actions/checkout@v2 - - - name: Login to Docker Hub - uses: docker/login-action@v1 - with: - username: ${{ secrets.DOCKER_USER }} - password: ${{ secrets.DOCKER_ACCESS_TOKEN }} - - - name: Set up variables - run: | - VER=$(cat ./docker-build/VERSION) - echo "VERSION=$VER" >> $GITHUB_ENV - - - name: Set up QEMU - uses: docker/setup-qemu-action@v1 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 - - - name: Build and push - uses: docker/build-push-action@v2 - with: - context: ./docker-build - file: ./docker-build/Dockerfile - platforms: | - linux/arm/v7 - linux/arm64 - linux/amd64 - push: true - tags: | - ${{ secrets.DOCKER_USER }}/pihole-unbound-hyperlocal:${{ env.VERSION }} - ${{ secrets.DOCKER_USER }}/pihole-unbound-hyperlocal:dev + - name: Checkout + uses: actions/checkout@v4 + + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKER_USER }} + password: ${{ secrets.DOCKER_ACCESS_TOKEN }} + + - name: Set up variables + run: | + VER=$(cat ./docker-build/VERSION) + echo "VERSION=$VER" >> $GITHUB_ENV + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Build and push + uses: docker/build-push-action@v2 + with: + context: ./docker-build + file: ./docker-build/Dockerfile + platforms: | + linux/arm/v7 + linux/arm64 + linux/amd64 + push: true + tags: | + ${{ secrets.DOCKER_USER }}/pihole-unbound-hyperlocal:${{ env.VERSION }}-dev + ${{ secrets.DOCKER_USER }}/pihole-unbound-hyperlocal:dev diff --git a/.github/workflows/docker_build_push_main.yml b/.github/workflows/docker_build_push_main.yml index bb17a1e..488238a 100755 --- a/.github/workflows/docker_build_push_main.yml +++ b/.github/workflows/docker_build_push_main.yml @@ -1,43 +1,43 @@ -name: Build and push pihole-unbound-hyperlocal +name: build prod image on: push: - branches: [ main ] + branches: [ dev ] + jobs: - build: + build-dev: runs-on: ubuntu-latest steps: - - - name: Checkout - uses: actions/checkout@v2 - - - name: Login to Docker Hub - uses: docker/login-action@v1 - with: - username: ${{ secrets.DOCKER_USER }} - password: ${{ secrets.DOCKER_ACCESS_TOKEN }} - - - name: Set up variables - run: | - VER=$(cat ./docker-build/VERSION) - echo "VERSION=$VER" >> $GITHUB_ENV - - - name: Set up QEMU - uses: docker/setup-qemu-action@v1 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 - - - name: Build and push - uses: docker/build-push-action@v2 - with: - context: ./docker-build - file: ./docker-build/Dockerfile - platforms: | - linux/arm/v7 - linux/arm64 - linux/amd64 - push: true - tags: | - ${{ secrets.DOCKER_USER }}/pihole-unbound-hyperlocal:${{ env.VERSION }} - ${{ secrets.DOCKER_USER }}/pihole-unbound-hyperlocal:latest + - name: Checkout + uses: actions/checkout@v4 + + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKER_USER }} + password: ${{ secrets.DOCKER_ACCESS_TOKEN }} + + - name: Set up variables + run: | + VER=$(cat ./docker-build/VERSION) + echo "VERSION=$VER" >> $GITHUB_ENV + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Build and push + uses: docker/build-push-action@v2 + with: + context: ./docker-build + file: ./docker-build/Dockerfile + platforms: | + linux/arm/v7 + linux/arm64 + linux/amd64 + push: true + tags: | + ${{ secrets.DOCKER_USER }}/pihole-unbound-hyperlocal:${{ env.VERSION }} + ${{ secrets.DOCKER_USER }}/pihole-unbound-hyperlocal:latest diff --git a/.gitignore b/.gitignore index d6aca4f..aa4e09d 100755 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ .env etc-pihole/ +pihole.env \ No newline at end of file diff --git a/README.md b/README.md index 2f2ce2c..31a4f37 100755 --- a/README.md +++ b/README.md @@ -1,19 +1,47 @@ # Pihole + Unbound + Hyperlocal -**IMPORTANT**: When using this Docker image, please report any bugs or suggestions to this repository directly. +> [!NOTE] +> +> **IMPORTANT**: When using this Docker image, please report any bugs or suggestions to this repository directly. + + +## Upgrade Notes + +> [!CAUTION] +> +> ## !!! THE LATEST VERSION CONTAINS BREAKING CHANGES +> +> **Pi-hole v6 has been entirely redesigned from the ground up and contains many breaking changes.** +> +> Read https://github.com/pi-hole/docker-pi-hole + +> [!tip] +> Firstly pull the new image with `docker pull sujiba/pihole-unbound-hyperlocal:2025.03.0`. +> Then stop the old container. +> Follow the steps described bellow. For the transition you're going to have two folders +> - old: pihole-unbound-hyperlocal +> - new: pihole-unbound-hyperlocal-v6 +> +> When everything is running, you can delete the old folder. ## Overview - [Pihole + Unbound + Hyperlocal](#pihole--unbound--hyperlocal) - [Overview](#overview) + - [Acknowledgement](#acknowledgement) - [Introduction](#introduction) - [Prerequisites](#prerequisites) - [First startup](#first-startup) - - [resolv.conf](#resolvconf) - [Testing](#testing) - [DNS problems](#dns-problems) - [Blocklists](#blocklists) - - [Acknowledgement](#acknowledgement) + +## Acknowledgement +- [Docker Pi-hole](https://github.com/pi-hole/docker-pi-hole) +- [Unbound](https://nlnetlabs.nl/projects/unbound/about/) +- [Pi-hole Unbound](https://docs.pi-hole.net/guides/dns/unbound/) +- [mpgirro/docker-pihole-unbound](https://github.com/mpgirro/docker-pihole-unbound) +- [Pi-hole: Einrichtung und Konfiguration mit unbound – AdBlocker Teil2](https://www.kuketz-blog.de/pi-hole-einrichtung-und-konfiguration-mit-unbound-adblocker-teil2/) ## Introduction **Pi-hole**: @@ -28,46 +56,33 @@ ## Prerequisites - Install [Docker](https://docs.docker.com/get-docker/) - Install [Docker-Compose](https://docs.docker.com/compose/install/) -- Download the repository to your favored directory ## First startup -Copy example.env to .env and change the parameters +Clone the repository to your favored location and change the config. ``` -cp example.env .env -vi .env +git clone -b main https://github.com/sujiba/pihole-unbound-hyperlocal.git pihole-unbound-hyperlocal-v6 + +# Change the timezone, password and other pi-hole settings +cp example.pihole.env pihole.env +vi pihole.env + +# Change the ports if you're running a reverse proxy on ports 80 and 443 +vi compose.yml ``` + Start the container ``` -docker-compose up -d +docker compose up -d ``` + Check the logs ``` -docker-compose logs -f -``` - -### resolv.conf -If you get the following error - -``` -pihole | Starting unbound -pihole | [✗] DNS resolution is currently unavailable -``` - -uncomment the following line in the docker-compose.yaml - -``` -#- ./resolv.conf:/etc/resolv.conf -``` - -and restart the container - -``` -docker-compose up -d --force-recreate +docker compose logs -f ``` ### Testing ``` -docker exec -it pihole-unbound bash +docker compose exec -it pihole-unbound sh dig github.com @127.0.0.1 +short dig sigfail.verteiltesysteme.net @127.0.0.1 | grep status dig sigok.verteiltesysteme.net @127.0.0.1 | grep status @@ -96,10 +111,3 @@ See also [StackExchange](https://unix.stackexchange.com/questions/647996/docker- - [mmotti Pi-hole RegEx](https://raw.githubusercontent.com/mmotti/pihole-regex/master/regex.list) - [Privacy-Handbuch Windows 10 Telemetry](https://www.privacy-handbuch.de/handbuch_90a2.htm) - [hagezi dns-blocklists](https://github.com/hagezi/dns-blocklists) - -## Acknowledgement -- [Docker Pi-hole](https://github.com/pi-hole/docker-pi-hole) -- [Unbound](https://nlnetlabs.nl/projects/unbound/about/) -- [Pi-hole Unbound](https://docs.pi-hole.net/guides/dns/unbound/) -- [Pi-Hole + Unbound - 1 Container](https://github.com/chriscrowe/docker-pihole-unbound/tree/master/one-container) -- [[Pi-hole][Unbound] Mit dem Pi zur größtmöglichen Unabhängigkeit – DNS](https://forum.kuketz-blog.de/viewtopic.php?f=53&t=8759) diff --git a/compose.yml b/compose.yml new file mode 100755 index 0000000..9037d2d --- /dev/null +++ b/compose.yml @@ -0,0 +1,30 @@ +--- +# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/ +services: + pihole-unbound: + # You can also use latest + image: sujiba/pihole-unbound-hyperlocal:2025.03.0 + container_name: pihole-unbound + hostname: raspi-01 + ports: + - "53:53/tcp" # DNS Ports + - "53:53/udp" # DNS Ports + - "80:80/tcp" # Default HTTP Port or an alternative port if you use a reverse proxy like nginx. + - "443:443/tcp" # Default HTTPs Port or an alternative port if you use a reverse proxy like nginx. FTL will generate a self-signed certificate + # - "67:67/udp" # Uncomment if you are using Pi-hole as your DHCP server + # - "123:123/udp" # Uncomment if you are using Pi-hole as your NTP server + # - 5335:5335/tcp # For testing purposes, uncomment to enable unbound access on local server + env_file: + - ./pihole.env + volumes: + # For persisting Pi-hole's databases and common configuration file + - ./etc-pihole:/etc/pihole + # cap_add: + # See https://github.com/pi-hole/docker-pi-hole#note-on-capabilities + # Required if you are using Pi-hole as your DHCP server, else not needed + # - NET_ADMIN + # Required if you are using Pi-hole as your NTP client to be able to set the host's system time + # - SYS_TIME + # Optional, if Pi-hole should get some more processing time + # - SYS_NICE + restart: unless-stopped diff --git a/docker-build/99-edns.conf b/docker-build/99-edns.conf index 5e2dac2..fc3a011 100755 --- a/docker-build/99-edns.conf +++ b/docker-build/99-edns.conf @@ -1,2 +1,2 @@ # signal FTL to adhere to this limit -edns-packet-max=1232 +edns-packet-max=1232 \ No newline at end of file diff --git a/docker-build/Dockerfile b/docker-build/Dockerfile index 63ce5af..5d5adda 100755 --- a/docker-build/Dockerfile +++ b/docker-build/Dockerfile @@ -1,34 +1,26 @@ # Get the latest Pi-hole version -FROM pihole/pihole:2024.07.0 +FROM pihole/pihole:2025.03.0 -# Install necessary programs -RUN apt-get update && \ - apt-get upgrade -y && \ - apt-get install -y \ - unbound \ +# Install necessary programs without repository caching +RUN apk upgrade --no-cache && \ + apk add --no-cache \ + unbound \ wget # Additional configs # unbound -COPY unbound-pihole.conf /etc/unbound/unbound.conf.d/pihole.conf +COPY unbound-pihole.conf /etc/unbound/unbound.conf.d/pihole.conf # Set edns packet limit for dnsmasq COPY 99-edns.conf /etc/dnsmasq.d/99-edns.conf -# Download DNS-Root-Zone. -# Create the chroot directory and generate root.key. -# Copy / move files and change owner. -RUN wget -O root.hints https://www.internic.net/domain/named.root && \ - mv root.hints /var/lib/unbound/ && \ - chown -R unbound:unbound /var/lib/unbound/root.hints +# Download DNS-Root-Zone and move file +RUN wget -S https://www.internic.net/domain/named.root -O /etc/unbound/root.hints -# Remove unnecessary programs -RUN apt-get remove -y \ - wget +# Create unbound log dir +RUN install -o unbound -g unbound -Dm755 -d /var/log/unbound -# Unbound startup script -RUN mkdir -p /etc/services.d/unbound -COPY unbound-run /etc/services.d/unbound/run -RUN chmod ug+x /etc/services.d/unbound/run +# Add unbound start up script +COPY --chmod=0755 unbound-entrypoint.sh /usr/bin/unbound-entrypoint.sh -ENTRYPOINT ./s6-init +ENTRYPOINT ["unbound-entrypoint.sh"] \ No newline at end of file diff --git a/docker-build/README.md b/docker-build/README.md deleted file mode 100755 index df61ef0..0000000 --- a/docker-build/README.md +++ /dev/null @@ -1,20 +0,0 @@ -# Build it yourself - -https://docs.docker.com/buildx/working-with-buildx/#work-with-builder-instances - - ``` - # This creates a new builder instance with a single node based on your current configuration. - docker buildx create - # To list all available builders, use - docker buildx ls - # To switch between different builders, use - docker buildx use - # After creating a new instance, you can delete it with - docker buildx rm -``` - -Build it as a multi-platform image: -``` -chmod +x build_and_push.sh -./build_and_push.sh -``` \ No newline at end of file diff --git a/docker-build/VERSION b/docker-build/VERSION index 4439431..18caec7 100755 --- a/docker-build/VERSION +++ b/docker-build/VERSION @@ -1 +1 @@ -2024.07.0 +2025.03.0 \ No newline at end of file diff --git a/docker-build/build_and_push.sh b/docker-build/build_and_push.sh deleted file mode 100755 index a81b959..0000000 --- a/docker-build/build_and_push.sh +++ /dev/null @@ -1,2 +0,0 @@ -docker buildx build --platform linux/arm/v7,linux/arm64/v8,linux/amd64 -t sujiba/pihole-unbound-hyperlocal:`cat VERSION` --push . -docker buildx build --platform linux/arm/v7,linux/arm64/v8,linux/amd64 -t sujiba/pihole-unbound-hyperlocal:latest --push . \ No newline at end of file diff --git a/docker-build/unbound-entrypoint.sh b/docker-build/unbound-entrypoint.sh new file mode 100644 index 0000000..4fe8cb8 --- /dev/null +++ b/docker-build/unbound-entrypoint.sh @@ -0,0 +1,20 @@ +#!/bin/sh + +# Start unbound +echo " [i] Starting Unbound" +/usr/sbin/unbound -d -c /etc/unbound/unbound.conf.d/pihole.conf & +# Get most recent process id for error checking +UNBOUND_PID=$! + +# Wait for a second and check if unbound is running +sleep 1 +if [ -d "/proc/$UNBOUND_PID" ]; +then + echo " [i] Unbound started successfully." +else + echo " [i] Unbound startup failed." + echo " [i] Take a look at /var/log/unbound/unbound.log" +fi + +# Start pi-hole +exec /usr/bin/start.sh \ No newline at end of file diff --git a/docker-build/unbound-pihole.conf b/docker-build/unbound-pihole.conf index 89d7ac9..8268abc 100755 --- a/docker-build/unbound-pihole.conf +++ b/docker-build/unbound-pihole.conf @@ -2,7 +2,7 @@ server: # https://manpages.debian.org/bullseye/unbound/unbound.conf.5.en.html # # If no logfile is specified, syslog is used - # logfile: "/var/log/unbound/unbound.log" + logfile: "/var/log/unbound/unbound.log" verbosity: 0 interface: 127.0.0.1 @@ -11,16 +11,27 @@ server: do-udp: yes do-tcp: yes - # Maybe set to yes if you have IPv6 connectivity - do-ip6: no + # Maybe set to no if you don't have IPv6 connectivity + do-ip6: yes # You want to leave this to no unless you have *native* IPv6. With 6to4 and # Terredo tunnels your web browser should favor IPv4 for the same reasons prefer-ip6: no + # if given, user privileges are dropped (after binding port), + # and the given username is assumed. Default is user "unbound". + # If you give "" no privileges are dropped. + username: "unbound" + # Use this only when you downloaded the list of primary root servers! # If you use the default dns-root-data package, unbound will find it automatically - root-hints: "/var/lib/unbound/root.hints" + root-hints: "/etc/unbound/root.hints" + + # File with trusted keys for validation. Specify more than one file + # with several entries, one file per entry. + # Zone file format, with DS and DNSKEY entries. + # Note this gets out of date, use auto-trust-anchor-file please. + trust-anchor-file: "/usr/share/dnssec-root/trusted-key.key" # Trust glue only if it is within the server's authority harden-glue: yes @@ -65,7 +76,7 @@ server: # Ensure kernel buffer is large enough to not lose messages in traffic spikes so-rcvbuf: 1m - # increase cache size to utilize more RAM + # increase cache size to utilize more RAM | msg * 2 = rrset msg-cache-size: 128m rrset-cache-size: 256m @@ -84,5 +95,5 @@ server: private-address: 169.254.0.0/16 private-address: 172.16.0.0/12 private-address: 10.0.0.0/8 - #private-address: fd00::/8 - #private-address: fe80::/10 + private-address: fd00::/8 + private-address: fe80::/10 \ No newline at end of file diff --git a/docker-build/unbound-run b/docker-build/unbound-run deleted file mode 100755 index e289182..0000000 --- a/docker-build/unbound-run +++ /dev/null @@ -1,24 +0,0 @@ -#!/command/with-contenv bash - -s6-echo "Starting unbound" - -NAME="unbound" -DESC="DNS server" -DAEMON="/usr/sbin/unbound" -PIDFILE="/run/unbound.pid" - -HELPER="/usr/lib/unbound/package-helper" - -test -x $DAEMON || exit 0 - -# Override this variable by editing or creating /etc/default/unbound. -DAEMON_OPTS="" - -if [ -f /etc/default/unbound ]; then - . /etc/default/unbound -fi - -$HELPER chroot_setup -$HELPER root_trust_anchor_update 2>&1 | logger -p daemon.info -t unbound-anchor - -$DAEMON -d $DAEMON_OPTS diff --git a/docker-compose.yml b/docker-compose.yml deleted file mode 100755 index 236e87c..0000000 --- a/docker-compose.yml +++ /dev/null @@ -1,37 +0,0 @@ -version: "3" - -services: -# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/ - pihole-unbound: - image: ${IMAGE} - container_name: ${NAME} - hostname: ${HOSTNAME} - ports: - - "53:53/tcp" - - "53:53/udp" - - "67:67/udp" # Only required if you are using Pi-hole as your DHCP server - - "${HTTP_PORT}:80/tcp" - # - 5335:5335/tcp # For testing purposes, uncomment to enable unbound access on local server - environment: - TZ: ${TZ} - WEBPASSWORD: ${WEBPASSWORD} - PIHOLE_DNS_: ${PIHOLE_DNS} - DNSSEC: ${DNSSEC} - CUSTOM_CACHE_SIZE: ${CUSTOM_CACHE_SIZE} - DNS_BOGUS_PRIV: ${DNS_BOGUS_PRIV} - DNS_FQDN_REQUIRED: ${DNS_FQDN_REQUIRED} - TEMPERATUREUNIT: ${TEMPERATUREUNIT} - WEBTHEME: ${WEBTHEME} - FTLCONF_MAXDBDAYS: ${MAXDBDAYS} - FTLCONF_DBINTERVAL: ${DBINTERVAL} - # Volumes store your data between container upgrades - volumes: - - ./etc-pihole/:/etc/pihole/ - - ./etc-dnsmasq.d/:/etc/dnsmasq.d/ - # You'll need this, if you are using a self-created network - #- ./resolv.conf:/etc/resolv.conf - # Recommended but not required (DHCP needs NET_ADMIN) - # https://github.com/pi-hole/docker-pi-hole#note-on-capabilities - #cap_add: - # - NET_ADMIN - restart: unless-stopped diff --git a/etc-dnsmasq.d/10-pihole-extra.conf b/etc-dnsmasq.d/10-pihole-extra.conf deleted file mode 100755 index efe69b7..0000000 --- a/etc-dnsmasq.d/10-pihole-extra.conf +++ /dev/null @@ -1,6 +0,0 @@ -# https://thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html -# Copy the DNSSEC Authenticated Data bit from upstream servers to downstream clients. -# This is an alternative to having dnsmasq validate DNSSEC, -# but it depends on the security of the network between dnsmasq and the upstream servers, -# and the trustworthiness of the upstream servers. -proxy-dnssec \ No newline at end of file diff --git a/example.env b/example.env deleted file mode 100755 index c40a8b3..0000000 --- a/example.env +++ /dev/null @@ -1,49 +0,0 @@ -# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/ - -IMAGE=sujiba/pihole-unbound-hyperlocal:latest - -NAME=pihole -HOSTNAME=raspi-01 - -# 80 or an alternative port if you use a reverse proxy like nginx -HTTP_PORT=80 - -# Set your timezone to make sure logs rotate at local midnight instead of at UTC midnight. -TZ='Europe/Berlin' - -# http://pi.hole/admin password. Run docker logs pihole | grep random to find your random pass. -WEBPASSWORD=PASSWORD - -# Upstream DNS server(s) for Pi-hole to forward queries to, seperated by a semicolon -# (supports non-standard ports with #[port number]) e.g 127.0.0.1#5053;8.8.8.8;8.8.4.4 -# Hardcoded to our Unbound server -PIHOLE_DNS='127.0.0.1#5335' - -# We disable DNSSEC because it is done by Unbound -DNSSEC=false - -# Set the cache size for dnsmasq. -# Useful for increasing the default cache size or to set it to 0. -# Note that when DNSSEC is "true", then this setting is ignored. -CUSTOM_CACHE_SIZE=10000 - -# Never forward reverse lookups for private ranges -DNS_BOGUS_PRIV=true - -# Never forward non-FQDNs -DNS_FQDN_REQUIRED=true - -# Set preferred temperature unit to -# c: Celsius, k: Kelvin, or f Fahrenheit units. -TEMPERATUREUNIT=c - -# User interface theme to use. -# default-dark | default-darker | default-light | default-auto | lcars -WEBTHEME=default-dark - -# pihole-FTL.conf -# How many days should Pi-hole store requests - discard older entries -MAXDBDAYS=30 - -# Write FTL database from RAM to SD card every x minutes. - Save SD card -DBINTERVAL=60 \ No newline at end of file diff --git a/example.pihole.env b/example.pihole.env new file mode 100755 index 0000000..72c1eaf --- /dev/null +++ b/example.pihole.env @@ -0,0 +1,35 @@ +# Settings that are set via environment variables effectively become read-only, +# meaning that you will not be able to change them in the web interface or CLI. +# This is to ensure a "single source of truth" on the config. If you later unset +# an environment variable, then FTL will revert to the default value for that setting. +# You can find all settings under /etc/pihole/pihole.toml. + +# Set your timezone to make sure logs rotate at local midnight instead of at UTC midnight. +# List of timezones https://en.wikipedia.org/wiki/List_of_tz_database_time_zones +TZ=Europe/Berlin + +# Set your admin password for https://pi.hole/admin. +FTLCONF_webserver_api_password=Super_Secure_Password + +# If using Docker's default `bridge` network setting the dns listening mode should be set to 'all' +FTLCONF_dns_listeningMode=all + +# Upstream DNS server(s) for Pi-hole to forward queries to, seperated by a semicolon +# (supports non-standard ports with #[port number]) e.g 127.0.0.1#5053;8.8.8.8;8.8.4.4 +# Hardcoded to our Unbound server +FTLCONF_dns_upstreams=127.0.0.1#5335 + +# Validate DNS replies using DNSSEC? +FTLCONF_dns_dnssec = true + +# On which domain is the web interface served? +# Default value is pi.hole +# FTLCONF_webserver_domain=pihole-01.int.exmample.com + +# Theme used by the Pi-hole web interface +# default-dark | default-darker | default-light | high-contrast | high-contrast-dark | default-auto | lcars +FTLCONF_webserver_interface_theme=default-dark + +# Which temperature unit should be used for temperatures processed by FTL? +# C | F | K +FTLCONF_webserver_api_temp_unit=C diff --git a/resolv.conf b/resolv.conf deleted file mode 100755 index 0b8ccee..0000000 --- a/resolv.conf +++ /dev/null @@ -1,2 +0,0 @@ -nameserver 127.0.0.1 -options ndots:0 \ No newline at end of file