issues with running multiple instances on a machine

[gklanderman]

Versions

• Pi-hole: v5.2.1 (Latest: v5.2.1)
• AdminLTE: v5.2.1 (Latest: v5.2.1)
• FTL: v5.3.2 (Latest: v5.3.2)

Platform

• OS and version: Raspbian GNU/Linux 10 (buster)

• Platform: RPi 2b+

Expected behavior

Hi, I am trying to run multiple instances of pi-hole in docker on a Raspberry Pi. I have configured several IP addresses for eth0 using virtual interfaces eth0:[0..4]. I am using network=host mode.

I have been able to work around all the issues encountered, however, this is not ideal as one of the issues in particular requires scripting in the run script, meaning that docker restarts will not work.

For the other issues, it would be much cleaner to have options to support this use case.

1. The biggest problem is that setup_lighttpd_bind in docker-pi-hole/bash_functions.sh unconditionally binds the localhost interface when using '--net=host' mode, i.e.:
   $SERVER["socket"] == "127.0.0.1:80" {}
   This can be worked around in the run script by running a 'docker exec' script after 'docker run' to wait until /etc/lighttpd/lighttpd.conf has been re-written, then remove that line, and restart lighttpd. However, this means that the normal docker restart mechanism will not be able to restart the container. So the simplest fix is adding an option to bind only the ServerIP. Issue [Feature Request]: Docker environment variable to specify IP lighttpd should bind on #398 is related, and asks for a way to specify an IP address for lighttpd to bind (different from ServerIP); this would also solve the problem.

2. Additionally, lighttpd always listens on all IPv6 addresses, i.e. (:::80), ignoring ServerIPv6, as documented in Issue setup_lighttpd_bind needed for IPv6 #163 and Issue lighthttp listens on all IPv6 addresses #239 There is a pull request If provided lighttpd will bind to ServerIPv6 in host mode #543 to resolve these which should also solve the issue here. Thankfully I do not need IPv6 and just turned it off with '-e IPv6="false"'.

3. Next, dnsmasq always binds all interfaces; see Issue dnsmasq binds to all interfaces even if you specify a listen interface #491. We need an option to add the following to 01-pihole.conf:
   listen-address=$ServerIP
   bind-interfaces
   this could be the same option as used for item 1 above. I am able to work around this by adding those lines manually to /etc/dnsmasq.d/02-custom.conf which seems to be preserved across restarts. However, see item 4 below.

4. Finally, forcing dnsmasq to only bind to the $ServerIP in item 3 above results in the HEALTHCHECK failing. This can be overridden using the 'docker run' options --health-cmd and related --health-* options but is not ideal.

I can probably fix at least some of these and send pull request(s), if you are actually willing to accept them. Given pull request #543 has not been merged in a year+, I'm not sure it is worth my time to send patches that will not be acted upon.

If you are interested in my working on fixes for these issues, is there a document that explains how to build the docker image from my local git repo and use it locally?

thank you!
Greg

[dschaper]

We're happy to accept Pull Requests to address issues. I think picking one PR from a year ago and using that as an example of us not being responsive is a bit disingenuous, but I'll take that comment as a general statement and not a slight against Pi-hole.

As for building a local docker image, it should be a matter of doing a build on the dockerfile you would be using as the basis for any PRs.

[gklanderman]

Sorry, I wasn't trying to make a general statement, just the one PR I happened to notice and having just found the project I had no idea how active development is. I'll work on figuring out how to build and run an image locally. How often do you make new releases or is pihole/pihole:latest just the tip of the master branch? Thank you!

[PromoFaux]

How often do you make new releases or is pihole/pihole:latest just the tip of the master branch?

Generally they're in line with releases in the non-container repos (https://github.com/pi-hole/pi-hole, https://github.com/pi-hole/adminLTE, https://github.com/pi-hole/FTL), however sometimes more pressing bug fixes have been known to be released separately.

:latest is the same as whatever the highest tagged version number is (currently :v5.2.1). There are also tags for :dev and :master, for the dev and master branches respectively

[dschaper]

Have to add the usual caveat: Do not use :latest. This holds for any docker image. Pulling latest is a floating tag that may point to a version you do not expect or are prepared for.

[gklanderman]

Do not use :latest

OK will take that under consideration.. maybe README.md / docker_run.sh / docker-compose.yml.example should be updated to use a specific version, with a comment suggesting to use latest specific release?

[PromoFaux]

Edit the file at /etc/dnsmasq.d/05-pihole-custom-cname.conf and remove the offending line.

[gklanderman]

Edit the file at /etc/dnsmasq.d/05-pihole-custom-cname.conf and remove the offending line.

did you intend that comment for a different bug?

[PromoFaux]

Ah! That's where I put it. I knew I'd typed it.... 😄

Yes, meant for a different issue.

[gklanderman]

updated the title to better reflect that it is possible to run multiple instances, but there are issues that need to be worked around in somewhat hacky ways. the goal here is to support this use case out of the box via documented config options.

[github-actions]

This issue is stale because it has been open 30 days with no activity. Please comment or update this issue or it will be closed in 5 days.