diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 7b59a025b..0f2e87eb6 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -13,7 +13,7 @@ jobs: issues: write steps: - - uses: actions/stale@v5 + - uses: actions/stale@v6 with: repo-token: ${{ secrets.GITHUB_TOKEN }} days-before-stale: 30 diff --git a/README.md b/README.md index aaaef0db1..e9a6068f8 100644 --- a/README.md +++ b/README.md @@ -15,7 +15,7 @@ _If you absolutely cannot do this, some users [have reported](https://github.com/pi-hole/docker-pi-hole/issues/1042#issuecomment-1086728157) success in updating `libseccomp2` via backports on debian, or similar via updates on Ubuntu. You can try this workaround at your own risk_ (Note, you may also find that you need the latest `docker.io` (more details [here](https://blog.samcater.com/fix-workaround-rpi4-docker-libseccomp2-docker-20/)) -- Some users [have reported issues](https://github.com/pi-hole/docker-pi-hole/issues/963#issuecomment-1095602502) with using the `--privileged` flag on `2022.04` and above. TL;DR, don't use that that mode, and be [explicit with the permitted caps](https://github.com/pi-hole/docker-pi-hole#note-on-capabilities) (if needed) instead +- Some users [have reported issues](https://github.com/pi-hole/docker-pi-hole/issues/963#issuecomment-1095602502) with using the `--privileged` flag on `2022.04` and above. TL;DR, don't use that mode, and be [explicit with the permitted caps](https://github.com/pi-hole/docker-pi-hole#note-on-capabilities) (if needed) instead - As of `2022.04.01`, setting `CAP_NET_ADMIN` is only required if you are using Pi-hole as your DHCP server. The container will only try to set caps that are explicitly granted (or natively available) diff --git a/src/Dockerfile b/src/Dockerfile index 932fee161..f3d433263 100644 --- a/src/Dockerfile +++ b/src/Dockerfile @@ -2,11 +2,7 @@ ARG PIHOLE_BASE FROM "${PIHOLE_BASE:-ghcr.io/pi-hole/docker-pi-hole-base:bullseye-slim}" ARG PIHOLE_DOCKER_TAG -ENV PIHOLE_DOCKER_TAG "${PIHOLE_DOCKER_TAG}" - -ENV S6_OVERLAY_VERSION v3.1.1.2 - -ENV PIHOLE_INSTALL /etc/.pihole/automated\ install/basic-install.sh +RUN echo "${PIHOLE_DOCKER_TAG}" > /pihole.docker.tag ENTRYPOINT [ "/s6-init" ] @@ -33,7 +29,6 @@ ENV S6_KEEP_ENV 1 ENV S6_BEHAVIOUR_IF_STAGE2_FAILS 2 ENV S6_CMD_WAIT_FOR_SERVICES_MAXTIME 0 - ENV FTLCONF_LOCAL_IPV4 0.0.0.0 ENV FTL_CMD no-daemon ENV DNSMASQ_USER pihole diff --git a/src/s6/debian-root/etc/s6-overlay/s6-rc.d/pihole-FTL/run b/src/s6/debian-root/etc/s6-overlay/s6-rc.d/pihole-FTL/run index e46b7606c..8503538ec 100755 --- a/src/s6/debian-root/etc/s6-overlay/s6-rc.d/pihole-FTL/run +++ b/src/s6/debian-root/etc/s6-overlay/s6-rc.d/pihole-FTL/run @@ -11,14 +11,13 @@ rm /run/pihole/FTL.sock 2> /dev/null # install /dev/null files to ensure they exist (create if non-existing, preserve if existing) mkdir -pm 0755 /run/pihole /var/log/pihole [[ ! -f /run/pihole-FTL.pid ]] && install /dev/null /run/pihole-FTL.pid -[[ ! -f /run/pihole-FTL.port ]] && install /dev/null /run/pihole-FTL.port [[ ! -f /var/log/pihole/FTL.log ]] && install /dev/null /var/log/pihole/FTL.log [[ ! -f /var/log/pihole/pihole.log ]] && install /dev/null /var/log/pihole/pihole.log [[ ! -f /etc/pihole/dhcp.leases ]] && install /dev/null /etc/pihole/dhcp.leases # Ensure that permissions are set so that pihole-FTL can edit all necessary files -chown pihole:pihole /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole/FTL.log /var/log/pihole/pihole.log /etc/pihole/dhcp.leases /run/pihole /etc/pihole -chmod 0644 /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole/FTL.log /var/log/pihole/pihole.log /etc/pihole/dhcp.leases +chown pihole:pihole /run/pihole-FTL.pid /var/log/pihole/FTL.log /var/log/pihole/pihole.log /etc/pihole/dhcp.leases /run/pihole /etc/pihole +chmod 0644 /run/pihole-FTL.pid /var/log/pihole/FTL.log /var/log/pihole/pihole.log /etc/pihole/dhcp.leases # Ensure that permissions are set so that pihole-FTL can edit the files. We ignore errors as the file may not (yet) exist chmod -f 0644 /etc/pihole/macvendor.db diff --git a/src/s6/debian-root/usr/local/bin/_startup.sh b/src/s6/debian-root/usr/local/bin/_startup.sh index 211546104..a133b3c10 100755 --- a/src/s6/debian-root/usr/local/bin/_startup.sh +++ b/src/s6/debian-root/usr/local/bin/_startup.sh @@ -9,7 +9,7 @@ fi . /usr/local/bin/bash_functions.sh # shellcheck source=/dev/null -SKIP_INSTALL=true . "${PIHOLE_INSTALL}" +SKIP_INSTALL=true . /etc/.pihole/automated\ install/basic-install.sh echo " [i] Starting docker specific checks & setup for docker pihole/pihole" diff --git a/src/s6/debian-root/usr/local/bin/install.sh b/src/s6/debian-root/usr/local/bin/install.sh index f88a4ff75..d0e31c94f 100644 --- a/src/s6/debian-root/usr/local/bin/install.sh +++ b/src/s6/debian-root/usr/local/bin/install.sh @@ -16,7 +16,7 @@ detect_arch() { amd64) S6_ARCH="x86_64";; armel) - S6_ARCH="arm";; + S6_ARCH="armhf";; armhf) S6_ARCH="armhf";; arm64) @@ -27,8 +27,9 @@ esac } +DOCKER_TAG=$(cat /pihole.docker.tag) # Helps to have some additional tools in the dev image when debugging -if [[ "${PIHOLE_DOCKER_TAG}" = 'nightly' || "${PIHOLE_DOCKER_TAG}" = 'dev' ]]; then +if [[ "${DOCKER_TAG}" = 'nightly' || "${DOCKER_TAG}" = 'dev' ]]; then apt-get update apt-get install --no-install-recommends -y nano less rm -rf /var/lib/apt/lists/* @@ -36,6 +37,8 @@ fi detect_arch +S6_OVERLAY_VERSION=v3.1.1.2 + curl -L -s "https://github.com/just-containers/s6-overlay/releases/download/${S6_OVERLAY_VERSION}/s6-overlay-noarch.tar.xz" | tar Jxpf - -C / curl -L -s "https://github.com/just-containers/s6-overlay/releases/download/${S6_OVERLAY_VERSION}/s6-overlay-${S6_ARCH}.tar.xz" | tar Jxpf - -C / @@ -66,7 +69,7 @@ export PIHOLE_SKIP_OS_CHECK=true curl -sSL https://install.pi-hole.net | bash -sex -- --unattended # At this stage, if we are building a :nightly tag, then switch the Pi-hole install to dev versions -if [[ "${PIHOLE_DOCKER_TAG}" = 'nightly' ]]; then +if [[ "${DOCKER_TAG}" = 'nightly' ]]; then yes | pihole checkout dev fi @@ -92,4 +95,4 @@ ln -s /macvendor.db /etc/pihole/macvendor.db if [ ! -f /.piholeFirstBoot ]; then touch /.piholeFirstBoot fi -echo 'Docker install successful' \ No newline at end of file +echo 'Docker install successful'