Code Monkey home page Code Monkey logo

addon-pi-hole's Introduction

Home Assistant Community Add-on: Pi-hole

GitHub Release Project Stage License

Supports aarch64 Architecture Supports amd64 Architecture Supports armhf Architecture Supports armv7 Architecture Supports i386 Architecture

GitLab CI Project Maintenance GitHub Activity

Discord Community Forum

Sponsor Frenck via GitHub Sponsors

Support Frenck on Patreon

Network-wide ad blocking

Deprecation warning

This add-on is in a deprecated state!

The Pi-hole add-on is now deprecated and will no longer be supported, maintained and will not receive future updates or fixes.

Pi-hole used to be a great solution to filter network traffic, but it has been a challenge to keep/get it in a working state as an add-on.

Meanwhile, the AdGuard team published an alternative: AdGuard Home.

AdGuard Home as surpassed Pi-hole in terms of capabilities, features, and stability, and Home Assistant provides a good integration with AdGuard. Above all, the AdGuard Home team has been supportive in developing the add-on.

For those reasons, it is no longer viable to keep maintaining the Pi-hole add-on, which has been problematic at best.

We strongly recommend migrating to the AdGuard Home add-on, which is available in the add-on store.

About

Pi-hole is an advertising-aware DNS- and web server, meant to be run on a dedicated Raspberry Pi connected to your home network. Pi-hole lets you block advertisements for every device that connects to your network without the need for any client-side software.

This add-on is a port of Pi-hole to be able to run on Home Assistant and is based on Alpine Linux and is using Docker.

Installation

The installation of this add-on is pretty straightforward and not different in comparison to installing any other Home Assistant add-on.

  1. Ensure your Home Assistant device has a static IP and static external DNS servers!
  2. Search for the "Pi-hole" add-on in the Supervisor add-on store and install it.
  3. Start the "Pi-hole" add-on
  4. Check the logs of the "Pi-hole" add-on to see it in action.

Configuration

Note: Remember to restart the add-on when the configuration is changed.

Example add-on configuration:

log_level: info
update_lists_on_start: true
ssl: false
certfile: fullchain.pem
keyfile: privkey.pem
interface: eth0
ipv6: true
ipv4_address: ''
ipv6_address: ''
hosts:
  - name: printer.local
    ip: 192.168.1.5
  - name: router.local
    ip: 192.168.1.1
  - name: router.local
    ip: "FE80:0000:0000:0000:0202:B3FF:FE1E:8329"

Note: This is just an example, don't copy and paste it! Create your own!

Option: log_level

The log_level option controls the level of log output by the addon and can be changed to be more or less verbose, which might be useful when you are dealing with an unknown issue. Possible values are:

  • trace: Show every detail, like all called internal functions.
  • debug: Shows detailed debug information.
  • info: Normal (usually) interesting events.
  • warning: Exceptional occurrences that are not errors.
  • error: Runtime errors that do not require immediate action.
  • fatal: Something went terribly wrong. Add-on becomes unusable.

Please note that each level automatically includes log messages from a more severe level, e.g., debug also shows info messages. By default, the log_level is set to info, which is the recommended setting unless you are troubleshooting.

Using trace or debug log levels puts the dnsmasq daemon into debug mode, allowing you to see all DNS requests in the add-on log.

Option: update_lists_on_start

Download and process all configured ad block lists on add-on startup by setting this option to true. This will add startup time to your add-on but will give you the most recent versions of the ad block lists on start.

When this option is set to false you will still get updated lists once in a while. A scheduled task will take care of that.

Note: When starting the add-on for the very first time, the lists will be updated, regardless of the value of this option.

Option: ssl

Enables/Disables SSL (HTTPS) on the web interface of Pi-hole. Set it true to enable it, false otherwise.

Option: certfile

The certificate file to use for SSL.

Note: The file MUST be stored in /ssl/, which is the default

Option: keyfile

The private key file to use for SSL.

Note: The file MUST be stored in /ssl/, which is the default

Option: interface

Configures the interface the Pi-hole DNS server should be listening to. By leaving it empty, the add-on will try to auto-detect the interface to use.

Note: This option is in place in case auto-detection fails on your setup.

Option: ipv6

Set this option to false to disable IPv6 support.

Option: ipv4_address

Manually set the IPv4 address for Pi-hole to use. By leaving it empty, the add-on will try to auto-detect the interface to use.

Note: This option is in place in case auto-detection fails on your setup.

Option: ipv6_address

Manually set the IPv6 address for Pi-hole to use. By leaving it empty, the add-on will try to auto-detect the interface to use.

Note: This option is in place in case auto-detection fails on your setup.

Option: hosts

This option allows you create your own DNS entries for your LAN. This capability can be handy for pointing easy to remember hostnames to an IP (e.g., point printer.local to the IP address of your printer).

Add a list of hosts you want to add. Some hosts can have both IPv4 and IPv6 addresses. In that case, simply add the host twice (with both addresses).

See the example above this chapter for a more visual representation.

Sub-option: name

This option specifies the DNS name of the host you are adding. Its value could be a short style hostname like: printer or a longer one printer.local.

Sub-option: ip

The IP address this specified host must point to. Its value must be an IPv6 or IPv4 IP address.

Option: leave_front_door_open

Adding this option to the add-on configuration allows you to disable authentication on the admin interface by setting it to true and leaving the password empty.

Note: We STRONGLY suggest, not to use this, even if this add-on is only exposed to your internal network. USE AT YOUR OWN RISK!

Using the Pi-hole integration in Home Assistant

Home Assistant offers a Pi-hole integration that allows you to retrieve statistics and interact with your Pi-hole installation.

To enable this integration, add the following lines to your configuration.yaml file:

# Example configuration.yaml entry
pi_hole:
  host: localhost:4865
  api_key: ""

For more information and documentation about configuring this sensor, please check the documentation of Home Assistant.

Changelog & Releases

This repository keeps a change log using GitHub's releases functionality. The format of the log is based on Keep a Changelog.

Releases are based on Semantic Versioning, and use the format of MAJOR.MINOR.PATCH. In a nutshell, the version will be incremented based on the following:

  • MAJOR: Incompatible or major changes.
  • MINOR: Backwards-compatible new features and enhancements.
  • PATCH: Backwards-compatible bugfixes and package updates.

Support

Got questions?

You have several options to get them answered:

You could also open an issue here GitHub.

Contributing

This is an active open-source project. We are always open to people who want to use the code or contribute to it.

We have set up a separate document containing our contribution guidelines.

Thank you for being involved! 😍

Authors & contributors

The original setup of this repository is by Franck Nijhof.

For a full list of all authors and contributors, check the contributor's page.

We have got some Home Assistant add-ons for you

Want some more functionality to your Home Assistant instance?

We have created multiple add-ons for Home Assistant. For a full list, check out our GitHub Repository.

Trademark legal notice

This add-on is not created, developed, affiliated, supported, maintained or endorsed by Pi-hole LLC.

All product names, logos, brands, trademarks and registered trademarks are property of their respective owners. All company, product, and service names used are for identification purposes only.

Use of these names, logos, trademarks, and brands does not imply endorsement.

License

MIT License

Copyright (c) 2017-2020 Franck Nijhof

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

addon-pi-hole's People

Contributors

dale3h avatar dayofdoom avatar frenck avatar hoppingmonk avatar mjrider avatar renovate[bot] avatar sinclairpaul avatar tjorim avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

ladegeraet noisephoenix dayofdoom nathan-d mjrider digitalrogues geertvanhorrik chriscrowe 94cxhatch sinclairpaul elikorh qbss advir29 hoppingmonk lclc98 deisi rschuetzler vmweaver kapilmahawar lacky1991 flbas1 wishx alfeyraven boglee e-budianto florian-frost locopine ancom328 justostyle filou59 coopersma alphajosh michallppp trihatmaja liviob74 sb76117 elpapimango bswan crossota

addon-pi-hole's Issues

!secret support for password

Problem/Motivation

documentation says !secret is supported. But when I start the addon I get this in the log:

ERROR: This add-on does not support secrets!
FATAL: You need to set a password!

Expected behavior

the addon loads the password from the secrets.yaml file

Actual behavior

the addon throws an error in the log.

Steps to reproduce

paste this line in the addon configuration: "password": "!secret pihole_password",

Addon version: 2.0.2

v3.2 Updates for core, adminLTE and FTL

Problem/Motivation

Both Pi-hole core and Admin page were updated to v3.2, respectively.

Expected behavior

The Pi-hole add-on for hassio provides access to these major updates

Actual behavior

The v3.2 updates are unavailable as of yet

Steps to reproduce

The updates are not available via the addon-pi-hole

Proposed changes

See https://github.com/pi-hole/pi-hole/releases/tag/v3.2
&
https://github.com/pi-hole/AdminLTE/releases/tag/v3.2

These are major updates.

Feature Request - Local DNS Entries

Problem/Motivation

Feature request for local DNS entries to resolve a local hostname within local network

Proposed changes

Add entries to the pi-hole configuration that allow the user to specify local DNS entries

Teleporter error 500

Problem/Motivation

I normally run two pi-hole instances for failover, since switching to hass.io and using this add on, I have found that trying to run the teleporter to upload a backup from the other instance fails to load the page with error 500

Expected behavior

Running the telerporter import on my other instance results in the following:

Processing blacklist.txt
Processing whitelist.txt
Processing wildcardblocking.txt
OK

Actual behavior

HTTP Error 500

Steps to reproduce

Using version 1.0.1, Export config, import it - this fails even from the same instance

Proposed changes

N/A

Cannot meaningfully define persistent custom upstream DNS servers

(Apologies upfront for the rambling stream of consciousness report. I was investigating while writing it and ran out of time to make it more cohesive.)

Problem/Motivation

I installed this on my Hassio instance, and ran into some issues with local hostname resolution. My home network has dynamic FQDN assignment w/ PTR support, which I irrationally love. DHCP and DNS are handled from a pfSense box, and I set pi-hole's upstream DNS servers to the pfSense box's IPs (v4&v6) and restarted the add-on. However, when I tried to resolve hosts I knew were resolvable via the pfSense the pi-hole failed to resolve properly. I went through the logs and discovered that pi-hole was using Google's DNS servers (8.8.8.8, 8.8.4.4) for resolution. Even though I disabled them in the UI, the setting did not stick. To correct the behavior I had to select the empty radio boxes for Google DNS in Settings=>DNS and save, then unselect and save again.

The cause of appears to be the PIHOLE_DNS* options in [setupVars.conf|https://github.com/hassio-addons/addon-pi-hole/blob/master/pi-hole/rootfs/etc/pihole/setupVars.conf]. These are use on installation to populate initial settings in /etc/dnsmasq.d/01-pihole.conf. It appears either every time the add-on/service restarts it is regenerated from the setupVars.conf instead of using a persisted configuration.

So the core issue appears to be upstream (heh) with pi-hole proper and how it handles setup parameters and maintaining configuration state. It is in no way good practice to silently and invisibly overwrite user settings on service restart.

Expected behavior

Can configure custom upstream DNS servers.

Actual behavior

The default DNS Servers in setupVars.conf invisibly override custom upstream DNS servers on service start.

Steps to reproduce

  1. Navigate to the pi-hole DNS settings view (Settings => DNS).
  2. Add a custom upstream DNS server, set the IP to OpenDNS (208.67.222.222) for consistency.
  3. Disable the Google DNS entries.
  4. Save the configuration.
  5. While tailing the pi-hole logs^1, issue DNS queries and observe in the logs which upstream server they are being sent to. The upstream should be OpenDNS (208.67.222.222).
  6. From Settings => System, select "restart Add-on"
  7. After the service is available again, repeat step 5, but observe the upstream servers being used will be 8.8.4.4.
  8. Navigate to the pi-hole DNS settings view (Settings => DNS).
  9. Select all 4 radio boxes for Google DNS Servers and Save.
  10. Deselect all 4 radio boxes for Google DNS Servers and Save.
  11. Repeat Step 5 and observer the OpenDNS service is being used as the upstream again.

Proposed changes

To work around this issue, and provide a easy initial setup, it would be nice if the config data could include an upstream property. It's typing would be [str] and the default value would be ["8.8.8.8", "8.8.4.4"]. That would be used to append the setupVars.conf with PIHOLE_DNS_{n}=upstream[n] key/value pairs.

Example Configuration

{
  "log_level": "info",
  "password": "",
  "update_lists_on_start": true,
  "http_port": 80,
  "https_port": 443,
  "dns_port": 53,
  "ssl": false,
  "certfile": "fullchain.pem",
  "keyfile": "privkey.pem",
  "interface": "",
  "ipv6": true,
  "ipv4_address": "",
  "ipv6_address": "",
  "virtual_host": "",
  "hosts": [],
  "upstream": [
    "8.8.8.8",
    "8.8.4.4"
  ]
}

^1 Simple test queries:

#!/usr/bin/env bash
PIHOLE_IP='172.16.0.1'
TARGETS=('google.com', 'github.com', 'dropbox.com', 'xkcd.com', 'apple.com')

for TARGET in ${TARGETS[@]}; do
    dig "${TARGET}" A "@${PIHOLE_IP}" +nocmd +nocomments
done

`Open Web UI` button opens incorrect url

Problem/Motivation

It seems like the Open Web UI button in the Hass.io panel opens the incorrect URL.

Expected behavior

Expected was the following URL to open: https://xxx.xxx.xxx.xxx:80/admin/index.php

Actual behavior

It opens: https://xxx.xxx.xxx.xxx:80/

Steps to reproduce

Install add-on, start it and click on the Open Web UI button.

Proposed changes

Correct the URL behind the button in the config.json of the add-on.

Ref

https://community.home-assistant.io/t/repository-community-hass-io-add-ons/24705/166?u=frenck

FATAL: The configured certfile is not found

Problem/Motivation

Pi-hole can't be started. I would like to use it again :)

Expected behavior

Expected Pi-hole to start, it doesn't.

Actual behavior

Fails at "FATAL: The configured certfile is not found" and exits.

Steps to reproduce

I was running v2.0.1 without any issues. Updated to v2.0.2 and was unable to start Pi-hole. Updating to v2.0.3 didn't change this, neither did v2.0.4.

Log output:

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] 01-resolver-resolv: applying... 
[fix-attrs.d] 01-resolver-resolv: exited 0.
[fix-attrs.d] 01-sudo: applying... 
[fix-attrs.d] 01-sudo: exited 0.
[fix-attrs.d] 02-nginx: applying... 
[fix-attrs.d] 02-nginx: exited 0.
[fix-attrs.d] 03-pihole: applying... 
[fix-attrs.d] 03-pihole: exited 0.
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 00-banner.sh: executing... 
-----------------------------------------------------------
 Hass.io Add-on: Pi-hole v2.0.4
 Network-wide ad blocking using your Hass.io instance
 From: Community Hass.io Add-ons
 By: Franck Nijhof <[email protected]>
-----------------------------------------------------------
 armhf / HassOS 1.9 / HA 0.76.2 / SU 127 / stable
-----------------------------------------------------------
[cont-init.d] 00-banner.sh: exited 0.
[cont-init.d] 01-log-level.sh: executing... 
Log level is set to INFO
[cont-init.d] 01-log-level.sh: exited 0.
[cont-init.d] 02-updates.sh: executing... 
INFO: You are running the latest version of this add-on
[cont-init.d] 02-updates.sh: exited 0.
[cont-init.d] 10-requirements.sh: executing... 
INFO: Password is NOT in the Have I Been Pwned database! Nice!
FATAL: The configured certfile is not found
[cont-init.d] 10-requirements.sh: exited 1.
[cont-finish.d] executing container finish scripts...
[cont-finish.d] 99-message.sh: executing... 
-----------------------------------------------------------
                Oops! Something went wrong.
 
 We are so sorry, but something went terribly wrong when
 starting or running this add-on.
 
 Be sure to check the log above, line by line, for hints.
-----------------------------------------------------------
[cont-finish.d] 99-message.sh: exited 0.
[cont-finish.d] done.
[s6-finish] syncing disks.
[s6-finish] sending all processes the TERM signal.

Add support for running HTTPS & HTTP at the same time.

Problem/Motivation

This add-on only supports running HTTPS or HTTP. This makes it hard to expose the add-on with SSL to the outside world, while still being able to run the block page correctly on the local network.

Proposed changes

  • Add separate port configuration option for the blocking page
  • Add or extend the current NGINX configuration

Pi-hole Embedded in Iframe via SSL Fails (X-Frame-Options: SAMEORIGIN)

Problem/Motivation

I'm trying to embed the Pi-hole add-on as an iframe in Hassio. I am receiving the following browser exception and the iframe does not render:
Refused to display 'https://SERVER:PORT/admin/index.php' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

The Hassio interface is running on one port and the Pi-hole admin interface is running on a different port. Both are configured for HTTPS.

Expected behavior

I would expect the iframe to render. I imagine we need the ability to disable the X-Frame-Options HTTP header in the Pi-hole instance running in the container.

I found this:
https://www.reddit.com/r/pihole/comments/4o96dd/updated_to_v27_dont_see_the_new_admin_pages_in/

Looks like in pi-hole/rootfs/etc/nginx/nginx-ssl.conf, the following line sets the header. I'm going to see if I can figure out how tie this to a configuration setting.
add_header X-Frame-Options SAMEORIGIN;

Actual behavior

Iframe in the UI was blank.

Steps to reproduce

From configuration.yaml:

panel_iframe:
  terminal:
    title: Pi-hole
    icon: mdi:block-helper
    url: https://SERVER:PORT/admin/index.php

Pi-hole hass.os dns breakage

@chrisvella commented on Jul 25, 2018, 12:47 PM UTC:

Problem/Motivation

A heads up for everyone about this issue as I have resolved it for myself.

Expected behavior

A 3rd party addon repository should have been installed.

Actual behavior

I was trying to add a 3rd party addon repository from marthoc and it would always fail. I don't have the exact error message but this is approximately what it was:

17-11-26 03:13:39 ERROR (MainThread) [hassio.addons.git] Can’t pull https://github.com/marthoc/hassio-addons/ repo: Cmd(β€˜git’) failed due to: exit code(128)
cmdline: git pull -v origin
stderr: β€˜fatal: unable to access β€˜https://github.com/marthoc/hassio-addons/’: Couldn’t resolve host β€˜github.com’’.

ax42 mentioned he had this issue.

Steps to reproduce

Install the pi-hole addon. I used non-standard ports (880, 4443) but otherwise the default configuration. Then try and add a github addon source.

Proposed changes

I removed pi-hole, rebooted and I am now able to add the repository + got an update notification for Home Assistant. I hope to use pi-hole in the future. Thanks for working on this mate.

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

This issue was moved by frenck from hassio-addons/repository/issues/79.

Request: Allow the DHCP function to be used.

Problem/Motivation

Allow the DHCP function in Pi-Hole to be used

Expected behavior

DHCP portion of Pi-Hole should report usage of DHCP addresses and computers should get an IP and report HassIO as the DHCP server

Actual behavior

No IP Addresses are being assigned and nothing is reported in the DHCP options

Steps to reproduce

Configure HassIO/Pi-Hole as the only DHCP server in the network

Proposed changes

I'm not a Docker expert (far from it) but I can search and I found the following GitHub repository which has DHCP server container which is also Alpine based. The dockerfile uses port 67 (TCP and UDP) which the listening port for DHCP requests. The TCP port should not be needed IMO.
https://github.com/jcbiellikltd/docker-dhcpd/blob/master/Dockerfile
Downside is that this may cause incompatibility with the DHCP Server addon.

Update documentation to specify the step of setting up DNS address in router settings

Problem/Motivation

After going through pi-hole add on installation, on web interface I was not seeing any information about total queries, queries blocked etc. as I have not configured my DNS address in router settings.

Expected behavior

In installation guide, we could have extra line/note to make sure that users don't forget to set it up.

Actual behavior

N/A

Steps to reproduce

  1. Install add-on on hassio.
  2. Go to pi-hole web interface.
  3. Observe dashboard data.

Proposed changes

Add extra step to installation guide to configure DNS address correctly.

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

Question - Configuration with Caddy Proxy Addon

I have two issues that I think might be related to my configuration of the Pi-hole addon, or other addons I am running.

Problem:
I noticed that when clicking on https adds, I would get a security warning saying that the site had a bad certificate. When looking at the details of the warning, I noticed that it was the certificate associated with my Caddy Proxy addon for accessing my hass instant on the internet. Thinking it might be realated, I tried turrning of the Caddy Proxy, and then I didnt get a certificate warning, but I got a "This site cant be reached" message.

Is it possible to:
A) have the standard "Website Blocked" by pi-hole screen come up when hitting https blocked sites, regardless of if I am using Caddy Proxy or not.
B) if that is not possible, at least get it to not throw the security certificate error message when using Caddy Proxy.

Included my setup below:

  • Hassio version 65.5
  • Addons - Pi-hole, Caddy Proxy, Mosquito, Samba, SSH, AppDaemon3, Duckdns

Pi-hole config

{
  "log_level": "info",
  "password": "mypiholepassword",
  "update_lists_on_start": true,
  "http_port": 80,
  "https_port": 443,
  "dns_port": 53,
  "ssl": false,
  "certfile": "fullchain.pem",
  "keyfile": "privkey.pem",
  "interface": "",
  "ipv6": true,
  "ipv4_address": "",
  "ipv6_address": "",
  "virtual_host": "",
  "hosts": [
    {
      "name": "domain1.abc",
      "ip": "local IP Address"
    },
    {
      "name": "domain2.abc",
      "ip": "local IP address"
    },
    {
      "name": "domain3.abc",
      "ip": "Local IP address"
    }
  ]
}

I changed teh Caddy Proxy network configuration as followed to get it to start with the pi-hole addon running:
Container 80/tcp to Host 81
container 443/tcp to Host 443

dnsmasq: failed to create listening socket for Address in use

Problem/Motivation

dnsmasq: failed to create listening socket for Address in use

Expected behavior

dnsmasq getting its desired port

Actual behavior

a lot of attempts to get the port

Steps to reproduce

Install current Ubuntu 1804 with Hassio, install pi hole add-on

Proposed changes

Monitor the failed attempts in the log and augment the log with a hint for the user
Please check if the DNS port on your host machine are already in use by another process with: sudo lsof -i | grep "domain"
For Ubuntu 18.04 consider disabling the DNSStubListener in /etc/systemd/resolved.conf on your host. system

Reverse Proxy and Pi Hole in iframe

Problem/Motivation

Issue when using reverse proxy with pi-hole

Expected behavior

using with an iframe, nginx reverse proxy configured. pi hole should load within an iframe with this configuration as other hosted applications.

Actual behavior

with reverse proxy configuration proxy pass pointing to LAN address, pihole still seems to push my DNS url instead and so does not load.

Steps to reproduce

NGINX reverse proxy addon with the following configuration:

nginx_proxy_default.conf:

location /pihole/ {
    rewrite /pihole/(.*) /$1 break;
    proxy_pass http://192.168.0.200:4865/admin;
    proxy_redirect http:// https://;
    proxy_http_version 1.1;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $connection_upgrade;
}

panel_iframe:
  pihole:
    title: Pi-hole
    icon: mdi:block-helper
    url: https://xxxx.duckdns.org/pihole

Proposed changes

is this the behaviour of the addon itself? no other addons exhibit this behaviour so assuming pi hole issue at this point.

Visiting blocked page with port number does not redirect to admin

Problem/Motivation

When visiting the block page using a port number, it does not redirect to the admin properly.

e.g.
http://xxx.xxx.xxx.xxx:80/

Expected behavior

I expected to be redirected to the admin since I'm visiting the configured IP of Pi-hole

Actual behavior

The block page is served.

Steps to reproduce

Install and start the addon and visit the block page with the port number in the URL.

Proposed changes

Patch the Pi-hole blocked page to handle port numbers correctly.

Ref

https://community.home-assistant.io/t/repository-community-hass-io-add-ons/24705/166?u=frenck

Custom DNS not persistent between restarts

Problem/Motivation

Hi, I have set a custom DNS in the settings of pi-hole but when I restart pi-hole Add-on, the settings still show the custom one but graphs show that it's google DNS in use.

Expected behavior

Keep the custom DNS when restart

Actual behavior

The Custom DNS is overwrite by google's DNS

Steps to reproduce

Uncheck the google's DNS in the settings of pi-hole main panel, add custom dns, browse some webpage with ads to record some values for graphs, restart the add-on and browse again some web-page to see that it's the google's dns in use.

Refused to display XXX URL in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Problem/Motivation

Refused to display 'https://farmercity.m4kr.net:80/admin/index.php' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

(Why the issue was filed)
Potential change to Hassio addon repo to allow x-frame-origin to allow from any

Expected behavior

to be allowed from any source

(What you expected to happen)

Actual behavior

Blocked due to CSP policy
https://i.imgur.com/0cSAl9P.png

(What actually happened)
using this config:

{
"log_level": "info",
"password": "",
"update_lists_on_start": false,
"web_port": 80,
"dns_port": 53,
"ssl": true,
"certfile": "fullchain.pem",
"keyfile": "privkey.pem",
"interface": "",
"ipv6": true,
"ipv4_address": "farmercity.m4kr.net",
"ipv6_address": "ha.m4kr.net",
"virtual_host": "farmercity.m4kr.net"
}

Steps to reproduce

after adding domain to

(How can someone else make/see it happen)

Proposed changes

add x-fram-allow all or wildcard all

(If you have a proposed change, workaround or fix,
describe the rationale behind it)

whitelist txt

How can i import an whitelist txt?
All the information i get is to ssh i don't know how to on this hassio addon.

Addon fails to start when IPv6 is not present on network

Problem/Motivation

The addon fails to start when it is running on a network without IPv6.

Expected behavior

I expected it to start and detect the missing IPv6. As a result, it should automatically disable IPv6.

Actual behavior

The add-on crashes, without any notification or message.

Sample debug log output:

DEBUG: Setting Pi-hole IPv4 address
DEBUG: Detecting IPv4 address to use with Pi-hole
DEBUG: Setting IPv4 address to: 10.0.2.171/24
DEBUG: Setting Pi-hole IPv6 address
DEBUG: Detecting IPv6 address to use with Pi-hole
[cont-init.d] 11-pihole.sh: exited 1.
[cont-finish.d] executing container finish scripts...
[cont-finish.d] done.
[s6-finish] syncing disks.
[s6-finish] sending all processes the TERM signal.

Steps to reproduce

See above.

Proposed changes

  • Add correct error handling to the detection part
  • Ensure networks without IPv6 are detected properly

Ref

Chat log on Discord with MagnusO:

MagnusO - Today at 8:02 AM
Cool! Another question....I cannot reach the interface, and the log always ends with this:
DEBUG: Setting Pi-hole IPv4 address
DEBUG: Detecting IPv4 address to use with Pi-hole
DEBUG: Setting IPv4 address to: 10.0.2.171/24
DEBUG: Setting Pi-hole IPv6 address
DEBUG: Detecting IPv6 address to use with Pi-hole
[cont-init.d] 11-pihole.sh: exited 1.
[cont-finish.d] executing container finish scripts...
[cont-finish.d] done.
[s6-finish] syncing disks.
[s6-finish] sending all processes the TERM signal.
Frenck - Today at 8:02 AM
IPv6 issues?? Try to disable it
MagnusO - Today at 8:02 AM
2 secs
Frenck - Today at 8:02 AM
Or specify the address manually
It might be a big tho, what platform do you use?
MagnusO - Today at 8:04 AM
Yeah. disabling ipv6 fixed it
Frenck - Today at 8:05 AM
That part could use some error handling, that’s a todo at least
Nevertheless, it should not error
MagnusO - Today at 8:06 AM
hehe... Maybe the examples should show the config with ipv6 disbaled by default? I mean, most people will copy/paste, reagrdless of your warning against it... :wink:
Frenck - Today at 8:06 AM
Well it should disable IPv6 when it is not present
So... still it looks like a bug
What platform do you use?
MagnusO - Today at 8:07 AM
hassio on rpi3
Frenck - Today at 8:08 AM
Ow... that is actually a tested platform
Do you use a custom install or did you use the Hass.io image?
MagnusO - Today at 8:08 AM
Standard image
Frenck - Today at 8:09 AM
Ok, does your provider offer IPv6?
MagnusO - Today at 8:09 AM
Yes, but I have it disabled on the gateway.
Both for th WAN interface and all internal networks
Frenck - Today at 8:10 AM
Ah ok
I do have IPv6 in my setup
So that is where it went wrong
I will debug it and try to solve it generally. Thanks for the feedback!

README.md typo

Example configuration:

panel_iframe:
  terminal:
    title: Pi-hole
    icon: mdi:block-helper
    url: http://addres.to.your.hass.io/admin/index.php

Maybe should be:

panel_iframe:
  pihole:
    title: Pi-hole
    icon: mdi:block-helper
    url: http://addres.to.your.hass.io/admin/index.php

Pi-Hole Whitelisting of DNS Address not working through gui

Problem/Motivation

When trying to whitelist a previously blocked domain, it appears to work in gui, but doesn't.

This was a bug in the pi-hole build used for the add-on and fixed in a subsequent release.

See: https://discourse.pi-hole.net/t/psa-having-whitelisting-issues-with-3-3-read-here/7393

Proposed changes

Update to newer release of Pi-Hole.

Pi-hole Userspace
Hi All, After a few days of pulling out our hair and troubleshooting this whitelisting issue that some of you have reported, we’re finally getting to the bottom of it. The good news is, whitelisting is not completely broken. You can still whitelist domains from the cli with no issues by calling pihole -w [domain-to-whitelist]. The issue only affects whitelisting from the admin page (whitelist page, query log, and block page) Take a look over this pull request where I’ve attempted to explain w...

Logging functions (enable/disable/clear) don't seem to work

Problem/Motivation

The buttons in the UI to enable/disable/clear the query log seem to make no difference.

Expected behavior

  1. Disabling the log would stop recording the traffic.
  2. Enabling would record traffic
  3. Clear would erase the historic graph and "top blocked/requested domains"

Actual behavior

All three of these functions seem to have no impact. Query logging seems to be on all the time, and there seems to be no way to clear the data.

[Enhanchment] Allow to configure custom dnsmasq settings

Problem/Motivation

I'am using Plex and wanted to configure rebind-domain-ok like described here

Expected behavior

Config value which allows to configure custom dnsmasq settings.

Actual behavior

Currently not implemented

Steps to reproduce

N/A

Proposed changes

Add a config value like "custom-dnsmasq" which expects an array of string which are (for example) written to /etc/dnsmasq.d/02-custom-settings.conf

Thanks in advance :-)

FATAL: Opening of FTL log (/var/log/pihole-FTL.log) failed!

Problem/Motivation

my log is full of (Rpi3; HassIO; Hass.io supervisor version 115; Pi-hole 1.2.0)

 FATAL: Opening of FTL log (/var/log/pihole-FTL.log) failed!
       Make sure it exists and is writeable by user pihole

Expected behavior

writeble file, I am not sure if the path is correct - ssh to hassio and browse to /var/log/ - empty folder, when I create a log file there and set 666 the result is the same

Actual behavior

full log

Steps to reproduce

after every restart

Add securing techniques to documentation

Problem/Motivation

Too many people are asking for help with simple errors such as:

  • FATAL: Please choose a different password, this one is unsafe!
  • FATAL: The configured certfile is not found

Expected behavior

If someone follows the steps in the Installation section of the documentation, they should know that a secure password and setting up an SSL certificate are required by default.

Actual behavior

People are often confused by errors because they followed the current installation steps properly.

Steps to reproduce

Follow the steps found in the current installation section of the documentation.

Proposed changes

  1. Add a step explaining to set a secure password.
  2. Add a step explaining that SSL certificates need to be generated, otherwise SSL needs to be set to false.

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

hosts config directive seems to not work

Problem/Motivation

I've run PiHole in Hassio with this parameter:

"hosts": [
{
"name": "xxxxxx.duckdns.org",
"ip": "192.168.0.48"
}
]

Expected behavior

With my router as the lan DNS, and the pihole as the router DNS, i expect to be able to resolve xxxxxx.duckdns.org locally, not via google dns (that gives the public ip, not the lan one)

Actual behavior

The PiHole does not resolve the host at all. It works for all other hosts, but does not resolve this one.

Steps to reproduce

You can try same thing.

Proposed changes

nope

Create `/admin` alias

Problem/Motivation

A lot of API connectors expect the interface to be running on /admin. v2 changed this and removed the /admin part.

Expected behavior

/admin to show the Pi-hole admin interface as well.

Actual behavior

404 - not found

Steps to reproduce

Visit /admin on the Pi-hole web interface.

Proposed changes

Create a nginx "alias" for /admin

gravity gives Status: Connection Refused

Problem/Motivation

I had to dnsmasq user bug #35 so I decided to reinstall pihole, but after fresh install, it is not able to pull it's blocklists anymore.

On hass.io shell I still can resolve and curl github.

Config

{
  "log_level": "info",
  "password": "",
  "update_lists_on_start": true,
  "admin_port": 80,
  "dns_port": 53,
  "ssl": false,
  "certfile": "fullchain.pem",
  "keyfile": "privkey.pem",
  "interface": "wlan0",
  "ipv6": false,
  "ipv4_address": "",
  "ipv6_address": "",
  "virtual_host": "",
  "hosts": [],
  "i_like_to_be_pwned": true,
  "leave_front_door_open": true
}

Full Log

[cont-init.d] 00-banner.sh: exited 0.
[cont-init.d] 01-log-level.sh: executing... 
Log level is set to INFO
[cont-init.d] 01-log-level.sh: exited 0.
[cont-init.d] 02-updates.sh: executing... 
INFO: You are running the latest version of this add-on
[cont-init.d] 02-updates.sh: exited 0.
[cont-init.d] 10-requirements.sh: executing... 
[cont-init.d] 10-requirements.sh: exited 0.
[cont-init.d] 20-patches.sh: executing... 
[cont-init.d] 20-patches.sh: exited 0.
[cont-init.d] 21-v4-migration.sh: executing... 
[cont-init.d] 21-v4-migration.sh: exited 0.
[cont-init.d] 30-pihole.sh: executing... 
[cont-init.d] 30-pihole.sh: exited 0.
[cont-init.d] 31-pihole-ftl.sh: executing... 
[cont-init.d] 31-pihole-ftl.sh: exited 0.
[cont-init.d] 32-nginx.sh: executing... 
[cont-init.d] 32-nginx.sh: exited 0.
[cont-init.d] 33-password.sh: executing... 
WARNING: No password set! This is not recommended!
  [βœ“] Password Removed
[cont-init.d] 33-password.sh: exited 0.
[cont-init.d] 34-hostname.sh: executing... 
[cont-init.d] 34-hostname.sh: exited 0.
[cont-init.d] 35-logfiles.sh: executing... 
[cont-init.d] 35-logfiles.sh: exited 0.
[cont-init.d] 36-hosts.sh: executing... 
[cont-init.d] 36-hosts.sh: exited 0.
[cont-init.d] 50-gravity.sh: executing... 
FTL started!
  [i] Neutrino emissions detected...

  [βœ“] Pulling blocklist source list into range
  [i] Target: raw.githubusercontent.com (hosts)
  [i] Status: Pending...

  [βœ—] Status: Connection Refused
  [βœ—] List download failed: no cached list available
  [i] Target: mirror1.malwaredomains.com (justdomains)
  [i] Status: Pending...

  [βœ—] Status: Connection Refused
  [βœ—] List download failed: no cached list available
  [i] Target: sysctl.org (hosts)
  [i] Status: Pending...

  [βœ—] Status: Connection Refused
  [βœ—] List download failed: no cached list available
  [i] Target: zeustracker.abuse.ch (blocklist.php?download=domainblocklist)
  [i] Status: Pending...

  [βœ—] Status: Connection Refused
  [βœ—] List download failed: no cached list available
  [i] Target: s3.amazonaws.com (simple_tracking.txt)
  [i] Status: Pending...

  [βœ—] Status: Connection Refused
  [βœ—] List download failed: no cached list available
  [i] Target: s3.amazonaws.com (simple_ad.txt)
  [i] Status: Pending...

  [βœ—] Status: Connection Refused
  [βœ—] List download failed: no cached list available
  [i] Target: hosts-file.net (ad_servers.txt)
  [i] Status: Pending...

  [βœ—] Status: Connection Refused
  [βœ—] List download failed: no cached list available
  [i] Consolidating blocklists...

  [βœ“] Consolidating blocklists
  [i] Extracting domains from blocklists...

  [βœ“] Extracting domains from blocklists
  [i] Number of domains being pulled in by gravity: 0
  [i] Removing duplicate domains...

  [βœ“] Removing duplicate domains
  [i] Number of unique domains trapped in the Event Horizon: 0
  [i] Nothing to whitelist!
  [i] Parsing domains into hosts format...

  [βœ“] Parsing domains into hosts format
  [i] Cleaning up stray matter...

  [βœ“] Cleaning up stray matter
  [βœ“] DNS service is running
  [βœ“] Pi-hole blocking is Enabled
[cont-init.d] 50-gravity.sh: exited 0.
[cont-init.d] 99-tests.sh: executing... 
dnsmasq: syntax check OK.
[27-Aug-2018 05:43:24] NOTICE: configuration file /etc/php7/php-fpm.conf test is successful
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[cont-init.d] 99-tests.sh: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.

Pi Hole for resolving local domain names

Problem/Motivation

I’m currently using a local DNS to resolve a local hostname within my network. Is there a way I can get the same functionality in the pi-hole addon?

Expected behavior

According to this walkthrough, it seems like it would be possible if we could create our own dnsmasq conf file.

Actual behavior

There is no current ability to create your own local DNS records

Proposed changes

Add the capability to add our own custom DNS records to pi-hole, either through the configuration, or through editing config files directly.

Tip: Using PiHole as DNS server for Home Assistant and other addons

Problem/Motivation

It is useful to be able to have other addons use the PiHole addon for DNS requests, but this won't work with the default config. The fix for this is easy, but not obvious.

Expected behavior

Home Assistant and addons can use the PiHole addon for DNS requests.

Actual behavior

DNS requests timeout.

Proposed changes

Two simple config changes allow for this to work.

  1. Set HassIO's static IP as a dns server in the ResinOS network config (Do not use 127.0.0.1 as Docker will ignore that). eg:
[ipv4]
address1=192.168.1.111/24,192.168.1.1
dns=192.168.1.111;8.8.8.8;8.8.4.4;
dns-search=lan.example.net
method=manual
  1. In the PiHole Settings -> DNS tab, select "Listen on all interfaces, permit all origins".

I recommend including this information in the documentation.

pi hole not updating to latest version 2.1.1

this was triggered after an attemp to pihole update ,
after that , not only pihole does not work , but now it seams the hassio server has problems connecting to any required outside resourse.
i have configured , dns, 8.8.8.8 on the machine running hassio , but still not working .

restored the pihole backup , but it aint work,

19-01-09 04:03:26 INFO (SyncWorker_2) [hassio.docker.interface] Update Docker None with hassioaddons/pi-hole-amd64:2.1.1
19-01-09 04:03:26 INFO (SyncWorker_2) [hassio.docker.interface] Pull image hassioaddons/pi-hole-amd64 tag 2.1.1.
19-01-09 04:03:41 ERROR (SyncWorker_2) [hassio.docker.interface] Can't install hassioaddons/pi-hole-amd64:2.1.1 -> 500 Server Error: Internal Server Error ("Get https://registry-1.docker.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)").
19-01-09 04:05:48 ERROR (SyncWorker_0) [hassio.docker] Can't create container from addon_a0d7b954_pi-hole: 404 Client Error: Not Found ("No such image: hassioaddons/pi-hole-amd64:latest")

Logs not properly being flushed

Problem/Motivation

running the flush logs script in the UI, does not actually clear out the database, and the log rotate may not be happening either.

Expected behavior

when clicking the flush logs, I expect the graphs to clear the data.

Actual behavior

the data is still in the graphs.

Steps to reproduce

using docker exec into the running container and running pihole -f shows this output

[i] Flushing /var/log/pihole.log ...error: Ignoring /etc/logrotate.d/pihole because it is writable by group or others.

error: Ignoring /etc/logrotate.d/pihole because it is writable by group or others.

/opt/pihole/piholeLogFlush.sh: line 59: sqlite3: command not found

[βœ“] Flushed /var/log/pihole.log

[βœ“] Deleted  queries from database

Proposed changes

in the container /etc/logrotate.d/pihole original permissions were

-rw-rw-rw- 1 root root  208 Jun 15  2018 pihole

I was able to fix the log rotate issue by running,

chmod 644 /etc/logrotate.d/pihole

In the v2.1.0 repo tag the file shows the proper file permissions, -rw-r--r-- I've dug around, but I couldn't find where it's getting changed or where to change it in the install/docker process.

and to install sqlite, sqlite-3.24.0-r0 is the version it installed

apk --no-cache add sqlite

I'm assuming that would just get added to the docker file in the normal app install process.

After those tweaks running pinhole -f shows data being removed from the /etc/pihole/pihole-FTL.db file.

PiHole Addon for Hassio errors out when starting

Problem/Motivation

I configured the PiHole addon with default settings except for setting the virtual host, the interface, and SSL certificate location. SSL is set to false. When I try to start the addon it errors and does not start.

Expected behavior

I expected the addon to start normally

Actual behavior

Here is the log showing the failure:

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] 01-resolver-resolv: applying... 
[fix-attrs.d] 01-resolver-resolv: exited 0.
[fix-attrs.d] 01-sudo: applying... 
[fix-attrs.d] 01-sudo: exited 0.
[fix-attrs.d] 02-nginx: applying... 
[fix-attrs.d] 02-nginx: exited 0.
[fix-attrs.d] 03-pihole: applying... 
[fix-attrs.d] 03-pihole: exited 0.
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 00-banner.sh: executing... 
-----------------------------------------------------------
 Hass.io Add-on: Pi-hole v2.0.4
 Network-wide ad blocking using your Hass.io instance
 From: Community Hass.io Add-ons
 By: Franck Nijhof <[email protected]>
-----------------------------------------------------------
 armhf / HassOS 1.10 / HA 0.77.3 / SU 128 / stable
-----------------------------------------------------------
[cont-init.d] 00-banner.sh: exited 0.
[cont-init.d] 01-log-level.sh: executing... 
Log level is set to INFO
[cont-init.d] 01-log-level.sh: exited 0.
[cont-init.d] 02-updates.sh: executing... 
INFO: You are running the latest version of this add-on
[cont-init.d] 02-updates.sh: exited 0.
[cont-init.d] 10-requirements.sh: executing... 
INFO: Password is NOT in the Have I Been Pwned database! Nice!
[cont-init.d] 10-requirements.sh: exited 0.
[cont-init.d] 20-patches.sh: executing... 
[cont-init.d] 20-patches.sh: exited 0.
[cont-init.d] 21-v4-migration.sh: executing... 
[cont-init.d] 21-v4-migration.sh: exited 0.
[cont-init.d] 30-pihole.sh: executing... 
[cont-init.d] 30-pihole.sh: exited 0.
[cont-init.d] 31-pihole-ftl.sh: executing... 
[cont-init.d] 31-pihole-ftl.sh: exited 0.
[cont-init.d] 32-nginx.sh: executing... 
sed: -e expression #1, char 21: unknown option to `s'
[cont-init.d] 32-nginx.sh: exited 1.
[cont-finish.d] executing container finish scripts...
[cont-finish.d] 99-message.sh: executing... 
-----------------------------------------------------------
                Oops! Something went wrong.
 
 We are so sorry, but something went terribly wrong when
 starting or running this add-on.
 
 Be sure to check the log above, line by line, for hints.
-----------------------------------------------------------
[cont-finish.d] 99-message.sh: exited 0.
[cont-finish.d] done.
[s6-finish] syncing disks.
[s6-finish] sending all processes the TERM signal.

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

dnsmasq not starting

Problem/Motivation

since the update this night pi-hole end in an infinity loop with this error:
dnsmasq: unknown user or group: dnsmasq,

Steps to reproduce

update to 2.0.1

Hardware

  • raspberry pi 3

Software

  • Arch Linux aarch64
  • Home Assistant 0.75.3
  • Addon pi-hole 2.0.1

Full Log

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.,
[s6-init] ensuring user provided files have correct perms...exited 0.,
[fix-attrs.d] applying ownership & permissions fixes...,
[fix-attrs.d] 01-resolver-resolv: applying... ,
[fix-attrs.d] 01-resolver-resolv: exited 0.,
[fix-attrs.d] 01-sudo: applying... ,
[fix-attrs.d] 01-sudo: exited 0.,
[fix-attrs.d] 02-nginx: applying... ,
[fix-attrs.d] 02-nginx: exited 0.,
[fix-attrs.d] 03-pihole: applying... ,
[fix-attrs.d] 03-pihole: exited 0.,
[fix-attrs.d] done.,
[cont-init.d] executing container initialization scripts...,
[cont-init.d] 00-banner.sh: executing... ,
,
-----------------------------------------------------------,
 Hass.io Add-on: Pi-hole v2.0.1,
,
 Network-wide ad blocking using your Hass.io instance,
,
 From: Community Hass.io Add-ons,
 By: Franck Nijhof <[email protected]>,
-----------------------------------------------------------,
 aarch64 / Arch Linux ARM / HA 0.75.3 / SU 127 / stable,
-----------------------------------------------------------,
[cont-init.d] 00-banner.sh: exited 0.,
[cont-init.d] 01-log-level.sh: executing... ,
Log level is set to INFO,
[cont-init.d] 01-log-level.sh: exited 0.,
[cont-init.d] 02-updates.sh: executing... ,
,
INFO: You are running the latest version of this add-on,
[cont-init.d] 02-updates.sh: exited 0.,
[cont-init.d] 10-requirements.sh: executing... ,
INFO: Password is NOT in the Have I Been Pwned database! Nice!,
[cont-init.d] 10-requirements.sh: exited 0.,
[cont-init.d] 20-patches.sh: executing... ,
,
[cont-init.d] 20-patches.sh: exited 0.,
[cont-init.d] 21-v4-migration.sh: executing... ,
[cont-init.d] 21-v4-migration.sh: exited 0.,
[cont-init.d] 30-pihole.sh: executing... ,
[cont-init.d] 30-pihole.sh: exited 0.,
[cont-init.d] 31-pihole-ftl.sh: executing... ,
[cont-init.d] 31-pihole-ftl.sh: exited 0.,
[cont-init.d] 32-nginx.sh: executing... ,
[cont-init.d] 32-nginx.sh: exited 0.,
[cont-init.d] 33-password.sh: executing... ,
  [βœ“] New password set,
[cont-init.d] 33-password.sh: exited 0.,
[cont-init.d] 34-hostname.sh: executing... ,
,
[cont-init.d] 34-hostname.sh: exited 0.,
[cont-init.d] 35-logfiles.sh: executing... ,
[cont-init.d] 35-logfiles.sh: exited 0.,
[cont-init.d] 36-hosts.sh: executing... ,
[cont-init.d] 36-hosts.sh: exited 0.,
[cont-init.d] 50-gravity.sh: executing... ,
[cont-init.d] 50-gravity.sh: exited 0.,
[cont-init.d] 99-tests.sh: executing... ,
dnsmasq: syntax check OK.,
[24-Aug-2018 09:30:41] NOTICE: configuration file /etc/php7/php-fpm.conf test is successful,
,
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok,
nginx: configuration file /etc/nginx/nginx.conf test is successful,
[cont-init.d] 99-tests.sh: exited 0.,
[cont-init.d] done.,
[services.d] starting services,
[services.d] done.,
,
dnsmasq: unknown user or group: dnsmasq,
,
dnsmasq: unknown user or group: dnsmasq,
,
dnsmasq: unknown user or group: dnsmasq,
,
dnsmasq: unknown user or group: dnsmasq,
,
dnsmasq: unknown user or group: dnsmasq,
,
dnsmasq: unknown user or group: dnsmasq,
,
dnsmasq: unknown user or group: dnsmasq,
,
dnsmasq: unknown user or group: dnsmasq,
,
dnsmasq: unknown user or group: dnsmasq,
,
dnsmasq: unknown user or group: dnsmasq,
,
dnsmasq: unknown user or group: dnsmasq,
,
dnsmasq: unknown user or group: dnsmasq,
,
dnsmasq: unknown user or group: dnsmasq,
,
dnsmasq: unknown user or group: dnsmasq,
,
dnsmasq: unknown user or group: dnsmasq,
,
dnsmasq: unknown user or group: dnsmasq,
[cont-finish.d] executing container finish scripts...,
[cont-finish.d] 99-message.sh: executing... ,
[cont-finish.d] 99-message.sh: exited 0.,
[cont-finish.d] done.,
[s6-finish] syncing disks.,
[s6-finish] sending all processes the TERM signal.,

container won't start if a logfile exists

Problem/Motivation

sometimes the container can't start because of an existing log file.

ln: failed to create symbolic link '/var/log/pihole.log': File exists,
[cont-init.d] 35-logfiles.sh: exited 1.,
[cont-finish.d] 99-message.sh: exited 0.,
[cont-finish.d] executing container finish scripts...,
-----------------------------------------------------------,
[cont-finish.d] 99-message.sh: executing... ,
                Oops! Something went wrong.,
 ,
 We are so sorry, but something went terribly wrong when,
 starting or running this add-on.,
 Be sure to check the log above, line by line, for hints.

Expected behavior

the logs are deleted.

Actual behavior

container shuts down

Proposed changes

the script 35-logfiles.sh have to delete the log file if it exists before creating the link.

Pihole on another Pi works - Pihole as an addon in HA doesn't

Currently I have my hassio and pihole systems running on two separate pi’s.

I had and have problems running both on one device.
Lately my pi zero w with pihole running made some problems. I had to unplug it to make it work again.
Also my hassio runs on a raspi connected via ethernet (so this might my slightly faster and more reliable)
The main reason why I had to set this up, is because my router does not support nat loopback.
So I first used dnsmasq and than switched to pihole (because of its benefits).

Now I’d like to β€œmerge” both systems to use only one ethernet connected device. So I installed the pihole addon on my hassio. (So I turned off my pi zero, changed the dns in my router to the ip of my hassio)
My setup looks the same like tod36 posted here (https://community.home-assistant.io/t/community-hass-io-add-on-pi-hole/33817/341?u=h4nc), but I’m facing issues with some components. Components like netamo, alexa-mediaplayer and some else don’t get connected. There is however an internet connection, because my ping sensor und Aqara componet work.

I get some errors, most about failing SSL handshakes.
I think this might be the problem (copied from one of the errors).

ssl.CertificateError: hostname 'localhost' doesn't match β€šXXXXXX.duckdns.org'

How can I solve this issue?

EDIT:

After commenting out the pihole-sensor the ssl errors are gone.

But still most of my components can’t connect. This is one example (tado):

Error during setup of component tado
Traceback (most recent call last):
File "/usr/local/lib/python3.6/urllib/request.py", line 1318, in do_open
encode_chunked=req.has_header('Transfer-encoding'))
File "/usr/local/lib/python3.6/http/client.py", line 1239, in request
self._send_request(method, url, body, headers, encode_chunked)
File "/usr/local/lib/python3.6/http/client.py", line 1285, in _send_request
self.endheaders(body, encode_chunked=encode_chunked)
File "/usr/local/lib/python3.6/http/client.py", line 1234, in endheaders
self._send_output(message_body, encode_chunked=encode_chunked)
File "/usr/local/lib/python3.6/http/client.py", line 1026, in _send_output
self.send(msg)
File "/usr/local/lib/python3.6/http/client.py", line 964, in send
self.connect()
File "/usr/local/lib/python3.6/http/client.py", line 1392, in connect
super().connect()
File "/usr/local/lib/python3.6/http/client.py", line 936, in connect
(self.host,self.port), self.timeout, self.source_address)
File "/usr/local/lib/python3.6/socket.py", line 704, in create_connection
for res in getaddrinfo(host, port, 0, SOCK_STREAM):
File "/usr/local/lib/python3.6/socket.py", line 745, in getaddrinfo
for res in _socket.getaddrinfo(host, port, family, type, proto, flags):
socket.gaierror: [Errno -3] Try again

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/usr/local/lib/python3.6/site-packages/homeassistant/setup.py", line 148, in _async_setup_component
component.setup, hass, processed_config) # type: ignore
File "/usr/local/lib/python3.6/concurrent/futures/thread.py", line 56, in run
result = self.fn(*self.args, **self.kwargs)
File "/usr/local/lib/python3.6/site-packages/homeassistant/components/tado.py", line 47, in setup
tado = Tado(username, password)
File "/usr/local/lib/python3.6/site-packages/PyTado/interface.py", line 292, in init
self._loginV2(username, password)
File "/usr/local/lib/python3.6/site-packages/PyTado/interface.py", line 154, in _loginV2
response = self.opener.open(req)
File "/usr/local/lib/python3.6/urllib/request.py", line 526, in open
response = self._open(req, data)
File "/usr/local/lib/python3.6/urllib/request.py", line 544, in _open
'_open', req)
File "/usr/local/lib/python3.6/urllib/request.py", line 504, in _call_chain
result = func(*args)
File "/usr/local/lib/python3.6/urllib/request.py", line 1361, in https_open
context=self._context, check_hostname=self._check_hostname)
File "/usr/local/lib/python3.6/urllib/request.py", line 1320, in do_open
raise URLError(err)
urllib.error.URLError: <urlopen error [Errno -3] Try again>

I hope someone is able to help.
So in conclusion, using to pi's one running ha and one pihole everything works fine. Using the addon doesn't work for me.

Home Assistant Community
I’ve been stuck with 1 issue and it has to do with sensor information. Unable to fetch data from Pi-hole 3:20 PM components/sensor/pi_hole.py (ERROR) Can not load data from *hole: localhost:4865 3:20 PM util/async_.py (ERROR) Here’s my sensor initialization in config.yaml # Sensors sensor: - platform: pi_hole host: localhost:4865 monitored_conditions: - ads_blocked_today - dns_queries_today - unique_clients ssl: true I’ve tried every host possible from all th...

Step 36-hosts.sh takes long time to run

Problem/Motivation

I enabled debug to test the dnsmasq user issue and while it was on exposed something about why my particular setup was taking a while to load. I have 35 entries in my hosts config list for the addon and it takes on average 8 seconds for each entry to be added adding nearly 5 minutes to the startup of the PiHole addon.

Expected behavior

Hosts entries should be quick to add

Actual behavior

Host entries take on average 8 seconds per host to add

Steps to reproduce

Enable debug and add a long list of hosts and watch the logs during startup.

Hardware & Software

  • RasPi3,
  • HA 0.76.2
  • SU 127
  • HassIO 1.9
  • Arch Linux aarch64
  • Pi-Hole addon 1.3.0 and 2.0.2

Proposed changes

Maybe instead of iterating over the list one entry at a time inject the entire list at once?

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

Update component example for v2

Problem/Motivation

The add-on changed its default port and admin location since v2 of the add-on.

The documentation was not updated to reflect this.

DNS issue

With the following Options:

{
  "log_level": "info",
  "password": "",
  "update_lists_on_start": true,
  "web_port": 80,
  "dns_port": 53,
  "ssl": false,
  "certfile": "fullchain.pem",
  "keyfile": "privkey.pem",
  "interface": "",
  "ipv6": true,
  "ipv4_address": "",
  "ipv6_address": "",
  "virtual_host": ""
}

It failed to load from what appears to be a DNS issue. When I change the port from 53 to 54 it works fine but I don't know what implications there are from changing the DNS port.

Log:

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] 01-resolver-resolv: applying... 
[fix-attrs.d] 01-resolver-resolv: exited 0.
[fix-attrs.d] 01-sudo: applying... 
[fix-attrs.d] 01-sudo: exited 0.
[fix-attrs.d] 02-nginx: applying... 
[fix-attrs.d] 02-nginx: exited 0.
[fix-attrs.d] 03-pihole: applying... 
[fix-attrs.d] 03-pihole: exited 0.
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 00-banner.sh: executing... 
-----------------------------------------------------------
 Hass.io Add-on: Pi-hole v0.1.1
 Network-wide ad blocking using your Hass.io instance
 From: Community Hass.io Add-ons
 By: Franck Nijhof <[email protected]>
-----------------------------------------------------------
[cont-init.d] 00-banner.sh: exited 0.
[cont-init.d] 01-log-level.sh: executing... 
Log level is set to INFO
[cont-init.d] 01-log-level.sh: exited 0.
[cont-init.d] 02-updates.sh: executing... 
INFO: You are running the latest version of this add-on
[cont-init.d] 02-updates.sh: exited 0.
[cont-init.d] 10-patches.sh: executing... 
[cont-init.d] 10-patches.sh: exited 0.
[cont-init.d] 11-pihole.sh: executing... 
[cont-init.d] 11-pihole.sh: exited 0.
[cont-init.d] 12-dnsmasq.sh: executing... 
[cont-init.d] 12-dnsmasq.sh: exited 0.
[cont-init.d] 13-nginx.sh: executing... 
[cont-init.d] 13-nginx.sh: exited 0.
[cont-init.d] 14-password.sh: executing... 
WARNING: No password set! This is not recommended!
Password Removed
[cont-init.d] 14-password.sh: exited 0.
[cont-init.d] 15-hostname.sh: executing... 
[cont-init.d] 15-hostname.sh: exited 0.
[cont-init.d] 16-logfiles.sh: executing... 
[cont-init.d] 16-logfiles.sh: exited 0.
[cont-init.d] 50-gravity.sh: executing... 
dnsmasq: failed to create listening socket for port 53: Address in use
[cont-init.d] 50-gravity.sh: exited 2.
[cont-finish.d] executing container finish scripts...
[cont-finish.d] done.
[s6-finish] syncing disks.
[s6-finish] sending all processes the TERM signal.

Can't remove blacklisted domains

Problem/Motivation

Seems that I can't remove blacklisted domains from dashboard ... got a "failed to remove the domain" message. Can you check this please ?

After a reboot Pi-hole loses connection and causes other connection issues

Problem/Motivation

I rebooted my Raspberry Pi. When everything started back up Home Assistant was asking me to authenticate everything again, but wouldn't work. Eventually I disabled the Pi-hole addon and everything else started working again.

Expected behavior

I expect Pi-hole to work after a reboot.

Actual behavior

I can't get the addon to work again after several reboots and reinstalling the addon several times. When I start it, here is the log:

INFO: You are running the latest version of this add-on
[cont-init.d] 02-updates.sh: exited 0.
[cont-init.d] 03-version-requirements.sh: executing... 
[cont-init.d] 03-version-requirements.sh: exited 0.
[cont-init.d] 10-requirements.sh: executing... 
[cont-init.d] 10-requirements.sh: exited 0.
[cont-init.d] 11-patches.sh: executing... 
[cont-init.d] 11-patches.sh: exited 0.
[cont-init.d] 11-pihole.sh: executing... 
[cont-init.d] 11-pihole.sh: exited 0.
[cont-init.d] 12-dnsmasq.sh: executing... 
[cont-init.d] 12-dnsmasq.sh: exited 0.
[cont-init.d] 13-nginx.sh: executing... 
[cont-init.d] 13-nginx.sh: exited 0.
[cont-init.d] 14-password.sh: executing... 
  [βœ“] New password set
[cont-init.d] 14-password.sh: exited 0.
[cont-init.d] 15-hostname.sh: executing... 
[cont-init.d] 15-hostname.sh: exited 0.
[cont-init.d] 16-logfiles.sh: executing... 
[cont-init.d] 16-logfiles.sh: exited 0.
[cont-init.d] 17-hosts.sh: executing... 
[cont-init.d] 17-hosts.sh: exited 0.
[cont-init.d] 50-gravity.sh: executing... 
  [i] Neutrino emissions detected...
  [i] Pulling blocklist source list into range...

  [βœ“] Pulling blocklist source list into range
  [i] Target: raw.githubusercontent.com (hosts)
  [i] Status: Pending...

  [βœ—] Status: Connection Refused
  [βœ—] List download failed: no cached list available
  [i] Target: mirror1.malwaredomains.com (justdomains)
  [i] Status: Pending...

  [βœ—] Status: Connection Refused
  [βœ—] List download failed: no cached list available
  [i] Target: sysctl.org (hosts)
  [i] Status: Pending...

  [βœ—] Status: Connection Refused
  [βœ—] List download failed: no cached list available
  [i] Target: zeustracker.abuse.ch (blocklist.php?download=domainblocklist)
  [i] Status: Pending...

  [βœ—] Status: Connection Refused
  [βœ—] List download failed: no cached list available
  [i] Target: s3.amazonaws.com (simple_tracking.txt)
  [i] Status: Pending...

  [βœ—] Status: Connection Refused
  [βœ—] List download failed: no cached list available
  [i] Target: s3.amazonaws.com (simple_ad.txt)
  [i] Status: Pending...

  [βœ—] Status: Connection Refused
  [βœ—] List download failed: no cached list available
  [i] Target: hosts-file.net (ad_servers.txt)
  [i] Status: Pending...

  [βœ—] Status: Connection Refused
  [βœ—] List download failed: no cached list available
  [i] Consolidating blocklists...

  [βœ“] Consolidating blocklists
  [i] Extracting domains from blocklists...

  [βœ“] Extracting domains from blocklists
  [i] Number of domains being pulled in by gravity: 0
  [i] Removing duplicate domains...

  [βœ“] Removing duplicate domains
  [i] Number of unique domains trapped in the Event Horizon: 0
  [i] Number of blocklist source domains being added to the whitelist: 6...

  [i] Number of blocklist source domains being added to the whitelist: 6
  [i] Number of whitelisted domains: 6...

  [i] Number of whitelisted domains: 6
  [i] Parsing domains into hosts format...

  [βœ“] Parsing domains into hosts format
  [i] Cleaning up stray matter...

  [βœ“] Cleaning up stray matter
  [βœ—] dnsmasq: no process found
pihole-FTL: no process found
  [βœ“] DNS service is running
  [βœ“] Pi-hole blocking is Enabled
[cont-init.d] 50-gravity.sh: exited 0.
[cont-init.d] 99-tests.sh: executing... 
dnsmasq: syntax check OK.
[10-Feb-2018 09:01:33] NOTICE: configuration file /etc/php7/php-fpm.conf test is successful
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[cont-init.d] 99-tests.sh: exited 0.
[cont-init.d] done.
[services.d] starting services
starting version 3.2.4
[services.d] done.

When it's "running" I start getting all kinds of connection errors in home-assistant.log like this...

2018-02-10 09:02:27 ERROR (SyncWorker_5) [homeassistant.components.sensor.darksky] Unable to connect to Dark Sky. HTTPSConnectionPool(host='api.darksky.net', port=443): Max retries exceeded with url: /forecast/cb6fe6ac0e42881a64ae49719334b90b/43.4692,-83.998863?units=us (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7268e5f0>: Failed to establish a new connection: [Errno -3] Try again',))
2018-02-10 09:02:48 ERROR (MainThread) [homeassistant.helpers.entity] Update for camera.entryway fails
Traceback (most recent call last):
  File "/usr/lib/python3.6/site-packages/urllib3/connection.py", line 141, in _new_conn
    (self.host, self.port), self.timeout, **extra_kw)
  File "/usr/lib/python3.6/site-packages/urllib3/util/connection.py", line 60, in create_connection
    for res in socket.getaddrinfo(host, port, family, socket.SOCK_STREAM):
  File "/usr/lib/python3.6/socket.py", line 745, in getaddrinfo
    for res in _socket.getaddrinfo(host, port, family, type, proto, flags):
socket.gaierror: [Errno -3] Try again

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3.6/site-packages/urllib3/connectionpool.py", line 601, in urlopen
    chunked=chunked)
  File "/usr/lib/python3.6/site-packages/urllib3/connectionpool.py", line 346, in _make_request
    self._validate_conn(conn)
  File "/usr/lib/python3.6/site-packages/urllib3/connectionpool.py", line 850, in _validate_conn
    conn.connect()
  File "/usr/lib/python3.6/site-packages/urllib3/connection.py", line 284, in connect
    conn = self._new_conn()
  File "/usr/lib/python3.6/site-packages/urllib3/connection.py", line 150, in _new_conn
    self, "Failed to establish a new connection: %s" % e)
urllib3.exceptions.NewConnectionError: <urllib3.connection.VerifiedHTTPSConnection object at 0x6ed89b10>: Failed to establish a new connection: [Errno -3] Try again

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3.6/site-packages/requests/adapters.py", line 440, in send
    timeout=timeout
  File "/usr/lib/python3.6/site-packages/urllib3/connectionpool.py", line 639, in urlopen
    _stacktrace=sys.exc_info()[2])
  File "/usr/lib/python3.6/site-packages/urllib3/util/retry.py", line 388, in increment
    raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='developer-api.nest.com', port=443): Max retries exceeded with url: / (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x6ed89b10>: Failed to establish a new connection: [Errno -3] Try again',))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3.6/site-packages/homeassistant/helpers/entity.py", line 201, in async_update_ha_state
    yield from self.async_device_update()
  File "/usr/lib/python3.6/site-packages/homeassistant/helpers/entity.py", line 308, in async_device_update
    yield from self.hass.async_add_job(self.update)
  File "/usr/lib/python3.6/asyncio/futures.py", line 332, in __iter__
    yield self  # This tells Task to wait for completion.
  File "/usr/lib/python3.6/asyncio/tasks.py", line 250, in _wakeup
    future.result()
  File "/usr/lib/python3.6/asyncio/futures.py", line 245, in result
    raise self._exception
  File "/usr/lib/python3.6/concurrent/futures/thread.py", line 56, in run
    result = self.fn(*self.args, **self.kwargs)
  File "/usr/lib/python3.6/site-packages/homeassistant/components/camera/nest.py", line 77, in update
    self._location = self.device.where
  File "/usr/lib/python3.6/site-packages/nest/nest.py", line 233, in where
    if self.where_id is not None:
  File "/usr/lib/python3.6/site-packages/nest/nest.py", line 1230, in where_id
    return self._device['where_id']
  File "/usr/lib/python3.6/site-packages/nest/nest.py", line 1023, in _device
    return self._devices[CAMERAS][self._serial]
  File "/usr/lib/python3.6/site-packages/nest/nest.py", line 200, in _devices
    return self._nest_api._devices
  File "/usr/lib/python3.6/site-packages/nest/nest.py", line 1619, in _devices
    return self._status[DEVICES]
  File "/usr/lib/python3.6/site-packages/nest/nest.py", line 1604, in _status
    value = self._get("/")
  File "/usr/lib/python3.6/site-packages/nest/nest.py", line 1587, in _get
    return self._request('GET', path)
  File "/usr/lib/python3.6/site-packages/nest/nest.py", line 1565, in _request
    data=data)
  File "/usr/lib/python3.6/site-packages/requests/sessions.py", line 508, in request
    resp = self.send(prep, **send_kwargs)
  File "/usr/lib/python3.6/site-packages/requests/sessions.py", line 618, in send
    r = adapter.send(request, **kwargs)
  File "/usr/lib/python3.6/site-packages/requests/adapters.py", line 508, in send
    raise ConnectionError(e, request=request)
requests.exceptions.ConnectionError: HTTPSConnectionPool(host='developer-api.nest.com', port=443): Max retries exceeded with url: / (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x6ed89b10>: Failed to establish a new connection: [Errno -3] Try again',))
2018-02-10 09:02:49 ERROR (MainThread) [homeassistant.helpers.entity] Update for binary_sensor.basement_thermostat_nest_is_using_emergency_heat fails
Traceback (most recent call last):
  File "/usr/lib/python3.6/site-packages/urllib3/connection.py", line 141, in _new_conn
    (self.host, self.port), self.timeout, **extra_kw)
  File "/usr/lib/python3.6/site-packages/urllib3/util/connection.py", line 60, in create_connection
    for res in socket.getaddrinfo(host, port, family, socket.SOCK_STREAM):
  File "/usr/lib/python3.6/socket.py", line 745, in getaddrinfo
    for res in _socket.getaddrinfo(host, port, family, type, proto, flags):
socket.gaierror: [Errno -3] Try again

Steps to reproduce

I started using Hass.io last weekend and this same thing started happening (triggered by a reboot), but I didn't track it down at the time. I reinstalled everything on the Raspberry Pi from scratch and then it started happening again after a reboot.

Anything I should be looking at to fix this problem? Need any more info?

No Web UI

With the following options

{
  "log_level": "trace",
  "password": "",
  "update_lists_on_start": true,
  "web_port": 80,
  "dns_port": 53,
  "ssl": false,
  "certfile": "fullchain.pem",
  "keyfile": "privkey.pem",
  "interface": "",
  "ipv6": true,
  "ipv4_address": "",
  "ipv6_address": "",
  "virtual_host": "nottelling.duckdns.org"
}

I have added the iframe panel and the pi hole sensors, I was able to see the sensors register something other than unavailable (zeros except the last sensor for blocked domains) but I have never been able to see the web ui. The following log is left when everything is loaded. I have port forwarding on for port 80 to port 80 on my hassio instance, not sure if that is necessary.

  "version": "1.1",
  "last_version": "1.1",
  "features": [
    "shutdown",
    "reboot",
    "update",
    "hostname"
  ],
  "hostname": "hassio",
  "os": "GNU/Linux"
} .hostname
[cont-init.d] 15-hostname.sh: exited 0.
[cont-init.d] 16-logfiles.sh: executing... 
TRACE: hass.file_exists: /data/log/pihole.log
TRACE: hass.file_exists: /data/log/pihole-FTL.log
[cont-init.d] 16-logfiles.sh: exited 0.
[cont-init.d] 50-gravity.sh: executing... 
TRACE: hass.config.true: update_lists_on_start
TRACE: hass.jq.is_boolean: /data/options.json .update_lists_on_start
TRACE: hass.jq.is: /data/options.json .update_lists_on_start boolean
TRACE: hass.jq: /data/options.json .update_lists_on_start | if type=="boolean" then true else false end
TRACE: hass.config.get: update_lists_on_start
TRACE: hass.config.exists: update_lists_on_start
TRACE: hass.jq.exists: /data/options.json .update_lists_on_start
TRACE: hass.jq: /data/options.json .update_lists_on_start
TRACE: hass.jq.is_string: /data/options.json .update_lists_on_start
TRACE: hass.jq.is: /data/options.json .update_lists_on_start string
TRACE: hass.jq: /data/options.json .update_lists_on_start | if type=="string" then true else false end
TRACE: hass.jq.is_boolean: /data/options.json .update_lists_on_start
TRACE: hass.jq.is: /data/options.json .update_lists_on_start boolean
TRACE: hass.jq: /data/options.json .update_lists_on_start | if type=="boolean" then true else false end
TRACE: hass.jq: /data/options.json .update_lists_on_start // false
DEBUG: Generating block lists
:::
::: Neutrino emissions detected...
:::
::: Pulling source lists into range... done!
:::
::: Getting raw.githubusercontent.com list... done
:::   Status: Success (OK)
:::   List updated, transport successful!
::: Getting mirror1.malwaredomains.com list... done
:::   Status: Not modified
:::   No changes detected, transport skipped!
::: Getting sysctl.org list... done
:::   Status: Not modified
:::   No changes detected, transport skipped!
::: Getting zeustracker.abuse.ch list... done
:::   Status: Not modified
:::   No changes detected, transport skipped!
::: Getting s3.amazonaws.com list... done
:::   Status: Not modified
:::   No changes detected, transport skipped!
::: Getting s3.amazonaws.com list... done
:::   Status: Not modified
:::   No changes detected, transport skipped!
::: Getting hosts-file.net list... done
:::   Status: Not modified
:::   No changes detected, transport skipped!
::: 
::: Aggregating list of domains... done!
::: Formatting list of domains to remove comments.... done!
::: 129942 domains being pulled in by gravity...
::: Removing duplicate domains.... done!
::: 106698 unique domains trapped in the event horizon.
:::
::: Adding adlist sources to the whitelist... done!
::: Whitelisting 6 domains... done!
::: Nothing to blacklist!
::: No wildcards used!
::: Formatting domains into a HOSTS file...::: Nothing to blacklist!
 done!
:::
::: Cleaning up un-needed files... done!
:::
::: Refresh lists in dnsmasq...s6 service not found for dnsmasq, exiting...
 done!
::: DNS service is running
::: Pi-hole blocking is Enabled
[cont-init.d] 50-gravity.sh: exited 0.
[cont-init.d] 99-tests.sh: executing... 
DEBUG: Testing if all configurations valid
dnsmasq: syntax check OK.
[15-Nov-2017 15:07:35] NOTICE: configuration file /etc/php7/php-fpm.conf test is successful
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[cont-init.d] 99-tests.sh: exited 0.
[cont-init.d] done.
[services.d] starting services
starting version 3.2.2
[services.d] done.
dnsmasq: started, version 2.76 cachesize 10000
dnsmasq: compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth DNSSEC loop-detect inotify
dnsmasq: using nameserver 8.8.4.4#53
dnsmasq: using nameserver 8.8.8.8#53
dnsmasq: read /etc/hosts - 8 addresses
dnsmasq: read /etc/pihole/black.list - 0 addresses
dnsmasq: read /etc/pihole/local.list - 2 addresses
dnsmasq: read /etc/pihole/gravity.list - 106698 addresses

Pi-Hole not accessible on external network

Problem/Motivation

Not able to access Pi-Hole from outside of local network

Expected behavior

Access with xxxx.Duckdns.org:80 since forwarding is setup.

Actual behavior

Only opens when connect to local network

I have looked on the forums and asked the question in the Discord chat with no help, I have double and triple checked my network settings and everything appears to work, I have many ports forwarded with no problems.

This is the settings I am using

{
  "log_level": "trace",
  "password": "",
  "update_lists_on_start": true,
  "web_port": 80,
  "dns_port": 53,
  "ssl": true,
  "certfile": "fullchain.pem",
  "keyfile": "privkey.pem",
  "interface": "",
  "ipv6": true,
  "ipv4_address": "",
  "ipv6_address": "",
  "virtual_host": "myipaddress.duckdns.org",
  "hosts": []
}

Here is a snippet of my Log file, nothing seems to be recorded when I attempt to open the web ui from work, I have also not been able to see anything from the Pi-hole sensor in Hass.io.

dnsmasq: query[A] api-global.netflix.com from 10.0.0.20
dnsmasq: cached api-global.netflix.com is <CNAME>
dnsmasq: cached api-global.geo.netflix.com is <CNAME>
dnsmasq: forwarded api-global.netflix.com to 8.8.4.4
dnsmasq: forwarded api-global.netflix.com to 8.8.8.8
dnsmasq: reply api-global.netflix.com is <CNAME>
dnsmasq: reply api-global.geo.netflix.com is <CNAME>
dnsmasq: reply api-global.us-west-2.prodaa.netflix.com is 52.10.59.119
dnsmasq: reply api-global.us-west-2.prodaa.netflix.com is 52.26.90.140
dnsmasq: reply api-global.us-west-2.prodaa.netflix.com is 52.33.161.173
dnsmasq: reply api-global.us-west-2.prodaa.netflix.com is 52.10.85.197
dnsmasq: reply api-global.us-west-2.prodaa.netflix.com is 52.25.230.252
dnsmasq: reply api-global.us-west-2.prodaa.netflix.com is 52.27.139.245
dnsmasq: reply api-global.us-west-2.prodaa.netflix.com is 52.10.200.73
dnsmasq: reply api-global.us-west-2.prodaa.netflix.com is 52.25.167.230
dnsmasq: query[A] spectrum.s3.amazonaws.com from 10.0.0.13
dnsmasq: cached spectrum.s3.amazonaws.com is <CNAME>
dnsmasq: cached s3-directional-w.amazonaws.com is <CNAME>
dnsmasq: forwarded spectrum.s3.amazonaws.com to 8.8.4.4
dnsmasq: reply spectrum.s3.amazonaws.com is <CNAME>
dnsmasq: reply s3-directional-w.amazonaws.com is <CNAME>
dnsmasq: reply s3-1-w.amazonaws.com is 52.216.84.131
dnsmasq: query[A] spectrum.s3.amazonaws.com from 10.0.0.12
dnsmasq: cached spectrum.s3.amazonaws.com is <CNAME>
dnsmasq: cached s3-directional-w.amazonaws.com is <CNAME>
dnsmasq: forwarded spectrum.s3.amazonaws.com to 8.8.4.4
dnsmasq: reply spectrum.s3.amazonaws.com is <CNAME>
dnsmasq: reply s3-directional-w.amazonaws.com is <CNAME>
dnsmasq: reply s3-1-w.amazonaws.com is 52.216.226.56

Sorry for the incomplete information!

Not using virtual host

Problem/Motivation

My install of Pi-Hole does not seem to be accepting my duckdns.org URL in the virtual host config.

Expected behavior

I would expect to be able to access the admin panel at https://mydomain.duckdns.org:8080/admin/index.php

Actual behavior

I get the following error:

Failed Host Check: mydomain.duckdns.org vs 172.16.0.xx, , hassio.local, pi.hole, localhost, hassio, hassio.local

It appears to be not adding my domain to whitelist of hostnames it can be accessed on.

Steps to reproduce

Based on the lack of other reports, it would seem this may be specific to mine.
I can provide access to logs etc as required.

Additional Info

I have tried saving the config again, restarting several times, restarting hassio also. Doesn't seem to take effect. The config in hassio shows the domain, as well as my other customised items in the config do work, just this domain part.

I am able to access the admin UI perfectly fine via https://localip:8080/admin/index.php but I would prefer domain due to the certificate

My config is:

{ "log_level": "info", "password": "mypassword", "update_lists_on_start": true, "web_port": 8080, "dns_port": 53, "ssl": true, "certfile": "fullchain.pem", "keyfile": "privkey.pem", "interface": "", "ipv6": true, "ipv4_address": "", "ipv6_address": "", "virtual_host": "mydomain.duckdns.org" }

No stats on release 0.5.0

Problem

No stats at all showing

Expected behavior

Stats to show ads blocked and clients etc.

Actual behavior

Recently updated to version 0.5.0 and Pi-hole is still working but the stats are blank.

Steps to reproduce

updated to 0.5.0 I'm running on raspberry pi 3 model B and have Google wife redirecting dns.

Proposed changes

(If you have a proposed change, workaround or fix,
describe the rationale behind it)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    πŸ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. πŸ“ŠπŸ“ˆπŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❀️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.