pi.hole is not reachable with docker #1765
Description
This is a: Bug?
Details
Hi after updating from v5 to v6, decided to switch from install to docker and from lighttpd to nginx.
Now it works not as I expected.
http://pi.hole/admin/ not working, as well as pi.hole:8084/admin/. But dns is working for sure cause other domains defined in Local domain section in web UI (e.g. jelly.oz) are working just fine as well as thier proxying in nginx.
Please help and thanks in advance.
Related Issues
- [X ] I have searched this repository/Pi-hole forums for existing issues and pull requests that look similar
How to reproduce the issue
- Environment data
- Operating System: raspbian
- Hardware: RasPi 5
- docker-compose.yml contents, docker run shell command, or paste a screenshot of any UI based configuration of containers here
services:
nginx:
container_name: nginx
image: nginx:stable
ports:
- 80:80
volumes:
- ./nginx-config:/etc/nginx/conf.d
# extra_hosts:
# - "host.docker.internal:host-gateway"
restart: unless-stopped
pihole:
container_name: pihole
image: pihole/pihole:latest
hostname: rpi
ports:
# DNS Ports
- "53:53/tcp"
- "53:53/udp"
# Default HTTP Port
- "8084:80/tcp"
# Default HTTPs Port. FTL will generate a self-signed certificate
- "8443:443/tcp"
# Uncomment the below if using Pi-hole as your DHCP Server
#- "67:67/udp"
environment:
# Set the appropriate timezone for your location (https://en.wikipedia.org/wiki/List_of_tz_database_time_zones), e.g:
TZ: "Europe/Warsaw"
# Set a password to access the web interface. Not setting one will result in a random password being assigned
FTLCONF_webserver_api_password: "test"
# If using Docker's default `bridge` network setting the dns listening mode should be set to 'all'
FTLCONF_dns_listeningMode: "all"
# Volumes store your data between container upgrades
volumes:
# For persisting Pi-hole's databases and common configuration file
- "./etc-pihole:/etc/pihole"
# Uncomment the below if you have custom dnsmasq config files that you want to persist. Not needed for most starting fresh with Pi-hole v6. If you're upgrading from v5 you and have used this directory before, you should keep it enabled for the first v6 container start to allow for a complete migration. It can be removed afterwards. Needs environment variable FTLCONF_misc_etc_dnsmasq_d: 'true'
#- './etc-dnsmasq.d:/etc/dnsmasq.d'
cap_add:
# See https://github.com/pi-hole/docker-pi-hole#note-on-capabilities
# Required if you are using Pi-hole as your DHCP server, else not needed
- NET_ADMIN
# Required if you are using Pi-hole as your NTP client to be able to set the host's system time
- SYS_TIME
# Optional, if Pi-hole should get some more processing time
- SYS_NICE
restart: unless-stopped
- any additional info to help reproduce
nginx.conf:
server {
listen 80;
server_name pi.hole;
set $pihole 192.168.0.100;
location / {
proxy_pass http://$pihole:80/admin/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_hide_header X-Frame-Options;
proxy_set_header X-Frame-Options "SAMEORIGIN";
proxy_read_timeout 90;
}
location /api/ {
proxy_pass http://$pihole/api/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_hide_header X-Frame-Options;
proxy_set_header X-Frame-Options "SAMEORIGIN";
proxy_read_timeout 90;
}
}
server {
listen 80;
#listen [::]:80;
server_name jelly.oz;
# use a variable to store the upstream proxy
set $jellyfin 192.168.0.100;
## The default `client_max_body_size` is 1M, this might not be enough for some posters, etc.
client_max_body_size 20M;
# Security / XSS Mitigation Headers
add_header X-Content-Type-Options "nosniff";
# Permissions policy. May cause issues with some clients
add_header Permissions-Policy "accelerometer=(), ambient-light-sensor=(), battery=(), bluetooth=(), camera=(), clipboard-read=(), display-capture=(), document-domain=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), payment=(), publickey-credentials-get=(), serial=(), sync-xhr=(), usb=(), xr-spatial-tracking=()" always;
location / {
proxy_pass http://$jellyfin:8096;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Forwarded-Host $http_host;
# Disable buffering when the nginx proxy gets very resource heavy upon streaming
proxy_buffering off;
}
location /socket {
# Proxy Jellyfin Websockets traffic
proxy_pass http://$jellyfin:8096;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Forwarded-Host $http_host;
}
}
These common fixes didn't work for my issue
- I have tried removing/destroying my container, and re-creating a new container
- I have tried fresh volume data by backing up and moving/removing the old volume data
- I have tried running the stock
docker runexample(s) in the readme (removing any customizations I added) - I have tried a newer or older version of Docker Pi-hole (depending what version the issue started in for me)
- I have tried running without my volume data mounts to eliminate volumes as the cause
If the above debugging / fixes revealed any new information note it here.
Add any other debugging steps you've taken or theories on root cause that may help.