Custom web port for synology or --net=host users

Dockerfile.py

@@ -3,10 +3,11 @@
 """ Dockerfile.py - generates and build dockerfiles
 
 Usage:
-  Dockerfile.py [--os=<os> ...] [--arch=<arch> ...] [-v] [--no-build | --no-generate]
+  Dockerfile.py [--os=<os> ...] [--arch=<arch> ...] [-v] [--no-build | --no-generate] [--no-cache]
 
 Options:
     --no-build      Skip building the docker images
+    --no-cache      Build without using any cache data
     --no-generate   Skip generating Dockerfiles from template
     --os=<os>       What OS(s) to build             [default: alpine debian]
     --arch=<arch>   What Architecture(s) to build   [default: amd64 armhf aarch64]
@@ -117,18 +118,22 @@ def build(docker_repo, os, arch, args):
 
     dockerfile = 'Dockerfile_{}_{}'.format(os, arch)
     repo_tag = '{}:{}_{}'.format(docker_repo, os, arch)
-    print " ::: Pulling {} to reuse layers".format(dockerfile, repo_tag)
-    pull_cmd = run_local('docker pull {}/{}'.format('diginc', repo_tag))
-    if args['-v']:
-        print pull_cmd.stdout
+    cached_image = '{}/{}'.format('diginc', repo_tag)
+    no_cache = ''
+    if args['--no-cache']:
+        no_cache = '--no-cache'
+    build_command = 'docker build {no_cache} --pull --cache-from="{cache},{create_tag}" -f {dockerfile} -t {create_tag} .'\
+        .format(no_cache=no_cache, cache=cached_image, dockerfile=dockerfile, create_tag=repo_tag)
     print " ::: Building {} into {}".format(dockerfile, repo_tag)
-    build_cmd = run_local('docker build --pull -f {} -t {} .'.format(dockerfile, repo_tag))
     if args['-v']:
-        print build_cmd.stdout
-    if build_cmd.rc != 0:
+        print build_command, '\n'
+    build_result = run_local(build_command) 
+    if args['-v']:
+        print build_result.stdout
+    if build_result.rc != 0:
         print "     ::: Building {} encountered an error".format(dockerfile)
-        print build_cmd.stderr
-    assert build_cmd.rc == 0
+        print build_result.stderr
+    assert build_result.rc == 0
 
 
 if __name__ == '__main__':

Dockerfile.template

@@ -14,7 +14,9 @@ ENV PIHOLE_INSTALL /tmp/ph_install.sh
 ENV S6OVERLAY_RELEASE https://github.com/just-containers/s6-overlay/releases/download/{{ pihole.s6_version }}/s6-overlay-{{ pihole.arch }}.tar.gz
 
 {% if pihole.os == 'alpine' %}
-RUN apk upgrade --update && \
+# TODO Re-enable upgrade after php5 packages use the latest greatest libressl packages, conflicts are breaking build 2017-11-14
+# RUN apk upgrade --update && \
+RUN apk update && \
     apk add bind-tools wget curl bash libcap && \
 {% else %}
 RUN apt-get update && \

Dockerfile_alpine_amd64

@@ -13,7 +13,9 @@ ENV setupVars /etc/pihole/setupVars.conf
 ENV PIHOLE_INSTALL /tmp/ph_install.sh
 ENV S6OVERLAY_RELEASE https://github.com/just-containers/s6-overlay/releases/download/v1.20.0.0/s6-overlay-amd64.tar.gz
 
-RUN apk upgrade --update && \
+# TODO Re-enable upgrade after php5 packages use the latest greatest libressl packages, conflicts are breaking build 2017-11-14
+# RUN apk upgrade --update && \
+RUN apk update && \
     apk add bind-tools wget curl bash libcap && \
     curl -L -s $S6OVERLAY_RELEASE \
         | tar xvzf - -C / && \

Dockerfile_alpine_armhf

@@ -13,7 +13,9 @@ ENV setupVars /etc/pihole/setupVars.conf
 ENV PIHOLE_INSTALL /tmp/ph_install.sh
 ENV S6OVERLAY_RELEASE https://github.com/just-containers/s6-overlay/releases/download/v1.20.0.0/s6-overlay-armhf.tar.gz
 
-RUN apk upgrade --update && \
+# TODO Re-enable upgrade after php5 packages use the latest greatest libressl packages, conflicts are breaking build 2017-11-14
+# RUN apk upgrade --update && \
+RUN apk update && \
     apk add bind-tools wget curl bash libcap && \
     curl -L -s $S6OVERLAY_RELEASE \
         | tar xvzf - -C / && \

README.md

@@ -52,6 +52,7 @@ There are other environment variables if you want to customize various things in
 | `-e IPv6=<True\|False>`<br/> *Optional* *Default: True* | For unraid compatibility, strips out all the IPv6 configuration from DNS/Web services when false.
 | `-e INTERFACE=<NIC>`<br/> *Advanced/Optional* | The default works fine with our basic example docker run commands.  If you're trying to use DHCP with `--net host` mode then you may have to customize this or DNSMASQ_LISTENING.
 | `-e DNSMASQ_LISTENING=<local\|all\|NIC>`<br/> *Advanced/Optional* | `local` listens on all local subnets, `all` permits listening on internet origin subnets in addition to local.
+| `-e WEB_PORT=<PORT>`<br/> *Advanced/Optional* | **This will break the webpage blocked functionality of pi-hole** however it may help advanced setups like those running synology or `--net=host` docker argument.  This guide explains how to restore webpage blocked functionality using a linux router DNAT rule: [Alternagtive Synology installation method](https://discourse.pi-hole.net/t/alternative-synology-installation-method/5454?u=diginc)
 
 Here is a rundown of the other arguments passed into the example `docker run`
 

bash_functions.sh

@@ -174,6 +174,33 @@ setup_php_env_alpine() {
     cat "$PHP_ENV_CONFIG"
 }
 
+setup_web_port() {
+    local warning="WARNING: Custom WEB_PORT not used"
+    # Quietly exit early for empty or default
+    if [[ -z "${1}" || "${1}" == '80' ]] ; then return ; fi
+
+    if ! echo $1 | grep -q '^[0-9][0-9]*$' ; then 
+        echo "$warning - $1 is not an integer"
+        return
+    fi
+
+    local -i web_port="$1"
+    if (( $web_port < 1 || $web_port > 65535 )); then
+        echo "$warning - $web_port is not within valid port range of 1-65535"
+        return
+    fi
+    echo "Custom WEB_PORT set to $web_port"
+    echo "INFO: Without proper router DNAT forwarding to $ServerIP:$web_port, you may not get any blocked websites on ads"
+    case $TAG in
+        "debian") 
+            sed -i '/server.port\s*=\s*80\s*$/ s/80/'$web_port'/g' /etc/lighttpd/lighttpd.conf ;;
+        "alpine") 
+            sed -i '/^\s*listen \[::\]:80 default_server/ s/80/'$web_port'/g' /etc/nginx/nginx.conf
+            sed -i '/^\s*listen 80 default_server/ s/80/'$web_port'/g' /etc/nginx/nginx.conf ;;
+    esac
+
+}
+
 setup_web_password() {
     if [ -z "${WEBPASSWORD+x}" ] ; then 
         # Not set at all, give the user a random pass

start.sh

@@ -12,6 +12,8 @@ export DNS1
 export DNS2
 export INTERFACE
 export IPv6
+export WEBPASSWORD
+export WEB_PORT
 
 . /bash_functions.sh
 
@@ -20,6 +22,7 @@ validate_env || exit 1
 prepare_setup_vars
 change_setting "IPV4_ADDRESS" "$ServerIP"
 change_setting "IPV6_ADDRESS" "$ServerIPv6"
+setup_web_port "$WEB_PORT"
 setup_web_password "$WEBPASSWORD"
 setup_dnsmasq "$DNS1" "$DNS2"
 setup_php_env

test/test_bash_functions.py

@@ -21,6 +21,31 @@ def test_IPv6_not_True_removes_ipv6(Docker, os, args, expected_ipv6, expected_st
     config = Docker.run('cat {}'.format( WEB_CONFIG[os])).stdout
     assert (IPV6_LINE[os] in config) == expected_ipv6
 
+@pytest.mark.parametrize('args', [DEFAULTARGS + '-e "WEB_PORT=999"'])
+def test_overrides_default_WEB_PORT(Docker, os, args):
+    ''' When a --net=host user sets WEB_PORT to avoid synology's 80 default IPv4 and or IPv6 ports are updated'''
+    CONFIG_LINES = { 'alpine': ['listen 999 default_server',
+                                'listen\s*\[::\]:999\s*default_server;'],
+                     'debian': ['server.port\s*=\s*999'] }
+    WEB_CONFIG = { 'alpine': '/etc/nginx/nginx.conf',
+                   'debian': '/etc/lighttpd/lighttpd.conf' }
+
+    function = Docker.run('. /bash_functions.sh ; eval `grep setup_web_port /start.sh`')
+    assert "Custom WEB_PORT set to 999" in function.stdout
+    assert "INFO: Without proper router DNAT forwarding to 127.0.0.1:999, you may not get any blocked websites on ads" in function.stdout
+    config = Docker.run('cat {}'.format( WEB_CONFIG[os])).stdout
+    for expected_line in CONFIG_LINES[os]:
+        assert re.search(expected_line, config) != None
+
+@pytest.mark.parametrize('args,expected_error', [
+    (DEFAULTARGS + '-e WEB_PORT="LXXX"', 'WARNING: Custom WEB_PORT not used - LXXX is not an integer'),
+    (DEFAULTARGS + '-e WEB_PORT="1,000"', 'WARNING: Custom WEB_PORT not used - 1,000 is not an integer'),
+    (DEFAULTARGS + '-e WEB_PORT="99999"', 'WARNING: Custom WEB_PORT not used - 99999 is not within valid port range of 1-65535'),
+])
+def test_bad_input_to_WEB_PORT(Docker, args, expected_error):
+    function = Docker.run('. /bash_functions.sh ; eval `grep setup_web_port /start.sh`')
+    assert expected_error in function.stdout
+
 @pytest.mark.parametrize('args, expected_stdout, dns1, dns2', [
     ('-e ServerIP="1.2.3.4"', 'default DNS', '8.8.8.8', '8.8.4.4' ),
     ('-e ServerIP="1.2.3.4" -e DNS1="1.2.3.4"', 'custom DNS', '1.2.3.4', '8.8.4.4' ),

tox.ini

@@ -5,5 +5,5 @@ envlist = py27
 whitelist_externals = docker
 deps = -rrequirements.txt
 commands = docker run --rm --privileged multiarch/qemu-user-static:register --reset
-           ./Dockerfile.py
+           ./Dockerfile.py -v
            pytest {posargs:-vv -n auto} ./test/