docker-pihole-unbound icon indicating copy to clipboard operation
docker-pihole-unbound copied to clipboard

Published 20 hours ago verified publisher icon chriscrowe

Custom Unbound config

Open MatthewVance opened this issue 5 years ago • 6 comments

Thanks for putting this together. This issue is in regards to a potential enhancement to the following statement:

If you want to change any of this Unbound config then you can fork MatthewVance's unbound-docker repo and modify his unbound.sh file.

Forking and re-building the container like is recommended in the README is certainly one way to achieve a custom config, but I'm wondering if it would be easier for end users if another method was used. Namely, mounting a custom config at runtime as described in the Unbound container README. It would require some volume mounts rather than a re-built container (potentially add commented out placeholders in the compose-file as examples?).

Anyway, I wanted to see what you thought of documenting an alternative method than forking/re-building. I'm good either way.

By the way, I haven't tested this setup yet (or used Pi-Hole yet) but need to explore more as I've received a few questions. I came across this repo when a mutual user of our containers asked for some help in this issue after getting stuck on forking and re-configuring the Unbound file to forward to a different upstream resolver. As I reading the docs, I thought of this alternative method.

MatthewVance avatar May 23 '20 01:05 MatthewVance

Hi @MatthewVance -- Sure I'm open to alternatives here! I definitely didn't love this portion of my solution when I documented this, happy to collaborate on something better if your container can provide the necessary hooks.

chriscrowe avatar Dec 29 '20 19:12 chriscrowe

Hi @chriscrowe, the hooks should be there. I haven't tested this specific setup before, but I don't see why passing the custom config(s) as a volume wouldn't work.

For instance, if your customized configuration is located at /my-directory/unbound/unbound.conf, pass /my-directory/unbound as a volume:

docker run --name=my-unbound \
--volume=/my-directory/unbound:/opt/unbound/etc/unbound/ \
--publish=53:53/tcp \
--publish=53:53/udp \
--restart=unless-stopped \
--detach=true \
mvance/unbound:latest

Of course, this could be converted over to docker-compose format to make it even easier.

MatthewVance avatar Jan 04 '21 22:01 MatthewVance

how to define /change the unbound Pihole config and use Unbound cache vs Pihole cache under docker/portainer similar to https://github.com/anudeepND/pihole-unbound

Would i just edit the volume data  | /var/lib/docker/volumes/etc_pihole-unbound/_data

Rar9 avatar Mar 15 '21 10:03 Rar9

This would be a greatly welcomed change!

aryanakh avatar May 09 '21 07:05 aryanakh

Hey, I have tried something around and have found solutions for the two container variant as well as the one container variant. #56

vertrou avatar Jun 01 '21 17:06 vertrou

Update-2

OK - so re-tested this with the non-containerized install and the issue appears to follow unbound, not the container. Also, my first assessment was slightly off. The issue is that only the first verbosity statement after (a) unbound launches; or (b) an include statement, is respected. All others are ignored.

This is relevant when using this image because all of the config files are called via an include statement. So, if the verbosity statement in pi-hole.conf is not commented out, then the verbosity cannot be changed by adding a custom config.

Update-1

Did some additional testing. First, to verify this isn't an unbound issue, I checked it using a standard unbound install on my test system. No containers - just plain old vanilla super-basic unbound install in CentOS. Works as expected.

So I then tried additional iterations on the containerized system and what I discovered is that the log verbosity cannot be set in multiple config files. So I can set it 2 or 3 times in the same file such as pi-hole.conf or z_unbound-custom.conf but if I set it in more than location, unbound only respects the first declaration wherever it may be.

This does appear to be different behavior than a non-containerized install but I am going to go back and re-test just to confirm. Will report back anything relevant.

Original post

I typically install vim and then mod from there so the ability to simply inject a desired config would definitely be an improvement. My custom unbound config basically just enables logging and then increases the log verbosity. So, with this in mind, I thought I would give this a shot - I had partial success.

First off, it is important to note that the config location is different with this setup than in @MatthewVance's unbound image. Matthew's uses /opt/unbound/etc while this one here uses /etc/unbound. I didn't see any symlinks in either image so I do believe these are different locations. Either way, this is easily addressed by adding the following to the my compose file:

service:
   pihole:
      volumes:
         - './unbound-cfg/z_unbound-custom.conf:/etc/unbound/unbound.conf.d/z_unbound-custom.conf'

For my purposes, the z_unbound-custom.conf file is really simple as follows::

server:
    logfile: "/var/log/unbound.log"
    verbosity: 3

All looks good right - so why only "partial success"? Well, while the logfile does get enabled, the verbosity does not. I did some further testing and discovered that if the verbosity statement is not in the pi-hole.conf file, it does not seem to have any effect. I know - this makes zero sense so I am still digging but I thought I would also post here to see if anyone might have some ideas or catch something I missed.

Thanks in advance.

cyb3rz3us avatar Aug 25 '21 22:08 cyb3rz3us