While this is also not the only version this solution can be run, if there is no way to connect to an external DB, it can be configured to use an internal SQLite DB. The BW container and an outside database. Single-container aka "unified" version of self-hosted Bitwardenĭubbed a unified self-host deployment solution, this version of Bitwarden will be by far much easier to maintain as it has only two major moving parts. Standard self-host deployment of Bitwardenīack at the start of December 2022, Bitwarden started to develop its own single-image version (well with a database as being a separate one) to concatenate all the different core, front-end, and back-end services under one container. This is another reason that self-hoster for the most part use VaultWarden implementation. Now, that are a lot of images and elements to keep in sync just to provide a password manager solution. The end goal here is for Pi-Hole to do my DHCP and so that I can see the dynamic hostnames instead of inputting them manually into the /etc/hosts file.The official Bitwarden solution can also be self-hosted via Docker but it is a bit much to maintain coming in with a big stack of eleven (11) containers. For the most paranoid, it should even be possible to explicitly drop the NET_RAWĬapability to prevent FTLDNS from automatically gaining it." However, if DHCP and IPv6 Router Advertisements are not in use, it should be safe to skip it. This image automatically grants those capabilities, if available, to the FTLDNS process, even when run as non-root.īy default, docker does not include the NET_ADMINĬapability for non-privileged containers, and it is recommended to explicitly add it to the container using -cap-add=NET_ADMIN : we need to be able to change ownership of log files and databases in case FTL is started as a different user than pihole : FTL sets itself as an important process to get some more processing time if the latter is running low : modify routing tables and other network-related operations (in particular inserting an entry in the neighbor table to answer DHCP requests using unicast packets) : use raw and packet sockets (needed for handling DHCPv6 requests, and verifying that an IP is not in use before leasing it) : Allows FTLDNS binding to TCP/UDP sockets below 1024 (specifically DNS service on port 53) PHP error (2): fsockopen(): unable to connect to 127.0.0.1:4711 (Connection refused) in /var/www/html/admin/scripts/pi-hole/php/FTL.php:47ĭo I need to have these in somewhere ? If so, where ?ĭNSMasq / FTLDNS expects to have the following capabilities available:
However, I now get this when disabling the DHCP capability from my router and enabling the one from the Pi-Hole: Which I have resolved by changing the username environmental variable to root as per here:
How can I have Pi-Hole doing DHCP via Docker on my Synology NAS ?ĭNSMASQ_CONFIG FTL failed to start due to process is missing required capability NET_ADMIN
0 kommentar(er)
