starred/ProxmoxVE
1
0
Fork 0
mirror of https://github.com/community-scripts/ProxmoxVE.git synced 2026-02-05 00:29:55 +03:00
Code Issues 12 Packages Projects Releases 10 Wiki Activity

PiHole - selecting unbound as recursive does not set 127.0.0.1 unbound as DNS server #550

New Issue
Closed
opened 2026-02-04 19:46:32 +03:00 by OVERLORD · 6 comments
OVERLORD commented 2026-02-04 19:46:32 +03:00
Owner
Copy Link

Originally created by @m4rkireland on GitHub (Feb 26, 2025).

Have you read and understood the above guidelines?

yes

📜 What is the name of the script you are using?

PiHole

📂 What was the exact command used to execute the script?

bash -c "$(wget -qLO - https://github.com/community-scripts/ProxmoxVE/raw/main/ct/pihole.sh)"

📝 Provide a clear and concise description of the issue.

When answering N to Unbound is configured as a recursive DNS server by default, would you like it to be configured as a forwarding DNS server (using DNS-over-TLS (DoT)) instead? <y/N>, before the move to v6, the v5 script would set this up correctly and have 127.0.0.1:5335 as the Custom DNS server, however now it shows the two google IPs

Image

⚙️ What settings are you using?

  • Default Settings
  • Advanced Settings

🖥️ Which Linux distribution are you using?

No response

🔄 Steps to reproduce the issue.

  🧩  Using Advanced Settings on node pve01
  🖥️  Operating System: debian
  🌟  Version: 12
  📦  Container Type: Unprivileged
  🔐  Root Password: ********
  🆔  Container ID: 151
  🏠  Hostname: pihole01
  💾  Disk Size: 20 GB
  🧠  CPU Cores: 1
  🛠️  RAM Size: 1024 MiB
  🌉  Bridge: vmbr1
  📡  IP Address: 192.168.1.151/24
  🌐  Gateway IP Address: 192.168.1.1
  📡  APT-Cacher IP Address: Default
  🚫  Disable IPv6: no
  ⚙️  Interface MTU Size: Default
  🔍  DNS Search Domain: Host
  📡  DNS Server IP Address: Host
  🏷️  Vlan: Default
  📡  Tags: community-script;adblock
  🔑  Root SSH Access: yes
Warning: No SSH key provided.
  🔍  Verbose Mode: no
  🚀  Creating a Pihole LXC using the above advanced settings
  ✔️  Using local for Template Storage.
  ✔️  Using local-nvme for Container Storage.
  ✔️  Updated LXC Template List
  ✔️  LXC Template is ready to use.
  ✔️  LXC Container 151 was successfully created.
  ✔️  Started LXC Container
  ✔️  Set up Container OS
  ✔️  Network Connected: 192.168.1.151 
  ✔️  IPv4 Internet Connected
  ✖️  IPv6 Internet Not Connected
  ✔️  DNS Resolved github.com to 20.26.156.215
  ✔️  Updated Container OS
  ✔️  Installed Dependencies
  ✔️  Installed Pi-hole
Would you like to add Unbound? <y/N> y
Unbound is configured as a recursive DNS server by default, would you like it to be configured as a forwarding DNS server (using DNS-over-TLS (DoT)) instead? <y/N> N
  ✔️  Installed Unbound
  ✔️  Cleaned
  ✔️  Completed Successfully!

  🚀  Pihole setup has been successfully initialized!
  💡   Access it using the following URL:
    🌐  http://192.168.1.151/admin
root@pve01:~#

Paste the full error output (if available).

root@pihole01:~# cat /etc/unbound/unbound.conf.d/pi-hole.conf
server:
  verbosity: 0
  interface: 127.0.0.1
  port: 5335
  do-ip6: no
  do-ip4: yes
  do-udp: yes
  do-tcp: yes
  num-threads: 1
  hide-identity: yes
  hide-version: yes
  harden-glue: yes
  harden-dnssec-stripped: yes
  harden-referral-path: yes
  use-caps-for-id: no
  harden-algo-downgrade: no
  qname-minimisation: yes
  aggressive-nsec: yes
  rrset-roundrobin: yes
  cache-min-ttl: 300
  cache-max-ttl: 14400
  msg-cache-slabs: 8
  rrset-cache-slabs: 8
  infra-cache-slabs: 8
  key-cache-slabs: 8
  serve-expired: yes
  serve-expired-ttl: 3600
  edns-buffer-size: 1232
  prefetch: yes
  prefetch-key: yes
  target-fetch-policy: "3 2 1 1 1"
  unwanted-reply-threshold: 10000000
  rrset-cache-size: 256m
  msg-cache-size: 128m
  so-rcvbuf: 1m
  private-address: 192.168.0.0/16
  private-address: 169.254.0.0/16
  private-address: 172.16.0.0/12
  private-address: 10.0.0.0/8
  private-address: fd00::/8
  private-address: fe80::/10

🖼️ Additional context (optional).

No response

Originally created by @m4rkireland on GitHub (Feb 26, 2025). ### ✅ Have you read and understood the above guidelines? yes ### 📜 What is the name of the script you are using? PiHole ### 📂 What was the exact command used to execute the script? bash -c "$(wget -qLO - https://github.com/community-scripts/ProxmoxVE/raw/main/ct/pihole.sh)" ### 📝 Provide a clear and concise description of the issue. When answering N to `Unbound is configured as a recursive DNS server by default, would you like it to be configured as a forwarding DNS server (using DNS-over-TLS (DoT)) instead? <y/N>`, before the move to v6, the v5 script would set this up correctly and have 127.0.0.1:5335 as the Custom DNS server, however now it shows the two google IPs <img width="467" alt="Image" src="https://github.com/user-attachments/assets/8502479d-20c0-4763-87fa-12928ce92399" /> ### ⚙️ What settings are you using? - [ ] Default Settings - [x] Advanced Settings ### 🖥️ Which Linux distribution are you using? _No response_ ### 🔄 Steps to reproduce the issue. ``` 🧩 Using Advanced Settings on node pve01 🖥️ Operating System: debian 🌟 Version: 12 📦 Container Type: Unprivileged 🔐 Root Password: ******** 🆔 Container ID: 151 🏠 Hostname: pihole01 💾 Disk Size: 20 GB 🧠 CPU Cores: 1 🛠️ RAM Size: 1024 MiB 🌉 Bridge: vmbr1 📡 IP Address: 192.168.1.151/24 🌐 Gateway IP Address: 192.168.1.1 📡 APT-Cacher IP Address: Default 🚫 Disable IPv6: no ⚙️ Interface MTU Size: Default 🔍 DNS Search Domain: Host 📡 DNS Server IP Address: Host 🏷️ Vlan: Default 📡 Tags: community-script;adblock 🔑 Root SSH Access: yes Warning: No SSH key provided. 🔍 Verbose Mode: no 🚀 Creating a Pihole LXC using the above advanced settings ✔️ Using local for Template Storage. ✔️ Using local-nvme for Container Storage. ✔️ Updated LXC Template List ✔️ LXC Template is ready to use. ✔️ LXC Container 151 was successfully created. ✔️ Started LXC Container ✔️ Set up Container OS ✔️ Network Connected: 192.168.1.151 ✔️ IPv4 Internet Connected ✖️ IPv6 Internet Not Connected ✔️ DNS Resolved github.com to 20.26.156.215 ✔️ Updated Container OS ✔️ Installed Dependencies ✔️ Installed Pi-hole Would you like to add Unbound? <y/N> y Unbound is configured as a recursive DNS server by default, would you like it to be configured as a forwarding DNS server (using DNS-over-TLS (DoT)) instead? <y/N> N ✔️ Installed Unbound ✔️ Cleaned ✔️ Completed Successfully! 🚀 Pihole setup has been successfully initialized! 💡 Access it using the following URL: 🌐 http://192.168.1.151/admin root@pve01:~# ``` ### ❌ Paste the full error output (if available). ``` root@pihole01:~# cat /etc/unbound/unbound.conf.d/pi-hole.conf server: verbosity: 0 interface: 127.0.0.1 port: 5335 do-ip6: no do-ip4: yes do-udp: yes do-tcp: yes num-threads: 1 hide-identity: yes hide-version: yes harden-glue: yes harden-dnssec-stripped: yes harden-referral-path: yes use-caps-for-id: no harden-algo-downgrade: no qname-minimisation: yes aggressive-nsec: yes rrset-roundrobin: yes cache-min-ttl: 300 cache-max-ttl: 14400 msg-cache-slabs: 8 rrset-cache-slabs: 8 infra-cache-slabs: 8 key-cache-slabs: 8 serve-expired: yes serve-expired-ttl: 3600 edns-buffer-size: 1232 prefetch: yes prefetch-key: yes target-fetch-policy: "3 2 1 1 1" unwanted-reply-threshold: 10000000 rrset-cache-size: 256m msg-cache-size: 128m so-rcvbuf: 1m private-address: 192.168.0.0/16 private-address: 169.254.0.0/16 private-address: 172.16.0.0/12 private-address: 10.0.0.0/8 private-address: fd00::/8 private-address: fe80::/10 ``` ### 🖼️ Additional context (optional). _No response_
OVERLORD added the questionbug labels 2026-02-04 19:46:32 +03:00
OVERLORD commented 2026-02-04 19:46:47 +03:00
Author
Owner
Copy Link

@MickLesk commented on GitHub (Feb 26, 2025):

Doesnt see the issue? Many people Test the v6 with unbound and it works. Declare better or do an Example, what in which state need to change

@MickLesk commented on GitHub (Feb 26, 2025): Doesnt see the issue? Many people Test the v6 with unbound and it works. Declare better or do an Example, what in which state need to change
OVERLORD commented 2026-02-04 19:46:54 +03:00
Author
Owner
Copy Link

@m4rkireland commented on GitHub (Feb 26, 2025):

When I used this before the recent PR change, installing PiHole and selecting Unbound as recursive would put 127.0.0.1#5335 as the custom DNS server, but now it does this:
Image

In the text of this image, is what I would have expected for unbound running as recursive (e.g. 127.0.0.1#5335 for a local unbound instance running on port 5335).

I agree that Unbound is installed and working, but this dialogue box is giving the impression that Pi-Hole isn't configured to use it?

@m4rkireland commented on GitHub (Feb 26, 2025): When I used this before the recent PR change, installing PiHole and selecting Unbound as recursive would put 127.0.0.1#5335 as the custom DNS server, but now it does this: <img width="467" alt="Image" src="https://github.com/user-attachments/assets/8502479d-20c0-4763-87fa-12928ce92399" /> In the text of this image, is what I would have expected for unbound running as recursive `(e.g. 127.0.0.1#5335 for a local unbound instance running on port 5335).` I agree that Unbound is installed and working, but this dialogue box is giving the impression that Pi-Hole isn't configured to use it?
OVERLORD commented 2026-02-04 19:47:00 +03:00
Author
Owner
Copy Link

@m4rkireland commented on GitHub (Feb 26, 2025):

On a fresh install with recursive selected, pihole.toml still has the Google DNS in:

root@pihole01:~# cat /etc/pihole/pihole.toml | grep 'upstreams' -A10 -B10
# Encoding: UTF-8
# This file is managed by pihole-FTL
# Last updated on 2025-02-25 22:28:45 GMT

[dns]
  # Array of upstream DNS servers used by Pi-hole
  # Example: [ "8.8.8.8", "127.0.0.1#5335", "docker-resolver" ]
  #
  # Possible values are:
  #     array of IP addresses and/or hostnames, optionally with a port (#...)
  upstreams = [
    "8.8.8.8",
    "8.8.4.4"
  ] ### CHANGED, default = []

Something here, line 144?
sed -i -E "s|^(upstreams =).*|\1 [\"127.0.0.1#5335\", \"8.8.4.4\"]|" /etc/pihole/pihole.toml

@m4rkireland commented on GitHub (Feb 26, 2025): On a fresh install with recursive selected, pihole.toml still has the Google DNS in: ``` root@pihole01:~# cat /etc/pihole/pihole.toml | grep 'upstreams' -A10 -B10 # Encoding: UTF-8 # This file is managed by pihole-FTL # Last updated on 2025-02-25 22:28:45 GMT [dns] # Array of upstream DNS servers used by Pi-hole # Example: [ "8.8.8.8", "127.0.0.1#5335", "docker-resolver" ] # # Possible values are: # array of IP addresses and/or hostnames, optionally with a port (#...) upstreams = [ "8.8.8.8", "8.8.4.4" ] ### CHANGED, default = [] ``` Something here, line 144? `sed -i -E "s|^(upstreams =).*|\1 [\"127.0.0.1#5335\", \"8.8.4.4\"]|" /etc/pihole/pihole.toml`
OVERLORD commented 2026-02-04 19:47:06 +03:00
Author
Owner
Copy Link

@MickLesk commented on GitHub (Feb 26, 2025):

Test again

@MickLesk commented on GitHub (Feb 26, 2025): Test again
OVERLORD commented 2026-02-04 19:47:12 +03:00
Author
Owner
Copy Link

@m4rkireland commented on GitHub (Feb 26, 2025):

I've run through both Yes and No options for this

Unbound is configured as a recursive DNS server by default, would you like it to be configured as a forwarding DNS server (using DNS-over-TLS (DoT)) instead? <y/N>

and unfortunately still neither of them result in the DNS of 127.0.0.1#5335 being set as the custom server. Do I need to wait until this repo is tagged in a release before we'll see the change?

Thanks for your help.

@m4rkireland commented on GitHub (Feb 26, 2025): I've run through both Yes and No options for this `Unbound is configured as a recursive DNS server by default, would you like it to be configured as a forwarding DNS server (using DNS-over-TLS (DoT)) instead? <y/N>` and unfortunately still neither of them result in the DNS of 127.0.0.1#5335 being set as the custom server. Do I need to wait until this repo is tagged in a release before we'll see the change? Thanks for your help.
OVERLORD commented 2026-02-04 19:47:23 +03:00
Author
Owner
Copy Link

@MickLesk commented on GitHub (Feb 27, 2025):

done

@MickLesk commented on GitHub (Feb 27, 2025): done
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
Implemented in VED waiting push to Main
breaking change
bug
bug
bugfix
deferred
delete script
dependencies
enhancement
external
feature
github
help wanted
in project pipeline
invalid
investigation
json
maintenance
needs triage
new script
new script
nice to have
not a script issue
not planned
organization
pull-request
Mirrored from GitHub Pull Request
 question
refactor
rename script
security
update script
website
wontdo
🛑 Failure to comply with the guidelines
No Label bug question
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/ProxmoxVE#550
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?