Truecharts pihole app; need python3 support

[TAG_TEAM]

Total noob with TrueNAS SCALE and Truecharts containers. What do I have to do to get the Truecharts pihole container to include python3 support? Feel free to request any data you might need to address this I don't know what to provide. Running current Truecharts container -> pihole2022.08.3_6.0.35. Thank you in advance and don't go too hard on me as I just installed TrueNAS SCALE. A couple days ago.

 

[indivision]

The charts (ie apps) are basically pre-installed software. You generally don't want to make changes to the installation because that will often be lost or can cause problems with updates.

There are often configuration options ("environment variables") for charts that allow you to tailor the install in specific ways. So, maybe the pihole one has an option to include python3? To find out, you can look at the details of the app in TrueNAS and there is usually a link to the github its based on. They will document config options there. Here is the source github for the one TrueCharts uses: https://github.com/pi-hole/docker-pi-hole

Another option is to install pihole in a VM. Then you can do whatever you want in that environment. It's not longer tied to a third-party upgrade model.

 

[TAG_TEAM]

The charts (ie apps) are basically pre-installed software. You generally don't want to make changes to the installation because that will often be lost or can cause problems with updates.

There are often configuration options for charts that allow you to tailor the install in specific ways. So, maybe the pihole one has an option to include python3? To find out, you can look at the details of the app in TrueNAS and there is usually a link to the github its based on. They will document config options there.

Another option is to install pihole in a VM. Then you can do whatever you want in that environment. It's not longer tied to a third-party upgrade

Thanks for the knowledge regarding the Truceharts containers. I was hoping there would be a file/(s) used in creating the pihole Truechart container that I could modify and rebuild to accommodate python3. Seems it is not so easy. I know the container/chart is Ubuntu based and I would have thought there would be a way to add python3 as a dependency in the container.

Are there any tools to create the build files like with kubernetes or docker - if it is used? Some things come to mind, installing pihole on a ubuntu version that has python3 already installed. Secondly if I can tear the pihole prebuilt Truecart container and just tell it to install either another version of the Ubuntu or just make it deploy python3 with the current Truecharts container. Anyway, thank you for your help - I am just spitballing here...

 

[Daisuke]

Did you asked your questions on @truecharts discord support channel?

 

[indivision]

Thanks for the knowledge regarding the Truceharts containers. I was hoping there would be a file/(s) used in creating the pihole Truechart container that I could modify and rebuild to accommodate python3. Seems it is not so easy. I know the container/chart is Ubuntu based and I would have thought there would be a way to add python3 as a dependency in the container.

I believe all of the source TrueCharts uses is also on github. They may have a process for you to add options via git. You'll want to check directly with them on their discord server.

I think it is also possible to make your own chart. I don't have any experience with that. My guess is that you would then also have to do a bunch of setup to make a catalog that would talk to TrueNAS.

Are there any tools to create the build files like with kubernetes or docker - if it is used? Some things come to mind, installing pihole on a ubuntu version that has python3 already installed. Secondly if I can tear the pihole prebuilt Truecart container and just tell it to install either another version of the Ubuntu or just make it deploy python3 with the current Truecharts container. Anyway, thank you for your help - I am just spitballing here...

Imo, it really sounds like a VM would be the most practical solution for what you're wanting to do.

But, others here should be able to give more direction on chart modding options too.

 

[TAG_TEAM]

Did you asked your questions on @truecharts discord support channel?

No I am afraid I didn't. I came here first and wrongly assumed that it might be a simple process that many people here have encountered before. Probably a good place to start. Thank you for your guidance

 

[Daisuke]

TrueCharts offer excellent support on their discord channel, they will tell you what you need to do.

 

[truecharts]

I believe all of the source TrueCharts uses is also on github. They may have a process for you to add options via git. You'll want to check directly with them on their discord server.

I think it is also possible to make your own chart. I don't have any experience with that. My guess is that you would then also have to do a bunch of setup to make a catalog that would talk to TrueNAS.



Imo, it really sounds like a VM would be the most practical solution for what you're wanting to do.

But, others here should be able to give more direction on chart modding options too.

To give some clearity on this:
We do not add features to upstream containers in most cases. At least we're not going to add things like python to random containers, as people will also want us to support it, which we're not planning to do.

If you really want this, you should preferably get upstream to add this to their container by default.

If you want to do this, It basically means build your own container and/or helm chart and/or SCALE App.

 

[danb35]

If you want to do this, It basically means build your own container and/or helm chart and/or SCALE App.

...or VM, as @indivision has already suggested.

@TAG_TEAM, why do you want python3 as part of that container? In what way would it be beneficial in running Pi-Hole?

 

[TAG_TEAM]

To give some clearity on this:
We do not add features to upstream containers in most cases. At least we're not going to add things like python to random containers, as people will also want us to support it, which we're not planning to do.

If you really want this, you should preferably get upstream to add this to their container by default.

If you want to do this, It basically means build your own container and/or helm chart and/or SCALE App.

If you really want this, you should preferably get upstream to add this to their container by default.

I can see how this would be the position of the parties involved. Thanks for clarity...

If you want to do this, It basically means build your own container and/or helm chart and/or SCALE App.

I DO have the interest if it is something within my abilities to do. The folks over on the @truecharts discord channel recommended that I ask the upstream source to deploy a feature change(s), although they seemed to indicate that was unlikely. I like the TruueNAS Scale apps/charts as well as the Truecharts containers too, which both seem to use less horsepower than me building up a Ubuntu docker image with the applications installed. I think the stuff in the apps catalogs is a bit leaner than a regular docker image; hence my interest in the Scale "apps" and/or Helm "charts" type containers based on Kubernetes and/or Helm as I understand it. I'll drop it if I must, the feature is not such a necessary thing, I can approach it differently, but I like to learn and would love to be able to know how to build my own charts/apps.

Maybe the community doesn't want to have people with the abilities to create such things; I don't know...

 

[TAG_TEAM]

...or VM, as @indivision has already suggested.

@TAG_TEAM, why do you want python3 as part of that container? In what way would it be beneficial in running Pi-Hole?

A large whitelisting script (well Python3 app - that is not much more than a bash script) to load safe sites into pihole's whitelist db in bulk form. - It can be done other ways it just seemed simple at the time since the python approach already exists. And a python deployment "at the time" didn't seem like it would be too hard to include. (Though I now see how big of a deal is made about it- and understandably so...) If you want to automate it that would currently take another dependency as the Truecharts app does not have cron included either.

 

[indivision]

Maybe the community doesn't want to have people with the abilities to create such things; I don't know...

Pi-hole with Python3 might be a bit niche. But, I'm sure there are some others who do want that. I'd say the community does like more options.

The system in Scale is designed for you to be able to add your own catalog and charts. So, I say go for it.

 

[TAG_TEAM]

Thank you for the encouragement.

 

[Daisuke]

or VM

Creating a custom container is the proper way to go today, much lighter on resources and a lot easier to customize/maintain version wise.

load safe sites into pihole's whitelist db in bulk form

How do you plan to use Python inside the container, because it is not installed by default, you want to create instead a custom container? The maintainers only use Python for tests. Instead of worrying about Python3, just insert your domains into /etc/pihole/whitelist.txt and restart the pihole-FTL service. Or run a command like pihole -w somedomain.com. But you should not, Pihole is already taking care of official blacklist/whitelist database with Gravity. The additional blacklist/whitelist command is available for really specific cases only.

You should not run Pihole as Scale container. Instead, purchase two Raspberry Pi and install the DietPi distro on them, which allows you to easily run Pihole+Unbound with a proper DNS setup. Imagine Scale down, your entire network is affected. This way, you isolate the DNS related issues and also have proper redundancy.

Then, you can install @truecharts Homer app and have the two Pihole instances linked:

I'm adding this here because Homer lacks the documentation to address the issue I reported to developer related to missing CORS_HOSTS environment variable in DietPi (replace homer.lan with whatever domain you want to use, I use a LetsEncrypt SSL enabled domain, so I access it everywhere in the world):

Code:

lighttpd-enable-mod setenv
cat >> /etc/lighttpd/conf-enabled/05-setenv.conf << 'EOF'
setenv.add-environment = (
  "CORS_HOSTS" => "homer.lan"
)
EOF
systemctl restart lighttpd

Also, DietPi is based on Debian Bullseye 11 (like Scale) with Python3 as default, if you really want to run that whitelist Python script:

Code:

$ python3 --version
Python 3.9.2
$ ls -lah /usr/bin/python*
lrwxrwxrwx 1 root root    9 Apr  5  2021 /usr/bin/python3 -> python3.9
-rwxr-xr-x 1 root root 5.1M Feb 28  2021 /usr/bin/python3.9

Scale has both versions of Python installed:

Code:

$ python2 --version
Python 2.7.18
$ python3 --version
Python 3.9.2
$ ls -lah /usr/bin/python*
lrwxrwxrwx 1 root root    7 Mar  2  2021 /usr/bin/python -> python3
lrwxrwxrwx 1 root root    9 Jul 28  2021 /usr/bin/python2 -> python2.7
-rwxr-xr-x 1 root root 3.5M Jul 14  2021 /usr/bin/python2.7
lrwxrwxrwx 1 root root    9 Apr  5  2021 /usr/bin/python3 -> python3.9
-rwxr-xr-x 1 root root  960 Dec 23  2020 /usr/bin/python3-futurize
-rwxr-xr-x 1 root root  964 Dec 23  2020 /usr/bin/python3-pasteurize
-rwxr-xr-x 1 root root 1.8K Aug  6  2019 /usr/bin/python3-unidiff
-rwxr-xr-x 1 root root 6.3K Jul 27  2020 /usr/bin/python3-wsdump
-rwxr-xr-x 1 root root 5.3M Feb 28  2021 /usr/bin/python3.9

 

[truecharts]

The cleanest solution for this, would indeed to mount a `whitelist.txt` whitelist, using hostPath mounts and have a dedicated script or container handle the updating. Rather than create forks of containers to include each-and-every scripting language.

 

[indivision]

You should not run Pihole as Scale container. Instead, purchase two Raspberry Pi and install the DietPi distro on them, which allows you to easily run Pihole+Unbound with a proper DNS setup. Imagine Scale down, your entire network is affected. This way, you isolate the DNS related issues and also have proper redundancy.

Then, you can install @truecharts Homer app and have the two Pihole instances linked:

View attachment 58193

I've been testing out pihole recently and looking for best practices. I've already seen the issue you describe here where the whole network goes down if its an app and you just do a server restart.

When you say to use two pi, are you just listing those as DNS servers 1 and 2 in the router? So, if one goes down the other is still up?

When you say "linked" in Homer is that just a visual thing linking them together? Or is it some technical relationship?

Did you mean something technical by "proper DNS setup"? Or, is that just referring to having your DNS isolated on its own system?

 

[Daisuke]

So, if one goes down the other is still up?

Yes, they are redundant. For example, you can upgrade one Pi and your network will work properly.

When you say "linked" in Homer is that just a visual thing linking them together? Or is it some technical relationship?

Homer allows you to see the status of your app, when you insert the API key, errors, warnings, upgrade availability. Think of it as a nice bookmarks page that also shows you the status of your apps (if supported). So it is a technical relationship, not just a pretty link. But instead of asking, you could read the documentation and see by yourself what the software does.

Did you mean something technical by "proper DNS setup"?

Yes, read the Pihole+Unbound docs on Pihole site, it will tell you the why, what and how. DietPi packages will set everything for you correctly, if you are not experienced with Pihole+Unbound.

 

[indivision]

Yes, they are redundant. For example, you can upgrade one Pi and your network will work properly.

Got it. Thank you.

I shouldn't have given away my extra Pis! Only one left.

Homer allows you to see the status of your app, when you insert the API key, errors, warnings, upgrade availability. Think of it as a nice bookmarks page that also shows you the status of your apps (if supported). So it is a technical relationship, not just a pretty link. But instead of asking, you could read the documentation and see by yourself what the software does.

Thank you. I know what Homer does in general (I use Flame for this). It sounded like you were saying it adds some kind of data sharing feature or something.

 

[Daisuke]

I shouldn't have given away my extra Pis

See my latest TrueNAS build and automatisation.

 

[Daisuke]

Actually, I moved the questions here for that reason. They were not really relevant to the other thread. But, they are relevant to the use of redundant pi-hole servers that you outline here. You also directly linked to this thread when I brought it up.

The right place to ask these questions is in your thread. What exactly you want to know about the redundant setup of your Piholes? I linked my build so you get an idea of the overall setup.