Skip to content

move info from docker readme to the docs #1321

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
PromoFaux wants to merge 2 commits into
base: master
Choose a base branch
from
Open

move info from docker readme to the docs #1321

PromoFaux wants to merge 2 commits into from
+165 −125

Conversation

@PromoFaux
Copy link
Member

@PromoFaux PromoFaux commented Nov 27, 2025
edited
Loading

What does this PR aim to accomplish?:

Trying to tidy up the docker readme a bit because it is getting unwieldy...

pi-hole/docker-pi-hole#1958

By submitting this pull request, I confirm the following:

  1. I have read and understood the contributors guide, as well as this entire template. I understand which branch to base my commits and Pull Requests against.
  2. I have commented my proposed changes within the code and I have tested my changes.
  3. I am willing to help maintain this change if there are issues with it later.
  4. It is compatible with the EUPL 1.2 license
  5. I have squashed any insignificant commits. (git rebase)
  • I have read the above and my PR is ready for review. Check this box to confirm

@PromoFaux PromoFaux requested a review from a team as a code owner November 27, 2025 21:31
@PromoFaux PromoFaux mentioned this pull request Nov 27, 2025
Open
1 task
rdwebdesign
rdwebdesign requested changes Nov 27, 2025
View reviewed changes
@netlify
Copy link

netlify bot commented Nov 27, 2025
edited
Loading

Deploy Preview for pihole-docs ready!

Name Link
🔨 Latest commit 9cf7e02
🔍 Latest deploy log https://app.netlify.com/projects/pihole-docs/deploys/693d3d9a76005f0008ad1d24
😎 Deploy Preview https://deploy-preview-1321--pihole-docs.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@rdwebdesign

This comment was marked as outdated.

Sign in to view
@PromoFaux

This comment was marked as outdated.

Sign in to view
@rdwebdesign
Copy link
Member

rdwebdesign commented Nov 27, 2025

Well spotted, I, err, was testing anyone actually reads things before they review. ;)

😕 😒

@PromoFaux PromoFaux mentioned this pull request Dec 12, 2025
Open
@PromoFaux PromoFaux force-pushed the dockerdocs branch 2 times, most recently from c5345f4 to 5436b48 Compare December 13, 2025 00:55
rdwebdesign
rdwebdesign reviewed Dec 14, 2025
View reviewed changes
docs/docker/index.md
Comment on lines +57 to +71
## Docker tags and versioning

- `CAP_NET_BIND_SERVICE`: Allows FTLDNS binding to TCP/UDP sockets below 1024 (specifically DNS service on port 53)
- `CAP_NET_RAW`: use raw and packet sockets (needed for handling DHCPv6 requests, and verifying that an IP is not in use before leasing it)
- `CAP_NET_ADMIN`: modify routing tables and other network-related operations (in particular inserting an entry in the neighbor table to answer DHCP requests using unicast packets)
- `CAP_SYS_NICE`: FTL sets itself as an important process to get some more processing time if the latter is running low
- `CAP_CHOWN`: we need to be able to change ownership of log files and databases in case FTL is started as a different user than `pihole`
- `CAP_SYS_TIME`: FTL needs to be able to set the system time to update it using the Network Time Protocol (NTP) in the background
The primary docker tags are explained in the following table. [Click here to see the full list of tags](https://hub.docker.com/r/pihole/pihole/tags). See [GitHub Release notes](https://github.com/pi-hole/docker-pi-hole/releases) to see the specific version of Pi-hole Core, Web, and FTL included in the release.

!!! info
This image automatically grants those capabilities, if available, to the FTLDNS process, even when run as non-root.
The Date-based (including incremented "Patch" versions) do not relate to any kind of semantic version number, rather a date is used to differentiate between the new version and the old version, nothing more.

By default, docker does not include the `NET_ADMIN` capability for non-privileged containers, and it is recommended to explicitly add it to the container using `--cap-add=NET_ADMIN`.
Release notes will always contain full details of changes in the container, including changes to core Pi-hole components.

However, if DHCP and IPv6 Router Advertisements are not in use, it should be safe to skip it. For the most paranoid, it should even be possible to explicitly drop the `NET_RAW` capability to prevent FTLDNS from automatically gaining it.
| tag | description |
| :--- | :--- |
| `latest` | Always the latest release |
| `2022.04.0` | Date-based release |
| `2022.04.1` | Second release in a given month |
| `*beta` | Early beta releases of upcoming versions - here be dragons |
| `nightly` | Built and pushed whenever there are changes on the `development` branch and additionally produced by the scheduled nightly job. These are the most experimental development images and may change frequently |
Copy link
Member

@rdwebdesign rdwebdesign Dec 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe this block should be on the docker repo README, or maybe on both places.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rdwebdesign rdwebdesign rdwebdesign requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@PromoFaux @rdwebdesign