Changes to WEBPASSWORD are ignored

[chr1st1ank]

Setting the password for the web interface as documented only works once. E.g. this setting in a docker-compose file works:

version: "2.3"

# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/
services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    ...
    environment:
      WEBPASSWORD: my_complicated_password
      ...
    volumes:
       - './etc/pihole:/etc/pihole/'
       - './etc/dnsmasq.d:/etc/dnsmasq.d/'

But changes to this evironment variable are not picked up. Not when restarting the docker container nor even when recreating it. The reason is that the settings are stored in a volume and survive container recreations.
This line in the bash functions running on startup prevents changes to the password because it returns if there is already a password in setupVars.conf:

docker-pi-hole/bash_functions.sh

Line 266 in 3b8227c

setup_var_exists "WEBPASSWORD" && return

This is probably also the reason behind the behaviour reported in #538

I think the line in the bash function can simply be removed safely. Only drawback is that the same password is set again when a container is restartet.

[diginc]

Looking at the git blame for that line it's origins are #364

Please look over that request and consider how both requests can live simultaneously. Some people enjoy only having config-as-code (environment variables) being the source of truth for an an application and others are not used to that or are surprised by that type of behavior when restarting reverts changes they made through their web interface that are saved to volumes.

I have a rewrite for config management in the works (that I stalled out on) for better allowing both of these use cases to exist simultaneously but it's a pretty big breaking change to the environment variable schema and requires lots of people change their ENVs and re-writing/testing alot of the startup code.

[chr1st1ank]

Yes, you are guessing right. I use docker-compose. But actually managing config files would also be fine for me. I only used the environment variables because they were there and seemed the easier way. But they don't cover everything. I also manage a dnsmasq.conf and a custom.list.

So in this case it would be necessary to check if the password provided via environment variable deviates from the stored one. But this might be only a partial solution for this one variable. Probably the broader solution you are mentioning is better.

A simple workaround for me is to delete the password line from setupVars.conf before restarting the container.

So for the time being I am happy as it is. And I can say I am more than happy with this great product!

[carlosfrutos]

I also had this problem and I couldn't log in to my pihole anymore after upgrading the docker image. Until a fix arrives, I found a workaround:

1.- Edit setupVars.conf in container's /etc/pihole directory (find your mountpoint)
2.- Remove your WEBPASSWORD line and save the file (you may need to use sudo).
3.- Stop container.
4.- Set the WEBPASSWORD environment variable to your desired password.
5.- Start container. You may login to pihole's admin area with the given password.

Hope this helps.

Thanks a lot to the people maintaining this amazing tool.

[tordeu]

Thanks, @carlosfrutos! Removing WEBPASSWORD from setupVars.conf still works.

[github-actions]

This issue is stale because it has been open 30 days with no activity. Please comment or update this issue or it will be closed in 5 days.