unbound exited with code 1

Question

unbound exited with code 1

Closed this issue 5 months ago · 14 comments

nicklvh commented 5 months ago

Describe the bug
When trying to create and run the unbound container, it fails with exit code 1.

To Reproduce

Create unbound container using docker compose
Run it

Expected behavior
Unbound works

Screenshots

Please complete the following information:

Raspberry Pi 400
Ubuntu Server 24.04 LTS
Arm64 / aarch64
Latest stable version of unbound

Additional context
Happens on every other docker unbound there is

Answer 1 · 2024-07-31T17:08:15.000Z

Will the container spin up with the minimal config?

Please share your unbound.conf(s) and your compose file.

Answer 2 · 2024-07-31T17:40:55.000Z

server:
verbosity: 0
access-control: 10.8.1.0/24 allow
interface: 0.0.0.0
port: 5335
do-ip4: yes
do-udp: yes
do-tcp: yes
do-ip6: no
prefer-ip6: no
# root-hints: "/var/lib/unbound/root.hints"
harden-glue: yes
harden-dnssec-stripped: yes
use-caps-for-id: no
edns-buffer-size: 1232
prefetch: yes
num-threads: 1
# so-rcvbuf: 1m Causes warning
private-address: 192.168.0.0/16
private-address: 169.254.0.0/16
private-address: 172.16.0.0/12
private-address: 10.0.0.0/8
private-address: fd00::/8
private-address: fe80::/10

Answer 3 · 2024-07-31T17:49:53.000Z

It did boot with the minimal config and the only difference from my config is the timezone and the unbound.conf. I assume it would not be the timezone but I'll add the timezone really quickly to rule it out fully.

I don't know what is wrong with the unbound.conf as it is a pretty much 1 to 1 copy from the pihole config

Edit: added the timezone + docker network and it still works so something is wrong with my unbound.conf

Answer 4 · 2024-07-31T17:56:27.000Z

Also just a question, on the docs it says there is an optional redis database, what is the point of this and does it make performance/security any better? Or is it just worth using unbound's cache

Answer 5 · 2024-07-31T18:04:00.000Z

Please use the included unbound.conf or change at least the following entries (see the troubleshooting section in the documentation:

...

You'd like to use a different unbound.conf than the one included? No problem, just make sure to change at least the following settings and fix crucial paths, otherwise the container will fail to start:

server:
   username="" # Not set in config but compose or command if needed
   chroot="" # Distroless, so no chroot necessary
   directory="/usr/local/unbound" # This is the folder where Unbound lives in

...

Redis speed up the things by keeping entries in a memory cache so unbound doesn't need to make a recursive query to resolve a domain.

Answer 6 · 2024-07-31T18:09:55.000Z

Oh thank you so much

Answer 7 · 2024-07-31T18:11:03.000Z

Is the default unbound.conf still good?

Answer 8 · 2024-07-31T18:12:36.000Z

The one included? Sure it is. Just adapt this and that to your environment and you're all set.

Answer 9 · 2024-08-01T02:04:05.000Z

Hey, how can i check if my redis setup is working? I actually had a problem with your redis.conf but i fixed it. I don't see anything from unbound in logs about redis but I see redis starting up in logs.

Answer 10 · 2024-08-01T04:15:54.000Z

You could use the redis cli:

redis-cli -s //path/redis.sock

Answer 11 · 2024-08-01T14:04:47.000Z

May I ask what problem you faced with the provided redis.conf?

Answer 12 · 2024-08-02T20:36:10.000Z

I verified that the redis instance is running and working well with my unbound instance. Great work btw on all of this its the best work I've ever seen for an unbound docker instance and you give great support to your users.

The redis.conf issue was on line 1158 in your provided redis.conf, the value 'lru' is not a valid value and as you can see in the comments above the closest thing I saw was allkeys-lru so I just used that.

Answer 13 · 2024-08-03T07:04:28.000Z

Thank you for your kind words! Do you want to correct that to allkeys-lru?

Answer 14 · 2024-08-03T20:48:55.000Z

Done, thank you so much again for your support! I will close this now