[GH-ISSUE #6324] Pihole NTP warning #1355

New issue

Closed

opened 2026-02-26 12:48:36 +03:00 by kerem · 3 comments

kerem commented 2026-02-26 12:48:36 +03:00

Owner

Copy link

Originally created by @jabofh on GitHub (Jul 28, 2025).
Original GitHub issue: https://github.com/community-scripts/ProxmoxVE/issues/6324

Please verify that you have read and understood the guidelines.

yes

What type of issue is this?

Documentation

A clear and concise description of the issue.

We should probably have another warning in the JSON documentation for Pihole.

When you install the Pihole LXD container you should install it as a privileged container if you want to use it as a NTP server.

If you don't you may well run into issues with it being deemed an "unusable" server and getting ignored by Linux nodes, and have your nodes experiencing time drift.

Which browser are you using?

Other

If relevant, including screenshots or a code block can be helpful in clarifying the issue.

No response

Please provide detailed steps to reproduce the issue.

No response

Originally created by @jabofh on GitHub (Jul 28, 2025). Original GitHub issue: https://github.com/community-scripts/ProxmoxVE/issues/6324 ### Please verify that you have read and understood the guidelines. yes ### What type of issue is this? Documentation ### A clear and concise description of the issue. We should probably have another warning in the JSON documentation for Pihole. When you install the Pihole LXD container you should install it as a privileged container _if_ you want to use it as a NTP server. If you don't you may well run into issues with it being deemed an "unusable" server and getting ignored by Linux nodes, and have your nodes experiencing time drift. ### Which browser are you using? Other ### If relevant, including screenshots or a code block can be helpful in clarifying the issue. _No response_ ### Please provide detailed steps to reproduce the issue. _No response_

kerem 2026-02-26 12:48:36 +03:00

• closed this issue
• added the
  website
  label

kerem commented 2026-02-26 12:48:37 +03:00

Author

Owner

Copy link

@MickLesk commented on GitHub (Jul 28, 2025):

running Pi-hole in a privileged LXC? Bad idea, mate. You're basically giving it root access to your entire host — one slip-up or exploit, and boom, your whole server's toast. Stick to unprivileged containers unless you wanna roll the dice with your network's safety. It's like leaving your front door wide open 'cause the mailman needs to drop a letter. Only for useless ntp.

<!-- gh-comment-id:3129071502 --> @MickLesk commented on GitHub (Jul 28, 2025): running Pi-hole in a privileged LXC? Bad idea, mate. You're basically giving it root access to your entire host — one slip-up or exploit, and boom, your whole server's toast. Stick to unprivileged containers unless you wanna roll the dice with your network's safety. It's like leaving your front door wide open 'cause the mailman needs to drop a letter. Only for useless ntp.

kerem commented 2026-02-26 12:48:37 +03:00

Author

Owner

Copy link

@jabofh commented on GitHub (Jul 29, 2025):

Unfortunately NTP is both useful and quite important in my environment. To mitigate the risk of running the LXC container privileged I have my Proxmox node hidden away behind two discrete firewalls, with only me having direct access to it.

Bearing in mind that NTP is important to me, and I'm already using Pihole, which already runs as an NTP server, this seemed the most expedient.

<!-- gh-comment-id:3131383280 --> @jabofh commented on GitHub (Jul 29, 2025): Unfortunately NTP is both useful and quite important in my environment. To mitigate the risk of running the LXC container privileged I have my Proxmox node hidden away behind two discrete firewalls, with only me having direct access to it. Bearing in mind that NTP _is_ important to me, and I'm already using Pihole, which already runs as an NTP server, this seemed the most expedient.

kerem commented 2026-02-26 12:48:37 +03:00

Author

Owner

Copy link

@MickLesk commented on GitHub (Jul 29, 2025):

Then it would make sense from a security perspective to migrate it to a Debian or Ubuntu VM rather than an open LXC.

<!-- gh-comment-id:3131400237 --> @MickLesk commented on GitHub (Jul 29, 2025): Then it would make sense from a security perspective to migrate it to a Debian or Ubuntu VM rather than an open LXC.

kerem referenced this issue 2026-02-26 13:32:30 +03:00

[PR #1355] [CLOSED] Revert "Install/update ActualBudget based on releases, not latest master" #3128

kerem referenced this issue 2026-02-26 13:32:33 +03:00

[PR #1376] [MERGED] Fix: ActualBudget Update-Function #3139

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

github-action-update-changelog

pr-update-app-files

add-script-fireshare-1777034879

refactor_ghostfolio

add-script-jitsi-meet-1776754982

add-script-apprise-api-1776844606

add-script-transmute-1776844620

fix/update-motd-profile-terminal-500

revert-13797-phs-verbose

revert-13951-hotfix_core_motd

fix/node-options-auto-heap-termix

fix/twingate-connector-real-update

fix/mealie-startsh-missing-after-failed-update

fix/setup-nodejs-upgrade-minor-patch

hotfix_core_motd

fix/uv-venv-clear-update-scripts

add-script-ownfoil-1776758482

add-script-mini-qr-1776757900

add-script-dashy-1776446840

add-script-erpnext-1776807942

add-script-minthcm-1776758021

add-script-anchor-1776753635

add-script-foldergram-1776755549

add-script-gogs-1776754912

copilot/fix-homelable-installation-error

add-script-whodb-1776695185

fix/lxc-stack-upgrade-and-storage-validation

fix/node-version-drift

fix/pangolin-migration-user-roles

fix/pmg-post-install-detection

fix/pangolin-safe-migration

fix/wanderer-pocketbase-wrapper

fix/slskd-config-migration

fix-actualbudget-warnings

add-script-nametag-1776613576

github-action-archive-changelog

fix/litellm-prisma-generate

fix/clean-orphaned-lvm-cluster-aware

fix/babybuddy-django-settings-module

fix/yamtrack-nginx-update-config

add-script-dagu-1776530655

fix/intel-igc-version-pinning

fix/build-func-pct-create-audit

add-script-igotify-1776263238

add-script-step-ca-1776263572

cleanup_docs_and_co

add-script-github-runner-1776088530

revert-13570-remove_unused_scripts

fix/lyrion-service-name

fix/mealie-v3.15-nuxt4

fix/reitti-v4-refactor

copilot/fix-mealie-version-update

copilot/fix-git-command-not-found

fix/slskd-soularr-lockfile

fix/build-func-tmpdir-leak

refactor/bytestash-data-backup

copilot/fix-bambuddy-update-issue

MickLesk-patch-2

fix/ironclaw-keychain

fix/alpine-wakapi-busybox-df

fix/bentopdf-wasm-coep-headers

fix/crafty-controller-creds-wait

feat/elementsynapse-element-call

fix/metube-pnpm-builds

fix/romm-dynamic-base-path

fix/immich-env-newline

copilot/fix-homarr-update-script

fix/github-token-attempt-zero-crash

fix/filebrowser-quantum-host-warning

fix/homarr-redis-bind-localhost

CrazyWolf13-patch-3

fix/dynamic-os-detection

fix/checkmk-release-security-suffix

fix/bambuddy-ffmpeg-updateable

fix/immich-helmet-csp

core_add_scriptsite_donation_url

add-script-ironclaw-1775649518

fix/proxmox-error-resilience

remove_unused_scripts

CrazyWolf13-patch-1

fix/papra-env-backup-fallback

CrazyWolf13-patch-2

add-script-homelable-1775421958

add-script-openthread-br-1775416012

fix/silent-return-instead-of-exit

fix/nvidia-glx-fallback

fix/npm-ensure-nginx-dirs

fix/motioneye-run-as-root

fix/grist-remove-ee

fix/openwrt-vm-shutdown

fix/core-func-profiled-sourcing

fix/crafty-controller-java25

fix/lxc-updater-apt-pager

fix/npm-openresty-user-config

add-script-netboot-xyz-1775157692

copilot/fix-zigbee2mqtt-update-error

feat/apt-proxy-url-support

fix/cron-updater-path

fix/grist-backup-empty-docs

fix/filebrowser-noauth

feat/core-hardening-proxmoxve

add-script-drawdb-1775060927

fix/build-func-empty-gateway

fix/graylog-max-map-count

fix/koillection-envlocal-newline

add-script-bambuddy-1774853250

MickLesk-patch-1

fix/immich-maintenance-mode-redis-error

fix/npm-unmask-openresty-on-migration

fix/ollama-intel-gpg-error-handling

add-script-yourls-1774732133

add-script-matter-server-1774638379

fix/dispatcharr-pg-port

cron_update_lxc

chore/immich-v2.6.3

add-script-geopulse-1774548387

cdn_improvements

add-script-birdnet-1774535320

fix/tools-func-exit-codes

fix/immich-update-db-hostname

update/frigate-0.17.1

fix/use-absolute-path-for-install

fix/pin-npm-version

shell_safe_fixes

remove_booklore

chore/update-url-community-scripts

komodov2

refactor/turnkey-modernize

add-script-nextexplorer-1774344421

add-script-homebrew-1774342032

fix/shell-security-hardening-v2

improve/build-func-performance-cleanup

fix/build-dns-prefix

fix/anytype-mongodb-wait

fix/frigate-cpu-model-path

copilot/fix-installation-failure-isponsorblocktv

fix/reactive-resume-add-git

copilot/scanopy-fix-apt-configuration-error

add-script-isponsorblocktv-1774009652

add-script-alpine-wakapi-1774008954

fix/coder-code-server-existing-config-and-reachability

add-script-teleport-1773928044

CrazyWolf13-patch-wealthfolio-1

refactor/tools-func-qol

fix/stirling-pdf-jdk-reinstall

fix/pinned-version-wording

MickLesk-patch-10

fix/reactive-resume-v5013

fix/tracearr-update-version-oom

copilot/fix-hdd-space-for-owncast

tremor021-patch-6

pocketbase_bot

disp_fix

fix/tdarr-binary-check-curl-retry

MickLesk-patch-9

refactor/podman-quadlets

alpine-ntfy

refactor/jellyfin

CrazyWolf13-patch-11

feature/autousermod_hwaccell

add-script-split-pro-1773677692

fix/frigate-openvino-fallback

fix/paperless-ngx-default-ram

fix/plex-restart-after-update

fix/gluetun-openvpn-env

MickLesk-patch-8

termix_add_guacd

MickLesk-patch-7

fix/tududi-nodejs-in-update

fix/sparkyfitness-npm-peer-deps

docs/website-metadata-workflow

fix-pbs_microcode

remove_jsons

michelroegl-brunner-patch-4

add-script-test-1773325265

cleanup_workflows

feat/remove-frontend

automated/update-github-versions

feat/mode-generated

fix/n8n-build-essential

fix/sparkyfitness-shared-deps

fix/rocm-path-escaping

fix/storage-validation-cross-node

fix/frigate-nvidia-version-regex

arm64-build-support

readme

michelroegl-brunner-patch-3

fix/coder-code-server-backup

copilot/fix-immich-update-dependency-issue

rust

fix/linkwarden-update-playwright

fix/powerdns-sqlite-permissions

fix/duplicate-nameserver-searchdomain

CrazyWolf13-patch-7

feat/ollama-rocm-support

fix/seerr-migration-update-script

preflight_tests

adgu_fix

2026-04-24

2026-04-23

2026-04-22

2026-04-21

2026-04-20

2026-04-19

2026-04-18

2026-04-17

2026-04-16

2026-04-15

2026-04-14

2026-04-13

2026-04-12

2026-04-11

2026-04-10

2026-04-09

2026-04-08

2026-04-07

2026-04-06

2026-04-05

2026-04-04

2026-04-03

2026-04-02

2026-04-01

2026-03-31

2026-03-30

2026-03-29

2026-03-28

2026-03-27

2026-03-26

2026-03-25

2026-03-24

2026-03-23

2026-03-22

2026-03-21

2026-03-20

2026-03-19

2026-03-18

2026-03-17

2026-03-16

2026-03-15

2026-03-14

2026-03-13

2026-03-12

2026-03-11

2026-03-10

2026-03-09

2026-03-08

2026-03-07

2026-03-06

2026-03-05

2026-03-04

2026-03-03

2026-03-02

2026-03-01

2026-02-28

2026-02-27

2026-02-26

2026-02-25

2026-02-24

2026-02-23

2026-02-22

2026-02-21

2026-02-20

2026-02-19

2026-02-18

2026-02-17

2026-02-16

2026-02-15

2026-02-14

2026-02-13

2026-02-12

2026-02-11

2026-02-10

2026-02-09

2026-02-08

2026-02-07

2026-02-06

2026-02-05

2026-02-04

2026-02-03

2026-02-02

2026-02-01

2026-01-31

2026-01-30

2026-01-29

2026-01-28

2026-01-27

2026-01-26

2026-01-25

2026-01-24

2026-01-23

2026-01-22

2026-01-21

2026-01-20

2026-01-19

2026-01-18

2026-01-17

2026-01-16

2026-01-15

2026-01-14

2026-01-13

2026-01-12

2026-01-11

2026-01-10

2026-01-09

2026-01-08

2026-01-07

2026-01-06

2026-01-05

2026-01-04

2026-01-03

2026-01-02

2026-01-01

2025-12-31

2025-12-30

2025-12-29

2025-12-28

2025-12-27

2025-12-26

2025-12-25

2025-12-24

2025-12-23

2025-12-22

2025-12-21

2025-12-20

2025-12-19

2025-12-18

2025-12-17

2025-12-16

2025-12-15

2025-12-14

2025-12-13

2025-12-12

2025-12-11

2025-12-10

2025-12-09

2025-12-08

2025-12-07

2025-12-06

2025-12-05

2025-12-04

2025-12-03

2025-12-02

2025-12-01

2025-11-30

2025-11-29

2025-11-28

2025-11-27

2025-11-26

2025-11-25

2025-11-24

2025-11-23

2025-11-22

2025-11-21

2025-11-20

2025-11-19

2025-11-18

2025-11-17

2025-11-16

2025-11-15

2025-11-14

2025-11-13

2025-11-12

2025-11-11

2025-11-10

2025-11-09

2025-11-08

2025-11-07

2025-11-06

2025-11-05

2025-11-04

2025-11-03

2025-11-02

2025-11-01

2025-10-31

2025-10-30

2025-10-29

2025-10-28

2025-10-27

2025-10-26

2025-10-25

2025-10-24

2025-10-23

2025-10-22

2025-10-21

2025-10-20

2025-10-19

2025-10-18

2025-10-17

2025-10-16

2025-10-15

2025-10-14

2025-10-13

2025-10-12

2025-10-11

2025-10-10

2025-10-09

2025-10-08

2025-10-07

2025-10-06

2025-10-05

2025-10-04

2025-10-03

2025-10-02

2025-10-01

2025-09-30

2025-09-29

2025-09-28

2025-09-27

2025-09-26

2025-09-25

2025-09-24

2025-09-23

2025-09-22

2025-09-21

2025-09-20

2025-09-19

2025-09-18

2025-09-17

2025-09-16

2025-09-15

2025-09-14

2025-09-13

2025-09-12

2025-09-11

2025-09-10

2025-09-09

2025-09-08

2025-09-07

2025-09-06

2025-09-05

2025-09-04

2025-09-03

2025-09-02

2025-09-01

2025-08-31

2025-08-30

2025-08-29

2025-08-28

2025-08-27

2025-08-26

2025-08-25

2025-08-24

2025-08-23

2025-08-22

2025-08-21

2025-08-20

2025-08-19

2025-08-18

2025-08-17

2025-08-16

2025-08-15

2025-08-14

2025-08-13

2025-08-12

2025-08-11

2025-08-10

2025-08-09

2025-08-08

2025-08-07

2025-08-06

2025-08-05

2025-08-04

2025-08-03

2025-08-02

2025-08-01

2025-07-31

2025-07-30

2025-07-29

2025-07-28

2025-07-27

2025-07-26

2025-07-25

2025-07-24

2025-07-23

2025-07-22

2025-07-21

2025-07-20

2025-07-19

2025-07-18

2025-07-17

2025-07-16

2025-07-15

2025-07-14

2025-07-11

2025-07-10

2025-07-09

2025-07-08

2025-07-07

2025-07-06

2025-07-05

2025-07-04

2025-07-03

2025-07-02

2025-07-01

2025-06-30

2025-06-29

2025-06-28

2025-06-27

2025-06-26

2025-06-25

2025-06-24

2025-06-23

2025-06-22

2025-06-21

2025-06-20

2025-06-19

2025-06-18

2025-06-17

2025-06-16

2025-06-15

2025-06-14

2025-06-13

2025-06-12

2025-06-11

2025-06-10

2025-06-09

2025-06-08

2025-06-07

2025-06-06

2025-06-05

2025-06-04

2025-06-03

2025-06-02

2025-06-01

2025-05-31

2025-05-30

2025-05-29

2025-05-28

2025-05-27

2025-05-26

2025-05-25

2025-05-24

2025-05-23

2025-05-22

2025-05-21

2025-05-20

2025-05-19

2025-05-18

2025-05-17

2025-05-16

2025-05-15

2025-05-14

2025-05-13

2025-05-12

2025-05-11

2025-05-10

2025-05-09

2025-05-08

2025-05-07

2025-05-06

2025-05-05

2025-05-04

2025-05-03

2025-05-02

2025-05-01

2025-04-30

2025-04-29

2025-04-28

2025-04-27

2025-04-26

2025-04-25

2025-04-24

2025-04-23

2025-04-22

2025-04-20

2025-04-21

2025-04-19

2025-04-18

2025-04-17

2025-04-15

2025-04-16

2025-04-14

2025-04-13

2025-04-12

2025-04-11

2025-04-10

2025-04-09

2025-04-08

2025-04-07

2025-04-06

2025-04-05

2025-04-04

2025-04-03

2025-04-02

2025-04-01

2025-03-31

2025-03-30

2025-03-29

2025-03-28

2025-03-27

2025-03-26

2025-03-25

2025-03-24

2025-03-23

2025-03-22

2025-03-21

2025-03-20

2025-03-19

2025-03-18

2025-03-17

2025-03-16

2025-03-15

2025-03-14

2025-03-13

2025-03-12

2025-03-11

2025-03-10

2025-03-09

2025-03-08

2025-03-07

2025-03-06

2025-03-05

2025-03-04

2025-03-03

2025-03-02

2025-03-01

2025-02-28

2025-02-27

2025-02-26

2025-02-25

2025-02-24

2025-02-23

2025-02-21

2025-02-20

2025-02-19

2025-02-18

2025-02-17

2025-02-16

2025-02-15

2025-02-14

2025-02-13

2025-02-12

2025-02-11

2025-02-10

2025-02-09

2025-02-08

2025-02-07

2025-02-06

2025-02-05

2025-02-04

2025-02-03

2025-02-02

2025-02-01

2025-01-31

2025-01-30

2025-01-29

2025-01-28

2025-01-27

2025-01-26

2025-01-24

2025-01-23

2025-01-22

2025-01-21

2025-01-20

2025-01-19

2025-01-18

2025-01-17

2025-01-16

2025-01-15

2025-01-14

2025-01-13

2025-01-11

2025-01-10

2025-01-09

2025-01-08

2025-01-07

2025-01-06

2025-01-05

2025-01-04

2025-01-03

2025-01-02

2025-01-01

2024-12-31

2024-12-30

2024-12-29

2024-12-28

2024-12-27

2024-12-26

2024-12-25

2024-12-23

2024-12-21

2024-12-20

2024-12-19

2024-12-18

2024-12-17

2024-12-16

2024-12-13

2024-12-12

2024-12-09

2024-12-08

2024-12-07

2024-12-06

2024-12-05

2024-12-04

2024-12-03

2024-12-02

2024-11-30

2024-11-29

2024-11-28

2024-11-27

2024-11-26

2024-11-25

2024-11-24

2024-11-23

Labels

Clear labels   

Implemented in VED waiting push to Main

  

automated

  

breaking change

  

bug

  

bug

  

bugfix

  

deferred

  

delete script

  

dependencies

  

enhancement

  

external

  

feature

  

github

  

help wanted

  

in project pipeline

  

invalid

  

investigation

  

json

  

maintenance

  

needs triage

  

new script

  

new script

  

nice to have

  

not a script issue

  

not planned

  

organization

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

refactor

  

rename script

  

security

  

telemetry

  

update script

  

website

  

wontdo

  

🛑 Failure to comply with the guidelines

No labels

Implemented in VED waiting push to Main

automated

breaking change

bug

bug

bugfix

deferred

delete script

dependencies

enhancement

external

feature

github

help wanted

in project pipeline

invalid

investigation

json

maintenance

needs triage

new script

new script

nice to have

not a script issue

not planned

organization

pull-request

question

refactor

rename script

security

telemetry

update script

website

wontdo

🛑 Failure to comply with the guidelines

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/ProxmoxVE#1355

No description provided.