#Help with Sidecar and Pi-hole on Mac Mini

Okay guys, I'm running Tailscale on most of my devices with no issues. My 'secondary' device is an Intel Mac Mini Pro which acts as my main Tailscale 'server'.
On that 'Mini' I run Docker and Pi-Hole. The issues with that is that all client devices show with a single Tailscale IP address within Pi-hole.
I contacted support and Alex V recommended I set up Pi-Hole using a Sidecar in Tailscale.

I've done that (and think I got all the settings worked out properly)... (do I need to post the compose and .env file contents)?

However if I access Pi-hole (http://mypihole.mytailnet.net/admin/login) I can't get to the settings etc as I need to set the password. Previously when not using Sidecar I just accessed the Mac Mini, opened Terminal used CD to navigate to the 'cd ~/docker/pihole' folder and ran 'docker exec -it pihole pihole setpassword' to set the password.

I've tried:

cd ~docker/tailscale/

then:

docker exec -it tailscale-pihole tailscale setpassword > this gives me 'unknown subcommand: setpassword'
docker exec -it tailscale-pihole app-pihole setpassword > this gives 'unable to start container process: exec: "app-pihole": executable file not found in $PATH'

other paths I've tried are:

docker exec -it tailscale-pihole setpassword
docker exec -it tailscale tailscale setpassword
docker exec -it tailscale-pihole tailscale setpassword
docker exec -it tailscale tailscale setpassword

None of them seem to work.....

So questions are:

• Do I need to (somehow) do to log into Tailscale in the sidecar? If so how.
• What command should I do to change the password?

I'm new to using Docker and the more complex aspects of Tailscale and things such as Sidecar.

I'm running macOS Sequoia on the Intel Mini 15.7.4 and Tailscale 1.96.2, on the pi-hole sidecar it shows as 1.94.2

Any help would be appreciated. If any information is needed please yell out.

Did you use docker compose to set up the pihole and sidecar?

What is the output of "docker ps -a"?

I used: docker compose pull && docker compose up -d

docker ps-a gives me:

PORTS                                                                                                               NAMES

c05bd634bf60 pihole/pihole "start.sh" 27 hours ago Up 27 hours (healthy) app-pihole
c13165498acd tailscale/tailscale:latest "/usr/local/bin/cont…" 27 hours ago Up 27 hours (healthy) tailscale-pihole
c6071237402d pihole/pihole:latest "start.sh" 2 days ago Up 2 days (healthy) 0.0.0.0:53->53/tcp, 0.0.0.0:53->53/udp, [::]:53->53/tcp, [::]:53->53/udp, 0.0.0.0:8080->80/tcp, [::]:8080->80/tcp pihole
05ce43d137a6 pihole/pihole "start.sh" 6 days ago Exited (137) 6 days ago laughing_sutherland
2026b2abaea8 adguard/adguardhome "/opt/adguardhome/Ad…" 3 weeks ago Exited (0) 7 days ago adguardhome-adguardhome-1||

Does that help at all?

I think so

You probably want "docker compose exec app setpassword"?

Okay, so do I take it down, use that and then bring it back up or do I need to wipe it completely and start again using that to initialise it?

Okay I gave it a go. It looked like it needed to be up:

MyMacLogonUser@Old-Mac-Mini tailscale % docker compose exec Tailscale setpassword service "Tailscale" is not running

MyMacLogonUser@Old-Mac-Mini tailscale % docker compose exec pihole setpassword service "pihole" is not running

Any further ideas?

Are you in the same folder as your compose.yaml file?

Yep see screenshot

I'm still wondering if I should be signing into Tailscale somehow in terminal before I try this?

I managed to sign in using 'logon', it didn't make any difference. I still get service "Tailscale" is not running.
Is it worth me posting my compose.yaml file?

Another thought, how do I find my PUID & PGID? I had put in values that I see on my NAS, but these could well be wrong as it's a different machine.

Ah ha - ID gave me different figures. I set those in the compose.yaml file. No difference. Getting very close to giving up here.

Your compose file has a tailscale key in it right? If you use "docker compose ps -a" you can confirm what is currently running

Yep I get as attached, and I still get the not running error. It's not in the compose.yaml file directly, but in the .env file that it links to.

Checked on the names listed and got:

username@Old-Mac-Mini tailscale % docker compose exec app-pihole setpassword service "app-pihole" is not running
username@Old-Mac-Mini tailscale % docker compose exec tailscale-pihole setpassword service "tailscale-pihole" is not running

Made sure I was logged in, just in case.

For reference I'm using the instructions here: https://github.com/tailscale-dev/ScaleTail/tree/main/services/pihole

Okay I think I've resolved it 🙂
I edited the ENV file so that the service was called 'pi-hole2' which gave me:

app-pihole2 pihole/pihole "start.sh" application 3 minutes ago Up 3 minutes (healthy)
tailscale-pihole2 tailscale/tailscale:latest "/usr/local/bin/cont…" tailscale 3 minutes ago Up 3 minutes (healthy)

Once I had that I tried many variants on the password change options and finally:

docker exec -it app-pihole2 pihole setpassword

Worked! So far all is looking good!

To try and move it on........ 'docker exec -it pihole pihole setpassword ' works for setting the password on the Pi-hole container but not the tailscale sidecar version of Pi-hole. I renamed the TailHole container to pihole2, so checking what was running I get:

app-pihole2 pihole/pihole "start.sh" application 3 minutes ago Up 3 minutes (healthy)
tailscale-pihole2 tailscale/tailscale:latest "/usr/local/bin/cont…" tailscale 3 minutes ago Up 3 minutes (healthy)

Hmm lost some of my notes.......

cd ~/docker/tailscale
docker compose up -d

Actually set the password (may need to login to Tailscale first on the Mac mini

docker exec -it app-pihole2 pihole setpassword - Works

Yeah definitely sounds like the names are getting mixed up somewhere

In my experience if it's "docker compose up" then it should be "docker compose" everything

The extra "-pihole" is definitely confusing

Justy edited my post above as somehow some of it got lost! It seems that the first 'call' in the command line is the name of the container, the second the binary name. All good now anyway!

Thanks for the assist @ocean sapphire appreciated