2015-11-25 21:43:59 +00:00
#!/usr/bin/env bash
2017-07-26 17:00:08 +00:00
# shellcheck disable=SC1090
2015-10-28 22:29:34 +00:00
# Pi-hole: A black hole for Internet advertisements
2018-01-20 13:29:38 +00:00
# (c) 2017-2018 Pi-hole, LLC (https://pi-hole.net)
2017-02-22 17:55:20 +00:00
# Network-wide ad blocking via your own hardware.
#
2017-07-26 17:00:08 +00:00
# Installs and Updates Pi-hole
2015-12-06 14:31:49 +00:00
#
2017-02-22 17:55:20 +00:00
# This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license.
2015-10-28 22:29:34 +00:00
# pi-hole.net/donate
2015-06-14 03:14:21 +00:00
#
2017-07-07 00:25:56 +00:00
# Install with this command (from your Linux machine):
2015-06-14 03:14:21 +00:00
#
2018-01-20 13:29:38 +00:00
# curl -sSL https://install.pi-hole.net | bash
2015-06-14 03:14:21 +00:00
2017-07-07 00:25:56 +00:00
# -e option instructs bash to immediately exit if any command [1] has a non-zero exit status
# We do not want users to end up with a partially working install, so we exit the script
# instead of continuing the installation with something broken
2016-10-10 09:24:03 +00:00
set -e
2017-07-07 00:25:56 +00:00
2015-10-28 22:29:34 +00:00
######## VARIABLES #########
2017-07-07 00:25:56 +00:00
# For better maintainability, we store as much information that can change in variables
2018-02-07 05:45:23 +00:00
# This allows us to make a change in one place that can propagate to all instances of the variable
2017-07-07 00:25:56 +00:00
# These variables should all be GLOBAL variables, written in CAPS
# Local variables will be in lowercase and will exist only within functions
# It's still a work in progress, so you may see some variance in this guideline until it is complete
2018-01-20 13:55:48 +00:00
# Location for final installation log storage
2018-01-20 14:20:06 +00:00
installLogLoc = /etc/pihole/install.log
2017-07-07 00:25:56 +00:00
# This is an important file as it contains information specific to the machine it's being installed on
2016-08-21 16:57:11 +00:00
setupVars = /etc/pihole/setupVars.conf
2017-07-07 00:25:56 +00:00
# Pi-hole uses lighttpd as a Web server, and this is the config file for it
2017-07-26 17:00:08 +00:00
# shellcheck disable=SC2034
2016-12-04 20:30:59 +00:00
lighttpdConfig = /etc/lighttpd/lighttpd.conf
2017-07-07 00:25:56 +00:00
# This is a file used for the colorized output
2017-06-21 11:49:05 +00:00
coltable = /opt/pihole/COL_TABLE
2015-10-31 14:15:57 +00:00
2018-07-27 16:35:39 +00:00
# We store several other directories and
2016-01-24 03:31:12 +00:00
webInterfaceGitUrl = "https://github.com/pi-hole/AdminLTE.git"
webInterfaceDir = "/var/www/html/admin"
piholeGitUrl = "https://github.com/pi-hole/pi-hole.git"
2016-11-02 07:14:25 +00:00
PI_HOLE_LOCAL_REPO = "/etc/.pihole"
2018-02-07 05:45:23 +00:00
# These are the names of pi-holes files, stored in an array
2017-01-15 04:16:27 +00:00
PI_HOLE_FILES = ( chronometer list piholeDebug piholeLogFlush setupLCD update version gravity uninstall webpage)
2018-07-27 16:35:39 +00:00
# This directory is where the Pi-hole scripts will be installed
2017-01-09 07:01:18 +00:00
PI_HOLE_INSTALL_DIR = "/opt/pihole"
2018-07-30 21:26:07 +00:00
PI_HOLE_CONFIG_DIR = "/etc/pihole"
2016-08-19 21:31:11 +00:00
useUpdateVars = false
2016-01-23 00:13:16 +00:00
2018-04-17 08:50:25 +00:00
adlistFile = "/etc/pihole/adlists.list"
2018-07-29 01:56:18 +00:00
regexFile = "/etc/pihole/regex.list"
2017-07-07 00:25:56 +00:00
# Pi-hole needs an IP address; to begin, these variables are empty since we don't know what the IP is until
# this script can run
2016-11-01 09:45:22 +00:00
IPV4_ADDRESS = ""
IPV6_ADDRESS = ""
2017-07-07 00:25:56 +00:00
# By default, query logging is enabled and the dashboard is set to be installed
2016-11-01 16:46:54 +00:00
QUERY_LOGGING = true
2018-04-15 01:08:16 +00:00
INSTALL_WEB_INTERFACE = true
2017-01-28 14:38:54 +00:00
2018-06-01 08:20:40 +00:00
if [ -z " ${ USER } " ] ; then
USER = " $( id -un) "
fi
2017-01-28 14:38:54 +00:00
2016-10-10 12:45:37 +00:00
2017-09-30 20:34:38 +00:00
# Find the rows and columns will default to 80x24 if it can not be detected
2016-11-02 12:17:28 +00:00
screen_size = $( stty size 2>/dev/null || echo 24 80)
2017-01-01 14:32:49 +00:00
rows = $( echo " ${ screen_size } " | awk '{print $1}' )
columns = $( echo " ${ screen_size } " | awk '{print $2}' )
2015-10-28 22:29:34 +00:00
# Divide by two so the dialogs take up half of the screen, which looks nice.
r = $(( rows / 2 ))
c = $(( columns / 2 ))
2016-10-26 14:44:15 +00:00
# Unless the screen is tiny
r = $(( r < 20 ? 20 : r ))
c = $(( c < 70 ? 70 : c ))
2015-10-28 22:29:34 +00:00
2016-10-15 19:52:20 +00:00
######## Undocumented Flags. Shhh ########
2017-07-07 00:25:56 +00:00
# These are undocumented flags; some of which we can use when repairing an installation
# The runUnattended flag is one example of this
2016-10-15 19:43:03 +00:00
skipSpaceCheck = false
2016-10-15 20:12:13 +00:00
reconfigure = false
2016-10-15 19:43:03 +00:00
runUnattended = false
2018-04-15 01:08:16 +00:00
INSTALL_WEB_SERVER = true
# Check arguments for the undocumented flags
for var in " $@ " ; do
2018-07-06 04:48:36 +00:00
case " $var " in
2018-07-26 23:27:06 +00:00
"--reconfigure" ) reconfigure = true; ;
2018-07-06 04:48:36 +00:00
"--i_do_not_follow_recommendations" ) skipSpaceCheck = true; ;
"--unattended" ) runUnattended = true; ;
"--disable-install-webserver" ) INSTALL_WEB_SERVER = false; ;
esac
2018-04-15 01:08:16 +00:00
done
2016-10-15 19:43:03 +00:00
2017-07-07 00:25:56 +00:00
# If the color table file exists,
2017-07-26 17:00:08 +00:00
if [ [ -f " ${ coltable } " ] ] ; then
2018-07-06 04:48:36 +00:00
# source it
source ${ coltable }
2018-02-07 05:45:23 +00:00
# Otherwise,
2017-06-21 11:49:05 +00:00
else
2018-07-06 04:48:36 +00:00
# Set these values so the installer can still run in color
COL_NC = '\e[0m' # No Color
COL_LIGHT_GREEN = '\e[1;32m'
COL_LIGHT_RED = '\e[1;31m'
TICK = " [ ${ COL_LIGHT_GREEN } ✓ ${ COL_NC } ] "
CROSS = " [ ${ COL_LIGHT_RED } ✗ ${ COL_NC } ] "
INFO = "[i]"
# shellcheck disable=SC2034
DONE = " ${ COL_LIGHT_GREEN } done! ${ COL_NC } "
OVER = "\\r\\033[K"
2017-06-21 11:49:05 +00:00
fi
2017-07-07 00:25:56 +00:00
# A simple function that just echoes out our logo in ASCII format
# This lets users know that it is a Pi-hole, LLC product
2017-03-09 03:14:21 +00:00
show_ascii_berry( ) {
2017-06-21 11:49:05 +00:00
echo -e "
${ COL_LIGHT_GREEN } .; ; ,.
2017-03-09 03:14:21 +00:00
.ccccc:,.
:cccclll:. ..,,
:ccccclll. ; ooodc
' ccll:; ll .oooodc
.; cll.; ; looo:.
2017-06-21 11:49:05 +00:00
${ COL_LIGHT_RED } .. ',' .
2017-03-09 03:14:21 +00:00
.',,,,,,' .
.' ,,,,,,,,,,.
.' ,,,,,,,,,,,,....
....'' ',,,,,,,' .......
......... .... .........
.......... ..........
.......... ..........
......... .... .........
........,,,,,,,' ......
....' ,,,,,,,,,,,,.
.',,,,,,,,,' .
.',,,,,,' .
2017-06-21 11:49:05 +00:00
..'' ' .${ COL_NC }
2017-03-09 03:14:21 +00:00
"
}
2016-08-19 21:31:11 +00:00
# Compatibility
2017-01-21 20:34:47 +00:00
distro_check( ) {
2017-07-07 14:05:19 +00:00
# If apt-get is installed, then we know it's part of the Debian family
2016-12-27 19:53:23 +00:00
if command -v apt-get & > /dev/null; then
2018-07-06 04:48:36 +00:00
# Set some global variables here
# We don't set them earlier since the family might be Red Hat, so these values would be different
PKG_MANAGER = "apt-get"
# A variable to store the command used to update the package cache
UPDATE_PKG_CACHE = " ${ PKG_MANAGER } update "
# An array for something...
PKG_INSTALL = ( ${ PKG_MANAGER } --yes --no-install-recommends install)
# grep -c will return 1 retVal on 0 matches, block this throwing the set -e with an OR TRUE
PKG_COUNT = " ${ PKG_MANAGER } -s -o Debug::NoLocking=true upgrade | grep -c ^Inst || true "
# Some distros vary slightly so these fixes for dependencies may apply
# Debian 7 doesn't have iproute2 so if the dry run install is successful,
if ${ PKG_MANAGER } install --dry-run iproute2 > /dev/null 2>& 1; then
# we can install it
iproute_pkg = "iproute2"
# Otherwise,
else
# use iproute
iproute_pkg = "iproute"
fi
# Check for and determine version number (major and minor) of current php install
if command -v php & > /dev/null; then
phpInsVersion = " $( php -v | head -n1 | grep -Po '(?<=PHP )[^ ]+' ) "
echo -e " ${ INFO } Existing PHP installation detected : PHP version $phpInsVersion "
phpInsMajor = " $( echo " $phpInsVersion " | cut -d\. -f1) "
phpInsMinor = " $( echo " $phpInsVersion " | cut -d\. -f2) "
# Is installed php version 7.0 or greater
if [ " $( echo " $phpInsMajor . $phpInsMinor < 7.0 " | bc ) " = = 0 ] ; then
phpInsNewer = true
fi
fi
# Check if installed php is v 7.0, or newer to determine packages to install
if [ [ " $phpInsNewer " != true ] ] ; then
# Prefer the php metapackage if it's there
if ${ PKG_MANAGER } install --dry-run php > /dev/null 2>& 1; then
phpVer = "php"
# fall back on the php5 packages
else
phpVer = "php5"
fi
else
# Newer php is installed, its common, cgi & sqlite counterparts are deps
phpVer = " php $phpInsMajor . $phpInsMinor "
fi
# We also need the correct version for `php-sqlite` (which differs across distros)
if ${ PKG_MANAGER } install --dry-run ${ phpVer } -sqlite3 > /dev/null 2>& 1; then
phpSqlite = "sqlite3"
else
phpSqlite = "sqlite"
fi
# Since our install script is so large, we need several other programs to successfully get a machine provisioned
# These programs are stored in an array so they can be looped through later
INSTALLER_DEPS = ( apt-utils dialog debconf dhcpcd5 git ${ iproute_pkg } whiptail)
# Pi-hole itself has several dependencies that also need to be installed
PIHOLE_DEPS = ( bc cron curl dnsutils iputils-ping lsof netcat psmisc sudo unzip wget idn2 sqlite3 libcap2-bin dns-root-data resolvconf)
# The Web dashboard has some that also need to be installed
# It's useful to separate the two since our repos are also setup as "Core" code and "Web" code
PIHOLE_WEB_DEPS = ( lighttpd ${ phpVer } -common ${ phpVer } -cgi ${ phpVer } -${ phpSqlite } )
# The Web server user,
LIGHTTPD_USER = "www-data"
# group,
LIGHTTPD_GROUP = "www-data"
# and config file
LIGHTTPD_CFG = "lighttpd.conf.debian"
# A function to check...
test_dpkg_lock( ) {
# An iterator used for counting loop iterations
i = 0
# fuser is a program to show which processes use the named files, sockets, or filesystems
# So while the command is true
while fuser /var/lib/dpkg/lock >/dev/null 2>& 1 ; do
# Wait half a second
sleep 0.5
# and increase the iterator
( ( i = i+1) )
done
# Always return success, since we only return if there is no
# lock (anymore)
return 0
2017-08-17 18:43:07 +00:00
}
2017-03-03 10:28:35 +00:00
2017-07-07 00:25:56 +00:00
# If apt-get is not found, check for rpm to see if it's a Red Hat family OS
2016-12-27 19:53:23 +00:00
elif command -v rpm & > /dev/null; then
2018-07-06 04:48:36 +00:00
# Then check if dnf or yum is the package manager
if command -v dnf & > /dev/null; then
PKG_MANAGER = "dnf"
2018-05-01 06:28:55 +00:00
else
2018-07-06 04:48:36 +00:00
PKG_MANAGER = "yum"
fi
2018-05-01 06:28:55 +00:00
2018-07-06 04:48:36 +00:00
# Fedora and family update cache on every PKG_INSTALL call, no need for a separate update.
UPDATE_PKG_CACHE = ":"
PKG_INSTALL = ( ${ PKG_MANAGER } install -y)
PKG_COUNT = " ${ PKG_MANAGER } check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l "
2018-07-26 16:46:51 +00:00
INSTALLER_DEPS = ( dialog git iproute newt procps-ng which)
2018-07-06 04:48:36 +00:00
PIHOLE_DEPS = ( bc bind-utils cronie curl findutils nmap-ncat sudo unzip wget libidn2 psmisc)
PIHOLE_WEB_DEPS = ( lighttpd lighttpd-fastcgi php-common php-cli php-pdo)
LIGHTTPD_USER = "lighttpd"
LIGHTTPD_GROUP = "lighttpd"
LIGHTTPD_CFG = "lighttpd.conf.fedora"
# If the host OS is Fedora,
2018-08-30 02:45:20 +00:00
if grep -qiE 'fedora|fedberry' /etc/redhat-release; then
2018-07-06 04:48:36 +00:00
# all required packages should be available by default with the latest fedora release
2018-07-15 19:28:58 +00:00
# ensure 'php-json' is installed on Fedora (installed as dependency on CentOS7 + Remi repository)
PIHOLE_WEB_DEPS += ( 'php-json' )
2018-07-06 04:48:36 +00:00
# or if host OS is CentOS,
2018-08-30 02:45:20 +00:00
elif grep -qiE 'centos|scientific' /etc/redhat-release; then
2018-07-06 04:48:36 +00:00
# Pi-Hole currently supports CentOS 7+ with PHP7+
SUPPORTED_CENTOS_VERSION = 7
SUPPORTED_CENTOS_PHP_VERSION = 7
# Check current CentOS major release version
2018-08-30 02:45:20 +00:00
CURRENT_CENTOS_VERSION = $( grep -oP '(?<= )[0-9]+(?=\.)' /etc/redhat-release)
2018-07-06 04:48:36 +00:00
# Check if CentOS version is supported
if [ [ $CURRENT_CENTOS_VERSION -lt $SUPPORTED_CENTOS_VERSION ] ] ; then
2018-08-30 04:16:11 +00:00
echo -e " ${ CROSS } CentOS $CURRENT_CENTOS_VERSION is not supported. "
2018-07-06 04:48:36 +00:00
echo -e " Please update to CentOS release $SUPPORTED_CENTOS_VERSION or later "
# exit the installer
exit
fi
# on CentOS we need to add the EPEL repository to gain access to Fedora packages
EPEL_PKG = "epel-release"
rpm -q ${ EPEL_PKG } & > /dev/null || rc = $?
if [ [ $rc -ne 0 ] ] ; then
echo -e " ${ INFO } Enabling EPEL package repository (https://fedoraproject.org/wiki/EPEL) "
" ${ PKG_INSTALL [@] } " ${ EPEL_PKG } & > /dev/null
echo -e " ${ TICK } Installed ${ EPEL_PKG } "
2018-05-01 06:28:55 +00:00
fi
2018-07-06 04:48:36 +00:00
# The default php on CentOS 7.x is 5.4 which is EOL
# Check if the version of PHP available via installed repositories is >= to PHP 7
AVAILABLE_PHP_VERSION = $( ${ PKG_MANAGER } info php | grep -i version | grep -o '[0-9]\+' | head -1)
if [ [ $AVAILABLE_PHP_VERSION -ge $SUPPORTED_CENTOS_PHP_VERSION ] ] ; then
# Since PHP 7 is available by default, install via default PHP package names
: # do nothing as PHP is current
else
REMI_PKG = "remi-release"
REMI_REPO = "remi-php72"
rpm -q ${ REMI_PKG } & > /dev/null || rc = $?
if [ [ $rc -ne 0 ] ] ; then
# The PHP version available via default repositories is older than version 7
if ! whiptail --defaultno --title "PHP 7 Update (recommended)" --yesno "PHP 7.x is recommended for both security and language features.\\nWould you like to install PHP7 via Remi's RPM repository?\\n\\nSee: https://rpms.remirepo.net for more information" ${ r } ${ c } ; then
# User decided to NOT update PHP from REMI, attempt to install the default available PHP version
echo -e " ${ INFO } User opt-out of PHP 7 upgrade on CentOS. Deprecated PHP may be in use. "
: # continue with unsupported php version
else
echo -e " ${ INFO } Enabling Remi's RPM repository (https://rpms.remirepo.net) "
" ${ PKG_INSTALL [@] } " " https://rpms.remirepo.net/enterprise/ ${ REMI_PKG } - $( rpm -E '%{rhel}' ) .rpm " & > /dev/null
# enable the PHP 7 repository via yum-config-manager (provided by yum-utils)
" ${ PKG_INSTALL [@] } " "yum-utils" & > /dev/null
yum-config-manager --enable ${ REMI_REPO } & > /dev/null
echo -e " ${ TICK } Remi's RPM repository has been enabled for PHP7 "
2018-07-15 19:05:07 +00:00
# trigger an install/update of PHP to ensure previous version of PHP is updated from REMI
if " ${ PKG_INSTALL [@] } " "php-cli" & > /dev/null; then
echo -e " ${ TICK } PHP7 installed/updated via Remi's RPM repository "
else
echo -e " ${ CROSS } There was a problem updating to PHP7 via Remi's RPM repository "
exit 1
fi
2018-07-06 04:48:36 +00:00
fi
fi
fi
else
2018-08-30 02:45:20 +00:00
# Warn user of unsupported version of Fedora or CentOS
if ! whiptail --defaultno --title "Unsupported RPM based distribution" --yesno "Would you like to continue installation on an unsupported RPM based distribution?\\n\\nPlease ensure the following packages have been installed manually:\\n\\n- lighttpd\\n- lighttpd-fastcgi\\n- PHP version 7+" ${ r } ${ c } ; then
2018-08-31 16:04:52 +00:00
echo -e " ${ CROSS } Aborting installation due to unsupported RPM based distribution "
2018-08-30 02:45:20 +00:00
exit # exit the installer
else
2018-08-31 16:04:52 +00:00
echo -e " ${ INFO } Continuing installation with unsupported RPM based distribution "
2018-08-30 02:45:20 +00:00
fi
2018-07-06 04:48:36 +00:00
fi
2016-11-02 12:17:28 +00:00
2018-08-31 16:04:52 +00:00
# If neither apt-get or yum/dnf package managers were found
2016-04-26 04:51:00 +00:00
else
2018-07-06 04:48:36 +00:00
# it's not an OS we can support,
echo -e " ${ CROSS } OS distribution not supported "
# so exit the installer
exit
2016-04-26 04:51:00 +00:00
fi
2017-01-21 20:34:47 +00:00
}
2015-11-08 23:21:02 +00:00
2018-07-27 16:35:39 +00:00
# A function for checking if a directory is a git repository
2016-11-02 07:14:25 +00:00
is_repo( ) {
2018-07-06 04:48:36 +00:00
# Use a named, local variable instead of the vague $1, which is the first argument passed to this function
# These local variables should always be lowercase
local directory = " ${ 1 } "
# A local variable for the current directory
local curdir
# A variable to store the return code
local rc
# Assign the current directory variable by using pwd
curdir = " ${ PWD } "
# If the first argument passed to this function is a directory,
if [ [ -d " ${ directory } " ] ] ; then
# move into the directory
cd " ${ directory } "
2018-07-27 16:35:39 +00:00
# Use git to check if the directory is a repo
2018-07-06 04:48:36 +00:00
# git -C is not used here to support git versions older than 1.8.4
git status --short & > /dev/null || rc = $?
# If the command was not successful,
else
# Set a non-zero return code if directory does not exist
rc = 1
fi
# Move back into the directory the user started in
cd " ${ curdir } "
# Return the code; if one is not set, return 0
return " ${ rc :- 0 } "
2016-11-02 07:14:25 +00:00
}
2017-07-07 00:25:56 +00:00
# A function to clone a repo
2016-11-02 07:14:25 +00:00
make_repo( ) {
2018-07-06 04:48:36 +00:00
# Set named variables for better readability
local directory = " ${ 1 } "
local remoteRepo = " ${ 2 } "
# The message to display when this function is running
str = " Clone ${ remoteRepo } into ${ directory } "
# Display the message and use the color table to preface the message with an "info" indicator
echo -ne " ${ INFO } ${ str } ... "
# If the directory exists,
if [ [ -d " ${ directory } " ] ] ; then
# delete everything in it so git can clone into it
rm -rf " ${ directory } "
fi
# Clone the repo and return the return code from this command
git clone -q --depth 1 " ${ remoteRepo } " " ${ directory } " & > /dev/null || return $?
# Show a colored message showing it's status
echo -e " ${ OVER } ${ TICK } ${ str } "
# Always return 0? Not sure this is correct
return 0
2016-11-02 07:14:25 +00:00
}
2017-07-07 00:25:56 +00:00
# We need to make sure the repos are up-to-date so we can effectively install Clean out the directory if it exists for git to clone into
2016-11-02 07:14:25 +00:00
update_repo( ) {
2018-07-06 04:48:36 +00:00
# Use named, local variables
# As you can see, these are the same variable names used in the last function,
# but since they are local, their scope does not go beyond this function
# This helps prevent the wrong value from being assigned if you were to set the variable as a GLOBAL one
local directory = " ${ 1 } "
local curdir
# A variable to store the message we want to display;
# Again, it's useful to store these in variables in case we need to reuse or change the message;
# we only need to make one change here
local str = " Update repo in ${ 1 } "
# Make sure we know what directory we are in so we can move back into it
curdir = " ${ PWD } "
# Move into the directory that was passed as an argument
cd " ${ directory } " & > /dev/null || return 1
# Let the user know what's happening
echo -ne " ${ INFO } ${ str } ... "
# Stash any local commits as they conflict with our working code
git stash --all --quiet & > /dev/null || true # Okay for stash failure
git clean --quiet --force -d || true # Okay for already clean directory
# Pull the latest commits
git pull --quiet & > /dev/null || return $?
# Show a completion message
echo -e " ${ OVER } ${ TICK } ${ str } "
# Move back into the original directory
cd " ${ curdir } " & > /dev/null || return 1
return 0
2016-11-02 07:14:25 +00:00
}
2017-07-07 00:25:56 +00:00
# A function that combines the functions previously made
2016-11-02 07:14:25 +00:00
getGitFiles( ) {
2018-07-06 04:48:36 +00:00
# Setup named variables for the git repos
# We need the directory
local directory = " ${ 1 } "
# as well as the repo URL
local remoteRepo = " ${ 2 } "
# A local variable containing the message to be displayed
local str = " Check for existing repository in ${ 1 } "
# Show the message
echo -ne " ${ INFO } ${ str } ... "
# Check if the directory is a repository
if is_repo " ${ directory } " ; then
# Show that we're checking it
echo -e " ${ OVER } ${ TICK } ${ str } "
# Update the repo, returning an error message on failure
update_repo " ${ directory } " || { echo -e " \\n ${ COL_LIGHT_RED } Error: Could not update local repository. Contact support. ${ COL_NC } " ; exit 1; }
# If it's not a .git repo,
else
# Show an error
echo -e " ${ OVER } ${ CROSS } ${ str } "
# Attempt to make the repository, showing an error on failure
make_repo " ${ directory } " " ${ remoteRepo } " || { echo -e " \\n ${ COL_LIGHT_RED } Error: Could not update local repository. Contact support. ${ COL_NC } " ; exit 1; }
fi
# echo a blank line
echo ""
# and return success?
return 0
2016-11-02 07:14:25 +00:00
}
2017-07-07 00:25:56 +00:00
# Reset a repo to get rid of any local changed
2017-05-22 21:43:52 +00:00
resetRepo( ) {
2018-07-06 04:48:36 +00:00
# Use named variables for arguments
local directory = " ${ 1 } "
# Move into the directory
cd " ${ directory } " & > /dev/null || return 1
# Store the message in a variable
str = " Resetting repository within ${ 1 } ... "
# Show the message
echo -ne " ${ INFO } ${ str } "
# Use git to remove the local changes
git reset --hard & > /dev/null || return $?
# And show the status
echo -e " ${ OVER } ${ TICK } ${ str } "
# Returning success anyway?
return 0
2016-11-02 07:14:25 +00:00
}
2017-07-07 00:25:56 +00:00
# We need to know the IPv4 information so we can effectively setup the DNS server
# Without this information, we won't know where to Pi-hole will be found
2016-10-10 12:45:37 +00:00
find_IPv4_information( ) {
2018-07-06 04:48:36 +00:00
# Named, local variables
local route
# Find IP used to route to outside world by checking the the route to Google's public DNS server
route = $( ip route get 8.8.8.8)
# Use awk to strip out just the interface device as it is used in future commands
IPv4dev = $( awk '{for (i=1; i<=NF; i++) if ($i~/dev/) print $(i+1)}' <<< " ${ route } " )
# Get just the IP address
IPv4bare = $( awk '{print $7}' <<< " ${ route } " )
# Append the CIDR notation to the IP address
IPV4_ADDRESS = $( ip -o -f inet addr show | grep " ${ IPv4bare } " | awk '{print $4}' | awk 'END {print}' )
# Get the default gateway (the way to reach the Internet)
IPv4gw = $( awk '{print $3}' <<< " ${ route } " )
2016-05-01 02:27:38 +00:00
}
2017-07-07 00:25:56 +00:00
# Get available interfaces that are UP
2016-10-10 10:16:22 +00:00
get_available_interfaces( ) {
2018-07-06 04:48:36 +00:00
# There may be more than one so it's all stored in a variable
availableInterfaces = $( ip --oneline link show up | grep -v "lo" | awk '{print $2}' | cut -d':' -f1 | cut -d'@' -f1)
2016-10-10 10:16:22 +00:00
}
2015-11-10 00:33:32 +00:00
2017-07-07 00:25:56 +00:00
# A function for displaying the dialogs the user sees when first running the installer
2016-01-27 06:11:38 +00:00
welcomeDialogs( ) {
2018-07-06 04:48:36 +00:00
# Display the welcome dialog using an appropriately sized window via the calculation conducted earlier in the script
whiptail --msgbox --backtitle "Welcome" --title "Pi-hole automated installer" "\\n\\nThis installer will transform your device into a network-wide ad blocker!" ${ r } ${ c }
2016-01-28 09:25:00 +00:00
2018-07-06 04:48:36 +00:00
# Request that users donate if they enjoy the software since we all work on it in our free time
whiptail --msgbox --backtitle "Plea" --title "Free and open source" "\\n\\nThe Pi-hole is free, but powered by your donations: http://pi-hole.net/donate" ${ r } ${ c }
2016-01-28 09:25:00 +00:00
2018-07-06 04:48:36 +00:00
# Explain the need for a static address
whiptail --msgbox --backtitle "Initiating network interface" --title "Static IP Needed" " \\n\\nThe Pi-hole is a SERVER so it needs a STATIC IP ADDRESS to function properly.
2016-06-10 22:47:27 +00:00
2016-08-19 21:31:11 +00:00
In the next section, you can choose to use your current network settings ( DHCP) or to manually edit them." ${ r } ${ c }
2015-11-08 23:21:02 +00:00
}
2017-07-07 00:25:56 +00:00
# We need to make sure there is enough space before installing, so there is a function to check this
2016-02-10 15:34:06 +00:00
verifyFreeDiskSpace( ) {
2018-07-06 04:48:36 +00:00
# 50MB is the minimum space needed (45MB install (includes web admin bootstrap/jquery libraries etc) + 5MB one day of logs.)
# - Fourdee: Local ensures the variable is only created, and accessible within this function/void. Generally considered a "good" coding practice for non-global variables.
local str = "Disk space check"
# Required space in KB
local required_free_kilobytes = 51200
# Calculate existing free space on this machine
local existing_free_kilobytes
existing_free_kilobytes = $( df -Pk | grep -m1 '\/$' | awk '{print $4}' )
# If the existing space is not an integer,
if ! [ [ " ${ existing_free_kilobytes } " = ~ ^( [ 0-9] ) +$ ] ] ; then
# show an error that we can't determine the free space
2018-07-07 04:29:20 +00:00
echo -e " ${ CROSS } ${ str } "
echo -e " ${ INFO } Unknown free disk space! "
echo -e " ${ INFO } We were unable to determine available free disk space on this system. "
echo -e " ${ INFO } You may override this check, however, it is not recommended "
echo -e " ${ INFO } The option ' ${ COL_LIGHT_RED } --i_do_not_follow_recommendations ${ COL_NC } ' can override this "
echo -e " ${ INFO } e.g: curl -L https://install.pi-hole.net | bash /dev/stdin ${ COL_LIGHT_RED } <option> ${ COL_NC } "
2018-07-06 04:48:36 +00:00
# exit with an error code
exit 1
# If there is insufficient free disk space,
elif [ [ " ${ existing_free_kilobytes } " -lt " ${ required_free_kilobytes } " ] ] ; then
# show an error message
2018-07-07 04:29:20 +00:00
echo -e " ${ CROSS } ${ str } "
echo -e " ${ INFO } Your system disk appears to only have ${ existing_free_kilobytes } KB free "
echo -e " ${ INFO } It is recommended to have a minimum of ${ required_free_kilobytes } KB to run the Pi-hole "
2018-07-06 04:48:36 +00:00
# if the vcgencmd command exists,
if command -v vcgencmd & > /dev/null; then
# it's probably a Raspbian install, so show a message about expanding the filesystem
2018-07-07 04:29:20 +00:00
echo -e " ${ INFO } If this is a new install you may need to expand your disk "
echo -e " ${ INFO } Run 'sudo raspi-config', and choose the 'expand file system' option "
echo -e " ${ INFO } After rebooting, run this installation again "
echo -e " ${ INFO } e.g: curl -L https://install.pi-hole.net | bash "
2018-07-06 04:48:36 +00:00
fi
# Show there is not enough free space
echo -e " \\n ${ COL_LIGHT_RED } Insufficient free space, exiting... ${ COL_NC } "
# and exit with an error
exit 1
# Otherwise,
else
# Show that we're running a disk space check
echo -e " ${ TICK } ${ str } "
fi
2016-02-10 15:34:06 +00:00
}
2017-07-07 00:25:56 +00:00
# A function that let's the user pick an interface to use with Pi-hole
2016-01-27 06:11:38 +00:00
chooseInterface( ) {
2018-07-06 04:48:36 +00:00
# Turn the available interfaces into an array so it can be used with a whiptail dialog
local interfacesArray = ( )
# Number of available interfaces
local interfaceCount
# Whiptail variable storage
local chooseInterfaceCmd
# Temporary Whiptail options storage
local chooseInterfaceOptions
# Loop sentinel variable
local firstLoop = 1
# Find out how many interfaces are available to choose from
interfaceCount = $( echo " ${ availableInterfaces } " | wc -l)
# If there is one interface,
if [ [ " ${ interfaceCount } " -eq 1 ] ] ; then
# Set it as the interface to use since there is no other option
PIHOLE_INTERFACE = " ${ availableInterfaces } "
# Otherwise,
else
# While reading through the available interfaces
while read -r line; do
# use a variable to set the option as OFF to begin with
mode = "OFF"
# If it's the first loop,
if [ [ " ${ firstLoop } " -eq 1 ] ] ; then
# set this as the interface to use (ON)
firstLoop = 0
mode = "ON"
fi
# Put all these interfaces into an array
interfacesArray += ( " ${ line } " "available" " ${ mode } " )
# Feed the available interfaces into this while loop
done <<< " ${ availableInterfaces } "
# The whiptail command that will be run, stored in a variable
chooseInterfaceCmd = ( whiptail --separate-output --radiolist "Choose An Interface (press space to select)" ${ r } ${ c } ${ interfaceCount } )
# Now run the command using the interfaces saved into the array
chooseInterfaceOptions = $( " ${ chooseInterfaceCmd [@] } " " ${ interfacesArray [@] } " 2>& 1 >/dev/tty) || \
# If the user chooses Cancel, exit
{ echo -e " ${ COL_LIGHT_RED } Cancel was selected, exiting installer ${ COL_NC } " ; exit 1; }
# For each interface
for desiredInterface in ${ chooseInterfaceOptions } ; do
# Set the one the user selected as the interface to use
PIHOLE_INTERFACE = ${ desiredInterface }
# and show this information to the user
echo -e " ${ INFO } Using interface: $PIHOLE_INTERFACE "
done
fi
2016-10-10 12:45:37 +00:00
}
2016-03-06 05:16:23 +00:00
2017-07-07 00:25:56 +00:00
# This lets us prefer ULA addresses over GUA
# This caused problems for some users when their ISP changed their IPv6 addresses
2017-06-02 21:01:48 +00:00
# See https://github.com/pi-hole/pi-hole/issues/1473#issuecomment-301745953
testIPv6( ) {
2018-07-06 04:48:36 +00:00
# first will contain fda2 (ULA)
first = " $( cut -f1 -d":" <<< " $1 " ) "
# value1 will contain 253 which is the decimal value corresponding to 0xfd
value1 = $(( ( 0 x$first ) / 256 ))
# will contain 162 which is the decimal value corresponding to 0xa2
value2 = $(( ( 0 x$first ) % 256 ))
# the ULA test is testing for fc00::/7 according to RFC 4193
if ( ( ( value1& 254) = = 252 ) ) ; then
echo "ULA"
fi
# the GUA test is testing for 2000::/3 according to RFC 4291
if ( ( ( value1& 112) = = 32 ) ) ; then
echo "GUA"
fi
# the LL test is testing for fe80::/10 according to RFC 4193
if ( ( ( value1) = = 254 ) ) && ( ( ( value2& 192) = = 128 ) ) ; then
echo "Link-local"
fi
2017-06-02 21:01:48 +00:00
}
2017-07-07 00:25:56 +00:00
# A dialog for showing the user about IPv6 blocking
2016-10-10 12:45:37 +00:00
useIPv6dialog( ) {
2018-07-06 04:48:36 +00:00
# Determine the IPv6 address used for blocking
IPV6_ADDRESSES = ( $( ip -6 address | grep 'scope global' | awk '{print $2}' ) )
# For each address in the array above, determine the type of IPv6 address it is
for i in " ${ IPV6_ADDRESSES [@] } " ; do
# Check if it's ULA, GUA, or LL by using the function created earlier
result = $( testIPv6 " $i " )
# If it's a ULA address, use it and store it as a global variable
[ [ " ${ result } " = = "ULA" ] ] && ULA_ADDRESS = " ${ i %/* } "
# If it's a GUA address, we can still use it si store it as a global variable
[ [ " ${ result } " = = "GUA" ] ] && GUA_ADDRESS = " ${ i %/* } "
done
# Determine which address to be used: Prefer ULA over GUA or don't use any if none found
# If the ULA_ADDRESS contains a value,
if [ [ ! -z " ${ ULA_ADDRESS } " ] ] ; then
# set the IPv6 address to the ULA address
IPV6_ADDRESS = " ${ ULA_ADDRESS } "
# Show this info to the user
echo -e " ${ INFO } Found IPv6 ULA address, using it for blocking IPv6 ads "
# Otherwise, if the GUA_ADDRESS has a value,
elif [ [ ! -z " ${ GUA_ADDRESS } " ] ] ; then
# Let the user know
echo -e " ${ INFO } Found IPv6 GUA address, using it for blocking IPv6 ads "
# And assign it to the global variable
IPV6_ADDRESS = " ${ GUA_ADDRESS } "
# If none of those work,
else
# explain that IPv6 blocking will not be used
echo -e " ${ INFO } Unable to find IPv6 ULA/GUA address, IPv6 adblocking will not be enabled "
# So set the variable to be empty
IPV6_ADDRESS = ""
fi
# If the IPV6_ADDRESS contains a value
if [ [ ! -z " ${ IPV6_ADDRESS } " ] ] ; then
# Display that IPv6 is supported and will be used
whiptail --msgbox --backtitle "IPv6..." --title "IPv6 Supported" " $IPV6_ADDRESS will be used to block ads. " ${ r } ${ c }
fi
2015-11-10 00:33:32 +00:00
}
2017-07-07 00:25:56 +00:00
# A function to check if we should use IPv4 and/or IPv6 for blocking ads
2016-01-27 06:11:38 +00:00
use4andor6( ) {
2018-07-06 04:48:36 +00:00
# Named local variables
local useIPv4
local useIPv6
# Let use select IPv4 and/or IPv6 via a checklist
cmd = ( whiptail --separate-output --checklist "Select Protocols (press space to select)" ${ r } ${ c } 2)
# In an array, show the options available:
# IPv4 (on by default)
options = ( IPv4 "Block ads over IPv4" on
# or IPv6 (on by default if available)
IPv6 "Block ads over IPv6" on)
# In a variable, show the choices available; exit if Cancel is selected
choices = $( " ${ cmd [@] } " " ${ options [@] } " 2>& 1 >/dev/tty) || { echo -e " ${ COL_LIGHT_RED } Cancel was selected, exiting installer ${ COL_NC } " ; exit 1; }
# For each choice available,
for choice in ${ choices }
do
# Set the values to true
case ${ choice } in
IPv4 ) useIPv4 = true; ;
IPv6 ) useIPv6 = true; ;
esac
done
# If IPv4 is to be used,
if [ [ " ${ useIPv4 } " ] ] ; then
# Run our function to get the information we need
find_IPv4_information
getStaticIPv4Settings
setStaticIPv4
fi
# If IPv6 is to be used,
if [ [ " ${ useIPv6 } " ] ] ; then
# Run our function to get this information
useIPv6dialog
fi
# Echo the information to the user
2017-06-21 11:49:05 +00:00
echo -e " ${ INFO } IPv4 address: ${ IPV4_ADDRESS } "
echo -e " ${ INFO } IPv6 address: ${ IPV6_ADDRESS } "
2018-07-06 04:48:36 +00:00
# If neither protocol is selected,
if [ [ ! " ${ useIPv4 } " ] ] && [ [ ! " ${ useIPv6 } " ] ] ; then
# Show an error in red
echo -e " ${ COL_LIGHT_RED } Error: Neither IPv4 or IPv6 selected ${ COL_NC } "
# and exit with an error
exit 1
fi
2015-11-10 00:33:32 +00:00
}
2015-11-08 23:21:02 +00:00
2017-07-07 00:25:56 +00:00
#
2016-01-27 06:11:38 +00:00
getStaticIPv4Settings( ) {
2018-07-06 04:48:36 +00:00
# Local, named variables
local ipSettingsCorrect
# Ask if the user wants to use DHCP settings as their static IP
# This is useful for users that are using DHCP reservations; then we can just use the information gathered via our functions
if whiptail --backtitle "Calibrating network interface" --title "Static IP Address" --yesno " Do you want to use your current network settings as a static address?
2016-12-21 01:22:57 +00:00
IP address: ${ IPV4_ADDRESS }
2017-01-09 05:30:38 +00:00
Gateway: ${ IPv4gw } " ${ r } ${ c } ; then
2018-07-06 04:48:36 +00:00
# If they choose yes, let the user know that the IP address will not be available via DHCP and may cause a conflict.
whiptail --msgbox --backtitle "IP information" --title "FYI: IP Conflict" " It is possible your router could still try to assign this IP to a device, which would cause a conflict. But in most cases the router is smart enough to not do that.
2016-04-03 23:05:11 +00:00
If you are worried, either manually set the address, or modify the DHCP reservation pool so it does not include the IP you want.
2016-08-19 21:31:11 +00:00
It is also possible to use a DHCP reservation, but if you are going to do that, you might as well set a static address." ${ r } ${ c }
2018-07-06 04:48:36 +00:00
# Nothing else to do since the variables are already set above
else
2016-12-21 01:22:57 +00:00
# Otherwise, we need to ask the user to input their desired settings.
# Start by getting the IPv4 address (pre-filling it with info gathered from DHCP)
# Start a loop to let the user enter their information with the chance to go back and edit it if necessary
2017-07-26 17:00:08 +00:00
until [ [ " ${ ipSettingsCorrect } " = True ] ] ; do
2017-01-09 02:46:15 +00:00
2018-07-06 04:48:36 +00:00
# Ask for the IPv4 address
IPV4_ADDRESS = $( whiptail --backtitle "Calibrating network interface" --title "IPv4 address" --inputbox "Enter your desired IPv4 address" ${ r } ${ c } " ${ IPV4_ADDRESS } " 3>& 1 1>& 2 2>& 3) || \
# Cancelling IPv4 settings window
{ ipSettingsCorrect = False; echo -e " ${ COL_LIGHT_RED } Cancel was selected, exiting installer ${ COL_NC } " ; exit 1; }
echo -e " ${ INFO } Your static IPv4 address: ${ IPV4_ADDRESS } "
# Ask for the gateway
IPv4gw = $( whiptail --backtitle "Calibrating network interface" --title "IPv4 gateway (router)" --inputbox "Enter your desired IPv4 default gateway" ${ r } ${ c } " ${ IPv4gw } " 3>& 1 1>& 2 2>& 3) || \
# Cancelling gateway settings window
{ ipSettingsCorrect = False; echo -e " ${ COL_LIGHT_RED } Cancel was selected, exiting installer ${ COL_NC } " ; exit 1; }
echo -e " ${ INFO } Your static IPv4 gateway: ${ IPv4gw } "
# Give the user a chance to review their settings before moving on
if whiptail --backtitle "Calibrating network interface" --title "Static IP Address" --yesno " Are these settings correct?
IP address: ${ IPV4_ADDRESS }
Gateway: ${ IPv4gw } " ${ r } ${ c } ; then
# After that's done, the loop ends and we move on
ipSettingsCorrect = True
2016-12-21 01:22:57 +00:00
else
2018-07-06 04:48:36 +00:00
# If the settings are wrong, the loop continues
ipSettingsCorrect = False
fi
2016-12-21 01:22:57 +00:00
done
# End the if statement for DHCP vs. static
2018-07-06 04:48:36 +00:00
fi
2015-11-08 23:21:02 +00:00
}
2017-07-07 00:25:56 +00:00
# dhcpcd is very annoying,
2016-01-27 06:11:38 +00:00
setDHCPCD( ) {
2018-07-06 04:48:36 +00:00
# but we can append these lines to dhcpcd.conf to enable a static IP
echo " interface ${ PIHOLE_INTERFACE }
static ip_address = ${ IPV4_ADDRESS }
static routers = ${ IPv4gw }
static domain_name_servers = 127.0.0.1" | tee -a /etc/dhcpcd.conf >/dev/null
2015-10-31 14:11:29 +00:00
}
2016-01-27 06:11:38 +00:00
setStaticIPv4( ) {
2018-07-06 04:48:36 +00:00
# Local, named variables
local IFCFG_FILE
local IPADDR
local CIDR
# For the Debian family, if dhcpcd.conf exists,
if [ [ -f "/etc/dhcpcd.conf" ] ] ; then
# check if the IP is already in the file
if grep -q " ${ IPV4_ADDRESS } " /etc/dhcpcd.conf; then
echo -e " ${ INFO } Static IP already configured "
# If it's not,
else
# set it using our function
setDHCPCD
# Then use the ip command to immediately set the new address
ip addr replace dev " ${ PIHOLE_INTERFACE } " " ${ IPV4_ADDRESS } "
# Also give a warning that the user may need to reboot their system
echo -e " ${ TICK } Set IP address to ${ IPV4_ADDRESS %/* }
You may need to restart after the install is complete"
fi
# If it's not Debian, check if it's the Fedora family by checking for the file below
elif [ [ -f " /etc/sysconfig/network-scripts/ifcfg- ${ PIHOLE_INTERFACE } " ] ] ; then
# If it exists,
IFCFG_FILE = /etc/sysconfig/network-scripts/ifcfg-${ PIHOLE_INTERFACE }
IPADDR = $( echo " ${ IPV4_ADDRESS } " | cut -f1 -d/)
# check if the desired IP is already set
if grep -Eq " ${ IPADDR } (\\b|\\/) " " ${ IFCFG_FILE } " ; then
echo -e " ${ INFO } Static IP already configured "
# Otherwise,
else
# Put the IP in variables without the CIDR notation
CIDR = $( echo " ${ IPV4_ADDRESS } " | cut -f2 -d/)
# Backup existing interface configuration:
cp " ${ IFCFG_FILE } " " ${ IFCFG_FILE } " .pihole.orig
# Build Interface configuration file using the GLOBAL variables we have
{
echo "# Configured via Pi-hole installer"
echo " DEVICE= $PIHOLE_INTERFACE "
echo "BOOTPROTO=none"
echo "ONBOOT=yes"
echo " IPADDR= $IPADDR "
echo " PREFIX= $CIDR "
echo " GATEWAY= $IPv4gw "
echo " DNS1= $PIHOLE_DNS_1 "
echo " DNS2= $PIHOLE_DNS_2 "
echo "USERCTL=no"
} > " ${ IFCFG_FILE } "
# Use ip to immediately set the new address
ip addr replace dev " ${ PIHOLE_INTERFACE } " " ${ IPV4_ADDRESS } "
# If NetworkMangler command line interface exists and ready to mangle,
if command -v nmcli & > /dev/null && nmcli general status & > /dev/null; then
# Tell NetworkManagler to read our new sysconfig file
nmcli con load " ${ IFCFG_FILE } " > /dev/null
fi
# Show a warning that the user may need to restart
echo -e " ${ TICK } Set IP address to ${ IPV4_ADDRESS %/* }
You may need to restart after the install is complete"
fi
# If all that fails,
2016-12-21 01:22:57 +00:00
else
2018-07-06 04:48:36 +00:00
# show an error and exit
echo -e " ${ INFO } Warning: Unable to locate configuration file to set static IPv4 address "
exit 1
fi
2015-12-06 10:40:30 +00:00
}
2017-07-07 00:25:56 +00:00
# Check an IP address to see if it is a valid one
2016-10-20 02:47:45 +00:00
valid_ip( ) {
2018-07-06 04:48:36 +00:00
# Local, named variables
local ip = ${ 1 }
local stat = 1
# If the IP matches the format xxx.xxx.xxx.xxx,
if [ [ " ${ ip } " = ~ ^[ 0-9] { 1,3} \. [ 0-9] { 1,3} \. [ 0-9] { 1,3} \. [ 0-9] { 1,3} $ ] ] ; then
# Save the old Internal Field Separator in a variable
OIFS = $IFS
# and set the new one to a dot (period)
IFS = '.'
# Put the IP into an array
ip = ( ${ ip } )
# Restore the IFS to what it was
IFS = ${ OIFS }
## Evaluate each octet by checking if it's less than or equal to 255 (the max for each octet)
[ [ " ${ ip [0] } " -le 255 && " ${ ip [1] } " -le 255 \
&& " ${ ip [2] } " -le 255 && " ${ ip [3] } " -le 255 ] ]
# Save the exit code
stat = $?
fi
# Return the exit code
return ${ stat }
2016-02-20 17:33:20 +00:00
}
2017-07-07 00:25:56 +00:00
# A function to choose the upstream DNS provider(s)
2016-10-20 02:47:45 +00:00
setDNS( ) {
2018-07-06 04:48:36 +00:00
# Local, named variables
local DNSSettingsCorrect
# In an array, list the available upstream providers
DNSChooseOptions = ( Google ""
OpenDNS ""
Level3 ""
Norton ""
Comodo ""
DNSWatch ""
Quad9 ""
FamilyShield ""
Cloudflare ""
Custom "" )
# In a whiptail dialog, show the options
DNSchoices = $( whiptail --separate-output --menu "Select Upstream DNS Provider. To use your own, select Custom." ${ r } ${ c } 7 \
2017-01-09 07:40:19 +00:00
" ${ DNSChooseOptions [@] } " 2>& 1 >/dev/tty) || \
2017-07-07 00:25:56 +00:00
# exit if Cancel is selected
2017-06-21 11:49:05 +00:00
{ echo -e " ${ COL_LIGHT_RED } Cancel was selected, exiting installer ${ COL_NC } " ; exit 1; }
2018-07-06 04:48:36 +00:00
# Display the selection
echo -ne " ${ INFO } Using "
# Depending on the user's choice, set the GLOBAl variables to the IP of the respective provider
case ${ DNSchoices } in
Google)
echo "Google DNS servers"
PIHOLE_DNS_1 = "8.8.8.8"
PIHOLE_DNS_2 = "8.8.4.4"
; ;
OpenDNS)
echo "OpenDNS servers"
PIHOLE_DNS_1 = "208.67.222.222"
PIHOLE_DNS_2 = "208.67.220.220"
; ;
Level3)
echo "Level3 servers"
PIHOLE_DNS_1 = "4.2.2.1"
PIHOLE_DNS_2 = "4.2.2.2"
; ;
Norton)
echo "Norton ConnectSafe servers"
PIHOLE_DNS_1 = "199.85.126.10"
PIHOLE_DNS_2 = "199.85.127.10"
; ;
Comodo)
echo "Comodo Secure servers"
PIHOLE_DNS_1 = "8.26.56.26"
PIHOLE_DNS_2 = "8.20.247.20"
; ;
DNSWatch)
echo "DNS.WATCH servers"
PIHOLE_DNS_1 = "84.200.69.80"
PIHOLE_DNS_2 = "84.200.70.40"
; ;
Quad9)
echo "Quad9 servers"
PIHOLE_DNS_1 = "9.9.9.9"
PIHOLE_DNS_2 = "149.112.112.112"
; ;
FamilyShield)
echo "FamilyShield servers"
PIHOLE_DNS_1 = "208.67.222.123"
PIHOLE_DNS_2 = "208.67.220.123"
; ;
Cloudflare)
echo "Cloudflare servers"
PIHOLE_DNS_1 = "1.1.1.1"
PIHOLE_DNS_2 = "1.0.0.1"
; ;
Custom)
# Until the DNS settings are selected,
until [ [ " ${ DNSSettingsCorrect } " = True ] ] ; do
#
strInvalid = "Invalid"
# If the first
if [ [ ! " ${ PIHOLE_DNS_1 } " ] ] ; then
# and second upstream servers do not exist
if [ [ ! " ${ PIHOLE_DNS_2 } " ] ] ; then
prePopulate = ""
# Otherwise,
else
prePopulate = " , ${ PIHOLE_DNS_2 } "
fi
elif [ [ " ${ PIHOLE_DNS_1 } " ] ] && [ [ ! " ${ PIHOLE_DNS_2 } " ] ] ; then
prePopulate = " ${ PIHOLE_DNS_1 } "
elif [ [ " ${ PIHOLE_DNS_1 } " ] ] && [ [ " ${ PIHOLE_DNS_2 } " ] ] ; then
prePopulate = " ${ PIHOLE_DNS_1 } , ${ PIHOLE_DNS_2 } "
fi
# Dialog for the user to enter custom upstream servers
piholeDNS = $( whiptail --backtitle "Specify Upstream DNS Provider(s)" --inputbox "Enter your desired upstream DNS provider(s), separated by a comma.\\n\\nFor example '8.8.8.8, 8.8.4.4'" ${ r } ${ c } " ${ prePopulate } " 3>& 1 1>& 2 2>& 3) || \
{ echo -e " ${ COL_LIGHT_RED } Cancel was selected, exiting installer ${ COL_NC } " ; exit 1; }
#
PIHOLE_DNS_1 = $( echo " ${ piholeDNS } " | sed 's/[, \t]\+/,/g' | awk -F, '{print$1}' )
PIHOLE_DNS_2 = $( echo " ${ piholeDNS } " | sed 's/[, \t]\+/,/g' | awk -F, '{print$2}' )
# If the IP is valid,
if ! valid_ip " ${ PIHOLE_DNS_1 } " || [ [ ! " ${ PIHOLE_DNS_1 } " ] ] ; then
# store it in the variable so we can use it
PIHOLE_DNS_1 = ${ strInvalid }
fi
# Do the same for the secondary server
if ! valid_ip " ${ PIHOLE_DNS_2 } " && [ [ " ${ PIHOLE_DNS_2 } " ] ] ; then
PIHOLE_DNS_2 = ${ strInvalid }
fi
# If either of the DNS servers are invalid,
if [ [ " ${ PIHOLE_DNS_1 } " = = " ${ strInvalid } " ] ] || [ [ " ${ PIHOLE_DNS_2 } " = = " ${ strInvalid } " ] ] ; then
# explain this to the user
whiptail --msgbox --backtitle "Invalid IP" --title "Invalid IP" " One or both entered IP addresses were invalid. Please try again.\\n\\n DNS Server 1: $PIHOLE_DNS_1 \\n DNS Server 2: ${ PIHOLE_DNS_2 } " ${ r } ${ c }
# and set the variables back to nothing
if [ [ " ${ PIHOLE_DNS_1 } " = = " ${ strInvalid } " ] ] ; then
PIHOLE_DNS_1 = ""
fi
if [ [ " ${ PIHOLE_DNS_2 } " = = " ${ strInvalid } " ] ] ; then
PIHOLE_DNS_2 = ""
fi
# Since the settings will not work, stay in the loop
DNSSettingsCorrect = False
# Otherwise,
else
# Show the settings
if ( whiptail --backtitle "Specify Upstream DNS Provider(s)" --title "Upstream DNS Provider(s)" --yesno " Are these settings correct?\\n DNS Server 1: $PIHOLE_DNS_1 \\n DNS Server 2: ${ PIHOLE_DNS_2 } " ${ r } ${ c } ) ; then
# and break from the loop since the servers are valid
DNSSettingsCorrect = True
# Otherwise,
else
# If the settings are wrong, the loop continues
DNSSettingsCorrect = False
fi
fi
done
; ;
esac
2016-01-25 05:11:00 +00:00
}
2017-07-07 00:25:56 +00:00
# Allow the user to enable/disable logging
2016-10-31 21:38:48 +00:00
setLogging( ) {
2018-07-06 04:48:36 +00:00
# Local, named variables
local LogToggleCommand
local LogChooseOptions
local LogChoices
# Ask if the user wants to log queries
LogToggleCommand = ( whiptail --separate-output --radiolist "Do you want to log queries?" " ${ r } " " ${ c } " 6)
# The default selection is on
LogChooseOptions = ( "On (Recommended)" "" on
Off "" off)
# Get the user's choice
LogChoices = $( " ${ LogToggleCommand [@] } " " ${ LogChooseOptions [@] } " 2>& 1 >/dev/tty) || ( echo -e " ${ COL_LIGHT_RED } Cancel was selected, exiting installer ${ COL_NC } " && exit 1)
2016-12-21 01:22:57 +00:00
case ${ LogChoices } in
2018-07-06 04:48:36 +00:00
# If it's on
"On (Recommended)" )
echo -e " ${ INFO } Logging On. "
# Set the GLOBAL variable to true so we know what they selected
QUERY_LOGGING = true
; ;
# Otherwise, it's off,
Off)
echo -e " ${ INFO } Logging Off. "
# So set it to false
QUERY_LOGGING = false
; ;
2016-12-21 01:22:57 +00:00
esac
2016-10-31 21:38:48 +00:00
}
2018-02-07 05:45:23 +00:00
# Function to ask the user if they want to install the dashboard
2017-01-28 14:38:54 +00:00
setAdminFlag( ) {
2018-07-06 04:48:36 +00:00
# Local, named variables
local WebToggleCommand
local WebChooseOptions
local WebChoices
2018-04-18 03:11:32 +00:00
2018-07-06 04:48:36 +00:00
# Similar to the logging function, ask what the user wants
WebToggleCommand = ( whiptail --separate-output --radiolist "Do you wish to install the web admin interface?" ${ r } ${ c } 6)
2018-04-18 03:11:32 +00:00
# with the default being enabled
WebChooseOptions = ( "On (Recommended)" "" on
Off "" off)
WebChoices = $( " ${ WebToggleCommand [@] } " " ${ WebChooseOptions [@] } " 2>& 1 >/dev/tty) || ( echo -e " ${ COL_LIGHT_RED } Cancel was selected, exiting installer ${ COL_NC } " && exit 1)
2018-04-21 07:27:31 +00:00
# Depending on their choice
case ${ WebChoices } in
2018-07-06 04:48:36 +00:00
"On (Recommended)" )
echo -e " ${ INFO } Web Interface On "
# Set it to true
INSTALL_WEB_INTERFACE = true
; ;
Off)
echo -e " ${ INFO } Web Interface Off "
# or false
INSTALL_WEB_INTERFACE = false
; ;
2017-01-28 14:38:54 +00:00
esac
2018-07-06 04:48:36 +00:00
# Request user to install web server, if --disable-install-webserver has not been used (INSTALL_WEB_SERVER=true is default).
if [ [ " ${ INSTALL_WEB_SERVER } " = = true ] ] ; then
WebToggleCommand = ( whiptail --separate-output --radiolist "Do you wish to install the web server (lighttpd)?\\n\\nNB: If you disable this, and, do not have an existing webserver installed, the web interface will not function." " ${ r } " " ${ c } " 6)
# with the default being enabled
WebChooseOptions = ( "On (Recommended)" "" on
Off "" off)
WebChoices = $( " ${ WebToggleCommand [@] } " " ${ WebChooseOptions [@] } " 2>& 1 >/dev/tty) || ( echo -e " ${ COL_LIGHT_RED } Cancel was selected, exiting installer ${ COL_NC } " && exit 1)
# Depending on their choice
case ${ WebChoices } in
"On (Recommended)" )
echo -e " ${ INFO } Web Server On "
# set it to true, as clearly seen below.
INSTALL_WEB_SERVER = true
; ;
Off)
echo -e " ${ INFO } Web Server Off "
# or false
INSTALL_WEB_SERVER = false
; ;
esac
fi
2017-01-28 14:38:54 +00:00
}
2018-04-17 08:50:25 +00:00
# A function to display a list of example blocklists for users to select
2018-04-17 18:35:46 +00:00
chooseBlocklists( ) {
2018-07-06 04:48:36 +00:00
# Back up any existing adlist file, on the off chance that it exists. Useful in case of a reconfigure.
if [ [ -f " ${ adlistFile } " ] ] ; then
mv " ${ adlistFile } " " ${ adlistFile } .old "
fi
# Let user select (or not) blocklists via a checklist
cmd = ( whiptail --separate-output --checklist "Pi-hole relies on third party lists in order to block ads.\\n\\nYou can use the suggestions below, and/or add your own after installation\\n\\nTo deselect any list, use the arrow keys and spacebar" " ${ r } " " ${ c } " 7)
# In an array, show the options available (all off by default):
options = ( StevenBlack "StevenBlack's Unified Hosts List" on
MalwareDom "MalwareDomains" on
Cameleon "Cameleon" on
ZeusTracker "ZeusTracker" on
DisconTrack "Disconnect.me Tracking" on
DisconAd "Disconnect.me Ads" on
HostsFile "Hosts-file.net Ads" on)
# In a variable, show the choices available; exit if Cancel is selected
choices = $( " ${ cmd [@] } " " ${ options [@] } " 2>& 1 >/dev/tty) || { echo -e " ${ COL_LIGHT_RED } Cancel was selected, exiting installer ${ COL_NC } " ; rm " ${ adlistFile } " ; exit 1; }
# For each choice available,
for choice in ${ choices }
do
2018-08-12 21:19:16 +00:00
appendToListsFile choice
2018-07-06 04:48:36 +00:00
done
2017-01-28 14:38:54 +00:00
}
2018-08-12 21:19:16 +00:00
# Accept a string parameter, it must be one of the default lists
2018-08-20 20:52:22 +00:00
# This function allow to not duplicate code in chooseBlocklists and
2018-08-12 21:19:16 +00:00
# in installDefaultBlocklists
appendToListsFile( ) {
case $1 in
StevenBlack ) echo "https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts" >> " ${ adlistFile } " ; ;
MalwareDom ) echo "https://mirror1.malwaredomains.com/files/justdomains" >> " ${ adlistFile } " ; ;
Cameleon ) echo "http://sysctl.org/cameleon/hosts" >> " ${ adlistFile } " ; ;
ZeusTracker ) echo "https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist" >> " ${ adlistFile } " ; ;
DisconTrack ) echo "https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt" >> " ${ adlistFile } " ; ;
DisconAd ) echo "https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt" >> " ${ adlistFile } " ; ;
HostsFile ) echo "https://hosts-file.net/ad_servers.txt" >> " ${ adlistFile } " ; ;
esac
}
# Used only in unattended setup
# If there is already the adListFile, we keep it, else we create it using all default lists
installDefaultBlocklists( ) {
2018-08-14 12:59:41 +00:00
# In unattended setup, could be useful to use userdefined blocklist.
# If this file exists, we avoid overriding it.
2018-08-12 21:19:16 +00:00
if [ [ -f " ${ adlistFile } " ] ] ; then
return ;
2018-08-20 20:52:22 +00:00
fi
2018-08-12 21:19:16 +00:00
appendToListsFile StevenBlack
appendToListsFile MalwareDom
appendToListsFile Cameleon
appendToListsFile ZeusTracker
appendToListsFile DisconTrack
appendToListsFile DisconAd
appendToListsFile HostsFile
}
2018-02-07 05:45:23 +00:00
# Check if /etc/dnsmasq.conf is from pi-hole. If so replace with an original and install new in .d directory
2016-10-20 02:47:45 +00:00
version_check_dnsmasq( ) {
2018-07-06 04:48:36 +00:00
# Local, named variables
local dnsmasq_conf = "/etc/dnsmasq.conf"
local dnsmasq_conf_orig = "/etc/dnsmasq.conf.orig"
local dnsmasq_pihole_id_string = "addn-hosts=/etc/pihole/gravity.list"
local dnsmasq_original_config = " ${ PI_HOLE_LOCAL_REPO } /advanced/dnsmasq.conf.original "
local dnsmasq_pihole_01_snippet = " ${ PI_HOLE_LOCAL_REPO } /advanced/01-pihole.conf "
local dnsmasq_pihole_01_location = "/etc/dnsmasq.d/01-pihole.conf"
# If the dnsmasq config file exists
if [ [ -f " ${ dnsmasq_conf } " ] ] ; then
echo -ne " ${ INFO } Existing dnsmasq.conf found... "
# If gravity.list is found within this file, we presume it's from older versions on Pi-hole,
if grep -q ${ dnsmasq_pihole_id_string } ${ dnsmasq_conf } ; then
echo " it is from a previous Pi-hole install."
echo -ne " ${ INFO } Backing up dnsmasq.conf to dnsmasq.conf.orig... "
# so backup the original file
mv -f ${ dnsmasq_conf } ${ dnsmasq_conf_orig }
echo -e " ${ OVER } ${ TICK } Backing up dnsmasq.conf to dnsmasq.conf.orig... "
echo -ne " ${ INFO } Restoring default dnsmasq.conf... "
# and replace it with the default
cp ${ dnsmasq_original_config } ${ dnsmasq_conf }
echo -e " ${ OVER } ${ TICK } Restoring default dnsmasq.conf... "
# Otherwise,
else
# Don't to anything
echo " it is not a Pi-hole file, leaving alone!"
fi
2016-12-21 01:22:57 +00:00
else
2018-07-06 04:48:36 +00:00
# If a file cannot be found,
echo -ne " ${ INFO } No dnsmasq.conf found... restoring default dnsmasq.conf... "
# restore the default one
cp ${ dnsmasq_original_config } ${ dnsmasq_conf }
echo -e " ${ OVER } ${ TICK } No dnsmasq.conf found... restoring default dnsmasq.conf... "
fi
2016-12-21 01:22:57 +00:00
2018-07-06 04:48:36 +00:00
echo -en " ${ INFO } Copying 01-pihole.conf to /etc/dnsmasq.d/01-pihole.conf... "
# Check to see if dnsmasq directory exists (it may not due to being a fresh install and dnsmasq no longer being a dependency)
if [ [ ! -d "/etc/dnsmasq.d" ] ] ; then
mkdir "/etc/dnsmasq.d"
fi
# Copy the new Pi-hole DNS config file into the dnsmasq.d directory
cp ${ dnsmasq_pihole_01_snippet } ${ dnsmasq_pihole_01_location }
echo -e " ${ OVER } ${ TICK } Copying 01-pihole.conf to /etc/dnsmasq.d/01-pihole.conf "
# Replace our placeholder values with the GLOBAL DNS variables that we populated earlier
# First, swap in the interface to listen on
sed -i " s/@INT@/ $PIHOLE_INTERFACE / " ${ dnsmasq_pihole_01_location }
if [ [ " ${ PIHOLE_DNS_1 } " != "" ] ] ; then
# Then swap in the primary DNS server
sed -i " s/@DNS1@/ $PIHOLE_DNS_1 / " ${ dnsmasq_pihole_01_location }
else
#
sed -i '/^server=@DNS1@/d' ${ dnsmasq_pihole_01_location }
fi
if [ [ " ${ PIHOLE_DNS_2 } " != "" ] ] ; then
# Then swap in the primary DNS server
sed -i " s/@DNS2@/ $PIHOLE_DNS_2 / " ${ dnsmasq_pihole_01_location }
else
#
sed -i '/^server=@DNS2@/d' ${ dnsmasq_pihole_01_location }
fi
2016-12-21 01:22:57 +00:00
2018-07-06 04:48:36 +00:00
#
sed -i 's/^#conf-dir=\/etc\/dnsmasq.d$/conf-dir=\/etc\/dnsmasq.d/' ${ dnsmasq_conf }
# If the user does not want to enable logging,
if [ [ " ${ QUERY_LOGGING } " = = false ] ] ; then
2017-07-07 00:25:56 +00:00
# Disable it by commenting out the directive in the DNS config file
2016-10-31 21:38:48 +00:00
sed -i 's/^log-queries/#log-queries/' ${ dnsmasq_pihole_01_location }
2017-07-07 00:25:56 +00:00
# Otherwise,
2016-10-31 21:38:48 +00:00
else
2017-07-07 00:25:56 +00:00
# enable it by uncommenting the directive in the DNS config file
2016-10-31 21:38:48 +00:00
sed -i 's/^#log-queries/log-queries/' ${ dnsmasq_pihole_01_location }
fi
2016-01-25 05:04:02 +00:00
}
2017-07-10 19:12:30 +00:00
# Clean an existing installation to prepare for upgrade/reinstall
2016-11-02 07:14:25 +00:00
clean_existing( ) {
2018-07-06 04:48:36 +00:00
# Local, named variables
# ${1} Directory to clean
local clean_directory = " ${ 1 } "
# Make ${2} the new one?
shift
# ${2} Array of files to remove
local old_files = ( " $@ " )
# For each script found in the old files array
for script in " ${ old_files [@] } " ; do
# Remove them
rm -f " ${ clean_directory } / ${ script } .sh "
done
2016-11-02 07:14:25 +00:00
}
2016-10-05 16:57:48 +00:00
2017-07-07 00:25:56 +00:00
# Install the scripts from repository to their various locations
2016-11-02 07:14:25 +00:00
installScripts( ) {
2018-07-06 04:48:36 +00:00
# Local, named variables
local str = " Installing scripts from ${ PI_HOLE_LOCAL_REPO } "
echo -ne " ${ INFO } ${ str } ... "
# Clear out script files from Pi-hole scripts directory.
clean_existing " ${ PI_HOLE_INSTALL_DIR } " " ${ PI_HOLE_FILES [@] } "
# Install files from local core repository
if is_repo " ${ PI_HOLE_LOCAL_REPO } " ; then
# move into the directory
cd " ${ PI_HOLE_LOCAL_REPO } "
# Install the scripts by:
# -o setting the owner to the user
# -Dm755 create all leading components of destination except the last, then copy the source to the destination and setting the permissions to 755
#
# This first one is the directory
install -o " ${ USER } " -Dm755 -d " ${ PI_HOLE_INSTALL_DIR } "
# The rest are the scripts Pi-hole needs
install -o " ${ USER } " -Dm755 -t " ${ PI_HOLE_INSTALL_DIR } " gravity.sh
install -o " ${ USER } " -Dm755 -t " ${ PI_HOLE_INSTALL_DIR } " ./advanced/Scripts/*.sh
install -o " ${ USER } " -Dm755 -t " ${ PI_HOLE_INSTALL_DIR } " ./automated\ install/uninstall.sh
install -o " ${ USER } " -Dm755 -t " ${ PI_HOLE_INSTALL_DIR } " ./advanced/Scripts/COL_TABLE
install -o " ${ USER } " -Dm755 -t /usr/local/bin/ pihole
install -Dm644 ./advanced/bash-completion/pihole /etc/bash_completion.d/pihole
echo -e " ${ OVER } ${ TICK } ${ str } "
2018-07-30 21:02:18 +00:00
2018-07-06 04:48:36 +00:00
# Otherwise,
else
# Show an error and exit
echo -e " ${ OVER } ${ CROSS } ${ str }
${ COL_LIGHT_RED } Error: Local repo ${ PI_HOLE_LOCAL_REPO } not found, exiting installer${ COL_NC } "
2018-07-29 16:06:51 +00:00
return 1
2018-07-06 04:48:36 +00:00
fi
2015-12-03 17:25:13 +00:00
}
2017-07-07 00:25:56 +00:00
# Install the configs from PI_HOLE_LOCAL_REPO to their various locations
2016-01-27 06:11:38 +00:00
installConfigs( ) {
2018-07-06 04:48:36 +00:00
echo ""
echo -e " ${ INFO } Installing configs from ${ PI_HOLE_LOCAL_REPO } ... "
# Make sure Pi-hole's config files are in place
version_check_dnsmasq
2018-07-31 18:14:26 +00:00
# Install empty file if it does not exist
2018-07-30 21:26:07 +00:00
if [ [ ! -f " ${ PI_HOLE_CONFIG_DIR } /pihole-FTL.conf " ] ] ; then
if ! install -o pihole -g pihole -m 664 /dev/null " ${ PI_HOLE_CONFIG_DIR } /pihole-FTL.conf " & >/dev/nul; then
echo -e " ${ COL_LIGHT_RED } Error: Unable to initialize configuration file ${ PI_HOLE_CONFIG_DIR } /pihole-FTL.conf "
2018-07-30 21:02:18 +00:00
return 1
fi
fi
2018-07-29 01:56:18 +00:00
# Install an empty regex file
2018-07-29 03:07:35 +00:00
if [ [ ! -f " ${ regexFile } " ] ] ; then
2018-07-29 22:26:00 +00:00
# Let PHP edit the regex file, if installed
2018-07-29 23:09:03 +00:00
install -o pihole -g " ${ LIGHTTPD_GROUP :- pihole } " -m 664 /dev/null " ${ regexFile } "
2018-07-29 03:07:35 +00:00
fi
2018-07-06 04:48:36 +00:00
# If the user chose to install the dashboard,
if [ [ " ${ INSTALL_WEB_SERVER } " = = true ] ] ; then
# and if the Web server conf directory does not exist,
if [ [ ! -d "/etc/lighttpd" ] ] ; then
# make it
mkdir /etc/lighttpd
# and set the owners
chown " ${ USER } " :root /etc/lighttpd
# Otherwise, if the config file already exists
elif [ [ -f "/etc/lighttpd/lighttpd.conf" ] ] ; then
# back up the original
mv /etc/lighttpd/lighttpd.conf /etc/lighttpd/lighttpd.conf.orig
fi
# and copy in the config file Pi-hole needs
cp ${ PI_HOLE_LOCAL_REPO } /advanced/${ LIGHTTPD_CFG } /etc/lighttpd/lighttpd.conf
2018-09-07 16:09:37 +00:00
# Make sure the external.conf file exists, as lighttpd v1.4.50 crashes without it
touch /etc/lighttpd/external.conf
2018-07-06 04:48:36 +00:00
# if there is a custom block page in the html/pihole directory, replace 404 handler in lighttpd config
if [ [ -f "/var/www/html/pihole/custom.php" ] ] ; then
sed -i 's/^\(server\.error-handler-404\s*=\s*\).*$/\1"pihole\/custom\.php"/' /etc/lighttpd/lighttpd.conf
fi
# Make the directories if they do not exist and set the owners
mkdir -p /var/run/lighttpd
chown ${ LIGHTTPD_USER } :${ LIGHTTPD_GROUP } /var/run/lighttpd
mkdir -p /var/cache/lighttpd/compress
chown ${ LIGHTTPD_USER } :${ LIGHTTPD_GROUP } /var/cache/lighttpd/compress
mkdir -p /var/cache/lighttpd/uploads
chown ${ LIGHTTPD_USER } :${ LIGHTTPD_GROUP } /var/cache/lighttpd/uploads
fi
2015-12-03 17:25:13 +00:00
}
2018-06-01 23:45:04 +00:00
install_manpage( ) {
2018-07-06 04:48:36 +00:00
# Copy Pi-hole man pages and call mandb to update man page database
# Default location for man files for /usr/local/bin is /usr/local/share/man
# on lightweight systems may not be present, so check before copying.
echo -en " ${ INFO } Testing man page installation "
if ! command -v mandb & >/dev/null; then
# if mandb is not present, no manpage support
echo -e " ${ OVER } ${ INFO } man not installed "
return
elif [ [ ! -d "/usr/local/share/man" ] ] ; then
# appropriate directory for Pi-hole's man page is not present
echo -e " ${ OVER } ${ INFO } man pages not installed "
return
fi
if [ [ ! -d "/usr/local/share/man/man8" ] ] ; then
# if not present, create man8 directory
mkdir /usr/local/share/man/man8
fi
if [ [ ! -d "/usr/local/share/man/man5" ] ] ; then
# if not present, create man8 directory
mkdir /usr/local/share/man/man5
fi
# Testing complete, copy the files & update the man db
cp ${ PI_HOLE_LOCAL_REPO } /manpages/pihole.8 /usr/local/share/man/man8/pihole.8
cp ${ PI_HOLE_LOCAL_REPO } /manpages/pihole-FTL.8 /usr/local/share/man/man8/pihole-FTL.8
cp ${ PI_HOLE_LOCAL_REPO } /manpages/pihole-FTL.conf.5 /usr/local/share/man/man5/pihole-FTL.conf.5
if mandb -q & >/dev/null; then
# Updated successfully
echo -e " ${ OVER } ${ TICK } man pages installed and database updated "
return
else
# Something is wrong with the system's man installation, clean up
# our files, (leave everything how we found it).
rm /usr/local/share/man/man8/pihole.8 /usr/local/share/man/man8/pihole-FTL.8 /usr/local/share/man/man5/pihole-FTL.conf.5
echo -e " ${ OVER } ${ CROSS } man page db not updated, man pages not installed "
fi
2018-06-01 23:45:04 +00:00
}
2016-10-10 08:25:11 +00:00
stop_service( ) {
2018-07-06 04:48:36 +00:00
# Stop service passed in as argument.
# Can softfail, as process may not be installed when this is called
local str = " Stopping ${ 1 } service "
echo -ne " ${ INFO } ${ str } ... "
if command -v systemctl & > /dev/null; then
systemctl stop " ${ 1 } " & > /dev/null || true
else
service " ${ 1 } " stop & > /dev/null || true
fi
echo -e " ${ OVER } ${ TICK } ${ str } ... "
2016-10-10 13:06:34 +00:00
}
2017-07-07 00:25:56 +00:00
# Start/Restart service passed in as argument
2016-10-10 13:06:34 +00:00
start_service( ) {
2018-07-06 04:48:36 +00:00
# Local, named variables
local str = " Starting ${ 1 } service "
echo -ne " ${ INFO } ${ str } ... "
# If systemctl exists,
if command -v systemctl & > /dev/null; then
# use that to restart the service
systemctl restart " ${ 1 } " & > /dev/null
# Otherwise,
else
# fall back to the service command
service " ${ 1 } " restart & > /dev/null
fi
echo -e " ${ OVER } ${ TICK } ${ str } "
2016-10-10 13:06:34 +00:00
}
2017-07-07 00:25:56 +00:00
# Enable service so that it will start with next reboot
2016-10-10 13:06:34 +00:00
enable_service( ) {
2018-07-06 04:48:36 +00:00
# Local, named variables
local str = " Enabling ${ 1 } service to start on reboot "
echo -ne " ${ INFO } ${ str } ... "
# If systemctl exists,
if command -v systemctl & > /dev/null; then
# use that to enable the service
systemctl enable " ${ 1 } " & > /dev/null
# Otherwise,
else
# use update-rc.d to accomplish this
update-rc.d " ${ 1 } " defaults & > /dev/null
fi
echo -e " ${ OVER } ${ TICK } ${ str } "
2015-12-03 17:25:13 +00:00
}
2016-10-10 05:05:06 +00:00
2018-03-06 18:44:57 +00:00
# Disable service so that it will not with next reboot
disable_service( ) {
2018-07-06 04:48:36 +00:00
# Local, named variables
local str = " Disabling ${ 1 } service "
echo -ne " ${ INFO } ${ str } ... "
# If systemctl exists,
if command -v systemctl & > /dev/null; then
# use that to disable the service
systemctl disable " ${ 1 } " & > /dev/null
# Otherwise,
else
# use update-rc.d to accomplish this
update-rc.d " ${ 1 } " disable & > /dev/null
fi
echo -e " ${ OVER } ${ TICK } ${ str } "
2018-03-06 18:44:57 +00:00
}
2018-03-07 23:31:28 +00:00
check_service_active( ) {
# If systemctl exists,
2018-07-06 04:48:36 +00:00
if command -v systemctl & > /dev/null; then
# use that to check the status of the service
2018-07-29 00:50:04 +00:00
systemctl is-enabled " ${ 1 } " & > /dev/null
2018-07-06 04:48:36 +00:00
# Otherwise,
else
# fall back to service command
2018-07-29 00:50:04 +00:00
service " ${ 1 } " status & > /dev/null
2018-07-06 04:48:36 +00:00
fi
2018-03-07 23:31:28 +00:00
}
2018-07-06 04:48:36 +00:00
# Systemd-resolved's DNSStubListener and dnsmasq can't share port 53.
2018-05-15 10:23:36 +00:00
disable_resolved_stublistener( ) {
2018-07-26 23:27:06 +00:00
echo -en " ${ INFO } Testing if systemd-resolved is enabled "
# Check if Systemd-resolved's DNSStubListener is enabled and active on port 53
if check_service_active "systemd-resolved" ; then
2018-07-06 04:48:36 +00:00
# Check if DNSStubListener is enabled
2018-07-26 23:27:06 +00:00
echo -en " ${ OVER } ${ INFO } Testing if systemd-resolved DNSStub-Listener is active "
2018-07-06 04:48:36 +00:00
if ( grep -E '#?DNSStubListener=yes' /etc/systemd/resolved.conf & > /dev/null ) ; then
# Disable the DNSStubListener to unbind it from port 53
# Note that this breaks dns functionality on host until dnsmasq/ftl are up and running
2018-07-26 23:27:06 +00:00
echo -en " ${ OVER } ${ TICK } Disabling systemd-resolved DNSStubListener "
2018-07-06 04:48:36 +00:00
# Make a backup of the original /etc/systemd/resolved.conf
# (This will need to be restored on uninstallation)
2018-07-26 23:27:06 +00:00
sed -r -i.orig 's/#?DNSStubListener=yes/DNSStubListener=no/g' /etc/systemd/resolved.conf
echo -e " and restarting systemd-resolved"
systemctl reload-or-restart systemd-resolved
2018-07-06 04:48:36 +00:00
else
2018-07-26 23:27:06 +00:00
echo -e " ${ OVER } ${ INFO } Systemd-resolved does not need to be restarted "
2018-07-06 04:48:36 +00:00
fi
2018-05-16 21:44:07 +00:00
else
2018-07-26 23:27:06 +00:00
echo -e " ${ OVER } ${ INFO } Systemd-resolved is not enabled "
2018-05-15 10:23:36 +00:00
fi
}
2017-01-28 23:44:31 +00:00
update_package_cache( ) {
2018-07-06 04:48:36 +00:00
# Running apt-get update/upgrade with minimal output can cause some issues with
# requiring user input (e.g password for phpmyadmin see #218)
# Update package cache on apt based OSes. Do this every time since
# it's quick and packages can be updated at any time.
# Local, named variables
local str = "Update local cache of available packages"
echo ""
echo -ne " ${ INFO } ${ str } ... "
# Create a command from the package cache variable
if eval " ${ UPDATE_PKG_CACHE } " & > /dev/null; then
echo -e " ${ OVER } ${ TICK } ${ str } "
# Otherwise,
else
# show an error and exit
echo -e " ${ OVER } ${ CROSS } ${ str } "
echo -ne " ${ COL_LIGHT_RED } Error: Unable to update package cache. Please try \" ${ UPDATE_PKG_CACHE } \" ${ COL_NC } "
return 1
fi
2016-10-10 09:24:03 +00:00
}
2017-07-07 00:25:56 +00:00
# Let user know if they have outdated packages on their system and
# advise them to run a package update at soonest possible.
2016-10-20 02:47:45 +00:00
notify_package_updates_available( ) {
2018-07-06 04:48:36 +00:00
# Local, named variables
local str = " Checking ${ PKG_MANAGER } for upgraded packages "
echo -ne " \\n ${ INFO } ${ str } ... "
# Store the list of packages in a variable
updatesToInstall = $( eval " ${ PKG_COUNT } " )
2017-07-26 17:00:08 +00:00
2018-07-06 04:48:36 +00:00
if [ [ -d " /lib/modules/ $( uname -r) " ] ] ; then
if [ [ " ${ updatesToInstall } " -eq 0 ] ] ; then
echo -e " ${ OVER } ${ TICK } ${ str } ... up to date! "
echo ""
else
echo -e " ${ OVER } ${ TICK } ${ str } ... ${ updatesToInstall } updates available "
echo -e " ${ INFO } ${ COL_LIGHT_GREEN } It is recommended to update your OS after installing the Pi-hole! ${ COL_NC } "
echo ""
fi
2016-12-29 09:34:49 +00:00
else
2018-07-06 04:48:36 +00:00
echo -e " ${ OVER } ${ CROSS } ${ str }
Kernel update detected. If the install fails, please reboot and try again\\ n"
fi
2016-10-10 05:00:23 +00:00
}
2017-07-07 00:25:56 +00:00
# What's this doing outside of a function in the middle of nowhere?
2017-06-21 11:49:05 +00:00
counter = 0
2017-07-07 00:25:56 +00:00
2016-10-20 02:47:45 +00:00
install_dependent_packages( ) {
2018-07-06 04:48:36 +00:00
# Local, named variables should be used here, especially for an iterator
# Add one to the counter
counter = $(( counter+1))
# If it equals 1,
if [ [ " ${ counter } " = = 1 ] ] ; then
#
echo -e " ${ INFO } Installer Dependency checks... "
else
#
echo -e " ${ INFO } Main Dependency checks... "
fi
# Install packages passed in via argument array
# No spinner - conflicts with set -e
declare -a argArray1 = ( " ${ !1 } " )
declare -a installArray
# Debian based package install - debconf will download the entire package list
# so we just create an array of packages not currently installed to cut down on the
# amount of download traffic.
# NOTE: We may be able to use this installArray in the future to create a list of package that were
# installed by us, and remove only the installed packages, and not the entire list.
if command -v debconf-apt-progress & > /dev/null; then
# For each package,
for i in " ${ argArray1 [@] } " ; do
echo -ne " ${ INFO } Checking for $i ... "
if dpkg-query -W -f= '${Status}' " ${ i } " 2>/dev/null | grep "ok installed" & > /dev/null; then
echo -e " ${ OVER } ${ TICK } Checking for $i "
else
echo -e " ${ OVER } ${ INFO } Checking for $i (will be installed) "
installArray += ( " ${ i } " )
fi
done
if [ [ " ${# installArray [@] } " -gt 0 ] ] ; then
test_dpkg_lock
debconf-apt-progress -- " ${ PKG_INSTALL [@] } " " ${ installArray [@] } "
return
fi
echo ""
return 0
fi
# Install Fedora/CentOS packages
for i in " ${ argArray1 [@] } " ; do
echo -ne " ${ INFO } Checking for $i ... "
if ${ PKG_MANAGER } -q list installed " ${ i } " & > /dev/null; then
echo -e " ${ OVER } ${ TICK } Checking for $i "
else
echo -e " ${ OVER } ${ INFO } Checking for $i (will be installed) "
installArray += ( " ${ i } " )
fi
2016-12-21 00:47:43 +00:00
done
2017-07-26 17:00:08 +00:00
if [ [ " ${# installArray [@] } " -gt 0 ] ] ; then
2018-07-06 04:48:36 +00:00
" ${ PKG_INSTALL [@] } " " ${ installArray [@] } " & > /dev/null
return
2016-12-22 07:38:31 +00:00
fi
2018-07-06 04:48:36 +00:00
echo ""
return 0
2015-12-03 17:25:13 +00:00
}
2017-07-07 00:25:56 +00:00
# Install the Web interface dashboard
2016-01-27 06:11:38 +00:00
installPiholeWeb( ) {
2018-07-06 04:48:36 +00:00
echo ""
echo " ${ INFO } Installing blocking page... "
local str = "Creating directory for blocking page, and copying files"
echo -ne " ${ INFO } ${ str } ... "
# Install the directory
install -d /var/www/html/pihole
# and the blockpage
install -D ${ PI_HOLE_LOCAL_REPO } /advanced/{ index,blockingpage} .* /var/www/html/pihole/
# Remove superseded file
if [ [ -e "/var/www/html/pihole/index.js" ] ] ; then
rm "/var/www/html/pihole/index.js"
fi
echo -e " ${ OVER } ${ TICK } ${ str } "
local str = "Backing up index.lighttpd.html"
echo -ne " ${ INFO } ${ str } ... "
# If the default index file exists,
if [ [ -f "/var/www/html/index.lighttpd.html" ] ] ; then
# back it up
mv /var/www/html/index.lighttpd.html /var/www/html/index.lighttpd.orig
echo -e " ${ OVER } ${ TICK } ${ str } "
# Otherwise,
else
# don't do anything
echo -e " ${ OVER } ${ CROSS } ${ str }
No default index.lighttpd.html file found... not backing up"
fi
# Install Sudoers file
echo ""
local str = "Installing sudoer file"
echo -ne " ${ INFO } ${ str } ... "
# Make the .d directory if it doesn't exist
mkdir -p /etc/sudoers.d/
# and copy in the pihole sudoers file
2018-07-27 22:21:25 +00:00
cp ${ PI_HOLE_LOCAL_REPO } /advanced/Templates/pihole.sudo /etc/sudoers.d/pihole
2018-07-06 04:48:36 +00:00
# Add lighttpd user (OS dependent) to sudoers file
echo " ${ LIGHTTPD_USER } ALL=NOPASSWD: /usr/local/bin/pihole " >> /etc/sudoers.d/pihole
# If the Web server user is lighttpd,
if [ [ " $LIGHTTPD_USER " = = "lighttpd" ] ] ; then
# Allow executing pihole via sudo with Fedora
# Usually /usr/local/bin is not permitted as directory for sudoable programs
echo "Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin" >> /etc/sudoers.d/pihole
fi
# Set the strict permissions on the file
chmod 0440 /etc/sudoers.d/pihole
2017-06-21 11:49:05 +00:00
echo -e " ${ OVER } ${ TICK } ${ str } "
2015-12-03 17:25:13 +00:00
}
2017-07-07 00:25:56 +00:00
# Installs a cron file
2016-01-27 06:11:38 +00:00
installCron( ) {
2018-07-06 04:48:36 +00:00
# Install the cron job
local str = "Installing latest Cron script"
echo ""
echo -ne " ${ INFO } ${ str } ... "
# Copy the cron file over from the local repo
2018-07-27 22:21:25 +00:00
cp ${ PI_HOLE_LOCAL_REPO } /advanced/Templates/pihole.cron /etc/cron.d/pihole
2018-07-06 04:48:36 +00:00
# Randomize gravity update time
sed -i " s/59 1 / $(( 1 + RANDOM % 58 )) $(( 3 + RANDOM % 2 )) / " /etc/cron.d/pihole
# Randomize update checker time
sed -i " s/59 17/ $(( 1 + RANDOM % 58 )) $(( 12 + RANDOM % 8 )) / " /etc/cron.d/pihole
echo -e " ${ OVER } ${ TICK } ${ str } "
2015-12-03 17:25:13 +00:00
}
2017-07-07 00:25:56 +00:00
# Gravity is a very important script as it aggregates all of the domains into a single HOSTS formatted list,
# which is what Pi-hole needs to begin blocking ads
2016-01-27 06:11:38 +00:00
runGravity( ) {
2018-07-06 04:48:36 +00:00
# Run gravity in the current shell
{ /opt/pihole/gravity.sh --force; }
2016-01-19 22:52:29 +00:00
}
2017-07-07 00:25:56 +00:00
# Check if the pihole user exists and create if it does not
2016-10-20 02:47:45 +00:00
create_pihole_user( ) {
2018-07-06 04:48:36 +00:00
local str = "Checking for user 'pihole'"
2017-06-21 11:49:05 +00:00
echo -ne " ${ INFO } ${ str } ... "
2018-07-06 04:48:36 +00:00
# If the user pihole exists,
if id -u pihole & > /dev/null; then
# just show a success
echo -ne " ${ OVER } ${ TICK } ${ str } "
# Otherwise,
else
echo -ne " ${ OVER } ${ CROSS } ${ str } "
local str = "Creating user 'pihole'"
echo -ne " ${ INFO } ${ str } ... "
# create her with the useradd command
useradd -r -s /usr/sbin/nologin pihole
echo -ne " ${ OVER } ${ TICK } ${ str } "
fi
2016-01-25 05:28:53 +00:00
}
2016-01-20 23:34:18 +00:00
2017-07-07 00:25:56 +00:00
# Allow HTTP and DNS traffic
2016-05-14 23:05:40 +00:00
configureFirewall( ) {
2018-07-06 04:48:36 +00:00
echo ""
# If a firewall is running,
if firewall-cmd --state & > /dev/null; then
# ask if the user wants to install Pi-hole's default firewall rules
whiptail --title "Firewall in use" --yesno "We have detected a running firewall\\n\\nPi-hole currently requires HTTP and DNS port access.\\n\\n\\n\\nInstall Pi-hole default firewall rules?" ${ r } ${ c } || \
{ echo -e " ${ INFO } Not installing firewall rulesets. " ; return 0; }
echo -e " ${ TICK } Configuring FirewallD for httpd and pihole-FTL "
# Allow HTTP and DNS traffic
firewall-cmd --permanent --add-service= http --add-service= dns
# Reload the firewall to apply these changes
firewall-cmd --reload
return 0
# Check for proper kernel modules to prevent failure
elif modinfo ip_tables & > /dev/null && command -v iptables & > /dev/null; then
2017-01-01 03:07:40 +00:00
# If chain Policy is not ACCEPT or last Rule is not ACCEPT
# then check and insert our Rules above the DROP/REJECT Rule.
2018-07-06 04:48:36 +00:00
if iptables -S INPUT | head -n1 | grep -qv '^-P.*ACCEPT$' || iptables -S INPUT | tail -n1 | grep -qv '^-\(A\|P\).*ACCEPT$' ; then
whiptail --title "Firewall in use" --yesno "We have detected a running firewall\\n\\nPi-hole currently requires HTTP and DNS port access.\\n\\n\\n\\nInstall Pi-hole default firewall rules?" ${ r } ${ c } || \
{ echo -e " ${ INFO } Not installing firewall rulesets. " ; return 0; }
echo -e " ${ TICK } Installing new IPTables firewall rulesets "
# Check chain first, otherwise a new rule will duplicate old ones
iptables -C INPUT -p tcp -m tcp --dport 80 -j ACCEPT & > /dev/null || iptables -I INPUT 1 -p tcp -m tcp --dport 80 -j ACCEPT
iptables -C INPUT -p tcp -m tcp --dport 53 -j ACCEPT & > /dev/null || iptables -I INPUT 1 -p tcp -m tcp --dport 53 -j ACCEPT
iptables -C INPUT -p udp -m udp --dport 53 -j ACCEPT & > /dev/null || iptables -I INPUT 1 -p udp -m udp --dport 53 -j ACCEPT
iptables -C INPUT -p tcp -m tcp --dport 4711:4720 -i lo -j ACCEPT & > /dev/null || iptables -I INPUT 1 -p tcp -m tcp --dport 4711:4720 -i lo -j ACCEPT
return 0
fi
# Otherwise,
else
# no firewall is running
echo -e " ${ INFO } No active firewall detected.. skipping firewall configuration "
# so just exit
return 0
fi
echo -e " ${ INFO } Skipping firewall configuration "
2016-05-14 23:05:40 +00:00
}
2017-07-07 00:25:56 +00:00
#
2016-08-26 21:45:38 +00:00
finalExports( ) {
2018-07-06 04:48:36 +00:00
# If the Web interface is not set to be installed,
if [ [ " ${ INSTALL_WEB_INTERFACE } " = = false ] ] ; then
# and if there is not an IPv4 address,
if [ [ " ${ IPV4_ADDRESS } " ] ] ; then
# there is no block page, so set IPv4 to 0.0.0.0 (all IP addresses)
IPV4_ADDRESS = "0.0.0.0"
fi
if [ [ " ${ IPV6_ADDRESS } " ] ] ; then
# and IPv6 to ::/0
IPV6_ADDRESS = "::/0"
fi
fi
# If the setup variable file exists,
if [ [ -e " ${ setupVars } " ] ] ; then
# update the variables in the file
sed -i.update.bak '/PIHOLE_INTERFACE/d;/IPV4_ADDRESS/d;/IPV6_ADDRESS/d;/PIHOLE_DNS_1/d;/PIHOLE_DNS_2/d;/QUERY_LOGGING/d;/INSTALL_WEB_SERVER/d;/INSTALL_WEB_INTERFACE/d;/LIGHTTPD_ENABLED/d;' " ${ setupVars } "
fi
# echo the information to the user
2016-10-10 09:57:04 +00:00
{
2018-07-06 04:48:36 +00:00
echo " PIHOLE_INTERFACE= ${ PIHOLE_INTERFACE } "
echo " IPV4_ADDRESS= ${ IPV4_ADDRESS } "
echo " IPV6_ADDRESS= ${ IPV6_ADDRESS } "
echo " PIHOLE_DNS_1= ${ PIHOLE_DNS_1 } "
echo " PIHOLE_DNS_2= ${ PIHOLE_DNS_2 } "
echo " QUERY_LOGGING= ${ QUERY_LOGGING } "
echo " INSTALL_WEB_SERVER= ${ INSTALL_WEB_SERVER } "
echo " INSTALL_WEB_INTERFACE= ${ INSTALL_WEB_INTERFACE } "
echo " LIGHTTPD_ENABLED= ${ LIGHTTPD_ENABLED } "
2016-10-10 12:45:37 +00:00
} >> " ${ setupVars } "
2016-12-28 16:31:55 +00:00
2018-07-06 04:48:36 +00:00
# Bring in the current settings and the functions to manipulate them
source " ${ setupVars } "
source " ${ PI_HOLE_LOCAL_REPO } /advanced/Scripts/webpage.sh "
2017-01-02 09:50:59 +00:00
2018-07-06 04:48:36 +00:00
# Look for DNS server settings which would have to be reapplied
ProcessDNSSettings
2017-01-02 09:50:59 +00:00
2018-07-06 04:48:36 +00:00
# Look for DHCP server settings which would have to be reapplied
ProcessDHCPSettings
2015-11-07 18:07:50 +00:00
}
2017-07-07 00:25:56 +00:00
# Install the logrotate script
2017-01-27 13:16:24 +00:00
installLogrotate( ) {
2017-07-07 00:25:56 +00:00
2018-07-06 04:48:36 +00:00
local str = "Installing latest logrotate script"
echo ""
echo -ne " ${ INFO } ${ str } ... "
# Copy the file over from the local repo
2018-07-27 22:21:25 +00:00
cp ${ PI_HOLE_LOCAL_REPO } /advanced/Templates/logrotate /etc/pihole/logrotate
2018-07-06 04:48:36 +00:00
# Different operating systems have different user / group
# settings for logrotate that makes it impossible to create
# a static logrotate file that will work with e.g.
# Rasbian and Ubuntu at the same time. Hence, we have to
# customize the logrotate script here in order to reflect
# the local properties of the /var/log directory
logusergroup = " $( stat -c '%U %G' /var/log) "
# If the variable has a value,
if [ [ ! -z " ${ logusergroup } " ] ] ; then
#
sed -i " s/# su #/su ${ logusergroup } /g; " /etc/pihole/logrotate
fi
echo -e " ${ OVER } ${ TICK } ${ str } "
2017-01-27 13:16:24 +00:00
}
2017-12-11 04:51:54 +00:00
# At some point in the future this list can be pruned, for now we'll need it to ensure updates don't break.
# Refactoring of install script has changed the name of a couple of variables. Sort them out here.
accountForRefactor( ) {
2018-07-06 04:48:36 +00:00
sed -i 's/piholeInterface/PIHOLE_INTERFACE/g' ${ setupVars }
sed -i 's/IPv4_address/IPV4_ADDRESS/g' ${ setupVars }
sed -i 's/IPv4addr/IPV4_ADDRESS/g' ${ setupVars }
sed -i 's/IPv6_address/IPV6_ADDRESS/g' ${ setupVars }
sed -i 's/piholeIPv6/IPV6_ADDRESS/g' ${ setupVars }
sed -i 's/piholeDNS1/PIHOLE_DNS_1/g' ${ setupVars }
sed -i 's/piholeDNS2/PIHOLE_DNS_2/g' ${ setupVars }
sed -i 's/^INSTALL_WEB=/INSTALL_WEB_INTERFACE=/' ${ setupVars }
# Add 'INSTALL_WEB_SERVER', if its not been applied already: https://github.com/pi-hole/pi-hole/pull/2115
if ! grep -q '^INSTALL_WEB_SERVER=' ${ setupVars } ; then
local webserver_installed = false
if grep -q '^INSTALL_WEB_INTERFACE=true' ${ setupVars } ; then
webserver_installed = true
fi
echo -e " INSTALL_WEB_SERVER= $webserver_installed " >> ${ setupVars }
fi
2017-12-11 04:51:54 +00:00
}
2017-07-07 00:25:56 +00:00
# Install base files and web interface
2016-08-19 21:45:24 +00:00
installPihole( ) {
2018-07-06 04:48:36 +00:00
# Create the pihole user
create_pihole_user
2017-01-28 15:45:14 +00:00
2018-07-06 04:48:36 +00:00
# If the user wants to install the Web interface,
if [ [ " ${ INSTALL_WEB_INTERFACE } " = = true ] ] ; then
if [ [ ! -d "/var/www/html" ] ] ; then
# make the Web directory if necessary
mkdir -p /var/www/html
fi
if [ [ " ${ INSTALL_WEB_SERVER } " = = true ] ] ; then
# Set the owner and permissions
chown ${ LIGHTTPD_USER } :${ LIGHTTPD_GROUP } /var/www/html
chmod 775 /var/www/html
# Give pihole access to the Web server group
usermod -a -G ${ LIGHTTPD_GROUP } pihole
# If the lighttpd command is executable,
if [ [ -x " $( command -v lighty-enable-mod) " ] ] ; then
# enable fastcgi and fastcgi-php
lighty-enable-mod fastcgi fastcgi-php > /dev/null || true
else
# Otherwise, show info about installing them
echo -e " ${ INFO } Warning: 'lighty-enable-mod' utility not found
Please ensure fastcgi is enabled if you experience issues\\ n"
fi
fi
fi
# For updates and unattended install.
if [ [ " ${ useUpdateVars } " = = true ] ] ; then
accountForRefactor
fi
# Install base files and web interface
2018-07-29 16:06:51 +00:00
if ! installScripts; then
echo -e " {CROSS} Failure in dependent script copy function."
exit 1
fi
2018-07-06 04:48:36 +00:00
# Install config files
2018-07-30 21:02:18 +00:00
if ! installConfigs; then
echo -e " {CROSS} Failure in dependent config copy function."
exit 1
fi
2018-07-06 04:48:36 +00:00
# If the user wants to install the dashboard,
if [ [ " ${ INSTALL_WEB_INTERFACE } " = = true ] ] ; then
# do so
installPiholeWeb
fi
# Install the cron file
installCron
# Install the logrotate file
installLogrotate
# Check if FTL is installed
FTLdetect || echo -e " ${ CROSS } FTL Engine not installed "
# Configure the firewall
if [ [ " ${ useUpdateVars } " = = false ] ] ; then
configureFirewall
2017-01-28 15:45:14 +00:00
fi
2018-04-15 01:08:16 +00:00
2018-07-06 04:48:36 +00:00
# install a man page entry for pihole
install_manpage
# Update setupvars.conf with any variables that may or may not have been changed during the install
finalExports
2016-08-19 21:45:24 +00:00
}
2016-12-23 16:53:42 +00:00
2017-07-07 00:25:56 +00:00
# SELinux
2016-12-23 16:27:52 +00:00
checkSelinux( ) {
2018-07-06 04:48:36 +00:00
# If the getenforce command exists,
if command -v getenforce & > /dev/null; then
# Store the current mode in a variable
enforceMode = $( getenforce)
echo -e " \\n ${ INFO } SELinux mode detected: ${ enforceMode } "
# If it's enforcing,
if [ [ " ${ enforceMode } " = = "Enforcing" ] ] ; then
# Explain Pi-hole does not support it yet
whiptail --defaultno --title "SELinux Enforcing Detected" --yesno "SELinux is being ENFORCED on your system! \\n\\nPi-hole currently does not support SELinux, but you may still continue with the installation.\\n\\nNote: Web Admin will not be fully functional unless you set your policies correctly\\n\\nContinue installing Pi-hole?" ${ r } ${ c } || \
{ echo -e " \\n ${ COL_LIGHT_RED } SELinux Enforcing detected, exiting installer ${ COL_NC } " ; exit 1; }
echo -e " ${ INFO } Continuing installation with SELinux Enforcing
${ INFO } Please refer to official SELinux documentation to create a custom policy"
fi
fi
2015-11-07 18:07:50 +00:00
}
2017-07-07 00:25:56 +00:00
# Installation complete message with instructions for the user
2016-01-27 06:11:38 +00:00
displayFinalMessage( ) {
2018-07-06 04:48:36 +00:00
# If
if [ [ " ${# 1 } " -gt 0 ] ] ; then
pwstring = " $1 "
# else, if the dashboard password in the setup variables exists,
elif [ [ $( grep 'WEBPASSWORD' -c /etc/pihole/setupVars.conf) -gt 0 ] ] ; then
# set a variable for evaluation later
pwstring = "unchanged"
else
# set a variable for evaluation later
pwstring = "NOT SET"
fi
# If the user wants to install the dashboard,
if [ [ " ${ INSTALL_WEB_INTERFACE } " = = true ] ] ; then
# Store a message in a variable and display it
additional = " View the web interface at http://pi.hole/admin or http:// ${ IPV4_ADDRESS %/* } /admin
2017-01-28 15:43:33 +00:00
2017-05-23 08:44:11 +00:00
Your Admin Webpage login password is ${ pwstring } "
2017-01-28 15:43:33 +00:00
fi
2018-07-06 04:48:36 +00:00
# Final completion message to user
whiptail --msgbox --backtitle "Make it so." --title "Installation Complete!" " Configure your devices to use the Pi-hole as their DNS server using:
2016-01-01 02:26:05 +00:00
2016-11-01 09:45:22 +00:00
IPv4: ${ IPV4_ADDRESS %/* }
2017-01-01 15:10:14 +00:00
IPv6: ${ IPV6_ADDRESS :- "Not Configured" }
2016-01-01 02:26:05 +00:00
2016-04-03 23:05:11 +00:00
If you set a new IP address, you should restart the Pi.
2016-01-01 02:26:05 +00:00
2016-05-25 22:55:36 +00:00
The install log is in /etc/pihole.
2016-12-15 13:10:55 +00:00
2017-01-28 15:43:33 +00:00
${ additional } " ${ r } ${ c }
2016-08-19 21:31:11 +00:00
}
2016-10-20 02:47:45 +00:00
update_dialogs( ) {
2018-07-06 04:48:36 +00:00
# If pihole -r "reconfigure" option was selected,
if [ [ " ${ reconfigure } " = true ] ] ; then
# set some variables that will be used
opt1a = "Repair"
opt1b = "This will retain existing settings"
strAdd = "You will remain on the same version"
# Otherwise,
else
# set some variables with different values
opt1a = "Update"
opt1b = "This will retain existing settings."
strAdd = "You will be updated to the latest version."
fi
opt2a = "Reconfigure"
opt2b = "This will reset your Pi-hole and allow you to enter new settings."
# Display the information to the user
UpdateCmd = $( whiptail --title "Existing Install Detected!" --menu " \\n\\nWe have detected an existing install.\\n\\nPlease choose from the following options: \\n( $strAdd ) " ${ r } ${ c } 2 \
" ${ opt1a } " " ${ opt1b } " \
" ${ opt2a } " " ${ opt2b } " 3>& 2 2>& 1 1>& 3) || \
{ echo -e " ${ COL_LIGHT_RED } Cancel was selected, exiting installer ${ COL_NC } " ; exit 1; }
# Set the variable based on if the user chooses
case ${ UpdateCmd } in
# repair, or
${ opt1a } )
echo -e " ${ INFO } ${ opt1a } option selected "
useUpdateVars = true
; ;
# reconfigure,
${ opt2a } )
echo -e " ${ INFO } ${ opt2a } option selected "
useUpdateVars = false
; ;
2016-12-21 01:22:57 +00:00
esac
2016-01-01 02:26:05 +00:00
}
2018-05-01 20:59:12 +00:00
check_download_exists( ) {
2018-07-06 04:48:36 +00:00
status = $( curl --head --silent " https://ftl.pi-hole.net/ ${ 1 } " | head -n 1)
if grep -q "404" <<< " $status " ; then
return 1
else
return 0
fi
2018-05-01 20:59:12 +00:00
}
fully_fetch_repo( ) {
2018-07-06 04:48:36 +00:00
# Add upstream branches to shallow clone
local directory = " ${ 1 } "
2018-05-01 20:59:12 +00:00
2018-07-06 04:48:36 +00:00
cd " ${ directory } " || return 1
if is_repo " ${ directory } " ; then
git remote set-branches origin '*' || return 1
git fetch --quiet || return 1
else
return 1
fi
return 0
2018-05-01 20:59:12 +00:00
}
get_available_branches( ) {
2018-07-06 04:48:36 +00:00
# Return available branches
local directory
directory = " ${ 1 } "
local output
cd " ${ directory } " || return 1
# Get reachable remote branches, but store STDERR as STDOUT variable
2018-07-28 03:20:59 +00:00
output = $( { git ls-remote --heads --quiet | cut -d'/' -f3- -; } 2>& 1 )
2018-07-06 04:48:36 +00:00
echo " $output "
return
2018-05-01 20:59:12 +00:00
}
fetch_checkout_pull_branch( ) {
2018-07-06 04:48:36 +00:00
# Check out specified branch
local directory
directory = " ${ 1 } "
local branch
branch = " ${ 2 } "
# Set the reference for the requested branch, fetch, check it put and pull it
cd " ${ directory } " || return 1
git remote set-branches origin " ${ branch } " || return 1
git stash --all --quiet & > /dev/null || true
git clean --quiet --force -d || true
git fetch --quiet || return 1
checkout_pull_branch " ${ directory } " " ${ branch } " || return 1
2018-05-01 20:59:12 +00:00
}
checkout_pull_branch( ) {
2018-07-06 04:48:36 +00:00
# Check out specified branch
local directory
directory = " ${ 1 } "
local branch
branch = " ${ 2 } "
local oldbranch
2018-05-01 20:59:12 +00:00
2018-07-06 04:48:36 +00:00
cd " ${ directory } " || return 1
2018-05-01 20:59:12 +00:00
2018-07-06 04:48:36 +00:00
oldbranch = " $( git symbolic-ref HEAD) "
2018-05-01 20:59:12 +00:00
2018-07-06 04:48:36 +00:00
str = " Switching to branch: ' ${ branch } ' from ' ${ oldbranch } ' "
echo -ne " ${ INFO } $str "
git checkout " ${ branch } " --quiet || return 1
echo -e " ${ OVER } ${ TICK } $str "
2018-05-01 20:59:12 +00:00
2018-07-06 04:48:36 +00:00
git_pull = $( git pull || return 1)
2018-05-01 20:59:12 +00:00
2018-07-06 04:48:36 +00:00
if [ [ " $git_pull " = = *"up-to-date" * ] ] ; then
echo -e " ${ INFO } ${ git_pull } "
else
echo -e " $git_pull \\n "
fi
2018-05-01 20:59:12 +00:00
2018-07-06 04:48:36 +00:00
return 0
2018-05-01 20:59:12 +00:00
}
2017-01-28 15:15:42 +00:00
clone_or_update_repos( ) {
2018-07-06 04:48:36 +00:00
# If the user wants to reconfigure,
if [ [ " ${ reconfigure } " = = true ] ] ; then
echo " ${ INFO } Performing reconfiguration, skipping download of local repos "
# Reset the Core repo
resetRepo ${ PI_HOLE_LOCAL_REPO } || \
{ echo -e " ${ COL_LIGHT_RED } Unable to reset ${ PI_HOLE_LOCAL_REPO } , exiting installer ${ COL_NC } " ; \
2017-05-22 21:43:52 +00:00
exit 1; \
2017-01-28 15:15:42 +00:00
}
2018-07-06 04:48:36 +00:00
# If the Web interface was installed,
if [ [ " ${ INSTALL_WEB_INTERFACE } " = = true ] ] ; then
# reset it's repo
resetRepo ${ webInterfaceDir } || \
{ echo -e " ${ COL_LIGHT_RED } Unable to reset ${ webInterfaceDir } , exiting installer ${ COL_NC } " ; \
exit 1; \
}
fi
# Otherwise, a repair is happening
else
# so get git files for Core
getGitFiles ${ PI_HOLE_LOCAL_REPO } ${ piholeGitUrl } || \
{ echo -e " ${ COL_LIGHT_RED } Unable to clone ${ piholeGitUrl } into ${ PI_HOLE_LOCAL_REPO } , unable to continue ${ COL_NC } " ; \
2017-05-21 20:47:26 +00:00
exit 1; \
2017-01-28 15:15:42 +00:00
}
2018-07-06 04:48:36 +00:00
# If the Web interface was installed,
if [ [ " ${ INSTALL_WEB_INTERFACE } " = = true ] ] ; then
# get the Web git files
getGitFiles ${ webInterfaceDir } ${ webInterfaceGitUrl } || \
{ echo -e " ${ COL_LIGHT_RED } Unable to clone ${ webInterfaceGitUrl } into ${ webInterfaceDir } , exiting installer ${ COL_NC } " ; \
exit 1; \
}
fi
fi
2017-01-28 15:15:42 +00:00
}
2018-02-23 04:13:38 +00:00
# Download FTL binary to random temp directory and install FTL binary
2017-02-20 16:24:19 +00:00
FTLinstall( ) {
2018-07-06 04:48:36 +00:00
# Local, named variables
local binary = " ${ 1 } "
local latesttag
local str = "Downloading and Installing FTL"
echo -ne " ${ INFO } ${ str } ... "
# Find the latest version tag for FTL
latesttag = $( curl -sI https://github.com/pi-hole/FTL/releases/latest | grep "Location" | awk -F '/' '{print $NF}' )
# Tags should always start with v, check for that.
if [ [ ! " ${ latesttag } " = = v* ] ] ; then
echo -e " ${ OVER } ${ CROSS } ${ str } "
echo -e " ${ COL_LIGHT_RED } Error: Unable to get latest release location from GitHub ${ COL_NC } "
return 1
fi
# Move into the temp ftl directory
pushd " $( mktemp -d) " > /dev/null || { echo "Unable to make temporary directory for FTL binary download" ; return 1; }
2018-03-18 00:38:34 +00:00
2018-07-06 04:48:36 +00:00
# Always replace pihole-FTL.service
2018-07-27 22:21:25 +00:00
install -T -m 0755 " ${ PI_HOLE_LOCAL_REPO } /advanced/Templates/pihole-FTL.service " "/etc/init.d/pihole-FTL"
2018-07-06 04:48:36 +00:00
local ftlBranch
local url
if [ [ -f "/etc/pihole/ftlbranch" ] ] ; then
ftlBranch = $( </etc/pihole/ftlbranch)
else
ftlBranch = "master"
fi
# Determine which version of FTL to download
if [ [ " ${ ftlBranch } " = = "master" ] ] ; then
url = " https://github.com/pi-hole/FTL/releases/download/ ${ latesttag % $'\r' } "
else
url = " https://ftl.pi-hole.net/ ${ ftlBranch } "
fi
# If the download worked,
if curl -sSL --fail " ${ url } / ${ binary } " -o " ${ binary } " ; then
# get sha1 of the binary we just downloaded for verification.
curl -sSL --fail " ${ url } / ${ binary } .sha1 " -o " ${ binary } .sha1 "
# If we downloaded binary file (as opposed to text),
if sha1sum --status --quiet -c " ${ binary } " .sha1; then
echo -n "transferred... "
# Stop FTL
stop_service pihole-FTL & > /dev/null
# Install the new version with the correct permissions
install -T -m 0755 " ${ binary } " /usr/bin/pihole-FTL
# Move back into the original directory the user was in
popd > /dev/null || { echo "Unable to return to original directory after FTL binary download." ; return 1; }
# Install the FTL service
echo -e " ${ OVER } ${ TICK } ${ str } "
# dnsmasq can now be stopped and disabled if it exists
2018-07-29 01:12:05 +00:00
if which dnsmasq & > /dev/null; then
2018-07-06 04:48:36 +00:00
if check_service_active "dnsmasq" ; then
echo " ${ INFO } FTL can now resolve DNS Queries without dnsmasq running separately "
stop_service dnsmasq
disable_service dnsmasq
fi
fi
2018-08-20 20:52:22 +00:00
# Backup existing /etc/dnsmasq.conf if present and ensure that
# /etc/dnsmasq.conf contains only "conf-dir=/etc/dnsmasq.d"
local conffile = "/etc/dnsmasq.conf"
if [ [ -f " ${ conffile } " ] ] ; then
2018-08-21 11:07:23 +00:00
echo " ${ INFO } Backing up ${ conffile } to ${ conffile } .old "
2018-08-20 20:52:22 +00:00
mv " ${ conffile } " " ${ conffile } .old "
2018-07-06 04:48:36 +00:00
fi
2018-08-20 20:52:22 +00:00
# Create /etc/dnsmasq.conf
echo "conf-dir=/etc/dnsmasq.d" > " ${ conffile } "
2018-07-06 04:48:36 +00:00
return 0
# Otherwise,
else
# the download failed, so just go back to the original directory
popd > /dev/null || { echo "Unable to return to original directory after FTL binary download." ; return 1; }
echo -e " ${ OVER } ${ CROSS } ${ str } "
2018-08-07 14:51:58 +00:00
echo -e " ${ COL_LIGHT_RED } Error: Download of ${ url } / ${ binary } failed (checksum error) ${ COL_NC } "
2018-07-06 04:48:36 +00:00
return 1
fi
2017-12-11 04:51:54 +00:00
# Otherwise,
2017-02-20 17:36:24 +00:00
else
2018-07-06 04:48:36 +00:00
popd > /dev/null || { echo "Unable to return to original directory after FTL binary download." ; return 1; }
echo -e " ${ OVER } ${ CROSS } ${ str } "
# The URL could not be found
2018-08-07 14:51:58 +00:00
echo -e " ${ COL_LIGHT_RED } Error: URL ${ url } / ${ binary } not found ${ COL_NC } "
2018-07-06 04:48:36 +00:00
return 1
fi
2017-02-20 16:24:19 +00:00
}
2018-04-02 20:53:32 +00:00
get_binary_name( ) {
2018-07-06 04:48:36 +00:00
# This gives the machine architecture which may be different from the OS architecture...
local machine
machine = $( uname -m)
local str = "Detecting architecture"
echo -ne " ${ INFO } ${ str } ... "
# If the machine is arm or aarch
if [ [ " ${ machine } " = = "arm" * || " ${ machine } " = = *"aarch" * ] ] ; then
# ARM
#
local rev
rev = $( uname -m | sed "s/[^0-9]//g;" )
#
local lib
lib = $( ldd /bin/ls | grep -E '^\s*/lib' | awk '{ print $1 }' )
#
if [ [ " ${ lib } " = = "/lib/ld-linux-aarch64.so.1" ] ] ; then
echo -e " ${ OVER } ${ TICK } Detected ARM-aarch64 architecture "
# set the binary to be used
binary = "pihole-FTL-aarch64-linux-gnu"
#
elif [ [ " ${ lib } " = = "/lib/ld-linux-armhf.so.3" ] ] ; then
#
if [ [ " ${ rev } " -gt 6 ] ] ; then
echo -e " ${ OVER } ${ TICK } Detected ARM-hf architecture (armv7+) "
# set the binary to be used
binary = "pihole-FTL-arm-linux-gnueabihf"
# Otherwise,
else
echo -e " ${ OVER } ${ TICK } Detected ARM-hf architecture (armv6 or lower) Using ARM binary "
# set the binary to be used
binary = "pihole-FTL-arm-linux-gnueabi"
fi
else
echo -e " ${ OVER } ${ TICK } Detected ARM architecture "
# set the binary to be used
binary = "pihole-FTL-arm-linux-gnueabi"
fi
elif [ [ " ${ machine } " = = "x86_64" ] ] ; then
# This gives the architecture of packages dpkg installs (for example, "i386")
local dpkgarch
dpkgarch = $( dpkg --print-architecture 2> /dev/null)
# Special case: This is a 32 bit OS, installed on a 64 bit machine
# -> change machine architecture to download the 32 bit executable
if [ [ " ${ dpkgarch } " = = "i386" ] ] ; then
echo -e " ${ OVER } ${ TICK } Detected 32bit (i686) architecture "
binary = "pihole-FTL-linux-x86_32"
else
# 64bit
echo -e " ${ OVER } ${ TICK } Detected x86_64 architecture "
# set the binary to be used
binary = "pihole-FTL-linux-x86_64"
fi
2017-02-13 15:50:48 +00:00
else
2018-07-06 04:48:36 +00:00
# Something else - we try to use 32bit executable and warn the user
if [ [ ! " ${ machine } " = = "i686" ] ] ; then
2018-07-07 04:29:20 +00:00
echo -e " ${ OVER } ${ CROSS } ${ str } ... "
echo -e " ${ INFO } ${ COL_LIGHT_RED } Not able to detect architecture (unknown: ${ machine } ), trying 32bit executable ${ COL_NC } "
echo -e " ${ INFO } Contact Pi-hole Support if you experience issues (e.g: FTL not running) "
2018-07-06 04:48:36 +00:00
else
echo -e " ${ OVER } ${ TICK } Detected 32bit (i686) architecture "
fi
binary = "pihole-FTL-linux-x86_32"
2017-02-13 13:42:11 +00:00
fi
2018-04-02 20:53:32 +00:00
}
2017-02-13 09:29:27 +00:00
2018-07-06 04:48:36 +00:00
FTLcheckUpdate( ) {
get_binary_name
2017-02-13 09:29:27 +00:00
2018-07-06 04:48:36 +00:00
#In the next section we check to see if FTL is already installed (in case of pihole -r).
#If the installed version matches the latest version, then check the installed sha1sum of the binary vs the remote sha1sum. If they do not match, then download
echo -e " ${ INFO } Checking for existing FTL binary... "
2017-07-12 21:02:07 +00:00
2018-07-06 04:48:36 +00:00
local ftlLoc
ftlLoc = $( which pihole-FTL 2>/dev/null)
2018-03-18 00:38:34 +00:00
2018-07-06 04:48:36 +00:00
local ftlBranch
2018-03-18 00:38:34 +00:00
2018-07-06 04:48:36 +00:00
if [ [ -f "/etc/pihole/ftlbranch" ] ] ; then
ftlBranch = $( </etc/pihole/ftlbranch)
else
ftlBranch = "master"
2018-05-01 20:59:12 +00:00
fi
2018-07-06 04:48:36 +00:00
local remoteSha1
local localSha1
2018-04-02 20:53:32 +00:00
2018-07-06 04:48:36 +00:00
# if dnsmasq exists and is running at this point, force reinstall of FTL Binary
2018-07-29 01:12:05 +00:00
if which dnsmasq & > /dev/null; then
2018-07-06 04:48:36 +00:00
if check_service_active "dnsmasq" ; then
return 0
fi
2018-04-02 20:53:32 +00:00
fi
2017-07-24 22:22:04 +00:00
2018-07-06 04:48:36 +00:00
if [ [ ! " ${ ftlBranch } " = = "master" ] ] ; then
#Check whether or not the binary for this FTL branch actually exists. If not, then there is no update!
local path
path = " ${ ftlBranch } / ${ binary } "
# shellcheck disable=SC1090
if ! check_download_exists " $path " ; then
echo -e " ${ INFO } Branch \" ${ ftlBranch } \" is not available.\\n ${ INFO } Use ${ COL_LIGHT_GREEN } pihole checkout ftl [branchname] ${ COL_NC } to switch to a valid branch. "
return 2
fi
2017-07-12 21:02:07 +00:00
2018-07-06 04:48:36 +00:00
if [ [ ${ ftlLoc } ] ] ; then
# We already have a pihole-FTL binary downloaded.
# Alt branches don't have a tagged version against them, so just confirm the checksum of the local vs remote to decide whether we download or not
remoteSha1 = $( curl -sSL --fail " https://ftl.pi-hole.net/ ${ ftlBranch } / ${ binary } .sha1 " | cut -d ' ' -f 1)
localSha1 = $( sha1sum " $( which pihole-FTL) " | cut -d ' ' -f 1)
if [ [ " ${ remoteSha1 } " != " ${ localSha1 } " ] ] ; then
echo -e " ${ INFO } Checksums do not match, downloading from ftl.pi-hole.net. "
return 0
else
echo -e " ${ INFO } Checksum of installed binary matches remote. No need to download! "
return 1
fi
2018-03-06 18:44:57 +00:00
else
2018-07-06 04:48:36 +00:00
return 0
2018-03-06 18:44:57 +00:00
fi
else
2018-07-06 04:48:36 +00:00
if [ [ ${ ftlLoc } ] ] ; then
local FTLversion
FTLversion = $( /usr/bin/pihole-FTL tag)
local FTLlatesttag
FTLlatesttag = $( curl -sI https://github.com/pi-hole/FTL/releases/latest | grep 'Location' | awk -F '/' '{print $NF}' | tr -d '\r\n' )
if [ [ " ${ FTLversion } " != " ${ FTLlatesttag } " ] ] ; then
return 0
else
echo -e " ${ INFO } Latest FTL Binary already installed ( ${ FTLlatesttag } ). Confirming Checksum... "
remoteSha1 = $( curl -sSL --fail " https://github.com/pi-hole/FTL/releases/download/ ${ FTLversion % $'\r' } / ${ binary } .sha1 " | cut -d ' ' -f 1)
localSha1 = $( sha1sum " $( which pihole-FTL) " | cut -d ' ' -f 1)
if [ [ " ${ remoteSha1 } " != " ${ localSha1 } " ] ] ; then
echo -e " ${ INFO } Corruption detected... "
return 0
else
echo -e " ${ INFO } Checksum correct. No need to download! "
return 1
fi
fi
else
return 0
fi
2018-03-06 18:44:57 +00:00
fi
2018-04-02 20:53:32 +00:00
}
# Detect suitable FTL binary platform
FTLdetect( ) {
2018-07-06 04:48:36 +00:00
echo ""
echo -e " ${ INFO } FTL Checks... "
2018-04-02 20:53:32 +00:00
2018-07-06 04:48:36 +00:00
if FTLcheckUpdate ; then
FTLinstall " ${ binary } " || return 1
fi
2018-04-02 20:53:32 +00:00
2018-07-06 04:48:36 +00:00
echo ""
2018-01-20 13:55:48 +00:00
}
2017-07-25 21:49:06 +00:00
2018-01-20 13:55:48 +00:00
make_temporary_log( ) {
2018-07-06 04:48:36 +00:00
# Create a random temporary file for the log
TEMPLOG = $( mktemp /tmp/pihole_temp.XXXXXX)
# Open handle 3 for templog
# https://stackoverflow.com/questions/18460186/writing-outputs-to-log-file-and-console
exec 3>" $TEMPLOG "
# Delete templog, but allow for addressing via file handle
# This lets us write to the log without having a temporary file on the drive, which
# is meant to be a security measure so there is not a lingering file on the drive during the install process
rm " $TEMPLOG "
2018-01-20 13:55:48 +00:00
}
2017-02-13 13:47:06 +00:00
2018-01-20 13:55:48 +00:00
copy_to_install_log( ) {
2018-07-06 04:48:36 +00:00
# Copy the contents of file descriptor 3 into the install log
# Since we use color codes such as '\e[1;33m', they should be removed
sed 's/ \[[0-9;]\{1,5\}m//g' < /proc/$$ /fd/3 > " ${ installLogLoc } "
2017-02-13 10:07:29 +00:00
}
2017-02-13 09:29:27 +00:00
2016-10-08 19:17:04 +00:00
main( ) {
2018-07-06 04:48:36 +00:00
######## FIRST CHECK ########
# Must be root to install
local str = "Root user check"
echo ""
# If the user's id is zero,
if [ [ " ${ EUID } " -eq 0 ] ] ; then
# they are root and all is good
echo -e " ${ TICK } ${ str } "
# Show the Pi-hole logo so people know it's genuine since the logo and name are trademarked
show_ascii_berry
make_temporary_log
2017-07-07 00:25:56 +00:00
# Otherwise,
2017-01-01 14:45:03 +00:00
else
2018-07-06 04:48:36 +00:00
# They do not have enough privileges, so let the user know
2018-07-07 04:29:20 +00:00
echo -e " ${ CROSS } ${ str } "
echo -e " ${ INFO } ${ COL_LIGHT_RED } Script called with non-root privileges ${ COL_NC } "
echo -e " ${ INFO } The Pi-hole requires elevated privileges to install and run "
echo -e " ${ INFO } Please check the installer for any concerns regarding this requirement "
echo -e " ${ INFO } Make sure to download this script from a trusted source\\n "
2018-07-06 04:48:36 +00:00
echo -ne " ${ INFO } Sudo utility check "
# If the sudo command exists,
if command -v sudo & > /dev/null; then
echo -e " ${ OVER } ${ TICK } Sudo utility check "
# Download the install script and run it with admin rights
exec curl -sSL https://raw.githubusercontent.com/pi-hole/pi-hole/master/automated%20install/basic-install.sh | sudo bash " $@ "
exit $?
# Otherwise,
else
# Let them know they need to run it as root
2018-07-07 04:29:20 +00:00
echo -e " ${ OVER } ${ CROSS } Sudo utility check "
echo -e " ${ INFO } Sudo is needed for the Web Interface to run pihole commands\\n "
echo -e " ${ INFO } ${ COL_LIGHT_RED } Please re-run this installer as root ${ COL_NC } "
2018-07-06 04:48:36 +00:00
exit 1
fi
fi
# Check for supported distribution
distro_check
# If the setup variable file exists,
if [ [ -f " ${ setupVars } " ] ] ; then
# if it's running unattended,
if [ [ " ${ runUnattended } " = = true ] ] ; then
echo -e " ${ INFO } Performing unattended setup, no whiptail dialogs will be displayed "
# Use the setup variables
useUpdateVars = true
2018-08-05 15:09:56 +00:00
# also disable debconf-apt-progress dialogs
export DEBIAN_FRONTEND = "noninteractive"
2018-07-06 04:48:36 +00:00
# Otherwise,
else
# show the available options (repair/reconfigure)
update_dialogs
fi
fi
# Start the installer
# Verify there is enough disk space for the install
if [ [ " ${ skipSpaceCheck } " = = true ] ] ; then
echo -e " ${ INFO } Skipping free disk space verification "
2016-12-21 01:22:57 +00:00
else
2018-07-06 04:48:36 +00:00
verifyFreeDiskSpace
fi
# Update package cache
update_package_cache || exit 1
# Notify user of package availability
notify_package_updates_available
# Install packages used by this installation script
install_dependent_packages INSTALLER_DEPS[ @]
# Check if SELinux is Enforcing
checkSelinux
if [ [ " ${ useUpdateVars } " = = false ] ] ; then
# Display welcome dialogs
welcomeDialogs
# Create directory for Pi-hole storage
mkdir -p /etc/pihole/
# Determine available interfaces
get_available_interfaces
# Find interfaces and let the user choose one
chooseInterface
# Decide what upstream DNS Servers to use
setDNS
# Give the user a choice of blocklists to include in their install. Or not.
chooseBlocklists
# Let the user decide if they want to block ads over IPv4 and/or IPv6
use4andor6
# Let the user decide if they want the web interface to be installed automatically
setAdminFlag
# Let the user decide if they want query logging enabled...
setLogging
2017-07-26 13:34:40 +00:00
else
2018-08-12 21:19:16 +00:00
# Setup adlist file if not exists
installDefaultBlocklists
2018-07-06 04:48:36 +00:00
# Source ${setupVars} to use predefined user variables in the functions
source ${ setupVars }
fi
# Clone/Update the repos
clone_or_update_repos
# Install the Core dependencies
local dep_install_list = ( " ${ PIHOLE_DEPS [@] } " )
if [ [ " ${ INSTALL_WEB_SERVER } " = = true ] ] ; then
# Install the Web dependencies
dep_install_list += ( " ${ PIHOLE_WEB_DEPS [@] } " )
fi
install_dependent_packages dep_install_list[ @]
unset dep_install_list
# On some systems, lighttpd is not enabled on first install. We need to enable it here if the user
# has chosen to install the web interface, else the `LIGHTTPD_ENABLED` check will fail
if [ [ " ${ INSTALL_WEB_SERVER } " = = true ] ] ; then
enable_service lighttpd
fi
# Determine if lighttpd is correctly enabled
if check_service_active "lighttpd" ; then
LIGHTTPD_ENABLED = true
2017-07-16 15:44:14 +00:00
else
2018-07-06 04:48:36 +00:00
LIGHTTPD_ENABLED = false
2017-07-16 15:44:14 +00:00
fi
2017-01-28 15:25:02 +00:00
2018-07-06 04:48:36 +00:00
# Install and log everything to a file
installPihole | tee -a /proc/$$ /fd/3
2018-05-14 09:38:12 +00:00
2018-07-06 04:48:36 +00:00
# Copy the temp log file into final log location for storage
copy_to_install_log
2017-02-21 10:18:47 +00:00
2018-07-06 04:48:36 +00:00
if [ [ " ${ INSTALL_WEB_INTERFACE } " = = true ] ] ; then
# Add password to web UI if there is none
pw = ""
# If no password is set,
if [ [ $( grep 'WEBPASSWORD' -c /etc/pihole/setupVars.conf) = = 0 ] ] ; then
# generate a random password
pw = $( tr -dc _A-Z-a-z-0-9 < /dev/urandom | head -c 8)
# shellcheck disable=SC1091
2018-07-17 05:36:58 +00:00
. /opt/pihole/webpage.sh
2018-07-06 04:48:36 +00:00
echo " WEBPASSWORD= $( HashPassword ${ pw } ) " >> ${ setupVars }
fi
fi
2018-07-26 23:27:06 +00:00
# Check for and disable systemd-resolved-DNSStubListener before reloading resolved
2018-07-06 04:48:36 +00:00
# DNSStubListener needs to remain in place for installer to download needed files,
# so this change needs to be made after installation is complete,
2018-07-26 23:27:06 +00:00
# but before starting or resarting the dnsmasq or ftl services
disable_resolved_stublistener
2018-07-06 04:48:36 +00:00
# If the Web server was installed,
if [ [ " ${ INSTALL_WEB_SERVER } " = = true ] ] ; then
if [ [ " ${ LIGHTTPD_ENABLED } " = = true ] ] ; then
start_service lighttpd
enable_service lighttpd
else
echo -e " ${ INFO } Lighttpd is disabled, skipping service restart "
fi
fi
echo -e " ${ INFO } Restarting services... "
# Start services
2018-07-26 23:27:06 +00:00
2018-08-20 20:52:22 +00:00
# Enable FTL
2018-08-16 15:52:47 +00:00
# Ensure the service is enabled before trying to start it
# Fixes a problem reported on Ubuntu 18.04 where trying to start
# the service before enabling causes installer to exit
2018-07-06 04:48:36 +00:00
enable_service pihole-FTL
2018-08-16 15:52:47 +00:00
start_service pihole-FTL
2017-09-20 07:29:11 +00:00
2018-07-06 04:48:36 +00:00
# Download and compile the aggregated block list
runGravity
2017-10-28 13:40:48 +00:00
2018-07-06 04:48:36 +00:00
# Force an update of the updatechecker
/opt/pihole/updatecheck.sh
/opt/pihole/updatecheck.sh x remote
2017-06-29 01:18:52 +00:00
2018-07-06 04:48:36 +00:00
if [ [ " ${ useUpdateVars } " = = false ] ] ; then
displayFinalMessage " ${ pw } "
2017-06-21 11:49:05 +00:00
fi
2017-01-28 15:25:02 +00:00
2017-07-07 00:25:56 +00:00
# If the Web interface was installed,
2018-04-15 01:08:16 +00:00
if [ [ " ${ INSTALL_WEB_INTERFACE } " = = true ] ] ; then
2018-07-06 04:48:36 +00:00
# If there is a password,
if ( ( ${# pw } > 0 ) ) ; then
# display the password
2018-07-07 04:29:20 +00:00
echo -e " ${ INFO } Web Interface password: ${ COL_LIGHT_GREEN } ${ pw } ${ COL_NC } "
echo -e " ${ INFO } This can be changed using 'pihole -a -p'\\n "
2018-07-06 04:48:36 +00:00
fi
fi
if [ [ " ${ useUpdateVars } " = = false ] ] ; then
# If the Web interface was installed,
if [ [ " ${ INSTALL_WEB_INTERFACE } " = = true ] ] ; then
2018-07-07 04:29:20 +00:00
echo -e " ${ INFO } View the web interface at http://pi.hole/admin or http:// ${ IPV4_ADDRESS %/* } /admin "
2018-07-06 04:48:36 +00:00
echo ""
fi
# Explain to the user how to use Pi-hole as their DNS server
2018-07-07 04:29:20 +00:00
echo -e " ${ INFO } You may now configure your devices to use the Pi-hole as their DNS server "
2018-07-06 04:48:36 +00:00
[ [ -n " ${ IPV4_ADDRESS %/* } " ] ] && echo -e " ${ INFO } Pi-hole DNS (IPv4): ${ IPV4_ADDRESS %/* } "
[ [ -n " ${ IPV6_ADDRESS } " ] ] && echo -e " ${ INFO } Pi-hole DNS (IPv6): ${ IPV6_ADDRESS } "
2018-07-07 04:29:20 +00:00
echo -e " ${ INFO } If you set a new IP address, please restart the server running the Pi-hole "
2018-07-06 04:48:36 +00:00
INSTALL_TYPE = "Installation"
else
INSTALL_TYPE = "Update"
fi
2017-06-29 01:18:52 +00:00
2018-07-06 04:48:36 +00:00
# Display where the log file is
echo -e " \\n ${ INFO } The install log is located at: ${ installLogLoc }
${ COL_LIGHT_GREEN } ${ INSTALL_TYPE } Complete! ${ COL_NC } "
2017-07-26 13:34:40 +00:00
2018-07-06 04:48:36 +00:00
if [ [ " ${ INSTALL_TYPE } " = = "Update" ] ] ; then
echo ""
/usr/local/bin/pihole version --current
fi
2016-10-08 19:17:04 +00:00
}
2016-11-04 03:34:04 +00:00
if [ [ " ${ PH_TEST } " != true ] ] ; then
2018-07-06 04:48:36 +00:00
main " $@ "
2016-10-11 04:14:39 +00:00
fi