pi-hole/advanced/Templates/pihole-FTL-prestart.sh

#!/usr/bin/env sh

# Source utils.sh for getFTLConfigValue()
PI_HOLE_SCRIPT_DIR='/opt/pihole'
utilsfile="${PI_HOLE_SCRIPT_DIR}/utils.sh"
# shellcheck disable=SC1090
. "${utilsfile}"

# Get file paths
FTL_PID_FILE="$(getFTLConfigValue files.pid)"

# Ensure that permissions are set so that pihole-FTL can edit all necessary files
# shellcheck disable=SC2174
mkdir -pm 0640 /var/log/pihole
chown -R pihole:pihole /etc/pihole /var/log/pihole
chmod -R 0640 /var/log/pihole
chmod -R 0660 /etc/pihole

# Logrotate config file need to be owned by root and must not be writable by group and others
chown root:root /etc/pihole/logrotate
chmod 0644 /etc/pihole/logrotate

# allow all users to enter the directories
chmod 0755 /etc/pihole /var/log/pihole

# allow pihole to access subdirs in /etc/pihole (sets execution bit on dirs)
# credits https://stackoverflow.com/a/11512211
find /etc/pihole -type d -exec chmod 0755 {} \;

# Touch files to ensure they exist (create if non-existing, preserve if existing)
[ -f "${FTL_PID_FILE}" ] || install -D -m 644 -o pihole -g pihole /dev/null "${FTL_PID_FILE}"
[ -f /var/log/pihole/FTL.log ] || install -m 640 -o pihole -g pihole /dev/null /var/log/pihole/FTL.log
[ -f /var/log/pihole/pihole.log ] || install -m 640 -o pihole -g pihole /dev/null /var/log/pihole/pihole.log
[ -f /etc/pihole/dhcp.leases ] || install -m 644 -o pihole -g pihole /dev/null /etc/pihole/dhcp.leases
Add native systemd service Inspired by: https://github.com/pi-hole/pi-hole/pull/2112 A pre-start and a post-stop script are added to reduce doubled setup and cleanup code. Since systemd services do not natively support dynamic users, test once whether capabilities are supported during install/update, and remove User=pihole otherwise. Signed-off-by: MichaIng <micha@dietpi.com> Co-authored-by: DL6ER <dl6er@dl6er.de> 2022-09-18 19:44:06 +00:00			`#!/usr/bin/env sh`

Remove obsolet getFTLPIDFile() We can get the path of the PID file via getFTLConfigValue files.pid Signed-off-by: Christian König <github@yubiuser.dev> 2024-07-27 19:55:18 +00:00			`# Source utils.sh for getFTLConfigValue()`
Add native systemd service Inspired by: https://github.com/pi-hole/pi-hole/pull/2112 A pre-start and a post-stop script are added to reduce doubled setup and cleanup code. Since systemd services do not natively support dynamic users, test once whether capabilities are supported during install/update, and remove User=pihole otherwise. Signed-off-by: MichaIng <micha@dietpi.com> Co-authored-by: DL6ER <dl6er@dl6er.de> 2022-09-18 19:44:06 +00:00			`PI_HOLE_SCRIPT_DIR='/opt/pihole'`
			`utilsfile="${PI_HOLE_SCRIPT_DIR}/utils.sh"`
			`# shellcheck disable=SC1090`
			`. "${utilsfile}"`

			`# Get file paths`
Remove obsolet getFTLPIDFile() We can get the path of the PID file via getFTLConfigValue files.pid Signed-off-by: Christian König <github@yubiuser.dev> 2024-07-27 19:55:18 +00:00			`FTL_PID_FILE="$(getFTLConfigValue files.pid)"`
Add native systemd service Inspired by: https://github.com/pi-hole/pi-hole/pull/2112 A pre-start and a post-stop script are added to reduce doubled setup and cleanup code. Since systemd services do not natively support dynamic users, test once whether capabilities are supported during install/update, and remove User=pihole otherwise. Signed-off-by: MichaIng <micha@dietpi.com> Co-authored-by: DL6ER <dl6er@dl6er.de> 2022-09-18 19:44:06 +00:00
			`# Ensure that permissions are set so that pihole-FTL can edit all necessary files`
Allow pihole to access subdirs in /etc/pihole Signed-off-by: Christian König <ckoenig@posteo.de> 2023-10-13 17:59:29 +00:00			`# shellcheck disable=SC2174`
			`mkdir -pm 0640 /var/log/pihole`
Remove traces of /run/pihole Signed-off-by: Christian König <ckoenig@posteo.de> 2023-08-05 12:54:09 +00:00			`chown -R pihole:pihole /etc/pihole /var/log/pihole`
Re-add file/folder permissions Signed-off-by: Christian König <ckoenig@posteo.de> 2023-08-04 19:12:40 +00:00			`chmod -R 0640 /var/log/pihole`
Apply suggestions from code review Co-authored-by: DL6ER <dl6er@dl6er.de> Signed-off-by: Christian König <ckoenig@posteo.de> 2023-08-06 10:04:55 +00:00			`chmod -R 0660 /etc/pihole`
Allow pihole to access subdirs in /etc/pihole Signed-off-by: Christian König <ckoenig@posteo.de> 2023-10-13 17:59:29 +00:00
Logrotate config file needs to be owned by root Signed-off-by: Christian König <ckoenig@posteo.de> 2023-10-18 20:09:38 +00:00			`# Logrotate config file need to be owned by root and must not be writable by group and others`
			`chown root:root /etc/pihole/logrotate`
			`chmod 0644 /etc/pihole/logrotate`

Apply suggestions from code review Co-authored-by: DL6ER <dl6er@dl6er.de> Signed-off-by: Christian König <ckoenig@posteo.de> 2023-08-06 10:04:55 +00:00			`# allow all users to enter the directories`
Remove traces of /run/pihole Signed-off-by: Christian König <ckoenig@posteo.de> 2023-08-05 12:54:09 +00:00			`chmod 0755 /etc/pihole /var/log/pihole`
Add native systemd service Inspired by: https://github.com/pi-hole/pi-hole/pull/2112 A pre-start and a post-stop script are added to reduce doubled setup and cleanup code. Since systemd services do not natively support dynamic users, test once whether capabilities are supported during install/update, and remove User=pihole otherwise. Signed-off-by: MichaIng <micha@dietpi.com> Co-authored-by: DL6ER <dl6er@dl6er.de> 2022-09-18 19:44:06 +00:00
Allow pihole to access subdirs in /etc/pihole Signed-off-by: Christian König <ckoenig@posteo.de> 2023-10-13 17:59:29 +00:00			`# allow pihole to access subdirs in /etc/pihole (sets execution bit on dirs)`
			`# credits https://stackoverflow.com/a/11512211`
			`find /etc/pihole -type d -exec chmod 0755 {} \;`

			`# Touch files to ensure they exist (create if non-existing, preserve if existing)`
			`[ -f "${FTL_PID_FILE}" ] \|\| install -D -m 644 -o pihole -g pihole /dev/null "${FTL_PID_FILE}"`
			`[ -f /var/log/pihole/FTL.log ] \|\| install -m 640 -o pihole -g pihole /dev/null /var/log/pihole/FTL.log`
			`[ -f /var/log/pihole/pihole.log ] \|\| install -m 640 -o pihole -g pihole /dev/null /var/log/pihole/pihole.log`
			`[ -f /etc/pihole/dhcp.leases ] \|\| install -m 644 -o pihole -g pihole /dev/null /etc/pihole/dhcp.leases`