Pi-hole/pi-hole
Pi-hole/pi-hole
1
0
Fork 0
mirror of https://github.com/pi-hole/pi-hole.git synced 2024-12-04 20:13:17 +00:00
Code Issues Projects Releases Packages Wiki Activity

More cleanup for rpm based systems including dependacies and remove iptables firewall since it won't stay between reboots

Browse source
This commit is contained in:
Eric Warnke 2016-10-25 15:49:57 -04:00
parent 898f50d8a8
commit 0fde38176e
1 changed files with 23 additions and 28 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

51
automated install/basic-install.sh
View file

@ -71,10 +71,6 @@ fi
if [ -x "$(command -v apt-get)" ]; then if [ -x "$(command -v apt-get)" ]; then
#Debian Family #Debian Family
#Decide if php should be `php5` or just `php` (Fixes issues with Ubuntu 16.04 LTS)
phpVer="php5"
apt-get install --dry-run php5 > /dev/null 2>&1 || phpVer="php"
#############################################
PKG_MANAGER="apt-get" PKG_MANAGER="apt-get"
PKG_CACHE="/var/lib/apt/lists/" PKG_CACHE="/var/lib/apt/lists/"
UPDATE_PKG_CACHE="${PKG_MANAGER} update" UPDATE_PKG_CACHE="${PKG_MANAGER} update"
@ -82,8 +78,13 @@ if [ -x "$(command -v apt-get)" ]; then
PKG_INSTALL="${PKG_MANAGER} --yes --fix-missing install" PKG_INSTALL="${PKG_MANAGER} --yes --fix-missing install"
# grep -c will return 1 retVal on 0 matches, block this throwing the set -e with an OR TRUE # grep -c will return 1 retVal on 0 matches, block this throwing the set -e with an OR TRUE
PKG_COUNT="${PKG_MANAGER} -s -o Debug::NoLocking=true upgrade | grep -c ^Inst || true" PKG_COUNT="${PKG_MANAGER} -s -o Debug::NoLocking=true upgrade | grep -c ^Inst || true"
# #########################################
# fixes for dependancy differences
# Debian 7 doesn't have iproute2 use iproute # Debian 7 doesn't have iproute2 use iproute
${PKG_MANAGER} install --dry-run iproute2 > /dev/null 2>&1 && IPROUTE_PKG='iproute2' || IPROUTE_PKG='iproute' ${PKG_MANAGER} install --dry-run iproute2 > /dev/null 2>&1 && IPROUTE_PKG="iproute2" || IPROUTE_PKG="iproute"
# Ubuntu 16.04 LTS php / php5 fix
${PKG_MANAGER} install --dry-run php5 > /dev/null 2>&1 && phpVer="php5" || phpVer="php"
# #########################################
INSTALLER_DEPS=( apt-utils whiptail git dhcpcd5) INSTALLER_DEPS=( apt-utils whiptail git dhcpcd5)
PIHOLE_DEPS=( dnsutils bc dnsmasq lighttpd ${phpVer}-common ${phpVer}-cgi curl unzip wget sudo netcat cron ${IPROUTE_PKG} ) PIHOLE_DEPS=( dnsutils bc dnsmasq lighttpd ${phpVer}-common ${phpVer}-cgi curl unzip wget sudo netcat cron ${IPROUTE_PKG} )
LIGHTTPD_USER="www-data" LIGHTTPD_USER="www-data"
@ -95,35 +96,30 @@ if [ -x "$(command -v apt-get)" ]; then
} }
elif [ -x "$(command -v rpm)" ]; then elif [ -x "$(command -v rpm)" ]; then
# Fedora Family # Fedora Family
if [ -x "$(command -v dnf)" ]; then
PKG_MANAGER="dnf" (command -v dnf >/dev/null ) && PKG_MANAGER="dnf" || PKG_MANAGER="yum"
else (grep -q "Fedora" /etc/redhat-release ) && ISFEDORA=1
PKG_MANAGER="yum" (grep -q -i "release 6." /etc/redhat-release ) && ISREL6=1
fi
PKG_CACHE="/var/cache/${PKG_MANAGER}" PKG_CACHE="/var/cache/${PKG_MANAGER}"
UPDATE_PKG_CACHE="${PKG_MANAGER} check-update" UPDATE_PKG_CACHE="${PKG_MANAGER} check-update"
PKG_UPDATE="${PKG_MANAGER} update -y" PKG_UPDATE="${PKG_MANAGER} update -y"
PKG_INSTALL="${PKG_MANAGER} install -y" PKG_INSTALL="${PKG_MANAGER} install -y"
PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l" PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l"
# We only need epel if we are not Fedora
[ ${ISFEDORA} ] || EPEL_PKG="epel-release"
${PKG_MANAGER} list procps-ng &> /dev/null && PROCPS_PKG="procps-ng" || PROCPS_PKG="procps" ${PKG_MANAGER} list procps-ng &> /dev/null && PROCPS_PKG="procps-ng" || PROCPS_PKG="procps"
${PKG_MANAGER} list nmap-ncat &> /dev/null && NCAT_PKG="nmap-ncat" || NCAT_PKG="nmap" ${PKG_MANAGER} list nmap-ncat &> /dev/null && NCAT_PKG="nmap-ncat" || NCAT_PKG="nc"
INSTALLER_DEPS=( iproute net-tools $PROCPS_PKG newt git ) INSTALLER_DEPS=( iproute net-tools $PROCPS_PKG newt git )
PIHOLE_DEPS=( epel-release bind-utils bc dnsmasq lighttpd lighttpd-fastcgi php-common php-cli php curl unzip wget findutils cronie sudo $NCAT_PKG ) PIHOLE_DEPS=( ${EPEL_PKG} bind-utils lsof bc dnsmasq lighttpd lighttpd-fastcgi php-common php-cli php curl unzip wget findutils cronie sudo $NCAT_PKG )
if grep -q 'Fedora' /etc/redhat-release; then
remove_deps=(epel-release);
PIHOLE_DEPS=( ${PIHOLE_DEPS[@]/$remove_deps} );
fi
LIGHTTPD_USER="lighttpd" LIGHTTPD_USER="lighttpd"
LIGHTTPD_GROUP="lighttpd" LIGHTTPD_GROUP="lighttpd"
LIGHTTPD_CFG="lighttpd.conf.fedora" LIGHTTPD_CFG="lighttpd.conf.fedora"
DNSMASQ_USER="nobody" DNSMASQ_USER="nobody"
package_check_install() { package_check_install() {
rpm -qa | grep ^"${1}"- > /dev/null || ${PKG_INSTALL} "${1}" ${PKG_INSTALL} "${1}"
} }
# v6 variants php is too old, install repo for php7.1 # v6 variants php is too old, install repo for php7.1
if grep -q -i "release 6." /etc/redhat-release; then [ ${ISREL6} ] && echo "::: WARNING running CentOS/RHEL 6.X, admin interface is broken"
echo "::: running CentOS/RHEL 6.X, admin interface is broken"
fi
else else
echo "OS distribution not supported" echo "OS distribution not supported"
exit exit
@ -781,14 +777,13 @@ configureFirewall() {
if [ -x "$(command -v firewall-cmd)" ]; then if [ -x "$(command -v firewall-cmd)" ]; then
firewall-cmd --state &> /dev/null && ( echo "::: Configuring firewalld for httpd and dnsmasq.." && firewall-cmd --permanent --add-port=80/tcp && firewall-cmd --permanent --add-port=53/tcp \ firewall-cmd --state &> /dev/null && ( echo "::: Configuring firewalld for httpd and dnsmasq.." && firewall-cmd --permanent --add-port=80/tcp && firewall-cmd --permanent --add-port=53/tcp \
&& firewall-cmd --permanent --add-port=53/udp && firewall-cmd --reload) || echo "::: FirewallD not enabled" && firewall-cmd --permanent --add-port=53/udp && firewall-cmd --reload) || echo "::: FirewallD not enabled"
elif [ -x "$(command -v iptables)" ]; then return
echo "::: Configuring iptables for httpd and dnsmasq.." if [ "$(command -v iptable)" ]; then
iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT iptables_out=$(iptables -L -n || :)
iptables -A INPUT -p tcp -m tcp --dport 53 -j ACCEPT (cat $iptables_out | grep -i DENY || cat $iptables_out | grep -i DROP || echo "::: IPTables firewall does not seem to be active" && return )
iptables -A INPUT -p udp -m udp --dport 53 -j ACCEPT echo "::: IPTables firewall active, please make sure ports 53/udp, 53/tcp, and 80/tcp are open"
else return
echo "::: No firewall detected.. skipping firewall configuration." echo "::: No firewall detected.. skipping firewall configuration."
fi
} }
finalExports() { finalExports() {