Pi-hole/pi-hole
Pi-hole/pi-hole
1
0
Fork 0
mirror of https://github.com/pi-hole/pi-hole.git synced 2025-04-24 00:00:14 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge branch 'master' of https://github.com/pi-hole/pi-hole into dev

Browse source
This commit is contained in:
arevindh 2018-12-11 08:44:10 +05:30
commit 12eca943d3
20 changed files with 741 additions and 588 deletions
Download patch file Download diff file Expand all files Collapse all files

23
advanced/01-pihole.conf
View file

@ -1,13 +1,11 @@
# Pi-hole: A black hole for Internet advertisements
# (c) 2015, 2016 by Jacob Salmela
# Network-wide ad blocking via your Raspberry Pi
# http://pi-hole.net
# dnsmasq config for Pi-hole
# (c) 2017 Pi-hole, LLC (https://pi-hole.net)
# Network-wide ad blocking via your own hardware.
#
# Pi-hole is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 2 of the License, or
# (at your option) any later version.
# Dnsmasq config for Pi-hole's FTLDNS
#
# This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license.
###############################################################################
# FILE AUTOMATICALLY POPULATED BY PI-HOLE INSTALL/UPDATE PROCEDURE. #
@ -16,14 +14,17 @@
# IF YOU WISH TO CHANGE THE UPSTREAM SERVERS, CHANGE THEM IN: #
# /etc/pihole/setupVars.conf #
# #
# ANY OTHER CHANGES SHOULD BE MADE IN A SEPERATE CONFIG FILE #
# OR IN /etc/dnsmasq.conf #
# ANY OTHER CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE #
# WITHIN /etc/dnsmasq.d/yourname.conf #
###############################################################################
addn-hosts=/etc/pihole/gravity.list
addn-hosts=/etc/pihole/black.list
addn-hosts=/etc/pihole/local.list
user=pihole
group=pihole
domain-needed
localise-queries
@ -39,7 +40,7 @@ interface=@INT@
cache-size=10000
log-queries=extra
log-queries
log-facility=/var/log/pihole.log
local-ttl=2

5
advanced/Scripts/chronometer.sh
View file

@ -8,6 +8,7 @@
#
# This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license.
LC_ALL=C
LC_NUMERIC=C
# Retrieve stats from FTL engine
@ -243,7 +244,7 @@ get_sys_stats() {
disk_total="${disk_raw[1]}"
disk_perc="${disk_raw[2]}"
net_gateway=$(route -n | awk '$4 == "UG" {print $2;exit}')
net_gateway=$(ip route | grep default | cut -d ' ' -f 3 | head -n 1)
# Get DHCP stats, if feature is enabled
if [[ "$DHCP_ACTIVE" == "true" ]]; then
@ -478,7 +479,7 @@ chronoFunc() {
${COL_LIGHT_RED}Press Ctrl-C to exit${COL_NC}
${COL_DARK_GRAY}$scr_line_str${COL_NC}"
else
echo -e "|¯¯¯(¯)_|¯|_ ___|¯|___$phc_ver_str| ¯_/¯|_| ' \\/ _ \\ / -_)$lte_ver_str|_| |_| |_||_\\___/_\\___|$ftl_ver_str ${COL_DARK_GRAY}$scr_line_str${COL_NC}"
echo -e "|¯¯¯(¯)_|¯|_ ___|¯|___$phc_ver_str\\n| ¯_/¯|_| ' \\/ _ \\ / -_)$lte_ver_str\\n|_| |_| |_||_\\___/_\\___|$ftl_ver_str\\n ${COL_DARK_GRAY}$scr_line_str${COL_NC}"
fi
printFunc " Hostname: " "$sys_name" "$host_info"

1
advanced/Scripts/list.sh
View file

@ -13,6 +13,7 @@ basename=pihole
piholeDir=/etc/"${basename}"
whitelist="${piholeDir}"/whitelist.txt
blacklist="${piholeDir}"/blacklist.txt
readonly regexlist="/etc/pihole/regex.list"
reload=false
addmode=true

24
advanced/Scripts/piholeDebug.sh
View file

@ -119,7 +119,7 @@ PIHOLE_WEB_SERVER_ERROR_LOG_FILE="${WEB_SERVER_LOG_DIRECTORY}/error.log"
#SUPPORTED_OS=("Raspbian" "Ubuntu" "Fedora" "Debian" "CentOS")
# Store Pi-hole's processes in an array for easy use and parsing
PIHOLE_PROCESSES=( "dnsmasq" "lighttpd" "pihole-FTL" )
PIHOLE_PROCESSES=( "lighttpd" "pihole-FTL" )
# Store the required directories in an array so it can be parsed through
#REQUIRED_DIRECTORIES=("${CORE_GIT_DIRECTORY}"
@ -337,8 +337,6 @@ get_program_version() {
case "${program_name}" in
"lighttpd") program_version="$(${program_name} -v |& head -n1 | cut -d '/' -f2 | cut -d ' ' -f1)"
;;
"dnsmasq") program_version="$(${program_name} -v |& head -n1 | awk '{print $3}')"
;;
"php") program_version="$(${program_name} -v |& head -n1 | cut -d '-' -f1 | cut -d ' ' -f2)"
;;
# If a match is not found, show an error
@ -358,7 +356,6 @@ get_program_version() {
# and their versions, using the functions above.
check_critical_program_versions() {
# Use the function created earlier and bundle them into one function that checks all the version numbers
get_program_version "dnsmasq"
get_program_version "lighttpd"
get_program_version "php"
}
@ -640,11 +637,12 @@ ping_internet() {
compare_port_to_service_assigned() {
local service_name="${1}"
# The programs we use may change at some point, so they are in a varible here
local resolver="dnsmasq"
local resolver="pihole-FTL"
local web_server="lighttpd"
local ftl="pihole-FTL"
# If the service is a Pi-hole service, highlight it in green
if [[ "${service_name}" == "${resolver}" ]] || [[ "${service_name}" == "${web_server}" ]] || [[ "${service_name}" == "${ftl}" ]]; then
# if port 53 is dnsmasq, show it in green as it's standard
log_write "[${COL_GREEN}${port_number}${COL_NC}] is in use by ${COL_GREEN}${service_name}${COL_NC}"
# Otherwise,
else
@ -657,7 +655,7 @@ check_required_ports() {
echo_current_diagnostic "Ports in use"
# Since Pi-hole needs 53, 80, and 4711, check what they are being used by
# so we can detect any issues
local resolver="dnsmasq"
local resolver="pihole-FTL"
local web_server="lighttpd"
local ftl="pihole-FTL"
# Create an array for these ports in use
@ -682,7 +680,7 @@ check_required_ports() {
continue
fi
# Use a case statement to determine if the right services are using the right ports
case "${port_number}" in
case "$(echo "$port_number" | rev | cut -d: -f1 | rev)" in
53) compare_port_to_service_assigned "${resolver}"
;;
80) compare_port_to_service_assigned "${web_server}"
@ -836,9 +834,13 @@ process_status(){
local status_of_process
status_of_process=$(systemctl is-active "${i}")
else
# Otherwise, use the service command
# Otherwise, use the service command and mock the output of `systemctl is-active`
local status_of_process
status_of_process=$(service "${i}" status | awk '/Active:/ {print $2}') &> /dev/null
if service "${i}" status | grep -E 'is\srunning' &> /dev/null; then
status_of_process="active"
else
status_of_process="inactive"
fi
fi
# and print it out to the user
if [[ "${status_of_process}" == "active" ]]; then
@ -907,7 +909,7 @@ parse_file() {
#shellcheck disable=SC2016
IFS=$'\r\n' command eval 'file_info=( $(cat "${filename}") )'
else
read -a file_info <<< $filename
read -r -a file_info <<< "$filename"
fi
# Set a named variable for better readability
local file_lines

2
advanced/Scripts/piholeLogFlush.sh
View file

@ -58,6 +58,8 @@ else
# Delete most recent 24 hours from FTL's database, leave even older data intact (don't wipe out all history)
deleted=$(sqlite3 "${DBFILE}" "DELETE FROM queries WHERE timestamp >= strftime('%s','now')-86400; select changes() from queries limit 1")
# Restart pihole-FTL to force reloading history
sudo pihole restartdns
fi
if [[ "$@" != *"quiet"* ]]; then

47
advanced/Scripts/updatecheck.sh
View file

@ -37,30 +37,55 @@ function get_local_version() {
git describe --long --dirty --tags || return 1
}
# Source the setupvars config file
# shellcheck disable=SC1091
. /etc/pihole/setupVars.conf
if [[ "$2" == "remote" ]]; then
if [[ "$3" == "reboot" ]]; then
sleep 30
fi
GITHUB_CORE_VERSION="$(json_extract tag_name "$(curl -q 'https://api.github.com/repos/pi-hole/pi-hole/releases/latest' 2> /dev/null)")"
GITHUB_WEB_VERSION="$(json_extract tag_name "$(curl -q 'https://api.github.com/repos/pi-hole/AdminLTE/releases/latest' 2> /dev/null)")"
GITHUB_FTL_VERSION="$(json_extract tag_name "$(curl -q 'https://api.github.com/repos/pi-hole/FTL/releases/latest' 2> /dev/null)")"
GITHUB_VERSION_FILE="/etc/pihole/GitHubVersions"
echo -n "${GITHUB_CORE_VERSION} ${GITHUB_WEB_VERSION} ${GITHUB_FTL_VERSION}" > "/etc/pihole/GitHubVersions"
GITHUB_CORE_VERSION="$(json_extract tag_name "$(curl -s 'https://api.github.com/repos/pi-hole/pi-hole/releases/latest' 2> /dev/null)")"
echo -n "${GITHUB_CORE_VERSION}" > "${GITHUB_VERSION_FILE}"
if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then
GITHUB_WEB_VERSION="$(json_extract tag_name "$(curl -s 'https://api.github.com/repos/pi-hole/AdminLTE/releases/latest' 2> /dev/null)")"
echo -n " ${GITHUB_WEB_VERSION}" >> "${GITHUB_VERSION_FILE}"
fi
GITHUB_FTL_VERSION="$(json_extract tag_name "$(curl -s 'https://api.github.com/repos/pi-hole/FTL/releases/latest' 2> /dev/null)")"
echo -n " ${GITHUB_FTL_VERSION}" >> "${GITHUB_VERSION_FILE}"
else
CORE_BRANCH="$(get_local_branch /etc/.pihole)"
WEB_BRANCH="$(get_local_branch /var/www/html/admin)"
FTL_BRANCH="$(pihole-FTL branch)"
LOCAL_BRANCH_FILE="/etc/pihole/localbranches"
echo -n "${CORE_BRANCH} ${WEB_BRANCH} ${FTL_BRANCH}" > "/etc/pihole/localbranches"
CORE_BRANCH="$(get_local_branch /etc/.pihole)"
echo -n "${CORE_BRANCH}" > "${LOCAL_BRANCH_FILE}"
if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then
WEB_BRANCH="$(get_local_branch /var/www/html/admin)"
echo -n " ${WEB_BRANCH}" >> "${LOCAL_BRANCH_FILE}"
fi
FTL_BRANCH="$(pihole-FTL branch)"
echo -n " ${FTL_BRANCH}" >> "${LOCAL_BRANCH_FILE}"
LOCAL_VERSION_FILE="/etc/pihole/localversions"
CORE_VERSION="$(get_local_version /etc/.pihole)"
WEB_VERSION="$(get_local_version /var/www/html/admin)"
FTL_VERSION="$(pihole-FTL version)"
echo -n "${CORE_VERSION}" > "${LOCAL_VERSION_FILE}"
echo -n "${CORE_VERSION} ${WEB_VERSION} ${FTL_VERSION}" > "/etc/pihole/localversions"
if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then
WEB_VERSION="$(get_local_version /var/www/html/admin)"
echo -n " ${WEB_VERSION}" >> "${LOCAL_VERSION_FILE}"
fi
FTL_VERSION="$(pihole-FTL version)"
echo -n " ${FTL_VERSION}" >> "${LOCAL_VERSION_FILE}"
fi

28
advanced/Scripts/webpage.sh
View file

@ -119,7 +119,7 @@ SetWebPassword() {
# Prevents a bug if the user presses Ctrl+C and it continues to hide the text typed.
# So we reset the terminal via stty if the user does press Ctrl+C
trap '{ echo -e "\nNo password will be set" ; stty sane ; exit 1; }' INT
read -s -p "Enter New Password (Blank for no password): " PASSWORD
read -s -r -p "Enter New Password (Blank for no password): " PASSWORD
echo ""
if [ "${PASSWORD}" == "" ]; then
@ -128,12 +128,13 @@ SetWebPassword() {
exit 0
fi
read -s -p "Confirm Password: " CONFIRM
read -s -r -p "Confirm Password: " CONFIRM
echo ""
fi
if [ "${PASSWORD}" == "${CONFIRM}" ] ; then
hash=$(HashPassword "${PASSWORD}")
# We do not wrap this in brackets, otherwise BASH will expand any appropriate syntax
hash=$(HashPassword "$PASSWORD")
# Save hash to file
change_setting "WEBPASSWORD" "${hash}"
echo -e " ${TICK} New password set"
@ -613,14 +614,24 @@ Teleporter() {
php /var/www/html/admin/scripts/pi-hole/php/teleporter.php > "pi-hole-teleporter_${datetimestamp}.zip"
}
audit()
addAudit()
{
echo "${args[2]}" >> /etc/pihole/auditlog.list
shift # skip "-a"
shift # skip "audit"
for var in "$@"
do
echo "${var}" >> /etc/pihole/auditlog.list
done
}
clearAudit()
{
echo -n "" > /etc/pihole/auditlog.list
}
SetPrivacyLevel() {
# Set privacy level. Minimum is 0, maximum is 3
if [ "${args[2]}" -ge 0 ] && [ "${args[2]}" -le 3 ]; then
# Set privacy level. Minimum is 0, maximum is 4
if [ "${args[2]}" -ge 0 ] && [ "${args[2]}" -le 4 ]; then
changeFTLsetting "PRIVACYLEVEL" "${args[2]}"
fi
}
@ -653,7 +664,8 @@ main() {
"-i" | "interface" ) SetListeningMode "$@";;
"-t" | "teleporter" ) Teleporter;;
"adlist" ) CustomizeAdLists;;
"audit" ) audit;;
"audit" ) addAudit "$@";;
"clearaudit" ) clearAudit;;
"-l" | "privacylevel" ) SetPrivacyLevel;;
"-s" | "speedtest" ) ChageSpeedTestSchedule;;
"-sd" ) UpdateSpeedTestRange;;

84
advanced/Templates/pihole-FTL.conf
View file

@ -1,84 +0,0 @@
### This file contains parameters for FTL behavior.
### At install, all parameters are commented out. The user can select desired options.
### Options shown are the default configuration. No modification is needed for most
### installations.
### Visit https://docs.pi-hole.net/ftldns/configfile/ for more detailed parameter explanations
## Socket Listening
## Listen only for local socket connections or permit all connections
## Options: localonly, all
#SOCKET_LISTENING=localonly
## Query Display
## Display all queries? Set to no to hide query display
## Options: yes, no
#QUERY_DISPLAY=yes
## AAA Query Analysis
## Allow FTL to analyze AAAA queries from pihole.log?
## Options: yes, no
#AAAA_QUERY_ANALYSIS=yes
## Resolve IPv6
## Should FTL try to resolve IPv6 addresses to host names?
## Options: yes, no
#RESOLVE_IPV6=yes
## Resolve IPv4
## Should FTL try to resolve IPv4 addresses to host names?
## Options: yes, no
#RESOLVE_IPV4=yes
## Max Database Days
## How long should queries be stored in the database (days)?
## Setting this to 0 disables the database
## See: https://docs.pi-hole.net/ftldns/database/
## Options: number of days
#MAXDBDAYS=365
## Database Interval
## How often do we store queries in FTL's database (minutes)?
## See: https://docs.pi-hole.net/ftldns/database/
## Options: number of minutes
#DBINTERVAL=1.0
## Database File
## Specify path and filename of FTL's SQLite3 long-term database.
## Setting this to DBFILE= disables the database altogether
## See: https://docs.pi-hole.net/ftldns/database/
## Option: path to db file
#DBFILE=/etc/pihole/pihole-FTL.db
## Max Log Age
## Up to how many hours of queries should be imported from the database and logs (hours)?
## Maximum is 744 (31 days)
## Options: number of days
#MAXLOGAGE=24.0
## FTL Port
## On which port should FTL be listening?
## Options: tcp port
#FTLPORT=4711
## Privacy Level
## Which privacy level is used?
## See: https://docs.pi-hole.net/ftldns/privacylevels/
## Options: 0, 1, 2, 3
#PRIVACYLEVEL=0
## Ignore Localhost
## Should FTL ignore queries coming from the local machine?
## Options: yes, no
#IGNORE_LOCALHOST=no
## Blocking Mode
## How should FTL reply to blocked queries?
## See: https://docs.pi-hole.net/ftldns/blockingmode/
## Options: NULL, IP-AAAA-NODATA, IP, NXDOMAIN
#BLOCKINGMODE=NULL
## Regex Debug Mode
## Controls if FTLDNS should print extended details about regex matching into pihole-FTL.log.
## See: https://docs.pi-hole.net/ftldns/regex/overview/
## Options: true, false
#REGEX_DEBUGMODE=false

21
advanced/Templates/pihole-FTL.service
View file

@ -26,17 +26,26 @@ start() {
if is_running; then
echo "pihole-FTL is already running"
else
touch /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole.log
# Touch files to ensure they exist (create if non-existing, preserve if existing)
touch /var/log/pihole-FTL.log /var/log/pihole.log
touch /run/pihole-FTL.pid /run/pihole-FTL.port
touch /etc/pihole/dhcp.leases
mkdir -p /var/run/pihole
mkdir -p /var/log/pihole
chown pihole:pihole /var/run/pihole /var/log/pihole
rm /var/run/pihole/FTL.sock 2> /dev/null
chown pihole:pihole /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port
chown pihole:pihole /etc/pihole /etc/pihole/dhcp.leases /var/log/pihole.log
# Ensure that permissions are set so that pihole-FTL can edit all necessary files
chown pihole:pihole /run/pihole-FTL.pid /run/pihole-FTL.port
chown pihole:pihole /etc/pihole /etc/pihole/dhcp.leases 2> /dev/null
chown pihole:pihole /var/log/pihole-FTL.log /var/log/pihole.log
chmod 0644 /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole.log
setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN+eip "$(which pihole-FTL)"
echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo.piholeFTL
su -s /bin/sh -c "/usr/bin/pihole-FTL" "$FTLUSER"
if setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN+eip "$(which pihole-FTL)"; then
su -s /bin/sh -c "/usr/bin/pihole-FTL" "$FTLUSER"
else
echo "Warning: Starting pihole-FTL as root because setting capabilities is not supported on this system"
pihole-FTL
fi
echo
fi
}
@ -78,7 +87,7 @@ status() {
echo "[ ] pihole-FTL is not running"
exit 1
fi
}
}
### main logic ###

4
advanced/Templates/pihole.cron
View file

@ -16,7 +16,9 @@
# Pi-hole: Update the ad sources once a week on Sunday at a random time in the
# early morning. Download any updates from the adlists
59 1 * * 7 root PATH="$PATH:/usr/local/bin/" pihole updateGravity
# Squash output to log, then splat the log to stdout on error to allow for
# standard crontab job error handling.
59 1 * * 7 root PATH="$PATH:/usr/local/bin/" pihole updateGravity >/var/log/pihole_updateGravity.log || cat /var/log/pihole_updateGravity.log
# Pi-hole: Flush the log daily at 00:00
# The flush script will use logrotate if available

2
advanced/index.php
View file

@ -8,6 +8,8 @@
// Sanitise HTTP_HOST output
$serverName = htmlspecialchars($_SERVER["HTTP_HOST"]);
// Remove external ipv6 brackets if any
$serverName = preg_replace('/^\[(.*)\]$/', '${1}', $serverName);
if (!is_file("/etc/pihole/setupVars.conf"))
die("[ERROR] File not found: <code>/etc/pihole/setupVars.conf</code>");

1
advanced/lighttpd.conf.debian
View file

@ -72,4 +72,5 @@ $HTTP["url"] =~ "^/admin/\.(.*)" {
}
# Add user chosen options held in external file
# This uses include_shell instead of an include wildcard for compatibility
include_shell "cat external.conf 2>/dev/null"

1
advanced/lighttpd.conf.fedora
View file

@ -90,4 +90,5 @@ $HTTP["url"] =~ "^/admin/\.(.*)" {
}
# Add user chosen options held in external file
# This uses include_shell instead of an include wildcard for compatibility
include_shell "cat external.conf 2>/dev/null"