mirror of
https://github.com/pi-hole/pi-hole.git
synced 2024-11-15 02:42:58 +00:00
commit
1d43c0a2fa
13 changed files with 231 additions and 194 deletions
|
@ -17,9 +17,9 @@ The Pi-hole[®](https://pi-hole.net/trademark-rules-and-brand-guidelines/) is a
|
|||
- **Free**: open source software which helps ensure _you_ are the sole person in control of your privacy
|
||||
|
||||
-----
|
||||
<a href="https://www.codacy.com/app/Pi-hole/pi-hole?utm_source=github.com&utm_medium=referral&utm_content=pi-hole/pi-hole&utm_campaign=Badge_Grade"><img src="https://api.codacy.com/project/badge/Grade/c558a0f8d7124c99b02b84f0f5564238" alt="Codacy Grade"/></a>
|
||||
<a href="https://travis-ci.org/pi-hole/pi-hole"><img src="https://travis-ci.org/pi-hole/pi-hole.svg?branch=development" alt="Travis Build Status"/></a>
|
||||
<a href="https://www.bountysource.com/trackers/3011939-pi-hole-pi-hole?utm_source=3011939&utm_medium=shield&utm_campaign=TRACKER_BADGE"><img src="https://www.bountysource.com/badge/tracker?tracker_id=3011939" alt="BountySource"/></a>
|
||||
[![Codacy Badge](https://api.codacy.com/project/badge/Grade/c558a0f8d7124c99b02b84f0f5564238)](https://www.codacy.com/app/Pi-hole/pi-hole?utm_source=github.com&utm_medium=referral&utm_content=pi-hole/pi-hole&utm_campaign=Badge_Grade)
|
||||
[![Build Status](https://travis-ci.org/pi-hole/pi-hole.svg?branch=development)](https://travis-ci.org/pi-hole/pi-hole)
|
||||
[![BountySource](https://www.bountysource.com/badge/tracker?tracker_id=3011939)](https://www.bountysource.com/trackers/3011939-pi-hole-pi-hole?utm_source=3011939&utm_medium=shield&utm_campaign=TRACKER_BADGE)
|
||||
|
||||
## One-Step Automated Install
|
||||
Those who want to get started quickly and conveniently may install Pi-hole using the following command:
|
||||
|
@ -67,7 +67,7 @@ Sending a donation using our links below is **extremely helpful** in offsetting
|
|||
If you'd rather not [donate](https://pi-hole.net/donate/) (_which is okay!_), there are other ways you can help support us:
|
||||
- [Patreon](https://patreon.com/pihole) _Become a patron for rewards_
|
||||
- [Digital Ocean](http://www.digitalocean.com/?refcode=344d234950e1) _affiliate link_
|
||||
- [Stickermule](https://www.stickermule.com/unlock?ref_id=6055890701&utm_medium=link&utm_source=invite) _earn a $10 credit after your first purchase_
|
||||
- [Stickermule](https://www.stickermule.com/unlock?ref_id=9127301701&utm_medium=link&utm_source=invite) _earn a $10 credit after your first purchase_
|
||||
- [Pi-hole Swag Store](https://pi-hole.net/shop/) _affiliate link_
|
||||
- [Amazon](http://www.amazon.com/exec/obidos/redirect-home/pihole09-20) _affiliate link_
|
||||
- [DNS Made Easy](https://cp.dnsmadeeasy.com/u/133706) _affiliate link_
|
||||
|
|
|
@ -444,6 +444,9 @@ get_strings() {
|
|||
}
|
||||
|
||||
chronoFunc() {
|
||||
local extra_arg="$1"
|
||||
local extra_value="$2"
|
||||
|
||||
get_init_stats
|
||||
|
||||
for (( ; ; )); do
|
||||
|
@ -461,10 +464,8 @@ chronoFunc() {
|
|||
fi
|
||||
|
||||
# Get refresh number
|
||||
if [[ "$*" == *"-r"* ]]; then
|
||||
num="$*"
|
||||
num="${num/*-r /}"
|
||||
num="${num/ */}"
|
||||
if [[ "${extra_arg}" = "refresh" ]]; then
|
||||
num="${extra_value}"
|
||||
num_str="Refresh set for every $num seconds"
|
||||
else
|
||||
num_str=""
|
||||
|
@ -473,7 +474,7 @@ chronoFunc() {
|
|||
clear
|
||||
|
||||
# Remove exit message heading on third refresh
|
||||
if [[ "$count" -le 2 ]] && [[ "$*" != *"-e"* ]]; then
|
||||
if [[ "$count" -le 2 ]] && [[ "${extra_arg}" != "exit" ]]; then
|
||||
echo -e " ${COL_LIGHT_GREEN}Pi-hole Chronometer${COL_NC}
|
||||
$num_str
|
||||
${COL_LIGHT_RED}Press Ctrl-C to exit${COL_NC}
|
||||
|
@ -521,10 +522,10 @@ chronoFunc() {
|
|||
fi
|
||||
|
||||
# Handle exit/refresh options
|
||||
if [[ "$*" == *"-e"* ]]; then
|
||||
if [[ "${extra_arg}" == "exit" ]]; then
|
||||
exit 0
|
||||
else
|
||||
if [[ "$*" == *"-r"* ]]; then
|
||||
if [[ "${extra_arg}" == "refresh" ]]; then
|
||||
sleep "$num"
|
||||
else
|
||||
sleep 5
|
||||
|
@ -561,12 +562,10 @@ if [[ $# = 0 ]]; then
|
|||
chronoFunc
|
||||
fi
|
||||
|
||||
for var in "$@"; do
|
||||
case "$var" in
|
||||
case "$1" in
|
||||
"-j" | "--json" ) jsonFunc;;
|
||||
"-h" | "--help" ) helpFunc;;
|
||||
"-r" | "--refresh" ) chronoFunc "$@";;
|
||||
"-e" | "--exit" ) chronoFunc "$@";;
|
||||
"-r" | "--refresh" ) chronoFunc refresh "$2";;
|
||||
"-e" | "--exit" ) chronoFunc exit;;
|
||||
* ) helpFunc "?";;
|
||||
esac
|
||||
done
|
||||
|
|
|
@ -109,7 +109,6 @@ FTL_PORT="${RUN_DIRECTORY}/pihole-FTL.port"
|
|||
PIHOLE_LOG="${LOG_DIRECTORY}/pihole.log"
|
||||
PIHOLE_LOG_GZIPS="${LOG_DIRECTORY}/pihole.log.[0-9].*"
|
||||
PIHOLE_DEBUG_LOG="${LOG_DIRECTORY}/pihole_debug.log"
|
||||
PIHOLE_DEBUG_LOG_SANITIZED="${LOG_DIRECTORY}/pihole_debug-sanitized.log"
|
||||
PIHOLE_FTL_LOG="${LOG_DIRECTORY}/pihole-FTL.log"
|
||||
|
||||
PIHOLE_WEB_SERVER_ACCESS_LOG_FILE="${WEB_SERVER_LOG_DIRECTORY}/access.log"
|
||||
|
@ -209,11 +208,6 @@ log_write() {
|
|||
copy_to_debug_log() {
|
||||
# Copy the contents of file descriptor 3 into the debug log
|
||||
cat /proc/$$/fd/3 > "${PIHOLE_DEBUG_LOG}"
|
||||
# Since we use color codes such as '\e[1;33m', they should be removed before being
|
||||
# uploaded to our server, since it can't properly display in color
|
||||
# This is accomplished by use sed to remove characters matching that patter
|
||||
# The entire file is then copied over to a sanitized version of the log
|
||||
sed 's/\[[0-9;]\{1,5\}m//g' > "${PIHOLE_DEBUG_LOG_SANITIZED}" <<< cat "${PIHOLE_DEBUG_LOG}"
|
||||
}
|
||||
|
||||
initialize_debug() {
|
||||
|
@ -269,6 +263,9 @@ compare_local_version_to_git_version() {
|
|||
# The commit they are on
|
||||
local remote_commit
|
||||
remote_commit=$(git describe --long --dirty --tags --always)
|
||||
# Status of the repo
|
||||
local local_status
|
||||
local_status=$(git status -s)
|
||||
# echo this information out to the user in a nice format
|
||||
# If the current version matches what pihole -v produces, the user is up-to-date
|
||||
if [[ "${remote_version}" == "$(pihole -v | awk '/${search_term}/ {print $6}' | cut -d ')' -f1)" ]]; then
|
||||
|
@ -291,6 +288,16 @@ compare_local_version_to_git_version() {
|
|||
fi
|
||||
# echo the current commit
|
||||
log_write "${INFO} Commit: ${remote_commit}"
|
||||
# if `local_status` is non-null, then the repo is not clean, display details here
|
||||
if [[ ${local_status} ]]; then
|
||||
#Replace new lines in the status with 12 spaces to make the output cleaner
|
||||
log_write "${INFO} Status: ${local_status//$'\n'/'\n '}"
|
||||
local local_diff
|
||||
local_diff=$(git diff)
|
||||
if [[ ${local_diff} ]]; then
|
||||
log_write "${INFO} Diff: ${local_diff//$'\n'/'\n '}"
|
||||
fi
|
||||
fi
|
||||
# If git status failed,
|
||||
else
|
||||
# Return an error message
|
||||
|
@ -1134,20 +1141,20 @@ analyze_pihole_log() {
|
|||
IFS="$OLD_IFS"
|
||||
}
|
||||
|
||||
tricorder_use_nc_or_ssl() {
|
||||
# Users can submit their debug logs using nc (unencrypted) or openssl (enrypted) if available
|
||||
# Check for openssl first since encryption is a good thing
|
||||
if command -v openssl &> /dev/null; then
|
||||
tricorder_use_nc_or_curl() {
|
||||
# Users can submit their debug logs using nc (unencrypted) or curl (encrypted) if available
|
||||
# Check for curl first since encryption is a good thing
|
||||
if command -v curl &> /dev/null; then
|
||||
# If the command exists,
|
||||
log_write " * Using ${COL_GREEN}openssl${COL_NC} for transmission."
|
||||
# encrypt and transmit the log and store the token returned in a variable
|
||||
tricorder_token=$(< ${PIHOLE_DEBUG_LOG_SANITIZED} openssl s_client -quiet -connect tricorder.pi-hole.net:${TRICORDER_SSL_PORT_NUMBER} 2> /dev/null)
|
||||
log_write " * Using ${COL_GREEN}curl${COL_NC} for transmission."
|
||||
# transmit he log via TLS and store the token returned in a variable
|
||||
tricorder_token=$(curl --silent --upload-file ${PIHOLE_DEBUG_LOG} https://tricorder.pi-hole.net:${TRICORDER_SSL_PORT_NUMBER})
|
||||
# Otherwise,
|
||||
else
|
||||
# use net cat
|
||||
log_write "${INFO} Using ${COL_YELLOW}netcat${COL_NC} for transmission."
|
||||
# Save the token returned by our server in a variable
|
||||
tricorder_token=$(< ${PIHOLE_DEBUG_LOG_SANITIZED} nc tricorder.pi-hole.net ${TRICORDER_NC_PORT_NUMBER})
|
||||
tricorder_token=$(< ${PIHOLE_DEBUG_LOG} nc tricorder.pi-hole.net ${TRICORDER_NC_PORT_NUMBER})
|
||||
fi
|
||||
}
|
||||
|
||||
|
@ -1173,7 +1180,7 @@ upload_to_tricorder() {
|
|||
# let the user know
|
||||
log_write "${INFO} Debug script running in automated mode"
|
||||
# and then decide again which tool to use to submit it
|
||||
tricorder_use_nc_or_ssl
|
||||
tricorder_use_nc_or_curl
|
||||
# If we're not running in automated mode,
|
||||
else
|
||||
echo ""
|
||||
|
@ -1182,7 +1189,7 @@ upload_to_tricorder() {
|
|||
read -r -p "[?] Would you like to upload the log? [y/N] " response
|
||||
case ${response} in
|
||||
# If they say yes, run our function for uploading the log
|
||||
[yY][eE][sS]|[yY]) tricorder_use_nc_or_ssl;;
|
||||
[yY][eE][sS]|[yY]) tricorder_use_nc_or_curl;;
|
||||
# If they choose no, just exit out of the script
|
||||
*) log_write " * Log will ${COL_GREEN}NOT${COL_NC} be uploaded to tricorder.";exit;
|
||||
esac
|
||||
|
@ -1209,7 +1216,7 @@ upload_to_tricorder() {
|
|||
log_write " * Please try again or contact the Pi-hole team for assistance."
|
||||
fi
|
||||
# Finally, show where the log file is no matter the outcome of the function so users can look at it
|
||||
log_write " * A local copy of the debug log can be found at: ${COL_CYAN}${PIHOLE_DEBUG_LOG_SANITIZED}${COL_NC}\\n"
|
||||
log_write " * A local copy of the debug log can be found at: ${COL_CYAN}${PIHOLE_DEBUG_LOG}${COL_NC}\\n"
|
||||
}
|
||||
|
||||
# Run through all the functions we made
|
||||
|
|
|
@ -54,7 +54,7 @@ scanList(){
|
|||
# /dev/null forces filename to be printed when only one list has been generated
|
||||
# shellcheck disable=SC2086
|
||||
case "${type}" in
|
||||
"exact" ) grep -i -E -l "(^|\\s)${domain}($|\\s|#)" ${lists} /dev/null 2>/dev/null;;
|
||||
"exact" ) grep -i -E -l "(^|(?<!#)\\s)${domain}($|\\s|#)" ${lists} /dev/null 2>/dev/null;;
|
||||
"wc" ) grep -i -o -m 1 "/${domain}/" ${lists} 2>/dev/null;;
|
||||
* ) grep -i "${domain}" ${lists} /dev/null 2>/dev/null;;
|
||||
esac
|
||||
|
|
|
@ -146,6 +146,20 @@ main() {
|
|||
FTL_update=false
|
||||
fi
|
||||
|
||||
# Determine FTL branch
|
||||
local ftlBranch
|
||||
if [[ -f "/etc/pihole/ftlbranch" ]]; then
|
||||
ftlBranch=$(</etc/pihole/ftlbranch)
|
||||
else
|
||||
ftlBranch="master"
|
||||
fi
|
||||
|
||||
if [[ ! "${ftlBranch}" == "master" && ! "${ftlBranch}" == "development" ]]; then
|
||||
# Notify user that they are on a custom branch which might mean they they are lost
|
||||
# behind if a branch was merged to development and got abandoned
|
||||
printf " %b %bWarning:%b You are using FTL from a custom branch (%s) and might be missing future releases.\\n" "${INFO}" "${COL_LIGHT_RED}" "${COL_NC}" "${ftlBranch}"
|
||||
fi
|
||||
|
||||
if [[ "${core_update}" == false && "${web_update}" == false && "${FTL_update}" == false ]]; then
|
||||
echo ""
|
||||
echo -e " ${TICK} Everything is up to date!"
|
||||
|
|
|
@ -34,7 +34,7 @@ function get_local_branch() {
|
|||
function get_local_version() {
|
||||
# Return active branch
|
||||
cd "${1}" 2> /dev/null || return 1
|
||||
git describe --long --dirty --tags || return 1
|
||||
git describe --long --dirty --tags 2> /dev/null || return 1
|
||||
}
|
||||
|
||||
# Source the setupvars config file
|
||||
|
|
|
@ -530,7 +530,7 @@ Interfaces:
|
|||
|
||||
Teleporter() {
|
||||
local datetimestamp=$(date "+%Y-%m-%d_%H-%M-%S")
|
||||
php /var/www/html/admin/scripts/pi-hole/php/teleporter.php > "pi-hole-teleporter_${datetimestamp}.zip"
|
||||
php /var/www/html/admin/scripts/pi-hole/php/teleporter.php > "pi-hole-teleporter_${datetimestamp}.tar.gz"
|
||||
}
|
||||
|
||||
addAudit()
|
||||
|
|
|
@ -40,13 +40,6 @@ $validExtTypes = array("asp", "htm", "html", "php", "rss", "xml", "");
|
|||
// Get extension of current URL
|
||||
$currentUrlExt = pathinfo($_SERVER["REQUEST_URI"], PATHINFO_EXTENSION);
|
||||
|
||||
// Check if this is served over HTTP or HTTPS
|
||||
if(isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on") {
|
||||
$proto = "https";
|
||||
} else {
|
||||
$proto = "http";
|
||||
}
|
||||
|
||||
// Set mobile friendly viewport
|
||||
$viewPort = '<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"/>';
|
||||
|
||||
|
@ -229,10 +222,10 @@ setHeader();
|
|||
<?=$viewPort ?>
|
||||
<meta name="robots" content="noindex,nofollow"/>
|
||||
<meta http-equiv="x-dns-prefetch-control" content="off">
|
||||
<link rel="shortcut icon" href="<?=$proto ?>://pi.hole/admin/img/favicon.png" type="image/x-icon"/>
|
||||
<link rel="stylesheet" href="<?=$proto ?>://pi.hole/pihole/blockingpage.css" type="text/css"/>
|
||||
<link rel="shortcut icon" href="//pi.hole/admin/img/favicon.png" type="image/x-icon"/>
|
||||
<link rel="stylesheet" href="//pi.hole/pihole/blockingpage.css" type="text/css"/>
|
||||
<title>● <?=$serverName ?></title>
|
||||
<script src="<?=$proto ?>://pi.hole/admin/scripts/vendor/jquery.min.js"></script>
|
||||
<script src="//pi.hole/admin/scripts/vendor/jquery.min.js"></script>
|
||||
<script>
|
||||
window.onload = function () {
|
||||
<?php
|
||||
|
|
|
@ -28,6 +28,20 @@ set -e
|
|||
# Local variables will be in lowercase and will exist only within functions
|
||||
# It's still a work in progress, so you may see some variance in this guideline until it is complete
|
||||
|
||||
# List of supported DNS servers
|
||||
DNS_SERVERS=$(cat << EOM
|
||||
Google (ECS);8.8.8.8;8.8.4.4;2001:4860:4860:0:0:0:0:8888;2001:4860:4860:0:0:0:0:8844
|
||||
OpenDNS (ECS);208.67.222.222;208.67.220.220;2620:0:ccc::2;2620:0:ccd::2
|
||||
Level3;4.2.2.1;4.2.2.2;;
|
||||
Comodo;8.26.56.26;8.20.247.20;;
|
||||
DNS.WATCH;84.200.69.80;84.200.70.40;2001:1608:10:25:0:0:1c04:b12f;2001:1608:10:25:0:0:9249:d69b
|
||||
Quad9 (filtered, DNSSEC);9.9.9.9;149.112.112.112;2620:fe::fe;2620:fe::9
|
||||
Quad9 (unfiltered, no DNSSEC);9.9.9.10;149.112.112.10;2620:fe::10;2620:fe::fe:10
|
||||
Quad9 (filtered + ECS);9.9.9.11;149.112.112.11;2620:fe::11;
|
||||
Cloudflare;1.1.1.1;1.0.0.1;2606:4700:4700::1111;2606:4700:4700::1001
|
||||
EOM
|
||||
)
|
||||
|
||||
# Location for final installation log storage
|
||||
installLogLoc=/etc/pihole/install.log
|
||||
# This is an important file as it contains information specific to the machine it's being installed on
|
||||
|
@ -38,9 +52,12 @@ lighttpdConfig=/etc/lighttpd/lighttpd.conf
|
|||
# This is a file used for the colorized output
|
||||
coltable=/opt/pihole/COL_TABLE
|
||||
|
||||
# Root of the web server
|
||||
webroot="/var/www/html"
|
||||
|
||||
# We store several other directories and
|
||||
webInterfaceGitUrl="https://github.com/pi-hole/AdminLTE.git"
|
||||
webInterfaceDir="/var/www/html/admin"
|
||||
webInterfaceDir="${webroot}/admin"
|
||||
piholeGitUrl="https://github.com/pi-hole/pi-hole.git"
|
||||
PI_HOLE_LOCAL_REPO="/etc/.pihole"
|
||||
# These are the names of pi-holes files, stored in an array
|
||||
|
@ -48,6 +65,7 @@ PI_HOLE_FILES=(chronometer list piholeDebug piholeLogFlush setupLCD update versi
|
|||
# This directory is where the Pi-hole scripts will be installed
|
||||
PI_HOLE_INSTALL_DIR="/opt/pihole"
|
||||
PI_HOLE_CONFIG_DIR="/etc/pihole"
|
||||
PI_HOLE_BLOCKPAGE_DIR="${webroot}/pihole"
|
||||
useUpdateVars=false
|
||||
|
||||
adlistFile="/etc/pihole/adlists.list"
|
||||
|
@ -395,7 +413,7 @@ make_repo() {
|
|||
rm -rf "${directory}"
|
||||
fi
|
||||
# Clone the repo and return the return code from this command
|
||||
git clone -q --depth 1 "${remoteRepo}" "${directory}" &> /dev/null || return $?
|
||||
git clone -q --depth 20 "${remoteRepo}" "${directory}" &> /dev/null || return $?
|
||||
# Show a colored message showing it's status
|
||||
printf "%b %b %s\\n" "${OVER}" "${TICK}" "${str}"
|
||||
# Always return 0? Not sure this is correct
|
||||
|
@ -507,7 +525,7 @@ find_IPv4_information() {
|
|||
fi
|
||||
|
||||
# Append the CIDR notation to the IP address, if valid_ip fails this should return 127.0.0.1/8
|
||||
IPV4_ADDRESS=$(ip -oneline -family inet address show | grep "${IPv4bare}" | awk '{print $4}' | awk 'END {print}')
|
||||
IPV4_ADDRESS=$(ip -oneline -family inet address show | grep "${IPv4bare}/" | awk '{print $4}' | awk 'END {print}')
|
||||
}
|
||||
|
||||
# Get available interfaces that are UP
|
||||
|
@ -859,6 +877,13 @@ setStaticIPv4() {
|
|||
# Local, named variables
|
||||
local IFCFG_FILE
|
||||
local CONNECTION_NAME
|
||||
|
||||
# If a static interface is already configured, we are done.
|
||||
if [[ -r "/etc/sysconfig/network/ifcfg-${PIHOLE_INTERFACE}" ]]; then
|
||||
if grep -q '^BOOTPROTO=.static.' "/etc/sysconfig/network/ifcfg-${PIHOLE_INTERFACE}"; then
|
||||
return 0
|
||||
fi
|
||||
fi
|
||||
# For the Debian family, if dhcpcd.conf exists,
|
||||
if [[ -f "/etc/dhcpcd.conf" ]]; then
|
||||
# configure networking via dhcpcd
|
||||
|
@ -919,15 +944,26 @@ setDNS() {
|
|||
local DNSSettingsCorrect
|
||||
|
||||
# In an array, list the available upstream providers
|
||||
DNSChooseOptions=(Google ""
|
||||
OpenDNS ""
|
||||
Level3 ""
|
||||
Comodo ""
|
||||
DNSWatch ""
|
||||
Quad9 ""
|
||||
FamilyShield ""
|
||||
Cloudflare ""
|
||||
Custom "")
|
||||
DNSChooseOptions=()
|
||||
local DNSServerCount=0
|
||||
# Save the old Internal Field Separator in a variable
|
||||
OIFS=$IFS
|
||||
# and set the new one to newline
|
||||
IFS=$'\n'
|
||||
# Put the DNS Servers into an array
|
||||
for DNSServer in ${DNS_SERVERS}
|
||||
do
|
||||
DNSName="$(cut -d';' -f1 <<< "${DNSServer}")"
|
||||
DNSChooseOptions[DNSServerCount]="${DNSName}"
|
||||
(( DNSServerCount=DNSServerCount+1 ))
|
||||
DNSChooseOptions[DNSServerCount]=""
|
||||
(( DNSServerCount=DNSServerCount+1 ))
|
||||
done
|
||||
DNSChooseOptions[DNSServerCount]="Custom"
|
||||
(( DNSServerCount=DNSServerCount+1 ))
|
||||
DNSChooseOptions[DNSServerCount]=""
|
||||
# Restore the IFS to what it was
|
||||
IFS=${OIFS}
|
||||
# In a whiptail dialog, show the options
|
||||
DNSchoices=$(whiptail --separate-output --menu "Select Upstream DNS Provider. To use your own, select Custom." ${r} ${c} 7 \
|
||||
"${DNSChooseOptions[@]}" 2>&1 >/dev/tty) || \
|
||||
|
@ -937,48 +973,8 @@ setDNS() {
|
|||
# Display the selection
|
||||
printf " %b Using " "${INFO}"
|
||||
# Depending on the user's choice, set the GLOBAl variables to the IP of the respective provider
|
||||
case ${DNSchoices} in
|
||||
Google)
|
||||
printf "Google DNS servers\\n"
|
||||
PIHOLE_DNS_1="8.8.8.8"
|
||||
PIHOLE_DNS_2="8.8.4.4"
|
||||
;;
|
||||
OpenDNS)
|
||||
printf "OpenDNS servers\\n"
|
||||
PIHOLE_DNS_1="208.67.222.222"
|
||||
PIHOLE_DNS_2="208.67.220.220"
|
||||
;;
|
||||
Level3)
|
||||
printf "Level3 servers\\n"
|
||||
PIHOLE_DNS_1="4.2.2.1"
|
||||
PIHOLE_DNS_2="4.2.2.2"
|
||||
;;
|
||||
Comodo)
|
||||
printf "Comodo Secure servers\\n"
|
||||
PIHOLE_DNS_1="8.26.56.26"
|
||||
PIHOLE_DNS_2="8.20.247.20"
|
||||
;;
|
||||
DNSWatch)
|
||||
printf "DNS.WATCH servers\\n"
|
||||
PIHOLE_DNS_1="84.200.69.80"
|
||||
PIHOLE_DNS_2="84.200.70.40"
|
||||
;;
|
||||
Quad9)
|
||||
printf "Quad9 servers\\n"
|
||||
PIHOLE_DNS_1="9.9.9.9"
|
||||
PIHOLE_DNS_2="149.112.112.112"
|
||||
;;
|
||||
FamilyShield)
|
||||
printf "FamilyShield servers\\n"
|
||||
PIHOLE_DNS_1="208.67.222.123"
|
||||
PIHOLE_DNS_2="208.67.220.123"
|
||||
;;
|
||||
Cloudflare)
|
||||
printf "Cloudflare servers\\n"
|
||||
PIHOLE_DNS_1="1.1.1.1"
|
||||
PIHOLE_DNS_2="1.0.0.1"
|
||||
;;
|
||||
Custom)
|
||||
if [[ "${DNSchoices}" == "Custom" ]]
|
||||
then
|
||||
# Until the DNS settings are selected,
|
||||
until [[ "${DNSSettingsCorrect}" = True ]]; do
|
||||
#
|
||||
|
@ -1042,8 +1038,25 @@ setDNS() {
|
|||
fi
|
||||
fi
|
||||
done
|
||||
;;
|
||||
esac
|
||||
else
|
||||
# Save the old Internal Field Separator in a variable
|
||||
OIFS=$IFS
|
||||
# and set the new one to newline
|
||||
IFS=$'\n'
|
||||
for DNSServer in ${DNS_SERVERS}
|
||||
do
|
||||
DNSName="$(cut -d';' -f1 <<< "${DNSServer}")"
|
||||
if [[ "${DNSchoices}" == "${DNSName}" ]]
|
||||
then
|
||||
printf "%s\\n" "${DNSName}"
|
||||
PIHOLE_DNS_1="$(cut -d';' -f2 <<< "${DNSServer}")"
|
||||
PIHOLE_DNS_2="$(cut -d';' -f3 <<< "${DNSServer}")"
|
||||
break
|
||||
fi
|
||||
done
|
||||
# Restore the IFS to what it was
|
||||
IFS=${OIFS}
|
||||
fi
|
||||
}
|
||||
|
||||
# Allow the user to enable/disable logging
|
||||
|
@ -1081,7 +1094,7 @@ setPrivacyLevel() {
|
|||
local LevelCommand
|
||||
local LevelOptions
|
||||
|
||||
LevelCommand=(whiptail --separate-output --radiolist "Select a privacy mode for FTL." "${r}" "${c}" 6)
|
||||
LevelCommand=(whiptail --separate-output --radiolist "Select a privacy mode for FTL. https://docs.pi-hole.net/ftldns/privacylevels/" "${r}" "${c}" 6)
|
||||
|
||||
# The default selection is level 0
|
||||
LevelOptions=(
|
||||
|
@ -1342,9 +1355,16 @@ installConfigs() {
|
|||
printf "\\n %b Installing configs from %s...\\n" "${INFO}" "${PI_HOLE_LOCAL_REPO}"
|
||||
# Make sure Pi-hole's config files are in place
|
||||
version_check_dnsmasq
|
||||
|
||||
# Install list of DNS servers
|
||||
# Format: Name;Primary IPv4;Secondary IPv4;Primary IPv6;Secondary IPv6
|
||||
# Some values may be empty (for example: DNS servers without IPv6 support)
|
||||
echo "${DNS_SERVERS}" > "${PI_HOLE_CONFIG_DIR}/dns-servers.conf"
|
||||
|
||||
# Install empty file if it does not exist
|
||||
if [[ ! -f "${PI_HOLE_CONFIG_DIR}/pihole-FTL.conf" ]]; then
|
||||
if ! install -o pihole -g pihole -m 664 /dev/null "${PI_HOLE_CONFIG_DIR}/pihole-FTL.conf" &>/dev/null; then
|
||||
if [[ ! -r "${PI_HOLE_CONFIG_DIR}/pihole-FTL.conf" ]]; then
|
||||
install -d -m 0755 ${PI_HOLE_CONFIG_DIR}
|
||||
if ! install -o pihole -m 664 /dev/null "${PI_HOLE_CONFIG_DIR}/pihole-FTL.conf" &>/dev/null; then
|
||||
printf " %bError: Unable to initialize configuration file %s/pihole-FTL.conf\\n" "${COL_LIGHT_RED}" "${PI_HOLE_CONFIG_DIR}"
|
||||
return 1
|
||||
fi
|
||||
|
@ -1372,7 +1392,7 @@ installConfigs() {
|
|||
# Make sure the external.conf file exists, as lighttpd v1.4.50 crashes without it
|
||||
touch /etc/lighttpd/external.conf
|
||||
# if there is a custom block page in the html/pihole directory, replace 404 handler in lighttpd config
|
||||
if [[ -f "/var/www/html/pihole/custom.php" ]]; then
|
||||
if [[ -f "${PI_HOLE_BLOCKPAGE_DIR}/custom.php" ]]; then
|
||||
sed -i 's/^\(server\.error-handler-404\s*=\s*\).*$/\1"pihole\/custom\.php"/' /etc/lighttpd/lighttpd.conf
|
||||
fi
|
||||
# Make the directories if they do not exist and set the owners
|
||||
|
@ -1540,7 +1560,7 @@ update_package_cache() {
|
|||
else
|
||||
# show an error and exit
|
||||
printf "%b %b %s\\n" "${OVER}" "${CROSS}" "${str}"
|
||||
printf " %bError: Unable to update package cache. Please try \"%s\"%b" "${COL_LIGHT_RED}" "${COL_LIGHT_RED}" "${COL_NC}"
|
||||
printf " %bError: Unable to update package cache. Please try \"%s\"%b" "${COL_LIGHT_RED}" "${UPDATE_PKG_CACHE}" "${COL_NC}"
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
@ -1638,13 +1658,13 @@ installPiholeWeb() {
|
|||
local str="Creating directory for blocking page, and copying files"
|
||||
printf " %b %s..." "${INFO}" "${str}"
|
||||
# Install the directory
|
||||
install -d /var/www/html/pihole
|
||||
install -d -m 0755 ${PI_HOLE_BLOCKPAGE_DIR}
|
||||
# and the blockpage
|
||||
install -D ${PI_HOLE_LOCAL_REPO}/advanced/{index,blockingpage}.* /var/www/html/pihole/
|
||||
install -D ${PI_HOLE_LOCAL_REPO}/advanced/{index,blockingpage}.* ${PI_HOLE_BLOCKPAGE_DIR}/
|
||||
|
||||
# Remove superseded file
|
||||
if [[ -e "/var/www/html/pihole/index.js" ]]; then
|
||||
rm "/var/www/html/pihole/index.js"
|
||||
if [[ -e "${PI_HOLE_BLOCKPAGE_DIR}/index.js" ]]; then
|
||||
rm "${PI_HOLE_BLOCKPAGE_DIR}/index.js"
|
||||
fi
|
||||
|
||||
printf "%b %b %s\\n" "${OVER}" "${TICK}" "${str}"
|
||||
|
@ -1652,9 +1672,9 @@ installPiholeWeb() {
|
|||
local str="Backing up index.lighttpd.html"
|
||||
printf " %b %s..." "${INFO}" "${str}"
|
||||
# If the default index file exists,
|
||||
if [[ -f "/var/www/html/index.lighttpd.html" ]]; then
|
||||
if [[ -f "${webroot}/index.lighttpd.html" ]]; then
|
||||
# back it up
|
||||
mv /var/www/html/index.lighttpd.html /var/www/html/index.lighttpd.orig
|
||||
mv ${webroot}/index.lighttpd.html ${webroot}/index.lighttpd.orig
|
||||
printf "%b %b %s\\n" "${OVER}" "${TICK}" "${str}"
|
||||
# Otherwise,
|
||||
else
|
||||
|
@ -1669,7 +1689,7 @@ installPiholeWeb() {
|
|||
# Make the .d directory if it doesn't exist
|
||||
mkdir -p /etc/sudoers.d/
|
||||
# and copy in the pihole sudoers file
|
||||
cp ${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole.sudo /etc/sudoers.d/pihole
|
||||
install -m 0640 ${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole.sudo /etc/sudoers.d/pihole
|
||||
# Add lighttpd user (OS dependent) to sudoers file
|
||||
echo "${LIGHTTPD_USER} ALL=NOPASSWD: /usr/local/bin/pihole" >> /etc/sudoers.d/pihole
|
||||
|
||||
|
@ -1864,15 +1884,15 @@ installPihole() {
|
|||
|
||||
# If the user wants to install the Web interface,
|
||||
if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then
|
||||
if [[ ! -d "/var/www/html" ]]; then
|
||||
if [[ ! -d "${webroot}" ]]; then
|
||||
# make the Web directory if necessary
|
||||
mkdir -p /var/www/html
|
||||
install -d -m 0755 ${webroot}
|
||||
fi
|
||||
|
||||
if [[ "${INSTALL_WEB_SERVER}" == true ]]; then
|
||||
# Set the owner and permissions
|
||||
chown ${LIGHTTPD_USER}:${LIGHTTPD_GROUP} /var/www/html
|
||||
chmod 775 /var/www/html
|
||||
chown ${LIGHTTPD_USER}:${LIGHTTPD_GROUP} ${webroot}
|
||||
chmod 0775 ${webroot}
|
||||
# Give pihole access to the Web server group
|
||||
usermod -a -G ${LIGHTTPD_GROUP} pihole
|
||||
# If the lighttpd command is executable,
|
||||
|
@ -2178,6 +2198,9 @@ FTLinstall() {
|
|||
if sha1sum --status --quiet -c "${binary}".sha1; then
|
||||
printf "transferred... "
|
||||
|
||||
# Before stopping FTL, we download the macvendor database
|
||||
curl -sSL "https://ftl.pi-hole.net/macvendor.db" -o "${PI_HOLE_CONFIG_DIR}/macvendor.db" || true
|
||||
|
||||
# Stop pihole-FTL service if available
|
||||
stop_service pihole-FTL &> /dev/null
|
||||
|
||||
|
@ -2271,10 +2294,12 @@ get_binary_name() {
|
|||
elif [[ "${machine}" == "x86_64" ]]; then
|
||||
# This gives the architecture of packages dpkg installs (for example, "i386")
|
||||
local dpkgarch
|
||||
dpkgarch=$(dpkg --print-architecture 2> /dev/null)
|
||||
dpkgarch=$(dpkg --print-architecture 2> /dev/null || true)
|
||||
|
||||
# Special case: This is a 32 bit OS, installed on a 64 bit machine
|
||||
# -> change machine architecture to download the 32 bit executable
|
||||
# We only check this for Debian-based systems as this has been an issue
|
||||
# in the past (see https://github.com/pi-hole/pi-hole/pull/2004)
|
||||
if [[ "${dpkgarch}" == "i386" ]]; then
|
||||
printf "%b %b Detected 32bit (i686) architecture\\n" "${OVER}" "${TICK}"
|
||||
binary="pihole-FTL-linux-x86_32"
|
||||
|
|
|
@ -131,8 +131,7 @@ removeNoPurge() {
|
|||
echo -e " ${TICK} Removed /etc/cron.d/pihole"
|
||||
fi
|
||||
|
||||
package_check lighttpd > /dev/null
|
||||
if [[ $? -eq 1 ]]; then
|
||||
if package_check lighttpd > /dev/null; then
|
||||
${SUDO} rm -rf /etc/lighttpd/ &> /dev/null
|
||||
echo -e " ${TICK} Removed lighttpd"
|
||||
else
|
||||
|
|
|
@ -268,7 +268,7 @@ gravity_DownloadBlocklistFromUrl() {
|
|||
port=443;
|
||||
else port=80
|
||||
fi
|
||||
bad_list=$(pihole -q -adlist hosts-file.net | head -n1 | awk -F 'Match found in ' '{print $2}')
|
||||
bad_list=$(pihole -q -adlist "${domain}" | head -n1 | awk -F 'Match found in ' '{print $2}')
|
||||
echo -e "${OVER} ${CROSS} ${str} ${domain} is blocked by ${bad_list%:}. Using DNS on ${PIHOLE_DNS_1} to download ${url}";
|
||||
echo -ne " ${INFO} ${str} Pending..."
|
||||
cmd_ext="--resolve $domain:$port:$ip $cmd_ext"
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
docker-compose
|
||||
pytest
|
||||
pytest-xdist
|
||||
pytest-cov
|
||||
testinfra
|
||||
tox
|
||||
docker-compose==1.23.2
|
||||
pytest==4.3.0
|
||||
pytest-xdist==1.26.1
|
||||
pytest-cov==2.6.1
|
||||
testinfra==1.19.0
|
||||
tox==3.7.0
|
||||
|
|
Loading…
Reference in a new issue