mirror of
https://github.com/pi-hole/pi-hole.git
synced 2024-12-25 06:10:20 +00:00
commit
2673c2c072
39 changed files with 553 additions and 602 deletions
2
.github/workflows/test.yml
vendored
2
.github/workflows/test.yml
vendored
|
@ -10,7 +10,7 @@ jobs:
|
|||
runs-on: ubuntu-latest
|
||||
strategy:
|
||||
matrix:
|
||||
distro: [debian_9, debian_10, ubuntu_16, ubuntu_18, ubuntu_20, centos_7, centos_8, fedora_32, fedora_33]
|
||||
distro: [debian_9, debian_10, debian_11, ubuntu_16, ubuntu_18, ubuntu_20, ubuntu_21, centos_7, centos_8, fedora_32, fedora_33]
|
||||
env:
|
||||
DISTRO: ${{matrix.distro}}
|
||||
steps:
|
||||
|
|
|
@ -50,6 +50,8 @@ sudo bash basic-install.sh
|
|||
wget -O basic-install.sh https://install.pi-hole.net
|
||||
sudo bash basic-install.sh
|
||||
```
|
||||
### Method 3: Using Docker to deploy Pi-hole
|
||||
Please refer to the [Pi-hole docker repo](https://github.com/pi-hole/docker-pi-hole) to use the Official Docker Images.
|
||||
|
||||
## [Post-install: Make your network take advantage of Pi-hole](https://docs.pi-hole.net/main/post-install/)
|
||||
|
||||
|
|
41
advanced/06-rfc6761.conf
Normal file
41
advanced/06-rfc6761.conf
Normal file
|
@ -0,0 +1,41 @@
|
|||
# Pi-hole: A black hole for Internet advertisements
|
||||
# (c) 2021 Pi-hole, LLC (https://pi-hole.net)
|
||||
# Network-wide ad blocking via your own hardware.
|
||||
#
|
||||
# RFC 6761 config file for Pi-hole
|
||||
#
|
||||
# This file is copyright under the latest version of the EUPL.
|
||||
# Please see LICENSE file for your rights under this license.
|
||||
|
||||
###############################################################################
|
||||
# FILE AUTOMATICALLY POPULATED BY PI-HOLE INSTALL/UPDATE PROCEDURE. #
|
||||
# ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
|
||||
# #
|
||||
# CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE #
|
||||
# WITHIN /etc/dnsmasq.d/yourname.conf #
|
||||
###############################################################################
|
||||
|
||||
# RFC 6761: Caching DNS servers SHOULD recognize
|
||||
# test, localhost, invalid
|
||||
# names as special and SHOULD NOT attempt to look up NS records for them, or
|
||||
# otherwise query authoritative DNS servers in an attempt to resolve these
|
||||
# names.
|
||||
server=/test/
|
||||
server=/localhost/
|
||||
server=/invalid/
|
||||
|
||||
# The same RFC requests something similar for
|
||||
# 16.172.in-addr.arpa. 22.172.in-addr.arpa. 27.172.in-addr.arpa.
|
||||
# 17.172.in-addr.arpa. 30.172.in-addr.arpa. 28.172.in-addr.arpa.
|
||||
# 18.172.in-addr.arpa. 23.172.in-addr.arpa. 29.172.in-addr.arpa.
|
||||
# 19.172.in-addr.arpa. 24.172.in-addr.arpa. 31.172.in-addr.arpa.
|
||||
# 20.172.in-addr.arpa. 25.172.in-addr.arpa. 168.192.in-addr.arpa.
|
||||
# Pi-hole implements this via the dnsmasq option "bogus-priv" (see
|
||||
# 01-pihole.conf) because this also covers IPv6.
|
||||
|
||||
# OpenWRT furthermore blocks bind, local, onion domains
|
||||
# see https://git.openwrt.org/?p=openwrt/openwrt.git;a=blob_plain;f=package/network/services/dnsmasq/files/rfc6761.conf;hb=HEAD
|
||||
# and https://www.iana.org/assignments/special-use-domain-names/special-use-domain-names.xhtml
|
||||
# We do not include the ".local" rule ourselves, see https://github.com/pi-hole/pi-hole/pull/4282#discussion_r689112972
|
||||
server=/bind/
|
||||
server=/onion/
|
|
@ -498,10 +498,6 @@ chronoFunc() {
|
|||
printFunc " RAM usage: " "$ram_perc%" "$ram_info"
|
||||
printFunc " HDD usage: " "$disk_perc" "$disk_info"
|
||||
|
||||
if [[ "$scr_lines" -gt 17 ]] && [[ "$chrono_width" != "small" ]]; then
|
||||
printFunc " LAN addr: " "${IPV4_ADDRESS/\/*/}" "$lan_info"
|
||||
fi
|
||||
|
||||
if [[ "$DHCP_ACTIVE" == "true" ]]; then
|
||||
printFunc "DHCP usage: " "$ph_dhcp_percent%" "$dhcp_info"
|
||||
fi
|
||||
|
|
|
@ -166,12 +166,15 @@ checkout() {
|
|||
checkout_pull_branch "${webInterfaceDir}" "${2}"
|
||||
elif [[ "${1}" == "ftl" ]] ; then
|
||||
local path
|
||||
local oldbranch
|
||||
path="${2}/${binary}"
|
||||
oldbranch="$(pihole-FTL -b)"
|
||||
|
||||
if check_download_exists "$path"; then
|
||||
echo " ${TICK} Branch ${2} exists"
|
||||
echo "${2}" > /etc/pihole/ftlbranch
|
||||
chmod 644 /etc/pihole/ftlbranch
|
||||
echo -e " ${INFO} Switching to branch: \"${2}\" from \"${oldbranch}\""
|
||||
FTLinstall "${binary}"
|
||||
restart_service pihole-FTL
|
||||
enable_service pihole-FTL
|
||||
|
|
|
@ -56,11 +56,6 @@ FAQ_BAD_ADDRESS="${COL_CYAN}https://discourse.pi-hole.net/t/why-do-i-see-bad-add
|
|||
|
||||
# Other URLs we may use
|
||||
FORUMS_URL="${COL_CYAN}https://discourse.pi-hole.net${COL_NC}"
|
||||
TRICORDER_CONTEST="${COL_CYAN}https://pi-hole.net/2016/11/07/crack-our-medical-tricorder-win-a-raspberry-pi-3/${COL_NC}"
|
||||
|
||||
# Port numbers used for uploading the debug log
|
||||
TRICORDER_NC_PORT_NUMBER=9999
|
||||
TRICORDER_SSL_PORT_NUMBER=9998
|
||||
|
||||
# Directories required by Pi-hole
|
||||
# https://discourse.pi-hole.net/t/what-files-does-pi-hole-use/1684
|
||||
|
@ -78,15 +73,12 @@ HTML_DIRECTORY="/var/www/html"
|
|||
WEB_GIT_DIRECTORY="${HTML_DIRECTORY}/admin"
|
||||
#BLOCK_PAGE_DIRECTORY="${HTML_DIRECTORY}/pihole"
|
||||
SHM_DIRECTORY="/dev/shm"
|
||||
ETC="/etc"
|
||||
|
||||
# Files required by Pi-hole
|
||||
# https://discourse.pi-hole.net/t/what-files-does-pi-hole-use/1684
|
||||
PIHOLE_CRON_FILE="${CRON_D_DIRECTORY}/pihole"
|
||||
|
||||
PIHOLE_DNS_CONFIG_FILE="${DNSMASQ_D_DIRECTORY}/01-pihole.conf"
|
||||
PIHOLE_DHCP_CONFIG_FILE="${DNSMASQ_D_DIRECTORY}/02-pihole-dhcp.conf"
|
||||
PIHOLE_WILDCARD_CONFIG_FILE="${DNSMASQ_D_DIRECTORY}/03-wildcard.conf"
|
||||
|
||||
WEB_SERVER_CONFIG_FILE="${WEB_SERVER_CONFIG_DIRECTORY}/lighttpd.conf"
|
||||
WEB_SERVER_CUSTOM_CONFIG_FILE="${WEB_SERVER_CONFIG_DIRECTORY}/external.conf"
|
||||
|
||||
|
@ -141,6 +133,9 @@ PIHOLE_FTL_LOG="$(get_ftl_conf_value "LOGFILE" "${LOG_DIRECTORY}/pihole-FTL.log"
|
|||
PIHOLE_WEB_SERVER_ACCESS_LOG_FILE="${WEB_SERVER_LOG_DIRECTORY}/access.log"
|
||||
PIHOLE_WEB_SERVER_ERROR_LOG_FILE="${WEB_SERVER_LOG_DIRECTORY}/error.log"
|
||||
|
||||
RESOLVCONF="${ETC}/resolv.conf"
|
||||
DNSMASQ_CONF="${ETC}/dnsmasq.conf"
|
||||
|
||||
# An array of operating system "pretty names" that we officially support
|
||||
# We can loop through the array at any time to see if it matches a value
|
||||
#SUPPORTED_OS=("Raspbian" "Ubuntu" "Fedora" "Debian" "CentOS")
|
||||
|
@ -165,9 +160,6 @@ PIHOLE_PROCESSES=( "lighttpd" "pihole-FTL" )
|
|||
|
||||
# Store the required directories in an array so it can be parsed through
|
||||
REQUIRED_FILES=("${PIHOLE_CRON_FILE}"
|
||||
"${PIHOLE_DNS_CONFIG_FILE}"
|
||||
"${PIHOLE_DHCP_CONFIG_FILE}"
|
||||
"${PIHOLE_WILDCARD_CONFIG_FILE}"
|
||||
"${WEB_SERVER_CONFIG_FILE}"
|
||||
"${WEB_SERVER_CUSTOM_CONFIG_FILE}"
|
||||
"${PIHOLE_INSTALL_LOG_FILE}"
|
||||
|
@ -185,7 +177,9 @@ REQUIRED_FILES=("${PIHOLE_CRON_FILE}"
|
|||
"${PIHOLE_DEBUG_LOG}"
|
||||
"${PIHOLE_FTL_LOG}"
|
||||
"${PIHOLE_WEB_SERVER_ACCESS_LOG_FILE}"
|
||||
"${PIHOLE_WEB_SERVER_ERROR_LOG_FILE}")
|
||||
"${PIHOLE_WEB_SERVER_ERROR_LOG_FILE}"
|
||||
"${RESOLVCONF}"
|
||||
"${DNSMASQ_CONF}")
|
||||
|
||||
DISCLAIMER="This process collects information from your Pi-hole, and optionally uploads it to a unique and random directory on tricorder.pi-hole.net.
|
||||
|
||||
|
@ -235,6 +229,7 @@ copy_to_debug_log() {
|
|||
}
|
||||
|
||||
initialize_debug() {
|
||||
local system_uptime
|
||||
# Clear the screen so the debug log is readable
|
||||
clear
|
||||
show_disclaimer
|
||||
|
@ -242,6 +237,10 @@ initialize_debug() {
|
|||
log_write "${COL_PURPLE}*** [ INITIALIZING ]${COL_NC}"
|
||||
# Timestamp the start of the log
|
||||
log_write "${INFO} $(date "+%Y-%m-%d:%H:%M:%S") debug log has been initialized."
|
||||
# Uptime of the system
|
||||
# credits to https://stackoverflow.com/questions/28353409/bash-format-uptime-to-show-days-hours-minutes
|
||||
system_uptime=$(uptime | awk -F'( |,|:)+' '{if ($7=="min") m=$6; else {if ($7~/^day/){if ($9=="min") {d=$6;m=$8} else {d=$6;h=$8;m=$9}} else {h=$6;m=$7}}} {print d+0,"days,",h+0,"hours,",m+0,"minutes"}')
|
||||
log_write "${INFO} System has been running for ${system_uptime}"
|
||||
}
|
||||
|
||||
# This is a function for visually displaying the current test that is being run.
|
||||
|
@ -410,12 +409,12 @@ os_check() {
|
|||
# This function gets a list of supported OS versions from a TXT record at versions.pi-hole.net
|
||||
# and determines whether or not the script is running on one of those systems
|
||||
local remote_os_domain valid_os valid_version detected_os detected_version cmdResult digReturnCode response
|
||||
remote_os_domain="versions.pi-hole.net"
|
||||
remote_os_domain=${OS_CHECK_DOMAIN_NAME:-"versions.pi-hole.net"}
|
||||
|
||||
detected_os=$(grep "\bID\b" /etc/os-release | cut -d '=' -f2 | tr -d '"')
|
||||
detected_version=$(grep VERSION_ID /etc/os-release | cut -d '=' -f2 | tr -d '"')
|
||||
|
||||
cmdResult="$(dig +short -t txt ${remote_os_domain} @ns1.pi-hole.net 2>&1; echo $?)"
|
||||
cmdResult="$(dig +short -t txt "${remote_os_domain}" @ns1.pi-hole.net 2>&1; echo $?)"
|
||||
#Get the return code of the previous command (last line)
|
||||
digReturnCode="${cmdResult##*$'\n'}"
|
||||
|
||||
|
@ -605,38 +604,6 @@ parse_locale() {
|
|||
parse_file "${pihole_locale}"
|
||||
}
|
||||
|
||||
does_ip_match_setup_vars() {
|
||||
# Check for IPv4 or 6
|
||||
local protocol="${1}"
|
||||
# IP address to check for
|
||||
local ip_address="${2}"
|
||||
# See what IP is in the setupVars.conf file
|
||||
local setup_vars_ip
|
||||
setup_vars_ip=$(< ${PIHOLE_SETUP_VARS_FILE} grep IPV"${protocol}"_ADDRESS | cut -d '=' -f2)
|
||||
# If it's an IPv6 address
|
||||
if [[ "${protocol}" == "6" ]]; then
|
||||
# Strip off the / (CIDR notation)
|
||||
if [[ "${ip_address%/*}" == "${setup_vars_ip%/*}" ]]; then
|
||||
# if it matches, show it in green
|
||||
log_write " ${COL_GREEN}${ip_address%/*}${COL_NC} matches the IP found in ${PIHOLE_SETUP_VARS_FILE}"
|
||||
else
|
||||
# otherwise show it in red with an FAQ URL
|
||||
log_write " ${COL_RED}${ip_address%/*}${COL_NC} does not match the IP found in ${PIHOLE_SETUP_VARS_FILE} (${FAQ_ULA})"
|
||||
fi
|
||||
|
||||
else
|
||||
# if the protocol isn't 6, it's 4 so no need to strip the CIDR notation
|
||||
# since it exists in the setupVars.conf that way
|
||||
if [[ "${ip_address}" == "${setup_vars_ip}" ]]; then
|
||||
# show in green if it matches
|
||||
log_write " ${COL_GREEN}${ip_address}${COL_NC} matches the IP found in ${PIHOLE_SETUP_VARS_FILE}"
|
||||
else
|
||||
# otherwise show it in red
|
||||
log_write " ${COL_RED}${ip_address}${COL_NC} does not match the IP found in ${PIHOLE_SETUP_VARS_FILE} (${FAQ_ULA})"
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
detect_ip_addresses() {
|
||||
# First argument should be a 4 or a 6
|
||||
local protocol=${1}
|
||||
|
@ -653,8 +620,7 @@ detect_ip_addresses() {
|
|||
log_write "${TICK} IPv${protocol} address(es) bound to the ${PIHOLE_INTERFACE} interface:"
|
||||
# Since there may be more than one IP address, store them in an array
|
||||
for i in "${!ip_addr_list[@]}"; do
|
||||
# For each one in the list, print it out
|
||||
does_ip_match_setup_vars "${protocol}" "${ip_addr_list[$i]}"
|
||||
log_write " ${ip_addr_list[$i]}"
|
||||
done
|
||||
# Print a blank line just for formatting
|
||||
log_write ""
|
||||
|
@ -663,13 +629,6 @@ detect_ip_addresses() {
|
|||
log_write "${CROSS} ${COL_RED}No IPv${protocol} address(es) found on the ${PIHOLE_INTERFACE}${COL_NC} interface.\\n"
|
||||
return 1
|
||||
fi
|
||||
# If the protocol is v6
|
||||
if [[ "${protocol}" == "6" ]]; then
|
||||
# let the user know that as long as there is one green address, things should be ok
|
||||
log_write " ^ Please note that you may have more than one IP address listed."
|
||||
log_write " As long as one of them is green, and it matches what is in ${PIHOLE_SETUP_VARS_FILE}, there is no need for concern.\\n"
|
||||
log_write " The link to the FAQ is for an issue that sometimes occurs when the IPv6 address changes, which is why we check for it.\\n"
|
||||
fi
|
||||
}
|
||||
|
||||
ping_ipv4_or_ipv6() {
|
||||
|
@ -859,13 +818,13 @@ dig_at() {
|
|||
|
||||
# Store the arguments as variables with names
|
||||
local protocol="${1}"
|
||||
local IP="${2}"
|
||||
echo_current_diagnostic "Name resolution (IPv${protocol}) using a random blocked domain and a known ad-serving domain"
|
||||
# Set more local variables
|
||||
# We need to test name resolution locally, via Pi-hole, and via a public resolver
|
||||
local local_dig
|
||||
local pihole_dig
|
||||
local remote_dig
|
||||
local interfaces
|
||||
local addresses
|
||||
# Use a static domain that we know has IPv4 and IPv6 to avoid false positives
|
||||
# Sometimes the randomly chosen domains don't use IPv6, or something else is wrong with them
|
||||
local remote_url="doubleclick.com"
|
||||
|
@ -874,15 +833,15 @@ dig_at() {
|
|||
if [[ ${protocol} == "6" ]]; then
|
||||
# Set the IPv6 variables and record type
|
||||
local local_address="::1"
|
||||
local pihole_address="${IP}"
|
||||
local remote_address="2001:4860:4860::8888"
|
||||
local sed_selector="inet6"
|
||||
local record_type="AAAA"
|
||||
# Otherwise, it should be 4
|
||||
else
|
||||
# so use the IPv4 values
|
||||
local local_address="127.0.0.1"
|
||||
local pihole_address="${IP}"
|
||||
local remote_address="8.8.8.8"
|
||||
local sed_selector="inet"
|
||||
local record_type="A"
|
||||
fi
|
||||
|
||||
|
@ -892,32 +851,55 @@ dig_at() {
|
|||
local random_url
|
||||
random_url=$(sqlite3 "${PIHOLE_GRAVITY_DB_FILE}" "SELECT domain FROM vw_gravity ORDER BY RANDOM() LIMIT 1")
|
||||
|
||||
# First, do a dig on localhost to see if Pi-hole can use itself to block a domain
|
||||
if local_dig=$(dig +tries=1 +time=2 -"${protocol}" "${random_url}" @${local_address} +short "${record_type}"); then
|
||||
# If it can, show success
|
||||
log_write "${TICK} ${random_url} ${COL_GREEN}is ${local_dig}${COL_NC} via ${COL_CYAN}localhost$COL_NC (${local_address})"
|
||||
else
|
||||
# Otherwise, show a failure
|
||||
log_write "${CROSS} ${COL_RED}Failed to resolve${COL_NC} ${random_url} via ${COL_RED}localhost${COL_NC} (${local_address})"
|
||||
fi
|
||||
|
||||
# Next we need to check if Pi-hole can resolve a domain when the query is sent to it's IP address
|
||||
# This better emulates how clients will interact with Pi-hole as opposed to above where Pi-hole is
|
||||
# just asing itself locally
|
||||
# The default timeouts and tries are reduced in case the DNS server isn't working, so the user isn't waiting for too long
|
||||
# The default timeouts and tries are reduced in case the DNS server isn't working, so the user isn't
|
||||
# waiting for too long
|
||||
#
|
||||
# Turn off history expansion such that the "!" in the sed command cannot do silly things
|
||||
set +H
|
||||
# Get interfaces
|
||||
# sed logic breakdown:
|
||||
# / master /d;
|
||||
# Removes all interfaces that are slaves of others (e.g. virtual docker interfaces)
|
||||
# /UP/!d;
|
||||
# Removes all interfaces which are not UP
|
||||
# s/^[0-9]*: //g;
|
||||
# Removes interface index
|
||||
# s/: <.*//g;
|
||||
# Removes everything after the interface name
|
||||
interfaces="$(ip link show | sed "/ master /d;/UP/!d;s/^[0-9]*: //g;s/: <.*//g;")"
|
||||
|
||||
# If Pi-hole can dig itself from it's IP (not the loopback address)
|
||||
if pihole_dig=$(dig +tries=1 +time=2 -"${protocol}" "${random_url}" @"${pihole_address}" +short "${record_type}"); then
|
||||
# show a success
|
||||
log_write "${TICK} ${random_url} ${COL_GREEN}is ${pihole_dig}${COL_NC} via ${COL_CYAN}Pi-hole${COL_NC} (${pihole_address})"
|
||||
else
|
||||
# Otherwise, show a failure
|
||||
log_write "${CROSS} ${COL_RED}Failed to resolve${COL_NC} ${random_url} via ${COL_RED}Pi-hole${COL_NC} (${pihole_address})"
|
||||
fi
|
||||
while IFS= read -r iface ; do
|
||||
# Get addresses of current interface
|
||||
# sed logic breakdown:
|
||||
# /inet(|6) /!d;
|
||||
# Removes all lines from ip a that do not contain either "inet " or "inet6 "
|
||||
# s/^.*inet(|6) //g;
|
||||
# Removes all leading whitespace as well as the "inet " or "inet6 " string
|
||||
# s/\/.*$//g;
|
||||
# Removes CIDR and everything thereafter (e.g., scope properties)
|
||||
addresses="$(ip address show dev "${iface}" | sed "/${sed_selector} /!d;s/^.*${sed_selector} //g;s/\/.*$//g;")"
|
||||
if [ -n "${addresses}" ]; then
|
||||
while IFS= read -r local_address ; do
|
||||
# Check if Pi-hole can use itself to block a domain
|
||||
if local_dig=$(dig +tries=1 +time=2 -"${protocol}" "${random_url}" @"${local_address}" +short "${record_type}"); then
|
||||
# If it can, show success
|
||||
log_write "${TICK} ${random_url} ${COL_GREEN}is ${local_dig}${COL_NC} on ${COL_CYAN}${iface}${COL_NC} (${COL_CYAN}${local_address}${COL_NC})"
|
||||
else
|
||||
# Otherwise, show a failure
|
||||
log_write "${CROSS} ${COL_RED}Failed to resolve${COL_NC} ${random_url} on ${COL_RED}${iface}${COL_NC} (${COL_RED}${local_address}${COL_NC})"
|
||||
fi
|
||||
done <<< "${addresses}"
|
||||
else
|
||||
log_write "${TICK} No IPv${protocol} address available on ${COL_CYAN}${iface}${COL_NC}"
|
||||
fi
|
||||
done <<< "${interfaces}"
|
||||
|
||||
# Finally, we need to make sure legitimate queries can out to the Internet using an external, public DNS server
|
||||
# We are using the static remote_url here instead of a random one because we know it works with IPv4 and IPv6
|
||||
if remote_dig=$(dig +tries=1 +time=2 -"${protocol}" "${remote_url}" @${remote_address} +short "${record_type}" | head -n1); then
|
||||
if remote_dig=$(dig +tries=1 +time=2 -"${protocol}" "${remote_url}" @"${remote_address}" +short "${record_type}" | head -n1); then
|
||||
# If successful, the real IP of the domain will be returned instead of Pi-hole's IP
|
||||
log_write "${TICK} ${remote_url} ${COL_GREEN}is ${remote_dig}${COL_NC} via ${COL_CYAN}a remote, public DNS server${COL_NC} (${remote_address})"
|
||||
else
|
||||
|
@ -1032,7 +1014,7 @@ parse_file() {
|
|||
local file_lines
|
||||
# For each line in the file,
|
||||
for file_lines in "${file_info[@]}"; do
|
||||
if [[ ! -z "${file_lines}" ]]; then
|
||||
if [[ -n "${file_lines}" ]]; then
|
||||
# don't include the Web password hash
|
||||
[[ "${file_lines}" =~ ^\#.*$ || ! "${file_lines}" || "${file_lines}" == "WEBPASSWORD="* ]] && continue
|
||||
# otherwise, display the lines of the file
|
||||
|
@ -1046,12 +1028,8 @@ parse_file() {
|
|||
check_name_resolution() {
|
||||
# Check name resolution from localhost, Pi-hole's IP, and Google's name severs
|
||||
# using the function we created earlier
|
||||
dig_at 4 "${IPV4_ADDRESS%/*}"
|
||||
# If IPv6 enabled,
|
||||
if [[ "${IPV6_ADDRESS}" ]]; then
|
||||
# check resolution
|
||||
dig_at 6 "${IPV6_ADDRESS%/*}"
|
||||
fi
|
||||
dig_at 4
|
||||
dig_at 6
|
||||
}
|
||||
|
||||
# This function can check a directory exists
|
||||
|
@ -1094,13 +1072,17 @@ list_files_in_dir() {
|
|||
:
|
||||
elif [[ "${dir_to_parse}" == "${SHM_DIRECTORY}" ]]; then
|
||||
# SHM file - we do not want to see the content, but we want to see the files and their sizes
|
||||
log_write "$(ls -ld "${dir_to_parse}"/"${each_file}")"
|
||||
log_write "$(ls -lhd "${dir_to_parse}"/"${each_file}")"
|
||||
elif [[ "${dir_to_parse}" == "${DNSMASQ_D_DIRECTORY}" ]]; then
|
||||
# in case of the dnsmasq directory inlcuede all files in the debug output
|
||||
log_write "\\n${COL_GREEN}$(ls -lhd "${dir_to_parse}"/"${each_file}")${COL_NC}"
|
||||
make_array_from_file "${dir_to_parse}/${each_file}"
|
||||
else
|
||||
# Then, parse the file's content into an array so each line can be analyzed if need be
|
||||
for i in "${!REQUIRED_FILES[@]}"; do
|
||||
if [[ "${dir_to_parse}/${each_file}" == "${REQUIRED_FILES[$i]}" ]]; then
|
||||
# display the filename
|
||||
log_write "\\n${COL_GREEN}$(ls -ld "${dir_to_parse}"/"${each_file}")${COL_NC}"
|
||||
log_write "\\n${COL_GREEN}$(ls -lhd "${dir_to_parse}"/"${each_file}")${COL_NC}"
|
||||
# Check if the file we want to view has a limit (because sometimes we just need a little bit of info from the file, not the entire thing)
|
||||
case "${dir_to_parse}/${each_file}" in
|
||||
# If it's Web server error log, give the first and last 25 lines
|
||||
|
@ -1139,6 +1121,7 @@ show_content_of_pihole_files() {
|
|||
show_content_of_files_in_dir "${WEB_SERVER_LOG_DIRECTORY}"
|
||||
show_content_of_files_in_dir "${LOG_DIRECTORY}"
|
||||
show_content_of_files_in_dir "${SHM_DIRECTORY}"
|
||||
show_content_of_files_in_dir "${ETC}"
|
||||
}
|
||||
|
||||
head_tail_log() {
|
||||
|
@ -1239,11 +1222,11 @@ show_groups() {
|
|||
}
|
||||
|
||||
show_adlists() {
|
||||
show_db_entries "Adlists" "SELECT id,CASE enabled WHEN '0' THEN ' 0' WHEN '1' THEN ' 1' ELSE enabled END enabled,GROUP_CONCAT(adlist_by_group.group_id) group_ids,address,datetime(date_added,'unixepoch','localtime') date_added,datetime(date_modified,'unixepoch','localtime') date_modified,comment FROM adlist LEFT JOIN adlist_by_group ON adlist.id = adlist_by_group.adlist_id GROUP BY id;" "4 7 12 100 19 19 50"
|
||||
show_db_entries "Adlists" "SELECT id,CASE enabled WHEN '0' THEN ' 0' WHEN '1' THEN ' 1' ELSE enabled END enabled,GROUP_CONCAT(adlist_by_group.group_id) group_ids,address,datetime(date_added,'unixepoch','localtime') date_added,datetime(date_modified,'unixepoch','localtime') date_modified,comment FROM adlist LEFT JOIN adlist_by_group ON adlist.id = adlist_by_group.adlist_id GROUP BY id;" "5 7 12 100 19 19 50"
|
||||
}
|
||||
|
||||
show_domainlist() {
|
||||
show_db_entries "Domainlist (0/1 = exact white-/blacklist, 2/3 = regex white-/blacklist)" "SELECT id,CASE type WHEN '0' THEN '0 ' WHEN '1' THEN ' 1 ' WHEN '2' THEN ' 2 ' WHEN '3' THEN ' 3' ELSE type END type,CASE enabled WHEN '0' THEN ' 0' WHEN '1' THEN ' 1' ELSE enabled END enabled,GROUP_CONCAT(domainlist_by_group.group_id) group_ids,domain,datetime(date_added,'unixepoch','localtime') date_added,datetime(date_modified,'unixepoch','localtime') date_modified,comment FROM domainlist LEFT JOIN domainlist_by_group ON domainlist.id = domainlist_by_group.domainlist_id GROUP BY id;" "4 4 7 12 100 19 19 50"
|
||||
show_db_entries "Domainlist (0/1 = exact white-/blacklist, 2/3 = regex white-/blacklist)" "SELECT id,CASE type WHEN '0' THEN '0 ' WHEN '1' THEN ' 1 ' WHEN '2' THEN ' 2 ' WHEN '3' THEN ' 3' ELSE type END type,CASE enabled WHEN '0' THEN ' 0' WHEN '1' THEN ' 1' ELSE enabled END enabled,GROUP_CONCAT(domainlist_by_group.group_id) group_ids,domain,datetime(date_added,'unixepoch','localtime') date_added,datetime(date_modified,'unixepoch','localtime') date_modified,comment FROM domainlist LEFT JOIN domainlist_by_group ON domainlist.id = domainlist_by_group.domainlist_id GROUP BY id;" "5 4 7 12 100 19 19 50"
|
||||
}
|
||||
|
||||
show_clients() {
|
||||
|
@ -1281,77 +1264,88 @@ analyze_gravity_list() {
|
|||
IFS="$OLD_IFS"
|
||||
}
|
||||
|
||||
analyze_pihole_log() {
|
||||
echo_current_diagnostic "Pi-hole log"
|
||||
local head_line
|
||||
# Put the current Internal Field Separator into another variable so it can be restored later
|
||||
OLD_IFS="$IFS"
|
||||
# Get the lines that are in the file(s) and store them in an array for parsing later
|
||||
IFS=$'\r\n'
|
||||
local pihole_log_permissions
|
||||
pihole_log_permissions=$(ls -ld "${PIHOLE_LOG}")
|
||||
log_write "${COL_GREEN}${pihole_log_permissions}${COL_NC}"
|
||||
local pihole_log_head=()
|
||||
mapfile -t pihole_log_head < <(head -n 20 ${PIHOLE_LOG})
|
||||
log_write " ${COL_CYAN}-----head of $(basename ${PIHOLE_LOG})------${COL_NC}"
|
||||
local error_to_check_for
|
||||
local line_to_obfuscate
|
||||
local obfuscated_line
|
||||
for head_line in "${pihole_log_head[@]}"; do
|
||||
# A common error in the pihole.log is when there is a non-hosts formatted file
|
||||
# that the DNS server is attempting to read. Since it's not formatted
|
||||
# correctly, there will be an entry for "bad address at line n"
|
||||
# So we can check for that here and highlight it in red so the user can see it easily
|
||||
error_to_check_for=$(echo "${head_line}" | grep 'bad address at')
|
||||
# Some users may not want to have the domains they visit sent to us
|
||||
# To that end, we check for lines in the log that would contain a domain name
|
||||
line_to_obfuscate=$(echo "${head_line}" | grep ': query\|: forwarded\|: reply')
|
||||
# If the variable contains a value, it found an error in the log
|
||||
if [[ -n ${error_to_check_for} ]]; then
|
||||
# So we can print it in red to make it visible to the user
|
||||
log_write " ${CROSS} ${COL_RED}${head_line}${COL_NC} (${FAQ_BAD_ADDRESS})"
|
||||
else
|
||||
# If the variable does not a value (the current default behavior), so do not obfuscate anything
|
||||
if [[ -z ${OBFUSCATE} ]]; then
|
||||
log_write " ${head_line}"
|
||||
# Othwerise, a flag was passed to this command to obfuscate domains in the log
|
||||
else
|
||||
# So first check if there are domains in the log that should be obfuscated
|
||||
if [[ -n ${line_to_obfuscate} ]]; then
|
||||
# If there are, we need to use awk to replace only the domain name (the 6th field in the log)
|
||||
# so we substitute the domain for the placeholder value
|
||||
obfuscated_line=$(echo "${line_to_obfuscate}" | awk -v placeholder="${OBFUSCATED_PLACEHOLDER}" '{sub($6,placeholder); print $0}')
|
||||
log_write " ${obfuscated_line}"
|
||||
else
|
||||
log_write " ${head_line}"
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
done
|
||||
log_write ""
|
||||
# Set the IFS back to what it was
|
||||
IFS="$OLD_IFS"
|
||||
obfuscated_pihole_log() {
|
||||
local pihole_log=("$@")
|
||||
local line
|
||||
local error_to_check_for
|
||||
local line_to_obfuscate
|
||||
local obfuscated_line
|
||||
for line in "${pihole_log[@]}"; do
|
||||
# A common error in the pihole.log is when there is a non-hosts formatted file
|
||||
# that the DNS server is attempting to read. Since it's not formatted
|
||||
# correctly, there will be an entry for "bad address at line n"
|
||||
# So we can check for that here and highlight it in red so the user can see it easily
|
||||
error_to_check_for=$(echo "${line}" | grep 'bad address at')
|
||||
# Some users may not want to have the domains they visit sent to us
|
||||
# To that end, we check for lines in the log that would contain a domain name
|
||||
line_to_obfuscate=$(echo "${line}" | grep ': query\|: forwarded\|: reply')
|
||||
# If the variable contains a value, it found an error in the log
|
||||
if [[ -n ${error_to_check_for} ]]; then
|
||||
# So we can print it in red to make it visible to the user
|
||||
log_write " ${CROSS} ${COL_RED}${line}${COL_NC} (${FAQ_BAD_ADDRESS})"
|
||||
else
|
||||
# If the variable does not a value (the current default behavior), so do not obfuscate anything
|
||||
if [[ -z ${OBFUSCATE} ]]; then
|
||||
log_write " ${line}"
|
||||
# Othwerise, a flag was passed to this command to obfuscate domains in the log
|
||||
else
|
||||
# So first check if there are domains in the log that should be obfuscated
|
||||
if [[ -n ${line_to_obfuscate} ]]; then
|
||||
# If there are, we need to use awk to replace only the domain name (the 6th field in the log)
|
||||
# so we substitute the domain for the placeholder value
|
||||
obfuscated_line=$(echo "${line_to_obfuscate}" | awk -v placeholder="${OBFUSCATED_PLACEHOLDER}" '{sub($6,placeholder); print $0}')
|
||||
log_write " ${obfuscated_line}"
|
||||
else
|
||||
log_write " ${line}"
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
tricorder_use_nc_or_curl() {
|
||||
# Users can submit their debug logs using nc (unencrypted) or curl (encrypted) if available
|
||||
# Check for curl first since encryption is a good thing
|
||||
if command -v curl &> /dev/null; then
|
||||
# If the command exists,
|
||||
log_write " * Using ${COL_GREEN}curl${COL_NC} for transmission."
|
||||
# transmit he log via TLS and store the token returned in a variable
|
||||
tricorder_token=$(curl --silent --upload-file ${PIHOLE_DEBUG_LOG} https://tricorder.pi-hole.net:${TRICORDER_SSL_PORT_NUMBER})
|
||||
if [ -z "${tricorder_token}" ]; then
|
||||
# curl failed, fallback to nc
|
||||
log_write " * ${COL_GREEN}curl${COL_NC} failed, falling back to ${COL_YELLOW}netcat${COL_NC} for transmission."
|
||||
tricorder_token=$(< ${PIHOLE_DEBUG_LOG} nc tricorder.pi-hole.net ${TRICORDER_NC_PORT_NUMBER})
|
||||
analyze_pihole_log() {
|
||||
echo_current_diagnostic "Pi-hole log"
|
||||
local pihole_log_head=()
|
||||
local pihole_log_tail=()
|
||||
local pihole_log_permissions
|
||||
local logging_enabled
|
||||
|
||||
logging_enabled=$(grep -c "^log-queries" /etc/dnsmasq.d/01-pihole.conf)
|
||||
if [[ "${logging_enabled}" == "0" ]]; then
|
||||
# Inform user that logging has been disabled and pihole.log does not contain queries
|
||||
log_write "${INFO} Query logging is disabled"
|
||||
log_write ""
|
||||
fi
|
||||
# Put the current Internal Field Separator into another variable so it can be restored later
|
||||
OLD_IFS="$IFS"
|
||||
# Get the lines that are in the file(s) and store them in an array for parsing later
|
||||
IFS=$'\r\n'
|
||||
pihole_log_permissions=$(ls -ld "${PIHOLE_LOG}")
|
||||
log_write "${COL_GREEN}${pihole_log_permissions}${COL_NC}"
|
||||
mapfile -t pihole_log_head < <(head -n 20 ${PIHOLE_LOG})
|
||||
log_write " ${COL_CYAN}-----head of $(basename ${PIHOLE_LOG})------${COL_NC}"
|
||||
obfuscated_pihole_log "${pihole_log_head[@]}"
|
||||
log_write ""
|
||||
mapfile -t pihole_log_tail < <(tail -n 20 ${PIHOLE_LOG})
|
||||
log_write " ${COL_CYAN}-----tail of $(basename ${PIHOLE_LOG})------${COL_NC}"
|
||||
obfuscated_pihole_log "${pihole_log_tail[@]}"
|
||||
log_write ""
|
||||
# Set the IFS back to what it was
|
||||
IFS="$OLD_IFS"
|
||||
}
|
||||
|
||||
curl_to_tricorder() {
|
||||
# Users can submit their debug logs using curl (encrypted)
|
||||
log_write " * Using ${COL_GREEN}curl${COL_NC} for transmission."
|
||||
# transmit the log via TLS and store the token returned in a variable
|
||||
tricorder_token=$(curl --silent --fail --show-error --upload-file ${PIHOLE_DEBUG_LOG} https://tricorder.pi-hole.net 2>&1)
|
||||
if [[ "${tricorder_token}" != "https://tricorder.pi-hole.net/"* ]]; then
|
||||
log_write " * ${COL_GREEN}curl${COL_NC} failed, contact Pi-hole support for assistance."
|
||||
# Log curl error (if available)
|
||||
if [ -n "${tricorder_token}" ]; then
|
||||
log_write " * Error message: ${COL_RED}${tricorder_token}${COL_NC}\\n"
|
||||
tricorder_token=""
|
||||
fi
|
||||
# Otherwise,
|
||||
else
|
||||
# use net cat
|
||||
log_write "${INFO} Using ${COL_YELLOW}netcat${COL_NC} for transmission."
|
||||
# Save the token returned by our server in a variable
|
||||
tricorder_token=$(< ${PIHOLE_DEBUG_LOG} nc tricorder.pi-hole.net ${TRICORDER_NC_PORT_NUMBER})
|
||||
fi
|
||||
}
|
||||
|
||||
|
@ -1370,14 +1364,13 @@ upload_to_tricorder() {
|
|||
|
||||
# Provide information on what they should do with their token
|
||||
log_write " * The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only."
|
||||
log_write " * For more information, see: ${TRICORDER_CONTEST}"
|
||||
log_write " * If available, we'll use openssl to upload the log, otherwise it will fall back to netcat."
|
||||
|
||||
# If pihole -d is running automatically (usually through the dashboard)
|
||||
if [[ "${AUTOMATED}" ]]; then
|
||||
# let the user know
|
||||
log_write "${INFO} Debug script running in automated mode"
|
||||
# and then decide again which tool to use to submit it
|
||||
tricorder_use_nc_or_curl
|
||||
curl_to_tricorder
|
||||
# If we're not running in automated mode,
|
||||
else
|
||||
echo ""
|
||||
|
@ -1386,7 +1379,7 @@ upload_to_tricorder() {
|
|||
read -r -p "[?] Would you like to upload the log? [y/N] " response
|
||||
case ${response} in
|
||||
# If they say yes, run our function for uploading the log
|
||||
[yY][eE][sS]|[yY]) tricorder_use_nc_or_curl;;
|
||||
[yY][eE][sS]|[yY]) curl_to_tricorder;;
|
||||
# If they choose no, just exit out of the script
|
||||
*) log_write " * Log will ${COL_GREEN}NOT${COL_NC} be uploaded to tricorder.\\n * A local copy of the debug log can be found at: ${COL_CYAN}${PIHOLE_DEBUG_LOG}${COL_NC}\\n";exit;
|
||||
esac
|
||||
|
@ -1397,15 +1390,15 @@ upload_to_tricorder() {
|
|||
# Again, try to make this visually striking so the user realizes they need to do something with this information
|
||||
# Namely, provide the Pi-hole devs with the token
|
||||
log_write ""
|
||||
log_write "${COL_PURPLE}***********************************${COL_NC}"
|
||||
log_write "${COL_PURPLE}***********************************${COL_NC}"
|
||||
log_write "${COL_PURPLE}*****************************************************************${COL_NC}"
|
||||
log_write "${COL_PURPLE}*****************************************************************${COL_NC}\\n"
|
||||
log_write "${TICK} Your debug token is: ${COL_GREEN}${tricorder_token}${COL_NC}"
|
||||
log_write "${COL_PURPLE}***********************************${COL_NC}"
|
||||
log_write "${COL_PURPLE}***********************************${COL_NC}"
|
||||
log_write "${INFO}${COL_RED} Logs are deleted 48 hours after upload.${COL_NC}\\n"
|
||||
log_write "${COL_PURPLE}*****************************************************************${COL_NC}"
|
||||
log_write "${COL_PURPLE}*****************************************************************${COL_NC}"
|
||||
log_write ""
|
||||
log_write " * Provide the token above to the Pi-hole team for assistance at"
|
||||
log_write " * ${FORUMS_URL}"
|
||||
log_write " * Your log will self-destruct on our server after ${COL_RED}48 hours${COL_NC}."
|
||||
log_write " * Provide the token above to the Pi-hole team for assistance at ${FORUMS_URL}"
|
||||
|
||||
# If no token was generated
|
||||
else
|
||||
# Show an error and some help instructions
|
||||
|
|
|
@ -11,6 +11,11 @@
|
|||
colfile="/opt/pihole/COL_TABLE"
|
||||
source ${colfile}
|
||||
|
||||
# In case we're running at the same time as a system logrotate, use a
|
||||
# separate logrotate state file to prevent stepping on each other's
|
||||
# toes.
|
||||
STATEFILE="/var/lib/logrotate/pihole"
|
||||
|
||||
# Determine database location
|
||||
# Obtain DBFILE=... setting from pihole-FTL.db
|
||||
# Constructed to return nothing when
|
||||
|
@ -32,7 +37,7 @@ if [[ "$@" == *"once"* ]]; then
|
|||
# Nightly logrotation
|
||||
if command -v /usr/sbin/logrotate >/dev/null; then
|
||||
# Logrotate once
|
||||
/usr/sbin/logrotate --force /etc/pihole/logrotate
|
||||
/usr/sbin/logrotate --force --state "${STATEFILE}" /etc/pihole/logrotate
|
||||
else
|
||||
# Copy pihole.log over to pihole.log.1
|
||||
# and empty out pihole.log
|
||||
|
@ -47,8 +52,8 @@ else
|
|||
# Manual flushing
|
||||
if command -v /usr/sbin/logrotate >/dev/null; then
|
||||
# Logrotate twice to move all data out of sight of FTL
|
||||
/usr/sbin/logrotate --force /etc/pihole/logrotate; sleep 3
|
||||
/usr/sbin/logrotate --force /etc/pihole/logrotate
|
||||
/usr/sbin/logrotate --force --state "${STATEFILE}" /etc/pihole/logrotate; sleep 3
|
||||
/usr/sbin/logrotate --force --state "${STATEFILE}" /etc/pihole/logrotate
|
||||
else
|
||||
# Flush both pihole.log and pihole.log.1 (if existing)
|
||||
echo " " > /var/log/pihole.log
|
||||
|
|
|
@ -153,7 +153,7 @@ versionOutput() {
|
|||
if [[ -n "$current" ]] && [[ -n "$latest" ]]; then
|
||||
output="${1^} version is $branch$current (Latest: $latest)"
|
||||
elif [[ -n "$current" ]] && [[ -z "$latest" ]]; then
|
||||
output="Current ${1^} version is $branch$current."
|
||||
output="Current ${1^} version is $branch$current"
|
||||
elif [[ -z "$current" ]] && [[ -n "$latest" ]]; then
|
||||
output="Latest ${1^} version is $latest"
|
||||
elif [[ "$curHash" == "N/A" ]] || [[ "$latHash" == "N/A" ]]; then
|
||||
|
|
|
@ -44,7 +44,8 @@ Options:
|
|||
-e, email Set an administrative contact address for the Block Page
|
||||
-h, --help Show this help dialog
|
||||
-i, interface Specify dnsmasq's interface listening behavior
|
||||
-l, privacylevel Set privacy level (0 = lowest, 3 = highest)"
|
||||
-l, privacylevel Set privacy level (0 = lowest, 3 = highest)
|
||||
-t, teleporter Backup configuration as an archive"
|
||||
exit 0
|
||||
}
|
||||
|
||||
|
@ -53,7 +54,7 @@ add_setting() {
|
|||
}
|
||||
|
||||
delete_setting() {
|
||||
sed -i "/${1}/d" "${setupVars}"
|
||||
sed -i "/^${1}/d" "${setupVars}"
|
||||
}
|
||||
|
||||
change_setting() {
|
||||
|
@ -66,7 +67,7 @@ addFTLsetting() {
|
|||
}
|
||||
|
||||
deleteFTLsetting() {
|
||||
sed -i "/${1}/d" "${FTLconf}"
|
||||
sed -i "/^${1}/d" "${FTLconf}"
|
||||
}
|
||||
|
||||
changeFTLsetting() {
|
||||
|
@ -83,7 +84,7 @@ add_dnsmasq_setting() {
|
|||
}
|
||||
|
||||
delete_dnsmasq_setting() {
|
||||
sed -i "/${1}/d" "${dnsmasqconfig}"
|
||||
sed -i "/^${1}/d" "${dnsmasqconfig}"
|
||||
}
|
||||
|
||||
SetTemperatureUnit() {
|
||||
|
@ -266,17 +267,22 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423
|
|||
delete_setting "CONDITIONAL_FORWARDING_IP"
|
||||
fi
|
||||
|
||||
delete_dnsmasq_setting "rev-server"
|
||||
|
||||
if [[ "${REV_SERVER}" == true ]]; then
|
||||
add_dnsmasq_setting "rev-server=${REV_SERVER_CIDR},${REV_SERVER_TARGET}"
|
||||
if [ -n "${REV_SERVER_DOMAIN}" ]; then
|
||||
# Forward local domain names to the CF target, too
|
||||
add_dnsmasq_setting "server=/${REV_SERVER_DOMAIN}/${REV_SERVER_TARGET}"
|
||||
fi
|
||||
fi
|
||||
|
||||
# Prevent Firefox from automatically switching over to DNS-over-HTTPS
|
||||
# This follows https://support.mozilla.org/en-US/kb/configuring-networks-disable-dns-over-https
|
||||
# (sourced 7th September 2019)
|
||||
add_dnsmasq_setting "server=/use-application-dns.net/"
|
||||
if [[ "${DNS_FQDN_REQUIRED}" != true ]]; then
|
||||
# Forward unqualified names to the CF target only when the "never
|
||||
# forward non-FQDN" option is unticked
|
||||
add_dnsmasq_setting "server=//${REV_SERVER_TARGET}"
|
||||
fi
|
||||
|
||||
fi
|
||||
|
||||
# We need to process DHCP settings here as well to account for possible
|
||||
# changes in the non-FQDN forwarding. This cannot be done in 01-pihole.conf
|
||||
|
@ -426,7 +432,7 @@ dhcp-leasefile=/etc/pihole/dhcp.leases
|
|||
echo "#quiet-dhcp6
|
||||
#enable-ra
|
||||
dhcp-option=option6:dns-server,[::]
|
||||
dhcp-range=::100,::1ff,constructor:${interface},ra-names,slaac,${leasetime}
|
||||
dhcp-range=::100,::1ff,constructor:${interface},ra-names,slaac,64,3600
|
||||
ra-param=*,0,0
|
||||
" >> "${dhcpconfig}"
|
||||
fi
|
||||
|
@ -716,7 +722,7 @@ RemoveCustomDNSAddress() {
|
|||
host="${args[3]}"
|
||||
|
||||
if valid_ip "${ip}" || valid_ip6 "${ip}" ; then
|
||||
sed -i "/${ip} ${host}/d" "${dnscustomfile}"
|
||||
sed -i "/^${ip} ${host}$/d" "${dnscustomfile}"
|
||||
else
|
||||
echo -e " ${CROSS} Invalid IP has been passed"
|
||||
exit 1
|
||||
|
@ -748,7 +754,7 @@ RemoveCustomCNAMERecord() {
|
|||
if [[ -n "${validDomain}" ]]; then
|
||||
validTarget="$(checkDomain "${target}")"
|
||||
if [[ -n "${validDomain}" ]]; then
|
||||
sed -i "/cname=${validDomain},${validTarget}/d" "${dnscustomcnamefile}"
|
||||
sed -i "/cname=${validDomain},${validTarget}$/d" "${dnscustomcnamefile}"
|
||||
else
|
||||
echo " ${CROSS} Invalid Target Passed!"
|
||||
exit 1
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
#!/usr/bin/env bash
|
||||
#!/usr/bin/env sh
|
||||
### BEGIN INIT INFO
|
||||
# Provides: pihole-FTL
|
||||
# Required-Start: $remote_fs $syslog $network
|
||||
|
@ -9,11 +9,8 @@
|
|||
# Description: Enable service provided by pihole-FTL daemon
|
||||
### END INIT INFO
|
||||
|
||||
FTLUSER=pihole
|
||||
PIDFILE=/run/pihole-FTL.pid
|
||||
|
||||
is_running() {
|
||||
pgrep -o "pihole-FTL" > /dev/null 2>&1
|
||||
pgrep -xo "pihole-FTL" > /dev/null
|
||||
}
|
||||
|
||||
|
||||
|
@ -23,27 +20,18 @@ start() {
|
|||
echo "pihole-FTL is already running"
|
||||
else
|
||||
# Touch files to ensure they exist (create if non-existing, preserve if existing)
|
||||
touch /var/log/pihole-FTL.log /var/log/pihole.log
|
||||
touch /run/pihole-FTL.pid /run/pihole-FTL.port
|
||||
touch /etc/pihole/dhcp.leases
|
||||
mkdir -p /run/pihole
|
||||
mkdir -p /var/log/pihole
|
||||
chown pihole:pihole /run/pihole /var/log/pihole
|
||||
# Remove possible leftovers from previous pihole-FTL processes
|
||||
rm -f /dev/shm/FTL-* 2> /dev/null
|
||||
rm /run/pihole/FTL.sock 2> /dev/null
|
||||
mkdir -pm 0755 /run/pihole
|
||||
touch /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases
|
||||
# Ensure that permissions are set so that pihole-FTL can edit all necessary files
|
||||
chown pihole:pihole /run/pihole-FTL.pid /run/pihole-FTL.port
|
||||
chown pihole:pihole /etc/pihole /etc/pihole/dhcp.leases 2> /dev/null
|
||||
chown pihole:pihole /var/log/pihole-FTL.log /var/log/pihole.log
|
||||
chmod 0644 /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole.log
|
||||
chown pihole:pihole /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases /run/pihole /etc/pihole
|
||||
chmod 0644 /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases /etc/pihole/macvendor.db
|
||||
# Chown database files to the user FTL runs as. We ignore errors as the files may not (yet) exist
|
||||
chown pihole:pihole /etc/pihole/pihole-FTL.db /etc/pihole/gravity.db 2> /dev/null
|
||||
if setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN,CAP_SYS_NICE+eip "$(which pihole-FTL)"; then
|
||||
su -s /bin/sh -c "/usr/bin/pihole-FTL" "$FTLUSER"
|
||||
chown -f pihole:pihole /etc/pihole/pihole-FTL.db /etc/pihole/gravity.db /etc/pihole/macvendor.db
|
||||
if setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN,CAP_SYS_NICE,CAP_IPC_LOCK,CAP_CHOWN+eip "/usr/bin/pihole-FTL"; then
|
||||
su -s /bin/sh -c "/usr/bin/pihole-FTL" pihole
|
||||
else
|
||||
echo "Warning: Starting pihole-FTL as root because setting capabilities is not supported on this system"
|
||||
pihole-FTL
|
||||
/usr/bin/pihole-FTL
|
||||
fi
|
||||
echo
|
||||
fi
|
||||
|
@ -52,20 +40,20 @@ start() {
|
|||
# Stop the service
|
||||
stop() {
|
||||
if is_running; then
|
||||
pkill -o pihole-FTL
|
||||
for i in {1..5}; do
|
||||
pkill -xo "pihole-FTL"
|
||||
for i in 1 2 3 4 5; do
|
||||
if ! is_running; then
|
||||
break
|
||||
fi
|
||||
|
||||
echo -n "."
|
||||
printf "."
|
||||
sleep 1
|
||||
done
|
||||
echo
|
||||
|
||||
if is_running; then
|
||||
echo "Not stopped; may still be shutting down or shutdown may have failed, killing now"
|
||||
pkill -o -9 pihole-FTL
|
||||
pkill -xo -9 "pihole-FTL"
|
||||
exit 1
|
||||
else
|
||||
echo "Stopped"
|
||||
|
@ -73,6 +61,8 @@ stop() {
|
|||
else
|
||||
echo "Not running"
|
||||
fi
|
||||
# Cleanup
|
||||
rm -f /run/pihole/FTL.sock /dev/shm/FTL-*
|
||||
echo
|
||||
}
|
||||
|
||||
|
@ -101,7 +91,7 @@ case "$1" in
|
|||
start
|
||||
;;
|
||||
*)
|
||||
echo $"Usage: $0 {start|stop|restart|reload|status}"
|
||||
echo "Usage: $0 {start|stop|restart|reload|status}"
|
||||
exit 1
|
||||
esac
|
||||
|
||||
|
|
|
@ -26,7 +26,7 @@
|
|||
# parameter "quiet": don't print messages
|
||||
00 00 * * * root PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole flush once quiet
|
||||
|
||||
@reboot root /usr/sbin/logrotate /etc/pihole/logrotate
|
||||
@reboot root /usr/sbin/logrotate --state /var/lib/logrotate/pihole /etc/pihole/logrotate
|
||||
|
||||
# Pi-hole: Grab local version and branch every 10 minutes
|
||||
*/10 * * * * root PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updatechecker local
|
||||
|
|
|
@ -73,12 +73,12 @@ if ($serverName === "pi.hole"
|
|||
<meta charset='utf-8'>
|
||||
$viewPort
|
||||
<title>● $serverName</title>
|
||||
<link rel='stylesheet' href='pihole/blockingpage.css'>
|
||||
<link rel='shortcut icon' href='admin/img/favicons/favicon.ico' type='image/x-icon'>
|
||||
<link rel='stylesheet' href='/pihole/blockingpage.css'>
|
||||
<link rel='shortcut icon' href='/admin/img/favicons/favicon.ico' type='image/x-icon'>
|
||||
</head>
|
||||
<body id='splashpage'>
|
||||
<div id="pihole_card">
|
||||
<img src='admin/img/logo.svg' alt='Pi-hole logo' id="pihole_logo_splash" />
|
||||
<img src='/admin/img/logo.svg' alt='Pi-hole logo' id="pihole_logo_splash" />
|
||||
<p>Pi-<strong>hole</strong>: Your black hole for Internet advertisements</p>
|
||||
<a href='/admin'>Did you mean to go to the admin panel?</a>
|
||||
</div>
|
||||
|
|
|
@ -20,7 +20,6 @@ server.modules = (
|
|||
"mod_accesslog",
|
||||
"mod_auth",
|
||||
"mod_expire",
|
||||
"mod_compress",
|
||||
"mod_redirect",
|
||||
"mod_setenv",
|
||||
"mod_rewrite"
|
||||
|
@ -41,26 +40,6 @@ index-file.names = ( "index.php", "index.html", "index.lighttpd.html"
|
|||
url.access-deny = ( "~", ".inc", ".md", ".yml", ".ini" )
|
||||
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
|
||||
|
||||
compress.cache-dir = "/var/cache/lighttpd/compress/"
|
||||
compress.filetype = (
|
||||
"application/json",
|
||||
"application/vnd.ms-fontobject",
|
||||
"application/xml",
|
||||
"font/eot",
|
||||
"font/opentype",
|
||||
"font/otf",
|
||||
"font/ttf",
|
||||
"image/bmp",
|
||||
"image/svg+xml",
|
||||
"image/vnd.microsoft.icon",
|
||||
"image/x-icon",
|
||||
"text/css",
|
||||
"text/html",
|
||||
"text/javascript",
|
||||
"text/plain",
|
||||
"text/xml"
|
||||
)
|
||||
|
||||
mimetype.assign = (
|
||||
".ico" => "image/x-icon",
|
||||
".jpeg" => "image/jpeg",
|
||||
|
@ -99,11 +78,6 @@ $HTTP["url"] =~ "^/admin/" {
|
|||
"X-Pi-hole" => "The Pi-hole Web interface is working!",
|
||||
"X-Frame-Options" => "DENY"
|
||||
)
|
||||
|
||||
$HTTP["url"] =~ "\.(eot|otf|tt[cf]|woff2?)$" {
|
||||
# Allow Block Page access to local fonts
|
||||
setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
|
||||
}
|
||||
}
|
||||
|
||||
# Block . files from being served, such as .git, .github, .gitignore
|
||||
|
|
|
@ -21,7 +21,6 @@ server.modules = (
|
|||
"mod_expire",
|
||||
"mod_fastcgi",
|
||||
"mod_accesslog",
|
||||
"mod_compress",
|
||||
"mod_redirect",
|
||||
"mod_setenv",
|
||||
"mod_rewrite"
|
||||
|
@ -42,26 +41,6 @@ index-file.names = ( "index.php", "index.html", "index.lighttpd.html"
|
|||
url.access-deny = ( "~", ".inc", ".md", ".yml", ".ini" )
|
||||
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
|
||||
|
||||
compress.cache-dir = "/var/cache/lighttpd/compress/"
|
||||
compress.filetype = (
|
||||
"application/json",
|
||||
"application/vnd.ms-fontobject",
|
||||
"application/xml",
|
||||
"font/eot",
|
||||
"font/opentype",
|
||||
"font/otf",
|
||||
"font/ttf",
|
||||
"image/bmp",
|
||||
"image/svg+xml",
|
||||
"image/vnd.microsoft.icon",
|
||||
"image/x-icon",
|
||||
"text/css",
|
||||
"text/html",
|
||||
"text/javascript",
|
||||
"text/plain",
|
||||
"text/xml"
|
||||
)
|
||||
|
||||
mimetype.assign = (
|
||||
".ico" => "image/x-icon",
|
||||
".jpeg" => "image/jpeg",
|
||||
|
@ -107,11 +86,6 @@ $HTTP["url"] =~ "^/admin/" {
|
|||
"X-Pi-hole" => "The Pi-hole Web interface is working!",
|
||||
"X-Frame-Options" => "DENY"
|
||||
)
|
||||
|
||||
$HTTP["url"] =~ "\.(eot|otf|tt[cf]|woff2?)$" {
|
||||
# Allow Block Page access to local fonts
|
||||
setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
|
||||
}
|
||||
}
|
||||
|
||||
# Block . files from being served, such as .git, .github, .gitignore
|
||||
|
|
|
@ -94,24 +94,9 @@ if [ -z "${USER}" ]; then
|
|||
USER="$(id -un)"
|
||||
fi
|
||||
|
||||
|
||||
# Check if we are running on a real terminal and find the rows and columns
|
||||
# If there is no real terminal, we will default to 80x24
|
||||
if [ -t 0 ] ; then
|
||||
screen_size=$(stty size)
|
||||
else
|
||||
screen_size="24 80"
|
||||
fi
|
||||
# Determine terminal rows and columns by parsing screen_size
|
||||
printf -v rows '%d' "${screen_size%% *}"
|
||||
printf -v columns '%d' "${screen_size##* }"
|
||||
|
||||
# Divide by two so the dialogs take up half of the screen, which looks nice.
|
||||
r=$(( rows / 2 ))
|
||||
c=$(( columns / 2 ))
|
||||
# Unless the screen is tiny
|
||||
r=$(( r < 20 ? 20 : r ))
|
||||
c=$(( c < 70 ? 70 : c ))
|
||||
# whiptail dialog dimensions: 20 rows and 70 chars width assures to fit on small screens and is known to hold all content.
|
||||
r=20
|
||||
c=70
|
||||
|
||||
######## Undocumented Flags. Shhh ########
|
||||
# These are undocumented flags; some of which we can use when repairing an installation
|
||||
|
@ -186,12 +171,12 @@ os_check() {
|
|||
# This function gets a list of supported OS versions from a TXT record at versions.pi-hole.net
|
||||
# and determines whether or not the script is running on one of those systems
|
||||
local remote_os_domain valid_os valid_version valid_response detected_os detected_version display_warning cmdResult digReturnCode response
|
||||
remote_os_domain="versions.pi-hole.net"
|
||||
remote_os_domain=${OS_CHECK_DOMAIN_NAME:-"versions.pi-hole.net"}
|
||||
|
||||
detected_os=$(grep "\bID\b" /etc/os-release | cut -d '=' -f2 | tr -d '"')
|
||||
detected_version=$(grep VERSION_ID /etc/os-release | cut -d '=' -f2 | tr -d '"')
|
||||
|
||||
cmdResult="$(dig +short -t txt ${remote_os_domain} @ns1.pi-hole.net 2>&1; echo $?)"
|
||||
cmdResult="$(dig +short -t txt "${remote_os_domain}" @ns1.pi-hole.net 2>&1; echo $?)"
|
||||
# Gets the return code of the previous command (last line)
|
||||
digReturnCode="${cmdResult##*$'\n'}"
|
||||
|
||||
|
@ -276,7 +261,7 @@ os_check() {
|
|||
}
|
||||
|
||||
# Compatibility
|
||||
distro_check() {
|
||||
package_manager_detect() {
|
||||
# If apt-get is installed, then we know it's part of the Debian family
|
||||
if is_command apt-get ; then
|
||||
# Set some global variables here
|
||||
|
@ -288,21 +273,6 @@ if is_command apt-get ; then
|
|||
PKG_INSTALL=("${PKG_MANAGER}" -qq --no-install-recommends install)
|
||||
# grep -c will return 1 if there are no matches. This is an acceptable condition, so we OR TRUE to prevent set -e exiting the script.
|
||||
PKG_COUNT="${PKG_MANAGER} -s -o Debug::NoLocking=true upgrade | grep -c ^Inst || true"
|
||||
# Some distros vary slightly so these fixes for dependencies may apply
|
||||
# on Ubuntu 18.04.1 LTS we need to add the universe repository to gain access to dhcpcd5
|
||||
APT_SOURCES="/etc/apt/sources.list"
|
||||
if awk 'BEGIN{a=1;b=0}/bionic main/{a=0}/bionic.*universe/{b=1}END{exit a + b}' ${APT_SOURCES}; then
|
||||
if ! whiptail --defaultno --title "Dependencies Require Update to Allowed Repositories" --yesno "Would you like to enable 'universe' repository?\\n\\nThis repository is required by the following packages:\\n\\n- dhcpcd5" "${r}" "${c}"; then
|
||||
printf " %b Aborting installation: Dependencies could not be installed.\\n" "${CROSS}"
|
||||
exit 1
|
||||
else
|
||||
printf " %b Enabling universe package repository for Ubuntu Bionic\\n" "${INFO}"
|
||||
cp -p ${APT_SOURCES} ${APT_SOURCES}.backup # Backup current repo list
|
||||
printf " %b Backed up current configuration to %s\\n" "${TICK}" "${APT_SOURCES}.backup"
|
||||
add-apt-repository universe
|
||||
printf " %b Enabled %s\\n" "${TICK}" "'universe' repository"
|
||||
fi
|
||||
fi
|
||||
# Update package cache. This is required already here to assure apt-cache calls have package lists available.
|
||||
update_package_cache || exit 1
|
||||
# Debian 7 doesn't have iproute2 so check if it's available first
|
||||
|
@ -354,13 +324,19 @@ if is_command apt-get ; then
|
|||
printf " %b Aborting installation: No SQLite PHP module was found in APT repository.\\n" "${CROSS}"
|
||||
exit 1
|
||||
fi
|
||||
# Packages required to perfom the os_check (stored as an array)
|
||||
OS_CHECK_DEPS=(grep dnsutils)
|
||||
# Packages required to run this install script (stored as an array)
|
||||
INSTALLER_DEPS=(dhcpcd5 git "${iproute_pkg}" whiptail dnsutils)
|
||||
INSTALLER_DEPS=(git "${iproute_pkg}" whiptail)
|
||||
# Packages required to run Pi-hole (stored as an array)
|
||||
PIHOLE_DEPS=(cron curl iputils-ping lsof netcat psmisc sudo unzip wget idn2 sqlite3 libcap2-bin dns-root-data libcap2)
|
||||
PIHOLE_DEPS=(cron curl iputils-ping lsof netcat psmisc sudo unzip idn2 sqlite3 libcap2-bin dns-root-data libcap2)
|
||||
# Packages required for the Web admin interface (stored as an array)
|
||||
# It's useful to separate this from Pi-hole, since the two repos are also setup separately
|
||||
PIHOLE_WEB_DEPS=(lighttpd "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-${phpSqlite}" "${phpVer}-xml" "${phpVer}-json" "${phpVer}-intl")
|
||||
PIHOLE_WEB_DEPS=(lighttpd "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-${phpSqlite}" "${phpVer}-xml" "${phpVer}-intl")
|
||||
# Prior to PHP8.0, JSON functionality is provided as dedicated module, required by Pi-hole AdminLTE: https://www.php.net/manual/json.installation.php
|
||||
if [[ "${phpInsNewer}" != true || "${phpInsMajor}" -lt 8 ]]; then
|
||||
PIHOLE_WEB_DEPS+=("${phpVer}-json")
|
||||
fi
|
||||
# The Web server user,
|
||||
LIGHTTPD_USER="www-data"
|
||||
# group,
|
||||
|
@ -396,7 +372,8 @@ elif is_command rpm ; then
|
|||
# These variable names match the ones in the Debian family. See above for an explanation of what they are for.
|
||||
PKG_INSTALL=("${PKG_MANAGER}" install -y)
|
||||
PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l"
|
||||
INSTALLER_DEPS=(git iproute newt procps-ng which chkconfig bind-utils)
|
||||
OS_CHECK_DEPS=(grep bind-utils)
|
||||
INSTALLER_DEPS=(git iproute newt procps-ng which chkconfig)
|
||||
PIHOLE_DEPS=(cronie curl findutils nmap-ncat sudo unzip libidn2 psmisc sqlite libcap lsof)
|
||||
PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php-common php-cli php-pdo php-xml php-json php-intl)
|
||||
LIGHTTPD_USER="lighttpd"
|
||||
|
@ -688,9 +665,17 @@ welcomeDialogs() {
|
|||
whiptail --msgbox --backtitle "Plea" --title "Free and open source" "\\n\\nThe Pi-hole is free, but powered by your donations: https://pi-hole.net/donate/" "${r}" "${c}"
|
||||
|
||||
# Explain the need for a static address
|
||||
whiptail --msgbox --backtitle "Initiating network interface" --title "Static IP Needed" "\\n\\nThe Pi-hole is a SERVER so it needs a STATIC IP ADDRESS to function properly.
|
||||
if whiptail --defaultno --backtitle "Initiating network interface" --title "Static IP Needed" --yesno "\\n\\nThe Pi-hole is a SERVER so it needs a STATIC IP ADDRESS to function properly.
|
||||
|
||||
In the next section, you can choose to use your current network settings (DHCP) or to manually edit them." "${r}" "${c}"
|
||||
IMPORTANT: If you have not already done so, you must ensure that this device has a static IP. Either through DHCP reservation, or by manually assigning one. Depending on your operating system, there are many ways to achieve this.
|
||||
|
||||
Choose yes to indicate that you have understood this message, and wish to continue" "${r}" "${c}"; then
|
||||
#Nothing to do, continue
|
||||
echo
|
||||
else
|
||||
printf " %b Installer exited at static IP message.\\n" "${INFO}"
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
# A function that lets the user pick an interface to use with Pi-hole
|
||||
|
@ -843,8 +828,11 @@ use4andor6() {
|
|||
if [[ "${useIPv4}" ]]; then
|
||||
# Run our function to get the information we need
|
||||
find_IPv4_information
|
||||
getStaticIPv4Settings
|
||||
setStaticIPv4
|
||||
if [[ -f "/etc/dhcpcd.conf" ]]; then
|
||||
# configure networking via dhcpcd
|
||||
getStaticIPv4Settings
|
||||
setDHCPCD
|
||||
fi
|
||||
fi
|
||||
# If IPv6 is to be used,
|
||||
if [[ "${useIPv6}" ]]; then
|
||||
|
@ -929,93 +917,6 @@ setDHCPCD() {
|
|||
fi
|
||||
}
|
||||
|
||||
# Configure networking ifcfg-xxxx file found at /etc/sysconfig/network-scripts/
|
||||
# This function requires the full path of an ifcfg file passed as an argument
|
||||
setIFCFG() {
|
||||
# Local, named variables
|
||||
local IFCFG_FILE
|
||||
local IPADDR
|
||||
local CIDR
|
||||
IFCFG_FILE=$1
|
||||
printf -v IPADDR "%s" "${IPV4_ADDRESS%%/*}"
|
||||
# Check if the desired IP is already set
|
||||
if grep -Eq "${IPADDR}(\\b|\\/)" "${IFCFG_FILE}"; then
|
||||
printf " %b Static IP already configured\\n" "${INFO}"
|
||||
else
|
||||
# Otherwise, put the IP in variables without the CIDR notation
|
||||
printf -v CIDR "%s" "${IPV4_ADDRESS##*/}"
|
||||
# Backup existing interface configuration:
|
||||
cp -p "${IFCFG_FILE}" "${IFCFG_FILE}".pihole.orig
|
||||
# Build Interface configuration file using the GLOBAL variables we have
|
||||
{
|
||||
echo "# Configured via Pi-hole installer"
|
||||
echo "DEVICE=$PIHOLE_INTERFACE"
|
||||
echo "BOOTPROTO=none"
|
||||
echo "ONBOOT=yes"
|
||||
echo "IPADDR=$IPADDR"
|
||||
echo "PREFIX=$CIDR"
|
||||
echo "GATEWAY=$IPv4gw"
|
||||
echo "DNS1=$PIHOLE_DNS_1"
|
||||
echo "DNS2=$PIHOLE_DNS_2"
|
||||
echo "USERCTL=no"
|
||||
}> "${IFCFG_FILE}"
|
||||
chmod 644 "${IFCFG_FILE}"
|
||||
chown root:root "${IFCFG_FILE}"
|
||||
# Use ip to immediately set the new address
|
||||
ip addr replace dev "${PIHOLE_INTERFACE}" "${IPV4_ADDRESS}"
|
||||
# If NetworkMangler command line interface exists and ready to mangle,
|
||||
if is_command nmcli && nmcli general status &> /dev/null; then
|
||||
# Tell NetworkManagler to read our new sysconfig file
|
||||
nmcli con load "${IFCFG_FILE}" > /dev/null
|
||||
fi
|
||||
# Show a warning that the user may need to restart
|
||||
printf " %b Set IP address to %s\\n You may need to restart after the install is complete\\n" "${TICK}" "${IPV4_ADDRESS%%/*}"
|
||||
fi
|
||||
}
|
||||
|
||||
setStaticIPv4() {
|
||||
# Local, named variables
|
||||
local IFCFG_FILE
|
||||
local CONNECTION_NAME
|
||||
|
||||
# If a static interface is already configured, we are done.
|
||||
if [[ -r "/etc/sysconfig/network/ifcfg-${PIHOLE_INTERFACE}" ]]; then
|
||||
if grep -q '^BOOTPROTO=.static.' "/etc/sysconfig/network/ifcfg-${PIHOLE_INTERFACE}"; then
|
||||
return 0
|
||||
fi
|
||||
fi
|
||||
# For the Debian family, if dhcpcd.conf exists then we can just configure using DHCPD.
|
||||
if [[ -f "/etc/dhcpcd.conf" ]]; then
|
||||
setDHCPCD
|
||||
return 0
|
||||
fi
|
||||
# If a DHCPCD config file was not found, check for an ifcfg config file based on the interface name
|
||||
if [[ -f "/etc/sysconfig/network-scripts/ifcfg-${PIHOLE_INTERFACE}" ]];then
|
||||
# If it exists, then we can configure using IFCFG
|
||||
IFCFG_FILE=/etc/sysconfig/network-scripts/ifcfg-${PIHOLE_INTERFACE}
|
||||
setIFCFG "${IFCFG_FILE}"
|
||||
return 0
|
||||
fi
|
||||
# If an ifcfg config does not exists for the interface name, search for one based on the connection name via network manager
|
||||
if is_command nmcli && nmcli general status &> /dev/null; then
|
||||
CONNECTION_NAME=$(nmcli dev show "${PIHOLE_INTERFACE}" | grep 'GENERAL.CONNECTION' | cut -d: -f2 | sed 's/^System//' | xargs | tr ' ' '_')
|
||||
IFCFG_FILE=/etc/sysconfig/network-scripts/ifcfg-${CONNECTION_NAME}
|
||||
if [[ -f "${IFCFG_FILE}" ]];then
|
||||
# If it exists,
|
||||
setIFCFG "${IFCFG_FILE}"
|
||||
return 0
|
||||
else
|
||||
printf " %b Warning: sysconfig network script not found. Creating ${IFCFG_FILE}\\n" "${INFO}"
|
||||
touch "${IFCFG_FILE}"
|
||||
setIFCFG "${IFCFG_FILE}"
|
||||
return 0
|
||||
fi
|
||||
fi
|
||||
# If previous conditions failed, show an error and exit
|
||||
printf " %b Warning: Unable to locate configuration file to set static IPv4 address\\n" "${INFO}"
|
||||
exit 1
|
||||
}
|
||||
|
||||
# Check an IP address to see if it is a valid one
|
||||
valid_ip() {
|
||||
# Local, named variables
|
||||
|
@ -1331,8 +1232,10 @@ version_check_dnsmasq() {
|
|||
local dnsmasq_pihole_id_string="addn-hosts=/etc/pihole/gravity.list"
|
||||
local dnsmasq_pihole_id_string2="# Dnsmasq config for Pi-hole's FTLDNS"
|
||||
local dnsmasq_original_config="${PI_HOLE_LOCAL_REPO}/advanced/dnsmasq.conf.original"
|
||||
local dnsmasq_pihole_01_snippet="${PI_HOLE_LOCAL_REPO}/advanced/01-pihole.conf"
|
||||
local dnsmasq_pihole_01_location="/etc/dnsmasq.d/01-pihole.conf"
|
||||
local dnsmasq_pihole_01_source="${PI_HOLE_LOCAL_REPO}/advanced/01-pihole.conf"
|
||||
local dnsmasq_pihole_01_target="/etc/dnsmasq.d/01-pihole.conf"
|
||||
local dnsmasq_rfc6761_06_source="${PI_HOLE_LOCAL_REPO}/advanced/06-rfc6761.conf"
|
||||
local dnsmasq_rfc6761_06_target="/etc/dnsmasq.d/06-rfc6761.conf"
|
||||
|
||||
# If the dnsmasq config file exists
|
||||
if [[ -f "${dnsmasq_conf}" ]]; then
|
||||
|
@ -1361,44 +1264,48 @@ version_check_dnsmasq() {
|
|||
printf "%b %b No dnsmasq.conf found... restoring default dnsmasq.conf...\\n" "${OVER}" "${TICK}"
|
||||
fi
|
||||
|
||||
printf " %b Copying 01-pihole.conf to /etc/dnsmasq.d/01-pihole.conf..." "${INFO}"
|
||||
printf " %b Installing %s..." "${INFO}" "${dnsmasq_pihole_01_target}"
|
||||
# Check to see if dnsmasq directory exists (it may not due to being a fresh install and dnsmasq no longer being a dependency)
|
||||
if [[ ! -d "/etc/dnsmasq.d" ]];then
|
||||
install -d -m 755 "/etc/dnsmasq.d"
|
||||
fi
|
||||
# Copy the new Pi-hole DNS config file into the dnsmasq.d directory
|
||||
install -D -m 644 -T "${dnsmasq_pihole_01_snippet}" "${dnsmasq_pihole_01_location}"
|
||||
printf "%b %b Copying 01-pihole.conf to /etc/dnsmasq.d/01-pihole.conf\\n" "${OVER}" "${TICK}"
|
||||
install -D -m 644 -T "${dnsmasq_pihole_01_source}" "${dnsmasq_pihole_01_target}"
|
||||
printf "%b %b Installed %s\n" "${OVER}" "${TICK}" "${dnsmasq_pihole_01_target}"
|
||||
# Replace our placeholder values with the GLOBAL DNS variables that we populated earlier
|
||||
# First, swap in the interface to listen on,
|
||||
sed -i "s/@INT@/$PIHOLE_INTERFACE/" "${dnsmasq_pihole_01_location}"
|
||||
sed -i "s/@INT@/$PIHOLE_INTERFACE/" "${dnsmasq_pihole_01_target}"
|
||||
if [[ "${PIHOLE_DNS_1}" != "" ]]; then
|
||||
# then swap in the primary DNS server.
|
||||
sed -i "s/@DNS1@/$PIHOLE_DNS_1/" "${dnsmasq_pihole_01_location}"
|
||||
sed -i "s/@DNS1@/$PIHOLE_DNS_1/" "${dnsmasq_pihole_01_target}"
|
||||
else
|
||||
# Otherwise, remove the line which sets DNS1.
|
||||
sed -i '/^server=@DNS1@/d' "${dnsmasq_pihole_01_location}"
|
||||
sed -i '/^server=@DNS1@/d' "${dnsmasq_pihole_01_target}"
|
||||
fi
|
||||
# Ditto if DNS2 is not empty
|
||||
if [[ "${PIHOLE_DNS_2}" != "" ]]; then
|
||||
sed -i "s/@DNS2@/$PIHOLE_DNS_2/" "${dnsmasq_pihole_01_location}"
|
||||
sed -i "s/@DNS2@/$PIHOLE_DNS_2/" "${dnsmasq_pihole_01_target}"
|
||||
else
|
||||
sed -i '/^server=@DNS2@/d' "${dnsmasq_pihole_01_location}"
|
||||
sed -i '/^server=@DNS2@/d' "${dnsmasq_pihole_01_target}"
|
||||
fi
|
||||
|
||||
# Set the cache size
|
||||
sed -i "s/@CACHE_SIZE@/$CACHE_SIZE/" ${dnsmasq_pihole_01_location}
|
||||
sed -i "s/@CACHE_SIZE@/$CACHE_SIZE/" "${dnsmasq_pihole_01_target}"
|
||||
|
||||
sed -i 's/^#conf-dir=\/etc\/dnsmasq.d$/conf-dir=\/etc\/dnsmasq.d/' "${dnsmasq_conf}"
|
||||
|
||||
# If the user does not want to enable logging,
|
||||
if [[ "${QUERY_LOGGING}" == false ]] ; then
|
||||
# disable it by commenting out the directive in the DNS config file
|
||||
sed -i 's/^log-queries/#log-queries/' "${dnsmasq_pihole_01_location}"
|
||||
sed -i 's/^log-queries/#log-queries/' "${dnsmasq_pihole_01_target}"
|
||||
else
|
||||
# Otherwise, enable it by uncommenting the directive in the DNS config file
|
||||
sed -i 's/^#log-queries/log-queries/' "${dnsmasq_pihole_01_location}"
|
||||
sed -i 's/^#log-queries/log-queries/' "${dnsmasq_pihole_01_target}"
|
||||
fi
|
||||
|
||||
printf " %b Installing %s..." "${INFO}" "${dnsmasq_rfc6761_06_source}"
|
||||
install -D -m 644 -T "${dnsmasq_rfc6761_06_source}" "${dnsmasq_rfc6761_06_target}"
|
||||
printf "%b %b Installed %s\n" "${OVER}" "${TICK}" "${dnsmasq_rfc6761_06_target}"
|
||||
}
|
||||
|
||||
# Clean an existing installation to prepare for upgrade/reinstall
|
||||
|
@ -1662,7 +1569,7 @@ update_package_cache() {
|
|||
else
|
||||
# Otherwise, show an error and exit
|
||||
printf "%b %b %s\\n" "${OVER}" "${CROSS}" "${str}"
|
||||
printf " %bError: Unable to update package cache. Please try \"%s\"%b" "${COL_LIGHT_RED}" "${UPDATE_PKG_CACHE}" "${COL_NC}"
|
||||
printf " %bError: Unable to update package cache. Please try \"%s\"%b" "${COL_LIGHT_RED}" "sudo ${UPDATE_PKG_CACHE}" "${COL_NC}"
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
@ -1689,20 +1596,7 @@ notify_package_updates_available() {
|
|||
fi
|
||||
}
|
||||
|
||||
# This counter is outside of install_dependent_packages so that it can count the number of times the function is called.
|
||||
counter=0
|
||||
|
||||
install_dependent_packages() {
|
||||
# Local, named variables should be used here, especially for an iterator
|
||||
# Add one to the counter
|
||||
counter=$((counter+1))
|
||||
if [[ "${counter}" == 1 ]]; then
|
||||
# On the first loop, print a special message
|
||||
printf " %b Installer Dependency checks...\\n" "${INFO}"
|
||||
else
|
||||
# On all subsequent loops, print a generic message.
|
||||
printf " %b Main Dependency checks...\\n" "${INFO}"
|
||||
fi
|
||||
|
||||
# Install packages passed in via argument array
|
||||
# No spinner - conflicts with set -e
|
||||
|
@ -1940,9 +1834,17 @@ finalExports() {
|
|||
# Install the logrotate script
|
||||
installLogrotate() {
|
||||
local str="Installing latest logrotate script"
|
||||
local target=/etc/pihole/logrotate
|
||||
|
||||
printf "\\n %b %s..." "${INFO}" "${str}"
|
||||
if [[ -f ${target} ]]; then
|
||||
printf "\\n\\t%b Existing logrotate file found. No changes made.\\n" "${INFO}"
|
||||
# Return value isn't that important, using 2 to indicate that it's not a fatal error but
|
||||
# the function did not complete.
|
||||
return 2
|
||||
fi
|
||||
# Copy the file over from the local repo
|
||||
install -D -m 644 -T ${PI_HOLE_LOCAL_REPO}/advanced/Templates/logrotate /etc/pihole/logrotate
|
||||
install -D -m 644 -T "${PI_HOLE_LOCAL_REPO}"/advanced/Templates/logrotate ${target}
|
||||
# Different operating systems have different user / group
|
||||
# settings for logrotate that makes it impossible to create
|
||||
# a static logrotate file that will work with e.g.
|
||||
|
@ -1951,9 +1853,9 @@ installLogrotate() {
|
|||
# the local properties of the /var/log directory
|
||||
logusergroup="$(stat -c '%U %G' /var/log)"
|
||||
# If there is a usergroup for log rotation,
|
||||
if [[ ! -z "${logusergroup}" ]]; then
|
||||
if [[ -n "${logusergroup}" ]]; then
|
||||
# replace the line in the logrotate script with that usergroup.
|
||||
sed -i "s/# su #/su ${logusergroup}/g;" /etc/pihole/logrotate
|
||||
sed -i "s/# su #/su ${logusergroup}/g;" ${target}
|
||||
fi
|
||||
printf "%b %b %s\\n" "${OVER}" "${TICK}" "${str}"
|
||||
}
|
||||
|
@ -2030,8 +1932,10 @@ installPihole() {
|
|||
fi
|
||||
# Install the cron file
|
||||
installCron
|
||||
|
||||
# Install the logrotate file
|
||||
installLogrotate
|
||||
installLogrotate || true
|
||||
|
||||
# Check if dnsmasq is present. If so, disable it and back up any possible
|
||||
# config file
|
||||
disable_dnsmasq
|
||||
|
@ -2116,7 +2020,7 @@ Your Admin Webpage login password is ${pwstring}"
|
|||
IPv4: ${IPV4_ADDRESS%/*}
|
||||
IPv6: ${IPV6_ADDRESS:-"Not Configured"}
|
||||
|
||||
If you set a new IP address, you should restart the Pi.
|
||||
If you have not done so already, the above IP should be set to static.
|
||||
|
||||
The install log is in /etc/pihole.
|
||||
|
||||
|
@ -2137,7 +2041,7 @@ update_dialogs() {
|
|||
strAdd="You will be updated to the latest version."
|
||||
fi
|
||||
opt2a="Reconfigure"
|
||||
opt2b="This will reset your Pi-hole and allow you to enter new settings."
|
||||
opt2b="Resets Pi-hole and allows re-selecting settings."
|
||||
|
||||
# Display the information to the user
|
||||
UpdateCmd=$(whiptail --title "Existing Install Detected!" --menu "\\n\\nWe have detected an existing install.\\n\\nPlease choose from the following options: \\n($strAdd)" "${r}" "${c}" 2 \
|
||||
|
@ -2322,8 +2226,6 @@ FTLinstall() {
|
|||
|
||||
# Before stopping FTL, we download the macvendor database
|
||||
curl -sSL "https://ftl.pi-hole.net/macvendor.db" -o "${PI_HOLE_CONFIG_DIR}/macvendor.db" || true
|
||||
chmod 644 "${PI_HOLE_CONFIG_DIR}/macvendor.db"
|
||||
chown pihole:pihole "${PI_HOLE_CONFIG_DIR}/macvendor.db"
|
||||
|
||||
# Stop pihole-FTL service if available
|
||||
stop_service pihole-FTL &> /dev/null
|
||||
|
@ -2628,8 +2530,25 @@ main() {
|
|||
fi
|
||||
fi
|
||||
|
||||
# Check for supported distribution
|
||||
distro_check
|
||||
# Check for supported package managers so that we may install dependencies
|
||||
package_manager_detect
|
||||
|
||||
# Notify user of package availability
|
||||
notify_package_updates_available
|
||||
|
||||
# Install packages necessary to perform os_check
|
||||
printf " %b Checking for / installing Required dependencies for OS Check...\\n" "${INFO}"
|
||||
install_dependent_packages "${OS_CHECK_DEPS[@]}"
|
||||
|
||||
# Check that the installed OS is officially supported - display warning if not
|
||||
os_check
|
||||
|
||||
# Install packages used by this installation script
|
||||
printf " %b Checking for / installing Required dependencies for this install script...\\n" "${INFO}"
|
||||
install_dependent_packages "${INSTALLER_DEPS[@]}"
|
||||
|
||||
# Check if SELinux is Enforcing
|
||||
checkSelinux
|
||||
|
||||
# If the setup variable file exists,
|
||||
if [[ -f "${setupVars}" ]]; then
|
||||
|
@ -2646,19 +2565,6 @@ main() {
|
|||
fi
|
||||
fi
|
||||
|
||||
# Start the installer
|
||||
# Notify user of package availability
|
||||
notify_package_updates_available
|
||||
|
||||
# Install packages used by this installation script
|
||||
install_dependent_packages "${INSTALLER_DEPS[@]}"
|
||||
|
||||
# Check that the installed OS is officially supported - display warning if not
|
||||
os_check
|
||||
|
||||
# Check if SELinux is Enforcing
|
||||
checkSelinux
|
||||
|
||||
if [[ "${useUpdateVars}" == false ]]; then
|
||||
# Display welcome dialogs
|
||||
welcomeDialogs
|
||||
|
@ -2705,6 +2611,8 @@ main() {
|
|||
dep_install_list+=("${PIHOLE_WEB_DEPS[@]}")
|
||||
fi
|
||||
|
||||
# Install packages used by the actual software
|
||||
printf " %b Checking for / installing Required dependencies for Pi-hole software...\\n" "${INFO}"
|
||||
install_dependent_packages "${dep_install_list[@]}"
|
||||
unset dep_install_list
|
||||
|
||||
|
@ -2809,7 +2717,7 @@ main() {
|
|||
printf " %b You may now configure your devices to use the Pi-hole as their DNS server\\n" "${INFO}"
|
||||
[[ -n "${IPV4_ADDRESS%/*}" ]] && printf " %b Pi-hole DNS (IPv4): %s\\n" "${INFO}" "${IPV4_ADDRESS%/*}"
|
||||
[[ -n "${IPV6_ADDRESS}" ]] && printf " %b Pi-hole DNS (IPv6): %s\\n" "${INFO}" "${IPV6_ADDRESS}"
|
||||
printf " %b If you set a new IP address, please restart the server running the Pi-hole\\n" "${INFO}"
|
||||
printf " %b If you have not done so already, the above IP should be set to static.\\n" "${INFO}"
|
||||
INSTALL_TYPE="Installation"
|
||||
else
|
||||
INSTALL_TYPE="Update"
|
||||
|
|
|
@ -42,8 +42,8 @@ source "${PI_HOLE_FILES_DIR}/automated install/basic-install.sh"
|
|||
# setupVars set in basic-install.sh
|
||||
source "${setupVars}"
|
||||
|
||||
# distro_check() sourced from basic-install.sh
|
||||
distro_check
|
||||
# package_manager_detect() sourced from basic-install.sh
|
||||
package_manager_detect
|
||||
|
||||
# Install packages used by the Pi-hole
|
||||
DEPS=("${INSTALLER_DEPS[@]}" "${PIHOLE_DEPS[@]}")
|
||||
|
@ -145,6 +145,7 @@ removeNoPurge() {
|
|||
|
||||
${SUDO} rm -f /etc/dnsmasq.d/adList.conf &> /dev/null
|
||||
${SUDO} rm -f /etc/dnsmasq.d/01-pihole.conf &> /dev/null
|
||||
${SUDO} rm -f /etc/dnsmasq.d/06-rfc6761.conf &> /dev/null
|
||||
${SUDO} rm -rf /var/log/*pihole* &> /dev/null
|
||||
${SUDO} rm -rf /etc/pihole/ &> /dev/null
|
||||
${SUDO} rm -rf /etc/.pihole/ &> /dev/null
|
||||
|
@ -206,11 +207,7 @@ removeNoPurge() {
|
|||
}
|
||||
|
||||
######### SCRIPT ###########
|
||||
if command -v vcgencmd &> /dev/null; then
|
||||
echo -e " ${INFO} All dependencies are safe to remove on Raspbian"
|
||||
else
|
||||
echo -e " ${INFO} Be sure to confirm if any dependencies should not be removed"
|
||||
fi
|
||||
echo -e " ${INFO} Be sure to confirm if any dependencies should not be removed"
|
||||
while true; do
|
||||
echo -e " ${INFO} ${COL_YELLOW}The following dependencies may have been added by the Pi-hole install:"
|
||||
echo -n " "
|
||||
|
|
72
gravity.sh
72
gravity.sh
|
@ -47,16 +47,6 @@ domainsExtension="domains"
|
|||
setupVars="${piholeDir}/setupVars.conf"
|
||||
if [[ -f "${setupVars}" ]];then
|
||||
source "${setupVars}"
|
||||
|
||||
# Remove CIDR mask from IPv4/6 addresses
|
||||
IPV4_ADDRESS="${IPV4_ADDRESS%/*}"
|
||||
IPV6_ADDRESS="${IPV6_ADDRESS%/*}"
|
||||
|
||||
# Determine if IPv4/6 addresses exist
|
||||
if [[ -z "${IPV4_ADDRESS}" ]] && [[ -z "${IPV6_ADDRESS}" ]]; then
|
||||
echo -e " ${COL_LIGHT_RED}No IP addresses found! Please run 'pihole -r' to reconfigure${COL_NC}"
|
||||
exit 1
|
||||
fi
|
||||
else
|
||||
echo -e " ${COL_LIGHT_RED}Installation Failure: ${setupVars} does not exist! ${COL_NC}
|
||||
Please run 'pihole -r', and choose the 'reconfigure' option to fix."
|
||||
|
@ -73,6 +63,8 @@ fi
|
|||
# have changed
|
||||
gravityDBfile="${GRAVITYDB}"
|
||||
gravityTEMPfile="${GRAVITYDB}_temp"
|
||||
gravityDIR="$(dirname -- "${gravityDBfile}")"
|
||||
gravityOLDfile="${gravityDIR}/gravity_old.db"
|
||||
|
||||
if [[ -z "${BLOCKINGMODE}" ]] ; then
|
||||
BLOCKINGMODE="NULL"
|
||||
|
@ -123,8 +115,19 @@ gravity_swap_databases() {
|
|||
fi
|
||||
echo -e "${OVER} ${TICK} ${str}"
|
||||
|
||||
# Swap databases and remove old database
|
||||
rm "${gravityDBfile}"
|
||||
# Swap databases and remove or conditionally rename old database
|
||||
# Number of available blocks on disk
|
||||
availableBlocks=$(stat -f --format "%a" "${gravityDIR}")
|
||||
# Number of blocks, used by gravity.db
|
||||
gravityBlocks=$(stat --format "%b" ${gravityDBfile})
|
||||
# Only keep the old database if available disk space is at least twice the size of the existing gravity.db.
|
||||
# Better be safe than sorry...
|
||||
if [ "${availableBlocks}" -gt "$(("${gravityBlocks}" * 2))" ] && [ -f "${gravityDBfile}" ]; then
|
||||
echo -e " ${TICK} The old database remains available."
|
||||
mv "${gravityDBfile}" "${gravityOLDfile}"
|
||||
else
|
||||
rm "${gravityDBfile}"
|
||||
fi
|
||||
mv "${gravityTEMPfile}" "${gravityDBfile}"
|
||||
}
|
||||
|
||||
|
@ -564,7 +567,7 @@ compareLists() {
|
|||
# Download specified URL and perform checks on HTTP status and file content
|
||||
gravity_DownloadBlocklistFromUrl() {
|
||||
local url="${1}" cmd_ext="${2}" agent="${3}" adlistID="${4}" saveLocation="${5}" target="${6}" compression="${7}"
|
||||
local heisenbergCompensator="" patternBuffer str httpCode success=""
|
||||
local heisenbergCompensator="" patternBuffer str httpCode success="" ip
|
||||
|
||||
# Create temp file to store content on disk instead of RAM
|
||||
patternBuffer=$(mktemp -p "/tmp" --suffix=".phgpb")
|
||||
|
@ -582,7 +585,10 @@ gravity_DownloadBlocklistFromUrl() {
|
|||
blocked=false
|
||||
case $BLOCKINGMODE in
|
||||
"IP-NODATA-AAAA"|"IP")
|
||||
if [[ $(dig "${domain}" +short | grep "${IPV4_ADDRESS}" -c) -ge 1 ]]; then
|
||||
# Get IP address of this domain
|
||||
ip="$(dig "${domain}" +short)"
|
||||
# Check if this IP matches any IP of the system
|
||||
if [[ -n "${ip}" && $(grep -Ec "inet(|6) ${ip}" <<< "$(ip a)") -gt 0 ]]; then
|
||||
blocked=true
|
||||
fi;;
|
||||
"NXDOMAIN")
|
||||
|
@ -785,43 +791,12 @@ gravity_ShowCount() {
|
|||
gravity_Table_Count "vw_regex_whitelist" "regex whitelist filters"
|
||||
}
|
||||
|
||||
# Parse list of domains into hosts format
|
||||
gravity_ParseDomainsIntoHosts() {
|
||||
awk -v ipv4="$IPV4_ADDRESS" -v ipv6="$IPV6_ADDRESS" '{
|
||||
# Remove windows CR line endings
|
||||
sub(/\r$/, "")
|
||||
# Parse each line as "ipaddr domain"
|
||||
if(ipv6 && ipv4) {
|
||||
print ipv4" "$0"\n"ipv6" "$0
|
||||
} else if(!ipv6) {
|
||||
print ipv4" "$0
|
||||
} else {
|
||||
print ipv6" "$0
|
||||
}
|
||||
}' >> "${2}" < "${1}"
|
||||
}
|
||||
|
||||
# Create "localhost" entries into hosts format
|
||||
gravity_generateLocalList() {
|
||||
local hostname
|
||||
|
||||
if [[ -s "/etc/hostname" ]]; then
|
||||
hostname=$(< "/etc/hostname")
|
||||
elif command -v hostname &> /dev/null; then
|
||||
hostname=$(hostname -f)
|
||||
else
|
||||
echo -e " ${CROSS} Unable to determine fully qualified domain name of host"
|
||||
return 0
|
||||
fi
|
||||
|
||||
echo -e "${hostname}\\npi.hole" > "${localList}.tmp"
|
||||
|
||||
# Empty $localList if it already exists, otherwise, create it
|
||||
: > "${localList}"
|
||||
echo "### Do not modify this file, it will be overwritten by pihole -g" > "${localList}"
|
||||
chmod 644 "${localList}"
|
||||
|
||||
gravity_ParseDomainsIntoHosts "${localList}.tmp" "${localList}"
|
||||
|
||||
# Add additional LAN hosts provided by OpenVPN (if available)
|
||||
if [[ -f "${VPNList}" ]]; then
|
||||
awk -F, '{printf $2"\t"$1".vpn\n"}' "${VPNList}" >> "${localList}"
|
||||
|
@ -890,6 +865,11 @@ for var in "$@"; do
|
|||
esac
|
||||
done
|
||||
|
||||
# Remove OLD (backup) gravity file, if it exists
|
||||
if [[ -f "${gravityOLDfile}" ]]; then
|
||||
rm "${gravityOLDfile}"
|
||||
fi
|
||||
|
||||
# Trap Ctrl-C
|
||||
gravity_Trap
|
||||
|
||||
|
|
|
@ -56,7 +56,7 @@ Available commands and options:
|
|||
|
||||
\fB-w, whitelist\fR [options] [<domain1> <domain2 ...>]
|
||||
.br
|
||||
Adds or removes specified domain or domains tho the Whitelist
|
||||
Adds or removes specified domain or domains to the Whitelist
|
||||
.br
|
||||
|
||||
\fB-b, blacklist\fR [options] [<domain1> <domain2 ...>]
|
||||
|
|
50
pihole
50
pihole
|
@ -242,7 +242,7 @@ Time:
|
|||
echo "BLOCKING_ENABLED=true" >> "${setupVars}"
|
||||
fi
|
||||
|
||||
restartDNS reload
|
||||
restartDNS reload-lists
|
||||
|
||||
echo -e "${OVER} ${TICK} ${str}"
|
||||
}
|
||||
|
@ -363,16 +363,13 @@ tailFunc() {
|
|||
fi
|
||||
echo -e " ${INFO} Press Ctrl-C to exit"
|
||||
|
||||
# Retrieve IPv4/6 addresses
|
||||
source /etc/pihole/setupVars.conf
|
||||
|
||||
# Strip date from each line
|
||||
# Color blocklist/blacklist/wildcard entries as red
|
||||
# Color A/AAAA/DHCP strings as white
|
||||
# Color everything else as gray
|
||||
tail -f /var/log/pihole.log | sed -E \
|
||||
tail -f /var/log/pihole.log | grep --line-buffered "${1}" | sed -E \
|
||||
-e "s,($(date +'%b %d ')| dnsmasq\[[0-9]*\]),,g" \
|
||||
-e "s,(.*(blacklisted |gravity blocked ).* is (0.0.0.0|::|NXDOMAIN|${IPV4_ADDRESS%/*}|${IPV6_ADDRESS:-NULL}).*),${COL_RED}&${COL_NC}," \
|
||||
-e "s,(.*(blacklisted |gravity blocked ).*),${COL_RED}&${COL_NC}," \
|
||||
-e "s,.*(query\\[A|DHCP).*,${COL_NC}&${COL_NC}," \
|
||||
-e "s,.*,${COL_GRAY}&${COL_NC},"
|
||||
exit 0
|
||||
|
@ -402,34 +399,24 @@ Branches:
|
|||
}
|
||||
|
||||
tricorderFunc() {
|
||||
local tricorder_token
|
||||
if [[ ! -p "/dev/stdin" ]]; then
|
||||
echo -e " ${INFO} Please do not call Tricorder directly"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if ! (echo > /dev/tcp/tricorder.pi-hole.net/9998) >/dev/null 2>&1; then
|
||||
echo -e " ${CROSS} Unable to connect to Pi-hole's Tricorder server"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if command -v openssl &> /dev/null; then
|
||||
openssl s_client -quiet -connect tricorder.pi-hole.net:9998 2> /dev/null < /dev/stdin
|
||||
exit "$?"
|
||||
else
|
||||
echo -e " ${INFO} ${COL_YELLOW}Security Notice${COL_NC}: ${COL_WHITE}openssl${COL_NC} is not installed
|
||||
Your debug log will be transmitted unencrypted via plain-text
|
||||
There is a possibility that this could be intercepted by a third party
|
||||
If you wish to cancel, press Ctrl-C to exit within 10 seconds"
|
||||
secs="10"
|
||||
while [[ "$secs" -gt "0" ]]; do
|
||||
echo -ne "."
|
||||
sleep 1
|
||||
: $((secs--))
|
||||
done
|
||||
echo " "
|
||||
nc tricorder.pi-hole.net 9999 < /dev/stdin
|
||||
exit "$?"
|
||||
tricorder_token=$(curl --silent --fail --show-error --upload-file "-" https://tricorder.pi-hole.net/upload < /dev/stdin 2>&1)
|
||||
if [[ "${tricorder_token}" != "https://tricorder.pi-hole.net/"* ]]; then
|
||||
echo -e "${CROSS} uploading failed, contact Pi-hole support for assistance."
|
||||
# Log curl error (if available)
|
||||
if [ -n "${tricorder_token}" ]; then
|
||||
echo -e "${INFO} Error message: ${COL_RED}${tricorder_token}${COL_NC}\\n"
|
||||
tricorder_token=""
|
||||
fi
|
||||
exit 1
|
||||
fi
|
||||
echo "Upload successful, your token is: ${COL_GREEN}${tricorder_token}${COL_NC}"
|
||||
exit 0
|
||||
}
|
||||
|
||||
updateCheckFunc() {
|
||||
|
@ -456,7 +443,10 @@ Debugging Options:
|
|||
Add '-a' to automatically upload the log to tricorder.pi-hole.net
|
||||
-f, flush Flush the Pi-hole log
|
||||
-r, reconfigure Reconfigure or Repair Pi-hole subsystems
|
||||
-t, tail View the live output of the Pi-hole log
|
||||
-t, tail [arg] View the live output of the Pi-hole log.
|
||||
Add an optional argument to filter the log
|
||||
(regular expressions are supported)
|
||||
|
||||
|
||||
Options:
|
||||
-a, admin Web interface options
|
||||
|
@ -530,7 +520,7 @@ case "${1}" in
|
|||
"status" ) statusFunc "$2";;
|
||||
"restartdns" ) restartDNS "$2";;
|
||||
"-a" | "admin" ) webpageFunc "$@";;
|
||||
"-t" | "tail" ) tailFunc;;
|
||||
"-t" | "tail" ) tailFunc "$2";;
|
||||
"checkout" ) piholeCheckoutFunc "$@";;
|
||||
"tricorder" ) tricorderFunc;;
|
||||
"updatechecker" ) updateCheckFunc "$@";;
|
||||
|
|
|
@ -1,5 +0,0 @@
|
|||
Raspbian=9,10
|
||||
Ubuntu=16,18,20
|
||||
Debian=9,10
|
||||
Fedora=32,33
|
||||
CentOS=7,8
|
|
@ -12,5 +12,6 @@ RUN true && \
|
|||
chmod +x $SCRIPTDIR/*
|
||||
|
||||
ENV PH_TEST true
|
||||
ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
|
||||
|
||||
#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
|
||||
|
|
|
@ -12,5 +12,6 @@ RUN true && \
|
|||
chmod +x $SCRIPTDIR/*
|
||||
|
||||
ENV PH_TEST true
|
||||
ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
|
||||
|
||||
#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
|
||||
|
|
|
@ -12,5 +12,6 @@ RUN true && \
|
|||
chmod +x $SCRIPTDIR/*
|
||||
|
||||
ENV PH_TEST true
|
||||
ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
|
||||
|
||||
#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
|
||||
|
|
17
test/_debian_11.Dockerfile
Normal file
17
test/_debian_11.Dockerfile
Normal file
|
@ -0,0 +1,17 @@
|
|||
FROM buildpack-deps:bullseye-scm
|
||||
|
||||
ENV GITDIR /etc/.pihole
|
||||
ENV SCRIPTDIR /opt/pihole
|
||||
|
||||
RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
|
||||
ADD . $GITDIR
|
||||
RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
|
||||
ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
|
||||
|
||||
RUN true && \
|
||||
chmod +x $SCRIPTDIR/*
|
||||
|
||||
ENV PH_TEST true
|
||||
ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
|
||||
|
||||
#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
|
|
@ -12,5 +12,6 @@ RUN true && \
|
|||
chmod +x $SCRIPTDIR/*
|
||||
|
||||
ENV PH_TEST true
|
||||
ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
|
||||
|
||||
#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
|
||||
|
|
|
@ -12,5 +12,6 @@ RUN true && \
|
|||
chmod +x $SCRIPTDIR/*
|
||||
|
||||
ENV PH_TEST true
|
||||
ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
|
||||
|
||||
#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
|
||||
|
|
|
@ -12,5 +12,6 @@ RUN true && \
|
|||
chmod +x $SCRIPTDIR/*
|
||||
|
||||
ENV PH_TEST true
|
||||
ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
|
||||
|
||||
#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
|
||||
|
|
|
@ -12,5 +12,6 @@ RUN true && \
|
|||
chmod +x $SCRIPTDIR/*
|
||||
|
||||
ENV PH_TEST true
|
||||
ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
|
||||
|
||||
#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
|
|
@ -12,5 +12,6 @@ RUN true && \
|
|||
chmod +x $SCRIPTDIR/*
|
||||
|
||||
ENV PH_TEST true
|
||||
ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
|
||||
|
||||
#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
|
||||
|
|
|
@ -13,5 +13,6 @@ RUN true && \
|
|||
chmod +x $SCRIPTDIR/*
|
||||
|
||||
ENV PH_TEST true
|
||||
ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
|
||||
|
||||
#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
|
||||
|
|
18
test/_ubuntu_21.Dockerfile
Normal file
18
test/_ubuntu_21.Dockerfile
Normal file
|
@ -0,0 +1,18 @@
|
|||
FROM buildpack-deps:hirsute-scm
|
||||
|
||||
ENV GITDIR /etc/.pihole
|
||||
ENV SCRIPTDIR /opt/pihole
|
||||
|
||||
RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
|
||||
ADD . $GITDIR
|
||||
RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
|
||||
ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
|
||||
ENV DEBIAN_FRONTEND=noninteractive
|
||||
|
||||
RUN true && \
|
||||
chmod +x $SCRIPTDIR/*
|
||||
|
||||
ENV PH_TEST true
|
||||
ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
|
||||
|
||||
#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
|
|
@ -8,8 +8,6 @@ check_output = testinfra.get_backend(
|
|||
|
||||
SETUPVARS = {
|
||||
'PIHOLE_INTERFACE': 'eth99',
|
||||
'IPV4_ADDRESS': '1.1.1.1',
|
||||
'IPV6_ADDRESS': 'FE80::240:D0FF:FE48:4672',
|
||||
'PIHOLE_DNS_1': '4.2.2.1',
|
||||
'PIHOLE_DNS_2': '4.2.2.2'
|
||||
}
|
||||
|
|
|
@ -18,13 +18,13 @@ def test_supported_operating_system(Pihole):
|
|||
# break supported package managers to emulate an unsupported distribution
|
||||
Pihole.run('rm -rf /usr/bin/apt-get')
|
||||
Pihole.run('rm -rf /usr/bin/rpm')
|
||||
distro_check = Pihole.run('''
|
||||
package_manager_detect = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
distro_check
|
||||
package_manager_detect
|
||||
''')
|
||||
expected_stdout = cross_box + ' OS distribution not supported'
|
||||
assert expected_stdout in distro_check.stdout
|
||||
# assert distro_check.rc == 1
|
||||
assert expected_stdout in package_manager_detect.stdout
|
||||
# assert package_manager_detect.rc == 1
|
||||
|
||||
|
||||
def test_setupVars_are_sourced_to_global_scope(Pihole):
|
||||
|
@ -45,8 +45,6 @@ def test_setupVars_are_sourced_to_global_scope(Pihole):
|
|||
# Currently debug test function only
|
||||
echo "Outputting sourced variables"
|
||||
echo "PIHOLE_INTERFACE=${PIHOLE_INTERFACE}"
|
||||
echo "IPV4_ADDRESS=${IPV4_ADDRESS}"
|
||||
echo "IPV6_ADDRESS=${IPV6_ADDRESS}"
|
||||
echo "PIHOLE_DNS_1=${PIHOLE_DNS_1}"
|
||||
echo "PIHOLE_DNS_2=${PIHOLE_DNS_2}"
|
||||
}
|
||||
|
@ -137,7 +135,7 @@ def test_update_package_cache_success_no_errors(Pihole):
|
|||
'''
|
||||
updateCache = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
distro_check
|
||||
package_manager_detect
|
||||
update_package_cache
|
||||
''')
|
||||
expected_stdout = tick_box + ' Update local cache of available packages'
|
||||
|
@ -152,7 +150,7 @@ def test_update_package_cache_failure_no_errors(Pihole):
|
|||
mock_command('apt-get', {'update': ('', '1')}, Pihole)
|
||||
updateCache = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
distro_check
|
||||
package_manager_detect
|
||||
update_package_cache
|
||||
''')
|
||||
expected_stdout = cross_box + ' Update local cache of available packages'
|
||||
|
@ -359,7 +357,7 @@ def test_FTL_download_aarch64_no_errors(Pihole):
|
|||
mock_command('whiptail', {'*': ('', '0')}, Pihole)
|
||||
Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
distro_check
|
||||
package_manager_detect
|
||||
install_dependent_packages ${INSTALLER_DEPS[@]}
|
||||
''')
|
||||
download_binary = Pihole.run('''
|
||||
|
@ -569,7 +567,8 @@ def test_os_check_fails(Pihole):
|
|||
''' Confirms install fails on unsupported OS '''
|
||||
Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
distro_check
|
||||
package_manager_detect
|
||||
install_dependent_packages ${OS_CHECK_DEPS[@]}
|
||||
install_dependent_packages ${INSTALLER_DEPS[@]}
|
||||
cat <<EOT > /etc/os-release
|
||||
ID=UnsupportedOS
|
||||
|
@ -588,7 +587,8 @@ def test_os_check_passes(Pihole):
|
|||
''' Confirms OS meets the requirements '''
|
||||
Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
distro_check
|
||||
package_manager_detect
|
||||
install_dependent_packages ${OS_CHECK_DEPS[@]}
|
||||
install_dependent_packages ${INSTALLER_DEPS[@]}
|
||||
''')
|
||||
detectOS = Pihole.run('''
|
||||
|
@ -597,3 +597,42 @@ def test_os_check_passes(Pihole):
|
|||
''')
|
||||
expected_stdout = 'Supported OS detected'
|
||||
assert expected_stdout in detectOS.stdout
|
||||
|
||||
|
||||
def test_package_manager_has_installer_deps(Pihole):
|
||||
''' Confirms OS is able to install the required packages for the installer'''
|
||||
mock_command('whiptail', {'*': ('', '0')}, Pihole)
|
||||
output = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
package_manager_detect
|
||||
install_dependent_packages ${INSTALLER_DEPS[@]}
|
||||
''')
|
||||
|
||||
assert 'No package' not in output.stdout # centos7 still exits 0...
|
||||
assert output.rc == 0
|
||||
|
||||
|
||||
def test_package_manager_has_pihole_deps(Pihole):
|
||||
''' Confirms OS is able to install the required packages for Pi-hole '''
|
||||
mock_command('whiptail', {'*': ('', '0')}, Pihole)
|
||||
output = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
package_manager_detect
|
||||
install_dependent_packages ${PIHOLE_DEPS[@]}
|
||||
''')
|
||||
|
||||
assert 'No package' not in output.stdout # centos7 still exits 0...
|
||||
assert output.rc == 0
|
||||
|
||||
|
||||
def test_package_manager_has_web_deps(Pihole):
|
||||
''' Confirms OS is able to install the required packages for web '''
|
||||
mock_command('whiptail', {'*': ('', '0')}, Pihole)
|
||||
output = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
package_manager_detect
|
||||
install_dependent_packages ${PIHOLE_WEB_DEPS[@]}
|
||||
''')
|
||||
|
||||
assert 'No package' not in output.stdout # centos7 still exits 0...
|
||||
assert output.rc == 0
|
||||
|
|
|
@ -9,13 +9,13 @@ def test_php_upgrade_default_optout_centos_eq_7(Pihole):
|
|||
'''
|
||||
confirms the default behavior to opt-out of installing PHP7 from REMI
|
||||
'''
|
||||
distro_check = Pihole.run('''
|
||||
package_manager_detect = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
distro_check
|
||||
package_manager_detect
|
||||
''')
|
||||
expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
|
||||
'Deprecated PHP may be in use.')
|
||||
assert expected_stdout in distro_check.stdout
|
||||
assert expected_stdout in package_manager_detect.stdout
|
||||
remi_package = Pihole.package('remi-release')
|
||||
assert not remi_package.is_installed
|
||||
|
||||
|
@ -27,13 +27,13 @@ def test_php_upgrade_user_optout_centos_eq_7(Pihole):
|
|||
'''
|
||||
# Whiptail dialog returns Cancel for user prompt
|
||||
mock_command('whiptail', {'*': ('', '1')}, Pihole)
|
||||
distro_check = Pihole.run('''
|
||||
package_manager_detect = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
distro_check
|
||||
package_manager_detect
|
||||
''')
|
||||
expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
|
||||
'Deprecated PHP may be in use.')
|
||||
assert expected_stdout in distro_check.stdout
|
||||
assert expected_stdout in package_manager_detect.stdout
|
||||
remi_package = Pihole.package('remi-release')
|
||||
assert not remi_package.is_installed
|
||||
|
||||
|
@ -45,16 +45,16 @@ def test_php_upgrade_user_optin_centos_eq_7(Pihole):
|
|||
'''
|
||||
# Whiptail dialog returns Continue for user prompt
|
||||
mock_command('whiptail', {'*': ('', '0')}, Pihole)
|
||||
distro_check = Pihole.run('''
|
||||
package_manager_detect = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
distro_check
|
||||
package_manager_detect
|
||||
''')
|
||||
assert 'opt-out' not in distro_check.stdout
|
||||
assert 'opt-out' not in package_manager_detect.stdout
|
||||
expected_stdout = info_box + (' Enabling Remi\'s RPM repository '
|
||||
'(https://rpms.remirepo.net)')
|
||||
assert expected_stdout in distro_check.stdout
|
||||
assert expected_stdout in package_manager_detect.stdout
|
||||
expected_stdout = tick_box + (' Remi\'s RPM repository has '
|
||||
'been enabled for PHP7')
|
||||
assert expected_stdout in distro_check.stdout
|
||||
assert expected_stdout in package_manager_detect.stdout
|
||||
remi_package = Pihole.package('remi-release')
|
||||
assert remi_package.is_installed
|
||||
|
|
|
@ -10,13 +10,13 @@ def test_php_upgrade_default_continue_centos_gte_8(Pihole):
|
|||
confirms the latest version of CentOS continues / does not optout
|
||||
(should trigger on CentOS7 only)
|
||||
'''
|
||||
distro_check = Pihole.run('''
|
||||
package_manager_detect = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
distro_check
|
||||
package_manager_detect
|
||||
''')
|
||||
unexpected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS.'
|
||||
' Deprecated PHP may be in use.')
|
||||
assert unexpected_stdout not in distro_check.stdout
|
||||
assert unexpected_stdout not in package_manager_detect.stdout
|
||||
# ensure remi was not installed on latest CentOS
|
||||
remi_package = Pihole.package('remi-release')
|
||||
assert not remi_package.is_installed
|
||||
|
@ -30,13 +30,13 @@ def test_php_upgrade_user_optout_skipped_centos_gte_8(Pihole):
|
|||
'''
|
||||
# Whiptail dialog returns Cancel for user prompt
|
||||
mock_command('whiptail', {'*': ('', '1')}, Pihole)
|
||||
distro_check = Pihole.run('''
|
||||
package_manager_detect = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
distro_check
|
||||
package_manager_detect
|
||||
''')
|
||||
unexpected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS.'
|
||||
' Deprecated PHP may be in use.')
|
||||
assert unexpected_stdout not in distro_check.stdout
|
||||
assert unexpected_stdout not in package_manager_detect.stdout
|
||||
# ensure remi was not installed on latest CentOS
|
||||
remi_package = Pihole.package('remi-release')
|
||||
assert not remi_package.is_installed
|
||||
|
@ -50,16 +50,16 @@ def test_php_upgrade_user_optin_skipped_centos_gte_8(Pihole):
|
|||
'''
|
||||
# Whiptail dialog returns Continue for user prompt
|
||||
mock_command('whiptail', {'*': ('', '0')}, Pihole)
|
||||
distro_check = Pihole.run('''
|
||||
package_manager_detect = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
distro_check
|
||||
package_manager_detect
|
||||
''')
|
||||
assert 'opt-out' not in distro_check.stdout
|
||||
assert 'opt-out' not in package_manager_detect.stdout
|
||||
unexpected_stdout = info_box + (' Enabling Remi\'s RPM repository '
|
||||
'(https://rpms.remirepo.net)')
|
||||
assert unexpected_stdout not in distro_check.stdout
|
||||
assert unexpected_stdout not in package_manager_detect.stdout
|
||||
unexpected_stdout = tick_box + (' Remi\'s RPM repository has '
|
||||
'been enabled for PHP7')
|
||||
assert unexpected_stdout not in distro_check.stdout
|
||||
assert unexpected_stdout not in package_manager_detect.stdout
|
||||
remi_package = Pihole.package('remi-release')
|
||||
assert not remi_package.is_installed
|
||||
|
|
|
@ -13,29 +13,29 @@ def test_release_supported_version_check_centos(Pihole):
|
|||
'''
|
||||
# modify /etc/redhat-release to mock an unsupported CentOS release
|
||||
Pihole.run('echo "CentOS Linux release 6.9" > /etc/redhat-release')
|
||||
distro_check = Pihole.run('''
|
||||
package_manager_detect = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
distro_check
|
||||
package_manager_detect
|
||||
''')
|
||||
expected_stdout = cross_box + (' CentOS 6 is not supported.')
|
||||
assert expected_stdout in distro_check.stdout
|
||||
assert expected_stdout in package_manager_detect.stdout
|
||||
expected_stdout = 'Please update to CentOS release 7 or later'
|
||||
assert expected_stdout in distro_check.stdout
|
||||
assert expected_stdout in package_manager_detect.stdout
|
||||
|
||||
|
||||
def test_enable_epel_repository_centos(Pihole):
|
||||
'''
|
||||
confirms the EPEL package repository is enabled when installed on CentOS
|
||||
'''
|
||||
distro_check = Pihole.run('''
|
||||
package_manager_detect = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
distro_check
|
||||
package_manager_detect
|
||||
''')
|
||||
expected_stdout = info_box + (' Enabling EPEL package repository '
|
||||
'(https://fedoraproject.org/wiki/EPEL)')
|
||||
assert expected_stdout in distro_check.stdout
|
||||
assert expected_stdout in package_manager_detect.stdout
|
||||
expected_stdout = tick_box + ' Installed epel-release'
|
||||
assert expected_stdout in distro_check.stdout
|
||||
assert expected_stdout in package_manager_detect.stdout
|
||||
epel_package = Pihole.package('epel-release')
|
||||
assert epel_package.is_installed
|
||||
|
||||
|
@ -51,13 +51,13 @@ def test_php_version_lt_7_detected_upgrade_default_optout_centos(Pihole):
|
|||
default_centos_php_version = php_package.version.split('.')[0]
|
||||
if int(default_centos_php_version) >= 7: # PHP7 is supported/recommended
|
||||
pytest.skip("Test deprecated . Detected default PHP version >= 7")
|
||||
distro_check = Pihole.run('''
|
||||
package_manager_detect = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
distro_check
|
||||
package_manager_detect
|
||||
''')
|
||||
expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
|
||||
'Deprecated PHP may be in use.')
|
||||
assert expected_stdout in distro_check.stdout
|
||||
assert expected_stdout in package_manager_detect.stdout
|
||||
remi_package = Pihole.package('remi-release')
|
||||
assert not remi_package.is_installed
|
||||
|
||||
|
@ -75,13 +75,13 @@ def test_php_version_lt_7_detected_upgrade_user_optout_centos(Pihole):
|
|||
pytest.skip("Test deprecated . Detected default PHP version >= 7")
|
||||
# Whiptail dialog returns Cancel for user prompt
|
||||
mock_command('whiptail', {'*': ('', '1')}, Pihole)
|
||||
distro_check = Pihole.run('''
|
||||
package_manager_detect = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
distro_check
|
||||
package_manager_detect
|
||||
''')
|
||||
expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
|
||||
'Deprecated PHP may be in use.')
|
||||
assert expected_stdout in distro_check.stdout
|
||||
assert expected_stdout in package_manager_detect.stdout
|
||||
remi_package = Pihole.package('remi-release')
|
||||
assert not remi_package.is_installed
|
||||
|
||||
|
@ -99,20 +99,20 @@ def test_php_version_lt_7_detected_upgrade_user_optin_centos(Pihole):
|
|||
pytest.skip("Test deprecated . Detected default PHP version >= 7")
|
||||
# Whiptail dialog returns Continue for user prompt
|
||||
mock_command('whiptail', {'*': ('', '0')}, Pihole)
|
||||
distro_check = Pihole.run('''
|
||||
package_manager_detect = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
distro_check
|
||||
package_manager_detect
|
||||
install_dependent_packages PIHOLE_WEB_DEPS[@]
|
||||
''')
|
||||
expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
|
||||
'Deprecated PHP may be in use.')
|
||||
assert expected_stdout not in distro_check.stdout
|
||||
assert expected_stdout not in package_manager_detect.stdout
|
||||
expected_stdout = info_box + (' Enabling Remi\'s RPM repository '
|
||||
'(https://rpms.remirepo.net)')
|
||||
assert expected_stdout in distro_check.stdout
|
||||
assert expected_stdout in package_manager_detect.stdout
|
||||
expected_stdout = tick_box + (' Remi\'s RPM repository has '
|
||||
'been enabled for PHP7')
|
||||
assert expected_stdout in distro_check.stdout
|
||||
assert expected_stdout in package_manager_detect.stdout
|
||||
remi_package = Pihole.package('remi-release')
|
||||
assert remi_package.is_installed
|
||||
updated_php_package = Pihole.package('php')
|
||||
|
|
|
@ -3,11 +3,11 @@ def test_epel_and_remi_not_installed_fedora(Pihole):
|
|||
confirms installer does not attempt to install EPEL/REMI repositories
|
||||
on Fedora
|
||||
'''
|
||||
distro_check = Pihole.run('''
|
||||
package_manager_detect = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
distro_check
|
||||
package_manager_detect
|
||||
''')
|
||||
assert distro_check.stdout == ''
|
||||
assert package_manager_detect.stdout == ''
|
||||
|
||||
epel_package = Pihole.package('epel-release')
|
||||
assert not epel_package.is_installed
|
||||
|
|
8
test/tox.debian_11.ini
Normal file
8
test/tox.debian_11.ini
Normal file
|
@ -0,0 +1,8 @@
|
|||
[tox]
|
||||
envlist = py37
|
||||
|
||||
[testenv]
|
||||
whitelist_externals = docker
|
||||
deps = -rrequirements.txt
|
||||
commands = docker build -f _debian_11.Dockerfile -t pytest_pihole:test_container ../
|
||||
pytest {posargs:-vv -n auto} ./test_automated_install.py
|
8
test/tox.ubuntu_21.ini
Normal file
8
test/tox.ubuntu_21.ini
Normal file
|
@ -0,0 +1,8 @@
|
|||
[tox]
|
||||
envlist = py37
|
||||
|
||||
[testenv]
|
||||
whitelist_externals = docker
|
||||
deps = -rrequirements.txt
|
||||
commands = docker build -f _ubuntu_21.Dockerfile -t pytest_pihole:test_container ../
|
||||
pytest {posargs:-vv -n auto} ./test_automated_install.py
|
Loading…
Reference in a new issue