mirror of
https://github.com/pi-hole/pi-hole.git
synced 2025-01-11 22:44:44 +00:00
commit
412cacac49
9 changed files with 352 additions and 208 deletions
2
.gitattributes
vendored
2
.gitattributes
vendored
|
@ -35,4 +35,4 @@ GitHub.Tests.Integration/Resources/* binary
|
|||
|
||||
|
||||
# Catch all for anything we forgot. Add rules if you get CRLF -> LF warnings.
|
||||
* text=auto
|
||||
* text eol=lf
|
||||
|
|
|
@ -1,25 +1,25 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<project version="4">
|
||||
<component name="ProjectCodeStyleSettingsManager">
|
||||
<option name="PER_PROJECT_SETTINGS">
|
||||
<value>
|
||||
<option name="OTHER_INDENT_OPTIONS">
|
||||
<value>
|
||||
<option name="INDENT_SIZE" value="2" />
|
||||
<option name="CONTINUATION_INDENT_SIZE" value="8" />
|
||||
<option name="TAB_SIZE" value="2" />
|
||||
<option name="USE_TAB_CHARACTER" value="false" />
|
||||
<option name="SMART_TABS" value="false" />
|
||||
<option name="LABEL_INDENT_SIZE" value="0" />
|
||||
<option name="LABEL_INDENT_ABSOLUTE" value="false" />
|
||||
<option name="USE_RELATIVE_INDENTS" value="false" />
|
||||
</value>
|
||||
<component name="ProjectCodeStyleSettingsManager">
|
||||
<option name="PER_PROJECT_SETTINGS">
|
||||
<value>
|
||||
<option name="OTHER_INDENT_OPTIONS">
|
||||
<value>
|
||||
<option name="INDENT_SIZE" value="2" />
|
||||
<option name="CONTINUATION_INDENT_SIZE" value="8" />
|
||||
<option name="TAB_SIZE" value="2" />
|
||||
<option name="USE_TAB_CHARACTER" value="false" />
|
||||
<option name="SMART_TABS" value="false" />
|
||||
<option name="LABEL_INDENT_SIZE" value="0" />
|
||||
<option name="LABEL_INDENT_ABSOLUTE" value="false" />
|
||||
<option name="USE_RELATIVE_INDENTS" value="false" />
|
||||
</value>
|
||||
</option>
|
||||
<MarkdownNavigatorCodeStyleSettings>
|
||||
<option name="RIGHT_MARGIN" value="72" />
|
||||
</MarkdownNavigatorCodeStyleSettings>
|
||||
</value>
|
||||
</option>
|
||||
<MarkdownNavigatorCodeStyleSettings>
|
||||
<option name="RIGHT_MARGIN" value="72" />
|
||||
</MarkdownNavigatorCodeStyleSettings>
|
||||
</value>
|
||||
</option>
|
||||
<option name="USE_PER_PROJECT_SETTINGS" value="true" />
|
||||
</component>
|
||||
<option name="USE_PER_PROJECT_SETTINGS" value="true" />
|
||||
</component>
|
||||
</project>
|
|
@ -139,6 +139,7 @@ You can view [real-time stats](https://discourse.pi-hole.net/t/how-do-i-view-my-
|
|||
|
||||
## Pi-hole Projects
|
||||
|
||||
- [An ad blocking Magic Mirror](https://zonksec.com/blog/magic-mirror-dns-filtering/#dnssoftware)
|
||||
- [Pi-hole stats in your Mac's menu bar](https://getbitbar.com/plugins/Network/pi-hole.1m.py)
|
||||
- [Get LED alerts for each blocked ad](http://thetimmy.silvernight.org/pages/endisbutton/)
|
||||
- [Pi-hole on Ubuntu 14.04 on VirtualBox](http://hbalagtas.blogspot.com/2016/02/adblocking-with-pi-hole-and-ubuntu-1404.html)
|
||||
|
@ -154,6 +155,7 @@ You can view [real-time stats](https://discourse.pi-hole.net/t/how-do-i-view-my-
|
|||
- [Windows Tray Stat Application](https://github.com/goldbattle/copernicus)
|
||||
- [Let your blink1 device blink when Pi-hole filters ads](https://gist.github.com/elpatron68/ec0b4c582e5abf604885ac1e068d233f)
|
||||
- [Pi-Hole Prometheus exporter](https://github.com/nlamirault/pihole_exporter) : a [Prometheus](https://prometheus.io/) exporter for Pi-Hole
|
||||
- [Pi-hole Droid - open source Android client](https://github.com/friimaind/pi-hole-droid)
|
||||
|
||||
## Coverage
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@
|
|||
https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
|
||||
|
||||
# Other lists we consider safe:
|
||||
http://mirror1.malwaredomains.com/files/justdomains
|
||||
https://mirror1.malwaredomains.com/files/justdomains
|
||||
http://sysctl.org/cameleon/hosts
|
||||
https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist
|
||||
https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
|
||||
|
@ -23,9 +23,9 @@ https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
|
|||
# hosts-file.net list. Updated frequently, but has been known to block legitimate sites.
|
||||
https://hosts-file.net/ad_servers.txt
|
||||
|
||||
# Mahakala list. Has been known to block legitimage domains including the entire .com range.
|
||||
# Mahakala list. Has been known to block legitimate domains including the entire .com range.
|
||||
# Warning: Due to the sheer size of this list, the web admin console will be unresponsive.
|
||||
#http://adblock.mahakala.is/
|
||||
#https://adblock.mahakala.is/
|
||||
|
||||
# ADZHOSTS list. Has been known to block legitimate domains
|
||||
#http://pilotfiber.dl.sourceforge.net/project/adzhosts/HOSTS.txt
|
||||
|
@ -49,5 +49,5 @@ https://hosts-file.net/ad_servers.txt
|
|||
# Following two lists should be used simultaneously: (readme https://github.com/notracking/hosts-blocklists/)
|
||||
#https://raw.github.com/notracking/hosts-blocklists/master/hostnames.txt
|
||||
#https://raw.github.com/notracking/hosts-blocklists/master/domains.txt
|
||||
# Combination of serveral host files on the internet (warning some facebook domains are also blocked but you can go to facebook.com). See https://github.com/mat1th/Dns-add-block for more information.
|
||||
# Combination of several host files on the internet (warning some facebook domains are also blocked but you can go to facebook.com). See https://github.com/mat1th/Dns-add-block for more information.
|
||||
#https://raw.githubusercontent.com/mat1th/Dns-add-block/master/hosts
|
||||
|
|
|
@ -16,7 +16,7 @@ set -o pipefail
|
|||
VARSFILE="/etc/pihole/setupVars.conf"
|
||||
DEBUG_LOG="/var/log/pihole_debug.log"
|
||||
DNSMASQFILE="/etc/dnsmasq.conf"
|
||||
DNSMASQCONFFILE="/etc/dnsmasq.d/01-pihole.conf"
|
||||
DNSMASQCONFDIR="/etc/dnsmasq.d/*"
|
||||
LIGHTTPDFILE="/etc/lighttpd/lighttpd.conf"
|
||||
LIGHTTPDERRFILE="/var/log/lighttpd/error.log"
|
||||
GRAVITYFILE="/etc/pihole/gravity.list"
|
||||
|
@ -26,7 +26,6 @@ ADLISTFILE="/etc/pihole/adlists.list"
|
|||
PIHOLELOG="/var/log/pihole.log"
|
||||
WHITELISTMATCHES="/tmp/whitelistmatches.list"
|
||||
|
||||
IPV6_READY=false
|
||||
TIMEOUT=60
|
||||
# Header info and introduction
|
||||
cat << EOM
|
||||
|
@ -35,7 +34,7 @@ cat << EOM
|
|||
::: This process collects information from your Pi-hole, and optionally uploads
|
||||
::: it to a unique and random directory on tricorder.pi-hole.net.
|
||||
:::
|
||||
::: NOTE: All log files auto-delete after 24 hours and ONLY the Pi-hole developers
|
||||
::: NOTE: All log files auto-delete after 48 hours and ONLY the Pi-hole developers
|
||||
::: can access your data via the given token. We have taken these extra steps to
|
||||
::: secure your data and will work to further reduce any personal information gathered.
|
||||
:::
|
||||
|
@ -132,15 +131,27 @@ version_check() {
|
|||
return "${error_found}"
|
||||
}
|
||||
|
||||
dir_check() {
|
||||
header_write "Detecting contents of ${1}:"
|
||||
for file in $1*; do
|
||||
header_write "File ${file} found"
|
||||
echo -n "::: Parsing..."
|
||||
file_parse "${file}"
|
||||
echo "done"
|
||||
done
|
||||
echo ":::"
|
||||
}
|
||||
|
||||
files_check() {
|
||||
#Check non-zero length existence of ${1}
|
||||
header_write "Detecting existence of ${1}:"
|
||||
local search_file="${1}"
|
||||
if [[ -s ${search_file} ]]; then
|
||||
echo "::: File exists"
|
||||
echo -n "::: File exists, parsing..."
|
||||
file_parse "${search_file}"
|
||||
echo "done"
|
||||
return 0
|
||||
else
|
||||
else
|
||||
log_echo "${1} not found!"
|
||||
return 1
|
||||
fi
|
||||
|
@ -168,72 +179,69 @@ processor_check() {
|
|||
|
||||
ipv6_check() {
|
||||
# Check if system is IPv6 enabled, for use in other functions
|
||||
if [[ $IPv6_address ]]; then
|
||||
ls /proc/net/if_inet6 &>/dev/null && IPV6_READY=true
|
||||
if [[ $IPV6_ADDRESS ]]; then
|
||||
ls /proc/net/if_inet6 &>/dev/null
|
||||
return 0
|
||||
else
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
ip_check() {
|
||||
header_write "IP Address Information"
|
||||
# Get the current interface for Internet traffic
|
||||
|
||||
# Check if IPv6 enabled
|
||||
local IPv6_interface
|
||||
local IPv4_interface
|
||||
ipv6_check && IPv6_interface=${piholeInterface:-$(ip -6 r | grep default | cut -d ' ' -f 5)}
|
||||
# If declared in setupVars.conf use it, otherwise defer to default
|
||||
# http://stackoverflow.com/questions/2013547/assigning-default-values-to-shell-variables-with-a-single-command-in-bash
|
||||
IPv4_interface=${piholeInterface:-$(ip r | grep default | cut -d ' ' -f 5)}
|
||||
|
||||
|
||||
if [[ IPV6_READY ]]; then
|
||||
local IPv6_addr_list="$(ip a | awk -F " " '{ for(i=1;i<=NF;i++) if ($i == "inet6") print $(i+1) }')" \
|
||||
&& (log_write "${IPv6_addr_list}" && echo "::: IPv6 addresses located") \
|
||||
|| log_echo "No IPv6 addresses found."
|
||||
|
||||
local IPv6_def_gateway=$(ip -6 r | grep default | cut -d ' ' -f 3)
|
||||
if [[ $? = 0 ]] && [[ -n ${IPv6_def_gateway} ]]; then
|
||||
echo -n "::: Pinging default IPv6 gateway: "
|
||||
local IPv6_def_gateway_check="$(ping6 -q -W 3 -c 3 -n "${IPv6_def_gateway}" -I "${IPv6_interface}"| tail -n3)" \
|
||||
&& echo "Gateway Responded." \
|
||||
|| echo "Gateway did not respond."
|
||||
block_parse "${IPv6_def_gateway_check}"
|
||||
|
||||
echo -n "::: Pinging Internet via IPv6: "
|
||||
local IPv6_inet_check=$(ping6 -q -W 3 -c 3 -n 2001:4860:4860::8888 -I "${IPv6_interface}"| tail -n3) \
|
||||
&& echo "Query responded." \
|
||||
|| echo "Query did not respond."
|
||||
block_parse "${IPv6_inet_check}"
|
||||
else
|
||||
log_echo="No IPv6 Gateway Detected"
|
||||
fi
|
||||
|
||||
local IPv4_addr_list="$(ip a | awk -F " " '{ for(i=1;i<=NF;i++) if ($i == "inet") print $(i+1) }')" \
|
||||
&& (block_parse "${IPv4_addr_list}" && echo "::: IPv4 addresses located")\
|
||||
|| log_echo "No IPv4 addresses found."
|
||||
|
||||
local IPv4_def_gateway=$(ip r | grep default | cut -d ' ' -f 3)
|
||||
if [[ $? = 0 ]]; then
|
||||
echo -n "::: Pinging default IPv4 gateway: "
|
||||
local IPv4_def_gateway_check="$(ping -q -w 3 -c 3 -n "${IPv4_def_gateway}" -I "${IPv4_interface}" | tail -n3)" \
|
||||
&& echo "Gateway responded." \
|
||||
|| echo "Gateway did not respond."
|
||||
block_parse "${IPv4_def_gateway_check}"
|
||||
|
||||
echo -n "::: Pinging Internet via IPv4: "
|
||||
local IPv4_inet_check="$(ping -q -w 5 -c 3 -n 8.8.8.8 -I "${IPv4_interface}" | tail -n3)" \
|
||||
&& echo "Query responded." \
|
||||
|| echo "Query did not respond."
|
||||
block_parse "${IPv4_inet_check}"
|
||||
fi
|
||||
local protocol=${1}
|
||||
local gravity=${2}
|
||||
|
||||
local ip_addr_list="$(ip -${protocol} addr show dev ${PIHOLE_INTERFACE} | awk -F ' ' '{ for(i=1;i<=NF;i++) if ($i ~ '/^inet/') print $(i+1) }')"
|
||||
if [[ -n ${ip_addr_list} ]]; then
|
||||
log_write "IPv${protocol} on ${PIHOLE_INTERFACE}"
|
||||
log_write "Gravity configured for: ${2:-NOT CONFIGURED}"
|
||||
log_write "----"
|
||||
log_write "${ip_addr_list}"
|
||||
echo "::: IPv${protocol} addresses located on ${PIHOLE_INTERFACE}"
|
||||
ip_ping_check ${protocol}
|
||||
return $(( 0 + $? ))
|
||||
else
|
||||
log_echo "No IPv${protocol} found on ${PIHOLE_INTERFACE}"
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
ip_ping_check() {
|
||||
local protocol=${1}
|
||||
local cmd
|
||||
|
||||
if [[ ${protocol} == "6" ]]; then
|
||||
cmd="ping6"
|
||||
g_addr="2001:4860:4860::8888"
|
||||
else
|
||||
cmd="ping"
|
||||
g_addr="8.8.8.8"
|
||||
fi
|
||||
|
||||
local ip_def_gateway=$(ip -${protocol} route | grep default | cut -d ' ' -f 3)
|
||||
if [[ -n ${ip_def_gateway} ]]; then
|
||||
echo -n "::: Pinging default IPv${protocol} gateway: "
|
||||
if ! ping_gateway="$(${cmd} -q -W 3 -c 3 -n ${ip_def_gateway} -I ${PIHOLE_INTERFACE} | tail -n 3)"; then
|
||||
echo "Gateway did not respond."
|
||||
return 1
|
||||
else
|
||||
echo "Gateway responded."
|
||||
log_write "${ping_gateway}"
|
||||
fi
|
||||
echo -n "::: Pinging Internet via IPv${protocol}: "
|
||||
if ! ping_inet="$(${cmd} -q -W 3 -c 3 -n ${g_addr} -I ${PIHOLE_INTERFACE} | tail -n 3)"; then
|
||||
echo "Query did not respond."
|
||||
return 1
|
||||
else
|
||||
echo "Query responded."
|
||||
log_write "${ping_inet}"
|
||||
fi
|
||||
else
|
||||
log_echo " No gateway detected."
|
||||
fi
|
||||
return 0
|
||||
}
|
||||
|
||||
port_check() {
|
||||
local lsof_value
|
||||
|
||||
|
@ -344,7 +352,8 @@ distro_check || echo "Distro Check soft fail"
|
|||
# Gather processor type
|
||||
processor_check || echo "Processor Check soft fail"
|
||||
|
||||
ip_check
|
||||
ip_check 6 ${IPV6_ADDRESS}
|
||||
ip_check 4 ${IPV4_ADDRESS}
|
||||
|
||||
daemon_check lighttpd http
|
||||
daemon_check dnsmasq domain
|
||||
|
@ -353,7 +362,7 @@ testResolver
|
|||
debugLighttpd
|
||||
|
||||
files_check "${DNSMASQFILE}"
|
||||
files_check "${DNSMASQCONFFILE}"
|
||||
dir_check "${DNSMASQCONFDIR}"
|
||||
files_check "${WHITELISTFILE}"
|
||||
files_check "${BLACKLISTFILE}"
|
||||
files_check "${ADLISTFILE}"
|
||||
|
|
|
@ -60,7 +60,7 @@ GitCheckUpdateAvail() {
|
|||
git status
|
||||
exit
|
||||
fi
|
||||
|
||||
|
||||
# Change back to original directory
|
||||
cd "${curdir}"
|
||||
|
||||
|
@ -80,8 +80,8 @@ main() {
|
|||
local web_version_current
|
||||
|
||||
#This is unlikely
|
||||
if ! is_repo "${PI_HOLE_FILES_DIR}" || ! is_repo "${ADMIN_INTERFACE_DIR}" ; then
|
||||
echo "::: Critical Error: One or more Pi-Hole repos are missing from system!"
|
||||
if ! is_repo "${PI_HOLE_FILES_DIR}" ; then
|
||||
echo "::: Critical Error: Core Pi-Hole repo is missing from system!"
|
||||
echo "::: Please re-run install script from https://github.com/pi-hole/pi-hole"
|
||||
exit 1;
|
||||
fi
|
||||
|
@ -96,48 +96,67 @@ main() {
|
|||
echo "::: Pi-hole Core: up to date"
|
||||
fi
|
||||
|
||||
if GitCheckUpdateAvail "${ADMIN_INTERFACE_DIR}" ; then
|
||||
web_update=true
|
||||
echo "::: Web Interface: update available"
|
||||
else
|
||||
web_update=false
|
||||
echo "::: Web Interface: up to date"
|
||||
fi
|
||||
if [[ ${INSTALL_WEB} == true ]]; then
|
||||
if ! is_repo "${ADMIN_INTERFACE_DIR}" ; then
|
||||
echo "::: Critical Error: Web Admin repo is missing from system!"
|
||||
echo "::: Please re-run install script from https://github.com/pi-hole/pi-hole"
|
||||
exit 1;
|
||||
fi
|
||||
|
||||
# Logic
|
||||
# If Core up to date AND web up to date:
|
||||
# Do nothing
|
||||
# If Core up to date AND web NOT up to date:
|
||||
# Pull web repo
|
||||
# If Core NOT up to date AND web up to date:
|
||||
# pull pihole repo, run install --unattended -- reconfigure
|
||||
# if Core NOT up to date AND web NOT up to date:
|
||||
# pull pihole repo run install --unattended
|
||||
if GitCheckUpdateAvail "${ADMIN_INTERFACE_DIR}" ; then
|
||||
web_update=true
|
||||
echo "::: Web Interface: update available"
|
||||
else
|
||||
web_update=false
|
||||
echo "::: Web Interface: up to date"
|
||||
fi
|
||||
|
||||
if ! ${core_update} && ! ${web_update} ; then
|
||||
echo ":::"
|
||||
echo "::: Everything is up to date!"
|
||||
exit 0
|
||||
# Logic
|
||||
# If Core up to date AND web up to date:
|
||||
# Do nothing
|
||||
# If Core up to date AND web NOT up to date:
|
||||
# Pull web repo
|
||||
# If Core NOT up to date AND web up to date:
|
||||
# pull pihole repo, run install --unattended -- reconfigure
|
||||
# if Core NOT up to date AND web NOT up to date:
|
||||
# pull pihole repo run install --unattended
|
||||
|
||||
elif ! ${core_update} && ${web_update} ; then
|
||||
echo ":::"
|
||||
echo "::: Pi-hole Web Admin files out of date"
|
||||
getGitFiles "${ADMIN_INTERFACE_DIR}" "${ADMIN_INTERFACE_GIT_URL}"
|
||||
if ! ${core_update} && ! ${web_update} ; then
|
||||
echo ":::"
|
||||
echo "::: Everything is up to date!"
|
||||
exit 0
|
||||
|
||||
elif ${core_update} && ! ${web_update} ; then
|
||||
echo ":::"
|
||||
echo "::: Pi-hole core files out of date"
|
||||
getGitFiles "${PI_HOLE_FILES_DIR}" "${PI_HOLE_GIT_URL}"
|
||||
${PI_HOLE_FILES_DIR}/automated\ install/basic-install.sh --reconfigure --unattended || echo "Unable to complete update, contact Pi-hole" && exit 1
|
||||
elif ! ${core_update} && ${web_update} ; then
|
||||
echo ":::"
|
||||
echo "::: Pi-hole Web Admin files out of date"
|
||||
getGitFiles "${ADMIN_INTERFACE_DIR}" "${ADMIN_INTERFACE_GIT_URL}"
|
||||
|
||||
elif ${core_update} && ${web_update} ; then
|
||||
echo ":::"
|
||||
echo "::: Updating Everything"
|
||||
getGitFiles "${PI_HOLE_FILES_DIR}" "${PI_HOLE_GIT_URL}"
|
||||
${PI_HOLE_FILES_DIR}/automated\ install/basic-install.sh --unattended || echo "Unable to complete update, contact Pi-hole" && exit 1
|
||||
else
|
||||
echo "*** Update script has malfunctioned, fallthrough reached. Please contact support"
|
||||
exit 1
|
||||
elif ${core_update} && ! ${web_update} ; then
|
||||
echo ":::"
|
||||
echo "::: Pi-hole core files out of date"
|
||||
getGitFiles "${PI_HOLE_FILES_DIR}" "${PI_HOLE_GIT_URL}"
|
||||
${PI_HOLE_FILES_DIR}/automated\ install/basic-install.sh --reconfigure --unattended || echo "Unable to complete update, contact Pi-hole" && exit 1
|
||||
|
||||
elif ${core_update} && ${web_update} ; then
|
||||
echo ":::"
|
||||
echo "::: Updating Everything"
|
||||
getGitFiles "${PI_HOLE_FILES_DIR}" "${PI_HOLE_GIT_URL}"
|
||||
${PI_HOLE_FILES_DIR}/automated\ install/basic-install.sh --unattended || echo "Unable to complete update, contact Pi-hole" && exit 1
|
||||
else
|
||||
echo "*** Update script has malfunctioned, fallthrough reached. Please contact support"
|
||||
exit 1
|
||||
fi
|
||||
else # Web Admin not installed, so only verify if core is up to date
|
||||
if ! ${core_update}; then
|
||||
echo ":::"
|
||||
echo "::: Everything is up to date!"
|
||||
exit 0
|
||||
else
|
||||
echo ":::"
|
||||
echo "::: Pi-hole core files out of date"
|
||||
getGitFiles "${PI_HOLE_FILES_DIR}" "${PI_HOLE_GIT_URL}"
|
||||
${PI_HOLE_FILES_DIR}/automated\ install/basic-install.sh --reconfigure --unattended || echo "Unable to complete update, contact Pi-hole" && exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
if [[ "${web_update}" == true ]]; then
|
||||
|
|
|
@ -9,6 +9,14 @@
|
|||
# the Free Software Foundation, either version 2 of the License, or
|
||||
# (at your option) any later version.
|
||||
|
||||
###############################################################################
|
||||
# FILE AUTOMATICALLY OVERWRITTEN BY PI-HOLE INSTALL/UPDATE PROCEDURE. #
|
||||
# ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
|
||||
# #
|
||||
# CHANGES SHOULD BE MADE IN A SEPERATE CONFIG FILE: #
|
||||
# /etc/lighttpd/external.conf #
|
||||
###############################################################################
|
||||
|
||||
server.modules = (
|
||||
"mod_access",
|
||||
"mod_accesslog",
|
||||
|
@ -21,15 +29,15 @@ server.modules = (
|
|||
)
|
||||
|
||||
server.document-root = "/var/www/html"
|
||||
server.error-handler-404 = "pihole/index.php"
|
||||
server.error-handler-404 = "pihole/index.php"
|
||||
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
|
||||
server.errorlog = "/var/log/lighttpd/error.log"
|
||||
server.pid-file = "/var/run/lighttpd.pid"
|
||||
server.username = "www-data"
|
||||
server.groupname = "www-data"
|
||||
server.port = 80
|
||||
accesslog.filename = "/var/log/lighttpd/access.log"
|
||||
accesslog.format = "%{%s}t|%V|%r|%s|%b"
|
||||
accesslog.filename = "/var/log/lighttpd/access.log"
|
||||
accesslog.format = "%{%s}t|%V|%r|%s|%b"
|
||||
|
||||
|
||||
index-file.names = ( "index.php", "index.html", "index.lighttpd.html" )
|
||||
|
|
|
@ -9,6 +9,14 @@
|
|||
# the Free Software Foundation, either version 2 of the License, or
|
||||
# (at your option) any later version.
|
||||
|
||||
###############################################################################
|
||||
# FILE AUTOMATICALLY OVERWRITTEN BY PI-HOLE INSTALL/UPDATE PROCEDURE. #
|
||||
# ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
|
||||
# #
|
||||
# CHANGES SHOULD BE MADE IN A SEPERATE CONFIG FILE: #
|
||||
# /etc/lighttpd/external.conf #
|
||||
###############################################################################
|
||||
|
||||
server.modules = (
|
||||
"mod_access",
|
||||
"mod_auth",
|
||||
|
@ -22,15 +30,15 @@ server.modules = (
|
|||
)
|
||||
|
||||
server.document-root = "/var/www/html"
|
||||
server.error-handler-404 = "pihole/index.php"
|
||||
server.error-handler-404 = "pihole/index.php"
|
||||
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
|
||||
server.errorlog = "/var/log/lighttpd/error.log"
|
||||
server.pid-file = "/var/run/lighttpd.pid"
|
||||
server.username = "lighttpd"
|
||||
server.groupname = "lighttpd"
|
||||
server.port = 80
|
||||
accesslog.filename = "/var/log/lighttpd/access.log"
|
||||
accesslog.format = "%{%s}t|%V|%r|%s|%b"
|
||||
accesslog.filename = "/var/log/lighttpd/access.log"
|
||||
accesslog.format = "%{%s}t|%V|%r|%s|%b"
|
||||
|
||||
|
||||
index-file.names = ( "index.php", "index.html", "index.lighttpd.html" )
|
||||
|
|
|
@ -34,6 +34,8 @@ useUpdateVars=false
|
|||
IPV4_ADDRESS=""
|
||||
IPV6_ADDRESS=""
|
||||
QUERY_LOGGING=true
|
||||
INSTALL_WEB=true
|
||||
|
||||
|
||||
# Find the rows and columns will default to 80x24 is it can not be detected
|
||||
screen_size=$(stty size 2>/dev/null || echo 24 80)
|
||||
|
@ -63,14 +65,14 @@ if command -v apt-get &> /dev/null; then
|
|||
# grep -c will return 1 retVal on 0 matches, block this throwing the set -e with an OR TRUE
|
||||
PKG_COUNT="${PKG_MANAGER} -s -o Debug::NoLocking=true upgrade | grep -c ^Inst || true"
|
||||
# #########################################
|
||||
# fixes for dependancy differences
|
||||
# fixes for dependency differences
|
||||
# Debian 7 doesn't have iproute2 use iproute
|
||||
if ${PKG_MANAGER} install --dry-run iproute2 > /dev/null 2>&1; then
|
||||
iproute_pkg="iproute2"
|
||||
else
|
||||
iproute_pkg="iproute"
|
||||
fi
|
||||
# Prefer the php metapackage if it's there, fall back on the php5 pacakges
|
||||
# Prefer the php metapackage if it's there, fall back on the php5 packages
|
||||
if ${PKG_MANAGER} install --dry-run php > /dev/null 2>&1; then
|
||||
phpVer="php"
|
||||
else
|
||||
|
@ -78,7 +80,8 @@ if command -v apt-get &> /dev/null; then
|
|||
fi
|
||||
# #########################################
|
||||
INSTALLER_DEPS=(apt-utils debconf dhcpcd5 git ${iproute_pkg} whiptail)
|
||||
PIHOLE_DEPS=(bc cron curl dnsmasq dnsutils iputils-ping lighttpd lsof netcat ${phpVer}-common ${phpVer}-cgi sudo unzip wget)
|
||||
PIHOLE_DEPS=(bc cron curl dnsmasq dnsutils iputils-ping lsof netcat sudo unzip wget)
|
||||
PIHOLE_WEB_DEPS=(lighttpd ${phpVer}-common ${phpVer}-cgi)
|
||||
LIGHTTPD_USER="www-data"
|
||||
LIGHTTPD_GROUP="www-data"
|
||||
LIGHTTPD_CFG="lighttpd.conf.debian"
|
||||
|
@ -97,8 +100,8 @@ elif command -v rpm &> /dev/null; then
|
|||
PKG_INSTALL=(${PKG_MANAGER} install -y)
|
||||
PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l"
|
||||
INSTALLER_DEPS=(git iproute net-tools newt procps-ng)
|
||||
PIHOLE_DEPS=(bc bind-utils cronie curl dnsmasq findutils lighttpd lighttpd-fastcgi nmap-ncat php php-common php-cli sudo unzip wget)
|
||||
|
||||
PIHOLE_DEPS=(bc bind-utils cronie curl dnsmasq findutils nmap-ncat sudo unzip wget)
|
||||
PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php php-common php-cli)
|
||||
if ! grep -q 'Fedora' /etc/redhat-release; then
|
||||
INSTALLER_DEPS=("${INSTALLER_DEPS[@]}" "epel-release");
|
||||
fi
|
||||
|
@ -448,6 +451,7 @@ setDNS() {
|
|||
Level3 ""
|
||||
Norton ""
|
||||
Comodo ""
|
||||
DNSWatch ""
|
||||
Custom "")
|
||||
DNSchoices=$(whiptail --separate-output --menu "Select Upstream DNS Provider. To use your own, select Custom." ${r} ${c} 6 \
|
||||
"${DNSChooseOptions[@]}" 2>&1 >/dev/tty) || \
|
||||
|
@ -478,6 +482,11 @@ setDNS() {
|
|||
PIHOLE_DNS_1="8.26.56.26"
|
||||
PIHOLE_DNS_2="8.20.247.20"
|
||||
;;
|
||||
DNSWatch)
|
||||
echo "::: Using DNS.WATCH servers."
|
||||
PIHOLE_DNS_1="84.200.69.80"
|
||||
PIHOLE_DNS_2="84.200.70.40"
|
||||
;;
|
||||
Custom)
|
||||
until [[ ${DNSSettingsCorrect} = True ]]; do
|
||||
strInvalid="Invalid"
|
||||
|
@ -546,6 +555,27 @@ setLogging() {
|
|||
esac
|
||||
}
|
||||
|
||||
setAdminFlag() {
|
||||
local WebToggleCommand
|
||||
local WebChooseOptions
|
||||
local WebChoices
|
||||
|
||||
WebToggleCommand=(whiptail --separate-output --radiolist "Do you wish to install the web admin interface?" ${r} ${c} 6)
|
||||
WebChooseOptions=("On (Recommended)" "" on
|
||||
Off "" off)
|
||||
WebChoices=$("${WebToggleCommand[@]}" "${WebChooseOptions[@]}" 2>&1 >/dev/tty) || (echo "::: Cancel selected. Exiting..." && exit 1)
|
||||
case ${WebChoices} in
|
||||
"On (Recommended)")
|
||||
echo "::: Web Interface On."
|
||||
INSTALL_WEB=true
|
||||
;;
|
||||
Off)
|
||||
echo "::: Web Interface off."
|
||||
INSTALL_WEB=false
|
||||
;;
|
||||
esac
|
||||
}
|
||||
|
||||
|
||||
version_check_dnsmasq() {
|
||||
# Check if /etc/dnsmasq.conf is from pihole. If so replace with an original and install new in .d directory
|
||||
|
@ -643,19 +673,23 @@ installConfigs() {
|
|||
echo ":::"
|
||||
echo "::: Installing configs..."
|
||||
version_check_dnsmasq
|
||||
if [ ! -d "/etc/lighttpd" ]; then
|
||||
mkdir /etc/lighttpd
|
||||
chown "${USER}":root /etc/lighttpd
|
||||
elif [ -f "/etc/lighttpd/lighttpd.conf" ]; then
|
||||
mv /etc/lighttpd/lighttpd.conf /etc/lighttpd/lighttpd.conf.orig
|
||||
|
||||
#Only mess with lighttpd configs if user has chosen to install web interface
|
||||
if [[ ${INSTALL_WEB} == true ]]; then
|
||||
if [ ! -d "/etc/lighttpd" ]; then
|
||||
mkdir /etc/lighttpd
|
||||
chown "${USER}":root /etc/lighttpd
|
||||
elif [ -f "/etc/lighttpd/lighttpd.conf" ]; then
|
||||
mv /etc/lighttpd/lighttpd.conf /etc/lighttpd/lighttpd.conf.orig
|
||||
fi
|
||||
cp /etc/.pihole/advanced/${LIGHTTPD_CFG} /etc/lighttpd/lighttpd.conf
|
||||
mkdir -p /var/run/lighttpd
|
||||
chown ${LIGHTTPD_USER}:${LIGHTTPD_GROUP} /var/run/lighttpd
|
||||
mkdir -p /var/cache/lighttpd/compress
|
||||
chown ${LIGHTTPD_USER}:${LIGHTTPD_GROUP} /var/cache/lighttpd/compress
|
||||
mkdir -p /var/cache/lighttpd/uploads
|
||||
chown ${LIGHTTPD_USER}:${LIGHTTPD_GROUP} /var/cache/lighttpd/uploads
|
||||
fi
|
||||
cp /etc/.pihole/advanced/${LIGHTTPD_CFG} /etc/lighttpd/lighttpd.conf
|
||||
mkdir -p /var/run/lighttpd
|
||||
chown ${LIGHTTPD_USER}:${LIGHTTPD_GROUP} /var/run/lighttpd
|
||||
mkdir -p /var/cache/lighttpd/compress
|
||||
chown ${LIGHTTPD_USER}:${LIGHTTPD_GROUP} /var/cache/lighttpd/compress
|
||||
mkdir -p /var/cache/lighttpd/uploads
|
||||
chown ${LIGHTTPD_USER}:${LIGHTTPD_GROUP} /var/cache/lighttpd/uploads
|
||||
}
|
||||
|
||||
stop_service() {
|
||||
|
@ -917,6 +951,17 @@ configureFirewall() {
|
|||
}
|
||||
|
||||
finalExports() {
|
||||
|
||||
if [[ ${INSTALL_WEB} == false ]]; then
|
||||
#No web interface installed, and therefore no block page set IPV4/6 to 0.0.0.0 and ::/0
|
||||
if [ ${IPV4_ADDRESS} ]; then
|
||||
IPV4_ADDRESS="0.0.0.0"
|
||||
fi
|
||||
if [ ${IPV6_ADDRESS} ]; then
|
||||
IPV6_ADDRESS="::/0"
|
||||
fi
|
||||
fi
|
||||
|
||||
# Update variables in setupVars.conf file
|
||||
if [ -e "${setupVars}" ]; then
|
||||
sed -i.update.bak '/PIHOLE_INTERFACE/d;/IPV4_ADDRESS/d;/IPV6_ADDRESS/d;/PIHOLE_DNS_1/d;/PIHOLE_DNS_2/d;/QUERY_LOGGING/d;' "${setupVars}"
|
||||
|
@ -928,6 +973,7 @@ finalExports() {
|
|||
echo "PIHOLE_DNS_1=${PIHOLE_DNS_1}"
|
||||
echo "PIHOLE_DNS_2=${PIHOLE_DNS_2}"
|
||||
echo "QUERY_LOGGING=${QUERY_LOGGING}"
|
||||
echo "INSTALL_WEB=${INSTALL_WEB}"
|
||||
}>> "${setupVars}"
|
||||
|
||||
# Look for DNS server settings which would have to be reapplied
|
||||
|
@ -964,26 +1010,31 @@ installLogrotate() {
|
|||
installPihole() {
|
||||
# Install base files and web interface
|
||||
create_pihole_user
|
||||
if [ ! -d "/var/www/html" ]; then
|
||||
mkdir -p /var/www/html
|
||||
fi
|
||||
chown ${LIGHTTPD_USER}:${LIGHTTPD_GROUP} /var/www/html
|
||||
chmod 775 /var/www/html
|
||||
usermod -a -G ${LIGHTTPD_GROUP} pihole
|
||||
if [ -x "$(command -v lighty-enable-mod)" ]; then
|
||||
lighty-enable-mod fastcgi fastcgi-php > /dev/null || true
|
||||
else
|
||||
printf "\n:::\tWarning: 'lighty-enable-mod' utility not found. Please ensure fastcgi is enabled if you experience issues.\n"
|
||||
|
||||
if [[ ${INSTALL_WEB} == true ]]; then
|
||||
if [ ! -d "/var/www/html" ]; then
|
||||
mkdir -p /var/www/html
|
||||
fi
|
||||
chown ${LIGHTTPD_USER}:${LIGHTTPD_GROUP} /var/www/html
|
||||
chmod 775 /var/www/html
|
||||
usermod -a -G ${LIGHTTPD_GROUP} pihole
|
||||
if [ -x "$(command -v lighty-enable-mod)" ]; then
|
||||
lighty-enable-mod fastcgi fastcgi-php > /dev/null || true
|
||||
else
|
||||
printf "\n:::\tWarning: 'lighty-enable-mod' utility not found. Please ensure fastcgi is enabled if you experience issues.\n"
|
||||
fi
|
||||
fi
|
||||
installScripts
|
||||
installConfigs
|
||||
CreateLogFile
|
||||
installPiholeWeb
|
||||
if [[ ${INSTALL_WEB} == true ]]; then
|
||||
installPiholeWeb
|
||||
fi
|
||||
installCron
|
||||
installLogrotate
|
||||
configureFirewall
|
||||
finalExports
|
||||
runGravity
|
||||
#runGravity
|
||||
}
|
||||
|
||||
accountForRefactor() {
|
||||
|
@ -1003,17 +1054,17 @@ accountForRefactor() {
|
|||
|
||||
updatePihole() {
|
||||
accountForRefactor
|
||||
# Source ${setupVars} for use in the rest of the functions.
|
||||
source ${setupVars}
|
||||
# Install base files and web interface
|
||||
installScripts
|
||||
installConfigs
|
||||
CreateLogFile
|
||||
installPiholeWeb
|
||||
if [[ ${INSTALL_WEB} == true ]]; then
|
||||
installPiholeWeb
|
||||
fi
|
||||
installCron
|
||||
installLogrotate
|
||||
finalExports #re-export setupVars.conf to account for any new vars added in new versions
|
||||
runGravity
|
||||
#runGravity
|
||||
}
|
||||
|
||||
|
||||
|
@ -1035,6 +1086,13 @@ checkSelinux() {
|
|||
}
|
||||
|
||||
displayFinalMessage() {
|
||||
|
||||
if [[ ${INSTALL_WEB} == true ]]; then
|
||||
additional="View the web interface at http://pi.hole/admin or http://${IPV4_ADDRESS%/*}/admin
|
||||
|
||||
Your Admin Webpage login password is ${1:-"NOT SET"}"
|
||||
fi
|
||||
|
||||
# Final completion message to user
|
||||
whiptail --msgbox --backtitle "Make it so." --title "Installation Complete!" "Configure your devices to use the Pi-hole as their DNS server using:
|
||||
|
||||
|
@ -1044,9 +1102,8 @@ IPv6: ${IPV6_ADDRESS:-"Not Configured"}
|
|||
If you set a new IP address, you should restart the Pi.
|
||||
|
||||
The install log is in /etc/pihole.
|
||||
View the web interface at http://pi.hole/admin or http://${IPV4_ADDRESS%/*}/admin
|
||||
|
||||
Your Admin Webpage login password is ${1:-"NOT SET"}" ${r} ${c}
|
||||
${additional}" ${r} ${c}
|
||||
}
|
||||
|
||||
update_dialogs() {
|
||||
|
@ -1080,6 +1137,25 @@ update_dialogs() {
|
|||
esac
|
||||
}
|
||||
|
||||
clone_or_update_repos() {
|
||||
if [[ "${reconfigure}" == true ]]; then
|
||||
echo "::: --reconfigure passed to install script. Not downloading/updating local repos"
|
||||
else
|
||||
# Get Git files for Core and Admin
|
||||
getGitFiles ${PI_HOLE_LOCAL_REPO} ${piholeGitUrl} || \
|
||||
{ echo "!!! Unable to clone ${piholeGitUrl} into ${PI_HOLE_LOCAL_REPO}, unable to continue."; \
|
||||
exit 1; \
|
||||
}
|
||||
|
||||
if [[ ${INSTALL_WEB} == true ]]; then
|
||||
getGitFiles ${webInterfaceDir} ${webInterfaceGitUrl} || \
|
||||
{ echo "!!! Unable to clone ${webInterfaceGitUrl} into ${webInterfaceDir}, unable to continue."; \
|
||||
exit 1; \
|
||||
}
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
main() {
|
||||
|
||||
######## FIRST CHECK ########
|
||||
|
@ -1145,28 +1221,17 @@ main() {
|
|||
# Check if SELinux is Enforcing
|
||||
checkSelinux
|
||||
|
||||
if [[ "${reconfigure}" == true ]]; then
|
||||
echo "::: --reconfigure passed to install script. Not downloading/updating local repos"
|
||||
else
|
||||
# Get Git files for Core and Admin
|
||||
getGitFiles ${PI_HOLE_LOCAL_REPO} ${piholeGitUrl} || \
|
||||
{ echo "!!! Unable to clone ${piholeGitUrl} into ${PI_HOLE_LOCAL_REPO}, unable to continue."; \
|
||||
exit 1; \
|
||||
}
|
||||
getGitFiles ${webInterfaceDir} ${webInterfaceGitUrl} || \
|
||||
{ echo "!!! Unable to clone ${webInterfaceGitUrl} into ${webInterfaceDir}, unable to continue."; \
|
||||
exit 1; \
|
||||
}
|
||||
fi
|
||||
|
||||
if [[ ${useUpdateVars} == false ]]; then
|
||||
# Display welcome dialogs
|
||||
welcomeDialogs
|
||||
# Create directory for Pi-hole storage
|
||||
mkdir -p /etc/pihole/
|
||||
# Stop resolver and webserver while installing proceses
|
||||
|
||||
stop_service dnsmasq
|
||||
stop_service lighttpd
|
||||
if [[ ${INSTALL_WEB} == true ]]; then
|
||||
stop_service lighttpd
|
||||
fi
|
||||
# Determine available interfaces
|
||||
get_available_interfaces
|
||||
# Find interfaces and let the user choose one
|
||||
|
@ -1175,17 +1240,38 @@ main() {
|
|||
setDNS
|
||||
# Let the user decide if they want to block ads over IPv4 and/or IPv6
|
||||
use4andor6
|
||||
# Let the user decide if they want the web interface to be installed automatically
|
||||
setAdminFlag
|
||||
# Let the user decide if they want query logging enabled...
|
||||
setLogging
|
||||
# Clone/Update the repos
|
||||
clone_or_update_repos
|
||||
|
||||
# Install packages used by the Pi-hole
|
||||
if [[ ${INSTALL_WEB} == true ]]; then
|
||||
DEPS=("${PIHOLE_DEPS[@]}" "${PIHOLE_WEB_DEPS[@]}")
|
||||
else
|
||||
DEPS=("${PIHOLE_DEPS[@]}")
|
||||
fi
|
||||
install_dependent_packages DEPS[@]
|
||||
|
||||
# Install packages used by the Pi-hole
|
||||
install_dependent_packages PIHOLE_DEPS[@]
|
||||
|
||||
# Install and log everything to a file
|
||||
installPihole | tee ${tmpLog}
|
||||
else
|
||||
# update packages used by the Pi-hole
|
||||
install_dependent_packages PIHOLE_DEPS[@]
|
||||
# Clone/Update the repos
|
||||
clone_or_update_repos
|
||||
|
||||
# Source ${setupVars} for use in the rest of the functions.
|
||||
source ${setupVars}
|
||||
|
||||
# Install packages used by the Pi-hole
|
||||
if [[ ${INSTALL_WEB} == true ]]; then
|
||||
DEPS=("${PIHOLE_DEPS[@]}" "${PIHOLE_WEB_DEPS[@]}")
|
||||
else
|
||||
DEPS=("${PIHOLE_DEPS[@]}")
|
||||
fi
|
||||
install_dependent_packages DEPS[@]
|
||||
|
||||
updatePihole | tee ${tmpLog}
|
||||
fi
|
||||
|
@ -1193,25 +1279,33 @@ main() {
|
|||
# Move the log file into /etc/pihole for storage
|
||||
mv ${tmpLog} ${instalLogLoc}
|
||||
|
||||
# Add password to web UI if there is none
|
||||
pw=""
|
||||
if [[ $(grep 'WEBPASSWORD' -c /etc/pihole/setupVars.conf) == 0 ]] ; then
|
||||
pw=$(tr -dc _A-Z-a-z-0-9 < /dev/urandom | head -c 8)
|
||||
/usr/local/bin/pihole -a -p "${pw}"
|
||||
fi
|
||||
|
||||
if [[ "${useUpdateVars}" == false ]]; then
|
||||
displayFinalMessage "${pw}"
|
||||
if [[ ${INSTALL_WEB} == true ]]; then
|
||||
# Add password to web UI if there is none
|
||||
pw=""
|
||||
if [[ $(grep 'WEBPASSWORD' -c /etc/pihole/setupVars.conf) == 0 ]] ; then
|
||||
pw=$(tr -dc _A-Z-a-z-0-9 < /dev/urandom | head -c 8)
|
||||
/usr/local/bin/pihole -a -p "${pw}"
|
||||
fi
|
||||
fi
|
||||
|
||||
echo "::: Restarting services..."
|
||||
# Start services
|
||||
start_service dnsmasq
|
||||
enable_service dnsmasq
|
||||
start_service lighttpd
|
||||
enable_service lighttpd
|
||||
|
||||
if [[ ${INSTALL_WEB} == true ]]; then
|
||||
start_service lighttpd
|
||||
enable_service lighttpd
|
||||
fi
|
||||
|
||||
runGravity
|
||||
|
||||
echo "::: done."
|
||||
|
||||
if [[ "${useUpdateVars}" == false ]]; then
|
||||
displayFinalMessage "${pw}"
|
||||
fi
|
||||
|
||||
echo ":::"
|
||||
if [[ "${useUpdateVars}" == false ]]; then
|
||||
echo "::: Installation Complete! Configure your devices to use the Pi-hole as their DNS server using:"
|
||||
|
@ -1219,19 +1313,23 @@ main() {
|
|||
echo "::: ${IPV6_ADDRESS}"
|
||||
echo ":::"
|
||||
echo "::: If you set a new IP address, you should restart the Pi."
|
||||
echo "::: View the web interface at http://pi.hole/admin or http://${IPV4_ADDRESS%/*}/admin"
|
||||
if [[ ${INSTALL_WEB} == true ]]; then
|
||||
echo "::: View the web interface at http://pi.hole/admin or http://${IPV4_ADDRESS%/*}/admin"
|
||||
fi
|
||||
else
|
||||
echo "::: Update complete!"
|
||||
fi
|
||||
|
||||
if (( ${#pw} > 0 )) ; then
|
||||
echo ":::"
|
||||
echo "::: Note: As security measure a password has been installed for your web interface"
|
||||
echo "::: The currently set password is"
|
||||
echo "::: ${pw}"
|
||||
echo ":::"
|
||||
echo "::: You can always change it using"
|
||||
echo "::: pihole -a -p new_password"
|
||||
if [[ ${INSTALL_WEB} == true ]]; then
|
||||
if (( ${#pw} > 0 )) ; then
|
||||
echo ":::"
|
||||
echo "::: Note: As security measure a password has been installed for your web interface"
|
||||
echo "::: The currently set password is"
|
||||
echo "::: ${pw}"
|
||||
echo ":::"
|
||||
echo "::: You can always change it using"
|
||||
echo "::: pihole -a -p new_password"
|
||||
fi
|
||||
fi
|
||||
|
||||
echo ":::"
|
||||
|
|
Loading…
Reference in a new issue