Merge pull request #1 from pi-hole/development

Development
This commit is contained in:
ProtoFoo 2017-02-21 19:10:47 +01:00 committed by GitHub
commit 412cacac49
9 changed files with 352 additions and 208 deletions

2
.gitattributes vendored
View file

@ -35,4 +35,4 @@ GitHub.Tests.Integration/Resources/* binary
# Catch all for anything we forgot. Add rules if you get CRLF -> LF warnings. # Catch all for anything we forgot. Add rules if you get CRLF -> LF warnings.
* text=auto * text eol=lf

View file

@ -139,6 +139,7 @@ You can view [real-time stats](https://discourse.pi-hole.net/t/how-do-i-view-my-
## Pi-hole Projects ## Pi-hole Projects
- [An ad blocking Magic Mirror](https://zonksec.com/blog/magic-mirror-dns-filtering/#dnssoftware)
- [Pi-hole stats in your Mac's menu bar](https://getbitbar.com/plugins/Network/pi-hole.1m.py) - [Pi-hole stats in your Mac's menu bar](https://getbitbar.com/plugins/Network/pi-hole.1m.py)
- [Get LED alerts for each blocked ad](http://thetimmy.silvernight.org/pages/endisbutton/) - [Get LED alerts for each blocked ad](http://thetimmy.silvernight.org/pages/endisbutton/)
- [Pi-hole on Ubuntu 14.04 on VirtualBox](http://hbalagtas.blogspot.com/2016/02/adblocking-with-pi-hole-and-ubuntu-1404.html) - [Pi-hole on Ubuntu 14.04 on VirtualBox](http://hbalagtas.blogspot.com/2016/02/adblocking-with-pi-hole-and-ubuntu-1404.html)
@ -154,6 +155,7 @@ You can view [real-time stats](https://discourse.pi-hole.net/t/how-do-i-view-my-
- [Windows Tray Stat Application](https://github.com/goldbattle/copernicus) - [Windows Tray Stat Application](https://github.com/goldbattle/copernicus)
- [Let your blink1 device blink when Pi-hole filters ads](https://gist.github.com/elpatron68/ec0b4c582e5abf604885ac1e068d233f) - [Let your blink1 device blink when Pi-hole filters ads](https://gist.github.com/elpatron68/ec0b4c582e5abf604885ac1e068d233f)
- [Pi-Hole Prometheus exporter](https://github.com/nlamirault/pihole_exporter) : a [Prometheus](https://prometheus.io/) exporter for Pi-Hole - [Pi-Hole Prometheus exporter](https://github.com/nlamirault/pihole_exporter) : a [Prometheus](https://prometheus.io/) exporter for Pi-Hole
- [Pi-hole Droid - open source Android client](https://github.com/friimaind/pi-hole-droid)
## Coverage ## Coverage

View file

@ -14,7 +14,7 @@
https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
# Other lists we consider safe: # Other lists we consider safe:
http://mirror1.malwaredomains.com/files/justdomains https://mirror1.malwaredomains.com/files/justdomains
http://sysctl.org/cameleon/hosts http://sysctl.org/cameleon/hosts
https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist
https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
@ -23,9 +23,9 @@ https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
# hosts-file.net list. Updated frequently, but has been known to block legitimate sites. # hosts-file.net list. Updated frequently, but has been known to block legitimate sites.
https://hosts-file.net/ad_servers.txt https://hosts-file.net/ad_servers.txt
# Mahakala list. Has been known to block legitimage domains including the entire .com range. # Mahakala list. Has been known to block legitimate domains including the entire .com range.
# Warning: Due to the sheer size of this list, the web admin console will be unresponsive. # Warning: Due to the sheer size of this list, the web admin console will be unresponsive.
#http://adblock.mahakala.is/ #https://adblock.mahakala.is/
# ADZHOSTS list. Has been known to block legitimate domains # ADZHOSTS list. Has been known to block legitimate domains
#http://pilotfiber.dl.sourceforge.net/project/adzhosts/HOSTS.txt #http://pilotfiber.dl.sourceforge.net/project/adzhosts/HOSTS.txt
@ -49,5 +49,5 @@ https://hosts-file.net/ad_servers.txt
# Following two lists should be used simultaneously: (readme https://github.com/notracking/hosts-blocklists/) # Following two lists should be used simultaneously: (readme https://github.com/notracking/hosts-blocklists/)
#https://raw.github.com/notracking/hosts-blocklists/master/hostnames.txt #https://raw.github.com/notracking/hosts-blocklists/master/hostnames.txt
#https://raw.github.com/notracking/hosts-blocklists/master/domains.txt #https://raw.github.com/notracking/hosts-blocklists/master/domains.txt
# Combination of serveral host files on the internet (warning some facebook domains are also blocked but you can go to facebook.com). See https://github.com/mat1th/Dns-add-block for more information. # Combination of several host files on the internet (warning some facebook domains are also blocked but you can go to facebook.com). See https://github.com/mat1th/Dns-add-block for more information.
#https://raw.githubusercontent.com/mat1th/Dns-add-block/master/hosts #https://raw.githubusercontent.com/mat1th/Dns-add-block/master/hosts

View file

@ -16,7 +16,7 @@ set -o pipefail
VARSFILE="/etc/pihole/setupVars.conf" VARSFILE="/etc/pihole/setupVars.conf"
DEBUG_LOG="/var/log/pihole_debug.log" DEBUG_LOG="/var/log/pihole_debug.log"
DNSMASQFILE="/etc/dnsmasq.conf" DNSMASQFILE="/etc/dnsmasq.conf"
DNSMASQCONFFILE="/etc/dnsmasq.d/01-pihole.conf" DNSMASQCONFDIR="/etc/dnsmasq.d/*"
LIGHTTPDFILE="/etc/lighttpd/lighttpd.conf" LIGHTTPDFILE="/etc/lighttpd/lighttpd.conf"
LIGHTTPDERRFILE="/var/log/lighttpd/error.log" LIGHTTPDERRFILE="/var/log/lighttpd/error.log"
GRAVITYFILE="/etc/pihole/gravity.list" GRAVITYFILE="/etc/pihole/gravity.list"
@ -26,7 +26,6 @@ ADLISTFILE="/etc/pihole/adlists.list"
PIHOLELOG="/var/log/pihole.log" PIHOLELOG="/var/log/pihole.log"
WHITELISTMATCHES="/tmp/whitelistmatches.list" WHITELISTMATCHES="/tmp/whitelistmatches.list"
IPV6_READY=false
TIMEOUT=60 TIMEOUT=60
# Header info and introduction # Header info and introduction
cat << EOM cat << EOM
@ -35,7 +34,7 @@ cat << EOM
::: This process collects information from your Pi-hole, and optionally uploads ::: This process collects information from your Pi-hole, and optionally uploads
::: it to a unique and random directory on tricorder.pi-hole.net. ::: it to a unique and random directory on tricorder.pi-hole.net.
::: :::
::: NOTE: All log files auto-delete after 24 hours and ONLY the Pi-hole developers ::: NOTE: All log files auto-delete after 48 hours and ONLY the Pi-hole developers
::: can access your data via the given token. We have taken these extra steps to ::: can access your data via the given token. We have taken these extra steps to
::: secure your data and will work to further reduce any personal information gathered. ::: secure your data and will work to further reduce any personal information gathered.
::: :::
@ -132,13 +131,25 @@ version_check() {
return "${error_found}" return "${error_found}"
} }
dir_check() {
header_write "Detecting contents of ${1}:"
for file in $1*; do
header_write "File ${file} found"
echo -n "::: Parsing..."
file_parse "${file}"
echo "done"
done
echo ":::"
}
files_check() { files_check() {
#Check non-zero length existence of ${1} #Check non-zero length existence of ${1}
header_write "Detecting existence of ${1}:" header_write "Detecting existence of ${1}:"
local search_file="${1}" local search_file="${1}"
if [[ -s ${search_file} ]]; then if [[ -s ${search_file} ]]; then
echo "::: File exists" echo -n "::: File exists, parsing..."
file_parse "${search_file}" file_parse "${search_file}"
echo "done"
return 0 return 0
else else
log_echo "${1} not found!" log_echo "${1} not found!"
@ -168,70 +179,67 @@ processor_check() {
ipv6_check() { ipv6_check() {
# Check if system is IPv6 enabled, for use in other functions # Check if system is IPv6 enabled, for use in other functions
if [[ $IPv6_address ]]; then if [[ $IPV6_ADDRESS ]]; then
ls /proc/net/if_inet6 &>/dev/null && IPV6_READY=true ls /proc/net/if_inet6 &>/dev/null
return 0 return 0
else else
return 1 return 1
fi fi
} }
ip_check() { ip_check() {
header_write "IP Address Information" local protocol=${1}
# Get the current interface for Internet traffic local gravity=${2}
# Check if IPv6 enabled local ip_addr_list="$(ip -${protocol} addr show dev ${PIHOLE_INTERFACE} | awk -F ' ' '{ for(i=1;i<=NF;i++) if ($i ~ '/^inet/') print $(i+1) }')"
local IPv6_interface if [[ -n ${ip_addr_list} ]]; then
local IPv4_interface log_write "IPv${protocol} on ${PIHOLE_INTERFACE}"
ipv6_check && IPv6_interface=${piholeInterface:-$(ip -6 r | grep default | cut -d ' ' -f 5)} log_write "Gravity configured for: ${2:-NOT CONFIGURED}"
# If declared in setupVars.conf use it, otherwise defer to default log_write "----"
# http://stackoverflow.com/questions/2013547/assigning-default-values-to-shell-variables-with-a-single-command-in-bash log_write "${ip_addr_list}"
IPv4_interface=${piholeInterface:-$(ip r | grep default | cut -d ' ' -f 5)} echo "::: IPv${protocol} addresses located on ${PIHOLE_INTERFACE}"
ip_ping_check ${protocol}
return $(( 0 + $? ))
if [[ IPV6_READY ]]; then
local IPv6_addr_list="$(ip a | awk -F " " '{ for(i=1;i<=NF;i++) if ($i == "inet6") print $(i+1) }')" \
&& (log_write "${IPv6_addr_list}" && echo "::: IPv6 addresses located") \
|| log_echo "No IPv6 addresses found."
local IPv6_def_gateway=$(ip -6 r | grep default | cut -d ' ' -f 3)
if [[ $? = 0 ]] && [[ -n ${IPv6_def_gateway} ]]; then
echo -n "::: Pinging default IPv6 gateway: "
local IPv6_def_gateway_check="$(ping6 -q -W 3 -c 3 -n "${IPv6_def_gateway}" -I "${IPv6_interface}"| tail -n3)" \
&& echo "Gateway Responded." \
|| echo "Gateway did not respond."
block_parse "${IPv6_def_gateway_check}"
echo -n "::: Pinging Internet via IPv6: "
local IPv6_inet_check=$(ping6 -q -W 3 -c 3 -n 2001:4860:4860::8888 -I "${IPv6_interface}"| tail -n3) \
&& echo "Query responded." \
|| echo "Query did not respond."
block_parse "${IPv6_inet_check}"
else else
log_echo="No IPv6 Gateway Detected" log_echo "No IPv${protocol} found on ${PIHOLE_INTERFACE}"
return 1
fi
}
ip_ping_check() {
local protocol=${1}
local cmd
if [[ ${protocol} == "6" ]]; then
cmd="ping6"
g_addr="2001:4860:4860::8888"
else
cmd="ping"
g_addr="8.8.8.8"
fi fi
local IPv4_addr_list="$(ip a | awk -F " " '{ for(i=1;i<=NF;i++) if ($i == "inet") print $(i+1) }')" \ local ip_def_gateway=$(ip -${protocol} route | grep default | cut -d ' ' -f 3)
&& (block_parse "${IPv4_addr_list}" && echo "::: IPv4 addresses located")\ if [[ -n ${ip_def_gateway} ]]; then
|| log_echo "No IPv4 addresses found." echo -n "::: Pinging default IPv${protocol} gateway: "
if ! ping_gateway="$(${cmd} -q -W 3 -c 3 -n ${ip_def_gateway} -I ${PIHOLE_INTERFACE} | tail -n 3)"; then
local IPv4_def_gateway=$(ip r | grep default | cut -d ' ' -f 3) echo "Gateway did not respond."
if [[ $? = 0 ]]; then return 1
echo -n "::: Pinging default IPv4 gateway: " else
local IPv4_def_gateway_check="$(ping -q -w 3 -c 3 -n "${IPv4_def_gateway}" -I "${IPv4_interface}" | tail -n3)" \ echo "Gateway responded."
&& echo "Gateway responded." \ log_write "${ping_gateway}"
|| echo "Gateway did not respond."
block_parse "${IPv4_def_gateway_check}"
echo -n "::: Pinging Internet via IPv4: "
local IPv4_inet_check="$(ping -q -w 5 -c 3 -n 8.8.8.8 -I "${IPv4_interface}" | tail -n3)" \
&& echo "Query responded." \
|| echo "Query did not respond."
block_parse "${IPv4_inet_check}"
fi fi
echo -n "::: Pinging Internet via IPv${protocol}: "
if ! ping_inet="$(${cmd} -q -W 3 -c 3 -n ${g_addr} -I ${PIHOLE_INTERFACE} | tail -n 3)"; then
echo "Query did not respond."
return 1
else
echo "Query responded."
log_write "${ping_inet}"
fi fi
else
log_echo " No gateway detected."
fi
return 0
} }
port_check() { port_check() {
@ -344,7 +352,8 @@ distro_check || echo "Distro Check soft fail"
# Gather processor type # Gather processor type
processor_check || echo "Processor Check soft fail" processor_check || echo "Processor Check soft fail"
ip_check ip_check 6 ${IPV6_ADDRESS}
ip_check 4 ${IPV4_ADDRESS}
daemon_check lighttpd http daemon_check lighttpd http
daemon_check dnsmasq domain daemon_check dnsmasq domain
@ -353,7 +362,7 @@ testResolver
debugLighttpd debugLighttpd
files_check "${DNSMASQFILE}" files_check "${DNSMASQFILE}"
files_check "${DNSMASQCONFFILE}" dir_check "${DNSMASQCONFDIR}"
files_check "${WHITELISTFILE}" files_check "${WHITELISTFILE}"
files_check "${BLACKLISTFILE}" files_check "${BLACKLISTFILE}"
files_check "${ADLISTFILE}" files_check "${ADLISTFILE}"

View file

@ -80,8 +80,8 @@ main() {
local web_version_current local web_version_current
#This is unlikely #This is unlikely
if ! is_repo "${PI_HOLE_FILES_DIR}" || ! is_repo "${ADMIN_INTERFACE_DIR}" ; then if ! is_repo "${PI_HOLE_FILES_DIR}" ; then
echo "::: Critical Error: One or more Pi-Hole repos are missing from system!" echo "::: Critical Error: Core Pi-Hole repo is missing from system!"
echo "::: Please re-run install script from https://github.com/pi-hole/pi-hole" echo "::: Please re-run install script from https://github.com/pi-hole/pi-hole"
exit 1; exit 1;
fi fi
@ -96,6 +96,13 @@ main() {
echo "::: Pi-hole Core: up to date" echo "::: Pi-hole Core: up to date"
fi fi
if [[ ${INSTALL_WEB} == true ]]; then
if ! is_repo "${ADMIN_INTERFACE_DIR}" ; then
echo "::: Critical Error: Web Admin repo is missing from system!"
echo "::: Please re-run install script from https://github.com/pi-hole/pi-hole"
exit 1;
fi
if GitCheckUpdateAvail "${ADMIN_INTERFACE_DIR}" ; then if GitCheckUpdateAvail "${ADMIN_INTERFACE_DIR}" ; then
web_update=true web_update=true
echo "::: Web Interface: update available" echo "::: Web Interface: update available"
@ -139,6 +146,18 @@ main() {
echo "*** Update script has malfunctioned, fallthrough reached. Please contact support" echo "*** Update script has malfunctioned, fallthrough reached. Please contact support"
exit 1 exit 1
fi fi
else # Web Admin not installed, so only verify if core is up to date
if ! ${core_update}; then
echo ":::"
echo "::: Everything is up to date!"
exit 0
else
echo ":::"
echo "::: Pi-hole core files out of date"
getGitFiles "${PI_HOLE_FILES_DIR}" "${PI_HOLE_GIT_URL}"
${PI_HOLE_FILES_DIR}/automated\ install/basic-install.sh --reconfigure --unattended || echo "Unable to complete update, contact Pi-hole" && exit 1
fi
fi
if [[ "${web_update}" == true ]]; then if [[ "${web_update}" == true ]]; then
web_version_current="$(/usr/local/bin/pihole version --admin --current)" web_version_current="$(/usr/local/bin/pihole version --admin --current)"

View file

@ -9,6 +9,14 @@
# the Free Software Foundation, either version 2 of the License, or # the Free Software Foundation, either version 2 of the License, or
# (at your option) any later version. # (at your option) any later version.
###############################################################################
# FILE AUTOMATICALLY OVERWRITTEN BY PI-HOLE INSTALL/UPDATE PROCEDURE. #
# ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
# #
# CHANGES SHOULD BE MADE IN A SEPERATE CONFIG FILE: #
# /etc/lighttpd/external.conf #
###############################################################################
server.modules = ( server.modules = (
"mod_access", "mod_access",
"mod_accesslog", "mod_accesslog",

View file

@ -9,6 +9,14 @@
# the Free Software Foundation, either version 2 of the License, or # the Free Software Foundation, either version 2 of the License, or
# (at your option) any later version. # (at your option) any later version.
###############################################################################
# FILE AUTOMATICALLY OVERWRITTEN BY PI-HOLE INSTALL/UPDATE PROCEDURE. #
# ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
# #
# CHANGES SHOULD BE MADE IN A SEPERATE CONFIG FILE: #
# /etc/lighttpd/external.conf #
###############################################################################
server.modules = ( server.modules = (
"mod_access", "mod_access",
"mod_auth", "mod_auth",

View file

@ -34,6 +34,8 @@ useUpdateVars=false
IPV4_ADDRESS="" IPV4_ADDRESS=""
IPV6_ADDRESS="" IPV6_ADDRESS=""
QUERY_LOGGING=true QUERY_LOGGING=true
INSTALL_WEB=true
# Find the rows and columns will default to 80x24 is it can not be detected # Find the rows and columns will default to 80x24 is it can not be detected
screen_size=$(stty size 2>/dev/null || echo 24 80) screen_size=$(stty size 2>/dev/null || echo 24 80)
@ -63,14 +65,14 @@ if command -v apt-get &> /dev/null; then
# grep -c will return 1 retVal on 0 matches, block this throwing the set -e with an OR TRUE # grep -c will return 1 retVal on 0 matches, block this throwing the set -e with an OR TRUE
PKG_COUNT="${PKG_MANAGER} -s -o Debug::NoLocking=true upgrade | grep -c ^Inst || true" PKG_COUNT="${PKG_MANAGER} -s -o Debug::NoLocking=true upgrade | grep -c ^Inst || true"
# ######################################### # #########################################
# fixes for dependancy differences # fixes for dependency differences
# Debian 7 doesn't have iproute2 use iproute # Debian 7 doesn't have iproute2 use iproute
if ${PKG_MANAGER} install --dry-run iproute2 > /dev/null 2>&1; then if ${PKG_MANAGER} install --dry-run iproute2 > /dev/null 2>&1; then
iproute_pkg="iproute2" iproute_pkg="iproute2"
else else
iproute_pkg="iproute" iproute_pkg="iproute"
fi fi
# Prefer the php metapackage if it's there, fall back on the php5 pacakges # Prefer the php metapackage if it's there, fall back on the php5 packages
if ${PKG_MANAGER} install --dry-run php > /dev/null 2>&1; then if ${PKG_MANAGER} install --dry-run php > /dev/null 2>&1; then
phpVer="php" phpVer="php"
else else
@ -78,7 +80,8 @@ if command -v apt-get &> /dev/null; then
fi fi
# ######################################### # #########################################
INSTALLER_DEPS=(apt-utils debconf dhcpcd5 git ${iproute_pkg} whiptail) INSTALLER_DEPS=(apt-utils debconf dhcpcd5 git ${iproute_pkg} whiptail)
PIHOLE_DEPS=(bc cron curl dnsmasq dnsutils iputils-ping lighttpd lsof netcat ${phpVer}-common ${phpVer}-cgi sudo unzip wget) PIHOLE_DEPS=(bc cron curl dnsmasq dnsutils iputils-ping lsof netcat sudo unzip wget)
PIHOLE_WEB_DEPS=(lighttpd ${phpVer}-common ${phpVer}-cgi)
LIGHTTPD_USER="www-data" LIGHTTPD_USER="www-data"
LIGHTTPD_GROUP="www-data" LIGHTTPD_GROUP="www-data"
LIGHTTPD_CFG="lighttpd.conf.debian" LIGHTTPD_CFG="lighttpd.conf.debian"
@ -97,8 +100,8 @@ elif command -v rpm &> /dev/null; then
PKG_INSTALL=(${PKG_MANAGER} install -y) PKG_INSTALL=(${PKG_MANAGER} install -y)
PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l" PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l"
INSTALLER_DEPS=(git iproute net-tools newt procps-ng) INSTALLER_DEPS=(git iproute net-tools newt procps-ng)
PIHOLE_DEPS=(bc bind-utils cronie curl dnsmasq findutils lighttpd lighttpd-fastcgi nmap-ncat php php-common php-cli sudo unzip wget) PIHOLE_DEPS=(bc bind-utils cronie curl dnsmasq findutils nmap-ncat sudo unzip wget)
PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php php-common php-cli)
if ! grep -q 'Fedora' /etc/redhat-release; then if ! grep -q 'Fedora' /etc/redhat-release; then
INSTALLER_DEPS=("${INSTALLER_DEPS[@]}" "epel-release"); INSTALLER_DEPS=("${INSTALLER_DEPS[@]}" "epel-release");
fi fi
@ -448,6 +451,7 @@ setDNS() {
Level3 "" Level3 ""
Norton "" Norton ""
Comodo "" Comodo ""
DNSWatch ""
Custom "") Custom "")
DNSchoices=$(whiptail --separate-output --menu "Select Upstream DNS Provider. To use your own, select Custom." ${r} ${c} 6 \ DNSchoices=$(whiptail --separate-output --menu "Select Upstream DNS Provider. To use your own, select Custom." ${r} ${c} 6 \
"${DNSChooseOptions[@]}" 2>&1 >/dev/tty) || \ "${DNSChooseOptions[@]}" 2>&1 >/dev/tty) || \
@ -478,6 +482,11 @@ setDNS() {
PIHOLE_DNS_1="8.26.56.26" PIHOLE_DNS_1="8.26.56.26"
PIHOLE_DNS_2="8.20.247.20" PIHOLE_DNS_2="8.20.247.20"
;; ;;
DNSWatch)
echo "::: Using DNS.WATCH servers."
PIHOLE_DNS_1="84.200.69.80"
PIHOLE_DNS_2="84.200.70.40"
;;
Custom) Custom)
until [[ ${DNSSettingsCorrect} = True ]]; do until [[ ${DNSSettingsCorrect} = True ]]; do
strInvalid="Invalid" strInvalid="Invalid"
@ -546,6 +555,27 @@ setLogging() {
esac esac
} }
setAdminFlag() {
local WebToggleCommand
local WebChooseOptions
local WebChoices
WebToggleCommand=(whiptail --separate-output --radiolist "Do you wish to install the web admin interface?" ${r} ${c} 6)
WebChooseOptions=("On (Recommended)" "" on
Off "" off)
WebChoices=$("${WebToggleCommand[@]}" "${WebChooseOptions[@]}" 2>&1 >/dev/tty) || (echo "::: Cancel selected. Exiting..." && exit 1)
case ${WebChoices} in
"On (Recommended)")
echo "::: Web Interface On."
INSTALL_WEB=true
;;
Off)
echo "::: Web Interface off."
INSTALL_WEB=false
;;
esac
}
version_check_dnsmasq() { version_check_dnsmasq() {
# Check if /etc/dnsmasq.conf is from pihole. If so replace with an original and install new in .d directory # Check if /etc/dnsmasq.conf is from pihole. If so replace with an original and install new in .d directory
@ -643,6 +673,9 @@ installConfigs() {
echo ":::" echo ":::"
echo "::: Installing configs..." echo "::: Installing configs..."
version_check_dnsmasq version_check_dnsmasq
#Only mess with lighttpd configs if user has chosen to install web interface
if [[ ${INSTALL_WEB} == true ]]; then
if [ ! -d "/etc/lighttpd" ]; then if [ ! -d "/etc/lighttpd" ]; then
mkdir /etc/lighttpd mkdir /etc/lighttpd
chown "${USER}":root /etc/lighttpd chown "${USER}":root /etc/lighttpd
@ -656,6 +689,7 @@ installConfigs() {
chown ${LIGHTTPD_USER}:${LIGHTTPD_GROUP} /var/cache/lighttpd/compress chown ${LIGHTTPD_USER}:${LIGHTTPD_GROUP} /var/cache/lighttpd/compress
mkdir -p /var/cache/lighttpd/uploads mkdir -p /var/cache/lighttpd/uploads
chown ${LIGHTTPD_USER}:${LIGHTTPD_GROUP} /var/cache/lighttpd/uploads chown ${LIGHTTPD_USER}:${LIGHTTPD_GROUP} /var/cache/lighttpd/uploads
fi
} }
stop_service() { stop_service() {
@ -917,6 +951,17 @@ configureFirewall() {
} }
finalExports() { finalExports() {
if [[ ${INSTALL_WEB} == false ]]; then
#No web interface installed, and therefore no block page set IPV4/6 to 0.0.0.0 and ::/0
if [ ${IPV4_ADDRESS} ]; then
IPV4_ADDRESS="0.0.0.0"
fi
if [ ${IPV6_ADDRESS} ]; then
IPV6_ADDRESS="::/0"
fi
fi
# Update variables in setupVars.conf file # Update variables in setupVars.conf file
if [ -e "${setupVars}" ]; then if [ -e "${setupVars}" ]; then
sed -i.update.bak '/PIHOLE_INTERFACE/d;/IPV4_ADDRESS/d;/IPV6_ADDRESS/d;/PIHOLE_DNS_1/d;/PIHOLE_DNS_2/d;/QUERY_LOGGING/d;' "${setupVars}" sed -i.update.bak '/PIHOLE_INTERFACE/d;/IPV4_ADDRESS/d;/IPV6_ADDRESS/d;/PIHOLE_DNS_1/d;/PIHOLE_DNS_2/d;/QUERY_LOGGING/d;' "${setupVars}"
@ -928,6 +973,7 @@ finalExports() {
echo "PIHOLE_DNS_1=${PIHOLE_DNS_1}" echo "PIHOLE_DNS_1=${PIHOLE_DNS_1}"
echo "PIHOLE_DNS_2=${PIHOLE_DNS_2}" echo "PIHOLE_DNS_2=${PIHOLE_DNS_2}"
echo "QUERY_LOGGING=${QUERY_LOGGING}" echo "QUERY_LOGGING=${QUERY_LOGGING}"
echo "INSTALL_WEB=${INSTALL_WEB}"
}>> "${setupVars}" }>> "${setupVars}"
# Look for DNS server settings which would have to be reapplied # Look for DNS server settings which would have to be reapplied
@ -964,6 +1010,8 @@ installLogrotate() {
installPihole() { installPihole() {
# Install base files and web interface # Install base files and web interface
create_pihole_user create_pihole_user
if [[ ${INSTALL_WEB} == true ]]; then
if [ ! -d "/var/www/html" ]; then if [ ! -d "/var/www/html" ]; then
mkdir -p /var/www/html mkdir -p /var/www/html
fi fi
@ -975,15 +1023,18 @@ installPihole() {
else else
printf "\n:::\tWarning: 'lighty-enable-mod' utility not found. Please ensure fastcgi is enabled if you experience issues.\n" printf "\n:::\tWarning: 'lighty-enable-mod' utility not found. Please ensure fastcgi is enabled if you experience issues.\n"
fi fi
fi
installScripts installScripts
installConfigs installConfigs
CreateLogFile CreateLogFile
if [[ ${INSTALL_WEB} == true ]]; then
installPiholeWeb installPiholeWeb
fi
installCron installCron
installLogrotate installLogrotate
configureFirewall configureFirewall
finalExports finalExports
runGravity #runGravity
} }
accountForRefactor() { accountForRefactor() {
@ -1003,17 +1054,17 @@ accountForRefactor() {
updatePihole() { updatePihole() {
accountForRefactor accountForRefactor
# Source ${setupVars} for use in the rest of the functions.
source ${setupVars}
# Install base files and web interface # Install base files and web interface
installScripts installScripts
installConfigs installConfigs
CreateLogFile CreateLogFile
if [[ ${INSTALL_WEB} == true ]]; then
installPiholeWeb installPiholeWeb
fi
installCron installCron
installLogrotate installLogrotate
finalExports #re-export setupVars.conf to account for any new vars added in new versions finalExports #re-export setupVars.conf to account for any new vars added in new versions
runGravity #runGravity
} }
@ -1035,6 +1086,13 @@ checkSelinux() {
} }
displayFinalMessage() { displayFinalMessage() {
if [[ ${INSTALL_WEB} == true ]]; then
additional="View the web interface at http://pi.hole/admin or http://${IPV4_ADDRESS%/*}/admin
Your Admin Webpage login password is ${1:-"NOT SET"}"
fi
# Final completion message to user # Final completion message to user
whiptail --msgbox --backtitle "Make it so." --title "Installation Complete!" "Configure your devices to use the Pi-hole as their DNS server using: whiptail --msgbox --backtitle "Make it so." --title "Installation Complete!" "Configure your devices to use the Pi-hole as their DNS server using:
@ -1044,9 +1102,8 @@ IPv6: ${IPV6_ADDRESS:-"Not Configured"}
If you set a new IP address, you should restart the Pi. If you set a new IP address, you should restart the Pi.
The install log is in /etc/pihole. The install log is in /etc/pihole.
View the web interface at http://pi.hole/admin or http://${IPV4_ADDRESS%/*}/admin
Your Admin Webpage login password is ${1:-"NOT SET"}" ${r} ${c} ${additional}" ${r} ${c}
} }
update_dialogs() { update_dialogs() {
@ -1080,6 +1137,25 @@ update_dialogs() {
esac esac
} }
clone_or_update_repos() {
if [[ "${reconfigure}" == true ]]; then
echo "::: --reconfigure passed to install script. Not downloading/updating local repos"
else
# Get Git files for Core and Admin
getGitFiles ${PI_HOLE_LOCAL_REPO} ${piholeGitUrl} || \
{ echo "!!! Unable to clone ${piholeGitUrl} into ${PI_HOLE_LOCAL_REPO}, unable to continue."; \
exit 1; \
}
if [[ ${INSTALL_WEB} == true ]]; then
getGitFiles ${webInterfaceDir} ${webInterfaceGitUrl} || \
{ echo "!!! Unable to clone ${webInterfaceGitUrl} into ${webInterfaceDir}, unable to continue."; \
exit 1; \
}
fi
fi
}
main() { main() {
######## FIRST CHECK ######## ######## FIRST CHECK ########
@ -1145,28 +1221,17 @@ main() {
# Check if SELinux is Enforcing # Check if SELinux is Enforcing
checkSelinux checkSelinux
if [[ "${reconfigure}" == true ]]; then
echo "::: --reconfigure passed to install script. Not downloading/updating local repos"
else
# Get Git files for Core and Admin
getGitFiles ${PI_HOLE_LOCAL_REPO} ${piholeGitUrl} || \
{ echo "!!! Unable to clone ${piholeGitUrl} into ${PI_HOLE_LOCAL_REPO}, unable to continue."; \
exit 1; \
}
getGitFiles ${webInterfaceDir} ${webInterfaceGitUrl} || \
{ echo "!!! Unable to clone ${webInterfaceGitUrl} into ${webInterfaceDir}, unable to continue."; \
exit 1; \
}
fi
if [[ ${useUpdateVars} == false ]]; then if [[ ${useUpdateVars} == false ]]; then
# Display welcome dialogs # Display welcome dialogs
welcomeDialogs welcomeDialogs
# Create directory for Pi-hole storage # Create directory for Pi-hole storage
mkdir -p /etc/pihole/ mkdir -p /etc/pihole/
# Stop resolver and webserver while installing proceses
stop_service dnsmasq stop_service dnsmasq
if [[ ${INSTALL_WEB} == true ]]; then
stop_service lighttpd stop_service lighttpd
fi
# Determine available interfaces # Determine available interfaces
get_available_interfaces get_available_interfaces
# Find interfaces and let the user choose one # Find interfaces and let the user choose one
@ -1175,17 +1240,38 @@ main() {
setDNS setDNS
# Let the user decide if they want to block ads over IPv4 and/or IPv6 # Let the user decide if they want to block ads over IPv4 and/or IPv6
use4andor6 use4andor6
# Let the user decide if they want the web interface to be installed automatically
setAdminFlag
# Let the user decide if they want query logging enabled... # Let the user decide if they want query logging enabled...
setLogging setLogging
# Clone/Update the repos
clone_or_update_repos
# Install packages used by the Pi-hole # Install packages used by the Pi-hole
install_dependent_packages PIHOLE_DEPS[@] if [[ ${INSTALL_WEB} == true ]]; then
DEPS=("${PIHOLE_DEPS[@]}" "${PIHOLE_WEB_DEPS[@]}")
else
DEPS=("${PIHOLE_DEPS[@]}")
fi
install_dependent_packages DEPS[@]
# Install and log everything to a file # Install and log everything to a file
installPihole | tee ${tmpLog} installPihole | tee ${tmpLog}
else else
# update packages used by the Pi-hole # Clone/Update the repos
install_dependent_packages PIHOLE_DEPS[@] clone_or_update_repos
# Source ${setupVars} for use in the rest of the functions.
source ${setupVars}
# Install packages used by the Pi-hole
if [[ ${INSTALL_WEB} == true ]]; then
DEPS=("${PIHOLE_DEPS[@]}" "${PIHOLE_WEB_DEPS[@]}")
else
DEPS=("${PIHOLE_DEPS[@]}")
fi
install_dependent_packages DEPS[@]
updatePihole | tee ${tmpLog} updatePihole | tee ${tmpLog}
fi fi
@ -1193,25 +1279,33 @@ main() {
# Move the log file into /etc/pihole for storage # Move the log file into /etc/pihole for storage
mv ${tmpLog} ${instalLogLoc} mv ${tmpLog} ${instalLogLoc}
if [[ ${INSTALL_WEB} == true ]]; then
# Add password to web UI if there is none # Add password to web UI if there is none
pw="" pw=""
if [[ $(grep 'WEBPASSWORD' -c /etc/pihole/setupVars.conf) == 0 ]] ; then if [[ $(grep 'WEBPASSWORD' -c /etc/pihole/setupVars.conf) == 0 ]] ; then
pw=$(tr -dc _A-Z-a-z-0-9 < /dev/urandom | head -c 8) pw=$(tr -dc _A-Z-a-z-0-9 < /dev/urandom | head -c 8)
/usr/local/bin/pihole -a -p "${pw}" /usr/local/bin/pihole -a -p "${pw}"
fi fi
if [[ "${useUpdateVars}" == false ]]; then
displayFinalMessage "${pw}"
fi fi
echo "::: Restarting services..." echo "::: Restarting services..."
# Start services # Start services
start_service dnsmasq start_service dnsmasq
enable_service dnsmasq enable_service dnsmasq
if [[ ${INSTALL_WEB} == true ]]; then
start_service lighttpd start_service lighttpd
enable_service lighttpd enable_service lighttpd
fi
runGravity
echo "::: done." echo "::: done."
if [[ "${useUpdateVars}" == false ]]; then
displayFinalMessage "${pw}"
fi
echo ":::" echo ":::"
if [[ "${useUpdateVars}" == false ]]; then if [[ "${useUpdateVars}" == false ]]; then
echo "::: Installation Complete! Configure your devices to use the Pi-hole as their DNS server using:" echo "::: Installation Complete! Configure your devices to use the Pi-hole as their DNS server using:"
@ -1219,11 +1313,14 @@ main() {
echo "::: ${IPV6_ADDRESS}" echo "::: ${IPV6_ADDRESS}"
echo ":::" echo ":::"
echo "::: If you set a new IP address, you should restart the Pi." echo "::: If you set a new IP address, you should restart the Pi."
if [[ ${INSTALL_WEB} == true ]]; then
echo "::: View the web interface at http://pi.hole/admin or http://${IPV4_ADDRESS%/*}/admin" echo "::: View the web interface at http://pi.hole/admin or http://${IPV4_ADDRESS%/*}/admin"
fi
else else
echo "::: Update complete!" echo "::: Update complete!"
fi fi
if [[ ${INSTALL_WEB} == true ]]; then
if (( ${#pw} > 0 )) ; then if (( ${#pw} > 0 )) ; then
echo ":::" echo ":::"
echo "::: Note: As security measure a password has been installed for your web interface" echo "::: Note: As security measure a password has been installed for your web interface"
@ -1233,6 +1330,7 @@ main() {
echo "::: You can always change it using" echo "::: You can always change it using"
echo "::: pihole -a -p new_password" echo "::: pihole -a -p new_password"
fi fi
fi
echo ":::" echo ":::"
echo "::: The install log is located at: /etc/pihole/install.log" echo "::: The install log is located at: /etc/pihole/install.log"