From ae30c285a23240211c4641832cec42905e5be328 Mon Sep 17 00:00:00 2001 From: Markus Napp Date: Sun, 12 Mar 2017 15:45:11 +0100 Subject: [PATCH 001/335] Fix handling of wildcard help text --- advanced/Scripts/list.sh | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh index 2ac1e805..a094becb 100755 --- a/advanced/Scripts/list.sh +++ b/advanced/Scripts/list.sh @@ -31,13 +31,16 @@ helpFunc() { if [[ ${listMain} == ${whitelist} ]]; then letter="w" word="white" + elif [[ ${listMain} == ${wildcardlist} ]]; then + letter="wild" + word="wildcard" else letter="b" word="black" fi cat << EOM -::: Immediately ${word}lists one or more domains in the hosts file +::: Immediately add one or more domains to the ${word}list ::: ::: Usage: pihole -${letter} domain1 [domain2 ...] ::: @@ -48,7 +51,7 @@ helpFunc() { ::: -h, --help Show this help dialog ::: -l, --list Display your ${word}listed domains EOM -if [[ "${letter}" == "b" ]]; then +if [[ "${letter}" == "-wild" ]]; then echo "::: -wild, --wildcard Add wildcard entry (only blacklist)" fi exit 0 From 9a475cc0107c263e814a17acd676a3f8f7ef68e1 Mon Sep 17 00:00:00 2001 From: Markus Napp Date: Sun, 12 Mar 2017 15:50:48 +0100 Subject: [PATCH 002/335] Rewrite help text for better handling of params --- advanced/Scripts/list.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh index a094becb..a4611a4a 100755 --- a/advanced/Scripts/list.sh +++ b/advanced/Scripts/list.sh @@ -49,9 +49,9 @@ helpFunc() { ::: -nr, --noreload Update ${word}list without refreshing dnsmasq ::: -q, --quiet Output is less verbose ::: -h, --help Show this help dialog -::: -l, --list Display your ${word}listed domains +::: -l, --list Display domains on the ${word}list EOM -if [[ "${letter}" == "-wild" ]]; then +if [[ "${letter}" == "wild" ]]; then echo "::: -wild, --wildcard Add wildcard entry (only blacklist)" fi exit 0 From bb7a7d94efe54b27e9e58af6c42314b6c45e4723 Mon Sep 17 00:00:00 2001 From: Markus Napp Date: Sun, 12 Mar 2017 16:16:45 +0100 Subject: [PATCH 003/335] Replace misleading letter variable --- advanced/Scripts/list.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh index a4611a4a..8eb0543d 100755 --- a/advanced/Scripts/list.sh +++ b/advanced/Scripts/list.sh @@ -29,20 +29,20 @@ listAlt="" helpFunc() { if [[ ${listMain} == ${whitelist} ]]; then - letter="w" + param="w" word="white" elif [[ ${listMain} == ${wildcardlist} ]]; then - letter="wild" + param="wild" word="wildcard" else - letter="b" + param="b" word="black" fi cat << EOM ::: Immediately add one or more domains to the ${word}list ::: -::: Usage: pihole -${letter} domain1 [domain2 ...] +::: Usage: pihole -${param} domain1 [domain2 ...] ::: ::: Options: ::: -d, --delmode Remove domains from the ${word}list @@ -51,7 +51,7 @@ helpFunc() { ::: -h, --help Show this help dialog ::: -l, --list Display domains on the ${word}list EOM -if [[ "${letter}" == "wild" ]]; then +if [[ "${param}" == "wild" ]]; then echo "::: -wild, --wildcard Add wildcard entry (only blacklist)" fi exit 0 From ff6df76e3612483c693bbc6b2b2d1bd663cb75e4 Mon Sep 17 00:00:00 2001 From: gedetil Date: Tue, 11 Apr 2017 12:04:44 -0500 Subject: [PATCH 004/335] Update webpage.sh Implement "Halt system" button, next to "Restart system" button, on admin/settings page. Useful for doing clean shutdown before powering off. (This affects 4 files, 3 for the web content, 1 for backend script.) Gilbert Detillieux 2017-04-11 --- advanced/Scripts/webpage.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index 7804fc8f..4247ee54 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -211,6 +211,10 @@ SetExcludeClients(){ } +Halt(){ + nohup bash -c "sleep 5; halt" &> /dev/null /dev/null Date: Fri, 14 Apr 2017 17:20:13 +0100 Subject: [PATCH 005/335] stash changes on branch switch, else it fails if any changes have been made. --- advanced/Scripts/piholeCheckout.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/advanced/Scripts/piholeCheckout.sh b/advanced/Scripts/piholeCheckout.sh index 09f20d6b..66e435c7 100644 --- a/advanced/Scripts/piholeCheckout.sh +++ b/advanced/Scripts/piholeCheckout.sh @@ -54,6 +54,8 @@ fetch_checkout_pull_branch() { # Set the reference for the requested branch, fetch, check it put and pull it cd "${directory}" git remote set-branches origin "${branch}" || return 1 + git stash --all --quiet &> /dev/null || return 1 + git clean --force -d || return 1 git fetch --quiet || return 1 checkout_pull_branch "${directory}" "${branch}" || return 1 } From db1e5f10ea1850f0e29a50d6f1beccbf20616e56 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Fri, 21 Apr 2017 17:08:15 +0200 Subject: [PATCH 006/335] Make changes according to comment in #1384 --- advanced/Scripts/piholeCheckout.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/advanced/Scripts/piholeCheckout.sh b/advanced/Scripts/piholeCheckout.sh index 66e435c7..c5b77368 100644 --- a/advanced/Scripts/piholeCheckout.sh +++ b/advanced/Scripts/piholeCheckout.sh @@ -54,8 +54,8 @@ fetch_checkout_pull_branch() { # Set the reference for the requested branch, fetch, check it put and pull it cd "${directory}" git remote set-branches origin "${branch}" || return 1 - git stash --all --quiet &> /dev/null || return 1 - git clean --force -d || return 1 + git stash --all --quiet &> /dev/null || true + git clean --force -d || true git fetch --quiet || return 1 checkout_pull_branch "${directory}" "${branch}" || return 1 } From 88944a31ecbd2e17f23783570d4dbda3487a2bfd Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Tue, 2 May 2017 17:05:24 +1000 Subject: [PATCH 007/335] Update blockingpage.css * Block page UI overhaul to replicate the style of the Admin Console * Block page UI is now mobile friendly * Users can safely customise text in order to make the block page more friendly for their household --- advanced/blockingpage.css | 470 +++++++++++++++++++++++++++++--------- 1 file changed, 358 insertions(+), 112 deletions(-) diff --git a/advanced/blockingpage.css b/advanced/blockingpage.css index 7e11dbd0..a176e84c 100644 --- a/advanced/blockingpage.css +++ b/advanced/blockingpage.css @@ -1,136 +1,382 @@ -/* CSS Reset */ -html, body, div, span, applet, object, iframe, h1, h2, h3, h4, h5, h6, p, blockquote, pre, a, abbr, acronym, address, big, cite, code, del, dfn, em, img, ins, kbd, q, s, samp, small, strike, strong, sub, sup, tt, var, b, u, i, center, dl, dt, dd, ol, ul, li, fieldset, form, label, legend, table, caption, tbody, tfoot, thead, tr, th, td, article, aside, canvas, details, embed, figure, figcaption, footer, header, hgroup, menu, nav, output, ruby, section, summary, time, mark, audio, video { margin: 0; padding: 0; border: 0; font-size: 100%; font: inherit; vertical-align: baseline; } -article, aside, details, figcaption, figure, footer, header, hgroup, menu, nav, section { display: block; } -body { line-height: 1; } -ol, ul { list-style: none; } -blockquote, q { quotes: none; } -blockquote:before, blockquote:after, q:before, q:after { content: ''; content: none; } -table { border-collapse: collapse; border-spacing: 0; } -html { height: 100%; overflow-x: hidden; } +/* Pi-hole: A black hole for Internet advertisements +* (c) 2017 Pi-hole, LLC (https://pi-hole.net) +* Network-wide ad blocking via your own hardware. +* +* This file is copyright under the latest version of the EUPL. +* Please see LICENSE file for your rights under this license. */ -/* General Style */ -a { color: rgba(0,60,120,0.95); text-decoration: none; } /* 1E3C5A */ -a:hover { color: rgba(210,120,0,0.95); transition-duration: .2s; } /* 255, 128, 0 */ -divs a { border-bottom: 1px dashed rgba(30,60,90,0.3); } -b { font-weight: bold; } -i { font-style: italic; } +/* Text Customisation Options ======> */ +.title:before { content: "Website Blocked"; } +.altBtn:before { content: "Why am I here?"; } +.linkPH:before { content: "About Pi-hole"; } +.linkEmail:before { content: "Contact Admin"; } -footer, pre, td { font-family: monospace; padding-left: 15px; } -/*body, header { background: #E1E1E1; }*/ +.add:before { content: "Info"; } +.add:after { content: "The domain is being whitelisted..."; } +.error:before, .unhandled:before { content: "Error"; } +.unhandled:after { content: "An unhandled exception occured. This may happen when your browser is unable to load jQuery, or when the webserver is denying access to the Pi-hole API."; } +.success:before { content: "Success"; } +.success:after { content: "Website has been whitelisted! You may need to flush your DNS cache"; } + +.recentwl:before { content: "This site appears to have been recently whitelisted. Please flush your DNS cache and/or restart your browser."; } +.cname:before { content: "This site is an alias for "; } /* cname.com */ +.cname:after { content: ", which may be blocked by Pi-hole."; } + +.blacklist:before { content: "Manually Blacklisted"; } +.wildcard:before { content: "Manually Blacklisted by Wildcard"; } +.noblock:before { content: "Not found on any Blacklist"; } + +#bpBlock:before { content: "Access to the following website has been denied:"; } +#bpFlag:before { content: "This is primarily due to being flagged as:"; } + +#bpHelpTxt:before { content: "If you have an ongoing use for this website, please "; } +#bpHelpTxt a:before, #bpHelpTxt span:before { content: "ask the administrator"; } +#bpHelpTxt:after{ content: " of the Pi-hole on this network to have it whitelisted"; } + +#bpBack:before { content: "Back to safety"; } +#bpInfo:before { content: "Technical Info"; } +#bpFoundIn:before { content: "This site is found in "; } +#bpFoundIn span:after { content: " of "; } +#bpFoundIn:after { content: " lists:"; } +#bpWhitelist:before { content: "Whitelist"; } + +footer span:before { content: "Page generated on "; } + +/* Hide whitelisting form entirely */ +/* #bpWLButtons { display: none; } */ +/* Text Customisation Options <=============================== */ + +/* http://necolas.github.io/normalize.css ======> */ +html { font-family: sans-serif; line-height: 1.15; -ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%; } +body { margin: 0; } +article, aside, footer, header, nav, section { display: block; } +h1 { font-size: 2em; margin: 0.67em 0; } +figcaption, figure, main { display: block; } +figure { margin: 1em 40px; } +hr { box-sizing: content-box; height: 0; overflow: visible; } +pre { font-family: monospace, monospace; font-size: 1em; } +a { background-color: transparent; -webkit-text-decoration-skip: objects; } +a:active, a:hover { outline-width: 0; } +abbr[title] { border-bottom: none; text-decoration: underline; text-decoration: underline dotted; } +b, strong { font-weight: inherit; } +b, strong { font-weight: bolder; } +code, kbd, samp { font-family: monospace, monospace; font-size: 1em; } +dfn { font-style: italic; } +mark { background-color: #ff0; color: #000; } +small { font-size: 80%; } +sub, sup { font-size: 75%; line-height: 0; position: relative; vertical-align: baseline; } +sub { bottom: -0.25em; } +sup { top: -0.5em; } +audio, video { display: inline-block; } +audio:not([controls]) { display: none; height: 0; } +img { border-style: none; } +svg:not(:root) { overflow: hidden; } +button, input, optgroup, select, textarea { font-family: sans-serif; font-size: 100%; line-height: 1.15; margin: 0; } +button, input { overflow: visible; } +button, select { text-transform: none; } +button, html [type="button"], [type="reset"], [type="submit"] { -webkit-appearance: button; } +button::-moz-focus-inner, [type="button"]::-moz-focus-inner, [type="reset"]::-moz-focus-inner, [type="submit"]::-moz-focus-inner { border-style: none; padding: 0; } +button:-moz-focusring, [type="button"]:-moz-focusring, [type="reset"]:-moz-focusring, [type="submit"]:-moz-focusring { outline: 1px dotted ButtonText; } +fieldset { border: 1px solid #c0c0c0; margin: 0 2px; padding: 0.35em 0.625em 0.75em; } +legend { box-sizing: border-box; color: inherit; display: table; max-width: 100%; padding: 0; white-space: normal; } +progress { display: inline-block; vertical-align: baseline; } +textarea { overflow: auto; } +[type="checkbox"], [type="radio"] { box-sizing: border-box; padding: 0; } +[type="number"]::-webkit-inner-spin-button, [type="number"]::-webkit-outer-spin-button { height: auto; } +[type="search"] { -webkit-appearance: textfield; outline-offset: -2px; } +[type="search"]::-webkit-search-cancel-button, [type="search"]::-webkit-search-decoration { -webkit-appearance: none; } +::-webkit-file-upload-button { -webkit-appearance: button; font: inherit; } +details, menu { display: block; } +summary { display: list-item; } +canvas { display: inline-block; } +template { display: none; } +[hidden] { display: none; } +/* Normalize.css <=============================== */ + +html { font-size: 62.5%; } + +a { color: #3c8dbc; text-decoration: none; } +a:hover { color: #72afda; text-decoration: underline; } +b { color: rgb(68,68,68); } +p { margin: 0; } + +label, .buttons a { + cursor: pointer; + -webkit-user-select: none; + -moz-user-select: none; + -ms-user-select: none; + user-select: none; +} + +/* Touch device dark tap highlight */ +header h1 a, label, .buttons * { -webkit-tap-highlight-color: transparent; } + +/* Webkit Focus Glow */ +textarea, input, button { outline: none; } + +@font-face { + font-family: "Source Sans Pro"; + font-style: normal; + font-weight: 400; + src: local("Source Sans Pro"), local("SourceSansPro-Regular"), url("/admin/style/vendor/SourceSansPro/SourceSansPro-Regular.ttf") format("truetype"); +} + +@font-face { + font-family: "Source Sans Pro"; + font-style: normal; + font-weight: 700; + src: local("Source Sans Pro Bold"), local("SourceSansPro-Bold"), url("/admin/style/vendor/SourceSansPro/SourceSansPro-Bold.ttf") format("truetype"); +} body { - background-image: -webkit-linear-gradient(top, rgba(240,240,240,0.95), rgba(190,190,190,0.95)); - background-image: linear-gradient(to bottom, rgba(240,240,240,0.95), rgba(190,190,190,0.95)); - background-attachment: fixed; - color: rgba(64,64,64,0.95); - font: 14px, sans-serif; - line-height: 1em; + background: #dbdbdb url("/admin/img/boxed-bg.jpg") repeat fixed; + color: #333; + font: 1.4rem "Source Sans Pro", "Helvetica Neue", Helvetica, Arial, sans-serif; + line-height: 2.2rem; +} + +/* User is greeted with a splash page when browsing to Pi-hole IP address */ +#splashpage { background: #222; color: rgba(255,255,255,0.7); text-align: center; } +#splashpage img { margin: 5px; width: 256px; } +#splashpage b { color: inherit; } + +#bpWrapper { + margin: 0 auto; + max-width: 1250px; + box-shadow: 0 0 8px rgba(0,0,0,0.5); +} + +@media only screen and (min-width: 1251px) { + #bpWrapper, footer { border-radius: 0 0 5px 5px; } + #bpAbout { border-right-width: 1px !important; } } header { - min-width: 320px; - width: 100%; - text-shadow: 0 1px rgba(255,255,255,0.6); - display: table; - table-layout: fixed; - border: 1px solid rgba(0,0,0,0.25); - border-top-color: rgba(255,255,255,0.85); - border-style: solid none; - background-image: -webkit-linear-gradient(top, rgba(240,240,240,0.95), rgba(220,220,220,0.95)); - background-image: linear-gradient(to bottom, rgba(240,240,240,0.95), rgba(220,220,220,0.95)); - box-shadow: 0 0 1px 1px rgba(0,0,0,0.04); + background: #3c8dbc; + display: table; + position: relative; + width: 100%; } -header h1, header div { - display: table-cell; - color: inherit; - font-weight: bold; - vertical-align: middle; - white-space: nowrap; - overflow: hidden; - box-sizing: border-box; +header h1, header h1 a, header .spc, header #bpAlt label { + display: table-cell; + color: #fff; + white-space: nowrap; + vertical-align: middle; + height: 50px; /* Must match #bpAbout top value */ } -header h1 { - font-size: 22px; - font-weight: bold; - width: 100%; - padding: 8px 0; - text-indent: 32px; - background: url("http://pi.hole/admin/img/logo.svg") left no-repeat; - background-size: 30px 22px; +h1 a { + background-color: rgba(0,0,0,0.1); + font-family: "Helvetica Neue", Helvetica, Arial ,sans-serif; + font-size: 2rem; + font-weight: normal; + min-width: 230px; + text-align: center; } -header h1 a, h1 a:hover { color: inherit; } -header .alt { width: 85px; font-size: 0.8em; padding-right: 4px; text-align: right; line-height: 1.25em; } -.active { color: green; } -.inactive { color: red; } +h1 a:hover, header #bpAlt:hover { background-color: rgba(0,0,0,0.12); color: inherit; text-decoration: none; } + +header .spc { width: 100%; } + +header #bpAlt label { + background: url("/admin/img/logo.svg") no-repeat center left 15px; + background-size: 15px 23px; + padding: 0 15px; + text-indent: 30px; +} + +[type=checkbox][id$="Toggle"] { display: none; } +[type=checkbox][id$="Toggle"]:checked ~ #bpAbout, +[type=checkbox][id$="Toggle"]:checked ~ #bpMoreInfo { + display: block; } + +/* Click anywhere else on screen to hide #bpAbout */ +#bpAboutToggle:checked { + display: block; + height: 300px; /* VH Fallback */ + height: 100vh; + left: 0; + top: 0; + opacity: 0; + position: absolute; + width: 100%; +} + +#bpAbout { + background: #3c8dbc; + border-bottom-left-radius: 5px; + border: 1px solid #FFF; + border-right-width: 0; + box-shadow: -1px 1px 1px rgba(0,0,0,0.12); + box-sizing: border-box; + display: none; + font-size: 1.7rem; + top: 50px; + position: absolute; + right: 0; + width: 280px; + z-index: 1; +} + +.aboutPH { + box-sizing: border-box; + color: rgba(255,255,255,0.8); + display: block; + padding: 10px; + width: 100%; + text-align: center; +} + +.aboutImg { + background: url("/admin/img/logo.svg") no-repeat center; + background-size: 90px 90px; + border: 3px solid rgba(255,255,255,0.2); + height: 90px; + margin: 0 auto; + padding: 2px; + width: 90px; +} + +.aboutPH p { margin: 10px 0; } +.aboutPH small { display: block; font-size: 1.2rem; } + +.aboutLink { + background: #fff; + border-top: 1px solid #ddd; + display: table; + font-size: 1.4rem; + text-align: center; + width: 100%; +} + +.aboutLink a { + display: table-cell; + padding: 14px; + min-width: 50%; +} main { - display: block; - width: 80%; - padding: 10px; - font-size: 1em; - background-color: rgba(255,255,255,0.85); - margin: 8px auto; - box-sizing: border-box; - border: 1px solid rgba(0,0,0,0.25); - box-shadow: 4px 4px rgba(0,0,0,0.1); - line-height: 1.2em; - border-radius: 8px; + background: #ecf0f5; + font-size: 1.65rem; + padding: 10px; } -h2 { /* Rgba is shared with .transparent th */ - font: 1.15em sans-serif; - background-color: rgba(255,0,0,0.4); - text-shadow: none; - line-height: 1.1em; - padding-bottom: 1px; - margin-top: 8px; - margin-bottom: 4px; - background: -webkit-linear-gradient(left, rgba(0,0,0,0.25), transparent 80%) no-repeat; - background: linear-gradient(to right, rgba(0,0,0,0.25), transparent 80%) no-repeat; - background-size: 100% 1px; - background-position: 0 17px; +#bpOutput { + background: #00c0ef; + border-radius: 3px; + border: 1px solid rgba(0,0,0,0.1); + color: #fff; + font-size: 1.4rem; + margin-bottom: 10px; + margin-top: 5px; + padding: 15px; } -h2:first-child { margin-top: 0; } -h2 ~ *:not(h2) { margin-left: 4px; } -li { padding: 2px 0; } -li::before { content: "\00BB\00a0"; } -li a { position: relative; top: 1px; } /* Center bullet-point arrows */ - -/* Button Style */ -.buttons a, button, input, .transparent th a { /* Swapped rgba is shared with input[type='url'] */ - display: inline-block; - color: rgba(32,32,32,0.9); - font-weight: bold; - text-align: center; - cursor: pointer; - text-shadow: 0 1px rgba(255,255,255,0.2); - line-height: 0.86em; - font-size: 1em; - padding: 4px 8px; - background: #FAFAFA; - background-image: -webkit-linear-gradient(top, rgba(255,255,255,0.05), rgba(0,0,0,0.05)); - background-image: linear-gradient(to bottom, rgba(255,255,255,0.05), rgba(0,0,0,0.05)); - border: 1px solid rgba(0,0,0,0.25); - border-radius: 4px; - box-shadow: 0 1px 0 rgba(0,0,0,0.04); +#bpOutput:before { + background: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' width='7' height='14' viewBox='0 0 7 14'%3E%3Cpath fill='%23fff' d='M6,11a1.371,1.371,0,0,1,1,1v1a1.371,1.371,0,0,1-1,1H1a1.371,1.371,0,0,1-1-1V12a1.371,1.371,0,0,1,1-1H2V8H1A1.371,1.371,0,0,1,0,7V6A1.371,1.371,0,0,1,1,5H4A1.371,1.371,0,0,1,5,6v5H6ZM3.5,0A1.5,1.5,0,1,1,2,1.5,1.5,1.5,0,0,1,3.5,0Z'/%3E%3C/svg%3E") no-repeat center left; + display: block; + font-size: 1.8rem; + text-indent: 15px; } -.buttons { white-space: nowrap; width: 100%; display: table; } -.buttons33 { white-space: nowrap; width: 33.333%; display: table; text-align: center; margin-left: 33.333% } -.mini a { width: 50%; } -a.safe { background-color: rgba(0,220,0,0.5); } -button.safe { background-color: rgba(0,220,0,0.5); } -a.warn { background-color: rgba(220,0,0,0.5); } +#bpOutput.hidden { display: none; } +#bpOutput.success { background: #00a65a; } +#bpOutput.error { background: #dd4b39; } -.blocked a, .mini a { display: table-cell; } -.blocked a.safe50 { width: 50%; background-color: rgba(0,220,0,0.5); } -.blocked a.safe33 { width: 33.333%; background-color: rgba(0,220,0,0.5); } +.blockMsg, .flagMsg { + font: bold 1.8rem Consolas, Courier, monospace; + padding: 5px 10px 10px 10px; + text-indent: 15px; +} -/* Types of text */ -.msg { white-space: pre; overflow: auto; -webkit-overflow-scrolling: touch; display: block; line-height: 1.2em; font-weight: bold; font-size: 1.15em; margin: 4px 8px 8px 8px; white-space: pre-line; } +#bpHelpTxt { padding-bottom: 10px; } -footer { font-size: 0.8em; text-align: center; width: 87%; margin: 4px auto; } +.buttons { + border-spacing: 5px 0; + display: table; + width: 100%; +} + +.buttons * { + -moz-appearance: none; + -webkit-appearance: none; + border-radius: 3px; + border: 1px solid rgba(0,0,0,0.1); + box-sizing: content-box; + display: table-cell; + font-size: 1.65rem; + margin-right: 5px; + min-height: 20px; + padding: 6px 12px; + position: relative; + text-align: center; + vertical-align: top; + white-space: nowrap; + width: auto; +} + +#bpButtons * { width: 50%; color: #FFF; } +#bpBack { background-color: #00a65a; } +#bpInfo { background-color: #3c8dbc; } +#bpWhitelist { background-color: #dd4b39; } + +.buttons a { text-decoration: none; } + +/* Button hover dark overlay */ +.buttons *:not(input):not([disabled]):hover { + background-image: linear-gradient(to bottom, rgba(0,0,0,0.1), rgba(0,0,0,0.1)); + color: #FFF; +} + +/* Button active shadow inset */ +.buttons *:not([disabled]):not(input):active { + box-shadow: inset 0 3px 5px rgba(0,0,0,0.125); +} + +/* Input border colour */ +.buttons *:not([disabled]):hover, .buttons input:focus { + border-color: rgba(0,0,0,0.25); +} + +:-ms-input-placeholder { color: rgba(51,51,51,0.8) !important; } +input[type=password] { font-size: 1.4rem; } + +.buttons [type=password][disabled] { color: rgba(0,0,0,1) !important; } +.buttons [disabled] { color: rgba(0,0,0,0.55) !important; background-color: #e3e3e3 !important; } + +@keyframes slidein { from { max-height: 0; opacity: 0; } to { max-height: 300px; opacity: 1; } } +#bpMoreToggle:checked ~ #bpMoreInfo { display: block; margin-top: 8px; animation: slidein 0.05s linear; } +#bpMoreInfo { display: none; margin-top: 10px; } + +#bpQueryOutput { + font-size: 1.2rem; + line-height: 1.65rem; + margin: 5px 0 0 0; + overflow: auto; + padding: 0 5px; + -webkit-overflow-scrolling: touch; +} + +#bpQueryOutput span { margin-right: 4px; } + +#bpWLButtons { width: auto; margin-top: 10px; } +#bpWLButtons * { display: inline-block; } +#bpWLDomain { display: none; } +#bpWLPassword { width: 160px; } +#bpWhitelist { color: #fff; cursor: pointer; } + +footer { + background: #fff; + border-top: 1px solid #d2d6de; + color: #444; + font: 1.2rem Consolas, Courier, monospace; + padding: 8px; +} + +/* Responsive small-screen content */ +@media only screen and (max-width: 500px) { + h1 a { font-size: 1.8rem; min-width: 170px; } + footer span:before { content: "Generated "; } + footer span { display: block; } +} From 551add5f447b25e7c5c3e54c325b287212dfd9c8 Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Tue, 2 May 2017 17:06:31 +1000 Subject: [PATCH 008/335] Update index.php * An "About Pi-hole" link on the block page provides an ELI5 explanation to those not familiar with Pi-hole * An email contact link on the block page provides users of your Pi-hole with a means to easily get in touch with you * Browsing to your Pi-hole's address will show a simple "landing page", which can be replaced by adding "landing.php" within "/var/www/html" * Users manually browsing to file/image based content (i.e: non HTML based content) on blocked sites will be greeted with a small "Blocked by Pi-hole" image * Sites that are manually blacklisted will display a notice of this on the block page * Sites that aren't directly blocked, but have a CNAME record, will show a notification on the block page (e.g: If raw.githubusercontent.com is not blocked, but github.map.fastly.net is) * On the block page, "Back to Safety" now directs the user to "about:home" if Javascript is disabled * Whitelisting is disabled for installs without a password, or if a client does not have Javascript * Known issues: * Admin Console needs a text field under "Web User Interface" where the admin can enter a preferred contact email when a site needs to be whitelisted, to be saved to setupVars.conf with the key "ADMIN_EMAIL" * Admin Console needs a text field under "Networking" where the admin can enter their Pi-hole's externally contactable FQDN, allowing access to their landing page when browsing to mypi.duckdns.org, to be saved to setupVars.conf with the key "FQDN" * I am not aware of expected output of `$_SERVER["VIRTUAL_HOST"]`, so I have assumed it should be filtered as if it's a domain --- advanced/index.php | 487 ++++++++++++++++++++++++++++----------------- 1 file changed, 299 insertions(+), 188 deletions(-) diff --git a/advanced/index.php b/advanced/index.php index bfc44a1d..aeb607ca 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -1,224 +1,335 @@ SERVER_NAME header output does not appear to be valid: ".$_SERVER["SERVER_NAME"].""); } -// Retrieve server URI extension (EG: jpg, exe, php) -ini_set('pcre.recursion_limit',100); -$uriExt = pathinfo($uri, PATHINFO_EXTENSION); - -// Define which URL extensions get rendered as "Website Blocked" -$webExt = array('asp', 'htm', 'html', 'php', 'rss', 'xml'); - -// Get IPv4 and IPv6 addresses from setupVars.conf (if available) +// Get values from setupVars.conf $setupVars = parse_ini_file("/etc/pihole/setupVars.conf"); -$ipv4 = isset($setupVars["IPV4_ADDRESS"]) ? explode("/", $setupVars["IPV4_ADDRESS"])[0] : $_SERVER['SERVER_ADDR']; -$ipv6 = isset($setupVars["IPV6_ADDRESS"]) ? explode("/", $setupVars["IPV6_ADDRESS"])[0] : $_SERVER['SERVER_ADDR']; +$svFQDN = (!empty($setupVars["FQDN"]) && validate_server_name($setupVars["FQDN"]) === TRUE) ? $setupVars["FQDN"] : ""; +$svPasswd = !empty($setupVars["WEBPASSWORD"]); +$svEmail = (!empty($setupVars["ADMIN_EMAIL"]) && filter_var($setupVars["ADMIN_EMAIL"], FILTER_VALIDATE_EMAIL)) ? $setupVars["ADMIN_EMAIL"] : ""; +unset($setupVars); -$AUTHORIZED_HOSTNAMES = array( - $ipv4, - $ipv6, - str_replace(array("[","]"), array("",""), $_SERVER["SERVER_ADDR"]), - "pi.hole", - "localhost"); -// Allow user set virtual hostnames -$virtual_host = getenv('VIRTUAL_HOST'); -if (!empty($virtual_host)) - array_push($AUTHORIZED_HOSTNAMES, $virtual_host); +// Set landing page name, found within /var/www/html/ +$landPage = "landing.php"; -// Immediately quit since we didn't block this page (the IP address or pi.hole is explicitly requested) -if(validIP($serverName) || in_array($serverName,$AUTHORIZED_HOSTNAMES)) -{ - http_response_code(404); - die(); +// Set empty array for hostnames to be accepted as self address for splash page +$authorizedHosts = []; + +// Append FQDN to $authorizedHosts +if (!empty($svFQDN)) array_push($authorizedHosts, $svFQDN); + +// Append virtual hostname to $authorizedHosts +if (!empty($_SERVER["VIRTUAL_HOST"])) { + if (validate_server_name($_SERVER["VIRTUAL_HOST"]) === TRUE) { + array_push($authorizedHosts, $_SERVER["VIRTUAL_HOST"]); + } else { + die("[ERROR]: VIRTUAL_HOST header output does not appear to be valid: ".$_SERVER["VIRTUAL_HOST"].""); + } } -if(in_array($uriExt, $webExt) || empty($uriExt)) -{ - // Requested resource has an extension listed in $webExt - // or no extension (index access to some folder incl. the root dir) - $showPage = true; -} -else -{ - // Something else - $showPage = false; +// Set which extension types get rendered as "Website Blocked" (Including "" for index file extensions) +$validExtTypes = array("asp", "htm", "html", "php", "rss", "xml", ""); + +// Get extension of current URL +$currentUrlExt = pathinfo($_SERVER["REQUEST_URI"], PATHINFO_EXTENSION); + +// Set mobile friendly viewport +$viewPort = ''; + +// Set response header +function setHeader($type = "x") { + header("X-Pi-hole: A black hole for Internet advertisements."); + if (isset($type) && $type === "js") header("Content-Type: application/javascript"); } -// Handle incoming URI types -if (!$showPage) -{ -?> - - - - - - - - + $viewPort + +
Pi-hole: Your black hole for Internet advertisements + "; + $pageType = is_file(getcwd()."/$landPage") ? include $landPage : "$splashPage"; + unset($serverName, $svFQDN, $svPasswd, $svEmail, $authorizedHosts, $validExtTypes, $currentUrlExt, $viewPort); + exit($pageType); +} elseif ($currentUrlExt === "js") { + // Set Javascript redirect for blocked sources + exit(setHeader("js").'var x = "Pi-hole: A black hole for Internet advertisements."'); +} elseif (strpos($_SERVER["REQUEST_URI"], "?") !== FALSE && isset($_SERVER["HTTP_REFERER"])) { + // Set blank image upon receiving REQUEST_URI w/ query string & HTTP_REFERRER (Presumably from iframe) + exit(setHeader().' + + + '); +} elseif (!in_array($currentUrlExt, $validExtTypes) || substr_count($_SERVER["REQUEST_URI"], "?")) { + // Set svg image upon receiving non $validExtTypes URL extension or query string (Presumably not from an iframe) + $blockImg = 'Blocked by Pi-hole'; + exit(setHeader()." + $viewPort + $blockImg + "); } -// Get Pi-hole version -$piHoleVersion = exec('cd /etc/.pihole/ && git describe --tags --abbrev=0'); +/* Start processing block page from here */ -// Don't show the URI if it is the root directory -if($uri == "/") -{ - $uri = ""; +// Get Pi-hole core branch name +$phBranch = exec("cd /etc/.pihole/ && git rev-parse --abbrev-ref HEAD"); +if ($phBranch !== "master") { + error_reporting(E_ALL); + ini_set("display_errors", 1); + ini_set("display_startup_errors", 1); } +// Validate SERVER_IP output +if (filter_var($_SERVER['SERVER_ADDR'], FILTER_VALIDATE_IP)) { + $serverAddr = $_SERVER["SERVER_ADDR"]; +} else { + die("[ERROR]: SERVER_IP header output does not appear to be valid: ".$_SERVER["SERVER_ADDR"].""); +} + +// Determine placeholder text based off $svPasswd presence +$wlPlaceHolder = empty($svPasswd) ? "No admin password set" : "Javascript disabled"; + +// Get admin email address +$bpAskAdmin = !empty($svEmail) ? '' : ""; + +// Determine if at least one block list has been generated +if (empty(glob("/etc/pihole/list.0.*.domains"))) die("[ERROR]: There are no domain lists generated lists within /etc/pihole/! Please update gravity by running pihole -g, or repair Pi-hole using pihole -r."); + +// Get contents of adlist.list +$adLists = is_file("/etc/pihole/adlists.list") ? "/etc/pihole/adlists.list" : "/etc/pihole/adlists.default"; +if (!is_file($adLists)) die("[ERROR]: Unable to find file: $adLists"); + +// Get all URLs starting with "http" or "www" from $adLists and re-index array numerically +$adlistsUrls = array_values(preg_grep("/(^http)|(^www)/i", file($adLists, FILE_IGNORE_NEW_LINES))); +if (empty($adlistsUrls)) die("[ERROR]: There are no adlist URL's found within $adLists"); +$adlistsCount = count($adlistsUrls) + 3; // +1 because array starts at 0, +2 for Blacklist & Wildcard lists + +// Get results of queryads.php exact search +ini_set("default_socket_timeout", 3); +function queryAds($serverName) { + $preQueryTime = microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"]; + $queryAds = file("http://127.0.0.1/admin/scripts/pi-hole/php/queryads.php?domain=$serverName&exact", FILE_IGNORE_NEW_LINES); + $queryTime = sprintf("%.0f", (microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"]) - $preQueryTime); + try { + if ($queryTime >= ini_get("default_socket_timeout")) { + throw new Exception ("Connection timeout (".ini_get("default_socket_timeout")."s)"); + } elseif ($queryAds[0][0] === ":") { + if (strpos($queryAds[0], "Invalid") !== FALSE) throw new Exception ("Invalid Domain ($serverName)"); + if (strpos($queryAds[0], "No exact") !== FALSE) return array("0" => "none"); + throw new Exception ("Unhandled error message ($queryAds[0])"); + } elseif ($queryAds[0][0] !== "/") { + throw new Exception ("Unexpected output ($queryAds[0])"); + } + return $queryAds; + } catch (Exception $e) { + return array("0" => "error", "1" => $e->getMessage()); + } +} +$queryAds = queryAds($serverName); + +if ($queryAds[0] === "error") { + die("[ERROR]: Unable to parse results from queryads.php: ".$queryAds[1].""); +} + +// Filter, sort, and count $queryAds array +if ($queryAds[0] !== "none") { + $queryAds = preg_replace("/(\/etc\/pihole\/)|(\/etc\/dnsmasq\.d\/)/", "", $queryAds); + $queryAds = preg_replace("/(^list\.)|(\..*domains)/", "", $queryAds); + $featuredTotal = count($queryAds); +} + +// Determine if domain has been blacklisted or wildcarded +if ($queryAds[0] === "blacklist.txt") { + $intBlacklist = array("π" => $queryAds[0]); + $queryAds[0] = "π"; // Manually blacklisted sites do not have a number + $notableFlagClass = "blacklist"; +} elseif ($queryAds[0] === "03-pihole-wildcard.conf") { + $intBlacklist = array("π" => $queryAds[0]); + $queryAds[0] = "π"; + $notableFlagClass = "wildcard"; +} elseif ($queryAds[0] === "none") { + $featuredTotal = "0"; + $notableFlagClass = "noblock"; + + // Determine appropriate info message if CNAME exists + $dnsRecord = dns_get_record("$serverName")[0]; + if (array_key_exists("target", $dnsRecord)) { + $wlInfo = $dnsRecord['target']; + } else { + $wlInfo = "recentwl"; + } +} + +// Merge $intBlacklist with $adlistsUrls if domain has been blacklisted or wildcarded +if (isset($intBlacklist)) $adlistsUrls = array_merge($intBlacklist, $adlistsUrls); + +// Set #bpOutput notification +$wlOutputClass = (isset($wlInfo) && $wlInfo === "recentwl") ? $wlInfo : "hidden"; +$wlOutput = (isset($wlInfo) && $wlInfo !== "recentwl") ? "$wlInfo" : ""; + +// Get Pi-hole core version +if ($phBranch !== "master") { + $phVersion = exec("cd /etc/.pihole/ && git describe --long --dirty --tags"); + $execTime = microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"]; +} else { + $phVersion = exec("cd /etc/.pihole/ && git describe --tags --abbrev=0"); +} ?> + - - Website Blocked - - - - + + + + + + + + ● <?=$serverName ?> + + - +
-

Website Blocked

+

+ +

+
+ + +
+
+
+

Open Source Ad Blocker + Designed for Raspberry Pi +

+
+
+ + '; ?> +
+
+ +
+ +
+
-
Access to the following site has been blocked:
-
-
If you have an ongoing use for this website, please ask the owner of the Pi-hole in your network to have it whitelisted.
- - - - This page is blocked because it is explicitly contained within the following block list(s): -
-
- Go back - Whitelist this page - Close window -
- +
+
+

+
+ +
+

+
+ +
+
+ + 0) echo ''; ?> +
+ +
+ + 
 0) foreach ($queryAds as $num) { echo "[$num]:$adlistsUrls[$num]\n"; } ?>
+
+ + +
+
-
Generated by Pi-hole
- - - +
. Pi-hole ()
+
+ - - + + From a0603ad3b701abde6e392a72a407260c012a9a9c Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Tue, 2 May 2017 17:13:55 +1000 Subject: [PATCH 009/335] Update queryFunc() * Allow scanList() to search files using a wildcard by removing quotes wrapped around `${list}` * scanList() will not provide a domain ouput on each string if exact is specified (`grep -l`) * Remove unused processWildcards() function * Return a message if no domain is specified * IDN domains are converted to punycode when running a `pihole -q` search if the `python` package is available, otherwise will revert to current behaviour * Scan Blacklist & Wildcards first, exiting from search if a match is found (Fixes #1330) * Use one `grep` subshell to search for all "*.domains" lists at once (opposed to looping to get every matching file name, and then spawning a `grep` instance for every matching file) * queryFunc() will not return "(0 results)" output from files where no match is found * Sort results based off list number * Return a message if no results are found --- pihole | 83 +++++++++++++++++++++++----------------------------------- 1 file changed, 33 insertions(+), 50 deletions(-) diff --git a/pihole b/pihole index 83e13000..eaf4e955 100755 --- a/pihole +++ b/pihole @@ -84,62 +84,45 @@ scanList(){ domain="${1}" list="${2}" method="${3}" - if [[ ${method} == "-exact" ]] ; then - grep -i -E "(^|\s)${domain}($|\s)" "${list}" - else - grep -i "${domain}" "${list}" - fi -} -processWildcards() { - IFS="." read -r -a array <<< "${1}" - for (( i=${#array[@]}-1; i>=0; i-- )); do - ar="" - for (( j=${#array[@]}-1; j>${#array[@]}-i-2; j-- )); do - if [[ $j == $((${#array[@]}-1)) ]]; then - ar="${array[$j]}" - else - ar="${array[$j]}.${ar}" - fi - done - echo "${ar}" - done + if [[ ${method} == "-exact" ]]; then + grep -i -E -l "(^|\/)${domain}($|\/)" ${list} + else + grep -i "${domain}" ${list} + fi } queryFunc() { - domain="${2}" method="${3}" - lists=( /etc/pihole/list.* /etc/pihole/blacklist.txt) - for list in ${lists[@]}; do - if [ -e "${list}" ]; then - result=$(scanList ${domain} ${list} ${method}) - # Remove empty lines before couting number of results - count=$(sed '/^\s*$/d' <<< "$result" | wc -l) - echo "::: ${list} (${count} results)" - if [[ ${count} > 0 ]]; then - echo "${result}" - fi - echo "" - else - echo "::: ${list} does not exist" - echo "" - fi - done - - # Scan for possible wildcard matches - if [ -e "${wildcardlist}" ]; then - local wildcards=($(processWildcards "${domain}")) - for domain in ${wildcards[@]}; do - result=$(scanList "\/${domain}\/" ${wildcardlist}) - # Remove empty lines before couting number of results - count=$(sed '/^\s*$/d' <<< "$result" | wc -l) - if [[ ${count} > 0 ]]; then - echo "::: Wildcard blocking ${domain} (${count} results)" - echo "${result}" - echo "" - fi - done + + # If domain contains non ASCII characters, convert domain to punycode if python exists + # Cr: https://serverfault.com/a/335079 + if [ -z "${2}" ]; then + echo "::: No domain specified" + exit 1 + elif [[ ${2} = *[![:ascii:]]* ]]; then + [ `which python` ] && domain=$(python -c 'import sys;print sys.argv[1].decode("utf-8").encode("idna")' "${2}") + else + domain="${2}" fi + + # Scan Blacklist and Wildcards + lists="/etc/pihole/blacklist.txt $wildcardlist" + result=$(scanList ${domain} "${lists}" ${method}) + if [ -n "$result" ]; then + echo "$result" + exit 0 + fi + + # Scan Domains lists + result=$(scanList ${domain} "/etc/pihole/*.domains" ${method}) + if [ -n "$result" ]; then + sort -t . -k 2 -g <<< "$result" + else + [ -n "$method" ] && exact="exact " + echo "::: No ${exact}results found for ${domain}" + fi + exit 0 } From dfb5c37d984139537b6fe53c52964125c2c6d724 Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Tue, 2 May 2017 17:21:40 +1000 Subject: [PATCH 010/335] Delete index.js --- advanced/index.js | 1 - 1 file changed, 1 deletion(-) delete mode 100644 advanced/index.js diff --git a/advanced/index.js b/advanced/index.js deleted file mode 100644 index c9da5aff..00000000 --- a/advanced/index.js +++ /dev/null @@ -1 +0,0 @@ -var x = "Pi-hole: A black hole for Internet advertisements." From 356c70cdae29c49d95933434cb9820ca42ccf6af Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Tue, 2 May 2017 17:24:07 +1000 Subject: [PATCH 011/335] Update lighttpd.conf.debian * Disable `include-conf-enabled.pl`, as blindly enabling HTTPS (as Let's Encrypt does by having a file in that folder) creates Block Page inefficiencies * Make Block page handle JS request rewrite, allowing users to better utilise their `lighttpd` service * Make Block page handle debugging Pi-hole header * Make Block page redirect users from `pi.hole` to `http://pi.hole/admin` --- advanced/lighttpd.conf.debian | 20 ++++---------------- 1 file changed, 4 insertions(+), 16 deletions(-) diff --git a/advanced/lighttpd.conf.debian b/advanced/lighttpd.conf.debian index 3b57756e..19b8b186 100644 --- a/advanced/lighttpd.conf.debian +++ b/advanced/lighttpd.conf.debian @@ -50,7 +50,7 @@ compress.filetype = ( "application/javascript", "text/css", "text/html # default listening port for IPv6 falls back to the IPv4 port include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port include_shell "/usr/share/lighttpd/create-mime.assign.pl" -include_shell "/usr/share/lighttpd/include-conf-enabled.pl" +#include_shell "/usr/share/lighttpd/include-conf-enabled.pl" # If the URL starts with /admin, it is the Web interface $HTTP["url"] =~ "^/admin/" { @@ -59,21 +59,9 @@ $HTTP["url"] =~ "^/admin/" { "X-Pi-hole" => "The Pi-hole Web interface is working!", "X-Frame-Options" => "DENY" ) -} - -# Rewite js requests, must be out of $HTTP block due to bug #2526 -url.rewrite = ( "^(?!/admin/).*\.js$" => "pihole/index.js" ) - -# If the URL does not start with /admin, then it is a query for an ad domain -$HTTP["url"] =~ "^(?!/admin)/.*" { - # Create a response header for debugging using curl -I - setenv.add-response-header = ( "X-Pi-hole" => "A black hole for Internet advertisements." ) -} - -# Entering just "pi.hole" into a browser redirects to "pi.hole/admin/" -$HTTP["host"] == "pi.hole" { - $HTTP["url"] == "/" { - url.redirect = ( "" => "/admin/" ) + $HTTP["url"] =~ ".ttf$" { + # Allow Block Page access to local fonts + setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" ) } } From 74b15d10d98fa3e1c42b98cb26c81a09408389dd Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Tue, 2 May 2017 17:24:55 +1000 Subject: [PATCH 012/335] Update lighttpd.conf.fedora Mirror changes found in `lighttpd.conf.debian` --- advanced/lighttpd.conf.fedora | 23 +++++++---------------- 1 file changed, 7 insertions(+), 16 deletions(-) diff --git a/advanced/lighttpd.conf.fedora b/advanced/lighttpd.conf.fedora index fd856fbb..773f0142 100644 --- a/advanced/lighttpd.conf.fedora +++ b/advanced/lighttpd.conf.fedora @@ -75,22 +75,13 @@ fastcgi.server = ( ".php" => # If the URL starts with /admin, it is the Web interface $HTTP["url"] =~ "^/admin/" { # Create a response header for debugging using curl -I - setenv.add-response-header = ( "X-Pi-hole" => "The Pi-hole Web interface is working!" ) -} - -# Rewite js requests, must be out of $HTTP block due to bug #2526 -url.rewrite = ( "^(?!/admin/).*\.js$" => "pihole/index.js" ) - -# If the URL does not start with /admin, then it is a query for an ad domain -$HTTP["url"] =~ "^(?!/admin)/.*" { - # Create a response header for debugging using curl -I - setenv.add-response-header = ( "X-Pi-hole" => "A black hole for Internet advertisements." ) -} - -# Entering just "pi.hole" into a browser redirects to "pi.hole/admin/" -$HTTP["host"] == "pi.hole" { - $HTTP["url"] == "/" { - url.redirect = ( "" => "/admin/" ) + setenv.add-response-header = ( + "X-Pi-hole" => "The Pi-hole Web interface is working!", + "X-Frame-Options" => "DENY" + ) + $HTTP["url"] =~ ".ttf$" { + # Allow Block Page access to local fonts + setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" ) } } From 7bcea98d0cc7fc43298c3945b3f262e9f0e73019 Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Tue, 2 May 2017 17:28:51 +1000 Subject: [PATCH 013/335] Do not activate letsencrypt.conf if found --- advanced/lighttpd.conf.debian | 1 + 1 file changed, 1 insertion(+) diff --git a/advanced/lighttpd.conf.debian b/advanced/lighttpd.conf.debian index 19b8b186..47f6af02 100644 --- a/advanced/lighttpd.conf.debian +++ b/advanced/lighttpd.conf.debian @@ -51,6 +51,7 @@ compress.filetype = ( "application/javascript", "text/css", "text/html include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port include_shell "/usr/share/lighttpd/create-mime.assign.pl" #include_shell "/usr/share/lighttpd/include-conf-enabled.pl" +include_shell "find /etc/lighttpd/conf-enabled -name '*.conf' -a ! -name 'letsencrypt.conf' -printf 'include \"%p\"\n' 2>/dev/null" # If the URL starts with /admin, it is the Web interface $HTTP["url"] =~ "^/admin/" { From a8818c16d87d34ebf5fdc2650151b7a5a1a7e7df Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Tue, 2 May 2017 19:51:13 +1000 Subject: [PATCH 014/335] Fixed unnecessary usage of !important --- advanced/blockingpage.css | 49 ++++++++++++++++++++------------------- 1 file changed, 25 insertions(+), 24 deletions(-) diff --git a/advanced/blockingpage.css b/advanced/blockingpage.css index a176e84c..1af96cda 100644 --- a/advanced/blockingpage.css +++ b/advanced/blockingpage.css @@ -11,12 +11,12 @@ .linkPH:before { content: "About Pi-hole"; } .linkEmail:before { content: "Contact Admin"; } -.add:before { content: "Info"; } -.add:after { content: "The domain is being whitelisted..."; } -.error:before, .unhandled:before { content: "Error"; } -.unhandled:after { content: "An unhandled exception occured. This may happen when your browser is unable to load jQuery, or when the webserver is denying access to the Pi-hole API."; } -.success:before { content: "Success"; } -.success:after { content: "Website has been whitelisted! You may need to flush your DNS cache"; } +#bpOutput.add:before { content: "Info"; } +#bpOutput.add:after { content: "The domain is being whitelisted..."; } +#bpOutput.error:before, .unhandled:before { content: "Error"; } +#bpOutput.unhandled:after { content: "An unhandled exception occured. This may happen when your browser is unable to load jQuery, or when the webserver is denying access to the Pi-hole API."; } +#bpOutput.success:before { content: "Success"; } +#bpOutput.success:after { content: "Website has been whitelisted! You may need to flush your DNS cache"; } .recentwl:before { content: "This site appears to have been recently whitelisted. Please flush your DNS cache and/or restart your browser."; } .cname:before { content: "This site is an alias for "; } /* cname.com */ @@ -101,13 +101,14 @@ b { color: rgb(68,68,68); } p { margin: 0; } label, .buttons a { - cursor: pointer; -webkit-user-select: none; -moz-user-select: none; -ms-user-select: none; user-select: none; } +label, .buttons *:not([disabled]) { cursor: pointer; } + /* Touch device dark tap highlight */ header h1 a, label, .buttons * { -webkit-tap-highlight-color: transparent; } @@ -146,11 +147,6 @@ body { box-shadow: 0 0 8px rgba(0,0,0,0.5); } -@media only screen and (min-width: 1251px) { - #bpWrapper, footer { border-radius: 0 0 5px 5px; } - #bpAbout { border-right-width: 1px !important; } -} - header { background: #3c8dbc; display: table; @@ -316,12 +312,7 @@ main { width: auto; } -#bpButtons * { width: 50%; color: #FFF; } -#bpBack { background-color: #00a65a; } -#bpInfo { background-color: #3c8dbc; } -#bpWhitelist { background-color: #dd4b39; } - -.buttons a { text-decoration: none; } +.buttons a:hover { text-decoration: none; } /* Button hover dark overlay */ .buttons *:not(input):not([disabled]):hover { @@ -339,11 +330,16 @@ main { border-color: rgba(0,0,0,0.25); } -:-ms-input-placeholder { color: rgba(51,51,51,0.8) !important; } -input[type=password] { font-size: 1.4rem; } +#bpButtons * { width: 50%; color: #FFF; } +#bpBack { background-color: #00a65a; } +#bpInfo { background-color: #3c8dbc; } +#bpWhitelist { background-color: #dd4b39; } -.buttons [type=password][disabled] { color: rgba(0,0,0,1) !important; } -.buttons [disabled] { color: rgba(0,0,0,0.55) !important; background-color: #e3e3e3 !important; } +#blockpage .buttons [type=password][disabled] { color: rgba(0,0,0,1); } +#blockpage .buttons [disabled] { color: rgba(0,0,0,0.55); background-color: #e3e3e3; } +#blockpage .buttons [type=password]:-ms-input-placeholder { color: rgba(51,51,51,0.8); } + +input[type=password] { font-size: 1.5rem; } @keyframes slidein { from { max-height: 0; opacity: 0; } to { max-height: 300px; opacity: 1; } } #bpMoreToggle:checked ~ #bpMoreInfo { display: block; margin-top: 8px; animation: slidein 0.05s linear; } @@ -364,7 +360,7 @@ input[type=password] { font-size: 1.4rem; } #bpWLButtons * { display: inline-block; } #bpWLDomain { display: none; } #bpWLPassword { width: 160px; } -#bpWhitelist { color: #fff; cursor: pointer; } +#bpWhitelist { color: #fff; } footer { background: #fff; @@ -374,9 +370,14 @@ footer { padding: 8px; } -/* Responsive small-screen content */ +/* Responsive Content */ @media only screen and (max-width: 500px) { h1 a { font-size: 1.8rem; min-width: 170px; } footer span:before { content: "Generated "; } footer span { display: block; } } + +@media only screen and (min-width: 1251px) { + #bpWrapper, footer { border-radius: 0 0 5px 5px; } + #bpAbout { border-right-width: 1px; } +} From f2016f26d72563b14b461ab1c87b09fa6270fc7f Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Wed, 3 May 2017 15:29:43 +1000 Subject: [PATCH 015/335] Updated splash page CSS href --- advanced/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/index.php b/advanced/index.php index aeb607ca..78ca7b17 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -70,7 +70,7 @@ if ($serverName === "pi.hole") { $splashPage = " $viewPort - +
Pi-hole: Your black hole for Internet advertisements "; $pageType = is_file(getcwd()."/$landPage") ? include $landPage : "$splashPage"; From 4d731ca30bfe5d6f39fd8a4ea531fab5174cd217 Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Wed, 3 May 2017 15:33:50 +1000 Subject: [PATCH 016/335] Updated landing page location During development, I had the location of `/pihole/index.php` as just `/index.php`. Just correcting some changes! --- advanced/index.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/advanced/index.php b/advanced/index.php index 78ca7b17..7fd3c44b 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -29,8 +29,8 @@ $svPasswd = !empty($setupVars["WEBPASSWORD"]); $svEmail = (!empty($setupVars["ADMIN_EMAIL"]) && filter_var($setupVars["ADMIN_EMAIL"], FILTER_VALIDATE_EMAIL)) ? $setupVars["ADMIN_EMAIL"] : ""; unset($setupVars); -// Set landing page name, found within /var/www/html/ -$landPage = "landing.php"; +// Set landing page name, found within /var/www/html/pihole/ +$landPage = "../landing.php"; // Set empty array for hostnames to be accepted as self address for splash page $authorizedHosts = []; From 99b23627d0d8cb6036cf69e46de042a80b570ac0 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Fri, 5 May 2017 12:03:51 -0700 Subject: [PATCH 017/335] Update basic-install.sh --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index c65ef49f..3ca90db6 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -408,7 +408,7 @@ setDHCPCD() { echo "interface ${PIHOLE_INTERFACE} static ip_address=${IPV4_ADDRESS} static routers=${IPv4gw} - static domain_name_servers=${IPv4gw}" | tee -a /etc/dhcpcd.conf >/dev/null + static domain_name_servers=127.0.0.1" | tee -a /etc/dhcpcd.conf >/dev/null } setStaticIPv4() { From f270f7430c655249d9274553697c558c3b9b04e9 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Fri, 5 May 2017 22:10:24 +0100 Subject: [PATCH 018/335] Update block page. Allow for setupVars setting of CUSTOMBLOCKPAGE (bool) to prevent it being overwritten --- automated install/basic-install.sh | 34 +++++++++++++++++++++++------- 1 file changed, 26 insertions(+), 8 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index c65ef49f..ca45a256 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -35,7 +35,7 @@ IPV4_ADDRESS="" IPV6_ADDRESS="" QUERY_LOGGING=true INSTALL_WEB=true - +CUSTOMBLOCKPAGE=false # Find the rows and columns will default to 80x24 is it can not be detected screen_size=$(stty size 2>/dev/null || echo 24 80) @@ -866,30 +866,48 @@ CreateLogFile() { } installPiholeWeb() { + + if [ -f ${setupVars} ]; then + . ${setupVars} + fi # Install the web interface echo ":::" - echo "::: Installing pihole custom index page..." + echo -n "::: Installing index.php..." if [ -d "/var/www/html/pihole" ]; then if [ -f "/var/www/html/pihole/index.php" ]; then - echo "::: Existing index.php detected, not overwriting" + if [[ ${CUSTOMBLOCKPAGE} == true ]]; then + echo " Existing index.php detected, not overwriting" + else + cp ${PI_HOLE_LOCAL_REPO}/advanced/index.php /var/www/html/pihole/ + echo " done!" + fi else - echo -n "::: index.php missing, replacing... " cp ${PI_HOLE_LOCAL_REPO}/advanced/index.php /var/www/html/pihole/ echo " done!" fi + echo -n "::: Installing index.js..." if [ -f "/var/www/html/pihole/index.js" ]; then - echo "::: Existing index.js detected, not overwriting" + if [[ ${CUSTOMBLOCKPAGE} == true ]]; then + echo " Existing index.js detected, not overwriting" + else + cp ${PI_HOLE_LOCAL_REPO}/advanced/index.js /var/www/html/pihole/ + echo " done!" + fi else - echo -n "::: index.js missing, replacing... " cp ${PI_HOLE_LOCAL_REPO}/advanced/index.js /var/www/html/pihole/ echo " done!" fi + echo -n "::: Installing blockingpage.css..." if [ -f "/var/www/html/pihole/blockingpage.css" ]; then - echo "::: Existing blockingpage.css detected, not overwriting" + if [[ ${CUSTOMBLOCKPAGE} == true ]]; then + echo " Existing blockingpage.css detected, not overwriting" + else + cp ${PI_HOLE_LOCAL_REPO}/advanced/blockingpage.css /var/www/html/pihole + echo " done!" + fi else - echo -n "::: blockingpage.css missing, replacing... " cp ${PI_HOLE_LOCAL_REPO}/advanced/blockingpage.css /var/www/html/pihole echo " done!" fi From 5cd2c77d9897ae84d6494a4397fbbd22013289d2 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Fri, 5 May 2017 22:24:40 +0100 Subject: [PATCH 019/335] simplify --- automated install/basic-install.sh | 35 +----------------------------- 1 file changed, 1 insertion(+), 34 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index ca45a256..eaa3413d 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -874,44 +874,11 @@ installPiholeWeb() { echo ":::" echo -n "::: Installing index.php..." if [ -d "/var/www/html/pihole" ]; then - if [ -f "/var/www/html/pihole/index.php" ]; then - if [[ ${CUSTOMBLOCKPAGE} == true ]]; then - echo " Existing index.php detected, not overwriting" - else + if [[ ${CUSTOMBLOCKPAGE} == false ]]; then cp ${PI_HOLE_LOCAL_REPO}/advanced/index.php /var/www/html/pihole/ - echo " done!" - fi - else - cp ${PI_HOLE_LOCAL_REPO}/advanced/index.php /var/www/html/pihole/ - echo " done!" - fi - - echo -n "::: Installing index.js..." - if [ -f "/var/www/html/pihole/index.js" ]; then - if [[ ${CUSTOMBLOCKPAGE} == true ]]; then - echo " Existing index.js detected, not overwriting" - else cp ${PI_HOLE_LOCAL_REPO}/advanced/index.js /var/www/html/pihole/ - echo " done!" - fi - else - cp ${PI_HOLE_LOCAL_REPO}/advanced/index.js /var/www/html/pihole/ - echo " done!" - fi - - echo -n "::: Installing blockingpage.css..." - if [ -f "/var/www/html/pihole/blockingpage.css" ]; then - if [[ ${CUSTOMBLOCKPAGE} == true ]]; then - echo " Existing blockingpage.css detected, not overwriting" - else cp ${PI_HOLE_LOCAL_REPO}/advanced/blockingpage.css /var/www/html/pihole - echo " done!" fi - else - cp ${PI_HOLE_LOCAL_REPO}/advanced/blockingpage.css /var/www/html/pihole - echo " done!" - fi - else echo "::: Creating directory for blocking page" install -d /var/www/html/pihole From 41dd163453cc37a2962a6d5cbf4851f53c74c49b Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Fri, 5 May 2017 22:27:33 +0100 Subject: [PATCH 020/335] further simplify --- automated install/basic-install.sh | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index eaa3413d..d603585f 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -872,15 +872,14 @@ installPiholeWeb() { fi # Install the web interface echo ":::" - echo -n "::: Installing index.php..." if [ -d "/var/www/html/pihole" ]; then if [[ ${CUSTOMBLOCKPAGE} == false ]]; then - cp ${PI_HOLE_LOCAL_REPO}/advanced/index.php /var/www/html/pihole/ - cp ${PI_HOLE_LOCAL_REPO}/advanced/index.js /var/www/html/pihole/ - cp ${PI_HOLE_LOCAL_REPO}/advanced/blockingpage.css /var/www/html/pihole + echo -n "::: Installing block page..." + install -D ${PI_HOLE_LOCAL_REPO}/advanced/{index,blockingpage}.* /var/www/html/pihole/ + echo " done!" fi else - echo "::: Creating directory for blocking page" + echo "::: Creating directory for blocking page" install -d /var/www/html/pihole install -D ${PI_HOLE_LOCAL_REPO}/advanced/{index,blockingpage}.* /var/www/html/pihole/ if [ -f /var/www/html/index.lighttpd.html ]; then From 615ca56ea3967e915fb38a660ef9fe336e056126 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Fri, 5 May 2017 22:27:58 +0100 Subject: [PATCH 021/335] fix inteliJ IDEA complaints --- automated install/basic-install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index d603585f..908902f3 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -875,13 +875,13 @@ installPiholeWeb() { if [ -d "/var/www/html/pihole" ]; then if [[ ${CUSTOMBLOCKPAGE} == false ]]; then echo -n "::: Installing block page..." - install -D ${PI_HOLE_LOCAL_REPO}/advanced/{index,blockingpage}.* /var/www/html/pihole/ + install -D ${PI_HOLE_LOCAL_REPO}/advanced/index.* /advanced/blockingpage.* /var/www/html/pihole/ echo " done!" fi else echo "::: Creating directory for blocking page" install -d /var/www/html/pihole - install -D ${PI_HOLE_LOCAL_REPO}/advanced/{index,blockingpage}.* /var/www/html/pihole/ + install -D ${PI_HOLE_LOCAL_REPO}/advanced/index.* /advanced/blockingpage.* /var/www/html/pihole/ if [ -f /var/www/html/index.lighttpd.html ]; then mv /var/www/html/index.lighttpd.html /var/www/html/index.lighttpd.orig else From 324d4433c3fc616ba25e9fe58e534e3bfc30e6f6 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Fri, 5 May 2017 22:31:31 +0100 Subject: [PATCH 022/335] even further simplify --- automated install/basic-install.sh | 22 +++++++++------------- 1 file changed, 9 insertions(+), 13 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 908902f3..feeb2791 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -872,24 +872,20 @@ installPiholeWeb() { fi # Install the web interface echo ":::" - if [ -d "/var/www/html/pihole" ]; then - if [[ ${CUSTOMBLOCKPAGE} == false ]]; then - echo -n "::: Installing block page..." - install -D ${PI_HOLE_LOCAL_REPO}/advanced/index.* /advanced/blockingpage.* /var/www/html/pihole/ - echo " done!" - fi - else - echo "::: Creating directory for blocking page" + + if [[ ${CUSTOMBLOCKPAGE} == false ]]; then + echo -n "::: Installing block page..." install -d /var/www/html/pihole install -D ${PI_HOLE_LOCAL_REPO}/advanced/index.* /advanced/blockingpage.* /var/www/html/pihole/ - if [ -f /var/www/html/index.lighttpd.html ]; then - mv /var/www/html/index.lighttpd.html /var/www/html/index.lighttpd.orig - else - printf "\n:::\tNo default index.lighttpd.html file found... not backing up" - fi echo " done!" fi + if [ -f /var/www/html/index.lighttpd.html ]; then + mv /var/www/html/index.lighttpd.html /var/www/html/index.lighttpd.orig + else + printf "\n:::\tNo default index.lighttpd.html file found... not backing up" + fi + # Install Sudoer file echo ":::" echo -n "::: Installing sudoer file..." From 5b0927ca4b735a9f3b996ec38877df3a0852cf29 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Fri, 5 May 2017 22:32:27 +0100 Subject: [PATCH 023/335] tidy up output --- automated install/basic-install.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index feeb2791..62130ca6 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -880,10 +880,12 @@ installPiholeWeb() { echo " done!" fi + echo -n "::: Backing up default lighttpd index page..." if [ -f /var/www/html/index.lighttpd.html ]; then mv /var/www/html/index.lighttpd.html /var/www/html/index.lighttpd.orig + echo " done!" else - printf "\n:::\tNo default index.lighttpd.html file found... not backing up" + echo " No default index.lighttpd.html file found... not backing up" fi # Install Sudoer file From 19fd25c7cd54b3cfc19ded79373869c9d035dbb4 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Fri, 5 May 2017 22:40:10 +0100 Subject: [PATCH 024/335] revert line, looks tidyer --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 62130ca6..516f8ebf 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -876,7 +876,7 @@ installPiholeWeb() { if [[ ${CUSTOMBLOCKPAGE} == false ]]; then echo -n "::: Installing block page..." install -d /var/www/html/pihole - install -D ${PI_HOLE_LOCAL_REPO}/advanced/index.* /advanced/blockingpage.* /var/www/html/pihole/ + install -D ${PI_HOLE_LOCAL_REPO}/advanced/{index,blockingpage}.* /var/www/html/pihole/ echo " done!" fi From 525a1228c3c999ffc4b0dfd523c0c8b9cf3cb784 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Fri, 5 May 2017 22:43:37 +0100 Subject: [PATCH 025/335] clarify --- automated install/basic-install.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 516f8ebf..df60e59f 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -878,6 +878,8 @@ installPiholeWeb() { install -d /var/www/html/pihole install -D ${PI_HOLE_LOCAL_REPO}/advanced/{index,blockingpage}.* /var/www/html/pihole/ echo " done!" + else + echo "::: Custom block page detected... not overwriting!" fi echo -n "::: Backing up default lighttpd index page..." From 89fd962615339336886e3b7ad543746cb6f7f790 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sat, 6 May 2017 11:45:31 +0100 Subject: [PATCH 026/335] Revert "Ensure any changes to blocking page are updated." --- automated install/basic-install.sh | 50 ++++++++++++++++++++---------- 1 file changed, 33 insertions(+), 17 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 537da830..3ca90db6 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -35,7 +35,7 @@ IPV4_ADDRESS="" IPV6_ADDRESS="" QUERY_LOGGING=true INSTALL_WEB=true -CUSTOMBLOCKPAGE=false + # Find the rows and columns will default to 80x24 is it can not be detected screen_size=$(stty size 2>/dev/null || echo 24 80) @@ -866,28 +866,44 @@ CreateLogFile() { } installPiholeWeb() { - - if [ -f ${setupVars} ]; then - . ${setupVars} - fi # Install the web interface echo ":::" + echo "::: Installing pihole custom index page..." + if [ -d "/var/www/html/pihole" ]; then + if [ -f "/var/www/html/pihole/index.php" ]; then + echo "::: Existing index.php detected, not overwriting" + else + echo -n "::: index.php missing, replacing... " + cp ${PI_HOLE_LOCAL_REPO}/advanced/index.php /var/www/html/pihole/ + echo " done!" + fi - if [[ ${CUSTOMBLOCKPAGE} == false ]]; then - echo -n "::: Installing block page..." + if [ -f "/var/www/html/pihole/index.js" ]; then + echo "::: Existing index.js detected, not overwriting" + else + echo -n "::: index.js missing, replacing... " + cp ${PI_HOLE_LOCAL_REPO}/advanced/index.js /var/www/html/pihole/ + echo " done!" + fi + + if [ -f "/var/www/html/pihole/blockingpage.css" ]; then + echo "::: Existing blockingpage.css detected, not overwriting" + else + echo -n "::: blockingpage.css missing, replacing... " + cp ${PI_HOLE_LOCAL_REPO}/advanced/blockingpage.css /var/www/html/pihole + echo " done!" + fi + + else + echo "::: Creating directory for blocking page" install -d /var/www/html/pihole install -D ${PI_HOLE_LOCAL_REPO}/advanced/{index,blockingpage}.* /var/www/html/pihole/ + if [ -f /var/www/html/index.lighttpd.html ]; then + mv /var/www/html/index.lighttpd.html /var/www/html/index.lighttpd.orig + else + printf "\n:::\tNo default index.lighttpd.html file found... not backing up" + fi echo " done!" - else - echo "::: Custom block page detected... not overwriting!" - fi - - echo -n "::: Backing up default lighttpd index page..." - if [ -f /var/www/html/index.lighttpd.html ]; then - mv /var/www/html/index.lighttpd.html /var/www/html/index.lighttpd.orig - echo " done!" - else - echo " No default index.lighttpd.html file found... not backing up" fi # Install Sudoer file From 173ad339bb9470b15c71b9980d5d1bb216f9615c Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Mon, 8 May 2017 19:33:45 +1000 Subject: [PATCH 027/335] Update CSS location --- advanced/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/index.php b/advanced/index.php index 7fd3c44b..82d46d52 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -214,7 +214,7 @@ if ($phBranch !== "master") { - + ● <?=$serverName ?> '); } elseif (!in_array($currentUrlExt, $validExtTypes) || substr_count($_SERVER["REQUEST_URI"], "?")) { - // Set svg image upon receiving non $validExtTypes URL extension or query string (Presumably not from an iframe) + // Serve SVG upon receiving non $validExtTypes URL extension or query string (e.g: not an iframe of a blocked domain) $blockImg = 'Blocked by Pi-hole'; exit(setHeader()." $viewPort @@ -94,89 +83,86 @@ if ($serverName === "pi.hole") { "); } -/* Start processing block page from here */ - -// Get Pi-hole core branch name -$phBranch = exec("cd /etc/.pihole/ && git rev-parse --abbrev-ref HEAD"); -if ($phBranch !== "master") { - error_reporting(E_ALL); - ini_set("display_errors", 1); - ini_set("display_startup_errors", 1); -} - -// Validate SERVER_IP output -if (filter_var($_SERVER['SERVER_ADDR'], FILTER_VALIDATE_IP)) { - $serverAddr = $_SERVER["SERVER_ADDR"]; -} else { - die("[ERROR]: SERVER_IP header output does not appear to be valid: ".$_SERVER["SERVER_ADDR"].""); -} +/* Start processing Block Page from here */ // Determine placeholder text based off $svPasswd presence $wlPlaceHolder = empty($svPasswd) ? "No admin password set" : "Javascript disabled"; -// Get admin email address +// Define admin email address text $bpAskAdmin = !empty($svEmail) ? '' : ""; // Determine if at least one block list has been generated -if (empty(glob("/etc/pihole/list.0.*.domains"))) die("[ERROR]: There are no domain lists generated lists within /etc/pihole/! Please update gravity by running pihole -g, or repair Pi-hole using pihole -r."); +if (empty(glob("/etc/pihole/list.0.*.domains"))) + die("[ERROR] There are no domain lists generated lists within /etc/pihole/! Please update gravity by running pihole -g, or repair Pi-hole using pihole -r."); -// Get contents of adlist.list -$adLists = is_file("/etc/pihole/adlists.list") ? "/etc/pihole/adlists.list" : "/etc/pihole/adlists.default"; -if (!is_file($adLists)) die("[ERROR]: Unable to find file: $adLists"); +// Set location of adlists file +if (is_file("/etc/pihole/adlists.list")) { + $adLists = "/etc/pihole/adlists.list"; +} elseif (is_file("/etc/pihole/adlists.default")) { + $adLists = "/etc/pihole/adlists.default"; +} else { + die("[ERROR] File not found: /etc/pihole/adlists.list"); +} -// Get all URLs starting with "http" or "www" from $adLists and re-index array numerically +// Get all URLs starting with "http" or "www" from adlists and re-index array numerically $adlistsUrls = array_values(preg_grep("/(^http)|(^www)/i", file($adLists, FILE_IGNORE_NEW_LINES))); -if (empty($adlistsUrls)) die("[ERROR]: There are no adlist URL's found within $adLists"); -$adlistsCount = count($adlistsUrls) + 3; // +1 because array starts at 0, +2 for Blacklist & Wildcard lists + +if (empty($adlistsUrls)) + die("[ERROR]: There are no adlist URL's found within $adLists"); + +// Get total number of blocklists (Including Whitelist, Blacklist & Wildcard lists) +$adlistsCount = count($adlistsUrls) + 3; // Get results of queryads.php exact search ini_set("default_socket_timeout", 3); function queryAds($serverName) { + // Determine the time it takes while querying adlists $preQueryTime = microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"]; - $queryAds = file("http://127.0.0.1/admin/scripts/pi-hole/php/queryads.php?domain=$serverName&exact", FILE_IGNORE_NEW_LINES); + $queryAds = file("http://127.0.0.1/admin/scripts/pi-hole/php/queryads.php?domain=$serverName&bp", FILE_IGNORE_NEW_LINES); + $queryAds = array_values(array_filter(preg_replace("/data:\s+/", "", $queryAds))); $queryTime = sprintf("%.0f", (microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"]) - $preQueryTime); + + // Exception Handling try { if ($queryTime >= ini_get("default_socket_timeout")) { throw new Exception ("Connection timeout (".ini_get("default_socket_timeout")."s)"); - } elseif ($queryAds[0][0] === ":") { - if (strpos($queryAds[0], "Invalid") !== FALSE) throw new Exception ("Invalid Domain ($serverName)"); - if (strpos($queryAds[0], "No exact") !== FALSE) return array("0" => "none"); + } elseif (!strpos($queryAds[0], ".") !== false) { + if (strpos($queryAds[0], "No exact results") !== FALSE) return array("0" => "none"); throw new Exception ("Unhandled error message ($queryAds[0])"); - } elseif ($queryAds[0][0] !== "/") { - throw new Exception ("Unexpected output ($queryAds[0])"); } return $queryAds; } catch (Exception $e) { return array("0" => "error", "1" => $e->getMessage()); } + } + $queryAds = queryAds($serverName); if ($queryAds[0] === "error") { die("[ERROR]: Unable to parse results from queryads.php: ".$queryAds[1].""); -} - -// Filter, sort, and count $queryAds array -if ($queryAds[0] !== "none") { - $queryAds = preg_replace("/(\/etc\/pihole\/)|(\/etc\/dnsmasq\.d\/)/", "", $queryAds); - $queryAds = preg_replace("/(^list\.)|(\..*domains)/", "", $queryAds); +} else { $featuredTotal = count($queryAds); + + // Place results into key => value array + $queryResults = null; + foreach ($queryAds as $str) { + $value = explode(" ", $str); + @$queryResults[$value[0]] .= "$value[1]"; + } } -// Determine if domain has been blacklisted or wildcarded -if ($queryAds[0] === "blacklist.txt") { - $intBlacklist = array("π" => $queryAds[0]); - $queryAds[0] = "π"; // Manually blacklisted sites do not have a number +// Determine if domain has been blacklisted, whitelisted, wildcarded or CNAME blocked +if (strpos($queryAds[0], "blacklist") !== FALSE) { $notableFlagClass = "blacklist"; -} elseif ($queryAds[0] === "whitelist.txt") { - $intBlacklist = array("π" => $queryAds[0]); - $queryAds[0] = "π"; + $adlistsUrls = array("π" => substr($queryAds[0], 2)); +} elseif (strpos($queryAds[0], "whitelist") !== FALSE) { $notableFlagClass = "noblock"; + $adlistsUrls = array("π" => substr($queryAds[0], 2)); $wlInfo = "recentwl"; -} elseif ($queryAds[0] === "03-pihole-wildcard.conf") { - $intBlacklist = array("π" => $queryAds[0]); - $queryAds[0] = "π"; +} elseif (strpos($queryAds[0], "wildcard") !== FALSE) { $notableFlagClass = "wildcard"; + $adlistsUrls = array("π" => substr($queryAds[0], 2)); } elseif ($queryAds[0] === "none") { $featuredTotal = "0"; $notableFlagClass = "noblock"; @@ -190,38 +176,34 @@ if ($queryAds[0] === "blacklist.txt") { } } -// Merge $intBlacklist with $adlistsUrls if domain has been blacklisted or wildcarded -if (isset($intBlacklist)) $adlistsUrls = array_merge($intBlacklist, $adlistsUrls); - // Set #bpOutput notification $wlOutputClass = (isset($wlInfo) && $wlInfo === "recentwl") ? $wlInfo : "hidden"; $wlOutput = (isset($wlInfo) && $wlInfo !== "recentwl") ? "$wlInfo" : ""; -// Get Pi-hole core version -if ($phBranch !== "master") { - $phVersion = exec("cd /etc/.pihole/ && git describe --long --dirty --tags"); - $execTime = microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"]; -} else { - $phVersion = exec("cd /etc/.pihole/ && git describe --tags --abbrev=0"); -} +// Get Pi-hole Core version +$phVersion = exec("cd /etc/.pihole/ && git describe --long --tags"); + +// Print $execTime on development branches +if (substr_count("-", $phVersion) != "1") + $execTime = microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"]; ?> - + - - + + ● <?=$serverName ?> - + + + '); } elseif (!in_array($currentUrlExt, $validExtTypes) || substr_count($_SERVER["REQUEST_URI"], "?")) { - // Serve SVG upon receiving non $validExtTypes URL extension or query string (e.g: not an iframe of a blocked domain) + // Serve SVG upon receiving non $validExtTypes URL extension or query string + // e.g: Not an iframe of a blocked domain, such as when browsing to a file/query directly + // QoL addition: Allow the SVG to be clicked on in order to quickly show the full Block Page $blockImg = 'Blocked by Pi-hole'; exit(setHeader()." $viewPort @@ -88,7 +94,7 @@ if ($serverName === "pi.hole") { // Determine placeholder text based off $svPasswd presence $wlPlaceHolder = empty($svPasswd) ? "No admin password set" : "Javascript disabled"; -// Define admin email address text +// Define admin email address text based off $svEmail presence $bpAskAdmin = !empty($svEmail) ? '' : ""; // Determine if at least one block list has been generated @@ -113,8 +119,10 @@ if (empty($adlistsUrls)) // Get total number of blocklists (Including Whitelist, Blacklist & Wildcard lists) $adlistsCount = count($adlistsUrls) + 3; -// Get results of queryads.php exact search +// Set query timeout ini_set("default_socket_timeout", 3); + +// Logic for querying blocklists function queryAds($serverName) { // Determine the time it takes while querying adlists $preQueryTime = microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"]; @@ -124,32 +132,39 @@ function queryAds($serverName) { // Exception Handling try { - if ($queryTime >= ini_get("default_socket_timeout")) { + // Define Exceptions + if (strpos($queryAds[0], "No exact results") !== FALSE) { + // Return "none" into $queryAds array + return array("0" => "none"); + } else if ($queryTime >= ini_get("default_socket_timeout")) { + // Connection Timeout throw new Exception ("Connection timeout (".ini_get("default_socket_timeout")."s)"); } elseif (!strpos($queryAds[0], ".") !== false) { - if (strpos($queryAds[0], "No exact results") !== FALSE) return array("0" => "none"); + // Unknown $queryAds output throw new Exception ("Unhandled error message ($queryAds[0])"); } return $queryAds; } catch (Exception $e) { + // Return exception as array return array("0" => "error", "1" => $e->getMessage()); } - } +// Get results of queryads.php exact search $queryAds = queryAds($serverName); -if ($queryAds[0] === "error") { +// Pass error through to Block Page +if ($queryAds[0] === "error") die("[ERROR]: Unable to parse results from queryads.php: ".$queryAds[1].""); -} else { - $featuredTotal = count($queryAds); - // Place results into key => value array - $queryResults = null; - foreach ($queryAds as $str) { - $value = explode(" ", $str); - @$queryResults[$value[0]] .= "$value[1]"; - } +// Count total number of matching blocklists +$featuredTotal = count($queryAds); + +// Place results into key => value array +$queryResults = null; +foreach ($queryAds as $str) { + $value = explode(" ", $str); + @$queryResults[$value[0]] .= "$value[1]"; } // Determine if domain has been blacklisted, whitelisted, wildcarded or CNAME blocked @@ -167,7 +182,8 @@ if (strpos($queryAds[0], "blacklist") !== FALSE) { $featuredTotal = "0"; $notableFlagClass = "noblock"; - // Determine appropriate info message if CNAME exists + // QoL addition: Determine appropriate info message if CNAME exists + // Suggests to the user that $serverName has a CNAME (alias) that may be blocked $dnsRecord = dns_get_record("$serverName")[0]; if (array_key_exists("target", $dnsRecord)) { $wlInfo = $dnsRecord['target']; @@ -184,9 +200,12 @@ $wlOutput = (isset($wlInfo) && $wlInfo !== "recentwl") ? " Date: Fri, 6 Oct 2017 20:35:54 +1100 Subject: [PATCH 285/335] Condense features into three main sections * Core shows a list of common commands, linking to the new Core Function Breakdown wiki article * Core also now shows the ASCII Vortex * Web has had its preview image size reduced * FTL's functions are elaborated upon more --- README.md | 166 ++++++++++-------------------------------------------- 1 file changed, 29 insertions(+), 137 deletions(-) diff --git a/README.md b/README.md index 99ed87da..920f97f6 100644 --- a/README.md +++ b/README.md @@ -103,22 +103,27 @@ Word-of-mouth continues to help our project grow immensely, and we'd like to hel ----- ## Features -* [The Web Interface Dashboard](#the-web-interface-dashboard) -* [The Faster-Than-Light Engine](#the-faster-than-light-engine) -* [The Query Log](#the-query-log) -* [Long-term Statistics](#long-term-statistics) -* [Whitelisting and Blacklisting](#whitelisting-and-blacklisting) -* [Additional Blocklists](#additional-blocklists) -* [Enable and Disable Pi-hole](#enable-and-disable-pi-hole) -* [Tools](#tools) -* [Web Interface Settings](#web-interface-settings) -* [Built-in DHCP Server](#built-in-dhcp-server) -* [Real-time Statistics](#real-time-statistics) +### The Command Line Interface +The `pihole` command has all the functionality necessary to be able to fully administer the Pi-hole. + +Pi-hole ASCII Logo + +Some of the features include: +* [Whitelisting, Blacklisting and Wildcards](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#whitelisting-blacklisting-and-wildcards) +* [Debugging utility](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#debugger) +* [Viewing the live log file](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#tail) +* [Real-time Statistics via `ssh`](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#chronometer) or [your TFT LCD screen](http://www.amazon.com/exec/obidos/ASIN/B00ID39LM4/pihole09-20) +* [Updating Ad Lists](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#gravity) +* [Querying Ad Lists for matching domains](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#query) +* [Enabling and Disabling Pi-hole](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#enable--disable) +* ... and *many* more! + +You can read our [Core Feature Breakdown](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown), as well as read up on [example usage](https://discourse.pi-hole.net/t/the-pihole-command-with-examples/738) for more information. ### The Web Interface Dashboard -This optional [open source](https://github.com/almasaeed2010/AdminLTE) dashboard allows you to view stats, change settings, and configure your Pi-hole. +This [optional dashboard](https://github.com/pi-hole/AdminLTE) allows you to view stats, change settings, and configure your Pi-hole. It's the power of the Command Line Interface, with none of the learning curve! -![Pi-hole Dashboard](https://assets.pi-hole.net/static/dashboard.png) +Pi-hole Dashboard There are several ways to [access the dashboard](https://discourse.pi-hole.net/t/how-do-i-access-pi-holes-dashboard-admin-interface/3168): @@ -127,132 +132,19 @@ There are several ways to [access the dashboard](https://discourse.pi-hole.net/t 3. `http://pi.hole/` (when using Pi-hole as your DNS server) ## The Faster-Than-Light Engine -The [FTL API](https://github.com/pi-hole/FTL) can be accessed via the Web, Command Line and `telnet`. +The [FTL Engine](https://github.com/pi-hole/FTL) is a lightweight purpose-built daemon used to provide statistics needed for the Web Interface, and its API can be easily intergrated into your own projects. As the name implies, FTL does this all *very quickly*! -The Web (`admin/api.php`) and Command Line (`pihole -c -j`) will return `json` formatted output: -``` -{ - "domains_being_blocked":111175, - "dns_queries_today":15669, - "ads_blocked_today":1752, - "ads_percentage_today":11.181314, - "unique_domains":1178, - "queries_forwarded":9177, - "queries_cached":4740, - "unique_clients":18 -} -``` +Some of the statistics you can intergrate include: +* Total number of domains being blocked +* Total number of DNS queries today +* Total number of ads blocked today +* Percentage of ads blocked +* Unique domains +* Queries forwarded (to your chosen upstream DNS server) +* Queries cached (served by Pi-hole) +* Unique Pi-hole clients -More details on the API can be found [here](https://discourse.pi-hole.net/t/pi-hole-api/1863) and `telnet` on [the repo itself](https://github.com/pi-hole/FTL). - -### The Query Log -If enabled, the query log will show all of the DNS queries requested by clients using Pi-hole as their DNS server. Standard domains will show in green, and blocked (_Pi-holed_) domains will show in red. You can also whitelist or blacklist domains from within this section. - -

- -

- -The query log and graphs are what have helped people [discover all sorts of unexpected traffic traversing their networks](https://pi-hole.net/2017/07/06/round-3-what-really-happens-on-your-network/). - -#### Long-term Statistics -Using our FTL API, Pi-hole will store all the DNS queries in a database for later retrieval and analysis. You can view this data as a graph, individual queries, top clients/advertisers, or even query the database yourself for your own applications. - -

- -

- -### Whitelisting and Blacklisting -Domains can be [whitelisted](https://discourse.pi-hole.net/t/commonly-whitelisted-domains/212) or [blacklisted](https://discourse.pi-hole.net/t/commonly-blacklisted-domains/305) using either the dashboard, or via [the `pihole` command](https://discourse.pi-hole.net/t/the-pihole-command-with-examples/738). - -

- -

- -#### Additional Blocklists -Pi-hole's stock block lists cover over 100,000 known ad-serving domains, which helps ensure you encounter minimal false positives. You can expand the blocking power of your Pi-hole by [adding additional lists](https://discourse.pi-hole.net/t/how-do-i-add-additional-block-lists-to-pi-hole/259) such as the ones found at [The Big Blocklist Collection](https://wally3k.github.io/). - -

- -

- -### Enable and Disable Pi-hole -There are times where you may want to disable the blocking functionality, and turn it back on again. You can toggle this via the dashboard or command line. - -

- -

- -### Tools - -

- -

- -##### Update Ad Lists -This runs [`gravity`](https://github.com/pi-hole/pi-hole/blob/master/gravity.sh) which checks your source list for updates, and downloads if changes are found. - -##### Query Ad Lists -You can find out what blocklist a specific domain was found on. This is useful for troubleshooting websites that may not work properly due to a blocked domain. - -##### `tail`ing Log Files -You can [watch the log files](https://discourse.pi-hole.net/t/how-do-i-watch-and-interpret-the-pihole-log-file/276) in real time to help debug any issues, or just see what's happening on your network. - -##### Pi-hole Debugger -If you are having trouble with your Pi-hole, this is the place to go. You can run the debugger and it will attempt to diagnose any issues, and then link to an FAQ with instructions on rectifying the problem. - -

- -

- -If run [via the command line](https://discourse.pi-hole.net/t/the-pihole-command-with-examples/738#debug), you will see coloured text, which makes it easy to identify any problems. - -

- -

- -After the debugger has finished, you have the option to upload it to our secure server for 48 hours. All you need to do is provide [one of our developers](https://github.com/orgs/pi-hole/teams/debug/members) the unique token generated by the debugger via [one of the various ways of getting in touch with us](#getting-in-touch-with-us). - -

- -

- -You should be able to resolve most issues using the provided FAQ links, but we're always happy to help out if you'd like assistance! - -### Web Interface Settings -The settings page lets you control and configure your Pi-hole. You can do things like: - -- view networking information -- flush logs or disable the logging of queries -- [enable Pi-hole's built-in DHCP server](https://discourse.pi-hole.net/t/how-do-i-use-pi-holes-built-in-dhcp-server-and-why-would-i-want-to/3026) -- [manage block lists](https://discourse.pi-hole.net/t/how-do-i-add-additional-block-lists-to-pi-hole/259) -- exclude domains from the graphs and enable privacy options -- configure upstream DNS servers -- restart Pi-hole's services -- back up some of Pi-hole's important files -- and more! - -

- -

- -### Built-in DHCP Server -Pi-hole ships with a [built-in DHCP server](https://discourse.pi-hole.net/t/how-do-i-use-pi-holes-built-in-dhcp-server-and-why-would-i-want-to/3026). This allows you to let your network devices use Pi-hole as their DNS server if your router does not let you adjust the DHCP options. - -One nice feature of using Pi-hole's DHCP server if you can set hostnames and DHCP reservations so you'll [see hostnames in the query log instead of IP addresses](https://discourse.pi-hole.net/t/how-do-i-show-hostnames-instead-of-ip-addresses-in-the-dashboard/3530). You can still do this without using Pi-hole's DHCP server; it just takes a little more work. If you do plan to use Pi-hole's DHCP server, be sure to disable DHCP on your router first. - -

- -

- -### Real-time Statistics -Using [chronometer2](https://github.com/pi-hole/pi-hole/blob/master/advanced/Scripts/chronometer.sh), you can view [real-time stats](https://discourse.pi-hole.net/t/how-do-i-view-my-pi-holes-stats-over-ssh-or-on-an-lcd-using-chronometer/240) via `ssh` or on an LCD screen such as the [2.8" LCD screen from Adafruit](http://amzn.to/1P0q1Fj). - -Simply run `pihole -c` for some detailed information. - -

- -Image courtesy of /u/super_nicktendo22 -

+The API can be accessed via [`telnet`](https://github.com/pi-hole/FTL), the Web (`admin/api.php`) and Command Line (`pihole -c -j`). [More details are found here](https://discourse.pi-hole.net/t/pi-hole-api/1863). ----- From 0d286b99d5df924e606297d3144cf710c346897d Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Fri, 6 Oct 2017 20:39:01 +1100 Subject: [PATCH 286/335] Remove placeholder URL --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 920f97f6..c40a134f 100644 --- a/README.md +++ b/README.md @@ -106,7 +106,7 @@ Word-of-mouth continues to help our project grow immensely, and we'd like to hel ### The Command Line Interface The `pihole` command has all the functionality necessary to be able to fully administer the Pi-hole. -Pi-hole ASCII Logo +Pi-hole ASCII Logo Some of the features include: * [Whitelisting, Blacklisting and Wildcards](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#whitelisting-blacklisting-and-wildcards) From 114f84c948b08693bea934e822c1c4c2956e29b3 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 7 Oct 2017 17:29:47 +0200 Subject: [PATCH 287/335] Add --nuke option to list.sh that can be used e.g. by Teleporter to empty out lists before importing new content Signed-off-by: DL6ER --- advanced/Scripts/list.sh | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh index a3f3261a..98d5c399 100755 --- a/advanced/Scripts/list.sh +++ b/advanced/Scripts/list.sh @@ -49,7 +49,8 @@ Options: -nr, --noreload Update ${type}list without refreshing dnsmasq -q, --quiet Make output less verbose -h, --help Show this help dialog - -l, --list Display all your ${type}listed domains" + -l, --list Display all your ${type}listed domains + --nuke Removes all entries in a list" exit 0 } @@ -70,7 +71,7 @@ HandleOther() { validDomain=$(grep -P "^((-|_)*[a-z\d]((-|_)*[a-z\d])*(-|_)*)(\.(-|_)*([a-z\d]((-|_)*[a-z\d])*))*$" <<< "${domain}") # Valid chars check validDomain=$(grep -P "^[^\.]{1,63}(\.[^\.]{1,63})*$" <<< "${validDomain}") # Length of each label fi - + if [[ -n "${validDomain}" ]]; then domList=("${domList[@]}" ${validDomain}) else @@ -223,6 +224,12 @@ Displaylist() { exit 0; } +NukeList() { + if [[ -f "${listMain}" ]]; then + echo "" > "${listMain}" + fi +} + for var in "$@"; do case "${var}" in "-w" | "whitelist" ) listMain="${whitelist}"; listAlt="${blacklist}";; @@ -234,6 +241,7 @@ for var in "$@"; do "-q" | "--quiet" ) verbose=false;; "-h" | "--help" ) helpFunc;; "-l" | "--list" ) Displaylist;; + "--nuke" ) NukeList;; * ) HandleOther "${var}";; esac done From f22b83d379d729cf7c6c21723f2712570d3cbc34 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 7 Oct 2017 17:46:40 +0200 Subject: [PATCH 288/335] Create a backup before emptying the list Signed-off-by: DL6ER --- advanced/Scripts/list.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh index 98d5c399..a8c3a604 100755 --- a/advanced/Scripts/list.sh +++ b/advanced/Scripts/list.sh @@ -226,6 +226,9 @@ Displaylist() { NukeList() { if [[ -f "${listMain}" ]]; then + # Back up original list + cp "${listMain}" "${listMain}.bck" + # Empty out file echo "" > "${listMain}" fi } From 70ad656af0eaffb9dce7233e638428aae65be11e Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 7 Oct 2017 22:04:14 +0200 Subject: [PATCH 289/335] Save backup as ".bck~" to prevent reading of the file by dnsmasq Signed-off-by: DL6ER --- advanced/Scripts/list.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh index a8c3a604..9ddfe8f3 100755 --- a/advanced/Scripts/list.sh +++ b/advanced/Scripts/list.sh @@ -227,7 +227,7 @@ Displaylist() { NukeList() { if [[ -f "${listMain}" ]]; then # Back up original list - cp "${listMain}" "${listMain}.bck" + cp "${listMain}" "${listMain}.bck~" # Empty out file echo "" > "${listMain}" fi From 67a559490987ed700418693997697f2e8212a667 Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Sat, 7 Oct 2017 16:06:16 -0400 Subject: [PATCH 290/335] Allow emails which include `-h` in them For example, mcat12@pi-hole.net would previously spit out the help message --- advanced/Scripts/webpage.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index b0957ab4..c352f236 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -418,7 +418,7 @@ Options: } SetAdminEmail() { - if [[ "${1}" == *"-h"* ]]; then + if [[ "${1}" == "-h" || "${1}" == "--help" ]]; then echo "Usage: pihole -a email
Example: 'pihole -a email admin@address.com' Set an administrative contact address for the Block Page From bd330186604ce6053aca8da2a2d8647df057c211 Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Sun, 8 Oct 2017 12:16:05 +1100 Subject: [PATCH 291/335] Shellcheck OR validation Signed off by WaLLy3K --- advanced/Scripts/webpage.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index c352f236..d5c4d45e 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -418,7 +418,7 @@ Options: } SetAdminEmail() { - if [[ "${1}" == "-h" || "${1}" == "--help" ]]; then + if [[ "${1}" == "-h" ]] || [[ "${1}" == "--help" ]]; then echo "Usage: pihole -a email
Example: 'pihole -a email admin@address.com' Set an administrative contact address for the Block Page From 2dabacd02487d244259a7ceb3b8fb44551b0bbfe Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Mon, 9 Oct 2017 19:53:22 +1100 Subject: [PATCH 292/335] Fix minor typo Signed off by WaLLy3K --- advanced/lighttpd.conf.debian | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/lighttpd.conf.debian b/advanced/lighttpd.conf.debian index 5b317c4f..b5bece72 100644 --- a/advanced/lighttpd.conf.debian +++ b/advanced/lighttpd.conf.debian @@ -11,7 +11,7 @@ # FILE AUTOMATICALLY OVERWRITTEN BY PI-HOLE INSTALL/UPDATE PROCEDURE. # # ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE # # # -# CHANGES SHOULD BE MADE IN A SEPERATE CONFIG FILE: # +# CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE: # # /etc/lighttpd/external.conf # ############################################################################### From 51b09efceb1cb457ddba3d3d9d830c9579071031 Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Mon, 9 Oct 2017 19:53:45 +1100 Subject: [PATCH 293/335] Fix minor typo Signed off by WaLLy3K --- advanced/lighttpd.conf.fedora | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/lighttpd.conf.fedora b/advanced/lighttpd.conf.fedora index 7b2449c6..dd7ba138 100644 --- a/advanced/lighttpd.conf.fedora +++ b/advanced/lighttpd.conf.fedora @@ -13,7 +13,7 @@ # FILE AUTOMATICALLY OVERWRITTEN BY PI-HOLE INSTALL/UPDATE PROCEDURE. # # ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE # # # -# CHANGES SHOULD BE MADE IN A SEPERATE CONFIG FILE: # +# CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE: # # /etc/lighttpd/external.conf # ############################################################################### From e4b3bc4209c73c61f7e158b0073548e170bde73a Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Tue, 10 Oct 2017 13:17:33 +1100 Subject: [PATCH 294/335] Minor spacing corrections Signed off by WaLLy3K --- advanced/lighttpd.conf.fedora | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/advanced/lighttpd.conf.fedora b/advanced/lighttpd.conf.fedora index dd7ba138..43d94d84 100644 --- a/advanced/lighttpd.conf.fedora +++ b/advanced/lighttpd.conf.fedora @@ -7,8 +7,6 @@ # This file is copyright under the latest version of the EUPL. # Please see LICENSE file for your rights under this license. - - ############################################################################### # FILE AUTOMATICALLY OVERWRITTEN BY PI-HOLE INSTALL/UPDATE PROCEDURE. # # ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE # @@ -74,11 +72,12 @@ fastcgi.server = ( ".php" => # If the URL starts with /admin, it is the Web interface $HTTP["url"] =~ "^/admin/" { - # Create a response header for debugging using curl -I + # Create a response header for debugging using curl -I setenv.add-response-header = ( "X-Pi-hole" => "The Pi-hole Web interface is working!", "X-Frame-Options" => "DENY" ) + $HTTP["url"] =~ ".ttf$" { # Allow Block Page access to local fonts setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" ) From 3b300a4d6ac8c1553b17c9334bea44557f78c944 Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Fri, 13 Oct 2017 11:42:49 +1100 Subject: [PATCH 295/335] Fix query option handling Signed off by WaLLy3K --- pihole | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pihole b/pihole index 45f7ea92..8359ba45 100755 --- a/pihole +++ b/pihole @@ -154,7 +154,7 @@ Options: # Strip valid options, leaving only the domain and invalid options # This allows users to place the options before or after the domain - options=$(sed -E 's/ ?-(bp|adlists?|all|exact)//g' <<< "${options}") + options=$(sed -E 's/ ?-(bp|adlists?|all|exact) ?//g' <<< "${options}") # Handle remaining options # If $options contain non ASCII characters, convert to punycode From 1e6cc63abe6241dbb1950067cd4de39cef16deb3 Mon Sep 17 00:00:00 2001 From: bcambl Date: Thu, 12 Oct 2017 20:32:33 -0600 Subject: [PATCH 296/335] add SELinux checking to debug script --- advanced/Scripts/piholeDebug.sh | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index ea387b5a..247da3e6 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -422,6 +422,36 @@ diagnose_operating_system() { fi } +check_selinux() { + # SELinux is not supported by the Pi-hole + echo_current_diagnostic "SELinux" + # Check if a SELinux configuration file exists + if [[ -f /etc/selinux/config ]]; then + # If a SELinux configuration file was found, check the default SELinux mode. + DEFAULT_SELINUX=$(egrep -i '^SELINUX=' /etc/selinux/config | cut -d'=' -f2 | awk '{print tolower($0)}') + case $DEFAULT_SELINUX in + enforcing) + log_write "${CROSS} ${COL_LIGHT_RED}Default SELinux: $DEFAULT_SELINUX${COL_NC}" + ;; + *) # 'permissive' and 'disabled' + log_write "${TICK} ${COL_LIGHT_GREEN}Default SELinux: $DEFAULT_SELINUX${COL_NC}"; + ;; + esac + # Check the current state of SELinux + CURRENT_SELINUX=$(getenforce | awk '{print tolower($0)}') + case $CURRENT_SELINUX in + enforcing) + log_write "${CROSS} ${COL_LIGHT_RED}Current SELinux: $CURRENT_SELINUX${COL_NC}" + ;; + *) # 'permissive' and 'disabled' + log_write "${TICK} ${COL_LIGHT_GREEN}Current SELinux: $CURRENT_SELINUX${COL_NC}"; + ;; + esac + else + log_write "${TICK} ${COL_LIGHT_GREEN}SELinux not Supported${COL_NC}"; + fi +} + processor_check() { echo_current_diagnostic "Processor" # Store the processor type in a variable @@ -1119,6 +1149,7 @@ source_setup_variables check_component_versions check_critical_program_versions diagnose_operating_system +check_selinux processor_check check_networking check_name_resolution From a17d1be7a4fce73d6aa7dd2df5b439df43a9db0e Mon Sep 17 00:00:00 2001 From: bcambl Date: Thu, 12 Oct 2017 23:24:02 -0600 Subject: [PATCH 297/335] simplify selinux debug variables --- advanced/Scripts/piholeDebug.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 247da3e6..b5a1f2a5 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -428,8 +428,8 @@ check_selinux() { # Check if a SELinux configuration file exists if [[ -f /etc/selinux/config ]]; then # If a SELinux configuration file was found, check the default SELinux mode. - DEFAULT_SELINUX=$(egrep -i '^SELINUX=' /etc/selinux/config | cut -d'=' -f2 | awk '{print tolower($0)}') - case $DEFAULT_SELINUX in + DEFAULT_SELINUX=$(awk -F= '/^SELINUX=/ {print $2}' /etc/selinux/config) + case "${DEFAULT_SELINUX,,}" in enforcing) log_write "${CROSS} ${COL_LIGHT_RED}Default SELinux: $DEFAULT_SELINUX${COL_NC}" ;; @@ -438,8 +438,8 @@ check_selinux() { ;; esac # Check the current state of SELinux - CURRENT_SELINUX=$(getenforce | awk '{print tolower($0)}') - case $CURRENT_SELINUX in + CURRENT_SELINUX=$(getenforce) + case "${CURRENT_SELINUX,,}" in enforcing) log_write "${CROSS} ${COL_LIGHT_RED}Current SELinux: $CURRENT_SELINUX${COL_NC}" ;; From 8aceb8bf539a999e962ba71b2a7c9147fdf0a2bd Mon Sep 17 00:00:00 2001 From: bcambl Date: Thu, 12 Oct 2017 23:29:04 -0600 Subject: [PATCH 298/335] replace deprecated colors in debug script - COL_LIGHT_GREEN -> COL_GREEN - COL_LIGHT_RED -> COL_RED - COL_LIGHT_PURPLE -> COL_PURPLE --- advanced/Scripts/piholeDebug.sh | 148 ++++++++++++++++---------------- 1 file changed, 74 insertions(+), 74 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index b5a1f2a5..62fefb17 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -30,12 +30,12 @@ if [[ -f ${PIHOLE_COLTABLE_FILE} ]]; then else COL_NC='\e[0m' # No Color COL_YELLOW='\e[1;33m' - COL_LIGHT_PURPLE='\e[1;35m' + COL_PURPLE='\e[1;35m' COL_CYAN='\e[0;36m' - TICK="[${COL_LIGHT_GREEN}✓${COL_NC}]" - CROSS="[${COL_LIGHT_RED}✗${COL_NC}]" + TICK="[${COL_GREEN}✓${COL_NC}]" + CROSS="[${COL_RED}✗${COL_NC}]" INFO="[i]" - DONE="${COL_LIGHT_GREEN} done!${COL_NC}" + DONE="${COL_GREEN} done!${COL_NC}" OVER="\r\033[K" fi @@ -175,7 +175,7 @@ show_disclaimer(){ source_setup_variables() { # Display the current test that is running - log_write "\n${COL_LIGHT_PURPLE}*** [ INITIALIZING ]${COL_NC} Sourcing setup variables" + log_write "\n${COL_PURPLE}*** [ INITIALIZING ]${COL_NC} Sourcing setup variables" # If the variable file exists, if ls "${PIHOLE_SETUP_VARS_FILE}" 1> /dev/null 2>&1; then log_write "${INFO} Sourcing ${PIHOLE_SETUP_VARS_FILE}..."; @@ -183,7 +183,7 @@ source_setup_variables() { source ${PIHOLE_SETUP_VARS_FILE} else # If it can't, show an error - log_write "${PIHOLE_SETUP_VARS_FILE} ${COL_LIGHT_RED}does not exist or cannot be read.${COL_NC}" + log_write "${PIHOLE_SETUP_VARS_FILE} ${COL_RED}does not exist or cannot be read.${COL_NC}" fi } @@ -219,7 +219,7 @@ initiate_debug() { clear show_disclaimer # Display that the debug process is beginning - log_write "${COL_LIGHT_PURPLE}*** [ INITIALIZING ]${COL_NC}" + log_write "${COL_PURPLE}*** [ INITIALIZING ]${COL_NC}" # Timestamp the start of the log log_write "${INFO} $(date "+%Y-%m-%d:%H:%M:%S") debug log has been initiated." } @@ -230,7 +230,7 @@ initiate_debug() { echo_current_diagnostic() { # Colors are used for visually distinguishing each test in the output # These colors do not show in the GUI, but the formatting will - log_write "\n${COL_LIGHT_PURPLE}*** [ DIAGNOSING ]:${COL_NC} ${1}" + log_write "\n${COL_PURPLE}*** [ DIAGNOSING ]:${COL_NC} ${1}" } compare_local_version_to_git_version() { @@ -255,7 +255,7 @@ compare_local_version_to_git_version() { # move into it cd "${git_dir}" || \ # If not, show an error - log_write "${COL_LIGHT_RED}Could not cd into ${git_dir}$COL_NC" + log_write "${COL_RED}Could not cd into ${git_dir}$COL_NC" if git status &> /dev/null; then # The current version the user is on local remote_version @@ -269,7 +269,7 @@ compare_local_version_to_git_version() { # echo this information out to the user in a nice format # If the current version matches what pihole -v produces, the user is up-to-date if [[ "${remote_version}" == "$(pihole -v | awk '/${search_term}/ {print $6}' | cut -d ')' -f1)" ]]; then - log_write "${TICK} ${pihole_component}: ${COL_LIGHT_GREEN}${remote_version}${COL_NC}" + log_write "${TICK} ${pihole_component}: ${COL_GREEN}${remote_version}${COL_NC}" # If not, else # echo the current version in yellow, signifying it's something to take a look at, but not a critical error @@ -280,7 +280,7 @@ compare_local_version_to_git_version() { # If the repo is on the master branch, they are on the stable codebase if [[ "${remote_branch}" == "master" ]]; then # so the color of the text is green - log_write "${INFO} Branch: ${COL_LIGHT_GREEN}${remote_branch}${COL_NC}" + log_write "${INFO} Branch: ${COL_GREEN}${remote_branch}${COL_NC}" # If it is any other branch, they are in a developement branch else # So show that in yellow, signifying it's something to take a look at, but not a critical error @@ -308,7 +308,7 @@ check_ftl_version() { # Compare the current FTL version to the remote version if [[ "${FTL_VERSION}" == "$(pihole -v | awk '/FTL/ {print $6}' | cut -d ')' -f1)" ]]; then # If they are the same, FTL is up-to-date - log_write "${TICK} ${ftl_name}: ${COL_LIGHT_GREEN}${FTL_VERSION}${COL_NC}" + log_write "${TICK} ${ftl_name}: ${COL_GREEN}${FTL_VERSION}${COL_NC}" else # If not, show it in yellow, signifying there is an update log_write "${TICK} ${ftl_name}: ${COL_YELLOW}${FTL_VERSION}${COL_NC} (${FAQ_UPDATE_PI_HOLE})" @@ -345,7 +345,7 @@ get_program_version() { # If the program does not have a version (the variable is empty) if [[ -z "${program_version}" ]]; then # Display and error - log_write "${CROSS} ${COL_LIGHT_RED}${program_name} version could not be detected.${COL_NC}" + log_write "${CROSS} ${COL_RED}${program_name} version could not be detected.${COL_NC}" else # Otherwise, display the version log_write "${INFO} ${program_version}" @@ -368,13 +368,13 @@ is_os_supported() { # If the variable is one of our supported OSes, case "${the_os}" in # Print it in green - "Raspbian") log_write "${TICK} ${COL_LIGHT_GREEN}${os_to_check}${COL_NC}";; - "Ubuntu") log_write "${TICK} ${COL_LIGHT_GREEN}${os_to_check}${COL_NC}";; - "Fedora") log_write "${TICK} ${COL_LIGHT_GREEN}${os_to_check}${COL_NC}";; - "Debian") log_write "${TICK} ${COL_LIGHT_GREEN}${os_to_check}${COL_NC}";; - "CentOS") log_write "${TICK} ${COL_LIGHT_GREEN}${os_to_check}${COL_NC}";; + "Raspbian") log_write "${TICK} ${COL_GREEN}${os_to_check}${COL_NC}";; + "Ubuntu") log_write "${TICK} ${COL_GREEN}${os_to_check}${COL_NC}";; + "Fedora") log_write "${TICK} ${COL_GREEN}${os_to_check}${COL_NC}";; + "Debian") log_write "${TICK} ${COL_GREEN}${os_to_check}${COL_NC}";; + "CentOS") log_write "${TICK} ${COL_GREEN}${os_to_check}${COL_NC}";; # If not, show it in red and link to our software requirements page - *) log_write "${CROSS} ${COL_LIGHT_RED}${os_to_check}${COL_NC} (${FAQ_HARDWARE_REQUIREMENTS})"; + *) log_write "${CROSS} ${COL_RED}${os_to_check}${COL_NC} (${FAQ_HARDWARE_REQUIREMENTS})"; esac } @@ -418,7 +418,7 @@ diagnose_operating_system() { get_distro_attributes else # If it doesn't exist, it's not a system we currently support and link to FAQ - log_write "${CROSS} ${COL_LIGHT_RED}${error_msg}${COL_NC} (${FAQ_HARDWARE_REQUIREMENTS})" + log_write "${CROSS} ${COL_RED}${error_msg}${COL_NC} (${FAQ_HARDWARE_REQUIREMENTS})" fi } @@ -431,24 +431,24 @@ check_selinux() { DEFAULT_SELINUX=$(awk -F= '/^SELINUX=/ {print $2}' /etc/selinux/config) case "${DEFAULT_SELINUX,,}" in enforcing) - log_write "${CROSS} ${COL_LIGHT_RED}Default SELinux: $DEFAULT_SELINUX${COL_NC}" + log_write "${CROSS} ${COL_RED}Default SELinux: $DEFAULT_SELINUX${COL_NC}" ;; *) # 'permissive' and 'disabled' - log_write "${TICK} ${COL_LIGHT_GREEN}Default SELinux: $DEFAULT_SELINUX${COL_NC}"; + log_write "${TICK} ${COL_GREEN}Default SELinux: $DEFAULT_SELINUX${COL_NC}"; ;; esac # Check the current state of SELinux CURRENT_SELINUX=$(getenforce) case "${CURRENT_SELINUX,,}" in enforcing) - log_write "${CROSS} ${COL_LIGHT_RED}Current SELinux: $CURRENT_SELINUX${COL_NC}" + log_write "${CROSS} ${COL_RED}Current SELinux: $CURRENT_SELINUX${COL_NC}" ;; *) # 'permissive' and 'disabled' - log_write "${TICK} ${COL_LIGHT_GREEN}Current SELinux: $CURRENT_SELINUX${COL_NC}"; + log_write "${TICK} ${COL_GREEN}Current SELinux: $CURRENT_SELINUX${COL_NC}"; ;; esac else - log_write "${TICK} ${COL_LIGHT_GREEN}SELinux not Supported${COL_NC}"; + log_write "${TICK} ${COL_GREEN}SELinux not Supported${COL_NC}"; fi } @@ -460,19 +460,19 @@ processor_check() { if [[ -z "${PROCESSOR}" ]]; then # we couldn't detect it, so show an error PROCESSOR=$(lscpu | awk '/Architecture/ {print $2}') - log_write "${CROSS} ${COL_LIGHT_RED}${PROCESSOR}${COL_NC} has not been tested with FTL, but may still work: (${FAQ_FTL_COMPATIBILITY})" + log_write "${CROSS} ${COL_RED}${PROCESSOR}${COL_NC} has not been tested with FTL, but may still work: (${FAQ_FTL_COMPATIBILITY})" else # Check if the architecture is currently supported for FTL case "${PROCESSOR}" in - "amd64") "${TICK} ${COL_LIGHT_GREEN}${PROCESSOR}${COL_NC}" + "amd64") "${TICK} ${COL_GREEN}${PROCESSOR}${COL_NC}" ;; - "armv6l") "${TICK} ${COL_LIGHT_GREEN}${PROCESSOR}${COL_NC}" + "armv6l") "${TICK} ${COL_GREEN}${PROCESSOR}${COL_NC}" ;; - "armv6") "${TICK} ${COL_LIGHT_GREEN}${PROCESSOR}${COL_NC}" + "armv6") "${TICK} ${COL_GREEN}${PROCESSOR}${COL_NC}" ;; - "armv7l") "${TICK} ${COL_LIGHT_GREEN}${PROCESSOR}${COL_NC}" + "armv7l") "${TICK} ${COL_GREEN}${PROCESSOR}${COL_NC}" ;; - "aarch64") "${TICK} ${COL_LIGHT_GREEN}${PROCESSOR}${COL_NC}" + "aarch64") "${TICK} ${COL_GREEN}${PROCESSOR}${COL_NC}" ;; # Otherwise, show the processor type *) log_write "${INFO} ${PROCESSOR}"; @@ -488,7 +488,7 @@ parse_setup_vars() { parse_file "${PIHOLE_SETUP_VARS_FILE}" else # If not, show an error - log_write "${CROSS} ${COL_LIGHT_RED}Could not read ${PIHOLE_SETUP_VARS_FILE}.${COL_NC}" + log_write "${CROSS} ${COL_RED}Could not read ${PIHOLE_SETUP_VARS_FILE}.${COL_NC}" fi } @@ -504,10 +504,10 @@ does_ip_match_setup_vars() { # Strip off the / (CIDR notation) if [[ "${ip_address%/*}" == "${setup_vars_ip%/*}" ]]; then # if it matches, show it in green - log_write " ${COL_LIGHT_GREEN}${ip_address%/*}${COL_NC} matches the IP found in ${PIHOLE_SETUP_VARS_FILE}" + log_write " ${COL_GREEN}${ip_address%/*}${COL_NC} matches the IP found in ${PIHOLE_SETUP_VARS_FILE}" else # otherwise show it in red with an FAQ URL - log_write " ${COL_LIGHT_RED}${ip_address%/*}${COL_NC} does not match the IP found in ${PIHOLE_SETUP_VARS_FILE} (${FAQ_ULA})" + log_write " ${COL_RED}${ip_address%/*}${COL_NC} does not match the IP found in ${PIHOLE_SETUP_VARS_FILE} (${FAQ_ULA})" fi else @@ -515,10 +515,10 @@ does_ip_match_setup_vars() { # since it exists in the setupVars.conf that way if [[ "${ip_address}" == "${setup_vars_ip}" ]]; then # show in green if it matches - log_write " ${COL_LIGHT_GREEN}${ip_address}${COL_NC} matches the IP found in ${PIHOLE_SETUP_VARS_FILE}" + log_write " ${COL_GREEN}${ip_address}${COL_NC} matches the IP found in ${PIHOLE_SETUP_VARS_FILE}" else # otherwise show it in red - log_write " ${COL_LIGHT_RED}${ip_address}${COL_NC} does not match the IP found in ${PIHOLE_SETUP_VARS_FILE} (${FAQ_ULA})" + log_write " ${COL_RED}${ip_address}${COL_NC} does not match the IP found in ${PIHOLE_SETUP_VARS_FILE} (${FAQ_ULA})" fi fi } @@ -546,7 +546,7 @@ detect_ip_addresses() { log_write "" else # If there are no IPs detected, explain that the protocol is not configured - log_write "${CROSS} ${COL_LIGHT_RED}No IPv${protocol} address(es) found on the ${PIHOLE_INTERFACE}${COL_NC} interace.\n" + log_write "${CROSS} ${COL_RED}No IPv${protocol} address(es) found on the ${PIHOLE_INTERFACE}${COL_NC} interace.\n" return 1 fi # If the protocol is v6 @@ -593,13 +593,13 @@ ping_gateway() { # If pinging the gateway is not successful, if ! ${cmd} -c 3 -W 2 -n ${gateway} -I ${PIHOLE_INTERFACE} >/dev/null; then # let the user know - log_write "${CROSS} ${COL_LIGHT_RED}Gateway did not respond.${COL_NC} ($FAQ_GATEWAY)\n" + log_write "${CROSS} ${COL_RED}Gateway did not respond.${COL_NC} ($FAQ_GATEWAY)\n" # and return an error code return 1 # Otherwise, else # show a success - log_write "${TICK} ${COL_LIGHT_GREEN}Gateway responded.${COL_NC}" + log_write "${TICK} ${COL_GREEN}Gateway responded.${COL_NC}" # and return a success code return 0 fi @@ -614,11 +614,11 @@ ping_internet() { # Try to ping the address 3 times if ! ${cmd} -W 2 -c 3 -n ${public_address} -I ${PIHOLE_INTERFACE} >/dev/null; then # if it's unsuccessful, show an error - log_write "${CROSS} ${COL_LIGHT_RED}Cannot reach the Internet.${COL_NC}\n" + log_write "${CROSS} ${COL_RED}Cannot reach the Internet.${COL_NC}\n" return 1 else # Otherwise, show success - log_write "${TICK} ${COL_LIGHT_GREEN}Query responded.${COL_NC}\n" + log_write "${TICK} ${COL_GREEN}Query responded.${COL_NC}\n" return 0 fi } @@ -631,11 +631,11 @@ compare_port_to_service_assigned() { local ftl="pihole-FTL" if [[ "${service_name}" == "${resolver}" ]] || [[ "${service_name}" == "${web_server}" ]] || [[ "${service_name}" == "${ftl}" ]]; then # if port 53 is dnsmasq, show it in green as it's standard - log_write "[${COL_LIGHT_GREEN}${port_number}${COL_NC}] is in use by ${COL_LIGHT_GREEN}${service_name}${COL_NC}" + log_write "[${COL_GREEN}${port_number}${COL_NC}] is in use by ${COL_GREEN}${service_name}${COL_NC}" # Otherwise, else # Show the service name in red since it's non-standard - log_write "[${COL_LIGHT_RED}${port_number}${COL_NC}] is in use by ${COL_LIGHT_RED}${service_name}${COL_NC} (${FAQ_HARDWARE_REQUIREMENTS_PORTS})" + log_write "[${COL_RED}${port_number}${COL_NC}] is in use by ${COL_RED}${service_name}${COL_NC} (${FAQ_HARDWARE_REQUIREMENTS_PORTS})" fi } @@ -711,21 +711,21 @@ check_x_headers() { # If the X-header found by curl matches what is should be, if [[ $block_page == "$block_page_working" ]]; then # display a success message - log_write "$TICK ${COL_LIGHT_GREEN}${block_page}${COL_NC}" + log_write "$TICK ${COL_GREEN}${block_page}${COL_NC}" else # Otherwise, show an error - log_write "$CROSS ${COL_LIGHT_RED}X-Header does not match or could not be retrieved.${COL_NC}" - log_write "${COL_LIGHT_RED}${full_curl_output_block_page}${COL_NC}" + log_write "$CROSS ${COL_RED}X-Header does not match or could not be retrieved.${COL_NC}" + log_write "${COL_RED}${full_curl_output_block_page}${COL_NC}" fi # Same logic applies to the dashbord as above, if the X-Header matches what a working system shoud have, if [[ $dashboard == "$dashboard_working" ]]; then # then we can show a success - log_write "$TICK ${COL_LIGHT_GREEN}${dashboard}${COL_NC}" + log_write "$TICK ${COL_GREEN}${dashboard}${COL_NC}" else # Othewise, it's a failure since the X-Headers either don't exist or have been modified in some way - log_write "$CROSS ${COL_LIGHT_RED}X-Header does not match or could not be retrieved.${COL_NC}" - log_write "${COL_LIGHT_RED}${full_curl_output_dashboard}${COL_NC}" + log_write "$CROSS ${COL_RED}X-Header does not match or could not be retrieved.${COL_NC}" + log_write "${COL_RED}${full_curl_output_dashboard}${COL_NC}" fi } @@ -770,10 +770,10 @@ dig_at() { # First, do a dig on localhost to see if Pi-hole can use itself to block a domain if local_dig=$(dig +tries=1 +time=2 -"${protocol}" "${random_url}" @${local_address} +short "${record_type}"); then # If it can, show sucess - log_write "${TICK} ${random_url} ${COL_LIGHT_GREEN}is ${local_dig}${COL_NC} via ${COL_CYAN}localhost$COL_NC (${local_address})" + log_write "${TICK} ${random_url} ${COL_GREEN}is ${local_dig}${COL_NC} via ${COL_CYAN}localhost$COL_NC (${local_address})" else # Otherwise, show a failure - log_write "${CROSS} ${COL_LIGHT_RED}Failed to resolve${COL_NC} ${random_url} via ${COL_LIGHT_RED}localhost${COL_NC} (${local_address})" + log_write "${CROSS} ${COL_RED}Failed to resolve${COL_NC} ${random_url} via ${COL_RED}localhost${COL_NC} (${local_address})" fi # Next we need to check if Pi-hole can resolve a domain when the query is sent to it's IP address @@ -784,20 +784,20 @@ dig_at() { # If Pi-hole can dig itself from it's IP (not the loopback address) if pihole_dig=$(dig +tries=1 +time=2 -"${protocol}" "${random_url}" @${pihole_address} +short "${record_type}"); then # show a success - log_write "${TICK} ${random_url} ${COL_LIGHT_GREEN}is ${pihole_dig}${COL_NC} via ${COL_CYAN}Pi-hole${COL_NC} (${pihole_address})" + log_write "${TICK} ${random_url} ${COL_GREEN}is ${pihole_dig}${COL_NC} via ${COL_CYAN}Pi-hole${COL_NC} (${pihole_address})" else # Othewise, show a failure - log_write "${CROSS} ${COL_LIGHT_RED}Failed to resolve${COL_NC} ${random_url} via ${COL_LIGHT_RED}Pi-hole${COL_NC} (${pihole_address})" + log_write "${CROSS} ${COL_RED}Failed to resolve${COL_NC} ${random_url} via ${COL_RED}Pi-hole${COL_NC} (${pihole_address})" fi # Finally, we need to make sure legitimate queries can out to the Internet using an external, public DNS server # We are using the static remote_url here instead of a random one because we know it works with IPv4 and IPv6 if remote_dig=$(dig +tries=1 +time=2 -"${protocol}" "${remote_url}" @${remote_address} +short "${record_type}" | head -n1); then # If successful, the real IP of the domain will be returned instead of Pi-hole's IP - log_write "${TICK} ${remote_url} ${COL_LIGHT_GREEN}is ${remote_dig}${COL_NC} via ${COL_CYAN}a remote, public DNS server${COL_NC} (${remote_address})" + log_write "${TICK} ${remote_url} ${COL_GREEN}is ${remote_dig}${COL_NC} via ${COL_CYAN}a remote, public DNS server${COL_NC} (${remote_address})" else # Otherwise, show an error - log_write "${CROSS} ${COL_LIGHT_RED}Failed to resolve${COL_NC} ${remote_url} via ${COL_LIGHT_RED}a remote, public DNS server${COL_NC} (${remote_address})" + log_write "${CROSS} ${COL_RED}Failed to resolve${COL_NC} ${remote_url} via ${COL_RED}a remote, public DNS server${COL_NC} (${remote_address})" fi } @@ -813,10 +813,10 @@ process_status(){ # and print it out to the user if [[ "${status_of_process}" == "active" ]]; then # If it's active, show it in green - log_write "${TICK} ${COL_LIGHT_GREEN}${i}${COL_NC} daemon is ${COL_LIGHT_GREEN}${status_of_process}${COL_NC}" + log_write "${TICK} ${COL_GREEN}${i}${COL_NC} daemon is ${COL_GREEN}${status_of_process}${COL_NC}" else # If it's not, show it in red - log_write "${CROSS} ${COL_LIGHT_RED}${i}${COL_NC} daemon is ${COL_LIGHT_RED}${status_of_process}${COL_NC}" + log_write "${CROSS} ${COL_RED}${i}${COL_NC} daemon is ${COL_RED}${status_of_process}${COL_NC}" fi done } @@ -915,7 +915,7 @@ dir_check() { : else # Otherwise, show an error - log_write "${COL_LIGHT_RED}${directory} does not exist.${COL_NC}" + log_write "${COL_RED}${directory} does not exist.${COL_NC}" fi done } @@ -944,7 +944,7 @@ list_files_in_dir() { for i in "${!REQUIRED_FILES[@]}"; do if [[ "${dir_to_parse}/${each_file}" == ${REQUIRED_FILES[$i]} ]]; then # display the filename - log_write "\n${COL_LIGHT_GREEN}$(ls -ld ${dir_to_parse}/${each_file})${COL_NC}" + log_write "\n${COL_GREEN}$(ls -ld ${dir_to_parse}/${each_file})${COL_NC}" # Check if the file we want to view has a limit (because sometimes we just need a little bit of info from the file, not the entire thing) case "${dir_to_parse}/${each_file}" in # If it's Web server error log, just give the first 25 lines @@ -993,7 +993,7 @@ analyze_gravity_list() { # Get the lines that are in the file(s) and store them in an array for parsing later IFS=$'\r\n' local gravity_permissions=$(ls -ld "${PIHOLE_BLOCKLIST_FILE}") - log_write "${COL_LIGHT_GREEN}${gravity_permissions}${COL_NC}" + log_write "${COL_GREEN}${gravity_permissions}${COL_NC}" local gravity_head=() gravity_head=( $(head -n 4 ${PIHOLE_BLOCKLIST_FILE}) ) log_write " ${COL_CYAN}-----head of $(basename ${PIHOLE_BLOCKLIST_FILE})------${COL_NC}" @@ -1019,7 +1019,7 @@ analyze_pihole_log() { # Get the lines that are in the file(s) and store them in an array for parsing later IFS=$'\r\n' local pihole_log_permissions=$(ls -ld "${PIHOLE_LOG}") - log_write "${COL_LIGHT_GREEN}${pihole_log_permissions}${COL_NC}" + log_write "${COL_GREEN}${pihole_log_permissions}${COL_NC}" local pihole_log_head=() pihole_log_head=( $(head -n 20 ${PIHOLE_LOG}) ) log_write " ${COL_CYAN}-----head of $(basename ${PIHOLE_LOG})------${COL_NC}" @@ -1038,7 +1038,7 @@ analyze_pihole_log() { # If the variable contains a value, it found an error in the log if [[ -n ${error_to_check_for} ]]; then # So we can print it in red to make it visible to the user - log_write " ${CROSS} ${COL_LIGHT_RED}${head_line}${COL_NC} (${FAQ_BAD_ADDRESS})" + log_write " ${CROSS} ${COL_RED}${head_line}${COL_NC} (${FAQ_BAD_ADDRESS})" else # If the variable does not a value (the current default behavior), so do not obfuscate anything if [[ -z ${OBFUSCATE} ]]; then @@ -1067,7 +1067,7 @@ tricorder_use_nc_or_ssl() { # Check for openssl first since encryption is a good thing if command -v openssl &> /dev/null; then # If the command exists, - log_write " * Using ${COL_LIGHT_GREEN}openssl${COL_NC} for transmission." + log_write " * Using ${COL_GREEN}openssl${COL_NC} for transmission." # encrypt and transmit the log and store the token returned in a variable tricorder_token=$(< ${PIHOLE_DEBUG_LOG_SANITIZED} openssl s_client -quiet -connect tricorder.pi-hole.net:${TRICORDER_SSL_PORT_NUMBER} 2> /dev/null) # Otherwise, @@ -1088,9 +1088,9 @@ upload_to_tricorder() { # Let the user know debugging is complete with something strikingly visual log_write "" - log_write "${COL_LIGHT_PURPLE}********************************************${COL_NC}" - log_write "${COL_LIGHT_PURPLE}********************************************${COL_NC}" - log_write "${TICK} ${COL_LIGHT_GREEN}** FINISHED DEBUGGING! **${COL_NC}\n" + log_write "${COL_PURPLE}********************************************${COL_NC}" + log_write "${COL_PURPLE}********************************************${COL_NC}" + log_write "${TICK} ${COL_GREEN}** FINISHED DEBUGGING! **${COL_NC}\n" # Provide information on what they should do with their token log_write " * The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only." @@ -1112,7 +1112,7 @@ upload_to_tricorder() { # If they say yes, run our function for uploading the log [yY][eE][sS]|[yY]) tricorder_use_nc_or_ssl;; # If they choose no, just exit out of the script - *) log_write " * Log will ${COL_LIGHT_GREEN}NOT${COL_NC} be uploaded to tricorder.";exit; + *) log_write " * Log will ${COL_GREEN}NOT${COL_NC} be uploaded to tricorder.";exit; esac fi # Check if tricorder.pi-hole.net is reachable and provide token @@ -1121,19 +1121,19 @@ upload_to_tricorder() { # Again, try to make this visually striking so the user realizes they need to do something with this information # Namely, provide the Pi-hole devs with the token log_write "" - log_write "${COL_LIGHT_PURPLE}***********************************${COL_NC}" - log_write "${COL_LIGHT_PURPLE}***********************************${COL_NC}" - log_write "${TICK} Your debug token is: ${COL_LIGHT_GREEN}${tricorder_token}${COL_NC}" - log_write "${COL_LIGHT_PURPLE}***********************************${COL_NC}" - log_write "${COL_LIGHT_PURPLE}***********************************${COL_NC}" + log_write "${COL_PURPLE}***********************************${COL_NC}" + log_write "${COL_PURPLE}***********************************${COL_NC}" + log_write "${TICK} Your debug token is: ${COL_GREEN}${tricorder_token}${COL_NC}" + log_write "${COL_PURPLE}***********************************${COL_NC}" + log_write "${COL_PURPLE}***********************************${COL_NC}" log_write "" log_write " * Provide the token above to the Pi-hole team for assistance at" log_write " * ${FORUMS_URL}" - log_write " * Your log will self-destruct on our server after ${COL_LIGHT_RED}48 hours${COL_NC}." + log_write " * Your log will self-destruct on our server after ${COL_RED}48 hours${COL_NC}." # If no token was generated else # Show an error and some help instructions - log_write "${CROSS} ${COL_LIGHT_RED}There was an error uploading your debug log.${COL_NC}" + log_write "${CROSS} ${COL_RED}There was an error uploading your debug log.${COL_NC}" log_write " * Please try again or contact the Pi-hole team for assistance." fi # Finally, show where the log file is no matter the outcome of the function so users can look at it From 7d76db00acf44a71554e8f062936eaae1cffba98 Mon Sep 17 00:00:00 2001 From: bcambl Date: Fri, 13 Oct 2017 08:58:35 -0600 Subject: [PATCH 299/335] update 'SELinux not detected' message --- advanced/Scripts/piholeDebug.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 62fefb17..d8b976b8 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -448,7 +448,7 @@ check_selinux() { ;; esac else - log_write "${TICK} ${COL_GREEN}SELinux not Supported${COL_NC}"; + log_write "${INFO} ${COL_GREEN}SELinux not detected${COL_NC}"; fi } From 31730e71974482e513854f62a6f3e0b8201f9b0c Mon Sep 17 00:00:00 2001 From: bcambl Date: Fri, 13 Oct 2017 09:14:19 -0600 Subject: [PATCH 300/335] add missing colors to COL_TABLE fallback --- advanced/Scripts/piholeDebug.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index d8b976b8..b6ec38de 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -29,6 +29,8 @@ if [[ -f ${PIHOLE_COLTABLE_FILE} ]]; then source ${PIHOLE_COLTABLE_FILE} else COL_NC='\e[0m' # No Color + COL_RED='\e[1;91m' + COL_GREEN='\e[1;32m' COL_YELLOW='\e[1;33m' COL_PURPLE='\e[1;35m' COL_CYAN='\e[0;36m' From 80c40e605078767845b2663eeb516666aa7e410b Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Mon, 16 Oct 2017 10:12:27 +1100 Subject: [PATCH 301/335] Prevent full stop being interpreted as regex Signed off by WaLLy3K --- pihole | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pihole b/pihole index 8359ba45..839ea8cd 100755 --- a/pihole +++ b/pihole @@ -85,7 +85,8 @@ updateGravityFunc() { # Scan an array of files for matching strings scanList(){ - local domain="${1}" lists="${2}" type="${3:-}" + # Escape full stops + local domain="${1//./\\.}" lists="${2}" type="${3:-}" # Prevent grep from printing file path cd "/etc/pihole" || exit 1 From 645d8e0ebd54787e9a24389fcd5a752c208736fe Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Thu, 19 Oct 2017 17:51:20 +1100 Subject: [PATCH 302/335] Fix issue where wildcarding didn't restart dnsmasq Signed off by WaLLy3K --- pihole | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pihole b/pihole index 839ea8cd..80cdefe7 100755 --- a/pihole +++ b/pihole @@ -336,7 +336,7 @@ restartDNS() { if [[ "${svcOption}" =~ "reload" ]]; then # Using SIGHUP will NOT re-read any *.conf files svc="killall -s SIGHUP dnsmasq" - elif [[ -z "${svcOption}" ]]; then + else # Get PID of dnsmasq to determine if it needs to start or restart if pidof dnsmasq &> /dev/null; then svcOption="restart" From 8b0785996e52ae19f89262fe542d94c8f8990078 Mon Sep 17 00:00:00 2001 From: bcambl Date: Thu, 19 Oct 2017 22:39:43 -0600 Subject: [PATCH 303/335] remove .pullapprove.yml from .gitignore Closes #1535 --- .gitignore | 1 - 1 file changed, 1 deletion(-) diff --git a/.gitignore b/.gitignore index 91014dcd..0e0d4b99 100644 --- a/.gitignore +++ b/.gitignore @@ -3,4 +3,3 @@ *.swp __pycache__ .cache -.pullapprove.yml From 0f868f7649417d6cf5b4fcbe3f640645825a92bf Mon Sep 17 00:00:00 2001 From: bcambl Date: Thu, 19 Oct 2017 22:57:07 -0600 Subject: [PATCH 304/335] remove un-used DONE variable (still available via sourced COL_TABLE on line 29) --- advanced/Scripts/piholeDebug.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index b6ec38de..43393ee9 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -37,7 +37,6 @@ else TICK="[${COL_GREEN}✓${COL_NC}]" CROSS="[${COL_RED}✗${COL_NC}]" INFO="[i]" - DONE="${COL_GREEN} done!${COL_NC}" OVER="\r\033[K" fi From 85d159bdd185b60c3edb4fcb3e091258a302663d Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 21 Oct 2017 15:52:53 +0200 Subject: [PATCH 305/335] Randomize gravity update time Signed-off-by: DL6ER --- advanced/pihole.cron | 4 ++-- automated install/basic-install.sh | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/advanced/pihole.cron b/advanced/pihole.cron index f1beb08c..bb0d20d8 100644 --- a/advanced/pihole.cron +++ b/advanced/pihole.cron @@ -14,8 +14,8 @@ # is updated or re-installed. Please make any changes to the appropriate crontab # or other cron file snippets. -# Pi-hole: Update the ad sources once a week on Sunday at 01:59 -# Download any updates from the adlists +# Pi-hole: Update the ad sources once a week on Sunday at a random time in the +# early morning. Download any updates from the adlists 59 1 * * 7 root PATH="$PATH:/usr/local/bin/" pihole updateGravity # Pi-hole: Update Pi-hole! Uncomment to enable auto update diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 6eca6868..202b662d 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1356,6 +1356,8 @@ installCron() { echo -ne " ${INFO} ${str}..." # Copy the cron file over from the local repo cp ${PI_HOLE_LOCAL_REPO}/advanced/pihole.cron /etc/cron.d/pihole + # Randomize gravity update time + sed -i "s/59 1/$((RANDOM % 60)) $((RANDOM % 2))/" /etc/cron.d/pihole echo -e "${OVER} ${TICK} ${str}" } From c34c3eb016bcd3a7bae51c462d4e514f4c916ffb Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 21 Oct 2017 15:58:37 +0200 Subject: [PATCH 306/335] Shift randomized time interval from 00:00-01:59 to 02:00-03:59 --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 202b662d..62b9cc3a 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1357,7 +1357,7 @@ installCron() { # Copy the cron file over from the local repo cp ${PI_HOLE_LOCAL_REPO}/advanced/pihole.cron /etc/cron.d/pihole # Randomize gravity update time - sed -i "s/59 1/$((RANDOM % 60)) $((RANDOM % 2))/" /etc/cron.d/pihole + sed -i "s/59 1/$((RANDOM % 60)) $((2 + RANDOM % 2))/" /etc/cron.d/pihole echo -e "${OVER} ${TICK} ${str}" } From 2390b803590b99b7babaac0d467404d8c086929e Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Wed, 25 Oct 2017 21:04:43 +1100 Subject: [PATCH 307/335] Silence non-numeric domains_being_blocked output * Round $cpu_mhz to 1 decimal place * Remove ".0" from $cpu_freq * Silence non-numeric domains_being_blocked output * Use "Core" and "Web" as appropriate Signed off by WaLLy3K --- advanced/Scripts/chronometer.sh | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/advanced/Scripts/chronometer.sh b/advanced/Scripts/chronometer.sh index a9ccf900..8599e995 100755 --- a/advanced/Scripts/chronometer.sh +++ b/advanced/Scripts/chronometer.sh @@ -302,7 +302,8 @@ get_sys_stats() { # Determine whether to display CPU clock speed as MHz or GHz if [[ -n "$cpu_mhz" ]]; then - [[ "$cpu_mhz" -le "999" ]] && cpu_freq="$cpu_mhz MHz" || cpu_freq="$(calcFunc "$cpu_mhz"/1000) GHz" + [[ "$cpu_mhz" -le "999" ]] && cpu_freq="$cpu_mhz MHz" || cpu_freq="$(printf "%.1f" $(calcFunc "$cpu_mhz"/1000)) GHz" + [[ "${cpu_freq}" == *".0"* ]] && cpu_freq="${cpu_freq/.0/}" fi # Determine colour for temperature @@ -380,7 +381,7 @@ get_ftl_stats() { local top_domain_raw local top_client_raw - domains_being_blocked=$(printf "%.0f\\n" "${domains_being_blocked_raw}") + domains_being_blocked=$(printf "%.0f\\n" "${domains_being_blocked_raw}" 2> /dev/null) dns_queries_today=$(printf "%.0f\\n" "${dns_queries_today_raw}") ads_blocked_today=$(printf "%.0f\\n" "${ads_blocked_today_raw}") ads_percentage_today=$(printf "%'.0f\\n" "${ads_percentage_today_raw}") @@ -403,9 +404,9 @@ get_ftl_stats() { get_strings() { # Expand or contract strings depending on screen size if [[ "$chrono_width" == "large" ]]; then - phc_str=" ${COL_DARK_GRAY}Pi-hole" - lte_str=" ${COL_DARK_GRAY}Admin" - ftl_str=" ${COL_DARK_GRAY}FTL" + phc_str=" ${COL_DARK_GRAY}Core" + lte_str=" ${COL_DARK_GRAY}Web" + ftl_str=" ${COL_DARK_GRAY}FTL" api_str="${COL_LIGHT_RED}API Offline" host_info="$sys_type" @@ -419,7 +420,7 @@ get_strings() { ph_info="Blocking: $domains_being_blocked sites" total_str="Total: " else - phc_str=" ${COL_DARK_GRAY}PH" + phc_str=" ${COL_DARK_GRAY}Core" lte_str=" ${COL_DARK_GRAY}Web" ftl_str=" ${COL_DARK_GRAY}FTL" api_str="${COL_LIGHT_RED}API Down" From b9ae01d819938efc487cc49e865b11544bd5b85f Mon Sep 17 00:00:00 2001 From: DL6ER Date: Wed, 25 Oct 2017 17:46:24 +0200 Subject: [PATCH 308/335] Send SIGHUP to pihole-FTL when restarting/reloading dnsmasq Signed-off-by: DL6ER --- pihole | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/pihole b/pihole index 80cdefe7..ef0279c5 100755 --- a/pihole +++ b/pihole @@ -200,7 +200,7 @@ Options: # Scan Wildcards if [[ -e "${wildcardlist}" ]]; then - # Determine all subdomains, domain and TLDs + # Determine all subdomains, domain and TLDs mapfile -t wildcards <<< "$(processWildcards "${domainQuery}")" for match in "${wildcards[@]}"; do @@ -346,6 +346,9 @@ restartDNS() { svc="service dnsmasq ${svcOption}" fi + # Send signal to FTL to have it re-parse the gravity files + killall -s SIGHUP pihole-FTL + # Print output to Terminal, but not to Web Admin str="${svcOption^}ing DNS service" [[ -t 1 ]] && echo -ne " ${INFO} ${str}..." @@ -483,7 +486,7 @@ statusFunc() { # Determine if Pi-hole's addn-hosts configs are commented out addnConfigs=$(grep -i "addn-hosts=/" /etc/dnsmasq.d/01-pihole.conf) - + if [[ "${addnConfigs}" =~ "#" ]]; then # A config is commented out case "${1}" in From 8dba2a88e2f6436e9eff9adb38d04c4bbd594443 Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Wed, 25 Oct 2017 23:07:45 -0400 Subject: [PATCH 309/335] Move FTL re-parsing call after dnsmasq restart --- pihole | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pihole b/pihole index ef0279c5..d37083f8 100755 --- a/pihole +++ b/pihole @@ -346,9 +346,6 @@ restartDNS() { svc="service dnsmasq ${svcOption}" fi - # Send signal to FTL to have it re-parse the gravity files - killall -s SIGHUP pihole-FTL - # Print output to Terminal, but not to Web Admin str="${svcOption^}ing DNS service" [[ -t 1 ]] && echo -ne " ${INFO} ${str}..." @@ -362,6 +359,9 @@ restartDNS() { [[ ! -t 1 ]] && local OVER="" echo -e "${OVER} ${CROSS} ${output}" fi + + # Send signal to FTL to have it re-parse the gravity files + killall -s SIGHUP pihole-FTL } piholeEnable() { From 6ca47dc3b360a8566d0c505d0c4cf23ed0017d61 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 28 Oct 2017 13:20:02 +0200 Subject: [PATCH 310/335] Add bash / cron based update checker for Pi-hole --- advanced/Scripts/updatecheck.sh | 70 +++++++++++++++++++++++++++++++++ advanced/pihole.cron | 3 ++ pihole | 10 ++++- 3 files changed, 81 insertions(+), 2 deletions(-) create mode 100755 advanced/Scripts/updatecheck.sh diff --git a/advanced/Scripts/updatecheck.sh b/advanced/Scripts/updatecheck.sh new file mode 100755 index 00000000..86f4ba93 --- /dev/null +++ b/advanced/Scripts/updatecheck.sh @@ -0,0 +1,70 @@ +#!/usr/bin/env bash +# Pi-hole: A black hole for Internet advertisements +# (c) 2017 Pi-hole, LLC (https://pi-hole.net) +# Network-wide ad blocking via your own hardware. +# +# Checks for updates via GitHub +# +# This file is copyright under the latest version of the EUPL. +# Please see LICENSE file for your rights under this license. + +# Credit: https://stackoverflow.com/a/46324904 +function json_extract() { + local key=$1 + local json=$2 + + local string_regex='"([^"\]|\\.)*"' + local number_regex='-?(0|[1-9][0-9]*)(\.[0-9]+)?([eE][+-]?[0-9]+)?' + local value_regex="${string_regex}|${number_regex}|true|false|null" + local pair_regex="\"${key}\"[[:space:]]*:[[:space:]]*(${value_regex})" + + if [[ ${json} =~ ${pair_regex} ]]; then + echo $(sed 's/^"\|"$//g' <<< "${BASH_REMATCH[1]}") + else + return 1 + fi +} + +GITHUB_CORE_VERSION="$(json_extract tag_name "$(curl -q 'https://api.github.com/repos/pi-hole/pi-hole/releases/latest' 2> /dev/null)")" +GITHUB_WEB_VERSION="$(json_extract tag_name "$(curl -q 'https://api.github.com/repos/pi-hole/AdminLTE/releases/latest' 2> /dev/null)")" +GITHUB_FTL_VERSION="$(json_extract tag_name "$(curl -q 'https://api.github.com/repos/pi-hole/FTL/releases/latest' 2> /dev/null)")" + +echo "${GITHUB_CORE_VERSION} ${GITHUB_WEB_VERSION} ${GITHUB_FTL_VERSION}" > "/etc/pihole/GitHubVersions" + +function get_local_branch() { + # Return active branch + local directory + directory="${1}" + local output + + cd "${directory}" || return 1 + # Store STDERR as STDOUT variable + output=$( { git rev-parse --abbrev-ref HEAD; } 2>&1 ) + echo "$output" + return +} + +CORE_BRANCH="$(get_local_branch /etc/.pihole)" +WEB_BRANCH="$(get_local_branch /var/www/html/admin)" +FTL_BRANCH="$(pihole-FTL tag)" + +echo "${CORE_BRANCH} ${WEB_BRANCH} ${FTL_BRANCH}" > "/etc/pihole/localbranches" + +function get_local_version() { + # Return active branch + local directory + directory="${1}" + local output + + cd "${directory}" || return 1 + # Store STDERR as STDOUT variable + output=$( { git describe --long --dirty --tags; } 2>&1 ) + echo "$output" + return +} + +CORE_VERSION="$(get_local_version /etc/.pihole)" +WEB_VERSION="$(get_local_version /var/www/html/admin)" +FTL_VERSION="$(pihole-FTL version)" + +echo "${CORE_VERSION} ${WEB_VERSION} ${FTL_VERSION}" > "/etc/pihole/localversions" diff --git a/advanced/pihole.cron b/advanced/pihole.cron index f1beb08c..c873b79d 100644 --- a/advanced/pihole.cron +++ b/advanced/pihole.cron @@ -28,3 +28,6 @@ 00 00 * * * root PATH="$PATH:/usr/local/bin/" pihole flush once quiet @reboot root /usr/sbin/logrotate /etc/pihole/logrotate + +# Pi-hole: Grab remote version and branch every 10 minutes +*/10 * * * * root PATH="$PATH:/usr/local/bin/" pihole updatechecker diff --git a/pihole b/pihole index 80cdefe7..601d8d02 100755 --- a/pihole +++ b/pihole @@ -200,7 +200,7 @@ Options: # Scan Wildcards if [[ -e "${wildcardlist}" ]]; then - # Determine all subdomains, domain and TLDs + # Determine all subdomains, domain and TLDs mapfile -t wildcards <<< "$(processWildcards "${domainQuery}")" for match in "${wildcards[@]}"; do @@ -483,7 +483,7 @@ statusFunc() { # Determine if Pi-hole's addn-hosts configs are commented out addnConfigs=$(grep -i "addn-hosts=/" /etc/dnsmasq.d/01-pihole.conf) - + if [[ "${addnConfigs}" =~ "#" ]]; then # A config is commented out case "${1}" in @@ -579,6 +579,11 @@ tricorderFunc() { fi } +updateCheckFunc() { + "${PI_HOLE_SCRIPT_DIR}"/updatecheck.sh "$@" + exit 0 +} + helpFunc() { echo "Usage: pihole [options] Example: 'pihole -w -h' @@ -650,5 +655,6 @@ case "${1}" in "-t" | "tail" ) tailFunc;; "checkout" ) piholeCheckoutFunc "$@";; "tricorder" ) tricorderFunc;; + "updatechecker" ) updateCheckFunc;; * ) helpFunc;; esac From 709851503fb243d0d62dca6c98e2e7c774d71f73 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 28 Oct 2017 13:27:12 +0200 Subject: [PATCH 311/335] Use "pihole-FTL branch" to get FTL's branch Signed-off-by: DL6ER --- advanced/Scripts/updatecheck.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/updatecheck.sh b/advanced/Scripts/updatecheck.sh index 86f4ba93..12c49445 100755 --- a/advanced/Scripts/updatecheck.sh +++ b/advanced/Scripts/updatecheck.sh @@ -46,7 +46,7 @@ function get_local_branch() { CORE_BRANCH="$(get_local_branch /etc/.pihole)" WEB_BRANCH="$(get_local_branch /var/www/html/admin)" -FTL_BRANCH="$(pihole-FTL tag)" +FTL_BRANCH="$(pihole-FTL branch)" echo "${CORE_BRANCH} ${WEB_BRANCH} ${FTL_BRANCH}" > "/etc/pihole/localbranches" From 9be854031fe01dd5ba102878c130950bae4a66d1 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 28 Oct 2017 13:41:24 +0200 Subject: [PATCH 312/335] Don't store FTL branch until the next release of FTL which supports returning the branch in an easy way Signed-off-by: DL6ER --- advanced/Scripts/updatecheck.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/advanced/Scripts/updatecheck.sh b/advanced/Scripts/updatecheck.sh index 12c49445..446fc4ac 100755 --- a/advanced/Scripts/updatecheck.sh +++ b/advanced/Scripts/updatecheck.sh @@ -46,7 +46,10 @@ function get_local_branch() { CORE_BRANCH="$(get_local_branch /etc/.pihole)" WEB_BRANCH="$(get_local_branch /var/www/html/admin)" -FTL_BRANCH="$(pihole-FTL branch)" +#FTL_BRANCH="$(pihole-FTL branch)" +# Don't store FTL branch until the next release of FTL which +# supports returning the branch in an easy way +FTL_BRANCH="XXX" echo "${CORE_BRANCH} ${WEB_BRANCH} ${FTL_BRANCH}" > "/etc/pihole/localbranches" From 7362416afb1a24e252757206dd8bc41f3ca167da Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 28 Oct 2017 15:40:48 +0200 Subject: [PATCH 313/335] Force an update of the updatechecker after update/install Signed-off-by: DL6ER --- automated install/basic-install.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 6eca6868..8ebd48b2 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -2077,6 +2077,9 @@ main() { # Download and compile the aggregated block list runGravity + # Force an update of the updatechecker + . /opt/pihole/updatecheck.sh + # if [[ "${useUpdateVars}" == false ]]; then displayFinalMessage "${pw}" From 0db76aada0847655b9965b03ee093edbc205e2d4 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 28 Oct 2017 15:44:17 +0200 Subject: [PATCH 314/335] Silence errors when directory to be checked does not exist (system may have been installed without a web interface!) Signed-off-by: DL6ER --- advanced/Scripts/updatecheck.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/advanced/Scripts/updatecheck.sh b/advanced/Scripts/updatecheck.sh index 446fc4ac..26b7d4b0 100755 --- a/advanced/Scripts/updatecheck.sh +++ b/advanced/Scripts/updatecheck.sh @@ -37,7 +37,7 @@ function get_local_branch() { directory="${1}" local output - cd "${directory}" || return 1 + cd "${directory}" 2> /dev/null || return 1 # Store STDERR as STDOUT variable output=$( { git rev-parse --abbrev-ref HEAD; } 2>&1 ) echo "$output" @@ -59,7 +59,7 @@ function get_local_version() { directory="${1}" local output - cd "${directory}" || return 1 + cd "${directory}" 2> /dev/null || return 1 # Store STDERR as STDOUT variable output=$( { git describe --long --dirty --tags; } 2>&1 ) echo "$output" From 06764d0f367cb3af61089a243ed3c56e1fd06e31 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sun, 29 Oct 2017 15:37:39 +0100 Subject: [PATCH 315/335] Randomize gravity update time between 03:01 - 04:58 (excluding 04:00) Signed-off-by: DL6ER --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 62b9cc3a..647661f8 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1357,7 +1357,7 @@ installCron() { # Copy the cron file over from the local repo cp ${PI_HOLE_LOCAL_REPO}/advanced/pihole.cron /etc/cron.d/pihole # Randomize gravity update time - sed -i "s/59 1/$((RANDOM % 60)) $((2 + RANDOM % 2))/" /etc/cron.d/pihole + sed -i "s/59 1/$((1 + RANDOM % 58)) $((3 + RANDOM % 2))/" /etc/cron.d/pihole echo -e "${OVER} ${TICK} ${str}" } From 209a2ab3ecd0b0ed6433d5f6973364c53c18658c Mon Sep 17 00:00:00 2001 From: Mausy5043 Date: Sun, 5 Nov 2017 10:05:25 +0100 Subject: [PATCH 316/335] grammar corrected (double negative) --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 647661f8..176c68ec 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -218,7 +218,7 @@ elif command -v rpm &> /dev/null; then LIGHTTPD_CFG="lighttpd.conf.fedora" DNSMASQ_USER="nobody" -# If neither apt-get or rmp/dnf are not found +# If neither apt-get or rmp/dnf are found else # it's not an OS we can support, echo -e " ${CROSS} OS distribution not supported" From d158a7d51ea7a47cd99e7bb74d6bfa5d9ed30c7f Mon Sep 17 00:00:00 2001 From: Mausy5043 Date: Sun, 5 Nov 2017 10:16:56 +0100 Subject: [PATCH 317/335] spelling corrected --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 176c68ec..bb96308c 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1677,7 +1677,7 @@ update_dialogs() { echo -e " ${INFO} ${opt1a} option selected" useUpdateVars=true ;; - # recongigure, + # reconfigure, ${opt2a}) echo -e " ${INFO} ${opt2a} option selected" useUpdateVars=false From 63312ac4b8b4275692202a126432da893b7a1bb5 Mon Sep 17 00:00:00 2001 From: Mausy5043 Date: Sun, 5 Nov 2017 10:18:39 +0100 Subject: [PATCH 318/335] removed duplicate word --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index bb96308c..5ae27a9c 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1670,7 +1670,7 @@ update_dialogs() { "${opt2a}" "${opt2b}" 3>&2 2>&1 1>&3) || \ { echo -e " ${COL_LIGHT_RED}Cancel was selected, exiting installer${COL_NC}"; exit 1; } - # Set the variable based on if the user user chooses + # Set the variable based on if the user chooses case ${UpdateCmd} in # repair, or ${opt1a}) From ec4e4d3b726f4af2ca28f8c8c781e741a8d11943 Mon Sep 17 00:00:00 2001 From: Mausy5043 Date: Sun, 5 Nov 2017 11:02:04 +0100 Subject: [PATCH 319/335] fix indentation --- automated install/basic-install.sh | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 5ae27a9c..df200e2c 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1262,14 +1262,14 @@ install_dependent_packages() { installArray+=("${i}") fi done + # + if [[ "${#installArray[@]}" -gt 0 ]]; then # - if [[ "${#installArray[@]}" -gt 0 ]]; then - # - "${PKG_INSTALL[@]}" "${installArray[@]}" &> /dev/null - return - fi - echo "" - return 0 + "${PKG_INSTALL[@]}" "${installArray[@]}" &> /dev/null + return + fi + echo "" + return 0 } # Create logfiles if necessary From 90efa3b6101066b898082504661be373eab051c8 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Wed, 8 Nov 2017 19:11:41 +0100 Subject: [PATCH 320/335] Simplify git subroutines Signed-off-by: DL6ER --- advanced/Scripts/updatecheck.sh | 22 ++++------------------ 1 file changed, 4 insertions(+), 18 deletions(-) diff --git a/advanced/Scripts/updatecheck.sh b/advanced/Scripts/updatecheck.sh index 26b7d4b0..9b79c4cb 100755 --- a/advanced/Scripts/updatecheck.sh +++ b/advanced/Scripts/updatecheck.sh @@ -33,15 +33,8 @@ echo "${GITHUB_CORE_VERSION} ${GITHUB_WEB_VERSION} ${GITHUB_FTL_VERSION}" > "/et function get_local_branch() { # Return active branch - local directory - directory="${1}" - local output - - cd "${directory}" 2> /dev/null || return 1 - # Store STDERR as STDOUT variable - output=$( { git rev-parse --abbrev-ref HEAD; } 2>&1 ) - echo "$output" - return + cd "${1}" 2> /dev/null || return 1 + git rev-parse --abbrev-ref HEAD || return 1 } CORE_BRANCH="$(get_local_branch /etc/.pihole)" @@ -55,15 +48,8 @@ echo "${CORE_BRANCH} ${WEB_BRANCH} ${FTL_BRANCH}" > "/etc/pihole/localbranches" function get_local_version() { # Return active branch - local directory - directory="${1}" - local output - - cd "${directory}" 2> /dev/null || return 1 - # Store STDERR as STDOUT variable - output=$( { git describe --long --dirty --tags; } 2>&1 ) - echo "$output" - return + cd "${1}" 2> /dev/null || return 1 + git describe --long --dirty --tags || return 1 } CORE_VERSION="$(get_local_version /etc/.pihole)" From 8a40c91d1a49f99ac70593921408214f60643952 Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Wed, 8 Nov 2017 20:03:18 -0600 Subject: [PATCH 321/335] made above the fold focus on the logo and Pi-holes features. fixed typos. wordsmithed Signed-off-by: Jacob Salmela --- README.md | 31 +++++++++++++++---------------- 1 file changed, 15 insertions(+), 16 deletions(-) diff --git a/README.md b/README.md index c40a134f..3feef11d 100644 --- a/README.md +++ b/README.md @@ -3,11 +3,6 @@ Network-wide ad blocking via your own Linux hardware

-# Core: Command Line Interface - - - -## Summary The Pi-hole blocks ads via a [DNS sinkhole](https://en.wikipedia.org/wiki/DNS_Sinkhole), so all your devices are protected without the need to install client-side software. - **Easy-to-install**: our versatile installer walks you through the process, and [takes less than ten minutes](https://www.youtube.com/watch?v=vKWjx1AQYgs) @@ -22,6 +17,9 @@ The Pi-hole blocks ads via a [DNS sinkhole](https://en.wikipedia.org/wiki/DNS_Si - **Free**: open source software which helps ensure _you_ are the sole person in control of your privacy ----- + + + ## One-Step Automated Install 1. Install a [supported operating system](https://discourse.pi-hole.net/t/hardware-software-requirements/273/1) @@ -30,7 +28,7 @@ The Pi-hole blocks ads via a [DNS sinkhole](https://en.wikipedia.org/wiki/DNS_Si #### `curl -sSL https://install.pi-hole.net | bash` ## Alternative Install Methods -[Piping to `bash` can be dangerous](https://pi-hole.net/2016/07/25/curling-and-piping-to-bash/), so we understand the importance of giving people the option to review our code! Our installer is [found here](https://github.com/pi-hole/pi-hole/blob/master/automated%20install/basic-install.sh), if you wish to read it before running. +[Piping to `bash` _can_ be dangerous](https://pi-hole.net/2016/07/25/curling-and-piping-to-bash/), so we understand the importance of giving people the option to review our code! Our installer is [found here](https://github.com/pi-hole/pi-hole/blob/master/automated%20install/basic-install.sh), if you wish to read it before running. You can install Pi-hole via one of the two alternative methods: @@ -58,15 +56,15 @@ As a last resort, you can always manually set each device to use Pi-hole as thei ----- ## Pi-hole is free, but powered by your support -There are many reoccuring costs involved with maintaining free, open source and privacy respecting software; expenses which [our volunteers](https://github.com/orgs/pi-hole/people) pitch in to cover out-of-pocket. This is just one example of how strongly we feel about our software, as well as the importance of keeping it maintained. +There are many reoccurring costs involved with maintaining free, open source, and privacy-respecting software; expenses which [our volunteers](https://github.com/orgs/pi-hole/people) pitch in to cover out-of-pocket. This is just one example of how strongly we feel about our software, as well as the importance of keeping it maintained. Make no mistake: **your support is absolutely vital to help keep us innovating!** ### Donations -Sending a donation using our links below is **extremely helpful** in offset a portion of our monthly costs: +Sending a donation using our links below is **extremely helpful** in offsetting a portion of our monthly expenses: - ![Paypal](https://assets.pi-hole.net/static/paypal.png) [Donate via PayPal](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=3J2L3Z4DHW9UY) -- ![Bitcoin](https://assets.pi-hole.net/static/Bitcoin.png) Bitcoin Address: 1GKnevUnVaQM2pQieMyeHkpr8DXfkpfAtL +- ![Bitcoin](https://assets.pi-hole.net/static/Bitcoin.png) 1GKnevUnVaQM2pQieMyeHkpr8DXfkpfAtL ### Alternative support If you'd rather not donate (_which is okay!_), there are other ways you can help support us: @@ -78,7 +76,7 @@ If you'd rather not donate (_which is okay!_), there are other ways you can help - Spreading the word about our software, and how you have benefited from it ### Contributing via GitHub -We welcome everyone to contribute to issue reports, suggest new features and create pull requests. +We welcome _everyone_ to contribute to issue reports, suggest new features, and create pull requests. If you have something to add - anything from a typo through to a whole new feature, we're happy to check it out! Just make sure to fill out our template when submitting your request; the questions that it asks will help the volunteers quickly understand what you're aiming to achieve. @@ -102,7 +100,7 @@ Word-of-mouth continues to help our project grow immensely, and we'd like to hel ----- -## Features +## Breakdown Of Features ### The Command Line Interface The `pihole` command has all the functionality necessary to be able to fully administer the Pi-hole. @@ -112,7 +110,7 @@ Some of the features include: * [Whitelisting, Blacklisting and Wildcards](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#whitelisting-blacklisting-and-wildcards) * [Debugging utility](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#debugger) * [Viewing the live log file](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#tail) -* [Real-time Statistics via `ssh`](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#chronometer) or [your TFT LCD screen](http://www.amazon.com/exec/obidos/ASIN/B00ID39LM4/pihole09-20) +* [Real-time Statistics via `ssh`](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#chronometer) or [your TFT LCD screen](https://www.amazon.com/gp/product/B01HN0LL2A/ref=as_li_qf_sp_asin_il_tl?ie=UTF8&tag=pihole09-20&camp=1789&creative=9325&linkCode=as2&creativeASIN=B01HN0LL2A&linkId=fb33e9efb10c1daba0dd1dd9fea72b1a) * [Updating Ad Lists](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#gravity) * [Querying Ad Lists for matching domains](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#query) * [Enabling and Disabling Pi-hole](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#enable--disable) @@ -132,9 +130,9 @@ There are several ways to [access the dashboard](https://discourse.pi-hole.net/t 3. `http://pi.hole/` (when using Pi-hole as your DNS server) ## The Faster-Than-Light Engine -The [FTL Engine](https://github.com/pi-hole/FTL) is a lightweight purpose-built daemon used to provide statistics needed for the Web Interface, and its API can be easily intergrated into your own projects. As the name implies, FTL does this all *very quickly*! +The [FTL Engine](https://github.com/pi-hole/FTL) is a lightweight, purpose-built daemon used to provide statistics needed for the Web Interface, and its API can be easily integrated into your own projects. As the name implies, FTL does this all *very quickly*! -Some of the statistics you can intergrate include: +Some of the statistics you can integrate include: * Total number of domains being blocked * Total number of DNS queries today * Total number of ads blocked today @@ -148,8 +146,8 @@ The API can be accessed via [`telnet`](https://github.com/pi-hole/FTL), the Web ----- -## Technical Details -To summarize into a short sentence, the Pi-hole is an **advertising-aware DNS/Web server**. While quite outdated at this point, [this original blog post about Pi-hole](https://jacobsalmela.com/2015/06/16/block-millions-ads-network-wide-with-a-raspberry-pi-hole-2-0/) goes into **great detail** about how it was setup and how it works. Syntactically, it's no longer accurate, but the same basic principles and logic still apply to Pi-hole's current state. +## The Origin Of Pi-hole +While quite outdated at this point, [this original blog post about Pi-hole](https://jacobsalmela.com/2015/06/16/block-millions-ads-network-wide-with-a-raspberry-pi-hole-2-0/) goes into **great detail** about how Pi-hole was originally setup and how it works. Syntactically, it's no longer accurate, but the same basic principles and logic still apply to Pi-hole's current state. ----- @@ -189,3 +187,4 @@ To summarize into a short sentence, the Pi-hole is an **advertising-aware DNS/We - [Adafruit: Raspberry Pi Quick Look at Pi Hole ad blocking server with Tony D](https://www.youtube.com/watch?v=eg4u2j1HYlI) - [Devacron: OrangePi Zero as an Ad-Block server with Pi-Hole](http://www.devacron.com/orangepi-zero-as-an-ad-block-server-with-pi-hole/) - [CryptoAUSTRALIA Blog: How We Tried 5 Privacy Focused Raspberry Pi Projects](https://blog.cryptoaustralia.org.au/2017/10/05/5-privacy-focused-raspberry-pi-projects/) +- [CryptoAUSTRALIA Pi-hole Workshop](https://blog.cryptoaustralia.org.au/2017/11/02/pi-hole-network-wide-ad-blocker/) From f36ac48de0098783eac39067f95e8adcc307cfce Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Wed, 15 Nov 2017 13:15:59 +1100 Subject: [PATCH 322/335] Use GH Pages images & update wording Signed off by WaLLy3K --- README.md | 118 +++++++++++++++++++++++++++++++++--------------------- 1 file changed, 72 insertions(+), 46 deletions(-) diff --git a/README.md b/README.md index 3feef11d..99579fa0 100644 --- a/README.md +++ b/README.md @@ -1,45 +1,42 @@

-
-Network-wide ad blocking via your own Linux hardware +Pi-hole
+Network-wide ad blocking via your own Linux hardware

-The Pi-hole blocks ads via a [DNS sinkhole](https://en.wikipedia.org/wiki/DNS_Sinkhole), so all your devices are protected without the need to install client-side software. +The Pi-hole is a [DNS sinkhole](https://en.wikipedia.org/wiki/DNS_Sinkhole) that protects your devices from unwanted content, without installing any client-side software. - **Easy-to-install**: our versatile installer walks you through the process, and [takes less than ten minutes](https://www.youtube.com/watch?v=vKWjx1AQYgs) -- **Resolute**: ads are blocked in _non-browser locations_ such as ad-laden mobile apps and smart TVs -- **Fast**: speeds up the feel of everyday browsing by caching DNS queries, saving bandwidth -- **Lightweight**: runs smoothly and requires [minimal resources](https://discourse.pi-hole.net/t/hardware-software-requirements/273) -- **Robust**: a command line interface for those preferring CLI, and/or wanting to automate tasks -- **Informative**: a beautiful and secure Web Interface dashboard to control your Pi-hole -- **Versatile**: can optionally function as a DHCP server, ensuring your devices will not need configuring individually -- **Scalable**: [capable of handling hundreds of millions of queries](https://pi-hole.net/2017/05/24/how-much-traffic-can-pi-hole-handle/) when installed on powerful hardware +- **Resolute**: content is blocked in _non-browser locations_, such as ad-laden mobile apps and smart TVs +- **Responsive**: seamlessly speeds up the feel of everyday browsing by caching DNS queries +- **Lightweight**: runs smoothly with [minimal hardware and software requirements](https://discourse.pi-hole.net/t/hardware-software-requirements/273) +- **Robust**: a command line interface that is quality assured for interoperability +- **Insightful**: a beautiful responsive Web Interface dashboard to view and control your Pi-hole +- **Versatile**: can optionally function as a [DHCP server](https://discourse.pi-hole.net/t/how-do-i-use-pi-holes-built-in-dhcp-server-and-why-would-i-want-to/3026), ensuring *all* your devices are protected automatically +- **Scalable**: [capable of handling hundreds of millions of queries](https://pi-hole.net/2017/05/24/how-much-traffic-can-pi-hole-handle/) when installed on server-grade hardware - **Modern**: blocks ads over both IPv4 and IPv6 - **Free**: open source software which helps ensure _you_ are the sole person in control of your privacy ----- - - - +Codacy Grade +Travis Build Status +BountySource ## One-Step Automated Install -1. Install a [supported operating system](https://discourse.pi-hole.net/t/hardware-software-requirements/273/1) -2. Run the following command +Those who want to get started quickly and conveniently, may install Pi-hole using the following command: #### `curl -sSL https://install.pi-hole.net | bash` ## Alternative Install Methods -[Piping to `bash` _can_ be dangerous](https://pi-hole.net/2016/07/25/curling-and-piping-to-bash/), so we understand the importance of giving people the option to review our code! Our installer is [found here](https://github.com/pi-hole/pi-hole/blob/master/automated%20install/basic-install.sh), if you wish to read it before running. +[Piping to `bash` is controversial](https://pi-hole.net/2016/07/25/curling-and-piping-to-bash), as it prevents you from [reading code that is about to run](https://github.com/pi-hole/pi-hole/blob/master/automated%20install/basic-install.sh) on your system. Therefore, we provide these alternative installation methods which allow code review before installation: -You can install Pi-hole via one of the two alternative methods: - -### Clone our repository and run the automated installer from your device +### Method 1: Clone our repository and run ``` git clone --depth 1 https://github.com/pi-hole/pi-hole.git Pi-hole cd "Pi-hole/automated install/" bash basic-install.sh ``` -### Manually download and execute the install file +### Method 2: Manually download the installer and run ``` wget -O basic-install.sh https://install.pi-hole.net bash basic-install.sh @@ -47,7 +44,7 @@ bash basic-install.sh ## Post-install: Make your network take advantage of Pi-hole -Once the installer has been run, you will need to [configure your router to have **DHCP clients use the Pi-hole as their DNS server**](https://discourse.pi-hole.net/t/how-do-i-configure-my-devices-to-use-pi-hole-as-their-dns-server/245) so that any device that connects to your network will have ads blocked without any further intervention. +Once the installer has been run, you will need to [configure your router to have **DHCP clients use Pi-hole as their DNS server**](https://discourse.pi-hole.net/t/how-do-i-configure-my-devices-to-use-pi-hole-as-their-dns-server/245) which ensures that all devices connecting to your network will have content blocked without any further intervention. If your router does not support setting the DNS server, you can [use Pi-hole's built in DHCP server](https://discourse.pi-hole.net/t/how-do-i-use-pi-holes-built-in-dhcp-server-and-why-would-i-want-to/3026); just be sure to disable DHCP on your router first (if it has that feature available). @@ -56,15 +53,15 @@ As a last resort, you can always manually set each device to use Pi-hole as thei ----- ## Pi-hole is free, but powered by your support -There are many reoccurring costs involved with maintaining free, open source, and privacy-respecting software; expenses which [our volunteers](https://github.com/orgs/pi-hole/people) pitch in to cover out-of-pocket. This is just one example of how strongly we feel about our software, as well as the importance of keeping it maintained. +There are many reoccurring costs involved with maintaining free, open source, and privacy respecting software; expenses which [our volunteer developers](https://github.com/orgs/pi-hole/people) pitch in to cover out-of-pocket. This is just one example of how strongly we feel about our software, as well as the importance of keeping it maintained. Make no mistake: **your support is absolutely vital to help keep us innovating!** ### Donations Sending a donation using our links below is **extremely helpful** in offsetting a portion of our monthly expenses: -- ![Paypal](https://assets.pi-hole.net/static/paypal.png) [Donate via PayPal](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=3J2L3Z4DHW9UY) -- ![Bitcoin](https://assets.pi-hole.net/static/Bitcoin.png) 1GKnevUnVaQM2pQieMyeHkpr8DXfkpfAtL + PP Donate via PayPal
BTC Bitcoin Address: 1GKnevUnVaQM2pQieMyeHkpr8DXfkpfAtL ### Alternative support If you'd rather not donate (_which is okay!_), there are other ways you can help support us: @@ -83,36 +80,44 @@ If you have something to add - anything from a typo through to a whole new featu You'll find that the [install script](https://github.com/pi-hole/pi-hole/blob/master/automated%20install/basic-install.sh) and the [debug script](https://github.com/pi-hole/pi-hole/blob/master/advanced/Scripts/piholeDebug.sh) have an abundance of comments, which will help you better understand how Pi-hole works. They're also a valuable resource to those who want to learn how to write scripts or code a program! We encourage anyone who likes to tinker to read through it, and submit a pull request for us to review. ### Presentations about Pi-hole -Word-of-mouth continues to help our project grow immensely, and we'd like to help those who are going to be presenting Pi-hole at a conference, meetup or even a school project. If you'd like some free swag to hand out to your audience, [get in touch with us](https://pi-hole.net/2017/05/17/giving-a-presentation-on-pi-hole-contact-us-first-for-some-goodies-and-support/). +Word-of-mouth continues to help our project grow immensely, and so we are helping make this easier for people. + +If you are going to be presenting Pi-hole at a conference, meetup or even a school project, [get in touch with us](https://pi-hole.net/2017/05/17/giving-a-presentation-on-pi-hole-contact-us-first-for-some-goodies-and-support/) so we can hook you up with free swag to hand out to your audience! ----- ## Getting in touch with us -- [Users Forum](https://discourse.pi-hole.net/) -- [Feature requests](https://discourse.pi-hole.net/c/feature-requests?order=votes) -- [FAQs](https://discourse.pi-hole.net/c/faqs) -- [Wiki](https://github.com/pi-hole/pi-hole/wiki) -- [/r/pihole on Reddit](https://www.reddit.com/r/pihole/) -- [@The_Pi_Hole on Twitter](https://twitter.com/The_Pi_Hole) -- [Pi-hole on YouTube](https://www.youtube.com/channel/UCT5kq9w0wSjogzJb81C9U0w) -- [ThePiHole on Facebook](https://www.facebook.com/ThePiHole/) -- [Chat on Gitter](https://gitter.im/pi-hole/pi-hole) +While we are primarily reachable on our Discourse User Forum, we can also be found on a variety of social media outlets. **Please be sure to check the FAQ's** before starting a new discussion, as we do not have the spare time to reply to every request for assistance. + + + ----- -## Breakdown Of Features +## Breakdown of Features ### The Command Line Interface -The `pihole` command has all the functionality necessary to be able to fully administer the Pi-hole. +The `pihole` command has all the functionality necessary to be able to fully administer the Pi-hole, without the need of the Web Interface. It's fast, user-friendly, and auditable by anyone with understanding of `bash`. -Pi-hole ASCII Logo +Pi-hole Blacklist Demo -Some of the features include: +Some notable features include: * [Whitelisting, Blacklisting and Wildcards](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#whitelisting-blacklisting-and-wildcards) * [Debugging utility](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#debugger) * [Viewing the live log file](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#tail) -* [Real-time Statistics via `ssh`](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#chronometer) or [your TFT LCD screen](https://www.amazon.com/gp/product/B01HN0LL2A/ref=as_li_qf_sp_asin_il_tl?ie=UTF8&tag=pihole09-20&camp=1789&creative=9325&linkCode=as2&creativeASIN=B01HN0LL2A&linkId=fb33e9efb10c1daba0dd1dd9fea72b1a) +* [Real-time Statistics via `ssh`](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#chronometer) or [your TFT LCD screen](http://www.amazon.com/exec/obidos/ASIN/B00ID39LM4/pihole09-20) * [Updating Ad Lists](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#gravity) -* [Querying Ad Lists for matching domains](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#query) +* [Querying Ad Lists for blocked domains](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#query) * [Enabling and Disabling Pi-hole](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#enable--disable) * ... and *many* more! @@ -121,7 +126,17 @@ You can read our [Core Feature Breakdown](https://github.com/pi-hole/pi-hole/wik ### The Web Interface Dashboard This [optional dashboard](https://github.com/pi-hole/AdminLTE) allows you to view stats, change settings, and configure your Pi-hole. It's the power of the Command Line Interface, with none of the learning curve! -Pi-hole Dashboard +Pi-hole Dashboard + +Some notable features include: +* Mobile friendly interface +* Password protection +* Detailed graphs and doughnut charts +* Top lists of domains and clients +* A filterable and sortable query log +* Long Term Statistics to view data over user defined time ranges +* The ability to easily manage and configure Pi-hole features +* ... and all the main features of the Command Line Interface! There are several ways to [access the dashboard](https://discourse.pi-hole.net/t/how-do-i-access-pi-holes-dashboard-admin-interface/3168): @@ -139,19 +154,28 @@ Some of the statistics you can integrate include: * Percentage of ads blocked * Unique domains * Queries forwarded (to your chosen upstream DNS server) -* Queries cached (served by Pi-hole) -* Unique Pi-hole clients +* Queries cached +* Unique clients -The API can be accessed via [`telnet`](https://github.com/pi-hole/FTL), the Web (`admin/api.php`) and Command Line (`pihole -c -j`). [More details are found here](https://discourse.pi-hole.net/t/pi-hole-api/1863). +The API can be accessed via [`telnet`](https://github.com/pi-hole/FTL), the Web (`admin/api.php`) and Command Line (`pihole -c -j`). You can out find [more details over here](https://discourse.pi-hole.net/t/pi-hole-api/1863). ----- ## The Origin Of Pi-hole +Pi-hole being a **advertising-aware DNS/Web server**, makes use of the following technologies: + +* [`dnsmasq`](http://www.thekelleys.org.uk/dnsmasq/doc.html) - a lightweight DNS and DHCP server +* [`curl`](https://curl.haxx.se) - A command line tool for transferring data with URL syntax +* [`lighttpd`](https://www.lighttpd.net) - webserver designed and optimized for high performance +* [`php`](https://secure.php.net) - a popular general-purpose web scripting language +* [AdminLTE Dashboard](https://github.com/almasaeed2010/AdminLTE) - premium admin control panel based on Bootstrap 3.x + While quite outdated at this point, [this original blog post about Pi-hole](https://jacobsalmela.com/2015/06/16/block-millions-ads-network-wide-with-a-raspberry-pi-hole-2-0/) goes into **great detail** about how Pi-hole was originally setup and how it works. Syntactically, it's no longer accurate, but the same basic principles and logic still apply to Pi-hole's current state. ----- ## Pi-hole Projects +- [The Big Blocklist Collection](https://wally3k.github.io) - [Docker Pi-hole container (x86 and ARM)](https://hub.docker.com/r/diginc/pi-hole/) - [Pi-Hole in the cloud](http://blog.codybunch.com/2015/07/28/Pi-Hole-in-the-cloud/) - [Pie in the Sky-Hole [A Pi-Hole in the cloud for ad-blocking via DNS]](https://dlaa.me/blog/post/skyhole) @@ -186,5 +210,7 @@ While quite outdated at this point, [this original blog post about Pi-hole](http - [Digital Trends: 5 Fun, Easy Projects You Can Try With a $35 Raspberry Pi](https://youtu.be/QwrKlyC2kdM?t=1m42s) - [Adafruit: Raspberry Pi Quick Look at Pi Hole ad blocking server with Tony D](https://www.youtube.com/watch?v=eg4u2j1HYlI) - [Devacron: OrangePi Zero as an Ad-Block server with Pi-Hole](http://www.devacron.com/orangepi-zero-as-an-ad-block-server-with-pi-hole/) -- [CryptoAUSTRALIA Blog: How We Tried 5 Privacy Focused Raspberry Pi Projects](https://blog.cryptoaustralia.org.au/2017/10/05/5-privacy-focused-raspberry-pi-projects/) -- [CryptoAUSTRALIA Pi-hole Workshop](https://blog.cryptoaustralia.org.au/2017/11/02/pi-hole-network-wide-ad-blocker/) +- [Linux Pro: The Hole Truth](http://www.linuxpromagazine.com/Issues/2017/200/The-sysadmin-s-daily-grind-Pi-hole) +- [CryptoAUSTRALIA: How We Tried 5 Privacy Focused Raspberry Pi Projects](https://blog.cryptoaustralia.org.au/2017/10/05/5-privacy-focused-raspberry-pi-projects/) +- [CryptoAUSTRALIA: Pi-hole Workshop](https://blog.cryptoaustralia.org.au/2017/11/02/pi-hole-network-wide-ad-blocker/) +- [Know How 355: Killing ads with a Raspberry Pi-Hole!](https://www.twit.tv/shows/know-how/episodes/355) From eb9c44a347c40a6ee7aba8a0719e4648543d22a3 Mon Sep 17 00:00:00 2001 From: Terror Date: Fri, 17 Nov 2017 15:54:04 +1300 Subject: [PATCH 323/335] Add support for Quad9 secure dns server See www.quad9.net --- automated install/basic-install.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index b43dbe4b..c0d7daba 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -764,6 +764,7 @@ setDNS() { Norton "" Comodo "" DNSWatch "" + Quad9 "" Custom "") # In a whiptail dialog, show the options DNSchoices=$(whiptail --separate-output --menu "Select Upstream DNS Provider. To use your own, select Custom." ${r} ${c} 6 \ @@ -805,6 +806,10 @@ setDNS() { PIHOLE_DNS_1="84.200.69.80" PIHOLE_DNS_2="84.200.70.40" ;; + Quad9) + echo "Quad9 servers" + PIHOLE_DNS_1="9.9.9.9" + ;; Custom) # Until the DNS settings are selected, until [[ "${DNSSettingsCorrect}" = True ]]; do From 616962200ad370ede985f26f94946e5b7bc55de9 Mon Sep 17 00:00:00 2001 From: Terror Date: Fri, 17 Nov 2017 18:18:13 +1300 Subject: [PATCH 324/335] Update the list size to show all the options --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index c0d7daba..61d759ff 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -767,7 +767,7 @@ setDNS() { Quad9 "" Custom "") # In a whiptail dialog, show the options - DNSchoices=$(whiptail --separate-output --menu "Select Upstream DNS Provider. To use your own, select Custom." ${r} ${c} 6 \ + DNSchoices=$(whiptail --separate-output --menu "Select Upstream DNS Provider. To use your own, select Custom." ${r} ${c} 7 \ "${DNSChooseOptions[@]}" 2>&1 >/dev/tty) || \ # exit if Cancel is selected { echo -e " ${COL_LIGHT_RED}Cancel was selected, exiting installer${COL_NC}"; exit 1; } From d92f9b4dbde04ef661f25705c636012991452476 Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Mon, 20 Nov 2017 15:59:13 +1100 Subject: [PATCH 325/335] Add separator between FAQ/Requests & Social Media This is to add emphasis that the first three options should be considered before the social media outlets. Signed off by WaLLy3K --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 99579fa0..a856839b 100644 --- a/README.md +++ b/README.md @@ -94,6 +94,7 @@ While we are primarily reachable on our Pi-hole Wiki
  • Feature Requests
    • +
    • Discourse User Forum
    • Reddit
      • From 2dc185189221308918cd4802e61557f2e7211fb6 Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Thu, 23 Nov 2017 13:17:34 +1100 Subject: [PATCH 326/335] Allow passwords with spaces e.g: `pihole -a -p "foo bar"` Signed off by WaLLy3K --- advanced/Scripts/webpage.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index d5c4d45e..07bc160f 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -110,7 +110,7 @@ SetWebPassword() { fi if [ "${PASSWORD}" == "${CONFIRM}" ] ; then - hash=$(HashPassword ${PASSWORD}) + hash=$(HashPassword "${PASSWORD}") # Save hash to file change_setting "WEBPASSWORD" "${hash}" echo -e " ${TICK} New password set" From 0a4d3ef6e6c6b010b549d04841e6496df6ebff85 Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Thu, 23 Nov 2017 13:35:51 +1100 Subject: [PATCH 327/335] Add "sudo bash" to installation instructions * Running as sudo/root prevents script from being re-downloaded, unintentionally side-stepping manual code review by end user Signed off by WaLLy3K --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index a856839b..f6d15f43 100644 --- a/README.md +++ b/README.md @@ -33,13 +33,13 @@ Those who want to get started quickly and conveniently, may install Pi-hole usin ``` git clone --depth 1 https://github.com/pi-hole/pi-hole.git Pi-hole cd "Pi-hole/automated install/" -bash basic-install.sh +sudo bash basic-install.sh ``` ### Method 2: Manually download the installer and run ``` wget -O basic-install.sh https://install.pi-hole.net -bash basic-install.sh +sudo bash basic-install.sh ``` ## Post-install: Make your network take advantage of Pi-hole From b64155a1657937b5302369732fda79565105c1c9 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Wed, 6 Dec 2017 14:32:39 +0000 Subject: [PATCH 328/335] Add in an extra check to enable lighttpd. Signed-off-by: Adam Warner --- automated install/basic-install.sh | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 61d759ff..8380ca49 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -2004,8 +2004,15 @@ main() { # just install the Core dependencies DEPS=("${PIHOLE_DEPS[@]}") fi + install_dependent_packages DEPS[@] + # On some systems, lighttpd is not enabled on first install. We need to enable it here if the user + # has chosen to install the web interface, else the `LIGHTTPD_ENABLED` check will fail + if [[ "${INSTALL_WEB}" == true ]]; then + enable_service lighttpd + fi + if [[ -x "$(command -v systemctl)" ]]; then # Value will either be 1, if true, or 0 LIGHTTPD_ENABLED=$(systemctl is-enabled lighttpd | grep -c 'enabled' || true) From f60791ac7c9afca9a3270a6edc67b58423f92671 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Wed, 6 Dec 2017 14:42:01 +0000 Subject: [PATCH 329/335] Add dependencies as per https://github.com/pi-hole/pi-hole/pull/1776#discussion_r155149349 Signed-off-by: Adam Warner --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 8380ca49..a9bebba2 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -208,7 +208,7 @@ elif command -v rpm &> /dev/null; then PKG_INSTALL=(${PKG_MANAGER} install -y) PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l" INSTALLER_DEPS=(dialog git iproute net-tools newt procps-ng) - PIHOLE_DEPS=(bc bind-utils cronie curl dnsmasq findutils nmap-ncat sudo unzip wget idn2) + PIHOLE_DEPS=(bc bind-utils cronie curl dnsmasq findutils nmap-ncat sudo unzip wget libidn2 psmisc) PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php php-common php-cli php-pdo) if ! grep -q 'Fedora' /etc/redhat-release; then INSTALLER_DEPS=("${INSTALLER_DEPS[@]}" "epel-release"); From 945dcc6c2b67838a4864067899b2b75985d5078e Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Wed, 6 Dec 2017 15:17:31 +0000 Subject: [PATCH 330/335] Indent two spaces as per https://github.com/pi-hole/pi-hole/pull/1776#discussion_r155157116 Signed-off-by: Adam Warner --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index a9bebba2..d71cd891 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1328,7 +1328,7 @@ installPiholeWeb() { else # don't do anything echo -e "${OVER} ${CROSS} ${str} - No default index.lighttpd.html file found... not backing up" + No default index.lighttpd.html file found... not backing up" fi # Install Sudoers file From dd6a9a0b8473d112c7d372c12023011490900818 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Wed, 6 Dec 2017 15:28:58 +0000 Subject: [PATCH 331/335] supress output of `which command` on centos/fedora as per https://github.com/pi-hole/pi-hole/pull/1776#discussion_r155156819 Signed-off-by: Adam Warner --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index d71cd891..3377ca86 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1856,7 +1856,7 @@ FTLdetect() { #If the installed version matches the latest version, then check the installed sha1sum of the binary vs the remote sha1sum. If they do not match, then download echo -e " ${INFO} Checking for existing FTL binary..." - local ftlLoc=$(which pihole-FTL) + local ftlLoc=$(which pihole-FTL 2>/dev/null) if [[ ${ftlLoc} ]]; then local FTLversion=$(/usr/bin/pihole-FTL tag) From 69dc22c10ffbab9182dfbd336d0159363640390c Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Wed, 6 Dec 2017 22:31:12 +0000 Subject: [PATCH 332/335] fix some codacy and intelliJ idea complaints Signed-off-by: Adam Warner --- automated install/basic-install.sh | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 3377ca86..139627e0 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -503,15 +503,21 @@ testIPv6() { # first will contain fda2 (ULA) first="$(cut -f1 -d":" <<< "$1")" # value1 will contain 253 which is the decimal value corresponding to 0xfd - value1=$(((0x$first)/256)) + value1=$(( (0x$first)/256 )) # will contain 162 which is the decimal value corresponding to 0xa2 - value2=$(((0x$first)%256)) + value2=$(( (0x$first)%256 )) # the ULA test is testing for fc00::/7 according to RFC 4193 - (((value1&254)==252)) && echo "ULA" || true + if (( value1&254 == 252 )); then + echo "ULA" + fi # the GUA test is testing for 2000::/3 according to RFC 4291 - (((value1&112)==32)) && echo "GUA" || true + if (( value1&112 == 32 )); then + echo "GUA" + fi # the LL test is testing for fe80::/10 according to RFC 4193 - (((value1==254) && ((value2&192)==128))) && echo "Link-local" || true + if (( value1 == 254 )) && (( value2&192 == 128 )); then + echo "Link-local" + fi } # A dialog for showing the user about IPv6 blocking From 162a7b56fe9f04ce12b395760a0928026fefd082 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Wed, 6 Dec 2017 22:41:31 +0000 Subject: [PATCH 333/335] force mode is no longer referenced. Regression. Same with `domToRemoveList` Signed-off-by: Adam Warner --- advanced/Scripts/list.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh index 9ddfe8f3..72250afd 100755 --- a/advanced/Scripts/list.sh +++ b/advanced/Scripts/list.sh @@ -19,7 +19,6 @@ addmode=true verbose=true domList=() -domToRemoveList=() listMain="" listAlt="" @@ -240,7 +239,6 @@ for var in "$@"; do "-wild" | "wildcard" ) listMain="${wildcardlist}";; "-nr"| "--noreload" ) reload=false;; "-d" | "--delmode" ) addmode=false;; - "-f" | "--force" ) force=true;; "-q" | "--quiet" ) verbose=false;; "-h" | "--help" ) helpFunc;; "-l" | "--list" ) Displaylist;; From 79aada0b87d1f8b4992acedcdff03f6eff78180b Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Wed, 6 Dec 2017 22:57:05 +0000 Subject: [PATCH 334/335] travis didn't like that Signed-off-by: Adam Warner --- automated install/basic-install.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 139627e0..79754872 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -507,15 +507,15 @@ testIPv6() { # will contain 162 which is the decimal value corresponding to 0xa2 value2=$(( (0x$first)%256 )) # the ULA test is testing for fc00::/7 according to RFC 4193 - if (( value1&254 == 252 )); then + if (( (value1&254)==252 )); then echo "ULA" fi # the GUA test is testing for 2000::/3 according to RFC 4291 - if (( value1&112 == 32 )); then + if (( (value1&112)==32 )); then echo "GUA" fi # the LL test is testing for fe80::/10 according to RFC 4193 - if (( value1 == 254 )) && (( value2&192 == 128 )); then + if (( (value1)==254 )) && (( (value2&192)==128 )); then echo "Link-local" fi } From a9a40ca46c7f086b2efa9464fa90026e47004f72 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Wed, 6 Dec 2017 23:27:40 +0000 Subject: [PATCH 335/335] Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead. Signed-off-by: Adam Warner --- advanced/Scripts/piholeDebug.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 43393ee9..d69c5e4d 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -499,7 +499,7 @@ does_ip_match_setup_vars() { # IP address to check for local ip_address="${2}" # See what IP is in the setupVars.conf file - local setup_vars_ip=$(cat ${PIHOLE_SETUP_VARS_FILE} | grep IPV${protocol}_ADDRESS | cut -d '=' -f2) + local setup_vars_ip=$(< ${PIHOLE_SETUP_VARS_FILE} grep IPV${protocol}_ADDRESS | cut -d '=' -f2) # If it's an IPv6 address if [[ "${protocol}" == "6" ]]; then # Strip off the / (CIDR notation)