From 90a5a13197d9cb43d1f2daea39693a0e312d02cf Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Wed, 8 Apr 2020 15:35:07 +0200
Subject: [PATCH 001/297] Convert CONDITIONAL_FORWARDING to REV_SERVER
 settings. Try to detect intended CIDR range automatically.

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/webpage.sh | 56 +++++++++++++++++++++++++++++--------
 1 file changed, 45 insertions(+), 11 deletions(-)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index f0f8bc31..41e52747 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -210,8 +210,42 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423
     fi
 
     if [[ "${CONDITIONAL_FORWARDING}" == true ]]; then
-        add_dnsmasq_setting "server=/${CONDITIONAL_FORWARDING_DOMAIN}/${CONDITIONAL_FORWARDING_IP}"
-        add_dnsmasq_setting "server=/${CONDITIONAL_FORWARDING_REVERSE}/${CONDITIONAL_FORWARDING_IP}"
+        # Convert legacy "conditional forwarding" to rev-server configuration
+        REV_SERVER=true
+        add_setting "REV_SERVER" "true"
+
+        REV_SERVER_DOMAIN="${CONDITIONAL_FORWARDING_DOMAIN}"
+        add_setting "REV_SERVER_DOMAIN" "${REV_SERVER_DOMAIN}"
+
+        REV_SERVER_TARGET="${CONDITIONAL_FORWARDING_IP}"
+        add_setting "REV_SERVER_TARGET" "${REV_SERVER_TARGET}"
+
+        # Remove obsolete settings from setupVars.conf
+        delete_setting "CONDITIONAL_FORWARDING"
+        delete_setting "CONDITIONAL_FORWARDING_REVERSE"
+        delete_setting "CONDITIONAL_FORWARDING_DOMAIN"
+        delete_setting "CONDITIONAL_FORWARDING_IP"
+
+        # Try to detect intended CIDR by analyzing the target
+        if [[ "${REV_SERVER_TARGET}" =~ 10\..* ]]; then
+            # Private network, Class A (RFC 1597 + RFC 1918)
+            REV_SERVER_CIDR="10.0.0.0/8"
+        elif [[ "${REV_SERVER_TARGET}" =~ 192\.168\..* ]]; then
+            # Private network, Class C (RFC 1597 + RFC 1918)
+            REV_SERVER_CIDR="192.168.0.0/16"
+        else
+            # Something else. The user will have to adapt this
+            # as we cannot know how large their subnet is
+            REV_SERVER_CIDR="${REV_SERVER_TARGET}/32"
+        fi
+        add_setting "REV_SERVER_CIDR" "${REV_SERVER_CIDR}"
+    fi
+
+    if [[ "${REV_SERVER}" == true ]]; then
+        add_dnsmasq_setting "rev-server=${REV_SERVER_CIDR},${REV_SERVER_TARGET}"
+        if [ -n "${REV_SERVER_DOMAIN}" ]; then
+            add_dnsmasq_setting "server=/${REV_SERVER_DOMAIN}/${REV_SERVER_TARGET}"
+        fi
     fi
 
     # Prevent Firefox from automatically switching over to DNS-over-HTTPS
@@ -247,16 +281,16 @@ SetDNSServers() {
         change_setting "DNSSEC" "false"
     fi
 
-    if [[ "${args[6]}" == "conditional_forwarding" ]]; then
-        change_setting "CONDITIONAL_FORWARDING" "true"
-        change_setting "CONDITIONAL_FORWARDING_IP" "${args[7]}"
-        change_setting "CONDITIONAL_FORWARDING_DOMAIN" "${args[8]}"
-        change_setting "CONDITIONAL_FORWARDING_REVERSE" "${args[9]}"
+    if [[ "${args[6]}" == "rev-server" ]]; then
+        change_setting "REV_SERVER" "true"
+        change_setting "REV_SERVER_CIDR" "${args[7]}"
+        change_setting "REV_SERVER_TARGET" "${args[8]}"
+        change_setting "REV_SERVER_DOMAIN" "${args[9]}"
     else
-        change_setting "CONDITIONAL_FORWARDING" "false"
-        delete_setting "CONDITIONAL_FORWARDING_IP"
-        delete_setting "CONDITIONAL_FORWARDING_DOMAIN"
-        delete_setting "CONDITIONAL_FORWARDING_REVERSE"
+        change_setting "REV_SERVER" "false"
+        delete_setting "REV_SERVER_CIDR"
+        delete_setting "REV_SERVER_TARGET"
+        delete_setting "REV_SERVER_DOMAIN"
     fi
 
     ProcessDNSSettings

From 4130af0aab17689c7295dbe90d1188fefd02874c Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Thu, 9 Apr 2020 09:05:43 +0200
Subject: [PATCH 002/297] Retain rev-server settings when the feature gets
 disabled.

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/webpage.sh | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index 41e52747..5e63f0cf 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -288,9 +288,6 @@ SetDNSServers() {
         change_setting "REV_SERVER_DOMAIN" "${args[9]}"
     else
         change_setting "REV_SERVER" "false"
-        delete_setting "REV_SERVER_CIDR"
-        delete_setting "REV_SERVER_TARGET"
-        delete_setting "REV_SERVER_DOMAIN"
     fi
 
     ProcessDNSSettings

From 093054a1eb6bfc82968ab0c36f0dfc737514599b Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Thu, 9 Apr 2020 09:38:24 +0200
Subject: [PATCH 003/297] Automatically convert legacy IP range to Class C
 network

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/webpage.sh | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index 5e63f0cf..d5bf46a4 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -231,12 +231,12 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423
             # Private network, Class A (RFC 1597 + RFC 1918)
             REV_SERVER_CIDR="10.0.0.0/8"
         elif [[ "${REV_SERVER_TARGET}" =~ 192\.168\..* ]]; then
-            # Private network, Class C (RFC 1597 + RFC 1918)
+            # Private network, Class B (RFC 1597 + RFC 1918)
             REV_SERVER_CIDR="192.168.0.0/16"
         else
-            # Something else. The user will have to adapt this
-            # as we cannot know how large their subnet is
-            REV_SERVER_CIDR="${REV_SERVER_TARGET}/32"
+            # Something else, convert to /24 subnet (preserves legacy behavior)
+            # This sed converts "192.168.1.2" to "192.168.1.0/24"
+            REV_SERVER_CIDR="$(sed "s+\\.[0-9]*$+\\.0/24+" <<< "${REV_SERVER_TARGET}")"
         fi
         add_setting "REV_SERVER_CIDR" "${REV_SERVER_CIDR}"
     fi

From 4cf241b42bd86ce4344076518f99b963506d9cda Mon Sep 17 00:00:00 2001
From: Jeroen Baert <3607063+Forceflow@users.noreply.github.com>
Date: Tue, 12 May 2020 19:59:19 +0200
Subject: [PATCH 004/297] Fix for pihole -w --nuke displaying help info even if
 command is executed correctly

Signed-off-by: Jeroen Baert <3607063+Forceflow@users.noreply.github.com>
---
 advanced/Scripts/list.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh
index 4f2e046f..7efd8758 100755
--- a/advanced/Scripts/list.sh
+++ b/advanced/Scripts/list.sh
@@ -222,6 +222,7 @@ Displaylist() {
 
 NukeList() {
     sqlite3 "${gravityDBfile}" "DELETE FROM domainlist WHERE type = ${typeId};"
+    exit 0;
 }
 
 for var in "$@"; do

From af1129fc2878370d8b86b8fe40e2800534d2a98f Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Mon, 25 May 2020 17:40:20 +0100
Subject: [PATCH 005/297] Add a check at the top of the script to determine if
 the script is being run on a supported OS

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 automated install/basic-install.sh | 60 +++++++++++++++++++++++++++++-
 1 file changed, 58 insertions(+), 2 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 76b04457..a7024ca5 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -174,6 +174,61 @@ is_command() {
     command -v "${check_command}" >/dev/null 2>&1
 }
 
+os_check() {
+    # This function gets a list of supported OS versions from a TXT record at versions.pi-hole.net
+    # and determines whether or not the script is running on one of those systems
+    local remote_os_domain valid_os valid_version detected_os_pretty detected_os detected_version display_warning
+    remote_os_domain="versions.pi-hole.net"
+    valid_os=false
+    valid_version=false
+    display_warning=true
+
+    detected_os_pretty=$(cat /etc/*release | grep PRETTY_NAME | cut -d '=' -f2- | tr -d '"')
+    detected_os=$(echo "${detected_os_pretty}" | sed 's/ .*//')
+    detected_version=$(cat /etc/*release | grep VERSION_ID | cut -d '=' -f2- | tr -d '"')
+
+    mapfile -t supportedOS < <(dig +short -t txt ${remote_os_domain} | tr -d '"' | tr ' ' '\n')
+
+    for i in "${supportedOS[@]}"
+    do
+        os_part=$(echo $i | cut -d '=' -f1)
+        versions_part=$(echo $i | cut -d '=' -f2-)
+
+        if [[ "${detected_os}" =~ "${os_part}" ]]; then
+          valid_os=true
+          mapfile -t supportedVer < <(echo "${versions_part}" | tr ',' '\n')
+          for x in "${supportedVer[@]}"
+          do
+            if [[ "${detected_version}" =~ $x ]];then
+              valid_version=true
+              break
+            fi
+          done
+          break
+        fi
+    done
+
+    if [ "$valid_os" = true ] && [ "$valid_version" = true ]; then
+        display_warning=false
+    fi
+
+    if [ "$display_warning" = true ] && [ "$PIHOLE_SKIP_OS_CHECK" != true ]; then
+        printf "  %b %bUnsupported OS detected%b\\n" "${CROSS}" "${COL_LIGHT_RED}" "${COL_NC}"
+        printf "      https://docs.pi-hole.net/main/prerequesites/#supported-operating-systems\\n"
+        printf "\\n"
+        printf "      This check can be skipped by setting the environment variable %bPIHOLE_SKIP_OS_CHECK%b to %btrue%b\\n" "${COL_LIGHT_RED}" "${COL_NC}" "${COL_LIGHT_RED}" "${COL_NC}"
+        printf "      e.g: export PIHOLE_SKIP_OS_CHECK=true\\n"
+        printf "      By setting this variable to true you acknowledge there may be issues with Pi-hole during or after the install\\n"
+        printf "      If that is the case, you can feel free to ask the community on Discourse with the %bCommunity Help%b category:\\n" "${COL_LIGHT_RED}" "${COL_NC}"
+        printf "      https://discourse.pi-hole.net/c/bugs-problems-issues/community-help/\\n"
+        exit 1
+    elif [ "$display_warning" = true ] && [ "$PIHOLE_SKIP_OS_CHECK" = true ]; then
+        printf "  %b %bUnsupported OS detected%b. PIHOLE_SKIP_OS_CHECK env variable set to true - installer will continue\\n" "${INFO}" "${COL_LIGHT_RED}" "${COL_NC}"
+    else
+        printf "  %b %bSupported OS detected%b\\n" "${TICK}" "${COL_LIGHT_GREEN}" "${COL_NC}"
+    fi
+}
+
 # Compatibility
 distro_check() {
 # If apt-get is installed, then we know it's part of the Debian family
@@ -608,7 +663,7 @@ verifyFreeDiskSpace() {
         printf "      We were unable to determine available free disk space on this system.\\n"
         printf "      You may override this check, however, it is not recommended.\\n"
         printf "      The option '%b--i_do_not_follow_recommendations%b' can override this.\\n" "${COL_LIGHT_RED}" "${COL_NC}"
-        printf "      e.g: curl -L https://install.pi-hole.net | bash /dev/stdin %b<option>%b\\n" "${COL_LIGHT_RED}" "${COL_NC}"
+        printf "      e.g: curl -sSL https://install.pi-hole.net | bash /dev/stdin %b<option>%b\\n" "${COL_LIGHT_RED}" "${COL_NC}"
         # exit with an error code
         exit 1
     # If there is insufficient free disk space,
@@ -623,7 +678,7 @@ verifyFreeDiskSpace() {
             printf "      If this is a new install you may need to expand your disk\\n"
             printf "      Run 'sudo raspi-config', and choose the 'expand file system' option\\n"
             printf "      After rebooting, run this installation again\\n"
-            printf "      e.g: curl -L https://install.pi-hole.net | bash\\n"
+            printf "      e.g: curl -sSL https://install.pi-hole.net | bash\\n"
         fi
         # Show there is not enough free space
         printf "\\n      %bInsufficient free space, exiting...%b\\n" "${COL_LIGHT_RED}" "${COL_NC}"
@@ -2549,6 +2604,7 @@ main() {
     fi
 
     # Check for supported distribution
+    os_check
     distro_check
 
     # If the setup variable file exists,

From acf2879057beff483aa090f7badf5c72310cfaa8 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Mon, 25 May 2020 17:49:19 +0100
Subject: [PATCH 006/297] Address sticklr complaints

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 automated install/basic-install.sh | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index a7024ca5..6fdc6211 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -184,17 +184,17 @@ os_check() {
     display_warning=true
 
     detected_os_pretty=$(cat /etc/*release | grep PRETTY_NAME | cut -d '=' -f2- | tr -d '"')
-    detected_os=$(echo "${detected_os_pretty}" | sed 's/ .*//')
+    detected_os="${detected_os_pretty%% *}"
     detected_version=$(cat /etc/*release | grep VERSION_ID | cut -d '=' -f2- | tr -d '"')
 
     mapfile -t supportedOS < <(dig +short -t txt ${remote_os_domain} | tr -d '"' | tr ' ' '\n')
 
     for i in "${supportedOS[@]}"
     do
-        os_part=$(echo $i | cut -d '=' -f1)
-        versions_part=$(echo $i | cut -d '=' -f2-)
+        os_part=$(echo "$i" | cut -d '=' -f1)
+        versions_part=$(echo "$i" | cut -d '=' -f2-)
 
-        if [[ "${detected_os}" =~ "${os_part}" ]]; then
+        if [[ "${detected_os}" =~ ${os_part} ]]; then
           valid_os=true
           mapfile -t supportedVer < <(echo "${versions_part}" | tr ',' '\n')
           for x in "${supportedVer[@]}"

From de8976da7a49116d8655e20742bc0edd66b5769b Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Thu, 28 May 2020 21:18:31 +0200
Subject: [PATCH 007/297] Add CAP_SYS_NICE to FTL's capabilities so it can
 control its own niceness.

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Templates/pihole-FTL.service | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/advanced/Templates/pihole-FTL.service b/advanced/Templates/pihole-FTL.service
index ab7f8f2b..6af449f3 100644
--- a/advanced/Templates/pihole-FTL.service
+++ b/advanced/Templates/pihole-FTL.service
@@ -50,7 +50,7 @@ start() {
     chmod 0644 /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole.log
     # Chown database files to the user FTL runs as. We ignore errors as the files may not (yet) exist
     chown pihole:pihole /etc/pihole/pihole-FTL.db /etc/pihole/gravity.db 2> /dev/null
-    if setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN+eip "$(which pihole-FTL)"; then
+    if setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN,CAP_SYS_NICE+eip "$(which pihole-FTL)"; then
       su -s /bin/sh -c "/usr/bin/pihole-FTL" "$FTLUSER"
     else
       echo "Warning: Starting pihole-FTL as root because setting capabilities is not supported on this system"

From 852f6b95f5d10847569c1c59453aeaac7a03cef4 Mon Sep 17 00:00:00 2001
From: "Thomas L. Kjeldsen" <tlk@closureconsulting.com>
Date: Fri, 23 Aug 2019 19:49:13 +0200
Subject: [PATCH 008/297] Prevent "pihole disable $timeout" from messing up
 future state changes

Signed-off-by: Thomas L. Kjeldsen <tlk@closureconsulting.com>
---
 advanced/Scripts/pihole-reenable.sh | 16 ++++++++++++++++
 pihole                              |  5 +++--
 2 files changed, 19 insertions(+), 2 deletions(-)
 create mode 100755 advanced/Scripts/pihole-reenable.sh

diff --git a/advanced/Scripts/pihole-reenable.sh b/advanced/Scripts/pihole-reenable.sh
new file mode 100755
index 00000000..dbadc860
--- /dev/null
+++ b/advanced/Scripts/pihole-reenable.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+# Pi-hole: A black hole for Internet advertisements
+# (c) 2019 Pi-hole, LLC (https://pi-hole.net)
+# Network-wide ad blocking via your own hardware.
+#
+# Wrapper script to re-enable Pi-hole after a period of it being disabled.
+#
+# This script will be aborted by the `pihole enable` command using `killall`.
+# As a consequence, the filename of this script is limited to max 15 characters
+# and the script does not use `env`.
+#
+# This file is copyright under the latest version of the EUPL.
+# Please see LICENSE file for your rights under this license.
+
+sleep "${1}"
+pihole enable
diff --git a/pihole b/pihole
index 065fb385..b0ba8473 100755
--- a/pihole
+++ b/pihole
@@ -164,7 +164,7 @@ Time:
           local str="Disabling blocking for ${tt} seconds"
           echo -e "  ${INFO} ${str}..."
           local str="Blocking will be re-enabled in ${tt} seconds"
-          nohup bash -c "sleep ${tt}; ${PI_HOLE_BIN_DIR}/pihole enable" </dev/null &>/dev/null &
+          nohup "${PI_HOLE_SCRIPT_DIR}"/pihole-reenable.sh ${tt} </dev/null &>/dev/null &
         else
           local error=true
         fi
@@ -175,7 +175,7 @@ Time:
           echo -e "  ${INFO} ${str}..."
           local str="Blocking will be re-enabled in ${tt} minutes"
           tt=$((${tt}*60))
-          nohup bash -c "sleep ${tt}; ${PI_HOLE_BIN_DIR}/pihole enable" </dev/null &>/dev/null &
+          nohup "${PI_HOLE_SCRIPT_DIR}"/pihole-reenable.sh ${tt} </dev/null &>/dev/null &
         else
           local error=true
         fi
@@ -197,6 +197,7 @@ Time:
     fi
   else
     # Enable Pi-hole
+    killall -q pihole-reenable
     if grep -cq "BLOCKING_ENABLED=true" "${setupVars}"; then
       echo -e "  ${INFO} Blocking already enabled, nothing to do"
       exit 0

From 005da06b3d4cd399aa2c0a6d226df586f087cfcf Mon Sep 17 00:00:00 2001
From: "Thomas L. Kjeldsen" <tlk@closureconsulting.com>
Date: Sat, 30 May 2020 02:38:22 +0200
Subject: [PATCH 009/297] Use PI_HOLE_BIN_DIR as introduced in PR #2886

Signed-off-by: Thomas L. Kjeldsen <tlk@closureconsulting.com>
---
 advanced/Scripts/pihole-reenable.sh | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/advanced/Scripts/pihole-reenable.sh b/advanced/Scripts/pihole-reenable.sh
index dbadc860..4a6ff88c 100755
--- a/advanced/Scripts/pihole-reenable.sh
+++ b/advanced/Scripts/pihole-reenable.sh
@@ -12,5 +12,7 @@
 # This file is copyright under the latest version of the EUPL.
 # Please see LICENSE file for your rights under this license.
 
+readonly PI_HOLE_BIN_DIR="/usr/local/bin"
+
 sleep "${1}"
-pihole enable
+"${PI_HOLE_BIN_DIR}"/pihole enable

From 903808a47726cad878da329f17d529341df1c514 Mon Sep 17 00:00:00 2001
From: "Thomas L. Kjeldsen" <tlk@closureconsulting.com>
Date: Sat, 30 May 2020 02:45:03 +0200
Subject: [PATCH 010/297] Improved explanation of why this script is needed

Signed-off-by: Thomas L. Kjeldsen <tlk@closureconsulting.com>
---
 advanced/Scripts/pihole-reenable.sh | 19 ++++++++++++-------
 1 file changed, 12 insertions(+), 7 deletions(-)

diff --git a/advanced/Scripts/pihole-reenable.sh b/advanced/Scripts/pihole-reenable.sh
index 4a6ff88c..93ec3b95 100755
--- a/advanced/Scripts/pihole-reenable.sh
+++ b/advanced/Scripts/pihole-reenable.sh
@@ -1,16 +1,21 @@
 #!/bin/bash
 # Pi-hole: A black hole for Internet advertisements
-# (c) 2019 Pi-hole, LLC (https://pi-hole.net)
+# (c) 2020 Pi-hole, LLC (https://pi-hole.net)
 # Network-wide ad blocking via your own hardware.
 #
-# Wrapper script to re-enable Pi-hole after a period of it being disabled.
-#
-# This script will be aborted by the `pihole enable` command using `killall`.
-# As a consequence, the filename of this script is limited to max 15 characters
-# and the script does not use `env`.
-#
 # This file is copyright under the latest version of the EUPL.
 # Please see LICENSE file for your rights under this license.
+#
+#
+# The pihole disable command has the option to set a specified time before
+# blocking is automatically re-enabled.
+#
+# Present script is responsible for the sleep & re-enable part of the job and
+# is automatically terminated if it is still running when pihole is enabled by
+# other means.
+#
+# This ensures that pihole ends up in the correct state after a sequence of
+# commands suchs as: `pihole disable 30s; pihole enable; pihole disable`
 
 readonly PI_HOLE_BIN_DIR="/usr/local/bin"
 

From 7579ab178a9b146661cdbf06dda395ad44ebf92e Mon Sep 17 00:00:00 2001
From: XhmikosR <xhmikosr@gmail.com>
Date: Wed, 20 May 2020 11:34:14 +0300
Subject: [PATCH 011/297] Update links

* use https when possible
* replace coverage with a link to the docs page in README.md
* remove obsolete affiliate link in README.md

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
---
 .editorconfig                      |  2 +-
 README.md                          | 45 ++++++------------------------
 advanced/Scripts/chronometer.sh    |  2 +-
 advanced/Scripts/query.sh          |  2 +-
 advanced/Scripts/setupLCD.sh       |  2 +-
 automated install/basic-install.sh |  2 +-
 6 files changed, 14 insertions(+), 41 deletions(-)

diff --git a/.editorconfig b/.editorconfig
index ee415d1f..a50f2f70 100644
--- a/.editorconfig
+++ b/.editorconfig
@@ -1,4 +1,4 @@
-# EditorConfig is awesome: http://EditorConfig.org
+# EditorConfig is awesome: https://editorconfig.org/
 
 # top-most EditorConfig file
 root = true
diff --git a/README.md b/README.md
index 358308c3..d305162f 100644
--- a/README.md
+++ b/README.md
@@ -66,11 +66,10 @@ Sending a donation using our links below is **extremely helpful** in offsetting
 ### Alternative support
 If you'd rather not [donate](https://pi-hole.net/donate/) (_which is okay!_), there are other ways you can help support us:
 - [Patreon](https://patreon.com/pihole) _Become a patron for rewards_
-- [Digital Ocean](http://www.digitalocean.com/?refcode=344d234950e1) _affiliate link_
+- [Digital Ocean](https://www.digitalocean.com/?refcode=344d234950e1) _affiliate link_
 - [Stickermule](https://www.stickermule.com/unlock?ref_id=9127301701&utm_medium=link&utm_source=invite) _earn a $10 credit after your first purchase_
-- [Amazon](http://www.amazon.com/exec/obidos/redirect-home/pihole09-20) _affiliate link_
+- [Amazon](https://www.amazon.com/exec/obidos/redirect-home/pihole09-20) _affiliate link_
 - [DNS Made Easy](https://cp.dnsmadeeasy.com/u/133706) _affiliate link_
-- [Vultr](http://www.vultr.com/?ref=7190426) _affiliate link_
 - Spreading the word about our software, and how you have benefited from it
 
 ### Contributing via GitHub
@@ -164,48 +163,22 @@ The API can be accessed via [`telnet`](https://github.com/pi-hole/FTL), the Web
 Pi-hole being an **advertising-aware DNS/Web server**, makes use of the following technologies:
 
 * [`dnsmasq`](http://www.thekelleys.org.uk/dnsmasq/doc.html) - a lightweight DNS and DHCP server
-* [`curl`](https://curl.haxx.se) - A command line tool for transferring data with URL syntax
-* [`lighttpd`](https://www.lighttpd.net) - web server designed and optimized for high performance
-* [`php`](https://secure.php.net) - a popular general-purpose web scripting language
-* [AdminLTE Dashboard](https://github.com/almasaeed2010/AdminLTE) - premium admin control panel based on Bootstrap 3.x
+* [`curl`](https://curl.haxx.se/) - A command line tool for transferring data with URL syntax
+* [`lighttpd`](https://www.lighttpd.net/) - web server designed and optimized for high performance
+* [`php`](https://www.php.net/) - a popular general-purpose web scripting language
+* [AdminLTE Dashboard](https://github.com/ColorlibHQ/AdminLTE) - premium admin control panel based on Bootstrap 3.x
 
 While quite outdated at this point, [this original blog post about Pi-hole](https://jacobsalmela.com/2015/06/16/block-millions-ads-network-wide-with-a-raspberry-pi-hole-2-0/) goes into **great detail** about how Pi-hole was originally set up and how it works. Syntactically, it's no longer accurate, but the same basic principles and logic still apply to Pi-hole's current state.
 
 -----
 
-## Coverage
-- [Lifehacker: Turn A Raspberry Pi Into An Ad Blocker With A Single Command](https://www.lifehacker.com.au/2015/02/turn-a-raspberry-pi-into-an-ad-blocker-with-a-single-command/) (February, 2015)
-- [MakeUseOf: Adblock Everywhere: The Raspberry Pi-Hole Way](http://www.makeuseof.com/tag/adblock-everywhere-raspberry-pi-hole-way/) (March, 2015)
-- [Catchpoint: Ad-Blocking on Apple iOS9: Valuing the End User Experience](http://blog.catchpoint.com/2015/09/14/ad-blocking-apple/) (September, 2015)
-- [Security Now Netcast: Pi-hole](https://www.youtube.com/watch?v=p7-osq_y8i8&t=100m26s) (October, 2015)
-- [TekThing: Raspberry Pi-Hole Makes Ads Disappear!](https://youtu.be/8Co59HU2gY0?t=2m) (December, 2015)
-- [Foolish Tech Show](https://youtu.be/bYyena0I9yc?t=2m4s) (December, 2015)
-- [Block Ads on All Home Devices for $53.18](https://medium.com/@robleathern/block-ads-on-all-home-devices-for-53-18-a5f1ec139693#.gj1xpgr5d) (December, 2015)
-- [Pi-Hole for Ubuntu 14.04](http://www.boyter.org/2015/12/pi-hole-ubuntu-14-04/) (December, 2015)
-- [MacObserver Podcast 585](https://www.macobserver.com/tmo/podcast/macgeekgab-585) (December, 2015)
-- [The Defrag Show: Endoscope USB Camera, The Final [HoloLens] Vote, Adblock Pi and more](https://channel9.msdn.com/Shows/The-Defrag-Show/Defrag-Endoscope-USB-Camera-The-Final-HoloLens-Vote-Adblock-Pi-and-more?WT.mc_id=dlvr_twitter_ch9#time=20m39s) (January, 2016)
-- [Adafruit: Pi-hole is a black hole for internet ads](https://blog.adafruit.com/2016/03/04/pi-hole-is-a-black-hole-for-internet-ads-piday-raspberrypi-raspberry_pi/) (March, 2016)
-- [Digital Trends: 5 Fun, Easy Projects You Can Try With a $35 Raspberry Pi](https://youtu.be/QwrKlyC2kdM?t=1m42s) (March, 2016)
-- [Adafruit: Raspberry Pi Quick Look at Pi Hole ad blocking server with Tony D](https://www.youtube.com/watch?v=eg4u2j1HYlI) (June, 2016)
-- [Devacron: OrangePi Zero as an Ad-Block server with Pi-Hole](http://www.devacron.com/orangepi-zero-as-an-ad-block-server-with-pi-hole/) (December, 2016)
-- [Linux Pro: The Hole Truth](http://www.linuxpromagazine.com/Issues/2017/200/The-sysadmin-s-daily-grind-Pi-hole) (July, 2017)
-- [Adafruit: installing Pi-hole on a Pi Zero W](https://learn.adafruit.com/pi-hole-ad-blocker-with-pi-zero-w/install-pi-hole) (August, 2017)
-- [CryptoAUSTRALIA: How We Tried 5 Privacy Focused Raspberry Pi Projects](https://blog.cryptoaustralia.org.au/2017/10/05/5-privacy-focused-raspberry-pi-projects/) (October, 2017)
-- [CryptoAUSTRALIA: Pi-hole Workshop](https://blog.cryptoaustralia.org.au/2017/11/02/pi-hole-network-wide-ad-blocker/) (November, 2017)
-- [Know How 355: Killing ads with a Raspberry Pi-Hole!](https://www.twit.tv/shows/know-how/episodes/355) (November, 2017)
-- [Hobohouse: Block Advertising on your Network with Pi-hole and Raspberry Pi](https://hobo.house/2018/02/27/block-advertising-with-pi-hole-and-raspberry-pi/) (March, 2018)
-- [Scott Helme: Securing DNS across all of my devices with Pi-Hole + DNS-over-HTTPS + 1.1.1.1](https://scotthelme.co.uk/securing-dns-across-all-of-my-devices-with-pihole-dns-over-https-1-1-1-1/) (April, 2018)
-- [Scott Helme: Catching and dealing with naughty devices on my home network](https://scotthelme.co.uk/catching-naughty-devices-on-my-home-network/) (April, 2018)
-- [Bloomberg Business Week: Brotherhood of the Ad blockers](https://www.bloomberg.com/news/features/2018-05-10/inside-the-brotherhood-of-pi-hole-ad-blockers) (May, 2018)
-- [Software Engineering Daily: Interview with the creator of Pi-hole](https://softwareengineeringdaily.com/2018/05/29/pi-hole-ad-blocker-hardware-with-jacob-salmela/) (May, 2018)
-- [Raspberry Pi: Block ads at home using Pi-hole and a Raspberry Pi](https://www.raspberrypi.org/blog/pi-hole-raspberry-pi/) (July, 2018)
-- [Troy Hunt: Mmm... Pi-hole...](https://www.troyhunt.com/mmm-pi-hole/) (September, 2018)
-- [PEBKAK Podcast: Interview With Jacob Salmela](https://www.jerseystudios.net/2018/10/11/150-pi-hole/) (October, 2018)
+## [Coverage](https://docs.pi-hole.net/main/coverage/)
 
 -----
 
 ## Pi-hole Projects
-- [The Big Blocklist Collection](https://wally3k.github.io)
+
+- [The Big Blocklist Collection](https://firebog.net/)
 - [Pie in the Sky-Hole](https://dlaa.me/blog/post/skyhole)
 - [Copernicus: Windows Tray Application](https://github.com/goldbattle/copernicus)
 - [Magic Mirror with DNS Filtering](https://zonksec.com/blog/magic-mirror-dns-filtering/#dnssoftware)
diff --git a/advanced/Scripts/chronometer.sh b/advanced/Scripts/chronometer.sh
index 7431c212..98f43c3f 100755
--- a/advanced/Scripts/chronometer.sh
+++ b/advanced/Scripts/chronometer.sh
@@ -153,7 +153,7 @@ get_init_stats() {
 
         sys_throttle_raw=$(vgt=$(sudo vcgencmd get_throttled); echo "${vgt##*x}")
 
-        # Active Throttle Notice: http://bit.ly/2gnunOo
+        # Active Throttle Notice: https://bit.ly/2gnunOo
         if [[ "$sys_throttle_raw" != "0" ]]; then
             case "$sys_throttle_raw" in
                 *0001) thr_type="${COL_YELLOW}Under Voltage";;
diff --git a/advanced/Scripts/query.sh b/advanced/Scripts/query.sh
index 7518e6c4..fe9b8ebf 100755
--- a/advanced/Scripts/query.sh
+++ b/advanced/Scripts/query.sh
@@ -29,7 +29,7 @@ scanList(){
     # Prevent grep from printing file path
     cd "$piholeDir" || exit 1
 
-    # Prevent grep -i matching slowly: http://bit.ly/2xFXtUX
+    # Prevent grep -i matching slowly: https://bit.ly/2xFXtUX
     export LC_CTYPE=C
 
     # /dev/null forces filename to be printed when only one list has been generated
diff --git a/advanced/Scripts/setupLCD.sh b/advanced/Scripts/setupLCD.sh
index e8f14f06..82523643 100755
--- a/advanced/Scripts/setupLCD.sh
+++ b/advanced/Scripts/setupLCD.sh
@@ -70,5 +70,5 @@ setupcon
 reboot
 
 # Start showing the stats on the screen by running the command on another tty:
-# http://unix.stackexchange.com/questions/170063/start-a-process-on-a-different-tty
+# https://unix.stackexchange.com/questions/170063/start-a-process-on-a-different-tty
 #setsid sh -c 'exec /usr/local/bin/chronometer.sh <> /dev/tty1 >&0 2>&1'
diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 797c0c76..386ed371 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -581,7 +581,7 @@ welcomeDialogs() {
     whiptail --msgbox --backtitle "Welcome" --title "Pi-hole automated installer" "\\n\\nThis installer will transform your device into a network-wide ad blocker!" "${r}" "${c}"
 
     # Request that users donate if they enjoy the software since we all work on it in our free time
-    whiptail --msgbox --backtitle "Plea" --title "Free and open source" "\\n\\nThe Pi-hole is free, but powered by your donations:  http://pi-hole.net/donate" "${r}" "${c}"
+    whiptail --msgbox --backtitle "Plea" --title "Free and open source" "\\n\\nThe Pi-hole is free, but powered by your donations:  https://pi-hole.net/donate/" "${r}" "${c}"
 
     # Explain the need for a static address
     whiptail --msgbox --backtitle "Initiating network interface" --title "Static IP Needed" "\\n\\nThe Pi-hole is a SERVER so it needs a STATIC IP ADDRESS to function properly.

From d90313fe4d744cb0734716e4c87181a786e095cd Mon Sep 17 00:00:00 2001
From: XhmikosR <xhmikosr@gmail.com>
Date: Fri, 22 May 2020 15:28:32 +0300
Subject: [PATCH 012/297] Fix/tweak blocking page

* fix favicon
* add meta charset
* add html lang
* add a page title
* remove unneeded html end tags
* fix viewport tag to allow zooming
* compress the "blocked by Pi-hole" SVG
* remove trailing spaces
* switch to double colon pseudo elements (works from IE9 and newer)
* add missing vendor prefixes
* other minor tweaks
* add `Access-Control-Allow-Origin` header to all font types

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
---
 advanced/blockingpage.css     | 158 ++++++++++++++++++----------------
 advanced/index.php            |  77 +++++++++++------
 advanced/lighttpd.conf.debian |   2 +-
 advanced/lighttpd.conf.fedora |   4 +-
 4 files changed, 137 insertions(+), 104 deletions(-)

diff --git a/advanced/blockingpage.css b/advanced/blockingpage.css
index 5fd858fb..9f82a27e 100644
--- a/advanced/blockingpage.css
+++ b/advanced/blockingpage.css
@@ -6,45 +6,46 @@
 *  Please see LICENSE file for your rights under this license. */
 
 /* Text Customisation Options ======> */
-.title:before { content: "Website Blocked"; }
-.altBtn:before { content: "Why am I here?"; }
-.linkPH:before { content: "About Pi-hole"; }
-.linkEmail:before { content: "Contact Admin"; }
+.title::before { content: "Website Blocked"; }
+.altBtn::before { content: "Why am I here?"; }
+.linkPH::before { content: "About Pi-hole"; }
+.linkEmail::before { content: "Contact Admin"; }
 
-#bpOutput.add:before { content: "Info"; }
-#bpOutput.add:after { content: "The domain is being whitelisted..."; }
-#bpOutput.error:before, .unhandled:before { content: "Error"; }
-#bpOutput.unhandled:after { content: "An unhandled exception occurred. This may happen when your browser is unable to load jQuery, or when the webserver is denying access to the Pi-hole API."; }
-#bpOutput.success:before { content: "Success"; }
-#bpOutput.success:after { content: "Website has been whitelisted! You may need to flush your DNS cache"; }
+#bpOutput.add::before { content: "Info"; }
+#bpOutput.add::after { content: "The domain is being whitelisted..."; }
+#bpOutput.error::before, .unhandled::before { content: "Error"; }
+#bpOutput.unhandled::after { content: "An unhandled exception occurred. This may happen when your browser is unable to load jQuery, or when the webserver is denying access to the Pi-hole API."; }
+#bpOutput.success::before { content: "Success"; }
+#bpOutput.success::after { content: "Website has been whitelisted! You may need to flush your DNS cache"; }
 
-.recentwl:before { content: "This site has been whitelisted. Please flush your DNS cache and/or restart your browser."; }
-.unknown:before { content: "This website is not found in any of Pi-hole's blacklists. The reason you have arrived here is unknown."; }
-.cname:before { content: "This site is an alias for "; } /* <a href="http://cname.com">cname.com</a> */
-.cname:after { content: ", which may be blocked by Pi-hole."; }
+.recentwl::before { content: "This site has been whitelisted. Please flush your DNS cache and/or restart your browser."; }
+.unknown::before { content: "This website is not found in any of Pi-hole's blacklists. The reason you have arrived here is unknown."; }
+.cname::before { content: "This site is an alias for "; } /* <a href="http://cname.com">cname.com</a> */
+.cname::after { content: ", which may be blocked by Pi-hole."; }
 
-.blacklist:before { content: "Manually Blacklisted"; }
-.wildcard:before { content: "Manually Blacklisted by Wildcard"; }
-.noblock:before { content: "Not found on any Blacklist"; }
+.blacklist::before { content: "Manually Blacklisted"; }
+.wildcard::before { content: "Manually Blacklisted by Wildcard"; }
+.noblock::before { content: "Not found on any Blacklist"; }
 
-#bpBlock:before { content: "Access to the following website has been denied:"; }
-#bpFlag:before { content: "This is primarily due to being flagged as:"; }
+#bpBlock::before { content: "Access to the following website has been denied:"; }
+#bpFlag::before { content: "This is primarily due to being flagged as:"; }
 
-#bpHelpTxt:before { content: "If you have an ongoing use for this website, please "; }
-#bpHelpTxt a:before, #bpHelpTxt span:before { content: "ask the administrator"; }
-#bpHelpTxt:after{ content: " of the Pi-hole on this network to have it whitelisted"; }
+#bpHelpTxt::before { content: "If you have an ongoing use for this website, please "; }
+#bpHelpTxt a::before, #bpHelpTxt span::before { content: "ask the administrator"; }
+#bpHelpTxt::after{ content: " of the Pi-hole on this network to have it whitelisted"; }
 
-#bpBack:before { content: "Back to safety"; }
-#bpInfo:before { content: "Technical Info"; }
-#bpFoundIn:before { content: "This site is found in "; }
-#bpFoundIn span:after { content: " of "; }
-#bpFoundIn:after { content: " lists:"; }
-#bpWhitelist:before { content: "Whitelist"; }
+#bpBack::before { content: "Back to safety"; }
+#bpInfo::before { content: "Technical Info"; }
+#bpFoundIn::before { content: "This site is found in "; }
+#bpFoundIn span::after { content: " of "; }
+#bpFoundIn::after { content: " lists:"; }
+#bpWhitelist::before { content: "Whitelist"; }
 
-footer span:before { content: "Page generated on "; }
+footer span::before { content: "Page generated on "; }
 
 /* Hide whitelisting form entirely */
 /* #bpWLButtons { display: none; } */
+
 /* Text Customisation Options <=============================== */
 
 /* http://necolas.github.io/normalize.css ======> */
@@ -98,7 +99,7 @@ html { font-size: 62.5%; }
 
 a { color: #3c8dbc; text-decoration: none; }
 a:hover { color: #72afda; text-decoration: underline; }
-b { color: rgb(68,68,68); }
+b { color: rgb(68, 68, 68); }
 p { margin: 0; }
 
 label, .buttons a {
@@ -111,7 +112,7 @@ label, .buttons a {
 label, .buttons *:not([disabled]) { cursor: pointer; }
 
 /* Touch device dark tap highlight */
-header h1 a, label, .buttons * { -webkit-tap-highlight-color: transparent; } 
+header h1 a, label, .buttons * { -webkit-tap-highlight-color: transparent; }
 
 /* Webkit Focus Glow */
 textarea, input, button { outline: none; }
@@ -120,14 +121,20 @@ textarea, input, button { outline: none; }
   font-family: "Source Sans Pro";
   font-style: normal;
   font-weight: 400;
-  src: local("Source Sans Pro"), local("SourceSansPro-Regular"), url("/admin/style/vendor/SourceSansPro/SourceSansPro-Regular.ttf") format("truetype");
+  font-display: swap;
+  src: local("Source Sans Pro Regular"), local("SourceSansPro-Regular"),
+       url("/admin/style/vendor/SourceSansPro/source-sans-pro-v13-latin-regular.woff2") format("woff2"),
+       url("/admin/style/vendor/SourceSansPro/source-sans-pro-v13-latin-regular.woff") format("woff");
 }
 
 @font-face {
   font-family: "Source Sans Pro";
   font-style: normal;
   font-weight: 700;
-  src: local("Source Sans Pro Bold"), local("SourceSansPro-Bold"), url("/admin/style/vendor/SourceSansPro/SourceSansPro-Bold.ttf") format("truetype");
+  font-display: swap;
+  src: local("Source Sans Pro Bold"), local("SourceSansPro-Bold"),
+       url("/admin/style/vendor/SourceSansPro/source-sans-pro-v13-latin-700.woff2") format("woff2"),
+       url("/admin/style/vendor/SourceSansPro/source-sans-pro-v13-latin-700.woff") format("woff");
 }
 
 body {
@@ -138,14 +145,14 @@ body {
 }
 
 /* User is greeted with a splash page when browsing to Pi-hole IP address */
-#splashpage { background: #222; color: rgba(255,255,255,0.7); text-align: center; }
+#splashpage { background: #222; color: rgba(255, 255, 255, 0.7); text-align: center; }
 #splashpage img { margin: 5px; width: 256px; }
 #splashpage b { color: inherit; }
 
 #bpWrapper {
   margin: 0 auto;
   max-width: 1250px;
-  box-shadow: 0 0 8px rgba(0,0,0,0.5);
+  box-shadow: 0 0 8px rgba(0, 0, 0, 0.5);
 }
 
 header {
@@ -164,15 +171,15 @@ header h1, header h1 a, header .spc, header #bpAlt label {
 }
 
 h1 a {
-  background-color: rgba(0,0,0,0.1);
-  font-family: "Helvetica Neue", Helvetica, Arial ,sans-serif;
+  background-color: rgba(0, 0, 0, 0.1);
+  font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;
   font-size: 2rem;
-  font-weight: normal;
+  font-weight: 400;
   min-width: 230px;
-  text-align: center;  
+  text-align: center;
 }
 
-h1 a:hover, header #bpAlt:hover { background-color: rgba(0,0,0,0.12); color: inherit; text-decoration: none; }
+h1 a:hover, header #bpAlt:hover { background-color: rgba(0, 0, 0, 0.12); color: inherit; text-decoration: none; }
 
 header .spc { width: 100%; }
 
@@ -180,13 +187,14 @@ header #bpAlt label {
   background: url("/admin/img/logo.svg") no-repeat center left 15px;
   background-size: 15px 23px;
   padding: 0 15px;
-  text-indent: 30px; 
+  text-indent: 30px;
 }
 
-[type=checkbox][id$="Toggle"] { display: none; }
-[type=checkbox][id$="Toggle"]:checked ~ #bpAbout,
-[type=checkbox][id$="Toggle"]:checked ~ #bpMoreInfo {
-  display: block; }
+[type="checkbox"][id$="Toggle"] { display: none; }
+[type="checkbox"][id$="Toggle"]:checked ~ #bpAbout,
+[type="checkbox"][id$="Toggle"]:checked ~ #bpMoreInfo {
+  display: block;
+}
 
 /* Click anywhere else on screen to hide #bpAbout */
 #bpAboutToggle:checked {
@@ -197,28 +205,28 @@ header #bpAlt label {
   top: 0;
   opacity: 0;
   position: absolute;
-  width: 100%;  
+  width: 100%;
 }
 
 #bpAbout {
   background: #3c8dbc;
   border-bottom-left-radius: 5px;
-  border: 1px solid #FFF;
+  border: 1px solid #fff;
   border-right-width: 0;
-  box-shadow: -1px 1px 1px rgba(0,0,0,0.12);
+  box-shadow: -1px 1px 1px rgba(0, 0, 0, 0.12);
   box-sizing: border-box;
   display: none;
   font-size: 1.7rem;
   top: 50px;
   position: absolute;
   right: 0;
-  width: 280px;  
+  width: 280px;
   z-index: 1;
 }
 
 .aboutPH {
   box-sizing: border-box;
-  color: rgba(255,255,255,0.8);
+  color: rgba(255, 255, 255, 0.8);
   display: block;
   padding: 10px;
   width: 100%;
@@ -237,7 +245,7 @@ header #bpAlt label {
 .aboutPH p { margin: 10px 0; }
 .aboutPH small { display: block; font-size: 1.2rem; }
 
-.aboutLink { 
+.aboutLink {
   background: #fff;
   border-top: 1px solid #ddd;
   display: table;
@@ -261,16 +269,16 @@ main {
 #bpOutput {
   background: #00c0ef;
   border-radius: 3px;
-  border: 1px solid rgba(0,0,0,0.1);  
+  border: 1px solid rgba(0, 0, 0, 0.1);
   color: #fff;
   font-size: 1.4rem;
   margin-bottom: 10px;
   margin-top: 5px;
-  padding: 15px;  
+  padding: 15px;
 }
 
-#bpOutput:before {
-  background: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' width='7' height='14' viewBox='0 0 7 14'%3E%3Cpath fill='%23fff' d='M6,11a1.371,1.371,0,0,1,1,1v1a1.371,1.371,0,0,1-1,1H1a1.371,1.371,0,0,1-1-1V12a1.371,1.371,0,0,1,1-1H2V8H1A1.371,1.371,0,0,1,0,7V6A1.371,1.371,0,0,1,1,5H4A1.371,1.371,0,0,1,5,6v5H6ZM3.5,0A1.5,1.5,0,1,1,2,1.5,1.5,1.5,0,0,1,3.5,0Z'/%3E%3C/svg%3E") no-repeat center left;
+#bpOutput::before {
+  background: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' width='7' height='14' viewBox='0 0 7 14'%3E%3Cpath fill='%23fff' d='M6 11a1.371 1.371 0 011 1v1a1.371 1.371 0 01-1 1H1a1.371 1.371 0 01-1-1v-1a1.371 1.371 0 011-1h1V8H1a1.371 1.371 0 01-1-1V6a1.371 1.371 0 011-1h3a1.371 1.371 0 011 1v5h1zM3.5 0A1.5 1.5 0 112 1.5 1.5 1.5 0 013.5 0z'/%3E%3C/svg%3E") no-repeat center left;
   display: block;
   font-size: 1.8rem;
   text-indent: 15px;
@@ -281,8 +289,8 @@ main {
 #bpOutput.error { background: #dd4b39; }
 
 .blockMsg, .flagMsg {
-  font: bold 1.8rem Consolas, Courier, monospace;
-  padding: 5px 10px 10px 10px;
+  font: 700 1.8rem Consolas, Courier, monospace;
+  padding: 5px 10px 10px;
   text-indent: 15px;
 }
 
@@ -298,7 +306,7 @@ main {
   -moz-appearance: none;
   -webkit-appearance: none;
   border-radius: 3px;
-  border: 1px solid rgba(0,0,0,0.1);
+  border: 1px solid rgba(0, 0, 0, 0.1);
   box-sizing: content-box;
   display: table-cell;
   font-size: 1.65rem;
@@ -309,46 +317,48 @@ main {
   text-align: center;
   vertical-align: top;
   white-space: nowrap;
-  width: auto;  
+  width: auto;
 }
 
 .buttons a:hover { text-decoration: none; }
 
 /* Button hover dark overlay */
 .buttons *:not(input):not([disabled]):hover {
-  background-image: linear-gradient(to bottom, rgba(0,0,0,0.1), rgba(0,0,0,0.1));
-  color: #FFF;
+  background-image: linear-gradient(to bottom, rgba(0, 0, 0, 0.1), rgba(0, 0, 0, 0.1));
+  color: #fff;
 }
 
 /* Button active shadow inset */
 .buttons *:not([disabled]):not(input):active {
-  box-shadow: inset 0 3px 5px rgba(0,0,0,0.125);
+  box-shadow: inset 0 3px 5px rgba(0, 0, 0, 0.125);
 }
 
 /* Input border color */
 .buttons *:not([disabled]):hover, .buttons input:focus {
-  border-color: rgba(0,0,0,0.25);
+  border-color: rgba(0, 0, 0, 0.25);
 }
 
-#bpButtons * { width: 50%; color: #FFF; }
-#bpBack           { background-color: #00a65a; }
-#bpInfo           { background-color: #3c8dbc;  }
+#bpButtons *  { width: 50%; color: #fff; }
+#bpBack       { background-color: #00a65a; }
+#bpInfo       { background-color: #3c8dbc; }
 #bpWhitelist  { background-color: #dd4b39; }
 
-#blockpage .buttons [type=password][disabled] { color: rgba(0,0,0,1); }
-#blockpage .buttons [disabled] { color: rgba(0,0,0,0.55); background-color: #e3e3e3; }
-#blockpage .buttons [type=password]:-ms-input-placeholder { color: rgba(51,51,51,0.8); }
+#blockpage .buttons [type="password"][disabled] { color: rgba(0, 0, 0, 1); }
+#blockpage .buttons [disabled] { color: rgba(0, 0, 0, 0.55); background-color: #e3e3e3; }
+#blockpage .buttons [type="password"]:-ms-input-placeholder { color: rgba(51, 51, 51, 0.8); }
 
-input[type=password] { font-size: 1.5rem; }
+input[type="password"] { font-size: 1.5rem; }
+
+@-webkit-keyframes slidein { from { max-height: 0; opacity: 0; } to { max-height: 300px; opacity: 1; } }
 
 @keyframes slidein { from { max-height: 0; opacity: 0; } to { max-height: 300px; opacity: 1; } }
-#bpMoreToggle:checked ~ #bpMoreInfo { display: block; margin-top: 8px; animation: slidein 0.05s linear; }
+#bpMoreToggle:checked ~ #bpMoreInfo { display: block; margin-top: 8px; -webkit-animation: slidein 0.05s linear; animation: slidein 0.05s linear; }
 #bpMoreInfo { display: none; margin-top: 10px; }
 
 #bpQueryOutput {
   font-size: 1.2rem;
   line-height: 1.65rem;
-  margin: 5px 0 0 0;
+  margin: 5px 0 0;
   overflow: auto;
   padding: 0 5px;
   -webkit-overflow-scrolling: touch;
@@ -367,13 +377,13 @@ footer {
   border-top: 1px solid #d2d6de;
   color: #444;
   font: 1.2rem Consolas, Courier, monospace;
-  padding: 8px;  
+  padding: 8px;
 }
 
 /* Responsive Content */
 @media only screen and (max-width: 500px) {
   h1 a { font-size: 1.8rem; min-width: 170px; }
-  footer span:before { content: "Generated "; }
+  footer span::before { content: "Generated "; }
   footer span { display: block; }
 }
 
diff --git a/advanced/index.php b/advanced/index.php
index 4f2a17f7..4356f0b0 100644
--- a/advanced/index.php
+++ b/advanced/index.php
@@ -41,7 +41,7 @@ $validExtTypes = array("asp", "htm", "html", "php", "rss", "xml", "");
 $currentUrlExt = pathinfo($_SERVER["REQUEST_URI"], PATHINFO_EXTENSION);
 
 // Set mobile friendly viewport
-$viewPort = '<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"/>';
+$viewPort = '<meta name="viewport" content="width=device-width, initial-scale=1">';
 
 // Set response header
 function setHeader($type = "x") {
@@ -57,16 +57,21 @@ if ($serverName === "pi.hole"
 } elseif (filter_var($serverName, FILTER_VALIDATE_IP) || in_array($serverName, $authorizedHosts)) {
     // Set Splash Page output
     $splashPage = "
-    <html>
-      <head>
-        $viewPort
-        <link rel='stylesheet' href='pihole/blockingpage.css' type='text/css'/>
-      </head>
-      <body id='splashpage'>
-        <img src='admin/img/logo.svg'/><br/>
-        Pi-<b>hole</b>: Your black hole for Internet advertisements<br/>
-        <a href='/admin'>Did you mean to go to the admin panel?</a>
-      </body>
+    <!doctype html>
+    <html lang='en'>
+        <head>
+            <meta charset='utf-8'>
+            $viewPort
+            <title>● $serverName</title>
+            <link rel='stylesheet' href='pihole/blockingpage.css'>
+            <link rel='shortcut icon' href='admin/img/favicons/favicon.ico' type='image/x-icon'>
+        </head>
+        <body id='splashpage'>
+            <img src='admin/img/logo.svg' alt='Pi-hole logo' width='256' height='377'>
+            <br>
+            <p>Pi-<strong>hole</strong>: Your black hole for Internet advertisements</p>
+            <a href='/admin'>Did you mean to go to the admin panel?</a>
+        </body>
     </html>
     ";
 
@@ -79,22 +84,39 @@ if ($serverName === "pi.hole"
     // Render splash/landing page when directly browsing via IP or authorized hostname
     exit($renderPage);
 } elseif ($currentUrlExt === "js") {
-    // Serve Pi-hole Javascript for blocked domains requesting JS
+    // Serve Pi-hole JavaScript for blocked domains requesting JS
     exit(setHeader("js").'var x = "Pi-hole: A black hole for Internet advertisements."');
 } elseif (strpos($_SERVER["REQUEST_URI"], "?") !== FALSE && isset($_SERVER["HTTP_REFERER"])) {
     // Serve blank image upon receiving REQUEST_URI w/ query string & HTTP_REFERRER
     // e.g: An iframe of a blocked domain
-    exit(setHeader().'<html>
-        <head><script>window.close();</script></head>
-        <body><img src="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs="></body>
+    exit(setHeader().'<!doctype html>
+    <html lang="en">
+        <head>
+            <meta charset="utf-8"><script>window.close();</script>
+        </head>
+        <body>
+            <img src="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=">
+        </body>
     </html>');
 } elseif (!in_array($currentUrlExt, $validExtTypes) || substr_count($_SERVER["REQUEST_URI"], "?")) {
     // Serve SVG upon receiving non $validExtTypes URL extension or query string
     // e.g: Not an iframe of a blocked domain, such as when browsing to a file/query directly
     // QoL addition: Allow the SVG to be clicked on in order to quickly show the full Block Page
-    $blockImg = '<a href="/"><svg xmlns="http://www.w3.org/2000/svg" width="110" height="16"><defs><style>a {text-decoration: none;} circle {stroke: rgba(152,2,2,0.5); fill: none; stroke-width: 2;} rect {fill: rgba(152,2,2,0.5);} text {opacity: 0.3; font: 11px Arial;}</style></defs><circle cx="8" cy="8" r="7"/><rect x="10.3" y="-6" width="2" height="12" transform="rotate(45)"/><text x="19.3" y="12">Blocked by Pi-hole</text></svg></a>';
-    exit(setHeader()."<html>
-        <head>$viewPort</head>
+    $blockImg = '<a href="/">
+    <svg xmlns="http://www.w3.org/2000/svg" width="110" height="16">
+      <circle cx="8" cy="8" r="7" fill="none" stroke="rgba(152,2,2,.5)" stroke-width="2"/>
+      <path fill="rgba(152,2,2,.5)" d="M11.526 3.04l1.414 1.415-8.485 8.485-1.414-1.414z"/>
+      <text x="19.3" y="12" opacity=".3" style="font:11px Arial">
+        Blocked by Pi-hole
+      </text>
+    </svg>
+    </a>';
+    exit(setHeader()."<!doctype html>
+    <html lang='en'>
+        <head>
+            <meta charset='utf-8'>
+            $viewPort
+        </head>
         <body>$blockImg</body>
     </html>");
 }
@@ -227,7 +249,7 @@ if (explode("-", $phVersion)[1] != "0")
 
 setHeader();
 ?>
-<!DOCTYPE html>
+<!doctype html>
 <!-- Pi-hole: A black hole for Internet advertisements
 *  (c) 2017 Pi-hole, LLC (https://pi-hole.net)
 *  Network-wide ad blocking via your own hardware.
@@ -235,12 +257,12 @@ setHeader();
 *  This file is copyright under the latest version of the EUPL. -->
 <html>
 <head>
-  <meta charset="UTF-8">
+  <meta charset="utf-8">
   <?=$viewPort ?>
-  <meta name="robots" content="noindex,nofollow"/>
+  <meta name="robots" content="noindex,nofollow">
   <meta http-equiv="x-dns-prefetch-control" content="off">
-  <link rel="shortcut icon" href="admin/img/favicon.png" type="image/x-icon"/>
-  <link rel="stylesheet" href="pihole/blockingpage.css" type="text/css"/>
+  <link rel="stylesheet" href="pihole/blockingpage.css">
+  <link rel="shortcut icon" href="admin/img/favicons/favicon.ico" type="image/x-icon">
   <title>● <?=$serverName ?></title>
   <script src="admin/scripts/vendor/jquery.min.js"></script>
   <script>
@@ -274,10 +296,10 @@ setHeader();
   </h1>
   <div class="spc"></div>
 
-  <input id="bpAboutToggle" type="checkbox"/>
+  <input id="bpAboutToggle" type="checkbox">
   <div id="bpAbout">
     <div class="aboutPH">
-      <div class="aboutImg"/></div>
+      <div class="aboutImg"></div>
       <p>Open Source Ad Blocker
         <small>Designed for Raspberry Pi</small>
       </p>
@@ -314,8 +336,9 @@ setHeader();
     <pre id='bpQueryOutput'><?php if ($featuredTotal > 0) foreach ($queryResults as $num => $value) { echo "<span>[$num]:</span>$adlistsUrls[$num]\n"; } ?></pre>
 
     <form id="bpWLButtons" class="buttons">
-      <input id="bpWLDomain" type="text" value="<?=$serverName ?>" disabled/>
-      <input id="bpWLPassword" type="password" placeholder="Javascript disabled" disabled/><button id="bpWhitelist" type="button" disabled></button>
+      <input id="bpWLDomain" type="text" value="<?=$serverName ?>" disabled>
+      <input id="bpWLPassword" type="password" placeholder="JavaScript disabled" disabled>
+      <button id="bpWhitelist" type="button" disabled></button>
     </form>
   </div>
 </main>
diff --git a/advanced/lighttpd.conf.debian b/advanced/lighttpd.conf.debian
index dab5c03e..c4e15f4b 100644
--- a/advanced/lighttpd.conf.debian
+++ b/advanced/lighttpd.conf.debian
@@ -69,7 +69,7 @@ $HTTP["url"] =~ "^/admin/" {
         "X-Frame-Options" => "DENY"
     )
 
-    $HTTP["url"] =~ ".ttf$" {
+    $HTTP["url"] =~ "\.(eot|otf|tt[cf]|woff2?)$" {
         # Allow Block Page access to local fonts
         setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
     }
diff --git a/advanced/lighttpd.conf.fedora b/advanced/lighttpd.conf.fedora
index ea340e3f..05fb6435 100644
--- a/advanced/lighttpd.conf.fedora
+++ b/advanced/lighttpd.conf.fedora
@@ -2,7 +2,7 @@
 # (c) 2017 Pi-hole, LLC (https://pi-hole.net)
 # Network-wide ad blocking via your own hardware.
 #
-# lighttpd config for Pi-hole
+# Lighttpd config for Pi-hole
 #
 # This file is copyright under the latest version of the EUPL.
 # Please see LICENSE file for your rights under this license.
@@ -78,7 +78,7 @@ $HTTP["url"] =~ "^/admin/" {
         "X-Frame-Options" => "DENY"
     )
 
-    $HTTP["url"] =~ ".ttf$" {
+    $HTTP["url"] =~ "\.(eot|otf|tt[cf]|woff2?)$" {
         # Allow Block Page access to local fonts
         setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
     }

From 7934a9bcb4936aaa5218dbe967ad57b70b19f5bc Mon Sep 17 00:00:00 2001
From: jesterchen <github@jesterweb.de>
Date: Mon, 1 Jun 2020 12:00:29 +0200
Subject: [PATCH 013/297] Ensure that adlistFile is created before chmodding

If an user installs Pi-hole without selecting any adlists, the installer emits a warning and exits. By touching the file this is prevented.
---
 automated install/basic-install.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 386ed371..f83eca78 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -1228,6 +1228,7 @@ chooseBlocklists() {
     do
         appendToListsFile "${choice}"
     done
+    touch "${adlistFile}"
     chmod 644 "${adlistFile}"
 }
 

From 7248d1a50467832302793e6c6f8952dac2d647de Mon Sep 17 00:00:00 2001
From: jesterchen <github@jesterweb.de>
Date: Mon, 1 Jun 2020 12:00:29 +0200
Subject: [PATCH 014/297] Ensure that adlistFile is created before chmodding

If an user installs Pi-hole without selecting any adlists, the installer emits a warning and exits. By touching the file this is prevented.

Signed-off-by: jesterchen <github@jesterweb.de>
---
 automated install/basic-install.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 386ed371..f83eca78 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -1228,6 +1228,7 @@ chooseBlocklists() {
     do
         appendToListsFile "${choice}"
     done
+    touch "${adlistFile}"
     chmod 644 "${adlistFile}"
 }
 

From 202ba055eaeee0dcc6de11d1abda6297878204e8 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Tue, 2 Jun 2020 10:49:35 +0200
Subject: [PATCH 015/297] Change UNIQUEness constraint from (domain) to
 (domain, type) in the domainlist table. This will allow duplicates which can
 be associated to different groups.

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Templates/gravity.db.sql | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/advanced/Templates/gravity.db.sql b/advanced/Templates/gravity.db.sql
index 27b8797f..fcf3489b 100644
--- a/advanced/Templates/gravity.db.sql
+++ b/advanced/Templates/gravity.db.sql
@@ -16,11 +16,12 @@ CREATE TABLE domainlist
 (
 	id INTEGER PRIMARY KEY AUTOINCREMENT,
 	type INTEGER NOT NULL DEFAULT 0,
-	domain TEXT UNIQUE NOT NULL,
+	domain TEXT NOT NULL,
 	enabled BOOLEAN NOT NULL DEFAULT 1,
 	date_added INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
 	date_modified INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
-	comment TEXT
+	comment TEXT,
+	UNIQUE(domain, type)
 );
 
 CREATE TABLE adlist

From 8fef35be0fe5dec6aa12e5a7d799b8ea117f3b5f Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Wed, 3 Jun 2020 16:11:09 +0100
Subject: [PATCH 016/297] Update README.md

remove dead link to gitter
---
 README.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/README.md b/README.md
index d305162f..3613321f 100644
--- a/README.md
+++ b/README.md
@@ -95,7 +95,6 @@ While we are primarily reachable on our <a href="https://discourse.pi-hole.net/"
   <li><a href="https://discourse.pi-hole.net/c/feature-requests?order=votes">Feature Requests</a></li>
   <li><a href="https://discourse.pi-hole.net/">Discourse User Forum</a></li>
   <li><a href="https://www.reddit.com/r/pihole/">Reddit</a></li>
-  <li><a href="https://gitter.im/pi-hole/pi-hole">Gitter</a> (Real-time chat)</li>
   <li><a href="https://twitter.com/The_Pi_Hole">Twitter</a></li>
   <li><a href="https://www.youtube.com/channel/UCT5kq9w0wSjogzJb81C9U0w">YouTube</a></li>
   <li><a href="https://www.facebook.com/ThePiHole/">Facebook</a></li>

From 58724a38a9524899f5a639ade2c43be1855857f7 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Wed, 3 Jun 2020 17:57:22 +0100
Subject: [PATCH 017/297] Improve detection and display of
 supported/unsupported OS in debug script

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 advanced/Scripts/piholeDebug.sh | 88 ++++++++++++++++-----------------
 supportedos.txt                 |  5 ++
 2 files changed, 49 insertions(+), 44 deletions(-)
 create mode 100644 supportedos.txt

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index abf56153..8c6b0773 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -393,53 +393,53 @@ check_critical_program_versions() {
     get_program_version "php"
 }
 
-is_os_supported() {
-    local os_to_check="${1}"
-    # Strip just the base name of the system using sed
-    # shellcheck disable=SC2001
-    the_os=$(echo "${os_to_check}" | sed 's/ .*//')
-    # If the variable is one of our supported OSes,
-    case "${the_os}" in
-        # Print it in green
-        "Raspbian") log_write "${TICK} ${COL_GREEN}${os_to_check}${COL_NC}";;
-        "Ubuntu") log_write "${TICK} ${COL_GREEN}${os_to_check}${COL_NC}";;
-        "Fedora") log_write "${TICK} ${COL_GREEN}${os_to_check}${COL_NC}";;
-        "Debian") log_write "${TICK} ${COL_GREEN}${os_to_check}${COL_NC}";;
-        "CentOS") log_write "${TICK} ${COL_GREEN}${os_to_check}${COL_NC}";;
-        # If not, show it in red and link to our software requirements page
-        *) log_write "${CROSS} ${COL_RED}${os_to_check}${COL_NC} (${FAQ_HARDWARE_REQUIREMENTS})";
-    esac
-}
+os_check() {
+    # This function gets a list of supported OS versions from a TXT record at versions.pi-hole.net
+    # and determines whether or not the script is running on one of those systems
+    local remote_os_domain valid_os valid_version detected_os_pretty detected_os detected_version
+    remote_os_domain="versions.pi-hole.net"
+    valid_os=false
+    valid_version=false
 
-get_distro_attributes() {
-    # Put the current Internal Field Separator into another variable so it can be restored later
-    OLD_IFS="$IFS"
-    # Store the distro info in an array and make it global since the OS won't change,
-    # but we'll keep it within the function for better unit testing
-    local distro_info
-    #shellcheck disable=SC2016
-    IFS=$'\r\n' command eval 'distro_info=( $(cat /etc/*release) )'
+    detected_os_pretty=$(cat /etc/*release | grep PRETTY_NAME | cut -d '=' -f2- | tr -d '"')
+    detected_os="${detected_os_pretty%% *}"
+    detected_version=$(cat /etc/*release | grep VERSION_ID | cut -d '=' -f2- | tr -d '"')
 
-    # Set a named variable for better readability
-    local distro_attribute
-    # For each line found in an /etc/*release file,
-    for distro_attribute in "${distro_info[@]}"; do
-        # store the key in a variable
-        local pretty_name_key
-        pretty_name_key=$(echo "${distro_attribute}" | grep "PRETTY_NAME" | cut -d '=' -f1)
-        # we need just the OS PRETTY_NAME,
-        if [[ "${pretty_name_key}" == "PRETTY_NAME" ]]; then
-            # so save in in a variable when we find it
-            PRETTY_NAME_VALUE=$(echo "${distro_attribute}" | grep "PRETTY_NAME" | cut -d '=' -f2- | tr -d '"')
-            # then pass it as an argument that checks if the OS is supported
-            is_os_supported "${PRETTY_NAME_VALUE}"
-        else
-            # Since we only need the pretty name, we can just skip over anything that is not a match
-            :
+    mapfile -t supportedOS < <(dig +short -t txt ${remote_os_domain} | tr -d '"' | tr ' ' '\n')
+
+    for i in "${supportedOS[@]}"
+    do
+        os_part=$(echo "$i" | cut -d '=' -f1)
+        versions_part=$(echo "$i" | cut -d '=' -f2-)
+
+        if [[ "${detected_os}" =~ ${os_part} ]]; then
+          valid_os=true
+          mapfile -t supportedVer < <(echo "${versions_part}" | tr ',' '\n')
+          for x in "${supportedVer[@]}"
+          do
+            if [[ "${detected_version}" =~ $x ]];then
+              valid_version=true
+              break
+            fi
+          done
+          break
         fi
     done
-    # Set the IFS back to what it was
-    IFS="$OLD_IFS"
+
+    # Display findings back to the user
+    if [ "$valid_os" = true ]; then
+        log_write "${TICK} Distro:  ${COL_GREEN}${detected_os}${COL_NC}"
+
+        if [ "$valid_version" = true ]; then
+            log_write "${TICK} Version: ${COL_GREEN}${detected_version}${COL_NC}"
+        else
+            log_write "${CROSS} Version: ${COL_RED}${detected_version}${COL_NC}"
+            log_write "${CROSS} Error: ${COL_RED}${detected_os} is supported but version ${detected_version} is currently unsupported (${FAQ_HARDWARE_REQUIREMENTS})${COL_NC}"
+        fi
+    else
+        log_write "${CROSS} Distro:  ${COL_RED}${detected_os}${COL_NC}"
+        log_write "${CROSS} Error: ${COL_RED}${detected_os} is not a supported distro (${FAQ_HARDWARE_REQUIREMENTS})${COL_NC}"
+    fi
 }
 
 diagnose_operating_system() {
@@ -451,7 +451,7 @@ diagnose_operating_system() {
     # If there is a /etc/*release file, it's probably a supported operating system, so we can
     if ls /etc/*release 1> /dev/null 2>&1; then
         # display the attributes to the user from the function made earlier
-        get_distro_attributes
+        os_check
     else
         # If it doesn't exist, it's not a system we currently support and link to FAQ
         log_write "${CROSS} ${COL_RED}${error_msg}${COL_NC} (${FAQ_HARDWARE_REQUIREMENTS})"
diff --git a/supportedos.txt b/supportedos.txt
new file mode 100644
index 00000000..ce4986bc
--- /dev/null
+++ b/supportedos.txt
@@ -0,0 +1,5 @@
+Raspbian=9,10
+Ubuntu=16,18
+Debian=9,10
+Fedora=31,32
+CentOS=7,8
\ No newline at end of file

From 6160eb689462b435b6d6bfd9320b47b7c92cfc49 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Thu, 4 Jun 2020 09:22:40 +0200
Subject: [PATCH 018/297] This regex is too complex for bash's own replacement.
 Add ignore for the shellcheck rule.

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/webpage.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index f53b58cc..98e4620c 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -236,6 +236,7 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423
         else
             # Something else, convert to /24 subnet (preserves legacy behavior)
             # This sed converts "192.168.1.2" to "192.168.1.0/24"
+            # shellcheck disable=2001
             REV_SERVER_CIDR="$(sed "s+\\.[0-9]*$+\\.0/24+" <<< "${REV_SERVER_TARGET}")"
         fi
         add_setting "REV_SERVER_CIDR" "${REV_SERVER_CIDR}"

From 2b1bc6a46e3de1235083f42cc0ed0f7d0d8aa7a4 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Thu, 4 Jun 2020 09:32:15 +0200
Subject: [PATCH 019/297] Replace possible "\#" by "#". This fixes
 AdminLTE#1427

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/webpage.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index 6a8fa64d..0fabdeb4 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -226,7 +226,8 @@ SetDNSServers() {
     IFS=',' read -r -a array <<< "${args[2]}"
     for index in "${!array[@]}"
     do
-        add_setting "PIHOLE_DNS_$((index+1))" "${array[index]}"
+        # Replace possible "\#" by "#". This fixes AdminLTE#1427
+        add_setting "PIHOLE_DNS_$((index+1))" "${array[index]//\\#/#}"
     done
 
     if [[ "${args[3]}" == "domain-needed" ]]; then

From 52cb389d945a2fe86aa359e48a7c56b53f13c84f Mon Sep 17 00:00:00 2001
From: XhmikosR <xhmikosr@gmail.com>
Date: Thu, 21 May 2020 17:44:41 +0300
Subject: [PATCH 020/297] Markdown tweaks

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
---
 CONTRIBUTING.md |   2 +-
 README.md       | 121 ++++++++++++++++++++++++++++--------------------
 2 files changed, 73 insertions(+), 50 deletions(-)

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index e32b500e..6992cce5 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -32,7 +32,7 @@ When requesting or submitting new features, first consider whether it might be u
 
 - Submit Pull Requests to the **development branch only**.
 - Before Submitting your Pull Request, merge `development` with your new branch and fix any conflicts. (Make sure you don't break anything in development!)
-- Please use the [Google Style Guide for Shell](https://google.github.io/styleguide/shell.xml) for your code submission styles. 
+- Please use the [Google Style Guide for Shell](https://google.github.io/styleguide/shell.xml) for your code submission styles.
 - Commit Unix line endings.
 - Please use the Pi-hole brand: **Pi-hole** (Take a special look at the capitalized 'P' and a low 'h' with a hyphen)
 - (Optional fun) keep to the theme of Star Trek/black holes/gravity.
diff --git a/README.md b/README.md
index 3613321f..92bb76ea 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,9 @@
 <p align="center">
-<a href="https://pi-hole.net"><img src="https://pi-hole.github.io/graphics/Vortex/Vortex_with_text.png" width="150" height="255" alt="Pi-hole"></a><br/>
-<b>Network-wide ad blocking via your own Linux hardware</b><br/>
+    <a href="https://pi-hole.net/">
+        <img src="https://pi-hole.github.io/graphics/Vortex/Vortex_with_Wordmark.svg" width="150" height="260" alt="Pi-hole">
+    </a>
+    <br>
+    <strong>Network-wide ad blocking via your own Linux hardware</strong>
 </p>
 
 The Pi-hole[®](https://pi-hole.net/trademark-rules-and-brand-guidelines/) is a [DNS sinkhole](https://en.wikipedia.org/wiki/DNS_Sinkhole) that protects your devices from unwanted content, without installing any client-side software.
@@ -17,27 +20,34 @@ The Pi-hole[®](https://pi-hole.net/trademark-rules-and-brand-guidelines/) is a
 - **Free**: open source software which helps ensure _you_ are the sole person in control of your privacy
 
 -----
+
 [![Codacy Badge](https://api.codacy.com/project/badge/Grade/c558a0f8d7124c99b02b84f0f5564238)](https://www.codacy.com/app/Pi-hole/pi-hole?utm_source=github.com&amp;utm_medium=referral&amp;utm_content=pi-hole/pi-hole&amp;utm_campaign=Badge_Grade)
 [![Build Status](https://travis-ci.org/pi-hole/pi-hole.svg?branch=development)](https://travis-ci.org/pi-hole/pi-hole)
 [![BountySource](https://www.bountysource.com/badge/tracker?tracker_id=3011939)](https://www.bountysource.com/trackers/3011939-pi-hole-pi-hole?utm_source=3011939&utm_medium=shield&utm_campaign=TRACKER_BADGE)
 
 ## One-Step Automated Install
+
 Those who want to get started quickly and conveniently may install Pi-hole using the following command:
 
-#### `curl -sSL https://install.pi-hole.net | bash`
+```bash
+curl -sSL https://install.pi-hole.net | bash
+```
 
 ## Alternative Install Methods
+
 [Piping to `bash` is controversial](https://pi-hole.net/2016/07/25/curling-and-piping-to-bash), as it prevents you from [reading code that is about to run](https://github.com/pi-hole/pi-hole/blob/master/automated%20install/basic-install.sh) on your system. Therefore, we provide these alternative installation methods which allow code review before installation:
 
 ### Method 1: Clone our repository and run
-```
+
+```bash
 git clone --depth 1 https://github.com/pi-hole/pi-hole.git Pi-hole
 cd "Pi-hole/automated install/"
 sudo bash basic-install.sh
 ```
 
 ### Method 2: Manually download the installer and run
-```
+
+```bash
 wget -O basic-install.sh https://install.pi-hole.net
 sudo bash basic-install.sh
 ```
@@ -53,18 +63,22 @@ As a last resort, you can always manually set each device to use Pi-hole as thei
 -----
 
 ## Pi-hole is free, but powered by your support
+
 There are many reoccurring costs involved with maintaining free, open source, and privacy-respecting software; expenses which [our volunteer developers](https://github.com/orgs/pi-hole/people) pitch in to cover out-of-pocket. This is just one example of how strongly we feel about our software, as well as the importance of keeping it maintained.
 
 Make no mistake: **your support is absolutely vital to help keep us innovating!**
 
 ### Donations
+
 Sending a donation using our links below is **extremely helpful** in offsetting a portion of our monthly expenses:
 
-- <img src="https://pi-hole.github.io/graphics/Badges/paypal-badge-black.svg" width="24" height="24" alt="PP"/> <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=3J2L3Z4DHW9UY">Donate via PayPal</a><br/>
-- <img src="https://pi-hole.github.io/graphics/Badges/bitcoin-badge-black.svg" width="24" height="24" alt="BTC"/> [Bitcoin, Bitcoin Cash, Ethereum, Litecoin](https://commerce.coinbase.com/checkout/dd304d04-f324-4a77-931b-0db61c77a41b)
+- <img src="https://pi-hole.github.io/graphics/Badges/paypal-badge-black.svg" width="24" height="24" alt="PP"> [Donate via PayPal](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=3J2L3Z4DHW9UY)
+- <img src="https://pi-hole.github.io/graphics/Badges/bitcoin-badge-black.svg" width="24" height="24" alt="BTC"> [Bitcoin, Bitcoin Cash, Ethereum, Litecoin](https://commerce.coinbase.com/checkout/dd304d04-f324-4a77-931b-0db61c77a41b)
 
 ### Alternative support
+
 If you'd rather not [donate](https://pi-hole.net/donate/) (_which is okay!_), there are other ways you can help support us:
+
 - [Patreon](https://patreon.com/pihole) _Become a patron for rewards_
 - [Digital Ocean](https://www.digitalocean.com/?refcode=344d234950e1) _affiliate link_
 - [Stickermule](https://www.stickermule.com/unlock?ref_id=9127301701&utm_medium=link&utm_source=invite) _earn a $10 credit after your first purchase_
@@ -73,6 +87,7 @@ If you'd rather not [donate](https://pi-hole.net/donate/) (_which is okay!_), th
 - Spreading the word about our software, and how you have benefited from it
 
 ### Contributing via GitHub
+
 We welcome _everyone_ to contribute to issue reports, suggest new features, and create pull requests.
 
 If you have something to add - anything from a typo through to a whole new feature, we're happy to check it out! Just make sure to fill out our template when submitting your request; the questions that it asks will help the volunteers quickly understand what you're aiming to achieve.
@@ -80,6 +95,7 @@ If you have something to add - anything from a typo through to a whole new featu
 You'll find that the [install script](https://github.com/pi-hole/pi-hole/blob/master/automated%20install/basic-install.sh) and the [debug script](https://github.com/pi-hole/pi-hole/blob/master/advanced/Scripts/piholeDebug.sh) have an abundance of comments, which will help you better understand how Pi-hole works. They're also a valuable resource to those who want to learn how to write scripts or code a program! We encourage anyone who likes to tinker to read through it and submit a pull request for us to review.
 
 ### Presentations about Pi-hole
+
 Word-of-mouth continues to help our project grow immensely, and so we are helping make this easier for people.
 
 If you are going to be presenting Pi-hole at a conference, meetup or even a school project, [get in touch with us](https://pi-hole.net/2017/05/17/giving-a-presentation-on-pi-hole-contact-us-first-for-some-goodies-and-support/) so we can hook you up with free swag to hand out to your audience!
@@ -87,53 +103,57 @@ If you are going to be presenting Pi-hole at a conference, meetup or even a scho
 -----
 
 ## Getting in touch with us
-While we are primarily reachable on our <a href="https://discourse.pi-hole.net/">Discourse User Forum</a>, we can also be found on a variety of social media outlets. **Please be sure to check the FAQ's** before starting a new discussion, as we do not have the spare time to reply to every request for assistance.
 
-<ul>
-  <li><a href="https://discourse.pi-hole.net/c/faqs">Frequently Asked Questions</a></li>
-  <li><a href="https://github.com/pi-hole/pi-hole/wiki">Pi-hole Wiki</a></li>
-  <li><a href="https://discourse.pi-hole.net/c/feature-requests?order=votes">Feature Requests</a></li>
-  <li><a href="https://discourse.pi-hole.net/">Discourse User Forum</a></li>
-  <li><a href="https://www.reddit.com/r/pihole/">Reddit</a></li>
-  <li><a href="https://twitter.com/The_Pi_Hole">Twitter</a></li>
-  <li><a href="https://www.youtube.com/channel/UCT5kq9w0wSjogzJb81C9U0w">YouTube</a></li>
-  <li><a href="https://www.facebook.com/ThePiHole/">Facebook</a></li>
-</ul>
+While we are primarily reachable on our [Discourse User Forum](https://discourse.pi-hole.net/), we can also be found on a variety of social media outlets. **Please be sure to check the FAQ's** before starting a new discussion, as we do not have the spare time to reply to every request for assistance.
+
+- [Frequently Asked Questions](https://discourse.pi-hole.net/c/faqs)
+- [Pi-hole Wiki](https://github.com/pi-hole/pi-hole/wiki)
+- [Feature Requests](https://discourse.pi-hole.net/c/feature-requests?order=votes)
+- [Discourse User Forum](https://discourse.pi-hole.net/)
+- [Reddit](https://www.reddit.com/r/pihole/)
+- [Twitter](https://twitter.com/The_Pi_Hole)
+- [YouTube](https://www.youtube.com/channel/UCT5kq9w0wSjogzJb81C9U0w)
+- [Facebook](https://www.facebook.com/ThePiHole/)
 
 -----
 
 ## Breakdown of Features
+
 ### The Command Line Interface
+
 The `pihole` command has all the functionality necessary to be able to fully administer the Pi-hole, without the need of the Web Interface. It's fast, user-friendly, and auditable by anyone with an understanding of `bash`.
 
-<a href="https://pi-hole.github.io/graphics/Screenshots/blacklist-cli.gif"><img src="https://pi-hole.github.io/graphics/Screenshots/blacklist-cli.gif" alt="Pi-hole Blacklist Demo"/></a>
+[![Pi-hole Blacklist Demo](https://pi-hole.github.io/graphics/Screenshots/blacklist-cli.gif)](https://pi-hole.github.io/graphics/Screenshots/blacklist-cli.gif)
 
 Some notable features include:
-* [Whitelisting, Blacklisting and Wildcards](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#whitelisting-blacklisting-and-wildcards)
-* [Debugging utility](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#debugger)
-* [Viewing the live log file](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#tail)
-* [Real-time Statistics via `ssh`](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#chronometer) or [your TFT LCD screen](http://www.amazon.com/exec/obidos/ASIN/B00ID39LM4/pihole09-20)
-* [Updating Ad Lists](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#gravity)
-* [Querying Ad Lists for blocked domains](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#query)
-* [Enabling and Disabling Pi-hole](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#enable--disable)
-* ... and *many* more!
+
+- [Whitelisting, Blacklisting and Wildcards](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#whitelisting-blacklisting-and-wildcards)
+- [Debugging utility](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#debugger)
+- [Viewing the live log file](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#tail)
+- [Real-time Statistics via `ssh`](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#chronometer) or [your TFT LCD screen](http://www.amazon.com/exec/obidos/ASIN/B00ID39LM4/pihole09-20)
+- [Updating Ad Lists](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#gravity)
+- [Querying Ad Lists for blocked domains](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#query)
+- [Enabling and Disabling Pi-hole](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#enable--disable)
+- ... and *many* more!
 
 You can read our [Core Feature Breakdown](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown), as well as read up on [example usage](https://discourse.pi-hole.net/t/the-pihole-command-with-examples/738) for more information.
 
 ### The Web Interface Dashboard
+
 This [optional dashboard](https://github.com/pi-hole/AdminLTE) allows you to view stats, change settings, and configure your Pi-hole. It's the power of the Command Line Interface, with none of the learning curve!
 
-<img src="https://pi-hole.github.io/graphics/Screenshots/pihole-dashboard.png"  alt="Pi-hole Dashboard"/></a>
+![Pi-hole Dashboard](https://pi-hole.github.io/graphics/Screenshots/pihole-dashboard.png)
 
 Some notable features include:
-* Mobile friendly interface
-* Password protection
-* Detailed graphs and doughnut charts
-* Top lists of domains and clients
-* A filterable and sortable query log
-* Long Term Statistics to view data over user-defined time ranges
-* The ability to easily manage and configure Pi-hole features
-* ... and all the main features of the Command Line Interface!
+
+- Mobile friendly interface
+- Password protection
+- Detailed graphs and doughnut charts
+- Top lists of domains and clients
+- A filterable and sortable query log
+- Long Term Statistics to view data over user-defined time ranges
+- The ability to easily manage and configure Pi-hole features
+- ... and all the main features of the Command Line Interface!
 
 There are several ways to [access the dashboard](https://discourse.pi-hole.net/t/how-do-i-access-pi-holes-dashboard-admin-interface/3168):
 
@@ -142,30 +162,33 @@ There are several ways to [access the dashboard](https://discourse.pi-hole.net/t
 3. `http://pi.hole/` (when using Pi-hole as your DNS server)
 
 ## Faster-than-light Engine
+
 FTLDNS is a lightweight, purpose-built daemon used to provide statistics needed for the Web Interface, and its API can be easily integrated into your own projects. As the name implies, FTLDNS does this all *very quickly*!
 
 Some of the statistics you can integrate include:
-* Total number of domains being blocked
-* Total number of DNS queries today
-* Total number of ads blocked today
-* Percentage of ads blocked
-* Unique domains
-* Queries forwarded (to your chosen upstream DNS server)
-* Queries cached
-* Unique clients
+
+- Total number of domains being blocked
+- Total number of DNS queries today
+- Total number of ads blocked today
+- Percentage of ads blocked
+- Unique domains
+- Queries forwarded (to your chosen upstream DNS server)
+- Queries cached
+- Unique clients
 
 The API can be accessed via [`telnet`](https://github.com/pi-hole/FTL), the Web (`admin/api.php`) and Command Line (`pihole -c -j`). You can out find [more details over here](https://discourse.pi-hole.net/t/pi-hole-api/1863).
 
 -----
 
 ## The Origin Of Pi-hole
+
 Pi-hole being an **advertising-aware DNS/Web server**, makes use of the following technologies:
 
-* [`dnsmasq`](http://www.thekelleys.org.uk/dnsmasq/doc.html) - a lightweight DNS and DHCP server
-* [`curl`](https://curl.haxx.se/) - A command line tool for transferring data with URL syntax
-* [`lighttpd`](https://www.lighttpd.net/) - web server designed and optimized for high performance
-* [`php`](https://www.php.net/) - a popular general-purpose web scripting language
-* [AdminLTE Dashboard](https://github.com/ColorlibHQ/AdminLTE) - premium admin control panel based on Bootstrap 3.x
+- [`dnsmasq`](http://www.thekelleys.org.uk/dnsmasq/doc.html) - a lightweight DNS and DHCP server
+- [`curl`](https://curl.haxx.se/) - A command line tool for transferring data with URL syntax
+- [`lighttpd`](https://www.lighttpd.net/) - web server designed and optimized for high performance
+- [`php`](https://www.php.net/) - a popular general-purpose web scripting language
+- [AdminLTE Dashboard](https://github.com/ColorlibHQ/AdminLTE) - premium admin control panel based on Bootstrap 3.x
 
 While quite outdated at this point, [this original blog post about Pi-hole](https://jacobsalmela.com/2015/06/16/block-millions-ads-network-wide-with-a-raspberry-pi-hole-2-0/) goes into **great detail** about how Pi-hole was originally set up and how it works. Syntactically, it's no longer accurate, but the same basic principles and logic still apply to Pi-hole's current state.
 

From 03a8cff55ee6aa944722378c29de349c0fae903d Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Fri, 5 Jun 2020 21:01:53 +0100
Subject: [PATCH 021/297] read > mapfile as suggested by @dschaper

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 advanced/Scripts/piholeDebug.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 8c6b0773..8ff6f534 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -405,7 +405,7 @@ os_check() {
     detected_os="${detected_os_pretty%% *}"
     detected_version=$(cat /etc/*release | grep VERSION_ID | cut -d '=' -f2- | tr -d '"')
 
-    mapfile -t supportedOS < <(dig +short -t txt ${remote_os_domain} | tr -d '"' | tr ' ' '\n')
+    IFS=" "; read -r -a supportedOS < <(dig +short -t txt ${remote_os_domain} | tr -d '"')
 
     for i in "${supportedOS[@]}"
     do
@@ -414,7 +414,7 @@ os_check() {
 
         if [[ "${detected_os}" =~ ${os_part} ]]; then
           valid_os=true
-          mapfile -t supportedVer < <(echo "${versions_part}" | tr ',' '\n')
+          IFS=","; read -r -a supportedVer <<<"${versions_part}"
           for x in "${supportedVer[@]}"
           do
             if [[ "${detected_version}" =~ $x ]];then

From 9844a3288fdfc6a55ce2e8f7df1df62683b5ae16 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Fri, 5 Jun 2020 21:06:25 +0100
Subject: [PATCH 022/297] Same change as 03a8cff

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 automated install/basic-install.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 6fdc6211..accb8919 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -187,7 +187,7 @@ os_check() {
     detected_os="${detected_os_pretty%% *}"
     detected_version=$(cat /etc/*release | grep VERSION_ID | cut -d '=' -f2- | tr -d '"')
 
-    mapfile -t supportedOS < <(dig +short -t txt ${remote_os_domain} | tr -d '"' | tr ' ' '\n')
+    IFS=" "; read -r -a supportedOS < <(dig +short -t txt ${remote_os_domain} | tr -d '"')
 
     for i in "${supportedOS[@]}"
     do
@@ -196,7 +196,7 @@ os_check() {
 
         if [[ "${detected_os}" =~ ${os_part} ]]; then
           valid_os=true
-          mapfile -t supportedVer < <(echo "${versions_part}" | tr ',' '\n')
+          IFS=","; read -r -a supportedVer <<<"${versions_part}"
           for x in "${supportedVer[@]}"
           do
             if [[ "${detected_version}" =~ $x ]];then

From 95f4c632f7b0e0b2125766bf02036c89a6b50e7a Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Sat, 13 Jun 2020 20:30:03 +0100
Subject: [PATCH 023/297] expand valid_ip to allow for custom ports

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 automated install/basic-install.sh | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index e396e617..4352c578 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -1017,21 +1017,29 @@ valid_ip() {
     local ip=${1}
     local stat=1
 
-    # If the IP matches the format xxx.xxx.xxx.xxx,
-    if [[ "${ip}" =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
+    # If the IP matches the format xxx.xxx.xxx.xxx (optional port of range #0-65536), also ensure string ends with 0-9
+    if [[ "${ip}" =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}#{0,1}[0-9]{0,5}$ && "${ip}" =~ ^.*[0-9]$ ]]; then
         # Save the old Internal Field Separator in a variable
         OIFS=$IFS
         # and set the new one to a dot (period)
-        IFS='.'
+        IFS='.#'
         # Put the IP into an array
         read -r -a ip <<< "${ip}"
         # Restore the IFS to what it was
         IFS=${OIFS}
+
         ## Evaluate each octet by checking if it's less than or equal to 255 (the max for each octet)
-        [[ "${ip[0]}" -le 255 && "${ip[1]}" -le 255 \
-        && "${ip[2]}" -le 255 && "${ip[3]}" -le 255 ]]
+        [[ "${ip[0]}" -le 255 && "${ip[1]}" -le 255 && "${ip[2]}" -le 255 && "${ip[3]}" -le 255 ]]
         # Save the exit code
         stat=$?
+
+        # If there is a 5th part to the array, then it is a port number - check it is between 1 and 65536
+        if [[ "${ip[4]}" ]]; then
+            [[ "${ip[4]}" -ge 1 && "${ip[4]}" -le 65536 ]]
+            # Save the exit code
+            stat=$?
+        fi
+
     fi
     # Return the exit code
     return "${stat}"

From 0320d850288b5994ae1393ed260d7711d31379b5 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Sat, 13 Jun 2020 20:57:57 +0100
Subject: [PATCH 024/297] Additionally source the install script in webpage.sh
 to validate IP entered on `pihole -a setdns`

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 advanced/Scripts/webpage.sh | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index 0fabdeb4..b7e9c60f 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -10,18 +10,21 @@
 # This file is copyright under the latest version of the EUPL.
 # Please see LICENSE file for your rights under this license.
 
-readonly setupVars="/etc/pihole/setupVars.conf"
 readonly dnsmasqconfig="/etc/dnsmasq.d/01-pihole.conf"
 readonly dhcpconfig="/etc/dnsmasq.d/02-pihole-dhcp.conf"
 readonly FTLconf="/etc/pihole/pihole-FTL.conf"
 # 03 -> wildcards
 readonly dhcpstaticconfig="/etc/dnsmasq.d/04-pihole-static-dhcp.conf"
-readonly PI_HOLE_BIN_DIR="/usr/local/bin"
 readonly dnscustomfile="/etc/pihole/custom.list"
 readonly dnscustomcnamefile="/etc/dnsmasq.d/05-pihole-custom-cname.conf"
 
 readonly gravityDBfile="/etc/pihole/gravity.db"
 
+# Source install script for ${setupVars}, ${PI_HOLE_BIN_DIR} and valid_ip()
+readonly PI_HOLE_FILES_DIR="/etc/.pihole"
+PH_TEST="true"
+source "${PI_HOLE_FILES_DIR}/automated install/basic-install.sh"
+
 coltable="/opt/pihole/COL_TABLE"
 if [[ -f ${coltable} ]]; then
     source ${coltable}
@@ -227,7 +230,15 @@ SetDNSServers() {
     for index in "${!array[@]}"
     do
         # Replace possible "\#" by "#". This fixes AdminLTE#1427
-        add_setting "PIHOLE_DNS_$((index+1))" "${array[index]//\\#/#}"
+        local ip
+        ip="${array[index]//\\#/#}"
+
+        if valid_ip "${ip}" ; then
+            add_setting "PIHOLE_DNS_$((index+1))" "${ip}"
+        else
+            echo -e "  ${CROSS} Invalid IP has been passed"
+            exit 1
+        fi
     done
 
     if [[ "${args[3]}" == "domain-needed" ]]; then

From 1ebf0785b6cb41e1a38a0cb99456e84c70b16269 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Sat, 13 Jun 2020 21:33:03 +0100
Subject: [PATCH 025/297] move dnsutils/bind-utils to installed deps and only
 check OS is supported after installing installer deps

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 automated install/basic-install.sh | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index e396e617..587f8ad7 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -308,9 +308,9 @@ if is_command apt-get ; then
     fi
     # Since our install script is so large, we need several other programs to successfully get a machine provisioned
     # These programs are stored in an array so they can be looped through later
-    INSTALLER_DEPS=(dhcpcd5 git "${iproute_pkg}" whiptail)
+    INSTALLER_DEPS=(dhcpcd5 git "${iproute_pkg}" whiptail dnsutils)
     # Pi-hole itself has several dependencies that also need to be installed
-    PIHOLE_DEPS=(cron curl dnsutils iputils-ping lsof netcat psmisc sudo unzip wget idn2 sqlite3 libcap2-bin dns-root-data libcap2)
+    PIHOLE_DEPS=(cron curl iputils-ping lsof netcat psmisc sudo unzip wget idn2 sqlite3 libcap2-bin dns-root-data libcap2)
     # The Web dashboard has some that also need to be installed
     # It's useful to separate the two since our repos are also setup as "Core" code and "Web" code
     PIHOLE_WEB_DEPS=(lighttpd "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-${phpSqlite}" "${phpVer}-xml" "${phpVer}-intl")
@@ -349,8 +349,8 @@ elif is_command rpm ; then
 
     PKG_INSTALL=("${PKG_MANAGER}" install -y)
     PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l"
-    INSTALLER_DEPS=(git iproute newt procps-ng which chkconfig)
-    PIHOLE_DEPS=(bind-utils cronie curl findutils nmap-ncat sudo unzip libidn2 psmisc sqlite libcap)
+    INSTALLER_DEPS=(git iproute newt procps-ng which chkconfig bind-utils)
+    PIHOLE_DEPS=(cronie curl findutils nmap-ncat sudo unzip libidn2 psmisc sqlite libcap)
     PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php-common php-cli php-pdo php-xml php-json php-intl)
     LIGHTTPD_USER="lighttpd"
     LIGHTTPD_GROUP="lighttpd"
@@ -2601,7 +2601,6 @@ main() {
     fi
 
     # Check for supported distribution
-    os_check
     distro_check
 
     # If the setup variable file exists,
@@ -2634,6 +2633,9 @@ main() {
     # Install packages used by this installation script
     install_dependent_packages "${INSTALLER_DEPS[@]}"
 
+    # Check that the installed OS is officially supported - display warning if not
+    os_check
+
     # Check if SELinux is Enforcing
     checkSelinux
 

From 011fa8c6ea8eab58b4ba93e2d89e22b01ab1fdc6 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Sat, 13 Jun 2020 21:47:00 +0100
Subject: [PATCH 026/297] fix sticklr complaint

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 advanced/Scripts/webpage.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index b7e9c60f..3ab0a4a5 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -22,6 +22,7 @@ readonly gravityDBfile="/etc/pihole/gravity.db"
 
 # Source install script for ${setupVars}, ${PI_HOLE_BIN_DIR} and valid_ip()
 readonly PI_HOLE_FILES_DIR="/etc/.pihole"
+# shellcheck disable=SC2034  # used in basic-install
 PH_TEST="true"
 source "${PI_HOLE_FILES_DIR}/automated install/basic-install.sh"
 

From 7ea6d7b92b562c08a4877491d8796d0411435454 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Sun, 14 Jun 2020 00:17:51 +0100
Subject: [PATCH 027/297] remove ; so IFS changes don't stick

Co-authored-by: Dan Schaper <dan.schaper@pi-hole.net>
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 advanced/Scripts/piholeDebug.sh    | 4 ++--
 automated install/basic-install.sh | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 8ff6f534..1a8efa20 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -405,7 +405,7 @@ os_check() {
     detected_os="${detected_os_pretty%% *}"
     detected_version=$(cat /etc/*release | grep VERSION_ID | cut -d '=' -f2- | tr -d '"')
 
-    IFS=" "; read -r -a supportedOS < <(dig +short -t txt ${remote_os_domain} | tr -d '"')
+    IFS=" " read -r -a supportedOS < <(dig +short -t txt ${remote_os_domain} | tr -d '"')
 
     for i in "${supportedOS[@]}"
     do
@@ -414,7 +414,7 @@ os_check() {
 
         if [[ "${detected_os}" =~ ${os_part} ]]; then
           valid_os=true
-          IFS=","; read -r -a supportedVer <<<"${versions_part}"
+          IFS="," read -r -a supportedVer <<<"${versions_part}"
           for x in "${supportedVer[@]}"
           do
             if [[ "${detected_version}" =~ $x ]];then
diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index e396e617..04a83735 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -187,7 +187,7 @@ os_check() {
     detected_os="${detected_os_pretty%% *}"
     detected_version=$(cat /etc/*release | grep VERSION_ID | cut -d '=' -f2- | tr -d '"')
 
-    IFS=" "; read -r -a supportedOS < <(dig +short -t txt ${remote_os_domain} | tr -d '"')
+    IFS=" " read -r -a supportedOS < <(dig +short -t txt ${remote_os_domain} | tr -d '"')
 
     for i in "${supportedOS[@]}"
     do
@@ -196,7 +196,7 @@ os_check() {
 
         if [[ "${detected_os}" =~ ${os_part} ]]; then
           valid_os=true
-          IFS=","; read -r -a supportedVer <<<"${versions_part}"
+          IFS="," read -r -a supportedVer <<<"${versions_part}"
           for x in "${supportedVer[@]}"
           do
             if [[ "${detected_version}" =~ $x ]];then

From c9350fa76d79554911bae9f674f11e27ba2c634c Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Sun, 14 Jun 2020 21:59:20 +0200
Subject: [PATCH 028/297] Improve man pihole restartdns section.

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 manpages/pihole.8 | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/manpages/pihole.8 b/manpages/pihole.8
index e107e4da..e528bcde 100644
--- a/manpages/pihole.8
+++ b/manpages/pihole.8
@@ -257,14 +257,14 @@ Available commands and options:
 
 \fBrestartdns\fR [options]
 .br
-    Full restart Pi-hole subsystems
+    Full restart Pi-hole subsystems. Without any options (see below) a full restart causes config file parsing and history re-reading
 .br
 
     (restart options):
 .br
-      reload            Updates the lists and flushes DNS cache
+      reload            Updates the lists (incl. HOSTS files) and flushes DNS cache. Does not reparse config files
 .br
-      reload-lists      Updates the lists WITHOUT flushing the DNS cache
+      reload-lists      Updates the lists (excl. HOSTS files) WITHOUT flushing the DNS cache. Does not reparse config files
 .br
 
 \fBcheckout\fR [repo] [branch]

From fe30ce10d361c5ceb823aa88131caf03bdab0e6e Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Mon, 15 Jun 2020 21:21:40 +0100
Subject: [PATCH 029/297] simpler regex suggested by @MichaIng

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 automated install/basic-install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 4352c578..0b2ddef1 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -1018,7 +1018,7 @@ valid_ip() {
     local stat=1
 
     # If the IP matches the format xxx.xxx.xxx.xxx (optional port of range #0-65536), also ensure string ends with 0-9
-    if [[ "${ip}" =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}#{0,1}[0-9]{0,5}$ && "${ip}" =~ ^.*[0-9]$ ]]; then
+    if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}(#[0-9]{1,5})?$ ]]; then
         # Save the old Internal Field Separator in a variable
         OIFS=$IFS
         # and set the new one to a dot (period)

From bbfbf67fcf44dbf1c19a5238fc80e1fb191a0095 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Mon, 15 Jun 2020 22:52:24 +0100
Subject: [PATCH 030/297] further simplify the function, per @dl6er's
 suggestion

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 automated install/basic-install.sh | 30 ++++++++----------------------
 1 file changed, 8 insertions(+), 22 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 0b2ddef1..6e05eda4 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -1017,30 +1017,16 @@ valid_ip() {
     local ip=${1}
     local stat=1
 
-    # If the IP matches the format xxx.xxx.xxx.xxx (optional port of range #0-65536), also ensure string ends with 0-9
-    if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}(#[0-9]{1,5})?$ ]]; then
-        # Save the old Internal Field Separator in a variable
-        OIFS=$IFS
-        # and set the new one to a dot (period)
-        IFS='.#'
-        # Put the IP into an array
-        read -r -a ip <<< "${ip}"
-        # Restore the IFS to what it was
-        IFS=${OIFS}
+    # One IPv4 element is 8bit: 0 - 256
+    local ipv4elem="(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]?|0)";
+    # optional port number starting '#' with range of 1-65536
+    local portelem="(#([1-9]|[1-8][0-9]|9[0-9]|[1-8][0-9]{2}|9[0-8][0-9]|99[0-9]|[1-8][0-9]{3}|9[0-8][0-9]{2}|99[0-8][0-9]|999[0-9]|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-6]))?"
+    # build a full regex string from the above parts
+    local regex="^${ipv4elem}\.${ipv4elem}\.${ipv4elem}\.${ipv4elem}${portelem}$"
 
-        ## Evaluate each octet by checking if it's less than or equal to 255 (the max for each octet)
-        [[ "${ip[0]}" -le 255 && "${ip[1]}" -le 255 && "${ip[2]}" -le 255 && "${ip[3]}" -le 255 ]]
-        # Save the exit code
-        stat=$?
+    [[ $ip =~ ${regex} ]]
 
-        # If there is a 5th part to the array, then it is a port number - check it is between 1 and 65536
-        if [[ "${ip[4]}" ]]; then
-            [[ "${ip[4]}" -ge 1 && "${ip[4]}" -le 65536 ]]
-            # Save the exit code
-            stat=$?
-        fi
-
-    fi
+    stat=$?
     # Return the exit code
     return "${stat}"
 }

From 9bf0f2a161d166fb3e98c79936f75cf6427e4fd9 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Sun, 21 Jun 2020 21:47:30 +0200
Subject: [PATCH 031/297] Reduce handholding when trying to foresee the
 intentions of the user. The code does now preserve legacy behavior and users
 can open up the subnet manually if they like.

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/webpage.sh | 17 ++++-------------
 1 file changed, 4 insertions(+), 13 deletions(-)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index 98e4620c..ca8d8e20 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -226,19 +226,10 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423
         delete_setting "CONDITIONAL_FORWARDING_DOMAIN"
         delete_setting "CONDITIONAL_FORWARDING_IP"
 
-        # Try to detect intended CIDR by analyzing the target
-        if [[ "${REV_SERVER_TARGET}" =~ 10\..* ]]; then
-            # Private network, Class A (RFC 1597 + RFC 1918)
-            REV_SERVER_CIDR="10.0.0.0/8"
-        elif [[ "${REV_SERVER_TARGET}" =~ 192\.168\..* ]]; then
-            # Private network, Class B (RFC 1597 + RFC 1918)
-            REV_SERVER_CIDR="192.168.0.0/16"
-        else
-            # Something else, convert to /24 subnet (preserves legacy behavior)
-            # This sed converts "192.168.1.2" to "192.168.1.0/24"
-            # shellcheck disable=2001
-            REV_SERVER_CIDR="$(sed "s+\\.[0-9]*$+\\.0/24+" <<< "${REV_SERVER_TARGET}")"
-        fi
+        # Convert existing input to /24 subnet (preserves legacy behavior)
+        # This sed converts "192.168.1.2" to "192.168.1.0/24"
+        # shellcheck disable=2001
+        REV_SERVER_CIDR="$(sed "s+\\.[0-9]*$+\\.0/24+" <<< "${REV_SERVER_TARGET}")"
         add_setting "REV_SERVER_CIDR" "${REV_SERVER_CIDR}"
     fi
 

From 3205606fc38e65c9a1d4f93e540763dc2c75e88d Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Tue, 23 Jun 2020 20:38:18 +0100
Subject: [PATCH 032/297] Also validate IPV6 in the `setdns` function

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 advanced/Scripts/webpage.sh        |  2 +-
 automated install/basic-install.sh | 18 ++++++++++++++++++
 2 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index 8075990b..1f7cc728 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -260,7 +260,7 @@ SetDNSServers() {
         local ip
         ip="${array[index]//\\#/#}"
 
-        if valid_ip "${ip}" ; then
+        if valid_ip "${ip}" || valid_ip6 "${ip}" ; then
             add_setting "PIHOLE_DNS_$((index+1))" "${ip}"
         else
             echo -e "  ${CROSS} Invalid IP has been passed"
diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 5d7e0b94..28001831 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -1031,6 +1031,24 @@ valid_ip() {
     return "${stat}"
 }
 
+valid_ip6() {
+    local ip=${1}
+    local stat=1
+
+    # One IPv6 element is 16bit: 0000 - FFFF
+    local ipv6elem="[0-9a-fA-F]{1,4}"
+    # CIDR for IPv6 is 1- 128 bit
+    local v6cidr="(\\/([1-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8])){0,1}"
+    # build a full regex string from the above parts
+    local regex="^(((${ipv6elem}))((:${ipv6elem}))*::((${ipv6elem}))*((:${ipv6elem}))*|((${ipv6elem}))((:${ipv6elem})){7})${v6cidr}$"
+
+    [[ ${ip} =~ ${regex} ]]
+
+    stat=$?
+    # Return the exit code
+    return "${stat}"
+}
+
 # A function to choose the upstream DNS provider(s)
 setDNS() {
     # Local, named variables

From 6009e869471f7f1da0593d91d82855340c8643b1 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Wed, 1 Jul 2020 18:39:09 +0200
Subject: [PATCH 033/297] Fix pihole status to not rely on a TCP port test. The
 current test can fail even when there is no error i case the max. number of
 TCP workers is reached.

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 pihole | 48 ++++++++++++++++++++++++++++++++++++++++++------
 1 file changed, 42 insertions(+), 6 deletions(-)

diff --git a/pihole b/pihole
index 065fb385..159922b0 100755
--- a/pihole
+++ b/pihole
@@ -250,16 +250,52 @@ Options:
   echo -e "${OVER}  ${TICK} ${str}"
 }
 
+analyze_ports() {
+  # FTL is listening at least on at least one port when this
+  # function is getting called
+  if [[ $(grep -c "IPv4" <<< "${1}") -gt 1 ]] && \
+     [[ $(grep -c "IPv6" <<< "${1}") -gt 1 ]]; then
+    echo -e "  ${TICK} DNS service is listening"
+  else
+    echo -e "  ${CROSS} DNS service is partially listening"
+    # Check individual address family/protocol combinations
+    # For a healthy Pi-hole, they should all be up (nothing printed)
+    if grep -q "IPv4.*UDP" <<< "${1}"; then
+        echo -e "     ${TICK} UDP (IPv4)"
+    else
+        echo -e "     ${CROSS} UDP (IPv4)"
+    fi
+    if grep -q "IPv4.*TCP" <<< "${1}"; then
+        echo -e "     ${TICK} TCP (IPv4)"
+    else
+        echo -e "     ${CROSS} TCP (IPv4)"
+    fi
+    if grep -q "IPv6.*UDP" <<< "${1}"; then
+        echo -e "     ${TICK} UDP (IPv6)"
+    else
+        echo -e "     ${CROSS} UDP (IPv6)"
+    fi
+    if grep -q "IPv6.*TCP" <<< "${1}"; then
+        echo -e "     ${TICK} TCP (IPv6)"
+    else
+        echo -e "     ${CROSS} TCP (IPv6)"
+    fi
+    echo ""
+  fi
+}
+
 statusFunc() {
-  # Determine if service is running on port 53 (Cr: https://superuser.com/a/806331)
-  if (echo > /dev/tcp/127.0.0.1/53) >/dev/null 2>&1; then
+  # Determine if there is a pihole service is listening on port 53
+  local listening
+  listening="$(lsof -Pni:53)"
+  if grep -q "pihole" <<< "${listening}"; then
     if [[ "${1}" != "web" ]]; then
-      echo -e "  ${TICK} DNS service is running"
+      analyze_ports "${listening}"
     fi
   else
     case "${1}" in
       "web") echo "-1";;
-      *) echo -e "  ${CROSS} DNS service is NOT running";;
+      *) echo -e "  ${CROSS} DNS service is NOT listening";;
     esac
     return 0
   fi
@@ -269,13 +305,13 @@ statusFunc() {
     # A config is commented out
     case "${1}" in
       "web") echo 0;;
-      *) echo -e "  ${CROSS} Pi-hole blocking is Disabled";;
+      *) echo -e "  ${CROSS} Pi-hole blocking is disabled";;
     esac
   elif grep -q "BLOCKING_ENABLED=true" /etc/pihole/setupVars.conf;  then
     # Configs are set
     case "${1}" in
       "web") echo 1;;
-      *) echo -e "  ${TICK} Pi-hole blocking is Enabled";;
+      *) echo -e "  ${TICK} Pi-hole blocking is enabled";;
     esac
   else
     # No configs were found

From 94cd7f59d43e9cdb39312da25cef913699d208e2 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Wed, 1 Jul 2020 18:49:31 +0200
Subject: [PATCH 034/297] Make verbose output the default.

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 pihole | 49 ++++++++++++++++++++++---------------------------
 1 file changed, 22 insertions(+), 27 deletions(-)

diff --git a/pihole b/pihole
index 159922b0..099eefe5 100755
--- a/pihole
+++ b/pihole
@@ -253,35 +253,30 @@ Options:
 analyze_ports() {
   # FTL is listening at least on at least one port when this
   # function is getting called
-  if [[ $(grep -c "IPv4" <<< "${1}") -gt 1 ]] && \
-     [[ $(grep -c "IPv6" <<< "${1}") -gt 1 ]]; then
-    echo -e "  ${TICK} DNS service is listening"
+  echo -e "  ${TICK} DNS service is listening"
+  # Check individual address family/protocol combinations
+  # For a healthy Pi-hole, they should all be up (nothing printed)
+  if grep -q "IPv4.*UDP" <<< "${1}"; then
+      echo -e "     ${TICK} UDP (IPv4)"
   else
-    echo -e "  ${CROSS} DNS service is partially listening"
-    # Check individual address family/protocol combinations
-    # For a healthy Pi-hole, they should all be up (nothing printed)
-    if grep -q "IPv4.*UDP" <<< "${1}"; then
-        echo -e "     ${TICK} UDP (IPv4)"
-    else
-        echo -e "     ${CROSS} UDP (IPv4)"
-    fi
-    if grep -q "IPv4.*TCP" <<< "${1}"; then
-        echo -e "     ${TICK} TCP (IPv4)"
-    else
-        echo -e "     ${CROSS} TCP (IPv4)"
-    fi
-    if grep -q "IPv6.*UDP" <<< "${1}"; then
-        echo -e "     ${TICK} UDP (IPv6)"
-    else
-        echo -e "     ${CROSS} UDP (IPv6)"
-    fi
-    if grep -q "IPv6.*TCP" <<< "${1}"; then
-        echo -e "     ${TICK} TCP (IPv6)"
-    else
-        echo -e "     ${CROSS} TCP (IPv6)"
-    fi
-    echo ""
+      echo -e "     ${CROSS} UDP (IPv4)"
   fi
+  if grep -q "IPv4.*TCP" <<< "${1}"; then
+      echo -e "     ${TICK} TCP (IPv4)"
+  else
+      echo -e "     ${CROSS} TCP (IPv4)"
+  fi
+  if grep -q "IPv6.*UDP" <<< "${1}"; then
+      echo -e "     ${TICK} UDP (IPv6)"
+  else
+      echo -e "     ${CROSS} UDP (IPv6)"
+  fi
+  if grep -q "IPv6.*TCP" <<< "${1}"; then
+      echo -e "     ${TICK} TCP (IPv6)"
+  else
+      echo -e "     ${CROSS} TCP (IPv6)"
+  fi
+  echo ""
 }
 
 statusFunc() {

From cf1c1e2e7eb0e56711633d9cb8c55b02c2942196 Mon Sep 17 00:00:00 2001
From: XhmikosR <xhmikosr@gmail.com>
Date: Tue, 19 May 2020 11:09:51 +0300
Subject: [PATCH 035/297] Tweak lighttpd configs

* Compress more types
* Add charset=utf-8 in more text types
* Use proper media types
* Add default expire header
* Use consistent indentation

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
---
 advanced/lighttpd.conf.debian | 70 +++++++++++++++++++--------
 advanced/lighttpd.conf.fedora | 91 +++++++++++++++++++++++------------
 2 files changed, 110 insertions(+), 51 deletions(-)

diff --git a/advanced/lighttpd.conf.debian b/advanced/lighttpd.conf.debian
index c4e15f4b..6020dfd8 100644
--- a/advanced/lighttpd.conf.debian
+++ b/advanced/lighttpd.conf.debian
@@ -16,14 +16,14 @@
 ###############################################################################
 
 server.modules = (
-	"mod_access",
-	"mod_accesslog",
-	"mod_auth",
-	"mod_expire",
-	"mod_compress",
-	"mod_redirect",
-	"mod_setenv",
-	"mod_rewrite"
+    "mod_access",
+    "mod_accesslog",
+    "mod_auth",
+    "mod_expire",
+    "mod_compress",
+    "mod_redirect",
+    "mod_setenv",
+    "mod_rewrite"
 )
 
 server.document-root        = "/var/www/html"
@@ -41,18 +41,45 @@ index-file.names            = ( "index.php", "index.html", "index.lighttpd.html"
 url.access-deny             = ( "~", ".inc", ".md", ".yml", ".ini" )
 static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
 
-compress.cache-dir          = "/var/cache/lighttpd/compress/"
-compress.filetype           = ( "application/javascript", "text/css", "text/html", "text/plain" )
+compress.cache-dir = "/var/cache/lighttpd/compress/"
+compress.filetype  = (
+    "application/json",
+    "application/vnd.ms-fontobject",
+    "application/xml",
+    "font/eot",
+    "font/opentype",
+    "font/otf",
+    "font/ttf",
+    "image/bmp",
+    "image/svg+xml",
+    "image/vnd.microsoft.icon",
+    "image/x-icon",
+    "text/css",
+    "text/html",
+    "text/javascript",
+    "text/plain",
+    "text/xml"
+)
 
-mimetype.assign   = ( ".png"  => "image/png",
-                      ".jpg"  => "image/jpeg",
-                      ".jpeg" => "image/jpeg",
-                      ".html" => "text/html",
-                      ".css" => "text/css; charset=utf-8",
-                      ".js" => "application/javascript; charset=utf-8",
-                      ".json" => "application/json",
-                      ".txt"  => "text/plain",
-                      ".svg"  => "image/svg+xml" )
+mimetype.assign = (
+    ".ico"   => "image/x-icon",
+    ".jpeg"  => "image/jpeg",
+    ".jpg"   => "image/jpeg",
+    ".png"   => "image/png",
+    ".svg"   => "image/svg+xml",
+    ".css"   => "text/css; charset=utf-8",
+    ".html"  => "text/html; charset=utf-8",
+    ".js"    => "text/javascript; charset=utf-8",
+    ".json"  => "application/json; charset=utf-8",
+    ".map"   => "application/json; charset=utf-8",
+    ".txt"   => "text/plain; charset=utf-8",
+    ".eot"   => "application/vnd.ms-fontobject",
+    ".otf"   => "font/otf",
+    ".ttc"   => "font/collection",
+    ".ttf"   => "font/ttf",
+    ".woff"  => "font/woff",
+    ".woff2" => "font/woff2"
+)
 
 # default listening port for IPv6 falls back to the IPv4 port
 include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
@@ -77,9 +104,12 @@ $HTTP["url"] =~ "^/admin/" {
 
 # Block . files from being served, such as .git, .github, .gitignore
 $HTTP["url"] =~ "^/admin/\.(.*)" {
-     url.access-deny = ("")
+    url.access-deny = ("")
 }
 
+# Default expire header
+expire.url = ( "" => "access plus 0 seconds" )
+
 # Add user chosen options held in external file
 # This uses include_shell instead of an include wildcard for compatibility
 include_shell "cat external.conf 2>/dev/null"
diff --git a/advanced/lighttpd.conf.fedora b/advanced/lighttpd.conf.fedora
index 05fb6435..8e3bddc4 100644
--- a/advanced/lighttpd.conf.fedora
+++ b/advanced/lighttpd.conf.fedora
@@ -16,15 +16,15 @@
 ###############################################################################
 
 server.modules = (
-	"mod_access",
-	"mod_auth",
-	"mod_fastcgi",
-	"mod_accesslog",
-	"mod_expire",
-	"mod_compress",
-	"mod_redirect",
-	"mod_setenv",
-	"mod_rewrite"
+    "mod_access",
+    "mod_auth",
+    "mod_expire",
+    "mod_fastcgi",
+    "mod_accesslog",
+    "mod_compress",
+    "mod_redirect",
+    "mod_setenv",
+    "mod_rewrite"
 )
 
 server.document-root        = "/var/www/html"
@@ -38,41 +38,67 @@ server.port                 = 80
 accesslog.filename          = "/var/log/lighttpd/access.log"
 accesslog.format            = "%{%s}t|%V|%r|%s|%b"
 
-
 index-file.names            = ( "index.php", "index.html", "index.lighttpd.html" )
 url.access-deny             = ( "~", ".inc", ".md", ".yml", ".ini" )
 static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
 
-compress.cache-dir          = "/var/cache/lighttpd/compress/"
-compress.filetype           = ( "application/javascript", "text/css", "text/html", "text/plain" )
+compress.cache-dir = "/var/cache/lighttpd/compress/"
+compress.filetype  = (
+    "application/json",
+    "application/vnd.ms-fontobject",
+    "application/xml",
+    "font/eot",
+    "font/opentype",
+    "font/otf",
+    "font/ttf",
+    "image/bmp",
+    "image/svg+xml",
+    "image/vnd.microsoft.icon",
+    "image/x-icon",
+    "text/css",
+    "text/html",
+    "text/javascript",
+    "text/plain",
+    "text/xml"
+)
 
-mimetype.assign   = ( ".png"  => "image/png",
-                      ".jpg"  => "image/jpeg",
-                      ".jpeg" => "image/jpeg",
-                      ".html" => "text/html",
-                      ".css" => "text/css; charset=utf-8",
-                      ".js" => "application/javascript; charset=utf-8",
-                      ".json" => "application/json",
-                      ".txt"  => "text/plain",
-                      ".svg"  => "image/svg+xml" )
+mimetype.assign = (
+    ".ico"   => "image/x-icon",
+    ".jpeg"  => "image/jpeg",
+    ".jpg"   => "image/jpeg",
+    ".png"   => "image/png",
+    ".svg"   => "image/svg+xml",
+    ".css"   => "text/css; charset=utf-8",
+    ".html"  => "text/html; charset=utf-8",
+    ".js"    => "text/javascript; charset=utf-8",
+    ".json"  => "application/json; charset=utf-8",
+    ".map"   => "application/json; charset=utf-8",
+    ".txt"   => "text/plain; charset=utf-8",
+    ".eot"   => "application/vnd.ms-fontobject",
+    ".otf"   => "font/otf",
+    ".ttc"   => "font/collection",
+    ".ttf"   => "font/ttf",
+    ".woff"  => "font/woff",
+    ".woff2" => "font/woff2"
+)
 
 # default listening port for IPv6 falls back to the IPv4 port
 #include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
 #include_shell "/usr/share/lighttpd/create-mime.assign.pl"
 #include_shell "/usr/share/lighttpd/include-conf-enabled.pl"
 
-fastcgi.server = ( ".php" =>
-                   ( "localhost" =>
-                     (
-                       "socket" => "/tmp/php-fastcgi.socket",
-                       "bin-path" => "/usr/bin/php-cgi"
-                     )
-                   )
-                 )
+fastcgi.server = (
+    ".php" => (
+        "localhost" => (
+            "socket" => "/tmp/php-fastcgi.socket",
+            "bin-path" => "/usr/bin/php-cgi"
+        )
+    )
+)
 
 # If the URL starts with /admin, it is the Web interface
 $HTTP["url"] =~ "^/admin/" {
-	  # Create a response header for debugging using curl -I
+    # Create a response header for debugging using curl -I
     setenv.add-response-header = (
         "X-Pi-hole" => "The Pi-hole Web interface is working!",
         "X-Frame-Options" => "DENY"
@@ -86,9 +112,12 @@ $HTTP["url"] =~ "^/admin/" {
 
 # Block . files from being served, such as .git, .github, .gitignore
 $HTTP["url"] =~ "^/admin/\.(.*)" {
-     url.access-deny = ("")
+    url.access-deny = ("")
 }
 
+# Default expire header
+expire.url = ( "" => "access plus 0 seconds" )
+
 # Add user chosen options held in external file
 # This uses include_shell instead of an include wildcard for compatibility
 include_shell "cat external.conf 2>/dev/null"

From d8822b70cf7b23543c1455b2c802662fe95a5112 Mon Sep 17 00:00:00 2001
From: XhmikosR <xhmikosr@gmail.com>
Date: Sun, 5 Jul 2020 15:04:30 +0300
Subject: [PATCH 036/297] Fix minor typo

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
---
 advanced/Scripts/piholeDebug.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 1a8efa20..b88ac528 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -302,7 +302,7 @@ compare_local_version_to_git_version() {
             remotes=$(git remote -v)
             log_write "${INFO} Remotes: ${remotes//$'\n'/'\n             '}"
 
-            # If the repo is on the master branchs, they are on the stable codebase
+            # If the repo is on the master branch, they are on the stable codebase
             if [[ "${remote_branch}" == "master" ]]; then
                 # so the color of the text is green
                 log_write "${INFO} Branch: ${COL_GREEN}${remote_branch}${COL_NC}"
@@ -315,7 +315,7 @@ compare_local_version_to_git_version() {
             log_write "${INFO} Commit: ${remote_commit}"
             # if `local_status` is non-null, then the repo is not clean, display details here
             if [[ ${local_status} ]]; then
-              #Replace new lines in the status with 12 spaces to make the output cleaner
+              # Replace new lines in the status with 12 spaces to make the output cleaner
               log_write "${INFO} Status: ${local_status//$'\n'/'\n            '}"
               local local_diff
               local_diff=$(git diff)

From 73963fecda6dc65b10d1dd3e43a5931dc531304a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Sun, 5 Jul 2020 14:32:33 +0200
Subject: [PATCH 037/297] Use gravity's adlist_id in filename when saving
 downloaded adlist locally
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 gravity.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/gravity.sh b/gravity.sh
index 9d4c7bee..5095c2b7 100755
--- a/gravity.sh
+++ b/gravity.sh
@@ -359,9 +359,10 @@ gravity_DownloadBlocklists() {
   for ((i = 0; i < "${#sources[@]}"; i++)); do
     url="${sources[$i]}"
     domain="${sourceDomains[$i]}"
+    id="${sourceIDs[$i]}"
 
     # Save the file as list.#.domain
-    saveLocation="${piholeDir}/list.${i}.${domain}.${domainsExtension}"
+    saveLocation="${piholeDir}/list.${id}.${domain}.${domainsExtension}"
     activeDomains[$i]="${saveLocation}"
 
     # Default user-agent (for Cloudflare's Browser Integrity Check: https://support.cloudflare.com/hc/en-us/articles/200170086-What-does-the-Browser-Integrity-Check-do-)

From a99eac9d101b29185899c7dada2efbfd35492697 Mon Sep 17 00:00:00 2001
From: Dan Schaper <dan.schaper@pi-hole.net>
Date: Mon, 13 Jul 2020 14:29:45 -0700
Subject: [PATCH 038/297] Update README.md

Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
---
 README.md | 96 ++++++++++++++++---------------------------------------
 1 file changed, 27 insertions(+), 69 deletions(-)

diff --git a/README.md b/README.md
index 92bb76ea..68d7c09f 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,5 @@
+<!-- markdownlint-configure-file { "MD004": { "style": "consistent" } } -->
+<!-- markdownlint-disable MD033 -->
 <p align="center">
     <a href="https://pi-hole.net/">
         <img src="https://pi-hole.github.io/graphics/Vortex/Vortex_with_Wordmark.svg" width="150" height="260" alt="Pi-hole">
@@ -5,13 +7,16 @@
     <br>
     <strong>Network-wide ad blocking via your own Linux hardware</strong>
 </p>
+<!-- markdownlint-enable MD033 -->
 
-The Pi-hole[®](https://pi-hole.net/trademark-rules-and-brand-guidelines/) is a [DNS sinkhole](https://en.wikipedia.org/wiki/DNS_Sinkhole) that protects your devices from unwanted content, without installing any client-side software.
+#
+
+The Pi-hole® is a [DNS sinkhole](https://en.wikipedia.org/wiki/DNS_Sinkhole) that protects your devices from unwanted content, without installing any client-side software.
 
 - **Easy-to-install**: our versatile installer walks you through the process, and [takes less than ten minutes](https://www.youtube.com/watch?v=vKWjx1AQYgs)
 - **Resolute**: content is blocked in _non-browser locations_, such as ad-laden mobile apps and smart TVs
 - **Responsive**: seamlessly speeds up the feel of everyday browsing by caching DNS queries
-- **Lightweight**: runs smoothly with [minimal hardware and software requirements](https://discourse.pi-hole.net/t/hardware-software-requirements/273)
+- **Lightweight**: runs smoothly with [minimal hardware and software requirements](https://docs.pi-hole.net/main/prerequisites/)
 - **Robust**: a command line interface that is quality assured for interoperability
 - **Insightful**: a beautiful responsive Web Interface dashboard to view and control your Pi-hole
 - **Versatile**: can optionally function as a [DHCP server](https://discourse.pi-hole.net/t/how-do-i-use-pi-holes-built-in-dhcp-server-and-why-would-i-want-to/3026), ensuring *all* your devices are protected automatically
@@ -21,21 +26,17 @@ The Pi-hole[®](https://pi-hole.net/trademark-rules-and-brand-guidelines/) is a
 
 -----
 
-[![Codacy Badge](https://api.codacy.com/project/badge/Grade/c558a0f8d7124c99b02b84f0f5564238)](https://www.codacy.com/app/Pi-hole/pi-hole?utm_source=github.com&amp;utm_medium=referral&amp;utm_content=pi-hole/pi-hole&amp;utm_campaign=Badge_Grade)
-[![Build Status](https://travis-ci.org/pi-hole/pi-hole.svg?branch=development)](https://travis-ci.org/pi-hole/pi-hole)
-[![BountySource](https://www.bountysource.com/badge/tracker?tracker_id=3011939)](https://www.bountysource.com/trackers/3011939-pi-hole-pi-hole?utm_source=3011939&utm_medium=shield&utm_campaign=TRACKER_BADGE)
+Master [![Build Status](https://travis-ci.com/pi-hole/pi-hole.svg?branch=master)](https://travis-ci.com/pi-hole/pi-hole) Development [![Build Status](https://travis-ci.com/pi-hole/pi-hole.svg?branch=development)](https://travis-ci.com/pi-hole/pi-hole)
 
 ## One-Step Automated Install
 
 Those who want to get started quickly and conveniently may install Pi-hole using the following command:
 
-```bash
-curl -sSL https://install.pi-hole.net | bash
-```
+### `curl -sSL https://install.pi-hole.net | bash`
 
 ## Alternative Install Methods
 
-[Piping to `bash` is controversial](https://pi-hole.net/2016/07/25/curling-and-piping-to-bash), as it prevents you from [reading code that is about to run](https://github.com/pi-hole/pi-hole/blob/master/automated%20install/basic-install.sh) on your system. Therefore, we provide these alternative installation methods which allow code review before installation:
+Piping to `bash` is [controversial](https://pi-hole.net/2016/07/25/curling-and-piping-to-bash), as it prevents you from [reading code that is about to run](https://github.com/pi-hole/pi-hole/blob/master/automated%20install/basic-install.sh) on your system. Therefore, we provide these alternative installation methods which allow code review before installation:
 
 ### Method 1: Clone our repository and run
 
@@ -52,7 +53,7 @@ wget -O basic-install.sh https://install.pi-hole.net
 sudo bash basic-install.sh
 ```
 
-## Post-install: Make your network take advantage of Pi-hole
+## [Post-install: Make your network take advantage of Pi-hole](https://docs.pi-hole.net/main/post-install/)
 
 Once the installer has been run, you will need to [configure your router to have **DHCP clients use Pi-hole as their DNS server**](https://discourse.pi-hole.net/t/how-do-i-configure-my-devices-to-use-pi-hole-as-their-dns-server/245) which ensures that all devices connecting to your network will have content blocked without any further intervention.
 
@@ -68,22 +69,18 @@ There are many reoccurring costs involved with maintaining free, open source, an
 
 Make no mistake: **your support is absolutely vital to help keep us innovating!**
 
-### Donations
+### [Donations](https://pi-hole.net/donate)
 
-Sending a donation using our links below is **extremely helpful** in offsetting a portion of our monthly expenses:
-
-- <img src="https://pi-hole.github.io/graphics/Badges/paypal-badge-black.svg" width="24" height="24" alt="PP"> [Donate via PayPal](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=3J2L3Z4DHW9UY)
-- <img src="https://pi-hole.github.io/graphics/Badges/bitcoin-badge-black.svg" width="24" height="24" alt="BTC"> [Bitcoin, Bitcoin Cash, Ethereum, Litecoin](https://commerce.coinbase.com/checkout/dd304d04-f324-4a77-931b-0db61c77a41b)
+Sending a donation using our Sponsor Button is **extremely helpful** in offsetting a portion of our monthly expenses:
 
 ### Alternative support
 
-If you'd rather not [donate](https://pi-hole.net/donate/) (_which is okay!_), there are other ways you can help support us:
+If you'd rather not donate (_which is okay!_), there are other ways you can help support us:
 
 - [Patreon](https://patreon.com/pihole) _Become a patron for rewards_
 - [Digital Ocean](https://www.digitalocean.com/?refcode=344d234950e1) _affiliate link_
 - [Stickermule](https://www.stickermule.com/unlock?ref_id=9127301701&utm_medium=link&utm_source=invite) _earn a $10 credit after your first purchase_
-- [Amazon](https://www.amazon.com/exec/obidos/redirect-home/pihole09-20) _affiliate link_
-- [DNS Made Easy](https://cp.dnsmadeeasy.com/u/133706) _affiliate link_
+- [Amazon](http://www.amazon.com/exec/obidos/redirect-home/pihole09-20) _affiliate link_
 - Spreading the word about our software, and how you have benefited from it
 
 ### Contributing via GitHub
@@ -94,12 +91,6 @@ If you have something to add - anything from a typo through to a whole new featu
 
 You'll find that the [install script](https://github.com/pi-hole/pi-hole/blob/master/automated%20install/basic-install.sh) and the [debug script](https://github.com/pi-hole/pi-hole/blob/master/advanced/Scripts/piholeDebug.sh) have an abundance of comments, which will help you better understand how Pi-hole works. They're also a valuable resource to those who want to learn how to write scripts or code a program! We encourage anyone who likes to tinker to read through it and submit a pull request for us to review.
 
-### Presentations about Pi-hole
-
-Word-of-mouth continues to help our project grow immensely, and so we are helping make this easier for people.
-
-If you are going to be presenting Pi-hole at a conference, meetup or even a school project, [get in touch with us](https://pi-hole.net/2017/05/17/giving-a-presentation-on-pi-hole-contact-us-first-for-some-goodies-and-support/) so we can hook you up with free swag to hand out to your audience!
-
 -----
 
 ## Getting in touch with us
@@ -107,13 +98,9 @@ If you are going to be presenting Pi-hole at a conference, meetup or even a scho
 While we are primarily reachable on our [Discourse User Forum](https://discourse.pi-hole.net/), we can also be found on a variety of social media outlets. **Please be sure to check the FAQ's** before starting a new discussion, as we do not have the spare time to reply to every request for assistance.
 
 - [Frequently Asked Questions](https://discourse.pi-hole.net/c/faqs)
-- [Pi-hole Wiki](https://github.com/pi-hole/pi-hole/wiki)
 - [Feature Requests](https://discourse.pi-hole.net/c/feature-requests?order=votes)
-- [Discourse User Forum](https://discourse.pi-hole.net/)
 - [Reddit](https://www.reddit.com/r/pihole/)
-- [Twitter](https://twitter.com/The_Pi_Hole)
-- [YouTube](https://www.youtube.com/channel/UCT5kq9w0wSjogzJb81C9U0w)
-- [Facebook](https://www.facebook.com/ThePiHole/)
+- [Twitter](https://twitter.com/The_Pi_hole)
 
 -----
 
@@ -121,22 +108,21 @@ While we are primarily reachable on our [Discourse User Forum](https://discourse
 
 ### The Command Line Interface
 
-The `pihole` command has all the functionality necessary to be able to fully administer the Pi-hole, without the need of the Web Interface. It's fast, user-friendly, and auditable by anyone with an understanding of `bash`.
+The [pihole](https://docs.pi-hole.net/core/pihole-command/) command has all the functionality necessary to be able to fully administer the Pi-hole, without the need of the Web Interface. It's fast, user-friendly, and auditable by anyone with an understanding of `bash`.
 
-[![Pi-hole Blacklist Demo](https://pi-hole.github.io/graphics/Screenshots/blacklist-cli.gif)](https://pi-hole.github.io/graphics/Screenshots/blacklist-cli.gif)
+![Pi-hole Blacklist Demo](https://pi-hole.github.io/graphics/Screenshots/blacklist-cli.gif)
 
 Some notable features include:
 
-- [Whitelisting, Blacklisting and Wildcards](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#whitelisting-blacklisting-and-wildcards)
-- [Debugging utility](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#debugger)
-- [Viewing the live log file](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#tail)
-- [Real-time Statistics via `ssh`](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#chronometer) or [your TFT LCD screen](http://www.amazon.com/exec/obidos/ASIN/B00ID39LM4/pihole09-20)
-- [Updating Ad Lists](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#gravity)
-- [Querying Ad Lists for blocked domains](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#query)
-- [Enabling and Disabling Pi-hole](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#enable--disable)
+- [Whitelisting, Blacklisting and Regex](https://docs.pi-hole.net/core/pihole-command/#whitelisting-blacklisting-and-regex)
+- [Debugging utility](https://docs.pi-hole.net/core/pihole-command/#debugger)
+- [Viewing the live log file](https://docs.pi-hole.net/core/pihole-command/#tail)
+- [Updating Ad Lists](https://docs.pi-hole.net/core/pihole-command/#gravity)
+- [Querying Ad Lists for blocked domains](https://docs.pi-hole.net/core/pihole-command/#query)
+- [Enabling and Disabling Pi-hole](https://docs.pi-hole.net/core/pihole-command/#enable-disable)
 - ... and *many* more!
 
-You can read our [Core Feature Breakdown](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown), as well as read up on [example usage](https://discourse.pi-hole.net/t/the-pihole-command-with-examples/738) for more information.
+You can read our [Core Feature Breakdown](https://docs.pi-hole.net/core/pihole-command/#pi-hole-core) for more information.
 
 ### The Web Interface Dashboard
 
@@ -157,8 +143,8 @@ Some notable features include:
 
 There are several ways to [access the dashboard](https://discourse.pi-hole.net/t/how-do-i-access-pi-holes-dashboard-admin-interface/3168):
 
-1. `http://<IP_ADDPRESS_OF_YOUR_PI_HOLE>/admin/`
-2. `http://pi.hole/admin/` (when using Pi-hole as your DNS server)
+1. `http://pi.hole/admin/` (when using Pi-hole as your DNS server)
+2. `http://<IP_ADDPRESS_OF_YOUR_PI_HOLE>/admin/`
 3. `http://pi.hole/` (when using Pi-hole as your DNS server)
 
 ## Faster-than-light Engine
@@ -177,31 +163,3 @@ Some of the statistics you can integrate include:
 - Unique clients
 
 The API can be accessed via [`telnet`](https://github.com/pi-hole/FTL), the Web (`admin/api.php`) and Command Line (`pihole -c -j`). You can out find [more details over here](https://discourse.pi-hole.net/t/pi-hole-api/1863).
-
------
-
-## The Origin Of Pi-hole
-
-Pi-hole being an **advertising-aware DNS/Web server**, makes use of the following technologies:
-
-- [`dnsmasq`](http://www.thekelleys.org.uk/dnsmasq/doc.html) - a lightweight DNS and DHCP server
-- [`curl`](https://curl.haxx.se/) - A command line tool for transferring data with URL syntax
-- [`lighttpd`](https://www.lighttpd.net/) - web server designed and optimized for high performance
-- [`php`](https://www.php.net/) - a popular general-purpose web scripting language
-- [AdminLTE Dashboard](https://github.com/ColorlibHQ/AdminLTE) - premium admin control panel based on Bootstrap 3.x
-
-While quite outdated at this point, [this original blog post about Pi-hole](https://jacobsalmela.com/2015/06/16/block-millions-ads-network-wide-with-a-raspberry-pi-hole-2-0/) goes into **great detail** about how Pi-hole was originally set up and how it works. Syntactically, it's no longer accurate, but the same basic principles and logic still apply to Pi-hole's current state.
-
------
-
-## [Coverage](https://docs.pi-hole.net/main/coverage/)
-
------
-
-## Pi-hole Projects
-
-- [The Big Blocklist Collection](https://firebog.net/)
-- [Pie in the Sky-Hole](https://dlaa.me/blog/post/skyhole)
-- [Copernicus: Windows Tray Application](https://github.com/goldbattle/copernicus)
-- [Magic Mirror with DNS Filtering](https://zonksec.com/blog/magic-mirror-dns-filtering/#dnssoftware)
-- [Windows DNS Swapper](https://github.com/roots84/DNS-Swapper)

From 76ce5ec66b38f4e3dc2cd28999623f90ff9118bf Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Wed, 15 Jul 2020 20:45:02 +0100
Subject: [PATCH 039/297] Add additional information about local debug log
 location

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 advanced/Scripts/piholeDebug.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index b88ac528..ee719181 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -1257,7 +1257,7 @@ upload_to_tricorder() {
             # If they say yes, run our function for uploading the log
             [yY][eE][sS]|[yY]) tricorder_use_nc_or_curl;;
             # If they choose no, just exit out of the script
-            *) log_write "    * Log will ${COL_GREEN}NOT${COL_NC} be uploaded to tricorder.";exit;
+            *) log_write "    * Log will ${COL_GREEN}NOT${COL_NC} be uploaded to tricorder.\\n    * A local copy of the debug log can be found at: ${COL_CYAN}${PIHOLE_DEBUG_LOG}${COL_NC}";exit;
         esac
     fi
     # Check if tricorder.pi-hole.net is reachable and provide token

From b8bba7951f5911ec93b278abe85f3011b54b6274 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Wed, 15 Jul 2020 20:49:18 +0100
Subject: [PATCH 040/297] Just one more newline, give it to me.

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 advanced/Scripts/piholeDebug.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index ee719181..a3fe1a6e 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -1257,9 +1257,9 @@ upload_to_tricorder() {
             # If they say yes, run our function for uploading the log
             [yY][eE][sS]|[yY]) tricorder_use_nc_or_curl;;
             # If they choose no, just exit out of the script
-            *) log_write "    * Log will ${COL_GREEN}NOT${COL_NC} be uploaded to tricorder.\\n    * A local copy of the debug log can be found at: ${COL_CYAN}${PIHOLE_DEBUG_LOG}${COL_NC}";exit;
+            *) log_write "    * Log will ${COL_GREEN}NOT${COL_NC} be uploaded to tricorder.\\n    * A local copy of the debug log can be found at: ${COL_CYAN}${PIHOLE_DEBUG_LOG}${COL_NC}\\n";exit;
         esac
-    fi
+    fi232623
     # Check if tricorder.pi-hole.net is reachable and provide token
     # along with some additional useful information
     if [[ -n "${tricorder_token}" ]]; then

From 849139176e22f0cc71be8eab24d156188bea1959 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Wed, 15 Jul 2020 21:54:45 +0100
Subject: [PATCH 041/297] fallback to NC if curl fails on uploadgit checkout

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 advanced/Scripts/piholeDebug.sh | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index a3fe1a6e..3d42d7e1 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -1215,6 +1215,11 @@ tricorder_use_nc_or_curl() {
         log_write "    * Using ${COL_GREEN}curl${COL_NC} for transmission."
         # transmit he log via TLS and store the token returned in a variable
         tricorder_token=$(curl --silent --upload-file ${PIHOLE_DEBUG_LOG} https://tricorder.pi-hole.net:${TRICORDER_SSL_PORT_NUMBER})
+        if [ -z "${tricorder_token}" ]; then
+         # curl failed, fallback to nc
+         log_write "    * ${COL_GREEN}curl${COL_NC} failed, falling back to ${COL_YELLOW}netcat${COL_NC} for transmission."
+         tricorder_token=$(< ${PIHOLE_DEBUG_LOG} nc tricorder.pi-hole.net ${TRICORDER_NC_PORT_NUMBER})
+        fi
     # Otherwise,
     else
         # use net cat

From b4ca13b3ade48d69fd98fcd6a4c4a377688368b9 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Wed, 15 Jul 2020 22:03:07 +0100
Subject: [PATCH 042/297] add one

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 supportedos.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/supportedos.txt b/supportedos.txt
index ce4986bc..1eb1fde6 100644
--- a/supportedos.txt
+++ b/supportedos.txt
@@ -1,5 +1,5 @@
 Raspbian=9,10
-Ubuntu=16,18
+Ubuntu=16,18,20
 Debian=9,10
 Fedora=31,32
 CentOS=7,8
\ No newline at end of file

From acfb092e4b1eb24b125e0c21324892ff31e9be47 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Wed, 15 Jul 2020 23:38:08 +0100
Subject: [PATCH 043/297] fix minor bug in 5.1

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 automated install/basic-install.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 28001831..5aa20187 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -72,8 +72,8 @@ useUpdateVars=false
 adlistFile="/etc/pihole/adlists.list"
 # Pi-hole needs an IP address; to begin, these variables are empty since we don't know what the IP is until
 # this script can run
-IPV4_ADDRESS=""
-IPV6_ADDRESS=""
+IPV4_ADDRESS=${IPV4_ADDRESS}
+IPV6_ADDRESS=${IPV6_ADDRESS}
 # By default, query logging is enabled and the dashboard is set to be installed
 QUERY_LOGGING=true
 INSTALL_WEB_INTERFACE=true

From f50cff54de8c212a613d31b54cc736f863d4f513 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Wed, 15 Jul 2020 23:49:17 +0100
Subject: [PATCH 044/297] *innocent whistling*

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 advanced/Scripts/piholeDebug.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 3d42d7e1..d5da57ae 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -1264,7 +1264,7 @@ upload_to_tricorder() {
             # If they choose no, just exit out of the script
             *) log_write "    * Log will ${COL_GREEN}NOT${COL_NC} be uploaded to tricorder.\\n    * A local copy of the debug log can be found at: ${COL_CYAN}${PIHOLE_DEBUG_LOG}${COL_NC}\\n";exit;
         esac
-    fi232623
+    fi
     # Check if tricorder.pi-hole.net is reachable and provide token
     # along with some additional useful information
     if [[ -n "${tricorder_token}" ]]; then

From 533e5dddd033682bd60ab2e5ae83f80de0de37e5 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Thu, 16 Jul 2020 18:33:53 +0100
Subject: [PATCH 045/297] clarify examples in case of unsupported OS

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 automated install/basic-install.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 5aa20187..30f68739 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -217,7 +217,8 @@ os_check() {
         printf "      https://docs.pi-hole.net/main/prerequesites/#supported-operating-systems\\n"
         printf "\\n"
         printf "      This check can be skipped by setting the environment variable %bPIHOLE_SKIP_OS_CHECK%b to %btrue%b\\n" "${COL_LIGHT_RED}" "${COL_NC}" "${COL_LIGHT_RED}" "${COL_NC}"
-        printf "      e.g: export PIHOLE_SKIP_OS_CHECK=true\\n"
+        printf "      e.g: 'sudo PIHOLE_SKIP_OS_CHECK=true curl -sSL https://install.pi-hole.net | bash'\\n"
+        printf "      or   'sudo PIHOLE_SKIP_OS_CHECK=true pihole -up'\\n"
         printf "      By setting this variable to true you acknowledge there may be issues with Pi-hole during or after the install\\n"
         printf "      If that is the case, you can feel free to ask the community on Discourse with the %bCommunity Help%b category:\\n" "${COL_LIGHT_RED}" "${COL_NC}"
         printf "      https://discourse.pi-hole.net/c/bugs-problems-issues/community-help/\\n"

From 643d2c0f3ea7871b64f9eaa2c9a5a2060d9ad14e Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Thu, 16 Jul 2020 21:31:45 +0100
Subject: [PATCH 046/297] add missing port number validation section to
 valid_ip6

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 automated install/basic-install.sh | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 30f68739..2bbd4d10 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -1040,8 +1040,10 @@ valid_ip6() {
     local ipv6elem="[0-9a-fA-F]{1,4}"
     # CIDR for IPv6 is 1- 128 bit
     local v6cidr="(\\/([1-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8])){0,1}"
+    # optional port number starting '#' with range of 1-65536
+    local portelem="(#([1-9]|[1-8][0-9]|9[0-9]|[1-8][0-9]{2}|9[0-8][0-9]|99[0-9]|[1-8][0-9]{3}|9[0-8][0-9]{2}|99[0-8][0-9]|999[0-9]|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-6]))?"
     # build a full regex string from the above parts
-    local regex="^(((${ipv6elem}))((:${ipv6elem}))*::((${ipv6elem}))*((:${ipv6elem}))*|((${ipv6elem}))((:${ipv6elem})){7})${v6cidr}$"
+    local regex="^(((${ipv6elem}))((:${ipv6elem}))*::((${ipv6elem}))*((:${ipv6elem}))*|((${ipv6elem}))((:${ipv6elem})){7})${v6cidr}${portelem}$"
 
     [[ ${ip} =~ ${regex} ]]
 

From 25b873cf7b6062e3b4175703a2f1ae202d596ab5 Mon Sep 17 00:00:00 2001
From: MichaIng <micha@dietpi.com>
Date: Thu, 2 Jul 2020 23:19:30 +0200
Subject: [PATCH 047/297] Add default locations to PATH to assure that all
 basic commands are available

Signed-off-by: MichaIng <micha@dietpi.com>
---
 automated install/basic-install.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 28001831..36237c9c 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -21,6 +21,10 @@
 # instead of continuing the installation with something broken
 set -e
 
+# Set PATH to a usual default to assure that all basic commands are available.
+# When using "su" an uncomplete PATH could be passed: https://github.com/pi-hole/pi-hole/issues/3209
+export PATH+=':/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
+
 ######## VARIABLES #########
 # For better maintainability, we store as much information that can change in variables
 # This allows us to make a change in one place that can propagate to all instances of the variable

From 27366fe9f0f399316960d08752d4fff2539a3095 Mon Sep 17 00:00:00 2001
From: Josh <jokajak@gmail.com>
Date: Sun, 19 Jul 2020 07:35:44 -0400
Subject: [PATCH 048/297] chore(README.md): Grammar fix

Fix small grammar issue in README.md

Signed-off-by: Jokajak <jokajak@gmail.com>
---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 68d7c09f..c91c84bf 100644
--- a/README.md
+++ b/README.md
@@ -162,4 +162,4 @@ Some of the statistics you can integrate include:
 - Queries cached
 - Unique clients
 
-The API can be accessed via [`telnet`](https://github.com/pi-hole/FTL), the Web (`admin/api.php`) and Command Line (`pihole -c -j`). You can out find [more details over here](https://discourse.pi-hole.net/t/pi-hole-api/1863).
+The API can be accessed via [`telnet`](https://github.com/pi-hole/FTL), the Web (`admin/api.php`) and Command Line (`pihole -c -j`). You can find out [more details over here](https://discourse.pi-hole.net/t/pi-hole-api/1863).

From ea22774d163c1fbf235faa6ef1e911bc9e1ab167 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Tue, 21 Jul 2020 18:47:13 +0100
Subject: [PATCH 049/297] Wrap entire function in the check for the ENVVAR

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 automated install/basic-install.sh | 89 +++++++++++++++---------------
 1 file changed, 46 insertions(+), 43 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 2bbd4d10..ea4326d5 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -175,58 +175,61 @@ is_command() {
 }
 
 os_check() {
-    # This function gets a list of supported OS versions from a TXT record at versions.pi-hole.net
-    # and determines whether or not the script is running on one of those systems
-    local remote_os_domain valid_os valid_version detected_os_pretty detected_os detected_version display_warning
-    remote_os_domain="versions.pi-hole.net"
-    valid_os=false
-    valid_version=false
-    display_warning=true
+    if [ "$PIHOLE_SKIP_OS_CHECK" != true ]; then
+        # This function gets a list of supported OS versions from a TXT record at versions.pi-hole.net
+        # and determines whether or not the script is running on one of those systems
+        local remote_os_domain valid_os valid_version detected_os_pretty detected_os detected_version display_warning
+        remote_os_domain="versions.pi-hole.net"
+        valid_os=false
+        valid_version=false
+        display_warning=true
 
-    detected_os_pretty=$(cat /etc/*release | grep PRETTY_NAME | cut -d '=' -f2- | tr -d '"')
-    detected_os="${detected_os_pretty%% *}"
-    detected_version=$(cat /etc/*release | grep VERSION_ID | cut -d '=' -f2- | tr -d '"')
+        detected_os_pretty=$(cat /etc/*release | grep PRETTY_NAME | cut -d '=' -f2- | tr -d '"')
+        detected_os="${detected_os_pretty%% *}"
+        detected_version=$(cat /etc/*release | grep VERSION_ID | cut -d '=' -f2- | tr -d '"')
 
-    IFS=" " read -r -a supportedOS < <(dig +short -t txt ${remote_os_domain} | tr -d '"')
+        IFS=" " read -r -a supportedOS < <(dig +short -t txt ${remote_os_domain} | tr -d '"')
 
-    for i in "${supportedOS[@]}"
-    do
-        os_part=$(echo "$i" | cut -d '=' -f1)
-        versions_part=$(echo "$i" | cut -d '=' -f2-)
+        for i in "${supportedOS[@]}"
+        do
+            os_part=$(echo "$i" | cut -d '=' -f1)
+            versions_part=$(echo "$i" | cut -d '=' -f2-)
 
-        if [[ "${detected_os}" =~ ${os_part} ]]; then
-          valid_os=true
-          IFS="," read -r -a supportedVer <<<"${versions_part}"
-          for x in "${supportedVer[@]}"
-          do
-            if [[ "${detected_version}" =~ $x ]];then
-              valid_version=true
-              break
+            if [[ "${detected_os}" =~ ${os_part} ]]; then
+            valid_os=true
+            IFS="," read -r -a supportedVer <<<"${versions_part}"
+            for x in "${supportedVer[@]}"
+            do
+                if [[ "${detected_version}" =~ $x ]];then
+                valid_version=true
+                break
+                fi
+            done
+            break
             fi
-          done
-          break
+        done
+
+        if [ "$valid_os" = true ] && [ "$valid_version" = true ]; then
+            display_warning=false
         fi
-    done
 
-    if [ "$valid_os" = true ] && [ "$valid_version" = true ]; then
-        display_warning=false
-    fi
+        if [ "$display_warning" = true ]; then
+            printf "  %b %bUnsupported OS detected%b\\n" "${CROSS}" "${COL_LIGHT_RED}" "${COL_NC}"
+            printf "      https://docs.pi-hole.net/main/prerequesites/#supported-operating-systems\\n"
+            printf "\\n"
+            printf "      This check can be skipped by setting the environment variable %bPIHOLE_SKIP_OS_CHECK%b to %btrue%b\\n" "${COL_LIGHT_RED}" "${COL_NC}" "${COL_LIGHT_RED}" "${COL_NC}"
+            printf "      e.g: 'sudo PIHOLE_SKIP_OS_CHECK=true curl -sSL https://install.pi-hole.net | bash'\\n"
+            printf "      or   'sudo PIHOLE_SKIP_OS_CHECK=true pihole -up'\\n"
+            printf "      By setting this variable to true you acknowledge there may be issues with Pi-hole during or after the install\\n"
+            printf "      If that is the case, you can feel free to ask the community on Discourse with the %bCommunity Help%b category:\\n" "${COL_LIGHT_RED}" "${COL_NC}"
+            printf "      https://discourse.pi-hole.net/c/bugs-problems-issues/community-help/\\n"
+            exit 1
 
-    if [ "$display_warning" = true ] && [ "$PIHOLE_SKIP_OS_CHECK" != true ]; then
-        printf "  %b %bUnsupported OS detected%b\\n" "${CROSS}" "${COL_LIGHT_RED}" "${COL_NC}"
-        printf "      https://docs.pi-hole.net/main/prerequesites/#supported-operating-systems\\n"
-        printf "\\n"
-        printf "      This check can be skipped by setting the environment variable %bPIHOLE_SKIP_OS_CHECK%b to %btrue%b\\n" "${COL_LIGHT_RED}" "${COL_NC}" "${COL_LIGHT_RED}" "${COL_NC}"
-        printf "      e.g: 'sudo PIHOLE_SKIP_OS_CHECK=true curl -sSL https://install.pi-hole.net | bash'\\n"
-        printf "      or   'sudo PIHOLE_SKIP_OS_CHECK=true pihole -up'\\n"
-        printf "      By setting this variable to true you acknowledge there may be issues with Pi-hole during or after the install\\n"
-        printf "      If that is the case, you can feel free to ask the community on Discourse with the %bCommunity Help%b category:\\n" "${COL_LIGHT_RED}" "${COL_NC}"
-        printf "      https://discourse.pi-hole.net/c/bugs-problems-issues/community-help/\\n"
-        exit 1
-    elif [ "$display_warning" = true ] && [ "$PIHOLE_SKIP_OS_CHECK" = true ]; then
-        printf "  %b %bUnsupported OS detected%b. PIHOLE_SKIP_OS_CHECK env variable set to true - installer will continue\\n" "${INFO}" "${COL_LIGHT_RED}" "${COL_NC}"
+        else
+            printf "  %b %bSupported OS detected%b\\n" "${TICK}" "${COL_LIGHT_GREEN}" "${COL_NC}"
+        fi
     else
-        printf "  %b %bSupported OS detected%b\\n" "${TICK}" "${COL_LIGHT_GREEN}" "${COL_NC}"
+        printf "  %b %bPIHOLE_SKIP_OS_CHECK env variable set to true - installer will continue%b\\n" "${INFO}" "${COL_LIGHT_GREEN}" "${COL_NC}"
     fi
 }
 

From 6ee6eea1fb87f7bb74ab68a2fd3d7b49f92569fa Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Tue, 21 Jul 2020 21:13:40 +0200
Subject: [PATCH 050/297] Use pkill instead of the somewhat fragile combination
 of kill + pidof. This solves some issues especially when there are many TCP
 workers floating around.

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 pihole | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/pihole b/pihole
index b0ba8473..6e06e85d 100755
--- a/pihole
+++ b/pihole
@@ -20,8 +20,6 @@ PI_HOLE_BIN_DIR="/usr/local/bin"
 readonly colfile="${PI_HOLE_SCRIPT_DIR}/COL_TABLE"
 source "${colfile}"
 
-resolver="pihole-FTL"
-
 webpageFunc() {
   source "${PI_HOLE_SCRIPT_DIR}/webpage.sh"
   main "$@"
@@ -107,19 +105,19 @@ restartDNS() {
   # Determine if we should reload or restart
   if [[ "${svcOption}" =~ "reload-lists" ]]; then
     # Reloading of the lists has been requested
-    # Note: This will NOT re-read any *.conf files
+    # Note 1: This will NOT re-read any *.conf files
     # Note 2: We cannot use killall here as it does
     #         not know about real-time signals
-    svc="kill -SIGRTMIN $(pidof ${resolver})"
+    svc="pkill -RTMIN pihole-FTL"
     str="Reloading DNS lists"
   elif [[ "${svcOption}" =~ "reload" ]]; then
     # Reloading of the DNS cache has been requested
     # Note: This will NOT re-read any *.conf files
-    svc="killall -s SIGHUP ${resolver}"
+    svc="pkill -HUP pihole-FTL"
     str="Flushing DNS cache"
   else
     # A full restart has been requested
-    svc="service ${resolver} restart"
+    svc="service pihole-FTL restart"
     str="Restarting DNS server"
   fi
 

From 17aabf26f7859600bd3f234530f01c85043c3d59 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Tue, 21 Jul 2020 21:19:19 +0200
Subject: [PATCH 051/297] Also use pkill/pgrep in the FTL service script

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Templates/pihole-FTL.service | 17 +++--------------
 1 file changed, 3 insertions(+), 14 deletions(-)

diff --git a/advanced/Templates/pihole-FTL.service b/advanced/Templates/pihole-FTL.service
index 6af449f3..f0743b49 100644
--- a/advanced/Templates/pihole-FTL.service
+++ b/advanced/Templates/pihole-FTL.service
@@ -12,19 +12,8 @@
 FTLUSER=pihole
 PIDFILE=/run/pihole-FTL.pid
 
-get_pid() {
-    # First, try to obtain PID from PIDFILE
-    if [ -s "${PIDFILE}" ]; then
-        cat "${PIDFILE}"
-        return
-    fi
-
-    # If the PIDFILE is empty or not available, obtain the PID using pidof
-    pidof "pihole-FTL" | awk '{print $(NF)}'
-}
-
 is_running() {
-    ps "$(get_pid)" > /dev/null 2>&1
+    pgrep -o "pihole-FTL" > /dev/null 2>&1
 }
 
 
@@ -63,7 +52,7 @@ start() {
 # Stop the service
 stop() {
   if is_running; then
-    kill "$(get_pid)"
+    pkill -o pihole-FTL
     for i in {1..5}; do
       if ! is_running; then
         break
@@ -76,7 +65,7 @@ stop() {
 
     if is_running; then
       echo "Not stopped; may still be shutting down or shutdown may have failed, killing now"
-      kill -9 "$(get_pid)"
+      pkill -o -9 pihole-FTL
       exit 1
     else
       echo "Stopped"

From 8f7f0881c636e54ad5cf610f4388f3dc8bdb6820 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Tue, 21 Jul 2020 21:21:24 +0200
Subject: [PATCH 052/297] Add /usr/sbin to cronjob PATH

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Templates/pihole.cron | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/advanced/Templates/pihole.cron b/advanced/Templates/pihole.cron
index ba89efdb..ecd1e808 100644
--- a/advanced/Templates/pihole.cron
+++ b/advanced/Templates/pihole.cron
@@ -18,19 +18,19 @@
 #          early morning. Download any updates from the adlists
 #          Squash output to log, then splat the log to stdout on error to allow for
 #          standard crontab job error handling.
-59 1    * * 7   root    PATH="$PATH:/usr/local/bin/" pihole updateGravity >/var/log/pihole_updateGravity.log || cat /var/log/pihole_updateGravity.log
+59 1    * * 7   root    PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updateGravity >/var/log/pihole_updateGravity.log || cat /var/log/pihole_updateGravity.log
 
 # Pi-hole: Flush the log daily at 00:00
 #          The flush script will use logrotate if available
 #          parameter "once": logrotate only once (default is twice)
 #          parameter "quiet": don't print messages
-00 00   * * *   root    PATH="$PATH:/usr/local/bin/" pihole flush once quiet
+00 00   * * *   root    PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole flush once quiet
 
 @reboot root /usr/sbin/logrotate /etc/pihole/logrotate
 
 # Pi-hole: Grab local version and branch every 10 minutes
-*/10 *  * * *   root    PATH="$PATH:/usr/local/bin/" pihole updatechecker local
+*/10 *  * * *   root    PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updatechecker local
 
 # Pi-hole: Grab remote version every 24 hours
-59 17  * * *   root    PATH="$PATH:/usr/local/bin/" pihole updatechecker remote
-@reboot root    PATH="$PATH:/usr/local/bin/" pihole updatechecker remote reboot
+59 17  * * *   root    PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updatechecker remote
+@reboot root    PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updatechecker remote reboot

From 527fc3c5cf6372bc52de4a94064a23c7d88bdd9d Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Tue, 21 Jul 2020 21:39:59 +0200
Subject: [PATCH 053/297] Also pidof -> pgrep in gravity.sh

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 gravity.sh | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/gravity.sh b/gravity.sh
index 9d4c7bee..636c9872 100755
--- a/gravity.sh
+++ b/gravity.sh
@@ -43,8 +43,6 @@ optimize_database=false
 
 domainsExtension="domains"
 
-resolver="pihole-FTL"
-
 # Source setupVars from install script
 setupVars="${piholeDir}/setupVars.conf"
 if [[ -f "${setupVars}" ]];then
@@ -284,7 +282,7 @@ gravity_CheckDNSResolutionAvailable() {
   fi
 
   # Determine error output message
-  if pidof ${resolver} &> /dev/null; then
+  if pgrep pihole-FTL &> /dev/null; then
     echo -e "  ${CROSS} DNS resolution is currently unavailable"
   else
     echo -e "  ${CROSS} DNS service is not running"
@@ -746,7 +744,7 @@ gravity_Cleanup() {
   fi
 
   # Only restart DNS service if offline
-  if ! pidof ${resolver} &> /dev/null; then
+  if ! pgrep pihole-FTL &> /dev/null; then
     "${PIHOLE_COMMAND}" restartdns
     dnsWasOffline=true
   fi

From 93c1a629986874bd92bb9b23fdb7a2693948ba98 Mon Sep 17 00:00:00 2001
From: James Lagermann <james.lagermann@corelight.com>
Date: Tue, 21 Jul 2020 14:32:29 -0500
Subject: [PATCH 054/297] Update CONTRIBUTING.md

Co-authored-by: jrschat <54955683+jrschat@users.noreply.github.com>
signed-off-by: James Lagermann <james.lagermann@corelight.com>
---
 CONTRIBUTING.md | 57 +++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 57 insertions(+)

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index e32b500e..2d9b0808 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -36,3 +36,60 @@ When requesting or submitting new features, first consider whether it might be u
 - Commit Unix line endings.
 - Please use the Pi-hole brand: **Pi-hole** (Take a special look at the capitalized 'P' and a low 'h' with a hyphen)
 - (Optional fun) keep to the theme of Star Trek/black holes/gravity.
+
+## Forking and Cloning from GitHub to GitHub
+
+1. Fork <https://github.com/pi-hole/pi-hole/> to a repo under a namespace you control, or have permission to use, example: `https://github.com/<your_namespace>/<your_repo_name>/`.  You can do this from the github.com website.
+2. Clone `https://github.com/<your_namespace>/<your_repo_name>/` with the tool of you choice.
+3. To keep your fork in sync with our repo, add an upstream remote for pi-hole/pi-hole to your repo.
+    ```console
+    git remote add upstream https://github.com/pi-hole/pi-hole.git
+    ```
+4. Checkout the `development` branch from your clone `https://github.com/<your_namespace>/<your_repo_name>/`.
+5. Create a topic/branch, based on the `development` branch code. *Bonus fun to keep to the theme of Star Trek/black holes/gravity.*
+6. Make your changes and commit to your topic branch in your repo.
+7. Rebase your commits and squash any insignificant commits.  See notes below for an example.
+8. Merge `development` your branch and fix any conflicts.
+9. Open a Pull Request to merge your topic branch into our repo's `development` branch.
+- Keep in mind the technical requirements from above.
+
+## Forking and Cloning from GitHub to other code hosting sites
+
+- Forking is a GitHub concept and cannot be done from GitHub to other git based code hosting sites.  However, from those sites may be able to mirror a GitHub repo.
+1. To contribute from another code hosting site, you must first complete the steps above to fork our repo to a GitHub namespace you have permission to use, example: `https://github.com/<your_namespace>/<your_repo_name>/`.
+2. Create a repo in your code hosting site, for example: `https://gitlab.com/<your_namespace>/<your_repo_name>/`
+3. Follow the instructions from your code hosting site to create a mirror between `https://github.com/<your_namespace>/<your_repo_name>/` and `https://gitlab.com/<your_namespace>/<your_repo_name>/`.
+4. When you are ready to create a Pull Request (PR), follow the steps `(starting at step #6)` from [Forking and Cloning from GitHub to GitHub](#forking-and-cloning-from-github-to-github) and create the PR from `https://github.com/<your_namespace>/<your_repo_name>/`.
+
+## Notes for squashing commits with rebase
+
+- To rebase your commits and squash previous commits, you can use:
+    ```bash
+    git rebase -i your_topic_branch~(# of commits to combine)
+    ```
+- For more details visit [gitready.com](http://gitready.com/advanced/2009/02/10/squashing-commits-with-rebase.html)
+1. The following would combine the last four commits in the branch `mytopic`.
+    ```bash
+    git rebase -i mytopic~4
+    ```
+2. An editor window opens with the most recent commits indicated: (edit the commands to the left of the commit ID)
+    ```gitattributes
+    pick 9dff55b2 existing commit comments
+    squash ebb1a730 existing commit comments
+    squash 07cc5b50 existing commit comments
+    reword 9dff55b2 existing commit comments
+    ```
+3. Save and close the editor. The next editor window opens: (edit the new commit message).  *If you select reword for a commit, an additional editor window will open for you to edit the comment.*
+    ```console
+    new commit comments
+    Signed-off-by: yourname <your email address>
+    ```
+4. Save and close the editor for the rebase process to execute.  The terminal output should say something like the following:
+    ```console
+    Successfully rebased and updated refs/heads/mytopic.
+    ```
+5. Once you have a successful rebase, and before you sync your local clone, you have to force push origin to update your repo:
+    ```console
+    git push -f origin
+    ```
+6. Continue on from step #7 from [Forking and Cloning from GitHub to GitHub](#forking-and-cloning-from-github-to-github)

From be140007789a92a83c9c542e23182825c64b644a Mon Sep 17 00:00:00 2001
From: James Lagermann <james.lagermann@corelight.com>
Date: Tue, 21 Jul 2020 15:02:23 -0500
Subject: [PATCH 055/297] added blanks-around-fences to correct lint errors

Signed-off-by: James Lagermann <james.lagermann@corelight.com>
---
 CONTRIBUTING.md | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 2d9b0808..bba6b3fc 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -42,20 +42,24 @@ When requesting or submitting new features, first consider whether it might be u
 1. Fork <https://github.com/pi-hole/pi-hole/> to a repo under a namespace you control, or have permission to use, example: `https://github.com/<your_namespace>/<your_repo_name>/`.  You can do this from the github.com website.
 2. Clone `https://github.com/<your_namespace>/<your_repo_name>/` with the tool of you choice.
 3. To keep your fork in sync with our repo, add an upstream remote for pi-hole/pi-hole to your repo.
+
     ```console
     git remote add upstream https://github.com/pi-hole/pi-hole.git
     ```
+
 4. Checkout the `development` branch from your clone `https://github.com/<your_namespace>/<your_repo_name>/`.
 5. Create a topic/branch, based on the `development` branch code. *Bonus fun to keep to the theme of Star Trek/black holes/gravity.*
 6. Make your changes and commit to your topic branch in your repo.
 7. Rebase your commits and squash any insignificant commits.  See notes below for an example.
 8. Merge `development` your branch and fix any conflicts.
 9. Open a Pull Request to merge your topic branch into our repo's `development` branch.
+
 - Keep in mind the technical requirements from above.
 
 ## Forking and Cloning from GitHub to other code hosting sites
 
 - Forking is a GitHub concept and cannot be done from GitHub to other git based code hosting sites.  However, from those sites may be able to mirror a GitHub repo.
+
 1. To contribute from another code hosting site, you must first complete the steps above to fork our repo to a GitHub namespace you have permission to use, example: `https://github.com/<your_namespace>/<your_repo_name>/`.
 2. Create a repo in your code hosting site, for example: `https://gitlab.com/<your_namespace>/<your_repo_name>/`
 3. Follow the instructions from your code hosting site to create a mirror between `https://github.com/<your_namespace>/<your_repo_name>/` and `https://gitlab.com/<your_namespace>/<your_repo_name>/`.
@@ -64,32 +68,45 @@ When requesting or submitting new features, first consider whether it might be u
 ## Notes for squashing commits with rebase
 
 - To rebase your commits and squash previous commits, you can use:
+
     ```bash
     git rebase -i your_topic_branch~(# of commits to combine)
     ```
+
 - For more details visit [gitready.com](http://gitready.com/advanced/2009/02/10/squashing-commits-with-rebase.html)
+
 1. The following would combine the last four commits in the branch `mytopic`.
+
     ```bash
     git rebase -i mytopic~4
     ```
+
 2. An editor window opens with the most recent commits indicated: (edit the commands to the left of the commit ID)
+
     ```gitattributes
     pick 9dff55b2 existing commit comments
     squash ebb1a730 existing commit comments
     squash 07cc5b50 existing commit comments
     reword 9dff55b2 existing commit comments
     ```
+
 3. Save and close the editor. The next editor window opens: (edit the new commit message).  *If you select reword for a commit, an additional editor window will open for you to edit the comment.*
+
     ```console
     new commit comments
     Signed-off-by: yourname <your email address>
     ```
+
 4. Save and close the editor for the rebase process to execute.  The terminal output should say something like the following:
+
     ```console
     Successfully rebased and updated refs/heads/mytopic.
     ```
+
 5. Once you have a successful rebase, and before you sync your local clone, you have to force push origin to update your repo:
+
     ```console
     git push -f origin
     ```
+
 6. Continue on from step #7 from [Forking and Cloning from GitHub to GitHub](#forking-and-cloning-from-github-to-github)

From 510b64673664f0e39abefb2a40b13f7a506c1dbe Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Wed, 22 Jul 2020 22:29:38 +0100
Subject: [PATCH 056/297] change up the verbiage with something that works
 (tested)

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 automated install/basic-install.sh | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index ea4326d5..660862bd 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -217,10 +217,13 @@ os_check() {
             printf "  %b %bUnsupported OS detected%b\\n" "${CROSS}" "${COL_LIGHT_RED}" "${COL_NC}"
             printf "      https://docs.pi-hole.net/main/prerequesites/#supported-operating-systems\\n"
             printf "\\n"
-            printf "      This check can be skipped by setting the environment variable %bPIHOLE_SKIP_OS_CHECK%b to %btrue%b\\n" "${COL_LIGHT_RED}" "${COL_NC}" "${COL_LIGHT_RED}" "${COL_NC}"
-            printf "      e.g: 'sudo PIHOLE_SKIP_OS_CHECK=true curl -sSL https://install.pi-hole.net | bash'\\n"
-            printf "      or   'sudo PIHOLE_SKIP_OS_CHECK=true pihole -up'\\n"
-            printf "      By setting this variable to true you acknowledge there may be issues with Pi-hole during or after the install\\n"
+            printf "      e.g: If you are seeing this message on a fresh install, you can run:"
+            printf "             'PIHOLE_SKIP_OS_CHECK=true curl -sSL https://install.pi-hole.net | sudo -E bash'\\n"
+            printf "\\n"
+            printf "           If you are seeing this message after having run pihole -up:\\n"
+            printf "             'PIHOLE_SKIP_OS_CHECK=true sudo -E pihole -r'\\n"
+            printf "           (In this case, your previous run of pihole -up will have already updated the local repository)\\n"
+            printf "\\n"
             printf "      If that is the case, you can feel free to ask the community on Discourse with the %bCommunity Help%b category:\\n" "${COL_LIGHT_RED}" "${COL_NC}"
             printf "      https://discourse.pi-hole.net/c/bugs-problems-issues/community-help/\\n"
             exit 1

From 98dc51869e4acdd44053175a02a7ff25e4b90d51 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Wed, 22 Jul 2020 22:30:51 +0100
Subject: [PATCH 057/297] accidentally missed \\n

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 automated install/basic-install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 660862bd..2bf63882 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -217,7 +217,7 @@ os_check() {
             printf "  %b %bUnsupported OS detected%b\\n" "${CROSS}" "${COL_LIGHT_RED}" "${COL_NC}"
             printf "      https://docs.pi-hole.net/main/prerequesites/#supported-operating-systems\\n"
             printf "\\n"
-            printf "      e.g: If you are seeing this message on a fresh install, you can run:"
+            printf "      e.g: If you are seeing this message on a fresh install, you can run:\\n"
             printf "             'PIHOLE_SKIP_OS_CHECK=true curl -sSL https://install.pi-hole.net | sudo -E bash'\\n"
             printf "\\n"
             printf "           If you are seeing this message after having run pihole -up:\\n"

From ddb36c013d82aafa28ad8c590fff9f1fd3e170e6 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Wed, 22 Jul 2020 22:39:03 +0100
Subject: [PATCH 058/297] it helps if the echo goes variable set goes in the
 right place

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 automated install/basic-install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 2bf63882..188e889e 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -218,7 +218,7 @@ os_check() {
             printf "      https://docs.pi-hole.net/main/prerequesites/#supported-operating-systems\\n"
             printf "\\n"
             printf "      e.g: If you are seeing this message on a fresh install, you can run:\\n"
-            printf "             'PIHOLE_SKIP_OS_CHECK=true curl -sSL https://install.pi-hole.net | sudo -E bash'\\n"
+            printf "             'curl -sSL https://install.pi-hole.net | PIHOLE_SKIP_OS_CHECK=true sudo -E bash'\\n"
             printf "\\n"
             printf "           If you are seeing this message after having run pihole -up:\\n"
             printf "             'PIHOLE_SKIP_OS_CHECK=true sudo -E pihole -r'\\n"

From 18c24d985f6cf1e7acf7b4b935556a704d6357be Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Thu, 23 Jul 2020 20:43:12 +0200
Subject: [PATCH 059/297] Create custom.list during install/update if it
 doesn't exist
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 automated install/basic-install.sh | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 5aa20187..2887fe56 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -70,6 +70,7 @@ PI_HOLE_BLOCKPAGE_DIR="${webroot}/pihole"
 useUpdateVars=false
 
 adlistFile="/etc/pihole/adlists.list"
+="${PI_HOLE_CONFIG_DIR}/custom.list"
 # Pi-hole needs an IP address; to begin, these variables are empty since we don't know what the IP is until
 # this script can run
 IPV4_ADDRESS=${IPV4_ADDRESS}
@@ -1810,6 +1811,16 @@ installPiholeWeb() {
     printf "%b  %b %s\\n" "${OVER}" "${TICK}" "${str}"
 }
 
+# Creates custom DNS file if it does not exist
+installCustomDNSfile() {
+
+    if [[ ! -e "${customDNSfile}" ]]; then
+        touch "${customDNSfile}"
+        chmod 644 "${customDNSfile}"
+    fi
+
+}
+
 # Installs a cron file
 installCron() {
     # Install the cron job
@@ -2037,6 +2048,9 @@ installPihole() {
     # install a man page entry for pihole
     install_manpage
 
+    # install custom DNS file if it does not exist
+    installCustomDNSfile
+
     # Update setupvars.conf with any variables that may or may not have been changed during the install
     finalExports
 }

From 331502e14cc31972f4653b9741b931be7569031a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Thu, 23 Jul 2020 20:52:21 +0200
Subject: [PATCH 060/297] Add variable that got lost
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 automated install/basic-install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 2887fe56..b682fa33 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -70,7 +70,7 @@ PI_HOLE_BLOCKPAGE_DIR="${webroot}/pihole"
 useUpdateVars=false
 
 adlistFile="/etc/pihole/adlists.list"
-="${PI_HOLE_CONFIG_DIR}/custom.list"
+customDNSfile="${PI_HOLE_CONFIG_DIR}/custom.list"
 # Pi-hole needs an IP address; to begin, these variables are empty since we don't know what the IP is until
 # this script can run
 IPV4_ADDRESS=${IPV4_ADDRESS}

From ec9f490fcc0c31a559d3d523dd22796cb31a94e2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Fri, 24 Jul 2020 20:32:32 +0200
Subject: [PATCH 061/297] Remove separate install function, move to
 installConfigs(), use pihole syntax
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 automated install/basic-install.sh | 22 +++++++++-------------
 1 file changed, 9 insertions(+), 13 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index b682fa33..fc90154a 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -70,7 +70,6 @@ PI_HOLE_BLOCKPAGE_DIR="${webroot}/pihole"
 useUpdateVars=false
 
 adlistFile="/etc/pihole/adlists.list"
-customDNSfile="${PI_HOLE_CONFIG_DIR}/custom.list"
 # Pi-hole needs an IP address; to begin, these variables are empty since we don't know what the IP is until
 # this script can run
 IPV4_ADDRESS=${IPV4_ADDRESS}
@@ -1477,6 +1476,15 @@ installConfigs() {
             return 1
         fi
     fi
+
+    # Install empty custom.list file if it does not exist
+    if [[ ! -r "${PI_HOLE_CONFIG_DIR}/custom.list" ]]; then
+        if ! install -o root -m 664 /dev/null "${PI_HOLE_CONFIG_DIR}/custom.list" &>/dev/null; then
+            printf "  %bError: Unable to initialize configuration file %s/custom.list\\n" "${COL_LIGHT_RED}" "${PI_HOLE_CONFIG_DIR}"
+            return 1
+        fi
+    fi
+    
     # If the user chose to install the dashboard,
     if [[ "${INSTALL_WEB_SERVER}" == true ]]; then
         # and if the Web server conf directory does not exist,
@@ -1811,15 +1819,6 @@ installPiholeWeb() {
     printf "%b  %b %s\\n" "${OVER}" "${TICK}" "${str}"
 }
 
-# Creates custom DNS file if it does not exist
-installCustomDNSfile() {
-
-    if [[ ! -e "${customDNSfile}" ]]; then
-        touch "${customDNSfile}"
-        chmod 644 "${customDNSfile}"
-    fi
-
-}
 
 # Installs a cron file
 installCron() {
@@ -2048,9 +2047,6 @@ installPihole() {
     # install a man page entry for pihole
     install_manpage
 
-    # install custom DNS file if it does not exist
-    installCustomDNSfile
-
     # Update setupvars.conf with any variables that may or may not have been changed during the install
     finalExports
 }

From dfcdfd4b0a9244db5b2e923fdf0f47fef79e3fcf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Sun, 26 Jul 2020 12:27:55 +0200
Subject: [PATCH 062/297] Remove empty line
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 automated install/basic-install.sh | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index fc90154a..8f98e16f 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -1484,7 +1484,7 @@ installConfigs() {
             return 1
         fi
     fi
-    
+
     # If the user chose to install the dashboard,
     if [[ "${INSTALL_WEB_SERVER}" == true ]]; then
         # and if the Web server conf directory does not exist,
@@ -1819,7 +1819,6 @@ installPiholeWeb() {
     printf "%b  %b %s\\n" "${OVER}" "${TICK}" "${str}"
 }
 
-
 # Installs a cron file
 installCron() {
     # Install the cron job

From 0a81d687e83de65e337f533c71dcdac0d2810a6c Mon Sep 17 00:00:00 2001
From: Dan Schaper <dan.schaper@pi-hole.net>
Date: Sun, 26 Jul 2020 12:31:11 -0700
Subject: [PATCH 063/297] Update automated install/basic-install.sh

---
 automated install/basic-install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 8f98e16f..4bc932e6 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -1479,7 +1479,7 @@ installConfigs() {
 
     # Install empty custom.list file if it does not exist
     if [[ ! -r "${PI_HOLE_CONFIG_DIR}/custom.list" ]]; then
-        if ! install -o root -m 664 /dev/null "${PI_HOLE_CONFIG_DIR}/custom.list" &>/dev/null; then
+        if ! install -o root -m 644 /dev/null "${PI_HOLE_CONFIG_DIR}/custom.list" &>/dev/null; then
             printf "  %bError: Unable to initialize configuration file %s/custom.list\\n" "${COL_LIGHT_RED}" "${PI_HOLE_CONFIG_DIR}"
             return 1
         fi

From 0ff32c3629220f386a45c14d8982aaaf128aa47f Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Mon, 27 Jul 2020 17:44:22 +0100
Subject: [PATCH 064/297] Use ns1.pi-hole.net to resolve versions.pi-hole.net
 so that we do not see DNS cookie issues

Co-Authored-by: Dan Schaper <dan.schaper@pi-hole.net>
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 automated install/basic-install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 188e889e..1bbfd7c4 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -188,7 +188,7 @@ os_check() {
         detected_os="${detected_os_pretty%% *}"
         detected_version=$(cat /etc/*release | grep VERSION_ID | cut -d '=' -f2- | tr -d '"')
 
-        IFS=" " read -r -a supportedOS < <(dig +short -t txt ${remote_os_domain} | tr -d '"')
+        IFS=" " read -r -a supportedOS < <(dig +short -t txt ${remote_os_domain} @ns1.pi-hole.net | tr -d '"')
 
         for i in "${supportedOS[@]}"
         do

From 8380112129a5ea0bd0356256a23d211a80038e7c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Tue, 28 Jul 2020 09:40:45 +0200
Subject: [PATCH 065/297] Resolve conflicts
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 automated install/basic-install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 1bbfd7c4..7f3b276e 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -214,7 +214,7 @@ os_check() {
         fi
 
         if [ "$display_warning" = true ]; then
-            printf "  %b %bUnsupported OS detected%b\\n" "${CROSS}" "${COL_LIGHT_RED}" "${COL_NC}"
+            printf "  %b %bUnsupported OS detected: %s%b\\n" "${CROSS}" "${COL_LIGHT_RED}" "${detected_os_pretty}" "${COL_NC}"
             printf "      https://docs.pi-hole.net/main/prerequesites/#supported-operating-systems\\n"
             printf "\\n"
             printf "      e.g: If you are seeing this message on a fresh install, you can run:\\n"

From b207ceeab2e485a03a2b3451b59b2d1a1d80e2a9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Mon, 27 Jul 2020 17:01:55 +0200
Subject: [PATCH 066/297] Report and exit if dig supportedOS returns nothing
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 automated install/basic-install.sh | 35 +++++++++++++++++-------------
 1 file changed, 20 insertions(+), 15 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 1bbfd7c4..d1a74b40 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -190,24 +190,29 @@ os_check() {
 
         IFS=" " read -r -a supportedOS < <(dig +short -t txt ${remote_os_domain} @ns1.pi-hole.net | tr -d '"')
 
-        for i in "${supportedOS[@]}"
-        do
-            os_part=$(echo "$i" | cut -d '=' -f1)
-            versions_part=$(echo "$i" | cut -d '=' -f2-)
+        if [ -z "$supportedOS" ]; then
+            printf "  %b %bRetrieval of supported OS failed. Please contact support. %b\\n" "${CROSS}" "${COL_LIGHT_RED}" "${COL_NC}"
+            exit 1
+        else
+          for i in "${supportedOS[@]}"
+          do
+              os_part=$(echo "$i" | cut -d '=' -f1)
+              versions_part=$(echo "$i" | cut -d '=' -f2-)
 
-            if [[ "${detected_os}" =~ ${os_part} ]]; then
-            valid_os=true
-            IFS="," read -r -a supportedVer <<<"${versions_part}"
-            for x in "${supportedVer[@]}"
-            do
-                if [[ "${detected_version}" =~ $x ]];then
-                valid_version=true
+              if [[ "${detected_os}" =~ ${os_part} ]]; then
+                valid_os=true
+                IFS="," read -r -a supportedVer <<<"${versions_part}"
+                for x in "${supportedVer[@]}"
+                do
+                  if [[ "${detected_version}" =~ $x ]];then
+                    valid_version=true
+                    break
+                  fi
+                done
                 break
-                fi
+              fi
             done
-            break
-            fi
-        done
+          fi
 
         if [ "$valid_os" = true ] && [ "$valid_version" = true ]; then
             display_warning=false

From 6fc7dc28a2c8966549d67523dcfc3f40317e092d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Tue, 28 Jul 2020 10:25:57 +0200
Subject: [PATCH 067/297] Count elements of array instead
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 automated install/basic-install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index d1a74b40..a4c93391 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -190,7 +190,7 @@ os_check() {
 
         IFS=" " read -r -a supportedOS < <(dig +short -t txt ${remote_os_domain} @ns1.pi-hole.net | tr -d '"')
 
-        if [ -z "$supportedOS" ]; then
+        if [ ${#supportedOS[@]} -eq 0 ]; then
             printf "  %b %bRetrieval of supported OS failed. Please contact support. %b\\n" "${CROSS}" "${COL_LIGHT_RED}" "${COL_NC}"
             exit 1
         else

From 51daeaa6ab40bea02d99ebde65e6cbf405ecd1f7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Thu, 23 Jul 2020 16:19:56 +0200
Subject: [PATCH 068/297] basic-install: document how to continue after SELinux
 check
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
 automated install/basic-install.sh | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 4bc932e6..aed3acd2 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -2086,8 +2086,13 @@ checkSelinux() {
     if [[ "${SELINUX_ENFORCING}" -eq 1 ]] && [[ -z "${PIHOLE_SELINUX}" ]]; then
         printf "  Pi-hole does not provide an SELinux policy as the required changes modify the security of your system.\\n"
         printf "  Please refer to https://wiki.centos.org/HowTos/SELinux if SELinux is required for your deployment.\\n"
+        printf "      This check can be skipped by setting the environment variable %bPIHOLE_SELINUX%b to %btrue%b\\n" "${COL_LIGHT_RED}" "${COL_NC}" "${COL_LIGHT_RED}" "${COL_NC}"
+        printf "      e.g: export PIHOLE_SELINUX=true\\n"
+        printf "      By setting this variable to true you acknowledge there may be issues with Pi-hole during or after the install\\n"
         printf "\\n  %bSELinux Enforcing detected, exiting installer%b\\n" "${COL_LIGHT_RED}" "${COL_NC}";
         exit 1;
+    elif [[ "${SELINUX_ENFORCING}" -eq 1 ]] && [[ -n "${PIHOLE_SELINUX}" ]]; then
+        printf "  %b %bSELinux Enforcing detected%b. PIHOLE_SELINUX env variable set - installer will continue\\n" "${INFO}" "${COL_LIGHT_RED}" "${COL_NC}"
     fi
 }
 

From dc2781d1f9aa58b4bc09d0958f658be6f8da238f Mon Sep 17 00:00:00 2001
From: Dan Schaper <dan.schaper@pi-hole.net>
Date: Thu, 30 Jul 2020 09:14:05 -0700
Subject: [PATCH 069/297] .travis.yml is now a stub.

Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
---
 .travis.yml | 17 +++++------------
 1 file changed, 5 insertions(+), 12 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index 274c28cb..99882270 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,12 +1,5 @@
-sudo: required
-services:
-  - docker
-language: python
-python:
-  - "3.6"
-install:
-  - pip install -r requirements.txt
-
-script:
-  # tox.ini handles setup, ordering of docker build first, and then run tests
-  - tox
+import:
+  - source: pi-hole/pi-hole:/shared-configs:core.yml@main
+    if: branch = master
+  - source: pi-hole/pi-hole:/shared-configs:core.yml@main
+    if: branch != master

From 932cdd33294d4dd407e8f050a912a6236046b25a Mon Sep 17 00:00:00 2001
From: Dan Schaper <dan.schaper@pi-hole.net>
Date: Thu, 30 Jul 2020 09:31:48 -0700
Subject: [PATCH 070/297] Use the .github repository.

Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
---
 .travis.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index 99882270..7092049f 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,5 +1,5 @@
 import:
-  - source: pi-hole/pi-hole:/shared-configs:core.yml@main
+  - source: pi-hole/.github:/build-configs/core.yml@main
     if: branch = master
-  - source: pi-hole/pi-hole:/shared-configs:core.yml@main
+  - source: pi-hole/.github:/build-configs/core.yml@main
     if: branch != master

From fa574cfd0851091f94b8a71f5adabba41273332f Mon Sep 17 00:00:00 2001
From: Dan Schaper <dan.schaper@pi-hole.net>
Date: Thu, 30 Jul 2020 10:05:27 -0700
Subject: [PATCH 071/297] Set non-master to point to latest.

Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
---
 .travis.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.travis.yml b/.travis.yml
index 7092049f..3d80ab6e 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,5 +1,5 @@
 import:
   - source: pi-hole/.github:/build-configs/core.yml@main
     if: branch = master
-  - source: pi-hole/.github:/build-configs/core.yml@main
+  - source: pi-hole/.github:/build-configs/core.yml@latest
     if: branch != master

From 7c53b970040bda96b765421dc8dc19f443fa163a Mon Sep 17 00:00:00 2001
From: Aiden Mitchell <30846409+aidenmitchell@users.noreply.github.com>
Date: Thu, 30 Jul 2020 12:57:19 -0700
Subject: [PATCH 072/297] Updating FAQ_HARDWARE_REQUIREMENTS and
 FAQ_HARDWARE_REQUIREMENTS_PORTS (#3632)

Signed-off-by: Aiden Mitchell <aiden@bcyouthcouncil.ca>

Co-authored-by: Adam Warner <me@adamwarner.co.uk>
---
 advanced/Scripts/piholeDebug.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index d5da57ae..92d6dad7 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -46,8 +46,8 @@ OBFUSCATED_PLACEHOLDER="<DOMAIN OBFUSCATED>"
 # FAQ URLs for use in showing the debug log
 FAQ_UPDATE_PI_HOLE="${COL_CYAN}https://discourse.pi-hole.net/t/how-do-i-update-pi-hole/249${COL_NC}"
 FAQ_CHECKOUT_COMMAND="${COL_CYAN}https://discourse.pi-hole.net/t/the-pihole-command-with-examples/738#checkout${COL_NC}"
-FAQ_HARDWARE_REQUIREMENTS="${COL_CYAN}https://discourse.pi-hole.net/t/hardware-software-requirements/273${COL_NC}"
-FAQ_HARDWARE_REQUIREMENTS_PORTS="${COL_CYAN}https://discourse.pi-hole.net/t/hardware-software-requirements/273#ports${COL_NC}"
+FAQ_HARDWARE_REQUIREMENTS="${COL_CYAN}https://docs.pi-hole.net/main/prerequisites/${COL_NC}"
+FAQ_HARDWARE_REQUIREMENTS_PORTS="${COL_CYAN}https://docs.pi-hole.net/main/prerequisites/#ports${COL_NC}"
 FAQ_GATEWAY="${COL_CYAN}https://discourse.pi-hole.net/t/why-is-a-default-gateway-important-for-pi-hole/3546${COL_NC}"
 FAQ_ULA="${COL_CYAN}https://discourse.pi-hole.net/t/use-ipv6-ula-addresses-for-pi-hole/2127${COL_NC}"
 FAQ_FTL_COMPATIBILITY="${COL_CYAN}https://github.com/pi-hole/FTL#compatibility-list${COL_NC}"

From 8fa9096508b989e7412668e488d0912f26403d3e Mon Sep 17 00:00:00 2001
From: Dan Schaper <dan.schaper@pi-hole.net>
Date: Sat, 1 Aug 2020 01:34:38 -0700
Subject: [PATCH 073/297] Remove respository templates. Use org templates
 instead.

Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
---
 .github/ISSUE_TEMPLATE.md        | 37 --------------------------------
 .github/PULL_REQUEST_TEMPLATE.md | 31 --------------------------
 2 files changed, 68 deletions(-)
 delete mode 100644 .github/ISSUE_TEMPLATE.md
 delete mode 100644 .github/PULL_REQUEST_TEMPLATE.md

diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md
deleted file mode 100644
index bef9f73c..00000000
--- a/.github/ISSUE_TEMPLATE.md
+++ /dev/null
@@ -1,37 +0,0 @@
-**In raising this issue, I confirm the following:** `{please fill the checkboxes, e.g: [X]}`
-
-- [] I have read and understood the [contributors guide](https://github.com/pi-hole/pi-hole/blob/master/CONTRIBUTING.md).
-- [] The issue I am reporting can be *replicated*.
-- [] The issue I am reporting isn't a duplicate (see [FAQs](https://github.com/pi-hole/pi-hole/wiki/FAQs), [closed issues](https://github.com/pi-hole/pi-hole/issues?utf8=%E2%9C%93&q=is%3Aissue%20is%3Aclosed%20), and [open issues](https://github.com/pi-hole/pi-hole/issues)).
-
-**How familiar are you with the the source code relevant to this issue?:**
-
-`{Replace this with a number from 1 to 10. 1 being not familiar, and 10 being very familiar}`
-
----
-**Expected behavior:**
-
-`{A detailed description of what you expect to see}`
-
-**Actual behavior:**
-
-`{A detailed description and/or screenshots of what you do see}`
-
-**Steps to reproduce:**
-
-`{Detailed steps of how we can reproduce this}`
-
-**Debug token provided by [uploading `pihole -d` log](https://discourse.pi-hole.net/t/the-pihole-command-with-examples/738#debug):**
-
-`{Alphanumeric token}`
-
-**Troubleshooting undertaken, and/or other relevant information:**
-
-`{Steps of what you have done to fix this}`
-
-> * `{Please delete this quoted section when opening your issue}`
-> * You must follow the template instructions. Failure to do so will result in your issue being closed.
-> * Please [submit any feature requests here](https://discourse.pi-hole.net/c/feature-requests), so it is votable and trackable by the community.
-> * Please respect that Pi-hole is developed by volunteers, who can only reply in their spare time.
-> * Detail helps us understand and resolve an issue quicker, but please ensure it's relevant.
-> * _This template was created based on the work of [`udemy-dl`](https://github.com/nishad/udemy-dl/blob/master/LICENSE)._
diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
deleted file mode 100644
index 7509e923..00000000
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ /dev/null
@@ -1,31 +0,0 @@
-**By submitting this pull request, I confirm the following:** 
-*please fill any appropriate checkboxes, e.g: [X]*
-
-- [ ] I have read and understood the [contributors guide](https://github.com/pi-hole/pi-hole/blob/master/CONTRIBUTING.md), as well as this entire template.
-- [ ] I have made only one major change in my proposed changes.
-- [ ] I have commented my proposed changes within the code.
-- [ ] I have tested my proposed changes, and have included unit tests where possible.
-- [ ] I am willing to help maintain this change if there are issues with it later.
-- [ ] I give this submission freely and claim no ownership.
-- [ ] It is compatible with the [EUPL 1.2 license](https://opensource.org/licenses/EUPL-1.1)
-- [ ] I have squashed any insignificant commits. ([`git rebase`](http://gitready.com/advanced/2009/02/10/squashing-commits-with-rebase.html))
-
-Please make sure you [Sign Off](https://docs.pi-hole.net/guides/github/how-to-signoff/) all commits. Pi-hole enforces the [DCO](https://docs.pi-hole.net/guides/github/contributing/).
-
----
-**What does this PR aim to accomplish?:**
-*A detailed description, screenshots (if necessary), as well as links to any relevant GitHub issues*
-
-
-**How does this PR accomplish the above?:**
-*A detailed description (such as a changelog) and screenshots (if necessary) of the implemented fix*
-
-
-**What documentation changes (if any) are needed to support this PR?:**
-*A detailed list of any necessary changes*
-
-
----
-* You must follow the template instructions. Failure to do so will result in your pull request being closed.
-* Please respect that Pi-hole is developed by volunteers, who can only reply in their spare time.
-

From 5a484781966d15e6256d4ecc1e8c0ee99b6eaea4 Mon Sep 17 00:00:00 2001
From: Nathan Friend <nathan@gitlab.com>
Date: Sat, 1 Aug 2020 20:00:49 -0500
Subject: [PATCH 074/297] Update "About Pi-hole" link

Signed-off-by: Nathan Friend <nathan@gitlab.com>
---
 advanced/index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/advanced/index.php b/advanced/index.php
index 4356f0b0..b6597c51 100644
--- a/advanced/index.php
+++ b/advanced/index.php
@@ -305,7 +305,7 @@ setHeader();
       </p>
     </div>
     <div class="aboutLink">
-      <a class="linkPH" href="https://github.com/pi-hole/pi-hole/wiki/What-is-Pi-hole%3F-A-simple-explanation"><?php //About PH ?></a>
+      <a class="linkPH" href="https://docs.pi-hole.net/"><?php //About PH ?></a>
       <?php if (!empty($svEmail)) echo '<a class="linkEmail" href="mailto:'.$svEmail.'"></a>'; ?>
     </div>
   </div>

From 87da9084e60499b0b62e19c4b2a9275f5cd4f99d Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Sat, 10 Aug 2019 13:33:30 +0200
Subject: [PATCH 075/297] Use compression (if available) when downloading the
 ad lists.

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 gravity.sh | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/gravity.sh b/gravity.sh
index 5095c2b7..1153466d 100755
--- a/gravity.sh
+++ b/gravity.sh
@@ -457,7 +457,7 @@ parseList() {
 # Download specified URL and perform checks on HTTP status and file content
 gravity_DownloadBlocklistFromUrl() {
   local url="${1}" cmd_ext="${2}" agent="${3}" adlistID="${4}" saveLocation="${5}" target="${6}"
-  local heisenbergCompensator="" patternBuffer str httpCode success=""
+  local heisenbergCompensator="" patternBuffer str httpCode success="" compression
 
   # Create temp file to store content on disk instead of RAM
   patternBuffer=$(mktemp -p "/tmp" --suffix=".phgpb")
@@ -505,8 +505,18 @@ gravity_DownloadBlocklistFromUrl() {
     echo -ne "  ${INFO} ${str} Pending..."
     cmd_ext="--resolve $domain:$port:$ip $cmd_ext"
   fi
+
+  # Use compression to reduce the amount of data that is transfered
+  # between the Pi-hole and the ad list provider. Use this feature
+  # only if it is supported by the locally available version of curl
+  if curl -V | grep -q "Features:.* libz"; then
+    compression="--compressed"
+  else
+    compression=""
+  fi
+
   # shellcheck disable=SC2086
-  httpCode=$(curl -s -L ${cmd_ext} ${heisenbergCompensator} -w "%{http_code}" -A "${agent}" "${url}" -o "${patternBuffer}" 2> /dev/null)
+  httpCode=$(curl -s -L ${compression} ${cmd_ext} ${heisenbergCompensator} -w "%{http_code}" -A "${agent}" "${url}" -o "${patternBuffer}" 2> /dev/null)
 
   case $url in
     # Did we "download" a local file?

From 27399a762a54878fa32171deb6cb15559930a444 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Mon, 3 Aug 2020 22:46:14 +0200
Subject: [PATCH 076/297] Check for compression onyl once and print result
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 gravity.sh | 27 ++++++++++++++-------------
 1 file changed, 14 insertions(+), 13 deletions(-)

diff --git a/gravity.sh b/gravity.sh
index 1153466d..001004fe 100755
--- a/gravity.sh
+++ b/gravity.sh
@@ -336,7 +336,7 @@ gravity_DownloadBlocklists() {
     return 1
   fi
 
-  local url domain agent cmd_ext str target
+  local url domain agent cmd_ext str target compression
   echo ""
 
   # Prepare new gravity database
@@ -355,6 +355,16 @@ gravity_DownloadBlocklists() {
 
   target="$(mktemp -p "/tmp" --suffix=".gravity")"
 
+  # Use compression to reduce the amount of data that is transfered
+  # between the Pi-hole and the ad list provider. Use this feature
+  # only if it is supported by the locally available version of curl
+  if curl -V | grep -q "Features:.* libz"; then
+    compression="--compressed"
+    echo -e "  ${INFO} Using libz compression\n"
+  else
+      compression=""
+      echo -e "  ${INFO} Libz compression not available\n"
+    fi
   # Loop through $sources and download each one
   for ((i = 0; i < "${#sources[@]}"; i++)); do
     url="${sources[$i]}"
@@ -381,7 +391,7 @@ gravity_DownloadBlocklists() {
     if [[ "${url}" =~ ${regex} ]]; then
         echo -e "  ${CROSS} Invalid Target"
     else
-       gravity_DownloadBlocklistFromUrl "${url}" "${cmd_ext}" "${agent}" "${sourceIDs[$i]}" "${saveLocation}" "${target}"
+       gravity_DownloadBlocklistFromUrl "${url}" "${cmd_ext}" "${agent}" "${sourceIDs[$i]}" "${saveLocation}" "${target}" "${compression}"
     fi
     echo ""
   done
@@ -456,8 +466,8 @@ parseList() {
 
 # Download specified URL and perform checks on HTTP status and file content
 gravity_DownloadBlocklistFromUrl() {
-  local url="${1}" cmd_ext="${2}" agent="${3}" adlistID="${4}" saveLocation="${5}" target="${6}"
-  local heisenbergCompensator="" patternBuffer str httpCode success="" compression
+  local url="${1}" cmd_ext="${2}" agent="${3}" adlistID="${4}" saveLocation="${5}" target="${6}" compression="${7}"
+  local heisenbergCompensator="" patternBuffer str httpCode success=""
 
   # Create temp file to store content on disk instead of RAM
   patternBuffer=$(mktemp -p "/tmp" --suffix=".phgpb")
@@ -506,15 +516,6 @@ gravity_DownloadBlocklistFromUrl() {
     cmd_ext="--resolve $domain:$port:$ip $cmd_ext"
   fi
 
-  # Use compression to reduce the amount of data that is transfered
-  # between the Pi-hole and the ad list provider. Use this feature
-  # only if it is supported by the locally available version of curl
-  if curl -V | grep -q "Features:.* libz"; then
-    compression="--compressed"
-  else
-    compression=""
-  fi
-
   # shellcheck disable=SC2086
   httpCode=$(curl -s -L ${compression} ${cmd_ext} ${heisenbergCompensator} -w "%{http_code}" -A "${agent}" "${url}" -o "${patternBuffer}" 2> /dev/null)
 

From b5983a3fc1b2c6f3b02ada596d812ed3cd76384d Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Tue, 4 Aug 2020 22:11:32 +0200
Subject: [PATCH 077/297] Do not require first element to be a hex value at any
 costs. It may also be a : in the valid address ::1

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 automated install/basic-install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index c5e2c1ff..ac00bf2b 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -1054,7 +1054,7 @@ valid_ip6() {
     # optional port number starting '#' with range of 1-65536
     local portelem="(#([1-9]|[1-8][0-9]|9[0-9]|[1-8][0-9]{2}|9[0-8][0-9]|99[0-9]|[1-8][0-9]{3}|9[0-8][0-9]{2}|99[0-8][0-9]|999[0-9]|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-6]))?"
     # build a full regex string from the above parts
-    local regex="^(((${ipv6elem}))((:${ipv6elem}))*::((${ipv6elem}))*((:${ipv6elem}))*|((${ipv6elem}))((:${ipv6elem})){7})${v6cidr}${portelem}$"
+    local regex="^(((${ipv6elem}))*((:${ipv6elem}))*::((${ipv6elem}))*((:${ipv6elem}))*|((${ipv6elem}))((:${ipv6elem})){7})${v6cidr}${portelem}$"
 
     [[ ${ip} =~ ${regex} ]]
 

From 8b4921405aee3b48156c5c408c0e420b6601d132 Mon Sep 17 00:00:00 2001
From: Samuel Boucher <scboucher@users.noreply.github.com>
Date: Sun, 9 Aug 2020 13:21:58 -0400
Subject: [PATCH 078/297] Upercase the temp_unit

Signed-off-by: Samuel Boucher <scboucher@users.noreply.github.com>
---
 advanced/Scripts/chronometer.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/advanced/Scripts/chronometer.sh b/advanced/Scripts/chronometer.sh
index 98f43c3f..77fc3bb4 100755
--- a/advanced/Scripts/chronometer.sh
+++ b/advanced/Scripts/chronometer.sh
@@ -237,6 +237,7 @@ get_sys_stats() {
         sys_name=$(hostname)
 
         [[ -n "$TEMPERATUREUNIT" ]] && temp_unit="$TEMPERATUREUNIT" || temp_unit="c"
+        temp_unit="${temp_unit^^}"
 
         # Get storage stats for partition mounted on /
         read -r -a disk_raw <<< "$(df -B1 / 2> /dev/null | awk 'END{ print $3,$2,$5 }')"

From d4dd446ba306db15089d04b25437b4bbef7bf081 Mon Sep 17 00:00:00 2001
From: Samuel Boucher <scboucher@users.noreply.github.com>
Date: Sun, 9 Aug 2020 17:08:44 -0400
Subject: [PATCH 079/297] Update advanced/Scripts/chronometer.sh

Co-authored-by: Dan Schaper <dan.schaper@pi-hole.net>
Signed-off-by: Samuel Boucher <scboucher@users.noreply.github.com>
---
 advanced/Scripts/chronometer.sh | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/advanced/Scripts/chronometer.sh b/advanced/Scripts/chronometer.sh
index 77fc3bb4..37fd5177 100755
--- a/advanced/Scripts/chronometer.sh
+++ b/advanced/Scripts/chronometer.sh
@@ -236,8 +236,7 @@ get_sys_stats() {
 
         sys_name=$(hostname)
 
-        [[ -n "$TEMPERATUREUNIT" ]] && temp_unit="$TEMPERATUREUNIT" || temp_unit="c"
-        temp_unit="${temp_unit^^}"
+        [[ -n "$TEMPERATUREUNIT" ]] && temp_unit="${TEMPERATUREUNIT^^}" || temp_unit="C"
 
         # Get storage stats for partition mounted on /
         read -r -a disk_raw <<< "$(df -B1 / 2> /dev/null | awk 'END{ print $3,$2,$5 }')"

From 5c72ff75d9dcc1347b0804baf6173dd4d5a1cb48 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Mon, 10 Aug 2020 23:52:53 +0200
Subject: [PATCH 080/297] Revert "fix #3336 by creating adlist file even if no
 list was selected by user"
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This reverts commit 3c6ea2612dabc04ac94da90fe270092671a1a647.

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 automated install/basic-install.sh | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index b2bdfa04..02179ed5 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -1292,9 +1292,7 @@ chooseBlocklists() {
 
     # In a variable, show the choices available; exit if Cancel is selected
     choices=$("${cmd[@]}" "${options[@]}" 2>&1 >/dev/tty) || { printf "  %bCancel was selected, exiting installer%b\\n" "${COL_LIGHT_RED}" "${COL_NC}"; rm "${adlistFile}" ;exit 1; }
-    # create empty adlist file if no list was selected
-    : > "${adlistFile}"
-    # For each choice available
+    # For each choice available,
     for choice in ${choices}
     do
         appendToListsFile "${choice}"

From 5b1eaa7e380c71758e085ea936ce7a7488046c61 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Tue, 11 Aug 2020 22:35:33 +0200
Subject: [PATCH 081/297] Removes broken youtube link
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index c91c84bf..6d7e5b5e 100644
--- a/README.md
+++ b/README.md
@@ -13,7 +13,7 @@
 
 The Pi-hole® is a [DNS sinkhole](https://en.wikipedia.org/wiki/DNS_Sinkhole) that protects your devices from unwanted content, without installing any client-side software.
 
-- **Easy-to-install**: our versatile installer walks you through the process, and [takes less than ten minutes](https://www.youtube.com/watch?v=vKWjx1AQYgs)
+- **Easy-to-install**: our versatile installer walks you through the process, and takes less than ten minutes
 - **Resolute**: content is blocked in _non-browser locations_, such as ad-laden mobile apps and smart TVs
 - **Responsive**: seamlessly speeds up the feel of everyday browsing by caching DNS queries
 - **Lightweight**: runs smoothly with [minimal hardware and software requirements](https://docs.pi-hole.net/main/prerequisites/)

From 57e65dd5c07a83b05d469250de2432d80d7144b5 Mon Sep 17 00:00:00 2001
From: Dan Schaper <dan.schaper@pi-hole.net>
Date: Fri, 14 Aug 2020 11:42:54 -0700
Subject: [PATCH 082/297] Use fewer subshells and descriptive variables.

Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
---
 automated install/basic-install.sh | 24 ++++++++++--------------
 1 file changed, 10 insertions(+), 14 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 65212c57..2f7fc809 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -182,15 +182,11 @@ os_check() {
     if [ "$PIHOLE_SKIP_OS_CHECK" != true ]; then
         # This function gets a list of supported OS versions from a TXT record at versions.pi-hole.net
         # and determines whether or not the script is running on one of those systems
-        local remote_os_domain valid_os valid_version detected_os_pretty detected_os detected_version display_warning
+        local remote_os_domain valid_os valid_version detected_os detected_version display_warning
         remote_os_domain="versions.pi-hole.net"
-        valid_os=false
-        valid_version=false
-        display_warning=true
 
-        detected_os_pretty=$(cat /etc/*release | grep PRETTY_NAME | cut -d '=' -f2- | tr -d '"')
-        detected_os="${detected_os_pretty%% *}"
-        detected_version=$(cat /etc/*release | grep VERSION_ID | cut -d '=' -f2- | tr -d '"')
+        detected_os=$(grep "\bID\b" /etc/os-release | cut -d '=' -f2 | tr -d '"')
+        detected_version=$(grep VERSION_ID /etc/os-release | cut -d '=' -f2 | tr -d '"')
 
         IFS=" " read -r -a supportedOS < <(dig +short -t txt ${remote_os_domain} @ns1.pi-hole.net | tr -d '"')
 
@@ -198,17 +194,17 @@ os_check() {
             printf "  %b %bRetrieval of supported OS failed. Please contact support. %b\\n" "${CROSS}" "${COL_LIGHT_RED}" "${COL_NC}"
             exit 1
         else
-          for i in "${supportedOS[@]}"
+          for distro_and_versions in "${supportedOS[@]}"
           do
-              os_part=$(echo "$i" | cut -d '=' -f1)
-              versions_part=$(echo "$i" | cut -d '=' -f2-)
+              distro_part="${distro_and_versions%%=*}"
+              versions_part="${distro_and_versions##*=}"
 
-              if [[ "${detected_os}" =~ ${os_part} ]]; then
+              if [[ "${detected_os^^}" =~ ${distro_part^^} ]]; then
                 valid_os=true
                 IFS="," read -r -a supportedVer <<<"${versions_part}"
-                for x in "${supportedVer[@]}"
+                for version in "${supportedVer[@]}"
                 do
-                  if [[ "${detected_version}" =~ $x ]];then
+                  if [[ "${detected_version}" =~ $version ]]; then
                     valid_version=true
                     break
                   fi
@@ -222,7 +218,7 @@ os_check() {
             display_warning=false
         fi
 
-        if [ "$display_warning" = true ]; then
+        if [ "$display_warning" != false ]; then
             printf "  %b %bUnsupported OS detected: %s%b\\n" "${CROSS}" "${COL_LIGHT_RED}" "${detected_os_pretty}" "${COL_NC}"
             printf "      https://docs.pi-hole.net/main/prerequesites/#supported-operating-systems\\n"
             printf "\\n"

From 623ce1fe181ca3526fad485b92dc96e8b6ac8a65 Mon Sep 17 00:00:00 2001
From: Dan Schaper <dan.schaper@pi-hole.net>
Date: Fri, 14 Aug 2020 14:37:58 -0700
Subject: [PATCH 083/297] Tabs and debug.sh

Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
---
 advanced/Scripts/piholeDebug.sh    | 39 ++++++++++++++----------------
 automated install/basic-install.sh | 32 ++++++++++++------------
 2 files changed, 34 insertions(+), 37 deletions(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 92d6dad7..1fed32cf 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -396,33 +396,30 @@ check_critical_program_versions() {
 os_check() {
     # This function gets a list of supported OS versions from a TXT record at versions.pi-hole.net
     # and determines whether or not the script is running on one of those systems
-    local remote_os_domain valid_os valid_version detected_os_pretty detected_os detected_version
+    local remote_os_domain valid_os valid_version detected_os detected_version
     remote_os_domain="versions.pi-hole.net"
-    valid_os=false
-    valid_version=false
 
-    detected_os_pretty=$(cat /etc/*release | grep PRETTY_NAME | cut -d '=' -f2- | tr -d '"')
-    detected_os="${detected_os_pretty%% *}"
-    detected_version=$(cat /etc/*release | grep VERSION_ID | cut -d '=' -f2- | tr -d '"')
+    detected_os=$(grep "\bID\b" /etc/os-release | cut -d '=' -f2 | tr -d '"')
+    detected_version=$(grep VERSION_ID /etc/os-release | cut -d '=' -f2 | tr -d '"')
 
-    IFS=" " read -r -a supportedOS < <(dig +short -t txt ${remote_os_domain} | tr -d '"')
+    IFS=" " read -r -a supportedOS < <(dig +short -t txt ${remote_os_domain} @ns1.pi-hole.net | tr -d '"')
 
-    for i in "${supportedOS[@]}"
+    for distro_and_versions in "${supportedOS[@]}"
     do
-        os_part=$(echo "$i" | cut -d '=' -f1)
-        versions_part=$(echo "$i" | cut -d '=' -f2-)
+        distro_part="${distro_and_versions%%=*}"
+        versions_part="${distro_and_versions##*=}"
 
-        if [[ "${detected_os}" =~ ${os_part} ]]; then
-          valid_os=true
-          IFS="," read -r -a supportedVer <<<"${versions_part}"
-          for x in "${supportedVer[@]}"
-          do
-            if [[ "${detected_version}" =~ $x ]];then
-              valid_version=true
-              break
-            fi
-          done
-          break
+        if [[ "${detected_os^^}" =~ ${distro_part^^} ]]; then
+            valid_os=true
+            IFS="," read -r -a supportedVer <<<"${versions_part}"
+            for version in "${supportedVer[@]}"
+            do
+                if [[ "${detected_version}" =~ $version ]]; then
+                    valid_version=true
+                    break
+                fi
+            done
+            break
         fi
     done
 
diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 2f7fc809..dc3d6b08 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -194,25 +194,25 @@ os_check() {
             printf "  %b %bRetrieval of supported OS failed. Please contact support. %b\\n" "${CROSS}" "${COL_LIGHT_RED}" "${COL_NC}"
             exit 1
         else
-          for distro_and_versions in "${supportedOS[@]}"
-          do
-              distro_part="${distro_and_versions%%=*}"
-              versions_part="${distro_and_versions##*=}"
+            for distro_and_versions in "${supportedOS[@]}"
+            do
+                distro_part="${distro_and_versions%%=*}"
+                versions_part="${distro_and_versions##*=}"
 
-              if [[ "${detected_os^^}" =~ ${distro_part^^} ]]; then
-                valid_os=true
-                IFS="," read -r -a supportedVer <<<"${versions_part}"
-                for version in "${supportedVer[@]}"
-                do
-                  if [[ "${detected_version}" =~ $version ]]; then
-                    valid_version=true
+                if [[ "${detected_os^^}" =~ ${distro_part^^} ]]; then
+                    valid_os=true
+                    IFS="," read -r -a supportedVer <<<"${versions_part}"
+                    for version in "${supportedVer[@]}"
+                    do
+                        if [[ "${detected_version}" =~ $version ]]; then
+                            valid_version=true
+                            break
+                        fi
+                    done
                     break
-                  fi
-                done
-                break
-              fi
+                fi
             done
-          fi
+        fi
 
         if [ "$valid_os" = true ] && [ "$valid_version" = true ]; then
             display_warning=false

From ebdb68a47a13acaaeca79d2e152a84d8d5fb90c4 Mon Sep 17 00:00:00 2001
From: Dan Schaper <dan.schaper@pi-hole.net>
Date: Sat, 15 Aug 2020 10:54:31 -0700
Subject: [PATCH 084/297] display_warning fixes

Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
---
 advanced/Scripts/piholeDebug.sh    | 8 ++++----
 automated install/basic-install.sh | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 1fed32cf..7f66d7ca 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -425,17 +425,17 @@ os_check() {
 
     # Display findings back to the user
     if [ "$valid_os" = true ]; then
-        log_write "${TICK} Distro:  ${COL_GREEN}${detected_os}${COL_NC}"
+        log_write "${TICK} Distro:  ${COL_GREEN}${detected_os^}${COL_NC}"
 
         if [ "$valid_version" = true ]; then
             log_write "${TICK} Version: ${COL_GREEN}${detected_version}${COL_NC}"
         else
             log_write "${CROSS} Version: ${COL_RED}${detected_version}${COL_NC}"
-            log_write "${CROSS} Error: ${COL_RED}${detected_os} is supported but version ${detected_version} is currently unsupported (${FAQ_HARDWARE_REQUIREMENTS})${COL_NC}"
+            log_write "${CROSS} Error: ${COL_RED}${detected_os^} is supported but version ${detected_version} is currently unsupported (${FAQ_HARDWARE_REQUIREMENTS})${COL_NC}"
         fi
     else
-        log_write "${CROSS} Distro:  ${COL_RED}${detected_os}${COL_NC}"
-        log_write "${CROSS} Error: ${COL_RED}${detected_os} is not a supported distro (${FAQ_HARDWARE_REQUIREMENTS})${COL_NC}"
+        log_write "${CROSS} Distro:  ${COL_RED}${detected_os^}${COL_NC}"
+        log_write "${CROSS} Error: ${COL_RED}${detected_os^} is not a supported distro (${FAQ_HARDWARE_REQUIREMENTS})${COL_NC}"
     fi
 }
 
diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index dc3d6b08..d8a408a9 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -219,7 +219,7 @@ os_check() {
         fi
 
         if [ "$display_warning" != false ]; then
-            printf "  %b %bUnsupported OS detected: %s%b\\n" "${CROSS}" "${COL_LIGHT_RED}" "${detected_os_pretty}" "${COL_NC}"
+            printf "  %b %bUnsupported OS detected: %s %s%b\\n" "${CROSS}" "${COL_LIGHT_RED}" "${detected_os^}" "${detected_version}" "${COL_NC}"
             printf "      https://docs.pi-hole.net/main/prerequesites/#supported-operating-systems\\n"
             printf "\\n"
             printf "      e.g: If you are seeing this message on a fresh install, you can run:\\n"

From 65786ba5d6b2060f995c71276a9d3b9503594e2e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Tue, 18 Aug 2020 20:16:35 +0200
Subject: [PATCH 085/297] Remove check for free disk space and associated
 variables
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 automated install/basic-install.sh | 56 ------------------------------
 1 file changed, 56 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 67d21ac5..a0863714 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -110,7 +110,6 @@ c=$(( c < 70 ? 70 : c ))
 ######## Undocumented Flags. Shhh ########
 # These are undocumented flags; some of which we can use when repairing an installation
 # The runUnattended flag is one example of this
-skipSpaceCheck=false
 reconfigure=false
 runUnattended=false
 INSTALL_WEB_SERVER=true
@@ -118,7 +117,6 @@ INSTALL_WEB_SERVER=true
 for var in "$@"; do
     case "$var" in
         "--reconfigure" ) reconfigure=true;;
-        "--i_do_not_follow_recommendations" ) skipSpaceCheck=true;;
         "--unattended" ) runUnattended=true;;
         "--disable-install-webserver" ) INSTALL_WEB_SERVER=false;;
     esac
@@ -656,53 +654,6 @@ welcomeDialogs() {
 In the next section, you can choose to use your current network settings (DHCP) or to manually edit them." "${r}" "${c}"
 }
 
-# We need to make sure there is enough space before installing, so there is a function to check this
-verifyFreeDiskSpace() {
-    # 50MB is the minimum space needed (45MB install (includes web admin bootstrap/jquery libraries etc) + 5MB one day of logs.)
-    # - Fourdee: Local ensures the variable is only created, and accessible within this function/void. Generally considered a "good" coding practice for non-global variables.
-    local str="Disk space check"
-    # Required space in KB
-    local required_free_kilobytes=51200
-    # Calculate existing free space on this machine
-    local existing_free_kilobytes
-    existing_free_kilobytes=$(df -Pk | grep -m1 '\/$' | awk '{print $4}')
-
-    # If the existing space is not an integer,
-    if ! [[ "${existing_free_kilobytes}" =~ ^([0-9])+$ ]]; then
-        # show an error that we can't determine the free space
-        printf "  %b %s\\n" "${CROSS}" "${str}"
-        printf "  %b Unknown free disk space! \\n" "${INFO}"
-        printf "      We were unable to determine available free disk space on this system.\\n"
-        printf "      You may override this check, however, it is not recommended.\\n"
-        printf "      The option '%b--i_do_not_follow_recommendations%b' can override this.\\n" "${COL_LIGHT_RED}" "${COL_NC}"
-        printf "      e.g: curl -sSL https://install.pi-hole.net | bash /dev/stdin %b<option>%b\\n" "${COL_LIGHT_RED}" "${COL_NC}"
-        # exit with an error code
-        exit 1
-    # If there is insufficient free disk space,
-    elif [[ "${existing_free_kilobytes}" -lt "${required_free_kilobytes}" ]]; then
-        # show an error message
-        printf "  %b %s\\n" "${CROSS}" "${str}"
-        printf "  %b Your system disk appears to only have %s KB free\\n" "${INFO}" "${existing_free_kilobytes}"
-        printf "      It is recommended to have a minimum of %s KB to run the Pi-hole\\n" "${required_free_kilobytes}"
-        # if the vcgencmd command exists,
-        if is_command vcgencmd ; then
-            # it's probably a Raspbian install, so show a message about expanding the filesystem
-            printf "      If this is a new install you may need to expand your disk\\n"
-            printf "      Run 'sudo raspi-config', and choose the 'expand file system' option\\n"
-            printf "      After rebooting, run this installation again\\n"
-            printf "      e.g: curl -sSL https://install.pi-hole.net | bash\\n"
-        fi
-        # Show there is not enough free space
-        printf "\\n      %bInsufficient free space, exiting...%b\\n" "${COL_LIGHT_RED}" "${COL_NC}"
-        # and exit with an error
-        exit 1
-    # Otherwise,
-    else
-        # Show that we're running a disk space check
-        printf "  %b %s\\n" "${TICK}" "${str}"
-    fi
-}
-
 # A function that let's the user pick an interface to use with Pi-hole
 chooseInterface() {
     # Turn the available interfaces into an array so it can be used with a whiptail dialog
@@ -2653,13 +2604,6 @@ main() {
     fi
 
     # Start the installer
-    # Verify there is enough disk space for the install
-    if [[ "${skipSpaceCheck}" == true ]]; then
-        printf "  %b Skipping free disk space verification\\n" "${INFO}"
-    else
-        verifyFreeDiskSpace
-    fi
-
     # Notify user of package availability
     notify_package_updates_available
 

From 8e219cb799366bb9a6ed587704ff0cfbb71a7ff2 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Sun, 23 Aug 2020 10:48:15 +0100
Subject: [PATCH 086/297] Make output more meaningful in case of dig failure.

Include dig return code and response in debug run

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 advanced/Scripts/piholeDebug.sh    | 14 +++++++--
 automated install/basic-install.sh | 48 +++++++++++++++++++++++-------
 2 files changed, 48 insertions(+), 14 deletions(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 7f66d7ca..f1b420e3 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -396,14 +396,20 @@ check_critical_program_versions() {
 os_check() {
     # This function gets a list of supported OS versions from a TXT record at versions.pi-hole.net
     # and determines whether or not the script is running on one of those systems
-    local remote_os_domain valid_os valid_version detected_os detected_version
+    local remote_os_domain valid_os valid_version detected_os detected_version cmdResult digReturnCode response
     remote_os_domain="versions.pi-hole.net"
 
     detected_os=$(grep "\bID\b" /etc/os-release | cut -d '=' -f2 | tr -d '"')
     detected_version=$(grep VERSION_ID /etc/os-release | cut -d '=' -f2 | tr -d '"')
 
-    IFS=" " read -r -a supportedOS < <(dig +short -t txt ${remote_os_domain} @ns1.pi-hole.net | tr -d '"')
+    cmdResult="$(dig +short -t txt ${remote_os_domain} @ns1.pi-hole.net 2>&1; echo $?)"
+    #Get the return code of the previous command (last line)
+    digReturnCode="${cmdResult##*$'\n'}"
 
+    # Dig returned 0 code, so get the actual response, and loop through it to determine if the detected variables above are valid
+    response="${cmdResult%%$'\n'*}"
+
+    IFS=" " read -r -a supportedOS < <(echo "${response}" | tr -d '"')
     for distro_and_versions in "${supportedOS[@]}"
     do
         distro_part="${distro_and_versions%%=*}"
@@ -423,7 +429,9 @@ os_check() {
         fi
     done
 
-    # Display findings back to the user
+    log_write "${INFO} dig return code:  ${digReturnCode}"
+    log_write "${INFO} dig response:  ${response}"
+
     if [ "$valid_os" = true ]; then
         log_write "${TICK} Distro:  ${COL_GREEN}${detected_os^}${COL_NC}"
 
diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 67d21ac5..ae1a0af5 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -182,18 +182,27 @@ os_check() {
     if [ "$PIHOLE_SKIP_OS_CHECK" != true ]; then
         # This function gets a list of supported OS versions from a TXT record at versions.pi-hole.net
         # and determines whether or not the script is running on one of those systems
-        local remote_os_domain valid_os valid_version detected_os detected_version display_warning
+        local remote_os_domain valid_os valid_version valid_response detected_os detected_version display_warning cmdResult digReturnCode response
         remote_os_domain="versions.pi-hole.net"
 
         detected_os=$(grep "\bID\b" /etc/os-release | cut -d '=' -f2 | tr -d '"')
         detected_version=$(grep VERSION_ID /etc/os-release | cut -d '=' -f2 | tr -d '"')
 
-        IFS=" " read -r -a supportedOS < <(dig +short -t txt ${remote_os_domain} @ns1.pi-hole.net | tr -d '"')
+        cmdResult="$(dig +short -t txt ${remote_os_domain} @ns1.pi-hole.net 2>&1; echo $?)"
+        #Get the return code of the previous command (last line)
+        digReturnCode="${cmdResult##*$'\n'}"
 
-        if [ ${#supportedOS[@]} -eq 0 ]; then
-            printf "  %b %bRetrieval of supported OS failed. Please contact support. %b\\n" "${CROSS}" "${COL_LIGHT_RED}" "${COL_NC}"
-            exit 1
+        if [ ! "${digReturnCode}" == "0" ]; then
+            valid_response=false
         else
+            # Dig returned 0 code, so get the actual response, and loop through it to determine if the detected variables above are valid
+            response="${cmdResult%%$'\n'*}"
+            # If the value of ${result} is a single 0, then this is the return code, not the response. Response is blank
+            if [ "${response}" == 0 ]; then
+                valid_response=false
+            fi
+
+            IFS=" " read -r -a supportedOS < <(echo "${response}" | tr -d '"')
             for distro_and_versions in "${supportedOS[@]}"
             do
                 distro_part="${distro_and_versions%%=*}"
@@ -214,23 +223,40 @@ os_check() {
             done
         fi
 
-        if [ "$valid_os" = true ] && [ "$valid_version" = true ]; then
+        if [ "$valid_os" = true ] && [ "$valid_version" = true ] && [ ! "$valid_response" = false ]; then
             display_warning=false
         fi
 
         if [ "$display_warning" != false ]; then
-            printf "  %b %bUnsupported OS detected: %s %s%b\\n" "${CROSS}" "${COL_LIGHT_RED}" "${detected_os^}" "${detected_version}" "${COL_NC}"
-            printf "      https://docs.pi-hole.net/main/prerequesites/#supported-operating-systems\\n"
+            if [ "$valid_response" = false ]; then
+
+                if [ "${digReturnCode}" -eq 0 ]; then
+                    errStr="dig suceeded, but response was blank. Please contact Support"
+                else
+                    errStr="dig failed with return code ${digReturnCode}"
+                fi
+                printf "  %b %bRetrieval of supported OS list failed. %s. %b\\n" "${CROSS}" "${COL_LIGHT_RED}" "${errStr}" "${COL_NC}"
+                printf "      %bUnable to determine if the detected OS (%s %s) is supported%b\\n" "${COL_LIGHT_RED}" "${detected_os^}" "${detected_version}" "${COL_NC}"
+            else
+                printf "  %b %bUnsupported OS detected: %s %s%b\\n" "${CROSS}" "${COL_LIGHT_RED}" "${detected_os^}" "${detected_version}" "${COL_NC}"
+                printf "      If you are seeing this message and you do have a supported OS, please contact support.\\n"
+            fi
+            printf "\\n"
+            printf "      %bhttps://docs.pi-hole.net/main/prerequesites/#supported-operating-systems%b\\n" "${COL_LIGHT_GREEN}" "${COL_NC}"
+            printf "\\n"
+            printf "      If you wish to attempt to continue anyway, you can try one of the following commands to skip this check:\\n"
             printf "\\n"
             printf "      e.g: If you are seeing this message on a fresh install, you can run:\\n"
-            printf "             'curl -sSL https://install.pi-hole.net | PIHOLE_SKIP_OS_CHECK=true sudo -E bash'\\n"
+            printf "             %bcurl -sSL https://install.pi-hole.net | PIHOLE_SKIP_OS_CHECK=true sudo -E bash%b\\n" "${COL_LIGHT_GREEN}" "${COL_NC}"
             printf "\\n"
             printf "           If you are seeing this message after having run pihole -up:\\n"
-            printf "             'PIHOLE_SKIP_OS_CHECK=true sudo -E pihole -r'\\n"
+            printf "             %bPIHOLE_SKIP_OS_CHECK=true sudo -E pihole -r%b\\n" "${COL_LIGHT_GREEN}" "${COL_NC}"
             printf "           (In this case, your previous run of pihole -up will have already updated the local repository)\\n"
             printf "\\n"
+            printf "      It is possible that the installation will still fail at this stage due to an unsupported configuration.\\n"
             printf "      If that is the case, you can feel free to ask the community on Discourse with the %bCommunity Help%b category:\\n" "${COL_LIGHT_RED}" "${COL_NC}"
-            printf "      https://discourse.pi-hole.net/c/bugs-problems-issues/community-help/\\n"
+            printf "      %bhttps://discourse.pi-hole.net/c/bugs-problems-issues/community-help/%b\\n" "${COL_LIGHT_GREEN}" "${COL_NC}"
+            printf "\\n"
             exit 1
 
         else

From b8cd238fa1eab042480de9fc77b2c52c375572f0 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Sun, 23 Aug 2020 14:35:02 +0100
Subject: [PATCH 087/297] Update advanced/Scripts/piholeDebug.sh

Co-authored-by: DL6ER <DL6ER@users.noreply.github.com>
---
 advanced/Scripts/piholeDebug.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index f1b420e3..d3083cc5 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -406,7 +406,7 @@ os_check() {
     #Get the return code of the previous command (last line)
     digReturnCode="${cmdResult##*$'\n'}"
 
-    # Dig returned 0 code, so get the actual response, and loop through it to determine if the detected variables above are valid
+    # Extract dig response
     response="${cmdResult%%$'\n'*}"
 
     IFS=" " read -r -a supportedOS < <(echo "${response}" | tr -d '"')

From e02cf6fac5e83a33d418d096a7a6ccf48a01dc46 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Sun, 23 Aug 2020 14:50:04 +0100
Subject: [PATCH 088/297] further tweaks, plus a spelling mistake correction

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 automated install/basic-install.sh | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index ae1a0af5..c680ffc0 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -231,12 +231,16 @@ os_check() {
             if [ "$valid_response" = false ]; then
 
                 if [ "${digReturnCode}" -eq 0 ]; then
-                    errStr="dig suceeded, but response was blank. Please contact Support"
+                    errStr="dig succeeded, but response was blank. Please contact support"
                 else
                     errStr="dig failed with return code ${digReturnCode}"
                 fi
                 printf "  %b %bRetrieval of supported OS list failed. %s. %b\\n" "${CROSS}" "${COL_LIGHT_RED}" "${errStr}" "${COL_NC}"
                 printf "      %bUnable to determine if the detected OS (%s %s) is supported%b\\n" "${COL_LIGHT_RED}" "${detected_os^}" "${detected_version}" "${COL_NC}"
+                printf "      Possible causes for this include:\\n"
+                printf "        - Firewall blocking certain DNS lookups from Pi-hole device\\n"
+                printf "        - ns1.pi-hole.net being blocked (required to obtain TXT record from versions.pi-hole.net containing supported operating systems)\\n"
+                printf "        - Other internet connectivity issues\\n"
             else
                 printf "  %b %bUnsupported OS detected: %s %s%b\\n" "${CROSS}" "${COL_LIGHT_RED}" "${detected_os^}" "${detected_version}" "${COL_NC}"
                 printf "      If you are seeing this message and you do have a supported OS, please contact support.\\n"

From 538827397cbee994c375ed2155c22c4055be1223 Mon Sep 17 00:00:00 2001
From: Michael Paul Killian <spammyreset+github@gmail.com>
Date: Sun, 6 Sep 2020 11:51:33 +0200
Subject: [PATCH 089/297] Update index.php

See #3736
---
 advanced/index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/advanced/index.php b/advanced/index.php
index b6597c51..a93dfc4c 100644
--- a/advanced/index.php
+++ b/advanced/index.php
@@ -24,7 +24,7 @@ unset($setupVars);
 $landPage = "../landing.php";
 
 // Define array for hostnames to be accepted as self address for splash page
-$authorizedHosts = [];
+$authorizedHosts = ["localhost"];
 if (!empty($_SERVER["FQDN"])) {
     // If setenv.add-environment = ("fqdn" => "true") is configured in lighttpd,
     // append $serverName to $authorizedHosts

From 5eabf4255b0708121f754d67cb77358aee3605e6 Mon Sep 17 00:00:00 2001
From: Michael Paul Killian <spammyreset+github@gmail.com>
Date: Sun, 6 Sep 2020 13:53:03 +0200
Subject: [PATCH 090/297] Sign-off for DCO

Signed-off-by: Michael Paul Killian <spammyreset-github@gmail.com>
---
 advanced/index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/advanced/index.php b/advanced/index.php
index a93dfc4c..5a683c8e 100644
--- a/advanced/index.php
+++ b/advanced/index.php
@@ -24,7 +24,7 @@ unset($setupVars);
 $landPage = "../landing.php";
 
 // Define array for hostnames to be accepted as self address for splash page
-$authorizedHosts = ["localhost"];
+$authorizedHosts = [ "localhost" ];
 if (!empty($_SERVER["FQDN"])) {
     // If setenv.add-environment = ("fqdn" => "true") is configured in lighttpd,
     // append $serverName to $authorizedHosts

From aa7c3b68522508b866065270dbb2ac757e9d1069 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Mon, 7 Sep 2020 20:50:11 +0200
Subject: [PATCH 091/297] Remove gravity optimization. Further investigations
 have shown that it is useless because the standard gravity run already
 produces an optimal database.

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 gravity.sh | 17 -----------------
 1 file changed, 17 deletions(-)

diff --git a/gravity.sh b/gravity.sh
index ca9363e7..6aa9b121 100755
--- a/gravity.sh
+++ b/gravity.sh
@@ -39,7 +39,6 @@ gravityDBfile="${piholeDir}/gravity.db"
 gravityTEMPfile="${piholeDir}/gravity_temp.db"
 gravityDBschema="${piholeGitDir}/advanced/Templates/gravity.db.sql"
 gravityDBcopy="${piholeGitDir}/advanced/Templates/gravity_copy.sql"
-optimize_database=false
 
 domainsExtension="domains"
 
@@ -740,21 +739,6 @@ gravity_Cleanup() {
 
   echo -e "${OVER}  ${TICK} ${str}"
 
-  if ${optimize_database} ; then
-    str="Optimizing domains database"
-    echo -ne "  ${INFO} ${str}..."
-    # Run VACUUM command on database to optimize it
-    output=$( { sqlite3 "${gravityDBfile}" "VACUUM;"; } 2>&1 )
-    status="$?"
-
-    if [[ "${status}" -ne 0 ]]; then
-      echo -e "\\n  ${CROSS} Unable to optimize gravity database ${gravityDBfile}\\n  ${output}"
-      error="error"
-    else
-      echo -e "${OVER}  ${TICK} ${str}"
-    fi
-  fi
-
   # Only restart DNS service if offline
   if ! pgrep pihole-FTL &> /dev/null; then
     "${PIHOLE_COMMAND}" restartdns
@@ -781,7 +765,6 @@ Options:
 for var in "$@"; do
   case "${var}" in
     "-f" | "--force" ) forceDelete=true;;
-    "-o" | "--optimize" ) optimize_database=true;;
     "-r" | "--recreate" ) recreate_database=true;;
     "-h" | "--help" ) helpFunc;;
   esac

From 4fd412d7c3976c2ce87b899c76db82427c85c7ef Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Mon, 13 Jul 2020 20:47:12 +0200
Subject: [PATCH 092/297] Add date_updated field in adlist table set when a
 list changes.

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/database_migration/gravity-db.sh   |  6 ++++++
 .../Scripts/database_migration/gravity/12_to_13.sql | 11 +++++++++++
 advanced/Templates/gravity.db.sql                   |  5 +++--
 gravity.sh                                          | 13 +++++++++++++
 4 files changed, 33 insertions(+), 2 deletions(-)
 create mode 100644 advanced/Scripts/database_migration/gravity/12_to_13.sql

diff --git a/advanced/Scripts/database_migration/gravity-db.sh b/advanced/Scripts/database_migration/gravity-db.sh
index 70090a3b..e2740a7f 100644
--- a/advanced/Scripts/database_migration/gravity-db.sh
+++ b/advanced/Scripts/database_migration/gravity-db.sh
@@ -110,4 +110,10 @@ upgrade_gravityDB(){
 		sqlite3 "${database}" < "${scriptPath}/11_to_12.sql"
 		version=12
 	fi
+	if [[ "$version" == "12" ]]; then
+		# Add column date_updated to alist table
+		echo -e "  ${INFO} Upgrading gravity database from version 12 to 13"
+		sqlite3 "${database}" < "${scriptPath}/12_to_13.sql"
+		version=12
+	fi
 }
diff --git a/advanced/Scripts/database_migration/gravity/12_to_13.sql b/advanced/Scripts/database_migration/gravity/12_to_13.sql
new file mode 100644
index 00000000..48dad69f
--- /dev/null
+++ b/advanced/Scripts/database_migration/gravity/12_to_13.sql
@@ -0,0 +1,11 @@
+.timeout 30000
+
+PRAGMA FOREIGN_KEYS=OFF;
+
+BEGIN TRANSACTION;
+
+ALTER TABLE adlist ADD COLUMN date_updated INTEGER;
+
+UPDATE info SET value = 13 WHERE property = 'version';
+
+COMMIT;
\ No newline at end of file
diff --git a/advanced/Templates/gravity.db.sql b/advanced/Templates/gravity.db.sql
index fcf3489b..e6cb4c59 100644
--- a/advanced/Templates/gravity.db.sql
+++ b/advanced/Templates/gravity.db.sql
@@ -31,7 +31,8 @@ CREATE TABLE adlist
 	enabled BOOLEAN NOT NULL DEFAULT 1,
 	date_added INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
 	date_modified INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
-	comment TEXT
+	comment TEXT,
+	date_updated INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int))
 );
 
 CREATE TABLE adlist_by_group
@@ -53,7 +54,7 @@ CREATE TABLE info
 	value TEXT NOT NULL
 );
 
-INSERT INTO "info" VALUES('version','12');
+INSERT INTO "info" VALUES('version','13');
 
 CREATE TABLE domain_audit
 (
diff --git a/gravity.sh b/gravity.sh
index ca9363e7..c5d8dca2 100755
--- a/gravity.sh
+++ b/gravity.sh
@@ -207,6 +207,17 @@ database_table_from_file() {
     echo -e "  ${CROSS} Unable to remove ${tmpFile}"
 }
 
+# Update timestamp of last update of this list. We store this in the "old" database as all values in the new database will later be overwritten
+database_adlist_updated() {
+  output=$( { printf ".timeout 30000\\nUPDATE adlist SET date_updated = (cast(strftime('%%s', 'now') as int)) WHERE id = %i;\\n" "${1}" | sqlite3 "${gravityDBfile}"; } 2>&1 )
+  status="$?"
+
+  if [[ "${status}" -ne 0 ]]; then
+    echo -e "\\n  ${CROSS} Unable to update timestamp of adlist with ID ${1} in database ${gravityDBfile}\\n  ${output}"
+    gravity_Cleanup "error"
+  fi
+}
+
 # Migrate pre-v5.0 list files to database-based Pi-hole versions
 migrate_to_database() {
   # Create database file only if not present
@@ -555,6 +566,8 @@ gravity_DownloadBlocklistFromUrl() {
       gravity_ParseFileIntoDomains "${patternBuffer}" "${saveLocation}"
       # Add domains to database table file
       parseList "${adlistID}" "${saveLocation}" "${target}"
+      # Update date_updated field in gravity database table
+      database_adlist_updated "${adlistID}"
     else
       # Fall back to previously cached list if $patternBuffer is empty
       echo -e "  ${INFO} Received empty file: ${COL_LIGHT_GREEN}using previously cached list${COL_NC}"

From 12b9748c43bc7178e9cbef35806267221e5b4659 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Mon, 7 Sep 2020 21:11:57 +0200
Subject: [PATCH 093/297] Fine-tune adlist:adte_modified trigger and don't
 default new date_updated column to now but use NULL instead

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/database_migration/gravity/12_to_13.sql | 7 +++++++
 advanced/Templates/gravity.db.sql                        | 6 +++---
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/advanced/Scripts/database_migration/gravity/12_to_13.sql b/advanced/Scripts/database_migration/gravity/12_to_13.sql
index 48dad69f..d16791d6 100644
--- a/advanced/Scripts/database_migration/gravity/12_to_13.sql
+++ b/advanced/Scripts/database_migration/gravity/12_to_13.sql
@@ -6,6 +6,13 @@ BEGIN TRANSACTION;
 
 ALTER TABLE adlist ADD COLUMN date_updated INTEGER;
 
+DROP TRIGGER tr_adlist_update;
+
+CREATE TRIGGER tr_adlist_update AFTER UPDATE OF address,enabled,comment ON adlist
+    BEGIN
+      UPDATE adlist SET date_modified = (cast(strftime('%s', 'now') as int)) WHERE id = NEW.id;
+    END;
+
 UPDATE info SET value = 13 WHERE property = 'version';
 
 COMMIT;
\ No newline at end of file
diff --git a/advanced/Templates/gravity.db.sql b/advanced/Templates/gravity.db.sql
index e6cb4c59..2aa7e8f8 100644
--- a/advanced/Templates/gravity.db.sql
+++ b/advanced/Templates/gravity.db.sql
@@ -32,7 +32,7 @@ CREATE TABLE adlist
 	date_added INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
 	date_modified INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
 	comment TEXT,
-	date_updated INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int))
+	date_updated INTEGER
 );
 
 CREATE TABLE adlist_by_group
@@ -86,9 +86,9 @@ CREATE TABLE client_by_group
 	PRIMARY KEY (client_id, group_id)
 );
 
-CREATE TRIGGER tr_adlist_update AFTER UPDATE ON adlist
+CREATE TRIGGER tr_adlist_update AFTER UPDATE OF address,enabled,comment ON adlist
     BEGIN
-      UPDATE adlist SET date_modified = (cast(strftime('%s', 'now') as int)) WHERE address = NEW.address;
+      UPDATE adlist SET date_modified = (cast(strftime('%s', 'now') as int)) WHERE id = NEW.id;
     END;
 
 CREATE TRIGGER tr_client_update AFTER UPDATE ON client

From 41e899260f45b53323dc58434ae4ba0acd8f3814 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Mon, 7 Sep 2020 23:14:35 +0200
Subject: [PATCH 094/297] Discover active DHCP servers during debugger run

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/piholeDebug.sh | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index d3083cc5..e9b11df1 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -1117,6 +1117,21 @@ show_db_entries() {
     IFS="$OLD_IFS"
 }
 
+check_dhcp_servers() {
+    echo_current_diagnostic "Discovering active DHCP servers (takes 10 seconds)"
+
+    OLD_IFS="$IFS"
+    IFS=$'\n'
+    local entries=()
+    mapfile -t entries < <(pihole-FTL dhcp-discover)
+
+    for line in "${entries[@]}"; do
+        log_write "   ${line}"
+    done
+
+    IFS="$OLD_IFS"
+}
+
 show_groups() {
     show_db_entries "Groups" "SELECT id,CASE enabled WHEN '0' THEN '   0' WHEN '1' THEN '      1' ELSE enabled END enabled,name,datetime(date_added,'unixepoch','localtime') date_added,datetime(date_modified,'unixepoch','localtime') date_modified,description FROM \"group\"" "4 7 50 19 19 50"
 }
@@ -1308,6 +1323,7 @@ check_selinux
 processor_check
 check_networking
 check_name_resolution
+check_dhcp_servers
 process_status
 parse_setup_vars
 check_x_headers

From b88510d89a688d82bde4b92b93b435cf814a2a8b Mon Sep 17 00:00:00 2001
From: DirkJanIT <57564379+DirkJanIT@users.noreply.github.com>
Date: Thu, 17 Sep 2020 23:13:40 +0200
Subject: [PATCH 095/297] Add CACHE_SIZE to setupVars (#3170)

* Update 01-pihole.conf

Signed-off-by: DoubleOhmSeven <57564379+DoubleOhmSeven@users.noreply.github.com>

* Update basic-install.sh

Signed-off-by: DoubleOhmSeven <57564379+DoubleOhmSeven@users.noreply.github.com>

Co-authored-by: DoubleOhmSeven <57564379+DoubleOhmSeven@users.noreply.github.com>
---
 advanced/01-pihole.conf            | 2 +-
 automated install/basic-install.sh | 9 +++++++--
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/advanced/01-pihole.conf b/advanced/01-pihole.conf
index 2c8b3749..e243e91a 100644
--- a/advanced/01-pihole.conf
+++ b/advanced/01-pihole.conf
@@ -34,7 +34,7 @@ server=@DNS2@
 
 interface=@INT@
 
-cache-size=10000
+cache-size=@CACHE_SIZE@
 
 log-queries
 log-facility=/var/log/pihole.log
diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 984bc58e..718a8988 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -82,6 +82,7 @@ IPV6_ADDRESS=${IPV6_ADDRESS}
 QUERY_LOGGING=true
 INSTALL_WEB_INTERFACE=true
 PRIVACY_LEVEL=0
+CACHE_SIZE=10000
 
 if [ -z "${USER}" ]; then
   USER="$(id -un)"
@@ -1429,7 +1430,10 @@ version_check_dnsmasq() {
         #
         sed -i '/^server=@DNS2@/d' "${dnsmasq_pihole_01_location}"
     fi
-
+	
+	# Set the cache size
+	sed -i "s/@CACHE_SIZE@/$CACHE_SIZE/" ${dnsmasq_pihole_01_location}
+   
     #
     sed -i 's/^#conf-dir=\/etc\/dnsmasq.d$/conf-dir=\/etc\/dnsmasq.d/' "${dnsmasq_conf}"
 
@@ -1954,7 +1958,7 @@ finalExports() {
     # If the setup variable file exists,
     if [[ -e "${setupVars}" ]]; then
         # update the variables in the file
-        sed -i.update.bak '/PIHOLE_INTERFACE/d;/IPV4_ADDRESS/d;/IPV6_ADDRESS/d;/PIHOLE_DNS_1/d;/PIHOLE_DNS_2/d;/QUERY_LOGGING/d;/INSTALL_WEB_SERVER/d;/INSTALL_WEB_INTERFACE/d;/LIGHTTPD_ENABLED/d;' "${setupVars}"
+        sed -i.update.bak '/PIHOLE_INTERFACE/d;/IPV4_ADDRESS/d;/IPV6_ADDRESS/d;/PIHOLE_DNS_1/d;/PIHOLE_DNS_2/d;/QUERY_LOGGING/d;/INSTALL_WEB_SERVER/d;/INSTALL_WEB_INTERFACE/d;/LIGHTTPD_ENABLED/d;/CACHE_SIZE/d;' "${setupVars}"
     fi
     # echo the information to the user
     {
@@ -1967,6 +1971,7 @@ finalExports() {
     echo "INSTALL_WEB_SERVER=${INSTALL_WEB_SERVER}"
     echo "INSTALL_WEB_INTERFACE=${INSTALL_WEB_INTERFACE}"
     echo "LIGHTTPD_ENABLED=${LIGHTTPD_ENABLED}"
+    echo "CACHE_SIZE=${CACHE_SIZE}"
     }>> "${setupVars}"
     chmod 644 "${setupVars}"
 

From 8041bbf44390bd25be3471ed363d73a0dacf9a55 Mon Sep 17 00:00:00 2001
From: Sebastian Gmeiner <sebastian@gmeiners.net>
Date: Fri, 25 Sep 2020 15:26:43 +0200
Subject: [PATCH 096/297] read REV_SERVER_CIDR from environment

Signed-off-by: Sebastian Gmeiner <sebastian@gmeiners.net>
---
 advanced/Scripts/webpage.sh | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index 1f7cc728..ec1a763c 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -224,17 +224,20 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423
         REV_SERVER_TARGET="${CONDITIONAL_FORWARDING_IP}"
         add_setting "REV_SERVER_TARGET" "${REV_SERVER_TARGET}"
 
+        REV_SERVER_CIDR="${CONDITIONAL_FORWARDING_REVERSE}"
+        if [ -z "${REV_SERVER_CIDR}" ]; then
+            # Convert existing input to /24 subnet (preserves legacy behavior)
+            # This sed converts "192.168.1.2" to "192.168.1.0/24"
+            # shellcheck disable=2001
+            REV_SERVER_CIDR="$(sed "s+\\.[0-9]*$+\\.0/24+" <<< "${REV_SERVER_TARGET}")"
+        fi
+        add_setting "REV_SERVER_CIDR" "${REV_SERVER_CIDR}"
+
         # Remove obsolete settings from setupVars.conf
         delete_setting "CONDITIONAL_FORWARDING"
         delete_setting "CONDITIONAL_FORWARDING_REVERSE"
         delete_setting "CONDITIONAL_FORWARDING_DOMAIN"
         delete_setting "CONDITIONAL_FORWARDING_IP"
-
-        # Convert existing input to /24 subnet (preserves legacy behavior)
-        # This sed converts "192.168.1.2" to "192.168.1.0/24"
-        # shellcheck disable=2001
-        REV_SERVER_CIDR="$(sed "s+\\.[0-9]*$+\\.0/24+" <<< "${REV_SERVER_TARGET}")"
-        add_setting "REV_SERVER_CIDR" "${REV_SERVER_CIDR}"
     fi
 
     if [[ "${REV_SERVER}" == true ]]; then

From e9796d5671504749ca51655c6b37724bfdaeca5c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Mon, 28 Sep 2020 06:15:46 +0200
Subject: [PATCH 097/297] Remove traces of previous default adlists
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 automated install/basic-install.sh | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 9e451753..e855efbc 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -1313,8 +1313,6 @@ installDefaultBlocklists() {
     fi
     appendToListsFile StevenBlack
     appendToListsFile MalwareDom
-    appendToListsFile DisconTrack
-    appendToListsFile DisconAd
 }
 
 # Check if /etc/dnsmasq.conf is from pi-hole.  If so replace with an original and install new in .d directory
@@ -1381,10 +1379,10 @@ version_check_dnsmasq() {
         #
         sed -i '/^server=@DNS2@/d' "${dnsmasq_pihole_01_location}"
     fi
-	
+
 	# Set the cache size
 	sed -i "s/@CACHE_SIZE@/$CACHE_SIZE/" ${dnsmasq_pihole_01_location}
-   
+
     #
     sed -i 's/^#conf-dir=\/etc\/dnsmasq.d$/conf-dir=\/etc\/dnsmasq.d/' "${dnsmasq_conf}"
 

From c628c970ae37d2bd7f4a28c97ef81ff5e24619f2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Fri, 2 Oct 2020 21:04:27 +0200
Subject: [PATCH 098/297] Print tail of logs in /var/log/lighttpd in debug run
 as well
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 advanced/Scripts/piholeDebug.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index d3083cc5..553de723 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -1027,7 +1027,7 @@ list_files_in_dir() {
                     # Check if the file we want to view has a limit (because sometimes we just need a little bit of info from the file, not the entire thing)
                     case "${dir_to_parse}/${each_file}" in
                         # If it's Web server error log, just give the first 25 lines
-                        "${PIHOLE_WEB_SERVER_ERROR_LOG_FILE}") make_array_from_file "${dir_to_parse}/${each_file}" 25
+                        "${PIHOLE_WEB_SERVER_ERROR_LOG_FILE}") head_tail_log "${dir_to_parse}/${each_file}" 25
                             ;;
                         # Same for the FTL log
                         "${PIHOLE_FTL_LOG}") head_tail_log "${dir_to_parse}/${each_file}" 35

From 568ebd67ca65ec48570186e331c6b55dcf21d28c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Sat, 3 Oct 2020 16:17:37 +0200
Subject: [PATCH 099/297] Update comment
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 advanced/Scripts/piholeDebug.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 553de723..eee0dad3 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -1026,7 +1026,7 @@ list_files_in_dir() {
                     log_write "\\n${COL_GREEN}$(ls -ld "${dir_to_parse}"/"${each_file}")${COL_NC}"
                     # Check if the file we want to view has a limit (because sometimes we just need a little bit of info from the file, not the entire thing)
                     case "${dir_to_parse}/${each_file}" in
-                        # If it's Web server error log, just give the first 25 lines
+                        # If it's Web server error log, give the first and last 25 lines
                         "${PIHOLE_WEB_SERVER_ERROR_LOG_FILE}") head_tail_log "${dir_to_parse}/${each_file}" 25
                             ;;
                         # Same for the FTL log

From b88efd2527dfb907157e7d13e1a3369996feccd9 Mon Sep 17 00:00:00 2001
From: verdantfire <himanshuruhela013@gmail.com>
Date: Tue, 6 Oct 2020 00:13:07 +0530
Subject: [PATCH 100/297] fixed small grammatical error

Co-authored-by: Himanshu Ruhela <himanshuruhela013@gmail.com>
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 test/test_000_build_containers.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/test_000_build_containers.py b/test/test_000_build_containers.py
index bca67989..184052f3 100644
--- a/test/test_000_build_containers.py
+++ b/test/test_000_build_containers.py
@@ -12,7 +12,7 @@ run_local = testinfra.get_backend(
     ('test/centos.Dockerfile', 'pytest_pihole:centos'),
     ('test/fedora.Dockerfile', 'pytest_pihole:fedora'),
 ])
-# mark as 'build_stage' so we can ensure images are build first when tests
+# mark as 'build_stage' so we can ensure images are built first when tests
 # are executed in parallel. (not required when tests are executed serially)
 @pytest.mark.build_stage
 def test_build_pihole_image(image, tag):

From 615b19c3d67bf3bc9452a9a7b00a6de60c2e8f47 Mon Sep 17 00:00:00 2001
From: MichaIng <micha@dietpi.com>
Date: Fri, 9 Oct 2020 16:12:21 +0200
Subject: [PATCH 101/297] web server question enhancements (#3225)

+ Do not ask to install the web server, if the web interface has been deselected before.
+ Add additional info, that PHP modules need to be installed manually, when web server is deselected and the web server user needs to be member of the "pihole" group.
+ Consequently use webroot variable instead of /var/www/html

Signed-off-by: MichaIng <micha@dietpi.com>
---
 automated install/basic-install.sh | 17 +++++++++++------
 1 file changed, 11 insertions(+), 6 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index e855efbc..23836270 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -354,7 +354,7 @@ if is_command apt-get ; then
     PIHOLE_DEPS=(cron curl iputils-ping lsof netcat psmisc sudo unzip wget idn2 sqlite3 libcap2-bin dns-root-data libcap2)
     # The Web dashboard has some that also need to be installed
     # It's useful to separate the two since our repos are also setup as "Core" code and "Web" code
-    PIHOLE_WEB_DEPS=(lighttpd "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-${phpSqlite}" "${phpVer}-xml" "${phpVer}-intl")
+    PIHOLE_WEB_DEPS=(lighttpd "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-${phpSqlite}" "${phpVer}-xml" "${phpVer}-json" "${phpVer}-intl")
     # The Web server user,
     LIGHTTPD_USER="www-data"
     # group,
@@ -1244,13 +1244,18 @@ setAdminFlag() {
             printf "  %b Web Interface Off\\n" "${INFO}"
             # or false
             INSTALL_WEB_INTERFACE=false
+            # Deselect the web server as well, since it is obsolete then
+            INSTALL_WEB_SERVER=false
             ;;
     esac
 
-    # Request user to install web server, if --disable-install-webserver has not been used (INSTALL_WEB_SERVER=true is default).
+    # Request user to install web server, if it has not been deselected before (INSTALL_WEB_SERVER=true is default).
     if [[ "${INSTALL_WEB_SERVER}" == true ]]; then
-        WebToggleCommand=(whiptail --separate-output --radiolist "Do you wish to install the web server (lighttpd)?\\n\\nNB: If you disable this, and, do not have an existing webserver installed, the web interface will not function." "${r}" "${c}" 6)
-        # with the default being enabled
+        # Get list of required PHP modules, excluding base package (common) and handler (cgi)
+        local i php_modules
+        for i in "${PIHOLE_WEB_DEPS[@]}"; do [[ $i == 'php'* && $i != *'-common' && $i != *'-cgi' ]] && php_modules+=" ${i#*-}"; done
+        WebToggleCommand=(whiptail --separate-output --radiolist "Do you wish to install the web server (lighttpd) and required PHP modules?\\n\\nNB: If you disable this, and, do not have an existing web server and required PHP modules (${php_modules# }) installed, the web interface will not function. Additionally the web server user needs to be member of the \"pihole\" group for full functionality." "${r}" "${c}" 6)
+        # Enable as default and recommended option
         WebChooseOptions=("On (Recommended)" "" on
             Off "" off)
         WebChoices=$("${WebToggleCommand[@]}" "${WebChooseOptions[@]}" 2>&1 >/dev/tty) || (printf "  %bCancel was selected, exiting installer%b\\n" "${COL_LIGHT_RED}" "${COL_NC}" && exit 1)
@@ -1995,9 +2000,9 @@ installPihole() {
             # Set the owner and permissions
             chown ${LIGHTTPD_USER}:${LIGHTTPD_GROUP} ${webroot}
             chmod 0775 ${webroot}
-            # Repair permissions if /var/www/html is not world readable
+            # Repair permissions if webroot is not world readable
             chmod a+rx /var/www
-            chmod a+rx /var/www/html
+            chmod a+rx ${webroot}
             # Give lighttpd access to the pihole group so the web interface can
             # manage the gravity.db database
             usermod -a -G pihole ${LIGHTTPD_USER}

From 0445559610286c11da414f0145ddbb548618dba3 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Fri, 9 Oct 2020 16:24:42 +0100
Subject: [PATCH 102/297] Accidentally a number (#3788)

Co-authored-by: MichaIng <micha@dietpi.com>
Signed-off-by: Adam Warner <me@adamwarner.co.uk>

Co-authored-by: MichaIng <micha@dietpi.com>
---
 advanced/Scripts/database_migration/gravity-db.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/advanced/Scripts/database_migration/gravity-db.sh b/advanced/Scripts/database_migration/gravity-db.sh
index e2740a7f..282ea07b 100644
--- a/advanced/Scripts/database_migration/gravity-db.sh
+++ b/advanced/Scripts/database_migration/gravity-db.sh
@@ -114,6 +114,6 @@ upgrade_gravityDB(){
 		# Add column date_updated to alist table
 		echo -e "  ${INFO} Upgrading gravity database from version 12 to 13"
 		sqlite3 "${database}" < "${scriptPath}/12_to_13.sql"
-		version=12
+		version=13
 	fi
 }

From d631cd8b042bfafa299a4deef71211209d1b776a Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Sat, 10 Oct 2020 11:01:01 +0200
Subject: [PATCH 103/297] Security enhancement for the "never forward
 non-FQDNs" feature. This should prevent all local queries from being
 forwarded (will show up as blocked by regex) as well as any hostname without
 a domain (for example one word searches from the address bar in browsers).
 This fixes #3303

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/webpage.sh | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index 1f7cc728..408a1962 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -167,9 +167,11 @@ ProcessDNSSettings() {
     fi
 
     delete_dnsmasq_setting "domain-needed"
+    delete_dnsmasq_setting "expand-hosts"
 
     if [[ "${DNS_FQDN_REQUIRED}" == true ]]; then
         add_dnsmasq_setting "domain-needed"
+        add_dnsmasq_setting "expand-hosts"
     fi
 
     delete_dnsmasq_setting "bogus-priv"
@@ -370,6 +372,7 @@ dhcp-leasefile=/etc/pihole/dhcp.leases
 
     if [[ "${PIHOLE_DOMAIN}" != "none" ]]; then
         echo "domain=${PIHOLE_DOMAIN}" >> "${dhcpconfig}"
+        echo "local=/${PIHOLE_DOMAIN}/" >> "${dhcpconfig}"
     fi
 
     # Sourced from setupVars

From 08a84e51d69b86c018aa6aab1201d66f863995a6 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Sat, 10 Oct 2020 11:23:39 +0200
Subject: [PATCH 104/297] Only add local=/<domain>/ when the "only forward FQDN
 queries" function is enabled to prevent unintended side-effects of this
 change

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/webpage.sh | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index 408a1962..519c4376 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -372,7 +372,9 @@ dhcp-leasefile=/etc/pihole/dhcp.leases
 
     if [[ "${PIHOLE_DOMAIN}" != "none" ]]; then
         echo "domain=${PIHOLE_DOMAIN}" >> "${dhcpconfig}"
-        echo "local=/${PIHOLE_DOMAIN}/" >> "${dhcpconfig}"
+        if  [[ "${DNS_FQDN_REQUIRED}" == true ]]; then
+          echo "local=/${PIHOLE_DOMAIN}/" >> "${dhcpconfig}"
+        fi
     fi
 
     # Sourced from setupVars

From 47aa1644a89bde9e9fa0b11edb042e75d7228335 Mon Sep 17 00:00:00 2001
From: bcambl <blayne@blaynecampbell.com>
Date: Sun, 11 Oct 2020 22:20:31 -0600
Subject: [PATCH 105/297] add debug checking for firewalld

Signed-off-by: bcambl <blayne@blaynecampbell.com>
---
 advanced/Scripts/piholeDebug.sh | 54 +++++++++++++++++++++++++++++++++
 1 file changed, 54 insertions(+)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 72d84b4e..52e11b6a 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -48,6 +48,7 @@ FAQ_UPDATE_PI_HOLE="${COL_CYAN}https://discourse.pi-hole.net/t/how-do-i-update-p
 FAQ_CHECKOUT_COMMAND="${COL_CYAN}https://discourse.pi-hole.net/t/the-pihole-command-with-examples/738#checkout${COL_NC}"
 FAQ_HARDWARE_REQUIREMENTS="${COL_CYAN}https://docs.pi-hole.net/main/prerequisites/${COL_NC}"
 FAQ_HARDWARE_REQUIREMENTS_PORTS="${COL_CYAN}https://docs.pi-hole.net/main/prerequisites/#ports${COL_NC}"
+FAQ_HARDWARE_REQUIREMENTS_FIREWALLD="${COL_CYAN}https://docs.pi-hole.net/main/prerequisites/#firewalld${COL_NC}"
 FAQ_GATEWAY="${COL_CYAN}https://discourse.pi-hole.net/t/why-is-a-default-gateway-important-for-pi-hole/3546${COL_NC}"
 FAQ_ULA="${COL_CYAN}https://discourse.pi-hole.net/t/use-ipv6-ula-addresses-for-pi-hole/2127${COL_NC}"
 FAQ_FTL_COMPATIBILITY="${COL_CYAN}https://github.com/pi-hole/FTL#compatibility-list${COL_NC}"
@@ -493,6 +494,58 @@ check_selinux() {
     fi
 }
 
+check_firewalld() {
+    # FirewallD ships by default on Fedora/CentOS/RHEL and enabled upon clean install
+    # FirewallD is not configured by the installer and is the responsibility of the user
+    echo_current_diagnostic "FirewallD"
+    # Check if FirewallD service is enabled
+    if command -v systemctl &> /dev/null; then
+        # get its status via systemctl
+        local firewalld_status
+        firewalld_status=$(systemctl is-active firewalld)
+        log_write "${INFO} ${COL_GREEN}Firewalld service ${firewalld_status}${COL_NC}";
+        if [ "${firewalld_status}" == "active" ]; then
+            # test common required service ports
+            local firewalld_enabled_services
+            firewalld_enabled_services=$(firewall-cmd --list-services)
+            local firewalld_expected_services=("http" "dns" "dhcp" "dhcpv6")
+            for i in "${firewalld_expected_services[@]}"; do
+                if [[ "${firewalld_enabled_services}" =~ ${i} ]]; then
+                    log_write "${TICK} ${COL_GREEN}  Allow Service: ${i}${COL_NC}";
+                else
+                    log_write "${CROSS} ${COL_RED}  Allow Service: ${i}${COL_NC} (${FAQ_HARDWARE_REQUIREMENTS_FIREWALLD})"
+                fi
+            done
+            # check for custom FTL FirewallD zone
+            local firewalld_zones
+            firewalld_zones=$(firewall-cmd --get-zones)
+            if [[ "${firewalld_zones}" =~ "ftl" ]]; then
+                log_write "${TICK} ${COL_GREEN}FTL Custom Zone Detected${COL_NC}";
+                # check FTL custom zone interface: lo
+                local firewalld_ftl_zone_interfaces
+                firewalld_ftl_zone_interfaces=$(firewall-cmd --zone=ftl --list-interfaces)
+                if [[ "${firewalld_ftl_zone_interfaces}" =~ "lo" ]]; then
+                    log_write "${TICK} ${COL_GREEN}  Local Interface Detected${COL_NC}";
+                else
+                    log_write "${CROSS} ${COL_RED}  Local Interface Not Detected${COL_NC} (${FAQ_HARDWARE_REQUIREMENTS_FIREWALLD})"
+                fi
+                # check FTL custom zone port: 4711
+                local firewalld_ftl_zone_ports
+                firewalld_ftl_zone_ports=$(firewall-cmd --zone=ftl --list-ports)
+                if [[ "${firewalld_ftl_zone_ports}" =~ "4711/tcp" ]]; then
+                    log_write "${TICK} ${COL_GREEN}  FTL Port 4711/tcp Detected${COL_NC}";
+                else
+                    log_write "${CROSS} ${COL_RED}  FTL Port 4711/tcp Not Detected${COL_NC} (${FAQ_HARDWARE_REQUIREMENTS_FIREWALLD})"
+                fi
+            else
+                log_write "${CROSS} ${COL_RED}FTL Custom Zone Not Detected${COL_NC} (${FAQ_HARDWARE_REQUIREMENTS_FIREWALLD})"
+            fi
+        fi
+    else
+        log_write "${TICK} ${COL_GREEN}Firewalld service not detected${COL_NC}";
+    fi
+}
+
 processor_check() {
     echo_current_diagnostic "Processor"
     # Store the processor type in a variable
@@ -1320,6 +1373,7 @@ check_component_versions
 check_critical_program_versions
 diagnose_operating_system
 check_selinux
+check_firewalld
 processor_check
 check_networking
 check_name_resolution

From 59b0a6af6f07b8534388b2a5da6d894d989765e7 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Tue, 13 Oct 2020 23:53:23 +0100
Subject: [PATCH 106/297] Remove references to privacy level 4 (no longer
 functional)

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 advanced/Scripts/webpage.sh        | 6 +++---
 advanced/bash-completion/pihole    | 6 +++---
 automated install/basic-install.sh | 1 -
 manpages/pihole-FTL.conf.5         | 4 +---
 manpages/pihole.8                  | 2 +-
 5 files changed, 8 insertions(+), 11 deletions(-)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index 1f7cc728..e9d23289 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -44,7 +44,7 @@ Options:
   -e, email           Set an administrative contact address for the Block Page
   -h, --help          Show this help dialog
   -i, interface       Specify dnsmasq's interface listening behavior
-  -l, privacylevel    Set privacy level (0 = lowest, 4 = highest)"
+  -l, privacylevel    Set privacy level (0 = lowest, 3 = highest)"
     exit 0
 }
 
@@ -633,8 +633,8 @@ clearAudit()
 }
 
 SetPrivacyLevel() {
-    # Set privacy level. Minimum is 0, maximum is 4
-    if [ "${args[2]}" -ge 0 ] && [ "${args[2]}" -le 4 ]; then
+    # Set privacy level. Minimum is 0, maximum is 3
+    if [ "${args[2]}" -ge 0 ] && [ "${args[2]}" -le 3 ]; then
         changeFTLsetting "PRIVACYLEVEL" "${args[2]}"
         pihole restartdns reload-lists
     fi
diff --git a/advanced/bash-completion/pihole b/advanced/bash-completion/pihole
index 88282b02..25208a35 100644
--- a/advanced/bash-completion/pihole
+++ b/advanced/bash-completion/pihole
@@ -56,11 +56,11 @@ _pihole() {
 		;;
 		"privacylevel")
 			if ( [[ "$prev2" == "admin" ]] || [[ "$prev2" == "-a" ]] ); then
-				opts_privacy="0 1 2 3 4"
+				opts_privacy="0 1 2 3"
 				COMPREPLY=( $(compgen -W "${opts_privacy}" -- ${cur}) )
-			else 
+			else
 				return 1
-			fi	
+			fi
 		;;
 		"core"|"admin"|"ftl")
 			if [[ "$prev2" == "checkout" ]]; then
diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 23836270..537e6724 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -1211,7 +1211,6 @@ setPrivacyLevel() {
         "1" "Hide domains" off
         "2" "Hide domains and clients" off
         "3" "Anonymous mode" off
-        "4" "Disabled statistics" off
     )
 
     # Get the user's choice
diff --git a/manpages/pihole-FTL.conf.5 b/manpages/pihole-FTL.conf.5
index 218f5e7a..5cb0481e 100644
--- a/manpages/pihole-FTL.conf.5
+++ b/manpages/pihole-FTL.conf.5
@@ -64,7 +64,7 @@ pihole-FTL.conf - FTL's config file
     On which port should FTL be listening?
 .br
 
-\fBPRIVACYLEVEL=0|1|2|3|4\fR
+\fBPRIVACYLEVEL=0|1|2|3\fR
 .br
     Which privacy level is used?
 .br
@@ -76,8 +76,6 @@ pihole-FTL.conf - FTL's config file
 .br
     3 - anonymous mode (hide everything)
 .br
-    4 - disable all statistics
-.br
 
 \fBIGNORE_LOCALHOST=no|yes\fR
 .br
diff --git a/manpages/pihole.8 b/manpages/pihole.8
index e528bcde..a57eb05e 100644
--- a/manpages/pihole.8
+++ b/manpages/pihole.8
@@ -139,7 +139,7 @@ Available commands and options:
       -i, interface     Specify dnsmasq's interface listening behavior
 .br
       -l, privacylevel  <level> Set privacy level
-                        (0 = lowest, 4 = highest)
+                        (0 = lowest, 3 = highest)
 .br
 
 \fB-c, chronometer\fR	[options]

From 01c9bbd3ca110ecc120e6a11d042605e3c96ff7a Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Tue, 13 Oct 2020 15:18:14 +0200
Subject: [PATCH 107/297] Improve processor detection to use the new dedicated
 ARMv4T, ARMv5TE and ARMv8-A binaries we provide for FTL.

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 automated install/basic-install.sh | 52 ++++++++++-------
 test/test_automated_install.py     | 89 +++++++++++++++++++++++++++---
 2 files changed, 112 insertions(+), 29 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 23836270..535ea588 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -2395,7 +2395,7 @@ get_binary_name() {
 
     local l_binary
 
-    local str="Detecting architecture"
+    local str="Detecting processor"
     printf "  %b %s..." "${INFO}" "${str}"
     # If the machine is arm or aarch
     if [[ "${machine}" == "arm"* || "${machine}" == *"aarch"* ]]; then
@@ -2408,48 +2408,58 @@ get_binary_name() {
         lib=$(ldd /bin/ls | grep -E '^\s*/lib' | awk '{ print $1 }')
         #
         if [[ "${lib}" == "/lib/ld-linux-aarch64.so.1" ]]; then
-            printf "%b  %b Detected ARM-aarch64 architecture\\n" "${OVER}" "${TICK}"
+            printf "%b  %b Detected AArch64 (64 Bit ARM) processor\\n" "${OVER}" "${TICK}"
             # set the binary to be used
             l_binary="pihole-FTL-aarch64-linux-gnu"
         #
         elif [[ "${lib}" == "/lib/ld-linux-armhf.so.3" ]]; then
-            #
-            if [[ "${rev}" -gt 6 ]]; then
-                printf "%b  %b Detected ARM-hf architecture (armv7+)\\n" "${OVER}" "${TICK}"
+            # Hard-float available: Use gnueabihf binaries
+            # If ARMv8 or higher is found (e.g., BCM2837 as found in Raspberry Pi Model 3B)
+            if [[ "${rev}" -gt 7 ]]; then
+                printf "%b  %b Detected ARMv8 (or newer) processor\\n" "${OVER}" "${TICK}"
                 # set the binary to be used
-                l_binary="pihole-FTL-arm-linux-gnueabihf"
-            # Otherwise,
+                l_binary="pihole-FTL-armv8-linux-gnueabihf"
+            # Otherwise, if ARMv7 is found (e.g., BCM2836 as found in Raspberry Pi Model 2)
+            elif [[ "${rev}" -eq 7 ]]; then
+                printf "%b  %b Detected ARMv7 processor (with hard-float support)\\n" "${OVER}" "${TICK}"
+                # set the binary to be used
+                l_binary="pihole-FTL-armv7-linux-gnueabihf"
+            # Otherwise, use the ARMv6 binary (e.g., BCM2835 as found in Raspberry Pi Zero and Model 1)
             else
-                printf "%b  %b Detected ARM-hf architecture (armv6 or lower) Using ARM binary\\n" "${OVER}" "${TICK}"
+                printf "%b  %b Detected ARMv6 processor (with hard-float support)\\n" "${OVER}" "${TICK}"
                 # set the binary to be used
-                l_binary="pihole-FTL-arm-linux-gnueabi"
+                l_binary="pihole-FTL-armv6-linux-gnueabihf"
             fi
         else
-            if [[ -f "/.dockerenv" ]]; then
-                printf "%b  %b Detected ARM architecture in docker\\n" "${OVER}" "${TICK}"
+            # No hard-float support found: Use gnueabi binaries
+            # Use the ARMv4-compliant binary only if we detected an ARMv4T core
+            if [[ "${rev}" -eq 4 ]]; then
+                printf "%b  %b Detected ARMv4 processor\\n" "${OVER}" "${TICK}"
                 # set the binary to be used
-                l_binary="pihole-FTL-armel-native"
+                l_binary="pihole-FTL-armv4-linux-gnueabi"
+            # Otherwise, use the ARMv5 binary. To date (end of 2020), all modern ARM processors
+            # are backwards-compatible to the ARMv5
             else
-                printf "%b  %b Detected ARM architecture\\n" "${OVER}" "${TICK}"
+                printf "%b  %b Detected ARMv5 (or newer) processor\\n" "${OVER}" "${TICK}"
                 # set the binary to be used
-                l_binary="pihole-FTL-arm-linux-gnueabi"
+                l_binary="pihole-FTL-armv5-linux-gnueabi"
             fi
         fi
     elif [[ "${machine}" == "x86_64" ]]; then
-        # This gives the architecture of packages dpkg installs (for example, "i386")
+        # This gives the processor of packages dpkg installs (for example, "i386")
         local dpkgarch
-        dpkgarch=$(dpkg --print-architecture 2> /dev/null || true)
+        dpkgarch=$(dpkg --print-processor 2> /dev/null || true)
 
         # Special case: This is a 32 bit OS, installed on a 64 bit machine
-        # -> change machine architecture to download the 32 bit executable
+        # -> change machine processor to download the 32 bit executable
         # We only check this for Debian-based systems as this has been an issue
         # in the past (see https://github.com/pi-hole/pi-hole/pull/2004)
         if [[ "${dpkgarch}" == "i386" ]]; then
-            printf "%b  %b Detected 32bit (i686) architecture\\n" "${OVER}" "${TICK}"
+            printf "%b  %b Detected 32bit (i686) processor\\n" "${OVER}" "${TICK}"
             l_binary="pihole-FTL-linux-x86_32"
         else
             # 64bit
-            printf "%b  %b Detected x86_64 architecture\\n" "${OVER}" "${TICK}"
+            printf "%b  %b Detected x86_64 processor\\n" "${OVER}" "${TICK}"
             # set the binary to be used
             l_binary="pihole-FTL-linux-x86_64"
         fi
@@ -2457,10 +2467,10 @@ get_binary_name() {
         # Something else - we try to use 32bit executable and warn the user
         if [[ ! "${machine}" == "i686" ]]; then
             printf "%b  %b %s...\\n" "${OVER}" "${CROSS}" "${str}"
-            printf "  %b %bNot able to detect architecture (unknown: %s), trying 32bit executable%b\\n" "${INFO}" "${COL_LIGHT_RED}" "${machine}" "${COL_NC}"
+            printf "  %b %bNot able to detect processor (unknown: %s), trying x86 (32bit) executable%b\\n" "${INFO}" "${COL_LIGHT_RED}" "${machine}" "${COL_NC}"
             printf "  %b Contact Pi-hole Support if you experience issues (e.g: FTL not running)\\n" "${INFO}"
         else
-            printf "%b  %b Detected 32bit (i686) architecture\\n" "${OVER}" "${TICK}"
+            printf "%b  %b Detected 32bit (i686) processor\\n" "${OVER}" "${TICK}"
         fi
         l_binary="pihole-FTL-linux-x86_32"
     fi
diff --git a/test/test_automated_install.py b/test/test_automated_install.py
index 7351beb5..342d8a3c 100644
--- a/test/test_automated_install.py
+++ b/test/test_automated_install.py
@@ -187,7 +187,55 @@ def test_FTL_detect_aarch64_no_errors(Pihole):
     ''')
     expected_stdout = info_box + ' FTL Checks...'
     assert expected_stdout in detectPlatform.stdout
-    expected_stdout = tick_box + ' Detected ARM-aarch64 architecture'
+    expected_stdout = tick_box + ' Detected AArch64 (64 Bit ARM) processor'
+    assert expected_stdout in detectPlatform.stdout
+    expected_stdout = tick_box + ' Downloading and Installing FTL'
+    assert expected_stdout in detectPlatform.stdout
+
+
+def test_FTL_detect_armv4t_no_errors(Pihole):
+    '''
+    confirms only armv4t package is downloaded for FTL engine
+    '''
+    # mock uname to return armv4t platform
+    mock_command('uname', {'-m': ('armv4t', '0')}, Pihole)
+    # mock ldd to respond with ld-linux shared library
+    mock_command('ldd', {'/bin/ls': ('/lib/ld-linux.so.3', '0')}, Pihole)
+    detectPlatform = Pihole.run('''
+    source /opt/pihole/basic-install.sh
+    create_pihole_user
+    funcOutput=$(get_binary_name)
+    binary="pihole-FTL${funcOutput##*pihole-FTL}"
+    theRest="${funcOutput%pihole-FTL*}"
+    FTLdetect "${binary}" "${theRest}"
+    ''')
+    expected_stdout = info_box + ' FTL Checks...'
+    assert expected_stdout in detectPlatform.stdout
+    expected_stdout = tick_box + (' Detected ARMv4 processor')
+    assert expected_stdout in detectPlatform.stdout
+    expected_stdout = tick_box + ' Downloading and Installing FTL'
+    assert expected_stdout in detectPlatform.stdout
+
+
+def test_FTL_detect_armv5te_no_errors(Pihole):
+    '''
+    confirms only armv5te package is downloaded for FTL engine
+    '''
+    # mock uname to return armv5te platform
+    mock_command('uname', {'-m': ('armv5te', '0')}, Pihole)
+    # mock ldd to respond with ld-linux shared library
+    mock_command('ldd', {'/bin/ls': ('/lib/ld-linux.so.3', '0')}, Pihole)
+    detectPlatform = Pihole.run('''
+    source /opt/pihole/basic-install.sh
+    create_pihole_user
+    funcOutput=$(get_binary_name)
+    binary="pihole-FTL${funcOutput##*pihole-FTL}"
+    theRest="${funcOutput%pihole-FTL*}"
+    FTLdetect "${binary}" "${theRest}"
+    ''')
+    expected_stdout = info_box + ' FTL Checks...'
+    assert expected_stdout in detectPlatform.stdout
+    expected_stdout = tick_box + (' Detected ARMv5 (or newer) processor')
     assert expected_stdout in detectPlatform.stdout
     expected_stdout = tick_box + ' Downloading and Installing FTL'
     assert expected_stdout in detectPlatform.stdout
@@ -199,7 +247,7 @@ def test_FTL_detect_armv6l_no_errors(Pihole):
     '''
     # mock uname to return armv6l platform
     mock_command('uname', {'-m': ('armv6l', '0')}, Pihole)
-    # mock ldd to respond with aarch64 shared library
+    # mock ldd to respond with ld-linux-armhf shared library
     mock_command('ldd', {'/bin/ls': ('/lib/ld-linux-armhf.so.3', '0')}, Pihole)
     detectPlatform = Pihole.run('''
     source /opt/pihole/basic-install.sh
@@ -211,8 +259,8 @@ def test_FTL_detect_armv6l_no_errors(Pihole):
     ''')
     expected_stdout = info_box + ' FTL Checks...'
     assert expected_stdout in detectPlatform.stdout
-    expected_stdout = tick_box + (' Detected ARM-hf architecture '
-                                  '(armv6 or lower)')
+    expected_stdout = tick_box + (' Detected ARMv6 processor '
+                                  '(with hard-float support)')
     assert expected_stdout in detectPlatform.stdout
     expected_stdout = tick_box + ' Downloading and Installing FTL'
     assert expected_stdout in detectPlatform.stdout
@@ -224,7 +272,7 @@ def test_FTL_detect_armv7l_no_errors(Pihole):
     '''
     # mock uname to return armv7l platform
     mock_command('uname', {'-m': ('armv7l', '0')}, Pihole)
-    # mock ldd to respond with aarch64 shared library
+    # mock ldd to respond with ld-linux-armhf shared library
     mock_command('ldd', {'/bin/ls': ('/lib/ld-linux-armhf.so.3', '0')}, Pihole)
     detectPlatform = Pihole.run('''
     source /opt/pihole/basic-install.sh
@@ -236,7 +284,32 @@ def test_FTL_detect_armv7l_no_errors(Pihole):
     ''')
     expected_stdout = info_box + ' FTL Checks...'
     assert expected_stdout in detectPlatform.stdout
-    expected_stdout = tick_box + ' Detected ARM-hf architecture (armv7+)'
+    expected_stdout = tick_box + (' Detected ARMv7 processor '
+                                  '(with hard-float support)')
+    assert expected_stdout in detectPlatform.stdout
+    expected_stdout = tick_box + ' Downloading and Installing FTL'
+    assert expected_stdout in detectPlatform.stdout
+
+
+def test_FTL_detect_armv8a_no_errors(Pihole):
+    '''
+    confirms only armv8a package is downloaded for FTL engine
+    '''
+    # mock uname to return armv8a platform
+    mock_command('uname', {'-m': ('armv8a', '0')}, Pihole)
+    # mock ldd to respond with ld-linux-armhf shared library
+    mock_command('ldd', {'/bin/ls': ('/lib/ld-linux-armhf.so.3', '0')}, Pihole)
+    detectPlatform = Pihole.run('''
+    source /opt/pihole/basic-install.sh
+    create_pihole_user
+    funcOutput=$(get_binary_name)
+    binary="pihole-FTL${funcOutput##*pihole-FTL}"
+    theRest="${funcOutput%pihole-FTL*}"
+    FTLdetect "${binary}" "${theRest}"
+    ''')
+    expected_stdout = info_box + ' FTL Checks...'
+    assert expected_stdout in detectPlatform.stdout
+    expected_stdout = tick_box + ' Detected ARMv8 (or newer) processor'
     assert expected_stdout in detectPlatform.stdout
     expected_stdout = tick_box + ' Downloading and Installing FTL'
     assert expected_stdout in detectPlatform.stdout
@@ -256,7 +329,7 @@ def test_FTL_detect_x86_64_no_errors(Pihole):
     ''')
     expected_stdout = info_box + ' FTL Checks...'
     assert expected_stdout in detectPlatform.stdout
-    expected_stdout = tick_box + ' Detected x86_64 architecture'
+    expected_stdout = tick_box + ' Detected x86_64 processor'
     assert expected_stdout in detectPlatform.stdout
     expected_stdout = tick_box + ' Downloading and Installing FTL'
     assert expected_stdout in detectPlatform.stdout
@@ -274,7 +347,7 @@ def test_FTL_detect_unknown_no_errors(Pihole):
     theRest="${funcOutput%pihole-FTL*}"
     FTLdetect "${binary}" "${theRest}"
     ''')
-    expected_stdout = 'Not able to detect architecture (unknown: mips)'
+    expected_stdout = 'Not able to detect processor (unknown: mips)'
     assert expected_stdout in detectPlatform.stdout
 
 

From ad39ba30bde9a2bb764dfd3b96bb06306f5f4b12 Mon Sep 17 00:00:00 2001
From: deHakkelaar <deHakkelaar@users.noreply.github.com>
Date: Thu, 22 Oct 2020 18:54:04 +0200
Subject: [PATCH 108/297] Enable DNS forwarding loop detection
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Found below by accident:
```
pi@ph5:~ $ man dnsmasq
[..]
       --dns-loop-detect
              Enable code to detect DNS forwarding loops; ie the  situa‐
              tion  where  a  query  sent  to one of the upstream server
              eventually returns as a new query to the dnsmasq instance.
              The  process  works  by generating TXT queries of the form
              <hex>.test and sending them to each upstream  server.  The
              hex is a UID which encodes the instance of dnsmasq sending
              the query and the upstream server to which it was sent. If
              the  query  returns  to the server which sent it, then the
              upstream server through which it was sent is disabled  and
              this  event  is  logged.  Each  time  the  set of upstream
              servers changes, the test is re-run on all  of  them,  in‐
              cluding ones which were previously disabled.
```
Seems to work just fine if I point my router 10.0.0.1 back to Pi-hole in the WAN DNS settings:
```
pi@ph5:~ $ grep server= -R /etc/dnsmasq.*
/etc/dnsmasq.d/01-pihole.conf:server=9.9.9.10
/etc/dnsmasq.d/01-pihole.conf:server=149.112.112.10
/etc/dnsmasq.d/01-pihole.conf:server=10.0.0.1
/etc/dnsmasq.d/01-pihole.conf:rev-server=10.0.0.0/24,10.0.0.2
/etc/dnsmasq.d/01-pihole.conf:server=/dehakkelaar.nl/10.0.0.2
/etc/dnsmasq.d/01-pihole.conf:server=/use-application-dns.net/
```
```
pi@ph5:~ $ sudo tee /etc/dnsmasq.d/99-my-settings.conf <<< $'dns-loop-detect'
dns-loop-detect
```
```
pi@ph5:~ $ pihole restartdns
  [✓] Restarting DNS server
```
```
pi@ph5:~ $ tail -F /var/log/pihole.log
[..]
Oct 22 18:17:41 dnsmasq[17301]: using nameserver 10.0.0.2#53 for domain dehakkelaar.nl
Oct 22 18:17:41 dnsmasq[17301]: using nameserver 10.0.0.2#53 for domain 0.0.10.in-addr.arpa
Oct 22 18:17:41 dnsmasq[17301]: NOT using nameserver 10.0.0.1#53 - query loop detected
Oct 22 18:17:41 dnsmasq[17301]: using nameserver 149.112.112.10#53
Oct 22 18:17:41 dnsmasq[17301]: using nameserver 9.9.9.10#53
```
---
 advanced/01-pihole.conf | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/advanced/01-pihole.conf b/advanced/01-pihole.conf
index e243e91a..2595c19e 100644
--- a/advanced/01-pihole.conf
+++ b/advanced/01-pihole.conf
@@ -32,6 +32,8 @@ no-resolv
 server=@DNS1@
 server=@DNS2@
 
+dns-loop-detect
+
 interface=@INT@
 
 cache-size=@CACHE_SIZE@

From 33e57350530dd5c4ee44051e8931604bebae1130 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Tue, 28 Jul 2020 19:06:54 +0100
Subject: [PATCH 109/297] Change base images for test containers to latest
 supported version

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 test/debian.Dockerfile | 2 +-
 test/fedora.Dockerfile | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/test/debian.Dockerfile b/test/debian.Dockerfile
index 66436f1a..9b72fc6a 100644
--- a/test/debian.Dockerfile
+++ b/test/debian.Dockerfile
@@ -1,4 +1,4 @@
-FROM buildpack-deps:jessie-scm
+FROM buildpack-deps:buster-scm
 
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole
diff --git a/test/fedora.Dockerfile b/test/fedora.Dockerfile
index a06fc007..869efb2b 100644
--- a/test/fedora.Dockerfile
+++ b/test/fedora.Dockerfile
@@ -1,4 +1,4 @@
-FROM fedora:30
+FROM fedora:32
 
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole

From c9edcfa33563e849d98e47143dc4f4d3e7cd44af Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Tue, 28 Jul 2020 19:07:17 +0100
Subject: [PATCH 110/297] add test to check "os_check" works

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 test/test_automated_install.py | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/test/test_automated_install.py b/test/test_automated_install.py
index 342d8a3c..c0648b71 100644
--- a/test/test_automated_install.py
+++ b/test/test_automated_install.py
@@ -561,3 +561,17 @@ def test_validate_ip_invalid_letters(Pihole):
     ''')
 
     assert output.rc == 1
+
+def test_os_check_pases(Pihole):
+    ''' Confirms OS meets the requirements '''
+    Pihole.run('''
+    source /opt/pihole/basic-install.sh
+    distro_check
+    install_dependent_packages ${INSTALLER_DEPS[@]}
+    ''')
+    detectOS = Pihole.run('''
+    source /opt/pihole/basic-install.sh
+    os_check
+    ''')
+    expected_stdout = 'Supported OS detected'
+    assert expected_stdout in detectOS.stdout

From 5648ad6b61406e560b3a3ce31032d64a3fbdc0d1 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Tue, 28 Jul 2020 19:07:50 +0100
Subject: [PATCH 111/297] [Experiment] up python to 3.7

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 tox.ini | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tox.ini b/tox.ini
index 249575b6..346ca886 100644
--- a/tox.ini
+++ b/tox.ini
@@ -1,5 +1,5 @@
 [tox]
-envlist = py36
+envlist = py37
 
 [testenv]
 whitelist_externals = docker

From 5aab68ab41cf94a0b95faa9e4cd63b1f09e580f9 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Wed, 29 Jul 2020 17:52:53 +0100
Subject: [PATCH 112/297] Update test/test_automated_install.py

Co-authored-by: pvogt09 <50047961+pvogt09@users.noreply.github.com>
---
 test/test_automated_install.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/test_automated_install.py b/test/test_automated_install.py
index c0648b71..4f6e2020 100644
--- a/test/test_automated_install.py
+++ b/test/test_automated_install.py
@@ -562,7 +562,7 @@ def test_validate_ip_invalid_letters(Pihole):
 
     assert output.rc == 1
 
-def test_os_check_pases(Pihole):
+def test_os_check_passes(Pihole):
     ''' Confirms OS meets the requirements '''
     Pihole.run('''
     source /opt/pihole/basic-install.sh

From 2c461460dbdedbd34451e9ff9a3657e65fbbaa3f Mon Sep 17 00:00:00 2001
From: bcambl <blayne@blaynecampbell.com>
Date: Sat, 8 Aug 2020 11:15:49 -0600
Subject: [PATCH 113/297] test with both centos7 and centos8 images

Signed-off-by: bcambl <blayne@blaynecampbell.com>
---
 test/centos.Dockerfile             |  2 +-
 test/centos7.Dockerfile            | 16 ++++++++++++++++
 test/conftest.py                   |  2 +-
 test/test_000_build_containers.py  |  1 +
 test/test_centos_fedora_support.py |  8 ++++----
 tox.ini                            |  1 +
 6 files changed, 24 insertions(+), 6 deletions(-)
 create mode 100644 test/centos7.Dockerfile

diff --git a/test/centos.Dockerfile b/test/centos.Dockerfile
index 00543b67..7444551b 100644
--- a/test/centos.Dockerfile
+++ b/test/centos.Dockerfile
@@ -1,4 +1,4 @@
-FROM centos:7
+FROM centos:8
 
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole
diff --git a/test/centos7.Dockerfile b/test/centos7.Dockerfile
new file mode 100644
index 00000000..00543b67
--- /dev/null
+++ b/test/centos7.Dockerfile
@@ -0,0 +1,16 @@
+FROM centos:7
+
+ENV GITDIR /etc/.pihole
+ENV SCRIPTDIR /opt/pihole
+
+RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
+ADD . $GITDIR
+RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
+ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
+
+RUN true && \
+    chmod +x $SCRIPTDIR/*
+
+ENV PH_TEST true
+
+#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
diff --git a/test/conftest.py b/test/conftest.py
index 5b8be41e..69926eaf 100644
--- a/test/conftest.py
+++ b/test/conftest.py
@@ -69,7 +69,7 @@ def args(request):
     return '-t -d'
 
 
-@pytest.fixture(params=['debian', 'centos', 'fedora'])
+@pytest.fixture(params=['debian', 'centos7', 'centos', 'fedora'])
 def tag(request):
     '''
     consumed by image to make the test matrix
diff --git a/test/test_000_build_containers.py b/test/test_000_build_containers.py
index 184052f3..0f3e2d1a 100644
--- a/test/test_000_build_containers.py
+++ b/test/test_000_build_containers.py
@@ -9,6 +9,7 @@ run_local = testinfra.get_backend(
 
 @pytest.mark.parametrize("image,tag", [
     ('test/debian.Dockerfile', 'pytest_pihole:debian'),
+    ('test/centos7.Dockerfile', 'pytest_pihole:centos7'),
     ('test/centos.Dockerfile', 'pytest_pihole:centos'),
     ('test/fedora.Dockerfile', 'pytest_pihole:fedora'),
 ])
diff --git a/test/test_centos_fedora_support.py b/test/test_centos_fedora_support.py
index 4b405920..e0d25634 100644
--- a/test/test_centos_fedora_support.py
+++ b/test/test_centos_fedora_support.py
@@ -123,7 +123,7 @@ def test_enable_epel_repository_centos(Pihole):
     assert epel_package.is_installed
 
 
-@pytest.mark.parametrize("tag", [('centos'), ])
+@pytest.mark.parametrize("tag", [('centos7'), ('centos8'), ])
 def test_php_upgrade_default_optout_centos(Pihole):
     '''
     confirms the default behavior to opt-out of installing PHP7 from REMI
@@ -139,7 +139,7 @@ def test_php_upgrade_default_optout_centos(Pihole):
     assert not remi_package.is_installed
 
 
-@pytest.mark.parametrize("tag", [('centos'), ])
+@pytest.mark.parametrize("tag", [('centos7'), ('centos8'), ])
 def test_php_upgrade_user_optout_centos(Pihole):
     '''
     confirms installer behavior when user opt-out of installing PHP7 from REMI
@@ -158,7 +158,7 @@ def test_php_upgrade_user_optout_centos(Pihole):
     assert not remi_package.is_installed
 
 
-@pytest.mark.parametrize("tag", [('centos'), ])
+@pytest.mark.parametrize("tag", [('centos7'), ('centos8'), ])
 def test_php_upgrade_user_optin_centos(Pihole):
     '''
     confirms installer behavior when user opt-in to installing PHP7 from REMI
@@ -181,7 +181,7 @@ def test_php_upgrade_user_optin_centos(Pihole):
     assert remi_package.is_installed
 
 
-@pytest.mark.parametrize("tag", [('centos'), ])
+@pytest.mark.parametrize("tag", [('centos7'), ('centos8'), ])
 def test_php_version_lt_7_detected_upgrade_default_optout_centos(Pihole):
     '''
     confirms the default behavior to opt-out of upgrading to PHP7 from REMI
diff --git a/tox.ini b/tox.ini
index 346ca886..49c99066 100644
--- a/tox.ini
+++ b/tox.ini
@@ -5,6 +5,7 @@ envlist = py37
 whitelist_externals = docker
 deps = -rrequirements.txt
 commands = docker build -f test/debian.Dockerfile -t pytest_pihole:debian .
+           docker build -f test/centos7.Dockerfile -t pytest_pihole:centos7 .
            docker build -f test/centos.Dockerfile -t pytest_pihole:centos .
            docker build -f test/fedora.Dockerfile -t pytest_pihole:fedora .
            pytest {posargs:-vv -n auto} -m "not build_stage" ./test/

From 05b6717187cbc8d300401c7a2e5b862167690d02 Mon Sep 17 00:00:00 2001
From: bcambl <blayne@blaynecampbell.com>
Date: Sun, 9 Aug 2020 12:30:51 -0600
Subject: [PATCH 114/297] test PHP optin/optout separately for CentOS 7 & 8

Signed-off-by: bcambl <blayne@blaynecampbell.com>
---
 test/test_centos_fedora_support.py | 85 ++++++++++++++++++++++++++----
 1 file changed, 74 insertions(+), 11 deletions(-)

diff --git a/test/test_centos_fedora_support.py b/test/test_centos_fedora_support.py
index e0d25634..9f772f4f 100644
--- a/test/test_centos_fedora_support.py
+++ b/test/test_centos_fedora_support.py
@@ -88,7 +88,7 @@ def test_epel_and_remi_not_installed_fedora(Pihole):
     assert not remi_package.is_installed
 
 
-@pytest.mark.parametrize("tag", [('centos'), ])
+@pytest.mark.parametrize("tag", [('centos7'), ('centos'), ])
 def test_release_supported_version_check_centos(Pihole):
     '''
     confirms installer exits on unsupported releases of CentOS
@@ -105,7 +105,7 @@ def test_release_supported_version_check_centos(Pihole):
     assert expected_stdout in distro_check.stdout
 
 
-@pytest.mark.parametrize("tag", [('centos'), ])
+@pytest.mark.parametrize("tag", [('centos7'), ('centos'), ])
 def test_enable_epel_repository_centos(Pihole):
     '''
     confirms the EPEL package repository is enabled when installed on CentOS
@@ -123,8 +123,8 @@ def test_enable_epel_repository_centos(Pihole):
     assert epel_package.is_installed
 
 
-@pytest.mark.parametrize("tag", [('centos7'), ('centos8'), ])
-def test_php_upgrade_default_optout_centos(Pihole):
+@pytest.mark.parametrize("tag", [('centos7'), ])
+def test_php_upgrade_default_optout_centos_eq_7(Pihole):
     '''
     confirms the default behavior to opt-out of installing PHP7 from REMI
     '''
@@ -139,8 +139,26 @@ def test_php_upgrade_default_optout_centos(Pihole):
     assert not remi_package.is_installed
 
 
-@pytest.mark.parametrize("tag", [('centos7'), ('centos8'), ])
-def test_php_upgrade_user_optout_centos(Pihole):
+@pytest.mark.parametrize("tag", [('centos'), ])
+def test_php_upgrade_default_continue_centos_gte_8(Pihole):
+    '''
+    confirms the latest version of CentOS continues / does not optout
+    (should trigger on CentOS7 only)
+    '''
+    distro_check = Pihole.run('''
+    source /opt/pihole/basic-install.sh
+    distro_check
+    ''')
+    unexpected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS.'
+                                    ' Deprecated PHP may be in use.')
+    assert unexpected_stdout not in distro_check.stdout
+    # ensure remi was not installed on latest CentOS
+    remi_package = Pihole.package('remi-release')
+    assert not remi_package.is_installed
+
+
+@pytest.mark.parametrize("tag", [('centos7'), ])
+def test_php_upgrade_user_optout_centos_eq_7(Pihole):
     '''
     confirms installer behavior when user opt-out of installing PHP7 from REMI
     (php not currently installed)
@@ -158,8 +176,29 @@ def test_php_upgrade_user_optout_centos(Pihole):
     assert not remi_package.is_installed
 
 
-@pytest.mark.parametrize("tag", [('centos7'), ('centos8'), ])
-def test_php_upgrade_user_optin_centos(Pihole):
+@pytest.mark.parametrize("tag", [('centos'), ])
+def test_php_upgrade_user_optout_skipped_centos_gte_8(Pihole):
+    '''
+    confirms installer skips user opt-out of installing PHP7 from REMI on
+    latest CentOS (should trigger on CentOS7 only)
+    (php not currently installed)
+    '''
+    # Whiptail dialog returns Cancel for user prompt
+    mock_command('whiptail', {'*': ('', '1')}, Pihole)
+    distro_check = Pihole.run('''
+    source /opt/pihole/basic-install.sh
+    distro_check
+    ''')
+    unexpected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS.'
+                                    ' Deprecated PHP may be in use.')
+    assert unexpected_stdout not in distro_check.stdout
+    # ensure remi was not installed on latest CentOS
+    remi_package = Pihole.package('remi-release')
+    assert not remi_package.is_installed
+
+
+@pytest.mark.parametrize("tag", [('centos7'), ])
+def test_php_upgrade_user_optin_centos_eq_7(Pihole):
     '''
     confirms installer behavior when user opt-in to installing PHP7 from REMI
     (php not currently installed)
@@ -181,7 +220,31 @@ def test_php_upgrade_user_optin_centos(Pihole):
     assert remi_package.is_installed
 
 
-@pytest.mark.parametrize("tag", [('centos7'), ('centos8'), ])
+@pytest.mark.parametrize("tag", [('centos'), ])
+def test_php_upgrade_user_optin_skipped_centos_gte_8(Pihole):
+    '''
+    confirms installer skips user opt-in to installing PHP7 from REMI on
+    latest CentOS (should trigger on CentOS7 only)
+    (php not currently installed)
+    '''
+    # Whiptail dialog returns Continue for user prompt
+    mock_command('whiptail', {'*': ('', '0')}, Pihole)
+    distro_check = Pihole.run('''
+    source /opt/pihole/basic-install.sh
+    distro_check
+    ''')
+    assert 'opt-out' not in distro_check.stdout
+    unexpected_stdout = info_box + (' Enabling Remi\'s RPM repository '
+                                    '(https://rpms.remirepo.net)')
+    assert unexpected_stdout not in distro_check.stdout
+    unexpected_stdout = tick_box + (' Remi\'s RPM repository has '
+                                  'been enabled for PHP7')
+    assert unexpected_stdout not in distro_check.stdout
+    remi_package = Pihole.package('remi-release')
+    assert not remi_package.is_installed
+
+
+@pytest.mark.parametrize("tag", [('centos7'), ('centos'), ])
 def test_php_version_lt_7_detected_upgrade_default_optout_centos(Pihole):
     '''
     confirms the default behavior to opt-out of upgrading to PHP7 from REMI
@@ -204,7 +267,7 @@ def test_php_version_lt_7_detected_upgrade_default_optout_centos(Pihole):
     assert not remi_package.is_installed
 
 
-@pytest.mark.parametrize("tag", [('centos'), ])
+@pytest.mark.parametrize("tag", [('centos7'), ('centos'), ])
 def test_php_version_lt_7_detected_upgrade_user_optout_centos(Pihole):
     '''
     confirms installer behavior when user opt-out to upgrade to PHP7 via REMI
@@ -229,7 +292,7 @@ def test_php_version_lt_7_detected_upgrade_user_optout_centos(Pihole):
     assert not remi_package.is_installed
 
 
-@pytest.mark.parametrize("tag", [('centos'), ])
+@pytest.mark.parametrize("tag", [('centos7'), ('centos'), ])
 def test_php_version_lt_7_detected_upgrade_user_optin_centos(Pihole):
     '''
     confirms installer behavior when user opt-in to upgrade to PHP7 via REMI

From a7c58e7112ed9463d91a210c993dfcfc622c0bc6 Mon Sep 17 00:00:00 2001
From: bcambl <blayne@blaynecampbell.com>
Date: Sun, 9 Aug 2020 13:02:48 -0600
Subject: [PATCH 115/297] E302 expected 2 blank lines, found 1

Signed-off-by: bcambl <blayne@blaynecampbell.com>
---
 test/test_automated_install.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/test/test_automated_install.py b/test/test_automated_install.py
index 4f6e2020..8d894b5a 100644
--- a/test/test_automated_install.py
+++ b/test/test_automated_install.py
@@ -562,6 +562,7 @@ def test_validate_ip_invalid_letters(Pihole):
 
     assert output.rc == 1
 
+
 def test_os_check_passes(Pihole):
     ''' Confirms OS meets the requirements '''
     Pihole.run('''

From 660c17814d5698e2c1b4918b0ca3e131e2650154 Mon Sep 17 00:00:00 2001
From: bcambl <blayne@blaynecampbell.com>
Date: Sun, 9 Aug 2020 15:03:50 -0600
Subject: [PATCH 116/297] E128 continuation line under-indented for visual
 indent

Signed-off-by: bcambl <blayne@blaynecampbell.com>
---
 test/test_centos_fedora_support.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/test_centos_fedora_support.py b/test/test_centos_fedora_support.py
index 9f772f4f..b4ae7c89 100644
--- a/test/test_centos_fedora_support.py
+++ b/test/test_centos_fedora_support.py
@@ -238,7 +238,7 @@ def test_php_upgrade_user_optin_skipped_centos_gte_8(Pihole):
                                     '(https://rpms.remirepo.net)')
     assert unexpected_stdout not in distro_check.stdout
     unexpected_stdout = tick_box + (' Remi\'s RPM repository has '
-                                  'been enabled for PHP7')
+                                    'been enabled for PHP7')
     assert unexpected_stdout not in distro_check.stdout
     remi_package = Pihole.package('remi-release')
     assert not remi_package.is_installed

From ee556088b5dea283ec63d0c82b147d7f434242cd Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Fri, 23 Oct 2020 23:05:41 +0100
Subject: [PATCH 117/297] Fake OS details in /etc/os-release and confirm
 install fails

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 test/test_automated_install.py | 20 +++++++++++++++++++-
 1 file changed, 19 insertions(+), 1 deletion(-)

diff --git a/test/test_automated_install.py b/test/test_automated_install.py
index 8d894b5a..300f622e 100644
--- a/test/test_automated_install.py
+++ b/test/test_automated_install.py
@@ -563,6 +563,24 @@ def test_validate_ip_invalid_letters(Pihole):
     assert output.rc == 1
 
 
+def test_os_check_fails(Pihole):
+    ''' Confirms install fails on unsupported OS '''
+    Pihole.run('''
+    source /opt/pihole/basic-install.sh
+    distro_check
+    install_dependent_packages ${INSTALLER_DEPS[@]}
+    cat <<EOT > /etc/os-release
+    ID=UnsupportedOS
+    VERSION_ID="2"
+    EOT
+    ''')
+    detectOS = Pihole.run('''t
+    source /opt/pihole/basic-install.sh
+    os_check
+    ''')
+    expected_stdout = 'Unsupported OS detected: UnsupportedOS'
+    assert expected_stdout in detectOS.stdout
+
 def test_os_check_passes(Pihole):
     ''' Confirms OS meets the requirements '''
     Pihole.run('''
@@ -575,4 +593,4 @@ def test_os_check_passes(Pihole):
     os_check
     ''')
     expected_stdout = 'Supported OS detected'
-    assert expected_stdout in detectOS.stdout
+    assert expected_stdout in detectOS.stdout
\ No newline at end of file

From fb454ebe145dc922582bf9d0ee44f12aba977032 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Fri, 23 Oct 2020 23:09:07 +0100
Subject: [PATCH 118/297] fix stickler complaints

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 test/test_automated_install.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/test/test_automated_install.py b/test/test_automated_install.py
index 300f622e..f6b5a87e 100644
--- a/test/test_automated_install.py
+++ b/test/test_automated_install.py
@@ -581,6 +581,7 @@ def test_os_check_fails(Pihole):
     expected_stdout = 'Unsupported OS detected: UnsupportedOS'
     assert expected_stdout in detectOS.stdout
 
+
 def test_os_check_passes(Pihole):
     ''' Confirms OS meets the requirements '''
     Pihole.run('''
@@ -593,4 +594,4 @@ def test_os_check_passes(Pihole):
     os_check
     ''')
     expected_stdout = 'Supported OS detected'
-    assert expected_stdout in detectOS.stdout
\ No newline at end of file
+    assert expected_stdout in detectOS.stdout

From c80f0766c55de16c8ea4178f1ff4c73b06b20ee6 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Mon, 26 Oct 2020 17:56:17 +0000
Subject: [PATCH 119/297] drop debian/fedora container versions to lowest
 supported

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 test/debian.Dockerfile | 2 +-
 test/fedora.Dockerfile | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/test/debian.Dockerfile b/test/debian.Dockerfile
index 9b72fc6a..d6609ba3 100644
--- a/test/debian.Dockerfile
+++ b/test/debian.Dockerfile
@@ -1,4 +1,4 @@
-FROM buildpack-deps:buster-scm
+FROM buildpack-deps:stretch-scm
 
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole
diff --git a/test/fedora.Dockerfile b/test/fedora.Dockerfile
index 869efb2b..02dcb733 100644
--- a/test/fedora.Dockerfile
+++ b/test/fedora.Dockerfile
@@ -1,4 +1,4 @@
-FROM fedora:32
+FROM fedora:31
 
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole

From fec15951832ce18462f198425d1a29c1b1e084cc Mon Sep 17 00:00:00 2001
From: pvogt09 <50047961+pvogt09@users.noreply.github.com>
Date: Tue, 17 Mar 2020 22:23:41 +0100
Subject: [PATCH 120/297] add docker containers for debian 9 and 10, ubuntu 16
 and 18, fedora 28 and 29

Signed-off-by: pvogt09 <50047961+pvogt09@users.noreply.github.com>
---
 test/conftest.py                  |  2 +-
 test/debian_10.Dockerfile         | 16 ++++++++++++++++
 test/debian_9.Dockerfile          | 16 ++++++++++++++++
 test/fedora_28.Dockerfile         | 16 ++++++++++++++++
 test/fedora_29.Dockerfile         | 16 ++++++++++++++++
 test/test_000_build_containers.py |  6 ++++++
 test/ubuntu_16.Dockerfile         | 16 ++++++++++++++++
 test/ubuntu_18.Dockerfile         | 16 ++++++++++++++++
 tox.ini                           |  6 ++++++
 9 files changed, 109 insertions(+), 1 deletion(-)
 create mode 100644 test/debian_10.Dockerfile
 create mode 100644 test/debian_9.Dockerfile
 create mode 100644 test/fedora_28.Dockerfile
 create mode 100644 test/fedora_29.Dockerfile
 create mode 100644 test/ubuntu_16.Dockerfile
 create mode 100644 test/ubuntu_18.Dockerfile

diff --git a/test/conftest.py b/test/conftest.py
index 69926eaf..2be67ee4 100644
--- a/test/conftest.py
+++ b/test/conftest.py
@@ -69,7 +69,7 @@ def args(request):
     return '-t -d'
 
 
-@pytest.fixture(params=['debian', 'centos7', 'centos', 'fedora'])
+@pytest.fixture(params=['debian', 'debian_9', 'debian_10', 'centos7', 'centos', 'fedora', 'ubuntu_16', 'ubuntu_18'])
 def tag(request):
     '''
     consumed by image to make the test matrix
diff --git a/test/debian_10.Dockerfile b/test/debian_10.Dockerfile
new file mode 100644
index 00000000..9b72fc6a
--- /dev/null
+++ b/test/debian_10.Dockerfile
@@ -0,0 +1,16 @@
+FROM buildpack-deps:buster-scm
+
+ENV GITDIR /etc/.pihole
+ENV SCRIPTDIR /opt/pihole
+
+RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
+ADD . $GITDIR
+RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
+ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
+
+RUN true && \
+    chmod +x $SCRIPTDIR/*
+
+ENV PH_TEST true
+
+#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
diff --git a/test/debian_9.Dockerfile b/test/debian_9.Dockerfile
new file mode 100644
index 00000000..d6609ba3
--- /dev/null
+++ b/test/debian_9.Dockerfile
@@ -0,0 +1,16 @@
+FROM buildpack-deps:stretch-scm
+
+ENV GITDIR /etc/.pihole
+ENV SCRIPTDIR /opt/pihole
+
+RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
+ADD . $GITDIR
+RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
+ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
+
+RUN true && \
+    chmod +x $SCRIPTDIR/*
+
+ENV PH_TEST true
+
+#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
diff --git a/test/fedora_28.Dockerfile b/test/fedora_28.Dockerfile
new file mode 100644
index 00000000..76b40318
--- /dev/null
+++ b/test/fedora_28.Dockerfile
@@ -0,0 +1,16 @@
+FROM fedora:28
+
+ENV GITDIR /etc/.pihole
+ENV SCRIPTDIR /opt/pihole
+
+RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
+ADD . $GITDIR
+RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
+ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
+
+RUN true && \
+    chmod +x $SCRIPTDIR/*
+
+ENV PH_TEST true
+
+#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
diff --git a/test/fedora_29.Dockerfile b/test/fedora_29.Dockerfile
new file mode 100644
index 00000000..8c27bbcc
--- /dev/null
+++ b/test/fedora_29.Dockerfile
@@ -0,0 +1,16 @@
+FROM fedora:29
+
+ENV GITDIR /etc/.pihole
+ENV SCRIPTDIR /opt/pihole
+
+RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
+ADD . $GITDIR
+RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
+ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
+
+RUN true && \
+    chmod +x $SCRIPTDIR/*
+
+ENV PH_TEST true
+
+#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
diff --git a/test/test_000_build_containers.py b/test/test_000_build_containers.py
index 0f3e2d1a..e2044b67 100644
--- a/test/test_000_build_containers.py
+++ b/test/test_000_build_containers.py
@@ -9,9 +9,15 @@ run_local = testinfra.get_backend(
 
 @pytest.mark.parametrize("image,tag", [
     ('test/debian.Dockerfile', 'pytest_pihole:debian'),
+    ('test/debian_9.Dockerfile', 'pytest_pihole:debian_9'),
+    ('test/debian_10.Dockerfile', 'pytest_pihole:debian_10'),
     ('test/centos7.Dockerfile', 'pytest_pihole:centos7'),
     ('test/centos.Dockerfile', 'pytest_pihole:centos'),
     ('test/fedora.Dockerfile', 'pytest_pihole:fedora'),
+    ('test/fedora_28.Dockerfile', 'pytest_pihole:fedora_28'),
+    ('test/fedora_29.Dockerfile', 'pytest_pihole:fedora_29'),
+    ('test/ubuntu_16.Dockerfile', 'pytest_pihole:ubuntu_16'),
+    ('test/ubuntu_18.Dockerfile', 'pytest_pihole:ubuntu_18'),
 ])
 # mark as 'build_stage' so we can ensure images are built first when tests
 # are executed in parallel. (not required when tests are executed serially)
diff --git a/test/ubuntu_16.Dockerfile b/test/ubuntu_16.Dockerfile
new file mode 100644
index 00000000..d1107082
--- /dev/null
+++ b/test/ubuntu_16.Dockerfile
@@ -0,0 +1,16 @@
+FROM buildpack-deps:xenial-scm
+
+ENV GITDIR /etc/.pihole
+ENV SCRIPTDIR /opt/pihole
+
+RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
+ADD . $GITDIR
+RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
+ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
+
+RUN true && \
+    chmod +x $SCRIPTDIR/*
+
+ENV PH_TEST true
+
+#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
diff --git a/test/ubuntu_18.Dockerfile b/test/ubuntu_18.Dockerfile
new file mode 100644
index 00000000..2f63ea89
--- /dev/null
+++ b/test/ubuntu_18.Dockerfile
@@ -0,0 +1,16 @@
+FROM buildpack-deps:bionic-scm
+
+ENV GITDIR /etc/.pihole
+ENV SCRIPTDIR /opt/pihole
+
+RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
+ADD . $GITDIR
+RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
+ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
+
+RUN true && \
+    chmod +x $SCRIPTDIR/*
+
+ENV PH_TEST true
+
+#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
diff --git a/tox.ini b/tox.ini
index 49c99066..f17877b8 100644
--- a/tox.ini
+++ b/tox.ini
@@ -5,7 +5,13 @@ envlist = py37
 whitelist_externals = docker
 deps = -rrequirements.txt
 commands = docker build -f test/debian.Dockerfile -t pytest_pihole:debian .
+           docker build -f test/debian_9.Dockerfile -t pytest_pihole:debian_9 .
+           docker build -f test/debian_10.Dockerfile -t pytest_pihole:debian_10 .
            docker build -f test/centos7.Dockerfile -t pytest_pihole:centos7 .
            docker build -f test/centos.Dockerfile -t pytest_pihole:centos .
            docker build -f test/fedora.Dockerfile -t pytest_pihole:fedora .
+           docker build -f test/fedora_28.Dockerfile -t pytest_pihole:fedora_28 .
+           docker build -f test/fedora_29.Dockerfile -t pytest_pihole:fedora_29 .
+           docker build -f test/ubuntu_16.Dockerfile -t pytest_pihole:ubuntu_16 .
+           docker build -f test/ubuntu_18.Dockerfile -t pytest_pihole:ubuntu_18 .
            pytest {posargs:-vv -n auto} -m "not build_stage" ./test/

From 60a4814ac156154c726574fd4dae1dd8d5a71821 Mon Sep 17 00:00:00 2001
From: pvogt09 <50047961+pvogt09@users.noreply.github.com>
Date: Tue, 17 Mar 2020 20:15:16 +0100
Subject: [PATCH 121/297] add test case for installation of dependencies for
 installer, core and web

Signed-off-by: pvogt09 <50047961+pvogt09@users.noreply.github.com>
---
 test/test_automated_install.py | 77 ++++++++++++++++++++++++++++++++++
 1 file changed, 77 insertions(+)

diff --git a/test/test_automated_install.py b/test/test_automated_install.py
index f6b5a87e..0810b63f 100644
--- a/test/test_automated_install.py
+++ b/test/test_automated_install.py
@@ -595,3 +595,80 @@ def test_os_check_passes(Pihole):
     ''')
     expected_stdout = 'Supported OS detected'
     assert expected_stdout in detectOS.stdout
+
+
+def test_install_dependent_packages_no_errors(Pihole):
+    '''
+    confirms all dependent packages are installed on a fresh build
+    '''
+    # mock whiptail answers and ensure installer dependencies
+    mock_command('whiptail', {'*': ('', '0')}, Pihole)
+    # create configuration file
+    setup_var_file = 'cat <<EOF> /etc/pihole/setupVars.conf\n'
+    for k, v in SETUPVARS.items():
+        setup_var_file += "{}={}\n".format(k, v)
+    setup_var_file += "EOF\n"
+    Pihole.run(setup_var_file)
+    install = Pihole.run('''
+    runUnattended=true
+    useUpdateVars=true
+    source /opt/pihole/basic-install.sh
+    runUnattended=true
+    useUpdateVars=true
+    distro_check
+    update_package_cache || exit 1
+    install_dependent_packages "${INSTALLER_DEPS[@]}"
+    ''')
+
+    assert install.rc == 0
+
+
+def test_install_dependent_packages_web_no_errors(Pihole):
+    '''
+    confirms all dependent packages are installed on a fresh build
+    '''
+    # mock whiptail answers and ensure installer dependencies
+    mock_command('whiptail', {'*': ('', '0')}, Pihole)
+    # mock systemctl to start lighttpd
+    mock_command_2(
+        'systemctl',
+        {
+            'enable lighttpd': (
+                '',
+                '0'
+            ),
+            'restart lighttpd': (
+                '/etc/init.d/lighttpd restart',
+                '0'
+            ),
+            'start lighttpd': (
+                '/etc/init.d/lighttpd start',
+                '0'
+            )
+        },
+        Pihole
+    )
+    # create configuration file
+    setup_var_file = 'cat <<EOF> /etc/pihole/setupVars.conf\n'
+    for k, v in SETUPVARS.items():
+        setup_var_file += "{}={}\n".format(k, v)
+    setup_var_file += "EOF\n"
+    Pihole.run(setup_var_file)
+    install = Pihole.run('''
+    runUnattended=true
+    useUpdateVars=true
+    INSTALL_WEB_SERVER=true
+    source /opt/pihole/basic-install.sh
+    runUnattended=true
+    useUpdateVars=true
+    INSTALL_WEB_SERVER=true
+    distro_check
+    update_package_cache || exit 1
+    dep_install_list=("${PIHOLE_DEPS[@]}")
+    if [[ "${INSTALL_WEB_SERVER}" == true ]]; then
+        dep_install_list+=("${PIHOLE_WEB_DEPS[@]}")
+    fi
+    install_dependent_packages "${dep_install_list[@]}"
+    ''')
+
+    assert install.rc == 0

From bef9cd3bc2575ca31911178eca5b494ed2cf670f Mon Sep 17 00:00:00 2001
From: pvogt09 <50047961+pvogt09@users.noreply.github.com>
Date: Wed, 18 Mar 2020 19:11:49 +0100
Subject: [PATCH 122/297] mock whiptail to add universe repo

Signed-off-by: pvogt09 <50047961+pvogt09@users.noreply.github.com>
---
 test/test_automated_install.py | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/test/test_automated_install.py b/test/test_automated_install.py
index 0810b63f..b830ddf4 100644
--- a/test/test_automated_install.py
+++ b/test/test_automated_install.py
@@ -601,8 +601,8 @@ def test_install_dependent_packages_no_errors(Pihole):
     '''
     confirms all dependent packages are installed on a fresh build
     '''
-    # mock whiptail answers and ensure installer dependencies
-    mock_command('whiptail', {'*': ('', '0')}, Pihole)
+    # mock whiptail answers to use universe repo if asked
+    mock_command('whiptail', {'*': ('', '1')}, Pihole)
     # create configuration file
     setup_var_file = 'cat <<EOF> /etc/pihole/setupVars.conf\n'
     for k, v in SETUPVARS.items():
@@ -625,10 +625,10 @@ def test_install_dependent_packages_no_errors(Pihole):
 
 def test_install_dependent_packages_web_no_errors(Pihole):
     '''
-    confirms all dependent packages are installed on a fresh build
+    confirms all dependent web packages are installed on a fresh build
     '''
-    # mock whiptail answers and ensure installer dependencies
-    mock_command('whiptail', {'*': ('', '0')}, Pihole)
+    # mock whiptail answers to use universe repo if asked
+    mock_command('whiptail', {'*': ('', '1')}, Pihole)
     # mock systemctl to start lighttpd
     mock_command_2(
         'systemctl',

From 3128d14d1f7eaaf0241d0e1d5e56d0492e54a996 Mon Sep 17 00:00:00 2001
From: pvogt09 <50047961+pvogt09@users.noreply.github.com>
Date: Tue, 27 Oct 2020 11:48:42 +0100
Subject: [PATCH 123/297] update images to versions supported by pi-hole 5

Signed-off-by: pvogt09 <50047961+pvogt09@users.noreply.github.com>
---
 test/conftest.py                                 |  2 +-
 ...fedora_28.Dockerfile => fedora_31.Dockerfile} |  2 +-
 ...fedora_29.Dockerfile => fedora_32.Dockerfile} |  2 +-
 test/test_000_build_containers.py                |  5 +++--
 test/ubuntu_20.Dockerfile                        | 16 ++++++++++++++++
 tox.ini                                          |  5 +++--
 6 files changed, 25 insertions(+), 7 deletions(-)
 rename test/{fedora_28.Dockerfile => fedora_31.Dockerfile} (96%)
 rename test/{fedora_29.Dockerfile => fedora_32.Dockerfile} (96%)
 create mode 100644 test/ubuntu_20.Dockerfile

diff --git a/test/conftest.py b/test/conftest.py
index 2be67ee4..ade1c674 100644
--- a/test/conftest.py
+++ b/test/conftest.py
@@ -69,7 +69,7 @@ def args(request):
     return '-t -d'
 
 
-@pytest.fixture(params=['debian', 'debian_9', 'debian_10', 'centos7', 'centos', 'fedora', 'ubuntu_16', 'ubuntu_18'])
+@pytest.fixture(params=['debian', 'debian_9', 'debian_10', 'centos7', 'centos', 'fedora', 'fedora_31', 'fedora_32', 'ubuntu_16', 'ubuntu_18', 'ubuntu_20'])
 def tag(request):
     '''
     consumed by image to make the test matrix
diff --git a/test/fedora_28.Dockerfile b/test/fedora_31.Dockerfile
similarity index 96%
rename from test/fedora_28.Dockerfile
rename to test/fedora_31.Dockerfile
index 76b40318..02dcb733 100644
--- a/test/fedora_28.Dockerfile
+++ b/test/fedora_31.Dockerfile
@@ -1,4 +1,4 @@
-FROM fedora:28
+FROM fedora:31
 
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole
diff --git a/test/fedora_29.Dockerfile b/test/fedora_32.Dockerfile
similarity index 96%
rename from test/fedora_29.Dockerfile
rename to test/fedora_32.Dockerfile
index 8c27bbcc..869efb2b 100644
--- a/test/fedora_29.Dockerfile
+++ b/test/fedora_32.Dockerfile
@@ -1,4 +1,4 @@
-FROM fedora:29
+FROM fedora:32
 
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole
diff --git a/test/test_000_build_containers.py b/test/test_000_build_containers.py
index e2044b67..dfaba1ac 100644
--- a/test/test_000_build_containers.py
+++ b/test/test_000_build_containers.py
@@ -14,10 +14,11 @@ run_local = testinfra.get_backend(
     ('test/centos7.Dockerfile', 'pytest_pihole:centos7'),
     ('test/centos.Dockerfile', 'pytest_pihole:centos'),
     ('test/fedora.Dockerfile', 'pytest_pihole:fedora'),
-    ('test/fedora_28.Dockerfile', 'pytest_pihole:fedora_28'),
-    ('test/fedora_29.Dockerfile', 'pytest_pihole:fedora_29'),
+    ('test/fedora_31.Dockerfile', 'pytest_pihole:fedora_31'),
+    ('test/fedora_32.Dockerfile', 'pytest_pihole:fedora_32'),
     ('test/ubuntu_16.Dockerfile', 'pytest_pihole:ubuntu_16'),
     ('test/ubuntu_18.Dockerfile', 'pytest_pihole:ubuntu_18'),
+    ('test/ubuntu_20.Dockerfile', 'pytest_pihole:ubuntu_20'),
 ])
 # mark as 'build_stage' so we can ensure images are built first when tests
 # are executed in parallel. (not required when tests are executed serially)
diff --git a/test/ubuntu_20.Dockerfile b/test/ubuntu_20.Dockerfile
new file mode 100644
index 00000000..c071fcd9
--- /dev/null
+++ b/test/ubuntu_20.Dockerfile
@@ -0,0 +1,16 @@
+FROM buildpack-deps:focal-scm
+
+ENV GITDIR /etc/.pihole
+ENV SCRIPTDIR /opt/pihole
+
+RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
+ADD . $GITDIR
+RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
+ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
+
+RUN true && \
+    chmod +x $SCRIPTDIR/*
+
+ENV PH_TEST true
+
+#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
diff --git a/tox.ini b/tox.ini
index f17877b8..17d19052 100644
--- a/tox.ini
+++ b/tox.ini
@@ -10,8 +10,9 @@ commands = docker build -f test/debian.Dockerfile -t pytest_pihole:debian .
            docker build -f test/centos7.Dockerfile -t pytest_pihole:centos7 .
            docker build -f test/centos.Dockerfile -t pytest_pihole:centos .
            docker build -f test/fedora.Dockerfile -t pytest_pihole:fedora .
-           docker build -f test/fedora_28.Dockerfile -t pytest_pihole:fedora_28 .
-           docker build -f test/fedora_29.Dockerfile -t pytest_pihole:fedora_29 .
+           docker build -f test/fedora_31.Dockerfile -t pytest_pihole:fedora_31 .
+           docker build -f test/fedora_32.Dockerfile -t pytest_pihole:fedora_32 .
            docker build -f test/ubuntu_16.Dockerfile -t pytest_pihole:ubuntu_16 .
            docker build -f test/ubuntu_18.Dockerfile -t pytest_pihole:ubuntu_18 .
+           docker build -f test/ubuntu_20.Dockerfile -t pytest_pihole:ubuntu_20 .
            pytest {posargs:-vv -n auto} -m "not build_stage" ./test/

From cb49ce38f50f6d477b9e7398d265ad1550bf6d22 Mon Sep 17 00:00:00 2001
From: pvogt09 <50047961+pvogt09@users.noreply.github.com>
Date: Tue, 27 Oct 2020 12:32:23 +0100
Subject: [PATCH 124/297] fix stickler errors

Signed-off-by: pvogt09 <50047961+pvogt09@users.noreply.github.com>
---
 test/conftest.py | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/test/conftest.py b/test/conftest.py
index ade1c674..3fd2524a 100644
--- a/test/conftest.py
+++ b/test/conftest.py
@@ -69,7 +69,19 @@ def args(request):
     return '-t -d'
 
 
-@pytest.fixture(params=['debian', 'debian_9', 'debian_10', 'centos7', 'centos', 'fedora', 'fedora_31', 'fedora_32', 'ubuntu_16', 'ubuntu_18', 'ubuntu_20'])
+@pytest.fixture(params=[
+    'debian',
+    'debian_9',
+    'debian_10',
+    'centos7',
+    'centos',
+    'fedora',
+    'fedora_31',
+    'fedora_32',
+    'ubuntu_16',
+    'ubuntu_18',
+    'ubuntu_20'
+])
 def tag(request):
     '''
     consumed by image to make the test matrix

From 4386cc4f225ed1df9c2e921751706c8e7d738866 Mon Sep 17 00:00:00 2001
From: pvogt09 <50047961+pvogt09@users.noreply.github.com>
Date: Tue, 27 Oct 2020 12:44:57 +0100
Subject: [PATCH 125/297] Revert "add test case for installation of
 dependencies for installer, core and web"

This reverts commit 60a4814ac156154c726574fd4dae1dd8d5a71821.

Signed-off-by: pvogt09 <50047961+pvogt09@users.noreply.github.com>
---
 test/test_automated_install.py | 77 ----------------------------------
 1 file changed, 77 deletions(-)

diff --git a/test/test_automated_install.py b/test/test_automated_install.py
index b830ddf4..f6b5a87e 100644
--- a/test/test_automated_install.py
+++ b/test/test_automated_install.py
@@ -595,80 +595,3 @@ def test_os_check_passes(Pihole):
     ''')
     expected_stdout = 'Supported OS detected'
     assert expected_stdout in detectOS.stdout
-
-
-def test_install_dependent_packages_no_errors(Pihole):
-    '''
-    confirms all dependent packages are installed on a fresh build
-    '''
-    # mock whiptail answers to use universe repo if asked
-    mock_command('whiptail', {'*': ('', '1')}, Pihole)
-    # create configuration file
-    setup_var_file = 'cat <<EOF> /etc/pihole/setupVars.conf\n'
-    for k, v in SETUPVARS.items():
-        setup_var_file += "{}={}\n".format(k, v)
-    setup_var_file += "EOF\n"
-    Pihole.run(setup_var_file)
-    install = Pihole.run('''
-    runUnattended=true
-    useUpdateVars=true
-    source /opt/pihole/basic-install.sh
-    runUnattended=true
-    useUpdateVars=true
-    distro_check
-    update_package_cache || exit 1
-    install_dependent_packages "${INSTALLER_DEPS[@]}"
-    ''')
-
-    assert install.rc == 0
-
-
-def test_install_dependent_packages_web_no_errors(Pihole):
-    '''
-    confirms all dependent web packages are installed on a fresh build
-    '''
-    # mock whiptail answers to use universe repo if asked
-    mock_command('whiptail', {'*': ('', '1')}, Pihole)
-    # mock systemctl to start lighttpd
-    mock_command_2(
-        'systemctl',
-        {
-            'enable lighttpd': (
-                '',
-                '0'
-            ),
-            'restart lighttpd': (
-                '/etc/init.d/lighttpd restart',
-                '0'
-            ),
-            'start lighttpd': (
-                '/etc/init.d/lighttpd start',
-                '0'
-            )
-        },
-        Pihole
-    )
-    # create configuration file
-    setup_var_file = 'cat <<EOF> /etc/pihole/setupVars.conf\n'
-    for k, v in SETUPVARS.items():
-        setup_var_file += "{}={}\n".format(k, v)
-    setup_var_file += "EOF\n"
-    Pihole.run(setup_var_file)
-    install = Pihole.run('''
-    runUnattended=true
-    useUpdateVars=true
-    INSTALL_WEB_SERVER=true
-    source /opt/pihole/basic-install.sh
-    runUnattended=true
-    useUpdateVars=true
-    INSTALL_WEB_SERVER=true
-    distro_check
-    update_package_cache || exit 1
-    dep_install_list=("${PIHOLE_DEPS[@]}")
-    if [[ "${INSTALL_WEB_SERVER}" == true ]]; then
-        dep_install_list+=("${PIHOLE_WEB_DEPS[@]}")
-    fi
-    install_dependent_packages "${dep_install_list[@]}"
-    ''')
-
-    assert install.rc == 0

From e5c7549f8f431a51601e3d8b1be6f439c2a0618d Mon Sep 17 00:00:00 2001
From: Craig Mayhew <craig@mayhew.io>
Date: Sun, 16 Aug 2020 17:43:15 +0100
Subject: [PATCH 126/297] Fixed potential security issue with $landPage
 receiving variables

Signed-off-by: craigmayhew <craig@mayhew.io>
---
 advanced/index.php | 21 +++++++++++----------
 1 file changed, 11 insertions(+), 10 deletions(-)

diff --git a/advanced/index.php b/advanced/index.php
index 5a683c8e..f0ac382b 100644
--- a/advanced/index.php
+++ b/advanced/index.php
@@ -55,7 +55,16 @@ if ($serverName === "pi.hole"
     // Redirect to Web Interface
     exit(header("Location: /admin"));
 } elseif (filter_var($serverName, FILTER_VALIDATE_IP) || in_array($serverName, $authorizedHosts)) {
-    // Set Splash Page output
+    // When directly browsing via IP or authorized hostname
+    // Render splash/landing page based off presence of $landPage file
+    // If $landPage file is present
+    if (is_file(getcwd()."/$landPage")) {
+        //Unset variables so as to not be included in $landPage
+        unset($serverName, $svPasswd, $svEmail, $authorizedHosts, $validExtTypes, $currentUrlExt, $viewPort);
+        include $landPage;
+        exit();
+    }
+    // If $landPage file was not present, Set Splash Page output
     $splashPage = "
     <!doctype html>
     <html lang='en'>
@@ -74,15 +83,7 @@ if ($serverName === "pi.hole"
         </body>
     </html>
     ";
-
-    // Set splash/landing page based off presence of $landPage
-    $renderPage = is_file(getcwd()."/$landPage") ? include $landPage : "$splashPage";
-
-    // Unset variables so as to not be included in $landPage
-    unset($serverName, $svPasswd, $svEmail, $authorizedHosts, $validExtTypes, $currentUrlExt, $viewPort);
-
-    // Render splash/landing page when directly browsing via IP or authorized hostname
-    exit($renderPage);
+    exit($splashPage);
 } elseif ($currentUrlExt === "js") {
     // Serve Pi-hole JavaScript for blocked domains requesting JS
     exit(setHeader("js").'var x = "Pi-hole: A black hole for Internet advertisements."');

From 95a28ae1257e1500d2b1ff1fb910698d6f4834ba Mon Sep 17 00:00:00 2001
From: Craig Mayhew <craig@mayhew.io>
Date: Wed, 28 Oct 2020 18:29:22 +0000
Subject: [PATCH 127/297] unset() now also occurs for $splashPage

After some email discussion with Adam, there is a preference to also prevent $splashPage from using variables

Signed-off-by: craigmayhew <craig@mayhew.io>
---
 advanced/index.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/advanced/index.php b/advanced/index.php
index f0ac382b..ca8c35e4 100644
--- a/advanced/index.php
+++ b/advanced/index.php
@@ -57,10 +57,10 @@ if ($serverName === "pi.hole"
 } elseif (filter_var($serverName, FILTER_VALIDATE_IP) || in_array($serverName, $authorizedHosts)) {
     // When directly browsing via IP or authorized hostname
     // Render splash/landing page based off presence of $landPage file
+    // Unset variables so as to not be included in $landPage or $splashPage
+    unset($serverName, $svPasswd, $svEmail, $authorizedHosts, $validExtTypes, $currentUrlExt, $viewPort);
     // If $landPage file is present
     if (is_file(getcwd()."/$landPage")) {
-        //Unset variables so as to not be included in $landPage
-        unset($serverName, $svPasswd, $svEmail, $authorizedHosts, $validExtTypes, $currentUrlExt, $viewPort);
         include $landPage;
         exit();
     }

From 0ae020ef823e52524390b1a94c686638ba3d24d4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Thu, 29 Oct 2020 20:37:08 +0100
Subject: [PATCH 128/297] Change icon from cross to [i]# for root user check
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 automated install/basic-install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 8560deb9..625b1a52 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -2613,7 +2613,7 @@ main() {
     # Otherwise,
     else
         # They do not have enough privileges, so let the user know
-        printf "  %b %s\\n" "${CROSS}" "${str}"
+        printf "  %b %s\\n" "${INFO}" "${str}"
         printf "  %b %bScript called with non-root privileges%b\\n" "${INFO}" "${COL_LIGHT_RED}" "${COL_NC}"
         printf "      The Pi-hole requires elevated privileges to install and run\\n"
         printf "      Please check the installer for any concerns regarding this requirement\\n"

From 5d2be124a2a29041ae579933ef637d2a457e0e7d Mon Sep 17 00:00:00 2001
From: Viet Hung Nguyen <hvn@familug.org>
Date: Fri, 30 Oct 2020 23:10:41 +0700
Subject: [PATCH 129/297] Replace the wiki link which now points to this file -
 a loop

Signed-off-by: Viet Hung Nguyen <hvn@familug.org>
---
 CONTRIBUTING.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 0501134b..0dd22b42 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -26,7 +26,7 @@ When requesting or submitting new features, first consider whether it might be u
 
 - Check the codebase to ensure that your feature doesn't already exist.
 - Check the pull requests to ensure that another person hasn't already submitted the feature or fix.
-- Read and understand the [DCO guidelines](https://github.com/pi-hole/pi-hole/wiki/Contributing-to-the-project) for the project.
+- Read and understand the [DCO guidelines](https://docs.pi-hole.net/guides/github/contributing/) for the project.
 
 ## Technical Requirements
 

From ae4e41eaaaab5edffdf4975024ff9c7980a273b7 Mon Sep 17 00:00:00 2001
From: Viet Hung Nguyen <hvn@familug.org>
Date: Fri, 30 Oct 2020 22:53:20 +0700
Subject: [PATCH 130/297] Re-run the script as root instead of piping to bash

Signed-off-by: Viet Hung Nguyen <hvn@familug.org>
---
 automated install/basic-install.sh | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 8560deb9..84cece20 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -2623,8 +2623,16 @@ main() {
         # If the sudo command exists,
         if is_command sudo ; then
             printf "%b  %b Sudo utility check\\n" "${OVER}"  "${TICK}"
-            # Download the install script and run it with admin rights
-            exec curl -sSL https://raw.githubusercontent.com/pi-hole/pi-hole/master/automated%20install/basic-install.sh | sudo bash "$@"
+
+            # when run via curl piping
+            if [[ "$0" == "bash" ]]; then
+                # Download the install script and run it with admin rights
+                exec curl -sSL https://raw.githubusercontent.com/pi-hole/pi-hole/master/automated%20install/basic-install.sh | sudo bash "$@"
+            else
+                # when run via calling local bash script
+                exec sudo bash "$0" "$@"
+            fi
+
             exit $?
         # Otherwise,
         else

From b375dd2c8172fcec2fdf54c24ddac34059b00955 Mon Sep 17 00:00:00 2001
From: pvogt09 <50047961+pvogt09@users.noreply.github.com>
Date: Sun, 15 Nov 2020 20:11:25 +0100
Subject: [PATCH 131/297] Update test/ubuntu_20.Dockerfile

Co-authored-by: Adam Warner <github@adamwarner.co.uk>
Signed-off-by: pvogt09 <50047961+pvogt09@users.noreply.github.com>
---
 test/ubuntu_20.Dockerfile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/test/ubuntu_20.Dockerfile b/test/ubuntu_20.Dockerfile
index c071fcd9..caa6261f 100644
--- a/test/ubuntu_20.Dockerfile
+++ b/test/ubuntu_20.Dockerfile
@@ -7,6 +7,7 @@ RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
 ADD . $GITDIR
 RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
 ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
+ENV DEBIAN_FRONTEND=noninteractive
 
 RUN true && \
     chmod +x $SCRIPTDIR/*

From e7d937c412bd2b617ef2f0787d5d0908a3c32e73 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Sun, 15 Nov 2020 20:31:47 +0100
Subject: [PATCH 132/297] Be more specific what pihole -d -a does
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 pihole | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pihole b/pihole
index 5962eba1..2b2b7bc2 100755
--- a/pihole
+++ b/pihole
@@ -418,7 +418,7 @@ Whitelist/Blacklist Options:
 
 Debugging Options:
   -d, debug           Start a debugging session
-                        Add '-a' to enable automated debugging
+                        Add '-a' to automatically upload the log to tricorder.pi-hole.net
   -f, flush           Flush the Pi-hole log
   -r, reconfigure     Reconfigure or Repair Pi-hole subsystems
   -t, tail            View the live output of the Pi-hole log

From 6826d9f316e5e73d4e8648156d35318fe7d46e26 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gr=C3=A9gory=20Sanchez?= <gregory.sanchez@icloud.com>
Date: Mon, 16 Nov 2020 23:15:02 +0100
Subject: [PATCH 133/297] fix(basic-install): unattended install should finish
 without interaction
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Fixes: https://github.com/pi-hole/pi-hole/issues/3617

Signed-off-by: Grégory Sanchez <gregory.sanchez@icloud.com>
---
 automated install/basic-install.sh | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index ac00bf2b..e91c2bb1 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -67,7 +67,9 @@ PI_HOLE_INSTALL_DIR="/opt/pihole"
 PI_HOLE_CONFIG_DIR="/etc/pihole"
 PI_HOLE_BIN_DIR="/usr/local/bin"
 PI_HOLE_BLOCKPAGE_DIR="${webroot}/pihole"
-useUpdateVars=false
+if [ -z "$useUpdateVars" ]; then
+  useUpdateVars=false
+fi
 
 adlistFile="/etc/pihole/adlists.list"
 # Pi-hole needs an IP address; to begin, these variables are empty since we don't know what the IP is until

From f7982dfbe1ede1eb028716bed1d5b5ac920b8972 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Mon, 16 Nov 2020 22:39:50 +0000
Subject: [PATCH 134/297] -remove duplicate OS dockerfiles +rename
 centos->centos_8, centos7 -> centos_7 +update centos/fedora test script

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 ...centos7.Dockerfile => centos_7.Dockerfile} |  0
 ...{centos.Dockerfile => centos_8.Dockerfile} |  0
 test/conftest.py                              |  6 ++--
 test/debian.Dockerfile                        | 16 ----------
 test/fedora.Dockerfile                        | 16 ----------
 test/test_centos_fedora_support.py            | 30 +++++++++----------
 tox.ini                                       |  8 ++---
 7 files changed, 20 insertions(+), 56 deletions(-)
 rename test/{centos7.Dockerfile => centos_7.Dockerfile} (100%)
 rename test/{centos.Dockerfile => centos_8.Dockerfile} (100%)
 delete mode 100644 test/debian.Dockerfile
 delete mode 100644 test/fedora.Dockerfile

diff --git a/test/centos7.Dockerfile b/test/centos_7.Dockerfile
similarity index 100%
rename from test/centos7.Dockerfile
rename to test/centos_7.Dockerfile
diff --git a/test/centos.Dockerfile b/test/centos_8.Dockerfile
similarity index 100%
rename from test/centos.Dockerfile
rename to test/centos_8.Dockerfile
diff --git a/test/conftest.py b/test/conftest.py
index 3fd2524a..cda861c1 100644
--- a/test/conftest.py
+++ b/test/conftest.py
@@ -70,12 +70,10 @@ def args(request):
 
 
 @pytest.fixture(params=[
-    'debian',
     'debian_9',
     'debian_10',
-    'centos7',
-    'centos',
-    'fedora',
+    'centos_7',
+    'centos_8',
     'fedora_31',
     'fedora_32',
     'ubuntu_16',
diff --git a/test/debian.Dockerfile b/test/debian.Dockerfile
deleted file mode 100644
index d6609ba3..00000000
--- a/test/debian.Dockerfile
+++ /dev/null
@@ -1,16 +0,0 @@
-FROM buildpack-deps:stretch-scm
-
-ENV GITDIR /etc/.pihole
-ENV SCRIPTDIR /opt/pihole
-
-RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
-ADD . $GITDIR
-RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
-ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
-
-RUN true && \
-    chmod +x $SCRIPTDIR/*
-
-ENV PH_TEST true
-
-#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
diff --git a/test/fedora.Dockerfile b/test/fedora.Dockerfile
deleted file mode 100644
index 02dcb733..00000000
--- a/test/fedora.Dockerfile
+++ /dev/null
@@ -1,16 +0,0 @@
-FROM fedora:31
-
-ENV GITDIR /etc/.pihole
-ENV SCRIPTDIR /opt/pihole
-
-RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
-ADD . $GITDIR
-RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
-ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
-
-RUN true && \
-    chmod +x $SCRIPTDIR/*
-
-ENV PH_TEST true
-
-#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
diff --git a/test/test_centos_fedora_support.py b/test/test_centos_fedora_support.py
index b4ae7c89..8dd0ee5f 100644
--- a/test/test_centos_fedora_support.py
+++ b/test/test_centos_fedora_support.py
@@ -23,7 +23,7 @@ def mock_selinux_config(state, Pihole):
     '''.format(state=state.lower()))
 
 
-@pytest.mark.parametrize("tag", [('centos'), ('fedora'), ])
+@pytest.mark.parametrize("tag", [('centos_7'), ('centos_8'), ('fedora_31'), ('fedora_32'), ])
 def test_selinux_enforcing_exit(Pihole):
     '''
     confirms installer prompts to exit when SELinux is Enforcing by default
@@ -40,7 +40,7 @@ def test_selinux_enforcing_exit(Pihole):
     assert check_selinux.rc == 1
 
 
-@pytest.mark.parametrize("tag", [('centos'), ('fedora'), ])
+@pytest.mark.parametrize("tag", [('centos_7'), ('centos_8'), ('fedora_31'), ('fedora_32'), ])
 def test_selinux_permissive(Pihole):
     '''
     confirms installer continues when SELinux is Permissive
@@ -55,7 +55,7 @@ def test_selinux_permissive(Pihole):
     assert check_selinux.rc == 0
 
 
-@pytest.mark.parametrize("tag", [('centos'), ('fedora'), ])
+@pytest.mark.parametrize("tag", [('centos_7'), ('centos_8'), ('fedora_31'), ('fedora_32'), ])
 def test_selinux_disabled(Pihole):
     '''
     confirms installer continues when SELinux is Disabled
@@ -70,7 +70,7 @@ def test_selinux_disabled(Pihole):
     assert check_selinux.rc == 0
 
 
-@pytest.mark.parametrize("tag", [('fedora'), ])
+@pytest.mark.parametrize("tag", [('fedora_31'), ('fedora_32'), ])
 def test_epel_and_remi_not_installed_fedora(Pihole):
     '''
     confirms installer does not attempt to install EPEL/REMI repositories
@@ -88,7 +88,7 @@ def test_epel_and_remi_not_installed_fedora(Pihole):
     assert not remi_package.is_installed
 
 
-@pytest.mark.parametrize("tag", [('centos7'), ('centos'), ])
+@pytest.mark.parametrize("tag", [('centos_7'), ('centos_8'), ])
 def test_release_supported_version_check_centos(Pihole):
     '''
     confirms installer exits on unsupported releases of CentOS
@@ -105,7 +105,7 @@ def test_release_supported_version_check_centos(Pihole):
     assert expected_stdout in distro_check.stdout
 
 
-@pytest.mark.parametrize("tag", [('centos7'), ('centos'), ])
+@pytest.mark.parametrize("tag", [('centos_7'), ('centos_8'), ])
 def test_enable_epel_repository_centos(Pihole):
     '''
     confirms the EPEL package repository is enabled when installed on CentOS
@@ -123,7 +123,7 @@ def test_enable_epel_repository_centos(Pihole):
     assert epel_package.is_installed
 
 
-@pytest.mark.parametrize("tag", [('centos7'), ])
+@pytest.mark.parametrize("tag", [('centos_7'), ])
 def test_php_upgrade_default_optout_centos_eq_7(Pihole):
     '''
     confirms the default behavior to opt-out of installing PHP7 from REMI
@@ -139,7 +139,7 @@ def test_php_upgrade_default_optout_centos_eq_7(Pihole):
     assert not remi_package.is_installed
 
 
-@pytest.mark.parametrize("tag", [('centos'), ])
+@pytest.mark.parametrize("tag", [('centos_8'), ])
 def test_php_upgrade_default_continue_centos_gte_8(Pihole):
     '''
     confirms the latest version of CentOS continues / does not optout
@@ -157,7 +157,7 @@ def test_php_upgrade_default_continue_centos_gte_8(Pihole):
     assert not remi_package.is_installed
 
 
-@pytest.mark.parametrize("tag", [('centos7'), ])
+@pytest.mark.parametrize("tag", [('centos_7'), ])
 def test_php_upgrade_user_optout_centos_eq_7(Pihole):
     '''
     confirms installer behavior when user opt-out of installing PHP7 from REMI
@@ -176,7 +176,7 @@ def test_php_upgrade_user_optout_centos_eq_7(Pihole):
     assert not remi_package.is_installed
 
 
-@pytest.mark.parametrize("tag", [('centos'), ])
+@pytest.mark.parametrize("tag", [('centos_8'), ])
 def test_php_upgrade_user_optout_skipped_centos_gte_8(Pihole):
     '''
     confirms installer skips user opt-out of installing PHP7 from REMI on
@@ -197,7 +197,7 @@ def test_php_upgrade_user_optout_skipped_centos_gte_8(Pihole):
     assert not remi_package.is_installed
 
 
-@pytest.mark.parametrize("tag", [('centos7'), ])
+@pytest.mark.parametrize("tag", [('centos_7'), ])
 def test_php_upgrade_user_optin_centos_eq_7(Pihole):
     '''
     confirms installer behavior when user opt-in to installing PHP7 from REMI
@@ -220,7 +220,7 @@ def test_php_upgrade_user_optin_centos_eq_7(Pihole):
     assert remi_package.is_installed
 
 
-@pytest.mark.parametrize("tag", [('centos'), ])
+@pytest.mark.parametrize("tag", [('centos_8'), ])
 def test_php_upgrade_user_optin_skipped_centos_gte_8(Pihole):
     '''
     confirms installer skips user opt-in to installing PHP7 from REMI on
@@ -244,7 +244,7 @@ def test_php_upgrade_user_optin_skipped_centos_gte_8(Pihole):
     assert not remi_package.is_installed
 
 
-@pytest.mark.parametrize("tag", [('centos7'), ('centos'), ])
+@pytest.mark.parametrize("tag", [('centos_7'), ('centos_8'), ])
 def test_php_version_lt_7_detected_upgrade_default_optout_centos(Pihole):
     '''
     confirms the default behavior to opt-out of upgrading to PHP7 from REMI
@@ -267,7 +267,7 @@ def test_php_version_lt_7_detected_upgrade_default_optout_centos(Pihole):
     assert not remi_package.is_installed
 
 
-@pytest.mark.parametrize("tag", [('centos7'), ('centos'), ])
+@pytest.mark.parametrize("tag", [('centos_7'), ('centos_8'), ])
 def test_php_version_lt_7_detected_upgrade_user_optout_centos(Pihole):
     '''
     confirms installer behavior when user opt-out to upgrade to PHP7 via REMI
@@ -292,7 +292,7 @@ def test_php_version_lt_7_detected_upgrade_user_optout_centos(Pihole):
     assert not remi_package.is_installed
 
 
-@pytest.mark.parametrize("tag", [('centos7'), ('centos'), ])
+@pytest.mark.parametrize("tag", [('centos_7'), ('centos_8'), ])
 def test_php_version_lt_7_detected_upgrade_user_optin_centos(Pihole):
     '''
     confirms installer behavior when user opt-in to upgrade to PHP7 via REMI
diff --git a/tox.ini b/tox.ini
index 17d19052..1142aea8 100644
--- a/tox.ini
+++ b/tox.ini
@@ -4,12 +4,10 @@ envlist = py37
 [testenv]
 whitelist_externals = docker
 deps = -rrequirements.txt
-commands = docker build -f test/debian.Dockerfile -t pytest_pihole:debian .
-           docker build -f test/debian_9.Dockerfile -t pytest_pihole:debian_9 .
+commands = docker build -f test/debian_9.Dockerfile -t pytest_pihole:debian_9 .
            docker build -f test/debian_10.Dockerfile -t pytest_pihole:debian_10 .
-           docker build -f test/centos7.Dockerfile -t pytest_pihole:centos7 .
-           docker build -f test/centos.Dockerfile -t pytest_pihole:centos .
-           docker build -f test/fedora.Dockerfile -t pytest_pihole:fedora .
+           docker build -f test/centos_7.Dockerfile -t pytest_pihole:centos_7 .
+           docker build -f test/centos_8.Dockerfile -t pytest_pihole:centos_8 .           
            docker build -f test/fedora_31.Dockerfile -t pytest_pihole:fedora_31 .
            docker build -f test/fedora_32.Dockerfile -t pytest_pihole:fedora_32 .
            docker build -f test/ubuntu_16.Dockerfile -t pytest_pihole:ubuntu_16 .

From 809e4bdb1d65f7bd593ae5bc92ddcb4793cda05c Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Mon, 16 Nov 2020 23:06:02 +0000
Subject: [PATCH 135/297] Set max line length for flake8 to be an (arbitary)
 120 chars

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 .stickler.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.stickler.yml b/.stickler.yml
index ab98025e..8a2a1ce9 100644
--- a/.stickler.yml
+++ b/.stickler.yml
@@ -3,3 +3,4 @@ linters:
     shell: bash
   phpcs:
   flake8:
+    max-line-length: 120

From cd8120d33f279f44e6c1922c4ec14788ed12898c Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Mon, 16 Nov 2020 23:31:35 +0000
Subject: [PATCH 136/297] Add some output to the --nuke command

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 advanced/Scripts/list.sh | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh
index 9dd818c4..16bb2001 100755
--- a/advanced/Scripts/list.sh
+++ b/advanced/Scripts/list.sh
@@ -231,7 +231,14 @@ Displaylist() {
 }
 
 NukeList() {
-    sqlite3 "${gravityDBfile}" "DELETE FROM domainlist WHERE type = ${typeId};"
+    count=$(sqlite3 "${gravityDBfile}" "SELECT COUNT(1) FROM domainlist WHERE type = ${typeId};")
+    listname="$(GetListnameFromTypeId "${typeId}")"    
+    if [ "$count" -gt 0 ];then
+        sqlite3 "${gravityDBfile}" "DELETE FROM domainlist WHERE type = ${typeId};"
+        echo "  ${TICK} Removed ${count} domain(s) from the ${listname}"
+    else
+        echo "  ${INFO} ${listname} already empty. Nothing to do!"
+    fi    
     exit 0;
 }
 

From 541b53229c0b393f947ebc63e62e0d054217927c Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Wed, 18 Nov 2020 22:06:03 +0000
Subject: [PATCH 137/297] Include secondary upstream DNS for Quad9+Filter+ECS

Co-authored-by: Daniel Tulleman <github@be-lumino.us>
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 automated install/basic-install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index e5ffce79..8325107b 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -41,7 +41,7 @@ Comodo;8.26.56.26;8.20.247.20;;
 DNS.WATCH;84.200.69.80;84.200.70.40;2001:1608:10:25:0:0:1c04:b12f;2001:1608:10:25:0:0:9249:d69b
 Quad9 (filtered, DNSSEC);9.9.9.9;149.112.112.112;2620:fe::fe;2620:fe::9
 Quad9 (unfiltered, no DNSSEC);9.9.9.10;149.112.112.10;2620:fe::10;2620:fe::fe:10
-Quad9 (filtered + ECS);9.9.9.11;149.112.112.11;2620:fe::11;
+Quad9 (filtered + ECS);9.9.9.11;149.112.112.11;2620:fe::11;2620:fe::fe:11
 Cloudflare;1.1.1.1;1.0.0.1;2606:4700:4700::1111;2606:4700:4700::1001
 EOM
 )

From 2a82e1fec106b7c3b19e26efd737cd86f341dbda Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Wed, 18 Nov 2020 23:29:08 +0000
Subject: [PATCH 138/297] Nothing to see here. I just forgot a page.

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 test/test_000_build_containers.py | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/test/test_000_build_containers.py b/test/test_000_build_containers.py
index dfaba1ac..3033249f 100644
--- a/test/test_000_build_containers.py
+++ b/test/test_000_build_containers.py
@@ -8,12 +8,10 @@ run_local = testinfra.get_backend(
 
 
 @pytest.mark.parametrize("image,tag", [
-    ('test/debian.Dockerfile', 'pytest_pihole:debian'),
     ('test/debian_9.Dockerfile', 'pytest_pihole:debian_9'),
     ('test/debian_10.Dockerfile', 'pytest_pihole:debian_10'),
-    ('test/centos7.Dockerfile', 'pytest_pihole:centos7'),
-    ('test/centos.Dockerfile', 'pytest_pihole:centos'),
-    ('test/fedora.Dockerfile', 'pytest_pihole:fedora'),
+    ('test/centos_7.Dockerfile', 'pytest_pihole:centos_7'),
+    ('test/centos_8.Dockerfile', 'pytest_pihole:centos_8'),
     ('test/fedora_31.Dockerfile', 'pytest_pihole:fedora_31'),
     ('test/fedora_32.Dockerfile', 'pytest_pihole:fedora_32'),
     ('test/ubuntu_16.Dockerfile', 'pytest_pihole:ubuntu_16'),

From 50316ee617c9d36b9493a32841579483545c5430 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Mon, 23 Nov 2020 21:09:35 +0100
Subject: [PATCH 139/297] Add systemctl status --full --no-pager
 pihole-FTL.service to the debug log
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 advanced/Scripts/piholeDebug.sh | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 52e11b6a..c2f94cd4 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -946,6 +946,16 @@ process_status(){
     done
 }
 
+pihole-FTL_full_status(){
+    # if using systemd print the full status of pihole-FTL
+    echo_current_diagnostic "Pi-hole-FTL full status"
+    local FTL_status
+    if command -v systemctl &> /dev/null; then
+      FTL_status=$(systemctl status --full --no-pager pihole-FTL.service)
+      log_write "   ${FTL_status}"
+    fi
+}
+
 make_array_from_file() {
     local filename="${1}"
     # The second argument can put a limit on how many line should be read from the file
@@ -1379,6 +1389,7 @@ check_networking
 check_name_resolution
 check_dhcp_servers
 process_status
+pihole-FTL_full_status
 parse_setup_vars
 check_x_headers
 analyze_gravity_list

From ec5183b553ff03ba1dcfa7a7280779385895d91f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Tue, 24 Nov 2020 05:57:13 +0100
Subject: [PATCH 140/297] Rename function
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 advanced/Scripts/piholeDebug.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index c2f94cd4..da084f67 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -946,7 +946,7 @@ process_status(){
     done
 }
 
-pihole-FTL_full_status(){
+ftl_full_status(){
     # if using systemd print the full status of pihole-FTL
     echo_current_diagnostic "Pi-hole-FTL full status"
     local FTL_status
@@ -1389,7 +1389,7 @@ check_networking
 check_name_resolution
 check_dhcp_servers
 process_status
-pihole-FTL_full_status
+ftl_full_status
 parse_setup_vars
 check_x_headers
 analyze_gravity_list

From 70c48afc046720f250ffad7bae8d987779154b18 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Tue, 24 Nov 2020 06:02:18 +0100
Subject: [PATCH 141/297] Add else statement
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 advanced/Scripts/piholeDebug.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index da084f67..b77f6346 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -953,6 +953,8 @@ ftl_full_status(){
     if command -v systemctl &> /dev/null; then
       FTL_status=$(systemctl status --full --no-pager pihole-FTL.service)
       log_write "   ${FTL_status}"
+    else
+      log_write "${INFO} systemctl:  command not found"
     fi
 }
 

From d4c33e51885e31f0263b9829574a32be5dc52b67 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Tue, 24 Nov 2020 16:06:45 +0100
Subject: [PATCH 142/297] Include the raw messages from the Pi-hole diagnosis
 systems in debug logs

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/piholeDebug.sh | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 52e11b6a..c3c08aca 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -125,6 +125,8 @@ get_ftl_conf_value() {
 
 PIHOLE_GRAVITY_DB_FILE="$(get_ftl_conf_value "GRAVITYDB" "${PIHOLE_DIRECTORY}/gravity.db")"
 
+PIHOLE_FTL_DB_FILE="$(get_ftl_conf_value "DBFILE" "${PIHOLE_DIRECTORY}/pihole-FTL.db")"
+
 PIHOLE_COMMAND="${BIN_DIRECTORY}/pihole"
 PIHOLE_COLTABLE_FILE="${BIN_DIRECTORY}/COL_TABLE"
 
@@ -1170,6 +1172,31 @@ show_db_entries() {
     IFS="$OLD_IFS"
 }
 
+show_FTL_db_entries() {
+    local title="${1}"
+    local query="${2}"
+    local widths="${3}"
+
+    echo_current_diagnostic "${title}"
+
+    OLD_IFS="$IFS"
+    IFS=$'\r\n'
+    local entries=()
+    mapfile -t entries < <(\
+        sqlite3 "${PIHOLE_FTL_DB_FILE}" \
+            -cmd ".headers on" \
+            -cmd ".mode column" \
+            -cmd ".width ${widths}" \
+            "${query}"\
+    )
+
+    for line in "${entries[@]}"; do
+        log_write "   ${line}"
+    done
+
+    IFS="$OLD_IFS"
+}
+
 check_dhcp_servers() {
     echo_current_diagnostic "Discovering active DHCP servers (takes 10 seconds)"
 
@@ -1201,6 +1228,10 @@ show_clients() {
     show_db_entries "Clients" "SELECT id,GROUP_CONCAT(client_by_group.group_id) group_ids,ip,datetime(date_added,'unixepoch','localtime') date_added,datetime(date_modified,'unixepoch','localtime') date_modified,comment FROM client LEFT JOIN client_by_group ON client.id = client_by_group.client_id GROUP BY id;" "4 12 100 19 19 50"
 }
 
+show_messages() {
+    show_FTL_db_entries "Pi-hole diagnosis messages" "SELECT id,datetime(timestamp,'unixepoch','localtime') timestamp,type,message,blob1,blob2,blob3,blob4,blob5 FROM message;" "4 19 20 60 20 20 20 20 20"
+}
+
 analyze_gravity_list() {
     echo_current_diagnostic "Gravity List and Database"
 
@@ -1387,6 +1418,7 @@ show_domainlist
 show_clients
 show_adlists
 show_content_of_pihole_files
+show_messages
 parse_locale
 analyze_pihole_log
 copy_to_debug_log

From 065e5cb1fe06e36b95936794175c0512855a7cf2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Tue, 24 Nov 2020 21:02:53 +0100
Subject: [PATCH 143/297] Add DNSSEC to OpenDNS description
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 automated install/basic-install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 8325107b..21e699c7 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -35,7 +35,7 @@ export PATH+=':/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
 # List of supported DNS servers
 DNS_SERVERS=$(cat << EOM
 Google (ECS);8.8.8.8;8.8.4.4;2001:4860:4860:0:0:0:0:8888;2001:4860:4860:0:0:0:0:8844
-OpenDNS (ECS);208.67.222.222;208.67.220.220;2620:119:35::35;2620:119:53::53
+OpenDNS (ECS, DNSSEC);208.67.222.222;208.67.220.220;2620:119:35::35;2620:119:53::53
 Level3;4.2.2.1;4.2.2.2;;
 Comodo;8.26.56.26;8.20.247.20;;
 DNS.WATCH;84.200.69.80;84.200.70.40;2001:1608:10:25:0:0:1c04:b12f;2001:1608:10:25:0:0:9249:d69b

From 0711f4d63a926592eb4226d0aaaa2fceb9291fa4 Mon Sep 17 00:00:00 2001
From: DL6ER <DL6ER@users.noreply.github.com>
Date: Sat, 28 Nov 2020 18:29:32 +0100
Subject: [PATCH 144/297] Revert "Enable DNS forwarding loop detection"

---
 advanced/01-pihole.conf | 2 --
 1 file changed, 2 deletions(-)

diff --git a/advanced/01-pihole.conf b/advanced/01-pihole.conf
index 2595c19e..e243e91a 100644
--- a/advanced/01-pihole.conf
+++ b/advanced/01-pihole.conf
@@ -32,8 +32,6 @@ no-resolv
 server=@DNS1@
 server=@DNS2@
 
-dns-loop-detect
-
 interface=@INT@
 
 cache-size=@CACHE_SIZE@

From a8e97257d7c473b393dbd6ed02a120e478a27133 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Sun, 29 Nov 2020 15:08:46 +0000
Subject: [PATCH 145/297] Ensure entries of `PIHOLE_DNS_10` and above are not
 deleted when removing PIHOLE_DNS_1 and PIHOLE_DNS_2

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 automated install/basic-install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 21e699c7..af6c3ade 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -1913,7 +1913,7 @@ finalExports() {
     # If the setup variable file exists,
     if [[ -e "${setupVars}" ]]; then
         # update the variables in the file
-        sed -i.update.bak '/PIHOLE_INTERFACE/d;/IPV4_ADDRESS/d;/IPV6_ADDRESS/d;/PIHOLE_DNS_1/d;/PIHOLE_DNS_2/d;/QUERY_LOGGING/d;/INSTALL_WEB_SERVER/d;/INSTALL_WEB_INTERFACE/d;/LIGHTTPD_ENABLED/d;/CACHE_SIZE/d;' "${setupVars}"
+        sed -i.update.bak '/PIHOLE_INTERFACE/d;/IPV4_ADDRESS/d;/IPV6_ADDRESS/d;/PIHOLE_DNS_1\b/d;/PIHOLE_DNS_2\b/d;/QUERY_LOGGING/d;/INSTALL_WEB_SERVER/d;/INSTALL_WEB_INTERFACE/d;/LIGHTTPD_ENABLED/d;/CACHE_SIZE/d;' "${setupVars}"
     fi
     # echo the information to the user
     {

From 0ecb8bf5e9fb555df7a4622c52bf54535bd96de1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Sun, 29 Nov 2020 21:05:40 +0100
Subject: [PATCH 146/297] Add lsof to dependencies for non Debian OS
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 automated install/basic-install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index af6c3ade..bab6471e 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -393,7 +393,7 @@ elif is_command rpm ; then
     PKG_INSTALL=("${PKG_MANAGER}" install -y)
     PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l"
     INSTALLER_DEPS=(git iproute newt procps-ng which chkconfig bind-utils)
-    PIHOLE_DEPS=(cronie curl findutils nmap-ncat sudo unzip libidn2 psmisc sqlite libcap)
+    PIHOLE_DEPS=(cronie curl findutils nmap-ncat sudo unzip libidn2 psmisc sqlite libcap lsof)
     PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php-common php-cli php-pdo php-xml php-json php-intl)
     LIGHTTPD_USER="lighttpd"
     LIGHTTPD_GROUP="lighttpd"

From e004d27b28bf3da43101948903c56a7cf66be4eb Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Mon, 30 Nov 2020 18:58:23 +0000
Subject: [PATCH 147/297] Fix processing of CONDITIONAL_FORWARDING_REVERSE

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 advanced/Scripts/webpage.sh | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index 15471ad4..7cf0ae75 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -217,6 +217,11 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423
 
     if [[ "${CONDITIONAL_FORWARDING}" == true ]]; then
         # Convert legacy "conditional forwarding" to rev-server configuration
+        delete_setting "REV_SERVER"
+        delete_setting "REV_SERVER_DOMAIN"
+        delete_setting "REV_SERVER_TARGET"
+        delete_setting "REV_SERVER_CIDR"
+
         REV_SERVER=true
         add_setting "REV_SERVER" "true"
 
@@ -226,7 +231,17 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423
         REV_SERVER_TARGET="${CONDITIONAL_FORWARDING_IP}"
         add_setting "REV_SERVER_TARGET" "${REV_SERVER_TARGET}"
 
-        REV_SERVER_CIDR="${CONDITIONAL_FORWARDING_REVERSE}"
+        search="in-addr.arpa"
+        if [[ "$CONDITIONAL_FORWARDING_REVERSE" == *"$search" ]];then
+            arrRev=(${CONDITIONAL_FORWARDING_REVERSE//./ })        
+            case ${#arrRev[@]} in 
+                6   )   REV_SERVER_CIDR="${arrRev[3]}.${arrRev[2]}.${arrRev[1]}.${arrRev[0]}/32";;
+                5   )   REV_SERVER_CIDR="${arrRev[2]}.${arrRev[1]}.${arrRev[0]}.0/24";;
+                4   )   REV_SERVER_CIDR="${arrRev[1]}.${arrRev[0]}.0.0/16";;
+                3   )   REV_SERVER_CIDR="${arrRev[0]}.0.0.0/8";; 
+            esac
+        fi
+       
         if [ -z "${REV_SERVER_CIDR}" ]; then
             # Convert existing input to /24 subnet (preserves legacy behavior)
             # This sed converts "192.168.1.2" to "192.168.1.0/24"

From 6cb8f3f403928620e23e35158ae4f89a34487df7 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Mon, 30 Nov 2020 21:18:25 +0000
Subject: [PATCH 148/297] Add some comments

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 advanced/Scripts/webpage.sh | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index 7cf0ae75..ebeb64fa 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -217,6 +217,7 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423
 
     if [[ "${CONDITIONAL_FORWARDING}" == true ]]; then
         # Convert legacy "conditional forwarding" to rev-server configuration
+        # Remove any existing REV_SERVER settings
         delete_setting "REV_SERVER"
         delete_setting "REV_SERVER_DOMAIN"
         delete_setting "REV_SERVER_TARGET"
@@ -231,6 +232,11 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423
         REV_SERVER_TARGET="${CONDITIONAL_FORWARDING_IP}"
         add_setting "REV_SERVER_TARGET" "${REV_SERVER_TARGET}"
 
+        #Convert CONDITIONAL_FORWARDING_REVERSE if neccasery e.g:
+        #          1.1.168.192.in-addr.arpa to 192.168.1.1/32
+        #          1.168.192.in-addr.arpa to 192.168.1.0/24
+        #          168.192.in-addr.arpa to 192.168.0.0/16
+        #          192.in-addr.arpa to 192.0.0.0/8
         search="in-addr.arpa"
         if [[ "$CONDITIONAL_FORWARDING_REVERSE" == *"$search" ]];then
             arrRev=(${CONDITIONAL_FORWARDING_REVERSE//./ })        
@@ -241,7 +247,8 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423
                 3   )   REV_SERVER_CIDR="${arrRev[0]}.0.0.0/8";; 
             esac
         fi
-       
+        
+        # If REV_SERVER_CIDR is not converted by the above, then use the REV_SERVER_TARGET variable to derive it
         if [ -z "${REV_SERVER_CIDR}" ]; then
             # Convert existing input to /24 subnet (preserves legacy behavior)
             # This sed converts "192.168.1.2" to "192.168.1.0/24"

From 06c5fe2a89304ce73105964b867e20ee079ce2c9 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Mon, 30 Nov 2020 21:29:54 +0000
Subject: [PATCH 149/297] Set REV_SERVER_CIDR in the else condition if it is
 not in-addr.arpa

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 advanced/Scripts/webpage.sh | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index ebeb64fa..e9794cbf 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -246,6 +246,9 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423
                 4   )   REV_SERVER_CIDR="${arrRev[1]}.${arrRev[0]}.0.0/16";;
                 3   )   REV_SERVER_CIDR="${arrRev[0]}.0.0.0/8";; 
             esac
+        else
+          # Set REV_SERVER_CIDR to whatever value it was set to
+          REV_SERVER_CIDR="$CONDITIONAL_FORWARDING_REVERSE"
         fi
         
         # If REV_SERVER_CIDR is not converted by the above, then use the REV_SERVER_TARGET variable to derive it

From 4093959d3ede4151d5cb4e994f1b2e6ef744b007 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Mon, 30 Nov 2020 21:55:07 +0000
Subject: [PATCH 150/297] Appease stickler

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 advanced/Scripts/webpage.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index e9794cbf..090d2a3a 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -239,7 +239,7 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423
         #          192.in-addr.arpa to 192.0.0.0/8
         search="in-addr.arpa"
         if [[ "$CONDITIONAL_FORWARDING_REVERSE" == *"$search" ]];then
-            arrRev=(${CONDITIONAL_FORWARDING_REVERSE//./ })        
+            arrRev=("${CONDITIONAL_FORWARDING_REVERSE//./ }")        
             case ${#arrRev[@]} in 
                 6   )   REV_SERVER_CIDR="${arrRev[3]}.${arrRev[2]}.${arrRev[1]}.${arrRev[0]}/32";;
                 5   )   REV_SERVER_CIDR="${arrRev[2]}.${arrRev[1]}.${arrRev[0]}.0/24";;

From 58bc98ca44a457486862f738373e0d4114c878af Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Mon, 30 Nov 2020 22:30:59 +0000
Subject: [PATCH 151/297] Update advanced/Scripts/webpage.sh

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 advanced/Scripts/webpage.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index 090d2a3a..f7598000 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -232,7 +232,7 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423
         REV_SERVER_TARGET="${CONDITIONAL_FORWARDING_IP}"
         add_setting "REV_SERVER_TARGET" "${REV_SERVER_TARGET}"
 
-        #Convert CONDITIONAL_FORWARDING_REVERSE if neccasery e.g:
+        #Convert CONDITIONAL_FORWARDING_REVERSE if necessary e.g:
         #          1.1.168.192.in-addr.arpa to 192.168.1.1/32
         #          1.168.192.in-addr.arpa to 192.168.1.0/24
         #          168.192.in-addr.arpa to 192.168.0.0/16

From 49810262dbfcaf361d49c63730dc3fb626174c16 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Tue, 1 Dec 2020 09:16:50 +0100
Subject: [PATCH 152/297] When there is a Pi-hole domain set and "Never forward
 non-FQDNs" is ticked, we add  to tell FTL that this domain is purely local
 and FTL may answer queries from /etc/hosts or DHCP but should never forward
 queries on that domain to any upstream servers

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/webpage.sh | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index 15471ad4..21328dc1 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -253,6 +253,13 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423
     # This follows https://support.mozilla.org/en-US/kb/configuring-networks-disable-dns-over-https
     # (sourced 7th September 2019)
     add_dnsmasq_setting "server=/use-application-dns.net/"
+
+    # We need to process DHCP settings here as well to account for possible
+    # changes in the non-FQDN forwarding. This cannot be done in 01-pihole.conf
+    # as we don't want to delete all local=/.../ lines so it's much safer to
+    # simply rewrite the entire corresponding config file (which is what the
+    # DHCP settings subroutie is doing)
+    ProcessDHCPSettings
 }
 
 SetDNSServers() {
@@ -375,6 +382,11 @@ dhcp-leasefile=/etc/pihole/dhcp.leases
 
     if [[ "${PIHOLE_DOMAIN}" != "none" ]]; then
         echo "domain=${PIHOLE_DOMAIN}" >> "${dhcpconfig}"
+
+        # When there is a Pi-hole domain set and "Never forward non-FQDNs" is
+        # ticked, we add `local=/domain/` to tell FTL that this domain is purely
+        # local and FTL may answer queries from /etc/hosts or DHCP but should
+        # never forward queries on that domain to any upstream servers
         if  [[ "${DNS_FQDN_REQUIRED}" == true ]]; then
           echo "local=/${PIHOLE_DOMAIN}/" >> "${dhcpconfig}"
         fi

From 3e73782f0e5b5463b5756f1e607e6b0cfee4411a Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Tue, 1 Dec 2020 10:02:31 +0000
Subject: [PATCH 153/297] Remove Travis CI config Create Github Actions config
 Split tox ini into one per supported distro so they can be run seperately

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 .github/workflows/test.yml                    |  25 ++
 .travis.yml                                   |   5 -
 autotest                                      |   1 -
 ...ntos_7.Dockerfile => _centos_7.Dockerfile} |   0
 ...ntos_8.Dockerfile => _centos_8.Dockerfile} |   0
 ...an_10.Dockerfile => _debian_10.Dockerfile} |   0
 ...bian_9.Dockerfile => _debian_9.Dockerfile} |   0
 ...ra_31.Dockerfile => _fedora_31.Dockerfile} |   0
 ...ra_32.Dockerfile => _fedora_32.Dockerfile} |   0
 ...tu_16.Dockerfile => _ubuntu_16.Dockerfile} |   2 +-
 ...tu_18.Dockerfile => _ubuntu_18.Dockerfile} |   0
 ...tu_20.Dockerfile => _ubuntu_20.Dockerfile} |   0
 test/conftest.py                              |  12 +-
 requirements.txt => test/requirements.txt     |   0
 setup.py => test/setup.py                     |   0
 test/test_000_build_containers.py             |  29 --
 test/test_centos_7_support.py                 |  62 ++++
 test/test_centos_8_support.py                 |  67 ++++
 test/test_centos_common_support.py            | 120 +++++++
 test/test_centos_fedora_common_support.py     |  66 ++++
 test/test_centos_fedora_support.py            | 327 ------------------
 test/test_fedora_support.py                   |  24 ++
 test/test_shellcheck.py                       |  18 -
 test/tox.centos_7.ini                         |   8 +
 test/tox.centos_8.ini                         |   8 +
 test/tox.debian_10.ini                        |   8 +
 test/tox.debian_9.ini                         |   8 +
 test/tox.fedora_31.ini                        |   8 +
 test/tox.fedora_32.ini                        |   8 +
 test/tox.ubuntu_16.ini                        |   8 +
 test/tox.ubuntu_18.ini                        |   8 +
 test/tox.ubuntu_20.ini                        |   8 +
 tox.ini                                       |  16 -
 33 files changed, 439 insertions(+), 407 deletions(-)
 create mode 100644 .github/workflows/test.yml
 delete mode 100644 .travis.yml
 delete mode 100755 autotest
 rename test/{centos_7.Dockerfile => _centos_7.Dockerfile} (100%)
 rename test/{centos_8.Dockerfile => _centos_8.Dockerfile} (100%)
 rename test/{debian_10.Dockerfile => _debian_10.Dockerfile} (100%)
 rename test/{debian_9.Dockerfile => _debian_9.Dockerfile} (100%)
 rename test/{fedora_31.Dockerfile => _fedora_31.Dockerfile} (100%)
 rename test/{fedora_32.Dockerfile => _fedora_32.Dockerfile} (100%)
 rename test/{ubuntu_16.Dockerfile => _ubuntu_16.Dockerfile} (92%)
 rename test/{ubuntu_18.Dockerfile => _ubuntu_18.Dockerfile} (100%)
 rename test/{ubuntu_20.Dockerfile => _ubuntu_20.Dockerfile} (100%)
 rename requirements.txt => test/requirements.txt (100%)
 rename setup.py => test/setup.py (100%)
 delete mode 100644 test/test_000_build_containers.py
 create mode 100644 test/test_centos_7_support.py
 create mode 100644 test/test_centos_8_support.py
 create mode 100644 test/test_centos_common_support.py
 create mode 100644 test/test_centos_fedora_common_support.py
 delete mode 100644 test/test_centos_fedora_support.py
 create mode 100644 test/test_fedora_support.py
 delete mode 100644 test/test_shellcheck.py
 create mode 100644 test/tox.centos_7.ini
 create mode 100644 test/tox.centos_8.ini
 create mode 100644 test/tox.debian_10.ini
 create mode 100644 test/tox.debian_9.ini
 create mode 100644 test/tox.fedora_31.ini
 create mode 100644 test/tox.fedora_32.ini
 create mode 100644 test/tox.ubuntu_16.ini
 create mode 100644 test/tox.ubuntu_18.ini
 create mode 100644 test/tox.ubuntu_20.ini
 delete mode 100644 tox.ini

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
new file mode 100644
index 00000000..9145e8a5
--- /dev/null
+++ b/.github/workflows/test.yml
@@ -0,0 +1,25 @@
+name: Test Supported Distributions
+
+on:
+  pull_request:
+    types: [opened, synchronize, reopened, ready_for_review]
+
+jobs:
+  distro-test:
+    if: github.event.pull_request.draft == false
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        distro: [debian_9, debian_10, ubuntu_16, ubuntu_18, ubuntu_20, centos_7, centos_8, fedora_31, fedora_32]        
+    env:
+      DISTRO: ${{matrix.distro}}     
+    steps:  
+    - uses: actions/checkout@v1
+    - name: Set up Python 3.7
+      uses: actions/setup-python@v2
+      with:
+        python-version: 3.7
+    - name: Install dependencies
+      run: pip install -r test/requirements.txt
+    - name: Test with tox
+      run: tox -c test/tox.${DISTRO}.ini
diff --git a/.travis.yml b/.travis.yml
deleted file mode 100644
index 3d80ab6e..00000000
--- a/.travis.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-import:
-  - source: pi-hole/.github:/build-configs/core.yml@main
-    if: branch = master
-  - source: pi-hole/.github:/build-configs/core.yml@latest
-    if: branch != master
diff --git a/autotest b/autotest
deleted file mode 100755
index 3747cc0b..00000000
--- a/autotest
+++ /dev/null
@@ -1 +0,0 @@
-py.test -v -f test/
diff --git a/test/centos_7.Dockerfile b/test/_centos_7.Dockerfile
similarity index 100%
rename from test/centos_7.Dockerfile
rename to test/_centos_7.Dockerfile
diff --git a/test/centos_8.Dockerfile b/test/_centos_8.Dockerfile
similarity index 100%
rename from test/centos_8.Dockerfile
rename to test/_centos_8.Dockerfile
diff --git a/test/debian_10.Dockerfile b/test/_debian_10.Dockerfile
similarity index 100%
rename from test/debian_10.Dockerfile
rename to test/_debian_10.Dockerfile
diff --git a/test/debian_9.Dockerfile b/test/_debian_9.Dockerfile
similarity index 100%
rename from test/debian_9.Dockerfile
rename to test/_debian_9.Dockerfile
diff --git a/test/fedora_31.Dockerfile b/test/_fedora_31.Dockerfile
similarity index 100%
rename from test/fedora_31.Dockerfile
rename to test/_fedora_31.Dockerfile
diff --git a/test/fedora_32.Dockerfile b/test/_fedora_32.Dockerfile
similarity index 100%
rename from test/fedora_32.Dockerfile
rename to test/_fedora_32.Dockerfile
diff --git a/test/ubuntu_16.Dockerfile b/test/_ubuntu_16.Dockerfile
similarity index 92%
rename from test/ubuntu_16.Dockerfile
rename to test/_ubuntu_16.Dockerfile
index d1107082..a92bc6f6 100644
--- a/test/ubuntu_16.Dockerfile
+++ b/test/_ubuntu_16.Dockerfile
@@ -13,4 +13,4 @@ RUN true && \
 
 ENV PH_TEST true
 
-#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
+#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
\ No newline at end of file
diff --git a/test/ubuntu_18.Dockerfile b/test/_ubuntu_18.Dockerfile
similarity index 100%
rename from test/ubuntu_18.Dockerfile
rename to test/_ubuntu_18.Dockerfile
diff --git a/test/ubuntu_20.Dockerfile b/test/_ubuntu_20.Dockerfile
similarity index 100%
rename from test/ubuntu_20.Dockerfile
rename to test/_ubuntu_20.Dockerfile
diff --git a/test/conftest.py b/test/conftest.py
index cda861c1..aebf5173 100644
--- a/test/conftest.py
+++ b/test/conftest.py
@@ -70,15 +70,7 @@ def args(request):
 
 
 @pytest.fixture(params=[
-    'debian_9',
-    'debian_10',
-    'centos_7',
-    'centos_8',
-    'fedora_31',
-    'fedora_32',
-    'ubuntu_16',
-    'ubuntu_18',
-    'ubuntu_20'
+    'test_container'
 ])
 def tag(request):
     '''
@@ -161,4 +153,4 @@ def mock_command_2(script, args, container):
 def run_script(Pihole, script):
     result = Pihole.run(script)
     assert result.rc == 0
-    return result
+    return result
\ No newline at end of file
diff --git a/requirements.txt b/test/requirements.txt
similarity index 100%
rename from requirements.txt
rename to test/requirements.txt
diff --git a/setup.py b/test/setup.py
similarity index 100%
rename from setup.py
rename to test/setup.py
diff --git a/test/test_000_build_containers.py b/test/test_000_build_containers.py
deleted file mode 100644
index 3033249f..00000000
--- a/test/test_000_build_containers.py
+++ /dev/null
@@ -1,29 +0,0 @@
-''' This file starts with 000 to make it run first '''
-import pytest
-import testinfra
-
-run_local = testinfra.get_backend(
-    "local://"
-).get_module("Command").run
-
-
-@pytest.mark.parametrize("image,tag", [
-    ('test/debian_9.Dockerfile', 'pytest_pihole:debian_9'),
-    ('test/debian_10.Dockerfile', 'pytest_pihole:debian_10'),
-    ('test/centos_7.Dockerfile', 'pytest_pihole:centos_7'),
-    ('test/centos_8.Dockerfile', 'pytest_pihole:centos_8'),
-    ('test/fedora_31.Dockerfile', 'pytest_pihole:fedora_31'),
-    ('test/fedora_32.Dockerfile', 'pytest_pihole:fedora_32'),
-    ('test/ubuntu_16.Dockerfile', 'pytest_pihole:ubuntu_16'),
-    ('test/ubuntu_18.Dockerfile', 'pytest_pihole:ubuntu_18'),
-    ('test/ubuntu_20.Dockerfile', 'pytest_pihole:ubuntu_20'),
-])
-# mark as 'build_stage' so we can ensure images are built first when tests
-# are executed in parallel. (not required when tests are executed serially)
-@pytest.mark.build_stage
-def test_build_pihole_image(image, tag):
-    build_cmd = run_local('docker build -f {} -t {} .'.format(image, tag))
-    if build_cmd.rc != 0:
-        print(build_cmd.stdout)
-        print(build_cmd.stderr)
-    assert build_cmd.rc == 0
diff --git a/test/test_centos_7_support.py b/test/test_centos_7_support.py
new file mode 100644
index 00000000..78cc6070
--- /dev/null
+++ b/test/test_centos_7_support.py
@@ -0,0 +1,62 @@
+import pytest
+from .conftest import (
+    tick_box,
+    info_box,
+    cross_box,
+    mock_command,
+)
+
+
+def test_php_upgrade_default_optout_centos_eq_7(Pihole):
+    '''
+    confirms the default behavior to opt-out of installing PHP7 from REMI
+    '''
+    distro_check = Pihole.run('''
+    source /opt/pihole/basic-install.sh
+    distro_check
+    ''')
+    expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
+                                  'Deprecated PHP may be in use.')
+    assert expected_stdout in distro_check.stdout
+    remi_package = Pihole.package('remi-release')
+    assert not remi_package.is_installed
+
+
+def test_php_upgrade_user_optout_centos_eq_7(Pihole):
+    '''
+    confirms installer behavior when user opt-out of installing PHP7 from REMI
+    (php not currently installed)
+    '''
+    # Whiptail dialog returns Cancel for user prompt
+    mock_command('whiptail', {'*': ('', '1')}, Pihole)
+    distro_check = Pihole.run('''
+    source /opt/pihole/basic-install.sh
+    distro_check
+    ''')
+    expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
+                                  'Deprecated PHP may be in use.')
+    assert expected_stdout in distro_check.stdout
+    remi_package = Pihole.package('remi-release')
+    assert not remi_package.is_installed
+
+
+def test_php_upgrade_user_optin_centos_eq_7(Pihole):
+    '''
+    confirms installer behavior when user opt-in to installing PHP7 from REMI
+    (php not currently installed)
+    '''
+    # Whiptail dialog returns Continue for user prompt
+    mock_command('whiptail', {'*': ('', '0')}, Pihole)
+    distro_check = Pihole.run('''
+    source /opt/pihole/basic-install.sh
+    distro_check
+    ''')
+    assert 'opt-out' not in distro_check.stdout
+    expected_stdout = info_box + (' Enabling Remi\'s RPM repository '
+                                  '(https://rpms.remirepo.net)')
+    assert expected_stdout in distro_check.stdout
+    expected_stdout = tick_box + (' Remi\'s RPM repository has '
+                                  'been enabled for PHP7')
+    assert expected_stdout in distro_check.stdout
+    remi_package = Pihole.package('remi-release')
+    assert remi_package.is_installed
diff --git a/test/test_centos_8_support.py b/test/test_centos_8_support.py
new file mode 100644
index 00000000..899cff2f
--- /dev/null
+++ b/test/test_centos_8_support.py
@@ -0,0 +1,67 @@
+import pytest
+from .conftest import (
+    tick_box,
+    info_box,
+    cross_box,
+    mock_command,
+)
+
+
+def test_php_upgrade_default_continue_centos_gte_8(Pihole):
+    '''
+    confirms the latest version of CentOS continues / does not optout
+    (should trigger on CentOS7 only)
+    '''
+    distro_check = Pihole.run('''
+    source /opt/pihole/basic-install.sh
+    distro_check
+    ''')
+    unexpected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS.'
+                                    ' Deprecated PHP may be in use.')
+    assert unexpected_stdout not in distro_check.stdout
+    # ensure remi was not installed on latest CentOS
+    remi_package = Pihole.package('remi-release')
+    assert not remi_package.is_installed
+
+
+def test_php_upgrade_user_optout_skipped_centos_gte_8(Pihole):
+    '''
+    confirms installer skips user opt-out of installing PHP7 from REMI on
+    latest CentOS (should trigger on CentOS7 only)
+    (php not currently installed)
+    '''
+    # Whiptail dialog returns Cancel for user prompt
+    mock_command('whiptail', {'*': ('', '1')}, Pihole)
+    distro_check = Pihole.run('''
+    source /opt/pihole/basic-install.sh
+    distro_check
+    ''')
+    unexpected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS.'
+                                    ' Deprecated PHP may be in use.')
+    assert unexpected_stdout not in distro_check.stdout
+    # ensure remi was not installed on latest CentOS
+    remi_package = Pihole.package('remi-release')
+    assert not remi_package.is_installed
+
+
+def test_php_upgrade_user_optin_skipped_centos_gte_8(Pihole):
+    '''
+    confirms installer skips user opt-in to installing PHP7 from REMI on
+    latest CentOS (should trigger on CentOS7 only)
+    (php not currently installed)
+    '''
+    # Whiptail dialog returns Continue for user prompt
+    mock_command('whiptail', {'*': ('', '0')}, Pihole)
+    distro_check = Pihole.run('''
+    source /opt/pihole/basic-install.sh
+    distro_check
+    ''')
+    assert 'opt-out' not in distro_check.stdout
+    unexpected_stdout = info_box + (' Enabling Remi\'s RPM repository '
+                                    '(https://rpms.remirepo.net)')
+    assert unexpected_stdout not in distro_check.stdout
+    unexpected_stdout = tick_box + (' Remi\'s RPM repository has '
+                                    'been enabled for PHP7')
+    assert unexpected_stdout not in distro_check.stdout
+    remi_package = Pihole.package('remi-release')
+    assert not remi_package.is_installed
diff --git a/test/test_centos_common_support.py b/test/test_centos_common_support.py
new file mode 100644
index 00000000..4490f220
--- /dev/null
+++ b/test/test_centos_common_support.py
@@ -0,0 +1,120 @@
+import pytest
+from .conftest import (
+    tick_box,
+    info_box,
+    cross_box,
+    mock_command,
+)
+
+
+def test_release_supported_version_check_centos(Pihole):
+    '''
+    confirms installer exits on unsupported releases of CentOS
+    '''
+    # modify /etc/redhat-release to mock an unsupported CentOS release
+    Pihole.run('echo "CentOS Linux release 6.9" > /etc/redhat-release')
+    distro_check = Pihole.run('''
+    source /opt/pihole/basic-install.sh
+    distro_check
+    ''')
+    expected_stdout = cross_box + (' CentOS 6 is not supported.')
+    assert expected_stdout in distro_check.stdout
+    expected_stdout = 'Please update to CentOS release 7 or later'
+    assert expected_stdout in distro_check.stdout
+
+
+def test_enable_epel_repository_centos(Pihole):
+    '''
+    confirms the EPEL package repository is enabled when installed on CentOS
+    '''
+    distro_check = Pihole.run('''
+    source /opt/pihole/basic-install.sh
+    distro_check
+    ''')
+    expected_stdout = info_box + (' Enabling EPEL package repository '
+                                  '(https://fedoraproject.org/wiki/EPEL)')
+    assert expected_stdout in distro_check.stdout
+    expected_stdout = tick_box + ' Installed epel-release'
+    assert expected_stdout in distro_check.stdout
+    epel_package = Pihole.package('epel-release')
+    assert epel_package.is_installed
+
+
+def test_php_version_lt_7_detected_upgrade_default_optout_centos(Pihole):
+    '''
+    confirms the default behavior to opt-out of upgrading to PHP7 from REMI
+    '''
+    # first we will install the default php version to test installer behavior
+    php_install = Pihole.run('yum install -y php')
+    assert php_install.rc == 0
+    php_package = Pihole.package('php')
+    default_centos_php_version = php_package.version.split('.')[0]
+    if int(default_centos_php_version) >= 7:  # PHP7 is supported/recommended
+        pytest.skip("Test deprecated . Detected default PHP version >= 7")
+    distro_check = Pihole.run('''
+    source /opt/pihole/basic-install.sh
+    distro_check
+    ''')
+    expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
+                                  'Deprecated PHP may be in use.')
+    assert expected_stdout in distro_check.stdout
+    remi_package = Pihole.package('remi-release')
+    assert not remi_package.is_installed
+
+
+def test_php_version_lt_7_detected_upgrade_user_optout_centos(Pihole):
+    '''
+    confirms installer behavior when user opt-out to upgrade to PHP7 via REMI
+    '''
+    # first we will install the default php version to test installer behavior
+    php_install = Pihole.run('yum install -y php')
+    assert php_install.rc == 0
+    php_package = Pihole.package('php')
+    default_centos_php_version = php_package.version.split('.')[0]
+    if int(default_centos_php_version) >= 7:  # PHP7 is supported/recommended
+        pytest.skip("Test deprecated . Detected default PHP version >= 7")
+    # Whiptail dialog returns Cancel for user prompt
+    mock_command('whiptail', {'*': ('', '1')}, Pihole)
+    distro_check = Pihole.run('''
+    source /opt/pihole/basic-install.sh
+    distro_check
+    ''')
+    expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
+                                  'Deprecated PHP may be in use.')
+    assert expected_stdout in distro_check.stdout
+    remi_package = Pihole.package('remi-release')
+    assert not remi_package.is_installed
+
+
+def test_php_version_lt_7_detected_upgrade_user_optin_centos(Pihole):
+    '''
+    confirms installer behavior when user opt-in to upgrade to PHP7 via REMI
+    '''
+    # first we will install the default php version to test installer behavior
+    php_install = Pihole.run('yum install -y php')
+    assert php_install.rc == 0
+    php_package = Pihole.package('php')
+    default_centos_php_version = php_package.version.split('.')[0]
+    if int(default_centos_php_version) >= 7:  # PHP7 is supported/recommended
+        pytest.skip("Test deprecated . Detected default PHP version >= 7")
+    # Whiptail dialog returns Continue for user prompt
+    mock_command('whiptail', {'*': ('', '0')}, Pihole)
+    distro_check = Pihole.run('''
+    source /opt/pihole/basic-install.sh
+    distro_check
+    install_dependent_packages PIHOLE_WEB_DEPS[@]
+    ''')
+    expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
+                                  'Deprecated PHP may be in use.')
+    assert expected_stdout not in distro_check.stdout
+    expected_stdout = info_box + (' Enabling Remi\'s RPM repository '
+                                  '(https://rpms.remirepo.net)')
+    assert expected_stdout in distro_check.stdout
+    expected_stdout = tick_box + (' Remi\'s RPM repository has '
+                                  'been enabled for PHP7')
+    assert expected_stdout in distro_check.stdout
+    remi_package = Pihole.package('remi-release')
+    assert remi_package.is_installed
+    updated_php_package = Pihole.package('php')
+    updated_php_version = updated_php_package.version.split('.')[0]
+    assert int(updated_php_version) == 7
\ No newline at end of file
diff --git a/test/test_centos_fedora_common_support.py b/test/test_centos_fedora_common_support.py
new file mode 100644
index 00000000..7338f0fc
--- /dev/null
+++ b/test/test_centos_fedora_common_support.py
@@ -0,0 +1,66 @@
+import pytest
+from .conftest import (
+    tick_box,
+    info_box,
+    cross_box,
+    mock_command,
+)
+
+
+def mock_selinux_config(state, Pihole):
+    '''
+    Creates a mock SELinux config file with expected content
+    '''
+    # validate state string
+    valid_states = ['enforcing', 'permissive', 'disabled']
+    assert state in valid_states
+    # getenforce returns the running state of SELinux
+    mock_command('getenforce', {'*': (state.capitalize(), '0')}, Pihole)
+    # create mock configuration with desired content
+    Pihole.run('''
+    mkdir /etc/selinux
+    echo "SELINUX={state}" > /etc/selinux/config
+    '''.format(state=state.lower()))
+
+
+def test_selinux_enforcing_exit(Pihole):
+    '''
+    confirms installer prompts to exit when SELinux is Enforcing by default
+    '''
+    mock_selinux_config("enforcing", Pihole)
+    check_selinux = Pihole.run('''
+    source /opt/pihole/basic-install.sh
+    checkSelinux
+    ''')
+    expected_stdout = cross_box + ' Current SELinux: Enforcing'
+    assert expected_stdout in check_selinux.stdout
+    expected_stdout = 'SELinux Enforcing detected, exiting installer'
+    assert expected_stdout in check_selinux.stdout
+    assert check_selinux.rc == 1
+
+
+def test_selinux_permissive(Pihole):
+    '''
+    confirms installer continues when SELinux is Permissive
+    '''
+    mock_selinux_config("permissive", Pihole)
+    check_selinux = Pihole.run('''
+    source /opt/pihole/basic-install.sh
+    checkSelinux
+    ''')
+    expected_stdout = tick_box + ' Current SELinux: Permissive'
+    assert expected_stdout in check_selinux.stdout
+    assert check_selinux.rc == 0
+
+def test_selinux_disabled(Pihole):
+    '''
+    confirms installer continues when SELinux is Disabled
+    '''
+    mock_selinux_config("disabled", Pihole)
+    check_selinux = Pihole.run('''
+    source /opt/pihole/basic-install.sh
+    checkSelinux
+    ''')
+    expected_stdout = tick_box + ' Current SELinux: Disabled'
+    assert expected_stdout in check_selinux.stdout
+    assert check_selinux.rc == 0
diff --git a/test/test_centos_fedora_support.py b/test/test_centos_fedora_support.py
deleted file mode 100644
index 8dd0ee5f..00000000
--- a/test/test_centos_fedora_support.py
+++ /dev/null
@@ -1,327 +0,0 @@
-import pytest
-from .conftest import (
-    tick_box,
-    info_box,
-    cross_box,
-    mock_command,
-)
-
-
-def mock_selinux_config(state, Pihole):
-    '''
-    Creates a mock SELinux config file with expected content
-    '''
-    # validate state string
-    valid_states = ['enforcing', 'permissive', 'disabled']
-    assert state in valid_states
-    # getenforce returns the running state of SELinux
-    mock_command('getenforce', {'*': (state.capitalize(), '0')}, Pihole)
-    # create mock configuration with desired content
-    Pihole.run('''
-    mkdir /etc/selinux
-    echo "SELINUX={state}" > /etc/selinux/config
-    '''.format(state=state.lower()))
-
-
-@pytest.mark.parametrize("tag", [('centos_7'), ('centos_8'), ('fedora_31'), ('fedora_32'), ])
-def test_selinux_enforcing_exit(Pihole):
-    '''
-    confirms installer prompts to exit when SELinux is Enforcing by default
-    '''
-    mock_selinux_config("enforcing", Pihole)
-    check_selinux = Pihole.run('''
-    source /opt/pihole/basic-install.sh
-    checkSelinux
-    ''')
-    expected_stdout = cross_box + ' Current SELinux: Enforcing'
-    assert expected_stdout in check_selinux.stdout
-    expected_stdout = 'SELinux Enforcing detected, exiting installer'
-    assert expected_stdout in check_selinux.stdout
-    assert check_selinux.rc == 1
-
-
-@pytest.mark.parametrize("tag", [('centos_7'), ('centos_8'), ('fedora_31'), ('fedora_32'), ])
-def test_selinux_permissive(Pihole):
-    '''
-    confirms installer continues when SELinux is Permissive
-    '''
-    mock_selinux_config("permissive", Pihole)
-    check_selinux = Pihole.run('''
-    source /opt/pihole/basic-install.sh
-    checkSelinux
-    ''')
-    expected_stdout = tick_box + ' Current SELinux: Permissive'
-    assert expected_stdout in check_selinux.stdout
-    assert check_selinux.rc == 0
-
-
-@pytest.mark.parametrize("tag", [('centos_7'), ('centos_8'), ('fedora_31'), ('fedora_32'), ])
-def test_selinux_disabled(Pihole):
-    '''
-    confirms installer continues when SELinux is Disabled
-    '''
-    mock_selinux_config("disabled", Pihole)
-    check_selinux = Pihole.run('''
-    source /opt/pihole/basic-install.sh
-    checkSelinux
-    ''')
-    expected_stdout = tick_box + ' Current SELinux: Disabled'
-    assert expected_stdout in check_selinux.stdout
-    assert check_selinux.rc == 0
-
-
-@pytest.mark.parametrize("tag", [('fedora_31'), ('fedora_32'), ])
-def test_epel_and_remi_not_installed_fedora(Pihole):
-    '''
-    confirms installer does not attempt to install EPEL/REMI repositories
-    on Fedora
-    '''
-    distro_check = Pihole.run('''
-    source /opt/pihole/basic-install.sh
-    distro_check
-    ''')
-    assert distro_check.stdout == ''
-
-    epel_package = Pihole.package('epel-release')
-    assert not epel_package.is_installed
-    remi_package = Pihole.package('remi-release')
-    assert not remi_package.is_installed
-
-
-@pytest.mark.parametrize("tag", [('centos_7'), ('centos_8'), ])
-def test_release_supported_version_check_centos(Pihole):
-    '''
-    confirms installer exits on unsupported releases of CentOS
-    '''
-    # modify /etc/redhat-release to mock an unsupported CentOS release
-    Pihole.run('echo "CentOS Linux release 6.9" > /etc/redhat-release')
-    distro_check = Pihole.run('''
-    source /opt/pihole/basic-install.sh
-    distro_check
-    ''')
-    expected_stdout = cross_box + (' CentOS 6 is not supported.')
-    assert expected_stdout in distro_check.stdout
-    expected_stdout = 'Please update to CentOS release 7 or later'
-    assert expected_stdout in distro_check.stdout
-
-
-@pytest.mark.parametrize("tag", [('centos_7'), ('centos_8'), ])
-def test_enable_epel_repository_centos(Pihole):
-    '''
-    confirms the EPEL package repository is enabled when installed on CentOS
-    '''
-    distro_check = Pihole.run('''
-    source /opt/pihole/basic-install.sh
-    distro_check
-    ''')
-    expected_stdout = info_box + (' Enabling EPEL package repository '
-                                  '(https://fedoraproject.org/wiki/EPEL)')
-    assert expected_stdout in distro_check.stdout
-    expected_stdout = tick_box + ' Installed epel-release'
-    assert expected_stdout in distro_check.stdout
-    epel_package = Pihole.package('epel-release')
-    assert epel_package.is_installed
-
-
-@pytest.mark.parametrize("tag", [('centos_7'), ])
-def test_php_upgrade_default_optout_centos_eq_7(Pihole):
-    '''
-    confirms the default behavior to opt-out of installing PHP7 from REMI
-    '''
-    distro_check = Pihole.run('''
-    source /opt/pihole/basic-install.sh
-    distro_check
-    ''')
-    expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
-                                  'Deprecated PHP may be in use.')
-    assert expected_stdout in distro_check.stdout
-    remi_package = Pihole.package('remi-release')
-    assert not remi_package.is_installed
-
-
-@pytest.mark.parametrize("tag", [('centos_8'), ])
-def test_php_upgrade_default_continue_centos_gte_8(Pihole):
-    '''
-    confirms the latest version of CentOS continues / does not optout
-    (should trigger on CentOS7 only)
-    '''
-    distro_check = Pihole.run('''
-    source /opt/pihole/basic-install.sh
-    distro_check
-    ''')
-    unexpected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS.'
-                                    ' Deprecated PHP may be in use.')
-    assert unexpected_stdout not in distro_check.stdout
-    # ensure remi was not installed on latest CentOS
-    remi_package = Pihole.package('remi-release')
-    assert not remi_package.is_installed
-
-
-@pytest.mark.parametrize("tag", [('centos_7'), ])
-def test_php_upgrade_user_optout_centos_eq_7(Pihole):
-    '''
-    confirms installer behavior when user opt-out of installing PHP7 from REMI
-    (php not currently installed)
-    '''
-    # Whiptail dialog returns Cancel for user prompt
-    mock_command('whiptail', {'*': ('', '1')}, Pihole)
-    distro_check = Pihole.run('''
-    source /opt/pihole/basic-install.sh
-    distro_check
-    ''')
-    expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
-                                  'Deprecated PHP may be in use.')
-    assert expected_stdout in distro_check.stdout
-    remi_package = Pihole.package('remi-release')
-    assert not remi_package.is_installed
-
-
-@pytest.mark.parametrize("tag", [('centos_8'), ])
-def test_php_upgrade_user_optout_skipped_centos_gte_8(Pihole):
-    '''
-    confirms installer skips user opt-out of installing PHP7 from REMI on
-    latest CentOS (should trigger on CentOS7 only)
-    (php not currently installed)
-    '''
-    # Whiptail dialog returns Cancel for user prompt
-    mock_command('whiptail', {'*': ('', '1')}, Pihole)
-    distro_check = Pihole.run('''
-    source /opt/pihole/basic-install.sh
-    distro_check
-    ''')
-    unexpected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS.'
-                                    ' Deprecated PHP may be in use.')
-    assert unexpected_stdout not in distro_check.stdout
-    # ensure remi was not installed on latest CentOS
-    remi_package = Pihole.package('remi-release')
-    assert not remi_package.is_installed
-
-
-@pytest.mark.parametrize("tag", [('centos_7'), ])
-def test_php_upgrade_user_optin_centos_eq_7(Pihole):
-    '''
-    confirms installer behavior when user opt-in to installing PHP7 from REMI
-    (php not currently installed)
-    '''
-    # Whiptail dialog returns Continue for user prompt
-    mock_command('whiptail', {'*': ('', '0')}, Pihole)
-    distro_check = Pihole.run('''
-    source /opt/pihole/basic-install.sh
-    distro_check
-    ''')
-    assert 'opt-out' not in distro_check.stdout
-    expected_stdout = info_box + (' Enabling Remi\'s RPM repository '
-                                  '(https://rpms.remirepo.net)')
-    assert expected_stdout in distro_check.stdout
-    expected_stdout = tick_box + (' Remi\'s RPM repository has '
-                                  'been enabled for PHP7')
-    assert expected_stdout in distro_check.stdout
-    remi_package = Pihole.package('remi-release')
-    assert remi_package.is_installed
-
-
-@pytest.mark.parametrize("tag", [('centos_8'), ])
-def test_php_upgrade_user_optin_skipped_centos_gte_8(Pihole):
-    '''
-    confirms installer skips user opt-in to installing PHP7 from REMI on
-    latest CentOS (should trigger on CentOS7 only)
-    (php not currently installed)
-    '''
-    # Whiptail dialog returns Continue for user prompt
-    mock_command('whiptail', {'*': ('', '0')}, Pihole)
-    distro_check = Pihole.run('''
-    source /opt/pihole/basic-install.sh
-    distro_check
-    ''')
-    assert 'opt-out' not in distro_check.stdout
-    unexpected_stdout = info_box + (' Enabling Remi\'s RPM repository '
-                                    '(https://rpms.remirepo.net)')
-    assert unexpected_stdout not in distro_check.stdout
-    unexpected_stdout = tick_box + (' Remi\'s RPM repository has '
-                                    'been enabled for PHP7')
-    assert unexpected_stdout not in distro_check.stdout
-    remi_package = Pihole.package('remi-release')
-    assert not remi_package.is_installed
-
-
-@pytest.mark.parametrize("tag", [('centos_7'), ('centos_8'), ])
-def test_php_version_lt_7_detected_upgrade_default_optout_centos(Pihole):
-    '''
-    confirms the default behavior to opt-out of upgrading to PHP7 from REMI
-    '''
-    # first we will install the default php version to test installer behavior
-    php_install = Pihole.run('yum install -y php')
-    assert php_install.rc == 0
-    php_package = Pihole.package('php')
-    default_centos_php_version = php_package.version.split('.')[0]
-    if int(default_centos_php_version) >= 7:  # PHP7 is supported/recommended
-        pytest.skip("Test deprecated . Detected default PHP version >= 7")
-    distro_check = Pihole.run('''
-    source /opt/pihole/basic-install.sh
-    distro_check
-    ''')
-    expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
-                                  'Deprecated PHP may be in use.')
-    assert expected_stdout in distro_check.stdout
-    remi_package = Pihole.package('remi-release')
-    assert not remi_package.is_installed
-
-
-@pytest.mark.parametrize("tag", [('centos_7'), ('centos_8'), ])
-def test_php_version_lt_7_detected_upgrade_user_optout_centos(Pihole):
-    '''
-    confirms installer behavior when user opt-out to upgrade to PHP7 via REMI
-    '''
-    # first we will install the default php version to test installer behavior
-    php_install = Pihole.run('yum install -y php')
-    assert php_install.rc == 0
-    php_package = Pihole.package('php')
-    default_centos_php_version = php_package.version.split('.')[0]
-    if int(default_centos_php_version) >= 7:  # PHP7 is supported/recommended
-        pytest.skip("Test deprecated . Detected default PHP version >= 7")
-    # Whiptail dialog returns Cancel for user prompt
-    mock_command('whiptail', {'*': ('', '1')}, Pihole)
-    distro_check = Pihole.run('''
-    source /opt/pihole/basic-install.sh
-    distro_check
-    ''')
-    expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
-                                  'Deprecated PHP may be in use.')
-    assert expected_stdout in distro_check.stdout
-    remi_package = Pihole.package('remi-release')
-    assert not remi_package.is_installed
-
-
-@pytest.mark.parametrize("tag", [('centos_7'), ('centos_8'), ])
-def test_php_version_lt_7_detected_upgrade_user_optin_centos(Pihole):
-    '''
-    confirms installer behavior when user opt-in to upgrade to PHP7 via REMI
-    '''
-    # first we will install the default php version to test installer behavior
-    php_install = Pihole.run('yum install -y php')
-    assert php_install.rc == 0
-    php_package = Pihole.package('php')
-    default_centos_php_version = php_package.version.split('.')[0]
-    if int(default_centos_php_version) >= 7:  # PHP7 is supported/recommended
-        pytest.skip("Test deprecated . Detected default PHP version >= 7")
-    # Whiptail dialog returns Continue for user prompt
-    mock_command('whiptail', {'*': ('', '0')}, Pihole)
-    distro_check = Pihole.run('''
-    source /opt/pihole/basic-install.sh
-    distro_check
-    install_dependent_packages PIHOLE_WEB_DEPS[@]
-    ''')
-    expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
-                                  'Deprecated PHP may be in use.')
-    assert expected_stdout not in distro_check.stdout
-    expected_stdout = info_box + (' Enabling Remi\'s RPM repository '
-                                  '(https://rpms.remirepo.net)')
-    assert expected_stdout in distro_check.stdout
-    expected_stdout = tick_box + (' Remi\'s RPM repository has '
-                                  'been enabled for PHP7')
-    assert expected_stdout in distro_check.stdout
-    remi_package = Pihole.package('remi-release')
-    assert remi_package.is_installed
-    updated_php_package = Pihole.package('php')
-    updated_php_version = updated_php_package.version.split('.')[0]
-    assert int(updated_php_version) == 7
diff --git a/test/test_fedora_support.py b/test/test_fedora_support.py
new file mode 100644
index 00000000..a5823883
--- /dev/null
+++ b/test/test_fedora_support.py
@@ -0,0 +1,24 @@
+import pytest
+from .conftest import (
+    tick_box,
+    info_box,
+    cross_box,
+    mock_command,
+)
+
+
+def test_epel_and_remi_not_installed_fedora(Pihole):
+    '''
+    confirms installer does not attempt to install EPEL/REMI repositories
+    on Fedora
+    '''
+    distro_check = Pihole.run('''
+    source /opt/pihole/basic-install.sh
+    distro_check
+    ''')
+    assert distro_check.stdout == ''
+
+    epel_package = Pihole.package('epel-release')
+    assert not epel_package.is_installed
+    remi_package = Pihole.package('remi-release')
+    assert not remi_package.is_installed
diff --git a/test/test_shellcheck.py b/test/test_shellcheck.py
deleted file mode 100644
index 919ad2b9..00000000
--- a/test/test_shellcheck.py
+++ /dev/null
@@ -1,18 +0,0 @@
-import testinfra
-
-run_local = testinfra.get_backend(
-    "local://"
-).get_module("Command").run
-
-
-def test_scripts_pass_shellcheck():
-    '''
-    Make sure shellcheck does not find anything wrong with our shell scripts
-    '''
-    shellcheck = ("find . -type f -name 'update.sh' "
-                  "| while read file; do "
-                  "shellcheck -x \"$file\" -e SC1090,SC1091; "
-                  "done;")
-    results = run_local(shellcheck)
-    print(results.stdout)
-    assert '' == results.stdout
diff --git a/test/tox.centos_7.ini b/test/tox.centos_7.ini
new file mode 100644
index 00000000..c2752698
--- /dev/null
+++ b/test/tox.centos_7.ini
@@ -0,0 +1,8 @@
+[tox]
+envlist = py37
+
+[testenv]
+whitelist_externals = docker
+deps = -rrequirements.txt
+commands = docker build -f _centos_7.Dockerfile -t pytest_pihole:test_container ../
+           pytest {posargs:-vv -n auto} ./test_automated_install.py ./test_centos_fedora_common_support.py ./test_centos_common_support.py ./test_centos_7_support.py
diff --git a/test/tox.centos_8.ini b/test/tox.centos_8.ini
new file mode 100644
index 00000000..c8852bae
--- /dev/null
+++ b/test/tox.centos_8.ini
@@ -0,0 +1,8 @@
+[tox]
+envlist = py37
+
+[testenv]
+whitelist_externals = docker
+deps = -rrequirements.txt
+commands = docker build -f _centos_8.Dockerfile -t pytest_pihole:test_container ../
+           pytest {posargs:-vv -n auto} ./test_automated_install.py ./test_centos_fedora_common_support.py ./test_centos_common_support.py ./test_centos_8_support.py
diff --git a/test/tox.debian_10.ini b/test/tox.debian_10.ini
new file mode 100644
index 00000000..e8c5d746
--- /dev/null
+++ b/test/tox.debian_10.ini
@@ -0,0 +1,8 @@
+[tox]
+envlist = py37
+
+[testenv]
+whitelist_externals = docker
+deps = -rrequirements.txt
+commands = docker build -f _debian_10.Dockerfile -t pytest_pihole:test_container ../
+           pytest {posargs:-vv -n auto} ./test_automated_install.py
diff --git a/test/tox.debian_9.ini b/test/tox.debian_9.ini
new file mode 100644
index 00000000..b33e9927
--- /dev/null
+++ b/test/tox.debian_9.ini
@@ -0,0 +1,8 @@
+[tox]
+envlist = py37
+
+[testenv]
+whitelist_externals = docker
+deps = -rrequirements.txt
+commands = docker build -f _debian_9.Dockerfile -t pytest_pihole:test_container ../
+           pytest {posargs:-vv -n auto} ./test_automated_install.py
diff --git a/test/tox.fedora_31.ini b/test/tox.fedora_31.ini
new file mode 100644
index 00000000..36ab10ad
--- /dev/null
+++ b/test/tox.fedora_31.ini
@@ -0,0 +1,8 @@
+[tox]
+envlist = py37
+
+[testenv]
+whitelist_externals = docker
+deps = -rrequirements.txt
+commands = docker build -f _fedora_31.Dockerfile -t pytest_pihole:test_container ../
+           pytest {posargs:-vv -n auto} ./test_automated_install.py ./test_centos_fedora_common_support.py ./test_fedora_support.py
diff --git a/test/tox.fedora_32.ini b/test/tox.fedora_32.ini
new file mode 100644
index 00000000..c68e0757
--- /dev/null
+++ b/test/tox.fedora_32.ini
@@ -0,0 +1,8 @@
+[tox]
+envlist = py37
+
+[testenv]
+whitelist_externals = docker
+deps = -rrequirements.txt
+commands = docker build -f _fedora_32.Dockerfile -t pytest_pihole:test_container ../
+           pytest {posargs:-vv -n auto} ./test_automated_install.py ./test_centos_fedora_common_support.py ./test_fedora_support.py
diff --git a/test/tox.ubuntu_16.ini b/test/tox.ubuntu_16.ini
new file mode 100644
index 00000000..6f484b6b
--- /dev/null
+++ b/test/tox.ubuntu_16.ini
@@ -0,0 +1,8 @@
+[tox]
+envlist = py37
+
+[testenv]
+whitelist_externals = docker
+deps = -rrequirements.txt
+commands = docker build -f _ubuntu_16.Dockerfile -t pytest_pihole:test_container ../
+           pytest {posargs:-vv -n auto} ./test_automated_install.py
diff --git a/test/tox.ubuntu_18.ini b/test/tox.ubuntu_18.ini
new file mode 100644
index 00000000..10d4ac09
--- /dev/null
+++ b/test/tox.ubuntu_18.ini
@@ -0,0 +1,8 @@
+[tox]
+envlist = py37
+
+[testenv]
+whitelist_externals = docker
+deps = -rrequirements.txt
+commands = docker build -f _ubuntu_18.Dockerfile -t pytest_pihole:test_container ../
+           pytest {posargs:-vv -n auto} ./test_automated_install.py
diff --git a/test/tox.ubuntu_20.ini b/test/tox.ubuntu_20.ini
new file mode 100644
index 00000000..8b405b28
--- /dev/null
+++ b/test/tox.ubuntu_20.ini
@@ -0,0 +1,8 @@
+[tox]
+envlist = py37
+
+[testenv]
+whitelist_externals = docker
+deps = -rrequirements.txt
+commands = docker build -f _ubuntu_20.Dockerfile -t pytest_pihole:test_container ../
+           pytest {posargs:-vv -n auto} ./test_automated_install.py
diff --git a/tox.ini b/tox.ini
deleted file mode 100644
index 1142aea8..00000000
--- a/tox.ini
+++ /dev/null
@@ -1,16 +0,0 @@
-[tox]
-envlist = py37
-
-[testenv]
-whitelist_externals = docker
-deps = -rrequirements.txt
-commands = docker build -f test/debian_9.Dockerfile -t pytest_pihole:debian_9 .
-           docker build -f test/debian_10.Dockerfile -t pytest_pihole:debian_10 .
-           docker build -f test/centos_7.Dockerfile -t pytest_pihole:centos_7 .
-           docker build -f test/centos_8.Dockerfile -t pytest_pihole:centos_8 .           
-           docker build -f test/fedora_31.Dockerfile -t pytest_pihole:fedora_31 .
-           docker build -f test/fedora_32.Dockerfile -t pytest_pihole:fedora_32 .
-           docker build -f test/ubuntu_16.Dockerfile -t pytest_pihole:ubuntu_16 .
-           docker build -f test/ubuntu_18.Dockerfile -t pytest_pihole:ubuntu_18 .
-           docker build -f test/ubuntu_20.Dockerfile -t pytest_pihole:ubuntu_20 .
-           pytest {posargs:-vv -n auto} -m "not build_stage" ./test/

From 44d020a54c9a722619b7a56d089028b2cb0275f3 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Tue, 1 Dec 2020 10:09:16 +0000
Subject: [PATCH 154/297] Appease codefactor.io

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 .github/workflows/test.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 9145e8a5..8e19e550 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -10,10 +10,10 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        distro: [debian_9, debian_10, ubuntu_16, ubuntu_18, ubuntu_20, centos_7, centos_8, fedora_31, fedora_32]        
+        distro: [debian_9, debian_10, ubuntu_16, ubuntu_18, ubuntu_20, centos_7, centos_8, fedora_31, fedora_32]
     env:
-      DISTRO: ${{matrix.distro}}     
-    steps:  
+      DISTRO: ${{matrix.distro}}
+    steps:
     - uses: actions/checkout@v1
     - name: Set up Python 3.7
       uses: actions/setup-python@v2

From d1539335bca135470d3b5fd8039c6e7600c802c3 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Tue, 1 Dec 2020 10:13:36 +0000
Subject: [PATCH 155/297] appease stickler-ci

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 test/conftest.py                          | 2 +-
 test/test_centos_7_support.py             | 2 --
 test/test_centos_8_support.py             | 2 --
 test/test_centos_common_support.py        | 2 +-
 test/test_centos_fedora_common_support.py | 3 +--
 test/test_fedora_support.py               | 9 ---------
 6 files changed, 3 insertions(+), 17 deletions(-)

diff --git a/test/conftest.py b/test/conftest.py
index aebf5173..07166ec5 100644
--- a/test/conftest.py
+++ b/test/conftest.py
@@ -153,4 +153,4 @@ def mock_command_2(script, args, container):
 def run_script(Pihole, script):
     result = Pihole.run(script)
     assert result.rc == 0
-    return result
\ No newline at end of file
+    return result
diff --git a/test/test_centos_7_support.py b/test/test_centos_7_support.py
index 78cc6070..2f744ab4 100644
--- a/test/test_centos_7_support.py
+++ b/test/test_centos_7_support.py
@@ -1,8 +1,6 @@
-import pytest
 from .conftest import (
     tick_box,
     info_box,
-    cross_box,
     mock_command,
 )
 
diff --git a/test/test_centos_8_support.py b/test/test_centos_8_support.py
index 899cff2f..d3e83658 100644
--- a/test/test_centos_8_support.py
+++ b/test/test_centos_8_support.py
@@ -1,8 +1,6 @@
-import pytest
 from .conftest import (
     tick_box,
     info_box,
-    cross_box,
     mock_command,
 )
 
diff --git a/test/test_centos_common_support.py b/test/test_centos_common_support.py
index 4490f220..fdf43cba 100644
--- a/test/test_centos_common_support.py
+++ b/test/test_centos_common_support.py
@@ -117,4 +117,4 @@ def test_php_version_lt_7_detected_upgrade_user_optin_centos(Pihole):
     assert remi_package.is_installed
     updated_php_package = Pihole.package('php')
     updated_php_version = updated_php_package.version.split('.')[0]
-    assert int(updated_php_version) == 7
\ No newline at end of file
+    assert int(updated_php_version) == 7
diff --git a/test/test_centos_fedora_common_support.py b/test/test_centos_fedora_common_support.py
index 7338f0fc..21ae6d1d 100644
--- a/test/test_centos_fedora_common_support.py
+++ b/test/test_centos_fedora_common_support.py
@@ -1,7 +1,5 @@
-import pytest
 from .conftest import (
     tick_box,
-    info_box,
     cross_box,
     mock_command,
 )
@@ -52,6 +50,7 @@ def test_selinux_permissive(Pihole):
     assert expected_stdout in check_selinux.stdout
     assert check_selinux.rc == 0
 
+
 def test_selinux_disabled(Pihole):
     '''
     confirms installer continues when SELinux is Disabled
diff --git a/test/test_fedora_support.py b/test/test_fedora_support.py
index a5823883..473b2e96 100644
--- a/test/test_fedora_support.py
+++ b/test/test_fedora_support.py
@@ -1,12 +1,3 @@
-import pytest
-from .conftest import (
-    tick_box,
-    info_box,
-    cross_box,
-    mock_command,
-)
-
-
 def test_epel_and_remi_not_installed_fedora(Pihole):
     '''
     confirms installer does not attempt to install EPEL/REMI repositories

From f44b2f6aa3d1481de70efc674b6ca2dec44173aa Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Tue, 1 Dec 2020 17:27:21 +0000
Subject: [PATCH 156/297] Update advanced/Scripts/webpage.sh

Signed-off-by: Adam Warner <me@adamwarner.co.uk>

Co-authored-by: DL6ER <DL6ER@users.noreply.github.com>
---
 advanced/Scripts/webpage.sh | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index f7598000..e173759b 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -237,8 +237,7 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423
         #          1.168.192.in-addr.arpa to 192.168.1.0/24
         #          168.192.in-addr.arpa to 192.168.0.0/16
         #          192.in-addr.arpa to 192.0.0.0/8
-        search="in-addr.arpa"
-        if [[ "$CONDITIONAL_FORWARDING_REVERSE" == *"$search" ]];then
+        if [[ "${CONDITIONAL_FORWARDING_REVERSE}" == *"in-addr.arpa" ]];then
             arrRev=("${CONDITIONAL_FORWARDING_REVERSE//./ }")        
             case ${#arrRev[@]} in 
                 6   )   REV_SERVER_CIDR="${arrRev[3]}.${arrRev[2]}.${arrRev[1]}.${arrRev[0]}/32";;

From 454c9a411c34e699484c335ffcc8e4a3b18c034c Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Tue, 1 Dec 2020 17:27:36 +0000
Subject: [PATCH 157/297] Update advanced/Scripts/webpage.sh

Signed-off-by: Adam Warner <me@adamwarner.co.uk>

Co-authored-by: DL6ER <DL6ER@users.noreply.github.com>
---
 advanced/Scripts/webpage.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index e173759b..ef1d3ac9 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -247,7 +247,7 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423
             esac
         else
           # Set REV_SERVER_CIDR to whatever value it was set to
-          REV_SERVER_CIDR="$CONDITIONAL_FORWARDING_REVERSE"
+          REV_SERVER_CIDR="${CONDITIONAL_FORWARDING_REVERSE}"
         fi
         
         # If REV_SERVER_CIDR is not converted by the above, then use the REV_SERVER_TARGET variable to derive it

From d0af1a950bd45ed4eeb3ed3b82d2624a4f7efc63 Mon Sep 17 00:00:00 2001
From: Reto Gantenbein <reto.gantenbein@linuxmonk.ch>
Date: Tue, 1 Dec 2020 23:43:55 +0100
Subject: [PATCH 158/297] Ensure x86_64 processor architecture is listed as
 supported

Signed-off-by: Reto Gantenbein <reto.gantenbein@linuxmonk.ch>
---
 advanced/Scripts/piholeDebug.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 5c2b5f1c..e300c14a 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -560,7 +560,7 @@ processor_check() {
     else
         # Check if the architecture is currently supported for FTL
         case "${PROCESSOR}" in
-            "amd64") log_write "${TICK} ${COL_GREEN}${PROCESSOR}${COL_NC}"
+            "amd64" | "x86_64") log_write "${TICK} ${COL_GREEN}${PROCESSOR}${COL_NC}"
                 ;;
             "armv6l") log_write "${TICK} ${COL_GREEN}${PROCESSOR}${COL_NC}"
                 ;;

From 36937b19132df631220e4a5912f889e58a357cbc Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Wed, 2 Dec 2020 20:52:39 +0100
Subject: [PATCH 159/297] Strip such lines starting with a #. Do not silently
 truncate lines if they have a # somewhere in between (like
 server=127.0.0.1#5353)

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/piholeDebug.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 5c2b5f1c..30ca6031 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -977,7 +977,7 @@ make_array_from_file() {
         # Otherwise, read the file line by line
         while IFS= read -r line;do
             # Othwerise, strip out comments and blank lines
-            new_line=$(echo "${line}" | sed -e 's/#.*$//' -e '/^$/d')
+            new_line=$(echo "${line}" | sed -e 's/^\s*#.*$//' -e '/^$/d')
             # If the line still has content (a non-zero value)
             if [[ -n "${new_line}" ]]; then
                 # Put it into the array

From 61f13a334d2fb7ca81a3a47c7d9fc599a72d9164 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Wed, 2 Dec 2020 20:19:59 +0000
Subject: [PATCH 160/297] Don't delete an existing directory and clone our repo
 in its place. TODO: Something more robust

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 automated install/basic-install.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index bab6471e..5470a9fb 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -528,8 +528,8 @@ make_repo() {
     printf "  %b %s..." "${INFO}" "${str}"
     # If the directory exists,
     if [[ -d "${directory}" ]]; then
-        # delete everything in it so git can clone into it
-        rm -rf "${directory}"
+        # Return with a 1 to exit the installer. We don't want to overwrite what could already be here in case it is not ours
+        return 1
     fi
     # Clone the repo and return the return code from this command
     git clone -q --depth 20 "${remoteRepo}" "${directory}" &> /dev/null || return $?

From 641951b3a041a0a99c295fc977a1edef9fb87262 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Wed, 2 Dec 2020 20:35:40 +0000
Subject: [PATCH 161/297] add some meaningful outputSigned-off-by: Adam Warner
 <me@adamwarner.co.uk>

---
 automated install/basic-install.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 5470a9fb..9d5b4465 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -529,6 +529,8 @@ make_repo() {
     # If the directory exists,
     if [[ -d "${directory}" ]]; then
         # Return with a 1 to exit the installer. We don't want to overwrite what could already be here in case it is not ours
+        str="Unable to clone ${remoteRepo} into ${directory}"
+        printf "%b  %b%s\\n" "${OVER}" "${CROSS}" "${str}"
         return 1
     fi
     # Clone the repo and return the return code from this command

From e47eb30a6e269895346dd4299591c930e631388f Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Wed, 2 Dec 2020 20:49:07 +0000
Subject: [PATCH 162/297] Update automated install/basic-install.sh

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 automated install/basic-install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 9d5b4465..45e96354 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -529,7 +529,7 @@ make_repo() {
     # If the directory exists,
     if [[ -d "${directory}" ]]; then
         # Return with a 1 to exit the installer. We don't want to overwrite what could already be here in case it is not ours
-        str="Unable to clone ${remoteRepo} into ${directory}"
+        str="Unable to clone ${remoteRepo} into ${directory} : Directory already exists"
         printf "%b  %b%s\\n" "${OVER}" "${CROSS}" "${str}"
         return 1
     fi

From e84134705720eacc57d7b31129b7ea34a79cd2b3 Mon Sep 17 00:00:00 2001
From: Reto Gantenbein <reto.gantenbein@linuxmonk.ch>
Date: Sat, 5 Dec 2020 02:55:25 +0100
Subject: [PATCH 163/297] Fix chronometer output if web interface is not
 installed

Signed-off-by: Reto Gantenbein <reto.gantenbein@linuxmonk.ch>
---
 advanced/Scripts/chronometer.sh | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/advanced/Scripts/chronometer.sh b/advanced/Scripts/chronometer.sh
index 37fd5177..83697c1c 100755
--- a/advanced/Scripts/chronometer.sh
+++ b/advanced/Scripts/chronometer.sh
@@ -228,8 +228,14 @@ get_sys_stats() {
         mapfile -t ph_ver_raw < <(pihole -v -c 2> /dev/null | sed -n 's/^.* v/v/p')
         if [[ -n "${ph_ver_raw[0]}" ]]; then
             ph_core_ver="${ph_ver_raw[0]}"
-            ph_lte_ver="${ph_ver_raw[1]}"
-            ph_ftl_ver="${ph_ver_raw[2]}"
+            if [[ ${#ph_ver_raw[@]} -eq 2 ]]; then
+                # AdminLTE not installed
+                ph_lte_ver="n.a."
+                ph_ftl_ver="${ph_ver_raw[1]}"
+            else
+                ph_lte_ver="${ph_ver_raw[1]}"
+                ph_ftl_ver="${ph_ver_raw[2]}"
+            fi
         else
             ph_core_ver="-1"
         fi

From 18e4eb460c1cdcf396736b403bbd83ece7e8e637 Mon Sep 17 00:00:00 2001
From: Reto Gantenbein <reto.gantenbein@linuxmonk.ch>
Date: Sat, 5 Dec 2020 13:40:44 +0100
Subject: [PATCH 164/297] piholeDebug: Fix version check if lighttpd/php are
 not installed

Signed-off-by: Reto Gantenbein <reto.gantenbein@linuxmonk.ch>
---
 advanced/Scripts/piholeDebug.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index bc83d70a..9b923eb6 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -371,9 +371,9 @@ get_program_version() {
     echo_current_diagnostic "${program_name} version"
     # Evalutate the program we are checking, if it is any of the ones below, show the version
     case "${program_name}" in
-        "lighttpd") program_version="$(${program_name} -v |& head -n1 | cut -d '/' -f2 | cut -d ' ' -f1)"
+        "lighttpd") program_version="$(${program_name} -v 2> /dev/null | head -n1 | cut -d '/' -f2 | cut -d ' ' -f1)"
                     ;;
-        "php") program_version="$(${program_name} -v |& head -n1 | cut -d '-' -f1 | cut -d ' ' -f2)"
+        "php") program_version="$(${program_name} -v 2> /dev/null | head -n1 | cut -d '-' -f1 | cut -d ' ' -f2)"
                 ;;
         # If a match is not found, show an error
         *) echo "Unrecognized program";

From 9dc539c98bdf9ff3b3746f8ddeebb67af6e0af3c Mon Sep 17 00:00:00 2001
From: Reto Gantenbein <reto.gantenbein@linuxmonk.ch>
Date: Sat, 5 Dec 2020 15:16:45 +0100
Subject: [PATCH 165/297] piholeDebug: More detailed diagnostics if Web
 interface is not found

Signed-off-by: Reto Gantenbein <reto.gantenbein@linuxmonk.ch>
---
 advanced/Scripts/piholeDebug.sh | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index bc83d70a..16042353 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -334,7 +334,17 @@ compare_local_version_to_git_version() {
             return 1
         fi
     else
-        :
+        # There is no git directory so check if the web interface was disabled
+        local setup_vars_web_interface
+        setup_vars_web_interface=$(< ${PIHOLE_SETUP_VARS_FILE} grep ^INSTALL_WEB_INTERFACE | cut -d '=' -f2)
+        if [[ "${pihole_component}" == "Web" ]] && [[ "${setup_vars_web_interface}" == "false" ]]; then
+            log_write "${INFO} ${pihole_component}: Disabled in setupVars.conf via INSTALL_WEB_INTERFACE=false"
+        else
+            # Return an error message
+            log_write "${COL_RED}Directory ${git_dir} doesn't exist${COL_NC}"
+            # and exit with a non zero code
+            return 1
+        fi
     fi
 }
 

From 922f795fe6f85b026b0b3c6af52571aad64c2c3e Mon Sep 17 00:00:00 2001
From: user <user@fedbrew.home>
Date: Sun, 6 Dec 2020 06:03:30 -0500
Subject: [PATCH 166/297] Adding comma to the adlist table format

To account for the Date Updated column in the adlist table adding a comma to the adlist to be imported into the database. This was causing intermittent failures on updates and therefore no domains would be blocked.

Signed-off-by: user <user@fedbrew.home>

 Date:      Sun Dec 6 06:03:30 2020 -0500
 Committer: user <user@fedbrew.home>

 On branch fix/gravity_date_updated
 Your branch and 'origin/fix/gravity_date_updated' have diverged,
 and have 1 and 1 different commits each, respectively.
   (use "git pull" to merge the remote branch into yours)

 Changes to be committed:
	modified:   gravity.sh

Signed-off-by: user <user@fedbrew.home>
---
 gravity.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/gravity.sh b/gravity.sh
index 9ac38512..5a831dae 100755
--- a/gravity.sh
+++ b/gravity.sh
@@ -176,7 +176,7 @@ database_table_from_file() {
         echo "${rowid},\"${domain}\",${timestamp}" >> "${tmpFile}"
       elif [[ "${table}" == "adlist" ]]; then
         # Adlist table format
-        echo "${rowid},\"${domain}\",1,${timestamp},${timestamp},\"Migrated from ${source}\"" >> "${tmpFile}"
+        echo "${rowid},\"${domain}\",1,${timestamp},${timestamp},\"Migrated from ${source}\"," >> "${tmpFile}"
       else
         # White-, black-, and regexlist table format
         echo "${rowid},${type},\"${domain}\",1,${timestamp},${timestamp},\"Migrated from ${source}\"" >> "${tmpFile}"

From 20faa1bd1c0ccb237c541548265bb8bcd2bf2a23 Mon Sep 17 00:00:00 2001
From: Reto Gantenbein <1031031+ganto@users.noreply.github.com>
Date: Thu, 10 Dec 2020 22:58:07 +0100
Subject: [PATCH 167/297] Update pihole-FTL man-pages (#3883)

Extend latest options and adjust ordering to Web documentation

Ensure that all configuration options currently recognized by FTL 5.3.1
are properly documented in the man page of the configuration file.

Signed-off-by: Reto Gantenbein <reto.gantenbein@linuxmonk.ch>
---
 manpages/pihole-FTL.8      |  44 +++++-
 manpages/pihole-FTL.conf.5 | 301 +++++++++++++++++++++++++++++++------
 2 files changed, 298 insertions(+), 47 deletions(-)

diff --git a/manpages/pihole-FTL.8 b/manpages/pihole-FTL.8
index 2928f2d8..c7b69d83 100644
--- a/manpages/pihole-FTL.8
+++ b/manpages/pihole-FTL.8
@@ -1,4 +1,4 @@
-.TH "Pihole-FTL" "8" "pihole-FTL" "Pi-hole" "June 2018"
+.TH "Pihole-FTL" "8" "pihole-FTL" "Pi-hole" "November 2020"
 .SH "NAME"
 pihole-FTL - Pi-hole : The Faster-Than-Light (FTL) Engine
 .br
@@ -10,7 +10,7 @@ pihole-FTL - Pi-hole : The Faster-Than-Light (FTL) Engine
 .br
 \fBpihole-FTL test\fR
 .br
-\fBpihole-FTL -v\fR
+\fBpihole-FTL -v|-vv\fR
 .br
 \fBpihole-FTL -t\fR
 .br
@@ -22,6 +22,16 @@ pihole-FTL - Pi-hole : The Faster-Than-Light (FTL) Engine
 .br
 \fBpihole-FTL dnsmasq-test\fR
 .br
+\fBpihole-FTL regex-test str\fR
+.br
+\fBpihole-FTL regex-test str rgx\fR
+.br
+\fBpihole-FTL lua\fR
+.br
+\fBpihole-FTL luac\fR
+.br
+\fBpihole-FTL dhcp-discover\fR
+.br
 \fBpihole-FTL --\fR (\fBoptions\fR)
 .br
 
@@ -65,6 +75,11 @@ Command line arguments
     Don't start FTL, show only version
 .br
 
+\fB-vv\fR
+.br
+    Don't start FTL, show verbose version information of embedded applications
+.br
+
 \fB-t, tag\fR
 .br
     Don't start FTL, show only git tag
@@ -90,6 +105,31 @@ Command line arguments
     Test resolver config file syntax
 .br
 
+\fBregex-test str\fR
+.br
+    Test str against all regular expressions in the database
+.br
+
+\fBregex-test str rgx\fR
+.br
+    Test str against regular expression given by rgx
+.br
+
+\fBlua\fR
+.br
+    Start the embedded Lua interpreter
+.br
+
+\fBluac\fR
+.br
+    Execute the embedded Lua compiler
+.br
+
+\fBdhcp-discover\fR
+.br
+    Discover DHCP servers in the local network
+.br
+
 \fB--\fR  (options)
 .br
     Pass options to internal dnsmasq resolver
diff --git a/manpages/pihole-FTL.conf.5 b/manpages/pihole-FTL.conf.5
index 5cb0481e..42405436 100644
--- a/manpages/pihole-FTL.conf.5
+++ b/manpages/pihole-FTL.conf.5
@@ -1,4 +1,4 @@
-.TH "pihole-FTL.conf" "5" "pihole-FTL.conf" "pihole-FTL.conf" "June 2018"
+.TH "pihole-FTL.conf" "5" "pihole-FTL.conf" "pihole-FTL.conf" "November 2020"
 .SH "NAME"
 
 pihole-FTL.conf - FTL's config file
@@ -7,49 +7,32 @@ pihole-FTL.conf - FTL's config file
 
 /etc/pihole/pihole-FTL.conf will be read by \fBpihole-FTL(8)\fR on startup.
 .br
-
-\fBSOCKET_LISTENING=localonly|all\fR
-.br
-    Listen only for local socket connections or permit all connections
+For each setting the option shown first is the default.
 .br
 
-\fBQUERY_DISPLAY=yes|no\fR
+\fBBLOCKINGMODE=IP|IP-AAAA-NODATA|NODATA|NXDOMAIN|NULL\fR
 .br
-    Display all queries? Set to no to hide query display
+    How should FTL reply to blocked queries?
+
+    IP             - Pi-hole's IPs for blocked domains
+
+    IP-AAAA-NODATA - Pi-hole's IP + NODATA-IPv6 for blocked domains
+
+    NODATA         - Using NODATA for blocked domains
+
+    NXDOMAIN       - NXDOMAIN for blocked domains
+
+    NULL           - Null IPs for blocked domains
 .br
 
-\fBAAAA_QUERY_ANALYSIS=yes|no\fR
+\fBCNAME_DEEP_INSPECT=true|false\fR
 .br
-    Allow FTL to analyze AAAA queries from pihole.log?
+    Use this option to disable deep CNAME inspection. This might be beneficial for very low-end devices.
 .br
 
-\fBRESOLVE_IPV6=yes|no\fR
+\fBBLOCK_ESNI=true|false\fR
 .br
-    Should FTL try to resolve IPv6 addresses to host names?
-.br
-
-\fBRESOLVE_IPV4=yes|no\fR
-.br
-    Should FTL try to resolve IPv4 addresses to host names?
-.br
-
-\fBMAXDBDAYS=365\fR
-.br
-    How long should queries be stored in the database?
-.br
-    Setting this to 0 disables the database
-.br
-
-\fBDBINTERVAL=1.0\fR
-.br
-    How often do we store queries in FTL's database [minutes]?
-.br
-
-\fBDBFILE=/etc/pihole/pihole-FTL.db\fR
-.br
-    Specify path and filename of FTL's SQLite long-term database.
-.br
-    Setting this to DBFILE= disables the database altogether
+    Block requests to _esni.* sub-domains.
 .br
 
 \fBMAXLOGAGE=24.0\fR
@@ -59,14 +42,9 @@ pihole-FTL.conf - FTL's config file
     Maximum is 744 (31 days)
 .br
 
-\fBFTLPORT=4711\fR
+\fBPRIVACYLEVEL=0|1|2|3|4\fR
 .br
-    On which port should FTL be listening?
-.br
-
-\fBPRIVACYLEVEL=0|1|2|3\fR
-.br
-    Which privacy level is used?
+    Privacy level used to collect Pi-hole statistics.
 .br
     0 - show everything
 .br
@@ -76,19 +54,252 @@ pihole-FTL.conf - FTL's config file
 .br
     3 - anonymous mode (hide everything)
 .br
+    4 - disable all statistics
+.br
 
 \fBIGNORE_LOCALHOST=no|yes\fR
 .br
     Should FTL ignore queries coming from the local machine?
 .br
 
-\fBBLOCKINGMODE=IP|IP-AAAA-NODATA|NXDOMAIN|NULL\fR
+\fBAAAA_QUERY_ANALYSIS=yes|no\fR
 .br
-    How should FTL reply to blocked queries?
+    Should FTL analyze AAAA queries?
 .br
 
-For each setting, the option shown first is the default.
+\fBANALYZE_ONLY_A_AND_AAAA=false|true\fR
 .br
+    Should FTL only analyze A and AAAA queries?
+.br
+
+\fBSOCKET_LISTENING=localonly|all\fR
+.br
+    Listen only for local socket connections on the API port or permit all connections.
+.br
+
+\fBFTLPORT=4711\fR
+.br
+    On which port should FTL be listening?
+.br
+
+\fBRESOLVE_IPV6=yes|no\fR
+.br
+    Should FTL try to resolve IPv6 addresses to hostnames?
+.br
+
+\fBRESOLVE_IPV4=yes|no\fR
+.br
+    Should FTL try to resolve IPv4 addresses to hostnames?
+.br
+
+\fBDELAY_STARTUP=0\fR
+.br
+    Time in seconds (between 0 and 300) to delay FTL startup.
+.br
+
+\fBNICE=-10\fR
+.br
+    Set the niceness of the Pi-hole FTL process.
+.br
+    Can be disabled altogether by setting a value of -999.
+.br
+
+\fBNAMES_FROM_NETDB=true|false\fR
+.br
+    Control whether FTL should use a fallback option and try to obtain client names from checking the network table.
+.br
+    E.g. IPv6 clients without a hostname will be compared via MAC address to known clients.
+.br
+
+\fB\fBREFRESH_HOSTNAMES=IPV4|ALL|NONE\fR
+.br
+    Change how (and if) hourly PTR requests are made to check for changes in client and upstream server hostnames:
+.br
+    IPV4 - Do the hourly PTR lookups only for IPv4 addresses resolving issues in networks with many short-lived PE IPv6 addresses.
+.br
+    ALL  - Do the hourly PTR lookups for all addresses. This can create a lot of PTR queries in networks with many IPv6 addresses.
+.br
+    NONE - Don't do hourly PTR lookups. Look up hostnames once (when first seeing a client) and never again. Future hostname changes may be missed.
+.br
+
+\fBMAXNETAGE=365\fR
+.br
+    IP addresses (and associated host names) older than the specified number of days are removed.
+.br
+    This avoids dead entries in the network overview table.
+.br
+
+\fBEDNS0_ECS=true|false\fR
+.br
+    Should we overwrite the query source when client information is provided through EDNS0 client subnet (ECS) information?
+.br
+
+\fBPARSE_ARP_CACHE=true|false\fR
+.br
+    Parse ARP cache to fill network overview table.
+.br
+
+\fBDBIMPORT=yes|no\fR
+.br
+    Should FTL load information from the database on startup to be aware of the most recent history?
+.br
+
+\fBMAXDBDAYS=365\fR
+.br
+    How long should queries be stored in the database? Setting this to 0 disables the database
+.br
+
+\fBDBINTERVAL=1.0\fR
+.br
+    How often do we store queries in FTL's database [minutes]?
+.br
+    Accepts value between 0.1 (6 sec) and 1440 (1 day)
+.br
+
+\fBDBFILE=/etc/pihole/pihole-FTL.db\fR
+.br
+    Specify path and filename of FTL's SQLite long-term database.
+.br
+    Setting this to DBFILE= disables the database altogether
+.br
+
+\fBLOGFILE=/var/log/pihole-FTL.log\fR
+.br
+    The location of FTL's log file.
+.br
+
+\fBPIDFILE=/run/pihole-FTL.pid\fR
+.br
+    The file which contains the PID of FTL's main process.
+.br
+
+\fBPORTFILE=/run/pihole-FTL.port\fR
+.br
+    Specify path and filename where the FTL process will write its API port number.
+.br
+
+\fBSOCKETFILE=/run/pihole/FTL.sock\fR
+.br
+    The file containing the socket FTL's API is listening on.
+.br
+
+\fBSETUPVARSFILE=/etc/pihole/setupVars.conf\fR
+.br
+    The config file of Pi-hole containing, e.g., the current blocking status (do not change).
+.br
+
+\fBMACVENDORDB=/etc/pihole/macvendor.db\fR
+.br
+    The database containing MAC -> Vendor information for the network table.
+.br
+
+\fBGRAVITYDB=/etc/pihole/gravity.db\fR
+.br
+    Specify path and filename of FTL's SQLite3 gravity database. This database contains all domains relevant for Pi-hole's DNS blocking.
+.br
+
+\fBDEBUG_ALL=false|true\fR
+.br
+    Enable all debug flags. If this is set to true, all other debug config options are ignored.
+.br
+
+\fBDEBUG_DATABASE=false|true\fR
+.br
+    Print debugging information about database actions such as SQL statements and performance.
+.br
+
+\fBDEBUG_NETWORKING=false|true\fR
+.br
+    Prints a list of the detected network interfaces on the startup of FTL.
+.br
+
+\fBDEBUG_LOCKS=false|true\fR
+.br
+    Print information about shared memory locks.
+.br
+    Messages will be generated when waiting, obtaining, and releasing a lock.
+.br
+
+\fBDEBUG_QUERIES=false|true\fR
+.br
+    Print extensive DNS query information (domains, types, replies, etc.).
+.br
+
+\fBDEBUG_FLAGS=false|true\fR
+.br
+    Print flags of queries received by the DNS hooks.
+.br
+    Only effective when \fBDEBUG_QUERIES\fR is enabled as well.
+
+\fBDEBUG_SHMEM=false|true\fR
+.br
+    Print information about shared memory buffers.
+.br
+    Messages are either about creating or enlarging shmem objects or string injections.
+.br
+
+\fBDEBUG_GC=false|true\fR
+.br
+    Print information about garbage collection (GC):
+.br
+    What is to be removed, how many have been removed and how long did GC take.
+.br
+
+\fBDEBUG_ARP=false|true\fR
+.br
+    Print information about ARP table processing:
+.br
+    How long did parsing take, whether read MAC addresses are valid, and if the macvendor.db file exists.
+.br
+
+\fBDEBUG_REGEX=false|true\fR
+.br
+    Controls if FTL should print extended details about regex matching.
+.br
+
+\fBDEBUG_API=false|true\fR
+.br
+    Print extra debugging information during telnet API calls.
+.br
+    Currently only used to send extra information when getting all queries.
+.br
+
+\fBDEBUG_OVERTIME=false|true\fR
+.br
+    Print information about overTime memory operations, such as initializing or moving overTime slots.
+.br
+
+\fBDEBUG_EXTBLOCKED=false|true\fR
+.br
+    Print information about why FTL decided that certain queries were recognized as being externally blocked.
+.br
+
+\fBDEBUG_CAPS=false|true\fR
+.br
+    Print information about POSIX capabilities granted to the FTL process.
+.br
+    The current capabilities are printed on receipt of SIGHUP i.e. after executing `killall -HUP pihole-FTL`.
+.br
+
+\fBDEBUG_DNSMASQ_LINES=false|true\fR
+.br
+    Print file and line causing a dnsmasq event into FTL's log files.
+.br
+    This is handy to implement additional hooks missing from FTL.
+.br
+
+\fBDEBUG_VECTORS=false|true\fR
+.br
+    FTL uses dynamically allocated vectors for various tasks.
+.br
+    This config option enables extensive debugging information such as information about allocation, referencing, deletion, and appending.
+.br
+
+\fBDEBUG_RESOLVER=false|true\fR
+.br
+    Extensive information about hostname resolution like which DNS servers are used in the first and second hostname resolving tries.
+.br
+
 .SH "SEE ALSO"
 
 \fBpihole\fR(8), \fBpihole-FTL\fR(8)

From 357b6702ec5bfdfa0a276c4c0a30b15be7386e1b Mon Sep 17 00:00:00 2001
From: Adam Warner <github@adamwarner.co.uk>
Date: Fri, 11 Dec 2020 12:30:52 +0000
Subject: [PATCH 168/297] Update advanced/Scripts/chronometer.sh

Co-authored-by: DL6ER <DL6ER@users.noreply.github.com>
---
 advanced/Scripts/chronometer.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/advanced/Scripts/chronometer.sh b/advanced/Scripts/chronometer.sh
index 83697c1c..3e77f578 100755
--- a/advanced/Scripts/chronometer.sh
+++ b/advanced/Scripts/chronometer.sh
@@ -230,7 +230,7 @@ get_sys_stats() {
             ph_core_ver="${ph_ver_raw[0]}"
             if [[ ${#ph_ver_raw[@]} -eq 2 ]]; then
                 # AdminLTE not installed
-                ph_lte_ver="n.a."
+                ph_lte_ver="(not installed)"
                 ph_ftl_ver="${ph_ver_raw[1]}"
             else
                 ph_lte_ver="${ph_ver_raw[1]}"

From eb5661b553e759b926e9672842e364c7d761363b Mon Sep 17 00:00:00 2001
From: MichaIng <micha@dietpi.com>
Date: Tue, 7 Jul 2020 20:07:11 +0200
Subject: [PATCH 169/297] Further failsafe check for available APT packages

- "apt-cache show package" succeeds as well if package is listed as (optional) dependency or conflict by another package, hence is not a 100% reliable measure.
- There is no command which explicitly checks which package/name can be selected by apt-get for install. An install simulation/dry-run is possible as it was before Pi-hole v5.1, or the whole package cache can be scraped, which is still the less time consuming solution.
- Allow to succeed if another package "provides" it, like "php7.3-apcu" provided by "php-apcu" or "awk" provided by "mawk" and "gawk", in which case the non-virtual package is selected automatically by apt-get.

For reference: https://github.com/MichaIng/DietPi/pull/3657/commits/066b89fa410ff568f57ad31fa8f50ec72c97796d

Signed-off-by: MichaIng <micha@dietpi.com>
---
 automated install/basic-install.sh | 27 +++++++++++++++++++++------
 1 file changed, 21 insertions(+), 6 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 45e96354..d0736bec 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -85,6 +85,8 @@ QUERY_LOGGING=true
 INSTALL_WEB_INTERFACE=true
 PRIVACY_LEVEL=0
 CACHE_SIZE=10000
+# Placeholder variable for the list of available APT packages to be parsed subsequently
+APT_PACKAGE_LIST=""
 
 if [ -z "${USER}" ]; then
   USER="$(id -un)"
@@ -179,6 +181,19 @@ is_command() {
     command -v "${check_command}" >/dev/null 2>&1
 }
 
+is_apt_package(){
+    # Checks whether a package, or one that provides it, is available in
+    # the installed APT repository lists.
+    local check_package=$1
+
+    # Obtain the list of available packages once
+    if [[ -z $APT_PACKAGE_LIST ]]; then
+        APT_PACKAGE_LIST=$(apt-cache dumpavail | grep -E '^P(ackage|rovides):')
+    fi
+
+    grep -qE " $check_package(,|$)" <<< "$APT_PACKAGE_LIST"
+}
+
 os_check() {
     if [ "$PIHOLE_SKIP_OS_CHECK" != true ]; then
         # This function gets a list of supported OS versions from a TXT record at versions.pi-hole.net
@@ -303,10 +318,10 @@ if is_command apt-get ; then
     # Update package cache. This is required already here to assure apt-cache calls have package lists available.
     update_package_cache || exit 1
     # Debian 7 doesn't have iproute2 so check if it's available first
-    if apt-cache show iproute2 > /dev/null 2>&1; then
+    if is_apt_package iproute2; then
         iproute_pkg="iproute2"
     # Otherwise, check if iproute is available
-    elif apt-cache show iproute > /dev/null 2>&1; then
+    elif is_apt_package iproute; then
         iproute_pkg="iproute"
     # Else print error and exit
     else
@@ -326,10 +341,10 @@ if is_command apt-get ; then
     # Check if installed php is v 7.0, or newer to determine packages to install
     if [[ "$phpInsNewer" != true ]]; then
         # Prefer the php metapackage if it's there
-        if apt-cache show php > /dev/null 2>&1; then
+        if is_apt_package php; then
             phpVer="php"
         # Else fall back on the php5 package if it's there
-        elif apt-cache show php5 > /dev/null 2>&1; then
+        elif is_apt_package php5; then
             phpVer="php5"
         # Else print error and exit
         else
@@ -341,9 +356,9 @@ if is_command apt-get ; then
         phpVer="php$phpInsMajor.$phpInsMinor"
     fi
     # We also need the correct version for `php-sqlite` (which differs across distros)
-    if apt-cache show "${phpVer}-sqlite3" > /dev/null 2>&1; then
+    if is_apt_package "${phpVer}-sqlite3"; then
         phpSqlite="sqlite3"
-    elif apt-cache show "${phpVer}-sqlite" > /dev/null 2>&1; then
+    elif is_apt_package "${phpVer}-sqlite"; then
         phpSqlite="sqlite"
     else
         printf "  %b Aborting installation: No SQLite PHP module was found in APT repository.\\n" "${CROSS}"

From 3a05ac27a29e18ec41b8884355d5751815b3eeaa Mon Sep 17 00:00:00 2001
From: Michael Woolweaver <m.woolweaver@icloud.com>
Date: Sat, 19 Dec 2020 17:37:17 -0600
Subject: [PATCH 170/297] Fix typo found by #3933

Signed-off-by: Michael Woolweaver <m.woolweaver@icloud.com>
---
 advanced/Templates/gravity.db.sql | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/advanced/Templates/gravity.db.sql b/advanced/Templates/gravity.db.sql
index 2aa7e8f8..26b030c8 100644
--- a/advanced/Templates/gravity.db.sql
+++ b/advanced/Templates/gravity.db.sql
@@ -73,7 +73,7 @@ CREATE TABLE domainlist_by_group
 CREATE TABLE client
 (
 	id INTEGER PRIMARY KEY AUTOINCREMENT,
-	ip TEXT NOL NULL UNIQUE,
+	ip TEXT NOT NULL UNIQUE,
 	date_added INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
 	date_modified INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
 	comment TEXT

From ef0bdf6470e98ac7866c4fbcee3ab06bfe095fe8 Mon Sep 17 00:00:00 2001
From: Matej Dujava <mdujava@kocurkovo.cz>
Date: Mon, 7 Dec 2020 00:23:04 +0100
Subject: [PATCH 171/297] Fix validation of adlist url

Already existing regex validation will be used on url after removing @ (in case
its in separating userinfo and host).

Signed-off-by: Matej Dujava <mdujava@kocurkovo.cz>
Fixes: https://github.com/pi-hole/pi-hole/issues/3911
Fixes: 7d19ee1b: validate blocklist URL before adding to the database (#3237)
---
 advanced/Scripts/webpage.sh | 11 ++++++++---
 gravity.sh                  |  9 +++++++--
 2 files changed, 15 insertions(+), 5 deletions(-)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index f26ce11d..da2afb0f 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -486,10 +486,15 @@ SetWebUITheme() {
 }
 
 CheckUrl(){
-    local regex
+    local regex check_url
     # Check for characters NOT allowed in URLs
-    regex="[^a-zA-Z0-9:/?&%=~._-]"
-    if [[ "${1}" =~ ${regex} ]]; then
+    regex="[^a-zA-Z0-9:/?&%=~._()-;]"
+
+    # this will remove first @ that is after schema and before domain
+    # \1 is optional schema, \2 is userinfo
+    check_url="$( sed -re 's#([^:/]*://)?([^/]+)@#\1\2#' <<< "$1" )"
+
+    if [[ "${check_url}" =~ ${regex} ]]; then
         return 1
     else
         return 0
diff --git a/gravity.sh b/gravity.sh
index 9ac38512..c9cd615a 100755
--- a/gravity.sh
+++ b/gravity.sh
@@ -393,10 +393,15 @@ gravity_DownloadBlocklists() {
     esac
 
     echo -e "  ${INFO} Target: ${url}"
-    local regex
+    local regex check_url
     # Check for characters NOT allowed in URLs
     regex="[^a-zA-Z0-9:/?&%=~._()-;]"
-    if [[ "${url}" =~ ${regex} ]]; then
+
+    # this will remove first @ that is after schema and before domain
+    # \1 is optional schema, \2 is userinfo
+    check_url="$( sed -re 's#([^:/]*://)?([^/]+)@#\1\2#' <<< "$url" )"
+
+    if [[ "${check_url}" =~ ${regex} ]]; then
         echo -e "  ${CROSS} Invalid Target"
     else
        gravity_DownloadBlocklistFromUrl "${url}" "${cmd_ext}" "${agent}" "${sourceIDs[$i]}" "${saveLocation}" "${target}" "${compression}"

From b4102547accaf7c69177c317f8ac4d5d50fdd63f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Mon, 21 Dec 2020 13:11:59 +0100
Subject: [PATCH 172/297] Remove deprecated malwaredomains list
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 automated install/basic-install.sh | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 45e96354..414945f8 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -1287,8 +1287,7 @@ chooseBlocklists() {
     # Let user select (or not) blocklists via a checklist
     cmd=(whiptail --separate-output --checklist "Pi-hole relies on third party lists in order to block ads.\\n\\nYou can use the suggestions below, and/or add your own after installation\\n\\nTo deselect any list, use the arrow keys and spacebar" "${r}" "${c}" 5)
     # In an array, show the options available (all off by default):
-    options=(StevenBlack "StevenBlack's Unified Hosts List" on
-        MalwareDom "MalwareDomains" on)
+    options=(StevenBlack "StevenBlack's Unified Hosts List" on)
 
     # In a variable, show the choices available; exit if Cancel is selected
     choices=$("${cmd[@]}" "${options[@]}" 2>&1 >/dev/tty) || { printf "  %bCancel was selected, exiting installer%b\\n" "${COL_LIGHT_RED}" "${COL_NC}"; rm "${adlistFile}" ;exit 1; }
@@ -1307,7 +1306,6 @@ chooseBlocklists() {
 appendToListsFile() {
     case $1 in
         StevenBlack  )  echo "https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts" >> "${adlistFile}";;
-        MalwareDom   )  echo "https://mirror1.malwaredomains.com/files/justdomains" >> "${adlistFile}";;
     esac
 }
 
@@ -1320,7 +1318,6 @@ installDefaultBlocklists() {
         return;
     fi
     appendToListsFile StevenBlack
-    appendToListsFile MalwareDom
 }
 
 # Check if /etc/dnsmasq.conf is from pi-hole.  If so replace with an original and install new in .d directory

From 60fa93ab47e96fb99a864b3805572f209003383b Mon Sep 17 00:00:00 2001
From: Dan Schaper <dan.schaper@pi-hole.net>
Date: Wed, 23 Dec 2020 14:59:28 -0800
Subject: [PATCH 173/297] Add fallback for arch detection on i386/x86_64

Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
---
 automated install/basic-install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 45e96354..353899c8 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -2451,7 +2451,7 @@ get_binary_name() {
     elif [[ "${machine}" == "x86_64" ]]; then
         # This gives the processor of packages dpkg installs (for example, "i386")
         local dpkgarch
-        dpkgarch=$(dpkg --print-processor 2> /dev/null || true)
+        dpkgarch=$(dpkg --print-processor 2> /dev/null || dpkg --print-architecture 2> /dev/null)
 
         # Special case: This is a 32 bit OS, installed on a 64 bit machine
         # -> change machine processor to download the 32 bit executable

From 0d710fc9e31b407977b6ab256d22bd4dfaae7baa Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Thu, 24 Dec 2020 21:19:14 +0100
Subject: [PATCH 174/297] Change wording in whiptail for adlist selection
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 automated install/basic-install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index d2c5d078..b0b7bdd8 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -1285,7 +1285,7 @@ chooseBlocklists() {
         mv "${adlistFile}" "${adlistFile}.old"
     fi
     # Let user select (or not) blocklists via a checklist
-    cmd=(whiptail --separate-output --checklist "Pi-hole relies on third party lists in order to block ads.\\n\\nYou can use the suggestions below, and/or add your own after installation\\n\\nTo deselect any list, use the arrow keys and spacebar" "${r}" "${c}" 5)
+    cmd=(whiptail --separate-output --checklist "Pi-hole relies on third party lists in order to block ads.\\n\\nYou can use the suggestion below, and/or add your own after installation\\n\\nTo deselect the suggested list, use spacebar" "${r}" "${c}" 5)
     # In an array, show the options available (all off by default):
     options=(StevenBlack "StevenBlack's Unified Hosts List" on)
 

From 6b33b8b4c09d3f33524a1b89df5dc8e01d12efbe Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Sun, 27 Dec 2020 19:14:52 +0100
Subject: [PATCH 175/297] Store status of downloaded list (downloaded, using
 cache, some error, ...) and number of (in-)valid domains on this list in the
 gravity database. This updates the gravity databaes to version 14.

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 .../Scripts/database_migration/gravity-db.sh  |  8 +-
 .../database_migration/gravity/13_to_14.sql   | 13 ++++
 advanced/Templates/gravity.db.sql             |  7 +-
 gravity.sh                                    | 74 +++++++++++++++++--
 4 files changed, 92 insertions(+), 10 deletions(-)
 create mode 100644 advanced/Scripts/database_migration/gravity/13_to_14.sql

diff --git a/advanced/Scripts/database_migration/gravity-db.sh b/advanced/Scripts/database_migration/gravity-db.sh
index 282ea07b..22f241dd 100644
--- a/advanced/Scripts/database_migration/gravity-db.sh
+++ b/advanced/Scripts/database_migration/gravity-db.sh
@@ -111,9 +111,15 @@ upgrade_gravityDB(){
 		version=12
 	fi
 	if [[ "$version" == "12" ]]; then
-		# Add column date_updated to alist table
+		# Add column date_updated to adlist table
 		echo -e "  ${INFO} Upgrading gravity database from version 12 to 13"
 		sqlite3 "${database}" < "${scriptPath}/12_to_13.sql"
 		version=13
 	fi
+	if [[ "$version" == "13" ]]; then
+		# Add columns number and status to adlist table
+		echo -e "  ${INFO} Upgrading gravity database from version 13 to 14"
+		sqlite3 "${database}" < "${scriptPath}/13_to_14.sql"
+		version=14
+	fi
 }
diff --git a/advanced/Scripts/database_migration/gravity/13_to_14.sql b/advanced/Scripts/database_migration/gravity/13_to_14.sql
new file mode 100644
index 00000000..fa230865
--- /dev/null
+++ b/advanced/Scripts/database_migration/gravity/13_to_14.sql
@@ -0,0 +1,13 @@
+.timeout 30000
+
+PRAGMA FOREIGN_KEYS=OFF;
+
+BEGIN TRANSACTION;
+
+ALTER TABLE adlist ADD COLUMN number INTEGER NOT NULL DEFAULT 0;
+ALTER TABLE adlist ADD COLUMN invalid_domains INTEGER NOT NULL DEFAULT 0;
+ALTER TABLE adlist ADD COLUMN status INTEGER NOT NULL DEFAULT 0;
+
+UPDATE info SET value = 14 WHERE property = 'version';
+
+COMMIT;
\ No newline at end of file
diff --git a/advanced/Templates/gravity.db.sql b/advanced/Templates/gravity.db.sql
index 26b030c8..5d7bafa9 100644
--- a/advanced/Templates/gravity.db.sql
+++ b/advanced/Templates/gravity.db.sql
@@ -32,7 +32,10 @@ CREATE TABLE adlist
 	date_added INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
 	date_modified INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
 	comment TEXT,
-	date_updated INTEGER
+	date_updated INTEGER,
+	number INTEGER NOT NULL DEFAULT 0,
+	invalid_domains INTEGER NOT NULL DEFAULT 0,
+	status INTEGER NOT NULL DEFAULT 0
 );
 
 CREATE TABLE adlist_by_group
@@ -54,7 +57,7 @@ CREATE TABLE info
 	value TEXT NOT NULL
 );
 
-INSERT INTO "info" VALUES('version','13');
+INSERT INTO "info" VALUES('version','14');
 
 CREATE TABLE domain_audit
 (
diff --git a/gravity.sh b/gravity.sh
index 5a831dae..b238275f 100755
--- a/gravity.sh
+++ b/gravity.sh
@@ -217,6 +217,48 @@ database_adlist_updated() {
   fi
 }
 
+# Check if a column with name ${2} exists in gravity table with name ${1}
+gravity_column_exists() {
+  output=$( { printf ".timeout 30000\\nSELECT EXISTS(SELECT * FROM pragma_table_info('%s') WHERE name='%s');\\n" "${1}" "${2}" | sqlite3 "${gravityDBfile}"; } 2>&1 )
+  if [[ "${output}" == "1" ]]; then
+    return 0 # Bash 0 is success
+  fi
+
+  return 1 # Bash non-0 is failure
+}
+
+# Update number of domain on this list. We store this in the "old" database as all values in the new database will later be overwritten
+database_adlist_number() {
+  # Only try to set number of domains when this field exists in the gravity database
+  if ! gravity_column_exists "adlist" "number"; then
+    return;
+  fi
+
+  output=$( { printf ".timeout 30000\\nUPDATE adlist SET number = %i, invalid_domains = %i WHERE id = %i;\\n" "${total_num}" "${invalid_num}" "${1}" | sqlite3 "${gravityDBfile}"; } 2>&1 )
+  status="$?"
+
+  if [[ "${status}" -ne 0 ]]; then
+    echo -e "\\n  ${CROSS} Unable to update number of domains in adlist with ID ${1} in database ${gravityDBfile}\\n  ${output}"
+    gravity_Cleanup "error"
+  fi
+}
+
+# Update status of this list. We store this in the "old" database as all values in the new database will later be overwritten
+database_adlist_status() {
+  # Only try to set the status when this field exists in the gravity database
+  if ! gravity_column_exists "adlist" "status"; then
+    return;
+  fi
+
+  output=$( { printf ".timeout 30000\\nUPDATE adlist SET status = %i WHERE id = %i;\\n" "${2}" "${1}" | sqlite3 "${gravityDBfile}"; } 2>&1 )
+  status="$?"
+
+  if [[ "${status}" -ne 0 ]]; then
+    echo -e "\\n  ${CROSS} Unable to update status of adlist with ID ${1} in database ${gravityDBfile}\\n  ${output}"
+    gravity_Cleanup "error"
+  fi
+}
+
 # Migrate pre-v5.0 list files to database-based Pi-hole versions
 migrate_to_database() {
   # Create database file only if not present
@@ -439,6 +481,7 @@ gravity_DownloadBlocklists() {
 }
 
 total_num=0
+invalid_num=0
 parseList() {
   local adlistID="${1}" src="${2}" target="${3}" incorrect_lines
   # This sed does the following things:
@@ -456,11 +499,11 @@ parseList() {
   num_target_lines="$(grep -c "^" "${target}")"
   num_correct_lines="$(( num_target_lines-total_num ))"
   total_num="$num_target_lines"
-  num_invalid="$(( num_lines-num_correct_lines ))"
-  if [[ "${num_invalid}" -eq 0 ]]; then
-    echo "  ${INFO} Received ${num_lines} domains"
+  invalid_num="$(( num_lines-num_correct_lines ))"
+  if [[ "${invalid_num}" -eq 0 ]]; then
+    echo "  ${INFO} Analyzed ${num_lines} domains"
   else
-    echo "  ${INFO} Received ${num_lines} domains, ${num_invalid} domains invalid!"
+    echo "  ${INFO} Analyzed ${num_lines} domains, ${invalid_num} domains invalid!"
   fi
 
   # Display sample of invalid lines if we found some
@@ -554,31 +597,48 @@ gravity_DownloadBlocklistFromUrl() {
       esac;;
   esac
 
+  local done="false"
   # Determine if the blocklist was downloaded and saved correctly
   if [[ "${success}" == true ]]; then
     if [[ "${httpCode}" == "304" ]]; then
       # Add domains to database table file
       parseList "${adlistID}" "${saveLocation}" "${target}"
+      database_adlist_status "${adlistID}" "2"
+      database_adlist_number "${adlistID}"
+      done="true"
     # Check if $patternbuffer is a non-zero length file
     elif [[ -s "${patternBuffer}" ]]; then
       # Determine if blocklist is non-standard and parse as appropriate
       gravity_ParseFileIntoDomains "${patternBuffer}" "${saveLocation}"
       # Add domains to database table file
       parseList "${adlistID}" "${saveLocation}" "${target}"
-      # Update date_updated field in gravity database table
+      # Update gravity database table
+      database_adlist_status "${adlistID}" "1"
       database_adlist_updated "${adlistID}"
+      database_adlist_number "${adlistID}"
+      done="true"
     else
       # Fall back to previously cached list if $patternBuffer is empty
-      echo -e "  ${INFO} Received empty file: ${COL_LIGHT_GREEN}using previously cached list${COL_NC}"
+      echo -e "  ${INFO} Received empty file"
     fi
-  else
+  fi
+
+  # Do we need to fall back to a cached list (if available)?
+  if [[ "${done}" != "true" ]]; then
     # Determine if cached list has read permission
     if [[ -r "${saveLocation}" ]]; then
       echo -e "  ${CROSS} List download failed: ${COL_LIGHT_GREEN}using previously cached list${COL_NC}"
       # Add domains to database table file
       parseList "${adlistID}" "${saveLocation}" "${target}"
+      database_adlist_number "${adlistID}"
+      database_adlist_status "${adlistID}" "3"
     else
       echo -e "  ${CROSS} List download failed: ${COL_LIGHT_RED}no cached list available${COL_NC}"
+      # Total number == -1 means there was no cached list that could have been used
+      total_num=-1
+      invalid_num=0
+      database_adlist_number "${adlistID}"
+      database_adlist_status "${adlistID}" "4"
     fi
   fi
 }

From 8c56f54a1e4a0ad659914471f8aeb8d92b259956 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Tue, 29 Dec 2020 09:54:25 +0100
Subject: [PATCH 176/297] Compare checksum of downloaded list against older
 checksums to see if the list content changed since the last download

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 gravity.sh | 26 ++++++++++++++++++++++++--
 1 file changed, 24 insertions(+), 2 deletions(-)

diff --git a/gravity.sh b/gravity.sh
index b238275f..1defa06f 100755
--- a/gravity.sh
+++ b/gravity.sh
@@ -514,6 +514,27 @@ parseList() {
     done <<< "${incorrect_lines}"
   fi
 }
+compareLists() {
+  local adlistID="${1}" target="${2}" result
+
+  # Verify checksum when an older checksum exists
+  if [[ -s "${target}.sha1" ]]; then
+    if ! sha1sum --check --status --strict "${target}.sha1"; then
+      # The list changed upstream, we need to update the checksum
+      sha1sum "${target}" > "${target}.sha1"
+      echo "  ${INFO} List has been updated"
+      database_adlist_status "${adlistID}" "1"
+    else
+      echo "  ${INFO} List stayed unchanged"
+      database_adlist_status "${adlistID}" "2"
+    fi
+  else
+    # No checksum available, create one for comparing on the next run
+    sha1sum "${target}" > "${target}.sha1"
+    # We assume here it was changed upstream
+    database_adlist_status "${adlistID}" "1"
+  fi
+}
 
 # Download specified URL and perform checks on HTTP status and file content
 gravity_DownloadBlocklistFromUrl() {
@@ -612,8 +633,9 @@ gravity_DownloadBlocklistFromUrl() {
       gravity_ParseFileIntoDomains "${patternBuffer}" "${saveLocation}"
       # Add domains to database table file
       parseList "${adlistID}" "${saveLocation}" "${target}"
-      # Update gravity database table
-      database_adlist_status "${adlistID}" "1"
+      # Compare lists, are they identical?
+      compareLists "${adlistID}" "${saveLocation}"
+      # Update gravity database table (status is set in compareLists)
       database_adlist_updated "${adlistID}"
       database_adlist_number "${adlistID}"
       done="true"

From e033ee666423a89498a03da57c74b95ee49c883f Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Tue, 29 Dec 2020 10:16:43 +0100
Subject: [PATCH 177/297] Fix connection mechanism between Chronometer and FTL

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/chronometer.sh | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/advanced/Scripts/chronometer.sh b/advanced/Scripts/chronometer.sh
index 3e77f578..3126ed25 100755
--- a/advanced/Scripts/chronometer.sh
+++ b/advanced/Scripts/chronometer.sh
@@ -13,6 +13,7 @@ LC_NUMERIC=C
 
 # Retrieve stats from FTL engine
 pihole-FTL() {
+    local ftl_port LINE
     ftl_port=$(cat /run/pihole-FTL.port 2> /dev/null)
     if [[ -n "$ftl_port" ]]; then
         # Open connection to FTL
@@ -20,12 +21,13 @@ pihole-FTL() {
 
         # Test if connection is open
         if { "true" >&3; } 2> /dev/null; then
-            # Send command to FTL
-            echo -e ">$1" >&3
+            # Send command to FTL and ask to quit when finished
+            echo -e ">$1 >quit" >&3
 
-            # Read input
+            # Read input until we received an empty string and the connection is
+            # closed
             read -r -t 1 LINE <&3
-            until [[ ! $? ]] || [[ "$LINE" == *"EOM"* ]]; do
+            until [[ -z "${LINE}" ]] && [[ ! -t 3 ]]; do
                 echo "$LINE" >&1
                 read -r -t 1 LINE <&3
             done

From a216848c1db65dc1be5a1928e3f225c7f10be694 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Tue, 29 Dec 2020 20:28:09 +0100
Subject: [PATCH 178/297] Only update time of last list change when we see a
 list for the first time or when it really changed content

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 gravity.sh | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/gravity.sh b/gravity.sh
index 1defa06f..0119b710 100755
--- a/gravity.sh
+++ b/gravity.sh
@@ -524,6 +524,7 @@ compareLists() {
       sha1sum "${target}" > "${target}.sha1"
       echo "  ${INFO} List has been updated"
       database_adlist_status "${adlistID}" "1"
+      database_adlist_updated "${adlistID}"
     else
       echo "  ${INFO} List stayed unchanged"
       database_adlist_status "${adlistID}" "2"
@@ -531,8 +532,10 @@ compareLists() {
   else
     # No checksum available, create one for comparing on the next run
     sha1sum "${target}" > "${target}.sha1"
+    echo "  ${INFO} This list is new"
     # We assume here it was changed upstream
     database_adlist_status "${adlistID}" "1"
+    database_adlist_updated "${adlistID}"
   fi
 }
 
@@ -635,8 +638,8 @@ gravity_DownloadBlocklistFromUrl() {
       parseList "${adlistID}" "${saveLocation}" "${target}"
       # Compare lists, are they identical?
       compareLists "${adlistID}" "${saveLocation}"
-      # Update gravity database table (status is set in compareLists)
-      database_adlist_updated "${adlistID}"
+      # Update gravity database table (status and updated timestamp are set in
+      # compareLists)
       database_adlist_number "${adlistID}"
       done="true"
     else

From 0944807491ca40009eabe47c5198907b518100c4 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Tue, 29 Dec 2020 20:35:48 +0100
Subject: [PATCH 179/297] Actually store correct number of domains for the
 individual lists (and not the sum of the so far collected number of domains)

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 gravity.sh | 21 +++++++++++----------
 1 file changed, 11 insertions(+), 10 deletions(-)

diff --git a/gravity.sh b/gravity.sh
index 0119b710..684d64b3 100755
--- a/gravity.sh
+++ b/gravity.sh
@@ -234,7 +234,7 @@ database_adlist_number() {
     return;
   fi
 
-  output=$( { printf ".timeout 30000\\nUPDATE adlist SET number = %i, invalid_domains = %i WHERE id = %i;\\n" "${total_num}" "${invalid_num}" "${1}" | sqlite3 "${gravityDBfile}"; } 2>&1 )
+  output=$( { printf ".timeout 30000\\nUPDATE adlist SET number = %i, invalid_domains = %i WHERE id = %i;\\n" "${num_lines}" "${num_invalid}" "${1}" | sqlite3 "${gravityDBfile}"; } 2>&1 )
   status="$?"
 
   if [[ "${status}" -ne 0 ]]; then
@@ -481,7 +481,8 @@ gravity_DownloadBlocklists() {
 }
 
 total_num=0
-invalid_num=0
+num_lines=0
+num_invalid=0
 parseList() {
   local adlistID="${1}" src="${2}" target="${3}" incorrect_lines
   # This sed does the following things:
@@ -492,18 +493,18 @@ parseList() {
   # Find (up to) five domains containing invalid characters (see above)
   incorrect_lines="$(sed -e "/[^a-zA-Z0-9.\_-]/!d" "${src}" | head -n 5)"
 
-  local num_lines num_target_lines num_correct_lines num_invalid
+  local num_target_lines num_correct_lines num_invalid
   # Get number of lines in source file
   num_lines="$(grep -c "^" "${src}")"
   # Get number of lines in destination file
   num_target_lines="$(grep -c "^" "${target}")"
   num_correct_lines="$(( num_target_lines-total_num ))"
   total_num="$num_target_lines"
-  invalid_num="$(( num_lines-num_correct_lines ))"
-  if [[ "${invalid_num}" -eq 0 ]]; then
+  num_invalid="$(( num_lines-num_correct_lines ))"
+  if [[ "${num_invalid}" -eq 0 ]]; then
     echo "  ${INFO} Analyzed ${num_lines} domains"
   else
-    echo "  ${INFO} Analyzed ${num_lines} domains, ${invalid_num} domains invalid!"
+    echo "  ${INFO} Analyzed ${num_lines} domains, ${num_invalid} domains invalid!"
   fi
 
   # Display sample of invalid lines if we found some
@@ -515,7 +516,7 @@ parseList() {
   fi
 }
 compareLists() {
-  local adlistID="${1}" target="${2}" result
+  local adlistID="${1}" target="${2}"
 
   # Verify checksum when an older checksum exists
   if [[ -s "${target}.sha1" ]]; then
@@ -659,9 +660,9 @@ gravity_DownloadBlocklistFromUrl() {
       database_adlist_status "${adlistID}" "3"
     else
       echo -e "  ${CROSS} List download failed: ${COL_LIGHT_RED}no cached list available${COL_NC}"
-      # Total number == -1 means there was no cached list that could have been used
-      total_num=-1
-      invalid_num=0
+      # Manually reset these two numbers because we do not call parseList here
+      num_lines=0
+      num_invalid=0
       database_adlist_number "${adlistID}"
       database_adlist_status "${adlistID}" "4"
     fi

From a2625df5e2a7e406cadcd430ea3902c47234769c Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Wed, 30 Dec 2020 11:27:34 +0100
Subject: [PATCH 180/297] Remove "The list is new" comment because it is
 superfluous

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 gravity.sh | 1 -
 1 file changed, 1 deletion(-)

diff --git a/gravity.sh b/gravity.sh
index 684d64b3..0dd65bfb 100755
--- a/gravity.sh
+++ b/gravity.sh
@@ -533,7 +533,6 @@ compareLists() {
   else
     # No checksum available, create one for comparing on the next run
     sha1sum "${target}" > "${target}.sha1"
-    echo "  ${INFO} This list is new"
     # We assume here it was changed upstream
     database_adlist_status "${adlistID}" "1"
     database_adlist_updated "${adlistID}"

From a5422dbdf6bb8fe0d68095e69c9ec37796d3c838 Mon Sep 17 00:00:00 2001
From: bcambl <blayne@blaynecampbell.com>
Date: Wed, 30 Dec 2020 19:45:51 -0600
Subject: [PATCH 181/297] fix release check for centos stream

fixes #3947 #3953

Signed-off-by: bcambl <blayne@blaynecampbell.com>
---
 automated install/basic-install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index b0b7bdd8..efa8c23d 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -408,7 +408,7 @@ elif is_command rpm ; then
         SUPPORTED_CENTOS_VERSION=7
         SUPPORTED_CENTOS_PHP_VERSION=7
         # Check current CentOS major release version
-        CURRENT_CENTOS_VERSION=$(grep -oP '(?<= )[0-9]+(?=\.)' /etc/redhat-release)
+        CURRENT_CENTOS_VERSION=$(grep -oP '(?<= )[0-9]+(?=\.?)' /etc/redhat-release)
         # Check if CentOS version is supported
         if [[ $CURRENT_CENTOS_VERSION -lt $SUPPORTED_CENTOS_VERSION ]]; then
             printf "  %b CentOS %s is not supported.\\n" "${CROSS}" "${CURRENT_CENTOS_VERSION}"

From bfee230c799185b5898f226269e9efb85207d125 Mon Sep 17 00:00:00 2001
From: Andras Tim <andras.tim@gmail.com>
Date: Mon, 11 Jan 2021 17:05:17 +0100
Subject: [PATCH 182/297] scripts/list: User same wildcard regex that the UI
 use

The CLI and the UI should do the same to be able to add/remove the same
records via any supported interface.

Signed-off-by: Andras Tim <andras.tim@gmail.com>
---
 advanced/Scripts/list.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh
index 16bb2001..fde46552 100755
--- a/advanced/Scripts/list.sh
+++ b/advanced/Scripts/list.sh
@@ -112,7 +112,7 @@ ProcessDomainList() {
     for dom in "${domList[@]}"; do
         # Format domain into regex filter if requested
         if [[ "${wildcard}" == true ]]; then
-            dom="(^|\\.)${dom//\./\\.}$"
+            dom="(\\.|^)${dom//\./\\.}$"
         fi
 
         # Logic: If addmode then add to desired list and remove from the other;

From 523f6501576f76bfcc7e5d3ddc3cf0a287089790 Mon Sep 17 00:00:00 2001
From: Dan Schaper <dan.schaper@pi-hole.net>
Date: Tue, 12 Jan 2021 13:42:51 -0800
Subject: [PATCH 183/297] Use the 'Location:' header only.

Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
---
 automated install/basic-install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 1f5784c7..37cba335 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -2555,7 +2555,7 @@ FTLcheckUpdate() {
             FTLversion=$(/usr/bin/pihole-FTL tag)
             local FTLlatesttag
 
-            if ! FTLlatesttag=$(curl -sI https://github.com/pi-hole/FTL/releases/latest | grep --color=never -i Location | awk -F / '{print $NF}' | tr -d '[:cntrl:]'); then
+            if ! FTLlatesttag=$(curl -sI https://github.com/pi-hole/FTL/releases/latest | grep --color=never -i Location: | awk -F / '{print $NF}' | tr -d '[:cntrl:]'); then
                 # There was an issue while retrieving the latest version
                 printf "  %b Failed to retrieve latest FTL release metadata" "${CROSS}"
                 return 3

From 3f8fedfb16c5659b4eee58c6c937f504a01a1448 Mon Sep 17 00:00:00 2001
From: Dan Schaper <dan.schaper@pi-hole.net>
Date: Sun, 17 Jan 2021 11:10:24 -0800
Subject: [PATCH 184/297] Revert "Further failsafe check for available APT
 packages"

---
 automated install/basic-install.sh | 27 ++++++---------------------
 1 file changed, 6 insertions(+), 21 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 37cba335..4ab5c0e2 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -85,8 +85,6 @@ QUERY_LOGGING=true
 INSTALL_WEB_INTERFACE=true
 PRIVACY_LEVEL=0
 CACHE_SIZE=10000
-# Placeholder variable for the list of available APT packages to be parsed subsequently
-APT_PACKAGE_LIST=""
 
 if [ -z "${USER}" ]; then
   USER="$(id -un)"
@@ -181,19 +179,6 @@ is_command() {
     command -v "${check_command}" >/dev/null 2>&1
 }
 
-is_apt_package(){
-    # Checks whether a package, or one that provides it, is available in
-    # the installed APT repository lists.
-    local check_package=$1
-
-    # Obtain the list of available packages once
-    if [[ -z $APT_PACKAGE_LIST ]]; then
-        APT_PACKAGE_LIST=$(apt-cache dumpavail | grep -E '^P(ackage|rovides):')
-    fi
-
-    grep -qE " $check_package(,|$)" <<< "$APT_PACKAGE_LIST"
-}
-
 os_check() {
     if [ "$PIHOLE_SKIP_OS_CHECK" != true ]; then
         # This function gets a list of supported OS versions from a TXT record at versions.pi-hole.net
@@ -318,10 +303,10 @@ if is_command apt-get ; then
     # Update package cache. This is required already here to assure apt-cache calls have package lists available.
     update_package_cache || exit 1
     # Debian 7 doesn't have iproute2 so check if it's available first
-    if is_apt_package iproute2; then
+    if apt-cache show iproute2 > /dev/null 2>&1; then
         iproute_pkg="iproute2"
     # Otherwise, check if iproute is available
-    elif is_apt_package iproute; then
+    elif apt-cache show iproute > /dev/null 2>&1; then
         iproute_pkg="iproute"
     # Else print error and exit
     else
@@ -341,10 +326,10 @@ if is_command apt-get ; then
     # Check if installed php is v 7.0, or newer to determine packages to install
     if [[ "$phpInsNewer" != true ]]; then
         # Prefer the php metapackage if it's there
-        if is_apt_package php; then
+        if apt-cache show php > /dev/null 2>&1; then
             phpVer="php"
         # Else fall back on the php5 package if it's there
-        elif is_apt_package php5; then
+        elif apt-cache show php5 > /dev/null 2>&1; then
             phpVer="php5"
         # Else print error and exit
         else
@@ -356,9 +341,9 @@ if is_command apt-get ; then
         phpVer="php$phpInsMajor.$phpInsMinor"
     fi
     # We also need the correct version for `php-sqlite` (which differs across distros)
-    if is_apt_package "${phpVer}-sqlite3"; then
+    if apt-cache show "${phpVer}-sqlite3" > /dev/null 2>&1; then
         phpSqlite="sqlite3"
-    elif is_apt_package "${phpVer}-sqlite"; then
+    elif apt-cache show "${phpVer}-sqlite" > /dev/null 2>&1; then
         phpSqlite="sqlite"
     else
         printf "  %b Aborting installation: No SQLite PHP module was found in APT repository.\\n" "${CROSS}"

From 7c0c30fb0bd6fa669054be067ab948edbc67a4d0 Mon Sep 17 00:00:00 2001
From: freddii <freddii@users.noreply.github.com>
Date: Tue, 19 Jan 2021 19:33:38 +0100
Subject: [PATCH 185/297] fixed typos

---
 advanced/Scripts/chronometer.sh    |  2 +-
 advanced/Scripts/piholeARPTable.sh |  2 +-
 advanced/Scripts/piholeDebug.sh    | 18 +++++++++---------
 automated install/uninstall.sh     |  2 +-
 gravity.sh                         |  4 ++--
 manpages/pihole.8                  |  2 +-
 6 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/advanced/Scripts/chronometer.sh b/advanced/Scripts/chronometer.sh
index 3126ed25..4f9ea59a 100755
--- a/advanced/Scripts/chronometer.sh
+++ b/advanced/Scripts/chronometer.sh
@@ -559,7 +559,7 @@ Calculates stats and displays to an LCD
 Options:
   -j, --json          Output stats as JSON formatted string
   -r, --refresh       Set update frequency (in seconds)
-  -e, --exit          Output stats and exit witout refreshing
+  -e, --exit          Output stats and exit without refreshing
   -h, --help          Display this help text"
   fi
 
diff --git a/advanced/Scripts/piholeARPTable.sh b/advanced/Scripts/piholeARPTable.sh
index b6b552c9..66d05bf9 100755
--- a/advanced/Scripts/piholeARPTable.sh
+++ b/advanced/Scripts/piholeARPTable.sh
@@ -38,7 +38,7 @@ flushARP(){
 
     # Truncate network_addresses table in pihole-FTL.db
     # This needs to be done before we can truncate the network table due to
-    # foreign key contraints
+    # foreign key constraints
     if ! output=$(sqlite3 "${DBFILE}" "DELETE FROM network_addresses" 2>&1); then
         echo -e "${OVER}  ${CROSS} Failed to truncate network_addresses table"
         echo "  Database location: ${DBFILE}"
diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index d8d86563..318e3252 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -244,7 +244,7 @@ initialize_debug() {
     log_write "${INFO} $(date "+%Y-%m-%d:%H:%M:%S") debug log has been initialized."
 }
 
-# This is a function for visually displaying the curent test that is being run.
+# This is a function for visually displaying the current test that is being run.
 # Accepts one variable: the name of what is being diagnosed
 # Colors do not show in the dasboard, but the icons do: [i], [✓], and [✗]
 echo_current_diagnostic() {
@@ -379,7 +379,7 @@ get_program_version() {
     # Create a local variable so this function can be safely reused
     local program_version
     echo_current_diagnostic "${program_name} version"
-    # Evalutate the program we are checking, if it is any of the ones below, show the version
+    # Evaluate the program we are checking, if it is any of the ones below, show the version
     case "${program_name}" in
         "lighttpd") program_version="$(${program_name} -v 2> /dev/null | head -n1 | cut -d '/' -f2 | cut -d ' ' -f1)"
                     ;;
@@ -641,7 +641,7 @@ detect_ip_addresses() {
     # First argument should be a 4 or a 6
     local protocol=${1}
     # Use ip to show the addresses for the chosen protocol
-    # Store the values in an arry so they can be looped through
+    # Store the values in an array so they can be looped through
     # Get the lines that are in the file(s) and store them in an array for parsing later
     mapfile -t ip_addr_list < <(ip -"${protocol}" addr show dev "${PIHOLE_INTERFACE}" | awk -F ' ' '{ for(i=1;i<=NF;i++) if ($i ~ '/^inet/') print $(i+1) }')
 
@@ -823,7 +823,7 @@ check_x_headers() {
     # Do it for the dashboard as well, as the header is different than above
     local dashboard
     dashboard=$(curl -Is localhost/admin/ | awk '/X-Pi-hole/' | tr -d '\r')
-    # Store what the X-Header shoud be in variables for comparison later
+    # Store what the X-Header should be in variables for comparison later
     local block_page_working
     block_page_working="X-Pi-hole: A black hole for Internet advertisements."
     local dashboard_working
@@ -842,12 +842,12 @@ check_x_headers() {
         log_write "${COL_RED}${full_curl_output_block_page}${COL_NC}"
     fi
 
-    # Same logic applies to the dashbord as above, if the X-Header matches what a working system shoud have,
+    # Same logic applies to the dashboard as above, if the X-Header matches what a working system should have,
     if [[ $dashboard == "$dashboard_working" ]]; then
         # then we can show a success
         log_write "$TICK Web interface X-Header: ${COL_GREEN}${dashboard}${COL_NC}"
     else
-        # Othewise, it's a failure since the X-Headers either don't exist or have been modified in some way
+        # Otherwise, it's a failure since the X-Headers either don't exist or have been modified in some way
         log_write "$CROSS Web interface X-Header: ${COL_RED}X-Header does not match or could not be retrieved.${COL_NC}"
         log_write "${COL_RED}${full_curl_output_dashboard}${COL_NC}"
     fi
@@ -877,7 +877,7 @@ dig_at() {
         local pihole_address="${IP}"
         local remote_address="2001:4860:4860::8888"
         local record_type="AAAA"
-    # Othwerwise, it should be 4
+    # Otherwise, it should be 4
     else
         # so use the IPv4 values
         local local_address="127.0.0.1"
@@ -911,7 +911,7 @@ dig_at() {
         # show a success
         log_write "${TICK} ${random_url} ${COL_GREEN}is ${pihole_dig}${COL_NC} via ${COL_CYAN}Pi-hole${COL_NC} (${pihole_address})"
     else
-        # Othewise, show a failure
+        # Otherwise, show a failure
         log_write "${CROSS} ${COL_RED}Failed to resolve${COL_NC} ${random_url} via ${COL_RED}Pi-hole${COL_NC} (${pihole_address})"
     fi
 
@@ -1044,7 +1044,7 @@ parse_file() {
 }
 
 check_name_resolution() {
-    # Check name resoltion from localhost, Pi-hole's IP, and Google's name severs
+    # Check name resolution from localhost, Pi-hole's IP, and Google's name severs
     # using the function we created earlier
     dig_at 4 "${IPV4_ADDRESS%/*}"
     # If IPv6 enabled,
diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh
index 6e36d16b..a0d3b108 100755
--- a/automated install/uninstall.sh	
+++ b/automated install/uninstall.sh	
@@ -31,7 +31,7 @@ else
     else
         echo -e "  ${CROSS} ${str}
             Script called with non-root privileges
-            The Pi-hole requires elevated privleges to uninstall"
+            The Pi-hole requires elevated privileges to uninstall"
         exit 1
     fi
 fi
diff --git a/gravity.sh b/gravity.sh
index dfb863e9..183f247f 100755
--- a/gravity.sh
+++ b/gravity.sh
@@ -363,7 +363,7 @@ gravity_DownloadBlocklists() {
 
   target="$(mktemp -p "/tmp" --suffix=".gravity")"
 
-  # Use compression to reduce the amount of data that is transfered
+  # Use compression to reduce the amount of data that is transferred
   # between the Pi-hole and the ad list provider. Use this feature
   # only if it is supported by the locally available version of curl
   if curl -V | grep -q "Features:.* libz"; then
@@ -595,7 +595,7 @@ gravity_ParseFileIntoDomains() {
   # Determine if we are parsing a consolidated list
   #if [[ "${source}" == "${piholeDir}/${matterAndLight}" ]]; then
     # Remove comments and print only the domain name
-    # Most of the lists downloaded are already in hosts file format but the spacing/formating is not contiguous
+    # Most of the lists downloaded are already in hosts file format but the spacing/formatting is not contiguous
     # This helps with that and makes it easier to read
     # It also helps with debugging so each stage of the script can be researched more in depth
     # 1) Remove carriage returns
diff --git a/manpages/pihole.8 b/manpages/pihole.8
index a57eb05e..4ba0e0f7 100644
--- a/manpages/pihole.8
+++ b/manpages/pihole.8
@@ -153,7 +153,7 @@ Available commands and options:
 .br
       -r, --refresh     Set update frequency (in seconds)
 .br
-      -e, --exit        Output stats and exit witout refreshing
+      -e, --exit        Output stats and exit without refreshing
 .br
 
 \fB-g, updateGravity\fR

From c6810a012406f4cc944f6123484c764c7da27df2 Mon Sep 17 00:00:00 2001
From: bcambl <blayne@blaynecampbell.com>
Date: Tue, 19 Jan 2021 22:58:05 -0600
Subject: [PATCH 186/297] touch sysconfig network script when absent

sysconfig network scripts are missing on pure NetworkManager installs.
This commit touches a placeholder to allow the network configuration to
be generated and loaded via NetworkManager.

Signed-off-by: bcambl <blayne@blaynecampbell.com>
---
 automated install/basic-install.sh | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 4ab5c0e2..d9f41a3d 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -997,9 +997,14 @@ setStaticIPv4() {
     # if an ifcfg config does not exists for the interface name, try the connection name via network manager
     if is_command nmcli && nmcli general status &> /dev/null; then
         CONNECTION_NAME=$(nmcli dev show "${PIHOLE_INTERFACE}" | grep 'GENERAL.CONNECTION' | cut -d: -f2 | sed 's/^System//' | xargs | tr ' ' '_')
-        if [[ -f "/etc/sysconfig/network-scripts/ifcfg-${CONNECTION_NAME}" ]];then
+        IFCFG_FILE=/etc/sysconfig/network-scripts/ifcfg-${CONNECTION_NAME}
+        if [[ -f "${IFCFG_FILE}" ]];then
             # If it exists,
-            IFCFG_FILE=/etc/sysconfig/network-scripts/ifcfg-${CONNECTION_NAME}
+            setIFCFG "${IFCFG_FILE}"
+            return 0
+        else
+            printf "  %b Warning: sysconfig network script not found. Creating ${IFCFG_FILE}\\n" "${INFO}"
+            touch "${IFCFG_FILE}"
             setIFCFG "${IFCFG_FILE}"
             return 0
         fi

From b62495d89e4632f5118880b912c0de57254114cf Mon Sep 17 00:00:00 2001
From: bcambl <blayne@blaynecampbell.com>
Date: Thu, 21 Jan 2021 20:20:07 -0600
Subject: [PATCH 187/297] update tests to fedora 33

Signed-off-by: bcambl <blayne@blaynecampbell.com>
---
 .github/workflows/test.yml                            | 2 +-
 supportedos.txt                                       | 2 +-
 test/{_fedora_31.Dockerfile => _fedora_33.Dockerfile} | 2 +-
 test/{tox.fedora_31.ini => tox.fedora_33.ini}         | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)
 rename test/{_fedora_31.Dockerfile => _fedora_33.Dockerfile} (96%)
 rename test/{tox.fedora_31.ini => tox.fedora_33.ini} (78%)

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 8e19e550..d19df5ab 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -10,7 +10,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        distro: [debian_9, debian_10, ubuntu_16, ubuntu_18, ubuntu_20, centos_7, centos_8, fedora_31, fedora_32]
+        distro: [debian_9, debian_10, ubuntu_16, ubuntu_18, ubuntu_20, centos_7, centos_8, fedora_32, fedora_33]
     env:
       DISTRO: ${{matrix.distro}}
     steps:
diff --git a/supportedos.txt b/supportedos.txt
index 1eb1fde6..6d579132 100644
--- a/supportedos.txt
+++ b/supportedos.txt
@@ -1,5 +1,5 @@
 Raspbian=9,10
 Ubuntu=16,18,20
 Debian=9,10
-Fedora=31,32
+Fedora=32,33
 CentOS=7,8
\ No newline at end of file
diff --git a/test/_fedora_31.Dockerfile b/test/_fedora_33.Dockerfile
similarity index 96%
rename from test/_fedora_31.Dockerfile
rename to test/_fedora_33.Dockerfile
index 02dcb733..0a1ac59c 100644
--- a/test/_fedora_31.Dockerfile
+++ b/test/_fedora_33.Dockerfile
@@ -1,4 +1,4 @@
-FROM fedora:31
+FROM fedora:33
 
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole
diff --git a/test/tox.fedora_31.ini b/test/tox.fedora_33.ini
similarity index 78%
rename from test/tox.fedora_31.ini
rename to test/tox.fedora_33.ini
index 36ab10ad..00ea732a 100644
--- a/test/tox.fedora_31.ini
+++ b/test/tox.fedora_33.ini
@@ -4,5 +4,5 @@ envlist = py37
 [testenv]
 whitelist_externals = docker
 deps = -rrequirements.txt
-commands = docker build -f _fedora_31.Dockerfile -t pytest_pihole:test_container ../
+commands = docker build -f _fedora_33.Dockerfile -t pytest_pihole:test_container ../
            pytest {posargs:-vv -n auto} ./test_automated_install.py ./test_centos_fedora_common_support.py ./test_fedora_support.py

From e5bfafefb97995ce4cdfadfed1e745141ac57c28 Mon Sep 17 00:00:00 2001
From: mtzfederico <fm@mtzfederico.com>
Date: Fri, 22 Jan 2021 13:23:59 -0600
Subject: [PATCH 188/297] Moved where external.conf is included

Signed-off-by: mtzfederico <fm@mtzfederico.com>
---
 advanced/lighttpd.conf.debian | 8 ++++----
 advanced/lighttpd.conf.fedora | 8 ++++----
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/advanced/lighttpd.conf.debian b/advanced/lighttpd.conf.debian
index 6020dfd8..cd6d7737 100644
--- a/advanced/lighttpd.conf.debian
+++ b/advanced/lighttpd.conf.debian
@@ -81,6 +81,10 @@ mimetype.assign = (
     ".woff2" => "font/woff2"
 )
 
+# Add user chosen options held in external file
+# This uses include_shell instead of an include wildcard for compatibility
+include_shell "cat external.conf 2>/dev/null"
+
 # default listening port for IPv6 falls back to the IPv4 port
 include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
 
@@ -109,7 +113,3 @@ $HTTP["url"] =~ "^/admin/\.(.*)" {
 
 # Default expire header
 expire.url = ( "" => "access plus 0 seconds" )
-
-# Add user chosen options held in external file
-# This uses include_shell instead of an include wildcard for compatibility
-include_shell "cat external.conf 2>/dev/null"
diff --git a/advanced/lighttpd.conf.fedora b/advanced/lighttpd.conf.fedora
index 8e3bddc4..64428617 100644
--- a/advanced/lighttpd.conf.fedora
+++ b/advanced/lighttpd.conf.fedora
@@ -82,6 +82,10 @@ mimetype.assign = (
     ".woff2" => "font/woff2"
 )
 
+# Add user chosen options held in external file
+# This uses include_shell instead of an include wildcard for compatibility
+include_shell "cat external.conf 2>/dev/null"
+
 # default listening port for IPv6 falls back to the IPv4 port
 #include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
 #include_shell "/usr/share/lighttpd/create-mime.assign.pl"
@@ -117,7 +121,3 @@ $HTTP["url"] =~ "^/admin/\.(.*)" {
 
 # Default expire header
 expire.url = ( "" => "access plus 0 seconds" )
-
-# Add user chosen options held in external file
-# This uses include_shell instead of an include wildcard for compatibility
-include_shell "cat external.conf 2>/dev/null"

From c42b97ddb22fd138ed5fd1cc6740acebf0f9d125 Mon Sep 17 00:00:00 2001
From: Michael Woolweaver <m.woolweaver@icloud.com>
Date: Tue, 26 Jan 2021 01:04:37 -0600
Subject: [PATCH 189/297] fix typo in comment

Signed-off-by: Michael Woolweaver <m.woolweaver@icloud.com>
---
 gravity.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/gravity.sh b/gravity.sh
index dfb863e9..862722a9 100755
--- a/gravity.sh
+++ b/gravity.sh
@@ -88,7 +88,7 @@ gravity_swap_databases() {
   str="Building tree"
   echo -ne "  ${INFO} ${str}..."
 
-  # The index is intentionally not UNIQUE as prro quality adlists may contain domains more than once
+  # The index is intentionally not UNIQUE as poor quality adlists may contain domains more than once
   output=$( { sqlite3 "${gravityTEMPfile}" "CREATE INDEX idx_gravity ON gravity (domain, adlist_id);"; } 2>&1 )
   status="$?"
 

From 1ab193fa9d5f94798cd4e50d969495d60913ed78 Mon Sep 17 00:00:00 2001
From: Alexander Schmitz <Flashbang007@gmail.com>
Date: Wed, 27 Jan 2021 11:00:43 +0100
Subject: [PATCH 190/297] Update piholeDebug.sh

Signed-off-by: Alexander Schmitz <Flashbang007@gmail.com>
---
 advanced/Scripts/piholeDebug.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 318e3252..13a886f1 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -695,7 +695,7 @@ ping_gateway() {
     # Check if we are using IPv4 or IPv6
     # Find the default gateway using IPv4 or IPv6
     local gateway
-    gateway="$(ip -"${protocol}" route | grep default | cut -d ' ' -f 3)"
+    gateway="$(ip -"${protocol}" route | grep default | grep "${PIHOLE_INTERFACE}" | cut -d ' ' -f 3)"
 
     # If the gateway variable has a value (meaning a gateway was found),
     if [[ -n "${gateway}" ]]; then

From 7dc7cbb80e4156cab3078c442aa38a0ca00cb2dc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Thu, 11 Feb 2021 19:45:32 +0100
Subject: [PATCH 191/297] Add hostname to teleporter backup file if called from
 cli
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 advanced/Scripts/webpage.sh | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index da2afb0f..5e7d90f9 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -238,18 +238,18 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423
         #          168.192.in-addr.arpa to 192.168.0.0/16
         #          192.in-addr.arpa to 192.0.0.0/8
         if [[ "${CONDITIONAL_FORWARDING_REVERSE}" == *"in-addr.arpa" ]];then
-            arrRev=("${CONDITIONAL_FORWARDING_REVERSE//./ }")        
-            case ${#arrRev[@]} in 
+            arrRev=("${CONDITIONAL_FORWARDING_REVERSE//./ }")
+            case ${#arrRev[@]} in
                 6   )   REV_SERVER_CIDR="${arrRev[3]}.${arrRev[2]}.${arrRev[1]}.${arrRev[0]}/32";;
                 5   )   REV_SERVER_CIDR="${arrRev[2]}.${arrRev[1]}.${arrRev[0]}.0/24";;
                 4   )   REV_SERVER_CIDR="${arrRev[1]}.${arrRev[0]}.0.0/16";;
-                3   )   REV_SERVER_CIDR="${arrRev[0]}.0.0.0/8";; 
+                3   )   REV_SERVER_CIDR="${arrRev[0]}.0.0.0/8";;
             esac
         else
           # Set REV_SERVER_CIDR to whatever value it was set to
           REV_SERVER_CIDR="${CONDITIONAL_FORWARDING_REVERSE}"
         fi
-        
+
         # If REV_SERVER_CIDR is not converted by the above, then use the REV_SERVER_TARGET variable to derive it
         if [ -z "${REV_SERVER_CIDR}" ]; then
             # Convert existing input to /24 subnet (preserves legacy behavior)
@@ -636,8 +636,11 @@ Interfaces:
 
 Teleporter() {
     local datetimestamp
+    local host
     datetimestamp=$(date "+%Y-%m-%d_%H-%M-%S")
-    php /var/www/html/admin/scripts/pi-hole/php/teleporter.php > "pi-hole-teleporter_${datetimestamp}.tar.gz"
+    host=$(hostname)
+    host="${host//./_}"
+    php /var/www/html/admin/scripts/pi-hole/php/teleporter.php > "pi-hole-${host}-teleporter_${datetimestamp}.tar.gz"
 }
 
 checkDomain()

From 78027bd2bfeba890af7a0e440b9c7b6b15c9b3d0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Fri, 12 Feb 2021 20:25:01 +0100
Subject: [PATCH 192/297] Add default noname if hostname is empty
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 advanced/Scripts/webpage.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index 5e7d90f9..53f815c5 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -640,7 +640,7 @@ Teleporter() {
     datetimestamp=$(date "+%Y-%m-%d_%H-%M-%S")
     host=$(hostname)
     host="${host//./_}"
-    php /var/www/html/admin/scripts/pi-hole/php/teleporter.php > "pi-hole-${host}-teleporter_${datetimestamp}.tar.gz"
+    php /var/www/html/admin/scripts/pi-hole/php/teleporter.php > "pi-hole-${host:-noname}-teleporter_${datetimestamp}.tar.gz"
 }
 
 checkDomain()

From 126b9ae381d2a263cd888df5c97d3099a44d4064 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Tue, 2 Mar 2021 20:08:09 +0100
Subject: [PATCH 193/297] Add missing three new columns to pihole -g -r

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 gravity.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/gravity.sh b/gravity.sh
index 3fe43527..abed28b4 100755
--- a/gravity.sh
+++ b/gravity.sh
@@ -176,7 +176,7 @@ database_table_from_file() {
         echo "${rowid},\"${domain}\",${timestamp}" >> "${tmpFile}"
       elif [[ "${table}" == "adlist" ]]; then
         # Adlist table format
-        echo "${rowid},\"${domain}\",1,${timestamp},${timestamp},\"Migrated from ${source}\"," >> "${tmpFile}"
+        echo "${rowid},\"${domain}\",1,${timestamp},${timestamp},\"Migrated from ${source}\",,0,0,0" >> "${tmpFile}"
       else
         # White-, black-, and regexlist table format
         echo "${rowid},${type},\"${domain}\",1,${timestamp},${timestamp},\"Migrated from ${source}\"" >> "${tmpFile}"

From 13cf0c12881447a4fc7cab5cedee6e2cd7514e0c Mon Sep 17 00:00:00 2001
From: Dany <69208423+Cafetier@users.noreply.github.com>
Date: Wed, 17 Mar 2021 14:18:50 -0400
Subject: [PATCH 194/297] Aligned pihole logo to center, Fixed responsive issue
 (#4036)

* Aligned pihole logo to center, Fixed responsive issue

* removed duplicate instance of #splashpage

Signed-off-by: Dany Gauthier <danygauthier57@yahoo.ca>
---
 advanced/blockingpage.css | 74 +++++++++++++++++++++++++++++++++++----
 advanced/index.php        | 10 +++---
 2 files changed, 74 insertions(+), 10 deletions(-)

diff --git a/advanced/blockingpage.css b/advanced/blockingpage.css
index 9f82a27e..0cc7a65c 100644
--- a/advanced/blockingpage.css
+++ b/advanced/blockingpage.css
@@ -145,7 +145,17 @@ body {
 }
 
 /* User is greeted with a splash page when browsing to Pi-hole IP address */
-#splashpage { background: #222; color: rgba(255, 255, 255, 0.7); text-align: center; }
+#splashpage {
+  background: #222;
+  color: rgba(255, 255, 255, 0.7);
+  text-align: center;
+  width: 100%;
+  height: 100%;
+  display: flex;
+  align-items: center;
+  justify-content: center;
+}
+
 #splashpage img { margin: 5px; width: 256px; }
 #splashpage b { color: inherit; }
 
@@ -196,6 +206,26 @@ header #bpAlt label {
   display: block;
 }
 
+html, body {
+    height: 100%;
+}
+
+#pihole_card {
+    width: 400px;
+    height: auto;
+    max-width: 400px;
+}
+
+    #pihole_card p, #pihole_card a {
+        font-size: 13pt;
+        text-align: center;
+    }
+
+#pihole_logo_splash {
+    height: auto;
+    width: 100%;
+}
+
 /* Click anywhere else on screen to hide #bpAbout */
 #bpAboutToggle:checked {
   display: block;
@@ -382,12 +412,44 @@ footer {
 
 /* Responsive Content */
 @media only screen and (max-width: 500px) {
-  h1 a { font-size: 1.8rem; min-width: 170px; }
-  footer span::before { content: "Generated "; }
-  footer span { display: block; }
+  h1 a {
+        font-size: 1.8rem;
+        min-width: 170px;
+    }
+
+    footer span::before {
+        content: "Generated ";
+    }
+
+    footer span {
+        display: block;
+    }
 }
 
 @media only screen and (min-width: 1251px) {
-  #bpWrapper, footer { border-radius: 0 0 5px 5px; }
-  #bpAbout { border-right-width: 1px; }
+  #bpWrapper, footer {
+        border-radius: 0 0 5px 5px;
+    }
+
+    #bpAbout {
+        border-right-width: 1px;
+    }
+}
+
+@media only screen and (max-width: 400px) {
+    #pihole_card {
+        width: 100%;
+        height: auto;
+    }
+
+        #pihole_card p, #pihole_card a {
+            font-size: 100%;
+        }
+}
+
+@media only screen and (max-width: 256px) {
+    #pihole_logo_splash {
+        width: 90% !important;
+        height: auto;
+    }
 }
diff --git a/advanced/index.php b/advanced/index.php
index ca8c35e4..eea44462 100644
--- a/advanced/index.php
+++ b/advanced/index.php
@@ -71,15 +71,17 @@ if ($serverName === "pi.hole"
         <head>
             <meta charset='utf-8'>
             $viewPort
+            <meta name="viewport" content="width=device-width, initial-scale=1">
             <title>● $serverName</title>
             <link rel='stylesheet' href='pihole/blockingpage.css'>
             <link rel='shortcut icon' href='admin/img/favicons/favicon.ico' type='image/x-icon'>
         </head>
         <body id='splashpage'>
-            <img src='admin/img/logo.svg' alt='Pi-hole logo' width='256' height='377'>
-            <br>
-            <p>Pi-<strong>hole</strong>: Your black hole for Internet advertisements</p>
-            <a href='/admin'>Did you mean to go to the admin panel?</a>
+            <div id="pihole_card">
+              <img src='admin/img/logo.svg' alt='Pi-hole logo id="pihole_logo_splash" />
+              <p>Pi-<strong>hole</strong>: Your black hole for Internet advertisements</p>
+              <a href='/admin'>Did you mean to go to the admin panel?</a>
+            </div>
         </body>
     </html>
     ";

From 20b6f9cceb9135dc8997974c898fbcd22dce427f Mon Sep 17 00:00:00 2001
From: jbzdarkid <jbzdarkid@gmail.com>
Date: Wed, 17 Mar 2021 18:35:27 -0700
Subject: [PATCH 195/297] Improve comments in basic-install.sh

Signed-off-by: jbzdarkid <jbzdarkid@gmail.com>
---
 automated install/basic-install.sh | 321 +++++++++++++----------------
 1 file changed, 148 insertions(+), 173 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 4ab5c0e2..762ee110 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -21,8 +21,8 @@
 # instead of continuing the installation with something broken
 set -e
 
-# Set PATH to a usual default to assure that all basic commands are available.
-# When using "su" an uncomplete PATH could be passed: https://github.com/pi-hole/pi-hole/issues/3209
+# Append common folders to the PATH to ensure that all basic commands are available.
+# When using "su" an incomplete PATH could be passed: https://github.com/pi-hole/pi-hole/issues/3209
 export PATH+=':/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
 
 ######## VARIABLES #########
@@ -59,12 +59,17 @@ coltable=/opt/pihole/COL_TABLE
 # Root of the web server
 webroot="/var/www/html"
 
-# We store several other directories and
+
+# We clone (or update) two git repositories during the install. This helps to make sure that we always have the latest versions of the relevant files.
+# AdminLTE is used to set up the Web admin interface.
+# Pi-hole contains various setup scripts and files which are critical to the installation.
+# Search for "PI_HOLE_LOCAL_REPO" in this file to see all such scripts.
+# Two notable scripts are gravity.sh (used to generate the HOSTS file) and advanced/Scripts/webpage.sh (used to install the Web admin interface)
 webInterfaceGitUrl="https://github.com/pi-hole/AdminLTE.git"
 webInterfaceDir="${webroot}/admin"
 piholeGitUrl="https://github.com/pi-hole/pi-hole.git"
 PI_HOLE_LOCAL_REPO="/etc/.pihole"
-# These are the names of pi-holes files, stored in an array
+# List of pihole scripts, stored in an array
 PI_HOLE_FILES=(chronometer list piholeDebug piholeLogFlush setupLCD update version gravity uninstall webpage)
 # This directory is where the Pi-hole scripts will be installed
 PI_HOLE_INSTALL_DIR="/opt/pihole"
@@ -76,11 +81,10 @@ if [ -z "$useUpdateVars" ]; then
 fi
 
 adlistFile="/etc/pihole/adlists.list"
-# Pi-hole needs an IP address; to begin, these variables are empty since we don't know what the IP is until
-# this script can run
+# Pi-hole needs an IP address; to begin, these variables are empty since we don't know what the IP is until this script can run
 IPV4_ADDRESS=${IPV4_ADDRESS}
 IPV6_ADDRESS=${IPV6_ADDRESS}
-# By default, query logging is enabled and the dashboard is set to be installed
+# Give settings their default values. These may be changed by prompts later in the script.
 QUERY_LOGGING=true
 INSTALL_WEB_INTERFACE=true
 PRIVACY_LEVEL=0
@@ -98,9 +102,8 @@ if [ -t 0 ] ; then
 else
   screen_size="24 80"
 fi
-# Set rows variable to contain first number
+# Determine terminal rows and columns by parsing screen_size
 printf -v rows '%d' "${screen_size%% *}"
-# Set columns variable to contain second number
 printf -v columns '%d' "${screen_size##* }"
 
 # Divide by two so the dialogs take up half of the screen, which looks nice.
@@ -171,9 +174,8 @@ show_ascii_berry() {
 }
 
 is_command() {
-    # Checks for existence of string passed in as only function argument.
-    # Exit value of 0 when exists, 1 if not exists. Value is the result
-    # of the `command` shell built-in call.
+    # Checks to see if the given command (passed as a string argument) exists on the system.
+    # The function returns 0 (success) if the command exists, and 1 if it doesn't.
     local check_command="$1"
 
     command -v "${check_command}" >/dev/null 2>&1
@@ -190,15 +192,15 @@ os_check() {
         detected_version=$(grep VERSION_ID /etc/os-release | cut -d '=' -f2 | tr -d '"')
 
         cmdResult="$(dig +short -t txt ${remote_os_domain} @ns1.pi-hole.net 2>&1; echo $?)"
-        #Get the return code of the previous command (last line)
+        # Gets the return code of the previous command (last line)
         digReturnCode="${cmdResult##*$'\n'}"
 
         if [ ! "${digReturnCode}" == "0" ]; then
             valid_response=false
         else
-            # Dig returned 0 code, so get the actual response, and loop through it to determine if the detected variables above are valid
+            # Dig returned 0 (success), so get the actual response, and loop through it to determine if the detected variables above are valid
             response="${cmdResult%%$'\n'*}"
-            # If the value of ${result} is a single 0, then this is the return code, not the response. Response is blank
+            # If the value of ${response} is a single 0, then this is the return code, not an actual response.
             if [ "${response}" == 0 ]; then
                 valid_response=false
             fi
@@ -209,6 +211,7 @@ os_check() {
                 distro_part="${distro_and_versions%%=*}"
                 versions_part="${distro_and_versions##*=}"
 
+                # If the distro part is a (case-insensistive) substring of the computer OS
                 if [[ "${detected_os^^}" =~ ${distro_part^^} ]]; then
                     valid_os=true
                     IFS="," read -r -a supportedVer <<<"${versions_part}"
@@ -281,9 +284,9 @@ if is_command apt-get ; then
     PKG_MANAGER="apt-get"
     # A variable to store the command used to update the package cache
     UPDATE_PKG_CACHE="${PKG_MANAGER} update"
-    # An array for something...
+    # The command we will use to actually install packages
     PKG_INSTALL=("${PKG_MANAGER}" -qq --no-install-recommends install)
-    # grep -c will return 1 retVal on 0 matches, block this throwing the set -e with an OR TRUE
+    # grep -c will return 1 if there are no matches. This is an acceptable condition, so we OR TRUE to prevent set -e exiting the script.
     PKG_COUNT="${PKG_MANAGER} -s -o Debug::NoLocking=true upgrade | grep -c ^Inst || true"
     # Some distros vary slightly so these fixes for dependencies may apply
     # on Ubuntu 18.04.1 LTS we need to add the universe repository to gain access to dhcpcd5
@@ -291,7 +294,7 @@ if is_command apt-get ; then
     if awk 'BEGIN{a=1;b=0}/bionic main/{a=0}/bionic.*universe/{b=1}END{exit a + b}' ${APT_SOURCES}; then
         if ! whiptail --defaultno --title "Dependencies Require Update to Allowed Repositories" --yesno "Would you like to enable 'universe' repository?\\n\\nThis repository is required by the following packages:\\n\\n- dhcpcd5" "${r}" "${c}"; then
             printf "  %b Aborting installation: Dependencies could not be installed.\\n" "${CROSS}"
-            exit 1 # exit the installer
+            exit 1
         else
             printf "  %b Enabling universe package repository for Ubuntu Bionic\\n" "${INFO}"
             cp -p ${APT_SOURCES} ${APT_SOURCES}.backup # Backup current repo list
@@ -323,7 +326,8 @@ if is_command apt-get ; then
             phpInsNewer=true
         fi
     fi
-    # Check if installed php is v 7.0, or newer to determine packages to install
+    # Several other packages depend on the version of PHP. If PHP is not installed, or an insufficient version,
+    # those packages should fall back to the default (latest?)
     if [[ "$phpInsNewer" != true ]]; then
         # Prefer the php metapackage if it's there
         if apt-cache show php > /dev/null 2>&1; then
@@ -337,7 +341,8 @@ if is_command apt-get ; then
             exit 1
         fi
     else
-        # Newer php is installed, its common, cgi & sqlite counterparts are deps
+        # Else, PHP is already installed at a version beyond v7.0, so the additional packages
+        # should match version with the current PHP version.
         phpVer="php$phpInsMajor.$phpInsMinor"
     fi
     # We also need the correct version for `php-sqlite` (which differs across distros)
@@ -349,13 +354,12 @@ if is_command apt-get ; then
         printf "  %b Aborting installation: No SQLite PHP module was found in APT repository.\\n" "${CROSS}"
         exit 1
     fi
-    # Since our install script is so large, we need several other programs to successfully get a machine provisioned
-    # These programs are stored in an array so they can be looped through later
+    # Packages required to run this install script (stored as an array)
     INSTALLER_DEPS=(dhcpcd5 git "${iproute_pkg}" whiptail dnsutils)
-    # Pi-hole itself has several dependencies that also need to be installed
+    # Packages required to run Pi-hole (stored as an array)
     PIHOLE_DEPS=(cron curl iputils-ping lsof netcat psmisc sudo unzip wget idn2 sqlite3 libcap2-bin dns-root-data libcap2)
-    # The Web dashboard has some that also need to be installed
-    # It's useful to separate the two since our repos are also setup as "Core" code and "Web" code
+    # Packages required for the Web admin interface (stored as an array)
+    # It's useful to separate this from Pi-hole, since the two repos are also setup separately
     PIHOLE_WEB_DEPS=(lighttpd "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-${phpSqlite}" "${phpVer}-xml" "${phpVer}-json" "${phpVer}-intl")
     # The Web server user,
     LIGHTTPD_USER="www-data"
@@ -364,20 +368,19 @@ if is_command apt-get ; then
     # and config file
     LIGHTTPD_CFG="lighttpd.conf.debian"
 
-    # A function to check...
+    # This function waits for dpkg to unlock, which signals that the previous apt-get command has finished.
     test_dpkg_lock() {
-        # An iterator used for counting loop iterations
         i=0
         # fuser is a program to show which processes use the named files, sockets, or filesystems
-        # So while the command is true
-        while fuser /var/lib/dpkg/lock >/dev/null 2>&1 ; do
-            # Wait half a second
+        # So while the lock is held,
+        while fuser /var/lib/dpkg/lock >/dev/null 2>&1
+        do
+            # we wait half a second,
             sleep 0.5
-            # and increase the iterator
+            # increase the iterator,
             ((i=i+1))
         done
-        # Always return success, since we only return if there is no
-        # lock (anymore)
+        # and then report success once dpkg is unlocked.
         return 0
     }
 
@@ -390,6 +393,7 @@ elif is_command rpm ; then
         PKG_MANAGER="yum"
     fi
 
+    # These variable names match the ones in the Debian family. See above for an explanation of what they are for.
     PKG_INSTALL=("${PKG_MANAGER}" install -y)
     PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l"
     INSTALLER_DEPS=(git iproute newt procps-ng which chkconfig bind-utils)
@@ -476,7 +480,7 @@ elif is_command rpm ; then
         # Warn user of unsupported version of Fedora or CentOS
         if ! whiptail --defaultno --title "Unsupported RPM based distribution" --yesno "Would you like to continue installation on an unsupported RPM based distribution?\\n\\nPlease ensure the following packages have been installed manually:\\n\\n- lighttpd\\n- lighttpd-fastcgi\\n- PHP version 7+" "${r}" "${c}"; then
             printf "  %b Aborting installation due to unsupported RPM based distribution\\n" "${CROSS}"
-            exit # exit the installer
+            exit
         else
             printf "  %b Continuing installation with unsupported RPM based distribution\\n" "${INFO}"
         fi
@@ -540,8 +544,9 @@ make_repo() {
     # Check current branch. If it is master, then reset to the latest available tag.
     # In case extra commits have been added after tagging/release (i.e in case of metadata updates/README.MD tweaks)
     curBranch=$(git rev-parse --abbrev-ref HEAD)
-    if [[ "${curBranch}" == "master" ]]; then #If we're calling make_repo() then it should always be master, we may not need to check.
-         git reset --hard "$(git describe --abbrev=0 --tags)" || return $?
+    if [[ "${curBranch}" == "master" ]]; then
+        # If we're calling make_repo() then it should always be master, we may not need to check.
+        git reset --hard "$(git describe --abbrev=0 --tags)" || return $?
     fi
     # Show a colored message showing it's status
     printf "%b  %b %s\\n" "${OVER}" "${TICK}" "${str}"
@@ -589,7 +594,7 @@ update_repo() {
     return 0
 }
 
-# A function that combines the functions previously made
+# A function that combines the previous git functions to update or clone a repo
 getGitFiles() {
     # Setup named variables for the git repos
     # We need the directory
@@ -613,9 +618,8 @@ getGitFiles() {
         # Attempt to make the repository, showing an error on failure
         make_repo "${directory}" "${remoteRepo}" || { printf "\\n  %bError: Could not update local repository. Contact support.%b\\n" "${COL_LIGHT_RED}" "${COL_NC}"; exit 1; }
     fi
-    # echo a blank line
     echo ""
-    # and return success?
+    # Success via one of the two branches, as the commands would exit if they failed.
     return 0
 }
 
@@ -637,7 +641,7 @@ resetRepo() {
     printf "%b  %b %s\\n" "${OVER}" "${TICK}" "${str}"
     # Return to where we came from
     popd &> /dev/null || return 1
-    # Returning success anyway?
+    # Function succeeded, as "git reset" would have triggered a return earlier if it failed
     return 0
 }
 
@@ -689,7 +693,7 @@ welcomeDialogs() {
 In the next section, you can choose to use your current network settings (DHCP) or to manually edit them." "${r}" "${c}"
 }
 
-# A function that let's the user pick an interface to use with Pi-hole
+# A function that lets the user pick an interface to use with Pi-hole
 chooseInterface() {
     # Turn the available interfaces into an array so it can be used with a whiptail dialog
     local interfacesArray=()
@@ -713,7 +717,7 @@ chooseInterface() {
     else
         # While reading through the available interfaces
         while read -r line; do
-            # use a variable to set the option as OFF to begin with
+            # Use a variable to set the option as OFF to begin with
             mode="OFF"
             # If it's the first loop,
             if [[ "${firstLoop}" -eq 1 ]]; then
@@ -747,9 +751,9 @@ chooseInterface() {
 testIPv6() {
     # first will contain fda2 (ULA)
     printf -v first "%s" "${1%%:*}"
-    # value1 will contain 253 which is the decimal value corresponding to 0xfd
+    # value1 will contain 253 which is the decimal value corresponding to 0xFD
     value1=$(( (0x$first)/256 ))
-    # will contain 162 which is the decimal value corresponding to 0xa2
+    # value2 will contain 162 which is the decimal value corresponding to 0xA2
     value2=$(( (0x$first)%256 ))
     # the ULA test is testing for fc00::/7 according to RFC 4193
     if (( (value1&254)==252 )); then
@@ -779,8 +783,9 @@ useIPv6dialog() {
         result=$(testIPv6 "$i")
         # If it's a ULA address, use it and store it as a global variable
         [[ "${result}" == "ULA" ]] && ULA_ADDRESS="${i%/*}"
-        # If it's a GUA address, we can still use it si store it as a global variable
+        # If it's a GUA address, use it and store it as a global variable
         [[ "${result}" == "GUA" ]] && GUA_ADDRESS="${i%/*}"
+        # Else if it's a Link-local address, we cannot use it, so just continue
     done
 
     # Determine which address to be used: Prefer ULA over GUA or don't use any if none found
@@ -858,7 +863,6 @@ use4andor6() {
     fi
 }
 
-#
 getStaticIPv4Settings() {
     # Local, named variables
     local ipSettingsCorrect
@@ -905,9 +909,9 @@ It is also possible to use a DHCP reservation, but if you are going to do that,
     fi
 }
 
-# configure networking via dhcpcd
+# Configure networking via dhcpcd
 setDHCPCD() {
-    # check if the IP is already in the file
+    # Check if the IP is already in the file
     if grep -q "${IPV4_ADDRESS}" /etc/dhcpcd.conf; then
         printf "  %b Static IP already configured\\n" "${INFO}"
     # If it's not,
@@ -925,8 +929,8 @@ setDHCPCD() {
     fi
 }
 
-# configure networking ifcfg-xxxx file found at /etc/sysconfig/network-scripts/
-# this function requires the full path of an ifcfg file passed as an argument
+# Configure networking ifcfg-xxxx file found at /etc/sysconfig/network-scripts/
+# This function requires the full path of an ifcfg file passed as an argument
 setIFCFG() {
     # Local, named variables
     local IFCFG_FILE
@@ -934,12 +938,11 @@ setIFCFG() {
     local CIDR
     IFCFG_FILE=$1
     printf -v IPADDR "%s" "${IPV4_ADDRESS%%/*}"
-    # check if the desired IP is already set
+    # Check if the desired IP is already set
     if grep -Eq "${IPADDR}(\\b|\\/)" "${IFCFG_FILE}"; then
         printf "  %b Static IP already configured\\n" "${INFO}"
-    # Otherwise,
     else
-        # Put the IP in variables without the CIDR notation
+        # Otherwise, put the IP in variables without the CIDR notation
         printf -v CIDR "%s" "${IPV4_ADDRESS##*/}"
         # Backup existing interface configuration:
         cp -p "${IFCFG_FILE}" "${IFCFG_FILE}".pihole.orig
@@ -981,24 +984,23 @@ setStaticIPv4() {
             return 0
         fi
     fi
-    # For the Debian family, if dhcpcd.conf exists,
+    # For the Debian family, if dhcpcd.conf exists then we can just configure using DHCPD.
     if [[ -f "/etc/dhcpcd.conf" ]]; then
-        # configure networking via dhcpcd
         setDHCPCD
         return 0
     fi
-    # If a DHCPCD config file was not found, check for an ifcfg config file based on interface name
+    # If a DHCPCD config file was not found, check for an ifcfg config file based on the interface name
     if [[ -f "/etc/sysconfig/network-scripts/ifcfg-${PIHOLE_INTERFACE}" ]];then
-        # If it exists,
+        # If it exists, then we can configure using IFCFG
         IFCFG_FILE=/etc/sysconfig/network-scripts/ifcfg-${PIHOLE_INTERFACE}
         setIFCFG "${IFCFG_FILE}"
         return 0
     fi
-    # if an ifcfg config does not exists for the interface name, try the connection name via network manager
+    # If an ifcfg config does not exists for the interface name, search for one based on the connection name via network manager
     if is_command nmcli && nmcli general status &> /dev/null; then
         CONNECTION_NAME=$(nmcli dev show "${PIHOLE_INTERFACE}" | grep 'GENERAL.CONNECTION' | cut -d: -f2 | sed 's/^System//' | xargs | tr ' ' '_')
         if [[ -f "/etc/sysconfig/network-scripts/ifcfg-${CONNECTION_NAME}" ]];then
-            # If it exists,
+            # If it exists, then we can configure using IFCFG
             IFCFG_FILE=/etc/sysconfig/network-scripts/ifcfg-${CONNECTION_NAME}
             setIFCFG "${IFCFG_FILE}"
             return 0
@@ -1015,17 +1017,17 @@ valid_ip() {
     local ip=${1}
     local stat=1
 
-    # One IPv4 element is 8bit: 0 - 256
+    # Regex matching one IPv4 component, i.e. an integer from 0 to 255.
     local ipv4elem="(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]?|0)";
-    # optional port number starting '#' with range of 1-65536
+    # Regex matching an optional port beginning with # matching optional port number starting '#' with range of 1 to 65536
     local portelem="(#([1-9]|[1-8][0-9]|9[0-9]|[1-8][0-9]{2}|9[0-8][0-9]|99[0-9]|[1-8][0-9]{3}|9[0-8][0-9]{2}|99[0-8][0-9]|999[0-9]|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-6]))?"
-    # build a full regex string from the above parts
+    # Build a full IPv4 regex from the above subexpressions
     local regex="^${ipv4elem}\.${ipv4elem}\.${ipv4elem}\.${ipv4elem}${portelem}$"
 
+    # Evaluate the regex, and return the result
     [[ $ip =~ ${regex} ]]
 
     stat=$?
-    # Return the exit code
     return "${stat}"
 }
 
@@ -1033,19 +1035,19 @@ valid_ip6() {
     local ip=${1}
     local stat=1
 
-    # One IPv6 element is 16bit: 0000 - FFFF
+    # Regex matching one IPv6 element, i.e. a hex value from 0000 to FFFF
     local ipv6elem="[0-9a-fA-F]{1,4}"
-    # CIDR for IPv6 is 1- 128 bit
+    # Regex matching an IPv6 CIDR, i.e. 1 to 128
     local v6cidr="(\\/([1-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8])){0,1}"
-    # optional port number starting '#' with range of 1-65536
+    # Regex matching an optional port beginning with # matching optional port number starting '#' with range of 1-65536
     local portelem="(#([1-9]|[1-8][0-9]|9[0-9]|[1-8][0-9]{2}|9[0-8][0-9]|99[0-9]|[1-8][0-9]{3}|9[0-8][0-9]{2}|99[0-8][0-9]|999[0-9]|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-6]))?"
-    # build a full regex string from the above parts
+    # Build a full IPv6 regex from the above subexpressions
     local regex="^(((${ipv6elem}))*((:${ipv6elem}))*::((${ipv6elem}))*((:${ipv6elem}))*|((${ipv6elem}))((:${ipv6elem})){7})${v6cidr}${portelem}$"
 
+    # Evaluate the regex, and return the result
     [[ ${ip} =~ ${regex} ]]
 
     stat=$?
-    # Return the exit code
     return "${stat}"
 }
 
@@ -1057,7 +1059,7 @@ setDNS() {
     # In an array, list the available upstream providers
     DNSChooseOptions=()
     local DNSServerCount=0
-    # Save the old Internal Field Separator in a variable
+    # Save the old Internal Field Separator in a variable,
     OIFS=$IFS
     # and set the new one to newline
     IFS=$'\n'
@@ -1078,23 +1080,22 @@ setDNS() {
     # In a whiptail dialog, show the options
     DNSchoices=$(whiptail --separate-output --menu "Select Upstream DNS Provider. To use your own, select Custom." "${r}" "${c}" 7 \
     "${DNSChooseOptions[@]}" 2>&1 >/dev/tty) || \
-    # exit if Cancel is selected
+    # Exit if the user selects "Cancel"
     { printf "  %bCancel was selected, exiting installer%b\\n" "${COL_LIGHT_RED}" "${COL_NC}"; exit 1; }
 
-    # Depending on the user's choice, set the GLOBAl variables to the IP of the respective provider
+    # Depending on the user's choice, set the GLOBAL variables to the IP of the respective provider
     if [[ "${DNSchoices}" == "Custom" ]]
     then
-        # Until the DNS settings are selected,
+        # Loop until we have a valid DNS setting
         until [[ "${DNSSettingsCorrect}" = True ]]; do
-            #
+            # Signal value, to be used if the user inputs an invalid IP address
             strInvalid="Invalid"
-            # If the first
             if [[ ! "${PIHOLE_DNS_1}" ]]; then
-                # and second upstream servers do not exist
                 if [[ ! "${PIHOLE_DNS_2}" ]]; then
+                    # If the first and second upstream servers do not exist, do not prepopulate an IP address
                     prePopulate=""
-                # Otherwise,
                 else
+                    # Otherwise, prepopulate the whiptail dialogue with the appropriate DNS value(s)
                     prePopulate=", ${PIHOLE_DNS_2}"
                 fi
             elif  [[ "${PIHOLE_DNS_1}" ]] && [[ ! "${PIHOLE_DNS_2}" ]]; then
@@ -1103,52 +1104,48 @@ setDNS() {
                 prePopulate="${PIHOLE_DNS_1}, ${PIHOLE_DNS_2}"
             fi
 
-            # Dialog for the user to enter custom upstream servers
+            # Prompt the user to enter custom upstream servers
             piholeDNS=$(whiptail --backtitle "Specify Upstream DNS Provider(s)"  --inputbox "Enter your desired upstream DNS provider(s), separated by a comma.\\n\\nFor example '8.8.8.8, 8.8.4.4'" "${r}" "${c}" "${prePopulate}" 3>&1 1>&2 2>&3) || \
             { printf "  %bCancel was selected, exiting installer%b\\n" "${COL_LIGHT_RED}" "${COL_NC}"; exit 1; }
             # Clean user input and replace whitespace with comma.
             piholeDNS=$(sed 's/[, \t]\+/,/g' <<< "${piholeDNS}")
 
+            # Separate the user input into the two DNS values (separated by a comma)
             printf -v PIHOLE_DNS_1 "%s" "${piholeDNS%%,*}"
             printf -v PIHOLE_DNS_2 "%s" "${piholeDNS##*,}"
 
-            # If the IP is valid,
+            # If the first DNS value is invalid or empty, this if statement will be true and we will set PIHOLE_DNS_1="Invalid"
             if ! valid_ip "${PIHOLE_DNS_1}" || [[ ! "${PIHOLE_DNS_1}" ]]; then
-                # store it in the variable so we can use it
                 PIHOLE_DNS_1=${strInvalid}
             fi
-            # Do the same for the secondary server
+            # If the second DNS value is invalid or empty, this if statement will be true and we will set PIHOLE_DNS_2="Invalid"
             if ! valid_ip "${PIHOLE_DNS_2}" && [[ "${PIHOLE_DNS_2}" ]]; then
                 PIHOLE_DNS_2=${strInvalid}
             fi
             # If either of the DNS servers are invalid,
             if [[ "${PIHOLE_DNS_1}" == "${strInvalid}" ]] || [[ "${PIHOLE_DNS_2}" == "${strInvalid}" ]]; then
-                # explain this to the user
+                # explain this to the user,
                 whiptail --msgbox --backtitle "Invalid IP" --title "Invalid IP" "One or both entered IP addresses were invalid. Please try again.\\n\\n    DNS Server 1:   $PIHOLE_DNS_1\\n    DNS Server 2:   ${PIHOLE_DNS_2}" ${r} ${c}
-                # and set the variables back to nothing
+                # set the variables back to nothing,
                 if [[ "${PIHOLE_DNS_1}" == "${strInvalid}" ]]; then
                     PIHOLE_DNS_1=""
                 fi
                 if [[ "${PIHOLE_DNS_2}" == "${strInvalid}" ]]; then
                     PIHOLE_DNS_2=""
                 fi
-                # Since the settings will not work, stay in the loop
+                # and continue the loop.
                 DNSSettingsCorrect=False
-            # Otherwise,
             else
-                # Show the settings
+                # Otherwise, show the DNS setting to the user, and break the loop if they confirm them.
                 if (whiptail --backtitle "Specify Upstream DNS Provider(s)" --title "Upstream DNS Provider(s)" --yesno "Are these settings correct?\\n    DNS Server 1:   $PIHOLE_DNS_1\\n    DNS Server 2:   ${PIHOLE_DNS_2}" "${r}" "${c}"); then
-                    # and break from the loop since the servers are valid
                     DNSSettingsCorrect=True
-                # Otherwise,
                 else
-                    # If the settings are wrong, the loop continues
                     DNSSettingsCorrect=False
                 fi
             fi
         done
     else
-        # Save the old Internal Field Separator in a variable
+        # Save the old Internal Field Separator in a variable,
         OIFS=$IFS
         # and set the new one to newline
         IFS=$'\n'
@@ -1187,16 +1184,16 @@ setLogging() {
     # Get the user's choice
     LogChoices=$("${LogToggleCommand[@]}" "${LogChooseOptions[@]}" 2>&1 >/dev/tty) || (printf "  %bCancel was selected, exiting installer%b\\n" "${COL_LIGHT_RED}" "${COL_NC}" && exit 1)
     case ${LogChoices} in
-        # If it's on
+        # If it's on,
         "On (Recommended)")
             printf "  %b Logging On.\\n" "${INFO}"
-            # Set the GLOBAL variable to true so we know what they selected
+            # set the GLOBAL variable setting to true
             QUERY_LOGGING=true
             ;;
         # Otherwise, it's off,
         Off)
             printf "  %b Logging Off.\\n" "${INFO}"
-            # So set it to false
+            # set the GLOBAL variable setting to false
             QUERY_LOGGING=false
             ;;
     esac
@@ -1252,7 +1249,7 @@ setAdminFlag() {
             ;;
     esac
 
-    # Request user to install web server, if it has not been deselected before (INSTALL_WEB_SERVER=true is default).
+    # If the user wants to install the Web admin interface (i.e. it has not been deselected above)
     if [[ "${INSTALL_WEB_SERVER}" == true ]]; then
         # Get list of required PHP modules, excluding base package (common) and handler (cgi)
         local i php_modules
@@ -1291,18 +1288,18 @@ chooseBlocklists() {
 
     # In a variable, show the choices available; exit if Cancel is selected
     choices=$("${cmd[@]}" "${options[@]}" 2>&1 >/dev/tty) || { printf "  %bCancel was selected, exiting installer%b\\n" "${COL_LIGHT_RED}" "${COL_NC}"; rm "${adlistFile}" ;exit 1; }
-    # For each choice available,
+    # Add all selected choices to the lists file
     for choice in ${choices}
     do
         appendToListsFile "${choice}"
     done
+    # Create an empty adList file with appropriate permissions.
     touch "${adlistFile}"
     chmod 644 "${adlistFile}"
 }
 
 # Accept a string parameter, it must be one of the default lists
-# This function allow to not duplicate code in chooseBlocklists and
-# in installDefaultBlocklists
+# This function saves duplication between chooseBlocklists and installDefaultBlocklists
 appendToListsFile() {
     case $1 in
         StevenBlack  )  echo "https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts" >> "${adlistFile}";;
@@ -1339,16 +1336,15 @@ version_check_dnsmasq() {
            grep -q "${dnsmasq_pihole_id_string2}" "${dnsmasq_conf}"; then
             printf " it is from a previous Pi-hole install.\\n"
             printf "  %b Backing up dnsmasq.conf to dnsmasq.conf.orig..." "${INFO}"
-            # so backup the original file
+            # so backup the original file,
             mv -f "${dnsmasq_conf}" "${dnsmasq_conf_orig}"
             printf "%b  %b Backing up dnsmasq.conf to dnsmasq.conf.orig...\\n" "${OVER}"  "${TICK}"
             printf "  %b Restoring default dnsmasq.conf..." "${INFO}"
             # and replace it with the default
             install -D -m 644 -T "${dnsmasq_original_config}" "${dnsmasq_conf}"
             printf "%b  %b Restoring default dnsmasq.conf...\\n" "${OVER}"  "${TICK}"
-        # Otherwise,
         else
-        # Don't to anything
+        # Otherwise, don't to anything
         printf " it is not a Pi-hole file, leaving alone!\\n"
         fi
     else
@@ -1368,36 +1364,33 @@ version_check_dnsmasq() {
     install -D -m 644 -T "${dnsmasq_pihole_01_snippet}" "${dnsmasq_pihole_01_location}"
     printf "%b  %b Copying 01-pihole.conf to /etc/dnsmasq.d/01-pihole.conf\\n" "${OVER}"  "${TICK}"
     # Replace our placeholder values with the GLOBAL DNS variables that we populated earlier
-    # First, swap in the interface to listen on
+    # First, swap in the interface to listen on,
     sed -i "s/@INT@/$PIHOLE_INTERFACE/" "${dnsmasq_pihole_01_location}"
     if [[ "${PIHOLE_DNS_1}" != "" ]]; then
-        # Then swap in the primary DNS server
+        # then swap in the primary DNS server.
         sed -i "s/@DNS1@/$PIHOLE_DNS_1/" "${dnsmasq_pihole_01_location}"
     else
-        #
+        # Otherwise, remove the line which sets DNS1.
         sed -i '/^server=@DNS1@/d' "${dnsmasq_pihole_01_location}"
     fi
+    # Ditto if DNS2 is not empty
     if [[ "${PIHOLE_DNS_2}" != "" ]]; then
-        # Then swap in the primary DNS server
         sed -i "s/@DNS2@/$PIHOLE_DNS_2/" "${dnsmasq_pihole_01_location}"
     else
-        #
         sed -i '/^server=@DNS2@/d' "${dnsmasq_pihole_01_location}"
     fi
 
 	# Set the cache size
 	sed -i "s/@CACHE_SIZE@/$CACHE_SIZE/" ${dnsmasq_pihole_01_location}
 
-    #
     sed -i 's/^#conf-dir=\/etc\/dnsmasq.d$/conf-dir=\/etc\/dnsmasq.d/' "${dnsmasq_conf}"
 
     # If the user does not want to enable logging,
     if [[ "${QUERY_LOGGING}" == false ]] ; then
-        # Disable it by commenting out the directive in the DNS config file
+        # disable it by commenting out the directive in the DNS config file
         sed -i 's/^log-queries/#log-queries/' "${dnsmasq_pihole_01_location}"
-    # Otherwise,
     else
-        # enable it by uncommenting the directive in the DNS config file
+        # Otherwise, enable it by uncommenting the directive in the DNS config file
         sed -i 's/^#log-queries/log-queries/' "${dnsmasq_pihole_01_location}"
     fi
 }
@@ -1407,14 +1400,13 @@ clean_existing() {
     # Local, named variables
     # ${1} Directory to clean
     local clean_directory="${1}"
-    # Make ${2} the new one?
+    # Pop the first argument, and shift all addresses down by one (i.e. ${2} becomes ${1})
     shift
-    # ${2} Array of files to remove
+    # Then, we can access all arguments ($@) without including the directory to clean
     local old_files=( "$@" )
 
-    # For each script found in the old files array
+    # Remove each script in the old_files array
     for script in "${old_files[@]}"; do
-        # Remove them
         rm -f "${clean_directory}/${script}.sh"
     done
 }
@@ -1447,9 +1439,8 @@ installScripts() {
         install -Dm644 ./advanced/bash-completion/pihole /etc/bash_completion.d/pihole
         printf "%b  %b %s\\n" "${OVER}" "${TICK}" "${str}"
 
-    # Otherwise,
     else
-        # Show an error and exit
+        # Otherwise, show an error and exit
         printf "%b  %b %s\\n" "${OVER}"  "${CROSS}" "${str}"
         printf "\\t\\t%bError: Local repo %s not found, exiting installer%b\\n" "${COL_LIGHT_RED}" "${PI_HOLE_LOCAL_REPO}" "${COL_NC}"
         return 1
@@ -1501,7 +1492,7 @@ installConfigs() {
         # Make sure the external.conf file exists, as lighttpd v1.4.50 crashes without it
         touch /etc/lighttpd/external.conf
         chmod 644 /etc/lighttpd/external.conf
-        # if there is a custom block page in the html/pihole directory, replace 404 handler in lighttpd config
+        # If there is a custom block page in the html/pihole directory, replace 404 handler in lighttpd config
         if [[ -f "${PI_HOLE_BLOCKPAGE_DIR}/custom.php" ]]; then
             sed -i 's/^\(server\.error-handler-404\s*=\s*\).*$/\1"pihole\/custom\.php"/' /etc/lighttpd/lighttpd.conf
         fi
@@ -1575,9 +1566,8 @@ restart_service() {
     if is_command systemctl ; then
         # use that to restart the service
         systemctl restart "${1}" &> /dev/null
-    # Otherwise,
     else
-        # fall back to the service command
+        # Otherwise, fall back to the service command
         service "${1}" restart &> /dev/null
     fi
     printf "%b  %b %s...\\n" "${OVER}" "${TICK}" "${str}"
@@ -1592,9 +1582,8 @@ enable_service() {
     if is_command systemctl ; then
         # use that to enable the service
         systemctl enable "${1}" &> /dev/null
-    # Otherwise,
     else
-        # use update-rc.d to accomplish this
+        #  Otherwise, use update-rc.d to accomplish this
         update-rc.d "${1}" defaults &> /dev/null
     fi
     printf "%b  %b %s...\\n" "${OVER}" "${TICK}" "${str}"
@@ -1609,9 +1598,8 @@ disable_service() {
     if is_command systemctl ; then
         # use that to disable the service
         systemctl disable "${1}" &> /dev/null
-    # Otherwise,
     else
-        # use update-rc.d to accomplish this
+        # Otherwise, use update-rc.d to accomplish this
         update-rc.d "${1}" disable &> /dev/null
     fi
     printf "%b  %b %s...\\n" "${OVER}" "${TICK}" "${str}"
@@ -1622,9 +1610,8 @@ check_service_active() {
     if is_command systemctl ; then
         # use that to check the status of the service
         systemctl is-enabled "${1}" &> /dev/null
-    # Otherwise,
     else
-        # fall back to service command
+        # Otherwise, fall back to service command
         service "${1}" status &> /dev/null
     fi
 }
@@ -1666,9 +1653,8 @@ update_package_cache() {
     # Create a command from the package cache variable
     if eval "${UPDATE_PKG_CACHE}" &> /dev/null; then
         printf "%b  %b %s\\n" "${OVER}" "${TICK}" "${str}"
-    # Otherwise,
     else
-        # show an error and exit
+        # Otherwise, show an error and exit
         printf "%b  %b %s\\n" "${OVER}" "${CROSS}" "${str}"
         printf "  %bError: Unable to update package cache. Please try \"%s\"%b" "${COL_LIGHT_RED}" "${UPDATE_PKG_CACHE}" "${COL_NC}"
         return 1
@@ -1697,19 +1683,18 @@ notify_package_updates_available() {
     fi
 }
 
-# What's this doing outside of a function in the middle of nowhere?
+# This counter is outside of install_dependent_packages so that it can count the number of times the function is called.
 counter=0
 
 install_dependent_packages() {
     # Local, named variables should be used here, especially for an iterator
     # Add one to the counter
     counter=$((counter+1))
-    # If it equals 1,
     if [[ "${counter}" == 1 ]]; then
-        #
+        # On the first loop, print a special message
         printf "  %b Installer Dependency checks...\\n" "${INFO}"
     else
-        #
+        # On all subsequent loops, print a generic message.
         printf "  %b Main Dependency checks...\\n" "${INFO}"
     fi
 
@@ -1723,7 +1708,7 @@ install_dependent_packages() {
     # NOTE: We may be able to use this installArray in the future to create a list of package that were
     # installed by us, and remove only the installed packages, and not the entire list.
     if is_command apt-get ; then
-        # For each package,
+        # For each package, check if it's already installed (and if so, don't add it to the installArray)
         for i in "$@"; do
             printf "  %b Checking for %s..." "${INFO}" "${i}"
             if dpkg-query -W -f='${Status}' "${i}" 2>/dev/null | grep "ok installed" &> /dev/null; then
@@ -1733,6 +1718,7 @@ install_dependent_packages() {
                 installArray+=("${i}")
             fi
         done
+        # If there's anything to install, install everything in the list.
         if [[ "${#installArray[@]}" -gt 0 ]]; then
             test_dpkg_lock
             printf "  %b Processing %s install(s) for: %s, please wait...\\n" "${INFO}" "${PKG_MANAGER}" "${installArray[*]}"
@@ -1747,6 +1733,7 @@ install_dependent_packages() {
 
     # Install Fedora/CentOS packages
     for i in "$@"; do
+    # For each package, check if it's already installed (and if so, don't add it to the installArray)
         printf "  %b Checking for %s..." "${INFO}" "${i}"
         if "${PKG_MANAGER}" -q list installed "${i}" &> /dev/null; then
             printf "%b  %b Checking for %s\\n" "${OVER}" "${TICK}" "${i}"
@@ -1755,6 +1742,7 @@ install_dependent_packages() {
             installArray+=("${i}")
         fi
     done
+    # If there's anything to install, install everything in the list.
     if [[ "${#installArray[@]}" -gt 0 ]]; then
         printf "  %b Processing %s install(s) for: %s, please wait...\\n" "${INFO}" "${PKG_MANAGER}" "${installArray[*]}"
         printf '%*s\n' "$columns" '' | tr " " -;
@@ -1772,7 +1760,7 @@ installPiholeWeb() {
 
     local str="Creating directory for blocking page, and copying files"
     printf "  %b %s..." "${INFO}" "${str}"
-    # Install the directory
+    # Install the directory,
     install -d -m 0755 ${PI_HOLE_BLOCKPAGE_DIR}
     # and the blockpage
     install -D -m 644 ${PI_HOLE_LOCAL_REPO}/advanced/{index,blockingpage}.* ${PI_HOLE_BLOCKPAGE_DIR}/
@@ -1791,9 +1779,8 @@ installPiholeWeb() {
         # back it up
         mv ${webroot}/index.lighttpd.html ${webroot}/index.lighttpd.orig
         printf "%b  %b %s\\n" "${OVER}" "${TICK}" "${str}"
-    # Otherwise,
     else
-        # don't do anything
+        # Otherwise, don't do anything
         printf "%b  %b %s\\n" "${OVER}" "${INFO}" "${str}"
         printf "      No default index.lighttpd.html file found... not backing up\\n"
     fi
@@ -1801,7 +1788,7 @@ installPiholeWeb() {
     # Install Sudoers file
     local str="Installing sudoer file"
     printf "\\n  %b %s..." "${INFO}" "${str}"
-    # Make the .d directory if it doesn't exist
+    # Make the .d directory if it doesn't exist,
     install -d -m 755 /etc/sudoers.d/
     # and copy in the pihole sudoers file
     install -m 0640 ${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole.sudo /etc/sudoers.d/pihole
@@ -1845,11 +1832,11 @@ runGravity() {
 create_pihole_user() {
     local str="Checking for user 'pihole'"
     printf "  %b %s..." "${INFO}" "${str}"
-    # If the user pihole exists,
+    # If the pihole user exists,
     if id -u pihole &> /dev/null; then
-        # if group exists
+        # and if the pihole group exists,
         if getent group pihole > /dev/null 2>&1; then
-            # just show a success
+            # succeed
             printf "%b  %b %s\\n" "${OVER}" "${TICK}" "${str}"
         else
             local str="Checking for group 'pihole'"
@@ -1870,14 +1857,14 @@ create_pihole_user() {
                 printf "%b  %b %s\\n" "${OVER}" "${CROSS}" "${str}"
             fi
         fi
-    # Otherwise,
     else
+        # If the pihole user doesn't exist,
         printf "%b  %b %s" "${OVER}" "${CROSS}" "${str}"
         local str="Creating user 'pihole'"
         printf "%b  %b %s..." "${OVER}" "${INFO}" "${str}"
-        # create her with the useradd command
+        # create her with the useradd command,
         if getent group pihole > /dev/null 2>&1; then
-            # add primary group pihole as it already exists
+            # then add her to the pihole group (as it already exists)
             if useradd -r --no-user-group -g pihole -s /usr/sbin/nologin pihole; then
                 printf "%b  %b %s\\n" "${OVER}" "${TICK}" "${str}"
             else
@@ -1894,7 +1881,7 @@ create_pihole_user() {
     fi
 }
 
-#
+# This function saves any changes to the setup variables into the setupvars.conf file for future runs
 finalExports() {
     # If the Web interface is not set to be installed,
     if [[ "${INSTALL_WEB_INTERFACE}" == false ]]; then
@@ -1946,7 +1933,6 @@ finalExports() {
 
 # Install the logrotate script
 installLogrotate() {
-
     local str="Installing latest logrotate script"
     printf "\\n  %b %s..." "${INFO}" "${str}"
     # Copy the file over from the local repo
@@ -1958,9 +1944,9 @@ installLogrotate() {
     # customize the logrotate script here in order to reflect
     # the local properties of the /var/log directory
     logusergroup="$(stat -c '%U %G' /var/log)"
-    # If the variable has a value,
+    # If there is a usergroup for log rotation,
     if [[ ! -z "${logusergroup}" ]]; then
-        #
+        # replace the line in the logrotate script with that usergroup.
         sed -i "s/# su #/su ${logusergroup}/g;" /etc/pihole/logrotate
     fi
     printf "%b  %b %s\\n" "${OVER}" "${TICK}" "${str}"
@@ -2099,15 +2085,15 @@ checkSelinux() {
 
 # Installation complete message with instructions for the user
 displayFinalMessage() {
-    # If
+    # If the number of arguments is > 0,
     if [[ "${#1}" -gt 0 ]] ; then
+        # set the password to the first argument.
         pwstring="$1"
-        # else, if the dashboard password in the setup variables exists,
     elif [[ $(grep 'WEBPASSWORD' -c /etc/pihole/setupVars.conf) -gt 0 ]]; then
-        # set a variable for evaluation later
+        # Else if the password exists from previous setup, we'll load it later
         pwstring="unchanged"
     else
-        # set a variable for evaluation later
+        # Else, inform the user that there is no set password.
         pwstring="NOT SET"
     fi
     # If the user wants to install the dashboard,
@@ -2138,9 +2124,8 @@ update_dialogs() {
         opt1a="Repair"
         opt1b="This will retain existing settings"
         strAdd="You will remain on the same version"
-    # Otherwise,
     else
-        # set some variables with different values
+        # Otherwise, set some variables with different values
         opt1a="Update"
         opt1b="This will retain existing settings."
         strAdd="You will be updated to the latest version."
@@ -2291,7 +2276,6 @@ clone_or_update_repos() {
 # Disable directive for SC2120 a value _can_ be passed to this function, but it is passed from an external script that sources this one
 # shellcheck disable=SC2120
 FTLinstall() {
-
     # Local, named variables
     local latesttag
     local str="Downloading and Installing FTL"
@@ -2322,9 +2306,8 @@ FTLinstall() {
         url="https://ftl.pi-hole.net/${ftlBranch}"
     fi
 
-    # If the download worked,
     if curl -sSL --fail "${url}/${binary}" -o "${binary}"; then
-        # get sha1 of the binary we just downloaded for verification.
+        # If the download worked, get sha1 of the binary we just downloaded for verification.
         curl -sSL --fail "${url}/${binary}.sha1" -o "${binary}.sha1"
 
         # If we downloaded binary file (as opposed to text),
@@ -2348,16 +2331,15 @@ FTLinstall() {
             # Installed the FTL service
             printf "%b  %b %s\\n" "${OVER}" "${TICK}" "${str}"
             return 0
-        # Otherwise,
         else
-            # the download failed, so just go back to the original directory
+            # Otherwise, the hash download failed, so print and exit.
             popd > /dev/null || { printf "Unable to return to original directory after FTL binary download.\\n"; return 1; }
             printf "%b  %b %s\\n" "${OVER}" "${CROSS}" "${str}"
             printf "  %bError: Download of %s/%s failed (checksum error)%b\\n" "${COL_LIGHT_RED}" "${url}" "${binary}" "${COL_NC}"
             return 1
         fi
-    # Otherwise,
     else
+        # Otherwise, the download failed, so print and exit.
         popd > /dev/null || { printf "Unable to return to original directory after FTL binary download.\\n"; return 1; }
         printf "%b  %b %s\\n" "${OVER}" "${CROSS}" "${str}"
         # The URL could not be found
@@ -2400,18 +2382,14 @@ get_binary_name() {
     # If the machine is arm or aarch
     if [[ "${machine}" == "arm"* || "${machine}" == *"aarch"* ]]; then
         # ARM
-        #
         local rev
         rev=$(uname -m | sed "s/[^0-9]//g;")
-        #
         local lib
         lib=$(ldd /bin/ls | grep -E '^\s*/lib' | awk '{ print $1 }')
-        #
         if [[ "${lib}" == "/lib/ld-linux-aarch64.so.1" ]]; then
             printf "%b  %b Detected AArch64 (64 Bit ARM) processor\\n" "${OVER}" "${TICK}"
             # set the binary to be used
             l_binary="pihole-FTL-aarch64-linux-gnu"
-        #
         elif [[ "${lib}" == "/lib/ld-linux-armhf.so.3" ]]; then
             # Hard-float available: Use gnueabihf binaries
             # If ARMv8 or higher is found (e.g., BCM2837 as found in Raspberry Pi Model 3B)
@@ -2419,13 +2397,13 @@ get_binary_name() {
                 printf "%b  %b Detected ARMv8 (or newer) processor\\n" "${OVER}" "${TICK}"
                 # set the binary to be used
                 l_binary="pihole-FTL-armv8-linux-gnueabihf"
-            # Otherwise, if ARMv7 is found (e.g., BCM2836 as found in Raspberry Pi Model 2)
             elif [[ "${rev}" -eq 7 ]]; then
+                # Otherwise, if ARMv7 is found (e.g., BCM2836 as found in Raspberry Pi Model 2)
                 printf "%b  %b Detected ARMv7 processor (with hard-float support)\\n" "${OVER}" "${TICK}"
                 # set the binary to be used
                 l_binary="pihole-FTL-armv7-linux-gnueabihf"
-            # Otherwise, use the ARMv6 binary (e.g., BCM2835 as found in Raspberry Pi Zero and Model 1)
             else
+                # Otherwise, use the ARMv6 binary (e.g., BCM2835 as found in Raspberry Pi Zero and Model 1)
                 printf "%b  %b Detected ARMv6 processor (with hard-float support)\\n" "${OVER}" "${TICK}"
                 # set the binary to be used
                 l_binary="pihole-FTL-armv6-linux-gnueabihf"
@@ -2475,6 +2453,7 @@ get_binary_name() {
         l_binary="pihole-FTL-linux-x86_32"
     fi
 
+    # Returning a string value via echo
     echo ${l_binary}
 }
 
@@ -2611,9 +2590,8 @@ main() {
         # Show the Pi-hole logo so people know it's genuine since the logo and name are trademarked
         show_ascii_berry
         make_temporary_log
-    # Otherwise,
     else
-        # They do not have enough privileges, so let the user know
+        # Otherwise, they do not have enough privileges, so let the user know
         printf "  %b %s\\n" "${INFO}" "${str}"
         printf "  %b %bScript called with non-root privileges%b\\n" "${INFO}" "${COL_LIGHT_RED}" "${COL_NC}"
         printf "      The Pi-hole requires elevated privileges to install and run\\n"
@@ -2621,7 +2599,7 @@ main() {
         printf "      Make sure to download this script from a trusted source\\n\\n"
         printf "  %b Sudo utility check" "${INFO}"
 
-        # If the sudo command exists,
+        # If the sudo command exists, try rerunning as admin
         if is_command sudo ; then
             printf "%b  %b Sudo utility check\\n" "${OVER}"  "${TICK}"
 
@@ -2635,9 +2613,8 @@ main() {
             fi
 
             exit $?
-        # Otherwise,
         else
-            # Let them know they need to run it as root
+            # Otherwise, tell the user they need to run the script as root, and bail
             printf "%b  %b Sudo utility check\\n" "${OVER}" "${CROSS}"
             printf "  %b Sudo is needed for the Web Interface to run pihole commands\\n\\n" "${INFO}"
             printf "  %b %bPlease re-run this installer as root${COL_NC}\\n" "${INFO}" "${COL_LIGHT_RED}"
@@ -2657,9 +2634,8 @@ main() {
             useUpdateVars=true
             # also disable debconf-apt-progress dialogs
             export DEBIAN_FRONTEND="noninteractive"
-        # Otherwise,
         else
-            # show the available options (repair/reconfigure)
+            # If running attended, show the available options (repair/reconfigure)
             update_dialogs
         fi
     fi
@@ -2713,13 +2689,13 @@ main() {
             PRIVACY_LEVEL="${PRIVACY_LEVEL:-0}"
         fi
     fi
-    # Clone/Update the repos
+    # Download or update the scripts by updating the appropriate git repos
     clone_or_update_repos
 
     # Install the Core dependencies
     local dep_install_list=("${PIHOLE_DEPS[@]}")
     if [[ "${INSTALL_WEB_SERVER}" == true ]]; then
-        # Install the Web dependencies
+        # And, if the setting says so, install the Web admin interface dependencies
         dep_install_list+=("${PIHOLE_WEB_DEPS[@]}")
     fi
 
@@ -2727,7 +2703,7 @@ main() {
     unset dep_install_list
 
     # On some systems, lighttpd is not enabled on first install. We need to enable it here if the user
-    # has chosen to install the web interface, else the `LIGHTTPD_ENABLED` check will fail
+    # has chosen to install the web interface, else the LIGHTTPD_ENABLED check will fail
     if [[ "${INSTALL_WEB_SERVER}" == true ]]; then
         enable_service lighttpd
     fi
@@ -2779,7 +2755,6 @@ main() {
 
     # If the Web server was installed,
     if [[ "${INSTALL_WEB_SERVER}" == true ]]; then
-
         if [[ "${LIGHTTPD_ENABLED}" == true ]]; then
             restart_service lighttpd
             enable_service lighttpd

From d25240fe9fff05ce633c8029ac74f953c511824e Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Thu, 18 Mar 2021 08:57:03 +0100
Subject: [PATCH 196/297] pihole -g should respose GRAVITYDB in pihole-FTL.conf

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 gravity.sh | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/gravity.sh b/gravity.sh
index abed28b4..d07d558d 100755
--- a/gravity.sh
+++ b/gravity.sh
@@ -35,8 +35,9 @@ localList="${piholeDir}/local.list"
 VPNList="/etc/openvpn/ipp.txt"
 
 piholeGitDir="/etc/.pihole"
-gravityDBfile="${piholeDir}/gravity.db"
-gravityTEMPfile="${piholeDir}/gravity_temp.db"
+gravityDBfile_default="${piholeDir}/gravity.db"
+# GRAVITYDB may be overwritten by source pihole-FTL.conf below
+GRAVITYDB="${gravityDBfile_default}"
 gravityDBschema="${piholeGitDir}/advanced/Templates/gravity.db.sql"
 gravityDBcopy="${piholeGitDir}/advanced/Templates/gravity_copy.sql"
 
@@ -68,6 +69,11 @@ if [[ -f "${pihole_FTL}" ]]; then
   source "${pihole_FTL}"
 fi
 
+# Set this only after sourcing pihole-FTL.conf as the gravity database path may
+# have changed
+gravityDBfile="${GRAVITYDB}"
+gravityTEMPfile="${GRAVITYDB}_temp"
+
 if [[ -z "${BLOCKINGMODE}" ]] ; then
   BLOCKINGMODE="NULL"
 fi
@@ -359,6 +365,10 @@ gravity_CheckDNSResolutionAvailable() {
 gravity_DownloadBlocklists() {
   echo -e "  ${INFO} ${COL_BOLD}Neutrino emissions detected${COL_NC}..."
 
+  if [[ "${gravityDBfile}" != "${gravityDBfile_default}" ]]; then
+    echo -e "  ${INFO} Storing gravity database in ${COL_BOLD}${gravityDBfile}${COL_NC}"
+  fi
+
   # Retrieve source URLs from gravity database
   # We source only enabled adlists, sqlite3 stores boolean values as 0 (false) or 1 (true)
   mapfile -t sources <<< "$(sqlite3 "${gravityDBfile}" "SELECT address FROM vw_adlist;" 2> /dev/null)"

From 9bdbe88a661aaeed9d775b7d266032005ff388f3 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Thu, 18 Mar 2021 09:01:22 +0100
Subject: [PATCH 197/297] Update gravity path in list.sh

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/list.sh | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh
index fde46552..975738b1 100755
--- a/advanced/Scripts/list.sh
+++ b/advanced/Scripts/list.sh
@@ -11,7 +11,16 @@
 # Globals
 basename=pihole
 piholeDir=/etc/"${basename}"
-gravityDBfile="${piholeDir}/gravity.db"
+GRAVITYDB="${piholeDir}/gravity.db"
+# Source pihole-FTL from install script
+pihole_FTL="${piholeDir}/pihole-FTL.conf"
+if [[ -f "${pihole_FTL}" ]]; then
+  source "${pihole_FTL}"
+fi
+
+# Set this only after sourcing pihole-FTL.conf as the gravity database path may
+# have changed
+gravityDBfile="${GRAVITYDB}"
 
 reload=false
 addmode=true

From f1740da9ffcbabc58b56107d2e1131aae380dd90 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Thu, 18 Mar 2021 09:02:20 +0100
Subject: [PATCH 198/297] Update gravity path in query.sh

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/list.sh  |  3 +--
 advanced/Scripts/query.sh | 11 ++++++++++-
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh
index 975738b1..062c52be 100755
--- a/advanced/Scripts/list.sh
+++ b/advanced/Scripts/list.sh
@@ -9,8 +9,7 @@
 # Please see LICENSE file for your rights under this license.
 
 # Globals
-basename=pihole
-piholeDir=/etc/"${basename}"
+piholeDir="/etc/pihole"
 GRAVITYDB="${piholeDir}/gravity.db"
 # Source pihole-FTL from install script
 pihole_FTL="${piholeDir}/pihole-FTL.conf"
diff --git a/advanced/Scripts/query.sh b/advanced/Scripts/query.sh
index fe9b8ebf..0872f060 100755
--- a/advanced/Scripts/query.sh
+++ b/advanced/Scripts/query.sh
@@ -11,12 +11,21 @@
 
 # Globals
 piholeDir="/etc/pihole"
-gravityDBfile="${piholeDir}/gravity.db"
+GRAVITYDB="${piholeDir}/gravity.db"
 options="$*"
 all=""
 exact=""
 blockpage=""
 matchType="match"
+# Source pihole-FTL from install script
+pihole_FTL="${piholeDir}/pihole-FTL.conf"
+if [[ -f "${pihole_FTL}" ]]; then
+  source "${pihole_FTL}"
+fi
+
+# Set this only after sourcing pihole-FTL.conf as the gravity database path may
+# have changed
+gravityDBfile="${GRAVITYDB}"
 
 colfile="/opt/pihole/COL_TABLE"
 source "${colfile}"

From f536718aaab7fd4ed1d22a9b0e5f3357cc1f9efb Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Thu, 18 Mar 2021 09:04:09 +0100
Subject: [PATCH 199/297] Use possibly custom gravity.db location in the
 copying SQL script

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/list.sh  |  2 ++
 advanced/Scripts/query.sh |  1 +
 gravity.sh                | 11 +++++++++--
 3 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh
index 062c52be..e213b014 100755
--- a/advanced/Scripts/list.sh
+++ b/advanced/Scripts/list.sh
@@ -1,4 +1,6 @@
 #!/usr/bin/env bash
+# shellcheck disable=SC1090
+
 # Pi-hole: A black hole for Internet advertisements
 # (c) 2017 Pi-hole, LLC (https://pi-hole.net)
 # Network-wide ad blocking via your own hardware.
diff --git a/advanced/Scripts/query.sh b/advanced/Scripts/query.sh
index 0872f060..26b4508e 100755
--- a/advanced/Scripts/query.sh
+++ b/advanced/Scripts/query.sh
@@ -1,5 +1,6 @@
 #!/usr/bin/env bash
 # shellcheck disable=SC1090
+
 # Pi-hole: A black hole for Internet advertisements
 # (c) 2018 Pi-hole, LLC (https://pi-hole.net)
 # Network-wide ad blocking via your own hardware.
diff --git a/gravity.sh b/gravity.sh
index d07d558d..24a41c48 100755
--- a/gravity.sh
+++ b/gravity.sh
@@ -90,7 +90,7 @@ generate_gravity_database() {
 
 # Copy data from old to new database file and swap them
 gravity_swap_databases() {
-  local str
+  local str copyGravity
   str="Building tree"
   echo -ne "  ${INFO} ${str}..."
 
@@ -107,7 +107,14 @@ gravity_swap_databases() {
   str="Swapping databases"
   echo -ne "  ${INFO} ${str}..."
 
-  output=$( { sqlite3 "${gravityTEMPfile}" < "${gravityDBcopy}"; } 2>&1 )
+  # Gravity copying SQL script
+  copyGravity="$(cat "${gravityDBcopy}")"
+  if [[ "${gravityDBfile}" != "${gravityDBfile_default}" ]]; then
+    # Replace default gravity script location by custom location
+    copyGravity="${copyGravity//"${gravityDBfile_default}"/"${gravityDBfile}"}"
+  fi
+
+  output=$( { sqlite3 "${gravityTEMPfile}" <<< "${copyGravity}"; } 2>&1 )
   status="$?"
 
   if [[ "${status}" -ne 0 ]]; then

From 45d4ab4c22ca9edee1544648e3327a12a7e69e41 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Fri, 19 Mar 2021 18:39:43 +0000
Subject: [PATCH 200/297] Add some validation to passed arguments before
 running the values through `sed`

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 advanced/Scripts/webpage.sh | 32 +++++++++++++++++++++++++++++---
 1 file changed, 29 insertions(+), 3 deletions(-)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index 53f815c5..8ef4d940 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -564,7 +564,13 @@ AddDHCPStaticAddress() {
 
 RemoveDHCPStaticAddress() {
     mac="${args[2]}"
-    sed -i "/dhcp-host=${mac}.*/d" "${dhcpstaticconfig}"
+    if [[ "$mac" =~ ^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$ ]]; then
+        sed -i "/dhcp-host=${mac}.*/d" "${dhcpstaticconfig}"
+    else
+        echo "  ${CROSS} Invalid Mac Passed!"
+        exit 1
+    fi
+
 }
 
 SetAdminEmail() {
@@ -708,7 +714,13 @@ RemoveCustomDNSAddress() {
 
     ip="${args[2]}"
     host="${args[3]}"
-    sed -i "/${ip} ${host}/d" "${dnscustomfile}"
+
+    if valid_ip "${ip}" || valid_ip6 "${ip}" ; then
+        sed -i "/${ip} ${host}/d" "${dnscustomfile}"
+    else
+        echo -e "  ${CROSS} Invalid IP has been passed"
+        exit 1
+    fi
 
     # Restart dnsmasq to update removed custom DNS entries
     RestartDNS
@@ -719,6 +731,7 @@ AddCustomCNAMERecord() {
 
     domain="${args[2]}"
     target="${args[3]}"
+
     echo "cname=${domain},${target}" >> "${dnscustomcnamefile}"
 
     # Restart dnsmasq to load new custom CNAME records
@@ -730,7 +743,20 @@ RemoveCustomCNAMERecord() {
 
     domain="${args[2]}"
     target="${args[3]}"
-    sed -i "/cname=${domain},${target}/d" "${dnscustomcnamefile}"
+
+    validDomain="$(checkDomain "${domain}")"
+    if [[ -n "${validDomain}" ]]; then
+        validTarget="$(checkDomain "${target}")"
+        if [[ -n "${validDomain}" ]]; then
+            sed -i "/cname=${validDomain},${validTarget}/d" "${dnscustomcnamefile}"
+        else
+            echo "  ${CROSS} Invalid Target Passed!"
+            exit 1
+        fi
+    else
+        echo "  ${CROSS} Invalid Domain passed!"
+        exit 1
+    fi
 
     # Restart dnsmasq to update removed custom CNAME records
     RestartDNS

From 89c80947df964b6853ce22dba1f20e246bdcf48d Mon Sep 17 00:00:00 2001
From: Joseph Blackman <jbzdarkid@users.noreply.github.com>
Date: Wed, 17 Mar 2021 03:09:13 -0700
Subject: [PATCH 201/297] Improve regexes for ipv4 matching

Signed-off-by: jbzdarkid <jbzdarkid@gmail.com>
---
 automated install/basic-install.sh |  4 +--
 test/test_automated_install.py     | 58 ++++++++++++++----------------
 2 files changed, 28 insertions(+), 34 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 762ee110..4c9352b8 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -1018,9 +1018,9 @@ valid_ip() {
     local stat=1
 
     # Regex matching one IPv4 component, i.e. an integer from 0 to 255.
-    local ipv4elem="(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]?|0)";
+    local ipv4elem="(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[0-9]{1,2})";
     # Regex matching an optional port beginning with # matching optional port number starting '#' with range of 1 to 65536
-    local portelem="(#([1-9]|[1-8][0-9]|9[0-9]|[1-8][0-9]{2}|9[0-8][0-9]|99[0-9]|[1-8][0-9]{3}|9[0-8][0-9]{2}|99[0-8][0-9]|999[0-9]|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-6]))?"
+    local portelem="(:(6553[0-5]|655[0-2][0-9]|65[0-4][0-9]{2}|6[0-4][0-9]{3}|[1-5][0-9]{4}|[0-9]{1,4}))?";
     # Build a full IPv4 regex from the above subexpressions
     local regex="^${ipv4elem}\.${ipv4elem}\.${ipv4elem}\.${ipv4elem}${portelem}$"
 
diff --git a/test/test_automated_install.py b/test/test_automated_install.py
index f6b5a87e..20dadc26 100644
--- a/test/test_automated_install.py
+++ b/test/test_automated_install.py
@@ -524,43 +524,37 @@ def test_IPv6_ULA_GUA_test(Pihole):
     assert expected_stdout in detectPlatform.stdout
 
 
-def test_validate_ip_valid(Pihole):
+def test_validate_ip(Pihole):
     '''
-    Given a valid IP address, valid_ip returns success
+    Tests valid_ip for various IP addresses
     '''
 
-    output = Pihole.run('''
-    source /opt/pihole/basic-install.sh
-    valid_ip "192.168.1.1"
-    ''')
+    def test_address(addr, success=True):
+        output = Pihole.run('''
+        source /opt/pihole/basic-install.sh
+        valid_ip "{addr}"
+        '''.format(addr=addr))
 
-    assert output.rc == 0
+        assert output.rc == 0 if success else 1
 
-
-def test_validate_ip_invalid_octet(Pihole):
-    '''
-    Given an invalid IP address (large octet), valid_ip returns an error
-    '''
-
-    output = Pihole.run('''
-    source /opt/pihole/basic-install.sh
-    valid_ip "1092.168.1.1"
-    ''')
-
-    assert output.rc == 1
-
-
-def test_validate_ip_invalid_letters(Pihole):
-    '''
-    Given an invalid IP address (contains letters), valid_ip returns an error
-    '''
-
-    output = Pihole.run('''
-    source /opt/pihole/basic-install.sh
-    valid_ip "not an IP"
-    ''')
-
-    assert output.rc == 1
+    test_address('192.168.1.1')
+    test_address('127.0.0.1')
+    test_address('255.255.255.255')
+    test_address('255.255.255.256', False)
+    test_address('255.255.256.255', False)
+    test_address('255.256.255.255', False)
+    test_address('256.255.255.255', False)
+    test_address('1092.168.1.1', False)
+    test_address('not an IP', False)
+    test_address('8.8.8.8:', False)
+    test_address('8.8.8.8:0')
+    test_address('8.8.8.8:1')
+    test_address('8.8.8.8:42')
+    test_address('8.8.8.8:888')
+    test_address('8.8.8.8:1337')
+    test_address('8.8.8.8:65535')
+    test_address('8.8.8.8:65536', False)
+    test_address('8.8.8.8:-1', False)
 
 
 def test_os_check_fails(Pihole):

From 8090071effa7534ed6c985e8ebee666a4aae1f6d Mon Sep 17 00:00:00 2001
From: jbzdarkid <jbzdarkid@gmail.com>
Date: Wed, 17 Mar 2021 18:09:03 -0700
Subject: [PATCH 202/297] Update regex to disallow leading zeros

Also updated a comment to point to a non-experimental RFC.

Signed-off-by: jbzdarkid <jbzdarkid@gmail.com>
---
 automated install/basic-install.sh | 8 +++++---
 test/test_automated_install.py     | 8 ++++++++
 2 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 4c9352b8..78bc0882 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -1018,9 +1018,11 @@ valid_ip() {
     local stat=1
 
     # Regex matching one IPv4 component, i.e. an integer from 0 to 255.
-    local ipv4elem="(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[0-9]{1,2})";
-    # Regex matching an optional port beginning with # matching optional port number starting '#' with range of 1 to 65536
-    local portelem="(:(6553[0-5]|655[0-2][0-9]|65[0-4][0-9]{2}|6[0-4][0-9]{3}|[1-5][0-9]{4}|[0-9]{1,4}))?";
+    # See https://tools.ietf.org/html/rfc1340
+    local ipv4elem="(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]?|0)";
+    # Regex matching an optional port beginning with : from 0 to 65535
+    # See https://tools.ietf.org/html/rfc1340#page-33
+    local portelem="(:(6553[0-5]|655[0-2][0-9]|65[0-4][0-9]{2}|6[0-4][0-9]{3}|[1-5][0-9]{4}|[1-9][0-9]{0,3}|0))?";
     # Build a full IPv4 regex from the above subexpressions
     local regex="^${ipv4elem}\.${ipv4elem}\.${ipv4elem}\.${ipv4elem}${portelem}$"
 
diff --git a/test/test_automated_install.py b/test/test_automated_install.py
index 20dadc26..1266f46b 100644
--- a/test/test_automated_install.py
+++ b/test/test_automated_install.py
@@ -555,6 +555,14 @@ def test_validate_ip(Pihole):
     test_address('8.8.8.8:65535')
     test_address('8.8.8.8:65536', False)
     test_address('8.8.8.8:-1', False)
+    test_address('00.0.0.0', False)
+    test_address('010.0.0.0', False)
+    test_address('001.0.0.0', False)
+    test_address('0.0.0.0:00', False)
+    test_address('0.0.0.0:01', False)
+    test_address('0.0.0.0:001', False)
+    test_address('0.0.0.0:0001', False)
+    test_address('0.0.0.0:00001', False)
 
 
 def test_os_check_fails(Pihole):

From 6198165df8d3231187dc7301bcafb2cf0655565f Mon Sep 17 00:00:00 2001
From: Jaime Baez <j.baezcastillo@gmail.com>
Date: Fri, 26 Mar 2021 20:24:38 +0100
Subject: [PATCH 203/297] Fix error trying to access undefined variables on
 splash page.

Signed-off-by: Jaime Baez <j.baezcastillo@gmail.com>
---
 advanced/index.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/advanced/index.php b/advanced/index.php
index eea44462..8f33cf5d 100644
--- a/advanced/index.php
+++ b/advanced/index.php
@@ -58,20 +58,20 @@ if ($serverName === "pi.hole"
     // When directly browsing via IP or authorized hostname
     // Render splash/landing page based off presence of $landPage file
     // Unset variables so as to not be included in $landPage or $splashPage
-    unset($serverName, $svPasswd, $svEmail, $authorizedHosts, $validExtTypes, $currentUrlExt, $viewPort);
+    unset($svPasswd, $svEmail, $authorizedHosts, $validExtTypes, $currentUrlExt);
     // If $landPage file is present
     if (is_file(getcwd()."/$landPage")) {
+        unset($serverName, $viewPort); // unset extra variables not to be included in $landpage
         include $landPage;
         exit();
     }
     // If $landPage file was not present, Set Splash Page output
-    $splashPage = "
+    $splashPage = <<<EOT
     <!doctype html>
     <html lang='en'>
         <head>
             <meta charset='utf-8'>
             $viewPort
-            <meta name="viewport" content="width=device-width, initial-scale=1">
             <title>● $serverName</title>
             <link rel='stylesheet' href='pihole/blockingpage.css'>
             <link rel='shortcut icon' href='admin/img/favicons/favicon.ico' type='image/x-icon'>
@@ -84,7 +84,7 @@ if ($serverName === "pi.hole"
             </div>
         </body>
     </html>
-    ";
+EOT;
     exit($splashPage);
 } elseif ($currentUrlExt === "js") {
     // Serve Pi-hole JavaScript for blocked domains requesting JS

From 25ded7919005d9164a0dab08292835bdde4b630f Mon Sep 17 00:00:00 2001
From: Dan Schaper <dan.schaper@pi-hole.net>
Date: Wed, 14 Apr 2021 09:26:52 -0700
Subject: [PATCH 204/297] Update README

---
 README.md | 57 ++++++++++++++++++++++++++-----------------------------
 1 file changed, 27 insertions(+), 30 deletions(-)

diff --git a/README.md b/README.md
index 6d7e5b5e..57dee16d 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,7 @@
 <!-- markdownlint-configure-file { "MD004": { "style": "consistent" } } -->
 <!-- markdownlint-disable MD033 -->
+#
+
 <p align="center">
     <a href="https://pi-hole.net/">
         <img src="https://pi-hole.github.io/graphics/Vortex/Vortex_with_Wordmark.svg" width="150" height="260" alt="Pi-hole">
@@ -9,8 +11,6 @@
 </p>
 <!-- markdownlint-enable MD033 -->
 
-#
-
 The Pi-hole® is a [DNS sinkhole](https://en.wikipedia.org/wiki/DNS_Sinkhole) that protects your devices from unwanted content, without installing any client-side software.
 
 - **Easy-to-install**: our versatile installer walks you through the process, and takes less than ten minutes
@@ -26,8 +26,6 @@ The Pi-hole® is a [DNS sinkhole](https://en.wikipedia.org/wiki/DNS_Sinkhole) th
 
 -----
 
-Master [![Build Status](https://travis-ci.com/pi-hole/pi-hole.svg?branch=master)](https://travis-ci.com/pi-hole/pi-hole) Development [![Build Status](https://travis-ci.com/pi-hole/pi-hole.svg?branch=development)](https://travis-ci.com/pi-hole/pi-hole)
-
 ## One-Step Automated Install
 
 Those who want to get started quickly and conveniently may install Pi-hole using the following command:
@@ -71,16 +69,18 @@ Make no mistake: **your support is absolutely vital to help keep us innovating!*
 
 ### [Donations](https://pi-hole.net/donate)
 
-Sending a donation using our Sponsor Button is **extremely helpful** in offsetting a portion of our monthly expenses:
+Sending a donation using our Sponsor Button is **extremely helpful** in offsetting a portion of our monthly expenses and rewarding our dedicated development team:
 
 ### Alternative support
 
 If you'd rather not donate (_which is okay!_), there are other ways you can help support us:
 
-- [Patreon](https://patreon.com/pihole) _Become a patron for rewards_
+- [GitHub Sponsors](https://github.com/sponsors/pi-hole/)
+- [Patreon](https://patreon.com/pihole)
+- [Hetzner Cloud](https://hetzner.cloud/?ref=7aceisRX3AzA) _affiliate link_
 - [Digital Ocean](https://www.digitalocean.com/?refcode=344d234950e1) _affiliate link_
 - [Stickermule](https://www.stickermule.com/unlock?ref_id=9127301701&utm_medium=link&utm_source=invite) _earn a $10 credit after your first purchase_
-- [Amazon](http://www.amazon.com/exec/obidos/redirect-home/pihole09-20) _affiliate link_
+- [Amazon US](http://www.amazon.com/exec/obidos/redirect-home/pihole09-20) _affiliate link_
 - Spreading the word about our software, and how you have benefited from it
 
 ### Contributing via GitHub
@@ -95,7 +95,9 @@ You'll find that the [install script](https://github.com/pi-hole/pi-hole/blob/ma
 
 ## Getting in touch with us
 
-While we are primarily reachable on our [Discourse User Forum](https://discourse.pi-hole.net/), we can also be found on a variety of social media outlets. **Please be sure to check the FAQ's** before starting a new discussion, as we do not have the spare time to reply to every request for assistance.
+While we are primarily reachable on our [Discourse User Forum](https://discourse.pi-hole.net/), we can also be found on a variety of social media outlets.
+
+**Please be sure to check the FAQ's** before starting a new discussion. Many user questions already have answers and can be solved without any additional assistance.
 
 - [Frequently Asked Questions](https://discourse.pi-hole.net/c/faqs)
 - [Feature Requests](https://discourse.pi-hole.net/c/feature-requests?order=votes)
@@ -106,12 +108,27 @@ While we are primarily reachable on our [Discourse User Forum](https://discourse
 
 ## Breakdown of Features
 
+### [Faster-than-light Engine](https://github.com/pi-hole/ftl)
+
+[FTLDNS](https://github.com/pi-hole/ftl) is a lightweight, purpose-built daemon used to provide statistics needed for the Web Interface, and its API can be easily integrated into your own projects. As the name implies, FTLDNS does this all *very quickly*!
+
+Some of the statistics you can integrate include:
+
+- Total number of domains being blocked
+- Total number of DNS queries today
+- Total number of ads blocked today
+- Percentage of ads blocked
+- Unique domains
+- Queries forwarded (to your chosen upstream DNS server)
+- Queries cached
+- Unique clients
+
+The API can be accessed via [`telnet`](https://github.com/pi-hole/FTL), the Web (`admin/api.php`) and Command Line (`pihole -c -j`). You can find out [more details over here](https://discourse.pi-hole.net/t/pi-hole-api/1863).
+
 ### The Command Line Interface
 
 The [pihole](https://docs.pi-hole.net/core/pihole-command/) command has all the functionality necessary to be able to fully administer the Pi-hole, without the need of the Web Interface. It's fast, user-friendly, and auditable by anyone with an understanding of `bash`.
 
-![Pi-hole Blacklist Demo](https://pi-hole.github.io/graphics/Screenshots/blacklist-cli.gif)
-
 Some notable features include:
 
 - [Whitelisting, Blacklisting and Regex](https://docs.pi-hole.net/core/pihole-command/#whitelisting-blacklisting-and-regex)
@@ -128,8 +145,6 @@ You can read our [Core Feature Breakdown](https://docs.pi-hole.net/core/pihole-c
 
 This [optional dashboard](https://github.com/pi-hole/AdminLTE) allows you to view stats, change settings, and configure your Pi-hole. It's the power of the Command Line Interface, with none of the learning curve!
 
-![Pi-hole Dashboard](https://pi-hole.github.io/graphics/Screenshots/pihole-dashboard.png)
-
 Some notable features include:
 
 - Mobile friendly interface
@@ -145,21 +160,3 @@ There are several ways to [access the dashboard](https://discourse.pi-hole.net/t
 
 1. `http://pi.hole/admin/` (when using Pi-hole as your DNS server)
 2. `http://<IP_ADDPRESS_OF_YOUR_PI_HOLE>/admin/`
-3. `http://pi.hole/` (when using Pi-hole as your DNS server)
-
-## Faster-than-light Engine
-
-FTLDNS is a lightweight, purpose-built daemon used to provide statistics needed for the Web Interface, and its API can be easily integrated into your own projects. As the name implies, FTLDNS does this all *very quickly*!
-
-Some of the statistics you can integrate include:
-
-- Total number of domains being blocked
-- Total number of DNS queries today
-- Total number of ads blocked today
-- Percentage of ads blocked
-- Unique domains
-- Queries forwarded (to your chosen upstream DNS server)
-- Queries cached
-- Unique clients
-
-The API can be accessed via [`telnet`](https://github.com/pi-hole/FTL), the Web (`admin/api.php`) and Command Line (`pihole -c -j`). You can find out [more details over here](https://discourse.pi-hole.net/t/pi-hole-api/1863).

From 5df7ed2f3229908267e75cc30630b6393339c73f Mon Sep 17 00:00:00 2001
From: DL6ER <DL6ER@users.noreply.github.com>
Date: Wed, 14 Apr 2021 18:33:10 +0200
Subject: [PATCH 205/297] Obtain FTL's PID from the PID file (#4103)

* Try to obtain FTL's PID from the PID file. If this fails, try to identify the main process using pgrep --oldest (instead of relying on pkill finding the right one by itself). This allows the script to work in even when FTL is running inside the memory checker valgrind.

* Rename FTL_PID -> FTL_PID_FILE

* Remove the pgrep fallback after discussions about that it should be more obvious to users if something strange happened to their PID file. Also, simplify the routine using a bashism in the end.

* Shorten if [[ regex ]]

* Use unset instead of emptying the PID variable

Signed-off-by: DL6ER <dl6er@dl6er.de>

Co-authored-by: Dan Schaper <dan.schaper@pi-hole.net>
---
 pihole | 47 +++++++++++++++++++++++++++++++++++++++++------
 1 file changed, 41 insertions(+), 6 deletions(-)

diff --git a/pihole b/pihole
index 2b2b7bc2..f8085c8e 100755
--- a/pihole
+++ b/pihole
@@ -16,6 +16,7 @@ readonly PI_HOLE_SCRIPT_DIR="/opt/pihole"
 # error due to modifying a readonly variable.
 setupVars="/etc/pihole/setupVars.conf"
 PI_HOLE_BIN_DIR="/usr/local/bin"
+readonly FTL_PID_FILE="/run/pihole-FTL.pid"
 
 readonly colfile="${PI_HOLE_SCRIPT_DIR}/COL_TABLE"
 source "${colfile}"
@@ -98,8 +99,25 @@ versionFunc() {
   exit 0
 }
 
+# Get PID of main pihole-FTL process
+getFTLPID() {
+  local pid
+
+  if [ -s "${FTL_PID_FILE}" ]; then
+    # -s: FILE exists and has a size greater than zero
+    pid="$(<"$FTL_PID_FILE")"
+    # Exploit prevention: unset the variable if there is malicious content
+    # Verify that the value read from the file is numeric
+    [[ "$pid" =~ [^[:digit:]] ]] && unset pid
+  fi
+
+  # If FTL is not running, or the PID file contains malicious stuff, substitute
+  # negative PID to signal this to the caller
+  echo "${pid:=-1}"
+}
+
 restartDNS() {
-  local svcOption svc str output status
+  local svcOption svc str output status pid icon
   svcOption="${1:-restart}"
 
   # Determine if we should reload or restart
@@ -108,17 +126,34 @@ restartDNS() {
     # Note 1: This will NOT re-read any *.conf files
     # Note 2: We cannot use killall here as it does
     #         not know about real-time signals
-    svc="pkill -RTMIN pihole-FTL"
-    str="Reloading DNS lists"
+    pid="$(getFTLPID)"
+    if [[ "$pid" -eq "-1" ]]; then
+      svc="true"
+      str="FTL is not running"
+      icon="${INFO}"
+    else
+      svc="kill -RTMIN ${pid}"
+      str="Reloading DNS lists"
+      icon="${TICK}"
+    fi
   elif [[ "${svcOption}" =~ "reload" ]]; then
     # Reloading of the DNS cache has been requested
     # Note: This will NOT re-read any *.conf files
-    svc="pkill -HUP pihole-FTL"
-    str="Flushing DNS cache"
+    pid="$(getFTLPID)"
+    if [[ "$pid" -eq "-1" ]]; then
+      svc="true"
+      str="FTL is not running"
+      icon="${INFO}"
+    else
+      svc="kill -HUP ${pid}"
+      str="Flushing DNS cache"
+      icon="${TICK}"
+    fi
   else
     # A full restart has been requested
     svc="service pihole-FTL restart"
     str="Restarting DNS server"
+    icon="${TICK}"
   fi
 
   # Print output to Terminal, but not to Web Admin
@@ -128,7 +163,7 @@ restartDNS() {
   status="$?"
 
   if [[ "${status}" -eq 0 ]]; then
-    [[ -t 1 ]] && echo -e "${OVER}  ${TICK} ${str}"
+    [[ -t 1 ]] && echo -e "${OVER}  ${icon} ${str}"
     return 0
   else
     [[ ! -t 1 ]] && local OVER=""

From 866045968d8f7b7b08287a6e614bcafd241f7c48 Mon Sep 17 00:00:00 2001
From: Dan Schaper <dan.schaper@pi-hole.net>
Date: Wed, 14 Apr 2021 12:27:36 -0700
Subject: [PATCH 206/297] Add missing closing single quote

Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
---
 advanced/index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/advanced/index.php b/advanced/index.php
index 8f33cf5d..a38cd365 100644
--- a/advanced/index.php
+++ b/advanced/index.php
@@ -78,7 +78,7 @@ if ($serverName === "pi.hole"
         </head>
         <body id='splashpage'>
             <div id="pihole_card">
-              <img src='admin/img/logo.svg' alt='Pi-hole logo id="pihole_logo_splash" />
+              <img src='admin/img/logo.svg' alt='Pi-hole logo' id="pihole_logo_splash" />
               <p>Pi-<strong>hole</strong>: Your black hole for Internet advertisements</p>
               <a href='/admin'>Did you mean to go to the admin panel?</a>
             </div>

From 74948ae5c1315388ac02856e4f723d5d6fdbe486 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Wed, 14 Apr 2021 22:50:04 +0200
Subject: [PATCH 207/297] The correct port separator is '#' not ':' in dnsmasq
 style. This should not have been changed in #4083 in the first place.

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 automated install/basic-install.sh |  9 ++++-----
 test/test_automated_install.py     | 28 ++++++++++++++--------------
 2 files changed, 18 insertions(+), 19 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 07683204..eb52aea3 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -1025,9 +1025,8 @@ valid_ip() {
     # Regex matching one IPv4 component, i.e. an integer from 0 to 255.
     # See https://tools.ietf.org/html/rfc1340
     local ipv4elem="(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]?|0)";
-    # Regex matching an optional port beginning with : from 0 to 65535
-    # See https://tools.ietf.org/html/rfc1340#page-33
-    local portelem="(:(6553[0-5]|655[0-2][0-9]|65[0-4][0-9]{2}|6[0-4][0-9]{3}|[1-5][0-9]{4}|[1-9][0-9]{0,3}|0))?";
+    # Regex matching an optional port (starting with '#') range of 1-65536
+    local portelem="(#(6553[0-5]|655[0-2][0-9]|65[0-4][0-9]{2}|6[0-4][0-9]{3}|[1-5][0-9]{4}|[1-9][0-9]{0,3}|0))?";
     # Build a full IPv4 regex from the above subexpressions
     local regex="^${ipv4elem}\.${ipv4elem}\.${ipv4elem}\.${ipv4elem}${portelem}$"
 
@@ -1046,8 +1045,8 @@ valid_ip6() {
     local ipv6elem="[0-9a-fA-F]{1,4}"
     # Regex matching an IPv6 CIDR, i.e. 1 to 128
     local v6cidr="(\\/([1-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8])){0,1}"
-    # Regex matching an optional port beginning with # matching optional port number starting '#' with range of 1-65536
-    local portelem="(#([1-9]|[1-8][0-9]|9[0-9]|[1-8][0-9]{2}|9[0-8][0-9]|99[0-9]|[1-8][0-9]{3}|9[0-8][0-9]{2}|99[0-8][0-9]|999[0-9]|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-6]))?"
+    # Regex matching an optional port (starting with '#') range of 1-65536
+    local portelem="(#(6553[0-5]|655[0-2][0-9]|65[0-4][0-9]{2}|6[0-4][0-9]{3}|[1-5][0-9]{4}|[1-9][0-9]{0,3}|0))?";
     # Build a full IPv6 regex from the above subexpressions
     local regex="^(((${ipv6elem}))*((:${ipv6elem}))*::((${ipv6elem}))*((:${ipv6elem}))*|((${ipv6elem}))((:${ipv6elem})){7})${v6cidr}${portelem}$"
 
diff --git a/test/test_automated_install.py b/test/test_automated_install.py
index 1266f46b..44624082 100644
--- a/test/test_automated_install.py
+++ b/test/test_automated_install.py
@@ -546,23 +546,23 @@ def test_validate_ip(Pihole):
     test_address('256.255.255.255', False)
     test_address('1092.168.1.1', False)
     test_address('not an IP', False)
-    test_address('8.8.8.8:', False)
-    test_address('8.8.8.8:0')
-    test_address('8.8.8.8:1')
-    test_address('8.8.8.8:42')
-    test_address('8.8.8.8:888')
-    test_address('8.8.8.8:1337')
-    test_address('8.8.8.8:65535')
-    test_address('8.8.8.8:65536', False)
-    test_address('8.8.8.8:-1', False)
+    test_address('8.8.8.8#', False)
+    test_address('8.8.8.8#0')
+    test_address('8.8.8.8#1')
+    test_address('8.8.8.8#42')
+    test_address('8.8.8.8#888')
+    test_address('8.8.8.8#1337')
+    test_address('8.8.8.8#65535')
+    test_address('8.8.8.8#65536', False)
+    test_address('8.8.8.8#-1', False)
     test_address('00.0.0.0', False)
     test_address('010.0.0.0', False)
     test_address('001.0.0.0', False)
-    test_address('0.0.0.0:00', False)
-    test_address('0.0.0.0:01', False)
-    test_address('0.0.0.0:001', False)
-    test_address('0.0.0.0:0001', False)
-    test_address('0.0.0.0:00001', False)
+    test_address('0.0.0.0#00', False)
+    test_address('0.0.0.0#01', False)
+    test_address('0.0.0.0#001', False)
+    test_address('0.0.0.0#0001', False)
+    test_address('0.0.0.0#00001', False)
 
 
 def test_os_check_fails(Pihole):

From f90dffbf1a79a3da90526da2b7ed8e37946d36d1 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Fri, 16 Apr 2021 11:41:26 +0200
Subject: [PATCH 208/297] Do not put hostname and pi.hole into local.list -
 this will be handled by FTL after FTL#1111 has been merged

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 gravity.sh | 50 ++++++--------------------------------------------
 1 file changed, 6 insertions(+), 44 deletions(-)

diff --git a/gravity.sh b/gravity.sh
index 24a41c48..bfe45b55 100755
--- a/gravity.sh
+++ b/gravity.sh
@@ -47,16 +47,6 @@ domainsExtension="domains"
 setupVars="${piholeDir}/setupVars.conf"
 if [[ -f "${setupVars}" ]];then
   source "${setupVars}"
-
-  # Remove CIDR mask from IPv4/6 addresses
-  IPV4_ADDRESS="${IPV4_ADDRESS%/*}"
-  IPV6_ADDRESS="${IPV6_ADDRESS%/*}"
-
-  # Determine if IPv4/6 addresses exist
-  if [[ -z "${IPV4_ADDRESS}" ]] && [[ -z "${IPV6_ADDRESS}" ]]; then
-    echo -e "  ${COL_LIGHT_RED}No IP addresses found! Please run 'pihole -r' to reconfigure${COL_NC}"
-    exit 1
-  fi
 else
   echo -e "  ${COL_LIGHT_RED}Installation Failure: ${setupVars} does not exist! ${COL_NC}
   Please run 'pihole -r', and choose the 'reconfigure' option to fix."
@@ -564,7 +554,7 @@ compareLists() {
 # Download specified URL and perform checks on HTTP status and file content
 gravity_DownloadBlocklistFromUrl() {
   local url="${1}" cmd_ext="${2}" agent="${3}" adlistID="${4}" saveLocation="${5}" target="${6}" compression="${7}"
-  local heisenbergCompensator="" patternBuffer str httpCode success=""
+  local heisenbergCompensator="" patternBuffer str httpCode success="" ip
 
   # Create temp file to store content on disk instead of RAM
   patternBuffer=$(mktemp -p "/tmp" --suffix=".phgpb")
@@ -582,7 +572,10 @@ gravity_DownloadBlocklistFromUrl() {
   blocked=false
   case $BLOCKINGMODE in
     "IP-NODATA-AAAA"|"IP")
-        if [[ $(dig "${domain}" +short | grep "${IPV4_ADDRESS}" -c) -ge 1 ]]; then
+        # Get IP address of this domain
+        ip="$(dig "${domain}" +short)"
+        # Check if this IP matches any IP of the system
+        if [[ -n "${ip}" && $(grep -Ec "inet(|6) ${ip}" <<< "$(ip a)") -gt 0 ]]; then
           blocked=true
         fi;;
     "NXDOMAIN")
@@ -785,43 +778,12 @@ gravity_ShowCount() {
   gravity_Table_Count "vw_regex_whitelist" "regex whitelist filters"
 }
 
-# Parse list of domains into hosts format
-gravity_ParseDomainsIntoHosts() {
-  awk -v ipv4="$IPV4_ADDRESS" -v ipv6="$IPV6_ADDRESS" '{
-    # Remove windows CR line endings
-    sub(/\r$/, "")
-    # Parse each line as "ipaddr domain"
-    if(ipv6 && ipv4) {
-      print ipv4" "$0"\n"ipv6" "$0
-    } else if(!ipv6) {
-      print ipv4" "$0
-    } else {
-      print ipv6" "$0
-    }
-  }' >> "${2}" < "${1}"
-}
-
 # Create "localhost" entries into hosts format
 gravity_generateLocalList() {
-  local hostname
-
-  if [[ -s "/etc/hostname" ]]; then
-    hostname=$(< "/etc/hostname")
-  elif command -v hostname &> /dev/null; then
-    hostname=$(hostname -f)
-  else
-    echo -e "  ${CROSS} Unable to determine fully qualified domain name of host"
-    return 0
-  fi
-
-  echo -e "${hostname}\\npi.hole" > "${localList}.tmp"
-
   # Empty $localList if it already exists, otherwise, create it
-  : > "${localList}"
+  echo "### Do not modify this file, it will be overwritten by pihole -g" > "${localList}"
   chmod 644 "${localList}"
 
-  gravity_ParseDomainsIntoHosts "${localList}.tmp" "${localList}"
-
   # Add additional LAN hosts provided by OpenVPN (if available)
   if [[ -f "${VPNList}" ]]; then
     awk -F, '{printf $2"\t"$1".vpn\n"}' "${VPNList}" >> "${localList}"

From aa88be335e602a57e5c8cc70dea6db06454ebf93 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Fri, 16 Apr 2021 11:44:54 +0200
Subject: [PATCH 209/297] Acknowledge that IPV{4,6}_ADDRESS may not exist

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 pihole                         | 5 +----
 test/test_automated_install.py | 2 --
 2 files changed, 1 insertion(+), 6 deletions(-)

diff --git a/pihole b/pihole
index f8085c8e..4fe80fc7 100755
--- a/pihole
+++ b/pihole
@@ -363,16 +363,13 @@ tailFunc() {
   fi
   echo -e "  ${INFO} Press Ctrl-C to exit"
 
-  # Retrieve IPv4/6 addresses
-  source /etc/pihole/setupVars.conf
-
   # Strip date from each line
   # Color blocklist/blacklist/wildcard entries as red
   # Color A/AAAA/DHCP strings as white
   # Color everything else as gray
   tail -f /var/log/pihole.log | sed -E \
     -e "s,($(date +'%b %d ')| dnsmasq\[[0-9]*\]),,g" \
-    -e "s,(.*(blacklisted |gravity blocked ).* is (0.0.0.0|::|NXDOMAIN|${IPV4_ADDRESS%/*}|${IPV6_ADDRESS:-NULL}).*),${COL_RED}&${COL_NC}," \
+    -e "s,(.*(blacklisted |gravity blocked ).* is (0.0.0.0|::|NXDOMAIN).*),${COL_RED}&${COL_NC}," \
     -e "s,.*(query\\[A|DHCP).*,${COL_NC}&${COL_NC}," \
     -e "s,.*,${COL_GRAY}&${COL_NC},"
   exit 0
diff --git a/test/test_automated_install.py b/test/test_automated_install.py
index 44624082..ba1781aa 100644
--- a/test/test_automated_install.py
+++ b/test/test_automated_install.py
@@ -45,8 +45,6 @@ def test_setupVars_are_sourced_to_global_scope(Pihole):
         # Currently debug test function only
         echo "Outputting sourced variables"
         echo "PIHOLE_INTERFACE=${PIHOLE_INTERFACE}"
-        echo "IPV4_ADDRESS=${IPV4_ADDRESS}"
-        echo "IPV6_ADDRESS=${IPV6_ADDRESS}"
         echo "PIHOLE_DNS_1=${PIHOLE_DNS_1}"
         echo "PIHOLE_DNS_2=${PIHOLE_DNS_2}"
     }

From 58905a1188b9d46e97e6dec975fbb90a22101258 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Fri, 16 Apr 2021 12:14:05 +0200
Subject: [PATCH 210/297] Modify debugger to test name resolution on all
 available interfaces

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/chronometer.sh |  4 ---
 advanced/Scripts/piholeDebug.sh | 63 ++++++++++++++++++++++-----------
 2 files changed, 43 insertions(+), 24 deletions(-)

diff --git a/advanced/Scripts/chronometer.sh b/advanced/Scripts/chronometer.sh
index 4f9ea59a..3f85bdfc 100755
--- a/advanced/Scripts/chronometer.sh
+++ b/advanced/Scripts/chronometer.sh
@@ -498,10 +498,6 @@ chronoFunc() {
         printFunc " RAM usage: " "$ram_perc%" "$ram_info"
         printFunc " HDD usage: " "$disk_perc" "$disk_info"
 
-        if [[ "$scr_lines" -gt 17 ]] && [[ "$chrono_width" != "small" ]]; then
-            printFunc "  LAN addr: " "${IPV4_ADDRESS/\/*/}" "$lan_info"
-        fi
-
         if [[ "$DHCP_ACTIVE" == "true" ]]; then
             printFunc "DHCP usage: " "$ph_dhcp_percent%" "$dhcp_info"
         fi
diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 13a886f1..c6294e6e 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -859,7 +859,6 @@ dig_at() {
 
     # Store the arguments as variables with names
     local protocol="${1}"
-    local IP="${2}"
     echo_current_diagnostic "Name resolution (IPv${protocol}) using a random blocked domain and a known ad-serving domain"
     # Set more local variables
     # We need to test name resolution locally, via Pi-hole, and via a public resolver
@@ -874,15 +873,15 @@ dig_at() {
     if [[ ${protocol} == "6" ]]; then
         # Set the IPv6 variables and record type
         local local_address="::1"
-        local pihole_address="${IP}"
         local remote_address="2001:4860:4860::8888"
+        local sed_selector="inet6"
         local record_type="AAAA"
     # Otherwise, it should be 4
     else
         # so use the IPv4 values
         local local_address="127.0.0.1"
-        local pihole_address="${IP}"
         local remote_address="8.8.8.8"
+        local sed_selector="inet"
         local record_type="A"
     fi
 
@@ -895,25 +894,53 @@ dig_at() {
     # First, do a dig on localhost to see if Pi-hole can use itself to block a domain
     if local_dig=$(dig +tries=1 +time=2 -"${protocol}" "${random_url}" @${local_address} +short "${record_type}"); then
         # If it can, show success
-        log_write "${TICK} ${random_url} ${COL_GREEN}is ${local_dig}${COL_NC} via ${COL_CYAN}localhost$COL_NC (${local_address})"
+        log_write "${TICK} ${random_url} ${COL_GREEN}is ${local_dig}${COL_NC} via ${COL_CYAN}localhost$COL_NC at ${COL_CYAN}${local_address}${CON_NC}"
     else
         # Otherwise, show a failure
-        log_write "${CROSS} ${COL_RED}Failed to resolve${COL_NC} ${random_url} via ${COL_RED}localhost${COL_NC} (${local_address})"
+        log_write "${CROSS} ${COL_RED}Failed to resolve${COL_NC} ${random_url} via ${COL_RED}localhost${COL_NC} at ${COL_CYAN}${local_address}${CON_NC}"
     fi
 
     # Next we need to check if Pi-hole can resolve a domain when the query is sent to it's IP address
     # This better emulates how clients will interact with Pi-hole as opposed to above where Pi-hole is
     # just asing itself locally
-    # The default timeouts and tries are reduced in case the DNS server isn't working, so the user isn't waiting for too long
+    # The default timeouts and tries are reduced in case the DNS server isn't working, so the user isn't
+    # waiting for too long
+    #
+    # Turn off history expansion such that the "!" in the sed command cannot do silly things
+    set +H
+    # Get interfaces
+    # sed logic breakdown:
+    #     / master /d;
+    #          Removes all interfaces that are slaves of others (e.g. virtual docker interfaces)
+    #     /UP/!d;
+    #          Removes all interfaces which are not UP
+    #     s/^[0-9]*: //g;
+    #          Removes interface index
+    #     s/: <.*//g;
+    #          Removes everything after the interface name
+    local interfaces="$(ip link show | sed "/ master /d;/UP/!d;s/^[0-9]*: //g;s/: <.*//g;")"
 
-    # If Pi-hole can dig itself from it's IP (not the loopback address)
-    if pihole_dig=$(dig +tries=1 +time=2 -"${protocol}" "${random_url}" @"${pihole_address}" +short "${record_type}"); then
-        # show a success
-        log_write "${TICK} ${random_url} ${COL_GREEN}is ${pihole_dig}${COL_NC} via ${COL_CYAN}Pi-hole${COL_NC} (${pihole_address})"
-    else
-        # Otherwise, show a failure
-        log_write "${CROSS} ${COL_RED}Failed to resolve${COL_NC} ${random_url} via ${COL_RED}Pi-hole${COL_NC} (${pihole_address})"
-    fi
+    while IFS= read -r iface ; do
+        # Get addresses of current interface
+        # sed logic breakdown:
+        #     /inet(|6) /!d;
+        #          Removes all lines from ip a that do not contain either "inet " or "inet6 "
+        #     s/^.*inet(|6) //g;
+        #          Removes all leading whitespace as well as the "inet " or "inet6 " string
+        #     s/\/.*$//g;
+        #          Removes CIDR and everything thereafter (e.g., scope properties)
+        local addresses="$(ip address show dev "${iface}" | sed "/${sed_selector} /!d;s/^.*${sed_selector} //g;s/\/.*$//g;")"
+        while IFS= read -r local_address ; do
+            # Check if Pi-hole can use itself to block a domain
+            if local_dig=$(dig +tries=1 +time=2 -"${protocol}" "${random_url}" @${local_address} +short "${record_type}"); then
+                # If it can, show success
+                log_write "${TICK} ${random_url} ${COL_GREEN}is ${local_dig}${COL_NC} on ${COL_CYAN}${iface}${COL_NC} (${COL_CYAN}${local_address}${COL_NC})"
+            else
+                # Otherwise, show a failure
+                log_write "${CROSS} ${COL_RED}Failed to resolve${COL_NC} ${random_url} on ${COL_RED}${iface}${COL_NC} (${COL_RED}${local_address}${COL_NC})"
+            fi
+        done <<< "${addresses}"
+    done <<< "${interfaces}"
 
     # Finally, we need to make sure legitimate queries can out to the Internet using an external, public DNS server
     # We are using the static remote_url here instead of a random one because we know it works with IPv4 and IPv6
@@ -1046,12 +1073,8 @@ parse_file() {
 check_name_resolution() {
     # Check name resolution from localhost, Pi-hole's IP, and Google's name severs
     # using the function we created earlier
-    dig_at 4 "${IPV4_ADDRESS%/*}"
-    # If IPv6 enabled,
-    if [[ "${IPV6_ADDRESS}" ]]; then
-        # check resolution
-        dig_at 6 "${IPV6_ADDRESS%/*}"
-    fi
+    dig_at 4
+    dig_at 6
 }
 
 # This function can check a directory exists

From 3b574096b80a44b2366c8bdbb9df8cfea14091b0 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Fri, 16 Apr 2021 12:24:46 +0200
Subject: [PATCH 211/297] Remove duplicated lo test

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/piholeDebug.sh | 22 +++++++---------------
 1 file changed, 7 insertions(+), 15 deletions(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index c6294e6e..02363b60 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -863,8 +863,9 @@ dig_at() {
     # Set more local variables
     # We need to test name resolution locally, via Pi-hole, and via a public resolver
     local local_dig
-    local pihole_dig
     local remote_dig
+    local interfaces
+    local addresses
     # Use a static domain that we know has IPv4 and IPv6 to avoid false positives
     # Sometimes the randomly chosen domains don't use IPv6, or something else is wrong with them
     local remote_url="doubleclick.com"
@@ -891,15 +892,6 @@ dig_at() {
     local random_url
     random_url=$(sqlite3 "${PIHOLE_GRAVITY_DB_FILE}" "SELECT domain FROM vw_gravity ORDER BY RANDOM() LIMIT 1")
 
-    # First, do a dig on localhost to see if Pi-hole can use itself to block a domain
-    if local_dig=$(dig +tries=1 +time=2 -"${protocol}" "${random_url}" @${local_address} +short "${record_type}"); then
-        # If it can, show success
-        log_write "${TICK} ${random_url} ${COL_GREEN}is ${local_dig}${COL_NC} via ${COL_CYAN}localhost$COL_NC at ${COL_CYAN}${local_address}${CON_NC}"
-    else
-        # Otherwise, show a failure
-        log_write "${CROSS} ${COL_RED}Failed to resolve${COL_NC} ${random_url} via ${COL_RED}localhost${COL_NC} at ${COL_CYAN}${local_address}${CON_NC}"
-    fi
-
     # Next we need to check if Pi-hole can resolve a domain when the query is sent to it's IP address
     # This better emulates how clients will interact with Pi-hole as opposed to above where Pi-hole is
     # just asing itself locally
@@ -918,7 +910,7 @@ dig_at() {
     #          Removes interface index
     #     s/: <.*//g;
     #          Removes everything after the interface name
-    local interfaces="$(ip link show | sed "/ master /d;/UP/!d;s/^[0-9]*: //g;s/: <.*//g;")"
+    interfaces="$(ip link show | sed "/ master /d;/UP/!d;s/^[0-9]*: //g;s/: <.*//g;")"
 
     while IFS= read -r iface ; do
         # Get addresses of current interface
@@ -929,10 +921,10 @@ dig_at() {
         #          Removes all leading whitespace as well as the "inet " or "inet6 " string
         #     s/\/.*$//g;
         #          Removes CIDR and everything thereafter (e.g., scope properties)
-        local addresses="$(ip address show dev "${iface}" | sed "/${sed_selector} /!d;s/^.*${sed_selector} //g;s/\/.*$//g;")"
+        addresses="$(ip address show dev "${iface}" | sed "/${sed_selector} /!d;s/^.*${sed_selector} //g;s/\/.*$//g;")"
         while IFS= read -r local_address ; do
             # Check if Pi-hole can use itself to block a domain
-            if local_dig=$(dig +tries=1 +time=2 -"${protocol}" "${random_url}" @${local_address} +short "${record_type}"); then
+            if local_dig=$(dig +tries=1 +time=2 -"${protocol}" "${random_url}" @"${local_address}" +short "${record_type}"); then
                 # If it can, show success
                 log_write "${TICK} ${random_url} ${COL_GREEN}is ${local_dig}${COL_NC} on ${COL_CYAN}${iface}${COL_NC} (${COL_CYAN}${local_address}${COL_NC})"
             else
@@ -944,7 +936,7 @@ dig_at() {
 
     # Finally, we need to make sure legitimate queries can out to the Internet using an external, public DNS server
     # We are using the static remote_url here instead of a random one because we know it works with IPv4 and IPv6
-    if remote_dig=$(dig +tries=1 +time=2 -"${protocol}" "${remote_url}" @${remote_address} +short "${record_type}" | head -n1); then
+    if remote_dig=$(dig +tries=1 +time=2 -"${protocol}" "${remote_url}" @"${remote_address}" +short "${record_type}" | head -n1); then
         # If successful, the real IP of the domain will be returned instead of Pi-hole's IP
         log_write "${TICK} ${remote_url} ${COL_GREEN}is ${remote_dig}${COL_NC} via ${COL_CYAN}a remote, public DNS server${COL_NC} (${remote_address})"
     else
@@ -1059,7 +1051,7 @@ parse_file() {
     local file_lines
     # For each line in the file,
     for file_lines in "${file_info[@]}"; do
-        if [[ ! -z "${file_lines}" ]]; then
+        if [[ -n "${file_lines}" ]]; then
             # don't include the Web password hash
             [[ "${file_lines}" =~ ^\#.*$  || ! "${file_lines}" || "${file_lines}" == "WEBPASSWORD="* ]] && continue
             # otherwise, display the lines of the file

From 60513f93a3f239bf503372972c9e3c3b312cf9be Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Sun, 18 Apr 2021 09:26:23 +0200
Subject: [PATCH 212/297] Don't set IPV{4,6}_ADDRESS in conftest.py

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 test/conftest.py | 2 --
 1 file changed, 2 deletions(-)

diff --git a/test/conftest.py b/test/conftest.py
index 07166ec5..13731eb8 100644
--- a/test/conftest.py
+++ b/test/conftest.py
@@ -8,8 +8,6 @@ check_output = testinfra.get_backend(
 
 SETUPVARS = {
     'PIHOLE_INTERFACE': 'eth99',
-    'IPV4_ADDRESS': '1.1.1.1',
-    'IPV6_ADDRESS': 'FE80::240:D0FF:FE48:4672',
     'PIHOLE_DNS_1': '4.2.2.1',
     'PIHOLE_DNS_2': '4.2.2.2'
 }

From 2ba350984f19165b2f224d4d9d7e9bc3bf655850 Mon Sep 17 00:00:00 2001
From: MichaIng <micha@dietpi.com>
Date: Sun, 18 Apr 2021 15:12:01 +0200
Subject: [PATCH 213/297] Enable PHP8 support for Debian/Ubuntu

Since PHP8.0, the JSON extension is a core PHP extension and hence the php8.0-json package does not exist and is not required:
- https://www.php.net/manual/json.installation.php
- https://packages.debian.org/php8.0-json

Solves: https://discourse.pi-hole.net/t/php-8-packages-not-found/46286

Signed-off-by: MichaIng <micha@dietpi.com>
---
 automated install/basic-install.sh | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index eb52aea3..1d6253a0 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -360,7 +360,11 @@ if is_command apt-get ; then
     PIHOLE_DEPS=(cron curl iputils-ping lsof netcat psmisc sudo unzip wget idn2 sqlite3 libcap2-bin dns-root-data libcap2)
     # Packages required for the Web admin interface (stored as an array)
     # It's useful to separate this from Pi-hole, since the two repos are also setup separately
-    PIHOLE_WEB_DEPS=(lighttpd "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-${phpSqlite}" "${phpVer}-xml" "${phpVer}-json" "${phpVer}-intl")
+    PIHOLE_WEB_DEPS=(lighttpd "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-${phpSqlite}" "${phpVer}-xml" "${phpVer}-intl")
+    # Prior to PHP8.0, JSON functionality is provided as dedicated module, required by Pi-hole AdminLTE: https://www.php.net/manual/json.installation.php
+    if [[ "${phpInsNewer}" != true || "${phpInsMajor}" -lt 8 ]]; then
+        PIHOLE_WEB_DEPS+=("${phpVer}-json")
+    fi
     # The Web server user,
     LIGHTTPD_USER="www-data"
     # group,

From 5895690b588e0c26efe509f36e455b430fbe3db3 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Sat, 24 Apr 2021 15:38:27 +0100
Subject: [PATCH 214/297] this has been annoying me for months

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 advanced/Scripts/version.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/advanced/Scripts/version.sh b/advanced/Scripts/version.sh
index f77ee635..86ac45bc 100755
--- a/advanced/Scripts/version.sh
+++ b/advanced/Scripts/version.sh
@@ -153,7 +153,7 @@ versionOutput() {
     if [[ -n "$current" ]] && [[ -n "$latest" ]]; then
         output="${1^} version is $branch$current (Latest: $latest)"
     elif [[ -n "$current" ]] && [[ -z "$latest" ]]; then
-        output="Current ${1^} version is $branch$current."
+        output="Current ${1^} version is $branch$current"
     elif [[ -z "$current" ]] && [[ -n "$latest" ]]; then
         output="Latest ${1^} version is $latest"
     elif [[ "$curHash" == "N/A" ]] || [[ "$latHash" == "N/A" ]]; then

From f3ceebbe06217cac68720d3668b210a0a35f900b Mon Sep 17 00:00:00 2001
From: MichaIng <micha@dietpi.com>
Date: Fri, 30 Apr 2021 20:48:12 +0200
Subject: [PATCH 215/297] Re-remove wget from dependencies

The dependency has been removed here: https://github.com/pi-hole/pi-hole/pull/3185
But accidentally re-added here: https://github.com/pi-hole/pi-hole/commit/982c1b0059723e92fa6d6bc92d466d4f2b4f8b8d#diff-595630a29a855f6d667a84ca0662042e826bf3ec56322ef61d4a6ef149147d23

wget is still not used in any Pi-hole script, hence it can be removed safely from dependencies.

Signed-off-by: MichaIng <micha@dietpi.com>
---
 automated install/basic-install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 1d6253a0..454daee4 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -357,7 +357,7 @@ if is_command apt-get ; then
     # Packages required to run this install script (stored as an array)
     INSTALLER_DEPS=(dhcpcd5 git "${iproute_pkg}" whiptail dnsutils)
     # Packages required to run Pi-hole (stored as an array)
-    PIHOLE_DEPS=(cron curl iputils-ping lsof netcat psmisc sudo unzip wget idn2 sqlite3 libcap2-bin dns-root-data libcap2)
+    PIHOLE_DEPS=(cron curl iputils-ping lsof netcat psmisc sudo unzip idn2 sqlite3 libcap2-bin dns-root-data libcap2)
     # Packages required for the Web admin interface (stored as an array)
     # It's useful to separate this from Pi-hole, since the two repos are also setup separately
     PIHOLE_WEB_DEPS=(lighttpd "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-${phpSqlite}" "${phpVer}-xml" "${phpVer}-intl")

From c9014436767251bd3b67558561afae60d78ee9b3 Mon Sep 17 00:00:00 2001
From: MichaIng <micha@dietpi.com>
Date: Sun, 2 May 2021 13:27:35 +0200
Subject: [PATCH 216/297] Remove false statement about dependency removal on
 Raspbian

The statement "All dependencies are safe to remove on Raspbian" has been added at a time where a much smaller list of dependencies were installed, all indeed relatively safe to purge. Nowadays this list has grown and includes important system packages, like iproute2, psmisc, sudo, curl and others, which are often again dependencies of other packages, like network stacks (ifupdown) and others, so that inexperienced users, following that statement, may break their systems network capabilities and more.

This message has hence been removed.

Signed-off-by: MichaIng <micha@dietpi.com>
---
 automated install/uninstall.sh | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh
index a0d3b108..543ca07a 100755
--- a/automated install/uninstall.sh	
+++ b/automated install/uninstall.sh	
@@ -206,11 +206,7 @@ removeNoPurge() {
 }
 
 ######### SCRIPT ###########
-if command -v vcgencmd &> /dev/null; then
-    echo -e "  ${INFO} All dependencies are safe to remove on Raspbian"
-else
-    echo -e "  ${INFO} Be sure to confirm if any dependencies should not be removed"
-fi
+echo -e "  ${INFO} Be sure to confirm if any dependencies should not be removed"
 while true; do
     echo -e "  ${INFO} ${COL_YELLOW}The following dependencies may have been added by the Pi-hole install:"
     echo -n "    "

From 6f60555f7994c0e33e5156f8eeadf3469338de25 Mon Sep 17 00:00:00 2001
From: Ashutosh Verma <mail@ashu.io>
Date: Thu, 20 May 2021 22:34:19 +0530
Subject: [PATCH 217/297] Added install Method 3

Signed-off-by: Ashutosh Verma <mail@ashu.io>
---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/README.md b/README.md
index 57dee16d..06f541f4 100644
--- a/README.md
+++ b/README.md
@@ -50,6 +50,8 @@ sudo bash basic-install.sh
 wget -O basic-install.sh https://install.pi-hole.net
 sudo bash basic-install.sh
 ```
+### Method 3: Using Docker to deploy Pi-hole
+Please refer to the [Pi-hole docker repo](https://github.com/pi-hole/docker-pi-hole) to use the Official Docker Images.
 
 ## [Post-install: Make your network take advantage of Pi-hole](https://docs.pi-hole.net/main/post-install/)
 

From a9e761ec1336284108baf12e908a2124059cef9f Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Sun, 23 May 2021 12:11:04 +0200
Subject: [PATCH 218/297] Add missing sed anchors when deleting lines.

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/webpage.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index 8ef4d940..315236a3 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -716,7 +716,7 @@ RemoveCustomDNSAddress() {
     host="${args[3]}"
 
     if valid_ip "${ip}" || valid_ip6 "${ip}" ; then
-        sed -i "/${ip} ${host}/d" "${dnscustomfile}"
+        sed -i "/^${ip} ${host}$/d" "${dnscustomfile}"
     else
         echo -e "  ${CROSS} Invalid IP has been passed"
         exit 1
@@ -748,7 +748,7 @@ RemoveCustomCNAMERecord() {
     if [[ -n "${validDomain}" ]]; then
         validTarget="$(checkDomain "${target}")"
         if [[ -n "${validDomain}" ]]; then
-            sed -i "/cname=${validDomain},${validTarget}/d" "${dnscustomcnamefile}"
+            sed -i "/cname=${validDomain},${validTarget}$/d" "${dnscustomcnamefile}"
         else
             echo "  ${CROSS} Invalid Target Passed!"
             exit 1

From 01c310a78f41b84e77283daae87244cb47f5ff4a Mon Sep 17 00:00:00 2001
From: William Horning <williamhorning@wgyt.tk>
Date: Thu, 10 Jun 2021 19:23:58 -0400
Subject: [PATCH 219/297] Fix typo

Signed-off-by: William Horning <williamhorning@wgyt.tk>
---
 manpages/pihole.8 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/manpages/pihole.8 b/manpages/pihole.8
index 4ba0e0f7..aaaa8d7e 100644
--- a/manpages/pihole.8
+++ b/manpages/pihole.8
@@ -56,7 +56,7 @@ Available commands and options:
 
 \fB-w, whitelist\fR [options] [<domain1> <domain2 ...>]
 .br
-    Adds or removes specified domain or domains tho the Whitelist
+    Adds or removes specified domain or domains to the Whitelist
 .br
 
 \fB-b, blacklist\fR [options] [<domain1> <domain2 ...>]

From a2d5b8050af46b7f28eff0dfb6b3b81b2c499db9 Mon Sep 17 00:00:00 2001
From: jpgpi250 <jpgpi250@gmail.com>
Date: Mon, 14 Jun 2021 20:27:10 +0200
Subject: [PATCH 220/297] Update gravity.sh

Signed-off-by: jpgpi250 <jpgpi250@gmail.com>
---
 gravity.sh | 22 ++++++++++++++++++++--
 1 file changed, 20 insertions(+), 2 deletions(-)

diff --git a/gravity.sh b/gravity.sh
index 24a41c48..7ba443d8 100755
--- a/gravity.sh
+++ b/gravity.sh
@@ -73,6 +73,8 @@ fi
 # have changed
 gravityDBfile="${GRAVITYDB}"
 gravityTEMPfile="${GRAVITYDB}_temp"
+gravityDIR="$(dirname -- "${gravityDBfile}")"
+gravityOLDfile="${gravityDIR}/gravity_old.db"
 
 if [[ -z "${BLOCKINGMODE}" ]] ; then
   BLOCKINGMODE="NULL"
@@ -123,8 +125,19 @@ gravity_swap_databases() {
   fi
   echo -e "${OVER}  ${TICK} ${str}"
 
-  # Swap databases and remove old database
-  rm "${gravityDBfile}"
+  # Swap databases and remove or conditionally rename old database
+  # Number of available blocks on disk
+  availableBlocks=$(stat -f --format "%a" "${gravityDIR}")
+  # Number of blocks, used by gravity.db
+  gravityBlocks=$(stat --format "%b" ${gravityDBfile})
+  # Only keep the old database if available disk space is at least twice the size of the existing gravity.db.
+  # Better be safe than sorry...
+  if [ "${availableBlocks}" -gt "$(("${gravityBlocks}" * 2))" ] && [ -f "${gravityDBfile}" ]; then
+    echo -e "  ${TICK} The old database remains available."
+    mv "${gravityDBfile}" "${gravityOLDfile}"
+  else
+    rm "${gravityDBfile}"
+  fi
   mv "${gravityTEMPfile}" "${gravityDBfile}"
 }
 
@@ -890,6 +903,11 @@ for var in "$@"; do
   esac
 done
 
+# Remove OLD (backup) gravity file, if it exists
+if [[ -f "${gravityOLDfile}" ]]; then
+  rm "${gravityOLDfile}"
+fi
+
 # Trap Ctrl-C
 gravity_Trap
 

From df3c46349ab0f32cf420ba26105c85bbe1a0814c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Mon, 3 May 2021 21:23:41 +0200
Subject: [PATCH 221/297] Add tail of pihole.log to debug output
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 advanced/Scripts/piholeDebug.sh | 85 +++++++++++++++++++--------------
 1 file changed, 48 insertions(+), 37 deletions(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 13a886f1..36efe77f 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -1281,53 +1281,64 @@ analyze_gravity_list() {
     IFS="$OLD_IFS"
 }
 
+obfuscated_pihole_log() {
+  local pihole_log=("$@")
+  local line
+  local error_to_check_for
+  local line_to_obfuscate
+  local obfuscated_line
+  for line in "${pihole_log[@]}"; do
+      # A common error in the pihole.log is when there is a non-hosts formatted file
+      # that the DNS server is attempting to read.  Since it's not formatted
+      # correctly, there will be an entry for "bad address at line n"
+      # So we can check for that here and highlight it in red so the user can see it easily
+      error_to_check_for=$(echo "${line}" | grep 'bad address at')
+      # Some users may not want to have the domains they visit sent to us
+      # To that end, we check for lines in the log that would contain a domain name
+      line_to_obfuscate=$(echo "${line}" | grep ': query\|: forwarded\|: reply')
+      # If the variable contains a value, it found an error in the log
+      if [[ -n ${error_to_check_for} ]]; then
+          # So we can print it in red to make it visible to the user
+          log_write "   ${CROSS} ${COL_RED}${head_line}${COL_NC} (${FAQ_BAD_ADDRESS})"
+      else
+          # If the variable does not a value (the current default behavior), so do not obfuscate anything
+          if [[ -z ${OBFUSCATE} ]]; then
+              log_write "   ${line}"
+          # Othwerise, a flag was passed to this command to obfuscate domains in the log
+          else
+              # So first check if there are domains in the log that should be obfuscated
+              if [[ -n ${line_to_obfuscate} ]]; then
+                  # If there are, we need to use awk to replace only the domain name (the 6th field in the log)
+                  # so we substitute the domain for the placeholder value
+                  obfuscated_line=$(echo "${line_to_obfuscate}" | awk -v placeholder="${OBFUSCATED_PLACEHOLDER}" '{sub($6,placeholder); print $0}')
+                  log_write "   ${obfuscated_line}"
+              else
+                  log_write "   ${line}"
+              fi
+          fi
+      fi
+  done
+}
+
 analyze_pihole_log() {
     echo_current_diagnostic "Pi-hole log"
-    local head_line
+    local pihole_log_head=()
+    local pihole_log_tail=()
+    local pihole_log_permissions
+
     # Put the current Internal Field Separator into another variable so it can be restored later
     OLD_IFS="$IFS"
     # Get the lines that are in the file(s) and store them in an array for parsing later
     IFS=$'\r\n'
-    local pihole_log_permissions
     pihole_log_permissions=$(ls -ld "${PIHOLE_LOG}")
     log_write "${COL_GREEN}${pihole_log_permissions}${COL_NC}"
-    local pihole_log_head=()
     mapfile -t pihole_log_head < <(head -n 20 ${PIHOLE_LOG})
     log_write "   ${COL_CYAN}-----head of $(basename ${PIHOLE_LOG})------${COL_NC}"
-    local error_to_check_for
-    local line_to_obfuscate
-    local obfuscated_line
-    for head_line in "${pihole_log_head[@]}"; do
-        # A common error in the pihole.log is when there is a non-hosts formatted file
-        # that the DNS server is attempting to read.  Since it's not formatted
-        # correctly, there will be an entry for "bad address at line n"
-        # So we can check for that here and highlight it in red so the user can see it easily
-        error_to_check_for=$(echo "${head_line}" | grep 'bad address at')
-        # Some users may not want to have the domains they visit sent to us
-        # To that end, we check for lines in the log that would contain a domain name
-        line_to_obfuscate=$(echo "${head_line}" | grep ': query\|: forwarded\|: reply')
-        # If the variable contains a value, it found an error in the log
-        if [[ -n ${error_to_check_for} ]]; then
-            # So we can print it in red to make it visible to the user
-            log_write "   ${CROSS} ${COL_RED}${head_line}${COL_NC} (${FAQ_BAD_ADDRESS})"
-        else
-            # If the variable does not a value (the current default behavior), so do not obfuscate anything
-            if [[ -z ${OBFUSCATE} ]]; then
-                log_write "   ${head_line}"
-            # Othwerise, a flag was passed to this command to obfuscate domains in the log
-            else
-                # So first check if there are domains in the log that should be obfuscated
-                if [[ -n ${line_to_obfuscate} ]]; then
-                    # If there are, we need to use awk to replace only the domain name (the 6th field in the log)
-                    # so we substitute the domain for the placeholder value
-                    obfuscated_line=$(echo "${line_to_obfuscate}" | awk -v placeholder="${OBFUSCATED_PLACEHOLDER}" '{sub($6,placeholder); print $0}')
-                    log_write "   ${obfuscated_line}"
-                else
-                    log_write "   ${head_line}"
-                fi
-            fi
-        fi
-    done
+    obfuscated_pihole_log "${pihole_log_head[@]}"
+    log_write ""
+    mapfile -t pihole_log_tail < <(tail -n 20 ${PIHOLE_LOG})
+    log_write "   ${COL_CYAN}-----tail of $(basename ${PIHOLE_LOG})------${COL_NC}"
+    obfuscated_pihole_log "${pihole_log_tail[@]}"
     log_write ""
     # Set the IFS back to what it was
     IFS="$OLD_IFS"

From f2cba6cad1b8893757c69975e8b984c1bc8eda7f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Thu, 3 Jun 2021 13:15:44 +0200
Subject: [PATCH 222/297] Skip analyze_pihole_log if query logging has been
 disabled
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 advanced/Scripts/piholeDebug.sh | 47 +++++++++++++++++++--------------
 1 file changed, 27 insertions(+), 20 deletions(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 36efe77f..859ac3d3 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -1321,27 +1321,34 @@ obfuscated_pihole_log() {
 }
 
 analyze_pihole_log() {
-    echo_current_diagnostic "Pi-hole log"
-    local pihole_log_head=()
-    local pihole_log_tail=()
-    local pihole_log_permissions
+  echo_current_diagnostic "Pi-hole log"
+  local pihole_log_head=()
+  local pihole_log_tail=()
+  local pihole_log_permissions
 
-    # Put the current Internal Field Separator into another variable so it can be restored later
-    OLD_IFS="$IFS"
-    # Get the lines that are in the file(s) and store them in an array for parsing later
-    IFS=$'\r\n'
-    pihole_log_permissions=$(ls -ld "${PIHOLE_LOG}")
-    log_write "${COL_GREEN}${pihole_log_permissions}${COL_NC}"
-    mapfile -t pihole_log_head < <(head -n 20 ${PIHOLE_LOG})
-    log_write "   ${COL_CYAN}-----head of $(basename ${PIHOLE_LOG})------${COL_NC}"
-    obfuscated_pihole_log "${pihole_log_head[@]}"
-    log_write ""
-    mapfile -t pihole_log_tail < <(tail -n 20 ${PIHOLE_LOG})
-    log_write "   ${COL_CYAN}-----tail of $(basename ${PIHOLE_LOG})------${COL_NC}"
-    obfuscated_pihole_log "${pihole_log_tail[@]}"
-    log_write ""
-    # Set the IFS back to what it was
-    IFS="$OLD_IFS"
+  local logging_enabled=$(grep -c "^log-queries" /etc/dnsmasq.d/01-pihole.conf)
+  if [[ "${logging_enabled}" == "0" ]]; then
+      # No "log-queries" lines are found.
+      # Commented out lines (such as "#log-queries") are ignored
+      log_write "${INFO} Query logging is disabled"
+  else
+      # Put the current Internal Field Separator into another variable so it can be restored later
+      OLD_IFS="$IFS"
+      # Get the lines that are in the file(s) and store them in an array for parsing later
+      IFS=$'\r\n'
+      pihole_log_permissions=$(ls -ld "${PIHOLE_LOG}")
+      log_write "${COL_GREEN}${pihole_log_permissions}${COL_NC}"
+      mapfile -t pihole_log_head < <(head -n 20 ${PIHOLE_LOG})
+      log_write "   ${COL_CYAN}-----head of $(basename ${PIHOLE_LOG})------${COL_NC}"
+      obfuscated_pihole_log "${pihole_log_head[@]}"
+      log_write ""
+      mapfile -t pihole_log_tail < <(tail -n 20 ${PIHOLE_LOG})
+      log_write "   ${COL_CYAN}-----tail of $(basename ${PIHOLE_LOG})------${COL_NC}"
+      obfuscated_pihole_log "${pihole_log_tail[@]}"
+      log_write ""
+      # Set the IFS back to what it was
+      IFS="$OLD_IFS"
+  fi
 }
 
 tricorder_use_nc_or_curl() {

From 1ae67e1de8677341b0f9af70008dfa8973c87d95 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Fri, 4 Jun 2021 21:19:07 +0200
Subject: [PATCH 223/297] Only inform user about disabled logging, don't skipp
 printing pihole.log
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 advanced/Scripts/piholeDebug.sh | 35 ++++++++++++++++-----------------
 1 file changed, 17 insertions(+), 18 deletions(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 859ac3d3..8b6a5c24 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -1328,27 +1328,26 @@ analyze_pihole_log() {
 
   local logging_enabled=$(grep -c "^log-queries" /etc/dnsmasq.d/01-pihole.conf)
   if [[ "${logging_enabled}" == "0" ]]; then
-      # No "log-queries" lines are found.
-      # Commented out lines (such as "#log-queries") are ignored
+      # Inform user that logging has been disabled and pihole.log does not contain queries
       log_write "${INFO} Query logging is disabled"
-  else
-      # Put the current Internal Field Separator into another variable so it can be restored later
-      OLD_IFS="$IFS"
-      # Get the lines that are in the file(s) and store them in an array for parsing later
-      IFS=$'\r\n'
-      pihole_log_permissions=$(ls -ld "${PIHOLE_LOG}")
-      log_write "${COL_GREEN}${pihole_log_permissions}${COL_NC}"
-      mapfile -t pihole_log_head < <(head -n 20 ${PIHOLE_LOG})
-      log_write "   ${COL_CYAN}-----head of $(basename ${PIHOLE_LOG})------${COL_NC}"
-      obfuscated_pihole_log "${pihole_log_head[@]}"
       log_write ""
-      mapfile -t pihole_log_tail < <(tail -n 20 ${PIHOLE_LOG})
-      log_write "   ${COL_CYAN}-----tail of $(basename ${PIHOLE_LOG})------${COL_NC}"
-      obfuscated_pihole_log "${pihole_log_tail[@]}"
-      log_write ""
-      # Set the IFS back to what it was
-      IFS="$OLD_IFS"
   fi
+  # Put the current Internal Field Separator into another variable so it can be restored later
+  OLD_IFS="$IFS"
+  # Get the lines that are in the file(s) and store them in an array for parsing later
+  IFS=$'\r\n'
+  pihole_log_permissions=$(ls -ld "${PIHOLE_LOG}")
+  log_write "${COL_GREEN}${pihole_log_permissions}${COL_NC}"
+  mapfile -t pihole_log_head < <(head -n 20 ${PIHOLE_LOG})
+  log_write "   ${COL_CYAN}-----head of $(basename ${PIHOLE_LOG})------${COL_NC}"
+  obfuscated_pihole_log "${pihole_log_head[@]}"
+  log_write ""
+  mapfile -t pihole_log_tail < <(tail -n 20 ${PIHOLE_LOG})
+  log_write "   ${COL_CYAN}-----tail of $(basename ${PIHOLE_LOG})------${COL_NC}"
+  obfuscated_pihole_log "${pihole_log_tail[@]}"
+  log_write ""
+  # Set the IFS back to what it was
+  IFS="$OLD_IFS"
 }
 
 tricorder_use_nc_or_curl() {

From 08cf9aa5a7a5698c7c968b6dd003910875c9279d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Fri, 4 Jun 2021 21:30:41 +0200
Subject: [PATCH 224/297] Declare and assign 'logging_enabled' separately
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 advanced/Scripts/piholeDebug.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 8b6a5c24..62ba9aba 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -1325,8 +1325,9 @@ analyze_pihole_log() {
   local pihole_log_head=()
   local pihole_log_tail=()
   local pihole_log_permissions
+  local logging_enabled
 
-  local logging_enabled=$(grep -c "^log-queries" /etc/dnsmasq.d/01-pihole.conf)
+  logging_enabled=$(grep -c "^log-queries" /etc/dnsmasq.d/01-pihole.conf)
   if [[ "${logging_enabled}" == "0" ]]; then
       # Inform user that logging has been disabled and pihole.log does not contain queries
       log_write "${INFO} Query logging is disabled"

From 01764cc581220fb1751ebcb8808d5ca59ec7d2d6 Mon Sep 17 00:00:00 2001
From: Dan Schaper <dan.schaper@pi-hole.net>
Date: Sun, 20 Jun 2021 10:28:25 -0700
Subject: [PATCH 225/297] Explicity declare values for the RA packet.

Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
---
 advanced/Scripts/webpage.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index 8ef4d940..32719eb2 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -426,7 +426,7 @@ dhcp-leasefile=/etc/pihole/dhcp.leases
         echo "#quiet-dhcp6
 #enable-ra
 dhcp-option=option6:dns-server,[::]
-dhcp-range=::100,::1ff,constructor:${interface},ra-names,slaac,${leasetime}
+dhcp-range=::100,::1ff,constructor:${interface},ra-names,slaac,64,3600
 ra-param=*,0,0
 " >> "${dhcpconfig}"
     fi

From 7df22cd8e035d64bf6d46397dbf3680395222776 Mon Sep 17 00:00:00 2001
From: Dan Schaper <dan.schaper@pi-hole.net>
Date: Sun, 20 Jun 2021 11:18:33 -0700
Subject: [PATCH 226/297] Check for logroate script existing first.

Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
---
 automated install/basic-install.sh | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 454daee4..73b456ca 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -1944,9 +1944,17 @@ finalExports() {
 # Install the logrotate script
 installLogrotate() {
     local str="Installing latest logrotate script"
+    local target=/etc/pihole/logrotate
+
     printf "\\n  %b %s..." "${INFO}" "${str}"
+    if [[ -f ${target} ]]; then
+        printf "\\n\\t%b Existing logrotate file found. No changes made.\\n" "${INFO}"
+        # Return value isn't that important, using 2 to indicate that it's not a fatal error but
+        # the function did not complete. 
+        return 2
+    fi
     # Copy the file over from the local repo
-    install -D -m 644 -T ${PI_HOLE_LOCAL_REPO}/advanced/Templates/logrotate /etc/pihole/logrotate
+    install -D -m 644 -T ${PI_HOLE_LOCAL_REPO}/advanced/Templates/logrotate ${target}
     # Different operating systems have different user / group
     # settings for logrotate that makes it impossible to create
     # a static logrotate file that will work with e.g.
@@ -1957,7 +1965,7 @@ installLogrotate() {
     # If there is a usergroup for log rotation,
     if [[ ! -z "${logusergroup}" ]]; then
         # replace the line in the logrotate script with that usergroup.
-        sed -i "s/# su #/su ${logusergroup}/g;" /etc/pihole/logrotate
+        sed -i "s/# su #/su ${logusergroup}/g;" ${target}
     fi
     printf "%b  %b %s\\n" "${OVER}" "${TICK}" "${str}"
 }

From 4f660966d036a562d1fbbadbe0d56b52fa6cbf5b Mon Sep 17 00:00:00 2001
From: Dan Schaper <dan.schaper@pi-hole.net>
Date: Sun, 20 Jun 2021 11:19:19 -0700
Subject: [PATCH 227/297] Shellchecker

Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
---
 automated install/basic-install.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 73b456ca..96ca8c92 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -1954,7 +1954,7 @@ installLogrotate() {
         return 2
     fi
     # Copy the file over from the local repo
-    install -D -m 644 -T ${PI_HOLE_LOCAL_REPO}/advanced/Templates/logrotate ${target}
+    install -D -m 644 -T "${PI_HOLE_LOCAL_REPO}"/advanced/Templates/logrotate ${target}
     # Different operating systems have different user / group
     # settings for logrotate that makes it impossible to create
     # a static logrotate file that will work with e.g.
@@ -1963,7 +1963,7 @@ installLogrotate() {
     # the local properties of the /var/log directory
     logusergroup="$(stat -c '%U %G' /var/log)"
     # If there is a usergroup for log rotation,
-    if [[ ! -z "${logusergroup}" ]]; then
+    if [[ -n "${logusergroup}" ]]; then
         # replace the line in the logrotate script with that usergroup.
         sed -i "s/# su #/su ${logusergroup}/g;" ${target}
     fi

From 2b499880133c2869313d1a8ce971d3be86c6ae81 Mon Sep 17 00:00:00 2001
From: Daniel <daniel@developerdan.com>
Date: Thu, 1 Jul 2021 02:19:00 +0000
Subject: [PATCH 228/297] Include lighttpd-mod-deflate in the PIHOLE_WEB_DEPS
 list since it is no longer provided by default in Debian Bullseye

Signed-off-by: Daniel <daniel@developerdan.com>
---
 automated install/basic-install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 96ca8c92..17462c73 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -360,7 +360,7 @@ if is_command apt-get ; then
     PIHOLE_DEPS=(cron curl iputils-ping lsof netcat psmisc sudo unzip idn2 sqlite3 libcap2-bin dns-root-data libcap2)
     # Packages required for the Web admin interface (stored as an array)
     # It's useful to separate this from Pi-hole, since the two repos are also setup separately
-    PIHOLE_WEB_DEPS=(lighttpd "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-${phpSqlite}" "${phpVer}-xml" "${phpVer}-intl")
+    PIHOLE_WEB_DEPS=(lighttpd lighttpd-mod-deflate "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-${phpSqlite}" "${phpVer}-xml" "${phpVer}-intl")
     # Prior to PHP8.0, JSON functionality is provided as dedicated module, required by Pi-hole AdminLTE: https://www.php.net/manual/json.installation.php
     if [[ "${phpInsNewer}" != true || "${phpInsMajor}" -lt 8 ]]; then
         PIHOLE_WEB_DEPS+=("${phpVer}-json")

From c120f8a8d88a20dd9bb5905ae3cf5a5f3ddb9466 Mon Sep 17 00:00:00 2001
From: Adam Warner <github@adamwarner.co.uk>
Date: Fri, 2 Jul 2021 22:09:41 +0100
Subject: [PATCH 229/297] Revert "Include lighttpd-mod-deflate since it is no
 longer provided by default in Bullsye"

---
 automated install/basic-install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 17462c73..96ca8c92 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -360,7 +360,7 @@ if is_command apt-get ; then
     PIHOLE_DEPS=(cron curl iputils-ping lsof netcat psmisc sudo unzip idn2 sqlite3 libcap2-bin dns-root-data libcap2)
     # Packages required for the Web admin interface (stored as an array)
     # It's useful to separate this from Pi-hole, since the two repos are also setup separately
-    PIHOLE_WEB_DEPS=(lighttpd lighttpd-mod-deflate "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-${phpSqlite}" "${phpVer}-xml" "${phpVer}-intl")
+    PIHOLE_WEB_DEPS=(lighttpd "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-${phpSqlite}" "${phpVer}-xml" "${phpVer}-intl")
     # Prior to PHP8.0, JSON functionality is provided as dedicated module, required by Pi-hole AdminLTE: https://www.php.net/manual/json.installation.php
     if [[ "${phpInsNewer}" != true || "${phpInsMajor}" -lt 8 ]]; then
         PIHOLE_WEB_DEPS+=("${phpVer}-json")

From 469b71544262f8473cc1e22142ee01a4016785fc Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Sat, 3 Jul 2021 00:00:54 +0100
Subject: [PATCH 230/297] Add three new tests (one for each dependecy array) to
 check packages are available in supported OS package repos

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 test/test_automated_install.py | 40 ++++++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)

diff --git a/test/test_automated_install.py b/test/test_automated_install.py
index 44624082..891fc185 100644
--- a/test/test_automated_install.py
+++ b/test/test_automated_install.py
@@ -597,3 +597,43 @@ def test_os_check_passes(Pihole):
     ''')
     expected_stdout = 'Supported OS detected'
     assert expected_stdout in detectOS.stdout
+
+
+def test_package_manager_has_installer_deps(Pihole):
+    ''' Confirms OS is able to install the required packages for the installer'''
+    mock_command('whiptail', {'*': ('', '0')}, Pihole)
+    output = Pihole.run('''
+    source /opt/pihole/basic-install.sh
+    distro_check
+    install_dependent_packages ${INSTALLER_DEPS[@]}
+    ''')
+
+    assert 'No package' not in output.stdout #centos7 still exits 0...
+    assert output.rc == 0
+
+
+def test_package_manager_has_pihole_deps(Pihole):
+    ''' Confirms OS is able to install the required packages for Pi-hole '''
+    mock_command('whiptail', {'*': ('', '0')}, Pihole)
+    output = Pihole.run('''
+    source /opt/pihole/basic-install.sh
+    distro_check
+    install_dependent_packages ${PIHOLE_DEPS[@]}
+    ''')
+
+    assert 'No package' not in output.stdout #centos7 still exits 0...
+    assert output.rc == 0
+
+
+def test_package_manager_has_web_deps(Pihole):
+    ''' Confirms OS is able to install the required packages for web '''
+    mock_command('whiptail', {'*': ('', '0')}, Pihole)
+    output = Pihole.run('''
+    source /opt/pihole/basic-install.sh
+    distro_check
+    install_dependent_packages ${PIHOLE_WEB_DEPS[@]}
+    ''')
+
+    assert 'No package' not in output.stdout #centos7 still exits 0...
+    assert output.rc == 0
+

From 87f2ae82cd16473886c4bf9da1d9d19fb909aa1a Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Sat, 3 Jul 2021 00:07:37 +0100
Subject: [PATCH 231/297] Stickler gonna stickle...

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 test/test_automated_install.py | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/test/test_automated_install.py b/test/test_automated_install.py
index 891fc185..0849aa9a 100644
--- a/test/test_automated_install.py
+++ b/test/test_automated_install.py
@@ -608,7 +608,7 @@ def test_package_manager_has_installer_deps(Pihole):
     install_dependent_packages ${INSTALLER_DEPS[@]}
     ''')
 
-    assert 'No package' not in output.stdout #centos7 still exits 0...
+    assert 'No package' not in output.stdout  # centos7 still exits 0...
     assert output.rc == 0
 
 
@@ -621,7 +621,7 @@ def test_package_manager_has_pihole_deps(Pihole):
     install_dependent_packages ${PIHOLE_DEPS[@]}
     ''')
 
-    assert 'No package' not in output.stdout #centos7 still exits 0...
+    assert 'No package' not in output.stdout  # centos7 still exits 0...
     assert output.rc == 0
 
 
@@ -634,6 +634,5 @@ def test_package_manager_has_web_deps(Pihole):
     install_dependent_packages ${PIHOLE_WEB_DEPS[@]}
     ''')
 
-    assert 'No package' not in output.stdout #centos7 still exits 0...
+    assert 'No package' not in output.stdout  # centos7 still exits 0...
     assert output.rc == 0
-

From 4fb5157719f3f8c74e9dfb9e8167673c96947532 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Fri, 4 Jun 2021 21:59:17 +0200
Subject: [PATCH 232/297] Squashed commits
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Add simple grep function to pihole -t

Signed-off-by: Christian König <ckoenig@posteo.de>

Add help info

Signed-off-by: Christian König <ckoenig@posteo.de>

Improve help info

Signed-off-by: Christian König <ckoenig@posteo.de>

Fix details

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 pihole | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/pihole b/pihole
index f8085c8e..58ec385a 100755
--- a/pihole
+++ b/pihole
@@ -370,7 +370,7 @@ tailFunc() {
   # Color blocklist/blacklist/wildcard entries as red
   # Color A/AAAA/DHCP strings as white
   # Color everything else as gray
-  tail -f /var/log/pihole.log | sed -E \
+  tail -f /var/log/pihole.log | grep --line-buffered "${1}" | sed -E \
     -e "s,($(date +'%b %d ')| dnsmasq\[[0-9]*\]),,g" \
     -e "s,(.*(blacklisted |gravity blocked ).* is (0.0.0.0|::|NXDOMAIN|${IPV4_ADDRESS%/*}|${IPV6_ADDRESS:-NULL}).*),${COL_RED}&${COL_NC}," \
     -e "s,.*(query\\[A|DHCP).*,${COL_NC}&${COL_NC}," \
@@ -456,7 +456,10 @@ Debugging Options:
                         Add '-a' to automatically upload the log to tricorder.pi-hole.net
   -f, flush           Flush the Pi-hole log
   -r, reconfigure     Reconfigure or Repair Pi-hole subsystems
-  -t, tail            View the live output of the Pi-hole log
+  -t, tail [arg]      View the live output of the Pi-hole log.
+                      Add an optional argument to filter the log
+                      (regular expressions are supported)
+
 
 Options:
   -a, admin           Web interface options
@@ -530,7 +533,7 @@ case "${1}" in
   "status"                      ) statusFunc "$2";;
   "restartdns"                  ) restartDNS "$2";;
   "-a" | "admin"                ) webpageFunc "$@";;
-  "-t" | "tail"                 ) tailFunc;;
+  "-t" | "tail"                 ) tailFunc "$2";;
   "checkout"                    ) piholeCheckoutFunc "$@";;
   "tricorder"                   ) tricorderFunc;;
   "updatechecker"               ) updateCheckFunc "$@";;

From e80e54a61a4942320391770d939e370fb3f996c5 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Sun, 4 Jul 2021 01:18:46 +0100
Subject: [PATCH 233/297] head_line -> line

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 advanced/Scripts/piholeDebug.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 62ba9aba..f0d6f799 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -1299,7 +1299,7 @@ obfuscated_pihole_log() {
       # If the variable contains a value, it found an error in the log
       if [[ -n ${error_to_check_for} ]]; then
           # So we can print it in red to make it visible to the user
-          log_write "   ${CROSS} ${COL_RED}${head_line}${COL_NC} (${FAQ_BAD_ADDRESS})"
+          log_write "   ${CROSS} ${COL_RED}${line}${COL_NC} (${FAQ_BAD_ADDRESS})"
       else
           # If the variable does not a value (the current default behavior), so do not obfuscate anything
           if [[ -z ${OBFUSCATE} ]]; then

From a0d74d1e9d52fb0039b6c3f709216e4af2acb0d3 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Sun, 4 Jul 2021 13:55:47 +0200
Subject: [PATCH 234/297] Canary domain handling is now happening in FTL where
 we have much finer control over it.

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/webpage.sh | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index ec5f8e49..9f07b120 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -273,11 +273,6 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423
         fi
     fi
 
-    # Prevent Firefox from automatically switching over to DNS-over-HTTPS
-    # This follows https://support.mozilla.org/en-US/kb/configuring-networks-disable-dns-over-https
-    # (sourced 7th September 2019)
-    add_dnsmasq_setting "server=/use-application-dns.net/"
-
     # We need to process DHCP settings here as well to account for possible
     # changes in the non-FQDN forwarding. This cannot be done in 01-pihole.conf
     # as we don't want to delete all local=/.../ lines so it's much safer to

From 31a096dec279ad478632d9e1ec614fbae362a4b7 Mon Sep 17 00:00:00 2001
From: Daniel <daniel@developerdan.com>
Date: Wed, 7 Jul 2021 13:31:59 +0000
Subject: [PATCH 235/297] Remove mod_compress (mod_deflate) from lighttpd to
 provide backwards compatible support for Debian Bullseye (11)

Signed-off-by: Daniel <daniel@developerdan.com>
---
 advanced/lighttpd.conf.debian | 21 ---------------------
 1 file changed, 21 deletions(-)

diff --git a/advanced/lighttpd.conf.debian b/advanced/lighttpd.conf.debian
index cd6d7737..9c892fc0 100644
--- a/advanced/lighttpd.conf.debian
+++ b/advanced/lighttpd.conf.debian
@@ -20,7 +20,6 @@ server.modules = (
     "mod_accesslog",
     "mod_auth",
     "mod_expire",
-    "mod_compress",
     "mod_redirect",
     "mod_setenv",
     "mod_rewrite"
@@ -41,26 +40,6 @@ index-file.names            = ( "index.php", "index.html", "index.lighttpd.html"
 url.access-deny             = ( "~", ".inc", ".md", ".yml", ".ini" )
 static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
 
-compress.cache-dir = "/var/cache/lighttpd/compress/"
-compress.filetype  = (
-    "application/json",
-    "application/vnd.ms-fontobject",
-    "application/xml",
-    "font/eot",
-    "font/opentype",
-    "font/otf",
-    "font/ttf",
-    "image/bmp",
-    "image/svg+xml",
-    "image/vnd.microsoft.icon",
-    "image/x-icon",
-    "text/css",
-    "text/html",
-    "text/javascript",
-    "text/plain",
-    "text/xml"
-)
-
 mimetype.assign = (
     ".ico"   => "image/x-icon",
     ".jpeg"  => "image/jpeg",

From c9e341b5d48b254cab5dadd0d24dbad8e0674783 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Wed, 7 Jul 2021 19:20:14 +0100
Subject: [PATCH 236/297] Same change as with #4221, but on fedora config too

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 advanced/lighttpd.conf.fedora | 21 ---------------------
 1 file changed, 21 deletions(-)

diff --git a/advanced/lighttpd.conf.fedora b/advanced/lighttpd.conf.fedora
index 64428617..aae4a6a4 100644
--- a/advanced/lighttpd.conf.fedora
+++ b/advanced/lighttpd.conf.fedora
@@ -21,7 +21,6 @@ server.modules = (
     "mod_expire",
     "mod_fastcgi",
     "mod_accesslog",
-    "mod_compress",
     "mod_redirect",
     "mod_setenv",
     "mod_rewrite"
@@ -42,26 +41,6 @@ index-file.names            = ( "index.php", "index.html", "index.lighttpd.html"
 url.access-deny             = ( "~", ".inc", ".md", ".yml", ".ini" )
 static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
 
-compress.cache-dir = "/var/cache/lighttpd/compress/"
-compress.filetype  = (
-    "application/json",
-    "application/vnd.ms-fontobject",
-    "application/xml",
-    "font/eot",
-    "font/opentype",
-    "font/otf",
-    "font/ttf",
-    "image/bmp",
-    "image/svg+xml",
-    "image/vnd.microsoft.icon",
-    "image/x-icon",
-    "text/css",
-    "text/html",
-    "text/javascript",
-    "text/plain",
-    "text/xml"
-)
-
 mimetype.assign = (
     ".ico"   => "image/x-icon",
     ".jpeg"  => "image/jpeg",

From fdca19e66d9f249b4fc5afbf6d4acd396d570fa9 Mon Sep 17 00:00:00 2001
From: Daniel <daniel@developerdan.com>
Date: Thu, 15 Apr 2021 13:59:10 +0000
Subject: [PATCH 237/297] Support and test Debian Bullsye (11)

Signed-off-by: Daniel <daniel@developerdan.com>
---
 .github/workflows/test.yml         |  2 +-
 advanced/Scripts/piholeDebug.sh    |  4 ++--
 automated install/basic-install.sh |  4 ++--
 supportedos.txt                    |  4 ++--
 test/_debian_11.Dockerfile         | 17 +++++++++++++++++
 test/tox.debian_11.ini             |  8 ++++++++
 6 files changed, 32 insertions(+), 7 deletions(-)
 create mode 100644 test/_debian_11.Dockerfile
 create mode 100644 test/tox.debian_11.ini

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index d19df5ab..a6fd1acc 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -10,7 +10,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        distro: [debian_9, debian_10, ubuntu_16, ubuntu_18, ubuntu_20, centos_7, centos_8, fedora_32, fedora_33]
+        distro: [debian_9, debian_10, debian_11, ubuntu_16, ubuntu_18, ubuntu_20, centos_7, centos_8, fedora_32, fedora_33]
     env:
       DISTRO: ${{matrix.distro}}
     steps:
diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index f0a22b6d..8ea640c2 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -410,12 +410,12 @@ os_check() {
     # This function gets a list of supported OS versions from a TXT record at versions.pi-hole.net
     # and determines whether or not the script is running on one of those systems
     local remote_os_domain valid_os valid_version detected_os detected_version cmdResult digReturnCode response
-    remote_os_domain="versions.pi-hole.net"
+    remote_os_domain=${OS_CHECK_DOMAIN_NAME:-"versions.pi-hole.net"}
 
     detected_os=$(grep "\bID\b" /etc/os-release | cut -d '=' -f2 | tr -d '"')
     detected_version=$(grep VERSION_ID /etc/os-release | cut -d '=' -f2 | tr -d '"')
 
-    cmdResult="$(dig +short -t txt ${remote_os_domain} @ns1.pi-hole.net 2>&1; echo $?)"
+    cmdResult="$(dig +short -t txt "${remote_os_domain}" @ns1.pi-hole.net 2>&1; echo $?)"
     #Get the return code of the previous command (last line)
     digReturnCode="${cmdResult##*$'\n'}"
 
diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 96ca8c92..4212159e 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -186,12 +186,12 @@ os_check() {
         # This function gets a list of supported OS versions from a TXT record at versions.pi-hole.net
         # and determines whether or not the script is running on one of those systems
         local remote_os_domain valid_os valid_version valid_response detected_os detected_version display_warning cmdResult digReturnCode response
-        remote_os_domain="versions.pi-hole.net"
+        remote_os_domain=${OS_CHECK_DOMAIN_NAME:-"versions.pi-hole.net"}
 
         detected_os=$(grep "\bID\b" /etc/os-release | cut -d '=' -f2 | tr -d '"')
         detected_version=$(grep VERSION_ID /etc/os-release | cut -d '=' -f2 | tr -d '"')
 
-        cmdResult="$(dig +short -t txt ${remote_os_domain} @ns1.pi-hole.net 2>&1; echo $?)"
+        cmdResult="$(dig +short -t txt "${remote_os_domain}" @ns1.pi-hole.net 2>&1; echo $?)"
         # Gets the return code of the previous command (last line)
         digReturnCode="${cmdResult##*$'\n'}"
 
diff --git a/supportedos.txt b/supportedos.txt
index 6d579132..c9332deb 100644
--- a/supportedos.txt
+++ b/supportedos.txt
@@ -1,5 +1,5 @@
 Raspbian=9,10
 Ubuntu=16,18,20
-Debian=9,10
+Debian=9,10,11
 Fedora=32,33
-CentOS=7,8
\ No newline at end of file
+CentOS=7,8
diff --git a/test/_debian_11.Dockerfile b/test/_debian_11.Dockerfile
new file mode 100644
index 00000000..39be027e
--- /dev/null
+++ b/test/_debian_11.Dockerfile
@@ -0,0 +1,17 @@
+FROM buildpack-deps:bullseye-scm
+
+ENV GITDIR /etc/.pihole
+ENV SCRIPTDIR /opt/pihole
+
+RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
+ADD . $GITDIR
+RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
+ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
+
+RUN true && \
+    chmod +x $SCRIPTDIR/*
+
+ENV PH_TEST true
+ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
+
+#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
diff --git a/test/tox.debian_11.ini b/test/tox.debian_11.ini
new file mode 100644
index 00000000..af3c6e36
--- /dev/null
+++ b/test/tox.debian_11.ini
@@ -0,0 +1,8 @@
+[tox]
+envlist = py37
+
+[testenv]
+whitelist_externals = docker
+deps = -rrequirements.txt
+commands = docker build -f _debian_11.Dockerfile -t pytest_pihole:test_container ../
+           pytest {posargs:-vv -n auto} ./test_automated_install.py

From aa5c15a72882c5c76103363553644f8ef005bd61 Mon Sep 17 00:00:00 2001
From: Faye Duxovni <duxovni@duxovni.org>
Date: Fri, 9 Jul 2021 01:06:10 -0400
Subject: [PATCH 238/297] give pihole its own logrotate state file

Signed-off-by: Faye Duxovni <duxovni@duxovni.org>

Co-authored-by: Dan Schaper <dan.schaper@pi-hole.net>
---
 advanced/Scripts/piholeLogFlush.sh | 11 ++++++++---
 advanced/Templates/pihole.cron     |  2 +-
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/advanced/Scripts/piholeLogFlush.sh b/advanced/Scripts/piholeLogFlush.sh
index 51e94d7c..5c6a2c68 100755
--- a/advanced/Scripts/piholeLogFlush.sh
+++ b/advanced/Scripts/piholeLogFlush.sh
@@ -11,6 +11,11 @@
 colfile="/opt/pihole/COL_TABLE"
 source ${colfile}
 
+# In case we're running at the same time as a system logrotate, use a
+# separate logrotate state file to prevent stepping on each other's
+# toes.
+STATEFILE="/var/lib/logrotate/pihole"
+
 # Determine database location
 # Obtain DBFILE=... setting from pihole-FTL.db
 # Constructed to return nothing when
@@ -32,7 +37,7 @@ if [[ "$@" == *"once"* ]]; then
     # Nightly logrotation
     if command -v /usr/sbin/logrotate >/dev/null; then
         # Logrotate once
-        /usr/sbin/logrotate --force /etc/pihole/logrotate
+        /usr/sbin/logrotate --force --state "${STATEFILE}" /etc/pihole/logrotate
     else
         # Copy pihole.log over to pihole.log.1
         # and empty out pihole.log
@@ -47,8 +52,8 @@ else
     # Manual flushing
     if command -v /usr/sbin/logrotate >/dev/null; then
         # Logrotate twice to move all data out of sight of FTL
-        /usr/sbin/logrotate --force /etc/pihole/logrotate; sleep 3
-        /usr/sbin/logrotate --force /etc/pihole/logrotate
+        /usr/sbin/logrotate --force --state "${STATEFILE}" /etc/pihole/logrotate; sleep 3
+        /usr/sbin/logrotate --force --state "${STATEFILE}" /etc/pihole/logrotate
     else
         # Flush both pihole.log and pihole.log.1 (if existing)
         echo " " > /var/log/pihole.log
diff --git a/advanced/Templates/pihole.cron b/advanced/Templates/pihole.cron
index ecd1e808..37724d2e 100644
--- a/advanced/Templates/pihole.cron
+++ b/advanced/Templates/pihole.cron
@@ -26,7 +26,7 @@
 #          parameter "quiet": don't print messages
 00 00   * * *   root    PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole flush once quiet
 
-@reboot root /usr/sbin/logrotate /etc/pihole/logrotate
+@reboot root /usr/sbin/logrotate --state /var/lib/logrotate/pihole /etc/pihole/logrotate
 
 # Pi-hole: Grab local version and branch every 10 minutes
 */10 *  * * *   root    PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updatechecker local

From e2e7d0a6aa19e99cd0521a0644eae9f507739671 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Wed, 14 Jul 2021 22:36:02 +0100
Subject: [PATCH 239/297] add tests for ubuntu 21

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 test/_ubuntu_21.Dockerfile | 18 ++++++++++++++++++
 test/tox.ubuntu_21.ini     |  8 ++++++++
 2 files changed, 26 insertions(+)
 create mode 100644 test/_ubuntu_21.Dockerfile
 create mode 100644 test/tox.ubuntu_21.ini

diff --git a/test/_ubuntu_21.Dockerfile b/test/_ubuntu_21.Dockerfile
new file mode 100644
index 00000000..afddbfa9
--- /dev/null
+++ b/test/_ubuntu_21.Dockerfile
@@ -0,0 +1,18 @@
+FROM buildpack-deps:hirsute-scm
+
+ENV GITDIR /etc/.pihole
+ENV SCRIPTDIR /opt/pihole
+
+RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
+ADD . $GITDIR
+RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
+ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
+ENV DEBIAN_FRONTEND=noninteractive
+
+RUN true && \
+    chmod +x $SCRIPTDIR/*
+
+ENV PH_TEST true
+ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
+
+#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
diff --git a/test/tox.ubuntu_21.ini b/test/tox.ubuntu_21.ini
new file mode 100644
index 00000000..651f933b
--- /dev/null
+++ b/test/tox.ubuntu_21.ini
@@ -0,0 +1,8 @@
+[tox]
+envlist = py37
+
+[testenv]
+whitelist_externals = docker
+deps = -rrequirements.txt
+commands = docker build -f _ubuntu_21.Dockerfile -t pytest_pihole:test_container ../
+           pytest {posargs:-vv -n auto} ./test_automated_install.py

From 38d4b2a88339fef06e88fbc2da65d5141ccf0feb Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Wed, 14 Jul 2021 22:41:17 +0100
Subject: [PATCH 240/297] add OS_CHECK_DOMAIN_NAME override to all the
 dockerfiles

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 test/_centos_7.Dockerfile  | 1 +
 test/_centos_8.Dockerfile  | 1 +
 test/_debian_10.Dockerfile | 1 +
 test/_debian_9.Dockerfile  | 1 +
 test/_fedora_32.Dockerfile | 1 +
 test/_fedora_33.Dockerfile | 1 +
 test/_ubuntu_16.Dockerfile | 1 +
 test/_ubuntu_18.Dockerfile | 1 +
 test/_ubuntu_20.Dockerfile | 1 +
 9 files changed, 9 insertions(+)

diff --git a/test/_centos_7.Dockerfile b/test/_centos_7.Dockerfile
index 00543b67..434242bf 100644
--- a/test/_centos_7.Dockerfile
+++ b/test/_centos_7.Dockerfile
@@ -12,5 +12,6 @@ RUN true && \
     chmod +x $SCRIPTDIR/*
 
 ENV PH_TEST true
+ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
 
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
diff --git a/test/_centos_8.Dockerfile b/test/_centos_8.Dockerfile
index 7444551b..afd2dc8a 100644
--- a/test/_centos_8.Dockerfile
+++ b/test/_centos_8.Dockerfile
@@ -12,5 +12,6 @@ RUN true && \
     chmod +x $SCRIPTDIR/*
 
 ENV PH_TEST true
+ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
 
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
diff --git a/test/_debian_10.Dockerfile b/test/_debian_10.Dockerfile
index 9b72fc6a..54800d3c 100644
--- a/test/_debian_10.Dockerfile
+++ b/test/_debian_10.Dockerfile
@@ -12,5 +12,6 @@ RUN true && \
     chmod +x $SCRIPTDIR/*
 
 ENV PH_TEST true
+ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
 
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
diff --git a/test/_debian_9.Dockerfile b/test/_debian_9.Dockerfile
index d6609ba3..c590a657 100644
--- a/test/_debian_9.Dockerfile
+++ b/test/_debian_9.Dockerfile
@@ -12,5 +12,6 @@ RUN true && \
     chmod +x $SCRIPTDIR/*
 
 ENV PH_TEST true
+ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
 
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
diff --git a/test/_fedora_32.Dockerfile b/test/_fedora_32.Dockerfile
index 869efb2b..e9c2ff2a 100644
--- a/test/_fedora_32.Dockerfile
+++ b/test/_fedora_32.Dockerfile
@@ -12,5 +12,6 @@ RUN true && \
     chmod +x $SCRIPTDIR/*
 
 ENV PH_TEST true
+ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
 
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
diff --git a/test/_fedora_33.Dockerfile b/test/_fedora_33.Dockerfile
index 0a1ac59c..9ae94c70 100644
--- a/test/_fedora_33.Dockerfile
+++ b/test/_fedora_33.Dockerfile
@@ -12,5 +12,6 @@ RUN true && \
     chmod +x $SCRIPTDIR/*
 
 ENV PH_TEST true
+ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
 
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
diff --git a/test/_ubuntu_16.Dockerfile b/test/_ubuntu_16.Dockerfile
index a92bc6f6..e572efd1 100644
--- a/test/_ubuntu_16.Dockerfile
+++ b/test/_ubuntu_16.Dockerfile
@@ -12,5 +12,6 @@ RUN true && \
     chmod +x $SCRIPTDIR/*
 
 ENV PH_TEST true
+ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
 
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
\ No newline at end of file
diff --git a/test/_ubuntu_18.Dockerfile b/test/_ubuntu_18.Dockerfile
index 2f63ea89..592c5c3f 100644
--- a/test/_ubuntu_18.Dockerfile
+++ b/test/_ubuntu_18.Dockerfile
@@ -12,5 +12,6 @@ RUN true && \
     chmod +x $SCRIPTDIR/*
 
 ENV PH_TEST true
+ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
 
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
diff --git a/test/_ubuntu_20.Dockerfile b/test/_ubuntu_20.Dockerfile
index caa6261f..80e2e007 100644
--- a/test/_ubuntu_20.Dockerfile
+++ b/test/_ubuntu_20.Dockerfile
@@ -13,5 +13,6 @@ RUN true && \
     chmod +x $SCRIPTDIR/*
 
 ENV PH_TEST true
+ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
 
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \

From a9b5fcd9230ff1f15ed85cfb92512c94d42e3301 Mon Sep 17 00:00:00 2001
From: Daniel <daniel@developerdan.com>
Date: Thu, 15 Jul 2021 13:48:18 +0000
Subject: [PATCH 241/297] Add Ubuntu 21 to supportedos.txt, and github actions
 tests

Signed-off-by: Daniel <daniel@developerdan.com>
---
 .github/workflows/test.yml | 2 +-
 supportedos.txt            | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index a6fd1acc..129caea4 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -10,7 +10,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        distro: [debian_9, debian_10, debian_11, ubuntu_16, ubuntu_18, ubuntu_20, centos_7, centos_8, fedora_32, fedora_33]
+        distro: [debian_9, debian_10, debian_11, ubuntu_16, ubuntu_18, ubuntu_20, ubuntu_21, centos_7, centos_8, fedora_32, fedora_33]
     env:
       DISTRO: ${{matrix.distro}}
     steps:
diff --git a/supportedos.txt b/supportedos.txt
index c9332deb..1726cc93 100644
--- a/supportedos.txt
+++ b/supportedos.txt
@@ -1,5 +1,5 @@
 Raspbian=9,10
-Ubuntu=16,18,20
+Ubuntu=16,18,20,21
 Debian=9,10,11
 Fedora=32,33
 CentOS=7,8

From 9beb3a9b6c2d1e7c9a57278df538409afe1ee8aa Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Fri, 16 Jul 2021 09:17:23 +0100
Subject: [PATCH 242/297] Delete supportedos.txt - it is not actually used
 anywhere can can cause confusion

---
 supportedos.txt | 5 -----
 1 file changed, 5 deletions(-)
 delete mode 100644 supportedos.txt

diff --git a/supportedos.txt b/supportedos.txt
deleted file mode 100644
index 1726cc93..00000000
--- a/supportedos.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-Raspbian=9,10
-Ubuntu=16,18,20,21
-Debian=9,10,11
-Fedora=32,33
-CentOS=7,8

From 6be647a85f56028d9548467a86df1c2cc5ff24d0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Fri, 16 Jul 2021 21:52:12 +0200
Subject: [PATCH 243/297] Fix coloring of pihole -t
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 pihole | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pihole b/pihole
index 126a4b86..470c9dc7 100755
--- a/pihole
+++ b/pihole
@@ -369,7 +369,7 @@ tailFunc() {
   # Color everything else as gray
   tail -f /var/log/pihole.log | grep --line-buffered "${1}" | sed -E \
     -e "s,($(date +'%b %d ')| dnsmasq\[[0-9]*\]),,g" \
-    -e "s,(.*(blacklisted |gravity blocked ).* is (0.0.0.0|::|NXDOMAIN).*),${COL_RED}&${COL_NC}," \
+    -e "s,(.*(blacklisted |gravity blocked ).*),${COL_RED}&${COL_NC}," \
     -e "s,.*(query\\[A|DHCP).*,${COL_NC}&${COL_NC}," \
     -e "s,.*,${COL_GRAY}&${COL_NC},"
   exit 0

From 092e533a30dcdef6716b975bb4587f052e7ec6ed Mon Sep 17 00:00:00 2001
From: Kenneth Chew <kenneth.c0@protonmail.com>
Date: Sun, 18 Jul 2021 14:31:37 -0400
Subject: [PATCH 244/297] Add `-t` option to Admin Console help dialog

Signed-off-by: Kenneth Chew <kenneth.c0@protonmail.com>
---
 advanced/Scripts/webpage.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index 9f07b120..744416e7 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -44,7 +44,8 @@ Options:
   -e, email           Set an administrative contact address for the Block Page
   -h, --help          Show this help dialog
   -i, interface       Specify dnsmasq's interface listening behavior
-  -l, privacylevel    Set privacy level (0 = lowest, 3 = highest)"
+  -l, privacylevel    Set privacy level (0 = lowest, 3 = highest)
+  -t, teleporter      Backup configuration as an archive"
     exit 0
 }
 

From 57c40cbd09b461882eac4dac63f8ce816e343f1f Mon Sep 17 00:00:00 2001
From: MichaIng <micha@dietpi.com>
Date: Fri, 23 Jul 2021 20:43:13 +0200
Subject: [PATCH 245/297] Update pihole-FTL.service

Make this script a bourne shell script, which requires the removal of only a single bashism, the "{n..m}" expansion. Furthermore, since POSIX echo has no reliable command line options, switch to printf when line breaks shall be omitted. On most distros/setups "sh" calls a much lighter bourne shell like dash, which inits and runs much faster than bash.

Remove unused PIDFILE variable, remove the single case of FTLUSER call and remove it as well. Using variables here might give the wrong impression that there is a change these can be varied. But both are hardcoded in many places throughout Pi-hole, so in this service script.

Consolidate and merge the commands to pre-create and set permissions for required files and directories. The /var/log/pihole directory is and was never used, the touch, chmod and chown call can be merged into one each to reduce overhead. Use "-f" option to to fail on missing database files instead of redirecting STDERR, which is otherwise helpful to debug other possible errors, like missing or corrupted commands, filesystem errors and such.

Do not use "which pihole-FTL" when setting capabilities when the hardcoded path /usr/bin/pihole-FTL is used for the actual daemon call. It makes sense to use the full path here, as the Pi-hole installer and updater installs it explicitly there, and so we prevent users from e.g. overriding it via /usr/local/bin/pihole-FTL too easily.

On pgrep and pkill calls, add the "-x" flag to assure that only "pihole-FTL" is matched and not "foo-pihole-FTL" or "pihole-FTL-bar".

Do not remove possible leftovers from previous pihole-FTL processes on start, but on stop instead. Since "start" includes a proceeding "stop" as well, on service start nothing changes, but on service stop, some resources are now freed.

Remove leading "$" from usage message. In bash this was omitted, as $'...' is a special syntax for escape sequence expansion, which is not applicable here. In dash it would be printed literally. To keep previous behaviour, it is hence removed.

Signed-off-by: MichaIng <micha@dietpi.com>
---
 advanced/Templates/pihole-FTL.service | 44 +++++++++++----------------
 1 file changed, 17 insertions(+), 27 deletions(-)

diff --git a/advanced/Templates/pihole-FTL.service b/advanced/Templates/pihole-FTL.service
index f0743b49..76ad697a 100644
--- a/advanced/Templates/pihole-FTL.service
+++ b/advanced/Templates/pihole-FTL.service
@@ -1,4 +1,4 @@
-#!/usr/bin/env bash
+#!/usr/bin/env sh
 ### BEGIN INIT INFO
 # Provides:          pihole-FTL
 # Required-Start:    $remote_fs $syslog $network
@@ -9,11 +9,8 @@
 # Description:       Enable service provided by pihole-FTL daemon
 ### END INIT INFO
 
-FTLUSER=pihole
-PIDFILE=/run/pihole-FTL.pid
-
 is_running() {
-    pgrep -o "pihole-FTL" > /dev/null 2>&1
+  pgrep -xo "pihole-FTL" > /dev/null
 }
 
 
@@ -23,27 +20,18 @@ start() {
     echo "pihole-FTL is already running"
   else
     # Touch files to ensure they exist (create if non-existing, preserve if existing)
-    touch /var/log/pihole-FTL.log /var/log/pihole.log
-    touch /run/pihole-FTL.pid /run/pihole-FTL.port
-    touch /etc/pihole/dhcp.leases
-    mkdir -p /run/pihole
-    mkdir -p /var/log/pihole
-    chown pihole:pihole /run/pihole /var/log/pihole
-    # Remove possible leftovers from previous pihole-FTL processes
-    rm -f /dev/shm/FTL-* 2> /dev/null
-    rm /run/pihole/FTL.sock 2> /dev/null
+    mkdir -pm 0755 /run/pihole
+    touch /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases
     # Ensure that permissions are set so that pihole-FTL can edit all necessary files
-    chown pihole:pihole /run/pihole-FTL.pid /run/pihole-FTL.port
-    chown pihole:pihole /etc/pihole /etc/pihole/dhcp.leases 2> /dev/null
-    chown pihole:pihole /var/log/pihole-FTL.log /var/log/pihole.log
-    chmod 0644 /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole.log
+    chown pihole:pihole /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases /run/pihole /etc/pihole
+    chmod 0644 /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases
     # Chown database files to the user FTL runs as. We ignore errors as the files may not (yet) exist
-    chown pihole:pihole /etc/pihole/pihole-FTL.db /etc/pihole/gravity.db 2> /dev/null
-    if setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN,CAP_SYS_NICE+eip "$(which pihole-FTL)"; then
-      su -s /bin/sh -c "/usr/bin/pihole-FTL" "$FTLUSER"
+    chown -f pihole:pihole /etc/pihole/pihole-FTL.db /etc/pihole/gravity.db
+    if setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN,CAP_SYS_NICE+eip "/usr/bin/pihole-FTL"; then
+      su -s /bin/sh -c "/usr/bin/pihole-FTL" pihole
     else
       echo "Warning: Starting pihole-FTL as root because setting capabilities is not supported on this system"
-      pihole-FTL
+      /usr/bin/pihole-FTL
     fi
     echo
   fi
@@ -52,20 +40,20 @@ start() {
 # Stop the service
 stop() {
   if is_running; then
-    pkill -o pihole-FTL
-    for i in {1..5}; do
+    pkill -xo "pihole-FTL"
+    for i in 1 2 3 4 5; do
       if ! is_running; then
         break
       fi
 
-      echo -n "."
+      printf "."
       sleep 1
     done
     echo
 
     if is_running; then
       echo "Not stopped; may still be shutting down or shutdown may have failed, killing now"
-      pkill -o -9 pihole-FTL
+      pkill -xo -9 "pihole-FTL"
       exit 1
     else
       echo "Stopped"
@@ -73,6 +61,8 @@ stop() {
   else
     echo "Not running"
   fi
+  # Cleanup
+  rm -f /run/pihole/FTL.sock /dev/shm/FTL-*
   echo
 }
 
@@ -101,7 +91,7 @@ case "$1" in
         start
         ;;
   *)
-        echo $"Usage: $0 {start|stop|restart|reload|status}"
+        echo "Usage: $0 {start|stop|restart|reload|status}"
         exit 1
 esac
 

From b1ea60484ef5156900aa274b889a2deef430b592 Mon Sep 17 00:00:00 2001
From: Dan Schaper <dan.schaper@pi-hole.net>
Date: Mon, 26 Jul 2021 13:22:26 -0700
Subject: [PATCH 246/297] Guard for logrotate func non-zero return

Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
---
 automated install/basic-install.sh | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 4212159e..4ce3003b 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -2043,7 +2043,10 @@ installPihole() {
     # Install the cron file
     installCron
     # Install the logrotate file
-    installLogrotate
+    if ! installLogrotate; then
+        printf "  %b Failure in logrotate installation function.\\n" "${CROSS}"
+        # This isn't fatal, no need to exit.    
+    fi
     # Check if dnsmasq is present. If so, disable it and back up any possible
     # config file
     disable_dnsmasq

From 0c125eba2cc3cd097f93965f9084c8bf88649a4f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Tue, 27 Jul 2021 22:04:30 +0200
Subject: [PATCH 247/297] Make output of SHM dir human readable
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 advanced/Scripts/piholeDebug.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 8ea640c2..4c75f246 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -1109,7 +1109,7 @@ list_files_in_dir() {
             :
         elif [[ "${dir_to_parse}" == "${SHM_DIRECTORY}" ]]; then
             # SHM file - we do not want to see the content, but we want to see the files and their sizes
-            log_write "$(ls -ld "${dir_to_parse}"/"${each_file}")"
+            log_write "$(ls -lhd "${dir_to_parse}"/"${each_file}")"
         else
             # Then, parse the file's content into an array so each line can be analyzed if need be
             for i in "${!REQUIRED_FILES[@]}"; do

From fbfec961d5e9a47ffd2100e2f9647eabd7784421 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Wed, 28 Jul 2021 21:16:19 +0200
Subject: [PATCH 248/297] Remove comparison of IP addresses with setupVars.conf

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/piholeDebug.sh | 42 +--------------------------------
 1 file changed, 1 insertion(+), 41 deletions(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index f0a22b6d..895747b1 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -605,38 +605,6 @@ parse_locale() {
     parse_file "${pihole_locale}"
 }
 
-does_ip_match_setup_vars() {
-    # Check for IPv4 or 6
-    local protocol="${1}"
-    # IP address to check for
-    local ip_address="${2}"
-    # See what IP is in the setupVars.conf file
-    local setup_vars_ip
-    setup_vars_ip=$(< ${PIHOLE_SETUP_VARS_FILE} grep IPV"${protocol}"_ADDRESS | cut -d '=' -f2)
-    # If it's an IPv6 address
-    if [[ "${protocol}" == "6" ]]; then
-        # Strip off the / (CIDR notation)
-        if [[ "${ip_address%/*}" == "${setup_vars_ip%/*}" ]]; then
-            # if it matches, show it in green
-            log_write "   ${COL_GREEN}${ip_address%/*}${COL_NC} matches the IP found in ${PIHOLE_SETUP_VARS_FILE}"
-        else
-            # otherwise show it in red with an FAQ URL
-            log_write "   ${COL_RED}${ip_address%/*}${COL_NC} does not match the IP found in ${PIHOLE_SETUP_VARS_FILE} (${FAQ_ULA})"
-        fi
-
-    else
-        # if the protocol isn't 6, it's 4 so no need to strip the CIDR notation
-        # since it exists in the setupVars.conf that way
-        if [[ "${ip_address}" == "${setup_vars_ip}" ]]; then
-            # show in green if it matches
-            log_write "   ${COL_GREEN}${ip_address}${COL_NC} matches the IP found in ${PIHOLE_SETUP_VARS_FILE}"
-        else
-            # otherwise show it in red
-            log_write "   ${COL_RED}${ip_address}${COL_NC} does not match the IP found in ${PIHOLE_SETUP_VARS_FILE} (${FAQ_ULA})"
-        fi
-    fi
-}
-
 detect_ip_addresses() {
     # First argument should be a 4 or a 6
     local protocol=${1}
@@ -653,8 +621,7 @@ detect_ip_addresses() {
         log_write "${TICK} IPv${protocol} address(es) bound to the ${PIHOLE_INTERFACE} interface:"
         # Since there may be more than one IP address, store them in an array
         for i in "${!ip_addr_list[@]}"; do
-            # For each one in the list, print it out
-            does_ip_match_setup_vars "${protocol}" "${ip_addr_list[$i]}"
+            log_write "    ${ip_addr_list[$i]}"
         done
         # Print a blank line just for formatting
         log_write ""
@@ -663,13 +630,6 @@ detect_ip_addresses() {
         log_write "${CROSS} ${COL_RED}No IPv${protocol} address(es) found on the ${PIHOLE_INTERFACE}${COL_NC} interface.\\n"
         return 1
     fi
-    # If the protocol is v6
-    if [[ "${protocol}" == "6" ]]; then
-        # let the user know that as long as there is one green address, things should be ok
-        log_write "   ^ Please note that you may have more than one IP address listed."
-        log_write "   As long as one of them is green, and it matches what is in ${PIHOLE_SETUP_VARS_FILE}, there is no need for concern.\\n"
-        log_write "   The link to the FAQ is for an issue that sometimes occurs when the IPv6 address changes, which is why we check for it.\\n"
-    fi
 }
 
 ping_ipv4_or_ipv6() {

From d0eb0d50376358eed7d34579fcfa32a89fc0d1ec Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Wed, 28 Jul 2021 21:18:02 +0200
Subject: [PATCH 249/297] Remove extra failure display when installation of
 logrotate file is skipped because the file already exists

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 automated install/basic-install.sh | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 4ce3003b..96d0b693 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -2042,11 +2042,10 @@ installPihole() {
     fi
     # Install the cron file
     installCron
+
     # Install the logrotate file
-    if ! installLogrotate; then
-        printf "  %b Failure in logrotate installation function.\\n" "${CROSS}"
-        # This isn't fatal, no need to exit.    
-    fi
+    installLogrotate || true
+
     # Check if dnsmasq is present. If so, disable it and back up any possible
     # config file
     disable_dnsmasq

From d02aa3ced18094e33705b7b3e0d748ec10548791 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Wed, 28 Jul 2021 21:38:36 +0200
Subject: [PATCH 250/297] Fix error on checking interfaces that are not
 dual-stack

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/piholeDebug.sh | 24 ++++++++++++++----------
 1 file changed, 14 insertions(+), 10 deletions(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 4c75f246..837e1778 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -922,16 +922,20 @@ dig_at() {
         #     s/\/.*$//g;
         #          Removes CIDR and everything thereafter (e.g., scope properties)
         addresses="$(ip address show dev "${iface}" | sed "/${sed_selector} /!d;s/^.*${sed_selector} //g;s/\/.*$//g;")"
-        while IFS= read -r local_address ; do
-            # Check if Pi-hole can use itself to block a domain
-            if local_dig=$(dig +tries=1 +time=2 -"${protocol}" "${random_url}" @"${local_address}" +short "${record_type}"); then
-                # If it can, show success
-                log_write "${TICK} ${random_url} ${COL_GREEN}is ${local_dig}${COL_NC} on ${COL_CYAN}${iface}${COL_NC} (${COL_CYAN}${local_address}${COL_NC})"
-            else
-                # Otherwise, show a failure
-                log_write "${CROSS} ${COL_RED}Failed to resolve${COL_NC} ${random_url} on ${COL_RED}${iface}${COL_NC} (${COL_RED}${local_address}${COL_NC})"
-            fi
-        done <<< "${addresses}"
+        if [ -n "${addresses}" ]; then
+          while IFS= read -r local_address ; do
+              # Check if Pi-hole can use itself to block a domain
+              if local_dig=$(dig +tries=1 +time=2 -"${protocol}" "${random_url}" @"${local_address}" +short "${record_type}"); then
+                  # If it can, show success
+                  log_write "${TICK} ${random_url} ${COL_GREEN}is ${local_dig}${COL_NC} on ${COL_CYAN}${iface}${COL_NC} (${COL_CYAN}${local_address}${COL_NC})"
+              else
+                  # Otherwise, show a failure
+                  log_write "${CROSS} ${COL_RED}Failed to resolve${COL_NC} ${random_url} on ${COL_RED}${iface}${COL_NC} (${COL_RED}${local_address}${COL_NC})"
+              fi
+          done <<< "${addresses}"
+        else
+          log_write "${TICK} No IPv${protocol} address available on ${COL_CYAN}${iface}${COL_NC}"
+        fi
     done <<< "${interfaces}"
 
     # Finally, we need to make sure legitimate queries can out to the Internet using an external, public DNS server

From f552173be37d5ce1d58b31fa1ef7a0f4824a85f8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Wed, 28 Jul 2021 22:51:04 +0200
Subject: [PATCH 251/297] Resolve merge conflict
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 advanced/Scripts/piholeDebug.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 4c75f246..3e31a097 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -1110,6 +1110,10 @@ list_files_in_dir() {
         elif [[ "${dir_to_parse}" == "${SHM_DIRECTORY}" ]]; then
             # SHM file - we do not want to see the content, but we want to see the files and their sizes
             log_write "$(ls -lhd "${dir_to_parse}"/"${each_file}")"
+        elif [[ "${dir_to_parse}" == "${DNSMASQ_D_DIRECTORY}" ]]; then
+            # in case of the dnsmasq directory inlcuede all files in the debug output
+            log_write "\\n${COL_GREEN}$(ls -ld "${dir_to_parse}"/"${each_file}")${COL_NC}"
+            make_array_from_file "${dir_to_parse}/${each_file}"
         else
             # Then, parse the file's content into an array so each line can be analyzed if need be
             for i in "${!REQUIRED_FILES[@]}"; do

From c99c86af7f161910f16eb98b2fef6b3f580dc8b0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Wed, 28 Jul 2021 22:53:30 +0200
Subject: [PATCH 252/297] Make all dir list output human readable
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 advanced/Scripts/piholeDebug.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 3e31a097..c222491d 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -1112,14 +1112,14 @@ list_files_in_dir() {
             log_write "$(ls -lhd "${dir_to_parse}"/"${each_file}")"
         elif [[ "${dir_to_parse}" == "${DNSMASQ_D_DIRECTORY}" ]]; then
             # in case of the dnsmasq directory inlcuede all files in the debug output
-            log_write "\\n${COL_GREEN}$(ls -ld "${dir_to_parse}"/"${each_file}")${COL_NC}"
+            log_write "\\n${COL_GREEN}$(ls -lhd "${dir_to_parse}"/"${each_file}")${COL_NC}"
             make_array_from_file "${dir_to_parse}/${each_file}"
         else
             # Then, parse the file's content into an array so each line can be analyzed if need be
             for i in "${!REQUIRED_FILES[@]}"; do
                 if [[ "${dir_to_parse}/${each_file}" == "${REQUIRED_FILES[$i]}" ]]; then
                     # display the filename
-                    log_write "\\n${COL_GREEN}$(ls -ld "${dir_to_parse}"/"${each_file}")${COL_NC}"
+                    log_write "\\n${COL_GREEN}$(ls -lhd "${dir_to_parse}"/"${each_file}")${COL_NC}"
                     # Check if the file we want to view has a limit (because sometimes we just need a little bit of info from the file, not the entire thing)
                     case "${dir_to_parse}/${each_file}" in
                         # If it's Web server error log, give the first and last 25 lines

From b05fc5bb2b39a38c0dfef45c03db2b9a24205063 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Wed, 28 Jul 2021 23:01:18 +0200
Subject: [PATCH 253/297] Remove specific dnsmasq config files from requiered
 files
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 advanced/Scripts/piholeDebug.sh | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index c222491d..d3fc4fec 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -165,9 +165,6 @@ PIHOLE_PROCESSES=( "lighttpd" "pihole-FTL" )
 
 # Store the required directories in an array so it can be parsed through
 REQUIRED_FILES=("${PIHOLE_CRON_FILE}"
-"${PIHOLE_DNS_CONFIG_FILE}"
-"${PIHOLE_DHCP_CONFIG_FILE}"
-"${PIHOLE_WILDCARD_CONFIG_FILE}"
 "${WEB_SERVER_CONFIG_FILE}"
 "${WEB_SERVER_CUSTOM_CONFIG_FILE}"
 "${PIHOLE_INSTALL_LOG_FILE}"

From aa2da807686b153818da5f825bfbab88c96945a4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Wed, 28 Jul 2021 23:06:01 +0200
Subject: [PATCH 254/297] Remove traces of unused files
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 advanced/Scripts/piholeDebug.sh | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index d3fc4fec..3bd86a29 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -83,10 +83,6 @@ SHM_DIRECTORY="/dev/shm"
 # https://discourse.pi-hole.net/t/what-files-does-pi-hole-use/1684
 PIHOLE_CRON_FILE="${CRON_D_DIRECTORY}/pihole"
 
-PIHOLE_DNS_CONFIG_FILE="${DNSMASQ_D_DIRECTORY}/01-pihole.conf"
-PIHOLE_DHCP_CONFIG_FILE="${DNSMASQ_D_DIRECTORY}/02-pihole-dhcp.conf"
-PIHOLE_WILDCARD_CONFIG_FILE="${DNSMASQ_D_DIRECTORY}/03-wildcard.conf"
-
 WEB_SERVER_CONFIG_FILE="${WEB_SERVER_CONFIG_DIRECTORY}/lighttpd.conf"
 WEB_SERVER_CUSTOM_CONFIG_FILE="${WEB_SERVER_CONFIG_DIRECTORY}/external.conf"
 

From d2c75a33d5c0fc4e75b466533a1e3f0a7c68498f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Wed, 4 Aug 2021 20:13:41 +0200
Subject: [PATCH 255/297] Increase width of ID column in adlist and domain
 table in debug script
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 advanced/Scripts/piholeDebug.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 837e1778..e9b4be76 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -1258,11 +1258,11 @@ show_groups() {
 }
 
 show_adlists() {
-    show_db_entries "Adlists" "SELECT id,CASE enabled WHEN '0' THEN '   0' WHEN '1' THEN '      1' ELSE enabled END enabled,GROUP_CONCAT(adlist_by_group.group_id) group_ids,address,datetime(date_added,'unixepoch','localtime') date_added,datetime(date_modified,'unixepoch','localtime') date_modified,comment FROM adlist LEFT JOIN adlist_by_group ON adlist.id = adlist_by_group.adlist_id GROUP BY id;" "4 7 12 100 19 19 50"
+    show_db_entries "Adlists" "SELECT id,CASE enabled WHEN '0' THEN '   0' WHEN '1' THEN '      1' ELSE enabled END enabled,GROUP_CONCAT(adlist_by_group.group_id) group_ids,address,datetime(date_added,'unixepoch','localtime') date_added,datetime(date_modified,'unixepoch','localtime') date_modified,comment FROM adlist LEFT JOIN adlist_by_group ON adlist.id = adlist_by_group.adlist_id GROUP BY id;" "5 7 12 100 19 19 50"
 }
 
 show_domainlist() {
-    show_db_entries "Domainlist (0/1 = exact white-/blacklist, 2/3 = regex white-/blacklist)" "SELECT id,CASE type WHEN '0' THEN '0   ' WHEN '1' THEN ' 1  ' WHEN '2' THEN '  2 ' WHEN '3' THEN '   3' ELSE type END type,CASE enabled WHEN '0' THEN '   0' WHEN '1' THEN '      1' ELSE enabled END enabled,GROUP_CONCAT(domainlist_by_group.group_id) group_ids,domain,datetime(date_added,'unixepoch','localtime') date_added,datetime(date_modified,'unixepoch','localtime') date_modified,comment FROM domainlist LEFT JOIN domainlist_by_group ON domainlist.id = domainlist_by_group.domainlist_id GROUP BY id;" "4 4 7 12 100 19 19 50"
+    show_db_entries "Domainlist (0/1 = exact white-/blacklist, 2/3 = regex white-/blacklist)" "SELECT id,CASE type WHEN '0' THEN '0   ' WHEN '1' THEN ' 1  ' WHEN '2' THEN '  2 ' WHEN '3' THEN '   3' ELSE type END type,CASE enabled WHEN '0' THEN '   0' WHEN '1' THEN '      1' ELSE enabled END enabled,GROUP_CONCAT(domainlist_by_group.group_id) group_ids,domain,datetime(date_added,'unixepoch','localtime') date_added,datetime(date_modified,'unixepoch','localtime') date_modified,comment FROM domainlist LEFT JOIN domainlist_by_group ON domainlist.id = domainlist_by_group.domainlist_id GROUP BY id;" "5 4 7 12 100 19 19 50"
 }
 
 show_clients() {

From 075b3f64682d9025370ae696d3ec4534d9ee07cd Mon Sep 17 00:00:00 2001
From: Dan Schaper <dan.schaper@pi-hole.net>
Date: Wed, 4 Aug 2021 20:57:09 -0700
Subject: [PATCH 256/297] Remove ports, nc option and fix wording.

Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
---
 advanced/Scripts/piholeDebug.sh | 42 ++++++++++-----------------------
 1 file changed, 13 insertions(+), 29 deletions(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 8ea640c2..55c5739e 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -56,11 +56,6 @@ FAQ_BAD_ADDRESS="${COL_CYAN}https://discourse.pi-hole.net/t/why-do-i-see-bad-add
 
 # Other URLs we may use
 FORUMS_URL="${COL_CYAN}https://discourse.pi-hole.net${COL_NC}"
-TRICORDER_CONTEST="${COL_CYAN}https://pi-hole.net/2016/11/07/crack-our-medical-tricorder-win-a-raspberry-pi-3/${COL_NC}"
-
-# Port numbers used for uploading the debug log
-TRICORDER_NC_PORT_NUMBER=9999
-TRICORDER_SSL_PORT_NUMBER=9998
 
 # Directories required by Pi-hole
 # https://discourse.pi-hole.net/t/what-files-does-pi-hole-use/1684
@@ -1366,25 +1361,14 @@ analyze_pihole_log() {
   IFS="$OLD_IFS"
 }
 
-tricorder_use_nc_or_curl() {
-    # Users can submit their debug logs using nc (unencrypted) or curl (encrypted) if available
-    # Check for curl first since encryption is a good thing
-    if command -v curl &> /dev/null; then
-        # If the command exists,
-        log_write "    * Using ${COL_GREEN}curl${COL_NC} for transmission."
-        # transmit he log via TLS and store the token returned in a variable
-        tricorder_token=$(curl --silent --upload-file ${PIHOLE_DEBUG_LOG} https://tricorder.pi-hole.net:${TRICORDER_SSL_PORT_NUMBER})
-        if [ -z "${tricorder_token}" ]; then
-         # curl failed, fallback to nc
-         log_write "    * ${COL_GREEN}curl${COL_NC} failed, falling back to ${COL_YELLOW}netcat${COL_NC} for transmission."
-         tricorder_token=$(< ${PIHOLE_DEBUG_LOG} nc tricorder.pi-hole.net ${TRICORDER_NC_PORT_NUMBER})
-        fi
-    # Otherwise,
-    else
-        # use net cat
-        log_write "${INFO} Using ${COL_YELLOW}netcat${COL_NC} for transmission."
-        # Save the token returned by our server in a variable
-        tricorder_token=$(< ${PIHOLE_DEBUG_LOG} nc tricorder.pi-hole.net ${TRICORDER_NC_PORT_NUMBER})
+curl_to_tricorder() {
+    # Users can submit their debug logs using curl (encrypted)
+    log_write "    * Using ${COL_GREEN}curl${COL_NC} for transmission."
+    # transmit he log via TLS and store the token returned in a variable
+    tricorder_token=$(curl --silent --upload-file ${PIHOLE_DEBUG_LOG} https://tricorder.pi-hole.net)
+    if [ -z "${tricorder_token}" ]; then
+        # curl failed, fallback to nc
+        log_write "    * ${COL_GREEN}curl${COL_NC} failed, contact Pi-hole support for assistance."
     fi
 }
 
@@ -1403,14 +1387,13 @@ upload_to_tricorder() {
 
     # Provide information on what they should do with their token
     log_write "    * The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only."
-    log_write "    * For more information, see: ${TRICORDER_CONTEST}"
-    log_write "    * If available, we'll use openssl to upload the log, otherwise it will fall back to netcat."
+
     # If pihole -d is running automatically (usually through the dashboard)
     if [[ "${AUTOMATED}" ]]; then
         # let the user know
         log_write "${INFO} Debug script running in automated mode"
         # and then decide again which tool to use to submit it
-        tricorder_use_nc_or_curl
+        curl_to_tricorder
         # If we're not running in automated mode,
     else
         echo ""
@@ -1419,7 +1402,7 @@ upload_to_tricorder() {
         read -r -p "[?] Would you like to upload the log? [y/N] " response
         case ${response} in
             # If they say yes, run our function for uploading the log
-            [yY][eE][sS]|[yY]) tricorder_use_nc_or_curl;;
+            [yY][eE][sS]|[yY]) curl_to_tricorder;;
             # If they choose no, just exit out of the script
             *) log_write "    * Log will ${COL_GREEN}NOT${COL_NC} be uploaded to tricorder.\\n    * A local copy of the debug log can be found at: ${COL_CYAN}${PIHOLE_DEBUG_LOG}${COL_NC}\\n";exit;
         esac
@@ -1433,12 +1416,13 @@ upload_to_tricorder() {
         log_write "${COL_PURPLE}***********************************${COL_NC}"
         log_write "${COL_PURPLE}***********************************${COL_NC}"
         log_write "${TICK} Your debug token is: ${COL_GREEN}${tricorder_token}${COL_NC}"
+        log_write "${INFO}${COL_RED} Logs are deleted 48 hours after upload.${COL_NC}"
         log_write "${COL_PURPLE}***********************************${COL_NC}"
         log_write "${COL_PURPLE}***********************************${COL_NC}"
         log_write ""
         log_write "   * Provide the token above to the Pi-hole team for assistance at"
         log_write "   * ${FORUMS_URL}"
-        log_write "   * Your log will self-destruct on our server after ${COL_RED}48 hours${COL_NC}."
+
     # If no token was generated
     else
         # Show an error and some help instructions

From 1358209a9ae75eb09fefdd9d5032c914c7f9a4d3 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Tue, 3 Aug 2021 21:48:26 +0100
Subject: [PATCH 257/297] rename distro_check to package_manager_detect, as it
 is more in keeping with what the function actually does

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 automated install/basic-install.sh |  6 ++---
 automated install/uninstall.sh     |  6 ++---
 test/test_automated_install.py     | 24 +++++++++----------
 test/test_centos_7_support.py      | 22 ++++++++---------
 test/test_centos_8_support.py      | 22 ++++++++---------
 test/test_centos_common_support.py | 38 +++++++++++++++---------------
 test/test_fedora_support.py        |  6 ++---
 7 files changed, 62 insertions(+), 62 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 96d0b693..0d674b2f 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -276,7 +276,7 @@ os_check() {
 }
 
 # Compatibility
-distro_check() {
+package_manager_detect() {
 # If apt-get is installed, then we know it's part of the Debian family
 if is_command apt-get ; then
     # Set some global variables here
@@ -1950,7 +1950,7 @@ installLogrotate() {
     if [[ -f ${target} ]]; then
         printf "\\n\\t%b Existing logrotate file found. No changes made.\\n" "${INFO}"
         # Return value isn't that important, using 2 to indicate that it's not a fatal error but
-        # the function did not complete. 
+        # the function did not complete.
         return 2
     fi
     # Copy the file over from the local repo
@@ -2643,7 +2643,7 @@ main() {
     fi
 
     # Check for supported distribution
-    distro_check
+    package_manager_detect
 
     # If the setup variable file exists,
     if [[ -f "${setupVars}" ]]; then
diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh
index 543ca07a..0f4c4ca6 100755
--- a/automated install/uninstall.sh	
+++ b/automated install/uninstall.sh	
@@ -42,8 +42,8 @@ source "${PI_HOLE_FILES_DIR}/automated install/basic-install.sh"
 # setupVars set in basic-install.sh
 source "${setupVars}"
 
-# distro_check() sourced from basic-install.sh
-distro_check
+# package_manager_detect() sourced from basic-install.sh
+package_manager_detect
 
 # Install packages used by the Pi-hole
 DEPS=("${INSTALLER_DEPS[@]}" "${PIHOLE_DEPS[@]}")
@@ -113,7 +113,7 @@ removeNoPurge() {
         fi
     fi
     echo -e "${OVER}  ${TICK} Removed Web Interface"
- 
+
     # Attempt to preserve backwards compatibility with older versions
     # to guarantee no additional changes were made to /etc/crontab after
     # the installation of pihole, /etc/crontab.pihole should be permanently
diff --git a/test/test_automated_install.py b/test/test_automated_install.py
index b3078f5a..21468cd7 100644
--- a/test/test_automated_install.py
+++ b/test/test_automated_install.py
@@ -18,13 +18,13 @@ def test_supported_operating_system(Pihole):
     # break supported package managers to emulate an unsupported distribution
     Pihole.run('rm -rf /usr/bin/apt-get')
     Pihole.run('rm -rf /usr/bin/rpm')
-    distro_check = Pihole.run('''
+    package_manager_detect = Pihole.run('''
     source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
     ''')
     expected_stdout = cross_box + ' OS distribution not supported'
-    assert expected_stdout in distro_check.stdout
-    # assert distro_check.rc == 1
+    assert expected_stdout in package_manager_detect.stdout
+    # assert package_manager_detect.rc == 1
 
 
 def test_setupVars_are_sourced_to_global_scope(Pihole):
@@ -135,7 +135,7 @@ def test_update_package_cache_success_no_errors(Pihole):
     '''
     updateCache = Pihole.run('''
     source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
     update_package_cache
     ''')
     expected_stdout = tick_box + ' Update local cache of available packages'
@@ -150,7 +150,7 @@ def test_update_package_cache_failure_no_errors(Pihole):
     mock_command('apt-get', {'update': ('', '1')}, Pihole)
     updateCache = Pihole.run('''
     source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
     update_package_cache
     ''')
     expected_stdout = cross_box + ' Update local cache of available packages'
@@ -357,7 +357,7 @@ def test_FTL_download_aarch64_no_errors(Pihole):
     mock_command('whiptail', {'*': ('', '0')}, Pihole)
     Pihole.run('''
     source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
     install_dependent_packages ${INSTALLER_DEPS[@]}
     ''')
     download_binary = Pihole.run('''
@@ -567,7 +567,7 @@ def test_os_check_fails(Pihole):
     ''' Confirms install fails on unsupported OS '''
     Pihole.run('''
     source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
     install_dependent_packages ${INSTALLER_DEPS[@]}
     cat <<EOT > /etc/os-release
     ID=UnsupportedOS
@@ -586,7 +586,7 @@ def test_os_check_passes(Pihole):
     ''' Confirms OS meets the requirements '''
     Pihole.run('''
     source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
     install_dependent_packages ${INSTALLER_DEPS[@]}
     ''')
     detectOS = Pihole.run('''
@@ -602,7 +602,7 @@ def test_package_manager_has_installer_deps(Pihole):
     mock_command('whiptail', {'*': ('', '0')}, Pihole)
     output = Pihole.run('''
     source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
     install_dependent_packages ${INSTALLER_DEPS[@]}
     ''')
 
@@ -615,7 +615,7 @@ def test_package_manager_has_pihole_deps(Pihole):
     mock_command('whiptail', {'*': ('', '0')}, Pihole)
     output = Pihole.run('''
     source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
     install_dependent_packages ${PIHOLE_DEPS[@]}
     ''')
 
@@ -628,7 +628,7 @@ def test_package_manager_has_web_deps(Pihole):
     mock_command('whiptail', {'*': ('', '0')}, Pihole)
     output = Pihole.run('''
     source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
     install_dependent_packages ${PIHOLE_WEB_DEPS[@]}
     ''')
 
diff --git a/test/test_centos_7_support.py b/test/test_centos_7_support.py
index 2f744ab4..ed99231a 100644
--- a/test/test_centos_7_support.py
+++ b/test/test_centos_7_support.py
@@ -9,13 +9,13 @@ def test_php_upgrade_default_optout_centos_eq_7(Pihole):
     '''
     confirms the default behavior to opt-out of installing PHP7 from REMI
     '''
-    distro_check = Pihole.run('''
+    package_manager_detect = Pihole.run('''
     source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
     ''')
     expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
                                   'Deprecated PHP may be in use.')
-    assert expected_stdout in distro_check.stdout
+    assert expected_stdout in package_manager_detect.stdout
     remi_package = Pihole.package('remi-release')
     assert not remi_package.is_installed
 
@@ -27,13 +27,13 @@ def test_php_upgrade_user_optout_centos_eq_7(Pihole):
     '''
     # Whiptail dialog returns Cancel for user prompt
     mock_command('whiptail', {'*': ('', '1')}, Pihole)
-    distro_check = Pihole.run('''
+    package_manager_detect = Pihole.run('''
     source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
     ''')
     expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
                                   'Deprecated PHP may be in use.')
-    assert expected_stdout in distro_check.stdout
+    assert expected_stdout in package_manager_detect.stdout
     remi_package = Pihole.package('remi-release')
     assert not remi_package.is_installed
 
@@ -45,16 +45,16 @@ def test_php_upgrade_user_optin_centos_eq_7(Pihole):
     '''
     # Whiptail dialog returns Continue for user prompt
     mock_command('whiptail', {'*': ('', '0')}, Pihole)
-    distro_check = Pihole.run('''
+    package_manager_detect = Pihole.run('''
     source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
     ''')
-    assert 'opt-out' not in distro_check.stdout
+    assert 'opt-out' not in package_manager_detect.stdout
     expected_stdout = info_box + (' Enabling Remi\'s RPM repository '
                                   '(https://rpms.remirepo.net)')
-    assert expected_stdout in distro_check.stdout
+    assert expected_stdout in package_manager_detect.stdout
     expected_stdout = tick_box + (' Remi\'s RPM repository has '
                                   'been enabled for PHP7')
-    assert expected_stdout in distro_check.stdout
+    assert expected_stdout in package_manager_detect.stdout
     remi_package = Pihole.package('remi-release')
     assert remi_package.is_installed
diff --git a/test/test_centos_8_support.py b/test/test_centos_8_support.py
index d3e83658..b8ad9607 100644
--- a/test/test_centos_8_support.py
+++ b/test/test_centos_8_support.py
@@ -10,13 +10,13 @@ def test_php_upgrade_default_continue_centos_gte_8(Pihole):
     confirms the latest version of CentOS continues / does not optout
     (should trigger on CentOS7 only)
     '''
-    distro_check = Pihole.run('''
+    package_manager_detect = Pihole.run('''
     source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
     ''')
     unexpected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS.'
                                     ' Deprecated PHP may be in use.')
-    assert unexpected_stdout not in distro_check.stdout
+    assert unexpected_stdout not in package_manager_detect.stdout
     # ensure remi was not installed on latest CentOS
     remi_package = Pihole.package('remi-release')
     assert not remi_package.is_installed
@@ -30,13 +30,13 @@ def test_php_upgrade_user_optout_skipped_centos_gte_8(Pihole):
     '''
     # Whiptail dialog returns Cancel for user prompt
     mock_command('whiptail', {'*': ('', '1')}, Pihole)
-    distro_check = Pihole.run('''
+    package_manager_detect = Pihole.run('''
     source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
     ''')
     unexpected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS.'
                                     ' Deprecated PHP may be in use.')
-    assert unexpected_stdout not in distro_check.stdout
+    assert unexpected_stdout not in package_manager_detect.stdout
     # ensure remi was not installed on latest CentOS
     remi_package = Pihole.package('remi-release')
     assert not remi_package.is_installed
@@ -50,16 +50,16 @@ def test_php_upgrade_user_optin_skipped_centos_gte_8(Pihole):
     '''
     # Whiptail dialog returns Continue for user prompt
     mock_command('whiptail', {'*': ('', '0')}, Pihole)
-    distro_check = Pihole.run('''
+    package_manager_detect = Pihole.run('''
     source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
     ''')
-    assert 'opt-out' not in distro_check.stdout
+    assert 'opt-out' not in package_manager_detect.stdout
     unexpected_stdout = info_box + (' Enabling Remi\'s RPM repository '
                                     '(https://rpms.remirepo.net)')
-    assert unexpected_stdout not in distro_check.stdout
+    assert unexpected_stdout not in package_manager_detect.stdout
     unexpected_stdout = tick_box + (' Remi\'s RPM repository has '
                                     'been enabled for PHP7')
-    assert unexpected_stdout not in distro_check.stdout
+    assert unexpected_stdout not in package_manager_detect.stdout
     remi_package = Pihole.package('remi-release')
     assert not remi_package.is_installed
diff --git a/test/test_centos_common_support.py b/test/test_centos_common_support.py
index fdf43cba..8412173d 100644
--- a/test/test_centos_common_support.py
+++ b/test/test_centos_common_support.py
@@ -13,29 +13,29 @@ def test_release_supported_version_check_centos(Pihole):
     '''
     # modify /etc/redhat-release to mock an unsupported CentOS release
     Pihole.run('echo "CentOS Linux release 6.9" > /etc/redhat-release')
-    distro_check = Pihole.run('''
+    package_manager_detect = Pihole.run('''
     source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
     ''')
     expected_stdout = cross_box + (' CentOS 6 is not supported.')
-    assert expected_stdout in distro_check.stdout
+    assert expected_stdout in package_manager_detect.stdout
     expected_stdout = 'Please update to CentOS release 7 or later'
-    assert expected_stdout in distro_check.stdout
+    assert expected_stdout in package_manager_detect.stdout
 
 
 def test_enable_epel_repository_centos(Pihole):
     '''
     confirms the EPEL package repository is enabled when installed on CentOS
     '''
-    distro_check = Pihole.run('''
+    package_manager_detect = Pihole.run('''
     source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
     ''')
     expected_stdout = info_box + (' Enabling EPEL package repository '
                                   '(https://fedoraproject.org/wiki/EPEL)')
-    assert expected_stdout in distro_check.stdout
+    assert expected_stdout in package_manager_detect.stdout
     expected_stdout = tick_box + ' Installed epel-release'
-    assert expected_stdout in distro_check.stdout
+    assert expected_stdout in package_manager_detect.stdout
     epel_package = Pihole.package('epel-release')
     assert epel_package.is_installed
 
@@ -51,13 +51,13 @@ def test_php_version_lt_7_detected_upgrade_default_optout_centos(Pihole):
     default_centos_php_version = php_package.version.split('.')[0]
     if int(default_centos_php_version) >= 7:  # PHP7 is supported/recommended
         pytest.skip("Test deprecated . Detected default PHP version >= 7")
-    distro_check = Pihole.run('''
+    package_manager_detect = Pihole.run('''
     source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
     ''')
     expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
                                   'Deprecated PHP may be in use.')
-    assert expected_stdout in distro_check.stdout
+    assert expected_stdout in package_manager_detect.stdout
     remi_package = Pihole.package('remi-release')
     assert not remi_package.is_installed
 
@@ -75,13 +75,13 @@ def test_php_version_lt_7_detected_upgrade_user_optout_centos(Pihole):
         pytest.skip("Test deprecated . Detected default PHP version >= 7")
     # Whiptail dialog returns Cancel for user prompt
     mock_command('whiptail', {'*': ('', '1')}, Pihole)
-    distro_check = Pihole.run('''
+    package_manager_detect = Pihole.run('''
     source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
     ''')
     expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
                                   'Deprecated PHP may be in use.')
-    assert expected_stdout in distro_check.stdout
+    assert expected_stdout in package_manager_detect.stdout
     remi_package = Pihole.package('remi-release')
     assert not remi_package.is_installed
 
@@ -99,20 +99,20 @@ def test_php_version_lt_7_detected_upgrade_user_optin_centos(Pihole):
         pytest.skip("Test deprecated . Detected default PHP version >= 7")
     # Whiptail dialog returns Continue for user prompt
     mock_command('whiptail', {'*': ('', '0')}, Pihole)
-    distro_check = Pihole.run('''
+    package_manager_detect = Pihole.run('''
     source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
     install_dependent_packages PIHOLE_WEB_DEPS[@]
     ''')
     expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
                                   'Deprecated PHP may be in use.')
-    assert expected_stdout not in distro_check.stdout
+    assert expected_stdout not in package_manager_detect.stdout
     expected_stdout = info_box + (' Enabling Remi\'s RPM repository '
                                   '(https://rpms.remirepo.net)')
-    assert expected_stdout in distro_check.stdout
+    assert expected_stdout in package_manager_detect.stdout
     expected_stdout = tick_box + (' Remi\'s RPM repository has '
                                   'been enabled for PHP7')
-    assert expected_stdout in distro_check.stdout
+    assert expected_stdout in package_manager_detect.stdout
     remi_package = Pihole.package('remi-release')
     assert remi_package.is_installed
     updated_php_package = Pihole.package('php')
diff --git a/test/test_fedora_support.py b/test/test_fedora_support.py
index 473b2e96..a2ac4c71 100644
--- a/test/test_fedora_support.py
+++ b/test/test_fedora_support.py
@@ -3,11 +3,11 @@ def test_epel_and_remi_not_installed_fedora(Pihole):
     confirms installer does not attempt to install EPEL/REMI repositories
     on Fedora
     '''
-    distro_check = Pihole.run('''
+    package_manager_detect = Pihole.run('''
     source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
     ''')
-    assert distro_check.stdout == ''
+    assert package_manager_detect.stdout == ''
 
     epel_package = Pihole.package('epel-release')
     assert not epel_package.is_installed

From 913dcead7f2c154e63fa1a607c394a1d4e6ef93c Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Tue, 3 Aug 2021 22:39:33 +0100
Subject: [PATCH 258/297] move chmod/chown of macvendor.db to
 pihole-FTL.service

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 advanced/Templates/pihole-FTL.service | 3 ++-
 automated install/basic-install.sh    | 2 --
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/advanced/Templates/pihole-FTL.service b/advanced/Templates/pihole-FTL.service
index f0743b49..88f50539 100644
--- a/advanced/Templates/pihole-FTL.service
+++ b/advanced/Templates/pihole-FTL.service
@@ -37,8 +37,9 @@ start() {
     chown pihole:pihole /etc/pihole /etc/pihole/dhcp.leases 2> /dev/null
     chown pihole:pihole /var/log/pihole-FTL.log /var/log/pihole.log
     chmod 0644 /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole.log
+    chmod 0644 /etc/pihole/macvendor.db
     # Chown database files to the user FTL runs as. We ignore errors as the files may not (yet) exist
-    chown pihole:pihole /etc/pihole/pihole-FTL.db /etc/pihole/gravity.db 2> /dev/null
+    chown pihole:pihole /etc/pihole/pihole-FTL.db /etc/pihole/gravity.db /etc/pihole/macvendor.db 2> /dev/null
     if setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN,CAP_SYS_NICE+eip "$(which pihole-FTL)"; then
       su -s /bin/sh -c "/usr/bin/pihole-FTL" "$FTLUSER"
     else
diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 0d674b2f..71aa8b49 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -2336,8 +2336,6 @@ FTLinstall() {
 
             # Before stopping FTL, we download the macvendor database
             curl -sSL "https://ftl.pi-hole.net/macvendor.db" -o "${PI_HOLE_CONFIG_DIR}/macvendor.db" || true
-            chmod 644 "${PI_HOLE_CONFIG_DIR}/macvendor.db"
-            chown pihole:pihole "${PI_HOLE_CONFIG_DIR}/macvendor.db"
 
             # Stop pihole-FTL service if available
             stop_service pihole-FTL &> /dev/null

From d68a2ffaf312071c2d849689dab178c548b73628 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Tue, 3 Aug 2021 22:48:03 +0100
Subject: [PATCH 259/297] Install only minimal requiered package before
 performing os_check
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: Christian König <ckoenig@posteo.de>
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 automated install/basic-install.sh | 16 +++++++++++-----
 test/test_automated_install.py     |  2 ++
 2 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 71aa8b49..9cad94b3 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -354,10 +354,12 @@ if is_command apt-get ; then
         printf "  %b Aborting installation: No SQLite PHP module was found in APT repository.\\n" "${CROSS}"
         exit 1
     fi
+    # Packages required to perfom the os_check (stored as an array)
+    OS_CHECK_DEPS=(grep dnsutils)
     # Packages required to run this install script (stored as an array)
-    INSTALLER_DEPS=(dhcpcd5 git "${iproute_pkg}" whiptail dnsutils)
+    INSTALLER_DEPS=(git "${iproute_pkg}" whiptail)
     # Packages required to run Pi-hole (stored as an array)
-    PIHOLE_DEPS=(cron curl iputils-ping lsof netcat psmisc sudo unzip idn2 sqlite3 libcap2-bin dns-root-data libcap2)
+    PIHOLE_DEPS=(dhcpcd5 cron curl iputils-ping lsof netcat psmisc sudo unzip idn2 sqlite3 libcap2-bin dns-root-data libcap2)
     # Packages required for the Web admin interface (stored as an array)
     # It's useful to separate this from Pi-hole, since the two repos are also setup separately
     PIHOLE_WEB_DEPS=(lighttpd "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-${phpSqlite}" "${phpVer}-xml" "${phpVer}-intl")
@@ -400,7 +402,8 @@ elif is_command rpm ; then
     # These variable names match the ones in the Debian family. See above for an explanation of what they are for.
     PKG_INSTALL=("${PKG_MANAGER}" install -y)
     PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l"
-    INSTALLER_DEPS=(git iproute newt procps-ng which chkconfig bind-utils)
+    OS_CHECK_DEPS=(grep bind-utils)
+    INSTALLER_DEPS=(git iproute newt procps-ng which chkconfig)
     PIHOLE_DEPS=(cronie curl findutils nmap-ncat sudo unzip libidn2 psmisc sqlite libcap lsof)
     PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php-common php-cli php-pdo php-xml php-json php-intl)
     LIGHTTPD_USER="lighttpd"
@@ -2662,12 +2665,15 @@ main() {
     # Notify user of package availability
     notify_package_updates_available
 
-    # Install packages used by this installation script
-    install_dependent_packages "${INSTALLER_DEPS[@]}"
+    # Install packages necessary to perform os_check
+    install_dependent_packages "${OS_CHECK_DEPS[@]}"
 
     # Check that the installed OS is officially supported - display warning if not
     os_check
 
+    # Install packages used by this installation script
+    install_dependent_packages "${INSTALLER_DEPS[@]}"
+
     # Check if SELinux is Enforcing
     checkSelinux
 
diff --git a/test/test_automated_install.py b/test/test_automated_install.py
index 21468cd7..593c19d2 100644
--- a/test/test_automated_install.py
+++ b/test/test_automated_install.py
@@ -568,6 +568,7 @@ def test_os_check_fails(Pihole):
     Pihole.run('''
     source /opt/pihole/basic-install.sh
     package_manager_detect
+    install_dependent_packages ${OS_CHECK_DEPS[@]}
     install_dependent_packages ${INSTALLER_DEPS[@]}
     cat <<EOT > /etc/os-release
     ID=UnsupportedOS
@@ -587,6 +588,7 @@ def test_os_check_passes(Pihole):
     Pihole.run('''
     source /opt/pihole/basic-install.sh
     package_manager_detect
+    install_dependent_packages ${OS_CHECK_DEPS[@]}
     install_dependent_packages ${INSTALLER_DEPS[@]}
     ''')
     detectOS = Pihole.run('''

From 3ad5097b12ae1ee26967a0ac757c04078aee2218 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Tue, 3 Aug 2021 22:53:29 +0100
Subject: [PATCH 260/297] Change initial install script order:  1. Ensure we
 have a compatible package manager   2. Install required packages for os_check
 to run (we need dnsutils and grep for this   3. Try to install FTL   4. FTL
 installed? Install installer dependencies and continue as normal - no other
 dependencies are installed until user has gone through all whiptails

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 automated install/basic-install.sh | 57 +++++++++++++++---------------
 1 file changed, 28 insertions(+), 29 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 9cad94b3..563b6bee 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -2643,9 +2643,36 @@ main() {
         fi
     fi
 
-    # Check for supported distribution
+    # Check for supported package managers so that we may install dependencies
     package_manager_detect
 
+    # Notify user of package availability
+    notify_package_updates_available
+
+    # Install packages necessary to perform os_check
+    install_dependent_packages "${OS_CHECK_DEPS[@]}"
+
+    # Check that the installed OS is officially supported - display warning if not
+    os_check
+
+    # Check if FTL is installed - do this early on as FTL is a hard dependency for Pi-hole
+    local funcOutput
+    funcOutput=$(get_binary_name) #Store output of get_binary_name here
+    local binary
+    binary="pihole-FTL${funcOutput##*pihole-FTL}" #binary name will be the last line of the output of get_binary_name (it always begins with pihole-FTL)
+    local theRest
+    theRest="${funcOutput%pihole-FTL*}" # Print the rest of get_binary_name's output to display (cut out from first instance of "pihole-FTL")
+    if ! FTLdetect "${binary}" "${theRest}"; then
+        printf "  %b FTL Engine not installed\\n" "${CROSS}"
+        exit 1
+    fi
+
+    # Install packages used by this installation script
+    install_dependent_packages "${INSTALLER_DEPS[@]}"
+
+    # Check if SELinux is Enforcing
+    checkSelinux
+
     # If the setup variable file exists,
     if [[ -f "${setupVars}" ]]; then
         # if it's running unattended,
@@ -2661,22 +2688,6 @@ main() {
         fi
     fi
 
-    # Start the installer
-    # Notify user of package availability
-    notify_package_updates_available
-
-    # Install packages necessary to perform os_check
-    install_dependent_packages "${OS_CHECK_DEPS[@]}"
-
-    # Check that the installed OS is officially supported - display warning if not
-    os_check
-
-    # Install packages used by this installation script
-    install_dependent_packages "${INSTALLER_DEPS[@]}"
-
-    # Check if SELinux is Enforcing
-    checkSelinux
-
     if [[ "${useUpdateVars}" == false ]]; then
         # Display welcome dialogs
         welcomeDialogs
@@ -2740,18 +2751,6 @@ main() {
     # Create the pihole user
     create_pihole_user
 
-    # Check if FTL is installed - do this early on as FTL is a hard dependency for Pi-hole
-    local funcOutput
-    funcOutput=$(get_binary_name) #Store output of get_binary_name here
-    local binary
-    binary="pihole-FTL${funcOutput##*pihole-FTL}" #binary name will be the last line of the output of get_binary_name (it always begins with pihole-FTL)
-    local theRest
-    theRest="${funcOutput%pihole-FTL*}" # Print the rest of get_binary_name's output to display (cut out from first instance of "pihole-FTL")
-    if ! FTLdetect "${binary}" "${theRest}"; then
-        printf "  %b FTL Engine not installed\\n" "${CROSS}"
-        exit 1
-    fi
-
     # Install and log everything to a file
     installPihole | tee -a /proc/$$/fd/3
 

From 2ff3b951170eb8ba00d5b328f853efbe3f7c6df4 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Tue, 3 Aug 2021 23:11:22 +0100
Subject: [PATCH 261/297] put FTL Install back to where it was

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 automated install/basic-install.sh | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 563b6bee..d38e94e1 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -2655,18 +2655,6 @@ main() {
     # Check that the installed OS is officially supported - display warning if not
     os_check
 
-    # Check if FTL is installed - do this early on as FTL is a hard dependency for Pi-hole
-    local funcOutput
-    funcOutput=$(get_binary_name) #Store output of get_binary_name here
-    local binary
-    binary="pihole-FTL${funcOutput##*pihole-FTL}" #binary name will be the last line of the output of get_binary_name (it always begins with pihole-FTL)
-    local theRest
-    theRest="${funcOutput%pihole-FTL*}" # Print the rest of get_binary_name's output to display (cut out from first instance of "pihole-FTL")
-    if ! FTLdetect "${binary}" "${theRest}"; then
-        printf "  %b FTL Engine not installed\\n" "${CROSS}"
-        exit 1
-    fi
-
     # Install packages used by this installation script
     install_dependent_packages "${INSTALLER_DEPS[@]}"
 
@@ -2751,6 +2739,18 @@ main() {
     # Create the pihole user
     create_pihole_user
 
+    # Check if FTL is installed - do this early on as FTL is a hard dependency for Pi-hole
+    local funcOutput
+    funcOutput=$(get_binary_name) #Store output of get_binary_name here
+    local binary
+    binary="pihole-FTL${funcOutput##*pihole-FTL}" #binary name will be the last line of the output of get_binary_name (it always begins with pihole-FTL)
+    local theRest
+    theRest="${funcOutput%pihole-FTL*}" # Print the rest of get_binary_name's output to display (cut out from first instance of "pihole-FTL")
+    if ! FTLdetect "${binary}" "${theRest}"; then
+        printf "  %b FTL Engine not installed\\n" "${CROSS}"
+        exit 1
+    fi
+
     # Install and log everything to a file
     installPihole | tee -a /proc/$$/fd/3
 

From 1ecb9165ee38e54149cc0cc1081577089dd6a7bc Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Tue, 3 Aug 2021 23:26:59 +0100
Subject: [PATCH 262/297] Remove weird global counter

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 automated install/basic-install.sh | 17 ++++-------------
 1 file changed, 4 insertions(+), 13 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index d38e94e1..01090285 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -1696,20 +1696,7 @@ notify_package_updates_available() {
     fi
 }
 
-# This counter is outside of install_dependent_packages so that it can count the number of times the function is called.
-counter=0
-
 install_dependent_packages() {
-    # Local, named variables should be used here, especially for an iterator
-    # Add one to the counter
-    counter=$((counter+1))
-    if [[ "${counter}" == 1 ]]; then
-        # On the first loop, print a special message
-        printf "  %b Installer Dependency checks...\\n" "${INFO}"
-    else
-        # On all subsequent loops, print a generic message.
-        printf "  %b Main Dependency checks...\\n" "${INFO}"
-    fi
 
     # Install packages passed in via argument array
     # No spinner - conflicts with set -e
@@ -2650,12 +2637,14 @@ main() {
     notify_package_updates_available
 
     # Install packages necessary to perform os_check
+    printf "  %b Checking for / installing Required dependencies for OS Check...\\n" "${INFO}"
     install_dependent_packages "${OS_CHECK_DEPS[@]}"
 
     # Check that the installed OS is officially supported - display warning if not
     os_check
 
     # Install packages used by this installation script
+    printf "  %b Checking for / installing Required dependencies for this install script...\\n" "${INFO}"
     install_dependent_packages "${INSTALLER_DEPS[@]}"
 
     # Check if SELinux is Enforcing
@@ -2722,6 +2711,8 @@ main() {
         dep_install_list+=("${PIHOLE_WEB_DEPS[@]}")
     fi
 
+    # Install packages used by the actual software
+    printf "  %b Checking for / installing Required dependencies for Pi-hole software...\\n" "${INFO}"
     install_dependent_packages "${dep_install_list[@]}"
     unset dep_install_list
 

From bdab7014702aaa207cddad7b9a2b9728585adc20 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Tue, 3 Aug 2021 23:43:48 +0100
Subject: [PATCH 263/297] Remove dhcpcd5 dependency, however still help the
 user set the static IP if dhcpd5 is already installed (i.e on raspbian)

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
---
 automated install/basic-install.sh | 127 ++++-------------------------
 1 file changed, 18 insertions(+), 109 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 01090285..5eda20ea 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -288,21 +288,6 @@ if is_command apt-get ; then
     PKG_INSTALL=("${PKG_MANAGER}" -qq --no-install-recommends install)
     # grep -c will return 1 if there are no matches. This is an acceptable condition, so we OR TRUE to prevent set -e exiting the script.
     PKG_COUNT="${PKG_MANAGER} -s -o Debug::NoLocking=true upgrade | grep -c ^Inst || true"
-    # Some distros vary slightly so these fixes for dependencies may apply
-    # on Ubuntu 18.04.1 LTS we need to add the universe repository to gain access to dhcpcd5
-    APT_SOURCES="/etc/apt/sources.list"
-    if awk 'BEGIN{a=1;b=0}/bionic main/{a=0}/bionic.*universe/{b=1}END{exit a + b}' ${APT_SOURCES}; then
-        if ! whiptail --defaultno --title "Dependencies Require Update to Allowed Repositories" --yesno "Would you like to enable 'universe' repository?\\n\\nThis repository is required by the following packages:\\n\\n- dhcpcd5" "${r}" "${c}"; then
-            printf "  %b Aborting installation: Dependencies could not be installed.\\n" "${CROSS}"
-            exit 1
-        else
-            printf "  %b Enabling universe package repository for Ubuntu Bionic\\n" "${INFO}"
-            cp -p ${APT_SOURCES} ${APT_SOURCES}.backup # Backup current repo list
-            printf "  %b Backed up current configuration to %s\\n" "${TICK}" "${APT_SOURCES}.backup"
-            add-apt-repository universe
-            printf "  %b Enabled %s\\n" "${TICK}" "'universe' repository"
-        fi
-    fi
     # Update package cache. This is required already here to assure apt-cache calls have package lists available.
     update_package_cache || exit 1
     # Debian 7 doesn't have iproute2 so check if it's available first
@@ -359,7 +344,7 @@ if is_command apt-get ; then
     # Packages required to run this install script (stored as an array)
     INSTALLER_DEPS=(git "${iproute_pkg}" whiptail)
     # Packages required to run Pi-hole (stored as an array)
-    PIHOLE_DEPS=(dhcpcd5 cron curl iputils-ping lsof netcat psmisc sudo unzip idn2 sqlite3 libcap2-bin dns-root-data libcap2)
+    PIHOLE_DEPS=(cron curl iputils-ping lsof netcat psmisc sudo unzip idn2 sqlite3 libcap2-bin dns-root-data libcap2)
     # Packages required for the Web admin interface (stored as an array)
     # It's useful to separate this from Pi-hole, since the two repos are also setup separately
     PIHOLE_WEB_DEPS=(lighttpd "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-${phpSqlite}" "${phpVer}-xml" "${phpVer}-intl")
@@ -695,9 +680,17 @@ welcomeDialogs() {
     whiptail --msgbox --backtitle "Plea" --title "Free and open source" "\\n\\nThe Pi-hole is free, but powered by your donations:  https://pi-hole.net/donate/" "${r}" "${c}"
 
     # Explain the need for a static address
-    whiptail --msgbox --backtitle "Initiating network interface" --title "Static IP Needed" "\\n\\nThe Pi-hole is a SERVER so it needs a STATIC IP ADDRESS to function properly.
+    if whiptail --defaultno --backtitle "Initiating network interface" --title "Static IP Needed" --yesno "\\n\\nThe Pi-hole is a SERVER so it needs a STATIC IP ADDRESS to function properly.
 
-In the next section, you can choose to use your current network settings (DHCP) or to manually edit them." "${r}" "${c}"
+IMPORTANT: If you have not already done so, you must ensure that this device has a static IP. Either through DHCP reservation, or by manually assigning one. Depending on your operating system, there are many ways to achieve this.
+
+Choose yes to indicate that you have understood this message, and wish to continue" "${r}" "${c}"; then
+#Nothing to do, continue
+  echo
+else
+  printf "  %b Installer exited at static IP message.\\n" "${INFO}"
+  exit 1
+fi
 }
 
 # A function that lets the user pick an interface to use with Pi-hole
@@ -850,8 +843,11 @@ use4andor6() {
     if [[ "${useIPv4}" ]]; then
         # Run our function to get the information we need
         find_IPv4_information
-        getStaticIPv4Settings
-        setStaticIPv4
+        if [[ -f "/etc/dhcpcd.conf" ]]; then
+            # configure networking via dhcpcd
+            getStaticIPv4Settings
+            setDHCPCD
+        fi
     fi
     # If IPv6 is to be used,
     if [[ "${useIPv6}" ]]; then
@@ -936,93 +932,6 @@ setDHCPCD() {
     fi
 }
 
-# Configure networking ifcfg-xxxx file found at /etc/sysconfig/network-scripts/
-# This function requires the full path of an ifcfg file passed as an argument
-setIFCFG() {
-    # Local, named variables
-    local IFCFG_FILE
-    local IPADDR
-    local CIDR
-    IFCFG_FILE=$1
-    printf -v IPADDR "%s" "${IPV4_ADDRESS%%/*}"
-    # Check if the desired IP is already set
-    if grep -Eq "${IPADDR}(\\b|\\/)" "${IFCFG_FILE}"; then
-        printf "  %b Static IP already configured\\n" "${INFO}"
-    else
-        # Otherwise, put the IP in variables without the CIDR notation
-        printf -v CIDR "%s" "${IPV4_ADDRESS##*/}"
-        # Backup existing interface configuration:
-        cp -p "${IFCFG_FILE}" "${IFCFG_FILE}".pihole.orig
-        # Build Interface configuration file using the GLOBAL variables we have
-        {
-        echo "# Configured via Pi-hole installer"
-        echo "DEVICE=$PIHOLE_INTERFACE"
-        echo "BOOTPROTO=none"
-        echo "ONBOOT=yes"
-        echo "IPADDR=$IPADDR"
-        echo "PREFIX=$CIDR"
-        echo "GATEWAY=$IPv4gw"
-        echo "DNS1=$PIHOLE_DNS_1"
-        echo "DNS2=$PIHOLE_DNS_2"
-        echo "USERCTL=no"
-        }> "${IFCFG_FILE}"
-        chmod 644 "${IFCFG_FILE}"
-        chown root:root "${IFCFG_FILE}"
-        # Use ip to immediately set the new address
-        ip addr replace dev "${PIHOLE_INTERFACE}" "${IPV4_ADDRESS}"
-        # If NetworkMangler command line interface exists and ready to mangle,
-        if is_command nmcli && nmcli general status &> /dev/null; then
-            # Tell NetworkManagler to read our new sysconfig file
-            nmcli con load "${IFCFG_FILE}" > /dev/null
-        fi
-        # Show a warning that the user may need to restart
-        printf "  %b Set IP address to %s\\n  You may need to restart after the install is complete\\n" "${TICK}" "${IPV4_ADDRESS%%/*}"
-    fi
-}
-
-setStaticIPv4() {
-    # Local, named variables
-    local IFCFG_FILE
-    local CONNECTION_NAME
-
-    # If a static interface is already configured, we are done.
-    if [[ -r "/etc/sysconfig/network/ifcfg-${PIHOLE_INTERFACE}" ]]; then
-        if grep -q '^BOOTPROTO=.static.' "/etc/sysconfig/network/ifcfg-${PIHOLE_INTERFACE}"; then
-            return 0
-        fi
-    fi
-    # For the Debian family, if dhcpcd.conf exists then we can just configure using DHCPD.
-    if [[ -f "/etc/dhcpcd.conf" ]]; then
-        setDHCPCD
-        return 0
-    fi
-    # If a DHCPCD config file was not found, check for an ifcfg config file based on the interface name
-    if [[ -f "/etc/sysconfig/network-scripts/ifcfg-${PIHOLE_INTERFACE}" ]];then
-        # If it exists, then we can configure using IFCFG
-        IFCFG_FILE=/etc/sysconfig/network-scripts/ifcfg-${PIHOLE_INTERFACE}
-        setIFCFG "${IFCFG_FILE}"
-        return 0
-    fi
-    # If an ifcfg config does not exists for the interface name, search for one based on the connection name via network manager
-    if is_command nmcli && nmcli general status &> /dev/null; then
-        CONNECTION_NAME=$(nmcli dev show "${PIHOLE_INTERFACE}" | grep 'GENERAL.CONNECTION' | cut -d: -f2 | sed 's/^System//' | xargs | tr ' ' '_')
-        IFCFG_FILE=/etc/sysconfig/network-scripts/ifcfg-${CONNECTION_NAME}
-        if [[ -f "${IFCFG_FILE}" ]];then
-            # If it exists,
-            setIFCFG "${IFCFG_FILE}"
-            return 0
-        else
-            printf "  %b Warning: sysconfig network script not found. Creating ${IFCFG_FILE}\\n" "${INFO}"
-            touch "${IFCFG_FILE}"
-            setIFCFG "${IFCFG_FILE}"
-            return 0
-        fi
-    fi
-    # If previous conditions failed, show an error and exit
-    printf "  %b Warning: Unable to locate configuration file to set static IPv4 address\\n" "${INFO}"
-    exit 1
-}
-
 # Check an IP address to see if it is a valid one
 valid_ip() {
     # Local, named variables
@@ -2120,7 +2029,7 @@ Your Admin Webpage login password is ${pwstring}"
 IPv4:	${IPV4_ADDRESS%/*}
 IPv6:	${IPV6_ADDRESS:-"Not Configured"}
 
-If you set a new IP address, you should restart the Pi.
+If you have not done so already, the above IP should be set to static.
 
 The install log is in /etc/pihole.
 
@@ -2817,7 +2726,7 @@ main() {
         printf "  %b You may now configure your devices to use the Pi-hole as their DNS server\\n" "${INFO}"
         [[ -n "${IPV4_ADDRESS%/*}" ]] && printf "  %b Pi-hole DNS (IPv4): %s\\n" "${INFO}" "${IPV4_ADDRESS%/*}"
         [[ -n "${IPV6_ADDRESS}" ]] && printf "  %b Pi-hole DNS (IPv6): %s\\n" "${INFO}" "${IPV6_ADDRESS}"
-        printf "  %b If you set a new IP address, please restart the server running the Pi-hole\\n" "${INFO}"
+        printf "  %b If you have not done so already, the above IP should be set to static.\\n" "${INFO}"
         INSTALL_TYPE="Installation"
     else
         INSTALL_TYPE="Update"

From ffe45e8b76b19ecc7db0b3f06d8c2027e20d1d56 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Fri, 6 Aug 2021 20:51:48 +0200
Subject: [PATCH 264/297] On enabling/disabeling only reload-lists instead of
 reload
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 pihole | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pihole b/pihole
index 470c9dc7..e8fa9317 100755
--- a/pihole
+++ b/pihole
@@ -242,7 +242,7 @@ Time:
     echo "BLOCKING_ENABLED=true" >> "${setupVars}"
   fi
 
-  restartDNS reload
+  restartDNS reload-lists
 
   echo -e "${OVER}  ${TICK} ${str}"
 }

From bb7c7cdf337ba0ddee21f83d99ae03c569b61bf5 Mon Sep 17 00:00:00 2001
From: yubiuser <ckoenig@posteo.de>
Date: Sat, 7 Aug 2021 20:07:14 +0200
Subject: [PATCH 265/297] Add uptime to debug log (#4265)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* Add uptime to debug log

Signed-off-by: Christian König <ckoenig@posteo.de>

* Address github comments

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 advanced/Scripts/piholeDebug.sh | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 0c4393cc..26ef61fa 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -230,6 +230,7 @@ copy_to_debug_log() {
 }
 
 initialize_debug() {
+    local system_uptime
     # Clear the screen so the debug log is readable
     clear
     show_disclaimer
@@ -237,6 +238,10 @@ initialize_debug() {
     log_write "${COL_PURPLE}*** [ INITIALIZING ]${COL_NC}"
     # Timestamp the start of the log
     log_write "${INFO} $(date "+%Y-%m-%d:%H:%M:%S") debug log has been initialized."
+    # Uptime of the system
+    # credits to https://stackoverflow.com/questions/28353409/bash-format-uptime-to-show-days-hours-minutes
+    system_uptime=$(uptime | awk -F'( |,|:)+' '{if ($7=="min") m=$6; else {if ($7~/^day/){if ($9=="min") {d=$6;m=$8} else {d=$6;h=$8;m=$9}} else {h=$6;m=$7}}} {print d+0,"days,",h+0,"hours,",m+0,"minutes"}')
+    log_write "${INFO} System has been running for ${system_uptime}"
 }
 
 # This is a function for visually displaying the current test that is being run.

From ee749f700fcaecb888093d6785f6140682b91f26 Mon Sep 17 00:00:00 2001
From: yubiuser <ckoenig@posteo.de>
Date: Sat, 7 Aug 2021 20:07:45 +0200
Subject: [PATCH 266/297] Add switching 'to...from' message to ftl checkout
 output (#4266)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* Add switching 'to...from' message to ftl checkout output

Signed-off-by: Christian König <ckoenig@posteo.de>

* Add quotes

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 advanced/Scripts/piholeCheckout.sh | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/advanced/Scripts/piholeCheckout.sh b/advanced/Scripts/piholeCheckout.sh
index 1c1b16a4..4c0a4f40 100644
--- a/advanced/Scripts/piholeCheckout.sh
+++ b/advanced/Scripts/piholeCheckout.sh
@@ -166,12 +166,15 @@ checkout() {
         checkout_pull_branch "${webInterfaceDir}" "${2}"
     elif [[ "${1}" == "ftl" ]] ; then
         local path
+        local oldbranch
         path="${2}/${binary}"
+        oldbranch="$(pihole-FTL -b)"
 
         if check_download_exists "$path"; then
             echo "  ${TICK} Branch ${2} exists"
             echo "${2}" > /etc/pihole/ftlbranch
             chmod 644 /etc/pihole/ftlbranch
+            echo -e "  ${INFO} Switching to branch: \"${2}\" from \"${oldbranch}\""
             FTLinstall "${binary}"
             restart_service pihole-FTL
             enable_service pihole-FTL

From 676b7e60f3dd3e0eee661f4e2638bf387440e118 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Thu, 12 Aug 2021 13:55:40 +0200
Subject: [PATCH 267/297] Fix Splashpage not appearing properly on non-root
 directories
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 advanced/index.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/advanced/index.php b/advanced/index.php
index a38cd365..d0c5fc5d 100644
--- a/advanced/index.php
+++ b/advanced/index.php
@@ -73,12 +73,12 @@ if ($serverName === "pi.hole"
             <meta charset='utf-8'>
             $viewPort
             <title>● $serverName</title>
-            <link rel='stylesheet' href='pihole/blockingpage.css'>
-            <link rel='shortcut icon' href='admin/img/favicons/favicon.ico' type='image/x-icon'>
+            <link rel='stylesheet' href='/pihole/blockingpage.css'>
+            <link rel='shortcut icon' href='/admin/img/favicons/favicon.ico' type='image/x-icon'>
         </head>
         <body id='splashpage'>
             <div id="pihole_card">
-              <img src='admin/img/logo.svg' alt='Pi-hole logo' id="pihole_logo_splash" />
+              <img src='/admin/img/logo.svg' alt='Pi-hole logo' id="pihole_logo_splash" />
               <p>Pi-<strong>hole</strong>: Your black hole for Internet advertisements</p>
               <a href='/admin'>Did you mean to go to the admin panel?</a>
             </div>

From 3ef90a9e47f8af7595506818d83f706624b56ff4 Mon Sep 17 00:00:00 2001
From: MichaIng <micha@dietpi.com>
Date: Fri, 13 Aug 2021 20:37:42 +0200
Subject: [PATCH 268/297] Remove ineffective Access-Control-Allow-Origin header

The Access-Control-Allow-Origin header has only relevance, when a resource is loaded from an external host, so one that does not match the host of the primary loaded website. As the fonts are reasonably loaded via local URLs without hostname or scheme from the blocking page style sheet, they are never seen as external resources, regardless whether the blocking page is shown to the browser from a blocked domain or from the Pi-hole domain/IP.

For reference: https://github.com/pi-hole/pi-hole/issues/3462

Signed-off-by: MichaIng <micha@dietpi.com>
---
 advanced/lighttpd.conf.debian | 5 -----
 advanced/lighttpd.conf.fedora | 5 -----
 2 files changed, 10 deletions(-)

diff --git a/advanced/lighttpd.conf.debian b/advanced/lighttpd.conf.debian
index 9c892fc0..3ecd7213 100644
--- a/advanced/lighttpd.conf.debian
+++ b/advanced/lighttpd.conf.debian
@@ -78,11 +78,6 @@ $HTTP["url"] =~ "^/admin/" {
         "X-Pi-hole" => "The Pi-hole Web interface is working!",
         "X-Frame-Options" => "DENY"
     )
-
-    $HTTP["url"] =~ "\.(eot|otf|tt[cf]|woff2?)$" {
-        # Allow Block Page access to local fonts
-        setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
-    }
 }
 
 # Block . files from being served, such as .git, .github, .gitignore
diff --git a/advanced/lighttpd.conf.fedora b/advanced/lighttpd.conf.fedora
index aae4a6a4..5a99a9bf 100644
--- a/advanced/lighttpd.conf.fedora
+++ b/advanced/lighttpd.conf.fedora
@@ -86,11 +86,6 @@ $HTTP["url"] =~ "^/admin/" {
         "X-Pi-hole" => "The Pi-hole Web interface is working!",
         "X-Frame-Options" => "DENY"
     )
-
-    $HTTP["url"] =~ "\.(eot|otf|tt[cf]|woff2?)$" {
-        # Allow Block Page access to local fonts
-        setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
-    }
 }
 
 # Block . files from being served, such as .git, .github, .gitignore

From ea5a3bf0b22c204198c99d09b788719c98ec6d96 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Sun, 15 Aug 2021 11:17:09 +0200
Subject: [PATCH 269/297] Install RFC6761 config file

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/06-rfc6761.conf           | 41 ++++++++++++++++++++++++++++++
 automated install/basic-install.sh |  8 +++++-
 automated install/uninstall.sh     |  1 +
 3 files changed, 49 insertions(+), 1 deletion(-)
 create mode 100644 advanced/06-rfc6761.conf

diff --git a/advanced/06-rfc6761.conf b/advanced/06-rfc6761.conf
new file mode 100644
index 00000000..7fb9be00
--- /dev/null
+++ b/advanced/06-rfc6761.conf
@@ -0,0 +1,41 @@
+# Pi-hole: A black hole for Internet advertisements
+# (c) 2021 Pi-hole, LLC (https://pi-hole.net)
+# Network-wide ad blocking via your own hardware.
+#
+# RFC 6761 config file for Pi-hole
+#
+# This file is copyright under the latest version of the EUPL.
+# Please see LICENSE file for your rights under this license.
+
+###############################################################################
+#      FILE AUTOMATICALLY POPULATED BY PI-HOLE INSTALL/UPDATE PROCEDURE.      #
+# ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
+#                                                                             #
+#             CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE                #
+#                    WITHIN /etc/dnsmasq.d/yourname.conf                      #
+###############################################################################
+
+# RFC 6761: Caching DNS servers SHOULD recognize
+#     test, localhost, invalid
+# names as special and SHOULD NOT attempt to look up NS records for them, or
+# otherwise query authoritative DNS servers in an attempt to resolve these
+# names.
+server=/test/
+server=/localhost/
+server=/invalid/
+
+# The same RFC requests something similar for
+#     16.172.in-addr.arpa.  22.172.in-addr.arpa.  27.172.in-addr.arpa.
+#     17.172.in-addr.arpa.  30.172.in-addr.arpa.  28.172.in-addr.arpa.
+#     18.172.in-addr.arpa.  23.172.in-addr.arpa.  29.172.in-addr.arpa.
+#     19.172.in-addr.arpa.  24.172.in-addr.arpa.  31.172.in-addr.arpa.
+#     20.172.in-addr.arpa.  25.172.in-addr.arpa.  168.192.in-addr.arpa.
+# Pi-hole implements this via the dnsmasq option "bogus-priv" (see
+# 01-pihole.conf) because this also covers IPv6.
+
+# OpenWRT furthermore blocks    bind, local, onion    domains, this seems meaningful
+# see https://git.openwrt.org/?p=openwrt/openwrt.git;a=blob_plain;f=package/network/services/dnsmasq/files/rfc6761.conf;hb=HEAD
+# and https://www.iana.org/assignments/special-use-domain-names/special-use-domain-names.xhtml
+server=/bind/
+server=/local/
+server=/onion/
diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 5eda20ea..51ff5dcf 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -1249,6 +1249,8 @@ version_check_dnsmasq() {
     local dnsmasq_original_config="${PI_HOLE_LOCAL_REPO}/advanced/dnsmasq.conf.original"
     local dnsmasq_pihole_01_snippet="${PI_HOLE_LOCAL_REPO}/advanced/01-pihole.conf"
     local dnsmasq_pihole_01_location="/etc/dnsmasq.d/01-pihole.conf"
+    local dnsmasq_rfc6761_06_config="${PI_HOLE_LOCAL_REPO}/advanced/06-rfc6761.conf"
+    local dnsmasq_rfc6761_06_location="/etc/dnsmasq.d/06-rfc6761.conf"
 
     # If the dnsmasq config file exists
     if [[ -f "${dnsmasq_conf}" ]]; then
@@ -1284,7 +1286,7 @@ version_check_dnsmasq() {
     fi
     # Copy the new Pi-hole DNS config file into the dnsmasq.d directory
     install -D -m 644 -T "${dnsmasq_pihole_01_snippet}" "${dnsmasq_pihole_01_location}"
-    printf "%b  %b Copying 01-pihole.conf to /etc/dnsmasq.d/01-pihole.conf\\n" "${OVER}"  "${TICK}"
+    printf "%b  %b Copied 01-pihole.conf to /etc/dnsmasq.d/01-pihole.conf\\n" "${OVER}"  "${TICK}"
     # Replace our placeholder values with the GLOBAL DNS variables that we populated earlier
     # First, swap in the interface to listen on,
     sed -i "s/@INT@/$PIHOLE_INTERFACE/" "${dnsmasq_pihole_01_location}"
@@ -1315,6 +1317,10 @@ version_check_dnsmasq() {
         # Otherwise, enable it by uncommenting the directive in the DNS config file
         sed -i 's/^#log-queries/log-queries/' "${dnsmasq_pihole_01_location}"
     fi
+
+    printf "  %b Copying 06-rfc6761.conf to /etc/dnsmasq.d/06-rfc6761.conf..." "${INFO}"
+    install -D -m 644 -T "${dnsmasq_rfc6761_06_config}" "${dnsmasq_rfc6761_06_location}"
+    printf "%b  %b Copied 06-rfc6761.conf to /etc/dnsmasq.d/06-rfc6761.conf\\n" "${OVER}"  "${TICK}"
 }
 
 # Clean an existing installation to prepare for upgrade/reinstall
diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh
index 0f4c4ca6..5e27514f 100755
--- a/automated install/uninstall.sh	
+++ b/automated install/uninstall.sh	
@@ -145,6 +145,7 @@ removeNoPurge() {
 
     ${SUDO} rm -f /etc/dnsmasq.d/adList.conf &> /dev/null
     ${SUDO} rm -f /etc/dnsmasq.d/01-pihole.conf &> /dev/null
+    ${SUDO} rm -f /etc/dnsmasq.d/06-rfc6761.conf &> /dev/null
     ${SUDO} rm -rf /var/log/*pihole* &> /dev/null
     ${SUDO} rm -rf /etc/pihole/ &> /dev/null
     ${SUDO} rm -rf /etc/.pihole/ &> /dev/null

From e1dca46423a003cc2bf4b114547dc4779c688ee9 Mon Sep 17 00:00:00 2001
From: MichaIng <micha@dietpi.com>
Date: Fri, 16 Jul 2021 19:58:49 +0200
Subject: [PATCH 270/297] Hardcode whiptail dimensions to 20 rows and 70 chars
 width

With the suggested way to call the installer via "curl -sSL https://install.pi-hole.net | bash", STDIN is no terminal, but overridden by the curl output, hence in most cases, the minimum dimensions were applied, even on larger screens. All whiptail calls are hence assured to work fine with those dimensions, aside of one case, making the calculations obsolete.

This commit hardcodes the whiptail dimensions to the prior minimum and removes the calculations. This also helps with testing, as it does not matter anymore how the script is called, and developers have a clearly defined space to make dialogs look nice, including line breaks, menu and list heights.

The only case which does not fit the 70 character width, the second menu entry of the "pihole -r" dialog, has been shortened accordingly. This was not an issue before, as "pihole -r" does not override the scripts STDIN and hence did allow larger dimensions based on the now removed calculations.

See the following discussions for reference:
- https://github.com/pi-hole/pi-hole/issues/3323
- https://github.com/pi-hole/pi-hole/pull/4197#issuecomment-876702380

Signed-off-by: MichaIng <micha@dietpi.com>
---
 automated install/basic-install.sh | 23 ++++-------------------
 1 file changed, 4 insertions(+), 19 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 5eda20ea..e68ee1eb 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -94,24 +94,9 @@ if [ -z "${USER}" ]; then
   USER="$(id -un)"
 fi
 
-
-# Check if we are running on a real terminal and find the rows and columns
-# If there is no real terminal, we will default to 80x24
-if [ -t 0 ] ; then
-  screen_size=$(stty size)
-else
-  screen_size="24 80"
-fi
-# Determine terminal rows and columns by parsing screen_size
-printf -v rows '%d' "${screen_size%% *}"
-printf -v columns '%d' "${screen_size##* }"
-
-# Divide by two so the dialogs take up half of the screen, which looks nice.
-r=$(( rows / 2 ))
-c=$(( columns / 2 ))
-# Unless the screen is tiny
-r=$(( r < 20 ? 20 : r ))
-c=$(( c < 70 ? 70 : c ))
+# whiptail dialog dimensions: 20 rows and 70 chars width assures to fit on small screens and is known to hold all content.
+r=20
+c=70
 
 ######## Undocumented Flags. Shhh ########
 # These are undocumented flags; some of which we can use when repairing an installation
@@ -2050,7 +2035,7 @@ update_dialogs() {
         strAdd="You will be updated to the latest version."
     fi
     opt2a="Reconfigure"
-    opt2b="This will reset your Pi-hole and allow you to enter new settings."
+    opt2b="Resets Pi-hole and allows re-selecting settings."
 
     # Display the information to the user
     UpdateCmd=$(whiptail --title "Existing Install Detected!" --menu "\\n\\nWe have detected an existing install.\\n\\nPlease choose from the following options: \\n($strAdd)" "${r}" "${c}" 2 \

From e8e8104b36913b07101a4b3180b6a42b6d0af0e8 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Sun, 15 Aug 2021 18:37:12 +0200
Subject: [PATCH 271/297] Remove server=/local/ because of
 https://github.com/pi-hole/pi-hole/pull/4282#discussion_r689112972

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/06-rfc6761.conf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/advanced/06-rfc6761.conf b/advanced/06-rfc6761.conf
index 7fb9be00..e03569e8 100644
--- a/advanced/06-rfc6761.conf
+++ b/advanced/06-rfc6761.conf
@@ -33,9 +33,9 @@ server=/invalid/
 # Pi-hole implements this via the dnsmasq option "bogus-priv" (see
 # 01-pihole.conf) because this also covers IPv6.
 
-# OpenWRT furthermore blocks    bind, local, onion    domains, this seems meaningful
+# OpenWRT furthermore blocks    bind, local, onion    domains
 # see https://git.openwrt.org/?p=openwrt/openwrt.git;a=blob_plain;f=package/network/services/dnsmasq/files/rfc6761.conf;hb=HEAD
 # and https://www.iana.org/assignments/special-use-domain-names/special-use-domain-names.xhtml
+# We do not include the ".local" rule ourselves, see https://github.com/pi-hole/pi-hole/pull/4282#discussion_r689112972
 server=/bind/
-server=/local/
 server=/onion/

From ff64d8cf4d20871b105f228185bef9464ad083b8 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Mon, 16 Aug 2021 09:57:12 +0200
Subject: [PATCH 272/297] Use variable in user output, too

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 automated install/basic-install.sh | 36 +++++++++++++++---------------
 1 file changed, 18 insertions(+), 18 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 51ff5dcf..f4d9edc0 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -1247,10 +1247,10 @@ version_check_dnsmasq() {
     local dnsmasq_pihole_id_string="addn-hosts=/etc/pihole/gravity.list"
     local dnsmasq_pihole_id_string2="# Dnsmasq config for Pi-hole's FTLDNS"
     local dnsmasq_original_config="${PI_HOLE_LOCAL_REPO}/advanced/dnsmasq.conf.original"
-    local dnsmasq_pihole_01_snippet="${PI_HOLE_LOCAL_REPO}/advanced/01-pihole.conf"
-    local dnsmasq_pihole_01_location="/etc/dnsmasq.d/01-pihole.conf"
-    local dnsmasq_rfc6761_06_config="${PI_HOLE_LOCAL_REPO}/advanced/06-rfc6761.conf"
-    local dnsmasq_rfc6761_06_location="/etc/dnsmasq.d/06-rfc6761.conf"
+    local dnsmasq_pihole_01_source="${PI_HOLE_LOCAL_REPO}/advanced/01-pihole.conf"
+    local dnsmasq_pihole_01_target="/etc/dnsmasq.d/01-pihole.conf"
+    local dnsmasq_rfc6761_06_source="${PI_HOLE_LOCAL_REPO}/advanced/06-rfc6761.conf"
+    local dnsmasq_rfc6761_06_target="/etc/dnsmasq.d/06-rfc6761.conf"
 
     # If the dnsmasq config file exists
     if [[ -f "${dnsmasq_conf}" ]]; then
@@ -1279,48 +1279,48 @@ version_check_dnsmasq() {
         printf "%b  %b No dnsmasq.conf found... restoring default dnsmasq.conf...\\n" "${OVER}"  "${TICK}"
     fi
 
-    printf "  %b Copying 01-pihole.conf to /etc/dnsmasq.d/01-pihole.conf..." "${INFO}"
+    printf "  %b Installing %s..." "${INFO}" "${dnsmasq_pihole_01_target}"
     # Check to see if dnsmasq directory exists (it may not due to being a fresh install and dnsmasq no longer being a dependency)
     if [[ ! -d "/etc/dnsmasq.d"  ]];then
         install -d -m 755 "/etc/dnsmasq.d"
     fi
     # Copy the new Pi-hole DNS config file into the dnsmasq.d directory
-    install -D -m 644 -T "${dnsmasq_pihole_01_snippet}" "${dnsmasq_pihole_01_location}"
-    printf "%b  %b Copied 01-pihole.conf to /etc/dnsmasq.d/01-pihole.conf\\n" "${OVER}"  "${TICK}"
+    install -D -m 644 -T "${dnsmasq_pihole_01_source}" "${dnsmasq_pihole_01_target}"
+    printf "%b  %b Installed %s\n" "${OVER}"  "${TICK}" "${dnsmasq_pihole_01_target}"
     # Replace our placeholder values with the GLOBAL DNS variables that we populated earlier
     # First, swap in the interface to listen on,
-    sed -i "s/@INT@/$PIHOLE_INTERFACE/" "${dnsmasq_pihole_01_location}"
+    sed -i "s/@INT@/$PIHOLE_INTERFACE/" "${dnsmasq_pihole_01_target}"
     if [[ "${PIHOLE_DNS_1}" != "" ]]; then
         # then swap in the primary DNS server.
-        sed -i "s/@DNS1@/$PIHOLE_DNS_1/" "${dnsmasq_pihole_01_location}"
+        sed -i "s/@DNS1@/$PIHOLE_DNS_1/" "${dnsmasq_pihole_01_target}"
     else
         # Otherwise, remove the line which sets DNS1.
-        sed -i '/^server=@DNS1@/d' "${dnsmasq_pihole_01_location}"
+        sed -i '/^server=@DNS1@/d' "${dnsmasq_pihole_01_target}"
     fi
     # Ditto if DNS2 is not empty
     if [[ "${PIHOLE_DNS_2}" != "" ]]; then
-        sed -i "s/@DNS2@/$PIHOLE_DNS_2/" "${dnsmasq_pihole_01_location}"
+        sed -i "s/@DNS2@/$PIHOLE_DNS_2/" "${dnsmasq_pihole_01_target}"
     else
-        sed -i '/^server=@DNS2@/d' "${dnsmasq_pihole_01_location}"
+        sed -i '/^server=@DNS2@/d' "${dnsmasq_pihole_01_target}"
     fi
 
 	# Set the cache size
-	sed -i "s/@CACHE_SIZE@/$CACHE_SIZE/" ${dnsmasq_pihole_01_location}
+	sed -i "s/@CACHE_SIZE@/$CACHE_SIZE/" "${dnsmasq_pihole_01_target}"
 
     sed -i 's/^#conf-dir=\/etc\/dnsmasq.d$/conf-dir=\/etc\/dnsmasq.d/' "${dnsmasq_conf}"
 
     # If the user does not want to enable logging,
     if [[ "${QUERY_LOGGING}" == false ]] ; then
         # disable it by commenting out the directive in the DNS config file
-        sed -i 's/^log-queries/#log-queries/' "${dnsmasq_pihole_01_location}"
+        sed -i 's/^log-queries/#log-queries/' "${dnsmasq_pihole_01_target}"
     else
         # Otherwise, enable it by uncommenting the directive in the DNS config file
-        sed -i 's/^#log-queries/log-queries/' "${dnsmasq_pihole_01_location}"
+        sed -i 's/^#log-queries/log-queries/' "${dnsmasq_pihole_01_target}"
     fi
 
-    printf "  %b Copying 06-rfc6761.conf to /etc/dnsmasq.d/06-rfc6761.conf..." "${INFO}"
-    install -D -m 644 -T "${dnsmasq_rfc6761_06_config}" "${dnsmasq_rfc6761_06_location}"
-    printf "%b  %b Copied 06-rfc6761.conf to /etc/dnsmasq.d/06-rfc6761.conf\\n" "${OVER}"  "${TICK}"
+    printf "  %b Installing %s..." "${INFO}" "${dnsmasq_rfc6761_06_source}"
+    install -D -m 644 -T "${dnsmasq_rfc6761_06_source}" "${dnsmasq_rfc6761_06_target}"
+    printf "%b  %b Installed %s\n" "${OVER}"  "${TICK}" "${dnsmasq_rfc6761_06_target}"
 }
 
 # Clean an existing installation to prepare for upgrade/reinstall

From c2f3477a824bf26f551ff1cb8ce510713b1ac394 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Fri, 20 Aug 2021 14:04:50 +0200
Subject: [PATCH 273/297] Ensure conditional forwarding will forward
 unqualified host names if we have no local answer for them.

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/webpage.sh | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index 744416e7..129bdb62 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -269,7 +269,10 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423
 
     if [[ "${REV_SERVER}" == true ]]; then
         add_dnsmasq_setting "rev-server=${REV_SERVER_CIDR},${REV_SERVER_TARGET}"
+        # Forward unqualified names to the CF target
+        add_dnsmasq_setting "server=//${REV_SERVER_TARGET}"
         if [ -n "${REV_SERVER_DOMAIN}" ]; then
+            # Forward local domain names to the CF target, too
             add_dnsmasq_setting "server=/${REV_SERVER_DOMAIN}/${REV_SERVER_TARGET}"
         fi
     fi

From 06fd8123c3b3fd73d367fb1045e1a30c514f54e0 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Fri, 20 Aug 2021 16:26:17 +0200
Subject: [PATCH 274/297] Also remove "rev-server" lines when rewriting
 01-pihole.conf

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/webpage.sh | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index 129bdb62..fa2c044d 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -54,7 +54,7 @@ add_setting() {
 }
 
 delete_setting() {
-    sed -i "/${1}/d" "${setupVars}"
+    sed -i "/^${1}/d" "${setupVars}"
 }
 
 change_setting() {
@@ -67,7 +67,7 @@ addFTLsetting() {
 }
 
 deleteFTLsetting() {
-    sed -i "/${1}/d" "${FTLconf}"
+    sed -i "/^${1}/d" "${FTLconf}"
 }
 
 changeFTLsetting() {
@@ -84,7 +84,7 @@ add_dnsmasq_setting() {
 }
 
 delete_dnsmasq_setting() {
-    sed -i "/${1}/d" "${dnsmasqconfig}"
+    sed -i "/^${1}/d" "${dnsmasqconfig}"
 }
 
 SetTemperatureUnit() {
@@ -267,6 +267,8 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423
         delete_setting "CONDITIONAL_FORWARDING_IP"
     fi
 
+    delete_dnsmasq_setting "rev-server"
+
     if [[ "${REV_SERVER}" == true ]]; then
         add_dnsmasq_setting "rev-server=${REV_SERVER_CIDR},${REV_SERVER_TARGET}"
         # Forward unqualified names to the CF target

From 839a70cc3796731b075cb436f8fc400d71a90ad5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Fri, 27 Aug 2021 19:16:15 +0200
Subject: [PATCH 275/297] Add sudo to apt-get recommendation
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 automated install/basic-install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 5eda20ea..54397198 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -1578,7 +1578,7 @@ update_package_cache() {
     else
         # Otherwise, show an error and exit
         printf "%b  %b %s\\n" "${OVER}" "${CROSS}" "${str}"
-        printf "  %bError: Unable to update package cache. Please try \"%s\"%b" "${COL_LIGHT_RED}" "${UPDATE_PKG_CACHE}" "${COL_NC}"
+        printf "  %bError: Unable to update package cache. Please try \"%s\"%b" "${COL_LIGHT_RED}" "sudo ${UPDATE_PKG_CACHE}" "${COL_NC}"
         return 1
     fi
 }

From 31c7c019cb3c0678eeac4935cf770d7919587398 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Mon, 30 Aug 2021 14:04:48 +0200
Subject: [PATCH 276/297] Fix piping to pihole tricorder

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 pihole | 27 ++++-----------------------
 1 file changed, 4 insertions(+), 23 deletions(-)

diff --git a/pihole b/pihole
index e8fa9317..1fba6f4d 100755
--- a/pihole
+++ b/pihole
@@ -404,29 +404,10 @@ tricorderFunc() {
     exit 1
   fi
 
-  if ! (echo > /dev/tcp/tricorder.pi-hole.net/9998) >/dev/null 2>&1; then
-    echo -e "  ${CROSS} Unable to connect to Pi-hole's Tricorder server"
-    exit 1
-  fi
-
-  if command -v openssl &> /dev/null; then
-    openssl s_client -quiet -connect tricorder.pi-hole.net:9998 2> /dev/null < /dev/stdin
-    exit "$?"
-  else
-    echo -e "  ${INFO} ${COL_YELLOW}Security Notice${COL_NC}: ${COL_WHITE}openssl${COL_NC} is not installed
-       Your debug log will be transmitted unencrypted via plain-text
-       There is a possibility that this could be intercepted by a third party
-       If you wish to cancel, press Ctrl-C to exit within 10 seconds"
-    secs="10"
-    while [[ "$secs" -gt "0" ]]; do
-       echo -ne "."
-       sleep 1
-       : $((secs--))
-    done
-    echo " "
-    nc tricorder.pi-hole.net 9999 < /dev/stdin
-    exit "$?"
-  fi
+  curl --upload-file "-" https://tricorder.pi-hole.net/upload < /dev/stdin
+  ret=$?
+  echo ""
+  exit $ret
 }
 
 updateCheckFunc() {

From 21897d7fbd1b7b9d2e3bab3fa94c29fd63625367 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Mon, 30 Aug 2021 15:55:42 +0200
Subject: [PATCH 277/297] Add warning if curl failed

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/piholeDebug.sh |  1 -
 pihole                          | 12 ++++++++----
 2 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 26ef61fa..4e2a1ca8 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -1336,7 +1336,6 @@ curl_to_tricorder() {
     # transmit he log via TLS and store the token returned in a variable
     tricorder_token=$(curl --silent --upload-file ${PIHOLE_DEBUG_LOG} https://tricorder.pi-hole.net)
     if [ -z "${tricorder_token}" ]; then
-        # curl failed, fallback to nc
         log_write "    * ${COL_GREEN}curl${COL_NC} failed, contact Pi-hole support for assistance."
     fi
 }
diff --git a/pihole b/pihole
index 1fba6f4d..e7a6978b 100755
--- a/pihole
+++ b/pihole
@@ -399,15 +399,19 @@ Branches:
 }
 
 tricorderFunc() {
+  local tricorder_token
   if [[ ! -p "/dev/stdin" ]]; then
     echo -e "  ${INFO} Please do not call Tricorder directly"
     exit 1
   fi
 
-  curl --upload-file "-" https://tricorder.pi-hole.net/upload < /dev/stdin
-  ret=$?
-  echo ""
-  exit $ret
+  tricorder_token="$(curl --silent --upload-file "-" https://tricorder.pi-hole.net/upload < /dev/stdin)"
+  if [ -z "${tricorder_token}" ]; then
+        echo -e "${CROSS} uploading failed failed, contact Pi-hole support for assistance."
+        exit 1
+  fi
+  echo "Upload successful, your token is: ${COL_BLUE}${tricorder_token}${COL_NC}"
+  exit 0
 }
 
 updateCheckFunc() {

From 115e3eeda9098e3d3499dfcedf6154b8ce77c78b Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Mon, 30 Aug 2021 20:20:45 +0200
Subject: [PATCH 278/297] Use --no-progress-meter instead of --silent so error
 reasons are printed

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 pihole | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pihole b/pihole
index e7a6978b..7b1d5404 100755
--- a/pihole
+++ b/pihole
@@ -405,9 +405,9 @@ tricorderFunc() {
     exit 1
   fi
 
-  tricorder_token="$(curl --silent --upload-file "-" https://tricorder.pi-hole.net/upload < /dev/stdin)"
+  tricorder_token="$(curl --no-progress-meter --upload-file "-" https://tricorder.pi-hole.net/upload < /dev/stdin)"
   if [ -z "${tricorder_token}" ]; then
-        echo -e "${CROSS} uploading failed failed, contact Pi-hole support for assistance."
+        echo -e "${CROSS} uploading failed, contact Pi-hole support for assistance."
         exit 1
   fi
   echo "Upload successful, your token is: ${COL_BLUE}${tricorder_token}${COL_NC}"

From b241a19e8727c75e01c883136eb367d0550c9555 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Mon, 30 Aug 2021 21:19:47 +0200
Subject: [PATCH 279/297] Use --no-progress-meter instead of --silent so error
 reasons are printed

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/piholeDebug.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 4e2a1ca8..5113615d 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -1334,7 +1334,7 @@ curl_to_tricorder() {
     # Users can submit their debug logs using curl (encrypted)
     log_write "    * Using ${COL_GREEN}curl${COL_NC} for transmission."
     # transmit he log via TLS and store the token returned in a variable
-    tricorder_token=$(curl --silent --upload-file ${PIHOLE_DEBUG_LOG} https://tricorder.pi-hole.net)
+    tricorder_token="$(curl --no-progress-meter --upload-file ${PIHOLE_DEBUG_LOG} https://tricorder.pi-hole.net)"
     if [ -z "${tricorder_token}" ]; then
         log_write "    * ${COL_GREEN}curl${COL_NC} failed, contact Pi-hole support for assistance."
     fi

From 6fec4acd827132936e27a5c2e20f3367ee9010a9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Sun, 5 Sep 2021 20:44:39 +0200
Subject: [PATCH 280/297] Add content of /etc/resolv.conf to debug output
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 advanced/Scripts/piholeDebug.sh | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 4e2a1ca8..ab4b1515 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -73,6 +73,7 @@ HTML_DIRECTORY="/var/www/html"
 WEB_GIT_DIRECTORY="${HTML_DIRECTORY}/admin"
 #BLOCK_PAGE_DIRECTORY="${HTML_DIRECTORY}/pihole"
 SHM_DIRECTORY="/dev/shm"
+ETC="/etc"
 
 # Files required by Pi-hole
 # https://discourse.pi-hole.net/t/what-files-does-pi-hole-use/1684
@@ -136,6 +137,8 @@ PIHOLE_FTL_LOG="$(get_ftl_conf_value "LOGFILE" "${LOG_DIRECTORY}/pihole-FTL.log"
 PIHOLE_WEB_SERVER_ACCESS_LOG_FILE="${WEB_SERVER_LOG_DIRECTORY}/access.log"
 PIHOLE_WEB_SERVER_ERROR_LOG_FILE="${WEB_SERVER_LOG_DIRECTORY}/error.log"
 
+RESOLVCONF="${ETC}/resolv.conf"
+
 # An array of operating system "pretty names" that we officially support
 # We can loop through the array at any time to see if it matches a value
 #SUPPORTED_OS=("Raspbian" "Ubuntu" "Fedora" "Debian" "CentOS")
@@ -180,7 +183,8 @@ REQUIRED_FILES=("${PIHOLE_CRON_FILE}"
 "${PIHOLE_DEBUG_LOG}"
 "${PIHOLE_FTL_LOG}"
 "${PIHOLE_WEB_SERVER_ACCESS_LOG_FILE}"
-"${PIHOLE_WEB_SERVER_ERROR_LOG_FILE}")
+"${PIHOLE_WEB_SERVER_ERROR_LOG_FILE}"
+"${RESOLVCONF}")
 
 DISCLAIMER="This process collects information from your Pi-hole, and optionally uploads it to a unique and random directory on tricorder.pi-hole.net.
 
@@ -1118,6 +1122,7 @@ show_content_of_pihole_files() {
     show_content_of_files_in_dir "${WEB_SERVER_LOG_DIRECTORY}"
     show_content_of_files_in_dir "${LOG_DIRECTORY}"
     show_content_of_files_in_dir "${SHM_DIRECTORY}"
+    show_content_of_files_in_dir "${ETC}"
 }
 
 head_tail_log() {

From 69411555721afb713defacb33d626ecd845f8b1e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Mon, 6 Sep 2021 17:16:36 +0200
Subject: [PATCH 281/297] Add content of /etc/dnsmasq.conf to debug output
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 advanced/Scripts/piholeDebug.sh | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index ab4b1515..a12a79b3 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -138,6 +138,7 @@ PIHOLE_WEB_SERVER_ACCESS_LOG_FILE="${WEB_SERVER_LOG_DIRECTORY}/access.log"
 PIHOLE_WEB_SERVER_ERROR_LOG_FILE="${WEB_SERVER_LOG_DIRECTORY}/error.log"
 
 RESOLVCONF="${ETC}/resolv.conf"
+DNSMASQ_CONF="${ETC}/dnsmasq.conf"
 
 # An array of operating system "pretty names" that we officially support
 # We can loop through the array at any time to see if it matches a value
@@ -184,7 +185,8 @@ REQUIRED_FILES=("${PIHOLE_CRON_FILE}"
 "${PIHOLE_FTL_LOG}"
 "${PIHOLE_WEB_SERVER_ACCESS_LOG_FILE}"
 "${PIHOLE_WEB_SERVER_ERROR_LOG_FILE}"
-"${RESOLVCONF}")
+"${RESOLVCONF}"
+"${DNSMASQ_CONF}")
 
 DISCLAIMER="This process collects information from your Pi-hole, and optionally uploads it to a unique and random directory on tricorder.pi-hole.net.
 

From a1ee7d92a9b2c3535b228d7af88990a0bd84250c Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Mon, 6 Sep 2021 22:38:16 +0200
Subject: [PATCH 282/297] Add possibly missing capabilities

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Templates/pihole-FTL.service | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/advanced/Templates/pihole-FTL.service b/advanced/Templates/pihole-FTL.service
index 88f50539..0f96c8bd 100644
--- a/advanced/Templates/pihole-FTL.service
+++ b/advanced/Templates/pihole-FTL.service
@@ -40,7 +40,7 @@ start() {
     chmod 0644 /etc/pihole/macvendor.db
     # Chown database files to the user FTL runs as. We ignore errors as the files may not (yet) exist
     chown pihole:pihole /etc/pihole/pihole-FTL.db /etc/pihole/gravity.db /etc/pihole/macvendor.db 2> /dev/null
-    if setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN,CAP_SYS_NICE+eip "$(which pihole-FTL)"; then
+    if setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN,CAP_SYS_NICE,CAP_IPC_LOCK,CAP_CHOWN+eip "$(which pihole-FTL)"; then
       su -s /bin/sh -c "/usr/bin/pihole-FTL" "$FTLUSER"
     else
       echo "Warning: Starting pihole-FTL as root because setting capabilities is not supported on this system"

From 606b05eec19da6e076179e80174178ef79f084fa Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Tue, 7 Sep 2021 11:13:09 +0200
Subject: [PATCH 283/297] Ensure curl is either storing a valid token or a
 meaningful error message

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/piholeDebug.sh | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 5113615d..6172dae2 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -1334,9 +1334,14 @@ curl_to_tricorder() {
     # Users can submit their debug logs using curl (encrypted)
     log_write "    * Using ${COL_GREEN}curl${COL_NC} for transmission."
     # transmit he log via TLS and store the token returned in a variable
-    tricorder_token="$(curl --no-progress-meter --upload-file ${PIHOLE_DEBUG_LOG} https://tricorder.pi-hole.net)"
-    if [ -z "${tricorder_token}" ]; then
+    tricorder_token=$(curl --silent --fail --show-error --upload-file ${PIHOLE_DEBUG_LOG} https://tricorder.pi-hole.net 2>&1)
+    if [[ "${tricorder_token}" != "https://tricorder.pi-hole.net/"* ]]; then
         log_write "    * ${COL_GREEN}curl${COL_NC} failed, contact Pi-hole support for assistance."
+        # Log curl error (if available)
+        if [ ! -z "${tricorder_token}" ]; then
+            log_write "    * Error message: ${COL_RED}${tricorder_token}${COL_NC}\\n"
+            tricorder_token=""
+        fi
     fi
 }
 

From be68a5339ceb3e5d522f469fe2c71eb3678d57ed Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Tue, 7 Sep 2021 11:15:36 +0200
Subject: [PATCH 284/297] Apply same improvement to pihole tricorder feature

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/piholeDebug.sh |  2 +-
 pihole                          | 15 ++++++++++-----
 2 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 6172dae2..02e253a9 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -1333,7 +1333,7 @@ analyze_pihole_log() {
 curl_to_tricorder() {
     # Users can submit their debug logs using curl (encrypted)
     log_write "    * Using ${COL_GREEN}curl${COL_NC} for transmission."
-    # transmit he log via TLS and store the token returned in a variable
+    # transmit the log via TLS and store the token returned in a variable
     tricorder_token=$(curl --silent --fail --show-error --upload-file ${PIHOLE_DEBUG_LOG} https://tricorder.pi-hole.net 2>&1)
     if [[ "${tricorder_token}" != "https://tricorder.pi-hole.net/"* ]]; then
         log_write "    * ${COL_GREEN}curl${COL_NC} failed, contact Pi-hole support for assistance."
diff --git a/pihole b/pihole
index 7b1d5404..b30f6052 100755
--- a/pihole
+++ b/pihole
@@ -405,12 +405,17 @@ tricorderFunc() {
     exit 1
   fi
 
-  tricorder_token="$(curl --no-progress-meter --upload-file "-" https://tricorder.pi-hole.net/upload < /dev/stdin)"
-  if [ -z "${tricorder_token}" ]; then
-        echo -e "${CROSS} uploading failed, contact Pi-hole support for assistance."
-        exit 1
+  tricorder_token=$(curl --silent --fail --show-error --upload-file "-" https://tricorder.pi-hole.net/upload < /dev/stdin 2>&1)
+  if [[ "${tricorder_token}" != "https://tricorder.pi-hole.net/"* ]]; then
+      echo -e "${CROSS} uploading failed, contact Pi-hole support for assistance."
+      # Log curl error (if available)
+      if [ ! -z "${tricorder_token}" ]; then
+          echo -e "${INFO} Error message: ${COL_RED}${tricorder_token}${COL_NC}\\n"
+          tricorder_token=""
+      fi
+      exit 1
   fi
-  echo "Upload successful, your token is: ${COL_BLUE}${tricorder_token}${COL_NC}"
+  echo "Upload successful, your token is: ${COL_GREEN}${tricorder_token}${COL_NC}"
   exit 0
 }
 

From cbc99d45c6a2ec243dc2e31e80d1681bd4b8e889 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Tue, 7 Sep 2021 11:20:42 +0200
Subject: [PATCH 285/297] Small style change to finished debug upload display

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/piholeDebug.sh | 15 +++++++--------
 pihole                          |  2 +-
 2 files changed, 8 insertions(+), 9 deletions(-)

diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index 02e253a9..e2dba54a 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -1338,7 +1338,7 @@ curl_to_tricorder() {
     if [[ "${tricorder_token}" != "https://tricorder.pi-hole.net/"* ]]; then
         log_write "    * ${COL_GREEN}curl${COL_NC} failed, contact Pi-hole support for assistance."
         # Log curl error (if available)
-        if [ ! -z "${tricorder_token}" ]; then
+        if [ -n "${tricorder_token}" ]; then
             log_write "    * Error message: ${COL_RED}${tricorder_token}${COL_NC}\\n"
             tricorder_token=""
         fi
@@ -1386,15 +1386,14 @@ upload_to_tricorder() {
         # Again, try to make this visually striking so the user realizes they need to do something with this information
         # Namely, provide the Pi-hole devs with the token
         log_write ""
-        log_write "${COL_PURPLE}***********************************${COL_NC}"
-        log_write "${COL_PURPLE}***********************************${COL_NC}"
+        log_write "${COL_PURPLE}*****************************************************************${COL_NC}"
+        log_write "${COL_PURPLE}*****************************************************************${COL_NC}\\n"
         log_write "${TICK} Your debug token is: ${COL_GREEN}${tricorder_token}${COL_NC}"
-        log_write "${INFO}${COL_RED} Logs are deleted 48 hours after upload.${COL_NC}"
-        log_write "${COL_PURPLE}***********************************${COL_NC}"
-        log_write "${COL_PURPLE}***********************************${COL_NC}"
+        log_write "${INFO}${COL_RED} Logs are deleted 48 hours after upload.${COL_NC}\\n"
+        log_write "${COL_PURPLE}*****************************************************************${COL_NC}"
+        log_write "${COL_PURPLE}*****************************************************************${COL_NC}"
         log_write ""
-        log_write "   * Provide the token above to the Pi-hole team for assistance at"
-        log_write "   * ${FORUMS_URL}"
+        log_write "   * Provide the token above to the Pi-hole team for assistance at ${FORUMS_URL}"
 
     # If no token was generated
     else
diff --git a/pihole b/pihole
index b30f6052..31356671 100755
--- a/pihole
+++ b/pihole
@@ -409,7 +409,7 @@ tricorderFunc() {
   if [[ "${tricorder_token}" != "https://tricorder.pi-hole.net/"* ]]; then
       echo -e "${CROSS} uploading failed, contact Pi-hole support for assistance."
       # Log curl error (if available)
-      if [ ! -z "${tricorder_token}" ]; then
+      if [ -n "${tricorder_token}" ]; then
           echo -e "${INFO} Error message: ${COL_RED}${tricorder_token}${COL_NC}\\n"
           tricorder_token=""
       fi

From d0e8b0c962bde2d538baa2f59111677176c04d55 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Thu, 9 Sep 2021 20:28:33 +0200
Subject: [PATCH 286/297] Forward unqualified names to the CF target only when
 the "Never forward non-FQDN" option is NOT ticked

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Scripts/webpage.sh | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index fa2c044d..52c388f8 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -271,12 +271,17 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423
 
     if [[ "${REV_SERVER}" == true ]]; then
         add_dnsmasq_setting "rev-server=${REV_SERVER_CIDR},${REV_SERVER_TARGET}"
-        # Forward unqualified names to the CF target
-        add_dnsmasq_setting "server=//${REV_SERVER_TARGET}"
         if [ -n "${REV_SERVER_DOMAIN}" ]; then
             # Forward local domain names to the CF target, too
             add_dnsmasq_setting "server=/${REV_SERVER_DOMAIN}/${REV_SERVER_TARGET}"
         fi
+
+        if [[ "${DNS_FQDN_REQUIRED}" != true ]]; then
+            # Forward unqualified names to the CF target only when the "never
+            # forward non-FQDN" option is unticked
+            add_dnsmasq_setting "server=//${REV_SERVER_TARGET}"
+        fi
+
     fi
 
     # We need to process DHCP settings here as well to account for possible

From 343904522816623d420c761c103a8fea17292ae5 Mon Sep 17 00:00:00 2001
From: jpgpi250 <jpgpi250@gmail.com>
Date: Sun, 12 Sep 2021 18:24:15 +0200
Subject: [PATCH 287/297] fix Pi-hole v5.4 update - syntax error #4322

Signed-off-by: jpgpi250 <jpgpi250@gmail.com>
---
 gravity.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/gravity.sh b/gravity.sh
index ff02e9f3..99d1bcda 100755
--- a/gravity.sh
+++ b/gravity.sh
@@ -122,7 +122,7 @@ gravity_swap_databases() {
   gravityBlocks=$(stat --format "%b" ${gravityDBfile})
   # Only keep the old database if available disk space is at least twice the size of the existing gravity.db.
   # Better be safe than sorry...
-  if [ "${availableBlocks}" -gt "$(("${gravityBlocks}" * 2))" ] && [ -f "${gravityDBfile}" ]; then
+  if [ "${availableBlocks}" -gt "$((gravityBlocks * 2))" ] && [ -f "${gravityDBfile}" ]; then
     echo -e "  ${TICK} The old database remains available."
     mv "${gravityDBfile}" "${gravityOLDfile}"
   else

From 6d670991c371478c66cc929109c93edede3ece71 Mon Sep 17 00:00:00 2001
From: yubiuser <ckoenig@posteo.de>
Date: Sun, 12 Sep 2021 22:38:55 +0200
Subject: [PATCH 288/297] Perform a check of required packages befor updating
 pihole (#4326)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 advanced/Scripts/update.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/advanced/Scripts/update.sh b/advanced/Scripts/update.sh
index f833fc2f..dae04861 100755
--- a/advanced/Scripts/update.sh
+++ b/advanced/Scripts/update.sh
@@ -95,6 +95,10 @@ main() {
     # shellcheck disable=1090,2154
     source "${setupVars}"
 
+    # Install packages used by this installation script (necessary if users have removed e.g. git from their systems)
+    package_manager_detect
+    install_dependent_packages "${INSTALLER_DEPS[@]}"
+
     # This is unlikely
     if ! is_repo "${PI_HOLE_FILES_DIR}" ; then
         echo -e "\\n  ${COL_LIGHT_RED}Error: Core Pi-hole repo is missing from system!"

From 1c286c7bc4458a10af65b88778724b96f9a96c57 Mon Sep 17 00:00:00 2001
From: yubiuser <ckoenig@posteo.de>
Date: Sun, 12 Sep 2021 22:40:37 +0200
Subject: [PATCH 289/297] Select proper PHP version on RPM based OS after
 INSTALLER_DEPS have been installed (#4325)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* Select proper PHP version on RPM based OS after INSTALLER_DEPS have been installed

* Remove check for unsupported RPM distros as it is checked in os_check already

* Add select_rpm_php function to tox tests

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 automated install/basic-install.sh | 172 +++++++++++++++--------------
 test/test_automated_install.py     |   2 +
 test/test_centos_7_support.py      |   3 +
 test/test_centos_8_support.py      |   3 +
 test/test_centos_common_support.py |   5 +
 test/test_fedora_support.py        |   1 +
 6 files changed, 103 insertions(+), 83 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 34c0b4e7..697dd2e4 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -379,89 +379,6 @@ elif is_command rpm ; then
     LIGHTTPD_USER="lighttpd"
     LIGHTTPD_GROUP="lighttpd"
     LIGHTTPD_CFG="lighttpd.conf.fedora"
-    # If the host OS is Fedora,
-    if grep -qiE 'fedora|fedberry' /etc/redhat-release; then
-        # all required packages should be available by default with the latest fedora release
-        : # continue
-    # or if host OS is CentOS,
-    elif grep -qiE 'centos|scientific' /etc/redhat-release; then
-        # Pi-Hole currently supports CentOS 7+ with PHP7+
-        SUPPORTED_CENTOS_VERSION=7
-        SUPPORTED_CENTOS_PHP_VERSION=7
-        # Check current CentOS major release version
-        CURRENT_CENTOS_VERSION=$(grep -oP '(?<= )[0-9]+(?=\.?)' /etc/redhat-release)
-        # Check if CentOS version is supported
-        if [[ $CURRENT_CENTOS_VERSION -lt $SUPPORTED_CENTOS_VERSION ]]; then
-            printf "  %b CentOS %s is not supported.\\n" "${CROSS}" "${CURRENT_CENTOS_VERSION}"
-            printf "      Please update to CentOS release %s or later.\\n" "${SUPPORTED_CENTOS_VERSION}"
-            # exit the installer
-            exit
-        fi
-        # php-json is not required on CentOS 7 as it is already compiled into php
-        # verifiy via `php -m | grep json`
-        if [[ $CURRENT_CENTOS_VERSION -eq 7 ]]; then
-            # create a temporary array as arrays are not designed for use as mutable data structures
-            CENTOS7_PIHOLE_WEB_DEPS=()
-            for i in "${!PIHOLE_WEB_DEPS[@]}"; do
-                if [[ ${PIHOLE_WEB_DEPS[i]} != "php-json" ]]; then
-                    CENTOS7_PIHOLE_WEB_DEPS+=( "${PIHOLE_WEB_DEPS[i]}" )
-                fi
-            done
-            # re-assign the clean dependency array back to PIHOLE_WEB_DEPS
-            PIHOLE_WEB_DEPS=("${CENTOS7_PIHOLE_WEB_DEPS[@]}")
-            unset CENTOS7_PIHOLE_WEB_DEPS
-        fi
-        # CentOS requires the EPEL repository to gain access to Fedora packages
-        EPEL_PKG="epel-release"
-        rpm -q ${EPEL_PKG} &> /dev/null || rc=$?
-        if [[ $rc -ne 0 ]]; then
-            printf "  %b Enabling EPEL package repository (https://fedoraproject.org/wiki/EPEL)\\n" "${INFO}"
-            "${PKG_INSTALL[@]}" ${EPEL_PKG} &> /dev/null
-            printf "  %b Installed %s\\n" "${TICK}" "${EPEL_PKG}"
-        fi
-
-        # The default php on CentOS 7.x is 5.4 which is EOL
-        # Check if the version of PHP available via installed repositories is >= to PHP 7
-        AVAILABLE_PHP_VERSION=$("${PKG_MANAGER}" info php | grep -i version | grep -o '[0-9]\+' | head -1)
-        if [[ $AVAILABLE_PHP_VERSION -ge $SUPPORTED_CENTOS_PHP_VERSION ]]; then
-            # Since PHP 7 is available by default, install via default PHP package names
-            : # do nothing as PHP is current
-        else
-            REMI_PKG="remi-release"
-            REMI_REPO="remi-php72"
-            rpm -q ${REMI_PKG} &> /dev/null || rc=$?
-        if [[ $rc -ne 0 ]]; then
-            # The PHP version available via default repositories is older than version 7
-            if ! whiptail --defaultno --title "PHP 7 Update (recommended)" --yesno "PHP 7.x is recommended for both security and language features.\\nWould you like to install PHP7 via Remi's RPM repository?\\n\\nSee: https://rpms.remirepo.net for more information" "${r}" "${c}"; then
-                # User decided to NOT update PHP from REMI, attempt to install the default available PHP version
-                printf "  %b User opt-out of PHP 7 upgrade on CentOS. Deprecated PHP may be in use.\\n" "${INFO}"
-                : # continue with unsupported php version
-            else
-                printf "  %b Enabling Remi's RPM repository (https://rpms.remirepo.net)\\n" "${INFO}"
-                "${PKG_INSTALL[@]}" "https://rpms.remirepo.net/enterprise/${REMI_PKG}-$(rpm -E '%{rhel}').rpm" &> /dev/null
-                # enable the PHP 7 repository via yum-config-manager (provided by yum-utils)
-                "${PKG_INSTALL[@]}" "yum-utils" &> /dev/null
-                yum-config-manager --enable ${REMI_REPO} &> /dev/null
-                printf "  %b Remi's RPM repository has been enabled for PHP7\\n" "${TICK}"
-                # trigger an install/update of PHP to ensure previous version of PHP is updated from REMI
-                if "${PKG_INSTALL[@]}" "php-cli" &> /dev/null; then
-                    printf "  %b PHP7 installed/updated via Remi's RPM repository\\n" "${TICK}"
-                else
-                    printf "  %b There was a problem updating to PHP7 via Remi's RPM repository\\n" "${CROSS}"
-                    exit 1
-                fi
-            fi
-        fi
-    fi
-    else
-        # Warn user of unsupported version of Fedora or CentOS
-        if ! whiptail --defaultno --title "Unsupported RPM based distribution" --yesno "Would you like to continue installation on an unsupported RPM based distribution?\\n\\nPlease ensure the following packages have been installed manually:\\n\\n- lighttpd\\n- lighttpd-fastcgi\\n- PHP version 7+" "${r}" "${c}"; then
-            printf "  %b Aborting installation due to unsupported RPM based distribution\\n" "${CROSS}"
-            exit
-        else
-            printf "  %b Continuing installation with unsupported RPM based distribution\\n" "${INFO}"
-        fi
-    fi
 
 # If neither apt-get or yum/dnf package managers were found
 else
@@ -472,6 +389,90 @@ else
 fi
 }
 
+select_rpm_php(){
+# If the host OS is Fedora,
+if grep -qiE 'fedora|fedberry' /etc/redhat-release; then
+    # all required packages should be available by default with the latest fedora release
+    : # continue
+# or if host OS is CentOS,
+elif grep -qiE 'centos|scientific' /etc/redhat-release; then
+    # Pi-Hole currently supports CentOS 7+ with PHP7+
+    SUPPORTED_CENTOS_VERSION=7
+    SUPPORTED_CENTOS_PHP_VERSION=7
+    # Check current CentOS major release version
+    CURRENT_CENTOS_VERSION=$(grep -oP '(?<= )[0-9]+(?=\.?)' /etc/redhat-release)
+    # Check if CentOS version is supported
+    if [[ $CURRENT_CENTOS_VERSION -lt $SUPPORTED_CENTOS_VERSION ]]; then
+        printf "  %b CentOS %s is not supported.\\n" "${CROSS}" "${CURRENT_CENTOS_VERSION}"
+        printf "      Please update to CentOS release %s or later.\\n" "${SUPPORTED_CENTOS_VERSION}"
+        # exit the installer
+        exit
+    fi
+    # php-json is not required on CentOS 7 as it is already compiled into php
+    # verifiy via `php -m | grep json`
+    if [[ $CURRENT_CENTOS_VERSION -eq 7 ]]; then
+        # create a temporary array as arrays are not designed for use as mutable data structures
+        CENTOS7_PIHOLE_WEB_DEPS=()
+        for i in "${!PIHOLE_WEB_DEPS[@]}"; do
+            if [[ ${PIHOLE_WEB_DEPS[i]} != "php-json" ]]; then
+                CENTOS7_PIHOLE_WEB_DEPS+=( "${PIHOLE_WEB_DEPS[i]}" )
+            fi
+        done
+        # re-assign the clean dependency array back to PIHOLE_WEB_DEPS
+        PIHOLE_WEB_DEPS=("${CENTOS7_PIHOLE_WEB_DEPS[@]}")
+        unset CENTOS7_PIHOLE_WEB_DEPS
+    fi
+    # CentOS requires the EPEL repository to gain access to Fedora packages
+    EPEL_PKG="epel-release"
+    rpm -q ${EPEL_PKG} &> /dev/null || rc=$?
+    if [[ $rc -ne 0 ]]; then
+        printf "  %b Enabling EPEL package repository (https://fedoraproject.org/wiki/EPEL)\\n" "${INFO}"
+        "${PKG_INSTALL[@]}" ${EPEL_PKG} &> /dev/null
+        printf "  %b Installed %s\\n" "${TICK}" "${EPEL_PKG}"
+    fi
+
+    # The default php on CentOS 7.x is 5.4 which is EOL
+    # Check if the version of PHP available via installed repositories is >= to PHP 7
+    AVAILABLE_PHP_VERSION=$("${PKG_MANAGER}" info php | grep -i version | grep -o '[0-9]\+' | head -1)
+    if [[ $AVAILABLE_PHP_VERSION -ge $SUPPORTED_CENTOS_PHP_VERSION ]]; then
+        # Since PHP 7 is available by default, install via default PHP package names
+        : # do nothing as PHP is current
+    else
+        REMI_PKG="remi-release"
+        REMI_REPO="remi-php72"
+        rpm -q ${REMI_PKG} &> /dev/null || rc=$?
+    if [[ $rc -ne 0 ]]; then
+        # The PHP version available via default repositories is older than version 7
+        if ! whiptail --defaultno --title "PHP 7 Update (recommended)" --yesno "PHP 7.x is recommended for both security and language features.\\nWould you like to install PHP7 via Remi's RPM repository?\\n\\nSee: https://rpms.remirepo.net for more information" "${r}" "${c}"; then
+            # User decided to NOT update PHP from REMI, attempt to install the default available PHP version
+            printf "  %b User opt-out of PHP 7 upgrade on CentOS. Deprecated PHP may be in use.\\n" "${INFO}"
+            : # continue with unsupported php version
+        else
+            printf "  %b Enabling Remi's RPM repository (https://rpms.remirepo.net)\\n" "${INFO}"
+            "${PKG_INSTALL[@]}" "https://rpms.remirepo.net/enterprise/${REMI_PKG}-$(rpm -E '%{rhel}').rpm" &> /dev/null
+            # enable the PHP 7 repository via yum-config-manager (provided by yum-utils)
+            "${PKG_INSTALL[@]}" "yum-utils" &> /dev/null
+            yum-config-manager --enable ${REMI_REPO} &> /dev/null
+            printf "  %b Remi's RPM repository has been enabled for PHP7\\n" "${TICK}"
+            # trigger an install/update of PHP to ensure previous version of PHP is updated from REMI
+            if "${PKG_INSTALL[@]}" "php-cli" &> /dev/null; then
+                printf "  %b PHP7 installed/updated via Remi's RPM repository\\n" "${TICK}"
+            else
+                printf "  %b There was a problem updating to PHP7 via Remi's RPM repository\\n" "${CROSS}"
+                exit 1
+            fi
+        fi
+    fi    # Warn user of unsupported version of Fedora or CentOS
+    if ! whiptail --defaultno --title "Unsupported RPM based distribution" --yesno "Would you like to continue installation on an unsupported RPM based distribution?\\n\\nPlease ensure the following packages have been installed manually:\\n\\n- lighttpd\\n- lighttpd-fastcgi\\n- PHP version 7+" "${r}" "${c}"; then
+        printf "  %b Aborting installation due to unsupported RPM based distribution\\n" "${CROSS}"
+        exit
+    else
+        printf "  %b Continuing installation with unsupported RPM based distribution\\n" "${INFO}"
+    fi
+fi
+fi
+}
+
 # A function for checking if a directory is a git repository
 is_repo() {
     # Use a named, local variable instead of the vague $1, which is the first argument passed to this function
@@ -2547,6 +2548,11 @@ main() {
     printf "  %b Checking for / installing Required dependencies for this install script...\\n" "${INFO}"
     install_dependent_packages "${INSTALLER_DEPS[@]}"
 
+    #In case of RPM based distro, select the proper PHP version
+    if [[ "$PKG_MANAGER" == "yum" || "$PKG_MANAGER" == "dnf" ]] ; then
+      select_rpm_php
+    fi
+
     # Check if SELinux is Enforcing
     checkSelinux
 
diff --git a/test/test_automated_install.py b/test/test_automated_install.py
index 593c19d2..9938dd99 100644
--- a/test/test_automated_install.py
+++ b/test/test_automated_install.py
@@ -618,6 +618,7 @@ def test_package_manager_has_pihole_deps(Pihole):
     output = Pihole.run('''
     source /opt/pihole/basic-install.sh
     package_manager_detect
+    select_rpm_php
     install_dependent_packages ${PIHOLE_DEPS[@]}
     ''')
 
@@ -631,6 +632,7 @@ def test_package_manager_has_web_deps(Pihole):
     output = Pihole.run('''
     source /opt/pihole/basic-install.sh
     package_manager_detect
+    select_rpm_php
     install_dependent_packages ${PIHOLE_WEB_DEPS[@]}
     ''')
 
diff --git a/test/test_centos_7_support.py b/test/test_centos_7_support.py
index ed99231a..14f62637 100644
--- a/test/test_centos_7_support.py
+++ b/test/test_centos_7_support.py
@@ -12,6 +12,7 @@ def test_php_upgrade_default_optout_centos_eq_7(Pihole):
     package_manager_detect = Pihole.run('''
     source /opt/pihole/basic-install.sh
     package_manager_detect
+    select_rpm_php
     ''')
     expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
                                   'Deprecated PHP may be in use.')
@@ -30,6 +31,7 @@ def test_php_upgrade_user_optout_centos_eq_7(Pihole):
     package_manager_detect = Pihole.run('''
     source /opt/pihole/basic-install.sh
     package_manager_detect
+    select_rpm_php
     ''')
     expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
                                   'Deprecated PHP may be in use.')
@@ -48,6 +50,7 @@ def test_php_upgrade_user_optin_centos_eq_7(Pihole):
     package_manager_detect = Pihole.run('''
     source /opt/pihole/basic-install.sh
     package_manager_detect
+    select_rpm_php
     ''')
     assert 'opt-out' not in package_manager_detect.stdout
     expected_stdout = info_box + (' Enabling Remi\'s RPM repository '
diff --git a/test/test_centos_8_support.py b/test/test_centos_8_support.py
index b8ad9607..bbdbb765 100644
--- a/test/test_centos_8_support.py
+++ b/test/test_centos_8_support.py
@@ -13,6 +13,7 @@ def test_php_upgrade_default_continue_centos_gte_8(Pihole):
     package_manager_detect = Pihole.run('''
     source /opt/pihole/basic-install.sh
     package_manager_detect
+    select_rpm_php
     ''')
     unexpected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS.'
                                     ' Deprecated PHP may be in use.')
@@ -33,6 +34,7 @@ def test_php_upgrade_user_optout_skipped_centos_gte_8(Pihole):
     package_manager_detect = Pihole.run('''
     source /opt/pihole/basic-install.sh
     package_manager_detect
+    select_rpm_php
     ''')
     unexpected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS.'
                                     ' Deprecated PHP may be in use.')
@@ -53,6 +55,7 @@ def test_php_upgrade_user_optin_skipped_centos_gte_8(Pihole):
     package_manager_detect = Pihole.run('''
     source /opt/pihole/basic-install.sh
     package_manager_detect
+    select_rpm_php
     ''')
     assert 'opt-out' not in package_manager_detect.stdout
     unexpected_stdout = info_box + (' Enabling Remi\'s RPM repository '
diff --git a/test/test_centos_common_support.py b/test/test_centos_common_support.py
index 8412173d..0b36cbae 100644
--- a/test/test_centos_common_support.py
+++ b/test/test_centos_common_support.py
@@ -16,6 +16,7 @@ def test_release_supported_version_check_centos(Pihole):
     package_manager_detect = Pihole.run('''
     source /opt/pihole/basic-install.sh
     package_manager_detect
+    select_rpm_php
     ''')
     expected_stdout = cross_box + (' CentOS 6 is not supported.')
     assert expected_stdout in package_manager_detect.stdout
@@ -30,6 +31,7 @@ def test_enable_epel_repository_centos(Pihole):
     package_manager_detect = Pihole.run('''
     source /opt/pihole/basic-install.sh
     package_manager_detect
+    select_rpm_php
     ''')
     expected_stdout = info_box + (' Enabling EPEL package repository '
                                   '(https://fedoraproject.org/wiki/EPEL)')
@@ -54,6 +56,7 @@ def test_php_version_lt_7_detected_upgrade_default_optout_centos(Pihole):
     package_manager_detect = Pihole.run('''
     source /opt/pihole/basic-install.sh
     package_manager_detect
+    select_rpm_php
     ''')
     expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
                                   'Deprecated PHP may be in use.')
@@ -78,6 +81,7 @@ def test_php_version_lt_7_detected_upgrade_user_optout_centos(Pihole):
     package_manager_detect = Pihole.run('''
     source /opt/pihole/basic-install.sh
     package_manager_detect
+    select_rpm_php
     ''')
     expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
                                   'Deprecated PHP may be in use.')
@@ -102,6 +106,7 @@ def test_php_version_lt_7_detected_upgrade_user_optin_centos(Pihole):
     package_manager_detect = Pihole.run('''
     source /opt/pihole/basic-install.sh
     package_manager_detect
+    select_rpm_php
     install_dependent_packages PIHOLE_WEB_DEPS[@]
     ''')
     expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
diff --git a/test/test_fedora_support.py b/test/test_fedora_support.py
index a2ac4c71..3ad84be5 100644
--- a/test/test_fedora_support.py
+++ b/test/test_fedora_support.py
@@ -6,6 +6,7 @@ def test_epel_and_remi_not_installed_fedora(Pihole):
     package_manager_detect = Pihole.run('''
     source /opt/pihole/basic-install.sh
     package_manager_detect
+    select_rpm_php
     ''')
     assert package_manager_detect.stdout == ''
 

From a88a94c4f1983d457d5ab713bcdc2effe806382b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Mon, 13 Sep 2021 08:06:19 +0200
Subject: [PATCH 290/297] Export DNS_FQDN_REQUIRED and DNS_BOGUS_PRIV to
 setupVars.conf during installation
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 automated install/basic-install.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 697dd2e4..7fb39b83 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -1814,6 +1814,8 @@ finalExports() {
     echo "INSTALL_WEB_INTERFACE=${INSTALL_WEB_INTERFACE}"
     echo "LIGHTTPD_ENABLED=${LIGHTTPD_ENABLED}"
     echo "CACHE_SIZE=${CACHE_SIZE}"
+    echo "DNS_FQDN_REQUIRED=true"
+    echo "DNS_BOGUS_PRIV=true"
     }>> "${setupVars}"
     chmod 644 "${setupVars}"
 

From b755330f4cf988ba4d8eba09e88276f84ed67813 Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Fri, 24 Sep 2021 11:34:05 +0200
Subject: [PATCH 291/297] Remove local-ttl from set of default dnsmasq options.

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/01-pihole.conf | 2 --
 1 file changed, 2 deletions(-)

diff --git a/advanced/01-pihole.conf b/advanced/01-pihole.conf
index e243e91a..02bc93bf 100644
--- a/advanced/01-pihole.conf
+++ b/advanced/01-pihole.conf
@@ -39,6 +39,4 @@ cache-size=@CACHE_SIZE@
 log-queries
 log-facility=/var/log/pihole.log
 
-local-ttl=2
-
 log-async

From 841222fa2107943939a6ae98e02f9b51147044d6 Mon Sep 17 00:00:00 2001
From: yubiuser <ckoenig@posteo.de>
Date: Sun, 26 Sep 2021 19:50:03 +0200
Subject: [PATCH 292/297] Add  to INSTALLER_DEPS (#4343)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 automated install/basic-install.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index 7fb39b83..e4c168ea 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -327,7 +327,7 @@ if is_command apt-get ; then
     # Packages required to perfom the os_check (stored as an array)
     OS_CHECK_DEPS=(grep dnsutils)
     # Packages required to run this install script (stored as an array)
-    INSTALLER_DEPS=(git "${iproute_pkg}" whiptail)
+    INSTALLER_DEPS=(git "${iproute_pkg}" whiptail ca-certificates)
     # Packages required to run Pi-hole (stored as an array)
     PIHOLE_DEPS=(cron curl iputils-ping lsof netcat psmisc sudo unzip idn2 sqlite3 libcap2-bin dns-root-data libcap2)
     # Packages required for the Web admin interface (stored as an array)
@@ -373,7 +373,7 @@ elif is_command rpm ; then
     PKG_INSTALL=("${PKG_MANAGER}" install -y)
     PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l"
     OS_CHECK_DEPS=(grep bind-utils)
-    INSTALLER_DEPS=(git iproute newt procps-ng which chkconfig)
+    INSTALLER_DEPS=(git iproute newt procps-ng which chkconfig ca-certificates)
     PIHOLE_DEPS=(cronie curl findutils nmap-ncat sudo unzip libidn2 psmisc sqlite libcap lsof)
     PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php-common php-cli php-pdo php-xml php-json php-intl)
     LIGHTTPD_USER="lighttpd"

From fd050693a27c62d7845eaf555686ed9a17648b80 Mon Sep 17 00:00:00 2001
From: MichaIng <micha@dietpi.com>
Date: Wed, 7 Apr 2021 21:53:52 +0200
Subject: [PATCH 293/297] Remove obsolete DEB package name checks

The installer contains three checks for specific DEB package names, which did change in past Debian/Ubuntu versions. These checks are obsolete with the current set of supported distro versions:

iproute vs iproute2: All distro versions down to Debian Jessie and Ubuntu Xenial ship the iproute2 package:
- https://packages.debian.org/search?keywords=iproute
- https://packages.ubuntu.com/search?suite=all&keywords=iproute

php5 vs php: None of the Ubuntu version down to Xenial and only Debian Jessie ships the php5 package:
- https://packages.debian.org/search?keywords=php5
- https://packages.ubuntu.com/search?suite=all&keywords=php5
Moreover, installs with PHP5 would fail anyway for a longer time, due to the added php-xml module package, which became a dedicated package with PHP7.0 while being part of the core package with PHP5:
- https://packages.debian.org/search?keywords=php5-xml

php-sqlite vs php-sqlite3: With PHP7, the SQLite module package name changed to sqlite3 prefix:
- https://packages.debian.org/search?keywords=php-sqlite
- https://packages.ubuntu.com/search?suite=all&keywords=php-sqlite

Additionally the code comment about minimal apt-get call output was moved to the actual apt-get install call section, as if refers to issues with package installs that require interactive action and hence output about it to the console. The package cache update as well requires an interactive confirmation when the underlying suite code name changes, e.g. when "buster" becomes "oldstable" and "bullseye" becomes "stable". But that is not what the referred issue was about.

The comments around the installer and Pi-hole package dependencies have been aligned with the current v6 branch as attempt to resolve merge conflicts in the first place.

Signed-off-by: MichaIng <micha@dietpi.com>
---
 automated install/basic-install.sh | 54 ++++--------------------------
 1 file changed, 6 insertions(+), 48 deletions(-)
 mode change 100755 => 100644 automated install/basic-install.sh

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
old mode 100755
new mode 100644
index e4c168ea..bf9ab680
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -273,66 +273,25 @@ if is_command apt-get ; then
     PKG_INSTALL=("${PKG_MANAGER}" -qq --no-install-recommends install)
     # grep -c will return 1 if there are no matches. This is an acceptable condition, so we OR TRUE to prevent set -e exiting the script.
     PKG_COUNT="${PKG_MANAGER} -s -o Debug::NoLocking=true upgrade | grep -c ^Inst || true"
-    # Update package cache. This is required already here to assure apt-cache calls have package lists available.
+    # Update package cache
     update_package_cache || exit 1
-    # Debian 7 doesn't have iproute2 so check if it's available first
-    if apt-cache show iproute2 > /dev/null 2>&1; then
-        iproute_pkg="iproute2"
-    # Otherwise, check if iproute is available
-    elif apt-cache show iproute > /dev/null 2>&1; then
-        iproute_pkg="iproute"
-    # Else print error and exit
-    else
-        printf "  %b Aborting installation: iproute2 and iproute packages were not found in APT repository.\\n" "${CROSS}"
-        exit 1
-    fi
     # Check for and determine version number (major and minor) of current php install
+    local phpVer="php"
     if is_command php ; then
         printf "  %b Existing PHP installation detected : PHP version %s\\n" "${INFO}" "$(php <<< "<?php echo PHP_VERSION ?>")"
         printf -v phpInsMajor "%d" "$(php <<< "<?php echo PHP_MAJOR_VERSION ?>")"
         printf -v phpInsMinor "%d" "$(php <<< "<?php echo PHP_MINOR_VERSION ?>")"
-        # Is installed php version 7.0 or greater
-        if [ "${phpInsMajor}" -ge 7 ]; then
-            phpInsNewer=true
-        fi
-    fi
-    # Several other packages depend on the version of PHP. If PHP is not installed, or an insufficient version,
-    # those packages should fall back to the default (latest?)
-    if [[ "$phpInsNewer" != true ]]; then
-        # Prefer the php metapackage if it's there
-        if apt-cache show php > /dev/null 2>&1; then
-            phpVer="php"
-        # Else fall back on the php5 package if it's there
-        elif apt-cache show php5 > /dev/null 2>&1; then
-            phpVer="php5"
-        # Else print error and exit
-        else
-            printf "  %b Aborting installation: No PHP packages were found in APT repository.\\n" "${CROSS}"
-            exit 1
-        fi
-    else
-        # Else, PHP is already installed at a version beyond v7.0, so the additional packages
-        # should match version with the current PHP version.
         phpVer="php$phpInsMajor.$phpInsMinor"
     fi
-    # We also need the correct version for `php-sqlite` (which differs across distros)
-    if apt-cache show "${phpVer}-sqlite3" > /dev/null 2>&1; then
-        phpSqlite="sqlite3"
-    elif apt-cache show "${phpVer}-sqlite" > /dev/null 2>&1; then
-        phpSqlite="sqlite"
-    else
-        printf "  %b Aborting installation: No SQLite PHP module was found in APT repository.\\n" "${CROSS}"
-        exit 1
-    fi
     # Packages required to perfom the os_check (stored as an array)
     OS_CHECK_DEPS=(grep dnsutils)
     # Packages required to run this install script (stored as an array)
-    INSTALLER_DEPS=(git "${iproute_pkg}" whiptail ca-certificates)
+    INSTALLER_DEPS=(git iproute2 whiptail ca-certificates)
     # Packages required to run Pi-hole (stored as an array)
     PIHOLE_DEPS=(cron curl iputils-ping lsof netcat psmisc sudo unzip idn2 sqlite3 libcap2-bin dns-root-data libcap2)
     # Packages required for the Web admin interface (stored as an array)
     # It's useful to separate this from Pi-hole, since the two repos are also setup separately
-    PIHOLE_WEB_DEPS=(lighttpd "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-${phpSqlite}" "${phpVer}-xml" "${phpVer}-intl")
+    PIHOLE_WEB_DEPS=(lighttpd "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-sqlite3" "${phpVer}-xml" "${phpVer}-intl")
     # Prior to PHP8.0, JSON functionality is provided as dedicated module, required by Pi-hole AdminLTE: https://www.php.net/manual/json.installation.php
     if [[ "${phpInsNewer}" != true || "${phpInsMajor}" -lt 8 ]]; then
         PIHOLE_WEB_DEPS+=("${phpVer}-json")
@@ -1555,9 +1514,6 @@ disable_resolved_stublistener() {
 }
 
 update_package_cache() {
-    # Running apt-get update/upgrade with minimal output can cause some issues with
-    # requiring user input (e.g password for phpmyadmin see #218)
-
     # Update package cache on apt based OSes. Do this every time since
     # it's quick and packages can be updated at any time.
 
@@ -1622,6 +1578,8 @@ install_dependent_packages() {
         # If there's anything to install, install everything in the list.
         if [[ "${#installArray[@]}" -gt 0 ]]; then
             test_dpkg_lock
+            # Running apt-get install with minimal output can cause some issues with
+            # requiring user input (e.g password for phpmyadmin see #218)
             printf "  %b Processing %s install(s) for: %s, please wait...\\n" "${INFO}" "${PKG_MANAGER}" "${installArray[*]}"
             printf '%*s\n' "$columns" '' | tr " " -;
             "${PKG_INSTALL[@]}" "${installArray[@]}"

From a9b9718ffad011232b171ef546ec127c9332d7cb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Sat, 2 Oct 2021 23:29:23 +0200
Subject: [PATCH 294/297] Do not let the user select if they want to blocking
 via IPv4 and/or IPv6
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 automated install/basic-install.sh | 73 ++++++------------------------
 1 file changed, 15 insertions(+), 58 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index bf9ab680..f6eeca8b 100644
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -717,9 +717,8 @@ testIPv6() {
     fi
 }
 
-# A dialog for showing the user about IPv6 blocking
-useIPv6dialog() {
-    # Determine the IPv6 address used for blocking
+find_IPv6_information() {
+    # Detects IPv6 address used for communication to WAN addresses.
     IPV6_ADDRESSES=($(ip -6 address | grep 'scope global' | awk '{print $2}'))
 
     # For each address in the array above, determine the type of IPv6 address it is
@@ -739,76 +738,34 @@ useIPv6dialog() {
         # set the IPv6 address to the ULA address
         IPV6_ADDRESS="${ULA_ADDRESS}"
         # Show this info to the user
-        printf "  %b Found IPv6 ULA address, using it for blocking IPv6 ads\\n" "${INFO}"
+        printf "  %b Found IPv6 ULA address\\n" "${INFO}"
     # Otherwise, if the GUA_ADDRESS has a value,
     elif [[ ! -z "${GUA_ADDRESS}" ]]; then
         # Let the user know
-        printf "  %b Found IPv6 GUA address, using it for blocking IPv6 ads\\n" "${INFO}"
+        printf "  %b Found IPv6 GUA address\\n" "${INFO}"
         # And assign it to the global variable
         IPV6_ADDRESS="${GUA_ADDRESS}"
     # If none of those work,
     else
-        # explain that IPv6 blocking will not be used
-        printf "  %b Unable to find IPv6 ULA/GUA address, IPv6 adblocking will not be enabled\\n" "${INFO}"
+        printf "  %b Unable to find IPv6 ULA/GUA address\\n" "${INFO}"
         # So set the variable to be empty
         IPV6_ADDRESS=""
     fi
-
-    # If the IPV6_ADDRESS contains a value
-    if [[ ! -z "${IPV6_ADDRESS}" ]]; then
-        # Display that IPv6 is supported and will be used
-        whiptail --msgbox --backtitle "IPv6..." --title "IPv6 Supported" "$IPV6_ADDRESS will be used to block ads." "${r}" "${c}"
-    fi
 }
 
-# A function to check if we should use IPv4 and/or IPv6 for blocking ads
-use4andor6() {
-    # Named local variables
-    local useIPv4
-    local useIPv6
-    # Let user choose IPv4 and/or IPv6 via a checklist
-    cmd=(whiptail --separate-output --checklist "Select Protocols (press space to toggle selection)" "${r}" "${c}" 2)
-    # In an array, show the options available:
-    # IPv4 (on by default)
-    options=(IPv4 "Block ads over IPv4" on
-    # or IPv6 (on by default if available)
-    IPv6 "Block ads over IPv6" on)
-    # In a variable, show the choices available; exit if Cancel is selected
-    choices=$("${cmd[@]}" "${options[@]}" 2>&1 >/dev/tty) || { printf "  %bCancel was selected, exiting installer%b\\n" "${COL_LIGHT_RED}" "${COL_NC}"; exit 1; }
-    # For each choice available,
-    for choice in ${choices}
-    do
-        # Set the values to true
-        case ${choice} in
-        IPv4  )   useIPv4=true;;
-        IPv6  )   useIPv6=true;;
-        esac
-    done
-    # If IPv4 is to be used,
-    if [[ "${useIPv4}" ]]; then
-        # Run our function to get the information we need
-        find_IPv4_information
-        if [[ -f "/etc/dhcpcd.conf" ]]; then
+# A function to collect IPv4 and IPv6 information of the device
+collect_v4andv6_information() {
+    find_IPv4_information
+    # Echo the information to the user
+    printf "  %b IPv4 address: %s\\n" "${INFO}" "${IPV4_ADDRESS}"
+    # if `dhcpcd` is used offer to set this as static IP for the device
+    if [[ -f "/etc/dhcpcd.conf" ]]; then
             # configure networking via dhcpcd
             getStaticIPv4Settings
             setDHCPCD
-        fi
     fi
-    # If IPv6 is to be used,
-    if [[ "${useIPv6}" ]]; then
-        # Run our function to get this information
-        useIPv6dialog
-    fi
-    # Echo the information to the user
-    printf "  %b IPv4 address: %s\\n" "${INFO}" "${IPV4_ADDRESS}"
+    find_IPv6_information
     printf "  %b IPv6 address: %s\\n" "${INFO}" "${IPV6_ADDRESS}"
-    # If neither protocol is selected,
-    if [[ ! "${useIPv4}" ]] && [[ ! "${useIPv6}" ]]; then
-        # Show an error in red
-        printf "  %bError: Neither IPv4 or IPv6 selected%b\\n" "${COL_LIGHT_RED}" "${COL_NC}"
-        # and exit with an error
-        exit 1
-    fi
 }
 
 getStaticIPv4Settings() {
@@ -2544,8 +2501,8 @@ main() {
         setDNS
         # Give the user a choice of blocklists to include in their install. Or not.
         chooseBlocklists
-        # Let the user decide if they want to block ads over IPv4 and/or IPv6
-        use4andor6
+        # find IPv4 and IPv6 information of the device
+        collect_v4andv6_information
         # Let the user decide if they want the web interface to be installed automatically
         setAdminFlag
         # Let the user decide if they want query logging enabled...

From 9dbcbdbe666f2ea81f31b9ef77248473b50cb296 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Sat, 2 Oct 2021 23:43:08 +0200
Subject: [PATCH 295/297] Adjust tests
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 test/test_automated_install.py | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/test/test_automated_install.py b/test/test_automated_install.py
index 9938dd99..faf67c92 100644
--- a/test/test_automated_install.py
+++ b/test/test_automated_install.py
@@ -421,10 +421,9 @@ def test_IPv6_only_link_local(Pihole):
     )
     detectPlatform = Pihole.run('''
     source /opt/pihole/basic-install.sh
-    useIPv6dialog
+    find_IPv6_information
     ''')
-    expected_stdout = ('Unable to find IPv6 ULA/GUA address, '
-                       'IPv6 adblocking will not be enabled')
+    expected_stdout = ('Unable to find IPv6 ULA/GUA address')
     assert expected_stdout in detectPlatform.stdout
 
 
@@ -468,9 +467,9 @@ def test_IPv6_only_GUA(Pihole):
     )
     detectPlatform = Pihole.run('''
     source /opt/pihole/basic-install.sh
-    useIPv6dialog
+    find_IPv6_information
     ''')
-    expected_stdout = 'Found IPv6 GUA address, using it for blocking IPv6 ads'
+    expected_stdout = 'Found IPv6 GUA address'
     assert expected_stdout in detectPlatform.stdout
 
 

From 466520366d2825f6596675003da8468c485f2ea7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <ckoenig@posteo.de>
Date: Sat, 2 Oct 2021 23:47:13 +0200
Subject: [PATCH 296/297] Fogot to save...
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <ckoenig@posteo.de>
---
 test/test_automated_install.py | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/test/test_automated_install.py b/test/test_automated_install.py
index faf67c92..eb1bfd2c 100644
--- a/test/test_automated_install.py
+++ b/test/test_automated_install.py
@@ -444,9 +444,9 @@ def test_IPv6_only_ULA(Pihole):
     )
     detectPlatform = Pihole.run('''
     source /opt/pihole/basic-install.sh
-    useIPv6dialog
+    find_IPv6_information
     ''')
-    expected_stdout = 'Found IPv6 ULA address, using it for blocking IPv6 ads'
+    expected_stdout = 'Found IPv6 ULA address'
     assert expected_stdout in detectPlatform.stdout
 
 
@@ -491,9 +491,9 @@ def test_IPv6_GUA_ULA_test(Pihole):
     )
     detectPlatform = Pihole.run('''
     source /opt/pihole/basic-install.sh
-    useIPv6dialog
+    find_IPv6_information
     ''')
-    expected_stdout = 'Found IPv6 ULA address, using it for blocking IPv6 ads'
+    expected_stdout = 'Found IPv6 ULA address'
     assert expected_stdout in detectPlatform.stdout
 
 
@@ -515,9 +515,9 @@ def test_IPv6_ULA_GUA_test(Pihole):
     )
     detectPlatform = Pihole.run('''
     source /opt/pihole/basic-install.sh
-    useIPv6dialog
+    find_IPv6_information
     ''')
-    expected_stdout = 'Found IPv6 ULA address, using it for blocking IPv6 ads'
+    expected_stdout = 'Found IPv6 ULA address'
     assert expected_stdout in detectPlatform.stdout
 
 

From 5b03160295103aa38a7b2554fc057fea03b04d97 Mon Sep 17 00:00:00 2001
From: Adam Warner <me@adamwarner.co.uk>
Date: Mon, 4 Oct 2021 11:40:53 +0100
Subject: [PATCH 297/297] Install script comment tweaks (#4361)

---
 automated install/basic-install.sh | 12 ++++++------
 test/test_automated_install.py     |  8 ++++----
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index f6eeca8b..c1a1c613 100644
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -262,10 +262,10 @@ os_check() {
 
 # Compatibility
 package_manager_detect() {
-# If apt-get is installed, then we know it's part of the Debian family
+# First check to see if apt-get is installed.
 if is_command apt-get ; then
     # Set some global variables here
-    # We don't set them earlier since the family might be Red Hat, so these values would be different
+    # We don't set them earlier since the installed package manager might be rpm, so these values would be different
     PKG_MANAGER="apt-get"
     # A variable to store the command used to update the package cache
     UPDATE_PKG_CACHE="${PKG_MANAGER} update"
@@ -319,7 +319,7 @@ if is_command apt-get ; then
         return 0
     }
 
-# If apt-get is not found, check for rpm to see if it's a Red Hat family OS
+# If apt-get is not found, check for rpm.
 elif is_command rpm ; then
     # Then check if dnf or yum is the package manager
     if is_command dnf ; then
@@ -328,7 +328,7 @@ elif is_command rpm ; then
         PKG_MANAGER="yum"
     fi
 
-    # These variable names match the ones in the Debian family. See above for an explanation of what they are for.
+    # These variable names match the ones for apt-get. See above for an explanation of what they are for.
     PKG_INSTALL=("${PKG_MANAGER}" install -y)
     PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l"
     OS_CHECK_DEPS=(grep bind-utils)
@@ -341,8 +341,8 @@ elif is_command rpm ; then
 
 # If neither apt-get or yum/dnf package managers were found
 else
-    # it's not an OS we can support,
-    printf "  %b OS distribution not supported\\n" "${CROSS}"
+    # we cannot install required packages
+    printf "  %b No supported package manager found\\n" "${CROSS}"
     # so exit the installer
     exit
 fi
diff --git a/test/test_automated_install.py b/test/test_automated_install.py
index eb1bfd2c..37ebdad2 100644
--- a/test/test_automated_install.py
+++ b/test/test_automated_install.py
@@ -11,18 +11,18 @@ from .conftest import (
 )
 
 
-def test_supported_operating_system(Pihole):
+def test_supported_package_manager(Pihole):
     '''
-    confirm installer exists on unsupported distribution
+    confirm installer exits when no supported package manager found
     '''
-    # break supported package managers to emulate an unsupported distribution
+    # break supported package managers
     Pihole.run('rm -rf /usr/bin/apt-get')
     Pihole.run('rm -rf /usr/bin/rpm')
     package_manager_detect = Pihole.run('''
     source /opt/pihole/basic-install.sh
     package_manager_detect
     ''')
-    expected_stdout = cross_box + ' OS distribution not supported'
+    expected_stdout = cross_box + ' No supported package manager found'
     assert expected_stdout in package_manager_detect.stdout
     # assert package_manager_detect.rc == 1