Merge branch 'development' into new/https

This commit is contained in:
Adam Warner 2017-07-29 16:44:20 +01:00 committed by GitHub
commit 7b1524ad01
25 changed files with 4794 additions and 2152 deletions

View file

@ -9,7 +9,7 @@
_{replace this text with a number from 1 to 10, with 1 being not familiar, and 10 being very familiar}_
---
**[FEATURE REQUEST | QUESTION | OTHER]:**
**[BUG REPORT | OTHER]:**
Please [submit your feature request here](https://discourse.pi-hole.net/c/feature-requests), so it is votable by the community. It's also easier for us to track.

View file

@ -3,17 +3,17 @@
***Please submit all pull requests against the `development` branch. Failure to do so will delay or deny your request***
- [] I have read and understood the [contributors guide](https://github.com/pi-hole/pi-hole/blob/master/CONTRIBUTING.md).
- [] I have checked that [another pull request](https://github.com/pi-hole/pi-hole/pulls) for this purpose does not exist.
- [] I have considered, and confirmed that this submission will be valuable to others.
- [] I accept that this submission may not be used, and the pull request closed at the will of the maintainer.
- [] I give this submission freely, and claim no ownership to its content.
- [] I have written tests and verified that they fail without my change.
- [] I have squashed any insignificant commits.
- [] This change has comments for package types, values, functions, and non-obvious lines of code.
- [] I am willing to help maintain this change if there are issues with it later.
- [] I give this submission freely and claim no ownership. It is compatible with the EUPL 1.2 license.
- [] I have Signed Off all commits. (`git commit --signoff`)
**How familiar are you with the codebase?:**
***Please explain what you have done and wish to accomplish with this Pull Request***
_{replace this text with a number from 1 to 10, with 1 being not familiar, and 10 being very familiar}_
1. What does this change do, exactly?
---
_{replace this line with your pull request content}_
2. Please link to the relevant issues.
_This template was created based on the work of [`udemy-dl`](https://github.com/nishad/udemy-dl/blob/master/LICENSE)._
3. Which documentation changes (if any) need to be made because of this PR?

View file

@ -10,7 +10,7 @@ group_defaults:
reset_on_push:
enabled: true
reject_value: -2
approve_regex: '^(Approved|:shipit:|:\+1:|Engage)'
approve_regex: '^(Approved|:shipit:|:\+1:|Engage|:taco:)'
reject_regex: '^(Rejected|:-1:|Borg)'
author_approval:
auto: true
@ -35,4 +35,4 @@ groups:
- master
required: 4
teams:
- admin
- approvers

119
LICENSE
View file

@ -12,81 +12,63 @@ This license applies to the whole project EXCEPT:
The licenses that existed prior to this change have remained intact.
-------------------------------------------------------------
EUROPEAN UNION PUBLIC LICENCE v. 1.2
European Union Public Licence
V. 1.1
EUPL © the European Union 2007, 2016
EUPL (C) the European Community 2007
This European Union Public Licence (the "EUPL") applies to the Work or Software (as defined below) which is provided under the terms of this Licence. Any use of the Work, other than as authorised under this Licence is prohibited (to the extent such use is covered by a right of the copyright holder of the Work).
The Original Work is provided under the terms of this Licence when the Licensor (as defined below) has placed the following notice immediately following the copyright notice for the Original Work:
Licensed under the EUPL V.1.1
or has expressed by any other mean his willingness to license under the EUPL.
This European Union Public Licence (the EUPL) applies to the Work (as defined below) which is provided under the terms of this Licence. Any use of the Work, other than as authorised under this Licence is prohibited (to the extent such use is covered by a right of the copyright holder of the Work).
The Work is provided under the terms of this Licence when the Licensor (as defined below) has placed the following notice immediately following the copyright notice for the Work:
Licensed under the EUPL
or has expressed by any other means his willingness to license under the EUPL.
1. Definitions
In this Licence, the following terms have the following meaning:
- The Licence: this Licence.
- The Original Work or the Software: the software distributed and/or communicated by the Licensor under this Licence, available as Source Code and also as Executable Code as the case may be.
- The Original Work: the work or software distributed or communicated by the Licensor under this Licence, available as Source Code and also as Executable Code as the case may be.
- Derivative Works: the works or software that could be created by the Licensee, based upon the Original Work or modifications thereof. This Licence does not define the extent of modification or dependence on the Original Work required in order to classify a work as a Derivative Work; this extent is determined by copyright law applicable in the country mentioned in Article 15.
- The Work: the Original Work and/or its Derivative Works.
- The Work: the Original Work or its Derivative Works.
- The Source Code: the human-readable form of the Work which is the most convenient for people to study and modify.
- The Executable Code: any code which has generally been compiled and which is meant to be interpreted by a computer as a program.
- The Licensor: the natural or legal person that distributes and/or communicates the Work under the Licence.
- The Licensor: the natural or legal person that distributes or communicates the Work under the Licence.
- Contributor(s): any natural or legal person who modifies the Work under the Licence, or otherwise contributes to the creation of a Derivative Work.
- The Licensee or "You": any natural or legal person who makes any usage of the Software under the terms of the Licence.
- Distribution and/or Communication: any act of selling, giving, lending, renting, distributing, communicating, transmitting, or otherwise making available, on-line or off-line, copies of the Work or providing access to its essential functionalities at the disposal of any other natural or legal person.
- The Licensee or You: any natural or legal person who makes any usage of the Work under the terms of the Licence.
- Distribution or Communication: any act of selling, giving, lending, renting, distributing, communicating, transmitting, or otherwise making available, online or offline, copies of the Work or providing access to its essential functionalities at the disposal of any other natural or legal person.
2. Scope of the rights granted by the Licence
The Licensor hereby grants You a world-wide, royalty-free, non-exclusive, sub-licensable licence to do the following, for the duration of copyright vested in the Original Work:
The Licensor hereby grants You a worldwide, royalty-free, non-exclusive, sublicensable licence to do the following, for the duration of copyright vested in the Original Work:
- use the Work in any circumstance and for all usage,
- reproduce the Work,
- modify the Original Work, and make Derivative Works based upon the Work,
- modify the Work, and make Derivative Works based upon the Work,
- communicate to the public, including the right to make available or display the Work or copies thereof to the public and perform publicly, as the case may be, the Work,
- distribute the Work or copies thereof,
- lend and rent the Work or copies thereof,
- sub-license rights in the Work or copies thereof.
- sublicense rights in the Work or copies thereof.
Those rights can be exercised on any media, supports and formats, whether now known or later invented, as far as the applicable law permits so.
In the countries where moral rights apply, the Licensor waives his right to exercise his moral right to the extent allowed by law in order to make effective the licence of the economic rights here above listed.
The Licensor grants to the Licensee royalty-free, non exclusive usage rights to any patents held by the Licensor, to the extent necessary to make use of the rights granted on the Work under this Licence.
The Licensor grants to the Licensee royalty-free, non-exclusive usage rights to any patents held by the Licensor, to the extent necessary to make use of the rights granted on the Work under this Licence.
3. Communication of the Source Code
The Licensor may provide the Work either in its Source Code form, or as Executable Code. If the Work is provided as Executable Code, the Licensor provides in addition a machine-readable copy of the Source Code of the Work along with each copy of the Work that the Licensor distributes or indicates, in a notice following the copyright notice attached to the Work, a repository where the Source Code is easily and freely accessible for as long as the Licensor continues to distribute and/or communicate the Work.
The Licensor may provide the Work either in its Source Code form, or as Executable Code. If the Work is provided as Executable Code, the Licensor provides in addition a machine-readable copy of the Source Code of the Work along with each copy of the Work that the Licensor distributes or indicates, in a notice following the copyright notice attached to the Work, a repository where the Source Code is easily and freely accessible for as long as the Licensor continues to distribute or communicate the Work.
4. Limitations on copyright
Nothing in this Licence is intended to deprive the Licensee of the benefits from any exception or limitation to the exclusive rights of the rights owners in the Original Work or Software, of the exhaustion of those rights or of other applicable limitations thereto.
Nothing in this Licence is intended to deprive the Licensee of the benefits from any exception or limitation to the exclusive rights of the rights owners in the Work, of the exhaustion of those rights or of other applicable limitations thereto.
5. Obligations of the Licensee
The grant of the rights mentioned above is subject to some restrictions and obligations imposed on the Licensee. Those obligations are the following:
Attribution right: the Licensee shall keep intact all copyright, patent or trademarks notices and all notices that refer to the Licence and to the disclaimer of warranties. The Licensee must include a copy of such notices and a copy of the Licence with every copy of the Work he/she distributes and/or communicates. The Licensee must cause any Derivative Work to carry prominent notices stating that the Work has been modified and the date of modification.
Attribution right: The Licensee shall keep intact all copyright, patent or trademarks notices and all notices that refer to the Licence and to the disclaimer of warranties. The Licensee must include a copy of such notices and a copy of the Licence with every copy of the Work he/she distributes or communicates. The Licensee must cause any Derivative Work to carry prominent notices stating that the Work has been modified and the date of modification.
Copyleft clause: If the Licensee distributes and/or communicates copies of the Original Works or Derivative Works based upon the Original Work, this Distribution and/or Communication will be done under the terms of this Licence or of a later version of this Licence unless the Original Work is expressly distributed only under this version of the Licence. The Licensee (becoming Licensor) cannot offer or impose any additional terms or conditions on the Work or Derivative Work that alter or restrict the terms of the Licence.
Copyleft clause: If the Licensee distributes or communicates copies of the Original Works or Derivative Works, this Distribution or Communication will be done under the terms of this Licence or of a later version of this Licence unless the Original Work is expressly distributed only under this version of the Licence - for example by communicating EUPL v. 1.2 only. The Licensee (becoming Licensor) cannot offer or impose any additional terms or conditions on the Work or Derivative Work that alter or restrict the terms of the Licence.
Compatibility clause: If the Licensee Distributes and/or Communicates Derivative Works or copies thereof based upon both the Original Work and another work licensed under a Compatible Licence, this Distribution and/or Communication can be done under the terms of this Compatible Licence. For the sake of this clause, "Compatible Licence" refers to the licences listed in the appendix attached to this Licence. Should the Licensees obligations under the Compatible Licence conflict with his/her obligations under this Licence, the obligations of the Compatible Licence shall prevail.
Compatibility clause: If the Licensee Distributes or Communicates Derivative Works or copies thereof based upon both the Work and another work licensed under a Compatible Licence, this Distribution or Communication can be done under the terms of this Compatible Licence. For the sake of this clause, Compatible Licence refers to the licences listed in the appendix attached to this Licence. Should the Licensee's obligations under the Compatible Licence conflict with his/her obligations under this Licence, the obligations of the Compatible Licence shall prevail.
Provision of Source Code: When distributing and/or communicating copies of the Work, the Licensee will provide a machine-readable copy of the Source Code or indicate a repository where this Source will be easily and freely available for as long as the Licensee continues to distribute and/or communicate the Work.
Provision of Source Code: When distributing or communicating copies of the Work, the Licensee will provide a machine-readable copy of the Source Code or indicate a repository where this Source will be easily and freely available for as long as the Licensee continues to distribute or communicate the Work.
Legal Protection: This Licence does not grant permission to use the trade names, trademarks, service marks, or names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the copyright notice.
@ -100,10 +82,8 @@ Each time You accept the Licence, the original Licensor and subsequent Contribut
7. Disclaimer of Warranty
The Work is a work in progress, which is continuously improved by numerous contributors. It is not a finished work and may therefore contain defects or "bugs" inherent to this type of software development.
For the above reason, the Work is provided under the Licence on an "as is" basis and without warranties of any kind concerning the Work, including without limitation merchantability, fitness for a particular purpose, absence of defects or errors, accuracy, non-infringement of intellectual property rights other than copyright as stated in Article 6 of this Licence.
The Work is a work in progress, which is continuously improved by numerous Contributors. It is not a finished work and may therefore contain defects or bugs inherent to this type of development.
For the above reason, the Work is provided under the Licence on an as is basis and without warranties of any kind concerning the Work, including without limitation merchantability, fitness for a particular purpose, absence of defects or errors, accuracy, non-infringement of intellectual property rights other than copyright as stated in Article 6 of this Licence.
This disclaimer of warranty is an essential part of the Licence and a condition for the grant of any rights to the Work.
8. Disclaimer of Liability
@ -112,56 +92,55 @@ Except in the cases of wilful misconduct or damages directly caused to natural p
9. Additional agreements
While distributing the Original Work or Derivative Works, You may choose to conclude an additional agreement to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or services consistent with this Licence. However, in accepting such obligations, You may act only on your own behalf and on your sole responsibility, not on behalf of the original Licensor or any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against such Contributor by the fact You have accepted any such warranty or additional liability.
While distributing the Work, You may choose to conclude an additional agreement, defining obligations or services consistent with this Licence. However, if accepting obligations, You may act only on your own behalf and on your sole responsibility, not on behalf of the original Licensor or any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against such Contributor by the fact You have accepted any warranty or additional liability.
10. Acceptance of the Licence
The provisions of this Licence can be accepted by clicking on an icon "I agree" placed under the bottom of a window displaying the text of this Licence or by affirming consent in any other similar way, in accordance with the rules of applicable law. Clicking on that icon indicates your clear and irrevocable acceptance of this Licence and all of its terms and conditions.
Similarly, you irrevocably accept this Licence and all of its terms and conditions by exercising any rights granted to You by Article 2 of this Licence, such as the use of the Work, the creation by You of a Derivative Work or the Distribution and/or Communication by You of the Work or copies thereof.
The provisions of this Licence can be accepted by clicking on an icon I agree placed under the bottom of a window displaying the text of this Licence or by affirming consent in any other similar way, in accordance with the rules of applicable law. Clicking on that icon indicates your clear and irrevocable acceptance of this Licence and all of its terms and conditions.
Similarly, you irrevocably accept this Licence and all of its terms and conditions by exercising any rights granted to You by Article 2 of this Licence, such as the use of the Work, the creation by You of a Derivative Work or the Distribution or Communication by You of the Work or copies thereof.
11. Information to the public
In case of any Distribution and/or Communication of the Work by means of electronic communication by You (for example, by offering to download the Work from a remote location) the distribution channel or media (for example, a website) must at least provide to the public the information requested by the applicable law regarding the Licensor, the Licence and the way it may be accessible, concluded, stored and reproduced by the Licensee.
In case of any Distribution or Communication of the Work by means of electronic communication by You (for example, by offering to download the Work from a remote location) the distribution channel or media (for example, a website) must at least provide to the public the information requested by the applicable law regarding the Licensor, the Licence and the way it may be accessible, concluded, stored and reproduced by the Licensee.
12. Termination of the Licence
The Licence and the rights granted hereunder will terminate automatically upon any breach by the Licensee of the terms of the Licence.
Such a termination will not terminate the licences of any person who has received the Work from the Licensee under the Licence, provided such persons remain in full compliance with the Licence.
13. Miscellaneous
Without prejudice of Article 9 above, the Licence represents the complete agreement between the Parties as to the Work licensed hereunder.
If any provision of the Licence is invalid or unenforceable under applicable law, this will not affect the validity or enforceability of the Licence as a whole. Such provision will be construed and/or reformed so as necessary to make it valid and enforceable.
The European Commission may publish other linguistic versions and/or new versions of this Licence, so far this is required and reasonable, without reducing the scope of the rights granted by the Licence. New versions of the Licence will be published with a unique version number.
Without prejudice of Article 9 above, the Licence represents the complete agreement between the Parties as to the Work.
If any provision of the Licence is invalid or unenforceable under applicable law, this will not affect the validity or enforceability of the Licence as a whole. Such provision will be construed or reformed so as necessary to make it valid and enforceable.
The European Commission may publish other linguistic versions or new versions of this Licence or updated versions of the Appendix, so far this is required and reasonable, without reducing the scope of the rights granted by the Licence. New versions of the Licence will be published with a unique version number.
All linguistic versions of this Licence, approved by the European Commission, have identical value. Parties can take advantage of the linguistic version of their choice.
14. Jurisdiction
Any litigation resulting from the interpretation of this License, arising between the European Commission, as a Licensor, and any Licensee, will be subject to the jurisdiction of the Court of Justice of the European Communities, as laid down in article 238 of the Treaty establishing the European Community.
Any litigation arising between Parties, other than the European Commission, and resulting from the interpretation of this License, will be subject to the exclusive jurisdiction of the competent court where the Licensor resides or conducts its primary business.
Without prejudice to specific agreement between parties,
- any litigation resulting from the interpretation of this License, arising between the European Union institutions, bodies, offices or agencies, as a Licensor, and any Licensee, will be subject to the jurisdiction of the Court of Justice of the European Union, as laid down in article 272 of the Treaty on the Functioning of the European Union,
- any litigation arising between other parties and resulting from the interpretation of this License, will be subject to the exclusive jurisdiction of the competent court where the Licensor resides or conducts its primary business.
15. Applicable Law
This Licence shall be governed by the law of the European Union country where the Licensor resides or has his registered office.
This licence shall be governed by the Belgian law if:
- a litigation arises between the European Commission, as a Licensor, and any Licensee;
- the Licensor, other than the European Commission, has no residence or registered office inside a European Union country.
Without prejudice to specific agreement between parties,
- this Licence shall be governed by the law of the European Union Member State where the Licensor has his seat, resides or has his registered office,
- this licence shall be governed by Belgian law if the Licensor has no seat, residence or registered office inside a European Union Member State.
===
Appendix
"Compatible Licences" according to article 5 EUPL are:
- GNU General Public License (GNU GPL) v. 2
Compatible Licences according to Article 5 EUPL are:
- GNU General Public License (GPL) v. 2, v. 3
- GNU Affero General Public License (AGPL) v. 3
- Open Software License (OSL) v. 2.1, v. 3.0
- Common Public License v. 1.0
- Eclipse Public License v. 1.0
- Cecill v. 2.0
- Eclipse Public License (EPL) v. 1.0
- CeCILL v. 2.0, v. 2.1
- Mozilla Public Licence (MPL) v. 2
- GNU Lesser General Public Licence (LGPL) v. 2.1, v. 3
- Creative Commons Attribution-ShareAlike v. 3.0 Unported (CC BY-SA 3.0) for works other than software
- European Union Public Licence (EUPL) v. 1.1, v. 1.2
- Québec Free and Open-Source Licence - Reciprocity (LiLiQ-R) or Strong Reciprocity (LiLiQ-R+)
- The European Commission may update this Appendix to later versions of the above licences without producing a new version of the EUPL, as long as they provide the rights granted in Article 2 of this Licence and protect the covered Source Code from exclusive appropriation.
- All other changes or additions to this Appendix require the production of a new EUPL version.

313
README.md
View file

@ -8,37 +8,37 @@
<a href=https://discourse.pi-hole.net><img src="https://assets.pi-hole.net/static/Vortex_with_text_and_TM.png" width=210></a>
</p>
## The multi-platform, network-wide ad blocker
## Pi-hole®: The multi-platform, network-wide ad blocker
Block ads for **all** your devices _without_ the need to install client-side software. The Pi-hole™ blocks ads at the DNS-level, so all your devices are protected.
- Web Browsers
- Cell Phones
- Smart TV's
- Internet-connected home automation
- Anything that communicates with the Internet
Block ads for **all** your devices _without_ the need to install client-side software.
<p align="center">
<a href=http://www.digitalocean.com/?refcode=344d234950e1><img src="https://assets.pi-hole.net/static/DOHostingSlug.png"></a>
</p>
## Your Support Still Matters
## Executive Summary
The Pi-hole blocks ads at the DNS-level, so all your devices are protected.
Digital Ocean helps with our infrastructure, but our developers are all volunteers so *your donations help keep us innovating*. Sending a donation using our links below helps us offset a portion of our monthly costs.
- **Easy-to-install** - our intelligent installer walks you through the process with no additional software needed on client devices
- **Universal** - ads are blocked in _non-browser locations_ such as ad-supported mobile apps and smart TVs
- **Quick** - installation takes less than ten minutes and it [_really_ is _that easy_](https://discourse.pi-hole.net/t/new-pi-hole-questions/3971/5?u=jacob.salmela)
- **Informative** - an administrative Web interface shows ad-blocking statistics
- **Lightweight** - designed to run on [minimal resources](https://discourse.pi-hole.net/t/hardware-software-requirements/273)
- **Scalable** - even in large environments, [Pi-hole can handle hundreds of millions of queries](https://pi-hole.net/2017/05/24/how-much-traffic-can-pi-hole-handle/) (with the right hardware specs)
- **Powerful** - advertisements are blocked over IPv4 _and_ IPv6
- **Fast** - it speeds up high-cost, high-latency networks by caching DNS queries and saves bandwidth by not downloading advertisement elements
- **Versatile** - Pi-hole can function also function as a DHCP server
- ![Paypal](https://assets.pi-hole.net/static/paypal.png) [Donate via PayPal](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=3J2L3Z4DHW9UY)
- ![Bitcoin](https://assets.pi-hole.net/static/Bitcoin.png) Bitcoin Address: 1GKnevUnVaQM2pQieMyeHkpr8DXfkpfAtL
### One-Step Automated Install
# One-Step Automated Install
1. Install a [supported operating system](https://discourse.pi-hole.net/t/hardware-software-requirements/273/1)
2. Run the command below (it downloads [this script](https://github.com/pi-hole/pi-hole/blob/master/automated%20install/basic-install.sh) in case you want to read over it first!)
### `curl -sSL https://install.pi-hole.net | bash`
#### `curl -sSL https://install.pi-hole.net | bash`
#### Alternative Semi-Automated Install Methods
## Alternative Semi-Automated Install Methods
_If you wish to read over the script before running it, run `nano basic-install.sh` to open the file in a text viewer._
##### Clone our repository and run the automated installer from your device.
### Clone our repository and run the automated installer from your device.
```
git clone --depth 1 https://github.com/pi-hole/pi-hole.git Pi-hole
@ -53,91 +53,233 @@ wget -O basic-install.sh https://install.pi-hole.net
bash basic-install.sh
```
Once installed, [configure your router to have **DHCP clients use the Pi as their DNS server**](https://discourse.pi-hole.net/t/how-do-i-configure-my-devices-to-use-pi-hole-as-their-dns-server/245) and then any device that connects to your network will have ads blocked without any further configuration. Alternatively, you can manually set each device to use Pi-hole™ as their DNS server.
Once installed, [configure your router to have **DHCP clients use the Pi-hole as their DNS server**](https://discourse.pi-hole.net/t/how-do-i-configure-my-devices-to-use-pi-hole-as-their-dns-server/245) and then any device that connects to your network will have ads blocked without any further configuration.
## What is Pi-hole™ and how do I install it?
If your router does not support setting the DNS server, you can [use Pi-hole's built in DHCP server](https://discourse.pi-hole.net/t/how-do-i-use-pi-holes-built-in-dhcp-server-and-why-would-i-want-to/3026); just be sure to disable DHCP on your router first.
Alternatively, you can manually set each device to use Pi-hole as their DNS server.
# What is Pi-hole and how do I install it?
<p align="center">
<a href=https://www.youtube.com/watch?v=vKWjx1AQYgs><img src="https://assets.pi-hole.net/static/video-explainer.png"></a>
</p>
# Pi-hole Is Free, But Powered By Your Donations
## Get Help Or Connect With Us On The Web
[Digital Ocean](http://www.digitalocean.com/?refcode=344d234950e1) helps with our infrastructure, but [our developers](https://github.com/orgs/pi-hole/people) are all volunteers so *your donations help keep us innovating*.
- ![Paypal](https://assets.pi-hole.net/static/paypal.png) [Donate via PayPal](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=3J2L3Z4DHW9UY)
- ![Bitcoin](https://assets.pi-hole.net/static/Bitcoin.png) Bitcoin Address: 1GKnevUnVaQM2pQieMyeHkpr8DXfkpfAtL
## Other Ways To Support Us
### Affiliate Links
If you'd rather not send money, there are [other ways to support us](https://pi-hole.net/donate): you can sign up for services through our affiliate links, which will also help us offset some of the costs associated with keeping Pi-hole operational; or you can support us in some non-tangible ways as listed below.
### Contributing Code Via Pull Requests
We don't work on Pi-hole for monetary reasons; we work on it because we think it's fun and we think our software is important in today's world. To that end, we welcome all contributors--from novices to masters.
If you feel you have some code to contribute, we're happy to take a look. Just make sure to fill out our template when submitting a pull request. We're all volunteers on the project and without all the information in the template, it's very difficult for us to quickly get the code merged in.
You'll find that the [install script](https://github.com/pi-hole/pi-hole/blob/master/automated%20install/basic-install.sh) and the [debug script](https://github.com/pi-hole/pi-hole/blob/master/advanced/Scripts/piholeDebug.sh) have an abundance of comments. These are two important scripts but we think they can also be a valuable resource to those who want to learn how to write scripts or code a program, which is why they are fully commented. So we encourage anyone who likes to tinker to read through it and submit a PR for us to review.
### Presenting About Pi-hole
Word-of-mouth has immensely helped our project grow. If you are going to be presenting about Pi-hole at a conference, meetup, or even for a school project, [get a hold of us for some free swag](https://pi-hole.net/2017/05/17/giving-a-presentation-on-pi-hole-contact-us-first-for-some-goodies-and-support/) to hand out to your audience.
# Overview Of Features
## The Dashboard (Web Interface)
The [dashboard](https://github.com/pi-hole/AdminLTE#pi-hole-admin-dashboard) will (by default) be enabled during installation so you can view stats, change settings, and configure your Pi-hole.
![Pi-hole Dashboard](https://assets.pi-hole.net/static/dashboard.png)
There are several ways to [access the dashboard](https://discourse.pi-hole.net/t/how-do-i-access-pi-holes-dashboard-admin-interface/3168):
1. `http://<IP_ADDPRESS_OF_YOUR_PI_HOLE>/admin/`
2. `http:/pi.hole/admin/` (when using Pi-hole as your DNS server)
3. `http://pi.hole/` (when using Pi-hole as your DNS server)
### The Query Log
If enabled, the query log will show all of the DNS queries requested by clients using Pi-hole as their DNS server. Forwarded domains will show in green, and blocked (_Pi-holed_) domains will show in red. You can also white or black list domains from within this section.
<p align="center">
<img src="https://assets.pi-hole.net/static/query_log.png">
</p>
The query log and graphs are what have helped people [discover what sort of traffic is traversing their networks](https://pi-hole.net/2017/07/06/round-3-what-really-happens-on-your-network/).
#### Long-term Statistics
Using our Faster-Than-Light Engine ([FTL](https://github.com/pi-hole/FTL)), Pi-hole can store all of the domains queried in a database for retrieval or analysis later on. You can view this data as a graph, individual queries, or top clients/advertisers.
<p align="center">
<img src="https://assets.pi-hole.net/static/long-term-stats.png">
</p>
### Whitelist And Blacklist
Domains can be [whitelisted](https://discourse.pi-hole.net/t/commonly-whitelisted-domains/212) and/or [blacklisted](https://discourse.pi-hole.net/t/commonly-blacklisted-domains/305) using either the dashboard or [the `pihole` command](https://discourse.pi-hole.net/t/the-pihole-command-with-examples/738).
<p align="center">
<a href=https://github.com/pi-hole/pi-hole/wiki/Whitelisting-and-Blacklisting><img src="https://assets.pi-hole.net/static/whitelist.png"></a>
</p>
#### Additional Blocklists
By default, Pi-hole blocks over 100,000 known ad-serving domains. You can expand the blocking power of your Pi-hole by [adding additional lists](https://discourse.pi-hole.net/t/how-do-i-add-additional-block-lists-to-pi-hole/259) such as the ones found on [The Big Blocklist Collection](https://wally3k.github.io/).
<p align="center">
<a href=https://discourse.pi-hole.net/t/how-do-i-add-additional-block-lists-to-pi-hole/259><img src="https://assets.pi-hole.net/static/manage-ad-lists.png"></a>
</p>
### Enable And Disable Pi-hole
Sometimes you may want to stop using Pi-hole or turn it back on. You can trigger this via the dashboard or command line.
<p align="center">
<img src="https://assets.pi-hole.net/static/enable-disable.png">
</p>
### Tools
<p align="center">
<img src="https://assets.pi-hole.net/static/tools.png">
</p>
#### Update Ad Lists
This runs `gravity` to download any newly-added domains from your source lists.
#### Query Ad Lists
You can find out what list a certain domain was on. This is useful for troubleshooting sites that may not work properly due to a blocked domain.
#### `tail`ing Log Files
You can [watch the log files](https://discourse.pi-hole.net/t/how-do-i-watch-and-interpret-the-pihole-log-file/276) in real time to help debug any issues, or just see what's happening with your Pi-hole.
#### Pi-hole Debugger
If you are having trouble with your Pi-hole, this is the place to go. You can run the debugger and it will attempt to diagnose any issues and then link to an FAQ with instructions on rectifying the problem.
<p align="center">
<img src="https://assets.pi-hole.net/static/debug-gui.png">
</p>
If run [via the command line](https://discourse.pi-hole.net/t/the-pihole-command-with-examples/738#debug), you will see red/yellow/green text, which makes it easy to identify any problems.
<p align="center">
<a href=https://discourse.pi-hole.net/t/the-pihole-command-with-examples/738#debugs><img src="https://assets.pi-hole.net/static/debug-cli.png"></a>
</p>
After the debugger has finished, you have the option to upload it to our secure server for 48 hours. All you need to do then is provide one of our developers the unique token generated by the debugger (this is usually done via [our forums](https://discourse.pi-hole.net/c/bugs-problems-issues)).
<p align="center">
<a href=https://discourse.pi-hole.net/t/the-pihole-command-with-examples/738#debugs><img src="https://assets.pi-hole.net/static/debug-token.png"></a>
</p>
However, most of the time, you will be able to solve any issues without any intervention from us. But if you can't, we're always around to help out.
### Settings
The settings page lets you control and configure your Pi-hole. You can do things like:
- view networking information
- flush logs or disable the logging of queries
- [enable Pi-hole's built-in DHCP server](https://discourse.pi-hole.net/t/how-do-i-use-pi-holes-built-in-dhcp-server-and-why-would-i-want-to/3026)
- [manage block lists](https://discourse.pi-hole.net/t/how-do-i-add-additional-block-lists-to-pi-hole/259)
- exclude domains from the graphs and enable privacy options
- configure upstream DNS servers
- restart Pi-hole's services
- back up some of Pi-hole's important files
- and more!
<p align="center">
<img src="https://assets.pi-hole.net/static/settings-page.png">
</p>
## Built-in DHCP Server
Pi-hole ships with a [built-in DHCP server](https://discourse.pi-hole.net/t/how-do-i-use-pi-holes-built-in-dhcp-server-and-why-would-i-want-to/3026). This allows you to let your network devices use Pi-hole as their DNS server if your router does not let you adjust the DHCP options.
One nice feature of using Pi-hole's DHCP server if you can set hostnames and DHCP reservations so you'll [see hostnames in the query log instead of IP addresses](https://discourse.pi-hole.net/t/how-do-i-show-hostnames-instead-of-ip-addresses-in-the-dashboard/3530). You can still do this without using Pi-hole's DHCP server; it just takes a little more work. If you do plan to use Pi-hole's DHCP server, be sure to disable DHCP on your router first.
<p align="center">
<a href=https://discourse.pi-hole.net/t/how-do-i-use-pi-holes-built-in-dhcp-server-and-why-would-i-want-to/3026><img src="https://assets.pi-hole.net/static/piholedhcpserver.png"></a>
</p>
## The FTL Engine: Our API
A read-only API can be accessed at `admin/api.php` (the same output can be achieved on the CLI by running `pihole -c -j`).
It returns the following JSON:
``` json
{
"domains_being_blocked":111175,
"dns_queries_today":15669,
"ads_blocked_today":1752,
"ads_percentage_today":11.181314,
"unique_domains":1178,
"queries_forwarded":9177,
"queries_cached":4740,
"unique_clients":18
}
```
More details on the API can be found [here](https://discourse.pi-hole.net/t/pi-hole-api/1863) and on [the repo itself](https://github.com/pi-hole/FTL).
### Real-time Statistics, Courtesy Of The Time Cops
Using [chronometer2](https://github.com/pi-hole/pi-hole/blob/master/advanced/Scripts/chronometer.sh), you can view [real-time stats](https://discourse.pi-hole.net/t/how-do-i-view-my-pi-holes-stats-over-ssh-or-on-an-lcd-using-chronometer/240) via `ssh` or on an LCD screen such as the [2.8" LCD screen from Adafruit](http://amzn.to/1P0q1Fj).
Simply run `pihole -c` for some detailed information.
```
|¯¯¯(¯)__|¯|_ ___|¯|___ Pi-hole: v3.2
| ¯_/¯|__| ' \/ _ \ / -_) AdminLTE: v3.2
|_| |_| |_||_\___/_\___| FTL: v2.10
——————————————————————————————————————————————————————————
Hostname: pihole (Raspberry Pi 1, Model B)
Uptime: 11 days, 12:55:01
Task Load: 0.35 0.16 0.15 (Active: 5 of 33 tasks)
CPU usage: 48% (1 core @ 700 MHz, 47c)
RAM usage: 12% (Used: 54 MB of 434 MB)
HDD usage: 20% (Used: 1 GB of 7 GB)
LAN addr: 192.168.1.100 (Gateway: 192.168.1.1)
Pi-hole: Active (Blocking: 111175 sites)
Ads Today: 11% (1759 of 15812 queries)
Fwd DNS: 208.67.222.222 (Alt DNS: 3 others)
——————————————————————————————————————————————————————————
Recently blocked: www.google-analytics.com
Top Advertiser: www.example.org
Top Domain: www.example.org
Top Client: somehost
```
<p align="center">
<img src="https://assets.pi-hole.net/static/chrono1.jpg">
</p>
<p align="center">
<img src="https://assets.pi-hole.net/static/chrono2.jpg">
</p>
# Get Help Or Connect With Us On The Web
- [Users Forum](https://discourse.pi-hole.net/)
- [FAQs](https://discourse.pi-hole.net/c/faqs)
- [Feature requests](https://discourse.pi-hole.net/c/feature-requests?order=votes)
- [Wiki](https://github.com/pi-hole/pi-hole/wiki)
- [Facebook](https://www.facebook.com/ThePiHole/)
- ![Twitter](https://assets.pi-hole.net/static/twitter.png) [Tweet @The_Pi_Hole](https://twitter.com/The_Pi_Hole)
- ![Reddit](https://assets.pi-hole.net/static/reddit.png) [Reddit /r/pihole](https://www.reddit.com/r/pihole/)
- ![YouTube](https://assets.pi-hole.net/static/youtube.png) [Pi-hole channel](https://www.youtube.com/channel/UCT5kq9w0wSjogzJb81C9U0w)
- [![Join the chat at https://gitter.im/pi-hole/pi-hole](https://badges.gitter.im/pi-hole/pi-hole.svg)](https://gitter.im/pi-hole/pi-hole?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
## Technical Details
# Technical Details
The Pi-hole™ is an **advertising-aware DNS/Web server**. If an ad domain is queried, a small Web page or GIF is delivered in place of the advertisement.
### Gravity
The [gravity.sh](https://github.com/pi-hole/pi-hole/blob/master/gravity.sh) does most of the magic. The script pulls in ad domains from many sources and compiles them into a single list of [over 1.6 million entries](http://jacobsalmela.com/block-millions-ads-network-wide-with-a-raspberry-pi-hole-2-0) (if you decide to use the [mahakala list](https://github.com/pi-hole/pi-hole/commit/963eacfe0537a7abddf30441c754c67ca1e40965)). This script is controlled by the `pihole` command. Please run `pihole -h` to see what commands can be run via `pihole`.
To summarize into a short sentence, the Pi-hole is an **advertising-aware DNS/Web server**. And while quite outdated at this point, [this original blog post about Pi-hole](https://jacobsalmela.com/2015/06/16/block-millions-ads-network-wide-with-a-raspberry-pi-hole-2-0/) goes into **great detail** about how it was setup and how it works. Syntactically, it's no longer accurate, but the same basic principles and logic still apply to Pi-hole's current state.
#### Other Operating Systems
The automated install is only for a clean install of a Debian family or Fedora based system, such as the Raspberry Pi. However, this script will work for most UNIX-like systems, some with some slight **modifications** that we can help you work through. If you can install `dnsmasq` and a web server, it should work OK. If there are other platforms you'd like supported, let us know.
### Web Interface
The [Web interface](https://github.com/pi-hole/AdminLTE#pi-hole-admin-dashboard) will be installed automatically so you can view stats and change settings. You can find it at:
`http://192.168.1.x/admin/index.php` or `http://pi.hole/admin`
![Pi-hole Advanced Stats Dashboard](https://assets.pi-hole.net/static/dashboard212.png)
### Whitelist and blacklist
Domains can be whitelisted and blacklisted using either the web interface or the command line. See [the wiki page](https://github.com/pi-hole/pi-hole/wiki/Whitelisting-and-Blacklisting) for more details
<p align="center">
<a href=https://github.com/pi-hole/pi-hole/wiki/Whitelisting-and-Blacklisting><img src="https://assets.pi-hole.net/static/whitelist212.png"></a>
</p>
### Settings
The settings page lets you control and configure your Pi-hole™. You can do things like:
- enable Pi-hole's built-in DHCP server
- exclude domains from the graphs
- configure upstream DNS servers
- and more!
![Settings page](https://assets.pi-hole.net/static/settings212.png)
#### Built-in DHCP Server
Pi-hole™ ships with a built-in DHCP server. This allows you to let your network devices use Pi-hole™ as their DNS server if your router does not let you adjust the DHCP options.
<p align="center">
<a href=hhttps://discourse.pi-hole.net/t/how-do-i-configure-my-devices-to-use-pi-hole-as-their-dns-server/245><img src="https://assets.pi-hole.net/static/piholedhcpserver.png"></a>
</p>
## API
A basic read-only API can be accessed at `/admin/api.php`. It returns the following JSON:
``` json
{
"domains_being_blocked": "136708",
"dns_queries_today": "18108",
"ads_blocked_today": "14648",
"ads_percentage_today": "80.89"
}
```
The same output can be achieved on the CLI by running `chronometer.sh -j`
## Real-time Statistics
You can view [real-time stats](https://discourse.pi-hole.net/t/how-do-i-view-my-pi-holes-stats-over-ssh-or-on-an-lcd-using-chronometer/240) via `ssh` or on an [2.8" LCD screen](http://amzn.to/1P0q1Fj). This is accomplished via [`chronometer.sh`](https://github.com/pi-hole/pi-hole/blob/master/advanced/Scripts/chronometer.sh). ![Pi-hole LCD](http://i.imgur.com/nBEqycp.jpg)
## Pi-hole™ Projects
# Pi-hole Projects
- [An ad blocking Magic Mirror](https://zonksec.com/blog/magic-mirror-dns-filtering/#dnssoftware)
- [Pi-hole stats in your Mac's menu bar](https://getbitbar.com/plugins/Network/pi-hole.1m.py)
@ -156,8 +298,9 @@ You can view [real-time stats](https://discourse.pi-hole.net/t/how-do-i-view-my-
- [Let your blink1 device blink when Pi-hole filters ads](https://gist.github.com/elpatron68/ec0b4c582e5abf604885ac1e068d233f)
- [Pi-hole Prometheus exporter](https://github.com/nlamirault/pihole_exporter): a [Prometheus](https://prometheus.io/) exporter for Pi-hole
- [Pi-hole Droid - open source Android client](https://github.com/friimaind/pi-hole-droid)
- [Windows DNS Swapper](https://github.com/roots84/DNS-Swapper), see [#1400](https://github.com/pi-hole/pi-hole/issues/1400)
## Coverage
# Coverage
- [Adafruit livestream install](https://www.youtube.com/watch?v=eg4u2j1HYlI)
- [TekThing: 5 fun, easy projects for a Raspberry Pi](https://youtu.be/QwrKlyC2kdM?t=1m42s)

View file

@ -21,10 +21,13 @@
###############################################################################
addn-hosts=/etc/pihole/gravity.list
addn-hosts=/etc/pihole/black.list
addn-hosts=/etc/pihole/local.list
domain-needed
localise-queries
bogus-priv
no-resolv

View file

@ -0,0 +1,28 @@
if [[ -t 1 ]] && [[ $(tput colors) -ge 8 ]]; then
COL_NC=''
COL_WHITE=''
COL_BLACK=''
COL_BLUE=''
COL_LIGHT_BLUE=''
COL_GREEN=''
COL_LIGHT_GREEN=''
COL_CYAN=''
COL_LIGHT_CYAN=''
COL_RED=''
COL_LIGHT_RED=''
COL_URG_RED=''
COL_PURPLE=''
COL_LIGHT_PURPLE=''
COL_BROWN=''
COL_YELLOW=''
COL_GRAY=''
COL_LIGHT_GRAY=''
COL_DARK_GRAY=''
fi
TICK="[${COL_LIGHT_GREEN}✓${COL_NC}]"
CROSS="[${COL_LIGHT_RED}✗${COL_NC}]"
INFO="[i]"
QST="[?]"
DONE="${COL_LIGHT_GREEN} done!${COL_NC}"
OVER="\r\033[K"

View file

@ -1,4 +1,5 @@
#!/usr/bin/env bash
# shellcheck disable=SC1090,SC1091
# Pi-hole: A black hole for Internet advertisements
# (c) 2017 Pi-hole, LLC (https://pi-hole.net)
# Network-wide ad blocking via your own hardware.
@ -7,102 +8,565 @@
#
# This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license.
LC_NUMERIC=C
#Functions##############################################################################################################
piLog="/var/log/pihole.log"
gravity="/etc/pihole/gravity.list"
. /etc/pihole/setupVars.conf
function GetFTLData {
# Retrieve stats from FTL engine
pihole-FTL() {
ftl_port=$(cat /var/run/pihole-FTL.port 2> /dev/null)
if [[ -n "$ftl_port" ]]; then
# Open connection to FTL
exec 3<>/dev/tcp/localhost/"$(cat /var/run/pihole-FTL.port)"
exec 3<>"/dev/tcp/localhost/$ftl_port"
# Test if connection is open
if { >&3; } 2> /dev/null; then
# Send command to FTL
echo -e ">$1" >&3
if { "true" >&3; } 2> /dev/null; then
# Send command to FTL
echo -e ">$1" >&3
# Read input
read -r -t 1 LINE <&3
until [ ! $? ] || [[ "$LINE" == *"EOM"* ]]; do
echo "$LINE" >&1
read -r -t 1 LINE <&3
done
# Read input
read -r -t 1 LINE <&3
until [[ ! $? ]] || [[ "$LINE" == *"EOM"* ]]; do
echo "$LINE" >&1
read -r -t 1 LINE <&3
done
# Close connection
exec 3>&-
exec 3<&-
# Close connection
exec 3>&-
exec 3<&-
fi
else
echo "0"
fi
}
outputJSON() {
get_summary_data
echo "{\"domains_being_blocked\":${domains_being_blocked_raw},\"dns_queries_today\":${dns_queries_today_raw},\"ads_blocked_today\":${ads_blocked_today_raw},\"ads_percentage_today\":${ads_percentage_today_raw}}"
# Print spaces to align right-side additional text
printFunc() {
local text_last
title="$1"
title_len="${#title}"
text_main="$2"
text_main_nocol="$text_main"
if [[ "${text_main:0:1}" == "" ]]; then
text_main_nocol=$(sed 's/\[[0-9;]\{1,5\}m//g' <<< "$text_main")
fi
text_main_len="${#text_main_nocol}"
text_addn="$3"
if [[ "$text_addn" == "last" ]]; then
text_addn=""
text_last="true"
fi
# If there is additional text, define max length of text_main
if [[ -n "$text_addn" ]]; then
case "$scr_cols" in
[0-9]|1[0-9]|2[0-9]|3[0-9]|4[0-4]) text_main_max_len="9";;
4[5-9]) text_main_max_len="14";;
*) text_main_max_len="19";;
esac
fi
[[ -z "$text_addn" ]] && text_main_max_len="$(( scr_cols - title_len ))"
# Remove excess characters from main text
if [[ "$text_main_len" -gt "$text_main_max_len" ]]; then
# Trim text without colours
text_main_trim="${text_main_nocol:0:$text_main_max_len}"
# Replace with trimmed text
text_main="${text_main/$text_main_nocol/$text_main_trim}"
fi
# Determine amount of spaces for each line
if [[ -n "$text_last" ]]; then
# Move cursor to end of screen
spc_num=$(( scr_cols - ( title_len + text_main_len ) ))
else
spc_num=$(( text_main_max_len - text_main_len ))
fi
[[ "$spc_num" -le 0 ]] && spc_num="0"
spc=$(printf "%${spc_num}s")
#spc="${spc// /.}" # Debug: Visualise spaces
printf "%s%s$spc" "$title" "$text_main"
if [[ -n "$text_addn" ]]; then
printf "%s(%s)%s\\n" "$COL_NC$COL_DARK_GRAY" "$text_addn" "$COL_NC"
else
# Do not print trailing newline on final line
[[ -z "$text_last" ]] && printf "%s\\n" "$COL_NC"
fi
}
get_summary_data() {
local summary=$(GetFTLData "stats")
domains_being_blocked_raw=$(grep "domains_being_blocked" <<< "${summary}" | grep -Eo "[0-9]+$")
domains_being_blocked=$(printf "%'.f" ${domains_being_blocked_raw})
dns_queries_today_raw=$(grep "dns_queries_today" <<< "$summary" | grep -Eo "[0-9]+$")
dns_queries_today=$(printf "%'.f" ${dns_queries_today_raw})
ads_blocked_today_raw=$(grep "ads_blocked_today" <<< "$summary" | grep -Eo "[0-9]+$")
ads_blocked_today=$(printf "%'.f" ${ads_blocked_today_raw})
ads_percentage_today_raw=$(grep "ads_percentage_today" <<< "$summary" | grep -Eo "[0-9.]+$")
LC_NUMERIC=C ads_percentage_today=$(printf "%'.f" ${ads_percentage_today_raw})
# Perform on first Chrono run (not for JSON formatted string)
get_init_stats() {
calcFunc(){ awk "BEGIN {print $*}" 2> /dev/null; }
# Convert bytes to human-readable format
hrBytes() {
awk '{
num=$1;
if(num==0) {
print "0 B"
} else {
xxx=(num<0?-num:num)
sss=(num<0?-1:1)
split("B KB MB GB TB PB",type)
for(i=5;yyy < 1;i--) {
yyy=xxx / (2^(10*i))
}
printf "%.0f " type[i+2], yyy*sss
}
}' <<< "$1";
}
# Convert seconds to human-readable format
hrSecs() {
day=$(( $1/60/60/24 )); hrs=$(( $1/3600%24 ))
mins=$(( ($1%3600)/60 )); secs=$(( $1%60 ))
[[ "$day" -ge "2" ]] && plu="s"
[[ "$day" -ge "1" ]] && days="$day day${plu}, " || days=""
printf "%s%02d:%02d:%02d\\n" "$days" "$hrs" "$mins" "$secs"
}
# Set Colour Codes
coltable="/opt/pihole/COL_TABLE"
if [[ -f "${coltable}" ]]; then
source ${coltable}
else
COL_NC=""
COL_DARK_GRAY=""
COL_LIGHT_GREEN=""
COL_LIGHT_BLUE=""
COL_LIGHT_RED=""
COL_YELLOW=""
COL_LIGHT_RED=""
COL_URG_RED=""
fi
# Get RPi throttle state (RPi 3B only) & model number, or OS distro info
if command -v vcgencmd &> /dev/null; then
local sys_throttle_raw
local sys_rev_raw
sys_throttle_raw=$(vgt=$(sudo vcgencmd get_throttled); echo "${vgt##*x}")
# Active Throttle Notice: http://bit.ly/2gnunOo
if [[ "$sys_throttle_raw" != "0" ]]; then
case "$sys_throttle_raw" in
*0001) thr_type="${COL_YELLOW}Under Voltage";;
*0002) thr_type="${COL_LIGHT_BLUE}Arm Freq Cap";;
*0003) thr_type="${COL_YELLOW}UV${COL_DARK_GRAY},${COL_NC} ${COL_LIGHT_BLUE}AFC";;
*0004) thr_type="${COL_LIGHT_RED}Throttled";;
*0005) thr_type="${COL_YELLOW}UV${COL_DARK_GRAY},${COL_NC} ${COL_LIGHT_RED}TT";;
*0006) thr_type="${COL_LIGHT_BLUE}AFC${COL_DARK_GRAY},${COL_NC} ${COL_LIGHT_RED}TT";;
*0007) thr_type="${COL_YELLOW}UV${COL_DARK_GRAY},${COL_NC} ${COL_LIGHT_BLUE}AFC${COL_DARK_GRAY},${COL_NC} ${COL_LIGHT_RED}TT";;
esac
[[ -n "$thr_type" ]] && sys_throttle="$thr_type${COL_DARK_GRAY}"
fi
sys_rev_raw=$(awk '/Revision/ {print $3}' < /proc/cpuinfo)
case "$sys_rev_raw" in
000[2-6]) sys_model=" 1, Model B";; # 256MB
000[7-9]) sys_model=" 1, Model A";; # 256MB
000d|000e|000f) sys_model=" 1, Model B";; # 512MB
0010|0013) sys_model=" 1, Model B+";; # 512MB
0012|0015) sys_model=" 1, Model A+";; # 256MB
a0104[0-1]|a21041|a22042) sys_model=" 2, Model B";; # 1GB
900021) sys_model=" 1, Model A+";; # 512MB
900032) sys_model=" 1, Model B+";; # 512MB
90009[2-3]|920093) sys_model=" Zero";; # 512MB
9000c1) sys_model=" Zero W";; # 512MB
a02082|a[2-3]2082) sys_model=" 3, Model B";; # 1GB
*) sys_model="";;
esac
sys_type="Raspberry Pi$sys_model"
else
source "/etc/os-release"
CODENAME=$(sed 's/[()]//g' <<< "${VERSION/* /}")
sys_type="${NAME/ */} ${CODENAME^} $VERSION_ID"
fi
# Get core count
sys_cores=$(grep -c "^processor" /proc/cpuinfo)
# Test existence of clock speed file for ARM CPU
if [[ -f "/sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq" ]]; then
scaling_freq_file="/sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq"
fi
# Test existence of temperature file
if [[ -f "/sys/class/thermal/thermal_zone0/temp" ]]; then
temp_file="/sys/class/thermal/thermal_zone0/temp"
elif [[ -f "/sys/class/hwmon/hwmon0/temp1_input" ]]; then
temp_file="/sys/class/hwmon/hwmon0/temp1_input"
else
temp_file=""
fi
# Test existence of setupVars config
if [[ -f "/etc/pihole/setupVars.conf" ]]; then
setupVars="/etc/pihole/setupVars.conf"
fi
}
normalChrono() {
for (( ; ; )); do
get_summary_data
domain=$(GetFTLData recentBlocked)
clear
# Displays a colorful Pi-hole logo
echo " ___ _ _ _"
echo "| _ (_)___| |_ ___| |___"
echo "| _/ |___| ' \/ _ \ / -_)"
echo "|_| |_| |_||_\___/_\___|"
echo ""
echo " ${IPV4_ADDRESS}"
echo ""
uptime | cut -d' ' -f11-
#uptime -p #Doesn't work on all versions of uptime
uptime | awk -F'( |,|:)+' '{if ($7=="min") m=$6; else {if ($7~/^day/) {d=$6;h=$8;m=$9} else {h=$6;m=$7}}} {print d+0,"days,",h+0,"hours,",m+0,"minutes."}'
echo "-------------------------------"
echo "Recently blocked:"
echo " $domain"
get_sys_stats() {
local ph_ver_raw
local cpu_raw
local ram_raw
local disk_raw
echo "Blocking: ${domains_being_blocked}"
echo "Queries: ${dns_queries_today}"
echo "Pi-holed: ${ads_blocked_today} (${ads_percentage_today}%)"
# Update every 12 refreshes (Def: every 60s)
count=$((count+1))
if [[ "$count" == "1" ]] || (( "$count" % 12 == 0 )); then
# Do not source setupVars if file does not exist
[[ -n "$setupVars" ]] && source "$setupVars"
sleep 5
done
mapfile -t ph_ver_raw < <(pihole -v -c 2> /dev/null | sed -n 's/^.* v/v/p')
if [[ -n "${ph_ver_raw[0]}" ]]; then
ph_core_ver="${ph_ver_raw[0]}"
ph_lte_ver="${ph_ver_raw[1]}"
ph_ftl_ver="${ph_ver_raw[2]}"
else
ph_core_ver="-1"
fi
sys_name=$(hostname)
[[ -n "$TEMPERATUREUNIT" ]] && temp_unit="$TEMPERATUREUNIT" || temp_unit="c"
# Get storage stats for partition mounted on /
read -r -a disk_raw <<< "$(df -B1 / 2> /dev/null | awk 'END{ print $3,$2,$5 }')"
disk_used="${disk_raw[0]}"
disk_total="${disk_raw[1]}"
disk_perc="${disk_raw[2]}"
net_gateway=$(route -n | awk '$4 == "UG" {print $2;exit}')
# Get DHCP stats, if feature is enabled
if [[ "$DHCP_ACTIVE" == "true" ]]; then
ph_dhcp_max=$(( ${DHCP_END##*.} - ${DHCP_START##*.} + 1 ))
fi
# Get DNS server count
dns_count="0"
[[ -n "${PIHOLE_DNS_1}" ]] && dns_count=$((dns_count+1))
[[ -n "${PIHOLE_DNS_2}" ]] && dns_count=$((dns_count+1))
[[ -n "${PIHOLE_DNS_3}" ]] && dns_count=$((dns_count+1))
[[ -n "${PIHOLE_DNS_4}" ]] && dns_count=$((dns_count+1))
[[ -n "${PIHOLE_DNS_5}" ]] && dns_count=$((dns_count+1))
[[ -n "${PIHOLE_DNS_6}" ]] && dns_count=$((dns_count+1))
[[ -n "${PIHOLE_DNS_7}" ]] && dns_count=$((dns_count+1))
[[ -n "${PIHOLE_DNS_8}" ]] && dns_count=$((dns_count+1))
[[ -n "${PIHOLE_DNS_9}" ]] && dns_count="$dns_count+"
fi
# Get screen size
read -r -a scr_size <<< "$(stty size 2>/dev/null || echo 24 80)"
scr_lines="${scr_size[0]}"
scr_cols="${scr_size[1]}"
# Determine Chronometer size behaviour
if [[ "$scr_cols" -ge 58 ]]; then
chrono_width="large"
elif [[ "$scr_cols" -gt 40 ]]; then
chrono_width="medium"
else
chrono_width="small"
fi
# Determine max length of divider string
scr_line_len=$(( scr_cols - 2 ))
[[ "$scr_line_len" -ge 58 ]] && scr_line_len="58"
scr_line_str=$(printf "%${scr_line_len}s")
scr_line_str="${scr_line_str// /—}"
sys_uptime=$(hrSecs "$(cut -d. -f1 /proc/uptime)")
sys_loadavg=$(cut -d " " -f1,2,3 /proc/loadavg)
# Get CPU usage, only counting processes over 1% as active
# shellcheck disable=SC2009
cpu_raw=$(ps -eo pcpu,rss --no-headers | grep -E -v " 0")
cpu_tasks=$(wc -l <<< "$cpu_raw")
cpu_taskact=$(sed -r "/(^ 0.)/d" <<< "$cpu_raw" | wc -l)
cpu_perc=$(awk '{sum+=$1} END {printf "%.0f\n", sum/'"$sys_cores"'}' <<< "$cpu_raw")
# Get CPU clock speed
if [[ -n "$scaling_freq_file" ]]; then
cpu_mhz=$(( $(< /sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq) / 1000 ))
else
cpu_mhz=$(lscpu | awk -F ":" '/MHz/ {print $2;exit}')
cpu_mhz=$(printf "%.0f" "${cpu_mhz//[[:space:]]/}")
fi
# Determine whether to display CPU clock speed as MHz or GHz
if [[ -n "$cpu_mhz" ]]; then
[[ "$cpu_mhz" -le "999" ]] && cpu_freq="$cpu_mhz MHz" || cpu_freq="$(calcFunc "$cpu_mhz"/1000) GHz"
fi
# Determine colour for temperature
if [[ -n "$temp_file" ]]; then
if [[ "$temp_unit" == "C" ]]; then
cpu_temp=$(printf "%.0fc\\n" "$(calcFunc "$(< $temp_file) / 1000")")
case "${cpu_temp::-1}" in
-*|[0-9]|[1-3][0-9]) cpu_col="$COL_LIGHT_BLUE";;
4[0-9]) cpu_col="";;
5[0-9]) cpu_col="$COL_YELLOW";;
6[0-9]) cpu_col="$COL_LIGHT_RED";;
*) cpu_col="$COL_URG_RED";;
esac
# $COL_NC$COL_DARK_GRAY is needed for $COL_URG_RED
cpu_temp_str=" @ $cpu_col$cpu_temp$COL_NC$COL_DARK_GRAY"
elif [[ "$temp_unit" == "F" ]]; then
cpu_temp=$(printf "%.0ff\\n" "$(calcFunc "($(< $temp_file) / 1000) * 9 / 5 + 32")")
case "${cpu_temp::-1}" in
-*|[0-9]|[0-9][0-9]) cpu_col="$COL_LIGHT_BLUE";;
1[0-1][0-9]) cpu_col="";;
1[2-3][0-9]) cpu_col="$COL_YELLOW";;
1[4-5][0-9]) cpu_col="$COL_LIGHT_RED";;
*) cpu_col="$COL_URG_RED";;
esac
cpu_temp_str=" @ $cpu_col$cpu_temp$COL_NC$COL_DARK_GRAY"
else
cpu_temp_str=$(printf " @ %.0fk\\n" "$(calcFunc "($(< $temp_file) / 1000) + 273.15")")
fi
else
cpu_temp_str=""
fi
read -r -a ram_raw <<< "$(awk '/MemTotal:/{total=$2} /MemFree:/{free=$2} /Buffers:/{buffers=$2} /^Cached:/{cached=$2} END {printf "%.0f %.0f %.0f", (total-free-buffers-cached)*100/total, (total-free-buffers-cached)*1024, total*1024}' /proc/meminfo)"
ram_perc="${ram_raw[0]}"
ram_used="${ram_raw[1]}"
ram_total="${ram_raw[2]}"
if [[ "$(pihole status web 2> /dev/null)" == "1" ]]; then
ph_status="${COL_LIGHT_GREEN}Active"
else
ph_status="${COL_LIGHT_RED}Offline"
fi
if [[ "$DHCP_ACTIVE" == "true" ]]; then
local ph_dhcp_range
ph_dhcp_range=$(seq -s "|" -f "${DHCP_START%.*}.%g" "${DHCP_START##*.}" "${DHCP_END##*.}")
# Count dynamic leases from available range, and not static leases
ph_dhcp_num=$(grep -cE "$ph_dhcp_range" "/etc/pihole/dhcp.leases")
ph_dhcp_percent=$(( ph_dhcp_num * 100 / ph_dhcp_max ))
fi
}
displayHelp() {
cat << EOM
::: Displays stats about your piHole!
:::
::: Usage: sudo pihole -c [optional:-j]
::: Note: If no option is passed, then stats are displayed on screen, updated every 5 seconds
:::
::: Options:
::: -j, --json output stats as JSON formatted string
::: -h, --help display this help text
EOM
exit 0
get_ftl_stats() {
local stats_raw
mapfile -t stats_raw < <(pihole-FTL "stats")
domains_being_blocked_raw="${stats_raw[0]#* }"
dns_queries_today_raw="${stats_raw[1]#* }"
ads_blocked_today_raw="${stats_raw[2]#* }"
ads_percentage_today_raw="${stats_raw[3]#* }"
queries_forwarded_raw="${stats_raw[5]#* }"
queries_cached_raw="${stats_raw[6]#* }"
# Only retrieve these stats when not called from jsonFunc
if [[ -z "$1" ]]; then
local top_ad_raw
local top_domain_raw
local top_client_raw
domains_being_blocked=$(printf "%.0f\\n" "${domains_being_blocked_raw}")
dns_queries_today=$(printf "%.0f\\n" "${dns_queries_today_raw}")
ads_blocked_today=$(printf "%.0f\\n" "${ads_blocked_today_raw}")
ads_percentage_today=$(printf "%'.0f\\n" "${ads_percentage_today_raw}")
queries_cached_percentage=$(printf "%.0f\\n" "$(calcFunc "$queries_cached_raw * 100 / ( $queries_forwarded_raw + $queries_cached_raw )")")
recent_blocked=$(pihole-FTL recentBlocked)
read -r -a top_ad_raw <<< "$(pihole-FTL "top-ads (1)")"
read -r -a top_domain_raw <<< "$(pihole-FTL "top-domains (1)")"
read -r -a top_client_raw <<< "$(pihole-FTL "top-clients (1)")"
top_ad="${top_ad_raw[2]}"
top_domain="${top_domain_raw[2]}"
if [[ "${top_client_raw[3]}" ]]; then
top_client="${top_client_raw[3]}"
else
top_client="${top_client_raw[2]}"
fi
fi
}
get_strings() {
# Expand or contract strings depending on screen size
if [[ "$chrono_width" == "large" ]]; then
phc_str=" ${COL_DARK_GRAY}Pi-hole"
lte_str=" ${COL_DARK_GRAY}Admin"
ftl_str=" ${COL_DARK_GRAY}FTL"
api_str="${COL_LIGHT_RED}API Offline"
host_info="$sys_type"
sys_info="$sys_throttle"
sys_info2="Active: $cpu_taskact of $cpu_tasks tasks"
used_str="Used: "
leased_str="Leased: "
domains_being_blocked=$(printf "%'.0f" "$domains_being_blocked")
ads_blocked_today=$(printf "%'.0f" "$ads_blocked_today")
dns_queries_today=$(printf "%'.0f" "$dns_queries_today")
ph_info="Blocking: $domains_being_blocked sites"
total_str="Total: "
else
phc_str=" ${COL_DARK_GRAY}PH"
lte_str=" ${COL_DARK_GRAY}Web"
ftl_str=" ${COL_DARK_GRAY}FTL"
api_str="${COL_LIGHT_RED}API Down"
ph_info="$domains_being_blocked blocked"
fi
[[ "$sys_cores" -ne 1 ]] && sys_cores_txt="${sys_cores}x "
cpu_info="$sys_cores_txt$cpu_freq$cpu_temp_str"
ram_info="$used_str$(hrBytes "$ram_used") of $(hrBytes "$ram_total")"
disk_info="$used_str$(hrBytes "$disk_used") of $(hrBytes "$disk_total")"
lan_info="Gateway: $net_gateway"
dhcp_info="$leased_str$ph_dhcp_num of $ph_dhcp_max"
ads_info="$total_str$ads_blocked_today of $dns_queries_today"
dns_info="$dns_count DNS servers"
[[ "$recent_blocked" == "0" ]] && recent_blocked="${COL_LIGHT_RED}FTL offline${COL_NC}"
}
chronoFunc() {
get_init_stats
for (( ; ; )); do
get_sys_stats
get_ftl_stats
get_strings
# Strip excess development version numbers
if [[ "$ph_core_ver" != "-1" ]]; then
phc_ver_str="$phc_str: ${ph_core_ver%-*}${COL_NC}"
lte_ver_str="$lte_str: ${ph_lte_ver%-*}${COL_NC}"
ftl_ver_str="$ftl_str: ${ph_ftl_ver%-*}${COL_NC}"
else
phc_ver_str="$phc_str: $api_str${COL_NC}"
fi
# Get refresh number
if [[ "$*" == *"-r"* ]]; then
num="$*"
num="${num/*-r /}"
num="${num/ */}"
num_str="Refresh set for every $num seconds"
else
num_str=""
fi
clear
# Remove exit message heading on third refresh
if [[ "$count" -le 2 ]] && [[ "$*" != *"-e"* ]]; then
echo -e " ${COL_LIGHT_GREEN}Pi-hole Chronometer${COL_NC}
$num_str
${COL_LIGHT_RED}Press Ctrl-C to exit${COL_NC}
${COL_DARK_GRAY}$scr_line_str${COL_NC}"
else
echo -e "|¯¯¯(¯)_|¯|_ ___|¯|___$phc_ver_str
| ¯_/¯|_| ' \\/ _ \\ / -_)$lte_ver_str
|_| |_| |_||_\\___/_\\___|$ftl_ver_str
${COL_DARK_GRAY}$scr_line_str${COL_NC}"
fi
printFunc " Hostname: " "$sys_name" "$host_info"
printFunc " Uptime: " "$sys_uptime" "$sys_info"
printFunc " Task Load: " "$sys_loadavg" "$sys_info2"
printFunc " CPU usage: " "$cpu_perc%" "$cpu_info"
printFunc " RAM usage: " "$ram_perc%" "$ram_info"
printFunc " HDD usage: " "$disk_perc" "$disk_info"
if [[ "$scr_lines" -gt 17 ]] && [[ "$chrono_width" != "small" ]]; then
printFunc " LAN addr: " "${IPV4_ADDRESS/\/*/}" "$lan_info"
fi
if [[ "$DHCP_ACTIVE" == "true" ]]; then
printFunc "DHCP usage: " "$ph_dhcp_percent%" "$dhcp_info"
fi
printFunc " Pi-hole: " "$ph_status" "$ph_info"
printFunc " Ads Today: " "$ads_percentage_today%" "$ads_info"
printFunc "Local Qrys: " "$queries_cached_percentage%" "$dns_info"
printFunc " Blocked: " "$recent_blocked"
printFunc "Top Advert: " "$top_ad"
# Provide more stats on screens with more lines
if [[ "$scr_lines" -eq 17 ]]; then
if [[ "$DHCP_ACTIVE" == "true" ]]; then
printFunc "Top Domain: " "$top_domain" "last"
else
print_client="true"
fi
else
print_client="true"
fi
if [[ -n "$print_client" ]]; then
printFunc "Top Domain: " "$top_domain"
printFunc "Top Client: " "$top_client" "last"
fi
# Handle exit/refresh options
if [[ "$*" == *"-e"* ]]; then
exit 0
else
if [[ "$*" == *"-r"* ]]; then
sleep "$num"
else
sleep 5
fi
fi
done
}
jsonFunc() {
get_ftl_stats "json"
echo "{\"domains_being_blocked\":${domains_being_blocked_raw},\"dns_queries_today\":${dns_queries_today_raw},\"ads_blocked_today\":${ads_blocked_today_raw},\"ads_percentage_today\":${ads_percentage_today_raw}}"
}
helpFunc() {
if [[ "$1" == "?" ]]; then
echo "Unknown option. Please view 'pihole -c --help' for more information"
else
echo "Usage: pihole -c [options]
Example: 'pihole -c -j'
Calculates stats and displays to an LCD
Options:
-j, --json Output stats as JSON formatted string
-r, --refresh Set update frequency (in seconds)
-e, --exit Output stats and exit witout refreshing
-h, --help Display this help text"
fi
exit 0
}
if [[ $# = 0 ]]; then
normalChrono
chronoFunc
fi
for var in "$@"; do
case "$var" in
"-j" | "--json" ) outputJSON;;
"-h" | "--help" ) displayHelp;;
* ) exit 1;;
esac
case "$var" in
"-j" | "--json" ) jsonFunc;;
"-h" | "--help" ) helpFunc;;
"-r" | "--refresh" ) chronoFunc "$@";;
"-e" | "--exit" ) chronoFunc "$@";;
* ) helpFunc "?";;
esac
done

View file

@ -3,14 +3,12 @@
# (c) 2017 Pi-hole, LLC (https://pi-hole.net)
# Network-wide ad blocking via your own hardware.
#
# Whitelists and blacklists domains
# Whitelist and blacklist domains
#
# This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license.
#globals
# Globals
basename=pihole
piholeDir=/etc/${basename}
whitelist=${piholeDir}/whitelist.txt
@ -26,209 +24,225 @@ domToRemoveList=()
listMain=""
listAlt=""
colfile="/opt/pihole/COL_TABLE"
source ${colfile}
helpFunc() {
if [[ "${listMain}" == "${whitelist}" ]]; then
param="w"
type="white"
elif [[ "${listMain}" == "${wildcardlist}" ]]; then
param="wild"
type="wildcard black"
else
param="b"
type="black"
fi
if [[ ${listMain} == ${whitelist} ]]; then
letter="w"
word="white"
else
letter="b"
word="black"
fi
echo "Usage: pihole -${param} [options] <domain> <domain2 ...>
Example: 'pihole -${param} site.com', or 'pihole -${param} site1.com site2.com'
${type^}list one or more domains
cat << EOM
::: Immediately ${word}lists one or more domains in the hosts file
:::
::: Usage: pihole -${letter} domain1 [domain2 ...]
:::
::: Options:
::: -d, --delmode Remove domains from the ${word}list
::: -nr, --noreload Update ${word}list without refreshing dnsmasq
::: -q, --quiet Output is less verbose
::: -h, --help Show this help dialog
::: -l, --list Display your ${word}listed domains
EOM
if [[ "${letter}" == "b" ]]; then
echo "::: -wild, --wildcard Add wildcard entry (only blacklist)"
fi
exit 0
Options:
-d, --delmode Remove domain(s) from the ${type}list
-nr, --noreload Update ${type}list without refreshing dnsmasq
-q, --quiet Make output less verbose
-h, --help Show this help dialog
-l, --list Display all your ${type}listed domains"
exit 0
}
EscapeRegexp() {
# This way we may safely insert an arbitrary
# string in our regular expressions
# Also remove leading "." if present
echo $* | sed 's/^\.*//' | sed "s/[]\.|$(){}?+*^]/\\\\&/g" | sed "s/\\//\\\\\//g"
# This way we may safely insert an arbitrary
# string in our regular expressions
# Also remove leading "." if present
echo $* | sed 's/^\.*//' | sed "s/[]\.|$(){}?+*^]/\\\\&/g" | sed "s/\\//\\\\\//g"
}
HandleOther(){
# First, convert everything to lowercase
domain=$(sed -e "y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/" <<< "$1")
HandleOther() {
# Convert to lowercase
domain="${1,,}"
#check validity of domain
validDomain=$(echo "${domain}" | perl -lne 'print if /(?!.*[^a-z0-9-\.].*)^((?=[a-z0-9-]{1,63}\.)(xn--)?[a-z0-9-]+\.)*[a-z]{2,63}/')
if [ -z "${validDomain}" ]; then
echo "::: $1 is not a valid argument or domain name"
else
domList=("${domList[@]}" ${validDomain})
fi
# Check validity of domain
validDomain=$(perl -lne 'print if /^((-|_)*[a-z\d]((-|_)*[a-z\d])*(-|_)*)(\.(-|_)*([a-z\d]((-|_)*[a-z\d])*))*$/' <<< "${domain}") # Valid chars check
validDomain=$(perl -lne 'print if /^.{1,253}$/' <<< "${validDomain}") # Overall length check
validDomain=$(perl -lne 'print if /^[^\.]{1,63}(\.[^\.]{1,63})*$/' <<< "${validDomain}") # Length of each label
if [[ -z "${validDomain}" ]]; then
echo -e " ${CROSS} $1 is not a valid argument or domain name!"
else
echo -e " ${TICK} $1 is a valid domain name!"
domList=("${domList[@]}" ${validDomain})
fi
}
PoplistFile() {
#check whitelist file exists, and if not, create it
if [[ ! -f ${whitelist} ]]; then
touch ${whitelist}
fi
for dom in "${domList[@]}"; do
# Logic : If addmode then add to desired list and remove from the other; if delmode then remove from desired list but do not add to the other
if ${addmode}; then
AddDomain "${dom}" "${listMain}"
RemoveDomain "${dom}" "${listAlt}"
if [[ "${listMain}" == "${whitelist}" || "${listMain}" == "${blacklist}" ]]; then
RemoveDomain "${dom}" "${wildcardlist}"
fi
else
RemoveDomain "${dom}" "${listMain}"
fi
done
# Check whitelist file exists, and if not, create it
if [[ ! -f ${whitelist} ]]; then
touch ${whitelist}
fi
for dom in "${domList[@]}"; do
# Logic: If addmode then add to desired list and remove from the other; if delmode then remove from desired list but do not add to the other
if ${addmode}; then
AddDomain "${dom}" "${listMain}"
RemoveDomain "${dom}" "${listAlt}"
if [[ "${listMain}" == "${whitelist}" || "${listMain}" == "${blacklist}" ]]; then
RemoveDomain "${dom}" "${wildcardlist}"
fi
else
RemoveDomain "${dom}" "${listMain}"
fi
done
}
AddDomain() {
list="$2"
domain=$(EscapeRegexp "$1")
list="$2"
domain=$(EscapeRegexp "$1")
if [[ "${list}" == "${whitelist}" || "${list}" == "${blacklist}" ]]; then
[[ "${list}" == "${whitelist}" ]] && listname="whitelist"
[[ "${list}" == "${blacklist}" ]] && listname="blacklist"
[[ "${list}" == "${wildcardlist}" ]] && listname="wildcard blacklist"
bool=true
#Is the domain in the list we want to add it to?
grep -Ex -q "${domain}" "${list}" > /dev/null 2>&1 || bool=false
if [[ "${list}" == "${whitelist}" || "${list}" == "${blacklist}" ]]; then
bool=true
# Is the domain in the list we want to add it to?
grep -Ex -q "${domain}" "${list}" > /dev/null 2>&1 || bool=false
if [[ "${bool}" == false ]]; then
#domain not found in the whitelist file, add it!
if [[ "${verbose}" == true ]]; then
echo "::: Adding $1 to $list..."
fi
reload=true
# Add it to the list we want to add it to
echo "$1" >> "${list}"
else
if [[ "${verbose}" == true ]]; then
echo "::: ${1} already exists in ${list}, no need to add!"
fi
fi
if [[ "${bool}" == false ]]; then
# Domain not found in the whitelist file, add it!
if [[ "${verbose}" == true ]]; then
echo -e " ${INFO} Adding $1 to $listname..."
fi
reload=true
# Add it to the list we want to add it to
echo "$1" >> "${list}"
else
if [[ "${verbose}" == true ]]; then
echo -e " ${INFO} ${1} already exists in ${listname}, no need to add!"
fi
fi
elif [[ "${list}" == "${wildcardlist}" ]]; then
source "${piholeDir}/setupVars.conf"
# Remove the /* from the end of the IP addresses
IPV4_ADDRESS=${IPV4_ADDRESS%/*}
IPV6_ADDRESS=${IPV6_ADDRESS%/*}
elif [[ "${list}" == "${wildcardlist}" ]]; then
bool=true
# Is the domain in the list?
grep -e "address=\/${domain}\/" "${wildcardlist}" > /dev/null 2>&1 || bool=false
source "${piholeDir}/setupVars.conf"
#Remove the /* from the end of the IPv4addr.
IPV4_ADDRESS=${IPV4_ADDRESS%/*}
IPV6_ADDRESS=${IPV6_ADDRESS}
bool=true
#Is the domain in the list?
grep -e "address=\/${domain}\/" "${wildcardlist}" > /dev/null 2>&1 || bool=false
if [[ "${bool}" == false ]]; then
if [[ "${verbose}" == true ]]; then
echo "::: Adding $1 to wildcard blacklist..."
fi
reload=true
echo "address=/$1/${IPV4_ADDRESS}" >> "${wildcardlist}"
if [[ ${#IPV6_ADDRESS} > 0 ]] ; then
echo "address=/$1/${IPV6_ADDRESS}" >> "${wildcardlist}"
fi
else
if [[ "${verbose}" == true ]]; then
echo "::: ${1} already exists in wildcard blacklist, no need to add!"
fi
fi
fi
if [[ "${bool}" == false ]]; then
if [[ "${verbose}" == true ]]; then
echo -e " ${INFO} Adding $1 to wildcard blacklist..."
fi
reload=true
echo "address=/$1/${IPV4_ADDRESS}" >> "${wildcardlist}"
if [[ "${#IPV6_ADDRESS}" > 0 ]]; then
echo "address=/$1/${IPV6_ADDRESS}" >> "${wildcardlist}"
fi
else
if [[ "${verbose}" == true ]]; then
echo -e " ${INFO} ${1} already exists in wildcard blacklist, no need to add!"
fi
fi
fi
}
RemoveDomain() {
list="$2"
domain=$(EscapeRegexp "$1")
list="$2"
domain=$(EscapeRegexp "$1")
if [[ "${list}" == "${whitelist}" || "${list}" == "${blacklist}" ]]; then
[[ "${list}" == "${whitelist}" ]] && listname="whitelist"
[[ "${list}" == "${blacklist}" ]] && listname="blacklist"
[[ "${list}" == "${wildcardlist}" ]] && listname="wildcard blacklist"
bool=true
#Is it in the list? Logic follows that if its whitelisted it should not be blacklisted and vice versa
grep -Ex -q "${domain}" "${list}" > /dev/null 2>&1 || bool=false
if [[ "${bool}" == true ]]; then
# Remove it from the other one
echo "::: Removing $1 from $list..."
# /I flag: search case-insensitive
sed -i "/${domain}/Id" "${list}"
reload=true
else
if [[ "${verbose}" == true ]]; then
echo "::: ${1} does not exist in ${list}, no need to remove!"
fi
fi
elif [[ "${list}" == "${wildcardlist}" ]]; then
bool=true
#Is it in the list?
grep -e "address=\/${domain}\/" "${wildcardlist}" > /dev/null 2>&1 || bool=false
if [[ "${bool}" == true ]]; then
# Remove it from the other one
echo "::: Removing $1 from $list..."
# /I flag: search case-insensitive
sed -i "/address=\/${domain}/Id" "${list}"
reload=true
else
if [[ "${verbose}" == true ]]; then
echo "::: ${1} does not exist in ${list}, no need to remove!"
fi
fi
if [[ "${list}" == "${whitelist}" || "${list}" == "${blacklist}" ]]; then
bool=true
# Is it in the list? Logic follows that if its whitelisted it should not be blacklisted and vice versa
grep -Ex -q "${domain}" "${list}" > /dev/null 2>&1 || bool=false
if [[ "${bool}" == true ]]; then
# Remove it from the other one
echo -e " ${INFO} Removing $1 from $listname..."
# /I flag: search case-insensitive
sed -i "/${domain}/Id" "${list}"
reload=true
else
if [[ "${verbose}" == true ]]; then
echo -e " ${INFO} ${1} does not exist in ${listname}, no need to remove!"
fi
fi
elif [[ "${list}" == "${wildcardlist}" ]]; then
bool=true
# Is it in the list?
grep -e "address=\/${domain}\/" "${wildcardlist}" > /dev/null 2>&1 || bool=false
if [[ "${bool}" == true ]]; then
# Remove it from the other one
echo -e " ${INFO} Removing $1 from $listname..."
# /I flag: search case-insensitive
sed -i "/address=\/${domain}/Id" "${list}"
reload=true
else
if [[ "${verbose}" == true ]]; then
echo -e " ${INFO} ${1} does not exist in ${listname}, no need to remove!"
fi
fi
fi
}
Reload() {
# Reload hosts file
pihole -g -sd
# Reload hosts file
echo ""
echo -e " ${INFO} Updating gravity..."
echo ""
pihole -g -sd
}
Displaylist() {
if [[ ${listMain} == ${whitelist} ]]; then
string="gravity resistant domains"
if [[ -f ${listMain} ]]; then
if [[ "${listMain}" == "${whitelist}" ]]; then
string="gravity resistant domains"
else
string="domains caught in the sinkhole"
string="domains caught in the sinkhole"
fi
verbose=false
echo -e " Displaying $string \n"
count=1
while IFS= read -r RD; do
echo "${count}: ${RD}"
count=$((count+1))
done < "${listMain}"
exit 0;
verbose=false
echo -e "Displaying $string:\n"
count=1
while IFS= read -r RD; do
echo " ${count}: ${RD}"
count=$((count+1))
done < "${listMain}"
else
echo -e " ${COL_LIGHT_RED}${listMain} does not exist!${COL_NC}"
fi
exit 0;
}
for var in "$@"; do
case "${var}" in
"-w" | "whitelist" ) listMain="${whitelist}"; listAlt="${blacklist}";;
"-b" | "blacklist" ) listMain="${blacklist}"; listAlt="${whitelist}";;
"-wild" | "wildcard" ) listMain="${wildcardlist}";;
"-nr"| "--noreload" ) reload=false;;
"-d" | "--delmode" ) addmode=false;;
"-f" | "--force" ) force=true;;
"-q" | "--quiet" ) verbose=false;;
"-h" | "--help" ) helpFunc;;
"-l" | "--list" ) Displaylist;;
* ) HandleOther "${var}";;
esac
case "${var}" in
"-w" | "whitelist" ) listMain="${whitelist}"; listAlt="${blacklist}";;
"-b" | "blacklist" ) listMain="${blacklist}"; listAlt="${whitelist}";;
"-wild" | "wildcard" ) listMain="${wildcardlist}";;
"-nr"| "--noreload" ) reload=false;;
"-d" | "--delmode" ) addmode=false;;
"-f" | "--force" ) force=true;;
"-q" | "--quiet" ) verbose=false;;
"-h" | "--help" ) helpFunc;;
"-l" | "--list" ) Displaylist;;
* ) HandleOther "${var}";;
esac
done
shift
if [[ $# = 0 ]]; then
helpFunc
helpFunc
fi
PoplistFile
if ${reload}; then
Reload
Reload
fi

View file

@ -3,13 +3,14 @@
# (c) 2017 Pi-hole, LLC (https://pi-hole.net)
# Network-wide ad blocking via your own hardware.
#
# Checkout other branches than master
# Switch Pi-hole subsystems to a different Github branch.
#
# This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license.
readonly PI_HOLE_FILES_DIR="/etc/.pihole"
PH_TEST="true" source "${PI_HOLE_FILES_DIR}/automated install/basic-install.sh"
PH_TEST="true"
source "${PI_HOLE_FILES_DIR}/automated install/basic-install.sh"
# webInterfaceGitUrl set in basic-install.sh
# webInterfaceDir set in basic-install.sh
@ -18,9 +19,103 @@ PH_TEST="true" source "${PI_HOLE_FILES_DIR}/automated install/basic-install.sh"
# setupVars set in basic-install.sh
source "${setupVars}"
update="false"
coltable="/opt/pihole/COL_TABLE"
source ${coltable}
check_download_exists() {
status=$(curl --head --silent "https://ftl.pi-hole.net/${1}" | head -n 1)
if grep -q "404" <<< "$status"; then
return 1
else
return 0
fi
}
FTLinstall() {
# Download and install FTL binary
local binary
binary="${1}"
local path
path="${2}"
local str
str="Installing FTL"
echo -ne " ${INFO} ${str}..."
if curl -sSL --fail "https://ftl.pi-hole.net/${path}" -o "/tmp/${binary}"; then
# Get sha1 of the binary we just downloaded for verification.
curl -sSL --fail "https://ftl.pi-hole.net/${path}.sha1" -o "/tmp/${binary}.sha1"
# Check if we just downloaded text, or a binary file.
cd /tmp || return 1
if sha1sum --status --quiet -c "${binary}".sha1; then
echo -n "transferred... "
stop_service pihole-FTL &> /dev/null
install -T -m 0755 "/tmp/${binary}" "/usr/bin/pihole-FTL"
rm "/tmp/${binary}" "/tmp/${binary}.sha1"
start_service pihole-FTL &> /dev/null
echo -e "${OVER} ${TICK} ${str}"
return 0
else
echo -e "${OVER} ${CROSS} ${str}"
echo -e " ${COL_LIGHT_RED}Error: Download of binary from ftl.pi-hole.net failed${COL_NC}"
return 1
fi
else
echo -e "${OVER} ${CROSS} ${str}"
echo -e " ${COL_LIGHT_RED}Error: URL not found${COL_NC}"
fi
}
get_binary_name() {
local machine
machine=$(uname -m)
local str
str="Detecting architecture"
echo -ne " ${INFO} ${str}..."
if [[ "${machine}" == "arm"* || "${machine}" == *"aarch"* ]]; then
# ARM
local rev
rev=$(uname -m | sed "s/[^0-9]//g;")
local lib
lib=$(ldd /bin/ls | grep -E '^\s*/lib' | awk '{ print $1 }')
if [[ "${lib}" == "/lib/ld-linux-aarch64.so.1" ]]; then
echo -e "${OVER} ${TICK} Detected ARM-aarch64 architecture"
binary="pihole-FTL-aarch64-linux-gnu"
elif [[ "${lib}" == "/lib/ld-linux-armhf.so.3" ]]; then
if [[ "$rev" -gt "6" ]]; then
echo -e "${OVER} ${TICK} Detected ARM-hf architecture (armv7+)"
binary="pihole-FTL-arm-linux-gnueabihf"
else
echo -e "${OVER} ${TICK} Detected ARM-hf architecture (armv6 or lower) Using ARM binary"
binary="pihole-FTL-arm-linux-gnueabi"
fi
else
echo -e "${OVER} ${TICK} Detected ARM architecture"
binary="pihole-FTL-arm-linux-gnueabi"
fi
elif [[ "${machine}" == "ppc" ]]; then
# PowerPC
echo -e "${OVER} ${TICK} Detected PowerPC architecture"
binary="pihole-FTL-powerpc-linux-gnu"
elif [[ "${machine}" == "x86_64" ]]; then
# 64bit
echo -e "${OVER} ${TICK} Detected x86_64 architecture"
binary="pihole-FTL-linux-x86_64"
else
# Something else - we try to use 32bit executable and warn the user
if [[ ! "${machine}" == "i686" ]]; then
echo -e "${OVER} ${CROSS} ${str}...
${COL_LIGHT_RED}Not able to detect architecture (unknown: ${machine}), trying 32bit executable
Contact support if you experience issues (e.g: FTL not running)${COL_NC}"
else
echo -e "${OVER} ${TICK} Detected 32bit (i686) architecture"
fi
binary="pihole-FTL-linux-x86_32"
fi
}
fully_fetch_repo() {
# Add upstream branches to shallow clone
local directory="${1}"
@ -35,91 +130,105 @@ fully_fetch_repo() {
return 0
}
get_available_branches(){
get_available_branches() {
# Return available branches
local directory="${1}"
local directory
directory="${1}"
local output
cd "${directory}" || return 1
# Get reachable remote branches
git remote show origin | grep 'tracked' | sed 's/tracked//;s/ //g'
# Get reachable remote branches, but store STDERR as STDOUT variable
output=$( { git remote show origin | grep 'tracked' | sed 's/tracked//;s/ //g'; } 2>&1 )
echo "$output"
return
}
fetch_checkout_pull_branch() {
# Check out specified branch
local directory="${1}"
local branch="${2}"
local directory
directory="${1}"
local branch
branch="${2}"
# Set the reference for the requested branch, fetch, check it put and pull it
cd "${directory}"
cd "${directory}" || return 1
git remote set-branches origin "${branch}" || return 1
git stash --all --quiet &> /dev/null || true
git clean --quiet --force -d || true
git fetch --quiet || return 1
checkout_pull_branch "${directory}" "${branch}" || return 1
}
checkout_pull_branch() {
# Check out specified branch
local directory="${1}"
local branch="${2}"
local directory
directory="${1}"
local branch
branch="${2}"
local oldbranch
cd "${directory}" || return 1
oldbranch="$(git symbolic-ref HEAD)"
git checkout "${branch}" || return 1
git checkout "${branch}" --quiet || return 1
if [ "$(git diff "${oldbranch}" | grep -c "^")" -gt "0" ]; then
if [[ "$(git diff "${oldbranch}" | grep -c "^")" -gt "0" ]]; then
update="true"
fi
git pull || return 1
git_pull=$(git pull || return 1)
if [[ "$git_pull" == *"up-to-date"* ]]; then
echo -e " ${INFO} $(git pull)"
else
echo -e "$git_pull\\n"
fi
return 0
}
warning1() {
echo "::: Note that changing the branch is a severe change of your Pi-hole system."
echo "::: This is not supported unless one of the developers explicitly asks you to do this!"
read -r -p "::: Have you read and understood this? [y/N] " response
case ${response} in
echo " Please note that changing branches severely alters your Pi-hole subsystems"
echo " Features that work on the master branch, may not on a development branch"
echo -e " ${COL_LIGHT_RED}This feature is NOT supported unless a Pi-hole developer explicitly asks!${COL_NC}"
read -r -p " Have you read and understood this? [y/N] " response
case "${response}" in
[yY][eE][sS]|[yY])
echo "::: Continuing."
echo ""
return 0
;;
*)
echo "::: Aborting."
echo -e "\\n ${INFO} Branch change has been cancelled"
return 1
;;
esac
}
checkout()
{
checkout() {
local corebranches
local webbranches
# Avoid globbing
set -f
#This is unlikely
# This is unlikely
if ! is_repo "${PI_HOLE_FILES_DIR}" ; then
echo "::: Critical Error: Core Pi-hole repo is missing from system!"
echo "::: Please re-run install script from https://github.com/pi-hole/pi-hole"
echo -e " ${COL_LIGHT_RED}Error: Core Pi-hole repo is missing from system!
Please re-run install script from https://github.com/pi-hole/pi-hole${COL_NC}"
exit 1;
fi
if [[ ${INSTALL_WEB} == "true" ]]; then
if [[ "${INSTALL_WEB}" == "true" ]]; then
if ! is_repo "${webInterfaceDir}" ; then
echo "::: Critical Error: Web Admin repo is missing from system!"
echo "::: Please re-run install script from https://github.com/pi-hole/pi-hole"
echo -e " ${COL_LIGHT_RED}Error: Web Admin repo is missing from system!
Please re-run install script from https://github.com/pi-hole/pi-hole${COL_NC}"
exit 1;
fi
fi
if [[ -z "${1}" ]]; then
echo "::: No option detected. Please use 'pihole checkout <master|dev>'."
echo "::: Or enter the repository and branch you would like to check out:"
echo "::: 'pihole checkout <web|core> <branchname>'"
echo -e " ${COL_LIGHT_RED}Invalid option${COL_NC}
Try 'pihole checkout --help' for more information."
exit 1
fi
@ -129,74 +238,118 @@ checkout()
if [[ "${1}" == "dev" ]] ; then
# Shortcut to check out development branches
echo "::: Shortcut \"dev\" detected - checking out development / devel branches ..."
echo "::: Pi-hole core"
fetch_checkout_pull_branch "${PI_HOLE_FILES_DIR}" "development" || { echo "Unable to pull Core developement branch"; exit 1; }
if [[ ${INSTALL_WEB} == "true" ]]; then
echo "::: Web interface"
fetch_checkout_pull_branch "${webInterfaceDir}" "devel" || { echo "Unable to pull Web development branch"; exit 1; }
echo -e " ${INFO} Shortcut \"dev\" detected - checking out development / devel branches..."
echo ""
echo -e " ${INFO} Pi-hole Core"
fetch_checkout_pull_branch "${PI_HOLE_FILES_DIR}" "development" || { echo " ${CROSS} Unable to pull Core developement branch"; exit 1; }
if [[ "${INSTALL_WEB}" == "true" ]]; then
echo ""
echo -e " ${INFO} Web interface"
fetch_checkout_pull_branch "${webInterfaceDir}" "devel" || { echo " ${CROSS} Unable to pull Web development branch"; exit 1; }
fi
echo "::: done!"
#echo -e " ${TICK} Pi-hole Core"
get_binary_name
local path
path="development/${binary}"
FTLinstall "${binary}" "${path}"
elif [[ "${1}" == "master" ]] ; then
# Shortcut to check out master branches
echo "::: Shortcut \"master\" detected - checking out master branches ..."
echo "::: Pi-hole core"
fetch_checkout_pull_branch "${PI_HOLE_FILES_DIR}" "master" || { echo "Unable to pull Core master branch"; exit 1; }
echo -e " ${INFO} Shortcut \"master\" detected - checking out master branches..."
echo -e " ${INFO} Pi-hole core"
fetch_checkout_pull_branch "${PI_HOLE_FILES_DIR}" "master" || { echo " ${CROSS} Unable to pull Core master branch"; exit 1; }
if [[ ${INSTALL_WEB} == "true" ]]; then
echo "::: Web interface"
fetch_checkout_pull_branch "${webInterfaceDir}" "master" || { echo "Unable to pull web master branch"; exit 1; }
echo -e " ${INFO} Web interface"
fetch_checkout_pull_branch "${webInterfaceDir}" "master" || { echo " ${CROSS} Unable to pull Web master branch"; exit 1; }
fi
echo "::: done!"
#echo -e " ${TICK} Web Interface"
get_binary_name
local path
path="master/${binary}"
FTLinstall "${binary}" "${path}"
elif [[ "${1}" == "core" ]] ; then
echo -n "::: Fetching remote branches for Pi-hole core from ${piholeGitUrl} ... "
str="Fetching branches from ${piholeGitUrl}"
echo -ne " ${INFO} $str"
if ! fully_fetch_repo "${PI_HOLE_FILES_DIR}" ; then
echo "::: Fetching all branches for Pi-hole core repo failed!"
echo -e " ${CROSS} $str"
exit 1
fi
corebranches=($(get_available_branches "${PI_HOLE_FILES_DIR}"))
echo " done!"
echo "::: ${#corebranches[@]} branches available"
echo ":::"
# Have to user chosing the branch he wants
if [[ "${corebranches[*]}" == *"master"* ]]; then
echo -e "${OVER} ${TICK} $str
${INFO} ${#corebranches[@]} branches available for Pi-hole Core"
else
# Print STDERR output from get_available_branches
echo -e "${OVER} ${CROSS} $str\\n\\n${corebranches[*]}"
exit 1
fi
echo ""
# Have the user choose the branch they want
if ! (for e in "${corebranches[@]}"; do [[ "$e" == "${2}" ]] && exit 0; done); then
echo "::: Requested branch \"${2}\" is not available!"
echo "::: Available branches for core are:"
for e in "${corebranches[@]}"; do echo "::: $e"; done
echo -e " ${INFO} Requested branch \"${2}\" is not available"
echo -e " ${INFO} Available branches for Core are:"
for e in "${corebranches[@]}"; do echo " - $e"; done
exit 1
fi
checkout_pull_branch "${PI_HOLE_FILES_DIR}" "${2}"
elif [[ "${1}" == "web" && "${INSTALL_WEB}" == "true" ]] ; then
echo -n "::: Fetching remote branches for the web interface from ${webInterfaceGitUrl} ... "
elif [[ "${1}" == "web" ]] && [[ "${INSTALL_WEB}" == "true" ]] ; then
str="Fetching branches from ${webInterfaceGitUrl}"
echo -ne " ${INFO} $str"
if ! fully_fetch_repo "${webInterfaceDir}" ; then
echo "::: Fetching all branches for Pi-hole web interface repo failed!"
echo -e " ${CROSS} $str"
exit 1
fi
webbranches=($(get_available_branches "${webInterfaceDir}"))
echo " done!"
echo "::: ${#webbranches[@]} branches available"
echo ":::"
# Have to user chosing the branch he wants
if [[ "${webbranches[*]}" == *"master"* ]]; then
echo -e "${OVER} ${TICK} $str
${INFO} ${#webbranches[@]} branches available for Web Admin"
else
# Print STDERR output from get_available_branches
echo -e "${OVER} ${CROSS} $str\\n\\n${webbranches[*]}"
exit 1
fi
echo ""
# Have the user choose the branch they want
if ! (for e in "${webbranches[@]}"; do [[ "$e" == "${2}" ]] && exit 0; done); then
echo "::: Requested branch \"${2}\" is not available!"
echo "::: Available branches for web are:"
for e in "${webbranches[@]}"; do echo "::: $e"; done
echo -e " ${INFO} Requested branch \"${2}\" is not available"
echo -e " ${INFO} Available branches for Web Admin are:"
for e in "${webbranches[@]}"; do echo " - $e"; done
exit 1
fi
checkout_pull_branch "${webInterfaceDir}" "${2}"
elif [[ "${1}" == "ftl" ]] ; then
get_binary_name
local path
path="${2}/${binary}"
if check_download_exists "$path"; then
echo " ${TICK} Branch ${2} exists"
FTLinstall "${binary}" "${path}"
else
echo " ${CROSS} Requested branch \"${2}\" is not available"
ftlbranches=( $(git ls-remote https://github.com/pi-hole/ftl | grep 'heads' | sed 's/refs\/heads\///;s/ //g' | awk '{print $2}') )
echo -e " ${INFO} Available branches for FTL are:"
for e in "${ftlbranches[@]}"; do echo " - $e"; done
exit 1
fi
else
echo "::: Requested option \"${1}\" is not available!"
echo -e " ${INFO} Requested option \"${1}\" is not available"
exit 1
fi
# Force updating everything
if [[ ! "${1}" == "web" && "${update}" == "true" ]]; then
echo "::: Running installer to upgrade your installation"
if [[ ( ! "${1}" == "web" && ! "${1}" == "ftl" ) && "${update}" == "true" ]]; then
echo -e " ${INFO} Running installer to upgrade your installation"
if "${PI_HOLE_FILES_DIR}/automated install/basic-install.sh" --unattended; then
exit 0
exit 0
else
echo "Unable to complete update, contact Pi-hole"
exit 1
echo -e " ${COL_LIGHT_RED} Error: Unable to complete update, please contact support${COL_NC}"
exit 1
fi
fi
}

File diff suppressed because it is too large Load diff

View file

@ -8,17 +8,41 @@
# This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license.
echo -n "::: Flushing /var/log/pihole.log ..."
# Test if logrotate is available on this system
if command -v /usr/sbin/logrotate &> /dev/null; then
# Flush twice to move all data out of sight of FTL
/usr/sbin/logrotate --force /etc/pihole/logrotate
/usr/sbin/logrotate --force /etc/pihole/logrotate
colfile="/opt/pihole/COL_TABLE"
source ${colfile}
if [[ "$@" != *"quiet"* ]]; then
echo -ne " ${INFO} Flushing /var/log/pihole.log ..."
fi
if [[ "$@" == *"once"* ]]; then
# Nightly logrotation
if command -v /usr/sbin/logrotate >/dev/null; then
# Logrotate once
/usr/sbin/logrotate --force /etc/pihole/logrotate
else
# Copy pihole.log over to pihole.log.1
# and empty out pihole.log
# Note that moving the file is not an option, as
# dnsmasq would happily continue writing into the
# moved file (it will have the same file handler)
cp /var/log/pihole.log /var/log/pihole.log.1
echo " " > /var/log/pihole.log
fi
else
# Flush both pihole.log and pihole.log.1 (if existing)
echo " " > /var/log/pihole.log
if [ -f /var/log/pihole.log.1 ]; then
echo " " > /var/log/pihole.log.1
# Manual flushing
if command -v /usr/sbin/logrotate >/dev/null; then
# Logrotate twice to move all data out of sight of FTL
/usr/sbin/logrotate --force /etc/pihole/logrotate; sleep 3
/usr/sbin/logrotate --force /etc/pihole/logrotate
else
# Flush both pihole.log and pihole.log.1 (if existing)
echo " " > /var/log/pihole.log
if [ -f /var/log/pihole.log.1 ]; then
echo " " > /var/log/pihole.log.1
fi
fi
fi
echo "... done!"
if [[ "$@" != *"quiet"* ]]; then
echo -e "${OVER} ${TICK} Flushed /var/log/pihole.log"
fi

View file

@ -10,17 +10,19 @@
# This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license.
# Variables
readonly ADMIN_INTERFACE_GIT_URL="https://github.com/pi-hole/AdminLTE.git"
readonly ADMIN_INTERFACE_DIR="/var/www/html/admin"
readonly PI_HOLE_GIT_URL="https://github.com/pi-hole/pi-hole.git"
readonly PI_HOLE_FILES_DIR="/etc/.pihole"
# shellcheck disable=SC2034
PH_TEST=true
source ${PI_HOLE_FILES_DIR}/automated\ install/basic-install.sh
# shellcheck disable=SC1090
source "${PI_HOLE_FILES_DIR}/automated install/basic-install.sh"
# shellcheck disable=SC1091
source "/opt/pihole/COL_TABLE"
# is_repo() sourced from basic-install.sh
# make_repo() sourced from basic-install.sh
@ -30,14 +32,14 @@ source ${PI_HOLE_FILES_DIR}/automated\ install/basic-install.sh
GitCheckUpdateAvail() {
local directory="${1}"
curdir=$PWD
cd "${directory}"
cd "${directory}" || return
# Fetch latest changes in this repo
git fetch --quiet origin
# @ alone is a shortcut for HEAD. Older versions of git
# need @{0}
LOCAL="$(git rev-parse @{0})"
LOCAL="$(git rev-parse "@{0}")"
# The suffix @{upstream} to a branchname
# (short form <branchname>@{u}) refers
@ -46,23 +48,23 @@ GitCheckUpdateAvail() {
# (configured with branch.<name>.remote and
# branch.<name>.merge). A missing branchname
# defaults to the current one.
REMOTE="$(git rev-parse @{upstream})"
REMOTE="$(git rev-parse "@{upstream}")"
if [[ ${#LOCAL} == 0 ]]; then
echo "::: Error: Local revision could not be obtained, ask Pi-hole support."
echo "::: Additional debugging output:"
if [[ "${#LOCAL}" == 0 ]]; then
echo -e "\\n ${COL_LIGHT_RED}Error: Local revision could not be obtained, please contact Pi-hole Support
Additional debugging output:${COL_NC}"
git status
exit
fi
if [[ ${#REMOTE} == 0 ]]; then
echo "::: Error: Remote revision could not be obtained, ask Pi-hole support."
echo "::: Additional debugging output:"
if [[ "${#REMOTE}" == 0 ]]; then
echo -e "\\n ${COL_LIGHT_RED}Error: Remote revision could not be obtained, please contact Pi-hole Support
Additional debugging output:${COL_NC}"
git status
exit
fi
# Change back to original directory
cd "${curdir}"
cd "${curdir}" || exit
if [[ "${LOCAL}" != "${REMOTE}" ]]; then
# Local branch is behind remote branch -> Update
@ -76,9 +78,10 @@ GitCheckUpdateAvail() {
}
FTLcheckUpdate() {
local FTLversion=$(/usr/bin/pihole-FTL tag)
local FTLlatesttag=$(curl -sI https://github.com/pi-hole/FTL/releases/latest | grep 'Location' | awk -F '/' '{print $NF}' | tr -d '\r\n')
local FTLversion
FTLversion=$(/usr/bin/pihole-FTL tag)
local FTLlatesttag
FTLlatesttag=$(curl -sI https://github.com/pi-hole/FTL/releases/latest | grep 'Location' | awk -F '/' '{print $NF}' | tr -d '\r\n')
if [[ "${FTLversion}" != "${FTLlatesttag}" ]]; then
return 0
@ -90,53 +93,59 @@ FTLcheckUpdate() {
main() {
local pihole_version_current
local web_version_current
local basicError="\\n ${COL_LIGHT_RED}Unable to complete update, please contact Pi-hole Support${COL_NC}"
# shellcheck disable=1090,2154
source "${setupVars}"
#This is unlikely
# This is unlikely
if ! is_repo "${PI_HOLE_FILES_DIR}" ; then
echo "::: Critical Error: Core Pi-hole repo is missing from system!"
echo "::: Please re-run install script from https://github.com/pi-hole/pi-hole"
echo -e "\\n ${COL_LIGHT_RED}Error: Core Pi-hole repo is missing from system!
Please re-run install script from https://pi-hole.net${COL_NC}"
exit 1;
fi
echo "::: Checking for updates..."
echo -e " ${INFO} Checking for updates..."
if GitCheckUpdateAvail "${PI_HOLE_FILES_DIR}" ; then
core_update=true
echo "::: Pi-hole Core: update available"
echo -e " ${INFO} Pi-hole Core:\\t${COL_YELLOW}update available${COL_NC}"
else
core_update=false
echo "::: Pi-hole Core: up to date"
echo -e " ${INFO} Pi-hole Core:\\t${COL_LIGHT_GREEN}up to date${COL_NC}"
fi
if FTLcheckUpdate ; then
FTL_update=true
echo "::: FTL: update available"
echo -e " ${INFO} FTL:\\t\\t${COL_YELLOW}update available${COL_NC}"
else
FTL_update=false
echo "::: FTL: up to date"
echo -e " ${INFO} FTL:\\t\\t${COL_LIGHT_GREEN}up to date${COL_NC}"
fi
if ${FTL_update}; then
echo ":::"
echo "::: FTL out of date"
# Logic: Don't update FTL when there is a core update available
# since the core update will run the installer which will itself
# re-install (i.e. update) FTL
if ${FTL_update} && ! ${core_update}; then
echo ""
echo -e " ${INFO} FTL out of date"
FTLdetect
echo ":::"
echo ""
fi
if [[ ${INSTALL_WEB} == true ]]; then
if [[ "${INSTALL_WEB}" == true ]]; then
if ! is_repo "${ADMIN_INTERFACE_DIR}" ; then
echo "::: Critical Error: Web Admin repo is missing from system!"
echo "::: Please re-run install script from https://github.com/pi-hole/pi-hole"
echo -e "\\n ${COL_LIGHT_RED}Error: Web Admin repo is missing from system!
Please re-run install script from https://pi-hole.net${COL_NC}"
exit 1;
fi
if GitCheckUpdateAvail "${ADMIN_INTERFACE_DIR}" ; then
web_update=true
echo "::: Web Interface: update available"
echo -e " ${INFO} Web Interface:\\t${COL_YELLOW}update available${COL_NC}"
else
web_update=false
echo "::: Web Interface: up to date"
echo -e " ${INFO} Web Interface:\\t${COL_LIGHT_GREEN}up to date${COL_NC}"
fi
# Logic
@ -151,72 +160,69 @@ main() {
if ! ${core_update} && ! ${web_update} ; then
if ! ${FTL_update} ; then
echo ":::"
echo "::: Everything is up to date!"
echo ""
echo -e " ${TICK} Everything is up to date!"
exit 0
fi
elif ! ${core_update} && ${web_update} ; then
echo ":::"
echo "::: Pi-hole Web Admin files out of date"
echo ""
echo -e " ${INFO} Pi-hole Web Admin files out of date"
getGitFiles "${ADMIN_INTERFACE_DIR}" "${ADMIN_INTERFACE_GIT_URL}"
elif ${core_update} && ! ${web_update} ; then
echo ":::"
echo "::: Pi-hole core files out of date"
echo ""
echo -e " ${INFO} Pi-hole core files out of date"
getGitFiles "${PI_HOLE_FILES_DIR}" "${PI_HOLE_GIT_URL}"
${PI_HOLE_FILES_DIR}/automated\ install/basic-install.sh --reconfigure --unattended || echo "Unable to complete update, contact Pi-hole" && exit 1
${PI_HOLE_FILES_DIR}/automated\ install/basic-install.sh --reconfigure --unattended || \
echo -e "${basicError}" && exit 1
elif ${core_update} && ${web_update} ; then
echo ":::"
echo "::: Updating Pi-hole core and web admin files"
echo ""
echo -e " ${INFO} Updating Pi-hole core and web admin files"
getGitFiles "${PI_HOLE_FILES_DIR}" "${PI_HOLE_GIT_URL}"
${PI_HOLE_FILES_DIR}/automated\ install/basic-install.sh --unattended || echo "Unable to complete update, contact Pi-hole" && exit 1
${PI_HOLE_FILES_DIR}/automated\ install/basic-install.sh --unattended || \
echo -e "${basicError}" && exit 1
else
echo "*** Update script has malfunctioned, fallthrough reached. Please contact support"
echo -e " ${COL_LIGHT_RED}Update script has malfunctioned, please contact Pi-hole Support${COL_NC}"
exit 1
fi
else # Web Admin not installed, so only verify if core is up to date
if ! ${core_update}; then
if ! ${FTL_update} ; then
echo ":::"
echo "::: Everything is up to date!"
echo ""
echo -e " ${INFO} Everything is up to date!"
exit 0
fi
else
echo ":::"
echo "::: Pi-hole core files out of date"
echo ""
echo -e " ${INFO} Pi-hole Core files out of date"
getGitFiles "${PI_HOLE_FILES_DIR}" "${PI_HOLE_GIT_URL}"
${PI_HOLE_FILES_DIR}/automated\ install/basic-install.sh --reconfigure --unattended || echo "Unable to complete update, contact Pi-hole" && exit 1
${PI_HOLE_FILES_DIR}/automated\ install/basic-install.sh --reconfigure --unattended || \
echo -e "${basicError}" && exit 1
fi
fi
if [[ "${web_update}" == true ]]; then
web_version_current="$(/usr/local/bin/pihole version --admin --current)"
echo ":::"
echo "::: Web Admin version is now at ${web_version_current}"
echo "::: If you had made any changes in '/var/www/html/admin/', they have been stashed using 'git stash'"
echo ""
echo -e " ${INFO} Web Admin version is now at ${web_version_current/* v/v}
${INFO} If you had made any changes in '/var/www/html/admin/', they have been stashed using 'git stash'"
fi
if [[ "${core_update}" == true ]]; then
pihole_version_current="$(/usr/local/bin/pihole version --pihole --current)"
echo ":::"
echo "::: Pi-hole version is now at ${pihole_version_current}"
echo "::: If you had made any changes in '/etc/.pihole/', they have been stashed using 'git stash'"
echo ""
echo -e " ${INFO} Pi-hole version is now at ${pihole_version_current/* v/v}
${INFO} If you had made any changes in '/etc/.pihole/', they have been stashed using 'git stash'"
fi
if [[ ${FTL_update} == true ]]; then
if [[ "${FTL_update}" == true ]]; then
FTL_version_current="$(/usr/bin/pihole-FTL tag)"
echo ":::"
echo "::: FTL version is now at ${FTL_version_current}"
echo -e "\\n ${INFO} FTL version is now at ${FTL_version_current/* v/v}"
start_service pihole-FTL
enable_service pihole-FTL
fi
echo ""
exit 0
}
main

View file

@ -3,24 +3,29 @@
# (c) 2017 Pi-hole, LLC (https://pi-hole.net)
# Network-wide ad blocking via your own hardware.
#
# shows version numbers
# Show version numbers
#
# This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license.
# Variables
DEFAULT="-1"
PHGITDIR="/etc/.pihole/"
COREGITDIR="/etc/.pihole/"
WEBGITDIR="/var/www/html/admin/"
getLocalVersion() {
# FTL requires a different method
if [[ "$1" == "FTL" ]]; then
pihole-FTL version
return 0
fi
# Get the tagged version of the local repository
local directory="${1}"
local version
cd "${directory}" || { echo "${DEFAULT}"; return 1; }
version=$(git describe --tags --always || \
echo "${DEFAULT}")
cd "${directory}" 2> /dev/null || { echo "${DEFAULT}"; return 1; }
version=$(git describe --tags --always || echo "$DEFAULT")
if [[ "${version}" =~ ^v ]]; then
echo "${version}"
elif [[ "${version}" == "${DEFAULT}" ]]; then
@ -33,13 +38,18 @@ getLocalVersion() {
}
getLocalHash() {
# Local FTL hash does not exist on filesystem
if [[ "$1" == "FTL" ]]; then
echo "N/A"
return 0
fi
# Get the short hash of the local repository
local directory="${1}"
local hash
cd "${directory}" || { echo "${DEFAULT}"; return 1; }
hash=$(git rev-parse --short HEAD || \
echo "${DEFAULT}")
cd "${directory}" 2> /dev/null || { echo "${DEFAULT}"; return 1; }
hash=$(git rev-parse --short HEAD || echo "$DEFAULT")
if [[ "${hash}" == "${DEFAULT}" ]]; then
echo "ERROR"
return 1
@ -49,12 +59,33 @@ getLocalHash() {
return 0
}
getRemoteHash(){
# Remote FTL hash is not applicable
if [[ "$1" == "FTL" ]]; then
echo "N/A"
return 0
fi
local daemon="${1}"
local branch="${2}"
hash=$(git ls-remote --heads "https://github.com/pi-hole/${daemon}" | \
awk -v bra="$branch" '$0~bra {print substr($0,0,8);exit}')
if [[ -n "$hash" ]]; then
echo "$hash"
else
echo "ERROR"
return 1
fi
return 0
}
getRemoteVersion(){
# Get the version from the remote origin
local daemon="${1}"
local version
version=$(curl --silent --fail https://api.github.com/repos/pi-hole/${daemon}/releases/latest | \
version=$(curl --silent --fail "https://api.github.com/repos/pi-hole/${daemon}/releases/latest" | \
awk -F: '$1 ~/tag_name/ { print $2 }' | \
tr -cd '[[:alnum:]]._-')
if [[ "${version}" =~ ^v ]]; then
@ -66,72 +97,72 @@ getRemoteVersion(){
return 0
}
#PHHASHLATEST=$(curl -s https://api.github.com/repos/pi-hole/pi-hole/commits/master | \
# grep sha | \
# head -n1 | \
# awk -F ' ' '{ print $2 }' | \
# tr -cd '[[:alnum:]]._-')
#WEBHASHLATEST=$(curl -s https://api.github.com/repos/pi-hole/AdminLTE/commits/master | \
# grep sha | \
# head -n1 | \
# awk -F ' ' '{ print $2 }' | \
# tr -cd '[[:alnum:]]._-')
normalOutput() {
echo "::: Pi-hole version is $(getLocalVersion "${PHGITDIR}") (Latest version is $(getRemoteVersion pi-hole))"
if [ -d "${WEBGITDIR}" ]; then
echo "::: Web-Admin version is $(getLocalVersion "${WEBGITDIR}") (Latest version is $(getRemoteVersion AdminLTE))"
fi
}
webOutput() {
if [ -d "${WEBGITDIR}" ]; then
case "${1}" in
"-l" | "--latest" ) echo $(getRemoteVersion AdminLTE);;
"-c" | "--current" ) echo $(getLocalVersion "${WEBGITDIR}");;
"-h" | "--hash" ) echo $(getLocalHash "${WEBGITDIR}");;
* ) echo "::: Invalid Option!"; exit 1;
esac
else
echo "::: Web interface not installed!"; exit 1;
versionOutput() {
[[ "$1" == "pi-hole" ]] && GITDIR=$COREGITDIR
[[ "$1" == "AdminLTE" ]] && GITDIR=$WEBGITDIR
[[ "$1" == "FTL" ]] && GITDIR="FTL"
[[ "$2" == "-c" ]] || [[ "$2" == "--current" ]] || [[ -z "$2" ]] && current=$(getLocalVersion $GITDIR)
[[ "$2" == "-l" ]] || [[ "$2" == "--latest" ]] || [[ -z "$2" ]] && latest=$(getRemoteVersion "$1")
if [[ "$2" == "-h" ]] || [[ "$2" == "--hash" ]]; then
[[ "$3" == "-c" ]] || [[ "$3" == "--current" ]] || [[ -z "$3" ]] && curHash=$(getLocalHash "$GITDIR")
[[ "$3" == "-l" ]] || [[ "$3" == "--latest" ]] || [[ -z "$3" ]] && latHash=$(getRemoteHash "$1" "$(cd "$GITDIR" 2> /dev/null && git rev-parse --abbrev-ref HEAD)")
fi
if [[ -n "$current" ]] && [[ -n "$latest" ]]; then
output="${1^} version is $current (Latest: $latest)"
elif [[ -n "$current" ]] && [[ -z "$latest" ]]; then
output="Current ${1^} version is $current"
elif [[ -z "$current" ]] && [[ -n "$latest" ]]; then
output="Latest ${1^} version is $latest"
elif [[ "$curHash" == "N/A" ]] || [[ "$latHash" == "N/A" ]]; then
output="${1^} hash is not applicable"
elif [[ -n "$curHash" ]] && [[ -n "$latHash" ]]; then
output="${1^} hash is $curHash (Latest: $latHash)"
elif [[ -n "$curHash" ]] && [[ -z "$latHash" ]]; then
output="Current ${1^} hash is $curHash"
elif [[ -z "$curHash" ]] && [[ -n "$latHash" ]]; then
output="Latest ${1^} hash is $latHash"
else
errorOutput
fi
[[ -n "$output" ]] && echo " $output"
}
coreOutput() {
case "${1}" in
"-l" | "--latest" ) echo $(getRemoteVersion pi-hole);;
"-c" | "--current" ) echo $(getLocalVersion "${PHGITDIR}");;
"-h" | "--hash" ) echo $(getLocalHash "${PHGITDIR}");;
* ) echo "::: Invalid Option!"; exit 1;
esac
errorOutput() {
echo " Invalid Option! Try 'pihole -v --help' for more information."
exit 1
}
defaultOutput() {
versionOutput "pi-hole" "$@"
versionOutput "AdminLTE" "$@"
versionOutput "FTL" "$@"
}
helpFunc() {
cat << EOM
:::
::: Show Pi-hole/Web Admin versions
:::
::: Usage: pihole -v [ -a | -p ] [ -l | -c ]
:::
::: Options:
::: -a, --admin Show both current and latest versions of web admin
::: -p, --pihole Show both current and latest versions of Pi-hole core files
::: -l, --latest (Only after -a | -p) Return only latest version
::: -c, --current (Only after -a | -p) Return only current version
::: -h, --help Show this help dialog
:::
EOM
exit 0
echo "Usage: pihole -v [repo | option] [option]
Example: 'pihole -v -p -l'
Show Pi-hole, Admin Console & FTL versions
Repositories:
-p, --pihole Only retrieve info regarding Pi-hole repository
-a, --admin Only retrieve info regarding AdminLTE repository
-f, --ftl Only retrieve info regarding FTL repository
Options:
-c, --current Return the current version
-l, --latest Return the latest version
--hash Return the Github hash from your local repositories
-h, --help Show this help dialog"
exit 0
}
if [[ $# = 0 ]]; then
normalOutput
fi
case "${1}" in
"-a" | "--admin" ) shift; webOutput "$@";;
"-p" | "--pihole" ) shift; coreOutput "$@" ;;
"-p" | "--pihole" ) shift; versionOutput "pi-hole" "$@";;
"-a" | "--admin" ) shift; versionOutput "AdminLTE" "$@";;
"-f" | "--ftl" ) shift; versionOutput "FTL" "$@";;
"-h" | "--help" ) helpFunc;;
* ) defaultOutput "$@";;
esac

View file

@ -8,31 +8,31 @@
# This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license.
readonly setupVars="/etc/pihole/setupVars.conf"
readonly dnsmasqconfig="/etc/dnsmasq.d/01-pihole.conf"
readonly dhcpconfig="/etc/dnsmasq.d/02-pihole-dhcp.conf"
# 03 -> wildcards
readonly dhcpstaticconfig="/etc/dnsmasq.d/04-pihole-static-dhcp.conf"
coltable="/opt/pihole/COL_TABLE"
if [[ -f ${coltable} ]]; then
source ${coltable}
fi
helpFunc() {
cat << EOM
::: Set admin options for the web interface of pihole
:::
::: Usage: pihole -a [options]
:::
::: Options:
::: -p, password Set web interface password, an empty input will remove any previously set password
::: -c, celsius Set Celsius temperature unit
::: -f, fahrenheit Set Fahrenheit temperature unit
::: -k, kelvin Set Kelvin temperature unit
::: -h, --help Show this help dialog
::: -i, interface Setup interface listening behavior of dnsmasq
::: pihole -a -i local : Listen on all interfaces, but allow only queries from
::: devices that are at most one hop away (local devices)
::: pihole -a -i single : Listen only on one interface (see PIHOLE_INTERFACE)
::: pihole -a -i all : Listen on all interfaces, permit all origins
EOM
echo "Usage: pihole -a [options]
Example: pihole -a -p password
Set options for the Admin Console
Options:
-p, password Set Admin Console password
-c, celsius Set Celsius as preferred temperature unit
-f, fahrenheit Set Fahrenheit as preferred temperature unit
-k, kelvin Set Kelvin as preferred temperature unit
-r, hostrecord Add a name to the DNS associated to an IPv4/IPv6 address
-h, --help Show this help dialog
-i, interface Specify dnsmasq's interface listening behavior
Add '-h' for more info on interface usage"
exit 0
}
@ -61,14 +61,19 @@ delete_dnsmasq_setting() {
sed -i "/${1}/d" "${dnsmasqconfig}"
}
SetTemperatureUnit(){
SetTemperatureUnit() {
change_setting "TEMPERATUREUNIT" "${unit}"
echo -e " ${TICK} Set temperature unit to ${unit}"
}
SetWebPassword(){
HashPassword() {
# Compute password hash twice to avoid rainbow table vulnerability
return=$(echo -n ${1} | sha256sum | sed 's/\s.*$//')
return=$(echo -n ${return} | sha256sum | sed 's/\s.*$//')
echo ${return}
}
SetWebPassword() {
if [ "${SUDO_USER}" == "www-data" ]; then
echo "Security measure: user www-data is not allowed to change webUI password!"
echo "Exiting"
@ -81,26 +86,33 @@ SetWebPassword(){
exit 1
fi
read -s -p "Enter New Password (Blank for no password): " PASSWORD
echo ""
if (( ${#args[2]} > 0 )) ; then
readonly PASSWORD="${args[2]}"
readonly CONFIRM="${PASSWORD}"
else
# Prevents a bug if the user presses Ctrl+C and it continues to hide the text typed.
# So we reset the terminal via stty if the user does press Ctrl+C
trap '{ echo -e "\nNo password will be set" ; stty sane ; exit 1; }' INT
read -s -p "Enter New Password (Blank for no password): " PASSWORD
echo ""
if [ "${PASSWORD}" == "" ]; then
change_setting "WEBPASSWORD" ""
echo "Password Removed"
exit 0
fi
if [ "${PASSWORD}" == "" ]; then
change_setting "WEBPASSWORD" ""
echo -e " ${TICK} Password Removed"
exit 0
fi
read -s -p "Confirm Password: " CONFIRM
echo ""
fi
read -s -p "Confirm Password: " CONFIRM
echo ""
if [ "${PASSWORD}" == "${CONFIRM}" ] ; then
# Compute password hash twice to avoid rainbow table vulnerability
hash=$(echo -n ${PASSWORD} | sha256sum | sed 's/\s.*$//')
hash=$(echo -n ${hash} | sha256sum | sed 's/\s.*$//')
hash=$(HashPassword ${PASSWORD})
# Save hash to file
change_setting "WEBPASSWORD" "${hash}"
echo "New password set"
echo -e " ${TICK} New password set"
else
echo "Passwords don't match. Your password has not been changed"
echo -e " ${CROSS} Passwords don't match. Your password has not been changed"
exit 1
fi
}
@ -164,8 +176,7 @@ trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE3
}
SetDNSServers(){
SetDNSServers() {
# Save setting to file
delete_setting "PIHOLE_DNS"
IFS=',' read -r -a array <<< "${args[2]}"
@ -196,72 +207,68 @@ SetDNSServers(){
# Restart dnsmasq to load new configuration
RestartDNS
}
SetExcludeDomains(){
SetExcludeDomains() {
change_setting "API_EXCLUDE_DOMAINS" "${args[2]}"
}
SetExcludeClients(){
SetExcludeClients() {
change_setting "API_EXCLUDE_CLIENTS" "${args[2]}"
}
Reboot(){
Reboot() {
nohup bash -c "sleep 5; reboot" &> /dev/null </dev/null &
}
RestartDNS(){
if [ -x "$(command -v systemctl)" ]; then
systemctl restart dnsmasq &> /dev/null
else
service dnsmasq restart &> /dev/null
fi
RestartDNS() {
local str="Restarting DNS service"
[[ -t 1 ]] && echo -ne " ${INFO} ${str}"
if command -v systemctl &> /dev/null; then
output=$( { systemctl restart dnsmasq; } 2>&1 )
else
output=$( { service dnsmasq restart; } 2>&1 )
fi
if [[ -z "${output}" ]]; then
[[ -t 1 ]] && echo -e "${OVER} ${TICK} ${str}"
else
[[ ! -t 1 ]] && OVER=""
echo -e "${OVER} ${CROSS} ${output}"
fi
}
SetQueryLogOptions(){
SetQueryLogOptions() {
change_setting "API_QUERY_LOG_SHOW" "${args[2]}"
}
ProcessDHCPSettings() {
source "${setupVars}"
if [[ "${DHCP_ACTIVE}" == "true" ]]; then
interface=$(grep 'PIHOLE_INTERFACE=' /etc/pihole/setupVars.conf | sed "s/.*=//")
interface=$(grep 'PIHOLE_INTERFACE=' /etc/pihole/setupVars.conf | sed "s/.*=//")
# Use eth0 as fallback interface
if [ -z ${interface} ]; then
interface="eth0"
fi
# Use eth0 as fallback interface
if [ -z ${interface} ]; then
interface="eth0"
fi
if [[ "${PIHOLE_DOMAIN}" == "" ]]; then
PIHOLE_DOMAIN="local"
change_setting "PIHOLE_DOMAIN" "${PIHOLE_DOMAIN}"
fi
if [[ "${PIHOLE_DOMAIN}" == "" ]]; then
PIHOLE_DOMAIN="local"
change_setting "PIHOLE_DOMAIN" "${PIHOLE_DOMAIN}"
fi
if [[ "${DHCP_LEASETIME}" == "0" ]]; then
leasetime="infinite"
elif [[ "${DHCP_LEASETIME}" == "" ]]; then
leasetime="24h"
change_setting "DHCP_LEASETIME" "${leasetime}"
else
leasetime="${DHCP_LEASETIME}h"
fi
if [[ "${DHCP_LEASETIME}" == "0" ]]; then
leasetime="infinite"
elif [[ "${DHCP_LEASETIME}" == "" ]]; then
leasetime="24h"
change_setting "DHCP_LEASETIME" "${leasetime}"
else
leasetime="${DHCP_LEASETIME}h"
fi
# Write settings to file
echo "###############################################################################
# Write settings to file
echo "###############################################################################
# DHCP SERVER CONFIG FILE AUTOMATICALLY POPULATED BY PI-HOLE WEB INTERFACE. #
# ANY CHANGES MADE TO THIS FILE WILL BE LOST ON CHANGE #
###############################################################################
@ -272,26 +279,27 @@ dhcp-leasefile=/etc/pihole/dhcp.leases
#quiet-dhcp
" > "${dhcpconfig}"
if [[ "${PIHOLE_DOMAIN}" != "none" ]]; then
echo "domain=${PIHOLE_DOMAIN}" >> "${dhcpconfig}"
fi
if [[ "${PIHOLE_DOMAIN}" != "none" ]]; then
echo "domain=${PIHOLE_DOMAIN}" >> "${dhcpconfig}"
fi
if [[ "${DHCP_IPv6}" == "true" ]]; then
echo "#quiet-dhcp6
if [[ "${DHCP_IPv6}" == "true" ]]; then
echo "#quiet-dhcp6
#enable-ra
dhcp-option=option6:dns-server,[::]
dhcp-range=::100,::1ff,constructor:${interface},ra-names,slaac,${leasetime}
ra-param=*,0,0
" >> "${dhcpconfig}"
fi
fi
else
rm "${dhcpconfig}" &> /dev/null
if [[ -f "${dhcpconfig}" ]]; then
rm "${dhcpconfig}" &> /dev/null
fi
fi
}
EnableDHCP(){
EnableDHCP() {
change_setting "DHCP_ACTIVE" "true"
change_setting "DHCP_START" "${args[2]}"
change_setting "DHCP_END" "${args[3]}"
@ -309,8 +317,7 @@ EnableDHCP(){
RestartDNS
}
DisableDHCP(){
DisableDHCP() {
change_setting "DHCP_ACTIVE" "false"
# Remove possible old setting from file
@ -322,23 +329,20 @@ DisableDHCP(){
RestartDNS
}
SetWebUILayout(){
SetWebUILayout() {
change_setting "WEBUIBOXEDLAYOUT" "${args[2]}"
}
CustomizeAdLists() {
list="/etc/pihole/adlists.list"
if [[ "${args[2]}" == "enable" ]] ; then
if [[ "${args[2]}" == "enable" ]]; then
sed -i "\\@${args[3]}@s/^#http/http/g" "${list}"
elif [[ "${args[2]}" == "disable" ]] ; then
elif [[ "${args[2]}" == "disable" ]]; then
sed -i "\\@${args[3]}@s/^http/#http/g" "${list}"
elif [[ "${args[2]}" == "add" ]] ; then
elif [[ "${args[2]}" == "add" ]]; then
echo "${args[3]}" >> ${list}
elif [[ "${args[2]}" == "del" ]] ; then
elif [[ "${args[2]}" == "del" ]]; then
var=$(echo "${args[3]}" | sed 's/\//\\\//g')
sed -i "/${var}/Id" "${list}"
else
@ -347,18 +351,15 @@ CustomizeAdLists() {
fi
}
SetPrivacyMode(){
if [[ "${args[2]}" == "true" ]] ; then
SetPrivacyMode() {
if [[ "${args[2]}" == "true" ]]; then
change_setting "API_PRIVACY_MODE" "true"
else
change_setting "API_PRIVACY_MODE" "false"
fi
}
ResolutionSettings() {
typ="${args[2]}"
state="${args[3]}"
@ -367,11 +368,9 @@ ResolutionSettings() {
elif [[ "${typ}" == "clients" ]]; then
change_setting "API_GET_CLIENT_HOSTNAME" "${state}"
fi
}
AddDHCPStaticAddress() {
mac="${args[2]}"
ip="${args[3]}"
host="${args[4]}"
@ -386,45 +385,63 @@ AddDHCPStaticAddress() {
# Full info given
echo "dhcp-host=${mac},${ip},${host}" >> "${dhcpstaticconfig}"
fi
}
RemoveDHCPStaticAddress() {
mac="${args[2]}"
sed -i "/dhcp-host=${mac}.*/d" "${dhcpstaticconfig}"
}
SetHostRecord(){
SetHostRecord() {
if [[ "${1}" == "-h" ]] || [[ "${1}" == "--help" ]]; then
echo "Usage: pihole -a hostrecord <domain> [IPv4-address],[IPv6-address]
Example: 'pihole -a hostrecord home.domain.com 192.168.1.1,2001:db8:a0b:12f0::1'
Add a name to the DNS associated to an IPv4/IPv6 address
if [ -n "${args[3]}" ]; then
Options:
\"\" Empty: Remove host record
-h, --help Show this help dialog"
exit 0
fi
if [[ -n "${args[3]}" ]]; then
change_setting "HOSTRECORD" "${args[2]},${args[3]}"
echo "Setting host record for ${args[2]} -> ${args[3]}"
echo -e " ${TICK} Setting host record for ${args[2]} to ${args[3]}"
else
change_setting "HOSTRECORD" ""
echo "Removing host record"
echo -e " ${TICK} Removing host record"
fi
ProcessDNSSettings
# Restart dnsmasq to load new configuration
RestartDNS
}
SetListeningMode(){
SetListeningMode() {
source "${setupVars}"
if [[ "${args[2]}" == "all" ]] ; then
echo "Listening on all interfaces, permiting all origins, hope you have a firewall!"
if [[ "$3" == "-h" ]] || [[ "$3" == "--help" ]]; then
echo "Usage: pihole -a -i [interface]
Example: 'pihole -a -i local'
Specify dnsmasq's network interface listening behavior
Interfaces:
local Listen on all interfaces, but only allow queries from
devices that are at most one hop away (local devices)
single Listen only on ${PIHOLE_INTERFACE} interface
all Listen on all interfaces, permit all origins"
exit 0
fi
if [[ "${args[2]}" == "all" ]]; then
echo -e " ${INFO} Listening on all interfaces, permiting all origins. Please use a firewall!"
change_setting "DNSMASQ_LISTENING" "all"
elif [[ "${args[2]}" == "local" ]] ; then
echo "Listening on all interfaces, permitting only origins that are at most one hop away (local devices)"
elif [[ "${args[2]}" == "local" ]]; then
echo -e " ${INFO} Listening on all interfaces, permiting origins from one hop away (LAN)"
change_setting "DNSMASQ_LISTENING" "local"
else
echo "Listening only on interface ${PIHOLE_INTERFACE}"
echo -e " ${INFO} Listening only on interface ${PIHOLE_INTERFACE}"
change_setting "DNSMASQ_LISTENING" "single"
fi
@ -435,17 +452,19 @@ SetListeningMode(){
# Restart dnsmasq to load new configuration
RestartDNS
fi
}
Teleporter()
{
Teleporter() {
local datetimestamp=$(date "+%Y-%m-%d_%H-%M-%S")
php /var/www/html/admin/scripts/pi-hole/php/teleporter.php > "pi-hole-teleporter_${datetimestamp}.zip"
}
main() {
audit()
{
echo "${args[2]}" >> /etc/pihole/auditlog.list
}
main() {
args=("$@")
case "${args[1]}" in
@ -467,10 +486,11 @@ main() {
"resolve" ) ResolutionSettings;;
"addstaticdhcp" ) AddDHCPStaticAddress;;
"removestaticdhcp" ) RemoveDHCPStaticAddress;;
"hostrecord" ) SetHostRecord;;
"-i" | "interface" ) SetListeningMode;;
"-r" | "hostrecord" ) SetHostRecord "$3";;
"-i" | "interface" ) SetListeningMode "$@";;
"-t" | "teleporter" ) Teleporter;;
"adlist" ) CustomizeAdLists;;
"audit" ) audit;;
* ) helpFunc;;
esac
@ -479,5 +499,4 @@ main() {
if [[ $# = 0 ]]; then
helpFunc
fi
}

View file

@ -185,7 +185,7 @@ function add() {
}
$.ajax({
url: "admin/scripts/pi-hole/php/add.php",
url: "/admin/scripts/pi-hole/php/add.php",
method: "post",
data: {"domain":domain.val(), "list":"white", "pw":pw.val()},
success: function(response) {

View file

@ -8,3 +8,14 @@
notifempty
nomail
}
/var/log/pihole-FTL.log {
# su #
weekly
copytruncate
rotate 3
compress
delaycompress
notifempty
nomail
}

View file

@ -26,7 +26,7 @@ start() {
echo "pihole-FTL is already running"
else
touch /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port
chown pihole:pihole /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port
chown pihole:pihole /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port /etc/pihole
chmod 0644 /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port
su -s /bin/sh -c "/usr/bin/pihole-FTL" "$FTLUSER"
echo

View file

@ -21,9 +21,10 @@
# Pi-hole: Update Pi-hole! Uncomment to enable auto update
#30 2 * * 7 root PATH="$PATH:/usr/local/bin/" pihole updatePihole
# Pi-hole: Flush the log daily at 00:00 so it doesn't get out of control
# Stats will be viewable in the Web interface thanks to the cron job above
# Pi-hole: Flush the log daily at 00:00
# The flush script will use logrotate if available
00 00 * * * root PATH="$PATH:/usr/local/bin/" pihole flush
# parameter "once": logrotate only once (default is twice)
# parameter "quiet": don't print messages
00 00 * * * root PATH="$PATH:/usr/local/bin/" pihole flush once quiet
@reboot root /usr/sbin/logrotate /etc/pihole/logrotate

File diff suppressed because it is too large Load diff

View file

@ -8,19 +8,30 @@
# This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license.
source "/opt/pihole/COL_TABLE"
while true; do
read -rp " ${QST} Are you sure you would like to remove ${COL_WHITE}Pi-hole${COL_NC}? [y/N] " yn
case ${yn} in
[Yy]* ) break;;
[Nn]* ) echo -e "\n ${COL_LIGHT_GREEN}Uninstall has been cancelled${COL_NC}"; exit 0;;
* ) echo -e "\n ${COL_LIGHT_GREEN}Uninstall has been cancelled${COL_NC}"; exit 0;;
esac
done
# Must be root to uninstall
str="Root user check"
if [[ ${EUID} -eq 0 ]]; then
echo "::: You are root."
echo -e " ${TICK} ${str}"
else
echo "::: Sudo will be used for the uninstall."
# Check if it is actually installed
# If it isn't, exit because the unnstall cannot complete
# Check if sudo is actually installed
# If it isn't, exit because the uninstall can not complete
if [ -x "$(command -v sudo)" ]; then
export SUDO="sudo"
else
echo "::: Please install sudo or run this as root."
echo -e " ${CROSS} ${str}
Script called with non-root privileges
The Pi-hole requires elevated privleges to uninstall"
exit 1
fi
fi
@ -54,59 +65,48 @@ elif [ -x "$(command -v apt-get)" ]; then
${SUDO} ${PKG_MANAGER} -y autoclean
}
else
echo "OS distribution not supported"
exit
echo -e " ${CROSS} OS distribution not supported"
exit 1
fi
spinner() {
local pid=$1
local delay=0.50
local spinstr='/-\|'
while [ "$(ps a | awk '{print $1}' | grep "${pid}")" ]; do
local temp=${spinstr#?}
printf " [%c] " "${spinstr}"
local spinstr=${temp}${spinstr%"$temp}"}
sleep ${delay}
printf "\b\b\b\b\b\b"
done
printf " \b\b\b\b"
}
removeAndPurge() {
# Purge dependencies
echo ":::"
echo ""
for i in "${PIHOLE_DEPS[@]}"; do
package_check ${i} > /dev/null
if [ $? -eq 0 ]; then
if [[ "$?" -eq 0 ]]; then
while true; do
read -rp "::: Do you wish to remove ${i} from your system? [y/n]: " yn
read -rp " ${QST} Do you wish to remove ${COL_WHITE}${i}${COL_NC} from your system? [Y/N] " yn
case ${yn} in
[Yy]* ) printf ":::\tRemoving %s..." "${i}"; ${SUDO} ${PKG_REMOVE} "${i}" &> /dev/null & spinner $!; printf "done!\n"; break;;
[Nn]* ) printf ":::\tSkipping %s\n" "${i}"; break;;
* ) printf "::: You must answer yes or no!\n";;
[Yy]* )
echo -ne " ${INFO} Removing ${i}...";
${SUDO} ${PKG_REMOVE} "${i}" &> /dev/null;
echo -e "${OVER} ${INFO} Removed ${i}";
break;;
[Nn]* ) echo -e " ${INFO} Skipped ${i}"; break;;
esac
done
else
printf ":::\tPackage %s not installed... Not removing.\n" "${i}"
echo -e " ${INFO} Package ${i} not installed"
fi
done
# Remove dependency config files
echo "::: Removing dnsmasq config files..."
# Remove dnsmasq config files
${SUDO} rm /etc/dnsmasq.conf /etc/dnsmasq.conf.orig /etc/dnsmasq.d/01-pihole.conf &> /dev/null
echo -e " ${TICK} Removing dnsmasq config files"
# Take care of any additional package cleaning
printf "::: Auto removing & cleaning remaining dependencies..."
package_cleanup &> /dev/null & spinner $!; printf "done!\n";
# Call removeNoPurge to remove PiHole specific files
echo -ne " ${INFO} Removing & cleaning remaining dependencies..."
package_cleanup &> /dev/null
echo -e "${OVER} ${TICK} Removed & cleaned up remaining dependencies"
# Call removeNoPurge to remove Pi-hole specific files
removeNoPurge
}
removeNoPurge() {
echo ":::"
# Only web directories/files that are created by pihole should be removed.
echo "::: Removing the Pi-hole Web server files..."
# Only web directories/files that are created by Pi-hole should be removed
echo -ne " ${INFO} Removing Web Interface..."
${SUDO} rm -rf /var/www/html/admin &> /dev/null
${SUDO} rm -rf /var/www/html/pihole &> /dev/null
${SUDO} rm /var/www/html/index.lighttpd.orig &> /dev/null
@ -117,34 +117,35 @@ removeNoPurge() {
${SUDO} rm -rf /var/www/html &> /dev/null
fi
fi
echo -e "${OVER} ${TICK} Removed Web Interface"
# Attempt to preserve backwards compatibility with older versions
# to guarantee no additional changes were made to /etc/crontab after
# the installation of pihole, /etc/crontab.pihole should be permanently
# preserved.
if [[ -f /etc/crontab.orig ]]; then
echo "::: Initial Pi-hole cron detected. Restoring the default system cron..."
${SUDO} mv /etc/crontab /etc/crontab.pihole
${SUDO} mv /etc/crontab.orig /etc/crontab
${SUDO} service cron restart
echo -e " ${TICK} Restored the default system cron"
fi
# Attempt to preserve backwards compatibility with older versions
if [[ -f /etc/cron.d/pihole ]];then
echo "::: Removing cron.d/pihole..."
${SUDO} rm /etc/cron.d/pihole &> /dev/null
echo -e " ${TICK} Removed /etc/cron.d/pihole"
fi
echo "::: Removing config files and scripts..."
package_check lighttpd > /dev/null
if [ $? -eq 1 ]; then
if [[ $? -eq 1 ]]; then
${SUDO} rm -rf /etc/lighttpd/ &> /dev/null
echo -e " ${TICK} Removed lighttpd"
else
if [ -f /etc/lighttpd/lighttpd.conf.orig ]; then
${SUDO} mv /etc/lighttpd/lighttpd.conf.orig /etc/lighttpd/lighttpd.conf
fi
fi
${SUDO} rm /etc/dnsmasq.d/adList.conf &> /dev/null
${SUDO} rm /etc/dnsmasq.d/01-pihole.conf &> /dev/null
${SUDO} rm -rf /var/log/*pihole* &> /dev/null
@ -154,28 +155,53 @@ removeNoPurge() {
${SUDO} rm /usr/local/bin/pihole &> /dev/null
${SUDO} rm /etc/bash_completion.d/pihole &> /dev/null
${SUDO} rm /etc/sudoers.d/pihole &> /dev/null
echo -e " ${TICK} Removed config files"
# Remove FTL
if command -v pihole-FTL &> /dev/null; then
echo -ne " ${INFO} Removing pihole-FTL..."
if [[ -x "$(command -v systemctl)" ]]; then
systemctl stop pihole-FTL
else
service pihole-FTL stop
fi
${SUDO} rm /etc/init.d/pihole-FTL
${SUDO} rm /usr/bin/pihole-FTL
echo -e "${OVER} ${TICK} Removed pihole-FTL"
fi
# If the pihole user exists, then remove
if id "pihole" >/dev/null 2>&1; then
echo "::: Removing pihole user..."
${SUDO} userdel -r pihole
if id "pihole" &> /dev/null; then
${SUDO} userdel -r pihole 2> /dev/null
if [[ "$?" -eq 0 ]]; then
echo -e " ${TICK} Removed 'pihole' user"
else
echo -e " ${CROSS} Unable to remove 'pihole' user"
fi
fi
echo ":::"
printf "::: Finished removing PiHole from your system. Sorry to see you go!\n"
printf "::: Reach out to us at https://github.com/pi-hole/pi-hole/issues if you need help\n"
printf "::: Reinstall by simpling running\n:::\n:::\tcurl -sSL https://install.pi-hole.net | bash\n:::\n::: at any time!\n:::\n"
printf "::: PLEASE RESET YOUR DNS ON YOUR ROUTER/CLIENTS TO RESTORE INTERNET CONNECTIVITY!\n"
echo -e "\n We're sorry to see you go, but thanks for checking out Pi-hole!
If you need help, reach out to us on Github, Discourse, Reddit or Twitter
Reinstall at any time: ${COL_WHITE}curl -sSL https://install.pi-hole.net | bash${COL_NC}
${COL_LIGHT_RED}Please reset the DNS on your router/clients to restore internet connectivity
${COL_LIGHT_GREEN}Uninstallation Complete! ${COL_NC}"
}
######### SCRIPT ###########
echo "::: Preparing to remove packages, be sure that each may be safely removed depending on your operating system."
echo "::: (SAFE TO REMOVE ALL ON RASPBIAN)"
if command -v vcgencmd &> /dev/null; then
echo -e " ${INFO} All dependencies are safe to remove on Raspbian"
else
echo -e " ${INFO} Be sure to confirm if any dependencies should not be removed"
fi
while true; do
read -rp "::: Do you wish to purge PiHole's dependencies from your OS? (You will be prompted for each package) [y/n]: " yn
read -rp " ${QST} Do you wish to go through each dependency for removal? [Y/n] " yn
case ${yn} in
[Yy]* ) removeAndPurge; break;;
[Nn]* ) removeNoPurge; break;;
* ) removeAndPurge; break;;
esac
done

View file

@ -8,52 +8,50 @@
# This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license.
# Run this script as root or under sudo
echo ":::"
coltable="/opt/pihole/COL_TABLE"
source ${coltable}
helpFunc() {
cat << EOM
::: Pull in domains from adlists
:::
::: Usage: pihole -g
:::
::: Options:
::: -f, --force Force lists to be downloaded, even if they don't need updating.
::: -h, --help Show this help dialog
EOM
exit 0
echo "Usage: pihole -g
Update domains from blocklists specified in adlists.list
Options:
-f, --force Force the download of all specified blocklists
-h, --help Show this help dialog"
exit 0
}
PIHOLE_COMMAND="/usr/local/bin/pihole"
adListFile=/etc/pihole/adlists.list
adListDefault=/etc/pihole/adlists.default #being deprecated
adListDefault=/etc/pihole/adlists.default # Deprecated
adListRepoDefault=/etc/.pihole/adlists.default
whitelistScript="${PIHOLE_COMMAND} -w"
whitelistFile=/etc/pihole/whitelist.txt
blacklistFile=/etc/pihole/blacklist.txt
readonly wildcardlist="/etc/dnsmasq.d/03-pihole-wildcard.conf"
#Source the setupVars from install script for the IP
# Source the setupVars from install script for the IP
setupVars=/etc/pihole/setupVars.conf
if [[ -f ${setupVars} ]];then
. /etc/pihole/setupVars.conf
if [[ -f "${setupVars}" ]];then
. /etc/pihole/setupVars.conf
else
echo "::: WARNING: /etc/pihole/setupVars.conf missing. Possible installation failure."
echo "::: Please run 'pihole -r', and choose the 'reconfigure' option to reconfigure."
exit 1
echo -e " ${COL_LIGHT_RED}Error: /etc/pihole/setupVars.conf missing. Possible installation failure.${COL_NC}
Please run 'pihole -r', and choose the 'reconfigure' option to reconfigure."
exit 1
fi
#Remove the /* from the end of the IPv4addr.
# Remove the /* from the end of the IP addresses
IPV4_ADDRESS=${IPV4_ADDRESS%/*}
IPV6_ADDRESS=${IPV6_ADDRESS}
IPV6_ADDRESS=${IPV6_ADDRESS%/*}
# Variables for various stages of downloading and formatting the list
basename=pihole
piholeDir=/etc/${basename}
adList=${piholeDir}/gravity.list
blackList=${piholeDir}/black.list
localList=${piholeDir}/local.list
justDomainsExtension=domains
matterAndLight=${basename}.0.matterandlight.txt
@ -64,13 +62,13 @@ accretionDisc=${basename}.3.accretionDisc.txt
skipDownload=false
# Warn users still using pihole.conf that it no longer has any effect (I imagine about 2 people use it)
# Warn users still using pihole.conf that it no longer has any effect
if [[ -r ${piholeDir}/pihole.conf ]]; then
echo "::: pihole.conf file no longer supported. Over-rides in this file are ignored."
echo -e " ${COL_LIGHT_RED}pihole.conf file no longer supported. Overrides in this file are ignored.${COL_NC}"
fi
###########################
# collapse - begin formation of pihole
# Collapse - begin formation of pihole
gravity_collapse() {
#New Logic:
@ -78,355 +76,401 @@ gravity_collapse() {
# If not, cp /etc/.pihole/adlists.default /etc/pihole/adlists.list
# Read from adlists.list
#The following two blocks will sort out any missing adlists in the /etc/pihole directory, and remove legacy adlists.default
if [ -f ${adListDefault} ] && [ -f ${adListFile} ]; then
rm ${adListDefault}
# The following two blocks will sort out any missing adlists in the /etc/pihole directory, and remove legacy adlists.default
if [[ -f "${adListDefault}" ]] && [[ -f "${adListFile}" ]]; then
rm "${adListDefault}"
fi
if [ ! -f ${adListFile} ]; then
cp ${adListRepoDefault} ${adListFile}
if [ ! -f "${adListFile}" ]; then
cp "${adListRepoDefault}" "${adListFile}"
fi
echo "::: Neutrino emissions detected..."
echo ":::"
echo -n "::: Pulling source lists into range..."
echo -e " ${INFO} Neutrino emissions detected..."
echo ""
local str="Pulling source lists into range"
echo -ne " ${INFO} ${str}..."
sources=()
while IFS= read -r line || [[ -n "$line" ]]; do
#Do not read commented out or blank lines
# Do not read commented out or blank lines
if [[ ${line} = \#* ]] || [[ ! ${line} ]]; then
echo "" > /dev/null
else
sources+=(${line})
fi
done < ${adListFile}
echo " done!"
echo -e "${OVER} ${TICK} ${str}"
}
# patternCheck - check to see if curl downloaded any new files.
gravity_patternCheck() {
patternBuffer=$1
success=$2
error=$3
if [ $success = true ]; then
# check if download was successful but list has not been modified
if [ "${error}" == "304" ]; then
echo "::: No changes detected, transport skipped!"
# check if the patternbuffer is a non-zero length file
elif [[ -s "${patternBuffer}" ]]; then
# Some of the blocklists are copyright, they need to be downloaded
# and stored as is. They can be processed for content after they
# have been saved.
mv "${patternBuffer}" "${saveLocation}"
echo "::: List updated, transport successful!"
else
# Empty file -> use previously downloaded list
echo "::: Received empty file, using cached one (list not updated!)"
fi
else
# check if cached list exists
if [[ -r "${saveLocation}" ]]; then
echo "::: List download failed, using cached list (list not updated!)"
else
echo "::: Download failed and no cached list available (list will not be considered)"
fi
fi
patternBuffer=$1
success=$2
error=$3
if [[ "${success}" = true ]]; then
# Check if download was successful but list has not been modified
if [[ "${error}" == "304" ]]; then
echo -e " ${TICK} No changes detected, transport skipped!"
# Check if the patternbuffer is a non-zero length file
elif [[ -s "${patternBuffer}" ]]; then
# Some blocklists are copyright, they need to be downloaded and stored
# as is. They can be processed for content after they have been saved.
mv "${patternBuffer}" "${saveLocation}"
echo -e " ${TICK} List updated, transport successful!"
else
# Empty file -> use previously downloaded list
echo -e " ${INFO} Received empty file, ${COL_LIGHT_GREEN}using cached one${COL_NC} (list not updated!)"
fi
else
# Check if cached list exists
if [[ -r "${saveLocation}" ]]; then
echo -e " ${CROSS} List download failed, using cached list (list not updated!)"
else
echo -e " ${CROSS} Download failed and no cached list available (list will not be considered)"
fi
fi
}
# transport - curl the specified url with any needed command extentions
gravity_transport() {
url=$1
cmd_ext=$2
agent=$3
url=$1
cmd_ext=$2
agent=$3
# tmp file, so we don't have to store the (long!) lists in RAM
patternBuffer=$(mktemp)
heisenbergCompensator=""
if [[ -r ${saveLocation} ]]; then
# if domain has been saved, add file for date check to only download newer
heisenbergCompensator="-z ${saveLocation}"
fi
# tmp file, so we don't have to store the (long!) lists in RAM
patternBuffer=$(mktemp)
heisenbergCompensator=""
if [[ -r ${saveLocation} ]]; then
# If domain has been saved, add file for date check to only download newer
heisenbergCompensator="-z ${saveLocation}"
fi
# Silently curl url
err=$(curl -s -L ${cmd_ext} ${heisenbergCompensator} -w %{http_code} -A "${agent}" ${url} -o ${patternBuffer})
# Silently curl url
echo -e "${OVER} ${TICK} ${str}"
local str="Status:"
echo -ne " ${INFO} ${str} Pending"
err=$(curl -s -L ${cmd_ext} ${heisenbergCompensator} -w %{http_code} -A "${agent}" ${url} -o ${patternBuffer})
echo " done"
# Analyze http response
echo -n "::: Status: "
case "$err" in
"200" ) echo "Success (OK)"; success=true;;
"304" ) echo "Not modified"; success=true;;
"403" ) echo "Forbidden"; success=false;;
"404" ) echo "Not found"; success=false;;
"408" ) echo "Time-out"; success=false;;
"451" ) echo "Unavailable For Legal Reasons"; success=false;;
"521" ) echo "Web Server Is Down (Cloudflare)"; success=false;;
"522" ) echo "Connection Timed Out (Cloudflare)"; success=false;;
"500" ) echo "Internal Server Error"; success=false;;
* ) echo "Status $err"; success=false;;
esac
# Analyze http response
case "$err" in
"200" ) echo -e "${OVER} ${TICK} ${str} Success (OK)"; success=true;;
"304" ) echo -e "${OVER} ${TICK} ${str} Not modified"; success=true;;
"403" ) echo -e "${OVER} ${CROSS} ${str} Forbidden"; success=false;;
"404" ) echo -e "${OVER} ${CROSS} ${str} Not found"; success=false;;
"408" ) echo -e "${OVER} ${CROSS} ${str} Time-out"; success=false;;
"451" ) echo -e "${OVER} ${CROSS} ${str} Unavailable For Legal Reasons"; success=false;;
"521" ) echo -e "${OVER} ${CROSS} ${str} Web Server Is Down (Cloudflare)"; success=false;;
"522" ) echo -e "${OVER} ${CROSS} ${str} Connection Timed Out (Cloudflare)"; success=false;;
"500" ) echo -e "${OVER} ${CROSS} ${str} Internal Server Error"; success=false;;
* ) echo -e "${OVER} ${CROSS} ${str} Status $err"; success=false;;
esac
# Process result
gravity_patternCheck "${patternBuffer}" ${success} "${err}"
# Process result
gravity_patternCheck "${patternBuffer}" "${success}" "${err}"
# Delete temp file if it hasn't been moved
if [[ -f "${patternBuffer}" ]]; then
rm "${patternBuffer}"
fi
# Delete temp file if it hasn't been moved
if [[ -f "${patternBuffer}" ]]; then
rm "${patternBuffer}"
fi
}
# spinup - main gravity function
gravity_spinup() {
echo ":::"
# Loop through domain list. Download each one and remove commented lines (lines beginning with '# 'or '/') and # blank lines
for ((i = 0; i < "${#sources[@]}"; i++)); do
url=${sources[$i]}
# Get just the domain from the URL
domain=$(echo "${url}" | cut -d'/' -f3)
echo ""
# Loop through domain list. Download each one and remove commented lines (lines beginning with '# 'or '/') and # blank lines
for ((i = 0; i < "${#sources[@]}"; i++)); do
url=${sources[$i]}
# Get just the domain from the URL
domain=$(cut -d'/' -f3 <<< "${url}")
# Save the file as list.#.domain
saveLocation=${piholeDir}/list.${i}.${domain}.${justDomainsExtension}
activeDomains[$i]=${saveLocation}
# Save the file as list.#.domain
saveLocation=${piholeDir}/list.${i}.${domain}.${justDomainsExtension}
activeDomains[$i]=${saveLocation}
agent="Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.0 Safari/537.36"
agent="Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.0 Safari/537.36"
# Use a case statement to download lists that need special cURL commands
# to complete properly and reset the user agent when required
case "${domain}" in
"adblock.mahakala.is")
agent='Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36'
cmd_ext="-e http://forum.xda-developers.com/"
;;
# Use a case statement to download lists that need special cURL commands
# to complete properly and reset the user agent when required
case "${domain}" in
"pgl.yoyo.org")
cmd_ext="-d mimetype=plaintext -d hostformat=hosts"
;;
"adaway.org")
agent='Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36'
;;
# Default is a simple request
*) cmd_ext=""
esac
"pgl.yoyo.org")
cmd_ext="-d mimetype=plaintext -d hostformat=hosts"
;;
if [[ "${skipDownload}" == false ]]; then
local str="Aiming tractor beam at $domain"
echo -ne " ${INFO} ${str}..."
# Default is a simple request
*) cmd_ext=""
esac
if [[ "${skipDownload}" == false ]]; then
echo -n "::: Getting $domain list..."
gravity_transport "$url" "$cmd_ext" "$agent"
fi
done
gravity_transport "$url" "$cmd_ext" "$agent" "$str"
echo ""
fi
done
}
# Schwarzchild - aggregate domains to one list and add blacklisted domains
gravity_Schwarzchild() {
echo "::: "
# Find all active domains and compile them into one file and remove CRs
echo -n "::: Aggregating list of domains..."
truncate -s 0 ${piholeDir}/${matterAndLight}
for i in "${activeDomains[@]}"; do
# Only assimilate list if it is available (download might have faild permanently)
if [[ -r "${i}" ]]; then
cat "${i}" | tr -d '\r' >> ${piholeDir}/${matterAndLight}
fi
done
echo " done!"
echo ""
# Find all active domains and compile them into one file and remove CRs
local str="Aggregating list of domains"
echo -ne " ${INFO} ${str}..."
truncate -s 0 ${piholeDir}/${matterAndLight}
for i in "${activeDomains[@]}"; do
# Only assimilate list if it is available (download might have failed permanently)
if [[ -r "${i}" ]]; then
cat "${i}" | tr -d '\r' >> ${piholeDir}/${matterAndLight}
fi
done
echo -e "${OVER} ${TICK} ${str}"
}
gravity_Blacklist() {
# Append blacklist entries to eventHorizon if they exist
if [[ -f "${blacklistFile}" ]]; then
numBlacklisted=$(wc -l < "${blacklistFile}")
plural=; [[ "$numBlacklisted" != "1" ]] && plural=s
echo -n "::: Blacklisting $numBlacklisted domain${plural}..."
cat ${blacklistFile} >> ${piholeDir}/${eventHorizon}
echo " done!"
else
echo "::: Nothing to blacklist!"
fi
# Append blacklist entries to eventHorizon if they exist
if [[ -f "${blacklistFile}" ]]; then
numBlacklisted=$(wc -l < "${blacklistFile}")
plural=; [[ "$numBlacklisted" != "1" ]] && plural=s
local str="Exact blocked domain${plural}: $numBlacklisted"
echo -e " ${INFO} ${str}"
else
echo -e " ${INFO} Nothing to blacklist!"
fi
}
gravity_Wildcard() {
# Return number of wildcards in output - don't actually handle wildcards
if [[ -f "${wildcardlist}" ]]; then
numWildcards=$(grep -c ^ "${wildcardlist}")
if [[ -n "${IPV4_ADDRESS}" && -n "${IPV6_ADDRESS}" ]];then
let numWildcards/=2
fi
plural=; [[ "$numWildcards" != "1" ]] && plural=s
echo "::: Wildcard blocked domain${plural}: $numWildcards"
else
echo "::: No wildcards used!"
fi
# Return number of wildcards in output - don't actually handle wildcards
if [[ -f "${wildcardlist}" ]]; then
numWildcards=$(grep -c ^ "${wildcardlist}")
if [[ -n "${IPV4_ADDRESS}" ]] && [[ -n "${IPV6_ADDRESS}" ]];then
let numWildcards/=2
fi
plural=; [[ "$numWildcards" != "1" ]] && plural=s
echo -e " ${INFO} Wildcard blocked domain${plural}: $numWildcards"
else
echo -e " ${INFO} No wildcards used!"
fi
}
gravity_Whitelist() {
#${piholeDir}/${eventHorizon})
echo ":::"
# Prevent our sources from being pulled into the hole
plural=; [[ "${sources[@]}" != "1" ]] && plural=s
echo -n "::: Adding adlist source${plural} to the whitelist..."
echo ""
# Prevent our sources from being pulled into the hole
plural=; [[ "${sources[@]}" != "1" ]] && plural=s
local str="Adding adlist source${plural} to the whitelist"
echo -ne " ${INFO} ${str}..."
urls=()
for url in "${sources[@]}"; do
tmp=$(echo "${url}" | awk -F '/' '{print $3}')
urls=("${urls[@]}" ${tmp})
done
echo " done!"
urls=()
for url in "${sources[@]}"; do
tmp=$(awk -F '/' '{print $3}' <<< "${url}")
urls=("${urls[@]}" ${tmp})
done
# Ensure adlist domains are in whitelist.txt
${whitelistScript} -nr -q "${urls[@]}" > /dev/null
echo -e "${OVER} ${TICK} ${str}"
# Check whitelist.txt exists.
if [[ -f "${whitelistFile}" ]]; then
# Remove anything in whitelist.txt from the Event Horizon
numWhitelisted=$(wc -l < "${whitelistFile}")
plural=; [[ "$numWhitelisted" != "1" ]] && plural=s
echo -n "::: Whitelisting $numWhitelisted domain${plural}..."
#print everything from preEventHorizon into eventHorizon EXCEPT domains in whitelist.txt
grep -F -x -v -f ${whitelistFile} ${piholeDir}/${preEventHorizon} > ${piholeDir}/${eventHorizon}
echo " done!"
else
echo "::: Nothing to whitelist!"
fi
# Ensure adlist domains are in whitelist.txt
${whitelistScript} -nr -q "${urls[@]}" > /dev/null
# Check whitelist.txt exists.
if [[ -f "${whitelistFile}" ]]; then
# Remove anything in whitelist.txt from the Event Horizon
numWhitelisted=$(wc -l < "${whitelistFile}")
plural=; [[ "$numWhitelisted" != "1" ]] && plural=s
local str="Whitelisting $numWhitelisted domain${plural}"
echo -ne " ${INFO} ${str}..."
# Print everything from preEventHorizon into eventHorizon EXCEPT domains in whitelist.txt
grep -F -x -v -f ${whitelistFile} ${piholeDir}/${preEventHorizon} > ${piholeDir}/${eventHorizon}
echo -e "${OVER} ${TICK} ${str}"
else
echo -e " ${INFO} Nothing to whitelist!"
fi
}
gravity_unique() {
# Sort and remove duplicates
echo -n "::: Removing duplicate domains...."
sort -u ${piholeDir}/${supernova} > ${piholeDir}/${preEventHorizon}
echo " done!"
numberOf=$(wc -l < ${piholeDir}/${preEventHorizon})
echo "::: $numberOf unique domains trapped in the event horizon."
# Sort and remove duplicates
local str="Removing duplicate domains"
echo -ne " ${INFO} ${str}..."
sort -u ${piholeDir}/${supernova} > ${piholeDir}/${preEventHorizon}
echo -e "${OVER} ${TICK} ${str}"
numberOf=$(wc -l < ${piholeDir}/${preEventHorizon})
echo -e " ${INFO} ${COL_LIGHT_BLUE}${numberOf}${COL_NC} unique domains trapped in the event horizon."
}
gravity_hostFormat() {
# Format domain list as "192.168.x.x domain.com"
echo -n "::: Formatting domains into a HOSTS file..."
if [[ -f /etc/hostname ]]; then
hostname=$(</etc/hostname)
elif [ -x "$(command -v hostname)" ]; then
hostname=$(hostname -f)
else
echo "::: Error: Unable to determine fully qualified domain name of host"
fi
gravity_doHostFormat() {
# Check vars from setupVars.conf to see if we're using IPv4, IPv6, Or both.
if [[ -n "${IPV4_ADDRESS}" && -n "${IPV6_ADDRESS}" ]];then
if [[ -n "${IPV4_ADDRESS}" ]] && [[ -n "${IPV6_ADDRESS}" ]];then
# Both IPv4 and IPv6
awk -v ipv4addr="$IPV4_ADDRESS" -v ipv6addr="$IPV6_ADDRESS" '{sub(/\r$/,""); print ipv4addr" "$0"\n"ipv6addr" "$0}' >> "${2}" < "${1}"
elif [[ -n "${IPV4_ADDRESS}" ]] && [[ -z "${IPV6_ADDRESS}" ]];then
# Only IPv4
awk -v ipv4addr="$IPV4_ADDRESS" '{sub(/\r$/,""); print ipv4addr" "$0}' >> "${2}" < "${1}"
elif [[ -z "${IPV4_ADDRESS}" ]] && [[ -n "${IPV6_ADDRESS}" ]];then
# Only IPv6
awk -v ipv6addr="$IPV6_ADDRESS" '{sub(/\r$/,""); print ipv6addr" "$0}' >> "${2}" < "${1}"
elif [[ -z "${IPV4_ADDRESS}" ]] &&[[ -z "${IPV6_ADDRESS}" ]];then
echo -e "${OVER} ${CROSS} ${str}"
echo -e " ${COL_LIGHT_RED}No IP Values found! Please run 'pihole -r' and choose reconfigure to restore values${COL_NC}"
exit 1
fi
}
echo -e "${IPV4_ADDRESS} ${hostname}\n${IPV6_ADDRESS} ${hostname}\n${IPV4_ADDRESS} pi.hole\n${IPV6_ADDRESS} pi.hole" > ${localList}
# Both IPv4 and IPv6
cat ${piholeDir}/${eventHorizon} | awk -v ipv4addr="$IPV4_ADDRESS" -v ipv6addr="$IPV6_ADDRESS" '{sub(/\r$/,""); print ipv4addr" "$0"\n"ipv6addr" "$0}' >> ${piholeDir}/${accretionDisc}
gravity_hostFormatLocal() {
# Format domain list as "192.168.x.x domain.com"
elif [[ -n "${IPV4_ADDRESS}" && -z "${IPV6_ADDRESS}" ]];then
echo -e "${IPV4_ADDRESS} ${hostname}\n${IPV4_ADDRESS} pi.hole" > ${localList}
# Only IPv4
cat ${piholeDir}/${eventHorizon} | awk -v ipv4addr="$IPV4_ADDRESS" '{sub(/\r$/,""); print ipv4addr" "$0}' >> ${piholeDir}/${accretionDisc}
elif [[ -z "${IPV4_ADDRESS}" && -n "${IPV6_ADDRESS}" ]];then
echo -e "${IPV6_ADDRESS} ${hostname}\n${IPV6_ADDRESS} pi.hole" > ${localList}
# Only IPv6
cat ${piholeDir}/${eventHorizon} | awk -v ipv6addr="$IPV6_ADDRESS" '{sub(/\r$/,""); print ipv6addr" "$0}' >> ${piholeDir}/${accretionDisc}
elif [[ -z "${IPV4_ADDRESS}" && -z "${IPV6_ADDRESS}" ]];then
echo "::: No IP Values found! Please run 'pihole -r' and choose reconfigure to restore values"
exit 1
if [[ -f "/etc/hostname" ]]; then
hostname=$(< /etc/hostname)
elif [ -x "$(command -v hostname)" ]; then
hostname=$(hostname -f)
else
echo -e " ${CROSS} Unable to determine fully qualified domain name of host"
fi
# Copy the file over as /etc/pihole/gravity.list so dnsmasq can use it
cp ${piholeDir}/${accretionDisc} ${adList}
echo " done!"
echo -e "${hostname}\npi.hole" > "${localList}.tmp"
# Copy the file over as /etc/pihole/local.list so dnsmasq can use it
rm "${localList}"
gravity_doHostFormat "${localList}.tmp" "${localList}"
rm "${localList}.tmp"
}
gravity_hostFormatGravity() {
# Format domain list as "192.168.x.x domain.com"
echo "" > "${piholeDir}/${accretionDisc}"
gravity_doHostFormat "${piholeDir}/${eventHorizon}" "${piholeDir}/${accretionDisc}"
# Copy the file over as /etc/pihole/gravity.list so dnsmasq can use it
mv "${piholeDir}/${accretionDisc}" "${adList}"
}
gravity_hostFormatBlack() {
if [[ -f "${blacklistFile}" ]]; then
numBlacklisted=$(wc -l < "${blacklistFile}")
# Format domain list as "192.168.x.x domain.com"
gravity_doHostFormat "${blacklistFile}" "${blackList}.tmp"
# Copy the file over as /etc/pihole/black.list so dnsmasq can use it
mv "${blackList}.tmp" "${blackList}"
else
echo -e " ${INFO} Nothing to blacklist!"
fi
}
# blackbody - remove any remnant files from script processes
gravity_blackbody() {
# Loop through list files
for file in ${piholeDir}/*.${justDomainsExtension}; do
# If list is in active array then leave it (noop) else rm the list
if [[ " ${activeDomains[@]} " =~ ${file} ]]; then
:
else
rm -f "${file}"
fi
done
# Loop through list files
for file in ${piholeDir}/*.${justDomainsExtension}; do
# If list is in active array then leave it (noop) else rm the list
if [[ " ${activeDomains[@]} " =~ ${file} ]]; then
:
else
rm -f "${file}"
fi
done
}
gravity_advanced() {
# Remove comments and print only the domain name
# Most of the lists downloaded are already in hosts file format but the spacing/formating is not contigious
# This helps with that and makes it easier to read
# It also helps with debugging so each stage of the script can be researched more in depth
echo -n "::: Formatting list of domains to remove comments...."
#awk '($1 !~ /^#/) { if (NF>1) {print $2} else {print $1}}' ${piholeDir}/${matterAndLight} | sed -nr -e 's/\.{2,}/./g' -e '/\./p' > ${piholeDir}/${supernova}
#Above line does not correctly grab domains where comment is on the same line (e.g 'addomain.com #comment')
#Awk -F splits on given IFS, we grab the right hand side (chops trailing #coments and /'s to grab the domain only.
#Last awk command takes non-commented lines and if they have 2 fields, take the left field (the domain) and leave
#+ the right (IP address), otherwise grab the single field.
cat ${piholeDir}/${matterAndLight} | \
awk -F '#' '{print $1}' | \
awk -F '/' '{print $1}' | \
awk '($1 !~ /^#/) { if (NF>1) {print $2} else {print $1}}' | \
sed -nr -e 's/\.{2,}/./g' -e '/\./p' > ${piholeDir}/${supernova}
echo " done!"
# Remove comments and print only the domain name
# Most of the lists downloaded are already in hosts file format but the spacing/formating is not contigious
# This helps with that and makes it easier to read
# It also helps with debugging so each stage of the script can be researched more in depth
local str="Formatting list of domains to remove comments"
echo -ne " ${INFO} ${str}..."
numberOf=$(wc -l < ${piholeDir}/${supernova})
echo "::: ${numberOf} domains being pulled in by gravity..."
#awk '($1 !~ /^#/) { if (NF>1) {print $2} else {print $1}}' ${piholeDir}/${matterAndLight} | sed -nr -e 's/\.{2,}/./g' -e '/\./p' > ${piholeDir}/${supernova}
#Above line does not correctly grab domains where comment is on the same line (e.g 'addomain.com #comment')
#Awk -F splits on given IFS, we grab the right hand side (chops trailing #coments and /'s to grab the domain only.
#Last awk command takes non-commented lines and if they have 2 fields, take the left field (the domain) and leave
#+ the right (IP address), otherwise grab the single field.
cat ${piholeDir}/${matterAndLight} | \
awk -F '#' '{print $1}' | \
awk -F '/' '{print $1}' | \
awk '($1 !~ /^#/) { if (NF>1) {print $2} else {print $1}}' | \
sed -nr -e 's/\.{2,}/./g' -e '/\./p' > ${piholeDir}/${supernova}
gravity_unique
echo -e "${OVER} ${TICK} ${str}"
numberOf=$(wc -l < ${piholeDir}/${supernova})
echo -e " ${INFO} ${COL_LIGHT_BLUE}${numberOf}${COL_NC} domains being pulled in by gravity"
gravity_unique
}
gravity_reload() {
#Clear no longer needed files...
echo ":::"
echo -n "::: Cleaning up un-needed files..."
rm ${piholeDir}/pihole.*.txt
echo " done!"
# Reload hosts file
echo ""
local str="Refreshing lists in dnsmasq"
echo -e " ${INFO} ${str}..."
# Reload hosts file
echo ":::"
echo -n "::: Refresh lists in dnsmasq..."
# Ensure /etc/dnsmasq.d/01-pihole.conf is pointing at the correct list!
# First escape forward slashes in the path:
adList=${adList//\//\\\/}
# Now replace the line in dnsmasq file
# sed -i "s/^addn-hosts.*/addn-hosts=$adList/" /etc/dnsmasq.d/01-pihole.conf
#ensure /etc/dnsmasq.d/01-pihole.conf is pointing at the correct list!
#First escape forward slashes in the path:
adList=${adList//\//\\\/}
#Now replace the line in dnsmasq file
# sed -i "s/^addn-hosts.*/addn-hosts=$adList/" /etc/dnsmasq.d/01-pihole.conf
"${PIHOLE_COMMAND}" restartdns
echo " done!"
"${PIHOLE_COMMAND}" restartdns
}
for var in "$@"; do
case "${var}" in
"-f" | "--force" ) forceGrav=true;;
"-h" | "--help" ) helpFunc;;
"-sd" | "--skip-download" ) skipDownload=true;;
esac
case "${var}" in
"-f" | "--force" ) forceGrav=true;;
"-h" | "--help" ) helpFunc;;
"-sd" | "--skip-download" ) skipDownload=true;;
"-b" | "--blacklist-only" ) blackListOnly=true;;
esac
done
if [[ "${forceGrav}" == true ]]; then
echo -n "::: Deleting exising list cache..."
rm /etc/pihole/list.*
echo " done!"
str="Deleting exising list cache"
echo -ne "${INFO} ${str}..."
if rm /etc/pihole/list.* 2> /dev/null; then
echo -e "${OVER} ${TICK} ${str}"
else
echo -e "${OVER} ${CROSS} ${str}"
fi
fi
gravity_collapse
gravity_spinup
if [[ "${skipDownload}" == false ]]; then
if [[ ! "${blackListOnly}" == true ]]; then
gravity_collapse
gravity_spinup
if [[ "${skipDownload}" == false ]]; then
gravity_Schwarzchild
gravity_advanced
else
echo "::: Using cached Event Horizon list..."
else
echo -e " ${INFO} Using cached Event Horizon list..."
numberOf=$(wc -l < ${piholeDir}/${preEventHorizon})
echo "::: $numberOf unique domains trapped in the event horizon."
echo -e " ${INFO} ${COL_LIGHT_BLUE}$numberOf${COL_NC} unique domains trapped in the event horizon."
fi
gravity_Whitelist
fi
gravity_Whitelist
gravity_Blacklist
gravity_Wildcard
gravity_hostFormat
str="Formatting domains into a HOSTS file"
echo -ne " ${INFO} ${str}..."
if [[ ! "${blackListOnly}" == true ]]; then
gravity_hostFormatLocal
gravity_hostFormatGravity
fi
gravity_hostFormatBlack
echo -e "${OVER} ${TICK} ${str}"
gravity_blackbody
if [[ ! "${blackListOnly}" == true ]]; then
# Clear no longer needed files...
str="Cleaning up un-needed files"
echo -ne " ${INFO} ${str}..."
rm ${piholeDir}/pihole.*.txt 2> /dev/null
echo -e "${OVER} ${TICK} ${str}"
fi
gravity_reload
"${PIHOLE_COMMAND}" status

557
pihole
View file

@ -8,16 +8,19 @@
# This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license.
readonly PI_HOLE_SCRIPT_DIR="/opt/pihole"
colfile="/opt/pihole/COL_TABLE"
source ${colfile}
readonly PI_HOLE_SCRIPT_DIR="/opt/pihole"
readonly wildcardlist="/etc/dnsmasq.d/03-pihole-wildcard.conf"
# Must be root to use this tool
if [[ ! $EUID -eq 0 ]];then
if [ -x "$(command -v sudo)" ];then
if [[ -x "$(command -v sudo)" ]]; then
exec sudo bash "$0" "$@"
exit $?
else
echo "::: sudo is needed to run pihole commands. Please run this script as root or install sudo."
echo -e " ${CROSS} sudo is needed to run pihole commands. Please run this script as root or install sudo."
exit 1
fi
fi
@ -61,7 +64,7 @@ debugFunc() {
}
flushFunc() {
"${PI_HOLE_SCRIPT_DIR}"/piholeLogFlush.sh
"${PI_HOLE_SCRIPT_DIR}"/piholeLogFlush.sh "$@"
exit 0
}
@ -84,10 +87,14 @@ scanList(){
domain="${1}"
list="${2}"
method="${3}"
if [[ ${method} == "-exact" ]] ; then
grep -i -E "(^|\s)${domain}($|\s)" "${list}"
# Switch folder, preventing grep from printing file path
cd "/etc/pihole" || return 1
if [[ -n "${method}" ]]; then
grep -i -E -l "(^|\s|\/)${domain}($|\s|\/)" ${list} /dev/null 2> /dev/null
else
grep -i "${domain}" "${list}"
grep -i "${domain}" ${list} /dev/null 2> /dev/null
fi
}
@ -107,39 +114,217 @@ processWildcards() {
}
queryFunc() {
domain="${2}"
method="${3}"
lists=( /etc/pihole/list.* /etc/pihole/blacklist.txt)
for list in ${lists[@]}; do
if [ -e "${list}" ]; then
result=$(scanList ${domain} ${list} ${method})
# Remove empty lines before couting number of results
count=$(sed '/^\s*$/d' <<< "$result" | wc -l)
echo "::: ${list} (${count} results)"
if [[ ${count} > 0 ]]; then
echo "${result}"
fi
echo ""
else
echo "::: ${list} does not exist"
echo ""
fi
done
options="$*"
options="${options/-q /}"
# Scan for possible wildcard matches
if [ -e "${wildcardlist}" ]; then
local wildcards=($(processWildcards "${domain}"))
for domain in ${wildcards[@]}; do
result=$(scanList "\/${domain}\/" ${wildcardlist})
# Remove empty lines before couting number of results
count=$(sed '/^\s*$/d' <<< "$result" | wc -l)
if [[ ${count} > 0 ]]; then
echo "::: Wildcard blocking ${domain} (${count} results)"
echo "${result}"
echo ""
if [[ "${options}" == "-h" ]] || [[ "${options}" == "--help" ]]; then
echo "Usage: pihole -q [option] <domain>
Example: 'pihole -q -exact domain.com'
Query the adlists for a specified domain
Options:
-adlist Print the name of the block list URL
-exact Search the block lists for exact domain matches
-all Return all query matches within a block list
-h, --help Show this help dialog"
exit 0
fi
if [[ "${options}" == *"-exact"* ]]; then
method="exact"
exact=true
fi
if [[ "${options}" == *"-adlist"* ]]; then
adlist=true
fi
if [[ "${options}" == *"-bp"* ]]; then
method="exact"
blockpage=true
fi
if [[ "${options}" == *"-all"* ]]; then
all=true
fi
# Strip valid options, leaving only the domain and invalid options
options=$(sed 's/ \?-\(exact\|adlist\(s\)\?\|bp\|all\) \?//g' <<< "$options")
# Handle errors
if [[ "${options}" == *" "* ]]; then
error=true
str="Unknown option specified"
elif [[ "${options}" == "-q" ]]; then
error=true
str="No domain specified"
fi
if [[ -n "${error}" ]]; then
echo -e " ${COL_LIGHT_RED}${str}${COL_NC}
Try 'pihole -q --help' for more information."
exit 1
fi
# If domain contains non ASCII characters, convert domain to punycode if python is available
# Cr: https://serverfault.com/a/335079
if [[ "$options" = *[![:ascii:]]* ]]; then
if command -v python &> /dev/null; then
query=$(python -c 'import sys;print sys.argv[1].decode("utf-8").encode("idna")' "${options}")
fi
else
query="${options}"
fi
# Scan Whitelist and Blacklist
lists="whitelist.txt blacklist.txt"
results=($(scanList "${query}" "${lists}" "${method}"))
if [[ -n "${results[*]}" ]]; then
blResult=true
# Loop through each scanList line to print appropriate title
for result in "${results[@]}"; do
filename="${result/:*/}"
if [[ -n "$exact" ]]; then
printf " Exact result in %s\n" "${filename}"
elif [[ -n "$blockpage" ]]; then
printf "π %s\n" "${filename}"
else
domain="${result/*:/}"
if [[ ! "${filename}" == "${filename_prev:-}" ]]; then
printf " Result from %s\n" "${filename}"
fi
printf " %s\n" "${domain}"
filename_prev="${filename}"
fi
done
fi
# Scan Wildcards
if [[ -e "${wildcardlist}" ]]; then
wildcards=($(processWildcards "${query}"))
for match in "${wildcards[@]}"; do
results=($(scanList "\/${match}\/" ${wildcardlist}))
if [[ -n "${results[*]}" ]]; then
# Remove empty lines before couting number of results
count=$(sed '/^\s*$/d' <<< "${results[@]}" | wc -l)
if [[ "${count}" -ge 0 ]]; then
blResult=true
if [[ -z "${blockpage}" ]]; then
printf " Wildcard result in %s\n" "${wildcardlist/*dnsmasq.d\/}"
fi
if [[ -n "${blockpage}" ]]; then
echo "π ${wildcardlist/*\/}"
else
echo " *.${match}"
fi
fi
fi
done
[[ -n "${blResult}" ]] && [[ -n "${blockpage}" ]] && exit 0
fi
# Glob *.domains file names, remove file paths and sort by list number
lists_raw=(/etc/pihole/*.domains)
IFS_OLD=$IFS
IFS=$'\n'
lists=$(sort -t . -k 2 -g <<< "${lists_raw[*]//\/etc\/pihole\//}")
# Scan Domains files
results=($(scanList "${query}" "${lists}" "${method}"))
# Handle notices
if [[ -z "${blResult}" ]] && [[ -z "${results[*]}" ]]; then
notice=true
str="No ${method/t/t }results found for ${query} found within block lists"
elif [[ -z "${all}" ]] && [[ "${#results[*]}" -ge 16000 ]]; then
# 16000 chars is 15 chars X 1000 lines worth of results
notice=true
str="Hundreds of ${method/t/t }results found for ${query}
This can be overriden using the -all option"
fi
if [[ -n "${notice}" ]]; then
echo -e " ${INFO} ${str}"
exit
fi
# Remove unwanted content from results
if [[ -z "${method}" ]]; then
results=($(sed "/:#/d" <<< "${results[*]}")) # Lines starting with comments
results=($(sed "s/[ \t]#.*//g" <<< "${results[*]}")) # Comments after domain
results=($(sed "s/:.*[ \t]/:/g" <<< "${results[*]}")) # IP address
fi
IFS=$IFS_OLD
# Get adlist content as array
if [[ -n "${adlist}" ]] || [[ -n "${blockpage}" ]]; then
if [[ -f "/etc/pihole/adlists.list" ]]; then
for url in $(< /etc/pihole/adlists.list); do
if [[ "${url:0:4}" == "http" ]] || [[ "${url:0:3}" == "www" ]]; then
adlists+=("$url")
fi
done
else
echo -e " ${COL_LIGHT_RED}The file '/etc/pihole/adlists.list' was not found${COL_NC}"
exit 1
fi
fi
if [[ -n "${results[*]}" ]]; then
if [[ -n "${exact}" ]]; then
echo " Exact result(s) for ${query} found in:"
fi
for result in "${results[@]}"; do
filename="${result/:*/}"
# Convert file name to URL name for -adlist or -bp options
if [[ -n "${adlist}" ]] || [[ -n "${blockpage}" ]]; then
filenum=("${filename/list./}")
filenum=("${filenum/.*/}")
filename="${adlists[$filenum]}"
# If gravity has generated associated .domains files
# but adlists.list has been modified since
if [[ -z "${filename}" ]]; then
filename="${COL_LIGHT_RED}Error: no associated adlists URL found${COL_NC}"
fi
fi
if [[ -n "${exact}" ]]; then
printf " %s\n" "${filename}"
elif [[ -n "${blockpage}" ]]; then
printf "%s %s\n" "${filenum}" "${filename}"
else # Standard query output
# Print filename heading once per file, not for every match
if [[ ! "${filename}" == "${filename_prev:-}" ]]; then
unset count
printf " Result from %s\n" "${filename}"
else
let count++
fi
# Print matching domain if $max_count has not been reached
[[ -z "${all}" ]] && max_count="20"
if [[ -z "${all}" ]] && [[ "${count}" -eq "${max_count}" ]]; then
echo " Over $count results found, skipping rest of file"
elif [[ -z "${all}" ]] && [[ "${count}" -gt "${max_count}" ]]; then
continue
else
domain="${result/*:/}"
printf " %s\n" "${domain}"
fi
filename_prev="${filename}"
fi
done
fi
exit 0
}
@ -163,163 +348,284 @@ versionFunc() {
restartDNS() {
dnsmasqPid=$(pidof dnsmasq)
if [[ ${dnsmasqPid} ]]; then
# service already running - reload config
if [ -x "$(command -v systemctl)" ]; then
systemctl restart dnsmasq
local str="Restarting DNS service"
echo -ne " ${INFO} ${str}"
if [[ "${dnsmasqPid}" ]]; then
# Service already running - reload config
if [[ -x "$(command -v systemctl)" ]]; then
output=$( { systemctl restart dnsmasq; } 2>&1 )
else
service dnsmasq restart
output=$( { service dnsmasq restart; } 2>&1 )
fi
if [[ -z "${output}" ]]; then
echo -e "${OVER} ${TICK} ${str}"
else
echo -e "${OVER} ${CROSS} ${output}"
fi
else
# service not running, start it up
if [ -x "$(command -v systemctl)" ]; then
systemctl start dnsmasq
# Service not running, start it up
if [[ -x "$(command -v systemctl)" ]]; then
output=$( { systemctl start dnsmasq; } 2>&1 )
else
service dnsmasq start
output=$( { service dnsmasq start; } 2>&1 )
fi
if [[ -z "${output}" ]]; then
echo -e "${OVER} ${TICK} ${str}"
else
echo -e "${OVER} ${CROSS} ${output}"
fi
fi
}
piholeEnable() {
if [[ "${1}" == "0" ]] ; then
#Disable Pihole
if [[ "${2}" == "-h" ]] || [[ "${2}" == "--help" ]]; then
echo "Usage: pihole disable [time]
Example: 'pihole disable', or 'pihole disable 5m'
Disable Pi-hole subsystems
Time:
#s Disable Pi-hole functionality for # second(s)
#m Disable Pi-hole functionality for # minute(s)"
exit 0
elif [[ "${1}" == "0" ]]; then
# Disable Pi-hole
sed -i 's/^addn-hosts=\/etc\/pihole\/gravity.list/#addn-hosts=\/etc\/pihole\/gravity.list/' /etc/dnsmasq.d/01-pihole.conf
echo "::: Blocking has been disabled!"
if [[ $# > 1 ]] ; then
if [[ ${2} == *"s"* ]] ; then
sed -i 's/^addn-hosts=\/etc\/pihole\/black.list/#addn-hosts=\/etc\/pihole\/black.list/' /etc/dnsmasq.d/01-pihole.conf
if [[ -e "$wildcardlist" ]]; then
mv "$wildcardlist" "/etc/pihole/wildcard.list"
fi
if [[ $# > 1 ]]; then
local error=false
if [[ "${2}" == *"s" ]]; then
tt=${2%"s"}
echo "::: Blocking will be re-enabled in ${tt} seconds"
nohup bash -c "sleep ${tt}; pihole enable" </dev/null &>/dev/null &
elif [[ ${2} == *"m"* ]] ; then
if [[ "${tt}" =~ ^-?[0-9]+$ ]];then
local str="Disabling blocking for ${tt} seconds"
echo -e " ${INFO} ${str}..."
local str="Blocking will be re-enabled in ${tt} seconds"
nohup bash -c "sleep ${tt}; pihole enable" </dev/null &>/dev/null &
else
local error=true
fi
elif [[ "${2}" == *"m" ]]; then
tt=${2%"m"}
echo "::: Blocking will be re-enabled in ${tt} minutes"
tt=$((${tt}*60))
nohup bash -c "sleep ${tt}; pihole enable" </dev/null &>/dev/null &
if [[ "${tt}" =~ ^-?[0-9]+$ ]];then
local str="Disabling blocking for ${tt} minutes"
echo -e " ${INFO} ${str}..."
local str="Blocking will be re-enabled in ${tt} minutes"
tt=$((${tt}*60))
nohup bash -c "sleep ${tt}; pihole enable" </dev/null &>/dev/null &
else
local error=true
fi
elif [[ -n "${2}" ]]; then
local error=true
else
echo "::: Unknown format for delayed reactivation of the blocking!"
echo "::: Example:"
echo "::: pihole disable 5s - will disable blocking for 5 seconds"
echo "::: pihole disable 7m - will disable blocking for 7 minutes"
echo "::: Blocking will not automatically be re-enabled!"
echo -e " ${INFO} Disabling blocking"
fi
if [[ ${error} == true ]];then
echo -e " ${COL_LIGHT_RED}Unknown format for delayed reactivation of the blocking!${COL_NC}"
echo -e " Try 'pihole disable --help' for more information."
exit 1
fi
local str="Pi-hole Disabled"
fi
else
#Enable pihole
echo "::: Blocking has been enabled!"
# Enable Pi-hole
echo -e " ${INFO} Enabling blocking"
local str="Pi-hole Enabled"
sed -i 's/^#addn-hosts/addn-hosts/' /etc/dnsmasq.d/01-pihole.conf
if [[ -e "/etc/pihole/wildcard.list" ]]; then
mv "/etc/pihole/wildcard.list" "$wildcardlist"
fi
fi
restartDNS
echo -e "${OVER} ${TICK} ${str}"
}
piholeLogging() {
shift
if [[ "${1}" == "-h" ]] || [[ "${1}" == "--help" ]]; then
echo "Usage: pihole logging [options]
Example: 'pihole logging on'
Specify whether the Pi-hole log should be used
if [[ "${1}" == "off" ]] ; then
#Disable Logging
Options:
on Enable the Pi-hole log at /var/log/pihole.log
off Disable the Pi-hole log at /var/log/pihole.log"
exit 0
elif [[ "${1}" == "off" ]]; then
# Disable logging
sed -i 's/^log-queries/#log-queries/' /etc/dnsmasq.d/01-pihole.conf
sed -i 's/^QUERY_LOGGING=true/QUERY_LOGGING=false/' /etc/pihole/setupVars.conf
pihole -f
echo "::: Logging has been disabled!"
elif [[ "${1}" == "on" ]] ; then
#Enable logging
echo -e " ${INFO} Disabling logging..."
local str="Logging has been disabled!"
elif [[ "${1}" == "on" ]]; then
# Enable logging
sed -i 's/^#log-queries/log-queries/' /etc/dnsmasq.d/01-pihole.conf
sed -i 's/^QUERY_LOGGING=false/QUERY_LOGGING=true/' /etc/pihole/setupVars.conf
echo "::: Logging has been enabled!"
echo -e " ${INFO} Enabling logging..."
local str="Logging has been enabled!"
else
echo "::: Invalid option passed, please pass 'on' or 'off'"
echo -e " ${COL_LIGHT_RED}Invalid option${COL_NC}
Try 'pihole logging --help' for more information."
exit 1
fi
restartDNS
echo -e "${OVER} ${TICK} ${str}"
}
piholeStatus() {
if [[ $(netstat -plnt | grep -c ':53 ') > 0 ]]; then
if [[ "${1}" != "web" ]] ; then
echo "::: DNS service is running"
if [[ "$(netstat -plnt | grep -c ':53 ')" -gt "0" ]]; then
if [[ "${1}" != "web" ]]; then
echo -e " ${TICK} DNS service is running"
fi
else
if [[ "${1}" == "web" ]] ; then
if [[ "${1}" == "web" ]]; then
echo "-1";
else
echo "::: DNS service is NOT running"
echo -e " ${CROSS} DNS service is NOT running"
fi
return
fi
if [[ $(grep -i "^#addn-hosts=/" /etc/dnsmasq.d/01-pihole.conf) ]] ; then
#list is commented out
if [[ "${1}" == "web" ]] ; then
if [[ "$(grep -i "^#addn-hosts=/" /etc/dnsmasq.d/01-pihole.conf)" ]]; then
# List is commented out
if [[ "${1}" == "web" ]]; then
echo 0;
else
echo "::: Pi-hole blocking is Disabled";
echo -e " ${CROSS} Pi-hole blocking is Disabled";
fi
elif [[ $(grep -i "^addn-hosts=/" /etc/dnsmasq.d/01-pihole.conf) ]] ; then
#list set
if [[ "${1}" == "web" ]] ; then
elif [[ "$(grep -i "^addn-hosts=/" /etc/dnsmasq.d/01-pihole.conf)" ]]; then
# List set
if [[ "${1}" == "web" ]]; then
echo 1;
else
echo "::: Pi-hole blocking is Enabled";
echo -e " ${TICK} Pi-hole blocking is Enabled";
fi
else
#addn-host not found
if [[ "${1}" == "web" ]] ; then
# Addn-host not found
if [[ "${1}" == "web" ]]; then
echo 99
else
echo "::: No hosts file linked to dnsmasq, adding it in enabled state"
echo -e " ${INFO} No hosts file linked to dnsmasq, adding it in enabled state"
fi
#add addn-host= to dnsmasq
# Add addn-host= to dnsmasq
echo "addn-hosts=/etc/pihole/gravity.list" >> /etc/dnsmasq.d/01-pihole.conf
restartDNS
fi
}
tailFunc() {
echo "Press Ctrl-C to exit"
tail -F /var/log/pihole.log
date=$(date +'%b %d ')
echo -e " ${INFO} Press Ctrl-C to exit"
tail -f /var/log/pihole.log | sed \
-e "s,\(${date}\| dnsmasq\[.*[0-9]]\),,g" \
-e "s,\(.*\(gravity.list\|black.list\| config \).* is \(${IPV4_ADDRESS%/*}\|${IPV6_ADDRESS:-NULL}\).*\),${COL_LIGHT_RED}&${COL_NC}," \
-e "s,.*\(query\[A\|DHCP\).*,${COL_NC}&${COL_NC}," \
-e "s,.*,${COL_DARK_GRAY}&${COL_NC},"
exit 0
}
piholeCheckoutFunc() {
if [[ "$2" == "-h" ]] || [[ "$2" == "--help" ]]; then
echo "Usage: pihole checkout [repo] [branch]
Example: 'pihole checkout master' or 'pihole checkout core dev'
Switch Pi-hole subsystems to a different Github branch
Repositories:
core [branch] Change the branch of Pi-hole's core subsystem
web [branch] Change the branch of Admin Console subsystem
ftl [branch] Change the branch of Pi-hole's FTL subsystem
Branches:
master Update subsystems to the latest stable release
dev Update subsystems to the latest development release"
exit 0
fi
source "${PI_HOLE_SCRIPT_DIR}"/piholeCheckout.sh
shift
checkout "$@"
}
tricorderFunc() {
if [[ ! -p "/dev/stdin" ]]; then
echo -e " ${INFO} Please do not call Tricorder directly"
exit 1
fi
if ! timeout 2 nc -z tricorder.pi-hole.net 9998 &> /dev/null; then
echo -e " ${CROSS} Unable to connect to Pi-hole's Tricorder server"
exit 1
fi
if command -v openssl &> /dev/null; then
openssl s_client -quiet -connect tricorder.pi-hole.net:9998 2> /dev/null < /dev/stdin
exit "$?"
else
echo -e " ${INFO} ${COL_YELLOW}Security Notice${COL_NC}: ${COL_WHITE}openssl${COL_NC} is not installed
Your debug log will be transmitted unencrypted via plain-text
There is a possibility that this could be intercepted by a third party
If you wish to cancel, press Ctrl-C to exit within 10 seconds"
secs="10"
while [[ "$secs" -gt "0" ]]; do
echo -ne "."
sleep 1
: $((secs--))
done
echo " "
nc tricorder.pi-hole.net 9999 < /dev/stdin
exit "$?"
fi
}
helpFunc() {
cat << EOM
::: Control all Pi-hole specific functions
:::
::: Usage: pihole [options]
::: Add -h after -w (whitelist), -b (blacklist), -c (chronometer), or -a (admin) for more information on usage
:::
::: Options:
::: -w, whitelist Whitelist domain(s)
::: -b, blacklist Blacklist domain(s) (exact match)
::: -wild, wildcard Blacklist whole domain(s) (wildcard)
::: -d, debug Start a debugging session
::: Automated debugging can be enabled with '-a'.
::: 'pihole -d -a'
::: -f, flush Flush the 'pihole.log' file
::: -t, tail Output the last lines of the 'pihole.log' file. Lines are appended as the file grows
::: -up, updatePihole Update Pi-hole components
::: -r, reconfigure Reconfigure or Repair Pi-hole
::: -g, updateGravity Update the list of ad-serving domains
::: -c, chronometer Calculates stats and displays to an LCD
::: -h, help Show this help dialog
::: -v, version Show installed versions of Pi-hole and Web-Admin
::: -q, query Query the adlists for a specific domain
::: 'pihole -q domain -exact' shows exact matches only
::: -l, logging Enable or Disable logging (pass 'on' or 'off')
::: -a, admin Admin webpage options
::: uninstall Uninstall Pi-hole from your system! :(
::: status Display if Pi-hole is Enabled or Disabled
::: enable Enable Pi-hole DNS Blocking
::: disable Disable Pi-hole DNS Blocking
::: Blocking can also be disabled only temporarily, e.g.,
::: 'pihole disable 5m' - will disable blocking for 5 minutes
::: restartdns Restart dnsmasq
::: checkout Check out different branches
EOM
echo "Usage: pihole [options]
Example: 'pihole -w -h'
Add '-h' after specific commands for more information on usage
Whitelist/Blacklist Options:
-w, whitelist Whitelist domain(s)
-b, blacklist Blacklist domain(s)
-wild, wildcard Blacklist domain(s), and all its subdomains
Add '-h' for more info on whitelist/blacklist usage
Debugging Options:
-d, debug Start a debugging session
Add '-a' to enable automated debugging
-f, flush Flush the Pi-hole log
-r, reconfigure Reconfigure or Repair Pi-hole subsystems
-t, tail View the live output of the Pi-hole log
Options:
-a, admin Admin Console options
Add '-h' for more info on admin console usage
-c, chronometer Calculates stats and displays to an LCD
Add '-h' for more info on chronometer usage
-g, updateGravity Update the list of ad-serving domains
-h, --help, help Show this help dialog
-l, logging Specify whether the Pi-hole log should be used
Add '-h' for more info on logging usage
-q, query Query the adlists for a specified domain
Add '-h' for more info on query usage
-up, updatePihole Update Pi-hole subsystems
-v, version Show installed versions of Pi-hole, Admin Console & FTL
Add '-h' for more info on version usage
uninstall Uninstall Pi-hole from your system
status Display the running status of Pi-hole subsystems
enable Enable Pi-hole subsystems
disable Disable Pi-hole subsystems
Add '-h' for more info on disable usage
restartdns Restart Pi-hole subsystems
checkout Switch Pi-hole subsystems to a different Github branch
Add '-h' for more info on checkout usage";
exit 0
}
@ -333,7 +639,7 @@ case "${1}" in
"-b" | "blacklist" ) blacklistFunc "$@";;
"-wild" | "wildcard" ) wildcardFunc "$@";;
"-d" | "debug" ) debugFunc "$@";;
"-f" | "flush" ) flushFunc;;
"-f" | "flush" ) flushFunc "$@";;
"-up" | "updatePihole" ) updatePiholeFunc;;
"-r" | "reconfigure" ) reconfigurePiholeFunc;;
"-g" | "updateGravity" ) updateGravityFunc "$@";;
@ -344,11 +650,12 @@ case "${1}" in
"-l" | "logging" ) piholeLogging "$@";;
"uninstall" ) uninstallFunc;;
"enable" ) piholeEnable 1;;
"disable" ) piholeEnable 0 $2;;
"disable" ) piholeEnable 0 "$2";;
"status" ) piholeStatus "$2";;
"restartdns" ) restartDNS;;
"-a" | "admin" ) webpageFunc "$@";;
"-t" | "tail" ) tailFunc;;
"checkout" ) piholeCheckoutFunc "$@";;
"tricorder" ) tricorderFunc;;
* ) helpFunc;;
esac

View file

@ -9,6 +9,10 @@ SETUPVARS = {
'PIHOLE_DNS_2' : '4.2.2.2'
}
tick_box="[\x1b[1;32m\xe2\x9c\x93\x1b[0m]".decode("utf-8")
cross_box="[\x1b[1;31m\xe2\x9c\x97\x1b[0m]".decode("utf-8")
info_box="[i]".decode("utf-8")
def test_setupVars_are_sourced_to_global_scope(Pihole):
''' currently update_dialogs sources setupVars with a dot,
then various other functions use the variables.
@ -55,6 +59,8 @@ def test_setupVars_saved_to_file(Pihole):
TERM=xterm
source /opt/pihole/basic-install.sh
{}
mkdir -p /etc/dnsmasq.d
version_check_dnsmasq
finalExports
cat /etc/pihole/setupVars.conf
'''.format(set_setup_vars))
@ -74,7 +80,7 @@ def test_configureFirewall_firewalld_running_no_errors(Pihole):
source /opt/pihole/basic-install.sh
configureFirewall
''')
expected_stdout = 'Configuring FirewallD for httpd and dnsmasq.'
expected_stdout = 'Configuring FirewallD for httpd and dnsmasq'
assert expected_stdout in configureFirewall.stdout
firewall_calls = Pihole.run('cat /var/log/firewall-cmd').stdout
assert 'firewall-cmd --state' in firewall_calls
@ -89,7 +95,7 @@ def test_configureFirewall_firewalld_disabled_no_errors(Pihole):
source /opt/pihole/basic-install.sh
configureFirewall
''')
expected_stdout = 'No active firewall detected.. skipping firewall configuration.'
expected_stdout = 'No active firewall detected.. skipping firewall configuration'
assert expected_stdout in configureFirewall.stdout
def test_configureFirewall_firewalld_enabled_declined_no_errors(Pihole):
@ -173,8 +179,11 @@ def test_installPiholeWeb_fresh_install_no_errors(Pihole):
source /opt/pihole/basic-install.sh
installPiholeWeb
''')
assert 'Installing pihole custom index page...' in installWeb.stdout
assert info_box + ' Installing blocking page...' in installWeb.stdout
assert tick_box + ' Creating directory for blocking page, and copying files' in installWeb.stdout
assert cross_box + ' Backing up index.lighttpd.html' in installWeb.stdout
assert 'No default index.lighttpd.html file found... not backing up' in installWeb.stdout
assert tick_box + ' Installing sudoer file' in installWeb.stdout
web_directory = Pihole.run('ls -r /var/www/html/pihole').stdout
assert 'index.php' in web_directory
assert 'index.js' in web_directory
@ -187,11 +196,12 @@ def test_installPiholeWeb_empty_directory_no_errors(Pihole):
mkdir -p /var/www/html/pihole
installPiholeWeb
''')
assert 'Installing pihole custom index page...' in installWeb.stdout
assert info_box + ' Installing blocking page...' in installWeb.stdout
assert info_box + ' Installing index.php' in installWeb.stdout
assert info_box + ' Installing index.js' in installWeb.stdout
assert info_box + ' Installing blockingpage.css' in installWeb.stdout
assert 'No default index.lighttpd.html file found... not backing up' not in installWeb.stdout
assert 'index.php missing, replacing...' in installWeb.stdout
assert 'index.js missing, replacing...' in installWeb.stdout
assert 'blockingpage.css missing, replacing...' in installWeb.stdout
assert tick_box + ' Installing sudoer file' in installWeb.stdout
web_directory = Pihole.run('ls -r /var/www/html/pihole').stdout
assert 'index.php' in web_directory
assert 'index.js' in web_directory
@ -205,11 +215,13 @@ def test_installPiholeWeb_index_php_no_errors(Pihole):
touch /var/www/html/pihole/index.php
installPiholeWeb
''')
assert 'Installing pihole custom index page...' in installWeb.stdout
assert info_box + ' Installing blocking page...' in installWeb.stdout
assert info_box + ' Installing index.php' in installWeb.stdout
assert 'detected index.php, not overwriting' in installWeb.stdout
assert info_box + ' Installing index.js' in installWeb.stdout
assert info_box + ' Installing blockingpage.css' in installWeb.stdout
assert 'No default index.lighttpd.html file found... not backing up' not in installWeb.stdout
assert 'Existing index.php detected, not overwriting' in installWeb.stdout
assert 'index.js missing, replacing...' in installWeb.stdout
assert 'blockingpage.css missing, replacing...' in installWeb.stdout
assert tick_box + ' Installing sudoer file' in installWeb.stdout
web_directory = Pihole.run('ls -r /var/www/html/pihole').stdout
assert 'index.php' in web_directory
assert 'index.js' in web_directory
@ -223,11 +235,13 @@ def test_installPiholeWeb_index_js_no_errors(Pihole):
touch /var/www/html/pihole/index.js
installPiholeWeb
''')
assert 'Installing pihole custom index page...' in installWeb.stdout
assert info_box + ' Installing blocking page...' in installWeb.stdout
assert info_box + ' Installing index.php' in installWeb.stdout
assert info_box + ' Installing index.js' in installWeb.stdout
assert 'detected index.js, not overwriting' in installWeb.stdout
assert info_box + ' Installing blockingpage.css' in installWeb.stdout
assert 'No default index.lighttpd.html file found... not backing up' not in installWeb.stdout
assert 'index.php missing, replacing...' in installWeb.stdout
assert 'Existing index.js detected, not overwriting' in installWeb.stdout
assert 'blockingpage.css missing, replacing...' in installWeb.stdout
assert tick_box + ' Installing sudoer file' in installWeb.stdout
web_directory = Pihole.run('ls -r /var/www/html/pihole').stdout
assert 'index.php' in web_directory
assert 'index.js' in web_directory
@ -241,11 +255,13 @@ def test_installPiholeWeb_blockingpage_css_no_errors(Pihole):
touch /var/www/html/pihole/blockingpage.css
installPiholeWeb
''')
assert 'Installing pihole custom index page...' in installWeb.stdout
assert info_box + ' Installing blocking page...' in installWeb.stdout
assert info_box + ' Installing index.php' in installWeb.stdout
assert info_box + ' Installing index.js' in installWeb.stdout
assert info_box + ' Installing blockingpage.css' in installWeb.stdout
assert 'detected blockingpage.css, not overwriting' in installWeb.stdout
assert 'No default index.lighttpd.html file found... not backing up' not in installWeb.stdout
assert 'index.php missing, replacing...' in installWeb.stdout
assert 'index.js missing, replacing...' in installWeb.stdout
assert 'Existing blockingpage.css detected, not overwriting' in installWeb.stdout
assert tick_box + ' Installing sudoer file' in installWeb.stdout
web_directory = Pihole.run('ls -r /var/www/html/pihole').stdout
assert 'index.php' in web_directory
assert 'index.js' in web_directory
@ -261,14 +277,14 @@ def test_installPiholeWeb_already_populated_no_errors(Pihole):
touch /var/www/html/pihole/blockingpage.css
installPiholeWeb
''')
assert 'Installing pihole custom index page...' in installWeb.stdout
assert 'No default index.lighttpd.html file found... not backing up' not in installWeb.stdout
assert 'Existing index.php detected, not overwriting' in installWeb.stdout
assert 'index.php missing, replacing...' not in installWeb.stdout
assert 'Existing index.js detected, not overwriting' in installWeb.stdout
assert 'index.js missing, replacing...' not in installWeb.stdout
assert 'Existing blockingpage.css detected, not overwriting' in installWeb.stdout
assert 'blockingpage.css missing, replacing... ' not in installWeb.stdout
assert info_box + ' Installing blocking page...' in installWeb.stdout
assert info_box + ' Installing index.php' in installWeb.stdout
assert 'detected index.php, not overwriting' in installWeb.stdout
assert info_box + ' Installing index.js' in installWeb.stdout
assert 'detected index.js, not overwriting' in installWeb.stdout
assert info_box + ' Installing blockingpage.css' in installWeb.stdout
assert 'detected blockingpage.css, not overwriting' in installWeb.stdout
assert tick_box + ' Installing sudoer file' in installWeb.stdout
web_directory = Pihole.run('ls -r /var/www/html/pihole').stdout
assert 'index.php' in web_directory
assert 'index.js' in web_directory
@ -281,9 +297,8 @@ def test_update_package_cache_success_no_errors(Pihole):
distro_check
update_package_cache
''')
assert 'Updating local cache of available packages...' in updateCache.stdout
assert 'ERROR' not in updateCache.stdout
assert 'done!' in updateCache.stdout
assert tick_box + ' Update local cache of available packages' in updateCache.stdout
assert 'Error: Unable to update package cache.' not in updateCache.stdout
def test_update_package_cache_failure_no_errors(Pihole):
''' confirms package cache was not updated'''
@ -293,9 +308,8 @@ def test_update_package_cache_failure_no_errors(Pihole):
distro_check
update_package_cache
''')
assert 'Updating local cache of available packages...' in updateCache.stdout
assert 'ERROR' in updateCache.stdout
assert 'done!' not in updateCache.stdout
assert cross_box + ' Update local cache of available packages' in updateCache.stdout
assert 'Error: Unable to update package cache.' in updateCache.stdout
def test_FTL_detect_aarch64_no_errors(Pihole):
''' confirms only aarch64 package is downloaded for FTL engine '''
@ -307,7 +321,11 @@ def test_FTL_detect_aarch64_no_errors(Pihole):
source /opt/pihole/basic-install.sh
FTLdetect
''')
expected_stdout = 'Detected ARM-aarch64 architecture'
expected_stdout = info_box + ' FTL Checks...'
assert expected_stdout in detectPlatform.stdout
expected_stdout = tick_box + ' Detected ARM-aarch64 architecture'
assert expected_stdout in detectPlatform.stdout
expected_stdout = tick_box + ' Downloading and Installing FTL'
assert expected_stdout in detectPlatform.stdout
def test_FTL_detect_armv6l_no_errors(Pihole):
@ -320,7 +338,11 @@ def test_FTL_detect_armv6l_no_errors(Pihole):
source /opt/pihole/basic-install.sh
FTLdetect
''')
expected_stdout = 'Detected ARM-hf architecture (armv6 or lower)'
expected_stdout = info_box + ' FTL Checks...'
assert expected_stdout in detectPlatform.stdout
expected_stdout = tick_box + ' Detected ARM-hf architecture (armv6 or lower)'
assert expected_stdout in detectPlatform.stdout
expected_stdout = tick_box + ' Downloading and Installing FTL'
assert expected_stdout in detectPlatform.stdout
def test_FTL_detect_armv7l_no_errors(Pihole):
@ -333,7 +355,11 @@ def test_FTL_detect_armv7l_no_errors(Pihole):
source /opt/pihole/basic-install.sh
FTLdetect
''')
expected_stdout = 'Detected ARM-hf architecture (armv7+)'
expected_stdout = info_box + ' FTL Checks...'
assert expected_stdout in detectPlatform.stdout
expected_stdout = tick_box + ' Detected ARM-hf architecture (armv7+)'
assert expected_stdout in detectPlatform.stdout
expected_stdout = tick_box + ' Downloading and Installing FTL'
assert expected_stdout in detectPlatform.stdout
def test_FTL_detect_x86_64_no_errors(Pihole):
@ -342,7 +368,11 @@ def test_FTL_detect_x86_64_no_errors(Pihole):
source /opt/pihole/basic-install.sh
FTLdetect
''')
expected_stdout = 'Detected x86_64 architecture'
expected_stdout = info_box + ' FTL Checks...'
assert expected_stdout in detectPlatform.stdout
expected_stdout = tick_box + ' Detected x86_64 architecture'
assert expected_stdout in detectPlatform.stdout
expected_stdout = tick_box + ' Downloading and Installing FTL'
assert expected_stdout in detectPlatform.stdout
def test_FTL_detect_unknown_no_errors(Pihole):
@ -363,9 +393,12 @@ def test_FTL_download_aarch64_no_errors(Pihole):
source /opt/pihole/basic-install.sh
FTLinstall pihole-FTL-aarch64-linux-gnu
''')
expected_stdout = 'done'
expected_stdout = tick_box + ' Downloading and Installing FTL'
assert expected_stdout in download_binary.stdout
assert 'failed' not in download_binary.stdout
error = 'Error: Download of binary from Github failed'
assert error not in download_binary.stdout
error = 'Error: URL not found'
assert error not in download_binary.stdout
def test_FTL_download_unknown_fails_no_errors(Pihole):
''' confirms unknown binary is not downloaded for FTL engine '''
@ -374,9 +407,10 @@ def test_FTL_download_unknown_fails_no_errors(Pihole):
source /opt/pihole/basic-install.sh
FTLinstall pihole-FTL-mips
''')
expected_stdout = 'failed'
expected_stdout = cross_box + ' Downloading and Installing FTL'
assert expected_stdout in download_binary.stdout
assert 'done' not in download_binary.stdout
error = 'Error: URL not found'
assert error in download_binary.stdout
def test_FTL_binary_installed_and_responsive_no_errors(Pihole):
''' confirms FTL binary is copied and functional in installed location '''
@ -402,6 +436,61 @@ def test_FTL_binary_installed_and_responsive_no_errors(Pihole):
# assert '644 /run/pihole-FTL.pid' in support_files.stdout
# assert '644 /var/log/pihole-FTL.log' in support_files.stdout
def test_IPv6_only_link_local(Pihole):
''' confirms IPv6 blocking is disabled for Link-local address '''
# mock ip -6 address to return Link-local address
mock_command_2('ip', {'-6 address':('inet6 fe80::d210:52fa:fe00:7ad7/64 scope link', '0')}, Pihole)
detectPlatform = Pihole.run('''
source /opt/pihole/basic-install.sh
useIPv6dialog
''')
expected_stdout = 'Unable to find IPv6 ULA/GUA address, IPv6 adblocking will not be enabled'
assert expected_stdout in detectPlatform.stdout
def test_IPv6_only_ULA(Pihole):
''' confirms IPv6 blocking is enabled for ULA addresses '''
# mock ip -6 address to return ULA address
mock_command_2('ip', {'-6 address':('inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole)
detectPlatform = Pihole.run('''
source /opt/pihole/basic-install.sh
useIPv6dialog
''')
expected_stdout = 'Found IPv6 ULA address, using it for blocking IPv6 ads'
assert expected_stdout in detectPlatform.stdout
def test_IPv6_only_GUA(Pihole):
''' confirms IPv6 blocking is enabled for GUA addresses '''
# mock ip -6 address to return GUA address
mock_command_2('ip', {'-6 address':('inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole)
detectPlatform = Pihole.run('''
source /opt/pihole/basic-install.sh
useIPv6dialog
''')
expected_stdout = 'Found IPv6 GUA address, using it for blocking IPv6 ads'
assert expected_stdout in detectPlatform.stdout
def test_IPv6_GUA_ULA_test(Pihole):
''' confirms IPv6 blocking is enabled for GUA and ULA addresses '''
# mock ip -6 address to return GUA and ULA addresses
mock_command_2('ip', {'-6 address':('inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global\ninet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole)
detectPlatform = Pihole.run('''
source /opt/pihole/basic-install.sh
useIPv6dialog
''')
expected_stdout = 'Found IPv6 ULA address, using it for blocking IPv6 ads'
assert expected_stdout in detectPlatform.stdout
def test_IPv6_ULA_GUA_test(Pihole):
''' confirms IPv6 blocking is enabled for GUA and ULA addresses '''
# mock ip -6 address to return ULA and GUA addresses
mock_command_2('ip', {'-6 address':('inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global\ninet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole)
detectPlatform = Pihole.run('''
source /opt/pihole/basic-install.sh
useIPv6dialog
''')
expected_stdout = 'Found IPv6 ULA address, using it for blocking IPv6 ads'
assert expected_stdout in detectPlatform.stdout
# Helper functions
def mock_command(script, args, container):
''' Allows for setup of commands we don't really want to have to run for real in unit tests '''
@ -424,6 +513,27 @@ def mock_command(script, args, container):
chmod +x {script}
rm -f /var/log/{scriptlog}'''.format(script=full_script_path, content=mock_script, scriptlog=script))
def mock_command_2(script, args, container):
''' Allows for setup of commands we don't really want to have to run for real in unit tests '''
full_script_path = '/usr/local/bin/{}'.format(script)
mock_script = dedent('''\
#!/bin/bash -e
echo "\$0 \$@" >> /var/log/{script}
case "\$1 \$2" in'''.format(script=script))
for k, v in args.iteritems():
case = dedent('''
\"{arg}\")
echo \"{res}\"
exit {retcode}
;;'''.format(arg=k, res=v[0], retcode=v[1]))
mock_script += case
mock_script += dedent('''
esac''')
container.run('''
cat <<EOF> {script}\n{content}\nEOF
chmod +x {script}
rm -f /var/log/{scriptlog}'''.format(script=full_script_path, content=mock_script, scriptlog=script))
def run_script(Pihole, script):
result = Pihole.run(script)
assert result.rc == 0

View file

@ -7,7 +7,7 @@ run_local = testinfra.get_backend(
def test_scripts_pass_shellcheck():
''' Make sure shellcheck does not find anything wrong with our shell scripts '''
shellcheck = "find . -type f \( -name 'update.sh' -o -name 'piholeDebug.sh' \) | while read file; do shellcheck \"$file\"; done;"
shellcheck = "find . -type f -name 'update.sh' | while read file; do shellcheck -x \"$file\" -e SC1090,SC1091; done;"
results = run_local(shellcheck)
print results.stdout
assert '' == results.stdout