Pi-hole/pi-hole
Pi-hole/pi-hole
1
0
Fork 0
mirror of https://github.com/pi-hole/pi-hole.git synced 2024-12-26 14:50:17 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge branch 'development-v6' into query_list_v6

Browse source
This commit is contained in:
Christian König 2023-10-13 21:49:09 +02:00
commit e374950915
20 changed files with 179 additions and 187 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.github/workflows/codeql-analysis.yml vendored
View file

@ -25,7 +25,7 @@ jobs:
steps: steps:
- -
name: Checkout repository name: Checkout repository
uses: actions/checkout@v3.5.3 uses: actions/checkout@v4.1.0
# Initializes the CodeQL tools for scanning. # Initializes the CodeQL tools for scanning.
- -
name: Initialize CodeQL name: Initialize CodeQL

2
.github/workflows/stale.yml vendored
View file

@ -37,7 +37,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@v3.5.3 uses: actions/checkout@v4.1.0
- name: Remove 'stale' label - name: Remove 'stale' label
run: gh issue edit ${{ github.event.issue.number }} --remove-label $stale_label run: gh issue edit ${{ github.event.issue.number }} --remove-label $stale_label
env: env:

2
.github/workflows/sync-back-to-dev.yml vendored
View file

@ -33,7 +33,7 @@ jobs:
name: Syncing branches name: Syncing branches
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@v3.5.3 uses: actions/checkout@v4.1.0
- name: Opening pull request - name: Opening pull request
run: gh pr create -B development -H master --title 'Sync master back into development' --body 'Created by Github action' --label 'internal' run: gh pr create -B development -H master --title 'Sync master back into development' --body 'Created by Github action' --label 'internal'
env: env:

6
.github/workflows/test.yml vendored
View file

@ -13,7 +13,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Checkout repository - name: Checkout repository
uses: actions/checkout@v3.5.3 uses: actions/checkout@v4.1.0
- name: Check scripts in repository are executable - name: Check scripts in repository are executable
run: | run: |
@ -72,10 +72,10 @@ jobs:
DISTRO: ${{matrix.distro}} DISTRO: ${{matrix.distro}}
steps: steps:
- name: Checkout repository - name: Checkout repository
uses: actions/checkout@v3.5.3 uses: actions/checkout@v4.1.0
- name: Set up Python 3.10 - name: Set up Python 3.10
uses: actions/setup-python@v4.7.0 uses: actions/setup-python@v4.7.1
with: with:
python-version: "3.10" python-version: "3.10"

2
README.md
View file

@ -150,7 +150,7 @@ You can read our [Core Feature Breakdown](https://docs.pi-hole.net/core/pihole-c
### The Web Interface Dashboard ### The Web Interface Dashboard
This [optional dashboard](https://github.com/pi-hole/AdminLTE) allows you to view stats, change settings, and configure your Pi-hole. It's the power of the Command Line Interface, with none of the learning curve! This [optional dashboard](https://github.com/pi-hole/web) allows you to view stats, change settings, and configure your Pi-hole. It's the power of the Command Line Interface, with none of the learning curve!
Some notable features include: Some notable features include:

2
advanced/Scripts/chronometer.sh
View file

@ -225,7 +225,7 @@ get_sys_stats() {
if [[ -n "${ph_ver_raw[0]}" ]]; then if [[ -n "${ph_ver_raw[0]}" ]]; then
ph_core_ver="${ph_ver_raw[0]}" ph_core_ver="${ph_ver_raw[0]}"
if [[ ${#ph_ver_raw[@]} -eq 2 ]]; then if [[ ${#ph_ver_raw[@]} -eq 2 ]]; then
# AdminLTE not installed # web not installed
ph_lte_ver="(not installed)" ph_lte_ver="(not installed)"
ph_ftl_ver="${ph_ver_raw[1]}" ph_ftl_ver="${ph_ver_raw[1]}"
else else

7
advanced/Scripts/database_migration/gravity-db.sh
View file

@ -134,4 +134,11 @@ upgrade_gravityDB(){
pihole-FTL sqlite3 "${database}" < "${scriptPath}/15_to_16.sql" pihole-FTL sqlite3 "${database}" < "${scriptPath}/15_to_16.sql"
version=16 version=16
fi fi
if [[ "$version" == "16" ]]; then
# Add antigravity table
# Add column type to adlist table (to support adlist types)
echo -e " ${INFO} Upgrading gravity database from version 16 to 17"
pihole-FTL sqlite3 "${database}" < "${scriptPath}/16_to_17.sql"
version=17
fi
} }

27
advanced/Scripts/database_migration/gravity/16_to_17.sql Normal file
View file

@ -0,0 +1,27 @@
.timeout 30000
PRAGMA FOREIGN_KEYS=OFF;
BEGIN TRANSACTION;
ALTER TABLE adlist ADD COLUMN type INTEGER NOT NULL DEFAULT 0;
UPDATE adlist SET type = 0;
CREATE VIEW vw_antigravity AS SELECT domain, adlist_by_group.group_id AS group_id
FROM antigravity
LEFT JOIN adlist_by_group ON adlist_by_group.adlist_id = antigravity.adlist_id
LEFT JOIN adlist ON adlist.id = antigravity.adlist_id
LEFT JOIN "group" ON "group".id = adlist_by_group.group_id
WHERE adlist.enabled = 1 AND (adlist_by_group.group_id IS NULL OR "group".enabled = 1) AND adlist.type = 1;
DROP VIEW vw_adlist;
CREATE VIEW vw_adlist AS SELECT DISTINCT address, id, type
FROM adlist
WHERE enabled = 1
ORDER BY id;
UPDATE info SET value = 17 WHERE property = 'version';
COMMIT;

12
advanced/Scripts/piholeDebug.sh
View file

@ -397,7 +397,7 @@ os_check() {
} }
diagnose_operating_system() { diagnose_operating_system() {
# error message in a variable so we can easily modify it later (or re-use it) # error message in a variable so we can easily modify it later (or reuse it)
local error_msg="Distribution unknown -- most likely you are on an unsupported platform and may run into issues." local error_msg="Distribution unknown -- most likely you are on an unsupported platform and may run into issues."
# Display the current test that is running # Display the current test that is running
echo_current_diagnostic "Operating system" echo_current_diagnostic "Operating system"
@ -809,11 +809,15 @@ dig_at() {
local record_type="A" local record_type="A"
fi fi
# Find a random blocked url that has not been whitelisted. # Find a random blocked url that has not been whitelisted and is not ABP style.
# This helps emulate queries to different domains that a user might query # This helps emulate queries to different domains that a user might query
# It will also give extra assurance that Pi-hole is correctly resolving and blocking domains # It will also give extra assurance that Pi-hole is correctly resolving and blocking domains
local random_url local random_url
random_url=$(pihole-FTL sqlite3 "${PIHOLE_GRAVITY_DB_FILE}" "SELECT domain FROM vw_gravity ORDER BY RANDOM() LIMIT 1") random_url=$(pihole-FTL sqlite3 "${PIHOLE_GRAVITY_DB_FILE}" "SELECT domain FROM vw_gravity WHERE domain not like '||%^' ORDER BY RANDOM() LIMIT 1")
# Fallback if no non-ABP style domains were found
if [ -z "${random_url}" ]; then
random_url="flurry.com"
fi
# Next we need to check if Pi-hole can resolve a domain when the query is sent to it's IP address # Next we need to check if Pi-hole can resolve a domain when the query is sent to it's IP address
# This better emulates how clients will interact with Pi-hole as opposed to above where Pi-hole is # This better emulates how clients will interact with Pi-hole as opposed to above where Pi-hole is
@ -1447,7 +1451,7 @@ upload_to_tricorder() {
# If no token was generated # If no token was generated
else else
# Show an error and some help instructions # Show an error and some help instructions
# Skip this if being called from web interface and autmatic mode was not chosen (users opt-out to upload) # Skip this if being called from web interface and automatic mode was not chosen (users opt-out to upload)
if [[ "${WEBCALL}" ]] && [[ ! "${AUTOMATED}" ]]; then if [[ "${WEBCALL}" ]] && [[ ! "${AUTOMATED}" ]]; then
: :
else else

2
advanced/Scripts/update.sh
View file

@ -11,7 +11,7 @@
# Please see LICENSE file for your rights under this license. # Please see LICENSE file for your rights under this license.
# Variables # Variables
readonly ADMIN_INTERFACE_GIT_URL="https://github.com/pi-hole/AdminLTE.git" readonly ADMIN_INTERFACE_GIT_URL="https://github.com/pi-hole/web.git"
readonly ADMIN_INTERFACE_DIR="/var/www/html/admin" readonly ADMIN_INTERFACE_DIR="/var/www/html/admin"
readonly PI_HOLE_GIT_URL="https://github.com/pi-hole/pi-hole.git" readonly PI_HOLE_GIT_URL="https://github.com/pi-hole/pi-hole.git"
readonly PI_HOLE_FILES_DIR="/etc/.pihole" readonly PI_HOLE_FILES_DIR="/etc/.pihole"

4
advanced/Scripts/updatecheck.sh
View file

@ -91,10 +91,10 @@ addOrEditKeyValPair "${VERSION_FILE}" "WEB_BRANCH" "${WEB_BRANCH}"
WEB_HASH="$(get_local_hash /var/www/html/admin)" WEB_HASH="$(get_local_hash /var/www/html/admin)"
addOrEditKeyValPair "${VERSION_FILE}" "WEB_HASH" "${WEB_HASH}" addOrEditKeyValPair "${VERSION_FILE}" "WEB_HASH" "${WEB_HASH}"
GITHUB_WEB_VERSION="$(get_remote_version AdminLTE)" GITHUB_WEB_VERSION="$(get_remote_version web)"
addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_WEB_VERSION" "${GITHUB_WEB_VERSION}" addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_WEB_VERSION" "${GITHUB_WEB_VERSION}"
GITHUB_WEB_HASH="$(get_remote_hash AdminLTE "${WEB_BRANCH}")" GITHUB_WEB_HASH="$(get_remote_hash web "${WEB_BRANCH}")"
addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_WEB_HASH" "${GITHUB_WEB_HASH}" addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_WEB_HASH" "${GITHUB_WEB_HASH}"
# get FTL versions # get FTL versions

16
advanced/Scripts/version.sh
View file

@ -24,7 +24,7 @@ fi
getLocalVersion() { getLocalVersion() {
case ${1} in case ${1} in
"Pi-hole" ) echo "${CORE_VERSION:=N/A}";; "Pi-hole" ) echo "${CORE_VERSION:=N/A}";;
"AdminLTE" ) echo "${WEB_VERSION:=N/A}";; "web" ) echo "${WEB_VERSION:=N/A}";;
"FTL" ) echo "${FTL_VERSION:=N/A}";; "FTL" ) echo "${FTL_VERSION:=N/A}";;
esac esac
} }
@ -32,7 +32,7 @@ getLocalVersion() {
getLocalHash() { getLocalHash() {
case ${1} in case ${1} in
"Pi-hole" ) echo "${CORE_HASH:=N/A}";; "Pi-hole" ) echo "${CORE_HASH:=N/A}";;
"AdminLTE" ) echo "${WEB_HASH:=N/A}";; "web" ) echo "${WEB_HASH:=N/A}";;
"FTL" ) echo "${FTL_HASH:=N/A}";; "FTL" ) echo "${FTL_HASH:=N/A}";;
esac esac
} }
@ -40,7 +40,7 @@ getLocalHash() {
getRemoteHash(){ getRemoteHash(){
case ${1} in case ${1} in
"Pi-hole" ) echo "${GITHUB_CORE_HASH:=N/A}";; "Pi-hole" ) echo "${GITHUB_CORE_HASH:=N/A}";;
"AdminLTE" ) echo "${GITHUB_WEB_HASH:=N/A}";; "web" ) echo "${GITHUB_WEB_HASH:=N/A}";;
"FTL" ) echo "${GITHUB_FTL_HASH:=N/A}";; "FTL" ) echo "${GITHUB_FTL_HASH:=N/A}";;
esac esac
} }
@ -48,7 +48,7 @@ getRemoteHash(){
getRemoteVersion(){ getRemoteVersion(){
case ${1} in case ${1} in
"Pi-hole" ) echo "${GITHUB_CORE_VERSION:=N/A}";; "Pi-hole" ) echo "${GITHUB_CORE_VERSION:=N/A}";;
"AdminLTE" ) echo "${GITHUB_WEB_VERSION:=N/A}";; "web" ) echo "${GITHUB_WEB_VERSION:=N/A}";;
"FTL" ) echo "${GITHUB_FTL_VERSION:=N/A}";; "FTL" ) echo "${GITHUB_FTL_VERSION:=N/A}";;
esac esac
} }
@ -56,7 +56,7 @@ getRemoteVersion(){
getLocalBranch(){ getLocalBranch(){
case ${1} in case ${1} in
"Pi-hole" ) echo "${CORE_BRANCH:=N/A}";; "Pi-hole" ) echo "${CORE_BRANCH:=N/A}";;
"AdminLTE" ) echo "${WEB_BRANCH:=N/A}";; "web" ) echo "${WEB_BRANCH:=N/A}";;
"FTL" ) echo "${FTL_BRANCH:=N/A}";; "FTL" ) echo "${FTL_BRANCH:=N/A}";;
esac esac
} }
@ -107,7 +107,7 @@ errorOutput() {
defaultOutput() { defaultOutput() {
versionOutput "Pi-hole" "$@" versionOutput "Pi-hole" "$@"
versionOutput "AdminLTE" "$@" versionOutput "web" "$@"
versionOutput "FTL" "$@" versionOutput "FTL" "$@"
} }
@ -118,7 +118,7 @@ Show Pi-hole, Admin Console & FTL versions
Repositories: Repositories:
-p, --pihole Only retrieve info regarding Pi-hole repository -p, --pihole Only retrieve info regarding Pi-hole repository
-a, --admin Only retrieve info regarding AdminLTE repository -a, --admin Only retrieve info regarding web repository
-f, --ftl Only retrieve info regarding FTL repository -f, --ftl Only retrieve info regarding FTL repository
Options: Options:
@ -131,7 +131,7 @@ Options:
case "${1}" in case "${1}" in
"-p" | "--pihole" ) shift; versionOutput "Pi-hole" "$@";; "-p" | "--pihole" ) shift; versionOutput "Pi-hole" "$@";;
"-a" | "--admin" ) shift; versionOutput "AdminLTE" "$@";; "-a" | "--admin" ) shift; versionOutput "web" "$@";;
"-f" | "--ftl" ) shift; versionOutput "FTL" "$@";; "-f" | "--ftl" ) shift; versionOutput "FTL" "$@";;
"-h" | "--help" ) helpFunc;; "-h" | "--help" ) helpFunc;;
* ) defaultOutput "$@";; * ) defaultOutput "$@";;

100
advanced/Scripts/webpage.sh
View file

@ -1,100 +0,0 @@
#!/usr/bin/env bash
# shellcheck disable=SC1090
# shellcheck disable=SC2154
# Pi-hole: A black hole for Internet advertisements
# (c) 2017 Pi-hole, LLC (https://pi-hole.net)
# Network-wide ad blocking via your own hardware.
#
# Web interface settings
#
# This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license.
# TODO - this entire file might be able to be removed in v6
readonly dnsmasqconfig="/etc/dnsmasq.d/01-pihole.conf"
readonly dhcpconfig="/etc/dnsmasq.d/02-pihole-dhcp.conf"
readonly FTLconf="/etc/pihole/pihole-FTL.conf"
# 03 -> wildcards
readonly dhcpstaticconfig="/etc/dnsmasq.d/04-pihole-static-dhcp.conf"
readonly dnscustomfile="/etc/pihole/custom.list"
readonly dnscustomcnamefile="/etc/dnsmasq.d/05-pihole-custom-cname.conf"
readonly gravityDBfile="/etc/pihole/gravity.db"
readonly setupVars="/etc/pihole/setupVars.conf"
readonly PI_HOLE_BIN_DIR="/usr/local/bin"
# Root of the web server
readonly webroot="/var/www/html"
# Source utils script
utilsfile="/opt/pihole/utils.sh"
source "${utilsfile}"
coltable="/opt/pihole/COL_TABLE"
if [[ -f ${coltable} ]]; then
source ${coltable}
fi
helpFunc() {
echo "Usage: pihole -a [options]
Example: pihole -a -p password
Set options for the API/Web interface
Options:
-p, password Set API/Web interface password
-h, --help Show this help dialog"
exit 0
}
# TODO: We can probably remove the reliance on this function too, just tell people to pihole-FTL --config webserver.api.password "password"
SetWebPassword() {
if (( ${#args[2]} > 0 )) ; then
readonly PASSWORD="${args[2]}"
readonly CONFIRM="${PASSWORD}"
else
# Prevents a bug if the user presses Ctrl+C and it continues to hide the text typed.
# So we reset the terminal via stty if the user does press Ctrl+C
trap '{ echo -e "\nNot changed" ; stty sane ; exit 1; }' INT
read -s -r -p "Enter New Password (Blank for no password): " PASSWORD
echo ""
if [ "${PASSWORD}" == "" ]; then
setFTLConfigValue "webserver.api.pwhash" "" >/dev/null
echo -e " ${TICK} Password Removed"
exit 0
fi
read -s -r -p "Confirm Password: " CONFIRM
echo ""
fi
if [ "${PASSWORD}" == "${CONFIRM}" ] ; then
# pihole-FTL will automatically hash the password
setFTLConfigValue "webserver.api.password" "${PASSWORD}" >/dev/null
echo -e " ${TICK} New password set"
else
echo -e " ${CROSS} Passwords don't match. Your password has not been changed"
exit 1
fi
}
main() {
args=("$@")
case "${args[1]}" in
"-p" | "password" ) SetWebPassword;;
"-h" | "--help" ) helpFunc;;
* ) helpFunc;;
esac
shift
if [[ $# = 0 ]]; then
helpFunc
fi
}

20
advanced/Templates/gravity.db.sql
View file

@ -36,7 +36,8 @@ CREATE TABLE adlist
number INTEGER NOT NULL DEFAULT 0, number INTEGER NOT NULL DEFAULT 0,
invalid_domains INTEGER NOT NULL DEFAULT 0, invalid_domains INTEGER NOT NULL DEFAULT 0,
status INTEGER NOT NULL DEFAULT 0, status INTEGER NOT NULL DEFAULT 0,
abp_entries INTEGER NOT NULL DEFAULT 0 abp_entries INTEGER NOT NULL DEFAULT 0,
type INTEGER NOT NULL DEFAULT 0
); );
CREATE TABLE adlist_by_group CREATE TABLE adlist_by_group
@ -52,13 +53,19 @@ CREATE TABLE gravity
adlist_id INTEGER NOT NULL REFERENCES adlist (id) adlist_id INTEGER NOT NULL REFERENCES adlist (id)
); );
CREATE TABLE antigravity
(
domain TEXT NOT NULL,
adlist_id INTEGER NOT NULL REFERENCES adlist (id)
);
CREATE TABLE info CREATE TABLE info
( (
property TEXT PRIMARY KEY, property TEXT PRIMARY KEY,
value TEXT NOT NULL value TEXT NOT NULL
); );
INSERT INTO "info" VALUES('version','16'); INSERT INTO "info" VALUES('version','17');
CREATE TABLE domain_audit CREATE TABLE domain_audit
( (
@ -144,7 +151,14 @@ CREATE VIEW vw_gravity AS SELECT domain, adlist_by_group.group_id AS group_id
LEFT JOIN "group" ON "group".id = adlist_by_group.group_id LEFT JOIN "group" ON "group".id = adlist_by_group.group_id
WHERE adlist.enabled = 1 AND (adlist_by_group.group_id IS NULL OR "group".enabled = 1); WHERE adlist.enabled = 1 AND (adlist_by_group.group_id IS NULL OR "group".enabled = 1);
CREATE VIEW vw_adlist AS SELECT DISTINCT address, id CREATE VIEW vw_antigravity AS SELECT domain, adlist_by_group.group_id AS group_id
FROM antigravity
LEFT JOIN adlist_by_group ON adlist_by_group.adlist_id = antigravity.adlist_id
LEFT JOIN adlist ON adlist.id = antigravity.adlist_id
LEFT JOIN "group" ON "group".id = adlist_by_group.group_id
WHERE adlist.enabled = 1 AND (adlist_by_group.group_id IS NULL OR "group".enabled = 1) AND adlist.type = 1;
CREATE VIEW vw_adlist AS SELECT DISTINCT address, id, type
FROM adlist FROM adlist
WHERE enabled = 1 WHERE enabled = 1
ORDER BY id; ORDER BY id;

28
advanced/Templates/pihole-FTL-prestart.sh
View file

@ -9,22 +9,26 @@ utilsfile="${PI_HOLE_SCRIPT_DIR}/utils.sh"
# Get file paths # Get file paths
FTL_PID_FILE="$(getFTLPIDFile)" FTL_PID_FILE="$(getFTLPIDFile)"
# Touch files to ensure they exist (create if non-existing, preserve if existing) # Ensure that permissions are set so that pihole-FTL can edit all necessary files
# shellcheck disable=SC2174 # shellcheck disable=SC2174
mkdir -pm 0755 /run/pihole /var/log/pihole mkdir -pm 0640 /var/log/pihole
chown -R pihole:pihole /etc/pihole /var/log/pihole
chmod -R 0640 /var/log/pihole
chmod -R 0660 /etc/pihole
# allow all users to enter the directories
chmod 0755 /etc/pihole /var/log/pihole
# allow pihole to access subdirs in /etc/pihole (sets execution bit on dirs)
# credits https://stackoverflow.com/a/11512211
find /etc/pihole -type d -exec chmod 0755 {} \;
# Touch files to ensure they exist (create if non-existing, preserve if existing)
[ -f "${FTL_PID_FILE}" ] || install -D -m 644 -o pihole -g pihole /dev/null "${FTL_PID_FILE}" [ -f "${FTL_PID_FILE}" ] || install -D -m 644 -o pihole -g pihole /dev/null "${FTL_PID_FILE}"
[ -f /var/log/pihole/FTL.log ] || install -m 644 -o pihole -g pihole /dev/null /var/log/pihole/FTL.log [ -f /var/log/pihole/FTL.log ] || install -m 640 -o pihole -g pihole /dev/null /var/log/pihole/FTL.log
[ -f /var/log/pihole/pihole.log ] || install -m 640 -o pihole -g pihole /dev/null /var/log/pihole/pihole.log [ -f /var/log/pihole/pihole.log ] || install -m 640 -o pihole -g pihole /dev/null /var/log/pihole/pihole.log
[ -f /etc/pihole/dhcp.leases ] || install -m 644 -o pihole -g pihole /dev/null /etc/pihole/dhcp.leases [ -f /etc/pihole/dhcp.leases ] || install -m 644 -o pihole -g pihole /dev/null /etc/pihole/dhcp.leases
# Ensure that permissions are set so that pihole-FTL can edit all necessary files
chown pihole:pihole /run/pihole /etc/pihole /var/log/pihole /var/log/pihole/FTL.log /var/log/pihole/pihole.log /etc/pihole/dhcp.leases
# Ensure that permissions are set so that pihole-FTL can edit the files. We ignore errors as the file may not (yet) exist
chmod -f 0644 /etc/pihole/macvendor.db /etc/pihole/dhcp.leases /var/log/pihole/FTL.log
chmod -f 0640 /var/log/pihole/pihole.log
# Chown database files to the user FTL runs as. We ignore errors as the files may not (yet) exist
chown -f pihole:pihole /etc/pihole/pihole-FTL.db /etc/pihole/gravity.db /etc/pihole/macvendor.db
# Chmod database file permissions so that the pihole group (web interface) can edit the file. We ignore errors as the files may not (yet) exist
chmod -f 0664 /etc/pihole/pihole-FTL.db
# Backward compatibility for user-scripts that still expect log files in /var/log instead of /var/log/pihole # Backward compatibility for user-scripts that still expect log files in /var/log instead of /var/log/pihole
# Should be removed with Pi-hole v6.0 # Should be removed with Pi-hole v6.0

8
automated install/basic-install.sh
View file

@ -64,11 +64,11 @@ webroot="/var/www/html"
# We clone (or update) two git repositories during the install. This helps to make sure that we always have the latest versions of the relevant files. # We clone (or update) two git repositories during the install. This helps to make sure that we always have the latest versions of the relevant files.
# AdminLTE is used to set up the Web admin interface. # web is used to set up the Web admin interface.
# Pi-hole contains various setup scripts and files which are critical to the installation. # Pi-hole contains various setup scripts and files which are critical to the installation.
# Search for "PI_HOLE_LOCAL_REPO" in this file to see all such scripts. # Search for "PI_HOLE_LOCAL_REPO" in this file to see all such scripts.
# Two notable scripts are gravity.sh (used to generate the HOSTS file) and advanced/Scripts/webpage.sh (used to install the Web admin interface) # Two notable scripts are gravity.sh (used to generate the HOSTS file) and advanced/Scripts/webpage.sh (used to install the Web admin interface)
webInterfaceGitUrl="https://github.com/pi-hole/AdminLTE.git" webInterfaceGitUrl="https://github.com/pi-hole/web.git"
webInterfaceDir="${webroot}/admin" webInterfaceDir="${webroot}/admin"
piholeGitUrl="https://github.com/pi-hole/pi-hole.git" piholeGitUrl="https://github.com/pi-hole/pi-hole.git"
PI_HOLE_LOCAL_REPO="/etc/.pihole" PI_HOLE_LOCAL_REPO="/etc/.pihole"
@ -1094,7 +1094,7 @@ installConfigs() {
# Install empty custom.list file if it does not exist # Install empty custom.list file if it does not exist
if [[ ! -r "${PI_HOLE_CONFIG_DIR}/custom.list" ]]; then if [[ ! -r "${PI_HOLE_CONFIG_DIR}/custom.list" ]]; then
if ! install -o root -m 644 /dev/null "${PI_HOLE_CONFIG_DIR}/custom.list" &>/dev/null; then if ! install -o pihole -g pihole -m 660 /dev/null "${PI_HOLE_CONFIG_DIR}/custom.list" &>/dev/null; then
printf " %b Error: Unable to initialize configuration file %s/custom.list\\n" "${COL_LIGHT_RED}" "${PI_HOLE_CONFIG_DIR}" printf " %b Error: Unable to initialize configuration file %s/custom.list\\n" "${COL_LIGHT_RED}" "${PI_HOLE_CONFIG_DIR}"
return 1 return 1
fi fi
@ -2203,7 +2203,7 @@ main() {
# Check for and disable systemd-resolved-DNSStubListener before reloading resolved # Check for and disable systemd-resolved-DNSStubListener before reloading resolved
# DNSStubListener needs to remain in place for installer to download needed files, # DNSStubListener needs to remain in place for installer to download needed files,
# so this change needs to be made after installation is complete, # so this change needs to be made after installation is complete,
# but before starting or resarting the ftl service # but before starting or restarting the ftl service
disable_resolved_stublistener disable_resolved_stublistener
printf " %b Restarting services...\\n" "${INFO}" printf " %b Restarting services...\\n" "${INFO}"

37
gravity.sh
View file

@ -178,7 +178,7 @@ database_table_from_file() {
echo "${rowid},\"${domain}\",${timestamp}" >> "${tmpFile}" echo "${rowid},\"${domain}\",${timestamp}" >> "${tmpFile}"
elif [[ "${table}" == "adlist" ]]; then elif [[ "${table}" == "adlist" ]]; then
# Adlist table format # Adlist table format
echo "${rowid},\"${domain}\",1,${timestamp},${timestamp},\"Migrated from ${src}\",,0,0,0,0" >> "${tmpFile}" echo "${rowid},\"${domain}\",1,${timestamp},${timestamp},\"Migrated from ${src}\",,0,0,0,0,0" >> "${tmpFile}"
else else
# White-, black-, and regexlist table format # White-, black-, and regexlist table format
echo "${rowid},${list_type},\"${domain}\",1,${timestamp},${timestamp},\"Migrated from ${src}\"" >> "${tmpFile}" echo "${rowid},${list_type},\"${domain}\",1,${timestamp},${timestamp},\"Migrated from ${src}\"" >> "${tmpFile}"
@ -361,6 +361,7 @@ gravity_DownloadBlocklists() {
# We source only enabled adlists, SQLite3 stores boolean values as 0 (false) or 1 (true) # We source only enabled adlists, SQLite3 stores boolean values as 0 (false) or 1 (true)
mapfile -t sources <<< "$(pihole-FTL sqlite3 "${gravityDBfile}" "SELECT address FROM vw_adlist;" 2> /dev/null)" mapfile -t sources <<< "$(pihole-FTL sqlite3 "${gravityDBfile}" "SELECT address FROM vw_adlist;" 2> /dev/null)"
mapfile -t sourceIDs <<< "$(pihole-FTL sqlite3 "${gravityDBfile}" "SELECT id FROM vw_adlist;" 2> /dev/null)" mapfile -t sourceIDs <<< "$(pihole-FTL sqlite3 "${gravityDBfile}" "SELECT id FROM vw_adlist;" 2> /dev/null)"
mapfile -t sourceTypes <<< "$(pihole-FTL sqlite3 "${gravityDBfile}" "SELECT type FROM vw_adlist;" 2> /dev/null)"
# Parse source domains from $sources # Parse source domains from $sources
mapfile -t sourceDomains <<< "$( mapfile -t sourceDomains <<< "$(
@ -382,7 +383,7 @@ gravity_DownloadBlocklists() {
unset sources unset sources
fi fi
local url domain agent str target compression local url domain str target compression adlist_type
echo "" echo ""
# Prepare new gravity database # Prepare new gravity database
@ -433,14 +434,20 @@ gravity_DownloadBlocklists() {
url="${sources[$i]}" url="${sources[$i]}"
domain="${sourceDomains[$i]}" domain="${sourceDomains[$i]}"
id="${sourceIDs[$i]}" id="${sourceIDs[$i]}"
if [[ "${sourceTypes[$i]}" -eq "0" ]]; then
# Gravity list
str="blocklist"
adlist_type="gravity"
else
# AntiGravity list
str="allowlist"
adlist_type="antigravity"
fi
# Save the file as list.#.domain # Save the file as list.#.domain
saveLocation="${piholeDir}/list.${id}.${domain}.${domainsExtension}" saveLocation="${piholeDir}/list.${id}.${domain}.${domainsExtension}"
activeDomains[$i]="${saveLocation}" activeDomains[$i]="${saveLocation}"
# Default user-agent (for Cloudflare's Browser Integrity Check: https://support.cloudflare.com/hc/en-us/articles/200170086-What-does-the-Browser-Integrity-Check-do-)
agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36"
echo -e " ${INFO} Target: ${url}" echo -e " ${INFO} Target: ${url}"
local regex check_url local regex check_url
# Check for characters NOT allowed in URLs # Check for characters NOT allowed in URLs
@ -453,7 +460,7 @@ gravity_DownloadBlocklists() {
if [[ "${check_url}" =~ ${regex} ]]; then if [[ "${check_url}" =~ ${regex} ]]; then
echo -e " ${CROSS} Invalid Target" echo -e " ${CROSS} Invalid Target"
else else
gravity_DownloadBlocklistFromUrl "${url}" "${agent}" "${sourceIDs[$i]}" "${saveLocation}" "${target}" "${compression}" gravity_DownloadBlocklistFromUrl "${url}" "${sourceIDs[$i]}" "${saveLocation}" "${target}" "${compression}" "${adlist_type}"
fi fi
echo "" echo ""
done done
@ -485,7 +492,7 @@ compareLists() {
# Download specified URL and perform checks on HTTP status and file content # Download specified URL and perform checks on HTTP status and file content
gravity_DownloadBlocklistFromUrl() { gravity_DownloadBlocklistFromUrl() {
local url="${1}" agent="${2}" adlistID="${3}" saveLocation="${4}" target="${5}" compression="${6}" local url="${1}" adlistID="${2}" saveLocation="${3}" target="${4}" compression="${5}" gravity_type="${6}"
local heisenbergCompensator="" listCurlBuffer str httpCode success="" ip cmd_ext local heisenbergCompensator="" listCurlBuffer str httpCode success="" ip cmd_ext
# Create temp file to store content on disk instead of RAM # Create temp file to store content on disk instead of RAM
@ -545,7 +552,7 @@ gravity_DownloadBlocklistFromUrl() {
fi fi
# shellcheck disable=SC2086 # shellcheck disable=SC2086
httpCode=$(curl --connect-timeout ${curl_connect_timeout} -s -L ${compression} ${cmd_ext} ${heisenbergCompensator} -w "%{http_code}" -A "${agent}" "${url}" -o "${listCurlBuffer}" 2> /dev/null) httpCode=$(curl --connect-timeout ${curl_connect_timeout} -s -L ${compression} ${cmd_ext} ${heisenbergCompensator} -w "%{http_code}" "${url}" -o "${listCurlBuffer}" 2> /dev/null)
case $url in case $url in
# Did we "download" a local file? # Did we "download" a local file?
@ -579,7 +586,7 @@ gravity_DownloadBlocklistFromUrl() {
if [[ "${success}" == true ]]; then if [[ "${success}" == true ]]; then
if [[ "${httpCode}" == "304" ]]; then if [[ "${httpCode}" == "304" ]]; then
# Add domains to database table file # Add domains to database table file
pihole-FTL gravity parseList "${saveLocation}" "${gravityTEMPfile}" "${adlistID}" pihole-FTL ${gravity_type} parseList "${saveLocation}" "${gravityTEMPfile}" "${adlistID}"
database_adlist_status "${adlistID}" "2" database_adlist_status "${adlistID}" "2"
done="true" done="true"
# Check if $listCurlBuffer is a non-zero length file # Check if $listCurlBuffer is a non-zero length file
@ -589,7 +596,7 @@ gravity_DownloadBlocklistFromUrl() {
# Remove curl buffer file after its use # Remove curl buffer file after its use
rm "${listCurlBuffer}" rm "${listCurlBuffer}"
# Add domains to database table file # Add domains to database table file
pihole-FTL gravity parseList "${saveLocation}" "${gravityTEMPfile}" "${adlistID}" pihole-FTL ${gravity_type} parseList "${saveLocation}" "${gravityTEMPfile}" "${adlistID}"
# Compare lists, are they identical? # Compare lists, are they identical?
compareLists "${adlistID}" "${saveLocation}" compareLists "${adlistID}" "${saveLocation}"
done="true" done="true"
@ -605,7 +612,7 @@ gravity_DownloadBlocklistFromUrl() {
if [[ -r "${saveLocation}" ]]; then if [[ -r "${saveLocation}" ]]; then
echo -e " ${CROSS} List download failed: ${COL_LIGHT_GREEN}using previously cached list${COL_NC}" echo -e " ${CROSS} List download failed: ${COL_LIGHT_GREEN}using previously cached list${COL_NC}"
# Add domains to database table file # Add domains to database table file
pihole-FTL gravity parseList "${saveLocation}" "${gravityTEMPfile}" "${adlistID}" pihole-FTL ${gravity_type} parseList "${saveLocation}" "${gravityTEMPfile}" "${adlistID}"
database_adlist_status "${adlistID}" "3" database_adlist_status "${adlistID}" "3"
else else
echo -e " ${CROSS} List download failed: ${COL_LIGHT_RED}no cached list available${COL_NC}" echo -e " ${CROSS} List download failed: ${COL_LIGHT_RED}no cached list available${COL_NC}"
@ -668,10 +675,10 @@ gravity_ShowCount() {
# Here we use the table "gravity" instead of the view "vw_gravity" for speed. # Here we use the table "gravity" instead of the view "vw_gravity" for speed.
# It's safe to replace it here, because right after a gravity run both will show the exactly same number of domains. # It's safe to replace it here, because right after a gravity run both will show the exactly same number of domains.
gravity_Table_Count "gravity" "gravity domains" "" gravity_Table_Count "gravity" "gravity domains" ""
gravity_Table_Count "vw_blacklist" "exact blacklisted domains" gravity_Table_Count "vw_blacklist" "exact denied domains"
gravity_Table_Count "vw_regex_blacklist" "regex blacklist filters" gravity_Table_Count "vw_regex_blacklist" "regex denied filters"
gravity_Table_Count "vw_whitelist" "exact whitelisted domains" gravity_Table_Count "vw_whitelist" "exact allowed domains"
gravity_Table_Count "vw_regex_whitelist" "regex whitelist filters" gravity_Table_Count "vw_regex_whitelist" "regex allowed filters"
} }
# Create "localhost" entries into hosts format # Create "localhost" entries into hosts format

4
manpages/pihole.8
View file

@ -212,7 +212,7 @@ Available commands and options:
.br .br
-p, --pihole Only retrieve info regarding Pi-hole repository -p, --pihole Only retrieve info regarding Pi-hole repository
.br .br
-a, --admin Only retrieve info regarding AdminLTE -a, --admin Only retrieve info regarding web
repository repository
.br .br
-f, --ftl Only retrieve info regarding FTL repository -f, --ftl Only retrieve info regarding FTL repository
@ -339,7 +339,7 @@ Displaying version information
\fBpihole -v -a -c\fR \fBpihole -v -a -c\fR
.br .br
Display the current version of AdminLTE Display the current version of web
.br .br
Temporarily disabling Pi-hole Temporarily disabling Pi-hole

79
pihole
View file

@ -30,10 +30,36 @@ if [ -f "${versionsfile}" ]; then
source "${versionsfile}" source "${versionsfile}"
fi fi
webpageFunc() { # TODO: We can probably remove the reliance on this function too, just tell people to pihole-FTL --config webserver.api.password "password"
source "${PI_HOLE_SCRIPT_DIR}/webpage.sh" SetWebPassword() {
main "$@" if [ -n "$2" ] ; then
exit 0 readonly PASSWORD="$2"
readonly CONFIRM="${PASSWORD}"
else
# Prevents a bug if the user presses Ctrl+C and it continues to hide the text typed.
# So we reset the terminal via stty if the user does press Ctrl+C
trap '{ echo -e "\nNot changed" ; stty sane ; exit 1; }' INT
read -s -r -p "Enter New Password (Blank for no password): " PASSWORD
echo ""
if [ "${PASSWORD}" == "" ]; then
setFTLConfigValue "webserver.api.pwhash" "" >/dev/null
echo -e " ${TICK} Password Removed"
exit 0
fi
read -s -r -p "Confirm Password: " CONFIRM
echo ""
fi
if [ "${PASSWORD}" == "${CONFIRM}" ] ; then
# pihole-FTL will automatically hash the password
setFTLConfigValue "webserver.api.password" "${PASSWORD}" >/dev/null
echo -e " ${TICK} New password set"
else
echo -e " ${CROSS} Passwords don't match. Your password has not been changed"
exit 1
fi
} }
listFunc() { listFunc() {
@ -387,26 +413,30 @@ tailFunc() {
} }
piholeCheckoutFunc() { piholeCheckoutFunc() {
if [[ "$2" == "-h" ]] || [[ "$2" == "--help" ]]; then if [ -n "${DOCKER_VERSION}" ]; then
echo "Usage: pihole checkout [repo] [branch] unsupportedFunc
Example: 'pihole checkout master' or 'pihole checkout core dev' else
Switch Pi-hole subsystems to a different GitHub branch if [[ "$2" == "-h" ]] || [[ "$2" == "--help" ]]; then
echo "Usage: pihole checkout [repo] [branch]
Example: 'pihole checkout master' or 'pihole checkout core dev'
Switch Pi-hole subsystems to a different GitHub branch
Repositories: Repositories:
core [branch] Change the branch of Pi-hole's core subsystem core [branch] Change the branch of Pi-hole's core subsystem
web [branch] Change the branch of Web Interface subsystem web [branch] Change the branch of Web Interface subsystem
ftl [branch] Change the branch of Pi-hole's FTL subsystem ftl [branch] Change the branch of Pi-hole's FTL subsystem
Branches: Branches:
master Update subsystems to the latest stable release master Update subsystems to the latest stable release
dev Update subsystems to the latest development release dev Update subsystems to the latest development release
branchname Update subsystems to the specified branchname" branchname Update subsystems to the specified branchname"
exit 0 exit 0
fi
source "${PI_HOLE_SCRIPT_DIR}"/piholeCheckout.sh
shift
checkout "$@"
fi fi
source "${PI_HOLE_SCRIPT_DIR}"/piholeCheckout.sh
shift
checkout "$@"
} }
tricorderFunc() { tricorderFunc() {
@ -466,8 +496,7 @@ Debugging Options:
Options: Options:
-a, admin Web interface options setpassword set the password for the web interface
Add '-h' for more info on Web Interface usage
-c, chronometer Calculates stats and displays to an LCD -c, chronometer Calculates stats and displays to an LCD
Add '-h' for more info on chronometer usage Add '-h' for more info on chronometer usage
-g, updateGravity Update the list of ad-serving domains -g, updateGravity Update the list of ad-serving domains
@ -526,7 +555,7 @@ case "${1}" in
"restartdns" ) ;; "restartdns" ) ;;
"-g" | "updateGravity" ) need_root=0;; "-g" | "updateGravity" ) need_root=0;;
"reloaddns" ) need_root=0;; "reloaddns" ) need_root=0;;
"-a" | "admin" ) ;; "setpassword" ) ;;
"checkout" ) ;; "checkout" ) ;;
"updatechecker" ) ;; "updatechecker" ) ;;
"arpflush" ) ;; "arpflush" ) ;;
@ -581,7 +610,7 @@ case "${1}" in
"disable" ) piholeEnable 0 "$2";; "disable" ) piholeEnable 0 "$2";;
"restartdns" ) restartDNS "$2";; "restartdns" ) restartDNS "$2";;
"reloaddns" ) restartDNS "reload";; "reloaddns" ) restartDNS "reload";;
"-a" | "admin" ) webpageFunc "$@";; "setpassword" ) SetWebPassword "$@";;
"checkout" ) piholeCheckoutFunc "$@";; "checkout" ) piholeCheckoutFunc "$@";;
"updatechecker" ) shift; updateCheckFunc "$@";; "updatechecker" ) shift; updateCheckFunc "$@";;
"arpflush" ) arpFunc "$@";; "arpflush" ) arpFunc "$@";;

6
test/requirements.txt
View file

@ -1,6 +1,6 @@
pyyaml == 6.0.1 pyyaml == 6.0.1
pytest == 7.4.0 pytest == 7.4.2
pytest-xdist == 3.3.1 pytest-xdist == 3.3.1
pytest-testinfra == 8.1.0 pytest-testinfra == 9.0.0
tox == 4.6.4 tox == 4.11.3