From ff6df76e3612483c693bbc6b2b2d1bd663cb75e4 Mon Sep 17 00:00:00 2001 From: gedetil Date: Tue, 11 Apr 2017 12:04:44 -0500 Subject: [PATCH 0001/1602] Update webpage.sh Implement "Halt system" button, next to "Restart system" button, on admin/settings page. Useful for doing clean shutdown before powering off. (This affects 4 files, 3 for the web content, 1 for backend script.) Gilbert Detillieux 2017-04-11 --- advanced/Scripts/webpage.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index 7804fc8f..4247ee54 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -211,6 +211,10 @@ SetExcludeClients(){ } +Halt(){ + nohup bash -c "sleep 5; halt" &> /dev/null /dev/null Date: Tue, 2 May 2017 17:05:24 +1000 Subject: [PATCH 0002/1602] Update blockingpage.css * Block page UI overhaul to replicate the style of the Admin Console * Block page UI is now mobile friendly * Users can safely customise text in order to make the block page more friendly for their household --- advanced/blockingpage.css | 470 +++++++++++++++++++++++++++++--------- 1 file changed, 358 insertions(+), 112 deletions(-) diff --git a/advanced/blockingpage.css b/advanced/blockingpage.css index 7e11dbd0..a176e84c 100644 --- a/advanced/blockingpage.css +++ b/advanced/blockingpage.css @@ -1,136 +1,382 @@ -/* CSS Reset */ -html, body, div, span, applet, object, iframe, h1, h2, h3, h4, h5, h6, p, blockquote, pre, a, abbr, acronym, address, big, cite, code, del, dfn, em, img, ins, kbd, q, s, samp, small, strike, strong, sub, sup, tt, var, b, u, i, center, dl, dt, dd, ol, ul, li, fieldset, form, label, legend, table, caption, tbody, tfoot, thead, tr, th, td, article, aside, canvas, details, embed, figure, figcaption, footer, header, hgroup, menu, nav, output, ruby, section, summary, time, mark, audio, video { margin: 0; padding: 0; border: 0; font-size: 100%; font: inherit; vertical-align: baseline; } -article, aside, details, figcaption, figure, footer, header, hgroup, menu, nav, section { display: block; } -body { line-height: 1; } -ol, ul { list-style: none; } -blockquote, q { quotes: none; } -blockquote:before, blockquote:after, q:before, q:after { content: ''; content: none; } -table { border-collapse: collapse; border-spacing: 0; } -html { height: 100%; overflow-x: hidden; } +/* Pi-hole: A black hole for Internet advertisements +* (c) 2017 Pi-hole, LLC (https://pi-hole.net) +* Network-wide ad blocking via your own hardware. +* +* This file is copyright under the latest version of the EUPL. +* Please see LICENSE file for your rights under this license. */ -/* General Style */ -a { color: rgba(0,60,120,0.95); text-decoration: none; } /* 1E3C5A */ -a:hover { color: rgba(210,120,0,0.95); transition-duration: .2s; } /* 255, 128, 0 */ -divs a { border-bottom: 1px dashed rgba(30,60,90,0.3); } -b { font-weight: bold; } -i { font-style: italic; } +/* Text Customisation Options ======> */ +.title:before { content: "Website Blocked"; } +.altBtn:before { content: "Why am I here?"; } +.linkPH:before { content: "About Pi-hole"; } +.linkEmail:before { content: "Contact Admin"; } -footer, pre, td { font-family: monospace; padding-left: 15px; } -/*body, header { background: #E1E1E1; }*/ +.add:before { content: "Info"; } +.add:after { content: "The domain is being whitelisted..."; } +.error:before, .unhandled:before { content: "Error"; } +.unhandled:after { content: "An unhandled exception occured. This may happen when your browser is unable to load jQuery, or when the webserver is denying access to the Pi-hole API."; } +.success:before { content: "Success"; } +.success:after { content: "Website has been whitelisted! You may need to flush your DNS cache"; } + +.recentwl:before { content: "This site appears to have been recently whitelisted. Please flush your DNS cache and/or restart your browser."; } +.cname:before { content: "This site is an alias for "; } /* cname.com */ +.cname:after { content: ", which may be blocked by Pi-hole."; } + +.blacklist:before { content: "Manually Blacklisted"; } +.wildcard:before { content: "Manually Blacklisted by Wildcard"; } +.noblock:before { content: "Not found on any Blacklist"; } + +#bpBlock:before { content: "Access to the following website has been denied:"; } +#bpFlag:before { content: "This is primarily due to being flagged as:"; } + +#bpHelpTxt:before { content: "If you have an ongoing use for this website, please "; } +#bpHelpTxt a:before, #bpHelpTxt span:before { content: "ask the administrator"; } +#bpHelpTxt:after{ content: " of the Pi-hole on this network to have it whitelisted"; } + +#bpBack:before { content: "Back to safety"; } +#bpInfo:before { content: "Technical Info"; } +#bpFoundIn:before { content: "This site is found in "; } +#bpFoundIn span:after { content: " of "; } +#bpFoundIn:after { content: " lists:"; } +#bpWhitelist:before { content: "Whitelist"; } + +footer span:before { content: "Page generated on "; } + +/* Hide whitelisting form entirely */ +/* #bpWLButtons { display: none; } */ +/* Text Customisation Options <=============================== */ + +/* http://necolas.github.io/normalize.css ======> */ +html { font-family: sans-serif; line-height: 1.15; -ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%; } +body { margin: 0; } +article, aside, footer, header, nav, section { display: block; } +h1 { font-size: 2em; margin: 0.67em 0; } +figcaption, figure, main { display: block; } +figure { margin: 1em 40px; } +hr { box-sizing: content-box; height: 0; overflow: visible; } +pre { font-family: monospace, monospace; font-size: 1em; } +a { background-color: transparent; -webkit-text-decoration-skip: objects; } +a:active, a:hover { outline-width: 0; } +abbr[title] { border-bottom: none; text-decoration: underline; text-decoration: underline dotted; } +b, strong { font-weight: inherit; } +b, strong { font-weight: bolder; } +code, kbd, samp { font-family: monospace, monospace; font-size: 1em; } +dfn { font-style: italic; } +mark { background-color: #ff0; color: #000; } +small { font-size: 80%; } +sub, sup { font-size: 75%; line-height: 0; position: relative; vertical-align: baseline; } +sub { bottom: -0.25em; } +sup { top: -0.5em; } +audio, video { display: inline-block; } +audio:not([controls]) { display: none; height: 0; } +img { border-style: none; } +svg:not(:root) { overflow: hidden; } +button, input, optgroup, select, textarea { font-family: sans-serif; font-size: 100%; line-height: 1.15; margin: 0; } +button, input { overflow: visible; } +button, select { text-transform: none; } +button, html [type="button"], [type="reset"], [type="submit"] { -webkit-appearance: button; } +button::-moz-focus-inner, [type="button"]::-moz-focus-inner, [type="reset"]::-moz-focus-inner, [type="submit"]::-moz-focus-inner { border-style: none; padding: 0; } +button:-moz-focusring, [type="button"]:-moz-focusring, [type="reset"]:-moz-focusring, [type="submit"]:-moz-focusring { outline: 1px dotted ButtonText; } +fieldset { border: 1px solid #c0c0c0; margin: 0 2px; padding: 0.35em 0.625em 0.75em; } +legend { box-sizing: border-box; color: inherit; display: table; max-width: 100%; padding: 0; white-space: normal; } +progress { display: inline-block; vertical-align: baseline; } +textarea { overflow: auto; } +[type="checkbox"], [type="radio"] { box-sizing: border-box; padding: 0; } +[type="number"]::-webkit-inner-spin-button, [type="number"]::-webkit-outer-spin-button { height: auto; } +[type="search"] { -webkit-appearance: textfield; outline-offset: -2px; } +[type="search"]::-webkit-search-cancel-button, [type="search"]::-webkit-search-decoration { -webkit-appearance: none; } +::-webkit-file-upload-button { -webkit-appearance: button; font: inherit; } +details, menu { display: block; } +summary { display: list-item; } +canvas { display: inline-block; } +template { display: none; } +[hidden] { display: none; } +/* Normalize.css <=============================== */ + +html { font-size: 62.5%; } + +a { color: #3c8dbc; text-decoration: none; } +a:hover { color: #72afda; text-decoration: underline; } +b { color: rgb(68,68,68); } +p { margin: 0; } + +label, .buttons a { + cursor: pointer; + -webkit-user-select: none; + -moz-user-select: none; + -ms-user-select: none; + user-select: none; +} + +/* Touch device dark tap highlight */ +header h1 a, label, .buttons * { -webkit-tap-highlight-color: transparent; } + +/* Webkit Focus Glow */ +textarea, input, button { outline: none; } + +@font-face { + font-family: "Source Sans Pro"; + font-style: normal; + font-weight: 400; + src: local("Source Sans Pro"), local("SourceSansPro-Regular"), url("/admin/style/vendor/SourceSansPro/SourceSansPro-Regular.ttf") format("truetype"); +} + +@font-face { + font-family: "Source Sans Pro"; + font-style: normal; + font-weight: 700; + src: local("Source Sans Pro Bold"), local("SourceSansPro-Bold"), url("/admin/style/vendor/SourceSansPro/SourceSansPro-Bold.ttf") format("truetype"); +} body { - background-image: -webkit-linear-gradient(top, rgba(240,240,240,0.95), rgba(190,190,190,0.95)); - background-image: linear-gradient(to bottom, rgba(240,240,240,0.95), rgba(190,190,190,0.95)); - background-attachment: fixed; - color: rgba(64,64,64,0.95); - font: 14px, sans-serif; - line-height: 1em; + background: #dbdbdb url("/admin/img/boxed-bg.jpg") repeat fixed; + color: #333; + font: 1.4rem "Source Sans Pro", "Helvetica Neue", Helvetica, Arial, sans-serif; + line-height: 2.2rem; +} + +/* User is greeted with a splash page when browsing to Pi-hole IP address */ +#splashpage { background: #222; color: rgba(255,255,255,0.7); text-align: center; } +#splashpage img { margin: 5px; width: 256px; } +#splashpage b { color: inherit; } + +#bpWrapper { + margin: 0 auto; + max-width: 1250px; + box-shadow: 0 0 8px rgba(0,0,0,0.5); +} + +@media only screen and (min-width: 1251px) { + #bpWrapper, footer { border-radius: 0 0 5px 5px; } + #bpAbout { border-right-width: 1px !important; } } header { - min-width: 320px; - width: 100%; - text-shadow: 0 1px rgba(255,255,255,0.6); - display: table; - table-layout: fixed; - border: 1px solid rgba(0,0,0,0.25); - border-top-color: rgba(255,255,255,0.85); - border-style: solid none; - background-image: -webkit-linear-gradient(top, rgba(240,240,240,0.95), rgba(220,220,220,0.95)); - background-image: linear-gradient(to bottom, rgba(240,240,240,0.95), rgba(220,220,220,0.95)); - box-shadow: 0 0 1px 1px rgba(0,0,0,0.04); + background: #3c8dbc; + display: table; + position: relative; + width: 100%; } -header h1, header div { - display: table-cell; - color: inherit; - font-weight: bold; - vertical-align: middle; - white-space: nowrap; - overflow: hidden; - box-sizing: border-box; +header h1, header h1 a, header .spc, header #bpAlt label { + display: table-cell; + color: #fff; + white-space: nowrap; + vertical-align: middle; + height: 50px; /* Must match #bpAbout top value */ } -header h1 { - font-size: 22px; - font-weight: bold; - width: 100%; - padding: 8px 0; - text-indent: 32px; - background: url("http://pi.hole/admin/img/logo.svg") left no-repeat; - background-size: 30px 22px; +h1 a { + background-color: rgba(0,0,0,0.1); + font-family: "Helvetica Neue", Helvetica, Arial ,sans-serif; + font-size: 2rem; + font-weight: normal; + min-width: 230px; + text-align: center; } -header h1 a, h1 a:hover { color: inherit; } -header .alt { width: 85px; font-size: 0.8em; padding-right: 4px; text-align: right; line-height: 1.25em; } -.active { color: green; } -.inactive { color: red; } +h1 a:hover, header #bpAlt:hover { background-color: rgba(0,0,0,0.12); color: inherit; text-decoration: none; } + +header .spc { width: 100%; } + +header #bpAlt label { + background: url("/admin/img/logo.svg") no-repeat center left 15px; + background-size: 15px 23px; + padding: 0 15px; + text-indent: 30px; +} + +[type=checkbox][id$="Toggle"] { display: none; } +[type=checkbox][id$="Toggle"]:checked ~ #bpAbout, +[type=checkbox][id$="Toggle"]:checked ~ #bpMoreInfo { + display: block; } + +/* Click anywhere else on screen to hide #bpAbout */ +#bpAboutToggle:checked { + display: block; + height: 300px; /* VH Fallback */ + height: 100vh; + left: 0; + top: 0; + opacity: 0; + position: absolute; + width: 100%; +} + +#bpAbout { + background: #3c8dbc; + border-bottom-left-radius: 5px; + border: 1px solid #FFF; + border-right-width: 0; + box-shadow: -1px 1px 1px rgba(0,0,0,0.12); + box-sizing: border-box; + display: none; + font-size: 1.7rem; + top: 50px; + position: absolute; + right: 0; + width: 280px; + z-index: 1; +} + +.aboutPH { + box-sizing: border-box; + color: rgba(255,255,255,0.8); + display: block; + padding: 10px; + width: 100%; + text-align: center; +} + +.aboutImg { + background: url("/admin/img/logo.svg") no-repeat center; + background-size: 90px 90px; + border: 3px solid rgba(255,255,255,0.2); + height: 90px; + margin: 0 auto; + padding: 2px; + width: 90px; +} + +.aboutPH p { margin: 10px 0; } +.aboutPH small { display: block; font-size: 1.2rem; } + +.aboutLink { + background: #fff; + border-top: 1px solid #ddd; + display: table; + font-size: 1.4rem; + text-align: center; + width: 100%; +} + +.aboutLink a { + display: table-cell; + padding: 14px; + min-width: 50%; +} main { - display: block; - width: 80%; - padding: 10px; - font-size: 1em; - background-color: rgba(255,255,255,0.85); - margin: 8px auto; - box-sizing: border-box; - border: 1px solid rgba(0,0,0,0.25); - box-shadow: 4px 4px rgba(0,0,0,0.1); - line-height: 1.2em; - border-radius: 8px; + background: #ecf0f5; + font-size: 1.65rem; + padding: 10px; } -h2 { /* Rgba is shared with .transparent th */ - font: 1.15em sans-serif; - background-color: rgba(255,0,0,0.4); - text-shadow: none; - line-height: 1.1em; - padding-bottom: 1px; - margin-top: 8px; - margin-bottom: 4px; - background: -webkit-linear-gradient(left, rgba(0,0,0,0.25), transparent 80%) no-repeat; - background: linear-gradient(to right, rgba(0,0,0,0.25), transparent 80%) no-repeat; - background-size: 100% 1px; - background-position: 0 17px; +#bpOutput { + background: #00c0ef; + border-radius: 3px; + border: 1px solid rgba(0,0,0,0.1); + color: #fff; + font-size: 1.4rem; + margin-bottom: 10px; + margin-top: 5px; + padding: 15px; } -h2:first-child { margin-top: 0; } -h2 ~ *:not(h2) { margin-left: 4px; } -li { padding: 2px 0; } -li::before { content: "\00BB\00a0"; } -li a { position: relative; top: 1px; } /* Center bullet-point arrows */ - -/* Button Style */ -.buttons a, button, input, .transparent th a { /* Swapped rgba is shared with input[type='url'] */ - display: inline-block; - color: rgba(32,32,32,0.9); - font-weight: bold; - text-align: center; - cursor: pointer; - text-shadow: 0 1px rgba(255,255,255,0.2); - line-height: 0.86em; - font-size: 1em; - padding: 4px 8px; - background: #FAFAFA; - background-image: -webkit-linear-gradient(top, rgba(255,255,255,0.05), rgba(0,0,0,0.05)); - background-image: linear-gradient(to bottom, rgba(255,255,255,0.05), rgba(0,0,0,0.05)); - border: 1px solid rgba(0,0,0,0.25); - border-radius: 4px; - box-shadow: 0 1px 0 rgba(0,0,0,0.04); +#bpOutput:before { + background: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' width='7' height='14' viewBox='0 0 7 14'%3E%3Cpath fill='%23fff' d='M6,11a1.371,1.371,0,0,1,1,1v1a1.371,1.371,0,0,1-1,1H1a1.371,1.371,0,0,1-1-1V12a1.371,1.371,0,0,1,1-1H2V8H1A1.371,1.371,0,0,1,0,7V6A1.371,1.371,0,0,1,1,5H4A1.371,1.371,0,0,1,5,6v5H6ZM3.5,0A1.5,1.5,0,1,1,2,1.5,1.5,1.5,0,0,1,3.5,0Z'/%3E%3C/svg%3E") no-repeat center left; + display: block; + font-size: 1.8rem; + text-indent: 15px; } -.buttons { white-space: nowrap; width: 100%; display: table; } -.buttons33 { white-space: nowrap; width: 33.333%; display: table; text-align: center; margin-left: 33.333% } -.mini a { width: 50%; } -a.safe { background-color: rgba(0,220,0,0.5); } -button.safe { background-color: rgba(0,220,0,0.5); } -a.warn { background-color: rgba(220,0,0,0.5); } +#bpOutput.hidden { display: none; } +#bpOutput.success { background: #00a65a; } +#bpOutput.error { background: #dd4b39; } -.blocked a, .mini a { display: table-cell; } -.blocked a.safe50 { width: 50%; background-color: rgba(0,220,0,0.5); } -.blocked a.safe33 { width: 33.333%; background-color: rgba(0,220,0,0.5); } +.blockMsg, .flagMsg { + font: bold 1.8rem Consolas, Courier, monospace; + padding: 5px 10px 10px 10px; + text-indent: 15px; +} -/* Types of text */ -.msg { white-space: pre; overflow: auto; -webkit-overflow-scrolling: touch; display: block; line-height: 1.2em; font-weight: bold; font-size: 1.15em; margin: 4px 8px 8px 8px; white-space: pre-line; } +#bpHelpTxt { padding-bottom: 10px; } -footer { font-size: 0.8em; text-align: center; width: 87%; margin: 4px auto; } +.buttons { + border-spacing: 5px 0; + display: table; + width: 100%; +} + +.buttons * { + -moz-appearance: none; + -webkit-appearance: none; + border-radius: 3px; + border: 1px solid rgba(0,0,0,0.1); + box-sizing: content-box; + display: table-cell; + font-size: 1.65rem; + margin-right: 5px; + min-height: 20px; + padding: 6px 12px; + position: relative; + text-align: center; + vertical-align: top; + white-space: nowrap; + width: auto; +} + +#bpButtons * { width: 50%; color: #FFF; } +#bpBack { background-color: #00a65a; } +#bpInfo { background-color: #3c8dbc; } +#bpWhitelist { background-color: #dd4b39; } + +.buttons a { text-decoration: none; } + +/* Button hover dark overlay */ +.buttons *:not(input):not([disabled]):hover { + background-image: linear-gradient(to bottom, rgba(0,0,0,0.1), rgba(0,0,0,0.1)); + color: #FFF; +} + +/* Button active shadow inset */ +.buttons *:not([disabled]):not(input):active { + box-shadow: inset 0 3px 5px rgba(0,0,0,0.125); +} + +/* Input border colour */ +.buttons *:not([disabled]):hover, .buttons input:focus { + border-color: rgba(0,0,0,0.25); +} + +:-ms-input-placeholder { color: rgba(51,51,51,0.8) !important; } +input[type=password] { font-size: 1.4rem; } + +.buttons [type=password][disabled] { color: rgba(0,0,0,1) !important; } +.buttons [disabled] { color: rgba(0,0,0,0.55) !important; background-color: #e3e3e3 !important; } + +@keyframes slidein { from { max-height: 0; opacity: 0; } to { max-height: 300px; opacity: 1; } } +#bpMoreToggle:checked ~ #bpMoreInfo { display: block; margin-top: 8px; animation: slidein 0.05s linear; } +#bpMoreInfo { display: none; margin-top: 10px; } + +#bpQueryOutput { + font-size: 1.2rem; + line-height: 1.65rem; + margin: 5px 0 0 0; + overflow: auto; + padding: 0 5px; + -webkit-overflow-scrolling: touch; +} + +#bpQueryOutput span { margin-right: 4px; } + +#bpWLButtons { width: auto; margin-top: 10px; } +#bpWLButtons * { display: inline-block; } +#bpWLDomain { display: none; } +#bpWLPassword { width: 160px; } +#bpWhitelist { color: #fff; cursor: pointer; } + +footer { + background: #fff; + border-top: 1px solid #d2d6de; + color: #444; + font: 1.2rem Consolas, Courier, monospace; + padding: 8px; +} + +/* Responsive small-screen content */ +@media only screen and (max-width: 500px) { + h1 a { font-size: 1.8rem; min-width: 170px; } + footer span:before { content: "Generated "; } + footer span { display: block; } +} From 551add5f447b25e7c5c3e54c325b287212dfd9c8 Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Tue, 2 May 2017 17:06:31 +1000 Subject: [PATCH 0003/1602] Update index.php * An "About Pi-hole" link on the block page provides an ELI5 explanation to those not familiar with Pi-hole * An email contact link on the block page provides users of your Pi-hole with a means to easily get in touch with you * Browsing to your Pi-hole's address will show a simple "landing page", which can be replaced by adding "landing.php" within "/var/www/html" * Users manually browsing to file/image based content (i.e: non HTML based content) on blocked sites will be greeted with a small "Blocked by Pi-hole" image * Sites that are manually blacklisted will display a notice of this on the block page * Sites that aren't directly blocked, but have a CNAME record, will show a notification on the block page (e.g: If raw.githubusercontent.com is not blocked, but github.map.fastly.net is) * On the block page, "Back to Safety" now directs the user to "about:home" if Javascript is disabled * Whitelisting is disabled for installs without a password, or if a client does not have Javascript * Known issues: * Admin Console needs a text field under "Web User Interface" where the admin can enter a preferred contact email when a site needs to be whitelisted, to be saved to setupVars.conf with the key "ADMIN_EMAIL" * Admin Console needs a text field under "Networking" where the admin can enter their Pi-hole's externally contactable FQDN, allowing access to their landing page when browsing to mypi.duckdns.org, to be saved to setupVars.conf with the key "FQDN" * I am not aware of expected output of `$_SERVER["VIRTUAL_HOST"]`, so I have assumed it should be filtered as if it's a domain --- advanced/index.php | 487 ++++++++++++++++++++++++++++----------------- 1 file changed, 299 insertions(+), 188 deletions(-) diff --git a/advanced/index.php b/advanced/index.php index bfc44a1d..aeb607ca 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -1,224 +1,335 @@ SERVER_NAME header output does not appear to be valid: ".$_SERVER["SERVER_NAME"].""); } -// Retrieve server URI extension (EG: jpg, exe, php) -ini_set('pcre.recursion_limit',100); -$uriExt = pathinfo($uri, PATHINFO_EXTENSION); - -// Define which URL extensions get rendered as "Website Blocked" -$webExt = array('asp', 'htm', 'html', 'php', 'rss', 'xml'); - -// Get IPv4 and IPv6 addresses from setupVars.conf (if available) +// Get values from setupVars.conf $setupVars = parse_ini_file("/etc/pihole/setupVars.conf"); -$ipv4 = isset($setupVars["IPV4_ADDRESS"]) ? explode("/", $setupVars["IPV4_ADDRESS"])[0] : $_SERVER['SERVER_ADDR']; -$ipv6 = isset($setupVars["IPV6_ADDRESS"]) ? explode("/", $setupVars["IPV6_ADDRESS"])[0] : $_SERVER['SERVER_ADDR']; +$svFQDN = (!empty($setupVars["FQDN"]) && validate_server_name($setupVars["FQDN"]) === TRUE) ? $setupVars["FQDN"] : ""; +$svPasswd = !empty($setupVars["WEBPASSWORD"]); +$svEmail = (!empty($setupVars["ADMIN_EMAIL"]) && filter_var($setupVars["ADMIN_EMAIL"], FILTER_VALIDATE_EMAIL)) ? $setupVars["ADMIN_EMAIL"] : ""; +unset($setupVars); -$AUTHORIZED_HOSTNAMES = array( - $ipv4, - $ipv6, - str_replace(array("[","]"), array("",""), $_SERVER["SERVER_ADDR"]), - "pi.hole", - "localhost"); -// Allow user set virtual hostnames -$virtual_host = getenv('VIRTUAL_HOST'); -if (!empty($virtual_host)) - array_push($AUTHORIZED_HOSTNAMES, $virtual_host); +// Set landing page name, found within /var/www/html/ +$landPage = "landing.php"; -// Immediately quit since we didn't block this page (the IP address or pi.hole is explicitly requested) -if(validIP($serverName) || in_array($serverName,$AUTHORIZED_HOSTNAMES)) -{ - http_response_code(404); - die(); +// Set empty array for hostnames to be accepted as self address for splash page +$authorizedHosts = []; + +// Append FQDN to $authorizedHosts +if (!empty($svFQDN)) array_push($authorizedHosts, $svFQDN); + +// Append virtual hostname to $authorizedHosts +if (!empty($_SERVER["VIRTUAL_HOST"])) { + if (validate_server_name($_SERVER["VIRTUAL_HOST"]) === TRUE) { + array_push($authorizedHosts, $_SERVER["VIRTUAL_HOST"]); + } else { + die("[ERROR]: VIRTUAL_HOST header output does not appear to be valid: ".$_SERVER["VIRTUAL_HOST"].""); + } } -if(in_array($uriExt, $webExt) || empty($uriExt)) -{ - // Requested resource has an extension listed in $webExt - // or no extension (index access to some folder incl. the root dir) - $showPage = true; -} -else -{ - // Something else - $showPage = false; +// Set which extension types get rendered as "Website Blocked" (Including "" for index file extensions) +$validExtTypes = array("asp", "htm", "html", "php", "rss", "xml", ""); + +// Get extension of current URL +$currentUrlExt = pathinfo($_SERVER["REQUEST_URI"], PATHINFO_EXTENSION); + +// Set mobile friendly viewport +$viewPort = ''; + +// Set response header +function setHeader($type = "x") { + header("X-Pi-hole: A black hole for Internet advertisements."); + if (isset($type) && $type === "js") header("Content-Type: application/javascript"); } -// Handle incoming URI types -if (!$showPage) -{ -?> - - - - - - - - + $viewPort + +
Pi-hole: Your black hole for Internet advertisements + "; + $pageType = is_file(getcwd()."/$landPage") ? include $landPage : "$splashPage"; + unset($serverName, $svFQDN, $svPasswd, $svEmail, $authorizedHosts, $validExtTypes, $currentUrlExt, $viewPort); + exit($pageType); +} elseif ($currentUrlExt === "js") { + // Set Javascript redirect for blocked sources + exit(setHeader("js").'var x = "Pi-hole: A black hole for Internet advertisements."'); +} elseif (strpos($_SERVER["REQUEST_URI"], "?") !== FALSE && isset($_SERVER["HTTP_REFERER"])) { + // Set blank image upon receiving REQUEST_URI w/ query string & HTTP_REFERRER (Presumably from iframe) + exit(setHeader().' + + + '); +} elseif (!in_array($currentUrlExt, $validExtTypes) || substr_count($_SERVER["REQUEST_URI"], "?")) { + // Set svg image upon receiving non $validExtTypes URL extension or query string (Presumably not from an iframe) + $blockImg = 'Blocked by Pi-hole'; + exit(setHeader()." + $viewPort + $blockImg + "); } -// Get Pi-hole version -$piHoleVersion = exec('cd /etc/.pihole/ && git describe --tags --abbrev=0'); +/* Start processing block page from here */ -// Don't show the URI if it is the root directory -if($uri == "/") -{ - $uri = ""; +// Get Pi-hole core branch name +$phBranch = exec("cd /etc/.pihole/ && git rev-parse --abbrev-ref HEAD"); +if ($phBranch !== "master") { + error_reporting(E_ALL); + ini_set("display_errors", 1); + ini_set("display_startup_errors", 1); } +// Validate SERVER_IP output +if (filter_var($_SERVER['SERVER_ADDR'], FILTER_VALIDATE_IP)) { + $serverAddr = $_SERVER["SERVER_ADDR"]; +} else { + die("[ERROR]: SERVER_IP header output does not appear to be valid: ".$_SERVER["SERVER_ADDR"].""); +} + +// Determine placeholder text based off $svPasswd presence +$wlPlaceHolder = empty($svPasswd) ? "No admin password set" : "Javascript disabled"; + +// Get admin email address +$bpAskAdmin = !empty($svEmail) ? '' : ""; + +// Determine if at least one block list has been generated +if (empty(glob("/etc/pihole/list.0.*.domains"))) die("[ERROR]: There are no domain lists generated lists within /etc/pihole/! Please update gravity by running pihole -g, or repair Pi-hole using pihole -r."); + +// Get contents of adlist.list +$adLists = is_file("/etc/pihole/adlists.list") ? "/etc/pihole/adlists.list" : "/etc/pihole/adlists.default"; +if (!is_file($adLists)) die("[ERROR]: Unable to find file: $adLists"); + +// Get all URLs starting with "http" or "www" from $adLists and re-index array numerically +$adlistsUrls = array_values(preg_grep("/(^http)|(^www)/i", file($adLists, FILE_IGNORE_NEW_LINES))); +if (empty($adlistsUrls)) die("[ERROR]: There are no adlist URL's found within $adLists"); +$adlistsCount = count($adlistsUrls) + 3; // +1 because array starts at 0, +2 for Blacklist & Wildcard lists + +// Get results of queryads.php exact search +ini_set("default_socket_timeout", 3); +function queryAds($serverName) { + $preQueryTime = microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"]; + $queryAds = file("http://127.0.0.1/admin/scripts/pi-hole/php/queryads.php?domain=$serverName&exact", FILE_IGNORE_NEW_LINES); + $queryTime = sprintf("%.0f", (microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"]) - $preQueryTime); + try { + if ($queryTime >= ini_get("default_socket_timeout")) { + throw new Exception ("Connection timeout (".ini_get("default_socket_timeout")."s)"); + } elseif ($queryAds[0][0] === ":") { + if (strpos($queryAds[0], "Invalid") !== FALSE) throw new Exception ("Invalid Domain ($serverName)"); + if (strpos($queryAds[0], "No exact") !== FALSE) return array("0" => "none"); + throw new Exception ("Unhandled error message ($queryAds[0])"); + } elseif ($queryAds[0][0] !== "/") { + throw new Exception ("Unexpected output ($queryAds[0])"); + } + return $queryAds; + } catch (Exception $e) { + return array("0" => "error", "1" => $e->getMessage()); + } +} +$queryAds = queryAds($serverName); + +if ($queryAds[0] === "error") { + die("[ERROR]: Unable to parse results from queryads.php: ".$queryAds[1].""); +} + +// Filter, sort, and count $queryAds array +if ($queryAds[0] !== "none") { + $queryAds = preg_replace("/(\/etc\/pihole\/)|(\/etc\/dnsmasq\.d\/)/", "", $queryAds); + $queryAds = preg_replace("/(^list\.)|(\..*domains)/", "", $queryAds); + $featuredTotal = count($queryAds); +} + +// Determine if domain has been blacklisted or wildcarded +if ($queryAds[0] === "blacklist.txt") { + $intBlacklist = array("π" => $queryAds[0]); + $queryAds[0] = "π"; // Manually blacklisted sites do not have a number + $notableFlagClass = "blacklist"; +} elseif ($queryAds[0] === "03-pihole-wildcard.conf") { + $intBlacklist = array("π" => $queryAds[0]); + $queryAds[0] = "π"; + $notableFlagClass = "wildcard"; +} elseif ($queryAds[0] === "none") { + $featuredTotal = "0"; + $notableFlagClass = "noblock"; + + // Determine appropriate info message if CNAME exists + $dnsRecord = dns_get_record("$serverName")[0]; + if (array_key_exists("target", $dnsRecord)) { + $wlInfo = $dnsRecord['target']; + } else { + $wlInfo = "recentwl"; + } +} + +// Merge $intBlacklist with $adlistsUrls if domain has been blacklisted or wildcarded +if (isset($intBlacklist)) $adlistsUrls = array_merge($intBlacklist, $adlistsUrls); + +// Set #bpOutput notification +$wlOutputClass = (isset($wlInfo) && $wlInfo === "recentwl") ? $wlInfo : "hidden"; +$wlOutput = (isset($wlInfo) && $wlInfo !== "recentwl") ? "$wlInfo" : ""; + +// Get Pi-hole core version +if ($phBranch !== "master") { + $phVersion = exec("cd /etc/.pihole/ && git describe --long --dirty --tags"); + $execTime = microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"]; +} else { + $phVersion = exec("cd /etc/.pihole/ && git describe --tags --abbrev=0"); +} ?> + - - Website Blocked - - - - + + + + + + + + ● <?=$serverName ?> + + - +
-

Website Blocked

+

+ +

+
+ + +
+
+
+

Open Source Ad Blocker + Designed for Raspberry Pi +

+
+
+ + '; ?> +
+
+ +
+ +
+
-
Access to the following site has been blocked:
-
-
If you have an ongoing use for this website, please ask the owner of the Pi-hole in your network to have it whitelisted.
- - - - This page is blocked because it is explicitly contained within the following block list(s): -
-
- Go back - Whitelist this page - Close window -
- +
+
+

+
+ +
+

+
+ +
+
+ + 0) echo ''; ?> +
+ +
+ + 
 0) foreach ($queryAds as $num) { echo "[$num]:$adlistsUrls[$num]\n"; } ?>
+
+ + +
+
-
Generated by Pi-hole
- - - +
. Pi-hole ()
+
+ - - + + From dfb5c37d984139537b6fe53c52964125c2c6d724 Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Tue, 2 May 2017 17:21:40 +1000 Subject: [PATCH 0004/1602] Delete index.js --- advanced/index.js | 1 - 1 file changed, 1 deletion(-) delete mode 100644 advanced/index.js diff --git a/advanced/index.js b/advanced/index.js deleted file mode 100644 index c9da5aff..00000000 --- a/advanced/index.js +++ /dev/null @@ -1 +0,0 @@ -var x = "Pi-hole: A black hole for Internet advertisements." From 356c70cdae29c49d95933434cb9820ca42ccf6af Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Tue, 2 May 2017 17:24:07 +1000 Subject: [PATCH 0005/1602] Update lighttpd.conf.debian * Disable `include-conf-enabled.pl`, as blindly enabling HTTPS (as Let's Encrypt does by having a file in that folder) creates Block Page inefficiencies * Make Block page handle JS request rewrite, allowing users to better utilise their `lighttpd` service * Make Block page handle debugging Pi-hole header * Make Block page redirect users from `pi.hole` to `http://pi.hole/admin` --- advanced/lighttpd.conf.debian | 20 ++++---------------- 1 file changed, 4 insertions(+), 16 deletions(-) diff --git a/advanced/lighttpd.conf.debian b/advanced/lighttpd.conf.debian index 3b57756e..19b8b186 100644 --- a/advanced/lighttpd.conf.debian +++ b/advanced/lighttpd.conf.debian @@ -50,7 +50,7 @@ compress.filetype = ( "application/javascript", "text/css", "text/html # default listening port for IPv6 falls back to the IPv4 port include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port include_shell "/usr/share/lighttpd/create-mime.assign.pl" -include_shell "/usr/share/lighttpd/include-conf-enabled.pl" +#include_shell "/usr/share/lighttpd/include-conf-enabled.pl" # If the URL starts with /admin, it is the Web interface $HTTP["url"] =~ "^/admin/" { @@ -59,21 +59,9 @@ $HTTP["url"] =~ "^/admin/" { "X-Pi-hole" => "The Pi-hole Web interface is working!", "X-Frame-Options" => "DENY" ) -} - -# Rewite js requests, must be out of $HTTP block due to bug #2526 -url.rewrite = ( "^(?!/admin/).*\.js$" => "pihole/index.js" ) - -# If the URL does not start with /admin, then it is a query for an ad domain -$HTTP["url"] =~ "^(?!/admin)/.*" { - # Create a response header for debugging using curl -I - setenv.add-response-header = ( "X-Pi-hole" => "A black hole for Internet advertisements." ) -} - -# Entering just "pi.hole" into a browser redirects to "pi.hole/admin/" -$HTTP["host"] == "pi.hole" { - $HTTP["url"] == "/" { - url.redirect = ( "" => "/admin/" ) + $HTTP["url"] =~ ".ttf$" { + # Allow Block Page access to local fonts + setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" ) } } From 74b15d10d98fa3e1c42b98cb26c81a09408389dd Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Tue, 2 May 2017 17:24:55 +1000 Subject: [PATCH 0006/1602] Update lighttpd.conf.fedora Mirror changes found in `lighttpd.conf.debian` --- advanced/lighttpd.conf.fedora | 23 +++++++---------------- 1 file changed, 7 insertions(+), 16 deletions(-) diff --git a/advanced/lighttpd.conf.fedora b/advanced/lighttpd.conf.fedora index fd856fbb..773f0142 100644 --- a/advanced/lighttpd.conf.fedora +++ b/advanced/lighttpd.conf.fedora @@ -75,22 +75,13 @@ fastcgi.server = ( ".php" => # If the URL starts with /admin, it is the Web interface $HTTP["url"] =~ "^/admin/" { # Create a response header for debugging using curl -I - setenv.add-response-header = ( "X-Pi-hole" => "The Pi-hole Web interface is working!" ) -} - -# Rewite js requests, must be out of $HTTP block due to bug #2526 -url.rewrite = ( "^(?!/admin/).*\.js$" => "pihole/index.js" ) - -# If the URL does not start with /admin, then it is a query for an ad domain -$HTTP["url"] =~ "^(?!/admin)/.*" { - # Create a response header for debugging using curl -I - setenv.add-response-header = ( "X-Pi-hole" => "A black hole for Internet advertisements." ) -} - -# Entering just "pi.hole" into a browser redirects to "pi.hole/admin/" -$HTTP["host"] == "pi.hole" { - $HTTP["url"] == "/" { - url.redirect = ( "" => "/admin/" ) + setenv.add-response-header = ( + "X-Pi-hole" => "The Pi-hole Web interface is working!", + "X-Frame-Options" => "DENY" + ) + $HTTP["url"] =~ ".ttf$" { + # Allow Block Page access to local fonts + setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" ) } } From 7bcea98d0cc7fc43298c3945b3f262e9f0e73019 Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Tue, 2 May 2017 17:28:51 +1000 Subject: [PATCH 0007/1602] Do not activate letsencrypt.conf if found --- advanced/lighttpd.conf.debian | 1 + 1 file changed, 1 insertion(+) diff --git a/advanced/lighttpd.conf.debian b/advanced/lighttpd.conf.debian index 19b8b186..47f6af02 100644 --- a/advanced/lighttpd.conf.debian +++ b/advanced/lighttpd.conf.debian @@ -51,6 +51,7 @@ compress.filetype = ( "application/javascript", "text/css", "text/html include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port include_shell "/usr/share/lighttpd/create-mime.assign.pl" #include_shell "/usr/share/lighttpd/include-conf-enabled.pl" +include_shell "find /etc/lighttpd/conf-enabled -name '*.conf' -a ! -name 'letsencrypt.conf' -printf 'include \"%p\"\n' 2>/dev/null" # If the URL starts with /admin, it is the Web interface $HTTP["url"] =~ "^/admin/" { From a8818c16d87d34ebf5fdc2650151b7a5a1a7e7df Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Tue, 2 May 2017 19:51:13 +1000 Subject: [PATCH 0008/1602] Fixed unnecessary usage of !important --- advanced/blockingpage.css | 49 ++++++++++++++++++++------------------- 1 file changed, 25 insertions(+), 24 deletions(-) diff --git a/advanced/blockingpage.css b/advanced/blockingpage.css index a176e84c..1af96cda 100644 --- a/advanced/blockingpage.css +++ b/advanced/blockingpage.css @@ -11,12 +11,12 @@ .linkPH:before { content: "About Pi-hole"; } .linkEmail:before { content: "Contact Admin"; } -.add:before { content: "Info"; } -.add:after { content: "The domain is being whitelisted..."; } -.error:before, .unhandled:before { content: "Error"; } -.unhandled:after { content: "An unhandled exception occured. This may happen when your browser is unable to load jQuery, or when the webserver is denying access to the Pi-hole API."; } -.success:before { content: "Success"; } -.success:after { content: "Website has been whitelisted! You may need to flush your DNS cache"; } +#bpOutput.add:before { content: "Info"; } +#bpOutput.add:after { content: "The domain is being whitelisted..."; } +#bpOutput.error:before, .unhandled:before { content: "Error"; } +#bpOutput.unhandled:after { content: "An unhandled exception occured. This may happen when your browser is unable to load jQuery, or when the webserver is denying access to the Pi-hole API."; } +#bpOutput.success:before { content: "Success"; } +#bpOutput.success:after { content: "Website has been whitelisted! You may need to flush your DNS cache"; } .recentwl:before { content: "This site appears to have been recently whitelisted. Please flush your DNS cache and/or restart your browser."; } .cname:before { content: "This site is an alias for "; } /* cname.com */ @@ -101,13 +101,14 @@ b { color: rgb(68,68,68); } p { margin: 0; } label, .buttons a { - cursor: pointer; -webkit-user-select: none; -moz-user-select: none; -ms-user-select: none; user-select: none; } +label, .buttons *:not([disabled]) { cursor: pointer; } + /* Touch device dark tap highlight */ header h1 a, label, .buttons * { -webkit-tap-highlight-color: transparent; } @@ -146,11 +147,6 @@ body { box-shadow: 0 0 8px rgba(0,0,0,0.5); } -@media only screen and (min-width: 1251px) { - #bpWrapper, footer { border-radius: 0 0 5px 5px; } - #bpAbout { border-right-width: 1px !important; } -} - header { background: #3c8dbc; display: table; @@ -316,12 +312,7 @@ main { width: auto; } -#bpButtons * { width: 50%; color: #FFF; } -#bpBack { background-color: #00a65a; } -#bpInfo { background-color: #3c8dbc; } -#bpWhitelist { background-color: #dd4b39; } - -.buttons a { text-decoration: none; } +.buttons a:hover { text-decoration: none; } /* Button hover dark overlay */ .buttons *:not(input):not([disabled]):hover { @@ -339,11 +330,16 @@ main { border-color: rgba(0,0,0,0.25); } -:-ms-input-placeholder { color: rgba(51,51,51,0.8) !important; } -input[type=password] { font-size: 1.4rem; } +#bpButtons * { width: 50%; color: #FFF; } +#bpBack { background-color: #00a65a; } +#bpInfo { background-color: #3c8dbc; } +#bpWhitelist { background-color: #dd4b39; } -.buttons [type=password][disabled] { color: rgba(0,0,0,1) !important; } -.buttons [disabled] { color: rgba(0,0,0,0.55) !important; background-color: #e3e3e3 !important; } +#blockpage .buttons [type=password][disabled] { color: rgba(0,0,0,1); } +#blockpage .buttons [disabled] { color: rgba(0,0,0,0.55); background-color: #e3e3e3; } +#blockpage .buttons [type=password]:-ms-input-placeholder { color: rgba(51,51,51,0.8); } + +input[type=password] { font-size: 1.5rem; } @keyframes slidein { from { max-height: 0; opacity: 0; } to { max-height: 300px; opacity: 1; } } #bpMoreToggle:checked ~ #bpMoreInfo { display: block; margin-top: 8px; animation: slidein 0.05s linear; } @@ -364,7 +360,7 @@ input[type=password] { font-size: 1.4rem; } #bpWLButtons * { display: inline-block; } #bpWLDomain { display: none; } #bpWLPassword { width: 160px; } -#bpWhitelist { color: #fff; cursor: pointer; } +#bpWhitelist { color: #fff; } footer { background: #fff; @@ -374,9 +370,14 @@ footer { padding: 8px; } -/* Responsive small-screen content */ +/* Responsive Content */ @media only screen and (max-width: 500px) { h1 a { font-size: 1.8rem; min-width: 170px; } footer span:before { content: "Generated "; } footer span { display: block; } } + +@media only screen and (min-width: 1251px) { + #bpWrapper, footer { border-radius: 0 0 5px 5px; } + #bpAbout { border-right-width: 1px; } +} From f2016f26d72563b14b461ab1c87b09fa6270fc7f Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Wed, 3 May 2017 15:29:43 +1000 Subject: [PATCH 0009/1602] Updated splash page CSS href --- advanced/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/index.php b/advanced/index.php index aeb607ca..78ca7b17 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -70,7 +70,7 @@ if ($serverName === "pi.hole") { $splashPage = " $viewPort - +
Pi-hole: Your black hole for Internet advertisements "; $pageType = is_file(getcwd()."/$landPage") ? include $landPage : "$splashPage"; From 4d731ca30bfe5d6f39fd8a4ea531fab5174cd217 Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Wed, 3 May 2017 15:33:50 +1000 Subject: [PATCH 0010/1602] Updated landing page location During development, I had the location of `/pihole/index.php` as just `/index.php`. Just correcting some changes! --- advanced/index.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/advanced/index.php b/advanced/index.php index 78ca7b17..7fd3c44b 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -29,8 +29,8 @@ $svPasswd = !empty($setupVars["WEBPASSWORD"]); $svEmail = (!empty($setupVars["ADMIN_EMAIL"]) && filter_var($setupVars["ADMIN_EMAIL"], FILTER_VALIDATE_EMAIL)) ? $setupVars["ADMIN_EMAIL"] : ""; unset($setupVars); -// Set landing page name, found within /var/www/html/ -$landPage = "landing.php"; +// Set landing page name, found within /var/www/html/pihole/ +$landPage = "../landing.php"; // Set empty array for hostnames to be accepted as self address for splash page $authorizedHosts = []; From 173ad339bb9470b15c71b9980d5d1bb216f9615c Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Mon, 8 May 2017 19:33:45 +1000 Subject: [PATCH 0011/1602] Update CSS location --- advanced/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/index.php b/advanced/index.php index 7fd3c44b..82d46d52 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -214,7 +214,7 @@ if ($phBranch !== "master") { - + ● <?=$serverName ?> '); } elseif (!in_array($currentUrlExt, $validExtTypes) || substr_count($_SERVER["REQUEST_URI"], "?")) { - // Set svg image upon receiving non $validExtTypes URL extension or query string (Presumably not from an iframe) + // Serve SVG upon receiving non $validExtTypes URL extension or query string (e.g: not an iframe of a blocked domain) $blockImg = 'Blocked by Pi-hole'; exit(setHeader()." $viewPort @@ -94,89 +83,86 @@ if ($serverName === "pi.hole") { "); } -/* Start processing block page from here */ - -// Get Pi-hole core branch name -$phBranch = exec("cd /etc/.pihole/ && git rev-parse --abbrev-ref HEAD"); -if ($phBranch !== "master") { - error_reporting(E_ALL); - ini_set("display_errors", 1); - ini_set("display_startup_errors", 1); -} - -// Validate SERVER_IP output -if (filter_var($_SERVER['SERVER_ADDR'], FILTER_VALIDATE_IP)) { - $serverAddr = $_SERVER["SERVER_ADDR"]; -} else { - die("[ERROR]: SERVER_IP header output does not appear to be valid: ".$_SERVER["SERVER_ADDR"].""); -} +/* Start processing Block Page from here */ // Determine placeholder text based off $svPasswd presence $wlPlaceHolder = empty($svPasswd) ? "No admin password set" : "Javascript disabled"; -// Get admin email address +// Define admin email address text $bpAskAdmin = !empty($svEmail) ? '' : ""; // Determine if at least one block list has been generated -if (empty(glob("/etc/pihole/list.0.*.domains"))) die("[ERROR]: There are no domain lists generated lists within /etc/pihole/! Please update gravity by running pihole -g, or repair Pi-hole using pihole -r."); +if (empty(glob("/etc/pihole/list.0.*.domains"))) + die("[ERROR] There are no domain lists generated lists within /etc/pihole/! Please update gravity by running pihole -g, or repair Pi-hole using pihole -r."); -// Get contents of adlist.list -$adLists = is_file("/etc/pihole/adlists.list") ? "/etc/pihole/adlists.list" : "/etc/pihole/adlists.default"; -if (!is_file($adLists)) die("[ERROR]: Unable to find file: $adLists"); +// Set location of adlists file +if (is_file("/etc/pihole/adlists.list")) { + $adLists = "/etc/pihole/adlists.list"; +} elseif (is_file("/etc/pihole/adlists.default")) { + $adLists = "/etc/pihole/adlists.default"; +} else { + die("[ERROR] File not found: /etc/pihole/adlists.list"); +} -// Get all URLs starting with "http" or "www" from $adLists and re-index array numerically +// Get all URLs starting with "http" or "www" from adlists and re-index array numerically $adlistsUrls = array_values(preg_grep("/(^http)|(^www)/i", file($adLists, FILE_IGNORE_NEW_LINES))); -if (empty($adlistsUrls)) die("[ERROR]: There are no adlist URL's found within $adLists"); -$adlistsCount = count($adlistsUrls) + 3; // +1 because array starts at 0, +2 for Blacklist & Wildcard lists + +if (empty($adlistsUrls)) + die("[ERROR]: There are no adlist URL's found within $adLists"); + +// Get total number of blocklists (Including Whitelist, Blacklist & Wildcard lists) +$adlistsCount = count($adlistsUrls) + 3; // Get results of queryads.php exact search ini_set("default_socket_timeout", 3); function queryAds($serverName) { + // Determine the time it takes while querying adlists $preQueryTime = microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"]; - $queryAds = file("http://127.0.0.1/admin/scripts/pi-hole/php/queryads.php?domain=$serverName&exact", FILE_IGNORE_NEW_LINES); + $queryAds = file("http://127.0.0.1/admin/scripts/pi-hole/php/queryads.php?domain=$serverName&bp", FILE_IGNORE_NEW_LINES); + $queryAds = array_values(array_filter(preg_replace("/data:\s+/", "", $queryAds))); $queryTime = sprintf("%.0f", (microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"]) - $preQueryTime); + + // Exception Handling try { if ($queryTime >= ini_get("default_socket_timeout")) { throw new Exception ("Connection timeout (".ini_get("default_socket_timeout")."s)"); - } elseif ($queryAds[0][0] === ":") { - if (strpos($queryAds[0], "Invalid") !== FALSE) throw new Exception ("Invalid Domain ($serverName)"); - if (strpos($queryAds[0], "No exact") !== FALSE) return array("0" => "none"); + } elseif (!strpos($queryAds[0], ".") !== false) { + if (strpos($queryAds[0], "No exact results") !== FALSE) return array("0" => "none"); throw new Exception ("Unhandled error message ($queryAds[0])"); - } elseif ($queryAds[0][0] !== "/") { - throw new Exception ("Unexpected output ($queryAds[0])"); } return $queryAds; } catch (Exception $e) { return array("0" => "error", "1" => $e->getMessage()); } + } + $queryAds = queryAds($serverName); if ($queryAds[0] === "error") { die("[ERROR]: Unable to parse results from queryads.php: ".$queryAds[1].""); -} - -// Filter, sort, and count $queryAds array -if ($queryAds[0] !== "none") { - $queryAds = preg_replace("/(\/etc\/pihole\/)|(\/etc\/dnsmasq\.d\/)/", "", $queryAds); - $queryAds = preg_replace("/(^list\.)|(\..*domains)/", "", $queryAds); +} else { $featuredTotal = count($queryAds); + + // Place results into key => value array + $queryResults = null; + foreach ($queryAds as $str) { + $value = explode(" ", $str); + @$queryResults[$value[0]] .= "$value[1]"; + } } -// Determine if domain has been blacklisted or wildcarded -if ($queryAds[0] === "blacklist.txt") { - $intBlacklist = array("π" => $queryAds[0]); - $queryAds[0] = "π"; // Manually blacklisted sites do not have a number +// Determine if domain has been blacklisted, whitelisted, wildcarded or CNAME blocked +if (strpos($queryAds[0], "blacklist") !== FALSE) { $notableFlagClass = "blacklist"; -} elseif ($queryAds[0] === "whitelist.txt") { - $intBlacklist = array("π" => $queryAds[0]); - $queryAds[0] = "π"; + $adlistsUrls = array("π" => substr($queryAds[0], 2)); +} elseif (strpos($queryAds[0], "whitelist") !== FALSE) { $notableFlagClass = "noblock"; + $adlistsUrls = array("π" => substr($queryAds[0], 2)); $wlInfo = "recentwl"; -} elseif ($queryAds[0] === "03-pihole-wildcard.conf") { - $intBlacklist = array("π" => $queryAds[0]); - $queryAds[0] = "π"; +} elseif (strpos($queryAds[0], "wildcard") !== FALSE) { $notableFlagClass = "wildcard"; + $adlistsUrls = array("π" => substr($queryAds[0], 2)); } elseif ($queryAds[0] === "none") { $featuredTotal = "0"; $notableFlagClass = "noblock"; @@ -190,38 +176,34 @@ if ($queryAds[0] === "blacklist.txt") { } } -// Merge $intBlacklist with $adlistsUrls if domain has been blacklisted or wildcarded -if (isset($intBlacklist)) $adlistsUrls = array_merge($intBlacklist, $adlistsUrls); - // Set #bpOutput notification $wlOutputClass = (isset($wlInfo) && $wlInfo === "recentwl") ? $wlInfo : "hidden"; $wlOutput = (isset($wlInfo) && $wlInfo !== "recentwl") ? "$wlInfo" : ""; -// Get Pi-hole core version -if ($phBranch !== "master") { - $phVersion = exec("cd /etc/.pihole/ && git describe --long --dirty --tags"); - $execTime = microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"]; -} else { - $phVersion = exec("cd /etc/.pihole/ && git describe --tags --abbrev=0"); -} +// Get Pi-hole Core version +$phVersion = exec("cd /etc/.pihole/ && git describe --long --tags"); + +// Print $execTime on development branches +if (substr_count("-", $phVersion) != "1") + $execTime = microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"]; ?> - + - - + + ● <?=$serverName ?> - + + + '); } elseif (!in_array($currentUrlExt, $validExtTypes) || substr_count($_SERVER["REQUEST_URI"], "?")) { - // Serve SVG upon receiving non $validExtTypes URL extension or query string (e.g: not an iframe of a blocked domain) + // Serve SVG upon receiving non $validExtTypes URL extension or query string + // e.g: Not an iframe of a blocked domain, such as when browsing to a file/query directly + // QoL addition: Allow the SVG to be clicked on in order to quickly show the full Block Page $blockImg = 'Blocked by Pi-hole'; exit(setHeader()." $viewPort @@ -88,7 +94,7 @@ if ($serverName === "pi.hole") { // Determine placeholder text based off $svPasswd presence $wlPlaceHolder = empty($svPasswd) ? "No admin password set" : "Javascript disabled"; -// Define admin email address text +// Define admin email address text based off $svEmail presence $bpAskAdmin = !empty($svEmail) ? '' : ""; // Determine if at least one block list has been generated @@ -113,8 +119,10 @@ if (empty($adlistsUrls)) // Get total number of blocklists (Including Whitelist, Blacklist & Wildcard lists) $adlistsCount = count($adlistsUrls) + 3; -// Get results of queryads.php exact search +// Set query timeout ini_set("default_socket_timeout", 3); + +// Logic for querying blocklists function queryAds($serverName) { // Determine the time it takes while querying adlists $preQueryTime = microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"]; @@ -124,32 +132,39 @@ function queryAds($serverName) { // Exception Handling try { - if ($queryTime >= ini_get("default_socket_timeout")) { + // Define Exceptions + if (strpos($queryAds[0], "No exact results") !== FALSE) { + // Return "none" into $queryAds array + return array("0" => "none"); + } else if ($queryTime >= ini_get("default_socket_timeout")) { + // Connection Timeout throw new Exception ("Connection timeout (".ini_get("default_socket_timeout")."s)"); } elseif (!strpos($queryAds[0], ".") !== false) { - if (strpos($queryAds[0], "No exact results") !== FALSE) return array("0" => "none"); + // Unknown $queryAds output throw new Exception ("Unhandled error message ($queryAds[0])"); } return $queryAds; } catch (Exception $e) { + // Return exception as array return array("0" => "error", "1" => $e->getMessage()); } - } +// Get results of queryads.php exact search $queryAds = queryAds($serverName); -if ($queryAds[0] === "error") { +// Pass error through to Block Page +if ($queryAds[0] === "error") die("[ERROR]: Unable to parse results from queryads.php: ".$queryAds[1].""); -} else { - $featuredTotal = count($queryAds); - // Place results into key => value array - $queryResults = null; - foreach ($queryAds as $str) { - $value = explode(" ", $str); - @$queryResults[$value[0]] .= "$value[1]"; - } +// Count total number of matching blocklists +$featuredTotal = count($queryAds); + +// Place results into key => value array +$queryResults = null; +foreach ($queryAds as $str) { + $value = explode(" ", $str); + @$queryResults[$value[0]] .= "$value[1]"; } // Determine if domain has been blacklisted, whitelisted, wildcarded or CNAME blocked @@ -167,7 +182,8 @@ if (strpos($queryAds[0], "blacklist") !== FALSE) { $featuredTotal = "0"; $notableFlagClass = "noblock"; - // Determine appropriate info message if CNAME exists + // QoL addition: Determine appropriate info message if CNAME exists + // Suggests to the user that $serverName has a CNAME (alias) that may be blocked $dnsRecord = dns_get_record("$serverName")[0]; if (array_key_exists("target", $dnsRecord)) { $wlInfo = $dnsRecord['target']; @@ -184,9 +200,12 @@ $wlOutput = (isset($wlInfo) && $wlInfo !== "recentwl") ? " Date: Fri, 6 Oct 2017 20:35:54 +1100 Subject: [PATCH 0145/1602] Condense features into three main sections * Core shows a list of common commands, linking to the new Core Function Breakdown wiki article * Core also now shows the ASCII Vortex * Web has had its preview image size reduced * FTL's functions are elaborated upon more --- README.md | 166 ++++++++++-------------------------------------------- 1 file changed, 29 insertions(+), 137 deletions(-) diff --git a/README.md b/README.md index 99ed87da..920f97f6 100644 --- a/README.md +++ b/README.md @@ -103,22 +103,27 @@ Word-of-mouth continues to help our project grow immensely, and we'd like to hel ----- ## Features -* [The Web Interface Dashboard](#the-web-interface-dashboard) -* [The Faster-Than-Light Engine](#the-faster-than-light-engine) -* [The Query Log](#the-query-log) -* [Long-term Statistics](#long-term-statistics) -* [Whitelisting and Blacklisting](#whitelisting-and-blacklisting) -* [Additional Blocklists](#additional-blocklists) -* [Enable and Disable Pi-hole](#enable-and-disable-pi-hole) -* [Tools](#tools) -* [Web Interface Settings](#web-interface-settings) -* [Built-in DHCP Server](#built-in-dhcp-server) -* [Real-time Statistics](#real-time-statistics) +### The Command Line Interface +The `pihole` command has all the functionality necessary to be able to fully administer the Pi-hole. + +Pi-hole ASCII Logo + +Some of the features include: +* [Whitelisting, Blacklisting and Wildcards](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#whitelisting-blacklisting-and-wildcards) +* [Debugging utility](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#debugger) +* [Viewing the live log file](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#tail) +* [Real-time Statistics via `ssh`](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#chronometer) or [your TFT LCD screen](http://www.amazon.com/exec/obidos/ASIN/B00ID39LM4/pihole09-20) +* [Updating Ad Lists](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#gravity) +* [Querying Ad Lists for matching domains](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#query) +* [Enabling and Disabling Pi-hole](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#enable--disable) +* ... and *many* more! + +You can read our [Core Feature Breakdown](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown), as well as read up on [example usage](https://discourse.pi-hole.net/t/the-pihole-command-with-examples/738) for more information. ### The Web Interface Dashboard -This optional [open source](https://github.com/almasaeed2010/AdminLTE) dashboard allows you to view stats, change settings, and configure your Pi-hole. +This [optional dashboard](https://github.com/pi-hole/AdminLTE) allows you to view stats, change settings, and configure your Pi-hole. It's the power of the Command Line Interface, with none of the learning curve! -![Pi-hole Dashboard](https://assets.pi-hole.net/static/dashboard.png) +Pi-hole Dashboard There are several ways to [access the dashboard](https://discourse.pi-hole.net/t/how-do-i-access-pi-holes-dashboard-admin-interface/3168): @@ -127,132 +132,19 @@ There are several ways to [access the dashboard](https://discourse.pi-hole.net/t 3. `http://pi.hole/` (when using Pi-hole as your DNS server) ## The Faster-Than-Light Engine -The [FTL API](https://github.com/pi-hole/FTL) can be accessed via the Web, Command Line and `telnet`. +The [FTL Engine](https://github.com/pi-hole/FTL) is a lightweight purpose-built daemon used to provide statistics needed for the Web Interface, and its API can be easily intergrated into your own projects. As the name implies, FTL does this all *very quickly*! -The Web (`admin/api.php`) and Command Line (`pihole -c -j`) will return `json` formatted output: -``` -{ - "domains_being_blocked":111175, - "dns_queries_today":15669, - "ads_blocked_today":1752, - "ads_percentage_today":11.181314, - "unique_domains":1178, - "queries_forwarded":9177, - "queries_cached":4740, - "unique_clients":18 -} -``` +Some of the statistics you can intergrate include: +* Total number of domains being blocked +* Total number of DNS queries today +* Total number of ads blocked today +* Percentage of ads blocked +* Unique domains +* Queries forwarded (to your chosen upstream DNS server) +* Queries cached (served by Pi-hole) +* Unique Pi-hole clients -More details on the API can be found [here](https://discourse.pi-hole.net/t/pi-hole-api/1863) and `telnet` on [the repo itself](https://github.com/pi-hole/FTL). - -### The Query Log -If enabled, the query log will show all of the DNS queries requested by clients using Pi-hole as their DNS server. Standard domains will show in green, and blocked (_Pi-holed_) domains will show in red. You can also whitelist or blacklist domains from within this section. - -

- -

- -The query log and graphs are what have helped people [discover all sorts of unexpected traffic traversing their networks](https://pi-hole.net/2017/07/06/round-3-what-really-happens-on-your-network/). - -#### Long-term Statistics -Using our FTL API, Pi-hole will store all the DNS queries in a database for later retrieval and analysis. You can view this data as a graph, individual queries, top clients/advertisers, or even query the database yourself for your own applications. - -

- -

- -### Whitelisting and Blacklisting -Domains can be [whitelisted](https://discourse.pi-hole.net/t/commonly-whitelisted-domains/212) or [blacklisted](https://discourse.pi-hole.net/t/commonly-blacklisted-domains/305) using either the dashboard, or via [the `pihole` command](https://discourse.pi-hole.net/t/the-pihole-command-with-examples/738). - -

- -

- -#### Additional Blocklists -Pi-hole's stock block lists cover over 100,000 known ad-serving domains, which helps ensure you encounter minimal false positives. You can expand the blocking power of your Pi-hole by [adding additional lists](https://discourse.pi-hole.net/t/how-do-i-add-additional-block-lists-to-pi-hole/259) such as the ones found at [The Big Blocklist Collection](https://wally3k.github.io/). - -

- -

- -### Enable and Disable Pi-hole -There are times where you may want to disable the blocking functionality, and turn it back on again. You can toggle this via the dashboard or command line. - -

- -

- -### Tools - -

- -

- -##### Update Ad Lists -This runs [`gravity`](https://github.com/pi-hole/pi-hole/blob/master/gravity.sh) which checks your source list for updates, and downloads if changes are found. - -##### Query Ad Lists -You can find out what blocklist a specific domain was found on. This is useful for troubleshooting websites that may not work properly due to a blocked domain. - -##### `tail`ing Log Files -You can [watch the log files](https://discourse.pi-hole.net/t/how-do-i-watch-and-interpret-the-pihole-log-file/276) in real time to help debug any issues, or just see what's happening on your network. - -##### Pi-hole Debugger -If you are having trouble with your Pi-hole, this is the place to go. You can run the debugger and it will attempt to diagnose any issues, and then link to an FAQ with instructions on rectifying the problem. - -

- -

- -If run [via the command line](https://discourse.pi-hole.net/t/the-pihole-command-with-examples/738#debug), you will see coloured text, which makes it easy to identify any problems. - -

- -

- -After the debugger has finished, you have the option to upload it to our secure server for 48 hours. All you need to do is provide [one of our developers](https://github.com/orgs/pi-hole/teams/debug/members) the unique token generated by the debugger via [one of the various ways of getting in touch with us](#getting-in-touch-with-us). - -

- -

- -You should be able to resolve most issues using the provided FAQ links, but we're always happy to help out if you'd like assistance! - -### Web Interface Settings -The settings page lets you control and configure your Pi-hole. You can do things like: - -- view networking information -- flush logs or disable the logging of queries -- [enable Pi-hole's built-in DHCP server](https://discourse.pi-hole.net/t/how-do-i-use-pi-holes-built-in-dhcp-server-and-why-would-i-want-to/3026) -- [manage block lists](https://discourse.pi-hole.net/t/how-do-i-add-additional-block-lists-to-pi-hole/259) -- exclude domains from the graphs and enable privacy options -- configure upstream DNS servers -- restart Pi-hole's services -- back up some of Pi-hole's important files -- and more! - -

- -

- -### Built-in DHCP Server -Pi-hole ships with a [built-in DHCP server](https://discourse.pi-hole.net/t/how-do-i-use-pi-holes-built-in-dhcp-server-and-why-would-i-want-to/3026). This allows you to let your network devices use Pi-hole as their DNS server if your router does not let you adjust the DHCP options. - -One nice feature of using Pi-hole's DHCP server if you can set hostnames and DHCP reservations so you'll [see hostnames in the query log instead of IP addresses](https://discourse.pi-hole.net/t/how-do-i-show-hostnames-instead-of-ip-addresses-in-the-dashboard/3530). You can still do this without using Pi-hole's DHCP server; it just takes a little more work. If you do plan to use Pi-hole's DHCP server, be sure to disable DHCP on your router first. - -

- -

- -### Real-time Statistics -Using [chronometer2](https://github.com/pi-hole/pi-hole/blob/master/advanced/Scripts/chronometer.sh), you can view [real-time stats](https://discourse.pi-hole.net/t/how-do-i-view-my-pi-holes-stats-over-ssh-or-on-an-lcd-using-chronometer/240) via `ssh` or on an LCD screen such as the [2.8" LCD screen from Adafruit](http://amzn.to/1P0q1Fj). - -Simply run `pihole -c` for some detailed information. - -

- -Image courtesy of /u/super_nicktendo22 -

+The API can be accessed via [`telnet`](https://github.com/pi-hole/FTL), the Web (`admin/api.php`) and Command Line (`pihole -c -j`). [More details are found here](https://discourse.pi-hole.net/t/pi-hole-api/1863). ----- From 0d286b99d5df924e606297d3144cf710c346897d Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Fri, 6 Oct 2017 20:39:01 +1100 Subject: [PATCH 0146/1602] Remove placeholder URL --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 920f97f6..c40a134f 100644 --- a/README.md +++ b/README.md @@ -106,7 +106,7 @@ Word-of-mouth continues to help our project grow immensely, and we'd like to hel ### The Command Line Interface The `pihole` command has all the functionality necessary to be able to fully administer the Pi-hole. -Pi-hole ASCII Logo +Pi-hole ASCII Logo Some of the features include: * [Whitelisting, Blacklisting and Wildcards](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#whitelisting-blacklisting-and-wildcards) From 114f84c948b08693bea934e822c1c4c2956e29b3 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 7 Oct 2017 17:29:47 +0200 Subject: [PATCH 0147/1602] Add --nuke option to list.sh that can be used e.g. by Teleporter to empty out lists before importing new content Signed-off-by: DL6ER --- advanced/Scripts/list.sh | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh index a3f3261a..98d5c399 100755 --- a/advanced/Scripts/list.sh +++ b/advanced/Scripts/list.sh @@ -49,7 +49,8 @@ Options: -nr, --noreload Update ${type}list without refreshing dnsmasq -q, --quiet Make output less verbose -h, --help Show this help dialog - -l, --list Display all your ${type}listed domains" + -l, --list Display all your ${type}listed domains + --nuke Removes all entries in a list" exit 0 } @@ -70,7 +71,7 @@ HandleOther() { validDomain=$(grep -P "^((-|_)*[a-z\d]((-|_)*[a-z\d])*(-|_)*)(\.(-|_)*([a-z\d]((-|_)*[a-z\d])*))*$" <<< "${domain}") # Valid chars check validDomain=$(grep -P "^[^\.]{1,63}(\.[^\.]{1,63})*$" <<< "${validDomain}") # Length of each label fi - + if [[ -n "${validDomain}" ]]; then domList=("${domList[@]}" ${validDomain}) else @@ -223,6 +224,12 @@ Displaylist() { exit 0; } +NukeList() { + if [[ -f "${listMain}" ]]; then + echo "" > "${listMain}" + fi +} + for var in "$@"; do case "${var}" in "-w" | "whitelist" ) listMain="${whitelist}"; listAlt="${blacklist}";; @@ -234,6 +241,7 @@ for var in "$@"; do "-q" | "--quiet" ) verbose=false;; "-h" | "--help" ) helpFunc;; "-l" | "--list" ) Displaylist;; + "--nuke" ) NukeList;; * ) HandleOther "${var}";; esac done From f22b83d379d729cf7c6c21723f2712570d3cbc34 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 7 Oct 2017 17:46:40 +0200 Subject: [PATCH 0148/1602] Create a backup before emptying the list Signed-off-by: DL6ER --- advanced/Scripts/list.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh index 98d5c399..a8c3a604 100755 --- a/advanced/Scripts/list.sh +++ b/advanced/Scripts/list.sh @@ -226,6 +226,9 @@ Displaylist() { NukeList() { if [[ -f "${listMain}" ]]; then + # Back up original list + cp "${listMain}" "${listMain}.bck" + # Empty out file echo "" > "${listMain}" fi } From 70ad656af0eaffb9dce7233e638428aae65be11e Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 7 Oct 2017 22:04:14 +0200 Subject: [PATCH 0149/1602] Save backup as ".bck~" to prevent reading of the file by dnsmasq Signed-off-by: DL6ER --- advanced/Scripts/list.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh index a8c3a604..9ddfe8f3 100755 --- a/advanced/Scripts/list.sh +++ b/advanced/Scripts/list.sh @@ -227,7 +227,7 @@ Displaylist() { NukeList() { if [[ -f "${listMain}" ]]; then # Back up original list - cp "${listMain}" "${listMain}.bck" + cp "${listMain}" "${listMain}.bck~" # Empty out file echo "" > "${listMain}" fi From 67a559490987ed700418693997697f2e8212a667 Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Sat, 7 Oct 2017 16:06:16 -0400 Subject: [PATCH 0150/1602] Allow emails which include `-h` in them For example, mcat12@pi-hole.net would previously spit out the help message --- advanced/Scripts/webpage.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index b0957ab4..c352f236 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -418,7 +418,7 @@ Options: } SetAdminEmail() { - if [[ "${1}" == *"-h"* ]]; then + if [[ "${1}" == "-h" || "${1}" == "--help" ]]; then echo "Usage: pihole -a email
Example: 'pihole -a email admin@address.com' Set an administrative contact address for the Block Page From e7589945a28f1c741a82423b7683b42d1c8b27ca Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Sat, 7 Oct 2017 16:41:30 -0400 Subject: [PATCH 0151/1602] Disable password field if no password is set For someone to actually whitelist a domain without a password, more changes will be needed on the PHP side. --- advanced/index.php | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/advanced/index.php b/advanced/index.php index 911f3cc8..1fa6a53c 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -209,11 +209,17 @@ if (explode("-", $phVersion)[1] != "0") window.onload = function () { 0) echo '$("#bpBack").removeAttr("href");'; - // Enable whitelisting if $svPasswd is present & JS is available - if (!empty($svPasswd) && $featuredTotal > 0) { - echo '$("#bpWLPassword, #bpWhitelist").prop("disabled", false);'; + if ($featuredTotal > 0) { + echo '$("#bpBack").removeAttr("href");'; + + // Enable whitelisting if JS is available + echo '$("#bpWhitelist").prop("disabled", false);'; + + // Enable password input if necessary + if (!empty($svPasswd)) { echo '$("#bpWLPassword").attr("placeholder", "Password");'; + echo '$("#bpWLPassword").prop("disabled", false);'; + } } ?> } From bd330186604ce6053aca8da2a2d8647df057c211 Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Sun, 8 Oct 2017 12:16:05 +1100 Subject: [PATCH 0152/1602] Shellcheck OR validation Signed off by WaLLy3K --- advanced/Scripts/webpage.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index c352f236..d5c4d45e 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -418,7 +418,7 @@ Options: } SetAdminEmail() { - if [[ "${1}" == "-h" || "${1}" == "--help" ]]; then + if [[ "${1}" == "-h" ]] || [[ "${1}" == "--help" ]]; then echo "Usage: pihole -a email
Example: 'pihole -a email admin@address.com' Set an administrative contact address for the Block Page From 2dabacd02487d244259a7ceb3b8fb44551b0bbfe Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Mon, 9 Oct 2017 19:53:22 +1100 Subject: [PATCH 0153/1602] Fix minor typo Signed off by WaLLy3K --- advanced/lighttpd.conf.debian | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/lighttpd.conf.debian b/advanced/lighttpd.conf.debian index 5b317c4f..b5bece72 100644 --- a/advanced/lighttpd.conf.debian +++ b/advanced/lighttpd.conf.debian @@ -11,7 +11,7 @@ # FILE AUTOMATICALLY OVERWRITTEN BY PI-HOLE INSTALL/UPDATE PROCEDURE. # # ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE # # # -# CHANGES SHOULD BE MADE IN A SEPERATE CONFIG FILE: # +# CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE: # # /etc/lighttpd/external.conf # ############################################################################### From 51b09efceb1cb457ddba3d3d9d830c9579071031 Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Mon, 9 Oct 2017 19:53:45 +1100 Subject: [PATCH 0154/1602] Fix minor typo Signed off by WaLLy3K --- advanced/lighttpd.conf.fedora | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/lighttpd.conf.fedora b/advanced/lighttpd.conf.fedora index 7b2449c6..dd7ba138 100644 --- a/advanced/lighttpd.conf.fedora +++ b/advanced/lighttpd.conf.fedora @@ -13,7 +13,7 @@ # FILE AUTOMATICALLY OVERWRITTEN BY PI-HOLE INSTALL/UPDATE PROCEDURE. # # ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE # # # -# CHANGES SHOULD BE MADE IN A SEPERATE CONFIG FILE: # +# CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE: # # /etc/lighttpd/external.conf # ############################################################################### From e4b3bc4209c73c61f7e158b0073548e170bde73a Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Tue, 10 Oct 2017 13:17:33 +1100 Subject: [PATCH 0155/1602] Minor spacing corrections Signed off by WaLLy3K --- advanced/lighttpd.conf.fedora | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/advanced/lighttpd.conf.fedora b/advanced/lighttpd.conf.fedora index dd7ba138..43d94d84 100644 --- a/advanced/lighttpd.conf.fedora +++ b/advanced/lighttpd.conf.fedora @@ -7,8 +7,6 @@ # This file is copyright under the latest version of the EUPL. # Please see LICENSE file for your rights under this license. - - ############################################################################### # FILE AUTOMATICALLY OVERWRITTEN BY PI-HOLE INSTALL/UPDATE PROCEDURE. # # ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE # @@ -74,11 +72,12 @@ fastcgi.server = ( ".php" => # If the URL starts with /admin, it is the Web interface $HTTP["url"] =~ "^/admin/" { - # Create a response header for debugging using curl -I + # Create a response header for debugging using curl -I setenv.add-response-header = ( "X-Pi-hole" => "The Pi-hole Web interface is working!", "X-Frame-Options" => "DENY" ) + $HTTP["url"] =~ ".ttf$" { # Allow Block Page access to local fonts setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" ) From 3b300a4d6ac8c1553b17c9334bea44557f78c944 Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Fri, 13 Oct 2017 11:42:49 +1100 Subject: [PATCH 0156/1602] Fix query option handling Signed off by WaLLy3K --- pihole | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pihole b/pihole index 45f7ea92..8359ba45 100755 --- a/pihole +++ b/pihole @@ -154,7 +154,7 @@ Options: # Strip valid options, leaving only the domain and invalid options # This allows users to place the options before or after the domain - options=$(sed -E 's/ ?-(bp|adlists?|all|exact)//g' <<< "${options}") + options=$(sed -E 's/ ?-(bp|adlists?|all|exact) ?//g' <<< "${options}") # Handle remaining options # If $options contain non ASCII characters, convert to punycode From 1e6cc63abe6241dbb1950067cd4de39cef16deb3 Mon Sep 17 00:00:00 2001 From: bcambl Date: Thu, 12 Oct 2017 20:32:33 -0600 Subject: [PATCH 0157/1602] add SELinux checking to debug script --- advanced/Scripts/piholeDebug.sh | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index ea387b5a..247da3e6 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -422,6 +422,36 @@ diagnose_operating_system() { fi } +check_selinux() { + # SELinux is not supported by the Pi-hole + echo_current_diagnostic "SELinux" + # Check if a SELinux configuration file exists + if [[ -f /etc/selinux/config ]]; then + # If a SELinux configuration file was found, check the default SELinux mode. + DEFAULT_SELINUX=$(egrep -i '^SELINUX=' /etc/selinux/config | cut -d'=' -f2 | awk '{print tolower($0)}') + case $DEFAULT_SELINUX in + enforcing) + log_write "${CROSS} ${COL_LIGHT_RED}Default SELinux: $DEFAULT_SELINUX${COL_NC}" + ;; + *) # 'permissive' and 'disabled' + log_write "${TICK} ${COL_LIGHT_GREEN}Default SELinux: $DEFAULT_SELINUX${COL_NC}"; + ;; + esac + # Check the current state of SELinux + CURRENT_SELINUX=$(getenforce | awk '{print tolower($0)}') + case $CURRENT_SELINUX in + enforcing) + log_write "${CROSS} ${COL_LIGHT_RED}Current SELinux: $CURRENT_SELINUX${COL_NC}" + ;; + *) # 'permissive' and 'disabled' + log_write "${TICK} ${COL_LIGHT_GREEN}Current SELinux: $CURRENT_SELINUX${COL_NC}"; + ;; + esac + else + log_write "${TICK} ${COL_LIGHT_GREEN}SELinux not Supported${COL_NC}"; + fi +} + processor_check() { echo_current_diagnostic "Processor" # Store the processor type in a variable @@ -1119,6 +1149,7 @@ source_setup_variables check_component_versions check_critical_program_versions diagnose_operating_system +check_selinux processor_check check_networking check_name_resolution From a17d1be7a4fce73d6aa7dd2df5b439df43a9db0e Mon Sep 17 00:00:00 2001 From: bcambl Date: Thu, 12 Oct 2017 23:24:02 -0600 Subject: [PATCH 0158/1602] simplify selinux debug variables --- advanced/Scripts/piholeDebug.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 247da3e6..b5a1f2a5 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -428,8 +428,8 @@ check_selinux() { # Check if a SELinux configuration file exists if [[ -f /etc/selinux/config ]]; then # If a SELinux configuration file was found, check the default SELinux mode. - DEFAULT_SELINUX=$(egrep -i '^SELINUX=' /etc/selinux/config | cut -d'=' -f2 | awk '{print tolower($0)}') - case $DEFAULT_SELINUX in + DEFAULT_SELINUX=$(awk -F= '/^SELINUX=/ {print $2}' /etc/selinux/config) + case "${DEFAULT_SELINUX,,}" in enforcing) log_write "${CROSS} ${COL_LIGHT_RED}Default SELinux: $DEFAULT_SELINUX${COL_NC}" ;; @@ -438,8 +438,8 @@ check_selinux() { ;; esac # Check the current state of SELinux - CURRENT_SELINUX=$(getenforce | awk '{print tolower($0)}') - case $CURRENT_SELINUX in + CURRENT_SELINUX=$(getenforce) + case "${CURRENT_SELINUX,,}" in enforcing) log_write "${CROSS} ${COL_LIGHT_RED}Current SELinux: $CURRENT_SELINUX${COL_NC}" ;; From 8aceb8bf539a999e962ba71b2a7c9147fdf0a2bd Mon Sep 17 00:00:00 2001 From: bcambl Date: Thu, 12 Oct 2017 23:29:04 -0600 Subject: [PATCH 0159/1602] replace deprecated colors in debug script - COL_LIGHT_GREEN -> COL_GREEN - COL_LIGHT_RED -> COL_RED - COL_LIGHT_PURPLE -> COL_PURPLE --- advanced/Scripts/piholeDebug.sh | 148 ++++++++++++++++---------------- 1 file changed, 74 insertions(+), 74 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index b5a1f2a5..62fefb17 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -30,12 +30,12 @@ if [[ -f ${PIHOLE_COLTABLE_FILE} ]]; then else COL_NC='\e[0m' # No Color COL_YELLOW='\e[1;33m' - COL_LIGHT_PURPLE='\e[1;35m' + COL_PURPLE='\e[1;35m' COL_CYAN='\e[0;36m' - TICK="[${COL_LIGHT_GREEN}✓${COL_NC}]" - CROSS="[${COL_LIGHT_RED}✗${COL_NC}]" + TICK="[${COL_GREEN}✓${COL_NC}]" + CROSS="[${COL_RED}✗${COL_NC}]" INFO="[i]" - DONE="${COL_LIGHT_GREEN} done!${COL_NC}" + DONE="${COL_GREEN} done!${COL_NC}" OVER="\r\033[K" fi @@ -175,7 +175,7 @@ show_disclaimer(){ source_setup_variables() { # Display the current test that is running - log_write "\n${COL_LIGHT_PURPLE}*** [ INITIALIZING ]${COL_NC} Sourcing setup variables" + log_write "\n${COL_PURPLE}*** [ INITIALIZING ]${COL_NC} Sourcing setup variables" # If the variable file exists, if ls "${PIHOLE_SETUP_VARS_FILE}" 1> /dev/null 2>&1; then log_write "${INFO} Sourcing ${PIHOLE_SETUP_VARS_FILE}..."; @@ -183,7 +183,7 @@ source_setup_variables() { source ${PIHOLE_SETUP_VARS_FILE} else # If it can't, show an error - log_write "${PIHOLE_SETUP_VARS_FILE} ${COL_LIGHT_RED}does not exist or cannot be read.${COL_NC}" + log_write "${PIHOLE_SETUP_VARS_FILE} ${COL_RED}does not exist or cannot be read.${COL_NC}" fi } @@ -219,7 +219,7 @@ initiate_debug() { clear show_disclaimer # Display that the debug process is beginning - log_write "${COL_LIGHT_PURPLE}*** [ INITIALIZING ]${COL_NC}" + log_write "${COL_PURPLE}*** [ INITIALIZING ]${COL_NC}" # Timestamp the start of the log log_write "${INFO} $(date "+%Y-%m-%d:%H:%M:%S") debug log has been initiated." } @@ -230,7 +230,7 @@ initiate_debug() { echo_current_diagnostic() { # Colors are used for visually distinguishing each test in the output # These colors do not show in the GUI, but the formatting will - log_write "\n${COL_LIGHT_PURPLE}*** [ DIAGNOSING ]:${COL_NC} ${1}" + log_write "\n${COL_PURPLE}*** [ DIAGNOSING ]:${COL_NC} ${1}" } compare_local_version_to_git_version() { @@ -255,7 +255,7 @@ compare_local_version_to_git_version() { # move into it cd "${git_dir}" || \ # If not, show an error - log_write "${COL_LIGHT_RED}Could not cd into ${git_dir}$COL_NC" + log_write "${COL_RED}Could not cd into ${git_dir}$COL_NC" if git status &> /dev/null; then # The current version the user is on local remote_version @@ -269,7 +269,7 @@ compare_local_version_to_git_version() { # echo this information out to the user in a nice format # If the current version matches what pihole -v produces, the user is up-to-date if [[ "${remote_version}" == "$(pihole -v | awk '/${search_term}/ {print $6}' | cut -d ')' -f1)" ]]; then - log_write "${TICK} ${pihole_component}: ${COL_LIGHT_GREEN}${remote_version}${COL_NC}" + log_write "${TICK} ${pihole_component}: ${COL_GREEN}${remote_version}${COL_NC}" # If not, else # echo the current version in yellow, signifying it's something to take a look at, but not a critical error @@ -280,7 +280,7 @@ compare_local_version_to_git_version() { # If the repo is on the master branch, they are on the stable codebase if [[ "${remote_branch}" == "master" ]]; then # so the color of the text is green - log_write "${INFO} Branch: ${COL_LIGHT_GREEN}${remote_branch}${COL_NC}" + log_write "${INFO} Branch: ${COL_GREEN}${remote_branch}${COL_NC}" # If it is any other branch, they are in a developement branch else # So show that in yellow, signifying it's something to take a look at, but not a critical error @@ -308,7 +308,7 @@ check_ftl_version() { # Compare the current FTL version to the remote version if [[ "${FTL_VERSION}" == "$(pihole -v | awk '/FTL/ {print $6}' | cut -d ')' -f1)" ]]; then # If they are the same, FTL is up-to-date - log_write "${TICK} ${ftl_name}: ${COL_LIGHT_GREEN}${FTL_VERSION}${COL_NC}" + log_write "${TICK} ${ftl_name}: ${COL_GREEN}${FTL_VERSION}${COL_NC}" else # If not, show it in yellow, signifying there is an update log_write "${TICK} ${ftl_name}: ${COL_YELLOW}${FTL_VERSION}${COL_NC} (${FAQ_UPDATE_PI_HOLE})" @@ -345,7 +345,7 @@ get_program_version() { # If the program does not have a version (the variable is empty) if [[ -z "${program_version}" ]]; then # Display and error - log_write "${CROSS} ${COL_LIGHT_RED}${program_name} version could not be detected.${COL_NC}" + log_write "${CROSS} ${COL_RED}${program_name} version could not be detected.${COL_NC}" else # Otherwise, display the version log_write "${INFO} ${program_version}" @@ -368,13 +368,13 @@ is_os_supported() { # If the variable is one of our supported OSes, case "${the_os}" in # Print it in green - "Raspbian") log_write "${TICK} ${COL_LIGHT_GREEN}${os_to_check}${COL_NC}";; - "Ubuntu") log_write "${TICK} ${COL_LIGHT_GREEN}${os_to_check}${COL_NC}";; - "Fedora") log_write "${TICK} ${COL_LIGHT_GREEN}${os_to_check}${COL_NC}";; - "Debian") log_write "${TICK} ${COL_LIGHT_GREEN}${os_to_check}${COL_NC}";; - "CentOS") log_write "${TICK} ${COL_LIGHT_GREEN}${os_to_check}${COL_NC}";; + "Raspbian") log_write "${TICK} ${COL_GREEN}${os_to_check}${COL_NC}";; + "Ubuntu") log_write "${TICK} ${COL_GREEN}${os_to_check}${COL_NC}";; + "Fedora") log_write "${TICK} ${COL_GREEN}${os_to_check}${COL_NC}";; + "Debian") log_write "${TICK} ${COL_GREEN}${os_to_check}${COL_NC}";; + "CentOS") log_write "${TICK} ${COL_GREEN}${os_to_check}${COL_NC}";; # If not, show it in red and link to our software requirements page - *) log_write "${CROSS} ${COL_LIGHT_RED}${os_to_check}${COL_NC} (${FAQ_HARDWARE_REQUIREMENTS})"; + *) log_write "${CROSS} ${COL_RED}${os_to_check}${COL_NC} (${FAQ_HARDWARE_REQUIREMENTS})"; esac } @@ -418,7 +418,7 @@ diagnose_operating_system() { get_distro_attributes else # If it doesn't exist, it's not a system we currently support and link to FAQ - log_write "${CROSS} ${COL_LIGHT_RED}${error_msg}${COL_NC} (${FAQ_HARDWARE_REQUIREMENTS})" + log_write "${CROSS} ${COL_RED}${error_msg}${COL_NC} (${FAQ_HARDWARE_REQUIREMENTS})" fi } @@ -431,24 +431,24 @@ check_selinux() { DEFAULT_SELINUX=$(awk -F= '/^SELINUX=/ {print $2}' /etc/selinux/config) case "${DEFAULT_SELINUX,,}" in enforcing) - log_write "${CROSS} ${COL_LIGHT_RED}Default SELinux: $DEFAULT_SELINUX${COL_NC}" + log_write "${CROSS} ${COL_RED}Default SELinux: $DEFAULT_SELINUX${COL_NC}" ;; *) # 'permissive' and 'disabled' - log_write "${TICK} ${COL_LIGHT_GREEN}Default SELinux: $DEFAULT_SELINUX${COL_NC}"; + log_write "${TICK} ${COL_GREEN}Default SELinux: $DEFAULT_SELINUX${COL_NC}"; ;; esac # Check the current state of SELinux CURRENT_SELINUX=$(getenforce) case "${CURRENT_SELINUX,,}" in enforcing) - log_write "${CROSS} ${COL_LIGHT_RED}Current SELinux: $CURRENT_SELINUX${COL_NC}" + log_write "${CROSS} ${COL_RED}Current SELinux: $CURRENT_SELINUX${COL_NC}" ;; *) # 'permissive' and 'disabled' - log_write "${TICK} ${COL_LIGHT_GREEN}Current SELinux: $CURRENT_SELINUX${COL_NC}"; + log_write "${TICK} ${COL_GREEN}Current SELinux: $CURRENT_SELINUX${COL_NC}"; ;; esac else - log_write "${TICK} ${COL_LIGHT_GREEN}SELinux not Supported${COL_NC}"; + log_write "${TICK} ${COL_GREEN}SELinux not Supported${COL_NC}"; fi } @@ -460,19 +460,19 @@ processor_check() { if [[ -z "${PROCESSOR}" ]]; then # we couldn't detect it, so show an error PROCESSOR=$(lscpu | awk '/Architecture/ {print $2}') - log_write "${CROSS} ${COL_LIGHT_RED}${PROCESSOR}${COL_NC} has not been tested with FTL, but may still work: (${FAQ_FTL_COMPATIBILITY})" + log_write "${CROSS} ${COL_RED}${PROCESSOR}${COL_NC} has not been tested with FTL, but may still work: (${FAQ_FTL_COMPATIBILITY})" else # Check if the architecture is currently supported for FTL case "${PROCESSOR}" in - "amd64") "${TICK} ${COL_LIGHT_GREEN}${PROCESSOR}${COL_NC}" + "amd64") "${TICK} ${COL_GREEN}${PROCESSOR}${COL_NC}" ;; - "armv6l") "${TICK} ${COL_LIGHT_GREEN}${PROCESSOR}${COL_NC}" + "armv6l") "${TICK} ${COL_GREEN}${PROCESSOR}${COL_NC}" ;; - "armv6") "${TICK} ${COL_LIGHT_GREEN}${PROCESSOR}${COL_NC}" + "armv6") "${TICK} ${COL_GREEN}${PROCESSOR}${COL_NC}" ;; - "armv7l") "${TICK} ${COL_LIGHT_GREEN}${PROCESSOR}${COL_NC}" + "armv7l") "${TICK} ${COL_GREEN}${PROCESSOR}${COL_NC}" ;; - "aarch64") "${TICK} ${COL_LIGHT_GREEN}${PROCESSOR}${COL_NC}" + "aarch64") "${TICK} ${COL_GREEN}${PROCESSOR}${COL_NC}" ;; # Otherwise, show the processor type *) log_write "${INFO} ${PROCESSOR}"; @@ -488,7 +488,7 @@ parse_setup_vars() { parse_file "${PIHOLE_SETUP_VARS_FILE}" else # If not, show an error - log_write "${CROSS} ${COL_LIGHT_RED}Could not read ${PIHOLE_SETUP_VARS_FILE}.${COL_NC}" + log_write "${CROSS} ${COL_RED}Could not read ${PIHOLE_SETUP_VARS_FILE}.${COL_NC}" fi } @@ -504,10 +504,10 @@ does_ip_match_setup_vars() { # Strip off the / (CIDR notation) if [[ "${ip_address%/*}" == "${setup_vars_ip%/*}" ]]; then # if it matches, show it in green - log_write " ${COL_LIGHT_GREEN}${ip_address%/*}${COL_NC} matches the IP found in ${PIHOLE_SETUP_VARS_FILE}" + log_write " ${COL_GREEN}${ip_address%/*}${COL_NC} matches the IP found in ${PIHOLE_SETUP_VARS_FILE}" else # otherwise show it in red with an FAQ URL - log_write " ${COL_LIGHT_RED}${ip_address%/*}${COL_NC} does not match the IP found in ${PIHOLE_SETUP_VARS_FILE} (${FAQ_ULA})" + log_write " ${COL_RED}${ip_address%/*}${COL_NC} does not match the IP found in ${PIHOLE_SETUP_VARS_FILE} (${FAQ_ULA})" fi else @@ -515,10 +515,10 @@ does_ip_match_setup_vars() { # since it exists in the setupVars.conf that way if [[ "${ip_address}" == "${setup_vars_ip}" ]]; then # show in green if it matches - log_write " ${COL_LIGHT_GREEN}${ip_address}${COL_NC} matches the IP found in ${PIHOLE_SETUP_VARS_FILE}" + log_write " ${COL_GREEN}${ip_address}${COL_NC} matches the IP found in ${PIHOLE_SETUP_VARS_FILE}" else # otherwise show it in red - log_write " ${COL_LIGHT_RED}${ip_address}${COL_NC} does not match the IP found in ${PIHOLE_SETUP_VARS_FILE} (${FAQ_ULA})" + log_write " ${COL_RED}${ip_address}${COL_NC} does not match the IP found in ${PIHOLE_SETUP_VARS_FILE} (${FAQ_ULA})" fi fi } @@ -546,7 +546,7 @@ detect_ip_addresses() { log_write "" else # If there are no IPs detected, explain that the protocol is not configured - log_write "${CROSS} ${COL_LIGHT_RED}No IPv${protocol} address(es) found on the ${PIHOLE_INTERFACE}${COL_NC} interace.\n" + log_write "${CROSS} ${COL_RED}No IPv${protocol} address(es) found on the ${PIHOLE_INTERFACE}${COL_NC} interace.\n" return 1 fi # If the protocol is v6 @@ -593,13 +593,13 @@ ping_gateway() { # If pinging the gateway is not successful, if ! ${cmd} -c 3 -W 2 -n ${gateway} -I ${PIHOLE_INTERFACE} >/dev/null; then # let the user know - log_write "${CROSS} ${COL_LIGHT_RED}Gateway did not respond.${COL_NC} ($FAQ_GATEWAY)\n" + log_write "${CROSS} ${COL_RED}Gateway did not respond.${COL_NC} ($FAQ_GATEWAY)\n" # and return an error code return 1 # Otherwise, else # show a success - log_write "${TICK} ${COL_LIGHT_GREEN}Gateway responded.${COL_NC}" + log_write "${TICK} ${COL_GREEN}Gateway responded.${COL_NC}" # and return a success code return 0 fi @@ -614,11 +614,11 @@ ping_internet() { # Try to ping the address 3 times if ! ${cmd} -W 2 -c 3 -n ${public_address} -I ${PIHOLE_INTERFACE} >/dev/null; then # if it's unsuccessful, show an error - log_write "${CROSS} ${COL_LIGHT_RED}Cannot reach the Internet.${COL_NC}\n" + log_write "${CROSS} ${COL_RED}Cannot reach the Internet.${COL_NC}\n" return 1 else # Otherwise, show success - log_write "${TICK} ${COL_LIGHT_GREEN}Query responded.${COL_NC}\n" + log_write "${TICK} ${COL_GREEN}Query responded.${COL_NC}\n" return 0 fi } @@ -631,11 +631,11 @@ compare_port_to_service_assigned() { local ftl="pihole-FTL" if [[ "${service_name}" == "${resolver}" ]] || [[ "${service_name}" == "${web_server}" ]] || [[ "${service_name}" == "${ftl}" ]]; then # if port 53 is dnsmasq, show it in green as it's standard - log_write "[${COL_LIGHT_GREEN}${port_number}${COL_NC}] is in use by ${COL_LIGHT_GREEN}${service_name}${COL_NC}" + log_write "[${COL_GREEN}${port_number}${COL_NC}] is in use by ${COL_GREEN}${service_name}${COL_NC}" # Otherwise, else # Show the service name in red since it's non-standard - log_write "[${COL_LIGHT_RED}${port_number}${COL_NC}] is in use by ${COL_LIGHT_RED}${service_name}${COL_NC} (${FAQ_HARDWARE_REQUIREMENTS_PORTS})" + log_write "[${COL_RED}${port_number}${COL_NC}] is in use by ${COL_RED}${service_name}${COL_NC} (${FAQ_HARDWARE_REQUIREMENTS_PORTS})" fi } @@ -711,21 +711,21 @@ check_x_headers() { # If the X-header found by curl matches what is should be, if [[ $block_page == "$block_page_working" ]]; then # display a success message - log_write "$TICK ${COL_LIGHT_GREEN}${block_page}${COL_NC}" + log_write "$TICK ${COL_GREEN}${block_page}${COL_NC}" else # Otherwise, show an error - log_write "$CROSS ${COL_LIGHT_RED}X-Header does not match or could not be retrieved.${COL_NC}" - log_write "${COL_LIGHT_RED}${full_curl_output_block_page}${COL_NC}" + log_write "$CROSS ${COL_RED}X-Header does not match or could not be retrieved.${COL_NC}" + log_write "${COL_RED}${full_curl_output_block_page}${COL_NC}" fi # Same logic applies to the dashbord as above, if the X-Header matches what a working system shoud have, if [[ $dashboard == "$dashboard_working" ]]; then # then we can show a success - log_write "$TICK ${COL_LIGHT_GREEN}${dashboard}${COL_NC}" + log_write "$TICK ${COL_GREEN}${dashboard}${COL_NC}" else # Othewise, it's a failure since the X-Headers either don't exist or have been modified in some way - log_write "$CROSS ${COL_LIGHT_RED}X-Header does not match or could not be retrieved.${COL_NC}" - log_write "${COL_LIGHT_RED}${full_curl_output_dashboard}${COL_NC}" + log_write "$CROSS ${COL_RED}X-Header does not match or could not be retrieved.${COL_NC}" + log_write "${COL_RED}${full_curl_output_dashboard}${COL_NC}" fi } @@ -770,10 +770,10 @@ dig_at() { # First, do a dig on localhost to see if Pi-hole can use itself to block a domain if local_dig=$(dig +tries=1 +time=2 -"${protocol}" "${random_url}" @${local_address} +short "${record_type}"); then # If it can, show sucess - log_write "${TICK} ${random_url} ${COL_LIGHT_GREEN}is ${local_dig}${COL_NC} via ${COL_CYAN}localhost$COL_NC (${local_address})" + log_write "${TICK} ${random_url} ${COL_GREEN}is ${local_dig}${COL_NC} via ${COL_CYAN}localhost$COL_NC (${local_address})" else # Otherwise, show a failure - log_write "${CROSS} ${COL_LIGHT_RED}Failed to resolve${COL_NC} ${random_url} via ${COL_LIGHT_RED}localhost${COL_NC} (${local_address})" + log_write "${CROSS} ${COL_RED}Failed to resolve${COL_NC} ${random_url} via ${COL_RED}localhost${COL_NC} (${local_address})" fi # Next we need to check if Pi-hole can resolve a domain when the query is sent to it's IP address @@ -784,20 +784,20 @@ dig_at() { # If Pi-hole can dig itself from it's IP (not the loopback address) if pihole_dig=$(dig +tries=1 +time=2 -"${protocol}" "${random_url}" @${pihole_address} +short "${record_type}"); then # show a success - log_write "${TICK} ${random_url} ${COL_LIGHT_GREEN}is ${pihole_dig}${COL_NC} via ${COL_CYAN}Pi-hole${COL_NC} (${pihole_address})" + log_write "${TICK} ${random_url} ${COL_GREEN}is ${pihole_dig}${COL_NC} via ${COL_CYAN}Pi-hole${COL_NC} (${pihole_address})" else # Othewise, show a failure - log_write "${CROSS} ${COL_LIGHT_RED}Failed to resolve${COL_NC} ${random_url} via ${COL_LIGHT_RED}Pi-hole${COL_NC} (${pihole_address})" + log_write "${CROSS} ${COL_RED}Failed to resolve${COL_NC} ${random_url} via ${COL_RED}Pi-hole${COL_NC} (${pihole_address})" fi # Finally, we need to make sure legitimate queries can out to the Internet using an external, public DNS server # We are using the static remote_url here instead of a random one because we know it works with IPv4 and IPv6 if remote_dig=$(dig +tries=1 +time=2 -"${protocol}" "${remote_url}" @${remote_address} +short "${record_type}" | head -n1); then # If successful, the real IP of the domain will be returned instead of Pi-hole's IP - log_write "${TICK} ${remote_url} ${COL_LIGHT_GREEN}is ${remote_dig}${COL_NC} via ${COL_CYAN}a remote, public DNS server${COL_NC} (${remote_address})" + log_write "${TICK} ${remote_url} ${COL_GREEN}is ${remote_dig}${COL_NC} via ${COL_CYAN}a remote, public DNS server${COL_NC} (${remote_address})" else # Otherwise, show an error - log_write "${CROSS} ${COL_LIGHT_RED}Failed to resolve${COL_NC} ${remote_url} via ${COL_LIGHT_RED}a remote, public DNS server${COL_NC} (${remote_address})" + log_write "${CROSS} ${COL_RED}Failed to resolve${COL_NC} ${remote_url} via ${COL_RED}a remote, public DNS server${COL_NC} (${remote_address})" fi } @@ -813,10 +813,10 @@ process_status(){ # and print it out to the user if [[ "${status_of_process}" == "active" ]]; then # If it's active, show it in green - log_write "${TICK} ${COL_LIGHT_GREEN}${i}${COL_NC} daemon is ${COL_LIGHT_GREEN}${status_of_process}${COL_NC}" + log_write "${TICK} ${COL_GREEN}${i}${COL_NC} daemon is ${COL_GREEN}${status_of_process}${COL_NC}" else # If it's not, show it in red - log_write "${CROSS} ${COL_LIGHT_RED}${i}${COL_NC} daemon is ${COL_LIGHT_RED}${status_of_process}${COL_NC}" + log_write "${CROSS} ${COL_RED}${i}${COL_NC} daemon is ${COL_RED}${status_of_process}${COL_NC}" fi done } @@ -915,7 +915,7 @@ dir_check() { : else # Otherwise, show an error - log_write "${COL_LIGHT_RED}${directory} does not exist.${COL_NC}" + log_write "${COL_RED}${directory} does not exist.${COL_NC}" fi done } @@ -944,7 +944,7 @@ list_files_in_dir() { for i in "${!REQUIRED_FILES[@]}"; do if [[ "${dir_to_parse}/${each_file}" == ${REQUIRED_FILES[$i]} ]]; then # display the filename - log_write "\n${COL_LIGHT_GREEN}$(ls -ld ${dir_to_parse}/${each_file})${COL_NC}" + log_write "\n${COL_GREEN}$(ls -ld ${dir_to_parse}/${each_file})${COL_NC}" # Check if the file we want to view has a limit (because sometimes we just need a little bit of info from the file, not the entire thing) case "${dir_to_parse}/${each_file}" in # If it's Web server error log, just give the first 25 lines @@ -993,7 +993,7 @@ analyze_gravity_list() { # Get the lines that are in the file(s) and store them in an array for parsing later IFS=$'\r\n' local gravity_permissions=$(ls -ld "${PIHOLE_BLOCKLIST_FILE}") - log_write "${COL_LIGHT_GREEN}${gravity_permissions}${COL_NC}" + log_write "${COL_GREEN}${gravity_permissions}${COL_NC}" local gravity_head=() gravity_head=( $(head -n 4 ${PIHOLE_BLOCKLIST_FILE}) ) log_write " ${COL_CYAN}-----head of $(basename ${PIHOLE_BLOCKLIST_FILE})------${COL_NC}" @@ -1019,7 +1019,7 @@ analyze_pihole_log() { # Get the lines that are in the file(s) and store them in an array for parsing later IFS=$'\r\n' local pihole_log_permissions=$(ls -ld "${PIHOLE_LOG}") - log_write "${COL_LIGHT_GREEN}${pihole_log_permissions}${COL_NC}" + log_write "${COL_GREEN}${pihole_log_permissions}${COL_NC}" local pihole_log_head=() pihole_log_head=( $(head -n 20 ${PIHOLE_LOG}) ) log_write " ${COL_CYAN}-----head of $(basename ${PIHOLE_LOG})------${COL_NC}" @@ -1038,7 +1038,7 @@ analyze_pihole_log() { # If the variable contains a value, it found an error in the log if [[ -n ${error_to_check_for} ]]; then # So we can print it in red to make it visible to the user - log_write " ${CROSS} ${COL_LIGHT_RED}${head_line}${COL_NC} (${FAQ_BAD_ADDRESS})" + log_write " ${CROSS} ${COL_RED}${head_line}${COL_NC} (${FAQ_BAD_ADDRESS})" else # If the variable does not a value (the current default behavior), so do not obfuscate anything if [[ -z ${OBFUSCATE} ]]; then @@ -1067,7 +1067,7 @@ tricorder_use_nc_or_ssl() { # Check for openssl first since encryption is a good thing if command -v openssl &> /dev/null; then # If the command exists, - log_write " * Using ${COL_LIGHT_GREEN}openssl${COL_NC} for transmission." + log_write " * Using ${COL_GREEN}openssl${COL_NC} for transmission." # encrypt and transmit the log and store the token returned in a variable tricorder_token=$(< ${PIHOLE_DEBUG_LOG_SANITIZED} openssl s_client -quiet -connect tricorder.pi-hole.net:${TRICORDER_SSL_PORT_NUMBER} 2> /dev/null) # Otherwise, @@ -1088,9 +1088,9 @@ upload_to_tricorder() { # Let the user know debugging is complete with something strikingly visual log_write "" - log_write "${COL_LIGHT_PURPLE}********************************************${COL_NC}" - log_write "${COL_LIGHT_PURPLE}********************************************${COL_NC}" - log_write "${TICK} ${COL_LIGHT_GREEN}** FINISHED DEBUGGING! **${COL_NC}\n" + log_write "${COL_PURPLE}********************************************${COL_NC}" + log_write "${COL_PURPLE}********************************************${COL_NC}" + log_write "${TICK} ${COL_GREEN}** FINISHED DEBUGGING! **${COL_NC}\n" # Provide information on what they should do with their token log_write " * The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only." @@ -1112,7 +1112,7 @@ upload_to_tricorder() { # If they say yes, run our function for uploading the log [yY][eE][sS]|[yY]) tricorder_use_nc_or_ssl;; # If they choose no, just exit out of the script - *) log_write " * Log will ${COL_LIGHT_GREEN}NOT${COL_NC} be uploaded to tricorder.";exit; + *) log_write " * Log will ${COL_GREEN}NOT${COL_NC} be uploaded to tricorder.";exit; esac fi # Check if tricorder.pi-hole.net is reachable and provide token @@ -1121,19 +1121,19 @@ upload_to_tricorder() { # Again, try to make this visually striking so the user realizes they need to do something with this information # Namely, provide the Pi-hole devs with the token log_write "" - log_write "${COL_LIGHT_PURPLE}***********************************${COL_NC}" - log_write "${COL_LIGHT_PURPLE}***********************************${COL_NC}" - log_write "${TICK} Your debug token is: ${COL_LIGHT_GREEN}${tricorder_token}${COL_NC}" - log_write "${COL_LIGHT_PURPLE}***********************************${COL_NC}" - log_write "${COL_LIGHT_PURPLE}***********************************${COL_NC}" + log_write "${COL_PURPLE}***********************************${COL_NC}" + log_write "${COL_PURPLE}***********************************${COL_NC}" + log_write "${TICK} Your debug token is: ${COL_GREEN}${tricorder_token}${COL_NC}" + log_write "${COL_PURPLE}***********************************${COL_NC}" + log_write "${COL_PURPLE}***********************************${COL_NC}" log_write "" log_write " * Provide the token above to the Pi-hole team for assistance at" log_write " * ${FORUMS_URL}" - log_write " * Your log will self-destruct on our server after ${COL_LIGHT_RED}48 hours${COL_NC}." + log_write " * Your log will self-destruct on our server after ${COL_RED}48 hours${COL_NC}." # If no token was generated else # Show an error and some help instructions - log_write "${CROSS} ${COL_LIGHT_RED}There was an error uploading your debug log.${COL_NC}" + log_write "${CROSS} ${COL_RED}There was an error uploading your debug log.${COL_NC}" log_write " * Please try again or contact the Pi-hole team for assistance." fi # Finally, show where the log file is no matter the outcome of the function so users can look at it From 7d76db00acf44a71554e8f062936eaae1cffba98 Mon Sep 17 00:00:00 2001 From: bcambl Date: Fri, 13 Oct 2017 08:58:35 -0600 Subject: [PATCH 0160/1602] update 'SELinux not detected' message --- advanced/Scripts/piholeDebug.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 62fefb17..d8b976b8 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -448,7 +448,7 @@ check_selinux() { ;; esac else - log_write "${TICK} ${COL_GREEN}SELinux not Supported${COL_NC}"; + log_write "${INFO} ${COL_GREEN}SELinux not detected${COL_NC}"; fi } From 31730e71974482e513854f62a6f3e0b8201f9b0c Mon Sep 17 00:00:00 2001 From: bcambl Date: Fri, 13 Oct 2017 09:14:19 -0600 Subject: [PATCH 0161/1602] add missing colors to COL_TABLE fallback --- advanced/Scripts/piholeDebug.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index d8b976b8..b6ec38de 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -29,6 +29,8 @@ if [[ -f ${PIHOLE_COLTABLE_FILE} ]]; then source ${PIHOLE_COLTABLE_FILE} else COL_NC='\e[0m' # No Color + COL_RED='\e[1;91m' + COL_GREEN='\e[1;32m' COL_YELLOW='\e[1;33m' COL_PURPLE='\e[1;35m' COL_CYAN='\e[0;36m' From 80c40e605078767845b2663eeb516666aa7e410b Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Mon, 16 Oct 2017 10:12:27 +1100 Subject: [PATCH 0162/1602] Prevent full stop being interpreted as regex Signed off by WaLLy3K --- pihole | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pihole b/pihole index 8359ba45..839ea8cd 100755 --- a/pihole +++ b/pihole @@ -85,7 +85,8 @@ updateGravityFunc() { # Scan an array of files for matching strings scanList(){ - local domain="${1}" lists="${2}" type="${3:-}" + # Escape full stops + local domain="${1//./\\.}" lists="${2}" type="${3:-}" # Prevent grep from printing file path cd "/etc/pihole" || exit 1 From 645d8e0ebd54787e9a24389fcd5a752c208736fe Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Thu, 19 Oct 2017 17:51:20 +1100 Subject: [PATCH 0163/1602] Fix issue where wildcarding didn't restart dnsmasq Signed off by WaLLy3K --- pihole | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pihole b/pihole index 839ea8cd..80cdefe7 100755 --- a/pihole +++ b/pihole @@ -336,7 +336,7 @@ restartDNS() { if [[ "${svcOption}" =~ "reload" ]]; then # Using SIGHUP will NOT re-read any *.conf files svc="killall -s SIGHUP dnsmasq" - elif [[ -z "${svcOption}" ]]; then + else # Get PID of dnsmasq to determine if it needs to start or restart if pidof dnsmasq &> /dev/null; then svcOption="restart" From 8b0785996e52ae19f89262fe542d94c8f8990078 Mon Sep 17 00:00:00 2001 From: bcambl Date: Thu, 19 Oct 2017 22:39:43 -0600 Subject: [PATCH 0164/1602] remove .pullapprove.yml from .gitignore Closes #1535 --- .gitignore | 1 - 1 file changed, 1 deletion(-) diff --git a/.gitignore b/.gitignore index 91014dcd..0e0d4b99 100644 --- a/.gitignore +++ b/.gitignore @@ -3,4 +3,3 @@ *.swp __pycache__ .cache -.pullapprove.yml From 0f868f7649417d6cf5b4fcbe3f640645825a92bf Mon Sep 17 00:00:00 2001 From: bcambl Date: Thu, 19 Oct 2017 22:57:07 -0600 Subject: [PATCH 0165/1602] remove un-used DONE variable (still available via sourced COL_TABLE on line 29) --- advanced/Scripts/piholeDebug.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index b6ec38de..43393ee9 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -37,7 +37,6 @@ else TICK="[${COL_GREEN}✓${COL_NC}]" CROSS="[${COL_RED}✗${COL_NC}]" INFO="[i]" - DONE="${COL_GREEN} done!${COL_NC}" OVER="\r\033[K" fi From 85d159bdd185b60c3edb4fcb3e091258a302663d Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 21 Oct 2017 15:52:53 +0200 Subject: [PATCH 0166/1602] Randomize gravity update time Signed-off-by: DL6ER --- advanced/pihole.cron | 4 ++-- automated install/basic-install.sh | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/advanced/pihole.cron b/advanced/pihole.cron index f1beb08c..bb0d20d8 100644 --- a/advanced/pihole.cron +++ b/advanced/pihole.cron @@ -14,8 +14,8 @@ # is updated or re-installed. Please make any changes to the appropriate crontab # or other cron file snippets. -# Pi-hole: Update the ad sources once a week on Sunday at 01:59 -# Download any updates from the adlists +# Pi-hole: Update the ad sources once a week on Sunday at a random time in the +# early morning. Download any updates from the adlists 59 1 * * 7 root PATH="$PATH:/usr/local/bin/" pihole updateGravity # Pi-hole: Update Pi-hole! Uncomment to enable auto update diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 6eca6868..202b662d 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1356,6 +1356,8 @@ installCron() { echo -ne " ${INFO} ${str}..." # Copy the cron file over from the local repo cp ${PI_HOLE_LOCAL_REPO}/advanced/pihole.cron /etc/cron.d/pihole + # Randomize gravity update time + sed -i "s/59 1/$((RANDOM % 60)) $((RANDOM % 2))/" /etc/cron.d/pihole echo -e "${OVER} ${TICK} ${str}" } From c34c3eb016bcd3a7bae51c462d4e514f4c916ffb Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 21 Oct 2017 15:58:37 +0200 Subject: [PATCH 0167/1602] Shift randomized time interval from 00:00-01:59 to 02:00-03:59 --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 202b662d..62b9cc3a 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1357,7 +1357,7 @@ installCron() { # Copy the cron file over from the local repo cp ${PI_HOLE_LOCAL_REPO}/advanced/pihole.cron /etc/cron.d/pihole # Randomize gravity update time - sed -i "s/59 1/$((RANDOM % 60)) $((RANDOM % 2))/" /etc/cron.d/pihole + sed -i "s/59 1/$((RANDOM % 60)) $((2 + RANDOM % 2))/" /etc/cron.d/pihole echo -e "${OVER} ${TICK} ${str}" } From 2390b803590b99b7babaac0d467404d8c086929e Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Wed, 25 Oct 2017 21:04:43 +1100 Subject: [PATCH 0168/1602] Silence non-numeric domains_being_blocked output * Round $cpu_mhz to 1 decimal place * Remove ".0" from $cpu_freq * Silence non-numeric domains_being_blocked output * Use "Core" and "Web" as appropriate Signed off by WaLLy3K --- advanced/Scripts/chronometer.sh | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/advanced/Scripts/chronometer.sh b/advanced/Scripts/chronometer.sh index a9ccf900..8599e995 100755 --- a/advanced/Scripts/chronometer.sh +++ b/advanced/Scripts/chronometer.sh @@ -302,7 +302,8 @@ get_sys_stats() { # Determine whether to display CPU clock speed as MHz or GHz if [[ -n "$cpu_mhz" ]]; then - [[ "$cpu_mhz" -le "999" ]] && cpu_freq="$cpu_mhz MHz" || cpu_freq="$(calcFunc "$cpu_mhz"/1000) GHz" + [[ "$cpu_mhz" -le "999" ]] && cpu_freq="$cpu_mhz MHz" || cpu_freq="$(printf "%.1f" $(calcFunc "$cpu_mhz"/1000)) GHz" + [[ "${cpu_freq}" == *".0"* ]] && cpu_freq="${cpu_freq/.0/}" fi # Determine colour for temperature @@ -380,7 +381,7 @@ get_ftl_stats() { local top_domain_raw local top_client_raw - domains_being_blocked=$(printf "%.0f\\n" "${domains_being_blocked_raw}") + domains_being_blocked=$(printf "%.0f\\n" "${domains_being_blocked_raw}" 2> /dev/null) dns_queries_today=$(printf "%.0f\\n" "${dns_queries_today_raw}") ads_blocked_today=$(printf "%.0f\\n" "${ads_blocked_today_raw}") ads_percentage_today=$(printf "%'.0f\\n" "${ads_percentage_today_raw}") @@ -403,9 +404,9 @@ get_ftl_stats() { get_strings() { # Expand or contract strings depending on screen size if [[ "$chrono_width" == "large" ]]; then - phc_str=" ${COL_DARK_GRAY}Pi-hole" - lte_str=" ${COL_DARK_GRAY}Admin" - ftl_str=" ${COL_DARK_GRAY}FTL" + phc_str=" ${COL_DARK_GRAY}Core" + lte_str=" ${COL_DARK_GRAY}Web" + ftl_str=" ${COL_DARK_GRAY}FTL" api_str="${COL_LIGHT_RED}API Offline" host_info="$sys_type" @@ -419,7 +420,7 @@ get_strings() { ph_info="Blocking: $domains_being_blocked sites" total_str="Total: " else - phc_str=" ${COL_DARK_GRAY}PH" + phc_str=" ${COL_DARK_GRAY}Core" lte_str=" ${COL_DARK_GRAY}Web" ftl_str=" ${COL_DARK_GRAY}FTL" api_str="${COL_LIGHT_RED}API Down" From b9ae01d819938efc487cc49e865b11544bd5b85f Mon Sep 17 00:00:00 2001 From: DL6ER Date: Wed, 25 Oct 2017 17:46:24 +0200 Subject: [PATCH 0169/1602] Send SIGHUP to pihole-FTL when restarting/reloading dnsmasq Signed-off-by: DL6ER --- pihole | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/pihole b/pihole index 80cdefe7..ef0279c5 100755 --- a/pihole +++ b/pihole @@ -200,7 +200,7 @@ Options: # Scan Wildcards if [[ -e "${wildcardlist}" ]]; then - # Determine all subdomains, domain and TLDs + # Determine all subdomains, domain and TLDs mapfile -t wildcards <<< "$(processWildcards "${domainQuery}")" for match in "${wildcards[@]}"; do @@ -346,6 +346,9 @@ restartDNS() { svc="service dnsmasq ${svcOption}" fi + # Send signal to FTL to have it re-parse the gravity files + killall -s SIGHUP pihole-FTL + # Print output to Terminal, but not to Web Admin str="${svcOption^}ing DNS service" [[ -t 1 ]] && echo -ne " ${INFO} ${str}..." @@ -483,7 +486,7 @@ statusFunc() { # Determine if Pi-hole's addn-hosts configs are commented out addnConfigs=$(grep -i "addn-hosts=/" /etc/dnsmasq.d/01-pihole.conf) - + if [[ "${addnConfigs}" =~ "#" ]]; then # A config is commented out case "${1}" in From 8dba2a88e2f6436e9eff9adb38d04c4bbd594443 Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Wed, 25 Oct 2017 23:07:45 -0400 Subject: [PATCH 0170/1602] Move FTL re-parsing call after dnsmasq restart --- pihole | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pihole b/pihole index ef0279c5..d37083f8 100755 --- a/pihole +++ b/pihole @@ -346,9 +346,6 @@ restartDNS() { svc="service dnsmasq ${svcOption}" fi - # Send signal to FTL to have it re-parse the gravity files - killall -s SIGHUP pihole-FTL - # Print output to Terminal, but not to Web Admin str="${svcOption^}ing DNS service" [[ -t 1 ]] && echo -ne " ${INFO} ${str}..." @@ -362,6 +359,9 @@ restartDNS() { [[ ! -t 1 ]] && local OVER="" echo -e "${OVER} ${CROSS} ${output}" fi + + # Send signal to FTL to have it re-parse the gravity files + killall -s SIGHUP pihole-FTL } piholeEnable() { From 6ca47dc3b360a8566d0c505d0c4cf23ed0017d61 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 28 Oct 2017 13:20:02 +0200 Subject: [PATCH 0171/1602] Add bash / cron based update checker for Pi-hole --- advanced/Scripts/updatecheck.sh | 70 +++++++++++++++++++++++++++++++++ advanced/pihole.cron | 3 ++ pihole | 10 ++++- 3 files changed, 81 insertions(+), 2 deletions(-) create mode 100755 advanced/Scripts/updatecheck.sh diff --git a/advanced/Scripts/updatecheck.sh b/advanced/Scripts/updatecheck.sh new file mode 100755 index 00000000..86f4ba93 --- /dev/null +++ b/advanced/Scripts/updatecheck.sh @@ -0,0 +1,70 @@ +#!/usr/bin/env bash +# Pi-hole: A black hole for Internet advertisements +# (c) 2017 Pi-hole, LLC (https://pi-hole.net) +# Network-wide ad blocking via your own hardware. +# +# Checks for updates via GitHub +# +# This file is copyright under the latest version of the EUPL. +# Please see LICENSE file for your rights under this license. + +# Credit: https://stackoverflow.com/a/46324904 +function json_extract() { + local key=$1 + local json=$2 + + local string_regex='"([^"\]|\\.)*"' + local number_regex='-?(0|[1-9][0-9]*)(\.[0-9]+)?([eE][+-]?[0-9]+)?' + local value_regex="${string_regex}|${number_regex}|true|false|null" + local pair_regex="\"${key}\"[[:space:]]*:[[:space:]]*(${value_regex})" + + if [[ ${json} =~ ${pair_regex} ]]; then + echo $(sed 's/^"\|"$//g' <<< "${BASH_REMATCH[1]}") + else + return 1 + fi +} + +GITHUB_CORE_VERSION="$(json_extract tag_name "$(curl -q 'https://api.github.com/repos/pi-hole/pi-hole/releases/latest' 2> /dev/null)")" +GITHUB_WEB_VERSION="$(json_extract tag_name "$(curl -q 'https://api.github.com/repos/pi-hole/AdminLTE/releases/latest' 2> /dev/null)")" +GITHUB_FTL_VERSION="$(json_extract tag_name "$(curl -q 'https://api.github.com/repos/pi-hole/FTL/releases/latest' 2> /dev/null)")" + +echo "${GITHUB_CORE_VERSION} ${GITHUB_WEB_VERSION} ${GITHUB_FTL_VERSION}" > "/etc/pihole/GitHubVersions" + +function get_local_branch() { + # Return active branch + local directory + directory="${1}" + local output + + cd "${directory}" || return 1 + # Store STDERR as STDOUT variable + output=$( { git rev-parse --abbrev-ref HEAD; } 2>&1 ) + echo "$output" + return +} + +CORE_BRANCH="$(get_local_branch /etc/.pihole)" +WEB_BRANCH="$(get_local_branch /var/www/html/admin)" +FTL_BRANCH="$(pihole-FTL tag)" + +echo "${CORE_BRANCH} ${WEB_BRANCH} ${FTL_BRANCH}" > "/etc/pihole/localbranches" + +function get_local_version() { + # Return active branch + local directory + directory="${1}" + local output + + cd "${directory}" || return 1 + # Store STDERR as STDOUT variable + output=$( { git describe --long --dirty --tags; } 2>&1 ) + echo "$output" + return +} + +CORE_VERSION="$(get_local_version /etc/.pihole)" +WEB_VERSION="$(get_local_version /var/www/html/admin)" +FTL_VERSION="$(pihole-FTL version)" + +echo "${CORE_VERSION} ${WEB_VERSION} ${FTL_VERSION}" > "/etc/pihole/localversions" diff --git a/advanced/pihole.cron b/advanced/pihole.cron index f1beb08c..c873b79d 100644 --- a/advanced/pihole.cron +++ b/advanced/pihole.cron @@ -28,3 +28,6 @@ 00 00 * * * root PATH="$PATH:/usr/local/bin/" pihole flush once quiet @reboot root /usr/sbin/logrotate /etc/pihole/logrotate + +# Pi-hole: Grab remote version and branch every 10 minutes +*/10 * * * * root PATH="$PATH:/usr/local/bin/" pihole updatechecker diff --git a/pihole b/pihole index 80cdefe7..601d8d02 100755 --- a/pihole +++ b/pihole @@ -200,7 +200,7 @@ Options: # Scan Wildcards if [[ -e "${wildcardlist}" ]]; then - # Determine all subdomains, domain and TLDs + # Determine all subdomains, domain and TLDs mapfile -t wildcards <<< "$(processWildcards "${domainQuery}")" for match in "${wildcards[@]}"; do @@ -483,7 +483,7 @@ statusFunc() { # Determine if Pi-hole's addn-hosts configs are commented out addnConfigs=$(grep -i "addn-hosts=/" /etc/dnsmasq.d/01-pihole.conf) - + if [[ "${addnConfigs}" =~ "#" ]]; then # A config is commented out case "${1}" in @@ -579,6 +579,11 @@ tricorderFunc() { fi } +updateCheckFunc() { + "${PI_HOLE_SCRIPT_DIR}"/updatecheck.sh "$@" + exit 0 +} + helpFunc() { echo "Usage: pihole [options] Example: 'pihole -w -h' @@ -650,5 +655,6 @@ case "${1}" in "-t" | "tail" ) tailFunc;; "checkout" ) piholeCheckoutFunc "$@";; "tricorder" ) tricorderFunc;; + "updatechecker" ) updateCheckFunc;; * ) helpFunc;; esac From 709851503fb243d0d62dca6c98e2e7c774d71f73 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 28 Oct 2017 13:27:12 +0200 Subject: [PATCH 0172/1602] Use "pihole-FTL branch" to get FTL's branch Signed-off-by: DL6ER --- advanced/Scripts/updatecheck.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/updatecheck.sh b/advanced/Scripts/updatecheck.sh index 86f4ba93..12c49445 100755 --- a/advanced/Scripts/updatecheck.sh +++ b/advanced/Scripts/updatecheck.sh @@ -46,7 +46,7 @@ function get_local_branch() { CORE_BRANCH="$(get_local_branch /etc/.pihole)" WEB_BRANCH="$(get_local_branch /var/www/html/admin)" -FTL_BRANCH="$(pihole-FTL tag)" +FTL_BRANCH="$(pihole-FTL branch)" echo "${CORE_BRANCH} ${WEB_BRANCH} ${FTL_BRANCH}" > "/etc/pihole/localbranches" From 9be854031fe01dd5ba102878c130950bae4a66d1 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 28 Oct 2017 13:41:24 +0200 Subject: [PATCH 0173/1602] Don't store FTL branch until the next release of FTL which supports returning the branch in an easy way Signed-off-by: DL6ER --- advanced/Scripts/updatecheck.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/advanced/Scripts/updatecheck.sh b/advanced/Scripts/updatecheck.sh index 12c49445..446fc4ac 100755 --- a/advanced/Scripts/updatecheck.sh +++ b/advanced/Scripts/updatecheck.sh @@ -46,7 +46,10 @@ function get_local_branch() { CORE_BRANCH="$(get_local_branch /etc/.pihole)" WEB_BRANCH="$(get_local_branch /var/www/html/admin)" -FTL_BRANCH="$(pihole-FTL branch)" +#FTL_BRANCH="$(pihole-FTL branch)" +# Don't store FTL branch until the next release of FTL which +# supports returning the branch in an easy way +FTL_BRANCH="XXX" echo "${CORE_BRANCH} ${WEB_BRANCH} ${FTL_BRANCH}" > "/etc/pihole/localbranches" From 7362416afb1a24e252757206dd8bc41f3ca167da Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 28 Oct 2017 15:40:48 +0200 Subject: [PATCH 0174/1602] Force an update of the updatechecker after update/install Signed-off-by: DL6ER --- automated install/basic-install.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 6eca6868..8ebd48b2 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -2077,6 +2077,9 @@ main() { # Download and compile the aggregated block list runGravity + # Force an update of the updatechecker + . /opt/pihole/updatecheck.sh + # if [[ "${useUpdateVars}" == false ]]; then displayFinalMessage "${pw}" From 0db76aada0847655b9965b03ee093edbc205e2d4 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 28 Oct 2017 15:44:17 +0200 Subject: [PATCH 0175/1602] Silence errors when directory to be checked does not exist (system may have been installed without a web interface!) Signed-off-by: DL6ER --- advanced/Scripts/updatecheck.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/advanced/Scripts/updatecheck.sh b/advanced/Scripts/updatecheck.sh index 446fc4ac..26b7d4b0 100755 --- a/advanced/Scripts/updatecheck.sh +++ b/advanced/Scripts/updatecheck.sh @@ -37,7 +37,7 @@ function get_local_branch() { directory="${1}" local output - cd "${directory}" || return 1 + cd "${directory}" 2> /dev/null || return 1 # Store STDERR as STDOUT variable output=$( { git rev-parse --abbrev-ref HEAD; } 2>&1 ) echo "$output" @@ -59,7 +59,7 @@ function get_local_version() { directory="${1}" local output - cd "${directory}" || return 1 + cd "${directory}" 2> /dev/null || return 1 # Store STDERR as STDOUT variable output=$( { git describe --long --dirty --tags; } 2>&1 ) echo "$output" From 06764d0f367cb3af61089a243ed3c56e1fd06e31 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sun, 29 Oct 2017 15:37:39 +0100 Subject: [PATCH 0176/1602] Randomize gravity update time between 03:01 - 04:58 (excluding 04:00) Signed-off-by: DL6ER --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 62b9cc3a..647661f8 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1357,7 +1357,7 @@ installCron() { # Copy the cron file over from the local repo cp ${PI_HOLE_LOCAL_REPO}/advanced/pihole.cron /etc/cron.d/pihole # Randomize gravity update time - sed -i "s/59 1/$((RANDOM % 60)) $((2 + RANDOM % 2))/" /etc/cron.d/pihole + sed -i "s/59 1/$((1 + RANDOM % 58)) $((3 + RANDOM % 2))/" /etc/cron.d/pihole echo -e "${OVER} ${TICK} ${str}" } From 009fa2f1b7f44ce983eece60a19ec1c109dcdcfe Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Wed, 1 Nov 2017 21:30:14 -0400 Subject: [PATCH 0177/1602] Hide password textbox if there is no password --- advanced/index.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/advanced/index.php b/advanced/index.php index 1fa6a53c..923aa7ce 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -218,6 +218,7 @@ if (explode("-", $phVersion)[1] != "0") // Enable password input if necessary if (!empty($svPasswd)) { echo '$("#bpWLPassword").attr("placeholder", "Password");'; + echo '$("#bpWLPassword").css("display", "inline-block");'; echo '$("#bpWLPassword").prop("disabled", false);'; } } @@ -273,7 +274,7 @@ if (explode("-", $phVersion)[1] != "0")
- +
From 209a2ab3ecd0b0ed6433d5f6973364c53c18658c Mon Sep 17 00:00:00 2001 From: Mausy5043 Date: Sun, 5 Nov 2017 10:05:25 +0100 Subject: [PATCH 0178/1602] grammar corrected (double negative) --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 647661f8..176c68ec 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -218,7 +218,7 @@ elif command -v rpm &> /dev/null; then LIGHTTPD_CFG="lighttpd.conf.fedora" DNSMASQ_USER="nobody" -# If neither apt-get or rmp/dnf are not found +# If neither apt-get or rmp/dnf are found else # it's not an OS we can support, echo -e " ${CROSS} OS distribution not supported" From d158a7d51ea7a47cd99e7bb74d6bfa5d9ed30c7f Mon Sep 17 00:00:00 2001 From: Mausy5043 Date: Sun, 5 Nov 2017 10:16:56 +0100 Subject: [PATCH 0179/1602] spelling corrected --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 176c68ec..bb96308c 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1677,7 +1677,7 @@ update_dialogs() { echo -e " ${INFO} ${opt1a} option selected" useUpdateVars=true ;; - # recongigure, + # reconfigure, ${opt2a}) echo -e " ${INFO} ${opt2a} option selected" useUpdateVars=false From 63312ac4b8b4275692202a126432da893b7a1bb5 Mon Sep 17 00:00:00 2001 From: Mausy5043 Date: Sun, 5 Nov 2017 10:18:39 +0100 Subject: [PATCH 0180/1602] removed duplicate word --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index bb96308c..5ae27a9c 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1670,7 +1670,7 @@ update_dialogs() { "${opt2a}" "${opt2b}" 3>&2 2>&1 1>&3) || \ { echo -e " ${COL_LIGHT_RED}Cancel was selected, exiting installer${COL_NC}"; exit 1; } - # Set the variable based on if the user user chooses + # Set the variable based on if the user chooses case ${UpdateCmd} in # repair, or ${opt1a}) From ec4e4d3b726f4af2ca28f8c8c781e741a8d11943 Mon Sep 17 00:00:00 2001 From: Mausy5043 Date: Sun, 5 Nov 2017 11:02:04 +0100 Subject: [PATCH 0181/1602] fix indentation --- automated install/basic-install.sh | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 5ae27a9c..df200e2c 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1262,14 +1262,14 @@ install_dependent_packages() { installArray+=("${i}") fi done + # + if [[ "${#installArray[@]}" -gt 0 ]]; then # - if [[ "${#installArray[@]}" -gt 0 ]]; then - # - "${PKG_INSTALL[@]}" "${installArray[@]}" &> /dev/null - return - fi - echo "" - return 0 + "${PKG_INSTALL[@]}" "${installArray[@]}" &> /dev/null + return + fi + echo "" + return 0 } # Create logfiles if necessary From 35dc4800e07135af1894ff817b8e51d2cf302932 Mon Sep 17 00:00:00 2001 From: mettacrawler Date: Sun, 5 Nov 2017 15:28:44 -0500 Subject: [PATCH 0182/1602] basic-install.sh - no CIDR in ifcfg-* Do not expect CIDR format IP addresses in /etc/sysconfig/network-scripts/ifcfg-* files as it is not a requirement. Expect only: IPADDR=10.10.10.10 Do not expect: IPADDR=10.10.10.10/24 --- automated install/basic-install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 647661f8..e7c3f189 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -684,13 +684,13 @@ setStaticIPv4() { elif [[ -f "/etc/sysconfig/network-scripts/ifcfg-${PIHOLE_INTERFACE}" ]];then # If it exists, IFCFG_FILE=/etc/sysconfig/network-scripts/ifcfg-${PIHOLE_INTERFACE} + IPADDR=$(echo "${IPV4_ADDRESS}" | cut -f1 -d/) # check if the desired IP is already set - if grep -q "${IPV4_ADDRESS}" "${IFCFG_FILE}"; then + if grep -q "${IPADDR}" "${IFCFG_FILE}"; then echo -e " ${INFO} Static IP already configured" # Otherwise, else # Put the IP in variables without the CIDR notation - IPADDR=$(echo "${IPV4_ADDRESS}" | cut -f1 -d/) CIDR=$(echo "${IPV4_ADDRESS}" | cut -f2 -d/) # Backup existing interface configuration: cp "${IFCFG_FILE}" "${IFCFG_FILE}".pihole.orig From 90efa3b6101066b898082504661be373eab051c8 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Wed, 8 Nov 2017 19:11:41 +0100 Subject: [PATCH 0183/1602] Simplify git subroutines Signed-off-by: DL6ER --- advanced/Scripts/updatecheck.sh | 22 ++++------------------ 1 file changed, 4 insertions(+), 18 deletions(-) diff --git a/advanced/Scripts/updatecheck.sh b/advanced/Scripts/updatecheck.sh index 26b7d4b0..9b79c4cb 100755 --- a/advanced/Scripts/updatecheck.sh +++ b/advanced/Scripts/updatecheck.sh @@ -33,15 +33,8 @@ echo "${GITHUB_CORE_VERSION} ${GITHUB_WEB_VERSION} ${GITHUB_FTL_VERSION}" > "/et function get_local_branch() { # Return active branch - local directory - directory="${1}" - local output - - cd "${directory}" 2> /dev/null || return 1 - # Store STDERR as STDOUT variable - output=$( { git rev-parse --abbrev-ref HEAD; } 2>&1 ) - echo "$output" - return + cd "${1}" 2> /dev/null || return 1 + git rev-parse --abbrev-ref HEAD || return 1 } CORE_BRANCH="$(get_local_branch /etc/.pihole)" @@ -55,15 +48,8 @@ echo "${CORE_BRANCH} ${WEB_BRANCH} ${FTL_BRANCH}" > "/etc/pihole/localbranches" function get_local_version() { # Return active branch - local directory - directory="${1}" - local output - - cd "${directory}" 2> /dev/null || return 1 - # Store STDERR as STDOUT variable - output=$( { git describe --long --dirty --tags; } 2>&1 ) - echo "$output" - return + cd "${1}" 2> /dev/null || return 1 + git describe --long --dirty --tags || return 1 } CORE_VERSION="$(get_local_version /etc/.pihole)" From 8a40c91d1a49f99ac70593921408214f60643952 Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Wed, 8 Nov 2017 20:03:18 -0600 Subject: [PATCH 0184/1602] made above the fold focus on the logo and Pi-holes features. fixed typos. wordsmithed Signed-off-by: Jacob Salmela --- README.md | 31 +++++++++++++++---------------- 1 file changed, 15 insertions(+), 16 deletions(-) diff --git a/README.md b/README.md index c40a134f..3feef11d 100644 --- a/README.md +++ b/README.md @@ -3,11 +3,6 @@ Network-wide ad blocking via your own Linux hardware

-# Core: Command Line Interface - - - -## Summary The Pi-hole blocks ads via a [DNS sinkhole](https://en.wikipedia.org/wiki/DNS_Sinkhole), so all your devices are protected without the need to install client-side software. - **Easy-to-install**: our versatile installer walks you through the process, and [takes less than ten minutes](https://www.youtube.com/watch?v=vKWjx1AQYgs) @@ -22,6 +17,9 @@ The Pi-hole blocks ads via a [DNS sinkhole](https://en.wikipedia.org/wiki/DNS_Si - **Free**: open source software which helps ensure _you_ are the sole person in control of your privacy ----- + + + ## One-Step Automated Install 1. Install a [supported operating system](https://discourse.pi-hole.net/t/hardware-software-requirements/273/1) @@ -30,7 +28,7 @@ The Pi-hole blocks ads via a [DNS sinkhole](https://en.wikipedia.org/wiki/DNS_Si #### `curl -sSL https://install.pi-hole.net | bash` ## Alternative Install Methods -[Piping to `bash` can be dangerous](https://pi-hole.net/2016/07/25/curling-and-piping-to-bash/), so we understand the importance of giving people the option to review our code! Our installer is [found here](https://github.com/pi-hole/pi-hole/blob/master/automated%20install/basic-install.sh), if you wish to read it before running. +[Piping to `bash` _can_ be dangerous](https://pi-hole.net/2016/07/25/curling-and-piping-to-bash/), so we understand the importance of giving people the option to review our code! Our installer is [found here](https://github.com/pi-hole/pi-hole/blob/master/automated%20install/basic-install.sh), if you wish to read it before running. You can install Pi-hole via one of the two alternative methods: @@ -58,15 +56,15 @@ As a last resort, you can always manually set each device to use Pi-hole as thei ----- ## Pi-hole is free, but powered by your support -There are many reoccuring costs involved with maintaining free, open source and privacy respecting software; expenses which [our volunteers](https://github.com/orgs/pi-hole/people) pitch in to cover out-of-pocket. This is just one example of how strongly we feel about our software, as well as the importance of keeping it maintained. +There are many reoccurring costs involved with maintaining free, open source, and privacy-respecting software; expenses which [our volunteers](https://github.com/orgs/pi-hole/people) pitch in to cover out-of-pocket. This is just one example of how strongly we feel about our software, as well as the importance of keeping it maintained. Make no mistake: **your support is absolutely vital to help keep us innovating!** ### Donations -Sending a donation using our links below is **extremely helpful** in offset a portion of our monthly costs: +Sending a donation using our links below is **extremely helpful** in offsetting a portion of our monthly expenses: - ![Paypal](https://assets.pi-hole.net/static/paypal.png) [Donate via PayPal](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=3J2L3Z4DHW9UY) -- ![Bitcoin](https://assets.pi-hole.net/static/Bitcoin.png) Bitcoin Address: 1GKnevUnVaQM2pQieMyeHkpr8DXfkpfAtL +- ![Bitcoin](https://assets.pi-hole.net/static/Bitcoin.png) 1GKnevUnVaQM2pQieMyeHkpr8DXfkpfAtL ### Alternative support If you'd rather not donate (_which is okay!_), there are other ways you can help support us: @@ -78,7 +76,7 @@ If you'd rather not donate (_which is okay!_), there are other ways you can help - Spreading the word about our software, and how you have benefited from it ### Contributing via GitHub -We welcome everyone to contribute to issue reports, suggest new features and create pull requests. +We welcome _everyone_ to contribute to issue reports, suggest new features, and create pull requests. If you have something to add - anything from a typo through to a whole new feature, we're happy to check it out! Just make sure to fill out our template when submitting your request; the questions that it asks will help the volunteers quickly understand what you're aiming to achieve. @@ -102,7 +100,7 @@ Word-of-mouth continues to help our project grow immensely, and we'd like to hel ----- -## Features +## Breakdown Of Features ### The Command Line Interface The `pihole` command has all the functionality necessary to be able to fully administer the Pi-hole. @@ -112,7 +110,7 @@ Some of the features include: * [Whitelisting, Blacklisting and Wildcards](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#whitelisting-blacklisting-and-wildcards) * [Debugging utility](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#debugger) * [Viewing the live log file](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#tail) -* [Real-time Statistics via `ssh`](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#chronometer) or [your TFT LCD screen](http://www.amazon.com/exec/obidos/ASIN/B00ID39LM4/pihole09-20) +* [Real-time Statistics via `ssh`](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#chronometer) or [your TFT LCD screen](https://www.amazon.com/gp/product/B01HN0LL2A/ref=as_li_qf_sp_asin_il_tl?ie=UTF8&tag=pihole09-20&camp=1789&creative=9325&linkCode=as2&creativeASIN=B01HN0LL2A&linkId=fb33e9efb10c1daba0dd1dd9fea72b1a) * [Updating Ad Lists](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#gravity) * [Querying Ad Lists for matching domains](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#query) * [Enabling and Disabling Pi-hole](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#enable--disable) @@ -132,9 +130,9 @@ There are several ways to [access the dashboard](https://discourse.pi-hole.net/t 3. `http://pi.hole/` (when using Pi-hole as your DNS server) ## The Faster-Than-Light Engine -The [FTL Engine](https://github.com/pi-hole/FTL) is a lightweight purpose-built daemon used to provide statistics needed for the Web Interface, and its API can be easily intergrated into your own projects. As the name implies, FTL does this all *very quickly*! +The [FTL Engine](https://github.com/pi-hole/FTL) is a lightweight, purpose-built daemon used to provide statistics needed for the Web Interface, and its API can be easily integrated into your own projects. As the name implies, FTL does this all *very quickly*! -Some of the statistics you can intergrate include: +Some of the statistics you can integrate include: * Total number of domains being blocked * Total number of DNS queries today * Total number of ads blocked today @@ -148,8 +146,8 @@ The API can be accessed via [`telnet`](https://github.com/pi-hole/FTL), the Web ----- -## Technical Details -To summarize into a short sentence, the Pi-hole is an **advertising-aware DNS/Web server**. While quite outdated at this point, [this original blog post about Pi-hole](https://jacobsalmela.com/2015/06/16/block-millions-ads-network-wide-with-a-raspberry-pi-hole-2-0/) goes into **great detail** about how it was setup and how it works. Syntactically, it's no longer accurate, but the same basic principles and logic still apply to Pi-hole's current state. +## The Origin Of Pi-hole +While quite outdated at this point, [this original blog post about Pi-hole](https://jacobsalmela.com/2015/06/16/block-millions-ads-network-wide-with-a-raspberry-pi-hole-2-0/) goes into **great detail** about how Pi-hole was originally setup and how it works. Syntactically, it's no longer accurate, but the same basic principles and logic still apply to Pi-hole's current state. ----- @@ -189,3 +187,4 @@ To summarize into a short sentence, the Pi-hole is an **advertising-aware DNS/We - [Adafruit: Raspberry Pi Quick Look at Pi Hole ad blocking server with Tony D](https://www.youtube.com/watch?v=eg4u2j1HYlI) - [Devacron: OrangePi Zero as an Ad-Block server with Pi-Hole](http://www.devacron.com/orangepi-zero-as-an-ad-block-server-with-pi-hole/) - [CryptoAUSTRALIA Blog: How We Tried 5 Privacy Focused Raspberry Pi Projects](https://blog.cryptoaustralia.org.au/2017/10/05/5-privacy-focused-raspberry-pi-projects/) +- [CryptoAUSTRALIA Pi-hole Workshop](https://blog.cryptoaustralia.org.au/2017/11/02/pi-hole-network-wide-ad-blocker/) From 2c8dcd86e570df2c1b1372b330b095d749f804d9 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Thu, 9 Nov 2017 20:47:15 +0000 Subject: [PATCH 0185/1602] remove package_check to avoid situations like #1760 Signed-off-by: Adam Warner --- automated install/uninstall.sh | 14 +------------- 1 file changed, 1 insertion(+), 13 deletions(-) diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh index 2f4f4f9f..5628702f 100755 --- a/automated install/uninstall.sh +++ b/automated install/uninstall.sh @@ -62,19 +62,12 @@ if [ -x "$(command -v rpm)" ]; then package_check() { rpm -qa | grep ^$1- > /dev/null } - package_cleanup() { - ${SUDO} ${PKG_MANAGER} -y autoremove - } elif [ -x "$(command -v apt-get)" ]; then # Debian Family PKG_REMOVE="${PKG_MANAGER} -y remove --purge" package_check() { dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed" } - package_cleanup() { - ${SUDO} ${PKG_MANAGER} -y autoremove - ${SUDO} ${PKG_MANAGER} -y autoclean - } else echo -e " ${CROSS} OS distribution not supported" exit 1 @@ -103,14 +96,9 @@ removeAndPurge() { done # Remove dnsmasq config files - ${SUDO} rm -f /etc/dnsmasq.conf /etc/dnsmasq.conf.orig /etc/dnsmasq.d/01-pihole.conf &> /dev/null + ${SUDO} rm -f /etc/dnsmasq.conf /etc/dnsmasq.conf.orig /etc/dnsmasq.d/*-pihole*.conf &> /dev/null echo -e " ${TICK} Removing dnsmasq config files" - # Take care of any additional package cleaning - echo -ne " ${INFO} Removing & cleaning remaining dependencies..." - package_cleanup &> /dev/null - echo -e "${OVER} ${TICK} Removed & cleaned up remaining dependencies" - # Call removeNoPurge to remove Pi-hole specific files removeNoPurge } From f36ac48de0098783eac39067f95e8adcc307cfce Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Wed, 15 Nov 2017 13:15:59 +1100 Subject: [PATCH 0186/1602] Use GH Pages images & update wording Signed off by WaLLy3K --- README.md | 118 +++++++++++++++++++++++++++++++++--------------------- 1 file changed, 72 insertions(+), 46 deletions(-) diff --git a/README.md b/README.md index 3feef11d..99579fa0 100644 --- a/README.md +++ b/README.md @@ -1,45 +1,42 @@

-
-Network-wide ad blocking via your own Linux hardware +Pi-hole
+Network-wide ad blocking via your own Linux hardware

-The Pi-hole blocks ads via a [DNS sinkhole](https://en.wikipedia.org/wiki/DNS_Sinkhole), so all your devices are protected without the need to install client-side software. +The Pi-hole is a [DNS sinkhole](https://en.wikipedia.org/wiki/DNS_Sinkhole) that protects your devices from unwanted content, without installing any client-side software. - **Easy-to-install**: our versatile installer walks you through the process, and [takes less than ten minutes](https://www.youtube.com/watch?v=vKWjx1AQYgs) -- **Resolute**: ads are blocked in _non-browser locations_ such as ad-laden mobile apps and smart TVs -- **Fast**: speeds up the feel of everyday browsing by caching DNS queries, saving bandwidth -- **Lightweight**: runs smoothly and requires [minimal resources](https://discourse.pi-hole.net/t/hardware-software-requirements/273) -- **Robust**: a command line interface for those preferring CLI, and/or wanting to automate tasks -- **Informative**: a beautiful and secure Web Interface dashboard to control your Pi-hole -- **Versatile**: can optionally function as a DHCP server, ensuring your devices will not need configuring individually -- **Scalable**: [capable of handling hundreds of millions of queries](https://pi-hole.net/2017/05/24/how-much-traffic-can-pi-hole-handle/) when installed on powerful hardware +- **Resolute**: content is blocked in _non-browser locations_, such as ad-laden mobile apps and smart TVs +- **Responsive**: seamlessly speeds up the feel of everyday browsing by caching DNS queries +- **Lightweight**: runs smoothly with [minimal hardware and software requirements](https://discourse.pi-hole.net/t/hardware-software-requirements/273) +- **Robust**: a command line interface that is quality assured for interoperability +- **Insightful**: a beautiful responsive Web Interface dashboard to view and control your Pi-hole +- **Versatile**: can optionally function as a [DHCP server](https://discourse.pi-hole.net/t/how-do-i-use-pi-holes-built-in-dhcp-server-and-why-would-i-want-to/3026), ensuring *all* your devices are protected automatically +- **Scalable**: [capable of handling hundreds of millions of queries](https://pi-hole.net/2017/05/24/how-much-traffic-can-pi-hole-handle/) when installed on server-grade hardware - **Modern**: blocks ads over both IPv4 and IPv6 - **Free**: open source software which helps ensure _you_ are the sole person in control of your privacy ----- - - - +Codacy Grade +Travis Build Status +BountySource ## One-Step Automated Install -1. Install a [supported operating system](https://discourse.pi-hole.net/t/hardware-software-requirements/273/1) -2. Run the following command +Those who want to get started quickly and conveniently, may install Pi-hole using the following command: #### `curl -sSL https://install.pi-hole.net | bash` ## Alternative Install Methods -[Piping to `bash` _can_ be dangerous](https://pi-hole.net/2016/07/25/curling-and-piping-to-bash/), so we understand the importance of giving people the option to review our code! Our installer is [found here](https://github.com/pi-hole/pi-hole/blob/master/automated%20install/basic-install.sh), if you wish to read it before running. +[Piping to `bash` is controversial](https://pi-hole.net/2016/07/25/curling-and-piping-to-bash), as it prevents you from [reading code that is about to run](https://github.com/pi-hole/pi-hole/blob/master/automated%20install/basic-install.sh) on your system. Therefore, we provide these alternative installation methods which allow code review before installation: -You can install Pi-hole via one of the two alternative methods: - -### Clone our repository and run the automated installer from your device +### Method 1: Clone our repository and run ``` git clone --depth 1 https://github.com/pi-hole/pi-hole.git Pi-hole cd "Pi-hole/automated install/" bash basic-install.sh ``` -### Manually download and execute the install file +### Method 2: Manually download the installer and run ``` wget -O basic-install.sh https://install.pi-hole.net bash basic-install.sh @@ -47,7 +44,7 @@ bash basic-install.sh ## Post-install: Make your network take advantage of Pi-hole -Once the installer has been run, you will need to [configure your router to have **DHCP clients use the Pi-hole as their DNS server**](https://discourse.pi-hole.net/t/how-do-i-configure-my-devices-to-use-pi-hole-as-their-dns-server/245) so that any device that connects to your network will have ads blocked without any further intervention. +Once the installer has been run, you will need to [configure your router to have **DHCP clients use Pi-hole as their DNS server**](https://discourse.pi-hole.net/t/how-do-i-configure-my-devices-to-use-pi-hole-as-their-dns-server/245) which ensures that all devices connecting to your network will have content blocked without any further intervention. If your router does not support setting the DNS server, you can [use Pi-hole's built in DHCP server](https://discourse.pi-hole.net/t/how-do-i-use-pi-holes-built-in-dhcp-server-and-why-would-i-want-to/3026); just be sure to disable DHCP on your router first (if it has that feature available). @@ -56,15 +53,15 @@ As a last resort, you can always manually set each device to use Pi-hole as thei ----- ## Pi-hole is free, but powered by your support -There are many reoccurring costs involved with maintaining free, open source, and privacy-respecting software; expenses which [our volunteers](https://github.com/orgs/pi-hole/people) pitch in to cover out-of-pocket. This is just one example of how strongly we feel about our software, as well as the importance of keeping it maintained. +There are many reoccurring costs involved with maintaining free, open source, and privacy respecting software; expenses which [our volunteer developers](https://github.com/orgs/pi-hole/people) pitch in to cover out-of-pocket. This is just one example of how strongly we feel about our software, as well as the importance of keeping it maintained. Make no mistake: **your support is absolutely vital to help keep us innovating!** ### Donations Sending a donation using our links below is **extremely helpful** in offsetting a portion of our monthly expenses: -- ![Paypal](https://assets.pi-hole.net/static/paypal.png) [Donate via PayPal](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=3J2L3Z4DHW9UY) -- ![Bitcoin](https://assets.pi-hole.net/static/Bitcoin.png) 1GKnevUnVaQM2pQieMyeHkpr8DXfkpfAtL + PP Donate via PayPal
BTC Bitcoin Address: 1GKnevUnVaQM2pQieMyeHkpr8DXfkpfAtL ### Alternative support If you'd rather not donate (_which is okay!_), there are other ways you can help support us: @@ -83,36 +80,44 @@ If you have something to add - anything from a typo through to a whole new featu You'll find that the [install script](https://github.com/pi-hole/pi-hole/blob/master/automated%20install/basic-install.sh) and the [debug script](https://github.com/pi-hole/pi-hole/blob/master/advanced/Scripts/piholeDebug.sh) have an abundance of comments, which will help you better understand how Pi-hole works. They're also a valuable resource to those who want to learn how to write scripts or code a program! We encourage anyone who likes to tinker to read through it, and submit a pull request for us to review. ### Presentations about Pi-hole -Word-of-mouth continues to help our project grow immensely, and we'd like to help those who are going to be presenting Pi-hole at a conference, meetup or even a school project. If you'd like some free swag to hand out to your audience, [get in touch with us](https://pi-hole.net/2017/05/17/giving-a-presentation-on-pi-hole-contact-us-first-for-some-goodies-and-support/). +Word-of-mouth continues to help our project grow immensely, and so we are helping make this easier for people. + +If you are going to be presenting Pi-hole at a conference, meetup or even a school project, [get in touch with us](https://pi-hole.net/2017/05/17/giving-a-presentation-on-pi-hole-contact-us-first-for-some-goodies-and-support/) so we can hook you up with free swag to hand out to your audience! ----- ## Getting in touch with us -- [Users Forum](https://discourse.pi-hole.net/) -- [Feature requests](https://discourse.pi-hole.net/c/feature-requests?order=votes) -- [FAQs](https://discourse.pi-hole.net/c/faqs) -- [Wiki](https://github.com/pi-hole/pi-hole/wiki) -- [/r/pihole on Reddit](https://www.reddit.com/r/pihole/) -- [@The_Pi_Hole on Twitter](https://twitter.com/The_Pi_Hole) -- [Pi-hole on YouTube](https://www.youtube.com/channel/UCT5kq9w0wSjogzJb81C9U0w) -- [ThePiHole on Facebook](https://www.facebook.com/ThePiHole/) -- [Chat on Gitter](https://gitter.im/pi-hole/pi-hole) +While we are primarily reachable on our Discourse User Forum, we can also be found on a variety of social media outlets. **Please be sure to check the FAQ's** before starting a new discussion, as we do not have the spare time to reply to every request for assistance. + + + ----- -## Breakdown Of Features +## Breakdown of Features ### The Command Line Interface -The `pihole` command has all the functionality necessary to be able to fully administer the Pi-hole. +The `pihole` command has all the functionality necessary to be able to fully administer the Pi-hole, without the need of the Web Interface. It's fast, user-friendly, and auditable by anyone with understanding of `bash`. -Pi-hole ASCII Logo +Pi-hole Blacklist Demo -Some of the features include: +Some notable features include: * [Whitelisting, Blacklisting and Wildcards](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#whitelisting-blacklisting-and-wildcards) * [Debugging utility](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#debugger) * [Viewing the live log file](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#tail) -* [Real-time Statistics via `ssh`](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#chronometer) or [your TFT LCD screen](https://www.amazon.com/gp/product/B01HN0LL2A/ref=as_li_qf_sp_asin_il_tl?ie=UTF8&tag=pihole09-20&camp=1789&creative=9325&linkCode=as2&creativeASIN=B01HN0LL2A&linkId=fb33e9efb10c1daba0dd1dd9fea72b1a) +* [Real-time Statistics via `ssh`](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#chronometer) or [your TFT LCD screen](http://www.amazon.com/exec/obidos/ASIN/B00ID39LM4/pihole09-20) * [Updating Ad Lists](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#gravity) -* [Querying Ad Lists for matching domains](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#query) +* [Querying Ad Lists for blocked domains](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#query) * [Enabling and Disabling Pi-hole](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#enable--disable) * ... and *many* more! @@ -121,7 +126,17 @@ You can read our [Core Feature Breakdown](https://github.com/pi-hole/pi-hole/wik ### The Web Interface Dashboard This [optional dashboard](https://github.com/pi-hole/AdminLTE) allows you to view stats, change settings, and configure your Pi-hole. It's the power of the Command Line Interface, with none of the learning curve! -Pi-hole Dashboard +Pi-hole Dashboard + +Some notable features include: +* Mobile friendly interface +* Password protection +* Detailed graphs and doughnut charts +* Top lists of domains and clients +* A filterable and sortable query log +* Long Term Statistics to view data over user defined time ranges +* The ability to easily manage and configure Pi-hole features +* ... and all the main features of the Command Line Interface! There are several ways to [access the dashboard](https://discourse.pi-hole.net/t/how-do-i-access-pi-holes-dashboard-admin-interface/3168): @@ -139,19 +154,28 @@ Some of the statistics you can integrate include: * Percentage of ads blocked * Unique domains * Queries forwarded (to your chosen upstream DNS server) -* Queries cached (served by Pi-hole) -* Unique Pi-hole clients +* Queries cached +* Unique clients -The API can be accessed via [`telnet`](https://github.com/pi-hole/FTL), the Web (`admin/api.php`) and Command Line (`pihole -c -j`). [More details are found here](https://discourse.pi-hole.net/t/pi-hole-api/1863). +The API can be accessed via [`telnet`](https://github.com/pi-hole/FTL), the Web (`admin/api.php`) and Command Line (`pihole -c -j`). You can out find [more details over here](https://discourse.pi-hole.net/t/pi-hole-api/1863). ----- ## The Origin Of Pi-hole +Pi-hole being a **advertising-aware DNS/Web server**, makes use of the following technologies: + +* [`dnsmasq`](http://www.thekelleys.org.uk/dnsmasq/doc.html) - a lightweight DNS and DHCP server +* [`curl`](https://curl.haxx.se) - A command line tool for transferring data with URL syntax +* [`lighttpd`](https://www.lighttpd.net) - webserver designed and optimized for high performance +* [`php`](https://secure.php.net) - a popular general-purpose web scripting language +* [AdminLTE Dashboard](https://github.com/almasaeed2010/AdminLTE) - premium admin control panel based on Bootstrap 3.x + While quite outdated at this point, [this original blog post about Pi-hole](https://jacobsalmela.com/2015/06/16/block-millions-ads-network-wide-with-a-raspberry-pi-hole-2-0/) goes into **great detail** about how Pi-hole was originally setup and how it works. Syntactically, it's no longer accurate, but the same basic principles and logic still apply to Pi-hole's current state. ----- ## Pi-hole Projects +- [The Big Blocklist Collection](https://wally3k.github.io) - [Docker Pi-hole container (x86 and ARM)](https://hub.docker.com/r/diginc/pi-hole/) - [Pi-Hole in the cloud](http://blog.codybunch.com/2015/07/28/Pi-Hole-in-the-cloud/) - [Pie in the Sky-Hole [A Pi-Hole in the cloud for ad-blocking via DNS]](https://dlaa.me/blog/post/skyhole) @@ -186,5 +210,7 @@ While quite outdated at this point, [this original blog post about Pi-hole](http - [Digital Trends: 5 Fun, Easy Projects You Can Try With a $35 Raspberry Pi](https://youtu.be/QwrKlyC2kdM?t=1m42s) - [Adafruit: Raspberry Pi Quick Look at Pi Hole ad blocking server with Tony D](https://www.youtube.com/watch?v=eg4u2j1HYlI) - [Devacron: OrangePi Zero as an Ad-Block server with Pi-Hole](http://www.devacron.com/orangepi-zero-as-an-ad-block-server-with-pi-hole/) -- [CryptoAUSTRALIA Blog: How We Tried 5 Privacy Focused Raspberry Pi Projects](https://blog.cryptoaustralia.org.au/2017/10/05/5-privacy-focused-raspberry-pi-projects/) -- [CryptoAUSTRALIA Pi-hole Workshop](https://blog.cryptoaustralia.org.au/2017/11/02/pi-hole-network-wide-ad-blocker/) +- [Linux Pro: The Hole Truth](http://www.linuxpromagazine.com/Issues/2017/200/The-sysadmin-s-daily-grind-Pi-hole) +- [CryptoAUSTRALIA: How We Tried 5 Privacy Focused Raspberry Pi Projects](https://blog.cryptoaustralia.org.au/2017/10/05/5-privacy-focused-raspberry-pi-projects/) +- [CryptoAUSTRALIA: Pi-hole Workshop](https://blog.cryptoaustralia.org.au/2017/11/02/pi-hole-network-wide-ad-blocker/) +- [Know How 355: Killing ads with a Raspberry Pi-Hole!](https://www.twit.tv/shows/know-how/episodes/355) From eb9c44a347c40a6ee7aba8a0719e4648543d22a3 Mon Sep 17 00:00:00 2001 From: Terror Date: Fri, 17 Nov 2017 15:54:04 +1300 Subject: [PATCH 0187/1602] Add support for Quad9 secure dns server See www.quad9.net --- automated install/basic-install.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index b43dbe4b..c0d7daba 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -764,6 +764,7 @@ setDNS() { Norton "" Comodo "" DNSWatch "" + Quad9 "" Custom "") # In a whiptail dialog, show the options DNSchoices=$(whiptail --separate-output --menu "Select Upstream DNS Provider. To use your own, select Custom." ${r} ${c} 6 \ @@ -805,6 +806,10 @@ setDNS() { PIHOLE_DNS_1="84.200.69.80" PIHOLE_DNS_2="84.200.70.40" ;; + Quad9) + echo "Quad9 servers" + PIHOLE_DNS_1="9.9.9.9" + ;; Custom) # Until the DNS settings are selected, until [[ "${DNSSettingsCorrect}" = True ]]; do From 616962200ad370ede985f26f94946e5b7bc55de9 Mon Sep 17 00:00:00 2001 From: Terror Date: Fri, 17 Nov 2017 18:18:13 +1300 Subject: [PATCH 0188/1602] Update the list size to show all the options --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index c0d7daba..61d759ff 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -767,7 +767,7 @@ setDNS() { Quad9 "" Custom "") # In a whiptail dialog, show the options - DNSchoices=$(whiptail --separate-output --menu "Select Upstream DNS Provider. To use your own, select Custom." ${r} ${c} 6 \ + DNSchoices=$(whiptail --separate-output --menu "Select Upstream DNS Provider. To use your own, select Custom." ${r} ${c} 7 \ "${DNSChooseOptions[@]}" 2>&1 >/dev/tty) || \ # exit if Cancel is selected { echo -e " ${COL_LIGHT_RED}Cancel was selected, exiting installer${COL_NC}"; exit 1; } From d92f9b4dbde04ef661f25705c636012991452476 Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Mon, 20 Nov 2017 15:59:13 +1100 Subject: [PATCH 0189/1602] Add separator between FAQ/Requests & Social Media This is to add emphasis that the first three options should be considered before the social media outlets. Signed off by WaLLy3K --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 99579fa0..a856839b 100644 --- a/README.md +++ b/README.md @@ -94,6 +94,7 @@ While we are primarily reachable on our Pi-hole Wiki
  • Feature Requests
    • +
    • Discourse User Forum
    • Reddit
      • From 9c8526db49bccbf2fd8443ee7cdda9c91e379f7d Mon Sep 17 00:00:00 2001 From: Loganaden Velvindron Date: Mon, 20 Nov 2017 22:05:41 +0400 Subject: [PATCH 0190/1602] Add secondary quad9 server --- automated install/basic-install.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 61d759ff..e90bb396 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -809,6 +809,7 @@ setDNS() { Quad9) echo "Quad9 servers" PIHOLE_DNS_1="9.9.9.9" + PIHOLE_DNS_2="149.112.112.112" ;; Custom) # Until the DNS settings are selected, From 164a81776eb055f98418f6eafcfe17f9333be2b2 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Tue, 21 Nov 2017 18:30:40 +0100 Subject: [PATCH 0191/1602] Allow to add local lists to gravity using e.g. file:///path/to/my.list in adlists.list Signed-off-by: DL6ER --- gravity.sh | 44 ++++++++++++++++++++++++++------------------ 1 file changed, 26 insertions(+), 18 deletions(-) diff --git a/gravity.sh b/gravity.sh index f4b5fc36..453985e6 100755 --- a/gravity.sh +++ b/gravity.sh @@ -138,8 +138,9 @@ gravity_Collapse() { # Logic: Split by folder/port awk -F '[/:]' '{ # Remove URL protocol & optional username:password@ - gsub(/(.*:\/\/|.*:.*@)/, "", $0) - print $1 + gsub(/(.*:\/\/|)/, "", $0) + if(length($1)>0){print $1} + else {print "local"} }' <<< "$(printf '%s\n' "${sources[@]}")" 2> /dev/null )" @@ -203,20 +204,27 @@ gravity_Pull() { # shellcheck disable=SC2086 httpCode=$(curl -s -L ${cmd_ext} ${heisenbergCompensator} -w "%{http_code}" -A "${agent}" "${url}" -o "${patternBuffer}" 2> /dev/null) - # Determine "Status:" output based on HTTP response - case "${httpCode}" in - "200") echo -e "${OVER} ${TICK} ${str} Retrieval successful"; success=true;; - "304") echo -e "${OVER} ${TICK} ${str} No changes detected"; success=true;; - "000") echo -e "${OVER} ${CROSS} ${str} Connection Refused";; - "403") echo -e "${OVER} ${CROSS} ${str} Forbidden";; - "404") echo -e "${OVER} ${CROSS} ${str} Not found";; - "408") echo -e "${OVER} ${CROSS} ${str} Time-out";; - "451") echo -e "${OVER} ${CROSS} ${str} Unavailable For Legal Reasons";; - "500") echo -e "${OVER} ${CROSS} ${str} Internal Server Error";; - "504") echo -e "${OVER} ${CROSS} ${str} Connection Timed Out (Gateway)";; - "521") echo -e "${OVER} ${CROSS} ${str} Web Server Is Down (Cloudflare)";; - "522") echo -e "${OVER} ${CROSS} ${str} Connection Timed Out (Cloudflare)";; - * ) echo -e "${OVER} ${CROSS} ${str} ${httpCode}";; + case $url in + # Did we "download" a remote file? + "http"*) + # Determine "Status:" output based on HTTP response + case "${httpCode}" in + "200") echo -e "${OVER} ${TICK} ${str} Retrieval successful"; success=true;; + "304") echo -e "${OVER} ${TICK} ${str} No changes detected"; success=true;; + "000") echo -e "${OVER} ${CROSS} ${str} Connection Refused";; + "403") echo -e "${OVER} ${CROSS} ${str} Forbidden";; + "404") echo -e "${OVER} ${CROSS} ${str} Not found";; + "408") echo -e "${OVER} ${CROSS} ${str} Time-out";; + "451") echo -e "${OVER} ${CROSS} ${str} Unavailable For Legal Reasons";; + "500") echo -e "${OVER} ${CROSS} ${str} Internal Server Error";; + "504") echo -e "${OVER} ${CROSS} ${str} Connection Timed Out (Gateway)";; + "521") echo -e "${OVER} ${CROSS} ${str} Web Server Is Down (Cloudflare)";; + "522") echo -e "${OVER} ${CROSS} ${str} Connection Timed Out (Cloudflare)";; + * ) echo -e "${OVER} ${CROSS} ${str} ${httpCode}";; + esac;; + # Did we "download" a local file? + "file"*) echo -e "${OVER} ${TICK} ${str} Retrieval successful"; success=true;; + * ) echo -e "${OVER} ${CROSS} ${str} ${url} ${httpCode}";; esac # Determine if the blocklist was downloaded and saved correctly @@ -229,7 +237,7 @@ gravity_Pull() { gravity_ParseFileIntoDomains "${patternBuffer}" "${saveLocation}" else # Fall back to previously cached list if $patternBuffer is empty - echo -e " ${INFO} Received empty file: ${COL_LIGHT_GREEN}using previously cached list${COL_NC}" + echo -e " ${INFO} ${COL_LIGHT_GREEN}Using previously cached list${COL_NC}" fi else # Determine if cached list has read permission @@ -407,7 +415,7 @@ gravity_Filter() { # Whitelist unique blocklist domain sources gravity_WhitelistBLD() { - local uniqDomains plural="" str + local uniqDomains plural="" str echo "" From 8976930e20fcabe529c544498db442ef04f824fb Mon Sep 17 00:00:00 2001 From: DL6ER Date: Tue, 21 Nov 2017 18:35:58 +0100 Subject: [PATCH 0192/1602] Properly detect if local file was successfully downloaded Signed-off-by: DL6ER --- gravity.sh | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/gravity.sh b/gravity.sh index 453985e6..f563a442 100755 --- a/gravity.sh +++ b/gravity.sh @@ -193,9 +193,10 @@ gravity_Pull() { patternBuffer=$(mktemp -p "/tmp" --suffix=".phgpb") # Determine if $saveLocation has read permission - if [[ -r "${saveLocation}" ]]; then + if [[ -r "${saveLocation}" && $url != "file"* ]]; then # Have curl determine if a remote file has been modified since last retrieval # Uses "Last-Modified" header, which certain web servers do not provide (e.g: raw github urls) + # Note: Don't do this for local files, always download them heisenbergCompensator="-z ${saveLocation}" fi @@ -223,7 +224,12 @@ gravity_Pull() { * ) echo -e "${OVER} ${CROSS} ${str} ${httpCode}";; esac;; # Did we "download" a local file? - "file"*) echo -e "${OVER} ${TICK} ${str} Retrieval successful"; success=true;; + "file"*) + if [[ -s "${patternBuffer}" ]]; then + echo -e "${OVER} ${TICK} ${str} Retrieval successful"; success=true + else + echo -e "${OVER} ${CROSS} ${str} Not found" + fi;; * ) echo -e "${OVER} ${CROSS} ${str} ${url} ${httpCode}";; esac @@ -237,7 +243,7 @@ gravity_Pull() { gravity_ParseFileIntoDomains "${patternBuffer}" "${saveLocation}" else # Fall back to previously cached list if $patternBuffer is empty - echo -e " ${INFO} ${COL_LIGHT_GREEN}Using previously cached list${COL_NC}" + echo -e " ${INFO} Received empty file: ${COL_LIGHT_GREEN}using previously cached list${COL_NC}" fi else # Determine if cached list has read permission From eb83081a5c4f8b06cbbbd893ef4d95032c8d7e90 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Tue, 21 Nov 2017 18:36:34 +0100 Subject: [PATCH 0193/1602] Clarify error message: File could also have been of zero size Signed-off-by: DL6ER --- gravity.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gravity.sh b/gravity.sh index f563a442..946dd820 100755 --- a/gravity.sh +++ b/gravity.sh @@ -228,7 +228,7 @@ gravity_Pull() { if [[ -s "${patternBuffer}" ]]; then echo -e "${OVER} ${TICK} ${str} Retrieval successful"; success=true else - echo -e "${OVER} ${CROSS} ${str} Not found" + echo -e "${OVER} ${CROSS} ${str} Not found / empty list" fi;; * ) echo -e "${OVER} ${CROSS} ${str} ${url} ${httpCode}";; esac From c54f04ef4cbb3b850d4f96bc0ca6576d6893c2cc Mon Sep 17 00:00:00 2001 From: DL6ER Date: Tue, 21 Nov 2017 20:55:47 +0100 Subject: [PATCH 0194/1602] Repair username:password filtering Signed-off-by: DL6ER --- gravity.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gravity.sh b/gravity.sh index 946dd820..430b38f8 100755 --- a/gravity.sh +++ b/gravity.sh @@ -138,7 +138,7 @@ gravity_Collapse() { # Logic: Split by folder/port awk -F '[/:]' '{ # Remove URL protocol & optional username:password@ - gsub(/(.*:\/\/|)/, "", $0) + gsub(/(.*:\/\/|.*:.*@)/, "", $0) if(length($1)>0){print $1} else {print "local"} }' <<< "$(printf '%s\n' "${sources[@]}")" 2> /dev/null From 6f0bb30def2456c82a2b77ff97164b466c59ca1f Mon Sep 17 00:00:00 2001 From: DL6ER Date: Tue, 21 Nov 2017 20:58:27 +0100 Subject: [PATCH 0195/1602] Improve indentation Signed-off-by: DL6ER --- gravity.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/gravity.sh b/gravity.sh index 430b38f8..8e666e35 100755 --- a/gravity.sh +++ b/gravity.sh @@ -230,7 +230,8 @@ gravity_Pull() { else echo -e "${OVER} ${CROSS} ${str} Not found / empty list" fi;; - * ) echo -e "${OVER} ${CROSS} ${str} ${url} ${httpCode}";; + * ) + echo -e "${OVER} ${CROSS} ${str} ${url} ${httpCode}";; esac # Determine if the blocklist was downloaded and saved correctly From 8d721d086cbe4b49665c9e0b1d81499b284776a9 Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Tue, 21 Nov 2017 18:37:38 -0500 Subject: [PATCH 0196/1602] Modify indentation --- gravity.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/gravity.sh b/gravity.sh index 8e666e35..eb69b49f 100755 --- a/gravity.sh +++ b/gravity.sh @@ -230,8 +230,7 @@ gravity_Pull() { else echo -e "${OVER} ${CROSS} ${str} Not found / empty list" fi;; - * ) - echo -e "${OVER} ${CROSS} ${str} ${url} ${httpCode}";; + *) echo -e "${OVER} ${CROSS} ${str} ${url} ${httpCode}";; esac # Determine if the blocklist was downloaded and saved correctly From 2dc185189221308918cd4802e61557f2e7211fb6 Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Thu, 23 Nov 2017 13:17:34 +1100 Subject: [PATCH 0197/1602] Allow passwords with spaces e.g: `pihole -a -p "foo bar"` Signed off by WaLLy3K --- advanced/Scripts/webpage.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index d5c4d45e..07bc160f 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -110,7 +110,7 @@ SetWebPassword() { fi if [ "${PASSWORD}" == "${CONFIRM}" ] ; then - hash=$(HashPassword ${PASSWORD}) + hash=$(HashPassword "${PASSWORD}") # Save hash to file change_setting "WEBPASSWORD" "${hash}" echo -e " ${TICK} New password set" From 0a4d3ef6e6c6b010b549d04841e6496df6ebff85 Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Thu, 23 Nov 2017 13:35:51 +1100 Subject: [PATCH 0198/1602] Add "sudo bash" to installation instructions * Running as sudo/root prevents script from being re-downloaded, unintentionally side-stepping manual code review by end user Signed off by WaLLy3K --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index a856839b..f6d15f43 100644 --- a/README.md +++ b/README.md @@ -33,13 +33,13 @@ Those who want to get started quickly and conveniently, may install Pi-hole usin ``` git clone --depth 1 https://github.com/pi-hole/pi-hole.git Pi-hole cd "Pi-hole/automated install/" -bash basic-install.sh +sudo bash basic-install.sh ``` ### Method 2: Manually download the installer and run ``` wget -O basic-install.sh https://install.pi-hole.net -bash basic-install.sh +sudo bash basic-install.sh ``` ## Post-install: Make your network take advantage of Pi-hole From b64155a1657937b5302369732fda79565105c1c9 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Wed, 6 Dec 2017 14:32:39 +0000 Subject: [PATCH 0199/1602] Add in an extra check to enable lighttpd. Signed-off-by: Adam Warner --- automated install/basic-install.sh | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 61d759ff..8380ca49 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -2004,8 +2004,15 @@ main() { # just install the Core dependencies DEPS=("${PIHOLE_DEPS[@]}") fi + install_dependent_packages DEPS[@] + # On some systems, lighttpd is not enabled on first install. We need to enable it here if the user + # has chosen to install the web interface, else the `LIGHTTPD_ENABLED` check will fail + if [[ "${INSTALL_WEB}" == true ]]; then + enable_service lighttpd + fi + if [[ -x "$(command -v systemctl)" ]]; then # Value will either be 1, if true, or 0 LIGHTTPD_ENABLED=$(systemctl is-enabled lighttpd | grep -c 'enabled' || true) From f60791ac7c9afca9a3270a6edc67b58423f92671 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Wed, 6 Dec 2017 14:42:01 +0000 Subject: [PATCH 0200/1602] Add dependencies as per https://github.com/pi-hole/pi-hole/pull/1776#discussion_r155149349 Signed-off-by: Adam Warner --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 8380ca49..a9bebba2 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -208,7 +208,7 @@ elif command -v rpm &> /dev/null; then PKG_INSTALL=(${PKG_MANAGER} install -y) PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l" INSTALLER_DEPS=(dialog git iproute net-tools newt procps-ng) - PIHOLE_DEPS=(bc bind-utils cronie curl dnsmasq findutils nmap-ncat sudo unzip wget idn2) + PIHOLE_DEPS=(bc bind-utils cronie curl dnsmasq findutils nmap-ncat sudo unzip wget libidn2 psmisc) PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php php-common php-cli php-pdo) if ! grep -q 'Fedora' /etc/redhat-release; then INSTALLER_DEPS=("${INSTALLER_DEPS[@]}" "epel-release"); From 945dcc6c2b67838a4864067899b2b75985d5078e Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Wed, 6 Dec 2017 15:17:31 +0000 Subject: [PATCH 0201/1602] Indent two spaces as per https://github.com/pi-hole/pi-hole/pull/1776#discussion_r155157116 Signed-off-by: Adam Warner --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index a9bebba2..d71cd891 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1328,7 +1328,7 @@ installPiholeWeb() { else # don't do anything echo -e "${OVER} ${CROSS} ${str} - No default index.lighttpd.html file found... not backing up" + No default index.lighttpd.html file found... not backing up" fi # Install Sudoers file From dd6a9a0b8473d112c7d372c12023011490900818 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Wed, 6 Dec 2017 15:28:58 +0000 Subject: [PATCH 0202/1602] supress output of `which command` on centos/fedora as per https://github.com/pi-hole/pi-hole/pull/1776#discussion_r155156819 Signed-off-by: Adam Warner --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index d71cd891..3377ca86 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1856,7 +1856,7 @@ FTLdetect() { #If the installed version matches the latest version, then check the installed sha1sum of the binary vs the remote sha1sum. If they do not match, then download echo -e " ${INFO} Checking for existing FTL binary..." - local ftlLoc=$(which pihole-FTL) + local ftlLoc=$(which pihole-FTL 2>/dev/null) if [[ ${ftlLoc} ]]; then local FTLversion=$(/usr/bin/pihole-FTL tag) From 69dc22c10ffbab9182dfbd336d0159363640390c Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Wed, 6 Dec 2017 22:31:12 +0000 Subject: [PATCH 0203/1602] fix some codacy and intelliJ idea complaints Signed-off-by: Adam Warner --- automated install/basic-install.sh | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 3377ca86..139627e0 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -503,15 +503,21 @@ testIPv6() { # first will contain fda2 (ULA) first="$(cut -f1 -d":" <<< "$1")" # value1 will contain 253 which is the decimal value corresponding to 0xfd - value1=$(((0x$first)/256)) + value1=$(( (0x$first)/256 )) # will contain 162 which is the decimal value corresponding to 0xa2 - value2=$(((0x$first)%256)) + value2=$(( (0x$first)%256 )) # the ULA test is testing for fc00::/7 according to RFC 4193 - (((value1&254)==252)) && echo "ULA" || true + if (( value1&254 == 252 )); then + echo "ULA" + fi # the GUA test is testing for 2000::/3 according to RFC 4291 - (((value1&112)==32)) && echo "GUA" || true + if (( value1&112 == 32 )); then + echo "GUA" + fi # the LL test is testing for fe80::/10 according to RFC 4193 - (((value1==254) && ((value2&192)==128))) && echo "Link-local" || true + if (( value1 == 254 )) && (( value2&192 == 128 )); then + echo "Link-local" + fi } # A dialog for showing the user about IPv6 blocking From 162a7b56fe9f04ce12b395760a0928026fefd082 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Wed, 6 Dec 2017 22:41:31 +0000 Subject: [PATCH 0204/1602] force mode is no longer referenced. Regression. Same with `domToRemoveList` Signed-off-by: Adam Warner --- advanced/Scripts/list.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh index 9ddfe8f3..72250afd 100755 --- a/advanced/Scripts/list.sh +++ b/advanced/Scripts/list.sh @@ -19,7 +19,6 @@ addmode=true verbose=true domList=() -domToRemoveList=() listMain="" listAlt="" @@ -240,7 +239,6 @@ for var in "$@"; do "-wild" | "wildcard" ) listMain="${wildcardlist}";; "-nr"| "--noreload" ) reload=false;; "-d" | "--delmode" ) addmode=false;; - "-f" | "--force" ) force=true;; "-q" | "--quiet" ) verbose=false;; "-h" | "--help" ) helpFunc;; "-l" | "--list" ) Displaylist;; From 79aada0b87d1f8b4992acedcdff03f6eff78180b Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Wed, 6 Dec 2017 22:57:05 +0000 Subject: [PATCH 0205/1602] travis didn't like that Signed-off-by: Adam Warner --- automated install/basic-install.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 139627e0..79754872 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -507,15 +507,15 @@ testIPv6() { # will contain 162 which is the decimal value corresponding to 0xa2 value2=$(( (0x$first)%256 )) # the ULA test is testing for fc00::/7 according to RFC 4193 - if (( value1&254 == 252 )); then + if (( (value1&254)==252 )); then echo "ULA" fi # the GUA test is testing for 2000::/3 according to RFC 4291 - if (( value1&112 == 32 )); then + if (( (value1&112)==32 )); then echo "GUA" fi # the LL test is testing for fe80::/10 according to RFC 4193 - if (( value1 == 254 )) && (( value2&192 == 128 )); then + if (( (value1)==254 )) && (( (value2&192)==128 )); then echo "Link-local" fi } From a9a40ca46c7f086b2efa9464fa90026e47004f72 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Wed, 6 Dec 2017 23:27:40 +0000 Subject: [PATCH 0206/1602] Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead. Signed-off-by: Adam Warner --- advanced/Scripts/piholeDebug.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 43393ee9..d69c5e4d 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -499,7 +499,7 @@ does_ip_match_setup_vars() { # IP address to check for local ip_address="${2}" # See what IP is in the setupVars.conf file - local setup_vars_ip=$(cat ${PIHOLE_SETUP_VARS_FILE} | grep IPV${protocol}_ADDRESS | cut -d '=' -f2) + local setup_vars_ip=$(< ${PIHOLE_SETUP_VARS_FILE} grep IPV${protocol}_ADDRESS | cut -d '=' -f2) # If it's an IPv6 address if [[ "${protocol}" == "6" ]]; then # Strip off the / (CIDR notation) From a436d55f239ab368e612f6a6e14676c7b2ff359d Mon Sep 17 00:00:00 2001 From: Siddhu Date: Fri, 8 Dec 2017 00:18:19 +0530 Subject: [PATCH 0207/1602] fix for escape char --- advanced/Scripts/webpage.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index 5dd21e56..517afba0 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -108,7 +108,7 @@ SetWebPassword() { # Prevents a bug if the user presses Ctrl+C and it continues to hide the text typed. # So we reset the terminal via stty if the user does press Ctrl+C trap '{ echo -e "\nNo password will be set" ; stty sane ; exit 1; }' INT - read -s -p "Enter New Password (Blank for no password): " PASSWORD + read -s -p "Enter New Password \(Blank for no password\): " PASSWORD echo "" if [ "${PASSWORD}" == "" ]; then @@ -609,7 +609,7 @@ main() { "-sc" ) ClearSpeedtestData;; "-ss" ) SpeedtestServer;; "audit" ) audit;; - * ) helpFunc;; + "*" ) helpFunc;; esac shift From 3e246f99ca411026b81dfc67bbea0c04e5b63b5a Mon Sep 17 00:00:00 2001 From: Siddhu Date: Fri, 8 Dec 2017 00:31:16 +0530 Subject: [PATCH 0208/1602] Fix on merge conflict --- advanced/Scripts/webpage.sh | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index 517afba0..ef4b10d3 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -37,7 +37,6 @@ Options: -e, email Set an administrative contact address for the Block Page -h, --help Show this help dialog -i, interface Specify dnsmasq's interface listening behavior -<<<<<<< HEAD Add '-h' for more info on interface usage -s, speedtest Set speedtest intevel , user 0 to disable Speedtests use -sn to prevent logging to results list @@ -45,9 +44,6 @@ Options: -sc Clear speedtest data -ss Set custom server" -======= - Add '-h' for more info on interface usage" ->>>>>>> 5ba413569ea8a4220c7e3bd2fa8c28b33b9e8492 exit 0 } @@ -108,7 +104,7 @@ SetWebPassword() { # Prevents a bug if the user presses Ctrl+C and it continues to hide the text typed. # So we reset the terminal via stty if the user does press Ctrl+C trap '{ echo -e "\nNo password will be set" ; stty sane ; exit 1; }' INT - read -s -p "Enter New Password \(Blank for no password\): " PASSWORD + read -s -p "Enter New Password (Blank for no password): " PASSWORD echo "" if [ "${PASSWORD}" == "" ]; then @@ -603,13 +599,16 @@ main() { "-i" | "interface" ) SetListeningMode "$@";; "-t" | "teleporter" ) Teleporter;; "adlist" ) CustomizeAdLists;; +<<<<<<< HEAD "-s" | "speedtest" ) ChageSpeedTestSchedule;; "-sd" ) UpdateSpeedTestRange;; "-sn" ) RunSpeedtestNow;; "-sc" ) ClearSpeedtestData;; "-ss" ) SpeedtestServer;; +======= "audit" ) audit;; - "*" ) helpFunc;; +>>>>>>> 5ba413569ea8a4220c7e3bd2fa8c28b33b9e8492 + * ) helpFunc;; esac shift From eb2d86bf191f5c91748987d2240e1dd71b90a0b5 Mon Sep 17 00:00:00 2001 From: Siddhu Date: Fri, 8 Dec 2017 00:32:29 +0530 Subject: [PATCH 0209/1602] conflict resolve --- advanced/Scripts/webpage.sh | 3 --- 1 file changed, 3 deletions(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index ef4b10d3..c2f93cf7 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -599,15 +599,12 @@ main() { "-i" | "interface" ) SetListeningMode "$@";; "-t" | "teleporter" ) Teleporter;; "adlist" ) CustomizeAdLists;; -<<<<<<< HEAD "-s" | "speedtest" ) ChageSpeedTestSchedule;; "-sd" ) UpdateSpeedTestRange;; "-sn" ) RunSpeedtestNow;; "-sc" ) ClearSpeedtestData;; "-ss" ) SpeedtestServer;; -======= "audit" ) audit;; ->>>>>>> 5ba413569ea8a4220c7e3bd2fa8c28b33b9e8492 * ) helpFunc;; esac From f89d69b0819e7bbf1b4ee7a4db4692e66133078a Mon Sep 17 00:00:00 2001 From: bcambl Date: Thu, 7 Dec 2017 21:33:31 -0600 Subject: [PATCH 0210/1602] check NetworkManager status prior to using the cli (#1653) Closes #1653 Signed-off-by: bcambl --- automated install/basic-install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 61d759ff..80ebd5fa 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -709,8 +709,8 @@ setStaticIPv4() { }> "${IFCFG_FILE}" # Use ip to immediately set the new address ip addr replace dev "${PIHOLE_INTERFACE}" "${IPV4_ADDRESS}" - # If NetworkMangler command line interface exists, - if command -v nmcli &> /dev/null;then + # If NetworkMangler command line interface exists and ready to mangle, + if command -v nmcli &> /dev/null && nmcli general status &> /dev/null; then # Tell NetworkManagler to read our new sysconfig file nmcli con load "${IFCFG_FILE}" > /dev/null fi From 80e17ab72180f15ac4d5ff0044d4e8eafd95bc29 Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Thu, 7 Dec 2017 22:38:47 -0600 Subject: [PATCH 0211/1602] potentially fixes #1806 by falling back to dig if getent fails Signed-off-by: Jacob Salmela --- gravity.sh | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/gravity.sh b/gravity.sh index eb69b49f..e7aed5e5 100755 --- a/gravity.sh +++ b/gravity.sh @@ -88,6 +88,19 @@ gravity_DNSLookup() { exit 1 fi + # If the /etc/resolv.conf contains resolvers other than 127.0.0.1 then the local dnsmasq will not be queried and pi.hole is NXDOMAIN. + # This means that even though name resolution is working, the getent hosts check fails and the holddown timer keeps ticking and eventualy fails + # So we check the output of the last command and if it failed, attempt to use dig +short as a fallback + if timeout 1 dig +short "${lookupDomain}" &> /dev/null; then + if [[ -n "${secs:-}" ]]; then + echo -e "${OVER} ${TICK} DNS resolution is now available\\n" + fi + return 0 + elif [[ -n "${secs:-}" ]]; then + echo -e "${OVER} ${CROSS} DNS resolution is not available" + exit 1 + fi + # Determine error output message if pidof dnsmasq &> /dev/null; then echo -e " ${CROSS} DNS resolution is currently unavailable" From 6ecd93d0c9c05cfc67576ecc36b37f980b9ef16d Mon Sep 17 00:00:00 2001 From: Joe Date: Fri, 8 Dec 2017 22:25:01 +0000 Subject: [PATCH 0212/1602] pihole.log permissions This change makes pihole more friendly to the non-existence of the pihole.log file. This can help with systems that are configured to mount /var/log as a tmpfs volume. It may also help with systems where the pihole.log file is accidentally/unintentionally removed. Further discussion around the details of this change are in https://github.com/pi-hole/pi-hole/issues/1798 --- advanced/pihole-FTL.service | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/advanced/pihole-FTL.service b/advanced/pihole-FTL.service index 627fad8c..b7def22c 100644 --- a/advanced/pihole-FTL.service +++ b/advanced/pihole-FTL.service @@ -25,9 +25,9 @@ start() { if is_running; then echo "pihole-FTL is already running" else - touch /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port + touch /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole.log chown pihole:pihole /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port /etc/pihole - chmod 0644 /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port + chmod 0644 /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole.log su -s /bin/sh -c "/usr/bin/pihole-FTL" "$FTLUSER" echo fi From 6f03e3015154bb018a920c4cd27c9c2663d7b76e Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Fri, 8 Dec 2017 18:23:55 -0600 Subject: [PATCH 0213/1602] fixes #1537 by checking if systemctl is found Signed-off-by: Jacob Salmela --- advanced/Scripts/piholeDebug.sh | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index d69c5e4d..f8955637 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -212,7 +212,7 @@ copy_to_debug_log() { # uploaded to our server, since it can't properly display in color # This is accomplished by use sed to remove characters matching that patter # The entire file is then copied over to a sanitized version of the log - sed 's/\[[0-9;]\{1,5\}m//g' > "${PIHOLE_DEBUG_LOG_SANITIZED}" <<< cat "${PIHOLE_DEBUG_LOG}" + # sed 's/\[[0-9;]\{1,5\}m//g' > "${PIHOLE_DEBUG_LOG_SANITIZED}" <<< cat "${PIHOLE_DEBUG_LOG}" } initiate_debug() { @@ -809,8 +809,14 @@ process_status(){ local i # For each process, for i in "${PIHOLE_PROCESSES[@]}"; do - # get its status via systemctl - local status_of_process=$(systemctl is-active "${i}") + # If systemd + if command -v systemctl &> /dev/null; then + # get its status via systemctl + local status_of_process=$(systemctl is-active "${i}") + else + # Otherwise, use the service command + local status_of_process=$(service "${i}" status | awk '/Active:/ {print $2}') &> /dev/null + fi # and print it out to the user if [[ "${status_of_process}" == "active" ]]; then # If it's active, show it in green From 28bed0041ec668447d7e26de1870ed8977207b33 Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Fri, 8 Dec 2017 18:29:28 -0600 Subject: [PATCH 0214/1602] remove comment Signed-off-by: Jacob Salmela --- advanced/Scripts/piholeDebug.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index f8955637..64334241 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -212,7 +212,7 @@ copy_to_debug_log() { # uploaded to our server, since it can't properly display in color # This is accomplished by use sed to remove characters matching that patter # The entire file is then copied over to a sanitized version of the log - # sed 's/\[[0-9;]\{1,5\}m//g' > "${PIHOLE_DEBUG_LOG_SANITIZED}" <<< cat "${PIHOLE_DEBUG_LOG}" + sed 's/\[[0-9;]\{1,5\}m//g' > "${PIHOLE_DEBUG_LOG_SANITIZED}" <<< cat "${PIHOLE_DEBUG_LOG}" } initiate_debug() { From 05d015169c19b5da163553ec9791783780b9cd4a Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 9 Dec 2017 19:00:46 +0100 Subject: [PATCH 0215/1602] Check for local version and branches every 10 minutes, check for remote versions only once a day Signed-off-by: DL6ER --- advanced/Scripts/updatecheck.sh | 49 +++++++++++++++++---------------- advanced/pihole.cron | 7 +++-- pihole | 2 +- 3 files changed, 32 insertions(+), 26 deletions(-) diff --git a/advanced/Scripts/updatecheck.sh b/advanced/Scripts/updatecheck.sh index 9b79c4cb..f8ce59dd 100755 --- a/advanced/Scripts/updatecheck.sh +++ b/advanced/Scripts/updatecheck.sh @@ -3,7 +3,7 @@ # (c) 2017 Pi-hole, LLC (https://pi-hole.net) # Network-wide ad blocking via your own hardware. # -# Checks for updates via GitHub +# Checks for local or remote versions and branches # # This file is copyright under the latest version of the EUPL. # Please see LICENSE file for your rights under this license. @@ -25,35 +25,38 @@ function json_extract() { fi } -GITHUB_CORE_VERSION="$(json_extract tag_name "$(curl -q 'https://api.github.com/repos/pi-hole/pi-hole/releases/latest' 2> /dev/null)")" -GITHUB_WEB_VERSION="$(json_extract tag_name "$(curl -q 'https://api.github.com/repos/pi-hole/AdminLTE/releases/latest' 2> /dev/null)")" -GITHUB_FTL_VERSION="$(json_extract tag_name "$(curl -q 'https://api.github.com/repos/pi-hole/FTL/releases/latest' 2> /dev/null)")" - -echo "${GITHUB_CORE_VERSION} ${GITHUB_WEB_VERSION} ${GITHUB_FTL_VERSION}" > "/etc/pihole/GitHubVersions" - function get_local_branch() { # Return active branch cd "${1}" 2> /dev/null || return 1 git rev-parse --abbrev-ref HEAD || return 1 } -CORE_BRANCH="$(get_local_branch /etc/.pihole)" -WEB_BRANCH="$(get_local_branch /var/www/html/admin)" -#FTL_BRANCH="$(pihole-FTL branch)" -# Don't store FTL branch until the next release of FTL which -# supports returning the branch in an easy way -FTL_BRANCH="XXX" - -echo "${CORE_BRANCH} ${WEB_BRANCH} ${FTL_BRANCH}" > "/etc/pihole/localbranches" - function get_local_version() { - # Return active branch - cd "${1}" 2> /dev/null || return 1 - git describe --long --dirty --tags || return 1 +# Return active branch +cd "${1}" 2> /dev/null || return 1 +git describe --long --dirty --tags || return 1 } -CORE_VERSION="$(get_local_version /etc/.pihole)" -WEB_VERSION="$(get_local_version /var/www/html/admin)" -FTL_VERSION="$(pihole-FTL version)" +if [[ "$2" == "remote" ]]; then -echo "${CORE_VERSION} ${WEB_VERSION} ${FTL_VERSION}" > "/etc/pihole/localversions" + GITHUB_CORE_VERSION="$(json_extract tag_name "$(curl -q 'https://api.github.com/repos/pi-hole/pi-hole/releases/latest' 2> /dev/null)")" + GITHUB_WEB_VERSION="$(json_extract tag_name "$(curl -q 'https://api.github.com/repos/pi-hole/AdminLTE/releases/latest' 2> /dev/null)")" + GITHUB_FTL_VERSION="$(json_extract tag_name "$(curl -q 'https://api.github.com/repos/pi-hole/FTL/releases/latest' 2> /dev/null)")" + + echo "${GITHUB_CORE_VERSION} ${GITHUB_WEB_VERSION} ${GITHUB_FTL_VERSION}" > "/etc/pihole/GitHubVersions" + +else + + CORE_BRANCH="$(get_local_branch /etc/.pihole)" + WEB_BRANCH="$(get_local_branch /var/www/html/admin)" + FTL_BRANCH="$(pihole-FTL branch)" + + echo "${CORE_BRANCH} ${WEB_BRANCH} ${FTL_BRANCH}" > "/etc/pihole/localbranches" + + CORE_VERSION="$(get_local_version /etc/.pihole)" + WEB_VERSION="$(get_local_version /var/www/html/admin)" + FTL_VERSION="$(pihole-FTL version)" + + echo "${CORE_VERSION} ${WEB_VERSION} ${FTL_VERSION}" > "/etc/pihole/localversions" + +fi diff --git a/advanced/pihole.cron b/advanced/pihole.cron index 2273358b..87a2bd3c 100644 --- a/advanced/pihole.cron +++ b/advanced/pihole.cron @@ -29,5 +29,8 @@ @reboot root /usr/sbin/logrotate /etc/pihole/logrotate -# Pi-hole: Grab remote version and branch every 10 minutes -*/10 * * * * root PATH="$PATH:/usr/local/bin/" pihole updatechecker +# Pi-hole: Grab local version and branch every 10 minutes +*/10 * * * * root PATH="$PATH:/usr/local/bin/" pihole updatechecker local + +# Pi-hole: Grab remote version every 24 hours +00 00 * * * root PATH="$PATH:/usr/local/bin/" pihole updatechecker remote diff --git a/pihole b/pihole index 652f4acb..e4d6215c 100755 --- a/pihole +++ b/pihole @@ -658,6 +658,6 @@ case "${1}" in "-t" | "tail" ) tailFunc;; "checkout" ) piholeCheckoutFunc "$@";; "tricorder" ) tricorderFunc;; - "updatechecker" ) updateCheckFunc;; + "updatechecker" ) updateCheckFunc "$@";; * ) helpFunc;; esac From 45ab2a3d7aadba25ee29e0f52dc943d9031c60b9 Mon Sep 17 00:00:00 2001 From: Keith Bentrup Date: Sat, 9 Dec 2017 17:03:20 -0500 Subject: [PATCH 0216/1602] send HTTP headers before HTML Signed-off-by: Keith Bentrup --- advanced/index.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/advanced/index.php b/advanced/index.php index 5c2f250d..999acebb 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -213,6 +213,8 @@ if (explode("-", $phVersion)[1] != "0") // Please Note: Text is added via CSS to allow an admin to provide a localised // language without the need to edit this file + +setHeader(); ?> Web Interface and additional branch option Signed-Off-By: Rob Gill --- pihole | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/pihole b/pihole index b3f532af..c125d0d9 100755 --- a/pihole +++ b/pihole @@ -541,12 +541,13 @@ Switch Pi-hole subsystems to a different Github branch Repositories: core [branch] Change the branch of Pi-hole's core subsystem - web [branch] Change the branch of Admin Console subsystem + web [branch] Change the branch of Web Interface subsystem ftl [branch] Change the branch of Pi-hole's FTL subsystem Branches: master Update subsystems to the latest stable release - dev Update subsystems to the latest development release" + dev Update subsystems to the latest development release + branchname Update subsystems to the specified branchname" exit 0 fi @@ -610,8 +611,8 @@ Debugging Options: -t, tail View the live output of the Pi-hole log Options: - -a, admin Admin Console options - Add '-h' for more info on admin console usage + -a, admin Web interface options + Add '-h' for more info on Web Interface usage -c, chronometer Calculates stats and displays to an LCD Add '-h' for more info on chronometer usage -g, updateGravity Update the list of ad-serving domains @@ -622,7 +623,7 @@ Options: Add '-h' for more info on query usage -up, updatePihole Update Pi-hole subsystems Add '--check-only' to exit script before update is performed. - -v, version Show installed versions of Pi-hole, Admin Console & FTL + -v, version Show installed versions of Pi-hole, Web Interface & FTL Add '-h' for more info on version usage uninstall Uninstall Pi-hole from your system status Display the running status of Pi-hole subsystems From a11e5e2debac1efde56b8e00ca7a439d73329a56 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Tue, 5 Jun 2018 10:23:23 +1000 Subject: [PATCH 0438/1602] dnsmasq Signed-off-by: Rob Gill --- manpages/pihole-FTL.8 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manpages/pihole-FTL.8 b/manpages/pihole-FTL.8 index 812801a4..2928f2d8 100644 --- a/manpages/pihole-FTL.8 +++ b/manpages/pihole-FTL.8 @@ -92,7 +92,7 @@ Command line arguments \fB--\fR (options) .br - Pass options to internal resolver + Pass options to internal dnsmasq resolver .br .SH "EXAMPLE" Command line arguments can be arbitrarily combined, e.g: From 4188fb536e1fd78914ffb22de923a8e2cf2c9393 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Tue, 5 Jun 2018 10:25:51 +1000 Subject: [PATCH 0439/1602] Privacy levels Signed-off-by: Rob Gill --- manpages/pihole-FTL.conf.5 | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/manpages/pihole-FTL.conf.5 b/manpages/pihole-FTL.conf.5 index b99a6c1d..50536279 100644 --- a/manpages/pihole-FTL.conf.5 +++ b/manpages/pihole-FTL.conf.5 @@ -68,6 +68,14 @@ pihole-FTL.conf - FTL's config file .br Which privacy level is used? .br + 0 - show everything +.br + 1 - hide domains +.br + 2 - hide domains and clients +.br + 3 - paranoia mode (hide everything) +.br \fBIGNORE_LOCALHOST=no|yes\fR .br From 7398a9ebf937cadeb3f47537684ed60facce5ffe Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Mon, 4 Jun 2018 19:59:23 -0500 Subject: [PATCH 0440/1602] remove projects that are not compliant with our trademarks Signed-off-by: Jacob Salmela --- README.md | 36 +++++++++++++----------------------- 1 file changed, 13 insertions(+), 23 deletions(-) diff --git a/README.md b/README.md index 60c54f87..40a9254f 100644 --- a/README.md +++ b/README.md @@ -178,32 +178,13 @@ Pi-hole being a **advertising-aware DNS/Web server**, makes use of the following * [AdminLTE Dashboard](https://github.com/almasaeed2010/AdminLTE) - premium admin control panel based on Bootstrap 3.x While quite outdated at this point, [this original blog post about Pi-hole](https://jacobsalmela.com/2015/06/16/block-millions-ads-network-wide-with-a-raspberry-pi-hole-2-0/) goes into **great detail** about how Pi-hole was originally setup and how it works. Syntactically, it's no longer accurate, but the same basic principles and logic still apply to Pi-hole's current state. - ------ - -## Pi-hole Projects -- [The Big Blocklist Collection](https://wally3k.github.io) -- [Docker Pi-hole container (x86 and ARM)](https://hub.docker.com/r/diginc/pi-hole/) -- [Pi-Hole in the cloud](http://blog.codybunch.com/2015/07/28/Pi-Hole-in-the-cloud/) -- [Pie in the Sky-Hole [A Pi-Hole in the cloud for ad-blocking via DNS]](https://dlaa.me/blog/post/skyhole) -- [Pi-hole Enable/Disable Button](http://thetimmy.silvernight.org/pages/endisbutton/) -- [Minibian Pi-hole](https://munkjensen.net/wiki/index.php/See_my_Pi-Hole#Minibian_Pi-hole) -- [CHiP-hole: Network-wide Ad-blocker](https://www.hackster.io/jacobsalmela/chip-hole-network-wide-ad-blocker-98e037) -- [Chrome Extension: Pi-Hole List Editor](https://chrome.google.com/webstore/detail/pi-hole-list-editor/hlnoeoejkllgkjbnnnhfolapllcnaglh) ([Source Code](https://github.com/packtloss/pihole-extension)) -- [Splunk: Pi-hole Visualiser](https://splunkbase.splunk.com/app/3023/) -- [Adblocking with Pi-hole and Ubuntu 14.04 on VirtualBox](https://hbalagtas.blogspot.com.au/2016/02/adblocking-with-pi-hole-and-ubuntu-1404.html) -- [Pi-hole stats in your Mac's menu bar](https://getbitbar.com/plugins/Network/pi-hole.1m.py) -- [Pi-hole unRAID Template](https://forums.lime-technology.com/topic/36810-support-spants-nodered-mqtt-dashing-couchdb/) -- [Copernicus: Windows Tray Application](https://github.com/goldbattle/copernicus) -- [Let your blink1 device blink when Pi-hole filters ads](https://gist.github.com/elpatron68/ec0b4c582e5abf604885ac1e068d233f) -- [Pi-hole metrics](https://github.com/nlamirault/pihole_exporter) exporter for [Prometheus](https://prometheus.io/) -- [Magic Mirror with DNS Filtering](https://zonksec.com/blog/magic-mirror-dns-filtering/#dnssoftware) -- [Pi-hole Droid: Android client](https://github.com/friimaind/pi-hole-droid) -- [Windows DNS Swapper](https://github.com/roots84/DNS-Swapper), see [#1400](https://github.com/pi-hole/pi-hole/issues/1400) -- [Pi-hole Visualizer](https://www.reddit.com/r/pihole/comments/82ikgb/pihole_visualizer_update/) ----- ## Coverage +- [Software Engineering Daily: Interview with the creator of Pi-hole](https://softwareengineeringdaily.com/2018/05/29/pi-hole-ad-blocker-hardware-with-jacob-salmela/) +- [Bloomberg Business Week: Brotherhood of the Ad blockers](https://www.bloomberg.com/news/features/2018-05-10/inside-the-brotherhood-of-pi-hole-ad-blockers) +- [Securing DNS across all of my devices with Pi-Hole + DNS-over-HTTPS + 1.1.1.1](https://scotthelme.co.uk/securing-dns-across-all-of-my-devices-with-pihole-dns-over-https-1-1-1-1/) +- [Adafruit: installing Pi-hole on a Pi Zero W](https://learn.adafruit.com/pi-hole-ad-blocker-with-pi-zero-w/install-pi-hole) - [Lifehacker: Turn A Raspberry Pi Into An Ad Blocker With A Single Command](https://www.lifehacker.com.au/2015/02/turn-a-raspberry-pi-into-an-ad-blocker-with-a-single-command/) - [MakeUseOf: Adblock Everywhere: The Raspberry Pi-Hole Way](http://www.makeuseof.com/tag/adblock-everywhere-raspberry-pi-hole-way/) - [Catchpoint: Ad-Blocking on Apple iOS9: Valuing the End User Experience](http://blog.catchpoint.com/2015/09/14/ad-blocking-apple/) @@ -222,3 +203,12 @@ While quite outdated at this point, [this original blog post about Pi-hole](http - [CryptoAUSTRALIA: How We Tried 5 Privacy Focused Raspberry Pi Projects](https://blog.cryptoaustralia.org.au/2017/10/05/5-privacy-focused-raspberry-pi-projects/) - [CryptoAUSTRALIA: Pi-hole Workshop](https://blog.cryptoaustralia.org.au/2017/11/02/pi-hole-network-wide-ad-blocker/) - [Know How 355: Killing ads with a Raspberry Pi-Hole!](https://www.twit.tv/shows/know-how/episodes/355) + +----- + +## Pi-hole Projects +- [The Big Blocklist Collection](https://wally3k.github.io) +- [Pie in the Sky-Hole](https://dlaa.me/blog/post/skyhole) +- [Copernicus: Windows Tray Application](https://github.com/goldbattle/copernicus) +- [Magic Mirror with DNS Filtering](https://zonksec.com/blog/magic-mirror-dns-filtering/#dnssoftware) +- [Windows DNS Swapper](https://github.com/roots84/DNS-Swapper) From 35ca54d98f7760e329f11b133431d3bef96623a7 Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Mon, 4 Jun 2018 20:00:26 -0500 Subject: [PATCH 0441/1602] add patreon and adjust affiliate links Signed-off-by: Jacob Salmela --- README.md | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/README.md b/README.md index 40a9254f..77f259e6 100644 --- a/README.md +++ b/README.md @@ -68,12 +68,11 @@ Sending a donation using our links below is **extremely helpful** in offsetting ### Alternative support If you'd rather not [donate](https://pi-hole.net/donate/) (_which is okay!_), there are other ways you can help support us: - +- [Patreon](https://patreon.com/pihole) _Become a patron for rewards_ - [Digital Ocean](http://www.digitalocean.com/?refcode=344d234950e1) _affiliate link_ - [UNIXstickers.com](http://unixstickers.refr.cc/jacobs) _save $5 when you spend $9 using our affiliate link_ - [Pi-hole Swag Store](https://pi-hole.net/shop/) _affiliate link_ - [Amazon](http://www.amazon.com/exec/obidos/redirect-home/pihole09-20) _affiliate link_ -- [Ho-ost](https://clients.ho-ost.com/aff.php?aff=19) _save 50% with our affiliate link_ - [DNS Made Easy](https://cp.dnsmadeeasy.com/u/133706) _affiliate link_ - [Vultr](http://www.vultr.com/?ref=7190426) _affiliate link_ - Spreading the word about our software, and how you have benefited from it @@ -99,9 +98,6 @@ While we are primarily reachable on our Frequently Asked Questions
    • Pi-hole Wiki
    • Feature Requests
      • -
    -
    -
    • Discourse User Forum
    • Reddit
    • Gitter (Real-time chat)
      • From 9422d57283e0d9f0c5413c1d10cc644f7a22d5ab Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Tue, 5 Jun 2018 12:08:27 +1000 Subject: [PATCH 0442/1602] Check version of installed php Signed-off-by: Rob Gill --- automated install/basic-install.sh | 26 ++++++++++++++++++++------ 1 file changed, 20 insertions(+), 6 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 395a6203..4cd1e9aa 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -160,13 +160,27 @@ if command -v apt-get &> /dev/null; then # use iproute iproute_pkg="iproute" fi - # We prefer the php metapackage if it's there - if ${PKG_MANAGER} install --dry-run php > /dev/null 2>&1; then - phpVer="php" - # If not, - else + # Check for and determine version number, major and minor of current php install + if command -v php &> /dev/null; then + phpInsVersion="$(php -v | head -n1 | grep -Po '(? /dev/null 2>&1; then + phpVer="php" # fall back on the php5 packages - phpVer="php5" + else + phpVer="php5" + fi + else + # Supported php is installed, its common, cgi & sqlite counterparts are deps + phpInsMajor="$(echo $phpInsVer | cut -d\. -f1)" + phpInsMinor="$(echo $phpInsVer | cut -d\. -f2)" + phpVer="php$phpInsMajor.phpInsMinor" + fi + fi # We also need the correct version for `php-sqlite` (which differs across distros) if ${PKG_MANAGER} install --dry-run ${phpVer}-sqlite3 > /dev/null 2>&1; then From 7181d7ae6a87dda776ca3579fc6dcbb00ca5948d Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Tue, 5 Jun 2018 14:30:18 +1000 Subject: [PATCH 0443/1602] Left that fi Signed-off-by: Rob Gill --- automated install/basic-install.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 4cd1e9aa..f3f76bd3 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -180,8 +180,6 @@ if command -v apt-get &> /dev/null; then phpInsMinor="$(echo $phpInsVer | cut -d\. -f2)" phpVer="php$phpInsMajor.phpInsMinor" fi - - fi # We also need the correct version for `php-sqlite` (which differs across distros) if ${PKG_MANAGER} install --dry-run ${phpVer}-sqlite3 > /dev/null 2>&1; then phpSqlite="sqlite3" From 714b6c98ef6da478eb46adab9ff34c1b50a6ba09 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Tue, 5 Jun 2018 14:45:01 +1000 Subject: [PATCH 0444/1602] codacy Signed-off-by: Rob Gill --- automated install/basic-install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index f3f76bd3..4c26f1a9 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -176,8 +176,8 @@ if command -v apt-get &> /dev/null; then fi else # Supported php is installed, its common, cgi & sqlite counterparts are deps - phpInsMajor="$(echo $phpInsVer | cut -d\. -f1)" - phpInsMinor="$(echo $phpInsVer | cut -d\. -f2)" + phpInsMajor="$(echo "$phpInsVersion" | cut -d\. -f1)" + phpInsMinor="$(echo "$phpInsVersion" | cut -d\. -f2)" phpVer="php$phpInsMajor.phpInsMinor" fi # We also need the correct version for `php-sqlite` (which differs across distros) From 36dbdf955d7ef06cefcdb4eed22c3bf617216172 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Tue, 5 Jun 2018 14:48:24 +1000 Subject: [PATCH 0445/1602] Update basic-install.sh Signed-off-by: Rob Gill --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 4c26f1a9..481e26db 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -178,7 +178,7 @@ if command -v apt-get &> /dev/null; then # Supported php is installed, its common, cgi & sqlite counterparts are deps phpInsMajor="$(echo "$phpInsVersion" | cut -d\. -f1)" phpInsMinor="$(echo "$phpInsVersion" | cut -d\. -f2)" - phpVer="php$phpInsMajor.phpInsMinor" + phpVer="php$phpInsMajor.$phpInsMinor" fi # We also need the correct version for `php-sqlite` (which differs across distros) if ${PKG_MANAGER} install --dry-run ${phpVer}-sqlite3 > /dev/null 2>&1; then From 13b8e1a2aea2e1d0b57c32ce3d620b407c870d84 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Tue, 5 Jun 2018 15:09:07 +1000 Subject: [PATCH 0446/1602] quotes. Signed-off-by: Rob Gill --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 481e26db..a4869d24 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -166,7 +166,7 @@ if command -v apt-get &> /dev/null; then echo -e " ${INFO} Existing PHP installation detected : PHP version $phpInsVersion" fi # Check if installed php is supported version (5.4 is EOL) - if [[ $phpInsVersion < "5.5" ]]; then + if [[ "$phpInsVersion" < "5.5" ]]; then # Prefer the php metapackage if it's there if ${PKG_MANAGER} install --dry-run php > /dev/null 2>&1; then phpVer="php" From 7f81cfd45a50476e9654b76f9c4a0393841b75c6 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Tue, 5 Jun 2018 09:09:35 +0100 Subject: [PATCH 0447/1602] Stats can still be generated without logging, no need for this sentence Signed-off-by: Adam Warner --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 395a6203..3d9a902a 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -977,7 +977,7 @@ setLogging() { local LogChoices # Ask if the user wants to log queries - LogToggleCommand=(whiptail --separate-output --radiolist "Do you want to log queries?\\n (Disabling will render graphs on the Admin page useless):" ${r} ${c} 6) + LogToggleCommand=(whiptail --separate-output --radiolist "Do you want to log queries?" ${r} ${c} 6) # The default selection is on LogChooseOptions=("On (Recommended)" "" on Off "" off) From f2f6b6ede9fedf26a0a7b56f365746b7fdaaf14a Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Tue, 5 Jun 2018 09:29:03 +0100 Subject: [PATCH 0448/1602] stickler complaints Signed-off-by: Adam Warner --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 3d9a902a..3d2e5784 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -977,7 +977,7 @@ setLogging() { local LogChoices # Ask if the user wants to log queries - LogToggleCommand=(whiptail --separate-output --radiolist "Do you want to log queries?" ${r} ${c} 6) + LogToggleCommand=(whiptail --separate-output --radiolist "Do you want to log queries?" "${r}" "${c}" 6) # The default selection is on LogChooseOptions=("On (Recommended)" "" on Off "" off) From a3569d88c95ed2dae32753ffa25fab3a217e5f5b Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Tue, 5 Jun 2018 21:42:42 +1000 Subject: [PATCH 0449/1602] Version strings & bash. Fixed up the version checking. Thanks for your help @dschaper. No longer uses the version string as returned, but uses the major and minor version numbers extracted from it, against the minimum of 5.5. Tested against real install of php 7.0, (and the version check logic separately tested against a variety of artificial version numbers, of multiple digits for both major and minor version. - Lesson learned, I'm never trusting bash again) Signed-off-by: Rob Gill --- automated install/basic-install.sh | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index a4869d24..67cd3a4c 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -160,13 +160,19 @@ if command -v apt-get &> /dev/null; then # use iproute iproute_pkg="iproute" fi - # Check for and determine version number, major and minor of current php install + # Check for and determine version number (major and minor) of current php install if command -v php &> /dev/null; then - phpInsVersion="$(php -v | head -n1 | grep -Po '(? /dev/null 2>&1; then phpVer="php" @@ -176,8 +182,6 @@ if command -v apt-get &> /dev/null; then fi else # Supported php is installed, its common, cgi & sqlite counterparts are deps - phpInsMajor="$(echo "$phpInsVersion" | cut -d\. -f1)" - phpInsMinor="$(echo "$phpInsVersion" | cut -d\. -f2)" phpVer="php$phpInsMajor.$phpInsMinor" fi # We also need the correct version for `php-sqlite` (which differs across distros) From 80040806430417625fe624c58e9dd95f9c597656 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Wed, 6 Jun 2018 22:37:43 +1000 Subject: [PATCH 0450/1602] Additional command-line completion Signed-off-by: Rob Gill --- advanced/bash-completion/pihole | 74 +++++++++++++++++++++++++++++++-- 1 file changed, 71 insertions(+), 3 deletions(-) diff --git a/advanced/bash-completion/pihole b/advanced/bash-completion/pihole index fc8f2162..5a893f19 100644 --- a/advanced/bash-completion/pihole +++ b/advanced/bash-completion/pihole @@ -1,11 +1,79 @@ _pihole() { - local cur prev opts + local cur prev opts opts_admin opts_checkout opts_chronometer opts_debug opts_interface opts_logging opts_privacy opts_query opts_update opts_version COMPREPLY=() cur="${COMP_WORDS[COMP_CWORD]}" prev="${COMP_WORDS[COMP_CWORD-1]}" - opts="admin blacklist chronometer debug disable enable flush help logging query reconfigure restartdns setupLCD status tail uninstall updateGravity updatePihole version whitelist checkout" + prev2="${COMP_WORDS[COMP_CWORD-2]}" - COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) + case "${prev}" in + "pihole") + opts="admin blacklist checkout chronometer debug disable enable flush help logging query reconfigure restartdns status tail uninstall updateGravity updatePihole version wildcard whitelist" + COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) + ;; + "whitelist"|"blacklist"|"wildcard") + opts_lists="\--delmode \--noreload \--quiet \--list \--nuke" + COMPREPLY=( $(compgen -W "${opts_lists}" -- ${cur}) ) + ;; + "admin") + opts_admin="celsius email fahrenheit hostrecord interface kelvin password privacylevel" + COMPREPLY=( $(compgen -W "${opts_admin}" -- ${cur}) ) + ;; + "checkout") + opts_checkout="core ftl web master dev" + COMPREPLY=( $(compgen -W "${opts_checkout}" -- ${cur}) ) + ;; + "chronometer") + opts_chronometer="\--exit \--jason \--refresh" + COMPREPLY=( $(compgen -W "${opts_chronometer}" -- ${cur}) ) + ;; + "debug") + opts_debug="-a" + COMPREPLY=( $(compgen -W "${opts_debug}" -- ${cur}) ) + ;; + "logging") + opts_logging="on off 'off noflush'" + COMPREPLY=( $(compgen -W "${opts_logging}" -- ${cur}) ) + ;; + "query") + opts_query="-adlist -all -exact" + COMPREPLY=( $(compgen -W "${opts_query}" -- ${cur}) ) + ;; + "updatePihole"|"-up") + opts_update="--check-only" + COMPREPLY=( $(compgen -W "${opts_update}" -- ${cur}) ) + ;; + "version") + opts_version="\--admin \--current \--ftl \--hash \--latest \--pihole" + COMPREPLY=( $(compgen -W "${opts_version}" -- ${cur}) ) + ;; + "interface") + if ( [[ "$prev2" == "admin" ]] || [[ "$prev2" == "-a" ]] ); then + opts_interface="$(cat /proc/net/dev | cut -d: -s -f1)" + COMPREPLY=( $(compgen -W "${opts_interface}" -- ${cur}) ) + else + return 1 + fi + ;; + "privacylevel") + if ( [[ "$prev2" == "admin" ]] || [[ "$prev2" == "-a" ]] ); then + opts_privacy="0 1 2 3" + COMPREPLY=( $(compgen -W "${opts_privacy}" -- ${cur}) ) + else + return 1 + fi + ;; + "core"|"admin"|"ftl") + if [[ "$prev2" == "checkout" ]]; then + opts_checkout="master dev" + COMPREPLY=( $(compgen -W "${opts_checkout}" -- ${cur}) ) + else + return 1 + fi + ;; + *) + return 1 + ;; + esac return 0 } complete -F _pihole pihole From d254d6075afa7b2c71003c4fa3e103894d0be01d Mon Sep 17 00:00:00 2001 From: DL6ER Date: Wed, 6 Jun 2018 19:26:56 +0200 Subject: [PATCH 0451/1602] First step from wildcards to regex lists for blocking Signed-off-by: DL6ER --- advanced/Scripts/list.sh | 46 ++++++++++++++++------------------------ 1 file changed, 18 insertions(+), 28 deletions(-) diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh index 1d96ea3c..a54d7dc8 100755 --- a/advanced/Scripts/list.sh +++ b/advanced/Scripts/list.sh @@ -13,7 +13,7 @@ basename=pihole piholeDir=/etc/"${basename}" whitelist="${piholeDir}"/whitelist.txt blacklist="${piholeDir}"/blacklist.txt -readonly wildcardlist="/etc/dnsmasq.d/03-pihole-wildcard.conf" +readonly regexlist="/etc/pihole/regex.list" reload=false addmode=true verbose=true @@ -31,7 +31,7 @@ helpFunc() { if [[ "${listMain}" == "${whitelist}" ]]; then param="w" type="white" - elif [[ "${listMain}" == "${wildcardlist}" ]]; then + elif [[ "${listMain}" == "${regexlist}" ]]; then param="wild" type="wildcard black" else @@ -57,7 +57,8 @@ Options: EscapeRegexp() { # This way we may safely insert an arbitrary # string in our regular expressions - # Also remove leading "." if present + # This sed is intentionally executed in three steps to ease maintainability + # The first sed removes any amount of leading dots echo $* | sed 's/^\.*//' | sed "s/[]\.|$(){}?+*^]/\\\\&/g" | sed "s/\\//\\\\\//g" } @@ -94,9 +95,6 @@ PoplistFile() { if ${addmode}; then AddDomain "${dom}" "${listMain}" RemoveDomain "${dom}" "${listAlt}" - if [[ "${listMain}" == "${whitelist}" || "${listMain}" == "${blacklist}" ]]; then - RemoveDomain "${dom}" "${wildcardlist}" - fi else RemoveDomain "${dom}" "${listMain}" fi @@ -109,7 +107,6 @@ AddDomain() { [[ "${list}" == "${whitelist}" ]] && listname="whitelist" [[ "${list}" == "${blacklist}" ]] && listname="blacklist" - [[ "${list}" == "${wildcardlist}" ]] && listname="wildcard blacklist" if [[ "${list}" == "${whitelist}" || "${list}" == "${blacklist}" ]]; then [[ "${list}" == "${whitelist}" && -z "${type}" ]] && type="--whitelist-only" @@ -121,7 +118,7 @@ AddDomain() { if [[ "${bool}" == false ]]; then # Domain not found in the whitelist file, add it! if [[ "${verbose}" == true ]]; then - echo -e " ${INFO} Adding $1 to $listname..." + echo -e " ${INFO} Adding ${1} to ${listname}..." fi reload=true # Add it to the list we want to add it to @@ -131,28 +128,22 @@ AddDomain() { echo -e " ${INFO} ${1} already exists in ${listname}, no need to add!" fi fi - elif [[ "${list}" == "${wildcardlist}" ]]; then - source "${piholeDir}/setupVars.conf" - # Remove the /* from the end of the IP addresses - IPV4_ADDRESS=${IPV4_ADDRESS%/*} - IPV6_ADDRESS=${IPV6_ADDRESS%/*} + elif [[ "${list}" == "${regexlist}" ]]; then [[ -z "${type}" ]] && type="--wildcard-only" bool=true # Is the domain in the list? - grep -e "address=\/${domain}\/" "${wildcardlist}" > /dev/null 2>&1 || bool=false + # Search only for exactly matching lines + grep -E "^${domain}$" "${regexlist}" > /dev/null 2>&1 || bool=false if [[ "${bool}" == false ]]; then if [[ "${verbose}" == true ]]; then - echo -e " ${INFO} Adding $1 to wildcard blacklist..." + echo -e " ${INFO} Adding ${1} to regex list..." fi reload="restart" - echo "address=/$1/${IPV4_ADDRESS}" >> "${wildcardlist}" - if [[ "${#IPV6_ADDRESS}" > 0 ]]; then - echo "address=/$1/${IPV6_ADDRESS}" >> "${wildcardlist}" - fi + echo "$1" >> "${regexlist}" else if [[ "${verbose}" == true ]]; then - echo -e " ${INFO} ${1} already exists in wildcard blacklist, no need to add!" + echo -e " ${INFO} ${1} already exists in regex list, no need to add!" fi fi fi @@ -164,7 +155,6 @@ RemoveDomain() { [[ "${list}" == "${whitelist}" ]] && listname="whitelist" [[ "${list}" == "${blacklist}" ]] && listname="blacklist" - [[ "${list}" == "${wildcardlist}" ]] && listname="wildcard blacklist" if [[ "${list}" == "${whitelist}" || "${list}" == "${blacklist}" ]]; then bool=true @@ -174,7 +164,7 @@ RemoveDomain() { grep -Ex -q "${domain}" "${list}" > /dev/null 2>&1 || bool=false if [[ "${bool}" == true ]]; then # Remove it from the other one - echo -e " ${INFO} Removing $1 from $listname..." + echo -e " ${INFO} Removing $1 from ${listname}..." # /I flag: search case-insensitive sed -i "/${domain}/Id" "${list}" reload=true @@ -183,20 +173,20 @@ RemoveDomain() { echo -e " ${INFO} ${1} does not exist in ${listname}, no need to remove!" fi fi - elif [[ "${list}" == "${wildcardlist}" ]]; then + elif [[ "${list}" == "${regexlist}" ]]; then [[ -z "${type}" ]] && type="--wildcard-only" bool=true # Is it in the list? - grep -e "address=\/${domain}\/" "${wildcardlist}" > /dev/null 2>&1 || bool=false + grep -E "^${domain}$" "${regexlist}" > /dev/null 2>&1 || bool=false if [[ "${bool}" == true ]]; then # Remove it from the other one - echo -e " ${INFO} Removing $1 from $listname..." + echo -e " ${INFO} Removing $1 from regex list..." # /I flag: search case-insensitive - sed -i "/address=\/${domain}/Id" "${list}" + sed -i "/${domain}/Id" "${list}" reload=true else if [[ "${verbose}" == true ]]; then - echo -e " ${INFO} ${1} does not exist in ${listname}, no need to remove!" + echo -e " ${INFO} ${1} does not exist in regex list, no need to remove!" fi fi fi @@ -241,7 +231,7 @@ for var in "$@"; do case "${var}" in "-w" | "whitelist" ) listMain="${whitelist}"; listAlt="${blacklist}";; "-b" | "blacklist" ) listMain="${blacklist}"; listAlt="${whitelist}";; - "-wild" | "wildcard" ) listMain="${wildcardlist}";; + "-wild" | "wildcard" ) listMain="${regexlist}";; "-nr"| "--noreload" ) reload=false;; "-d" | "--delmode" ) addmode=false;; "-q" | "--quiet" ) verbose=false;; From 52aa52c3b136e7bbeadc0646f75b91e3fc53b05e Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Thu, 7 Jun 2018 08:19:26 +1000 Subject: [PATCH 0452/1602] remove duplicate declaration Signed-off-by: Rob Gill --- automated install/basic-install.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index e1702187..4d825c60 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -2028,7 +2028,6 @@ FTLinstall() { local ftlBranch local url - local ftlBranch if [[ -f "/etc/pihole/ftlbranch" ]];then ftlBranch=$( Date: Sat, 9 Jun 2018 10:30:04 +1000 Subject: [PATCH 0453/1602] --json not --jason Signed-off-by: Rob Gill --- advanced/bash-completion/pihole | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/bash-completion/pihole b/advanced/bash-completion/pihole index 5a893f19..ff8fee56 100644 --- a/advanced/bash-completion/pihole +++ b/advanced/bash-completion/pihole @@ -23,7 +23,7 @@ _pihole() { COMPREPLY=( $(compgen -W "${opts_checkout}" -- ${cur}) ) ;; "chronometer") - opts_chronometer="\--exit \--jason \--refresh" + opts_chronometer="\--exit \--json \--refresh" COMPREPLY=( $(compgen -W "${opts_chronometer}" -- ${cur}) ) ;; "debug") From 6381bdbf334e6583e96cb3c0e2bb6e2f21507201 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Sat, 9 Jun 2018 11:35:30 +1000 Subject: [PATCH 0454/1602] don't use major.minor for PHP 5 Signed-off-by: --- automated install/basic-install.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 67cd3a4c..9fcb478b 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -166,13 +166,13 @@ if command -v apt-get &> /dev/null; then echo -e " ${INFO} Existing PHP installation detected : PHP version $phpInsVersion" phpInsMajor="$(echo "$phpInsVersion" | cut -d\. -f1)" phpInsMinor="$(echo "$phpInsVersion" | cut -d\. -f2)" - # Is installed php version supported? (php 5.4 is EOL) - if [ "$(echo "$phpInsMajor.$phpInsMinor < 5.5" | bc )" == 0 ]; then - phpInsSupported=true + # Is installed php version newer than php5? + if [ "$(echo "$phpInsMajor.$phpInsMinor < 7.0" | bc )" == 0 ]; then + phpInsNewer=true fi fi # Check if installed php is unsupported version (5.4 is EOL) - if [[ "$phpInsSupported" != true ]]; then + if [[ "$phpInsNewer" != true ]]; then # Prefer the php metapackage if it's there if ${PKG_MANAGER} install --dry-run php > /dev/null 2>&1; then phpVer="php" @@ -181,7 +181,7 @@ if command -v apt-get &> /dev/null; then phpVer="php5" fi else - # Supported php is installed, its common, cgi & sqlite counterparts are deps + # Newer php is installed, its common, cgi & sqlite counterparts are deps phpVer="php$phpInsMajor.$phpInsMinor" fi # We also need the correct version for `php-sqlite` (which differs across distros) From 11f0ade921aa0945cf9b20aad3f0097c92c4bd8d Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Sat, 9 Jun 2018 13:18:36 +1000 Subject: [PATCH 0455/1602] comments Signed-off-by: Rob Gill --- automated install/basic-install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 9fcb478b..5186b3cf 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -166,12 +166,12 @@ if command -v apt-get &> /dev/null; then echo -e " ${INFO} Existing PHP installation detected : PHP version $phpInsVersion" phpInsMajor="$(echo "$phpInsVersion" | cut -d\. -f1)" phpInsMinor="$(echo "$phpInsVersion" | cut -d\. -f2)" - # Is installed php version newer than php5? + # Is installed php version 7.0 or greater if [ "$(echo "$phpInsMajor.$phpInsMinor < 7.0" | bc )" == 0 ]; then phpInsNewer=true fi fi - # Check if installed php is unsupported version (5.4 is EOL) + # Check if installed php is v 7.0, or newer to determine packages to install if [[ "$phpInsNewer" != true ]]; then # Prefer the php metapackage if it's there if ${PKG_MANAGER} install --dry-run php > /dev/null 2>&1; then From e422f4154f4a05fa8bcd45e018328fb5c2d5d461 Mon Sep 17 00:00:00 2001 From: Alex Villarreal Date: Mon, 11 Jun 2018 12:56:27 -0500 Subject: [PATCH 0456/1602] Clean error message on successful response Signed-off-by: Alejandro Villarreal --- advanced/index.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/advanced/index.php b/advanced/index.php index 1575bafc..cad59ec7 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -329,6 +329,7 @@ setHeader(); setTimeout(function(){window.location.reload(1);}, 10000); $("#bpOutput").removeClass("add"); $("#bpOutput").addClass("success"); + $("#bpOutput").html(""); } else { $("#bpOutput").removeClass("add"); $("#bpOutput").addClass("error"); @@ -338,6 +339,7 @@ setHeader(); error: function(jqXHR, exception) { $("#bpOutput").removeClass("add"); $("#bpOutput").addClass("exception"); + $("#bpOutput").html(""); } }); } From d61fd01d61d95d86f79d1d041319adfc46c59c61 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Wed, 13 Jun 2018 15:47:08 +1000 Subject: [PATCH 0457/1602] Split queryFunc() into query.sh Signed-off-by: Rob Gill --- advanced/query.sh | 220 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 220 insertions(+) create mode 100644 advanced/query.sh diff --git a/advanced/query.sh b/advanced/query.sh new file mode 100644 index 00000000..3bae7422 --- /dev/null +++ b/advanced/query.sh @@ -0,0 +1,220 @@ +#!/usr/bin/env bash +# Pi-hole: A black hole for Internet advertisements +# (c) 2018 Pi-hole, LLC (https://pi-hole.net) +# Network-wide ad blocking via your own hardware. +# +# Query Domain Lists +# +# This file is copyright under the latest version of the EUPL. +# Please see LICENSE file for your rights under this license. + +# Globals +piholeDir="/etc/pihole" +adListsList="$piholeDir/adlists.list" +options="$*" +adlist="" +all="" +exact="" +blockpage="" +matchType="match" + +colfile="/opt/pihole/COL_TABLE" +source ${colfile} + +# Scan an array of files for matching strings +scanList(){ + # Escape full stops + local domain="${1//./\\.}" lists="${2}" type="${3:-}" + + # Prevent grep from printing file path + cd "$piholeDir" || exit 1 + + # Prevent grep -i matching slowly: http://bit.ly/2xFXtUX + export LC_CTYPE=C + + # /dev/null forces filename to be printed when only one list has been generated + # shellcheck disable=SC2086 + case "${type}" in + "exact" ) grep -i -E -l "(^|\\s)${domain}($|\\s|#)" ${lists} /dev/null;; + "wc" ) grep -i -o -m 1 "/${domain}/" ${lists};; + * ) grep -i "${domain}" ${lists} /dev/null;; + esac +} + +if [[ "${options}" == "-h" ]] || [[ "${options}" == "--help" ]]; then + echo "Usage: pihole -q [option] +Example: 'pihole -q -exact domain.com' +Query the adlists for a specified domain + +Options: + -adlist Print the name of the block list URL + -exact Search the block lists for exact domain matches + -all Return all query matches within a block list + -h, --help Show this help dialog" + exit 0 +fi + +if [[ ! -e "$adListsList" ]]; then + echo -e "${COL_LIGHT_RED}The file '/etc/pihole/adlists.list' was not found${COL_NC}" + exit 1 +fi + +# Handle valid options +if [[ "${options}" == *"-bp"* ]]; then + exact="exact"; blockpage=true +else + [[ "${options}" == *"-adlist"* ]] && adlist=true + [[ "${options}" == *"-all"* ]] && all=true + if [[ "${options}" == *"-exact"* ]]; then + exact="exact"; matchType="exact ${matchType}" + fi +fi + +# Strip valid options, leaving only the domain and invalid options +# This allows users to place the options before or after the domain +options=$(sed -E 's/ ?-(bp|adlists?|all|exact) ?//g' <<< "${options}") + +# Handle remaining options +# If $options contain non ASCII characters, convert to punycode +case "${options}" in + "" ) str="No domain specified";; + *" "* ) str="Unknown query option specified";; + *[![:ascii:]]* ) domainQuery=$(idn2 "${options}");; + * ) domainQuery="${options}";; +esac + +if [[ -n "${str:-}" ]]; then + echo -e "${str}${COL_NC}\\nTry 'pihole -q --help' for more information." + exit 1 +fi + +# Scan Whitelist and Blacklist +lists="whitelist.txt blacklist.txt" +mapfile -t results <<< "$(scanList "${domainQuery}" "${lists}" "${exact}")" + if [[ -n "${results[*]}" ]]; then + wbMatch=true + # Loop through each result in order to print unique file title once + for result in "${results[@]}"; do + fileName="${result%%.*}" + if [[ -n "${blockpage}" ]]; then + echo "π ${result}" + exit 0 + elif [[ -n "${exact}" ]]; then + echo " ${matchType^} found in ${COL_BOLD}${fileName^}${COL_NC}" + else + # Only print filename title once per file + if [[ ! "${fileName}" == "${fileName_prev:-}" ]]; then + echo " ${matchType^} found in ${COL_BOLD}${fileName^}${COL_NC}" + fileName_prev="${fileName}" + fi + echo " ${result#*:}" + fi + done +fi + +# Scan Wildcards +if [[ -e "${wildcardlist}" ]]; then + # Determine all subdomains, domain and TLDs + mapfile -t wildcards <<< "$(processWildcards "${domainQuery}")" + for match in "${wildcards[@]}"; do + # Search wildcard list for matches + mapfile -t results <<< "$(scanList "${match}" "${wildcardlist}" "wc")" + if [[ -n "${results[*]}" ]]; then + if [[ -z "${wcMatch:-}" ]] && [[ -z "${blockpage}" ]]; then + wcMatch=true + echo " ${matchType^} found in ${COL_BOLD}Wildcards${COL_NC}:" + fi + case "${blockpage}" in + true ) echo "π ${wildcardlist##*/}"; exit 0;; + * ) echo " *.${match}";; + esac + fi + done +fi + +# Get version sorted *.domains filenames (without dir path) +lists=("$(cd "$piholeDir" || exit 0; printf "%s\\n" -- *.domains | sort -V)") + +# Query blocklists for occurences of domain +mapfile -t results <<< "$(scanList "${domainQuery}" "${lists[*]}" "${exact}")" + +# Handle notices +if [[ -z "${wbMatch:-}" ]] && [[ -z "${wcMatch:-}" ]] && [[ -z "${results[*]}" ]]; then + echo -e " ${INFO} No ${exact/t/t }results found for ${COL_BOLD}${domainQuery}${COL_NC} within the block lists" + exit 0 +elif [[ -z "${results[*]}" ]]; then + # Result found in WL/BL/Wildcards + exit 0 +elif [[ -z "${all}" ]] && [[ "${#results[*]}" -ge 100 ]]; then + echo -e " ${INFO} Over 100 ${exact/t/t }results found for ${COL_BOLD}${domainQuery}${COL_NC} + This can be overridden using the -all option" + exit 0 +fi + +# Remove unwanted content from non-exact $results +if [[ -z "${exact}" ]]; then + # Delete lines starting with # + # Remove comments after domain + # Remove hosts format IP address + mapfile -t results <<< "$(IFS=$'\n'; sed \ + -e "/:#/d" \ + -e "s/[ \\t]#.*//g" \ + -e "s/:.*[ \\t]/:/g" \ + <<< "${results[*]}")" + # Exit if result was in a comment + [[ -z "${results[*]}" ]] && exit 0 +fi + +# Get adlist file content as array +if [[ -n "${adlist}" ]] || [[ -n "${blockpage}" ]]; then + for adlistUrl in $(< "adListsList"); do + if [[ "${adlistUrl:0:4}" =~ (http|www.) ]]; then + adlists+=("${adlistUrl}") + fi + done +fi + +# Print "Exact matches for" title +if [[ -n "${exact}" ]] && [[ -z "${blockpage}" ]]; then + plural=""; [[ "${#results[*]}" -gt 1 ]] && plural="es" + echo " ${matchType^}${plural} for ${COL_BOLD}${domainQuery}${COL_NC} found in:" +fi + +for result in "${results[@]}"; do + fileName="${result/:*/}" + + # Determine *.domains URL using filename's number + if [[ -n "${adlist}" ]] || [[ -n "${blockpage}" ]]; then + fileNum="${fileName/list./}"; fileNum="${fileNum%%.*}" + fileName="${adlists[$fileNum]}" + + # Discrepency occurs when adlists has been modified, but Gravity has not been run + if [[ -z "${fileName}" ]]; then + fileName="${COL_LIGHT_RED}(no associated adlists URL found)${COL_NC}" + fi + fi + + if [[ -n "${blockpage}" ]]; then + echo "${fileNum} ${fileName}" + elif [[ -n "${exact}" ]]; then + echo " ${fileName}" + else + if [[ ! "${fileName}" == "${fileName_prev:-}" ]]; then + count="" + echo " ${matchType^} found in ${COL_BOLD}${fileName}${COL_NC}:" + fileName_prev="${fileName}" + fi + : $((count++)) + + # Print matching domain if $max_count has not been reached + [[ -z "${all}" ]] && max_count="50" + if [[ -z "${all}" ]] && [[ "${count}" -ge "${max_count}" ]]; then + [[ "${count}" -gt "${max_count}" ]] && continue + echo " ${COL_GRAY}Over ${count} results found, skipping rest of file${COL_NC}" + else + echo " ${result#*:}" + fi + fi +done + +exit 0 From b1207949ac00ea984f57b2b4b9b233a2b33e1db8 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Wed, 13 Jun 2018 15:49:52 +1000 Subject: [PATCH 0458/1602] Call query.sh to replace queryFunc() Signed-off-by: Rob Gill --- pihole | 186 +-------------------------------------------------------- 1 file changed, 1 insertion(+), 185 deletions(-) diff --git a/pihole b/pihole index c125d0d9..b0cab88e 100755 --- a/pihole +++ b/pihole @@ -125,191 +125,7 @@ processWildcards() { queryFunc() { shift - local options="$*" adlist="" all="" exact="" blockpage="" matchType="match" - - if [[ "${options}" == "-h" ]] || [[ "${options}" == "--help" ]]; then - echo "Usage: pihole -q [option] -Example: 'pihole -q -exact domain.com' -Query the adlists for a specified domain - -Options: - -adlist Print the name of the block list URL - -exact Search the block lists for exact domain matches - -all Return all query matches within a block list - -h, --help Show this help dialog" - exit 0 - fi - - if [[ ! -e "/etc/pihole/adlists.list" ]]; then - echo -e "${COL_LIGHT_RED}The file '/etc/pihole/adlists.list' was not found${COL_NC}" - exit 1 - fi - - # Handle valid options - if [[ "${options}" == *"-bp"* ]]; then - exact="exact"; blockpage=true - else - [[ "${options}" == *"-adlist"* ]] && adlist=true - [[ "${options}" == *"-all"* ]] && all=true - if [[ "${options}" == *"-exact"* ]]; then - exact="exact"; matchType="exact ${matchType}" - fi - fi - - # Strip valid options, leaving only the domain and invalid options - # This allows users to place the options before or after the domain - options=$(sed -E 's/ ?-(bp|adlists?|all|exact) ?//g' <<< "${options}") - - # Handle remaining options - # If $options contain non ASCII characters, convert to punycode - case "${options}" in - "" ) str="No domain specified";; - *" "* ) str="Unknown query option specified";; - *[![:ascii:]]* ) domainQuery=$(idn2 "${options}");; - * ) domainQuery="${options}";; - esac - - if [[ -n "${str:-}" ]]; then - echo -e "${str}${COL_NC}\\nTry 'pihole -q --help' for more information." - exit 1 - fi - - # Scan Whitelist and Blacklist - lists="whitelist.txt blacklist.txt" - mapfile -t results <<< "$(scanList "${domainQuery}" "${lists}" "${exact}")" - - if [[ -n "${results[*]}" ]]; then - wbMatch=true - - # Loop through each result in order to print unique file title once - for result in "${results[@]}"; do - fileName="${result%%.*}" - - if [[ -n "${blockpage}" ]]; then - echo "π ${result}" - exit 0 - elif [[ -n "${exact}" ]]; then - echo " ${matchType^} found in ${COL_BOLD}${fileName^}${COL_NC}" - else - # Only print filename title once per file - if [[ ! "${fileName}" == "${fileName_prev:-}" ]]; then - echo " ${matchType^} found in ${COL_BOLD}${fileName^}${COL_NC}" - fileName_prev="${fileName}" - fi - echo " ${result#*:}" - fi - done - fi - - # Scan Wildcards - if [[ -e "${wildcardlist}" ]]; then - # Determine all subdomains, domain and TLDs - mapfile -t wildcards <<< "$(processWildcards "${domainQuery}")" - - for match in "${wildcards[@]}"; do - # Search wildcard list for matches - mapfile -t results <<< "$(scanList "${match}" "${wildcardlist}" "wc")" - - if [[ -n "${results[*]}" ]]; then - if [[ -z "${wcMatch:-}" ]] && [[ -z "${blockpage}" ]]; then - wcMatch=true - echo " ${matchType^} found in ${COL_BOLD}Wildcards${COL_NC}:" - fi - - case "${blockpage}" in - true ) echo "π ${wildcardlist##*/}"; exit 0;; - * ) echo " *.${match}";; - esac - fi - done - fi - - # Get version sorted *.domains filenames (without dir path) - lists=("$(cd "/etc/pihole" || exit 0; printf "%s\\n" -- *.domains | sort -V)") - - # Query blocklists for occurences of domain - mapfile -t results <<< "$(scanList "${domainQuery}" "${lists[*]}" "${exact}")" - - # Handle notices - if [[ -z "${wbMatch:-}" ]] && [[ -z "${wcMatch:-}" ]] && [[ -z "${results[*]}" ]]; then - echo -e " ${INFO} No ${exact/t/t }results found for ${COL_BOLD}${domainQuery}${COL_NC} within the block lists" - exit 0 - elif [[ -z "${results[*]}" ]]; then - # Result found in WL/BL/Wildcards - exit 0 - elif [[ -z "${all}" ]] && [[ "${#results[*]}" -ge 100 ]]; then - echo -e " ${INFO} Over 100 ${exact/t/t }results found for ${COL_BOLD}${domainQuery}${COL_NC} - This can be overridden using the -all option" - exit 0 - fi - - # Remove unwanted content from non-exact $results - if [[ -z "${exact}" ]]; then - # Delete lines starting with # - # Remove comments after domain - # Remove hosts format IP address - mapfile -t results <<< "$(IFS=$'\n'; sed \ - -e "/:#/d" \ - -e "s/[ \\t]#.*//g" \ - -e "s/:.*[ \\t]/:/g" \ - <<< "${results[*]}")" - - # Exit if result was in a comment - [[ -z "${results[*]}" ]] && exit 0 - fi - - # Get adlist file content as array - if [[ -n "${adlist}" ]] || [[ -n "${blockpage}" ]]; then - for adlistUrl in $(< "/etc/pihole/adlists.list"); do - if [[ "${adlistUrl:0:4}" =~ (http|www.) ]]; then - adlists+=("${adlistUrl}") - fi - done - fi - - # Print "Exact matches for" title - if [[ -n "${exact}" ]] && [[ -z "${blockpage}" ]]; then - plural=""; [[ "${#results[*]}" -gt 1 ]] && plural="es" - echo " ${matchType^}${plural} for ${COL_BOLD}${domainQuery}${COL_NC} found in:" - fi - - for result in "${results[@]}"; do - fileName="${result/:*/}" - - # Determine *.domains URL using filename's number - if [[ -n "${adlist}" ]] || [[ -n "${blockpage}" ]]; then - fileNum="${fileName/list./}"; fileNum="${fileNum%%.*}" - fileName="${adlists[$fileNum]}" - - # Discrepency occurs when adlists has been modified, but Gravity has not been run - if [[ -z "${fileName}" ]]; then - fileName="${COL_LIGHT_RED}(no associated adlists URL found)${COL_NC}" - fi - fi - - if [[ -n "${blockpage}" ]]; then - echo "${fileNum} ${fileName}" - elif [[ -n "${exact}" ]]; then - echo " ${fileName}" - else - if [[ ! "${fileName}" == "${fileName_prev:-}" ]]; then - count="" - echo " ${matchType^} found in ${COL_BOLD}${fileName}${COL_NC}:" - fileName_prev="${fileName}" - fi - : $((count++)) - - # Print matching domain if $max_count has not been reached - [[ -z "${all}" ]] && max_count="50" - if [[ -z "${all}" ]] && [[ "${count}" -ge "${max_count}" ]]; then - [[ "${count}" -gt "${max_count}" ]] && continue - echo " ${COL_GRAY}Over ${count} results found, skipping rest of file${COL_NC}" - else - echo " ${result#*:}" - fi - fi - done - + "${PI_HOLE_SCRIPT_DIR}"/query.sh "$@" exit 0 } From 45a8eda49b7d632ca4d6652558aa8d349fe2bbd3 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Wed, 13 Jun 2018 16:08:21 +1000 Subject: [PATCH 0459/1602] Stop grep leak in query Fix grep error leak from #1805 Signed-off-by: Rob Gill --- advanced/{ => Scripts}/query.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) rename advanced/{ => Scripts}/query.sh (97%) diff --git a/advanced/query.sh b/advanced/Scripts/query.sh similarity index 97% rename from advanced/query.sh rename to advanced/Scripts/query.sh index 3bae7422..88118ee1 100644 --- a/advanced/query.sh +++ b/advanced/Scripts/query.sh @@ -35,9 +35,9 @@ scanList(){ # /dev/null forces filename to be printed when only one list has been generated # shellcheck disable=SC2086 case "${type}" in - "exact" ) grep -i -E -l "(^|\\s)${domain}($|\\s|#)" ${lists} /dev/null;; - "wc" ) grep -i -o -m 1 "/${domain}/" ${lists};; - * ) grep -i "${domain}" ${lists} /dev/null;; + "exact" ) grep -i -E -l "(^|\\s)${domain}($|\\s|#)" ${lists} /dev/null 2>/dev/null;; + "wc" ) grep -i -o -m 1 "/${domain}/" ${lists} 2>/dev/null;; + * ) grep -i "${domain}" ${lists} /dev/null 2>/dev/null;; esac } From 2255d05664d07c581ca3a81eb37e20cff9c95a19 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Wed, 13 Jun 2018 16:09:49 +1000 Subject: [PATCH 0460/1602] Remove scanlist(), now in query.sh Signed-off-by: Rob Gill --- pihole | 20 -------------------- 1 file changed, 20 deletions(-) diff --git a/pihole b/pihole index b0cab88e..59ab760f 100755 --- a/pihole +++ b/pihole @@ -86,26 +86,6 @@ updateGravityFunc() { exit 0 } -# Scan an array of files for matching strings -scanList(){ - # Escape full stops - local domain="${1//./\\.}" lists="${2}" type="${3:-}" - - # Prevent grep from printing file path - cd "/etc/pihole" || exit 1 - - # Prevent grep -i matching slowly: http://bit.ly/2xFXtUX - export LC_CTYPE=C - - # /dev/null forces filename to be printed when only one list has been generated - # shellcheck disable=SC2086 - case "${type}" in - "exact" ) grep -i -E -l "(^|\\s)${domain}($|\\s|#)" ${lists} /dev/null;; - "wc" ) grep -i -o -m 1 "/${domain}/" ${lists};; - * ) grep -i "${domain}" ${lists} /dev/null;; - esac -} - # Print each subdomain # e.g: foo.bar.baz.com = "foo.bar.baz.com bar.baz.com baz.com com" processWildcards() { From b8e1849cec356d2ccfa5a9cd519636dd8858daa6 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Wed, 13 Jun 2018 16:19:07 +1000 Subject: [PATCH 0461/1602] wildcardlist Signed-off-by: Rob Gill --- advanced/Scripts/query.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/advanced/Scripts/query.sh b/advanced/Scripts/query.sh index 88118ee1..8b570ffe 100644 --- a/advanced/Scripts/query.sh +++ b/advanced/Scripts/query.sh @@ -11,6 +11,7 @@ # Globals piholeDir="/etc/pihole" adListsList="$piholeDir/adlists.list" +wildcardlist="/etc/dnsmasq.d/03-pihole-wildcard.conf" options="$*" adlist="" all="" @@ -19,7 +20,7 @@ blockpage="" matchType="match" colfile="/opt/pihole/COL_TABLE" -source ${colfile} +source "$colfile" # Scan an array of files for matching strings scanList(){ From 8ab0b0e46073c6e06e03745113484d422bdf6afc Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Wed, 13 Jun 2018 16:25:43 +1000 Subject: [PATCH 0462/1602] colfile Signed-off-by: Rob Gill --- advanced/Scripts/query.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/query.sh b/advanced/Scripts/query.sh index 8b570ffe..42f9c895 100644 --- a/advanced/Scripts/query.sh +++ b/advanced/Scripts/query.sh @@ -20,7 +20,7 @@ blockpage="" matchType="match" colfile="/opt/pihole/COL_TABLE" -source "$colfile" +source "${colfile}" # Scan an array of files for matching strings scanList(){ From bf5566649251273f5be5a25593c40f73dfaa7c1d Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Wed, 13 Jun 2018 16:29:07 +1000 Subject: [PATCH 0463/1602] Appease stickler. Signed-off-by: Rob Gill --- advanced/Scripts/query.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/advanced/Scripts/query.sh b/advanced/Scripts/query.sh index 42f9c895..e1cd6457 100644 --- a/advanced/Scripts/query.sh +++ b/advanced/Scripts/query.sh @@ -1,4 +1,5 @@ #!/usr/bin/env bash +# shellcheck disable=SC1090 # Pi-hole: A black hole for Internet advertisements # (c) 2018 Pi-hole, LLC (https://pi-hole.net) # Network-wide ad blocking via your own hardware. From a7347238e6b22a9b78addef55809d59be7ca9e65 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Fri, 15 Jun 2018 14:42:30 +1000 Subject: [PATCH 0464/1602] $adListsList replace filename in text Signed-off-by: Rob Gill --- advanced/Scripts/query.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/query.sh b/advanced/Scripts/query.sh index e1cd6457..f9d25511 100644 --- a/advanced/Scripts/query.sh +++ b/advanced/Scripts/query.sh @@ -57,7 +57,7 @@ Options: fi if [[ ! -e "$adListsList" ]]; then - echo -e "${COL_LIGHT_RED}The file '/etc/pihole/adlists.list' was not found${COL_NC}" + echo -e "${COL_LIGHT_RED}The file "$adListsList" was not found${COL_NC}" exit 1 fi From 23adbf9540dbe1034a87d81adc15d7b03f609a51 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Fri, 15 Jun 2018 14:45:27 +1000 Subject: [PATCH 0465/1602] remove quotes Signed-off-by: Rob Gill --- advanced/Scripts/query.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/query.sh b/advanced/Scripts/query.sh index f9d25511..5dc80f6b 100644 --- a/advanced/Scripts/query.sh +++ b/advanced/Scripts/query.sh @@ -57,7 +57,7 @@ Options: fi if [[ ! -e "$adListsList" ]]; then - echo -e "${COL_LIGHT_RED}The file "$adListsList" was not found${COL_NC}" + echo -e "${COL_LIGHT_RED}The file $adListsList was not found${COL_NC}" exit 1 fi From a7c73036f0b7801feea2b643221d420caec84282 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sun, 17 Jun 2018 13:37:41 +0200 Subject: [PATCH 0466/1602] pihole -t: Warn user if Pi-hole's logging is disabled Signed-off-by: DL6ER --- pihole | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/pihole b/pihole index 59ab760f..21329849 100755 --- a/pihole +++ b/pihole @@ -312,6 +312,13 @@ statusFunc() { } tailFunc() { + # Warn user if Pi-hole's logging is disabled + local logging_enabled=$(grep -c "^log-queries" /etc/dnsmasq.d/01-pihole.conf) + if [[ "${logging_enabled}" == "0" ]]; then + # No "log-queries" lines are found. + # Commented out lines (such as "#log-queries") are ignored + echo " ${CROSS} Warning: Query logging is disabled" + fi echo -e " ${INFO} Press Ctrl-C to exit" # Retrieve IPv4/6 addresses From bc705aac039ba7c3fbfcd0aa73b0d991db2b8a14 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sun, 17 Jun 2018 14:26:57 +0200 Subject: [PATCH 0467/1602] Add automated wildcard list -> regex filter conversion Signed-off-by: DL6ER --- advanced/Scripts/wildcard_regex_converter.sh | 18 ++++++++++++++++++ gravity.sh | 17 ++++++++--------- 2 files changed, 26 insertions(+), 9 deletions(-) create mode 100644 advanced/Scripts/wildcard_regex_converter.sh diff --git a/advanced/Scripts/wildcard_regex_converter.sh b/advanced/Scripts/wildcard_regex_converter.sh new file mode 100644 index 00000000..e862f391 --- /dev/null +++ b/advanced/Scripts/wildcard_regex_converter.sh @@ -0,0 +1,18 @@ +#!/bin/bash + +wildcardFile="/etc/dnsmasq.d/03-pihole-wildcard.conf" + +convert_wildcard_to_regex() { + if [ ! -f "${wildcardFile}" ]; then + return + fi + local addrlines domains uniquedomains + # Obtain wildcard domains from old file + addrlines="$(grep -oE "/.*/" ${wildcardFile})" + # Strip "/" from domain names + domains="$(sed 's/\///g;' <<< "${addrlines}")" + # Remove repeated domains (may have been inserted two times due to A and AAAA blocking) + uniquedomains="$(uniq <<< "${domains}")" + # Automatically generate regex filters and remove old wildcards file + awk '{print "(^)|(\\.)"$0"$"}' <<< "${uniquedomains}" >> "${regexFile}" && rm "${wildcardFile}" +} diff --git a/gravity.sh b/gravity.sh index 58419029..0f64be68 100755 --- a/gravity.sh +++ b/gravity.sh @@ -15,6 +15,8 @@ export LC_ALL=C coltable="/opt/pihole/COL_TABLE" source "${coltable}" +regexconverter="/opt/pihole/wildcard_regex_converter.sh" +source "${regexconverter}" basename="pihole" PIHOLE_COMMAND="/usr/local/bin/${basename}" @@ -26,7 +28,7 @@ adListDefault="${piholeDir}/adlists.default" whitelistFile="${piholeDir}/whitelist.txt" blacklistFile="${piholeDir}/blacklist.txt" -wildcardFile="/etc/dnsmasq.d/03-pihole-wildcard.conf" +regexFile="${piholeDir}/regex.list" adList="${piholeDir}/gravity.list" blackList="${piholeDir}/black.list" @@ -453,7 +455,7 @@ gravity_Whitelist() { echo -e "${OVER} ${INFO} ${str}" } -# Output count of blacklisted domains and wildcards +# Output count of blacklisted domains and regex filters gravity_ShowBlockCount() { local num @@ -462,13 +464,9 @@ gravity_ShowBlockCount() { echo -e " ${INFO} Number of blacklisted domains: ${num}" fi - if [[ -f "${wildcardFile}" ]]; then - num=$(grep -c "^" "${wildcardFile}") - # If IPv4 and IPv6 is used, divide total wildcard count by 2 - if [[ -n "${IPV4_ADDRESS}" ]] && [[ -n "${IPV6_ADDRESS}" ]];then - num=$(( num/2 )) - fi - echo -e " ${INFO} Number of wildcard blocked domains: ${num}" + if [[ -f "${regexFile}" ]]; then + num=$(grep -c "^" "${regexFile}") + echo -e " ${INFO} Number of regex filters: ${num}" fi } @@ -646,6 +644,7 @@ if [[ "${skipDownload}" == false ]] || [[ "${listType}" == "whitelist" ]]; then gravity_Whitelist fi +convert_wildcard_to_regex gravity_ShowBlockCount # Perform when downloading blocklists, or modifying the white/blacklist (not wildcards) From cd026cd865603bac7ca0e1b88b7e1bce5556c556 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sun, 17 Jun 2018 14:43:33 +0200 Subject: [PATCH 0468/1602] Add comment where regexList is defined Signed-off-by: DL6ER --- advanced/Scripts/wildcard_regex_converter.sh | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/advanced/Scripts/wildcard_regex_converter.sh b/advanced/Scripts/wildcard_regex_converter.sh index e862f391..7c80d07e 100644 --- a/advanced/Scripts/wildcard_regex_converter.sh +++ b/advanced/Scripts/wildcard_regex_converter.sh @@ -1,4 +1,14 @@ #!/bin/bash +# Pi-hole: A black hole for Internet advertisements +# (c) 2017 Pi-hole, LLC (https://pi-hole.net) +# Network-wide ad blocking via your own hardware. +# +# Provides an automated migration subroutine to convert Pi-hole v3.x wildcard domains to Pi-hole v4.x regex filters +# +# This file is copyright under the latest version of the EUPL. +# Please see LICENSE file for your rights under this license. + +# regexFile set in gravity.sh wildcardFile="/etc/dnsmasq.d/03-pihole-wildcard.conf" From c7afe3e9a4a5728faf3c61722609b66d885be8b8 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sun, 17 Jun 2018 14:46:26 +0200 Subject: [PATCH 0469/1602] Please stickler by making clear that the variable regexFile is declared outside of this routine Signed-off-by: DL6ER --- advanced/Scripts/wildcard_regex_converter.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/wildcard_regex_converter.sh b/advanced/Scripts/wildcard_regex_converter.sh index 7c80d07e..46c5e952 100644 --- a/advanced/Scripts/wildcard_regex_converter.sh +++ b/advanced/Scripts/wildcard_regex_converter.sh @@ -24,5 +24,5 @@ convert_wildcard_to_regex() { # Remove repeated domains (may have been inserted two times due to A and AAAA blocking) uniquedomains="$(uniq <<< "${domains}")" # Automatically generate regex filters and remove old wildcards file - awk '{print "(^)|(\\.)"$0"$"}' <<< "${uniquedomains}" >> "${regexFile}" && rm "${wildcardFile}" + awk '{print "(^)|(\\.)"$0"$"}' <<< "${uniquedomains}" >> "${regexFile:?}" && rm "${wildcardFile}" } From 2809579dd736dfe5f5a5273c55777baf59e3eb8e Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sun, 17 Jun 2018 14:59:21 +0200 Subject: [PATCH 0470/1602] Refine regex filter generation Signed-off-by: DL6ER --- advanced/Scripts/wildcard_regex_converter.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/advanced/Scripts/wildcard_regex_converter.sh b/advanced/Scripts/wildcard_regex_converter.sh index 46c5e952..d8ebeeb8 100644 --- a/advanced/Scripts/wildcard_regex_converter.sh +++ b/advanced/Scripts/wildcard_regex_converter.sh @@ -19,10 +19,10 @@ convert_wildcard_to_regex() { local addrlines domains uniquedomains # Obtain wildcard domains from old file addrlines="$(grep -oE "/.*/" ${wildcardFile})" - # Strip "/" from domain names - domains="$(sed 's/\///g;' <<< "${addrlines}")" + # Strip "/" from domain names and convert "." to regex-compatible "\." + domains="$(sed 's/\///g;s/\./\\./g' <<< "${addrlines}")" # Remove repeated domains (may have been inserted two times due to A and AAAA blocking) uniquedomains="$(uniq <<< "${domains}")" # Automatically generate regex filters and remove old wildcards file - awk '{print "(^)|(\\.)"$0"$"}' <<< "${uniquedomains}" >> "${regexFile:?}" && rm "${wildcardFile}" + awk '{print "((^)|(\\.))"$0"$"}' <<< "${uniquedomains}" >> "${regexFile:?}" && rm "${wildcardFile}" } From e71492a2b3995cb123fe0266438be5d571da54f4 Mon Sep 17 00:00:00 2001 From: Mark Drobnak Date: Wed, 20 Jun 2018 20:19:38 -0400 Subject: [PATCH 0471/1602] Update debug script for simple list format Gravity is now just a list of domains, not IP addresses and domains separated by a space. Signed-off-by: Mcat12 --- advanced/Scripts/piholeDebug.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index a7fa4c2a..cffbfe82 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -780,7 +780,7 @@ dig_at() { # Find a random blocked url that has not been whitelisted. # This helps emulate queries to different domains that a user might query # It will also give extra assurance that Pi-hole is correctly resolving and blocking domains - local random_url=$(shuf -n 1 "${PIHOLE_BLOCKLIST_FILE}" | awk -F ' ' '{ print $2 }') + local random_url=$(shuf -n 1 "${PIHOLE_BLOCKLIST_FILE}") # First, do a dig on localhost to see if Pi-hole can use itself to block a domain if local_dig=$(dig +tries=1 +time=2 -"${protocol}" "${random_url}" @${local_address} +short "${record_type}"); then From 868948509a4a7b70feff67537f709eb933cfc33c Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Wed, 20 Jun 2018 20:30:42 -0400 Subject: [PATCH 0472/1602] Split declaration and assignment of random_url Signed-off-by: Mcat12 --- advanced/Scripts/piholeDebug.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index cffbfe82..2f2b3745 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -780,7 +780,8 @@ dig_at() { # Find a random blocked url that has not been whitelisted. # This helps emulate queries to different domains that a user might query # It will also give extra assurance that Pi-hole is correctly resolving and blocking domains - local random_url=$(shuf -n 1 "${PIHOLE_BLOCKLIST_FILE}") + local random_url + random_url=$(shuf -n 1 "${PIHOLE_BLOCKLIST_FILE}") # First, do a dig on localhost to see if Pi-hole can use itself to block a domain if local_dig=$(dig +tries=1 +time=2 -"${protocol}" "${random_url}" @${local_address} +short "${record_type}"); then From d5547f5c7c6eb450a85fde721579ac3835bad50c Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Sun, 24 Jun 2018 16:06:55 -0700 Subject: [PATCH 0473/1602] Revert "Fix error: /opt/pihole/gravity.sh: 385: Warning: command substitution: ignored null byte in input" --- gravity.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/gravity.sh b/gravity.sh index ade27b8a..dfcb753a 100755 --- a/gravity.sh +++ b/gravity.sh @@ -387,8 +387,9 @@ gravity_ConsolidateDownloadedBlocklists() { if [[ -r "${i}" ]]; then # Remove windows CRs from file, convert list to lower case, and append into $matterAndLight tr -d '\r' < "${i}" | tr '[:upper:]' '[:lower:]' >> "${piholeDir}/${matterAndLight}" + # Ensure that the first line of a new list is on a new line - IFS= read -r -d '' lastLine <"${piholeDir}/${matterAndLight}" || [[ $lastLine ]] + lastLine=$(tail -1 "${piholeDir}/${matterAndLight}") if [[ "${#lastLine}" -gt 0 ]]; then echo "" >> "${piholeDir}/${matterAndLight}" fi From 9d3d33b6a276a7c94159b4f20429956615362093 Mon Sep 17 00:00:00 2001 From: bcambl Date: Tue, 26 Jun 2018 00:09:30 -0600 Subject: [PATCH 0474/1602] add tests for selinux checking Signed-off-by: bcambl --- .gitignore | 1 + test/test_automated_install.py | 50 ++++++++++++++++++++++++++++++++++ 2 files changed, 51 insertions(+) diff --git a/.gitignore b/.gitignore index 73f14ae3..91bb6aff 100644 --- a/.gitignore +++ b/.gitignore @@ -3,6 +3,7 @@ *.swp __pycache__ .cache +.pytest_cache # Created by https://www.gitignore.io/api/jetbrains+iml diff --git a/test/test_automated_install.py b/test/test_automated_install.py index 2c65c660..684b7004 100644 --- a/test/test_automated_install.py +++ b/test/test_automated_install.py @@ -173,6 +173,56 @@ def test_configureFirewall_IPTables_enabled_not_exist_no_errors(Pihole): assert 'iptables -I INPUT 1 -p tcp -m tcp --dport 53 -j ACCEPT' in firewall_calls assert 'iptables -I INPUT 1 -p udp -m udp --dport 53 -j ACCEPT' in firewall_calls +def test_selinux_enforcing_default_exit(Pihole): + ''' confirms installer prompts to exit when SELinux is Enforcing by default ''' + # getenforce returns the running state of SELinux + mock_command('getenforce', {'*':('Enforcing', '0')}, Pihole) + # Whiptail dialog returns Cancel for user prompt + mock_command('whiptail', {'*':('', '1')}, Pihole) + check_selinux = Pihole.run(''' + source /opt/pihole/basic-install.sh + checkSelinux + ''') + assert info_box + ' SELinux mode detected: Enforcing' in check_selinux.stdout + assert 'SELinux Enforcing detected, exiting installer' in check_selinux.stdout + assert check_selinux.rc == 1 + +def test_selinux_enforcing_continue(Pihole): + ''' confirms installer prompts to continue with custom policy warning ''' + # getenforce returns the running state of SELinux + mock_command('getenforce', {'*':('Enforcing', '0')}, Pihole) + # Whiptail dialog returns Cancel for user prompt + mock_command('whiptail', {'*':('', '0')}, Pihole) + check_selinux = Pihole.run(''' + source /opt/pihole/basic-install.sh + checkSelinux + ''') + assert info_box + ' SELinux mode detected: Enforcing' in check_selinux.stdout + assert info_box + ' Continuing installation with SELinux Enforcing' in check_selinux.stdout + assert info_box + ' Please refer to official SELinux documentation to create a custom policy' in check_selinux.stdout + assert check_selinux.rc == 0 + +def test_selinux_permissive(Pihole): + ''' confirms installer continues when SELinux is Permissive ''' + # getenforce returns the running state of SELinux + mock_command('getenforce', {'*':('Permissive', '0')}, Pihole) + check_selinux = Pihole.run(''' + source /opt/pihole/basic-install.sh + checkSelinux + ''') + assert info_box + ' SELinux mode detected: Permissive' in check_selinux.stdout + assert check_selinux.rc == 0 + +def test_selinux_disabled(Pihole): + ''' confirms installer continues when SELinux is Disabled ''' + mock_command('getenforce', {'*':('Disabled', '0')}, Pihole) + check_selinux = Pihole.run(''' + source /opt/pihole/basic-install.sh + checkSelinux + ''') + assert info_box + ' SELinux mode detected: Disabled' in check_selinux.stdout + assert check_selinux.rc == 0 + def test_installPiholeWeb_fresh_install_no_errors(Pihole): ''' confirms all web page assets from Core repo are installed on a fresh build ''' installWeb = Pihole.run(''' From b74fb3f179f6cc29f71d7284a86e9b4e1ea64134 Mon Sep 17 00:00:00 2001 From: Andrew Janke Date: Fri, 29 Jun 2018 00:28:43 +1000 Subject: [PATCH 0475/1602] typo fix --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 3152d9c1..2be62865 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -850,7 +850,7 @@ setDNS() { fi # Dialog for the user to enter custom upstream servers - piholeDNS=$(whiptail --backtitle "Specify Upstream DNS Provider(s)" --inputbox "Enter your desired upstream DNS provider(s), seperated by a comma.\\n\\nFor example '8.8.8.8, 8.8.4.4'" ${r} ${c} "${prePopulate}" 3>&1 1>&2 2>&3) || \ + piholeDNS=$(whiptail --backtitle "Specify Upstream DNS Provider(s)" --inputbox "Enter your desired upstream DNS provider(s), separated by a comma.\\n\\nFor example '8.8.8.8, 8.8.4.4'" ${r} ${c} "${prePopulate}" 3>&1 1>&2 2>&3) || \ { echo -e " ${COL_LIGHT_RED}Cancel was selected, exiting installer${COL_NC}"; exit 1; } # PIHOLE_DNS_1=$(echo "${piholeDNS}" | sed 's/[, \t]\+/,/g' | awk -F, '{print$1}') From 55175087c4738063b2c778befbc6517bd74c6c14 Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Thu, 28 Jun 2018 22:52:44 -0400 Subject: [PATCH 0476/1602] Set regex file permissions for web access Signed-off-by: Mcat12 --- gravity.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/gravity.sh b/gravity.sh index 0f64be68..aaab6237 100755 --- a/gravity.sh +++ b/gravity.sh @@ -644,6 +644,11 @@ if [[ "${skipDownload}" == false ]] || [[ "${listType}" == "whitelist" ]]; then gravity_Whitelist fi +# Set proper permissions on the regex file +touch "${regexFile}" +chown pihole:www-data "${regexFile}" +chmod 664 "${regexFile}" + convert_wildcard_to_regex gravity_ShowBlockCount From cffb4de83b99361a46ced3ba33253fe69c987075 Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Thu, 28 Jun 2018 22:59:15 -0400 Subject: [PATCH 0477/1602] Use strict grep instead of regex for duplicates Signed-off-by: Mcat12 --- advanced/Scripts/list.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh index a54d7dc8..3a9c8ece 100755 --- a/advanced/Scripts/list.sh +++ b/advanced/Scripts/list.sh @@ -133,7 +133,7 @@ AddDomain() { bool=true # Is the domain in the list? # Search only for exactly matching lines - grep -E "^${domain}$" "${regexlist}" > /dev/null 2>&1 || bool=false + grep -Fx "${domain}" "${regexlist}" > /dev/null 2>&1 || bool=false if [[ "${bool}" == false ]]; then if [[ "${verbose}" == true ]]; then @@ -177,7 +177,7 @@ RemoveDomain() { [[ -z "${type}" ]] && type="--wildcard-only" bool=true # Is it in the list? - grep -E "^${domain}$" "${regexlist}" > /dev/null 2>&1 || bool=false + grep -Fx "${domain}" "${regexlist}" > /dev/null 2>&1 || bool=false if [[ "${bool}" == true ]]; then # Remove it from the other one echo -e " ${INFO} Removing $1 from regex list..." From 8435eeed4dc5b7bf62dd56a8db3c0760e78afd90 Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Thu, 28 Jun 2018 23:21:01 -0400 Subject: [PATCH 0478/1602] Don't validate regex domains Signed-off-by: Mcat12 --- advanced/Scripts/list.sh | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh index 3a9c8ece..04eed7db 100755 --- a/advanced/Scripts/list.sh +++ b/advanced/Scripts/list.sh @@ -66,10 +66,14 @@ HandleOther() { # Convert to lowercase domain="${1,,}" - # Check validity of domain + # Check validity of domain (don't check for regex entries) if [[ "${#domain}" -le 253 ]]; then - validDomain=$(grep -P "^((-|_)*[a-z\d]((-|_)*[a-z\d])*(-|_)*)(\.(-|_)*([a-z\d]((-|_)*[a-z\d])*))*$" <<< "${domain}") # Valid chars check - validDomain=$(grep -P "^[^\.]{1,63}(\.[^\.]{1,63})*$" <<< "${validDomain}") # Length of each label + if [[ "${listMain}" == "${regexlist}" ]]; then + validDomain="" + else + validDomain=$(grep -P "^((-|_)*[a-z\d]((-|_)*[a-z\d])*(-|_)*)(\.(-|_)*([a-z\d]((-|_)*[a-z\d])*))*$" <<< "${domain}") # Valid chars check + validDomain=$(grep -P "^[^\.]{1,63}(\.[^\.]{1,63})*$" <<< "${validDomain}") # Length of each label + fi fi if [[ -n "${validDomain}" ]]; then From 4a953b66e0e989307dcfd1114cd06b8f1f242ffa Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Fri, 29 Jun 2018 22:51:37 -0400 Subject: [PATCH 0479/1602] Make removing regex domains work correctly Signed-off-by: Mcat12 --- advanced/Scripts/list.sh | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh index 04eed7db..38eea69f 100755 --- a/advanced/Scripts/list.sh +++ b/advanced/Scripts/list.sh @@ -69,7 +69,7 @@ HandleOther() { # Check validity of domain (don't check for regex entries) if [[ "${#domain}" -le 253 ]]; then if [[ "${listMain}" == "${regexlist}" ]]; then - validDomain="" + validDomain="${domain}" else validDomain=$(grep -P "^((-|_)*[a-z\d]((-|_)*[a-z\d])*(-|_)*)(\.(-|_)*([a-z\d]((-|_)*[a-z\d])*))*$" <<< "${domain}") # Valid chars check validDomain=$(grep -P "^[^\.]{1,63}(\.[^\.]{1,63})*$" <<< "${validDomain}") # Length of each label @@ -185,8 +185,9 @@ RemoveDomain() { if [[ "${bool}" == true ]]; then # Remove it from the other one echo -e " ${INFO} Removing $1 from regex list..." - # /I flag: search case-insensitive - sed -i "/${domain}/Id" "${list}" + local lineNumber + lineNumber=$(grep -Fnx "$1" "${list}" | cut -f1 -d:) + sed -i "${lineNumber}d" "${list}" reload=true else if [[ "${verbose}" == true ]]; then From 0decc37b5ad7371f5faa0c4cd1012e8ddab3b9f9 Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Fri, 29 Jun 2018 22:55:00 -0400 Subject: [PATCH 0480/1602] Appease stickler Signed-off-by: Mcat12 --- advanced/Scripts/list.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh index 38eea69f..b2a15434 100755 --- a/advanced/Scripts/list.sh +++ b/advanced/Scripts/list.sh @@ -71,8 +71,8 @@ HandleOther() { if [[ "${listMain}" == "${regexlist}" ]]; then validDomain="${domain}" else - validDomain=$(grep -P "^((-|_)*[a-z\d]((-|_)*[a-z\d])*(-|_)*)(\.(-|_)*([a-z\d]((-|_)*[a-z\d])*))*$" <<< "${domain}") # Valid chars check - validDomain=$(grep -P "^[^\.]{1,63}(\.[^\.]{1,63})*$" <<< "${validDomain}") # Length of each label + validDomain=$(grep -P "^((-|_)*[a-z\\d]((-|_)*[a-z\\d])*(-|_)*)(\\.(-|_)*([a-z\\d]((-|_)*[a-z\\d])*))*$" <<< "${domain}") # Valid chars check + validDomain=$(grep -P "^[^\\.]{1,63}(\\.[^\\.]{1,63})*$" <<< "${validDomain}") # Length of each label fi fi From 3077c22e4fa9cd7ebf69f759df3f70e03d53e67e Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Fri, 29 Jun 2018 23:10:49 -0400 Subject: [PATCH 0481/1602] Change help strings from wildcard to regex blacklist Signed-off-by: Mcat12 --- advanced/Scripts/list.sh | 2 +- pihole | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh index b2a15434..bd80c3d8 100755 --- a/advanced/Scripts/list.sh +++ b/advanced/Scripts/list.sh @@ -33,7 +33,7 @@ helpFunc() { type="white" elif [[ "${listMain}" == "${regexlist}" ]]; then param="wild" - type="wildcard black" + type="regex black" else param="b" type="black" diff --git a/pihole b/pihole index b3f532af..8cda6938 100755 --- a/pihole +++ b/pihole @@ -599,7 +599,7 @@ Add '-h' after specific commands for more information on usage Whitelist/Blacklist Options: -w, whitelist Whitelist domain(s) -b, blacklist Blacklist domain(s) - -wild, wildcard Blacklist domain(s), and all its subdomains + -wild, wildcard Regex blacklist domain(s) Add '-h' for more info on whitelist/blacklist usage Debugging Options: From 61f0cbe10a1bd9f61b4f9307a2d4d41c765bc278 Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Fri, 29 Jun 2018 23:34:15 -0400 Subject: [PATCH 0482/1602] Update pihole man page for regex Signed-off-by: Mcat12 --- manpages/pihole.8 | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/manpages/pihole.8 b/manpages/pihole.8 index 54bf4a31..76ca0c7c 100644 --- a/manpages/pihole.8 +++ b/manpages/pihole.8 @@ -68,7 +68,7 @@ Available commands and options: \fB-wild, wildcard\fR [options] [ ] .br - Add or removes specified domain, and all subdomains to the blacklist + Add or removes specified regex pattern to the regex blacklist .br (Whitelist/Blacklist manipulation options): @@ -167,9 +167,9 @@ Available commands and options: Show a help dialog .br -\fB-l, logging\fR [on|off|off noflush] +\fB-l, logging\fR [on|off|off noflush] .br - Specify whether the Pi-hole log should be used + Specify whether the Pi-hole log should be used .br (Logging options): @@ -193,7 +193,7 @@ Available commands and options: .br Show installed versions of Pi-hole, Web Interface & FTL .br - + .br (repo options): .br @@ -232,7 +232,7 @@ Available commands and options: Disable Pi-hole subsystems, optionally for a set duration .br - (time options): + (time options): .br #s Disable Pi-hole functionality for # second(s) .br @@ -275,9 +275,9 @@ Some usage examples \fBpihole -w iloveads.example.com\fR Add "iloveads.example.com" to whitelist .br - \fBpihole -b -d noads.example.com\fR Remove "noads.example.com" from blacklist + \fBpihole -b -d noads.example.com\fR Remove "noads.example.com" from blacklist .br - \fBpihole -wild example.com\fR Add "example.com" as wildcard - would block ads.example.com, www.example.com etc. + \fBpihole -wild ^example.*$\fR Add "^example.*$" as a regex pattern - would block all domains starting with "example" .br Changing the Web Interface password From f8680520629692a35096e60f8cf8da2d219d8653 Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Sat, 30 Jun 2018 15:50:43 -0400 Subject: [PATCH 0483/1602] Fix incorrect variable string substitution Signed-off-by: Mcat12 --- advanced/Scripts/query.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/query.sh b/advanced/Scripts/query.sh index 5dc80f6b..e36a9d2b 100644 --- a/advanced/Scripts/query.sh +++ b/advanced/Scripts/query.sh @@ -169,7 +169,7 @@ fi # Get adlist file content as array if [[ -n "${adlist}" ]] || [[ -n "${blockpage}" ]]; then - for adlistUrl in $(< "adListsList"); do + for adlistUrl in $(< "${adListsList}"); do if [[ "${adlistUrl:0:4}" =~ (http|www.) ]]; then adlists+=("${adlistUrl}") fi From 4763969c8f4a2651995cb4dc55b87e6159ea08ea Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Sat, 30 Jun 2018 22:03:53 -0400 Subject: [PATCH 0484/1602] Move processWildcards to query.sh Closes #2255 Signed-off-by: Mcat12 --- advanced/Scripts/query.sh | 17 +++++++++++++++++ pihole | 17 ----------------- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/advanced/Scripts/query.sh b/advanced/Scripts/query.sh index e36a9d2b..6bd37079 100644 --- a/advanced/Scripts/query.sh +++ b/advanced/Scripts/query.sh @@ -23,6 +23,23 @@ matchType="match" colfile="/opt/pihole/COL_TABLE" source "${colfile}" +# Print each subdomain +# e.g: foo.bar.baz.com = "foo.bar.baz.com bar.baz.com baz.com com" +processWildcards() { + IFS="." read -r -a array <<< "${1}" + for (( i=${#array[@]}-1; i>=0; i-- )); do + ar="" + for (( j=${#array[@]}-1; j>${#array[@]}-i-2; j-- )); do + if [[ $j == $((${#array[@]}-1)) ]]; then + ar="${array[$j]}" + else + ar="${array[$j]}.${ar}" + fi + done + echo "${ar}" + done +} + # Scan an array of files for matching strings scanList(){ # Escape full stops diff --git a/pihole b/pihole index 21329849..0ee0c22f 100755 --- a/pihole +++ b/pihole @@ -86,23 +86,6 @@ updateGravityFunc() { exit 0 } -# Print each subdomain -# e.g: foo.bar.baz.com = "foo.bar.baz.com bar.baz.com baz.com com" -processWildcards() { - IFS="." read -r -a array <<< "${1}" - for (( i=${#array[@]}-1; i>=0; i-- )); do - ar="" - for (( j=${#array[@]}-1; j>${#array[@]}-i-2; j-- )); do - if [[ $j == $((${#array[@]}-1)) ]]; then - ar="${array[$j]}" - else - ar="${array[$j]}.${ar}" - fi - done - echo "${ar}" - done -} - queryFunc() { shift "${PI_HOLE_SCRIPT_DIR}"/query.sh "$@" From 7ddae8f2eb94fa751b346c24d8c256706f81ba0f Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Mon, 2 Jul 2018 19:59:22 +1000 Subject: [PATCH 0485/1602] Treat URLs without a protocol as HTTP Signed off by WaLLy3K --- gravity.sh | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/gravity.sh b/gravity.sh index dfcb753a..b7089ed1 100755 --- a/gravity.sh +++ b/gravity.sh @@ -218,8 +218,15 @@ gravity_DownloadBlocklistFromUrl() { httpCode=$(curl -s -L ${cmd_ext} ${heisenbergCompensator} -w "%{http_code}" -A "${agent}" "${url}" -o "${patternBuffer}" 2> /dev/null) case $url in + # Did we "download" a local file? + "file"*) + if [[ -s "${patternBuffer}" ]]; then + echo -e "${OVER} ${TICK} ${str} Retrieval successful"; success=true + else + echo -e "${OVER} ${CROSS} ${str} Not found / empty list" + fi;; # Did we "download" a remote file? - "http"*) + *) # Determine "Status:" output based on HTTP response case "${httpCode}" in "200") echo -e "${OVER} ${TICK} ${str} Retrieval successful"; success=true;; @@ -233,16 +240,8 @@ gravity_DownloadBlocklistFromUrl() { "504") echo -e "${OVER} ${CROSS} ${str} Connection Timed Out (Gateway)";; "521") echo -e "${OVER} ${CROSS} ${str} Web Server Is Down (Cloudflare)";; "522") echo -e "${OVER} ${CROSS} ${str} Connection Timed Out (Cloudflare)";; - * ) echo -e "${OVER} ${CROSS} ${str} ${httpCode}";; + * ) echo -e "${OVER} ${CROSS} ${str} ${url} (${httpCode})";; esac;; - # Did we "download" a local file? - "file"*) - if [[ -s "${patternBuffer}" ]]; then - echo -e "${OVER} ${TICK} ${str} Retrieval successful"; success=true - else - echo -e "${OVER} ${CROSS} ${str} Not found / empty list" - fi;; - *) echo -e "${OVER} ${CROSS} ${str} ${url} ${httpCode}";; esac # Determine if the blocklist was downloaded and saved correctly From 4468d81472cf43cb4d83909d3ca642499b6660a2 Mon Sep 17 00:00:00 2001 From: bcambl Date: Mon, 2 Jul 2018 14:54:19 -0600 Subject: [PATCH 0486/1602] python linting: 2 lines prior to defs (E302) Signed-off-by: bcambl --- test/conftest.py | 6 ++++++ test/test_000_build_containers.py | 1 + test/test_automated_install.py | 33 +++++++++++++++++++++++++++++++ test/test_shellcheck.py | 1 + 4 files changed, 41 insertions(+) diff --git a/test/conftest.py b/test/conftest.py index 5960cc24..44e0a4a4 100644 --- a/test/conftest.py +++ b/test/conftest.py @@ -5,6 +5,7 @@ check_output = testinfra.get_backend( "local://" ).get_module("Command").check_output + @pytest.fixture def Pihole(Docker): ''' used to contain some script stubbing, now pretty much an alias. @@ -25,6 +26,7 @@ def Pihole(Docker): Docker.run = funcType(run_bash, Docker, testinfra.backend.docker.DockerBackend) return Docker + @pytest.fixture def Docker(request, args, image, cmd): ''' combine our fixtures into a docker run command and setup finalizer to cleanup ''' @@ -40,21 +42,25 @@ def Docker(request, args, image, cmd): docker_container.id = docker_id return docker_container + @pytest.fixture def args(request): ''' -t became required when tput began being used ''' return '-t -d' + @pytest.fixture(params=['debian', 'centos']) def tag(request): ''' consumed by image to make the test matrix ''' return request.param + @pytest.fixture() def image(request, tag): ''' built by test_000_build_containers.py ''' return 'pytest_pihole:{}'.format(tag) + @pytest.fixture() def cmd(request): ''' default to doing nothing by tailing null, but don't exit ''' diff --git a/test/test_000_build_containers.py b/test/test_000_build_containers.py index c617f3ae..725136d8 100644 --- a/test/test_000_build_containers.py +++ b/test/test_000_build_containers.py @@ -6,6 +6,7 @@ run_local = testinfra.get_backend( "local://" ).get_module("Command").run + @pytest.mark.parametrize("image,tag", [ ( 'test/debian.Dockerfile', 'pytest_pihole:debian' ), ( 'test/centos.Dockerfile', 'pytest_pihole:centos' ), diff --git a/test/test_automated_install.py b/test/test_automated_install.py index 684b7004..f7b8702d 100644 --- a/test/test_automated_install.py +++ b/test/test_automated_install.py @@ -13,6 +13,7 @@ tick_box="[\x1b[1;32m\xe2\x9c\x93\x1b[0m]".decode("utf-8") cross_box="[\x1b[1;31m\xe2\x9c\x97\x1b[0m]".decode("utf-8") info_box="[i]".decode("utf-8") + def test_setupVars_are_sourced_to_global_scope(Pihole): ''' currently update_dialogs sources setupVars with a dot, then various other functions use the variables. @@ -46,6 +47,7 @@ def test_setupVars_are_sourced_to_global_scope(Pihole): for k,v in SETUPVARS.iteritems(): assert "{}={}".format(k, v) in output + def test_setupVars_saved_to_file(Pihole): ''' confirm saved settings are written to a file for future updates to re-use ''' set_setup_vars = '\n' # dedent works better with this and padding matching script below @@ -70,6 +72,7 @@ def test_setupVars_saved_to_file(Pihole): for k,v in SETUPVARS.iteritems(): assert "{}={}".format(k, v) in output + def test_configureFirewall_firewalld_running_no_errors(Pihole): ''' confirms firewalld rules are applied when firewallD is running ''' # firewallD returns 'running' as status @@ -87,6 +90,7 @@ def test_configureFirewall_firewalld_running_no_errors(Pihole): assert 'firewall-cmd --permanent --add-service=http --add-service=dns' in firewall_calls assert 'firewall-cmd --reload' in firewall_calls + def test_configureFirewall_firewalld_disabled_no_errors(Pihole): ''' confirms firewalld rules are not applied when firewallD is not running ''' # firewallD returns non-running status @@ -98,6 +102,7 @@ def test_configureFirewall_firewalld_disabled_no_errors(Pihole): expected_stdout = 'No active firewall detected.. skipping firewall configuration' assert expected_stdout in configureFirewall.stdout + def test_configureFirewall_firewalld_enabled_declined_no_errors(Pihole): ''' confirms firewalld rules are not applied when firewallD is running, user declines ruleset ''' # firewallD returns running status @@ -111,6 +116,7 @@ def test_configureFirewall_firewalld_enabled_declined_no_errors(Pihole): expected_stdout = 'Not installing firewall rulesets.' assert expected_stdout in configureFirewall.stdout + def test_configureFirewall_no_firewall(Pihole): ''' confirms firewall skipped no daemon is running ''' configureFirewall = Pihole.run(''' @@ -120,6 +126,7 @@ def test_configureFirewall_no_firewall(Pihole): expected_stdout = 'No active firewall detected' assert expected_stdout in configureFirewall.stdout + def test_configureFirewall_IPTables_enabled_declined_no_errors(Pihole): ''' confirms IPTables rules are not applied when IPTables is running, user declines ruleset ''' # iptables command exists @@ -135,6 +142,7 @@ def test_configureFirewall_IPTables_enabled_declined_no_errors(Pihole): expected_stdout = 'Not installing firewall rulesets.' assert expected_stdout in configureFirewall.stdout + def test_configureFirewall_IPTables_enabled_rules_exist_no_errors(Pihole): ''' confirms IPTables rules are not applied when IPTables is running and rules exist ''' # iptables command exists and returns 0 on calls (should return 0 on iptables -C) @@ -154,6 +162,7 @@ def test_configureFirewall_IPTables_enabled_rules_exist_no_errors(Pihole): assert 'iptables -I INPUT 1 -p tcp -m tcp --dport 53 -j ACCEPT' not in firewall_calls assert 'iptables -I INPUT 1 -p udp -m udp --dport 53 -j ACCEPT' not in firewall_calls + def test_configureFirewall_IPTables_enabled_not_exist_no_errors(Pihole): ''' confirms IPTables rules are applied when IPTables is running and rules do not exist ''' # iptables command and returns 0 on calls (should return 1 on iptables -C) @@ -173,6 +182,7 @@ def test_configureFirewall_IPTables_enabled_not_exist_no_errors(Pihole): assert 'iptables -I INPUT 1 -p tcp -m tcp --dport 53 -j ACCEPT' in firewall_calls assert 'iptables -I INPUT 1 -p udp -m udp --dport 53 -j ACCEPT' in firewall_calls + def test_selinux_enforcing_default_exit(Pihole): ''' confirms installer prompts to exit when SELinux is Enforcing by default ''' # getenforce returns the running state of SELinux @@ -187,6 +197,7 @@ def test_selinux_enforcing_default_exit(Pihole): assert 'SELinux Enforcing detected, exiting installer' in check_selinux.stdout assert check_selinux.rc == 1 + def test_selinux_enforcing_continue(Pihole): ''' confirms installer prompts to continue with custom policy warning ''' # getenforce returns the running state of SELinux @@ -202,6 +213,7 @@ def test_selinux_enforcing_continue(Pihole): assert info_box + ' Please refer to official SELinux documentation to create a custom policy' in check_selinux.stdout assert check_selinux.rc == 0 + def test_selinux_permissive(Pihole): ''' confirms installer continues when SELinux is Permissive ''' # getenforce returns the running state of SELinux @@ -213,6 +225,7 @@ def test_selinux_permissive(Pihole): assert info_box + ' SELinux mode detected: Permissive' in check_selinux.stdout assert check_selinux.rc == 0 + def test_selinux_disabled(Pihole): ''' confirms installer continues when SELinux is Disabled ''' mock_command('getenforce', {'*':('Disabled', '0')}, Pihole) @@ -223,6 +236,7 @@ def test_selinux_disabled(Pihole): assert info_box + ' SELinux mode detected: Disabled' in check_selinux.stdout assert check_selinux.rc == 0 + def test_installPiholeWeb_fresh_install_no_errors(Pihole): ''' confirms all web page assets from Core repo are installed on a fresh build ''' installWeb = Pihole.run(''' @@ -238,6 +252,7 @@ def test_installPiholeWeb_fresh_install_no_errors(Pihole): assert 'index.php' in web_directory assert 'blockingpage.css' in web_directory + def test_update_package_cache_success_no_errors(Pihole): ''' confirms package cache was updated without any errors''' updateCache = Pihole.run(''' @@ -248,6 +263,7 @@ def test_update_package_cache_success_no_errors(Pihole): assert tick_box + ' Update local cache of available packages' in updateCache.stdout assert 'Error: Unable to update package cache.' not in updateCache.stdout + def test_update_package_cache_failure_no_errors(Pihole): ''' confirms package cache was not updated''' mock_command('apt-get', {'update':('', '1')}, Pihole) @@ -259,6 +275,7 @@ def test_update_package_cache_failure_no_errors(Pihole): assert cross_box + ' Update local cache of available packages' in updateCache.stdout assert 'Error: Unable to update package cache.' in updateCache.stdout + def test_FTL_detect_aarch64_no_errors(Pihole): ''' confirms only aarch64 package is downloaded for FTL engine ''' # mock uname to return aarch64 platform @@ -276,6 +293,7 @@ def test_FTL_detect_aarch64_no_errors(Pihole): expected_stdout = tick_box + ' Downloading and Installing FTL' assert expected_stdout in detectPlatform.stdout + def test_FTL_detect_armv6l_no_errors(Pihole): ''' confirms only armv6l package is downloaded for FTL engine ''' # mock uname to return armv6l platform @@ -293,6 +311,7 @@ def test_FTL_detect_armv6l_no_errors(Pihole): expected_stdout = tick_box + ' Downloading and Installing FTL' assert expected_stdout in detectPlatform.stdout + def test_FTL_detect_armv7l_no_errors(Pihole): ''' confirms only armv7l package is downloaded for FTL engine ''' # mock uname to return armv7l platform @@ -310,6 +329,7 @@ def test_FTL_detect_armv7l_no_errors(Pihole): expected_stdout = tick_box + ' Downloading and Installing FTL' assert expected_stdout in detectPlatform.stdout + def test_FTL_detect_x86_64_no_errors(Pihole): ''' confirms only x86_64 package is downloaded for FTL engine ''' detectPlatform = Pihole.run(''' @@ -323,6 +343,7 @@ def test_FTL_detect_x86_64_no_errors(Pihole): expected_stdout = tick_box + ' Downloading and Installing FTL' assert expected_stdout in detectPlatform.stdout + def test_FTL_detect_unknown_no_errors(Pihole): ''' confirms only generic package is downloaded for FTL engine ''' # mock uname to return generic platform @@ -334,6 +355,7 @@ def test_FTL_detect_unknown_no_errors(Pihole): expected_stdout = 'Not able to detect architecture (unknown: mips)' assert expected_stdout in detectPlatform.stdout + def test_FTL_download_aarch64_no_errors(Pihole): ''' confirms only aarch64 package is downloaded for FTL engine ''' # mock uname to return generic platform @@ -348,6 +370,7 @@ def test_FTL_download_aarch64_no_errors(Pihole): error = 'Error: URL not found' assert error not in download_binary.stdout + def test_FTL_download_unknown_fails_no_errors(Pihole): ''' confirms unknown binary is not downloaded for FTL engine ''' # mock uname to return generic platform @@ -360,6 +383,7 @@ def test_FTL_download_unknown_fails_no_errors(Pihole): error = 'Error: URL not found' assert error in download_binary.stdout + def test_FTL_binary_installed_and_responsive_no_errors(Pihole): ''' confirms FTL binary is copied and functional in installed location ''' installed_binary = Pihole.run(''' @@ -370,6 +394,7 @@ def test_FTL_binary_installed_and_responsive_no_errors(Pihole): expected_stdout = 'v' assert expected_stdout in installed_binary.stdout + # def test_FTL_support_files_installed(Pihole): # ''' confirms FTL support files are installed ''' # support_files = Pihole.run(''' @@ -384,6 +409,7 @@ def test_FTL_binary_installed_and_responsive_no_errors(Pihole): # assert '644 /run/pihole-FTL.pid' in support_files.stdout # assert '644 /var/log/pihole-FTL.log' in support_files.stdout + def test_IPv6_only_link_local(Pihole): ''' confirms IPv6 blocking is disabled for Link-local address ''' # mock ip -6 address to return Link-local address @@ -395,6 +421,7 @@ def test_IPv6_only_link_local(Pihole): expected_stdout = 'Unable to find IPv6 ULA/GUA address, IPv6 adblocking will not be enabled' assert expected_stdout in detectPlatform.stdout + def test_IPv6_only_ULA(Pihole): ''' confirms IPv6 blocking is enabled for ULA addresses ''' # mock ip -6 address to return ULA address @@ -406,6 +433,7 @@ def test_IPv6_only_ULA(Pihole): expected_stdout = 'Found IPv6 ULA address, using it for blocking IPv6 ads' assert expected_stdout in detectPlatform.stdout + def test_IPv6_only_GUA(Pihole): ''' confirms IPv6 blocking is enabled for GUA addresses ''' # mock ip -6 address to return GUA address @@ -417,6 +445,7 @@ def test_IPv6_only_GUA(Pihole): expected_stdout = 'Found IPv6 GUA address, using it for blocking IPv6 ads' assert expected_stdout in detectPlatform.stdout + def test_IPv6_GUA_ULA_test(Pihole): ''' confirms IPv6 blocking is enabled for GUA and ULA addresses ''' # mock ip -6 address to return GUA and ULA addresses @@ -428,6 +457,7 @@ def test_IPv6_GUA_ULA_test(Pihole): expected_stdout = 'Found IPv6 ULA address, using it for blocking IPv6 ads' assert expected_stdout in detectPlatform.stdout + def test_IPv6_ULA_GUA_test(Pihole): ''' confirms IPv6 blocking is enabled for GUA and ULA addresses ''' # mock ip -6 address to return ULA and GUA addresses @@ -439,6 +469,7 @@ def test_IPv6_ULA_GUA_test(Pihole): expected_stdout = 'Found IPv6 ULA address, using it for blocking IPv6 ads' assert expected_stdout in detectPlatform.stdout + # Helper functions def mock_command(script, args, container): ''' Allows for setup of commands we don't really want to have to run for real in unit tests ''' @@ -461,6 +492,7 @@ def mock_command(script, args, container): chmod +x {script} rm -f /var/log/{scriptlog}'''.format(script=full_script_path, content=mock_script, scriptlog=script)) + def mock_command_2(script, args, container): ''' Allows for setup of commands we don't really want to have to run for real in unit tests ''' full_script_path = '/usr/local/bin/{}'.format(script) @@ -482,6 +514,7 @@ def mock_command_2(script, args, container): chmod +x {script} rm -f /var/log/{scriptlog}'''.format(script=full_script_path, content=mock_script, scriptlog=script)) + def run_script(Pihole, script): result = Pihole.run(script) assert result.rc == 0 diff --git a/test/test_shellcheck.py b/test/test_shellcheck.py index 5b1a8961..0bd03f36 100644 --- a/test/test_shellcheck.py +++ b/test/test_shellcheck.py @@ -5,6 +5,7 @@ run_local = testinfra.get_backend( "local://" ).get_module("Command").run + def test_scripts_pass_shellcheck(): ''' Make sure shellcheck does not find anything wrong with our shell scripts ''' shellcheck = "find . -type f -name 'update.sh' | while read file; do shellcheck -x \"$file\" -e SC1090,SC1091; done;" From da3dfd0998c1cd86afdf3ecf6cec7bc95b77ac57 Mon Sep 17 00:00:00 2001 From: bcambl Date: Mon, 2 Jul 2018 15:25:51 -0600 Subject: [PATCH 0487/1602] python linting: missing whitespace after ':' (E231) Signed-off-by: bcambl --- test/test_automated_install.py | 66 +++++++++++++++++----------------- 1 file changed, 33 insertions(+), 33 deletions(-) diff --git a/test/test_automated_install.py b/test/test_automated_install.py index f7b8702d..55709af9 100644 --- a/test/test_automated_install.py +++ b/test/test_automated_install.py @@ -76,9 +76,9 @@ def test_setupVars_saved_to_file(Pihole): def test_configureFirewall_firewalld_running_no_errors(Pihole): ''' confirms firewalld rules are applied when firewallD is running ''' # firewallD returns 'running' as status - mock_command('firewall-cmd', {'*':('running', 0)}, Pihole) + mock_command('firewall-cmd', {'*': ('running', 0)}, Pihole) # Whiptail dialog returns Ok for user prompt - mock_command('whiptail', {'*':('', 0)}, Pihole) + mock_command('whiptail', {'*': ('', 0)}, Pihole) configureFirewall = Pihole.run(''' source /opt/pihole/basic-install.sh configureFirewall @@ -94,7 +94,7 @@ def test_configureFirewall_firewalld_running_no_errors(Pihole): def test_configureFirewall_firewalld_disabled_no_errors(Pihole): ''' confirms firewalld rules are not applied when firewallD is not running ''' # firewallD returns non-running status - mock_command('firewall-cmd', {'*':('not running', '1')}, Pihole) + mock_command('firewall-cmd', {'*': ('not running', '1')}, Pihole) configureFirewall = Pihole.run(''' source /opt/pihole/basic-install.sh configureFirewall @@ -106,9 +106,9 @@ def test_configureFirewall_firewalld_disabled_no_errors(Pihole): def test_configureFirewall_firewalld_enabled_declined_no_errors(Pihole): ''' confirms firewalld rules are not applied when firewallD is running, user declines ruleset ''' # firewallD returns running status - mock_command('firewall-cmd', {'*':('running', 0)}, Pihole) + mock_command('firewall-cmd', {'*': ('running', 0)}, Pihole) # Whiptail dialog returns Cancel for user prompt - mock_command('whiptail', {'*':('', 1)}, Pihole) + mock_command('whiptail', {'*': ('', 1)}, Pihole) configureFirewall = Pihole.run(''' source /opt/pihole/basic-install.sh configureFirewall @@ -130,11 +130,11 @@ def test_configureFirewall_no_firewall(Pihole): def test_configureFirewall_IPTables_enabled_declined_no_errors(Pihole): ''' confirms IPTables rules are not applied when IPTables is running, user declines ruleset ''' # iptables command exists - mock_command('iptables', {'*':('', '0')}, Pihole) + mock_command('iptables', {'*': ('', '0')}, Pihole) # modinfo returns always true (ip_tables module check) - mock_command('modinfo', {'*':('', '0')}, Pihole) + mock_command('modinfo', {'*': ('', '0')}, Pihole) # Whiptail dialog returns Cancel for user prompt - mock_command('whiptail', {'*':('', '1')}, Pihole) + mock_command('whiptail', {'*': ('', '1')}, Pihole) configureFirewall = Pihole.run(''' source /opt/pihole/basic-install.sh configureFirewall @@ -146,11 +146,11 @@ def test_configureFirewall_IPTables_enabled_declined_no_errors(Pihole): def test_configureFirewall_IPTables_enabled_rules_exist_no_errors(Pihole): ''' confirms IPTables rules are not applied when IPTables is running and rules exist ''' # iptables command exists and returns 0 on calls (should return 0 on iptables -C) - mock_command('iptables', {'-S':('-P INPUT DENY', '0')}, Pihole) + mock_command('iptables', {'-S': ('-P INPUT DENY', '0')}, Pihole) # modinfo returns always true (ip_tables module check) - mock_command('modinfo', {'*':('', '0')}, Pihole) + mock_command('modinfo', {'*': ('', '0')}, Pihole) # Whiptail dialog returns Cancel for user prompt - mock_command('whiptail', {'*':('', '0')}, Pihole) + mock_command('whiptail', {'*': ('', '0')}, Pihole) configureFirewall = Pihole.run(''' source /opt/pihole/basic-install.sh configureFirewall @@ -166,11 +166,11 @@ def test_configureFirewall_IPTables_enabled_rules_exist_no_errors(Pihole): def test_configureFirewall_IPTables_enabled_not_exist_no_errors(Pihole): ''' confirms IPTables rules are applied when IPTables is running and rules do not exist ''' # iptables command and returns 0 on calls (should return 1 on iptables -C) - mock_command('iptables', {'-S':('-P INPUT DENY', '0'), '-C':('', 1), '-I':('', 0)}, Pihole) + mock_command('iptables', {'-S': ('-P INPUT DENY', '0'), '-C': ('', 1), '-I': ('', 0)}, Pihole) # modinfo returns always true (ip_tables module check) - mock_command('modinfo', {'*':('', '0')}, Pihole) + mock_command('modinfo', {'*': ('', '0')}, Pihole) # Whiptail dialog returns Cancel for user prompt - mock_command('whiptail', {'*':('', '0')}, Pihole) + mock_command('whiptail', {'*': ('', '0')}, Pihole) configureFirewall = Pihole.run(''' source /opt/pihole/basic-install.sh configureFirewall @@ -186,9 +186,9 @@ def test_configureFirewall_IPTables_enabled_not_exist_no_errors(Pihole): def test_selinux_enforcing_default_exit(Pihole): ''' confirms installer prompts to exit when SELinux is Enforcing by default ''' # getenforce returns the running state of SELinux - mock_command('getenforce', {'*':('Enforcing', '0')}, Pihole) + mock_command('getenforce', {'*': ('Enforcing', '0')}, Pihole) # Whiptail dialog returns Cancel for user prompt - mock_command('whiptail', {'*':('', '1')}, Pihole) + mock_command('whiptail', {'*': ('', '1')}, Pihole) check_selinux = Pihole.run(''' source /opt/pihole/basic-install.sh checkSelinux @@ -201,9 +201,9 @@ def test_selinux_enforcing_default_exit(Pihole): def test_selinux_enforcing_continue(Pihole): ''' confirms installer prompts to continue with custom policy warning ''' # getenforce returns the running state of SELinux - mock_command('getenforce', {'*':('Enforcing', '0')}, Pihole) + mock_command('getenforce', {'*': ('Enforcing', '0')}, Pihole) # Whiptail dialog returns Cancel for user prompt - mock_command('whiptail', {'*':('', '0')}, Pihole) + mock_command('whiptail', {'*': ('', '0')}, Pihole) check_selinux = Pihole.run(''' source /opt/pihole/basic-install.sh checkSelinux @@ -217,7 +217,7 @@ def test_selinux_enforcing_continue(Pihole): def test_selinux_permissive(Pihole): ''' confirms installer continues when SELinux is Permissive ''' # getenforce returns the running state of SELinux - mock_command('getenforce', {'*':('Permissive', '0')}, Pihole) + mock_command('getenforce', {'*': ('Permissive', '0')}, Pihole) check_selinux = Pihole.run(''' source /opt/pihole/basic-install.sh checkSelinux @@ -228,7 +228,7 @@ def test_selinux_permissive(Pihole): def test_selinux_disabled(Pihole): ''' confirms installer continues when SELinux is Disabled ''' - mock_command('getenforce', {'*':('Disabled', '0')}, Pihole) + mock_command('getenforce', {'*': ('Disabled', '0')}, Pihole) check_selinux = Pihole.run(''' source /opt/pihole/basic-install.sh checkSelinux @@ -266,7 +266,7 @@ def test_update_package_cache_success_no_errors(Pihole): def test_update_package_cache_failure_no_errors(Pihole): ''' confirms package cache was not updated''' - mock_command('apt-get', {'update':('', '1')}, Pihole) + mock_command('apt-get', {'update': ('', '1')}, Pihole) updateCache = Pihole.run(''' source /opt/pihole/basic-install.sh distro_check @@ -279,9 +279,9 @@ def test_update_package_cache_failure_no_errors(Pihole): def test_FTL_detect_aarch64_no_errors(Pihole): ''' confirms only aarch64 package is downloaded for FTL engine ''' # mock uname to return aarch64 platform - mock_command('uname', {'-m':('aarch64', '0')}, Pihole) + mock_command('uname', {'-m': ('aarch64', '0')}, Pihole) # mock ldd to respond with aarch64 shared library - mock_command('ldd', {'/bin/ls':('/lib/ld-linux-aarch64.so.1', '0')}, Pihole) + mock_command('ldd', {'/bin/ls': ('/lib/ld-linux-aarch64.so.1', '0')}, Pihole) detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh FTLdetect @@ -297,9 +297,9 @@ def test_FTL_detect_aarch64_no_errors(Pihole): def test_FTL_detect_armv6l_no_errors(Pihole): ''' confirms only armv6l package is downloaded for FTL engine ''' # mock uname to return armv6l platform - mock_command('uname', {'-m':('armv6l', '0')}, Pihole) + mock_command('uname', {'-m': ('armv6l', '0')}, Pihole) # mock ldd to respond with aarch64 shared library - mock_command('ldd', {'/bin/ls':('/lib/ld-linux-armhf.so.3', '0')}, Pihole) + mock_command('ldd', {'/bin/ls': ('/lib/ld-linux-armhf.so.3', '0')}, Pihole) detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh FTLdetect @@ -315,9 +315,9 @@ def test_FTL_detect_armv6l_no_errors(Pihole): def test_FTL_detect_armv7l_no_errors(Pihole): ''' confirms only armv7l package is downloaded for FTL engine ''' # mock uname to return armv7l platform - mock_command('uname', {'-m':('armv7l', '0')}, Pihole) + mock_command('uname', {'-m': ('armv7l', '0')}, Pihole) # mock ldd to respond with aarch64 shared library - mock_command('ldd', {'/bin/ls':('/lib/ld-linux-armhf.so.3', '0')}, Pihole) + mock_command('ldd', {'/bin/ls': ('/lib/ld-linux-armhf.so.3', '0')}, Pihole) detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh FTLdetect @@ -347,7 +347,7 @@ def test_FTL_detect_x86_64_no_errors(Pihole): def test_FTL_detect_unknown_no_errors(Pihole): ''' confirms only generic package is downloaded for FTL engine ''' # mock uname to return generic platform - mock_command('uname', {'-m':('mips', '0')}, Pihole) + mock_command('uname', {'-m': ('mips', '0')}, Pihole) detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh FTLdetect @@ -413,7 +413,7 @@ def test_FTL_binary_installed_and_responsive_no_errors(Pihole): def test_IPv6_only_link_local(Pihole): ''' confirms IPv6 blocking is disabled for Link-local address ''' # mock ip -6 address to return Link-local address - mock_command_2('ip', {'-6 address':('inet6 fe80::d210:52fa:fe00:7ad7/64 scope link', '0')}, Pihole) + mock_command_2('ip', {'-6 address': ('inet6 fe80::d210:52fa:fe00:7ad7/64 scope link', '0')}, Pihole) detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh useIPv6dialog @@ -425,7 +425,7 @@ def test_IPv6_only_link_local(Pihole): def test_IPv6_only_ULA(Pihole): ''' confirms IPv6 blocking is enabled for ULA addresses ''' # mock ip -6 address to return ULA address - mock_command_2('ip', {'-6 address':('inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole) + mock_command_2('ip', {'-6 address': ('inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole) detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh useIPv6dialog @@ -437,7 +437,7 @@ def test_IPv6_only_ULA(Pihole): def test_IPv6_only_GUA(Pihole): ''' confirms IPv6 blocking is enabled for GUA addresses ''' # mock ip -6 address to return GUA address - mock_command_2('ip', {'-6 address':('inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole) + mock_command_2('ip', {'-6 address': ('inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole) detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh useIPv6dialog @@ -449,7 +449,7 @@ def test_IPv6_only_GUA(Pihole): def test_IPv6_GUA_ULA_test(Pihole): ''' confirms IPv6 blocking is enabled for GUA and ULA addresses ''' # mock ip -6 address to return GUA and ULA addresses - mock_command_2('ip', {'-6 address':('inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global\ninet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole) + mock_command_2('ip', {'-6 address': ('inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global\ninet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole) detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh useIPv6dialog @@ -461,7 +461,7 @@ def test_IPv6_GUA_ULA_test(Pihole): def test_IPv6_ULA_GUA_test(Pihole): ''' confirms IPv6 blocking is enabled for GUA and ULA addresses ''' # mock ip -6 address to return ULA and GUA addresses - mock_command_2('ip', {'-6 address':('inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global\ninet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole) + mock_command_2('ip', {'-6 address': ('inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global\ninet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole) detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh useIPv6dialog From c3d443aaffcf75bd2993358eb2e25a1bb33040d5 Mon Sep 17 00:00:00 2001 From: bcambl Date: Tue, 3 Jul 2018 00:05:24 -0600 Subject: [PATCH 0488/1602] python linting: lines > 79 characters (E501) Signed-off-by: bcambl --- test/conftest.py | 31 +++- test/test_automated_install.py | 307 ++++++++++++++++++++++++++------- test/test_shellcheck.py | 9 +- 3 files changed, 271 insertions(+), 76 deletions(-) diff --git a/test/conftest.py b/test/conftest.py index 44e0a4a4..80fea82b 100644 --- a/test/conftest.py +++ b/test/conftest.py @@ -8,8 +8,10 @@ check_output = testinfra.get_backend( @pytest.fixture def Pihole(Docker): - ''' used to contain some script stubbing, now pretty much an alias. - Also provides bash as the default run function shell ''' + ''' + used to contain some script stubbing, now pretty much an alias. + Also provides bash as the default run function shell + ''' def run_bash(self, command, *args, **kwargs): cmd = self.get_command(command, *args) if self.user is not None: @@ -23,13 +25,18 @@ def Pihole(Docker): return out funcType = type(Docker.run) - Docker.run = funcType(run_bash, Docker, testinfra.backend.docker.DockerBackend) + Docker.run = funcType(run_bash, + Docker, + testinfra.backend.docker.DockerBackend) return Docker @pytest.fixture def Docker(request, args, image, cmd): - ''' combine our fixtures into a docker run command and setup finalizer to cleanup ''' + ''' + combine our fixtures into a docker run command and setup finalizer to + cleanup + ''' assert 'docker' in check_output('id'), "Are you in the docker group?" docker_run = "docker run {} {} {}".format(args, image, cmd) docker_id = check_output(docker_run) @@ -45,23 +52,31 @@ def Docker(request, args, image, cmd): @pytest.fixture def args(request): - ''' -t became required when tput began being used ''' + ''' + -t became required when tput began being used + ''' return '-t -d' @pytest.fixture(params=['debian', 'centos']) def tag(request): - ''' consumed by image to make the test matrix ''' + ''' + consumed by image to make the test matrix + ''' return request.param @pytest.fixture() def image(request, tag): - ''' built by test_000_build_containers.py ''' + ''' + built by test_000_build_containers.py + ''' return 'pytest_pihole:{}'.format(tag) @pytest.fixture() def cmd(request): - ''' default to doing nothing by tailing null, but don't exit ''' + ''' + default to doing nothing by tailing null, but don't exit + ''' return 'tail -f /dev/null' diff --git a/test/test_automated_install.py b/test/test_automated_install.py index 55709af9..a604e197 100644 --- a/test/test_automated_install.py +++ b/test/test_automated_install.py @@ -15,9 +15,11 @@ info_box="[i]".decode("utf-8") def test_setupVars_are_sourced_to_global_scope(Pihole): - ''' currently update_dialogs sources setupVars with a dot, + ''' + currently update_dialogs sources setupVars with a dot, then various other functions use the variables. - This confirms the sourced variables are in scope between functions ''' + This confirms the sourced variables are in scope between functions + ''' setup_var_file = 'cat < /etc/pihole/setupVars.conf\n' for k,v in SETUPVARS.iteritems(): setup_var_file += "{}={}\n".format(k, v) @@ -49,8 +51,11 @@ def test_setupVars_are_sourced_to_global_scope(Pihole): def test_setupVars_saved_to_file(Pihole): - ''' confirm saved settings are written to a file for future updates to re-use ''' - set_setup_vars = '\n' # dedent works better with this and padding matching script below + ''' + confirm saved settings are written to a file for future updates to re-use + ''' + # dedent works better with this and padding matching script below + set_setup_vars = '\n' for k,v in SETUPVARS.iteritems(): set_setup_vars += " {}={}\n".format(k, v) Pihole.run(set_setup_vars).stdout @@ -74,7 +79,9 @@ def test_setupVars_saved_to_file(Pihole): def test_configureFirewall_firewalld_running_no_errors(Pihole): - ''' confirms firewalld rules are applied when firewallD is running ''' + ''' + confirms firewalld rules are applied when firewallD is running + ''' # firewallD returns 'running' as status mock_command('firewall-cmd', {'*': ('running', 0)}, Pihole) # Whiptail dialog returns Ok for user prompt @@ -87,24 +94,33 @@ def test_configureFirewall_firewalld_running_no_errors(Pihole): assert expected_stdout in configureFirewall.stdout firewall_calls = Pihole.run('cat /var/log/firewall-cmd').stdout assert 'firewall-cmd --state' in firewall_calls - assert 'firewall-cmd --permanent --add-service=http --add-service=dns' in firewall_calls + assert ('firewall-cmd ' + '--permanent ' + '--add-service=http ' + '--add-service=dns') in firewall_calls assert 'firewall-cmd --reload' in firewall_calls def test_configureFirewall_firewalld_disabled_no_errors(Pihole): - ''' confirms firewalld rules are not applied when firewallD is not running ''' + ''' + confirms firewalld rules are not applied when firewallD is not running + ''' # firewallD returns non-running status mock_command('firewall-cmd', {'*': ('not running', '1')}, Pihole) configureFirewall = Pihole.run(''' source /opt/pihole/basic-install.sh configureFirewall ''') - expected_stdout = 'No active firewall detected.. skipping firewall configuration' + expected_stdout = ('No active firewall detected.. ' + 'skipping firewall configuration') assert expected_stdout in configureFirewall.stdout def test_configureFirewall_firewalld_enabled_declined_no_errors(Pihole): - ''' confirms firewalld rules are not applied when firewallD is running, user declines ruleset ''' + ''' + confirms firewalld rules are not applied when firewallD is running, user + declines ruleset + ''' # firewallD returns running status mock_command('firewall-cmd', {'*': ('running', 0)}, Pihole) # Whiptail dialog returns Cancel for user prompt @@ -128,7 +144,10 @@ def test_configureFirewall_no_firewall(Pihole): def test_configureFirewall_IPTables_enabled_declined_no_errors(Pihole): - ''' confirms IPTables rules are not applied when IPTables is running, user declines ruleset ''' + ''' + confirms IPTables rules are not applied when IPTables is running, user + declines ruleset + ''' # iptables command exists mock_command('iptables', {'*': ('', '0')}, Pihole) # modinfo returns always true (ip_tables module check) @@ -144,8 +163,12 @@ def test_configureFirewall_IPTables_enabled_declined_no_errors(Pihole): def test_configureFirewall_IPTables_enabled_rules_exist_no_errors(Pihole): - ''' confirms IPTables rules are not applied when IPTables is running and rules exist ''' - # iptables command exists and returns 0 on calls (should return 0 on iptables -C) + ''' + confirms IPTables rules are not applied when IPTables is running and rules + exist + ''' + # iptables command exists and returns 0 on calls + # (should return 0 on iptables -C) mock_command('iptables', {'-S': ('-P INPUT DENY', '0')}, Pihole) # modinfo returns always true (ip_tables module check) mock_command('modinfo', {'*': ('', '0')}, Pihole) @@ -158,15 +181,38 @@ def test_configureFirewall_IPTables_enabled_rules_exist_no_errors(Pihole): expected_stdout = 'Installing new IPTables firewall rulesets' assert expected_stdout in configureFirewall.stdout firewall_calls = Pihole.run('cat /var/log/iptables').stdout - assert 'iptables -I INPUT 1 -p tcp -m tcp --dport 80 -j ACCEPT' not in firewall_calls - assert 'iptables -I INPUT 1 -p tcp -m tcp --dport 53 -j ACCEPT' not in firewall_calls - assert 'iptables -I INPUT 1 -p udp -m udp --dport 53 -j ACCEPT' not in firewall_calls + iptables_line = 'iptables -I INPUT 1 -p tcp -m tcp --dport 80 -j ACCEPT' + assert iptables_line not in firewall_calls + iptables_line = 'iptables -I INPUT 1 -p tcp -m tcp --dport 53 -j ACCEPT' + assert iptables_line not in firewall_calls + iptables_line = 'iptables -I INPUT 1 -p udp -m udp --dport 53 -j ACCEPT' + assert iptables_line not in firewall_calls def test_configureFirewall_IPTables_enabled_not_exist_no_errors(Pihole): - ''' confirms IPTables rules are applied when IPTables is running and rules do not exist ''' + ''' + confirms IPTables rules are applied when IPTables is running and rules do + not exist + ''' # iptables command and returns 0 on calls (should return 1 on iptables -C) - mock_command('iptables', {'-S': ('-P INPUT DENY', '0'), '-C': ('', 1), '-I': ('', 0)}, Pihole) + mock_command( + 'iptables', + { + '-S': ( + '-P INPUT DENY', + '0' + ), + '-C': ( + '', + 1 + ), + '-I': ( + '', + 0 + ) + }, + Pihole + ) # modinfo returns always true (ip_tables module check) mock_command('modinfo', {'*': ('', '0')}, Pihole) # Whiptail dialog returns Cancel for user prompt @@ -178,13 +224,18 @@ def test_configureFirewall_IPTables_enabled_not_exist_no_errors(Pihole): expected_stdout = 'Installing new IPTables firewall rulesets' assert expected_stdout in configureFirewall.stdout firewall_calls = Pihole.run('cat /var/log/iptables').stdout - assert 'iptables -I INPUT 1 -p tcp -m tcp --dport 80 -j ACCEPT' in firewall_calls - assert 'iptables -I INPUT 1 -p tcp -m tcp --dport 53 -j ACCEPT' in firewall_calls - assert 'iptables -I INPUT 1 -p udp -m udp --dport 53 -j ACCEPT' in firewall_calls + iptables_line = 'iptables -I INPUT 1 -p tcp -m tcp --dport 80 -j ACCEPT' + assert iptables_line in firewall_calls + iptables_line = 'iptables -I INPUT 1 -p tcp -m tcp --dport 53 -j ACCEPT' + assert iptables_line in firewall_calls + iptables_line = 'iptables -I INPUT 1 -p udp -m udp --dport 53 -j ACCEPT' + assert iptables_line in firewall_calls def test_selinux_enforcing_default_exit(Pihole): - ''' confirms installer prompts to exit when SELinux is Enforcing by default ''' + ''' + confirms installer prompts to exit when SELinux is Enforcing by default + ''' # getenforce returns the running state of SELinux mock_command('getenforce', {'*': ('Enforcing', '0')}, Pihole) # Whiptail dialog returns Cancel for user prompt @@ -193,13 +244,17 @@ def test_selinux_enforcing_default_exit(Pihole): source /opt/pihole/basic-install.sh checkSelinux ''') - assert info_box + ' SELinux mode detected: Enforcing' in check_selinux.stdout - assert 'SELinux Enforcing detected, exiting installer' in check_selinux.stdout + expected_stdout = info_box + ' SELinux mode detected: Enforcing' + assert expected_stdout in check_selinux.stdout + expected_stdout = 'SELinux Enforcing detected, exiting installer' + assert expected_stdout in check_selinux.stdout assert check_selinux.rc == 1 def test_selinux_enforcing_continue(Pihole): - ''' confirms installer prompts to continue with custom policy warning ''' + ''' + confirms installer prompts to continue with custom policy warning + ''' # getenforce returns the running state of SELinux mock_command('getenforce', {'*': ('Enforcing', '0')}, Pihole) # Whiptail dialog returns Cancel for user prompt @@ -208,80 +263,117 @@ def test_selinux_enforcing_continue(Pihole): source /opt/pihole/basic-install.sh checkSelinux ''') - assert info_box + ' SELinux mode detected: Enforcing' in check_selinux.stdout - assert info_box + ' Continuing installation with SELinux Enforcing' in check_selinux.stdout - assert info_box + ' Please refer to official SELinux documentation to create a custom policy' in check_selinux.stdout + expected_stdout = info_box + ' SELinux mode detected: Enforcing' + assert expected_stdout in check_selinux.stdout + expected_stdout = info_box + (' Continuing installation with SELinux ' + 'Enforcing') + assert expected_stdout in check_selinux.stdout + expected_stdout = info_box + (' Please refer to official SELinux ' + 'documentation to create a custom policy') + assert expected_stdout in check_selinux.stdout assert check_selinux.rc == 0 def test_selinux_permissive(Pihole): - ''' confirms installer continues when SELinux is Permissive ''' + ''' + confirms installer continues when SELinux is Permissive + ''' # getenforce returns the running state of SELinux mock_command('getenforce', {'*': ('Permissive', '0')}, Pihole) check_selinux = Pihole.run(''' source /opt/pihole/basic-install.sh checkSelinux ''') - assert info_box + ' SELinux mode detected: Permissive' in check_selinux.stdout + expected_stdout = info_box + ' SELinux mode detected: Permissive' + assert expected_stdout in check_selinux.stdout assert check_selinux.rc == 0 def test_selinux_disabled(Pihole): - ''' confirms installer continues when SELinux is Disabled ''' + ''' + confirms installer continues when SELinux is Disabled + ''' mock_command('getenforce', {'*': ('Disabled', '0')}, Pihole) check_selinux = Pihole.run(''' source /opt/pihole/basic-install.sh checkSelinux ''') - assert info_box + ' SELinux mode detected: Disabled' in check_selinux.stdout + expected_stdout = info_box + ' SELinux mode detected: Disabled' + assert expected_stdout in check_selinux.stdout assert check_selinux.rc == 0 def test_installPiholeWeb_fresh_install_no_errors(Pihole): - ''' confirms all web page assets from Core repo are installed on a fresh build ''' + ''' + confirms all web page assets from Core repo are installed on a fresh build + ''' installWeb = Pihole.run(''' source /opt/pihole/basic-install.sh installPiholeWeb ''') - assert info_box + ' Installing blocking page...' in installWeb.stdout - assert tick_box + ' Creating directory for blocking page, and copying files' in installWeb.stdout - assert cross_box + ' Backing up index.lighttpd.html' in installWeb.stdout - assert 'No default index.lighttpd.html file found... not backing up' in installWeb.stdout - assert tick_box + ' Installing sudoer file' in installWeb.stdout + expected_stdout = info_box + ' Installing blocking page...' + assert expected_stdout in installWeb.stdout + expected_stdout = tick_box + (' Creating directory for blocking page, ' + 'and copying files') + assert expected_stdout in installWeb.stdout + expected_stdout = cross_box + ' Backing up index.lighttpd.html' + assert expected_stdout in installWeb.stdout + expected_stdout = ('No default index.lighttpd.html file found... ' + 'not backing up') + assert expected_stdout in installWeb.stdout + expected_stdout = tick_box + ' Installing sudoer file' + assert expected_stdout in installWeb.stdout web_directory = Pihole.run('ls -r /var/www/html/pihole').stdout assert 'index.php' in web_directory assert 'blockingpage.css' in web_directory def test_update_package_cache_success_no_errors(Pihole): - ''' confirms package cache was updated without any errors''' + ''' + confirms package cache was updated without any errors + ''' updateCache = Pihole.run(''' source /opt/pihole/basic-install.sh distro_check update_package_cache ''') - assert tick_box + ' Update local cache of available packages' in updateCache.stdout + expected_stdout = tick_box + ' Update local cache of available packages' + assert expected_stdout in updateCache.stdout assert 'Error: Unable to update package cache.' not in updateCache.stdout def test_update_package_cache_failure_no_errors(Pihole): - ''' confirms package cache was not updated''' + ''' + confirms package cache was not updated + ''' mock_command('apt-get', {'update': ('', '1')}, Pihole) updateCache = Pihole.run(''' source /opt/pihole/basic-install.sh distro_check update_package_cache ''') - assert cross_box + ' Update local cache of available packages' in updateCache.stdout + expected_stdout = cross_box + ' Update local cache of available packages' + assert expected_stdout in updateCache.stdout assert 'Error: Unable to update package cache.' in updateCache.stdout def test_FTL_detect_aarch64_no_errors(Pihole): - ''' confirms only aarch64 package is downloaded for FTL engine ''' + ''' + confirms only aarch64 package is downloaded for FTL engine + ''' # mock uname to return aarch64 platform mock_command('uname', {'-m': ('aarch64', '0')}, Pihole) # mock ldd to respond with aarch64 shared library - mock_command('ldd', {'/bin/ls': ('/lib/ld-linux-aarch64.so.1', '0')}, Pihole) + mock_command( + 'ldd', + { + '/bin/ls': ( + '/lib/ld-linux-aarch64.so.1', + '0' + ) + }, + Pihole + ) detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh FTLdetect @@ -295,7 +387,9 @@ def test_FTL_detect_aarch64_no_errors(Pihole): def test_FTL_detect_armv6l_no_errors(Pihole): - ''' confirms only armv6l package is downloaded for FTL engine ''' + ''' + confirms only armv6l package is downloaded for FTL engine + ''' # mock uname to return armv6l platform mock_command('uname', {'-m': ('armv6l', '0')}, Pihole) # mock ldd to respond with aarch64 shared library @@ -306,14 +400,17 @@ def test_FTL_detect_armv6l_no_errors(Pihole): ''') expected_stdout = info_box + ' FTL Checks...' assert expected_stdout in detectPlatform.stdout - expected_stdout = tick_box + ' Detected ARM-hf architecture (armv6 or lower)' + expected_stdout = tick_box + (' Detected ARM-hf architecture ' + '(armv6 or lower)') assert expected_stdout in detectPlatform.stdout expected_stdout = tick_box + ' Downloading and Installing FTL' assert expected_stdout in detectPlatform.stdout def test_FTL_detect_armv7l_no_errors(Pihole): - ''' confirms only armv7l package is downloaded for FTL engine ''' + ''' + confirms only armv7l package is downloaded for FTL engine + ''' # mock uname to return armv7l platform mock_command('uname', {'-m': ('armv7l', '0')}, Pihole) # mock ldd to respond with aarch64 shared library @@ -331,7 +428,9 @@ def test_FTL_detect_armv7l_no_errors(Pihole): def test_FTL_detect_x86_64_no_errors(Pihole): - ''' confirms only x86_64 package is downloaded for FTL engine ''' + ''' + confirms only x86_64 package is downloaded for FTL engine + ''' detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh FTLdetect @@ -357,7 +456,9 @@ def test_FTL_detect_unknown_no_errors(Pihole): def test_FTL_download_aarch64_no_errors(Pihole): - ''' confirms only aarch64 package is downloaded for FTL engine ''' + ''' + confirms only aarch64 package is downloaded for FTL engine + ''' # mock uname to return generic platform download_binary = Pihole.run(''' source /opt/pihole/basic-install.sh @@ -372,7 +473,9 @@ def test_FTL_download_aarch64_no_errors(Pihole): def test_FTL_download_unknown_fails_no_errors(Pihole): - ''' confirms unknown binary is not downloaded for FTL engine ''' + ''' + confirms unknown binary is not downloaded for FTL engine + ''' # mock uname to return generic platform download_binary = Pihole.run(''' source /opt/pihole/basic-install.sh @@ -385,7 +488,9 @@ def test_FTL_download_unknown_fails_no_errors(Pihole): def test_FTL_binary_installed_and_responsive_no_errors(Pihole): - ''' confirms FTL binary is copied and functional in installed location ''' + ''' + confirms FTL binary is copied and functional in installed location + ''' installed_binary = Pihole.run(''' source /opt/pihole/basic-install.sh FTLdetect @@ -396,7 +501,9 @@ def test_FTL_binary_installed_and_responsive_no_errors(Pihole): # def test_FTL_support_files_installed(Pihole): -# ''' confirms FTL support files are installed ''' +# ''' +# confirms FTL support files are installed +# ''' # support_files = Pihole.run(''' # source /opt/pihole/basic-install.sh # FTLdetect @@ -411,21 +518,44 @@ def test_FTL_binary_installed_and_responsive_no_errors(Pihole): def test_IPv6_only_link_local(Pihole): - ''' confirms IPv6 blocking is disabled for Link-local address ''' + ''' + confirms IPv6 blocking is disabled for Link-local address + ''' # mock ip -6 address to return Link-local address - mock_command_2('ip', {'-6 address': ('inet6 fe80::d210:52fa:fe00:7ad7/64 scope link', '0')}, Pihole) + mock_command_2( + 'ip', + { + '-6 address': ( + 'inet6 fe80::d210:52fa:fe00:7ad7/64 scope link', + '0' + ) + }, + Pihole + ) detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh useIPv6dialog ''') - expected_stdout = 'Unable to find IPv6 ULA/GUA address, IPv6 adblocking will not be enabled' + expected_stdout = ('Unable to find IPv6 ULA/GUA address, ' + 'IPv6 adblocking will not be enabled') assert expected_stdout in detectPlatform.stdout def test_IPv6_only_ULA(Pihole): - ''' confirms IPv6 blocking is enabled for ULA addresses ''' + ''' + confirms IPv6 blocking is enabled for ULA addresses + ''' # mock ip -6 address to return ULA address - mock_command_2('ip', {'-6 address': ('inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole) + mock_command_2( + 'ip', + { + '-6 address': ( + 'inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global', + '0' + ) + }, + Pihole + ) detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh useIPv6dialog @@ -435,9 +565,20 @@ def test_IPv6_only_ULA(Pihole): def test_IPv6_only_GUA(Pihole): - ''' confirms IPv6 blocking is enabled for GUA addresses ''' + ''' + confirms IPv6 blocking is enabled for GUA addresses + ''' # mock ip -6 address to return GUA address - mock_command_2('ip', {'-6 address': ('inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole) + mock_command_2( + 'ip', + { + '-6 address': ( + 'inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global', + '0' + ) + }, + Pihole + ) detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh useIPv6dialog @@ -447,9 +588,21 @@ def test_IPv6_only_GUA(Pihole): def test_IPv6_GUA_ULA_test(Pihole): - ''' confirms IPv6 blocking is enabled for GUA and ULA addresses ''' + ''' + confirms IPv6 blocking is enabled for GUA and ULA addresses + ''' # mock ip -6 address to return GUA and ULA addresses - mock_command_2('ip', {'-6 address': ('inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global\ninet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole) + mock_command_2( + 'ip', + { + '-6 address': ( + 'inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global\n' + 'inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global', + '0' + ) + }, + Pihole + ) detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh useIPv6dialog @@ -459,9 +612,21 @@ def test_IPv6_GUA_ULA_test(Pihole): def test_IPv6_ULA_GUA_test(Pihole): - ''' confirms IPv6 blocking is enabled for GUA and ULA addresses ''' + ''' + confirms IPv6 blocking is enabled for GUA and ULA addresses + ''' # mock ip -6 address to return ULA and GUA addresses - mock_command_2('ip', {'-6 address': ('inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global\ninet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole) + mock_command_2( + 'ip', + { + '-6 address': ( + 'inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global\n' + 'inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global', + '0' + ) + }, + Pihole + ) detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh useIPv6dialog @@ -472,7 +637,10 @@ def test_IPv6_ULA_GUA_test(Pihole): # Helper functions def mock_command(script, args, container): - ''' Allows for setup of commands we don't really want to have to run for real in unit tests ''' + ''' + Allows for setup of commands we don't really want to have to run for real + in unit tests + ''' full_script_path = '/usr/local/bin/{}'.format(script) mock_script = dedent('''\ #!/bin/bash -e @@ -490,11 +658,16 @@ def mock_command(script, args, container): container.run(''' cat < {script}\n{content}\nEOF chmod +x {script} - rm -f /var/log/{scriptlog}'''.format(script=full_script_path, content=mock_script, scriptlog=script)) + rm -f /var/log/{scriptlog}'''.format(script=full_script_path, + content=mock_script, + scriptlog=script)) def mock_command_2(script, args, container): - ''' Allows for setup of commands we don't really want to have to run for real in unit tests ''' + ''' + Allows for setup of commands we don't really want to have to run for real + in unit tests + ''' full_script_path = '/usr/local/bin/{}'.format(script) mock_script = dedent('''\ #!/bin/bash -e @@ -512,7 +685,9 @@ def mock_command_2(script, args, container): container.run(''' cat < {script}\n{content}\nEOF chmod +x {script} - rm -f /var/log/{scriptlog}'''.format(script=full_script_path, content=mock_script, scriptlog=script)) + rm -f /var/log/{scriptlog}'''.format(script=full_script_path, + content=mock_script, + scriptlog=script)) def run_script(Pihole, script): diff --git a/test/test_shellcheck.py b/test/test_shellcheck.py index 0bd03f36..b9b1cea5 100644 --- a/test/test_shellcheck.py +++ b/test/test_shellcheck.py @@ -7,8 +7,13 @@ run_local = testinfra.get_backend( def test_scripts_pass_shellcheck(): - ''' Make sure shellcheck does not find anything wrong with our shell scripts ''' - shellcheck = "find . -type f -name 'update.sh' | while read file; do shellcheck -x \"$file\" -e SC1090,SC1091; done;" + ''' + Make sure shellcheck does not find anything wrong with our shell scripts + ''' + shellcheck = ("find . -type f -name 'update.sh' " + "| while read file; do " + "shellcheck -x \"$file\" -e SC1090,SC1091; " + "done;") results = run_local(shellcheck) print results.stdout assert '' == results.stdout From 9bd4986781fbfc610bc8cb174f3b53152491ac9d Mon Sep 17 00:00:00 2001 From: bcambl Date: Tue, 3 Jul 2018 00:21:57 -0600 Subject: [PATCH 0489/1602] python linting: whitespace before ':' (E203) Signed-off-by: bcambl --- test/test_automated_install.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/test/test_automated_install.py b/test/test_automated_install.py index a604e197..1bbdefa1 100644 --- a/test/test_automated_install.py +++ b/test/test_automated_install.py @@ -2,11 +2,11 @@ import pytest from textwrap import dedent SETUPVARS = { - 'PIHOLE_INTERFACE' : 'eth99', - 'IPV4_ADDRESS' : '1.1.1.1', - 'IPV6_ADDRESS' : 'FE80::240:D0FF:FE48:4672', - 'PIHOLE_DNS_1' : '4.2.2.1', - 'PIHOLE_DNS_2' : '4.2.2.2' + 'PIHOLE_INTERFACE': 'eth99', + 'IPV4_ADDRESS': '1.1.1.1', + 'IPV6_ADDRESS': 'FE80::240:D0FF:FE48:4672', + 'PIHOLE_DNS_1': '4.2.2.1', + 'PIHOLE_DNS_2': '4.2.2.2' } tick_box="[\x1b[1;32m\xe2\x9c\x93\x1b[0m]".decode("utf-8") From 79232d02c935e88b9df211e66cddcda85144b109 Mon Sep 17 00:00:00 2001 From: bcambl Date: Tue, 3 Jul 2018 00:30:00 -0600 Subject: [PATCH 0490/1602] python linting: 'pytest' imported but unused (F401) Signed-off-by: bcambl --- test/test_automated_install.py | 1 - test/test_shellcheck.py | 1 - 2 files changed, 2 deletions(-) diff --git a/test/test_automated_install.py b/test/test_automated_install.py index 1bbdefa1..027e5365 100644 --- a/test/test_automated_install.py +++ b/test/test_automated_install.py @@ -1,4 +1,3 @@ -import pytest from textwrap import dedent SETUPVARS = { diff --git a/test/test_shellcheck.py b/test/test_shellcheck.py index b9b1cea5..43e8ad6f 100644 --- a/test/test_shellcheck.py +++ b/test/test_shellcheck.py @@ -1,4 +1,3 @@ -import pytest import testinfra run_local = testinfra.get_backend( From 1d3445bc0f019f2a01d36552c0e8a84fa5e67467 Mon Sep 17 00:00:00 2001 From: bcambl Date: Tue, 3 Jul 2018 00:33:30 -0600 Subject: [PATCH 0491/1602] python linting: whitespace after '(' and before ')' (E201 & E202) Signed-off-by: bcambl --- test/test_000_build_containers.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/test_000_build_containers.py b/test/test_000_build_containers.py index 725136d8..dc365026 100644 --- a/test/test_000_build_containers.py +++ b/test/test_000_build_containers.py @@ -8,8 +8,8 @@ run_local = testinfra.get_backend( @pytest.mark.parametrize("image,tag", [ - ( 'test/debian.Dockerfile', 'pytest_pihole:debian' ), - ( 'test/centos.Dockerfile', 'pytest_pihole:centos' ), + ('test/debian.Dockerfile', 'pytest_pihole:debian'), + ('test/centos.Dockerfile', 'pytest_pihole:centos'), ]) def test_build_pihole_image(image, tag): build_cmd = run_local('docker build -f {} -t {} .'.format(image, tag)) From 064a75b21b73948a11b2af2518a3e9dc2cc01192 Mon Sep 17 00:00:00 2001 From: bcambl Date: Tue, 3 Jul 2018 00:35:16 -0600 Subject: [PATCH 0492/1602] python linting: missing whitespace around operator (E225) Signed-off-by: bcambl --- test/test_automated_install.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/test/test_automated_install.py b/test/test_automated_install.py index 027e5365..14c2b77a 100644 --- a/test/test_automated_install.py +++ b/test/test_automated_install.py @@ -8,9 +8,9 @@ SETUPVARS = { 'PIHOLE_DNS_2': '4.2.2.2' } -tick_box="[\x1b[1;32m\xe2\x9c\x93\x1b[0m]".decode("utf-8") -cross_box="[\x1b[1;31m\xe2\x9c\x97\x1b[0m]".decode("utf-8") -info_box="[i]".decode("utf-8") +tick_box = "[\x1b[1;32m\xe2\x9c\x93\x1b[0m]".decode("utf-8") +cross_box = "[\x1b[1;31m\xe2\x9c\x97\x1b[0m]".decode("utf-8") +info_box = "[i]".decode("utf-8") def test_setupVars_are_sourced_to_global_scope(Pihole): From 40537e1522b2eb9d18d07254b4b8f155d749061e Mon Sep 17 00:00:00 2001 From: bcambl Date: Tue, 3 Jul 2018 00:36:47 -0600 Subject: [PATCH 0493/1602] python linting: missing whitespace after ',' (E231) Signed-off-by: bcambl --- test/test_automated_install.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/test/test_automated_install.py b/test/test_automated_install.py index 14c2b77a..400a94f4 100644 --- a/test/test_automated_install.py +++ b/test/test_automated_install.py @@ -20,7 +20,7 @@ def test_setupVars_are_sourced_to_global_scope(Pihole): This confirms the sourced variables are in scope between functions ''' setup_var_file = 'cat < /etc/pihole/setupVars.conf\n' - for k,v in SETUPVARS.iteritems(): + for k, v in SETUPVARS.iteritems(): setup_var_file += "{}={}\n".format(k, v) setup_var_file += "EOF\n" Pihole.run(setup_var_file) @@ -45,7 +45,7 @@ def test_setupVars_are_sourced_to_global_scope(Pihole): output = run_script(Pihole, script).stdout - for k,v in SETUPVARS.iteritems(): + for k, v in SETUPVARS.iteritems(): assert "{}={}".format(k, v) in output @@ -55,7 +55,7 @@ def test_setupVars_saved_to_file(Pihole): ''' # dedent works better with this and padding matching script below set_setup_vars = '\n' - for k,v in SETUPVARS.iteritems(): + for k, v in SETUPVARS.iteritems(): set_setup_vars += " {}={}\n".format(k, v) Pihole.run(set_setup_vars).stdout @@ -73,7 +73,7 @@ def test_setupVars_saved_to_file(Pihole): output = run_script(Pihole, script).stdout - for k,v in SETUPVARS.iteritems(): + for k, v in SETUPVARS.iteritems(): assert "{}={}".format(k, v) in output From 5ca2ad6148b83ab2d072477dda95ab0c3b97332f Mon Sep 17 00:00:00 2001 From: bcambl Date: Thu, 5 Jul 2018 18:10:43 -0600 Subject: [PATCH 0494/1602] move test globals & mock commands to conftest Signed-off-by: bcambl --- test/conftest.py | 74 ++++++++++++++++++++++++++++++ test/test_automated_install.py | 82 ++++------------------------------ 2 files changed, 83 insertions(+), 73 deletions(-) diff --git a/test/conftest.py b/test/conftest.py index 80fea82b..7ec3832e 100644 --- a/test/conftest.py +++ b/test/conftest.py @@ -1,10 +1,23 @@ import pytest import testinfra +from textwrap import dedent check_output = testinfra.get_backend( "local://" ).get_module("Command").check_output +SETUPVARS = { + 'PIHOLE_INTERFACE': 'eth99', + 'IPV4_ADDRESS': '1.1.1.1', + 'IPV6_ADDRESS': 'FE80::240:D0FF:FE48:4672', + 'PIHOLE_DNS_1': '4.2.2.1', + 'PIHOLE_DNS_2': '4.2.2.2' +} + +tick_box = "[\x1b[1;32m\xe2\x9c\x93\x1b[0m]".decode("utf-8") +cross_box = "[\x1b[1;31m\xe2\x9c\x97\x1b[0m]".decode("utf-8") +info_box = "[i]".decode("utf-8") + @pytest.fixture def Pihole(Docker): @@ -80,3 +93,64 @@ def cmd(request): default to doing nothing by tailing null, but don't exit ''' return 'tail -f /dev/null' + + +# Helper functions +def mock_command(script, args, container): + ''' + Allows for setup of commands we don't really want to have to run for real + in unit tests + ''' + full_script_path = '/usr/local/bin/{}'.format(script) + mock_script = dedent('''\ + #!/bin/bash -e + echo "\$0 \$@" >> /var/log/{script} + case "\$1" in'''.format(script=script)) + for k, v in args.iteritems(): + case = dedent(''' + {arg}) + echo {res} + exit {retcode} + ;;'''.format(arg=k, res=v[0], retcode=v[1])) + mock_script += case + mock_script += dedent(''' + esac''') + container.run(''' + cat < {script}\n{content}\nEOF + chmod +x {script} + rm -f /var/log/{scriptlog}'''.format(script=full_script_path, + content=mock_script, + scriptlog=script)) + + +def mock_command_2(script, args, container): + ''' + Allows for setup of commands we don't really want to have to run for real + in unit tests + ''' + full_script_path = '/usr/local/bin/{}'.format(script) + mock_script = dedent('''\ + #!/bin/bash -e + echo "\$0 \$@" >> /var/log/{script} + case "\$1 \$2" in'''.format(script=script)) + for k, v in args.iteritems(): + case = dedent(''' + \"{arg}\") + echo \"{res}\" + exit {retcode} + ;;'''.format(arg=k, res=v[0], retcode=v[1])) + mock_script += case + mock_script += dedent(''' + esac''') + container.run(''' + cat < {script}\n{content}\nEOF + chmod +x {script} + rm -f /var/log/{scriptlog}'''.format(script=full_script_path, + content=mock_script, + scriptlog=script)) + + +def run_script(Pihole, script): + result = Pihole.run(script) + assert result.rc == 0 + return result diff --git a/test/test_automated_install.py b/test/test_automated_install.py index 400a94f4..3718282f 100644 --- a/test/test_automated_install.py +++ b/test/test_automated_install.py @@ -1,16 +1,13 @@ from textwrap import dedent - -SETUPVARS = { - 'PIHOLE_INTERFACE': 'eth99', - 'IPV4_ADDRESS': '1.1.1.1', - 'IPV6_ADDRESS': 'FE80::240:D0FF:FE48:4672', - 'PIHOLE_DNS_1': '4.2.2.1', - 'PIHOLE_DNS_2': '4.2.2.2' -} - -tick_box = "[\x1b[1;32m\xe2\x9c\x93\x1b[0m]".decode("utf-8") -cross_box = "[\x1b[1;31m\xe2\x9c\x97\x1b[0m]".decode("utf-8") -info_box = "[i]".decode("utf-8") +from conftest import ( + SETUPVARS, + tick_box, + info_box, + cross_box, + mock_command, + mock_command_2, + run_script +) def test_setupVars_are_sourced_to_global_scope(Pihole): @@ -632,64 +629,3 @@ def test_IPv6_ULA_GUA_test(Pihole): ''') expected_stdout = 'Found IPv6 ULA address, using it for blocking IPv6 ads' assert expected_stdout in detectPlatform.stdout - - -# Helper functions -def mock_command(script, args, container): - ''' - Allows for setup of commands we don't really want to have to run for real - in unit tests - ''' - full_script_path = '/usr/local/bin/{}'.format(script) - mock_script = dedent('''\ - #!/bin/bash -e - echo "\$0 \$@" >> /var/log/{script} - case "\$1" in'''.format(script=script)) - for k, v in args.iteritems(): - case = dedent(''' - {arg}) - echo {res} - exit {retcode} - ;;'''.format(arg=k, res=v[0], retcode=v[1])) - mock_script += case - mock_script += dedent(''' - esac''') - container.run(''' - cat < {script}\n{content}\nEOF - chmod +x {script} - rm -f /var/log/{scriptlog}'''.format(script=full_script_path, - content=mock_script, - scriptlog=script)) - - -def mock_command_2(script, args, container): - ''' - Allows for setup of commands we don't really want to have to run for real - in unit tests - ''' - full_script_path = '/usr/local/bin/{}'.format(script) - mock_script = dedent('''\ - #!/bin/bash -e - echo "\$0 \$@" >> /var/log/{script} - case "\$1 \$2" in'''.format(script=script)) - for k, v in args.iteritems(): - case = dedent(''' - \"{arg}\") - echo \"{res}\" - exit {retcode} - ;;'''.format(arg=k, res=v[0], retcode=v[1])) - mock_script += case - mock_script += dedent(''' - esac''') - container.run(''' - cat < {script}\n{content}\nEOF - chmod +x {script} - rm -f /var/log/{scriptlog}'''.format(script=full_script_path, - content=mock_script, - scriptlog=script)) - - -def run_script(Pihole, script): - result = Pihole.run(script) - assert result.rc == 0 - return result From 553aad6ed2d489bd508d7f956261d5e4b69de6a4 Mon Sep 17 00:00:00 2001 From: bcambl Date: Thu, 5 Jul 2018 18:12:39 -0600 Subject: [PATCH 0495/1602] add Fedora container to test matrix Signed-off-by: bcambl --- test/conftest.py | 2 +- test/fedora.Dockerfile | 16 ++++++++++++++++ test/test_000_build_containers.py | 1 + 3 files changed, 18 insertions(+), 1 deletion(-) create mode 100644 test/fedora.Dockerfile diff --git a/test/conftest.py b/test/conftest.py index 7ec3832e..58530d38 100644 --- a/test/conftest.py +++ b/test/conftest.py @@ -71,7 +71,7 @@ def args(request): return '-t -d' -@pytest.fixture(params=['debian', 'centos']) +@pytest.fixture(params=['debian', 'centos', 'fedora']) def tag(request): ''' consumed by image to make the test matrix diff --git a/test/fedora.Dockerfile b/test/fedora.Dockerfile new file mode 100644 index 00000000..c4834388 --- /dev/null +++ b/test/fedora.Dockerfile @@ -0,0 +1,16 @@ +FROM fedora:latest + +ENV GITDIR /etc/.pihole +ENV SCRIPTDIR /opt/pihole + +RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole +ADD . $GITDIR +RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/ +ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR + +RUN true && \ + chmod +x $SCRIPTDIR/* + +ENV PH_TEST true + +#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \ diff --git a/test/test_000_build_containers.py b/test/test_000_build_containers.py index dc365026..ad243754 100644 --- a/test/test_000_build_containers.py +++ b/test/test_000_build_containers.py @@ -10,6 +10,7 @@ run_local = testinfra.get_backend( @pytest.mark.parametrize("image,tag", [ ('test/debian.Dockerfile', 'pytest_pihole:debian'), ('test/centos.Dockerfile', 'pytest_pihole:centos'), + ('test/fedora.Dockerfile', 'pytest_pihole:fedora'), ]) def test_build_pihole_image(image, tag): build_cmd = run_local('docker build -f {} -t {} .'.format(image, tag)) From a323b126e5ea89d4f54f6dfffdbb52a126a19449 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Thu, 5 Jul 2018 21:48:36 -0700 Subject: [PATCH 0496/1602] Finished space conversion Signed-off-by: Dan Schaper --- .editorconfig | 2 +- .idea/codeStyles/Project.xml | 6 - automated install/basic-install.sh | 3897 ++++++++++++++-------------- 3 files changed, 1947 insertions(+), 1958 deletions(-) diff --git a/.editorconfig b/.editorconfig index e5626a07..ee415d1f 100644 --- a/.editorconfig +++ b/.editorconfig @@ -9,7 +9,7 @@ end_of_line = lf insert_final_newline = true indent_style = space indent_size = tab -tab_width = 2 +tab_width = 4 charset = utf-8 trim_trailing_whitespace = true diff --git a/.idea/codeStyles/Project.xml b/.idea/codeStyles/Project.xml index 7704aeaa..79a710fd 100644 --- a/.idea/codeStyles/Project.xml +++ b/.idea/codeStyles/Project.xml @@ -1,11 +1,5 @@ - diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 36d717f5..b1852288 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -84,30 +84,30 @@ runUnattended=false INSTALL_WEB_SERVER=true # Check arguments for the undocumented flags for var in "$@"; do - case "$var" in - "--reconfigure" ) reconfigure=true;; - "--i_do_not_follow_recommendations" ) skipSpaceCheck=true;; - "--unattended" ) runUnattended=true;; - "--disable-install-webserver" ) INSTALL_WEB_SERVER=false;; - esac + case "$var" in + "--reconfigure" ) reconfigure=true;; + "--i_do_not_follow_recommendations" ) skipSpaceCheck=true;; + "--unattended" ) runUnattended=true;; + "--disable-install-webserver" ) INSTALL_WEB_SERVER=false;; + esac done # If the color table file exists, if [[ -f "${coltable}" ]]; then - # source it - source ${coltable} + # source it + source ${coltable} # Otherwise, else - # Set these values so the installer can still run in color - COL_NC='\e[0m' # No Color - COL_LIGHT_GREEN='\e[1;32m' - COL_LIGHT_RED='\e[1;31m' - TICK="[${COL_LIGHT_GREEN}✓${COL_NC}]" - CROSS="[${COL_LIGHT_RED}✗${COL_NC}]" - INFO="[i]" - # shellcheck disable=SC2034 - DONE="${COL_LIGHT_GREEN} done!${COL_NC}" - OVER="\\r\\033[K" + # Set these values so the installer can still run in color + COL_NC='\e[0m' # No Color + COL_LIGHT_GREEN='\e[1;32m' + COL_LIGHT_RED='\e[1;31m' + TICK="[${COL_LIGHT_GREEN}✓${COL_NC}]" + CROSS="[${COL_LIGHT_RED}✗${COL_NC}]" + INFO="[i]" + # shellcheck disable=SC2034 + DONE="${COL_LIGHT_GREEN} done!${COL_NC}" + OVER="\\r\\033[K" fi # A simple function that just echoes out our logo in ASCII format @@ -141,1033 +141,1029 @@ show_ascii_berry() { distro_check() { # If apt-get is installed, then we know it's part of the Debian family if command -v apt-get &> /dev/null; then - # Set some global variables here - # We don't set them earlier since the family might be Red Hat, so these values would be different - PKG_MANAGER="apt-get" - # A variable to store the command used to update the package cache - UPDATE_PKG_CACHE="${PKG_MANAGER} update" - # An array for something... - PKG_INSTALL=(${PKG_MANAGER} --yes --no-install-recommends install) - # grep -c will return 1 retVal on 0 matches, block this throwing the set -e with an OR TRUE - PKG_COUNT="${PKG_MANAGER} -s -o Debug::NoLocking=true upgrade | grep -c ^Inst || true" - # Some distros vary slightly so these fixes for dependencies may apply - # Debian 7 doesn't have iproute2 so if the dry run install is successful, - if ${PKG_MANAGER} install --dry-run iproute2 > /dev/null 2>&1; then - # we can install it - iproute_pkg="iproute2" - # Otherwise, - else - # use iproute - iproute_pkg="iproute" - fi - # Check for and determine version number (major and minor) of current php install - if command -v php &> /dev/null; then - phpInsVersion="$(php -v | head -n1 | grep -Po '(?<=PHP )[^ ]+')" - echo -e " ${INFO} Existing PHP installation detected : PHP version $phpInsVersion" - phpInsMajor="$(echo "$phpInsVersion" | cut -d\. -f1)" - phpInsMinor="$(echo "$phpInsVersion" | cut -d\. -f2)" - # Is installed php version 7.0 or greater - if [ "$(echo "$phpInsMajor.$phpInsMinor < 7.0" | bc )" == 0 ]; then - phpInsNewer=true + # Set some global variables here + # We don't set them earlier since the family might be Red Hat, so these values would be different + PKG_MANAGER="apt-get" + # A variable to store the command used to update the package cache + UPDATE_PKG_CACHE="${PKG_MANAGER} update" + # An array for something... + PKG_INSTALL=(${PKG_MANAGER} --yes --no-install-recommends install) + # grep -c will return 1 retVal on 0 matches, block this throwing the set -e with an OR TRUE + PKG_COUNT="${PKG_MANAGER} -s -o Debug::NoLocking=true upgrade | grep -c ^Inst || true" + # Some distros vary slightly so these fixes for dependencies may apply + # Debian 7 doesn't have iproute2 so if the dry run install is successful, + if ${PKG_MANAGER} install --dry-run iproute2 > /dev/null 2>&1; then + # we can install it + iproute_pkg="iproute2" + # Otherwise, + else + # use iproute + iproute_pkg="iproute" fi - fi - # Check if installed php is v 7.0, or newer to determine packages to install - if [[ "$phpInsNewer" != true ]]; then - # Prefer the php metapackage if it's there - if ${PKG_MANAGER} install --dry-run php > /dev/null 2>&1; then - phpVer="php" - # fall back on the php5 packages - else - phpVer="php5" + # Check for and determine version number (major and minor) of current php install + if command -v php &> /dev/null; then + phpInsVersion="$(php -v | head -n1 | grep -Po '(?<=PHP )[^ ]+')" + echo -e " ${INFO} Existing PHP installation detected : PHP version $phpInsVersion" + phpInsMajor="$(echo "$phpInsVersion" | cut -d\. -f1)" + phpInsMinor="$(echo "$phpInsVersion" | cut -d\. -f2)" + # Is installed php version 7.0 or greater + if [ "$(echo "$phpInsMajor.$phpInsMinor < 7.0" | bc )" == 0 ]; then + phpInsNewer=true + fi fi - else - # Newer php is installed, its common, cgi & sqlite counterparts are deps - phpVer="php$phpInsMajor.$phpInsMinor" - fi - # We also need the correct version for `php-sqlite` (which differs across distros) - if ${PKG_MANAGER} install --dry-run ${phpVer}-sqlite3 > /dev/null 2>&1; then - phpSqlite="sqlite3" - else - phpSqlite="sqlite" - fi - # Since our install script is so large, we need several other programs to successfully get a machine provisioned - # These programs are stored in an array so they can be looped through later - INSTALLER_DEPS=(apt-utils dialog debconf dhcpcd5 git ${iproute_pkg} whiptail) - # Pi-hole itself has several dependencies that also need to be installed - PIHOLE_DEPS=(bc cron curl dnsutils iputils-ping lsof netcat psmisc sudo unzip wget idn2 sqlite3 libcap2-bin dns-root-data resolvconf) - # The Web dashboard has some that also need to be installed - # It's useful to separate the two since our repos are also setup as "Core" code and "Web" code - PIHOLE_WEB_DEPS=(lighttpd ${phpVer}-common ${phpVer}-cgi ${phpVer}-${phpSqlite}) - # The Web server user, - LIGHTTPD_USER="www-data" - # group, - LIGHTTPD_GROUP="www-data" - # and config file - LIGHTTPD_CFG="lighttpd.conf.debian" + # Check if installed php is v 7.0, or newer to determine packages to install + if [[ "$phpInsNewer" != true ]]; then + # Prefer the php metapackage if it's there + if ${PKG_MANAGER} install --dry-run php > /dev/null 2>&1; then + phpVer="php" + # fall back on the php5 packages + else + phpVer="php5" + fi + else + # Newer php is installed, its common, cgi & sqlite counterparts are deps + phpVer="php$phpInsMajor.$phpInsMinor" + fi + # We also need the correct version for `php-sqlite` (which differs across distros) + if ${PKG_MANAGER} install --dry-run ${phpVer}-sqlite3 > /dev/null 2>&1; then + phpSqlite="sqlite3" + else + phpSqlite="sqlite" + fi + # Since our install script is so large, we need several other programs to successfully get a machine provisioned + # These programs are stored in an array so they can be looped through later + INSTALLER_DEPS=(apt-utils dialog debconf dhcpcd5 git ${iproute_pkg} whiptail) + # Pi-hole itself has several dependencies that also need to be installed + PIHOLE_DEPS=(bc cron curl dnsutils iputils-ping lsof netcat psmisc sudo unzip wget idn2 sqlite3 libcap2-bin dns-root-data resolvconf) + # The Web dashboard has some that also need to be installed + # It's useful to separate the two since our repos are also setup as "Core" code and "Web" code + PIHOLE_WEB_DEPS=(lighttpd ${phpVer}-common ${phpVer}-cgi ${phpVer}-${phpSqlite}) + # The Web server user, + LIGHTTPD_USER="www-data" + # group, + LIGHTTPD_GROUP="www-data" + # and config file + LIGHTTPD_CFG="lighttpd.conf.debian" - # A function to check... - test_dpkg_lock() { - # An iterator used for counting loop iterations - i=0 - # fuser is a program to show which processes use the named files, sockets, or filesystems - # So while the command is true - while fuser /var/lib/dpkg/lock >/dev/null 2>&1 ; do - # Wait half a second - sleep 0.5 - # and increase the iterator - ((i=i+1)) - done - # Always return success, since we only return if there is no - # lock (anymore) - return 0 + # A function to check... + test_dpkg_lock() { + # An iterator used for counting loop iterations + i=0 + # fuser is a program to show which processes use the named files, sockets, or filesystems + # So while the command is true + while fuser /var/lib/dpkg/lock >/dev/null 2>&1 ; do + # Wait half a second + sleep 0.5 + # and increase the iterator + ((i=i+1)) + done + # Always return success, since we only return if there is no + # lock (anymore) + return 0 } # If apt-get is not found, check for rpm to see if it's a Red Hat family OS elif command -v rpm &> /dev/null; then - # Then check if dnf or yum is the package manager - if command -v dnf &> /dev/null; then - PKG_MANAGER="dnf" - else - PKG_MANAGER="yum" - fi - - # Fedora and family update cache on every PKG_INSTALL call, no need for a separate update. - UPDATE_PKG_CACHE=":" - PKG_INSTALL=(${PKG_MANAGER} install -y) - PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l" - INSTALLER_DEPS=(dialog git iproute net-tools newt procps-ng which) - PIHOLE_DEPS=(bc bind-utils cronie curl findutils nmap-ncat sudo unzip wget libidn2 psmisc) - PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php-common php-cli php-pdo) - LIGHTTPD_USER="lighttpd" - LIGHTTPD_GROUP="lighttpd" - LIGHTTPD_CFG="lighttpd.conf.fedora" - # If the host OS is Fedora, - if grep -qi 'fedora' /etc/redhat-release; then - # all required packages should be available by default with the latest fedora release - : # continue - # or if host OS is CentOS, - elif grep -qi 'centos' /etc/redhat-release; then - # Pi-Hole currently supports CentOS 7+ with PHP7+ - SUPPORTED_CENTOS_VERSION=7 - SUPPORTED_CENTOS_PHP_VERSION=7 - # Check current CentOS major release version - CURRENT_CENTOS_VERSION=$(rpm -q --queryformat '%{VERSION}' centos-release) - # Check if CentOS version is supported - if [[ $CURRENT_CENTOS_VERSION -lt $SUPPORTED_CENTOS_VERSION ]]; then - echo -e " ${CROSS} CentOS $CURRENT_CENTOS_VERSION is not suported." - echo -e " Please update to CentOS release $SUPPORTED_CENTOS_VERSION or later" - # exit the installer - exit - fi - # on CentOS we need to add the EPEL repository to gain access to Fedora packages - EPEL_PKG="epel-release" - rpm -q ${EPEL_PKG} &> /dev/null || rc=$? - if [[ $rc -ne 0 ]]; then - echo -e " ${INFO} Enabling EPEL package repository (https://fedoraproject.org/wiki/EPEL)" - "${PKG_INSTALL[@]}" ${EPEL_PKG} &> /dev/null - echo -e " ${TICK} Installed ${EPEL_PKG}" - fi - - # The default php on CentOS 7.x is 5.4 which is EOL - # Check if the version of PHP available via installed repositories is >= to PHP 7 - AVAILABLE_PHP_VERSION=$(${PKG_MANAGER} info php | grep -i version | grep -o '[0-9]\+' | head -1) - if [[ $AVAILABLE_PHP_VERSION -ge $SUPPORTED_CENTOS_PHP_VERSION ]]; then - # Since PHP 7 is available by default, install via default PHP package names - : # do nothing as PHP is current + # Then check if dnf or yum is the package manager + if command -v dnf &> /dev/null; then + PKG_MANAGER="dnf" else - REMI_PKG="remi-release" - REMI_REPO="remi-php72" - rpm -q ${REMI_PKG} &> /dev/null || rc=$? - if [[ $rc -ne 0 ]]; then - # The PHP version available via default repositories is older than version 7 - if ! whiptail --defaultno --title "PHP 7 Update (recommended)" --yesno "PHP 7.x is recommended for both security and language features.\\nWould you like to install PHP7 via Remi's RPM repository?\\n\\nSee: https://rpms.remirepo.net for more information" ${r} ${c}; then - # User decided to NOT update PHP from REMI, attempt to install the default available PHP version - echo -e " ${INFO} User opt-out of PHP 7 upgrade on CentOS. Deprecated PHP may be in use." - : # continue with unsupported php version - else - echo -e " ${INFO} Enabling Remi's RPM repository (https://rpms.remirepo.net)" - "${PKG_INSTALL[@]}" "https://rpms.remirepo.net/enterprise/${REMI_PKG}-$(rpm -E '%{rhel}').rpm" &> /dev/null - # enable the PHP 7 repository via yum-config-manager (provided by yum-utils) - "${PKG_INSTALL[@]}" "yum-utils" &> /dev/null - yum-config-manager --enable ${REMI_REPO} &> /dev/null - echo -e " ${TICK} Remi's RPM repository has been enabled for PHP7" - - fi - fi + PKG_MANAGER="yum" fi - else - # If not a supported version of Fedora or CentOS, - echo -e " ${CROSS} Unsupported RPM based distribution" - # exit the installer - exit - fi + # Fedora and family update cache on every PKG_INSTALL call, no need for a separate update. + UPDATE_PKG_CACHE=":" + PKG_INSTALL=(${PKG_MANAGER} install -y) + PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l" + INSTALLER_DEPS=(dialog git iproute net-tools newt procps-ng which) + PIHOLE_DEPS=(bc bind-utils cronie curl findutils nmap-ncat sudo unzip wget libidn2 psmisc) + PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php-common php-cli php-pdo) + LIGHTTPD_USER="lighttpd" + LIGHTTPD_GROUP="lighttpd" + LIGHTTPD_CFG="lighttpd.conf.fedora" + # If the host OS is Fedora, + if grep -qi 'fedora' /etc/redhat-release; then + # all required packages should be available by default with the latest fedora release + : # continue + # or if host OS is CentOS, + elif grep -qi 'centos' /etc/redhat-release; then + # Pi-Hole currently supports CentOS 7+ with PHP7+ + SUPPORTED_CENTOS_VERSION=7 + SUPPORTED_CENTOS_PHP_VERSION=7 + # Check current CentOS major release version + CURRENT_CENTOS_VERSION=$(rpm -q --queryformat '%{VERSION}' centos-release) + # Check if CentOS version is supported + if [[ $CURRENT_CENTOS_VERSION -lt $SUPPORTED_CENTOS_VERSION ]]; then + echo -e " ${CROSS} CentOS $CURRENT_CENTOS_VERSION is not suported." + echo -e " Please update to CentOS release $SUPPORTED_CENTOS_VERSION or later" + # exit the installer + exit + fi + # on CentOS we need to add the EPEL repository to gain access to Fedora packages + EPEL_PKG="epel-release" + rpm -q ${EPEL_PKG} &> /dev/null || rc=$? + if [[ $rc -ne 0 ]]; then + echo -e " ${INFO} Enabling EPEL package repository (https://fedoraproject.org/wiki/EPEL)" + "${PKG_INSTALL[@]}" ${EPEL_PKG} &> /dev/null + echo -e " ${TICK} Installed ${EPEL_PKG}" + fi + + # The default php on CentOS 7.x is 5.4 which is EOL + # Check if the version of PHP available via installed repositories is >= to PHP 7 + AVAILABLE_PHP_VERSION=$(${PKG_MANAGER} info php | grep -i version | grep -o '[0-9]\+' | head -1) + if [[ $AVAILABLE_PHP_VERSION -ge $SUPPORTED_CENTOS_PHP_VERSION ]]; then + # Since PHP 7 is available by default, install via default PHP package names + : # do nothing as PHP is current + else + REMI_PKG="remi-release" + REMI_REPO="remi-php72" + rpm -q ${REMI_PKG} &> /dev/null || rc=$? + if [[ $rc -ne 0 ]]; then + # The PHP version available via default repositories is older than version 7 + if ! whiptail --defaultno --title "PHP 7 Update (recommended)" --yesno "PHP 7.x is recommended for both security and language features.\\nWould you like to install PHP7 via Remi's RPM repository?\\n\\nSee: https://rpms.remirepo.net for more information" ${r} ${c}; then + # User decided to NOT update PHP from REMI, attempt to install the default available PHP version + echo -e " ${INFO} User opt-out of PHP 7 upgrade on CentOS. Deprecated PHP may be in use." + : # continue with unsupported php version + else + echo -e " ${INFO} Enabling Remi's RPM repository (https://rpms.remirepo.net)" + "${PKG_INSTALL[@]}" "https://rpms.remirepo.net/enterprise/${REMI_PKG}-$(rpm -E '%{rhel}').rpm" &> /dev/null + # enable the PHP 7 repository via yum-config-manager (provided by yum-utils) + "${PKG_INSTALL[@]}" "yum-utils" &> /dev/null + yum-config-manager --enable ${REMI_REPO} &> /dev/null + echo -e " ${TICK} Remi's RPM repository has been enabled for PHP7" + fi + fi + fi + else + # If not a supported version of Fedora or CentOS, + echo -e " ${CROSS} Unsupported RPM based distribution" + # exit the installer + exit + fi # If neither apt-get or rmp/dnf are found else - # it's not an OS we can support, - echo -e " ${CROSS} OS distribution not supported" - # so exit the installer - exit + # it's not an OS we can support, + echo -e " ${CROSS} OS distribution not supported" + # so exit the installer + exit fi } # A function for checking if a folder is a git repository is_repo() { - # Use a named, local variable instead of the vague $1, which is the first argument passed to this function - # These local variables should always be lowercase - local directory="${1}" - # A local variable for the current directory - local curdir - # A variable to store the return code - local rc - # Assign the current directory variable by using pwd - curdir="${PWD}" - # If the first argument passed to this function is a directory, - if [[ -d "${directory}" ]]; then - # move into the directory - cd "${directory}" - # Use git to check if the folder is a repo - # git -C is not used here to support git versions older than 1.8.4 - git status --short &> /dev/null || rc=$? - # If the command was not successful, - else - # Set a non-zero return code if directory does not exist - rc=1 - fi - # Move back into the directory the user started in - cd "${curdir}" - # Return the code; if one is not set, return 0 - return "${rc:-0}" + # Use a named, local variable instead of the vague $1, which is the first argument passed to this function + # These local variables should always be lowercase + local directory="${1}" + # A local variable for the current directory + local curdir + # A variable to store the return code + local rc + # Assign the current directory variable by using pwd + curdir="${PWD}" + # If the first argument passed to this function is a directory, + if [[ -d "${directory}" ]]; then + # move into the directory + cd "${directory}" + # Use git to check if the folder is a repo + # git -C is not used here to support git versions older than 1.8.4 + git status --short &> /dev/null || rc=$? + # If the command was not successful, + else + # Set a non-zero return code if directory does not exist + rc=1 + fi + # Move back into the directory the user started in + cd "${curdir}" + # Return the code; if one is not set, return 0 + return "${rc:-0}" } # A function to clone a repo make_repo() { - # Set named variables for better readability - local directory="${1}" - local remoteRepo="${2}" - # The message to display when this function is running - str="Clone ${remoteRepo} into ${directory}" - # Display the message and use the color table to preface the message with an "info" indicator - echo -ne " ${INFO} ${str}..." - # If the directory exists, - if [[ -d "${directory}" ]]; then - # delete everything in it so git can clone into it - rm -rf "${directory}" - fi - # Clone the repo and return the return code from this command - git clone -q --depth 1 "${remoteRepo}" "${directory}" &> /dev/null || return $? - # Show a colored message showing it's status - echo -e "${OVER} ${TICK} ${str}" - # Always return 0? Not sure this is correct - return 0 + # Set named variables for better readability + local directory="${1}" + local remoteRepo="${2}" + # The message to display when this function is running + str="Clone ${remoteRepo} into ${directory}" + # Display the message and use the color table to preface the message with an "info" indicator + echo -ne " ${INFO} ${str}..." + # If the directory exists, + if [[ -d "${directory}" ]]; then + # delete everything in it so git can clone into it + rm -rf "${directory}" + fi + # Clone the repo and return the return code from this command + git clone -q --depth 1 "${remoteRepo}" "${directory}" &> /dev/null || return $? + # Show a colored message showing it's status + echo -e "${OVER} ${TICK} ${str}" + # Always return 0? Not sure this is correct + return 0 } # We need to make sure the repos are up-to-date so we can effectively install Clean out the directory if it exists for git to clone into update_repo() { - # Use named, local variables - # As you can see, these are the same variable names used in the last function, - # but since they are local, their scope does not go beyond this function - # This helps prevent the wrong value from being assigned if you were to set the variable as a GLOBAL one - local directory="${1}" - local curdir + # Use named, local variables + # As you can see, these are the same variable names used in the last function, + # but since they are local, their scope does not go beyond this function + # This helps prevent the wrong value from being assigned if you were to set the variable as a GLOBAL one + local directory="${1}" + local curdir - # A variable to store the message we want to display; - # Again, it's useful to store these in variables in case we need to reuse or change the message; - # we only need to make one change here - local str="Update repo in ${1}" + # A variable to store the message we want to display; + # Again, it's useful to store these in variables in case we need to reuse or change the message; + # we only need to make one change here + local str="Update repo in ${1}" - # Make sure we know what directory we are in so we can move back into it - curdir="${PWD}" - # Move into the directory that was passed as an argument - cd "${directory}" &> /dev/null || return 1 - # Let the user know what's happening - echo -ne " ${INFO} ${str}..." - # Stash any local commits as they conflict with our working code - git stash --all --quiet &> /dev/null || true # Okay for stash failure - git clean --quiet --force -d || true # Okay for already clean directory - # Pull the latest commits - git pull --quiet &> /dev/null || return $? - # Show a completion message - echo -e "${OVER} ${TICK} ${str}" - # Move back into the original directory - cd "${curdir}" &> /dev/null || return 1 - return 0 + # Make sure we know what directory we are in so we can move back into it + curdir="${PWD}" + # Move into the directory that was passed as an argument + cd "${directory}" &> /dev/null || return 1 + # Let the user know what's happening + echo -ne " ${INFO} ${str}..." + # Stash any local commits as they conflict with our working code + git stash --all --quiet &> /dev/null || true # Okay for stash failure + git clean --quiet --force -d || true # Okay for already clean directory + # Pull the latest commits + git pull --quiet &> /dev/null || return $? + # Show a completion message + echo -e "${OVER} ${TICK} ${str}" + # Move back into the original directory + cd "${curdir}" &> /dev/null || return 1 + return 0 } # A function that combines the functions previously made getGitFiles() { - # Setup named variables for the git repos - # We need the directory - local directory="${1}" - # as well as the repo URL - local remoteRepo="${2}" - # A local variable containing the message to be displayed - local str="Check for existing repository in ${1}" - # Show the message - echo -ne " ${INFO} ${str}..." - # Check if the directory is a repository - if is_repo "${directory}"; then - # Show that we're checking it - echo -e "${OVER} ${TICK} ${str}" - # Update the repo, returning an error message on failure - update_repo "${directory}" || { echo -e "\\n ${COL_LIGHT_RED}Error: Could not update local repository. Contact support.${COL_NC}"; exit 1; } - # If it's not a .git repo, - else - # Show an error - echo -e "${OVER} ${CROSS} ${str}" - # Attempt to make the repository, showing an error on failure - make_repo "${directory}" "${remoteRepo}" || { echo -e "\\n ${COL_LIGHT_RED}Error: Could not update local repository. Contact support.${COL_NC}"; exit 1; } - fi - # echo a blank line - echo "" - # and return success? - return 0 + # Setup named variables for the git repos + # We need the directory + local directory="${1}" + # as well as the repo URL + local remoteRepo="${2}" + # A local variable containing the message to be displayed + local str="Check for existing repository in ${1}" + # Show the message + echo -ne " ${INFO} ${str}..." + # Check if the directory is a repository + if is_repo "${directory}"; then + # Show that we're checking it + echo -e "${OVER} ${TICK} ${str}" + # Update the repo, returning an error message on failure + update_repo "${directory}" || { echo -e "\\n ${COL_LIGHT_RED}Error: Could not update local repository. Contact support.${COL_NC}"; exit 1; } + # If it's not a .git repo, + else + # Show an error + echo -e "${OVER} ${CROSS} ${str}" + # Attempt to make the repository, showing an error on failure + make_repo "${directory}" "${remoteRepo}" || { echo -e "\\n ${COL_LIGHT_RED}Error: Could not update local repository. Contact support.${COL_NC}"; exit 1; } + fi + # echo a blank line + echo "" + # and return success? + return 0 } # Reset a repo to get rid of any local changed resetRepo() { - # Use named variables for arguments - local directory="${1}" - # Move into the directory - cd "${directory}" &> /dev/null || return 1 - # Store the message in a variable - str="Resetting repository within ${1}..." - # Show the message - echo -ne " ${INFO} ${str}" - # Use git to remove the local changes - git reset --hard &> /dev/null || return $? - # And show the status - echo -e "${OVER} ${TICK} ${str}" - # Returning success anyway? - return 0 + # Use named variables for arguments + local directory="${1}" + # Move into the directory + cd "${directory}" &> /dev/null || return 1 + # Store the message in a variable + str="Resetting repository within ${1}..." + # Show the message + echo -ne " ${INFO} ${str}" + # Use git to remove the local changes + git reset --hard &> /dev/null || return $? + # And show the status + echo -e "${OVER} ${TICK} ${str}" + # Returning success anyway? + return 0 } # We need to know the IPv4 information so we can effectively setup the DNS server # Without this information, we won't know where to Pi-hole will be found find_IPv4_information() { - # Named, local variables - local route - # Find IP used to route to outside world by checking the the route to Google's public DNS server - route=$(ip route get 8.8.8.8) - # Use awk to strip out just the interface device as it is used in future commands - IPv4dev=$(awk '{for (i=1; i<=NF; i++) if ($i~/dev/) print $(i+1)}' <<< "${route}") - # Get just the IP address - IPv4bare=$(awk '{print $7}' <<< "${route}") - # Append the CIDR notation to the IP address - IPV4_ADDRESS=$(ip -o -f inet addr show | grep "${IPv4bare}" | awk '{print $4}' | awk 'END {print}') - # Get the default gateway (the way to reach the Internet) - IPv4gw=$(awk '{print $3}' <<< "${route}") - + # Named, local variables + local route + # Find IP used to route to outside world by checking the the route to Google's public DNS server + route=$(ip route get 8.8.8.8) + # Use awk to strip out just the interface device as it is used in future commands + IPv4dev=$(awk '{for (i=1; i<=NF; i++) if ($i~/dev/) print $(i+1)}' <<< "${route}") + # Get just the IP address + IPv4bare=$(awk '{print $7}' <<< "${route}") + # Append the CIDR notation to the IP address + IPV4_ADDRESS=$(ip -o -f inet addr show | grep "${IPv4bare}" | awk '{print $4}' | awk 'END {print}') + # Get the default gateway (the way to reach the Internet) + IPv4gw=$(awk '{print $3}' <<< "${route}") } # Get available interfaces that are UP get_available_interfaces() { - # There may be more than one so it's all stored in a variable - availableInterfaces=$(ip --oneline link show up | grep -v "lo" | awk '{print $2}' | cut -d':' -f1 | cut -d'@' -f1) + # There may be more than one so it's all stored in a variable + availableInterfaces=$(ip --oneline link show up | grep -v "lo" | awk '{print $2}' | cut -d':' -f1 | cut -d'@' -f1) } # A function for displaying the dialogs the user sees when first running the installer welcomeDialogs() { - # Display the welcome dialog using an appropriately sized window via the calculation conducted earlier in the script - whiptail --msgbox --backtitle "Welcome" --title "Pi-hole automated installer" "\\n\\nThis installer will transform your device into a network-wide ad blocker!" ${r} ${c} + # Display the welcome dialog using an appropriately sized window via the calculation conducted earlier in the script + whiptail --msgbox --backtitle "Welcome" --title "Pi-hole automated installer" "\\n\\nThis installer will transform your device into a network-wide ad blocker!" ${r} ${c} - # Request that users donate if they enjoy the software since we all work on it in our free time - whiptail --msgbox --backtitle "Plea" --title "Free and open source" "\\n\\nThe Pi-hole is free, but powered by your donations: http://pi-hole.net/donate" ${r} ${c} + # Request that users donate if they enjoy the software since we all work on it in our free time + whiptail --msgbox --backtitle "Plea" --title "Free and open source" "\\n\\nThe Pi-hole is free, but powered by your donations: http://pi-hole.net/donate" ${r} ${c} - # Explain the need for a static address - whiptail --msgbox --backtitle "Initiating network interface" --title "Static IP Needed" "\\n\\nThe Pi-hole is a SERVER so it needs a STATIC IP ADDRESS to function properly. + # Explain the need for a static address + whiptail --msgbox --backtitle "Initiating network interface" --title "Static IP Needed" "\\n\\nThe Pi-hole is a SERVER so it needs a STATIC IP ADDRESS to function properly. In the next section, you can choose to use your current network settings (DHCP) or to manually edit them." ${r} ${c} } # We need to make sure there is enough space before installing, so there is a function to check this verifyFreeDiskSpace() { + # 50MB is the minimum space needed (45MB install (includes web admin bootstrap/jquery libraries etc) + 5MB one day of logs.) + # - Fourdee: Local ensures the variable is only created, and accessible within this function/void. Generally considered a "good" coding practice for non-global variables. + local str="Disk space check" + # Required space in KB + local required_free_kilobytes=51200 + # Calculate existing free space on this machine + local existing_free_kilobytes + existing_free_kilobytes=$(df -Pk | grep -m1 '\/$' | awk '{print $4}') - # 50MB is the minimum space needed (45MB install (includes web admin bootstrap/jquery libraries etc) + 5MB one day of logs.) - # - Fourdee: Local ensures the variable is only created, and accessible within this function/void. Generally considered a "good" coding practice for non-global variables. - local str="Disk space check" - # Required space in KB - local required_free_kilobytes=51200 - # Calculate existing free space on this machine - local existing_free_kilobytes - existing_free_kilobytes=$(df -Pk | grep -m1 '\/$' | awk '{print $4}') - - # If the existing space is not an integer, - if ! [[ "${existing_free_kilobytes}" =~ ^([0-9])+$ ]]; then - # show an error that we can't determine the free space - echo -e " ${CROSS} ${str} - Unknown free disk space! - We were unable to determine available free disk space on this system. - You may override this check, however, it is not recommended - The option '${COL_LIGHT_RED}--i_do_not_follow_recommendations${COL_NC}' can override this - e.g: curl -L https://install.pi-hole.net | bash /dev/stdin ${COL_LIGHT_RED}