Merge pull request #275 from pi-hole/development

Release 2.5

README.md

@@ -1,50 +1,87 @@
-# Raspberry Pi Ad Blocker 
-**A black hole for ads, hence Pi-hole**
-
-![Pi-hole](http://i.imgur.com/wd5ltCU.png)
-
-The Pi-hole is a DNS/Web server that will **block ads for any device on your network**.
-
-## Coverage
-Featured on [MakeUseOf](http://www.makeuseof.com/tag/adblock-everywhere-raspberry-pi-hole-way/) and [Lifehacker](http://lifehacker.com/turn-a-raspberry-pi-into-an-ad-blocker-with-a-single-co-1686093533)!
-
-## Automated Install
+# Automated Install 
+##### Designed For Raspberry Pi B, B+, 2, and Zero (with an Ethernet adapter)
 
 1. Install Raspbian 
-2. Set a **static** IP address
-3. Run the command below
+2. Run the command below
 
-```curl -s "https://raw.githubusercontent.com/jacobsalmela/pi-hole/master/automated%20install/basic-install.sh" | bash```
+### ```curl -L install.pi-hole.net | bash```
 
-Once installed, **configure any device to use the Raspberry Pi as its DNS server and the ads will be blocked**.  You can also configure your router's DHCP options to assign the Pi as clients DNS server so they do not need to do it manually.  
+Once installed, [configure your router to have **DHCP clients use the Pi as their DNS server**](http://pi-hole.net/faq/can-i-set-the-pi-hole-to-be-the-dns-server-at-my-router-so-i-dont-have-to-change-settings-for-my-devices/) and then any device that connects to your network will have ads blocked without any further configuration.  Alternatively, you can manually set each device to [use the Raspberry Pi as its DNS server](http://pi-hole.net/faq/how-do-i-use-the-pi-hole-as-my-dns-server/).
+
+## Pi-hole Is Free, But Powered By Your Donations
+[![Donate](https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif "Free, but powered by donations")](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=3J2L3Z4DHW9UY "Donate")
+
+## How Does It Work?
+**Watch the 60-second video below to get a quick overview**
+
+[![Pi-hole exlplained](http://i.imgur.com/qNybJDX.png)](https://vimeo.com/135965232)
+
+## Pi-hole Projects
+- [Pi-hole Chrome extension](https://chrome.google.com/webstore/detail/pi-hole-list-editor/hlnoeoejkllgkjbnnnhfolapllcnaglh) ([open source](https://github.com/packtloss/pihole-extension))
+- [Go Bananas for CHiP-hole ad blocking](https://www.hackster.io/jacobsalmela/chip-hole-network-wide-ad-blocker-98e037)
+- [Sky-Hole](http://dlaa.me/blog/post/skyhole)
+- [Pi-hole in the Cloud!](http://blog.codybunch.com/2015/07/28/Pi-Hole-in-the-cloud/)
+- [unRaid-hole](https://github.com/spants/unraidtemplates/blob/master/Spants/unRaid-hole.xml#L13)--[Repo and more info](http://lime-technology.com/forum/index.php?PHPSESSID=c0eae3e5ef7e521f7866034a3336489d&topic=38486.0)
+- [Pi-hole on/off button](http://thetimmy.silvernight.org/pages/endisbutton/)
+- [Minibian Pi-hole](http://munkjensen.net/wiki/index.php/See_my_Pi-Hole#Minibian_Pi-hole)
+
+## Coverage
+- [Splunk: Pi-hole Visualizser](https://splunkbase.splunk.com/app/3023/)
+- [The Defrag Show - MSDN/Channel 9](https://channel9.msdn.com/Shows/The-Defrag-Show/Defrag-Endoscope-USB-Camera-The-Final-HoloLens-Vote-Adblock-Pi-and-more?WT.mc_id=dlvr_twitter_ch9#time=20m39s)
+- [MacObserver Podcast 585](http://www.macobserver.com/tmo/podcast/macgeekgab-585)
+- [Medium: Block All Ads For $53](https://medium.com/@robleathern/block-ads-on-all-home-devices-for-53-18-a5f1ec139693#.gj1xpgr5d)
+- [MakeUseOf: Adblock Everywhere, The Pi-hole Way](http://www.makeuseof.com/tag/adblock-everywhere-raspberry-pi-hole-way/)
+- [Lifehacker: Turn Your Pi Into An Ad Blocker With A Single Command](http://lifehacker.com/turn-a-raspberry-pi-into-an-ad-blocker-with-a-single-co-1686093533)!
+- [Pi-hole on TekThing](https://youtu.be/8Co59HU2gY0?t=2m)
+- [Pi-hole on Security Now! Podcast](http://www.youtube.com/watch?v=p7-osq_y8i8&t=100m26s)
+- [Foolish Tech Show](https://youtu.be/bYyena0I9yc?t=2m4s)
+- [Pi-hole on Ubuntu](http://www.boyter.org/2015/12/pi-hole-ubuntu-14-04/)
+- [Catchpoint: iOS 9 Ad Blocking](http://blog.catchpoint.com/2015/09/14/ad-blocking-apple/)
+
+## Partnering With Optimal.com
+
+Pi-hole will be teaming up with [Rob Leathern's subscription service to avoid ads](https://medium.com/@robleathern/block-ads-on-all-home-devices-for-53-18-a5f1ec139693#.gj1xpgr5d).  This service is unique and will help content-creators and publishers [still make money from visitors who are using an ad ablocker](http://techcrunch.com/2015/12/17/the-new-optimal/).
+
+## Technical Details
+
+The Pi-hole is an **advertising-aware DNS/Web server**.  If an ad domain is queried, a small Web page or GIF is delivered in place of the advertisement.  You can also [replace ads with any image you want](http://pi-hole.net/faq/is-it-possible-to-change-the-blank-page-that-takes-place-of-the-ads-to-something-else/) since it is just a simple Webpage taking place of the ads.
 
 A more detailed explanation of the installation can be found [here](http://jacobsalmela.com/block-millions-ads-network-wide-with-a-raspberry-pi-hole-2-0).
 
-[![Donate](https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif "AdminLTE Presentation")](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=3J2L3Z4DHW9UY "Donate")
-
 ## Gravity
-The [gravity.sh](https://github.com/jacobsalmela/pi-hole/blob/master/gravity.sh) does most of the magic.  The script pulls in ad domains from many sources and compiles them into a single list of [over 900,000 entries](http://jacobsalmela.com/block-millions-ads-network-wide-with-a-raspberry-pi-hole-2-0).
+The [gravity.sh](https://github.com/pi-hole/pi-hole/blob/master/gravity.sh) does most of the magic.  The script pulls in ad domains from many sources and compiles them into a single list of [over 1.6 million entries](http://jacobsalmela.com/block-millions-ads-network-wide-with-a-raspberry-pi-hole-2-0) (if you decide to use the [mahakala list](https://github.com/pi-hole/pi-hole/commit/963eacfe0537a7abddf30441c754c67ca1e40965)).
 
 ## Whitelist and blacklist
-You can add a `whitelist.txt` or `blacklist.txt` in `/etc/pihole/` and the script will apply those files automatically.
+Domains can be whitelisted and blacklisted using two pre-installed scripts. See [the wiki page](https://github.com/pi-hole/pi-hole/wiki/Whitelisting-and-Blacklisting) for more details
 
 ## Web Interface
-I am also working on a [Web interface](https://github.com/jacobsalmela/AdminLTE#pi-hole-admin-dashboard) so you can view stats and change settings.
+The [Web interface](https://github.com/jacobsalmela/AdminLTE#pi-hole-admin-dashboard) will be installed automatically so you can view stats and change settings.  You can find it at:
 
-##  Custom Config File
-If you want to use your own variables for the gravity script (i.e. storing the files in a different location) and don't want to have to change them every time there is an update to the script, create a file called `/etc/pihole/pihole.conf`. In it, you should add your own variables in a similar fashion as shown below:
+`http://192.168.1.x/admin/index.php`
 
+### API
+
+A basic read-only API can be accessed at `/admin/api.php`. It returns the following JSON:
+```JSON
+{
+	"domains_being_blocked": "136708",
+	"dns_queries_today": "18108",
+	"ads_blocked_today": "14648",
+	"ads_percentage_today": "80.89"
+}
 ```
-origin=/var/run/pihole
-adList=/etc/dnsmasq.d/adList
-```
+The same output can be acheived on the CLI by running `chronometer.sh -j`
 
-See [this PR](https://github.com/jacobsalmela/pi-hole/pull/20) for more details.
+![Web](http://i.imgur.com/m114SCn.png)
 
-### How It Works
-A technical and detailed description can be found [here](http://jacobsalmela.com/block-millions-ads-network-wide-with-a-raspberry-pi-hole-2-0)!
+## Real-time Statistics
+
+You can view [real-time stats](http://pi-hole.net/faq/install-the-real-time-lcd-monitor-chronometer/) via `ssh` or on an [2.8" LCD screen](http://amzn.to/1P0q1Fj).  This is accomplished via [`chronometer.sh`](https://github.com/pi-hole/pi-hole/blob/master/advanced/Scripts/chronometer.sh).
+![Pi-hole LCD](http://i.imgur.com/nBEqycp.jpg)
+
+## Help
+- See the [Wiki](https://github.com/pi-hole/pi-hole/wiki/Customization) entry for more details
+- There is also an [FAQ section on pi-hole.net](http://pi-hole.net)
 
 ## Other Operating Systems
 This script will work for other UNIX-like systems with some slight **modifications**.  As long as you can install `dnsmasq` and a Webserver, it should work OK.  The automated install only works for a clean install of Raspiban right now since that is how the project originated.
-
-[![Donate](https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif "AdminLTE Presentation")](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=3J2L3Z4DHW9UY "Donate")

adlists.default

@@ -0,0 +1,8 @@
+https://adaway.org/hosts.txt
+http://adblock.gjtech.net/?format=unix-hosts
+http://hosts-file.net/ad_servers.txt
+http://www.malwaredomainlist.com/hostslist/hosts.txt
+http://pgl.yoyo.org/adservers/serverlist.php?
+http://someonewhocares.org/hosts/hosts
+http://winhelp2002.mvps.org/hosts.txt
+http://mirror1.malwaredomains.com/files/justdomains

advanced/01-pihole.conf

@@ -0,0 +1,61 @@
+# Pi-hole: A black hole for Internet advertisements
+# (c) 2015, 2016 by Jacob Salmela
+# Network-wide ad blocking via your Raspberry Pi
+# http://pi-hole.net
+# dnsmasq config for Pi-hole
+#
+# Pi-hole is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 2 of the License, or
+# (at your option) any later version.
+
+# If you want dnsmasq to read another file, as well as /etc/hosts, use
+# this.
+addn-hosts=/etc/pihole/gravity.list
+
+# The following two options make you a better netizen, since they
+# tell dnsmasq to filter out queries which the public DNS cannot
+# answer, and which load the servers (especially the root servers)
+# unnecessarily. If you have a dial-on-demand link they also stop
+# these requests from bringing up the link unnecessarily.
+
+# Never forward plain names (without a dot or domain part)
+domain-needed
+# Never forward addresses in the non-routed address spaces.
+bogus-priv
+
+# If you don't want dnsmasq to read /etc/resolv.conf or any other
+# file, getting its servers from this file instead (see below), then
+# uncomment this.
+no-resolv
+
+# Add other name servers here, with domain specs if they are for
+# non-public domains.
+server=@DNS1@
+server=@DNS2@
+
+# If you want dnsmasq to listen for DHCP and DNS requests only on
+# specified interfaces (and the loopback) give the name of the
+# interface (eg eth0) here.
+interface=@INT@
+# Or which to listen on by address (remember to include 127.0.0.1 if
+# you use this.)
+listen-address=127.0.0.1
+
+# Set the cachesize here.
+cache-size=10000
+
+# For debugging purposes, log each DNS query as it passes through
+# dnsmasq.
+log-queries
+log-facility=/var/log/pihole.log
+
+# Normally responses which come from /etc/hosts and the DHCP lease
+# file have Time-To-Live set as zero, which conventionally means
+# do not cache further. If you are happy to trade lower load on the
+# server for potentially stale date, you can set a time-to-live (in
+# seconds) here.
+local-ttl=300
+
+# This allows it to continue functioning without being blocked by syslog, and allows syslog to use dnsmasq for DNS queries without risking deadlock
+log-async

advanced/Scripts/blacklist.sh

@@ -0,0 +1,194 @@
+#!/usr/bin/env bash
+# Pi-hole: A black hole for Internet advertisements
+# (c) 2015, 2016 by Jacob Salmela
+# Network-wide ad blocking via your Raspberry Pi
+# http://pi-hole.net
+# Blacklists domains
+#
+# Pi-hole is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 2 of the License, or
+# (at your option) any later version.
+
+if [[ $# = 0 ]]; then
+    echo "Immediately blacklists one or more domains in the hosts file"
+    echo " "
+    echo "Usage: blacklist.sh domain1 [domain2 ...]"
+    echo "  "
+    echo "Options:"
+    echo "  -d, --delmode		Remove domains from the blacklist"
+    echo "  -nr, --noreload	Update blacklist without refreshing dnsmasq"
+    echo "  -f, --force		Force updating of the hosts files, even if there are no changes"
+    echo "  -q, --quiet		output is less verbose"
+    exit 1
+fi
+
+#globals
+blacklist=/etc/pihole/blacklist.txt
+adList=/etc/pihole/gravity.list
+reload=true
+addmode=true
+force=false
+versbose=true
+domList=()
+domToRemoveList=()
+
+
+piholeIPfile=/tmp/piholeIP
+piholeIPv6file=/etc/pihole/.useIPv6
+
+# Otherwise, the IP address can be taken directly from the machine, which will happen when the script is run by the user and not the installation script
+IPv4dev=$(ip route get 8.8.8.8 | awk '{for(i=1;i<=NF;i++)if($i~/dev/)print $(i+1)}')
+piholeIPCIDR=$(ip -o -f inet addr show dev $IPv4dev | awk '{print $4}' | awk 'END {print}')
+piholeIP=${piholeIPCIDR%/*}
+
+modifyHost=false
+
+
+if [[ -f $piholeIPv6file ]];then
+    # If the file exists, then the user previously chose to use IPv6 in the automated installer
+    piholeIPv6=$(ip -6 route get 2001:4860:4860::8888 | awk -F " " '{ for(i=1;i<=NF;i++) if ($i == "src") print $(i+1) }')
+fi
+
+
+function HandleOther(){	
+  #check validity of domain
+	validDomain=$(echo $1 | perl -ne'print if /\b((?=[a-z0-9-]{1,63}\.)(xn--)?[a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,63}\b/')
+	
+	if [ -z "$validDomain" ]; then
+		echo $1 is not a valid argument or domain name
+	else	  
+	  domList=("${domList[@]}" $validDomain)
+	fi
+}
+
+function PopBlacklistFile(){
+	#check blacklist file exists, and if not, create it
+	if [[ ! -f $blacklist ]];then
+  	  touch $blacklist
+	fi	
+	for dom in "${domList[@]}"
+	do	  
+	  if $addmode; then
+	  	AddDomain $dom
+	  else
+	    RemoveDomain $dom
+	  fi
+	done
+}
+
+function AddDomain(){
+#| sed 's/\./\\./g'
+	bool=false
+	grep -Ex -q "$1" $blacklist || bool=true
+	if $bool; then
+	  #domain not found in the blacklist file, add it!
+	  if $versbose; then
+	  echo -n "::: Adding $1 to blacklist file..."
+	  fi
+		echo $1 >> $blacklist
+		modifyHost=true
+		echo " done!"
+	else
+	if $versbose; then
+		echo "::: $1 already exists in blacklist.txt! No need to add"
+		fi
+	fi
+}
+
+function RemoveDomain(){
+  
+  bool=false
+  grep -Ex -q "$1" $blacklist || bool=true
+  if $bool; then
+  	#Domain is not in the blacklist file, no need to Remove
+  	if $versbose; then
+  	echo "::: $1 is NOT blacklisted! No need to remove"
+  	fi
+  else
+    #Domain is in the blacklist file, add to a temporary array
+    if $versbose; then
+    echo "::: Un-blacklisting $dom..."
+    fi
+    domToRemoveList=("${domToRemoveList[@]}" $1)    
+    modifyHost=true	  	
+  fi  	
+}
+
+function ModifyHostFile(){	
+	 if $addmode; then
+	    #add domains to the hosts file
+	    if [[ -r $blacklist ]];then
+	      numberOf=$(cat $blacklist | sed '/^\s*$/d' | wc -l)
+        plural=; [[ "$numberOf" != "1" ]] && plural=s
+        echo ":::"
+        echo -n "::: Modifying HOSTS file to blacklist $numberOf domain${plural}..."	   		    
+	    	if [[ -n $piholeIPv6 ]];then	    	  
+	    	  cat $blacklist | awk -v ipv4addr="$piholeIP" -v ipv6addr="$piholeIPv6" '{sub(/\r$/,""); print ipv4addr" "$0"\n"ipv6addr" "$0}' >> $adList
+	      else	        
+	      	cat $blacklist | awk -v ipv4addr="$piholeIP" '{sub(/\r$/,""); print ipv4addr" "$0}' >>$adList
+	      fi		    
+		   
+	  	fi
+	  else
+		
+		echo ":::"
+	  for dom in "${domToRemoveList[@]}"
+		do	  
+	      #we need to remove the domains from the blacklist file and the host file	     
+				echo "::: $dom"
+				echo -n ":::    removing from HOSTS file..."
+	      echo $dom | sed 's/\./\\./g' | xargs -I {} perl -i -ne'print unless /[^.]'{}'(?!.)/;' $adList  
+	      echo " done!"
+	      echo -n ":::    removing from blackist.txt..."
+	      echo $dom | sed 's/\./\\./g' | xargs -I {} perl -i -ne'print unless /'{}'(?!.)/;' $blacklist
+	      echo " done!"
+		done	  
+		fi
+	  
+}
+
+function Reload() {
+	# Reload hosts file
+	echo ":::"
+	echo -n "::: Refresh lists in dnsmasq..."
+
+	dnsmasqPid=$(pidof dnsmasq)
+
+	if [[ $dnsmasqPid ]]; then
+		# service already running - reload config
+		sudo kill -HUP $dnsmasqPid
+	else
+		# service not running, start it up
+		sudo service dnsmasq start
+	fi
+	echo " done!"
+}
+
+###################################################
+
+for var in "$@"
+do
+  case "$var" in
+    "-nr"| "--noreload"  ) reload=false;;        			
+    "-d" | "--delmode"   ) addmode=false;;
+    "-f" | "--force"     ) force=true;;
+    "-q" | "--quiet"     ) versbose=false;;  			
+    *                    ) HandleOther $var;;
+  esac
+done
+
+PopBlacklistFile
+
+if $modifyHost || $force; then	
+	ModifyHostFile
+else
+  if $versbose; then
+	echo "::: No changes need to be made"
+	fi
+	exit 1
+fi
+
+if $reload; then
+	Reload
+fi

advanced/Scripts/chronometer.sh

@@ -1,8 +1,83 @@
-#!/bin/bash
-# Displays Pi-hole stats on the Adafruit PiTFT 2.8" touch screen
-# Set the pi user to log in automatically and run this script from /etc/profile
-for (( ; ; ))
-do
+#!/usr/bin/env bash
+# Pi-hole: A black hole for Internet advertisements
+# (c) 2015, 2016 by Jacob Salmela
+# Network-wide ad blocking via your Raspberry Pi
+# http://pi-hole.net
+# Calculates stats and displays to an LCD
+#
+# Pi-hole is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 2 of the License, or
+# (at your option) any later version.
+
+
+#Functions##############################################################################################################
+piLog="/var/log/pihole.log"
+gravity="/etc/pihole/gravity.list"
+
+today=$(date "+%b %e")
+
+function CalcBlockedDomains(){
+	CheckIPv6
+	if [ -e "$gravity" ]; then
+		#Are we IPV6 or IPV4?
+		if [[ -n $piholeIPv6 ]];then
+			#We are IPV6
+			blockedDomainsTotal=$(wc -l /etc/pihole/gravity.list | awk '{print $1/2}')
+		else
+			#We are IPV4
+			blockedDomainsTotal=$(wc -l /etc/pihole/gravity.list | awk '{print $1}')
+		fi
+	else
+		blockedDomainsTotal="Err."
+	fi
+}
+
+function CalcQueriesToday(){
+	if [ -e "$piLog" ];then
+		queriesToday=$(cat "$piLog" | grep "$today" | awk '/query/ {print $6}' | wc -l)
+	else
+		queriesToday="Err."
+	fi
+}
+
+function CalcblockedToday(){
+	if [ -e "$piLog" ] && [ -e "$gravity" ];then
+		blockedToday=$(cat $piLog | awk '/\/etc\/pihole\/gravity.list/ && !/address/ {print $6}' | wc -l)
+	else
+		blockedToday="Err."
+	fi
+}
+
+function CalcPercentBlockedToday(){
+	if [ "$queriesToday" != "Err." ] && [ "$blockedToday" != "Err." ]; then
+		#scale 2 rounds the number down, so we'll do scale 4 and then trim the last 2 zeros
+		percentBlockedToday=$(echo "scale=4; $blockedToday/$queriesToday*100" | bc)		
+		percentBlockedToday=$(sed 's/.\{2\}$//' <<< "$percentBlockedToday")		
+	fi
+}
+
+function CheckIPv6(){
+	piholeIPv6file="/etc/pihole/.useIPv6"
+	if [[ -f $piholeIPv6file ]];then
+	    # If the file exists, then the user previously chose to use IPv6 in the automated installer
+	    piholeIPv6=$(ip -6 route get 2001:4860:4860::8888 | awk -F " " '{ for(i=1;i<=NF;i++) if ($i == "src") print $(i+1) }')
+	fi
+}
+
+function outputJSON(){
+	CalcQueriesToday
+	CalcblockedToday
+	CalcPercentBlockedToday
+	
+	CalcBlockedDomains
+	
+	printf '{"domains_being_blocked":"%s","dns_queries_today":"%s","ads_blocked_today":"%s","ads_percentage_today":"%s"}\n' "$blockedDomainsTotal" "$queriesToday" "$blockedToday" "$percentBlockedToday"
+}
+
+function normalChrono(){
+	for (( ; ; ))
+	do
 		clear
 		# Displays a colorful Pi-hole logo
 		toilet -f small -F gay Pi-hole
@@ -13,16 +88,51 @@ do
 		# Uncomment to continually read the log file and display the current domain being blocked
 		#tail -f /var/log/pihole.log | awk '/\/etc\/pihole\/gravity.list/ {if ($7 != "address" && $7 != "name" && $7 != "/etc/pihole/gravity.list") print $7; else;}'
 		
-	today=$(date "+%b %e")
-	todaysQueryCount=$(cat /var/log/pihole.log | grep "$today" | awk '/query/ {print $7}' | wc -l)
-	todaysQueryCountV4=$(cat /var/log/pihole.log | grep "$today" | awk '/query/ && /\[A\]/ {print $7}' | wc -l)
-	todaysQueryCountV6=$(cat /var/log/pihole.log | grep "$today" | awk '/query/ && /\[AAAA\]/ {print $7}' | wc -l)
-	todaysAdsEliminated=$(cat /var/log/pihole.log | grep "$today" | awk '/\/etc\/pihole\/gravity.list/ {print $7}' | wc -l)
-	dividend=$(echo "$todaysAdsEliminated/$todaysQueryCount" | bc -l)
-	fp=$(echo "$dividend*100" | bc -l)
-	percentAds=$(echo ${fp:0:4})
+		#uncomment next 4 lines to use original query count calculation
+		#today=$(date "+%b %e")
+		#todaysQueryCount=$(cat /var/log/pihole.log | grep "$today" | awk '/query/ {print $7}' | wc -l)
+		#todaysQueryCountV4=$(cat /var/log/pihole.log | grep "$today" | awk '/query/ && /\[A\]/ {print $7}' | wc -l)
+		#todaysQueryCountV6=$(cat /var/log/pihole.log | grep "$today" | awk '/query/ && /\[AAAA\]/ {print $7}' | wc -l)
+				
+		
+		CalcQueriesToday
+		CalcblockedToday
+		CalcPercentBlockedToday
+		
+		CalcBlockedDomains
+		
+		echo "Blocking:      $blockedDomainsTotal"
+		#below commented line does not add up to todaysQueryCount
+		#echo "Queries:       $todaysQueryCountV4 / $todaysQueryCountV6"
+		echo "Queries:       $queriesToday" #same total calculation as dashboard
+	  echo "Pi-holed:      $blockedToday ($percentBlockedToday%)"
 		
-	echo "Queries:       $todaysQueryCountV4 / $todaysQueryCountV6"
-	echo "Pi-holed:      $todaysAdsEliminated  ($percentAds%)"
 		sleep 5
+	done
+}
+
+function displayHelp(){
+ echo "Displays stats about your piHole!"
+    echo " "
+    echo "Usage: chronometer.sh [optional:-j]"
+    echo "Note: If no option is passed, then stats are displayed on screen, updated every 5 seconds"
+    echo "  "
+    echo "Options:"
+    echo "  -j, --json		output stats as JSON formatted string"
+    echo "  -h, --help	display this help text"
+    
+    exit 1
+}
+
+if [[ $# = 0 ]]; then
+	normalChrono
+fi
+
+for var in "$@"
+do
+  case "$var" in
+    "-j" | "--json"  ) outputJSON;;
+    "-h" | "--help"  ) displayHelp;;        			
+    *                ) exit 1;;
+  esac
 done

advanced/Scripts/piholeLogFlush.sh

@@ -0,0 +1,13 @@
+#!/usr/bin/env bash
+# Pi-hole: A black hole for Internet advertisements
+# (c) 2015, 2016 by Jacob Salmela
+# Network-wide ad blocking via your Raspberry Pi
+# http://pi-hole.net
+# Flushes /var/log/pihole.log
+#
+# Pi-hole is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 2 of the License, or
+# (at your option) any later version.
+
+truncate -s 0 /var/log/pihole.log

advanced/Scripts/updateDashboard.sh

@@ -0,0 +1,69 @@
+#!/usr/bin/env bash
+# Pi-hole: A black hole for Internet advertisements
+# (c) 2015, 2016 by Jacob Salmela
+# Network-wide ad blocking via your Raspberry Pi
+# http://pi-hole.net
+# Updates the Pi-hole web interface
+#
+# Pi-hole is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 2 of the License, or
+# (at your option) any later version.
+
+WEB_INTERFACE_GIT_URL="https://github.com/pi-hole/AdminLTE.git"
+WEB_INTERFACE_DIR="/var/www/html/admin"
+
+main() {
+    prerequisites
+    if ! is_repo; then
+        make_repo
+    fi
+    update_repo
+}
+
+prerequisites() {
+
+    # must be root to update
+    if [[ $EUID -ne 0 ]]; then
+        sudo bash "$0" "$@"
+        exit $?
+    fi
+
+    # web interface must already exist. this is a (lazy)
+    # check to make sure pihole is actually installed.
+    if [ ! -d "$WEB_INTERFACE_DIR" ]; then
+        echo "$WEB_INTERFACE_DIR not found. Exiting."
+        exit 1
+    fi
+
+    if ! type "git" > /dev/null; then
+        apt-get -y install git
+    fi
+}
+
+is_repo() {
+    # if the web interface directory does not have a .git folder
+    # it means its using the master.zip archive from the install
+    # script.
+    if [ ! -d "$WEB_INTERFACE_DIR/.git" ]; then
+        return 1
+    fi
+    return 0
+}
+
+# removes the web interface installed from the master.zip archive and
+# replaces it with the current master branch from github
+make_repo() {
+    # remove the non-repod interface and clone the interface
+    rm -rf $WEB_INTERFACE_DIR
+    git clone "$WEB_INTERFACE_GIT_URL" "$WEB_INTERFACE_DIR"
+}
+
+# pulls the latest master branch from github
+update_repo() {
+    # pull the latest commits
+    cd "$WEB_INTERFACE_DIR"
+    git pull    
+}
+
+main

advanced/Scripts/whitelist.sh

@@ -1,13 +1,204 @@
-#!/bin/bash
-# For each argument passed to this script
+#!/usr/bin/env bash
+# Pi-hole: A black hole for Internet advertisements
+# (c) 2015, 2016 by Jacob Salmela
+# Network-wide ad blocking via your Raspberry Pi
+# http://pi-hole.net
+# Whitelists domains
+#
+# Pi-hole is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 2 of the License, or
+# (at your option) any later version.
+
+if [[ $# = 0 ]]; then
+    echo "Immediately whitelists one or more domains in the hosts file"
+    echo " "
+    echo "Usage: whitelist.sh domain1 [domain2 ...]"
+    echo "  "
+    echo "Options:"
+    echo "  -d, --delmode		Remove domains from the whitelist"
+    echo "  -nr, --noreload	Update Whitelist without refreshing dnsmasq"
+    echo "  -f, --force		Force updating of the hosts files, even if there are no changes"
+    echo "  -q, --quiet		output is less verbose"
+    exit 1
+fi
+
+#globals
+whitelist=/etc/pihole/whitelist.txt
+adList=/etc/pihole/gravity.list
+reload=true
+addmode=true
+force=false
+versbose=true
+domList=()
+domToRemoveList=()
+
+piholeIPfile=/tmp/piholeIP
+piholeIPv6file=/etc/pihole/.useIPv6
+
+# Otherwise, the IP address can be taken directly from the machine, which will happen when the script is run by the user and not the installation script
+IPv4dev=$(ip route get 8.8.8.8 | awk '{for(i=1;i<=NF;i++)if($i~/dev/)print $(i+1)}')
+piholeIPCIDR=$(ip -o -f inet addr show dev $IPv4dev | awk '{print $4}' | awk 'END {print}')
+piholeIP=${piholeIPCIDR%/*}
+
+modifyHost=false
+
+
+if [[ -f $piholeIPv6file ]];then
+    # If the file exists, then the user previously chose to use IPv6 in the automated installer
+    piholeIPv6=$(ip -6 route get 2001:4860:4860::8888 | awk -F " " '{ for(i=1;i<=NF;i++) if ($i == "src") print $(i+1) }')
+fi
+
+
+function HandleOther(){	
+  #check validity of domain
+	validDomain=$(echo $1 | perl -ne'print if /\b((?=[a-z0-9-]{1,63}\.)(xn--)?[a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,63}\b/')
+	
+	if [ -z "$validDomain" ]; then
+		echo "::: $1 is not a valid argument or domain name"
+	else	  
+	  domList=("${domList[@]}" $validDomain)
+	fi
+}
+
+function PopWhitelistFile(){
+	#check whitelist file exists, and if not, create it
+	if [[ ! -f $whitelist ]];then
+  	  touch $whitelist
+	fi	
+	for dom in "${domList[@]}"
+	do	  
+	  if $addmode; then
+	  	AddDomain $dom
+	  else
+	    RemoveDomain $dom
+	  fi
+	done
+}
+
+function AddDomain(){
+#| sed 's/\./\\./g'
+	bool=false
+	
+	grep -Ex -q "$1" $whitelist || bool=true
+	if $bool; then
+	  #domain not found in the whitelist file, add it!
+	  if $versbose; then
+		echo -n "::: Adding $1 to whitelist.txt..."
+	  fi
+	  echo $1 >> $whitelist
+		modifyHost=true
+		if $versbose; then
+	  	echo " done!"
+	  fi
+	else
+		if $versbose; then
+			echo "::: $1 already exists in whitelist.txt, no need to add!"
+		fi
+	fi
+}
+
+function RemoveDomain(){
+  
+  bool=false
+  grep -Ex -q "$1" $whitelist || bool=true
+  if $bool; then
+  	#Domain is not in the whitelist file, no need to Remove
+  	if $versbose; then
+  	echo "::: $1 is NOT whitelisted! No need to remove"
+  	fi
+  else
+    #Domain is in the whitelist file, add to a temporary array and remove from whitelist file
+    #if $versbose; then
+    #echo "::: Un-whitelisting $dom..."
+    #fi
+    domToRemoveList=("${domToRemoveList[@]}" $1)
+    modifyHost=true	  	
+  fi  	
+}
+
+function ModifyHostFile(){	
+	 if $addmode; then
+	    #remove domains in  from hosts file
+	    if [[ -r $whitelist ]];then
+        # Remove whitelist entries
+				numberOf=$(cat $whitelist | sed '/^\s*$/d' | wc -l)
+        plural=; [[ "$numberOf" != "1" ]] && plural=s
+        echo ":::"
+        echo -n "::: Modifying HOSTS file to whitelist $numberOf domain${plural}..."
+        awk -F':' '{print $1}' $whitelist | while read line; do echo "$piholeIP $line"; done > /etc/pihole/whitelist.tmp
+        awk -F':' '{print $1}' $whitelist | while read line; do echo "$piholeIPv6 $line"; done >> /etc/pihole/whitelist.tmp
+        echo "l" >> /etc/pihole/whitelist.tmp
+        grep -F -x -v -f /etc/pihole/whitelist.tmp /etc/pihole/gravity.list > /etc/pihole/gravity.tmp        
+        rm /etc/pihole/gravity.list
+        mv /etc/pihole/gravity.tmp /etc/pihole/gravity.list
+        rm /etc/pihole/whitelist.tmp
+        echo " done!"
+	  	  
+	  	fi
+	  else
+	    #we need to add the removed domains to the hosts file
+	    echo ":::"
+	    echo "::: Modifying HOSTS file to un-whitelist domains..."
+	    for rdom in "${domToRemoveList[@]}"
+	    do	      
+	    	if [[ -n $piholeIPv6 ]];then
+	    	  echo -n ":::    Un-whitelisting $rdom on IPv4 and IPv6..."
+	    	  echo $rdom | awk -v ipv4addr="$piholeIP" -v ipv6addr="$piholeIPv6" '{sub(/\r$/,""); print ipv4addr" "$0"\n"ipv6addr" "$0}' >> $adList
+	    	  echo " done!"
+	      else
+	        echo -n ":::    Un-whitelisting $rdom on IPv4"
+	      	echo $rdom | awk -v ipv4addr="$piholeIP" '{sub(/\r$/,""); print ipv4addr" "$0}' >>$adList
+	      	echo " done!"
+	      fi
+	      echo -n ":::        Removing $rdom from whitelist.txt..."
+	      echo $rdom| sed 's/\./\\./g' | xargs -I {} perl -i -ne'print unless /'{}'(?!.)/;' $whitelist
+	      echo " done!"
+	    done
+	  fi	
+}
+
+function Reload() {
+	# Reload hosts file
+	echo ":::"
+	echo -n "::: Refresh lists in dnsmasq..."
+	dnsmasqPid=$(pidof dnsmasq)
+
+	if [[ $dnsmasqPid ]]; then
+		# service already running - reload config
+		sudo kill -HUP $dnsmasqPid
+	else
+		# service not running, start it up
+		sudo service dnsmasq start
+	fi
+	echo " done!"
+}
+
+###################################################
+
 for var in "$@"
 do
-        echo "Whitelisting $var..."
-        # Use sed to search for the domain in /etc/pihole/gravity.list and remove it using an in-place edit
-        sed -i "/$var/d" /etc/pihole/gravity.list
-        # Also add the domain to the whitelist.txt in /etc/pihole
-        echo "$var" >> /etc/pihole/whitelist.txt
+  case "$var" in
+    "-nr"| "--noreload"  ) reload=false;;        			
+    "-d" | "--delmode"   ) addmode=false;;
+    "-f" | "--force"     ) force=true;;
+    "-q" | "--quiet"     ) versbose=false;;  			
+    *                    ) HandleOther $var;;
+  esac
 done
-echo "** $# domain(s) whitelisted."
-# Force dnsmasq to reload /etc/pihole/gravity.list
-kill -HUP $(pidof dnsmasq)
+
+PopWhitelistFile
+
+if $modifyHost || $force; then
+	 ModifyHostFile
+else
+  if $versbose; then
+  echo ":::"
+	echo "::: No changes need to be made"
+	exit 1
+	fi
+fi
+
+if $reload; then
+	Reload
+fi

advanced/dnsmasq.conf

@@ -1,12 +0,0 @@
-addn-hosts=/etc/pihole/gravity.list
-domain-needed
-bogus-priv
-no-resolv
-server=8.8.8.8
-server=8.8.4.4
-interface=eth0
-listen-address=127.0.0.1
-cache-size=10000
-log-queries
-log-facility=/var/log/pihole.log
-local-ttl=300

advanced/dnsmasq.conf.original

@@ -0,0 +1,648 @@
+# Configuration file for dnsmasq.
+#
+# Format is one option per line, legal options are the same
+# as the long options legal on the command line. See
+# "/usr/sbin/dnsmasq --help" or "man 8 dnsmasq" for details.
+
+# Listen on this specific port instead of the standard DNS port
+# (53). Setting this to zero completely disables DNS function,
+# leaving only DHCP and/or TFTP.
+#port=5353
+
+# The following two options make you a better netizen, since they
+# tell dnsmasq to filter out queries which the public DNS cannot
+# answer, and which load the servers (especially the root servers)
+# unnecessarily. If you have a dial-on-demand link they also stop
+# these requests from bringing up the link unnecessarily.
+
+# Never forward plain names (without a dot or domain part)
+#domain-needed
+# Never forward addresses in the non-routed address spaces.
+#bogus-priv
+
+# Uncomment these to enable DNSSEC validation and caching:
+# (Requires dnsmasq to be built with DNSSEC option.)
+#conf-file=%%PREFIX%%/share/dnsmasq/trust-anchors.conf
+#dnssec
+
+# Replies which are not DNSSEC signed may be legitimate, because the domain
+# is unsigned, or may be forgeries. Setting this option tells dnsmasq to
+# check that an unsigned reply is OK, by finding a secure proof that a DS 
+# record somewhere between the root and the domain does not exist. 
+# The cost of setting this is that even queries in unsigned domains will need
+# one or more extra DNS queries to verify.
+#dnssec-check-unsigned
+
+# Uncomment this to filter useless windows-originated DNS requests
+# which can trigger dial-on-demand links needlessly.
+# Note that (amongst other things) this blocks all SRV requests,
+# so don't use it if you use eg Kerberos, SIP, XMMP or Google-talk.
+# This option only affects forwarding, SRV records originating for
+# dnsmasq (via srv-host= lines) are not suppressed by it.
+#filterwin2k
+
+# Change this line if you want dns to get its upstream servers from
+# somewhere other that /etc/resolv.conf
+#resolv-file=
+
+# By  default,  dnsmasq  will  send queries to any of the upstream
+# servers it knows about and tries to favour servers to are  known
+# to  be  up.  Uncommenting this forces dnsmasq to try each query
+# with  each  server  strictly  in  the  order  they   appear   in
+# /etc/resolv.conf
+#strict-order
+
+# If you don't want dnsmasq to read /etc/resolv.conf or any other
+# file, getting its servers from this file instead (see below), then
+# uncomment this.
+#no-resolv
+
+# If you don't want dnsmasq to poll /etc/resolv.conf or other resolv
+# files for changes and re-read them then uncomment this.
+#no-poll
+
+# Add other name servers here, with domain specs if they are for
+# non-public domains.
+#server=/localnet/192.168.0.1
+
+# Example of routing PTR queries to nameservers: this will send all
+# address->name queries for 192.168.3/24 to nameserver 10.1.2.3
+#server=/3.168.192.in-addr.arpa/10.1.2.3
+
+# Add local-only domains here, queries in these domains are answered
+# from /etc/hosts or DHCP only.
+#local=/localnet/
+
+# Add domains which you want to force to an IP address here.
+# The example below send any host in double-click.net to a local
+# web-server.
+#address=/double-click.net/127.0.0.1
+
+# --address (and --server) work with IPv6 addresses too.
+#address=/www.thekelleys.org.uk/fe80::20d:60ff:fe36:f83
+
+# Add the IPs of all queries to yahoo.com, google.com, and their
+# subdomains to the vpn and search ipsets:
+#ipset=/yahoo.com/google.com/vpn,search
+
+# You can control how dnsmasq talks to a server: this forces
+# queries to 10.1.2.3 to be routed via eth1
+# server=10.1.2.3@eth1
+
+# and this sets the source (ie local) address used to talk to
+# 10.1.2.3 to 192.168.1.1 port 55 (there must be a interface with that
+# IP on the machine, obviously).
+# server=10.1.2.3@192.168.1.1#55
+
+# If you want dnsmasq to change uid and gid to something other
+# than the default, edit the following lines.
+#user=
+#group=
+
+# If you want dnsmasq to listen for DHCP and DNS requests only on
+# specified interfaces (and the loopback) give the name of the
+# interface (eg eth0) here.
+# Repeat the line for more than one interface.
+#interface=
+# Or you can specify which interface _not_ to listen on
+#except-interface=
+# Or which to listen on by address (remember to include 127.0.0.1 if
+# you use this.)
+#listen-address=
+# If you want dnsmasq to provide only DNS service on an interface,
+# configure it as shown above, and then use the following line to
+# disable DHCP and TFTP on it.
+#no-dhcp-interface=
+
+# On systems which support it, dnsmasq binds the wildcard address,
+# even when it is listening on only some interfaces. It then discards
+# requests that it shouldn't reply to. This has the advantage of
+# working even when interfaces come and go and change address. If you
+# want dnsmasq to really bind only the interfaces it is listening on,
+# uncomment this option. About the only time you may need this is when
+# running another nameserver on the same machine.
+#bind-interfaces
+
+# If you don't want dnsmasq to read /etc/hosts, uncomment the
+# following line.
+#no-hosts
+# or if you want it to read another file, as well as /etc/hosts, use
+# this.
+#addn-hosts=/etc/banner_add_hosts
+
+# Set this (and domain: see below) if you want to have a domain
+# automatically added to simple names in a hosts-file.
+#expand-hosts
+
+# Set the domain for dnsmasq. this is optional, but if it is set, it
+# does the following things.
+# 1) Allows DHCP hosts to have fully qualified domain names, as long
+#     as the domain part matches this setting.
+# 2) Sets the "domain" DHCP option thereby potentially setting the
+#    domain of all systems configured by DHCP
+# 3) Provides the domain part for "expand-hosts"
+#domain=thekelleys.org.uk
+
+# Set a different domain for a particular subnet
+#domain=wireless.thekelleys.org.uk,192.168.2.0/24
+
+# Same idea, but range rather then subnet
+#domain=reserved.thekelleys.org.uk,192.68.3.100,192.168.3.200
+
+# Uncomment this to enable the integrated DHCP server, you need
+# to supply the range of addresses available for lease and optionally
+# a lease time. If you have more than one network, you will need to
+# repeat this for each network on which you want to supply DHCP
+# service.
+#dhcp-range=192.168.0.50,192.168.0.150,12h
+
+# This is an example of a DHCP range where the netmask is given. This
+# is needed for networks we reach the dnsmasq DHCP server via a relay
+# agent. If you don't know what a DHCP relay agent is, you probably
+# don't need to worry about this.
+#dhcp-range=192.168.0.50,192.168.0.150,255.255.255.0,12h
+
+# This is an example of a DHCP range which sets a tag, so that
+# some DHCP options may be set only for this network.
+#dhcp-range=set:red,192.168.0.50,192.168.0.150
+
+# Use this DHCP range only when the tag "green" is set.
+#dhcp-range=tag:green,192.168.0.50,192.168.0.150,12h
+
+# Specify a subnet which can't be used for dynamic address allocation,
+# is available for hosts with matching --dhcp-host lines. Note that
+# dhcp-host declarations will be ignored unless there is a dhcp-range
+# of some type for the subnet in question.
+# In this case the netmask is implied (it comes from the network
+# configuration on the machine running dnsmasq) it is possible to give
+# an explicit netmask instead.
+#dhcp-range=192.168.0.0,static
+
+# Enable DHCPv6. Note that the prefix-length does not need to be specified
+# and defaults to 64 if missing/
+#dhcp-range=1234::2, 1234::500, 64, 12h
+
+# Do Router Advertisements, BUT NOT DHCP for this subnet.
+#dhcp-range=1234::, ra-only 
+
+# Do Router Advertisements, BUT NOT DHCP for this subnet, also try and
+# add names to the DNS for the IPv6 address of SLAAC-configured dual-stack 
+# hosts. Use the DHCPv4 lease to derive the name, network segment and 
+# MAC address and assume that the host will also have an
+# IPv6 address calculated using the SLAAC alogrithm.
+#dhcp-range=1234::, ra-names
+
+# Do Router Advertisements, BUT NOT DHCP for this subnet.
+# Set the lifetime to 46 hours. (Note: minimum lifetime is 2 hours.)
+#dhcp-range=1234::, ra-only, 48h
+
+# Do DHCP and Router Advertisements for this subnet. Set the A bit in the RA
+# so that clients can use SLAAC addresses as well as DHCP ones.
+#dhcp-range=1234::2, 1234::500, slaac
+
+# Do Router Advertisements and stateless DHCP for this subnet. Clients will
+# not get addresses from DHCP, but they will get other configuration information.
+# They will use SLAAC for addresses.
+#dhcp-range=1234::, ra-stateless
+
+# Do stateless DHCP, SLAAC, and generate DNS names for SLAAC addresses
+# from DHCPv4 leases.
+#dhcp-range=1234::, ra-stateless, ra-names
+
+# Do router advertisements for all subnets where we're doing DHCPv6
+# Unless overriden by ra-stateless, ra-names, et al, the router 
+# advertisements will have the M and O bits set, so that the clients
+# get addresses and configuration from DHCPv6, and the A bit reset, so the 
+# clients don't use SLAAC addresses.
+#enable-ra
+
+# Supply parameters for specified hosts using DHCP. There are lots
+# of valid alternatives, so we will give examples of each. Note that
+# IP addresses DO NOT have to be in the range given above, they just
+# need to be on the same network. The order of the parameters in these
+# do not matter, it's permissible to give name, address and MAC in any
+# order.
+
+# Always allocate the host with Ethernet address 11:22:33:44:55:66
+# The IP address 192.168.0.60
+#dhcp-host=11:22:33:44:55:66,192.168.0.60
+
+# Always set the name of the host with hardware address
+# 11:22:33:44:55:66 to be "fred"
+#dhcp-host=11:22:33:44:55:66,fred
+
+# Always give the host with Ethernet address 11:22:33:44:55:66
+# the name fred and IP address 192.168.0.60 and lease time 45 minutes
+#dhcp-host=11:22:33:44:55:66,fred,192.168.0.60,45m
+
+# Give a host with Ethernet address 11:22:33:44:55:66 or
+# 12:34:56:78:90:12 the IP address 192.168.0.60. Dnsmasq will assume
+# that these two Ethernet interfaces will never be in use at the same
+# time, and give the IP address to the second, even if it is already
+# in use by the first. Useful for laptops with wired and wireless
+# addresses.
+#dhcp-host=11:22:33:44:55:66,12:34:56:78:90:12,192.168.0.60
+
+# Give the machine which says its name is "bert" IP address
+# 192.168.0.70 and an infinite lease
+#dhcp-host=bert,192.168.0.70,infinite
+
+# Always give the host with client identifier 01:02:02:04
+# the IP address 192.168.0.60
+#dhcp-host=id:01:02:02:04,192.168.0.60
+
+# Always give the host with client identifier "marjorie"
+# the IP address 192.168.0.60
+#dhcp-host=id:marjorie,192.168.0.60
+
+# Enable the address given for "judge" in /etc/hosts
+# to be given to a machine presenting the name "judge" when
+# it asks for a DHCP lease.
+#dhcp-host=judge
+
+# Never offer DHCP service to a machine whose Ethernet
+# address is 11:22:33:44:55:66
+#dhcp-host=11:22:33:44:55:66,ignore
+
+# Ignore any client-id presented by the machine with Ethernet
+# address 11:22:33:44:55:66. This is useful to prevent a machine
+# being treated differently when running under different OS's or
+# between PXE boot and OS boot.
+#dhcp-host=11:22:33:44:55:66,id:*
+
+# Send extra options which are tagged as "red" to
+# the machine with Ethernet address 11:22:33:44:55:66
+#dhcp-host=11:22:33:44:55:66,set:red
+
+# Send extra options which are tagged as "red" to
+# any machine with Ethernet address starting 11:22:33:
+#dhcp-host=11:22:33:*:*:*,set:red
+
+# Give a fixed IPv6 address and name to client with       
+# DUID 00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2
+# Note the MAC addresses CANNOT be used to identify DHCPv6 clients.
+# Note also the they [] around the IPv6 address are obilgatory.
+#dhcp-host=id:00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2, fred, [1234::5] 
+
+# Ignore any clients which are not specified in dhcp-host lines
+# or /etc/ethers. Equivalent to ISC "deny unknown-clients".
+# This relies on the special "known" tag which is set when
+# a host is matched.
+#dhcp-ignore=tag:!known
+
+# Send extra options which are tagged as "red" to any machine whose
+# DHCP vendorclass string includes the substring "Linux"
+#dhcp-vendorclass=set:red,Linux
+
+# Send extra options which are tagged as "red" to any machine one
+# of whose DHCP userclass strings includes the substring "accounts"
+#dhcp-userclass=set:red,accounts
+
+# Send extra options which are tagged as "red" to any machine whose
+# MAC address matches the pattern.
+#dhcp-mac=set:red,00:60:8C:*:*:*
+
+# If this line is uncommented, dnsmasq will read /etc/ethers and act
+# on the ethernet-address/IP pairs found there just as if they had
+# been given as --dhcp-host options. Useful if you keep
+# MAC-address/host mappings there for other purposes.
+#read-ethers
+
+# Send options to hosts which ask for a DHCP lease.
+# See RFC 2132 for details of available options.
+# Common options can be given to dnsmasq by name:
+# run "dnsmasq --help dhcp" to get a list.
+# Note that all the common settings, such as netmask and
+# broadcast address, DNS server and default route, are given
+# sane defaults by dnsmasq. You very likely will not need
+# any dhcp-options. If you use Windows clients and Samba, there
+# are some options which are recommended, they are detailed at the
+# end of this section.
+
+# Override the default route supplied by dnsmasq, which assumes the
+# router is the same machine as the one running dnsmasq.
+#dhcp-option=3,1.2.3.4
+
+# Do the same thing, but using the option name
+#dhcp-option=option:router,1.2.3.4
+
+# Override the default route supplied by dnsmasq and send no default
+# route at all. Note that this only works for the options sent by
+# default (1, 3, 6, 12, 28) the same line will send a zero-length option
+# for all other option numbers.
+#dhcp-option=3
+
+# Set the NTP time server addresses to 192.168.0.4 and 10.10.0.5
+#dhcp-option=option:ntp-server,192.168.0.4,10.10.0.5
+
+# Send DHCPv6 option. Note [] around IPv6 addresses.
+#dhcp-option=option6:dns-server,[1234::77],[1234::88]
+
+# Send DHCPv6 option for namservers as the machine running 
+# dnsmasq and another.
+#dhcp-option=option6:dns-server,[::],[1234::88]
+
+# Ask client to poll for option changes every six hours. (RFC4242)
+#dhcp-option=option6:information-refresh-time,6h
+
+# Set the NTP time server address to be the same machine as
+# is running dnsmasq
+#dhcp-option=42,0.0.0.0
+
+# Set the NIS domain name to "welly"
+#dhcp-option=40,welly
+
+# Set the default time-to-live to 50
+#dhcp-option=23,50
+
+# Set the "all subnets are local" flag
+#dhcp-option=27,1
+
+# Send the etherboot magic flag and then etherboot options (a string).
+#dhcp-option=128,e4:45:74:68:00:00
+#dhcp-option=129,NIC=eepro100
+
+# Specify an option which will only be sent to the "red" network
+# (see dhcp-range for the declaration of the "red" network)
+# Note that the tag: part must precede the option: part.
+#dhcp-option = tag:red, option:ntp-server, 192.168.1.1
+
+# The following DHCP options set up dnsmasq in the same way as is specified
+# for the ISC dhcpcd in
+# http://www.samba.org/samba/ftp/docs/textdocs/DHCP-Server-Configuration.txt
+# adapted for a typical dnsmasq installation where the host running
+# dnsmasq is also the host running samba.
+# you may want to uncomment some or all of them if you use
+# Windows clients and Samba.
+#dhcp-option=19,0           # option ip-forwarding off
+#dhcp-option=44,0.0.0.0     # set netbios-over-TCP/IP nameserver(s) aka WINS server(s)
+#dhcp-option=45,0.0.0.0     # netbios datagram distribution server
+#dhcp-option=46,8           # netbios node type
+
+# Send an empty WPAD option. This may be REQUIRED to get windows 7 to behave.
+#dhcp-option=252,"\n"
+
+# Send RFC-3397 DNS domain search DHCP option. WARNING: Your DHCP client
+# probably doesn't support this......
+#dhcp-option=option:domain-search,eng.apple.com,marketing.apple.com
+
+# Send RFC-3442 classless static routes (note the netmask encoding)
+#dhcp-option=121,192.168.1.0/24,1.2.3.4,10.0.0.0/8,5.6.7.8
+
+# Send vendor-class specific options encapsulated in DHCP option 43.
+# The meaning of the options is defined by the vendor-class so
+# options are sent only when the client supplied vendor class
+# matches the class given here. (A substring match is OK, so "MSFT"
+# matches "MSFT" and "MSFT 5.0"). This example sets the
+# mtftp address to 0.0.0.0 for PXEClients.
+#dhcp-option=vendor:PXEClient,1,0.0.0.0
+
+# Send microsoft-specific option to tell windows to release the DHCP lease
+# when it shuts down. Note the "i" flag, to tell dnsmasq to send the
+# value as a four-byte integer - that's what microsoft wants. See
+# http://technet2.microsoft.com/WindowsServer/en/library/a70f1bb7-d2d4-49f0-96d6-4b7414ecfaae1033.mspx?mfr=true
+#dhcp-option=vendor:MSFT,2,1i
+
+# Send the Encapsulated-vendor-class ID needed by some configurations of
+# Etherboot to allow is to recognise the DHCP server.
+#dhcp-option=vendor:Etherboot,60,"Etherboot"
+
+# Send options to PXELinux. Note that we need to send the options even
+# though they don't appear in the parameter request list, so we need
+# to use dhcp-option-force here.
+# See http://syslinux.zytor.com/pxe.php#special for details.
+# Magic number - needed before anything else is recognised
+#dhcp-option-force=208,f1:00:74:7e
+# Configuration file name
+#dhcp-option-force=209,configs/common
+# Path prefix
+#dhcp-option-force=210,/tftpboot/pxelinux/files/
+# Reboot time. (Note 'i' to send 32-bit value)
+#dhcp-option-force=211,30i
+
+# Set the boot filename for netboot/PXE. You will only need
+# this is you want to boot machines over the network and you will need
+# a TFTP server; either dnsmasq's built in TFTP server or an
+# external one. (See below for how to enable the TFTP server.)
+#dhcp-boot=pxelinux.0
+
+# The same as above, but use custom tftp-server instead machine running dnsmasq
+#dhcp-boot=pxelinux,server.name,192.168.1.100
+
+# Boot for Etherboot gPXE. The idea is to send two different
+# filenames, the first loads gPXE, and the second tells gPXE what to
+# load. The dhcp-match sets the gpxe tag for requests from gPXE.
+#dhcp-match=set:gpxe,175 # gPXE sends a 175 option.
+#dhcp-boot=tag:!gpxe,undionly.kpxe
+#dhcp-boot=mybootimage
+
+# Encapsulated options for Etherboot gPXE. All the options are
+# encapsulated within option 175
+#dhcp-option=encap:175, 1, 5b         # priority code
+#dhcp-option=encap:175, 176, 1b       # no-proxydhcp
+#dhcp-option=encap:175, 177, string   # bus-id
+#dhcp-option=encap:175, 189, 1b       # BIOS drive code
+#dhcp-option=encap:175, 190, user     # iSCSI username
+#dhcp-option=encap:175, 191, pass     # iSCSI password
+
+# Test for the architecture of a netboot client. PXE clients are
+# supposed to send their architecture as option 93. (See RFC 4578)
+#dhcp-match=peecees, option:client-arch, 0 #x86-32
+#dhcp-match=itanics, option:client-arch, 2 #IA64
+#dhcp-match=hammers, option:client-arch, 6 #x86-64
+#dhcp-match=mactels, option:client-arch, 7 #EFI x86-64
+
+# Do real PXE, rather than just booting a single file, this is an
+# alternative to dhcp-boot.
+#pxe-prompt="What system shall I netboot?"
+# or with timeout before first available action is taken:
+#pxe-prompt="Press F8 for menu.", 60
+
+# Available boot services. for PXE.
+#pxe-service=x86PC, "Boot from local disk"
+
+# Loads <tftp-root>/pxelinux.0 from dnsmasq TFTP server.
+#pxe-service=x86PC, "Install Linux", pxelinux
+
+# Loads <tftp-root>/pxelinux.0 from TFTP server at 1.2.3.4.
+# Beware this fails on old PXE ROMS.
+#pxe-service=x86PC, "Install Linux", pxelinux, 1.2.3.4
+
+# Use bootserver on network, found my multicast or broadcast.
+#pxe-service=x86PC, "Install windows from RIS server", 1
+
+# Use bootserver at a known IP address.
+#pxe-service=x86PC, "Install windows from RIS server", 1, 1.2.3.4
+
+# If you have multicast-FTP available,
+# information for that can be passed in a similar way using options 1
+# to 5. See page 19 of
+# http://download.intel.com/design/archives/wfm/downloads/pxespec.pdf
+
+
+# Enable dnsmasq's built-in TFTP server
+#enable-tftp
+
+# Set the root directory for files available via FTP.
+#tftp-root=/var/ftpd
+
+# Make the TFTP server more secure: with this set, only files owned by
+# the user dnsmasq is running as will be send over the net.
+#tftp-secure
+
+# This option stops dnsmasq from negotiating a larger blocksize for TFTP
+# transfers. It will slow things down, but may rescue some broken TFTP
+# clients.
+#tftp-no-blocksize
+
+# Set the boot file name only when the "red" tag is set.
+#dhcp-boot=tag:red,pxelinux.red-net
+
+# An example of dhcp-boot with an external TFTP server: the name and IP
+# address of the server are given after the filename.
+# Can fail with old PXE ROMS. Overridden by --pxe-service.
+#dhcp-boot=/var/ftpd/pxelinux.0,boothost,192.168.0.3
+
+# If there are multiple external tftp servers having a same name
+# (using /etc/hosts) then that name can be specified as the
+# tftp_servername (the third option to dhcp-boot) and in that
+# case dnsmasq resolves this name and returns the resultant IP
+# addresses in round robin fasion. This facility can be used to
+# load balance the tftp load among a set of servers.
+#dhcp-boot=/var/ftpd/pxelinux.0,boothost,tftp_server_name
+
+# Set the limit on DHCP leases, the default is 150
+#dhcp-lease-max=150
+
+# The DHCP server needs somewhere on disk to keep its lease database.
+# This defaults to a sane location, but if you want to change it, use
+# the line below.
+#dhcp-leasefile=/var/lib/misc/dnsmasq.leases
+
+# Set the DHCP server to authoritative mode. In this mode it will barge in
+# and take over the lease for any client which broadcasts on the network,
+# whether it has a record of the lease or not. This avoids long timeouts
+# when a machine wakes up on a new network. DO NOT enable this if there's
+# the slightest chance that you might end up accidentally configuring a DHCP
+# server for your campus/company accidentally. The ISC server uses
+# the same option, and this URL provides more information:
+# http://www.isc.org/files/auth.html
+#dhcp-authoritative
+
+# Run an executable when a DHCP lease is created or destroyed.
+# The arguments sent to the script are "add" or "del",
+# then the MAC address, the IP address and finally the hostname
+# if there is one.
+#dhcp-script=/bin/echo
+
+# Set the cachesize here.
+#cache-size=150
+
+# If you want to disable negative caching, uncomment this.
+#no-negcache
+
+# Normally responses which come from /etc/hosts and the DHCP lease
+# file have Time-To-Live set as zero, which conventionally means
+# do not cache further. If you are happy to trade lower load on the
+# server for potentially stale date, you can set a time-to-live (in
+# seconds) here.
+#local-ttl=
+
+# If you want dnsmasq to detect attempts by Verisign to send queries
+# to unregistered .com and .net hosts to its sitefinder service and
+# have dnsmasq instead return the correct NXDOMAIN response, uncomment
+# this line. You can add similar lines to do the same for other
+# registries which have implemented wildcard A records.
+#bogus-nxdomain=64.94.110.11
+
+# If you want to fix up DNS results from upstream servers, use the
+# alias option. This only works for IPv4.
+# This alias makes a result of 1.2.3.4 appear as 5.6.7.8
+#alias=1.2.3.4,5.6.7.8
+# and this maps 1.2.3.x to 5.6.7.x
+#alias=1.2.3.0,5.6.7.0,255.255.255.0
+# and this maps 192.168.0.10->192.168.0.40 to 10.0.0.10->10.0.0.40
+#alias=192.168.0.10-192.168.0.40,10.0.0.0,255.255.255.0
+
+# Change these lines if you want dnsmasq to serve MX records.
+
+# Return an MX record named "maildomain.com" with target
+# servermachine.com and preference 50
+#mx-host=maildomain.com,servermachine.com,50
+
+# Set the default target for MX records created using the localmx option.
+#mx-target=servermachine.com
+
+# Return an MX record pointing to the mx-target for all local
+# machines.
+#localmx
+
+# Return an MX record pointing to itself for all local machines.
+#selfmx
+
+# Change the following lines if you want dnsmasq to serve SRV
+# records.  These are useful if you want to serve ldap requests for
+# Active Directory and other windows-originated DNS requests.
+# See RFC 2782.
+# You may add multiple srv-host lines.
+# The fields are <name>,<target>,<port>,<priority>,<weight>
+# If the domain part if missing from the name (so that is just has the
+# service and protocol sections) then the domain given by the domain=
+# config option is used. (Note that expand-hosts does not need to be
+# set for this to work.)
+
+# A SRV record sending LDAP for the example.com domain to
+# ldapserver.example.com port 389
+#srv-host=_ldap._tcp.example.com,ldapserver.example.com,389
+
+# A SRV record sending LDAP for the example.com domain to
+# ldapserver.example.com port 389 (using domain=)
+#domain=example.com
+#srv-host=_ldap._tcp,ldapserver.example.com,389
+
+# Two SRV records for LDAP, each with different priorities
+#srv-host=_ldap._tcp.example.com,ldapserver.example.com,389,1
+#srv-host=_ldap._tcp.example.com,ldapserver.example.com,389,2
+
+# A SRV record indicating that there is no LDAP server for the domain
+# example.com
+#srv-host=_ldap._tcp.example.com
+
+# The following line shows how to make dnsmasq serve an arbitrary PTR
+# record. This is useful for DNS-SD. (Note that the
+# domain-name expansion done for SRV records _does_not
+# occur for PTR records.)
+#ptr-record=_http._tcp.dns-sd-services,"New Employee Page._http._tcp.dns-sd-services"
+
+# Change the following lines to enable dnsmasq to serve TXT records.
+# These are used for things like SPF and zeroconf. (Note that the
+# domain-name expansion done for SRV records _does_not
+# occur for TXT records.)
+
+#Example SPF.
+#txt-record=example.com,"v=spf1 a -all"
+
+#Example zeroconf
+#txt-record=_http._tcp.example.com,name=value,paper=A4
+
+# Provide an alias for a "local" DNS name. Note that this _only_ works
+# for targets which are names from DHCP or /etc/hosts. Give host
+# "bert" another name, bertrand
+#cname=bertand,bert
+
+# For debugging purposes, log each DNS query as it passes through
+# dnsmasq.
+#log-queries
+
+# Log lots of extra information about DHCP transactions.
+#log-dhcp
+
+# Include another lot of configuration options.
+#conf-file=/etc/dnsmasq.more.conf
+#conf-dir=/etc/dnsmasq.d
+
+# Include all the files in a directory except those ending in .bak
+#conf-dir=/etc/dnsmasq.d,.bak
+
+# Include all files in a directory which end in .conf
+#conf-dir=/etc/dnsmasq.d/*.conf 

advanced/dphys-swapfile

@@ -0,0 +1,12 @@
+# Pi-hole: A black hole for Internet advertisements
+# (c) 2015, 2016 by Jacob Salmela
+# Network-wide ad blocking via your Raspberry Pi
+# http://pi-hole.net
+# Swap file config
+#
+# Pi-hole is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 2 of the License, or
+# (at your option) any later version.
+
+CONF_SWAPSIZE=500

advanced/lighttpd.conf

@@ -1,17 +1,34 @@
+# Pi-hole: A black hole for Internet advertisements
+# (c) 2015, 2016 by Jacob Salmela
+# Network-wide ad blocking via your Raspberry Pi
+# http://pi-hole.net
+# lighttpd config for Pi-hole
+#
+# Pi-hole is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 2 of the License, or
+# (at your option) any later version.
+
 server.modules = (
+	"mod_access",
+	"mod_accesslog",
 	"mod_expire",
 	"mod_compress",
  	"mod_redirect",
+	"mod_setenv",
 	"mod_rewrite"
 )
 
-server.document-root        = "/var/www"
+server.document-root        = "/var/www/html"
+server.error-handler-404	= "pihole/index.html"
 server.upload-dirs          = ( "/var/cache/lighttpd/uploads" )
 server.errorlog             = "/var/log/lighttpd/error.log"
 server.pid-file             = "/var/run/lighttpd.pid"
 server.username             = "www-data"
 server.groupname            = "www-data"
 server.port                 = 80
+accesslog.filename			= "/var/log/lighttpd/access.log"
+accesslog.format			= "%{%s}t|%V|%r|%s|%b"
 
 
 index-file.names            = ( "index.php", "index.html", "index.lighttpd.html" )
@@ -26,13 +43,14 @@ include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
 include_shell "/usr/share/lighttpd/create-mime.assign.pl"
 include_shell "/usr/share/lighttpd/include-conf-enabled.pl"
 
-# Set access to 1 day for better query performance when the list gets so large
-# http://jacobsalmela.com/raspberry-pi-block-ads-adtrap/#comment-2013820434
-$HTTP["url"] =~ "^/pihole/" {
-        expire.url = ("" => "access plus 1 days")
+# If the URL starts with /admin, it is the Web interface
+$HTTP["url"] =~ "^/admin/" {
+	# Create a response header for debugging using curl -I
+	setenv.add-response-header = ( "X-Pi-hole" => "The Pi-hole Web interface is working!" )
 }
 
-# Rewrites all URLs to the /var/www/pihole/index.html
-$HTTP["host"] =~ ".*" {
-     url.rewrite = (".*" => "pihole/index.html")
+# If the URL does not start with /admin, then it is a query for an ad domain
+$HTTP["url"] =~ "^(?!/admin)/.*" {
+	# Create a response header for debugging using curl -I
+	setenv.add-response-header = ( "X-Pi-hole" => "A black hole for Internet advertisements." )
 }

advanced/pihole.cron

@@ -0,0 +1,26 @@
+# Pi-hole: A black hole for Internet advertisements
+# (c) 2015, 2016 by Jacob Salmela
+# Network-wide ad blocking via your Raspberry Pi
+# http://pi-hole.net
+# Updates ad sources every week
+#
+# Pi-hole is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 2 of the License, or
+# (at your option) any later version.
+
+# Pi-hole: Update the ad sources once a week on Sunday at 01:59
+#          Download any updates from the ad lists
+59 1    * * 7   root    /usr/local/bin/gravity.sh
+
+# Pi-hole: Update the Web interface shortly after gravity runs
+#          This should also update the version number if it is changed in the dashboard repo
+30 2    * * 7   root    /usr/local/bin/updateDashboard.sh
+
+# Pi-hole: Parse the log file before it is flushed and save the stats to a database
+#          This will be used for a historical view of your Pi-hole's performance
+#50 23  * * *   root    /usr/local/bin/dailyLog.sh
+
+# Pi-hole: Flush the log daily at 11:58 so it doesn't get out of control
+#          Stats will be viewable in the Web interface thanks to the cron job above
+58 23   * * *   root    /usr/local/bin/piholeLogFlush.sh

automated install/basic-install.sh

@@ -1,77 +1,576 @@
-#!/bin/bash
-# Pi-hole automated install
-# Raspberry Pi Ad-blocker
+#!/usr/bin/env bash
+# Pi-hole: A black hole for Internet advertisements
+# (c) 2015, 2016 by Jacob Salmela
+# Network-wide ad blocking via your Raspberry Pi
+# http://pi-hole.net
+# Installs Pi-hole
 #
-# Install with this command (from the Pi):
-#
-# curl -s "https://raw.githubusercontent.com/jacobsalmela/pi-hole/master/automated%20install/basic-install.sh" | bash
-#
-# Or run the commands below in order
+# Pi-hole is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 2 of the License, or
+# (at your option) any later version.
 
-clear
-echo "  _____ _        _           _      "
-echo " |  __ (_)      | |         | |     "
-echo " | |__) |   __  | |__   ___ | | ___ "
-echo " |  ___/ | |__| | '_ \ / _ \| |/ _ \ "
-echo " | |   | |      | | | | (_) | |  __/ "
-echo " |_|   |_|      |_| |_|\___/|_|\___| "
-echo "                                    "
-echo "      Raspberry Pi Ad-blocker       "
-echo "									  "
-echo "Set a static IP before running this!"
-echo "			             			  "
-echo "	    Press Enter when ready        "
-echo "									  "
-read
+# pi-hole.net/donate
+#
+# Install with this command (from your Pi):
+#
+# curl -L install.pi-hole.net | bash
 
-if [[ -f /etc/dnsmasq.d/adList.conf ]];then
-	echo "Original Pi-hole detected.  Initiating sub space transport..."
-	sudo mkdir -p /etc/pihole/original/
-	mv /etc/dnsmasq.d/adList.conf /etc/pihole/original/adList.conf.$(date "+%Y-%m-%d")
-	mv /etc/dnsmasq.conf /etc/pihole/original/dnsmasq.conf.$(date "+%Y-%m-%d")
-	mv /etc/resolv.conf /etc/pihole/original/resolv.conf.$(date "+%Y-%m-%d")
-	mv /etc/lighttpd/lighttpd.conf /etc/pihole/original/lighttpd.conf.$(date "+%Y-%m-%d")
-	mv /var/www/pihole/index.html /etc/pihole/original/index.html.$(date "+%Y-%m-%d")
-	mv /usr/local/bin/gravity.sh /etc/pihole/original/gravity.sh.$(date "+%Y-%m-%d")
+
+######## VARIABLES #########
+
+tmpLog=/tmp/pihole-install.log
+instalLogLoc=/etc/pihole/install.log
+
+webInterfaceGitUrl="https://github.com/pi-hole/AdminLTE.git"
+webInterfaceDir="/var/www/html/admin"
+piholeGitUrl="https://github.com/pi-hole/pi-hole.git"
+piholeFilesDir="/etc/.pihole"
+
+
+# Find the rows and columns
+rows=$(tput lines)
+columns=$(tput cols)
+
+# Divide by two so the dialogs take up half of the screen, which looks nice.
+r=$(( rows / 2 ))
+c=$(( columns / 2 ))
+
+
+# Find IP used to route to outside world
+
+IPv4dev=$(ip route get 8.8.8.8 | awk '{for(i=1;i<=NF;i++)if($i~/dev/)print $(i+1)}')
+IPv4addr=$(ip -o -f inet addr show dev $IPv4dev | awk '{print $4}' | awk 'END {print}')
+IPv4gw=$(ip route get 8.8.8.8 | awk '{print $3}')
+
+availableInterfaces=$(ip -o link | awk '{print $2}' | grep -v "lo" | cut -d':' -f1)
+dhcpcdFile=/etc/dhcpcd.conf
+
+######## FIRST CHECK ########
+# Must be root to install
+echo ":::"
+if [[ $EUID -eq 0 ]];then
+	echo "::: You are root."
 else
-	:
+	echo "::: sudo will be used for the install."
+	# Check if it is actually installed
+	# If it isn't, exit because the install cannot complete
+	if [[ $(dpkg-query -s sudo) ]];then
+		export SUDO="sudo"
+	else
+		echo "::: Please install sudo or run this as root."
+		exit 1
+	fi
 fi
 
-echo "Updating the Pi..."
-sudo apt-get update
-sudo apt-get -y upgrade
 
-echo "Installing DNS..."
-sudo apt-get -y install dnsmasq
-sudo update-rc.d dnsmasq enable
+if [ -d "/etc/pihole" ]; then
+		# Likely an existing install
+		upgrade=true
+	else
+		upgrade=false
+fi
 
-echo "Installing a Web server"
-sudo apt-get -y install lighttpd
-sudo chown www-data:www-data /var/www
-sudo chmod 775 /var/www
-sudo usermod -a -G www-data pi
+####### FUNCTIONS ##########
+###All credit for the below function goes to http://fitnr.com/showing-a-bash-spinner.html
+spinner() {
+	local pid=$1
 
-echo "Stopping services to modify them..."
-sudo service dnsmasq stop
-sudo service lighttpd stop
+	spin='-\|/'
+	i=0
+	while $SUDO kill -0 $pid 2>/dev/null
+	do
+		i=$(( (i+1) %4 ))
+		printf "\b${spin:$i:1}"
+		sleep .1
+	done
+	printf "\b"
+}
 
-echo "Backing up original config files and downloading Pi-hole ones..."
-sudo mv /etc/dnsmasq.conf /etc/dnsmasq.conf.orig
-sudo mv /etc/lighttpd/lighttpd.conf /etc/lighttpd/lighttpd.conf.orig
-sudo mv /var/www/index.lighttpd.html /var/www/index.lighttpd.orig
-sudo curl -o /etc/dnsmasq.conf "https://raw.githubusercontent.com/jacobsalmela/pi-hole/master/advanced/dnsmasq.conf"
-sudo curl -o /etc/lighttpd/lighttpd.conf "https://raw.githubusercontent.com/jacobsalmela/pi-hole/master/advanced/lighttpd.conf"
-sudo mkdir /var/www/pihole
-sudo curl -o /var/www/pihole/index.html "https://raw.githubusercontent.com/jacobsalmela/pi-hole/master/advanced/index.html"
+backupLegacyPihole() {
+	# This function detects and backups the pi-hole v1 files.  It will not do anything to the current version files.
+	if [[ -f /etc/dnsmasq.d/adList.conf ]];then
+		echo "::: Original Pi-hole detected.  Initiating sub space transport"
+		$SUDO mkdir -p /etc/pihole/original/
+		$SUDO mv /etc/dnsmasq.d/adList.conf /etc/pihole/original/adList.conf.$(date "+%Y-%m-%d")
+		$SUDO mv /etc/dnsmasq.conf /etc/pihole/original/dnsmasq.conf.$(date "+%Y-%m-%d")
+		$SUDO mv /etc/resolv.conf /etc/pihole/original/resolv.conf.$(date "+%Y-%m-%d")
+		$SUDO mv /etc/lighttpd/lighttpd.conf /etc/pihole/original/lighttpd.conf.$(date "+%Y-%m-%d")
+		$SUDO mv /var/www/pihole/index.html /etc/pihole/original/index.html.$(date "+%Y-%m-%d")
+		$SUDO mv /usr/local/bin/gravity.sh /etc/pihole/original/gravity.sh.$(date "+%Y-%m-%d")
+	else
+		:
+	fi
+}
 
-echo "Locating the Pi-hole..."
-sudo curl -o /usr/local/bin/gravity.sh "https://raw.githubusercontent.com/jacobsalmela/pi-hole/master/gravity.sh"
-sudo curl -o /usr/local/bin/chronometer.sh "https://raw.githubusercontent.com/jacobsalmela/pi-hole/master/advanced/Scripts/chronometer.sh"
-sudo chmod 755 /usr/local/bin/gravity.sh
-sudo chmod 755 /usr/local/bin/chronometer.sh
+welcomeDialogs() {
+	# Display the welcome dialog
+	whiptail --msgbox --backtitle "Welcome" --title "Pi-hole automated installer" "This installer will transform your Raspberry Pi into a network-wide ad blocker!" $r $c
 
-echo "Entering the event horizon..."
-sudo /usr/local/bin/gravity.sh
+	# Support for a part-time dev
+	whiptail --msgbox --backtitle "Plea" --title "Free and open source" "The Pi-hole is free, but powered by your donations:  http://pi-hole.net/donate" $r $c
 
-echo "Restarting..."
-sudo shutdown -r now
+	# Explain the need for a static address
+	whiptail --msgbox --backtitle "Initating network interface" --title "Static IP Needed" "The Pi-hole is a SERVER so it needs a STATIC IP ADDRESS to function properly.	
+	In the next section, you can choose to use your current network settings (DHCP) or to manually edit them." $r $c
+}
+
+chooseInterface() {
+	# Turn the available interfaces into an array so it can be used with a whiptail dialog
+	interfacesArray=()
+	firstloop=1
+
+	while read -r line
+	do
+		mode="OFF"
+		if [[ $firstloop -eq 1 ]]; then
+			firstloop=0
+			mode="ON"
+		fi
+		interfacesArray+=("$line" "available" "$mode")
+	done <<< "$availableInterfaces"
+
+	# Find out how many interfaces are available to choose from
+	interfaceCount=$(echo "$availableInterfaces" | wc -l)
+	chooseInterfaceCmd=(whiptail --separate-output --radiolist "Choose An Interface" $r $c $interfaceCount)
+	chooseInterfaceOptions=$("${chooseInterfaceCmd[@]}" "${interfacesArray[@]}" 2>&1 >/dev/tty)
+	if [[ $? = 0 ]];then
+		for desiredInterface in $chooseInterfaceOptions
+		do
+		piholeInterface=$desiredInterface
+		echo "::: Using interface: $piholeInterface"
+		echo ${piholeInterface} > /tmp/piholeINT
+		done
+	else
+		echo "::: Cancel selected, exiting...."
+		exit 1
+	fi
+	
+}
+
+
+use4andor6() {
+	# Let use select IPv4 and/or IPv6
+	cmd=(whiptail --separate-output --checklist "Select Protocols" $r $c 2)
+	options=(IPv4 "Block ads over IPv4" on
+	IPv6 "Block ads over IPv6" off)
+	choices=$("${cmd[@]}" "${options[@]}" 2>&1 >/dev/tty)
+	if [[ $? = 0 ]];then
+		for choice in $choices
+		do
+			case $choice in
+			IPv4	)		useIPv4=true;;
+			IPv6	)		useIPv6=true;;
+			esac
+		done
+		
+		if [ $useIPv4 ] && [ ! $useIPv6 ]; then
+			getStaticIPv4Settings
+			setStaticIPv4
+			echo "::: Using IPv4 on $IPv4addr"
+			echo "::: IPv6 will NOT be used."
+		fi
+		if [ ! $useIPv4 ] && [ $useIPv6 ]; then
+			useIPv6dialog
+			echo "::: IPv4 will NOT be used."
+			echo "::: Using IPv6 on $piholeIPv6"
+		fi
+		if [ $useIPv4 ] && [  $useIPv6 ]; then
+			getStaticIPv4Settings
+			setStaticIPv4
+			useIPv6dialog
+			echo "::: Using IPv4 on $IPv4addr"
+			echo "::: Using IPv6 on $piholeIPv6"
+		fi
+		if [ ! $useIPv4 ] && [ ! $useIPv6 ]; then
+			echo "::: Cannot continue, neither IPv4 or IPv6 selected"
+			echo "::: Exiting"
+			exit 1
+		fi
+	else
+		echo "::: Cancel selected. Exiting..."
+		exit 1
+	fi
+}
+
+useIPv6dialog() {
+	# Show the IPv6 address used for blocking
+	piholeIPv6=$(ip -6 route get 2001:4860:4860::8888 | awk -F " " '{ for(i=1;i<=NF;i++) if ($i == "src") print $(i+1) }')
+	whiptail --msgbox --backtitle "IPv6..." --title "IPv6 Supported" "$piholeIPv6 will be used to block ads." $r $c
+
+	$SUDO touch /etc/pihole/.useIPv6
+}
+
+getStaticIPv4Settings() {
+	# Ask if the user wants to use DHCP settings as their static IP
+	if (whiptail --backtitle "Calibrating network interface" --title "Static IP Address" --yesno "Do you want to use your current network settings as a static address?
+									IP address:    $IPv4addr
+									Gateway:       $IPv4gw" $r $c) then
+		# If they choose yes, let the user know that the IP address will not be available via DHCP and may cause a conflict.
+		whiptail --msgbox --backtitle "IP information" --title "FYI: IP Conflict" "It is possible your router could still try to assign this IP to a device, which would cause a conflict.  But in most cases the router is smart enough to not do that.
+		If you are worried, either manually set the address, or modify the DHCP reservation pool so it does not include the IP you want.
+		It is also possible to use a DHCP reservation, but if you are going to do that, you might as well set a static address." $r $c
+		# Nothing else to do since the variables are already set above
+	else
+		# Otherwise, we need to ask the user to input their desired settings.
+		# Start by getting the IPv4 address (pre-filling it with info gathered from DHCP)
+		# Start a loop to let the user enter their information with the chance to go back and edit it if necessary
+		until [[ $ipSettingsCorrect = True ]]
+		do
+			# Ask for the IPv4 address
+			IPv4addr=$(whiptail --backtitle "Calibrating network interface" --title "IPv4 address" --inputbox "Enter your desired IPv4 address" $r $c $IPv4addr 3>&1 1>&2 2>&3)
+			if [[ $? = 0 ]];then
+				echo "::: Your static IPv4 address:    $IPv4addr"
+				# Ask for the gateway
+				IPv4gw=$(whiptail --backtitle "Calibrating network interface" --title "IPv4 gateway (router)" --inputbox "Enter your desired IPv4 default gateway" $r $c $IPv4gw 3>&1 1>&2 2>&3)
+				if [[ $? = 0 ]];then
+					echo "::: Your static IPv4 gateway:    $IPv4gw"
+					# Give the user a chance to review their settings before moving on
+					if (whiptail --backtitle "Calibrating network interface" --title "Static IP Address" --yesno "Are these settings correct?
+							IP address:    $IPv4addr
+							Gateway:       $IPv4gw" $r $c)then
+							# If the settings are correct, then we need to set the piholeIP
+							# Saving it to a temporary file us to retrieve it later when we run the gravity.sh script
+							echo ${IPv4addr%/*} > /tmp/piholeIP
+							echo $piholeInterface > /tmp/piholeINT
+							# After that's done, the loop ends and we move on
+							ipSettingsCorrect=True
+					else
+						# If the settings are wrong, the loop continues
+						ipSettingsCorrect=False
+					fi
+				else
+					# Cancelling gateway settings window
+					ipSettingsCorrect=False
+					echo "::: Cancel selected. Exiting..."
+					exit 1
+				fi
+			else
+				# Cancelling IPv4 settings window
+				ipSettingsCorrect=False
+				echo "::: Cancel selected. Exiting..."
+				exit 1
+			fi
+		done
+	# End the if statement for DHCP vs. static
+	fi
+}
+
+setDHCPCD() {
+	# Append these lines to dhcpcd.conf to enable a static IP
+	echo "::: interface $piholeInterface
+	static ip_address=$IPv4addr
+	static routers=$IPv4gw
+	static domain_name_servers=$IPv4gw" | $SUDO tee -a $dhcpcdFile >/dev/null
+}
+
+setStaticIPv4() {
+	# Tries to set the IPv4 address
+	if grep -q $IPv4addr $dhcpcdFile; then
+		# address already set, noop
+		:
+	else
+		setDHCPCD
+		$SUDO ip addr replace dev $piholeInterface $IPv4addr
+		echo ":::"
+		echo "::: Setting IP to $IPv4addr.  You may need to restart after the install is complete."
+		echo ":::"
+	fi
+}
+
+setDNS(){
+	DNSChoseCmd=(whiptail --separate-output --radiolist "Select Upstream DNS Provider" $r $c 2)
+	DNSChooseOptions=(Google "" on
+					  OpenDNS "" off)
+	DNSchoices=$("${DNSChoseCmd[@]}" "${DNSChooseOptions[@]}" 2>&1 >/dev/tty)
+	if [[ $? = 0 ]];then
+		case $DNSchoices in
+			Google)
+				echo "::: Using Google DNS servers."
+				piholeDNS1="8.8.8.8"
+				piholeDNS2="8.8.4.4"
+				;;
+			OpenDNS)
+				echo "::: Using OpenDNS servers."
+				piholeDNS1="208.67.222.222"
+				piholeDNS2="208.67.220.220"
+				;;
+		esac
+	else
+		echo "::: Cancel selected. Exiting..."
+		exit 1
+	fi
+}
+
+versionCheckDNSmasq(){
+	# Check if /etc/dnsmasq.conf is from pihole.  If so replace with an original and install new in .d directory
+	dnsFile1="/etc/dnsmasq.conf"
+	dnsFile2="/etc/dnsmasq.conf.orig"
+	dnsSearch="addn-hosts=/etc/pihole/gravity.list"
+	
+	# Check if /etc/dnsmasq.conf exists
+	if [ -d "/etc/dnsmasq.conf" ]; then
+		# If true, Check dnsmasq.conf for pihole magic
+		if grep -q $dnsSearch $dnsFile1; then
+			# If true, Check dnsmasq.conf.orig for pihole magic
+			if grep -q $dnsSearch $dnsFile2; then
+				# If true, use advanced/dnsmasq.conf.original
+				$SUDO mv -f /etc/dnsmasq.conf /etc/dnsmasq.conf.orig
+				$SUDO cp /etc/.pihole/advanced/dnsmasq.conf.original /etc/dnsmasq.conf
+			else
+				# If false, mv original file back
+				$SUDO mv -f /etc/dnsmasq.conf.orig /etc/dnsmasq.conf
+			fi
+		# If false, This is a fresh install
+		fi
+	else
+		# If false, use advanced/dnsmasq.conf.original
+		$SUDO cp /etc/.pihole/advanced/dnsmasq.conf.original /etc/dnsmasq.conf
+	fi
+	
+	$SUDO cp /etc/.pihole/advanced/01-pihole.conf /etc/dnsmasq.d/01-pihole.conf
+	$SUDO sed -i "s/@INT@/$piholeInterface/" /etc/dnsmasq.d/01-pihole.conf
+	$SUDO sed -i "s/@DNS1@/$piholeDNS1/" /etc/dnsmasq.d/01-pihole.conf
+	$SUDO sed -i "s/@DNS2@/$piholeDNS2/" /etc/dnsmasq.d/01-pihole.conf
+}
+
+installScripts() {
+	# Install the scripts from /etc/.pihole to their various locations
+	$SUDO echo ":::"
+	$SUDO echo -n "::: Installing scripts..."
+	$SUDO cp /etc/.pihole/gravity.sh /usr/local/bin/gravity.sh
+	$SUDO cp /etc/.pihole/advanced/Scripts/chronometer.sh /usr/local/bin/chronometer.sh
+	$SUDO cp /etc/.pihole/advanced/Scripts/whitelist.sh /usr/local/bin/whitelist.sh
+	$SUDO cp /etc/.pihole/advanced/Scripts/blacklist.sh /usr/local/bin/blacklist.sh
+	$SUDO cp /etc/.pihole/advanced/Scripts/piholeLogFlush.sh /usr/local/bin/piholeLogFlush.sh
+	$SUDO cp /etc/.pihole/advanced/Scripts/updateDashboard.sh /usr/local/bin/updateDashboard.sh
+	$SUDO chmod 755 /usr/local/bin/{gravity,chronometer,whitelist,blacklist,piholeLogFlush,updateDashboard}.sh
+	$SUDO echo " done."
+}
+
+installConfigs() {
+	# Install the configs from /etc/.pihole to their various locations
+	$SUDO echo ":::"
+	$SUDO echo -n "::: Installing configs..."
+	versionCheckDNSmasq
+	$SUDO mv /etc/lighttpd/lighttpd.conf /etc/lighttpd/lighttpd.conf.orig
+	$SUDO cp /etc/.pihole/advanced/lighttpd.conf /etc/lighttpd/lighttpd.conf
+	$SUDO echo " done."
+}
+
+stopServices() {
+	# Stop dnsmasq and lighttpd
+	$SUDO echo ":::"
+	$SUDO echo -n "::: Stopping services..."
+	$SUDO service dnsmasq stop & spinner $! || true
+	$SUDO service lighttpd stop & spinner $! || true
+	$SUDO echo " done."
+}
+
+checkForDependencies() {
+	#Running apt-get update/upgrade with minimal output can cause some issues with
+	#requiring user input (e.g password for phpmyadmin see #218)
+	#We'll change the logic up here, to check to see if there are any updates availible and
+	# if so, advise the user to run apt-get update/upgrade at their own discretion
+
+	#Check to see if apt-get update has already been run today
+	# it needs to have been run at least once on new installs!
+
+	timestamp=$(stat -c %Y /var/cache/apt/)
+	timestampAsDate=$(date -d @$timestamp "+%b %e")
+	today=$(date "+%b %e")
+
+	if [ ! "$today" == "$timestampAsDate" ]; then
+	    #update package lists
+	    echo ":::"
+	    echo -n "::: apt-get update has not been run today. Running now..."
+	    $SUDO apt-get -qq update & spinner $!
+	    echo " done!"
+	  fi
+		echo ":::"
+		echo -n "::: Checking apt-get for upgraded packages...."
+		updatesToInstall=$(sudo apt-get -s -o Debug::NoLocking=true upgrade | grep -c ^Inst)
+		echo " done!"
+		echo ":::"
+		if [[ $updatesToInstall -eq "0" ]]; then
+			echo "::: Your pi is up to date! Continuing with pi-hole installation..."
+		else
+			echo "::: There are $updatesToInstall updates availible for your pi!"
+			echo "::: We recommend you run 'sudo apt-get upgrade' after installing Pi-Hole! "
+			echo ":::"
+		fi
+    echo ":::"
+    echo "::: Checking dependencies:"
+
+	dependencies=( dnsutils bc toilet figlet dnsmasq lighttpd php5-common php5-cgi php5 git curl unzip wget )
+	for i in "${dependencies[@]}"
+	do
+	:
+		echo -n ":::    Checking for $i..."
+		if [ $(dpkg-query -W -f='${Status}' $i 2>/dev/null | grep -c "ok installed") -eq 0 ]; then
+			echo -n " Not found! Installing...."
+			$SUDO apt-get -y -qq install $i > /dev/null & spinner $!
+			echo " done!"
+		else
+			echo " already installed!"
+		fi
+	done
+}
+
+getGitFiles() {
+	# Setup git repos for base files and web admin
+	echo ":::"
+	echo "::: Checking for existing base files..."
+	if is_repo $piholeFilesDir; then
+		make_repo $piholeFilesDir $piholeGitUrl
+	else
+		update_repo $piholeFilesDir
+	fi
+
+	echo ":::"
+	echo "::: Checking for existing web interface..."
+	if is_repo $webInterfaceDir; then
+		make_repo $webInterfaceDir $webInterfaceGitUrl
+	else
+		update_repo $webInterfaceDir
+	fi
+}
+
+is_repo() {
+	# If the directory does not have a .git folder it is not a repo
+	echo -n ":::    Checking $1 is a repo..."
+    if [ -d "$1/.git" ]; then
+    		echo " OK!"
+        return 1
+    fi
+    echo " not found!!"
+    return 0
+}
+
+make_repo() {
+    # Remove the non-repod interface and clone the interface
+    echo -n ":::    Cloning $2 into $1..."
+    $SUDO rm -rf $1
+    $SUDO git clone -q "$2" "$1" > /dev/null & spinner $!
+    echo " done!"
+}
+
+update_repo() {
+    # Pull the latest commits
+    echo -n ":::     Updating repo in $1..."
+    cd "$1"
+    $SUDO git pull -q > /dev/null & spinner $!
+    echo " done!"
+}
+
+
+CreateLogFile() {
+	# Create logfiles if necessary
+	echo ":::"
+	$SUDO  echo -n "::: Creating log file and changing owner to dnsmasq..."
+	if [ ! -f /var/log/pihole.log ]; then
+		$SUDO touch /var/log/pihole.log
+		$SUDO chmod 644 /var/log/pihole.log
+		$SUDO chown dnsmasq:root /var/log/pihole.log
+		$SUDO echo " done!"
+	else
+		$SUDO  echo " already exists!"
+	fi
+}
+
+installPiholeWeb() {
+	# Install the web interface
+	$SUDO echo ":::"
+	$SUDO echo -n "::: Installing pihole custom index page..."
+	if [ -d "/var/www/html/pihole" ]; then
+		$SUDO echo " Existing page detected, not overwriting"
+	else
+		$SUDO mkdir /var/www/html/pihole
+		$SUDO mv /var/www/html/index.lighttpd.html /var/www/html/index.lighttpd.orig
+		$SUDO cp /etc/.pihole/advanced/index.html /var/www/html/pihole/index.html
+		$SUDO echo " done!"
+	fi
+}
+
+installCron() {
+	# Install the cron job
+	$SUDO echo ":::"
+	$SUDO echo -n "::: Installing latest Cron script..."
+	$SUDO cp /etc/.pihole/advanced/pihole.cron /etc/cron.d/pihole
+	$SUDO echo " done!"
+}
+
+runGravity() {
+	# Rub gravity.sh to build blacklists
+	$SUDO echo ":::"
+	$SUDO echo "::: Preparing to run gravity.sh to refresh hosts..."	
+	if ls /etc/pihole/list* 1> /dev/null 2>&1; then
+		echo "::: Cleaning up previous install (preserving whitelist/blacklist)"		
+		$SUDO rm /etc/pihole/list.*
+	fi
+	#Don't run as SUDO, this was causing issues
+	echo "::: Running gravity.sh"
+	echo ":::"
+
+	/usr/local/bin/gravity.sh
+}
+
+
+installPihole() {
+	# Install base files and web interface
+	checkForDependencies # done
+	stopServices
+	$SUDO mkdir -p /etc/pihole/
+	$SUDO chown www-data:www-data /var/www/html
+	$SUDO chmod 775 /var/www/html
+	$SUDO usermod -a -G www-data pi
+	$SUDO lighty-enable-mod fastcgi fastcgi-php > /dev/null
+
+	getGitFiles
+	installScripts
+	installConfigs
+	#installWebAdmin
+	CreateLogFile
+	installPiholeWeb
+	installCron
+	runGravity
+}
+
+displayFinalMessage() {
+	# Final completion message to user
+	whiptail --msgbox --backtitle "Make it so." --title "Installation Complete!" "Configure your devices to use the Pi-hole as their DNS server using:
+
+$IPv4addr
+$piholeIPv6
+
+If you set a new IP address, you should restart the Pi.
+
+The install log is in /etc/pihole." $r $c
+}
+
+######## SCRIPT ############
+# Start the installer
+$SUDO mkdir -p /etc/pihole/
+welcomeDialogs
+
+# Just back up the original Pi-hole right away since it won't take long and it gets it out of the way
+backupLegacyPihole
+# Find interfaces and let the user choose one
+chooseInterface
+# Let the user decide if they want to block ads over IPv4 and/or IPv6
+use4andor6
+
+# Decide what upstream DNS Servers to use
+setDNS
+
+# Install and log everything to a file
+installPihole | tee $tmpLog
+
+# Move the log file into /etc/pihole for storage
+$SUDO mv $tmpLog $instalLogLoc
+
+displayFinalMessage
+
+# Start services
+$SUDO service dnsmasq start
+$SUDO service lighttpd start

automated install/uninstall.sh

@@ -0,0 +1,73 @@
+#!/usr/bin/env bash
+# Pi-hole: A black hole for Internet advertisements
+# (c) 2015, 2016 by Jacob Salmela
+# Network-wide ad blocking via your Raspberry Pi
+# http://pi-hole.net
+# Completely uninstalls Pi-hole
+#
+# Pi-hole is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 2 of the License, or
+# (at your option) any later version.
+
+# Must be root to uninstall
+if [[ $EUID -eq 0 ]];then
+	echo "You are root."
+else
+	echo "sudo will be used for the install."
+  # Check if it is actually installed
+  # If it isn't, exit because the unnstall cannot complete
+  if [[ $(dpkg-query -s sudo) ]];then
+		export SUDO="sudo"
+  else
+    echo "Please install sudo or run this as root."
+    exit 1
+  fi
+fi
+
+
+######### SCRIPT ###########
+$SUDO apt-get -y remove --purge dnsutils bc toilet
+$SUDO apt-get -y remove --purge dnsmasq
+$SUDO apt-get -y remove --purge lighttpd php5-common php5-cgi php5
+
+# Only web directories/files that are created by pihole should be removed.
+echo "Removing the Pi-hole Web server files..."
+$SUDO rm -rf /var/www/html/admin
+$SUDO rm -rf /var/www/html/pihole
+$SUDO rm /var/www/html/index.lighttpd.orig
+
+# If the web directory is empty after removing these files, then the parent html folder can be removed.
+if [[ ! "$(ls -A /var/www/html)" ]]; then
+    $SUDO rm -rf /var/www/html
+fi
+
+echo "Removing dnsmasq config files..."
+$SUDO rm /etc/dnsmasq.conf /etc/dnsmasq.conf.orig
+
+# Attempt to preserve backwards compatibility with older versions
+# to guarantee no additional changes were made to /etc/crontab after
+# the installation of pihole, /etc/crontab.pihole should be permanently
+# preserved.
+if [[ -f /etc/crontab.orig ]]; then
+  echo "Initial Pi-hole cron detected.  Restoring the default system cron..."
+	$SUDO mv /etc/crontab /etc/crontab.pihole
+	$SUDO mv /etc/crontab.orig /etc/crontab
+	$SUDO service cron restart
+fi
+
+# Attempt to preserve backwards compatibility with older versions
+if [[ -f /etc/cron.d/pihole ]];then
+  echo "Removing cron.d/pihole..."
+	$SUDO rm /etc/cron.d/pihole
+fi
+
+echo "Removing config files and scripts..."
+$SUDO rm /etc/dnsmasq.conf
+$SUDO rm -rf /etc/lighttpd/
+$SUDO rm /var/log/pihole.log
+$SUDO rm /usr/local/bin/gravity.sh
+$SUDO rm /usr/local/bin/chronometer.sh
+$SUDO rm /usr/local/bin/whitelist.sh
+$SUDO rm /usr/local/bin/piholeLogFlush.sh
+$SUDO rm -rf /etc/pihole/

block hulu ads/lighttpd.conf

@@ -1,3 +1,14 @@
+# Pi-hole: A black hole for Internet advertisements
+# (c) 2015, 2016 by Jacob Salmela
+# Network-wide ad blocking via your Raspberry Pi
+# http://pi-hole.net
+# Lighttpd config file for Pi-hole
+#
+# Pi-hole is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 2 of the License, or
+# (at your option) any later version.
+
 server.modules = (
 	"mod_access",
 	"mod_alias",

block hulu ads/minidlna.conf

@@ -1,3 +1,14 @@
+# Pi-hole: A black hole for Internet advertisements
+# (c) 2015, 2016 by Jacob Salmela
+# Network-wide ad blocking via your Raspberry Pi
+# http://pi-hole.net
+# MiniDLNA config file for Pi-hole
+#
+# Pi-hole is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 2 of the License, or
+# (at your option) any later version.
+
 media_dir=V,/var/lib/minidlna/videos/
 port=8200
 friendly_name=pihole

gravity.sh

@@ -1,122 +1,343 @@
-#!/bin/bash
+#!/usr/bin/env bash
+# Pi-hole: A black hole for Internet advertisements
+# (c) 2015 by Jacob Salmela
+# Network-wide ad blocking via your Raspberry Pi
 # http://pi-hole.net
 # Compiles a list of ad-serving domains by downloading them from multiple sources
+#
+# Pi-hole is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 2 of the License, or
+# (at your option) any later version.
+
+# Run this script as root or under sudo
+echo ":::"
+if [[ $EUID -eq 0 ]];then
+	echo "::: You are root."
+else
+	echo "::: sudo will be used."
+  # Check if it is actually installed
+  # If it isn't, exit because the install cannot complete
+  if [[ $(dpkg-query -s sudo) ]];then
+		export SUDO="sudo"
+  else
+		echo "::: Please install sudo or run this script as root."
+    exit 1
+  fi
+fi
+
+piholeIPfile=/tmp/piholeIP
+piholeIPv6file=/etc/pihole/.useIPv6
+
+adListFile=/etc/pihole/adlists.list
+adListDefault=/etc/pihole/adlists.default
+
+if [[ -f $piholeIPfile ]];then
+    # If the file exists, it means it was exported from the installation script and we should use that value instead of detecting it in this script
+    piholeIP=$(cat $piholeIPfile)
+    rm $piholeIPfile
+else
+    # Otherwise, the IP address can be taken directly from the machine, which will happen when the script is run by the user and not the installation script
+    IPv4dev=$(ip route get 8.8.8.8 | awk '{for(i=1;i<=NF;i++)if($i~/dev/)print $(i+1)}')
+    piholeIPCIDR=$(ip -o -f inet addr show dev $IPv4dev | awk '{print $4}' | awk 'END {print}')
+    piholeIP=${piholeIPCIDR%/*}
+fi
+
+if [[ -f $piholeIPv6file ]];then
+    # If the file exists, then the user previously chose to use IPv6 in the automated installer
+    piholeIPv6=$(ip -6 route get 2001:4860:4860::8888 | awk -F " " '{ for(i=1;i<=NF;i++) if ($i == "src") print $(i+1) }')
+fi
+
 
-# This script should only be run after you have a static IP address set on the Pi
-piholeIP=$(hostname -I)
 
-# Ad-list sources--one per line in single quotes
-sources=('https://adaway.org/hosts.txt'
-'http://adblock.gjtech.net/?format=unix-hosts'
-'http://adblock.mahakala.is/'
-'http://hosts-file.net/.%5Cad_servers.txt'
-'http://www.malwaredomainlist.com/hostslist/hosts.txt'
-'http://pgl.yoyo.org/adservers/serverlist.php?'
-'http://someonewhocares.org/hosts/hosts'
-'http://winhelp2002.mvps.org/hosts.txt')
 
 # Variables for various stages of downloading and formatting the list
-adList=/etc/pihole/gravity.list
-origin=/etc/pihole
-piholeDir=/etc/pihole
-if [[ -f $piholeDir/pihole.conf ]];then
+basename=pihole
+piholeDir=/etc/$basename
+adList=$piholeDir/gravity.list
+blacklist=$piholeDir/blacklist.txt
+whitelist=$piholeDir/whitelist.txt
+latentWhitelist=$piholeDir/latentWhitelist.txt
+justDomainsExtension=domains
+matterandlight=$basename.0.matterandlight.txt
+supernova=$basename.1.supernova.txt
+eventHorizon=$basename.2.eventHorizon.txt
+accretionDisc=$basename.3.accretionDisc.txt
+eyeOfTheNeedle=$basename.4.wormhole.txt
+
+# After setting defaults, check if there's local overrides
+if [[ -r $piholeDir/pihole.conf ]];then
+    echo "::: Local calibration requested..."
         . $piholeDir/pihole.conf
 fi
-justDomainsExtension=domains
-matter=pihole.0.matter.txt
-andLight=pihole.1.andLight.txt
-supernova=pihole.2.supernova.txt
-eventHorizon=pihole.3.eventHorizon.txt
-accretionDisc=pihole.4.accretionDisc.txt
-eyeOfTheNeedle=pihole.5.wormhole.txt
-blacklist=$piholeDir/blacklist.txt
-latentBlacklist=$origin/latentBlacklist.txt
-whitelist=$piholeDir/whitelist.txt
-latentWhitelist=$origin/latentWhitelist.txt
 
-echo "** Neutrino emissions detected..."
 
-# Create the pihole resource directory if it doesn't exist.  Future files will be stored here
-if [[ -d $piholeDir ]];then
-	:
-else
-	echo "** Creating pihole directory..."
-	sudo mkdir $piholeDir
-fi
+spinner(){
+        local pid=$1
+        local delay=0.001
+        local spinstr='/-\|'
 
-# Loop through domain list.  Download each one and remove commented lines (lines beginning with '# 'or '/') and blank lines
-for ((i = 0; i < "${#sources[@]}"; i++))
-do
+        spin='-\|/'
+        i=0
+        while $SUDO kill -0 $pid 2>/dev/null
+        do
+                i=$(( (i+1) %4 ))
+                printf "\b${spin:$i:1}"
+                sleep .1
+        done
+        printf "\b"
+}
+###########################
+# collapse - begin formation of pihole
+function gravity_collapse() {
+	echo "::: Neutrino emissions detected..."
+	echo ":::"
+	#Decide if we're using a custom ad block list, or defaults.
+	if [ -f $adListFile ]; then
+		#custom file found, use this instead of default
+		echo -n "::: Custom adList file detected. Reading..."
+		sources=()
+		while read -a line; do
+			sources+=($line)
+		done < $adListFile
+		echo " done!"	
+	else
+		#no custom file found, use defaults!
+		echo -n "::: No custom adlist file detected, reading from default file..."
+				sources=()
+		while read -a line; do
+			sources+=($line)
+		done < $adListDefault
+		echo " done!"	
+	fi	
+
+	# Create the pihole resource directory if it doesn't exist.  Future files will be stored here
+	if [[ -d $piholeDir ]];then
+        # Temporary hack to allow non-root access to pihole directory
+        # Will update later, needed for existing installs, new installs should
+        # create this directory as non-root
+        $SUDO chmod 777 $piholeDir
+        find "$piholeDir" -type f -exec $SUDO chmod 666 {} \; & spinner $!
+        echo "."
+	else
+        echo -n "::: Creating pihole directory..."
+        mkdir $piholeDir & spinner $!
+        echo " done!"
+	fi
+}
+
+# patternCheck - check to see if curl downloaded any new files.
+function gravity_patternCheck() {
+	patternBuffer=$1
+	# check if the patternbuffer is a non-zero length file
+	if [[ -s "$patternBuffer" ]];then
+		# Some of the blocklists are copyright, they need to be downloaded
+		# and stored as is. They can be processed for content after they
+		# have been saved.
+		cp $patternBuffer $saveLocation
+		echo " List updated, transport successful!"
+	else
+		# curl didn't download any host files, probably because of the date check
+		echo " No changes detected, transport skipped!"
+	fi
+}
+
+# transport - curl the specified url with any needed command extentions
+function gravity_transport() {
+	url=$1
+	cmd_ext=$2
+	agent=$3
+
+	# tmp file, so we don't have to store the (long!) lists in RAM
+	patternBuffer=$(mktemp)
+	heisenbergCompensator=""
+	if [[ -r $saveLocation ]]; then
+		# if domain has been saved, add file for date check to only download newer
+		heisenbergCompensator="-z $saveLocation"
+	fi
+
+	# Silently curl url
+	curl -s $cmd_ext $heisenbergCompensator -A "$agent" $url > $patternBuffer 
+	# Check for list updates
+	gravity_patternCheck $patternBuffer 
+
+	# Cleanup
+	rm -f $patternBuffer
+}
+
+# spinup - main gravity function
+function gravity_spinup() {
+  echo "::: "
+	# Loop through domain list.  Download each one and remove commented lines (lines beginning with '# 'or '/') and	 		# blank lines
+	for ((i = 0; i < "${#sources[@]}"; i++))
+	do
+        url=${sources[$i]}
         # Get just the domain from the URL
-	domain=$(echo "${sources[$i]}" | cut -d'/' -f3)
+        domain=$(echo "$url" | cut -d'/' -f3)
 
         # Save the file as list.#.domain
-	saveLocation=$origin/"list"."$i"."$domain"
+        saveLocation=$piholeDir/list.$i.$domain.$justDomainsExtension
+        activeDomains[$i]=$saveLocation
 
-	# Use a case statement to download lists that need special cURL commands to complete properly
+        agent="Mozilla/10.0"
+
+        echo -n "::: Getting $domain list..."
+
+        # Use a case statement to download lists that need special cURL commands
+        # to complete properly and reset the user agent when required
         case "$domain" in
-		"adblock.mahakala.is") data=$(curl -s -A 'Mozilla/5.0 (X11; Linux x86_64; rv:30.0) Gecko/20100101 Firefox/30.0' -e http://forum.xda-developers.com/ -z $saveLocation."$justDomainsExtension" "${sources[$i]}");;
+                "adblock.mahakala.is")
+                        agent='Mozilla/5.0 (X11; Linux x86_64; rv:30.0) Gecko/20100101 Firefox/30.0'
+                        cmd_ext="-e http://forum.xda-developers.com/"
+                        ;;
 
-		"pgl.yoyo.org") data=$(curl -s -d mimetype=plaintext -d hostformat=hosts -z $saveLocation."$justDomainsExtension" "${sources[$i]}");;
+                "pgl.yoyo.org")
+                        cmd_ext="-d mimetype=plaintext -d hostformat=hosts"
+                        ;;
 
-		*) data=$(curl -s -z $saveLocation."$justDomainsExtension" -A "Mozilla/10.0" "${sources[$i]}");;
+                # Default is a simple request
+                *) cmd_ext=""
         esac
+        gravity_transport $url $cmd_ext $agent
+	done
+}
+
+# Schwarzchild - aggregate domains to one list and add blacklisted domains
+function gravity_Schwarzchild() {
+  echo "::: "
+	# Find all active domains and compile them into one file and remove CRs
+	echo -n "::: Aggregating list of domains..."
+	truncate -s 0 $piholeDir/$matterandlight & spinner $! 
+	for i in "${activeDomains[@]}"
+	do
+   		cat $i |tr -d '\r' >> $piholeDir/$matterandlight
+	done
+	echo " done!"
+	
+}
+
+
+function gravity_Blacklist(){
+	# Append blacklist entries if they exist
+	echo -n "::: Running blacklist script to update HOSTS file...."
+	blacklist.sh -f -nr -q > /dev/null & spinner $!
+	
+	numBlacklisted=$(wc -l < "/etc/pihole/blacklist.txt")
+	plural=; [[ "$numBlacklisted" != "1" ]] && plural=s
+  echo " $numBlacklisted domain${plural} blacklisted!"
+  
+	
+}
+
+
+function gravity_Whitelist() {
+  echo ":::"
+	# Prevent our sources from being pulled into the hole
+	plural=; [[ "${sources[@]}" != "1" ]] && plural=s
+	echo -n "::: Adding ${#sources[@]} ad list source${plural} to the whitelist..."
+	
+	urls=()
+	for url in ${sources[@]}
+	do
+        tmp=$(echo "$url" | awk -F '/' '{print $3}')
+        urls=("${urls[@]}" $tmp)
+	done
+	echo " done!"
+	
+	echo -n "::: Running whitelist script to update HOSTS file...."
+	whitelist.sh -f -nr -q ${urls[@]} > /dev/null & spinner $!
+		
+	numWhitelisted=$(wc -l < "/etc/pihole/whitelist.txt")
+	plural=; [[ "$numWhitelisted" != "1" ]] && plural=s
+  echo " $numWhitelisted domain${plural} whitelisted!"
+  
+  
+		
+}
+
+function gravity_unique() {
+	# Sort and remove duplicates
+	echo -n "::: Removing duplicate domains...."
+	sort -u  $piholeDir/$supernova > $piholeDir/$eventHorizon  & spinner $!
+	echo " done!"
+	numberOf=$(wc -l < $piholeDir/$eventHorizon)
+	echo "::: $numberOf unique domains trapped in the event horizon."
+}
+
+function gravity_hostFormat() {
+  # Format domain list as "192.168.x.x domain.com"
+	echo "::: Formatting domains into a HOSTS file..."
+  # If there is a value in the $piholeIPv6, then IPv6 will be used, so the awk command modified to create a line for both protocols
+  if [[ -n $piholeIPv6 ]];then
+  	#Add dummy domain Pi-Hole.IsWorking.OK to the top of gravity.list to make ping result return a friendlier looking domain!
+    echo -e "$piholeIP Pi-Hole.IsWorking.OK \n$piholeIPv6 Pi-Hole.IsWorking.OK" > $piholeDir/$accretionDisc
+    cat $piholeDir/$eventHorizon | awk -v ipv4addr="$piholeIP" -v ipv6addr="$piholeIPv6" '{sub(/\r$/,""); print ipv4addr" "$0"\n"ipv6addr" "$0}' >> $piholeDir/$accretionDisc
+    
+  else
+      # Otherwise, just create gravity.list as normal using IPv4
+      #Add dummy domain Pi-Hole.IsWorking.OK to the top of gravity.list to make ping result return a friendlier looking domain!
+    echo -e "$piholeIP Pi-Hole.IsWorking.OK" > $piholeDir/$accretionDisc
+    cat $piholeDir/$eventHorizon | awk -v ipv4addr="$piholeIP" '{sub(/\r$/,""); print ipv4addr" "$0}' >> $piholeDir/$accretionDisc
+  fi
+	# Copy the file over as /etc/pihole/gravity.list so dnsmasq can use it
+	cp $piholeDir/$accretionDisc $adList
+}
+
+# blackbody - remove any remnant files from script processes
+function gravity_blackbody() {
+	# Loop through list files
+	for file in $piholeDir/*.$justDomainsExtension
+	do
+		# If list is in active array then leave it (noop) else rm the list
+		if [[ " ${activeDomains[@]} " =~ " ${file} " ]]; then
+			:
+		else
+			rm -f $file
+		fi
+	done
+}
+
+function gravity_advanced() {
+
 
-	if [[ -n "$data" ]];then
-		echo "Getting $domain list..."
 	# Remove comments and print only the domain name
 	# Most of the lists downloaded are already in hosts file format but the spacing/formating is not contigious
 	# This helps with that and makes it easier to read
 	# It also helps with debugging so each stage of the script can be researched more in depth
-		echo "$data" | awk 'NF {if ($1 !~ "#") { if (NF>1) {print $2} else {print $1}}}' > $saveLocation."$justDomainsExtension"
+	echo -n "::: Formatting list of domains to remove comments...."
+	awk '($1 !~ /^#/) { if (NF>1) {print $2} else {print $1}}' $piholeDir/$matterandlight | sed -nr -e 's/\.{2,}/./g' -e '/\./p' >  $piholeDir/$supernova & spinner $!
+  echo " done!"
+  
+	numberOf=$(wc -l < $piholeDir/$supernova)
+	echo "::: $numberOf domains being pulled in by gravity..."
+    
+	gravity_unique
+  
+}
+
+function gravity_reload() {
+	# Reload hosts file
+	echo ":::"
+	echo -n "::: Refresh lists in dnsmasq..."
+	dnsmasqPid=$(pidof dnsmasq)
+
+	if [[ $dnsmasqPid ]]; then
+		# service already running - reload config
+		$SUDO kill -HUP $dnsmasqPid & spinner $!
 	else
-		echo "Skipping $domain list because it does not have any new entries..."
+		# service not running, start it up
+		$SUDO service dnsmasq start & spinner $!
 	fi
-done
+	echo " done!"
+}
 
-# Find all files with the .domains extension and compile them into one file and remove CRs
-echo "** Aggregating list of domains..."
-find $origin/ -type f -name "*.$justDomainsExtension" -exec cat {} \; | tr -d '\r' > $origin/$matter
-
-# Append blacklist entries if they exist
-if [[ -f $blacklist ]];then
-        numberOf=$(cat $blacklist | sed '/^\s*$/d' | wc -l)
-        echo "** Blacklisting $numberOf domain(s)..."
-        cat $blacklist >> $origin/$matter
-else
-        :
-fi
-
-function gravity_advanced()
-###########################
-	{
-	numberOf=$(cat $origin/$andLight | sed '/^\s*$/d' | wc -l)
-	echo "** $numberOf domains being pulled in by gravity..."	
-	# Remove carriage returns and preceding whitespace
-	cat $origin/$andLight | sed $'s/\r$//' | sed '/^\s*$/d' > $origin/$supernova
-	# Sort and remove duplicates
-	cat $origin/$supernova | sort | uniq > $origin/$eventHorizon
-	numberOf=$(cat $origin/$eventHorizon | sed '/^\s*$/d' | wc -l)
-	echo "** $numberOf unique domains trapped in the event horizon."
-	# Format domain list as "192.168.x.x domain.com"
-	echo "** Formatting domains into a HOSTS file..."
-	cat $origin/$eventHorizon | awk '{sub(/\r$/,""); print "'"$piholeIP"'" $0}' > $origin/$accretionDisc
-	# Copy the file over as /etc/pihole/gravity.list so dnsmasq can use it
-	sudo cp $origin/$accretionDisc $adList
-	kill -HUP $(pidof dnsmasq)
-	}
-	
-# Whitelist (if applicable) then remove duplicates and format for dnsmasq
-if [[ -f $whitelist ]];then
-	# Remove whitelist entries
-	numberOf=$(cat $whitelist | sed '/^\s*$/d' | wc -l)
-	echo "** Whitelisting $numberOf domain(s)..."
-	# Append a "$" to the end of each line so it can be parsed out with grep -w
-	echo -n "^$" > $latentWhitelist
-	awk -F '[# \t]' 'NF>0&&$1!="" {print $1"$"}' $whitelist > $latentWhitelist
-	cat $origin/$matter | grep -vwf $latentWhitelist > $origin/$andLight
-	gravity_advanced
-else
-	cat $origin/$matter > $origin/$andLight
-	gravity_advanced
-fi
+$SUDO cp /etc/.pihole/adlists.default /etc/pihole/adlists.default
+gravity_collapse
+gravity_spinup
+gravity_Schwarzchild
+gravity_advanced
+gravity_hostFormat
+gravity_blackbody
+gravity_Whitelist
+gravity_Blacklist
+gravity_reload