Compare commits
125 Commits
developmen
...
removebloc
Author | SHA1 | Date | |
---|---|---|---|
|
f27efec3e6 | ||
|
2f50da6ea5 | ||
|
603caa9239 | ||
|
ab27a3bd45 | ||
|
f3acc7c839 | ||
|
6f6b54ea05 | ||
|
3cad8e4c5b | ||
|
9535e2fd6d | ||
|
0ea7344c30 | ||
|
55dce14655 | ||
|
5bf35dc687 | ||
|
c5828df198 | ||
|
77e322afa6 | ||
|
541257849d | ||
|
80560d4a4a | ||
|
38bb4a4908 | ||
|
2b74b47b4a | ||
|
109340033e | ||
|
0f246b8df5 | ||
|
5b03160295 | ||
|
7b0513d1e6 | ||
|
466520366d | ||
|
9dbcbdbe66 | ||
|
a9b9718ffa | ||
|
fb073373d6 | ||
|
fd050693a2 | ||
|
841222fa21 | ||
|
0576810438 | ||
|
b755330f4c | ||
|
cf59f35a4e | ||
|
2131a1fe7f | ||
|
a88a94c4f1 | ||
|
1c286c7bc4 | ||
|
6d670991c3 | ||
|
3439045228 | ||
|
b710e107d6 | ||
|
2673c2c072 | ||
|
e393048488 | ||
|
2feea70311 | ||
|
62f29ba3fa | ||
|
89b1cfcd85 | ||
|
89e187947e | ||
|
d2faa93241 | ||
|
0df099a6a5 | ||
|
482ac12c9b | ||
|
b2592f5d31 | ||
|
d0e8b0c962 | ||
|
d48d3aba69 | ||
|
cbc99d45c6 | ||
|
be68a5339c | ||
|
606b05eec1 | ||
|
a1ee7d92a9 | ||
|
6941155572 | ||
|
b6d73ac081 | ||
|
6fec4acd82 | ||
|
b241a19e87 | ||
|
a7ba55ffb0 | ||
|
115e3eeda9 | ||
|
21897d7fbd | ||
|
31c7c019cb | ||
|
b97f76e678 | ||
|
839a70cc37 | ||
|
a068567926 | ||
|
06fd8123c3 | ||
|
c2f3477a82 | ||
|
ff64d8cf4d | ||
|
e8e8104b36 | ||
|
e1dca46423 | ||
|
ea5a3bf0b2 | ||
|
98867d8d71 | ||
|
c88c943cda | ||
|
3ef90a9e47 | ||
|
58a21bee07 | ||
|
676b7e60f3 | ||
|
43b88cd628 | ||
|
e163ed449d | ||
|
ee749f700f | ||
|
bb7c7cdf33 | ||
|
ffe45e8b76 | ||
|
f86ef0128e | ||
|
bdab701470 | ||
|
1ecb9165ee | ||
|
2ff3b95117 | ||
|
3ad5097b12 | ||
|
d68a2ffaf3 | ||
|
913dcead7f | ||
|
1358209a9a | ||
|
b729a44209 | ||
|
5a55fa5e48 | ||
|
d419eaf463 | ||
|
a8deebde4d | ||
|
2ec4e84db4 | ||
|
075b3f6468 | ||
|
7911841355 | ||
|
d2c75a33d5 | ||
|
15dfd19f58 | ||
|
9ae6b40818 | ||
|
aa2da80768 | ||
|
b05fc5bb2b | ||
|
c99c86af7f | ||
|
f552173be3 | ||
|
d02aa3ced1 | ||
|
d0eb0d5037 | ||
|
fbfec961d5 | ||
|
fba7517cc6 | ||
|
0c125eba2c | ||
|
7f4bb24fd3 | ||
|
b1ea60484e | ||
|
57c40cbd09 | ||
|
95d1464e36 | ||
|
092e533a30 | ||
|
18c6ef8aac | ||
|
6be647a85f | ||
|
6f7edbc92e | ||
|
9beb3a9b6c | ||
|
3b6e6317b8 | ||
|
a9b5fcd923 | ||
|
38d4b2a883 | ||
|
e2e7d0a6aa | ||
|
aa5c15a728 | ||
|
7dea5012ce | ||
|
fdca19e66d | ||
|
c9e341b5d4 | ||
|
012d1e4b3d | ||
|
31a096dec2 |
10
.github/dependabot.yml
vendored
Normal file
10
.github/dependabot.yml
vendored
Normal file
@@ -0,0 +1,10 @@
|
||||
version: 2
|
||||
updates:
|
||||
- package-ecosystem: github-actions
|
||||
directory: "/"
|
||||
schedule:
|
||||
interval: weekly
|
||||
day: saturday
|
||||
time: "10:00"
|
||||
open-pull-requests-limit: 10
|
||||
target-branch: developement
|
40
.github/workflows/codeql-analysis.yml
vendored
Normal file
40
.github/workflows/codeql-analysis.yml
vendored
Normal file
@@ -0,0 +1,40 @@
|
||||
name: "CodeQL"
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
- development
|
||||
pull_request:
|
||||
branches:
|
||||
- master
|
||||
- development
|
||||
schedule:
|
||||
- cron: '32 11 * * 6'
|
||||
|
||||
jobs:
|
||||
analyze:
|
||||
name: Analyze
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
permissions:
|
||||
actions: read
|
||||
contents: read
|
||||
security-events: write
|
||||
|
||||
steps:
|
||||
-
|
||||
name: Checkout repository
|
||||
uses: actions/checkout@v2
|
||||
# Initializes the CodeQL tools for scanning.
|
||||
-
|
||||
name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@v1
|
||||
with:
|
||||
languages: 'python'
|
||||
-
|
||||
name: Autobuild
|
||||
uses: github/codeql-action/autobuild@v1
|
||||
-
|
||||
name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@v1
|
33
.github/workflows/test.yml
vendored
33
.github/workflows/test.yml
vendored
@@ -5,21 +5,44 @@ on:
|
||||
types: [opened, synchronize, reopened, ready_for_review]
|
||||
|
||||
jobs:
|
||||
smoke-test:
|
||||
if: github.event.pull_request.draft == false
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
-
|
||||
name: Checkout repository
|
||||
uses: actions/checkout@v2
|
||||
-
|
||||
name: Run Smoke Tests
|
||||
run: |
|
||||
# Ensure scripts in repository are executable
|
||||
IFS=$'\n';
|
||||
for f in $(find . -name '*.sh'); do if [[ ! -x $f ]]; then echo "$f is not executable" && FAIL=1; fi ;done
|
||||
unset IFS;
|
||||
# If FAIL is 1 then we fail.
|
||||
[[ $FAIL == 1 ]] && exit 1 || echo "Smoke Tests Passed"
|
||||
|
||||
distro-test:
|
||||
if: github.event.pull_request.draft == false
|
||||
runs-on: ubuntu-latest
|
||||
needs: smoke-test
|
||||
strategy:
|
||||
matrix:
|
||||
distro: [debian_9, debian_10, ubuntu_16, ubuntu_18, ubuntu_20, centos_7, centos_8, fedora_32, fedora_33]
|
||||
distro: [debian_9, debian_10, debian_11, ubuntu_16, ubuntu_18, ubuntu_20, ubuntu_21, centos_7, centos_8, fedora_32, fedora_33]
|
||||
env:
|
||||
DISTRO: ${{matrix.distro}}
|
||||
steps:
|
||||
- uses: actions/checkout@v1
|
||||
- name: Set up Python 3.7
|
||||
-
|
||||
name: Checkout repository
|
||||
uses: actions/checkout@v2
|
||||
-
|
||||
name: Set up Python 3.7
|
||||
uses: actions/setup-python@v2
|
||||
with:
|
||||
python-version: 3.7
|
||||
- name: Install dependencies
|
||||
-
|
||||
name: Install dependencies
|
||||
run: pip install -r test/requirements.txt
|
||||
- name: Test with tox
|
||||
-
|
||||
name: Test with tox
|
||||
run: tox -c test/tox.${DISTRO}.ini
|
||||
|
67
.gitignore
vendored
67
.gitignore
vendored
@@ -7,70 +7,5 @@ __pycache__
|
||||
.tox
|
||||
.eggs
|
||||
*.egg-info
|
||||
|
||||
|
||||
# Created by https://www.gitignore.io/api/jetbrains+iml
|
||||
|
||||
### JetBrains+iml ###
|
||||
# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and Webstorm
|
||||
# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
|
||||
|
||||
# All idea files, with exceptions
|
||||
.idea
|
||||
!.idea/codeStyles/*
|
||||
!.idea/codeStyleSettings.xml
|
||||
|
||||
|
||||
# Sensitive or high-churn files:
|
||||
.idea/**/dataSources/
|
||||
.idea/**/dataSources.ids
|
||||
.idea/**/dataSources.xml
|
||||
.idea/**/dataSources.local.xml
|
||||
.idea/**/sqlDataSources.xml
|
||||
.idea/**/dynamic.xml
|
||||
.idea/**/uiDesigner.xml
|
||||
|
||||
# Gradle:
|
||||
.idea/**/gradle.xml
|
||||
.idea/**/libraries
|
||||
|
||||
# CMake
|
||||
cmake-build-debug/
|
||||
|
||||
# Mongo Explorer plugin:
|
||||
.idea/**/mongoSettings.xml
|
||||
|
||||
## File-based project format:
|
||||
*.iws
|
||||
|
||||
## Plugin-specific files:
|
||||
|
||||
# IntelliJ
|
||||
/out/
|
||||
|
||||
# mpeltonen/sbt-idea plugin
|
||||
.idea_modules/
|
||||
|
||||
# JIRA plugin
|
||||
atlassian-ide-plugin.xml
|
||||
|
||||
# Cursive Clojure plugin
|
||||
.idea/replstate.xml
|
||||
|
||||
# Ruby plugin and RubyMine
|
||||
/.rakeTasks
|
||||
|
||||
# Crashlytics plugin (for Android Studio and IntelliJ)
|
||||
com_crashlytics_export_strings.xml
|
||||
crashlytics.properties
|
||||
crashlytics-build.properties
|
||||
fabric.properties
|
||||
|
||||
### JetBrains+iml Patch ###
|
||||
# Reason: https://github.com/joeblau/gitignore.io/issues/186#issuecomment-249601023
|
||||
|
||||
.idea/
|
||||
*.iml
|
||||
.idea/misc.xml
|
||||
*.ipr
|
||||
|
||||
# End of https://www.gitignore.io/api/jetbrains+iml
|
||||
|
25
.idea/codeStyleSettings.xml
generated
25
.idea/codeStyleSettings.xml
generated
@@ -1,25 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<project version="4">
|
||||
<component name="ProjectCodeStyleSettingsManager">
|
||||
<option name="PER_PROJECT_SETTINGS">
|
||||
<value>
|
||||
<option name="OTHER_INDENT_OPTIONS">
|
||||
<value>
|
||||
<option name="INDENT_SIZE" value="2" />
|
||||
<option name="CONTINUATION_INDENT_SIZE" value="8" />
|
||||
<option name="TAB_SIZE" value="2" />
|
||||
<option name="USE_TAB_CHARACTER" value="false" />
|
||||
<option name="SMART_TABS" value="false" />
|
||||
<option name="LABEL_INDENT_SIZE" value="0" />
|
||||
<option name="LABEL_INDENT_ABSOLUTE" value="false" />
|
||||
<option name="USE_RELATIVE_INDENTS" value="false" />
|
||||
</value>
|
||||
</option>
|
||||
<MarkdownNavigatorCodeStyleSettings>
|
||||
<option name="RIGHT_MARGIN" value="72" />
|
||||
</MarkdownNavigatorCodeStyleSettings>
|
||||
</value>
|
||||
</option>
|
||||
<option name="USE_PER_PROJECT_SETTINGS" value="true" />
|
||||
</component>
|
||||
</project>
|
7
.idea/codeStyles/Project.xml
generated
7
.idea/codeStyles/Project.xml
generated
@@ -1,7 +0,0 @@
|
||||
<component name="ProjectCodeStyleConfiguration">
|
||||
<code_scheme name="Project" version="173">
|
||||
<MarkdownNavigatorCodeStyleSettings>
|
||||
<option name="RIGHT_MARGIN" value="72" />
|
||||
</MarkdownNavigatorCodeStyleSettings>
|
||||
</code_scheme>
|
||||
</component>
|
5
.idea/codeStyles/codeStyleConfig.xml
generated
5
.idea/codeStyles/codeStyleConfig.xml
generated
@@ -1,5 +0,0 @@
|
||||
<component name="ProjectCodeStyleConfiguration">
|
||||
<state>
|
||||
<option name="USE_PER_PROJECT_SETTINGS" value="true" />
|
||||
</state>
|
||||
</component>
|
32
README.md
32
README.md
@@ -11,9 +11,9 @@
|
||||
</p>
|
||||
<!-- markdownlint-enable MD033 -->
|
||||
|
||||
The Pi-hole® is a [DNS sinkhole](https://en.wikipedia.org/wiki/DNS_Sinkhole) that protects your devices from unwanted content, without installing any client-side software.
|
||||
The Pi-hole® is a [DNS sinkhole](https://en.wikipedia.org/wiki/DNS_Sinkhole) that protects your devices from unwanted content without installing any client-side software.
|
||||
|
||||
- **Easy-to-install**: our versatile installer walks you through the process, and takes less than ten minutes
|
||||
- **Easy-to-install**: our versatile installer walks you through the process and takes less than ten minutes
|
||||
- **Resolute**: content is blocked in _non-browser locations_, such as ad-laden mobile apps and smart TVs
|
||||
- **Responsive**: seamlessly speeds up the feel of everyday browsing by caching DNS queries
|
||||
- **Lightweight**: runs smoothly with [minimal hardware and software requirements](https://docs.pi-hole.net/main/prerequisites/)
|
||||
@@ -22,7 +22,7 @@ The Pi-hole® is a [DNS sinkhole](https://en.wikipedia.org/wiki/DNS_Sinkhole) th
|
||||
- **Versatile**: can optionally function as a [DHCP server](https://discourse.pi-hole.net/t/how-do-i-use-pi-holes-built-in-dhcp-server-and-why-would-i-want-to/3026), ensuring *all* your devices are protected automatically
|
||||
- **Scalable**: [capable of handling hundreds of millions of queries](https://pi-hole.net/2017/05/24/how-much-traffic-can-pi-hole-handle/) when installed on server-grade hardware
|
||||
- **Modern**: blocks ads over both IPv4 and IPv6
|
||||
- **Free**: open source software which helps ensure _you_ are the sole person in control of your privacy
|
||||
- **Free**: open source software that helps ensure _you_ are the sole person in control of your privacy
|
||||
|
||||
-----
|
||||
|
||||
@@ -57,21 +57,21 @@ Please refer to the [Pi-hole docker repo](https://github.com/pi-hole/docker-pi-h
|
||||
|
||||
Once the installer has been run, you will need to [configure your router to have **DHCP clients use Pi-hole as their DNS server**](https://discourse.pi-hole.net/t/how-do-i-configure-my-devices-to-use-pi-hole-as-their-dns-server/245) which ensures that all devices connecting to your network will have content blocked without any further intervention.
|
||||
|
||||
If your router does not support setting the DNS server, you can [use Pi-hole's built-in DHCP server](https://discourse.pi-hole.net/t/how-do-i-use-pi-holes-built-in-dhcp-server-and-why-would-i-want-to/3026); just be sure to disable DHCP on your router first (if it has that feature available).
|
||||
If your router does not support setting the DNS server, you can [use Pi-hole's built-in DHCP server](https://discourse.pi-hole.net/t/how-do-i-use-pi-holes-built-in-dhcp-server-and-why-would-i-want-to/3026); be sure to disable DHCP on your router first (if it has that feature available).
|
||||
|
||||
As a last resort, you can always manually set each device to use Pi-hole as their DNS server.
|
||||
As a last resort, you can manually set each device to use Pi-hole as their DNS server.
|
||||
|
||||
-----
|
||||
|
||||
## Pi-hole is free, but powered by your support
|
||||
## Pi-hole is free but powered by your support
|
||||
|
||||
There are many reoccurring costs involved with maintaining free, open source, and privacy-respecting software; expenses which [our volunteer developers](https://github.com/orgs/pi-hole/people) pitch in to cover out-of-pocket. This is just one example of how strongly we feel about our software, as well as the importance of keeping it maintained.
|
||||
There are many reoccurring costs involved with maintaining free, open source, and privacy-respecting software; expenses which [our volunteer developers](https://github.com/orgs/pi-hole/people) pitch in to cover out-of-pocket. This is just one example of how strongly we feel about our software and the importance of keeping it maintained.
|
||||
|
||||
Make no mistake: **your support is absolutely vital to help keep us innovating!**
|
||||
|
||||
### [Donations](https://pi-hole.net/donate)
|
||||
|
||||
Sending a donation using our Sponsor Button is **extremely helpful** in offsetting a portion of our monthly expenses and rewarding our dedicated development team:
|
||||
Donating using our Sponsor Button is **extremely helpful** in offsetting a portion of our monthly expenses:
|
||||
|
||||
### Alternative support
|
||||
|
||||
@@ -83,13 +83,13 @@ If you'd rather not donate (_which is okay!_), there are other ways you can help
|
||||
- [Digital Ocean](https://www.digitalocean.com/?refcode=344d234950e1) _affiliate link_
|
||||
- [Stickermule](https://www.stickermule.com/unlock?ref_id=9127301701&utm_medium=link&utm_source=invite) _earn a $10 credit after your first purchase_
|
||||
- [Amazon US](http://www.amazon.com/exec/obidos/redirect-home/pihole09-20) _affiliate link_
|
||||
- Spreading the word about our software, and how you have benefited from it
|
||||
- Spreading the word about our software and how you have benefited from it
|
||||
|
||||
### Contributing via GitHub
|
||||
|
||||
We welcome _everyone_ to contribute to issue reports, suggest new features, and create pull requests.
|
||||
|
||||
If you have something to add - anything from a typo through to a whole new feature, we're happy to check it out! Just make sure to fill out our template when submitting your request; the questions that it asks will help the volunteers quickly understand what you're aiming to achieve.
|
||||
If you have something to add - anything from a typo through to a whole new feature, we're happy to check it out! Just make sure to fill out our template when submitting your request; the questions it asks will help the volunteers quickly understand what you're aiming to achieve.
|
||||
|
||||
You'll find that the [install script](https://github.com/pi-hole/pi-hole/blob/master/automated%20install/basic-install.sh) and the [debug script](https://github.com/pi-hole/pi-hole/blob/master/advanced/Scripts/piholeDebug.sh) have an abundance of comments, which will help you better understand how Pi-hole works. They're also a valuable resource to those who want to learn how to write scripts or code a program! We encourage anyone who likes to tinker to read through it and submit a pull request for us to review.
|
||||
|
||||
@@ -97,9 +97,9 @@ You'll find that the [install script](https://github.com/pi-hole/pi-hole/blob/ma
|
||||
|
||||
## Getting in touch with us
|
||||
|
||||
While we are primarily reachable on our [Discourse User Forum](https://discourse.pi-hole.net/), we can also be found on a variety of social media outlets.
|
||||
While we are primarily reachable on our [Discourse User Forum](https://discourse.pi-hole.net/), we can also be found on various social media outlets.
|
||||
|
||||
**Please be sure to check the FAQ's** before starting a new discussion. Many user questions already have answers and can be solved without any additional assistance.
|
||||
**Please be sure to check the FAQs** before starting a new discussion, as we do not have the spare time to reply to every request for assistance.
|
||||
|
||||
- [Frequently Asked Questions](https://discourse.pi-hole.net/c/faqs)
|
||||
- [Feature Requests](https://discourse.pi-hole.net/c/feature-requests?order=votes)
|
||||
@@ -125,15 +125,15 @@ Some of the statistics you can integrate include:
|
||||
- Queries cached
|
||||
- Unique clients
|
||||
|
||||
The API can be accessed via [`telnet`](https://github.com/pi-hole/FTL), the Web (`admin/api.php`) and Command Line (`pihole -c -j`). You can find out [more details over here](https://discourse.pi-hole.net/t/pi-hole-api/1863).
|
||||
Access the API via [`telnet`](https://github.com/pi-hole/FTL), the Web (`admin/api.php`) and Command Line (`pihole -c -j`). You can find out [more details over here](https://discourse.pi-hole.net/t/pi-hole-api/1863).
|
||||
|
||||
### The Command Line Interface
|
||||
|
||||
The [pihole](https://docs.pi-hole.net/core/pihole-command/) command has all the functionality necessary to be able to fully administer the Pi-hole, without the need of the Web Interface. It's fast, user-friendly, and auditable by anyone with an understanding of `bash`.
|
||||
The [pihole](https://docs.pi-hole.net/core/pihole-command/) command has all the functionality necessary to fully administer the Pi-hole, without the need of the Web Interface. It's fast, user-friendly, and auditable by anyone with an understanding of `bash`.
|
||||
|
||||
Some notable features include:
|
||||
|
||||
- [Whitelisting, Blacklisting and Regex](https://docs.pi-hole.net/core/pihole-command/#whitelisting-blacklisting-and-regex)
|
||||
- [Whitelisting, Blacklisting, and Regex](https://docs.pi-hole.net/core/pihole-command/#whitelisting-blacklisting-and-regex)
|
||||
- [Debugging utility](https://docs.pi-hole.net/core/pihole-command/#debugger)
|
||||
- [Viewing the live log file](https://docs.pi-hole.net/core/pihole-command/#tail)
|
||||
- [Updating Ad Lists](https://docs.pi-hole.net/core/pihole-command/#gravity)
|
||||
@@ -149,7 +149,7 @@ This [optional dashboard](https://github.com/pi-hole/AdminLTE) allows you to vie
|
||||
|
||||
Some notable features include:
|
||||
|
||||
- Mobile friendly interface
|
||||
- Mobile-friendly interface
|
||||
- Password protection
|
||||
- Detailed graphs and doughnut charts
|
||||
- Top lists of domains and clients
|
||||
|
@@ -39,6 +39,4 @@ cache-size=@CACHE_SIZE@
|
||||
log-queries
|
||||
log-facility=/var/log/pihole.log
|
||||
|
||||
local-ttl=2
|
||||
|
||||
log-async
|
||||
|
41
advanced/06-rfc6761.conf
Normal file
41
advanced/06-rfc6761.conf
Normal file
@@ -0,0 +1,41 @@
|
||||
# Pi-hole: A black hole for Internet advertisements
|
||||
# (c) 2021 Pi-hole, LLC (https://pi-hole.net)
|
||||
# Network-wide ad blocking via your own hardware.
|
||||
#
|
||||
# RFC 6761 config file for Pi-hole
|
||||
#
|
||||
# This file is copyright under the latest version of the EUPL.
|
||||
# Please see LICENSE file for your rights under this license.
|
||||
|
||||
###############################################################################
|
||||
# FILE AUTOMATICALLY POPULATED BY PI-HOLE INSTALL/UPDATE PROCEDURE. #
|
||||
# ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
|
||||
# #
|
||||
# CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE #
|
||||
# WITHIN /etc/dnsmasq.d/yourname.conf #
|
||||
###############################################################################
|
||||
|
||||
# RFC 6761: Caching DNS servers SHOULD recognize
|
||||
# test, localhost, invalid
|
||||
# names as special and SHOULD NOT attempt to look up NS records for them, or
|
||||
# otherwise query authoritative DNS servers in an attempt to resolve these
|
||||
# names.
|
||||
server=/test/
|
||||
server=/localhost/
|
||||
server=/invalid/
|
||||
|
||||
# The same RFC requests something similar for
|
||||
# 16.172.in-addr.arpa. 22.172.in-addr.arpa. 27.172.in-addr.arpa.
|
||||
# 17.172.in-addr.arpa. 30.172.in-addr.arpa. 28.172.in-addr.arpa.
|
||||
# 18.172.in-addr.arpa. 23.172.in-addr.arpa. 29.172.in-addr.arpa.
|
||||
# 19.172.in-addr.arpa. 24.172.in-addr.arpa. 31.172.in-addr.arpa.
|
||||
# 20.172.in-addr.arpa. 25.172.in-addr.arpa. 168.192.in-addr.arpa.
|
||||
# Pi-hole implements this via the dnsmasq option "bogus-priv" (see
|
||||
# 01-pihole.conf) because this also covers IPv6.
|
||||
|
||||
# OpenWRT furthermore blocks bind, local, onion domains
|
||||
# see https://git.openwrt.org/?p=openwrt/openwrt.git;a=blob_plain;f=package/network/services/dnsmasq/files/rfc6761.conf;hb=HEAD
|
||||
# and https://www.iana.org/assignments/special-use-domain-names/special-use-domain-names.xhtml
|
||||
# We do not include the ".local" rule ourselves, see https://github.com/pi-hole/pi-hole/pull/4282#discussion_r689112972
|
||||
server=/bind/
|
||||
server=/onion/
|
0
advanced/Scripts/database_migration/gravity-db.sh
Normal file → Executable file
0
advanced/Scripts/database_migration/gravity-db.sh
Normal file → Executable file
@@ -23,7 +23,7 @@ fi
|
||||
# have changed
|
||||
gravityDBfile="${GRAVITYDB}"
|
||||
|
||||
reload=false
|
||||
noReloadRequested=false
|
||||
addmode=true
|
||||
verbose=true
|
||||
wildcard=false
|
||||
@@ -35,6 +35,7 @@ typeId=""
|
||||
comment=""
|
||||
declare -i domaincount
|
||||
domaincount=0
|
||||
reload=false
|
||||
|
||||
colfile="/opt/pihole/COL_TABLE"
|
||||
source ${colfile}
|
||||
@@ -242,13 +243,13 @@ Displaylist() {
|
||||
|
||||
NukeList() {
|
||||
count=$(sqlite3 "${gravityDBfile}" "SELECT COUNT(1) FROM domainlist WHERE type = ${typeId};")
|
||||
listname="$(GetListnameFromTypeId "${typeId}")"
|
||||
listname="$(GetListnameFromTypeId "${typeId}")"
|
||||
if [ "$count" -gt 0 ];then
|
||||
sqlite3 "${gravityDBfile}" "DELETE FROM domainlist WHERE type = ${typeId};"
|
||||
echo " ${TICK} Removed ${count} domain(s) from the ${listname}"
|
||||
else
|
||||
echo " ${INFO} ${listname} already empty. Nothing to do!"
|
||||
fi
|
||||
fi
|
||||
exit 0;
|
||||
}
|
||||
|
||||
@@ -268,7 +269,7 @@ while (( "$#" )); do
|
||||
"--white-wild" | "white-wild" ) typeId=2; wildcard=true;;
|
||||
"--wild" | "wildcard" ) typeId=3; wildcard=true;;
|
||||
"--regex" | "regex" ) typeId=3;;
|
||||
"-nr"| "--noreload" ) reload=false;;
|
||||
"-nr"| "--noreload" ) noReloadRequested=true;;
|
||||
"-d" | "--delmode" ) addmode=false;;
|
||||
"-q" | "--quiet" ) verbose=false;;
|
||||
"-h" | "--help" ) helpFunc;;
|
||||
@@ -294,6 +295,6 @@ if $web; then
|
||||
echo "DONE"
|
||||
fi
|
||||
|
||||
if [[ "${reload}" != false ]]; then
|
||||
if [[ ${reload} == true && ${noReloadRequested} == false ]]; then
|
||||
pihole restartdns reload-lists
|
||||
fi
|
||||
|
3
advanced/Scripts/piholeCheckout.sh
Normal file → Executable file
3
advanced/Scripts/piholeCheckout.sh
Normal file → Executable file
@@ -166,12 +166,15 @@ checkout() {
|
||||
checkout_pull_branch "${webInterfaceDir}" "${2}"
|
||||
elif [[ "${1}" == "ftl" ]] ; then
|
||||
local path
|
||||
local oldbranch
|
||||
path="${2}/${binary}"
|
||||
oldbranch="$(pihole-FTL -b)"
|
||||
|
||||
if check_download_exists "$path"; then
|
||||
echo " ${TICK} Branch ${2} exists"
|
||||
echo "${2}" > /etc/pihole/ftlbranch
|
||||
chmod 644 /etc/pihole/ftlbranch
|
||||
echo -e " ${INFO} Switching to branch: \"${2}\" from \"${oldbranch}\""
|
||||
FTLinstall "${binary}"
|
||||
restart_service pihole-FTL
|
||||
enable_service pihole-FTL
|
||||
|
@@ -56,11 +56,6 @@ FAQ_BAD_ADDRESS="${COL_CYAN}https://discourse.pi-hole.net/t/why-do-i-see-bad-add
|
||||
|
||||
# Other URLs we may use
|
||||
FORUMS_URL="${COL_CYAN}https://discourse.pi-hole.net${COL_NC}"
|
||||
TRICORDER_CONTEST="${COL_CYAN}https://pi-hole.net/2016/11/07/crack-our-medical-tricorder-win-a-raspberry-pi-3/${COL_NC}"
|
||||
|
||||
# Port numbers used for uploading the debug log
|
||||
TRICORDER_NC_PORT_NUMBER=9999
|
||||
TRICORDER_SSL_PORT_NUMBER=9998
|
||||
|
||||
# Directories required by Pi-hole
|
||||
# https://discourse.pi-hole.net/t/what-files-does-pi-hole-use/1684
|
||||
@@ -72,23 +67,20 @@ PIHOLE_SCRIPTS_DIRECTORY="/opt/pihole"
|
||||
BIN_DIRECTORY="/usr/local/bin"
|
||||
RUN_DIRECTORY="/run"
|
||||
LOG_DIRECTORY="/var/log"
|
||||
#WEB_SERVER_LOG_DIRECTORY="${LOG_DIRECTORY}/lighttpd" #TODO: FTL access log?
|
||||
#WEB_SERVER_CONFIG_DIRECTORY="/etc/lighttpd" #TODO: web server config?
|
||||
WEB_SERVER_LOG_DIRECTORY="${LOG_DIRECTORY}/lighttpd"
|
||||
WEB_SERVER_CONFIG_DIRECTORY="/etc/lighttpd"
|
||||
HTML_DIRECTORY="/var/www/html"
|
||||
WEB_GIT_DIRECTORY="${HTML_DIRECTORY}/admin"
|
||||
#BLOCK_PAGE_DIRECTORY="${HTML_DIRECTORY}/pihole"
|
||||
SHM_DIRECTORY="/dev/shm"
|
||||
ETC="/etc"
|
||||
|
||||
# Files required by Pi-hole
|
||||
# https://discourse.pi-hole.net/t/what-files-does-pi-hole-use/1684
|
||||
PIHOLE_CRON_FILE="${CRON_D_DIRECTORY}/pihole"
|
||||
|
||||
PIHOLE_DNS_CONFIG_FILE="${DNSMASQ_D_DIRECTORY}/01-pihole.conf"
|
||||
PIHOLE_DHCP_CONFIG_FILE="${DNSMASQ_D_DIRECTORY}/02-pihole-dhcp.conf"
|
||||
PIHOLE_WILDCARD_CONFIG_FILE="${DNSMASQ_D_DIRECTORY}/03-wildcard.conf"
|
||||
|
||||
#WEB_SERVER_CONFIG_FILE="${WEB_SERVER_CONFIG_DIRECTORY}/lighttpd.conf"
|
||||
#WEB_SERVER_CUSTOM_CONFIG_FILE="${WEB_SERVER_CONFIG_DIRECTORY}/external.conf"
|
||||
WEB_SERVER_CONFIG_FILE="${WEB_SERVER_CONFIG_DIRECTORY}/lighttpd.conf"
|
||||
WEB_SERVER_CUSTOM_CONFIG_FILE="${WEB_SERVER_CONFIG_DIRECTORY}/external.conf"
|
||||
|
||||
PIHOLE_INSTALL_LOG_FILE="${PIHOLE_DIRECTORY}/install.log"
|
||||
PIHOLE_RAW_BLOCKLIST_FILES="${PIHOLE_DIRECTORY}/list.*"
|
||||
@@ -138,15 +130,18 @@ PIHOLE_LOG_GZIPS="${LOG_DIRECTORY}/pihole.log.[0-9].*"
|
||||
PIHOLE_DEBUG_LOG="${LOG_DIRECTORY}/pihole_debug.log"
|
||||
PIHOLE_FTL_LOG="$(get_ftl_conf_value "LOGFILE" "${LOG_DIRECTORY}/pihole-FTL.log")"
|
||||
|
||||
# PIHOLE_WEB_SERVER_ACCESS_LOG_FILE="${WEB_SERVER_LOG_DIRECTORY}/access.log" #TODO: FTL access log?
|
||||
# PIHOLE_WEB_SERVER_ERROR_LOG_FILE="${WEB_SERVER_LOG_DIRECTORY}/error.log" #TODO: FTL Error log?
|
||||
PIHOLE_WEB_SERVER_ACCESS_LOG_FILE="${WEB_SERVER_LOG_DIRECTORY}/access.log"
|
||||
PIHOLE_WEB_SERVER_ERROR_LOG_FILE="${WEB_SERVER_LOG_DIRECTORY}/error.log"
|
||||
|
||||
RESOLVCONF="${ETC}/resolv.conf"
|
||||
DNSMASQ_CONF="${ETC}/dnsmasq.conf"
|
||||
|
||||
# An array of operating system "pretty names" that we officially support
|
||||
# We can loop through the array at any time to see if it matches a value
|
||||
#SUPPORTED_OS=("Raspbian" "Ubuntu" "Fedora" "Debian" "CentOS")
|
||||
|
||||
# Store Pi-hole's processes in an array for easy use and parsing
|
||||
PIHOLE_PROCESSES=( "pihole-FTL" )
|
||||
PIHOLE_PROCESSES=( "lighttpd" "pihole-FTL" )
|
||||
|
||||
# Store the required directories in an array so it can be parsed through
|
||||
#REQUIRED_DIRECTORIES=("${CORE_GIT_DIRECTORY}"
|
||||
@@ -165,11 +160,8 @@ PIHOLE_PROCESSES=( "pihole-FTL" )
|
||||
|
||||
# Store the required directories in an array so it can be parsed through
|
||||
REQUIRED_FILES=("${PIHOLE_CRON_FILE}"
|
||||
"${PIHOLE_DNS_CONFIG_FILE}"
|
||||
"${PIHOLE_DHCP_CONFIG_FILE}"
|
||||
"${PIHOLE_WILDCARD_CONFIG_FILE}"
|
||||
#"${WEB_SERVER_CONFIG_FILE}"
|
||||
#"${WEB_SERVER_CUSTOM_CONFIG_FILE}"
|
||||
"${WEB_SERVER_CONFIG_FILE}"
|
||||
"${WEB_SERVER_CUSTOM_CONFIG_FILE}"
|
||||
"${PIHOLE_INSTALL_LOG_FILE}"
|
||||
"${PIHOLE_RAW_BLOCKLIST_FILES}"
|
||||
"${PIHOLE_LOCAL_HOSTS_FILE}"
|
||||
@@ -185,7 +177,9 @@ REQUIRED_FILES=("${PIHOLE_CRON_FILE}"
|
||||
"${PIHOLE_DEBUG_LOG}"
|
||||
"${PIHOLE_FTL_LOG}"
|
||||
"${PIHOLE_WEB_SERVER_ACCESS_LOG_FILE}"
|
||||
"${PIHOLE_WEB_SERVER_ERROR_LOG_FILE}")
|
||||
"${PIHOLE_WEB_SERVER_ERROR_LOG_FILE}"
|
||||
"${RESOLVCONF}"
|
||||
"${DNSMASQ_CONF}")
|
||||
|
||||
DISCLAIMER="This process collects information from your Pi-hole, and optionally uploads it to a unique and random directory on tricorder.pi-hole.net.
|
||||
|
||||
@@ -235,6 +229,7 @@ copy_to_debug_log() {
|
||||
}
|
||||
|
||||
initialize_debug() {
|
||||
local system_uptime
|
||||
# Clear the screen so the debug log is readable
|
||||
clear
|
||||
show_disclaimer
|
||||
@@ -242,6 +237,10 @@ initialize_debug() {
|
||||
log_write "${COL_PURPLE}*** [ INITIALIZING ]${COL_NC}"
|
||||
# Timestamp the start of the log
|
||||
log_write "${INFO} $(date "+%Y-%m-%d:%H:%M:%S") debug log has been initialized."
|
||||
# Uptime of the system
|
||||
# credits to https://stackoverflow.com/questions/28353409/bash-format-uptime-to-show-days-hours-minutes
|
||||
system_uptime=$(uptime | awk -F'( |,|:)+' '{if ($7=="min") m=$6; else {if ($7~/^day/){if ($9=="min") {d=$6;m=$8} else {d=$6;h=$8;m=$9}} else {h=$6;m=$7}}} {print d+0,"days,",h+0,"hours,",m+0,"minutes"}')
|
||||
log_write "${INFO} System has been running for ${system_uptime}"
|
||||
}
|
||||
|
||||
# This is a function for visually displaying the current test that is being run.
|
||||
@@ -373,16 +372,49 @@ check_component_versions() {
|
||||
check_ftl_version
|
||||
}
|
||||
|
||||
|
||||
get_program_version() {
|
||||
local program_name="${1}"
|
||||
# Create a local variable so this function can be safely reused
|
||||
local program_version
|
||||
echo_current_diagnostic "${program_name} version"
|
||||
# Evaluate the program we are checking, if it is any of the ones below, show the version
|
||||
case "${program_name}" in
|
||||
"lighttpd") program_version="$(${program_name} -v 2> /dev/null | head -n1 | cut -d '/' -f2 | cut -d ' ' -f1)"
|
||||
;;
|
||||
"php") program_version="$(${program_name} -v 2> /dev/null | head -n1 | cut -d '-' -f1 | cut -d ' ' -f2)"
|
||||
;;
|
||||
# If a match is not found, show an error
|
||||
*) echo "Unrecognized program";
|
||||
esac
|
||||
# If the program does not have a version (the variable is empty)
|
||||
if [[ -z "${program_version}" ]]; then
|
||||
# Display and error
|
||||
log_write "${CROSS} ${COL_RED}${program_name} version could not be detected.${COL_NC}"
|
||||
else
|
||||
# Otherwise, display the version
|
||||
log_write "${INFO} ${program_version}"
|
||||
fi
|
||||
}
|
||||
|
||||
# These are the most critical dependencies of Pi-hole, so we check for them
|
||||
# and their versions, using the functions above.
|
||||
check_critical_program_versions() {
|
||||
# Use the function created earlier and bundle them into one function that checks all the version numbers
|
||||
get_program_version "lighttpd"
|
||||
get_program_version "php"
|
||||
}
|
||||
|
||||
os_check() {
|
||||
# This function gets a list of supported OS versions from a TXT record at versions.pi-hole.net
|
||||
# and determines whether or not the script is running on one of those systems
|
||||
local remote_os_domain valid_os valid_version detected_os detected_version cmdResult digReturnCode response
|
||||
remote_os_domain="versions.pi-hole.net"
|
||||
remote_os_domain=${OS_CHECK_DOMAIN_NAME:-"versions.pi-hole.net"}
|
||||
|
||||
detected_os=$(grep "\bID\b" /etc/os-release | cut -d '=' -f2 | tr -d '"')
|
||||
detected_version=$(grep VERSION_ID /etc/os-release | cut -d '=' -f2 | tr -d '"')
|
||||
|
||||
cmdResult="$(dig +short -t txt ${remote_os_domain} @ns1.pi-hole.net 2>&1; echo $?)"
|
||||
cmdResult="$(dig +short -t txt "${remote_os_domain}" @ns1.pi-hole.net 2>&1; echo $?)"
|
||||
#Get the return code of the previous command (last line)
|
||||
digReturnCode="${cmdResult##*$'\n'}"
|
||||
|
||||
@@ -572,38 +604,6 @@ parse_locale() {
|
||||
parse_file "${pihole_locale}"
|
||||
}
|
||||
|
||||
does_ip_match_setup_vars() {
|
||||
# Check for IPv4 or 6
|
||||
local protocol="${1}"
|
||||
# IP address to check for
|
||||
local ip_address="${2}"
|
||||
# See what IP is in the setupVars.conf file
|
||||
local setup_vars_ip
|
||||
setup_vars_ip=$(< ${PIHOLE_SETUP_VARS_FILE} grep IPV"${protocol}"_ADDRESS | cut -d '=' -f2)
|
||||
# If it's an IPv6 address
|
||||
if [[ "${protocol}" == "6" ]]; then
|
||||
# Strip off the / (CIDR notation)
|
||||
if [[ "${ip_address%/*}" == "${setup_vars_ip%/*}" ]]; then
|
||||
# if it matches, show it in green
|
||||
log_write " ${COL_GREEN}${ip_address%/*}${COL_NC} matches the IP found in ${PIHOLE_SETUP_VARS_FILE}"
|
||||
else
|
||||
# otherwise show it in red with an FAQ URL
|
||||
log_write " ${COL_RED}${ip_address%/*}${COL_NC} does not match the IP found in ${PIHOLE_SETUP_VARS_FILE} (${FAQ_ULA})"
|
||||
fi
|
||||
|
||||
else
|
||||
# if the protocol isn't 6, it's 4 so no need to strip the CIDR notation
|
||||
# since it exists in the setupVars.conf that way
|
||||
if [[ "${ip_address}" == "${setup_vars_ip}" ]]; then
|
||||
# show in green if it matches
|
||||
log_write " ${COL_GREEN}${ip_address}${COL_NC} matches the IP found in ${PIHOLE_SETUP_VARS_FILE}"
|
||||
else
|
||||
# otherwise show it in red
|
||||
log_write " ${COL_RED}${ip_address}${COL_NC} does not match the IP found in ${PIHOLE_SETUP_VARS_FILE} (${FAQ_ULA})"
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
detect_ip_addresses() {
|
||||
# First argument should be a 4 or a 6
|
||||
local protocol=${1}
|
||||
@@ -620,8 +620,7 @@ detect_ip_addresses() {
|
||||
log_write "${TICK} IPv${protocol} address(es) bound to the ${PIHOLE_INTERFACE} interface:"
|
||||
# Since there may be more than one IP address, store them in an array
|
||||
for i in "${!ip_addr_list[@]}"; do
|
||||
# For each one in the list, print it out
|
||||
does_ip_match_setup_vars "${protocol}" "${ip_addr_list[$i]}"
|
||||
log_write " ${ip_addr_list[$i]}"
|
||||
done
|
||||
# Print a blank line just for formatting
|
||||
log_write ""
|
||||
@@ -630,13 +629,6 @@ detect_ip_addresses() {
|
||||
log_write "${CROSS} ${COL_RED}No IPv${protocol} address(es) found on the ${PIHOLE_INTERFACE}${COL_NC} interface.\\n"
|
||||
return 1
|
||||
fi
|
||||
# If the protocol is v6
|
||||
if [[ "${protocol}" == "6" ]]; then
|
||||
# let the user know that as long as there is one green address, things should be ok
|
||||
log_write " ^ Please note that you may have more than one IP address listed."
|
||||
log_write " As long as one of them is green, and it matches what is in ${PIHOLE_SETUP_VARS_FILE}, there is no need for concern.\\n"
|
||||
log_write " The link to the FAQ is for an issue that sometimes occurs when the IPv6 address changes, which is why we check for it.\\n"
|
||||
fi
|
||||
}
|
||||
|
||||
ping_ipv4_or_ipv6() {
|
||||
@@ -725,10 +717,10 @@ compare_port_to_service_assigned() {
|
||||
|
||||
check_required_ports() {
|
||||
echo_current_diagnostic "Ports in use"
|
||||
# Since Pi-hole needs 53 and 4711, check what they are being used by
|
||||
# Since Pi-hole needs 53, 80, and 4711, check what they are being used by
|
||||
# so we can detect any issues
|
||||
local resolver="pihole-FTL"
|
||||
local web_server="pihole-FTL"
|
||||
local web_server="lighttpd"
|
||||
local ftl="pihole-FTL"
|
||||
# Create an array for these ports in use
|
||||
ports_in_use=()
|
||||
@@ -785,30 +777,14 @@ check_x_headers() {
|
||||
# server is operating correctly
|
||||
echo_current_diagnostic "Dashboard and block page"
|
||||
# Use curl -I to get the header and parse out just the X-Pi-hole one
|
||||
local block_page
|
||||
block_page=$(curl -Is localhost | awk '/X-Pi-hole/' | tr -d '\r')
|
||||
# Do it for the dashboard as well, as the header is different than above
|
||||
local dashboard
|
||||
dashboard=$(curl -Is localhost/admin/ | awk '/X-Pi-hole/' | tr -d '\r')
|
||||
# Store what the X-Header should be in variables for comparison later
|
||||
local block_page_working
|
||||
block_page_working="X-Pi-hole: A black hole for Internet advertisements."
|
||||
local dashboard_working
|
||||
dashboard_working="X-Pi-hole: The Pi-hole Web interface is working!"
|
||||
local full_curl_output_block_page
|
||||
full_curl_output_block_page="$(curl -Is localhost)"
|
||||
local full_curl_output_dashboard
|
||||
full_curl_output_dashboard="$(curl -Is localhost/admin/)"
|
||||
# If the X-header found by curl matches what is should be,
|
||||
if [[ $block_page == "$block_page_working" ]]; then
|
||||
# display a success message
|
||||
log_write "$TICK Block page X-Header: ${COL_GREEN}${block_page}${COL_NC}"
|
||||
else
|
||||
# Otherwise, show an error
|
||||
log_write "$CROSS Block page X-Header: ${COL_RED}X-Header does not match or could not be retrieved.${COL_NC}"
|
||||
log_write "${COL_RED}${full_curl_output_block_page}${COL_NC}"
|
||||
fi
|
||||
|
||||
|
||||
# Same logic applies to the dashboard as above, if the X-Header matches what a working system should have,
|
||||
if [[ $dashboard == "$dashboard_working" ]]; then
|
||||
# then we can show a success
|
||||
@@ -889,16 +865,20 @@ dig_at() {
|
||||
# s/\/.*$//g;
|
||||
# Removes CIDR and everything thereafter (e.g., scope properties)
|
||||
addresses="$(ip address show dev "${iface}" | sed "/${sed_selector} /!d;s/^.*${sed_selector} //g;s/\/.*$//g;")"
|
||||
while IFS= read -r local_address ; do
|
||||
# Check if Pi-hole can use itself to block a domain
|
||||
if local_dig=$(dig +tries=1 +time=2 -"${protocol}" "${random_url}" @"${local_address}" +short "${record_type}"); then
|
||||
# If it can, show success
|
||||
log_write "${TICK} ${random_url} ${COL_GREEN}is ${local_dig}${COL_NC} on ${COL_CYAN}${iface}${COL_NC} (${COL_CYAN}${local_address}${COL_NC})"
|
||||
else
|
||||
# Otherwise, show a failure
|
||||
log_write "${CROSS} ${COL_RED}Failed to resolve${COL_NC} ${random_url} on ${COL_RED}${iface}${COL_NC} (${COL_RED}${local_address}${COL_NC})"
|
||||
fi
|
||||
done <<< "${addresses}"
|
||||
if [ -n "${addresses}" ]; then
|
||||
while IFS= read -r local_address ; do
|
||||
# Check if Pi-hole can use itself to block a domain
|
||||
if local_dig=$(dig +tries=1 +time=2 -"${protocol}" "${random_url}" @"${local_address}" +short "${record_type}"); then
|
||||
# If it can, show success
|
||||
log_write "${TICK} ${random_url} ${COL_GREEN}is ${local_dig}${COL_NC} on ${COL_CYAN}${iface}${COL_NC} (${COL_CYAN}${local_address}${COL_NC})"
|
||||
else
|
||||
# Otherwise, show a failure
|
||||
log_write "${CROSS} ${COL_RED}Failed to resolve${COL_NC} ${random_url} on ${COL_RED}${iface}${COL_NC} (${COL_RED}${local_address}${COL_NC})"
|
||||
fi
|
||||
done <<< "${addresses}"
|
||||
else
|
||||
log_write "${TICK} No IPv${protocol} address available on ${COL_CYAN}${iface}${COL_NC}"
|
||||
fi
|
||||
done <<< "${interfaces}"
|
||||
|
||||
# Finally, we need to make sure legitimate queries can out to the Internet using an external, public DNS server
|
||||
@@ -1076,13 +1056,17 @@ list_files_in_dir() {
|
||||
:
|
||||
elif [[ "${dir_to_parse}" == "${SHM_DIRECTORY}" ]]; then
|
||||
# SHM file - we do not want to see the content, but we want to see the files and their sizes
|
||||
log_write "$(ls -ld "${dir_to_parse}"/"${each_file}")"
|
||||
log_write "$(ls -lhd "${dir_to_parse}"/"${each_file}")"
|
||||
elif [[ "${dir_to_parse}" == "${DNSMASQ_D_DIRECTORY}" ]]; then
|
||||
# in case of the dnsmasq directory inlcuede all files in the debug output
|
||||
log_write "\\n${COL_GREEN}$(ls -lhd "${dir_to_parse}"/"${each_file}")${COL_NC}"
|
||||
make_array_from_file "${dir_to_parse}/${each_file}"
|
||||
else
|
||||
# Then, parse the file's content into an array so each line can be analyzed if need be
|
||||
for i in "${!REQUIRED_FILES[@]}"; do
|
||||
if [[ "${dir_to_parse}/${each_file}" == "${REQUIRED_FILES[$i]}" ]]; then
|
||||
# display the filename
|
||||
log_write "\\n${COL_GREEN}$(ls -ld "${dir_to_parse}"/"${each_file}")${COL_NC}"
|
||||
log_write "\\n${COL_GREEN}$(ls -lhd "${dir_to_parse}"/"${each_file}")${COL_NC}"
|
||||
# Check if the file we want to view has a limit (because sometimes we just need a little bit of info from the file, not the entire thing)
|
||||
case "${dir_to_parse}/${each_file}" in
|
||||
# If it's Web server error log, give the first and last 25 lines
|
||||
@@ -1121,6 +1105,7 @@ show_content_of_pihole_files() {
|
||||
show_content_of_files_in_dir "${WEB_SERVER_LOG_DIRECTORY}"
|
||||
show_content_of_files_in_dir "${LOG_DIRECTORY}"
|
||||
show_content_of_files_in_dir "${SHM_DIRECTORY}"
|
||||
show_content_of_files_in_dir "${ETC}"
|
||||
}
|
||||
|
||||
head_tail_log() {
|
||||
@@ -1221,11 +1206,11 @@ show_groups() {
|
||||
}
|
||||
|
||||
show_adlists() {
|
||||
show_db_entries "Adlists" "SELECT id,CASE enabled WHEN '0' THEN ' 0' WHEN '1' THEN ' 1' ELSE enabled END enabled,GROUP_CONCAT(adlist_by_group.group_id) group_ids,address,datetime(date_added,'unixepoch','localtime') date_added,datetime(date_modified,'unixepoch','localtime') date_modified,comment FROM adlist LEFT JOIN adlist_by_group ON adlist.id = adlist_by_group.adlist_id GROUP BY id;" "4 7 12 100 19 19 50"
|
||||
show_db_entries "Adlists" "SELECT id,CASE enabled WHEN '0' THEN ' 0' WHEN '1' THEN ' 1' ELSE enabled END enabled,GROUP_CONCAT(adlist_by_group.group_id) group_ids,address,datetime(date_added,'unixepoch','localtime') date_added,datetime(date_modified,'unixepoch','localtime') date_modified,comment FROM adlist LEFT JOIN adlist_by_group ON adlist.id = adlist_by_group.adlist_id GROUP BY id;" "5 7 12 100 19 19 50"
|
||||
}
|
||||
|
||||
show_domainlist() {
|
||||
show_db_entries "Domainlist (0/1 = exact white-/blacklist, 2/3 = regex white-/blacklist)" "SELECT id,CASE type WHEN '0' THEN '0 ' WHEN '1' THEN ' 1 ' WHEN '2' THEN ' 2 ' WHEN '3' THEN ' 3' ELSE type END type,CASE enabled WHEN '0' THEN ' 0' WHEN '1' THEN ' 1' ELSE enabled END enabled,GROUP_CONCAT(domainlist_by_group.group_id) group_ids,domain,datetime(date_added,'unixepoch','localtime') date_added,datetime(date_modified,'unixepoch','localtime') date_modified,comment FROM domainlist LEFT JOIN domainlist_by_group ON domainlist.id = domainlist_by_group.domainlist_id GROUP BY id;" "4 4 7 12 100 19 19 50"
|
||||
show_db_entries "Domainlist (0/1 = exact white-/blacklist, 2/3 = regex white-/blacklist)" "SELECT id,CASE type WHEN '0' THEN '0 ' WHEN '1' THEN ' 1 ' WHEN '2' THEN ' 2 ' WHEN '3' THEN ' 3' ELSE type END type,CASE enabled WHEN '0' THEN ' 0' WHEN '1' THEN ' 1' ELSE enabled END enabled,GROUP_CONCAT(domainlist_by_group.group_id) group_ids,domain,datetime(date_added,'unixepoch','localtime') date_added,datetime(date_modified,'unixepoch','localtime') date_modified,comment FROM domainlist LEFT JOIN domainlist_by_group ON domainlist.id = domainlist_by_group.domainlist_id GROUP BY id;" "5 4 7 12 100 19 19 50"
|
||||
}
|
||||
|
||||
show_clients() {
|
||||
@@ -1237,10 +1222,10 @@ show_messages() {
|
||||
}
|
||||
|
||||
analyze_gravity_list() {
|
||||
echo_current_diagnostic "Gravity List and Database"
|
||||
echo_current_diagnostic "Gravity Database"
|
||||
|
||||
local gravity_permissions
|
||||
gravity_permissions=$(ls -ld "${PIHOLE_GRAVITY_DB_FILE}")
|
||||
gravity_permissions=$(ls -lhd "${PIHOLE_GRAVITY_DB_FILE}")
|
||||
log_write "${COL_GREEN}${gravity_permissions}${COL_NC}"
|
||||
|
||||
show_db_entries "Info table" "SELECT property,value FROM info" "20 40"
|
||||
@@ -1319,7 +1304,7 @@ analyze_pihole_log() {
|
||||
OLD_IFS="$IFS"
|
||||
# Get the lines that are in the file(s) and store them in an array for parsing later
|
||||
IFS=$'\r\n'
|
||||
pihole_log_permissions=$(ls -ld "${PIHOLE_LOG}")
|
||||
pihole_log_permissions=$(ls -lhd "${PIHOLE_LOG}")
|
||||
log_write "${COL_GREEN}${pihole_log_permissions}${COL_NC}"
|
||||
mapfile -t pihole_log_head < <(head -n 20 ${PIHOLE_LOG})
|
||||
log_write " ${COL_CYAN}-----head of $(basename ${PIHOLE_LOG})------${COL_NC}"
|
||||
@@ -1333,25 +1318,18 @@ analyze_pihole_log() {
|
||||
IFS="$OLD_IFS"
|
||||
}
|
||||
|
||||
tricorder_use_nc_or_curl() {
|
||||
# Users can submit their debug logs using nc (unencrypted) or curl (encrypted) if available
|
||||
# Check for curl first since encryption is a good thing
|
||||
if command -v curl &> /dev/null; then
|
||||
# If the command exists,
|
||||
log_write " * Using ${COL_GREEN}curl${COL_NC} for transmission."
|
||||
# transmit he log via TLS and store the token returned in a variable
|
||||
tricorder_token=$(curl --silent --upload-file ${PIHOLE_DEBUG_LOG} https://tricorder.pi-hole.net:${TRICORDER_SSL_PORT_NUMBER})
|
||||
if [ -z "${tricorder_token}" ]; then
|
||||
# curl failed, fallback to nc
|
||||
log_write " * ${COL_GREEN}curl${COL_NC} failed, falling back to ${COL_YELLOW}netcat${COL_NC} for transmission."
|
||||
tricorder_token=$(< ${PIHOLE_DEBUG_LOG} nc tricorder.pi-hole.net ${TRICORDER_NC_PORT_NUMBER})
|
||||
curl_to_tricorder() {
|
||||
# Users can submit their debug logs using curl (encrypted)
|
||||
log_write " * Using ${COL_GREEN}curl${COL_NC} for transmission."
|
||||
# transmit the log via TLS and store the token returned in a variable
|
||||
tricorder_token=$(curl --silent --fail --show-error --upload-file ${PIHOLE_DEBUG_LOG} https://tricorder.pi-hole.net 2>&1)
|
||||
if [[ "${tricorder_token}" != "https://tricorder.pi-hole.net/"* ]]; then
|
||||
log_write " * ${COL_GREEN}curl${COL_NC} failed, contact Pi-hole support for assistance."
|
||||
# Log curl error (if available)
|
||||
if [ -n "${tricorder_token}" ]; then
|
||||
log_write " * Error message: ${COL_RED}${tricorder_token}${COL_NC}\\n"
|
||||
tricorder_token=""
|
||||
fi
|
||||
# Otherwise,
|
||||
else
|
||||
# use net cat
|
||||
log_write "${INFO} Using ${COL_YELLOW}netcat${COL_NC} for transmission."
|
||||
# Save the token returned by our server in a variable
|
||||
tricorder_token=$(< ${PIHOLE_DEBUG_LOG} nc tricorder.pi-hole.net ${TRICORDER_NC_PORT_NUMBER})
|
||||
fi
|
||||
}
|
||||
|
||||
@@ -1370,14 +1348,13 @@ upload_to_tricorder() {
|
||||
|
||||
# Provide information on what they should do with their token
|
||||
log_write " * The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only."
|
||||
log_write " * For more information, see: ${TRICORDER_CONTEST}"
|
||||
log_write " * If available, we'll use openssl to upload the log, otherwise it will fall back to netcat."
|
||||
|
||||
# If pihole -d is running automatically (usually through the dashboard)
|
||||
if [[ "${AUTOMATED}" ]]; then
|
||||
# let the user know
|
||||
log_write "${INFO} Debug script running in automated mode"
|
||||
# and then decide again which tool to use to submit it
|
||||
tricorder_use_nc_or_curl
|
||||
curl_to_tricorder
|
||||
# If we're not running in automated mode,
|
||||
else
|
||||
echo ""
|
||||
@@ -1386,7 +1363,7 @@ upload_to_tricorder() {
|
||||
read -r -p "[?] Would you like to upload the log? [y/N] " response
|
||||
case ${response} in
|
||||
# If they say yes, run our function for uploading the log
|
||||
[yY][eE][sS]|[yY]) tricorder_use_nc_or_curl;;
|
||||
[yY][eE][sS]|[yY]) curl_to_tricorder;;
|
||||
# If they choose no, just exit out of the script
|
||||
*) log_write " * Log will ${COL_GREEN}NOT${COL_NC} be uploaded to tricorder.\\n * A local copy of the debug log can be found at: ${COL_CYAN}${PIHOLE_DEBUG_LOG}${COL_NC}\\n";exit;
|
||||
esac
|
||||
@@ -1397,15 +1374,15 @@ upload_to_tricorder() {
|
||||
# Again, try to make this visually striking so the user realizes they need to do something with this information
|
||||
# Namely, provide the Pi-hole devs with the token
|
||||
log_write ""
|
||||
log_write "${COL_PURPLE}***********************************${COL_NC}"
|
||||
log_write "${COL_PURPLE}***********************************${COL_NC}"
|
||||
log_write "${COL_PURPLE}*****************************************************************${COL_NC}"
|
||||
log_write "${COL_PURPLE}*****************************************************************${COL_NC}\\n"
|
||||
log_write "${TICK} Your debug token is: ${COL_GREEN}${tricorder_token}${COL_NC}"
|
||||
log_write "${COL_PURPLE}***********************************${COL_NC}"
|
||||
log_write "${COL_PURPLE}***********************************${COL_NC}"
|
||||
log_write "${INFO}${COL_RED} Logs are deleted 48 hours after upload.${COL_NC}\\n"
|
||||
log_write "${COL_PURPLE}*****************************************************************${COL_NC}"
|
||||
log_write "${COL_PURPLE}*****************************************************************${COL_NC}"
|
||||
log_write ""
|
||||
log_write " * Provide the token above to the Pi-hole team for assistance at"
|
||||
log_write " * ${FORUMS_URL}"
|
||||
log_write " * Your log will self-destruct on our server after ${COL_RED}48 hours${COL_NC}."
|
||||
log_write " * Provide the token above to the Pi-hole team for assistance at ${FORUMS_URL}"
|
||||
|
||||
# If no token was generated
|
||||
else
|
||||
# Show an error and some help instructions
|
||||
@@ -1423,6 +1400,7 @@ initialize_debug
|
||||
# available to the other functions
|
||||
source_setup_variables
|
||||
check_component_versions
|
||||
check_critical_program_versions
|
||||
diagnose_operating_system
|
||||
check_selinux
|
||||
check_firewalld
|
||||
|
@@ -11,6 +11,11 @@
|
||||
colfile="/opt/pihole/COL_TABLE"
|
||||
source ${colfile}
|
||||
|
||||
# In case we're running at the same time as a system logrotate, use a
|
||||
# separate logrotate state file to prevent stepping on each other's
|
||||
# toes.
|
||||
STATEFILE="/var/lib/logrotate/pihole"
|
||||
|
||||
# Determine database location
|
||||
# Obtain DBFILE=... setting from pihole-FTL.db
|
||||
# Constructed to return nothing when
|
||||
@@ -32,7 +37,7 @@ if [[ "$@" == *"once"* ]]; then
|
||||
# Nightly logrotation
|
||||
if command -v /usr/sbin/logrotate >/dev/null; then
|
||||
# Logrotate once
|
||||
/usr/sbin/logrotate --force /etc/pihole/logrotate
|
||||
/usr/sbin/logrotate --force --state "${STATEFILE}" /etc/pihole/logrotate
|
||||
else
|
||||
# Copy pihole.log over to pihole.log.1
|
||||
# and empty out pihole.log
|
||||
@@ -47,8 +52,8 @@ else
|
||||
# Manual flushing
|
||||
if command -v /usr/sbin/logrotate >/dev/null; then
|
||||
# Logrotate twice to move all data out of sight of FTL
|
||||
/usr/sbin/logrotate --force /etc/pihole/logrotate; sleep 3
|
||||
/usr/sbin/logrotate --force /etc/pihole/logrotate
|
||||
/usr/sbin/logrotate --force --state "${STATEFILE}" /etc/pihole/logrotate; sleep 3
|
||||
/usr/sbin/logrotate --force --state "${STATEFILE}" /etc/pihole/logrotate
|
||||
else
|
||||
# Flush both pihole.log and pihole.log.1 (if existing)
|
||||
echo " " > /var/log/pihole.log
|
||||
|
@@ -1,5 +1,6 @@
|
||||
#!/usr/bin/env bash
|
||||
# shellcheck disable=SC1090
|
||||
|
||||
# Pi-hole: A black hole for Internet advertisements
|
||||
# (c) 2018 Pi-hole, LLC (https://pi-hole.net)
|
||||
# Network-wide ad blocking via your own hardware.
|
||||
|
@@ -95,6 +95,10 @@ main() {
|
||||
# shellcheck disable=1090,2154
|
||||
source "${setupVars}"
|
||||
|
||||
# Install packages used by this installation script (necessary if users have removed e.g. git from their systems)
|
||||
package_manager_detect
|
||||
install_dependent_packages "${INSTALLER_DEPS[@]}"
|
||||
|
||||
# This is unlikely
|
||||
if ! is_repo "${PI_HOLE_FILES_DIR}" ; then
|
||||
echo -e "\\n ${COL_LIGHT_RED}Error: Core Pi-hole repo is missing from system!"
|
||||
|
@@ -44,7 +44,8 @@ Options:
|
||||
-e, email Set an administrative contact address for the Block Page
|
||||
-h, --help Show this help dialog
|
||||
-i, interface Specify dnsmasq's interface listening behavior
|
||||
-l, privacylevel Set privacy level (0 = lowest, 3 = highest)"
|
||||
-l, privacylevel Set privacy level (0 = lowest, 3 = highest)
|
||||
-t, teleporter Backup configuration as an archive"
|
||||
exit 0
|
||||
}
|
||||
|
||||
@@ -53,7 +54,7 @@ add_setting() {
|
||||
}
|
||||
|
||||
delete_setting() {
|
||||
sed -i "/${1}/d" "${setupVars}"
|
||||
sed -i "/^${1}/d" "${setupVars}"
|
||||
}
|
||||
|
||||
change_setting() {
|
||||
@@ -66,7 +67,7 @@ addFTLsetting() {
|
||||
}
|
||||
|
||||
deleteFTLsetting() {
|
||||
sed -i "/${1}/d" "${FTLconf}"
|
||||
sed -i "/^${1}/d" "${FTLconf}"
|
||||
}
|
||||
|
||||
changeFTLsetting() {
|
||||
@@ -83,7 +84,7 @@ add_dnsmasq_setting() {
|
||||
}
|
||||
|
||||
delete_dnsmasq_setting() {
|
||||
sed -i "/${1}/d" "${dnsmasqconfig}"
|
||||
sed -i "/^${1}/d" "${dnsmasqconfig}"
|
||||
}
|
||||
|
||||
SetTemperatureUnit() {
|
||||
@@ -266,11 +267,21 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423
|
||||
delete_setting "CONDITIONAL_FORWARDING_IP"
|
||||
fi
|
||||
|
||||
delete_dnsmasq_setting "rev-server"
|
||||
|
||||
if [[ "${REV_SERVER}" == true ]]; then
|
||||
add_dnsmasq_setting "rev-server=${REV_SERVER_CIDR},${REV_SERVER_TARGET}"
|
||||
if [ -n "${REV_SERVER_DOMAIN}" ]; then
|
||||
# Forward local domain names to the CF target, too
|
||||
add_dnsmasq_setting "server=/${REV_SERVER_DOMAIN}/${REV_SERVER_TARGET}"
|
||||
fi
|
||||
|
||||
if [[ "${DNS_FQDN_REQUIRED}" != true ]]; then
|
||||
# Forward unqualified names to the CF target only when the "never
|
||||
# forward non-FQDN" option is unticked
|
||||
add_dnsmasq_setting "server=//${REV_SERVER_TARGET}"
|
||||
fi
|
||||
|
||||
fi
|
||||
|
||||
# We need to process DHCP settings here as well to account for possible
|
||||
@@ -726,6 +737,7 @@ AddCustomCNAMERecord() {
|
||||
|
||||
domain="${args[2]}"
|
||||
target="${args[3]}"
|
||||
|
||||
echo "cname=${domain},${target}" >> "${dnscustomcnamefile}"
|
||||
|
||||
# Restart dnsmasq to load new custom CNAME records
|
||||
|
@@ -1,28 +0,0 @@
|
||||
#!/usr/bin/env bash
|
||||
# Pi-hole: A black hole for Internet advertisements
|
||||
# (c) 2017 Pi-hole, LLC (https://pi-hole.net)
|
||||
# Network-wide ad blocking via your own hardware.
|
||||
#
|
||||
# Provides an automated migration subroutine to convert Pi-hole v3.x wildcard domains to Pi-hole v4.x regex filters
|
||||
#
|
||||
# This file is copyright under the latest version of the EUPL.
|
||||
# Please see LICENSE file for your rights under this license.
|
||||
|
||||
# regexFile set in gravity.sh
|
||||
|
||||
wildcardFile="/etc/dnsmasq.d/03-pihole-wildcard.conf"
|
||||
|
||||
convert_wildcard_to_regex() {
|
||||
if [ ! -f "${wildcardFile}" ]; then
|
||||
return
|
||||
fi
|
||||
local addrlines domains uniquedomains
|
||||
# Obtain wildcard domains from old file
|
||||
addrlines="$(grep -oE "/.*/" ${wildcardFile})"
|
||||
# Strip "/" from domain names and convert "." to regex-compatible "\."
|
||||
domains="$(sed 's/\///g;s/\./\\./g' <<< "${addrlines}")"
|
||||
# Remove repeated domains (may have been inserted two times due to A and AAAA blocking)
|
||||
uniquedomains="$(uniq <<< "${domains}")"
|
||||
# Automatically generate regex filters and remove old wildcards file
|
||||
awk '{print "(^|\\.)"$0"$"}' <<< "${uniquedomains}" >> "${regexFile:?}" && rm "${wildcardFile}"
|
||||
}
|
@@ -1,4 +1,4 @@
|
||||
#!/usr/bin/env bash
|
||||
#!/usr/bin/env sh
|
||||
### BEGIN INIT INFO
|
||||
# Provides: pihole-FTL
|
||||
# Required-Start: $remote_fs $syslog $network
|
||||
@@ -9,11 +9,8 @@
|
||||
# Description: Enable service provided by pihole-FTL daemon
|
||||
### END INIT INFO
|
||||
|
||||
FTLUSER=pihole
|
||||
PIDFILE=/run/pihole-FTL.pid
|
||||
|
||||
is_running() {
|
||||
pgrep -o "pihole-FTL" > /dev/null 2>&1
|
||||
pgrep -xo "pihole-FTL" > /dev/null
|
||||
}
|
||||
|
||||
|
||||
@@ -23,27 +20,18 @@ start() {
|
||||
echo "pihole-FTL is already running"
|
||||
else
|
||||
# Touch files to ensure they exist (create if non-existing, preserve if existing)
|
||||
touch /var/log/pihole-FTL.log /var/log/pihole.log
|
||||
touch /run/pihole-FTL.pid /run/pihole-FTL.port
|
||||
touch /etc/pihole/dhcp.leases
|
||||
mkdir -p /run/pihole
|
||||
mkdir -p /var/log/pihole
|
||||
chown pihole:pihole /run/pihole /var/log/pihole
|
||||
# Remove possible leftovers from previous pihole-FTL processes
|
||||
rm -f /dev/shm/FTL-* 2> /dev/null
|
||||
rm /run/pihole/FTL.sock 2> /dev/null
|
||||
mkdir -pm 0755 /run/pihole
|
||||
touch /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases
|
||||
# Ensure that permissions are set so that pihole-FTL can edit all necessary files
|
||||
chown pihole:pihole /run/pihole-FTL.pid /run/pihole-FTL.port
|
||||
chown pihole:pihole /etc/pihole /etc/pihole/dhcp.leases 2> /dev/null
|
||||
chown pihole:pihole /var/log/pihole-FTL.log /var/log/pihole.log
|
||||
chmod 0644 /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole.log
|
||||
chown pihole:pihole /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases /run/pihole /etc/pihole
|
||||
chmod 0644 /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases /etc/pihole/macvendor.db
|
||||
# Chown database files to the user FTL runs as. We ignore errors as the files may not (yet) exist
|
||||
chown pihole:pihole /etc/pihole/pihole-FTL.db /etc/pihole/gravity.db 2> /dev/null
|
||||
if setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN,CAP_SYS_NICE+eip "$(which pihole-FTL)"; then
|
||||
su -s /bin/sh -c "/usr/bin/pihole-FTL" "$FTLUSER"
|
||||
chown -f pihole:pihole /etc/pihole/pihole-FTL.db /etc/pihole/gravity.db /etc/pihole/macvendor.db
|
||||
if setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN,CAP_SYS_NICE,CAP_IPC_LOCK,CAP_CHOWN+eip "/usr/bin/pihole-FTL"; then
|
||||
su -s /bin/sh -c "/usr/bin/pihole-FTL" pihole
|
||||
else
|
||||
echo "Warning: Starting pihole-FTL as root because setting capabilities is not supported on this system"
|
||||
pihole-FTL
|
||||
/usr/bin/pihole-FTL
|
||||
fi
|
||||
echo
|
||||
fi
|
||||
@@ -52,20 +40,20 @@ start() {
|
||||
# Stop the service
|
||||
stop() {
|
||||
if is_running; then
|
||||
pkill -o pihole-FTL
|
||||
for i in {1..5}; do
|
||||
pkill -xo "pihole-FTL"
|
||||
for i in 1 2 3 4 5; do
|
||||
if ! is_running; then
|
||||
break
|
||||
fi
|
||||
|
||||
echo -n "."
|
||||
printf "."
|
||||
sleep 1
|
||||
done
|
||||
echo
|
||||
|
||||
if is_running; then
|
||||
echo "Not stopped; may still be shutting down or shutdown may have failed, killing now"
|
||||
pkill -o -9 pihole-FTL
|
||||
pkill -xo -9 "pihole-FTL"
|
||||
exit 1
|
||||
else
|
||||
echo "Stopped"
|
||||
@@ -73,6 +61,8 @@ stop() {
|
||||
else
|
||||
echo "Not running"
|
||||
fi
|
||||
# Cleanup
|
||||
rm -f /run/pihole/FTL.sock /dev/shm/FTL-*
|
||||
echo
|
||||
}
|
||||
|
||||
@@ -101,7 +91,7 @@ case "$1" in
|
||||
start
|
||||
;;
|
||||
*)
|
||||
echo $"Usage: $0 {start|stop|restart|reload|status}"
|
||||
echo "Usage: $0 {start|stop|restart|reload|status}"
|
||||
exit 1
|
||||
esac
|
||||
|
||||
|
@@ -26,7 +26,7 @@
|
||||
# parameter "quiet": don't print messages
|
||||
00 00 * * * root PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole flush once quiet
|
||||
|
||||
@reboot root /usr/sbin/logrotate /etc/pihole/logrotate
|
||||
@reboot root /usr/sbin/logrotate --state /var/lib/logrotate/pihole /etc/pihole/logrotate
|
||||
|
||||
# Pi-hole: Grab local version and branch every 10 minutes
|
||||
*/10 * * * * root PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updatechecker local
|
||||
|
@@ -11,15 +11,6 @@ $serverName = htmlspecialchars($_SERVER["SERVER_NAME"]);
|
||||
// Remove external ipv6 brackets if any
|
||||
$serverName = preg_replace('/^\[(.*)\]$/', '${1}', $serverName);
|
||||
|
||||
if (!is_file("/etc/pihole/setupVars.conf"))
|
||||
die("[ERROR] File not found: <code>/etc/pihole/setupVars.conf</code>");
|
||||
|
||||
// Get values from setupVars.conf
|
||||
$setupVars = parse_ini_file("/etc/pihole/setupVars.conf");
|
||||
$svPasswd = !empty($setupVars["WEBPASSWORD"]);
|
||||
$svEmail = (!empty($setupVars["ADMIN_EMAIL"]) && filter_var($setupVars["ADMIN_EMAIL"], FILTER_VALIDATE_EMAIL)) ? $setupVars["ADMIN_EMAIL"] : "";
|
||||
unset($setupVars);
|
||||
|
||||
// Set landing page location, found within /var/www/html/
|
||||
$landPage = "../landing.php";
|
||||
|
||||
@@ -34,21 +25,6 @@ if (!empty($_SERVER["FQDN"])) {
|
||||
array_push($authorizedHosts, $_SERVER["VIRTUAL_HOST"]);
|
||||
}
|
||||
|
||||
// Set which extension types render as Block Page (Including "" for index.ext)
|
||||
$validExtTypes = array("asp", "htm", "html", "php", "rss", "xml", "");
|
||||
|
||||
// Get extension of current URL
|
||||
$currentUrlExt = pathinfo($_SERVER["REQUEST_URI"], PATHINFO_EXTENSION);
|
||||
|
||||
// Set mobile friendly viewport
|
||||
$viewPort = '<meta name="viewport" content="width=device-width, initial-scale=1">';
|
||||
|
||||
// Set response header
|
||||
function setHeader($type = "x") {
|
||||
header("X-Pi-hole: A black hole for Internet advertisements.");
|
||||
if (isset($type) && $type === "js") header("Content-Type: application/javascript");
|
||||
}
|
||||
|
||||
// Determine block page type
|
||||
if ($serverName === "pi.hole"
|
||||
|| (!empty($_SERVER["VIRTUAL_HOST"]) && $serverName === $_SERVER["VIRTUAL_HOST"])) {
|
||||
@@ -71,325 +47,26 @@ if ($serverName === "pi.hole"
|
||||
<html lang='en'>
|
||||
<head>
|
||||
<meta charset='utf-8'>
|
||||
$viewPort
|
||||
<meta name='viewport' content='width=device-width, initial-scale=1'>
|
||||
<title>● $serverName</title>
|
||||
<link rel='stylesheet' href='pihole/blockingpage.css'>
|
||||
<link rel='shortcut icon' href='admin/img/favicons/favicon.ico' type='image/x-icon'>
|
||||
<style>
|
||||
#splashpage { background: #222; color: rgba(255, 255, 255, 0.7); text-align: center; }
|
||||
#splashpage img { margin: 5px; width: 256px; }
|
||||
#splashpage b { color: inherit; }
|
||||
</style>
|
||||
</head>
|
||||
<body id='splashpage'>
|
||||
<div id="pihole_card">
|
||||
<img src='admin/img/logo.svg' alt='Pi-hole logo' id="pihole_logo_splash" />
|
||||
<p>Pi-<strong>hole</strong>: Your black hole for Internet advertisements</p>
|
||||
<a href='/admin'>Did you mean to go to the admin panel?</a>
|
||||
</div>
|
||||
<img src='admin/img/logo.svg' alt='Pi-hole logo' width='256' height='377'>
|
||||
<br>
|
||||
<p>Pi-<strong>hole</strong>: Your black hole for Internet advertisements</p>
|
||||
<a href='/admin'>Did you mean to go to the admin panel?</a>
|
||||
</body>
|
||||
</html>
|
||||
EOT;
|
||||
exit($splashPage);
|
||||
} elseif ($currentUrlExt === "js") {
|
||||
// Serve Pi-hole JavaScript for blocked domains requesting JS
|
||||
exit(setHeader("js").'var x = "Pi-hole: A black hole for Internet advertisements."');
|
||||
} elseif (strpos($_SERVER["REQUEST_URI"], "?") !== FALSE && isset($_SERVER["HTTP_REFERER"])) {
|
||||
// Serve blank image upon receiving REQUEST_URI w/ query string & HTTP_REFERRER
|
||||
// e.g: An iframe of a blocked domain
|
||||
exit(setHeader().'<!doctype html>
|
||||
<html lang="en">
|
||||
<head>
|
||||
<meta charset="utf-8"><script>window.close();</script>
|
||||
</head>
|
||||
<body>
|
||||
<img src="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=">
|
||||
</body>
|
||||
</html>');
|
||||
} elseif (!in_array($currentUrlExt, $validExtTypes) || substr_count($_SERVER["REQUEST_URI"], "?")) {
|
||||
// Serve SVG upon receiving non $validExtTypes URL extension or query string
|
||||
// e.g: Not an iframe of a blocked domain, such as when browsing to a file/query directly
|
||||
// QoL addition: Allow the SVG to be clicked on in order to quickly show the full Block Page
|
||||
$blockImg = '<a href="/">
|
||||
<svg xmlns="http://www.w3.org/2000/svg" width="110" height="16">
|
||||
<circle cx="8" cy="8" r="7" fill="none" stroke="rgba(152,2,2,.5)" stroke-width="2"/>
|
||||
<path fill="rgba(152,2,2,.5)" d="M11.526 3.04l1.414 1.415-8.485 8.485-1.414-1.414z"/>
|
||||
<text x="19.3" y="12" opacity=".3" style="font:11px Arial">
|
||||
Blocked by Pi-hole
|
||||
</text>
|
||||
</svg>
|
||||
</a>';
|
||||
exit(setHeader()."<!doctype html>
|
||||
<html lang='en'>
|
||||
<head>
|
||||
<meta charset='utf-8'>
|
||||
$viewPort
|
||||
</head>
|
||||
<body>$blockImg</body>
|
||||
</html>");
|
||||
}
|
||||
|
||||
/* Start processing Block Page from here */
|
||||
exit(header("HTTP/1.1 404 Not Found"));
|
||||
|
||||
// Define admin email address text based off $svEmail presence
|
||||
$bpAskAdmin = !empty($svEmail) ? '<a href="mailto:'.$svEmail.'?subject=Site Blocked: '.$serverName.'"></a>' : "<span/>";
|
||||
|
||||
// Get possible non-standard location of FTL's database
|
||||
$FTLsettings = parse_ini_file("/etc/pihole/pihole-FTL.conf");
|
||||
if (isset($FTLsettings["GRAVITYDB"])) {
|
||||
$gravityDBFile = $FTLsettings["GRAVITYDB"];
|
||||
} else {
|
||||
$gravityDBFile = "/etc/pihole/gravity.db";
|
||||
}
|
||||
|
||||
// Connect to gravity.db
|
||||
try {
|
||||
$db = new SQLite3($gravityDBFile, SQLITE3_OPEN_READONLY);
|
||||
} catch (Exception $exception) {
|
||||
die("[ERROR]: Failed to connect to gravity.db");
|
||||
}
|
||||
|
||||
// Get all adlist addresses
|
||||
$adlistResults = $db->query("SELECT address FROM vw_adlist");
|
||||
$adlistsUrls = array();
|
||||
while ($row = $adlistResults->fetchArray()) {
|
||||
array_push($adlistsUrls, $row[0]);
|
||||
}
|
||||
|
||||
if (empty($adlistsUrls))
|
||||
die("[ERROR]: There are no adlists enabled");
|
||||
|
||||
// Get total number of blocklists (Including Whitelist, Blacklist & Wildcard lists)
|
||||
$adlistsCount = count($adlistsUrls) + 3;
|
||||
|
||||
// Set query timeout
|
||||
ini_set("default_socket_timeout", 3);
|
||||
|
||||
// Logic for querying blocklists
|
||||
function queryAds($serverName) {
|
||||
// Determine the time it takes while querying adlists
|
||||
$preQueryTime = microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"];
|
||||
$queryAdsURL = sprintf(
|
||||
"http://127.0.0.1:%s/admin/scripts/pi-hole/php/queryads.php?domain=%s&bp",
|
||||
$_SERVER["SERVER_PORT"],
|
||||
$serverName
|
||||
);
|
||||
$queryAds = file($queryAdsURL, FILE_IGNORE_NEW_LINES);
|
||||
$queryAds = array_values(array_filter(preg_replace("/data:\s+/", "", $queryAds)));
|
||||
$queryTime = sprintf("%.0f", (microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"]) - $preQueryTime);
|
||||
|
||||
// Exception Handling
|
||||
try {
|
||||
// Define Exceptions
|
||||
if (strpos($queryAds[0], "No exact results") !== FALSE) {
|
||||
// Return "none" into $queryAds array
|
||||
return array("0" => "none");
|
||||
} else if ($queryTime >= ini_get("default_socket_timeout")) {
|
||||
// Connection Timeout
|
||||
throw new Exception ("Connection timeout (".ini_get("default_socket_timeout")."s)");
|
||||
} elseif (!strpos($queryAds[0], ".") !== false) {
|
||||
// Unknown $queryAds output
|
||||
throw new Exception ("Unhandled error message (<code>$queryAds[0]</code>)");
|
||||
}
|
||||
return $queryAds;
|
||||
} catch (Exception $e) {
|
||||
// Return exception as array
|
||||
return array("0" => "error", "1" => $e->getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
// Get results of queryads.php exact search
|
||||
$queryAds = queryAds($serverName);
|
||||
|
||||
// Pass error through to Block Page
|
||||
if ($queryAds[0] === "error")
|
||||
die("[ERROR]: Unable to parse results from <i>queryads.php</i>: <code>".$queryAds[1]."</code>");
|
||||
|
||||
// Count total number of matching blocklists
|
||||
$featuredTotal = count($queryAds);
|
||||
|
||||
// Place results into key => value array
|
||||
$queryResults = null;
|
||||
foreach ($queryAds as $str) {
|
||||
$value = explode(" ", $str);
|
||||
@$queryResults[$value[0]] .= "$value[1]";
|
||||
}
|
||||
|
||||
// Determine if domain has been blacklisted, whitelisted, wildcarded or CNAME blocked
|
||||
if (strpos($queryAds[0], "blacklist") !== FALSE) {
|
||||
$notableFlagClass = "blacklist";
|
||||
$adlistsUrls = array("π" => substr($queryAds[0], 2));
|
||||
} elseif (strpos($queryAds[0], "whitelist") !== FALSE) {
|
||||
$notableFlagClass = "noblock";
|
||||
$adlistsUrls = array("π" => substr($queryAds[0], 2));
|
||||
$wlInfo = "recentwl";
|
||||
} elseif (strpos($queryAds[0], "wildcard") !== FALSE) {
|
||||
$notableFlagClass = "wildcard";
|
||||
$adlistsUrls = array("π" => substr($queryAds[0], 2));
|
||||
} elseif ($queryAds[0] === "none") {
|
||||
$featuredTotal = "0";
|
||||
$notableFlagClass = "noblock";
|
||||
|
||||
// QoL addition: Determine appropriate info message if CNAME exists
|
||||
// Suggests to the user that $serverName has a CNAME (alias) that may be blocked
|
||||
$dnsRecord = dns_get_record("$serverName")[0];
|
||||
if (array_key_exists("target", $dnsRecord)) {
|
||||
$wlInfo = $dnsRecord['target'];
|
||||
} else {
|
||||
$wlInfo = "unknown";
|
||||
}
|
||||
}
|
||||
|
||||
// Set #bpOutput notification
|
||||
$wlOutputClass = (isset($wlInfo) && $wlInfo === "recentwl") ? $wlInfo : "hidden";
|
||||
$wlOutput = (isset($wlInfo) && $wlInfo !== "recentwl") ? "<a href='http://$wlInfo'>$wlInfo</a>" : "";
|
||||
|
||||
// Get Pi-hole Core version
|
||||
$phVersion = exec("cd /etc/.pihole/ && git describe --long --tags");
|
||||
|
||||
// Print $execTime on development branches
|
||||
// Testing for - is marginally faster than "git rev-parse --abbrev-ref HEAD"
|
||||
if (explode("-", $phVersion)[1] != "0")
|
||||
$execTime = microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"];
|
||||
|
||||
// Please Note: Text is added via CSS to allow an admin to provide a localized
|
||||
// language without the need to edit this file
|
||||
|
||||
setHeader();
|
||||
?>
|
||||
<!doctype html>
|
||||
<!-- Pi-hole: A black hole for Internet advertisements
|
||||
* (c) 2017 Pi-hole, LLC (https://pi-hole.net)
|
||||
* Network-wide ad blocking via your own hardware.
|
||||
*
|
||||
* This file is copyright under the latest version of the EUPL. -->
|
||||
<html>
|
||||
<head>
|
||||
<meta charset="utf-8">
|
||||
<?=$viewPort ?>
|
||||
<meta name="robots" content="noindex,nofollow">
|
||||
<meta http-equiv="x-dns-prefetch-control" content="off">
|
||||
<link rel="stylesheet" href="pihole/blockingpage.css">
|
||||
<link rel="shortcut icon" href="admin/img/favicons/favicon.ico" type="image/x-icon">
|
||||
<title>● <?=$serverName ?></title>
|
||||
<script src="admin/scripts/vendor/jquery.min.js"></script>
|
||||
<script>
|
||||
window.onload = function () {
|
||||
<?php
|
||||
// Remove href fallback from "Back to safety" button
|
||||
if ($featuredTotal > 0) {
|
||||
echo '$("#bpBack").removeAttr("href");';
|
||||
|
||||
// Enable whitelisting if JS is available
|
||||
echo '$("#bpWhitelist").prop("disabled", false);';
|
||||
|
||||
// Enable password input if necessary
|
||||
if (!empty($svPasswd)) {
|
||||
echo '$("#bpWLPassword").attr("placeholder", "Password");';
|
||||
echo '$("#bpWLPassword").prop("disabled", false);';
|
||||
}
|
||||
// Otherwise hide the input
|
||||
else {
|
||||
echo '$("#bpWLPassword").hide();';
|
||||
}
|
||||
}
|
||||
?>
|
||||
}
|
||||
</script>
|
||||
</head>
|
||||
<body id="blockpage"><div id="bpWrapper">
|
||||
<header>
|
||||
<h1 id="bpTitle">
|
||||
<a class="title" href="/"><?php //Website Blocked ?></a>
|
||||
</h1>
|
||||
<div class="spc"></div>
|
||||
|
||||
<input id="bpAboutToggle" type="checkbox">
|
||||
<div id="bpAbout">
|
||||
<div class="aboutPH">
|
||||
<div class="aboutImg"></div>
|
||||
<p>Open Source Ad Blocker
|
||||
<small>Designed for Raspberry Pi</small>
|
||||
</p>
|
||||
</div>
|
||||
<div class="aboutLink">
|
||||
<a class="linkPH" href="https://docs.pi-hole.net/"><?php //About PH ?></a>
|
||||
<?php if (!empty($svEmail)) echo '<a class="linkEmail" href="mailto:'.$svEmail.'"></a>'; ?>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div id="bpAlt">
|
||||
<label class="altBtn" for="bpAboutToggle"><?php //Why am I here? ?></label>
|
||||
</div>
|
||||
</header>
|
||||
|
||||
<main>
|
||||
<div id="bpOutput" class="<?=$wlOutputClass ?>"><?=$wlOutput ?></div>
|
||||
<div id="bpBlock">
|
||||
<p class="blockMsg"><?=$serverName ?></p>
|
||||
</div>
|
||||
<?php if(isset($notableFlagClass)) { ?>
|
||||
<div id="bpFlag">
|
||||
<p class="flagMsg <?=$notableFlagClass ?>"></p>
|
||||
</div>
|
||||
<?php } ?>
|
||||
<div id="bpHelpTxt"><?=$bpAskAdmin ?></div>
|
||||
<div id="bpButtons" class="buttons">
|
||||
<a id="bpBack" onclick="javascript:history.back()" href="about:home"></a>
|
||||
<?php if ($featuredTotal > 0) echo '<label id="bpInfo" for="bpMoreToggle"></label>'; ?>
|
||||
</div>
|
||||
<input id="bpMoreToggle" type="checkbox">
|
||||
<div id="bpMoreInfo">
|
||||
<span id="bpFoundIn"><span><?=$featuredTotal ?></span><?=$adlistsCount ?></span>
|
||||
<pre id='bpQueryOutput'><?php if ($featuredTotal > 0) foreach ($queryResults as $num => $value) { echo "<span>[$num]:</span>$adlistsUrls[$num]\n"; } ?></pre>
|
||||
|
||||
<form id="bpWLButtons" class="buttons">
|
||||
<input id="bpWLDomain" type="text" value="<?=$serverName ?>" disabled>
|
||||
<input id="bpWLPassword" type="password" placeholder="JavaScript disabled" disabled>
|
||||
<button id="bpWhitelist" type="button" disabled></button>
|
||||
</form>
|
||||
</div>
|
||||
</main>
|
||||
|
||||
<footer><span><?=date("l g:i A, F dS"); ?>.</span> Pi-hole <?=$phVersion ?> (<?=gethostname()."/".$_SERVER["SERVER_ADDR"]; if (isset($execTime)) printf("/%.2fs", $execTime); ?>)</footer>
|
||||
</div>
|
||||
|
||||
<script>
|
||||
function add() {
|
||||
$("#bpOutput").removeClass("hidden error exception");
|
||||
$("#bpOutput").addClass("add");
|
||||
var domain = "<?=$serverName ?>";
|
||||
var pw = $("#bpWLPassword");
|
||||
if(domain.length === 0) {
|
||||
return;
|
||||
}
|
||||
$.ajax({
|
||||
url: "/admin/scripts/pi-hole/php/add.php",
|
||||
method: "post",
|
||||
data: {"domain":domain, "list":"white", "pw":pw.val()},
|
||||
success: function(response) {
|
||||
if(response.indexOf("Pi-hole blocking") !== -1) {
|
||||
setTimeout(function(){window.location.reload(1);}, 10000);
|
||||
$("#bpOutput").removeClass("add");
|
||||
$("#bpOutput").addClass("success");
|
||||
$("#bpOutput").html("");
|
||||
} else {
|
||||
$("#bpOutput").removeClass("add");
|
||||
$("#bpOutput").addClass("error");
|
||||
$("#bpOutput").html(""+response+"");
|
||||
}
|
||||
},
|
||||
error: function(jqXHR, exception) {
|
||||
$("#bpOutput").removeClass("add");
|
||||
$("#bpOutput").addClass("exception");
|
||||
$("#bpOutput").html("");
|
||||
}
|
||||
});
|
||||
}
|
||||
<?php if ($featuredTotal > 0) { ?>
|
||||
$(document).keypress(function(e) {
|
||||
if(e.which === 13 && $("#bpWLPassword").is(":focus")) {
|
||||
add();
|
||||
}
|
||||
});
|
||||
$("#bpWhitelist").on("click", function() {
|
||||
add();
|
||||
});
|
||||
<?php } ?>
|
||||
</script>
|
||||
</body></html>
|
||||
|
@@ -20,7 +20,6 @@ server.modules = (
|
||||
"mod_accesslog",
|
||||
"mod_auth",
|
||||
"mod_expire",
|
||||
"mod_compress",
|
||||
"mod_redirect",
|
||||
"mod_setenv",
|
||||
"mod_rewrite"
|
||||
@@ -41,26 +40,6 @@ index-file.names = ( "index.php", "index.html", "index.lighttpd.html"
|
||||
url.access-deny = ( "~", ".inc", ".md", ".yml", ".ini" )
|
||||
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
|
||||
|
||||
compress.cache-dir = "/var/cache/lighttpd/compress/"
|
||||
compress.filetype = (
|
||||
"application/json",
|
||||
"application/vnd.ms-fontobject",
|
||||
"application/xml",
|
||||
"font/eot",
|
||||
"font/opentype",
|
||||
"font/otf",
|
||||
"font/ttf",
|
||||
"image/bmp",
|
||||
"image/svg+xml",
|
||||
"image/vnd.microsoft.icon",
|
||||
"image/x-icon",
|
||||
"text/css",
|
||||
"text/html",
|
||||
"text/javascript",
|
||||
"text/plain",
|
||||
"text/xml"
|
||||
)
|
||||
|
||||
mimetype.assign = (
|
||||
".ico" => "image/x-icon",
|
||||
".jpeg" => "image/jpeg",
|
||||
@@ -99,11 +78,6 @@ $HTTP["url"] =~ "^/admin/" {
|
||||
"X-Pi-hole" => "The Pi-hole Web interface is working!",
|
||||
"X-Frame-Options" => "DENY"
|
||||
)
|
||||
|
||||
$HTTP["url"] =~ "\.(eot|otf|tt[cf]|woff2?)$" {
|
||||
# Allow Block Page access to local fonts
|
||||
setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
|
||||
}
|
||||
}
|
||||
|
||||
# Block . files from being served, such as .git, .github, .gitignore
|
||||
|
@@ -21,7 +21,6 @@ server.modules = (
|
||||
"mod_expire",
|
||||
"mod_fastcgi",
|
||||
"mod_accesslog",
|
||||
"mod_compress",
|
||||
"mod_redirect",
|
||||
"mod_setenv",
|
||||
"mod_rewrite"
|
||||
@@ -42,26 +41,6 @@ index-file.names = ( "index.php", "index.html", "index.lighttpd.html"
|
||||
url.access-deny = ( "~", ".inc", ".md", ".yml", ".ini" )
|
||||
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
|
||||
|
||||
compress.cache-dir = "/var/cache/lighttpd/compress/"
|
||||
compress.filetype = (
|
||||
"application/json",
|
||||
"application/vnd.ms-fontobject",
|
||||
"application/xml",
|
||||
"font/eot",
|
||||
"font/opentype",
|
||||
"font/otf",
|
||||
"font/ttf",
|
||||
"image/bmp",
|
||||
"image/svg+xml",
|
||||
"image/vnd.microsoft.icon",
|
||||
"image/x-icon",
|
||||
"text/css",
|
||||
"text/html",
|
||||
"text/javascript",
|
||||
"text/plain",
|
||||
"text/xml"
|
||||
)
|
||||
|
||||
mimetype.assign = (
|
||||
".ico" => "image/x-icon",
|
||||
".jpeg" => "image/jpeg",
|
||||
@@ -107,11 +86,6 @@ $HTTP["url"] =~ "^/admin/" {
|
||||
"X-Pi-hole" => "The Pi-hole Web interface is working!",
|
||||
"X-Frame-Options" => "DENY"
|
||||
)
|
||||
|
||||
$HTTP["url"] =~ "\.(eot|otf|tt[cf]|woff2?)$" {
|
||||
# Allow Block Page access to local fonts
|
||||
setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
|
||||
}
|
||||
}
|
||||
|
||||
# Block . files from being served, such as .git, .github, .gitignore
|
||||
|
File diff suppressed because it is too large
Load Diff
@@ -42,8 +42,8 @@ source "${PI_HOLE_FILES_DIR}/automated install/basic-install.sh"
|
||||
# setupVars set in basic-install.sh
|
||||
source "${setupVars}"
|
||||
|
||||
# distro_check() sourced from basic-install.sh
|
||||
distro_check
|
||||
# package_manager_detect() sourced from basic-install.sh
|
||||
package_manager_detect
|
||||
|
||||
# Install packages used by the Pi-hole
|
||||
DEPS=("${INSTALLER_DEPS[@]}" "${PIHOLE_DEPS[@]}")
|
||||
@@ -113,7 +113,7 @@ removeNoPurge() {
|
||||
fi
|
||||
fi
|
||||
echo -e "${OVER} ${TICK} Removed Web Interface"
|
||||
|
||||
|
||||
# Attempt to preserve backwards compatibility with older versions
|
||||
# to guarantee no additional changes were made to /etc/crontab after
|
||||
# the installation of pihole, /etc/crontab.pihole should be permanently
|
||||
@@ -145,6 +145,7 @@ removeNoPurge() {
|
||||
|
||||
${SUDO} rm -f /etc/dnsmasq.d/adList.conf &> /dev/null
|
||||
${SUDO} rm -f /etc/dnsmasq.d/01-pihole.conf &> /dev/null
|
||||
${SUDO} rm -f /etc/dnsmasq.d/06-rfc6761.conf &> /dev/null
|
||||
${SUDO} rm -rf /var/log/*pihole* &> /dev/null
|
||||
${SUDO} rm -rf /etc/pihole/ &> /dev/null
|
||||
${SUDO} rm -rf /etc/.pihole/ &> /dev/null
|
||||
|
@@ -15,8 +15,6 @@ export LC_ALL=C
|
||||
|
||||
coltable="/opt/pihole/COL_TABLE"
|
||||
source "${coltable}"
|
||||
regexconverter="/opt/pihole/wildcard_regex_converter.sh"
|
||||
source "${regexconverter}"
|
||||
# shellcheck disable=SC1091
|
||||
source "/etc/.pihole/advanced/Scripts/database_migration/gravity-db.sh"
|
||||
|
||||
@@ -122,7 +120,7 @@ gravity_swap_databases() {
|
||||
gravityBlocks=$(stat --format "%b" ${gravityDBfile})
|
||||
# Only keep the old database if available disk space is at least twice the size of the existing gravity.db.
|
||||
# Better be safe than sorry...
|
||||
if [ "${availableBlocks}" -gt "$(("${gravityBlocks}" * 2))" ] && [ -f "${gravityDBfile}" ]; then
|
||||
if [ "${availableBlocks}" -gt "$((gravityBlocks * 2))" ] && [ -f "${gravityDBfile}" ]; then
|
||||
echo -e " ${TICK} The old database remains available."
|
||||
mv "${gravityDBfile}" "${gravityOLDfile}"
|
||||
else
|
||||
|
38
pihole
38
pihole
@@ -242,7 +242,7 @@ Time:
|
||||
echo "BLOCKING_ENABLED=true" >> "${setupVars}"
|
||||
fi
|
||||
|
||||
restartDNS reload
|
||||
restartDNS reload-lists
|
||||
|
||||
echo -e "${OVER} ${TICK} ${str}"
|
||||
}
|
||||
@@ -369,7 +369,7 @@ tailFunc() {
|
||||
# Color everything else as gray
|
||||
tail -f /var/log/pihole.log | grep --line-buffered "${1}" | sed -E \
|
||||
-e "s,($(date +'%b %d ')| dnsmasq\[[0-9]*\]),,g" \
|
||||
-e "s,(.*(blacklisted |gravity blocked ).* is (0.0.0.0|::|NXDOMAIN).*),${COL_RED}&${COL_NC}," \
|
||||
-e "s,(.*(blacklisted |gravity blocked ).*),${COL_RED}&${COL_NC}," \
|
||||
-e "s,.*(query\\[A|DHCP).*,${COL_NC}&${COL_NC}," \
|
||||
-e "s,.*,${COL_GRAY}&${COL_NC},"
|
||||
exit 0
|
||||
@@ -399,34 +399,24 @@ Branches:
|
||||
}
|
||||
|
||||
tricorderFunc() {
|
||||
local tricorder_token
|
||||
if [[ ! -p "/dev/stdin" ]]; then
|
||||
echo -e " ${INFO} Please do not call Tricorder directly"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if ! (echo > /dev/tcp/tricorder.pi-hole.net/9998) >/dev/null 2>&1; then
|
||||
echo -e " ${CROSS} Unable to connect to Pi-hole's Tricorder server"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if command -v openssl &> /dev/null; then
|
||||
openssl s_client -quiet -connect tricorder.pi-hole.net:9998 2> /dev/null < /dev/stdin
|
||||
exit "$?"
|
||||
else
|
||||
echo -e " ${INFO} ${COL_YELLOW}Security Notice${COL_NC}: ${COL_WHITE}openssl${COL_NC} is not installed
|
||||
Your debug log will be transmitted unencrypted via plain-text
|
||||
There is a possibility that this could be intercepted by a third party
|
||||
If you wish to cancel, press Ctrl-C to exit within 10 seconds"
|
||||
secs="10"
|
||||
while [[ "$secs" -gt "0" ]]; do
|
||||
echo -ne "."
|
||||
sleep 1
|
||||
: $((secs--))
|
||||
done
|
||||
echo " "
|
||||
nc tricorder.pi-hole.net 9999 < /dev/stdin
|
||||
exit "$?"
|
||||
tricorder_token=$(curl --silent --fail --show-error --upload-file "-" https://tricorder.pi-hole.net/upload < /dev/stdin 2>&1)
|
||||
if [[ "${tricorder_token}" != "https://tricorder.pi-hole.net/"* ]]; then
|
||||
echo -e "${CROSS} uploading failed, contact Pi-hole support for assistance."
|
||||
# Log curl error (if available)
|
||||
if [ -n "${tricorder_token}" ]; then
|
||||
echo -e "${INFO} Error message: ${COL_RED}${tricorder_token}${COL_NC}\\n"
|
||||
tricorder_token=""
|
||||
fi
|
||||
exit 1
|
||||
fi
|
||||
echo "Upload successful, your token is: ${COL_GREEN}${tricorder_token}${COL_NC}"
|
||||
exit 0
|
||||
}
|
||||
|
||||
updateCheckFunc() {
|
||||
|
@@ -1,5 +0,0 @@
|
||||
Raspbian=9,10
|
||||
Ubuntu=16,18,20
|
||||
Debian=9,10
|
||||
Fedora=32,33
|
||||
CentOS=7,8
|
@@ -12,5 +12,6 @@ RUN true && \
|
||||
chmod +x $SCRIPTDIR/*
|
||||
|
||||
ENV PH_TEST true
|
||||
ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
|
||||
|
||||
#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
|
||||
|
@@ -12,5 +12,6 @@ RUN true && \
|
||||
chmod +x $SCRIPTDIR/*
|
||||
|
||||
ENV PH_TEST true
|
||||
ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
|
||||
|
||||
#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
|
||||
|
@@ -12,5 +12,6 @@ RUN true && \
|
||||
chmod +x $SCRIPTDIR/*
|
||||
|
||||
ENV PH_TEST true
|
||||
ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
|
||||
|
||||
#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
|
||||
|
17
test/_debian_11.Dockerfile
Normal file
17
test/_debian_11.Dockerfile
Normal file
@@ -0,0 +1,17 @@
|
||||
FROM buildpack-deps:bullseye-scm
|
||||
|
||||
ENV GITDIR /etc/.pihole
|
||||
ENV SCRIPTDIR /opt/pihole
|
||||
|
||||
RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
|
||||
ADD . $GITDIR
|
||||
RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
|
||||
ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
|
||||
|
||||
RUN true && \
|
||||
chmod +x $SCRIPTDIR/*
|
||||
|
||||
ENV PH_TEST true
|
||||
ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
|
||||
|
||||
#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
|
@@ -12,5 +12,6 @@ RUN true && \
|
||||
chmod +x $SCRIPTDIR/*
|
||||
|
||||
ENV PH_TEST true
|
||||
ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
|
||||
|
||||
#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
|
||||
|
@@ -12,5 +12,6 @@ RUN true && \
|
||||
chmod +x $SCRIPTDIR/*
|
||||
|
||||
ENV PH_TEST true
|
||||
ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
|
||||
|
||||
#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
|
||||
|
@@ -12,5 +12,6 @@ RUN true && \
|
||||
chmod +x $SCRIPTDIR/*
|
||||
|
||||
ENV PH_TEST true
|
||||
ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
|
||||
|
||||
#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
|
||||
|
@@ -12,5 +12,6 @@ RUN true && \
|
||||
chmod +x $SCRIPTDIR/*
|
||||
|
||||
ENV PH_TEST true
|
||||
ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
|
||||
|
||||
#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
|
@@ -12,5 +12,6 @@ RUN true && \
|
||||
chmod +x $SCRIPTDIR/*
|
||||
|
||||
ENV PH_TEST true
|
||||
ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
|
||||
|
||||
#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
|
||||
|
@@ -13,5 +13,6 @@ RUN true && \
|
||||
chmod +x $SCRIPTDIR/*
|
||||
|
||||
ENV PH_TEST true
|
||||
ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
|
||||
|
||||
#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
|
||||
|
18
test/_ubuntu_21.Dockerfile
Normal file
18
test/_ubuntu_21.Dockerfile
Normal file
@@ -0,0 +1,18 @@
|
||||
FROM buildpack-deps:hirsute-scm
|
||||
|
||||
ENV GITDIR /etc/.pihole
|
||||
ENV SCRIPTDIR /opt/pihole
|
||||
|
||||
RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
|
||||
ADD . $GITDIR
|
||||
RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
|
||||
ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
|
||||
ENV DEBIAN_FRONTEND=noninteractive
|
||||
|
||||
RUN true && \
|
||||
chmod +x $SCRIPTDIR/*
|
||||
|
||||
ENV PH_TEST true
|
||||
ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
|
||||
|
||||
#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
|
@@ -11,20 +11,20 @@ from .conftest import (
|
||||
)
|
||||
|
||||
|
||||
def test_supported_operating_system(Pihole):
|
||||
def test_supported_package_manager(Pihole):
|
||||
'''
|
||||
confirm installer exists on unsupported distribution
|
||||
confirm installer exits when no supported package manager found
|
||||
'''
|
||||
# break supported package managers to emulate an unsupported distribution
|
||||
# break supported package managers
|
||||
Pihole.run('rm -rf /usr/bin/apt-get')
|
||||
Pihole.run('rm -rf /usr/bin/rpm')
|
||||
distro_check = Pihole.run('''
|
||||
package_manager_detect = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
distro_check
|
||||
package_manager_detect
|
||||
''')
|
||||
expected_stdout = cross_box + ' OS distribution not supported'
|
||||
assert expected_stdout in distro_check.stdout
|
||||
# assert distro_check.rc == 1
|
||||
expected_stdout = cross_box + ' No supported package manager found'
|
||||
assert expected_stdout in package_manager_detect.stdout
|
||||
# assert package_manager_detect.rc == 1
|
||||
|
||||
|
||||
def test_setupVars_are_sourced_to_global_scope(Pihole):
|
||||
@@ -104,13 +104,37 @@ def test_selinux_not_detected(Pihole):
|
||||
assert check_selinux.rc == 0
|
||||
|
||||
|
||||
def test_installPiholeWeb_fresh_install_no_errors(Pihole):
|
||||
'''
|
||||
confirms all web page assets from Core repo are installed on a fresh build
|
||||
'''
|
||||
installWeb = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
installPiholeWeb
|
||||
''')
|
||||
expected_stdout = info_box + ' Installing 404 page...'
|
||||
assert expected_stdout in installWeb.stdout
|
||||
expected_stdout = tick_box + (' Creating directory for 404 page, '
|
||||
'and copying files')
|
||||
assert expected_stdout in installWeb.stdout
|
||||
expected_stdout = info_box + ' Backing up index.lighttpd.html'
|
||||
assert expected_stdout in installWeb.stdout
|
||||
expected_stdout = ('No default index.lighttpd.html file found... '
|
||||
'not backing up')
|
||||
assert expected_stdout in installWeb.stdout
|
||||
expected_stdout = tick_box + ' Installing sudoer file'
|
||||
assert expected_stdout in installWeb.stdout
|
||||
web_directory = Pihole.run('ls -r /var/www/html/pihole').stdout
|
||||
assert 'index.php' in web_directory
|
||||
|
||||
|
||||
def test_update_package_cache_success_no_errors(Pihole):
|
||||
'''
|
||||
confirms package cache was updated without any errors
|
||||
'''
|
||||
updateCache = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
distro_check
|
||||
package_manager_detect
|
||||
update_package_cache
|
||||
''')
|
||||
expected_stdout = tick_box + ' Update local cache of available packages'
|
||||
@@ -125,7 +149,7 @@ def test_update_package_cache_failure_no_errors(Pihole):
|
||||
mock_command('apt-get', {'update': ('', '1')}, Pihole)
|
||||
updateCache = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
distro_check
|
||||
package_manager_detect
|
||||
update_package_cache
|
||||
''')
|
||||
expected_stdout = cross_box + ' Update local cache of available packages'
|
||||
@@ -332,7 +356,7 @@ def test_FTL_download_aarch64_no_errors(Pihole):
|
||||
mock_command('whiptail', {'*': ('', '0')}, Pihole)
|
||||
Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
distro_check
|
||||
package_manager_detect
|
||||
install_dependent_packages ${INSTALLER_DEPS[@]}
|
||||
''')
|
||||
download_binary = Pihole.run('''
|
||||
@@ -396,10 +420,9 @@ def test_IPv6_only_link_local(Pihole):
|
||||
)
|
||||
detectPlatform = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
useIPv6dialog
|
||||
find_IPv6_information
|
||||
''')
|
||||
expected_stdout = ('Unable to find IPv6 ULA/GUA address, '
|
||||
'IPv6 adblocking will not be enabled')
|
||||
expected_stdout = ('Unable to find IPv6 ULA/GUA address')
|
||||
assert expected_stdout in detectPlatform.stdout
|
||||
|
||||
|
||||
@@ -420,9 +443,9 @@ def test_IPv6_only_ULA(Pihole):
|
||||
)
|
||||
detectPlatform = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
useIPv6dialog
|
||||
find_IPv6_information
|
||||
''')
|
||||
expected_stdout = 'Found IPv6 ULA address, using it for blocking IPv6 ads'
|
||||
expected_stdout = 'Found IPv6 ULA address'
|
||||
assert expected_stdout in detectPlatform.stdout
|
||||
|
||||
|
||||
@@ -443,9 +466,9 @@ def test_IPv6_only_GUA(Pihole):
|
||||
)
|
||||
detectPlatform = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
useIPv6dialog
|
||||
find_IPv6_information
|
||||
''')
|
||||
expected_stdout = 'Found IPv6 GUA address, using it for blocking IPv6 ads'
|
||||
expected_stdout = 'Found IPv6 GUA address'
|
||||
assert expected_stdout in detectPlatform.stdout
|
||||
|
||||
|
||||
@@ -467,9 +490,9 @@ def test_IPv6_GUA_ULA_test(Pihole):
|
||||
)
|
||||
detectPlatform = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
useIPv6dialog
|
||||
find_IPv6_information
|
||||
''')
|
||||
expected_stdout = 'Found IPv6 ULA address, using it for blocking IPv6 ads'
|
||||
expected_stdout = 'Found IPv6 ULA address'
|
||||
assert expected_stdout in detectPlatform.stdout
|
||||
|
||||
|
||||
@@ -491,9 +514,9 @@ def test_IPv6_ULA_GUA_test(Pihole):
|
||||
)
|
||||
detectPlatform = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
useIPv6dialog
|
||||
find_IPv6_information
|
||||
''')
|
||||
expected_stdout = 'Found IPv6 ULA address, using it for blocking IPv6 ads'
|
||||
expected_stdout = 'Found IPv6 ULA address'
|
||||
assert expected_stdout in detectPlatform.stdout
|
||||
|
||||
|
||||
@@ -542,7 +565,8 @@ def test_os_check_fails(Pihole):
|
||||
''' Confirms install fails on unsupported OS '''
|
||||
Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
distro_check
|
||||
package_manager_detect
|
||||
install_dependent_packages ${OS_CHECK_DEPS[@]}
|
||||
install_dependent_packages ${INSTALLER_DEPS[@]}
|
||||
cat <<EOT > /etc/os-release
|
||||
ID=UnsupportedOS
|
||||
@@ -561,7 +585,8 @@ def test_os_check_passes(Pihole):
|
||||
''' Confirms OS meets the requirements '''
|
||||
Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
distro_check
|
||||
package_manager_detect
|
||||
install_dependent_packages ${OS_CHECK_DEPS[@]}
|
||||
install_dependent_packages ${INSTALLER_DEPS[@]}
|
||||
''')
|
||||
detectOS = Pihole.run('''
|
||||
@@ -577,7 +602,7 @@ def test_package_manager_has_installer_deps(Pihole):
|
||||
mock_command('whiptail', {'*': ('', '0')}, Pihole)
|
||||
output = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
distro_check
|
||||
package_manager_detect
|
||||
install_dependent_packages ${INSTALLER_DEPS[@]}
|
||||
''')
|
||||
|
||||
@@ -590,7 +615,8 @@ def test_package_manager_has_pihole_deps(Pihole):
|
||||
mock_command('whiptail', {'*': ('', '0')}, Pihole)
|
||||
output = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
distro_check
|
||||
package_manager_detect
|
||||
select_rpm_php
|
||||
install_dependent_packages ${PIHOLE_DEPS[@]}
|
||||
''')
|
||||
|
||||
@@ -603,7 +629,8 @@ def test_package_manager_has_web_deps(Pihole):
|
||||
mock_command('whiptail', {'*': ('', '0')}, Pihole)
|
||||
output = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
distro_check
|
||||
package_manager_detect
|
||||
select_rpm_php
|
||||
install_dependent_packages ${PIHOLE_WEB_DEPS[@]}
|
||||
''')
|
||||
|
||||
|
@@ -5,18 +5,59 @@ from .conftest import (
|
||||
)
|
||||
|
||||
|
||||
def test_epel_installed_centos_7(Pihole):
|
||||
def test_php_upgrade_default_optout_centos_eq_7(Pihole):
|
||||
'''
|
||||
confirms the EPEL package repository is enabled when installed on CentOS
|
||||
confirms the default behavior to opt-out of installing PHP7 from REMI
|
||||
'''
|
||||
distro_check = Pihole.run('''
|
||||
package_manager_detect = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
distro_check
|
||||
package_manager_detect
|
||||
select_rpm_php
|
||||
''')
|
||||
expected_stdout = info_box + (' Enabling EPEL package repository '
|
||||
'(https://fedoraproject.org/wiki/EPEL)')
|
||||
assert expected_stdout in distro_check.stdout
|
||||
expected_stdout = tick_box + ' Installed epel-release'
|
||||
assert expected_stdout in distro_check.stdout
|
||||
epel_package = Pihole.package('epel-release')
|
||||
assert epel_package.is_installed
|
||||
expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
|
||||
'Deprecated PHP may be in use.')
|
||||
assert expected_stdout in package_manager_detect.stdout
|
||||
remi_package = Pihole.package('remi-release')
|
||||
assert not remi_package.is_installed
|
||||
|
||||
|
||||
def test_php_upgrade_user_optout_centos_eq_7(Pihole):
|
||||
'''
|
||||
confirms installer behavior when user opt-out of installing PHP7 from REMI
|
||||
(php not currently installed)
|
||||
'''
|
||||
# Whiptail dialog returns Cancel for user prompt
|
||||
mock_command('whiptail', {'*': ('', '1')}, Pihole)
|
||||
package_manager_detect = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
package_manager_detect
|
||||
select_rpm_php
|
||||
''')
|
||||
expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
|
||||
'Deprecated PHP may be in use.')
|
||||
assert expected_stdout in package_manager_detect.stdout
|
||||
remi_package = Pihole.package('remi-release')
|
||||
assert not remi_package.is_installed
|
||||
|
||||
|
||||
def test_php_upgrade_user_optin_centos_eq_7(Pihole):
|
||||
'''
|
||||
confirms installer behavior when user opt-in to installing PHP7 from REMI
|
||||
(php not currently installed)
|
||||
'''
|
||||
# Whiptail dialog returns Continue for user prompt
|
||||
mock_command('whiptail', {'*': ('', '0')}, Pihole)
|
||||
package_manager_detect = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
package_manager_detect
|
||||
select_rpm_php
|
||||
''')
|
||||
assert 'opt-out' not in package_manager_detect.stdout
|
||||
expected_stdout = info_box + (' Enabling Remi\'s RPM repository '
|
||||
'(https://rpms.remirepo.net)')
|
||||
assert expected_stdout in package_manager_detect.stdout
|
||||
expected_stdout = tick_box + (' Remi\'s RPM repository has '
|
||||
'been enabled for PHP7')
|
||||
assert expected_stdout in package_manager_detect.stdout
|
||||
remi_package = Pihole.package('remi-release')
|
||||
assert remi_package.is_installed
|
||||
|
@@ -5,15 +5,64 @@ from .conftest import (
|
||||
)
|
||||
|
||||
|
||||
def test_epel_not_installed_centos_gt7(Pihole):
|
||||
def test_php_upgrade_default_continue_centos_gte_8(Pihole):
|
||||
'''
|
||||
confirms installer does not attempt to install EPEL repository on CentOS 8+
|
||||
confirms the latest version of CentOS continues / does not optout
|
||||
(should trigger on CentOS7 only)
|
||||
'''
|
||||
distro_check = Pihole.run('''
|
||||
package_manager_detect = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
distro_check
|
||||
package_manager_detect
|
||||
select_rpm_php
|
||||
''')
|
||||
assert distro_check.stdout == ''
|
||||
unexpected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS.'
|
||||
' Deprecated PHP may be in use.')
|
||||
assert unexpected_stdout not in package_manager_detect.stdout
|
||||
# ensure remi was not installed on latest CentOS
|
||||
remi_package = Pihole.package('remi-release')
|
||||
assert not remi_package.is_installed
|
||||
|
||||
epel_package = Pihole.package('epel-release')
|
||||
assert not epel_package.is_installed
|
||||
|
||||
def test_php_upgrade_user_optout_skipped_centos_gte_8(Pihole):
|
||||
'''
|
||||
confirms installer skips user opt-out of installing PHP7 from REMI on
|
||||
latest CentOS (should trigger on CentOS7 only)
|
||||
(php not currently installed)
|
||||
'''
|
||||
# Whiptail dialog returns Cancel for user prompt
|
||||
mock_command('whiptail', {'*': ('', '1')}, Pihole)
|
||||
package_manager_detect = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
package_manager_detect
|
||||
select_rpm_php
|
||||
''')
|
||||
unexpected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS.'
|
||||
' Deprecated PHP may be in use.')
|
||||
assert unexpected_stdout not in package_manager_detect.stdout
|
||||
# ensure remi was not installed on latest CentOS
|
||||
remi_package = Pihole.package('remi-release')
|
||||
assert not remi_package.is_installed
|
||||
|
||||
|
||||
def test_php_upgrade_user_optin_skipped_centos_gte_8(Pihole):
|
||||
'''
|
||||
confirms installer skips user opt-in to installing PHP7 from REMI on
|
||||
latest CentOS (should trigger on CentOS7 only)
|
||||
(php not currently installed)
|
||||
'''
|
||||
# Whiptail dialog returns Continue for user prompt
|
||||
mock_command('whiptail', {'*': ('', '0')}, Pihole)
|
||||
package_manager_detect = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
package_manager_detect
|
||||
select_rpm_php
|
||||
''')
|
||||
assert 'opt-out' not in package_manager_detect.stdout
|
||||
unexpected_stdout = info_box + (' Enabling Remi\'s RPM repository '
|
||||
'(https://rpms.remirepo.net)')
|
||||
assert unexpected_stdout not in package_manager_detect.stdout
|
||||
unexpected_stdout = tick_box + (' Remi\'s RPM repository has '
|
||||
'been enabled for PHP7')
|
||||
assert unexpected_stdout not in package_manager_detect.stdout
|
||||
remi_package = Pihole.package('remi-release')
|
||||
assert not remi_package.is_installed
|
||||
|
125
test/test_centos_common_support.py
Normal file
125
test/test_centos_common_support.py
Normal file
@@ -0,0 +1,125 @@
|
||||
import pytest
|
||||
from .conftest import (
|
||||
tick_box,
|
||||
info_box,
|
||||
cross_box,
|
||||
mock_command,
|
||||
)
|
||||
|
||||
|
||||
def test_release_supported_version_check_centos(Pihole):
|
||||
'''
|
||||
confirms installer exits on unsupported releases of CentOS
|
||||
'''
|
||||
# modify /etc/redhat-release to mock an unsupported CentOS release
|
||||
Pihole.run('echo "CentOS Linux release 6.9" > /etc/redhat-release')
|
||||
package_manager_detect = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
package_manager_detect
|
||||
select_rpm_php
|
||||
''')
|
||||
expected_stdout = cross_box + (' CentOS 6 is not supported.')
|
||||
assert expected_stdout in package_manager_detect.stdout
|
||||
expected_stdout = 'Please update to CentOS release 7 or later'
|
||||
assert expected_stdout in package_manager_detect.stdout
|
||||
|
||||
|
||||
def test_enable_epel_repository_centos(Pihole):
|
||||
'''
|
||||
confirms the EPEL package repository is enabled when installed on CentOS
|
||||
'''
|
||||
package_manager_detect = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
package_manager_detect
|
||||
select_rpm_php
|
||||
''')
|
||||
expected_stdout = info_box + (' Enabling EPEL package repository '
|
||||
'(https://fedoraproject.org/wiki/EPEL)')
|
||||
assert expected_stdout in package_manager_detect.stdout
|
||||
expected_stdout = tick_box + ' Installed epel-release'
|
||||
assert expected_stdout in package_manager_detect.stdout
|
||||
epel_package = Pihole.package('epel-release')
|
||||
assert epel_package.is_installed
|
||||
|
||||
|
||||
def test_php_version_lt_7_detected_upgrade_default_optout_centos(Pihole):
|
||||
'''
|
||||
confirms the default behavior to opt-out of upgrading to PHP7 from REMI
|
||||
'''
|
||||
# first we will install the default php version to test installer behavior
|
||||
php_install = Pihole.run('yum install -y php')
|
||||
assert php_install.rc == 0
|
||||
php_package = Pihole.package('php')
|
||||
default_centos_php_version = php_package.version.split('.')[0]
|
||||
if int(default_centos_php_version) >= 7: # PHP7 is supported/recommended
|
||||
pytest.skip("Test deprecated . Detected default PHP version >= 7")
|
||||
package_manager_detect = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
package_manager_detect
|
||||
select_rpm_php
|
||||
''')
|
||||
expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
|
||||
'Deprecated PHP may be in use.')
|
||||
assert expected_stdout in package_manager_detect.stdout
|
||||
remi_package = Pihole.package('remi-release')
|
||||
assert not remi_package.is_installed
|
||||
|
||||
|
||||
def test_php_version_lt_7_detected_upgrade_user_optout_centos(Pihole):
|
||||
'''
|
||||
confirms installer behavior when user opt-out to upgrade to PHP7 via REMI
|
||||
'''
|
||||
# first we will install the default php version to test installer behavior
|
||||
php_install = Pihole.run('yum install -y php')
|
||||
assert php_install.rc == 0
|
||||
php_package = Pihole.package('php')
|
||||
default_centos_php_version = php_package.version.split('.')[0]
|
||||
if int(default_centos_php_version) >= 7: # PHP7 is supported/recommended
|
||||
pytest.skip("Test deprecated . Detected default PHP version >= 7")
|
||||
# Whiptail dialog returns Cancel for user prompt
|
||||
mock_command('whiptail', {'*': ('', '1')}, Pihole)
|
||||
package_manager_detect = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
package_manager_detect
|
||||
select_rpm_php
|
||||
''')
|
||||
expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
|
||||
'Deprecated PHP may be in use.')
|
||||
assert expected_stdout in package_manager_detect.stdout
|
||||
remi_package = Pihole.package('remi-release')
|
||||
assert not remi_package.is_installed
|
||||
|
||||
|
||||
def test_php_version_lt_7_detected_upgrade_user_optin_centos(Pihole):
|
||||
'''
|
||||
confirms installer behavior when user opt-in to upgrade to PHP7 via REMI
|
||||
'''
|
||||
# first we will install the default php version to test installer behavior
|
||||
php_install = Pihole.run('yum install -y php')
|
||||
assert php_install.rc == 0
|
||||
php_package = Pihole.package('php')
|
||||
default_centos_php_version = php_package.version.split('.')[0]
|
||||
if int(default_centos_php_version) >= 7: # PHP7 is supported/recommended
|
||||
pytest.skip("Test deprecated . Detected default PHP version >= 7")
|
||||
# Whiptail dialog returns Continue for user prompt
|
||||
mock_command('whiptail', {'*': ('', '0')}, Pihole)
|
||||
package_manager_detect = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
package_manager_detect
|
||||
select_rpm_php
|
||||
install_dependent_packages PIHOLE_WEB_DEPS[@]
|
||||
''')
|
||||
expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
|
||||
'Deprecated PHP may be in use.')
|
||||
assert expected_stdout not in package_manager_detect.stdout
|
||||
expected_stdout = info_box + (' Enabling Remi\'s RPM repository '
|
||||
'(https://rpms.remirepo.net)')
|
||||
assert expected_stdout in package_manager_detect.stdout
|
||||
expected_stdout = tick_box + (' Remi\'s RPM repository has '
|
||||
'been enabled for PHP7')
|
||||
assert expected_stdout in package_manager_detect.stdout
|
||||
remi_package = Pihole.package('remi-release')
|
||||
assert remi_package.is_installed
|
||||
updated_php_package = Pihole.package('php')
|
||||
updated_php_version = updated_php_package.version.split('.')[0]
|
||||
assert int(updated_php_version) == 7
|
16
test/test_fedora_support.py
Normal file
16
test/test_fedora_support.py
Normal file
@@ -0,0 +1,16 @@
|
||||
def test_epel_and_remi_not_installed_fedora(Pihole):
|
||||
'''
|
||||
confirms installer does not attempt to install EPEL/REMI repositories
|
||||
on Fedora
|
||||
'''
|
||||
package_manager_detect = Pihole.run('''
|
||||
source /opt/pihole/basic-install.sh
|
||||
package_manager_detect
|
||||
select_rpm_php
|
||||
''')
|
||||
assert package_manager_detect.stdout == ''
|
||||
|
||||
epel_package = Pihole.package('epel-release')
|
||||
assert not epel_package.is_installed
|
||||
remi_package = Pihole.package('remi-release')
|
||||
assert not remi_package.is_installed
|
@@ -5,4 +5,4 @@ envlist = py37
|
||||
whitelist_externals = docker
|
||||
deps = -rrequirements.txt
|
||||
commands = docker build -f _centos_7.Dockerfile -t pytest_pihole:test_container ../
|
||||
pytest {posargs:-vv -n auto} ./test_automated_install.py ./test_centos_fedora_common_support.py ./test_centos_7_support.py
|
||||
pytest {posargs:-vv -n auto} ./test_automated_install.py ./test_centos_fedora_common_support.py ./test_centos_common_support.py ./test_centos_7_support.py
|
||||
|
@@ -5,4 +5,4 @@ envlist = py37
|
||||
whitelist_externals = docker
|
||||
deps = -rrequirements.txt
|
||||
commands = docker build -f _centos_8.Dockerfile -t pytest_pihole:test_container ../
|
||||
pytest {posargs:-vv -n auto} ./test_automated_install.py ./test_centos_fedora_common_support.py ./test_centos_8_support.py
|
||||
pytest {posargs:-vv -n auto} ./test_automated_install.py ./test_centos_fedora_common_support.py ./test_centos_common_support.py ./test_centos_8_support.py
|
||||
|
8
test/tox.debian_11.ini
Normal file
8
test/tox.debian_11.ini
Normal file
@@ -0,0 +1,8 @@
|
||||
[tox]
|
||||
envlist = py37
|
||||
|
||||
[testenv]
|
||||
whitelist_externals = docker
|
||||
deps = -rrequirements.txt
|
||||
commands = docker build -f _debian_11.Dockerfile -t pytest_pihole:test_container ../
|
||||
pytest {posargs:-vv -n auto} ./test_automated_install.py
|
@@ -5,4 +5,4 @@ envlist = py37
|
||||
whitelist_externals = docker
|
||||
deps = -rrequirements.txt
|
||||
commands = docker build -f _fedora_32.Dockerfile -t pytest_pihole:test_container ../
|
||||
pytest {posargs:-vv -n auto} ./test_automated_install.py ./test_centos_fedora_common_support.py
|
||||
pytest {posargs:-vv -n auto} ./test_automated_install.py ./test_centos_fedora_common_support.py ./test_fedora_support.py
|
||||
|
8
test/tox.ubuntu_21.ini
Normal file
8
test/tox.ubuntu_21.ini
Normal file
@@ -0,0 +1,8 @@
|
||||
[tox]
|
||||
envlist = py37
|
||||
|
||||
[testenv]
|
||||
whitelist_externals = docker
|
||||
deps = -rrequirements.txt
|
||||
commands = docker build -f _ubuntu_21.Dockerfile -t pytest_pihole:test_container ../
|
||||
pytest {posargs:-vv -n auto} ./test_automated_install.py
|
Reference in New Issue
Block a user