Fix typos

Signed-off-by: Christian König <ckoenig@posteo.de>

.github/workflows/test.yml

@@ -28,7 +28,7 @@ jobs:
     needs: smoke-test
     strategy:
       matrix:
-        distro: [debian_9, debian_10, debian_11, ubuntu_16, ubuntu_18, ubuntu_20, ubuntu_21, centos_7, centos_8, fedora_32, fedora_33]
+        distro: [debian_9, debian_10, debian_11, ubuntu_16, ubuntu_18, ubuntu_20, ubuntu_21, centos_7, centos_8, fedora_33, fedora_34]
     env:
       DISTRO: ${{matrix.distro}}
     steps:

advanced/Scripts/database_migration/gravity-db.sh

@@ -122,4 +122,10 @@ upgrade_gravityDB(){
 		sqlite3 "${database}" < "${scriptPath}/13_to_14.sql"
 		version=14
 	fi
+	if [[ "$version" == "14" ]]; then
+	# Changes the vw_adlist created in 5_to_6
+	echo -e "  ${INFO} Upgrading gravity database from version 14 to 15"
+	sqlite3 "${database}" < "${scriptPath}/14_to_15.sql"
+	version=15
+fi
 }

advanced/Scripts/database_migration/gravity/13_to_14.sql

@@ -10,4 +10,4 @@ ALTER TABLE adlist ADD COLUMN status INTEGER NOT NULL DEFAULT 0;
 
 UPDATE info SET value = 14 WHERE property = 'version';
 
-COMMIT;
+COMMIT;

advanced/Scripts/database_migration/gravity/14_to_15.sql

@@ -0,0 +1,15 @@
+.timeout 30000
+
+PRAGMA FOREIGN_KEYS=OFF;
+
+BEGIN TRANSACTION;
+DROP VIEW vw_adlist;
+
+CREATE VIEW vw_adlist AS SELECT DISTINCT address, id
+    FROM adlist
+    WHERE enabled = 1
+    ORDER BY id;
+
+UPDATE info SET value = 15 WHERE property = 'version';
+
+COMMIT;

advanced/Scripts/piholeDebug.sh

@@ -585,6 +585,27 @@ processor_check() {
     fi
 }
 
+disk_usage() {
+    local file_system
+    local hide
+
+    echo_current_diagnostic "Disk usage"
+    mapfile -t file_system < <(df -h)
+
+    # Some lines of df might contain sensitive information like usernames and passwords.
+    # E.g. curlftpfs filesystems (https://www.looklinux.com/mount-ftp-share-on-linux-using-curlftps/)
+    # We are not interested in those lines so we collect keyword, to remove them from the output
+    # Additinal keywords can be added, separated by "|"
+    hide="curlftpfs"
+
+    # only show those lines not containg a sensitive phrase
+    for line in "${file_system[@]}"; do
+      if [[ ! $line =~ $hide ]]; then
+        log_write "   ${line}"
+      fi
+    done
+}
+
 parse_setup_vars() {
     echo_current_diagnostic "Setup variables"
     # If the file exists,
@@ -1421,6 +1442,7 @@ diagnose_operating_system
 check_selinux
 check_firewalld
 processor_check
+disk_usage
 check_networking
 check_name_resolution
 check_dhcp_servers

advanced/Scripts/webpage.sh

@@ -34,18 +34,43 @@ fi
 helpFunc() {
     echo "Usage: pihole -a [options]
 Example: pihole -a -p password
-Set options for the Admin Console
+Set options for the Admin Web Console
+Add '-h' after specific commands for more information on usage
 
 Options:
   -p, password        Set Admin Console password
   -c, celsius         Set Celsius as preferred temperature unit
   -f, fahrenheit      Set Fahrenheit as preferred temperature unit
   -k, kelvin          Set Kelvin as preferred temperature unit
-  -e, email           Set an administrative contact address for the Block Page
+  -e, email           Set an administrative contact address for the Block Page. Use -h for help
   -h, --help          Show this help dialog
-  -i, interface       Specify dnsmasq's interface listening behavior
+  -i, interface       Specify dnsmasq's interface listening behavior. Use -h for help
   -l, privacylevel    Set privacy level (0 = lowest, 3 = highest)
-  -t, teleporter      Backup configuration as an archive"
+  -t, teleporter      Backup configuration as an archive
+  poweroff            Poweroff the system
+  reboot              Reboot the system
+  restartdns          Restarts Pi-hole
+  layout              Set the web GUI layout [boxed/traditional]
+  theme               Set the web GUI theme [default-light/default-dark/default-darker/default-auto]
+  adlist              Manipulate adlists. Use -h for help
+  audit               Adds a domain to the audit log. Seperate doamins by comma
+  clearaudit          Remove all domains from the audit log.
+  addcustomdns        Adds an entry to the Local DNS Records. Use -h for help
+  removecustomdns     Removes an entry from the Local DNS Records. Use -h for help
+  addcustomcname      Adds a local CNAME. Use -h for help
+  removecustomcname   Removes a local CNAME. Use -h for help
+  enabledhcp          Enable the DHCP server. Use -h for help
+  disabledhcp         Disable the DHCP server
+  addstaticdhcp       Adds a static DHCP lease. Use -h for help
+  removestaticdhcp    Removes a static DHCP lease defind by [MAC]
+  setdns              Set Pihole's upstream DNS server. Comma-seperate
+                      individual server, use # to add specific port
+  setexcludedomains   Set domains to exclude from the web GUI dashboard's Top Domains.
+                      Comma-seperate individual domains
+  setexcludeclients   Set clients to exclude from the web GUI dashboard's Top Clients.
+                      Comma-seperate individual clients
+  setquerylog         Set which queries should be shown in the query log. Use -h for help"
+
     exit 0
 }
 
@@ -364,6 +389,15 @@ RestartDNS() {
 }
 
 SetQueryLogOptions() {
+
+    if [[ "$3" == "-h" ]] || [[ "$3" == "--help" ]]; then
+        echo "Usage: pihole -a setquerylog [Value]
+        Set which queries should be shown in the query log.
+        Values are [all/permittedonly/blockedonly/nothing]
+        "
+
+        exit 0
+  fi
     change_setting "API_QUERY_LOG_SHOW" "${args[2]}"
 }
 
@@ -445,6 +479,19 @@ ra-param=*,0,0
 }
 
 EnableDHCP() {
+
+    if [[ "$3" == "-h" ]] || [[ "$3" == "--help" ]]; then
+        echo "Usage: pihole -a enabledhcp DHCP_START DHCP_END DHCP_ROUTER DHCP_LEASETIME PIHOLE_DOMAIN DHCP_IPv6 DHCP_rapid_commit
+        Set Pihole's built-in DHCP server.
+
+    DHCP_LEASETIME is in hours.  0 = infinite
+    DHCP_IPv6 [true/false]
+    DHCP_rapid_commit [true/false]"
+
+    exit 0
+fi
+
+
     change_setting "DHCP_ACTIVE" "true"
     change_setting "DHCP_START" "${args[2]}"
     change_setting "DHCP_END" "${args[3]}"
@@ -513,6 +560,18 @@ CustomizeAdLists() {
     local comment
     comment="${args[4]}"
 
+    if [[ "$3" == "-h" ]] || [[ "$3" == "--help" ]]; then
+        echo "Usage: pihole -a adlist [action] [address]
+        Modify Pi-hole's adlists.
+
+Action:
+  add              Add an adlist. Append the optional argument [comment] to add an comment
+  del              Delete an adlist
+  enable           Enable an adlist
+  disbale          Disable an adlist"
+        exit 0
+  fi
+
     if CheckUrl "${address}"; then
         if [[ "${args[2]}" == "enable" ]]; then
             sqlite3 "${gravityDBfile}" "UPDATE adlist SET enabled = 1 WHERE address = '${address}'"
@@ -532,30 +591,19 @@ CustomizeAdLists() {
     fi
 }
 
-SetPrivacyMode() {
-    if [[ "${args[2]}" == "true" ]]; then
-        change_setting "API_PRIVACY_MODE" "true"
-    else
-        change_setting "API_PRIVACY_MODE" "false"
-    fi
-}
-
-ResolutionSettings() {
-    typ="${args[2]}"
-    state="${args[3]}"
-
-    if [[ "${typ}" == "forward" ]]; then
-        change_setting "API_GET_UPSTREAM_DNS_HOSTNAME" "${state}"
-    elif [[ "${typ}" == "clients" ]]; then
-        change_setting "API_GET_CLIENT_HOSTNAME" "${state}"
-    fi
-}
 
 AddDHCPStaticAddress() {
     mac="${args[2]}"
     ip="${args[3]}"
     host="${args[4]}"
 
+    if [[ "$3" == "-h" ]] || [[ "$3" == "--help" ]]; then
+        echo "Usage: pihole -a addstaticdhcp [MAC] [IP] [HOSTNAME]
+        Set an static DHCP lease."
+    exit 0
+    fi
+
+
     if [[ "${ip}" == "noip" ]]; then
         # Static host name
         echo "dhcp-host=${mac},${host}" >> "${dhcpstaticconfig}"
@@ -709,54 +757,25 @@ AddCustomDNSAddress() {
 
     ip="${args[2]}"
     host="${args[3]}"
-	echo "${ip} ${host}" >> "${dnscustomfile}"
+    reload="${args[4]}"
 
-    # Restart dnsmasq to load new custom DNS entries
-    RestartDNS
-}
+    if [[ "$3" == "-h" ]] || [[ "$3" == "--help" ]]; then
+        echo "Usage: pihole -a addcustomdns [IP] [HOSTNAME]
+        Add a Local DNS Record.
+        Optionally append 'false' to suppress restarting Pi-hole.
+        Note: added DNS records wont't have an effect until Pi-hole is
+        restarted.
+        "
 
-RemoveCustomDNSAddress() {
-    echo -e "  ${TICK} Removing custom DNS entry..."
+        exit 0
+  fi
 
-    ip="${args[2]}"
-    host="${args[3]}"
-
-    if valid_ip "${ip}" || valid_ip6 "${ip}" ; then
-        sed -i "/^${ip} ${host}$/d" "${dnscustomfile}"
-    else
-        echo -e "  ${CROSS} Invalid IP has been passed"
-        exit 1
-    fi
-
-    # Restart dnsmasq to update removed custom DNS entries
-    RestartDNS
-}
-
-AddCustomCNAMERecord() {
-    echo -e "  ${TICK} Adding custom CNAME record..."
-
-    domain="${args[2]}"
-    target="${args[3]}"
-
-    echo "cname=${domain},${target}" >> "${dnscustomcnamefile}"
-
-    # Restart dnsmasq to load new custom CNAME records
-    RestartDNS
-}
-
-RemoveCustomCNAMERecord() {
-    echo -e "  ${TICK} Removing custom CNAME record..."
-
-    domain="${args[2]}"
-    target="${args[3]}"
-
-    validDomain="$(checkDomain "${domain}")"
-    if [[ -n "${validDomain}" ]]; then
-        validTarget="$(checkDomain "${target}")"
-        if [[ -n "${validDomain}" ]]; then
-            sed -i "/cname=${validDomain},${validTarget}$/d" "${dnscustomcnamefile}"
+    validHost="$(checkDomain "${host}")"
+    if [[ -n "${validHost}" ]]; then
+        if valid_ip "${ip}" || valid_ip6 "${ip}" ; then
+            echo "${ip} ${validHost}" >> "${dnscustomfile}"
         else
-            echo "  ${CROSS} Invalid Target Passed!"
+            echo -e "  ${CROSS} Invalid IP has been passed"
             exit 1
         fi
     else
@@ -764,8 +783,122 @@ RemoveCustomCNAMERecord() {
         exit 1
     fi
 
-    # Restart dnsmasq to update removed custom CNAME records
-    RestartDNS
+    # Restart dnsmasq to load new custom DNS entries only if $reload not false
+    if [[ ! $reload == "false" ]]; then
+      RestartDNS
+    fi
+}
+
+RemoveCustomDNSAddress() {
+    echo -e "  ${TICK} Removing custom DNS entry..."
+
+    ip="${args[2]}"
+    host="${args[3]}"
+    reload="${args[4]}"
+
+    if [[ "$3" == "-h" ]] || [[ "$3" == "--help" ]]; then
+        echo "Usage: pihole -a removecustomdns [IP] [HOSTNAME]
+        Remove a Local DNS Record.
+        Optionally append 'false' to suppress restarting Pi-hole.
+        Note: added DNS records wont't have an effect until Pi-hole is
+        restarted.
+        "
+
+        exit 0
+  fi
+
+    validHost="$(checkDomain "${host}")"
+    if [[ -n "${validHost}" ]]; then
+        if valid_ip "${ip}" || valid_ip6 "${ip}" ; then
+            sed -i "/^${ip} ${validHost}$/d" "${dnscustomfile}"
+        else
+            echo -e "  ${CROSS} Invalid IP has been passed"
+            exit 1
+        fi
+        else
+            echo "  ${CROSS} Invalid Domain passed!"
+            exit 1
+    fi
+
+    # Restart dnsmasq to load new custom DNS entries only if reload is not false
+    if [[ ! $reload == "false" ]]; then
+      RestartDNS
+    fi
+}
+
+AddCustomCNAMERecord() {
+    echo -e "  ${TICK} Adding custom CNAME record..."
+
+    domain="${args[2]}"
+    target="${args[3]}"
+    reload="${args[4]}"
+
+    if [[ "$3" == "-h" ]] || [[ "$3" == "--help" ]]; then
+        echo "Usage: pihole -a addcustomcname [DOMAIN] [TARGET]
+        Add a local CNAME record for Domain => Target
+        Optionally append 'false' to suppress restarting Pi-hole.
+        Note: added CNAME records wont't have an effect until Pi-hole is
+        restarted.
+        "
+
+        exit 0
+  fi
+
+    validDomain="$(checkDomain "${domain}")"
+    if [[ -n "${validDomain}" ]]; then
+        validTarget="$(checkDomain "${target}")"
+        if [[ -n "${validTarget}" ]]; then
+          echo "cname=${validDomain},${validTarget}" >> "${dnscustomcnamefile}"
+        else
+          echo "  ${CROSS} Invalid Target Passed!"
+          exit 1
+        fi
+    else
+        echo "  ${CROSS} Invalid Domain passed!"
+        exit 1
+    fi
+    # Restart dnsmasq to load new custom CNAME records only if reload is not false
+    if [[ ! $reload == "false" ]]; then
+      RestartDNS
+    fi
+}
+
+RemoveCustomCNAMERecord() {
+    echo -e "  ${TICK} Removing custom CNAME record..."
+
+    domain="${args[2]}"
+    target="${args[3]}"
+    reload="${args[4]}"
+
+    if [[ "$3" == "-h" ]] || [[ "$3" == "--help" ]]; then
+        echo "Usage: pihole -a removecustomcname [DOMAIN] [TARGET]
+        Remove the local CNAME record for Domain => Target
+        Optionally append 'false' to suppress restarting Pi-hole.
+        Note: added CNAME records wont't have an effect until Pi-hole is
+        restarted.
+        "
+
+        exit 0
+  fi
+
+    validDomain="$(checkDomain "${domain}")"
+    if [[ -n "${validDomain}" ]]; then
+        validTarget="$(checkDomain "${target}")"
+        if [[ -n "${validTarget}" ]]; then
+            sed -i "/cname=${validDomain},${validTarget}$/d" "${dnscustomcnamefile}"
+        else
+          echo "  ${CROSS} Invalid Target Passed!"
+          exit 1
+        fi
+    else
+        echo "  ${CROSS} Invalid Domain passed!"
+        exit 1
+    fi
+
+    # Restart dnsmasq to update removed custom CNAME records only if $reload not false
+    if [[ ! $reload == "false" ]]; then
+      RestartDNS
+    fi
 }
 
 main() {
@@ -782,27 +915,25 @@ main() {
         "poweroff"            ) Poweroff;;
         "reboot"              ) Reboot;;
         "restartdns"          ) RestartDNS;;
-        "setquerylog"         ) SetQueryLogOptions;;
-        "enabledhcp"          ) EnableDHCP;;
+        "setquerylog"         ) SetQueryLogOptions "$@";;
+        "enabledhcp"          ) EnableDHCP"$@";;
         "disabledhcp"         ) DisableDHCP;;
         "layout"              ) SetWebUILayout;;
         "theme"               ) SetWebUITheme;;
         "-h" | "--help"       ) helpFunc;;
-        "privacymode"         ) SetPrivacyMode;;
-        "resolve"             ) ResolutionSettings;;
-        "addstaticdhcp"       ) AddDHCPStaticAddress;;
+        "addstaticdhcp"       ) AddDHCPStaticAddress "$@";;
         "removestaticdhcp"    ) RemoveDHCPStaticAddress;;
         "-e" | "email"        ) SetAdminEmail "$3";;
         "-i" | "interface"    ) SetListeningMode "$@";;
         "-t" | "teleporter"   ) Teleporter;;
-        "adlist"              ) CustomizeAdLists;;
+        "adlist"              ) CustomizeAdLists "$@";;
         "audit"               ) addAudit "$@";;
         "clearaudit"          ) clearAudit;;
         "-l" | "privacylevel" ) SetPrivacyLevel;;
-        "addcustomdns"        ) AddCustomDNSAddress;;
-        "removecustomdns"     ) RemoveCustomDNSAddress;;
-        "addcustomcname"      ) AddCustomCNAMERecord;;
-        "removecustomcname"   ) RemoveCustomCNAMERecord;;
+        "addcustomdns"        ) AddCustomDNSAddress "$@";;
+        "removecustomdns"     ) RemoveCustomDNSAddress "$@";;
+        "addcustomcname"      ) AddCustomCNAMERecord "$@";;
+        "removecustomcname"   ) RemoveCustomCNAMERecord "$@";;
         *                     ) helpFunc;;
     esac
 

advanced/Templates/gravity.db.sql

@@ -57,7 +57,7 @@ CREATE TABLE info
 	value TEXT NOT NULL
 );
 
-INSERT INTO "info" VALUES('version','14');
+INSERT INTO "info" VALUES('version','15');
 
 CREATE TABLE domain_audit
 (
@@ -143,12 +143,10 @@ CREATE VIEW vw_gravity AS SELECT domain, adlist_by_group.group_id AS group_id
     LEFT JOIN "group" ON "group".id = adlist_by_group.group_id
     WHERE adlist.enabled = 1 AND (adlist_by_group.group_id IS NULL OR "group".enabled = 1);
 
-CREATE VIEW vw_adlist AS SELECT DISTINCT address, adlist.id AS id
+CREATE VIEW vw_adlist AS SELECT DISTINCT address, id
     FROM adlist
-    LEFT JOIN adlist_by_group ON adlist_by_group.adlist_id = adlist.id
-    LEFT JOIN "group" ON "group".id = adlist_by_group.group_id
-    WHERE adlist.enabled = 1 AND (adlist_by_group.group_id IS NULL OR "group".enabled = 1)
-    ORDER BY adlist.id;
+    WHERE enabled = 1
+    ORDER BY id;
 
 CREATE TRIGGER tr_domainlist_add AFTER INSERT ON domainlist
     BEGIN

advanced/Templates/pihole-FTL.service

@@ -24,9 +24,13 @@ start() {
     touch /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases
     # Ensure that permissions are set so that pihole-FTL can edit all necessary files
     chown pihole:pihole /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases /run/pihole /etc/pihole
-    chmod 0644 /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases /etc/pihole/macvendor.db
+    chmod 0644 /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases
+    # Ensure that permissions are set so that pihole-FTL can edit the files. We ignore errors as the file may not (yet) exist
+    chmod -f 0644 /etc/pihole/macvendor.db
     # Chown database files to the user FTL runs as. We ignore errors as the files may not (yet) exist
     chown -f pihole:pihole /etc/pihole/pihole-FTL.db /etc/pihole/gravity.db /etc/pihole/macvendor.db
+    # Chown database file permissions so that the pihole group (web interface) can edit the file. We ignore errors as the files may not (yet) exist
+    chmod -f 0664 /etc/pihole/pihole-FTL.db
     if setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN,CAP_SYS_NICE,CAP_IPC_LOCK,CAP_CHOWN+eip "/usr/bin/pihole-FTL"; then
       su -s /bin/sh -c "/usr/bin/pihole-FTL" pihole
     else

advanced/lighttpd.conf.debian

@@ -85,5 +85,12 @@ $HTTP["url"] =~ "^/admin/\.(.*)" {
     url.access-deny = ("")
 }
 
+# allow teleporter iframe on settings page
+$HTTP["url"] =~ "/teleporter\.php$" {
+    $HTTP["referer"] =~ "/admin/settings\.php" {
+        setenv.add-response-header = ( "X-Frame-Options" => "SAMEORIGIN" )
+    }
+}
+
 # Default expire header
 expire.url = ( "" => "access plus 0 seconds" )

advanced/lighttpd.conf.fedora

@@ -93,5 +93,12 @@ $HTTP["url"] =~ "^/admin/\.(.*)" {
     url.access-deny = ("")
 }
 
+# allow teleporter iframe on settings page
+$HTTP["url"] =~ "/teleporter\.php$" {
+    $HTTP["referer"] =~ "/admin/settings\.php" {
+        setenv.add-response-header = ( "X-Frame-Options" => "SAMEORIGIN" )
+    }
+}
+
 # Default expire header
 expire.url = ( "" => "access plus 0 seconds" )

automated install/basic-install.sh

@@ -292,7 +292,7 @@ if is_command apt-get ; then
     # It's useful to separate this from Pi-hole, since the two repos are also setup separately
     PIHOLE_WEB_DEPS=(lighttpd "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-sqlite3" "${phpVer}-xml" "${phpVer}-intl")
     # Prior to PHP8.0, JSON functionality is provided as dedicated module, required by Pi-hole AdminLTE: https://www.php.net/manual/json.installation.php
-    if [[ "${phpInsNewer}" != true || "${phpInsMajor}" -lt 8 ]]; then
+    if [[ -z "${phpInsMajor}" || "${phpInsMajor}" -lt 8 ]]; then
         PIHOLE_WEB_DEPS+=("${phpVer}-json")
     fi
     # The Web server user,
@@ -1914,8 +1914,6 @@ IPv6:	${IPV6_ADDRESS:-"Not Configured"}
 
 If you have not done so already, the above IP should be set to static.
 
-The install log is in /etc/pihole.
-
 ${additional}" "${r}" "${c}"
 }
 

test/_fedora_34.Dockerfile

@@ -1,4 +1,4 @@
-FROM fedora:32
+FROM fedora:34
 
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole

test/tox.fedora_34.ini

@@ -4,5 +4,5 @@ envlist = py37
 [testenv]
 whitelist_externals = docker
 deps = -rrequirements.txt
-commands = docker build -f _fedora_32.Dockerfile -t pytest_pihole:test_container ../
+commands = docker build -f _fedora_34.Dockerfile -t pytest_pihole:test_container ../
            pytest {posargs:-vv -n auto} ./test_automated_install.py ./test_centos_fedora_common_support.py ./test_fedora_support.py