arno/pi-hole
1
0
Fork 0
mirror of https://github.com/pi-hole/pi-hole synced 2025-01-03 12:40:56 +00:00
Code Issues Releases Wiki Activity

Merge pull request #490 from bcambl/fedora-armhf7

Browse Source 
Fedora Support
This commit is contained in:
Dan Schaper 2016-06-29 14:25:23 -07:00 committed by GitHub
commit 024b741552
11 changed files with 428 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
advanced/Scripts/blacklist.sh
View File

@ -17,7 +17,7 @@ else
echo "::: sudo will be used." echo "::: sudo will be used."
# Check if it is actually installed # Check if it is actually installed
# If it isn't, exit because the install cannot complete # If it isn't, exit because the install cannot complete
if [[ $(dpkg-query -s sudo) ]];then if [ -x "$(command -v sudo)" ];then
export SUDO="sudo" export SUDO="sudo"
else else
echo "::: Please install sudo or run this script as root." echo "::: Please install sudo or run this script as root."

2
advanced/Scripts/piholeDebug.sh
View File

@ -36,7 +36,7 @@ if [[ $EUID -eq 0 ]]; then
else else
echo "::: Sudo will be used for debugging." echo "::: Sudo will be used for debugging."
# Check if sudo is actually installed # Check if sudo is actually installed
if [[ $(dpkg-query -s sudo) ]]; then if [ -x "$(command -v sudo)" ]; then
export SUDO="sudo" export SUDO="sudo"
else else
echo "::: Please install sudo or run this as root." echo "::: Please install sudo or run this as root."

2
advanced/Scripts/setupLCD.sh
View File

@ -19,7 +19,7 @@ else
echo "::: sudo will be used." echo "::: sudo will be used."
# Check if it is actually installed # Check if it is actually installed
# If it isn't, exit because the install cannot complete # If it isn't, exit because the install cannot complete
if [[ $(dpkg-query -s sudo) ]];then if [ -x "$(command -v sudo)" ];then
export SUDO="sudo" export SUDO="sudo"
else else
echo "::: Please install sudo or run this script as root." echo "::: Please install sudo or run this script as root."

2
advanced/Scripts/whitelist.sh
View File

@ -17,7 +17,7 @@ else
echo "::: sudo will be used." echo "::: sudo will be used."
# Check if it is actually installed # Check if it is actually installed
# If it isn't, exit because the install cannot complete # If it isn't, exit because the install cannot complete
if [[ $(dpkg-query -s sudo) ]];then if [ -x "$(command -v sudo)" ];then
export SUDO="sudo" export SUDO="sudo"
else else
echo "::: Please install sudo or run this script as root." echo "::: Please install sudo or run this script as root."

2
advanced/lighttpd.conf → advanced/lighttpd.conf.debian
View File

@ -14,7 +14,7 @@ server.modules = (
"mod_accesslog", "mod_accesslog",
"mod_expire", "mod_expire",
"mod_compress", "mod_compress",
"mod_redirect", "mod_redirect",
"mod_setenv", "mod_setenv",
"mod_rewrite" "mod_rewrite"
) )

77
advanced/lighttpd.conf.fedora Normal file
View File

@ -0,0 +1,77 @@
# Pi-hole: A black hole for Internet advertisements
# (c) 2015, 2016 by Jacob Salmela
# Network-wide ad blocking via your Raspberry Pi
# http://pi-hole.net
# lighttpd config for Pi-hole
#
# Pi-hole is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 2 of the License, or
# (at your option) any later version.
server.modules = (
"mod_access",
"mod_fastcgi",
"mod_accesslog",
"mod_expire",
"mod_compress",
"mod_redirect",
"mod_setenv",
"mod_rewrite"
)
server.document-root = "/var/www/html"
server.error-handler-404 = "pihole/index.html"
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "/var/run/lighttpd.pid"
server.username = "lighttpd"
server.groupname = "lighttpd"
server.port = 80
accesslog.filename = "/var/log/lighttpd/access.log"
accesslog.format = "%{%s}t|%V|%r|%s|%b"
index-file.names = ( "index.php", "index.html", "index.lighttpd.html" )
url.access-deny = ( "~", ".inc" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
compress.cache-dir = "/var/cache/lighttpd/compress/"
compress.filetype = ( "application/javascript", "text/css", "text/html", "text/plain" )
mimetype.assign = ( ".png" => "image/png",
".jpg" => "image/jpeg",
".jpeg" => "image/jpeg",
".html" => "text/html",
".css" => "text/css; charset=utf-8",
".js" => "application/javascript",
".json" => "application/json",
".txt" => "text/plain" )
# default listening port for IPv6 falls back to the IPv4 port
#include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
#include_shell "/usr/share/lighttpd/create-mime.assign.pl"
#include_shell "/usr/share/lighttpd/include-conf-enabled.pl"
fastcgi.server = ( ".php" =>
( "localhost" =>
(
"socket" => "/tmp/php-fastcgi.socket",
"bin-path" => "/usr/bin/php-cgi"
)
)
)
# If the URL starts with /admin, it is the Web interface
$HTTP["url"] =~ "^/admin/" {
# Create a response header for debugging using curl -I
setenv.add-response-header = ( "X-Pi-hole" => "The Pi-hole Web interface is working!" )
}
# If the URL does not start with /admin, then it is a query for an ad domain
$HTTP["url"] =~ "^(?!/admin)/.*" {
# Create a response header for debugging using curl -I
setenv.add-response-header = ( "X-Pi-hole" => "A black hole for Internet advertisements." )
# rewrite only js requests
url.rewrite = ("(.*).js" => "pihole/index.js")
}

87
advanced/selinux/pihole.te Normal file
View File

@ -0,0 +1,87 @@
module pihole 1.0;
require {
type var_log_t;
type unconfined_t;
type init_t;
type auditd_t;
type syslogd_t;
type NetworkManager_t;
type mdadm_t;
type tuned_t;
type avahi_t;
type irqbalance_t;
type system_dbusd_t;
type kernel_t;
type httpd_sys_script_t;
type systemd_logind_t;
type httpd_t;
type policykit_t;
type dnsmasq_t;
type udev_t;
type postfix_pickup_t;
type sshd_t;
type crond_t;
type getty_t;
type lvm_t;
type postfix_qmgr_t;
type postfix_master_t;
class dir { getattr search };
class file { read open setattr };
}
#============= dnsmasq_t ==============
allow dnsmasq_t var_log_t:file { open setattr };
#============= httpd_t ==============
allow httpd_t var_log_t:file { read open };
#============= httpd_sys_script_t (class: dir) ==============
allow httpd_sys_script_t NetworkManager_t:dir { getattr search };
allow httpd_sys_script_t auditd_t:dir { getattr search };
allow httpd_sys_script_t avahi_t:dir { getattr search };
allow httpd_sys_script_t crond_t:dir { getattr search };
allow httpd_sys_script_t dnsmasq_t:dir { getattr search };
allow httpd_sys_script_t getty_t:dir { getattr search };
allow httpd_sys_script_t httpd_t:dir { getattr search };
allow httpd_sys_script_t init_t:dir { getattr search };
allow httpd_sys_script_t irqbalance_t:dir { getattr search };
allow httpd_sys_script_t kernel_t:dir { getattr search };
allow httpd_sys_script_t lvm_t:dir { getattr search };
allow httpd_sys_script_t mdadm_t:dir { getattr search };
allow httpd_sys_script_t policykit_t:dir { getattr search };
allow httpd_sys_script_t postfix_master_t:dir { getattr search };
allow httpd_sys_script_t postfix_pickup_t:dir { getattr search };
allow httpd_sys_script_t postfix_qmgr_t:dir { getattr search };
allow httpd_sys_script_t sshd_t:dir { getattr search };
allow httpd_sys_script_t syslogd_t:dir { getattr search };
allow httpd_sys_script_t system_dbusd_t:dir { getattr search };
allow httpd_sys_script_t systemd_logind_t:dir { getattr search };
allow httpd_sys_script_t tuned_t:dir { getattr search };
allow httpd_sys_script_t udev_t:dir { getattr search };
allow httpd_sys_script_t unconfined_t:dir { getattr search };
#============= httpd_sys_script_t (class: file) ==============
allow httpd_sys_script_t NetworkManager_t:file { read open };
allow httpd_sys_script_t auditd_t:file { read open };
allow httpd_sys_script_t avahi_t:file { read open };
allow httpd_sys_script_t crond_t:file { read open };
allow httpd_sys_script_t dnsmasq_t:file { read open };
allow httpd_sys_script_t getty_t:file { read open };
allow httpd_sys_script_t httpd_t:file { read open };
allow httpd_sys_script_t init_t:file { read open };
allow httpd_sys_script_t irqbalance_t:file { read open };
allow httpd_sys_script_t kernel_t:file { read open };
allow httpd_sys_script_t lvm_t:file { read open };
allow httpd_sys_script_t mdadm_t:file { read open };
allow httpd_sys_script_t policykit_t:file { read open };
allow httpd_sys_script_t postfix_master_t:file { read open };
allow httpd_sys_script_t postfix_pickup_t:file { read open };
allow httpd_sys_script_t postfix_qmgr_t:file { read open };
allow httpd_sys_script_t sshd_t:file { read open };
allow httpd_sys_script_t syslogd_t:file { read open };
allow httpd_sys_script_t system_dbusd_t:file { read open };
allow httpd_sys_script_t systemd_logind_t:file { read open };
allow httpd_sys_script_t tuned_t:file { read open };
allow httpd_sys_script_t udev_t:file { read open };
allow httpd_sys_script_t unconfined_t:file { read open };

263
automated install/basic-install.sh
View File

@ -36,16 +36,6 @@ columns=$(tput cols)
r=$(( rows / 2 )) r=$(( rows / 2 ))
c=$(( columns / 2 )) c=$(( columns / 2 ))
# Find IP used to route to outside world
IPv4dev=$(ip route get 8.8.8.8 | awk '{for(i=1;i<=NF;i++)if($i~/dev/)print $(i+1)}')
IPv4addr=$(ip -o -f inet addr show dev "$IPv4dev" | awk '{print $4}' | awk 'END {print}')
IPv4gw=$(ip route get 8.8.8.8 | awk '{print $3}')
availableInterfaces=$(ip -o link | awk '{print $2}' | grep -v "lo" | cut -d':' -f1 | cut -d'@' -f1)
dhcpcdFile=/etc/dhcpcd.conf
######## FIRST CHECK ######## ######## FIRST CHECK ########
# Must be root to install # Must be root to install
echo ":::" echo ":::"
@ -55,7 +45,7 @@ else
echo "::: sudo will be used for the install." echo "::: sudo will be used for the install."
# Check if it is actually installed # Check if it is actually installed
# If it isn't, exit because the install cannot complete # If it isn't, exit because the install cannot complete
if [[ $(dpkg-query -s sudo) ]];then if [ -x "$(command -v sudo)" ];then
export SUDO="sudo" export SUDO="sudo"
else else
echo "::: sudo is needed for the Web interface to run pihole commands. Please run this script as root and it will be automatically installed." echo "::: sudo is needed for the Web interface to run pihole commands. Please run this script as root and it will be automatically installed."
@ -63,6 +53,47 @@ else
fi fi
fi fi
# Compatability
if [ -x "$(command -v rpm)" ];then
# Fedora Family
if [ -x "$(command -v dnf)" ];then
PKG_MANAGER="dnf"
else
PKG_MANAGER="yum"
fi
PKG_CACHE="/var/cache/$PKG_MANAGER"
UPDATE_PKG_CACHE="$PKG_MANAGER check-update -q"
PKG_UPDATE="$PKG_MANAGER update -y"
PKG_INSTALL="$PKG_MANAGER install -y"
PKG_COUNT="$PKG_MANAGER check-update | grep -v ^Last | grep -c ^[a-zA-Z0-9]"
INSTALLER_DEPS=( iproute net-tools procps-ng newt )
PIHOLE_DEPS=( epel-release bind-utils bc dnsmasq lighttpd lighttpd-fastcgi php-common php-cli php git curl unzip wget findutils cronie sudo )
LIGHTTPD_USER="lighttpd"
LIGHTTPD_GROUP="lighttpd"
LIGHTTPD_CFG="lighttpd.conf.fedora"
package_check() {
rpm -qa | grep ^$1- > /dev/null
}
elif [ -x "$(command -v apt-get)" ];then
# Debian Family
PKG_MANAGER="apt-get"
PKG_CACHE="/var/cache/apt"
UPDATE_PKG_CACHE="$PKG_MANAGER -qq update"
PKG_UPDATE="$PKG_MANAGER upgrade"
PKG_INSTALL="$PKG_MANAGER -y -qq install"
PKG_COUNT="$PKG_MANAGER -s -o Debug::NoLocking=true upgrade | grep -c ^Inst"
INSTALLER_DEPS=( apt-utils whiptail dhcpcd5)
PIHOLE_DEPS=( dnsutils bc dnsmasq lighttpd php5-common php5-cgi php5 git curl unzip wget sudo )
LIGHTTPD_USER="www-data"
LIGHTTPD_GROUP="www-data"
LIGHTTPD_CFG="lighttpd.conf.debian"
package_check() {
dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed"
}
else
echo "OS distribution not supported"
exit
fi
####### FUNCTIONS ########## ####### FUNCTIONS ##########
spinner() spinner()
@ -80,6 +111,14 @@ spinner()
printf " \b\b\b\b" printf " \b\b\b\b"
} }
findIPRoute() {
# Find IP used to route to outside world
IPv4dev=$(ip route get 8.8.8.8 | awk '{for(i=1;i<=NF;i++)if($i~/dev/)print $(i+1)}')
IPv4addr=$(ip -o -f inet addr show dev "$IPv4dev" | awk '{print $4}' | awk 'END {print}')
IPv4gw=$(ip route get 8.8.8.8 | awk '{print $3}')
availableInterfaces=$(ip -o link | awk '{print $2}' | grep -v "lo" | cut -d':' -f1 | cut -d'@' -f1)
}
backupLegacyPihole() { backupLegacyPihole() {
# This function detects and backups the pi-hole v1 files. It will not do anything to the current version files. # This function detects and backups the pi-hole v1 files. It will not do anything to the current version files.
if [[ -f /etc/dnsmasq.d/adList.conf ]];then if [[ -f /etc/dnsmasq.d/adList.conf ]];then
@ -288,20 +327,52 @@ setDHCPCD() {
echo "::: interface $piholeInterface echo "::: interface $piholeInterface
static ip_address=$IPv4addr static ip_address=$IPv4addr
static routers=$IPv4gw static routers=$IPv4gw
static domain_name_servers=$IPv4gw" | $SUDO tee -a $dhcpcdFile >/dev/null static domain_name_servers=$IPv4gw" | $SUDO tee -a /etc/dhcpcd.conf >/dev/null
} }
setStaticIPv4() { setStaticIPv4() {
# Tries to set the IPv4 address if [[ -f /etc/dhcpcd.conf ]];then
if grep -q "$IPv4addr" $dhcpcdFile; then # Debian Family
# address already set, noop if grep -q "$IPv4addr" /etc/dhcpcd.conf; then
: echo "::: Static IP already configured"
else
setDHCPCD
$SUDO ip addr replace dev "$piholeInterface" "$IPv4addr"
echo ":::"
echo "::: Setting IP to $IPv4addr. You may need to restart after the install is complete."
echo ":::"
fi
elif [[ -f /etc/sysconfig/network-scripts/ifcfg-$piholeInterface ]];then
# Fedora Family
IFCFG_FILE=/etc/sysconfig/network-scripts/ifcfg-$piholeInterface
if grep -q "$IPv4addr" $IFCFG_FILE; then
echo "::: Static IP already configured"
else
IPADDR=$(echo $IPv4addr | cut -f1 -d/)
CIDR=$(echo $IPv4addr | cut -f2 -d/)
# Backup existing interface configuration:
cp $IFCFG_FILE $IFCFG_FILE.backup-$(date +%Y-%m-%d-%H%M%S)
# Build Interface configuration file:
$SUDO echo "# Configured via Pi-Hole installer" > $IFCFG_FILE
$SUDO echo "DEVICE=$piholeInterface" >> $IFCFG_FILE
$SUDO echo "BOOTPROTO=none" >> $IFCFG_FILE
$SUDO echo "ONBOOT=yes" >> $IFCFG_FILE
$SUDO echo "IPADDR=$IPADDR" >> $IFCFG_FILE
$SUDO echo "PREFIX=$CIDR" >> $IFCFG_FILE
$SUDO echo "USERCTL=no" >> $IFCFG_FILE
$SUDO ip addr replace dev "$piholeInterface" "$IPv4addr"
if [ -x "$(command -v nmcli)" ];then
# Tell NetworkManager to read our new sysconfig file
$SUDO nmcli con load $IFCFG_FILE > /dev/null
fi
echo ":::"
echo "::: Setting IP to $IPv4addr. You may need to restart after the install is complete."
echo ":::"
fi
else else
setDHCPCD echo "::: Warning: Unable to locate configuration file to set static IPv4 address!"
$SUDO ip addr replace dev "$piholeInterface" "$IPv4addr" exit 1
echo ":::"
echo "::: Setting IP to $IPv4addr. You may need to restart after the install is complete."
echo ":::"
fi fi
} }
@ -455,6 +526,7 @@ versionCheckDNSmasq(){
else else
$SUDO sed -i '/^server=@DNS2@/d' $newFileFinalLocation $SUDO sed -i '/^server=@DNS2@/d' $newFileFinalLocation
fi fi
$SUDO sed -i 's/^#conf-dir=\/etc\/dnsmasq.d$/conf-dir=\/etc\/dnsmasq.d/' $dnsFile1
} }
installScripts() { installScripts() {
@ -502,7 +574,11 @@ installConfigs() {
$SUDO chown "$USER":root /etc/lighttpd $SUDO chown "$USER":root /etc/lighttpd
$SUDO mv /etc/lighttpd/lighttpd.conf /etc/lighttpd/lighttpd.conf.orig $SUDO mv /etc/lighttpd/lighttpd.conf /etc/lighttpd/lighttpd.conf.orig
fi fi
$SUDO cp /etc/.pihole/advanced/lighttpd.conf /etc/lighttpd/lighttpd.conf $SUDO cp /etc/.pihole/advanced/$LIGHTTPD_CFG /etc/lighttpd/lighttpd.conf
$SUDO mkdir -p /var/run/lighttpd
$SUDO chown $LIGHTTPD_USER:$LIGHTTPD_GROUP /var/run/lighttpd
$SUDO mkdir -p /var/cache/lighttpd/compress
$SUDO chown $LIGHTTPD_USER:$LIGHTTPD_GROUP /var/cache/lighttpd/compress
} }
stopServices() { stopServices() {
@ -510,50 +586,52 @@ stopServices() {
$SUDO echo ":::" $SUDO echo ":::"
$SUDO echo -n "::: Stopping services..." $SUDO echo -n "::: Stopping services..."
#$SUDO service dnsmasq stop & spinner $! || true #$SUDO service dnsmasq stop & spinner $! || true
$SUDO service lighttpd stop & spinner $! || true if [ -x "$(command -v systemctl)" ]; then
$SUDO systemctl stop lighttpd & spinner $! || true
else
$SUDO service lighttpd stop & spinner $! || true
fi
$SUDO echo " done." $SUDO echo " done."
} }
checkForDependencies() { installerDependencies() {
#Running apt-get update/upgrade with minimal output can cause some issues with #Running apt-get update/upgrade with minimal output can cause some issues with
#requiring user input (e.g password for phpmyadmin see #218) #requiring user input (e.g password for phpmyadmin see #218)
#We'll change the logic up here, to check to see if there are any updates availible and #We'll change the logic up here, to check to see if there are any updates availible and
# if so, advise the user to run apt-get update/upgrade at their own discretion # if so, advise the user to run apt-get update/upgrade at their own discretion
#Check to see if apt-get update has already been run today #Check to see if apt-get update has already been run today
# it needs to have been run at least once on new installs! # it needs to have been run at least once on new installs!
timestamp=$(stat -c %Y $PKG_CACHE)
timestamp=$(stat -c %Y /var/cache/apt/)
timestampAsDate=$(date -d @"$timestamp" "+%b %e") timestampAsDate=$(date -d @"$timestamp" "+%b %e")
today=$(date "+%b %e") today=$(date "+%b %e")
if [ ! "$today" == "$timestampAsDate" ]; then if [ ! "$today" == "$timestampAsDate" ]; then
#update package lists #update package lists
echo ":::" echo ":::"
echo -n "::: apt-get update has not been run today. Running now..." echo -n "::: $PKG_MANAGER update has not been run today. Running now..."
$SUDO apt-get -qq update & spinner $! $SUDO $UPDATE_PKG_CACHE > /dev/null 2>&1
echo " done!" echo " done!"
fi fi
echo ":::" echo ":::"
echo -n "::: Checking apt-get for upgraded packages...." echo -n "::: Checking $PKG_MANAGER for upgraded packages...."
updatesToInstall=$($SUDO apt-get -s -o Debug::NoLocking=true upgrade | grep -c ^Inst) updatesToInstall=$(eval "$SUDO $PKG_COUNT")
echo " done!" echo " done!"
echo ":::" echo ":::"
if [[ $updatesToInstall -eq "0" ]]; then if [[ $updatesToInstall -eq "0" ]]; then
echo "::: Your pi is up to date! Continuing with pi-hole installation..." echo "::: Your pi is up to date! Continuing with pi-hole installation..."
else else
echo "::: There are $updatesToInstall updates availible for your pi!" echo "::: There are $updatesToInstall updates availible for your pi!"
echo "::: We recommend you run 'sudo apt-get upgrade' after installing Pi-Hole! " echo "::: We recommend you run '$PKG_UPDATE' after installing Pi-Hole! "
echo ":::" echo ":::"
fi fi
echo ":::" echo ":::"
echo "::: Checking dependencies:" echo "::: Checking installer dependencies..."
for i in "${INSTALLER_DEPS[@]}"; do
dependencies=( dnsutils bc dnsmasq lighttpd php5-common php5-cgi php5 git curl unzip wget sudo)
for i in "${dependencies[@]}"; do
echo -n "::: Checking for $i..." echo -n "::: Checking for $i..."
if [ "$(dpkg-query -W -f='${Status}' "$i" 2>/dev/null | grep -c "ok installed")" -eq 0 ]; then package_check $i > /dev/null
if ! [ $? -eq 0 ]; then
echo -n " Not found! Installing...." echo -n " Not found! Installing...."
$SUDO apt-get -y -qq install "$i" > /dev/null & spinner $! $SUDO $PKG_INSTALL "$i" > /dev/null 2>&1
echo " done!" echo " done!"
else else
echo " already installed!" echo " already installed!"
@ -561,6 +639,23 @@ checkForDependencies() {
done done
} }
checkForDependencies() {
# Install dependencies for Pi-Hole
echo "::: Checking Pi-Hole dependencies:"
for i in "${PIHOLE_DEPS[@]}"; do
echo -n "::: Checking for $i..."
package_check $i > /dev/null
if ! [ $? -eq 0 ]; then
echo -n " Not found! Installing...."
$SUDO $PKG_INSTALL "$i" > /dev/null & spinner $!
echo " done!"
else
echo " already installed!"
fi
done
}
getGitFiles() { getGitFiles() {
# Setup git repos for base files and web admin # Setup git repos for base files and web admin
echo ":::" echo ":::"
@ -677,6 +772,27 @@ setUser(){
fi fi
} }
configureFirewall() {
# Allow HTTP and DNS traffic
if [ -x "$(command -v firewall-cmd)" ]; then
$SUDO firewall-cmd --state > /dev/null
if [[ $? -eq 0 ]]; then
$SUDO echo "::: Configuring firewalld for httpd and dnsmasq.."
$SUDO firewall-cmd --permanent --add-port=80/tcp
$SUDO firewall-cmd --permanent --add-port=53/tcp
$SUDO firewall-cmd --permanent --add-port=53/udp
$SUDO firewall-cmd --reload
fi
elif [ -x "$(command -v iptables)" ]; then
$SUDO echo "::: Configuring iptables for httpd and dnsmasq.."
$SUDO iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
$SUDO iptables -A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
$SUDO iptables -A INPUT -p udp -m udp --dport 53 -j ACCEPT
else
$SUDO echo "::: No firewall detected.. skipping firewall configuration."
fi
}
installPihole() { installPihole() {
# Install base files and web interface # Install base files and web interface
checkForDependencies # done checkForDependencies # done
@ -686,18 +802,55 @@ installPihole() {
if [ ! -d "/var/www/html" ]; then if [ ! -d "/var/www/html" ]; then
$SUDO mkdir -p /var/www/html $SUDO mkdir -p /var/www/html
fi fi
$SUDO chown www-data:www-data /var/www/html $SUDO chown $LIGHTTPD_USER:$LIGHTTPD_GROUP /var/www/html
$SUDO chmod 775 /var/www/html $SUDO chmod 775 /var/www/html
$SUDO usermod -a -G www-data pihole $SUDO usermod -a -G $LIGHTTPD_GROUP pihole
$SUDO lighty-enable-mod fastcgi fastcgi-php > /dev/null if [ -x "$(command -v lighty-enable-mod)" ]; then
$SUDO lighty-enable-mod fastcgi fastcgi-php > /dev/null
else
printf "\n:::\tWarning: 'lighty-enable-mod' utility not found. Please ensure fastcgi is enabled if you experience issues.\n"
fi
getGitFiles getGitFiles
installScripts installScripts
installConfigs installConfigs
CreateLogFile CreateLogFile
configureSelinux
installPiholeWeb installPiholeWeb
installCron installCron
runGravity runGravity
configureFirewall
}
configureSelinux() {
if [ -x "$(command -v getenforce)" ]; then
printf "\n::: SELinux Detected\n"
printf ":::\tChecking for SELinux policy development packages..."
package_check "selinux-policy-devel" > /dev/null
if ! [ $? -eq 0 ]; then
echo -n " Not found! Installing...."
$SUDO $PKG_INSTALL "selinux-policy-devel" > /dev/null & spinner $!
echo " done!"
else
echo " already installed!"
fi
printf "::: Enabling httpd server side includes (SSI).. "
$SUDO setsebool -P httpd_ssi_exec on
if [ $? -eq 0 ]; then
echo -n "Success\n"
fi
printf ":::\tCompiling Pi-Hole SELinux policy..\n"
$SUDO checkmodule -M -m -o /etc/pihole/pihole.mod /etc/.pihole/advanced/selinux/pihole.te
$SUDO semodule_package -o /etc/pihole/pihole.pp -m /etc/pihole/pihole.mod
$SUDO semodule -i /etc/pihole/pihole.pp
$SUDO rm -f /etc/pihole/pihole.mod
$SUDO semodule -l | grep pihole > /dev/null
if [ $? -eq 0 ]; then
printf "::: Successfully installed Pi-Hole SELinux policy\n"
else
printf "::: Warning: Pi-Hole SELinux policy did not install correctly!\n"
fi
fi
} }
displayFinalMessage() { displayFinalMessage() {
@ -716,6 +869,10 @@ View the web interface at http://pi.hole/admin or http://${IPv4addr%/*}/admin" $
######## SCRIPT ############ ######## SCRIPT ############
# Start the installer # Start the installer
$SUDO mkdir -p /etc/pihole/ $SUDO mkdir -p /etc/pihole/
# Install packages used by this installation script
installerDependencies
welcomeDialogs welcomeDialogs
# Verify there is enough disk space for the install # Verify there is enough disk space for the install
@ -723,6 +880,8 @@ verifyFreeDiskSpace
# Just back up the original Pi-hole right away since it won't take long and it gets it out of the way # Just back up the original Pi-hole right away since it won't take long and it gets it out of the way
backupLegacyPihole backupLegacyPihole
# Find IP used to route to outside world
findIPRoute
# Find interfaces and let the user choose one # Find interfaces and let the user choose one
chooseInterface chooseInterface
# Let the user decide if they want to block ads over IPv4 and/or IPv6 # Let the user decide if they want to block ads over IPv4 and/or IPv6
@ -741,8 +900,16 @@ displayFinalMessage
echo -n "::: Restarting services..." echo -n "::: Restarting services..."
# Start services # Start services
$SUDO service dnsmasq restart if [ -x "$(command -v systemctl)" ]; then
$SUDO service lighttpd start $SUDO systemctl enable dnsmasq
$SUDO systemctl restart dnsmasq
$SUDO systemctl enable lighttpd
$SUDO systemctl start lighttpd
else
$SUDO service dnsmasq restart
$SUDO service lighttpd start
fi
echo " done." echo " done."
echo ":::" echo ":::"

55
automated install/uninstall.sh
View File

@ -17,7 +17,7 @@ else
echo "::: Sudo will be used for the uninstall." echo "::: Sudo will be used for the uninstall."
# Check if it is actually installed # Check if it is actually installed
# If it isn't, exit because the unnstall cannot complete # If it isn't, exit because the unnstall cannot complete
if [[ $(dpkg-query -s sudo) ]];then if [ -x "$(command -v sudo)" ];then
export SUDO="sudo" export SUDO="sudo"
else else
echo "::: Please install sudo or run this as root." echo "::: Please install sudo or run this as root."
@ -25,6 +25,39 @@ else
fi fi
fi fi
# Compatability
if [ -x "$(command -v rpm)" ];then
# Fedora Family
if [ -x "$(command -v dnf)" ];then
PKG_MANAGER="dnf"
else
PKG_MANAGER="yum"
fi
PKG_REMOVE="$PKG_MANAGER remove -y"
PIHOLE_DEPS=( bind-utils bc dnsmasq lighttpd lighttpd-fastcgi php-common git curl unzip wget findutils )
package_check() {
rpm -qa | grep ^$1- > /dev/null
}
package_cleanup() {
$SUDO $PKG_MANAGER -y autoremove
}
elif [ -x "$(command -v apt-get)" ];then
# Debian Family
PKG_MANAGER="apt-get"
PKG_REMOVE="$PKG_MANAGER -y remove --purge"
PIHOLE_DEPS=( dnsutils bc dnsmasq lighttpd php5-common git curl unzip wget )
package_check() {
dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed"
}
package_cleanup() {
$SUDO $PKG_MANAGER -y autoremove
$SUDO $PKG_MANAGER -y autoclean
}
else
echo "OS distribution not supported"
exit
fi
spinner() spinner()
{ {
local pid=$1 local pid=$1
@ -43,14 +76,13 @@ spinner()
function removeAndPurge { function removeAndPurge {
# Purge dependencies # Purge dependencies
echo ":::" echo ":::"
# Nate 3/28/2016 - Removed `php5-cgi` and `php5` as they are removed with php5-common for i in "${PIHOLE_DEPS[@]}"; do
dependencies=( dnsutils bc dnsmasq lighttpd php5-common git curl unzip wget ) package_check $i > /dev/null
for i in "${dependencies[@]}"; do if [ $? -eq 0 ]; then
if [ "$(dpkg-query -W --showformat='${Status}\n' "$i" 2> /dev/null | grep -c "ok installed")" -eq 1 ]; then
while true; do while true; do
read -rp "::: Do you wish to remove $i from your system? [y/n]: " yn read -rp "::: Do you wish to remove $i from your system? [y/n]: " yn
case $yn in case $yn in
[Yy]* ) printf ":::\tRemoving %s..." "$i"; $SUDO apt-get -y remove --purge "$i" &> /dev/null & spinner $!; printf "done!\n"; break;; [Yy]* ) printf ":::\tRemoving %s..." "$i"; $SUDO $PKG_REMOVE "$i" &> /dev/null & spinner $!; printf "done!\n"; break;;
[Nn]* ) printf ":::\tSkipping %s" "$i\n"; break;; [Nn]* ) printf ":::\tSkipping %s" "$i\n"; break;;
* ) printf "::: You must answer yes or no!\n";; * ) printf "::: You must answer yes or no!\n";;
esac esac
@ -65,10 +97,8 @@ echo ":::"
$SUDO rm /etc/dnsmasq.conf /etc/dnsmasq.conf.orig /etc/dnsmasq.d/01-pihole.conf &> /dev/null $SUDO rm /etc/dnsmasq.conf /etc/dnsmasq.conf.orig /etc/dnsmasq.d/01-pihole.conf &> /dev/null
# Take care of any additional package cleaning # Take care of any additional package cleaning
printf "::: Auto removing remaining dependencies..." printf "::: Auto removing & cleaning remaining dependencies..."
$SUDO apt-get -y autoremove &> /dev/null & spinner $!; printf "done!\n"; package_cleanup &> /dev/null & spinner $!; printf "done!\n";
printf "::: Auto cleaning remaining dependencies..."
$SUDO apt-get -y autoclean &> /dev/null & spinner $!; printf "done!\n";
# Call removeNoPurge to remove PiHole specific files # Call removeNoPurge to remove PiHole specific files
removeNoPurge removeNoPurge
@ -107,7 +137,8 @@ function removeNoPurge {
fi fi
echo "::: Removing config files and scripts..." echo "::: Removing config files and scripts..."
if [ ! "$(dpkg-query -W --showformat='${Status}\n' lighttpd 2> /dev/null | grep -c "ok installed")" -eq 1 ]; then package_check $i > /dev/null
if [ $? -eq 1 ]; then
$SUDO rm -rf /etc/lighttpd/ &> /dev/null $SUDO rm -rf /etc/lighttpd/ &> /dev/null
else else
if [ -f /etc/lighttpd/lighttpd.conf.orig ]; then if [ -f /etc/lighttpd/lighttpd.conf.orig ]; then
@ -143,5 +174,3 @@ while true; do
[Nn]* ) removeNoPurge; break;; [Nn]* ) removeNoPurge; break;;
esac esac
done done

2
gravity.sh
View File

@ -19,7 +19,7 @@ else
echo "::: sudo will be used." echo "::: sudo will be used."
# Check if it is actually installed # Check if it is actually installed
# If it isn't, exit because the install cannot complete # If it isn't, exit because the install cannot complete
if [[ $(dpkg-query -s sudo) ]];then if [ -x "$(command -v sudo)" ];then
export SUDO="sudo" export SUDO="sudo"
else else
echo "::: Please install sudo or run this script as root." echo "::: Please install sudo or run this script as root."

2
pihole
View File

@ -17,7 +17,7 @@ if [[ ! $EUID -eq 0 ]];then
#echo "::: Sudo will be used for this tool." #echo "::: Sudo will be used for this tool."
# Check if it is actually installed # Check if it is actually installed
# If it isn't, exit because the pihole cannot be invoked without privileges. # If it isn't, exit because the pihole cannot be invoked without privileges.
if [[ $(dpkg-query -s sudo) ]];then if [ -x "$(command -v sudo)" ];then
export SUDO="sudo" export SUDO="sudo"
else else
echo "::: Please install sudo or run this as root." echo "::: Please install sudo or run this as root."