diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh index 095e1274..87e4ab44 100755 --- a/advanced/Scripts/list.sh +++ b/advanced/Scripts/list.sh @@ -141,7 +141,7 @@ AddDomain() { bool=true domain="${1}" - [[ "${wildcard}" == true ]] && domain="((^)|(\\.))${domain//\./\\.}$" + [[ "${wildcard}" == true ]] && domain="(^|\\.)${domain//\./\\.}$" # Is the domain in the list? # Search only for exactly matching lines @@ -189,7 +189,7 @@ RemoveDomain() { [[ -z "${type}" ]] && type="--wildcard-only" domain="${1}" - [[ "${wildcard}" == true ]] && domain="((^)|(\\.))${domain//\./\\.}$" + [[ "${wildcard}" == true ]] && domain="(^|\\.)${domain//\./\\.}$" bool=true # Is it in the list? diff --git a/advanced/Scripts/wildcard_regex_converter.sh b/advanced/Scripts/wildcard_regex_converter.sh index 2db4d671..8c9578a3 100644 --- a/advanced/Scripts/wildcard_regex_converter.sh +++ b/advanced/Scripts/wildcard_regex_converter.sh @@ -24,5 +24,5 @@ convert_wildcard_to_regex() { # Remove repeated domains (may have been inserted two times due to A and AAAA blocking) uniquedomains="$(uniq <<< "${domains}")" # Automatically generate regex filters and remove old wildcards file - awk '{print "((^)|(\\.))"$0"$"}' <<< "${uniquedomains}" >> "${regexFile:?}" && rm "${wildcardFile}" + awk '{print "(^|\\.)"$0"$"}' <<< "${uniquedomains}" >> "${regexFile:?}" && rm "${wildcardFile}" } diff --git a/advanced/logrotate b/advanced/Templates/logrotate similarity index 100% rename from advanced/logrotate rename to advanced/Templates/logrotate diff --git a/advanced/Templates/pihole-FTL.conf b/advanced/Templates/pihole-FTL.conf new file mode 100644 index 00000000..03f42932 --- /dev/null +++ b/advanced/Templates/pihole-FTL.conf @@ -0,0 +1,84 @@ +### This file contains parameters for FTL behavior. +### At install, all parameters are commented out. The user can select desired options. +### Options shown are the default configuration. No modification is needed for most +### installations. +### Visit https://docs.pi-hole.net/ftldns/configfile/ for more detailed parameter explanations + +## Socket Listening +## Listen only for local socket connections or permit all connections +## Options: localonly, all +#SOCKET_LISTENING=localonly + +## Query Display +## Display all queries? Set to no to hide query display +## Options: yes, no +#QUERY_DISPLAY=yes + +## AAA Query Analysis +## Allow FTL to analyze AAAA queries from pihole.log? +## Options: yes, no +#AAAA_QUERY_ANALYSIS=yes + +## Resolve IPv6 +## Should FTL try to resolve IPv6 addresses to host names? +## Options: yes, no +#RESOLVE_IPV6=yes + +## Resolve IPv4 +## Should FTL try to resolve IPv4 addresses to host names? +## Options: yes, no +#RESOLVE_IPV4=yes + +## Max Database Days +## How long should queries be stored in the database (days)? +## Setting this to 0 disables the database +## See: https://docs.pi-hole.net/ftldns/database/ +## Options: number of days +#MAXDBDAYS=365 + +## Database Interval +## How often do we store queries in FTL's database (minutes)? +## See: https://docs.pi-hole.net/ftldns/database/ +## Options: number of minutes +#DBINTERVAL=1.0 + +## Database File +## Specify path and filename of FTL's SQLite3 long-term database. +## Setting this to DBFILE= disables the database altogether +## See: https://docs.pi-hole.net/ftldns/database/ +## Option: path to db file +#DBFILE=/etc/pihole/pihole-FTL.db + +## Max Log Age +## Up to how many hours of queries should be imported from the database and logs (hours)? +## Maximum is 744 (31 days) +## Options: number of days +#MAXLOGAGE=24.0 + +## FTL Port +## On which port should FTL be listening? +## Options: tcp port +#FTLPORT=4711 + +## Privacy Level +## Which privacy level is used? +## See: https://docs.pi-hole.net/ftldns/privacylevels/ +## Options: 0, 1, 2, 3 +#PRIVACYLEVEL=0 + +## Ignore Localhost +## Should FTL ignore queries coming from the local machine? +## Options: yes, no +#IGNORE_LOCALHOST=no + +## Blocking Mode +## How should FTL reply to blocked queries? +## See: https://docs.pi-hole.net/ftldns/blockingmode/ +## Options: NULL, IP-AAAA-NODATA, IP, NXDOMAIN +#BLOCKINGMODE=NULL + +## Regex Debug Mode +## Controls if FTLDNS should print extended details about regex matching into pihole-FTL.log. +## See: https://docs.pi-hole.net/ftldns/regex/overview/ +## Options: true, false +#REGEX_DEBUGMODE=false diff --git a/advanced/pihole-FTL.service b/advanced/Templates/pihole-FTL.service similarity index 100% rename from advanced/pihole-FTL.service rename to advanced/Templates/pihole-FTL.service diff --git a/advanced/pihole.cron b/advanced/Templates/pihole.cron similarity index 100% rename from advanced/pihole.cron rename to advanced/Templates/pihole.cron diff --git a/advanced/pihole.sudo b/advanced/Templates/pihole.sudo similarity index 100% rename from advanced/pihole.sudo rename to advanced/Templates/pihole.sudo diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index ad7d313c..77e02b58 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -47,9 +47,11 @@ PI_HOLE_LOCAL_REPO="/etc/.pihole" PI_HOLE_FILES=(chronometer list piholeDebug piholeLogFlush setupLCD update version gravity uninstall webpage) # This directory is where the Pi-hole scripts will be installed PI_HOLE_INSTALL_DIR="/opt/pihole" +PI_HOLE_CONFIG_DIR="/etc/pihole" useUpdateVars=false adlistFile="/etc/pihole/adlists.list" +regexFile="/etc/pihole/regex.list" # Pi-hole needs an IP address; to begin, these variables are empty since we don't know what the IP is until # this script can run IPV4_ADDRESS="" @@ -1219,12 +1221,13 @@ installScripts() { install -o "${USER}" -Dm755 -t /usr/local/bin/ pihole install -Dm644 ./advanced/bash-completion/pihole /etc/bash_completion.d/pihole echo -e "${OVER} ${TICK} ${str}" + # Otherwise, else # Show an error and exit echo -e "${OVER} ${CROSS} ${str} ${COL_LIGHT_RED}Error: Local repo ${PI_HOLE_LOCAL_REPO} not found, exiting installer${COL_NC}" - exit 1 + return 1 fi } @@ -1234,7 +1237,18 @@ installConfigs() { echo -e " ${INFO} Installing configs from ${PI_HOLE_LOCAL_REPO}..." # Make sure Pi-hole's config files are in place version_check_dnsmasq - + # Install empty file if it does not exist + if [[ ! -f "${PI_HOLE_CONFIG_DIR}/pihole-FTL.conf" ]]; then + if ! install -o pihole -g pihole -m 664 /dev/null "${PI_HOLE_CONFIG_DIR}/pihole-FTL.conf" &>/dev/nul; then + echo -e " ${COL_LIGHT_RED}Error: Unable to initialize configuration file ${PI_HOLE_CONFIG_DIR}/pihole-FTL.conf" + return 1 + fi + fi + # Install an empty regex file + if [[ ! -f "${regexFile}" ]]; then + # Let PHP edit the regex file, if installed + install -o pihole -g "${LIGHTTPD_GROUP:-pihole}" -m 664 /dev/null "${regexFile}" + fi # If the user chose to install the dashboard, if [[ "${INSTALL_WEB_SERVER}" == true ]]; then # and if the Web server conf directory does not exist, @@ -1370,11 +1384,11 @@ check_service_active() { # If systemctl exists, if command -v systemctl &> /dev/null; then # use that to check the status of the service - systemctl is-enabled "${1}" > /dev/null + systemctl is-enabled "${1}" &> /dev/null # Otherwise, else # fall back to service command - service "${1}" status > /dev/null + service "${1}" status &> /dev/null fi } @@ -1553,7 +1567,7 @@ installPiholeWeb() { # Make the .d directory if it doesn't exist mkdir -p /etc/sudoers.d/ # and copy in the pihole sudoers file - cp ${PI_HOLE_LOCAL_REPO}/advanced/pihole.sudo /etc/sudoers.d/pihole + cp ${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole.sudo /etc/sudoers.d/pihole # Add lighttpd user (OS dependent) to sudoers file echo "${LIGHTTPD_USER} ALL=NOPASSWD: /usr/local/bin/pihole" >> /etc/sudoers.d/pihole @@ -1575,7 +1589,7 @@ installCron() { echo "" echo -ne " ${INFO} ${str}..." # Copy the cron file over from the local repo - cp ${PI_HOLE_LOCAL_REPO}/advanced/pihole.cron /etc/cron.d/pihole + cp ${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole.cron /etc/cron.d/pihole # Randomize gravity update time sed -i "s/59 1 /$((1 + RANDOM % 58)) $((3 + RANDOM % 2))/" /etc/cron.d/pihole # Randomize update checker time @@ -1699,7 +1713,7 @@ installLogrotate() { echo "" echo -ne " ${INFO} ${str}..." # Copy the file over from the local repo - cp ${PI_HOLE_LOCAL_REPO}/advanced/logrotate /etc/pihole/logrotate + cp ${PI_HOLE_LOCAL_REPO}/advanced/Templates/logrotate /etc/pihole/logrotate # Different operating systems have different user / group # settings for logrotate that makes it impossible to create # a static logrotate file that will work with e.g. @@ -1770,9 +1784,15 @@ installPihole() { accountForRefactor fi # Install base files and web interface - installScripts + if ! installScripts; then + echo -e " {CROSS} Failure in dependent script copy function." + exit 1 + fi # Install config files - installConfigs + if ! installConfigs; then + echo -e " {CROSS} Failure in dependent config copy function." + exit 1 + fi # If the user wants to install the dashboard, if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then # do so @@ -1918,7 +1938,7 @@ get_available_branches() { cd "${directory}" || return 1 # Get reachable remote branches, but store STDERR as STDOUT variable - output=$( { git ls-remote --head --quiet | cut -d'/' -f3- -; } 2>&1 ) + output=$( { git ls-remote --heads --quiet | cut -d'/' -f3- -; } 2>&1 ) echo "$output" return } @@ -2023,7 +2043,7 @@ FTLinstall() { pushd "$(mktemp -d)" > /dev/null || { echo "Unable to make temporary directory for FTL binary download"; return 1; } # Always replace pihole-FTL.service - install -T -m 0755 "${PI_HOLE_LOCAL_REPO}/advanced/pihole-FTL.service" "/etc/init.d/pihole-FTL" + install -T -m 0755 "${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole-FTL.service" "/etc/init.d/pihole-FTL" local ftlBranch local url @@ -2058,7 +2078,7 @@ FTLinstall() { # Install the FTL service echo -e "${OVER} ${TICK} ${str}" # dnsmasq can now be stopped and disabled if it exists - if which dnsmasq > /dev/null; then + if which dnsmasq &> /dev/null; then if check_service_active "dnsmasq";then echo " ${INFO} FTL can now resolve DNS Queries without dnsmasq running separately" stop_service dnsmasq @@ -2187,7 +2207,7 @@ FTLcheckUpdate() { local localSha1 # if dnsmasq exists and is running at this point, force reinstall of FTL Binary - if which dnsmasq > /dev/null; then + if which dnsmasq &> /dev/null; then if check_service_active "dnsmasq";then return 0 fi diff --git a/gravity.sh b/gravity.sh index b018e2ea..50c37784 100755 --- a/gravity.sh +++ b/gravity.sh @@ -643,11 +643,6 @@ if [[ "${skipDownload}" == false ]] || [[ "${listType}" == "whitelist" ]]; then gravity_Whitelist fi -# Set proper permissions on the regex file -touch "${regexFile}" -chown pihole:www-data "${regexFile}" -chmod 664 "${regexFile}" - convert_wildcard_to_regex gravity_ShowBlockCount diff --git a/manpages/pihole.8 b/manpages/pihole.8 index c30570df..e0845387 100644 --- a/manpages/pihole.8 +++ b/manpages/pihole.8 @@ -125,13 +125,16 @@ Available commands and options: .br -k, kelvin Set Kelvin as preferred temperature unit .br - -r, hostrecord Add a name to the DNS associated to an IPv4/IPv6 address + -r, hostrecord Add a name to the DNS associated to an + IPv4/IPv6 address .br - -e, email Set an administrative contact address for the Block Page + -e, email Set an administrative contact address for the + Block Page .br -i, interface Specify dnsmasq's interface listening behavior .br - -l, privacylevel Set privacy level (0 = lowest, 3 = highest) + -l, privacylevel Set privacy level + (0 = lowest, 3 = highest) .br \fB-c, chronometer\fR [options] @@ -181,7 +184,8 @@ Available commands and options: .br on Enable the Pi-hole log at /var/log/pihole.log .br - off Disable and flush the Pi-hole log at /var/log/pihole.log + off Disable and flush the Pi-hole log at + /var/log/pihole.log .br off noflush Disable the Pi-hole log at /var/log/pihole.log .br @@ -204,7 +208,8 @@ Available commands and options: .br -p, --pihole Only retrieve info regarding Pi-hole repository .br - -a, --admin Only retrieve info regarding AdminLTE repository + -a, --admin Only retrieve info regarding AdminLTE + repository .br -f, --ftl Only retrieve info regarding FTL repository .br @@ -214,7 +219,8 @@ Available commands and options: .br -l, --latest Return the latest version .br - --hash Return the Github hash from your local repositories + --hash Return the Github hash from your local + repositories .br \fBuninstall\fR @@ -266,7 +272,8 @@ Available commands and options: .br master Update subsystems to the latest stable release .br - dev Update subsystems to the latest development release + dev Update subsystems to the latest development + release .br branchname Update subsystems to the specified branchname .br @@ -275,50 +282,74 @@ Available commands and options: Some usage examples .br - Whitelist/blacklist manipulation +Whitelist/blacklist manipulation .br - \fBpihole -w iloveads.example.com\fR Add "iloveads.example.com" to whitelist +\fBpihole -w iloveads.example.com\fR .br - \fBpihole -b -d noads.example.com\fR Remove "noads.example.com" from blacklist -.br - \fBpihole --wild example.com\fR Add example.com as a wildcard - would - block all subdomains of example.com, including example.com itself. -.br - \fBpihole --regex "ad.*\.example\.com$"\fR Add "ad.*\.example\.com$" to the regex - blacklist - would block all subdomains of example.com which start with "ad" + Adds "iloveads.example.com" to whitelist .br - Changing the Web Interface password +\fBpihole -b -d noads.example.com\fR +.br + Removes "noads.example.com" from blacklist .br - \fBpihole -a -p ExamplePassword\fR Change the password to "ExamplePassword" +\fBpihole --wild example.com\fR +.br + Adds example.com as a wildcard - would block all subdomains of + example.com, including example.com itself. .br - Updating lists from internet sources +\fBpihole --regex "ad.*\\.example\\.com$"\fR +.br + Adds "ad.*\\.example\\.com$" to the regex blacklist. + Would block all subdomains of example.com which start with "ad" .br - \fBpihole -g\fR Update the list of ad-serving domains +Changing the Web Interface password .br - Displaying version information +\fBpihole -a -p ExamplePassword\fR +.br + Change the password to "ExamplePassword" .br - \fBpihole -v -a -c\fR Display the current version of AdminLTE +Updating lists from internet sources .br - Temporarily disabling Pi-hole +\fBpihole -g\fR +.br + Update the list of ad-serving domains .br - \fBpihole disable 5m\fR Disable Pi-hole functionality for five minutes +Displaying version information .br - Switching Pi-hole subsystem branches +\fBpihole -v -a -c\fR +.br + Display the current version of AdminLTE .br - \fBpihole checkout master\fR Switch to master branch +Temporarily disabling Pi-hole .br - \fBpihole checkout core dev\fR Switch to core development branch + +\fBpihole disable 5m\fR +.br + Disable Pi-hole functionality for five minutes +.br + +Switching Pi-hole subsystem branches +.br + +\fBpihole checkout master\fR +.br + Switch to master branch +.br + +\fBpihole checkout core dev\fR +.br + Switch to core development branch .br .SH "SEE ALSO"