From b246dba7e75a484120739a0eb239a150bdb50bbf Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sun, 4 Dec 2016 21:30:59 +0100 Subject: [PATCH 01/88] Rename index.html to index.php --- advanced/{index.html => index.php} | 0 advanced/lighttpd.conf.debian | 2 +- advanced/lighttpd.conf.fedora | 2 +- automated install/basic-install.sh | 16 ++++++++++------ 4 files changed, 12 insertions(+), 8 deletions(-) rename advanced/{index.html => index.php} (100%) diff --git a/advanced/index.html b/advanced/index.php similarity index 100% rename from advanced/index.html rename to advanced/index.php diff --git a/advanced/lighttpd.conf.debian b/advanced/lighttpd.conf.debian index 15821bc7..01f52a85 100644 --- a/advanced/lighttpd.conf.debian +++ b/advanced/lighttpd.conf.debian @@ -21,7 +21,7 @@ server.modules = ( ) server.document-root = "/var/www/html" -server.error-handler-404 = "pihole/index.html" +server.error-handler-404 = "pihole/index.php" server.upload-dirs = ( "/var/cache/lighttpd/uploads" ) server.errorlog = "/var/log/lighttpd/error.log" server.pid-file = "/var/run/lighttpd.pid" diff --git a/advanced/lighttpd.conf.fedora b/advanced/lighttpd.conf.fedora index 96e1311e..d2af5bd4 100644 --- a/advanced/lighttpd.conf.fedora +++ b/advanced/lighttpd.conf.fedora @@ -22,7 +22,7 @@ server.modules = ( ) server.document-root = "/var/www/html" -server.error-handler-404 = "pihole/index.html" +server.error-handler-404 = "pihole/index.php" server.upload-dirs = ( "/var/cache/lighttpd/uploads" ) server.errorlog = "/var/log/lighttpd/error.log" server.pid-file = "/var/run/lighttpd.pid" diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 33444873..8c7a6b1d 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -21,6 +21,7 @@ set -e tmpLog=/tmp/pihole-install.log instalLogLoc=/etc/pihole/install.log setupVars=/etc/pihole/setupVars.conf +lighttpdConfig=/etc/lighttpd/lighttpd.conf webInterfaceGitUrl="https://github.com/pi-hole/AdminLTE.git" webInterfaceDir="/var/www/html/admin" @@ -709,9 +710,9 @@ installConfigs() { mkdir /etc/lighttpd chown "${USER}":root /etc/lighttpd elif [ -f "/etc/lighttpd/lighttpd.conf" ]; then - mv /etc/lighttpd/lighttpd.conf /etc/lighttpd/lighttpd.conf.orig + mv ${lighttpdConfig} ${lighttpdConfig}.orig fi - cp /etc/.pihole/advanced/${LIGHTTPD_CFG} /etc/lighttpd/lighttpd.conf + cp /etc/.pihole/advanced/${LIGHTTPD_CFG} ${lighttpdConfig} mkdir -p /var/run/lighttpd chown ${LIGHTTPD_USER}:${LIGHTTPD_GROUP} /var/run/lighttpd mkdir -p /var/cache/lighttpd/compress @@ -825,11 +826,11 @@ installPiholeWeb() { echo ":::" echo "::: Installing pihole custom index page..." if [ -d "/var/www/html/pihole" ]; then - if [ -f "/var/www/html/pihole/index.html" ]; then - echo "::: Existing index.html detected, not overwriting" + if [ -f "/var/www/html/pihole/index.php" ]; then + echo "::: Existing index.php detected, not overwriting" else - echo -n "::: index.html missing, replacing... " - cp /etc/.pihole/advanced/index.html /var/www/html/pihole/ + echo -n "::: index.php missing, replacing... " + cp /etc/.pihole/advanced/index.php /var/www/html/pihole/ echo " done!" fi @@ -955,6 +956,9 @@ accountForRefactor() { sed -i 's/piholeDNS1/PIHOLE_DNS_1/g' ${setupVars} sed -i 's/piholeDNS2/PIHOLE_DNS_2/g' ${setupVars} + # Account for change in lighttpd config file + sed -i 's:pihole/index.html:pihole/index.php:' ${lighttpdConfig} + } updatePihole() { From 6e788668f9f9d63f44585aa54d8522eafc8092c3 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sun, 4 Dec 2016 22:17:08 +0100 Subject: [PATCH 02/88] Updated index.php --- advanced/index.php | 61 ++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 59 insertions(+), 2 deletions(-) diff --git a/advanced/index.php b/advanced/index.php index 3a4abe1f..41142633 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -1,7 +1,64 @@ + - - + + + + + + Website Blocked + + + + + + +
+

Website Blocked

+
+
+
Access to the following site has been blocked:
+
+
If you have an ongoing use for this website, please ask to owner of the Pi-Hole in your network to have it whitelisted.
+
Back to safety +
+
Generated by Pi-hole
+ + From e7241a989cc95bcf3fca527322128d2d5c07a43b Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sun, 4 Dec 2016 22:20:51 +0100 Subject: [PATCH 03/88] Include CSS file --- advanced/index.css | 212 +++++++++++++++++++++++++++++ advanced/index.php | 4 +- automated install/basic-install.sh | 8 ++ 3 files changed, 222 insertions(+), 2 deletions(-) create mode 100644 advanced/index.css diff --git a/advanced/index.css b/advanced/index.css new file mode 100644 index 00000000..b5fae08e --- /dev/null +++ b/advanced/index.css @@ -0,0 +1,212 @@ +/* CSS Reset */ +html, body, div, span, applet, object, iframe, h1, h2, h3, h4, h5, h6, p, blockquote, pre, a, abbr, acronym, address, big, cite, code, del, dfn, em, img, ins, kbd, q, s, samp, small, strike, strong, sub, sup, tt, var, b, u, i, center, dl, dt, dd, ol, ul, li, fieldset, form, label, legend, table, caption, tbody, tfoot, thead, tr, th, td, article, aside, canvas, details, embed, figure, figcaption, footer, header, hgroup, menu, nav, output, ruby, section, summary, time, mark, audio, video { margin: 0; padding: 0; border: 0; font-size: 100%; font: inherit; vertical-align: baseline; } +article, aside, details, figcaption, figure, footer, header, hgroup, menu, nav, section { display: block; } +body { line-height: 1; } +ol, ul { list-style: none; } +blockquote, q { quotes: none; } +blockquote:before, blockquote:after, q:before, q:after { content: ''; content: none; } +table { border-collapse: collapse; border-spacing: 0; } +html { height: 100%; overflow-x: hidden; } + +/* General Style */ +a { color: rgba(0,60,120,0.95); text-decoration: none; } /* 1E3C5A */ +a:hover { color: rgba(210,120,0,0.95); transition-duration: .2s; } /* 255, 128, 0 */ +divs a { border-bottom: 1px dashed rgba(30,60,90,0.3); } +b { font-weight: bold; } +i { font-style: italic; } + +footer, .pre, input[type='url'], input[type='text'], .alist, .transparent td { font-family: monospace; } +body, header { background: #E1E1E1; } + +body { + background-image: url('http://firebog.net/bg.png'), -webkit-linear-gradient(top, rgba(220,220,220,0.95), rgba(240,240,240,0.95)); + background-image: url('http://firebog.net/bg.png'), linear-gradient(to bottom, rgba(220,220,220,0.95), rgba(240,240,240,0.95)); + background-attachment: fixed; + color: rgba(64,64,64,0.95); + text-shadow: 0 1px rgba(0,0,0,0.04); + font: 14px Arial, sans-serif; + line-height: 1em; +} + +header { + min-width: 320px; + width: 100%; + text-shadow: 0 1px rgba(255,255,255,0.6); + display: table; + table-layout: fixed; + border: 1px solid rgba(0,0,0,0.25); + border-top-color: rgba(255,255,255,0.85); + border-style: solid none; + background-image: -webkit-linear-gradient(top, rgba(240,240,240,0.95), rgba(220,220,220,0.95)); + background-image: linear-gradient(to bottom, rgba(240,240,240,0.95), rgba(220,220,220,0.95)); + box-shadow: 0 0 1px 1px rgba(0,0,0,0.04); +} + +header h1, header div { + display: table-cell; + color: inherit; + font-weight: bold; + vertical-align: middle; + white-space: nowrap; + overflow: hidden; + box-sizing: border-box; +} + +header h1 { + font: bold 1.6em "Trebuchet MS", sans-serif; + width: 100%; + padding: 8px 0; + text-indent: 32px; + background: url("http://firebog.net/PHV.svg") left no-repeat; +} + +header h1 a, h1 a:hover { color: inherit; } +header .alt { width: 85px; font-size: 0.8em; padding-right: 4px; text-align: right; line-height: 1.25em; } +.active { color: green; } +.inactive { color: red; } + +main { + display: block; + width: 80%; + padding: 8px; + font-size: 1em; + background-color: rgba(255,255,255,0.85); + margin: 8px auto; + box-sizing: border-box; + border: 1px solid rgba(0,0,0,0.25); + box-shadow: 0 0 1px 1px rgba(0,0,0,0.04); + line-height: 1.2em; + border-radius: 8px; +} + +h2 { /* Rgba is shared with .transparent th */ + font: 1.15em sans-serif; + background-color: rgba(255,0,0,0.4); + text-shadow: none; + line-height: 1.1em; + padding-bottom: 1px; + margin-top: 8px; + margin-bottom: 4px; + background: -webkit-linear-gradient(left, rgba(0,0,0,0.25), transparent 80%) no-repeat; + background: linear-gradient(to right, rgba(0,0,0,0.25), transparent 80%) no-repeat; + background-size: 100% 1px; + background-position: 0 17px; +} + +h2:first-child { margin-top: 0; } +h2 ~ *:not(h2) { margin-left: 4px; } +li { padding: 2px 0; } +li::before { content: "\00BB\00a0"; } +li a { position: relative; top: 1px; } /* Center bullet-point arrows */ + +/* Button Style */ +.buttons a, input, .transparent th a { /* Swapped rgba is shared with input[type='url'] */ + display: inline-block; + color: rgba(32,32,32,0.9); + font-weight: bold; + text-align: center; + cursor: pointer; + text-shadow: 0 1px rgba(255,255,255,0.2); + line-height: 0.86em; + font-size: 1em; + padding: 4px 8px; + background: #FAFAFA; + background-image: -webkit-linear-gradient(top, rgba(255,255,255,0.05), rgba(0,0,0,0.05)); + background-image: linear-gradient(to bottom, rgba(255,255,255,0.05), rgba(0,0,0,0.05)); + border: 1px solid rgba(0,0,0,0.25); + border-radius: 4px; + box-shadow: 0 1px 0 rgba(0,0,0,0.04); +} + +.buttons { white-space: nowrap; width: 100%; display: table; } +.mini a { width: 50%; } +a.safe { background-color: rgba(0,220,0,0.5); } +a.warn { background-color: rgba(220,0,0,0.5); } + +.blocked, .toggle, .sourcever, .mini, .addurl a, .editurl a { margin-top: 8px; } +.blocked a, .mini a { display: table-cell; } +.blocked a.safe { width: 100%; } + +.ministatus { text-align: center; } + +input[type='url'], input[type='text'] { /* Swapped rgba is shared with .buttons a */ + font-size: 1.15em; + padding: 2px 4px; + text-align: left; + cursor: text; + width: 100%; + box-sizing: border-box; + background-image: -webkit-linear-gradient(top, rgba(0,0,0,0.05), rgba(255,255,255,0.05)); + background-image: linear-gradient(to bottom, rgba(0,0,0,0.05), rgba(255,255,255,0.05)); +} + +input:focus { + outline: none; + box-shadow: 0 0 0 2px rgba(0,128,240,0.4); + border-radius: 4px; +} + +/* Types of text */ +.pre { white-space: pre; overflow: auto; -webkit-overflow-scrolling: touch; } +.msg { display: block; line-height: 1.2em; font-weight: bold; font-size: 1.15em; margin: 4px 8px 8px 8px; white-space: pre-line; } +.request, .finalresults, .sourcever, .invocation, .parameters, .transparent td, .actionfilecontent, .actionslist { font-size: 0.9em; line-height: 1.2em; } /* "Pre sized" */ + +.request, .finalresults, .parameters, .actionfilecontent, .actionslist { /* Dashed outline for excessive text */ + line-height: 1.2em; + padding: 4px; + border: 1px dashed rgba(0,0,0,0.25); + border-right: 0; + background-image: -webkit-linear-gradient(left, #FFF 70%, rgba(255,255,255,0)); + background-image: linear-gradient(to right, #FFF 70%, rgba(255,255,255,0)); + border-radius: 4px 0 0 4px; +} + +.parameters, .finalresults { /* Small scrollbox for excessive text */ + max-height: 116px; + overflow-y: scroll; + -webkit-overflow-scrolling: touch; +} + +.editactions { font-size: 0.8em; } +.actionslist { margin: 4px 0; } + +/* Matching actions in show-url-info */ +.transparent { width: 100%; margin: 0; } +.transparent th { display: block; box-sizing: border-box; text-align: left; padding: 2px 4px; border-radius: 4px; background-image: -webkit-linear-gradient(left, rgba(0,0,0,0.08), transparent 80%); background-image: linear-gradient(to right, rgba(0,0,0,0.08), transparent 80%); } /* Rgba is shared with h2 */ +.transparent td { margin: 4px; display: block; } +.transparent th a { display: none; position: relative; top: -1px; font-size: 0.75em; padding: 2px 5px 1px 3px; } /* Buttons 0.75 0.86 */ +.transparent tr:first-child a, .transparent tr:nth-last-child(2) a { display: inline-block; } /* Only show buttons for First/Last files */ + +footer { font-size: 0.8em; text-align: center; width: 87%; margin: 4px auto; } + +/* Specific Fixes */ +.alist br:first-child { display: none; } /* Final results is displayed in "pre format", so remove first BR */ +.filter a[href*="show-status"] { margin-left: 12px; } /* Margin for View/Edit on show-status */ + +/* Safari & iOS */ +@media screen and (min-color-index:0) and(-webkit-min-device-pixel-ratio:0) { @media { + ::-webkit-input-placeholder { position: relative; top: 3px; } + .transparent th a { padding: 2px 4px 1px 4px; } + a.safe { background-color: rgba(0,220,0,0.4); } + a.warn { background-color: rgba(220,0,0,0.4); } +}} + +@media only screen and (orientation:portrait) { + main { width: 100%; border-radius: 0; margin: 0; border-style: none; border-bottom-style: solid; } + header h1 { display: block; overflow: auto; -webkit-overflow-scrolling: touch; } + ::-webkit-input-placeholder { top: 2px; } +} + +@media only screen and (min-device-width : 320px) and (max-device-width : 667px) and (orientation : landscape) { + main { width: 100%; border-radius: 0; margin: 0; border-style: none; border-bottom-style: solid; } + h2 { padding-bottom: 2px; } /* Necessary for underline to show */ + main { font-size: 0.6em; } + ul li { font-size: 1.7em; } + ul li a { font-size: 0.6em; } + input[type='url'] { font-size: 1.85em; } + .buttons { font-size: 1.7em; } + .editactions { font-size: 1.3em; } + .request { font-size: 1.5em; } + .transparent th a { font-size: 1.35em; } + ::-webkit-input-placeholder { top: 2px; } +} \ No newline at end of file diff --git a/advanced/index.php b/advanced/index.php index 41142633..fe95782a 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -44,8 +44,8 @@ $piHoleVersion = exec('cd /etc/.pihole/ && git describe --tags --abbrev=0'); Website Blocked - - + + /admin/img/favicon.png' type='image/png'/> diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 8c7a6b1d..f48e78c8 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -842,6 +842,14 @@ installPiholeWeb() { echo " done!" fi + if [ -f "/var/www/html/pihole/index.css" ]; then + echo "::: Existing index.css detected, not overwriting" + else + echo -n "::: index.css missing, replacing... " + cp /etc/.pihole/advanced/index.css /var/www/html/pihole/ + echo " done!" + fi + else mkdir /var/www/html/pihole if [ -f /var/www/html/index.lighttpd.html ]; then From a866c4e388b060cdb8615afd4b57b81f0cf47665 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Mon, 5 Dec 2016 10:50:19 +0100 Subject: [PATCH 04/88] Place blockingpage.css (former index.css) unter admin/ so we can load it also from some blocked sub-directories --- advanced/{index.css => blockingpage.css} | 0 automated install/basic-install.sh | 6 +++--- 2 files changed, 3 insertions(+), 3 deletions(-) rename advanced/{index.css => blockingpage.css} (100%) diff --git a/advanced/index.css b/advanced/blockingpage.css similarity index 100% rename from advanced/index.css rename to advanced/blockingpage.css diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index f48e78c8..958b2d1d 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -842,11 +842,11 @@ installPiholeWeb() { echo " done!" fi - if [ -f "/var/www/html/pihole/index.css" ]; then - echo "::: Existing index.css detected, not overwriting" + if [ -f "/var/www/html/admin/blockingpage.css" ]; then + echo "::: Existing blockingpage.css detected, not overwriting" else echo -n "::: index.css missing, replacing... " - cp /etc/.pihole/advanced/index.css /var/www/html/pihole/ + cp /etc/.pihole/advanced/blockingpage.css /var/www/html/admin echo " done!" fi From 0f90671241c0ec097be0049989fca3a2dcbd7f10 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Mon, 5 Dec 2016 10:51:41 +0100 Subject: [PATCH 05/88] Updated index.php to use CSS file unter admin/ --- advanced/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/index.php b/advanced/index.php index fe95782a..d9755dc2 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -44,7 +44,7 @@ $piHoleVersion = exec('cd /etc/.pihole/ && git describe --tags --abbrev=0'); Website Blocked - + /admin/blockingpage.css'/> /admin/img/favicon.png' type='image/png'/> From 20370d4348fee31d249bca39cc882ddb41ebebba Mon Sep 17 00:00:00 2001 From: DL6ER Date: Mon, 5 Dec 2016 11:26:21 +0100 Subject: [PATCH 06/88] Update CSS file --- advanced/blockingpage.css | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/advanced/blockingpage.css b/advanced/blockingpage.css index b5fae08e..f4451f28 100644 --- a/advanced/blockingpage.css +++ b/advanced/blockingpage.css @@ -15,7 +15,7 @@ divs a { border-bottom: 1px dashed rgba(30,60,90,0.3); } b { font-weight: bold; } i { font-style: italic; } -footer, .pre, input[type='url'], input[type='text'], .alist, .transparent td { font-family: monospace; } +footer, pre, input[type='url'], input[type='text'], .alist, .transparent td { font-family: monospace; } body, header { background: #E1E1E1; } body { @@ -76,7 +76,7 @@ main { border: 1px solid rgba(0,0,0,0.25); box-shadow: 0 0 1px 1px rgba(0,0,0,0.04); line-height: 1.2em; - border-radius: 8px; + border-radius: 8px; } h2 { /* Rgba is shared with .transparent th */ @@ -138,7 +138,7 @@ input[type='url'], input[type='text'] { /* Swapped rgba is shared with .buttons box-sizing: border-box; background-image: -webkit-linear-gradient(top, rgba(0,0,0,0.05), rgba(255,255,255,0.05)); background-image: linear-gradient(to bottom, rgba(0,0,0,0.05), rgba(255,255,255,0.05)); -} +} input:focus { outline: none; @@ -184,7 +184,7 @@ footer { font-size: 0.8em; text-align: center; width: 87%; margin: 4px auto; } .filter a[href*="show-status"] { margin-left: 12px; } /* Margin for View/Edit on show-status */ /* Safari & iOS */ -@media screen and (min-color-index:0) and(-webkit-min-device-pixel-ratio:0) { @media { +@media screen and (min-color-index:0) and(-webkit-min-device-pixel-ratio:0) { @media { ::-webkit-input-placeholder { position: relative; top: 3px; } .transparent th a { padding: 2px 4px 1px 4px; } a.safe { background-color: rgba(0,220,0,0.4); } @@ -197,7 +197,7 @@ footer { font-size: 0.8em; text-align: center; width: 87%; margin: 4px auto; } ::-webkit-input-placeholder { top: 2px; } } -@media only screen and (min-device-width : 320px) and (max-device-width : 667px) and (orientation : landscape) { +@media only screen and (min-device-width : 320px) and (max-device-width : 667px) and (orientation : landscape) { main { width: 100%; border-radius: 0; margin: 0; border-style: none; border-bottom-style: solid; } h2 { padding-bottom: 2px; } /* Necessary for underline to show */ main { font-size: 0.6em; } @@ -209,4 +209,4 @@ footer { font-size: 0.8em; text-align: center; width: 87%; margin: 4px auto; } .request { font-size: 1.5em; } .transparent th a { font-size: 1.35em; } ::-webkit-input-placeholder { top: 2px; } -} \ No newline at end of file +} From fc233fcdd3d74129c02f24ca3295c583e811b0c6 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Mon, 5 Dec 2016 12:10:05 +0100 Subject: [PATCH 07/88] Fixed typo --- advanced/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/index.php b/advanced/index.php index d9755dc2..af44cd4f 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -56,7 +56,7 @@ $piHoleVersion = exec('cd /etc/.pihole/ && git describe --tags --abbrev=0');
Access to the following site has been blocked:
-
If you have an ongoing use for this website, please ask to owner of the Pi-Hole in your network to have it whitelisted.
+
If you have an ongoing use for this website, please ask the owner of the Pi-Hole in your network to have it whitelisted.
Back to safety
Generated by Pi-hole
From 3d6b22de6cfeac83ebf781dd5dd207b0852376df Mon Sep 17 00:00:00 2001 From: DL6ER Date: Mon, 5 Dec 2016 12:12:01 +0100 Subject: [PATCH 08/88] Update index.php to include more detailed output --- advanced/index.php | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/advanced/index.php b/advanced/index.php index af44cd4f..deb902bb 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -39,6 +39,12 @@ if (!$showPage) // Get Pi-Hole version $piHoleVersion = exec('cd /etc/.pihole/ && git describe --tags --abbrev=0'); +// Don't show the URI if it is the root directory +if($uri == "/") +{ + $uri = ""; +} + ?> @@ -57,8 +63,18 @@ $piHoleVersion = exec('cd /etc/.pihole/ && git describe --tags --abbrev=0');
Access to the following site has been blocked:
If you have an ongoing use for this website, please ask the owner of the Pi-Hole in your network to have it whitelisted.
+ + + + This page is blocked because it is explicitly contained within the following block list(s): +
Back to safety
Generated by Pi-hole
+ + + From 0d63cfd6c3ded71effe67475f56f3fc37273081e Mon Sep 17 00:00:00 2001 From: DL6ER Date: Mon, 5 Dec 2016 12:34:30 +0100 Subject: [PATCH 09/88] Add 1x1 pixel GIF image. Can apparently be used to trick some of the please-don't-use-adblocker pages as many of them contain code like `if ($('Ad').height() == 0) { prevent access to this page; }` --- advanced/index.php | 1 + 1 file changed, 1 insertion(+) diff --git a/advanced/index.php b/advanced/index.php index deb902bb..c51fd71c 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -30,6 +30,7 @@ if (!$showPage) + Date: Mon, 5 Dec 2016 14:39:07 +0100 Subject: [PATCH 10/88] Simplified CSS, removed external contents --- advanced/blockingpage.css | 101 +++++--------------------------------- advanced/index.php | 4 +- 2 files changed, 13 insertions(+), 92 deletions(-) diff --git a/advanced/blockingpage.css b/advanced/blockingpage.css index f4451f28..bb37939d 100644 --- a/advanced/blockingpage.css +++ b/advanced/blockingpage.css @@ -16,15 +16,14 @@ b { font-weight: bold; } i { font-style: italic; } footer, pre, input[type='url'], input[type='text'], .alist, .transparent td { font-family: monospace; } -body, header { background: #E1E1E1; } +/*body, header { background: #E1E1E1; }*/ body { - background-image: url('http://firebog.net/bg.png'), -webkit-linear-gradient(top, rgba(220,220,220,0.95), rgba(240,240,240,0.95)); - background-image: url('http://firebog.net/bg.png'), linear-gradient(to bottom, rgba(220,220,220,0.95), rgba(240,240,240,0.95)); + background-image: -webkit-linear-gradient(top, rgba(240,240,240,0.95), rgba(190,190,190,0.95)); + background-image: linear-gradient(to bottom, rgba(240,240,240,0.95), rgba(190,190,190,0.95)); background-attachment: fixed; color: rgba(64,64,64,0.95); - text-shadow: 0 1px rgba(0,0,0,0.04); - font: 14px Arial, sans-serif; + font: 14px, sans-serif; line-height: 1em; } @@ -53,11 +52,13 @@ header h1, header div { } header h1 { - font: bold 1.6em "Trebuchet MS", sans-serif; + font-size: 22px; + font-weight: bold; width: 100%; padding: 8px 0; text-indent: 32px; - background: url("http://firebog.net/PHV.svg") left no-repeat; + background: url("http://pi.hole/admin/img/logo.svg") left no-repeat; + background-size: 30px 22px; } header h1 a, h1 a:hover { color: inherit; } @@ -68,13 +69,13 @@ header .alt { width: 85px; font-size: 0.8em; padding-right: 4px; text-align: rig main { display: block; width: 80%; - padding: 8px; + padding: 10px; font-size: 1em; background-color: rgba(255,255,255,0.85); margin: 8px auto; box-sizing: border-box; border: 1px solid rgba(0,0,0,0.25); - box-shadow: 0 0 1px 1px rgba(0,0,0,0.04); + box-shadow: 4px 4px rgba(0,0,0,0.1); line-height: 1.2em; border-radius: 8px; } @@ -123,90 +124,10 @@ li a { position: relative; top: 1px; } /* Center bullet-point arrows */ a.safe { background-color: rgba(0,220,0,0.5); } a.warn { background-color: rgba(220,0,0,0.5); } -.blocked, .toggle, .sourcever, .mini, .addurl a, .editurl a { margin-top: 8px; } .blocked a, .mini a { display: table-cell; } .blocked a.safe { width: 100%; } -.ministatus { text-align: center; } - -input[type='url'], input[type='text'] { /* Swapped rgba is shared with .buttons a */ - font-size: 1.15em; - padding: 2px 4px; - text-align: left; - cursor: text; - width: 100%; - box-sizing: border-box; - background-image: -webkit-linear-gradient(top, rgba(0,0,0,0.05), rgba(255,255,255,0.05)); - background-image: linear-gradient(to bottom, rgba(0,0,0,0.05), rgba(255,255,255,0.05)); -} - -input:focus { - outline: none; - box-shadow: 0 0 0 2px rgba(0,128,240,0.4); - border-radius: 4px; -} - /* Types of text */ -.pre { white-space: pre; overflow: auto; -webkit-overflow-scrolling: touch; } -.msg { display: block; line-height: 1.2em; font-weight: bold; font-size: 1.15em; margin: 4px 8px 8px 8px; white-space: pre-line; } -.request, .finalresults, .sourcever, .invocation, .parameters, .transparent td, .actionfilecontent, .actionslist { font-size: 0.9em; line-height: 1.2em; } /* "Pre sized" */ - -.request, .finalresults, .parameters, .actionfilecontent, .actionslist { /* Dashed outline for excessive text */ - line-height: 1.2em; - padding: 4px; - border: 1px dashed rgba(0,0,0,0.25); - border-right: 0; - background-image: -webkit-linear-gradient(left, #FFF 70%, rgba(255,255,255,0)); - background-image: linear-gradient(to right, #FFF 70%, rgba(255,255,255,0)); - border-radius: 4px 0 0 4px; -} - -.parameters, .finalresults { /* Small scrollbox for excessive text */ - max-height: 116px; - overflow-y: scroll; - -webkit-overflow-scrolling: touch; -} - -.editactions { font-size: 0.8em; } -.actionslist { margin: 4px 0; } - -/* Matching actions in show-url-info */ -.transparent { width: 100%; margin: 0; } -.transparent th { display: block; box-sizing: border-box; text-align: left; padding: 2px 4px; border-radius: 4px; background-image: -webkit-linear-gradient(left, rgba(0,0,0,0.08), transparent 80%); background-image: linear-gradient(to right, rgba(0,0,0,0.08), transparent 80%); } /* Rgba is shared with h2 */ -.transparent td { margin: 4px; display: block; } -.transparent th a { display: none; position: relative; top: -1px; font-size: 0.75em; padding: 2px 5px 1px 3px; } /* Buttons 0.75 0.86 */ -.transparent tr:first-child a, .transparent tr:nth-last-child(2) a { display: inline-block; } /* Only show buttons for First/Last files */ +.msg { white-space: pre; overflow: auto; -webkit-overflow-scrolling: touch; display: block; line-height: 1.2em; font-weight: bold; font-size: 1.15em; margin: 4px 8px 8px 8px; white-space: pre-line; } footer { font-size: 0.8em; text-align: center; width: 87%; margin: 4px auto; } - -/* Specific Fixes */ -.alist br:first-child { display: none; } /* Final results is displayed in "pre format", so remove first BR */ -.filter a[href*="show-status"] { margin-left: 12px; } /* Margin for View/Edit on show-status */ - -/* Safari & iOS */ -@media screen and (min-color-index:0) and(-webkit-min-device-pixel-ratio:0) { @media { - ::-webkit-input-placeholder { position: relative; top: 3px; } - .transparent th a { padding: 2px 4px 1px 4px; } - a.safe { background-color: rgba(0,220,0,0.4); } - a.warn { background-color: rgba(220,0,0,0.4); } -}} - -@media only screen and (orientation:portrait) { - main { width: 100%; border-radius: 0; margin: 0; border-style: none; border-bottom-style: solid; } - header h1 { display: block; overflow: auto; -webkit-overflow-scrolling: touch; } - ::-webkit-input-placeholder { top: 2px; } -} - -@media only screen and (min-device-width : 320px) and (max-device-width : 667px) and (orientation : landscape) { - main { width: 100%; border-radius: 0; margin: 0; border-style: none; border-bottom-style: solid; } - h2 { padding-bottom: 2px; } /* Necessary for underline to show */ - main { font-size: 0.6em; } - ul li { font-size: 1.7em; } - ul li a { font-size: 0.6em; } - input[type='url'] { font-size: 1.85em; } - .buttons { font-size: 1.7em; } - .editactions { font-size: 1.3em; } - .request { font-size: 1.5em; } - .transparent th a { font-size: 1.35em; } - ::-webkit-input-placeholder { top: 2px; } -} diff --git a/advanced/index.php b/advanced/index.php index c51fd71c..7df55d78 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -68,8 +68,8 @@ if($uri == "/") This page is blocked because it is explicitly contained within the following block list(s): - -
Back to safety +
+
Go back
Generated by Pi-hole
From ca9321624c5187d23c3fe229d70cfb9e696e3663 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Mon, 5 Dec 2016 14:40:48 +0100 Subject: [PATCH 11/88] Added padding for ad list results --- advanced/blockingpage.css | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/blockingpage.css b/advanced/blockingpage.css index bb37939d..1fdb5f19 100644 --- a/advanced/blockingpage.css +++ b/advanced/blockingpage.css @@ -15,7 +15,7 @@ divs a { border-bottom: 1px dashed rgba(30,60,90,0.3); } b { font-weight: bold; } i { font-style: italic; } -footer, pre, input[type='url'], input[type='text'], .alist, .transparent td { font-family: monospace; } +footer, pre, td { font-family: monospace; padding-left: 15px; } /*body, header { background: #E1E1E1; }*/ body { From 5374f652dd5e44672593b6d83dd9b7dc7bfa95f2 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Tue, 6 Dec 2016 08:43:24 +0100 Subject: [PATCH 12/88] No need to modify lighttpd config file, since we overwrite it anyways --- automated install/basic-install.sh | 3 --- 1 file changed, 3 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 958b2d1d..f2e5a9d8 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -964,9 +964,6 @@ accountForRefactor() { sed -i 's/piholeDNS1/PIHOLE_DNS_1/g' ${setupVars} sed -i 's/piholeDNS2/PIHOLE_DNS_2/g' ${setupVars} - # Account for change in lighttpd config file - sed -i 's:pihole/index.html:pihole/index.php:' ${lighttpdConfig} - } updatePihole() { From 480211033d196e0d6322e69480a71c2a0535e920 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Tue, 6 Dec 2016 14:05:02 +0100 Subject: [PATCH 13/88] Detect if blocking page is loaded within frame or iframe. If so, hide everything --- advanced/index.php | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/advanced/index.php b/advanced/index.php index 7df55d78..b9c1f7a9 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -56,7 +56,7 @@ if($uri == "/") - +

Website Blocked

@@ -75,7 +75,25 @@ if($uri == "/") From 75deb0296178ed7dfc7c707938815b3a476b23af Mon Sep 17 00:00:00 2001 From: DL6ER Date: Tue, 6 Dec 2016 14:05:48 +0100 Subject: [PATCH 14/88] Don't query pihole if page is hidden anyhow --- advanced/index.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/advanced/index.php b/advanced/index.php index b9c1f7a9..6d48d723 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -91,8 +91,10 @@ if($uri == "/") // set white background document.body.style.backgroundImage = "none"; } - - $( "#btnSearch" ).click(); + else + { + $( "#btnSearch" ).click(); + } // } From 505c9e8979d95abb0cad1fddda500997f3379121 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Tue, 6 Dec 2016 14:08:45 +0100 Subject: [PATCH 15/88] Minor change --- advanced/index.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/advanced/index.php b/advanced/index.php index 6d48d723..9c7f938b 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -86,13 +86,15 @@ if($uri == "/") // Try to detect if page is loaded within iframe if(inIframe()) { - // Within iframe -> hide page + // Within iframe + // hide content of page $('#body').hide(); - // set white background + // remove background document.body.style.backgroundImage = "none"; } else { + // Query adlists $( "#btnSearch" ).click(); } // } From 3c4a9bba78d4ae078feb6b0ae5e89589c5704250 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Thu, 15 Dec 2016 10:38:24 +0100 Subject: [PATCH 16/88] Minor change --- advanced/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/index.php b/advanced/index.php index 9c7f938b..46073867 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -63,7 +63,7 @@ if($uri == "/")
Access to the following site has been blocked:
-
If you have an ongoing use for this website, please ask the owner of the Pi-Hole in your network to have it whitelisted.
+
If you have an ongoing use for this website, please ask the owner of the Pi-hole in your network to have it whitelisted.
From 7a243f890eaf8939ac9b73bf3ae823ba0167d772 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Fri, 16 Dec 2016 17:33:01 +0100 Subject: [PATCH 17/88] Backend for privacyMode on webUI --- advanced/Scripts/webpage.sh | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index d07e5c94..135861df 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -212,6 +212,19 @@ SetDNSDomainName(){ } +SetPrivacyMode(){ + + # Remove setting from file (create backup setupVars.conf.bak) + sed -i.bak '/API_PRIVACY_MODE/d' /etc/pihole/setupVars.conf + # Save setting to file + if [[ "${args[2]}" == "true" ]] ; then + echo "API_PRIVACY_MODE=true" >> /etc/pihole/setupVars.conf + else + echo "API_PRIVACY_MODE=false" >> /etc/pihole/setupVars.conf + fi + +} + case "${args[1]}" in "-p" | "password" ) SetWebPassword;; "-c" | "celsius" ) unit="C"; SetTemperatureUnit;; @@ -227,6 +240,7 @@ case "${args[1]}" in "layout" ) SetWebUILayout;; "-h" | "--help" ) helpFunc;; "domainname" ) SetDNSDomainName;; + "privacymode" ) SetPrivacyMode;; * ) helpFunc;; esac From 2335097c99432d874899426444f106cc2832f1e6 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Wed, 21 Dec 2016 22:20:23 -0800 Subject: [PATCH 18/88] Find which packages already exist and only install new packages. Set up for unintall to know what packages we installed for later removal. Signed-off-by: Dan Schaper --- automated install/basic-install.sh | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 3dacdfff..eb897319 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -97,8 +97,9 @@ if [[ $(command -v apt-get) ]]; then LIGHTTPD_CFG="lighttpd.conf.debian" DNSMASQ_USER="dnsmasq" - package_check_install() { - dpkg-query -W -f='${Status}' "${1}" 2>/dev/null | grep -c "ok installed" || ${PKG_INSTALL} "${1}" + package_check() { + dpkg-query -W -f='${Status}' "${1}" 2>/dev/null | grep "ok installed" + return } elif [ $(command -v rpm) ]; then # Fedora Family @@ -738,15 +739,24 @@ install_dependent_packages() { # Install packages passed in via argument array # No spinner - conflicts with set -e declare -a argArray1=("${!1}") + declare -a installArray + # Debian based package install - debconf will download the entire package list + # so we just create an array of packages not currently installed to cut down on the + # amount of download traffic. + # NOTE: We may be able to use this installArray in the future to create a list of package that were + # installed by us, and remove only the installed packages, and not the entire list. if command -v debconf-apt-progress &> /dev/null; then - debconf-apt-progress -- ${PKG_INSTALL} "${argArray1[@]}" - else for i in "${argArray1[@]}"; do echo -n "::: Checking for $i..." - package_check_install "${i}" &> /dev/null - echo " installed!" + if package_check "${i}" &> /dev/null; then + echo " installed!" + else + echo " added to install list!" + installArray+=("${i}") + fi done + debconf-apt-progress -- ${PKG_INSTALL} "${installArray[@]}" fi } From 07a4f970d4abb3b7378d4f797695ab2efd079bee Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Wed, 21 Dec 2016 22:57:42 -0800 Subject: [PATCH 19/88] Check for installation status within the parent function. Signed-off-by: Dan Schaper --- automated install/basic-install.sh | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index eb897319..d47034c2 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -97,10 +97,6 @@ if [[ $(command -v apt-get) ]]; then LIGHTTPD_CFG="lighttpd.conf.debian" DNSMASQ_USER="dnsmasq" - package_check() { - dpkg-query -W -f='${Status}' "${1}" 2>/dev/null | grep "ok installed" - return - } elif [ $(command -v rpm) ]; then # Fedora Family if [ $(command -v dnf) ]; then @@ -116,8 +112,7 @@ elif [ $(command -v rpm) ]; then PIHOLE_DEPS=(bc bind-utils cronie curl dnsmasq epel-release findutils lighttpd lighttpd-fastcgi nmap-ncat php php-common php-cli sudo unzip wget) if grep -q 'Fedora' /etc/redhat-release; then - remove_deps=(epel-release); - PIHOLE_DEPS=( ${PIHOLE_DEPS[@]/$remove_deps} ); + PIHOLE_DEPS=(${PIHOLE_DEPS#epel-release}); fi LIGHTTPD_USER="lighttpd" LIGHTTPD_GROUP="lighttpd" @@ -749,7 +744,7 @@ install_dependent_packages() { if command -v debconf-apt-progress &> /dev/null; then for i in "${argArray1[@]}"; do echo -n "::: Checking for $i..." - if package_check "${i}" &> /dev/null; then + if dpkg-query -W -f='${Status}' "${i}" 2>/dev/null | grep "ok installed" &> /dev/null; then echo " installed!" else echo " added to install list!" From fb5578c0d41c5668e28009138f811db335f1cf54 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Wed, 21 Dec 2016 23:38:31 -0800 Subject: [PATCH 20/88] Fedora dependency installer overhaul Signed-off-by: Dan Schaper Modify Fedora dependency installer Signed-off-by: Dan Schaper Fedora now installs and arrays only non-installed packages. Fedora also noops the cache update, since it updates at every dnf call anyays. Signed-off-by: Dan Schaper --- automated install/basic-install.sh | 33 +++++++++++++++++++++--------- 1 file changed, 23 insertions(+), 10 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index d47034c2..8f58fa7b 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -105,23 +105,22 @@ elif [ $(command -v rpm) ]; then PKG_MANAGER="yum" fi PKG_CACHE="/var/cache/${PKG_MANAGER}" - UPDATE_PKG_CACHE="${PKG_MANAGER} check-update" + #Every yum/dnf call will autmomatically update the cache. No-op here, cach updates when + #We get available package count. + #Also a bare `dnf check-update will return 100 as a retval, blows up set -e + UPDATE_PKG_CACHE=":" PKG_INSTALL="${PKG_MANAGER} install -y" PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l" INSTALLER_DEPS=(git iproute net-tools newt procps-ng) - PIHOLE_DEPS=(bc bind-utils cronie curl dnsmasq epel-release findutils lighttpd lighttpd-fastcgi nmap-ncat php php-common php-cli sudo unzip wget) + PIHOLE_DEPS=(bc bind-utils cronie curl dnsmasq findutils lighttpd lighttpd-fastcgi nmap-ncat php php-common php-cli sudo unzip wget) - if grep -q 'Fedora' /etc/redhat-release; then - PIHOLE_DEPS=(${PIHOLE_DEPS#epel-release}); + if ! grep -q 'Fedora' /etc/redhat-release; then + PIHOLE_DEPS=("${PIHOLE_DEPS[@]}" "epel-release"); fi LIGHTTPD_USER="lighttpd" LIGHTTPD_GROUP="lighttpd" LIGHTTPD_CFG="lighttpd.conf.fedora" DNSMASQ_USER="nobody" - - package_check_install() { - rpm -qa | grep ^"${1}"- > /dev/null || ${PKG_INSTALL} "${1}" - } else echo "OS distribution not supported" exit @@ -708,7 +707,7 @@ update_pacakge_cache() { #update package lists echo ":::" echo -n "::: ${PKG_MANAGER} update has not been run today. Running now..." - ${UPDATE_PKG_CACHE} &> /dev/null + ${UPDATE_PKG_CACHE} echo " done!" fi } @@ -751,8 +750,22 @@ install_dependent_packages() { installArray+=("${i}") fi done - debconf-apt-progress -- ${PKG_INSTALL} "${installArray[@]}" + debconf-apt-progress -- ${PKG_INSTALL} "${installArray[@]}" + return 0 fi + + #Fedora + for i in "${argArray1[@]}"; do + echo -n "::: Checking for $i..." + if dnf -q list installed "${i}" &> /dev/null; then + echo " installed!" + else + echo " added to install list!" + installArray+=("${i}") + fi + done + ${PKG_INSTALL} "${installArray[@]}" + return 0 } CreateLogFile() { From 9073f34b30a7b119e91a188a6058371ee25a0bb6 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Thu, 22 Dec 2016 00:44:10 -0800 Subject: [PATCH 21/88] Quiet DNF Signed-off-by: Dan Schaper --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 8f58fa7b..e5cf3f81 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -764,7 +764,7 @@ install_dependent_packages() { installArray+=("${i}") fi done - ${PKG_INSTALL} "${installArray[@]}" + ${PKG_INSTALL} "${installArray[@]}" &> /dev/null return 0 } From ab7d193f9881cf4e18e73177c7fe70e4ed5a88b1 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Thu, 22 Dec 2016 03:21:37 -0800 Subject: [PATCH 22/88] Still causing problems with Fedora and CentOS Signed-off-by: Dan Schaper --- automated install/basic-install.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index e5cf3f81..4da72c62 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -754,10 +754,10 @@ install_dependent_packages() { return 0 fi - #Fedora + #Fedora/CentOS for i in "${argArray1[@]}"; do echo -n "::: Checking for $i..." - if dnf -q list installed "${i}" &> /dev/null; then + if ${PKG_MANAGER} -q list installed "${i}" &> /dev/null; then echo " installed!" else echo " added to install list!" @@ -938,7 +938,7 @@ configureSelinux() { if [ -x "$(command -v getenforce)" ]; then printf "\n::: SELinux Detected\n" printf ":::\tChecking for SELinux policy development packages..." - package_check_install "selinux-policy-devel" > /dev/null + install_dependent_packages "selinux-policy-devel" > /dev/null echo " installed!" printf ":::\tEnabling httpd server side includes (SSI).. " setsebool -P httpd_ssi_exec on &> /dev/null && echo "Success" || echo "SELinux not enabled" @@ -1140,4 +1140,4 @@ main() { if [[ "${PH_TEST}" != true ]] ; then main "$@" -fi +fi \ No newline at end of file From bc8cf1b2d8d2a4edd8500e57ef597e3c9dec3a94 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Thu, 22 Dec 2016 19:23:06 +0100 Subject: [PATCH 23/88] Fixed wrong indentation --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index ab2bc464..14bf10f7 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -799,7 +799,7 @@ installPiholeWeb() { mkdir /var/www/html/pihole if [ -f /var/www/html/index.lighttpd.html ]; then mv /var/www/html/index.lighttpd.html /var/www/html/index.lighttpd.orig - else + else printf "\n:::\tNo default index.lighttpd.html file found... not backing up" fi cp /etc/.pihole/advanced/index.* /var/www/html/pihole/. From 2919f852adf320ab3a20991a1dbaa02c62d59c2c Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Fri, 23 Dec 2016 16:30:26 -0800 Subject: [PATCH 24/88] Import `checkSelinux` from master Signed-off-by: Dan Schaper --- automated install/basic-install.sh | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 9379a5c2..659fa08f 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -952,17 +952,22 @@ updatePihole() { runGravity } -configureSelinux() { +checkSelinux() { if [ -x "$(command -v getenforce)" ]; then - printf "\n::: SELinux Detected\n" - printf ":::\tChecking for SELinux policy development packages..." - package_check_install "selinux-policy-devel" > /dev/null - echo " installed!" - printf ":::\tEnabling httpd server side includes (SSI).. " - setsebool -P httpd_ssi_exec on &> /dev/null && echo "Success" || echo "SELinux not enabled" - printf "\n:::\tCompiling Pi-Hole SELinux policy..\n" - if ! [ -x "$(command -v systemctl)" ]; then - sed -i.bak '/systemd/d' /etc/.pihole/advanced/selinux/pihole.te + echo ":::" + echo -n "::: SELinux Support Detected... Mode: " + enforceMode=$(getenforce) + echo "${enforceMode}" + if [[ "${enforceMode}" == "Enforcing" ]]; then + if (whiptail --title "SELinux Enforcing Detected" --yesno "SELinux is being Enforced on your system!\n\nPi-hole currently does not support SELinux, but you may still continue with the installation.\n\nNote: Admin UI Will not function fully without setting your policies correctly\n\nContinue installing Pi-hole?" ${r} ${c}); then + echo ":::" + echo "::: Continuing installation with SELinux Enforcing." + echo "::: Please refer to official SELinux documentation to create a custom policy." + else + echo ":::" + echo "::: Not continuing install after SELinux Enforcing detected." + exit 1 + fi fi fi } From 0276c72fe2bf9ed80cfbe923437d3f282c310bb4 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 24 Dec 2016 15:05:57 +0100 Subject: [PATCH 25/88] replace 'git -C' with long version (see #1009) --- advanced/Scripts/update.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) mode change 100644 => 100755 advanced/Scripts/update.sh diff --git a/advanced/Scripts/update.sh b/advanced/Scripts/update.sh old mode 100644 new mode 100755 index 10728cd8..929d8a25 --- a/advanced/Scripts/update.sh +++ b/advanced/Scripts/update.sh @@ -23,8 +23,8 @@ is_repo() { # Use git to check if directory is currently under VCS, return the value local directory="${1}" - git -C "${directory}" status --short &> /dev/null - return + curdir=$PWD; cd $directory; git status --short &> /dev/null; rc=$?; cd $curdir + return $rc } prep_repo() { From b020010f0daa191b419ae4765c03be851dd017f4 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 24 Dec 2016 15:08:30 +0100 Subject: [PATCH 26/88] Removed some of the &> /dev/null --- advanced/Scripts/update.sh | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/advanced/Scripts/update.sh b/advanced/Scripts/update.sh index 929d8a25..e5fd1526 100755 --- a/advanced/Scripts/update.sh +++ b/advanced/Scripts/update.sh @@ -40,22 +40,19 @@ make_repo() { local remoteRepo="${2}" local directory="${1}" - (prep_repo "${directory}" && git clone -q --depth 1 "${remoteRepo}" "${directory}" > /dev/null) + (prep_repo "${directory}" && git clone -q --depth 1 "${remoteRepo}" "${directory}") return } update_repo() { local directory="${1}" - local retVal=0 # Pull the latest commits - # Stash all files not tracked for later retrieval - git -C "${directory}" stash --all --quiet &> /dev/null || ${retVal}=1 + git -C "${directory}" stash --all --quiet # Force a clean working directory for cloning - git -C "${directory}" clean --force -d &> /dev/null || ${retVal}=1 + git -C "${directory}" clean --force -d # Fetch latest changes and apply - git -C "${directory}" pull --quiet &> /dev/null || ${retVal}=1 - return ${retVal} + git -C "${directory}" pull --quiet } getGitFiles() { From c449a1c0e0db0e4d630285fc77e126815fded680 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 24 Dec 2016 15:19:39 +0100 Subject: [PATCH 27/88] Added GitCheckUpdateAvail() --- advanced/Scripts/update.sh | 39 +++++++++++++++++++++++++++----------- 1 file changed, 28 insertions(+), 11 deletions(-) diff --git a/advanced/Scripts/update.sh b/advanced/Scripts/update.sh index e5fd1526..8b289227 100755 --- a/advanced/Scripts/update.sh +++ b/advanced/Scripts/update.sh @@ -23,7 +23,11 @@ is_repo() { # Use git to check if directory is currently under VCS, return the value local directory="${1}" - curdir=$PWD; cd $directory; git status --short &> /dev/null; rc=$?; cd $curdir + curdir=$PWD; + cd $directory; + git status --short &> /dev/null; + rc=$?; + cd $curdir return $rc } @@ -73,29 +77,42 @@ getGitFiles() { fi } +GitCheckUpdateAvail() { + local directory="${1}" + curdir=$PWD; + cd "${directory}" + + # Fetch latest changes in this repo + git fetch origin + status="$(git status -sb)" + + cd "${curdir}" + + if [[ $status == *"behind"* ]]; then + # Local branch is behind remote branch -> Update + return 1 + else + # Local branch is up-to-date + return 0 + fi +} + main() { local pihole_version_current local pihole_version_latest local web_version_current local web_version_latest - if ! is_repo "${PI_HOLE_FILES_DIR}" || ! is_repo "${ADMIN_INTERFACE_DIR}" ; then #This is unlikely + #This is unlikely + if ! is_repo "${PI_HOLE_FILES_DIR}" || ! is_repo "${ADMIN_INTERFACE_DIR}" ; then echo "::: Critical Error: One or more Pi-Hole repos are missing from system!" echo "::: Please re-run install script from https://github.com/pi-hole/pi-hole" exit 1; fi echo "::: Checking for updates..." - # Checks Pi-hole version string in format vX.X.X - pihole_version_current="$(/usr/local/bin/pihole version --pihole --current)" - pihole_version_latest="$(/usr/local/bin/pihole version --pihole --latest)" - web_version_current="$(/usr/local/bin/pihole version --admin --current)" - web_version_latest="$(/usr/local/bin/pihole version --admin --latest)" - if [[ "${pihole_version_latest}" == "-1" || "${web_version_latest}" == "-1" ]]; then - echo "*** Unable to contact GitHub for latest version. Please try again later, contact support if this continues." - exit 1 - fi + # Logic # If latest versions are blank - we've probably hit Github rate limit (stop running `pihole -up so often!): From 65c35a5530468c604ea9f212aa928fb96fb8e935 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 24 Dec 2016 15:32:25 +0100 Subject: [PATCH 28/88] Use new subroutine to determine if updates are available --- advanced/Scripts/update.sh | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/advanced/Scripts/update.sh b/advanced/Scripts/update.sh index 8b289227..14ca74de 100755 --- a/advanced/Scripts/update.sh +++ b/advanced/Scripts/update.sh @@ -86,14 +86,17 @@ GitCheckUpdateAvail() { git fetch origin status="$(git status -sb)" + # Change back to original directory cd "${curdir}" if [[ $status == *"behind"* ]]; then # Local branch is behind remote branch -> Update - return 1 - else - # Local branch is up-to-date return 0 + else + # Local branch is up-to-date or in a situation + # where this updater cannot be used (like on a + # branch that exists only locally) + return 1 fi } @@ -112,7 +115,18 @@ main() { echo "::: Checking for updates..." + if GitCheckUpdateAvail "${PI_HOLE_FILES_DIR}" ; then + core_update=true + echo "Pi-hole Core update available" + fi + if GitCheckUpdateAvail "${ADMIN_INTERFACE_DIR}" ; then + web_update=true + echo "Web Interface update available" + fi + + + exit # Logic # If latest versions are blank - we've probably hit Github rate limit (stop running `pihole -up so often!): From 4632b0f797e3cab7d24ce62e07bdf202e3e25cca Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 24 Dec 2016 15:40:31 +0100 Subject: [PATCH 29/88] Updated updater logic --- advanced/Scripts/update.sh | 37 ++++++++++++++++--------------------- 1 file changed, 16 insertions(+), 21 deletions(-) diff --git a/advanced/Scripts/update.sh b/advanced/Scripts/update.sh index 14ca74de..3cbc1d65 100755 --- a/advanced/Scripts/update.sh +++ b/advanced/Scripts/update.sh @@ -117,20 +117,21 @@ main() { if GitCheckUpdateAvail "${PI_HOLE_FILES_DIR}" ; then core_update=true - echo "Pi-hole Core update available" + echo "::: Pi-hole Core: update available" + else + core_update=false + echo "::: Pi-hole Core: up to date" fi if GitCheckUpdateAvail "${ADMIN_INTERFACE_DIR}" ; then web_update=true - echo "Web Interface update available" + echo "::: Web Interface: update available" + else + web_update=false + echo "::: Web Interface: up to date" fi - - exit - # Logic - # If latest versions are blank - we've probably hit Github rate limit (stop running `pihole -up so often!): - # Update anyway # If Core up to date AND web up to date: # Do nothing # If Core up to date AND web NOT up to date: @@ -140,46 +141,40 @@ main() { # if Core NOT up to date AND web NOT up to date: # pull pihole repo run install --unattended - if [[ "${pihole_version_current}" == "${pihole_version_latest}" ]] && [[ "${web_version_current}" == "${web_version_latest}" ]]; then - echo ":::" - echo "::: Pi-hole version is $pihole_version_current" - echo "::: Web Admin version is $web_version_current" + if ! ${core_update} && ! ${web_update} ; then echo ":::" echo "::: Everything is up to date!" exit 0 - elif [[ "${pihole_version_current}" == "${pihole_version_latest}" ]] && [[ "${web_version_current}" < "${web_version_latest}" ]]; then + elif ! ${core_update} && ${web_update} ; then echo ":::" echo "::: Pi-hole Web Admin files out of date" getGitFiles "${ADMIN_INTERFACE_DIR}" "${ADMIN_INTERFACE_GIT_URL}" - web_updated=true - - elif [[ "${pihole_version_current}" < "${pihole_version_latest}" ]] && [[ "${web_version_current}" == "${web_version_latest}" ]]; then + elif ${core_update} && ! ${web_update} ; then + echo ":::" echo "::: Pi-hole core files out of date" getGitFiles "${PI_HOLE_FILES_DIR}" "${PI_HOLE_GIT_URL}" /etc/.pihole/automated\ install/basic-install.sh --reconfigure --unattended || echo "Unable to complete update, contact Pi-hole" && exit 1 - core_updated=true - elif [[ "${pihole_version_current}" < "${pihole_version_latest}" ]] && [[ "${web_version_current}" < "${web_version_latest}" ]]; then + elif ${core_update} && ${web_update} ; then + echo ":::" echo "::: Updating Everything" getGitFiles "${PI_HOLE_FILES_DIR}" "${PI_HOLE_GIT_URL}" /etc/.pihole/automated\ install/basic-install.sh --unattended || echo "Unable to complete update, contact Pi-hole" && exit 1 - web_updated=true - core_updated=true else echo "*** Update script has malfunctioned, fallthrough reached. Please contact support" exit 1 fi - if [[ "${web_updated}" == true ]]; then + if [[ "${web_update}" == true ]]; then web_version_current="$(/usr/local/bin/pihole version --admin --current)" echo ":::" echo "::: Web Admin version is now at ${web_version_current}" echo "::: If you had made any changes in '/var/www/html/admin/', they have been stashed using 'git stash'" fi - if [[ "${core_updated}" == true ]]; then + if [[ "${core_update}" == true ]]; then pihole_version_current="$(/usr/local/bin/pihole version --pihole --current)" echo ":::" echo "::: Pi-hole version is now at ${pihole_version_current}" From 15db1ffdd51760ab44f5a52faefd301ef42fd53c Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 24 Dec 2016 15:48:43 +0100 Subject: [PATCH 30/88] Remove variables not needed any more --- advanced/Scripts/update.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/advanced/Scripts/update.sh b/advanced/Scripts/update.sh index 3cbc1d65..bd8d6b26 100755 --- a/advanced/Scripts/update.sh +++ b/advanced/Scripts/update.sh @@ -102,9 +102,7 @@ GitCheckUpdateAvail() { main() { local pihole_version_current - local pihole_version_latest local web_version_current - local web_version_latest #This is unlikely if ! is_repo "${PI_HOLE_FILES_DIR}" || ! is_repo "${ADMIN_INTERFACE_DIR}" ; then From e647efd47174ee474224d400f7c27d842726b73c Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Sat, 24 Dec 2016 11:24:20 -0800 Subject: [PATCH 31/88] Shell script, not javascript Signed-off-by: Dan Schaper --- advanced/Scripts/update.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/advanced/Scripts/update.sh b/advanced/Scripts/update.sh index bd8d6b26..ae73caa4 100755 --- a/advanced/Scripts/update.sh +++ b/advanced/Scripts/update.sh @@ -23,10 +23,10 @@ is_repo() { # Use git to check if directory is currently under VCS, return the value local directory="${1}" - curdir=$PWD; - cd $directory; - git status --short &> /dev/null; - rc=$?; + curdir=$PWD + cd $directory + git status --short &> /dev/null + rc=$? cd $curdir return $rc } From 68c17b26dca9bc3afc3255652bc050ce82146838 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Sat, 24 Dec 2016 11:41:42 -0800 Subject: [PATCH 32/88] Bashisms Signed-off-by: Dan Schaper --- advanced/Scripts/update.sh | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/advanced/Scripts/update.sh b/advanced/Scripts/update.sh index ae73caa4..43210a28 100755 --- a/advanced/Scripts/update.sh +++ b/advanced/Scripts/update.sh @@ -22,13 +22,15 @@ readonly PI_HOLE_FILES_DIR="/etc/.pihole" is_repo() { # Use git to check if directory is currently under VCS, return the value local directory="${1}" + local curdir + local rc - curdir=$PWD - cd $directory + curdir="${PWD}" + cd "${directory}" || { echo "Unable to change to ${directory}, exiting."; exit 1; } git status --short &> /dev/null rc=$? - cd $curdir - return $rc + cd "${curdir}" || { echo "Unable to change to ${curdir}, exiting."; exit 1; } + return "${rc}" } prep_repo() { From 3365ef7aaa60595039d85db2ee40e3e9e4b9c535 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Sat, 24 Dec 2016 11:54:04 -0800 Subject: [PATCH 33/88] `is_repo()` returns values to caller, silence function. Signed-off-by: Dan Schaper --- advanced/Scripts/update.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/advanced/Scripts/update.sh b/advanced/Scripts/update.sh index 43210a28..9f9ea320 100755 --- a/advanced/Scripts/update.sh +++ b/advanced/Scripts/update.sh @@ -26,10 +26,10 @@ is_repo() { local rc curdir="${PWD}" - cd "${directory}" || { echo "Unable to change to ${directory}, exiting."; exit 1; } + cd "${directory}" &> /dev/null || return 1 git status --short &> /dev/null rc=$? - cd "${curdir}" || { echo "Unable to change to ${curdir}, exiting."; exit 1; } + cd "${curdir}" &> /dev/null || return 1 return "${rc}" } From c2b8bed3a889f81d2b40e07f189652eaf7ad4f47 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Sat, 24 Dec 2016 14:43:57 -0800 Subject: [PATCH 34/88] Get the IP address that is the source for the default route out. Fixes interfaces with multiple IP's assigned getting the wrong IPv4 chosen. Signed-off-by: Dan Schaper --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 0a56b06e..bbebe2f0 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -182,7 +182,7 @@ getGitFiles() { find_IPv4_information() { # Find IP used to route to outside world IPv4dev=$(ip route get 8.8.8.8 | awk '{for(i=1;i<=NF;i++)if($i~/dev/)print $(i+1)}') - IPV4_ADDRESS=$(ip -o -f inet addr show dev "$IPv4dev" | awk '{print $4}' | awk 'END {print}') + IPV4_ADDRESS=$(ip route get 8.8.8.8| awk '{print $7}') IPv4gw=$(ip route get 8.8.8.8 | awk '{print $3}') } From 1d608b204a75dd9b59a9fac6789b7b96ef62c27e Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Sat, 24 Dec 2016 14:50:50 -0800 Subject: [PATCH 35/88] Only allow UP interfaces to be selected. (DOWN interfaces would have not given IP addresses anyways.) Signed-off-by: Dan Schaper --- automated install/basic-install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index bbebe2f0..ab14f519 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -187,8 +187,8 @@ find_IPv4_information() { } get_available_interfaces() { - # Get available interfaces. Consider only getting UP interfaces in the future, and leaving DOWN interfaces out of list. - availableInterfaces=$(ip -o link | awk '{print $2}' | grep -v "lo" | cut -d':' -f1 | cut -d'@' -f1) + # Get available UP interfaces. + availableInterfaces=$(ip -o link | grep "state UP" | awk '{print $2}' | cut -d':' -f1 | cut -d'@' -f1) } welcomeDialogs() { From 6ff79835da7ef3c565f159e877b83ca37648c476 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Sat, 24 Dec 2016 15:08:39 -0800 Subject: [PATCH 36/88] If only one interface available, don't show whiptail, just use that interface. Signed-off-by: Dan Schaper --- automated install/basic-install.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index ab14f519..47c4925c 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -247,6 +247,11 @@ chooseInterface() { # Loop sentinel variable local firstLoop=1 + if [[ $(echo ${availableInterfaces} | wc -l) -eq 1 ]]; then + PIHOLE_INTERFACE=${availableInterfaces} + return + fi + while read -r line; do mode="OFF" if [[ ${firstLoop} -eq 1 ]]; then From da413834762775e48e20d0f7574a6976a878adc4 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Sat, 24 Dec 2016 15:26:05 -0800 Subject: [PATCH 37/88] Check IPv6 to see if the route is reachable, if not, don't use. Signed-off-by: Dan Schaper --- automated install/basic-install.sh | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 0a56b06e..2be4198c 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -273,8 +273,11 @@ chooseInterface() { useIPv6dialog() { # Show the IPv6 address used for blocking - IPV6_ADDRESS=$(ip -6 route get 2001:4860:4860::8888 | awk -F " " '{ for(i=1;i<=NF;i++) if ($i == "src") print $(i+1) }') - whiptail --msgbox --backtitle "IPv6..." --title "IPv6 Supported" "$IPV6_ADDRESS will be used to block ads." ${r} ${c} + IPV6_ADDRESS=$(ip -6 route get 2001:4860:4860::8888 | grep -v "unreachable" | awk -F " " '{ for(i=1;i<=NF;i++) if ($i == "src") print $(i+1) }') + + if [[ ! -z "${IPV6_ADDRESS}" ]]; then + whiptail --msgbox --backtitle "IPv6..." --title "IPv6 Supported" "$IPV6_ADDRESS will be used to block ads." ${r} ${c} + fi } From 5e28e6b9ac66f85f1310b582755eb3ba51973a92 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sun, 25 Dec 2016 01:17:46 +0100 Subject: [PATCH 38/88] Removed remaining git -C --- advanced/Scripts/update.sh | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/advanced/Scripts/update.sh b/advanced/Scripts/update.sh index 9f9ea320..2abbca22 100755 --- a/advanced/Scripts/update.sh +++ b/advanced/Scripts/update.sh @@ -52,13 +52,18 @@ make_repo() { update_repo() { local directory="${1}" + local curdir + + curdir="${PWD}" + cd "${directory}" &> /dev/null || return 1 # Pull the latest commits # Stash all files not tracked for later retrieval - git -C "${directory}" stash --all --quiet + git stash --all --quiet # Force a clean working directory for cloning - git -C "${directory}" clean --force -d + git clean --force -d # Fetch latest changes and apply - git -C "${directory}" pull --quiet + git pull --quiet + cd "${curdir}" &> /dev/null || return 1 } getGitFiles() { From e15548cbf5b792ea13cfb7db3aaf62fb28b62fa4 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sun, 25 Dec 2016 01:18:58 +0100 Subject: [PATCH 39/88] Add --quiet to git fetch in GitCheckUpdateAvail() --- advanced/Scripts/update.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/update.sh b/advanced/Scripts/update.sh index 2abbca22..a2a5e8dc 100755 --- a/advanced/Scripts/update.sh +++ b/advanced/Scripts/update.sh @@ -90,7 +90,7 @@ GitCheckUpdateAvail() { cd "${directory}" # Fetch latest changes in this repo - git fetch origin + git fetch --quiet origin status="$(git status -sb)" # Change back to original directory From d5ed6c190108aac70108dae9e388fc6b343d3edf Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Wed, 21 Dec 2016 22:20:23 -0800 Subject: [PATCH 40/88] Find which packages already exist and only install new packages. Set up for unintall to know what packages we installed for later removal. Signed-off-by: Dan Schaper --- automated install/basic-install.sh | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 0a56b06e..9e6383ee 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -97,8 +97,9 @@ if [[ $(command -v apt-get) ]]; then LIGHTTPD_CFG="lighttpd.conf.debian" DNSMASQ_USER="dnsmasq" - package_check_install() { - dpkg-query -W -f='${Status}' "${1}" 2>/dev/null | grep -c "ok installed" || ${PKG_INSTALL} "${1}" + package_check() { + dpkg-query -W -f='${Status}' "${1}" 2>/dev/null | grep "ok installed" + return } elif [ $(command -v rpm) ]; then # Fedora Family @@ -745,15 +746,24 @@ install_dependent_packages() { # Install packages passed in via argument array # No spinner - conflicts with set -e declare -a argArray1=("${!1}") + declare -a installArray + # Debian based package install - debconf will download the entire package list + # so we just create an array of packages not currently installed to cut down on the + # amount of download traffic. + # NOTE: We may be able to use this installArray in the future to create a list of package that were + # installed by us, and remove only the installed packages, and not the entire list. if command -v debconf-apt-progress &> /dev/null; then - debconf-apt-progress -- ${PKG_INSTALL} "${argArray1[@]}" - else for i in "${argArray1[@]}"; do echo -n "::: Checking for $i..." - package_check_install "${i}" &> /dev/null - echo " installed!" + if package_check "${i}" &> /dev/null; then + echo " installed!" + else + echo " added to install list!" + installArray+=("${i}") + fi done + debconf-apt-progress -- ${PKG_INSTALL} "${installArray[@]}" fi } From 852341c601fba5571246f03d7b36de185d7a4c1b Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Wed, 21 Dec 2016 22:57:42 -0800 Subject: [PATCH 41/88] Check for installation status within the parent function. Signed-off-by: Dan Schaper --- automated install/basic-install.sh | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 9e6383ee..cc7d04dd 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -97,10 +97,6 @@ if [[ $(command -v apt-get) ]]; then LIGHTTPD_CFG="lighttpd.conf.debian" DNSMASQ_USER="dnsmasq" - package_check() { - dpkg-query -W -f='${Status}' "${1}" 2>/dev/null | grep "ok installed" - return - } elif [ $(command -v rpm) ]; then # Fedora Family if [ $(command -v dnf) ]; then @@ -116,8 +112,7 @@ elif [ $(command -v rpm) ]; then PIHOLE_DEPS=(bc bind-utils cronie curl dnsmasq epel-release findutils lighttpd lighttpd-fastcgi nmap-ncat php php-common php-cli sudo unzip wget) if grep -q 'Fedora' /etc/redhat-release; then - remove_deps=(epel-release); - PIHOLE_DEPS=( ${PIHOLE_DEPS[@]/$remove_deps} ); + PIHOLE_DEPS=(${PIHOLE_DEPS#epel-release}); fi LIGHTTPD_USER="lighttpd" LIGHTTPD_GROUP="lighttpd" @@ -756,7 +751,7 @@ install_dependent_packages() { if command -v debconf-apt-progress &> /dev/null; then for i in "${argArray1[@]}"; do echo -n "::: Checking for $i..." - if package_check "${i}" &> /dev/null; then + if dpkg-query -W -f='${Status}' "${i}" 2>/dev/null | grep "ok installed" &> /dev/null; then echo " installed!" else echo " added to install list!" From dc22a50dcc8c125befd74e13234175ea77f8f66d Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Wed, 21 Dec 2016 23:38:31 -0800 Subject: [PATCH 42/88] Fedora dependency installer overhaul Signed-off-by: Dan Schaper Modify Fedora dependency installer Signed-off-by: Dan Schaper Fedora now installs and arrays only non-installed packages. Fedora also noops the cache update, since it updates at every dnf call anyays. Signed-off-by: Dan Schaper --- automated install/basic-install.sh | 33 +++++++++++++++++++++--------- 1 file changed, 23 insertions(+), 10 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index cc7d04dd..0b48b5e7 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -105,23 +105,22 @@ elif [ $(command -v rpm) ]; then PKG_MANAGER="yum" fi PKG_CACHE="/var/cache/${PKG_MANAGER}" - UPDATE_PKG_CACHE="${PKG_MANAGER} check-update" + #Every yum/dnf call will autmomatically update the cache. No-op here, cach updates when + #We get available package count. + #Also a bare `dnf check-update will return 100 as a retval, blows up set -e + UPDATE_PKG_CACHE=":" PKG_INSTALL="${PKG_MANAGER} install -y" PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l" INSTALLER_DEPS=(git iproute net-tools newt procps-ng) - PIHOLE_DEPS=(bc bind-utils cronie curl dnsmasq epel-release findutils lighttpd lighttpd-fastcgi nmap-ncat php php-common php-cli sudo unzip wget) + PIHOLE_DEPS=(bc bind-utils cronie curl dnsmasq findutils lighttpd lighttpd-fastcgi nmap-ncat php php-common php-cli sudo unzip wget) - if grep -q 'Fedora' /etc/redhat-release; then - PIHOLE_DEPS=(${PIHOLE_DEPS#epel-release}); + if ! grep -q 'Fedora' /etc/redhat-release; then + PIHOLE_DEPS=("${PIHOLE_DEPS[@]}" "epel-release"); fi LIGHTTPD_USER="lighttpd" LIGHTTPD_GROUP="lighttpd" LIGHTTPD_CFG="lighttpd.conf.fedora" DNSMASQ_USER="nobody" - - package_check_install() { - rpm -qa | grep ^"${1}"- > /dev/null || ${PKG_INSTALL} "${1}" - } else echo "OS distribution not supported" exit @@ -715,7 +714,7 @@ update_pacakge_cache() { #update package lists echo ":::" echo -n "::: ${PKG_MANAGER} update has not been run today. Running now..." - ${UPDATE_PKG_CACHE} &> /dev/null + ${UPDATE_PKG_CACHE} echo " done!" fi } @@ -758,8 +757,22 @@ install_dependent_packages() { installArray+=("${i}") fi done - debconf-apt-progress -- ${PKG_INSTALL} "${installArray[@]}" + debconf-apt-progress -- ${PKG_INSTALL} "${installArray[@]}" + return 0 fi + + #Fedora + for i in "${argArray1[@]}"; do + echo -n "::: Checking for $i..." + if dnf -q list installed "${i}" &> /dev/null; then + echo " installed!" + else + echo " added to install list!" + installArray+=("${i}") + fi + done + ${PKG_INSTALL} "${installArray[@]}" + return 0 } CreateLogFile() { From 8ad52806de14f2d5679caa95cc2d1074d43c42f0 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Thu, 22 Dec 2016 00:44:10 -0800 Subject: [PATCH 43/88] Quiet DNF Signed-off-by: Dan Schaper --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 0b48b5e7..675d2302 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -771,7 +771,7 @@ install_dependent_packages() { installArray+=("${i}") fi done - ${PKG_INSTALL} "${installArray[@]}" + ${PKG_INSTALL} "${installArray[@]}" &> /dev/null return 0 } From f458780ba738979dcfeb22417b104a70ea695cda Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Thu, 22 Dec 2016 03:21:37 -0800 Subject: [PATCH 44/88] Rebase onto development Signed-off-by: Dan Schaper --- automated install/basic-install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 675d2302..a9b3355a 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -761,10 +761,10 @@ install_dependent_packages() { return 0 fi - #Fedora + #Fedora/CentOS for i in "${argArray1[@]}"; do echo -n "::: Checking for $i..." - if dnf -q list installed "${i}" &> /dev/null; then + if ${PKG_MANAGER} -q list installed "${i}" &> /dev/null; then echo " installed!" else echo " added to install list!" From 7eb612472173e787036ff7efd767baf585ff623d Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Sat, 24 Dec 2016 16:52:46 -0800 Subject: [PATCH 45/88] Don't call for package installs if there are no packages to install. Signed-off-by: Dan Schaper --- automated install/basic-install.sh | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index a9b3355a..4edec877 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -757,7 +757,10 @@ install_dependent_packages() { installArray+=("${i}") fi done + if [[ ${#installArray[@]} -gt 0 ]]; then debconf-apt-progress -- ${PKG_INSTALL} "${installArray[@]}" + return + fi return 0 fi @@ -771,7 +774,10 @@ install_dependent_packages() { installArray+=("${i}") fi done - ${PKG_INSTALL} "${installArray[@]}" &> /dev/null + if [[ ${#installArray[@]} -gt 0 ]]; then + ${PKG_INSTALL} "${installArray[@]}" &> /dev/null + return + fi return 0 } From 4eedf8a746c86432bc8bf8be4af42e851843cc71 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Tue, 27 Dec 2016 10:59:24 -0800 Subject: [PATCH 46/88] Always update package cache where we can. Signed-off-by: Dan Schaper --- automated install/basic-install.sh | 17 +++++------------ 1 file changed, 5 insertions(+), 12 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 3bda5b58..ea0d59bf 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -79,7 +79,6 @@ if [[ $(command -v apt-get) ]]; then #Debian Family ############################################# PKG_MANAGER="apt-get" - PKG_CACHE="/var/lib/apt/lists/" UPDATE_PKG_CACHE="${PKG_MANAGER} update" PKG_INSTALL="${PKG_MANAGER} --yes --no-install-recommends install" # grep -c will return 1 retVal on 0 matches, block this throwing the set -e with an OR TRUE @@ -108,8 +107,8 @@ elif [ $(command -v rpm) ]; then else PKG_MANAGER="yum" fi - PKG_CACHE="/var/cache/${PKG_MANAGER}" - UPDATE_PKG_CACHE="${PKG_MANAGER} check-update" + # Fedora and family update cache on every PKG_INSTALL call, no need for a separate update. + UPDATE_PKG_CACHE=":" PKG_INSTALL="${PKG_MANAGER} install -y" PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l" INSTALLER_DEPS=(git iproute net-tools newt procps-ng) @@ -718,19 +717,13 @@ update_pacakge_cache() { #Running apt-get update/upgrade with minimal output can cause some issues with #requiring user input (e.g password for phpmyadmin see #218) - #Check to see if apt-get update has already been run today - #it needs to have been run at least once on new installs! - timestamp=$(stat -c %Y ${PKG_CACHE}) - timestampAsDate=$(date -d @"${timestamp}" "+%b %e") - today=$(date "+%b %e") + #Update package cache on apt based OSes. Do this every time since + #it's quick and packages can be updated at any time. - if [ ! "${today}" == "${timestampAsDate}" ]; then - #update package lists echo ":::" - echo -n "::: ${PKG_MANAGER} update has not been run today. Running now..." + echo -n "::: Updating local cache of available packages..." ${UPDATE_PKG_CACHE} &> /dev/null echo " done!" - fi } notify_package_updates_available() { From a328326e3920e387d1609306dbffc3004a514e44 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Tue, 27 Dec 2016 11:41:07 -0800 Subject: [PATCH 47/88] Formatting Signed-off-by: Dan Schaper --- automated install/basic-install.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index ea0d59bf..1638829d 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -720,10 +720,10 @@ update_pacakge_cache() { #Update package cache on apt based OSes. Do this every time since #it's quick and packages can be updated at any time. - echo ":::" - echo -n "::: Updating local cache of available packages..." - ${UPDATE_PKG_CACHE} &> /dev/null - echo " done!" + echo ":::" + echo -n "::: Updating local cache of available packages..." + ${UPDATE_PKG_CACHE} &> /dev/null + echo " done!" } notify_package_updates_available() { From 7320fc11d23cb332fbf66ca5dd80ae3fc8053ad4 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Tue, 27 Dec 2016 11:53:23 -0800 Subject: [PATCH 48/88] Check command -v directly, instead of subshelling out. Signed-off-by: Dan Schaper --- automated install/basic-install.sh | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 3bda5b58..cb51ba41 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -63,7 +63,7 @@ else echo ":::" echo "::: Detecting the presence of the sudo utility for continuation of this install..." - if [ -x "$(command -v sudo)" ]; then + if command -v sudo &> /dev/null; then echo "::: Utility sudo located." exec curl -sSL https://install.pi-hole.net | sudo bash "$@" exit $? @@ -75,7 +75,7 @@ fi # Compatibility -if [[ $(command -v apt-get) ]]; then +if command -v apt-get &> /dev/null; then #Debian Family ############################################# PKG_MANAGER="apt-get" @@ -101,9 +101,9 @@ if [[ $(command -v apt-get) ]]; then package_check_install() { dpkg-query -W -f='${Status}' "${1}" 2>/dev/null | grep -c "ok installed" || ${PKG_INSTALL} "${1}" } -elif [ $(command -v rpm) ]; then +elif command -v rpm &> /dev/null; then # Fedora Family - if [ $(command -v dnf) ]; then + if command -v dnf &> /dev/null; then PKG_MANAGER="dnf" else PKG_MANAGER="yum" @@ -421,7 +421,7 @@ setStaticIPv4() { echo "USERCTL=no" }> "${IFCFG_FILE}" ip addr replace dev "${PIHOLE_INTERFACE}" "${IPV4_ADDRESS}" - if [ -x "$(command -v nmcli)" ];then + if command -v nmcli &> /dev/null;then # Tell NetworkManager to read our new sysconfig file nmcli con load "${IFCFG_FILE}" > /dev/null fi @@ -681,7 +681,7 @@ stop_service() { # Can softfail, as process may not be installed when this is called echo ":::" echo -n "::: Stopping ${1} service..." - if [ -x "$(command -v systemctl)" ]; then + if command -v systemctl &> /dev/null; then systemctl stop "${1}" &> /dev/null || true else service "${1}" stop &> /dev/null || true @@ -694,7 +694,7 @@ start_service() { # This should not fail, it's an error if it does echo ":::" echo -n "::: Starting ${1} service..." - if [ -x "$(command -v systemctl)" ]; then + if command -v systemctl &> /dev/null; then systemctl restart "${1}" &> /dev/null else service "${1}" restart &> /dev/null @@ -706,7 +706,7 @@ enable_service() { # Enable service so that it will start with next reboot echo ":::" echo -n "::: Enabling ${1} service to start on reboot..." - if [ -x "$(command -v systemctl)" ]; then + if command -v systemctl &> /dev/null; then systemctl enable "${1}" &> /dev/null else update-rc.d "${1}" defaults &> /dev/null @@ -869,10 +869,10 @@ create_pihole_user() { configureFirewall() { # Allow HTTP and DNS traffic - if [ -x "$(command -v firewall-cmd)" ]; then + if command -v firewall-cmd &> /dev/null; then firewall-cmd --state &> /dev/null && ( echo "::: Configuring firewalld for httpd and dnsmasq.." && firewall-cmd --permanent --add-port=80/tcp && firewall-cmd --permanent --add-port=53/tcp \ && firewall-cmd --permanent --add-port=53/udp && firewall-cmd --reload) || echo "::: FirewallD not enabled" - elif [ -x "$(command -v iptables)" ]; then + elif command -v iptables &> /dev/null; then echo "::: Configuring iptables for httpd and dnsmasq.." iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT iptables -A INPUT -p tcp -m tcp --dport 53 -j ACCEPT @@ -954,7 +954,7 @@ updatePihole() { checkSelinux() { - if [ -x "$(command -v getenforce)" ]; then + if command -v getenforce &> /dev/null; then echo ":::" echo -n "::: SELinux Support Detected... Mode: " enforceMode=$(getenforce) From 9a9cb6134551bedc327ba4e256220997c9c40798 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Tue, 27 Dec 2016 12:59:53 -0800 Subject: [PATCH 49/88] Shift `epel-release` to installer dependencies for CentOS Signed-off-by: Dan Schaper --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 97cd0d98..0e251575 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -113,7 +113,7 @@ elif [ $(command -v rpm) ]; then PIHOLE_DEPS=(bc bind-utils cronie curl dnsmasq findutils lighttpd lighttpd-fastcgi nmap-ncat php php-common php-cli sudo unzip wget) if ! grep -q 'Fedora' /etc/redhat-release; then - PIHOLE_DEPS=("${PIHOLE_DEPS[@]}" "epel-release"); + INSTALLER_DEPS=("${INSTALLER_DEPS[@]}" "epel-release"); fi LIGHTTPD_USER="lighttpd" LIGHTTPD_GROUP="lighttpd" From 9af26cbaacbe55fd4b058e5f286e4f051610ba46 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Wed, 28 Dec 2016 02:14:47 +0000 Subject: [PATCH 50/88] Major simplification of webpage.sh --- advanced/Scripts/webpage.sh | 225 +++++++++++++++++++++--------------- 1 file changed, 129 insertions(+), 96 deletions(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index d87def14..ddc8859e 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -11,6 +11,10 @@ args=("$@") +readonly setupVars="/etc/pihole/setupVars.conf" +readonly dnsmasqconfig="/etc/dnsmasq.d/01-pihole.conf" +readonly dhcpconfig="/etc/dnsmasq.d/02-pihole-dhcp.conf" + helpFunc() { cat << EOM ::: Set admin options for the web interface of pihole @@ -27,12 +31,34 @@ EOM exit 0 } +add_setting() { + echo "${1}=${2}" >> "${setupVars}" +} + +delete_setting() { + sed -i "/${1}/d" "${setupVars}" +} + +change_setting() { + delete_setting "${1}" + add_setting "${1}" "${2}" +} + +add_dnsmasq_setting() { + if [[ "${2}" != "" ]]; then + echo "${1}=${2}" >> "${dnsmasqconfig}" + else + echo "${1}" >> "${dnsmasqconfig}" + fi +} + +delete_dnsmasq_setting() { + sed -i "/${1}/d" "${dnsmasqconfig}" +} + SetTemperatureUnit(){ - # Remove setting from file (create backup setupVars.conf.bak) - sed -i.bak '/TEMPERATUREUNIT/d' /etc/pihole/setupVars.conf - # Save setting to file - echo "TEMPERATUREUNIT=${unit}" >> /etc/pihole/setupVars.conf + change_setting "TEMPERATUREUNIT" "${unit}" } @@ -50,66 +76,70 @@ SetWebPassword(){ exit 1 fi - # Remove password from file (create backup setupVars.conf.bak) - sed -i.bak '/WEBPASSWORD/d' /etc/pihole/setupVars.conf # Set password only if there is one to be set if (( ${#args[2]} > 0 )) ; then # Compute password hash twice to avoid rainbow table vulnerability hash=$(echo -n ${args[2]} | sha256sum | sed 's/\s.*$//') hash=$(echo -n ${hash} | sha256sum | sed 's/\s.*$//') # Save hash to file - echo "WEBPASSWORD=${hash}" >> /etc/pihole/setupVars.conf + change_setting "WEBPASSWORD" "${hash}" echo "New password set" else - echo "WEBPASSWORD=" >> /etc/pihole/setupVars.conf + change_setting "WEBPASSWORD" "" echo "Password removed" fi } +ProcessDNSSettings() { + source "${setupVars}" + + delete_dnsmasq_setting "server=" + add_dnsmasq_setting "server" "${PIHOLE_DNS_1}" + + if [[ "${PIHOLE_DNS_2}" != "" ]]; then + add_dnsmasq_setting "server" "${PIHOLE_DNS_2}" + fi + + delete_dnsmasq_setting "domain-needed" + + if [[ "${DNS_FQDN_REQUIRED}" == true ]]; then + add_dnsmasq_setting "domain-needed" + fi + + delete_dnsmasq_setting "bogus-priv" + + if [[ "${DNS_BOGUS_PRIV}" == true ]]; then + add_dnsmasq_setting "bogus-priv" + fi + +} + SetDNSServers(){ - # Remove setting from file (create backup setupVars.conf.bak) - sed -i.bak '/PIHOLE_DNS_1/d;/PIHOLE_DNS_2/d;/DNS_FQDN_REQUIRED/d;/DNS_BOGUS_PRIV/d;' /etc/pihole/setupVars.conf # Save setting to file - echo "PIHOLE_DNS_1=${args[2]}" >> /etc/pihole/setupVars.conf + change_setting "PIHOLE_DNS_1" "${args[2]}" + if [[ "${args[3]}" != "none" ]]; then - echo "PIHOLE_DNS_2=${args[3]}" >> /etc/pihole/setupVars.conf + change_setting "PIHOLE_DNS_2" "${args[3]}" else - echo "PIHOLE_DNS_2=" >> /etc/pihole/setupVars.conf + change_setting "PIHOLE_DNS_2" "" fi - # Replace within actual dnsmasq config file - sed -i '/server=/d;' /etc/dnsmasq.d/01-pihole.conf - echo "server=${args[2]}" >> /etc/dnsmasq.d/01-pihole.conf - if [[ "${args[3]}" != "none" ]]; then - echo "server=${args[3]}" >> /etc/dnsmasq.d/01-pihole.conf - fi - - # Remove domain-needed entry - sed -i '/domain-needed/d;' /etc/dnsmasq.d/01-pihole.conf - - # Readd it if required if [[ "${args[4]}" == "domain-needed" ]]; then - echo "domain-needed" >> /etc/dnsmasq.d/01-pihole.conf - echo "DNS_FQDN_REQUIRED=true" >> /etc/pihole/setupVars.conf + change_setting "DNS_FQDN_REQUIRED" "true" else - # Leave it deleted if not wanted - echo "DNS_FQDN_REQUIRED=false" >> /etc/pihole/setupVars.conf + change_setting "DNS_FQDN_REQUIRED" "false" fi - # Remove bogus-priv entry - sed -i '/bogus-priv/d;' /etc/dnsmasq.d/01-pihole.conf - - # Readd it if required - if [[ "${args[5]}" == "bogus-priv" ]]; then - echo "bogus-priv" >> /etc/dnsmasq.d/01-pihole.conf - echo "DNS_BOGUS_PRIV=true" >> /etc/pihole/setupVars.conf + if [[ "${args[4]}" == "bogus-priv" || "${args[5]}" == "bogus-priv" ]]; then + change_setting "DNS_BOGUS_PRIV" "true" else - # Leave it deleted if not wanted - echo "DNS_BOGUS_PRIV=false" >> /etc/pihole/setupVars.conf + change_setting "DNS_BOGUS_PRIV" "false" fi + ProcessDnsmasqSettings + # Restart dnsmasq to load new configuration RestartDNS @@ -117,18 +147,14 @@ SetDNSServers(){ SetExcludeDomains(){ - # Remove setting from file (create backup setupVars.conf.bak) - sed -i.bak '/API_EXCLUDE_DOMAINS/d;' /etc/pihole/setupVars.conf - # Save setting to file - echo "API_EXCLUDE_DOMAINS=${args[2]}" >> /etc/pihole/setupVars.conf + change_setting "API_EXCLUDE_DOMAINS" "${args[2]}" + } SetExcludeClients(){ - # Remove setting from file (create backup setupVars.conf.bak) - sed -i.bak '/API_EXCLUDE_CLIENTS/d;' /etc/pihole/setupVars.conf - # Save setting to file - echo "API_EXCLUDE_CLIENTS=${args[2]}" >> /etc/pihole/setupVars.conf + change_setting "API_EXCLUDE_CLIENTS" "${args[2]}" + } Reboot(){ @@ -149,96 +175,103 @@ RestartDNS(){ SetQueryLogOptions(){ - # Remove setting from file (create backup setupVars.conf.bak) - sed -i.bak '/API_QUERY_LOG_SHOW/d;' /etc/pihole/setupVars.conf - # Save setting to file - echo "API_QUERY_LOG_SHOW=${args[2]}" >> /etc/pihole/setupVars.conf + change_setting "API_QUERY_LOG_SHOW" "${args[2]}" + +} + +ProcessDHCPSettings() { + + source "${setupVars}" + interface=$(grep 'PIHOLE_INTERFACE=' /etc/pihole/setupVars.conf | sed "s/.*=//") + + # Use eth0 as fallback interface + if [ -z ${interface} ]; then + interface="eth0" + fi + + # Write settings to file + echo "############################################################################### +# DHCP SERVER CONFIG FILE AUTOMATICALLY POPULATED BY PI-HOLE WEB INTERFACE. # +# ANY CHANGES MADE TO THIS FILE WILL BE LOST ON CHANGE # +############################################################################### +dhcp-authoritative +dhcp-range=${DHCP_START},${DHCP_END},infinite +dhcp-option=option:router,${DHCP_ROUTER} +dhcp-leasefile=/etc/pihole/dhcp.leases +domain=${PIHOLE_DOMAIN} +quiet-dhcp +quiet-dhcp6 +#enable-ra +dhcp-option=option6:dns-server,[::] +dhcp-range=::100,::1ff,constructor:${interface} +" > "${dhcpconfig}" + } EnableDHCP(){ - # Remove setting from file (create backup setupVars.conf.bak) - sed -i.bak '/DHCP_/d;' /etc/pihole/setupVars.conf - echo "DHCP_ACTIVE=true" >> /etc/pihole/setupVars.conf - echo "DHCP_START=${args[2]}" >> /etc/pihole/setupVars.conf - echo "DHCP_END=${args[3]}" >> /etc/pihole/setupVars.conf - echo "DHCP_ROUTER=${args[4]}" >> /etc/pihole/setupVars.conf + change_setting "DHCP_ACTIVE" "true" + change_setting "DHCP_START" "${args[2]}" + change_setting "DHCP_END" "${args[3]}" + change_setting "DHCP_ROUTER" "${args[4]}" - # Remove setting from file - sed -i '/dhcp-/d;/quiet-dhcp/d;' /etc/dnsmasq.d/01-pihole.conf - # Save setting to file - echo "dhcp-range=${args[2]},${args[3]},infinite" >> /etc/dnsmasq.d/01-pihole.conf - echo "dhcp-option=option:router,${args[4]}" >> /etc/dnsmasq.d/01-pihole.conf - # Changes the behaviour from strict RFC compliance so that DHCP requests on unknown leases from unknown hosts are not ignored. This allows new hosts to get a lease without a tedious timeout under all circumstances. It also allows dnsmasq to rebuild its lease database without each client needing to reacquire a lease, if the database is lost. - echo "dhcp-authoritative" >> /etc/dnsmasq.d/01-pihole.conf - # Use the specified file to store DHCP lease information - echo "dhcp-leasefile=/etc/pihole/dhcp.leases" >> /etc/dnsmasq.d/01-pihole.conf - # Suppress logging of the routine operation of these protocols. Errors and problems will still be logged, though. - echo "quiet-dhcp" >> /etc/dnsmasq.d/01-pihole.conf - echo "quiet-dhcp6" >> /etc/dnsmasq.d/01-pihole.conf + # Remove possible old setting from file + delete_dnsmasq_setting "dhcp-" + delete_dnsmasq_setting "quiet-dhcp" + + ProcessDHCPSettings RestartDNS } DisableDHCP(){ - # Remove setting from file (create backup setupVars.conf.bak) - sed -i.bak '/DHCP_ACTIVE/d;' /etc/pihole/setupVars.conf - echo "DHCP_ACTIVE=false" >> /etc/pihole/setupVars.conf + change_setting "DHCP_ACTIVE" "false" - # Remove setting from file - sed -i '/dhcp-/d;/quiet-dhcp/d;' /etc/dnsmasq.d/01-pihole.conf + # Remove possible old setting from file + delete_dnsmasq_setting "dhcp-" + delete_dnsmasq_setting "quiet-dhcp" + + rm "${dhcpconfig}" RestartDNS } SetWebUILayout(){ - # Remove setting from file (create backup setupVars.conf.bak) - sed -i.bak '/WEBUIBOXEDLAYOUT/d;' /etc/pihole/setupVars.conf - echo "WEBUIBOXEDLAYOUT=${args[2]}" >> /etc/pihole/setupVars.conf + change_setting "WEBUIBOXEDLAYOUT" "${args[2]}" } -SetDNSDomainName(){ +SetDHCPDomainName(){ - # Remove setting from file (create backup setupVars.conf.bak) - sed -i.bak '/PIHOLE_DOMAIN/d;' /etc/pihole/setupVars.conf - # Save setting to file - echo "PIHOLE_DOMAIN=${args[2]}" >> /etc/pihole/setupVars.conf + change_setting "PIHOLE_DOMAIN" "${args[2]}" - # Replace within actual dnsmasq config file - sed -i '/domain=/d;' /etc/dnsmasq.d/01-pihole.conf - echo "domain=${args[2]}" >> /etc/dnsmasq.d/01-pihole.conf + ProcessDHCPSettings - # Restart dnsmasq to load new configuration RestartDNS } SetPrivacyMode(){ - # Remove setting from file (create backup setupVars.conf.bak) - sed -i.bak '/API_PRIVACY_MODE/d' /etc/pihole/setupVars.conf - # Save setting to file if [[ "${args[2]}" == "true" ]] ; then - echo "API_PRIVACY_MODE=true" >> /etc/pihole/setupVars.conf + change_setting "API_PRIVACY_MODE" "true" else - echo "API_PRIVACY_MODE=false" >> /etc/pihole/setupVars.conf + change_setting "API_PRIVACY_MODE" "false" fi + } ResolutionSettings() { - typ=${args[2]} - state=${args[3]} + typ="${args[2]}" + state="${args[3]}" if [[ "${typ}" == "forward" ]]; then - sed -i.bak '/API_GET_UPSTREAM_DNS_HOSTNAME/d;' /etc/pihole/setupVars.conf - echo "API_GET_UPSTREAM_DNS_HOSTNAME=${state}" >> /etc/pihole/setupVars.conf + change_setting "API_GET_UPSTREAM_DNS_HOSTNAME" "${state}" elif [[ "${typ}" == "clients" ]]; then - sed -i.bak '/API_GET_CLIENT_HOSTNAME/d;' /etc/pihole/setupVars.conf - echo "API_GET_CLIENT_HOSTNAME=${state}" >> /etc/pihole/setupVars.conf + change_setting "API_GET_CLIENT_HOSTNAME" "${state}" fi } @@ -257,7 +290,7 @@ case "${args[1]}" in "disabledhcp" ) DisableDHCP;; "layout" ) SetWebUILayout;; "-h" | "--help" ) helpFunc;; - "domainname" ) SetDNSDomainName;; + "domainname" ) SetDHCPDomainName;; "privacymode" ) SetPrivacyMode;; "resolve" ) ResolutionSettings;; * ) helpFunc;; From 9170488b0a73a11bbc0267de6b3747dab1d80094 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Wed, 28 Dec 2016 15:58:48 +0000 Subject: [PATCH 51/88] Test if DNS service is listening on local port 53 --- pihole | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/pihole b/pihole index 5a54fae4..7021ab0a 100755 --- a/pihole +++ b/pihole @@ -185,6 +185,19 @@ piholeLogging() { } piholeStatus() { + if [[ $(netstat -plnt | grep -c ':53') > 0 ]]; then + if [[ "${1}" != "web" ]] ; then + echo "::: DNS service is running" + fi + else + if [[ "${1}" == "web" ]] ; then + echo "-1"; + else + echo "::: DNS service is NOT running" + fi + return + fi + if [[ $(grep -i "^#addn-hosts=/" /etc/dnsmasq.d/01-pihole.conf) ]] ; then #list is commented out if [[ "${1}" == "web" ]] ; then From 1e627c7e8fa9b7f9d0cbb6660235c572dad656c9 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Wed, 28 Dec 2016 16:25:14 +0000 Subject: [PATCH 52/88] Make webpage.sh fully library style --- advanced/Scripts/webpage.sh | 55 +++++++++++++++++++------------------ pihole | 3 +- 2 files changed, 31 insertions(+), 27 deletions(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index ddc8859e..a18a28ce 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -9,8 +9,6 @@ # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. -args=("$@") - readonly setupVars="/etc/pihole/setupVars.conf" readonly dnsmasqconfig="/etc/dnsmasq.d/01-pihole.conf" readonly dhcpconfig="/etc/dnsmasq.d/02-pihole-dhcp.conf" @@ -275,30 +273,35 @@ ResolutionSettings() { fi } -case "${args[1]}" in - "-p" | "password" ) SetWebPassword;; - "-c" | "celsius" ) unit="C"; SetTemperatureUnit;; - "-f" | "fahrenheit" ) unit="F"; SetTemperatureUnit;; - "-k" | "kelvin" ) unit="K"; SetTemperatureUnit;; - "setdns" ) SetDNSServers;; - "setexcludedomains" ) SetExcludeDomains;; - "setexcludeclients" ) SetExcludeClients;; - "reboot" ) Reboot;; - "restartdns" ) RestartDNS;; - "setquerylog" ) SetQueryLogOptions;; - "enabledhcp" ) EnableDHCP;; - "disabledhcp" ) DisableDHCP;; - "layout" ) SetWebUILayout;; - "-h" | "--help" ) helpFunc;; - "domainname" ) SetDHCPDomainName;; - "privacymode" ) SetPrivacyMode;; - "resolve" ) ResolutionSettings;; - * ) helpFunc;; -esac +main() { -shift + args=("$@") -if [[ $# = 0 ]]; then - helpFunc -fi + case "${args[1]}" in + "-p" | "password" ) SetWebPassword;; + "-c" | "celsius" ) unit="C"; SetTemperatureUnit;; + "-f" | "fahrenheit" ) unit="F"; SetTemperatureUnit;; + "-k" | "kelvin" ) unit="K"; SetTemperatureUnit;; + "setdns" ) SetDNSServers;; + "setexcludedomains" ) SetExcludeDomains;; + "setexcludeclients" ) SetExcludeClients;; + "reboot" ) Reboot;; + "restartdns" ) RestartDNS;; + "setquerylog" ) SetQueryLogOptions;; + "enabledhcp" ) EnableDHCP;; + "disabledhcp" ) DisableDHCP;; + "layout" ) SetWebUILayout;; + "-h" | "--help" ) helpFunc;; + "domainname" ) SetDHCPDomainName;; + "privacymode" ) SetPrivacyMode;; + "resolve" ) ResolutionSettings;; + * ) helpFunc;; + esac + shift + + if [[ $# = 0 ]]; then + helpFunc + fi + +} diff --git a/pihole b/pihole index 5a54fae4..f41f7ac5 100755 --- a/pihole +++ b/pihole @@ -23,7 +23,8 @@ if [[ ! $EUID -eq 0 ]];then fi webpageFunc() { - /opt/pihole/webpage.sh "$@" + source /opt/pihole/webpage.sh + main "$@" exit 0 } From 02d658be65e2d68f2accf27a5fb686b4f3020a94 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Wed, 28 Dec 2016 16:31:55 +0000 Subject: [PATCH 53/88] Look for DHCP / DNS server settings which would have to be reapplied after updating (since we overwrite 01-pihole.conf) --- automated install/basic-install.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index cef7b7f0..cacc3ca6 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -888,6 +888,17 @@ finalExports() { echo "PIHOLE_DNS_2=${PIHOLE_DNS_2}" echo "QUERY_LOGGING=${QUERY_LOGGING}" }>> "${setupVars}" + + # Look for DHCP / DNS server settings which would have to be reapplied + source "${setupVars}" + source "/etc/.pihole/advanced/Scripts/webpage.sh" + if [[ "${DNS_FQDN_REQUIRED}" != "" ]] ; then + ProcessDNSSettings + fi + + if [[ "${DHCP_ACTIVE}" == "true" ]] ; then + ProcessDHCPSettings + fi } installPihole() { From 03d4fcd17dca1d0b976285c6ffbb3a86a5ffe7ec Mon Sep 17 00:00:00 2001 From: DL6ER Date: Wed, 28 Dec 2016 16:32:24 +0000 Subject: [PATCH 54/88] Don't actually have to reapply DHCP settings since we are going to save it in a different file we don't replace by a template --- automated install/basic-install.sh | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index cacc3ca6..c2c7f8d9 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -889,16 +889,12 @@ finalExports() { echo "QUERY_LOGGING=${QUERY_LOGGING}" }>> "${setupVars}" - # Look for DHCP / DNS server settings which would have to be reapplied + # Look for DNS server settings which would have to be reapplied source "${setupVars}" source "/etc/.pihole/advanced/Scripts/webpage.sh" if [[ "${DNS_FQDN_REQUIRED}" != "" ]] ; then ProcessDNSSettings fi - - if [[ "${DHCP_ACTIVE}" == "true" ]] ; then - ProcessDHCPSettings - fi } installPihole() { From d0cd39a25f919b051ff94b959b9a0982145f7f5c Mon Sep 17 00:00:00 2001 From: DL6ER Date: Wed, 28 Dec 2016 20:32:56 +0100 Subject: [PATCH 55/88] Added space behind :53 to only match port 53 --- pihole | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pihole b/pihole index 7021ab0a..a8442edd 100755 --- a/pihole +++ b/pihole @@ -185,7 +185,7 @@ piholeLogging() { } piholeStatus() { - if [[ $(netstat -plnt | grep -c ':53') > 0 ]]; then + if [[ $(netstat -plnt | grep -c ':53 ') > 0 ]]; then if [[ "${1}" != "web" ]] ; then echo "::: DNS service is running" fi From cf724176dc388e2ec6c965f894cb368b87cdec8d Mon Sep 17 00:00:00 2001 From: DL6ER Date: Wed, 28 Dec 2016 20:02:48 +0000 Subject: [PATCH 56/88] Do stateful DHCPv6 and SLAAC --- advanced/Scripts/webpage.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index a18a28ce..a4ebae78 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -201,7 +201,8 @@ quiet-dhcp quiet-dhcp6 #enable-ra dhcp-option=option6:dns-server,[::] -dhcp-range=::100,::1ff,constructor:${interface} +dhcp-range=::100,::1ff,constructor:${interface},ra-names,slaac +ra-param=*,0,0 " > "${dhcpconfig}" } From bbb958b7ed963a5ea86038f86d442faba1e1e4cb Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Thu, 29 Dec 2016 01:34:49 -0800 Subject: [PATCH 57/88] Detect RPF breaking kernel updates. Signed-off-by: Dan Schaper --- automated install/basic-install.sh | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index cef7b7f0..09615430 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -734,12 +734,15 @@ notify_package_updates_available() { updatesToInstall=$(eval "${PKG_COUNT}") echo " done!" echo ":::" - if [[ ${updatesToInstall} -eq "0" ]]; then - echo "::: Your system is up to date! Continuing with Pi-hole installation..." - else - echo "::: There are ${updatesToInstall} updates available for your system!" - echo "::: We recommend you update your OS after installing Pi-Hole! " - echo ":::" + if [[ -d "/lib/modules/$(uname -r)" ]]; then + if [[ ${updatesToInstall} -eq "0" ]]; then + echo "::: Your system is up to date! Continuing with Pi-hole installation..." + else + echo "::: There are ${updatesToInstall} updates available for your system!" + echo "::: We recommend you update your OS after installing Pi-Hole! " + echo ":::" + fi + echo "::: Kernel update detected, please reboot your system and try again if your installation fails." fi } From ea9ec384c61c50103010090d446fdcbf85711194 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Thu, 29 Dec 2016 01:35:52 -0800 Subject: [PATCH 58/88] Disambiguate nested ifs. Signed-off-by: Dan Schaper --- automated install/basic-install.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 09615430..9701560f 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -742,6 +742,7 @@ notify_package_updates_available() { echo "::: We recommend you update your OS after installing Pi-Hole! " echo ":::" fi + else echo "::: Kernel update detected, please reboot your system and try again if your installation fails." fi } From 3268e1611a65b5410365912e6dadc17cf3531be9 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Thu, 29 Dec 2016 14:19:44 +0000 Subject: [PATCH 59/88] Backend accept and apply dhcp lease time --- advanced/Scripts/webpage.sh | 21 +++++++++------------ 1 file changed, 9 insertions(+), 12 deletions(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index a4ebae78..b2b4c0d9 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -187,13 +187,19 @@ ProcessDHCPSettings() { interface="eth0" fi + if [[ "${DHCP_LEASETIME}" == "0" ]]; then + leasetime="infinite" + else + leasetime="${DHCP_LEASETIME}h" + fi + # Write settings to file echo "############################################################################### # DHCP SERVER CONFIG FILE AUTOMATICALLY POPULATED BY PI-HOLE WEB INTERFACE. # # ANY CHANGES MADE TO THIS FILE WILL BE LOST ON CHANGE # ############################################################################### dhcp-authoritative -dhcp-range=${DHCP_START},${DHCP_END},infinite +dhcp-range=${DHCP_START},${DHCP_END},${leasetime} dhcp-option=option:router,${DHCP_ROUTER} dhcp-leasefile=/etc/pihole/dhcp.leases domain=${PIHOLE_DOMAIN} @@ -213,6 +219,8 @@ EnableDHCP(){ change_setting "DHCP_START" "${args[2]}" change_setting "DHCP_END" "${args[3]}" change_setting "DHCP_ROUTER" "${args[4]}" + change_setting "DHCP_LEASETIME" "${args[5]}" + change_setting "PIHOLE_DOMAIN" "${args[6]}" # Remove possible old setting from file delete_dnsmasq_setting "dhcp-" @@ -242,16 +250,6 @@ SetWebUILayout(){ } -SetDHCPDomainName(){ - - change_setting "PIHOLE_DOMAIN" "${args[2]}" - - ProcessDHCPSettings - - RestartDNS - -} - SetPrivacyMode(){ if [[ "${args[2]}" == "true" ]] ; then @@ -293,7 +291,6 @@ main() { "disabledhcp" ) DisableDHCP;; "layout" ) SetWebUILayout;; "-h" | "--help" ) helpFunc;; - "domainname" ) SetDHCPDomainName;; "privacymode" ) SetPrivacyMode;; "resolve" ) ResolutionSettings;; * ) helpFunc;; From 9181a4a1d85fb63398df501d294ec6a8f7fd9e32 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Thu, 29 Dec 2016 14:26:23 +0000 Subject: [PATCH 60/88] Apply dhcp lease time also for IPv6 --- advanced/Scripts/webpage.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index b2b4c0d9..92431cb6 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -207,7 +207,7 @@ quiet-dhcp quiet-dhcp6 #enable-ra dhcp-option=option6:dns-server,[::] -dhcp-range=::100,::1ff,constructor:${interface},ra-names,slaac +dhcp-range=::100,::1ff,constructor:${interface},ra-names,slaac,${leasetime} ra-param=*,0,0 " > "${dhcpconfig}" From a4a987964396d13dc345890efe55d34f1b4d3769 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Thu, 29 Dec 2016 15:57:29 -0800 Subject: [PATCH 61/88] Restructure firewall detection and application. Signed-off-by: Dan Schaper --- automated install/basic-install.sh | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 9701560f..906d1dc9 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -866,16 +866,17 @@ create_pihole_user() { configureFirewall() { # Allow HTTP and DNS traffic - if command -v firewall-cmd &> /dev/null; then - firewall-cmd --state &> /dev/null && ( echo "::: Configuring firewalld for httpd and dnsmasq.." && firewall-cmd --permanent --add-port=80/tcp && firewall-cmd --permanent --add-port=53/tcp \ - && firewall-cmd --permanent --add-port=53/udp && firewall-cmd --reload) || echo "::: FirewallD not enabled" - elif command -v iptables &> /dev/null; then + if firewall-cmd --state &> /dev/null; then + echo "::: Configuring FirewallD for httpd and dnsmasq.." + firewall-cmd --permanent --add-port=80/tcp --add-port=53/tcp --add-port=53/udp + firewall-cmd --reload + elif modinfo ip_tables &> /dev/null && iptables -S INPUT | head -n1 | grep -v "ACCEPT" &> /dev/null ; then echo "::: Configuring iptables for httpd and dnsmasq.." iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT iptables -A INPUT -p tcp -m tcp --dport 53 -j ACCEPT iptables -A INPUT -p udp -m udp --dport 53 -j ACCEPT else - echo "::: No firewall detected.. skipping firewall configuration." + echo "::: No active firewall detected.. skipping firewall configuration." fi } From a48518d2345d3a9c96f467a32812089139e44e69 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Thu, 29 Dec 2016 16:11:13 -0800 Subject: [PATCH 62/88] Update test rig for new firewalld Signed-off-by: Dan Schaper --- test/test_automated_install.py | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/test/test_automated_install.py b/test/test_automated_install.py index ee3beeee..58aefe91 100644 --- a/test/test_automated_install.py +++ b/test/test_automated_install.py @@ -71,13 +71,11 @@ def test_configureFirewall_firewalld_no_errors(Pihole): source /opt/pihole/basic-install.sh configureFirewall ''') - expected_stdout = '::: Configuring firewalld for httpd and dnsmasq.' + expected_stdout = '::: Configuring FirewallD for httpd and dnsmasq.' assert expected_stdout in configureFirewall.stdout firewall_calls = Pihole.run('cat /var/log/firewall-cmd').stdout assert 'firewall-cmd --state' in firewall_calls - assert 'firewall-cmd --permanent --add-port=80/tcp' in firewall_calls - assert 'firewall-cmd --permanent --add-port=53/tcp' in firewall_calls - assert 'firewall-cmd --permanent --add-port=53/udp' in firewall_calls + assert 'firewall-cmd --permanent --add-port=80/tcp --add-port=53/tcp --add-port=53/udp' in firewall_calls assert 'firewall-cmd --reload' in firewall_calls From 09bfa2ef77e807793861806a9fc17f7a9bd86f4d Mon Sep 17 00:00:00 2001 From: DL6ER Date: Fri, 30 Dec 2016 12:03:45 +0000 Subject: [PATCH 63/88] Add whitelisting on blocking page feature --- advanced/blockingpage.css | 7 +++-- advanced/index.php | 63 +++++++++++++++++++++++++++++++++++++-- 2 files changed, 66 insertions(+), 4 deletions(-) diff --git a/advanced/blockingpage.css b/advanced/blockingpage.css index 1fdb5f19..7e11dbd0 100644 --- a/advanced/blockingpage.css +++ b/advanced/blockingpage.css @@ -101,7 +101,7 @@ li::before { content: "\00BB\00a0"; } li a { position: relative; top: 1px; } /* Center bullet-point arrows */ /* Button Style */ -.buttons a, input, .transparent th a { /* Swapped rgba is shared with input[type='url'] */ +.buttons a, button, input, .transparent th a { /* Swapped rgba is shared with input[type='url'] */ display: inline-block; color: rgba(32,32,32,0.9); font-weight: bold; @@ -120,12 +120,15 @@ li a { position: relative; top: 1px; } /* Center bullet-point arrows */ } .buttons { white-space: nowrap; width: 100%; display: table; } +.buttons33 { white-space: nowrap; width: 33.333%; display: table; text-align: center; margin-left: 33.333% } .mini a { width: 50%; } a.safe { background-color: rgba(0,220,0,0.5); } +button.safe { background-color: rgba(0,220,0,0.5); } a.warn { background-color: rgba(220,0,0,0.5); } .blocked a, .mini a { display: table-cell; } -.blocked a.safe { width: 100%; } +.blocked a.safe50 { width: 50%; background-color: rgba(0,220,0,0.5); } +.blocked a.safe33 { width: 33.333%; background-color: rgba(0,220,0,0.5); } /* Types of text */ .msg { white-space: pre; overflow: auto; -webkit-overflow-scrolling: touch; display: block; line-height: 1.2em; font-weight: bold; font-size: 1.15em; margin: 4px 8px 8px 8px; white-space: pre-line; } diff --git a/advanced/index.php b/advanced/index.php index 46073867..a36b65d4 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -69,7 +69,22 @@ if($uri == "/") This page is blocked because it is explicitly contained within the following block list(s):
-
Go back +
+ Go back + Whitelist this page + Close window +
+
Generated by Pi-hole
@@ -97,7 +112,51 @@ if($uri == "/") // Query adlists $( "#btnSearch" ).click(); } -// } + + $( "#whitelisting" ).on( "click", function(){ $( "#whitelistingform" ).removeAttr( "hidden" ); }); + + function add() { + var domain = $("#domain"); + var pw = $("#pw"); + if(domain.val().length === 0){ + return; + } + + $.ajax({ + url: "admin/php/add.php", + method: "post", + data: {"domain":domain.val(), "list":"white", "pw":pw.val()}, + success: function(response) { + $( "#whitelistingoutput" ).removeAttr( "hidden" ); + if(response.indexOf("Pi-hole blocking") !== -1) + { + // Reload page after 5 seconds + setTimeout(function(){window.location.reload(1);}, 5000); + $( "#whitelistingoutput" ).html("---> Success <---"); + } + else + { + $( "#whitelistingoutput" ).html("---> "+response+" <---"); + } + + }, + error: function(jqXHR, exception) { + $( "#whitelistingoutput" ).removeAttr( "hidden" ); + $( "#whitelistingoutput" ).html("---> "+response+" <---"); + } + }); +} +// Handle enter button for adding domains +$(document).keypress(function(e) { + if(e.which === 13 && $("#password").is(":focus")) { + add(); + } +}); + +// Handle buttons +$("#btnAdd").on("click", function() { + add(); +}); From f7274addcd76efed48471fc2c4efd4c52044da7f Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Fri, 30 Dec 2016 04:08:32 -0800 Subject: [PATCH 64/88] Delete swapfile generator, haven't used this in a long time. Signed-off-by: Dan Schaper --- advanced/dphys-swapfile | 12 ------------ 1 file changed, 12 deletions(-) delete mode 100644 advanced/dphys-swapfile diff --git a/advanced/dphys-swapfile b/advanced/dphys-swapfile deleted file mode 100644 index d8225175..00000000 --- a/advanced/dphys-swapfile +++ /dev/null @@ -1,12 +0,0 @@ -# Pi-hole: A black hole for Internet advertisements -# (c) 2015, 2016 by Jacob Salmela -# Network-wide ad blocking via your Raspberry Pi -# http://pi-hole.net -# Swap file config -# -# Pi-hole is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 2 of the License, or -# (at your option) any later version. - -CONF_SWAPSIZE=500 From 09bbc81470a7bc32e222cb6e6a4c7391b5fd1fed Mon Sep 17 00:00:00 2001 From: DL6ER Date: Fri, 30 Dec 2016 12:27:33 +0000 Subject: [PATCH 65/88] Add notice that the user might have to flush his DNS cache --- advanced/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/index.php b/advanced/index.php index a36b65d4..8b816f1c 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -132,7 +132,7 @@ if($uri == "/") { // Reload page after 5 seconds setTimeout(function(){window.location.reload(1);}, 5000); - $( "#whitelistingoutput" ).html("---> Success <---"); + $( "#whitelistingoutput" ).html("---> Success <---
You may have to flush your DNS cache"); } else { From 5c7fc05a32b994cc6e313a7811bbabfcfc9032ac Mon Sep 17 00:00:00 2001 From: DL6ER Date: Fri, 30 Dec 2016 16:31:57 +0000 Subject: [PATCH 66/88] Enable DHCP logging by default --- advanced/Scripts/webpage.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index 92431cb6..7e3139f2 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -203,8 +203,8 @@ dhcp-range=${DHCP_START},${DHCP_END},${leasetime} dhcp-option=option:router,${DHCP_ROUTER} dhcp-leasefile=/etc/pihole/dhcp.leases domain=${PIHOLE_DOMAIN} -quiet-dhcp -quiet-dhcp6 +#quiet-dhcp +#quiet-dhcp6 #enable-ra dhcp-option=option6:dns-server,[::] dhcp-range=::100,::1ff,constructor:${interface},ra-names,slaac,${leasetime} From 089b98430fc4990b0faef1ffe66df5fe7ace590d Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Fri, 30 Dec 2016 12:59:05 -0500 Subject: [PATCH 67/88] Fix formatting --- advanced/index.php | 46 +++++++++++++++++++++++----------------------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/advanced/index.php b/advanced/index.php index 8b816f1c..0ce10a59 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -90,32 +90,32 @@ if($uri == "/") - + + - + +