1
0
mirror of https://github.com/pi-hole/pi-hole synced 2025-01-08 15:10:55 +00:00

Rewrite list functions to use the API

Signed-off-by: DL6ER <dl6er@dl6er.de>
This commit is contained in:
DL6ER 2024-06-19 23:04:39 +02:00
parent 92b15cf744
commit bfc18f8329
No known key found for this signature in database
GPG Key ID: 00135ACBD90B28DD
3 changed files with 164 additions and 232 deletions

View File

@ -75,12 +75,16 @@ TestAPIAvailability() {
} }
LoginAPI() { LoginAPI() {
if [ -z "${API_URL}" ]; then
TestAPIAvailability
fi
# Try to read the CLI password (if enabled and readable by the current user) # Try to read the CLI password (if enabled and readable by the current user)
if [ -r /etc/pihole/cli_pw ]; then if [ -r /etc/pihole/cli_pw ]; then
password=$(cat /etc/pihole/cli_pw) password=$(cat /etc/pihole/cli_pw)
# Try to authenticate using the CLI password # Try to authenticate using the CLI password
LoginAPI Authentication
fi fi
# If this did not work, ask the user for the password # If this did not work, ask the user for the password
@ -91,7 +95,7 @@ LoginAPI() {
secretRead; printf '\n' secretRead; printf '\n'
# Try to authenticate again # Try to authenticate again
LoginAPI Authentication
done done
} }
@ -144,6 +148,16 @@ GetFTLData() {
fi fi
} }
PostFTLData() {
local data response status
# send the data to the API
response=$(curl -skS -w "%{http_code}" -X POST "${API_URL}$1" --data-raw "$2" -H "Accept: application/json" -H "sid: ${SID}" )
# status are the last 3 characters
status=$(printf %s "${response#"${response%???}"}")
# data is everything from response without the last 3 characters
printf %s "${response%???}"
}
secretRead() { secretRead() {
# POSIX compliant function to read user-input and # POSIX compliant function to read user-input and

View File

@ -5,261 +5,187 @@
# (c) 2017 Pi-hole, LLC (https://pi-hole.net) # (c) 2017 Pi-hole, LLC (https://pi-hole.net)
# Network-wide ad blocking via your own hardware. # Network-wide ad blocking via your own hardware.
# #
# Whitelist and blacklist domains # allowlist and denylist domains
# #
# This file is copyright under the latest version of the EUPL. # This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license. # Please see LICENSE file for your rights under this license.
# Globals readonly PI_HOLE_SCRIPT_DIR="/opt/pihole"
piholeDir="/etc/pihole" readonly utilsfile="${PI_HOLE_SCRIPT_DIR}/utils.sh"
GRAVITYDB="${piholeDir}/gravity.db" source "${utilsfile}"
# Source pihole-FTL from install script
pihole_FTL="${piholeDir}/pihole-FTL.conf" readonly apifile="${PI_HOLE_SCRIPT_DIR}/api.sh"
if [[ -f "${pihole_FTL}" ]]; then source "${apifile}"
source "${pihole_FTL}"
# Determine database location
DBFILE=$(getFTLConfigValue "files.database")
if [ -z "$DBFILE" ]; then
DBFILE="/etc/pihole/pihole-FTL.db"
fi fi
# Set this only after sourcing pihole-FTL.conf as the gravity database path may # Determine gravity database location
# have changed GRAVITYDB=$(getFTLConfigValue "files.gravity")
gravityDBfile="${GRAVITYDB}" if [ -z "$GRAVITYDB" ]; then
GRAVITYDB="/etc/pihole/gravity.db"
fi
noReloadRequested=false
addmode=true addmode=true
verbose=true verbose=true
wildcard=false wildcard=false
web=false
domList=() domList=()
typeId="" typeId=""
comment="" comment=""
declare -i domaincount
domaincount=0
reload=false
colfile="/opt/pihole/COL_TABLE" colfile="/opt/pihole/COL_TABLE"
source ${colfile} source ${colfile}
# IDs are hard-wired to domain interpretation in the gravity database scheme
# Clients (including FTL) will read them through the corresponding views
readonly whitelist="0"
readonly blacklist="1"
readonly regex_whitelist="2"
readonly regex_blacklist="3"
GetListnameFromTypeId() {
if [[ "$1" == "${whitelist}" ]]; then
echo "whitelist"
elif [[ "$1" == "${blacklist}" ]]; then
echo "blacklist"
elif [[ "$1" == "${regex_whitelist}" ]]; then
echo "regex whitelist"
elif [[ "$1" == "${regex_blacklist}" ]]; then
echo "regex blacklist"
fi
}
GetListParamFromTypeId() {
if [[ "${typeId}" == "${whitelist}" ]]; then
echo "w"
elif [[ "${typeId}" == "${blacklist}" ]]; then
echo "b"
elif [[ "${typeId}" == "${regex_whitelist}" && "${wildcard}" == true ]]; then
echo "-white-wild"
elif [[ "${typeId}" == "${regex_whitelist}" ]]; then
echo "-white-regex"
elif [[ "${typeId}" == "${regex_blacklist}" && "${wildcard}" == true ]]; then
echo "-wild"
elif [[ "${typeId}" == "${regex_blacklist}" ]]; then
echo "-regex"
fi
}
helpFunc() { helpFunc() {
local listname param echo "Usage: pihole ${abbrv} [options] <domain> <domain2 ...>
Example: 'pihole ${abbrv} site.com', or 'pihole ${abbrv} site1.com site2.com'
listname="$(GetListnameFromTypeId "${typeId}")" ${typeId^} one or more ${kindId} domains
param="$(GetListParamFromTypeId)"
echo "Usage: pihole -${param} [options] <domain> <domain2 ...>
Example: 'pihole -${param} site.com', or 'pihole -${param} site1.com site2.com'
${listname^} one or more domains
Options: Options:
-d, --delmode Remove domain(s) from the ${listname} -d, --delmode Remove domain(s)
-nr, --noreload Update ${listname} without reloading the DNS server
-q, --quiet Make output less verbose -q, --quiet Make output less verbose
-h, --help Show this help dialog -h, --help Show this help dialog
-l, --list Display all your ${listname}listed domains -l, --list Display domains
--nuke Removes all entries in a list --nuke Removes all entries in a list
--comment \"text\" Add a comment to the domain. If adding multiple domains the same comment will be used for all" --comment \"text\" Add a comment to the domain. If adding multiple domains the same comment will be used for all"
exit 0 exit 0
} }
ValidateDomain() { CreateDomainList() {
# Convert to lowercase # Format domain into regex filter if requested
domain="${1,,}" local dom=${1}
local str validDomain if [[ "${wildcard}" == true ]]; then
dom="(\\.|^)${dom//\./\\.}$"
# Check validity of domain (don't check for regex entries)
if [[ ( "${typeId}" == "${regex_blacklist}" || "${typeId}" == "${regex_whitelist}" ) && "${wildcard}" == false ]]; then
validDomain="${domain}"
else
# Check max length
if [[ "${#domain}" -le 253 ]]; then
validDomain=$(grep -P "^((-|_)*[a-z\\d]((-|_)*[a-z\\d])*(-|_)*)(\\.(-|_)*([a-z\\d]((-|_)*[a-z\\d])*))*$" <<< "${domain}") # Valid chars check
validDomain=$(grep -P "^[^\\.]{1,63}(\\.[^\\.]{1,63})*$" <<< "${validDomain}") # Length of each label
# set error string
str="is not a valid argument or domain name!"
else
validDomain=
str="is too long!"
fi
fi fi
domList=("${domList[@]}" "${dom}")
if [[ -n "${validDomain}" ]]; then
domList=("${domList[@]}" "${validDomain}")
else
echo -e " ${CROSS} ${domain} ${str}"
fi
domaincount=$((domaincount+1))
}
ProcessDomainList() {
for dom in "${domList[@]}"; do
# Format domain into regex filter if requested
if [[ "${wildcard}" == true ]]; then
dom="(\\.|^)${dom//\./\\.}$"
fi
# Logic: If addmode then add to desired list and remove from the other;
# if delmode then remove from desired list but do not add to the other
if ${addmode}; then
AddDomain "${dom}"
else
RemoveDomain "${dom}"
fi
done
} }
AddDomain() { AddDomain() {
local domain num requestedListname existingTypeId existingListname local json num
domain="$1"
# Is the domain in the list we want to add it to? # Authenticate with the API
num="$(pihole-FTL sqlite3 -ni "${gravityDBfile}" "SELECT COUNT(*) FROM domainlist WHERE domain = '${domain}';")" LoginAPI
requestedListname="$(GetListnameFromTypeId "${typeId}")"
if [[ "${num}" -ne 0 ]]; then # Prepare request to POST /api/domains/{type}/{kind}
existingTypeId="$(pihole-FTL sqlite3 -ni "${gravityDBfile}" "SELECT type FROM domainlist WHERE domain = '${domain}';")" # Build JSON object of the following form
if [[ "${existingTypeId}" == "${typeId}" ]]; then # {
if [[ "${verbose}" == true ]]; then # "domain": [ <domains> ],
echo -e " ${INFO} ${1} already exists in ${requestedListname}, no need to add!" # "comment": <comment>
# }
# where <domains> is an array of domain strings and <comment> is a string
# We use jq to build the JSON object
json=$(jq --null-input --compact-output --arg domains "${domList[*]}" --arg comment "${comment}" '{domain: $domains | split(" "), comment: $comment}')
# Send the request
data=$(PostFTLData "domains/${typeId}/${kindId}" "${json}")
# Display domain(s) added
# (they are listed in .processed.success, use jq)
num=$(echo "${data}" | jq '.processed.success | length')
if [[ "${num}" -gt 0 ]] && [[ "${verbose}" == true ]]; then
echo -e " ${TICK} Added ${num} domain(s):"
for i in $(seq 0 $((num-1))); do
echo -e " - ${COL_BLUE}$(echo "${data}" | jq --raw-output ".processed.success[$i].item")${COL_NC}"
done
fi
# Display failed domain(s)
# (they are listed in .processed.errors, use jq)
num=$(echo "${data}" | jq '.processed.errors | length')
if [[ "${num}" -gt 0 ]] && [[ "${verbose}" == true ]]; then
echo -e " ${CROSS} Failed to add ${num} domain(s):"
for i in $(seq 0 $((num-1))); do
echo -e " - ${COL_BLUE}$(echo "${data}" | jq --raw-output ".processed.errors[$i].item")${COL_NC}"
error=$(echo "${data}" | jq --raw-output ".processed.errors[$i].error")
if [[ "${error}" == "UNIQUE constraint failed: domainlist.domain, domainlist.type" ]]; then
error="Domain already in the specified list"
fi fi
else echo -e " ${error}"
existingListname="$(GetListnameFromTypeId "${existingTypeId}")" done
pihole-FTL sqlite3 -ni "${gravityDBfile}" "UPDATE domainlist SET type = ${typeId} WHERE domain='${domain}';"
if [[ "${verbose}" == true ]]; then
echo -e " ${INFO} ${1} already exists in ${existingListname}, it has been moved to ${requestedListname}!"
fi
fi
return
fi fi
# Domain not found in the table, add it! # Log out
if [[ "${verbose}" == true ]]; then LogoutAPI
echo -e " ${INFO} Adding ${domain} to the ${requestedListname}..."
fi
reload=true
# Insert only the domain here. The enabled and date_added fields will be filled
# with their default values (enabled = true, date_added = current timestamp)
if [[ -z "${comment}" ]]; then
pihole-FTL sqlite3 -ni "${gravityDBfile}" "INSERT INTO domainlist (domain,type) VALUES ('${domain}',${typeId});"
else
# also add comment when variable has been set through the "--comment" option
pihole-FTL sqlite3 -ni "${gravityDBfile}" "INSERT INTO domainlist (domain,type,comment) VALUES ('${domain}',${typeId},'${comment}');"
fi
} }
RemoveDomain() { RemoveDomain() {
local domain num requestedListname local json num
domain="$1"
# Is the domain in the list we want to remove it from? # Authenticate with the API
num="$(pihole-FTL sqlite3 -ni "${gravityDBfile}" "SELECT COUNT(*) FROM domainlist WHERE domain = '${domain}' AND type = ${typeId};")" LoginAPI
requestedListname="$(GetListnameFromTypeId "${typeId}")" # Prepare request to POST /api/domains:batchDelete
# Build JSON object of the following form
# [{
# "item": <domain>,
# "type": "${typeId}",
# "kind": "${kindId}",
# }]
# where <domain> is the domain string and ${typeId} and ${kindId} are the type and kind IDs
# We use jq to build the JSON object)
json=$(jq --null-input --compact-output --arg domains "${domList[*]}" --arg typeId "${typeId}" --arg kindId "${kindId}" '[ $domains | split(" ")[] as $item | {item: $item, type: $typeId, kind: $kindId} ]')
if [[ "${num}" -eq 0 ]]; then # Send the request
if [[ "${verbose}" == true ]]; then data=$(PostFTLData "domains:batchDelete" "${json}")
echo -e " ${INFO} ${domain} does not exist in ${requestedListname}, no need to remove!"
fi # If there is an .error object in the returned data, display it
return local error
error=$(jq --compact-output <<< "${data}" '.error')
if [[ $error != "null" && $error != "" ]]; then
echo -e " ${CROSS} Failed to remove domain(s):"
echo -e " $(jq <<< "${data}" '.error')"
elif [[ "${verbose}" == true ]]; then
echo -e " ${TICK} Removed ${#domList[@]} domain(s):"
# Loop through the domains and display them
for dom in "${domList[@]}"; do
echo -e " - ${COL_BLUE}${dom}${COL_NC}"
done
fi fi
# Domain found in the table, remove it! # Log out
if [[ "${verbose}" == true ]]; then LogoutAPI
echo -e " ${INFO} Removing ${domain} from the ${requestedListname}..."
fi
reload=true
# Remove it from the current list
pihole-FTL sqlite3 -ni "${gravityDBfile}" "DELETE FROM domainlist WHERE domain = '${domain}' AND type = ${typeId};"
} }
Displaylist() { Displaylist() {
local count num_pipes domain enabled status nicedate requestedListname local data
requestedListname="$(GetListnameFromTypeId "${typeId}")" # if either typeId or kindId is empty, we cannot display the list
data="$(pihole-FTL sqlite3 -ni "${gravityDBfile}" "SELECT domain,enabled,date_modified FROM domainlist WHERE type = ${typeId};" 2> /dev/null)" if [[ -z "${typeId}" ]] || [[ -z "${kindId}" ]]; then
echo " ${CROSS} Unable to display list. Please specify a list type and kind."
if [[ -z $data ]]; then exit 1
echo -e "Not showing empty list"
else
echo -e "Displaying ${requestedListname}:"
count=1
while IFS= read -r line
do
# Count number of pipes seen in this line
# This is necessary because we can only detect the pipe separating the fields
# from the end backwards as the domain (which is the first field) may contain
# pipe symbols as they are perfectly valid regex filter control characters
num_pipes="$(grep -c "^" <<< "$(grep -o "|" <<< "${line}")")"
# Extract domain and enabled status based on the obtained number of pipe characters
domain="$(cut -d'|' -f"-$((num_pipes-1))" <<< "${line}")"
enabled="$(cut -d'|' -f"$((num_pipes))" <<< "${line}")"
datemod="$(cut -d'|' -f"$((num_pipes+1))" <<< "${line}")"
# Translate boolean status into human readable string
if [[ "${enabled}" -eq 1 ]]; then
status="enabled"
else
status="disabled"
fi
# Get nice representation of numerical date stored in database
nicedate=$(date --rfc-2822 -d "@${datemod}")
echo " ${count}: ${domain} (${status}, last modified ${nicedate})"
count=$((count+1))
done <<< "${data}"
fi fi
exit 0;
}
NukeList() { # Authenticate with the API
count=$(pihole-FTL sqlite3 -ni "${gravityDBfile}" "SELECT COUNT(1) FROM domainlist WHERE type = ${typeId};") LoginAPI
listname="$(GetListnameFromTypeId "${typeId}")"
if [ "$count" -gt 0 ];then # Send the request
pihole-FTL sqlite3 -ni "${gravityDBfile}" "DELETE FROM domainlist WHERE type = ${typeId};" data=$(GetFTLData "domains/${typeId}/${kindId}")
echo " ${TICK} Removed ${count} domain(s) from the ${listname}"
# Display the list
num=$(echo "${data}" | jq '.domains | length')
if [[ "${num}" -gt 0 ]]; then
echo -e " ${TICK} Found ${num} domain(s) in the ${kindId} ${typeId}list:"
for i in $(seq 0 $((num-1))); do
echo -e " - ${COL_BLUE}$(echo "${data}" | jq --compact-output ".domains[$i].domain")${COL_NC}"
echo -e " Comment: $(echo "${data}" | jq --compact-output ".domains[$i].comment")"
echo -e " Groups: $(echo "${data}" | jq --compact-output ".domains[$i].groups")"
echo -e " Added: $(date -d @"$(echo "${data}" | jq --compact-output ".domains[$i].date_added")")"
echo -e " Last modified: $(date -d @"$(echo "${data}" | jq --compact-output ".domains[$i].date_modified")")"
done
else else
echo " ${INFO} ${listname} already empty. Nothing to do!" echo -e " ${INFO} No domains found in the ${kindId} ${typeId}list"
fi fi
exit 0;
# Log out
LogoutAPI
# Return early without adding/deleting domains
exit 0
} }
GetComment() { GetComment() {
@ -272,38 +198,30 @@ GetComment() {
while (( "$#" )); do while (( "$#" )); do
case "${1}" in case "${1}" in
"-w" | "whitelist" ) typeId=0;; "-a" | "allowlist" ) kindId="exact"; typeId="allow"; abbrv="-a";;
"-b" | "blacklist" ) typeId=1;; "-b" | "denylist" ) kindId="exact"; typeId="deny"; abbrv="-b";;
"--white-regex" | "white-regex" ) typeId=2;; "--allow-regex" | "allow-regex" ) kindId="regex"; typeId="allow"; abbrv="--allow-regex";;
"--white-wild" | "white-wild" ) typeId=2; wildcard=true;; "--allow-wild" | "allow-wild" ) kindId="regex"; typeId="allow"; wildcard=true; abbrv="--allow-wild";;
"--wild" | "wildcard" ) typeId=3; wildcard=true;; "--regex" | "regex" ) kindId="regex"; typeId="deny"; abbrv="--regex";;
"--regex" | "regex" ) typeId=3;; "--wild" | "wildcard" ) kindId="regex"; typeId="deny"; wildcard=true; abbrv="--wild";;
"-nr"| "--noreload" ) noReloadRequested=true;;
"-d" | "--delmode" ) addmode=false;; "-d" | "--delmode" ) addmode=false;;
"-q" | "--quiet" ) verbose=false;; "-q" | "--quiet" ) verbose=false;;
"-h" | "--help" ) helpFunc;; "-h" | "--help" ) helpFunc;;
"-l" | "--list" ) Displaylist;; "-l" | "--list" ) Displaylist;;
"--nuke" ) NukeList;;
"--web" ) web=true;;
"--comment" ) GetComment "${2}"; shift;; "--comment" ) GetComment "${2}"; shift;;
* ) ValidateDomain "${1}";; * ) CreateDomainList "${1}";;
esac esac
shift shift
done done
shift shift
if [[ ${domaincount} == 0 ]]; then if [[ ${#domList[@]} == 0 ]]; then
helpFunc helpFunc
fi fi
ProcessDomainList if ${addmode}; then
AddDomain
# Used on web interface else
if $web; then RemoveDomain
echo "DONE"
fi
if [[ ${reload} == true && ${noReloadRequested} == false ]]; then
pihole restartdns reload-lists
fi fi

20
pihole
View File

@ -537,12 +537,12 @@ case "${1}" in
"tricorder" ) tricorderFunc;; "tricorder" ) tricorderFunc;;
# we need to add all arguments that require sudo power to not trigger the * argument # we need to add all arguments that require sudo power to not trigger the * argument
"-w" | "whitelist" ) ;; "-a" | "allowlist" ) need_root=0;;
"-b" | "blacklist" ) ;; "-b" | "blocklist" | "denylist" ) need_root=0;;
"--wild" | "wildcard" ) ;; "--wild" | "wildcard" ) need_root=0;;
"--regex" | "regex" ) ;; "--regex" | "regex" ) need_root=0;;
"--white-regex" | "white-regex" ) ;; "--allow-regex" | "allow-regex" ) need_root=0;;
"--white-wild" | "white-wild" ) ;; "--allow-wild" | "allow-wild" ) need_root=0;;
"-f" | "flush" ) ;; "-f" | "flush" ) ;;
"-up" | "updatePihole" ) ;; "-up" | "updatePihole" ) ;;
"-r" | "reconfigure" ) ;; "-r" | "reconfigure" ) ;;
@ -592,12 +592,12 @@ fi
# Handle redirecting to specific functions based on arguments # Handle redirecting to specific functions based on arguments
case "${1}" in case "${1}" in
"-w" | "whitelist" ) listFunc "$@";; "-a" | "allowlist" ) listFunc "$@";;
"-b" | "blacklist" ) listFunc "$@";; "-b" | "blocklist" | "denylist" ) listFunc "$@";;
"--wild" | "wildcard" ) listFunc "$@";; "--wild" | "wildcard" ) listFunc "$@";;
"--regex" | "regex" ) listFunc "$@";; "--regex" | "regex" ) listFunc "$@";;
"--white-regex" | "white-regex" ) listFunc "$@";; "--allow-regex" | "allow-regex" ) listFunc "$@";;
"--white-wild" | "white-wild" ) listFunc "$@";; "--allow-wild" | "allow-wild" ) listFunc "$@";;
"-d" | "debug" ) debugFunc "$@";; "-d" | "debug" ) debugFunc "$@";;
"-f" | "flush" ) flushFunc "$@";; "-f" | "flush" ) flushFunc "$@";;
"-up" | "updatePihole" ) updatePiholeFunc "$@";; "-up" | "updatePihole" ) updatePiholeFunc "$@";;