Merge branch 'development-v6' into query_list_v6

.github/workflows/codeql-analysis.yml

@@ -25,7 +25,7 @@ jobs:
     steps:
     -
       name: Checkout repository
-      uses: actions/checkout@v3.5.3
+      uses: actions/checkout@v4.1.0
     # Initializes the CodeQL tools for scanning.
     -
       name: Initialize CodeQL

.github/workflows/stale.yml

@@ -37,7 +37,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v3.5.3
+        uses: actions/checkout@v4.1.0
       - name: Remove 'stale' label
         run: gh issue edit ${{ github.event.issue.number }} --remove-label $stale_label
         env:

.github/workflows/sync-back-to-dev.yml

@@ -33,7 +33,7 @@ jobs:
     name: Syncing branches
     steps:
       - name: Checkout
-        uses: actions/checkout@v3.5.3
+        uses: actions/checkout@v4.1.0
       - name: Opening pull request
         run: gh pr create -B development -H master --title 'Sync master back into development' --body 'Created by Github action' --label 'internal'
         env:

.github/workflows/test.yml

@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v3.5.3
+        uses: actions/checkout@v4.1.0
 
       - name: Check scripts in repository are executable
         run: |
@@ -72,10 +72,10 @@ jobs:
       DISTRO: ${{matrix.distro}}
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v3.5.3
+        uses: actions/checkout@v4.1.0
 
       - name: Set up Python 3.10
-        uses: actions/setup-python@v4.7.0
+        uses: actions/setup-python@v4.7.1
         with:
           python-version: "3.10"
 

README.md

@@ -150,7 +150,7 @@ You can read our [Core Feature Breakdown](https://docs.pi-hole.net/core/pihole-c
 
 ### The Web Interface Dashboard
 
-This [optional dashboard](https://github.com/pi-hole/AdminLTE) allows you to view stats, change settings, and configure your Pi-hole. It's the power of the Command Line Interface, with none of the learning curve!
+This [optional dashboard](https://github.com/pi-hole/web) allows you to view stats, change settings, and configure your Pi-hole. It's the power of the Command Line Interface, with none of the learning curve!
 
 Some notable features include:
 

advanced/Scripts/chronometer.sh

@@ -225,7 +225,7 @@ get_sys_stats() {
         if [[ -n "${ph_ver_raw[0]}" ]]; then
             ph_core_ver="${ph_ver_raw[0]}"
             if [[ ${#ph_ver_raw[@]} -eq 2 ]]; then
-                # AdminLTE not installed
+                # web not installed
                 ph_lte_ver="(not installed)"
                 ph_ftl_ver="${ph_ver_raw[1]}"
             else

advanced/Scripts/database_migration/gravity-db.sh

@@ -134,4 +134,11 @@ upgrade_gravityDB(){
 		pihole-FTL sqlite3 "${database}" < "${scriptPath}/15_to_16.sql"
 		version=16
 	fi
+	if [[ "$version" == "16" ]]; then
+		# Add antigravity table
+		# Add column type to adlist table (to support adlist types)
+		echo -e "  ${INFO} Upgrading gravity database from version 16 to 17"
+		pihole-FTL sqlite3 "${database}" < "${scriptPath}/16_to_17.sql"
+		version=17
+	fi
 }

advanced/Scripts/database_migration/gravity/16_to_17.sql

@@ -0,0 +1,27 @@
+.timeout 30000
+
+PRAGMA FOREIGN_KEYS=OFF;
+
+BEGIN TRANSACTION;
+
+ALTER TABLE adlist ADD COLUMN type INTEGER NOT NULL DEFAULT 0;
+
+UPDATE adlist SET type = 0;
+
+CREATE VIEW vw_antigravity AS SELECT domain, adlist_by_group.group_id AS group_id
+    FROM antigravity
+    LEFT JOIN adlist_by_group ON adlist_by_group.adlist_id = antigravity.adlist_id
+    LEFT JOIN adlist ON adlist.id = antigravity.adlist_id
+    LEFT JOIN "group" ON "group".id = adlist_by_group.group_id
+    WHERE adlist.enabled = 1 AND (adlist_by_group.group_id IS NULL OR "group".enabled = 1) AND adlist.type = 1;
+
+DROP VIEW vw_adlist;
+
+CREATE VIEW vw_adlist AS SELECT DISTINCT address, id, type
+    FROM adlist
+    WHERE enabled = 1
+    ORDER BY id;
+
+UPDATE info SET value = 17 WHERE property = 'version';
+
+COMMIT;

advanced/Scripts/piholeDebug.sh

@@ -397,7 +397,7 @@ os_check() {
 }
 
 diagnose_operating_system() {
-    # error message in a variable so we can easily modify it later (or re-use it)
+    # error message in a variable so we can easily modify it later (or reuse it)
     local error_msg="Distribution unknown -- most likely you are on an unsupported platform and may run into issues."
     # Display the current test that is running
     echo_current_diagnostic "Operating system"
@@ -809,11 +809,15 @@ dig_at() {
         local record_type="A"
     fi
 
-    # Find a random blocked url that has not been whitelisted.
+    # Find a random blocked url that has not been whitelisted and is not ABP style.
     # This helps emulate queries to different domains that a user might query
     # It will also give extra assurance that Pi-hole is correctly resolving and blocking domains
     local random_url
-    random_url=$(pihole-FTL sqlite3 "${PIHOLE_GRAVITY_DB_FILE}" "SELECT domain FROM vw_gravity ORDER BY RANDOM() LIMIT 1")
+    random_url=$(pihole-FTL sqlite3 "${PIHOLE_GRAVITY_DB_FILE}" "SELECT domain FROM vw_gravity WHERE domain not like '||%^' ORDER BY RANDOM() LIMIT 1")
+    # Fallback if no non-ABP style domains were found
+    if [ -z "${random_url}" ]; then
+        random_url="flurry.com"
+    fi
 
     # Next we need to check if Pi-hole can resolve a domain when the query is sent to it's IP address
     # This better emulates how clients will interact with Pi-hole as opposed to above where Pi-hole is
@@ -1447,7 +1451,7 @@ upload_to_tricorder() {
     # If no token was generated
     else
         # Show an error and some help instructions
-        # Skip this if being called from web interface and autmatic mode was not chosen (users opt-out to upload)
+        # Skip this if being called from web interface and automatic mode was not chosen (users opt-out to upload)
         if [[ "${WEBCALL}" ]] && [[ ! "${AUTOMATED}" ]]; then
             :
         else

advanced/Scripts/update.sh

@@ -11,7 +11,7 @@
 # Please see LICENSE file for your rights under this license.
 
 # Variables
-readonly ADMIN_INTERFACE_GIT_URL="https://github.com/pi-hole/AdminLTE.git"
+readonly ADMIN_INTERFACE_GIT_URL="https://github.com/pi-hole/web.git"
 readonly ADMIN_INTERFACE_DIR="/var/www/html/admin"
 readonly PI_HOLE_GIT_URL="https://github.com/pi-hole/pi-hole.git"
 readonly PI_HOLE_FILES_DIR="/etc/.pihole"

advanced/Scripts/updatecheck.sh

@@ -91,10 +91,10 @@ addOrEditKeyValPair "${VERSION_FILE}" "WEB_BRANCH" "${WEB_BRANCH}"
 WEB_HASH="$(get_local_hash /var/www/html/admin)"
 addOrEditKeyValPair "${VERSION_FILE}" "WEB_HASH" "${WEB_HASH}"
 
-GITHUB_WEB_VERSION="$(get_remote_version AdminLTE)"
+GITHUB_WEB_VERSION="$(get_remote_version web)"
 addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_WEB_VERSION" "${GITHUB_WEB_VERSION}"
 
-GITHUB_WEB_HASH="$(get_remote_hash AdminLTE "${WEB_BRANCH}")"
+GITHUB_WEB_HASH="$(get_remote_hash web "${WEB_BRANCH}")"
 addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_WEB_HASH" "${GITHUB_WEB_HASH}"
 
 # get FTL versions

advanced/Scripts/version.sh

@@ -24,7 +24,7 @@ fi
 getLocalVersion() {
     case ${1} in
         "Pi-hole"   )  echo "${CORE_VERSION:=N/A}";;
-        "AdminLTE"  )  echo "${WEB_VERSION:=N/A}";;
+        "web"  )  echo "${WEB_VERSION:=N/A}";;
         "FTL"       )  echo "${FTL_VERSION:=N/A}";;
     esac
 }
@@ -32,7 +32,7 @@ getLocalVersion() {
 getLocalHash() {
     case ${1} in
         "Pi-hole"   )  echo "${CORE_HASH:=N/A}";;
-        "AdminLTE"  )  echo "${WEB_HASH:=N/A}";;
+        "web"  )  echo "${WEB_HASH:=N/A}";;
         "FTL"       )  echo "${FTL_HASH:=N/A}";;
     esac
 }
@@ -40,7 +40,7 @@ getLocalHash() {
 getRemoteHash(){
     case ${1} in
         "Pi-hole"   )  echo "${GITHUB_CORE_HASH:=N/A}";;
-        "AdminLTE"  )  echo "${GITHUB_WEB_HASH:=N/A}";;
+        "web"  )  echo "${GITHUB_WEB_HASH:=N/A}";;
         "FTL"       )  echo "${GITHUB_FTL_HASH:=N/A}";;
     esac
 }
@@ -48,7 +48,7 @@ getRemoteHash(){
 getRemoteVersion(){
     case ${1} in
         "Pi-hole"   )  echo "${GITHUB_CORE_VERSION:=N/A}";;
-        "AdminLTE"  )  echo "${GITHUB_WEB_VERSION:=N/A}";;
+        "web"  )  echo "${GITHUB_WEB_VERSION:=N/A}";;
         "FTL"       )  echo "${GITHUB_FTL_VERSION:=N/A}";;
     esac
 }
@@ -56,7 +56,7 @@ getRemoteVersion(){
 getLocalBranch(){
     case ${1} in
         "Pi-hole"   )  echo "${CORE_BRANCH:=N/A}";;
-        "AdminLTE"  )  echo "${WEB_BRANCH:=N/A}";;
+        "web"  )  echo "${WEB_BRANCH:=N/A}";;
         "FTL"       )  echo "${FTL_BRANCH:=N/A}";;
     esac
 }
@@ -107,7 +107,7 @@ errorOutput() {
 
 defaultOutput() {
     versionOutput "Pi-hole" "$@"
-    versionOutput "AdminLTE" "$@"
+    versionOutput "web" "$@"
     versionOutput "FTL" "$@"
 }
 
@@ -118,7 +118,7 @@ Show Pi-hole, Admin Console & FTL versions
 
 Repositories:
   -p, --pihole         Only retrieve info regarding Pi-hole repository
-  -a, --admin          Only retrieve info regarding AdminLTE repository
+  -a, --admin          Only retrieve info regarding web repository
   -f, --ftl            Only retrieve info regarding FTL repository
 
 Options:
@@ -131,7 +131,7 @@ Options:
 
 case "${1}" in
     "-p" | "--pihole"    ) shift; versionOutput "Pi-hole" "$@";;
-    "-a" | "--admin"     ) shift; versionOutput "AdminLTE" "$@";;
+    "-a" | "--admin"     ) shift; versionOutput "web" "$@";;
     "-f" | "--ftl"       ) shift; versionOutput "FTL" "$@";;
     "-h" | "--help"      ) helpFunc;;
     *                    ) defaultOutput "$@";;

advanced/Scripts/webpage.sh

@@ -1,100 +0,0 @@
-#!/usr/bin/env bash
-# shellcheck disable=SC1090
-# shellcheck disable=SC2154
-
-
-# Pi-hole: A black hole for Internet advertisements
-# (c) 2017 Pi-hole, LLC (https://pi-hole.net)
-# Network-wide ad blocking via your own hardware.
-#
-# Web interface settings
-#
-# This file is copyright under the latest version of the EUPL.
-# Please see LICENSE file for your rights under this license.
-
-# TODO - this entire file might be able to be removed in v6
-
-readonly dnsmasqconfig="/etc/dnsmasq.d/01-pihole.conf"
-readonly dhcpconfig="/etc/dnsmasq.d/02-pihole-dhcp.conf"
-readonly FTLconf="/etc/pihole/pihole-FTL.conf"
-# 03 -> wildcards
-readonly dhcpstaticconfig="/etc/dnsmasq.d/04-pihole-static-dhcp.conf"
-readonly dnscustomfile="/etc/pihole/custom.list"
-readonly dnscustomcnamefile="/etc/dnsmasq.d/05-pihole-custom-cname.conf"
-
-readonly gravityDBfile="/etc/pihole/gravity.db"
-
-
-readonly setupVars="/etc/pihole/setupVars.conf"
-readonly PI_HOLE_BIN_DIR="/usr/local/bin"
-
-# Root of the web server
-readonly webroot="/var/www/html"
-
-# Source utils script
-utilsfile="/opt/pihole/utils.sh"
-source "${utilsfile}"
-
-coltable="/opt/pihole/COL_TABLE"
-if [[ -f ${coltable} ]]; then
-    source ${coltable}
-fi
-
-helpFunc() {
-    echo "Usage: pihole -a [options]
-Example: pihole -a -p password
-Set options for the API/Web interface
-
-Options:
-  -p, password                    Set API/Web interface password
-  -h, --help                      Show this help dialog"
-    exit 0
-}
-
-# TODO: We can probably remove the reliance on this function too, just tell people to pihole-FTL --config webserver.api.password "password"
-SetWebPassword() {
-    if (( ${#args[2]} > 0 )) ; then
-        readonly PASSWORD="${args[2]}"
-        readonly CONFIRM="${PASSWORD}"
-    else
-        # Prevents a bug if the user presses Ctrl+C and it continues to hide the text typed.
-        # So we reset the terminal via stty if the user does press Ctrl+C
-        trap '{ echo -e "\nNot changed" ; stty sane ; exit 1; }' INT
-        read -s -r -p "Enter New Password (Blank for no password): " PASSWORD
-        echo ""
-
-        if [ "${PASSWORD}" == "" ]; then
-            setFTLConfigValue "webserver.api.pwhash" "" >/dev/null
-            echo -e "  ${TICK} Password Removed"
-            exit 0
-        fi
-
-        read -s -r -p "Confirm Password: " CONFIRM
-        echo ""
-    fi
-
-    if [ "${PASSWORD}" == "${CONFIRM}" ] ; then
-        # pihole-FTL will automatically hash the password
-        setFTLConfigValue "webserver.api.password" "${PASSWORD}" >/dev/null
-        echo -e "  ${TICK} New password set"
-    else
-        echo -e "  ${CROSS} Passwords don't match. Your password has not been changed"
-        exit 1
-    fi
-}
-
-main() {
-    args=("$@")
-
-    case "${args[1]}" in
-        "-p" | "password"     ) SetWebPassword;;
-        "-h" | "--help"       ) helpFunc;;
-        *                     ) helpFunc;;
-    esac
-
-    shift
-
-    if [[ $# = 0 ]]; then
-        helpFunc
-    fi
-}

advanced/Templates/gravity.db.sql

@@ -36,7 +36,8 @@ CREATE TABLE adlist
 	number INTEGER NOT NULL DEFAULT 0,
 	invalid_domains INTEGER NOT NULL DEFAULT 0,
 	status INTEGER NOT NULL DEFAULT 0,
-	abp_entries INTEGER NOT NULL DEFAULT 0
+	abp_entries INTEGER NOT NULL DEFAULT 0,
+	type INTEGER NOT NULL DEFAULT 0
 );
 
 CREATE TABLE adlist_by_group
@@ -52,13 +53,19 @@ CREATE TABLE gravity
 	adlist_id INTEGER NOT NULL REFERENCES adlist (id)
 );
 
+CREATE TABLE antigravity
+(
+	domain TEXT NOT NULL,
+	adlist_id INTEGER NOT NULL REFERENCES adlist (id)
+);
+
 CREATE TABLE info
 (
 	property TEXT PRIMARY KEY,
 	value TEXT NOT NULL
 );
 
-INSERT INTO "info" VALUES('version','16');
+INSERT INTO "info" VALUES('version','17');
 
 CREATE TABLE domain_audit
 (
@@ -144,7 +151,14 @@ CREATE VIEW vw_gravity AS SELECT domain, adlist_by_group.group_id AS group_id
     LEFT JOIN "group" ON "group".id = adlist_by_group.group_id
     WHERE adlist.enabled = 1 AND (adlist_by_group.group_id IS NULL OR "group".enabled = 1);
 
-CREATE VIEW vw_adlist AS SELECT DISTINCT address, id
+CREATE VIEW vw_antigravity AS SELECT domain, adlist_by_group.group_id AS group_id
+    FROM antigravity
+    LEFT JOIN adlist_by_group ON adlist_by_group.adlist_id = antigravity.adlist_id
+    LEFT JOIN adlist ON adlist.id = antigravity.adlist_id
+    LEFT JOIN "group" ON "group".id = adlist_by_group.group_id
+    WHERE adlist.enabled = 1 AND (adlist_by_group.group_id IS NULL OR "group".enabled = 1) AND adlist.type = 1;
+
+CREATE VIEW vw_adlist AS SELECT DISTINCT address, id, type
     FROM adlist
     WHERE enabled = 1
     ORDER BY id;

advanced/Templates/pihole-FTL-prestart.sh

@@ -9,22 +9,26 @@ utilsfile="${PI_HOLE_SCRIPT_DIR}/utils.sh"
 # Get file paths
 FTL_PID_FILE="$(getFTLPIDFile)"
 
-# Touch files to ensure they exist (create if non-existing, preserve if existing)
+# Ensure that permissions are set so that pihole-FTL can edit all necessary files
 # shellcheck disable=SC2174
-mkdir -pm 0755 /run/pihole /var/log/pihole
+mkdir -pm 0640 /var/log/pihole
+chown -R pihole:pihole /etc/pihole /var/log/pihole
+chmod -R 0640 /var/log/pihole
+chmod -R 0660 /etc/pihole
+
+# allow all users to enter the directories
+chmod 0755 /etc/pihole /var/log/pihole
+
+# allow pihole to access subdirs in /etc/pihole (sets execution bit on dirs)
+# credits https://stackoverflow.com/a/11512211
+find /etc/pihole -type d -exec chmod 0755 {} \;
+
+# Touch files to ensure they exist (create if non-existing, preserve if existing)
 [ -f "${FTL_PID_FILE}" ] || install -D -m 644 -o pihole -g pihole /dev/null "${FTL_PID_FILE}"
-[ -f /var/log/pihole/FTL.log ] || install -m 644 -o pihole -g pihole /dev/null /var/log/pihole/FTL.log
+[ -f /var/log/pihole/FTL.log ] || install -m 640 -o pihole -g pihole /dev/null /var/log/pihole/FTL.log
 [ -f /var/log/pihole/pihole.log ] || install -m 640 -o pihole -g pihole /dev/null /var/log/pihole/pihole.log
 [ -f /etc/pihole/dhcp.leases ] || install -m 644 -o pihole -g pihole /dev/null /etc/pihole/dhcp.leases
-# Ensure that permissions are set so that pihole-FTL can edit all necessary files
-chown pihole:pihole /run/pihole /etc/pihole /var/log/pihole /var/log/pihole/FTL.log /var/log/pihole/pihole.log /etc/pihole/dhcp.leases
-# Ensure that permissions are set so that pihole-FTL can edit the files. We ignore errors as the file may not (yet) exist
-chmod -f 0644 /etc/pihole/macvendor.db /etc/pihole/dhcp.leases /var/log/pihole/FTL.log
-chmod -f 0640 /var/log/pihole/pihole.log
-# Chown database files to the user FTL runs as. We ignore errors as the files may not (yet) exist
-chown -f pihole:pihole /etc/pihole/pihole-FTL.db /etc/pihole/gravity.db /etc/pihole/macvendor.db
-# Chmod database file permissions so that the pihole group (web interface) can edit the file. We ignore errors as the files may not (yet) exist
-chmod -f 0664 /etc/pihole/pihole-FTL.db
+
 
 # Backward compatibility for user-scripts that still expect log files in /var/log instead of /var/log/pihole
 # Should be removed with Pi-hole v6.0

automated install/basic-install.sh

@@ -64,11 +64,11 @@ webroot="/var/www/html"
 
 
 # We clone (or update) two git repositories during the install. This helps to make sure that we always have the latest versions of the relevant files.
-# AdminLTE is used to set up the Web admin interface.
+# web is used to set up the Web admin interface.
 # Pi-hole contains various setup scripts and files which are critical to the installation.
 # Search for "PI_HOLE_LOCAL_REPO" in this file to see all such scripts.
 # Two notable scripts are gravity.sh (used to generate the HOSTS file) and advanced/Scripts/webpage.sh (used to install the Web admin interface)
-webInterfaceGitUrl="https://github.com/pi-hole/AdminLTE.git"
+webInterfaceGitUrl="https://github.com/pi-hole/web.git"
 webInterfaceDir="${webroot}/admin"
 piholeGitUrl="https://github.com/pi-hole/pi-hole.git"
 PI_HOLE_LOCAL_REPO="/etc/.pihole"
@@ -1094,7 +1094,7 @@ installConfigs() {
 
     # Install empty custom.list file if it does not exist
     if [[ ! -r "${PI_HOLE_CONFIG_DIR}/custom.list" ]]; then
-        if ! install -o root -m 644 /dev/null "${PI_HOLE_CONFIG_DIR}/custom.list" &>/dev/null; then
+        if ! install -o pihole -g pihole -m 660 /dev/null "${PI_HOLE_CONFIG_DIR}/custom.list" &>/dev/null; then
             printf "  %b Error: Unable to initialize configuration file %s/custom.list\\n" "${COL_LIGHT_RED}" "${PI_HOLE_CONFIG_DIR}"
             return 1
         fi
@@ -2203,7 +2203,7 @@ main() {
     # Check for and disable systemd-resolved-DNSStubListener before reloading resolved
     # DNSStubListener needs to remain in place for installer to download needed files,
     # so this change needs to be made after installation is complete,
-    # but before starting or resarting the ftl service
+    # but before starting or restarting the ftl service
     disable_resolved_stublistener
 
     printf "  %b Restarting services...\\n" "${INFO}"

gravity.sh

@@ -178,7 +178,7 @@ database_table_from_file() {
         echo "${rowid},\"${domain}\",${timestamp}" >> "${tmpFile}"
       elif [[ "${table}" == "adlist" ]]; then
         # Adlist table format
-        echo "${rowid},\"${domain}\",1,${timestamp},${timestamp},\"Migrated from ${src}\",,0,0,0,0" >> "${tmpFile}"
+        echo "${rowid},\"${domain}\",1,${timestamp},${timestamp},\"Migrated from ${src}\",,0,0,0,0,0" >> "${tmpFile}"
       else
         # White-, black-, and regexlist table format
         echo "${rowid},${list_type},\"${domain}\",1,${timestamp},${timestamp},\"Migrated from ${src}\"" >> "${tmpFile}"
@@ -361,6 +361,7 @@ gravity_DownloadBlocklists() {
   # We source only enabled adlists, SQLite3 stores boolean values as 0 (false) or 1 (true)
   mapfile -t sources <<< "$(pihole-FTL sqlite3 "${gravityDBfile}" "SELECT address FROM vw_adlist;" 2> /dev/null)"
   mapfile -t sourceIDs <<< "$(pihole-FTL sqlite3 "${gravityDBfile}" "SELECT id FROM vw_adlist;" 2> /dev/null)"
+  mapfile -t sourceTypes <<< "$(pihole-FTL sqlite3 "${gravityDBfile}" "SELECT type FROM vw_adlist;" 2> /dev/null)"
 
   # Parse source domains from $sources
   mapfile -t sourceDomains <<< "$(
@@ -382,7 +383,7 @@ gravity_DownloadBlocklists() {
     unset sources
   fi
 
-  local url domain agent str target compression
+  local url domain str target compression adlist_type
   echo ""
 
   # Prepare new gravity database
@@ -433,14 +434,20 @@ gravity_DownloadBlocklists() {
     url="${sources[$i]}"
     domain="${sourceDomains[$i]}"
     id="${sourceIDs[$i]}"
+    if [[ "${sourceTypes[$i]}" -eq "0" ]]; then
+      # Gravity list
+      str="blocklist"
+      adlist_type="gravity"
+    else
+      # AntiGravity list
+      str="allowlist"
+      adlist_type="antigravity"
+    fi
 
     # Save the file as list.#.domain
     saveLocation="${piholeDir}/list.${id}.${domain}.${domainsExtension}"
     activeDomains[$i]="${saveLocation}"
 
-    # Default user-agent (for Cloudflare's Browser Integrity Check: https://support.cloudflare.com/hc/en-us/articles/200170086-What-does-the-Browser-Integrity-Check-do-)
-    agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36"
-
     echo -e "  ${INFO} Target: ${url}"
     local regex check_url
     # Check for characters NOT allowed in URLs
@@ -453,7 +460,7 @@ gravity_DownloadBlocklists() {
     if [[ "${check_url}" =~ ${regex} ]]; then
       echo -e "  ${CROSS} Invalid Target"
     else
-      gravity_DownloadBlocklistFromUrl "${url}" "${agent}" "${sourceIDs[$i]}" "${saveLocation}" "${target}" "${compression}"
+      gravity_DownloadBlocklistFromUrl "${url}" "${sourceIDs[$i]}" "${saveLocation}" "${target}" "${compression}" "${adlist_type}"
     fi
     echo ""
   done
@@ -485,7 +492,7 @@ compareLists() {
 
 # Download specified URL and perform checks on HTTP status and file content
 gravity_DownloadBlocklistFromUrl() {
-  local url="${1}" agent="${2}" adlistID="${3}" saveLocation="${4}" target="${5}" compression="${6}"
+  local url="${1}" adlistID="${2}" saveLocation="${3}" target="${4}" compression="${5}" gravity_type="${6}"
   local heisenbergCompensator="" listCurlBuffer str httpCode success="" ip cmd_ext
 
   # Create temp file to store content on disk instead of RAM
@@ -545,7 +552,7 @@ gravity_DownloadBlocklistFromUrl() {
   fi
 
   # shellcheck disable=SC2086
-  httpCode=$(curl --connect-timeout ${curl_connect_timeout} -s -L ${compression} ${cmd_ext} ${heisenbergCompensator} -w "%{http_code}" -A "${agent}" "${url}" -o "${listCurlBuffer}" 2> /dev/null)
+  httpCode=$(curl --connect-timeout ${curl_connect_timeout} -s -L ${compression} ${cmd_ext} ${heisenbergCompensator} -w "%{http_code}" "${url}" -o "${listCurlBuffer}" 2> /dev/null)
 
   case $url in
     # Did we "download" a local file?
@@ -579,7 +586,7 @@ gravity_DownloadBlocklistFromUrl() {
   if [[ "${success}" == true ]]; then
     if [[ "${httpCode}" == "304" ]]; then
       # Add domains to database table file
-      pihole-FTL gravity parseList "${saveLocation}" "${gravityTEMPfile}" "${adlistID}"
+      pihole-FTL ${gravity_type} parseList "${saveLocation}" "${gravityTEMPfile}" "${adlistID}"
       database_adlist_status "${adlistID}" "2"
       done="true"
     # Check if $listCurlBuffer is a non-zero length file
@@ -589,7 +596,7 @@ gravity_DownloadBlocklistFromUrl() {
       # Remove curl buffer file after its use
       rm "${listCurlBuffer}"
       # Add domains to database table file
-      pihole-FTL gravity parseList "${saveLocation}" "${gravityTEMPfile}" "${adlistID}"
+      pihole-FTL ${gravity_type} parseList "${saveLocation}" "${gravityTEMPfile}" "${adlistID}"
       # Compare lists, are they identical?
       compareLists "${adlistID}" "${saveLocation}"
       done="true"
@@ -605,7 +612,7 @@ gravity_DownloadBlocklistFromUrl() {
     if [[ -r "${saveLocation}" ]]; then
       echo -e "  ${CROSS} List download failed: ${COL_LIGHT_GREEN}using previously cached list${COL_NC}"
       # Add domains to database table file
-      pihole-FTL gravity parseList "${saveLocation}" "${gravityTEMPfile}" "${adlistID}"
+      pihole-FTL ${gravity_type} parseList "${saveLocation}" "${gravityTEMPfile}" "${adlistID}"
       database_adlist_status "${adlistID}" "3"
     else
       echo -e "  ${CROSS} List download failed: ${COL_LIGHT_RED}no cached list available${COL_NC}"
@@ -668,10 +675,10 @@ gravity_ShowCount() {
   # Here we use the table "gravity" instead of the view "vw_gravity" for speed.
   # It's safe to replace it here, because right after a gravity run both will show the exactly same number of domains.
   gravity_Table_Count "gravity" "gravity domains" ""
-  gravity_Table_Count "vw_blacklist" "exact blacklisted domains"
-  gravity_Table_Count "vw_regex_blacklist" "regex blacklist filters"
-  gravity_Table_Count "vw_whitelist" "exact whitelisted domains"
-  gravity_Table_Count "vw_regex_whitelist" "regex whitelist filters"
+  gravity_Table_Count "vw_blacklist" "exact denied domains"
+  gravity_Table_Count "vw_regex_blacklist" "regex denied filters"
+  gravity_Table_Count "vw_whitelist" "exact allowed domains"
+  gravity_Table_Count "vw_regex_whitelist" "regex allowed filters"
 }
 
 # Create "localhost" entries into hosts format

manpages/pihole.8

@@ -212,7 +212,7 @@ Available commands and options:
 .br
       -p, --pihole      Only retrieve info regarding Pi-hole repository
 .br
-      -a, --admin       Only retrieve info regarding AdminLTE
+      -a, --admin       Only retrieve info regarding web
                         repository
 .br
       -f, --ftl         Only retrieve info regarding FTL repository
@@ -339,7 +339,7 @@ Displaying version information
 
 \fBpihole -v -a -c\fR
 .br
-    Display the current version of AdminLTE
+    Display the current version of web
 .br
 
 Temporarily disabling Pi-hole

pihole

@@ -30,10 +30,36 @@ if [ -f "${versionsfile}" ]; then
     source "${versionsfile}"
 fi
 
-webpageFunc() {
-  source "${PI_HOLE_SCRIPT_DIR}/webpage.sh"
-  main "$@"
-  exit 0
+# TODO: We can probably remove the reliance on this function too, just tell people to pihole-FTL --config webserver.api.password "password"
+SetWebPassword() {
+    if [ -n "$2" ] ; then
+        readonly PASSWORD="$2"
+        readonly CONFIRM="${PASSWORD}"
+    else
+        # Prevents a bug if the user presses Ctrl+C and it continues to hide the text typed.
+        # So we reset the terminal via stty if the user does press Ctrl+C
+        trap '{ echo -e "\nNot changed" ; stty sane ; exit 1; }' INT
+        read -s -r -p "Enter New Password (Blank for no password): " PASSWORD
+        echo ""
+
+        if [ "${PASSWORD}" == "" ]; then
+            setFTLConfigValue "webserver.api.pwhash" "" >/dev/null
+            echo -e "  ${TICK} Password Removed"
+            exit 0
+        fi
+
+        read -s -r -p "Confirm Password: " CONFIRM
+        echo ""
+    fi
+
+    if [ "${PASSWORD}" == "${CONFIRM}" ] ; then
+        # pihole-FTL will automatically hash the password
+        setFTLConfigValue "webserver.api.password" "${PASSWORD}" >/dev/null
+        echo -e "  ${TICK} New password set"
+    else
+        echo -e "  ${CROSS} Passwords don't match. Your password has not been changed"
+        exit 1
+    fi
 }
 
 listFunc() {
@@ -387,26 +413,30 @@ tailFunc() {
 }
 
 piholeCheckoutFunc() {
-  if [[ "$2" == "-h" ]] || [[ "$2" == "--help" ]]; then
-    echo "Usage: pihole checkout [repo] [branch]
-Example: 'pihole checkout master' or 'pihole checkout core dev'
-Switch Pi-hole subsystems to a different GitHub branch
-
-Repositories:
-  core [branch]       Change the branch of Pi-hole's core subsystem
-  web [branch]        Change the branch of Web Interface subsystem
-  ftl [branch]        Change the branch of Pi-hole's FTL subsystem
-
-Branches:
-  master              Update subsystems to the latest stable release
-  dev                 Update subsystems to the latest development release
-  branchname          Update subsystems to the specified branchname"
-    exit 0
-  fi
+  if [ -n "${DOCKER_VERSION}" ]; then
+    unsupportedFunc
+  else
+    if [[ "$2" == "-h" ]] || [[ "$2" == "--help" ]]; then
+      echo "Usage: pihole checkout [repo] [branch]
+  Example: 'pihole checkout master' or 'pihole checkout core dev'
+  Switch Pi-hole subsystems to a different GitHub branch
+
+  Repositories:
+    core [branch]       Change the branch of Pi-hole's core subsystem
+    web [branch]        Change the branch of Web Interface subsystem
+    ftl [branch]        Change the branch of Pi-hole's FTL subsystem
+
+  Branches:
+    master              Update subsystems to the latest stable release
+    dev                 Update subsystems to the latest development release
+    branchname          Update subsystems to the specified branchname"
+      exit 0
+    fi
 
-  source "${PI_HOLE_SCRIPT_DIR}"/piholeCheckout.sh
-  shift
-  checkout "$@"
+    source "${PI_HOLE_SCRIPT_DIR}"/piholeCheckout.sh
+    shift
+    checkout "$@"
+  fi
 }
 
 tricorderFunc() {
@@ -466,8 +496,7 @@ Debugging Options:
 
 
 Options:
-  -a, admin           Web interface options
-                        Add '-h' for more info on Web Interface usage
+  setpassword           set the password for the web interface
   -c, chronometer     Calculates stats and displays to an LCD
                         Add '-h' for more info on chronometer usage
   -g, updateGravity   Update the list of ad-serving domains
@@ -526,7 +555,7 @@ case "${1}" in
   "restartdns"                  ) ;;
   "-g" | "updateGravity"        ) need_root=0;;
   "reloaddns"                   ) need_root=0;;
-  "-a" | "admin"                ) ;;
+  "setpassword"                 ) ;;
   "checkout"                    ) ;;
   "updatechecker"               ) ;;
   "arpflush"                    ) ;;
@@ -581,7 +610,7 @@ case "${1}" in
   "disable"                     ) piholeEnable 0 "$2";;
   "restartdns"                  ) restartDNS "$2";;
   "reloaddns"                   ) restartDNS "reload";;
-  "-a" | "admin"                ) webpageFunc "$@";;
+  "setpassword"                 ) SetWebPassword "$@";;
   "checkout"                    ) piholeCheckoutFunc "$@";;
   "updatechecker"               ) shift; updateCheckFunc "$@";;
   "arpflush"                    ) arpFunc "$@";;

test/requirements.txt

@@ -1,6 +1,6 @@
 pyyaml == 6.0.1
-pytest == 7.4.0
+pytest == 7.4.2
 pytest-xdist == 3.3.1
-pytest-testinfra == 8.1.0
-tox == 4.6.4
+pytest-testinfra == 9.0.0
+tox == 4.11.3