From 54d0b9a1b88d1af6f2d3dece156e7d853a991fb1 Mon Sep 17 00:00:00 2001 From: XhmikosR Date: Sat, 7 Dec 2019 13:46:14 +0200 Subject: [PATCH 01/72] Serve JS files with utf-8 charset too Signed-off-by: XhmikosR --- advanced/lighttpd.conf.debian | 2 +- advanced/lighttpd.conf.fedora | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/advanced/lighttpd.conf.debian b/advanced/lighttpd.conf.debian index 2215bbdb..f96c2d4b 100644 --- a/advanced/lighttpd.conf.debian +++ b/advanced/lighttpd.conf.debian @@ -49,7 +49,7 @@ mimetype.assign = ( ".png" => "image/png", ".jpeg" => "image/jpeg", ".html" => "text/html", ".css" => "text/css; charset=utf-8", - ".js" => "application/javascript", + ".js" => "application/javascript; charset=utf-8", ".json" => "application/json", ".txt" => "text/plain", ".svg" => "image/svg+xml" ) diff --git a/advanced/lighttpd.conf.fedora b/advanced/lighttpd.conf.fedora index 4232c90f..22299248 100644 --- a/advanced/lighttpd.conf.fedora +++ b/advanced/lighttpd.conf.fedora @@ -51,7 +51,7 @@ mimetype.assign = ( ".png" => "image/png", ".jpeg" => "image/jpeg", ".html" => "text/html", ".css" => "text/css; charset=utf-8", - ".js" => "application/javascript", + ".js" => "application/javascript; charset=utf-8", ".json" => "application/json", ".txt" => "text/plain", ".svg" => "image/svg+xml" ) From b0f133365744f1341418f8da08bb25869d021111 Mon Sep 17 00:00:00 2001 From: pvogt09 <50047961+pvogt09@users.noreply.github.com> Date: Fri, 14 Feb 2020 20:41:43 +0100 Subject: [PATCH 02/72] Move permission change behind git reset (like in update_repo()) and remove whitespace at end of line Signed-off-by: pvogt09 <50047961+pvogt09@users.noreply.github.com> --- automated install/basic-install.sh | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 6b0927de..b9275190 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -426,8 +426,6 @@ make_repo() { fi # Clone the repo and return the return code from this command git clone -q --depth 20 "${remoteRepo}" "${directory}" &> /dev/null || return $? - # Data in the repositories is public anyway so we can make it readable by everyone (+r to keep executable permission if already set by git) - chmod -R a+rX "${directory}" # Move into the directory that was passed as an argument pushd "${directory}" &> /dev/null || return 1 # Check current branch. If it is master, then reset to the latest availible tag. @@ -438,7 +436,8 @@ make_repo() { fi # Show a colored message showing it's status printf "%b %b %s\\n" "${OVER}" "${TICK}" "${str}" - + # Data in the repositories is public anyway so we can make it readable by everyone (+r to keep executable permission if already set by git) + chmod -R a+rX "${directory}" # Move back into the original directory popd &> /dev/null || return 1 return 0 From d16b47259213d389075e3aa0be9f780519c6d1df Mon Sep 17 00:00:00 2001 From: msamendinger Date: Sun, 1 Mar 2020 21:47:56 +0100 Subject: [PATCH 03/72] Remove wget from PIHOLE_DEPS All external calls have been moved to curl, wget no longer needed as dependency Signed-off-by: msamendinger --- automated install/basic-install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 65c72b40..5aaa4a75 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -244,7 +244,7 @@ if is_command apt-get ; then # These programs are stored in an array so they can be looped through later INSTALLER_DEPS=(dhcpcd5 git "${iproute_pkg}" whiptail) # Pi-hole itself has several dependencies that also need to be installed - PIHOLE_DEPS=(cron curl dnsutils iputils-ping lsof netcat psmisc sudo unzip wget idn2 sqlite3 libcap2-bin dns-root-data resolvconf libcap2) + PIHOLE_DEPS=(cron curl dnsutils iputils-ping lsof netcat psmisc sudo unzip idn2 sqlite3 libcap2-bin dns-root-data resolvconf libcap2) # The Web dashboard has some that also need to be installed # It's useful to separate the two since our repos are also setup as "Core" code and "Web" code PIHOLE_WEB_DEPS=(lighttpd "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-${phpSqlite}" "${phpVer}-xml" "php-intl") @@ -286,7 +286,7 @@ elif is_command rpm ; then PKG_INSTALL=("${PKG_MANAGER}" install -y) PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l" INSTALLER_DEPS=(git iproute newt procps-ng which chkconfig) - PIHOLE_DEPS=(bind-utils cronie curl findutils nmap-ncat sudo unzip wget libidn2 psmisc sqlite libcap) + PIHOLE_DEPS=(bind-utils cronie curl findutils nmap-ncat sudo unzip libidn2 psmisc sqlite libcap) PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php-common php-cli php-pdo php-xml php-json php-intl) LIGHTTPD_USER="lighttpd" LIGHTTPD_GROUP="lighttpd" From 4a711340ef203221e18e31eb05c16aa89512eb60 Mon Sep 17 00:00:00 2001 From: jnozsc Date: Mon, 2 Mar 2020 23:30:44 -0800 Subject: [PATCH 04/72] use py3 instead py2 (#3153) * use py3 instead py2 Signed-off-by: jnozsc * use python 3.6 Signed-off-by: jnozsc --- .travis.yml | 2 +- test/conftest.py | 14 ++++++-------- test/test_000_build_containers.py | 4 ++-- test/test_automated_install.py | 10 +++++----- test/test_centos_fedora_support.py | 3 +-- test/test_shellcheck.py | 2 +- tox.ini | 2 +- 7 files changed, 17 insertions(+), 20 deletions(-) diff --git a/.travis.yml b/.travis.yml index fa525e01..274c28cb 100644 --- a/.travis.yml +++ b/.travis.yml @@ -3,7 +3,7 @@ services: - docker language: python python: - - "2.7" + - "3.6" install: - pip install -r requirements.txt diff --git a/test/conftest.py b/test/conftest.py index 58530d38..5b8be41e 100644 --- a/test/conftest.py +++ b/test/conftest.py @@ -14,9 +14,9 @@ SETUPVARS = { 'PIHOLE_DNS_2': '4.2.2.2' } -tick_box = "[\x1b[1;32m\xe2\x9c\x93\x1b[0m]".decode("utf-8") -cross_box = "[\x1b[1;31m\xe2\x9c\x97\x1b[0m]".decode("utf-8") -info_box = "[i]".decode("utf-8") +tick_box = "[\x1b[1;32m\u2713\x1b[0m]" +cross_box = "[\x1b[1;31m\u2717\x1b[0m]" +info_box = "[i]" @pytest.fixture @@ -38,9 +38,7 @@ def Pihole(Docker): return out funcType = type(Docker.run) - Docker.run = funcType(run_bash, - Docker, - testinfra.backend.docker.DockerBackend) + Docker.run = funcType(run_bash, Docker) return Docker @@ -106,7 +104,7 @@ def mock_command(script, args, container): #!/bin/bash -e echo "\$0 \$@" >> /var/log/{script} case "\$1" in'''.format(script=script)) - for k, v in args.iteritems(): + for k, v in args.items(): case = dedent(''' {arg}) echo {res} @@ -133,7 +131,7 @@ def mock_command_2(script, args, container): #!/bin/bash -e echo "\$0 \$@" >> /var/log/{script} case "\$1 \$2" in'''.format(script=script)) - for k, v in args.iteritems(): + for k, v in args.items(): case = dedent(''' \"{arg}\") echo \"{res}\" diff --git a/test/test_000_build_containers.py b/test/test_000_build_containers.py index e9e9e7db..bca67989 100644 --- a/test/test_000_build_containers.py +++ b/test/test_000_build_containers.py @@ -18,6 +18,6 @@ run_local = testinfra.get_backend( def test_build_pihole_image(image, tag): build_cmd = run_local('docker build -f {} -t {} .'.format(image, tag)) if build_cmd.rc != 0: - print build_cmd.stdout - print build_cmd.stderr + print(build_cmd.stdout) + print(build_cmd.stderr) assert build_cmd.rc == 0 diff --git a/test/test_automated_install.py b/test/test_automated_install.py index 567ea241..4e9a7eef 100644 --- a/test/test_automated_install.py +++ b/test/test_automated_install.py @@ -1,6 +1,6 @@ from textwrap import dedent import re -from conftest import ( +from .conftest import ( SETUPVARS, tick_box, info_box, @@ -34,7 +34,7 @@ def test_setupVars_are_sourced_to_global_scope(Pihole): This confirms the sourced variables are in scope between functions ''' setup_var_file = 'cat < /etc/pihole/setupVars.conf\n' - for k, v in SETUPVARS.iteritems(): + for k, v in SETUPVARS.items(): setup_var_file += "{}={}\n".format(k, v) setup_var_file += "EOF\n" Pihole.run(setup_var_file) @@ -59,7 +59,7 @@ def test_setupVars_are_sourced_to_global_scope(Pihole): output = run_script(Pihole, script).stdout - for k, v in SETUPVARS.iteritems(): + for k, v in SETUPVARS.items(): assert "{}={}".format(k, v) in output @@ -69,7 +69,7 @@ def test_setupVars_saved_to_file(Pihole): ''' # dedent works better with this and padding matching script below set_setup_vars = '\n' - for k, v in SETUPVARS.iteritems(): + for k, v in SETUPVARS.items(): set_setup_vars += " {}={}\n".format(k, v) Pihole.run(set_setup_vars).stdout @@ -88,7 +88,7 @@ def test_setupVars_saved_to_file(Pihole): output = run_script(Pihole, script).stdout - for k, v in SETUPVARS.iteritems(): + for k, v in SETUPVARS.items(): assert "{}={}".format(k, v) in output diff --git a/test/test_centos_fedora_support.py b/test/test_centos_fedora_support.py index aee16212..4b405920 100644 --- a/test/test_centos_fedora_support.py +++ b/test/test_centos_fedora_support.py @@ -1,10 +1,9 @@ import pytest -from conftest import ( +from .conftest import ( tick_box, info_box, cross_box, mock_command, - mock_command_2, ) diff --git a/test/test_shellcheck.py b/test/test_shellcheck.py index 43e8ad6f..919ad2b9 100644 --- a/test/test_shellcheck.py +++ b/test/test_shellcheck.py @@ -14,5 +14,5 @@ def test_scripts_pass_shellcheck(): "shellcheck -x \"$file\" -e SC1090,SC1091; " "done;") results = run_local(shellcheck) - print results.stdout + print(results.stdout) assert '' == results.stdout diff --git a/tox.ini b/tox.ini index e7916e04..249575b6 100644 --- a/tox.ini +++ b/tox.ini @@ -1,5 +1,5 @@ [tox] -envlist = py27 +envlist = py36 [testenv] whitelist_externals = docker From 497bfd80a5419e9057305dbc4f0ed281a917756c Mon Sep 17 00:00:00 2001 From: DL6ER Date: Mon, 9 Mar 2020 00:38:53 +0100 Subject: [PATCH 05/72] Update development from release/v5.0 (#3200) * Use bash regex instead of awk. Signed-off-by: Dan Schaper * Fix incorrect type description. (#3201) Signed-off-by: DL6ER Co-authored-by: Dan Schaper --- advanced/Scripts/piholeDebug.sh | 2 +- advanced/Scripts/query.sh | 10 ++++++---- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 28d34ab6..304dc666 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -1116,7 +1116,7 @@ show_adlists() { } show_domainlist() { - show_db_entries "Domainlist (0/1 = exact/regex whitelist, 2/3 = exact/regex blacklist)" "SELECT id,type,domain,enabled,datetime(date_added,'unixepoch','localtime') date_added,datetime(date_modified,'unixepoch','localtime') date_modified,comment FROM domainlist" "4 4 100 7 19 19 50" + show_db_entries "Domainlist (0/1 = exact white-/blacklist, 2/3 = regex white-/blacklist)" "SELECT id,type,domain,enabled,datetime(date_added,'unixepoch','localtime') date_added,datetime(date_modified,'unixepoch','localtime') date_modified,comment FROM domainlist" "4 4 100 7 19 19 50" show_db_entries "Domainlist groups" "SELECT * FROM domainlist_by_group" "10 10" } diff --git a/advanced/Scripts/query.sh b/advanced/Scripts/query.sh index a96129e0..7518e6c4 100755 --- a/advanced/Scripts/query.sh +++ b/advanced/Scripts/query.sh @@ -33,15 +33,17 @@ scanList(){ export LC_CTYPE=C # /dev/null forces filename to be printed when only one list has been generated - # shellcheck disable=SC2086 case "${type}" in "exact" ) grep -i -E -l "(^|(?/dev/null;; - # Create array of regexps # Iterate through each regexp and check whether it matches the domainQuery # If it does, print the matching regexp and continue looping # Input 1 - regexps | Input 2 - domainQuery - "regex" ) awk 'NR==FNR{regexps[$0];next}{for (r in regexps)if($0 ~ r)print r}' \ - <(echo "${lists}") <(echo "${domain}") 2>/dev/null;; + "regex" ) + for list in ${lists}; do + if [[ "${domain}" =~ ${list} ]]; then + printf "%b\n" "${list}"; + fi + done;; * ) grep -i "${esc_domain}" ${lists} /dev/null 2>/dev/null;; esac } From 7b8611ced064bb5f697a633f01e58828eb6e2e46 Mon Sep 17 00:00:00 2001 From: XhmikosR Date: Mon, 9 Mar 2020 01:53:14 +0200 Subject: [PATCH 06/72] Assorted typo fixes. (#3126) * Assorted typo fixes. Signed-off-by: XhmikosR Co-authored-by: Dan Schaper --- .github/ISSUE_TEMPLATE.md | 4 ++-- .gitignore | 2 +- advanced/Scripts/COL_TABLE | 4 ++-- advanced/Scripts/chronometer.sh | 10 +++++----- advanced/Scripts/piholeCheckout.sh | 4 ++-- advanced/Scripts/piholeDebug.sh | 20 ++++++++++---------- advanced/Scripts/setupLCD.sh | 2 +- advanced/blockingpage.css | 4 ++-- advanced/dnsmasq.conf.original | 12 ++++++------ advanced/index.php | 6 +++--- automated install/basic-install.sh | 12 ++++++------ automated install/uninstall.sh | 6 +++--- gravity.sh | 6 +++--- pihole | 6 +++--- test/README.md | 4 ++-- test/test_automated_install.py | 8 ++++---- 16 files changed, 55 insertions(+), 55 deletions(-) diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md index 4a9c585a..bef9f73c 100644 --- a/.github/ISSUE_TEMPLATE.md +++ b/.github/ISSUE_TEMPLATE.md @@ -9,11 +9,11 @@ `{Replace this with a number from 1 to 10. 1 being not familiar, and 10 being very familiar}` --- -**Expected behaviour:** +**Expected behavior:** `{A detailed description of what you expect to see}` -**Actual behaviour:** +**Actual behavior:** `{A detailed description and/or screenshots of what you do see}` diff --git a/.gitignore b/.gitignore index 1e80dfb8..b7ad1e41 100644 --- a/.gitignore +++ b/.gitignore @@ -15,7 +15,7 @@ __pycache__ # Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and Webstorm # Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839 -# All idea files, with execptions +# All idea files, with exceptions .idea !.idea/codeStyles/* !.idea/codeStyleSettings.xml diff --git a/advanced/Scripts/COL_TABLE b/advanced/Scripts/COL_TABLE index 57aab4dd..d76be68c 100644 --- a/advanced/Scripts/COL_TABLE +++ b/advanced/Scripts/COL_TABLE @@ -1,7 +1,7 @@ -# Determine if terminal is capable of showing colours +# Determine if terminal is capable of showing colors if [[ -t 1 ]] && [[ $(tput colors) -ge 8 ]]; then # Bold and underline may not show up on all clients - # If something MUST be emphasised, use both + # If something MUST be emphasized, use both COL_BOLD='' COL_ULINE='' diff --git a/advanced/Scripts/chronometer.sh b/advanced/Scripts/chronometer.sh index 1a4ce993..757df9be 100755 --- a/advanced/Scripts/chronometer.sh +++ b/advanced/Scripts/chronometer.sh @@ -72,7 +72,7 @@ printFunc() { # Remove excess characters from main text if [[ "$text_main_len" -gt "$text_main_max_len" ]]; then - # Trim text without colours + # Trim text without colors text_main_trim="${text_main_nocol:0:$text_main_max_len}" # Replace with trimmed text text_main="${text_main/$text_main_nocol/$text_main_trim}" @@ -88,7 +88,7 @@ printFunc() { [[ "$spc_num" -le 0 ]] && spc_num="0" spc=$(printf "%${spc_num}s") - #spc="${spc// /.}" # Debug: Visualise spaces + #spc="${spc// /.}" # Debug: Visualize spaces printf "%s%s$spc" "$title" "$text_main" @@ -131,7 +131,7 @@ get_init_stats() { printf "%s%02d:%02d:%02d\\n" "$days" "$hrs" "$mins" "$secs" } - # Set Colour Codes + # Set Color Codes coltable="/opt/pihole/COL_TABLE" if [[ -f "${coltable}" ]]; then source ${coltable} @@ -269,7 +269,7 @@ get_sys_stats() { scr_lines="${scr_size[0]}" scr_cols="${scr_size[1]}" - # Determine Chronometer size behaviour + # Determine Chronometer size behavior if [[ "$scr_cols" -ge 58 ]]; then chrono_width="large" elif [[ "$scr_cols" -gt 40 ]]; then @@ -308,7 +308,7 @@ get_sys_stats() { [[ "${cpu_freq}" == *".0"* ]] && cpu_freq="${cpu_freq/.0/}" fi - # Determine colour for temperature + # Determine color for temperature if [[ -n "$temp_file" ]]; then if [[ "$temp_unit" == "C" ]]; then cpu_temp=$(printf "%.0fc\\n" "$(calcFunc "$(< $temp_file) / 1000")") diff --git a/advanced/Scripts/piholeCheckout.sh b/advanced/Scripts/piholeCheckout.sh index 31009dd9..042a3c02 100644 --- a/advanced/Scripts/piholeCheckout.sh +++ b/advanced/Scripts/piholeCheckout.sh @@ -36,7 +36,7 @@ warning1() { return 0 ;; *) - echo -e "\\n ${INFO} Branch change has been cancelled" + echo -e "\\n ${INFO} Branch change has been canceled" return 1 ;; esac @@ -84,7 +84,7 @@ checkout() { echo -e " ${INFO} Shortcut \"dev\" detected - checking out development / devel branches..." echo "" echo -e " ${INFO} Pi-hole Core" - fetch_checkout_pull_branch "${PI_HOLE_FILES_DIR}" "development" || { echo " ${CROSS} Unable to pull Core developement branch"; exit 1; } + fetch_checkout_pull_branch "${PI_HOLE_FILES_DIR}" "development" || { echo " ${CROSS} Unable to pull Core development branch"; exit 1; } if [[ "${INSTALL_WEB_INTERFACE}" == "true" ]]; then echo "" echo -e " ${INFO} Web interface" diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 304dc666..4e137f8d 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -138,7 +138,7 @@ PIHOLE_FTL_LOG="$(get_ftl_conf_value "LOGFILE" "${LOG_DIRECTORY}/pihole-FTL.log" PIHOLE_WEB_SERVER_ACCESS_LOG_FILE="${WEB_SERVER_LOG_DIRECTORY}/access.log" PIHOLE_WEB_SERVER_ERROR_LOG_FILE="${WEB_SERVER_LOG_DIRECTORY}/error.log" -# An array of operating system "pretty names" that we officialy support +# An array of operating system "pretty names" that we officially support # We can loop through the array at any time to see if it matches a value #SUPPORTED_OS=("Raspbian" "Ubuntu" "Fedora" "Debian" "CentOS") @@ -300,7 +300,7 @@ compare_local_version_to_git_version() { if [[ "${remote_branch}" == "master" ]]; then # so the color of the text is green log_write "${INFO} Branch: ${COL_GREEN}${remote_branch}${COL_NC}" - # If it is any other branch, they are in a developement branch + # If it is any other branch, they are in a development branch else # So show that in yellow, signifying it's something to take a look at, but not a critical error log_write "${INFO} Branch: ${COL_YELLOW}${remote_branch:-Detached}${COL_NC} (${FAQ_CHECKOUT_COMMAND})" @@ -357,7 +357,7 @@ check_component_versions() { get_program_version() { local program_name="${1}" - # Create a loval variable so this function can be safely reused + # Create a local variable so this function can be safely reused local program_version echo_current_diagnostic "${program_name} version" # Evalutate the program we are checking, if it is any of the ones below, show the version @@ -747,7 +747,7 @@ check_x_headers() { # Do it for the dashboard as well, as the header is different than above local dashboard dashboard=$(curl -Is localhost/admin/ | awk '/X-Pi-hole/' | tr -d '\r') - # Store what the X-Header shoud be in variables for comparision later + # Store what the X-Header shoud be in variables for comparison later local block_page_working block_page_working="X-Pi-hole: A black hole for Internet advertisements." local dashboard_working @@ -818,7 +818,7 @@ dig_at() { # First, do a dig on localhost to see if Pi-hole can use itself to block a domain if local_dig=$(dig +tries=1 +time=2 -"${protocol}" "${random_url}" @${local_address} +short "${record_type}"); then - # If it can, show sucess + # If it can, show success log_write "${TICK} ${random_url} ${COL_GREEN}is ${local_dig}${COL_NC} via ${COL_CYAN}localhost$COL_NC (${local_address})" else # Otherwise, show a failure @@ -969,7 +969,7 @@ check_name_resolution() { # This function can check a directory exists # Pi-hole has files in several places, so we will reuse this function dir_check() { - # Set the first argument passed to tihs function as a named variable for better readability + # Set the first argument passed to this function as a named variable for better readability local directory="${1}" # Display the current test that is running echo_current_diagnostic "contents of ${COL_CYAN}${directory}${COL_NC}" @@ -987,14 +987,14 @@ dir_check() { } list_files_in_dir() { - # Set the first argument passed to tihs function as a named variable for better readability + # Set the first argument passed to this function as a named variable for better readability local dir_to_parse="${1}" # Store the files found in an array mapfile -t files_found < <(ls "${dir_to_parse}") # For each file in the array, for each_file in "${files_found[@]}"; do if [[ -d "${dir_to_parse}/${each_file}" ]]; then - # If it's a directoy, do nothing + # If it's a directory, do nothing : elif [[ "${dir_to_parse}/${each_file}" == "${PIHOLE_DEBUG_LOG}" ]] || \ [[ "${dir_to_parse}/${each_file}" == "${PIHOLE_RAW_BLOCKLIST_FILES}" ]] || \ @@ -1190,7 +1190,7 @@ analyze_pihole_log() { # So first check if there are domains in the log that should be obfuscated if [[ -n ${line_to_obfuscate} ]]; then # If there are, we need to use awk to replace only the domain name (the 6th field in the log) - # so we substitue the domain for the placeholder value + # so we substitute the domain for the placeholder value obfuscated_line=$(echo "${line_to_obfuscate}" | awk -v placeholder="${OBFUSCATED_PLACEHOLDER}" '{sub($6,placeholder); print $0}') log_write " ${obfuscated_line}" else @@ -1238,7 +1238,7 @@ upload_to_tricorder() { log_write " * The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only." log_write " * For more information, see: ${TRICORDER_CONTEST}" log_write " * If available, we'll use openssl to upload the log, otherwise it will fall back to netcat." - # If pihole -d is running automatically (usually throught the dashboard) + # If pihole -d is running automatically (usually through the dashboard) if [[ "${AUTOMATED}" ]]; then # let the user know log_write "${INFO} Debug script running in automated mode" diff --git a/advanced/Scripts/setupLCD.sh b/advanced/Scripts/setupLCD.sh index 00eb963f..e8f14f06 100755 --- a/advanced/Scripts/setupLCD.sh +++ b/advanced/Scripts/setupLCD.sh @@ -20,7 +20,7 @@ getInitSys() { elif [ -f /etc/init.d/cron ] && [ ! -h /etc/init.d/cron ]; then SYSTEMD=0 else - echo "Unrecognised init system" + echo "Unrecognized init system" return 1 fi } diff --git a/advanced/blockingpage.css b/advanced/blockingpage.css index e74844d1..5fd858fb 100644 --- a/advanced/blockingpage.css +++ b/advanced/blockingpage.css @@ -14,7 +14,7 @@ #bpOutput.add:before { content: "Info"; } #bpOutput.add:after { content: "The domain is being whitelisted..."; } #bpOutput.error:before, .unhandled:before { content: "Error"; } -#bpOutput.unhandled:after { content: "An unhandled exception occured. This may happen when your browser is unable to load jQuery, or when the webserver is denying access to the Pi-hole API."; } +#bpOutput.unhandled:after { content: "An unhandled exception occurred. This may happen when your browser is unable to load jQuery, or when the webserver is denying access to the Pi-hole API."; } #bpOutput.success:before { content: "Success"; } #bpOutput.success:after { content: "Website has been whitelisted! You may need to flush your DNS cache"; } @@ -325,7 +325,7 @@ main { box-shadow: inset 0 3px 5px rgba(0,0,0,0.125); } -/* Input border colour */ +/* Input border color */ .buttons *:not([disabled]):hover, .buttons input:focus { border-color: rgba(0,0,0,0.25); } diff --git a/advanced/dnsmasq.conf.original b/advanced/dnsmasq.conf.original index 9e4cc92e..6758f0b8 100644 --- a/advanced/dnsmasq.conf.original +++ b/advanced/dnsmasq.conf.original @@ -46,7 +46,7 @@ #resolv-file= # By default, dnsmasq will send queries to any of the upstream -# servers it knows about and tries to favour servers to are known +# servers it knows about and tries to favor servers to are known # to be up. Uncommenting this forces dnsmasq to try each query # with each server strictly in the order they appear in # /etc/resolv.conf @@ -189,7 +189,7 @@ # add names to the DNS for the IPv6 address of SLAAC-configured dual-stack # hosts. Use the DHCPv4 lease to derive the name, network segment and # MAC address and assume that the host will also have an -# IPv6 address calculated using the SLAAC alogrithm. +# IPv6 address calculated using the SLAAC algorithm. #dhcp-range=1234::, ra-names # Do Router Advertisements, BUT NOT DHCP for this subnet. @@ -210,7 +210,7 @@ #dhcp-range=1234::, ra-stateless, ra-names # Do router advertisements for all subnets where we're doing DHCPv6 -# Unless overriden by ra-stateless, ra-names, et al, the router +# Unless overridden by ra-stateless, ra-names, et al, the router # advertisements will have the M and O bits set, so that the clients # get addresses and configuration from DHCPv6, and the A bit reset, so the # clients don't use SLAAC addresses. @@ -281,7 +281,7 @@ # Give a fixed IPv6 address and name to client with # DUID 00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2 # Note the MAC addresses CANNOT be used to identify DHCPv6 clients. -# Note also the they [] around the IPv6 address are obilgatory. +# Note also the they [] around the IPv6 address are obligatory. #dhcp-host=id:00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2, fred, [1234::5] # Ignore any clients which are not specified in dhcp-host lines @@ -404,14 +404,14 @@ #dhcp-option=vendor:MSFT,2,1i # Send the Encapsulated-vendor-class ID needed by some configurations of -# Etherboot to allow is to recognise the DHCP server. +# Etherboot to allow is to recognize the DHCP server. #dhcp-option=vendor:Etherboot,60,"Etherboot" # Send options to PXELinux. Note that we need to send the options even # though they don't appear in the parameter request list, so we need # to use dhcp-option-force here. # See http://syslinux.zytor.com/pxe.php#special for details. -# Magic number - needed before anything else is recognised +# Magic number - needed before anything else is recognized #dhcp-option-force=208,f1:00:74:7e # Configuration file name #dhcp-option-force=209,configs/common diff --git a/advanced/index.php b/advanced/index.php index b0c4a7c3..3b1de8d8 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -6,7 +6,7 @@ * This file is copyright under the latest version of the EUPL. * Please see LICENSE file for your rights under this license. */ -// Sanitise HTTP_HOST output +// Sanitize HTTP_HOST output $serverName = htmlspecialchars($_SERVER["HTTP_HOST"]); // Remove external ipv6 brackets if any $serverName = preg_replace('/^\[(.*)\]$/', '${1}', $serverName); @@ -68,7 +68,7 @@ if ($serverName === "pi.hole") { // Unset variables so as to not be included in $landPage unset($serverName, $svPasswd, $svEmail, $authorizedHosts, $validExtTypes, $currentUrlExt, $viewPort); - // Render splash/landing page when directly browsing via IP or authorised hostname + // Render splash/landing page when directly browsing via IP or authorized hostname exit($renderPage); } elseif ($currentUrlExt === "js") { // Serve Pi-hole Javascript for blocked domains requesting JS @@ -209,7 +209,7 @@ $phVersion = exec("cd /etc/.pihole/ && git describe --long --tags"); if (explode("-", $phVersion)[1] != "0") $execTime = microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"]; -// Please Note: Text is added via CSS to allow an admin to provide a localised +// Please Note: Text is added via CSS to allow an admin to provide a localized // language without the need to edit this file setHeader(); diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 5aaa4a75..14c68250 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -430,8 +430,8 @@ make_repo() { chmod -R a+rX "${directory}" # Move into the directory that was passed as an argument pushd "${directory}" &> /dev/null || return 1 - # Check current branch. If it is master, then reset to the latest availible tag. - # In case extra commits have been added after tagging/release (i.e in case of metadata updates/README.MD tweaks) + # Check current branch. If it is master, then reset to the latest available tag. + # In case extra commits have been added after tagging/release (i.e in case of metadata updates/README.MD tweaks) curBranch=$(git rev-parse --abbrev-ref HEAD) if [[ "${curBranch}" == "master" ]]; then #If we're calling make_repo() then it should always be master, we may not need to check. git reset --hard "$(git describe --abbrev=0 --tags)" || return $? @@ -466,8 +466,8 @@ update_repo() { git clean --quiet --force -d || true # Okay for already clean directory # Pull the latest commits git pull --quiet &> /dev/null || return $? - # Check current branch. If it is master, then reset to the latest availible tag. - # In case extra commits have been added after tagging/release (i.e in case of metadata updates/README.MD tweaks) + # Check current branch. If it is master, then reset to the latest available tag. + # In case extra commits have been added after tagging/release (i.e in case of metadata updates/README.MD tweaks) curBranch=$(git rev-parse --abbrev-ref HEAD) if [[ "${curBranch}" == "master" ]]; then git reset --hard "$(git describe --abbrev=0 --tags)" || return $? @@ -819,13 +819,13 @@ It is also possible to use a DHCP reservation, but if you are going to do that, # Ask for the IPv4 address IPV4_ADDRESS=$(whiptail --backtitle "Calibrating network interface" --title "IPv4 address" --inputbox "Enter your desired IPv4 address" "${r}" "${c}" "${IPV4_ADDRESS}" 3>&1 1>&2 2>&3) || \ - # Cancelling IPv4 settings window + # Canceling IPv4 settings window { ipSettingsCorrect=False; echo -e " ${COL_LIGHT_RED}Cancel was selected, exiting installer${COL_NC}"; exit 1; } printf " %b Your static IPv4 address: %s\\n" "${INFO}" "${IPV4_ADDRESS}" # Ask for the gateway IPv4gw=$(whiptail --backtitle "Calibrating network interface" --title "IPv4 gateway (router)" --inputbox "Enter your desired IPv4 default gateway" "${r}" "${c}" "${IPv4gw}" 3>&1 1>&2 2>&3) || \ - # Cancelling gateway settings window + # Canceling gateway settings window { ipSettingsCorrect=False; echo -e " ${COL_LIGHT_RED}Cancel was selected, exiting installer${COL_NC}"; exit 1; } printf " %b Your static IPv4 gateway: %s\\n" "${INFO}" "${IPv4gw}" diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh index 2d6837b4..01ce9c39 100755 --- a/automated install/uninstall.sh +++ b/automated install/uninstall.sh @@ -14,8 +14,8 @@ while true; do read -rp " ${QST} Are you sure you would like to remove ${COL_WHITE}Pi-hole${COL_NC}? [y/N] " yn case ${yn} in [Yy]* ) break;; - [Nn]* ) echo -e "${OVER} ${COL_LIGHT_GREEN}Uninstall has been cancelled${COL_NC}"; exit 0;; - * ) echo -e "${OVER} ${COL_LIGHT_GREEN}Uninstall has been cancelled${COL_NC}"; exit 0;; + [Nn]* ) echo -e "${OVER} ${COL_LIGHT_GREEN}Uninstall has been canceled${COL_NC}"; exit 0;; + * ) echo -e "${OVER} ${COL_LIGHT_GREEN}Uninstall has been canceled${COL_NC}"; exit 0;; esac done @@ -52,7 +52,7 @@ if [[ "${INSTALL_WEB_SERVER}" == true ]]; then DEPS+=("${PIHOLE_WEB_DEPS[@]}") fi -# Compatability +# Compatibility if [ -x "$(command -v apt-get)" ]; then # Debian Family PKG_REMOVE=("${PKG_MANAGER}" -y remove --purge) diff --git a/gravity.sh b/gravity.sh index c421e832..78b5ef98 100755 --- a/gravity.sh +++ b/gravity.sh @@ -271,7 +271,7 @@ gravity_CheckDNSResolutionAvailable() { fi # If the /etc/resolv.conf contains resolvers other than 127.0.0.1 then the local dnsmasq will not be queried and pi.hole is NXDOMAIN. - # This means that even though name resolution is working, the getent hosts check fails and the holddown timer keeps ticking and eventualy fails + # This means that even though name resolution is working, the getent hosts check fails and the holddown timer keeps ticking and eventually fails # So we check the output of the last command and if it failed, attempt to use dig +short as a fallback if timeout 4 dig +short "${lookupDomain}" &> /dev/null; then if [[ -n "${secs:-}" ]]; then @@ -561,7 +561,7 @@ gravity_ParseFileIntoDomains() { # Determine if we are parsing a consolidated list #if [[ "${source}" == "${piholeDir}/${matterAndLight}" ]]; then # Remove comments and print only the domain name - # Most of the lists downloaded are already in hosts file format but the spacing/formating is not contigious + # Most of the lists downloaded are already in hosts file format but the spacing/formating is not contiguous # This helps with that and makes it easier to read # It also helps with debugging so each stage of the script can be researched more in depth # 1) Remove carriage returns @@ -742,7 +742,7 @@ gravity_Cleanup() { dnsWasOffline=true fi - # Print Pi-hole status if an error occured + # Print Pi-hole status if an error occurred if [[ -n "${error}" ]]; then "${PIHOLE_COMMAND}" status exit 1 diff --git a/pihole b/pihole index 6e72b4a3..9624105a 100755 --- a/pihole +++ b/pihole @@ -302,9 +302,9 @@ tailFunc() { source /etc/pihole/setupVars.conf # Strip date from each line - # Colour blocklist/blacklist/wildcard entries as red - # Colour A/AAAA/DHCP strings as white - # Colour everything else as gray + # Color blocklist/blacklist/wildcard entries as red + # Color A/AAAA/DHCP strings as white + # Color everything else as gray tail -f /var/log/pihole.log | sed -E \ -e "s,($(date +'%b %d ')| dnsmasq\[[0-9]*\]),,g" \ -e "s,(.*(blacklisted |gravity blocked ).* is (0.0.0.0|::|NXDOMAIN|${IPV4_ADDRESS%/*}|${IPV6_ADDRESS:-NULL}).*),${COL_RED}&${COL_NC}," \ diff --git a/test/README.md b/test/README.md index f5a9b5e8..b4dd1122 100644 --- a/test/README.md +++ b/test/README.md @@ -7,11 +7,11 @@ From command line all you need to do is: - `pip install tox` - `tox` -Tox handles setting up a virtual environment for python dependancies, installing dependancies, building the docker images used by tests, and finally running tests. It's an easy way to have travis-ci like build behavior locally. +Tox handles setting up a virtual environment for python dependencies, installing dependencies, building the docker images used by tests, and finally running tests. It's an easy way to have travis-ci like build behavior locally. ## Alternative py.test method of running tests -You're responsible for setting up your virtual env and dependancies in this situation. +You're responsible for setting up your virtual env and dependencies in this situation. ``` py.test -vv -n auto -m "build_stage" diff --git a/test/test_automated_install.py b/test/test_automated_install.py index 4e9a7eef..c0bd1ebe 100644 --- a/test/test_automated_install.py +++ b/test/test_automated_install.py @@ -195,12 +195,12 @@ def test_configureFirewall_IPTables_enabled_rules_exist_no_errors(Pihole): expected_stdout = 'Installing new IPTables firewall rulesets' assert expected_stdout in configureFirewall.stdout firewall_calls = Pihole.run('cat /var/log/iptables').stdout - # General call type occurances + # General call type occurrences assert len(re.findall(r'iptables -S', firewall_calls)) == 1 assert len(re.findall(r'iptables -C', firewall_calls)) == 4 assert len(re.findall(r'iptables -I', firewall_calls)) == 0 - # Specific port call occurances + # Specific port call occurrences assert len(re.findall(r'tcp --dport 80', firewall_calls)) == 1 assert len(re.findall(r'tcp --dport 53', firewall_calls)) == 1 assert len(re.findall(r'udp --dport 53', firewall_calls)) == 1 @@ -242,12 +242,12 @@ def test_configureFirewall_IPTables_enabled_not_exist_no_errors(Pihole): expected_stdout = 'Installing new IPTables firewall rulesets' assert expected_stdout in configureFirewall.stdout firewall_calls = Pihole.run('cat /var/log/iptables').stdout - # General call type occurances + # General call type occurrences assert len(re.findall(r'iptables -S', firewall_calls)) == 1 assert len(re.findall(r'iptables -C', firewall_calls)) == 4 assert len(re.findall(r'iptables -I', firewall_calls)) == 4 - # Specific port call occurances + # Specific port call occurrences assert len(re.findall(r'tcp --dport 80', firewall_calls)) == 2 assert len(re.findall(r'tcp --dport 53', firewall_calls)) == 2 assert len(re.findall(r'udp --dport 53', firewall_calls)) == 2 From bb936f4fdb3e5631193a8f236b71f1b6d75f5743 Mon Sep 17 00:00:00 2001 From: MichaIng Date: Wed, 11 Mar 2020 11:01:28 +0100 Subject: [PATCH 07/72] Reduce apt-get install verbosity The new version of the installer moved from debconf-apt-progress to raw apt-get output on installs to solve issues with interactive config file choices. This lead to a largely increases amount of output lines of the installer. To reduce the apt-get output to a minimum, while sustaining interactive input in case of config files, the "-qq" option can be used, which inherits "--yes": - https://manpages.debian.org/buster/apt/apt-get.8.en.html#OPTIONS - https://manpages.ubuntu.com/manpages/bionic/man8/apt-get.8.html#options Signed-off-by: MichaIng --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 14c68250..070fc3b7 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -184,7 +184,7 @@ if is_command apt-get ; then # A variable to store the command used to update the package cache UPDATE_PKG_CACHE="${PKG_MANAGER} update" # An array for something... - PKG_INSTALL=("${PKG_MANAGER}" --yes --no-install-recommends install) + PKG_INSTALL=("${PKG_MANAGER}" -qq --no-install-recommends install) # grep -c will return 1 retVal on 0 matches, block this throwing the set -e with an OR TRUE PKG_COUNT="${PKG_MANAGER} -s -o Debug::NoLocking=true upgrade | grep -c ^Inst || true" # Some distros vary slightly so these fixes for dependencies may apply From 6d4844a0b3fc7b3fc5418d07fb2bf1d93b6b627c Mon Sep 17 00:00:00 2001 From: Julien Orain Date: Wed, 18 Mar 2020 21:35:35 +0100 Subject: [PATCH 08/72] docs(typo): fix typo Signed-off-by: Julien Orain --- advanced/Templates/pihole.cron | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Templates/pihole.cron b/advanced/Templates/pihole.cron index 8dc98721..ba89efdb 100644 --- a/advanced/Templates/pihole.cron +++ b/advanced/Templates/pihole.cron @@ -10,7 +10,7 @@ # # # This file is under source-control of the Pi-hole installation and update -# scripts, any changes made to this file will be overwritten when the softare +# scripts, any changes made to this file will be overwritten when the software # is updated or re-installed. Please make any changes to the appropriate crontab # or other cron file snippets. From a993b8b34d3f4bd1ff1cbd3ea189b8eba3e8f39c Mon Sep 17 00:00:00 2001 From: pvogt09 <50047961+pvogt09@users.noreply.github.com> Date: Fri, 3 Apr 2020 12:06:59 +0200 Subject: [PATCH 09/72] fixes #3217 by checking for existing pihole group Signed-off-by: pvogt09 <50047961+pvogt09@users.noreply.github.com> --- automated install/basic-install.sh | 41 ++++++++++++++++++++++++++---- test/test_automated_install.py | 41 ++++++++++++++++++++++++++++++ 2 files changed, 77 insertions(+), 5 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 14c68250..4474d37e 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1770,18 +1770,49 @@ create_pihole_user() { printf " %b %s..." "${INFO}" "${str}" # If the user pihole exists, if id -u pihole &> /dev/null; then - # just show a success - printf "%b %b %s\\n" "${OVER}" "${TICK}" "${str}" + # if group exists + if getent group pihole; then + # just show a success + printf "%b %b %s\\n" "${OVER}" "${TICK}" "${str}" + else + local str="Checking for group 'pihole'" + printf " %b %s..." "${INFO}" "${str}" + local str="Creating group 'pihole'" + # if group can be created + if groupadd pihole; then + printf "%b %b %s\\n" "${OVER}" "${TICK}" "${str}" + local str="Adding user 'pihole' to group 'pihole'" + printf " %b %s..." "${INFO}" "${str}" + # if pihole user can be added to group pihole + if usermod -g pihole pihole; then + printf "%b %b %s\\n" "${OVER}" "${TICK}" "${str}" + else + printf "%b %b %s\\n" "${OVER}" "${CROSS}" "${str}" + fi + else + printf "%b %b %s\\n" "${OVER}" "${CROSS}" "${str}" + fi + fi # Otherwise, else printf "%b %b %s" "${OVER}" "${CROSS}" "${str}" local str="Creating user 'pihole'" printf "%b %b %s..." "${OVER}" "${INFO}" "${str}" # create her with the useradd command - if useradd -r -s /usr/sbin/nologin pihole; then - printf "%b %b %s\\n" "${OVER}" "${TICK}" "${str}" + if getent group pihole; then + # add primary group pihole as it already exists + if useradd -r --no-user-group -g pihole -s /usr/sbin/nologin pihole; then + printf "%b %b %s\\n" "${OVER}" "${TICK}" "${str}" + else + printf "%b %b %s\\n" "${OVER}" "${CROSS}" "${str}" + fi else - printf "%b %b %s\\n" "${OVER}" "${CROSS}" "${str}" + # add user pihole with default group settings + if useradd -r -s /usr/sbin/nologin pihole; then + printf "%b %b %s\\n" "${OVER}" "${TICK}" "${str}" + else + printf "%b %b %s\\n" "${OVER}" "${CROSS}" "${str}" + fi fi fi } diff --git a/test/test_automated_install.py b/test/test_automated_install.py index c0bd1ebe..c4ab24e3 100644 --- a/test/test_automated_install.py +++ b/test/test_automated_install.py @@ -92,6 +92,47 @@ def test_setupVars_saved_to_file(Pihole): assert "{}={}".format(k, v) in output +def test_pihole_user_group_creation(Pihole): + ''' + check user creation works if user or group already exist + ''' + # normal situation where neither user or group exist + user_create = Pihole.run(''' + source /opt/pihole/basic-install.sh + create_pihole_user + ''') + expected_stdout = tick_box + ' Creating user \'pihole\'' + assert expected_stdout in user_create.stdout + # situation where both user and group already exist + user_create = Pihole.run(''' + source /opt/pihole/basic-install.sh + create_pihole_user + ''') + expected_stdout = tick_box + ' Checking for user \'pihole\'' + assert expected_stdout in user_create.stdout + # situation where only group and no user exists + Pihole.run('su --shell /bin/bash --command "userdel -r pihole" -p root') + user_create = Pihole.run(''' + source /opt/pihole/basic-install.sh + create_pihole_user + ''') + expected_stdout = tick_box + ' Creating user \'pihole\'' + assert expected_stdout in user_create.stdout + # situation where only user and no group exists + Pihole.run('su --shell /bin/bash --command "userdel -r pihole" -p root') + Pihole.run('su --shell /bin/bash --command "groupdel pihole" -p root') + Pihole.run('su --shell /bin/bash --command "groupadd pihole_dummy" -p root') + Pihole.run('su --shell /bin/bash --command "useradd -r --no-user-group -g pihole_dummy -s /usr/sbin/nologin pihole" -p root') + user_create = Pihole.run(''' + source /opt/pihole/basic-install.sh + create_pihole_user + ''') + expected_stdout = tick_box + ' Creating group \'pihole\'' + assert expected_stdout in user_create.stdout + expected_stdout = tick_box + ' Adding user \'pihole\' to group \'pihole\'' + assert expected_stdout in user_create.stdout + + def test_configureFirewall_firewalld_running_no_errors(Pihole): ''' confirms firewalld rules are applied when firewallD is running From 25c5661c1bc20c0cd568f375d85adbb5943be47e Mon Sep 17 00:00:00 2001 From: pvogt09 <50047961+pvogt09@users.noreply.github.com> Date: Fri, 3 Apr 2020 19:22:30 +0200 Subject: [PATCH 10/72] fix stickler errors Signed-off-by: pvogt09 <50047961+pvogt09@users.noreply.github.com> --- test/test_automated_install.py | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/test/test_automated_install.py b/test/test_automated_install.py index c4ab24e3..fef9eb99 100644 --- a/test/test_automated_install.py +++ b/test/test_automated_install.py @@ -96,6 +96,7 @@ def test_pihole_user_group_creation(Pihole): ''' check user creation works if user or group already exist ''' + sudo_cmd = 'su --shell /bin/bash --command "{0}" -p root' # normal situation where neither user or group exist user_create = Pihole.run(''' source /opt/pihole/basic-install.sh @@ -111,7 +112,7 @@ def test_pihole_user_group_creation(Pihole): expected_stdout = tick_box + ' Checking for user \'pihole\'' assert expected_stdout in user_create.stdout # situation where only group and no user exists - Pihole.run('su --shell /bin/bash --command "userdel -r pihole" -p root') + Pihole.run(sudo_cmd.format('userdel -r pihole')) user_create = Pihole.run(''' source /opt/pihole/basic-install.sh create_pihole_user @@ -119,10 +120,13 @@ def test_pihole_user_group_creation(Pihole): expected_stdout = tick_box + ' Creating user \'pihole\'' assert expected_stdout in user_create.stdout # situation where only user and no group exists - Pihole.run('su --shell /bin/bash --command "userdel -r pihole" -p root') - Pihole.run('su --shell /bin/bash --command "groupdel pihole" -p root') - Pihole.run('su --shell /bin/bash --command "groupadd pihole_dummy" -p root') - Pihole.run('su --shell /bin/bash --command "useradd -r --no-user-group -g pihole_dummy -s /usr/sbin/nologin pihole" -p root') + Pihole.run(sudo_cmd.format('userdel -r pihole')) + Pihole.run(sudo_cmd.format('groupdel pihole')) + Pihole.run(sudo_cmd.format('groupadd pihole_dummy')) + useradd_dummy = ( + 'useradd -r --no-user-group -g pihole_dummy ' + + '-s /usr/sbin/nologin pihole') + Pihole.run(sudo_cmd.format(useradd_dummy)) user_create = Pihole.run(''' source /opt/pihole/basic-install.sh create_pihole_user From 40ac3e7eb746c1891294c60a20ed2cf7f97e6432 Mon Sep 17 00:00:00 2001 From: pvogt09 <50047961+pvogt09@users.noreply.github.com> Date: Fri, 3 Apr 2020 20:07:44 +0200 Subject: [PATCH 11/72] remove pihole group during uninstall Signed-off-by: pvogt09 <50047961+pvogt09@users.noreply.github.com> --- automated install/basic-install.sh | 4 ++-- automated install/uninstall.sh | 8 ++++++++ 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 4474d37e..1070a7a3 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1771,7 +1771,7 @@ create_pihole_user() { # If the user pihole exists, if id -u pihole &> /dev/null; then # if group exists - if getent group pihole; then + if getent group pihole > /dev/null 2>&1; then # just show a success printf "%b %b %s\\n" "${OVER}" "${TICK}" "${str}" else @@ -1799,7 +1799,7 @@ create_pihole_user() { local str="Creating user 'pihole'" printf "%b %b %s..." "${OVER}" "${INFO}" "${str}" # create her with the useradd command - if getent group pihole; then + if getent group pihole > /dev/null 2>&1; then # add primary group pihole as it already exists if useradd -r --no-user-group -g pihole -s /usr/sbin/nologin pihole; then printf "%b %b %s\\n" "${OVER}" "${TICK}" "${str}" diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh index 01ce9c39..5dab2136 100755 --- a/automated install/uninstall.sh +++ b/automated install/uninstall.sh @@ -188,6 +188,14 @@ removeNoPurge() { echo -e " ${CROSS} Unable to remove 'pihole' user" fi fi + # If the pihole group exists, then remove + if getent group "pihole" &> /dev/null; then + if ${SUDO} groupdel pihole 2> /dev/null; then + echo -e " ${TICK} Removed 'pihole' group" + else + echo -e " ${CROSS} Unable to remove 'pihole' group" + fi + fi echo -e "\\n We're sorry to see you go, but thanks for checking out Pi-hole! If you need help, reach out to us on Github, Discourse, Reddit or Twitter From 90a5a13197d9cb43d1f2daea39693a0e312d02cf Mon Sep 17 00:00:00 2001 From: DL6ER Date: Wed, 8 Apr 2020 15:35:07 +0200 Subject: [PATCH 12/72] Convert CONDITIONAL_FORWARDING to REV_SERVER settings. Try to detect intended CIDR range automatically. Signed-off-by: DL6ER --- advanced/Scripts/webpage.sh | 56 +++++++++++++++++++++++++++++-------- 1 file changed, 45 insertions(+), 11 deletions(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index f0f8bc31..41e52747 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -210,8 +210,42 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423 fi if [[ "${CONDITIONAL_FORWARDING}" == true ]]; then - add_dnsmasq_setting "server=/${CONDITIONAL_FORWARDING_DOMAIN}/${CONDITIONAL_FORWARDING_IP}" - add_dnsmasq_setting "server=/${CONDITIONAL_FORWARDING_REVERSE}/${CONDITIONAL_FORWARDING_IP}" + # Convert legacy "conditional forwarding" to rev-server configuration + REV_SERVER=true + add_setting "REV_SERVER" "true" + + REV_SERVER_DOMAIN="${CONDITIONAL_FORWARDING_DOMAIN}" + add_setting "REV_SERVER_DOMAIN" "${REV_SERVER_DOMAIN}" + + REV_SERVER_TARGET="${CONDITIONAL_FORWARDING_IP}" + add_setting "REV_SERVER_TARGET" "${REV_SERVER_TARGET}" + + # Remove obsolete settings from setupVars.conf + delete_setting "CONDITIONAL_FORWARDING" + delete_setting "CONDITIONAL_FORWARDING_REVERSE" + delete_setting "CONDITIONAL_FORWARDING_DOMAIN" + delete_setting "CONDITIONAL_FORWARDING_IP" + + # Try to detect intended CIDR by analyzing the target + if [[ "${REV_SERVER_TARGET}" =~ 10\..* ]]; then + # Private network, Class A (RFC 1597 + RFC 1918) + REV_SERVER_CIDR="10.0.0.0/8" + elif [[ "${REV_SERVER_TARGET}" =~ 192\.168\..* ]]; then + # Private network, Class C (RFC 1597 + RFC 1918) + REV_SERVER_CIDR="192.168.0.0/16" + else + # Something else. The user will have to adapt this + # as we cannot know how large their subnet is + REV_SERVER_CIDR="${REV_SERVER_TARGET}/32" + fi + add_setting "REV_SERVER_CIDR" "${REV_SERVER_CIDR}" + fi + + if [[ "${REV_SERVER}" == true ]]; then + add_dnsmasq_setting "rev-server=${REV_SERVER_CIDR},${REV_SERVER_TARGET}" + if [ -n "${REV_SERVER_DOMAIN}" ]; then + add_dnsmasq_setting "server=/${REV_SERVER_DOMAIN}/${REV_SERVER_TARGET}" + fi fi # Prevent Firefox from automatically switching over to DNS-over-HTTPS @@ -247,16 +281,16 @@ SetDNSServers() { change_setting "DNSSEC" "false" fi - if [[ "${args[6]}" == "conditional_forwarding" ]]; then - change_setting "CONDITIONAL_FORWARDING" "true" - change_setting "CONDITIONAL_FORWARDING_IP" "${args[7]}" - change_setting "CONDITIONAL_FORWARDING_DOMAIN" "${args[8]}" - change_setting "CONDITIONAL_FORWARDING_REVERSE" "${args[9]}" + if [[ "${args[6]}" == "rev-server" ]]; then + change_setting "REV_SERVER" "true" + change_setting "REV_SERVER_CIDR" "${args[7]}" + change_setting "REV_SERVER_TARGET" "${args[8]}" + change_setting "REV_SERVER_DOMAIN" "${args[9]}" else - change_setting "CONDITIONAL_FORWARDING" "false" - delete_setting "CONDITIONAL_FORWARDING_IP" - delete_setting "CONDITIONAL_FORWARDING_DOMAIN" - delete_setting "CONDITIONAL_FORWARDING_REVERSE" + change_setting "REV_SERVER" "false" + delete_setting "REV_SERVER_CIDR" + delete_setting "REV_SERVER_TARGET" + delete_setting "REV_SERVER_DOMAIN" fi ProcessDNSSettings From 4130af0aab17689c7295dbe90d1188fefd02874c Mon Sep 17 00:00:00 2001 From: DL6ER Date: Thu, 9 Apr 2020 09:05:43 +0200 Subject: [PATCH 13/72] Retain rev-server settings when the feature gets disabled. Signed-off-by: DL6ER --- advanced/Scripts/webpage.sh | 3 --- 1 file changed, 3 deletions(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index 41e52747..5e63f0cf 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -288,9 +288,6 @@ SetDNSServers() { change_setting "REV_SERVER_DOMAIN" "${args[9]}" else change_setting "REV_SERVER" "false" - delete_setting "REV_SERVER_CIDR" - delete_setting "REV_SERVER_TARGET" - delete_setting "REV_SERVER_DOMAIN" fi ProcessDNSSettings From 093054a1eb6bfc82968ab0c36f0dfc737514599b Mon Sep 17 00:00:00 2001 From: DL6ER Date: Thu, 9 Apr 2020 09:38:24 +0200 Subject: [PATCH 14/72] Automatically convert legacy IP range to Class C network Signed-off-by: DL6ER --- advanced/Scripts/webpage.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index 5e63f0cf..d5bf46a4 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -231,12 +231,12 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423 # Private network, Class A (RFC 1597 + RFC 1918) REV_SERVER_CIDR="10.0.0.0/8" elif [[ "${REV_SERVER_TARGET}" =~ 192\.168\..* ]]; then - # Private network, Class C (RFC 1597 + RFC 1918) + # Private network, Class B (RFC 1597 + RFC 1918) REV_SERVER_CIDR="192.168.0.0/16" else - # Something else. The user will have to adapt this - # as we cannot know how large their subnet is - REV_SERVER_CIDR="${REV_SERVER_TARGET}/32" + # Something else, convert to /24 subnet (preserves legacy behavior) + # This sed converts "192.168.1.2" to "192.168.1.0/24" + REV_SERVER_CIDR="$(sed "s+\\.[0-9]*$+\\.0/24+" <<< "${REV_SERVER_TARGET}")" fi add_setting "REV_SERVER_CIDR" "${REV_SERVER_CIDR}" fi From 7e1a8c1cebf45895a65c1f2d76b830d509419c60 Mon Sep 17 00:00:00 2001 From: Mohammed Swillam <4535397+Mohammed-Swillam@users.noreply.github.com> Date: Sat, 18 Apr 2020 12:49:01 +0200 Subject: [PATCH 15/72] - Added 2 new DNS entries for the new Cloudflare DNS for families, which comes in 2 flavors (#3276) 1- 1.1.1.2 (No Malware) 2- 1.1.1.3 (No Malware or Adult Content) This would allow parents to have more control over the safety of their family's network. Signed-off-by: Mohammed-Swillam --- automated install/basic-install.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 6ef30862..0157e0ac 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -39,6 +39,8 @@ Quad9 (filtered, DNSSEC);9.9.9.9;149.112.112.112;2620:fe::fe;2620:fe::9 Quad9 (unfiltered, no DNSSEC);9.9.9.10;149.112.112.10;2620:fe::10;2620:fe::fe:10 Quad9 (filtered + ECS);9.9.9.11;149.112.112.11;2620:fe::11; Cloudflare;1.1.1.1;1.0.0.1;2606:4700:4700::1111;2606:4700:4700::1001 +Cloudflare (No Malware);1.1.1.2;1.0.0.2;2606:4700:4700::1112;2606:4700:4700::1002 +Cloudflare (No Malware or Adult Content);1.1.1.3;1.0.0.3;2606:4700:4700::1113;2606:4700:4700::1003 EOM ) From e6dcccc7bd0c7c9ce6ad1d1ccaf3184d7edc147c Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sat, 18 Apr 2020 20:05:54 +0100 Subject: [PATCH 16/72] Revert "- Added 2 new DNS entries for the new Cloudflare DNS for families, which comes in 2 flavors (#3276)" This reverts commit 7e1a8c1cebf45895a65c1f2d76b830d509419c60. --- automated install/basic-install.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 0157e0ac..6ef30862 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -39,8 +39,6 @@ Quad9 (filtered, DNSSEC);9.9.9.9;149.112.112.112;2620:fe::fe;2620:fe::9 Quad9 (unfiltered, no DNSSEC);9.9.9.10;149.112.112.10;2620:fe::10;2620:fe::fe:10 Quad9 (filtered + ECS);9.9.9.11;149.112.112.11;2620:fe::11; Cloudflare;1.1.1.1;1.0.0.1;2606:4700:4700::1111;2606:4700:4700::1001 -Cloudflare (No Malware);1.1.1.2;1.0.0.2;2606:4700:4700::1112;2606:4700:4700::1002 -Cloudflare (No Malware or Adult Content);1.1.1.3;1.0.0.3;2606:4700:4700::1113;2606:4700:4700::1003 EOM ) From 86d4c9b1e02b8552a12269c168a37bbd4eb10f7b Mon Sep 17 00:00:00 2001 From: MichaIng Date: Tue, 10 Mar 2020 12:02:47 +0100 Subject: [PATCH 17/72] Failsafe checks for available APT package When checking for available packages in APT repository, running a dry-run install can fail for other reasons, even if the package is available. Currently, in such case, wrong fallback packages are selected: https://github.com/pi-hole/pi-hole/issues/2888 "apt-cache show " is a quicker method to check for available packages. This is now done as well to check if the fallbacks are available. If none is found, the installer exits with meaningful error message and exit code. In rare cases, the APT list files can be missing when the installer is started. E.g. this could be on a fresh system, APT lists could have been moved to RAM or removed as a cleanup step. "apt-cache" calls will then fail, same as dry-run installs were. To assure that current package lists are checked, update the package cache directly after the Ubuntu universe repo has been added, only in the Debian/Ubuntu block. This renders the variable handling in RH/Fedora block obsolete. Signed-off-by: MichaIng --- automated install/basic-install.sh | 42 +++++++++++++++++------------- 1 file changed, 24 insertions(+), 18 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 14c68250..24eb06e4 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -192,8 +192,8 @@ if is_command apt-get ; then APT_SOURCES="/etc/apt/sources.list" if awk 'BEGIN{a=1;b=0}/bionic main/{a=0}/bionic.*universe/{b=1}END{exit a + b}' ${APT_SOURCES}; then if ! whiptail --defaultno --title "Dependencies Require Update to Allowed Repositories" --yesno "Would you like to enable 'universe' repository?\\n\\nThis repository is required by the following packages:\\n\\n- dhcpcd5" "${r}" "${c}"; then - printf " %b Aborting installation: dependencies could not be installed.\\n" "${CROSS}" - exit # exit the installer + printf " %b Aborting installation: Dependencies could not be installed.\\n" "${CROSS}" + exit 1 # exit the installer else printf " %b Enabling universe package repository for Ubuntu Bionic\\n" "${INFO}" cp -p ${APT_SOURCES} ${APT_SOURCES}.backup # Backup current repo list @@ -202,14 +202,18 @@ if is_command apt-get ; then printf " %b Enabled %s\\n" "${TICK}" "'universe' repository" fi fi - # Debian 7 doesn't have iproute2 so if the dry run install is successful, - if "${PKG_MANAGER}" install --dry-run iproute2 > /dev/null 2>&1; then - # we can install it + # Update package cache. This is required already here to assure apt-cache calls have package lists available. + update_package_cache || exit 1 + # Debian 7 doesn't have iproute2 so check if it's available first + if apt-cache show iproute2 > /dev/null 2>&1; then iproute_pkg="iproute2" - # Otherwise, - else - # use iproute + # Otherwise, check if iproute is available + elif apt-cache show iproute > /dev/null 2>&1; then iproute_pkg="iproute" + # Else print error and exit + else + printf " %b Aborting installation: iproute2 and iproute packages were not found in APT repository.\\n" "${CROSS}" + exit 1 fi # Check for and determine version number (major and minor) of current php install if is_command php ; then @@ -224,21 +228,28 @@ if is_command apt-get ; then # Check if installed php is v 7.0, or newer to determine packages to install if [[ "$phpInsNewer" != true ]]; then # Prefer the php metapackage if it's there - if "${PKG_MANAGER}" install --dry-run php > /dev/null 2>&1; then + if apt-cache show php > /dev/null 2>&1; then phpVer="php" - # fall back on the php5 packages - else + # Else fall back on the php5 package if it's there + elif apt-cache show php5 > /dev/null 2>&1; then phpVer="php5" + # Else print error and exit + else + printf " %b Aborting installation: No PHP packages were found in APT repository.\\n" "${CROSS}" + exit 1 fi else # Newer php is installed, its common, cgi & sqlite counterparts are deps phpVer="php$phpInsMajor.$phpInsMinor" fi # We also need the correct version for `php-sqlite` (which differs across distros) - if "${PKG_MANAGER}" install --dry-run "${phpVer}-sqlite3" > /dev/null 2>&1; then + if apt-cache show "${phpVer}-sqlite3" > /dev/null 2>&1; then phpSqlite="sqlite3" - else + elif apt-cache show "${phpVer}-sqlite" > /dev/null 2>&1; then phpSqlite="sqlite" + else + printf " %b Aborting installation: No SQLite PHP module was found in APT repository.\\n" "${CROSS}" + exit 1 fi # Since our install script is so large, we need several other programs to successfully get a machine provisioned # These programs are stored in an array so they can be looped through later @@ -281,8 +292,6 @@ elif is_command rpm ; then PKG_MANAGER="yum" fi - # Fedora and family update cache on every PKG_INSTALL call, no need for a separate update. - UPDATE_PKG_CACHE=":" PKG_INSTALL=("${PKG_MANAGER}" install -y) PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l" INSTALLER_DEPS=(git iproute newt procps-ng which chkconfig) @@ -2585,9 +2594,6 @@ main() { verifyFreeDiskSpace fi - # Update package cache - update_package_cache || exit 1 - # Notify user of package availability notify_package_updates_available From dc6c53b6a323e37bdb38a6b27ec722029a1f9b99 Mon Sep 17 00:00:00 2001 From: MichaIng Date: Tue, 10 Mar 2020 12:50:31 +0100 Subject: [PATCH 18/72] Revert using hardcoded php-intl meta package Using the meta package causes several issues: - Install on Debian prior to Jessie and Ubuntu prior to Xenial is broken, since those do not serve the meta packages but php5-* packages instead. - If $phpVer != "php", then multiple conflicting PHP versions can be installed. - If "${phpVer}-intl" does not pull the correct package, then inherently "${phpVer}-xml" etc are wrong, too. This is theoretically possible, e.g. if PHP7.4 was installed while the webserver uses a concurrently installed PHP7.3 instance. Then the "php" shell command output can differ from what the webserver uses. This theoretical issue would need a different approach to derive $phpVer, not based on the shell command output but by asking the webserver somehow in the first place. But using $phpVer for some modules and hardcoded meta for the others can only lead to inconsistencies and issues. Signed-off-by: MichaIng --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 14c68250..e1497c21 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -247,7 +247,7 @@ if is_command apt-get ; then PIHOLE_DEPS=(cron curl dnsutils iputils-ping lsof netcat psmisc sudo unzip idn2 sqlite3 libcap2-bin dns-root-data resolvconf libcap2) # The Web dashboard has some that also need to be installed # It's useful to separate the two since our repos are also setup as "Core" code and "Web" code - PIHOLE_WEB_DEPS=(lighttpd "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-${phpSqlite}" "${phpVer}-xml" "php-intl") + PIHOLE_WEB_DEPS=(lighttpd "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-${phpSqlite}" "${phpVer}-xml" "${phpVer}-intl") # The Web server user, LIGHTTPD_USER="www-data" # group, From d7bac2114976d219dbf09ce414ca263b0b83b5d8 Mon Sep 17 00:00:00 2001 From: MichaIng Date: Tue, 24 Mar 2020 11:40:37 +0100 Subject: [PATCH 19/72] Dot not add pihole user to web server group This is and was never required and the pihole user does in fact not get any additional permissions through that group. Signed-off-by: MichaIng --- automated install/basic-install.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 14c68250..ad226ce9 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1933,8 +1933,6 @@ installPihole() { # Repair permissions if /var/www/html is not world readable chmod a+rx /var/www chmod a+rx /var/www/html - # Give pihole access to the Web server group - usermod -a -G ${LIGHTTPD_GROUP} pihole # Give lighttpd access to the pihole group so the web interface can # manage the gravity.db database usermod -a -G pihole ${LIGHTTPD_USER} From 1540e5bfdad492359692f0a9a3267ad4cf02bad7 Mon Sep 17 00:00:00 2001 From: Brandon Davis Date: Fri, 1 May 2020 07:52:33 -0400 Subject: [PATCH 20/72] Remove dead code Signed-off-by: Brandon Davis --- block hulu ads/lighttpd.conf | 43 ------------------------------------ block hulu ads/minidlna.conf | 17 -------------- 2 files changed, 60 deletions(-) delete mode 100644 block hulu ads/lighttpd.conf delete mode 100644 block hulu ads/minidlna.conf diff --git a/block hulu ads/lighttpd.conf b/block hulu ads/lighttpd.conf deleted file mode 100644 index 636fd07d..00000000 --- a/block hulu ads/lighttpd.conf +++ /dev/null @@ -1,43 +0,0 @@ -# Pi-hole: A black hole for Internet advertisements -# (c) 2015, 2016 by Jacob Salmela -# Network-wide ad blocking via your Raspberry Pi -# http://pi-hole.net -# Lighttpd config file for Pi-hole -# -# Pi-hole is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 2 of the License, or -# (at your option) any later version. - -server.modules = ( - "mod_access", - "mod_alias", - "mod_compress", - "mod_redirect", - "mod_rewrite" -) - -server.document-root = "/var/www" -server.upload-dirs = ( "/var/cache/lighttpd/uploads" ) -server.errorlog = "/var/log/lighttpd/error.log" -server.pid-file = "/var/run/lighttpd.pid" -server.username = "www-data" -server.groupname = "www-data" -server.port = 80 - - -index-file.names = ( "index.php", "index.html", "index.lighttpd.html" ) -url.access-deny = ( "~", ".inc" ) -static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" ) - -compress.cache-dir = "/var/cache/lighttpd/compress/" -compress.filetype = ( "application/javascript", "text/css", "text/html", "text/plain" ) - -# default listening port for IPv6 falls back to the IPv4 port -include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port -include_shell "/usr/share/lighttpd/create-mime.assign.pl" -include_shell "/usr/share/lighttpd/include-conf-enabled.pl" - -$HTTP["host"] =~ "ads.hulu.com|ads-v-darwin.hulu.com|ads-e-darwin.hulu.com" { - url.redirect = ( ".*" => "http://192.168.1.101:8200/MediaItems/19.mov") -} diff --git a/block hulu ads/minidlna.conf b/block hulu ads/minidlna.conf deleted file mode 100644 index 3f9e188f..00000000 --- a/block hulu ads/minidlna.conf +++ /dev/null @@ -1,17 +0,0 @@ -# Pi-hole: A black hole for Internet advertisements -# (c) 2015, 2016 by Jacob Salmela -# Network-wide ad blocking via your Raspberry Pi -# http://pi-hole.net -# MiniDLNA config file for Pi-hole -# -# Pi-hole is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 2 of the License, or -# (at your option) any later version. - -media_dir=V,/var/lib/minidlna/videos/ -port=8200 -friendly_name=pihole -serial=12345678 -model_number=1 -inotify=yes From 987ae3810d869dcfc9ea3da72859f3ec64d5e730 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Mon, 11 May 2020 22:03:33 +0100 Subject: [PATCH 21/72] binary, here, should be l_binary Signed-off-by: Adam Warner --- automated install/basic-install.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index a5c62041..043e98a1 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -438,7 +438,7 @@ make_repo() { # Move into the directory that was passed as an argument pushd "${directory}" &> /dev/null || return 1 # Check current branch. If it is master, then reset to the latest available tag. - # In case extra commits have been added after tagging/release (i.e in case of metadata updates/README.MD tweaks) + # In case extra commits have been added after tagging/release (i.e in case of metadata updates/README.MD tweaks) curBranch=$(git rev-parse --abbrev-ref HEAD) if [[ "${curBranch}" == "master" ]]; then #If we're calling make_repo() then it should always be master, we may not need to check. git reset --hard "$(git describe --abbrev=0 --tags)" || return $? @@ -475,7 +475,7 @@ update_repo() { # Pull the latest commits git pull --quiet &> /dev/null || return $? # Check current branch. If it is master, then reset to the latest available tag. - # In case extra commits have been added after tagging/release (i.e in case of metadata updates/README.MD tweaks) + # In case extra commits have been added after tagging/release (i.e in case of metadata updates/README.MD tweaks) curBranch=$(git rev-parse --abbrev-ref HEAD) if [[ "${curBranch}" == "master" ]]; then git reset --hard "$(git describe --abbrev=0 --tags)" || return $? @@ -2394,11 +2394,11 @@ get_binary_name() { if [[ -f "/.dockerenv" ]]; then printf "%b %b Detected ARM architecture in docker\\n" "${OVER}" "${TICK}" # set the binary to be used - binary="pihole-FTL-armel-native" + l_binary="pihole-FTL-armel-native" else printf "%b %b Detected ARM architecture\\n" "${OVER}" "${TICK}" # set the binary to be used - binary="pihole-FTL-arm-linux-gnueabi" + l_binary="pihole-FTL-arm-linux-gnueabi" fi fi elif [[ "${machine}" == "x86_64" ]]; then From 0add5eb2919386f546a75be4b6c1e5f4f13a537a Mon Sep 17 00:00:00 2001 From: Matthias Rank Date: Tue, 12 May 2020 21:02:29 +0200 Subject: [PATCH 22/72] Added support for CNAME record add/remvoe Signed-off-by: Matthias Rank --- advanced/Scripts/webpage.sh | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index f0f8bc31..2a32879b 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -18,6 +18,7 @@ readonly FTLconf="/etc/pihole/pihole-FTL.conf" readonly dhcpstaticconfig="/etc/dnsmasq.d/04-pihole-static-dhcp.conf" readonly PI_HOLE_BIN_DIR="/usr/local/bin" readonly dnscustomfile="/etc/pihole/custom.list" +readonly dnscustomcnamefile="/etc/dnsmasq.d/05-pihole-custom-cname.conf" readonly gravityDBfile="/etc/pihole/gravity.db" @@ -644,6 +645,28 @@ RemoveCustomDNSAddress() { RestartDNS } +AddCustomCNAMERecord() { + echo -e " ${TICK} Adding custom CNAME record..." + + domain="${args[2]}" + target="${args[3]}" + echo "cname=${domain},${target}" >> "${dnscustomcnamefile}" + + # Restart dnsmasq to load new custom CNAME records + RestartDNS +} + +RemoveCustomCNAMERecord() { + echo -e " ${TICK} Removing custom CNAME record..." + + domain="${args[2]}" + target="${args[3]}" + sed -i "/cname=${domain},${target}/d" "${dnscustomcnamefile}" + + # Restart dnsmasq to update removed custom CNAME records + RestartDNS +} + main() { args=("$@") @@ -677,6 +700,8 @@ main() { "-l" | "privacylevel" ) SetPrivacyLevel;; "addcustomdns" ) AddCustomDNSAddress;; "removecustomdns" ) RemoveCustomDNSAddress;; + "addcustomcname" ) AddCustomCNAMERecord;; + "removecustomcname" ) RemoveCustomCNAMERecord;; * ) helpFunc;; esac From 2b9898e9ca79ad367953cd4d366a27bbaae5004b Mon Sep 17 00:00:00 2001 From: Matthias Rank Date: Tue, 12 May 2020 21:04:30 +0200 Subject: [PATCH 23/72] Fixed indentation Signed-off-by: Matthias Rank --- advanced/Scripts/webpage.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index 2a32879b..67251a8d 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -650,7 +650,7 @@ AddCustomCNAMERecord() { domain="${args[2]}" target="${args[3]}" - echo "cname=${domain},${target}" >> "${dnscustomcnamefile}" + echo "cname=${domain},${target}" >> "${dnscustomcnamefile}" # Restart dnsmasq to load new custom CNAME records RestartDNS From a9c66c7b4598bb9485cd588d89bbc3890bae5689 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Thu, 30 Apr 2020 01:22:08 +0200 Subject: [PATCH 24/72] Implement pihole -a theme option Signed-off-by: DL6ER --- advanced/Scripts/webpage.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index f0f8bc31..9ace95d5 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -401,6 +401,10 @@ SetWebUILayout() { change_setting "WEBUIBOXEDLAYOUT" "${args[2]}" } +SetWebUITheme() { + change_setting "WEBTHEME" "${args[2]}" +} + CheckUrl(){ local regex # Check for characters NOT allowed in URLs @@ -662,6 +666,7 @@ main() { "enabledhcp" ) EnableDHCP;; "disabledhcp" ) DisableDHCP;; "layout" ) SetWebUILayout;; + "theme" ) SetWebUITheme;; "-h" | "--help" ) helpFunc;; "privacymode" ) SetPrivacyMode;; "resolve" ) ResolutionSettings;; From 7d79cf5cce6be318adbab4d3fa2429b1fc919c93 Mon Sep 17 00:00:00 2001 From: MichaIng Date: Tue, 12 May 2020 23:45:56 +0200 Subject: [PATCH 25/72] Only check SELinux states if "getenforce" command exists - Currently, if the SELinux config file exists, installed SELinux is assumed. - But removing e.g. an APT package via "apt-get remove" leaves config files in place, or they could be present for other reasons. - If the getenforce command is not present but the config file is, currently the installer exists without error message when calling getenforce due to "set -e". - With this change, the presence of getenforce command is checked first. If it is not present, selinux-utils is not installed, which is a core part of SELinux, pulled in by selinux-basics as well. So it can be assumed that no SELinux is active if this command is missing. Signed-off-by: MichaIng --- automated install/basic-install.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 904d41ad..e1c21330 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1980,9 +1980,9 @@ checkSelinux() { local DEFAULT_SELINUX local CURRENT_SELINUX local SELINUX_ENFORCING=0 - # Check if a SELinux configuration file exists - if [[ -f /etc/selinux/config ]]; then - # If a SELinux configuration file was found, check the default SELinux mode. + # Check for SELinux configuration file and getenforce command + if [[ -f /etc/selinux/config ]] && command -v getenforce &> /dev/null; then + # Check the default SELinux mode DEFAULT_SELINUX=$(awk -F= '/^SELINUX=/ {print $2}' /etc/selinux/config) case "${DEFAULT_SELINUX,,}" in enforcing) From ab753e88a28228001c66ae4585a55cb10be70277 Mon Sep 17 00:00:00 2001 From: Dave Nicolson Date: Wed, 13 May 2020 12:49:00 +0200 Subject: [PATCH 26/72] Fix GitHub capitalisation Signed-off-by: Dave Nicolson --- advanced/Scripts/piholeCheckout.sh | 2 +- advanced/Scripts/version.sh | 4 ++-- automated install/uninstall.sh | 2 +- manpages/pihole.8 | 4 ++-- pihole | 4 ++-- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/advanced/Scripts/piholeCheckout.sh b/advanced/Scripts/piholeCheckout.sh index 31009dd9..a5ece3b2 100644 --- a/advanced/Scripts/piholeCheckout.sh +++ b/advanced/Scripts/piholeCheckout.sh @@ -3,7 +3,7 @@ # (c) 2017 Pi-hole, LLC (https://pi-hole.net) # Network-wide ad blocking via your own hardware. # -# Switch Pi-hole subsystems to a different Github branch. +# Switch Pi-hole subsystems to a different GitHub branch. # # This file is copyright under the latest version of the EUPL. # Please see LICENSE file for your rights under this license. diff --git a/advanced/Scripts/version.sh b/advanced/Scripts/version.sh index d2c41cba..f77ee635 100755 --- a/advanced/Scripts/version.sh +++ b/advanced/Scripts/version.sh @@ -88,7 +88,7 @@ getRemoteVersion(){ local arrCache cachedVersions="/etc/pihole/GitHubVersions" - #If the above file exists, then we can read from that. Prevents overuse of Github API + #If the above file exists, then we can read from that. Prevents overuse of GitHub API if [[ -f "$cachedVersions" ]]; then IFS=' ' read -r -a arrCache < "$cachedVersions" case $daemon in @@ -203,7 +203,7 @@ Repositories: Options: -c, --current Return the current version -l, --latest Return the latest version - --hash Return the Github hash from your local repositories + --hash Return the GitHub hash from your local repositories -h, --help Show this help dialog" exit 0 } diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh index 2d6837b4..fa71a638 100755 --- a/automated install/uninstall.sh +++ b/automated install/uninstall.sh @@ -190,7 +190,7 @@ removeNoPurge() { fi echo -e "\\n We're sorry to see you go, but thanks for checking out Pi-hole! - If you need help, reach out to us on Github, Discourse, Reddit or Twitter + If you need help, reach out to us on GitHub, Discourse, Reddit or Twitter Reinstall at any time: ${COL_WHITE}curl -sSL https://install.pi-hole.net | bash${COL_NC} ${COL_LIGHT_RED}Please reset the DNS on your router/clients to restore internet connectivity diff --git a/manpages/pihole.8 b/manpages/pihole.8 index 899807f3..e107e4da 100644 --- a/manpages/pihole.8 +++ b/manpages/pihole.8 @@ -224,7 +224,7 @@ Available commands and options: .br -l, --latest Return the latest version .br - --hash Return the Github hash from your local + --hash Return the GitHub hash from your local repositories .br @@ -269,7 +269,7 @@ Available commands and options: \fBcheckout\fR [repo] [branch] .br - Switch Pi-hole subsystems to a different Github branch + Switch Pi-hole subsystems to a different GitHub branch .br (repo options): diff --git a/pihole b/pihole index c0f916b2..cc49fa24 100755 --- a/pihole +++ b/pihole @@ -317,7 +317,7 @@ piholeCheckoutFunc() { if [[ "$2" == "-h" ]] || [[ "$2" == "--help" ]]; then echo "Usage: pihole checkout [repo] [branch] Example: 'pihole checkout master' or 'pihole checkout core dev' -Switch Pi-hole subsystems to a different Github branch +Switch Pi-hole subsystems to a different GitHub branch Repositories: core [branch] Change the branch of Pi-hole's core subsystem @@ -416,7 +416,7 @@ Options: restartdns Full restart Pi-hole subsystems Add 'reload' to update the lists and flush the cache without restarting the DNS server Add 'reload-lists' to only update the lists WITHOUT flushing the cache or restarting the DNS server - checkout Switch Pi-hole subsystems to a different Github branch + checkout Switch Pi-hole subsystems to a different GitHub branch Add '-h' for more info on checkout usage arpflush Flush information stored in Pi-hole's network tables"; exit 0 From 8dc8c350be77302c7557581ffb25f12a80f74d73 Mon Sep 17 00:00:00 2001 From: Dave Nicolson Date: Wed, 13 May 2020 13:19:31 +0200 Subject: [PATCH 27/72] Update documentation links Signed-off-by: Dave Nicolson --- .github/PULL_REQUEST_TEMPLATE.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index 41564b65..7509e923 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -10,7 +10,7 @@ - [ ] It is compatible with the [EUPL 1.2 license](https://opensource.org/licenses/EUPL-1.1) - [ ] I have squashed any insignificant commits. ([`git rebase`](http://gitready.com/advanced/2009/02/10/squashing-commits-with-rebase.html)) -Please make sure you [Sign Off](https://github.com/pi-hole/pi-hole/wiki/How-to-signoff-your-commits.) all commits. Pi-hole enforces the [DCO](https://github.com/pi-hole/pi-hole/wiki/Contributing-to-the-project). +Please make sure you [Sign Off](https://docs.pi-hole.net/guides/github/how-to-signoff/) all commits. Pi-hole enforces the [DCO](https://docs.pi-hole.net/guides/github/contributing/). --- **What does this PR aim to accomplish?:** From e1b151218339225cb0499b4ad434e7a80107e00e Mon Sep 17 00:00:00 2001 From: Alex Ordonez Date: Wed, 13 May 2020 19:24:54 -0700 Subject: [PATCH 28/72] Remove store/shop link from README According to @dschaper, the store is no longer open: https://www.reddit.com/r/pihole/comments/cmywyi/pi_hole_store/ew5m33s/ Signed-off-by: Alex Ordonez --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 97459442..358308c3 100644 --- a/README.md +++ b/README.md @@ -68,7 +68,6 @@ If you'd rather not [donate](https://pi-hole.net/donate/) (_which is okay!_), th - [Patreon](https://patreon.com/pihole) _Become a patron for rewards_ - [Digital Ocean](http://www.digitalocean.com/?refcode=344d234950e1) _affiliate link_ - [Stickermule](https://www.stickermule.com/unlock?ref_id=9127301701&utm_medium=link&utm_source=invite) _earn a $10 credit after your first purchase_ -- [Pi-hole Swag Store](https://pi-hole.net/shop/) _affiliate link_ - [Amazon](http://www.amazon.com/exec/obidos/redirect-home/pihole09-20) _affiliate link_ - [DNS Made Easy](https://cp.dnsmadeeasy.com/u/133706) _affiliate link_ - [Vultr](http://www.vultr.com/?ref=7190426) _affiliate link_ From 3c6ea2612dabc04ac94da90fe270092671a1a647 Mon Sep 17 00:00:00 2001 From: pvogt09 <50047961+pvogt09@users.noreply.github.com> Date: Fri, 15 May 2020 17:52:57 +0200 Subject: [PATCH 29/72] fix #3336 by creating adlist file even if no list was selected by user Signed-off-by: pvogt09 <50047961+pvogt09@users.noreply.github.com> --- automated install/basic-install.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index e1c21330..ac643037 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1223,7 +1223,9 @@ chooseBlocklists() { # In a variable, show the choices available; exit if Cancel is selected choices=$("${cmd[@]}" "${options[@]}" 2>&1 >/dev/tty) || { printf " %bCancel was selected, exiting installer%b\\n" "${COL_LIGHT_RED}" "${COL_NC}"; rm "${adlistFile}" ;exit 1; } - # For each choice available, + # create empty adlist file if no list was selected + : > "${adlistFile}" + # For each choice available for choice in ${choices} do appendToListsFile "${choice}" From 5c17e41cf147f7cba3dc24dbaba2db03813980a1 Mon Sep 17 00:00:00 2001 From: MichaIng Date: Fri, 3 Apr 2020 19:05:59 +0200 Subject: [PATCH 30/72] Start pihole-FTL after network "$network" on a systemd-driven OS leads to "After=network-online.target" in the generated systemd unit. This target is no guarantee that all network interfaces have been fully configured, as it depends on the related network services types, but at least it reduces the risk that those have not fully finished their job when pihole-FTL starts. If this is the case, certain issues can occur: - https://github.com/pi-hole/pi-hole/issues/2924 - https://discourse.pi-hole.net/t/have-to-pihole-restartdns-after-reboot/28772 Runtime files are now consistently created in "/run" instead of "/var/run". The second is a symlink to the first for backwards compatibility but on none-ancient distro versions one should use "/run", systemd even prints a warnings if service files use "/var/run". The service file used "/run" and "/var/run" both, in cases for the same files/directories before, which does not directly cause issues currently, due to the symlink, but is inconsistent at best. Signed-off-by: MichaIng --- advanced/Scripts/chronometer.sh | 2 +- advanced/Templates/pihole-FTL.service | 12 ++++++------ advanced/lighttpd.conf.debian | 2 +- advanced/lighttpd.conf.fedora | 2 +- automated install/basic-install.sh | 4 ++-- 5 files changed, 11 insertions(+), 11 deletions(-) diff --git a/advanced/Scripts/chronometer.sh b/advanced/Scripts/chronometer.sh index 757df9be..7431c212 100755 --- a/advanced/Scripts/chronometer.sh +++ b/advanced/Scripts/chronometer.sh @@ -13,7 +13,7 @@ LC_NUMERIC=C # Retrieve stats from FTL engine pihole-FTL() { - ftl_port=$(cat /var/run/pihole-FTL.port 2> /dev/null) + ftl_port=$(cat /run/pihole-FTL.port 2> /dev/null) if [[ -n "$ftl_port" ]]; then # Open connection to FTL exec 3<>"/dev/tcp/127.0.0.1/$ftl_port" diff --git a/advanced/Templates/pihole-FTL.service b/advanced/Templates/pihole-FTL.service index f32a5e89..ab7f8f2b 100644 --- a/advanced/Templates/pihole-FTL.service +++ b/advanced/Templates/pihole-FTL.service @@ -1,8 +1,8 @@ #!/usr/bin/env bash ### BEGIN INIT INFO # Provides: pihole-FTL -# Required-Start: $remote_fs $syslog -# Required-Stop: $remote_fs $syslog +# Required-Start: $remote_fs $syslog $network +# Required-Stop: $remote_fs $syslog $network # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: pihole-FTL daemon @@ -10,7 +10,7 @@ ### END INIT INFO FTLUSER=pihole -PIDFILE=/var/run/pihole-FTL.pid +PIDFILE=/run/pihole-FTL.pid get_pid() { # First, try to obtain PID from PIDFILE @@ -37,12 +37,12 @@ start() { touch /var/log/pihole-FTL.log /var/log/pihole.log touch /run/pihole-FTL.pid /run/pihole-FTL.port touch /etc/pihole/dhcp.leases - mkdir -p /var/run/pihole + mkdir -p /run/pihole mkdir -p /var/log/pihole - chown pihole:pihole /var/run/pihole /var/log/pihole + chown pihole:pihole /run/pihole /var/log/pihole # Remove possible leftovers from previous pihole-FTL processes rm -f /dev/shm/FTL-* 2> /dev/null - rm /var/run/pihole/FTL.sock 2> /dev/null + rm /run/pihole/FTL.sock 2> /dev/null # Ensure that permissions are set so that pihole-FTL can edit all necessary files chown pihole:pihole /run/pihole-FTL.pid /run/pihole-FTL.port chown pihole:pihole /etc/pihole /etc/pihole/dhcp.leases 2> /dev/null diff --git a/advanced/lighttpd.conf.debian b/advanced/lighttpd.conf.debian index f96c2d4b..dab5c03e 100644 --- a/advanced/lighttpd.conf.debian +++ b/advanced/lighttpd.conf.debian @@ -30,7 +30,7 @@ server.document-root = "/var/www/html" server.error-handler-404 = "/pihole/index.php" server.upload-dirs = ( "/var/cache/lighttpd/uploads" ) server.errorlog = "/var/log/lighttpd/error.log" -server.pid-file = "/var/run/lighttpd.pid" +server.pid-file = "/run/lighttpd.pid" server.username = "www-data" server.groupname = "www-data" server.port = 80 diff --git a/advanced/lighttpd.conf.fedora b/advanced/lighttpd.conf.fedora index 22299248..ea340e3f 100644 --- a/advanced/lighttpd.conf.fedora +++ b/advanced/lighttpd.conf.fedora @@ -31,7 +31,7 @@ server.document-root = "/var/www/html" server.error-handler-404 = "/pihole/index.php" server.upload-dirs = ( "/var/cache/lighttpd/uploads" ) server.errorlog = "/var/log/lighttpd/error.log" -server.pid-file = "/var/run/lighttpd.pid" +server.pid-file = "/run/lighttpd.pid" server.username = "lighttpd" server.groupname = "lighttpd" server.port = 80 diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index ac643037..ec4556e8 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1433,8 +1433,8 @@ installConfigs() { sed -i 's/^\(server\.error-handler-404\s*=\s*\).*$/\1"pihole\/custom\.php"/' /etc/lighttpd/lighttpd.conf fi # Make the directories if they do not exist and set the owners - mkdir -p /var/run/lighttpd - chown ${LIGHTTPD_USER}:${LIGHTTPD_GROUP} /var/run/lighttpd + mkdir -p /run/lighttpd + chown ${LIGHTTPD_USER}:${LIGHTTPD_GROUP} /run/lighttpd mkdir -p /var/cache/lighttpd/compress chown ${LIGHTTPD_USER}:${LIGHTTPD_GROUP} /var/cache/lighttpd/compress mkdir -p /var/cache/lighttpd/uploads From 414ab53d9aa540087d27f24af60ff5827fc16c27 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Mon, 18 May 2020 22:29:36 +0100 Subject: [PATCH 31/72] Use `toggle` instead of `select` to remove any hint of a doubt that the option already selected by default can be deselected Signed-off-by: Adam Warner --- automated install/basic-install.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index ac643037..76b04457 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -673,7 +673,7 @@ chooseInterface() { # Feed the available interfaces into this while loop done <<< "${availableInterfaces}" # The whiptail command that will be run, stored in a variable - chooseInterfaceCmd=(whiptail --separate-output --radiolist "Choose An Interface (press space to select)" "${r}" "${c}" "${interfaceCount}") + chooseInterfaceCmd=(whiptail --separate-output --radiolist "Choose An Interface (press space to toggle selection)" "${r}" "${c}" "${interfaceCount}") # Now run the command using the interfaces saved into the array chooseInterfaceOptions=$("${chooseInterfaceCmd[@]}" "${interfacesArray[@]}" 2>&1 >/dev/tty) || \ # If the user chooses Cancel, exit @@ -763,8 +763,8 @@ use4andor6() { # Named local variables local useIPv4 local useIPv6 - # Let use select IPv4 and/or IPv6 via a checklist - cmd=(whiptail --separate-output --checklist "Select Protocols (press space to select)" "${r}" "${c}" 2) + # Let user choose IPv4 and/or IPv6 via a checklist + cmd=(whiptail --separate-output --checklist "Select Protocols (press space to toggle selection)" "${r}" "${c}" 2) # In an array, show the options available: # IPv4 (on by default) options=(IPv4 "Block ads over IPv4" on From 9d04c517e6647625f4a363e0aa8f0fcfd817f6d5 Mon Sep 17 00:00:00 2001 From: Frank Riley Date: Wed, 20 May 2020 15:47:40 -0700 Subject: [PATCH 32/72] Reload the lists, which will cause the cached privacy level to be updated. Signed-off-by: Frank Riley --- advanced/Scripts/webpage.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index b1d18a0a..6a8fa64d 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -600,6 +600,7 @@ SetPrivacyLevel() { # Set privacy level. Minimum is 0, maximum is 4 if [ "${args[2]}" -ge 0 ] && [ "${args[2]}" -le 4 ]; then changeFTLsetting "PRIVACYLEVEL" "${args[2]}" + pihole restartdns reload-lists fi } From 5094fab491a2d3ab88ba1850afa49e019079bea1 Mon Sep 17 00:00:00 2001 From: XhmikosR Date: Thu, 21 May 2020 17:44:32 +0300 Subject: [PATCH 33/72] Remove csslint from Strickler CI There's only one CSS file and the page where it's used has become obsolete. Signed-off-by: XhmikosR --- .stickler.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.stickler.yml b/.stickler.yml index 0eaae8cb..ab98025e 100644 --- a/.stickler.yml +++ b/.stickler.yml @@ -2,5 +2,4 @@ linters: shellcheck: shell: bash phpcs: - csslint: flake8: From b2ba55c27b20c51169d16ff8e40ad98176014ccc Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Thu, 21 May 2020 21:23:26 +0100 Subject: [PATCH 34/72] Show details of any remotes on the git repositories Signed-off-by: Adam Warner --- advanced/Scripts/piholeDebug.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 46b4aac8..68131002 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -296,7 +296,11 @@ compare_local_version_to_git_version() { log_write "${INFO} ${pihole_component}: ${COL_YELLOW}${remote_version:-Untagged}${COL_NC} (${FAQ_UPDATE_PI_HOLE})" fi - # If the repo is on the master branch, they are on the stable codebase + # Print the repo upstreams + remotes=$(git remote -v) + log_write "${INFO} Remotes: ${remotes//$'\n'/'\n '}" + + # If the repo is on the master branchs, they are on the stable codebase if [[ "${remote_branch}" == "master" ]]; then # so the color of the text is green log_write "${INFO} Branch: ${COL_GREEN}${remote_branch}${COL_NC}" From d0e250a6167eb9f7b7bd2dd75510b5c6e8f88710 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Thu, 21 May 2020 22:25:00 +0100 Subject: [PATCH 35/72] Ensure pihole-FTL.conf is parsed, as well as external.conf for lighttpd, to rule out any custom modifications. Signed-off-by: Adam Warner --- advanced/Scripts/piholeDebug.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 68131002..abf56153 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -87,7 +87,7 @@ PIHOLE_DHCP_CONFIG_FILE="${DNSMASQ_D_DIRECTORY}/02-pihole-dhcp.conf" PIHOLE_WILDCARD_CONFIG_FILE="${DNSMASQ_D_DIRECTORY}/03-wildcard.conf" WEB_SERVER_CONFIG_FILE="${WEB_SERVER_CONFIG_DIRECTORY}/lighttpd.conf" -#WEB_SERVER_CUSTOM_CONFIG_FILE="${WEB_SERVER_CONFIG_DIRECTORY}/external.conf" +WEB_SERVER_CUSTOM_CONFIG_FILE="${WEB_SERVER_CONFIG_DIRECTORY}/external.conf" PIHOLE_INSTALL_LOG_FILE="${PIHOLE_DIRECTORY}/install.log" PIHOLE_RAW_BLOCKLIST_FILES="${PIHOLE_DIRECTORY}/list.*" @@ -166,11 +166,13 @@ REQUIRED_FILES=("${PIHOLE_CRON_FILE}" "${PIHOLE_DHCP_CONFIG_FILE}" "${PIHOLE_WILDCARD_CONFIG_FILE}" "${WEB_SERVER_CONFIG_FILE}" +"${WEB_SERVER_CUSTOM_CONFIG_FILE}" "${PIHOLE_INSTALL_LOG_FILE}" "${PIHOLE_RAW_BLOCKLIST_FILES}" "${PIHOLE_LOCAL_HOSTS_FILE}" "${PIHOLE_LOGROTATE_FILE}" "${PIHOLE_SETUP_VARS_FILE}" +"${PIHOLE_FTL_CONF_FILE}" "${PIHOLE_COMMAND}" "${PIHOLE_COLTABLE_FILE}" "${FTL_PID}" From af1129fc2878370d8b86b8fe40e2800534d2a98f Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Mon, 25 May 2020 17:40:20 +0100 Subject: [PATCH 36/72] Add a check at the top of the script to determine if the script is being run on a supported OS Signed-off-by: Adam Warner --- automated install/basic-install.sh | 60 +++++++++++++++++++++++++++++- 1 file changed, 58 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 76b04457..a7024ca5 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -174,6 +174,61 @@ is_command() { command -v "${check_command}" >/dev/null 2>&1 } +os_check() { + # This function gets a list of supported OS versions from a TXT record at versions.pi-hole.net + # and determines whether or not the script is running on one of those systems + local remote_os_domain valid_os valid_version detected_os_pretty detected_os detected_version display_warning + remote_os_domain="versions.pi-hole.net" + valid_os=false + valid_version=false + display_warning=true + + detected_os_pretty=$(cat /etc/*release | grep PRETTY_NAME | cut -d '=' -f2- | tr -d '"') + detected_os=$(echo "${detected_os_pretty}" | sed 's/ .*//') + detected_version=$(cat /etc/*release | grep VERSION_ID | cut -d '=' -f2- | tr -d '"') + + mapfile -t supportedOS < <(dig +short -t txt ${remote_os_domain} | tr -d '"' | tr ' ' '\n') + + for i in "${supportedOS[@]}" + do + os_part=$(echo $i | cut -d '=' -f1) + versions_part=$(echo $i | cut -d '=' -f2-) + + if [[ "${detected_os}" =~ "${os_part}" ]]; then + valid_os=true + mapfile -t supportedVer < <(echo "${versions_part}" | tr ',' '\n') + for x in "${supportedVer[@]}" + do + if [[ "${detected_version}" =~ $x ]];then + valid_version=true + break + fi + done + break + fi + done + + if [ "$valid_os" = true ] && [ "$valid_version" = true ]; then + display_warning=false + fi + + if [ "$display_warning" = true ] && [ "$PIHOLE_SKIP_OS_CHECK" != true ]; then + printf " %b %bUnsupported OS detected%b\\n" "${CROSS}" "${COL_LIGHT_RED}" "${COL_NC}" + printf " https://docs.pi-hole.net/main/prerequesites/#supported-operating-systems\\n" + printf "\\n" + printf " This check can be skipped by setting the environment variable %bPIHOLE_SKIP_OS_CHECK%b to %btrue%b\\n" "${COL_LIGHT_RED}" "${COL_NC}" "${COL_LIGHT_RED}" "${COL_NC}" + printf " e.g: export PIHOLE_SKIP_OS_CHECK=true\\n" + printf " By setting this variable to true you acknowledge there may be issues with Pi-hole during or after the install\\n" + printf " If that is the case, you can feel free to ask the community on Discourse with the %bCommunity Help%b category:\\n" "${COL_LIGHT_RED}" "${COL_NC}" + printf " https://discourse.pi-hole.net/c/bugs-problems-issues/community-help/\\n" + exit 1 + elif [ "$display_warning" = true ] && [ "$PIHOLE_SKIP_OS_CHECK" = true ]; then + printf " %b %bUnsupported OS detected%b. PIHOLE_SKIP_OS_CHECK env variable set to true - installer will continue\\n" "${INFO}" "${COL_LIGHT_RED}" "${COL_NC}" + else + printf " %b %bSupported OS detected%b\\n" "${TICK}" "${COL_LIGHT_GREEN}" "${COL_NC}" + fi +} + # Compatibility distro_check() { # If apt-get is installed, then we know it's part of the Debian family @@ -608,7 +663,7 @@ verifyFreeDiskSpace() { printf " We were unable to determine available free disk space on this system.\\n" printf " You may override this check, however, it is not recommended.\\n" printf " The option '%b--i_do_not_follow_recommendations%b' can override this.\\n" "${COL_LIGHT_RED}" "${COL_NC}" - printf " e.g: curl -L https://install.pi-hole.net | bash /dev/stdin %b