From b486786041cd235151e189e17f4c869751150e78 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Sun, 29 May 2022 09:51:33 +0200 Subject: [PATCH 01/61] Add database healthy checks to debug script Fix health check output comparison in gravity script as well Add note about waiting time MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- advanced/Scripts/piholeDebug.sh | 69 +++++++++++++++++++++++++++++++-- gravity.sh | 12 ++++-- pihole | 24 ++++++------ 3 files changed, 86 insertions(+), 19 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 601677e2..2f4b0011 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -1259,12 +1259,21 @@ show_messages() { show_FTL_db_entries "Pi-hole diagnosis messages" "SELECT count (message) as count, datetime(max(timestamp),'unixepoch','localtime') as 'last timestamp', type, message, blob1, blob2, blob3, blob4, blob5 FROM message GROUP BY type, message, blob1, blob2, blob3, blob4, blob5;" "6 19 20 60 20 20 20 20 20" } +database_permissions() { + local permissions + permissions=$(ls -lhd "${1}") + log_write "${COL_GREEN}${permissions}${COL_NC}" +} + analyze_gravity_list() { echo_current_diagnostic "Gravity Database" - local gravity_permissions - gravity_permissions=$(ls -lhd "${PIHOLE_GRAVITY_DB_FILE}") - log_write "${COL_GREEN}${gravity_permissions}${COL_NC}" + database_permissions "${PIHOLE_GRAVITY_DB_FILE}" + + # if users want to check database integrity + if [[ "${CHECK_DATABASE}" = true ]]; then + database_integrity_check "${PIHOLE_FTL_DB_FILE}" + fi show_db_entries "Info table" "SELECT property,value FROM info" "20 40" gravity_updated_raw="$(pihole-FTL sqlite3 "${PIHOLE_GRAVITY_DB_FILE}" "SELECT value FROM info where property = 'updated'")" @@ -1286,6 +1295,57 @@ analyze_gravity_list() { IFS="$OLD_IFS" } +analyze_ftl_db() { + echo_current_diagnostic "Pi-hole FTL Query Database" + database_permissions "${PIHOLE_FTL_DB_FILE}" + # if users want to check database integrity + if [[ "${CHECK_DATABASE}" = true ]]; then + database_integrity_check "${PIHOLE_FTL_DB_FILE}" + fi +} + +database_integrity_check(){ + local result + local database="${1}" + + log_write "${INFO} Checking integrity of ${database} ... (this can take several minutes)" + result="$(pihole-FTL "${database}" "PRAGMA integrity_check" 2>&1)" + if [[ ${result} = "ok" ]]; then + log_write "${TICK} Integrity of ${database} intact" + + + log_write "${INFO} Checking foreign key constraints of ${database} ... (this can take several minutes)" + unset result + result="$(pihole-FTL sqlite3 "${database}" -cmd ".headers on" -cmd ".mode column" "PRAGMA foreign_key_check" 2>&1)" + if [[ -z ${result} ]]; then + log_write "${TICK} No foreign key errors in ${database}" + else + log_write "${CROSS} ${COL_RED}Foreign key errors in ${database} found.${COL_NC}" + while IFS= read -r line ; do + log_write " $line" + done <<< "$result" + fi + + else + log_write "${CROSS} ${COL_RED}Integrity errors in ${database} found.\n${COL_NC}" + while IFS= read -r line ; do + log_write " $line" + done <<< "$result" + fi + +} + +check_database_integrity() { + echo_current_diagnostic "Gravity Database" + database_permissions "${PIHOLE_GRAVITY_DB_FILE}" + database_integrity_check "${PIHOLE_GRAVITY_DB_FILE}" + + echo_current_diagnostic "Pi-hole FTL Query Database" + database_permissions "${PIHOLE_FTL_DB_FILE}" + database_integrity_check "${PIHOLE_FTL_DB_FILE}" +} + + obfuscated_pihole_log() { local pihole_log=("$@") local line @@ -1431,7 +1491,7 @@ upload_to_tricorder() { if [[ "${WEBCALL}" ]] && [[ ! "${AUTOMATED}" ]]; then : else - log_write "${CROSS} ${COL_RED}There was an error uploading your debug log.${COL_NC}" + log_write "${CROSS} ${COL_RED}There was an error uploading your debug log.${COL_NC}" log_write " * Please try again or contact the Pi-hole team for assistance." fi fi @@ -1460,6 +1520,7 @@ process_status ftl_full_status parse_setup_vars check_x_headers +analyze_ftl_db analyze_gravity_list show_groups show_domainlist diff --git a/gravity.sh b/gravity.sh index 77974694..910940af 100755 --- a/gravity.sh +++ b/gravity.sh @@ -870,15 +870,19 @@ gravity_Cleanup() { database_recovery() { local result - local str="Checking integrity of existing gravity database" + local str="Checking integrity of existing gravity database (this can take a while)" local option="${1}" echo -ne " ${INFO} ${str}..." - if result="$(pihole-FTL sqlite3 "${gravityDBfile}" "PRAGMA integrity_check" 2>&1)"; then + result="$(pihole-FTL sqlite3 "${gravityDBfile}" "PRAGMA integrity_check" 2>&1)" + + if [[ ${result} = "ok" ]]; then echo -e "${OVER} ${TICK} ${str} - no errors found" - str="Checking foreign keys of existing gravity database" + str="Checking foreign keys of existing gravity database (this can take a while)" echo -ne " ${INFO} ${str}..." - if result="$(pihole-FTL sqlite3 "${gravityDBfile}" "PRAGMA foreign_key_check" 2>&1)"; then + unset result + result="$(pihole-FTL sqlite3 "${gravityDBfile}" "PRAGMA foreign_key_check" 2>&1)" + if [[ -z ${result} ]]; then echo -e "${OVER} ${TICK} ${str} - no errors found" if [[ "${option}" != "force" ]]; then return diff --git a/pihole b/pihole index c54a3192..35f6c07b 100755 --- a/pihole +++ b/pihole @@ -36,19 +36,20 @@ listFunc() { } debugFunc() { - local automated - local web + local automated + local web + local check_database_integrity + # Pull off the `debug` leaving passed call augmentation flags in $1 + shift - # Pull off the `debug` leaving passed call augmentation flags in $1 - shift - if [[ "$@" == *"-a"* ]]; then - automated="true" - fi - if [[ "$@" == *"-w"* ]]; then - web="true" - fi + for value in "$@"; do + [[ "$value" == *"-a"* ]] && automated="true" + [[ "$value" == *"-w"* ]] && web="true" + [[ "$value" == *"-c"* ]] && check_database_integrity="true" + [[ "$value" == *"--check_database"* ]] && check_database_integrity="true" + done - AUTOMATED=${automated:-} WEBCALL=${web:-} "${PI_HOLE_SCRIPT_DIR}"/piholeDebug.sh + AUTOMATED=${automated:-} WEBCALL=${web:-} CHECK_DATABASE=${check_database_integrity:-} "${PI_HOLE_SCRIPT_DIR}"/piholeDebug.sh exit 0 } @@ -455,6 +456,7 @@ Whitelist/Blacklist Options: Debugging Options: -d, debug Start a debugging session + Add '-c' or '--check-database' to include a Pi-hole database integrity check Add '-a' to automatically upload the log to tricorder.pi-hole.net -f, flush Flush the Pi-hole log -r, reconfigure Reconfigure or Repair Pi-hole subsystems From c4f9a475f3cc6d78deac5aa2fb61b191978cf638 Mon Sep 17 00:00:00 2001 From: RD WebDesign Date: Mon, 11 Jul 2022 01:34:51 -0300 Subject: [PATCH 02/61] Debug log - add spinner for long processes Signed-off-by: RD WebDesign --- advanced/Scripts/piholeDebug.sh | 32 ++++++++++++++++++++++++++++++-- 1 file changed, 30 insertions(+), 2 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 2f4b0011..02b6ed64 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -1230,7 +1230,7 @@ check_dhcp_servers() { OLD_IFS="$IFS" IFS=$'\n' local entries=() - mapfile -t entries < <(pihole-FTL dhcp-discover) + mapfile -t entries < <(pihole-FTL dhcp-discover & spinner) for line in "${entries[@]}"; do log_write " ${line}" @@ -1309,7 +1309,7 @@ database_integrity_check(){ local database="${1}" log_write "${INFO} Checking integrity of ${database} ... (this can take several minutes)" - result="$(pihole-FTL "${database}" "PRAGMA integrity_check" 2>&1)" + result="$(pihole-FTL "${database}" "PRAGMA integrity_check" 2>&1 & spinner)" if [[ ${result} = "ok" ]]; then log_write "${TICK} Integrity of ${database} intact" @@ -1345,6 +1345,34 @@ check_database_integrity() { database_integrity_check "${PIHOLE_FTL_DB_FILE}" } +# Show a text spinner during a long process run +# +spinner(){ + local PID=$! # PID of the most recent background process + local spin="/-\|" + local start=0 + local elapsed=0 + local i=1 + + start=$(date +%s) # Start the counter + + tput civis > /dev/tty # Hide the cursor + trap 'tput cnorm > /dev/tty' EXIT # ensures cursor is visible again, in case of premature exit + + while [ -d /proc/$PID ]; do + elapsed=$(( $(date +%s) - start )) + # print the spinner only on screen (tty) - use hours only if needed + if [ "$elapsed" -lt 3600 ]; then + printf "\r${spin:i++%${#spin}:1} %02d:%02d" $((elapsed/60)) $((elapsed%60)) >"$(tty)" + else + printf "\r${spin:i++%${#spin}:1} %02d:%02d:%02d" $((elapsed/3600)) $(((elapsed/60)%60)) $((elapsed%60)) >"$(tty)" + fi + sleep 0.25 + done + + printf "\r" >"$(tty)" # Return to the begin of the line after completion (the spinner will be overwritten) + tput cnorm > /dev/tty # Restore cursor visibility +} obfuscated_pihole_log() { local pihole_log=("$@") From cbcd12631d5674c2f508089a3e2056de592c460c Mon Sep 17 00:00:00 2001 From: RD WebDesign Date: Mon, 11 Jul 2022 01:53:30 -0300 Subject: [PATCH 03/61] Adding the spinner for foreign_key_check too Signed-off-by: RD WebDesign --- advanced/Scripts/piholeDebug.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 02b6ed64..2e902903 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -1316,7 +1316,7 @@ database_integrity_check(){ log_write "${INFO} Checking foreign key constraints of ${database} ... (this can take several minutes)" unset result - result="$(pihole-FTL sqlite3 "${database}" -cmd ".headers on" -cmd ".mode column" "PRAGMA foreign_key_check" 2>&1)" + result="$(pihole-FTL sqlite3 "${database}" -cmd ".headers on" -cmd ".mode column" "PRAGMA foreign_key_check" 2>&1 & spinner)" if [[ -z ${result} ]]; then log_write "${TICK} No foreign key errors in ${database}" else From a3f1317add4dbc786c083302fb1c1bfb078e22ac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Fri, 15 Jul 2022 20:04:37 +0200 Subject: [PATCH 04/61] Don't fail if Alma or Rocky is detected MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- automated install/basic-install.sh | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 5fc61215..1d21bdc9 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -381,7 +381,7 @@ select_rpm_php(){ # all required packages should be available by default with the latest fedora release : # continue # or if host OS is CentOS, - elif grep -qiE 'centos|scientific' /etc/redhat-release; then + elif grep -qiE 'centos|scientific|alma|rocky' /etc/redhat-release; then # Pi-Hole currently supports CentOS 7+ with PHP7+ SUPPORTED_CENTOS_VERSION=7 SUPPORTED_CENTOS_PHP_VERSION=7 @@ -413,11 +413,7 @@ select_rpm_php(){ printf " %b EPEL repository already installed\\n" "${TICK}" else # CentOS requires the EPEL repository to gain access to Fedora packages - if [[ CURRENT_CENTOS_VERSION -eq 7 ]]; then - EPEL_PKG="https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm" - elif [[ CURRENT_CENTOS_VERSION -eq 8 ]]; then - EPEL_PKG="https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm" - fi + EPEL_PKG="https://dl.fedoraproject.org/pub/epel/epel-release-latest-${CURRENT_CENTOS_VERSION}.noarch.rpm" printf " %b Enabling EPEL package repository (https://fedoraproject.org/wiki/EPEL)\\n" "${INFO}" "${PKG_INSTALL[@]}" ${EPEL_PKG} printf " %b Installed %s\\n" "${TICK}" "${EPEL_PKG}" From bc8fcc744ce97012586e3d0767aa6d9723659d51 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Fri, 15 Jul 2022 20:40:11 +0200 Subject: [PATCH 05/61] Fix shellcheck warnings MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- automated install/basic-install.sh | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 5fc61215..30585b70 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -805,7 +805,7 @@ testIPv6() { find_IPv6_information() { # Detects IPv6 address used for communication to WAN addresses. - IPV6_ADDRESSES=($(ip -6 address | grep 'scope global' | awk '{print $2}')) + mapfile -t IPV6_ADDRESSES <<<"$(ip -6 address | grep 'scope global' | awk '{print $2}')" # For each address in the array above, determine the type of IPv6 address it is for i in "${IPV6_ADDRESSES[@]}"; do @@ -820,13 +820,13 @@ find_IPv6_information() { # Determine which address to be used: Prefer ULA over GUA or don't use any if none found # If the ULA_ADDRESS contains a value, - if [[ ! -z "${ULA_ADDRESS}" ]]; then + if [[ -n "${ULA_ADDRESS}" ]]; then # set the IPv6 address to the ULA address IPV6_ADDRESS="${ULA_ADDRESS}" # Show this info to the user printf " %b Found IPv6 ULA address\\n" "${INFO}" # Otherwise, if the GUA_ADDRESS has a value, - elif [[ ! -z "${GUA_ADDRESS}" ]]; then + elif [[ -n "${GUA_ADDRESS}" ]]; then # Let the user know printf " %b Found IPv6 GUA address\\n" "${INFO}" # And assign it to the global variable @@ -1751,9 +1751,9 @@ install_dependent_packages() { # Running apt-get install with minimal output can cause some issues with # requiring user input (e.g password for phpmyadmin see #218) printf " %b Processing %s install(s) for: %s, please wait...\\n" "${INFO}" "${PKG_MANAGER}" "${installArray[*]}" - printf '%*s\n' "$columns" '' | tr " " -; + printf '%*s\n' "${c}" '' | tr " " -; "${PKG_INSTALL[@]}" "${installArray[@]}" - printf '%*s\n' "$columns" '' | tr " " -; + printf '%*s\n' "${c}" '' | tr " " -; return fi printf "\\n" @@ -1774,9 +1774,9 @@ install_dependent_packages() { # If there's anything to install, install everything in the list. if [[ "${#installArray[@]}" -gt 0 ]]; then printf " %b Processing %s install(s) for: %s, please wait...\\n" "${INFO}" "${PKG_MANAGER}" "${installArray[*]}" - printf '%*s\n' "$columns" '' | tr " " -; + printf '%*s\n' "${c}" '' | tr " " -; "${PKG_INSTALL[@]}" "${installArray[@]}" - printf '%*s\n' "$columns" '' | tr " " -; + printf '%*s\n' "${c}" '' | tr " " -; return fi printf "\\n" @@ -1939,6 +1939,7 @@ finalExports() { # Bring in the current settings and the functions to manipulate them source "${setupVars}" + # shellcheck source=advanced/Scripts/webpage.sh source "${PI_HOLE_LOCAL_REPO}/advanced/Scripts/webpage.sh" # Look for DNS server settings which would have to be reapplied From 8d1f286f30d4415dac2f1efff38bb32491f26904 Mon Sep 17 00:00:00 2001 From: RD WebDesign Date: Sun, 24 Jul 2022 17:52:17 -0300 Subject: [PATCH 06/61] Only execute spinner function if there is a tty Signed-off-by: RD WebDesign --- advanced/Scripts/piholeDebug.sh | 43 ++++++++++++++++++--------------- 1 file changed, 23 insertions(+), 20 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 2e902903..34348885 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -1348,30 +1348,33 @@ check_database_integrity() { # Show a text spinner during a long process run # spinner(){ - local PID=$! # PID of the most recent background process - local spin="/-\|" - local start=0 - local elapsed=0 - local i=1 + # Show the spinner only if there is a tty + if tty -s; then + local PID=$! # PID of the most recent background process + local spin="/-\|" + local start=0 + local elapsed=0 + local i=1 - start=$(date +%s) # Start the counter + start=$(date +%s) # Start the counter - tput civis > /dev/tty # Hide the cursor - trap 'tput cnorm > /dev/tty' EXIT # ensures cursor is visible again, in case of premature exit + tput civis > /dev/tty # Hide the cursor + trap 'tput cnorm > /dev/tty' EXIT # ensures cursor is visible again, in case of premature exit - while [ -d /proc/$PID ]; do - elapsed=$(( $(date +%s) - start )) - # print the spinner only on screen (tty) - use hours only if needed - if [ "$elapsed" -lt 3600 ]; then - printf "\r${spin:i++%${#spin}:1} %02d:%02d" $((elapsed/60)) $((elapsed%60)) >"$(tty)" - else - printf "\r${spin:i++%${#spin}:1} %02d:%02d:%02d" $((elapsed/3600)) $(((elapsed/60)%60)) $((elapsed%60)) >"$(tty)" - fi - sleep 0.25 - done + while [ -d /proc/$PID ]; do + elapsed=$(( $(date +%s) - start )) + # use hours only if needed + if [ "$elapsed" -lt 3600 ]; then + printf "\r${spin:i++%${#spin}:1} %02d:%02d" $((elapsed/60)) $((elapsed%60)) >"$(tty)" + else + printf "\r${spin:i++%${#spin}:1} %02d:%02d:%02d" $((elapsed/3600)) $(((elapsed/60)%60)) $((elapsed%60)) >"$(tty)" + fi + sleep 0.25 + done - printf "\r" >"$(tty)" # Return to the begin of the line after completion (the spinner will be overwritten) - tput cnorm > /dev/tty # Restore cursor visibility + printf "\r" >"$(tty)" # Return to the begin of the line after completion (the spinner will be overwritten) + tput cnorm > /dev/tty # Restore cursor visibility + fi } obfuscated_pihole_log() { From d89720330f7434254c52f094d1117f67aaa8cf1a Mon Sep 17 00:00:00 2001 From: RD WebDesign Date: Sun, 24 Jul 2022 20:15:20 -0300 Subject: [PATCH 07/61] Address revision requests: - replace `local var` with `_var` (POSIX style); - move inline comments Signed-off-by: RD WebDesign --- advanced/Scripts/piholeDebug.sh | 39 +++++++++++++++++++-------------- 1 file changed, 23 insertions(+), 16 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 34348885..1707b872 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -1346,34 +1346,41 @@ check_database_integrity() { } # Show a text spinner during a long process run -# spinner(){ # Show the spinner only if there is a tty if tty -s; then - local PID=$! # PID of the most recent background process - local spin="/-\|" - local start=0 - local elapsed=0 - local i=1 + # PID of the most recent background process + _PID=$! + _spin="/-\|" + _start=0 + _elapsed=0 + _i=1 - start=$(date +%s) # Start the counter + # Start the counter + _start=$(date +%s) - tput civis > /dev/tty # Hide the cursor - trap 'tput cnorm > /dev/tty' EXIT # ensures cursor is visible again, in case of premature exit + # Hide the cursor + tput civis > /dev/tty - while [ -d /proc/$PID ]; do - elapsed=$(( $(date +%s) - start )) + # ensures cursor is visible again, in case of premature exit + trap 'tput cnorm > /dev/tty' EXIT + + while [ -d /proc/$_PID ]; do + _elapsed=$(( $(date +%s) - _start )) # use hours only if needed - if [ "$elapsed" -lt 3600 ]; then - printf "\r${spin:i++%${#spin}:1} %02d:%02d" $((elapsed/60)) $((elapsed%60)) >"$(tty)" + if [ "$_elapsed" -lt 3600 ]; then + printf "\r${_spin:_i++%${#_spin}:1} %02d:%02d" $((_elapsed/60)) $((_elapsed%60)) >"$(tty)" else - printf "\r${spin:i++%${#spin}:1} %02d:%02d:%02d" $((elapsed/3600)) $(((elapsed/60)%60)) $((elapsed%60)) >"$(tty)" + printf "\r${_spin:_i++%${#_spin}:1} %02d:%02d:%02d" $((_elapsed/3600)) $(((_elapsed/60)%60)) $((_elapsed%60)) >"$(tty)" fi sleep 0.25 done - printf "\r" >"$(tty)" # Return to the begin of the line after completion (the spinner will be overwritten) - tput cnorm > /dev/tty # Restore cursor visibility + # Return to the begin of the line after completion (the spinner will be overwritten) + printf "\r" >"$(tty)" + + # Restore cursor visibility + tput cnorm > /dev/tty fi } From 2bd3366bb121e1d6f837a9d652cbf74835878436 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Mon, 25 Jul 2022 21:57:30 +0100 Subject: [PATCH 08/61] Disable fail fast, allowing tests to run despite failures on a particular distro - it is easier to retry failed tests these day --- .github/workflows/test.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 308997d7..4c1c5960 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -41,6 +41,7 @@ jobs: runs-on: ubuntu-latest needs: smoke-tests strategy: + fail-fast: false matrix: distro: [debian_10, debian_11, ubuntu_18, ubuntu_20, ubuntu_21, ubuntu_22, centos_7, centos_8, fedora_34] env: From 21af75a2d2342d184d3a653cbe52fc11c83eebea Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Mon, 25 Jul 2022 22:27:56 +0100 Subject: [PATCH 09/61] Ubuntu 21 tests are failing entirely. apt-update does not work on an impish vm, either Signed-off-by: Adam Warner --- .github/workflows/test.yml | 2 +- test/_ubuntu_21.Dockerfile | 18 ------------------ test/tox.ubuntu_21.ini | 8 -------- 3 files changed, 1 insertion(+), 27 deletions(-) delete mode 100644 test/_ubuntu_21.Dockerfile delete mode 100644 test/tox.ubuntu_21.ini diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 4c1c5960..e9a5d34d 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -43,7 +43,7 @@ jobs: strategy: fail-fast: false matrix: - distro: [debian_10, debian_11, ubuntu_18, ubuntu_20, ubuntu_21, ubuntu_22, centos_7, centos_8, fedora_34] + distro: [debian_10, debian_11, ubuntu_18, ubuntu_20, ubuntu_22, centos_7, centos_8, fedora_34] env: DISTRO: ${{matrix.distro}} steps: diff --git a/test/_ubuntu_21.Dockerfile b/test/_ubuntu_21.Dockerfile deleted file mode 100644 index 05801de8..00000000 --- a/test/_ubuntu_21.Dockerfile +++ /dev/null @@ -1,18 +0,0 @@ -FROM buildpack-deps:impish-scm - -ENV GITDIR /etc/.pihole -ENV SCRIPTDIR /opt/pihole - -RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole -ADD . $GITDIR -RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/ -ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR -ENV DEBIAN_FRONTEND=noninteractive - -RUN true && \ - chmod +x $SCRIPTDIR/* - -ENV SKIP_INSTALL true -ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net - -#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \ diff --git a/test/tox.ubuntu_21.ini b/test/tox.ubuntu_21.ini deleted file mode 100644 index 070d3a72..00000000 --- a/test/tox.ubuntu_21.ini +++ /dev/null @@ -1,8 +0,0 @@ -[tox] -envlist = py38 - -[testenv] -whitelist_externals = docker -deps = -rrequirements.txt -commands = docker build -f _ubuntu_21.Dockerfile -t pytest_pihole:test_container ../ - pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py From 64465510de08acf278db58b247ad85802afe3b77 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Tue, 26 Jul 2022 13:33:00 +0200 Subject: [PATCH 10/61] prefers-color-scheme for logo MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- README.md | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index dbe91972..cf6d80c0 100644 --- a/README.md +++ b/README.md @@ -3,15 +3,15 @@ #

- - Pi-hole - - - Pi-hole - + + + + Pi-hole website +
Network-wide ad blocking via your own Linux hardware

+ The Pi-hole® is a [DNS sinkhole](https://en.wikipedia.org/wiki/DNS_Sinkhole) that protects your devices from unwanted content without installing any client-side software. @@ -22,7 +22,7 @@ The Pi-hole® is a [DNS sinkhole](https://en.wikipedia.org/wiki/DNS_Sinkhole) th - **Lightweight**: runs smoothly with [minimal hardware and software requirements](https://docs.pi-hole.net/main/prerequisites/) - **Robust**: a command line interface that is quality assured for interoperability - **Insightful**: a beautiful responsive Web Interface dashboard to view and control your Pi-hole -- **Versatile**: can optionally function as a [DHCP server](https://discourse.pi-hole.net/t/how-do-i-use-pi-holes-built-in-dhcp-server-and-why-would-i-want-to/3026), ensuring *all* your devices are protected automatically +- **Versatile**: can optionally function as a [DHCP server](https://discourse.pi-hole.net/t/how-do-i-use-pi-holes-built-in-dhcp-server-and-why-would-i-want-to/3026), ensuring _all_ your devices are protected automatically - **Scalable**: [capable of handling hundreds of millions of queries](https://pi-hole.net/2017/05/24/how-much-traffic-can-pi-hole-handle/) when installed on server-grade hardware - **Modern**: blocks ads over both IPv4 and IPv6 - **Free**: open source software that helps ensure _you_ are the sole person in control of your privacy @@ -53,7 +53,9 @@ sudo bash basic-install.sh wget -O basic-install.sh https://install.pi-hole.net sudo bash basic-install.sh ``` + ### Method 3: Using Docker to deploy Pi-hole + Please refer to the [Pi-hole docker repo](https://github.com/pi-hole/docker-pi-hole) to use the Official Docker Images. ## [Post-install: Make your network take advantage of Pi-hole](https://docs.pi-hole.net/main/post-install/) @@ -115,7 +117,7 @@ While we are primarily reachable on our [Discourse User Forum](https://discourse ### [Faster-than-light Engine](https://github.com/pi-hole/ftl) -[FTLDNS](https://github.com/pi-hole/ftl) is a lightweight, purpose-built daemon used to provide statistics needed for the Web Interface, and its API can be easily integrated into your own projects. As the name implies, FTLDNS does this all *very quickly*! +[FTLDNS](https://github.com/pi-hole/ftl) is a lightweight, purpose-built daemon used to provide statistics needed for the Web Interface, and its API can be easily integrated into your own projects. As the name implies, FTLDNS does this all _very quickly_! Some of the statistics you can integrate include: @@ -142,7 +144,7 @@ Some notable features include: - [Updating Ad Lists](https://docs.pi-hole.net/core/pihole-command/#gravity) - [Querying Ad Lists for blocked domains](https://docs.pi-hole.net/core/pihole-command/#query) - [Enabling and Disabling Pi-hole](https://docs.pi-hole.net/core/pihole-command/#enable-disable) -- ... and *many* more! +- ... and _many_ more! You can read our [Core Feature Breakdown](https://docs.pi-hole.net/core/pihole-command/#pi-hole-core) for more information. From 7b77d991df712722ae48568e325c5a0bc3df1c65 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Tue, 26 Jul 2022 14:38:03 +0200 Subject: [PATCH 11/61] Move FTL port and PID functions to utils.sh MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- advanced/Scripts/utils.sh | 99 +++++++++++++++++++++------ advanced/Templates/pihole-FTL.service | 52 ++------------ pihole | 80 ++++++++++------------ test/test_any_utils.py | 7 +- 4 files changed, 125 insertions(+), 113 deletions(-) diff --git a/advanced/Scripts/utils.sh b/advanced/Scripts/utils.sh index cf24c098..a9e05692 100755 --- a/advanced/Scripts/utils.sh +++ b/advanced/Scripts/utils.sh @@ -71,28 +71,87 @@ removeKey() { } ####################### -# returns FTL's current telnet API port +# returns path of FTL's port file +####################### +getFTLAPIPortFile() { + local FTLCONFFILE="/etc/pihole/pihole-FTL.conf" + local DEFAULT_PORT_FILE="/run/pihole-FTL.port" + local FTL_APIPORT_FILE + + if [ -s "${FTLCONFFILE}" ]; then + # if PORTFILE is not set in pihole-FTL.conf, use the default path + FTL_APIPORT_FILE="$({ grep '^PORTFILE=' "${FTLCONFFILE}" || echo "${DEFAULT_PORT_FILE}"; } | cut -d'=' -f2-)" + else + # if there is no pihole-FTL.conf, use the default path + FTL_APIPORT_FILE="${DEFAULT_PORT_FILE}" + fi + + echo "${FTL_APIPORT_FILE}" +} + + +####################### +# returns FTL's current telnet API port based on the content of the pihole-FTL.port file +# +# Takes one argument: path to pihole-FTL.port +# Example getFTLAPIPort "/run/pihole-FTL.port" ####################### getFTLAPIPort(){ - local FTLCONFFILE="/etc/pihole/pihole-FTL.conf" - local DEFAULT_PORT_FILE="/run/pihole-FTL.port" - local DEFAULT_FTL_PORT=4711 - local PORTFILE - local ftl_api_port + local PORTFILE="${1}" + local DEFAULT_FTL_PORT=4711 + local ftl_api_port - if [ -f "$FTLCONFFILE" ]; then - # if PORTFILE is not set in pihole-FTL.conf, use the default path - PORTFILE="$( (grep "^PORTFILE=" $FTLCONFFILE || echo "$DEFAULT_PORT_FILE") | cut -d"=" -f2-)" - fi + if [ -s "$PORTFILE" ]; then + # -s: FILE exists and has a size greater than zero + ftl_api_port=$(cat "${PORTFILE}") + # Exploit prevention: unset the variable if there is malicious content + # Verify that the value read from the file is numeric + expr "$ftl_api_port" : "[^[:digit:]]" > /dev/null && unset ftl_api_port + fi - if [ -s "$PORTFILE" ]; then - # -s: FILE exists and has a size greater than zero - ftl_api_port=$(cat "${PORTFILE}") - # Exploit prevention: unset the variable if there is malicious content - # Verify that the value read from the file is numeric - expr "$ftl_api_port" : "[^[:digit:]]" > /dev/null && unset ftl_api_port - fi - - # echo the port found in the portfile or default to the default port - echo "${ftl_api_port:=$DEFAULT_FTL_PORT}" + # echo the port found in the portfile or default to the default port + echo "${ftl_api_port:=$DEFAULT_FTL_PORT}" +} + +####################### +# returns path of FTL's PID file +####################### +getFTLPIDFile() { + local FTLCONFFILE="/etc/pihole/pihole-FTL.conf" + local DEFAULT_PID_FILE="/run/pihole-FTL.pid" + local FTL_PID_FILE + + if [ -s "${FTLCONFFILE}" ]; then + # if PIDFILE is not set in pihole-FTL.conf, use the default path + FTL_PID_FILE="$({ grep '^PIDFILE=' "${FTLCONFFILE}" || echo "${DEFAULT_PID_FILE}"; } | cut -d'=' -f2-)" + else + # if there is no pihole-FTL.conf, use the default path + FTL_PID_FILE="${DEFAULT_PID_FILE}" + fi + + echo "${FTL_PID_FILE}" +} + +####################### +# returns FTL's PID based on the content of the pihole-FTL.pid file +# +# Takes one argument: path to pihole-FTL.pid +# Example getFTLPID "/run/pihole-FTL.pid" +####################### +getFTLPID() { + local FTL_PID_FILE="${1}" + local FTL_PID + + if [ -s "${FTL_PID_FILE}" ]; then + # -s: FILE exists and has a size greater than zero + FTL_PID="$(cat "${FTL_PID_FILE}")" + # Exploit prevention: unset the variable if there is malicious content + # Verify that the value read from the file is numeric + expr "${FTL_PID}" : "[^[:digit:]]" > /dev/null && unset FTL_PID + fi + + # If FTL is not running, or the PID file contains malicious stuff, substitute + # negative PID to signal this + FTL_PID=${FTL_PID:=-1} + echo "${FTL_PID}" } diff --git a/advanced/Templates/pihole-FTL.service b/advanced/Templates/pihole-FTL.service index f5abfcea..7346dc20 100644 --- a/advanced/Templates/pihole-FTL.service +++ b/advanced/Templates/pihole-FTL.service @@ -9,48 +9,10 @@ # Description: Enable service provided by pihole-FTL daemon ### END INIT INFO -# Global variables -FTLCONFFILE="/etc/pihole/pihole-FTL.conf" -DEFAULT_PID_FILE="/run/pihole-FTL.pid" -DEFAULT_PORT_FILE="/run/pihole-FTL.port" -FTL_PID='' - -# Get the file path of the pihole-FTL.pid file -getFTLPIDFile() { - if [ -s "${FTLCONFFILE}" ]; then - # if PIDFILE is not set in pihole-FTL.conf, use the default path - FTL_PID_FILE="$({ grep '^PIDFILE=' "${FTLCONFFILE}" || echo "${DEFAULT_PID_FILE}"; } | cut -d'=' -f2-)" - else - # if there is no pihole-FTL.conf, use the default path - FTL_PID_FILE="${DEFAULT_PID_FILE}" - fi -} - -# Get the PID of the FTL process based on the content of the pihole-FTL.pid file -getFTLPID() { - if [ -s "${FTL_PID_FILE}" ]; then - # -s: FILE exists and has a size greater than zero - FTL_PID="$(cat "${FTL_PID_FILE}")" - # Exploit prevention: unset the variable if there is malicious content - # Verify that the value read from the file is numeric - expr "${FTL_PID}" : "[^[:digit:]]" > /dev/null && unset FTL_PID - fi - - # If FTL is not running, or the PID file contains malicious stuff, substitute - # negative PID to signal this - FTL_PID=${FTL_PID:=-1} -} - -# Get the file path of the pihole-FTL.port file -getFTLPortFile() { - if [ -s "${FTLCONFFILE}" ]; then - # if PORTFILE is not set in pihole-FTL.conf, use the default path - FTL_PORT_FILE="$({ grep '^PORTFILE=' "${FTLCONFFILE}" || echo "${DEFAULT_PORT_FILE}"; } | cut -d'=' -f2-)" - else - # if there is no pihole-FTL.conf, use the default path - FTL_PORT_FILE="${DEFAULT_PORT_FILE}" -fi -} +#source utils.sh for getFTLPIDFile(), getFTLPID (), getFTLAPIPortFile() +PI_HOLE_SCRIPT_DIR="/opt/pihole" +utilsfile="${PI_HOLE_SCRIPT_DIR}/utils.sh" +. "${utilsfile}" is_running() { @@ -148,11 +110,11 @@ status() { ### main logic ### # Get file paths -getFTLPIDFile -getFTLPortFile +FTL_PID_FILE="$(getFTLPIDFile)" +FTL_PORT_FILE="$(getFTLAPIPortFile)" # Get FTL's current PID -getFTLPID +FTL_PID="$(getFTLPID ${FTL_PID_FILE})" case "$1" in stop) diff --git a/pihole b/pihole index 35f6c07b..eb825965 100755 --- a/pihole +++ b/pihole @@ -16,7 +16,6 @@ readonly PI_HOLE_SCRIPT_DIR="/opt/pihole" # error due to modifying a readonly variable. setupVars="/etc/pihole/setupVars.conf" PI_HOLE_BIN_DIR="/usr/local/bin" -readonly FTL_PID_FILE="/run/pihole-FTL.pid" readonly colfile="${PI_HOLE_SCRIPT_DIR}/COL_TABLE" source "${colfile}" @@ -101,25 +100,8 @@ versionFunc() { exec "${PI_HOLE_SCRIPT_DIR}"/version.sh "$@" } -# Get PID of main pihole-FTL process -getFTLPID() { - local pid - - if [ -s "${FTL_PID_FILE}" ]; then - # -s: FILE exists and has a size greater than zero - pid="$(<"$FTL_PID_FILE")" - # Exploit prevention: unset the variable if there is malicious content - # Verify that the value read from the file is numeric - [[ "$pid" =~ [^[:digit:]] ]] && unset pid - fi - - # If FTL is not running, or the PID file contains malicious stuff, substitute - # negative PID to signal this to the caller - echo "${pid:=-1}" -} - restartDNS() { - local svcOption svc str output status pid icon + local svcOption svc str output status pid icon FTL_PID_FILE svcOption="${1:-restart}" # Determine if we should reload or restart @@ -128,7 +110,11 @@ restartDNS() { # Note 1: This will NOT re-read any *.conf files # Note 2: We cannot use killall here as it does # not know about real-time signals - pid="$(getFTLPID)" + + # get the current path to the pihole-FTL.pid + FTL_PID_FILE="$(getFTLPIDFile)" + + pid="$(getFTLPID ${FTL_PID_FILE})" if [[ "$pid" -eq "-1" ]]; then svc="true" str="FTL is not running" @@ -141,7 +127,7 @@ restartDNS() { elif [[ "${svcOption}" =~ "reload" ]]; then # Reloading of the DNS cache has been requested # Note: This will NOT re-read any *.conf files - pid="$(getFTLPID)" + pid="$(getFTLPID ${FTL_PID_FILE})" if [[ "$pid" -eq "-1" ]]; then svc="true" str="FTL is not running" @@ -316,33 +302,37 @@ analyze_ports() { } statusFunc() { - # Determine if there is pihole-FTL service is listening - local pid port ftl_api_port + # Determine if there is pihole-FTL service is listening + local pid port ftl_api_port ftl_pid_file ftl_apiport_file - pid="$(getFTLPID)" - ftl_api_port="$(getFTLAPIPort)" - if [[ "$pid" -eq "-1" ]]; then - case "${1}" in - "web") echo "-1";; - *) echo -e " ${CROSS} DNS service is NOT running";; - esac - return 0 - else - #get the DNS port pihole-FTL is listening on by using FTL's telnet API - port="$(echo ">dns-port >quit" | nc 127.0.0.1 "$ftl_api_port")" - if [[ "${port}" == "0" ]]; then - case "${1}" in - "web") echo "-1";; - *) echo -e " ${CROSS} DNS service is NOT listening";; - esac - return 0 + ftl_pid_file="$(getFTLPIDFile)" + + pid="$(getFTLPID ${ftl_pid_file})" + + ftl_apiport_file="${getFTLAPIPortFile}" + ftl_api_port="$(getFTLAPIPort ${ftl_apiport_file})" + if [[ "$pid" -eq "-1" ]]; then + case "${1}" in + "web") echo "-1";; + *) echo -e " ${CROSS} DNS service is NOT running";; + esac + return 0 else - if [[ "${1}" != "web" ]]; then - echo -e " ${TICK} FTL is listening on port ${port}" - analyze_ports "${port}" - fi + #get the DNS port pihole-FTL is listening on by using FTL's telnet API + port="$(echo ">dns-port >quit" | nc 127.0.0.1 "$ftl_api_port")" + if [[ "${port}" == "0" ]]; then + case "${1}" in + "web") echo "-1";; + *) echo -e " ${CROSS} DNS service is NOT listening";; + esac + return 0 + else + if [[ "${1}" != "web" ]]; then + echo -e " ${TICK} FTL is listening on port ${port}" + analyze_ports "${port}" + fi + fi fi - fi # Determine if Pi-hole's blocking is enabled if grep -q "BLOCKING_ENABLED=false" /etc/pihole/setupVars.conf; then diff --git a/test/test_any_utils.py b/test/test_any_utils.py index b30ff7fd..aaa496cc 100644 --- a/test/test_any_utils.py +++ b/test/test_any_utils.py @@ -54,13 +54,13 @@ def test_getFTLAPIPort_default(host): ''' Confirms getFTLAPIPort returns the default API port ''' output = host.run(''' source /opt/pihole/utils.sh - getFTLAPIPort + getFTLAPIPort "/run/pihole-FTL.port" ''') expected_stdout = '4711\n' assert expected_stdout == output.stdout -def test_getFTLAPIPort_custom(host): +def test_getFTLAPIPortFile_and_getFTLAPIPort_custom(host): ''' Confirms getFTLAPIPort returns a custom API port in a custom PORTFILE location ''' host.run(''' echo "PORTFILE=/tmp/port.file" > /etc/pihole/pihole-FTL.conf @@ -68,7 +68,8 @@ def test_getFTLAPIPort_custom(host): ''') output = host.run(''' source /opt/pihole/utils.sh - getFTLAPIPort + FTL_API_PORT=$(getFTLAPIPortFile) + getFTLAPIPort "${FTL_API_PORT}" ''') expected_stdout = '1234\n' assert expected_stdout == output.stdout From 2651abbe6c0d2e834907d161af99606e706c4dba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Tue, 26 Jul 2022 16:57:06 +0200 Subject: [PATCH 12/61] Add tests MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- test/test_any_utils.py | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/test/test_any_utils.py b/test/test_any_utils.py index aaa496cc..8ec8871c 100644 --- a/test/test_any_utils.py +++ b/test/test_any_utils.py @@ -49,6 +49,15 @@ def test_key_removal_works(host): expected_stdout = 'KEY_ONE=value1\nKEY_THREE=value3\n' assert expected_stdout == output.stdout +def test_getFTLAPIPortFile_default(host): + ''' Confirms getFTLAPIPortFile returns the default API port file path ''' + output = host.run(''' + source /opt/pihole/utils.sh + getFTLAPIPortFile + ''') + expected_stdout = '/run/pihole-FTL.port\n' + assert expected_stdout == output.stdout + def test_getFTLAPIPort_default(host): ''' Confirms getFTLAPIPort returns the default API port ''' @@ -73,3 +82,24 @@ def test_getFTLAPIPortFile_and_getFTLAPIPort_custom(host): ''') expected_stdout = '1234\n' assert expected_stdout == output.stdout + +def test_getFTLPIDFile_default(host): + ''' Confirms getFTLPIDFile returns the default PID file path ''' + output = host.run(''' + source /opt/pihole/utils.sh + getFTLPIDFile + ''') + expected_stdout = '/run/pihole-FTL.pid\n' + assert expected_stdout == output.stdout + +def test_getFTLPIDFile_custom(host): + ''' Confirms getFTLPIDFile returns a custom PID file path ''' + host.run(''' + echo "PIDFILE=/tmp/pid.file" > /etc/pihole/pihole-FTL.conf + ''') + output = host.run(''' + source /opt/pihole/utils.sh + getFTLPIDFile + ''') + expected_stdout = '/tmp/pid.file\n' + assert expected_stdout == output.stdout From c8c4eb59b774de7ad7ae5b3afd017626de7c20f3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Tue, 26 Jul 2022 17:34:42 +0200 Subject: [PATCH 13/61] Add getFTLPID() tests MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- test/test_any_utils.py | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/test/test_any_utils.py b/test/test_any_utils.py index 8ec8871c..0668b9d1 100644 --- a/test/test_any_utils.py +++ b/test/test_any_utils.py @@ -77,8 +77,8 @@ def test_getFTLAPIPortFile_and_getFTLAPIPort_custom(host): ''') output = host.run(''' source /opt/pihole/utils.sh - FTL_API_PORT=$(getFTLAPIPortFile) - getFTLAPIPort "${FTL_API_PORT}" + FTL_API_PORT_FILE=$(getFTLAPIPortFile) + getFTLAPIPort "${FTL_API_PORT_FILE}" ''') expected_stdout = '1234\n' assert expected_stdout == output.stdout @@ -92,14 +92,26 @@ def test_getFTLPIDFile_default(host): expected_stdout = '/run/pihole-FTL.pid\n' assert expected_stdout == output.stdout -def test_getFTLPIDFile_custom(host): +def test_getFTLPID_default(host): + ''' Confirms getFTLPID returns the default value if FTL is not running ''' + output = host.run(''' + source /opt/pihole/utils.sh + getFTLPID + ''') + expected_stdout = '-1\n' + assert expected_stdout == output.stdout + +def test_getFTLPIDFile_and_getFTLPID_custom(host): ''' Confirms getFTLPIDFile returns a custom PID file path ''' host.run(''' echo "PIDFILE=/tmp/pid.file" > /etc/pihole/pihole-FTL.conf + echo "1234" > /tmp/pid.file ''') output = host.run(''' source /opt/pihole/utils.sh - getFTLPIDFile + FTL_PID_FILE=$(getFTLPIDFile) + getFTLPID "${FTL_PID_FILE}" ''') expected_stdout = '/tmp/pid.file\n' assert expected_stdout == output.stdout + From ab6b37bdcfab2c64683a6a7386f3afc749f1017e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Tue, 26 Jul 2022 19:33:38 +0200 Subject: [PATCH 14/61] Fix stickler and codefactor complaints MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- test/test_any_utils.py | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/test/test_any_utils.py b/test/test_any_utils.py index 0668b9d1..5126f263 100644 --- a/test/test_any_utils.py +++ b/test/test_any_utils.py @@ -49,6 +49,7 @@ def test_key_removal_works(host): expected_stdout = 'KEY_ONE=value1\nKEY_THREE=value3\n' assert expected_stdout == output.stdout + def test_getFTLAPIPortFile_default(host): ''' Confirms getFTLAPIPortFile returns the default API port file path ''' output = host.run(''' @@ -72,8 +73,9 @@ def test_getFTLAPIPort_default(host): def test_getFTLAPIPortFile_and_getFTLAPIPort_custom(host): ''' Confirms getFTLAPIPort returns a custom API port in a custom PORTFILE location ''' host.run(''' - echo "PORTFILE=/tmp/port.file" > /etc/pihole/pihole-FTL.conf - echo "1234" > /tmp/port.file + tmpfile=$(mktemp) + echo "PORTFILE=${tmpfile}" > /etc/pihole/pihole-FTL.conf + echo "1234" > ${tmpfile} ''') output = host.run(''' source /opt/pihole/utils.sh @@ -83,6 +85,7 @@ def test_getFTLAPIPortFile_and_getFTLAPIPort_custom(host): expected_stdout = '1234\n' assert expected_stdout == output.stdout + def test_getFTLPIDFile_default(host): ''' Confirms getFTLPIDFile returns the default PID file path ''' output = host.run(''' @@ -92,6 +95,7 @@ def test_getFTLPIDFile_default(host): expected_stdout = '/run/pihole-FTL.pid\n' assert expected_stdout == output.stdout + def test_getFTLPID_default(host): ''' Confirms getFTLPID returns the default value if FTL is not running ''' output = host.run(''' @@ -101,17 +105,18 @@ def test_getFTLPID_default(host): expected_stdout = '-1\n' assert expected_stdout == output.stdout + def test_getFTLPIDFile_and_getFTLPID_custom(host): ''' Confirms getFTLPIDFile returns a custom PID file path ''' host.run(''' - echo "PIDFILE=/tmp/pid.file" > /etc/pihole/pihole-FTL.conf - echo "1234" > /tmp/pid.file + tmpfile=$(mktemp) + echo "PIDFILE=${tmpfile}" > /etc/pihole/pihole-FTL.conf + echo "1234" > ${tmpfile} ''') output = host.run(''' source /opt/pihole/utils.sh FTL_PID_FILE=$(getFTLPIDFile) getFTLPID "${FTL_PID_FILE}" ''') - expected_stdout = '/tmp/pid.file\n' + expected_stdout = '1234\n' assert expected_stdout == output.stdout - From 14e1eea22d250d9c800808b3bef4f692e0cbfbb5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Sun, 24 Jul 2022 13:35:19 +0200 Subject: [PATCH 15/61] Fix spaces in dialog msg MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- automated install/basic-install.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 02d312e7..796f856b 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -885,9 +885,9 @@ getStaticIPv4Settings() { --cancel-label "Exit" \ --backtitle "IP information" \ --title "FYI: IP Conflict" \ - --msgbox "\\nIt is possible your router could still try to assign this IP to a device, which would cause a conflict\ -But in most cases the router is smart enough to not do that.\ -If you are worried, either manually set the address, or modify the DHCP reservation pool so it does not include the IP you want.\ + --msgbox "\\nIt is possible your router could still try to assign this IP to a device, which would cause a conflict. \ +But in most cases the router is smart enough to not do that. \ +If you are worried, either manually set the address, or modify the DHCP reservation pool so it does not include the IP you want. \ It is also possible to use a DHCP reservation, but if you are going to do that, you might as well set a static address."\ "${r}" "${c}" && result=0 || result=$? From d5c798d1a9107c05239a2b6094402ec1881ceb3a Mon Sep 17 00:00:00 2001 From: yubiuser Date: Sun, 24 Jul 2022 21:40:16 +0200 Subject: [PATCH 16/61] Apply reviewers suggestion MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: RD WebDesign Signed-off-by: yubiuser Signed-off-by: Christian König --- automated install/basic-install.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 796f856b..342af9b4 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -885,10 +885,10 @@ getStaticIPv4Settings() { --cancel-label "Exit" \ --backtitle "IP information" \ --title "FYI: IP Conflict" \ - --msgbox "\\nIt is possible your router could still try to assign this IP to a device, which would cause a conflict. \ -But in most cases the router is smart enough to not do that. \ -If you are worried, either manually set the address, or modify the DHCP reservation pool so it does not include the IP you want. \ -It is also possible to use a DHCP reservation, but if you are going to do that, you might as well set a static address."\ + --msgbox "\\nIt is possible your router could still try to assign this IP to a device, which would cause a conflict, \ +but in most cases the router is smart enough to not do that.\ +\n\nIf you are worried, either manually set the address, or modify the DHCP reservation pool so it does not include the IP you want.\ +\n\nIt is also possible to use a DHCP reservation, but if you are going to do that, you might as well set a static address."\ "${r}" "${c}" && result=0 || result=$? case ${result} in From 8c778c14dcb9fb50ace4a849ffc1221394f86e51 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Tue, 26 Jul 2022 23:43:49 +0200 Subject: [PATCH 17/61] Move linebreaks MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- automated install/basic-install.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 342af9b4..06694506 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -886,9 +886,9 @@ getStaticIPv4Settings() { --backtitle "IP information" \ --title "FYI: IP Conflict" \ --msgbox "\\nIt is possible your router could still try to assign this IP to a device, which would cause a conflict, \ -but in most cases the router is smart enough to not do that.\ -\n\nIf you are worried, either manually set the address, or modify the DHCP reservation pool so it does not include the IP you want.\ -\n\nIt is also possible to use a DHCP reservation, but if you are going to do that, you might as well set a static address."\ +but in most cases the router is smart enough to not do that.\n\n\ +If you are worried, either manually set the address, or modify the DHCP reservation pool so it does not include the IP you want.\n\n\ +It is also possible to use a DHCP reservation, but if you are going to do that, you might as well set a static address."\ "${r}" "${c}" && result=0 || result=$? case ${result} in From 68eddd2377268353e5cec355929e5b37c0695bd6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Fri, 29 Jul 2022 22:47:40 +0200 Subject: [PATCH 18/61] Add OS_CHECK_DEPS to uninstall script MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- automated install/uninstall.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh index a58ad753..0b516d0f 100755 --- a/automated install/uninstall.sh +++ b/automated install/uninstall.sh @@ -44,8 +44,8 @@ source "${setupVars}" # package_manager_detect() sourced from basic-install.sh package_manager_detect -# Install packages used by the Pi-hole -DEPS=("${INSTALLER_DEPS[@]}" "${PIHOLE_DEPS[@]}") +# Uninstall packages used by the Pi-hole +DEPS=("${INSTALLER_DEPS[@]}" "${PIHOLE_DEPS[@]}" "${OS_CHECK_DEPS[@]}") if [[ "${INSTALL_WEB_SERVER}" == true ]]; then # Install the Web dependencies DEPS+=("${PIHOLE_WEB_DEPS[@]}") From 567a91533633af334375539b15595e297cee4d37 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Fri, 29 Jul 2022 23:21:38 +0200 Subject: [PATCH 19/61] Remove unused and outdated files and scripts MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- advanced/GIFs/25Bytes.gif | Bin 35 -> 0 bytes advanced/GIFs/26Bytes.gif | Bin 26 -> 0 bytes advanced/GIFs/37Bytes.gif | Bin 37 -> 0 bytes advanced/GIFs/43Bytes.gif | Bin 43 -> 0 bytes advanced/Scripts/setupLCD.sh | 74 ----------------------------------- advanced/cmdline.txt | 1 - advanced/console-setup | 17 -------- 7 files changed, 92 deletions(-) delete mode 100644 advanced/GIFs/25Bytes.gif delete mode 100644 advanced/GIFs/26Bytes.gif delete mode 100644 advanced/GIFs/37Bytes.gif delete mode 100644 advanced/GIFs/43Bytes.gif delete mode 100755 advanced/Scripts/setupLCD.sh delete mode 100644 advanced/cmdline.txt delete mode 100644 advanced/console-setup diff --git a/advanced/GIFs/25Bytes.gif b/advanced/GIFs/25Bytes.gif deleted file mode 100644 index 472727f293859cf3859f33a6bfbb0de9b609c4fb..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 35 ncmZ?wbhEHbWMp7uXkcXc|NlP&1A`6_1Nn>$3`|Tej11NQg`Nf5 diff --git a/advanced/GIFs/26Bytes.gif b/advanced/GIFs/26Bytes.gif deleted file mode 100644 index 264e471abd04356be068ad9cc24fc181fde8ae7a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 26 ccmZ?wbhEHbWMp7uVEE6V!vF+eHWPz2062yN6#xJL diff --git a/advanced/GIFs/37Bytes.gif b/advanced/GIFs/37Bytes.gif deleted file mode 100644 index b3aa80d843a929ce4e5af18912072ba4157c115b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 37 kcmZ?wbhEHbWMp7u00PCIER0-0rVfY$7Gq-aVPvod09bhgj{pDw diff --git a/advanced/GIFs/43Bytes.gif b/advanced/GIFs/43Bytes.gif deleted file mode 100644 index 9884f476b9c7cec495c94005574d7eb7a39475fa..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 43 ucmZ?wbhEHbWMp7uXkcXc|NlP&1B2pE7Dg_hfDVuiq!<|(n3#MR8LR=x#0L!k diff --git a/advanced/Scripts/setupLCD.sh b/advanced/Scripts/setupLCD.sh deleted file mode 100755 index b4746dea..00000000 --- a/advanced/Scripts/setupLCD.sh +++ /dev/null @@ -1,74 +0,0 @@ -#!/usr/bin/env bash -# Pi-hole: A black hole for Internet advertisements -# (c) 2017 Pi-hole, LLC (https://pi-hole.net) -# Network-wide ad blocking via your own hardware. -# -# Automatically configures the Pi to use the 2.8 LCD screen to display stats on it (also works over ssh) -# -# This file is copyright under the latest version of the EUPL. -# Please see LICENSE file for your rights under this license. - - - -############ FUNCTIONS ########### - -# Borrowed from adafruit-pitft-helper < borrowed from raspi-config -# https://github.com/adafruit/Adafruit-PiTFT-Helper/blob/master/adafruit-pitft-helper#L324-L334 -getInitSys() { - if command -v systemctl > /dev/null && systemctl | grep -q '\-\.mount'; then - SYSTEMD=1 - elif [ -f /etc/init.d/cron ] && [ ! -h /etc/init.d/cron ]; then - SYSTEMD=0 - else - echo "Unrecognized init system" - return 1 - fi -} - -# Borrowed from adafruit-pitft-helper: -# https://github.com/adafruit/Adafruit-PiTFT-Helper/blob/master/adafruit-pitft-helper#L274-L285 -autoLoginPiToConsole() { - if [ -e /etc/init.d/lightdm ]; then - if [ ${SYSTEMD} -eq 1 ]; then - systemctl set-default multi-user.target - ln -fs /etc/systemd/system/autologin@.service /etc/systemd/system/getty.target.wants/getty@tty1.service - else - update-rc.d lightdm disable 2 - sed /etc/inittab -i -e "s/1:2345:respawn:\/sbin\/getty --noclear 38400 tty1/1:2345:respawn:\/bin\/login -f pi tty1 <\/dev\/tty1 >\/dev\/tty1 2>&1/" - fi - fi -} - -######### SCRIPT ########### -# Set pi to log in automatically -getInitSys -autoLoginPiToConsole - -# Set chronomter to run automatically when pi logs in -echo /usr/local/bin/chronometer.sh >> /home/pi/.bashrc -# OR -#$SUDO echo /usr/local/bin/chronometer.sh >> /etc/profile - -# Set up the LCD screen based on Adafruits instructions: -# https://learn.adafruit.com/adafruit-pitft-28-inch-resistive-touchscreen-display-raspberry-pi/easy-install -curl -SLs https://apt.adafruit.com/add-pin | bash -apt-get -y install raspberrypi-bootloader -apt-get -y install adafruit-pitft-helper -adafruit-pitft-helper -t 28r - -# Download the cmdline.txt file that prevents the screen from going blank after a period of time -mv /boot/cmdline.txt /boot/cmdline.orig -curl -o /boot/cmdline.txt https://raw.githubusercontent.com/pi-hole/pi-hole/master/advanced/cmdline.txt - -# Back up the original file and download the new one -mv /etc/default/console-setup /etc/default/console-setup.orig -curl -o /etc/default/console-setup https://raw.githubusercontent.com/pi-hole/pi-hole/master/advanced/console-setup - -# Instantly apply the font change to the LCD screen -setupcon - -reboot - -# Start showing the stats on the screen by running the command on another tty: -# https://unix.stackexchange.com/questions/170063/start-a-process-on-a-different-tty -#setsid sh -c 'exec /usr/local/bin/chronometer.sh <> /dev/tty1 >&0 2>&1' diff --git a/advanced/cmdline.txt b/advanced/cmdline.txt deleted file mode 100644 index 84d52b79..00000000 --- a/advanced/cmdline.txt +++ /dev/null @@ -1 +0,0 @@ -dwc_otg.lpm_enable=0 console=ttyAMA0,115200 console=tty1 root=/dev/mmcblk0p2 rootfstype=ext4 elevator=deadline fsck.repair=yes rootwait fbcon=map:10 fbcon=font:VGA8x8 consoleblank=0 diff --git a/advanced/console-setup b/advanced/console-setup deleted file mode 100644 index f12be6eb..00000000 --- a/advanced/console-setup +++ /dev/null @@ -1,17 +0,0 @@ -# CONFIGURATION FILE FOR SETUPCON - -# Consult the console-setup(5) manual page. - -ACTIVE_CONSOLES="/dev/tty[1-6]" - -CHARMAP="UTF-8" - -# For best results with the Adafruit 2.8 LCD and Pi-hole's chronometer -CODESET="guess" -FONTFACE="Terminus" -FONTSIZE="10x20" - -VIDEOMODE= - -# The following is an example how to use a braille font -# FONT='lat9w-08.psf.gz brl-8x8.psf' From 26107396245681208509876c97641fbc8eb91591 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Fri, 29 Jul 2022 23:43:20 +0200 Subject: [PATCH 20/61] Indent installation/update complete message MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 06694506..88dc9040 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -2863,7 +2863,7 @@ main() { # Display where the log file is printf "\\n %b The install log is located at: %s\\n" "${INFO}" "${installLogLoc}" - printf "%b%s Complete! %b\\n" "${COL_LIGHT_GREEN}" "${INSTALL_TYPE}" "${COL_NC}" + printf " %b %b%s complete! %b\\n" "${TICK}" "${COL_LIGHT_GREEN}" "${INSTALL_TYPE}" "${COL_NC}" if [[ "${INSTALL_TYPE}" == "Update" ]]; then printf "\\n" From e29aa4e2058e9f4d76289b75cebdb6ab781e693d Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Tue, 19 Jul 2022 18:33:36 +0100 Subject: [PATCH 21/61] First things first... --- .github/workflows/test.yml | 2 +- test/_centos_7.Dockerfile | 19 ----------- test/centos7.epel.override | 7 ---- test/test_centos_7_support.py | 63 ----------------------------------- test/tox.centos_7.ini | 8 ----- 5 files changed, 1 insertion(+), 98 deletions(-) delete mode 100644 test/_centos_7.Dockerfile delete mode 100644 test/centos7.epel.override delete mode 100644 test/test_centos_7_support.py delete mode 100644 test/tox.centos_7.ini diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index e9a5d34d..8d496bba 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -43,7 +43,7 @@ jobs: strategy: fail-fast: false matrix: - distro: [debian_10, debian_11, ubuntu_18, ubuntu_20, ubuntu_22, centos_7, centos_8, fedora_34] + distro: [debian_10, debian_11, ubuntu_18, ubuntu_20, ubuntu_22, centos_8, fedora_34] env: DISTRO: ${{matrix.distro}} steps: diff --git a/test/_centos_7.Dockerfile b/test/_centos_7.Dockerfile deleted file mode 100644 index b97f1679..00000000 --- a/test/_centos_7.Dockerfile +++ /dev/null @@ -1,19 +0,0 @@ -FROM centos:7 -RUN yum install -y dialog git python3 - -ENV GITDIR /etc/.pihole -ENV SCRIPTDIR /opt/pihole - -RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole -ADD . $GITDIR -RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/ -ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR - -ADD test/centos7.epel.override /etc/yum/pluginconf.d/fastestmirror.conf -RUN true && \ - chmod +x $SCRIPTDIR/* - -ENV SKIP_INSTALL true -ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net - -#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \ diff --git a/test/centos7.epel.override b/test/centos7.epel.override deleted file mode 100644 index 3451f17d..00000000 --- a/test/centos7.epel.override +++ /dev/null @@ -1,7 +0,0 @@ -[main] -verbose = 0 -socket_timeout = 3 -enabled = 1 -hostfilepath = /var/cache/yum/timedhosts.txt -maxhostfileage = 1 -exclude=.edu diff --git a/test/test_centos_7_support.py b/test/test_centos_7_support.py deleted file mode 100644 index c7e75813..00000000 --- a/test/test_centos_7_support.py +++ /dev/null @@ -1,63 +0,0 @@ -from .conftest import ( - tick_box, - info_box, - mock_command, -) - - -def test_php_upgrade_default_optout_centos_eq_7(host): - ''' - confirms the default behavior to opt-out of installing PHP7 from REMI - ''' - package_manager_detect = host.run(''' - source /opt/pihole/basic-install.sh - package_manager_detect - select_rpm_php - ''') - expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. ' - 'Deprecated PHP may be in use.') - assert expected_stdout in package_manager_detect.stdout - remi_package = host.package('remi-release') - assert not remi_package.is_installed - - -def test_php_upgrade_user_optout_centos_eq_7(host): - ''' - confirms installer behavior when user opt-out of installing PHP7 from REMI - (php not currently installed) - ''' - # dialog returns Cancel for user prompt - mock_command('dialog', {'*': ('', '1')}, host) - package_manager_detect = host.run(''' - source /opt/pihole/basic-install.sh - package_manager_detect - select_rpm_php - ''') - expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. ' - 'Deprecated PHP may be in use.') - assert expected_stdout in package_manager_detect.stdout - remi_package = host.package('remi-release') - assert not remi_package.is_installed - - -def test_php_upgrade_user_optin_centos_eq_7(host): - ''' - confirms installer behavior when user opt-in to installing PHP7 from REMI - (php not currently installed) - ''' - # dialog returns Continue for user prompt - mock_command('dialog', {'*': ('', '0')}, host) - package_manager_detect = host.run(''' - source /opt/pihole/basic-install.sh - package_manager_detect - select_rpm_php - ''') - assert 'opt-out' not in package_manager_detect.stdout - expected_stdout = info_box + (' Enabling Remi\'s RPM repository ' - '(https://rpms.remirepo.net)') - assert expected_stdout in package_manager_detect.stdout - expected_stdout = tick_box + (' Remi\'s RPM repository has ' - 'been enabled for PHP7') - assert expected_stdout in package_manager_detect.stdout - remi_package = host.package('remi-release') - assert remi_package.is_installed diff --git a/test/tox.centos_7.ini b/test/tox.centos_7.ini deleted file mode 100644 index 319465dd..00000000 --- a/test/tox.centos_7.ini +++ /dev/null @@ -1,8 +0,0 @@ -[tox] -envlist = py38 - -[testenv] -whitelist_externals = docker -deps = -rrequirements.txt -commands = docker build -f _centos_7.Dockerfile -t pytest_pihole:test_container ../ - pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py ./test_centos_fedora_common_support.py ./test_centos_common_support.py ./test_centos_7_support.py From 9c03915cb0fae856e41bb441d4f719c2f9eeeda9 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Tue, 19 Jul 2022 18:53:41 +0100 Subject: [PATCH 22/61] Remove special Centos7 hand holds. Move the unsupported dialog out to a further if block so that a user may still continue to install on centos7 (provided they have the pre-requisites installed) Signed-off-by: Adam Warner --- automated install/basic-install.sh | 89 ++----------------------- test/test_centos_common_support.py | 100 ----------------------------- 2 files changed, 7 insertions(+), 182 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 88dc9040..c43d0334 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -376,37 +376,19 @@ package_manager_detect() { } select_rpm_php(){ + local unsupported_dialog=0 # If the host OS is Fedora, if grep -qiE 'fedora|fedberry' /etc/redhat-release; then # all required packages should be available by default with the latest fedora release : # continue # or if host OS is CentOS, elif grep -qiE 'centos|scientific|alma|rocky' /etc/redhat-release; then - # Pi-Hole currently supports CentOS 7+ with PHP7+ - SUPPORTED_CENTOS_VERSION=7 - SUPPORTED_CENTOS_PHP_VERSION=7 + SUPPORTED_CENTOS_VERSION=8 # Check current CentOS major release version CURRENT_CENTOS_VERSION=$(grep -oP '(?<= )[0-9]+(?=\.?)' /etc/redhat-release) # Check if CentOS version is supported if [[ $CURRENT_CENTOS_VERSION -lt $SUPPORTED_CENTOS_VERSION ]]; then - printf " %b CentOS %s is not supported.\\n" "${CROSS}" "${CURRENT_CENTOS_VERSION}" - printf " Please update to CentOS release %s or later.\\n" "${SUPPORTED_CENTOS_VERSION}" - # exit the installer - exit - fi - # php-json is not required on CentOS 7 as it is already compiled into php - # verify via `php -m | grep json` - if [[ $CURRENT_CENTOS_VERSION -eq 7 ]]; then - # create a temporary array as arrays are not designed for use as mutable data structures - CENTOS7_PIHOLE_WEB_DEPS=() - for i in "${!PIHOLE_WEB_DEPS[@]}"; do - if [[ ${PIHOLE_WEB_DEPS[i]} != "php-json" ]]; then - CENTOS7_PIHOLE_WEB_DEPS+=( "${PIHOLE_WEB_DEPS[i]}" ) - fi - done - # re-assign the clean dependency array back to PIHOLE_WEB_DEPS - PIHOLE_WEB_DEPS=("${CENTOS7_PIHOLE_WEB_DEPS[@]}") - unset CENTOS7_PIHOLE_WEB_DEPS + unsupported_dialog=1 fi if rpm -qa | grep -qi 'epel'; then @@ -418,68 +400,11 @@ select_rpm_php(){ "${PKG_INSTALL[@]}" ${EPEL_PKG} printf " %b Installed %s\\n" "${TICK}" "${EPEL_PKG}" fi - - - # The default php on CentOS 7.x is 5.4 which is EOL - # Check if the version of PHP available via installed repositories is >= to PHP 7 - AVAILABLE_PHP_VERSION=$("${PKG_MANAGER}" info php | grep -i version | grep -o '[0-9]\+' | head -1) - if [[ $AVAILABLE_PHP_VERSION -ge $SUPPORTED_CENTOS_PHP_VERSION ]]; then - # Since PHP 7 is available by default, install via default PHP package names - : # do nothing as PHP is current - printf "PHP 7 is installed" - else - REMI_PKG="remi-release" - REMI_REPO="remi-php72" - REMI_REPO_URL="https://rpms.remirepo.net/enterprise/${REMI_PKG}-$(rpm -E '%{rhel}').rpm" - - # The PHP version available via default repositories is older than version 7 - dialog --no-shadow --keep-tite \ - --title "PHP 7 Update (recommended)" \ - --defaultno \ - --yesno "PHP 7.x is recommended for both security and language features.\ -\\n\\nWould you like to install PHP7 via Remi's RPM repository?\ -\\n\\nSee: https://rpms.remirepo.net for more information"\ - "${r}" "${c}" && result=0 || result=$? - - case ${result} in - "${DIALOG_OK}" ) - printf " %b Installing PHP 7 via Remi's RPM repository\\n" "${INFO}" - "${PKG_INSTALL[@]}" "yum-utils" &> /dev/null - if rpm -q ${REMI_PKG} &> /dev/null; then - printf " %b Remi's RPM repository is already installed\\n" "${TICK}" - else - printf " %b Enabling Remi's RPM repository (https://rpms.remirepo.net)\\n" "${INFO}" - yum -y install "${REMI_REPO_URL}" - printf " %b Installed %s from %s\\n" "${TICK}" "${REMI_PKG}" "${REMI_REPO_URL}" - printf " %b Remi's RPM repository has been enabled for PHP7\\n" "${TICK}" - fi - yum-config-manager --disable 'remi-php*' - yum-config-manager --enable "${REMI_REPO}" - - # trigger an install/update of PHP to ensure previous version of PHP is updated from REMI - if "${PKG_INSTALL[@]}" "php-cli" &> /dev/null; then - printf " %b PHP7 installed/updated via Remi's RPM repository\\n" "${TICK}" - else - printf " %b There was a problem updating to PHP7 via Remi's RPM repository\\n" "${CROSS}" - exit 1 - fi - ;; - - # User chose not to install PHP 7 via Remi's RPM repository - "${DIALOG_CANCEL}") - # User decided to NOT update PHP from REMI, attempt to install the default available PHP version - printf " %b User opt-out of PHP 7 upgrade on CentOS. Deprecated PHP may be in use.\\n" "${INFO}" - ;; - - # User closed the dialog window - "${DIALOG_ESC}") - printf " %b Escape pressed, exiting installer at Remi dialog window\\n" "${CROSS}" - exit 1 - ;; - esac - fi - else + unsupported_dialog=1 + fi + + if [[ ${unsupported_dialog} -eq 1 ]];then # Warn user of unsupported version of Fedora or CentOS dialog --no-shadow --keep-tite \ --title "Unsupported RPM based distribution" \ diff --git a/test/test_centos_common_support.py b/test/test_centos_common_support.py index ac408e92..2a9b3822 100644 --- a/test/test_centos_common_support.py +++ b/test/test_centos_common_support.py @@ -7,23 +7,6 @@ from .conftest import ( ) -def test_release_supported_version_check_centos(host): - ''' - confirms installer exits on unsupported releases of CentOS - ''' - # modify /etc/redhat-release to mock an unsupported CentOS release - host.run('echo "CentOS Linux release 6.9" > /etc/redhat-release') - package_manager_detect = host.run(''' - source /opt/pihole/basic-install.sh - package_manager_detect - select_rpm_php - ''') - expected_stdout = cross_box + (' CentOS 6 is not supported.') - assert expected_stdout in package_manager_detect.stdout - expected_stdout = 'Please update to CentOS release 7 or later' - assert expected_stdout in package_manager_detect.stdout - - def test_enable_epel_repository_centos(host): ''' confirms the EPEL package repository is enabled when installed on CentOS @@ -40,86 +23,3 @@ def test_enable_epel_repository_centos(host): assert expected_stdout in package_manager_detect.stdout epel_package = host.package('epel-release') assert epel_package.is_installed - - -def test_php_version_lt_7_detected_upgrade_default_optout_centos(host): - ''' - confirms the default behavior to opt-out of upgrading to PHP7 from REMI - ''' - # first we will install the default php version to test installer behavior - php_install = host.run('yum install -y php') - assert php_install.rc == 0 - php_package = host.package('php') - default_centos_php_version = php_package.version.split('.')[0] - if int(default_centos_php_version) >= 7: # PHP7 is supported/recommended - pytest.skip("Test deprecated . Detected default PHP version >= 7") - package_manager_detect = host.run(''' - source /opt/pihole/basic-install.sh - package_manager_detect - select_rpm_php - ''') - expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. ' - 'Deprecated PHP may be in use.') - assert expected_stdout in package_manager_detect.stdout - remi_package = host.package('remi-release') - assert not remi_package.is_installed - - -def test_php_version_lt_7_detected_upgrade_user_optout_centos(host): - ''' - confirms installer behavior when user opt-out to upgrade to PHP7 via REMI - ''' - # first we will install the default php version to test installer behavior - php_install = host.run('yum install -y php') - assert php_install.rc == 0 - php_package = host.package('php') - default_centos_php_version = php_package.version.split('.')[0] - if int(default_centos_php_version) >= 7: # PHP7 is supported/recommended - pytest.skip("Test deprecated . Detected default PHP version >= 7") - # dialog returns Cancel for user prompt - mock_command('dialog', {'*': ('', '1')}, host) - package_manager_detect = host.run(''' - source /opt/pihole/basic-install.sh - package_manager_detect - select_rpm_php - ''') - expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. ' - 'Deprecated PHP may be in use.') - assert expected_stdout in package_manager_detect.stdout - remi_package = host.package('remi-release') - assert not remi_package.is_installed - - -def test_php_version_lt_7_detected_upgrade_user_optin_centos(host): - ''' - confirms installer behavior when user opt-in to upgrade to PHP7 via REMI - ''' - # first we will install the default php version to test installer behavior - php_install = host.run('yum install -y php') - assert php_install.rc == 0 - php_package = host.package('php') - default_centos_php_version = php_package.version.split('.')[0] - if int(default_centos_php_version) >= 7: # PHP7 is supported/recommended - pytest.skip("Test deprecated . Detected default PHP version >= 7") - # dialog returns Continue for user prompt - mock_command('dialog', {'*': ('', '0')}, host) - package_manager_detect = host.run(''' - source /opt/pihole/basic-install.sh - package_manager_detect - select_rpm_php - install_dependent_packages PIHOLE_WEB_DEPS[@] - ''') - expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. ' - 'Deprecated PHP may be in use.') - assert expected_stdout not in package_manager_detect.stdout - expected_stdout = info_box + (' Enabling Remi\'s RPM repository ' - '(https://rpms.remirepo.net)') - assert expected_stdout in package_manager_detect.stdout - expected_stdout = tick_box + (' Remi\'s RPM repository has ' - 'been enabled for PHP7') - assert expected_stdout in package_manager_detect.stdout - remi_package = host.package('remi-release') - assert remi_package.is_installed - updated_php_package = host.package('php') - updated_php_version = updated_php_package.version.split('.')[0] - assert int(updated_php_version) == 7 From b6137584194c8811db26cad855e54ef9b454ffec Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sat, 30 Jul 2022 16:19:40 +0100 Subject: [PATCH 23/61] rename select_rpm_php and simplify it to remove code no longer needed (discussed internally removing the unsupported dialog here to match behaviour on non rpm distros) Signed-off-by: Adam Warner --- automated install/basic-install.sh | 50 +++--------------------------- test/test_any_automated_install.py | 4 +-- test/test_centos_8_support.py | 6 ++-- test/test_centos_common_support.py | 2 +- test/test_fedora_support.py | 2 +- 5 files changed, 11 insertions(+), 53 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index c43d0334..93db8149 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -375,22 +375,11 @@ package_manager_detect() { fi } -select_rpm_php(){ - local unsupported_dialog=0 - # If the host OS is Fedora, - if grep -qiE 'fedora|fedberry' /etc/redhat-release; then - # all required packages should be available by default with the latest fedora release - : # continue - # or if host OS is CentOS, - elif grep -qiE 'centos|scientific|alma|rocky' /etc/redhat-release; then - SUPPORTED_CENTOS_VERSION=8 +check_epel_repo_required(){ + # If the host OS is centos (or a derivative), + if grep -qiE 'centos|scientific|alma|rocky' /etc/redhat-release; then # Check current CentOS major release version CURRENT_CENTOS_VERSION=$(grep -oP '(?<= )[0-9]+(?=\.?)' /etc/redhat-release) - # Check if CentOS version is supported - if [[ $CURRENT_CENTOS_VERSION -lt $SUPPORTED_CENTOS_VERSION ]]; then - unsupported_dialog=1 - fi - if rpm -qa | grep -qi 'epel'; then printf " %b EPEL repository already installed\\n" "${TICK}" else @@ -400,37 +389,6 @@ select_rpm_php(){ "${PKG_INSTALL[@]}" ${EPEL_PKG} printf " %b Installed %s\\n" "${TICK}" "${EPEL_PKG}" fi - else - unsupported_dialog=1 - fi - - if [[ ${unsupported_dialog} -eq 1 ]];then - # Warn user of unsupported version of Fedora or CentOS - dialog --no-shadow --keep-tite \ - --title "Unsupported RPM based distribution" \ - --defaultno \ - --no-button "Exit" \ - --yes-button "Continue" \ - --yesno "Would you like to continue installation on an unsupported RPM based distribution?\ -\\n\\nPlease ensure the following packages have been installed manually:\ -\\n\\n- lighttpd\\n- lighttpd-fastcgi\\n- PHP version 7+"\ - "${r}" "${c}" && result=0 || result=$? - - case ${result} in - # User chose to continue installation on an unsupported RPM based distribution - "${DIALOG_OK}") - printf " %b User opted to continue installation on an unsupported RPM based distribution.\\n" "${INFO}" - ;; - # User chose not to continue installation on an unsupported RPM based distribution - "${DIALOG_CANCEL}") - printf " %b User opted not to continue installation on an unsupported RPM based distribution.\\n" "${INFO}" - exit 1 - ;; - "${DIALOG_ESC}") - printf " %b Escape pressed, exiting installer at unsupported RPM based distribution dialog window\\n" "${CROSS}" - exit 1 - ;; - esac fi } @@ -2580,7 +2538,7 @@ main() { #In case of RPM based distro, select the proper PHP version if [[ "$PKG_MANAGER" == "yum" || "$PKG_MANAGER" == "dnf" ]] ; then - select_rpm_php + check_epel_repo_required fi diff --git a/test/test_any_automated_install.py b/test/test_any_automated_install.py index 61849f54..15608050 100644 --- a/test/test_any_automated_install.py +++ b/test/test_any_automated_install.py @@ -1117,7 +1117,7 @@ def test_package_manager_has_pihole_deps(host): output = host.run(''' source /opt/pihole/basic-install.sh package_manager_detect - select_rpm_php + check_epel_repo_required install_dependent_packages ${PIHOLE_DEPS[@]} ''') @@ -1131,7 +1131,7 @@ def test_package_manager_has_web_deps(host): output = host.run(''' source /opt/pihole/basic-install.sh package_manager_detect - select_rpm_php + check_epel_repo_required install_dependent_packages ${PIHOLE_WEB_DEPS[@]} ''') diff --git a/test/test_centos_8_support.py b/test/test_centos_8_support.py index 9adbe841..63f49360 100644 --- a/test/test_centos_8_support.py +++ b/test/test_centos_8_support.py @@ -13,7 +13,7 @@ def test_php_upgrade_default_continue_centos_gte_8(host): package_manager_detect = host.run(''' source /opt/pihole/basic-install.sh package_manager_detect - select_rpm_php + check_epel_repo_required ''') unexpected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS.' ' Deprecated PHP may be in use.') @@ -34,7 +34,7 @@ def test_php_upgrade_user_optout_skipped_centos_gte_8(host): package_manager_detect = host.run(''' source /opt/pihole/basic-install.sh package_manager_detect - select_rpm_php + check_epel_repo_required ''') unexpected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS.' ' Deprecated PHP may be in use.') @@ -55,7 +55,7 @@ def test_php_upgrade_user_optin_skipped_centos_gte_8(host): package_manager_detect = host.run(''' source /opt/pihole/basic-install.sh package_manager_detect - select_rpm_php + check_epel_repo_required ''') assert 'opt-out' not in package_manager_detect.stdout unexpected_stdout = info_box + (' Enabling Remi\'s RPM repository ' diff --git a/test/test_centos_common_support.py b/test/test_centos_common_support.py index 2a9b3822..4be29c65 100644 --- a/test/test_centos_common_support.py +++ b/test/test_centos_common_support.py @@ -14,7 +14,7 @@ def test_enable_epel_repository_centos(host): package_manager_detect = host.run(''' source /opt/pihole/basic-install.sh package_manager_detect - select_rpm_php + check_epel_repo_required ''') expected_stdout = info_box + (' Enabling EPEL package repository ' '(https://fedoraproject.org/wiki/EPEL)') diff --git a/test/test_fedora_support.py b/test/test_fedora_support.py index 63fde90e..45a7c2eb 100644 --- a/test/test_fedora_support.py +++ b/test/test_fedora_support.py @@ -6,7 +6,7 @@ def test_epel_and_remi_not_installed_fedora(host): package_manager_detect = host.run(''' source /opt/pihole/basic-install.sh package_manager_detect - select_rpm_php + check_epel_repo_required ''') assert package_manager_detect.stdout == '' From fc2a564cc0bc2f50e6c1d4848c0dc7dce126e679 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sat, 30 Jul 2022 16:24:05 +0100 Subject: [PATCH 24/61] remove tests no longer needed Signed-off-by: Adam Warner --- test/test_centos_8_support.py | 68 ----------------------------------- test/tox.centos_8.ini | 2 +- 2 files changed, 1 insertion(+), 69 deletions(-) delete mode 100644 test/test_centos_8_support.py diff --git a/test/test_centos_8_support.py b/test/test_centos_8_support.py deleted file mode 100644 index 63f49360..00000000 --- a/test/test_centos_8_support.py +++ /dev/null @@ -1,68 +0,0 @@ -from .conftest import ( - tick_box, - info_box, - mock_command, -) - - -def test_php_upgrade_default_continue_centos_gte_8(host): - ''' - confirms the latest version of CentOS continues / does not optout - (should trigger on CentOS7 only) - ''' - package_manager_detect = host.run(''' - source /opt/pihole/basic-install.sh - package_manager_detect - check_epel_repo_required - ''') - unexpected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS.' - ' Deprecated PHP may be in use.') - assert unexpected_stdout not in package_manager_detect.stdout - # ensure remi was not installed on latest CentOS - remi_package = host.package('remi-release') - assert not remi_package.is_installed - - -def test_php_upgrade_user_optout_skipped_centos_gte_8(host): - ''' - confirms installer skips user opt-out of installing PHP7 from REMI on - latest CentOS (should trigger on CentOS7 only) - (php not currently installed) - ''' - # dialog dialog returns Cancel for user prompt - mock_command('dialog', {'*': ('', '1')}, host) - package_manager_detect = host.run(''' - source /opt/pihole/basic-install.sh - package_manager_detect - check_epel_repo_required - ''') - unexpected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS.' - ' Deprecated PHP may be in use.') - assert unexpected_stdout not in package_manager_detect.stdout - # ensure remi was not installed on latest CentOS - remi_package = host.package('remi-release') - assert not remi_package.is_installed - - -def test_php_upgrade_user_optin_skipped_centos_gte_8(host): - ''' - confirms installer skips user opt-in to installing PHP7 from REMI on - latest CentOS (should trigger on CentOS7 only) - (php not currently installed) - ''' - # dialog dialog returns Continue for user prompt - mock_command('dialog', {'*': ('', '0')}, host) - package_manager_detect = host.run(''' - source /opt/pihole/basic-install.sh - package_manager_detect - check_epel_repo_required - ''') - assert 'opt-out' not in package_manager_detect.stdout - unexpected_stdout = info_box + (' Enabling Remi\'s RPM repository ' - '(https://rpms.remirepo.net)') - assert unexpected_stdout not in package_manager_detect.stdout - unexpected_stdout = tick_box + (' Remi\'s RPM repository has ' - 'been enabled for PHP7') - assert unexpected_stdout not in package_manager_detect.stdout - remi_package = host.package('remi-release') - assert not remi_package.is_installed diff --git a/test/tox.centos_8.ini b/test/tox.centos_8.ini index c7926289..e94c2433 100644 --- a/test/tox.centos_8.ini +++ b/test/tox.centos_8.ini @@ -5,4 +5,4 @@ envlist = py38 whitelist_externals = docker deps = -rrequirements.txt commands = docker build -f _centos_8.Dockerfile -t pytest_pihole:test_container ../ - pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py ./test_centos_fedora_common_support.py ./test_centos_common_support.py ./test_centos_8_support.py + pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py ./test_centos_fedora_common_support.py ./test_centos_common_support.py From 313c0ddf288bbbd9818606204bbb80dce75ddcf6 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sat, 30 Jul 2022 18:59:57 +0100 Subject: [PATCH 25/61] Update automated install/basic-install.sh Co-authored-by: yubiuser Signed-off-by: Adam Warner --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 93db8149..4623ee88 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -376,7 +376,7 @@ package_manager_detect() { } check_epel_repo_required(){ - # If the host OS is centos (or a derivative), + # If the host OS is centos (or a derivative), epel is required for lighttpd if grep -qiE 'centos|scientific|alma|rocky' /etc/redhat-release; then # Check current CentOS major release version CURRENT_CENTOS_VERSION=$(grep -oP '(?<= )[0-9]+(?=\.?)' /etc/redhat-release) From 0e8c1ec023f5b684c48ef1853e0ab33dffc4afac Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sat, 30 Jul 2022 19:03:46 +0100 Subject: [PATCH 26/61] Flip logic on epel check - if _not_ fedora, then (try to, depending on supported OS) install EPEL. Signed-off-by: Adam Warner --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 4623ee88..ba93cf26 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -377,7 +377,7 @@ package_manager_detect() { check_epel_repo_required(){ # If the host OS is centos (or a derivative), epel is required for lighttpd - if grep -qiE 'centos|scientific|alma|rocky' /etc/redhat-release; then + if ! grep -qiE 'fedora|fedberry' /etc/redhat-release; then # Check current CentOS major release version CURRENT_CENTOS_VERSION=$(grep -oP '(?<= )[0-9]+(?=\.?)' /etc/redhat-release) if rpm -qa | grep -qi 'epel'; then From 9028898ba7b21cc8ca3838e9e68b5f6fe178af22 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sat, 30 Jul 2022 19:18:33 +0100 Subject: [PATCH 27/61] Move code from `check_epel_repo_required` into the rpm branch of the if check on package_manager_detect(), adjust tests to accommodate Signed-off-by: Adam Warner --- automated install/basic-install.sh | 38 ++++++++++++------------------ test/test_any_automated_install.py | 8 +++---- test/test_centos_common_support.py | 1 - test/test_fedora_support.py | 3 --- 4 files changed, 18 insertions(+), 32 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index ba93cf26..4b1fde62 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -366,6 +366,21 @@ package_manager_detect() { LIGHTTPD_GROUP="lighttpd" LIGHTTPD_CFG="lighttpd.conf.fedora" + # If the host OS is centos (or a derivative), epel is required for lighttpd + if ! grep -qiE 'fedora|fedberry' /etc/redhat-release; then + # Check current CentOS major release version + CURRENT_CENTOS_VERSION=$(grep -oP '(?<= )[0-9]+(?=\.?)' /etc/redhat-release) + if rpm -qa | grep -qi 'epel'; then + printf " %b EPEL repository already installed\\n" "${TICK}" + else + # CentOS requires the EPEL repository to gain access to Fedora packages + EPEL_PKG="https://dl.fedoraproject.org/pub/epel/epel-release-latest-${CURRENT_CENTOS_VERSION}.noarch.rpm" + printf " %b Enabling EPEL package repository (https://fedoraproject.org/wiki/EPEL)\\n" "${INFO}" + "${PKG_INSTALL[@]}" "${EPEL_PKG}" + printf " %b Installed %s\\n" "${TICK}" "${EPEL_PKG}" + fi + fi + # If neither apt-get or yum/dnf package managers were found else # we cannot install required packages @@ -375,23 +390,6 @@ package_manager_detect() { fi } -check_epel_repo_required(){ - # If the host OS is centos (or a derivative), epel is required for lighttpd - if ! grep -qiE 'fedora|fedberry' /etc/redhat-release; then - # Check current CentOS major release version - CURRENT_CENTOS_VERSION=$(grep -oP '(?<= )[0-9]+(?=\.?)' /etc/redhat-release) - if rpm -qa | grep -qi 'epel'; then - printf " %b EPEL repository already installed\\n" "${TICK}" - else - # CentOS requires the EPEL repository to gain access to Fedora packages - EPEL_PKG="https://dl.fedoraproject.org/pub/epel/epel-release-latest-${CURRENT_CENTOS_VERSION}.noarch.rpm" - printf " %b Enabling EPEL package repository (https://fedoraproject.org/wiki/EPEL)\\n" "${INFO}" - "${PKG_INSTALL[@]}" ${EPEL_PKG} - printf " %b Installed %s\\n" "${TICK}" "${EPEL_PKG}" - fi - fi -} - # A function for checking if a directory is a git repository is_repo() { # Use a named, local variable instead of the vague $1, which is the first argument passed to this function @@ -2536,12 +2534,6 @@ main() { printf " %b Checking for / installing Required dependencies for this install script...\\n" "${INFO}" install_dependent_packages "${INSTALLER_DEPS[@]}" - #In case of RPM based distro, select the proper PHP version - if [[ "$PKG_MANAGER" == "yum" || "$PKG_MANAGER" == "dnf" ]] ; then - check_epel_repo_required - fi - - # If the setup variable file exists, if [[ -f "${setupVars}" ]]; then # if it's running unattended, diff --git a/test/test_any_automated_install.py b/test/test_any_automated_install.py index 15608050..717f6ea2 100644 --- a/test/test_any_automated_install.py +++ b/test/test_any_automated_install.py @@ -1107,7 +1107,7 @@ def test_package_manager_has_installer_deps(host): install_dependent_packages ${INSTALLER_DEPS[@]} ''') - assert 'No package' not in output.stdout # centos7 still exits 0... + assert 'No package' not in output.stdout assert output.rc == 0 @@ -1117,11 +1117,10 @@ def test_package_manager_has_pihole_deps(host): output = host.run(''' source /opt/pihole/basic-install.sh package_manager_detect - check_epel_repo_required install_dependent_packages ${PIHOLE_DEPS[@]} ''') - assert 'No package' not in output.stdout # centos7 still exits 0... + assert 'No package' not in output.stdout assert output.rc == 0 @@ -1131,9 +1130,8 @@ def test_package_manager_has_web_deps(host): output = host.run(''' source /opt/pihole/basic-install.sh package_manager_detect - check_epel_repo_required install_dependent_packages ${PIHOLE_WEB_DEPS[@]} ''') - assert 'No package' not in output.stdout # centos7 still exits 0... + assert 'No package' not in output.stdout assert output.rc == 0 diff --git a/test/test_centos_common_support.py b/test/test_centos_common_support.py index 4be29c65..3497267a 100644 --- a/test/test_centos_common_support.py +++ b/test/test_centos_common_support.py @@ -14,7 +14,6 @@ def test_enable_epel_repository_centos(host): package_manager_detect = host.run(''' source /opt/pihole/basic-install.sh package_manager_detect - check_epel_repo_required ''') expected_stdout = info_box + (' Enabling EPEL package repository ' '(https://fedoraproject.org/wiki/EPEL)') diff --git a/test/test_fedora_support.py b/test/test_fedora_support.py index 45a7c2eb..57a6c5c4 100644 --- a/test/test_fedora_support.py +++ b/test/test_fedora_support.py @@ -6,11 +6,8 @@ def test_epel_and_remi_not_installed_fedora(host): package_manager_detect = host.run(''' source /opt/pihole/basic-install.sh package_manager_detect - check_epel_repo_required ''') assert package_manager_detect.stdout == '' epel_package = host.package('epel-release') assert not epel_package.is_installed - remi_package = host.package('remi-release') - assert not remi_package.is_installed From 99b7f996e2b2f4ce3bbac440582c140b54d10682 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Sun, 24 Jul 2022 14:36:15 +0200 Subject: [PATCH 28/61] Explicite set minor and patch version on used actions MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- .github/workflows/codeql-analysis.yml | 8 ++++---- .github/workflows/stale.yml | 2 +- .github/workflows/sync-back-to-dev.yml | 4 ++-- .github/workflows/test.yml | 8 ++++---- 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 6e5a0886..60486f52 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -25,16 +25,16 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v3.0.0 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v2.0.0 with: languages: 'python' - name: Autobuild - uses: github/codeql-action/autobuild@v2 + uses: github/codeql-action/autobuild@v2.0.0 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v2.0.0 diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index cd3c6ff6..67b73f26 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -13,7 +13,7 @@ jobs: issues: write steps: - - uses: actions/stale@v5 + - uses: actions/stale@v5.0.0 with: repo-token: ${{ secrets.GITHUB_TOKEN }} days-before-stale: 30 diff --git a/.github/workflows/sync-back-to-dev.yml b/.github/workflows/sync-back-to-dev.yml index f79b69f2..fecc7022 100644 --- a/.github/workflows/sync-back-to-dev.yml +++ b/.github/workflows/sync-back-to-dev.yml @@ -11,7 +11,7 @@ jobs: name: Syncing branches steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v3.0.0. - name: Opening pull request id: pull uses: tretuna/sync-branches@1.4.0 @@ -20,7 +20,7 @@ jobs: FROM_BRANCH: 'master' TO_BRANCH: 'development' - name: Label the pull request to ignore for release note generation - uses: actions-ecosystem/action-add-labels@v1 + uses: actions-ecosystem/action-add-labels@v1.0.0 with: labels: internal repo: ${{ github.repository }} diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index e9a5d34d..ccc9a8fe 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -14,7 +14,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v3.0.0 - name: Check scripts in repository are executable run: | @@ -30,7 +30,7 @@ jobs: ignore_words_file: .codespellignore - name: Get editorconfig-checker - uses: editorconfig-checker/action-editorconfig-checker@main + uses: editorconfig-checker/action-editorconfig-checker@v1.0.0 - name: Run editorconfig-checker run: editorconfig-checker @@ -49,10 +49,10 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v3.0.0 - name: Set up Python 3.8 - uses: actions/setup-python@v4 + uses: actions/setup-python@v4.0.0 with: python-version: 3.8 - From 8f3e6f1a50267299910907aaf76e4fa2f19c38fb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Sun, 24 Jul 2022 14:52:07 +0200 Subject: [PATCH 29/61] CodeQl does not use .minor.patch version MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- .github/workflows/codeql-analysis.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 60486f52..ae536540 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -29,12 +29,12 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2.0.0 + uses: github/codeql-action/init@v2 with: languages: 'python' - name: Autobuild - uses: github/codeql-action/autobuild@v2.0.0 + uses: github/codeql-action/autobuild@v2 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2.0.0 + uses: github/codeql-action/analyze@v2 From a3ac1caac6149acbabf65eaa27690b7b43fa1d0e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Mon, 25 Jul 2022 22:30:53 +0200 Subject: [PATCH 30/61] Update actions to latest versions MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/stale.yml | 2 +- .github/workflows/sync-back-to-dev.yml | 4 ++-- .github/workflows/test.yml | 8 ++++---- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index ae536540..2c844337 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -25,7 +25,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3.0.0 + uses: actions/checkout@v3.0.2 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 67b73f26..9e622f4a 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -13,7 +13,7 @@ jobs: issues: write steps: - - uses: actions/stale@v5.0.0 + - uses: actions/stale@v5.1.0 with: repo-token: ${{ secrets.GITHUB_TOKEN }} days-before-stale: 30 diff --git a/.github/workflows/sync-back-to-dev.yml b/.github/workflows/sync-back-to-dev.yml index fecc7022..27d966d2 100644 --- a/.github/workflows/sync-back-to-dev.yml +++ b/.github/workflows/sync-back-to-dev.yml @@ -11,7 +11,7 @@ jobs: name: Syncing branches steps: - name: Checkout - uses: actions/checkout@v3.0.0. + uses: actions/checkout@v3.0.2 - name: Opening pull request id: pull uses: tretuna/sync-branches@1.4.0 @@ -20,7 +20,7 @@ jobs: FROM_BRANCH: 'master' TO_BRANCH: 'development' - name: Label the pull request to ignore for release note generation - uses: actions-ecosystem/action-add-labels@v1.0.0 + uses: actions-ecosystem/action-add-labels@v1.1.0 with: labels: internal repo: ${{ github.repository }} diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index ccc9a8fe..82e9d549 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -14,7 +14,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3.0.0 + uses: actions/checkout@v3.0.2 - name: Check scripts in repository are executable run: | @@ -30,7 +30,7 @@ jobs: ignore_words_file: .codespellignore - name: Get editorconfig-checker - uses: editorconfig-checker/action-editorconfig-checker@v1.0.0 + uses: editorconfig-checker/action-editorconfig-checker@main # tag v1.0.0 is really out of date - name: Run editorconfig-checker run: editorconfig-checker @@ -49,10 +49,10 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3.0.0 + uses: actions/checkout@v3.0.2 - name: Set up Python 3.8 - uses: actions/setup-python@v4.0.0 + uses: actions/setup-python@v4.1.0 with: python-version: 3.8 - From c6da627b7dede50f0698eab0128df42df7fb67d4 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sun, 31 Jul 2022 18:52:03 +0100 Subject: [PATCH 31/61] Move release version check inside the else block Signed-off-by: Adam Warner --- automated install/basic-install.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 4b1fde62..adf03dea 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -368,13 +368,13 @@ package_manager_detect() { # If the host OS is centos (or a derivative), epel is required for lighttpd if ! grep -qiE 'fedora|fedberry' /etc/redhat-release; then - # Check current CentOS major release version - CURRENT_CENTOS_VERSION=$(grep -oP '(?<= )[0-9]+(?=\.?)' /etc/redhat-release) if rpm -qa | grep -qi 'epel'; then printf " %b EPEL repository already installed\\n" "${TICK}" else - # CentOS requires the EPEL repository to gain access to Fedora packages - EPEL_PKG="https://dl.fedoraproject.org/pub/epel/epel-release-latest-${CURRENT_CENTOS_VERSION}.noarch.rpm" + local RH_RELEASE EPEL_PKG + # EPEL not already installed, add it based on the release version + RH_RELEASE=$(grep -oP '(?<= )[0-9]+(?=\.?)' /etc/redhat-release) + EPEL_PKG="https://dl.fedoraproject.org/pub/epel/epel-release-latest-${RH_RELEASE}.noarch.rpm" printf " %b Enabling EPEL package repository (https://fedoraproject.org/wiki/EPEL)\\n" "${INFO}" "${PKG_INSTALL[@]}" "${EPEL_PKG}" printf " %b Installed %s\\n" "${TICK}" "${EPEL_PKG}" From 6c7a28a7b562bb8b3772e751efbac8861e7b43c5 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Mon, 1 Aug 2022 18:38:15 +0100 Subject: [PATCH 32/61] Dont use bash keywords/programs as variable names --- gravity.sh | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/gravity.sh b/gravity.sh index 910940af..a35ff8d7 100755 --- a/gravity.sh +++ b/gravity.sh @@ -139,9 +139,9 @@ update_gravity_timestamp() { # Import domains from file and store them in the specified database table database_table_from_file() { # Define locals - local table source backup_path backup_file tmpFile type + local table src backup_path backup_file tmpFile list_type table="${1}" - source="${2}" + src="${2}" backup_path="${piholeDir}/migration_backup" backup_file="${backup_path}/$(basename "${2}")" tmpFile="$(mktemp -p "/tmp" --suffix=".gravity")" @@ -155,13 +155,13 @@ database_table_from_file() { # Special handling for domains to be imported into the common domainlist table if [[ "${table}" == "whitelist" ]]; then - type="0" + list_type="0" table="domainlist" elif [[ "${table}" == "blacklist" ]]; then - type="1" + list_type="1" table="domainlist" elif [[ "${table}" == "regex" ]]; then - type="3" + list_type="3" table="domainlist" fi @@ -174,9 +174,9 @@ database_table_from_file() { rowid+=1 fi - # Loop over all domains in ${source} file + # Loop over all domains in ${src} file # Read file line by line - grep -v '^ *#' < "${source}" | while IFS= read -r domain + grep -v '^ *#' < "${src}" | while IFS= read -r domain do # Only add non-empty lines if [[ -n "${domain}" ]]; then @@ -185,10 +185,10 @@ database_table_from_file() { echo "${rowid},\"${domain}\",${timestamp}" >> "${tmpFile}" elif [[ "${table}" == "adlist" ]]; then # Adlist table format - echo "${rowid},\"${domain}\",1,${timestamp},${timestamp},\"Migrated from ${source}\",,0,0,0" >> "${tmpFile}" + echo "${rowid},\"${domain}\",1,${timestamp},${timestamp},\"Migrated from ${src}\",,0,0,0" >> "${tmpFile}" else # White-, black-, and regexlist table format - echo "${rowid},${type},\"${domain}\",1,${timestamp},${timestamp},\"Migrated from ${source}\"" >> "${tmpFile}" + echo "${rowid},${list_type},\"${domain}\",1,${timestamp},${timestamp},\"Migrated from ${src}\"" >> "${tmpFile}" fi rowid+=1 fi @@ -201,14 +201,14 @@ database_table_from_file() { status="$?" if [[ "${status}" -ne 0 ]]; then - echo -e "\\n ${CROSS} Unable to fill table ${table}${type} in database ${gravityDBfile}\\n ${output}" + echo -e "\\n ${CROSS} Unable to fill table ${table}${list_type} in database ${gravityDBfile}\\n ${output}" gravity_Cleanup "error" fi # Move source file to backup directory, create directory if not existing mkdir -p "${backup_path}" - mv "${source}" "${backup_file}" 2> /dev/null || \ - echo -e " ${CROSS} Unable to backup ${source} to ${backup_path}" + mv "${src}" "${backup_file}" 2> /dev/null || \ + echo -e " ${CROSS} Unable to backup ${src} to ${backup_path}" # Delete tmpFile rm "${tmpFile}" > /dev/null 2>&1 || \ From 64dc002c3f64f890d8fe80b23862b19e7b5ec80c Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Mon, 1 Aug 2022 20:38:31 +0100 Subject: [PATCH 33/61] Same per @rdwebdesign suggestion. Signed-off-by: Adam Warner --- gravity.sh | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/gravity.sh b/gravity.sh index a35ff8d7..6f96b845 100755 --- a/gravity.sh +++ b/gravity.sh @@ -719,10 +719,10 @@ gravity_DownloadBlocklistFromUrl() { # Parse source files into domains format gravity_ParseFileIntoDomains() { - local source="${1}" destination="${2}" firstLine + local src="${1}" destination="${2}" firstLine # Determine if we are parsing a consolidated list - #if [[ "${source}" == "${piholeDir}/${matterAndLight}" ]]; then + #if [[ "${src}" == "${piholeDir}/${matterAndLight}" ]]; then # Remove comments and print only the domain name # Most of the lists downloaded are already in hosts file format but the spacing/formatting is not contiguous # This helps with that and makes it easier to read @@ -733,7 +733,7 @@ gravity_ParseFileIntoDomains() { # 4) Remove lines containing "/" # 5) Remove leading tabs, spaces, etc. # 6) Delete lines not matching domain names - < "${source}" tr -d '\r' | \ + < "${src}" tr -d '\r' | \ tr '[:upper:]' '[:lower:]' | \ sed 's/\s*#.*//g' | \ sed -r '/(\/).*$/d' | \ @@ -745,16 +745,16 @@ gravity_ParseFileIntoDomains() { # Individual file parsing: Keep comments, while parsing domains from each line # We keep comments to respect the list maintainer's licensing - read -r firstLine < "${source}" + read -r firstLine < "${src}" # Determine how to parse individual source file formats if [[ "${firstLine,,}" =~ (adblock|ublock|^!) ]]; then # Compare $firstLine against lower case words found in Adblock lists echo -e " ${CROSS} Format: Adblock (list type not supported)" - elif grep -q "^address=/" "${source}" &> /dev/null; then + elif grep -q "^address=/" "${src}" &> /dev/null; then # Parse Dnsmasq format lists echo -e " ${CROSS} Format: Dnsmasq (list type not supported)" - elif grep -q -E "^https?://" "${source}" &> /dev/null; then + elif grep -q -E "^https?://" "${src}" &> /dev/null; then # Parse URL list if source file contains "http://" or "https://" # Scanning for "^IPv4$" is too slow with large (1M) lists on low-end hardware echo -ne " ${INFO} Format: URL" @@ -770,13 +770,13 @@ gravity_ParseFileIntoDomains() { /^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$/ { next } # Print if nonempty length { print } - ' "${source}" 2> /dev/null > "${destination}" + ' "${src}" 2> /dev/null > "${destination}" chmod 644 "${destination}" echo -e "${OVER} ${TICK} Format: URL" else # Default: Keep hosts/domains file in same format as it was downloaded - output=$( { mv "${source}" "${destination}"; } 2>&1 ) + output=$( { mv "${src}" "${destination}"; } 2>&1 ) chmod 644 "${destination}" if [[ ! -e "${destination}" ]]; then From 0b81dd387bbc4bf060a20b967aad882b485d6a03 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Mon, 1 Aug 2022 20:56:37 +0100 Subject: [PATCH 34/61] type -> list_type per @yubiuser suggestion Signed-off-by: Adam Warner --- advanced/Scripts/query.sh | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/advanced/Scripts/query.sh b/advanced/Scripts/query.sh index 8f7bfea4..5f25e5be 100755 --- a/advanced/Scripts/query.sh +++ b/advanced/Scripts/query.sh @@ -34,7 +34,7 @@ source "${colfile}" # Scan an array of files for matching strings scanList(){ # Escape full stops - local domain="${1}" esc_domain="${1//./\\.}" lists="${2}" type="${3:-}" + local domain="${1}" esc_domain="${1//./\\.}" lists="${2}" list_type="${3:-}" # Prevent grep from printing file path cd "$piholeDir" || exit 1 @@ -43,7 +43,7 @@ scanList(){ export LC_CTYPE=C # /dev/null forces filename to be printed when only one list has been generated - case "${type}" in + case "${list_type}" in "exact" ) grep -i -E -l "(^|(?/dev/null;; # Iterate through each regexp and check whether it matches the domainQuery # If it does, print the matching regexp and continue looping @@ -99,10 +99,10 @@ if [[ -n "${str:-}" ]]; then fi scanDatabaseTable() { - local domain table type querystr result extra + local domain table list_type querystr result extra domain="$(printf "%q" "${1}")" table="${2}" - type="${3:-}" + list_type="${3:-}" # As underscores are legitimate parts of domains, we escape them when using the LIKE operator. # Underscores are SQLite wildcards matching exactly one character. We obviously want to suppress this @@ -115,8 +115,8 @@ scanDatabaseTable() { esac else case "${exact}" in - "exact" ) querystr="SELECT domain,enabled FROM domainlist WHERE type = '${type}' AND domain = '${domain}'";; - * ) querystr="SELECT domain,enabled FROM domainlist WHERE type = '${type}' AND domain LIKE '%${domain//_/\\_}%' ESCAPE '\\'";; + "exact" ) querystr="SELECT domain,enabled FROM domainlist WHERE type = '${list_type}' AND domain = '${domain}'";; + * ) querystr="SELECT domain,enabled FROM domainlist WHERE type = '${list_type}' AND domain LIKE '%${domain//_/\\_}%' ESCAPE '\\'";; esac fi @@ -158,13 +158,13 @@ scanDatabaseTable() { } scanRegexDatabaseTable() { - local domain list + local domain list list_type domain="${1}" list="${2}" - type="${3:-}" + list_type="${3:-}" # Query all regex from the corresponding database tables - mapfile -t regexList < <(pihole-FTL sqlite3 "${gravityDBfile}" "SELECT domain FROM domainlist WHERE type = ${type}" 2> /dev/null) + mapfile -t regexList < <(pihole-FTL sqlite3 "${gravityDBfile}" "SELECT domain FROM domainlist WHERE type = ${list_type}" 2> /dev/null) # If we have regexps to process if [[ "${#regexList[@]}" -ne 0 ]]; then From 3327df8d9c1822114a68a214ec911e9efb0e8143 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Thu, 4 Aug 2022 14:47:43 +0200 Subject: [PATCH 35/61] Ensure user defined FTL_PID_FILE and FTL_PORT_FILE dirs are created on startup MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- advanced/Templates/pihole-FTL.service | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/advanced/Templates/pihole-FTL.service b/advanced/Templates/pihole-FTL.service index 7346dc20..7a541d0d 100644 --- a/advanced/Templates/pihole-FTL.service +++ b/advanced/Templates/pihole-FTL.service @@ -30,8 +30,8 @@ start() { else # Touch files to ensure they exist (create if non-existing, preserve if existing) mkdir -pm 0755 /run/pihole /var/log/pihole - [ ! -f "${FTL_PID_FILE}" ] && install -m 644 -o pihole -g pihole /dev/null "${FTL_PID_FILE}" - [ ! -f "${FTL_PORT_FILE}" ] && install -m 644 -o pihole -g pihole /dev/null "${FTL_PORT_FILE}" + [ ! -f "${FTL_PID_FILE}" ] && install -D -m 644 -o pihole -g pihole /dev/null "${FTL_PID_FILE}" + [ ! -f "${FTL_PORT_FILE}" ] && install -D -m 644 -o pihole -g pihole /dev/null "${FTL_PORT_FILE}" [ ! -f /var/log/pihole/FTL.log ] && install -m 644 -o pihole -g pihole /dev/null /var/log/pihole/FTL.log [ ! -f /var/log/pihole/pihole.log ] && install -m 640 -o pihole -g pihole /dev/null /var/log/pihole/pihole.log [ ! -f /etc/pihole/dhcp.leases ] && install -m 644 -o pihole -g pihole /dev/null /etc/pihole/dhcp.leases From 989c52ef241baa110d6a588fa42348384453f702 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Thu, 4 Aug 2022 17:20:39 -0700 Subject: [PATCH 36/61] Exit with return code if ftl does not start Signed-off-by: Dan Schaper --- advanced/Templates/pihole-FTL.service | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/advanced/Templates/pihole-FTL.service b/advanced/Templates/pihole-FTL.service index 7a541d0d..46e5c1f2 100644 --- a/advanced/Templates/pihole-FTL.service +++ b/advanced/Templates/pihole-FTL.service @@ -58,10 +58,10 @@ start() { fi if setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN,CAP_SYS_NICE,CAP_IPC_LOCK,CAP_CHOWN+eip "/usr/bin/pihole-FTL"; then - su -s /bin/sh -c "/usr/bin/pihole-FTL" pihole + su -s /bin/sh -c "/usr/bin/pihole-FTL" pihole || exit $? else echo "Warning: Starting pihole-FTL as root because setting capabilities is not supported on this system" - /usr/bin/pihole-FTL + /usr/bin/pihole-FTL || exit $? fi echo fi From 6062df092382a3179a33921b48694b8bb087a9b4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 6 Aug 2022 10:07:28 +0000 Subject: [PATCH 37/61] Bump actions/stale from 5.1.0 to 5.1.1 Bumps [actions/stale](https://github.com/actions/stale) from 5.1.0 to 5.1.1. - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/v5.1.1/CHANGELOG.md) - [Commits](https://github.com/actions/stale/compare/v5.1.0...v5.1.1) --- updated-dependencies: - dependency-name: actions/stale dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/stale.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 9e622f4a..c0f64bb4 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -13,7 +13,7 @@ jobs: issues: write steps: - - uses: actions/stale@v5.1.0 + - uses: actions/stale@v5.1.1 with: repo-token: ${{ secrets.GITHUB_TOKEN }} days-before-stale: 30 From e50438dc11fb1ae26d40bdbcce326e5eddff3ad2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 6 Aug 2022 10:07:31 +0000 Subject: [PATCH 38/61] Bump actions/setup-python from 4.1.0 to 4.2.0 Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.1.0 to 4.2.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v4.1.0...v4.2.0) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 177a24ba..835be166 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -52,7 +52,7 @@ jobs: uses: actions/checkout@v3.0.2 - name: Set up Python 3.8 - uses: actions/setup-python@v4.1.0 + uses: actions/setup-python@v4.2.0 with: python-version: 3.8 - From 9e2e0019fbcd8503a58d9388c2152b369319b79e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 6 Aug 2022 10:22:39 +0000 Subject: [PATCH 39/61] Bump actions-ecosystem/action-add-labels from 1.1.0 to 1.1.3 Bumps [actions-ecosystem/action-add-labels](https://github.com/actions-ecosystem/action-add-labels) from 1.1.0 to 1.1.3. - [Release notes](https://github.com/actions-ecosystem/action-add-labels/releases) - [Commits](https://github.com/actions-ecosystem/action-add-labels/compare/v1.1.0...v1.1.3) --- updated-dependencies: - dependency-name: actions-ecosystem/action-add-labels dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/sync-back-to-dev.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/sync-back-to-dev.yml b/.github/workflows/sync-back-to-dev.yml index 27d966d2..dd66ebdc 100644 --- a/.github/workflows/sync-back-to-dev.yml +++ b/.github/workflows/sync-back-to-dev.yml @@ -20,7 +20,7 @@ jobs: FROM_BRANCH: 'master' TO_BRANCH: 'development' - name: Label the pull request to ignore for release note generation - uses: actions-ecosystem/action-add-labels@v1.1.0 + uses: actions-ecosystem/action-add-labels@v1.1.3 with: labels: internal repo: ${{ github.repository }} From f418481b9f378cac1a9dc7509417a516ad5f967c Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 6 Aug 2022 15:35:01 +0200 Subject: [PATCH 40/61] Add security-related headers to Pi-hole web interface Signed-off-by: DL6ER --- advanced/lighttpd.conf.debian | 15 +++++++++++++-- advanced/lighttpd.conf.fedora | 15 +++++++++++++-- 2 files changed, 26 insertions(+), 4 deletions(-) diff --git a/advanced/lighttpd.conf.debian b/advanced/lighttpd.conf.debian index 4231a0c9..4545bb2e 100644 --- a/advanced/lighttpd.conf.debian +++ b/advanced/lighttpd.conf.debian @@ -78,10 +78,21 @@ include_shell "find /etc/lighttpd/conf-enabled -name '*.conf' -a ! -name 'letsen # If the URL starts with /admin, it is the Web interface $HTTP["url"] =~ "^/admin/" { - # Create a response header for debugging using curl -I + # X-Pi-hole is a response header for debugging using curl -I + # X-Frame-Options prevents clickjacking attacks and helps ensure your content is not embedded into other sites via < frame >, < iframe > or < object >. + # X-XSS-Protection sets the configuration for the cross-site scripting filters built into most browsers. This is important because it tells the browser to block the response if a malicious script has been inserted from a user input. + # X-Content-Type-Options stops a browser from trying to MIME-sniff the content type and forces it to stick with the declared content-type. This is important because the browser will only load external resources if their content-type matches what is expected, and not malicious hidden code. + # Content-Security-Policy tells the browser where resources are allowed to be loaded and if it’s allowed to parse/run inline styles or Javascript. This is important because it prevents content injection attacks, such as Cross Site Scripting (XSS). + # X-Permitted-Cross-Domain-Policies is an XML document that grants a web client, such as Adobe Flash Player or Adobe Acrobat (though not necessarily limited to these), permission to handle data across domains. + # Referrer-Policy allows control/restriction of the amount of information present in the referral header for links away from your page—the URL path or even if the header is sent at all. setenv.add-response-header = ( "X-Pi-hole" => "The Pi-hole Web interface is working!", - "X-Frame-Options" => "DENY" + "X-Frame-Options" => "DENY", + "X-XSS-Protection" => "1; mode=block", + "X-Content-Type-Options" => "nosniff", + "Content-Security-Policy" => "default-src 'self' 'unsafe-inline';", + "X-Permitted-Cross-Domain-Policies" => "none", + "Referrer-Policy" => "same-origin" ) } diff --git a/advanced/lighttpd.conf.fedora b/advanced/lighttpd.conf.fedora index c3c94986..12930302 100644 --- a/advanced/lighttpd.conf.fedora +++ b/advanced/lighttpd.conf.fedora @@ -86,10 +86,21 @@ fastcgi.server = ( # If the URL starts with /admin, it is the Web interface $HTTP["url"] =~ "^/admin/" { - # Create a response header for debugging using curl -I + # X-Pi-hole is a response header for debugging using curl -I + # X-Frame-Options prevents clickjacking attacks and helps ensure your content is not embedded into other sites via < frame >, < iframe > or < object >. + # X-XSS-Protection sets the configuration for the cross-site scripting filters built into most browsers. This is important because it tells the browser to block the response if a malicious script has been inserted from a user input. + # X-Content-Type-Options stops a browser from trying to MIME-sniff the content type and forces it to stick with the declared content-type. This is important because the browser will only load external resources if their content-type matches what is expected, and not malicious hidden code. + # Content-Security-Policy tells the browser where resources are allowed to be loaded and if it’s allowed to parse/run inline styles or Javascript. This is important because it prevents content injection attacks, such as Cross Site Scripting (XSS). + # X-Permitted-Cross-Domain-Policies is an XML document that grants a web client, such as Adobe Flash Player or Adobe Acrobat (though not necessarily limited to these), permission to handle data across domains. + # Referrer-Policy allows control/restriction of the amount of information present in the referral header for links away from your page—the URL path or even if the header is sent at all. setenv.add-response-header = ( "X-Pi-hole" => "The Pi-hole Web interface is working!", - "X-Frame-Options" => "DENY" + "X-Frame-Options" => "DENY", + "X-XSS-Protection" => "1; mode=block", + "X-Content-Type-Options" => "nosniff", + "Content-Security-Policy" => "default-src 'self' 'unsafe-inline';", + "X-Permitted-Cross-Domain-Policies" => "none", + "Referrer-Policy" => "same-origin" ) } From 7320c10dd33f151ebc4cafa6a8b3e455e8a67a7e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Sat, 6 Aug 2022 21:44:19 +0200 Subject: [PATCH 41/61] Fix git indention MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index adf03dea..8bf23155 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -2126,7 +2126,7 @@ checkout_pull_branch() { git_pull=$(git pull --no-rebase || return 1) - if [[ "$git_pull" == *"up-to-date"* ]]; then + if [[ "$git_pull" == *"up to date"* ]]; then printf " %b %s\\n" "${INFO}" "${git_pull}" else printf "%s\\n" "$git_pull" From c7410b0be966b53a20a8517b91503afe63ab6b2c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Sun, 7 Aug 2022 15:50:05 +0200 Subject: [PATCH 42/61] Always indent MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- automated install/basic-install.sh | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 8bf23155..f141df41 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -2126,11 +2126,7 @@ checkout_pull_branch() { git_pull=$(git pull --no-rebase || return 1) - if [[ "$git_pull" == *"up to date"* ]]; then - printf " %b %s\\n" "${INFO}" "${git_pull}" - else - printf "%s\\n" "$git_pull" - fi + printf " %b %s\\n" "${INFO}" "${git_pull}" return 0 } From d77677312cb5f1a1db48f1aeba898362e70383f6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Mon, 8 Aug 2022 13:52:20 +0200 Subject: [PATCH 43/61] Extend FTL information in debug log MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- advanced/Scripts/piholeDebug.sh | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 1707b872..e7f3cd48 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -332,17 +332,34 @@ compare_local_version_to_git_version() { check_ftl_version() { local ftl_name="FTL" + local FTL_VERSION FTL_COMMIT FTL_BRANCH echo_current_diagnostic "${ftl_name} version" # Use the built in command to check FTL's version - FTL_VERSION=$(pihole-FTL version) + FTL_VERSION=$(pihole-FTL -vv | grep -m 1 Version | awk '{printf $2}') + FTL_BRANCH=$(pihole-FTL -vv | grep -m 1 Branch | awk '{printf $2}') + FTL_COMMIT=$(pihole-FTL -vv | grep -m 1 Commit | awk '{printf $2}') + # Compare the current FTL version to the remote version if [[ "${FTL_VERSION}" == "$(pihole -v | awk '/FTL/ {print $6}' | cut -d ')' -f1)" ]]; then # If they are the same, FTL is up-to-date log_write "${TICK} ${ftl_name}: ${COL_GREEN}${FTL_VERSION}${COL_NC}" else # If not, show it in yellow, signifying there is an update - log_write "${TICK} ${ftl_name}: ${COL_YELLOW}${FTL_VERSION}${COL_NC} (${FAQ_UPDATE_PI_HOLE})" + log_write "${INFO} ${ftl_name}: ${COL_YELLOW}${FTL_VERSION}${COL_NC} (${FAQ_UPDATE_PI_HOLE})" fi + + # If they use the master branch, they are on the stable codebase + if [[ "${FTL_BRANCH}" == "master" ]]; then + # so the color of the text is green + log_write "${INFO} Branch: ${COL_GREEN}${FTL_BRANCH}${COL_NC}" + # If it is any other branch, they are in a development branch + else + # So show that in yellow, signifying it's something to take a look at, but not a critical error + log_write "${INFO} Branch: ${COL_YELLOW}${FTL_BRANCH}${COL_NC} (${FAQ_CHECKOUT_COMMAND})" + fi + + # echo the current commit + log_write "${INFO} Commit: ${FTL_COMMIT}" } # Checks the core version of the Pi-hole codebase From c78cf82fc6dc2f4d612ce4c27a36b2f3a26353fd Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Tue, 5 Oct 2021 15:42:06 +0100 Subject: [PATCH 44/61] no need to declare $viewPort Signed-off-by: Adam Warner --- advanced/index.php | 369 +---------------------------- automated install/basic-install.sh | 18 +- 2 files changed, 21 insertions(+), 366 deletions(-) diff --git a/advanced/index.php b/advanced/index.php index cf0ab854..3b320a3f 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -11,15 +11,6 @@ $serverName = htmlspecialchars($_SERVER["SERVER_NAME"]); // Remove external ipv6 brackets if any $serverName = preg_replace('/^\[(.*)\]$/', '${1}', $serverName); -if (!is_file("/etc/pihole/setupVars.conf")) - die("[ERROR] File not found: /etc/pihole/setupVars.conf"); - -// Get values from setupVars.conf -$setupVars = parse_ini_file("/etc/pihole/setupVars.conf"); -$svPasswd = !empty($setupVars["WEBPASSWORD"]); -$svEmail = (!empty($setupVars["ADMIN_EMAIL"]) && filter_var($setupVars["ADMIN_EMAIL"], FILTER_VALIDATE_EMAIL)) ? $setupVars["ADMIN_EMAIL"] : ""; -unset($setupVars); - // Set landing page location, found within /var/www/html/ $landPage = "../landing.php"; @@ -34,21 +25,6 @@ if (!empty($_SERVER["FQDN"])) { array_push($authorizedHosts, $_SERVER["VIRTUAL_HOST"]); } -// Set which extension types render as Block Page (Including "" for index.ext) -$validExtTypes = array("asp", "htm", "html", "php", "rss", "xml", ""); - -// Get extension of current URL -$currentUrlExt = pathinfo($_SERVER["REQUEST_URI"], PATHINFO_EXTENSION); - -// Set mobile friendly viewport -$viewPort = ''; - -// Set response header -function setHeader($type = "x") { - header("X-Pi-hole: A black hole for Internet advertisements."); - if (isset($type) && $type === "js") header("Content-Type: application/javascript"); -} - // Determine block page type if ($serverName === "pi.hole" || (!empty($_SERVER["VIRTUAL_HOST"]) && $serverName === $_SERVER["VIRTUAL_HOST"])) { @@ -71,347 +47,26 @@ if ($serverName === "pi.hole" - $viewPort + ● $serverName - - + + -
- Pi-hole logo -

Pi-hole: Your black hole for Internet advertisements

- Did you mean to go to the admin panel? -
+ Pi-hole logo +
+

Pi-hole: Your black hole for Internet advertisements

+ Did you mean to go to the admin panel? EOT; exit($splashPage); -} elseif ($currentUrlExt === "js") { - // Serve Pi-hole JavaScript for blocked domains requesting JS - exit(setHeader("js").'var x = "Pi-hole: A black hole for Internet advertisements."'); -} elseif (strpos($_SERVER["REQUEST_URI"], "?") !== FALSE && isset($_SERVER["HTTP_REFERER"])) { - // Serve blank image upon receiving REQUEST_URI w/ query string & HTTP_REFERRER - // e.g: An iframe of a blocked domain - exit(setHeader().' - - - - - - - - '); -} elseif (!in_array($currentUrlExt, $validExtTypes) || substr_count($_SERVER["REQUEST_URI"], "?")) { - // Serve SVG upon receiving non $validExtTypes URL extension or query string - // e.g: Not an iframe of a blocked domain, such as when browsing to a file/query directly - // QoL addition: Allow the SVG to be clicked on in order to quickly show the full Block Page - $blockImg = ' - - - - - Blocked by Pi-hole - - - '; - exit(setHeader()." - - - - $viewPort - - $blockImg - "); } -/* Start processing Block Page from here */ +exit(header("HTTP/1.1 404 Not Found")); -// Define admin email address text based off $svEmail presence -$bpAskAdmin = !empty($svEmail) ? '' : ""; - -// Get possible non-standard location of FTL's database -$FTLsettings = parse_ini_file("/etc/pihole/pihole-FTL.conf"); -if (isset($FTLsettings["GRAVITYDB"])) { - $gravityDBFile = $FTLsettings["GRAVITYDB"]; -} else { - $gravityDBFile = "/etc/pihole/gravity.db"; -} - -// Connect to gravity.db -try { - $db = new SQLite3($gravityDBFile, SQLITE3_OPEN_READONLY); -} catch (Exception $exception) { - die("[ERROR]: Failed to connect to gravity.db"); -} - -// Get all adlist addresses -$adlistResults = $db->query("SELECT address FROM vw_adlist"); -$adlistsUrls = array(); -while ($row = $adlistResults->fetchArray()) { - array_push($adlistsUrls, $row[0]); -} - -if (empty($adlistsUrls)) - die("[ERROR]: There are no adlists enabled"); - -// Get total number of blocklists (Including Whitelist, Blacklist & Wildcard lists) -$adlistsCount = count($adlistsUrls) + 3; - -// Set query timeout -ini_set("default_socket_timeout", 3); - -// Logic for querying blocklists -function queryAds($serverName) { - // Determine the time it takes while querying adlists - $preQueryTime = microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"]; - - // Determine which protocol should be used - $protocol = "http"; - if ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') || - (isset($_SERVER['REQUEST_SCHEME']) && $_SERVER['REQUEST_SCHEME'] === 'https') || - (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') - ) { - $protocol = "https"; - } - - // Format the URL - $queryAdsURL = sprintf( - "%s://127.0.0.1:%s/admin/scripts/pi-hole/php/queryads.php?domain=%s&bp", - $protocol, - $_SERVER["SERVER_PORT"], - $serverName - ); - - // Request the file and receive the response - $queryAdsFile = file($queryAdsURL, FILE_IGNORE_NEW_LINES); - - // $queryAdsFile must be an array (to avoid PHP 8.0+ error) - if (is_array($queryAdsFile)) { - $queryAds = array_values(array_filter(preg_replace("/data:\s+/", "", $queryAdsFile))); - } else { - // if not an array, return an error message - return array("0" => "error", "1" => "
(".gettype($queryAdsFile).")
".print_r($queryAdsFile, true)); - } - - $queryTime = sprintf("%.0f", (microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"]) - $preQueryTime); - - // Exception Handling - try { - // Define Exceptions - if (strpos($queryAds[0], "No exact results") !== FALSE) { - // Return "none" into $queryAds array - return array("0" => "none"); - } else if ($queryTime >= ini_get("default_socket_timeout")) { - // Connection Timeout - throw new Exception ("Connection timeout (".ini_get("default_socket_timeout")."s)"); - } elseif (!strpos($queryAds[0], ".") !== false) { - // Unknown $queryAds output - throw new Exception ("Unhandled error message ($queryAds[0])"); - } - return $queryAds; - } catch (Exception $e) { - // Return exception as array - return array("0" => "error", "1" => $e->getMessage()); - } -} - -// Get results of queryads.php exact search -$queryAds = queryAds($serverName); - -// Pass error through to Block Page -if ($queryAds[0] === "error") - die("[ERROR]: Unable to parse results from queryads.php: ".$queryAds[1].""); - -// Count total number of matching blocklists -$featuredTotal = count($queryAds); - -// Place results into key => value array -$queryResults = null; -foreach ($queryAds as $str) { - $value = explode(" ", $str); - @$queryResults[$value[0]] .= "$value[1]"; -} - -// Determine if domain has been blacklisted, whitelisted, wildcarded or CNAME blocked -if (strpos($queryAds[0], "blacklist") !== FALSE) { - $notableFlagClass = "blacklist"; - $adlistsUrls = array("π" => substr($queryAds[0], 2)); -} elseif (strpos($queryAds[0], "whitelist") !== FALSE) { - $notableFlagClass = "noblock"; - $adlistsUrls = array("π" => substr($queryAds[0], 2)); - $wlInfo = "recentwl"; -} elseif (strpos($queryAds[0], "wildcard") !== FALSE) { - $notableFlagClass = "wildcard"; - $adlistsUrls = array("π" => substr($queryAds[0], 2)); -} elseif ($queryAds[0] === "none") { - $featuredTotal = "0"; - $notableFlagClass = "noblock"; - - // QoL addition: Determine appropriate info message if CNAME exists - // Suggests to the user that $serverName has a CNAME (alias) that may be blocked - $dnsRecord = dns_get_record("$serverName")[0]; - if (array_key_exists("target", $dnsRecord)) { - $wlInfo = $dnsRecord['target']; - } else { - $wlInfo = "unknown"; - } -} - -// Set #bpOutput notification -$wlOutputClass = (isset($wlInfo) && $wlInfo === "recentwl") ? $wlInfo : "hidden"; -$wlOutput = (isset($wlInfo) && $wlInfo !== "recentwl") ? "$wlInfo" : ""; - -// Get Pi-hole Core version -$phVersion = exec("cd /etc/.pihole/ && git describe --long --tags"); - -// Print $execTime on development branches -// Testing for - is marginally faster than "git rev-parse --abbrev-ref HEAD" -if (explode("-", $phVersion)[1] != "0") - $execTime = microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"]; - -// Please Note: Text is added via CSS to allow an admin to provide a localized -// language without the need to edit this file - -setHeader(); ?> - - - - - - - - - - - ● <?=$serverName ?> - - - -
-
-

- -

-
- - -
-
-
-

Open Source Ad Blocker - Designed for Raspberry Pi -

-
-
- - '; ?> -
-
- -
- -
-
- -
-
-
-

-
- -
-

-
- -
-
- - 0) echo ''; ?> -
- -
- - 
 0) foreach ($queryResults as $num => $value) { echo "[$num]:$adlistsUrls[$num]\n"; } ?>
- -
- - - -
-
-
- -
. Pi-hole ()
-
- - - diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index f141df41..6b58afdf 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -82,7 +82,7 @@ PI_HOLE_FILES=(chronometer list piholeDebug piholeLogFlush setupLCD update versi PI_HOLE_INSTALL_DIR="/opt/pihole" PI_HOLE_CONFIG_DIR="/etc/pihole" PI_HOLE_BIN_DIR="/usr/local/bin" -PI_HOLE_BLOCKPAGE_DIR="${webroot}/pihole" +PI_HOLE_404_DIR="${webroot}/pihole" if [ -z "$useUpdateVars" ]; then useUpdateVars=false fi @@ -1662,18 +1662,18 @@ install_dependent_packages() { # Install the Web interface dashboard installPiholeWeb() { - printf "\\n %b Installing blocking page...\\n" "${INFO}" + printf "\\n %b Installing 404 page...\\n" "${INFO}" - local str="Creating directory for blocking page, and copying files" + local str="Creating directory for 404 page, and copying files" printf " %b %s..." "${INFO}" "${str}" - # Install the directory, - install -d -m 0755 ${PI_HOLE_BLOCKPAGE_DIR} - # and the blockpage - install -D -m 644 ${PI_HOLE_LOCAL_REPO}/advanced/{index,blockingpage}.* ${PI_HOLE_BLOCKPAGE_DIR}/ + # Install the directory + install -d -m 0755 ${PI_HOLE_404_DIR} + # and the 404 handler + install -D -m 644 ${PI_HOLE_LOCAL_REPO}/advanced/index.php ${PI_HOLE_404_DIR}/ # Remove superseded file - if [[ -e "${PI_HOLE_BLOCKPAGE_DIR}/index.js" ]]; then - rm "${PI_HOLE_BLOCKPAGE_DIR}/index.js" + if [[ -e "${PI_HOLE_404_DIR}/index.js" ]]; then + rm "${PI_HOLE_404_DIR}/index.js" fi printf "%b %b %s\\n" "${OVER}" "${TICK}" "${str}" From 5d5a85b7b6a79df04f7eaa4177608153dca02401 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Tue, 5 Oct 2021 16:36:33 +0100 Subject: [PATCH 45/61] X-Pi-hole removed from blocking page... Signed-off-by: Adam Warner --- advanced/Scripts/piholeDebug.sh | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 1707b872..79452f00 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -797,29 +797,13 @@ check_x_headers() { # server is operating correctly echo_current_diagnostic "Dashboard and block page" # Use curl -I to get the header and parse out just the X-Pi-hole one - local block_page - block_page=$(curl -Is localhost | awk '/X-Pi-hole/' | tr -d '\r') - # Do it for the dashboard as well, as the header is different than above local dashboard dashboard=$(curl -Is localhost/admin/ | awk '/X-Pi-hole/' | tr -d '\r') # Store what the X-Header should be in variables for comparison later - local block_page_working - block_page_working="X-Pi-hole: A black hole for Internet advertisements." local dashboard_working dashboard_working="X-Pi-hole: The Pi-hole Web interface is working!" - local full_curl_output_block_page - full_curl_output_block_page="$(curl -Is localhost)" local full_curl_output_dashboard full_curl_output_dashboard="$(curl -Is localhost/admin/)" - # If the X-header found by curl matches what is should be, - if [[ $block_page == "$block_page_working" ]]; then - # display a success message - log_write "$TICK Block page X-Header: ${COL_GREEN}${block_page}${COL_NC}" - else - # Otherwise, show an error - log_write "$CROSS Block page X-Header: ${COL_RED}X-Header does not match or could not be retrieved.${COL_NC}" - log_write "${COL_RED}${full_curl_output_block_page}${COL_NC}" - fi # Same logic applies to the dashboard as above, if the X-Header matches what a working system should have, if [[ $dashboard == "$dashboard_working" ]]; then From 5816f495f46ce9373e19469905d30b56a7958a20 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Tue, 26 Jul 2022 19:45:03 +0100 Subject: [PATCH 46/61] Fix test_installPiholeWeb_fresh_install_no_errors and test_installPihole_fresh_install_readableBlockpage Signed-off-by: Adam Warner --- test/test_any_automated_install.py | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/test/test_any_automated_install.py b/test/test_any_automated_install.py index 717f6ea2..c26380a1 100644 --- a/test/test_any_automated_install.py +++ b/test/test_any_automated_install.py @@ -116,9 +116,9 @@ def test_installPiholeWeb_fresh_install_no_errors(host): source /opt/pihole/basic-install.sh installPiholeWeb ''') - expected_stdout = info_box + ' Installing blocking page...' + expected_stdout = info_box + ' Installing 404 page...' assert expected_stdout in installWeb.stdout - expected_stdout = tick_box + (' Creating directory for blocking page, ' + expected_stdout = tick_box + (' Creating directory for 404 page, ' 'and copying files') assert expected_stdout in installWeb.stdout expected_stdout = info_box + ' Backing up index.lighttpd.html' @@ -130,7 +130,6 @@ def test_installPiholeWeb_fresh_install_no_errors(host): assert expected_stdout in installWeb.stdout web_directory = host.run('ls -r /var/www/html/pihole').stdout assert 'index.php' in web_directory - assert 'blockingpage.css' in web_directory def get_directories_recursive(host, directory): @@ -605,10 +604,6 @@ def test_installPihole_fresh_install_readableBlockpage(host, test_webpage): 'r', webroot + '/pihole/index.php', webuser) actual_rc = host.run(check_index).rc assert exit_status_success == actual_rc - check_blockpage = test_cmd.format( - 'r', webroot + '/pihole/blockingpage.css', webuser) - actual_rc = host.run(check_blockpage).rc - assert exit_status_success == actual_rc if test_webpage is True: # check webpage for unreadable files noPHPfopen = re.compile( From 6c9bd7a6328f892884b9e55064c61fa08b7682fe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Tue, 26 Jul 2022 23:57:07 +0200 Subject: [PATCH 47/61] Remove blockingpage.css MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- advanced/blockingpage.css | 455 ----------------------------- automated install/basic-install.sh | 4 +- 2 files changed, 2 insertions(+), 457 deletions(-) delete mode 100644 advanced/blockingpage.css diff --git a/advanced/blockingpage.css b/advanced/blockingpage.css deleted file mode 100644 index 0cc7a65c..00000000 --- a/advanced/blockingpage.css +++ /dev/null @@ -1,455 +0,0 @@ -/* Pi-hole: A black hole for Internet advertisements -* (c) 2017 Pi-hole, LLC (https://pi-hole.net) -* Network-wide ad blocking via your own hardware. -* -* This file is copyright under the latest version of the EUPL. -* Please see LICENSE file for your rights under this license. */ - -/* Text Customisation Options ======> */ -.title::before { content: "Website Blocked"; } -.altBtn::before { content: "Why am I here?"; } -.linkPH::before { content: "About Pi-hole"; } -.linkEmail::before { content: "Contact Admin"; } - -#bpOutput.add::before { content: "Info"; } -#bpOutput.add::after { content: "The domain is being whitelisted..."; } -#bpOutput.error::before, .unhandled::before { content: "Error"; } -#bpOutput.unhandled::after { content: "An unhandled exception occurred. This may happen when your browser is unable to load jQuery, or when the webserver is denying access to the Pi-hole API."; } -#bpOutput.success::before { content: "Success"; } -#bpOutput.success::after { content: "Website has been whitelisted! You may need to flush your DNS cache"; } - -.recentwl::before { content: "This site has been whitelisted. Please flush your DNS cache and/or restart your browser."; } -.unknown::before { content: "This website is not found in any of Pi-hole's blacklists. The reason you have arrived here is unknown."; } -.cname::before { content: "This site is an alias for "; } /* cname.com */ -.cname::after { content: ", which may be blocked by Pi-hole."; } - -.blacklist::before { content: "Manually Blacklisted"; } -.wildcard::before { content: "Manually Blacklisted by Wildcard"; } -.noblock::before { content: "Not found on any Blacklist"; } - -#bpBlock::before { content: "Access to the following website has been denied:"; } -#bpFlag::before { content: "This is primarily due to being flagged as:"; } - -#bpHelpTxt::before { content: "If you have an ongoing use for this website, please "; } -#bpHelpTxt a::before, #bpHelpTxt span::before { content: "ask the administrator"; } -#bpHelpTxt::after{ content: " of the Pi-hole on this network to have it whitelisted"; } - -#bpBack::before { content: "Back to safety"; } -#bpInfo::before { content: "Technical Info"; } -#bpFoundIn::before { content: "This site is found in "; } -#bpFoundIn span::after { content: " of "; } -#bpFoundIn::after { content: " lists:"; } -#bpWhitelist::before { content: "Whitelist"; } - -footer span::before { content: "Page generated on "; } - -/* Hide whitelisting form entirely */ -/* #bpWLButtons { display: none; } */ - -/* Text Customisation Options <=============================== */ - -/* http://necolas.github.io/normalize.css ======> */ -html { font-family: sans-serif; line-height: 1.15; -ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%; } -body { margin: 0; } -article, aside, footer, header, nav, section { display: block; } -h1 { font-size: 2em; margin: 0.67em 0; } -figcaption, figure, main { display: block; } -figure { margin: 1em 40px; } -hr { box-sizing: content-box; height: 0; overflow: visible; } -pre { font-family: monospace, monospace; font-size: 1em; } -a { background-color: transparent; -webkit-text-decoration-skip: objects; } -a:active, a:hover { outline-width: 0; } -abbr[title] { border-bottom: none; text-decoration: underline; text-decoration: underline dotted; } -b, strong { font-weight: inherit; } -b, strong { font-weight: bolder; } -code, kbd, samp { font-family: monospace, monospace; font-size: 1em; } -dfn { font-style: italic; } -mark { background-color: #ff0; color: #000; } -small { font-size: 80%; } -sub, sup { font-size: 75%; line-height: 0; position: relative; vertical-align: baseline; } -sub { bottom: -0.25em; } -sup { top: -0.5em; } -audio, video { display: inline-block; } -audio:not([controls]) { display: none; height: 0; } -img { border-style: none; } -svg:not(:root) { overflow: hidden; } -button, input, optgroup, select, textarea { font-family: sans-serif; font-size: 100%; line-height: 1.15; margin: 0; } -button, input { overflow: visible; } -button, select { text-transform: none; } -button, html [type="button"], [type="reset"], [type="submit"] { -webkit-appearance: button; } -button::-moz-focus-inner, [type="button"]::-moz-focus-inner, [type="reset"]::-moz-focus-inner, [type="submit"]::-moz-focus-inner { border-style: none; padding: 0; } -button:-moz-focusring, [type="button"]:-moz-focusring, [type="reset"]:-moz-focusring, [type="submit"]:-moz-focusring { outline: 1px dotted ButtonText; } -fieldset { border: 1px solid #c0c0c0; margin: 0 2px; padding: 0.35em 0.625em 0.75em; } -legend { box-sizing: border-box; color: inherit; display: table; max-width: 100%; padding: 0; white-space: normal; } -progress { display: inline-block; vertical-align: baseline; } -textarea { overflow: auto; } -[type="checkbox"], [type="radio"] { box-sizing: border-box; padding: 0; } -[type="number"]::-webkit-inner-spin-button, [type="number"]::-webkit-outer-spin-button { height: auto; } -[type="search"] { -webkit-appearance: textfield; outline-offset: -2px; } -[type="search"]::-webkit-search-cancel-button, [type="search"]::-webkit-search-decoration { -webkit-appearance: none; } -::-webkit-file-upload-button { -webkit-appearance: button; font: inherit; } -details, menu { display: block; } -summary { display: list-item; } -canvas { display: inline-block; } -template { display: none; } -[hidden] { display: none; } -/* Normalize.css <=============================== */ - -html { font-size: 62.5%; } - -a { color: #3c8dbc; text-decoration: none; } -a:hover { color: #72afda; text-decoration: underline; } -b { color: rgb(68, 68, 68); } -p { margin: 0; } - -label, .buttons a { - -webkit-user-select: none; - -moz-user-select: none; - -ms-user-select: none; - user-select: none; -} - -label, .buttons *:not([disabled]) { cursor: pointer; } - -/* Touch device dark tap highlight */ -header h1 a, label, .buttons * { -webkit-tap-highlight-color: transparent; } - -/* Webkit Focus Glow */ -textarea, input, button { outline: none; } - -@font-face { - font-family: "Source Sans Pro"; - font-style: normal; - font-weight: 400; - font-display: swap; - src: local("Source Sans Pro Regular"), local("SourceSansPro-Regular"), - url("/admin/style/vendor/SourceSansPro/source-sans-pro-v13-latin-regular.woff2") format("woff2"), - url("/admin/style/vendor/SourceSansPro/source-sans-pro-v13-latin-regular.woff") format("woff"); -} - -@font-face { - font-family: "Source Sans Pro"; - font-style: normal; - font-weight: 700; - font-display: swap; - src: local("Source Sans Pro Bold"), local("SourceSansPro-Bold"), - url("/admin/style/vendor/SourceSansPro/source-sans-pro-v13-latin-700.woff2") format("woff2"), - url("/admin/style/vendor/SourceSansPro/source-sans-pro-v13-latin-700.woff") format("woff"); -} - -body { - background: #dbdbdb url("/admin/img/boxed-bg.jpg") repeat fixed; - color: #333; - font: 1.4rem "Source Sans Pro", "Helvetica Neue", Helvetica, Arial, sans-serif; - line-height: 2.2rem; -} - -/* User is greeted with a splash page when browsing to Pi-hole IP address */ -#splashpage { - background: #222; - color: rgba(255, 255, 255, 0.7); - text-align: center; - width: 100%; - height: 100%; - display: flex; - align-items: center; - justify-content: center; -} - -#splashpage img { margin: 5px; width: 256px; } -#splashpage b { color: inherit; } - -#bpWrapper { - margin: 0 auto; - max-width: 1250px; - box-shadow: 0 0 8px rgba(0, 0, 0, 0.5); -} - -header { - background: #3c8dbc; - display: table; - position: relative; - width: 100%; -} - -header h1, header h1 a, header .spc, header #bpAlt label { - display: table-cell; - color: #fff; - white-space: nowrap; - vertical-align: middle; - height: 50px; /* Must match #bpAbout top value */ -} - -h1 a { - background-color: rgba(0, 0, 0, 0.1); - font-family: "Helvetica Neue", Helvetica, Arial, sans-serif; - font-size: 2rem; - font-weight: 400; - min-width: 230px; - text-align: center; -} - -h1 a:hover, header #bpAlt:hover { background-color: rgba(0, 0, 0, 0.12); color: inherit; text-decoration: none; } - -header .spc { width: 100%; } - -header #bpAlt label { - background: url("/admin/img/logo.svg") no-repeat center left 15px; - background-size: 15px 23px; - padding: 0 15px; - text-indent: 30px; -} - -[type="checkbox"][id$="Toggle"] { display: none; } -[type="checkbox"][id$="Toggle"]:checked ~ #bpAbout, -[type="checkbox"][id$="Toggle"]:checked ~ #bpMoreInfo { - display: block; -} - -html, body { - height: 100%; -} - -#pihole_card { - width: 400px; - height: auto; - max-width: 400px; -} - - #pihole_card p, #pihole_card a { - font-size: 13pt; - text-align: center; - } - -#pihole_logo_splash { - height: auto; - width: 100%; -} - -/* Click anywhere else on screen to hide #bpAbout */ -#bpAboutToggle:checked { - display: block; - height: 300px; /* VH Fallback */ - height: 100vh; - left: 0; - top: 0; - opacity: 0; - position: absolute; - width: 100%; -} - -#bpAbout { - background: #3c8dbc; - border-bottom-left-radius: 5px; - border: 1px solid #fff; - border-right-width: 0; - box-shadow: -1px 1px 1px rgba(0, 0, 0, 0.12); - box-sizing: border-box; - display: none; - font-size: 1.7rem; - top: 50px; - position: absolute; - right: 0; - width: 280px; - z-index: 1; -} - -.aboutPH { - box-sizing: border-box; - color: rgba(255, 255, 255, 0.8); - display: block; - padding: 10px; - width: 100%; - text-align: center; -} - -.aboutImg { - background: url("/admin/img/logo.svg") no-repeat center; - background-size: 90px 90px; - height: 90px; - margin: 0 auto; - padding: 2px; - width: 90px; -} - -.aboutPH p { margin: 10px 0; } -.aboutPH small { display: block; font-size: 1.2rem; } - -.aboutLink { - background: #fff; - border-top: 1px solid #ddd; - display: table; - font-size: 1.4rem; - text-align: center; - width: 100%; -} - -.aboutLink a { - display: table-cell; - padding: 14px; - min-width: 50%; -} - -main { - background: #ecf0f5; - font-size: 1.65rem; - padding: 10px; -} - -#bpOutput { - background: #00c0ef; - border-radius: 3px; - border: 1px solid rgba(0, 0, 0, 0.1); - color: #fff; - font-size: 1.4rem; - margin-bottom: 10px; - margin-top: 5px; - padding: 15px; -} - -#bpOutput::before { - background: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' width='7' height='14' viewBox='0 0 7 14'%3E%3Cpath fill='%23fff' d='M6 11a1.371 1.371 0 011 1v1a1.371 1.371 0 01-1 1H1a1.371 1.371 0 01-1-1v-1a1.371 1.371 0 011-1h1V8H1a1.371 1.371 0 01-1-1V6a1.371 1.371 0 011-1h3a1.371 1.371 0 011 1v5h1zM3.5 0A1.5 1.5 0 112 1.5 1.5 1.5 0 013.5 0z'/%3E%3C/svg%3E") no-repeat center left; - display: block; - font-size: 1.8rem; - text-indent: 15px; -} - -#bpOutput.hidden { display: none; } -#bpOutput.success { background: #00a65a; } -#bpOutput.error { background: #dd4b39; } - -.blockMsg, .flagMsg { - font: 700 1.8rem Consolas, Courier, monospace; - padding: 5px 10px 10px; - text-indent: 15px; -} - -#bpHelpTxt { padding-bottom: 10px; } - -.buttons { - border-spacing: 5px 0; - display: table; - width: 100%; -} - -.buttons * { - -moz-appearance: none; - -webkit-appearance: none; - border-radius: 3px; - border: 1px solid rgba(0, 0, 0, 0.1); - box-sizing: content-box; - display: table-cell; - font-size: 1.65rem; - margin-right: 5px; - min-height: 20px; - padding: 6px 12px; - position: relative; - text-align: center; - vertical-align: top; - white-space: nowrap; - width: auto; -} - -.buttons a:hover { text-decoration: none; } - -/* Button hover dark overlay */ -.buttons *:not(input):not([disabled]):hover { - background-image: linear-gradient(to bottom, rgba(0, 0, 0, 0.1), rgba(0, 0, 0, 0.1)); - color: #fff; -} - -/* Button active shadow inset */ -.buttons *:not([disabled]):not(input):active { - box-shadow: inset 0 3px 5px rgba(0, 0, 0, 0.125); -} - -/* Input border color */ -.buttons *:not([disabled]):hover, .buttons input:focus { - border-color: rgba(0, 0, 0, 0.25); -} - -#bpButtons * { width: 50%; color: #fff; } -#bpBack { background-color: #00a65a; } -#bpInfo { background-color: #3c8dbc; } -#bpWhitelist { background-color: #dd4b39; } - -#blockpage .buttons [type="password"][disabled] { color: rgba(0, 0, 0, 1); } -#blockpage .buttons [disabled] { color: rgba(0, 0, 0, 0.55); background-color: #e3e3e3; } -#blockpage .buttons [type="password"]:-ms-input-placeholder { color: rgba(51, 51, 51, 0.8); } - -input[type="password"] { font-size: 1.5rem; } - -@-webkit-keyframes slidein { from { max-height: 0; opacity: 0; } to { max-height: 300px; opacity: 1; } } - -@keyframes slidein { from { max-height: 0; opacity: 0; } to { max-height: 300px; opacity: 1; } } -#bpMoreToggle:checked ~ #bpMoreInfo { display: block; margin-top: 8px; -webkit-animation: slidein 0.05s linear; animation: slidein 0.05s linear; } -#bpMoreInfo { display: none; margin-top: 10px; } - -#bpQueryOutput { - font-size: 1.2rem; - line-height: 1.65rem; - margin: 5px 0 0; - overflow: auto; - padding: 0 5px; - -webkit-overflow-scrolling: touch; -} - -#bpQueryOutput span { margin-right: 4px; } - -#bpWLButtons { width: auto; margin-top: 10px; } -#bpWLButtons * { display: inline-block; } -#bpWLDomain { display: none; } -#bpWLPassword { width: 160px; } -#bpWhitelist { color: #fff; } - -footer { - background: #fff; - border-top: 1px solid #d2d6de; - color: #444; - font: 1.2rem Consolas, Courier, monospace; - padding: 8px; -} - -/* Responsive Content */ -@media only screen and (max-width: 500px) { - h1 a { - font-size: 1.8rem; - min-width: 170px; - } - - footer span::before { - content: "Generated "; - } - - footer span { - display: block; - } -} - -@media only screen and (min-width: 1251px) { - #bpWrapper, footer { - border-radius: 0 0 5px 5px; - } - - #bpAbout { - border-right-width: 1px; - } -} - -@media only screen and (max-width: 400px) { - #pihole_card { - width: 100%; - height: auto; - } - - #pihole_card p, #pihole_card a { - font-size: 100%; - } -} - -@media only screen and (max-width: 256px) { - #pihole_logo_splash { - width: 90% !important; - height: auto; - } -} diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 6b58afdf..c290527a 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1672,8 +1672,8 @@ installPiholeWeb() { install -D -m 644 ${PI_HOLE_LOCAL_REPO}/advanced/index.php ${PI_HOLE_404_DIR}/ # Remove superseded file - if [[ -e "${PI_HOLE_404_DIR}/index.js" ]]; then - rm "${PI_HOLE_404_DIR}/index.js" + if [[ -e "${PI_HOLE_404_DIR}/blockingpage.css" ]]; then + rm "${PI_HOLE_404_DIR}/blockingpage.css" fi printf "%b %b %s\\n" "${OVER}" "${TICK}" "${str}" From b98e3313759034e3cfe60eb1a7830381b1cf4af9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Wed, 27 Jul 2022 00:07:24 +0200 Subject: [PATCH 48/61] Only do one curl call in debug when checking the X-Header MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- advanced/Scripts/piholeDebug.sh | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 79452f00..aff2ee9d 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -797,13 +797,13 @@ check_x_headers() { # server is operating correctly echo_current_diagnostic "Dashboard and block page" # Use curl -I to get the header and parse out just the X-Pi-hole one + local full_curl_output_dashboard local dashboard - dashboard=$(curl -Is localhost/admin/ | awk '/X-Pi-hole/' | tr -d '\r') + full_curl_output_dashboard="$(curl -Is localhost/admin/)" + dashboard=$(echo "${full_curl_output_dashboard}" | awk '/X-Pi-hole/' | tr -d '\r') # Store what the X-Header should be in variables for comparison later local dashboard_working dashboard_working="X-Pi-hole: The Pi-hole Web interface is working!" - local full_curl_output_dashboard - full_curl_output_dashboard="$(curl -Is localhost/admin/)" # Same logic applies to the dashboard as above, if the X-Header matches what a working system should have, if [[ $dashboard == "$dashboard_working" ]]; then @@ -812,6 +812,7 @@ check_x_headers() { else # Otherwise, it's a failure since the X-Headers either don't exist or have been modified in some way log_write "$CROSS Web interface X-Header: ${COL_RED}X-Header does not match or could not be retrieved.${COL_NC}" + log_write "${COL_RED}${full_curl_output_dashboard}${COL_NC}" fi } From 27fa284edac13953c32c905008270a694a5825b3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Wed, 27 Jul 2022 00:34:22 +0200 Subject: [PATCH 49/61] Fix missing PI_HOLE_BLOCKPAGE_DIR MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index c290527a..6d419e7f 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1402,7 +1402,7 @@ installConfigs() { install -m 644 /dev/null /etc/lighttpd/external.conf fi # If there is a custom block page in the html/pihole directory, replace 404 handler in lighttpd config - if [[ -f "${PI_HOLE_BLOCKPAGE_DIR}/custom.php" ]]; then + if [[ -f "${PI_HOLE_404_DIR}/custom.php" ]]; then sed -i 's/^\(server\.error-handler-404\s*=\s*\).*$/\1"\/pihole\/custom\.php"/' "${lighttpdConfig}" fi # Make the directories if they do not exist and set the owners From e6683803edc2242b69cbc8756971466f286811cf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Wed, 27 Jul 2022 12:15:44 +0200 Subject: [PATCH 50/61] Use absolut asset paths MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- advanced/index.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/advanced/index.php b/advanced/index.php index 3b320a3f..d9a5b33e 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -49,7 +49,7 @@ if ($serverName === "pi.hole" ● $serverName - + - Pi-hole logo + Pi-hole logo

Pi-hole: Your black hole for Internet advertisements

Did you mean to go to the admin panel? From 49a9f6f2dbb61cfe9034c27f0ee239b69c1334d7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Wed, 27 Jul 2022 14:31:48 +0200 Subject: [PATCH 51/61] Reproduce blockpage.css for $splashPage MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- advanced/index.php | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/advanced/index.php b/advanced/index.php index d9a5b33e..675b5005 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -51,16 +51,24 @@ if ($serverName === "pi.hole" ● $serverName +
Pi-hole logo

Pi-hole: Your black hole for Internet advertisements

Did you mean to go to the admin panel? +
EOT; From c67f313ee83996d8c8fe925d7e781deb392db7e3 Mon Sep 17 00:00:00 2001 From: yubiuser Date: Fri, 29 Jul 2022 15:11:09 +0200 Subject: [PATCH 52/61] Apply reviewers suggestion for inline CSS Co-authored-by: RD WebDesign Signed-off-by: yubiuser --- advanced/index.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/advanced/index.php b/advanced/index.php index 675b5005..350eb602 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -52,12 +52,12 @@ if ($serverName === "pi.hole" From 97447b2f3beee11347f603d070dae46a9e84d9fb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Wed, 27 Jul 2022 00:32:50 +0200 Subject: [PATCH 53/61] Do not remove blockingpage.css from existing installations as some users might use them for custom.php MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- automated install/basic-install.sh | 5 ----- 1 file changed, 5 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 6d419e7f..254e9c06 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1671,11 +1671,6 @@ installPiholeWeb() { # and the 404 handler install -D -m 644 ${PI_HOLE_LOCAL_REPO}/advanced/index.php ${PI_HOLE_404_DIR}/ - # Remove superseded file - if [[ -e "${PI_HOLE_404_DIR}/blockingpage.css" ]]; then - rm "${PI_HOLE_404_DIR}/blockingpage.css" - fi - printf "%b %b %s\\n" "${OVER}" "${TICK}" "${str}" local str="Backing up index.lighttpd.html" From e35a9da921aa10a4b51b8d80277481871420f8fd Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Mon, 8 Aug 2022 18:57:17 +0100 Subject: [PATCH 54/61] Remove the blockpage-focussed customisations to query.sh Signed-off-by: Adam Warner --- advanced/Scripts/query.sh | 46 ++++++++++++--------------------------- 1 file changed, 14 insertions(+), 32 deletions(-) diff --git a/advanced/Scripts/query.sh b/advanced/Scripts/query.sh index 5f25e5be..ae266ec0 100755 --- a/advanced/Scripts/query.sh +++ b/advanced/Scripts/query.sh @@ -16,7 +16,6 @@ GRAVITYDB="${piholeDir}/gravity.db" options="$*" all="" exact="" -blockpage="" matchType="match" # Source pihole-FTL from install script pihole_FTL="${piholeDir}/pihole-FTL.conf" @@ -71,18 +70,14 @@ Options: fi # Handle valid options -if [[ "${options}" == *"-bp"* ]]; then - exact="exact"; blockpage=true -else - [[ "${options}" == *"-all"* ]] && all=true - if [[ "${options}" == *"-exact"* ]]; then - exact="exact"; matchType="exact ${matchType}" - fi +[[ "${options}" == *"-all"* ]] && all=true +if [[ "${options}" == *"-exact"* ]]; then + exact="exact"; matchType="exact ${matchType}" fi # Strip valid options, leaving only the domain and invalid options # This allows users to place the options before or after the domain -options=$(sed -E 's/ ?-(bp|adlists?|all|exact) ?//g' <<< "${options}") +options=$(sed -E 's/ ?-(adlists?|all|exact) ?//g' <<< "${options}") # Handle remaining options # If $options contain non ASCII characters, convert to punycode @@ -136,17 +131,11 @@ scanDatabaseTable() { wbMatch=true # Print table name - if [[ -z "${blockpage}" ]]; then - echo " ${matchType^} found in ${COL_BOLD}exact ${table}${COL_NC}" - fi + echo " ${matchType^} found in ${COL_BOLD}exact ${table}${COL_NC}" # Loop over results and print them mapfile -t results <<< "${result}" for result in "${results[@]}"; do - if [[ -n "${blockpage}" ]]; then - echo "π ${result}" - exit 0 - fi domain="${result/|*}" if [[ "${result#*|}" == "0" ]]; then extra=" (disabled)" @@ -181,18 +170,13 @@ scanRegexDatabaseTable() { # Form a "results" message str_result="${COL_BOLD}${str_regexMatches}${COL_NC}" # If we are displaying more than just the source of the block - if [[ -z "${blockpage}" ]]; then - # Set the wildcard match flag - wcMatch=true - # Echo the "matched" message, indented by one space - echo " ${str_message}" - # Echo the "results" message, each line indented by three spaces - # shellcheck disable=SC2001 - echo "${str_result}" | sed 's/^/ /' - else - echo "π .wildcard" - exit 0 - fi + # Set the wildcard match flag + wcMatch=true + # Echo the "matched" message, indented by one space + echo " ${str_message}" + # Echo the "results" message, each line indented by three spaces + # shellcheck disable=SC2001 + echo "${str_result}" | sed 's/^/ /' fi fi } @@ -222,7 +206,7 @@ elif [[ -z "${all}" ]] && [[ "${#results[*]}" -ge 100 ]]; then fi # Print "Exact matches for" title -if [[ -n "${exact}" ]] && [[ -z "${blockpage}" ]]; then +if [[ -n "${exact}" ]]; then plural=""; [[ "${#results[*]}" -gt 1 ]] && plural="es" echo " ${matchType^}${plural} for ${COL_BOLD}${domainQuery}${COL_NC} found in:" fi @@ -238,9 +222,7 @@ for result in "${results[@]}"; do extra="" fi - if [[ -n "${blockpage}" ]]; then - echo "0 ${adlistAddress}" - elif [[ -n "${exact}" ]]; then + if [[ -n "${exact}" ]]; then echo " - ${adlistAddress}${extra}" else if [[ ! "${adlistAddress}" == "${adlistAddress_prev:-}" ]]; then From b3c8045b529642d9bf8a909bdb15f7ac3d0e0228 Mon Sep 17 00:00:00 2001 From: MichaIng Date: Thu, 28 Jul 2022 20:10:18 +0200 Subject: [PATCH 55/61] Skip web server dialog if --disable-install-webserver has been passed Prior to https://github.com/pi-hole/pi-hole/pull/4772, the web server dialog was skipped if --disable-install-webserver was passed (INSTALL_WEB_SERVER=false). This commit restores this behaviour. Signed-off-by: MichaIng --- automated install/basic-install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index f141df41..0c7196ee 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1127,8 +1127,8 @@ setAdminFlag() { ;; esac - # If the user wants to install the Web admin interface (i.e. it has not been deselected above) - if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then + # If the user wants to install the Web admin interface (i.e. it has not been deselected above) and did not deselect the web server via command-line argument + if [[ "${INSTALL_WEB_INTERFACE}" == true && "${INSTALL_WEB_SERVER}" == true ]]; then # Get list of required PHP modules, excluding base package (common) and handler (cgi) local i php_modules for i in "${PIHOLE_WEB_DEPS[@]}"; do [[ $i == 'php'* && $i != *'-common' && $i != *'-cgi' ]] && php_modules+=" ${i#*-}"; done From 8c4a9aa6e3306e1fe47cfc04fe579e26b51e758c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Wed, 17 Aug 2022 23:14:56 +0200 Subject: [PATCH 56/61] Remove the email function MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- advanced/Scripts/webpage.sh | 33 --------------------------------- advanced/bash-completion/pihole | 2 +- manpages/pihole.8 | 5 ----- 3 files changed, 1 insertion(+), 39 deletions(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index 29c53bd6..3ee48aef 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -46,7 +46,6 @@ Options: -c, celsius Set Celsius as preferred temperature unit -f, fahrenheit Set Fahrenheit as preferred temperature unit -k, kelvin Set Kelvin as preferred temperature unit - -e, email Set an administrative contact address for the Block Page -h, --help Show this help dialog -i, interface Specify dnsmasq's interface listening behavior -l, privacylevel Set privacy level (0 = lowest, 3 = highest) @@ -568,37 +567,6 @@ RemoveDHCPStaticAddress() { } -SetAdminEmail() { - if [[ "${1}" == "-h" ]] || [[ "${1}" == "--help" ]]; then - echo "Usage: pihole -a email
-Example: 'pihole -a email admin@address.com' -Set an administrative contact address for the Block Page - -Options: - \"\" Empty: Remove admin contact - -h, --help Show this help dialog" - exit 0 - fi - - if [[ -n "${args[2]}" ]]; then - - # Sanitize email address in case of security issues - # Regex from https://stackoverflow.com/a/2138832/4065967 - local regex - regex="^[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,}\$" - if [[ ! "${args[2]}" =~ ${regex} ]]; then - echo -e " ${CROSS} Invalid email address" - exit 0 - fi - - addOrEditKeyValPair "${setupVars}" "ADMIN_EMAIL" "${args[2]}" - echo -e " ${TICK} Setting admin contact to ${args[2]}" - else - addOrEditKeyValPair "${setupVars}" "ADMIN_EMAIL" "" - echo -e " ${TICK} Removing admin contact" - fi -} - SetListeningMode() { source "${setupVars}" @@ -847,7 +815,6 @@ main() { "-h" | "--help" ) helpFunc;; "addstaticdhcp" ) AddDHCPStaticAddress;; "removestaticdhcp" ) RemoveDHCPStaticAddress;; - "-e" | "email" ) SetAdminEmail "$3";; "-i" | "interface" ) SetListeningMode "$@";; "-t" | "teleporter" ) Teleporter;; "adlist" ) CustomizeAdLists;; diff --git a/advanced/bash-completion/pihole b/advanced/bash-completion/pihole index 25208a35..29a3270d 100644 --- a/advanced/bash-completion/pihole +++ b/advanced/bash-completion/pihole @@ -15,7 +15,7 @@ _pihole() { COMPREPLY=( $(compgen -W "${opts_lists}" -- ${cur}) ) ;; "admin") - opts_admin="celsius email fahrenheit interface kelvin password privacylevel" + opts_admin="celsius fahrenheit interface kelvin password privacylevel" COMPREPLY=( $(compgen -W "${opts_admin}" -- ${cur}) ) ;; "checkout") diff --git a/manpages/pihole.8 b/manpages/pihole.8 index 4b1e5154..11c21b28 100644 --- a/manpages/pihole.8 +++ b/manpages/pihole.8 @@ -11,8 +11,6 @@ Pi-hole : A black-hole for internet advertisements .br \fBpihole -a\fR (\fB-c|-f|-k\fR) .br -\fBpihole -a -e\fR email -.br \fBpihole -a -i\fR interface .br \fBpihole -a -l\fR privacylevel @@ -132,9 +130,6 @@ Available commands and options: -f, fahrenheit Set Fahrenheit as preferred temperature unit .br -k, kelvin Set Kelvin as preferred temperature unit -.br - -e, email Set an administrative contact address for the - Block Page .br -i, interface Specify dnsmasq's interface listening behavior .br From eeccfb27f85fdf82d9e9e05ab0ed457c10bac11e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Sat, 20 Aug 2022 23:07:38 +0200 Subject: [PATCH 57/61] Remove it also from index.php together with more unused variables MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- advanced/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/index.php b/advanced/index.php index 350eb602..9a2b19e6 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -34,7 +34,7 @@ if ($serverName === "pi.hole" // When directly browsing via IP or authorized hostname // Render splash/landing page based off presence of $landPage file // Unset variables so as to not be included in $landPage or $splashPage - unset($svPasswd, $svEmail, $authorizedHosts, $validExtTypes, $currentUrlExt); + unset($authorizedHosts); // If $landPage file is present if (is_file(getcwd()."/$landPage")) { unset($serverName, $viewPort); // unset extra variables not to be included in $landpage From 5421aad03e1aa372199dd64ae8cb25dc5a9a23a6 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Mon, 22 Aug 2022 18:53:46 +0100 Subject: [PATCH 58/61] Store versions as key/value pairs rather than space delimeted values Signed-off-by: Adam Warner --- advanced/Scripts/updatecheck.sh | 60 +++++++++++++++++++++--------- advanced/Scripts/version.sh | 11 +++--- test/test_any_automated_install.py | 14 +------ 3 files changed, 50 insertions(+), 35 deletions(-) diff --git a/advanced/Scripts/updatecheck.sh b/advanced/Scripts/updatecheck.sh index afb03ebb..35986676 100755 --- a/advanced/Scripts/updatecheck.sh +++ b/advanced/Scripts/updatecheck.sh @@ -41,54 +41,78 @@ function get_local_version() { # shellcheck disable=SC1091 . /etc/pihole/setupVars.conf +utilsfile="/opt/pihole/utils.sh" +source "${utilsfile}" + +# Remove the below three legacy files if they exist +GITHUB_VERSION_FILE="/etc/pihole/GitHubVersions" +LOCAL_BRANCH_FILE="/etc/pihole/localbranches" +LOCAL_VERSION_FILE="/etc/pihole/localversions" + +if [ -f "${GITHUB_VERSION_FILE}" ]; then + rm "${GITHUB_VERSION_FILE}" +fi + +if [ -f "${LOCAL_BRANCH_FILE}" ]; then + rm "${LOCAL_BRANCH_FILE}" +fi + +if [ -f "${LOCAL_VERSION_FILE}" ]; then + rm "${LOCAL_VERSION_FILE}" +fi + +# Create new versions file if it does not exist +VERSION_FILE="/etc/pihole/versions" + +if [ ! -f "${VERSION_FILE}" ]; then + touch "${VERSION_FILE}" + chmod 644 "${VERSION_FILE}" +fi + if [[ "$2" == "remote" ]]; then if [[ "$3" == "reboot" ]]; then sleep 30 fi - GITHUB_VERSION_FILE="/etc/pihole/GitHubVersions" - GITHUB_CORE_VERSION="$(json_extract tag_name "$(curl -s 'https://api.github.com/repos/pi-hole/pi-hole/releases/latest' 2> /dev/null)")" - echo -n "${GITHUB_CORE_VERSION}" > "${GITHUB_VERSION_FILE}" - chmod 644 "${GITHUB_VERSION_FILE}" + addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_CORE_VERSION" "${GITHUB_CORE_VERSION}" if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then GITHUB_WEB_VERSION="$(json_extract tag_name "$(curl -s 'https://api.github.com/repos/pi-hole/AdminLTE/releases/latest' 2> /dev/null)")" - echo -n " ${GITHUB_WEB_VERSION}" >> "${GITHUB_VERSION_FILE}" + addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_WEB_VERSION" "${GITHUB_WEB_VERSION}" fi GITHUB_FTL_VERSION="$(json_extract tag_name "$(curl -s 'https://api.github.com/repos/pi-hole/FTL/releases/latest' 2> /dev/null)")" - echo -n " ${GITHUB_FTL_VERSION}" >> "${GITHUB_VERSION_FILE}" + addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_FTL_VERSION" "${GITHUB_FTL_VERSION}" + + if [[ "${PIHOLE_DOCKER_TAG}" ]]; then + GITHUB_DOCKER_VERSION="$(json_extract tag_name "$(curl -s 'https://api.github.com/repos/pi-hole/docker-pi-hole/releases/latest' 2> /dev/null)")" + addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_DOCKER_VERSION" "${GITHUB_DOCKER_VERSION}" + fi else - LOCAL_BRANCH_FILE="/etc/pihole/localbranches" - CORE_BRANCH="$(get_local_branch /etc/.pihole)" - echo -n "${CORE_BRANCH}" > "${LOCAL_BRANCH_FILE}" - chmod 644 "${LOCAL_BRANCH_FILE}" + addOrEditKeyValPair "${VERSION_FILE}" "CORE_BRANCH" "${CORE_BRANCH}" if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then WEB_BRANCH="$(get_local_branch /var/www/html/admin)" - echo -n " ${WEB_BRANCH}" >> "${LOCAL_BRANCH_FILE}" + addOrEditKeyValPair "${VERSION_FILE}" "WEB_BRANCH" "${WEB_BRANCH}" fi FTL_BRANCH="$(pihole-FTL branch)" - echo -n " ${FTL_BRANCH}" >> "${LOCAL_BRANCH_FILE}" - - LOCAL_VERSION_FILE="/etc/pihole/localversions" + addOrEditKeyValPair "${VERSION_FILE}" "FTL_BRANCH" "${FTL_BRANCH}" CORE_VERSION="$(get_local_version /etc/.pihole)" - echo -n "${CORE_VERSION}" > "${LOCAL_VERSION_FILE}" - chmod 644 "${LOCAL_VERSION_FILE}" + addOrEditKeyValPair "${VERSION_FILE}" "CORE_VERSION" "${CORE_VERSION}" if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then WEB_VERSION="$(get_local_version /var/www/html/admin)" - echo -n " ${WEB_VERSION}" >> "${LOCAL_VERSION_FILE}" + addOrEditKeyValPair "${VERSION_FILE}" "WEB_VERSION" "${WEB_VERSION}" fi FTL_VERSION="$(pihole-FTL version)" - echo -n " ${FTL_VERSION}" >> "${LOCAL_VERSION_FILE}" + addOrEditKeyValPair "${VERSION_FILE}" "FTL_VERSION" "${FTL_VERSION}" fi diff --git a/advanced/Scripts/version.sh b/advanced/Scripts/version.sh index 0b7b29dd..0bda197e 100755 --- a/advanced/Scripts/version.sh +++ b/advanced/Scripts/version.sh @@ -90,16 +90,17 @@ getRemoteVersion(){ local version local cachedVersions local arrCache - cachedVersions="/etc/pihole/GitHubVersions" + cachedVersions="/etc/pihole/versions" #If the above file exists, then we can read from that. Prevents overuse of GitHub API if [[ -f "$cachedVersions" ]]; then - IFS=' ' read -r -a arrCache < "$cachedVersions" + + source "$cachedVersions" case $daemon in - "pi-hole" ) echo "${arrCache[0]}";; - "AdminLTE" ) [[ "${INSTALL_WEB_INTERFACE}" == true ]] && echo "${arrCache[1]}";; - "FTL" ) [[ "${INSTALL_WEB_INTERFACE}" == true ]] && echo "${arrCache[2]}" || echo "${arrCache[1]}";; + "pi-hole" ) echo "${GITHUB_CORE_VERSION}";; + "AdminLTE" ) [[ "${INSTALL_WEB_INTERFACE}" == true ]] && echo "${GITHUB_WEB_VERSION}";; + "FTL" ) echo "${GITHUB_FTL_VERSION}";; esac return 0 diff --git a/test/test_any_automated_install.py b/test/test_any_automated_install.py index c26380a1..1e2a849b 100644 --- a/test/test_any_automated_install.py +++ b/test/test_any_automated_install.py @@ -239,24 +239,14 @@ def test_installPihole_fresh_install_readableFiles(host): 'r', '/etc/pihole/dns-servers.conf', piholeuser) actual_rc = host.run(check_servers).rc assert exit_status_success == actual_rc - # readable GitHubVersions - check_version = test_cmd.format( - 'r', '/etc/pihole/GitHubVersions', piholeuser) - actual_rc = host.run(check_version).rc - assert exit_status_success == actual_rc # readable install.log check_install = test_cmd.format( 'r', '/etc/pihole/install.log', piholeuser) actual_rc = host.run(check_install).rc assert exit_status_success == actual_rc - # readable localbranches - check_localbranch = test_cmd.format( - 'r', '/etc/pihole/localbranches', piholeuser) - actual_rc = host.run(check_localbranch).rc - assert exit_status_success == actual_rc - # readable localversions + # readable versions check_localversion = test_cmd.format( - 'r', '/etc/pihole/localversions', piholeuser) + 'r', '/etc/pihole/versions', piholeuser) actual_rc = host.run(check_localversion).rc assert exit_status_success == actual_rc # readable logrotate From a4b899c2566115d3e1faad2158a171c116dfb4f4 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Tue, 23 Aug 2022 19:10:12 +0100 Subject: [PATCH 59/61] Review suggestions (and shellcheck complaints) Signed-off-by: Adam Warner --- advanced/Scripts/updatecheck.sh | 30 ++++++++---------------------- advanced/Scripts/version.sh | 4 ++-- 2 files changed, 10 insertions(+), 24 deletions(-) diff --git a/advanced/Scripts/updatecheck.sh b/advanced/Scripts/updatecheck.sh index 35986676..0c9f385e 100755 --- a/advanced/Scripts/updatecheck.sh +++ b/advanced/Scripts/updatecheck.sh @@ -41,33 +41,19 @@ function get_local_version() { # shellcheck disable=SC1091 . /etc/pihole/setupVars.conf -utilsfile="/opt/pihole/utils.sh" -source "${utilsfile}" +# Source the utils file +# shellcheck disable=SC1091 +. /opt/pihole/utils.sh # Remove the below three legacy files if they exist -GITHUB_VERSION_FILE="/etc/pihole/GitHubVersions" -LOCAL_BRANCH_FILE="/etc/pihole/localbranches" -LOCAL_VERSION_FILE="/etc/pihole/localversions" - -if [ -f "${GITHUB_VERSION_FILE}" ]; then - rm "${GITHUB_VERSION_FILE}" -fi - -if [ -f "${LOCAL_BRANCH_FILE}" ]; then - rm "${LOCAL_BRANCH_FILE}" -fi - -if [ -f "${LOCAL_VERSION_FILE}" ]; then - rm "${LOCAL_VERSION_FILE}" -fi +rm -f "/etc/pihole/GitHubVersions" +rm -f "/etc/pihole/localbranches" +rm -f "/etc/pihole/localversions" # Create new versions file if it does not exist VERSION_FILE="/etc/pihole/versions" - -if [ ! -f "${VERSION_FILE}" ]; then - touch "${VERSION_FILE}" - chmod 644 "${VERSION_FILE}" -fi +touch "${VERSION_FILE}" +chmod 644 "${VERSION_FILE}" if [[ "$2" == "remote" ]]; then diff --git a/advanced/Scripts/version.sh b/advanced/Scripts/version.sh index 0bda197e..7f44d35e 100755 --- a/advanced/Scripts/version.sh +++ b/advanced/Scripts/version.sh @@ -89,13 +89,13 @@ getRemoteVersion(){ local daemon="${1}" local version local cachedVersions - local arrCache cachedVersions="/etc/pihole/versions" #If the above file exists, then we can read from that. Prevents overuse of GitHub API if [[ -f "$cachedVersions" ]]; then - source "$cachedVersions" + # shellcheck disable=SC1090 + . "$cachedVersions" case $daemon in "pi-hole" ) echo "${GITHUB_CORE_VERSION}";; From 1335c44deba1df77ed4d369ec7524ac512fac738 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Wed, 24 Aug 2022 20:36:21 +0200 Subject: [PATCH 60/61] Add jq to dependencies MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- automated install/basic-install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 4d860d33..a51f5d9a 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -330,7 +330,7 @@ package_manager_detect() { # Packages required to run this install script (stored as an array) INSTALLER_DEPS=(git iproute2 dialog ca-certificates) # Packages required to run Pi-hole (stored as an array) - PIHOLE_DEPS=(cron curl iputils-ping psmisc sudo unzip idn2 libcap2-bin dns-root-data libcap2 netcat-openbsd procps) + PIHOLE_DEPS=(cron curl iputils-ping psmisc sudo unzip idn2 libcap2-bin dns-root-data libcap2 netcat-openbsd procps jq) # Packages required for the Web admin interface (stored as an array) # It's useful to separate this from Pi-hole, since the two repos are also setup separately PIHOLE_WEB_DEPS=(lighttpd "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-sqlite3" "${phpVer}-xml" "${phpVer}-intl") @@ -360,7 +360,7 @@ package_manager_detect() { PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l || true" OS_CHECK_DEPS=(grep bind-utils) INSTALLER_DEPS=(git dialog iproute newt procps-ng which chkconfig ca-certificates) - PIHOLE_DEPS=(cronie curl findutils sudo unzip libidn2 psmisc libcap nmap-ncat) + PIHOLE_DEPS=(cronie curl findutils sudo unzip libidn2 psmisc libcap nmap-ncat jq) PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php-common php-cli php-pdo php-xml php-json php-intl) LIGHTTPD_USER="lighttpd" LIGHTTPD_GROUP="lighttpd" From 49b9dc8888b399439cf983ae2796738882e83805 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Wed, 24 Aug 2022 21:44:29 +0200 Subject: [PATCH 61/61] Remove json_extract function MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- advanced/Scripts/updatecheck.sh | 25 ++++--------------------- 1 file changed, 4 insertions(+), 21 deletions(-) diff --git a/advanced/Scripts/updatecheck.sh b/advanced/Scripts/updatecheck.sh index 0c9f385e..37211cc6 100755 --- a/advanced/Scripts/updatecheck.sh +++ b/advanced/Scripts/updatecheck.sh @@ -8,23 +8,6 @@ # This file is copyright under the latest version of the EUPL. # Please see LICENSE file for your rights under this license. -# Credit: https://stackoverflow.com/a/46324904 -function json_extract() { - local key=$1 - local json=$2 - - local string_regex='"([^"\]|\\.)*"' - local number_regex='-?(0|[1-9][0-9]*)(\.[0-9]+)?([eE][+-]?[0-9]+)?' - local value_regex="${string_regex}|${number_regex}|true|false|null" - local pair_regex="\"${key}\"[[:space:]]*:[[:space:]]*(${value_regex})" - - if [[ ${json} =~ ${pair_regex} ]]; then - echo $(sed 's/^"\|"$//g' <<< "${BASH_REMATCH[1]}") - else - return 1 - fi -} - function get_local_branch() { # Return active branch cd "${1}" 2> /dev/null || return 1 @@ -61,19 +44,19 @@ if [[ "$2" == "remote" ]]; then sleep 30 fi - GITHUB_CORE_VERSION="$(json_extract tag_name "$(curl -s 'https://api.github.com/repos/pi-hole/pi-hole/releases/latest' 2> /dev/null)")" + GITHUB_CORE_VERSION="$(curl -s 'https://api.github.com/repos/pi-hole/pi-hole/releases/latest' 2> /dev/null | jq --raw-output .tag_name)" addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_CORE_VERSION" "${GITHUB_CORE_VERSION}" if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then - GITHUB_WEB_VERSION="$(json_extract tag_name "$(curl -s 'https://api.github.com/repos/pi-hole/AdminLTE/releases/latest' 2> /dev/null)")" + GITHUB_WEB_VERSION="$(curl -s 'https://api.github.com/repos/pi-hole/AdminLTE/releases/latest' 2> /dev/null | jq --raw-output .tag_name)" addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_WEB_VERSION" "${GITHUB_WEB_VERSION}" fi - GITHUB_FTL_VERSION="$(json_extract tag_name "$(curl -s 'https://api.github.com/repos/pi-hole/FTL/releases/latest' 2> /dev/null)")" + GITHUB_FTL_VERSION="$(curl -s 'https://api.github.com/repos/pi-hole/FTL/releases/latest' 2> /dev/null | jq --raw-output .tag_name)" addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_FTL_VERSION" "${GITHUB_FTL_VERSION}" if [[ "${PIHOLE_DOCKER_TAG}" ]]; then - GITHUB_DOCKER_VERSION="$(json_extract tag_name "$(curl -s 'https://api.github.com/repos/pi-hole/docker-pi-hole/releases/latest' 2> /dev/null)")" + GITHUB_DOCKER_VERSION="$(curl -s 'https://api.github.com/repos/pi-hole/docker-pi-hole/releases/latest' 2> /dev/null | jq --raw-output .tag_name)" addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_DOCKER_VERSION" "${GITHUB_DOCKER_VERSION}" fi