Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/pi-hole/pi-hole.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/advanced
diff options
context:
space:
mode:
Diffstat (limited to 'advanced')
-rw-r--r--advanced/Scripts/COL_TABLE4
-rwxr-xr-xadvanced/Scripts/chronometer.sh14
-rwxr-xr-xadvanced/Scripts/pihole-reenable.sh23
-rw-r--r--advanced/Scripts/piholeCheckout.sh6
-rwxr-xr-xadvanced/Scripts/piholeDebug.sh127
-rwxr-xr-xadvanced/Scripts/query.sh2
-rwxr-xr-xadvanced/Scripts/setupLCD.sh4
-rwxr-xr-xadvanced/Scripts/version.sh4
-rwxr-xr-xadvanced/Scripts/webpage.sh95
-rw-r--r--advanced/Templates/gravity.db.sql5
-rw-r--r--advanced/Templates/pihole-FTL.service14
-rw-r--r--advanced/Templates/pihole.cron2
-rw-r--r--advanced/blockingpage.css174
-rw-r--r--advanced/dnsmasq.conf.original12
-rw-r--r--advanced/index.php77
-rw-r--r--advanced/lighttpd.conf.debian74
-rw-r--r--advanced/lighttpd.conf.fedora97
17 files changed, 464 insertions, 270 deletions
diff --git a/advanced/Scripts/COL_TABLE b/advanced/Scripts/COL_TABLE
index 57aab4dd..d76be68c 100644
--- a/advanced/Scripts/COL_TABLE
+++ b/advanced/Scripts/COL_TABLE
@@ -1,7 +1,7 @@
-# Determine if terminal is capable of showing colours
+# Determine if terminal is capable of showing colors
if [[ -t 1 ]] && [[ $(tput colors) -ge 8 ]]; then
# Bold and underline may not show up on all clients
- # If something MUST be emphasised, use both
+ # If something MUST be emphasized, use both
COL_BOLD=''
COL_ULINE=''
diff --git a/advanced/Scripts/chronometer.sh b/advanced/Scripts/chronometer.sh
index 1a4ce993..98f43c3f 100755
--- a/advanced/Scripts/chronometer.sh
+++ b/advanced/Scripts/chronometer.sh
@@ -13,7 +13,7 @@ LC_NUMERIC=C
# Retrieve stats from FTL engine
pihole-FTL() {
- ftl_port=$(cat /var/run/pihole-FTL.port 2> /dev/null)
+ ftl_port=$(cat /run/pihole-FTL.port 2> /dev/null)
if [[ -n "$ftl_port" ]]; then
# Open connection to FTL
exec 3<>"/dev/tcp/127.0.0.1/$ftl_port"
@@ -72,7 +72,7 @@ printFunc() {
# Remove excess characters from main text
if [[ "$text_main_len" -gt "$text_main_max_len" ]]; then
- # Trim text without colours
+ # Trim text without colors
text_main_trim="${text_main_nocol:0:$text_main_max_len}"
# Replace with trimmed text
text_main="${text_main/$text_main_nocol/$text_main_trim}"
@@ -88,7 +88,7 @@ printFunc() {
[[ "$spc_num" -le 0 ]] && spc_num="0"
spc=$(printf "%${spc_num}s")
- #spc="${spc// /.}" # Debug: Visualise spaces
+ #spc="${spc// /.}" # Debug: Visualize spaces
printf "%s%s$spc" "$title" "$text_main"
@@ -131,7 +131,7 @@ get_init_stats() {
printf "%s%02d:%02d:%02d\\n" "$days" "$hrs" "$mins" "$secs"
}
- # Set Colour Codes
+ # Set Color Codes
coltable="/opt/pihole/COL_TABLE"
if [[ -f "${coltable}" ]]; then
source ${coltable}
@@ -153,7 +153,7 @@ get_init_stats() {
sys_throttle_raw=$(vgt=$(sudo vcgencmd get_throttled); echo "${vgt##*x}")
- # Active Throttle Notice: http://bit.ly/2gnunOo
+ # Active Throttle Notice: https://bit.ly/2gnunOo
if [[ "$sys_throttle_raw" != "0" ]]; then
case "$sys_throttle_raw" in
*0001) thr_type="${COL_YELLOW}Under Voltage";;
@@ -269,7 +269,7 @@ get_sys_stats() {
scr_lines="${scr_size[0]}"
scr_cols="${scr_size[1]}"
- # Determine Chronometer size behaviour
+ # Determine Chronometer size behavior
if [[ "$scr_cols" -ge 58 ]]; then
chrono_width="large"
elif [[ "$scr_cols" -gt 40 ]]; then
@@ -308,7 +308,7 @@ get_sys_stats() {
[[ "${cpu_freq}" == *".0"* ]] && cpu_freq="${cpu_freq/.0/}"
fi
- # Determine colour for temperature
+ # Determine color for temperature
if [[ -n "$temp_file" ]]; then
if [[ "$temp_unit" == "C" ]]; then
cpu_temp=$(printf "%.0fc\\n" "$(calcFunc "$(< $temp_file) / 1000")")
diff --git a/advanced/Scripts/pihole-reenable.sh b/advanced/Scripts/pihole-reenable.sh
new file mode 100755
index 00000000..93ec3b95
--- /dev/null
+++ b/advanced/Scripts/pihole-reenable.sh
@@ -0,0 +1,23 @@
+#!/bin/bash
+# Pi-hole: A black hole for Internet advertisements
+# (c) 2020 Pi-hole, LLC (https://pi-hole.net)
+# Network-wide ad blocking via your own hardware.
+#
+# This file is copyright under the latest version of the EUPL.
+# Please see LICENSE file for your rights under this license.
+#
+#
+# The pihole disable command has the option to set a specified time before
+# blocking is automatically re-enabled.
+#
+# Present script is responsible for the sleep & re-enable part of the job and
+# is automatically terminated if it is still running when pihole is enabled by
+# other means.
+#
+# This ensures that pihole ends up in the correct state after a sequence of
+# commands suchs as: `pihole disable 30s; pihole enable; pihole disable`
+
+readonly PI_HOLE_BIN_DIR="/usr/local/bin"
+
+sleep "${1}"
+"${PI_HOLE_BIN_DIR}"/pihole enable
diff --git a/advanced/Scripts/piholeCheckout.sh b/advanced/Scripts/piholeCheckout.sh
index 31009dd9..1c1b16a4 100644
--- a/advanced/Scripts/piholeCheckout.sh
+++ b/advanced/Scripts/piholeCheckout.sh
@@ -3,7 +3,7 @@
# (c) 2017 Pi-hole, LLC (https://pi-hole.net)
# Network-wide ad blocking via your own hardware.
#
-# Switch Pi-hole subsystems to a different Github branch.
+# Switch Pi-hole subsystems to a different GitHub branch.
#
# This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license.
@@ -36,7 +36,7 @@ warning1() {
return 0
;;
*)
- echo -e "\\n ${INFO} Branch change has been cancelled"
+ echo -e "\\n ${INFO} Branch change has been canceled"
return 1
;;
esac
@@ -84,7 +84,7 @@ checkout() {
echo -e " ${INFO} Shortcut \"dev\" detected - checking out development / devel branches..."
echo ""
echo -e " ${INFO} Pi-hole Core"
- fetch_checkout_pull_branch "${PI_HOLE_FILES_DIR}" "development" || { echo " ${CROSS} Unable to pull Core developement branch"; exit 1; }
+ fetch_checkout_pull_branch "${PI_HOLE_FILES_DIR}" "development" || { echo " ${CROSS} Unable to pull Core development branch"; exit 1; }
if [[ "${INSTALL_WEB_INTERFACE}" == "true" ]]; then
echo ""
echo -e " ${INFO} Web interface"
diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh
index d61edf08..3d42d7e1 100755
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -87,7 +87,7 @@ PIHOLE_DHCP_CONFIG_FILE="${DNSMASQ_D_DIRECTORY}/02-pihole-dhcp.conf"
PIHOLE_WILDCARD_CONFIG_FILE="${DNSMASQ_D_DIRECTORY}/03-wildcard.conf"
WEB_SERVER_CONFIG_FILE="${WEB_SERVER_CONFIG_DIRECTORY}/lighttpd.conf"
-#WEB_SERVER_CUSTOM_CONFIG_FILE="${WEB_SERVER_CONFIG_DIRECTORY}/external.conf"
+WEB_SERVER_CUSTOM_CONFIG_FILE="${WEB_SERVER_CONFIG_DIRECTORY}/external.conf"
PIHOLE_INSTALL_LOG_FILE="${PIHOLE_DIRECTORY}/install.log"
PIHOLE_RAW_BLOCKLIST_FILES="${PIHOLE_DIRECTORY}/list.*"
@@ -138,7 +138,7 @@ PIHOLE_FTL_LOG="$(get_ftl_conf_value "LOGFILE" "${LOG_DIRECTORY}/pihole-FTL.log"
PIHOLE_WEB_SERVER_ACCESS_LOG_FILE="${WEB_SERVER_LOG_DIRECTORY}/access.log"
PIHOLE_WEB_SERVER_ERROR_LOG_FILE="${WEB_SERVER_LOG_DIRECTORY}/error.log"
-# An array of operating system "pretty names" that we officialy support
+# An array of operating system "pretty names" that we officially support
# We can loop through the array at any time to see if it matches a value
#SUPPORTED_OS=("Raspbian" "Ubuntu" "Fedora" "Debian" "CentOS")
@@ -166,11 +166,13 @@ REQUIRED_FILES=("${PIHOLE_CRON_FILE}"
"${PIHOLE_DHCP_CONFIG_FILE}"
"${PIHOLE_WILDCARD_CONFIG_FILE}"
"${WEB_SERVER_CONFIG_FILE}"
+"${WEB_SERVER_CUSTOM_CONFIG_FILE}"
"${PIHOLE_INSTALL_LOG_FILE}"
"${PIHOLE_RAW_BLOCKLIST_FILES}"
"${PIHOLE_LOCAL_HOSTS_FILE}"
"${PIHOLE_LOGROTATE_FILE}"
"${PIHOLE_SETUP_VARS_FILE}"
+"${PIHOLE_FTL_CONF_FILE}"
"${PIHOLE_COMMAND}"
"${PIHOLE_COLTABLE_FILE}"
"${FTL_PID}"
@@ -296,11 +298,15 @@ compare_local_version_to_git_version() {
log_write "${INFO} ${pihole_component}: ${COL_YELLOW}${remote_version:-Untagged}${COL_NC} (${FAQ_UPDATE_PI_HOLE})"
fi
+ # Print the repo upstreams
+ remotes=$(git remote -v)
+ log_write "${INFO} Remotes: ${remotes//$'\n'/'\n '}"
+
# If the repo is on the master branch, they are on the stable codebase
if [[ "${remote_branch}" == "master" ]]; then
# so the color of the text is green
log_write "${INFO} Branch: ${COL_GREEN}${remote_branch}${COL_NC}"
- # If it is any other branch, they are in a developement branch
+ # If it is any other branch, they are in a development branch
else
# So show that in yellow, signifying it's something to take a look at, but not a critical error
log_write "${INFO} Branch: ${COL_YELLOW}${remote_branch:-Detached}${COL_NC} (${FAQ_CHECKOUT_COMMAND})"
@@ -309,7 +315,7 @@ compare_local_version_to_git_version() {
log_write "${INFO} Commit: ${remote_commit}"
# if `local_status` is non-null, then the repo is not clean, display details here
if [[ ${local_status} ]]; then
- #Replace new lines in the status with 12 spaces to make the output cleaner
+ # Replace new lines in the status with 12 spaces to make the output cleaner
log_write "${INFO} Status: ${local_status//$'\n'/'\n '}"
local local_diff
local_diff=$(git diff)
@@ -357,7 +363,7 @@ check_component_versions() {
get_program_version() {
local program_name="${1}"
- # Create a loval variable so this function can be safely reused
+ # Create a local variable so this function can be safely reused
local program_version
echo_current_diagnostic "${program_name} version"
# Evalutate the program we are checking, if it is any of the ones below, show the version
@@ -387,53 +393,53 @@ check_critical_program_versions() {
get_program_version "php"
}
-is_os_supported() {
- local os_to_check="${1}"
- # Strip just the base name of the system using sed
- # shellcheck disable=SC2001
- the_os=$(echo "${os_to_check}" | sed 's/ .*//')
- # If the variable is one of our supported OSes,
- case "${the_os}" in
- # Print it in green
- "Raspbian") log_write "${TICK} ${COL_GREEN}${os_to_check}${COL_NC}";;
- "Ubuntu") log_write "${TICK} ${COL_GREEN}${os_to_check}${COL_NC}";;
- "Fedora") log_write "${TICK} ${COL_GREEN}${os_to_check}${COL_NC}";;
- "Debian") log_write "${TICK} ${COL_GREEN}${os_to_check}${COL_NC}";;
- "CentOS") log_write "${TICK} ${COL_GREEN}${os_to_check}${COL_NC}";;
- # If not, show it in red and link to our software requirements page
- *) log_write "${CROSS} ${COL_RED}${os_to_check}${COL_NC} (${FAQ_HARDWARE_REQUIREMENTS})";
- esac
-}
+os_check() {
+ # This function gets a list of supported OS versions from a TXT record at versions.pi-hole.net
+ # and determines whether or not the script is running on one of those systems
+ local remote_os_domain valid_os valid_version detected_os_pretty detected_os detected_version
+ remote_os_domain="versions.pi-hole.net"
+ valid_os=false
+ valid_version=false
+
+ detected_os_pretty=$(cat /etc/*release | grep PRETTY_NAME | cut -d '=' -f2- | tr -d '"')
+ detected_os="${detected_os_pretty%% *}"
+ detected_version=$(cat /etc/*release | grep VERSION_ID | cut -d '=' -f2- | tr -d '"')
+
+ IFS=" " read -r -a supportedOS < <(dig +short -t txt ${remote_os_domain} | tr -d '"')
+
+ for i in "${supportedOS[@]}"
+ do
+ os_part=$(echo "$i" | cut -d '=' -f1)
+ versions_part=$(echo "$i" | cut -d '=' -f2-)
+
+ if [[ "${detected_os}" =~ ${os_part} ]]; then
+ valid_os=true
+ IFS="," read -r -a supportedVer <<<"${versions_part}"
+ for x in "${supportedVer[@]}"
+ do
+ if [[ "${detected_version}" =~ $x ]];then
+ valid_version=true
+ break
+ fi
+ done
+ break
+ fi
+ done
-get_distro_attributes() {
- # Put the current Internal Field Separator into another variable so it can be restored later
- OLD_IFS="$IFS"
- # Store the distro info in an array and make it global since the OS won't change,
- # but we'll keep it within the function for better unit testing
- local distro_info
- #shellcheck disable=SC2016
- IFS=$'\r\n' command eval 'distro_info=( $(cat /etc/*release) )'
+ # Display findings back to the user
+ if [ "$valid_os" = true ]; then
+ log_write "${TICK} Distro: ${COL_GREEN}${detected_os}${COL_NC}"
- # Set a named variable for better readability
- local distro_attribute
- # For each line found in an /etc/*release file,
- for distro_attribute in "${distro_info[@]}"; do
- # store the key in a variable
- local pretty_name_key
- pretty_name_key=$(echo "${distro_attribute}" | grep "PRETTY_NAME" | cut -d '=' -f1)
- # we need just the OS PRETTY_NAME,
- if [[ "${pretty_name_key}" == "PRETTY_NAME" ]]; then
- # so save in in a variable when we find it
- PRETTY_NAME_VALUE=$(echo "${distro_attribute}" | grep "PRETTY_NAME" | cut -d '=' -f2- | tr -d '"')
- # then pass it as an argument that checks if the OS is supported
- is_os_supported "${PRETTY_NAME_VALUE}"
+ if [ "$valid_version" = true ]; then
+ log_write "${TICK} Version: ${COL_GREEN}${detected_version}${COL_NC}"
else
- # Since we only need the pretty name, we can just skip over anything that is not a match
- :
+ log_write "${CROSS} Version: ${COL_RED}${detected_version}${COL_NC}"
+ log_write "${CROSS} Error: ${COL_RED}${detected_os} is supported but version ${detected_version} is currently unsupported (${FAQ_HARDWARE_REQUIREMENTS})${COL_NC}"
fi
- done
- # Set the IFS back to what it was
- IFS="$OLD_IFS"
+ else
+ log_write "${CROSS} Distro: ${COL_RED}${detected_os}${COL_NC}"
+ log_write "${CROSS} Error: ${COL_RED}${detected_os} is not a supported distro (${FAQ_HARDWARE_REQUIREMENTS})${COL_NC}"
+ fi
}
diagnose_operating_system() {
@@ -445,7 +451,7 @@ diagnose_operating_system() {
# If there is a /etc/*release file, it's probably a supported operating system, so we can
if ls /etc/*release 1> /dev/null 2>&1; then
# display the attributes to the user from the function made earlier
- get_distro_attributes
+ os_check
else
# If it doesn't exist, it's not a system we currently support and link to FAQ
log_write "${CROSS} ${COL_RED}${error_msg}${COL_NC} (${FAQ_HARDWARE_REQUIREMENTS})"
@@ -747,7 +753,7 @@ check_x_headers() {
# Do it for the dashboard as well, as the header is different than above
local dashboard
dashboard=$(curl -Is localhost/admin/ | awk '/X-Pi-hole/' | tr -d '\r')
- # Store what the X-Header shoud be in variables for comparision later
+ # Store what the X-Header shoud be in variables for comparison later
local block_page_working
block_page_working="X-Pi-hole: A black hole for Internet advertisements."
local dashboard_working
@@ -818,7 +824,7 @@ dig_at() {
# First, do a dig on localhost to see if Pi-hole can use itself to block a domain
if local_dig=$(dig +tries=1 +time=2 -"${protocol}" "${random_url}" @${local_address} +short "${record_type}"); then
- # If it can, show sucess
+ # If it can, show success
log_write "${TICK} ${random_url} ${COL_GREEN}is ${local_dig}${COL_NC} via ${COL_CYAN}localhost$COL_NC (${local_address})"
else
# Otherwise, show a failure
@@ -969,7 +975,7 @@ check_name_resolution() {
# This function can check a directory exists
# Pi-hole has files in several places, so we will reuse this function
dir_check() {
- # Set the first argument passed to tihs function as a named variable for better readability
+ # Set the first argument passed to this function as a named variable for better readability
local directory="${1}"
# Display the current test that is running
echo_current_diagnostic "contents of ${COL_CYAN}${directory}${COL_NC}"
@@ -987,14 +993,14 @@ dir_check() {
}
list_files_in_dir() {
- # Set the first argument passed to tihs function as a named variable for better readability
+ # Set the first argument passed to this function as a named variable for better readability
local dir_to_parse="${1}"
# Store the files found in an array
mapfile -t files_found < <(ls "${dir_to_parse}")
# For each file in the array,
for each_file in "${files_found[@]}"; do
if [[ -d "${dir_to_parse}/${each_file}" ]]; then
- # If it's a directoy, do nothing
+ # If it's a directory, do nothing
:
elif [[ "${dir_to_parse}/${each_file}" == "${PIHOLE_DEBUG_LOG}" ]] || \
[[ "${dir_to_parse}/${each_file}" == "${PIHOLE_RAW_BLOCKLIST_FILES}" ]] || \
@@ -1187,7 +1193,7 @@ analyze_pihole_log() {
# So first check if there are domains in the log that should be obfuscated
if [[ -n ${line_to_obfuscate} ]]; then
# If there are, we need to use awk to replace only the domain name (the 6th field in the log)
- # so we substitue the domain for the placeholder value
+ # so we substitute the domain for the placeholder value
obfuscated_line=$(echo "${line_to_obfuscate}" | awk -v placeholder="${OBFUSCATED_PLACEHOLDER}" '{sub($6,placeholder); print $0}')
log_write " ${obfuscated_line}"
else
@@ -1209,6 +1215,11 @@ tricorder_use_nc_or_curl() {
log_write " * Using ${COL_GREEN}curl${COL_NC} for transmission."
# transmit he log via TLS and store the token returned in a variable
tricorder_token=$(curl --silent --upload-file ${PIHOLE_DEBUG_LOG} https://tricorder.pi-hole.net:${TRICORDER_SSL_PORT_NUMBER})
+ if [ -z "${tricorder_token}" ]; then
+ # curl failed, fallback to nc
+ log_write " * ${COL_GREEN}curl${COL_NC} failed, falling back to ${COL_YELLOW}netcat${COL_NC} for transmission."
+ tricorder_token=$(< ${PIHOLE_DEBUG_LOG} nc tricorder.pi-hole.net ${TRICORDER_NC_PORT_NUMBER})
+ fi
# Otherwise,
else
# use net cat
@@ -1235,7 +1246,7 @@ upload_to_tricorder() {
log_write " * The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only."
log_write " * For more information, see: ${TRICORDER_CONTEST}"
log_write " * If available, we'll use openssl to upload the log, otherwise it will fall back to netcat."
- # If pihole -d is running automatically (usually throught the dashboard)
+ # If pihole -d is running automatically (usually through the dashboard)
if [[ "${AUTOMATED}" ]]; then
# let the user know
log_write "${INFO} Debug script running in automated mode"
@@ -1251,9 +1262,9 @@ upload_to_tricorder() {
# If they say yes, run our function for uploading the log
[yY][eE][sS]|[yY]) tricorder_use_nc_or_curl;;
# If they choose no, just exit out of the script
- *) log_write " * Log will ${COL_GREEN}NOT${COL_NC} be uploaded to tricorder.";exit;
+ *) log_write " * Log will ${COL_GREEN}NOT${COL_NC} be uploaded to tricorder.\\n * A local copy of the debug log can be found at: ${COL_CYAN}${PIHOLE_DEBUG_LOG}${COL_NC}\\n";exit;
esac
- fi
+ fi232623
# Check if tricorder.pi-hole.net is reachable and provide token
# along with some additional useful information
if [[ -n "${tricorder_token}" ]]; then
diff --git a/advanced/Scripts/query.sh b/advanced/Scripts/query.sh
index 7518e6c4..fe9b8ebf 100755
--- a/advanced/Scripts/query.sh
+++ b/advanced/Scripts/query.sh
@@ -29,7 +29,7 @@ scanList(){
# Prevent grep from printing file path
cd "$piholeDir" || exit 1
- # Prevent grep -i matching slowly: http://bit.ly/2xFXtUX
+ # Prevent grep -i matching slowly: https://bit.ly/2xFXtUX
export LC_CTYPE=C
# /dev/null forces filename to be printed when only one list has been generated
diff --git a/advanced/Scripts/setupLCD.sh b/advanced/Scripts/setupLCD.sh
index 00eb963f..82523643 100755
--- a/advanced/Scripts/setupLCD.sh
+++ b/advanced/Scripts/setupLCD.sh
@@ -20,7 +20,7 @@ getInitSys() {
elif [ -f /etc/init.d/cron ] && [ ! -h /etc/init.d/cron ]; then
SYSTEMD=0
else
- echo "Unrecognised init system"
+ echo "Unrecognized init system"
return 1
fi
}
@@ -70,5 +70,5 @@ setupcon
reboot
# Start showing the stats on the screen by running the command on another tty:
-# http://unix.stackexchange.com/questions/170063/start-a-process-on-a-different-tty
+# https://unix.stackexchange.com/questions/170063/start-a-process-on-a-different-tty
#setsid sh -c 'exec /usr/local/bin/chronometer.sh <> /dev/tty1 >&0 2>&1'
diff --git a/advanced/Scripts/version.sh b/advanced/Scripts/version.sh
index d2c41cba..f77ee635 100755
--- a/advanced/Scripts/version.sh
+++ b/advanced/Scripts/version.sh
@@ -88,7 +88,7 @@ getRemoteVersion(){
local arrCache
cachedVersions="/etc/pihole/GitHubVersions"
- #If the above file exists, then we can read from that. Prevents overuse of Github API
+ #If the above file exists, then we can read from that. Prevents overuse of GitHub API
if [[ -f "$cachedVersions" ]]; then
IFS=' ' read -r -a arrCache < "$cachedVersions"
case $daemon in
@@ -203,7 +203,7 @@ Repositories:
Options:
-c, --current Return the current version
-l, --latest Return the latest version
- --hash Return the Github hash from your local repositories
+ --hash Return the GitHub hash from your local repositories
-h, --help Show this help dialog"
exit 0
}
diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index a518a428..1f7cc728 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -10,17 +10,22 @@
# This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license.
-readonly setupVars="/etc/pihole/setupVars.conf"
readonly dnsmasqconfig="/etc/dnsmasq.d/01-pihole.conf"
readonly dhcpconfig="/etc/dnsmasq.d/02-pihole-dhcp.conf"
readonly FTLconf="/etc/pihole/pihole-FTL.conf"
# 03 -> wildcards
readonly dhcpstaticconfig="/etc/dnsmasq.d/04-pihole-static-dhcp.conf"
-readonly PI_HOLE_BIN_DIR="/usr/local/bin"
readonly dnscustomfile="/etc/pihole/custom.list"
+readonly dnscustomcnamefile="/etc/dnsmasq.d/05-pihole-custom-cname.conf"
readonly gravityDBfile="/etc/pihole/gravity.db"
+# Source install script for ${setupVars}, ${PI_HOLE_BIN_DIR} and valid_ip()
+readonly PI_HOLE_FILES_DIR="/etc/.pihole"
+# shellcheck disable=SC2034 # used in basic-install
+PH_TEST="true"
+source "${PI_HOLE_FILES_DIR}/automated install/basic-install.sh"
+
coltable="/opt/pihole/COL_TABLE"
if [[ -f ${coltable} ]]; then
source ${coltable}
@@ -209,8 +214,34 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423
fi
if [[ "${CONDITIONAL_FORWARDING}" == true ]]; then
- add_dnsmasq_setting "server=/${CONDITIONAL_FORWARDING_DOMAIN}/${CONDITIONAL_FORWARDING_IP}"
- add_dnsmasq_setting "server=/${CONDITIONAL_FORWARDING_REVERSE}/${CONDITIONAL_FORWARDING_IP}"
+ # Convert legacy "conditional forwarding" to rev-server configuration
+ REV_SERVER=true
+ add_setting "REV_SERVER" "true"
+
+ REV_SERVER_DOMAIN="${CONDITIONAL_FORWARDING_DOMAIN}"
+ add_setting "REV_SERVER_DOMAIN" "${REV_SERVER_DOMAIN}"
+
+ REV_SERVER_TARGET="${CONDITIONAL_FORWARDING_IP}"
+ add_setting "REV_SERVER_TARGET" "${REV_SERVER_TARGET}"
+
+ # Remove obsolete settings from setupVars.conf
+ delete_setting "CONDITIONAL_FORWARDING"
+ delete_setting "CONDITIONAL_FORWARDING_REVERSE"
+ delete_setting "CONDITIONAL_FORWARDING_DOMAIN"
+ delete_setting "CONDITIONAL_FORWARDING_IP"
+
+ # Convert existing input to /24 subnet (preserves legacy behavior)
+ # This sed converts "192.168.1.2" to "192.168.1.0/24"
+ # shellcheck disable=2001
+ REV_SERVER_CIDR="$(sed "s+\\.[0-9]*$+\\.0/24+" <<< "${REV_SERVER_TARGET}")"
+ add_setting "REV_SERVER_CIDR" "${REV_SERVER_CIDR}"
+ fi
+
+ if [[ "${REV_SERVER}" == true ]]; then
+ add_dnsmasq_setting "rev-server=${REV_SERVER_CIDR},${REV_SERVER_TARGET}"
+ if [ -n "${REV_SERVER_DOMAIN}" ]; then
+ add_dnsmasq_setting "server=/${REV_SERVER_DOMAIN}/${REV_SERVER_TARGET}"
+ fi
fi
# Prevent Firefox from automatically switching over to DNS-over-HTTPS
@@ -225,7 +256,16 @@ SetDNSServers() {
IFS=',' read -r -a array <<< "${args[2]}"
for index in "${!array[@]}"
do
- add_setting "PIHOLE_DNS_$((index+1))" "${array[index]}"
+ # Replace possible "\#" by "#". This fixes AdminLTE#1427
+ local ip
+ ip="${array[index]//\\#/#}"
+
+ if valid_ip "${ip}" || valid_ip6 "${ip}" ; then
+ add_setting "PIHOLE_DNS_$((index+1))" "${ip}"
+ else
+ echo -e " ${CROSS} Invalid IP has been passed"
+ exit 1
+ fi
done
if [[ "${args[3]}" == "domain-needed" ]]; then
@@ -246,16 +286,13 @@ SetDNSServers() {
change_setting "DNSSEC" "false"
fi
- if [[ "${args[6]}" == "conditional_forwarding" ]]; then
- change_setting "CONDITIONAL_FORWARDING" "true"
- change_setting "CONDITIONAL_FORWARDING_IP" "${args[7]}"
- change_setting "CONDITIONAL_FORWARDING_DOMAIN" "${args[8]}"
- change_setting "CONDITIONAL_FORWARDING_REVERSE" "${args[9]}"
+ if [[ "${args[6]}" == "rev-server" ]]; then
+ change_setting "REV_SERVER" "true"
+ change_setting "REV_SERVER_CIDR" "${args[7]}"
+ change_setting "REV_SERVER_TARGET" "${args[8]}"
+ change_setting "REV_SERVER_DOMAIN" "${args[9]}"
else
- change_setting "CONDITIONAL_FORWARDING" "false"
- delete_setting "CONDITIONAL_FORWARDING_IP"
- delete_setting "CONDITIONAL_FORWARDING_DOMAIN"
- delete_setting "CONDITIONAL_FORWARDING_REVERSE"
+ change_setting "REV_SERVER" "false"
fi
ProcessDNSSettings
@@ -400,6 +437,10 @@ SetWebUILayout() {
change_setting "WEBUIBOXEDLAYOUT" "${args[2]}"
}
+SetWebUITheme() {
+ change_setting "WEBTHEME" "${args[2]}"
+}
+
CheckUrl(){
local regex
# Check for characters NOT allowed in URLs
@@ -595,6 +636,7 @@ SetPrivacyLevel() {
# Set privacy level. Minimum is 0, maximum is 4
if [ "${args[2]}" -ge 0 ] && [ "${args[2]}" -le 4 ]; then
changeFTLsetting "PRIVACYLEVEL" "${args[2]}"
+ pihole restartdns reload-lists
fi
}
@@ -620,6 +662,28 @@ RemoveCustomDNSAddress() {
RestartDNS
}
+AddCustomCNAMERecord() {
+ echo -e " ${TICK} Adding custom CNAME record..."
+
+ domain="${args[2]}"
+ target="${args[3]}"
+ echo "cname=${domain},${target}" >> "${dnscustomcnamefile}"
+
+ # Restart dnsmasq to load new custom CNAME records
+ RestartDNS
+}
+
+RemoveCustomCNAMERecord() {
+ echo -e " ${TICK} Removing custom CNAME record..."
+
+ domain="${args[2]}"
+ target="${args[3]}"
+ sed -i "/cname=${domain},${target}/d" "${dnscustomcnamefile}"
+
+ # Restart dnsmasq to update removed custom CNAME records
+ RestartDNS
+}
+
main() {
args=("$@")
@@ -638,6 +702,7 @@ main() {
"enabledhcp" ) EnableDHCP;;
"disabledhcp" ) DisableDHCP;;
"layout" ) SetWebUILayout;;
+ "theme" ) SetWebUITheme;;
"-h" | "--help" ) helpFunc;;
"privacymode" ) SetPrivacyMode;;
"resolve" ) ResolutionSettings;;
@@ -652,6 +717,8 @@ main() {
"-l" | "privacylevel" ) SetPrivacyLevel;;
"addcustomdns" ) AddCustomDNSAddress;;
"removecustomdns" ) RemoveCustomDNSAddress;;
+ "addcustomcname" ) AddCustomCNAMERecord;;
+ "removecustomcname" ) RemoveCustomCNAMERecord;;
* ) helpFunc;;
esac
diff --git a/advanced/Templates/gravity.db.sql b/advanced/Templates/gravity.db.sql
index 27b8797f..fcf3489b 100644
--- a/advanced/Templates/gravity.db.sql
+++ b/advanced/Templates/gravity.db.sql
@@ -16,11 +16,12 @@ CREATE TABLE domainlist
(
id INTEGER PRIMARY KEY AUTOINCREMENT,
type INTEGER NOT NULL DEFAULT 0,
- domain TEXT UNIQUE NOT NULL,
+ domain TEXT NOT NULL,
enabled BOOLEAN NOT NULL DEFAULT 1,
date_added INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
date_modified INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
- comment TEXT
+ comment TEXT,
+ UNIQUE(domain, type)
);
CREATE TABLE adlist
diff --git a/advanced/Templates/pihole-FTL.service b/advanced/Templates/pihole-FTL.service
index f32a5e89..6af449f3 100644
--- a/advanced/Templates/pihole-FTL.service
+++ b/advanced/Templates/pihole-FTL.service
@@ -1,8 +1,8 @@
#!/usr/bin/env bash
### BEGIN INIT INFO
# Provides: pihole-FTL
-# Required-Start: $remote_fs $syslog
-# Required-Stop: $remote_fs $syslog
+# Required-Start: $remote_fs $syslog $network
+# Required-Stop: $remote_fs $syslog $network
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: pihole-FTL daemon
@@ -10,7 +10,7 @@
### END INIT INFO
FTLUSER=pihole
-PIDFILE=/var/run/pihole-FTL.pid
+PIDFILE=/run/pihole-FTL.pid
get_pid() {
# First, try to obtain PID from PIDFILE
@@ -37,12 +37,12 @@ start() {
touch /var/log/pihole-FTL.log /var/log/pihole.log
touch /run/pihole-FTL.pid /run/pihole-FTL.port
touch /etc/pihole/dhcp.leases
- mkdir -p /var/run/pihole
+ mkdir -p /run/pihole
mkdir -p /var/log/pihole
- chown pihole:pihole /var/run/pihole /var/log/pihole
+ chown pihole:pihole /run/pihole /var/log/pihole
# Remove possible leftovers from previous pihole-FTL processes
rm -f /dev/shm/FTL-* 2> /dev/null
- rm /var/run/pihole/FTL.sock 2> /dev/null
+ rm /run/pihole/FTL.sock 2> /dev/null
# Ensure that permissions are set so that pihole-FTL can edit all necessary files
chown pihole:pihole /run/pihole-FTL.pid /run/pihole-FTL.port
chown pihole:pihole /etc/pihole /etc/pihole/dhcp.leases 2> /dev/null
@@ -50,7 +50,7 @@ start() {
chmod 0644 /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole.log
# Chown database files to the user FTL runs as. We ignore errors as the files may not (yet) exist
chown pihole:pihole /etc/pihole/pihole-FTL.db /etc/pihole/gravity.db 2> /dev/null
- if setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN+eip "$(which pihole-FTL)"; then
+ if setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN,CAP_SYS_NICE+eip "$(which pihole-FTL)"; then
su -s /bin/sh -c "/usr/bin/pihole-FTL" "$FTLUSER"
else
echo "Warning: Starting pihole-FTL as root because setting capabilities is not supported on this system"
diff --git a/advanced/Templates/pihole.cron b/advanced/Templates/pihole.cron
index 8dc98721..ba89efdb 100644
--- a/advanced/Templates/pihole.cron
+++ b/advanced/Templates/pihole.cron
@@ -10,7 +10,7 @@
#
#
# This file is under source-control of the Pi-hole installation and update
-# scripts, any changes made to this file will be overwritten when the softare
+# scripts, any changes made to this file will be overwritten when the software
# is updated or re-installed. Please make any changes to the appropriate crontab
# or other cron file snippets.
diff --git a/advanced/blockingpage.css b/advanced/blockingpage.css
index e74844d1..9f82a27e 100644
--- a/advanced/blockingpage.css
+++ b/advanced/blockingpage.css
@@ -6,45 +6,46 @@
* Please see LICENSE file for your rights under this license. */
/* Text Customisation Options ======> */
-.title:before { content: "Website Blocked"; }
-.altBtn:before { content: "Why am I here?"; }
-.linkPH:before { content: "About Pi-hole"; }
-.linkEmail:before { content: "Contact Admin"; }
-
-#bpOutput.add:before { content: "Info"; }
-#bpOutput.add:after { content: "The domain is being whitelisted..."; }
-#bpOutput.error:before, .unhandled:before { content: "Error"; }
-#bpOutput.unhandled:after { content: "An unhandled exception occured. This may happen when your browser is unable to load jQuery, or when the webserver is denying access to the Pi-hole API."; }
-#bpOutput.success:before { content: "Success"; }
-#bpOutput.success:after { content: "Website has been whitelisted! You may need to flush your DNS cache"; }
-
-.recentwl:before { content: "This site has been whitelisted. Please flush your DNS cache and/or restart your browser."; }
-.unknown:before { content: "This website is not found in any of Pi-hole's blacklists. The reason you have arrived here is unknown."; }
-.cname:before { content: "This site is an alias for "; } /* <a href="http://cname.com">cname.com</a> */
-.cname:after { content: ", which may be blocked by Pi-hole."; }
-
-.blacklist:before { content: "Manually Blacklisted"; }
-.wildcard:before { content: "Manually Blacklisted by Wildcard"; }
-.noblock:before { content: "Not found on any Blacklist"; }
-
-#bpBlock:before { content: "Access to the following website has been denied:"; }
-#bpFlag:before { content: "This is primarily due to being flagged as:"; }
-
-#bpHelpTxt:before { content: "If you have an ongoing use for this website, please "; }
-#bpHelpTxt a:before, #bpHelpTxt span:before { content: "ask the administrator"; }
-#bpHelpTxt:after{ content: " of the Pi-hole on this network to have it whitelisted"; }
-
-#bpBack:before { content: "Back to safety"; }
-#bpInfo:before { content: "Technical Info"; }
-#bpFoundIn:before { content: "This site is found in "; }
-#bpFoundIn span:after { content: " of "; }
-#bpFoundIn:after { content: " lists:"; }
-#bpWhitelist:before { content: "Whitelist"; }
-
-footer span:before { content: "Page generated on "; }
+.title::before { content: "Website Blocked"; }
+.altBtn::before { content: "Why am I here?"; }
+.linkPH::before { content: "About Pi-hole"; }
+.linkEmail::before { content: "Contact Admin"; }
+
+#bpOutput.add::before { content: "Info"; }
+#bpOutput.add::after { content: "The domain is being whitelisted..."; }
+#bpOutput.error::before, .unhandled::before { content: "Error"; }
+#bpOutput.unhandled::after { content: "An unhandled exception occurred. This may happen when your browser is unable to load jQuery, or when the webserver is denying access to the Pi-hole API."; }
+#bpOutput.success::before { content: "Success"; }
+#bpOutput.success::after { content: "Website has been whitelisted! You may need to flush your DNS cache"; }
+
+.recentwl::before { content: "This site has been whitelisted. Please flush your DNS cache and/or restart your browser."; }
+.unknown::before { content: "This website is not found in any of Pi-hole's blacklists. The reason you have arrived here is unknown."; }
+.cname::before { content: "This site is an alias for "; } /* <a href="http://cname.com">cname.com</a> */
+.cname::after { content: ", which may be blocked by Pi-hole."; }
+
+.blacklist::before { content: "Manually Blacklisted"; }
+.wildcard::before { content: "Manually Blacklisted by Wildcard"; }
+.noblock::before { content: "Not found on any Blacklist"; }
+
+#bpBlock::before { content: "Access to the following website has been denied:"; }
+#bpFlag::before { content: "This is primarily due to being flagged as:"; }
+
+#bpHelpTxt::before { content: "If you have an ongoing use for this website, please "; }
+#bpHelpTxt a::before, #bpHelpTxt span::before { content: "ask the administrator"; }
+#bpHelpTxt::after{ content: " of the Pi-hole on this network to have it whitelisted"; }
+
+#bpBack::before { content: "Back to safety"; }
+#bpInfo::before { content: "Technical Info"; }
+#bpFoundIn::before { content: "This site is found in "; }
+#bpFoundIn span::after { content: " of "; }
+#bpFoundIn::after { content: " lists:"; }
+#bpWhitelist::before { content: "Whitelist"; }
+
+footer span::before { content: "Page generated on "; }
/* Hide whitelisting form entirely */
/* #bpWLButtons { display: none; } */
+
/* Text Customisation Options <=============================== */
/* http://necolas.github.io/normalize.css ======> */
@@ -98,7 +99,7 @@ html { font-size: 62.5%; }
a { color: #3c8dbc; text-decoration: none; }
a:hover { color: #72afda; text-decoration: underline; }
-b { color: rgb(68,68,68); }
+b { color: rgb(68, 68, 68); }
p { margin: 0; }
label, .buttons a {
@@ -111,7 +112,7 @@ label, .buttons a {
label, .buttons *:not([disabled]) { cursor: pointer; }
/* Touch device dark tap highlight */
-header h1 a, label, .buttons * { -webkit-tap-highlight-color: transparent; }
+header h1 a, label, .buttons * { -webkit-tap-highlight-color: transparent; }
/* Webkit Focus Glow */
textarea, input, button { outline: none; }
@@ -120,14 +121,20 @@ textarea, input, button { outline: none; }
font-family: "Source Sans Pro";
font-style: normal;
font-weight: 400;
- src: local("Source Sans Pro"), local("SourceSansPro-Regular"), url("/admin/style/vendor/SourceSansPro/SourceSansPro-Regular.ttf") format("truetype");
+ font-display: swap;
+ src: local("Source Sans Pro Regular"), local("SourceSansPro-Regular"),
+ url("/admin/style/vendor/SourceSansPro/source-sans-pro-v13-latin-regular.woff2") format("woff2"),
+ url("/admin/style/vendor/SourceSansPro/source-sans-pro-v13-latin-regular.woff") format("woff");
}
@font-face {
font-family: "Source Sans Pro";
font-style: normal;
font-weight: 700;
- src: local("Source Sans Pro Bold"), local("SourceSansPro-Bold"), url("/admin/style/vendor/SourceSansPro/SourceSansPro-Bold.ttf") format("truetype");
+ font-display: swap;
+ src: local("Source Sans Pro Bold"), local("SourceSansPro-Bold"),
+ url("/admin/style/vendor/SourceSansPro/source-sans-pro-v13-latin-700.woff2") format("woff2"),
+ url("/admin/style/vendor/SourceSansPro/source-sans-pro-v13-latin-700.woff") format("woff");
}
body {
@@ -138,14 +145,14 @@ body {
}
/* User is greeted with a splash page when browsing to Pi-hole IP address */
-#splashpage { background: #222; color: rgba(255,255,255,0.7); text-align: center; }
+#splashpage { background: #222; color: rgba(255, 255, 255, 0.7); text-align: center; }
#splashpage img { margin: 5px; width: 256px; }
#splashpage b { color: inherit; }
#bpWrapper {
margin: 0 auto;
max-width: 1250px;
- box-shadow: 0 0 8px rgba(0,0,0,0.5);
+ box-shadow: 0 0 8px rgba(0, 0, 0, 0.5);
}
header {
@@ -164,15 +171,15 @@ header h1, header h1 a, header .spc, header #bpAlt label {
}
h1 a {
- background-color: rgba(0,0,0,0.1);
- font-family: "Helvetica Neue", Helvetica, Arial ,sans-serif;
+ background-color: rgba(0, 0, 0, 0.1);
+ font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;
font-size: 2rem;
- font-weight: normal;
+ font-weight: 400;
min-width: 230px;
- text-align: center;
+ text-align: center;
}
-h1 a:hover, header #bpAlt:hover { background-color: rgba(0,0,0,0.12); color: inherit; text-decoration: none; }
+h1 a:hover, header #bpAlt:hover { background-color: rgba(0, 0, 0, 0.12); color: inherit; text-decoration: none; }
header .spc { width: 100%; }
@@ -180,13 +187,14 @@ header #bpAlt label {
background: url("/admin/img/logo.svg") no-repeat center left 15px;
background-size: 15px 23px;
padding: 0 15px;
- text-indent: 30px;
+ text-indent: 30px;
}
-[type=checkbox][id$="Toggle"] { display: none; }
-[type=checkbox][id$="Toggle"]:checked ~ #bpAbout,
-[type=checkbox][id$="Toggle"]:checked ~ #bpMoreInfo {
- display: block; }
+[type="checkbox"][id$="Toggle"] { display: none; }
+[type="checkbox"][id$="Toggle"]:checked ~ #bpAbout,
+[type="checkbox"][id$="Toggle"]:checked ~ #bpMoreInfo {
+ display: block;
+}
/* Click anywhere else on screen to hide #bpAbout */
#bpAboutToggle:checked {
@@ -197,28 +205,28 @@ header #bpAlt label {
top: 0;
opacity: 0;
position: absolute;
- width: 100%;
+ width: 100%;
}
#bpAbout {
background: #3c8dbc;
border-bottom-left-radius: 5px;
- border: 1px solid #FFF;
+ border: 1px solid #fff;
border-right-width: 0;
- box-shadow: -1px 1px 1px rgba(0,0,0,0.12);
+ box-shadow: -1px 1px 1px rgba(0, 0, 0, 0.12);
box-sizing: border-box;
display: none;
font-size: 1.7rem;
top: 50px;
position: absolute;
right: 0;
- width: 280px;
+ width: 280px;
z-index: 1;
}
.aboutPH {
box-sizing: border-box;
- color: rgba(255,255,255,0.8);
+ color: rgba(255, 255, 255, 0.8);
display: block;
padding: 10px;
width: 100%;
@@ -237,7 +245,7 @@ header #bpAlt label {
.aboutPH p { margin: 10px 0; }
.aboutPH small { display: block; font-size: 1.2rem; }
-.aboutLink {
+.aboutLink {
background: #fff;
border-top: 1px solid #ddd;
display: table;
@@ -261,16 +269,16 @@ main {
#bpOutput {
background: #00c0ef;
border-radius: 3px;
- border: 1px solid rgba(0,0,0,0.1);
+ border: 1px solid rgba(0, 0, 0, 0.1);
color: #fff;
font-size: 1.4rem;
margin-bottom: 10px;
margin-top: 5px;
- padding: 15px;
+ padding: 15px;
}
-#bpOutput:before {
- background: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' width='7' height='14' viewBox='0 0 7 14'%3E%3Cpath fill='%23fff' d='M6,11a1.371,1.371,0,0,1,1,1v1a1.371,1.371,0,0,1-1,1H1a1.371,1.371,0,0,1-1-1V12a1.371,1.371,0,0,1,1-1H2V8H1A1.371,1.371,0,0,1,0,7V6A1.371,1.371,0,0,1,1,5H4A1.371,1.371,0,0,1,5,6v5H6ZM3.5,0A1.5,1.5,0,1,1,2,1.5,1.5,1.5,0,0,1,3.5,0Z'/%3E%3C/svg%3E") no-repeat center left;
+#bpOutput::before {
+ background: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' width='7' height='14' viewBox='0 0 7 14'%3E%3Cpath fill='%23fff' d='M6 11a1.371 1.371 0 011 1v1a1.371 1.371 0 01-1 1H1a1.371 1.371 0 01-1-1v-1a1.371 1.371 0 011-1h1V8H1a1.371 1.371 0 01-1-1V6a1.371 1.371 0 011-1h3a1.371 1.371 0 011 1v5h1zM3.5 0A1.5 1.5 0 112 1.5 1.5 1.5 0 013.5 0z'/%3E%3C/svg%3E") no-repeat center left;
display: block;
font-size: 1.8rem;
text-indent: 15px;
@@ -281,8 +289,8 @@ main {
#bpOutput.error { background: #dd4b39; }
.blockMsg, .flagMsg {
- font: bold 1.8rem Consolas, Courier, monospace;
- padding: 5px 10px 10px 10px;
+ font: 700 1.8rem Consolas, Courier, monospace;
+ padding: 5px 10px 10px;
text-indent: 15px;
}
@@ -298,7 +306,7 @@ main {
-moz-appearance: none;
-webkit-appearance: none;
border-radius: 3px;
- border: 1px solid rgba(0,0,0,0.1);
+ border: 1px solid rgba(0, 0, 0, 0.1);
box-sizing: content-box;
display: table-cell;
font-size: 1.65rem;
@@ -309,46 +317,48 @@ main {
text-align: center;
vertical-align: top;
white-space: nowrap;
- width: auto;
+ width: auto;
}
.buttons a:hover { text-decoration: none; }
/* Button hover dark overlay */
.buttons *:not(input):not([disabled]):hover {
- background-image: linear-gradient(to bottom, rgba(0,0,0,0.1), rgba(0,0,0,0.1));
- color: #FFF;
+ background-image: linear-gradient(to bottom, rgba(0, 0, 0, 0.1), rgba(0, 0, 0, 0.1));
+ color: #fff;
}
/* Button active shadow inset */
.buttons *:not([disabled]):not(input):active {
- box-shadow: inset 0 3px 5px rgba(0,0,0,0.125);
+ box-shadow: inset 0 3px 5px rgba(0, 0, 0, 0.125);
}
-/* Input border colour */
+/* Input border color */
.buttons *:not([disabled]):hover, .buttons input:focus {
- border-color: rgba(0,0,0,0.25);
+ border-color: rgba(0, 0, 0, 0.25);
}
-#bpButtons * { width: 50%; color: #FFF; }
-#bpBack { background-color: #00a65a; }
-#bpInfo { background-color: #3c8dbc; }
+#bpButtons * { width: 50%; color: #fff; }
+#bpBack { background-color: #00a65a; }
+#bpInfo { background-color: #3c8dbc; }
#bpWhitelist { background-color: #dd4b39; }
-#blockpage .buttons [type=password][disabled] { color: rgba(0,0,0,1); }
-#blockpage .buttons [disabled] { color: rgba(0,0,0,0.55); background-color: #e3e3e3; }
-#blockpage .buttons [type=password]:-ms-input-placeholder { color: rgba(51,51,51,0.8); }
+#blockpage .buttons [type="password"][disabled] { color: rgba(0, 0, 0, 1); }
+#blockpage .buttons [disabled] { color: rgba(0, 0, 0, 0.55); background-color: #e3e3e3; }
+#blockpage .buttons [type="password"]:-ms-input-placeholder { color: rgba(51, 51, 51, 0.8); }
+
+input[type="password"] { font-size: 1.5rem; }
-input[type=password] { font-size: 1.5rem; }
+@-webkit-keyframes slidein { from { max-height: 0; opacity: 0; } to { max-height: 300px; opacity: 1; } }
@keyframes slidein { from { max-height: 0; opacity: 0; } to { max-height: 300px; opacity: 1; } }
-#bpMoreToggle:checked ~ #bpMoreInfo { display: block; margin-top: 8px; animation: slidein 0.05s linear; }
+#bpMoreToggle:checked ~ #bpMoreInfo { display: block; margin-top: 8px; -webkit-animation: slidein 0.05s linear; animation: slidein 0.05s linear; }
#bpMoreInfo { display: none; margin-top: 10px; }
#bpQueryOutput {
font-size: 1.2rem;
line-height: 1.65rem;
- margin: 5px 0 0 0;
+ margin: 5px 0 0;
overflow: auto;
padding: 0 5px;
-webkit-overflow-scrolling: touch;
@@ -367,13 +377,13 @@ footer {
border-top: 1px solid #d2d6de;
color: #444;
font: 1.2rem Consolas, Courier, monospace;
- padding: 8px;
+ padding: 8px;
}
/* Responsive Content */
@media only screen and (max-width: 500px) {
h1 a { font-size: 1.8rem; min-width: 170px; }
- footer span:before { content: "Generated "; }
+ footer span::before { content: "Generated "; }
footer span { display: block; }
}
diff --git a/advanced/dnsmasq.conf.original b/advanced/dnsmasq.conf.original
index 9e4cc92e..6758f0b8 100644
--- a/advanced/dnsmasq.conf.original
+++ b/advanced/dnsmasq.conf.original
@@ -46,7 +46,7 @@
#resolv-file=
# By default, dnsmasq will send queries to any of the upstream
-# servers it knows about and tries to favour servers to are known
+# servers it knows about and tries to favor servers to are known
# to be up. Uncommenting this forces dnsmasq to try each query
# with each server strictly in the order they appear in
# /etc/resolv.conf
@@ -189,7 +189,7 @@
# add names to the DNS for the IPv6 address of SLAAC-configured dual-stack
# hosts. Use the DHCPv4 lease to derive the name, network segment and
# MAC address and assume that the host will also have an
-# IPv6 address calculated using the SLAAC alogrithm.
+# IPv6 address calculated using the SLAAC algorithm.
#dhcp-range=1234::, ra-names
# Do Router Advertisements, BUT NOT DHCP for this subnet.
@@ -210,7 +210,7 @@
#dhcp-range=1234::, ra-stateless, ra-names
# Do router advertisements for all subnets where we're doing DHCPv6
-# Unless overriden by ra-stateless, ra-names, et al, the router
+# Unless overridden by ra-stateless, ra-names, et al, the router
# advertisements will have the M and O bits set, so that the clients
# get addresses and configuration from DHCPv6, and the A bit reset, so the
# clients don't use SLAAC addresses.
@@ -281,7 +281,7 @@
# Give a fixed IPv6 address and name to client with
# DUID 00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2
# Note the MAC addresses CANNOT be used to identify DHCPv6 clients.
-# Note also the they [] around the IPv6 address are obilgatory.
+# Note also the they [] around the IPv6 address are obligatory.
#dhcp-host=id:00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2, fred, [1234::5]
# Ignore any clients which are not specified in dhcp-host lines
@@ -404,14 +404,14 @@
#dhcp-option=vendor:MSFT,2,1i
# Send the Encapsulated-vendor-class ID needed by some configurations of
-# Etherboot to allow is to recognise the DHCP server.
+# Etherboot to allow is to recognize the DHCP server.
#dhcp-option=vendor:Etherboot,60,"Etherboot"
# Send options to PXELinux. Note that we need to send the options even
# though they don't appear in the parameter request list, so we need
# to use dhcp-option-force here.
# See http://syslinux.zytor.com/pxe.php#special for details.
-# Magic number - needed before anything else is recognised
+# Magic number - needed before anything else is recognized
#dhcp-option-force=208,f1:00:74:7e
# Configuration file name
#dhcp-option-force=209,configs/common
diff --git a/advanced/index.php b/advanced/index.php
index 4f2a17f7..4356f0b0 100644
--- a/advanced/index.php
+++ b/advanced/index.php
@@ -41,7 +41,7 @@ $validExtTypes = array("asp", "htm", "html", "php", "rss", "xml", "");
$currentUrlExt = pathinfo($_SERVER["REQUEST_URI"], PATHINFO_EXTENSION);
// Set mobile friendly viewport
-$viewPort = '<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"/>';
+$viewPort = '<meta name="viewport" content="width=device-width, initial-scale=1">';
// Set response header
function setHeader($type = "x") {
@@ -57,16 +57,21 @@ if ($serverName === "pi.hole"
} elseif (filter_var($serverName, FILTER_VALIDATE_IP) || in_array($serverName, $authorizedHosts)) {
// Set Splash Page output
$splashPage = "
- <html>
- <head>
- $viewPort
- <link rel='stylesheet' href='pihole/blockingpage.css' type='text/css'/>
- </head>
- <body id='splashpage'>
- <img src='admin/img/logo.svg'/><br/>
- Pi-<b>hole</b>: Your black hole for Internet advertisements<br/>
- <a href='/admin'>Did you mean to go to the admin panel?</a>
- </body>
+ <!doctype html>
+ <html lang='en'>
+ <head>
+ <meta charset='utf-8'>
+ $viewPort
+ <title>● $serverName</title>
+ <link rel='stylesheet' href='pihole/blockingpage.css'>
+ <link rel='shortcut icon' href='admin/img/favicons/favicon.ico' type='image/x-icon'>
+ </head>
+ <body id='splashpage'>
+ <img src='admin/img/logo.svg' alt='Pi-hole logo' width='256' height='377'>
+ <br>
+ <p>Pi-<strong>hole</strong>: Your black hole for Internet advertisements</p>
+ <a href='/admin'>Did you mean to go to the admin panel?</a>
+ </body>
</html>
";
@@ -79,22 +84,39 @@ if ($serverName === "pi.hole"
// Render splash/landing page when directly browsing via IP or authorized hostname
exit($renderPage);
} elseif ($currentUrlExt === "js") {
- // Serve Pi-hole Javascript for blocked domains requesting JS
+ // Serve Pi-hole JavaScript for blocked domains requesting JS
exit(setHeader("js").'var x = "Pi-hole: A black hole for Internet advertisements."');
} elseif (strpos($_SERVER["REQUEST_URI"], "?") !== FALSE && isset($_SERVER["HTTP_REFERER"])) {
// Serve blank image upon receiving REQUEST_URI w/ query string & HTTP_REFERRER
// e.g: An iframe of a blocked domain
- exit(setHeader().'<html>
- <head><script>window.close();</script></head>
- <body><img src="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs="></body>
+ exit(setHeader().'<!doctype html>
+ <html lang="en">
+ <head>
+ <meta charset="utf-8"><script>window.close();</script>
+ </head>
+ <body>
+ <img src="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=">
+ </body>
</html>');
} elseif (!in_array($currentUrlExt, $validExtTypes) || substr_count($_SERVER["REQUEST_URI"], "?")) {
// Serve SVG upon receiving non $validExtTypes URL extension or query string
// e.g: Not an iframe of a blocked domain, such as when browsing to a file/query directly
// QoL addition: Allow the SVG to be clicked on in order to quickly show the full Block Page
- $blockImg = '<a href="/"><svg xmlns="http://www.w3.org/2000/svg" width="110" height="16"><defs><style>a {text-decoration: none;} circle {stroke: rgba(152,2,2,0.5); fill: none; stroke-width: 2;} rect {fill: rgba(152,2,2,0.5);} text {opacity: 0.3; font: 11px Arial;}</style></defs><circle cx="8" cy="8" r="7"/><rect x="10.3" y="-6" width="2" height="12" transform="rotate(45)"/><text x="19.3" y="12">Blocked by Pi-hole</text></svg></a>';
- exit(setHeader()."<html>
- <head>$viewPort</head>
+ $blockImg = '<a href="/">
+ <svg xmlns="http://www.w3.org/2000/svg" width="110" height="16">
+ <circle cx="8" cy="8" r="7" fill="none" stroke="rgba(152,2,2,.5)" stroke-width="2"/>
+ <path fill="rgba(152,2,2,.5)" d="M11.526 3.04l1.414 1.415-8.485 8.485-1.414-1.414z"/>
+ <text x="19.3" y="12" opacity=".3" style="font:11px Arial">
+ Blocked by Pi-hole
+ </text>
+ </svg>
+ </a>';
+ exit(setHeader()."<!doctype html>
+ <html lang='en'>
+ <head>
+ <meta charset='utf-8'>
+ $viewPort
+ </head>
<body>$blockImg</body>
</html>");
}
@@ -227,7 +249,7 @@ if (explode("-", $phVersion)[1] != "0")
setHeader();
?>
-<!DOCTYPE html>
+<!doctype html>
<!-- Pi-hole: A black hole for Internet advertisements
* (c) 2017 Pi-hole, LLC (https://pi-hole.net)
* Network-wide ad blocking via your own hardware.
@@ -235,12 +257,12 @@ setHeader();
* This file is copyright under the latest version of the EUPL. -->
<html>
<head>
- <meta charset="UTF-8">
+ <meta charset="utf-8">
<?=$viewPort ?>
- <meta name="robots" content="noindex,nofollow"/>
+ <meta name="robots" content="noindex,nofollow">
<meta http-equiv="x-dns-prefetch-control" content="off">
- <link rel="shortcut icon" href="admin/img/favicon.png" type="image/x-icon"/>
- <link rel="stylesheet" href="pihole/blockingpage.css" type="text/css"/>
+ <link rel="stylesheet" href="pihole/blockingpage.css">
+ <link rel="shortcut icon" href="admin/img/favicons/favicon.ico" type="image/x-icon">
<title>● <?=$serverName ?></title>
<script src="admin/scripts/vendor/jquery.min.js"></script>
<script>
@@ -274,10 +296,10 @@ setHeader();
</h1>
<div class="spc"></div>
- <input id="bpAboutToggle" type="checkbox"/>
+ <input id="bpAboutToggle" type="checkbox">
<div id="bpAbout">
<div class="aboutPH">
- <div class="aboutImg"/></div>
+ <div class="aboutImg"></div>
<p>Open Source Ad Blocker
<small>Designed for Raspberry Pi</small>
</p>
@@ -314,8 +336,9 @@ setHeader();
<pre id='bpQueryOutput'><?php if ($featuredTotal > 0) foreach ($queryResults as $num => $value) { echo "<span>[$num]:</span>$adlistsUrls[$num]\n"; } ?></pre>
<form id="bpWLButtons" class="buttons">
- <input id="bpWLDomain" type="text" value="<?=$serverName ?>" disabled/>
- <input id="bpWLPassword" type="password" placeholder="Javascript disabled" disabled/><button id="bpWhitelist" type="button" disabled></button>
+ <input id="bpWLDomain" type="text" value="<?=$serverName ?>" disabled>
+ <input id="bpWLPassword" type="password" placeholder="JavaScript disabled" disabled>
+ <button id="bpWhitelist" type="button" disabled></button>
</form>
</div>
</main>
diff --git a/advanced/lighttpd.conf.debian b/advanced/lighttpd.conf.debian
index 2215bbdb..6020dfd8 100644
--- a/advanced/lighttpd.conf.debian
+++ b/advanced/lighttpd.conf.debian
@@ -16,21 +16,21 @@
###############################################################################
server.modules = (
- "mod_access",
- "mod_accesslog",
- "mod_auth",
- "mod_expire",
- "mod_compress",
- "mod_redirect",
- "mod_setenv",
- "mod_rewrite"
+ "mod_access",
+ "mod_accesslog",
+ "mod_auth",
+ "mod_expire",
+ "mod_compress",
+ "mod_redirect",
+ "mod_setenv",
+ "mod_rewrite"
)
server.document-root = "/var/www/html"
server.error-handler-404 = "/pihole/index.php"
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log"
-server.pid-file = "/var/run/lighttpd.pid"
+server.pid-file = "/run/lighttpd.pid"
server.username = "www-data"
server.groupname = "www-data"
server.port = 80
@@ -41,18 +41,45 @@ index-file.names = ( "index.php", "index.html", "index.lighttpd.html"
url.access-deny = ( "~", ".inc", ".md", ".yml", ".ini" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
-compress.cache-dir = "/var/cache/lighttpd/compress/"
-compress.filetype = ( "application/javascript", "text/css", "text/html", "text/plain" )
+compress.cache-dir = "/var/cache/lighttpd/compress/"
+compress.filetype = (
+ "application/json",
+ "application/vnd.ms-fontobject",
+ "application/xml",
+ "font/eot",
+ "font/opentype",
+ "font/otf",
+ "font/ttf",
+ "image/bmp",
+ "image/svg+xml",
+ "image/vnd.microsoft.icon",
+ "image/x-icon",
+ "text/css",
+ "text/html",
+ "text/javascript",
+ "text/plain",
+ "text/xml"
+)
-mimetype.assign = ( ".png" => "image/png",
- ".jpg" => "image/jpeg",
- ".jpeg" => "image/jpeg",
- ".html" => "text/html",
- ".css" => "text/css; charset=utf-8",
- ".js" => "application/javascript",
- ".json" => "application/json",
- ".txt" => "text/plain",
- ".svg" => "image/svg+xml" )
+mimetype.assign = (
+ ".ico" => "image/x-icon",
+ ".jpeg" => "image/jpeg",
+ ".jpg" => "image/jpeg",
+ ".png" => "image/png",
+ ".svg" => "image/svg+xml",
+ ".css" => "text/css; charset=utf-8",
+ ".html" => "text/html; charset=utf-8",
+ ".js" => "text/javascript; charset=utf-8",
+ ".json" => "application/json; charset=utf-8",
+ ".map" => "application/json; charset=utf-8",
+ ".txt" => "text/plain; charset=utf-8",
+ ".eot" => "application/vnd.ms-fontobject",
+ ".otf" => "font/otf",
+ ".ttc" => "font/collection",
+ ".ttf" => "font/ttf",
+ ".woff" => "font/woff",
+ ".woff2" => "font/woff2"
+)
# default listening port for IPv6 falls back to the IPv4 port
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
@@ -69,7 +96,7 @@ $HTTP["url"] =~ "^/admin/" {
"X-Frame-Options" => "DENY"
)
- $HTTP["url"] =~ ".ttf$" {
+ $HTTP["url"] =~ "\.(eot|otf|tt[cf]|woff2?)$" {
# Allow Block Page access to local fonts
setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
}
@@ -77,9 +104,12 @@ $HTTP["url"] =~ "^/admin/" {
# Block . files from being served, such as .git, .github, .gitignore
$HTTP["url"] =~ "^/admin/\.(.*)" {
- url.access-deny = ("")
+ url.access-deny = ("")
}
+# Default expire header
+expire.url = ( "" => "access plus 0 seconds" )
+
# Add user chosen options held in external file
# This uses include_shell instead of an include wildcard for compatibility
include_shell "cat external.conf 2>/dev/null"
diff --git a/advanced/lighttpd.conf.fedora b/advanced/lighttpd.conf.fedora
index 4232c90f..8e3bddc4 100644
--- a/advanced/lighttpd.conf.fedora
+++ b/advanced/lighttpd.conf.fedora
@@ -2,7 +2,7 @@
# (c) 2017 Pi-hole, LLC (https://pi-hole.net)
# Network-wide ad blocking via your own hardware.
#
-# lighttpd config for Pi-hole
+# Lighttpd config for Pi-hole
#
# This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license.
@@ -16,69 +16,95 @@
###############################################################################
server.modules = (
- "mod_access",
- "mod_auth",
- "mod_fastcgi",
- "mod_accesslog",
- "mod_expire",
- "mod_compress",
- "mod_redirect",
- "mod_setenv",
- "mod_rewrite"
+ "mod_access",
+ "mod_auth",
+ "mod_expire",
+ "mod_fastcgi",
+ "mod_accesslog",
+ "mod_compress",
+ "mod_redirect",
+ "mod_setenv",
+ "mod_rewrite"
)
server.document-root = "/var/www/html"
server.error-handler-404 = "/pihole/index.php"
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log"
-server.pid-file = "/var/run/lighttpd.pid"
+server.pid-file = "/run/lighttpd.pid"
server.username = "lighttpd"
server.groupname = "lighttpd"
server.port = 80
accesslog.filename = "/var/log/lighttpd/access.log"
accesslog.format = "%{%s}t|%V|%r|%s|%b"
-
index-file.names = ( "index.php", "index.html", "index.lighttpd.html" )
url.access-deny = ( "~", ".inc", ".md", ".yml", ".ini" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
-compress.cache-dir = "/var/cache/lighttpd/compress/"
-compress.filetype = ( "application/javascript", "text/css", "text/html", "text/plain" )
+compress.cache-dir = "/var/cache/lighttpd/compress/"
+compress.filetype = (
+ "application/json",
+ "application/vnd.ms-fontobject",
+ "application/xml",
+ "font/eot",
+ "font/opentype",
+ "font/otf",
+ "font/ttf",
+ "image/bmp",
+ "image/svg+xml",
+ "image/vnd.microsoft.icon",
+ "image/x-icon",
+ "text/css",
+ "text/html",
+ "text/javascript",
+ "text/plain",
+ "text/xml"
+)
-mimetype.assign = ( ".png" => "image/png",
- ".jpg" => "image/jpeg",
- ".jpeg" => "image/jpeg",
- ".html" => "text/html",
- ".css" => "text/css; charset=utf-8",
- ".js" => "application/javascript",
- ".json" => "application/json",
- ".txt" => "text/plain",
- ".svg" => "image/svg+xml" )
+mimetype.assign = (
+ ".ico" => "image/x-icon",
+ ".jpeg" => "image/jpeg",
+ ".jpg" => "image/jpeg",
+ ".png" => "image/png",
+ ".svg" => "image/svg+xml",
+ ".css" => "text/css; charset=utf-8",
+ ".html" => "text/html; charset=utf-8",
+ ".js" => "text/javascript; charset=utf-8",
+ ".json" => "application/json; charset=utf-8",
+ ".map" => "application/json; charset=utf-8",
+ ".txt" => "text/plain; charset=utf-8",
+ ".eot" => "application/vnd.ms-fontobject",
+ ".otf" => "font/otf",
+ ".ttc" => "font/collection",
+ ".ttf" => "font/ttf",
+ ".woff" => "font/woff",
+ ".woff2" => "font/woff2"
+)
# default listening port for IPv6 falls back to the IPv4 port
#include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
#include_shell "/usr/share/lighttpd/create-mime.assign.pl"
#include_shell "/usr/share/lighttpd/include-conf-enabled.pl"
-fastcgi.server = ( ".php" =>
- ( "localhost" =>
- (
- "socket" => "/tmp/php-fastcgi.socket",
- "bin-path" => "/usr/bin/php-cgi"
- )
- )
- )
+fastcgi.server = (
+ ".php" => (
+ "localhost" => (
+ "socket" => "/tmp/php-fastcgi.socket",
+ "bin-path" => "/usr/bin/php-cgi"
+ )
+ )
+)
# If the URL starts with /admin, it is the Web interface
$HTTP["url"] =~ "^/admin/" {
- # Create a response header for debugging using curl -I
+ # Create a response header for debugging using curl -I
setenv.add-response-header = (
"X-Pi-hole" => "The Pi-hole Web interface is working!",
"X-Frame-Options" => "DENY"
)
- $HTTP["url"] =~ ".ttf$" {
+ $HTTP["url"] =~ "\.(eot|otf|tt[cf]|woff2?)$" {
# Allow Block Page access to local fonts
setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
}
@@ -86,9 +112,12 @@ $HTTP["url"] =~ "^/admin/" {
# Block . files from being served, such as .git, .github, .gitignore
$HTTP["url"] =~ "^/admin/\.(.*)" {
- url.access-deny = ("")
+ url.access-deny = ("")
}
+# Default expire header
+expire.url = ( "" => "access plus 0 seconds" )
+
# Add user chosen options held in external file
# This uses include_shell instead of an include wildcard for compatibility
include_shell "cat external.conf 2>/dev/null"
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-06 08:20:38 +0300