From bb07a32b6494cbe57229f23f46fcc59b8c45bb1b Mon Sep 17 00:00:00 2001 From: Kay0u Date: Thu, 6 Jan 2022 11:23:20 +0100 Subject: [PATCH 01/14] fix when the server doesn't have an ipv4/6 --- scripts/actions/reset_default_config | 4 ++-- scripts/install | 22 ++++++++++++++++------ scripts/upgrade | 28 +++++++++++++++++++++------- 3 files changed, 39 insertions(+), 15 deletions(-) diff --git a/scripts/actions/reset_default_config b/scripts/actions/reset_default_config index 612e13b..5d03b96 100644 --- a/scripts/actions/reset_default_config +++ b/scripts/actions/reset_default_config @@ -28,8 +28,8 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) port=$(ynh_app_setting_get --app=$app --key=port) adguard_port=$(ynh_app_setting_get --app=$app --key=adguard_port) -ipv4_route_output=$(ip -4 route get 1.2.3.4 | head -n1) -ipv6_route_output=$(ip -6 route get ::1.2.3.4 | head -n1) +ipv4_route_output=$(ip -4 route get 1.2.3.4 2> /dev/null || true | head -n1) +ipv6_route_output=$(ip -6 route get ::1.2.3.4 2> /dev/null || true | head -n1) ipv4_addr="" for i in $(seq "$(echo $ipv4_route_output | wc -w)" -1 1); do diff --git a/scripts/install b/scripts/install index d9efa49..8eadd41 100644 --- a/scripts/install +++ b/scripts/install @@ -116,12 +116,22 @@ ynh_add_nginx_config #================================================= ynh_script_progression --message="Modifying a config file..." --weight=1 -ipv4_interface=$(ip route get 1.2.3.4 | grep -oP '(?<=dev )\w+') -ipv6_interface=$(ip -6 route get ::1.2.3.4 | grep -oP '(?<=dev )\w+') +ipv4_interface=$(ip route get 1.2.3.4 2> /dev/null || true | head -n1 | grep -oP '(?<=dev )\w+') +ipv6_interface=$(ip -6 route get ::1.2.3.4 2> /dev/null || true | head -n1 | grep -oP '(?<=dev )\w+') -if [ "$ipv4_interface" != "$ipv6_interface" ]; then - echo "bind-interfaces +if [ -z "$ipv4_interface" ] && [ -z "$ipv6_interface" ]; then + ynh_die --message="Impossible to find the main network interface, please report this issue." +elif [ "$ipv4_interface" != "$ipv6_interface" ]; then + if [ -z "$ipv4_interface" ]; then + echo "bind-interfaces +except-interface=$ipv6_interface" > "/etc/dnsmasq.d/$app" + elif [ -z "$ipv6_interface" ]; then + echo "bind-interfaces +except-interface=$ipv4_interface" > "/etc/dnsmasq.d/$app" + else + echo "bind-interfaces except-interface=$ipv4_interface, $ipv6_interface" > "/etc/dnsmasq.d/$app" + fi else echo "bind-interfaces except-interface=$ipv4_interface" > "/etc/dnsmasq.d/$app" @@ -131,8 +141,8 @@ systemctl restart dnsmasq ynh_store_file_checksum --file="/etc/dnsmasq.d/$app" -ipv4_route_output=$(ip -4 route get 1.2.3.4 | head -n1) -ipv6_route_output=$(ip -6 route get ::1.2.3.4 | head -n1) +ipv4_route_output=$(ip -4 route get 1.2.3.4 2> /dev/null || true | head -n1) +ipv6_route_output=$(ip -6 route get ::1.2.3.4 2> /dev/null || true | head -n1) ipv4_addr="" for i in $(seq "$(echo $ipv4_route_output | wc -w)" -1 1); do diff --git a/scripts/upgrade b/scripts/upgrade index 7a7e460..b2851da 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -121,12 +121,22 @@ ynh_install_app_dependencies $pkg_dependencies #================================================= ynh_script_progression --message="Updating a configuration file..." --weight=1 -ipv4_interface=$(ip route get 1.2.3.4 | grep -oP '(?<=dev )\w+') -ipv6_interface=$(ip -6 route get ::1.2.3.4 | grep -oP '(?<=dev )\w+') +ipv4_interface=$(ip route get 1.2.3.4 2> /dev/null || true | head -n1 | grep -oP '(?<=dev )\w+') +ipv6_interface=$(ip -6 route get ::1.2.3.4 2> /dev/null || true | head -n1 | grep -oP '(?<=dev )\w+') -if [ "$ipv4_interface" != "$ipv6_interface" ]; then - echo "bind-interfaces +if [ -z "$ipv4_interface" ] && [ -z "$ipv6_interface" ]; then + ynh_die --message="Impossible to find the main network interface, please report this issue." +elif [ "$ipv4_interface" != "$ipv6_interface" ]; then + if [ -z "$ipv4_interface" ]; then + echo "bind-interfaces +except-interface=$ipv6_interface" > "/etc/dnsmasq.d/$app" + elif [ -z "$ipv6_interface" ]; then + echo "bind-interfaces +except-interface=$ipv4_interface" > "/etc/dnsmasq.d/$app" + else + echo "bind-interfaces except-interface=$ipv4_interface, $ipv6_interface" > "/etc/dnsmasq.d/$app" + fi else echo "bind-interfaces except-interface=$ipv4_interface" > "/etc/dnsmasq.d/$app" @@ -136,8 +146,8 @@ systemctl restart dnsmasq ynh_store_file_checksum --file="/etc/dnsmasq.d/$app" -ipv4_route_output=$(ip -4 route get 1.2.3.4 | head -n1) -ipv6_route_output=$(ip -6 route get ::1.2.3.4 | head -n1) +ipv4_route_output=$(ip -4 route get 1.2.3.4 2> /dev/null || true | head -n1) +ipv6_route_output=$(ip -6 route get ::1.2.3.4 2> /dev/null || true | head -n1) ipv4_addr="" for i in $(seq "$(echo $ipv4_route_output | wc -w)" -1 1); do @@ -165,7 +175,11 @@ with open(\"$final_path/AdGuardHome.yaml\", 'r') as file: need_file_update = False if \"0.0.0.0\" in conf_file[\"dns\"][\"bind_hosts\"]: - conf_file[\"dns\"][\"bind_hosts\"] = [\"$ipv4_addr\", \"$ipv6_addr\"] + conf_file[\"dns\"][\"bind_hosts\"] = [] + if \"$ipv4_addr\": + conf_file[\"dns\"][\"bind_hosts\"].append(\"$ipv4_addr\") + if \"$ipv6_addr\": + conf_file[\"dns\"][\"bind_hosts\"].append(\"$ipv6_addr\") need_file_update = True if conf_file[\"dns\"][\"port\"] != $adguard_port: From 521118bd306f812868078655c0bf1eec3d3ad8a0 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Thu, 6 Jan 2022 11:23:37 +0100 Subject: [PATCH 02/14] bump package version --- manifest.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.json b/manifest.json index 5bf735d..5816900 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Network-wide ads & trackers blocking DNS server", "fr": "Serveur DNS, bloqueur de publicités et trackers" }, - "version": "0.107.2~ynh1", + "version": "0.107.2~ynh2", "url": "https://adguard.com/adguard-home.html", "upstream": { "license": "GPL-3.0", From e027ea6adfe26b6adf8619d27e026bce853f0859 Mon Sep 17 00:00:00 2001 From: Yunohost-Bot <> Date: Thu, 6 Jan 2022 10:23:45 +0000 Subject: [PATCH 03/14] Auto-update README --- README.md | 2 +- README_fr.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 730daca..65747ef 100644 --- a/README.md +++ b/README.md @@ -20,7 +20,7 @@ AdGuard Home is a network-wide software for blocking ads & tracking. After you s It operates as a DNS server that re-routes tracking domains to a "black hole", thus preventing your devices from connecting to those servers. It's based on software we use for our public AdGuard DNS servers -- both share a lot of common code. -**Shipped version:** 0.107.2~ynh1 +**Shipped version:** 0.107.2~ynh2 diff --git a/README_fr.md b/README_fr.md index a2fd540..0b55e1e 100644 --- a/README_fr.md +++ b/README_fr.md @@ -16,7 +16,7 @@ AdGuard Home est un logiciel à l'échelle du réseau pour bloquer les publicit Il fonctionne comme un serveur DNS qui redirige les domaines de pistage vers un "trou noir", empêchant ainsi vos appareils de se connecter à ces serveurs. Il est basé sur un logiciel que nous utilisons pour nos serveurs DNS publics AdGuard - les deux partagent beaucoup de code commun. -**Version incluse :** 0.107.2~ynh1 +**Version incluse :** 0.107.2~ynh2 From 1f1c5055f9a1580daeed17febc0f054b8b076081 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Thu, 6 Jan 2022 11:44:14 +0100 Subject: [PATCH 04/14] fixing my mess --- scripts/actions/reset_default_config | 4 ++-- scripts/install | 9 +++++---- scripts/upgrade | 8 ++++---- 3 files changed, 11 insertions(+), 10 deletions(-) diff --git a/scripts/actions/reset_default_config b/scripts/actions/reset_default_config index 5d03b96..8b5c01e 100644 --- a/scripts/actions/reset_default_config +++ b/scripts/actions/reset_default_config @@ -28,8 +28,8 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) port=$(ynh_app_setting_get --app=$app --key=port) adguard_port=$(ynh_app_setting_get --app=$app --key=adguard_port) -ipv4_route_output=$(ip -4 route get 1.2.3.4 2> /dev/null || true | head -n1) -ipv6_route_output=$(ip -6 route get ::1.2.3.4 2> /dev/null || true | head -n1) +ipv4_route_output=$(echo "$(ip -4 route get 1.2.3.4 2> /dev/null)" | head -n1) +ipv6_route_output=$(echo "$(ip -6 route get ::1.2.3.4 2> /dev/null)" | head -n1) ipv4_addr="" for i in $(seq "$(echo $ipv4_route_output | wc -w)" -1 1); do diff --git a/scripts/install b/scripts/install index 8eadd41..fe936ec 100644 --- a/scripts/install +++ b/scripts/install @@ -116,8 +116,9 @@ ynh_add_nginx_config #================================================= ynh_script_progression --message="Modifying a config file..." --weight=1 -ipv4_interface=$(ip route get 1.2.3.4 2> /dev/null || true | head -n1 | grep -oP '(?<=dev )\w+') -ipv6_interface=$(ip -6 route get ::1.2.3.4 2> /dev/null || true | head -n1 | grep -oP '(?<=dev )\w+') +# echo the ip route command to prevent a crash if the server doesn't have any ipv4/6 +ipv4_interface=$(echo "$(ip -4 route get 1.2.3.4 2> /dev/null)" | head -n1 | grep -oP '(?<=dev )\w+') +ipv6_interface=$(echo "$(ip -6 route get ::1.2.3.4 2> /dev/null)" | head -n1 | grep -oP '(?<=dev )\w+') if [ -z "$ipv4_interface" ] && [ -z "$ipv6_interface" ]; then ynh_die --message="Impossible to find the main network interface, please report this issue." @@ -141,8 +142,8 @@ systemctl restart dnsmasq ynh_store_file_checksum --file="/etc/dnsmasq.d/$app" -ipv4_route_output=$(ip -4 route get 1.2.3.4 2> /dev/null || true | head -n1) -ipv6_route_output=$(ip -6 route get ::1.2.3.4 2> /dev/null || true | head -n1) +ipv4_route_output=$(echo "$(ip -4 route get 1.2.3.4 2> /dev/null)" | head -n1 | head -n1) +ipv6_route_output=$(echo "$(ip -6 route get ::1.2.3.4 2> /dev/null)" | head -n1) ipv4_addr="" for i in $(seq "$(echo $ipv4_route_output | wc -w)" -1 1); do diff --git a/scripts/upgrade b/scripts/upgrade index b2851da..3d1aeb6 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -121,8 +121,8 @@ ynh_install_app_dependencies $pkg_dependencies #================================================= ynh_script_progression --message="Updating a configuration file..." --weight=1 -ipv4_interface=$(ip route get 1.2.3.4 2> /dev/null || true | head -n1 | grep -oP '(?<=dev )\w+') -ipv6_interface=$(ip -6 route get ::1.2.3.4 2> /dev/null || true | head -n1 | grep -oP '(?<=dev )\w+') +ipv4_interface=$(echo "$(ip -4 route get 1.2.3.4 2> /dev/null)" | head -n1 | grep -oP '(?<=dev )\w+') +ipv6_interface=$(echo "$(ip -6 route get ::1.2.3.4 2> /dev/null)" | head -n1 | grep -oP '(?<=dev )\w+') if [ -z "$ipv4_interface" ] && [ -z "$ipv6_interface" ]; then ynh_die --message="Impossible to find the main network interface, please report this issue." @@ -146,8 +146,8 @@ systemctl restart dnsmasq ynh_store_file_checksum --file="/etc/dnsmasq.d/$app" -ipv4_route_output=$(ip -4 route get 1.2.3.4 2> /dev/null || true | head -n1) -ipv6_route_output=$(ip -6 route get ::1.2.3.4 2> /dev/null || true | head -n1) +ipv4_route_output=$(echo "$(ip -4 route get 1.2.3.4 2> /dev/null)" | head -n1) +ipv6_route_output=$(echo "$(ip -6 route get ::1.2.3.4 2> /dev/null)" | head -n1) ipv4_addr="" for i in $(seq "$(echo $ipv4_route_output | wc -w)" -1 1); do From 22f9e76d7fdfd88ba5cd17c5769f52cc01572132 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Thu, 6 Jan 2022 14:07:07 +0100 Subject: [PATCH 05/14] Remove is_public, and add path_url --- conf/nginx.conf | 5 +++-- manifest.json | 9 +++++---- scripts/install | 14 +------------- 3 files changed, 9 insertions(+), 19 deletions(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index c8cd24c..c4d82af 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,7 +1,8 @@ location __PATH__/ { - proxy_pass http://127.0.0.1:__PORT__; - proxy_redirect off; + proxy_pass http://127.0.0.1:__PORT__/; + proxy_redirect / __PATH__/; + proxy_cookie_path / __PATH__/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Proto $scheme; diff --git a/manifest.json b/manifest.json index 5816900..86057a3 100644 --- a/manifest.json +++ b/manifest.json @@ -28,14 +28,15 @@ "nginx" ], "arguments": { - "install": [{ + "install": [ + { "name": "domain", "type": "domain" }, { - "name": "is_public", - "type": "boolean", - "default": true + "name": "path", + "type": "path", + "default": "/adguard" }, { "name": "admin", diff --git a/scripts/install b/scripts/install index fe936ec..eeb5b06 100644 --- a/scripts/install +++ b/scripts/install @@ -22,8 +22,7 @@ ynh_abort_if_errors # Retrieve arguments domain=$YNH_APP_ARG_DOMAIN -path_url="/" -is_public=$YNH_APP_ARG_IS_PUBLIC +path_url=$YNH_APP_ARG_PATH admin=$YNH_APP_ARG_ADMIN password=$YNH_APP_ARG_PASSWORD architecture=$YNH_ARCH @@ -194,17 +193,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=2 # Start a systemd service ynh_systemd_action --service_name=$app --action="restart" --log_path=systemd -#================================================= -# SETUP SSOWAT -#================================================= -ynh_script_progression --message="Configuring permissions..." --weight=1 - -# Make app public if necessary -if [ $is_public -eq 1 ] -then - ynh_permission_update --permission="main" --add="visitors" -fi - #================================================= # RELOAD NGINX #================================================= From b458c7d97e5263b313592749c9ac99d20c0c5f3c Mon Sep 17 00:00:00 2001 From: Kay0u Date: Thu, 6 Jan 2022 14:41:24 +0100 Subject: [PATCH 06/14] Fix doh --- conf/AdGuardHome.yaml | 2 +- conf/nginx.conf | 15 ++++++++++----- scripts/install | 7 +++++++ scripts/upgrade | 5 +++++ 4 files changed, 23 insertions(+), 6 deletions(-) diff --git a/conf/AdGuardHome.yaml b/conf/AdGuardHome.yaml index 9e1fdd9..c3b25af 100644 --- a/conf/AdGuardHome.yaml +++ b/conf/AdGuardHome.yaml @@ -80,7 +80,7 @@ tls: port_dns_over_quic: 784 port_dnscrypt: 0 dnscrypt_config_file: "" - allow_unencrypted_doh: false + allow_unencrypted_doh: true strict_sni_check: false certificate_chain: "" private_key: "" diff --git a/conf/nginx.conf b/conf/nginx.conf index c4d82af..3a3bff2 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -17,8 +17,13 @@ location __PATH__/ { include conf.d/yunohost_panel.conf.inc; } -#location ~ .*.(gif|jpg|jpeg|png|bmp|swf|css|js)$ { -# proxy_pass http://127.0.0.1:__PORT__; -# proxy_set_header Host $host; -# proxy_set_header X-Forwarded-For $remote_addr; -# } +location /dns-query { + proxy_set_header Host $http_host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_redirect off; + proxy_buffering on; + proxy_http_version 1.1; + proxy_read_timeout 6s; + proxy_connect_timeout 6s; + proxy_pass http://127.0.0.1:__PORT__/dns-query; +} diff --git a/scripts/install b/scripts/install index eeb5b06..cca67f4 100644 --- a/scripts/install +++ b/scripts/install @@ -185,6 +185,13 @@ ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 yunohost service add $app --description="Ads & trackers blocking DNS server" +#================================================= +# SETUP SSOWAT +#================================================= +ynh_script_progression --message="Configuring permissions..." + +ynh_permission_create --permission="api" --label="api" --url="re:$domain/dns-query" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true" + #================================================= # START SYSTEMD SERVICE #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 3d1aeb6..41c6430 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -37,6 +37,11 @@ if [ "$adguard_port" -ne "53" ]; then ynh_app_setting_set --app=$app --key=adguard_port --value=$adguard_port fi +# Create a permission if needed +if ! ynh_permission_exists --permission="api"; then + ynh_permission_create --permission="api" --label="api" --url="re:$domain/dns-query" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true" +fi + #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= From b86d4225ce268a4618bfd6b39e5cc2c2bc8a6dfb Mon Sep 17 00:00:00 2001 From: Kay0u Date: Thu, 6 Jan 2022 17:49:26 +0100 Subject: [PATCH 07/14] add dns_over_https arg --- conf/AdGuardHome.yaml | 2 +- manifest.json | 8 ++++++++ scripts/actions/reset_default_config | 10 ++++++++++ scripts/install | 9 +++++++++ scripts/upgrade | 10 ++++++++++ 5 files changed, 38 insertions(+), 1 deletion(-) diff --git a/conf/AdGuardHome.yaml b/conf/AdGuardHome.yaml index c3b25af..d0d4c6e 100644 --- a/conf/AdGuardHome.yaml +++ b/conf/AdGuardHome.yaml @@ -80,7 +80,7 @@ tls: port_dns_over_quic: 784 port_dnscrypt: 0 dnscrypt_config_file: "" - allow_unencrypted_doh: true + allow_unencrypted_doh: __DNS_OVER_HTTPS__ strict_sni_check: false certificate_chain: "" private_key: "" diff --git a/manifest.json b/manifest.json index 86057a3..199d8b2 100644 --- a/manifest.json +++ b/manifest.json @@ -45,6 +45,14 @@ { "name": "password", "type": "password" + }, + { + "name": "dns_over_https", + "type": "boolean", + "ask": { + "en": "Should DNS-over-HTTPS be enabled? (If so, anyone who knows your adguard address can make a doh request to https://adguardomain.tld/dns-query)" + }, + "default": true } ] } diff --git a/scripts/actions/reset_default_config b/scripts/actions/reset_default_config index 8b5c01e..eedcdf8 100644 --- a/scripts/actions/reset_default_config +++ b/scripts/actions/reset_default_config @@ -27,6 +27,16 @@ password=$(ynh_app_setting_get --app=$app --key=password) final_path=$(ynh_app_setting_get --app=$app --key=final_path) port=$(ynh_app_setting_get --app=$app --key=port) adguard_port=$(ynh_app_setting_get --app=$app --key=adguard_port) +dns_over_https=$(ynh_app_setting_get --app=$app --key=dns_over_https) + +if [ -n "$dns_over_https" ] && [ "$dns_over_https" == "1" ]; +then + dns_over_https="true" + ynh_app_setting_set --app=$app --key=dns_over_https --value=$dns_over_https +else + dns_over_https="false" + ynh_app_setting_set --app=$app --key=dns_over_https --value=$dns_over_https +fi ipv4_route_output=$(echo "$(ip -4 route get 1.2.3.4 2> /dev/null)" | head -n1) ipv6_route_output=$(echo "$(ip -6 route get ::1.2.3.4 2> /dev/null)" | head -n1) diff --git a/scripts/install b/scripts/install index cca67f4..2fc400f 100644 --- a/scripts/install +++ b/scripts/install @@ -25,6 +25,7 @@ domain=$YNH_APP_ARG_DOMAIN path_url=$YNH_APP_ARG_PATH admin=$YNH_APP_ARG_ADMIN password=$YNH_APP_ARG_PASSWORD +dns_over_https=$YNH_APP_ARG_DNS_OVER_HTTPS architecture=$YNH_ARCH app=$YNH_APP_INSTANCE_NAME @@ -49,6 +50,14 @@ ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=path --value=$path_url ynh_app_setting_set --app=$app --key=admin --value=$admin +if [ "$dns_over_https" == "1" ]; +then + dns_over_https="true" +else + dns_over_https="false" +fi +ynh_app_setting_set --app=$app --key=dns_over_https --value=$dns_over_https + #================================================= # FIND AND OPEN A PORT #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 41c6430..e649e03 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -23,6 +23,7 @@ password=$(ynh_app_setting_get --app=$app --key=password) final_path=$(ynh_app_setting_get --app=$app --key=final_path) port=$(ynh_app_setting_get --app=$app --key=port) adguard_port=$(ynh_app_setting_get --app=$app --key=adguard_port) +dns_over_https=$(ynh_app_setting_get --app=$app --key=dns_over_https) architecture=$YNH_ARCH #================================================= @@ -42,6 +43,15 @@ if ! ynh_permission_exists --permission="api"; then ynh_permission_create --permission="api" --label="api" --url="re:$domain/dns-query" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true" fi +if [ -n "$dns_over_https" ] && [ "$dns_over_https" == "1" ]; +then + dns_over_https="true" + ynh_app_setting_set --app=$app --key=dns_over_https --value=$dns_over_https +else + dns_over_https="false" + ynh_app_setting_set --app=$app --key=dns_over_https --value=$dns_over_https +fi + #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= From 012111f53b100f6d1fca76989aa88a4457fd713f Mon Sep 17 00:00:00 2001 From: Kay0u Date: Thu, 6 Jan 2022 17:56:32 +0100 Subject: [PATCH 08/14] keep dns_over_https as a bash boolean --- scripts/actions/reset_default_config | 2 -- scripts/install | 15 ++++++++------- scripts/upgrade | 7 ++----- 3 files changed, 10 insertions(+), 14 deletions(-) diff --git a/scripts/actions/reset_default_config b/scripts/actions/reset_default_config index eedcdf8..5d24f66 100644 --- a/scripts/actions/reset_default_config +++ b/scripts/actions/reset_default_config @@ -32,10 +32,8 @@ dns_over_https=$(ynh_app_setting_get --app=$app --key=dns_over_https) if [ -n "$dns_over_https" ] && [ "$dns_over_https" == "1" ]; then dns_over_https="true" - ynh_app_setting_set --app=$app --key=dns_over_https --value=$dns_over_https else dns_over_https="false" - ynh_app_setting_set --app=$app --key=dns_over_https --value=$dns_over_https fi ipv4_route_output=$(echo "$(ip -4 route get 1.2.3.4 2> /dev/null)" | head -n1) diff --git a/scripts/install b/scripts/install index 2fc400f..bc75670 100644 --- a/scripts/install +++ b/scripts/install @@ -49,13 +49,6 @@ ynh_script_progression --message="Storing installation settings..." --weight=2 ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=path --value=$path_url ynh_app_setting_set --app=$app --key=admin --value=$admin - -if [ "$dns_over_https" == "1" ]; -then - dns_over_https="true" -else - dns_over_https="false" -fi ynh_app_setting_set --app=$app --key=dns_over_https --value=$dns_over_https #================================================= @@ -171,6 +164,14 @@ for i in $(seq "$(echo $ipv6_route_output | wc -w)" -1 1); do fi done + +if [ "$dns_over_https" == "1" ]; +then + dns_over_https="true" +else + dns_over_https="false" +fi + # Main config File ynh_add_config --template="../conf/AdGuardHome.yaml" --destination="$final_path/AdGuardHome.yaml" diff --git a/scripts/upgrade b/scripts/upgrade index e649e03..48cbc57 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -43,12 +43,9 @@ if ! ynh_permission_exists --permission="api"; then ynh_permission_create --permission="api" --label="api" --url="re:$domain/dns-query" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true" fi -if [ -n "$dns_over_https" ] && [ "$dns_over_https" == "1" ]; +if [ -z "$dns_over_https" ]; then - dns_over_https="true" - ynh_app_setting_set --app=$app --key=dns_over_https --value=$dns_over_https -else - dns_over_https="false" + dns_over_https="0" ynh_app_setting_set --app=$app --key=dns_over_https --value=$dns_over_https fi From 69e734b931e14599fd01a980b6ca266a6e39d321 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Thu, 6 Jan 2022 19:09:04 +0100 Subject: [PATCH 09/14] WIP: config panel --- config_panel.toml | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 config_panel.toml diff --git a/config_panel.toml b/config_panel.toml new file mode 100644 index 0000000..a2f2b0d --- /dev/null +++ b/config_panel.toml @@ -0,0 +1,12 @@ +version = "1.0" + +[main] +name = "Adguard configuration" + + [main.options] + name = "Enable some features" + + [main.options.dns_over_https] + ask = "Enable DNS-over-HTTPS" + type = "boolean" + bind = "allow_unencrypted_doh:__FINALPATH__/AdGuardHome.yaml" \ No newline at end of file From 9868419ec464b2330c0f67a8bd17c90d9f749c92 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Fri, 7 Jan 2022 10:30:25 +0100 Subject: [PATCH 10/14] fix config panel --- config_panel.toml | 5 ++++- scripts/actions/reset_default_config | 7 ------- scripts/install | 15 +++++++-------- scripts/upgrade | 8 ++++++-- 4 files changed, 17 insertions(+), 18 deletions(-) diff --git a/config_panel.toml b/config_panel.toml index a2f2b0d..f57cd51 100644 --- a/config_panel.toml +++ b/config_panel.toml @@ -9,4 +9,7 @@ name = "Adguard configuration" [main.options.dns_over_https] ask = "Enable DNS-over-HTTPS" type = "boolean" - bind = "allow_unencrypted_doh:__FINALPATH__/AdGuardHome.yaml" \ No newline at end of file + yes = "true" + no = "false" + bind = "allow_unencrypted_doh:__FINALPATH__/AdGuardHome.yaml" + services = [ '__APP__' ] \ No newline at end of file diff --git a/scripts/actions/reset_default_config b/scripts/actions/reset_default_config index 5d24f66..c8d6bff 100644 --- a/scripts/actions/reset_default_config +++ b/scripts/actions/reset_default_config @@ -29,13 +29,6 @@ port=$(ynh_app_setting_get --app=$app --key=port) adguard_port=$(ynh_app_setting_get --app=$app --key=adguard_port) dns_over_https=$(ynh_app_setting_get --app=$app --key=dns_over_https) -if [ -n "$dns_over_https" ] && [ "$dns_over_https" == "1" ]; -then - dns_over_https="true" -else - dns_over_https="false" -fi - ipv4_route_output=$(echo "$(ip -4 route get 1.2.3.4 2> /dev/null)" | head -n1) ipv6_route_output=$(echo "$(ip -6 route get ::1.2.3.4 2> /dev/null)" | head -n1) diff --git a/scripts/install b/scripts/install index bc75670..2fc400f 100644 --- a/scripts/install +++ b/scripts/install @@ -49,6 +49,13 @@ ynh_script_progression --message="Storing installation settings..." --weight=2 ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=path --value=$path_url ynh_app_setting_set --app=$app --key=admin --value=$admin + +if [ "$dns_over_https" == "1" ]; +then + dns_over_https="true" +else + dns_over_https="false" +fi ynh_app_setting_set --app=$app --key=dns_over_https --value=$dns_over_https #================================================= @@ -164,14 +171,6 @@ for i in $(seq "$(echo $ipv6_route_output | wc -w)" -1 1); do fi done - -if [ "$dns_over_https" == "1" ]; -then - dns_over_https="true" -else - dns_over_https="false" -fi - # Main config File ynh_add_config --template="../conf/AdGuardHome.yaml" --destination="$final_path/AdGuardHome.yaml" diff --git a/scripts/upgrade b/scripts/upgrade index 48cbc57..c02b552 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -43,9 +43,13 @@ if ! ynh_permission_exists --permission="api"; then ynh_permission_create --permission="api" --label="api" --url="re:$domain/dns-query" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true" fi -if [ -z "$dns_over_https" ]; +if [ -n "$dns_over_https" ] && [ "$dns_over_https" == "1" ]; then - dns_over_https="0" + dns_over_https="true" + ynh_app_setting_set --app=$app --key=dns_over_https --value=$dns_over_https +elif [ -z "$dns_over_https" ] || [ "$dns_over_https" == "0" ]; +then + dns_over_https="false" ynh_app_setting_set --app=$app --key=dns_over_https --value=$dns_over_https fi From c36df7280838ab35ae469923e360799cdbf3ed8b Mon Sep 17 00:00:00 2001 From: Kay0u Date: Fri, 7 Jan 2022 10:41:26 +0100 Subject: [PATCH 11/14] we can now use a subpath, fix change_url script --- scripts/change_url | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/scripts/change_url b/scripts/change_url index fd8eea8..797bfc5 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -56,9 +56,10 @@ then change_domain=1 fi -if [ "$old_path" != "$new_path" ] || [ "$new_path" != "/" ] +change_path=0 +if [ "$old_path" != "$new_path" ] then - ynh_die --message="You must use a root domain" + change_path=1 fi #================================================= @@ -77,6 +78,18 @@ ynh_script_progression --message="Updating NGINX web server configuration..." -- nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf +# Change the path in the NGINX config file +if [ $change_path -eq 1 ] +then + # Make a backup of the original NGINX config file if modified + ynh_backup_if_checksum_is_different --file="$nginx_conf_path" + # Set global variables for NGINX helper + domain="$old_domain" + path_url="$new_path" + # Create a dedicated NGINX config + ynh_add_nginx_config +fi + # Change the domain for NGINX if [ $change_domain -eq 1 ] then @@ -87,10 +100,6 @@ then ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" fi -#================================================= -# SPECIFIC MODIFICATIONS -#================================================= - #================================================= # GENERIC FINALISATION #================================================= From 5899470d8d096b1cb49f3de8598af5782f0cda40 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Fri, 7 Jan 2022 10:41:31 +0100 Subject: [PATCH 12/14] add upgrade test --- check_process | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/check_process b/check_process index 7d97801..0d4aceb 100644 --- a/check_process +++ b/check_process @@ -3,8 +3,8 @@ domain="domain.tld" path="/path" admin="john" - is_public=1 password="1Strong-Password" + dns_over_https=1 ; Checks pkg_linter=1 setup_sub_dir=0 @@ -13,7 +13,7 @@ setup_private=1 setup_public=1 upgrade=1 - #upgrade=1 from_commit=CommitHash + upgrade=1 from_commit=c57900238fe703377b39d2dc54027e4b5303e9e6 backup_restore=1 multi_instance=0 change_url=1 @@ -21,6 +21,6 @@ Email= Notification=none ;;; Upgrade options - ; commit=CommitHash - name=Name and date of the commit. - manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr&is_public=1&password=pass&port=666& + ; commit=c57900238fe703377b39d2dc54027e4b5303e9e6 + name=0.107.2, 5 JAN 22 + manifest_arg=domain=DOMAIN&path=PATH&admin=USER&is_public=1&password=pass& \ No newline at end of file From bdea2dabda0371483aa2c0e3641365b664e9a841 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Fri, 7 Jan 2022 10:52:43 +0100 Subject: [PATCH 13/14] add subdir test --- check_process | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/check_process b/check_process index 0d4aceb..f04e942 100644 --- a/check_process +++ b/check_process @@ -7,7 +7,7 @@ dns_over_https=1 ; Checks pkg_linter=1 - setup_sub_dir=0 + setup_sub_dir=1 setup_root=1 setup_nourl=0 setup_private=1 From 3836687675b1e85b62a590bc53218ede760af8eb Mon Sep 17 00:00:00 2001 From: Kay0u Date: Fri, 7 Jan 2022 11:08:45 +0100 Subject: [PATCH 14/14] fix change_url script --- scripts/change_url | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/change_url b/scripts/change_url index 797bfc5..eca2bc2 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -28,6 +28,7 @@ ynh_script_progression --message="Loading installation settings..." --weight=1 # Needed for helper "ynh_add_nginx_config" final_path=$(ynh_app_setting_get --app=$app --key=final_path) +port=$(ynh_app_setting_get --app=$app --key=port) #================================================= # BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP