YunoHost-Apps/adguardhome_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/adguardhome_ynh.git synced 2024-09-03 18:06:23 +02:00
Code Issues Activity Actions

Merge pull request #33 from YunoHost-Apps/testing

Browse source 
Testing
This commit is contained in:
Kayou 2022-01-10 10:39:08 +01:00 committed by GitHub
commit 17d5224a04
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
11 changed files with 141 additions and 55 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -20,7 +20,7 @@ AdGuard Home is a network-wide software for blocking ads & tracking. After you s
It operates as a DNS server that re-routes tracking domains to a "black hole", thus preventing your devices from connecting to those servers. It's based on software we use for our public AdGuard DNS servers -- both share a lot of common code.
**Shipped version:** 0.107.2~ynh1
**Shipped version:** 0.107.2~ynh2

2
README_fr.md
View file

@ -16,7 +16,7 @@ AdGuard Home est un logiciel à l'échelle du réseau pour bloquer les publicit
Il fonctionne comme un serveur DNS qui redirige les domaines de pistage vers un "trou noir", empêchant ainsi vos appareils de se connecter à ces serveurs. Il est basé sur un logiciel que nous utilisons pour nos serveurs DNS publics AdGuard - les deux partagent beaucoup de code commun.
**Version incluse :** 0.107.2~ynh1
**Version incluse :** 0.107.2~ynh2

12
check_process
View file

@ -3,17 +3,17 @@
domain="domain.tld"
path="/path"
admin="john"
is_public=1
password="1Strong-Password"
dns_over_https=1
; Checks
pkg_linter=1
setup_sub_dir=0
setup_sub_dir=1
setup_root=1
setup_nourl=0
setup_private=1
setup_public=1
upgrade=1
#upgrade=1 from_commit=CommitHash
upgrade=1 from_commit=c57900238fe703377b39d2dc54027e4b5303e9e6
backup_restore=1
multi_instance=0
change_url=1
@ -21,6 +21,6 @@
Email=
Notification=none
;;; Upgrade options
; commit=CommitHash
name=Name and date of the commit.
manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr&is_public=1&password=pass&port=666&
; commit=c57900238fe703377b39d2dc54027e4b5303e9e6
name=0.107.2, 5 JAN 22
manifest_arg=domain=DOMAIN&path=PATH&admin=USER&is_public=1&password=pass&

2
conf/AdGuardHome.yaml
View file

@ -80,7 +80,7 @@ tls:
port_dns_over_quic: 784
port_dnscrypt: 0
dnscrypt_config_file: ""
allow_unencrypted_doh: false
allow_unencrypted_doh: __DNS_OVER_HTTPS__
strict_sni_check: false
certificate_chain: ""
private_key: ""

20
conf/nginx.conf
View file

@ -1,7 +1,8 @@
location __PATH__/ {
proxy_pass http://127.0.0.1:__PORT__;
proxy_redirect off;
proxy_pass http://127.0.0.1:__PORT__/;
proxy_redirect / __PATH__/;
proxy_cookie_path / __PATH__/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
@ -16,8 +17,13 @@ location __PATH__/ {
include conf.d/yunohost_panel.conf.inc;
}
#location ~ .*.(gif|jpg|jpeg|png|bmp|swf|css|js)$ {
# proxy_pass http://127.0.0.1:__PORT__;
# proxy_set_header Host $host;
# proxy_set_header X-Forwarded-For $remote_addr;
# }
location /dns-query {
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect off;
proxy_buffering on;
proxy_http_version 1.1;
proxy_read_timeout 6s;
proxy_connect_timeout 6s;
proxy_pass http://127.0.0.1:__PORT__/dns-query;
}

15
config_panel.toml Normal file
View file

@ -0,0 +1,15 @@
version = "1.0"
[main]
name = "Adguard configuration"
[main.options]
name = "Enable some features"
[main.options.dns_over_https]
ask = "Enable DNS-over-HTTPS"
type = "boolean"
yes = "true"
no = "false"
bind = "allow_unencrypted_doh:__FINALPATH__/AdGuardHome.yaml"
services = [ '__APP__' ]

19
manifest.json
View file

@ -6,7 +6,7 @@
"en": "Network-wide ads & trackers blocking DNS server",
"fr": "Serveur DNS, bloqueur de publicités et trackers"
},
"version": "0.107.2~ynh1",
"version": "0.107.2~ynh2",
"url": "https://adguard.com/adguard-home.html",
"upstream": {
"license": "GPL-3.0",
@ -28,14 +28,15 @@
"nginx"
],
"arguments": {
"install": [{
"install": [
{
"name": "domain",
"type": "domain"
},
{
"name": "is_public",
"type": "boolean",
"default": true
"name": "path",
"type": "path",
"default": "/adguard"
},
{
"name": "admin",
@ -44,6 +45,14 @@
{
"name": "password",
"type": "password"
},
{
"name": "dns_over_https",
"type": "boolean",
"ask": {
"en": "Should DNS-over-HTTPS be enabled? (If so, anyone who knows your adguard address can make a doh request to https://adguardomain.tld/dns-query)"
},
"default": true
}
]
}

5
scripts/actions/reset_default_config
View file

@ -27,9 +27,10 @@ password=$(ynh_app_setting_get --app=$app --key=password)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
port=$(ynh_app_setting_get --app=$app --key=port)
adguard_port=$(ynh_app_setting_get --app=$app --key=adguard_port)
dns_over_https=$(ynh_app_setting_get --app=$app --key=dns_over_https)
ipv4_route_output=$(ip -4 route get 1.2.3.4 | head -n1)
ipv6_route_output=$(ip -6 route get ::1.2.3.4 | head -n1)
ipv4_route_output=$(echo "$(ip -4 route get 1.2.3.4 2> /dev/null)" | head -n1)
ipv6_route_output=$(echo "$(ip -6 route get ::1.2.3.4 2> /dev/null)" | head -n1)
ipv4_addr=""
for i in $(seq "$(echo $ipv4_route_output | wc -w)" -1 1); do

22
scripts/change_url
View file

@ -28,6 +28,7 @@ ynh_script_progression --message="Loading installation settings..." --weight=1
# Needed for helper "ynh_add_nginx_config"
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
port=$(ynh_app_setting_get --app=$app --key=port)
#=================================================
# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP
@ -56,9 +57,10 @@ then
change_domain=1
fi
if [ "$old_path" != "$new_path" ] || [ "$new_path" != "/" ]
change_path=0
if [ "$old_path" != "$new_path" ]
then
ynh_die --message="You must use a root domain"
change_path=1
fi
#=================================================
@ -77,6 +79,18 @@ ynh_script_progression --message="Updating NGINX web server configuration..." --
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
# Change the path in the NGINX config file
if [ $change_path -eq 1 ]
then
# Make a backup of the original NGINX config file if modified
ynh_backup_if_checksum_is_different --file="$nginx_conf_path"
# Set global variables for NGINX helper
domain="$old_domain"
path_url="$new_path"
# Create a dedicated NGINX config
ynh_add_nginx_config
fi
# Change the domain for NGINX
if [ $change_domain -eq 1 ]
then
@ -87,10 +101,6 @@ then
ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
fi
#=================================================
# SPECIFIC MODIFICATIONS
#=================================================
#=================================================
# GENERIC FINALISATION
#=================================================

51
scripts/install
View file

@ -22,10 +22,10 @@ ynh_abort_if_errors
# Retrieve arguments
domain=$YNH_APP_ARG_DOMAIN
path_url="/"
is_public=$YNH_APP_ARG_IS_PUBLIC
path_url=$YNH_APP_ARG_PATH
admin=$YNH_APP_ARG_ADMIN
password=$YNH_APP_ARG_PASSWORD
dns_over_https=$YNH_APP_ARG_DNS_OVER_HTTPS
architecture=$YNH_ARCH
app=$YNH_APP_INSTANCE_NAME
@ -50,6 +50,14 @@ ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=path --value=$path_url
ynh_app_setting_set --app=$app --key=admin --value=$admin
if [ "$dns_over_https" == "1" ];
then
dns_over_https="true"
else
dns_over_https="false"
fi
ynh_app_setting_set --app=$app --key=dns_over_https --value=$dns_over_https
#=================================================
# FIND AND OPEN A PORT
#=================================================
@ -116,12 +124,23 @@ ynh_add_nginx_config
#=================================================
ynh_script_progression --message="Modifying a config file..." --weight=1
ipv4_interface=$(ip route get 1.2.3.4 | grep -oP '(?<=dev )\w+')
ipv6_interface=$(ip -6 route get ::1.2.3.4 | grep -oP '(?<=dev )\w+')
# echo the ip route command to prevent a crash if the server doesn't have any ipv4/6
ipv4_interface=$(echo "$(ip -4 route get 1.2.3.4 2> /dev/null)" | head -n1 | grep -oP '(?<=dev )\w+')
ipv6_interface=$(echo "$(ip -6 route get ::1.2.3.4 2> /dev/null)" | head -n1 | grep -oP '(?<=dev )\w+')
if [ "$ipv4_interface" != "$ipv6_interface" ]; then
if [ -z "$ipv4_interface" ] && [ -z "$ipv6_interface" ]; then
ynh_die --message="Impossible to find the main network interface, please report this issue."
elif [ "$ipv4_interface" != "$ipv6_interface" ]; then
if [ -z "$ipv4_interface" ]; then
echo "bind-interfaces
except-interface=$ipv6_interface" > "/etc/dnsmasq.d/$app"
elif [ -z "$ipv6_interface" ]; then
echo "bind-interfaces
except-interface=$ipv4_interface" > "/etc/dnsmasq.d/$app"
else
echo "bind-interfaces
except-interface=$ipv4_interface, $ipv6_interface" > "/etc/dnsmasq.d/$app"
fi
else
echo "bind-interfaces
except-interface=$ipv4_interface" > "/etc/dnsmasq.d/$app"
@ -131,8 +150,8 @@ systemctl restart dnsmasq
ynh_store_file_checksum --file="/etc/dnsmasq.d/$app"
ipv4_route_output=$(ip -4 route get 1.2.3.4 | head -n1)
ipv6_route_output=$(ip -6 route get ::1.2.3.4 | head -n1)
ipv4_route_output=$(echo "$(ip -4 route get 1.2.3.4 2> /dev/null)" | head -n1 | head -n1)
ipv6_route_output=$(echo "$(ip -6 route get ::1.2.3.4 2> /dev/null)" | head -n1)
ipv4_addr=""
for i in $(seq "$(echo $ipv4_route_output | wc -w)" -1 1); do
@ -175,6 +194,13 @@ ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
yunohost service add $app --description="Ads & trackers blocking DNS server"
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring permissions..."
ynh_permission_create --permission="api" --label="api" --url="re:$domain/dns-query" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true"
#=================================================
# START SYSTEMD SERVICE
#=================================================
@ -183,17 +209,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=2
# Start a systemd service
ynh_systemd_action --service_name=$app --action="restart" --log_path=systemd
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring permissions..." --weight=1
# Make app public if necessary
if [ $is_public -eq 1 ]
then
ynh_permission_update --permission="main" --add="visitors"
fi
#=================================================
# RELOAD NGINX
#=================================================

42
scripts/upgrade
View file

@ -23,6 +23,7 @@ password=$(ynh_app_setting_get --app=$app --key=password)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
port=$(ynh_app_setting_get --app=$app --key=port)
adguard_port=$(ynh_app_setting_get --app=$app --key=adguard_port)
dns_over_https=$(ynh_app_setting_get --app=$app --key=dns_over_https)
architecture=$YNH_ARCH
#=================================================
@ -37,6 +38,21 @@ if [ "$adguard_port" -ne "53" ]; then
ynh_app_setting_set --app=$app --key=adguard_port --value=$adguard_port
fi
# Create a permission if needed
if ! ynh_permission_exists --permission="api"; then
ynh_permission_create --permission="api" --label="api" --url="re:$domain/dns-query" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true"
fi
if [ -n "$dns_over_https" ] && [ "$dns_over_https" == "1" ];
then
dns_over_https="true"
ynh_app_setting_set --app=$app --key=dns_over_https --value=$dns_over_https
elif [ -z "$dns_over_https" ] || [ "$dns_over_https" == "0" ];
then
dns_over_https="false"
ynh_app_setting_set --app=$app --key=dns_over_https --value=$dns_over_https
fi
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
@ -121,12 +137,22 @@ ynh_install_app_dependencies $pkg_dependencies
#=================================================
ynh_script_progression --message="Updating a configuration file..." --weight=1
ipv4_interface=$(ip route get 1.2.3.4 | grep -oP '(?<=dev )\w+')
ipv6_interface=$(ip -6 route get ::1.2.3.4 | grep -oP '(?<=dev )\w+')
ipv4_interface=$(echo "$(ip -4 route get 1.2.3.4 2> /dev/null)" | head -n1 | grep -oP '(?<=dev )\w+')
ipv6_interface=$(echo "$(ip -6 route get ::1.2.3.4 2> /dev/null)" | head -n1 | grep -oP '(?<=dev )\w+')
if [ "$ipv4_interface" != "$ipv6_interface" ]; then
if [ -z "$ipv4_interface" ] && [ -z "$ipv6_interface" ]; then
ynh_die --message="Impossible to find the main network interface, please report this issue."
elif [ "$ipv4_interface" != "$ipv6_interface" ]; then
if [ -z "$ipv4_interface" ]; then
echo "bind-interfaces
except-interface=$ipv6_interface" > "/etc/dnsmasq.d/$app"
elif [ -z "$ipv6_interface" ]; then
echo "bind-interfaces
except-interface=$ipv4_interface" > "/etc/dnsmasq.d/$app"
else
echo "bind-interfaces
except-interface=$ipv4_interface, $ipv6_interface" > "/etc/dnsmasq.d/$app"
fi
else
echo "bind-interfaces
except-interface=$ipv4_interface" > "/etc/dnsmasq.d/$app"
@ -136,8 +162,8 @@ systemctl restart dnsmasq
ynh_store_file_checksum --file="/etc/dnsmasq.d/$app"
ipv4_route_output=$(ip -4 route get 1.2.3.4 | head -n1)
ipv6_route_output=$(ip -6 route get ::1.2.3.4 | head -n1)
ipv4_route_output=$(echo "$(ip -4 route get 1.2.3.4 2> /dev/null)" | head -n1)
ipv6_route_output=$(echo "$(ip -6 route get ::1.2.3.4 2> /dev/null)" | head -n1)
ipv4_addr=""
for i in $(seq "$(echo $ipv4_route_output | wc -w)" -1 1); do
@ -165,7 +191,11 @@ with open(\"$final_path/AdGuardHome.yaml\", 'r') as file:
need_file_update = False
if \"0.0.0.0\" in conf_file[\"dns\"][\"bind_hosts\"]:
conf_file[\"dns\"][\"bind_hosts\"] = [\"$ipv4_addr\", \"$ipv6_addr\"]
conf_file[\"dns\"][\"bind_hosts\"] = []
if \"$ipv4_addr\":
conf_file[\"dns\"][\"bind_hosts\"].append(\"$ipv4_addr\")
if \"$ipv6_addr\":
conf_file[\"dns\"][\"bind_hosts\"].append(\"$ipv6_addr\")
need_file_update = True
if conf_file[\"dns\"][\"port\"] != $adguard_port: