add dns_over_https arg

conf/AdGuardHome.yaml

@@ -80,7 +80,7 @@ tls:
   port_dns_over_quic: 784
   port_dnscrypt: 0
   dnscrypt_config_file: ""
-  allow_unencrypted_doh: true
+  allow_unencrypted_doh: __DNS_OVER_HTTPS__
   strict_sni_check: false
   certificate_chain: ""
   private_key: ""

manifest.json

@@ -45,6 +45,14 @@
             {
                 "name": "password",
                 "type": "password"
+            },
+            {
+                "name": "dns_over_https",
+                "type": "boolean",
+                "ask": {
+                    "en": "Should DNS-over-HTTPS be enabled? (If so, anyone who knows your adguard address can make a doh request to https://adguardomain.tld/dns-query)"
+                },
+                "default": true
             }
         ]
     }

scripts/actions/reset_default_config

@@ -27,6 +27,16 @@ password=$(ynh_app_setting_get --app=$app --key=password)
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 port=$(ynh_app_setting_get --app=$app --key=port)
 adguard_port=$(ynh_app_setting_get --app=$app --key=adguard_port)
+dns_over_https=$(ynh_app_setting_get --app=$app --key=dns_over_https)
+
+if [ -n "$dns_over_https" ] && [ "$dns_over_https" == "1" ];
+then
+  dns_over_https="true"
+  ynh_app_setting_set --app=$app --key=dns_over_https --value=$dns_over_https
+else
+  dns_over_https="false"
+  ynh_app_setting_set --app=$app --key=dns_over_https --value=$dns_over_https
+fi
 
 ipv4_route_output=$(echo "$(ip -4 route get 1.2.3.4 2> /dev/null)" | head -n1)
 ipv6_route_output=$(echo "$(ip -6 route get ::1.2.3.4 2> /dev/null)" | head -n1)

scripts/install

@@ -25,6 +25,7 @@ domain=$YNH_APP_ARG_DOMAIN
 path_url=$YNH_APP_ARG_PATH
 admin=$YNH_APP_ARG_ADMIN
 password=$YNH_APP_ARG_PASSWORD
+dns_over_https=$YNH_APP_ARG_DNS_OVER_HTTPS
 architecture=$YNH_ARCH
 
 app=$YNH_APP_INSTANCE_NAME
@@ -49,6 +50,14 @@ ynh_app_setting_set --app=$app --key=domain --value=$domain
 ynh_app_setting_set --app=$app --key=path --value=$path_url
 ynh_app_setting_set --app=$app --key=admin --value=$admin
 
+if [ "$dns_over_https" == "1" ];
+then
+    dns_over_https="true"
+else
+    dns_over_https="false"
+fi
+ynh_app_setting_set --app=$app --key=dns_over_https --value=$dns_over_https
+
 #=================================================
 # FIND AND OPEN A PORT
 #=================================================

scripts/upgrade

@@ -23,6 +23,7 @@ password=$(ynh_app_setting_get --app=$app --key=password)
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 port=$(ynh_app_setting_get --app=$app --key=port)
 adguard_port=$(ynh_app_setting_get --app=$app --key=adguard_port)
+dns_over_https=$(ynh_app_setting_get --app=$app --key=dns_over_https)
 architecture=$YNH_ARCH
 
 #=================================================
@@ -42,6 +43,15 @@ if ! ynh_permission_exists --permission="api"; then
     ynh_permission_create --permission="api" --label="api" --url="re:$domain/dns-query" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true"
 fi
 
+if [ -n "$dns_over_https" ] && [ "$dns_over_https" == "1" ];
+then
+  dns_over_https="true"
+  ynh_app_setting_set --app=$app --key=dns_over_https --value=$dns_over_https
+else
+  dns_over_https="false"
+  ynh_app_setting_set --app=$app --key=dns_over_https --value=$dns_over_https
+fi
+
 #=================================================
 # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
 #=================================================