diff --git a/manifest.toml b/manifest.toml index 8a9f055..bd9068f 100644 --- a/manifest.toml +++ b/manifest.toml @@ -54,8 +54,8 @@ default = false type = "boolean" [install.dns_over_https] -ask.en = "Should DNS-over-HTTPS/QUIC be enabled?" -help.en = "If so, anyone who knows your adguard address can make a doh request to https://adguardomain.tld/dns-query" +ask.en = "Should DNS-over-HTTPS/TLS/QUIC be enabled?" +help.en = "If so, anyone who knows your adguard address can make a doh request to https://adguardomain.tld/dns-query or using DoT/DoQ" default = false type = "boolean" @@ -75,8 +75,8 @@ type = "boolean" autoupdate.strategy = "latest_github_release" [resources.ports] -dns_over_http.default = 853 -dns_over_http.exposed = "Both" +dns_over_tls.default = 853 +dns_over_tls.exposed = "Both" dns_over_quic.default = 784 dns_over_quic.exposed = "UDP" internal_https.default = 13120 diff --git a/scripts/config b/scripts/config index 88a5333..d5ca3b5 100644 --- a/scripts/config +++ b/scripts/config @@ -12,7 +12,7 @@ source /usr/share/yunohost/helpers ynh_abort_if_errors # import needed settings -port_dns_over_http=$(ynh_app_setting_get --app="$app" --key=port_dns_over_http) +port_dns_over_tls=$(ynh_app_setting_get --app="$app" --key=port_dns_over_tls) port_dns_over_quic=$(ynh_app_setting_get --app="$app" --key=port_dns_over_quic) #================================================= @@ -43,9 +43,9 @@ set__expose_port_53() { # declare needs_exposed_ports according to real user need ynh_print_info --message="Updating the YunoHost service for AdGuard Home..." if [ "$dns_over_https" == "true" ] && [ "$expose_port_53" == "true" ]; then - yunohost service add "$app" --description="Ads & trackers blocking DNS server" --needs_exposed_ports "53" "$port_dns_over_http" + yunohost service add "$app" --description="Ads & trackers blocking DNS server" --needs_exposed_ports "53" "$port_dns_over_tls" elif [ "$dns_over_https" == "true" ]; then - yunohost service add "$app" --description="Ads & trackers blocking DNS server" --needs_exposed_ports "$port_dns_over_http" + yunohost service add "$app" --description="Ads & trackers blocking DNS server" --needs_exposed_ports "$port_dns_over_tls" elif [ "$expose_port_53" == "true" ]; then yunohost service add "$app" --description="Ads & trackers blocking DNS server" --needs_exposed_ports "53" else @@ -61,12 +61,12 @@ set__dns_over_https() { if [ "$dns_over_https" == "true" ]; then ynh_print_info --message="Opening DoH and DoQ ports..." # if DNS over HTTPS/QUIC is activated, open the associated ports - ynh_exec_warn_less yunohost firewall allow Both "$port_dns_over_http" --no-reload + ynh_exec_warn_less yunohost firewall allow Both "$port_dns_over_tls" --no-reload ynh_exec_warn_less yunohost firewall allow UDP "$port_dns_over_quic" elif [ "$dns_over_https" == "false" ]; then # else if false, close them ynh_print_info --message="Closing DoH and DoQ ports..." - ynh_exec_warn_less yunohost firewall disallow Both "$port_dns_over_http" --no-reload + ynh_exec_warn_less yunohost firewall disallow Both "$port_dns_over_tls" --no-reload ynh_exec_warn_less yunohost firewall disallow UDP "$port_dns_over_quic" else # else, throw error @@ -76,9 +76,9 @@ set__dns_over_https() { # declare needs_exposed_ports according to real user need ynh_print_info --message="Updating the YunoHost service for AdGuard Home..." if [ "$dns_over_https" == "true" ] && [ "$expose_port_53" == "true" ]; then - yunohost service add "$app" --description="Ads & trackers blocking DNS server" --needs_exposed_ports "53" "$port_dns_over_http" + yunohost service add "$app" --description="Ads & trackers blocking DNS server" --needs_exposed_ports "53" "$port_dns_over_tls" elif [ "$dns_over_https" == "true" ]; then - yunohost service add "$app" --description="Ads & trackers blocking DNS server" --needs_exposed_ports "$port_dns_over_http" + yunohost service add "$app" --description="Ads & trackers blocking DNS server" --needs_exposed_ports "$port_dns_over_tls" elif [ "$expose_port_53" == "true" ]; then yunohost service add "$app" --description="Ads & trackers blocking DNS server" --needs_exposed_ports "53" else diff --git a/scripts/install b/scripts/install index 3b40a0d..f678513 100644 --- a/scripts/install +++ b/scripts/install @@ -45,9 +45,9 @@ fi if [ "${dns_over_https:-}" = true ]; then # if DoH and DoQ are closed - if ! yunohost firewall list | grep -q " $port_dns_over_http$" && ! yunohost firewall list | grep -q " $port_dns_over_quic$"; then + if ! yunohost firewall list | grep -q " $port_dns_over_tls$" && ! yunohost firewall list | grep -q " $port_dns_over_quic$"; then ynh_print_info --message="Opening DoH and DoQ ports..." - ynh_exec_warn_less yunohost firewall allow Both "$port_dns_over_http" --no-reload + ynh_exec_warn_less yunohost firewall allow Both "$port_dns_over_tls" --no-reload ynh_exec_warn_less yunohost firewall allow UDP "$port_dns_over_quic" else # no need to open the ports, as they were opened at the 'Provisioning ports' step @@ -57,7 +57,7 @@ else # if dns_over_https is false, we need to close ports, # as they were opened at the 'Provisioning ports' step ynh_print_info --message="Closing DoH and DoQ ports..." - ynh_exec_warn_less yunohost firewall disallow Both "$port_dns_over_http" --no-reload + ynh_exec_warn_less yunohost firewall disallow Both "$port_dns_over_tls" --no-reload ynh_exec_warn_less yunohost firewall disallow UDP "$port_dns_over_quic" fi @@ -136,9 +136,9 @@ ynh_add_systemd_config # declare needs_exposed_ports according to real user need if [ "$dns_over_https" == "true" ] && [ "$expose_port_53" == "true" ]; then - yunohost service add "$app" --description="Ads & trackers blocking DNS server" --needs_exposed_ports "53" "$port_dns_over_http" + yunohost service add "$app" --description="Ads & trackers blocking DNS server" --needs_exposed_ports "53" "$port_dns_over_tls" elif [ "$dns_over_https" == "true" ]; then - yunohost service add "$app" --description="Ads & trackers blocking DNS server" --needs_exposed_ports "$port_dns_over_http" + yunohost service add "$app" --description="Ads & trackers blocking DNS server" --needs_exposed_ports "$port_dns_over_tls" elif [ "$expose_port_53" == "true" ]; then yunohost service add "$app" --description="Ads & trackers blocking DNS server" --needs_exposed_ports "53" else diff --git a/scripts/remove b/scripts/remove index 6e862be..7cf714d 100644 --- a/scripts/remove +++ b/scripts/remove @@ -19,7 +19,7 @@ ynh_print_info --message="Closing port 53..." ynh_exec_warn_less yunohost firewall disallow Both 53 if [ "$dns_over_https" == "true" ]; then ynh_print_info --message="Closing DoH and DoQ ports..." - ynh_exec_warn_less yunohost firewall disallow Both "$port_dns_over_http" --no-reload + ynh_exec_warn_less yunohost firewall disallow Both "$port_dns_over_tls" --no-reload ynh_exec_warn_less yunohost firewall disallow UDP "$port_dns_over_quic" fi diff --git a/scripts/restore b/scripts/restore index d32108c..31cf549 100644 --- a/scripts/restore +++ b/scripts/restore @@ -23,9 +23,9 @@ fi if [ "${dns_over_https:-}" = true ]; then # if DoH and DoQ are closed - if ! yunohost firewall list | grep -q " $port_dns_over_http$" && ! yunohost firewall list | grep -q " $port_dns_over_quic$"; then + if ! yunohost firewall list | grep -q " $port_dns_over_tls$" && ! yunohost firewall list | grep -q " $port_dns_over_quic$"; then ynh_print_info --message="Opening DoH and DoQ ports..." - ynh_exec_warn_less yunohost firewall allow Both "$port_dns_over_http" --no-reload + ynh_exec_warn_less yunohost firewall allow Both "$port_dns_over_tls" --no-reload ynh_exec_warn_less yunohost firewall allow UDP "$port_dns_over_quic" else # no need to open the ports, as they were opened at the 'Provisioning ports' step @@ -35,7 +35,7 @@ else # if dns_over_https is false, we need to close ports, # as they were opened at the 'Provisioning ports' step ynh_print_info --message="Closing DoH and DoQ ports..." - ynh_exec_warn_less yunohost firewall disallow Both "$port_dns_over_http" --no-reload + ynh_exec_warn_less yunohost firewall disallow Both "$port_dns_over_tls" --no-reload ynh_exec_warn_less yunohost firewall disallow UDP "$port_dns_over_quic" fi @@ -94,9 +94,9 @@ systemctl enable "$app.service" --quiet # declare needs_exposed_ports according to real user need if [ "$dns_over_https" == "true" ] && [ "$expose_port_53" == "true" ]; then - yunohost service add "$app" --description="Ads & trackers blocking DNS server" --needs_exposed_ports "53" "$port_dns_over_http" + yunohost service add "$app" --description="Ads & trackers blocking DNS server" --needs_exposed_ports "53" "$port_dns_over_tls" elif [ "$dns_over_https" == "true" ]; then - yunohost service add "$app" --description="Ads & trackers blocking DNS server" --needs_exposed_ports "$port_dns_over_http" + yunohost service add "$app" --description="Ads & trackers blocking DNS server" --needs_exposed_ports "$port_dns_over_tls" elif [ "$expose_port_53" == "true" ]; then yunohost service add "$app" --description="Ads & trackers blocking DNS server" --needs_exposed_ports "53" else diff --git a/scripts/upgrade b/scripts/upgrade index 5544f21..1a4e326 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -65,7 +65,7 @@ if grep -q "port_https: 443" "$install_dir/AdGuardHome.yaml" || grep -q "port_dn # if so: mandatory replacement for them # (because the final user can't easily know the ports used by the package) ynh_write_var_in_file --file="$install_dir/AdGuardHome.yaml" --key="port_https" --value="$port_internal_https" - ynh_write_var_in_file --file="$install_dir/AdGuardHome.yaml" --key="port_dns_over_tls" --value="$port_dns_over_http" + ynh_write_var_in_file --file="$install_dir/AdGuardHome.yaml" --key="port_dns_over_tls" --value="$port_dns_over_tls" ynh_write_var_in_file --file="$install_dir/AdGuardHome.yaml" --key="port_dns_over_quic" --value="$port_dns_over_quic" fi @@ -95,9 +95,9 @@ fi if [ "${dns_over_https:-}" = true ]; then # if DoH and DoQ are closed - if ! yunohost firewall list | grep -q " $port_dns_over_http$" && ! yunohost firewall list | grep -q " $port_dns_over_quic$"; then + if ! yunohost firewall list | grep -q " $port_dns_over_tls$" && ! yunohost firewall list | grep -q " $port_dns_over_quic$"; then ynh_print_info --message="Opening DoH and DoQ ports..." - ynh_exec_warn_less yunohost firewall allow Both "$port_dns_over_http" --no-reload + ynh_exec_warn_less yunohost firewall allow Both "$port_dns_over_tls" --no-reload ynh_exec_warn_less yunohost firewall allow UDP "$port_dns_over_quic" else # no need to open the ports, as they were opened at the 'Provisioning ports' step @@ -107,7 +107,7 @@ else # if dns_over_https is false, we need to close ports, # as they were opened at the 'Provisioning ports' step ynh_print_info --message="Closing DoH and DoQ ports..." - ynh_exec_warn_less yunohost firewall disallow Both "$port_dns_over_http" --no-reload + ynh_exec_warn_less yunohost firewall disallow Both "$port_dns_over_tls" --no-reload ynh_exec_warn_less yunohost firewall disallow UDP "$port_dns_over_quic" fi @@ -141,9 +141,9 @@ ynh_add_systemd_config # declare needs_exposed_ports according to real user need if [ "$dns_over_https" == "true" ] && [ "$expose_port_53" == "true" ]; then - yunohost service add "$app" --description="Ads & trackers blocking DNS server" --needs_exposed_ports "53" "$port_dns_over_http" + yunohost service add "$app" --description="Ads & trackers blocking DNS server" --needs_exposed_ports "53" "$port_dns_over_tls" elif [ "$dns_over_https" == "true" ]; then - yunohost service add "$app" --description="Ads & trackers blocking DNS server" --needs_exposed_ports "$port_dns_over_http" + yunohost service add "$app" --description="Ads & trackers blocking DNS server" --needs_exposed_ports "$port_dns_over_tls" elif [ "$expose_port_53" == "true" ]; then yunohost service add "$app" --description="Ads & trackers blocking DNS server" --needs_exposed_ports "53" else