diff --git a/config_panel.toml b/config_panel.toml index a3c7942..d6582a5 100644 --- a/config_panel.toml +++ b/config_panel.toml @@ -4,8 +4,14 @@ version = "1.0" name = "AdguardHome configuration" services = ["__APP__"] +[main.options.open_port_53] +ask = "Open port 53 to the Internet?" +no = "false" +type = "boolean" +yes = "true" + [main.options.dns_over_https] -ask = "Enable DNS-over-HTTPS/QUIC" +ask = "Enable DNS-over-HTTPS/QUIC?" no = "false" type = "boolean" yes = "true" diff --git a/scripts/config b/scripts/config index e3eacfb..4f2af33 100644 --- a/scripts/config +++ b/scripts/config @@ -15,21 +15,40 @@ ynh_abort_if_errors # SPECIFIC SETTERS #================================================= +set__open_port_53() { + + if [ "$open_port_53" == "true" ]; then + ynh_script_progression --message="Opening port 53..." + # if the user would expose port 53 to the Internet, open it + ynh_exec_warn_less yunohost firewall allow Both "$port_adguard" + yunohost firewall reload + elif [ "$open_port_53" == "false" ]; then + # else if false, close it + ynh_script_progression --message="Closing port 53..." + ynh_exec_warn_less yunohost firewall disallow Both "$port_adguard" + yunohost firewall reload + else + # else, throw error + ynh_print_warn --message="The variable 'open_port_53' should be 'true' or 'false' but isn't, please report this." + fi + + # save the new setting + ynh_app_setting_set "$app" --key=open_port_53 --value="$open_port_53" +} + set__dns_over_https() { if [ "$dns_over_https" == "true" ]; then ynh_script_progression --message="Opening DoH and DoQ ports..." # if DNS over HTTPS/QUIC is activated, open the associated ports - ynh_exec_warn_less yunohost firewall allow --no-upnp TCP "$port_dns_over_http" - ynh_exec_warn_less yunohost firewall allow --no-upnp UDP "$port_dns_over_http" - ynh_exec_warn_less yunohost firewall allow --no-upnp UDP "$port_dns_over_quic" + ynh_exec_warn_less yunohost firewall allow Both "$port_dns_over_http" + ynh_exec_warn_less yunohost firewall allow UDP "$port_dns_over_quic" yunohost firewall reload elif [ "$dns_over_https" == "false" ]; then # else if false, close them ynh_script_progression --message="Closing DoH and DoQ ports..." - ynh_exec_warn_less yunohost firewall disallow --no-upnp TCP "$port_dns_over_http" - ynh_exec_warn_less yunohost firewall disallow --no-upnp UDP "$port_dns_over_http" - ynh_exec_warn_less yunohost firewall disallow --no-upnp UDP "$port_dns_over_quic" + ynh_exec_warn_less yunohost firewall disallow Both "$port_dns_over_http" + ynh_exec_warn_less yunohost firewall disallow UDP "$port_dns_over_quic" yunohost firewall reload else # else, throw error @@ -37,6 +56,10 @@ set__dns_over_https() { fi # save the new setting - ynh_app_setting_set "$app" prices "$dns_over_https" + ynh_app_setting_set "$app" --key=dns_over_https --value="$dns_over_https" } +#================================================= +# GENERIC FINALIZATION +#================================================= +ynh_app_config_run $1 diff --git a/scripts/install b/scripts/install index d1cbe89..5196537 100644 --- a/scripts/install +++ b/scripts/install @@ -14,22 +14,34 @@ source /usr/share/yunohost/helpers #================================================= ynh_script_progression --message="Storing installation settings..." --weight=2 -if [ "$dns_over_https" == "1" ]; -then +if [ "$dns_over_https" == "1" ]; then dns_over_https="true" # no need to open the ports, as they were opened at the 'Provisioning ports' step else dns_over_https="false" # if dns_over_https is false, we need to close ports, # as they were opened at the 'Provisioning ports' step - ynh_exec_warn_less yunohost firewall disallow --no-upnp TCP "$port_dns_over_http" - ynh_exec_warn_less yunohost firewall disallow --no-upnp UDP "$port_dns_over_http" - ynh_exec_warn_less yunohost firewall disallow --no-upnp UDP "$port_dns_over_quic" + ynh_exec_warn_less yunohost firewall disallow Both "$port_dns_over_http" + ynh_exec_warn_less yunohost firewall disallow UDP "$port_dns_over_quic" ynh_exec_warn_less yunohost firewall reload fi ynh_app_setting_set --app="$app" --key=dns_over_https --value="$dns_over_https" +if [ "$open_port_53" == "1" ]; then + open_port_53="true" + # no need to open th port, as it were opened at the 'Provisioning ports' step +else + open_port_53="false" + # if open_port_53 is false, we need to close port, + # as it were opened at the 'Provisioning ports' step + ynh_exec_warn_less yunohost firewall disallow Both "$port_dns_over_http" + ynh_exec_warn_less yunohost firewall reload +fi + +ynh_app_setting_set --app="$app" --key=open_port_53 --value="$open_port_53" + + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= diff --git a/scripts/restore b/scripts/restore index 1d292df..84bdd3f 100644 --- a/scripts/restore +++ b/scripts/restore @@ -18,9 +18,13 @@ source /usr/share/yunohost/helpers if [ "$dns_over_https" == "false" ]; then # if dns_over_https is false, we need to close ports, # as they were opened at the 'Provisioning ports' step - ynh_exec_warn_less yunohost firewall disallow --no-upnp TCP "$port_dns_over_http" - ynh_exec_warn_less yunohost firewall disallow --no-upnp UDP "$port_dns_over_http" - ynh_exec_warn_less yunohost firewall disallow --no-upnp UDP "$port_dns_over_quic" + ynh_exec_warn_less yunohost firewall disallow Both "$port_dns_over_http" + ynh_exec_warn_less yunohost firewall disallow UDP "$port_dns_over_quic" + ynh_exec_warn_less yunohost firewall reload +fi + +if [ "$open_port_53" == "false" ]; then + ynh_exec_warn_less yunohost firewall disallow Both "$port_dns_over_http" ynh_exec_warn_less yunohost firewall reload fi diff --git a/scripts/upgrade b/scripts/upgrade index 1061e28..412e926 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -29,23 +29,33 @@ ynh_systemd_action --service_name="$app" --action="stop" #================================================= ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 -if [ -n "$dns_over_https" ] && [ "$dns_over_https" == "1" ]; -then +if [ -n "$dns_over_https" ] && [ "$dns_over_https" == "1" ]; then dns_over_https="true" ynh_app_setting_set --app="$app" --key=dns_over_https --value=$dns_over_https # no need to open the ports, as they were opened at the 'Provisioning ports' step -elif [ -z "$dns_over_https" ] || [ "$dns_over_https" == "0" ]; -then +elif [ -z "$dns_over_https" ] || [ "$dns_over_https" == "0" ]; then dns_over_https="false" ynh_app_setting_set --app="$app" --key=dns_over_https --value=$dns_over_https # if dns_over_https is false, we need to close ports, # as they were opened at the 'Provisioning ports' step - ynh_exec_warn_less yunohost firewall disallow --no-upnp TCP "$port_dns_over_http" - ynh_exec_warn_less yunohost firewall disallow --no-upnp UDP "$port_dns_over_http" - ynh_exec_warn_less yunohost firewall disallow --no-upnp UDP "$port_dns_over_quic" + ynh_exec_warn_less yunohost firewall disallow Both "$port_dns_over_http" + ynh_exec_warn_less yunohost firewall disallow UDP "$port_dns_over_quic" ynh_exec_warn_less yunohost firewall reload fi +if [ -n "$open_port_53" ] && [ "$open_port_53" == "1" ]; then + open_port_53="true" + # no need to open th port, as it were opened at the 'Provisioning ports' step +elif [ -z "$open_port_53" ] || [ "$open_port_53" == "0" ]; then + open_port_53="false" + # if open_port_53 is false, we need to close port, + # as it were opened at the 'Provisioning ports' step + ynh_exec_warn_less yunohost firewall disallow Both "$port_dns_over_http" + ynh_exec_warn_less yunohost firewall reload +fi + +ynh_app_setting_set --app="$app" --key=open_port_53 --value="$open_port_53" + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #=================================================