diff --git a/README.md b/README.md index ce6f798..a5a7c61 100644 --- a/README.md +++ b/README.md @@ -1,72 +1,113 @@ + + # Pi-hole for YunoHost [![Integration level](https://dash.yunohost.org/integration/pihole.svg)](https://dash.yunohost.org/appci/app/pihole) ![](https://ci-apps.yunohost.org/ci/badges/pihole.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/pihole.maintain.svg) -[![Install Pi-hole with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=pihole) +[![Install Pi-hole with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=pihole) *[Lire ce readme en français.](./README_fr.md)* -> *This package allow you to install Pi-hole quickly and easily on a YunoHost server. -If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to learn how to install and enjoy it.* +> *This package allows you to install Pi-hole quickly and simply on a YunoHost server. +If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.* ## Overview -Network-wide ad blocking via your own Linux hardware -**Shipped version:** 3.3.1 +Network-wide ad blocking via your own DNS server + +**Shipped version:** 5.3.1~ynh1 + + ## Screenshots -![](https://i0.wp.com/pi-hole.net/wp-content/uploads/2016/12/dashboard212.png) +![](./doc/screenshots/dashboard.png) -## Demo - -No demo available. +## Disclaimers / important information ## Configuration Use the admin panel of your Pi-hole to configure this app. You may also need to follow the [post-install guide](https://docs.pi-hole.net/main/post-install/) to setup Pi-hole either as a *DNS server* or a *DHCP server*. -## Documentation - -* Official documentation: https://docs.pi-hole.net/ -* Pi-hole as a DHCP server: [dhcp.md](./dhcp.md) -* YunoHost documentation: There is no other documentation. Feel free to contribute! - -## YunoHost specific features - -* Private access to the admin panel. - -#### Multi-users support - -#### Supported architectures - -* x86-64b - [![](https://ci-apps.yunohost.org/ci/logs/pihole%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/pihole/) -* ARMv8-A - [![](https://ci-apps-arm.yunohost.org/ci/logs/pihole%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/pihole/) -* Jessie x86-64b - [![](https://ci-stretch.nohost.me/ci/logs/pihole%20%28Apps%29.svg)](https://ci-stretch.nohost.me/ci/apps/pihole/) - ## Limitations * Activate DHCP with Pi-hole needs manual configuration of your router. * Pi-Hole can't be updated beyond version 3.3.1, because higher versions use an integrated version of dnsmasq. This would require disabling the version of dnsmasq used by YunoHost. -## Additionnal informations -## Links +Using Pi-hole as your DHCP server +================== - * Report a bug: https://github.com/YunoHost-Apps/pihole_ynh/issues - * Pi-hole website: https://pi-hole.net/ - * Pi-hole repository: https://github.com/pi-hole/pi-hole/ - * YunoHost website: https://yunohost.org/ +> **Be careful, you should considering that playing with your DHCP may break your network. +In case your server is down, you will lose your dns resolution and ip address. +So, you will lose any internet connection and even the connection to your router.** ---- +> **If you encounter this kind of problem, please see "How to restore my network" at the end of this document.** -Developers infos ----------------- +### How to configure Pi-hole -Please do your pull request to the [testing branch](https://github.com/YunoHost-Apps/pihole_ynh/tree/testing). +There're two ways to configure Pi-hole to be used as your DHCP server. +- Either you can choose to use it when you install the app. +- Or you can activate the DHCP server afterwards in the "Settings" tab, "Pi-hole DHCP Server" part. +In this second case, it can be better to set the ip of the server to a static address -To try the testing branch, please do the following: +### How to configure my router + +Your personal router or ISP's router has a DHCP server enabled by default. +If you keep this DHCP, along with Pi-hole's one, you will have transparent conflicts between them. +The first DHCP to respond will distribute its own ip and settings. +So you have to turn off the DHCP of your router to let Pi-hole managed your network. + +#### Why should I use only the DHCP of Pi-hole ? + +By using the DHCP of Pi-hole, you allow Pi-hole to give at each of your client its dns configuration. This way every requests will be filtered by Pi-hole. + +Another use case of using Pi-hole's DHCP is if you have hairpinning problems (You can't connect to your server because its IP is your public IP, and your router doesn't allow that). +In this case, using Pi-hole's dns will allow you to connect to your server by its local address instead of its public one. + +### How to restore my network + +> Oh crap ! +Your Pi-hole server is down, and you don't have a DHCP anymore. +Don't panic, We'll get through it. \o/ + +Use your favorite terminal on your desktop computer. +And first, get your main interface (usually `eth0`). +``` bash +sudo ifconfig +``` + +Then, set your ip as a static ip. +``` bash +sudo ifconfig eth0 192.168.1.100 +``` + +Now, you can connect to your router and turn on its DHCP server to use it again. +You can now reset your ip and get a dynamic address. +``` bash +sudo ifconfig eth0 0.0.0.0 && sudo dhclient eth0 +``` + +> Don't forget to turn off the DHCP of your router if your server is working again. +## Documentation and resources + +* Official app website: https://pi-hole.net/ +* Official admin documentation: https://docs.pi-hole.net +* Upstream app code repository: https://github.com/pi-hole/pi-hole/ +* YunoHost documentation for this app: https://yunohost.org/app_pihole +* Report a bug: https://github.com/YunoHost-Apps/pihole_ynh/issues + +## Developer info + +Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/pihole_ynh/tree/testing). + +To try the testing branch, please proceed like that. ``` sudo yunohost app install https://github.com/YunoHost-Apps/pihole_ynh/tree/testing --debug or sudo yunohost app upgrade pihole -u https://github.com/YunoHost-Apps/pihole_ynh/tree/testing --debug ``` + +**More info regarding app packaging:** https://yunohost.org/packaging_apps \ No newline at end of file diff --git a/README_fr.md b/README_fr.md index f7838b9..e59c023 100644 --- a/README_fr.md +++ b/README_fr.md @@ -1,73 +1,110 @@ # Pi-hole pour YunoHost [![Niveau d'intégration](https://dash.yunohost.org/integration/pihole.svg)](https://dash.yunohost.org/appci/app/pihole) ![](https://ci-apps.yunohost.org/ci/badges/pihole.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/pihole.maintain.svg) -[![Installer Pi-hole avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=pihole) +[![Installer Pi-hole avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=pihole) *[Read this readme in english.](./README.md)* +*[Lire ce readme en français.](./README_fr.md)* -> *Ce package vous permet d'installer Pi-hole rapidement et simplement sur un serveur YunoHost. -Si vous n'avez pas YunoHost, merci de regarder [ici](https://yunohost.org/#/install_fr) pour savoir comment l'installer et en profiter.* +> *Ce package vous permet d'installer Pi-hole rapidement et simplement sur un serveur YunoHost. +Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.* -## Résumé -Blocage des publicités sur l'ensemble du réseau via votre propre matériel Linux +## Vue d'ensemble + +Filtrage publicitaire via votre propre serveur DNS + +**Version incluse :** 5.3.1~ynh1 -**Version embarquée:** 3.3.1 ## Captures d'écran -![](https://i0.wp.com/pi-hole.net/wp-content/uploads/2016/12/dashboard212.png) +![](./doc/screenshots/dashboard.png) -## Démo - -Aucune démo pour cette application. +## Avertissements / informations importantes ## Configuration Utiliser le panneau d'administration de votre Pi-hole pour configurer cette application. Vous devrez peut-être aussi suivre le [guide de post-installation] (https://docs.pi-hole.net/main/post-install/) pour configurer Pi-hole en tant que *serveur DNS* ou *serveur DHCP*. -## Documentation - -* Documentation officielle: https://docs.pi-hole.net/ -* Pi-hole en tant que serveur DHCP: [dhcp.md](./dhcp.md) -* Documentation YunoHost: Il n'y a pas d'autre documentation, n'hésitez pas à contribuer. - -## Fonctionnalités spécifiques à YunoHost - -* Accès privé au panneau d'administration. - -#### Support multi-utilisateurs - -#### Architectures supportées. - -* x86-64b - [![](https://ci-apps.yunohost.org/ci/logs/pihole%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/pihole/) -* ARMv8-A - [![](https://ci-apps-arm.yunohost.org/ci/logs/pihole%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/pihole/) -* Jessie x86-64b - [![](https://ci-stretch.nohost.me/ci/logs/pihole%20%28Apps%29.svg)](https://ci-stretch.nohost.me/ci/apps/pihole/) - ## Limitations * Activer DHCP avec Pi-hole nécessite une configuration manuelle de votre routeur. * Pi-Hole ne peut pas être mis à jour au-delà de la version 3.3.1, car les versions supérieures utilisent une version intégrée de dnsmasq. Ce qui oblige a désactiver la version de dnsmasq utilisée par YunoHost. -## Informations additionnelles -## Liens +Faire de Pi-hole votre serveur DHCP +================== - * Reporter un bug: https://github.com/YunoHost-Apps/pihole_ynh/issues - * Site de Pi-hole: https://pi-hole.net/ - * Dépôt de Pi-hole: https://github.com/pi-hole/pi-hole/ - * Site de YunoHost: https://yunohost.org/ +> **Attention, vous devez savoir que toucher à votre DHCP pourrait casser votre réseau. +Dans le cas où votre serveur serait inaccessible, vous perdriez votre résolution dns et votre adresse IP. +Ainsi, vous perdriez toute connexion à internet et même la connexion à votre routeur.** ---- +> **Si vous rencontrez ce genre de problèmes, merci de lire la section "Comment restaurer mon réseau" à la fin de ce document.** -Informations à l'intention des développeurs ----------------- +### Comment configurer Pi-hole + +Il y a 2 manière de configurer Pi-hole pour qu'il soit utilisé comme votre serveur DHCP. +- Soit vous pouvez choisir de l'utiliser lorsque vous installez l'application. +- Soit vous pouvez activer le serveur DHCP par la suite dans l'onglet "Settings", partie "Pi-hole DHCP Server". +Dans ce second cas, il peut être préférable de forcer l'ip du serveur à une adresse statique. + +### Comment configurer mon routeur + +Votre routeur ou celui de votre FAI dispose d'un serveur DHCP activé par défaut. +Si vous gardez ce DHCP, en même temps que celui de Pi-hole, vous allez avoir des conflits transparents entre eux. +Le premier serveur DHCP à répondre va distribuer ses propres ip et paramètres. +Donc vous devez éteindre le serveur DHCP de votre routeur et laisser Pi-hole gérer votre réseau. + +#### Pourquoi je devrais utiliser le DHCP de Pi-hole ? + +En utilisant le DHCP de Pi-hole, vous lui permettez de donner sa configuration dns à chacun de vos clients. De cette manière, chaque requête sera filtrée par Pi-hole. + +Un autre cas d'usage du DHCP de Pi-hole est le cas où vous rencontrez des problèmes de hairpinning (Vous ne pouvez pas vous connecter à votre serveur parce que son ip est votre ip publique, et votre routeur n'autorise pas cela). +Dans ce cas, utilisez le dns de Pi-hole va vous permettre de vous connecter à votre serveur par son adresse locale plutôt que son adresse publique. + +### Comment restaurer mon réseau + +> Oups ! +Votre serveur Pi-hole est tombé, et vous n'avez plus de DHCP. +Ne paniquez pas, on va surmonter ça \o/ + +Utilisez votre terminal favori sur votre ordinateur de bureau. +Et tout d'abord, récupérer votre interface réseau (Le plus souvent `eth0`). +``` bash +sudo ifconfig +``` + +Ensuite, changer votre ip pour une ip statique. +``` bash +sudo ifconfig eth0 192.168.1.100 +``` + +Maintenant, vous pouvez vous connecter à votre routeur et rallumer son serveur DHCP pour l'utiliser à nouveau. +Vous pouvez maintenant retirer votre ip statique et réobtenir une ip dynamique. +``` bash +sudo ifconfig eth0 0.0.0.0 && sudo dhclient eth0 +``` + +> N'oubliez pas d'éteindre le DHCP de votre routeur si votre serveur fonctionne à nouveau. + +## Documentations et ressources + +* Site officiel de l'app : https://pi-hole.net/ +* Documentation officielle de l'admin : https://docs.pi-hole.net +* Dépôt de code officiel de l'app : https://github.com/pi-hole/pi-hole/ +* Documentation YunoHost pour cette app : https://yunohost.org/app_pihole +* Signaler un bug : https://github.com/YunoHost-Apps/pihole_ynh/issues + +## Informations pour les développeurs Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/pihole_ynh/tree/testing). -Pour tester la branche testing, merci de procéder ainsi. +Pour essayer la branche testing, procédez comme suit. ``` sudo yunohost app install https://github.com/YunoHost-Apps/pihole_ynh/tree/testing --debug ou sudo yunohost app upgrade pihole -u https://github.com/YunoHost-Apps/pihole_ynh/tree/testing --debug ``` + +**Plus d'infos sur le packaging d'applications :** https://yunohost.org/packaging_apps \ No newline at end of file diff --git a/actions.toml b/actions.toml index 5aff36a..fc7f8aa 100644 --- a/actions.toml +++ b/actions.toml @@ -15,3 +15,41 @@ command = "/bin/bash scripts/actions/reset_default_config \"pihole-FTL.conf\"" # accepted_return_codes = [0, 1, 2, 3] # optional accepted_return_codes = [0] description = "Reset the config file pihole-FTL.conf." + +[reset_default_dnsmasq] +name = "Reset the config file and restore a default one." +command = "/bin/bash scripts/actions/reset_default_config \"01-pihole.conf\"" +# user = "root" # optional +# cwd = "/" # optional +# accepted_return_codes = [0, 1, 2, 3] # optional +accepted_return_codes = [0] +description = "Reset the config file dnsmasq.d/01-pihole.conf." + + +[reset_default_nginx] +name = "Reset the nginx config for this app." +command = "/bin/bash scripts/actions/reset_default_system nginx" +# user = "root" # optional +# cwd = "/" # optional +# accepted_return_codes = [0, 1, 2, 3] # optional +accepted_return_codes = [0] +description = "Reset the nginx config for this app." + +[reset_default_phpfpm] +name = "Reset the php-fpm config for this app." +command = "/bin/bash scripts/actions/reset_default_system phpfpm" +# user = "root" # optional +# cwd = "/" # optional +# accepted_return_codes = [0, 1, 2, 3] # optional +accepted_return_codes = [0] +description = "Reset the php-fpm config for this app." + + +[reset_default_app] +name = "Reset the app with a default configuration." +command = "/bin/bash scripts/actions/reset_default_app" +# user = "root" # optional +# cwd = "/" # optional +# accepted_return_codes = [0, 1, 2, 3] # optional +accepted_return_codes = [0] +description = "Reset the app to its default configuration to try to fix potential issues.
This action won't remove any data added to the app.
However, if you have modified any configuration, it will be overwritten." diff --git a/check_process b/check_process index b255fb0..0931364 100644 --- a/check_process +++ b/check_process @@ -1,28 +1,54 @@ -;; Test complet - ; Manifest - domain="domain.tld" (DOMAIN) - path="/path" (PATH) - admin="john" (USER) - query_logging="1" - ; Checks - pkg_linter=1 - setup_sub_dir=1 - setup_root=1 - setup_nourl=0 - setup_private=1 - setup_public=0 - upgrade=1 - upgrade=1 from_commit=d79ec131b3038ff4695c3317b5d3ee4eda9c8932 - backup_restore=1 - multi_instance=0 - port_already_use=1 (4711) - change_url=1 -;;; Levels - Level 5=auto +;; Test version last version + ; Manifest + domain="domain.tld" + path="/path" + admin="john" + query_logging=1 + enable_dhcp=0 + pihole_version="Last available" + ; Config_panel + main.overwrite_files.overwrite_setupvars=0|1 + main.overwrite_files.overwrite_ftl=0|1 + main.overwrite_files.overwrite_nginx=0|1 + main.overwrite_files.overwrite_phpfpm=0|1 + main.global_config.email_type=0|1 + main.php_fpm_config.footprint=low|medium|high + main.php_fpm_config.free_footprint=20 + main.php_fpm_config.usage=low|medium|high + main.php_fpm_config.force_max_children=20|0 + ; Checks + pkg_linter=1 + setup_sub_dir=1 + setup_root=1 + setup_nourl=0 + setup_private=1 + setup_public=0 + upgrade=1 + backup_restore=1 + multi_instance=0 + port_already_use=1 + change_url=1 + actions=1 + config_panel=1 +;; Test version 3 + ; Manifest + domain="domain.tld" + path="/path" + admin="john" + query_logging=1 + enable_dhcp=0 + pihole_version="Last 3.X" + ; Checks + setup_sub_dir=1 + setup_root=1 + upgrade=1 + upgrade=1 from_commit=d79ec131b3038ff4695c3317b5d3ee4eda9c8932 + backup_restore=1 + actions=1 ;;; Options Email= Notification=change ;;; Upgrade options - ; commit=d79ec131b3038ff4695c3317b5d3ee4eda9c8932 - name= Stretch fix - manifest_arg=domain=DOMAIN&path=PATH&admin=USER&query_logging=1& + ; commit=d79ec131b3038ff4695c3317b5d3ee4eda9c8932 + name= Stretch fix + manifest_arg=domain=DOMAIN&path=PATH&admin=USER&query_logging=1& diff --git a/conf/FTL.src b/conf/FTL.src deleted file mode 100644 index 31d1e65..0000000 --- a/conf/FTL.src +++ /dev/null @@ -1,9 +0,0 @@ -SOURCE_URL=https://github.com/pi-hole/FTL/archive/v2.13.2.tar.gz -SOURCE_SUM=07383d2b3de1ef31526b090603e783b3 -SOURCE_SUM_PRG=md5sum -SOURCE_FORMAT=tar.gz -SOURCE_IN_SUBDIR=true -SOURCE_FILENAME= - -# Be carrefull, the version 3.0 isn't compatible with the version of dnsmasq available on Jessie. -# So, we need to stay stick on the version 2.13.2. diff --git a/conf/FTL_3.src b/conf/FTL_3.src new file mode 100644 index 0000000..a9e335c --- /dev/null +++ b/conf/FTL_3.src @@ -0,0 +1,6 @@ +SOURCE_URL=https://github.com/pi-hole/FTL/archive/v3.0.tar.gz +SOURCE_SUM=8c3d55eb3054698172e59ae81b8562ce235d73da461389840da62d90b32f0057 +SOURCE_SUM_PRG=sha256sum +SOURCE_FORMAT=tar.gz +SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= diff --git a/conf/FTL_last.src b/conf/FTL_last.src new file mode 100644 index 0000000..463dd0c --- /dev/null +++ b/conf/FTL_last.src @@ -0,0 +1,6 @@ +SOURCE_URL=https://github.com/pi-hole/FTL/archive/v5.8.1.tar.gz +SOURCE_SUM=6177f775a8d0be703b235741befe90b6192bdc0baab5a6e028019a9af00a44ae +SOURCE_SUM_PRG=sha256sum +SOURCE_FORMAT=tar.gz +SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= diff --git a/conf/adlists.default b/conf/adlists.default new file mode 100644 index 0000000..d1b7ecd --- /dev/null +++ b/conf/adlists.default @@ -0,0 +1,19 @@ +# The below list amalgamates several lists we used previously. +# See `https://github.com/StevenBlack/hosts` for details +##StevenBlack's list +https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts + +##MalwareDomains +https://mirror1.malwaredomains.com/files/justdomains + +##Cameleon +http://sysctl.org/cameleon/hosts + +##Disconnect.me Tracking +https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt + +##Disconnect.me Ads +https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt + +##Hosts-file.net +https://hosts-file.net/ad_servers.txt diff --git a/conf/admin_dashboard.src b/conf/admin_dashboard_3.src similarity index 55% rename from conf/admin_dashboard.src rename to conf/admin_dashboard_3.src index 410936c..8f65ffe 100644 --- a/conf/admin_dashboard.src +++ b/conf/admin_dashboard_3.src @@ -1,6 +1,6 @@ SOURCE_URL=https://github.com/pi-hole/AdminLTE/archive/v3.3.tar.gz -SOURCE_SUM=23368537fa576480e45f625b5e1a7cd7 -SOURCE_SUM_PRG=md5sum +SOURCE_SUM=caba2129fe8753b0c7aaf611b7c7b2146ff1ac56d5ac58987053b1553d09c49f +SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true SOURCE_FILENAME= diff --git a/conf/admin_dashboard_last.src b/conf/admin_dashboard_last.src new file mode 100644 index 0000000..0e3c61c --- /dev/null +++ b/conf/admin_dashboard_last.src @@ -0,0 +1,6 @@ +SOURCE_URL=https://github.com/pi-hole/AdminLTE/archive/v5.5.tar.gz +SOURCE_SUM=39340eeb115732db7cf96166dfa9c7240afb0843b4f49defc42e704b751cf278 +SOURCE_SUM_PRG=sha256sum +SOURCE_FORMAT=tar.gz +SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= diff --git a/conf/app.src b/conf/app_3.src similarity index 55% rename from conf/app.src rename to conf/app_3.src index 74230e9..ac08837 100644 --- a/conf/app.src +++ b/conf/app_3.src @@ -1,6 +1,6 @@ SOURCE_URL=https://github.com/pi-hole/pi-hole/archive/v3.3.1.tar.gz -SOURCE_SUM=ea4f64bdf88620f59a1b01c19253e4e3 -SOURCE_SUM_PRG=md5sum +SOURCE_SUM=6a80e4b6b38fc65df83459fe52f3a61623763709a077645f25ac9e29247e6d6d +SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true SOURCE_FILENAME= diff --git a/conf/app_last.src b/conf/app_last.src new file mode 100644 index 0000000..efeaefa --- /dev/null +++ b/conf/app_last.src @@ -0,0 +1,6 @@ +SOURCE_URL=https://github.com/pi-hole/pi-hole/archive/v5.3.1.tar.gz +SOURCE_SUM=19c856584f180b2ed5b3d0500cd3567f00e37fa9c493282bc119be8276cdddd9 +SOURCE_SUM_PRG=sha256sum +SOURCE_FORMAT=tar.gz +SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= diff --git a/conf/dns-servers.conf b/conf/dns-servers.conf new file mode 100644 index 0000000..cbe97e3 --- /dev/null +++ b/conf/dns-servers.conf @@ -0,0 +1,10 @@ +(FR) FDN;80.67.169.12;80.67.169.40;2001:910:800::12;2001:910:800::40 +(FR) LDN;80.67.188.188;2001:913::8 +(FR) ARN;89.234.141.66;2a00:5881:8100:1000::3 +(FR) Aquilenet;185.233.100.100;185.233.100.101;2a0c:e300::100;2a0c:e300::101 +(FR) gozmail / grifon;80.67.190.200;80.67.190.200;2a00:5884:8218::1;2a00:5884:8218::1 +(DE) FoeBud / Digital Courage;85.214.20.141;85.214.20.141 +(DE) CCC Berlin;195.160.173.53;195.160.173.53 +(DE) AS250;194.150.168.168;194.150.168.168;2001:4ce8::53;2001:4ce8::53 +(DE) Ideal-Hosting;84.200.69.80;84.200.70.40;2001:1608:10:25::1c04:b12f;2001:1608:10:25::9249:d69b +(DK) censurfridns;91.239.100.100;89.233.43.71;2001:67c:28a4::;2a01:3a0:53:53:: diff --git a/conf/dnsmasq_regenconf_hook b/conf/dnsmasq_regenconf_hook index 0212f09..0e4c2ef 100755 --- a/conf/dnsmasq_regenconf_hook +++ b/conf/dnsmasq_regenconf_hook @@ -7,47 +7,47 @@ pending_conf=$4 # Path of the pending conf file temp_dir=/tmp/pi-hole.bck do_pre_regen() { - if [ $dryrun -eq 0 ] - then - # Créer une sauvegarde des config dnsmasq de pi-hole. Que la regen-conf va sauvagement supprimer - mkdir $temp_dir - cp -a "/etc/dnsmasq.d/01-pihole.conf" "$temp_dir" - test -e "/etc/dnsmasq.d/02-pihole-dhcp.conf" && cp -a "/etc/dnsmasq.d/02-pihole-dhcp.conf" "$temp_dir" - test -e "/etc/dnsmasq.d/03-pihole-wildcard.conf" && cp -a "/etc/dnsmasq.d/03-pihole-wildcard.conf" "$temp_dir" + if [ $dryrun -eq 0 ] + then + # Créer une sauvegarde des config dnsmasq de pi-hole. Que la regen-conf va sauvagement supprimer + mkdir $temp_dir + cp -a "/etc/dnsmasq.d/01-pihole.conf" "$temp_dir" + test -e "/etc/dnsmasq.d/02-pihole-dhcp.conf" && cp -a "/etc/dnsmasq.d/02-pihole-dhcp.conf" "$temp_dir" + test -e "/etc/dnsmasq.d/03-pihole-wildcard.conf" && cp -a "/etc/dnsmasq.d/03-pihole-wildcard.conf" "$temp_dir" - # Décommente le cache-size de la config par défaut - sed --in-place "s/^#pihole# cache-size=/cache-size=/g" /etc/dnsmasq.conf - # Et commente celui de pi-hole - sed --in-place "s/^cache-size=/#cache-size=/g" /etc/dnsmasq.d/01-pihole.conf - fi + # Décommente le cache-size de la config par défaut + sed --in-place "s/^#pihole# cache-size=/cache-size=/g" /etc/dnsmasq.conf + # Et commente celui de pi-hole + sed --in-place "s/^cache-size=/#cache-size=/g" /etc/dnsmasq.d/01-pihole.conf + fi } do_post_regen() { - # Restaure la config dnsmasq de pi-hole - cp -a "$temp_dir/01-pihole.conf" "/etc/dnsmasq.d/" - test -e "$temp_dir/02-pihole-dhcp.conf" && cp -a "$temp_dir/02-pihole-dhcp.conf" "/etc/dnsmasq.d/" - test -e "$temp_dir/03-pihole-wildcard.conf" && cp -a "$temp_dir/03-pihole-wildcard.conf" "/etc/dnsmasq.d/" - # Supprime le dossier temporaire - test -n $temp_dir && rm -r $temp_dir + # Restaure la config dnsmasq de pi-hole + cp -a "$temp_dir/01-pihole.conf" "/etc/dnsmasq.d/" + test -e "$temp_dir/02-pihole-dhcp.conf" && cp -a "$temp_dir/02-pihole-dhcp.conf" "/etc/dnsmasq.d/" + test -e "$temp_dir/03-pihole-wildcard.conf" && cp -a "$temp_dir/03-pihole-wildcard.conf" "/etc/dnsmasq.d/" + # Supprime le dossier temporaire + test -n $temp_dir && rm -r $temp_dir - # Commente le cache-size de la config par défaut - sed --in-place "s/^cache-size=/#pihole# cache-size=/g" /etc/dnsmasq.conf + # Commente le cache-size de la config par défaut + sed --in-place "s/^cache-size=/#pihole# cache-size=/g" /etc/dnsmasq.conf - # Reload dnsmasq - systemctl reload dnsmasq + # Reload dnsmasq + systemctl reload dnsmasq } case "$1" in - pre) - do_pre_regen - ;; - post) - do_post_regen - ;; - *) - echo "Hook called with unknown argument \`$1'" >&2 - exit 1 - ;; + pre) + do_pre_regen + ;; + post) + do_post_regen + ;; + *) + echo "Hook called with unknown argument \`$1'" >&2 + exit 1 + ;; esac exit 0 diff --git a/conf/nginx.conf b/conf/nginx.conf index 166d57b..647da87 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -14,7 +14,7 @@ location __PATH__/ { try_files $uri $uri/ index.php; location ~ [^/]\.php(/|$) { fastcgi_split_path_info ^(.+?\.php)(/.*)$; - fastcgi_pass unix:/var/run/php/php7.0-fpm-__NAME__.sock; + fastcgi_pass unix:/var/run/php/php7.3-fpm-__NAME__.sock; fastcgi_index index.php; include fastcgi_params; fastcgi_param REMOTE_USER $remote_user; diff --git a/conf/pihole-FTL.conf b/conf/pihole-FTL.conf index b9b8dca..473ca7f 100644 --- a/conf/pihole-FTL.conf +++ b/conf/pihole-FTL.conf @@ -1,31 +1,34 @@ -# Listen only for local socket connections or permit all connections -# localonly|all +; Listen only for local socket connections or permit all connections +; localonly|all SOCKET_LISTENING=localonly -# Display all queries? Set to no to hide query display -# yes|no +; On which port should FTL be listening? +FTLPORT=__PORT__ + +; Display all queries? Set to no to hide query display +; yes|no QUERY_DISPLAY=yes -# Allow FTL to analyze AAAA queries from pihole.log? -# yes|no +; Allow FTL to analyze AAAA queries from pihole.log? +; yes|no AAAA_QUERY_ANALYSIS=yes -# How long should queries be stored in the database? Setting this to 0 disables the database altogether +; How long should queries be stored in the database? Setting this to 0 disables the database altogether MAXDBDAYS=365 -# Should FTL try to resolve IPv6 addresses to host names? -# yes|no +; Should FTL try to resolve IPv6 addresses to host names? +; yes|no RESOLVE_IPV6=yes -# Should FTL try to resolve IPv4 addresses to host names? -# yes|no +; Should FTL try to resolve IPv4 addresses to host names? +; yes|no RESOLVE_IPV4=yes -# How often do we store queries in FTL's database [minutes]? +; How often do we store queries in FTL's database [minutes]? DBINTERVAL=1.0 -# Specify path and filename of FTL's SQLite long-term database. Setting this to DBFILE= disables the database altogether +; Specify path and filename of FTL's SQLite long-term database. Setting this to DBFILE= disables the database altogether DBFILE=/etc/pihole/pihole-FTL.db -# Up to how many hours of queries should be imported from the database and logs? Maximum is 744 (31 days) +; Up to how many hours of queries should be imported from the database and logs? Maximum is 744 (31 days) MAXLOGAGE=24.0 diff --git a/config_panel.toml b/config_panel.toml index 338ee26..d8518a1 100644 --- a/config_panel.toml +++ b/config_panel.toml @@ -8,25 +8,25 @@ name = "PiHole configuration" name = "Overwriting config files" [main.overwrite_files.overwrite_setupvars] - ask = "Overwrite the config file setupVars.conf ?" + ask = "Overwrite the config file setupVars.conf?" type = "boolean" default = true help = "If the file is overwritten, a backup will be created." [main.overwrite_files.overwrite_ftl] - ask = "Overwrite the config file pihole-FTL.conf ?" + ask = "Overwrite the config file pihole-FTL.conf?" type = "boolean" default = true help = "If the file is overwritten, a backup will be created." [main.overwrite_files.overwrite_nginx] - ask = "Overwrite the nginx config file ?" + ask = "Overwrite the nginx config file?" type = "boolean" default = true help = "If the file is overwritten, a backup will be created." [main.overwrite_files.overwrite_phpfpm] - ask = "Overwrite the php-fpm config file ?" + ask = "Overwrite the php-fpm config file?" type = "boolean" default = true help = "If the file is overwritten, a backup will be created." @@ -36,7 +36,7 @@ name = "PiHole configuration" name = "Global configuration" [main.global_config.email_type] - ask = "Send HTML email to admin ?" + ask = "Send HTML email to admin?" type = "boolean" default = true help = "Allow app scripts to send HTML mails instead of plain text." @@ -46,19 +46,25 @@ name = "PiHole configuration" name = "PHP-FPM configuration" [main.php_fpm_config.footprint] - ask = "Memory footprint of the service ?" + ask = "Memory footprint of the service?" choices = ["low", "medium", "high", "specific"] default = "low" help = "low <= 20Mb per pool. medium between 20Mb and 40Mb per pool. high > 40Mb per pool.
Use specific to set a value with the following option." [main.php_fpm_config.free_footprint] - ask = "Memory footprint of the service ?" + ask = "Memory footprint of the service?" type = "number" default = "0" help = "Free field to specify exactly the footprint in Mb if you don't want to use one of the three previous values." [main.php_fpm_config.usage] - ask = "Expected usage of the service ?" + ask = "Expected usage of the service?" choices = ["low", "medium", "high"] default = "low" help = "low: Personal usage, behind the sso. No RAM footprint when not used, but the impact on the processor can be high if many users are using the service.
medium: Low usage, few people or/and publicly accessible. Low RAM footprint, medium processor footprint when used.
high: High usage, frequently visited website. High RAM footprint, but lower on processor usage and quickly responding." + + [main.php_fpm_config.force_max_children] + ask = "Force the value of pm.max_children?" + type = "number" + default = "0" + help = "Do not change this value unless you're sure about what you're doing !
pm.max_children is automatically defined by this formula: $max_ram / 2 / $footprint
You can force that value, and ignore the formula by changing the value here.
To reset to the default value, set to 0." diff --git a/doc/.DS_Store b/doc/.DS_Store new file mode 100644 index 0000000..fc7b8a4 Binary files /dev/null and b/doc/.DS_Store differ diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md new file mode 100644 index 0000000..96e7479 --- /dev/null +++ b/doc/DISCLAIMER.md @@ -0,0 +1,64 @@ +## Configuration + +Use the admin panel of your Pi-hole to configure this app. You may also need to follow the [post-install guide](https://docs.pi-hole.net/main/post-install/) to setup Pi-hole either as a *DNS server* or a *DHCP server*. + +## Limitations + +* Activate DHCP with Pi-hole needs manual configuration of your router. +* Pi-Hole can't be updated beyond version 3.3.1, because higher versions use an integrated version of dnsmasq. This would require disabling the version of dnsmasq used by YunoHost. + + +Using Pi-hole as your DHCP server +================== + +> **Be careful, you should considering that playing with your DHCP may break your network. +In case your server is down, you will lose your dns resolution and ip address. +So, you will lose any internet connection and even the connection to your router.** + +> **If you encounter this kind of problem, please see "How to restore my network" at the end of this document.** + +### How to configure Pi-hole + +There're two ways to configure Pi-hole to be used as your DHCP server. +- Either you can choose to use it when you install the app. +- Or you can activate the DHCP server afterwards in the "Settings" tab, "Pi-hole DHCP Server" part. +In this second case, it can be better to set the ip of the server to a static address + +### How to configure my router + +Your personal router or ISP's router has a DHCP server enabled by default. +If you keep this DHCP, along with Pi-hole's one, you will have transparent conflicts between them. +The first DHCP to respond will distribute its own ip and settings. +So you have to turn off the DHCP of your router to let Pi-hole managed your network. + +#### Why should I use only the DHCP of Pi-hole ? + +By using the DHCP of Pi-hole, you allow Pi-hole to give at each of your client its dns configuration. This way every requests will be filtered by Pi-hole. + +Another use case of using Pi-hole's DHCP is if you have hairpinning problems (You can't connect to your server because its IP is your public IP, and your router doesn't allow that). +In this case, using Pi-hole's dns will allow you to connect to your server by its local address instead of its public one. + +### How to restore my network + +> Oh crap ! +Your Pi-hole server is down, and you don't have a DHCP anymore. +Don't panic, We'll get through it. \o/ + +Use your favorite terminal on your desktop computer. +And first, get your main interface (usually `eth0`). +``` bash +sudo ifconfig +``` + +Then, set your ip as a static ip. +``` bash +sudo ifconfig eth0 192.168.1.100 +``` + +Now, you can connect to your router and turn on its DHCP server to use it again. +You can now reset your ip and get a dynamic address. +``` bash +sudo ifconfig eth0 0.0.0.0 && sudo dhclient eth0 +``` + +> Don't forget to turn off the DHCP of your router if your server is working again. \ No newline at end of file diff --git a/doc/DISCLAIMER_fr.md b/doc/DISCLAIMER_fr.md new file mode 100644 index 0000000..f076dca --- /dev/null +++ b/doc/DISCLAIMER_fr.md @@ -0,0 +1,64 @@ +## Configuration + +Utiliser le panneau d'administration de votre Pi-hole pour configurer cette application. Vous devrez peut-être aussi suivre le [guide de post-installation] (https://docs.pi-hole.net/main/post-install/) pour configurer Pi-hole en tant que *serveur DNS* ou *serveur DHCP*. + +## Limitations + +* Activer DHCP avec Pi-hole nécessite une configuration manuelle de votre routeur. +* Pi-Hole ne peut pas être mis à jour au-delà de la version 3.3.1, car les versions supérieures utilisent une version intégrée de dnsmasq. Ce qui oblige a désactiver la version de dnsmasq utilisée par YunoHost. + + +Faire de Pi-hole votre serveur DHCP +================== + +> **Attention, vous devez savoir que toucher à votre DHCP pourrait casser votre réseau. +Dans le cas où votre serveur serait inaccessible, vous perdriez votre résolution dns et votre adresse IP. +Ainsi, vous perdriez toute connexion à internet et même la connexion à votre routeur.** + +> **Si vous rencontrez ce genre de problèmes, merci de lire la section "Comment restaurer mon réseau" à la fin de ce document.** + +### Comment configurer Pi-hole + +Il y a 2 manière de configurer Pi-hole pour qu'il soit utilisé comme votre serveur DHCP. +- Soit vous pouvez choisir de l'utiliser lorsque vous installez l'application. +- Soit vous pouvez activer le serveur DHCP par la suite dans l'onglet "Settings", partie "Pi-hole DHCP Server". +Dans ce second cas, il peut être préférable de forcer l'ip du serveur à une adresse statique. + +### Comment configurer mon routeur + +Votre routeur ou celui de votre FAI dispose d'un serveur DHCP activé par défaut. +Si vous gardez ce DHCP, en même temps que celui de Pi-hole, vous allez avoir des conflits transparents entre eux. +Le premier serveur DHCP à répondre va distribuer ses propres ip et paramètres. +Donc vous devez éteindre le serveur DHCP de votre routeur et laisser Pi-hole gérer votre réseau. + +#### Pourquoi je devrais utiliser le DHCP de Pi-hole ? + +En utilisant le DHCP de Pi-hole, vous lui permettez de donner sa configuration dns à chacun de vos clients. De cette manière, chaque requête sera filtrée par Pi-hole. + +Un autre cas d'usage du DHCP de Pi-hole est le cas où vous rencontrez des problèmes de hairpinning (Vous ne pouvez pas vous connecter à votre serveur parce que son ip est votre ip publique, et votre routeur n'autorise pas cela). +Dans ce cas, utilisez le dns de Pi-hole va vous permettre de vous connecter à votre serveur par son adresse locale plutôt que son adresse publique. + +### Comment restaurer mon réseau + +> Oups ! +Votre serveur Pi-hole est tombé, et vous n'avez plus de DHCP. +Ne paniquez pas, on va surmonter ça \o/ + +Utilisez votre terminal favori sur votre ordinateur de bureau. +Et tout d'abord, récupérer votre interface réseau (Le plus souvent `eth0`). +``` bash +sudo ifconfig +``` + +Ensuite, changer votre ip pour une ip statique. +``` bash +sudo ifconfig eth0 192.168.1.100 +``` + +Maintenant, vous pouvez vous connecter à votre routeur et rallumer son serveur DHCP pour l'utiliser à nouveau. +Vous pouvez maintenant retirer votre ip statique et réobtenir une ip dynamique. +``` bash +sudo ifconfig eth0 0.0.0.0 && sudo dhclient eth0 +``` + +> N'oubliez pas d'éteindre le DHCP de votre routeur si votre serveur fonctionne à nouveau. diff --git a/doc/screenshots/dashboard.png b/doc/screenshots/dashboard.png new file mode 100644 index 0000000..f12fdbc Binary files /dev/null and b/doc/screenshots/dashboard.png differ diff --git a/manifest.json b/manifest.json index 158e11a..3e07f5d 100644 --- a/manifest.json +++ b/manifest.json @@ -1,86 +1,94 @@ { - "name": "Pi-hole", - "id": "pihole", - "packaging_format": 1, - "description": { - "en": "Network-wide ad blocking via your own DNS server.", - "fr": "Filtrage publicitaire sur l'ensemble du réseau via votre propre serveur DNS." - }, - "version": "3.3.1~ynh6", - "url": "https://pi-hole.net/", - "license": "EUPL-1.2", - "maintainer": { - "name": "", - "email": "" - }, - "previous_maintainers": [{ - "name": "Maniack Crudelis", - "email": "maniackc_dev@crudelis.fr" - }], - "requirements": { - "yunohost": ">= 3.6" - }, - "multi_instance": false, - "services": [ - "nginx", - "php7.0-fpm" - ], - "arguments": { - "install" : [ - { - "name": "domain", - "type": "domain", - "ask": { - "en": "Choose a domain for the admin interface of Pi-hole", - "fr": "Choisissez un domaine pour l'interface admin de Pi-hole" - }, - "example": "domain.org" - }, - { - "name": "path", - "type": "path", - "ask": { - "en": "Choose a path for the admin interface of Pi-hole", - "fr": "Choisissez un chemin pour l'interface admin de Pi-hole" - }, - "example": "/pihole", - "default": "/pihole" - }, - { - "name": "admin", - "type": "user", - "ask": { - "en": "Choose the Pi-hole administrator (must be an existing YunoHost user)", - "fr": "Administrateur de Pi-hole (doit être un utilisateur YunoHost existant)" - }, - "example": "john" - }, - { - "name": "query_logging", - "type": "boolean", - "ask": { - "en": "Do you want to log queries ?", - "fr": "Voulez-vous enregistrer les requêtes dns ?" - }, - "help": { - "en": "Keeping this option deactivate will render graphs on the admin page useless. But will respect the privacy of the other users.", - "fr": "Garder cette option désactivée rendra les graphiques sur la page d'administration inutiles. Mais respectera la vie privée des autres utilisateurs." - }, - "default": false - }, - { - "name": "enable_dhcp", - "type": "boolean", - "ask": { - "en": "Do you want to set Pi-hole as your DHCP server ?", - "fr": "Voulez-vous utiliser Pi-hole an tant que serveur DHCP ?" - }, - "help": { - "en": "If you want to do that, you really have to read this before !", - "fr": "Si vous voulez faire ça, vous devez vraiment lire cela avant !" - }, - "default": false - } - ] - } + "name": "Pi-hole", + "id": "pihole", + "packaging_format": 1, + "description": { + "en": "Network-wide ad blocking via your own DNS server", + "fr": "Filtrage publicitaire via votre propre serveur DNS" + }, + "version": "5.3.1~ynh1", + "url": "https://pi-hole.net/", + "upstream": { + "license": "EUPL-1.2", + "website": "https://pi-hole.net/", + "admindoc": "https://docs.pi-hole.net", + "code": "https://github.com/pi-hole/pi-hole/" + }, + "license": "EUPL-1.2", + "maintainer": { + "name": "", + "email": "" + }, + "previous_maintainers": [{ + "name": "Maniack Crudelis", + "email": "maniackc_dev@crudelis.fr" + }], + "requirements": { + "yunohost": ">= 4.2.7" + }, + "multi_instance": false, + "services": [ + "nginx", + "php7.3-fpm" + ], + "arguments": { + "install" : [ + { + "name": "domain", + "type": "domain", + "example": "domain.org" + }, + { + "name": "path", + "type": "path", + "example": "/pihole", + "default": "/pihole" + }, + { + "name": "admin", + "type": "user", + "example": "john" + }, + { + "name": "query_logging", + "type": "boolean", + "ask": { + "en": "Do you want to log DNS queries?", + "fr": "Voulez-vous enregistrer les requêtes DNS ?" + }, + "help": { + "en": "Keeping this option deactivate will render graphs on the admin page useless. But will respect the privacy of the other users.", + "fr": "Garder cette option désactivée rendra les graphiques sur la page d'administration inutiles. Mais respectera la vie privée des autres utilisateurs." + }, + "default": false + }, + { + "name": "enable_dhcp", + "type": "boolean", + "ask": { + "en": "Do you want to set Pi-Hole as your DHCP server?", + "fr": "Voulez-vous utiliser Pi-Hole an tant que serveur DHCP ?" + }, + "help": { + "en": "If you want to do that, you really have to read this before!", + "fr": "Si vous voulez faire ça, vous devez vraiment lire cela avant !" + }, + "default": false + }, + { + "name": "pihole_version", + "type": "string", + "ask": { + "en": "Which version of Pi-Hole do you want to install?", + "fr": "Quelle version de Pi-Hole voulez-vous installer ?" + }, + "help": { + "en": "The last 3.X version is the last version available with the Debian version of dnsmasq. The last available version will replace the Debian version of dnsmasq by FTLDNS.
See the readme for more information.", + "fr": "La dernière version 3.X est la dernière version disponible avec la version Debian de dnsmasq. La dernière version disponible remplacera la version Debian de dnsmasq par FTLDNS.
Voir le readme pour plus d'informations." + }, + "choices": ["Last 3.X","Last available"], + "default": "Last 3.X" + } + ] + } } diff --git a/scripts/_common.sh b/scripts/_common.sh index 3770c0f..8d3534c 100755 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -1,125 +1,9 @@ #!/bin/bash -#================================================= -# PERSONAL HELPERS -#================================================= - -#================================================= -# BACKUP -#================================================= - -HUMAN_SIZE () { # Transforme une taille en Ko en une taille lisible pour un humain - human=$(numfmt --to=iec --from-unit=1K $1) - echo $human -} - -CHECK_SIZE () { # Vérifie avant chaque backup que l'espace est suffisant - file_to_analyse=$1 - backup_size=$(du --summarize "$file_to_analyse" | cut -f1) - free_space=$(df --output=avail "/home/yunohost.backup" | sed 1d) - - if [ $free_space -le $backup_size ] - then - ynh_print_err "Espace insuffisant pour sauvegarder $file_to_analyse." - ynh_print_err "Espace disponible: $(HUMAN_SIZE $free_space)" - ynh_die "Espace nécessaire: $(HUMAN_SIZE $backup_size)" - fi -} - -#================================================= -# PACKAGE CHECK BYPASSING... -#================================================= - -IS_PACKAGE_CHECK () { - if [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ] - then - return 0 - else - return 1 - fi -} - #================================================= # FUTUR OFFICIAL HELPERS #================================================= -# Install or update the main directory yunohost.multimedia -# -# usage: ynh_multimedia_build_main_dir -ynh_multimedia_build_main_dir () { - local ynh_media_release="v1.2" - local checksum="806a827ba1902d6911095602a9221181" - - # Download yunohost.multimedia scripts - wget -nv https://github.com/YunoHost-Apps/yunohost.multimedia/archive/${ynh_media_release}.tar.gz - - # Check the control sum - echo "${checksum} ${ynh_media_release}.tar.gz" | md5sum -c --status \ - || ynh_die "Corrupt source" - - # Check if the package acl is installed. Or install it. - ynh_package_is_installed 'acl' \ - || ynh_package_install acl - - # Extract - mkdir yunohost.multimedia-master - tar -xf ${ynh_media_release}.tar.gz -C yunohost.multimedia-master --strip-components 1 - ./yunohost.multimedia-master/script/ynh_media_build.sh -} - -# Add a directory in yunohost.multimedia -# This "directory" will be a symbolic link to a existing directory. -# -# usage: ynh_multimedia_addfolder "Source directory" "Destination directory" -# -# | arg: -s, --source_dir= - Source directory - The real directory which contains your medias. -# | arg: -d, --dest_dir= - Destination directory - The name and the place of the symbolic link, relative to "/home/yunohost.multimedia" -ynh_multimedia_addfolder () { - # Declare an array to define the options of this helper. - declare -Ar args_array=( [s]=source_dir= [d]=dest_dir= ) - local source_dir - local dest_dir - # Manage arguments with getopts - ynh_handle_getopts_args "$@" - - ./yunohost.multimedia-master/script/ynh_media_addfolder.sh --source="$source_dir" --dest="$dest_dir" -} - -# Move a directory in yunohost.multimedia, and replace by a symbolic link -# -# usage: ynh_multimedia_movefolder "Source directory" "Destination directory" -# -# | arg: -s, --source_dir= - Source directory - The real directory which contains your medias. -# It will be moved to "Destination directory" -# A symbolic link will replace it. -# | arg: -d, --dest_dir= - Destination directory - The new name and place of the directory, relative to "/home/yunohost.multimedia" -ynh_multimedia_movefolder () { - # Declare an array to define the options of this helper. - declare -Ar args_array=( [s]=source_dir= [d]=dest_dir= ) - local source_dir - local dest_dir - # Manage arguments with getopts - ynh_handle_getopts_args "$@" - - ./yunohost.multimedia-master/script/ynh_media_addfolder.sh --inv --source="$source_dir" --dest="$dest_dir" -} - -# Allow an user to have an write authorisation in multimedia directories -# -# usage: ynh_multimedia_addaccess user_name -# -# | arg: -u, --user_name= - The name of the user which gain this access. -ynh_multimedia_addaccess () { - # Declare an array to define the options of this helper. - declare -Ar args_array=( [u]=user_name=) - local user_name - # Manage arguments with getopts - ynh_handle_getopts_args "$@" - - groupadd -f multimedia - usermod -a -G multimedia $user_name -} - #================================================= # EXPERIMENTAL HELPERS #================================================= @@ -265,30 +149,6 @@ __PRE_TAG1__$(yunohost tools diagnosis | grep -B 100 "services:" | sed '/service #================================================= -ynh_debian_release () { - lsb_release --codename --short -} - -is_stretch () { - if [ "$(ynh_debian_release)" == "stretch" ] - then - return 0 - else - return 1 - fi -} - -is_jessie () { - if [ "$(ynh_debian_release)" == "jessie" ] - then - return 0 - else - return 1 - fi -} - -#================================================= - ynh_maintenance_mode_ON () { # Load value of $path_url and $domain from the config if their not set if [ -z $path_url ]; then @@ -504,247 +364,4 @@ ynh_app_changelog () { then echo "No significative changes from the changelog..." > "${final_changelog}_lite" fi -} - -#================================================= - -# Check the amount of available RAM -# -# usage: ynh_check_ram [--required=RAM required in Mb] [--no_swap|--only_swap] [--free_ram] -# | arg: -r, --required= - Amount of RAM required in Mb. The helper will return 0 is there's enough RAM, or 1 otherwise. -# If --required isn't set, the helper will print the amount of RAM, in Mb. -# | arg: -s, --no_swap - Ignore swap -# | arg: -o, --only_swap - Ignore real RAM, consider only swap. -# | arg: -f, --free_ram - Count only free RAM, not the total amount of RAM available. -ynh_check_ram () { - # Declare an array to define the options of this helper. - declare -Ar args_array=( [r]=required= [s]=no_swap [o]=only_swap [f]=free_ram ) - local required - local no_swap - local only_swap - # Manage arguments with getopts - ynh_handle_getopts_args "$@" - required=${required:-} - no_swap=${no_swap:-0} - only_swap=${only_swap:-0} - - local total_ram=$(vmstat --stats --unit M | grep "total memory" | awk '{print $1}') - local total_swap=$(vmstat --stats --unit M | grep "total swap" | awk '{print $1}') - local total_ram_swap=$(( total_ram + total_swap )) - - local free_ram=$(vmstat --stats --unit M | grep "free memory" | awk '{print $1}') - local free_swap=$(vmstat --stats --unit M | grep "free swap" | awk '{print $1}') - local free_ram_swap=$(( free_ram + free_swap )) - - # Use the total amount of ram - local ram=$total_ram_swap - if [ $free_ram -eq 1 ] - then - # Use the total amount of free ram - ram=$free_ram_swap - if [ $no_swap -eq 1 ] - then - # Use only the amount of free ram - ram=$free_ram - elif [ $only_swap -eq 1 ] - then - # Use only the amount of free swap - ram=$free_swap - fi - else - if [ $no_swap -eq 1 ] - then - # Use only the amount of free ram - ram=$total_ram - elif [ $only_swap -eq 1 ] - then - # Use only the amount of free swap - ram=$total_swap - fi - fi - - if [ -n "$required" ] - then - # Return 1 if the amount of ram isn't enough. - if [ $ram -lt $required ] - then - return 1 - else - return 0 - fi - - # If no RAM is required, return the amount of available ram. - else - echo $ram - fi -} - -#================================================= - -# Define the values to configure php-fpm -# -# usage: ynh_get_scalable_phpfpm --usage=usage --footprint=footprint [--print] -# | arg: -f, --footprint - Memory footprint of the service (low/medium/high). -# low - Less than 20Mb of ram by pool. -# medium - Between 20Mb and 40Mb of ram by pool. -# high - More than 40Mb of ram by pool. -# Or specify exactly the footprint, the load of the service as Mb by pool instead of having a standard value. -# To have this value, use the following command and stress the service. -# watch -n0.5 ps -o user,cmd,%cpu,rss -u APP -# -# | arg: -u, --usage - Expected usage of the service (low/medium/high). -# low - Personal usage, behind the sso. -# medium - Low usage, few people or/and publicly accessible. -# high - High usage, frequently visited website. -# -# | arg: -p, --print - Print the result -# -# -# -# The footprint of the service will be used to defined the maximum footprint we can allow, which is half the maximum RAM. -# So it will be used to defined 'pm.max_children' -# A lower value for the footprint will allow more children for 'pm.max_children'. And so for -# 'pm.start_servers', 'pm.min_spare_servers' and 'pm.max_spare_servers' which are defined from the -# value of 'pm.max_children' -# NOTE: 'pm.max_children' can't exceed 4 times the number of processor's cores. -# -# The usage value will defined the way php will handle the children for the pool. -# A value set as 'low' will set the process manager to 'ondemand'. Children will start only if the -# service is used, otherwise no child will stay alive. This config gives the lower footprint when the -# service is idle. But will use more proc since it has to start a child as soon it's used. -# Set as 'medium', the process manager will be at dynamic. If the service is idle, a number of children -# equal to pm.min_spare_servers will stay alive. So the service can be quick to answer to any request. -# The number of children can grow if needed. The footprint can stay low if the service is idle, but -# not null. The impact on the proc is a little bit less than 'ondemand' as there's always a few -# children already available. -# Set as 'high', the process manager will be set at 'static'. There will be always as many children as -# 'pm.max_children', the footprint is important (but will be set as maximum a quarter of the maximum -# RAM) but the impact on the proc is lower. The service will be quick to answer as there's always many -# children ready to answer. -ynh_get_scalable_phpfpm () { - local legacy_args=ufp - # Declare an array to define the options of this helper. - declare -Ar args_array=( [u]=usage= [f]=footprint= [p]=print ) - local usage - local footprint - local print - # Manage arguments with getopts - ynh_handle_getopts_args "$@" - # Set all characters as lowercase - footprint=${footprint,,} - usage=${usage,,} - print=${print:-0} - - if [ "$footprint" = "low" ] - then - footprint=20 - elif [ "$footprint" = "medium" ] - then - footprint=35 - elif [ "$footprint" = "high" ] - then - footprint=50 - fi - - # Define the way the process manager handle child processes. - if [ "$usage" = "low" ] - then - php_pm=ondemand - elif [ "$usage" = "medium" ] - then - php_pm=dynamic - elif [ "$usage" = "high" ] - then - php_pm=static - else - ynh_die --message="Does not recognize '$usage' as an usage value." - fi - - # Get the total of RAM available, except swap. - local max_ram=$(ynh_check_ram --no_swap) - - less0() { - # Do not allow value below 1 - if [ $1 -le 0 ] - then - echo 1 - else - echo $1 - fi - } - - # Define pm.max_children - # The value of pm.max_children is the total amount of ram divide by 2 and divide again by the footprint of a pool for this app. - # So if php-fpm start the maximum of children, it won't exceed half of the ram. - php_max_children=$(( $max_ram / 2 / $footprint )) - # If process manager is set as static, use half less children. - # Used as static, there's always as many children as the value of pm.max_children - if [ "$php_pm" = "static" ] - then - php_max_children=$(( $php_max_children / 2 )) - fi - php_max_children=$(less0 $php_max_children) - - # To not overload the proc, limit the number of children to 4 times the number of cores. - local core_number=$(nproc) - local max_proc=$(( $core_number * 4 )) - if [ $php_max_children -gt $max_proc ] - then - php_max_children=$max_proc - fi - - if [ "$php_pm" = "dynamic" ] - then - # Define pm.start_servers, pm.min_spare_servers and pm.max_spare_servers for a dynamic process manager - php_min_spare_servers=$(( $php_max_children / 8 )) - php_min_spare_servers=$(less0 $php_min_spare_servers) - - php_max_spare_servers=$(( $php_max_children / 2 )) - php_max_spare_servers=$(less0 $php_max_spare_servers) - - php_start_servers=$(( $php_min_spare_servers + ( $php_max_spare_servers - $php_min_spare_servers ) /2 )) - php_start_servers=$(less0 $php_start_servers) - else - php_min_spare_servers=0 - php_max_spare_servers=0 - php_start_servers=0 - fi - - if [ $print -eq 1 ] - then - ynh_debug --message="Footprint=${footprint}Mb by pool." - ynh_debug --message="Process manager=$php_pm" - ynh_debug --message="Max RAM=${max_ram}Mb" - if [ "$php_pm" != "static" ]; then - ynh_debug --message="\nMax estimated footprint=$(( $php_max_children * $footprint ))" - ynh_debug --message="Min estimated footprint=$(( $php_min_spare_servers * $footprint ))" - fi - if [ "$php_pm" = "dynamic" ]; then - ynh_debug --message="Estimated average footprint=$(( $php_max_spare_servers * $footprint ))" - elif [ "$php_pm" = "static" ]; then - ynh_debug --message="Estimated footprint=$(( $php_max_children * $footprint ))" - fi - ynh_debug --message="\nRaw php-fpm values:" - ynh_debug --message="pm.max_children = $php_max_children" - if [ "$php_pm" = "dynamic" ]; then - ynh_debug --message="pm.start_servers = $php_start_servers" - ynh_debug --message="pm.min_spare_servers = $php_min_spare_servers" - ynh_debug --message="pm.max_spare_servers = $php_max_spare_servers" - fi - fi -} - -#================================================= - -# Execute a command as another user -# usage: exec_as USER COMMAND [ARG ...] -exec_as() { - local USER=$1 - shift 1 - - if [[ $USER = $(whoami) ]]; then - eval "$@" - else - sudo -u "$USER" "$@" - fi -} +} \ No newline at end of file diff --git a/scripts/_variables b/scripts/_variables index 1016b09..a08ca42 100644 --- a/scripts/_variables +++ b/scripts/_variables @@ -1,4 +1,15 @@ #!/bin/bash # Dependencies -app_depencencies="sqlite idn2 php7.0-sqlite3" +app_depencencies="sqlite3 idn2 php7.3-sqlite3 nettle-dev libcap2-bin build-essential libgmp-dev m4 cmake libidn11-dev libreadline-dev xxd" + +if [ "$YNH_APP_ARG_PIHOLE_VERSION" == "Last 3.X" ] +then + pihole_core_version=3.3.1 + dashboard_version=3.3 + FTL_version=3.0 +else + pihole_core_version=5.3.1 + dashboard_version=5.5 + FTL_version=5.8.1 +fi diff --git a/scripts/_ynh_add_fpm_config b/scripts/_ynh_add_fpm_config deleted file mode 100644 index 8d36834..0000000 --- a/scripts/_ynh_add_fpm_config +++ /dev/null @@ -1,132 +0,0 @@ -#!/bin/bash - -# Create a dedicated php-fpm config -# -# usage 1: ynh_add_fpm_config [--phpversion=7.X] [--use_template] -# | arg: -v, --phpversion - Version of php to use. -# | arg: -t, --use_template - Use this helper in template mode. -# -# ----------------------------------------------------------------------------- -# -# usage 2: ynh_add_fpm_config [--phpversion=7.X] --usage=usage --footprint=footprint -# | arg: -v, --phpversion - Version of php to use.# -# | arg: -f, --footprint - Memory footprint of the service (low/medium/high). -# low - Less than 20Mb of ram by pool. -# medium - Between 20Mb and 40Mb of ram by pool. -# high - More than 40Mb of ram by pool. -# Or specify exactly the footprint, the load of the service as Mb by pool instead of having a standard value. -# To have this value, use the following command and stress the service. -# watch -n0.5 ps -o user,cmd,%cpu,rss -u APP -# -# | arg: -u, --usage - Expected usage of the service (low/medium/high). -# low - Personal usage, behind the sso. -# medium - Low usage, few people or/and publicly accessible. -# high - High usage, frequently visited website. -# -# Requires YunoHost version 2.7.2 or higher. -ynh_add_fpm_config () { - # Declare an array to define the options of this helper. - local legacy_args=vtuf - declare -Ar args_array=( [v]=phpversion= [t]=use_template [u]=usage= [f]=footprint= ) - local phpversion - local use_template - local usage - local footprint - # Manage arguments with getopts - ynh_handle_getopts_args "$@" - # The default behaviour is to use the template. - use_template="${use_template:-1}" - usage="${usage:-}" - footprint="${footprint:-}" - if [ -n "$usage" ] || [ -n "$footprint" ]; then - use_template=0 - fi - - # Configure PHP-FPM 7.0 by default - phpversion="${phpversion:-7.0}" - - local fpm_config_dir="/etc/php/$phpversion/fpm" - local fpm_service="php${phpversion}-fpm" - # Configure PHP-FPM 5 on Debian Jessie - if [ "$(ynh_get_debian_release)" == "jessie" ]; then - fpm_config_dir="/etc/php5/fpm" - fpm_service="php5-fpm" - fi - ynh_app_setting_set --app=$app --key=fpm_config_dir --value="$fpm_config_dir" - ynh_app_setting_set --app=$app --key=fpm_service --value="$fpm_service" - finalphpconf="$fpm_config_dir/pool.d/$app.conf" - ynh_backup_if_checksum_is_different --file="$finalphpconf" - - if [ $use_template -eq 1 ] - then - # Usage 1, use the template in ../conf/php-fpm.conf - sudo cp ../conf/php-fpm.conf "$finalphpconf" - ynh_replace_string --match_string="__NAMETOCHANGE__" --replace_string="$app" --target_file="$finalphpconf" - ynh_replace_string --match_string="__FINALPATH__" --replace_string="$final_path" --target_file="$finalphpconf" - ynh_replace_string --match_string="__USER__" --replace_string="$app" --target_file="$finalphpconf" - ynh_replace_string --match_string="__PHPVERSION__" --replace_string="$phpversion" --target_file="$finalphpconf" - - else - # Store settings - ynh_app_setting_set --app=$app --key=fpm_footprint --value=$footprint - ynh_app_setting_set --app=$app --key=fpm_usage --value=$usage - - # Usage 2, generate a php-fpm config file with ynh_get_scalable_phpfpm - ynh_get_scalable_phpfpm --usage=$usage --footprint=$footprint - - # Copy the default file - sudo cp "$fpm_config_dir/pool.d/www.conf" "$finalphpconf" - - # Replace standard variables into the default file - ynh_replace_string --match_string="^\[www\]" --replace_string="[$app]" --target_file="$finalphpconf" - ynh_replace_string --match_string=".*listen = .*" --replace_string="listen = /var/run/php/php7.0-fpm-$app.sock" --target_file="$finalphpconf" - ynh_replace_string --match_string="^user = .*" --replace_string="user = $app" --target_file="$finalphpconf" - ynh_replace_string --match_string="^group = .*" --replace_string="group = $app" --target_file="$finalphpconf" - ynh_replace_string --match_string=".*chdir = .*" --replace_string="chdir = $final_path" --target_file="$finalphpconf" - - # Configure fpm children - ynh_replace_string --match_string=".*pm = .*" --replace_string="pm = $php_pm" --target_file="$finalphpconf" - ynh_replace_string --match_string=".*pm.max_children = .*" --replace_string="pm.max_children = $php_max_children" --target_file="$finalphpconf" - ynh_replace_string --match_string=".*pm.max_requests = .*" --replace_string="pm.max_requests = 500" --target_file="$finalphpconf" - ynh_replace_string --match_string=".*request_terminate_timeout = .*" --replace_string="request_terminate_timeout = 1d" --target_file="$finalphpconf" - if [ "$php_pm" = "dynamic" ] - then - ynh_replace_string --match_string=".*pm.start_servers = .*" --replace_string="pm.start_servers = $php_start_servers" --target_file="$finalphpconf" - ynh_replace_string --match_string=".*pm.min_spare_servers = .*" --replace_string="pm.min_spare_servers = $php_min_spare_servers" --target_file="$finalphpconf" - ynh_replace_string --match_string=".*pm.max_spare_servers = .*" --replace_string="pm.max_spare_servers = $php_max_spare_servers" --target_file="$finalphpconf" - elif [ "$php_pm" = "ondemand" ] - then - ynh_replace_string --match_string=".*pm.process_idle_timeout = .*" --replace_string="pm.process_idle_timeout = 10s" --target_file="$finalphpconf" - fi - - # Comment unused parameters - if [ "$php_pm" != "dynamic" ] - then - ynh_replace_string --match_string=".*\(pm.start_servers = .*\)" --replace_string=";\1" --target_file="$finalphpconf" - ynh_replace_string --match_string=".*\(pm.min_spare_servers = .*\)" --replace_string=";\1" --target_file="$finalphpconf" - ynh_replace_string --match_string=".*\(pm.max_spare_servers = .*\)" --replace_string=";\1" --target_file="$finalphpconf" - fi - if [ "$php_pm" != "ondemand" ] - then - ynh_replace_string --match_string=".*\(pm.process_idle_timeout = .*\)" --replace_string=";\1" --target_file="$finalphpconf" - fi - - # Concatene the extra config. - if [ -e ../conf/extra_php-fpm.conf ]; then - cat ../conf/extra_php-fpm.conf >> "$finalphpconf" - fi - fi - sudo chown root: "$finalphpconf" - ynh_store_file_checksum --file="$finalphpconf" - - if [ -e "../conf/php-fpm.ini" ] - then - echo "Packagers ! Please do not use a separate php ini file, merge your directives in the pool file instead." >&2 - finalphpini="$fpm_config_dir/conf.d/20-$app.ini" - ynh_backup_if_checksum_is_different "$finalphpini" - sudo cp ../conf/php-fpm.ini "$finalphpini" - sudo chown root: "$finalphpini" - ynh_store_file_checksum "$finalphpini" - fi - ynh_systemd_action --service_name=$fpm_service --action=reload -} diff --git a/scripts/_ynh_add_fpm_config.sh b/scripts/_ynh_add_fpm_config.sh new file mode 100644 index 0000000..c0aa0aa --- /dev/null +++ b/scripts/_ynh_add_fpm_config.sh @@ -0,0 +1,203 @@ +#!/bin/bash + +# To be removed after the 4.3 + +ynh_add_fpm_config () { + # Declare an array to define the options of this helper. + local legacy_args=vtufpd + local -A args_array=( [v]=phpversion= [t]=use_template [u]=usage= [f]=footprint= [p]=package= [d]=dedicated_service ) + local phpversion + local use_template + local usage + local footprint + local package + local dedicated_service + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + package=${package:-} + + # The default behaviour is to use the template. + use_template="${use_template:-1}" + usage="${usage:-}" + footprint="${footprint:-}" + if [ -n "$usage" ] || [ -n "$footprint" ]; then + use_template=0 + fi + # Do not use a dedicated service by default + dedicated_service=${dedicated_service:-0} + + # Set the default PHP-FPM version by default + phpversion="${phpversion:-$YNH_PHP_VERSION}" + + local old_phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) + + # If the PHP version changed, remove the old fpm conf + if [ -n "$old_phpversion" ] && [ "$old_phpversion" != "$phpversion" ] + then + local old_php_fpm_config_dir=$(ynh_app_setting_get --app=$app --key=fpm_config_dir) + local old_php_finalphpconf="$old_php_fpm_config_dir/pool.d/$app.conf" + + ynh_backup_if_checksum_is_different --file="$old_php_finalphpconf" + + ynh_remove_fpm_config + fi + + # If the requested PHP version is not the default version for YunoHost + if [ "$phpversion" != "$YNH_DEFAULT_PHP_VERSION" ] + then + # If the argument --package is used, add the packages to ynh_install_php to install them from sury + if [ -n "$package" ] + then + local additionnal_packages="--package=$package" + else + local additionnal_packages="" + fi + # Install this specific version of PHP. + ynh_install_php --phpversion="$phpversion" "$additionnal_packages" + elif [ -n "$package" ] + then + # Install the additionnal packages from the default repository + ynh_add_app_dependencies --package="$package" + fi + + if [ $dedicated_service -eq 1 ] + then + local fpm_service="${app}-phpfpm" + local fpm_config_dir="/etc/php/$phpversion/dedicated-fpm" + else + local fpm_service="php${phpversion}-fpm" + local fpm_config_dir="/etc/php/$phpversion/fpm" + fi + + # Create the directory for FPM pools + mkdir --parents "$fpm_config_dir/pool.d" + + ynh_app_setting_set --app=$app --key=fpm_config_dir --value="$fpm_config_dir" + ynh_app_setting_set --app=$app --key=fpm_service --value="$fpm_service" + ynh_app_setting_set --app=$app --key=fpm_dedicated_service --value="$dedicated_service" + ynh_app_setting_set --app=$app --key=phpversion --value=$phpversion + + # Migrate from mutual PHP service to dedicated one. + if [ $dedicated_service -eq 1 ] + then + local old_fpm_config_dir="/etc/php/$phpversion/fpm" + # If a config file exist in the common pool, move it. + if [ -e "$old_fpm_config_dir/pool.d/$app.conf" ] + then + ynh_print_info --message="Migrate to a dedicated php-fpm service for $app." + # Create a backup of the old file before migration + ynh_backup_if_checksum_is_different --file="$old_fpm_config_dir/pool.d/$app.conf" + # Remove the old PHP config file + ynh_secure_remove --file="$old_fpm_config_dir/pool.d/$app.conf" + # Reload PHP to release the socket and allow the dedicated service to use it + ynh_systemd_action --service_name=php${phpversion}-fpm --action=reload + fi + fi + + if [ $use_template -eq 1 ] + then + # Usage 1, use the template in conf/php-fpm.conf + local phpfpm_path="$YNH_APP_BASEDIR/conf/php-fpm.conf" + # Make sure now that the template indeed exists + [ -e "$phpfpm_path" ] || ynh_die --message="Unable to find template to configure PHP-FPM." + else + # Usage 2, generate a PHP-FPM config file with ynh_get_scalable_phpfpm + + # Store settings + ynh_app_setting_set --app=$app --key=fpm_footprint --value=$footprint + ynh_app_setting_set --app=$app --key=fpm_usage --value=$usage + + # Define the values to use for the configuration of PHP. + ynh_get_scalable_phpfpm --usage=$usage --footprint=$footprint + + local phpfpm_path="$YNH_APP_BASEDIR/conf/php-fpm.conf" + echo " +[__APP__] +user = __APP__ +group = __APP__ +chdir = __FINALPATH__ +listen = /var/run/php/php__PHPVERSION__-fpm-__APP__.sock +listen.owner = www-data +listen.group = www-data +pm = __PHP_PM__ +pm.max_children = __PHP_MAX_CHILDREN__ +pm.max_requests = 500 +request_terminate_timeout = 1d +" > $phpfpm_path + + if [ "$php_pm" = "dynamic" ] + then + echo " +pm.start_servers = __PHP_START_SERVERS__ +pm.min_spare_servers = __PHP_MIN_SPARE_SERVERS__ +pm.max_spare_servers = __PHP_MAX_SPARE_SERVERS__ +" >> $phpfpm_path + + elif [ "$php_pm" = "ondemand" ] + then + echo " +pm.process_idle_timeout = 10s +" >> $phpfpm_path + fi + + # Concatene the extra config. + if [ -e $YNH_APP_BASEDIR/conf/extra_php-fpm.conf ]; then + cat $YNH_APP_BASEDIR/conf/extra_php-fpm.conf >> "$phpfpm_path" + fi + fi + + local finalphpconf="$fpm_config_dir/pool.d/$app.conf" + ynh_add_config --template="$phpfpm_path" --destination="$finalphpconf" + + if [ -e "$YNH_APP_BASEDIR/conf/php-fpm.ini" ] + then + ynh_print_warn --message="Packagers ! Please do not use a separate php ini file, merge your directives in the pool file instead." + ynh_add_config --template="$YNH_APP_BASEDIR/conf/php-fpm.ini" --destination="$fpm_config_dir/conf.d/20-$app.ini" + fi + + if [ $dedicated_service -eq 1 ] + then + # Create a dedicated php-fpm.conf for the service + local globalphpconf=$fpm_config_dir/php-fpm-$app.conf + +echo "[global] +pid = /run/php/php__PHPVERSION__-fpm-__APP__.pid +error_log = /var/log/php/fpm-php.__APP__.log +syslog.ident = php-fpm-__APP__ +include = __FINALPHPCONF__ +" > $YNH_APP_BASEDIR/conf/php-fpm-$app.conf + + ynh_add_config --template="$YNH_APP_BASEDIR/conf/php-fpm-$app.conf" --destination="$globalphpconf" + + # Create a config for a dedicated PHP-FPM service for the app + echo "[Unit] +Description=PHP __PHPVERSION__ FastCGI Process Manager for __APP__ +After=network.target +[Service] +Type=notify +PIDFile=/run/php/php__PHPVERSION__-fpm-__APP__.pid +ExecStart=/usr/sbin/php-fpm__PHPVERSION__ --nodaemonize --fpm-config __GLOBALPHPCONF__ +ExecReload=/bin/kill -USR2 \$MAINPID +[Install] +WantedBy=multi-user.target +" > $YNH_APP_BASEDIR/conf/$fpm_service + + # Create this dedicated PHP-FPM service + ynh_add_systemd_config --service=$fpm_service --template=$fpm_service + # Integrate the service in YunoHost admin panel + yunohost service add $fpm_service --log /var/log/php/fpm-php.$app.log --description "Php-fpm dedicated to $app" + # Configure log rotate + ynh_use_logrotate --logfile=/var/log/php + # Restart the service, as this service is either stopped or only for this app + ynh_systemd_action --service_name=$fpm_service --action=restart + else + # Validate that the new php conf doesn't break php-fpm entirely + if ! php-fpm${phpversion} --test 2>/dev/null + then + php-fpm${phpversion} --test || true + ynh_secure_remove --file="$finalphpconf" + ynh_die --message="The new configuration broke php-fpm?" + fi + ynh_systemd_action --service_name=$fpm_service --action=reload + fi +} \ No newline at end of file diff --git a/scripts/actions/reset_default_app b/scripts/actions/reset_default_app new file mode 100755 index 0000000..8e3fba5 --- /dev/null +++ b/scripts/actions/reset_default_app @@ -0,0 +1,259 @@ +#!/bin/bash + +#================================================= +# GENERIC STARTING +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +# Load common variables for all scripts. +source scripts/_variables + +source scripts/_common.sh +source /usr/share/yunohost/helpers + +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +ynh_clean_setup () { +# Clean installation remaining that are not handle by the remove script. + ynh_clean_check_starting +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# RETRIEVE ARGUMENTS +#================================================= + +app=$YNH_APP_INSTANCE_NAME + +path_url=$(ynh_app_setting_get --app=$app --key=path) +domain=$(ynh_app_setting_get --app=$app --key=domain) +pihole_version="$(ynh_app_setting_get --app=$app --key=pihole_version)" + +#================================================= +# SPECIFIC ACTION +#================================================= +# ACTIVATE MAINTENANCE MODE +#================================================= +ynh_script_progression --message="Activating maintenance mode..." --weight=1 + +ynh_maintenance_mode_ON + +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 + +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app + +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= +ynh_script_progression --message="Resetting source files..." --weight=1 + +# Download, check integrity, uncompress and patch the source from app.src +pihole_local_repo="/etc/.pihole" +(cd scripts +if [ "$pihole_version" == "Last 3.X" ] +then + # Overwrite the version 3.3.1 + YNH_CWD=$PWD ynh_setup_source --dest_dir="$pihole_local_repo" --source_id=app_3 + # Overwrite admin dashboard + YNH_CWD=$PWD ynh_setup_source --dest_dir="$final_path" --source_id=admin_dashboard_3 +else + # Overwrite the last version available + YNH_CWD=$PWD ynh_setup_source --dest_dir="$pihole_local_repo" --source_id=app_last + # Overwrite admin dashboard + YNH_CWD=$PWD ynh_setup_source --dest_dir="$final_path" --source_id=admin_dashboard_last +fi + +chown $app:www-data "$final_path" + +) + +#================================================= +# NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Resetting NGINX web server configuration..." --weight=1 + +# Create a dedicated nginx config +yunohost app action run $app reset_default_nginx + +#================================================= +# PHP-FPM CONFIGURATION +#================================================= +ynh_script_progression --message="Resetting PHP-FPM configuration..." --weight=1 + +# Create a dedicated php-fpm config +yunohost app action run $app reset_default_phpfpm + +#================================================= +# RECREATE DIRECTORIES +#================================================= +ynh_script_progression --message="Recreating and populating directories..." --weight=1 + +pihole_storage="/etc/pihole" +mkdir -p "$pihole_storage" +chown $app: -R "$pihole_storage" + +pihole_dir="/opt/pihole" +mkdir -p "$pihole_dir" + +# Make a copy of Pi-Hole scripts +cp -a "$pihole_local_repo/gravity.sh" "$pihole_dir/" +cp -a $pihole_local_repo/advanced/Scripts/*.sh "$pihole_dir/" + +# And copy this fucking COL_TABLE file... +cp -a "$pihole_local_repo/advanced/Scripts/COL_TABLE" "$pihole_dir/" + +#================================================= +# COPY PI-HOLE MAIN SCRIPT +#================================================= +ynh_script_progression --message="Copying Pi-Hole main script..." + +cp -a "$pihole_local_repo/pihole" /usr/local/bin/ +cp -a "$pihole_local_repo/advanced/bash-completion/pihole" /etc/bash_completion.d/pihole + +#================================================= +# RECREATE LOG FILES +#================================================= + +touch /var/log/{pihole,pihole-FTL}.log +chmod 644 /var/log/{pihole,pihole-FTL}.log +dnsmasq_user=$(grep DNSMASQ_USER= /etc/init.d/dnsmasq | cut -d'"' -f2) +chown $dnsmasq_user:root /var/log/{pihole,pihole-FTL}.log + +#================================================= +# RECREATE SUDOER FILE +#================================================= + +# This sudoers config allow pihole to execute /usr/local/bin/pihole as root without password. Nothing more. +if [ "$pihole_version" == "Last 3.X" ] +then + cp "$pihole_local_repo/advanced/pihole.sudo" /etc/sudoers.d/pihole +else + cp "$pihole_local_repo/advanced/Templates/pihole.sudo" /etc/sudoers.d/pihole +fi +echo "$app ALL=NOPASSWD: /usr/local/bin/pihole" >> /etc/sudoers.d/pihole +# echo "Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin" >> /etc/sudoers.d/pihole +chmod 0440 /etc/sudoers.d/pihole + +#================================================= +# REINSTALL LOGROTATE SCRIPT FOR PI-HOLE +#================================================= + +if [ "$pihole_version" == "Last 3.X" ] +then + cp "$pihole_local_repo/advanced/logrotate" "$pihole_storage/logrotate" +else + cp "$pihole_local_repo/advanced/Templates/logrotate" "$pihole_storage/logrotate" +fi +sed -i "/# su #/d;" "$pihole_storage/logrotate" + +#================================================= +# REINSTALLATION OF PIHOLE-FTL +#================================================= +ynh_script_progression --message="Reinstalling PiHole-FTL..." --weight=30 + +# Get the source of Pi-Hole-FTL +FTL_temp_path=$(mktemp -d) +if [ "$pihole_version" == "Last 3.X" ] +then + # Install the version 3.3.1 + ynh_setup_source --dest_dir="$FTL_temp_path" --source_id=FTL_3 +else + # Install the last version available + ynh_setup_source --dest_dir="$FTL_temp_path" --source_id=FTL_last +fi + +# Instead of downloading a binary file, we're going to compile it +( cd "$FTL_temp_path" +ynh_exec_warn_less make +ynh_exec_warn_less make install ) +ynh_secure_remove --file="$FTL_temp_path" + +cp "../conf/dns-servers.conf" "$pihole_storage" + +# Restore the default pihole-FTL.conf +yunohost app action run $app reset_default_ftl + +if [ "$pihole_version" == "Last 3.X" ] +then + # Version 3.3.1 + cp -a $pihole_local_repo/advanced/pihole-FTL.service /etc/init.d/pihole-FTL + chmod +x /etc/init.d/pihole-FTL + ynh_exec_warn_less systemctl enable pihole-FTL +else + cp -a $pihole_local_repo/advanced/Templates/pihole-FTL.service /etc/init.d/pihole-FTL + chmod +x /etc/init.d/pihole-FTL + ynh_exec_warn_less systemctl enable pihole-FTL + + # Reload systemd config + systemctl daemon-reload +fi + +#================================================= +# RESET THE VARIABLES FILE +#================================================= + +# Restore the default setupVars.conf +yunohost app action run $app reset_default_setupvars + +#================================================= +# RESET DNSMASQ CONFIG +#================================================= + +# Restore the default setupVars.conf +yunohost app action run $app reset_default_dnsmasq + +#================================================= +# REINSTALL CRON JOB +#================================================= + +if [ "$pihole_version" == "Last 3.X" ] +then + cp $pihole_local_repo/advanced/pihole.cron /etc/cron.d/pihole +else + cp $pihole_local_repo/advanced/Templates/pihole.cron /etc/cron.d/pihole +fi + +# Remove git usage for version. Which fails because we use here a release instead of master. +ynh_replace_string --match_string=".*updatechecker.*" --replace_string="#&" --target_file=/etc/cron.d/pihole + +#================================================= +# REINSTALL CONF_REGEN HOOK +#================================================= + +(cd scripts; cp ../conf/dnsmasq_regenconf_hook /usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app) + +#================================================= +# RESTART PIHOLE-FTL +#================================================= + +ynh_script_progression --message="Restarting PiHole-FTL..." --weight=2 + +ynh_systemd_action --action=restart --service_name=pihole-FTL + +#================================================= +# RELOAD NGINX +#================================================= +ynh_script_progression --message="Reloading NGINX web server..." --weight=1 + +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# DEACTIVE MAINTENANCE MODE +#================================================= +ynh_script_progression --message="Disabling maintenance mode..." --weight=1 + +ynh_maintenance_mode_OFF + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Execution completed" --last diff --git a/scripts/actions/reset_default_config b/scripts/actions/reset_default_config index 1272710..fcec8b7 100755 --- a/scripts/actions/reset_default_config +++ b/scripts/actions/reset_default_config @@ -9,11 +9,18 @@ source scripts/_common.sh source /usr/share/yunohost/helpers +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + #================================================= # RETRIEVE ARGUMENTS #================================================= -app=${YNH_APP_INSTANCE_NAME:-$YNH_APP_ID} +app=$YNH_APP_INSTANCE_NAME query_logging=$(ynh_app_setting_get --app=$app --key=query_logging) @@ -24,9 +31,11 @@ query_logging=$(ynh_app_setting_get --app=$app --key=query_logging) file="$1" if [ "$file" = "setupVars.conf" ]; then - config_file="/etc/pihole/setupVars.conf" + config_file="/etc/pihole/setupVars.conf" elif [ "$file" = "pihole-FTL.conf" ]; then - config_file="/etc/pihole/pihole-FTL.conf" + config_file="/etc/pihole/pihole-FTL.conf" +elif [ "$file" = "01-pihole.conf" ]; then + config_file="/etc/dnsmasq.d/01-pihole.conf" fi #================================================= @@ -39,33 +48,56 @@ ynh_script_progression --message="Resetting the config file $config_file..." --w # Verify the checksum and backup the file if it's different ynh_backup_if_checksum_is_different --file="$config_file" +main_iface=$(ip route | grep --max-count=1 default | awk '{print $5;}') + if [ "$file" = "setupVars.conf" ] then - # Recreate the default config - # Trouve l'interface réseau par défaut - main_iface=$(ip route | grep --max-count=1 default | awk '{print $5;}') - echo "PIHOLE_INTERFACE=$main_iface" > "$config_file" - echo "IPV4_ADDRESS=127.0.0.1" >> "$config_file" - echo "IPV6_ADDRESS=::1" >> "$config_file" - echo "PIHOLE_DNS_1=" >> "$config_file" - echo "PIHOLE_DNS_2=" >> "$config_file" - if [ $query_logging -eq 1 ]; then - query_logging=true - else - query_logging=false - fi - echo "QUERY_LOGGING=$query_logging" >> "$config_file" - echo "INSTALL_WEB=true" >> "$config_file" + # Recreate the default config + # Trouve l'interface réseau par défaut + echo "PIHOLE_INTERFACE=$main_iface" > "$config_file" + echo "IPV4_ADDRESS=127.0.0.1" >> "$config_file" + echo "IPV6_ADDRESS=::1" >> "$config_file" + echo "PIHOLE_DNS_1=" >> "$config_file" + echo "PIHOLE_DNS_2=" >> "$config_file" + if [ $query_logging -eq 1 ]; then + query_logging=true + else + query_logging=false + fi + echo "QUERY_LOGGING=$query_logging" >> "$config_file" + echo "INSTALL_WEB=true" >> "$config_file" elif [ "$file" = "pihole-FTL.conf" ] then - # Get the default file and overwrite the current config - cp /etc/yunohost/apps/$app/conf/pihole-FTL.conf "$config_file" + # Get the default file and overwrite the current config + port=$(ynh_app_setting_get --app=$app --key=port) + ynh_add_config --template="/etc/yunohost/apps/$app/conf/pihole-FTL.conf" --destination="$config_file" - ynh_script_progression --message="Restarting PiHole..." --weight=2 + ynh_script_progression --message="Restarting Pi-Hole..." --weight=2 - # Restart pihole-FTL - ynh_systemd_action --action=restart --service_name=pihole-FTL + # Restart pihole-FTL + ynh_systemd_action --action=restart --service_name=pihole-FTL + +elif [ "$file" = "01-pihole.conf" ] +then + cp "$pihole_local_repo/advanced/01-pihole.conf" $config_file + # Use dns from /etc/resolv.dnsmasq.conf + ynh_replace_string --match_string="@DNS1@" --replace_string="" --target_file=$config_file + ynh_replace_string --match_string="@DNS2@" --replace_string="" --target_file=$config_file + ynh_replace_string --match_string="^no-resolv" --replace_string="#no-resolv" --target_file=$config_file + + ynh_replace_string --match_string="@INT@" --replace_string="$main_iface" --target_file=$config_file + if [ "$query_logging" = "true" ]; then + ynh_replace_string --match_string="^#log-queries" --replace_string="log-queries" --target_file=$config_file + else + ynh_replace_string --match_string="^log-queries" --replace_string="#log-queries" --target_file=$config_file + fi + + # Fix a too recent option for our dnsmasq version. + ynh_replace_string --match_string="log-queries=extra" --replace_string="log-queries" --target_file=$config_file + + # To prevent any conflict with the original dnsmasq config, comment cache-size in the original config. + ynh_replace_string --match_string="^cache-size=" --replace_string="#pihole# cache-size=" --target_file=/etc/dnsmasq.conf fi # Calculate and store the config file checksum into the app settings diff --git a/scripts/actions/reset_default_system b/scripts/actions/reset_default_system new file mode 100755 index 0000000..c760535 --- /dev/null +++ b/scripts/actions/reset_default_system @@ -0,0 +1,64 @@ +#!/bin/bash + +#================================================= +# GENERIC STARTING +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source scripts/_common.sh +source /usr/share/yunohost/helpers + +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +ynh_clean_setup () { +# Clean installation remaining that are not handle by the remove script. + ynh_clean_check_starting +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# RETRIEVE ARGUMENTS +#================================================= + +app=$YNH_APP_INSTANCE_NAME + +type=$1 + +domain=$(ynh_app_setting_get --app=$app --key=domain) +path_url=$(ynh_app_setting_get --app=$app --key=path) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) + +#================================================= +# SPECIFIC ACTION +#================================================= +# RESET THE CONFIG FILE +#================================================= + +if [ $type == nginx ]; then + name=Nginx +elif [ $type == phpfpm ]; then + name=PHP-FPM +else + ynh_die --message="The type $type is not recognized" +fi + +ynh_script_progression --message="Resetting the specific configuration of $name for the app $app..." --weight=3 + +if [ $type == nginx ] +then + (cd scripts; ynh_add_nginx_config) + +elif [ $type == phpfpm ] +then + (cd scripts; ynh_add_fpm_config --usage=low --footprint=low --dedicated_service) +fi + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Execution completed" --last diff --git a/scripts/backup b/scripts/backup index 51aeb6e..2202c71 100644 --- a/scripts/backup +++ b/scripts/backup @@ -19,7 +19,7 @@ ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." --weight=2 +ynh_print_info --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME @@ -27,52 +27,47 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) path_url=$(ynh_app_setting_get --app=$app --key=path) domain=$(ynh_app_setting_get --app=$app --key=domain) +# Get variable from ynh_add_fpm_config +fpm_config_dir=$(ynh_app_setting_get --app=$app --key=fpm_config_dir) + #================================================= -# STANDARD BACKUP STEPS +# DECLARE DATA AND CONF FILES TO BACKUP +#================================================= +ynh_print_info --message="Declaring files to be backed up..." + #================================================= # BACKUP THE MAIN APP DIRECTORIES #================================================= -ynh_script_progression --message="Backing up the main app directory..." --weight=5 -CHECK_SIZE "$final_path" ynh_backup --src_path="$final_path" - -CHECK_SIZE "/etc/.pihole" ynh_backup --src_path="/etc/.pihole" - -CHECK_SIZE "/etc/pihole" ynh_backup --src_path="/etc/pihole" - -CHECK_SIZE "/opt/pihole" ynh_backup --src_path="/opt/pihole" #================================================= # BACKUP NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Backing up nginx web server configuration..." ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # BACKUP PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Backing up php-fpm configuration..." -ynh_backup --src_path="/etc/php/7.0/fpm/pool.d/$app.conf" +ynh_backup --src_path="$fpm_config_dir/php-fpm-$app.conf" +ynh_backup --src_path="$fpm_config_dir/pool.d/$app.conf" #================================================= # SPECIFIC BACKUP #================================================= # BACKUP CRON FILE #================================================= -ynh_script_progression --message="Backing up cron file..." ynh_backup --src_path="/etc/cron.d/pihole" #================================================= # BACKUP SPECIFIC FILES #================================================= -ynh_script_progression --message="Backing specific files..." ynh_backup --src_path="/usr/local/bin/pihole" ynh_backup --src_path="/etc/bash_completion.d/pihole" @@ -84,13 +79,13 @@ ynh_backup --src_path="/usr/bin/pihole-FTL" ynh_backup --src_path="/etc/dnsmasq.d/01-pihole.conf" if test -e "/etc/dnsmasq.d/02-pihole-dhcp.conf"; then - ynh_backup --src_path="/etc/dnsmasq.d/02-pihole-dhcp.conf" + ynh_backup --src_path="/etc/dnsmasq.d/02-pihole-dhcp.conf" fi if test -e "/etc/dnsmasq.d/03-pihole-wildcard.conf"; then - ynh_backup --src_path="/etc/dnsmasq.d/03-pihole-wildcard.conf" + ynh_backup --src_path="/etc/dnsmasq.d/03-pihole-wildcard.conf" fi if test -e "/etc/dnsmasq.d/04-pihole-static-dhcp.conf"; then - ynh_backup --src_path="/etc/dnsmasq.d/04-pihole-static-dhcp.conf" + ynh_backup --src_path="/etc/dnsmasq.d/04-pihole-static-dhcp.conf" fi ynh_backup --src_path="/usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app" @@ -99,4 +94,4 @@ ynh_backup --src_path="/usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app" # END OF SCRIPT #================================================= -ynh_script_progression --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." --last +ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." diff --git a/scripts/change_url b/scripts/change_url index c7fe581..b6adf0b 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -31,16 +31,16 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= -ynh_script_progression --message="Backing up the app before changing its url (may take a while)..." --weight=11 +ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=11 # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { - # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. - ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" + # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. + ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" - # restore it if the upgrade fails - ynh_restore_upgradebackup + # restore it if the upgrade fails + ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -61,13 +61,13 @@ ynh_maintenance_mode_ON change_domain=0 if [ "$old_domain" != "$new_domain" ] then - change_domain=1 + change_domain=1 fi change_path=0 if [ "$old_path" != "$new_path" ] then - change_path=1 + change_path=1 fi #================================================= @@ -75,33 +75,33 @@ fi #================================================= # MODIFY URL IN NGINX CONF #================================================= -ynh_script_progression --message="Updating nginx web server configuration..." --weight=4 +ynh_script_progression --message="Updating NGINX web server configuration..." --weight=4 nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf # Change the path in the nginx config file if [ $change_path -eq 1 ] then - # Make a backup of the original nginx config file if modified - ynh_backup_if_checksum_is_different --file="$nginx_conf_path" + # Make a backup of the original nginx config file if modified + ynh_backup_if_checksum_is_different --file="$nginx_conf_path" - # Set global variables for nginx helper - domain="$old_domain" - path_url="$new_path" + # Set global variables for nginx helper + domain="$old_domain" + path_url="$new_path" - # Create a dedicated nginx config - ynh_add_nginx_config + # Create a dedicated nginx config + ynh_add_nginx_config fi # Change the domain for nginx if [ $change_domain -eq 1 ] then - # Delete file checksum for the old conf file location - ynh_delete_file_checksum --file="$nginx_conf_path" - mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf + # Delete file checksum for the old conf file location + ynh_delete_file_checksum --file="$nginx_conf_path" + mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf - # Store file checksum for the new config file location - ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" + # Store file checksum for the new config file location + ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" fi #================================================= @@ -109,7 +109,7 @@ fi #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading nginx web server..." +ynh_script_progression --message="Reloading NGINX web server..." ynh_systemd_action --service_name=nginx --action=reload diff --git a/scripts/config b/scripts/config index 8772ea0..fef8388 100644 --- a/scripts/config +++ b/scripts/config @@ -8,13 +8,15 @@ source _common.sh source /usr/share/yunohost/helpers -source _ynh_add_fpm_config #================================================= # RETRIEVE ARGUMENTS #================================================= -app=${YNH_APP_INSTANCE_NAME:-$YNH_APP_ID} +app=$YNH_APP_INSTANCE_NAME + +fpm_config_dir=$(ynh_app_setting_get --app=$app --key=fpm_config_dir) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= # SPECIFIC CODE @@ -69,24 +71,33 @@ free_footprint="${YNH_CONFIG_MAIN_PHP_FPM_CONFIG_FREE_FOOTPRINT:-$old_free_footp old_fpm_usage="$(ynh_app_setting_get --app=$app --key=fpm_usage)" fpm_usage="${YNH_CONFIG_MAIN_PHP_FPM_CONFIG_USAGE:-$old_fpm_usage}" +# php_forced_max_children for php-fpm +old_php_forced_max_children="$(ynh_app_setting_get --app=$app --key=php_forced_max_children)" +# If php_forced_max_children isn't into settings.yml, get the current value from the fpm config +if [ -z "$old_php_forced_max_children" ]; then + old_php_forced_max_children="$(grep "^pm.max_children" "$fpm_config_dir/pool.d/$app.conf" | awk '{print $3}')" +fi +php_forced_max_children="${YNH_CONFIG_MAIN_PHP_FPM_CONFIG_FORCE_MAX_CHILDREN:-$old_php_forced_max_children}" + #================================================= # SHOW_CONFIG FUNCTION FOR 'SHOW' COMMAND #================================================= show_config() { - # here you are supposed to read some config file/database/other then print the values - # ynh_return "YNH_CONFIG_${PANEL_ID}_${SECTION_ID}_${OPTION_ID}=value" + # here you are supposed to read some config file/database/other then print the values + # ynh_return "YNH_CONFIG_${PANEL_ID}_${SECTION_ID}_${OPTION_ID}=value" - ynh_return "YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_SETUPVARS=$overwrite_setupvars" - ynh_return "YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_FTL=$overwrite_ftl" - ynh_return "YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_NGINX=$overwrite_nginx" - ynh_return "YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_PHPFPM=$overwrite_phpfpm" + ynh_return "YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_SETUPVARS=$overwrite_setupvars" + ynh_return "YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_FTL=$overwrite_ftl" + ynh_return "YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_NGINX=$overwrite_nginx" + ynh_return "YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_PHPFPM=$overwrite_phpfpm" - ynh_return "YNH_CONFIG_MAIN_GLOBAL_CONFIG_EMAIL_TYPE=$admin_mail_html" + ynh_return "YNH_CONFIG_MAIN_GLOBAL_CONFIG_EMAIL_TYPE=$admin_mail_html" - ynh_return "YNH_CONFIG_MAIN_PHP_FPM_CONFIG_FOOTPRINT=$fpm_footprint" - ynh_return "YNH_CONFIG_MAIN_PHP_FPM_CONFIG_FREE_FOOTPRINT=$free_footprint" - ynh_return "YNH_CONFIG_MAIN_PHP_FPM_CONFIG_USAGE=$fpm_usage" + ynh_return "YNH_CONFIG_MAIN_PHP_FPM_CONFIG_FOOTPRINT=$fpm_footprint" + ynh_return "YNH_CONFIG_MAIN_PHP_FPM_CONFIG_FREE_FOOTPRINT=$free_footprint" + ynh_return "YNH_CONFIG_MAIN_PHP_FPM_CONFIG_USAGE=$fpm_usage" + ynh_return "YNH_CONFIG_MAIN_PHP_FPM_CONFIG_FORCE_MAX_CHILDREN=$php_forced_max_children" } #================================================= @@ -99,27 +110,30 @@ apply_config() { # MODIFY OVERWRITTING SETTINGS #================================================= - # Set overwrite_setupvars - ynh_app_setting_set --app=$app --key=overwrite_setupvars --value="$overwrite_setupvars" - # Set overwrite_ftl - ynh_app_setting_set --app=$app --key=overwrite_ftl --value="$overwrite_ftl" - # Set overwrite_nginx - ynh_app_setting_set --app=$app --key=overwrite_nginx --value="$overwrite_nginx" - # Set overwrite_phpfpm - ynh_app_setting_set --app=$app --key=overwrite_phpfpm --value="$overwrite_phpfpm" + # Set overwrite_setupvars + ynh_app_setting_set --app=$app --key=overwrite_setupvars --value="$overwrite_setupvars" + # Set overwrite_ftl + ynh_app_setting_set --app=$app --key=overwrite_ftl --value="$overwrite_ftl" + # Set overwrite_nginx + ynh_app_setting_set --app=$app --key=overwrite_nginx --value="$overwrite_nginx" + # Set overwrite_phpfpm + ynh_app_setting_set --app=$app --key=overwrite_phpfpm --value="$overwrite_phpfpm" #================================================= # MODIFY EMAIL SETTING #================================================= - # Set admin_mail_html - ynh_app_setting_set --app=$app --key=admin_mail_html --value="$admin_mail_html" + # Set admin_mail_html + ynh_app_setting_set --app=$app --key=admin_mail_html --value="$admin_mail_html" #================================================= # RECONFIGURE PHP-FPM #================================================= - if [ "$fpm_usage" != "$old_fpm_usage" ] || [ "$fpm_footprint" != "$old_fpm_footprint" ] || [ "$free_footprint" != "$old_free_footprint" ] + if [ "$fpm_usage" != "$old_fpm_usage" ] || \ + [ "$fpm_footprint" != "$old_fpm_footprint" ] || \ + [ "$free_footprint" != "$old_free_footprint" ] || \ + [ "$php_forced_max_children" != "$old_php_forced_max_children" ] then # If fpm_footprint is set to 'specific', use $free_footprint value. if [ "$fpm_footprint" = "specific" ] @@ -127,9 +141,21 @@ apply_config() { fpm_footprint=$free_footprint fi + if [ "$php_forced_max_children" != "$old_php_forced_max_children" ] + then + # Set php_forced_max_children + if [ $php_forced_max_children -ne 0 ] + then + ynh_app_setting_set --app=$app --key=php_forced_max_children --value="$php_forced_max_children" + else + # If the value is set to 0, remove the setting + ynh_app_setting_delete --app=$app --key=php_forced_max_children + fi + fi + if [ "$fpm_footprint" != "0" ] then - ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint + ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint --dedicated_service else ynh_print_err --message="When selecting 'specific', you have to set a footprint value into the field below." fi @@ -143,6 +169,6 @@ apply_config() { #================================================= case $1 in - show) show_config;; - apply) apply_config;; + show) show_config;; + apply) apply_config;; esac diff --git a/scripts/install b/scripts/install index f1b05fb..9c3c494 100644 --- a/scripts/install +++ b/scripts/install @@ -6,12 +6,12 @@ # IMPORT GENERIC HELPERS #================================================= -source _common.sh -source /usr/share/yunohost/helpers -source _ynh_add_fpm_config # Load common variables for all scripts. source _variables +source _common.sh +source /usr/share/yunohost/helpers + #================================================= # MANAGE FAILURE OF THE SCRIPT #================================================= @@ -28,6 +28,7 @@ path_url=$YNH_APP_ARG_PATH admin=$YNH_APP_ARG_ADMIN query_logging=$YNH_APP_ARG_QUERY_LOGGING enable_dhcp=$YNH_APP_ARG_ENABLE_DHCP +pihole_version="$YNH_APP_ARG_PIHOLE_VERSION" app=$YNH_APP_INSTANCE_NAME @@ -52,6 +53,7 @@ ynh_app_setting_set --app=$app --key=path --value=$path_url ynh_app_setting_set --app=$app --key=admin --value=$admin ynh_app_setting_set --app=$app --key=query_logging --value=$query_logging ynh_app_setting_set --app=$app --key=enable_dhcp --value=$enable_dhcp +ynh_app_setting_set --app=$app --key=pihole_version --value="$pihole_version" ynh_app_setting_set --app=$app --key=overwrite_setupvars --value=1 ynh_app_setting_set --app=$app --key=overwrite_ftl --value=1 @@ -64,16 +66,14 @@ ynh_app_setting_set --app=$app --key=admin_mail_html --value=1 #================================================= # FIND AND OPEN A PORT #================================================= -ynh_script_progression --message="Configuring firewall..." --weight=12 +ynh_script_progression --message="Finding an available port..." --weight=12 # Find a free port port=$(ynh_find_port --port=4711) if [ $port -gt 4720 ] then - ynh_die --message="The ports 4711 to 4720 are already in use. Pi-hole can't works on another port. Please try to free one of this ports." + ynh_die --message="The ports 4711 to 4720 are already in use. Pi-hole can't work on another port. Please try to free one of these ports." fi -# Open this port -ynh_exec_fully_quiet yunohost firewall allow --no-upnp TCP $port ynh_app_setting_set --app=$app --key=port --value=$port # Disable the port 53 for upnp @@ -87,6 +87,14 @@ ynh_script_progression --message="Installing dependencies..." --weight=12 ynh_install_app_dependencies $app_depencencies +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." --weight=2 + +# Create a dedicated system user +ynh_system_user_create --username=$app + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -95,9 +103,20 @@ ynh_script_progression --message="Setting up source files..." --weight=4 ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Make a copy of local pihole repository (for Gravity) pihole_local_repo="/etc/.pihole" -ynh_setup_source --dest_dir="$pihole_local_repo" -# Install admin dashboard -ynh_setup_source --dest_dir="$final_path" --source_id=admin_dashboard +if [ "$pihole_version" == "Last 3.X" ] +then + # Install the version 3.3.1 + ynh_setup_source --dest_dir="$pihole_local_repo" --source_id=app_3 + # Install admin dashboard + ynh_setup_source --dest_dir="$final_path" --source_id=admin_dashboard_3 +else + # Install the last version available + ynh_setup_source --dest_dir="$pihole_local_repo" --source_id=app_last + # Install admin dashboard + ynh_setup_source --dest_dir="$final_path" --source_id=admin_dashboard_last +fi + +chown $app:www-data "$final_path" #================================================= # NGINX CONFIGURATION @@ -107,21 +126,13 @@ ynh_script_progression --message="Configuring nginx web server..." --weight=2 # Create a dedicated nginx config ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=2 - -# Create a dedicated system user -ynh_system_user_create --username=$app - #================================================= # PHP-FPM CONFIGURATION #================================================= ynh_script_progression --message="Configuring php-fpm..." --weight=2 # Create a dedicated php-fpm config -ynh_add_fpm_config --usage=low --footprint=low +ynh_add_fpm_config --usage=low --footprint=low --dedicated_service #================================================= # SPECIFIC SETUP @@ -156,17 +167,22 @@ cp -a "$pihole_local_repo/advanced/bash-completion/pihole" /etc/bash_completion. # CREATE LOG FILES #================================================= -touch /var/log/pihole.log -chmod 644 /var/log/pihole.log +touch /var/log/{pihole,pihole-FTL}.log +chmod 644 /var/log/{pihole,pihole-FTL}.log dnsmasq_user=$(grep DNSMASQ_USER= /etc/init.d/dnsmasq | cut -d'"' -f2) -chown $dnsmasq_user:root /var/log/pihole.log +chown $dnsmasq_user:root /var/log/{pihole,pihole-FTL}.log #================================================= # CREATE SUDOER FILE #================================================= # This sudoers config allow pihole to execute /usr/local/bin/pihole as root without password. Nothing more. -cp "$pihole_local_repo/advanced/pihole.sudo" /etc/sudoers.d/pihole +if [ "$pihole_version" == "Last 3.X" ] +then + cp "$pihole_local_repo/advanced/pihole.sudo" /etc/sudoers.d/pihole +else + cp "$pihole_local_repo/advanced/Templates/pihole.sudo" /etc/sudoers.d/pihole +fi echo "$app ALL=NOPASSWD: /usr/local/bin/pihole" >> /etc/sudoers.d/pihole # echo "Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin" >> /etc/sudoers.d/pihole chmod 0440 /etc/sudoers.d/pihole @@ -175,7 +191,12 @@ chmod 0440 /etc/sudoers.d/pihole # INSTALL LOGROTATE SCRIPT FOR PI-HOLE #================================================= -cp "$pihole_local_repo/advanced/logrotate" "$pihole_storage/logrotate" +if [ "$pihole_version" == "Last 3.X" ] +then + cp "$pihole_local_repo/advanced/logrotate" "$pihole_storage/logrotate" +else + cp "$pihole_local_repo/advanced/Templates/logrotate" "$pihole_storage/logrotate" +fi sed -i "/# su #/d;" "$pihole_storage/logrotate" #================================================= @@ -185,21 +206,65 @@ ynh_script_progression --message="Installing PiHole-FTL..." --weight=30 # Get the source of Pi-Hole-FTL FTL_temp_path=$(mktemp -d) -ynh_setup_source --dest_dir="$FTL_temp_path" --source_id=FTL +if [ "$pihole_version" == "Last 3.X" ] +then + # Install the version 3.3.1 + ynh_setup_source --dest_dir="$FTL_temp_path" --source_id=FTL_3 +else + # Install the last version available + ynh_setup_source --dest_dir="$FTL_temp_path" --source_id=FTL_last +fi # Instead of downloading a binary file, we're going to compile it ( cd "$FTL_temp_path" +if [ "$pihole_version" == "Last available" ] +then + ynh_exec_warn_less cmake . +fi ynh_exec_warn_less make ynh_exec_warn_less make install ) ynh_secure_remove --file="$FTL_temp_path" -cp "../conf/pihole-FTL.conf" "$pihole_storage" -# Calculate and store the config file checksum into the app settings -ynh_store_file_checksum --file="$pihole_storage/pihole-FTL.conf" +cp "../conf/dns-servers.conf" "$pihole_storage" -cp -a $pihole_local_repo/advanced/pihole-FTL.service /etc/init.d/pihole-FTL -chmod +x /etc/init.d/pihole-FTL -ynh_exec_warn_less systemctl enable pihole-FTL +ynh_add_config --template="../conf/pihole-FTL.conf" --destination="$pihole_storage/pihole-FTL.conf" + +if [ "$pihole_version" == "Last 3.X" ] +then + # Version 3.3.1 + cp -a $pihole_local_repo/advanced/pihole-FTL.service /etc/init.d/pihole-FTL + chmod +x /etc/init.d/pihole-FTL + ynh_exec_warn_less systemctl enable pihole-FTL --quiet +else + # Last version available + # Stopped dnsmasq to replace it by pihole-FTL + ynh_systemd_action --action=stop --service_name=dnsmasq + + # Disable the real dnsmasq service + ynh_exec_warn_less systemctl disable dnsmasq --quiet + + # And move the files that make the service available in systemd to really disable it + mv /lib/systemd/system/dnsmasq.service /lib/systemd/system/.dnsmasq.service.backup_by_pihole + mv /etc/init.d/dnsmasq /etc/init.d/.dnsmasq.backup_by_pihole + + # Move dnsmasq to preserve the current binary + mv /usr/sbin/dnsmasq /usr/sbin/dnsmasq.backup_by_pihole + # Replace dnsmasq by pihole-FTL + # NOTE: pihole-FTL is actually a modified version of dnsmasq + # https://github.com/pi-hole/FTL/tree/master/dnsmasq + ln -s /usr/bin/pihole-FTL /usr/sbin/dnsmasq + + cp -a $pihole_local_repo/advanced/Templates/pihole-FTL.service /etc/init.d/pihole-FTL + chmod +x /etc/init.d/pihole-FTL + ynh_exec_warn_less systemctl enable pihole-FTL --quiet + + # Replace the service dnsmasq by pihole-FTL + # That way, YunoHost can continue to use dnsmasq by actually using pihole-FTL + ln -s /run/systemd/generator.late/pihole-FTL.service /etc/systemd/system/multi-user.target.wants/dnsmasq.service + + # Reload systemd config + systemctl daemon-reload +fi #================================================= # BUILD VARIABLES FILE @@ -215,9 +280,9 @@ echo "IPV6_ADDRESS=::1" >> $setupVars echo "PIHOLE_DNS_1=" >> $setupVars echo "PIHOLE_DNS_2=" >> $setupVars if [ $query_logging -eq 1 ]; then - query_logging=true + query_logging=true else - query_logging=false + query_logging=false fi echo "QUERY_LOGGING=$query_logging" >> $setupVars echo "INSTALL_WEB=true" >> $setupVars @@ -230,7 +295,7 @@ ynh_store_file_checksum --file="$setupVars" #================================================= ynh_script_progression --message="Setting up Dnsmasq config..." --weight=2 -ynh_systemd_action --action=stop --service_name=dnsmasq +# ynh_systemd_action --action=stop --service_name=dnsmasq pihole_dnsmasq_config="/etc/dnsmasq.d/01-pihole.conf" cp "$pihole_local_repo/advanced/01-pihole.conf" $pihole_dnsmasq_config @@ -241,9 +306,9 @@ ynh_replace_string --match_string="^no-resolv" --replace_string="#no-resolv" --t ynh_replace_string --match_string="@INT@" --replace_string="$main_iface" --target_file=$pihole_dnsmasq_config if [ "$query_logging" = "true" ]; then - ynh_replace_string --match_string="^#log-queries" --replace_string="log-queries" --target_file=$pihole_dnsmasq_config + ynh_replace_string --match_string="^#log-queries" --replace_string="log-queries" --target_file=$pihole_dnsmasq_config else - ynh_replace_string --match_string="^log-queries" --replace_string="#log-queries" --target_file=$pihole_dnsmasq_config + ynh_replace_string --match_string="^log-queries" --replace_string="#log-queries" --target_file=$pihole_dnsmasq_config fi # Fix a too recent option for our dnsmasq version. @@ -266,12 +331,12 @@ localipv4=$(ip address | grep "${main_iface}\$" | awk '{print $2;}' | cut -d/ -f # List all YunoHost domains while read perdomain do - # Comment domain resolution in /etc/hosts on 127.0.0.1, because they can interfere with the local network resolution. - ynh_replace_string --match_string="^127.0.0.1.*$perdomain" --replace_string="#Commented by pihole# &" --target_file=/etc/hosts + # Comment domain resolution in /etc/hosts on 127.0.0.1, because they can interfere with the local network resolution. + ynh_replace_string --match_string="^127.0.0.1.*$perdomain" --replace_string="#Commented by pihole# &" --target_file=/etc/hosts - # And add a resolution on the local IP instead - grep -q "^$localipv4.*$perdomain" /etc/hosts || \ - echo "$localipv4 $perdomain #Added by pihole#" >> /etc/hosts + # And add a resolution on the local IP instead + grep -q "^$localipv4.*$perdomain" /etc/hosts || \ + echo "$localipv4 $perdomain #Added by pihole#" >> /etc/hosts done <<< "$(yunohost domain list | grep "\." | sed 's/.*: \|.*- //')" #================================================= @@ -280,68 +345,92 @@ done <<< "$(yunohost domain list | grep "\." | sed 's/.*: \|.*- //')" if [ $enable_dhcp -eq 1 ] then - ynh_script_progression --message="Enabling dhcp server..." - max_dhcp_range=250 - dhcp_range=100 - # Define the dhcp range from the current ip - ip_beginning_part=$(echo "$localipv4" | cut -d. -f1-3) - ip_fourth_part=$(echo "$localipv4" | cut -d. -f4) - b_range=$(( $ip_fourth_part + $dhcp_range )) - if [ $b_range -gt $max_dhcp_range ]; then - b_range=$max_dhcp_range - fi - a_range=$(( $b_range - $dhcp_range )) + ynh_script_progression --message="Enabling dhcp server..." + max_dhcp_range=250 + dhcp_range=100 + # Define the dhcp range from the current ip + ip_beginning_part=$(echo "$localipv4" | cut -d. -f1-3) + ip_fourth_part=$(echo "$localipv4" | cut -d. -f4) + b_range=$(( $ip_fourth_part + $dhcp_range )) + if [ $b_range -gt $max_dhcp_range ]; then + b_range=$max_dhcp_range + fi + a_range=$(( $b_range - $dhcp_range )) - # Get the gateway - gateway=$(ip route | grep default | awk '{print $3;}') - # And the mac adress - hw_adress=$(ip link | grep -A1 "$main_iface" | tail -n1 | awk '{print $2;}') + # Get the gateway + gateway=$(ip route | grep default | awk '{print $3;}') + # And the mac adress + hw_adress=$(ip link | grep -A1 "$main_iface" | tail -n1 | awk '{print $2;}') - # Copy the config file - cp "../conf/02-pihole-dhcp.conf" "/etc/dnsmasq.d/" + # Copy the config file + cp "../conf/02-pihole-dhcp.conf" "/etc/dnsmasq.d/" - # And set the config - ynh_replace_string --match_string="__A_RANGE__" --replace_string="$ip_beginning_part.$a_range" --target_file="/etc/dnsmasq.d/02-pihole-dhcp.conf" - ynh_replace_string --match_string="__B_RANGE__" --replace_string="$ip_beginning_part.$b_range" --target_file="/etc/dnsmasq.d/02-pihole-dhcp.conf" - ynh_replace_string --match_string="__GATEWAY__" --replace_string="$gateway" --target_file="/etc/dnsmasq.d/02-pihole-dhcp.conf" + # And set the config + ynh_replace_string --match_string="__A_RANGE__" --replace_string="$ip_beginning_part.$a_range" --target_file="/etc/dnsmasq.d/02-pihole-dhcp.conf" + ynh_replace_string --match_string="__B_RANGE__" --replace_string="$ip_beginning_part.$b_range" --target_file="/etc/dnsmasq.d/02-pihole-dhcp.conf" + ynh_replace_string --match_string="__GATEWAY__" --replace_string="$gateway" --target_file="/etc/dnsmasq.d/02-pihole-dhcp.conf" - # Set a static ip for the server. - echo "dhcp-host=$hw_adress,$localipv4" > "/etc/dnsmasq.d/04-pihole-static-dhcp.conf" + # Set a static ip for the server. + echo "dhcp-host=$hw_adress,$localipv4" > "/etc/dnsmasq.d/04-pihole-static-dhcp.conf" fi # Open the UDP port 67 for dhcp ynh_exec_fully_quiet yunohost firewall allow UDP 67 --no-upnp #================================================= -# RESTART DNSMASQ +# SET VERSIONS FOR THE FOOTER OF THE WEB INTERFACE #================================================= -ynh_script_progression --message="Restarting Dnsmasq..." --weight=2 -ynh_systemd_action --action=restart --service_name=dnsmasq +echo "master master master" > $pihole_storage/localbranches +echo "$pihole_core_version $dashboard_version $FTL_version" | tee $pihole_storage/{GitHubVersions,localversions} > /dev/null #================================================= # INSTALL CRON JOB #================================================= -cp $pihole_local_repo/advanced/pihole.cron /etc/cron.d/pihole +if [ "$pihole_version" == "Last 3.X" ] +then + cp $pihole_local_repo/advanced/pihole.cron /etc/cron.d/pihole +else + cp $pihole_local_repo/advanced/Templates/pihole.cron /etc/cron.d/pihole +fi + # Remove git usage for version. Which fails because we use here a release instead of master. ynh_replace_string --match_string=".*updatechecker.*" --replace_string="#&" --target_file=/etc/cron.d/pihole +#================================================= +# RESTART DNSMASQ +#================================================= + +# Restart dnsmasq only for the version 3.X, otherwise we're going to restart it twice. +if [ "$pihole_version" == "Last 3.X" ] +then + ynh_script_progression --message="Restarting Dnsmasq..." --weight=2 + + ynh_systemd_action --action=restart --service_name=dnsmasq +fi + +#================================================= +# START PIHOLE-FTL +#================================================= + +ynh_script_progression --message="Restarting PiHole-FTL..." --weight=2 + +ynh_systemd_action --action=restart --service_name=pihole-FTL + #================================================= # BUILD THE LISTS WITH GRAVITY #================================================= ynh_script_progression --message="Building the lists with Gravity..." --weight=7 -cp "$pihole_local_repo/adlists.default" "$pihole_storage/adlists.default" +if [ "$pihole_version" == "Last 3.X" ] +then + cp "$pihole_local_repo/adlists.default" "$pihole_storage/adlists.default" +else + cp "../conf/adlists.default" "$pihole_storage/adlists.list" +fi ynh_exec_warn_less /opt/pihole/gravity.sh -#================================================= -# START PIHOLE-FTL -#================================================= -ynh_script_progression --message="Restarting PiHole-FTL..." --weight=2 - -ynh_systemd_action --action=restart --service_name=pihole-FTL - #================================================= # SET UP CONF_REGEN HOOK #================================================= @@ -354,19 +443,19 @@ cp ../conf/dnsmasq_regenconf_hook /usr/share/yunohost/hooks/conf_regen/50-dnsmas # ADVERTISE SERVICE IN ADMIN PANEL #================================================= -yunohost service add pihole-FTL --description "PiHole backend service" --log "/var/log/pihole-FTL.log" +yunohost service add pihole-FTL --description="PiHole backend service" --log="/var/log/pihole-FTL.log" #================================================= # RESTRAIN THE ACCESS TO THE ADMIN ONLY #================================================= ynh_script_progression --message="Restraining the access to the admin only..." --weight=2 -yunohost app addaccess --users=$admin $app +ynh_permission_update --permission="main" --add="$admin" --remove="all_users" #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading nginx web server..." --weight=3 +ynh_script_progression --message="Reloading NGINX web server..." --weight=3 ynh_systemd_action --service_name=nginx --action=reload @@ -379,12 +468,12 @@ admin_panel="https://$(grep portal_domain /etc/ssowat/conf.json | cut -d'"' -f4) if [ $enable_dhcp -eq 1 ] then - dhcp_alert="You asked to use the internal DHCP server of dnsmasq with PiHole. + dhcp_alert="You asked to use the internal DHCP server of dnsmasq with PiHole. You should really read the __URL_TAG1__documentation about that__URL_TAG2__https://github.com/YunoHost-Apps/pihole_ynh/blob/master/dhcp.md__URL_TAG3__ " else - dhcp_alert="" + dhcp_alert="" fi echo "${dhcp_alert}You can configure this app easily by using the experimental __URL_TAG1__config-panel feature__URL_TAG2__$admin_panel/config-panel__URL_TAG3__. diff --git a/scripts/remove b/scripts/remove index 928cb91..b9e9537 100755 --- a/scripts/remove +++ b/scripts/remove @@ -18,6 +18,7 @@ app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) port=$(ynh_app_setting_get --app=$app --key=port) +pihole_version="$(ynh_app_setting_get --app=$app --key=pihole_version)" #================================================= # STANDARD REMOVE @@ -28,8 +29,8 @@ port=$(ynh_app_setting_get --app=$app --key=port) # Check if the service is declared in YunoHost if ynh_exec_fully_quiet yunohost service status pihole-FTL then - ynh_script_progression --message="Removing pihole-FTL service..." --weight=2 - yunohost service remove pihole-FTL + ynh_script_progression --message="Removing pihole-FTL service..." --weight=2 + yunohost service remove pihole-FTL fi #================================================= @@ -37,9 +38,35 @@ fi #================================================= ynh_script_progression --message="Stop and remove the service" -ynh_systemd_action --action=stop --service_name=pihole-FTL -ynh_exec_warn_less systemctl disable pihole-FTL -rm -f "/etc/init.d/pihole-FTL" "/usr/bin/pihole-FTL" "/var/run/pihole-FTL.pid" "/var/run/pihole-FTL.port" +if [ "$pihole_version" == "Last 3.X" ] +then + ynh_systemd_action --action=stop --service_name=pihole-FTL + ynh_exec_warn_less systemctl disable pihole-FTL --quiet +else + ynh_systemd_action --action=stop --service_name=pihole-FTL + + # Restore dnsmasq as main DNS resolver + # Move dnsmasq back to its original place + if [ -e "/usr/sbin/dnsmasq.backup_by_pihole" ] + then # Remove dnsmasq only if we have its backup + ynh_secure_remove --file="/usr/sbin/dnsmasq" + mv /usr/sbin/dnsmasq.backup_by_pihole /usr/sbin/dnsmasq + fi + + # Move back the service configuration for dnsmasq + ynh_secure_remove --file="/etc/systemd/system/multi-user.target.wants/dnsmasq.service" + mv /lib/systemd/system/.dnsmasq.service.backup_by_pihole /lib/systemd/system/dnsmasq.service + mv /etc/init.d/.dnsmasq.backup_by_pihole /etc/init.d/dnsmasq + + ynh_exec_warn_less systemctl enable dnsmasq --quiet + # Reload systemd config + systemctl daemon-reload +fi + +ynh_secure_remove --file="/etc/init.d/pihole-FTL" +ynh_secure_remove --file="/usr/bin/pihole-FTL" +ynh_secure_remove --file="/var/run/pihole-FTL.pid" +ynh_secure_remove --file="/var/run/pihole-FTL.port" #================================================= # REMOVE DEPENDENCIES @@ -66,7 +93,7 @@ ynh_secure_remove --file="/etc/.pihole" #================================================= # REMOVE NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Removing nginx web server configuration..." +ynh_script_progression --message="Removing NGINX web server configuration..." # Remove the dedicated nginx config ynh_remove_nginx_config @@ -74,7 +101,7 @@ ynh_remove_nginx_config #================================================= # REMOVE PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Removing php-fpm configuration..." --weight=2 +ynh_script_progression --message="Removing PHP-FPM configuration..." --weight=2 # Remove the dedicated php-fpm config ynh_remove_fpm_config @@ -82,18 +109,18 @@ ynh_remove_fpm_config #================================================= # CLOSE PORTS #================================================= -ynh_script_progression --message="Closing port $port et 67..." --weight=13 +ynh_script_progression --message="Closing ports $port and 67..." --weight=13 if yunohost firewall list | grep -q "\- $port$" then - ynh_print_info "Close port $port" - ynh_exec_quiet yunohost firewall disallow TCP $port + ynh_print_info "Close port $port" + ynh_exec_quiet yunohost firewall disallow TCP $port fi if yunohost firewall list | grep -q "\- 67$" then - ynh_print_info "Close port 67" - ynh_exec_quiet yunohost firewall disallow UDP 67 + ynh_print_info "Close port 67" + ynh_exec_quiet yunohost firewall disallow UDP 67 fi #================================================= @@ -148,6 +175,12 @@ sed -i "/#Added by pihole#/d" /etc/hosts #================================================= ynh_script_progression --message="Restarting Dnsmasq..." +if [ "$pihole_version" == "Last available" ] +then + # Quietly start dnsmasq a first time, because it usually doesn't start correctly the first time. + ynh_exec_fully_quiet systemctl start dnsmasq + sleep 1 +fi ynh_systemd_action --action=restart --service_name=dnsmasq #================================================= diff --git a/scripts/restore b/scripts/restore index 92f8a9b..2cf05da 100644 --- a/scripts/restore +++ b/scripts/restore @@ -6,11 +6,12 @@ # IMPORT GENERIC HELPERS #================================================= -source ../settings/scripts/_common.sh -source /usr/share/yunohost/helpers # Load common variables for all scripts. source ../settings/scripts/_variables +source ../settings/scripts/_common.sh +source /usr/share/yunohost/helpers + #================================================= # MANAGE SCRIPT FAILURE #================================================= @@ -30,6 +31,13 @@ path_url=$(ynh_app_setting_get --app=$app --key=path) final_path=$(ynh_app_setting_get --app=$app --key=final_path) enable_dhcp=$(ynh_app_setting_get --app=$app --key=enable_dhcp) admin=$(ynh_app_setting_get --app=$app --key=admin) +pihole_version="$(ynh_app_setting_get --app=$app --key=pihole_version)" + +# Get variables from ynh_add_fpm_config +fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint) +fpm_usage=$(ynh_app_setting_get --app=$app --key=fpm_usage) +fpm_config_dir=$(ynh_app_setting_get --app=$app --key=fpm_config_dir) +fpm_service=$(ynh_app_setting_get --app=$app --key=fpm_service) #================================================= # CHECK IF THE APP CAN BE RESTORED @@ -37,9 +45,9 @@ admin=$(ynh_app_setting_get --app=$app --key=admin) ynh_script_progression --message="Validating restoration parameters..." ynh_webpath_available --domain=$domain --path_url=$path_url \ - || ynh_die --message="Path not available: ${domain}${path_url}" + || ynh_die --message="Path not available: ${domain}${path_url}" test ! -d $final_path \ - || ynh_die --message="There is already a directory: $final_path " + || ynh_die --message="There is already a directory: $final_path " #================================================= # ACTIVATE MAINTENANCE MODE @@ -89,8 +97,14 @@ chown root: -R "/etc/pihole/logrotate" #================================================= # RESTORE THE PHP-FPM CONFIGURATION #================================================= +ynh_script_progression --message="Reconfiguring PHP-FPM..." --weight=7 -ynh_restore_file --origin_path="/etc/php/7.0/fpm/pool.d/$app.conf" +# Restore the file first, so it can have a backup if different +ynh_restore_file --origin_path="$fpm_config_dir/php-fpm-$app.conf" +ynh_restore_file --origin_path="$fpm_config_dir/pool.d/$app.conf" + +# Recreate a dedicated php-fpm config +ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint --dedicated_service #================================================= # SPECIFIC RESTORE @@ -105,7 +119,7 @@ ynh_install_app_dependencies $app_depencencies # ADVERTISE SERVICE IN ADMIN PANEL #================================================= -yunohost service add pihole-FTL --description "PiHole backend service" --log "/var/log/pihole-FTL.log" +yunohost service add pihole-FTL --description="PiHole backend service" --log="/var/log/pihole-FTL.log" #================================================= # RESTORE THE CRON FILE @@ -137,6 +151,43 @@ ynh_restore_file --origin_path="/usr/bin/pihole-FTL" ynh_restore_file --origin_path="/usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app" +#================================================= +# REPLACE THE DEFAULT DNSMASQ BY PIHOLE-FTL +#================================================= + +if [ "$pihole_version" == "Last available" ] +then + # Last version available + # Stopped dnsmasq to replace it by pihole-FTL + ynh_systemd_action --action=stop --service_name=dnsmasq + + # Disable the real dnsmasq service + ynh_exec_warn_less systemctl disable dnsmasq --quiet + + # And move the files that make the service available in systemd to really disable it + mv /lib/systemd/system/dnsmasq.service /lib/systemd/system/.dnsmasq.service.backup_by_pihole + mv /etc/init.d/dnsmasq /etc/init.d/.dnsmasq.backup_by_pihole + + # Move dnsmasq to preserve the current binary + mv /usr/sbin/dnsmasq /usr/sbin/dnsmasq.backup_by_pihole + # Replace dnsmasq by pihole-FTL + # NOTE: pihole-FTL is actually a modified version of dnsmasq + # https://github.com/pi-hole/FTL/tree/master/dnsmasq + ln -s /usr/bin/pihole-FTL /usr/sbin/dnsmasq + + pihole_local_repo="/etc/.pihole" + cp -a $pihole_local_repo/advanced/Templates/pihole-FTL.service /etc/init.d/pihole-FTL + chmod +x /etc/init.d/pihole-FTL + ynh_exec_warn_less systemctl enable pihole-FTL --quiet + + # Replace the service dnsmasq by pihole-FTL + # That way, YunoHost can continue to use dnsmasq by actually using pihole-FTL + ln -s /run/systemd/generator.late/pihole-FTL.service /etc/systemd/system/multi-user.target.wants/dnsmasq.service + + # Reload systemd config + systemctl daemon-reload +fi + #================================================= # RESTORE DNSMASQ CONFIG #================================================= @@ -146,11 +197,11 @@ ynh_systemd_action --action=stop --service_name=dnsmasq ynh_restore_file --origin_path="/etc/dnsmasq.d/01-pihole.conf" test -e "${YNH_APP_BACKUP_DIR}/etc/dnsmasq.d/02-pihole-dhcp.conf" && \ - ynh_restore_file --origin_path="/etc/dnsmasq.d/02-pihole-dhcp.conf" + ynh_restore_file --origin_path="/etc/dnsmasq.d/02-pihole-dhcp.conf" test -e "${YNH_APP_BACKUP_DIR}/etc/dnsmasq.d/03-pihole-wildcard.conf" && \ - ynh_restore_file --origin_path="/etc/dnsmasq.d/03-pihole-wildcard.conf" + ynh_restore_file --origin_path="/etc/dnsmasq.d/03-pihole-wildcard.conf" test -e "${YNH_APP_BACKUP_DIR}/etc/dnsmasq.d/04-pihole-static-dhcp.conf" && \ - ynh_restore_file --origin_path="/etc/dnsmasq.d/04-pihole-static-dhcp.conf" + ynh_restore_file --origin_path="/etc/dnsmasq.d/04-pihole-static-dhcp.conf" # To prevent any conflict with the original dnsmasq config, comment cache-size in the original config. ynh_replace_string --match_string="^cache-size=" --replace_string="#pihole# cache-size=" --target_file=/etc/dnsmasq.conf @@ -168,20 +219,25 @@ localipv4=$(ip address | grep "${main_iface}\$" | awk '{print $2;}' | cut -d/ -f # List all YunoHost domains while read perdomain do - # Comment domain resolution in /etc/hosts on 127.0.0.1, because they can interfere with the local network resolution. - ynh_replace_string --match_string="^127.0.0.1.*$perdomain" --replace_string="#Commented by pihole# &" --target_file=/etc/hosts + # Comment domain resolution in /etc/hosts on 127.0.0.1, because they can interfere with the local network resolution. + ynh_replace_string --match_string="^127.0.0.1.*$perdomain" --replace_string="#Commented by pihole# &" --target_file=/etc/hosts - # And add a resolution on the local IP instead - grep -q "^$localipv4.*$perdomain" /etc/hosts || \ - echo "$localipv4 $perdomain #Added by pihole#" >> /etc/hosts + # And add a resolution on the local IP instead + grep -q "^$localipv4.*$perdomain" /etc/hosts || \ + echo "$localipv4 $perdomain #Added by pihole#" >> /etc/hosts done <<< "$(yunohost domain list | grep "\." | sed 's/.*: \|.*- //')" #================================================= # RESTART DNSMASQ #================================================= -ynh_script_progression --message="Restarting Dnsmasq..." -ynh_systemd_action --action=restart --service_name=dnsmasq +# Restart dnsmasq only for the version 3.X, otherwise we're going to restart it twice. +if [ "$pihole_version" == "Last 3.X" ] +then + ynh_script_progression --message="Restarting Dnsmasq..." + + ynh_systemd_action --action=restart --service_name=dnsmasq +fi #================================================= # UPDATE VARIABLES FILE @@ -201,7 +257,7 @@ ynh_store_file_checksum --file="$setupVars" #================================================= ynh_script_progression --message="Restarting PiHole-FTL..." --weight=2 -ynh_exec_warn_less systemctl enable pihole-FTL +ynh_exec_warn_less systemctl enable pihole-FTL --quiet ynh_systemd_action --action=restart --service_name=pihole-FTL #================================================= @@ -209,10 +265,10 @@ ynh_systemd_action --action=restart --service_name=pihole-FTL #================================================= # RELOAD NGINX AND PHP-FPM #================================================= -ynh_script_progression --message="Reloading nginx web server and php-fpm..." +ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." -ynh_systemd_action --action=reload --service_name=php7.0-fpm -ynh_systemd_action --action=reload --service_name=nginx +ynh_systemd_action --service_name=$fpm_service --action=reload +ynh_systemd_action --service_name=nginx --action=reload #================================================= # DEACTIVE MAINTENANCE MODE @@ -230,12 +286,12 @@ admin_panel="https://$(grep portal_domain /etc/ssowat/conf.json | cut -d'"' -f4) if [ $enable_dhcp -eq 1 ] then - dhcp_alert="You asked to use the internal DHCP server of dnsmasq with PiHole. + dhcp_alert="You asked to use the internal DHCP server of Dnsmasq with PiHole. You should really read the __URL_TAG1__documentation about that__URL_TAG2__https://github.com/YunoHost-Apps/pihole_ynh/blob/master/dhcp.md__URL_TAG3__ " else - dhcp_alert="" + dhcp_alert="" fi echo "${dhcp_alert}You can configure this app easily by using the experimental __URL_TAG1__config-panel feature__URL_TAG2__$admin_panel/config-panel__URL_TAG3__. diff --git a/scripts/upgrade b/scripts/upgrade index c2a9e82..eea787a 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -6,12 +6,12 @@ # IMPORT GENERIC HELPERS #================================================= -source _common.sh -source /usr/share/yunohost/helpers -source _ynh_add_fpm_config # Load common variables for all scripts. source _variables +source _common.sh +source /usr/share/yunohost/helpers + #================================================= # LOAD SETTINGS #================================================= @@ -26,6 +26,7 @@ query_logging=$(ynh_app_setting_get --app=$app --key=query_logging) final_path=$(ynh_app_setting_get --app=$app --key=final_path) enable_dhcp=$(ynh_app_setting_get --app=$app --key=enable_dhcp) port=$(ynh_app_setting_get --app=$app --key=port) +pihole_version="$(ynh_app_setting_get --app=$app --key=pihole_version)" overwrite_setupvars=$(ynh_app_setting_get --app=$app --key=overwrite_setupvars) overwrite_ftl=$(ynh_app_setting_get --app=$app --key=overwrite_ftl) @@ -48,38 +49,50 @@ ynh_script_progression --message="Ensuring downward compatibility..." # If overwrite_setupvars doesn't exist, create it if [ -z "$overwrite_setupvars" ]; then - overwrite_setupvars=1 - ynh_app_setting_set --app=$app --key=overwrite_setupvars --value=$overwrite_setupvars + overwrite_setupvars=1 + ynh_app_setting_set --app=$app --key=overwrite_setupvars --value=$overwrite_setupvars fi # If overwrite_ftl doesn't exist, create it if [ -z "$overwrite_ftl" ]; then - overwrite_ftl=1 - ynh_app_setting_set --app=$app --key=overwrite_ftl --value=$overwrite_ftl + overwrite_ftl=1 + ynh_app_setting_set --app=$app --key=overwrite_ftl --value=$overwrite_ftl fi # If overwrite_nginx doesn't exist, create it if [ -z "$overwrite_nginx" ]; then - overwrite_nginx=1 - ynh_app_setting_set --app=$app --key=overwrite_nginx --value=$overwrite_nginx + overwrite_nginx=1 + ynh_app_setting_set --app=$app --key=overwrite_nginx --value=$overwrite_nginx fi # If overwrite_phpfpm doesn't exist, create it if [ -z "$overwrite_phpfpm" ]; then - overwrite_phpfpm=1 - ynh_app_setting_set --app=$app --key=overwrite_phpfpm --value=$overwrite_phpfpm + overwrite_phpfpm=1 + ynh_app_setting_set --app=$app --key=overwrite_phpfpm --value=$overwrite_phpfpm +fi + +# If admin_mail_html doesn't exist, create it +if [ -z "$admin_mail_html" ]; then + admin_mail_html=1 + ynh_app_setting_set --app=$app --key=admin_mail_html --value=$admin_mail_html fi # If fpm_footprint doesn't exist, create it if [ -z "$fpm_footprint" ]; then - fpm_footprint=low - ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint + fpm_footprint=low + ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint fi # If fpm_usage doesn't exist, create it if [ -z "$fpm_usage" ]; then - fpm_usage=low - ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage + fpm_usage=low + ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage +fi + +# If pihole_version doesn't exist, create it +if [ -z "$pihole_version" ]; then + pihole_version="Last 3.X" + ynh_app_setting_set --app=$app --key=pihole_version --value="$pihole_version" fi #================================================= @@ -90,19 +103,12 @@ ynh_script_progression --message="Backing up the app before upgrading (may take # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { - # restore it if the upgrade fails - ynh_restore_upgradebackup + # restore it if the upgrade fails + ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script ynh_abort_if_errors -#================================================= -# CHECK THE PATH -#================================================= - -# Normalize the URL path syntax -path_url=$(ynh_normalize_url_path --path_url=$path_url) - #================================================= # ACTIVATE MAINTENANCE MODE #================================================= @@ -119,32 +125,6 @@ ynh_script_progression --message="Upgrading dependencies..." --weight=6 ynh_install_app_dependencies $app_depencencies -#================================================= -# DOWNLOAD, CHECK AND UNPACK SOURCE -#================================================= - -pihole_local_repo="/etc/.pihole" -if [ "$upgrade_type" == "UPGRADE_APP" ] -then - ynh_script_progression --message="Upgrading source files..." --weight=4 - # Update the local copy pihole repository (for Gravity) - ynh_setup_source --dest_dir="$pihole_local_repo" - # Update admin dashboard - ynh_setup_source --dest_dir="$final_path" --source_id=admin_dashboard -fi - -#================================================= -# NGINX CONFIGURATION -#================================================= - -# Overwrite the nginx configuration only if it's allowed -if [ $overwrite_nginx -eq 1 ] -then - ynh_script_progression --message="Upgrading nginx web server configuration..." --weight=2 - # Create a dedicated nginx config - ynh_add_nginx_config -fi - #================================================= # CREATE DEDICATED USER #================================================= @@ -153,6 +133,42 @@ ynh_script_progression --message="Making sure dedicated system user exists..." # Create a dedicated user (if not existing) ynh_system_user_create --username=$app +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= + +pihole_local_repo="/etc/.pihole" +if [ "$upgrade_type" == "UPGRADE_APP" ] +then + ynh_script_progression --message="Upgrading source files..." --weight=4 + if [ "$pihole_version" == "Last 3.X" ] + then + # Update the version 3.X + ynh_setup_source --dest_dir="$pihole_local_repo" --source_id=app_3 + # Update admin dashboard + ynh_setup_source --dest_dir="$final_path" --source_id=admin_dashboard_3 + else + # Update the last version available + ynh_setup_source --dest_dir="$pihole_local_repo" --source_id=app_last + # Update admin dashboard + ynh_setup_source --dest_dir="$final_path" --source_id=admin_dashboard_last + fi +fi + +chown $app:www-data "$final_path" + +#================================================= +# NGINX CONFIGURATION +#================================================= + +# Overwrite the nginx configuration only if it's allowed +if [ $overwrite_nginx -eq 1 ] +then + ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2 + # Create a dedicated nginx config + ynh_add_nginx_config +fi + #================================================= # PHP-FPM CONFIGURATION #================================================= @@ -160,9 +176,9 @@ ynh_system_user_create --username=$app # Overwrite the php-fpm configuration only if it's allowed if [ $overwrite_phpfpm -eq 1 ] then - ynh_script_progression --message="Upgrading php-fpm configuration..." --weight=3 - # Create a dedicated php-fpm config - ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint + ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=3 + # Create a dedicated php-fpm config + ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint --dedicated_service fi #================================================= @@ -191,7 +207,12 @@ cp -a "$pihole_local_repo/advanced/bash-completion/pihole" /etc/bash_completion. #================================================= # This sudoers config allow pihole to execute /usr/local/bin/pihole as root without password. Nothing more. -cp "$pihole_local_repo/advanced/pihole.sudo" /etc/sudoers.d/pihole +if [ "$pihole_version" == "Last 3.X" ] +then + cp "$pihole_local_repo/advanced/pihole.sudo" /etc/sudoers.d/pihole +else + cp "$pihole_local_repo/advanced/Templates/pihole.sudo" /etc/sudoers.d/pihole +fi echo "$app ALL=NOPASSWD: /usr/local/bin/pihole" >> /etc/sudoers.d/pihole chmod 0440 /etc/sudoers.d/pihole @@ -200,8 +221,14 @@ chmod 0440 /etc/sudoers.d/pihole #================================================= pihole_storage="/etc/pihole" -cp "$pihole_local_repo/advanced/logrotate" "$pihole_storage/logrotate" -dnsmasq_user=$(grep DNSMASQ_USER= /etc/init.d/dnsmasq | cut -d'"' -f2) +if [ "$pihole_version" == "Last 3.X" ] +then + cp "$pihole_local_repo/advanced/logrotate" "$pihole_storage/logrotate" + dnsmasq_user=$(grep DNSMASQ_USER= /etc/init.d/dnsmasq | cut -d'"' -f2) +else + cp "$pihole_local_repo/advanced/Templates/logrotate" "$pihole_storage/logrotate" + dnsmasq_user=$(grep FTLUSER= /etc/init.d/pihole-FTL | cut -d'=' -f2) +fi sed -i "/# su #/d;" "$pihole_storage/logrotate" #================================================= @@ -213,30 +240,76 @@ ynh_systemd_action --action=stop --service_name=pihole-FTL if [ "$upgrade_type" == "UPGRADE_APP" ] then - # Get the source of Pi-Hole-FTL - FTL_temp_path=$(mktemp -d) - ynh_setup_source --dest_dir="$FTL_temp_path" --source_id=FTL + # Get the source of Pi-Hole-FTL + FTL_temp_path=$(mktemp -d) + if [ "$pihole_version" == "Last 3.X" ] + then + # Install the version 3.3.1 + ynh_setup_source --dest_dir="$FTL_temp_path" --source_id=FTL_3 + else + # Install the last version available + ynh_setup_source --dest_dir="$FTL_temp_path" --source_id=FTL_last + fi - # Instead of downloading a binary file, we're going to compile it - ( cd "$FTL_temp_path" - ynh_exec_warn_less make - ynh_exec_warn_less make install ) - ynh_secure_remove --file="$FTL_temp_path" + # Instead of downloading a binary file, we're going to compile it + ( cd "$FTL_temp_path" + if [ "$pihole_version" == "Last available" ] + then + ynh_exec_warn_less cmake . + fi + ynh_exec_warn_less make + ynh_exec_warn_less make install ) + ynh_secure_remove --file="$FTL_temp_path" fi # Overwrite pihole-FTL config file only if it's allowed if [ $overwrite_ftl -eq 1 ] then - # Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script. - ynh_backup_if_checksum_is_different --file="$pihole_storage/pihole-FTL.conf" - cp "../conf/pihole-FTL.conf" "$pihole_storage" - # Recalculate and store the checksum of the file for the next upgrade. - ynh_store_file_checksum --file="$pihole_storage/pihole-FTL.conf" + ynh_add_config --template="../conf/pihole-FTL.conf" --destination="$pihole_storage/pihole-FTL.conf" fi -cp -a $pihole_local_repo/advanced/pihole-FTL.service /etc/init.d/pihole-FTL -chmod +x /etc/init.d/pihole-FTL -ynh_exec_warn_less systemctl enable pihole-FTL +if [ "$pihole_version" == "Last 3.X" ] +then + # Version 3.3.1 + cp -a $pihole_local_repo/advanced/pihole-FTL.service /etc/init.d/pihole-FTL + chmod +x /etc/init.d/pihole-FTL + ynh_exec_warn_less systemctl enable pihole-FTL --quiet +else + # Last version available + # Stopped dnsmasq to replace it by pihole-FTL + ynh_systemd_action --action=stop --service_name=dnsmasq + + # Disable the real dnsmasq service + ynh_exec_warn_less systemctl disable dnsmasq --quiet + + # And move the files that make the service available in systemd to really disable it + if [ ! -e "/lib/systemd/system/.dnsmasq.service.backup_by_pihole" ]; then + mv /lib/systemd/system/dnsmasq.service /lib/systemd/system/.dnsmasq.service.backup_by_pihole + fi + if [ ! -e "/etc/init.d/.dnsmasq.backup_by_pihole" ]; then + mv /etc/init.d/dnsmasq /etc/init.d/.dnsmasq.backup_by_pihole + fi + + # Move dnsmasq to preserve the current binary + if [ ! -e "/usr/sbin/dnsmasq.backup_by_pihole" ]; then + mv /usr/sbin/dnsmasq /usr/sbin/dnsmasq.backup_by_pihole + fi + # Replace dnsmasq by pihole-FTL + # NOTE: pihole-FTL is actually a modified version of dnsmasq + # https://github.com/pi-hole/FTL/tree/master/dnsmasq + ln -sf /usr/bin/pihole-FTL /usr/sbin/dnsmasq + + cp -a $pihole_local_repo/advanced/Templates/pihole-FTL.service /etc/init.d/pihole-FTL + chmod +x /etc/init.d/pihole-FTL + ynh_exec_warn_less systemctl enable pihole-FTL --quiet + + # Replace the service dnsmasq by pihole-FTL + # That way, YunoHost can continue to use dnsmasq by actually using pihole-FTL + ln -sf /run/systemd/generator.late/pihole-FTL.service /etc/systemd/system/multi-user.target.wants/dnsmasq.service + + # Reload systemd config + systemctl daemon-reload +fi #================================================= # BUILD VARIABLES FILE @@ -247,33 +320,38 @@ setupVars="$pihole_storage/setupVars.conf" # Overwrite the setupVars config file only if it's allowed if [ $overwrite_setupvars -eq 1 ] then - # Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script. - ynh_backup_if_checksum_is_different --file="$setupVars" + # Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script. + ynh_backup_if_checksum_is_different --file="$setupVars" - # Get the default network interface - main_iface=$(ip route | grep --max-count=1 default | awk '{print $5;}') - echo "PIHOLE_INTERFACE=$main_iface" > $setupVars - echo "IPV4_ADDRESS=127.0.0.1" >> $setupVars - echo "IPV6_ADDRESS=::1" >> $setupVars - echo "PIHOLE_DNS_1=" >> $setupVars - echo "PIHOLE_DNS_2=" >> $setupVars - if [ $query_logging -eq 1 ]; then - query_logging=true - else - query_logging=false - fi - echo "QUERY_LOGGING=$query_logging" >> $setupVars - echo "INSTALL_WEB=true" >> $setupVars + # Get the default network interface + main_iface=$(ip route | grep --max-count=1 default | awk '{print $5;}') + echo "PIHOLE_INTERFACE=$main_iface" > $setupVars + echo "IPV4_ADDRESS=127.0.0.1" >> $setupVars + echo "IPV6_ADDRESS=::1" >> $setupVars + echo "PIHOLE_DNS_1=" >> $setupVars + echo "PIHOLE_DNS_2=" >> $setupVars + if [ $query_logging -eq 1 ]; then + query_logging=true + else + query_logging=false + fi + echo "QUERY_LOGGING=$query_logging" >> $setupVars + echo "INSTALL_WEB=true" >> $setupVars - # Recalculate and store the checksum of the file for the next upgrade. - ynh_store_file_checksum --file="$setupVars" + # Recalculate and store the checksum of the file for the next upgrade. + ynh_store_file_checksum --file="$setupVars" fi #================================================= # UPDATE CRON JOB #================================================= -cp $pihole_local_repo/advanced/pihole.cron /etc/cron.d/pihole +if [ "$pihole_version" == "Last 3.X" ] +then + cp $pihole_local_repo/advanced/pihole.cron /etc/cron.d/pihole +else + cp $pihole_local_repo/advanced/Templates/pihole.cron /etc/cron.d/pihole +fi # Remove git usage for version. Which fails because we use here a release instead of master. ynh_replace_string --match_string=".*updatechecker.*" --replace_string="#&" --target_file=/etc/cron.d/pihole @@ -284,6 +362,12 @@ ynh_script_progression --message="Restarting PiHole-FTL..." --weight=2 ynh_systemd_action --action=restart --service_name=pihole-FTL +#================================================= +# ADVERTISE SERVICE IN ADMIN PANEL +#================================================= + +yunohost service add pihole-FTL --description="PiHole backend service" --log="/var/log/pihole-FTL.log" + #================================================= # UPDATE CONF_REGEN HOOK #================================================= @@ -293,7 +377,7 @@ cp ../conf/dnsmasq_regenconf_hook /usr/share/yunohost/hooks/conf_regen/50-dnsmas #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading nginx web server..." +ynh_script_progression --message="Reloading NGINX web server..." ynh_systemd_action --action=reload --service_name=nginx @@ -311,10 +395,6 @@ ynh_maintenance_mode_OFF # Get main domain and buid the url of the admin panel of the app. admin_panel="https://$(grep portal_domain /etc/ssowat/conf.json | cut -d'"' -f4)/yunohost/admin/#/apps/$app" -# Build the changelog -# Get the value of admin_mail_html -admin_mail_html=$(ynh_app_setting_get $app admin_mail_html) -admin_mail_html="${admin_mail_html:-0}" # If a html email is required. Apply html to the changelog. if [ "$admin_mail_html" -eq 1 ]; then format=html @@ -325,12 +405,12 @@ ynh_app_changelog --format=$format if [ $enable_dhcp -eq 1 ] then - dhcp_alert="You asked to use the internal DHCP server of dnsmasq with PiHole. + dhcp_alert="You asked to use the internal DHCP server of dnsmasq with PiHole. You should really read the documentation about that, https://github.com/YunoHost-Apps/pihole_ynh/blob/master/dhcp.md " else - dhcp_alert="" + dhcp_alert="" fi echo "${dhcp_alert}You can configure this app easily by using the experimental __URL_TAG1__config-panel feature__URL_TAG2__$admin_panel/config-panel__URL_TAG3__.