diff --git a/.github/workflows/updater.sh b/.github/workflows/updater.sh new file mode 100644 index 0000000..e01b97e --- /dev/null +++ b/.github/workflows/updater.sh @@ -0,0 +1,151 @@ +#!/bin/bash + +#================================================= +# PACKAGE UPDATING HELPER +#================================================= + +# This script is meant to be run by GitHub Actions +# The YunoHost-Apps organisation offers a template Action to run this script periodically +# Since each app is different, maintainers can adapt its contents so as to perform +# automatic actions when a new upstream release is detected. + +#================================================= +# FETCHING LATEST RELEASE AND ITS ASSETS +#================================================= + +# Fetching information +current_version=$(cat manifest.json | jq -j '.version|split("~")[0]') +repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]') +# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions) +version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1) +version_adminlte=$(curl --silent "https://api.github.com/repos/pi-hole/AdminLTE/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1) +version_ftl=$(curl --silent "https://api.github.com/repos/pi-hole/FTL/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1) +assets[0]="https://github.com/pi-hole/pi-hole/archive/$version.tar.gz" +assets[1]="https://github.com/pi-hole/AdminLTE/archive/$version_adminlte.tar.gz" +assets[2]="https://github.com/pi-hole/FTL/archive/$version_ftl.tar.gz" + +# Later down the script, we assume the version has only digits and dots +# Sometimes the release name starts with a "v", so let's filter it out. +# You may need more tweaks here if the upstream repository has different naming conventions. +if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then + version=${version:1} +fi +if [[ ${version_adminlte:0:1} == "v" || ${version_adminlte:0:1} == "V" ]]; then + version_adminlte=${version_adminlte:1} +fi +if [[ ${version_ftl:0:1} == "v" || ${version_ftl:0:1} == "V" ]]; then + version_ftl=${version_ftl:1} +fi + +# Setting up the environment variables +echo "Current version: $current_version" +echo "Latest release from upstream: $version" +echo "VERSION=$version" >> $GITHUB_ENV +echo "REPO=$repo" >> $GITHUB_ENV +# For the time being, let's assume the script will fail +echo "PROCEED=false" >> $GITHUB_ENV + +# Proceed only if the retrieved version is greater than the current one +if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then + echo "::warning ::No new version available" + exit 0 +# Proceed only if a PR for this new version does not already exist +elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then + echo "::warning ::A branch already exists for this update" + exit 0 +fi + +# Each release can hold multiple assets (e.g. binaries for different architectures, source code, etc.) +echo "${#assets[@]} available asset(s)" + +#================================================= +# UPDATE SOURCE FILES +#================================================= + +# Here we use the $assets variable to get the resources published in the upstream release. +# Here is an example for Grav, it has to be adapted in accordance with how the upstream releases look like. + +# Let's loop over the array of assets URLs +for asset_url in ${assets[@]}; do + + echo "Handling asset at $asset_url" + + # Assign the asset to a source file in conf/ directory + # Here we base the source file name upon a unique keyword in the assets url (admin vs. update) + # Leave $src empty to ignore the asset + case $asset_url in + *"FTL"*) + src="pi-hole_FTL" + ;; + *"AdminLTE"*) + src="pi-hole_AdminLTE" + ;; + *"pi-hole"*) + src="pi-hole_Core" + ;; + *) + src="" + ;; + esac + + # If $src is not empty, let's process the asset + if [ ! -z "$src" ]; then + + # Create the temporary directory + tempdir="$(mktemp -d)" + + # Download sources and calculate checksum + filename=${asset_url##*/} + curl --silent -4 -L $asset_url -o "$tempdir/$filename" + checksum=$(sha256sum "$tempdir/$filename" | head -c 64) + + # Delete temporary directory + rm -rf $tempdir + + # Get extension + if [[ $filename == *.tar.gz ]]; then + extension=tar.gz + else + extension=${filename##*.} + fi + + # Rewrite source file + cat < conf/$src.src +SOURCE_URL=$asset_url +SOURCE_SUM=$checksum +SOURCE_SUM_PRG=sha256sum +SOURCE_FORMAT=$extension +SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= +SOURCE_EXTRACT=true +EOT + echo "... conf/$src.src updated" + + else + echo "... asset ignored" + fi + +done + +#================================================= +# SPECIFIC UPDATE STEPS +#================================================= + +# Any action on the app's source code can be done. +# The GitHub Action workflow takes care of committing all changes after this script ends. + +sed -i "/pihole_adminlte_version/c\pihole_adminlte_version=$version_adminlte" scripts/_common.sh +sed -i "/pihole_flt_version/c\pihole_flt_version=$version_ftl" scripts/_common.sh + +#================================================= +# GENERIC FINALIZATION +#================================================= + +# Replace new version in manifest +echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json + +# No need to update the README, yunohost-bot takes care of it + +# The Action will proceed only if the PROCEED environment variable is set to true +echo "PROCEED=true" >> $GITHUB_ENV +exit 0 diff --git a/.github/workflows/updater.yml b/.github/workflows/updater.yml new file mode 100644 index 0000000..fb72ba0 --- /dev/null +++ b/.github/workflows/updater.yml @@ -0,0 +1,49 @@ +# This workflow allows GitHub Actions to automagically update your app whenever a new upstream release is detected. +# You need to enable Actions in your repository settings, and fetch this Action from the YunoHost-Apps organization. +# This file should be enough by itself, but feel free to tune it to your needs. +# It calls updater.sh, which is where you should put the app-specific update steps. +name: Check for new upstream releases +on: + # Allow to manually trigger the workflow + workflow_dispatch: + # Run it every day at 6:00 UTC + schedule: + - cron: '0 6 * * *' +jobs: + updater: + runs-on: ubuntu-latest + steps: + - name: Fetch the source code + uses: actions/checkout@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + - name: Run the updater script + id: run_updater + run: | + # Setting up Git user + git config --global user.name 'yunohost-bot' + git config --global user.email 'yunohost-bot@users.noreply.github.com' + # Run the updater script + /bin/bash .github/workflows/updater.sh + - name: Commit changes + id: commit + if: ${{ env.PROCEED == 'true' }} + run: | + git commit -am "Upgrade to v$VERSION" + - name: Create Pull Request + id: cpr + if: ${{ env.PROCEED == 'true' }} + uses: peter-evans/create-pull-request@v3 + with: + token: ${{ secrets.GITHUB_TOKEN }} + commit-message: Update to version ${{ env.VERSION }} + committer: 'yunohost-bot ' + author: 'yunohost-bot ' + signoff: false + base: testing + branch: ci-auto-update-v${{ env.VERSION }} + delete-branch: true + title: 'Upgrade to version ${{ env.VERSION }}' + body: | + Upgrade to v${{ env.VERSION }} + draft: false diff --git a/README.md b/README.md index 9d44532..9dd9ede 100644 --- a/README.md +++ b/README.md @@ -19,6 +19,7 @@ The Pi-hole® is a DNS sinkhole that protects your devices from unwanted content **Shipped version:** 5.11.4~ynh1 + ## Screenshots ![Screenshot of Pi-hole](./doc/screenshots/dashboard.png) @@ -90,7 +91,7 @@ sudo ifconfig eth0 0.0.0.0 && sudo dhclient eth0 * Official app website: * Official admin documentation: -* Upstream app code repository: +* Upstream app code repository: * YunoHost documentation for this app: * Report a bug: diff --git a/README_fr.md b/README_fr.md index 6045236..4029854 100644 --- a/README_fr.md +++ b/README_fr.md @@ -15,9 +15,11 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour ## Vue d'ensemble -The Pi-hole® is a DNS sinkhole that protects your devices from unwanted content without installing any client-side software. +Pi-hole® est un puits DNS qui protège vos appareils des contenus indésirables sans installer de logiciel côté client. + + +**Version incluse :** 5.11.4~ynh1 -**Version incluse :** 5.11.4~ynh1 ## Captures d'écran @@ -91,7 +93,7 @@ sudo ifconfig eth0 0.0.0.0 && sudo dhclient eth0 * Site officiel de l'app : * Documentation officielle de l'admin : -* Dépôt de code officiel de l'app : +* Dépôt de code officiel de l'app : * Documentation YunoHost pour cette app : * Signaler un bug : diff --git a/check_process b/check_process index 8081413..f7f8cef 100644 --- a/check_process +++ b/check_process @@ -23,7 +23,10 @@ setup_private=1 setup_public=0 upgrade=1 + # 5.4~ynh1 upgrade=1 from_commit=cfa9c5a3dbcfb765dcca3b2e7d179756afe26def + # 5.11.4~ynh1 + upgrade=1 from_commit=3d2f68c4e19f335e63f8ffa259708b38a58c8f67 backup_restore=1 multi_instance=0 port_already_use=1 diff --git a/conf/dnsmasq_regenconf_hook b/conf/dnsmasq_regenconf_hook index 54419ff..20bf023 100755 --- a/conf/dnsmasq_regenconf_hook +++ b/conf/dnsmasq_regenconf_hook @@ -27,9 +27,9 @@ ynh_replace_string --match_string="@INT@" --replace_string="$main_iface" --targe ynh_replace_string --match_string="@CACHE_SIZE@" --replace_string="1000" --target_file="$dnsmasq_dir/01-pihole.conf" query_logging=$(ynh_app_setting_get --app=$app --key=query_logging) if [ "$query_logging" = "true" ]; then - ynh_replace_string --match_string="^#log-queries" --replace_string="log-queries" --target_file="$dnsmasq_dir/01-pihole.conf" + ynh_replace_string --match_string="^#log-queries" --replace_string="log-queries" --target_file="$dnsmasq_dir/01-pihole.conf" else - ynh_replace_string --match_string="^log-queries" --replace_string="#log-queries" --target_file="$dnsmasq_dir/01-pihole.conf" + ynh_replace_string --match_string="^log-queries" --replace_string="#log-queries" --target_file="$dnsmasq_dir/01-pihole.conf" fi # @@ -50,36 +50,36 @@ enable_dhcp=$(ynh_app_setting_get --app=$app --key=enable_dhcp) if [ $enable_dhcp -eq 1 ] then - # Get the default network interface - # Find the IP associated to the network interface - localipv4=$(ip address | grep "${main_iface}\$" | awk '{print $2;}' | cut -d/ -f1) + # Get the default network interface + # Find the IP associated to the network interface + localipv4=$(ip address | grep "${main_iface}\$" | awk '{print $2;}' | cut -d/ -f1) - max_dhcp_range=250 - dhcp_range=100 + max_dhcp_range=250 + dhcp_range=100 - # Define the dhcp range from the current ip - ip_beginning_part=$(echo "$localipv4" | cut -d. -f1-3) - ip_fourth_part=$(echo "$localipv4" | cut -d. -f4) - b_range=$(( $ip_fourth_part + $dhcp_range )) - if [ $b_range -gt $max_dhcp_range ]; then - b_range=$max_dhcp_range - fi - a_range=$(( $b_range - $dhcp_range )) + # Define the dhcp range from the current ip + ip_beginning_part=$(echo "$localipv4" | cut -d. -f1-3) + ip_fourth_part=$(echo "$localipv4" | cut -d. -f4) + b_range=$(( $ip_fourth_part + $dhcp_range )) + if [ $b_range -gt $max_dhcp_range ]; then + b_range=$max_dhcp_range + fi + a_range=$(( $b_range - $dhcp_range )) - # Get the gateway - gateway=$(ip route | grep default | awk '{print $3;}') - # And the mac adress - hw_adress=$(ip link | grep -A1 "$main_iface" | tail -n1 | awk '{print $2;}') + # Get the gateway + gateway=$(ip route | grep default | awk '{print $3;}') + # And the mac adress + hw_adress=$(ip link | grep -A1 "$main_iface" | tail -n1 | awk '{print $2;}') - # Copy the config file - cp -a "/etc/yunohost/apps/$app/conf/02-pihole-dhcp.conf" "$dnsmasq_dir/" + # Copy the config file + cp -a "/etc/yunohost/apps/$app/conf/02-pihole-dhcp.conf" "$dnsmasq_dir/" - # And set the config - ynh_replace_string --match_string="__A_RANGE__" --replace_string="$ip_beginning_part.$a_range" --target_file="${pending_conf}/etc/dnsmasq.d/02-pihole-dhcp.conf" - ynh_replace_string --match_string="__B_RANGE__" --replace_string="$ip_beginning_part.$b_range" --target_file="${pending_conf}/etc/dnsmasq.d/02-pihole-dhcp.conf" - ynh_replace_string --match_string="__GATEWAY__" --replace_string="$gateway" --target_file="${pending_conf}/etc/dnsmasq.d/02-pihole-dhcp.conf" + # And set the config + ynh_replace_string --match_string="__A_RANGE__" --replace_string="$ip_beginning_part.$a_range" --target_file="${pending_conf}/etc/dnsmasq.d/02-pihole-dhcp.conf" + ynh_replace_string --match_string="__B_RANGE__" --replace_string="$ip_beginning_part.$b_range" --target_file="${pending_conf}/etc/dnsmasq.d/02-pihole-dhcp.conf" + ynh_replace_string --match_string="__GATEWAY__" --replace_string="$gateway" --target_file="${pending_conf}/etc/dnsmasq.d/02-pihole-dhcp.conf" - # Set a static ip for the server. - echo "dhcp-host=$hw_adress,$localipv4" > "${dnsmasq_dir}/04-pihole-static-dhcp.conf" + # Set a static ip for the server. + echo "dhcp-host=$hw_adress,$localipv4" > "${dnsmasq_dir}/04-pihole-static-dhcp.conf" fi exit 0 diff --git a/conf/nginx.conf b/conf/nginx.conf index fa7d4e8..adf04fa 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -6,16 +6,20 @@ location __PATH__/ { index index.html index.php; - try_files $uri $uri/ index.php; - location ~ [^/]\.php(/|$) { - fastcgi_split_path_info ^(.+?\.php)(/.*)$; - fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock; - fastcgi_index index.php; - include fastcgi_params; - fastcgi_param REMOTE_USER $remote_user; - fastcgi_param PATH_INFO $fastcgi_path_info; - fastcgi_param SCRIPT_FILENAME $request_filename; - } + # Common parameter to increase upload size limit in conjunction with dedicated php-fpm file + #client_max_body_size 50M; + + try_files $uri $uri/ index.php; + location ~ [^/]\.php(/|$) { + fastcgi_split_path_info ^(.+?\.php)(/.*)$; + fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock; + + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param REMOTE_USER $remote_user; + fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_param SCRIPT_FILENAME $request_filename; + } # Include SSOWAT user panel. include conf.d/yunohost_panel.conf.inc; diff --git a/conf/admin_dashboard.src b/conf/pi-hole_AdminLTE.src similarity index 85% rename from conf/admin_dashboard.src rename to conf/pi-hole_AdminLTE.src index 63d50d4..3727406 100644 --- a/conf/admin_dashboard.src +++ b/conf/pi-hole_AdminLTE.src @@ -3,3 +3,5 @@ SOURCE_SUM=67d01bd4245024c9c6f9bf474bb17e8bde269ccc42ba4bb5a99da25632162c21 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= +SOURCE_EXTRACT=true diff --git a/conf/app.src b/conf/pi-hole_Core.src similarity index 85% rename from conf/app.src rename to conf/pi-hole_Core.src index 31d5468..0792efb 100644 --- a/conf/app.src +++ b/conf/pi-hole_Core.src @@ -3,3 +3,5 @@ SOURCE_SUM=e24db53c63a6ea240f0852bd082b224dda91ad4fd049ab700c218b9672fc59cf SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= +SOURCE_EXTRACT=true diff --git a/conf/FTL.src b/conf/pi-hole_FTL.src similarity index 100% rename from conf/FTL.src rename to conf/pi-hole_FTL.src diff --git a/doc/DESCRIPTION_fr.md b/doc/DESCRIPTION_fr.md new file mode 100644 index 0000000..59e0f43 --- /dev/null +++ b/doc/DESCRIPTION_fr.md @@ -0,0 +1 @@ +Pi-hole® est un puits DNS qui protège vos appareils des contenus indésirables sans installer de logiciel côté client. diff --git a/manifest.json b/manifest.json index 6f67321..fcfff20 100644 --- a/manifest.json +++ b/manifest.json @@ -12,17 +12,19 @@ "license": "EUPL-1.2", "website": "https://pi-hole.net/", "admindoc": "https://docs.pi-hole.net", - "code": "https://github.com/pi-hole/pi-hole/" + "code": "https://github.com/pi-hole/pi-hole" }, "license": "EUPL-1.2", "maintainer": { "name": "", "email": "" }, - "previous_maintainers": [{ - "name": "Maniack Crudelis", - "email": "maniackc_dev@crudelis.fr" - }], + "previous_maintainers": [ + { + "name": "Maniack Crudelis", + "email": "maniackc_dev@crudelis.fr" + } + ], "requirements": { "yunohost": ">= 4.3.0" }, diff --git a/scripts/_common.sh b/scripts/_common.sh index 319f747..ba82989 100755 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -4,17 +4,21 @@ # COMMON VARIABLES #================================================= -YNH_PHP_VERSION="7.3" +php_dependencies="php$YNH_DEFAULT_PHP_VERSION-common php$YNH_DEFAULT_PHP_VERSION-cgi php$YNH_DEFAULT_PHP_VERSION-sqlite3 php$YNH_DEFAULT_PHP_VERSION-xml php$YNH_DEFAULT_PHP_VERSION-intl" -# Dependencies -pkg_dependencies="sqlite3 idn2 php${YNH_PHP_VERSION}-sqlite3 nettle-dev libcap2-bin build-essential libgmp-dev m4 cmake libidn11-dev libreadline-dev xxd" +# dependencies used by the app (must be on a single line) +pkg_dependencies="cmake build-essential libgmp-dev libidn11-dev nettle-dev libreadline-dev sqlite3 cron curl iputils-ping psmisc unzip idn2 libcap2-bin dns-root-data libcap2 netcat-openbsd procps jq $php_dependencies" -pihole_core_version=5.9 -dashboard_version=5.11 -FTL_version=5.14 +pihole_adminlte_version=5.13 +pihole_flt_version=5.16.1 + +PI_HOLE_LOCAL_REPO="/etc/.pihole" +PI_HOLE_INSTALL_DIR="/opt/pihole" +PI_HOLE_CONFIG_DIR="/etc/pihole" +PI_HOLE_BIN_DIR="/usr/local/bin" #================================================= -# FUTUR OFFICIAL HELPERS +# PERSONAL HELPERS #================================================= #================================================= @@ -247,136 +251,136 @@ ynh_maintenance_mode_OFF () { # # usage: ynh_app_changelog [--format=markdown/html/plain] [--output=changelog_file] --changelog=changelog_source] # | arg: -f --format= - Format in which the changelog will be printed -# markdown: Default format. -# html: Turn urls into html format. -# plain: Plain text changelog +# markdown: Default format. +# html: Turn urls into html format. +# plain: Plain text changelog # | arg: -o --output= - Output file for the changelog file (Default ./changelog) # | arg: -c --changelog= - CHANGELOG.md source (Default ../CHANGELOG.md) # # The changelog is printed into the file ./changelog and ./changelog_lite ynh_app_changelog () { - # Declare an array to define the options of this helper. - local legacy_args=foc - declare -Ar args_array=( [f]=format= [o]=output= [c]=changelog= ) - local format - local output - local changelog - # Manage arguments with getopts - ynh_handle_getopts_args "$@" - format=${format:-markdown} - output=${output:-changelog} - changelog=${changelog:-../CHANGELOG.md} + # Declare an array to define the options of this helper. + local legacy_args=foc + declare -Ar args_array=( [f]=format= [o]=output= [c]=changelog= ) + local format + local output + local changelog + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + format=${format:-markdown} + output=${output:-changelog} + changelog=${changelog:-../CHANGELOG.md} - local original_changelog="$changelog" - local temp_changelog="changelog_temp" - local final_changelog="$output" + local original_changelog="$changelog" + local temp_changelog="changelog_temp" + local final_changelog="$output" - if [ ! -n "$original_changelog" ] - then - echo "No changelog available..." > "$final_changelog" - echo "No changelog available..." > "${final_changelog}_lite" - return 0 - fi + if [ ! -n "$original_changelog" ] + then + echo "No changelog available..." > "$final_changelog" + echo "No changelog available..." > "${final_changelog}_lite" + return 0 + fi - local current_version=$(ynh_read_manifest --manifest="/etc/yunohost/apps/$YNH_APP_INSTANCE_NAME/manifest.json" --manifest_key="version") - local update_version=$(ynh_read_manifest --manifest="../manifest.json" --manifest_key="version") + local current_version=$(ynh_read_manifest --manifest="/etc/yunohost/apps/$YNH_APP_INSTANCE_NAME/manifest.json" --manifest_key="version") + local update_version=$(ynh_read_manifest --manifest="../manifest.json" --manifest_key="version") - # Get the line of the version to update to into the changelog - local update_version_line=$(grep --max-count=1 --line-number "^## \[$update_version" "$original_changelog" | cut -d':' -f1) - # If there's no entry for this version yet into the changelog - # Get the first available version - if [ -z "$update_version_line" ] - then - update_version_line=$(grep --max-count=1 --line-number "^##" "$original_changelog" | cut -d':' -f1) - fi + # Get the line of the version to update to into the changelog + local update_version_line=$(grep --max-count=1 --line-number "^## \[$update_version" "$original_changelog" | cut -d':' -f1) + # If there's no entry for this version yet into the changelog + # Get the first available version + if [ -z "$update_version_line" ] + then + update_version_line=$(grep --max-count=1 --line-number "^##" "$original_changelog" | cut -d':' -f1) + fi - # Get the length of the complete changelog. - local changelog_length=$(wc --lines "$original_changelog" | awk '{print $1}') - # Cut the file before the version to update to. - tail --lines=$(( $changelog_length - $update_version_line + 1 )) "$original_changelog" > "$temp_changelog" + # Get the length of the complete changelog. + local changelog_length=$(wc --lines "$original_changelog" | awk '{print $1}') + # Cut the file before the version to update to. + tail --lines=$(( $changelog_length - $update_version_line + 1 )) "$original_changelog" > "$temp_changelog" - # Get the length of the troncated changelog. - changelog_length=$(wc --lines "$temp_changelog" | awk '{print $1}') - # Get the line of the current version into the changelog - # Keep only the last line found - local current_version_line=$(grep --line-number "^## \[$current_version" "$temp_changelog" | cut -d':' -f1 | tail --lines=1) - # If there's no entry for this version into the changelog - # Get the last available version - if [ -z "$current_version_line" ] - then - current_version_line=$(grep --line-number "^##" "$original_changelog" | cut -d':' -f1 | tail --lines=1) - fi - # Cut the file before the current version. - # Then grep the previous version into the changelog to get the line number of the previous version - local previous_version_line=$(tail --lines=$(( $changelog_length - $current_version_line )) \ - "$temp_changelog" | grep --max-count=1 --line-number "^## " | cut -d':' -f1) - # If there's no previous version into the changelog - # Go until the end of the changelog - if [ -z "$previous_version_line" ] - then - previous_version_line=$changelog_length - fi + # Get the length of the troncated changelog. + changelog_length=$(wc --lines "$temp_changelog" | awk '{print $1}') + # Get the line of the current version into the changelog + # Keep only the last line found + local current_version_line=$(grep --line-number "^## \[$current_version" "$temp_changelog" | cut -d':' -f1 | tail --lines=1) + # If there's no entry for this version into the changelog + # Get the last available version + if [ -z "$current_version_line" ] + then + current_version_line=$(grep --line-number "^##" "$original_changelog" | cut -d':' -f1 | tail --lines=1) + fi + # Cut the file before the current version. + # Then grep the previous version into the changelog to get the line number of the previous version + local previous_version_line=$(tail --lines=$(( $changelog_length - $current_version_line )) \ + "$temp_changelog" | grep --max-count=1 --line-number "^## " | cut -d':' -f1) + # If there's no previous version into the changelog + # Go until the end of the changelog + if [ -z "$previous_version_line" ] + then + previous_version_line=$changelog_length + fi - # Cut the file after the previous version to keep only the changelog between the current version and the version to update to. - head --lines=$(( $current_version_line + $previous_version_line - 1 )) "$temp_changelog" | tee "$final_changelog" + # Cut the file after the previous version to keep only the changelog between the current version and the version to update to. + head --lines=$(( $current_version_line + $previous_version_line - 1 )) "$temp_changelog" | tee "$final_changelog" - if [ "$format" = "html" ] - then - # Replace markdown links by html links - ynh_replace_string --match_string="\[\(.*\)\](\(.*\)))" --replace_string="\1)" --target_file="$final_changelog" - ynh_replace_string --match_string="\[\(.*\)\](\(.*\))" --replace_string="\1" --target_file="$final_changelog" - elif [ "$format" = "plain" ] - then - # Change title format. - ynh_replace_string --match_string="^##.*\[\(.*\)\](\(.*\)) - \(.*\)$" --replace_string="## \1 (\3) - \2" --target_file="$final_changelog" - # Change modifications lines format. - ynh_replace_string --match_string="^\([-*]\).*\[\(.*\)\]\(.*\)" --replace_string="\1 \2 \3" --target_file="$final_changelog" - fi - # else markdown. As the file is already in markdown, nothing to do. + if [ "$format" = "html" ] + then + # Replace markdown links by html links + ynh_replace_string --match_string="\[\(.*\)\](\(.*\)))" --replace_string="\1)" --target_file="$final_changelog" + ynh_replace_string --match_string="\[\(.*\)\](\(.*\))" --replace_string="\1" --target_file="$final_changelog" + elif [ "$format" = "plain" ] + then + # Change title format. + ynh_replace_string --match_string="^##.*\[\(.*\)\](\(.*\)) - \(.*\)$" --replace_string="## \1 (\3) - \2" --target_file="$final_changelog" + # Change modifications lines format. + ynh_replace_string --match_string="^\([-*]\).*\[\(.*\)\]\(.*\)" --replace_string="\1 \2 \3" --target_file="$final_changelog" + fi + # else markdown. As the file is already in markdown, nothing to do. - # Keep only important changes into the changelog - # Remove all minor changes - sed '/^-/d' "$final_changelog" > "${final_changelog}_lite" - # Remove all blank lines (to keep a clear workspace) - sed --in-place '/^$/d' "${final_changelog}_lite" - # Add a blank line at the end - echo "" >> "${final_changelog}_lite" + # Keep only important changes into the changelog + # Remove all minor changes + sed '/^-/d' "$final_changelog" > "${final_changelog}_lite" + # Remove all blank lines (to keep a clear workspace) + sed --in-place '/^$/d' "${final_changelog}_lite" + # Add a blank line at the end + echo "" >> "${final_changelog}_lite" - # Clean titles if there's no significative changes - local line - local previous_line="" - while read line <&3 - do - if [ -n "$previous_line" ] - then - # Remove the line if it's a title or a blank line, and the previous one was a title as well. - if ( [ "${line:0:1}" = "#" ] || [ ${#line} -eq 0 ] ) && [ "${previous_line:0:1}" = "#" ] - then - ynh_replace_special_string --match_string="${previous_line//[/.}" --replace_string="" --target_file="${final_changelog}_lite" - fi - fi - previous_line="$line" - done 3< "${final_changelog}_lite" + # Clean titles if there's no significative changes + local line + local previous_line="" + while read line <&3 + do + if [ -n "$previous_line" ] + then + # Remove the line if it's a title or a blank line, and the previous one was a title as well. + if ( [ "${line:0:1}" = "#" ] || [ ${#line} -eq 0 ] ) && [ "${previous_line:0:1}" = "#" ] + then + ynh_replace_special_string --match_string="${previous_line//[/.}" --replace_string="" --target_file="${final_changelog}_lite" + fi + fi + previous_line="$line" + done 3< "${final_changelog}_lite" - # Remove all blank lines again - sed --in-place '/^$/d' "${final_changelog}_lite" + # Remove all blank lines again + sed --in-place '/^$/d' "${final_changelog}_lite" - # Restore changelog format with blank lines - ynh_replace_string --match_string="^##.*" --replace_string="\n\n&\n" --target_file="${final_changelog}_lite" - # Remove the 2 first blank lines - sed --in-place '1,2d' "${final_changelog}_lite" - # Add a blank line at the end - echo "" >> "${final_changelog}_lite" + # Restore changelog format with blank lines + ynh_replace_string --match_string="^##.*" --replace_string="\n\n&\n" --target_file="${final_changelog}_lite" + # Remove the 2 first blank lines + sed --in-place '1,2d' "${final_changelog}_lite" + # Add a blank line at the end + echo "" >> "${final_changelog}_lite" - # If changelog are empty, add an info - if [ $(wc --words "$final_changelog" | awk '{print $1}') -eq 0 ] - then - echo "No changes from the changelog..." > "$final_changelog" - fi - if [ $(wc --words "${final_changelog}_lite" | awk '{print $1}') -eq 0 ] - then - echo "No significative changes from the changelog..." > "${final_changelog}_lite" - fi + # If changelog are empty, add an info + if [ $(wc --words "$final_changelog" | awk '{print $1}') -eq 0 ] + then + echo "No changes from the changelog..." > "$final_changelog" + fi + if [ $(wc --words "${final_changelog}_lite" | awk '{print $1}') -eq 0 ] + then + echo "No significative changes from the changelog..." > "${final_changelog}_lite" + fi } #================================================= diff --git a/scripts/actions/reset_default_app b/scripts/actions/reset_default_app index 6fab71d..4bcce48 100755 --- a/scripts/actions/reset_default_app +++ b/scripts/actions/reset_default_app @@ -16,7 +16,7 @@ source /usr/share/yunohost/helpers ynh_clean_setup () { # Clean installation remaining that are not handle by the remove script. - ynh_clean_check_starting + ynh_clean_check_starting } # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -54,15 +54,14 @@ ynh_system_user_create --username=$app ynh_script_progression --message="Resetting source files..." --weight=1 # Download, check integrity, uncompress and patch the source from app.src -pihole_local_repo="/etc/.pihole" ( - cd scripts - # Overwrite the last version available - YNH_CWD=$PWD ynh_setup_source --dest_dir="$pihole_local_repo" --source_id=app - # Overwrite admin dashboard - YNH_CWD=$PWD ynh_setup_source --dest_dir="$final_path" --source_id=admin_dashboard + cd scripts + # Overwrite the last version available + YNH_CWD=$PWD ynh_setup_source --dest_dir="$PI_HOLE_LOCAL_REPO" --source_id="pi-hole_Core" + # Overwrite admin dashboard + YNH_CWD=$PWD ynh_setup_source --dest_dir="$final_path" --source_id=pi-hole_AdminLTE - chown $app:www-data "$final_path" + chown $app:www-data "$final_path" ) @@ -87,27 +86,25 @@ yunohost app action run $app reset_default_phpfpm #================================================= ynh_script_progression --message="Recreating and populating directories..." --weight=1 -pihole_storage="/etc/pihole" -mkdir -p "$pihole_storage" -chown $app: -R "$pihole_storage" +mkdir -p "$PI_HOLE_CONFIG_DIR" +chown $app: -R "$PI_HOLE_CONFIG_DIR" -pihole_dir="/opt/pihole" -mkdir -p "$pihole_dir" +mkdir -p "$PI_HOLE_INSTALL_DIR" # Make a copy of Pi-Hole scripts -cp -a "$pihole_local_repo/gravity.sh" "$pihole_dir/" -cp -a $pihole_local_repo/advanced/Scripts/*.sh "$pihole_dir/" +cp -a "$PI_HOLE_LOCAL_REPO/gravity.sh" "$PI_HOLE_INSTALL_DIR/" +cp -a $PI_HOLE_LOCAL_REPO/advanced/Scripts/*.sh "$PI_HOLE_INSTALL_DIR/" # And copy this fucking COL_TABLE file... -cp -a "$pihole_local_repo/advanced/Scripts/COL_TABLE" "$pihole_dir/" +cp -a "$PI_HOLE_LOCAL_REPO/advanced/Scripts/COL_TABLE" "$PI_HOLE_INSTALL_DIR/" #================================================= # COPY PI-HOLE MAIN SCRIPT #================================================= ynh_script_progression --message="Copying Pi-Hole main script..." -cp -a "$pihole_local_repo/pihole" /usr/local/bin/ -cp -a "$pihole_local_repo/advanced/bash-completion/pihole" /etc/bash_completion.d/pihole +cp -a "$PI_HOLE_LOCAL_REPO/pihole" $PI_HOLE_BIN_DIR/ +cp -a "$PI_HOLE_LOCAL_REPO/advanced/bash-completion/pihole" /etc/bash_completion.d/pihole #================================================= # RECREATE LOG FILES @@ -122,18 +119,18 @@ chown $dnsmasq_user:root /var/log/{pihole,pihole-FTL}.log # RECREATE SUDOER FILE #================================================= -# This sudoers config allow pihole to execute /usr/local/bin/pihole as root without password. Nothing more. -cp "$pihole_local_repo/advanced/Templates/pihole.sudo" /etc/sudoers.d/pihole -echo "$app ALL=NOPASSWD: /usr/local/bin/pihole" >> /etc/sudoers.d/pihole -# echo "Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin" >> /etc/sudoers.d/pihole +# This sudoers config allow pihole to execute $PI_HOLE_BIN_DIR/pihole as root without password. Nothing more. +cp "$PI_HOLE_LOCAL_REPO/advanced/Templates/pihole.sudo" /etc/sudoers.d/pihole +echo "$app ALL=NOPASSWD: $PI_HOLE_BIN_DIR/pihole" >> /etc/sudoers.d/pihole +# echo "Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin:$PI_HOLE_BIN_DIR" >> /etc/sudoers.d/pihole chmod 0440 /etc/sudoers.d/pihole #================================================= # REINSTALL LOGROTATE SCRIPT FOR PI-HOLE #================================================= -cp "$pihole_local_repo/advanced/Templates/logrotate" "$pihole_storage/logrotate" -sed -i "/# su #/d;" "$pihole_storage/logrotate" +cp "$PI_HOLE_LOCAL_REPO/advanced/Templates/logrotate" "$PI_HOLE_CONFIG_DIR/logrotate" +sed -i "/# su #/d;" "$PI_HOLE_CONFIG_DIR/logrotate" #================================================= # REINSTALLATION OF PIHOLE-FTL @@ -143,22 +140,22 @@ ynh_script_progression --message="Reinstalling PiHole-FTL..." --weight=30 # Get the source of Pi-Hole-FTL FTL_temp_path=$(mktemp -d) # Install the last version available -ynh_setup_source --dest_dir="$FTL_temp_path" --source_id=FTL +ynh_setup_source --dest_dir="$FTL_temp_path" --source_id="pi-hole_FTL" # Instead of downloading a binary file, we're going to compile it ( - cd "$FTL_temp_path" - ynh_exec_warn_less make - ynh_exec_warn_less make install + cd "$FTL_temp_path" + ynh_exec_warn_less make + ynh_exec_warn_less make install ) ynh_secure_remove --file="$FTL_temp_path" -cp "../conf/dns-servers.conf" "$pihole_storage" +cp "../conf/dns-servers.conf" "$PI_HOLE_CONFIG_DIR" # Restore the default pihole-FTL.conf yunohost app action run $app reset_default_ftl -cp -a $pihole_local_repo/advanced/Templates/pihole-FTL.service /etc/init.d/pihole-FTL +cp -a $PI_HOLE_LOCAL_REPO/advanced/Templates/pihole-FTL.service /etc/init.d/pihole-FTL chmod +x /etc/init.d/pihole-FTL ynh_exec_warn_less systemctl enable pihole-FTL @@ -183,7 +180,7 @@ yunohost app action run $app reset_default_dnsmasq # REINSTALL CRON JOB #================================================= -cp $pihole_local_repo/advanced/Templates/pihole.cron /etc/cron.d/pihole +cp $PI_HOLE_LOCAL_REPO/advanced/Templates/pihole.cron /etc/cron.d/pihole # Remove git usage for version. Which fails because we use here a release instead of master. ynh_replace_string --match_string=".*updatechecker.*" --replace_string="#&" --target_file=/etc/cron.d/pihole @@ -193,9 +190,9 @@ ynh_replace_string --match_string=".*updatechecker.*" --replace_string="#&" --ta #================================================= ( - cd scripts - cp ../conf/dnsmasq_regenconf_hook /usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app - ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="/usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app" + cd scripts + cp ../conf/dnsmasq_regenconf_hook /usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app + ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="/usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app" ) #================================================= @@ -204,7 +201,7 @@ ynh_replace_string --match_string=".*updatechecker.*" --replace_string="#&" --ta ynh_script_progression --message="Restarting PiHole-FTL..." --weight=2 -ynh_systemd_action --action=restart --service_name=pihole-FTL +ynh_systemd_action --service_name=pihole-FTL --action=restart --log_path="/var/log/pihole-FTL.log" #================================================= # RELOAD NGINX diff --git a/scripts/actions/reset_default_config b/scripts/actions/reset_default_config index c3b6fe4..2360ee3 100755 --- a/scripts/actions/reset_default_config +++ b/scripts/actions/reset_default_config @@ -31,9 +31,9 @@ query_logging=$(ynh_app_setting_get --app=$app --key=query_logging) file="$1" if [ "$file" = "setupVars.conf" ]; then - config_file="/etc/pihole/setupVars.conf" + config_file="$PI_HOLE_CONFIG_DIR/setupVars.conf" elif [ "$file" = "pihole-FTL.conf" ]; then - config_file="/etc/pihole/pihole-FTL.conf" + config_file="$PI_HOLE_CONFIG_DIR/pihole-FTL.conf" fi #================================================= @@ -50,31 +50,31 @@ main_iface=$(ip route | grep --max-count=1 default | awk '{print $5;}') if [ "$file" = "setupVars.conf" ] then - # Recreate the default config - # Trouve l'interface réseau par défaut - echo "PIHOLE_INTERFACE=$main_iface" > "$config_file" - echo "IPV4_ADDRESS=127.0.0.1" >> "$config_file" - echo "IPV6_ADDRESS=::1" >> "$config_file" - echo "PIHOLE_DNS_1=" >> "$config_file" - echo "PIHOLE_DNS_2=" >> "$config_file" - if [ $query_logging -eq 1 ]; then - query_logging=true - else - query_logging=false - fi - echo "QUERY_LOGGING=$query_logging" >> "$config_file" - echo "INSTALL_WEB=true" >> "$config_file" + # Recreate the default config + # Trouve l'interface réseau par défaut + echo "PIHOLE_INTERFACE=$main_iface" > "$config_file" + echo "IPV4_ADDRESS=127.0.0.1" >> "$config_file" + echo "IPV6_ADDRESS=::1" >> "$config_file" + echo "PIHOLE_DNS_1=" >> "$config_file" + echo "PIHOLE_DNS_2=" >> "$config_file" + if [ $query_logging -eq 1 ]; then + query_logging=true + else + query_logging=false + fi + echo "QUERY_LOGGING=$query_logging" >> "$config_file" + echo "INSTALL_WEB=true" >> "$config_file" elif [ "$file" = "pihole-FTL.conf" ] then - # Get the default file and overwrite the current config - port=$(ynh_app_setting_get --app=$app --key=port) - ynh_add_config --template="/etc/yunohost/apps/$app/conf/pihole-FTL.conf" --destination="$config_file" + # Get the default file and overwrite the current config + port=$(ynh_app_setting_get --app=$app --key=port) + ynh_add_config --template="/etc/yunohost/apps/$app/conf/pihole-FTL.conf" --destination="$config_file" - ynh_script_progression --message="Restarting Pi-Hole..." --weight=2 + ynh_script_progression --message="Restarting Pi-Hole..." --weight=2 - # Restart pihole-FTL - ynh_systemd_action --action=restart --service_name=pihole-FTL + # Restart pihole-FTL + ynh_systemd_action --service_name=pihole-FTL --action=restart --log_path="/var/log/pihole-FTL.log" fi # Calculate and store the config file checksum into the app settings diff --git a/scripts/actions/reset_default_system b/scripts/actions/reset_default_system index c760535..46de6a4 100755 --- a/scripts/actions/reset_default_system +++ b/scripts/actions/reset_default_system @@ -15,7 +15,7 @@ source /usr/share/yunohost/helpers ynh_clean_setup () { # Clean installation remaining that are not handle by the remove script. - ynh_clean_check_starting + ynh_clean_check_starting } # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -39,22 +39,22 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= if [ $type == nginx ]; then - name=Nginx + name=Nginx elif [ $type == phpfpm ]; then - name=PHP-FPM + name=PHP-FPM else - ynh_die --message="The type $type is not recognized" + ynh_die --message="The type $type is not recognized" fi ynh_script_progression --message="Resetting the specific configuration of $name for the app $app..." --weight=3 if [ $type == nginx ] then - (cd scripts; ynh_add_nginx_config) + (cd scripts; ynh_add_nginx_config) elif [ $type == phpfpm ] then - (cd scripts; ynh_add_fpm_config --usage=low --footprint=low --dedicated_service) + (cd scripts; ynh_add_fpm_config --usage=low --footprint=low --dedicated_service) fi #================================================= diff --git a/scripts/backup b/scripts/backup index 13dc624..00a4d71 100644 --- a/scripts/backup +++ b/scripts/backup @@ -14,6 +14,9 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= +ynh_clean_setup () { + true +} # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -25,7 +28,6 @@ ynh_print_info --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME final_path=$(ynh_app_setting_get --app=$app --key=final_path) -path_url=$(ynh_app_setting_get --app=$app --key=path) domain=$(ynh_app_setting_get --app=$app --key=domain) # Get variable from ynh_add_fpm_config @@ -37,14 +39,10 @@ fpm_config_dir=$(ynh_app_setting_get --app=$app --key=fpm_config_dir) ynh_print_info --message="Declaring files to be backed up..." #================================================= -# BACKUP THE APP MAIN DIRECTORIES +# BACKUP THE APP MAIN DIR #================================================= ynh_backup --src_path="$final_path" -ynh_backup --src_path="/etc/.pihole" -ynh_backup --src_path="/etc/pihole" -ynh_backup --src_path="/opt/pihole" - #================================================= # BACKUP THE NGINX CONFIGURATION #================================================= @@ -64,9 +62,13 @@ ynh_backup --src_path="$fpm_config_dir/pool.d/$app.conf" # BACKUP VARIOUS FILES #================================================= +ynh_backup --src_path="$PI_HOLE_LOCAL_REPO" +ynh_backup --src_path="$PI_HOLE_CONFIG_DIR" +ynh_backup --src_path="$PI_HOLE_INSTALL_DIR" + ynh_backup --src_path="/etc/cron.d/pihole" -ynh_backup --src_path="/usr/local/bin/pihole" +ynh_backup --src_path="$PI_HOLE_BIN_DIR/pihole" ynh_backup --src_path="/etc/bash_completion.d/pihole" ynh_backup --src_path="/etc/sudoers.d/pihole" diff --git a/scripts/change_url b/scripts/change_url index bd8bed4..13578d4 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -49,7 +49,7 @@ ynh_abort_if_errors #================================================= # ACTIVATE MAINTENANCE MODE #================================================= -ynh_script_progression --message="Activating maintenance mode..." +ynh_script_progression --message="Activating maintenance mode..." --weight=1 path_url=$old_path domain=$old_domain @@ -107,7 +107,7 @@ fi #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading NGINX web server..." +ynh_script_progression --message="Reloading NGINX web server..." --weight=1 ynh_systemd_action --service_name=nginx --action=reload diff --git a/scripts/config b/scripts/config index fef8388..6493162 100644 --- a/scripts/config +++ b/scripts/config @@ -59,11 +59,11 @@ fpm_footprint="${YNH_CONFIG_MAIN_PHP_FPM_CONFIG_FOOTPRINT:-$old_fpm_footprint}" # Check if fpm_footprint is an integer if [ "$fpm_footprint" -eq "$fpm_footprint" ] 2> /dev/null then - # If fpm_footprint is an integer, that's a numeric value for the footprint - old_free_footprint=$fpm_footprint - fpm_footprint=specific + # If fpm_footprint is an integer, that's a numeric value for the footprint + old_free_footprint=$fpm_footprint + fpm_footprint=specific else - old_free_footprint=0 + old_free_footprint=0 fi free_footprint="${YNH_CONFIG_MAIN_PHP_FPM_CONFIG_FREE_FOOTPRINT:-$old_free_footprint}" @@ -75,7 +75,7 @@ fpm_usage="${YNH_CONFIG_MAIN_PHP_FPM_CONFIG_USAGE:-$old_fpm_usage}" old_php_forced_max_children="$(ynh_app_setting_get --app=$app --key=php_forced_max_children)" # If php_forced_max_children isn't into settings.yml, get the current value from the fpm config if [ -z "$old_php_forced_max_children" ]; then - old_php_forced_max_children="$(grep "^pm.max_children" "$fpm_config_dir/pool.d/$app.conf" | awk '{print $3}')" + old_php_forced_max_children="$(grep "^pm.max_children" "$fpm_config_dir/pool.d/$app.conf" | awk '{print $3}')" fi php_forced_max_children="${YNH_CONFIG_MAIN_PHP_FPM_CONFIG_FORCE_MAX_CHILDREN:-$old_php_forced_max_children}" @@ -84,20 +84,20 @@ php_forced_max_children="${YNH_CONFIG_MAIN_PHP_FPM_CONFIG_FORCE_MAX_CHILDREN:-$o #================================================= show_config() { - # here you are supposed to read some config file/database/other then print the values - # ynh_return "YNH_CONFIG_${PANEL_ID}_${SECTION_ID}_${OPTION_ID}=value" + # here you are supposed to read some config file/database/other then print the values + # ynh_return "YNH_CONFIG_${PANEL_ID}_${SECTION_ID}_${OPTION_ID}=value" - ynh_return "YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_SETUPVARS=$overwrite_setupvars" - ynh_return "YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_FTL=$overwrite_ftl" - ynh_return "YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_NGINX=$overwrite_nginx" - ynh_return "YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_PHPFPM=$overwrite_phpfpm" + ynh_return "YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_SETUPVARS=$overwrite_setupvars" + ynh_return "YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_FTL=$overwrite_ftl" + ynh_return "YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_NGINX=$overwrite_nginx" + ynh_return "YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_PHPFPM=$overwrite_phpfpm" - ynh_return "YNH_CONFIG_MAIN_GLOBAL_CONFIG_EMAIL_TYPE=$admin_mail_html" + ynh_return "YNH_CONFIG_MAIN_GLOBAL_CONFIG_EMAIL_TYPE=$admin_mail_html" - ynh_return "YNH_CONFIG_MAIN_PHP_FPM_CONFIG_FOOTPRINT=$fpm_footprint" - ynh_return "YNH_CONFIG_MAIN_PHP_FPM_CONFIG_FREE_FOOTPRINT=$free_footprint" - ynh_return "YNH_CONFIG_MAIN_PHP_FPM_CONFIG_USAGE=$fpm_usage" - ynh_return "YNH_CONFIG_MAIN_PHP_FPM_CONFIG_FORCE_MAX_CHILDREN=$php_forced_max_children" + ynh_return "YNH_CONFIG_MAIN_PHP_FPM_CONFIG_FOOTPRINT=$fpm_footprint" + ynh_return "YNH_CONFIG_MAIN_PHP_FPM_CONFIG_FREE_FOOTPRINT=$free_footprint" + ynh_return "YNH_CONFIG_MAIN_PHP_FPM_CONFIG_USAGE=$fpm_usage" + ynh_return "YNH_CONFIG_MAIN_PHP_FPM_CONFIG_FORCE_MAX_CHILDREN=$php_forced_max_children" } #================================================= @@ -106,60 +106,60 @@ show_config() { apply_config() { - #================================================= - # MODIFY OVERWRITTING SETTINGS - #================================================= + #================================================= + # MODIFY OVERWRITTING SETTINGS + #================================================= - # Set overwrite_setupvars - ynh_app_setting_set --app=$app --key=overwrite_setupvars --value="$overwrite_setupvars" - # Set overwrite_ftl - ynh_app_setting_set --app=$app --key=overwrite_ftl --value="$overwrite_ftl" - # Set overwrite_nginx - ynh_app_setting_set --app=$app --key=overwrite_nginx --value="$overwrite_nginx" - # Set overwrite_phpfpm - ynh_app_setting_set --app=$app --key=overwrite_phpfpm --value="$overwrite_phpfpm" + # Set overwrite_setupvars + ynh_app_setting_set --app=$app --key=overwrite_setupvars --value="$overwrite_setupvars" + # Set overwrite_ftl + ynh_app_setting_set --app=$app --key=overwrite_ftl --value="$overwrite_ftl" + # Set overwrite_nginx + ynh_app_setting_set --app=$app --key=overwrite_nginx --value="$overwrite_nginx" + # Set overwrite_phpfpm + ynh_app_setting_set --app=$app --key=overwrite_phpfpm --value="$overwrite_phpfpm" - #================================================= - # MODIFY EMAIL SETTING - #================================================= + #================================================= + # MODIFY EMAIL SETTING + #================================================= - # Set admin_mail_html - ynh_app_setting_set --app=$app --key=admin_mail_html --value="$admin_mail_html" + # Set admin_mail_html + ynh_app_setting_set --app=$app --key=admin_mail_html --value="$admin_mail_html" - #================================================= - # RECONFIGURE PHP-FPM - #================================================= + #================================================= + # RECONFIGURE PHP-FPM + #================================================= - if [ "$fpm_usage" != "$old_fpm_usage" ] || \ - [ "$fpm_footprint" != "$old_fpm_footprint" ] || \ - [ "$free_footprint" != "$old_free_footprint" ] || \ - [ "$php_forced_max_children" != "$old_php_forced_max_children" ] - then - # If fpm_footprint is set to 'specific', use $free_footprint value. - if [ "$fpm_footprint" = "specific" ] - then - fpm_footprint=$free_footprint - fi + if [ "$fpm_usage" != "$old_fpm_usage" ] || \ + [ "$fpm_footprint" != "$old_fpm_footprint" ] || \ + [ "$free_footprint" != "$old_free_footprint" ] || \ + [ "$php_forced_max_children" != "$old_php_forced_max_children" ] + then + # If fpm_footprint is set to 'specific', use $free_footprint value. + if [ "$fpm_footprint" = "specific" ] + then + fpm_footprint=$free_footprint + fi - if [ "$php_forced_max_children" != "$old_php_forced_max_children" ] - then - # Set php_forced_max_children - if [ $php_forced_max_children -ne 0 ] - then - ynh_app_setting_set --app=$app --key=php_forced_max_children --value="$php_forced_max_children" - else - # If the value is set to 0, remove the setting - ynh_app_setting_delete --app=$app --key=php_forced_max_children - fi - fi + if [ "$php_forced_max_children" != "$old_php_forced_max_children" ] + then + # Set php_forced_max_children + if [ $php_forced_max_children -ne 0 ] + then + ynh_app_setting_set --app=$app --key=php_forced_max_children --value="$php_forced_max_children" + else + # If the value is set to 0, remove the setting + ynh_app_setting_delete --app=$app --key=php_forced_max_children + fi + fi - if [ "$fpm_footprint" != "0" ] - then - ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint --dedicated_service - else - ynh_print_err --message="When selecting 'specific', you have to set a footprint value into the field below." - fi - fi + if [ "$fpm_footprint" != "0" ] + then + ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint --dedicated_service + else + ynh_print_err --message="When selecting 'specific', you have to set a footprint value into the field below." + fi + fi } #================================================= @@ -169,6 +169,6 @@ apply_config() { #================================================= case $1 in - show) show_config;; - apply) apply_config;; + show) show_config;; + apply) apply_config;; esac diff --git a/scripts/install b/scripts/install index d337f1d..20dc843 100644 --- a/scripts/install +++ b/scripts/install @@ -6,7 +6,6 @@ # IMPORT GENERIC HELPERS #================================================= -# Load common variables for all scripts. source _common.sh source /usr/share/yunohost/helpers @@ -14,6 +13,9 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= +ynh_clean_setup () { + true +} # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -76,6 +78,9 @@ ynh_app_setting_set --app=$app --key=port --value=$port ynh_exec_fully_quiet yunohost firewall disallow Both 53 --no-reload ynh_exec_fully_quiet yunohost firewall allow Both 53 --no-upnp +# Open the UDP port 67 for dhcp +ynh_exec_fully_quiet yunohost firewall allow UDP 67 --no-upnp + #================================================= # INSTALL DEPENDENCIES #================================================= @@ -89,7 +94,7 @@ ynh_install_app_dependencies $pkg_dependencies ynh_script_progression --message="Configuring system user..." --weight=2 # Create a system user -ynh_system_user_create --username=$app --home_dir=$final_path +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE @@ -97,23 +102,15 @@ ynh_system_user_create --username=$app --home_dir=$final_path ynh_script_progression --message="Setting up source files..." --weight=4 ynh_app_setting_set --app=$app --key=final_path --value=$final_path -# Make a copy of local pihole repository (for Gravity) -pihole_local_repo="/etc/.pihole" +# Download, check integrity, uncompress and patch the source from app.src +ynh_setup_source --dest_dir="$PI_HOLE_LOCAL_REPO" --source_id="pi-hole_Core" +ynh_setup_source --dest_dir="$final_path" --source_id=pi-hole_AdminLTE +FTL_temp_path=$(mktemp -d) +ynh_setup_source --dest_dir="$FTL_temp_path" --source_id="pi-hole_FTL" -# Install the last version available -ynh_setup_source --dest_dir="$pihole_local_repo" --source_id=app -# Install admin dashboard -ynh_setup_source --dest_dir="$final_path" --source_id=admin_dashboard - -chown $app:www-data "$final_path" - -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Configuring NGINX web server..." --weight=2 - -# Create a dedicated NGINX config -ynh_add_nginx_config +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # PHP-FPM CONFIGURATION @@ -123,122 +120,110 @@ ynh_script_progression --message="Configuring PHP-FPM..." --weight=2 # Create a dedicated PHP-FPM config ynh_add_fpm_config --usage=low --footprint=low --dedicated_service +#================================================= +# NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Configuring NGINX web server..." --weight=2 + +# Create a dedicated NGINX config +ynh_add_nginx_config + #================================================= # SPECIFIC SETUP -#================================================= -# CREATE DIRECTORIES AND POPULATE THEM -#================================================= -ynh_script_progression --message="Creating and populating directories..." - -pihole_storage="/etc/pihole" -mkdir -p "$pihole_storage" -chown $app: -R "$pihole_storage" - -pihole_dir="/opt/pihole" -mkdir -p "$pihole_dir" - -# Make a copy of Pi-Hole scripts -cp -a "$pihole_local_repo/gravity.sh" "$pihole_dir/" -cp -a $pihole_local_repo/advanced/Scripts/*.sh "$pihole_dir/" - -# And copy this fucking COL_TABLE file... -cp -a "$pihole_local_repo/advanced/Scripts/COL_TABLE" "$pihole_dir/" - -#================================================= -# COPY PI-HOLE MAIN SCRIPT -#================================================= -ynh_script_progression --message="Copying Pi-Hole main script..." - -cp -a "$pihole_local_repo/pihole" /usr/local/bin/ -cp -a "$pihole_local_repo/advanced/bash-completion/pihole" /etc/bash_completion.d/pihole - -#================================================= -# CREATE LOG FILES -#================================================= - -touch /var/log/{pihole,pihole-FTL}.log -chmod 644 /var/log/{pihole,pihole-FTL}.log -dnsmasq_user=$(grep DNSMASQ_USER= /etc/init.d/dnsmasq | cut -d'"' -f2) -chown $dnsmasq_user:root /var/log/{pihole,pihole-FTL}.log - -#================================================= -# CREATE SUDOER FILE -#================================================= - -# This sudoers config allow pihole to execute /usr/local/bin/pihole as root without password. Nothing more. -cp "$pihole_local_repo/advanced/Templates/pihole.sudo" /etc/sudoers.d/pihole - -echo "$app ALL=NOPASSWD: /usr/local/bin/pihole" >> /etc/sudoers.d/pihole -# echo "Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin" >> /etc/sudoers.d/pihole -chmod 0440 /etc/sudoers.d/pihole - -#================================================= -# INSTALL LOGROTATE SCRIPT FOR PI-HOLE -#================================================= - -cp "$pihole_local_repo/advanced/Templates/logrotate" "$pihole_storage/logrotate" - -sed -i "/# su #/d;" "$pihole_storage/logrotate" - #================================================= # INSTALLATION OF PIHOLE-FTL #================================================= ynh_script_progression --message="Installing PiHole-FTL..." --weight=30 -# Get the source of Pi-Hole-FTL -FTL_temp_path=$(mktemp -d) -# Install the last version available -ynh_setup_source --dest_dir="$FTL_temp_path" --source_id=FTL - # Instead of downloading a binary file, we're going to compile it ( - cd "$FTL_temp_path" - ynh_exec_warn_less cmake . - ynh_exec_warn_less make - ynh_exec_warn_less make install + cd "$FTL_temp_path" + ynh_exec_warn_less cmake . + ynh_exec_warn_less make + ynh_exec_warn_less make install ) ynh_secure_remove --file="$FTL_temp_path" -cp "../conf/dns-servers.conf" "$pihole_storage" +#================================================= +# INSTALL THE SCRIPTS +#================================================= +ynh_script_progression --message="Installing the scripts..." --weight=1 -ynh_add_config --template="../conf/pihole-FTL.conf" --destination="$pihole_storage/pihole-FTL.conf" +pushd "${PI_HOLE_LOCAL_REPO}" + install -o "${app}" -Dm755 -d "${PI_HOLE_INSTALL_DIR}" + install -o "${app}" -Dm755 -t "${PI_HOLE_INSTALL_DIR}" gravity.sh + install -o "${app}" -Dm755 -t "${PI_HOLE_INSTALL_DIR}" ./advanced/Scripts/*.sh + install -o "${app}" -Dm755 -t "${PI_HOLE_INSTALL_DIR}" ./advanced/Scripts/COL_TABLE + install -o "${app}" -Dm755 -t "${PI_HOLE_BIN_DIR}" pihole + install -Dm644 ./advanced/bash-completion/pihole /etc/bash_completion.d/pihole +popd + +#================================================= +# INSTALL THE CONFIGS +#================================================= +ynh_script_progression --message="Installing the configs..." --weight=1 + +install -d -m 0755 ${PI_HOLE_CONFIG_DIR} + +cp "../conf/dns-servers.conf" "$PI_HOLE_CONFIG_DIR/dns-servers.conf" +chmod 644 "${PI_HOLE_CONFIG_DIR}/dns-servers.conf" + +ynh_add_config --template="../conf/pihole-FTL.conf" --destination="$PI_HOLE_CONFIG_DIR/pihole-FTL.conf" + +install -T -m 0755 "${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole-FTL.service" "/etc/init.d/pihole-FTL" + +#================================================= +# INSTALL SUDOER FILE +#================================================= +ynh_script_progression --message="Installing sudoer file..." --weight=1 + +install -m 0640 ${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole.sudo /etc/sudoers.d/pihole +echo "$app ALL=NOPASSWD: ${PI_HOLE_BIN_DIR}/pihole" >> /etc/sudoers.d/pihole + +#================================================= +# INSTALL A CRON JOB +#================================================= +ynh_script_progression --message="Installing a cron job..." --weight=1 + +install -D -m 644 -T -o root -g root ${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole.cron /etc/cron.d/pihole + +# Randomize gravity update time +ynh_replace_string --match_string="59 1 " --replace_string="$((1 + RANDOM % 58)) $((3 + RANDOM % 2)) " --target_file="/etc/cron.d/pihole" + +# Randomize update checker time +ynh_replace_string --match_string="59 17" --replace_string="$((1 + RANDOM % 58)) $((12 + RANDOM % 8))" --target_file="/etc/cron.d/pihole" + +# Remove git usage for version. Which fails because we use here a release instead of master. +ynh_replace_string --match_string=".*updatechecker.*" --replace_string="#&" --target_file=/etc/cron.d/pihole + +#================================================= +# INSTALL LOGROTATE SCRIPT FOR PI-HOLE +#================================================= +ynh_script_progression --message="Installing logrotate script for PI-HOLE..." --weight=1 + +install -D -m 644 -T "${PI_HOLE_LOCAL_REPO}"/advanced/Templates/logrotate "$PI_HOLE_CONFIG_DIR/logrotate" + +sed -i "/# su #/d;" "$PI_HOLE_CONFIG_DIR/logrotate" + +#================================================= +# DISABLING DNSMASQ +#================================================= +ynh_script_progression --message="Disabling DNSMASQ..." --weight=1 # Last version available # Stopped dnsmasq to replace it by pihole-FTL -ynh_systemd_action --action=stop --service_name=dnsmasq +ynh_systemd_action --service_name=dnsmasq --action=stop # Disable the real dnsmasq service #ynh_exec_warn_less systemctl disable dnsmasq --quiet -# And move the files that make the service available in systemd to really disable it -#mv /lib/systemd/system/dnsmasq.service /lib/systemd/system/.dnsmasq.service.backup_by_pihole -#mv /etc/init.d/dnsmasq /etc/init.d/.dnsmasq.backup_by_pihole - -# Move dnsmasq to preserve the current binary -#mv /usr/sbin/dnsmasq /usr/sbin/dnsmasq.backup_by_pihole -# Replace dnsmasq by pihole-FTL -# NOTE: pihole-FTL is actually a modified version of dnsmasq -# https://github.com/pi-hole/FTL/tree/master/dnsmasq -#ln -s /usr/bin/pihole-FTL /usr/sbin/dnsmasq - -cp -a $pihole_local_repo/advanced/Templates/pihole-FTL.service /etc/init.d/pihole-FTL -chmod +x /etc/init.d/pihole-FTL -ynh_exec_warn_less systemctl enable pihole-FTL --quiet - -# Replace the service dnsmasq by pihole-FTL -# That way, YunoHost can continue to use dnsmasq by actually using pihole-FTL -#ln -s /run/systemd/generator.late/pihole-FTL.service /etc/systemd/system/dnsmasq.service -systemctl mask dnsmasq.service - -# Reload systemd config -systemctl daemon-reload - #================================================= -# BUILD VARIABLES FILE +# FINAL EXPORTS #================================================= +ynh_script_progression --message="Final exports..." --weight=1 -setupVars="$pihole_storage/setupVars.conf" +setupVars="$PI_HOLE_CONFIG_DIR/setupVars.conf" # Get the default network interface main_iface=$(ip route | grep --max-count=1 default | awk '{print $5;}') @@ -258,6 +243,39 @@ echo "INSTALL_WEB=true" >> $setupVars # Calculate and store the config file checksum into the app settings ynh_store_file_checksum --file="$setupVars" +#================================================= +# ENABLING FTL +#================================================= +ynh_script_progression --message="Enable FTL..." --weight=1 + +ynh_exec_warn_less systemctl enable pihole-FTL --quiet + +# Replace the service dnsmasq by pihole-FTL +# That way, YunoHost can continue to use dnsmasq by actually using pihole-FTL +#ln -sf /run/systemd/generator.late/pihole-FTL.service /etc/systemd/system/dnsmasq.service +systemctl mask dnsmasq.service + +# Reload systemd config +systemctl daemon-reload + +#================================================= +# CREATE LOG FILES +#================================================= +ynh_script_progression --message="Creating log files..." --weight=1 + +touch /var/log/{pihole,pihole-FTL}.log +chmod 644 /var/log/{pihole,pihole-FTL}.log +dnsmasq_user=$(grep DNSMASQ_USER= /etc/init.d/dnsmasq | cut -d'"' -f2) +chown $dnsmasq_user:root /var/log/{pihole,pihole-FTL}.log + +#================================================= +# BUILD THE LISTS WITH GRAVITY +#================================================= +ynh_script_progression --message="Building the lists with Gravity..." --weight=7 + +cp "../conf/adlists.default" "$PI_HOLE_CONFIG_DIR/adlists.list" +ynh_exec_warn_less $PI_HOLE_INSTALL_DIR/gravity.sh --force + #================================================= # CONFIGURE DNS FOR THE LOCAL DOMAINS #================================================= @@ -277,40 +295,18 @@ do echo "$localipv4 $perdomain #Added by pihole#" >> /etc/hosts done <<< "$(yunohost domain list | grep "\." | sed 's/.*: \|.*- //')" -#================================================= -# ENABLE DHCP SERVER -#================================================= - -# Open the UDP port 67 for dhcp -ynh_exec_fully_quiet yunohost firewall allow UDP 67 --no-upnp - #================================================= # SET VERSIONS FOR THE FOOTER OF THE WEB INTERFACE #================================================= +ynh_script_progression --message="Setting versions for the footer of the web interface..." --weight=1 -echo "master master master" > $pihole_storage/localbranches -echo "$pihole_core_version $dashboard_version $FTL_version" | tee $pihole_storage/{GitHubVersions,localversions} > /dev/null - -#================================================= -# INSTALL CRON JOB -#================================================= - -cp $pihole_local_repo/advanced/Templates/pihole.cron /etc/cron.d/pihole - -# Remove git usage for version. Which fails because we use here a release instead of master. -ynh_replace_string --match_string=".*updatechecker.*" --replace_string="#&" --target_file=/etc/cron.d/pihole - -#================================================= -# BUILD THE LISTS WITH GRAVITY -#================================================= -ynh_script_progression --message="Building the lists with Gravity..." --weight=7 - -cp "../conf/adlists.default" "$pihole_storage/adlists.list" -ynh_exec_warn_less /opt/pihole/gravity.sh +echo "master master master" > $PI_HOLE_CONFIG_DIR/localbranches +echo "$(ynh_app_upstream_version) $pihole_adminlte_version $pihole_flt_version" | tee $PI_HOLE_CONFIG_DIR/{GitHubVersions,localversions} > /dev/null #================================================= # SET UP CONF_REGEN HOOK #================================================= +ynh_script_progression --message="Setting up conf_regen hook..." --weight=1 cp ../conf/dnsmasq_regenconf_hook /usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="/usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app" @@ -318,26 +314,26 @@ ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_fil systemctl daemon-reload ynh_exec_warn_less yunohost tools regen-conf dnsmasq -#================================================= -# START PIHOLE-FTL -#================================================= - -ynh_script_progression --message="Restarting PiHole-FTL..." --weight=2 - -ynh_systemd_action --action=restart --service_name=pihole-FTL - #================================================= # GENERIC FINALISATION #================================================= -# ADVERTISE SERVICE IN ADMIN PANEL +# INTEGRATE SERVICE IN YUNOHOST #================================================= +ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -yunohost service add pihole-FTL --description="PiHole backend service" --log="/var/log/pihole-FTL.log" +yunohost service add pihole-FTL --description="PiHole backend service" --log="/var/log/pihole-FTL.log" --needs_exposed_ports 53 67 #================================================= -# RESTRAIN THE ACCESS TO THE ADMIN ONLY +# START SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Restraining the access to the admin only..." --weight=2 +ynh_script_progression --message="Starting a systemd service..." --weight=2 + +ynh_systemd_action --service_name=pihole-FTL --action=restart --log_path="/var/log/pihole-FTL.log" + +#================================================= +# SETUP SSOWAT +#================================================= +ynh_script_progression --message="Configuring permissions..." --weight=2 ynh_permission_update --permission="main" --add="$admin" --remove="all_users" diff --git a/scripts/remove b/scripts/remove index 1c73819..949ec02 100755 --- a/scripts/remove +++ b/scripts/remove @@ -18,6 +18,7 @@ app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) port=$(ynh_app_setting_get --app=$app --key=port) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= # STANDARD REMOVE @@ -25,26 +26,26 @@ port=$(ynh_app_setting_get --app=$app --key=port) # REMOVE SERVICE INTEGRATION IN YUNOHOST #================================================= -# Check if the service is declared in YunoHost -if ynh_exec_fully_quiet yunohost service status pihole-FTL +# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) +if ynh_exec_warn_less yunohost service status pihole-FTL >/dev/null then - ynh_script_progression --message="Removing pihole-FTL service..." --weight=2 + ynh_script_progression --message="Removing $app service integration..." --weight=2 yunohost service remove pihole-FTL fi #================================================= -# STOP PIHOLE-FTL SERVICE +# STOP AND REMOVE SERVICE #================================================= -ynh_script_progression --message="Stop and remove the service" +ynh_script_progression --message="Stopping and removing the systemd service..." --weight=1 -ynh_systemd_action --action=stop --service_name=pihole-FTL +ynh_systemd_action --service_name=pihole-FTL --action=stop # Restore dnsmasq as main DNS resolver # Move dnsmasq back to its original place #if [ -e "/usr/sbin/dnsmasq.backup_by_pihole" ] -#then # Remove dnsmasq only if we have its backup -# ynh_secure_remove --file="/usr/sbin/dnsmasq" -# mv /usr/sbin/dnsmasq.backup_by_pihole /usr/sbin/dnsmasq +#then # Remove dnsmasq only if we have its backup +# ynh_secure_remove --file="/usr/sbin/dnsmasq" +# mv /usr/sbin/dnsmasq.backup_by_pihole /usr/sbin/dnsmasq #fi # Move back the service configuration for dnsmasq @@ -63,31 +64,17 @@ ynh_secure_remove --file="/var/run/pihole-FTL.pid" ynh_secure_remove --file="/var/run/pihole-FTL.port" #================================================= -# REMOVE DEPENDENCIES +# REMOVE APP MAIN DIR #================================================= -ynh_script_progression --message="Removing dependencies..." --weight=7 +ynh_script_progression --message="Removing app main directory..." --weight=1 -# Remove metapackage and its dependencies -ynh_remove_app_dependencies - -#================================================= -# REMOVE THE DIRECTORIES OF THE APP -#================================================= -ynh_script_progression --message="Removing app main directory..." - -# Remove storage directory -ynh_secure_remove --file="/etc/pihole" -# Remove app directory -ynh_secure_remove --file="/opt/pihole" -# Remove admin panel directory -ynh_secure_remove --file="/var/www/pihole" -# Remove local clone of the repository -ynh_secure_remove --file="/etc/.pihole" +# Remove the app directory securely +ynh_secure_remove --file="$final_path" #================================================= # REMOVE NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Removing NGINX web server configuration..." +ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1 # Remove the dedicated NGINX config ynh_remove_nginx_config @@ -101,20 +88,27 @@ ynh_script_progression --message="Removing PHP-FPM configuration..." --weight=2 ynh_remove_fpm_config #================================================= -# CLOSE PORTS +# REMOVE DEPENDENCIES +#================================================= +ynh_script_progression --message="Removing dependencies..." --weight=7 + +# Remove metapackage and its dependencies +ynh_remove_app_dependencies + +#================================================= +# CLOSE A PORT #================================================= -ynh_script_progression --message="Closing ports $port and 67..." --weight=13 if yunohost firewall list | grep -q "\- $port$" then - ynh_print_info "Close port $port" - ynh_exec_quiet yunohost firewall disallow TCP $port + ynh_script_progression --message="Closing port $port..." --weight=1 + ynh_exec_warn_less yunohost firewall disallow TCP $port fi if yunohost firewall list | grep -q "\- 67$" then - ynh_print_info "Close port 67" - ynh_exec_quiet yunohost firewall disallow UDP 67 + ynh_script_progression --message="Closing port 67..." --weight=1 + ynh_exec_warn_less yunohost firewall disallow UDP 67 fi #================================================= @@ -122,21 +116,28 @@ fi #================================================= # REMOVE VARIOUS FILES #================================================= -ynh_script_progression --message="Removing various files..." +ynh_script_progression --message="Removing various files..." --weight=1 -ynh_secure_remove --file="/etc/cron.d/pihole" +# Remove a cron file +ynh_secure_remove --file="/etc/cron.d/$app" -# Remove logs -ynh_secure_remove --file="/var/log/pihole.log" -ynh_secure_remove --file="/var/log/pihole-FTL.log" +# Remove the log files +ynh_secure_remove --file="/var/log/$app" # Remove main script -ynh_secure_remove --file="/usr/local/bin/pihole" +ynh_secure_remove --file="$PI_HOLE_BIN_DIR/pihole" ynh_secure_remove --file="/etc/bash_completion.d/pihole" # Remove sudoer file ynh_secure_remove --file="/etc/sudoers.d/pihole" +# Remove storage directory +ynh_secure_remove --file="$PI_HOLE_CONFIG_DIR" +# Remove app directory +ynh_secure_remove --file="$PI_HOLE_INSTALL_DIR" +# Remove local clone of the repository +ynh_secure_remove --file="$PI_HOLE_LOCAL_REPO" + #================================================= # REMOVE DNSMASQ CONFIG #================================================= @@ -147,7 +148,7 @@ ynh_secure_remove --file="/etc/dnsmasq.d/03-pihole-wildcard.conf" #================================================= # CLEAN /etc/hosts #================================================= -ynh_script_progression --message="Clean /etc/hosts" +ynh_script_progression --message="Clean /etc/hosts" --weight=1 # Uncomment lines in /etc/hosts ynh_replace_string --match_string="#Commented by pihole# " --replace_string="" --target_file=/etc/hosts @@ -158,8 +159,9 @@ sed -i "/#Added by pihole#/d" /etc/hosts #================================================= # REMOVE CONF_REGEN HOOK #================================================= +ynh_script_progression --message="Removing conf_regen hook..." --weight=1 -ynh_systemd_action --action=stop --service_name=dnsmasq +ynh_systemd_action --service_name=dnsmasq --action=stop ynh_secure_remove --file=/usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app @@ -168,9 +170,9 @@ ynh_exec_warn_less yunohost tools regen-conf dnsmasq #================================================= # RESTART DNSMASQ #================================================= -ynh_script_progression --message="Restarting Dnsmasq..." +ynh_script_progression --message="Restarting Dnsmasq..." --weight=1 -ynh_systemd_action --action=restart --service_name=dnsmasq +ynh_systemd_action --service_name=dnsmasq --action=restart #================================================= # GENERIC FINALIZATION @@ -182,6 +184,7 @@ ynh_script_progression --message="Removing the dedicated system user..." --weigh # Dirty hack to remove correctly the user killall -u $app +# Delete a system user ynh_system_user_delete --username=$app #================================================= diff --git a/scripts/restore b/scripts/restore index e35ce7f..035e777 100644 --- a/scripts/restore +++ b/scripts/restore @@ -6,7 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= -# Load common variables for all scripts. +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -14,13 +14,16 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= +ynh_clean_setup () { + true +} # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading settings..." --weight=2 +ynh_script_progression --message="Loading installation settings..." --weight=2 app=$YNH_APP_INSTANCE_NAME @@ -39,9 +42,30 @@ fpm_service=$(ynh_app_setting_get --app=$app --key=fpm_service) #================================================= # CHECK IF THE APP CAN BE RESTORED #================================================= -ynh_script_progression --message="Validating restoration parameters..." +ynh_script_progression --message="Validating restoration parameters..." --weight=1 -test ! -d $final_path || ynh_die --message="There is already a directory: $final_path " +test ! -d $final_path \ + || ynh_die --message="There is already a directory: $final_path " + +#================================================= +# FIND AND OPEN A PORT +#================================================= +ynh_script_progression --message="Finding an available port..." --weight=12 + +# Find an available port +port=$(ynh_find_port --port=4711) +if [ $port -gt 4720 ] +then + ynh_die --message="The ports 4711 to 4720 are already in use. Pi-hole can't work on another port. Please try to free one of these ports." +fi +ynh_app_setting_set --app=$app --key=port --value=$port + +# Disable the port 53 for upnp +ynh_exec_fully_quiet yunohost firewall disallow Both 53 --no-reload +ynh_exec_fully_quiet yunohost firewall allow Both 53 --no-upnp + +# Open the UDP port 67 for dhcp +ynh_exec_fully_quiet yunohost firewall allow UDP 67 --no-upnp #================================================= # ACTIVATE MAINTENANCE MODE @@ -51,43 +75,40 @@ ynh_script_progression --message="Activating maintenance mode..." --weight=2 ynh_maintenance_mode_ON #================================================= -# STANDARD RESTORE STEPS -#================================================= -# RESTORE THE NGINX CONFIGURATION -#================================================= - -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" - +# STANDARD RESTORATION STEPS #================================================= # RECREATE THE DEDICATED USER #================================================= ynh_script_progression --message="Recreating the dedicated system user..." --weight=2 # Create the dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir=$final_path +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= -# RESTORE THE MAIN DIRECTORIES OF THE APP +# RESTORE THE APP MAIN DIR #================================================= -ynh_script_progression --message="Restoring the app main directory..." +ynh_script_progression --message="Restoring the app main directory..." --weight=1 ynh_restore_file --origin_path="$final_path" -ynh_restore_file --origin_path="/etc/.pihole" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" -ynh_restore_file --origin_path="/etc/pihole" +#================================================= +# SPECIFIC RESTORATION +#================================================= +# REINSTALL DEPENDENCIES +#================================================= +ynh_script_progression --message="Reinstalling dependencies..." --weight=12 -ynh_restore_file --origin_path="/opt/pihole" - -# Restore permissions on app files -chown $app: -R "/etc/pihole" -# /etc/pihole/logrotate have to belong to root, otherwise logrotate will failed silently... -chown root: -R "/etc/pihole/logrotate" +# Define and install dependencies +ynh_install_app_dependencies $pkg_dependencies #================================================= # RESTORE THE PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Reconfiguring PHP-FPM..." --weight=7 +ynh_script_progression --message="Restoring the PHP-FPM configuration..." --weight=7 # Restore the file first, so it can have a backup if different ynh_restore_file --origin_path="$fpm_config_dir/php-fpm-$app.conf" @@ -97,103 +118,101 @@ ynh_restore_file --origin_path="$fpm_config_dir/pool.d/$app.conf" ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint --dedicated_service #================================================= -# SPECIFIC RESTORE +# RESTORE THE NGINX CONFIGURATION #================================================= -# REINSTALL DEPENDENCIES -#================================================= -ynh_script_progression --message="Reinstalling dependencies..." --weight=12 +ynh_script_progression --message="Restoring the NGINX web server configuration..." --weight=1 -ynh_install_app_dependencies $pkg_dependencies - -#================================================= -# ADVERTISE SERVICE IN ADMIN PANEL -#================================================= - -yunohost service add pihole-FTL --description="PiHole backend service" --log="/var/log/pihole-FTL.log" - -#================================================= -# RESTORE THE CRON FILE -#================================================= - -ynh_restore_file --origin_path="/etc/cron.d/pihole" - -#================================================= -# RECREATE LOG FILES -#================================================= - -touch /var/log/pihole.log -chmod 644 /var/log/pihole.log -dnsmasq_user=$(grep DNSMASQ_USER= /etc/init.d/dnsmasq | cut -d'"' -f2) -chown $dnsmasq_user:root /var/log/pihole.log +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # RESTORE SPECIFIC FILES #================================================= -ynh_script_progression --message="Restoring specific files..." +ynh_script_progression --message="Restoring specific files..." --weight=1 -ynh_restore_file --origin_path="/usr/local/bin/pihole" +ynh_restore_file --origin_path="$PI_HOLE_LOCAL_REPO" + +ynh_restore_file --origin_path="$PI_HOLE_CONFIG_DIR" +# Restore permissions on app files +chown $app: -R "$PI_HOLE_CONFIG_DIR" +# $PI_HOLE_CONFIG_DIR/logrotate have to belong to root, otherwise logrotate will failed silently... +chown root: -R "$PI_HOLE_CONFIG_DIR/logrotate" + +ynh_restore_file --origin_path="$PI_HOLE_INSTALL_DIR" + +ynh_restore_file --origin_path="$PI_HOLE_BIN_DIR/pihole" ynh_restore_file --origin_path="/etc/bash_completion.d/pihole" -ynh_restore_file --origin_path="/etc/sudoers.d/pihole" - ynh_restore_file --origin_path="/etc/init.d/pihole-FTL" ynh_restore_file --origin_path="/usr/bin/pihole-FTL" +install -T -m 0755 "${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole-FTL.service" "/etc/init.d/pihole-FTL" -ynh_restore_file --origin_path="/usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app" +ynh_restore_file --origin_path="/etc/sudoers.d/pihole" #================================================= -# REPLACE THE DEFAULT DNSMASQ BY PIHOLE-FTL +# RESTORE THE CRON FILE #================================================= +ynh_script_progression --message="Restoring the cron file..." --weight=1 + +ynh_restore_file --origin_path="/etc/cron.d/pihole" + +#================================================= +# DISABLING DNSMASQ +#================================================= +ynh_script_progression --message="Disabling DNSMASQ..." --weight=1 # Last version available # Stopped dnsmasq to replace it by pihole-FTL -ynh_systemd_action --action=stop --service_name=dnsmasq +ynh_systemd_action --service_name=dnsmasq --action=stop # Disable the real dnsmasq service #ynh_exec_warn_less systemctl disable dnsmasq --quiet -# And move the files that make the service available in systemd to really disable it -#mv /lib/systemd/system/dnsmasq.service /lib/systemd/system/.dnsmasq.service.backup_by_pihole -#mv /etc/init.d/dnsmasq /etc/init.d/.dnsmasq.backup_by_pihole +#================================================= +# FINAL EXPORTS +#================================================= +ynh_script_progression --message="Final exports..." --weight=1 -# Move dnsmasq to preserve the current binary -#mv /usr/sbin/dnsmasq /usr/sbin/dnsmasq.backup_by_pihole -# Replace dnsmasq by pihole-FTL -# NOTE: pihole-FTL is actually a modified version of dnsmasq -# https://github.com/pi-hole/FTL/tree/master/dnsmasq -#ln -s /usr/bin/pihole-FTL /usr/sbin/dnsmasq +setupVars="$PI_HOLE_CONFIG_DIR/setupVars.conf" + +# Get the default network interface +main_iface=$(ip route | grep --max-count=1 default | awk '{print $5;}') +echo "PIHOLE_INTERFACE=$main_iface" > $setupVars +ynh_replace_string --match_string="^PIHOLE_INTERFACE=.*" --replace_string="PIHOLE_INTERFACE=$main_iface" --target_file=$setupVars +ynh_replace_string --match_string="^IPV4_ADDRESS=.*" --replace_string="IPV4_ADDRESS=127.0.0.1" --target_file=$setupVars + +# Calculate and store the config file checksum into the app settings +ynh_store_file_checksum --file="$setupVars" + +#================================================= +# ENABLING FTL +#================================================= +ynh_script_progression --message="Enable FTL..." --weight=1 -pihole_local_repo="/etc/.pihole" -cp -a $pihole_local_repo/advanced/Templates/pihole-FTL.service /etc/init.d/pihole-FTL -chmod +x /etc/init.d/pihole-FTL ynh_exec_warn_less systemctl enable pihole-FTL --quiet # Replace the service dnsmasq by pihole-FTL # That way, YunoHost can continue to use dnsmasq by actually using pihole-FTL -#ln -s /run/systemd/generator.late/pihole-FTL.service /etc/systemd/system/dnsmasq.service +#ln -sf /run/systemd/generator.late/pihole-FTL.service /etc/systemd/system/dnsmasq.service systemctl mask dnsmasq.service # Reload systemd config systemctl daemon-reload #================================================= -# RESTORE DNSMASQ CONFIG +# RECREATE LOG FILES #================================================= -ynh_script_progression --message="Restoring Dnsmasq config..." +ynh_script_progression --message="Recreate log files..." --weight=1 -test -e "${YNH_APP_BACKUP_DIR}/etc/dnsmasq.d/03-pihole-wildcard.conf" && \ - ynh_restore_file --origin_path="/etc/dnsmasq.d/03-pihole-wildcard.conf" - -systemctl daemon-reload -ynh_exec_warn_less yunohost tools regen-conf dnsmasq +touch /var/log/{pihole,pihole-FTL}.log +chmod 644 /var/log/{pihole,pihole-FTL}.log +dnsmasq_user=$(grep DNSMASQ_USER= /etc/init.d/dnsmasq | cut -d'"' -f2) +chown $dnsmasq_user:root /var/log/{pihole,pihole-FTL}.log #================================================= # CONFIGURE DNS FOR THE LOCAL DOMAINS #================================================= -ynh_script_progression --message="Configuring dns for the local domains..." --weight=2 +ynh_script_progression --message="Configuring DNS for the local domains..." --weight=2 -# Get the default network interface -main_iface=$(ip route | grep --max-count=1 default | awk '{print $5;}') # Find the IP associated to the network interface localipv4=$(ip address | grep "${main_iface}\$" | awk '{print $2;}' | cut -d/ -f1) @@ -209,32 +228,37 @@ do done <<< "$(yunohost domain list | grep "\." | sed 's/.*: \|.*- //')" #================================================= -# UPDATE VARIABLES FILE +# SET UP CONF_REGEN HOOK #================================================= +ynh_script_progression --message="Setting up conf_regen hook..." --weight=1 -setupVars="/etc/pihole/setupVars.conf" +test -e "${YNH_APP_BACKUP_DIR}/etc/dnsmasq.d/03-pihole-wildcard.conf" && ynh_restore_file --origin_path="/etc/dnsmasq.d/03-pihole-wildcard.conf" -echo "PIHOLE_INTERFACE=$main_iface" > $setupVars -ynh_replace_string --match_string="^PIHOLE_INTERFACE=.*" --replace_string="PIHOLE_INTERFACE=$main_iface" --target_file=$setupVars -ynh_replace_string --match_string="^IPV4_ADDRESS=.*" --replace_string="IPV4_ADDRESS=127.0.0.1" --target_file=$setupVars +ynh_restore_file --origin_path="/usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app" -# Recalculate and store the checksum of the file for the next upgrade. -ynh_store_file_checksum --file="$setupVars" +systemctl daemon-reload +ynh_exec_warn_less yunohost tools regen-conf dnsmasq #================================================= -# START PIHOLE-FTL +# INTEGRATE SERVICE IN YUNOHOST #================================================= -ynh_script_progression --message="Restarting PiHole-FTL..." --weight=2 +ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -ynh_exec_warn_less systemctl enable pihole-FTL --quiet -ynh_systemd_action --action=restart --service_name=pihole-FTL +yunohost service add pihole-FTL --description="PiHole backend service" --log="/var/log/pihole-FTL.log" --needs_exposed_ports 53 67 + +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --weight=2 + +ynh_systemd_action --service_name=pihole-FTL --action=restart --log_path="/var/log/pihole-FTL.log" #================================================= # GENERIC FINALIZATION #================================================= # RELOAD NGINX AND PHP-FPM #================================================= -ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." +ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." --weight=1 ynh_systemd_action --service_name=$fpm_service --action=reload ynh_systemd_action --service_name=nginx --action=reload diff --git a/scripts/upgrade b/scripts/upgrade index f0c4228..8286065 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -6,7 +6,6 @@ # IMPORT GENERIC HELPERS #================================================= -# Load common variables for all scripts. source _common.sh source /usr/share/yunohost/helpers @@ -37,7 +36,7 @@ fpm_usage=$(ynh_app_setting_get --app=$app --key=fpm_usage) #================================================= # CHECK VERSION #================================================= -ynh_script_progression --message="Checking version..." +ynh_script_progression --message="Checking version..." --weight=1 upgrade_type=$(ynh_check_app_version_changed) @@ -58,7 +57,7 @@ ynh_abort_if_errors #================================================= # ACTIVATE MAINTENANCE MODE #================================================= -ynh_script_progression --message="Activating maintenance mode..." +ynh_script_progression --message="Activating maintenance mode..." --weight=1 ynh_maintenance_mode_ON @@ -67,7 +66,7 @@ ynh_maintenance_mode_ON #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= -ynh_script_progression --message="Ensuring downward compatibility..." +ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 # If overwrite_setupvars doesn't exist, create it if [ -z "$overwrite_setupvars" ]; then @@ -117,71 +116,30 @@ if [ -z "$pihole_version" ]; then ynh_app_setting_set --app=$app --key=pihole_version --value="$pihole_version" fi -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=7 - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# ACTIVATE MAINTENANCE MODE -#================================================= -ynh_script_progression --message="Activating maintenance mode..." - -ynh_maintenance_mode_ON - -#================================================= -# STANDARD UPGRADE STEPS -#================================================= -# INSTALL DEPENDENCIES -#================================================= -ynh_script_progression --message="Upgrading dependencies..." --weight=6 - -ynh_install_app_dependencies $pkg_dependencies - #================================================= # CREATE DEDICATED USER #================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." +ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 # Create a dedicated user (if not existing) -ynh_system_user_create --username=$app +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= -pihole_local_repo="/etc/.pihole" if [ "$upgrade_type" == "UPGRADE_APP" ] then - ynh_script_progression --message="Upgrading source files..." --weight=4 - # Update the last version available - ynh_setup_source --dest_dir="$pihole_local_repo" --source_id=app - # Update admin dashboard - ynh_setup_source --dest_dir="$final_path" --source_id=admin_dashboard + ynh_script_progression --message="Upgrading source files..." --weight=4 + ynh_setup_source --dest_dir="$PI_HOLE_LOCAL_REPO" --source_id="pi-hole_Core" + ynh_setup_source --dest_dir="$final_path" --source_id=pi-hole_AdminLTE + FTL_temp_path=$(mktemp -d) + ynh_setup_source --dest_dir="$FTL_temp_path" --source_id="pi-hole_FTL" fi -chown $app:www-data "$final_path" - -#================================================= -# NGINX CONFIGURATION -#================================================= - -# Overwrite the nginx configuration only if it's allowed -if [ $overwrite_nginx -eq 1 ] -then - ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2 - # Create a dedicated NGINX config - ynh_add_nginx_config -fi +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # UPGRADE DEPENDENCIES @@ -202,119 +160,133 @@ then ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint --dedicated_service fi +#================================================= +# NGINX CONFIGURATION +#================================================= + +# Overwrite the nginx configuration only if it's allowed +if [ $overwrite_nginx -eq 1 ] +then + ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2 + # Create a dedicated NGINX config + ynh_add_nginx_config +fi + #================================================= # SPECIFIC UPGRADE #================================================= -# UPDATE PI-HOLE SCRIPTS +# STOP SYSTEMD SERVICE #================================================= +ynh_script_progression --message="Stopping a systemd service..." --weight=1 -pihole_dir="/opt/pihole" -cp -a "$pihole_local_repo/gravity.sh" "$pihole_dir/" -cp -a $pihole_local_repo/advanced/Scripts/*.sh "$pihole_dir/" - -# And copy this fucking COL_TABLE file... -cp -a "$pihole_local_repo/advanced/Scripts/COL_TABLE" "$pihole_dir/" - -#================================================= -# COPY PI-HOLE MAIN SCRIPT -#================================================= -ynh_script_progression --message="Copying Pi-Hole main script..." - -cp -a "$pihole_local_repo/pihole" /usr/local/bin/ -cp -a "$pihole_local_repo/advanced/bash-completion/pihole" /etc/bash_completion.d/pihole - -#================================================= -# CREATE SUDOER FILE -#================================================= - -# This sudoers config allow pihole to execute /usr/local/bin/pihole as root without password. Nothing more. -cp "$pihole_local_repo/advanced/Templates/pihole.sudo" /etc/sudoers.d/pihole -echo "$app ALL=NOPASSWD: /usr/local/bin/pihole" >> /etc/sudoers.d/pihole -chmod 0440 /etc/sudoers.d/pihole - -#================================================= -# UPDATE LOGROTATE SCRIPT FOR PI-HOLE -#================================================= - -pihole_storage="/etc/pihole" -cp "$pihole_local_repo/advanced/Templates/logrotate" "$pihole_storage/logrotate" -sed -i "/# su #/d;" "$pihole_storage/logrotate" +ynh_systemd_action --service_name=pihole-FTL --action="stop" --log_path="/var/log/pihole-FTL.log" #================================================= # UPDATE PIHOLE-FTL #================================================= -ynh_script_progression --message="Upgrading PiHole-FTL..." --weight=35 - -ynh_systemd_action --action=stop --service_name=pihole-FTL if [ "$upgrade_type" == "UPGRADE_APP" ] then - # Get the source of Pi-Hole-FTL - FTL_temp_path=$(mktemp -d) - # Install the last version available - ynh_setup_source --dest_dir="$FTL_temp_path" --source_id=FTL + ynh_script_progression --message="Upgrading PiHole-FTL..." --weight=35 - # Instead of downloading a binary file, we're going to compile it - ( - cd "$FTL_temp_path" - ynh_exec_warn_less cmake . - ynh_exec_warn_less make - ynh_exec_warn_less make install - ) - ynh_secure_remove --file="$FTL_temp_path" + # Instead of downloading a binary file, we're going to compile it + ( + cd "$FTL_temp_path" + ynh_exec_warn_less cmake . + ynh_exec_warn_less make + ynh_exec_warn_less make install + ) + ynh_secure_remove --file="$FTL_temp_path" fi +#================================================= +# UPDATE THE SCRIPTS +#================================================= +ynh_script_progression --message="Updating the scripts..." --weight=1 + +pushd "${PI_HOLE_LOCAL_REPO}" + install -o "${app}" -Dm755 -d "${PI_HOLE_INSTALL_DIR}" + install -o "${app}" -Dm755 -t "${PI_HOLE_INSTALL_DIR}" gravity.sh + install -o "${app}" -Dm755 -t "${PI_HOLE_INSTALL_DIR}" ./advanced/Scripts/*.sh + install -o "${app}" -Dm755 -t "${PI_HOLE_INSTALL_DIR}" ./advanced/Scripts/COL_TABLE + install -o "${app}" -Dm755 -t "${PI_HOLE_BIN_DIR}" pihole + install -Dm644 ./advanced/bash-completion/pihole /etc/bash_completion.d/pihole +popd + +#================================================= +# UPDATE THE CONFIGS +#================================================= +ynh_script_progression --message="Updating the configs..." --weight=1 + +install -d -m 0755 ${PI_HOLE_CONFIG_DIR} + +cp -f "../conf/dns-servers.conf" "$PI_HOLE_CONFIG_DIR/dns-servers.conf" +chmod 644 "${PI_HOLE_CONFIG_DIR}/dns-servers.conf" + # Overwrite pihole-FTL config file only if it's allowed if [ $overwrite_ftl -eq 1 ] then - ynh_add_config --template="../conf/pihole-FTL.conf" --destination="$pihole_storage/pihole-FTL.conf" + ynh_add_config --template="../conf/pihole-FTL.conf" --destination="$PI_HOLE_CONFIG_DIR/pihole-FTL.conf" fi +install -T -m 0755 "${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole-FTL.service" "/etc/init.d/pihole-FTL" + +#================================================= +# INSTALL SUDOER FILE +#================================================= +ynh_script_progression --message="Installing sudoer file..." --weight=1 + +install -m 0640 ${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole.sudo /etc/sudoers.d/pihole +echo "$app ALL=NOPASSWD: ${PI_HOLE_BIN_DIR}/pihole" >> /etc/sudoers.d/pihole + +#================================================= +# UPDATE A CRON JOB +#================================================= +ynh_script_progression --message="Updating a cron job..." --weight=1 + +install -D -m 644 -T -o root -g root ${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole.cron /etc/cron.d/pihole + +# Randomize gravity update time +ynh_replace_string --match_string="59 1 " --replace_string="$((1 + RANDOM % 58)) $((3 + RANDOM % 2)) " --target_file="/etc/cron.d/pihole" + +# Randomize update checker time +ynh_replace_string --match_string="59 17" --replace_string="$((1 + RANDOM % 58)) $((12 + RANDOM % 8))" --target_file="/etc/cron.d/pihole" + +# Remove git usage for version. Which fails because we use here a release instead of master. +ynh_replace_string --match_string=".*updatechecker.*" --replace_string="#&" --target_file=/etc/cron.d/pihole + +#================================================= +# UPDATE LOGROTATE SCRIPT FOR PI-HOLE +#================================================= +ynh_script_progression --message="Updating logrotate script for PI-HOLE..." --weight=1 + +install -D -m 644 -T "${PI_HOLE_LOCAL_REPO}"/advanced/Templates/logrotate "$PI_HOLE_CONFIG_DIR/logrotate" + +sed -i "/# su #/d;" "$PI_HOLE_CONFIG_DIR/logrotate" + +#================================================= +# DISABLING DNSMASQ +#================================================= +ynh_script_progression --message="Disabling DNSMASQ..." --weight=1 + # Last version available # Stopped dnsmasq to replace it by pihole-FTL -ynh_systemd_action --action=stop --service_name=dnsmasq +ynh_systemd_action --service_name=dnsmasq --action=stop # Disable the real dnsmasq service #ynh_exec_warn_less systemctl disable dnsmasq --quiet -# And move the files that make the service available in systemd to really disable it -#if [ ! -e "/lib/systemd/system/.dnsmasq.service.backup_by_pihole" ]; then -# mv /lib/systemd/system/dnsmasq.service /lib/systemd/system/.dnsmasq.service.backup_by_pihole -#fi -#if [ ! -e "/etc/init.d/.dnsmasq.backup_by_pihole" ]; then -# mv /etc/init.d/dnsmasq /etc/init.d/.dnsmasq.backup_by_pihole -#fi - -# Move dnsmasq to preserve the current binary -#if [ ! -e "/usr/sbin/dnsmasq.backup_by_pihole" ]; then -# mv /usr/sbin/dnsmasq /usr/sbin/dnsmasq.backup_by_pihole -#fi -# Replace dnsmasq by pihole-FTL -# NOTE: pihole-FTL is actually a modified version of dnsmasq -# https://github.com/pi-hole/FTL/tree/master/dnsmasq -#ln -sf /usr/bin/pihole-FTL /usr/sbin/dnsmasq - -cp -a $pihole_local_repo/advanced/Templates/pihole-FTL.service /etc/init.d/pihole-FTL -chmod +x /etc/init.d/pihole-FTL -ynh_exec_warn_less systemctl enable pihole-FTL --quiet - -# Replace the service dnsmasq by pihole-FTL -# That way, YunoHost can continue to use dnsmasq by actually using pihole-FTL -#ln -sf /run/systemd/generator.late/pihole-FTL.service /etc/systemd/system/dnsmasq.service -systemctl mask dnsmasq.service - -# Reload systemd config -systemctl daemon-reload - #================================================= -# BUILD VARIABLES FILE +# FINAL EXPORTS #================================================= -setupVars="$pihole_storage/setupVars.conf" +setupVars="$PI_HOLE_CONFIG_DIR/setupVars.conf" # Overwrite the setupVars config file only if it's allowed if [ $overwrite_setupvars -eq 1 ] then + ynh_script_progression --message="Final exports..." --weight=1 + # Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script. ynh_backup_if_checksum_is_different --file="$setupVars" @@ -332,38 +304,76 @@ then fi echo "QUERY_LOGGING=$query_logging" >> $setupVars echo "INSTALL_WEB=true" >> $setupVars + echo "BLOCKING_ENABLED=true" >> $setupVars # Recalculate and store the checksum of the file for the next upgrade. ynh_store_file_checksum --file="$setupVars" fi +#================================================= +# ENABLING FTL +#================================================= +ynh_script_progression --message="Enable FTL..." --weight=1 + +ynh_exec_warn_less systemctl enable pihole-FTL --quiet + +# Replace the service dnsmasq by pihole-FTL +# That way, YunoHost can continue to use dnsmasq by actually using pihole-FTL +#ln -sf /run/systemd/generator.late/pihole-FTL.service /etc/systemd/system/dnsmasq.service +systemctl mask dnsmasq.service + +# Reload systemd config +systemctl daemon-reload + +#================================================= +# CREATE LOG FILES +#================================================= +ynh_script_progression --message="Creating log files..." --weight=1 + +touch /var/log/{pihole,pihole-FTL}.log +chmod 644 /var/log/{pihole,pihole-FTL}.log +dnsmasq_user=$(grep DNSMASQ_USER= /etc/init.d/dnsmasq | cut -d'"' -f2) +chown $dnsmasq_user:root /var/log/{pihole,pihole-FTL}.log + +#================================================= +# BUILD THE LISTS WITH GRAVITY +#================================================= +ynh_script_progression --message="Building the lists with Gravity..." --weight=7 + +cp -f "../conf/adlists.default" "$PI_HOLE_CONFIG_DIR/adlists.list" +ynh_exec_warn_less $PI_HOLE_INSTALL_DIR/gravity.sh --force + +#================================================= +# CONFIGURE DNS FOR THE LOCAL DOMAINS +#================================================= +ynh_script_progression --message="Configuring DNS for the local domains..." --weight=7 + +# Find the IP associated to the network interface +localipv4=$(ip address | grep "${main_iface}\$" | awk '{print $2;}' | cut -d/ -f1) + +# List all YunoHost domains +while read perdomain +do + # Comment domain resolution in /etc/hosts on 127.0.0.1, because they can interfere with the local network resolution. + ynh_replace_string --match_string="^127.0.0.1.*$perdomain" --replace_string="#Commented by pihole# &" --target_file=/etc/hosts + + # And add a resolution on the local IP instead + grep -q "^$localipv4.*$perdomain" /etc/hosts || \ + echo "$localipv4 $perdomain #Added by pihole#" >> /etc/hosts +done <<< "$(yunohost domain list | grep "\." | sed 's/.*: \|.*- //')" + #================================================= # SET VERSIONS FOR THE FOOTER OF THE WEB INTERFACE #================================================= +ynh_script_progression --message="Setting versions for the footer of the web interface..." --weight=1 -echo "master master master" > $pihole_storage/localbranches -echo "$pihole_core_version $dashboard_version $FTL_version" | tee $pihole_storage/{GitHubVersions,localversions} > /dev/null - -#================================================= -# UPDATE CRON JOB -#================================================= - -cp $pihole_local_repo/advanced/Templates/pihole.cron /etc/cron.d/pihole - -# Remove git usage for version. Which fails because we use here a release instead of master. -ynh_replace_string --match_string=".*updatechecker.*" --replace_string="#&" --target_file=/etc/cron.d/pihole - -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." - -yunohost service add pihole-FTL --description="PiHole backend service" --log="/var/log/pihole-FTL.log" +echo "master master master" > $PI_HOLE_CONFIG_DIR/localbranches +echo "$(ynh_app_upstream_version) $pihole_adminlte_version $pihole_flt_version" | tee $PI_HOLE_CONFIG_DIR/{GitHubVersions,localversions} > /dev/null #================================================= # UPDATE CONF_REGEN HOOK #================================================= -ynh_script_progression --message="Updating conf_regen hook..." +ynh_script_progression --message="Updating conf_regen hook..." --weight=1 cp ../conf/dnsmasq_regenconf_hook /usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="/usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app" @@ -372,18 +382,27 @@ systemctl daemon-reload ynh_exec_warn_less yunohost tools regen-conf dnsmasq #================================================= -# START PIHOLE-FTL +# GENERIC FINALIZATION #================================================= -ynh_script_progression --message="Restarting PiHole-FTL..." --weight=2 +# INTEGRATE SERVICE IN YUNOHOST +#================================================= +ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -ynh_systemd_action --action=restart --service_name=pihole-FTL +yunohost service add pihole-FTL --description="PiHole backend service" --log="/var/log/pihole-FTL.log" --needs_exposed_ports 53 67 + +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --weight=2 + +ynh_systemd_action --service_name=pihole-FTL --action=restart --log_path="/var/log/pihole-FTL.log" #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading NGINX web server..." +ynh_script_progression --message="Reloading NGINX web server..." --weight=1 -ynh_systemd_action --action=reload --service_name=nginx +ynh_systemd_action --service_name=nginx --action=reload #================================================= # DEACTIVE MAINTENANCE MODE