From decb7db592b2d4c29ba23190c2a99ceebeede616 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?F=C3=A9lix=20Pi=C3=A9dallu?= Date: Wed, 20 Mar 2024 13:59:22 +0100 Subject: [PATCH] update manifestv2 --- conf/nginx.conf | 2 +- scripts/_common.sh | 80 +++++++---- scripts/backup | 16 +-- scripts/change_url | 70 ++++----- scripts/install | 349 ++++++++++++--------------------------------- scripts/remove | 81 ++--------- scripts/restore | 46 +++--- scripts/upgrade | 54 +++---- 8 files changed, 251 insertions(+), 447 deletions(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index adf04fa..09e55c6 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -2,7 +2,7 @@ location __PATH__/ { # Path to source - alias __FINALPATH__/; + alias __INSTALL_DIR__/web/; index index.html index.php; diff --git a/scripts/_common.sh b/scripts/_common.sh index 985c30f..a8ee0d6 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -4,16 +4,10 @@ # COMMON VARIABLES #================================================= -YNH_PHP_VERSION="7.4" - -php_dependencies="php$YNH_PHP_VERSION-common php$YNH_PHP_VERSION-cgi php$YNH_PHP_VERSION-sqlite3 php$YNH_PHP_VERSION-xml php$YNH_PHP_VERSION-intl" - -# dependencies used by the app (must be on a single line) -pkg_dependencies="cmake build-essential libgmp-dev libidn11-dev nettle-dev libreadline-dev sqlite3 cron curl iputils-ping psmisc unzip idn2 libcap2-bin dns-root-data libcap2 netcat-openbsd procps jq $php_dependencies" - pihole_adminlte_version=5.18 pihole_flt_version=5.20 +# This is hard-coded upstream... PI_HOLE_LOCAL_REPO="/etc/.pihole" PI_HOLE_INSTALL_DIR="/opt/pihole" PI_HOLE_CONFIG_DIR="/etc/pihole" @@ -23,21 +17,55 @@ PI_HOLE_BIN_DIR="/usr/local/bin" # PERSONAL HELPERS #================================================= +_configure_ports() { + if [ "$port" -gt 4720 ]; then + ynh_die --message="The ports 4711 to 4720 are already in use. Pi-hole can't work on another port. Please try to free one of these ports." + fi + + # Disable the port 53 for upnp + ynh_exec_fully_quiet yunohost firewall disallow Both 53 --no-reload + ynh_exec_fully_quiet yunohost firewall allow Both 53 --no-upnp + + # Open the UDP port 67 for dhcp + ynh_exec_fully_quiet yunohost firewall allow UDP 67 --no-upnp +} + +_add_cron_jobs() { + install -D -m 644 -T -o root -g root "$PI_HOLE_LOCAL_REPO/advanced/Templates/pihole.cron" /etc/cron.d/pihole + + # Randomize gravity update time + ynh_replace_string --target_file="/etc/cron.d/pihole" \ + --match_string="59 1 " \ + --replace_string="$((1 + RANDOM % 58)) $((3 + RANDOM % 2)) " + + # Randomize update checker time + ynh_replace_string --target_file="/etc/cron.d/pihole" \ + --match_string="59 17" \ + --replace_string="$((1 + RANDOM % 58)) $((12 + RANDOM % 8))" + + # Remove git usage for version. Which fails because we use here a release instead of master. + ynh_replace_string --target_file="/etc/cron.d/pihole" \ + --match_string=".*updatechecker.*" \ + --replace_string="#&" +} + +_add_sudoers_config() { + install -m 0640 "$PI_HOLE_LOCAL_REPO/advanced/Templates/pihole.sudo" /etc/sudoers.d/pihole + echo "$app ALL=NOPASSWD: ${PI_HOLE_BIN_DIR}/pihole" >> /etc/sudoers.d/pihole +} + +_add_logrotate_config() { + install -D -m 644 -T "${PI_HOLE_LOCAL_REPO}"/advanced/Templates/logrotate "$PI_HOLE_CONFIG_DIR/logrotate" + sed -i "/# su #/d;" "$PI_HOLE_CONFIG_DIR/logrotate" +} + #================================================= # EXPERIMENTAL HELPERS #================================================= ynh_maintenance_mode_ON () { - # Load value of $path_url and $domain from the config if their not set - if [ -z $path_url ]; then - path_url=$(ynh_app_setting_get $app path) - fi - if [ -z $domain ]; then - domain=$(ynh_app_setting_get $app domain) - fi - mkdir -p /var/www/html/ - + # Create an html to serve as maintenance notice echo " @@ -60,10 +88,10 @@ ynh_maintenance_mode_ON () { " > "/var/www/html/maintenance.$app.html" # Create a new nginx config file to redirect all access to the app to the maintenance notice instead. - echo "# All request to the app will be redirected to ${path_url}_maintenance and fall on the maintenance notice -rewrite ^${path_url}/(.*)$ ${path_url}_maintenance/? redirect; + echo "# All request to the app will be redirected to ${path}_maintenance and fall on the maintenance notice +rewrite ^${path}/(.*)$ ${path}_maintenance/? redirect; # Use another location, to not be in conflict with the original config file -location ${path_url}_maintenance/ { +location ${path}_maintenance/ { alias /var/www/html/ ; try_files maintenance.$app.html =503; @@ -74,7 +102,7 @@ include conf.d/yunohost_panel.conf.inc; # The current config file will redirect all requests to the root of the app. # To keep the full path, we can use the following rewrite rule: - # rewrite ^${path_url}/(.*)$ ${path_url}_maintenance/\$1? redirect; + # rewrite ^${path}/(.*)$ ${path}_maintenance/\$1? redirect; # The difference will be in the $1 at the end, which keep the following queries. # But, if it works perfectly for a html request, there's an issue with any php files. # This files are treated as simple files, and will be downloaded by the browser. @@ -84,16 +112,8 @@ include conf.d/yunohost_panel.conf.inc; } ynh_maintenance_mode_OFF () { - # Load value of $path_url and $domain from the config if their not set - if [ -z $path_url ]; then - path_url=$(ynh_app_setting_get $app path) - fi - if [ -z $domain ]; then - domain=$(ynh_app_setting_get $app domain) - fi - - # Rewrite the nginx config file to redirect from ${path_url}_maintenance to the real url of the app. - echo "rewrite ^${path_url}_maintenance/(.*)$ ${path_url}/\$1 redirect;" > "/etc/nginx/conf.d/$domain.d/maintenance.$app.conf" + # Rewrite the nginx config file to redirect from ${path}_maintenance to the real url of the app. + echo "rewrite ^${path}_maintenance/(.*)$ ${path}/\$1 redirect;" > "/etc/nginx/conf.d/$domain.d/maintenance.$app.conf" systemctl reload nginx # Sleep 4 seconds to let the browser reload the pages and redirect the user to the app. diff --git a/scripts/backup b/scripts/backup index 286bc4d..7089023 100644 --- a/scripts/backup +++ b/scripts/backup @@ -14,24 +14,24 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= -ynh_clean_setup () { +#REMOVEME? ynh_clean_setup () { true } # Exit if an error occurs during the execution of the script -ynh_abort_if_errors +#REMOVEME? ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_print_info --message="Loading installation settings..." +#REMOVEME? ynh_print_info --message="Loading installation settings..." -app=$YNH_APP_INSTANCE_NAME +#REMOVEME? app=$YNH_APP_INSTANCE_NAME -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -domain=$(ynh_app_setting_get --app=$app --key=domain) +#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) +#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain) # Get variable from ynh_add_fpm_config -fpm_config_dir=$(ynh_app_setting_get --app=$app --key=fpm_config_dir) +#REMOVEME? fpm_config_dir=$(ynh_app_setting_get --app=$app --key=fpm_config_dir) #================================================= # DECLARE DATA AND CONF FILES TO BACKUP @@ -42,7 +42,7 @@ ynh_print_info --message="Declaring files to be backed up..." # BACKUP THE APP MAIN DIR #================================================= -ynh_backup --src_path="$final_path" +ynh_backup --src_path="$install_dir" #================================================= # BACKUP THE NGINX CONFIGURATION #================================================= diff --git a/scripts/change_url b/scripts/change_url index 13578d4..4acb79f 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -13,45 +13,45 @@ source /usr/share/yunohost/helpers # RETRIEVE ARGUMENTS #================================================= -old_domain=$YNH_APP_OLD_DOMAIN -old_path=$YNH_APP_OLD_PATH +#REMOVEME? old_domain=$YNH_APP_OLD_DOMAIN +#REMOVEME? old_path=$YNH_APP_OLD_PATH -new_domain=$YNH_APP_NEW_DOMAIN -new_path=$YNH_APP_NEW_PATH +#REMOVEME? new_domain=$YNH_APP_NEW_DOMAIN +#REMOVEME? new_path=$YNH_APP_NEW_PATH -app=$YNH_APP_INSTANCE_NAME +#REMOVEME? app=$YNH_APP_INSTANCE_NAME #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." --weight=2 +#REMOVEME? ynh_script_progression --message="Loading installation settings..." --weight=2 -# Needed for helper "ynh_add_nginx_config" -final_path=$(ynh_app_setting_get --app=$app --key=final_path) +#REMOVEME? # Needed for helper "ynh_add_nginx_config" +#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) #================================================= # BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP #================================================= -ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=11 +#REMOVEME? ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=11 # Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { +#REMOVEME? ynh_backup_before_upgrade +#REMOVEME? ynh_clean_setup () { # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. - ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" +#REMOVEME? ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" # Restore it if the upgrade fails - ynh_restore_upgradebackup +#REMOVEME? ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script -ynh_abort_if_errors +#REMOVEME? ynh_abort_if_errors #================================================= # ACTIVATE MAINTENANCE MODE #================================================= ynh_script_progression --message="Activating maintenance mode..." --weight=1 - -path_url=$old_path +#REMOVEME? +path=$old_path domain=$old_domain ynh_maintenance_mode_ON @@ -59,16 +59,16 @@ ynh_maintenance_mode_ON # CHECK WHICH PARTS SHOULD BE CHANGED #================================================= -change_domain=0 -if [ "$old_domain" != "$new_domain" ] +#REMOVEME? change_domain=0 +#REMOVEME? if [ "$old_domain" != "$new_domain" ] then - change_domain=1 + #REMOVEME? change_domain=1 fi -change_path=0 -if [ "$old_path" != "$new_path" ] +#REMOVEME? change_path=0 +#REMOVEME? if [ "$old_path" != "$new_path" ] then - change_path=1 + #REMOVEME? change_path=1 fi #================================================= @@ -78,28 +78,30 @@ fi #================================================= ynh_script_progression --message="Updating NGINX web server configuration..." --weight=4 -nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf +ynh_change_url_nginx_config + +#REMOVEME? nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf # Change the path in the NGINX config file if [ $change_path -eq 1 ] then # Make a backup of the original NGINX config file if modified - ynh_backup_if_checksum_is_different --file="$nginx_conf_path" +#REMOVEME? ynh_backup_if_checksum_is_different --file="$nginx_conf_path" # Set global variables for NGINX helper - domain="$old_domain" - path_url="$new_path" +#REMOVEME? domain="$old_domain" +#REMOVEME? path="$new_path" # Create a dedicated NGINX config - ynh_add_nginx_config +#REMOVEME? ynh_add_nginx_config fi # Change the domain for NGINX if [ $change_domain -eq 1 ] then # Delete file checksum for the old conf file location - ynh_delete_file_checksum --file="$nginx_conf_path" - mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf +#REMOVEME? ynh_delete_file_checksum --file="$nginx_conf_path" +#REMOVEME? mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf # Store file checksum for the new config file location - ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" +#REMOVEME? ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" fi #================================================= @@ -107,16 +109,16 @@ fi #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 +#REMOVEME? ynh_script_progression --message="Reloading NGINX web server..." --weight=1 -ynh_systemd_action --service_name=nginx --action=reload +#REMOVEME? #REMOVEME? ynh_systemd_action --service_name=nginx --action=reload #================================================= # DEACTIVE MAINTENANCE MODE #================================================= ynh_script_progression --message="Disabling maintenance mode..." --weight=5 - -path_url=$old_path +#REMOVEME? +path=$old_path domain=$old_domain ynh_maintenance_mode_OFF diff --git a/scripts/install b/scripts/install index 00071f5..35d53f5 100644 --- a/scripts/install +++ b/scripts/install @@ -1,7 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -10,269 +8,112 @@ source _common.sh source /usr/share/yunohost/helpers #================================================= -# MANAGE SCRIPT FAILURE +# INITIALIZE AND STORE SETTINGS #================================================= -ynh_clean_setup () { - true -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors +ynh_app_setting_set --app="$app" --key="overwrite_setupvars" --value=1 +ynh_app_setting_set --app="$app" --key="overwrite_ftl" --value=1 -#================================================= -# RETRIEVE ARGUMENTS FROM THE MANIFEST -#================================================= +# Get the default network interface +main_iface=$(ip route | grep --max-count=1 default | awk '{print $5;}') -domain=$YNH_APP_ARG_DOMAIN -path_url=$YNH_APP_ARG_PATH -admin=$YNH_APP_ARG_ADMIN -query_logging=$YNH_APP_ARG_QUERY_LOGGING -enable_dhcp=$YNH_APP_ARG_ENABLE_DHCP +# Get the dnsmasq user to set log files permissions +dnsmasq_user=$(grep DNSMASQ_USER= /etc/init.d/dnsmasq | cut -d'"' -f2) -app=$YNH_APP_INSTANCE_NAME - -#================================================= -# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS -#================================================= -ynh_script_progression --message="Validating installation parameters..." --weight=2 - -final_path=/var/www/$app -test ! -e "$final_path" || ynh_die --message="This path already contains a folder" - -# Register (book) web path -ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url - -#================================================= -# STORE SETTINGS FROM MANIFEST -#================================================= -ynh_script_progression --message="Storing installation settings..." --weight=3 - -ynh_app_setting_set --app=$app --key=domain --value=$domain -ynh_app_setting_set --app=$app --key=path --value=$path_url -ynh_app_setting_set --app=$app --key=admin --value=$admin -ynh_app_setting_set --app=$app --key=query_logging --value=$query_logging -ynh_app_setting_set --app=$app --key=enable_dhcp --value=$enable_dhcp - -ynh_app_setting_set --app=$app --key=overwrite_setupvars --value=1 -ynh_app_setting_set --app=$app --key=overwrite_ftl --value=1 - -#================================================= -# STANDARD MODIFICATIONS -#================================================= -# FIND AND OPEN A PORT -#================================================= -ynh_script_progression --message="Finding an available port..." --weight=12 - -# Find an available port -port=$(ynh_find_port --port=4711) -if [ $port -gt 4720 ] -then - ynh_die --message="The ports 4711 to 4720 are already in use. Pi-hole can't work on another port. Please try to free one of these ports." +if [ "$query_logging" -eq 1 ]; then + query_logging_str=true +else + query_logging_str=false fi -ynh_app_setting_set --app=$app --key=port --value=$port - -# Disable the port 53 for upnp -ynh_exec_fully_quiet yunohost firewall disallow Both 53 --no-reload -ynh_exec_fully_quiet yunohost firewall allow Both 53 --no-upnp - -# Open the UDP port 67 for dhcp -ynh_exec_fully_quiet yunohost firewall allow UDP 67 --no-upnp #================================================= -# INSTALL DEPENDENCIES +# CHECK AVAILABLE PORT #================================================= -ynh_script_progression --message="Installing dependencies..." --weight=12 -ynh_install_app_dependencies $pkg_dependencies - -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=2 - -# Create a system user -ynh_system_user_create --username=$app --home_dir="$final_path" +_configure_ports #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_script_progression --message="Setting up source files..." --weight=4 -ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source --dest_dir="$PI_HOLE_LOCAL_REPO" --source_id="pi-hole_Core" -ynh_setup_source --dest_dir="$final_path" --source_id=pi-hole_AdminLTE -FTL_temp_path=$(mktemp -d) -ynh_setup_source --dest_dir="$FTL_temp_path" --source_id="pi-hole_FTL" +ynh_setup_source --source_id="pi-hole_core" --dest_dir="$PI_HOLE_LOCAL_REPO" +ynh_setup_source --source_id="pi-hole_web" --dest_dir="$install_dir/web" +ynh_setup_source --source_id="pi-hole_ftl" --dest_dir="$install_dir/ftl" -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:www-data "$final_path" +chmod -R o-rwx "$install_dir" +chown -R "$app:www-data" "$install_dir" -#================================================= -# PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Configuring PHP-FPM..." --weight=2 +touch /var/log/{pihole,pihole-FTL}.log +chmod 644 /var/log/{pihole,pihole-FTL}.log +chown "$dnsmasq_user:root" /var/log/{pihole,pihole-FTL}.log -# Create a dedicated PHP-FPM config -ynh_add_fpm_config - -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Configuring NGINX web server..." --weight=2 - -# Create a dedicated NGINX config -ynh_add_nginx_config - -#================================================= -# SPECIFIC SETUP #================================================= # INSTALLATION OF PIHOLE-FTL #================================================= -ynh_script_progression --message="Installing PiHole-FTL..." --weight=30 +ynh_script_progression --message="Building PiHole-FTL..." --weight=30 # Instead of downloading a binary file, we're going to compile it -( - cd "$FTL_temp_path" - ynh_exec_warn_less cmake . - ynh_exec_warn_less make - ynh_exec_warn_less make install -) - -ynh_secure_remove --file="$FTL_temp_path" +pushd "$install_dir/ftl" + ynh_exec_warn_less cmake . + ynh_exec_warn_less make + ynh_exec_warn_less make install +popd +ynh_secure_remove --file="$install_dir/ftl" #================================================= # INSTALL THE SCRIPTS #================================================= -ynh_script_progression --message="Installing the scripts..." --weight=1 +ynh_script_progression --message="Installing Pihole..." --weight=1 -pushd "${PI_HOLE_LOCAL_REPO}" - install -o "${app}" -Dm755 -d "${PI_HOLE_INSTALL_DIR}" - install -o "${app}" -Dm755 -t "${PI_HOLE_INSTALL_DIR}" gravity.sh - install -o "${app}" -Dm755 -t "${PI_HOLE_INSTALL_DIR}" ./advanced/Scripts/*.sh - install -o "${app}" -Dm755 -t "${PI_HOLE_INSTALL_DIR}" ./advanced/Scripts/COL_TABLE - install -o "${app}" -Dm755 -t "${PI_HOLE_BIN_DIR}" pihole - install -Dm644 ./advanced/bash-completion/pihole /etc/bash_completion.d/pihole -popd +install -o "$app" -Dm755 -d "$PI_HOLE_INSTALL_DIR" +install -o "$app" -Dm755 -t "$PI_HOLE_INSTALL_DIR" "$PI_HOLE_LOCAL_REPO/gravity.sh" +install -o "$app" -Dm755 -t "$PI_HOLE_INSTALL_DIR" "$PI_HOLE_LOCAL_REPO/advanced/Scripts"/*.sh +install -o "$app" -Dm755 -t "$PI_HOLE_INSTALL_DIR" "$PI_HOLE_LOCAL_REPO/advanced/Scripts/COL_TABLE" +install -Dm644 -t /etc/bash_completion.d/pihole "$PI_HOLE_LOCAL_REPO/advanced/bash-completion/pihole" + +install -o "$app" -Dm755 -t "$PI_HOLE_BIN_DIR" "$PI_HOLE_LOCAL_REPO/pihole" #================================================= # INSTALL THE CONFIGS #================================================= -ynh_script_progression --message="Installing the configs..." --weight=1 +ynh_script_progression --message="Installing $app's configuration files..." --weight=1 -install -d -m 0755 ${PI_HOLE_CONFIG_DIR} +install -d -m 0755 "$PI_HOLE_CONFIG_DIR" +ynh_add_config --template="dns-servers.conf" --destination="$PI_HOLE_CONFIG_DIR/dns-servers.conf" +ynh_add_config --template="pihole-FTL.conf" --destination="$PI_HOLE_CONFIG_DIR/pihole-FTL.conf" -cp "../conf/dns-servers.conf" "$PI_HOLE_CONFIG_DIR/dns-servers.conf" chmod 644 "${PI_HOLE_CONFIG_DIR}/dns-servers.conf" -ynh_add_config --template="../conf/pihole-FTL.conf" --destination="$PI_HOLE_CONFIG_DIR/pihole-FTL.conf" - -install -T -m 0755 "${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole-FTL.service" "/etc/init.d/pihole-FTL" +{ + echo "PIHOLE_INTERFACE=$main_iface" + echo "IPV4_ADDRESS=127.0.0.1" + echo "IPV6_ADDRESS=::1" + echo "PIHOLE_DNS_1=" + echo "PIHOLE_DNS_2=" + echo "QUERY_LOGGING=$query_logging_str" + echo "INSTALL_WEB=true" + echo "BLOCKING_ENABLED=true" +} > "$PI_HOLE_CONFIG_DIR/setupVars.conf" +ynh_store_file_checksum --file="$PI_HOLE_CONFIG_DIR/setupVars.conf" #================================================= -# INSTALL SUDOER FILE +# SET VERSIONS FOR THE FOOTER OF THE WEB INTERFACE #================================================= -ynh_script_progression --message="Installing sudoer file..." --weight=1 +ynh_script_progression --message="Setting versions for the footer of the web interface..." --weight=1 -install -m 0640 ${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole.sudo /etc/sudoers.d/pihole -echo "$app ALL=NOPASSWD: ${PI_HOLE_BIN_DIR}/pihole" >> /etc/sudoers.d/pihole - -#================================================= -# INSTALL A CRON JOB -#================================================= -ynh_script_progression --message="Installing a cron job..." --weight=1 - -install -D -m 644 -T -o root -g root ${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole.cron /etc/cron.d/pihole - -# Randomize gravity update time -ynh_replace_string --match_string="59 1 " --replace_string="$((1 + RANDOM % 58)) $((3 + RANDOM % 2)) " --target_file="/etc/cron.d/pihole" - -# Randomize update checker time -ynh_replace_string --match_string="59 17" --replace_string="$((1 + RANDOM % 58)) $((12 + RANDOM % 8))" --target_file="/etc/cron.d/pihole" - -# Remove git usage for version. Which fails because we use here a release instead of master. -ynh_replace_string --match_string=".*updatechecker.*" --replace_string="#&" --target_file=/etc/cron.d/pihole - -#================================================= -# INSTALL LOGROTATE SCRIPT FOR PI-HOLE -#================================================= -ynh_script_progression --message="Installing logrotate script for PI-HOLE..." --weight=1 - -install -D -m 644 -T "${PI_HOLE_LOCAL_REPO}"/advanced/Templates/logrotate "$PI_HOLE_CONFIG_DIR/logrotate" - -sed -i "/# su #/d;" "$PI_HOLE_CONFIG_DIR/logrotate" - -#================================================= -# DISABLING DNSMASQ -#================================================= -ynh_script_progression --message="Disabling DNSMASQ..." --weight=1 - -# Last version available -# Stopped dnsmasq to replace it by pihole-FTL -ynh_systemd_action --service_name=dnsmasq --action=stop - -# Disable the real dnsmasq service -#ynh_exec_warn_less systemctl disable dnsmasq --quiet - -#================================================= -# FINAL EXPORTS -#================================================= -ynh_script_progression --message="Final exports..." --weight=1 - -setupVars="$PI_HOLE_CONFIG_DIR/setupVars.conf" - -# Get the default network interface -main_iface=$(ip route | grep --max-count=1 default | awk '{print $5;}') -echo "PIHOLE_INTERFACE=$main_iface" > $setupVars -echo "IPV4_ADDRESS=127.0.0.1" >> $setupVars -echo "IPV6_ADDRESS=::1" >> $setupVars -echo "PIHOLE_DNS_1=" >> $setupVars -echo "PIHOLE_DNS_2=" >> $setupVars -if [ $query_logging -eq 1 ]; then - query_logging=true -else - query_logging=false -fi -echo "QUERY_LOGGING=$query_logging" >> $setupVars -echo "INSTALL_WEB=true" >> $setupVars -echo "BLOCKING_ENABLED=true" >> $setupVars - -# Calculate and store the config file checksum into the app settings -ynh_store_file_checksum --file="$setupVars" - -#================================================= -# ENABLING FTL -#================================================= -ynh_script_progression --message="Enable FTL..." --weight=1 - -ynh_exec_warn_less systemctl enable pihole-FTL --quiet - -# Replace the service dnsmasq by pihole-FTL -# That way, YunoHost can continue to use dnsmasq by actually using pihole-FTL -#ln -sf /run/systemd/generator.late/pihole-FTL.service /etc/systemd/system/dnsmasq.service -systemctl mask dnsmasq.service - -# Reload systemd config -systemctl daemon-reload - -#================================================= -# CREATE LOG FILES -#================================================= -ynh_script_progression --message="Creating log files..." --weight=1 - -touch /var/log/{pihole,pihole-FTL}.log -chmod 644 /var/log/{pihole,pihole-FTL}.log -dnsmasq_user=$(grep DNSMASQ_USER= /etc/init.d/dnsmasq | cut -d'"' -f2) -chown $dnsmasq_user:root /var/log/{pihole,pihole-FTL}.log +echo "master master master" > "$PI_HOLE_CONFIG_DIR/localbranches" +echo "$(ynh_app_upstream_version) $pihole_adminlte_version $pihole_flt_version" \ + | tee "$PI_HOLE_CONFIG_DIR/"{GitHubVersions,localversions} > /dev/null #================================================= # BUILD THE LISTS WITH GRAVITY #================================================= ynh_script_progression --message="Building the lists with Gravity..." --weight=7 -cp "../conf/adlists.default" "$PI_HOLE_CONFIG_DIR/adlists.list" -ynh_exec_warn_less $PI_HOLE_INSTALL_DIR/gravity.sh --force +ynh_add_config --template="adlists.default" --destination="$PI_HOLE_CONFIG_DIR/adlists.list" +ynh_exec_warn_less "$PI_HOLE_INSTALL_DIR/gravity.sh" --force #================================================= # CONFIGURE DNS FOR THE LOCAL DOMAINS @@ -283,64 +124,62 @@ ynh_script_progression --message="Configuring DNS for the local domains..." --we localipv4=$(ip address | grep "${main_iface}\$" | awk '{print $2;}' | cut -d/ -f1) # List all YunoHost domains -while read perdomain -do - # Comment domain resolution in /etc/hosts on 127.0.0.1, because they can interfere with the local network resolution. - ynh_replace_string --match_string="^127.0.0.1.*$perdomain" --replace_string="#Commented by pihole# &" --target_file=/etc/hosts +while read -r perdomain; do + # Comment domain resolution in /etc/hosts on 127.0.0.1, because they can interfere with the local network resolution. + ynh_replace_string --match_string="^127.0.0.1.*$perdomain" --replace_string="#Commented by pihole# &" --target_file=/etc/hosts - # And add a resolution on the local IP instead - grep -q "^$localipv4.*$perdomain" /etc/hosts || \ - echo "$localipv4 $perdomain #Added by pihole#" >> /etc/hosts + # And add a resolution on the local IP instead + grep -q "^$localipv4.*$perdomain" /etc/hosts || \ + echo "$localipv4 $perdomain #Added by pihole#" >> /etc/hosts done <<< "$(yunohost domain list | grep "\." | sed 's/.*: \|.*- //')" #================================================= -# SET VERSIONS FOR THE FOOTER OF THE WEB INTERFACE +# DISABLING DNSMASQ #================================================= -ynh_script_progression --message="Setting versions for the footer of the web interface..." --weight=1 +ynh_script_progression --message="Disabling Dnsmasq in system and yunohost..." --weight=1 -echo "master master master" > $PI_HOLE_CONFIG_DIR/localbranches -echo "$(ynh_app_upstream_version) $pihole_adminlte_version $pihole_flt_version" | tee $PI_HOLE_CONFIG_DIR/{GitHubVersions,localversions} > /dev/null +# Stop dnsmasq to replace it by pihole-FTL +ynh_systemd_action --service_name=dnsmasq --action=stop -#================================================= -# SET UP CONF_REGEN HOOK -#================================================= -ynh_script_progression --message="Setting up conf_regen hook..." --weight=1 - -cp ../conf/dnsmasq_regenconf_hook /usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app -ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="/usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app" +# Replace the service dnsmasq by pihole-FTL +# That way, YunoHost can continue to use dnsmasq by actually using pihole-FTL +#ln -sf /run/systemd/generator.late/pihole-FTL.service /etc/systemd/system/dnsmasq.service +systemctl mask dnsmasq.service +# Reload systemd config systemctl daemon-reload + +ynh_add_config --template="dnsmasq_regenconf_hook" --destination="/usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app" ynh_exec_warn_less yunohost tools regen-conf dnsmasq #================================================= -# GENERIC FINALISATION +# SYSTEM CONFIGURATION #================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 +ynh_script_progression --message="Adding system configurations related to $app..." --weight=1 +# Create a dedicated PHP-FPM config +ynh_add_fpm_config + +# Create a dedicated NGINX config +ynh_add_nginx_config + +# Create sudoers config +_add_sudoers_config + +_add_cron_jobs + +_add_logrotate_config + +install -T -m 0755 "${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole-FTL.service" "/etc/init.d/pihole-FTL" +ynh_exec_warn_less systemctl enable pihole-FTL --quiet yunohost service add pihole-FTL --description="PiHole backend service" --log="/var/log/pihole-FTL.log" --needs_exposed_ports 53 67 #================================================= # START SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Starting a systemd service..." --weight=2 +ynh_script_progression --message="Starting $app's systemd service..." --weight=2 -ynh_systemd_action --service_name=pihole-FTL --action=restart --log_path="/var/log/pihole-FTL.log" - -#================================================= -# SETUP SSOWAT -#================================================= -ynh_script_progression --message="Configuring permissions..." --weight=2 - -ynh_permission_update --permission="main" --add="$admin" --remove="all_users" - -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=3 - -ynh_systemd_action --service_name=nginx --action=reload +ynh_systemd_action --service_name="pihole-FTL" --action=restart --log_path="/var/log/pihole-FTL.log" #================================================= # END OF SCRIPT diff --git a/scripts/remove b/scripts/remove index 949ec02..d839bce 100644 --- a/scripts/remove +++ b/scripts/remove @@ -1,7 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -10,35 +8,16 @@ source _common.sh source /usr/share/yunohost/helpers #================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=2 - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -port=$(ynh_app_setting_get --app=$app --key=port) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) - -#================================================= -# STANDARD REMOVE -#================================================= -# REMOVE SERVICE INTEGRATION IN YUNOHOST +# REMOVE SYSTEM CONFIGURATIONS #================================================= +ynh_script_progression --message="Removing system configurations related to $app..." --weight=1 # Remove the service from the list of services known by YunoHost (added from `yunohost service add`) -if ynh_exec_warn_less yunohost service status pihole-FTL >/dev/null -then - ynh_script_progression --message="Removing $app service integration..." --weight=2 - yunohost service remove pihole-FTL +if ynh_exec_warn_less yunohost service status "pihole-FTL" >/dev/null; then + yunohost service remove "pihole-FTL" fi -#================================================= -# STOP AND REMOVE SERVICE -#================================================= -ynh_script_progression --message="Stopping and removing the systemd service..." --weight=1 - -ynh_systemd_action --service_name=pihole-FTL --action=stop +ynh_systemd_action --service_name="pihole-FTL" --action="stop" # Restore dnsmasq as main DNS resolver # Move dnsmasq back to its original place @@ -63,56 +42,26 @@ ynh_secure_remove --file="/usr/bin/pihole-FTL" ynh_secure_remove --file="/var/run/pihole-FTL.pid" ynh_secure_remove --file="/var/run/pihole-FTL.port" -#================================================= -# REMOVE APP MAIN DIR -#================================================= -ynh_script_progression --message="Removing app main directory..." --weight=1 - -# Remove the app directory securely -ynh_secure_remove --file="$final_path" - -#================================================= -# REMOVE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1 - # Remove the dedicated NGINX config ynh_remove_nginx_config -#================================================= -# REMOVE PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Removing PHP-FPM configuration..." --weight=2 - # Remove the dedicated PHP-FPM config ynh_remove_fpm_config -#================================================= -# REMOVE DEPENDENCIES -#================================================= -ynh_script_progression --message="Removing dependencies..." --weight=7 - -# Remove metapackage and its dependencies -ynh_remove_app_dependencies - #================================================= # CLOSE A PORT #================================================= -if yunohost firewall list | grep -q "\- $port$" -then - ynh_script_progression --message="Closing port $port..." --weight=1 - ynh_exec_warn_less yunohost firewall disallow TCP $port +if yunohost firewall list | grep -q "\- $port$"; then + ynh_script_progression --message="Closing port $port..." --weight=1 + ynh_exec_warn_less yunohost firewall disallow TCP $port fi -if yunohost firewall list | grep -q "\- 67$" -then - ynh_script_progression --message="Closing port 67..." --weight=1 - ynh_exec_warn_less yunohost firewall disallow UDP 67 +if yunohost firewall list | grep -q "\- 67$"; then + ynh_script_progression --message="Closing port 67..." --weight=1 + ynh_exec_warn_less yunohost firewall disallow UDP 67 fi -#================================================= -# SPECIFIC REMOVE #================================================= # REMOVE VARIOUS FILES #================================================= @@ -174,18 +123,12 @@ ynh_script_progression --message="Restarting Dnsmasq..." --weight=1 ynh_systemd_action --service_name=dnsmasq --action=restart -#================================================= -# GENERIC FINALIZATION #================================================= # REMOVE DEDICATED USER #================================================= -ynh_script_progression --message="Removing the dedicated system user..." --weight=2 # Dirty hack to remove correctly the user -killall -u $app - -# Delete a system user -ynh_system_user_delete --username=$app +killall -u "$app" #================================================= # END OF SCRIPT diff --git a/scripts/restore b/scripts/restore index 84f71c6..2d16c16 100644 --- a/scripts/restore +++ b/scripts/restore @@ -14,45 +14,45 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= -ynh_clean_setup () { +#REMOVEME? ynh_clean_setup () { true } # Exit if an error occurs during the execution of the script -ynh_abort_if_errors +#REMOVEME? ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." --weight=2 +#REMOVEME? ynh_script_progression --message="Loading installation settings..." --weight=2 -app=$YNH_APP_INSTANCE_NAME +#REMOVEME? app=$YNH_APP_INSTANCE_NAME -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -enable_dhcp=$(ynh_app_setting_get --app=$app --key=enable_dhcp) -admin=$(ynh_app_setting_get --app=$app --key=admin) +#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain) +#REMOVEME? path=$(ynh_app_setting_get --app=$app --key=path) +#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) +#REMOVEME? enable_dhcp=$(ynh_app_setting_get --app=$app --key=enable_dhcp) +#REMOVEME? admin=$(ynh_app_setting_get --app=$app --key=admin) #================================================= # CHECK IF THE APP CAN BE RESTORED #================================================= -ynh_script_progression --message="Validating restoration parameters..." --weight=1 +#REMOVEME? ynh_script_progression --message="Validating restoration parameters..." --weight=1 -test ! -d $final_path \ - || ynh_die --message="There is already a directory: $final_path " +#REMOVEME? test ! -d $install_dir \ + || ynh_die --message="There is already a directory: $install_dir " #================================================= # FIND AND OPEN A PORT #================================================= -ynh_script_progression --message="Finding an available port..." --weight=12 +#REMOVEME? ynh_script_progression --message="Finding an available port..." --weight=12 # Find an available port -port=$(ynh_find_port --port=4711) +#REMOVEME? port=$(ynh_find_port --port=4711) if [ $port -gt 4720 ] then ynh_die --message="The ports 4711 to 4720 are already in use. Pi-hole can't work on another port. Please try to free one of these ports." fi -ynh_app_setting_set --app=$app --key=port --value=$port +#REMOVEME? ynh_app_setting_set --app=$app --key=port --value=$port # Disable the port 53 for upnp ynh_exec_fully_quiet yunohost firewall disallow Both 53 --no-reload @@ -73,31 +73,31 @@ ynh_maintenance_mode_ON #================================================= # RECREATE THE DEDICATED USER #================================================= -ynh_script_progression --message="Recreating the dedicated system user..." --weight=2 +#REMOVEME? ynh_script_progression --message="Recreating the dedicated system user..." --weight=2 # Create the dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir="$final_path" +#REMOVEME? ynh_system_user_create --username=$app --home_dir="$install_dir" #================================================= # RESTORE THE APP MAIN DIR #================================================= ynh_script_progression --message="Restoring the app main directory..." --weight=1 -ynh_restore_file --origin_path="$final_path" +ynh_restore_file --origin_path="$install_dir" -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:www-data "$final_path" +chmod 750 "$install_dir" +chmod -R o-rwx "$install_dir" +chown -R $app:www-data "$install_dir" #================================================= # SPECIFIC RESTORATION #================================================= # REINSTALL DEPENDENCIES #================================================= -ynh_script_progression --message="Reinstalling dependencies..." --weight=12 +#REMOVEME? ynh_script_progression --message="Reinstalling dependencies..." --weight=12 # Define and install dependencies -ynh_install_app_dependencies $pkg_dependencies +#REMOVEME? ynh_install_app_dependencies $pkg_dependencies #================================================= # RESTORE THE PHP-FPM CONFIGURATION diff --git a/scripts/upgrade b/scripts/upgrade index 93e2218..138022d 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -12,21 +12,21 @@ source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." --weight=3 +#REMOVEME? ynh_script_progression --message="Loading installation settings..." --weight=3 -app=$YNH_APP_INSTANCE_NAME +#REMOVEME? app=$YNH_APP_INSTANCE_NAME -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -admin=$(ynh_app_setting_get --app=$app --key=admin) -query_logging=$(ynh_app_setting_get --app=$app --key=query_logging) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -enable_dhcp=$(ynh_app_setting_get --app=$app --key=enable_dhcp) -port=$(ynh_app_setting_get --app=$app --key=port) -pihole_version="$(ynh_app_setting_get --app=$app --key=pihole_version)" +#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain) +#REMOVEME? path=$(ynh_app_setting_get --app=$app --key=path) +#REMOVEME? admin=$(ynh_app_setting_get --app=$app --key=admin) +#REMOVEME? query_logging=$(ynh_app_setting_get --app=$app --key=query_logging) +#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) +#REMOVEME? enable_dhcp=$(ynh_app_setting_get --app=$app --key=enable_dhcp) +#REMOVEME? port=$(ynh_app_setting_get --app=$app --key=port) +#REMOVEME? pihole_version="$(ynh_app_setting_get --app=$app --key=pihole_version)" -overwrite_setupvars=$(ynh_app_setting_get --app=$app --key=overwrite_setupvars) -overwrite_ftl=$(ynh_app_setting_get --app=$app --key=overwrite_ftl) +#REMOVEME? overwrite_setupvars=$(ynh_app_setting_get --app=$app --key=overwrite_setupvars) +#REMOVEME? overwrite_ftl=$(ynh_app_setting_get --app=$app --key=overwrite_ftl) #================================================= # CHECK VERSION @@ -38,16 +38,16 @@ upgrade_type=$(ynh_check_app_version_changed) #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= -ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=7 +#REMOVEME? ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=7 # Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { +#REMOVEME? ynh_backup_before_upgrade +#REMOVEME? ynh_clean_setup () { # Restore it if the upgrade fails - ynh_restore_upgradebackup +#REMOVEME? ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script -ynh_abort_if_errors +#REMOVEME? ynh_abort_if_errors #================================================= # ACTIVATE MAINTENANCE MODE @@ -84,10 +84,10 @@ fi #================================================= # CREATE DEDICATED USER #================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 +#REMOVEME? ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 # Create a dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir="$final_path" +#REMOVEME? ynh_system_user_create --username=$app --home_dir="$install_dir" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE @@ -97,21 +97,21 @@ if [ "$upgrade_type" == "UPGRADE_APP" ] then ynh_script_progression --message="Upgrading source files..." --weight=4 ynh_setup_source --dest_dir="$PI_HOLE_LOCAL_REPO" --source_id="pi-hole_Core" - ynh_setup_source --dest_dir="$final_path" --source_id=pi-hole_AdminLTE + ynh_setup_source --dest_dir="$install_dir" --source_id=pi-hole_AdminLTE FTL_temp_path=$(mktemp -d) ynh_setup_source --dest_dir="$FTL_temp_path" --source_id="pi-hole_FTL" fi -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:www-data "$final_path" +chmod 750 "$install_dir" +chmod -R o-rwx "$install_dir" +chown -R $app:www-data "$install_dir" #================================================= # UPGRADE DEPENDENCIES #================================================= -ynh_script_progression --message="Upgrading dependencies..." --weight=6 +#REMOVEME? ynh_script_progression --message="Upgrading dependencies..." --weight=6 -ynh_install_app_dependencies $pkg_dependencies +#REMOVEME? ynh_install_app_dependencies $pkg_dependencies #================================================= # PHP-FPM CONFIGURATION @@ -357,9 +357,9 @@ ynh_systemd_action --service_name=pihole-FTL --action=restart --log_path="/var/l #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 +#REMOVEME? ynh_script_progression --message="Reloading NGINX web server..." --weight=1 -ynh_systemd_action --service_name=nginx --action=reload +#REMOVEME? ynh_systemd_action --service_name=nginx --action=reload #================================================= # DEACTIVE MAINTENANCE MODE