diff --git a/.github/workflows/updater.sh b/.github/workflows/updater.sh deleted file mode 100644 index 0b07976..0000000 --- a/.github/workflows/updater.sh +++ /dev/null @@ -1,151 +0,0 @@ -#!/bin/bash - -#================================================= -# PACKAGE UPDATING HELPER -#================================================= - -# This script is meant to be run by GitHub Actions -# The YunoHost-Apps organisation offers a template Action to run this script periodically -# Since each app is different, maintainers can adapt its contents so as to perform -# automatic actions when a new upstream release is detected. - -#================================================= -# FETCHING LATEST RELEASE AND ITS ASSETS -#================================================= - -# Fetching information -current_version=$(cat manifest.json | jq -j '.version|split("~")[0]') -repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]') -# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions) -version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1) -version_adminlte=$(curl --silent "https://api.github.com/repos/pi-hole/web/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1) -version_ftl=$(curl --silent "https://api.github.com/repos/pi-hole/FTL/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1) -assets[0]="https://github.com/pi-hole/pi-hole/archive/$version.tar.gz" -assets[1]="https://github.com/pi-hole/web/archive/$version_adminlte.tar.gz" -assets[2]="https://github.com/pi-hole/FTL/archive/$version_ftl.tar.gz" - -# Later down the script, we assume the version has only digits and dots -# Sometimes the release name starts with a "v", so let's filter it out. -# You may need more tweaks here if the upstream repository has different naming conventions. -if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then - version=${version:1} -fi -if [[ ${version_adminlte:0:1} == "v" || ${version_adminlte:0:1} == "V" ]]; then - version_adminlte=${version_adminlte:1} -fi -if [[ ${version_ftl:0:1} == "v" || ${version_ftl:0:1} == "V" ]]; then - version_ftl=${version_ftl:1} -fi - -# Setting up the environment variables -echo "Current version: $current_version" -echo "Latest release from upstream: $version" -echo "VERSION=$version" >> $GITHUB_ENV -echo "REPO=$repo" >> $GITHUB_ENV -# For the time being, let's assume the script will fail -echo "PROCEED=false" >> $GITHUB_ENV - -# Proceed only if the retrieved version is greater than the current one -if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then - echo "::warning ::No new version available" - exit 0 -# Proceed only if a PR for this new version does not already exist -elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then - echo "::warning ::A branch already exists for this update" - exit 0 -fi - -# Each release can hold multiple assets (e.g. binaries for different architectures, source code, etc.) -echo "${#assets[@]} available asset(s)" - -#================================================= -# UPDATE SOURCE FILES -#================================================= - -# Here we use the $assets variable to get the resources published in the upstream release. -# Here is an example for Grav, it has to be adapted in accordance with how the upstream releases look like. - -# Let's loop over the array of assets URLs -for asset_url in ${assets[@]}; do - - echo "Handling asset at $asset_url" - - # Assign the asset to a source file in conf/ directory - # Here we base the source file name upon a unique keyword in the assets url (admin vs. update) - # Leave $src empty to ignore the asset - case $asset_url in - *"FTL"*) - src="pi-hole_FTL" - ;; - *"web"*) - src="pi-hole_AdminLTE" - ;; - *"pi-hole"*) - src="pi-hole_Core" - ;; - *) - src="" - ;; - esac - - # If $src is not empty, let's process the asset - if [ ! -z "$src" ]; then - - # Create the temporary directory - tempdir="$(mktemp -d)" - - # Download sources and calculate checksum - filename=${asset_url##*/} - curl --silent -4 -L $asset_url -o "$tempdir/$filename" - checksum=$(sha256sum "$tempdir/$filename" | head -c 64) - - # Delete temporary directory - rm -rf $tempdir - - # Get extension - if [[ $filename == *.tar.gz ]]; then - extension=tar.gz - else - extension=${filename##*.} - fi - - # Rewrite source file - cat < conf/$src.src -SOURCE_URL=$asset_url -SOURCE_SUM=$checksum -SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT=$extension -SOURCE_IN_SUBDIR=true -SOURCE_FILENAME= -SOURCE_EXTRACT=true -EOT - echo "... conf/$src.src updated" - - else - echo "... asset ignored" - fi - -done - -#================================================= -# SPECIFIC UPDATE STEPS -#================================================= - -# Any action on the app's source code can be done. -# The GitHub Action workflow takes care of committing all changes after this script ends. - -sed -i "/pihole_adminlte_version/c\pihole_adminlte_version=$version_adminlte" scripts/_common.sh -sed -i "/pihole_flt_version/c\pihole_flt_version=$version_ftl" scripts/_common.sh - -#================================================= -# GENERIC FINALIZATION -#================================================= - -# Replace new version in manifest -echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json - -# No need to update the README, yunohost-bot takes care of it - -# The Action will proceed only if the PROCEED environment variable is set to true -echo "PROCEED=true" >> $GITHUB_ENV -exit 0 diff --git a/.github/workflows/updater.yml b/.github/workflows/updater.yml deleted file mode 100644 index a56d7cb..0000000 --- a/.github/workflows/updater.yml +++ /dev/null @@ -1,49 +0,0 @@ -# This workflow allows GitHub Actions to automagically update your app whenever a new upstream release is detected. -# You need to enable Actions in your repository settings, and fetch this Action from the YunoHost-Apps organization. -# This file should be enough by itself, but feel free to tune it to your needs. -# It calls updater.sh, which is where you should put the app-specific update steps. -name: Check for new upstream releases -on: - # Allow to manually trigger the workflow - workflow_dispatch: - # Run it every day at 6:00 UTC - schedule: - - cron: '0 6 * * *' -jobs: - updater: - runs-on: ubuntu-latest - steps: - - name: Fetch the source code - uses: actions/checkout@v3 - with: - token: ${{ secrets.GITHUB_TOKEN }} - - name: Run the updater script - id: run_updater - run: | - # Setting up Git user - git config --global user.name 'yunohost-bot' - git config --global user.email 'yunohost-bot@users.noreply.github.com' - # Run the updater script - /bin/bash .github/workflows/updater.sh - - name: Commit changes - id: commit - if: ${{ env.PROCEED == 'true' }} - run: | - git commit -am "Upgrade to v$VERSION" - - name: Create Pull Request - id: cpr - if: ${{ env.PROCEED == 'true' }} - uses: peter-evans/create-pull-request@v4 - with: - token: ${{ secrets.GITHUB_TOKEN }} - commit-message: Update to version ${{ env.VERSION }} - committer: 'yunohost-bot ' - author: 'yunohost-bot ' - signoff: false - base: testing - branch: ci-auto-update-v${{ env.VERSION }} - delete-branch: true - title: 'Upgrade to version ${{ env.VERSION }}' - body: | - Upgrade to v${{ env.VERSION }} - draft: false diff --git a/ALL_README.md b/ALL_README.md index 3d6c579..a01b345 100644 --- a/ALL_README.md +++ b/ALL_README.md @@ -1,6 +1,7 @@ # All available README files by language - [Read the README in English](README.md) +- [Irakurri README euskaraz](README_eu.md) - [Lire le README en français](README_fr.md) - [Le o README en galego](README_gl.md) -- [Leggi il “README” in italiano](README_it.md) +- [阅读中文(简体)的 README](README_zh_Hans.md) diff --git a/README.md b/README.md index 43416d6..bd0370f 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ It shall NOT be edited by hand. [![Install Pi-hole with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=pihole) -*[Read this README is other languages.](./ALL_README.md)* +*[Read this README in other languages.](./ALL_README.md)* > *This package allows you to install Pi-hole quickly and simply on a YunoHost server.* > *If you don't have YunoHost, please consult [the guide](https://yunohost.org/install) to learn how to install it.* @@ -24,69 +24,6 @@ The Pi-hole® is a DNS sinkhole that protects your devices from unwanted content ![Screenshot of Pi-hole](./doc/screenshots/dashboard.png) -## Disclaimers / important information - -## Configuration - -Use the admin panel of your Pi-hole to configure this app. You may also need to follow the [post-install guide](https://docs.pi-hole.net/main/post-install/) to setup Pi-hole either as a *DNS server* or a *DHCP server*. - -## Limitations - -* Activate DHCP with Pi-hole needs manual configuration of your router. - -## Using Pi-hole as your DHCP server - -> **Be careful, you should considering that playing with your DHCP may break your network. -In case your server is down, you will lose your dns resolution and ip address. -So, you will lose any internet connection and even the connection to your router.** - -> **If you encounter this kind of problem, please see "How to restore my network" at the end of this document.** - -### How to configure Pi-hole - -There're two ways to configure Pi-hole to be used as your DHCP server. -- Either you can choose to use it when you install the app. -- Or you can activate the DHCP server afterwards in the "Settings" tab, "Pi-hole DHCP Server" part. -In this second case, it can be better to set the ip of the server to a static address - -### How to configure my router - -Your personal router or ISP's router has a DHCP server enabled by default. -If you keep this DHCP, along with Pi-hole's one, you will have transparent conflicts between them. -The first DHCP to respond will distribute its own ip and settings. -So you have to turn off the DHCP of your router to let Pi-hole managed your network. - -#### Why should I use only the DHCP of Pi-hole ? - -By using the DHCP of Pi-hole, you allow Pi-hole to give at each of your client its dns configuration. This way every requests will be filtered by Pi-hole. - -Another use case of using Pi-hole's DHCP is if you have hairpinning problems (You can't connect to your server because its IP is your public IP, and your router doesn't allow that). -In this case, using Pi-hole's dns will allow you to connect to your server by its local address instead of its public one. - -### How to restore my network - -> Oh crap ! -Your Pi-hole server is down, and you don't have a DHCP anymore. -Don't panic, We'll get through it. \o/ - -Use your favorite terminal on your desktop computer. -And first, get your main interface (usually `eth0`). -``` bash -sudo ifconfig -``` - -Then, set your ip as a static ip. -``` bash -sudo ifconfig eth0 192.168.1.100 -``` - -Now, you can connect to your router and turn on its DHCP server to use it again. -You can now reset your ip and get a dynamic address. -``` bash -sudo ifconfig eth0 0.0.0.0 && sudo dhclient eth0 -``` - -> Don't forget to turn off the DHCP of your router if your server is working again. ## Documentation and resources - Official app website: diff --git a/README_eu.md b/README_eu.md new file mode 100644 index 0000000..f7f9879 --- /dev/null +++ b/README_eu.md @@ -0,0 +1,47 @@ + + +# Pi-hole YunoHost-erako + +[![Integrazio maila](https://dash.yunohost.org/integration/pihole.svg)](https://dash.yunohost.org/appci/app/pihole) ![Funtzionamendu egoera](https://ci-apps.yunohost.org/ci/badges/pihole.status.svg) ![Mantentze egoera](https://ci-apps.yunohost.org/ci/badges/pihole.maintain.svg) + +[![Instalatu Pi-hole YunoHost-ekin](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=pihole) + +*[Irakurri README hau beste hizkuntzatan.](./ALL_README.md)* + +> *Pakete honek Pi-hole YunoHost zerbitzari batean azkar eta zailtasunik gabe instalatzea ahalbidetzen dizu.* +> *YunoHost ez baduzu, kontsultatu [gida](https://yunohost.org/install) nola instalatu ikasteko.* + +## Aurreikuspena + +The Pi-hole® is a DNS sinkhole that protects your devices from unwanted content without installing any client-side software. + +**Paketatutako bertsioa:** 5.14.2~ynh4 + +## Pantaila-argazkiak + +![Pi-hole(r)en pantaila-argazkia](./doc/screenshots/dashboard.png) + +## Dokumentazioa eta baliabideak + +- Aplikazioaren webgune ofiziala: +- Administratzaileen dokumentazio ofiziala: +- Jatorrizko aplikazioaren kode-gordailua: +- YunoHost Denda: +- Eman errore baten berri: + +## Garatzaileentzako informazioa + +Bidali `pull request`a [`testing` abarrera](https://github.com/YunoHost-Apps/pihole_ynh/tree/testing). + +`testing` abarra probatzeko, ondorengoa egin: + +```bash +sudo yunohost app install https://github.com/YunoHost-Apps/pihole_ynh/tree/testing --debug +edo +sudo yunohost app upgrade pihole -u https://github.com/YunoHost-Apps/pihole_ynh/tree/testing --debug +``` + +**Informazio gehiago aplikazioaren paketatzeari buruz:** diff --git a/README_fr.md b/README_fr.md index 42d0d07..fe66c8c 100644 --- a/README_fr.md +++ b/README_fr.md @@ -25,70 +25,6 @@ Pi-hole® est un puits DNS qui protège vos appareils des contenus indésirables ![Capture d’écran de Pi-hole](./doc/screenshots/dashboard.png) -## Avertissements / informations importantes - -## Configuration - -Utiliser le panneau d'administration de votre Pi-hole pour configurer cette application. Vous devrez peut-être aussi suivre le [guide de post-installation](https://docs.pi-hole.net/main/post-install/) pour configurer Pi-hole en tant que *serveur DNS* ou *serveur DHCP*. - -## Limitations - -* Activer DHCP avec Pi-hole nécessite une configuration manuelle de votre routeur. - -## Faire de Pi-hole votre serveur DHCP - -> **Attention, vous devez savoir que toucher à votre DHCP pourrait casser votre réseau. -Dans le cas où votre serveur serait inaccessible, vous perdriez votre résolution dns et votre adresse IP. -Ainsi, vous perdriez toute connexion à internet et même la connexion à votre routeur.** - -> **Si vous rencontrez ce genre de problèmes, merci de lire la section "Comment restaurer mon réseau" à la fin de ce document.** - -### Comment configurer Pi-hole - -Il y a 2 manière de configurer Pi-hole pour qu'il soit utilisé comme votre serveur DHCP. -- Soit vous pouvez choisir de l'utiliser lorsque vous installez l'application. -- Soit vous pouvez activer le serveur DHCP par la suite dans l'onglet "Settings", partie "Pi-hole DHCP Server". -Dans ce second cas, il peut être préférable de forcer l'ip du serveur à une adresse statique. - -### Comment configurer mon routeur - -Votre routeur ou celui de votre FAI dispose d'un serveur DHCP activé par défaut. -Si vous gardez ce DHCP, en même temps que celui de Pi-hole, vous allez avoir des conflits transparents entre eux. -Le premier serveur DHCP à répondre va distribuer ses propres ip et paramètres. -Donc vous devez éteindre le serveur DHCP de votre routeur et laisser Pi-hole gérer votre réseau. - -#### Pourquoi je devrais utiliser le DHCP de Pi-hole ? - -En utilisant le DHCP de Pi-hole, vous lui permettez de donner sa configuration dns à chacun de vos clients. De cette manière, chaque requête sera filtrée par Pi-hole. - -Un autre cas d'usage du DHCP de Pi-hole est le cas où vous rencontrez des problèmes de hairpinning (Vous ne pouvez pas vous connecter à votre serveur parce que son ip est votre ip publique, et votre routeur n'autorise pas cela). -Dans ce cas, utilisez le dns de Pi-hole va vous permettre de vous connecter à votre serveur par son adresse locale plutôt que son adresse publique. - -### Comment restaurer mon réseau - -> Oups ! -Votre serveur Pi-hole est tombé, et vous n'avez plus de DHCP. -Ne paniquez pas, on va surmonter ça \o/ - -Utilisez votre terminal favori sur votre ordinateur de bureau. -Et tout d'abord, récupérer votre interface réseau (Le plus souvent `eth0`). -``` bash -sudo ifconfig -``` - -Ensuite, changer votre ip pour une ip statique. -``` bash -sudo ifconfig eth0 192.168.1.100 -``` - -Maintenant, vous pouvez vous connecter à votre routeur et rallumer son serveur DHCP pour l'utiliser à nouveau. -Vous pouvez maintenant retirer votre ip statique et réobtenir une ip dynamique. -``` bash -sudo ifconfig eth0 0.0.0.0 && sudo dhclient eth0 -``` - -> N'oubliez pas d'éteindre le DHCP de votre routeur si votre serveur fonctionne à nouveau. - ## Documentations et ressources - Site officiel de l’app : diff --git a/README_gl.md b/README_gl.md index 17b503f..f8f11c6 100644 --- a/README_gl.md +++ b/README_gl.md @@ -24,69 +24,6 @@ The Pi-hole® is a DNS sinkhole that protects your devices from unwanted content ![Captura de pantalla de Pi-hole](./doc/screenshots/dashboard.png) -## Avisos / información importante - -## Configuration - -Use the admin panel of your Pi-hole to configure this app. You may also need to follow the [post-install guide](https://docs.pi-hole.net/main/post-install/) to setup Pi-hole either as a *DNS server* or a *DHCP server*. - -## Limitations - -* Activate DHCP with Pi-hole needs manual configuration of your router. - -## Using Pi-hole as your DHCP server - -> **Be careful, you should considering that playing with your DHCP may break your network. -In case your server is down, you will lose your dns resolution and ip address. -So, you will lose any internet connection and even the connection to your router.** - -> **If you encounter this kind of problem, please see "How to restore my network" at the end of this document.** - -### How to configure Pi-hole - -There're two ways to configure Pi-hole to be used as your DHCP server. -- Either you can choose to use it when you install the app. -- Or you can activate the DHCP server afterwards in the "Settings" tab, "Pi-hole DHCP Server" part. -In this second case, it can be better to set the ip of the server to a static address - -### How to configure my router - -Your personal router or ISP's router has a DHCP server enabled by default. -If you keep this DHCP, along with Pi-hole's one, you will have transparent conflicts between them. -The first DHCP to respond will distribute its own ip and settings. -So you have to turn off the DHCP of your router to let Pi-hole managed your network. - -#### Why should I use only the DHCP of Pi-hole ? - -By using the DHCP of Pi-hole, you allow Pi-hole to give at each of your client its dns configuration. This way every requests will be filtered by Pi-hole. - -Another use case of using Pi-hole's DHCP is if you have hairpinning problems (You can't connect to your server because its IP is your public IP, and your router doesn't allow that). -In this case, using Pi-hole's dns will allow you to connect to your server by its local address instead of its public one. - -### How to restore my network - -> Oh crap ! -Your Pi-hole server is down, and you don't have a DHCP anymore. -Don't panic, We'll get through it. \o/ - -Use your favorite terminal on your desktop computer. -And first, get your main interface (usually `eth0`). -``` bash -sudo ifconfig -``` - -Then, set your ip as a static ip. -``` bash -sudo ifconfig eth0 192.168.1.100 -``` - -Now, you can connect to your router and turn on its DHCP server to use it again. -You can now reset your ip and get a dynamic address. -``` bash -sudo ifconfig eth0 0.0.0.0 && sudo dhclient eth0 -``` - -> Don't forget to turn off the DHCP of your router if your server is working again. ## Documentación e recursos - Web oficial da app: diff --git a/README_zh_Hans.md b/README_zh_Hans.md new file mode 100644 index 0000000..f86e419 --- /dev/null +++ b/README_zh_Hans.md @@ -0,0 +1,47 @@ + + +# YunoHost 的 Pi-hole + +[![集成程度](https://dash.yunohost.org/integration/pihole.svg)](https://dash.yunohost.org/appci/app/pihole) ![工作状态](https://ci-apps.yunohost.org/ci/badges/pihole.status.svg) ![维护状态](https://ci-apps.yunohost.org/ci/badges/pihole.maintain.svg) + +[![使用 YunoHost 安装 Pi-hole](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=pihole) + +*[阅读此 README 的其它语言版本。](./ALL_README.md)* + +> *通过此软件包,您可以在 YunoHost 服务器上快速、简单地安装 Pi-hole。* +> *如果您还没有 YunoHost,请参阅[指南](https://yunohost.org/install)了解如何安装它。* + +## 概况 + +The Pi-hole® is a DNS sinkhole that protects your devices from unwanted content without installing any client-side software. + +**分发版本:** 5.14.2~ynh4 + +## 截图 + +![Pi-hole 的截图](./doc/screenshots/dashboard.png) + +## 文档与资源 + +- 官方应用网站: +- 官方管理文档: +- 上游应用代码库: +- YunoHost 商店: +- 报告 bug: + +## 开发者信息 + +请向 [`testing` 分支](https://github.com/YunoHost-Apps/pihole_ynh/tree/testing) 发送拉取请求。 + +如要尝试 `testing` 分支,请这样操作: + +```bash +sudo yunohost app install https://github.com/YunoHost-Apps/pihole_ynh/tree/testing --debug +或 +sudo yunohost app upgrade pihole -u https://github.com/YunoHost-Apps/pihole_ynh/tree/testing --debug +``` + +**有关应用打包的更多信息:** diff --git a/check_process b/check_process deleted file mode 100644 index b1ee9c2..0000000 --- a/check_process +++ /dev/null @@ -1,40 +0,0 @@ -;; Test version last version - ; Manifest - domain="domain.tld" - path="/path" - admin="john" - query_logging=1 - enable_dhcp=0 - ; Config_panel - main.overwrite_files.overwrite_setupvars=0|1 - main.overwrite_files.overwrite_ftl=0|1 - main.overwrite_files.overwrite_nginx=0|1 - main.overwrite_files.overwrite_phpfpm=0|1 - main.global_config.email_type=0|1 - main.php_fpm_config.footprint=low|medium|high - main.php_fpm_config.free_footprint=20 - main.php_fpm_config.usage=low|medium|high - main.php_fpm_config.force_max_children=20|0 - ; Checks - pkg_linter=1 - setup_sub_dir=1 - setup_root=1 - setup_nourl=0 - setup_private=1 - setup_public=0 - upgrade=1 - # 5.11.4~ynh1 - upgrade=1 from_commit=3d2f68c4e19f335e63f8ffa259708b38a58c8f67 - upgrade=1 from_commit=4999654987af8b1427a6c72f8af482b235bb46db - backup_restore=1 - multi_instance=0 - port_already_use=0 - change_url=1 - actions=0 - config_panel=0 -;;; Options -Email= -Notification=none -;;; Upgrade options - ; commit=4999654987af8b1427a6c72f8af482b235bb46db - name=Merge pull request #88 diff --git a/conf/nginx.conf b/conf/nginx.conf index adf04fa..09e55c6 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -2,7 +2,7 @@ location __PATH__/ { # Path to source - alias __FINALPATH__/; + alias __INSTALL_DIR__/web/; index index.html index.php; diff --git a/conf/pi-hole_AdminLTE.src b/conf/pi-hole_AdminLTE.src deleted file mode 100644 index 37c0290..0000000 --- a/conf/pi-hole_AdminLTE.src +++ /dev/null @@ -1,7 +0,0 @@ -SOURCE_URL=https://github.com/pi-hole/AdminLTE/archive/v5.18.tar.gz -SOURCE_SUM=563d3568f9b4c8bf09c6a7a21995c1827f3438edd17e5e2b55ead873599580c0 -SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT=tar.gz -SOURCE_IN_SUBDIR=true -SOURCE_FILENAME= -SOURCE_EXTRACT=true diff --git a/conf/pi-hole_Core.src b/conf/pi-hole_Core.src deleted file mode 100644 index b507ba6..0000000 --- a/conf/pi-hole_Core.src +++ /dev/null @@ -1,7 +0,0 @@ -SOURCE_URL=https://github.com/pi-hole/pi-hole/archive/v5.14.2.tar.gz -SOURCE_SUM=fb2bf933eb7dc54de7b5ab220458e0298fb48fa84d5cba1bcb3c72c47bee1051 -SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT=tar.gz -SOURCE_IN_SUBDIR=true -SOURCE_FILENAME= -SOURCE_EXTRACT=true diff --git a/conf/pi-hole_FTL.src b/conf/pi-hole_FTL.src deleted file mode 100644 index 563bfa7..0000000 --- a/conf/pi-hole_FTL.src +++ /dev/null @@ -1,7 +0,0 @@ -SOURCE_URL=https://github.com/pi-hole/FTL/archive/v5.20.tar.gz -SOURCE_SUM=c098d65ed7e59865b814d64a0a5fac65914ce93277e69ef97ab87e8479731fc9 -SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT=tar.gz -SOURCE_IN_SUBDIR=true -SOURCE_FILENAME= -SOURCE_EXTRACT=true diff --git a/conf/setupVars.conf b/conf/setupVars.conf new file mode 100644 index 0000000..f177353 --- /dev/null +++ b/conf/setupVars.conf @@ -0,0 +1,8 @@ +PIHOLE_INTERFACE=__MAIN_IFACE__ +IPV4_ADDRESS=127.0.0.1 +IPV6_ADDRESS=::1 +PIHOLE_DNS_1= +PIHOLE_DNS_2= +QUERY_LOGGING=__QUERY_LOGGING_STR__ +INSTALL_WEB=true +BLOCKING_ENABLED=true diff --git a/doc/DISCLAIMER.md b/doc/ADMIN.md similarity index 92% rename from doc/DISCLAIMER.md rename to doc/ADMIN.md index fdd0fd7..11c3a31 100644 --- a/doc/DISCLAIMER.md +++ b/doc/ADMIN.md @@ -9,16 +9,18 @@ Use the admin panel of your Pi-hole to configure this app. You may also need to ## Using Pi-hole as your DHCP server > **Be careful, you should considering that playing with your DHCP may break your network. -In case your server is down, you will lose your dns resolution and ip address. -So, you will lose any internet connection and even the connection to your router.** - +> In case your server is down, you will lose your dns resolution and ip address. +> So, you will lose any internet connection and even the connection to your router.** +> > **If you encounter this kind of problem, please see "How to restore my network" at the end of this document.** ### How to configure Pi-hole There're two ways to configure Pi-hole to be used as your DHCP server. + - Either you can choose to use it when you install the app. - Or you can activate the DHCP server afterwards in the "Settings" tab, "Pi-hole DHCP Server" part. + In this second case, it can be better to set the ip of the server to a static address ### How to configure my router @@ -43,19 +45,22 @@ Don't panic, We'll get through it. \o/ Use your favorite terminal on your desktop computer. And first, get your main interface (usually `eth0`). + ``` bash sudo ifconfig ``` Then, set your ip as a static ip. + ``` bash sudo ifconfig eth0 192.168.1.100 ``` Now, you can connect to your router and turn on its DHCP server to use it again. You can now reset your ip and get a dynamic address. + ``` bash sudo ifconfig eth0 0.0.0.0 && sudo dhclient eth0 ``` -> Don't forget to turn off the DHCP of your router if your server is working again. \ No newline at end of file +> Don't forget to turn off the DHCP of your router if your server is working again. diff --git a/doc/DISCLAIMER_fr.md b/doc/ADMIN_fr.md similarity index 93% rename from doc/DISCLAIMER_fr.md rename to doc/ADMIN_fr.md index a8c55e6..e9551c6 100644 --- a/doc/DISCLAIMER_fr.md +++ b/doc/ADMIN_fr.md @@ -9,16 +9,18 @@ Utiliser le panneau d'administration de votre Pi-hole pour configurer cette appl ## Faire de Pi-hole votre serveur DHCP > **Attention, vous devez savoir que toucher à votre DHCP pourrait casser votre réseau. -Dans le cas où votre serveur serait inaccessible, vous perdriez votre résolution dns et votre adresse IP. -Ainsi, vous perdriez toute connexion à internet et même la connexion à votre routeur.** - +> Dans le cas où votre serveur serait inaccessible, vous perdriez votre résolution dns et votre adresse IP. +> Ainsi, vous perdriez toute connexion à internet et même la connexion à votre routeur.** +> > **Si vous rencontrez ce genre de problèmes, merci de lire la section "Comment restaurer mon réseau" à la fin de ce document.** ### Comment configurer Pi-hole Il y a 2 manière de configurer Pi-hole pour qu'il soit utilisé comme votre serveur DHCP. + - Soit vous pouvez choisir de l'utiliser lorsque vous installez l'application. - Soit vous pouvez activer le serveur DHCP par la suite dans l'onglet "Settings", partie "Pi-hole DHCP Server". + Dans ce second cas, il peut être préférable de forcer l'ip du serveur à une adresse statique. ### Comment configurer mon routeur @@ -43,17 +45,20 @@ Ne paniquez pas, on va surmonter ça \o/ Utilisez votre terminal favori sur votre ordinateur de bureau. Et tout d'abord, récupérer votre interface réseau (Le plus souvent `eth0`). + ``` bash sudo ifconfig ``` Ensuite, changer votre ip pour une ip statique. + ``` bash sudo ifconfig eth0 192.168.1.100 ``` Maintenant, vous pouvez vous connecter à votre routeur et rallumer son serveur DHCP pour l'utiliser à nouveau. Vous pouvez maintenant retirer votre ip statique et réobtenir une ip dynamique. + ``` bash sudo ifconfig eth0 0.0.0.0 && sudo dhclient eth0 ``` diff --git a/manifest.json b/manifest.json deleted file mode 100644 index 13d779d..0000000 --- a/manifest.json +++ /dev/null @@ -1,80 +0,0 @@ -{ - "name": "Pi-hole", - "id": "pihole", - "packaging_format": 1, - "description": { - "en": "Network-wide ad blocking via your own DNS server", - "fr": "Filtrage publicitaire via votre propre serveur DNS" - }, - "version": "5.14.2~ynh4", - "url": "https://pi-hole.net/", - "upstream": { - "license": "EUPL-1.2", - "website": "https://pi-hole.net/", - "admindoc": "https://docs.pi-hole.net", - "code": "https://github.com/pi-hole/pi-hole" - }, - "license": "EUPL-1.2", - "maintainer": { - "name": "", - "email": "" - }, - "previous_maintainers": [ - { - "name": "Maniack Crudelis", - "email": "maniackc_dev@crudelis.fr" - } - ], - "requirements": { - "yunohost": ">= 11.2.4" - }, - "multi_instance": false, - "services": [ - "nginx", - "php7.4-fpm" - ], - "arguments": { - "install": [ - { - "name": "domain", - "type": "domain" - }, - { - "name": "path", - "type": "path", - "example": "/pihole", - "default": "/pihole" - }, - { - "name": "admin", - "type": "user" - }, - { - "name": "query_logging", - "type": "boolean", - "ask": { - "en": "Do you want to log DNS queries?", - "fr": "Voulez-vous enregistrer les requêtes DNS ?" - }, - "help": { - "en": "Keeping this option deactivate will render graphs on the admin page useless. But will respect the privacy of the other users.", - "fr": "Garder cette option désactivée rendra les graphiques sur la page d'administration inutiles. Mais respectera la vie privée des autres utilisateurs." - }, - "default": false - }, - { - "name": "enable_dhcp", - "type": "boolean", - "ask": { - "en": "Do you want to set Pi-Hole as your DHCP server?", - "fr": "Voulez-vous utiliser Pi-Hole an tant que serveur DHCP ?" - }, - "help": { - "en": "If you want to do that, you really have to read this before!", - "fr": "Si vous voulez faire ça, vous devez vraiment lire cela avant !" - }, - "default": false - } - ] - } -} diff --git a/manifest.toml b/manifest.toml new file mode 100644 index 0000000..593888c --- /dev/null +++ b/manifest.toml @@ -0,0 +1,115 @@ +#:schema https://raw.githubusercontent.com/YunoHost/apps/master/schemas/manifest.v2.schema.json + +packaging_format = 2 + +id = "pihole" +name = "Pi-hole" +description.en = "Network-wide ad blocking via your own DNS server" +description.fr = "Filtrage publicitaire via votre propre serveur DNS" + +version = "5.14.2~ynh4" + +maintainers = [] + +[upstream] +license = "EUPL-1.2" +website = "https://pi-hole.net/" +admindoc = "https://docs.pi-hole.net" +code = "https://github.com/pi-hole/pi-hole" +fund = "https://pi-hole.net/donate/#donate" + +[integration] +yunohost = ">= 11.2.4" +architectures = "all" +multi_instance = false +ldap = "not_relevant" +sso = "not_relevant" +disk = "50M" # FIXME: replace with an **estimate** minimum disk requirement. e.g. 20M, 400M, 1G, ... +ram.build = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ... +ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ... + +[install] + [install.domain] + type = "domain" + + [install.path] + type = "path" + default = "/pihole" + + [install.query_logging] + ask.en = "Do you want to log DNS queries?" + ask.fr = "Voulez-vous enregistrer les requêtes DNS ?" + help.en = "Keeping this option deactivate will render graphs on the admin page useless. But will respect the privacy of the other users." + help.fr = "Garder cette option désactivée rendra les graphiques sur la page d'administration inutiles. Mais respectera la vie privée des autres utilisateurs." + type = "boolean" + default = false + + [install.enable_dhcp] + ask.en = "Do you want to set Pi-Hole as your DHCP server?" + ask.fr = "Voulez-vous utiliser Pi-Hole an tant que serveur DHCP ?" + help.en = "If you want to do that, you really have to read this before!" + help.fr = "Si vous voulez faire ça, vous devez vraiment lire cela avant !" + type = "boolean" + default = false + +[resources] + [resources.sources] + [resources.sources.pi-hole_core] + url = "https://github.com/pi-hole/pi-hole/archive/v5.14.2.tar.gz" + sha256 = "fb2bf933eb7dc54de7b5ab220458e0298fb48fa84d5cba1bcb3c72c47bee1051" + + autoupdate.upstream = "https://github.com/pi-hole/pi-hole" + autoupdate.strategy = "latest_github_release" + + [resources.sources.pi-hole_web] + url = "https://github.com/pi-hole/web/archive/v5.18.tar.gz" + sha256 = "563d3568f9b4c8bf09c6a7a21995c1827f3438edd17e5e2b55ead873599580c0" + + autoupdate.upstream = "https://github.com/pi-hole/web" + autoupdate.strategy = "latest_github_release" + + [resources.sources.pi-hole_ftl] + url = "https://github.com/pi-hole/FTL/archive/v5.20.tar.gz" + sha256 = "c098d65ed7e59865b814d64a0a5fac65914ce93277e69ef97ab87e8479731fc9" + + autoupdate.upstream = "https://github.com/pi-hole/FTL" + autoupdate.strategy = "latest_github_release" + + [resources.system_user] + + [resources.install_dir] + + [resources.permissions] + main.url = "/" + main.allowed = "admins" + + [resources.ports] + main.default = 4711 + + [resources.apt] + packages = [ + "php7.4-common", + "php7.4-cgi", + "php7.4-sqlite3", + "php7.4-xml", + "php7.4-intl", + "cmake", + "build-essential", + "libgmp-dev", + "libidn11-dev", + "nettle-dev", + "libreadline-dev", + "sqlite3", + "cron", + "curl", + "iputils-ping", + "psmisc", + "unzip", + "idn2", + "libcap2-bin", + "dns-root-data", + "libcap2", + "netcat-openbsd", + "procps", + "jq", + ] diff --git a/scripts/_common.sh b/scripts/_common.sh index 985c30f..41f73c9 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -4,40 +4,83 @@ # COMMON VARIABLES #================================================= -YNH_PHP_VERSION="7.4" - -php_dependencies="php$YNH_PHP_VERSION-common php$YNH_PHP_VERSION-cgi php$YNH_PHP_VERSION-sqlite3 php$YNH_PHP_VERSION-xml php$YNH_PHP_VERSION-intl" - -# dependencies used by the app (must be on a single line) -pkg_dependencies="cmake build-essential libgmp-dev libidn11-dev nettle-dev libreadline-dev sqlite3 cron curl iputils-ping psmisc unzip idn2 libcap2-bin dns-root-data libcap2 netcat-openbsd procps jq $php_dependencies" - pihole_adminlte_version=5.18 pihole_flt_version=5.20 +# This is hard-coded upstream... PI_HOLE_LOCAL_REPO="/etc/.pihole" PI_HOLE_INSTALL_DIR="/opt/pihole" PI_HOLE_CONFIG_DIR="/etc/pihole" PI_HOLE_BIN_DIR="/usr/local/bin" +# Get the default network interface +main_iface=$(ip route | grep --max-count=1 default | awk '{print $5;}') + +# Get the dnsmasq user to set log files permissions +dnsmasq_user=$(grep DNSMASQ_USER= /etc/init.d/dnsmasq | cut -d'"' -f2) + +# Find the IP associated to the network interface +localipv4=$(ip address | grep "${main_iface}\$" | awk '{print $2;}' | cut -d/ -f1) + +if [ "$query_logging" -eq 1 ]; then + query_logging_str=true +else + query_logging_str=false +fi + #================================================= # PERSONAL HELPERS #================================================= +_configure_ports() { + if [ "$port" -gt 4720 ]; then + ynh_die --message="The ports 4711 to 4720 are already in use. Pi-hole can't work on another port. Please try to free one of these ports." + fi + + # Disable the port 53 for upnp + ynh_exec_fully_quiet yunohost firewall disallow Both 53 --no-reload + ynh_exec_fully_quiet yunohost firewall allow Both 53 --no-upnp + + # Open the UDP port 67 for dhcp + ynh_exec_fully_quiet yunohost firewall allow UDP 67 --no-upnp +} + +_add_cron_jobs() { + install -D -m 644 -T -o root -g root "$PI_HOLE_LOCAL_REPO/advanced/Templates/pihole.cron" /etc/cron.d/pihole + + # Randomize gravity update time + ynh_replace_string --target_file="/etc/cron.d/pihole" \ + --match_string="59 1 " \ + --replace_string="$((1 + RANDOM % 58)) $((3 + RANDOM % 2)) " + + # Randomize update checker time + ynh_replace_string --target_file="/etc/cron.d/pihole" \ + --match_string="59 17" \ + --replace_string="$((1 + RANDOM % 58)) $((12 + RANDOM % 8))" + + # Remove git usage for version. Which fails because we use here a release instead of master. + ynh_replace_string --target_file="/etc/cron.d/pihole" \ + --match_string=".*updatechecker.*" \ + --replace_string="#&" +} + +_add_sudoers_config() { + install -m 0640 "$PI_HOLE_LOCAL_REPO/advanced/Templates/pihole.sudo" /etc/sudoers.d/pihole + echo "$app ALL=NOPASSWD: ${PI_HOLE_BIN_DIR}/pihole" >> /etc/sudoers.d/pihole +} + +_add_logrotate_config() { + install -D -m 644 -T "${PI_HOLE_LOCAL_REPO}"/advanced/Templates/logrotate "$PI_HOLE_CONFIG_DIR/logrotate" + sed -i "/# su #/d;" "$PI_HOLE_CONFIG_DIR/logrotate" +} + #================================================= # EXPERIMENTAL HELPERS #================================================= ynh_maintenance_mode_ON () { - # Load value of $path_url and $domain from the config if their not set - if [ -z $path_url ]; then - path_url=$(ynh_app_setting_get $app path) - fi - if [ -z $domain ]; then - domain=$(ynh_app_setting_get $app domain) - fi - mkdir -p /var/www/html/ - + # Create an html to serve as maintenance notice echo " @@ -60,10 +103,10 @@ ynh_maintenance_mode_ON () { " > "/var/www/html/maintenance.$app.html" # Create a new nginx config file to redirect all access to the app to the maintenance notice instead. - echo "# All request to the app will be redirected to ${path_url}_maintenance and fall on the maintenance notice -rewrite ^${path_url}/(.*)$ ${path_url}_maintenance/? redirect; + echo "# All request to the app will be redirected to ${path}_maintenance and fall on the maintenance notice +rewrite ^${path}/(.*)$ ${path}_maintenance/? redirect; # Use another location, to not be in conflict with the original config file -location ${path_url}_maintenance/ { +location ${path}_maintenance/ { alias /var/www/html/ ; try_files maintenance.$app.html =503; @@ -74,7 +117,7 @@ include conf.d/yunohost_panel.conf.inc; # The current config file will redirect all requests to the root of the app. # To keep the full path, we can use the following rewrite rule: - # rewrite ^${path_url}/(.*)$ ${path_url}_maintenance/\$1? redirect; + # rewrite ^${path}/(.*)$ ${path}_maintenance/\$1? redirect; # The difference will be in the $1 at the end, which keep the following queries. # But, if it works perfectly for a html request, there's an issue with any php files. # This files are treated as simple files, and will be downloaded by the browser. @@ -84,16 +127,8 @@ include conf.d/yunohost_panel.conf.inc; } ynh_maintenance_mode_OFF () { - # Load value of $path_url and $domain from the config if their not set - if [ -z $path_url ]; then - path_url=$(ynh_app_setting_get $app path) - fi - if [ -z $domain ]; then - domain=$(ynh_app_setting_get $app domain) - fi - - # Rewrite the nginx config file to redirect from ${path_url}_maintenance to the real url of the app. - echo "rewrite ^${path_url}_maintenance/(.*)$ ${path_url}/\$1 redirect;" > "/etc/nginx/conf.d/$domain.d/maintenance.$app.conf" + # Rewrite the nginx config file to redirect from ${path}_maintenance to the real url of the app. + echo "rewrite ^${path}_maintenance/(.*)$ ${path}/\$1 redirect;" > "/etc/nginx/conf.d/$domain.d/maintenance.$app.conf" systemctl reload nginx # Sleep 4 seconds to let the browser reload the pages and redirect the user to the app. diff --git a/scripts/backup b/scripts/backup index 286bc4d..3a1a655 100644 --- a/scripts/backup +++ b/scripts/backup @@ -1,7 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -10,29 +8,6 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -ynh_clean_setup () { - true -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_print_info --message="Loading installation settings..." - -app=$YNH_APP_INSTANCE_NAME - -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -domain=$(ynh_app_setting_get --app=$app --key=domain) - -# Get variable from ynh_add_fpm_config -fpm_config_dir=$(ynh_app_setting_get --app=$app --key=fpm_config_dir) - #================================================= # DECLARE DATA AND CONF FILES TO BACKUP #================================================= @@ -42,21 +17,28 @@ ynh_print_info --message="Declaring files to be backed up..." # BACKUP THE APP MAIN DIR #================================================= -ynh_backup --src_path="$final_path" +ynh_backup --src_path="$install_dir" + #================================================= -# BACKUP THE NGINX CONFIGURATION +# BACKUP THE SYSTEM CONFIGURATION #================================================= ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" -#================================================= -# BACKUP THE PHP-FPM CONFIGURATION -#================================================= +ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" -ynh_backup --src_path="$fpm_config_dir/pool.d/$app.conf" +ynh_backup --src_path="/etc/cron.d/pihole" + +ynh_backup --src_path="/etc/sudoers.d/pihole" + +ynh_backup --src_path="/etc/init.d/pihole-FTL" + +ynh_backup --src_path="/usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app" + +if test -e "/etc/dnsmasq.d/03-pihole-wildcard.conf"; then + ynh_backup --src_path="/etc/dnsmasq.d/03-pihole-wildcard.conf" +fi -#================================================= -# SPECIFIC BACKUP #================================================= # BACKUP VARIOUS FILES #================================================= @@ -65,22 +47,11 @@ ynh_backup --src_path="$PI_HOLE_LOCAL_REPO" ynh_backup --src_path="$PI_HOLE_CONFIG_DIR" ynh_backup --src_path="$PI_HOLE_INSTALL_DIR" -ynh_backup --src_path="/etc/cron.d/pihole" - ynh_backup --src_path="$PI_HOLE_BIN_DIR/pihole" ynh_backup --src_path="/etc/bash_completion.d/pihole" -ynh_backup --src_path="/etc/sudoers.d/pihole" - -ynh_backup --src_path="/etc/init.d/pihole-FTL" ynh_backup --src_path="/usr/bin/pihole-FTL" -if test -e "/etc/dnsmasq.d/03-pihole-wildcard.conf"; then - ynh_backup --src_path="/etc/dnsmasq.d/03-pihole-wildcard.conf" -fi - -ynh_backup --src_path="/usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app" - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/change_url b/scripts/change_url index 13578d4..ea628a8 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -1,7 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC STARTING #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -9,115 +7,25 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# RETRIEVE ARGUMENTS -#================================================= - -old_domain=$YNH_APP_OLD_DOMAIN -old_path=$YNH_APP_OLD_PATH - -new_domain=$YNH_APP_NEW_DOMAIN -new_path=$YNH_APP_NEW_PATH - -app=$YNH_APP_INSTANCE_NAME - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=2 - -# Needed for helper "ynh_add_nginx_config" -final_path=$(ynh_app_setting_get --app=$app --key=final_path) - -#================================================= -# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=11 - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. - ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" - - # Restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - #================================================= # ACTIVATE MAINTENANCE MODE #================================================= ynh_script_progression --message="Activating maintenance mode..." --weight=1 -path_url=$old_path -domain=$old_domain ynh_maintenance_mode_ON -#================================================= -# CHECK WHICH PARTS SHOULD BE CHANGED -#================================================= - -change_domain=0 -if [ "$old_domain" != "$new_domain" ] -then - change_domain=1 -fi - -change_path=0 -if [ "$old_path" != "$new_path" ] -then - change_path=1 -fi - -#================================================= -# STANDARD MODIFICATIONS #================================================= # MODIFY URL IN NGINX CONF #================================================= ynh_script_progression --message="Updating NGINX web server configuration..." --weight=4 -nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf - -# Change the path in the NGINX config file -if [ $change_path -eq 1 ] -then - # Make a backup of the original NGINX config file if modified - ynh_backup_if_checksum_is_different --file="$nginx_conf_path" - # Set global variables for NGINX helper - domain="$old_domain" - path_url="$new_path" - # Create a dedicated NGINX config - ynh_add_nginx_config -fi - -# Change the domain for NGINX -if [ $change_domain -eq 1 ] -then - # Delete file checksum for the old conf file location - ynh_delete_file_checksum --file="$nginx_conf_path" - mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf - # Store file checksum for the new config file location - ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" -fi - -#================================================= -# GENERIC FINALISATION -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 - -ynh_systemd_action --service_name=nginx --action=reload +ynh_change_url_nginx_config #================================================= # DEACTIVE MAINTENANCE MODE #================================================= ynh_script_progression --message="Disabling maintenance mode..." --weight=5 -path_url=$old_path -domain=$old_domain ynh_maintenance_mode_OFF #================================================= diff --git a/scripts/install b/scripts/install index 00071f5..48724e1 100644 --- a/scripts/install +++ b/scripts/install @@ -1,7 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -10,244 +8,113 @@ source _common.sh source /usr/share/yunohost/helpers #================================================= -# MANAGE SCRIPT FAILURE +# INITIALIZE AND STORE SETTINGS #================================================= -ynh_clean_setup () { - true -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors +ynh_app_setting_set --app="$app" --key="overwrite_setupvars" --value=1 +ynh_app_setting_set --app="$app" --key="overwrite_ftl" --value=1 #================================================= -# RETRIEVE ARGUMENTS FROM THE MANIFEST +# CHECK AVAILABLE PORT #================================================= -domain=$YNH_APP_ARG_DOMAIN -path_url=$YNH_APP_ARG_PATH -admin=$YNH_APP_ARG_ADMIN -query_logging=$YNH_APP_ARG_QUERY_LOGGING -enable_dhcp=$YNH_APP_ARG_ENABLE_DHCP - -app=$YNH_APP_INSTANCE_NAME - -#================================================= -# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS -#================================================= -ynh_script_progression --message="Validating installation parameters..." --weight=2 - -final_path=/var/www/$app -test ! -e "$final_path" || ynh_die --message="This path already contains a folder" - -# Register (book) web path -ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url - -#================================================= -# STORE SETTINGS FROM MANIFEST -#================================================= -ynh_script_progression --message="Storing installation settings..." --weight=3 - -ynh_app_setting_set --app=$app --key=domain --value=$domain -ynh_app_setting_set --app=$app --key=path --value=$path_url -ynh_app_setting_set --app=$app --key=admin --value=$admin -ynh_app_setting_set --app=$app --key=query_logging --value=$query_logging -ynh_app_setting_set --app=$app --key=enable_dhcp --value=$enable_dhcp - -ynh_app_setting_set --app=$app --key=overwrite_setupvars --value=1 -ynh_app_setting_set --app=$app --key=overwrite_ftl --value=1 - -#================================================= -# STANDARD MODIFICATIONS -#================================================= -# FIND AND OPEN A PORT -#================================================= -ynh_script_progression --message="Finding an available port..." --weight=12 - -# Find an available port -port=$(ynh_find_port --port=4711) -if [ $port -gt 4720 ] -then - ynh_die --message="The ports 4711 to 4720 are already in use. Pi-hole can't work on another port. Please try to free one of these ports." -fi -ynh_app_setting_set --app=$app --key=port --value=$port - -# Disable the port 53 for upnp -ynh_exec_fully_quiet yunohost firewall disallow Both 53 --no-reload -ynh_exec_fully_quiet yunohost firewall allow Both 53 --no-upnp - -# Open the UDP port 67 for dhcp -ynh_exec_fully_quiet yunohost firewall allow UDP 67 --no-upnp - -#================================================= -# INSTALL DEPENDENCIES -#================================================= -ynh_script_progression --message="Installing dependencies..." --weight=12 - -ynh_install_app_dependencies $pkg_dependencies - -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=2 - -# Create a system user -ynh_system_user_create --username=$app --home_dir="$final_path" +_configure_ports #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_script_progression --message="Setting up source files..." --weight=4 -ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source --dest_dir="$PI_HOLE_LOCAL_REPO" --source_id="pi-hole_Core" -ynh_setup_source --dest_dir="$final_path" --source_id=pi-hole_AdminLTE -FTL_temp_path=$(mktemp -d) -ynh_setup_source --dest_dir="$FTL_temp_path" --source_id="pi-hole_FTL" +ynh_setup_source --source_id="pi-hole_core" --dest_dir="$PI_HOLE_LOCAL_REPO" +ynh_setup_source --source_id="pi-hole_web" --dest_dir="$install_dir/web" +ynh_setup_source --source_id="pi-hole_ftl" --dest_dir="$install_dir/ftl" -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:www-data "$final_path" +chmod -R o-rwx "$install_dir" +chown -R "$app:www-data" "$install_dir" -#================================================= -# PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Configuring PHP-FPM..." --weight=2 +touch /var/log/{pihole,pihole-FTL}.log +chmod 644 /var/log/{pihole,pihole-FTL}.log +chown "$dnsmasq_user:root" /var/log/{pihole,pihole-FTL}.log -# Create a dedicated PHP-FPM config -ynh_add_fpm_config - -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Configuring NGINX web server..." --weight=2 - -# Create a dedicated NGINX config -ynh_add_nginx_config - -#================================================= -# SPECIFIC SETUP #================================================= # INSTALLATION OF PIHOLE-FTL #================================================= -ynh_script_progression --message="Installing PiHole-FTL..." --weight=30 +ynh_script_progression --message="Building PiHole-FTL..." --weight=30 # Instead of downloading a binary file, we're going to compile it -( - cd "$FTL_temp_path" - ynh_exec_warn_less cmake . - ynh_exec_warn_less make - ynh_exec_warn_less make install -) - -ynh_secure_remove --file="$FTL_temp_path" +pushd "$install_dir/ftl" + ynh_exec_warn_less cmake . + ynh_exec_warn_less make + ynh_exec_warn_less make install +popd +ynh_secure_remove --file="$install_dir/ftl" #================================================= # INSTALL THE SCRIPTS #================================================= -ynh_script_progression --message="Installing the scripts..." --weight=1 +ynh_script_progression --message="Installing Pihole..." --weight=1 -pushd "${PI_HOLE_LOCAL_REPO}" - install -o "${app}" -Dm755 -d "${PI_HOLE_INSTALL_DIR}" - install -o "${app}" -Dm755 -t "${PI_HOLE_INSTALL_DIR}" gravity.sh - install -o "${app}" -Dm755 -t "${PI_HOLE_INSTALL_DIR}" ./advanced/Scripts/*.sh - install -o "${app}" -Dm755 -t "${PI_HOLE_INSTALL_DIR}" ./advanced/Scripts/COL_TABLE - install -o "${app}" -Dm755 -t "${PI_HOLE_BIN_DIR}" pihole - install -Dm644 ./advanced/bash-completion/pihole /etc/bash_completion.d/pihole -popd +install -o "$app" -Dm755 -d "$PI_HOLE_INSTALL_DIR" +install -o "$app" -Dm755 -t "$PI_HOLE_INSTALL_DIR" "$PI_HOLE_LOCAL_REPO/gravity.sh" +install -o "$app" -Dm755 -t "$PI_HOLE_INSTALL_DIR" "$PI_HOLE_LOCAL_REPO/advanced/Scripts"/*.sh +install -o "$app" -Dm755 -t "$PI_HOLE_INSTALL_DIR" "$PI_HOLE_LOCAL_REPO/advanced/Scripts/COL_TABLE" +install -Dm644 -t /etc/bash_completion.d/ "$PI_HOLE_LOCAL_REPO/advanced/bash-completion/pihole" + +install -o "$app" -Dm755 -t "$PI_HOLE_BIN_DIR" "$PI_HOLE_LOCAL_REPO/pihole" #================================================= # INSTALL THE CONFIGS #================================================= -ynh_script_progression --message="Installing the configs..." --weight=1 +ynh_script_progression --message="Installing $app's configuration files..." --weight=1 -install -d -m 0755 ${PI_HOLE_CONFIG_DIR} +install -d -m 0755 "$PI_HOLE_CONFIG_DIR" +ynh_add_config --template="dns-servers.conf" --destination="$PI_HOLE_CONFIG_DIR/dns-servers.conf" +ynh_add_config --template="pihole-FTL.conf" --destination="$PI_HOLE_CONFIG_DIR/pihole-FTL.conf" +ynh_add_config --template="setupVars.conf" --destination="$PI_HOLE_CONFIG_DIR/setupVars.conf" -cp "../conf/dns-servers.conf" "$PI_HOLE_CONFIG_DIR/dns-servers.conf" chmod 644 "${PI_HOLE_CONFIG_DIR}/dns-servers.conf" -ynh_add_config --template="../conf/pihole-FTL.conf" --destination="$PI_HOLE_CONFIG_DIR/pihole-FTL.conf" +#================================================= +# SET VERSIONS FOR THE FOOTER OF THE WEB INTERFACE +#================================================= +ynh_script_progression --message="Setting versions for the footer of the web interface..." --weight=1 -install -T -m 0755 "${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole-FTL.service" "/etc/init.d/pihole-FTL" +echo "master master master" > "$PI_HOLE_CONFIG_DIR/localbranches" +echo "$(ynh_app_upstream_version) $pihole_adminlte_version $pihole_flt_version" \ + | tee "$PI_HOLE_CONFIG_DIR/"{GitHubVersions,localversions} > /dev/null #================================================= -# INSTALL SUDOER FILE +# BUILD THE LISTS WITH GRAVITY #================================================= -ynh_script_progression --message="Installing sudoer file..." --weight=1 +ynh_script_progression --message="Building the lists with Gravity..." --weight=7 -install -m 0640 ${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole.sudo /etc/sudoers.d/pihole -echo "$app ALL=NOPASSWD: ${PI_HOLE_BIN_DIR}/pihole" >> /etc/sudoers.d/pihole +ynh_add_config --template="adlists.default" --destination="$PI_HOLE_CONFIG_DIR/adlists.list" +ynh_exec_warn_less "$PI_HOLE_INSTALL_DIR/gravity.sh" --force #================================================= -# INSTALL A CRON JOB +# CONFIGURE DNS FOR THE LOCAL DOMAINS #================================================= -ynh_script_progression --message="Installing a cron job..." --weight=1 +ynh_script_progression --message="Configuring DNS for the local domains..." --weight=7 -install -D -m 644 -T -o root -g root ${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole.cron /etc/cron.d/pihole +# List all YunoHost domains +while read -r perdomain; do + # Comment domain resolution in /etc/hosts on 127.0.0.1, because they can interfere with the local network resolution. + ynh_replace_string --match_string="^127.0.0.1.*$perdomain" --replace_string="#Commented by pihole# &" --target_file=/etc/hosts -# Randomize gravity update time -ynh_replace_string --match_string="59 1 " --replace_string="$((1 + RANDOM % 58)) $((3 + RANDOM % 2)) " --target_file="/etc/cron.d/pihole" - -# Randomize update checker time -ynh_replace_string --match_string="59 17" --replace_string="$((1 + RANDOM % 58)) $((12 + RANDOM % 8))" --target_file="/etc/cron.d/pihole" - -# Remove git usage for version. Which fails because we use here a release instead of master. -ynh_replace_string --match_string=".*updatechecker.*" --replace_string="#&" --target_file=/etc/cron.d/pihole - -#================================================= -# INSTALL LOGROTATE SCRIPT FOR PI-HOLE -#================================================= -ynh_script_progression --message="Installing logrotate script for PI-HOLE..." --weight=1 - -install -D -m 644 -T "${PI_HOLE_LOCAL_REPO}"/advanced/Templates/logrotate "$PI_HOLE_CONFIG_DIR/logrotate" - -sed -i "/# su #/d;" "$PI_HOLE_CONFIG_DIR/logrotate" + # And add a resolution on the local IP instead + grep -q "^$localipv4.*$perdomain" /etc/hosts || \ + echo "$localipv4 $perdomain #Added by pihole#" >> /etc/hosts +done <<< "$(yunohost domain list | grep "\." | sed 's/.*: \|.*- //')" #================================================= # DISABLING DNSMASQ #================================================= -ynh_script_progression --message="Disabling DNSMASQ..." --weight=1 +ynh_script_progression --message="Disabling Dnsmasq in system and yunohost..." --weight=1 -# Last version available -# Stopped dnsmasq to replace it by pihole-FTL +# Stop dnsmasq to replace it by pihole-FTL ynh_systemd_action --service_name=dnsmasq --action=stop -# Disable the real dnsmasq service -#ynh_exec_warn_less systemctl disable dnsmasq --quiet - -#================================================= -# FINAL EXPORTS -#================================================= -ynh_script_progression --message="Final exports..." --weight=1 - -setupVars="$PI_HOLE_CONFIG_DIR/setupVars.conf" - -# Get the default network interface -main_iface=$(ip route | grep --max-count=1 default | awk '{print $5;}') -echo "PIHOLE_INTERFACE=$main_iface" > $setupVars -echo "IPV4_ADDRESS=127.0.0.1" >> $setupVars -echo "IPV6_ADDRESS=::1" >> $setupVars -echo "PIHOLE_DNS_1=" >> $setupVars -echo "PIHOLE_DNS_2=" >> $setupVars -if [ $query_logging -eq 1 ]; then - query_logging=true -else - query_logging=false -fi -echo "QUERY_LOGGING=$query_logging" >> $setupVars -echo "INSTALL_WEB=true" >> $setupVars -echo "BLOCKING_ENABLED=true" >> $setupVars - -# Calculate and store the config file checksum into the app settings -ynh_store_file_checksum --file="$setupVars" - -#================================================= -# ENABLING FTL -#================================================= -ynh_script_progression --message="Enable FTL..." --weight=1 - -ynh_exec_warn_less systemctl enable pihole-FTL --quiet - # Replace the service dnsmasq by pihole-FTL # That way, YunoHost can continue to use dnsmasq by actually using pihole-FTL #ln -sf /run/systemd/generator.late/pihole-FTL.service /etc/systemd/system/dnsmasq.service @@ -256,91 +123,41 @@ systemctl mask dnsmasq.service # Reload systemd config systemctl daemon-reload -#================================================= -# CREATE LOG FILES -#================================================= -ynh_script_progression --message="Creating log files..." --weight=1 - -touch /var/log/{pihole,pihole-FTL}.log -chmod 644 /var/log/{pihole,pihole-FTL}.log -dnsmasq_user=$(grep DNSMASQ_USER= /etc/init.d/dnsmasq | cut -d'"' -f2) -chown $dnsmasq_user:root /var/log/{pihole,pihole-FTL}.log - -#================================================= -# BUILD THE LISTS WITH GRAVITY -#================================================= -ynh_script_progression --message="Building the lists with Gravity..." --weight=7 - -cp "../conf/adlists.default" "$PI_HOLE_CONFIG_DIR/adlists.list" -ynh_exec_warn_less $PI_HOLE_INSTALL_DIR/gravity.sh --force - -#================================================= -# CONFIGURE DNS FOR THE LOCAL DOMAINS -#================================================= -ynh_script_progression --message="Configuring DNS for the local domains..." --weight=7 - -# Find the IP associated to the network interface -localipv4=$(ip address | grep "${main_iface}\$" | awk '{print $2;}' | cut -d/ -f1) - -# List all YunoHost domains -while read perdomain -do - # Comment domain resolution in /etc/hosts on 127.0.0.1, because they can interfere with the local network resolution. - ynh_replace_string --match_string="^127.0.0.1.*$perdomain" --replace_string="#Commented by pihole# &" --target_file=/etc/hosts - - # And add a resolution on the local IP instead - grep -q "^$localipv4.*$perdomain" /etc/hosts || \ - echo "$localipv4 $perdomain #Added by pihole#" >> /etc/hosts -done <<< "$(yunohost domain list | grep "\." | sed 's/.*: \|.*- //')" - -#================================================= -# SET VERSIONS FOR THE FOOTER OF THE WEB INTERFACE -#================================================= -ynh_script_progression --message="Setting versions for the footer of the web interface..." --weight=1 - -echo "master master master" > $PI_HOLE_CONFIG_DIR/localbranches -echo "$(ynh_app_upstream_version) $pihole_adminlte_version $pihole_flt_version" | tee $PI_HOLE_CONFIG_DIR/{GitHubVersions,localversions} > /dev/null - -#================================================= -# SET UP CONF_REGEN HOOK -#================================================= -ynh_script_progression --message="Setting up conf_regen hook..." --weight=1 - -cp ../conf/dnsmasq_regenconf_hook /usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app -ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="/usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app" - -systemctl daemon-reload +# Workaround for strings to not be replaced +a_range="__A_RANGE__" +b_range="__B_RANGE__" +gateway="__GATEWAY__" +ynh_add_config --template="dnsmasq_regenconf_hook" --destination="/usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app" ynh_exec_warn_less yunohost tools regen-conf dnsmasq #================================================= -# GENERIC FINALISATION +# SYSTEM CONFIGURATION #================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 +ynh_script_progression --message="Adding system configurations related to $app..." --weight=1 +# Create a dedicated PHP-FPM config +ynh_add_fpm_config + +# Create a dedicated NGINX config +ynh_add_nginx_config + +# Create sudoers config +_add_sudoers_config + +_add_cron_jobs + +_add_logrotate_config + +install -T -m 0755 "${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole-FTL.service" "/etc/init.d/pihole-FTL" +ynh_exec_warn_less systemctl enable pihole-FTL --quiet yunohost service add pihole-FTL --description="PiHole backend service" --log="/var/log/pihole-FTL.log" --needs_exposed_ports 53 67 #================================================= # START SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Starting a systemd service..." --weight=2 +ynh_script_progression --message="Starting $app's systemd service..." --weight=2 -ynh_systemd_action --service_name=pihole-FTL --action=restart --log_path="/var/log/pihole-FTL.log" - -#================================================= -# SETUP SSOWAT -#================================================= -ynh_script_progression --message="Configuring permissions..." --weight=2 - -ynh_permission_update --permission="main" --add="$admin" --remove="all_users" - -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=3 - -ynh_systemd_action --service_name=nginx --action=reload +ynh_systemd_action --service_name="pihole-FTL" --action=restart --log_path="/var/log/pihole-FTL.log" #================================================= # END OF SCRIPT diff --git a/scripts/remove b/scripts/remove index 949ec02..50684af 100644 --- a/scripts/remove +++ b/scripts/remove @@ -1,7 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -10,35 +8,16 @@ source _common.sh source /usr/share/yunohost/helpers #================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=2 - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -port=$(ynh_app_setting_get --app=$app --key=port) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) - -#================================================= -# STANDARD REMOVE -#================================================= -# REMOVE SERVICE INTEGRATION IN YUNOHOST +# REMOVE SYSTEM CONFIGURATIONS #================================================= +ynh_script_progression --message="Removing system configurations related to $app..." --weight=1 # Remove the service from the list of services known by YunoHost (added from `yunohost service add`) -if ynh_exec_warn_less yunohost service status pihole-FTL >/dev/null -then - ynh_script_progression --message="Removing $app service integration..." --weight=2 - yunohost service remove pihole-FTL +if ynh_exec_warn_less yunohost service status "pihole-FTL" >/dev/null; then + yunohost service remove "pihole-FTL" fi -#================================================= -# STOP AND REMOVE SERVICE -#================================================= -ynh_script_progression --message="Stopping and removing the systemd service..." --weight=1 - -ynh_systemd_action --service_name=pihole-FTL --action=stop +ynh_systemd_action --service_name="pihole-FTL" --action="stop" # Restore dnsmasq as main DNS resolver # Move dnsmasq back to its original place @@ -63,56 +42,26 @@ ynh_secure_remove --file="/usr/bin/pihole-FTL" ynh_secure_remove --file="/var/run/pihole-FTL.pid" ynh_secure_remove --file="/var/run/pihole-FTL.port" -#================================================= -# REMOVE APP MAIN DIR -#================================================= -ynh_script_progression --message="Removing app main directory..." --weight=1 - -# Remove the app directory securely -ynh_secure_remove --file="$final_path" - -#================================================= -# REMOVE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1 - # Remove the dedicated NGINX config ynh_remove_nginx_config -#================================================= -# REMOVE PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Removing PHP-FPM configuration..." --weight=2 - # Remove the dedicated PHP-FPM config ynh_remove_fpm_config -#================================================= -# REMOVE DEPENDENCIES -#================================================= -ynh_script_progression --message="Removing dependencies..." --weight=7 - -# Remove metapackage and its dependencies -ynh_remove_app_dependencies - #================================================= # CLOSE A PORT #================================================= -if yunohost firewall list | grep -q "\- $port$" -then - ynh_script_progression --message="Closing port $port..." --weight=1 - ynh_exec_warn_less yunohost firewall disallow TCP $port +if yunohost firewall list | grep -q "\- $port$"; then + ynh_script_progression --message="Closing port $port..." --weight=1 + ynh_exec_warn_less yunohost firewall disallow TCP "$port" fi -if yunohost firewall list | grep -q "\- 67$" -then - ynh_script_progression --message="Closing port 67..." --weight=1 - ynh_exec_warn_less yunohost firewall disallow UDP 67 +if yunohost firewall list | grep -q "\- 67$"; then + ynh_script_progression --message="Closing port 67..." --weight=1 + ynh_exec_warn_less yunohost firewall disallow UDP 67 fi -#================================================= -# SPECIFIC REMOVE #================================================= # REMOVE VARIOUS FILES #================================================= @@ -163,7 +112,7 @@ ynh_script_progression --message="Removing conf_regen hook..." --weight=1 ynh_systemd_action --service_name=dnsmasq --action=stop -ynh_secure_remove --file=/usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app +ynh_secure_remove --file="/usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app" ynh_exec_warn_less yunohost tools regen-conf dnsmasq @@ -174,18 +123,12 @@ ynh_script_progression --message="Restarting Dnsmasq..." --weight=1 ynh_systemd_action --service_name=dnsmasq --action=restart -#================================================= -# GENERIC FINALIZATION #================================================= # REMOVE DEDICATED USER #================================================= -ynh_script_progression --message="Removing the dedicated system user..." --weight=2 # Dirty hack to remove correctly the user -killall -u $app - -# Delete a system user -ynh_system_user_delete --username=$app +killall -u "$app" #================================================= # END OF SCRIPT diff --git a/scripts/restore b/scripts/restore index 84f71c6..14c4374 100644 --- a/scripts/restore +++ b/scripts/restore @@ -1,7 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -11,55 +9,16 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers #================================================= -# MANAGE SCRIPT FAILURE +# INITIALIZE AND STORE SETTINGS #================================================= -ynh_clean_setup () { - true -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors +dnsmasq_user=$(grep DNSMASQ_USER= /etc/init.d/dnsmasq | cut -d'"' -f2) #================================================= -# LOAD SETTINGS +# CHECK AVAILABLE PORT #================================================= -ynh_script_progression --message="Loading installation settings..." --weight=2 -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -enable_dhcp=$(ynh_app_setting_get --app=$app --key=enable_dhcp) -admin=$(ynh_app_setting_get --app=$app --key=admin) - -#================================================= -# CHECK IF THE APP CAN BE RESTORED -#================================================= -ynh_script_progression --message="Validating restoration parameters..." --weight=1 - -test ! -d $final_path \ - || ynh_die --message="There is already a directory: $final_path " - -#================================================= -# FIND AND OPEN A PORT -#================================================= -ynh_script_progression --message="Finding an available port..." --weight=12 - -# Find an available port -port=$(ynh_find_port --port=4711) -if [ $port -gt 4720 ] -then - ynh_die --message="The ports 4711 to 4720 are already in use. Pi-hole can't work on another port. Please try to free one of these ports." -fi -ynh_app_setting_set --app=$app --key=port --value=$port - -# Disable the port 53 for upnp -ynh_exec_fully_quiet yunohost firewall disallow Both 53 --no-reload -ynh_exec_fully_quiet yunohost firewall allow Both 53 --no-upnp - -# Open the UDP port 67 for dhcp -ynh_exec_fully_quiet yunohost firewall allow UDP 67 --no-upnp +_configure_ports #================================================= # ACTIVATE MAINTENANCE MODE @@ -68,51 +27,19 @@ ynh_script_progression --message="Activating maintenance mode..." --weight=2 ynh_maintenance_mode_ON -#================================================= -# STANDARD RESTORATION STEPS -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_script_progression --message="Recreating the dedicated system user..." --weight=2 - -# Create the dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir="$final_path" - #================================================= # RESTORE THE APP MAIN DIR #================================================= ynh_script_progression --message="Restoring the app main directory..." --weight=1 -ynh_restore_file --origin_path="$final_path" +ynh_restore_file --origin_path="$install_dir" -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:www-data "$final_path" +chmod -R o-rwx "$install_dir" +chown -R "$app:www-data" "$install_dir" -#================================================= -# SPECIFIC RESTORATION -#================================================= -# REINSTALL DEPENDENCIES -#================================================= -ynh_script_progression --message="Reinstalling dependencies..." --weight=12 - -# Define and install dependencies -ynh_install_app_dependencies $pkg_dependencies - -#================================================= -# RESTORE THE PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the PHP-FPM configuration..." --weight=7 - -# Restore the file first, so it can have a backup if different -ynh_add_fpm_config - -#================================================= -# RESTORE THE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the NGINX web server configuration..." --weight=1 - -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +touch /var/log/{pihole,pihole-FTL}.log +chmod 644 /var/log/{pihole,pihole-FTL}.log +chown "$dnsmasq_user:root" /var/log/{pihole,pihole-FTL}.log #================================================= # RESTORE SPECIFIC FILES @@ -122,40 +49,18 @@ ynh_script_progression --message="Restoring specific files..." --weight=1 ynh_restore_file --origin_path="$PI_HOLE_LOCAL_REPO" ynh_restore_file --origin_path="$PI_HOLE_CONFIG_DIR" -# Restore permissions on app files -chown $app: -R "$PI_HOLE_CONFIG_DIR" +chown "$app:" -R "$PI_HOLE_CONFIG_DIR" + # $PI_HOLE_CONFIG_DIR/logrotate have to belong to root, otherwise logrotate will failed silently... chown root: -R "$PI_HOLE_CONFIG_DIR/logrotate" ynh_restore_file --origin_path="$PI_HOLE_INSTALL_DIR" ynh_restore_file --origin_path="$PI_HOLE_BIN_DIR/pihole" + ynh_restore_file --origin_path="/etc/bash_completion.d/pihole" -ynh_restore_file --origin_path="/etc/init.d/pihole-FTL" ynh_restore_file --origin_path="/usr/bin/pihole-FTL" -install -T -m 0755 "${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole-FTL.service" "/etc/init.d/pihole-FTL" - -ynh_restore_file --origin_path="/etc/sudoers.d/pihole" - -#================================================= -# RESTORE THE CRON FILE -#================================================= -ynh_script_progression --message="Restoring the cron file..." --weight=1 - -ynh_restore_file --origin_path="/etc/cron.d/pihole" - -#================================================= -# DISABLING DNSMASQ -#================================================= -ynh_script_progression --message="Disabling DNSMASQ..." --weight=1 - -# Last version available -# Stopped dnsmasq to replace it by pihole-FTL -ynh_systemd_action --service_name=dnsmasq --action=stop - -# Disable the real dnsmasq service -#ynh_exec_warn_less systemctl disable dnsmasq --quiet #================================================= # FINAL EXPORTS @@ -166,38 +71,13 @@ setupVars="$PI_HOLE_CONFIG_DIR/setupVars.conf" # Get the default network interface main_iface=$(ip route | grep --max-count=1 default | awk '{print $5;}') -echo "PIHOLE_INTERFACE=$main_iface" > $setupVars -ynh_replace_string --match_string="^PIHOLE_INTERFACE=.*" --replace_string="PIHOLE_INTERFACE=$main_iface" --target_file=$setupVars -ynh_replace_string --match_string="^IPV4_ADDRESS=.*" --replace_string="IPV4_ADDRESS=127.0.0.1" --target_file=$setupVars +echo "PIHOLE_INTERFACE=$main_iface" > "$setupVars" +ynh_replace_string --target_file="$setupVars" --match_string="^PIHOLE_INTERFACE=.*" --replace_string="PIHOLE_INTERFACE=$main_iface" +ynh_replace_string --target_file="$setupVars" --match_string="^IPV4_ADDRESS=.*" --replace_string="IPV4_ADDRESS=127.0.0.1" # Calculate and store the config file checksum into the app settings ynh_store_file_checksum --file="$setupVars" -#================================================= -# ENABLING FTL -#================================================= -ynh_script_progression --message="Enable FTL..." --weight=1 - -ynh_exec_warn_less systemctl enable pihole-FTL --quiet - -# Replace the service dnsmasq by pihole-FTL -# That way, YunoHost can continue to use dnsmasq by actually using pihole-FTL -#ln -sf /run/systemd/generator.late/pihole-FTL.service /etc/systemd/system/dnsmasq.service -systemctl mask dnsmasq.service - -# Reload systemd config -systemctl daemon-reload - -#================================================= -# RECREATE LOG FILES -#================================================= -ynh_script_progression --message="Recreate log files..." --weight=1 - -touch /var/log/{pihole,pihole-FTL}.log -chmod 644 /var/log/{pihole,pihole-FTL}.log -dnsmasq_user=$(grep DNSMASQ_USER= /etc/init.d/dnsmasq | cut -d'"' -f2) -chown $dnsmasq_user:root /var/log/{pihole,pihole-FTL}.log - #================================================= # CONFIGURE DNS FOR THE LOCAL DOMAINS #================================================= @@ -207,51 +87,69 @@ ynh_script_progression --message="Configuring DNS for the local domains..." --we localipv4=$(ip address | grep "${main_iface}\$" | awk '{print $2;}' | cut -d/ -f1) # List all YunoHost domains -while read perdomain -do - # Comment domain resolution in /etc/hosts on 127.0.0.1, because they can interfere with the local network resolution. - ynh_replace_string --match_string="^127.0.0.1.*$perdomain" --replace_string="#Commented by pihole# &" --target_file=/etc/hosts +while read -r perdomain; do + # Comment domain resolution in /etc/hosts on 127.0.0.1, because they can interfere with the local network resolution. + ynh_replace_string --match_string="^127.0.0.1.*$perdomain" --replace_string="#Commented by pihole# &" --target_file=/etc/hosts - # And add a resolution on the local IP instead - grep -q "^$localipv4.*$perdomain" /etc/hosts || \ - echo "$localipv4 $perdomain #Added by pihole#" >> /etc/hosts + # And add a resolution on the local IP instead + grep -q "^$localipv4.*$perdomain" /etc/hosts || \ + echo "$localipv4 $perdomain #Added by pihole#" >> /etc/hosts done <<< "$(yunohost domain list | grep "\." | sed 's/.*: \|.*- //')" #================================================= -# SET UP CONF_REGEN HOOK +# DISABLING DNSMASQ #================================================= -ynh_script_progression --message="Setting up conf_regen hook..." --weight=1 +ynh_script_progression --message="Disabling Dnsmasq in system and yunohost..." --weight=1 + +# Stopped dnsmasq to replace it by pihole-FTL +ynh_systemd_action --service_name=dnsmasq --action=stop + +# Replace the service dnsmasq by pihole-FTL +# That way, YunoHost can continue to use dnsmasq by actually using pihole-FTL +#ln -sf /run/systemd/generator.late/pihole-FTL.service /etc/systemd/system/dnsmasq.service +systemctl mask dnsmasq.service + +# Disable the real dnsmasq service +#ynh_exec_warn_less systemctl disable dnsmasq --quiet + +# Reload systemd config +systemctl daemon-reload test -e "${YNH_APP_BACKUP_DIR}/etc/dnsmasq.d/03-pihole-wildcard.conf" && ynh_restore_file --origin_path="/etc/dnsmasq.d/03-pihole-wildcard.conf" - ynh_restore_file --origin_path="/usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app" - -systemctl daemon-reload ynh_exec_warn_less yunohost tools regen-conf dnsmasq #================================================= -# INTEGRATE SERVICE IN YUNOHOST +# RESTORE SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 +ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1 +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" + +# Restore the file first, so it can have a backup if different +ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" +ynh_add_fpm_config + +ynh_restore_file --origin_path="/etc/cron.d/pihole" + +ynh_restore_file --origin_path="/etc/sudoers.d/pihole" + +ynh_restore_file --origin_path="/etc/init.d/pihole-FTL" +# install -T -m 0755 "${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole-FTL.service" "/etc/init.d/pihole-FTL" +systemctl daemon-reload +ynh_exec_warn_less systemctl enable pihole-FTL --quiet yunohost service add pihole-FTL --description="PiHole backend service" --log="/var/log/pihole-FTL.log" --needs_exposed_ports 53 67 #================================================= -# START SYSTEMD SERVICE +# RELOAD NGINX AND PHP-FPM OR THE APP SERVICE #================================================= -ynh_script_progression --message="Starting a systemd service..." --weight=2 +ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1 -ynh_systemd_action --service_name=pihole-FTL --action=restart --log_path="/var/log/pihole-FTL.log" +ynh_systemd_action --service_name="pihole-FTL" --action="restart" --log_path="/var/log/pihole-FTL.log" -#================================================= -# GENERIC FINALIZATION -#================================================= -# RELOAD NGINX AND PHP-FPM -#================================================= -ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." --weight=1 +ynh_systemd_action --service_name="php$phpversion-fpm" --action=reload -ynh_systemd_action --service_name=php$YNH_PHP_VERSION-fpm --action=reload -ynh_systemd_action --service_name=nginx --action=reload +ynh_systemd_action --service_name="nginx" --action=reload #================================================= # DEACTIVE MAINTENANCE MODE diff --git a/scripts/upgrade b/scripts/upgrade index 93e2218..f5d5876 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -1,7 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -9,46 +7,6 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=3 - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -admin=$(ynh_app_setting_get --app=$app --key=admin) -query_logging=$(ynh_app_setting_get --app=$app --key=query_logging) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -enable_dhcp=$(ynh_app_setting_get --app=$app --key=enable_dhcp) -port=$(ynh_app_setting_get --app=$app --key=port) -pihole_version="$(ynh_app_setting_get --app=$app --key=pihole_version)" - -overwrite_setupvars=$(ynh_app_setting_get --app=$app --key=overwrite_setupvars) -overwrite_ftl=$(ynh_app_setting_get --app=$app --key=overwrite_ftl) - -#================================================= -# CHECK VERSION -#================================================= -ynh_script_progression --message="Checking version..." --weight=1 - -upgrade_type=$(ynh_check_app_version_changed) - -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=7 - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # Restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - #================================================= # ACTIVATE MAINTENANCE MODE #================================================= @@ -56,81 +14,6 @@ ynh_script_progression --message="Activating maintenance mode..." --weight=1 ynh_maintenance_mode_ON -#================================================= -# STANDARD UPGRADE STEPS -#================================================= -# ENSURE DOWNWARD COMPATIBILITY -#================================================= -ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 - -# If overwrite_setupvars doesn't exist, create it -if [ -z "$overwrite_setupvars" ]; then - overwrite_setupvars=1 - ynh_app_setting_set --app=$app --key=overwrite_setupvars --value=$overwrite_setupvars -fi - -# If overwrite_ftl doesn't exist, create it -if [ -z "$overwrite_ftl" ]; then - overwrite_ftl=1 - ynh_app_setting_set --app=$app --key=overwrite_ftl --value=$overwrite_ftl -fi - -# If pihole_version doesn't exist, create it -if [ -z "$pihole_version" ]; then - pihole_version="Last 3.X" - ynh_app_setting_set --app=$app --key=pihole_version --value="$pihole_version" -fi - -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir="$final_path" - -#================================================= -# DOWNLOAD, CHECK AND UNPACK SOURCE -#================================================= - -if [ "$upgrade_type" == "UPGRADE_APP" ] -then - ynh_script_progression --message="Upgrading source files..." --weight=4 - ynh_setup_source --dest_dir="$PI_HOLE_LOCAL_REPO" --source_id="pi-hole_Core" - ynh_setup_source --dest_dir="$final_path" --source_id=pi-hole_AdminLTE - FTL_temp_path=$(mktemp -d) - ynh_setup_source --dest_dir="$FTL_temp_path" --source_id="pi-hole_FTL" -fi - -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:www-data "$final_path" - -#================================================= -# UPGRADE DEPENDENCIES -#================================================= -ynh_script_progression --message="Upgrading dependencies..." --weight=6 - -ynh_install_app_dependencies $pkg_dependencies - -#================================================= -# PHP-FPM CONFIGURATION -#================================================= - -ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=3 -# Create a dedicated PHP-FPM config -ynh_add_fpm_config - -#================================================= -# NGINX CONFIGURATION -#================================================= - -ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2 -# Create a dedicated NGINX config -ynh_add_nginx_config - -#================================================= -# SPECIFIC UPGRADE #================================================= # STOP SYSTEMD SERVICE #================================================= @@ -139,141 +22,132 @@ ynh_script_progression --message="Stopping a systemd service..." --weight=1 ynh_systemd_action --service_name=pihole-FTL --action="stop" --log_path="/var/log/pihole-FTL.log" #================================================= -# UPDATE PIHOLE-FTL +# ENSURE DOWNWARD COMPATIBILITY #================================================= +ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 -if [ "$upgrade_type" == "UPGRADE_APP" ] -then - ynh_script_progression --message="Upgrading PiHole-FTL..." --weight=35 - - # Instead of downloading a binary file, we're going to compile it - ( - cd "$FTL_temp_path" - ynh_exec_warn_less cmake . - ynh_exec_warn_less make - ynh_exec_warn_less make install - ) - ynh_secure_remove --file="$FTL_temp_path" +# If overwrite_setupvars doesn't exist, create it +if [ -z "${overwrite_setupvars:-}" ]; then + overwrite_setupvars=1 + ynh_app_setting_set --app="$app" --key="overwrite_setupvars" --value="$overwrite_setupvars" fi +# If overwrite_ftl doesn't exist, create it +if [ -z "${overwrite_ftl:-}" ]; then + overwrite_ftl=1 + ynh_app_setting_set --app="$app" --key="overwrite_ftl" --value="$overwrite_ftl" +fi + +# If pihole_version doesn't exist, create it +if [ -z "${pihole_version:-}" ]; then + pihole_version="Last 3.X" + ynh_app_setting_set --app="$app" --key="pihole_version" --value=""$pihole_version"" +fi + +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= +ynh_script_progression --message="Upgrading source files..." --weight=4 + +# Download, check integrity, uncompress and patch the source from app.src +ynh_setup_source --source_id="pi-hole_core" --dest_dir="$PI_HOLE_LOCAL_REPO" +ynh_setup_source --source_id="pi-hole_web" --dest_dir="$install_dir/web" +ynh_setup_source --source_id="pi-hole_ftl" --dest_dir="$install_dir/ftl" + +chmod -R o-rwx "$install_dir" +chown -R "$app:www-data" "$install_dir" + +touch /var/log/{pihole,pihole-FTL}.log +chmod 644 /var/log/{pihole,pihole-FTL}.log +chown "$dnsmasq_user:root" /var/log/{pihole,pihole-FTL}.log + +#================================================= +# UPGRADE OF PIHOLE-FTL +#================================================= +ynh_script_progression --message="Rebuilding PiHole-FTL..." --weight=30 + +# Instead of downloading a binary file, we're going to compile it +pushd "$install_dir/ftl" + ynh_exec_warn_less cmake . + ynh_exec_warn_less make + ynh_exec_warn_less make install +popd +ynh_secure_remove --file="$install_dir/ftl" + #================================================= # UPDATE THE SCRIPTS #================================================= -ynh_script_progression --message="Updating the scripts..." --weight=1 +ynh_script_progression --message="Upgrading Pihole..." --weight=1 -pushd "${PI_HOLE_LOCAL_REPO}" - install -o "${app}" -Dm755 -d "${PI_HOLE_INSTALL_DIR}" - install -o "${app}" -Dm755 -t "${PI_HOLE_INSTALL_DIR}" gravity.sh - install -o "${app}" -Dm755 -t "${PI_HOLE_INSTALL_DIR}" ./advanced/Scripts/*.sh - install -o "${app}" -Dm755 -t "${PI_HOLE_INSTALL_DIR}" ./advanced/Scripts/COL_TABLE - install -o "${app}" -Dm755 -t "${PI_HOLE_BIN_DIR}" pihole - install -Dm644 ./advanced/bash-completion/pihole /etc/bash_completion.d/pihole -popd +install -o "$app" -Dm755 -d "$PI_HOLE_INSTALL_DIR" +install -o "$app" -Dm755 -t "$PI_HOLE_INSTALL_DIR" "$PI_HOLE_LOCAL_REPO/gravity.sh" +install -o "$app" -Dm755 -t "$PI_HOLE_INSTALL_DIR" "$PI_HOLE_LOCAL_REPO/advanced/Scripts"/*.sh +install -o "$app" -Dm755 -t "$PI_HOLE_INSTALL_DIR" "$PI_HOLE_LOCAL_REPO/advanced/Scripts/COL_TABLE" +install -Dm644 -t /etc/bash_completion.d/ "$PI_HOLE_LOCAL_REPO/advanced/bash-completion/pihole" + +install -o "$app" -Dm755 -t "$PI_HOLE_BIN_DIR" "$PI_HOLE_LOCAL_REPO/pihole" #================================================= # UPDATE THE CONFIGS #================================================= -ynh_script_progression --message="Updating the configs..." --weight=1 - -install -d -m 0755 ${PI_HOLE_CONFIG_DIR} - -cp -f "../conf/dns-servers.conf" "$PI_HOLE_CONFIG_DIR/dns-servers.conf" -chmod 644 "${PI_HOLE_CONFIG_DIR}/dns-servers.conf" +ynh_script_progression --message="Updating $app's configuration files..." --weight=1 +install -d -m 0755 "$PI_HOLE_CONFIG_DIR" +ynh_add_config --template="dns-servers.conf" --destination="$PI_HOLE_CONFIG_DIR/dns-servers.conf" # Overwrite pihole-FTL config file only if it's allowed -if [ $overwrite_ftl -eq 1 ] -then - ynh_add_config --template="../conf/pihole-FTL.conf" --destination="$PI_HOLE_CONFIG_DIR/pihole-FTL.conf" +if [ "$overwrite_ftl" -eq 1 ]; then + ynh_add_config --template="pihole-FTL.conf" --destination="$PI_HOLE_CONFIG_DIR/pihole-FTL.conf" +fi +# Overwrite the setupVars config file only if it's allowed +if [ "$overwrite_setupvars" -eq 1 ]; then + ynh_add_config --template="setupVars.conf" --destination="$PI_HOLE_CONFIG_DIR/setupVars.conf" fi -install -T -m 0755 "${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole-FTL.service" "/etc/init.d/pihole-FTL" +chmod 644 "${PI_HOLE_CONFIG_DIR}/dns-servers.conf" #================================================= -# INSTALL SUDOER FILE +# SET VERSIONS FOR THE FOOTER OF THE WEB INTERFACE #================================================= -ynh_script_progression --message="Installing sudoer file..." --weight=1 +ynh_script_progression --message="Setting versions for the footer of the web interface..." --weight=1 -install -m 0640 ${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole.sudo /etc/sudoers.d/pihole -echo "$app ALL=NOPASSWD: ${PI_HOLE_BIN_DIR}/pihole" >> /etc/sudoers.d/pihole +echo "master master master" > "$PI_HOLE_CONFIG_DIR/localbranches" +echo "$(ynh_app_upstream_version) $pihole_adminlte_version $pihole_flt_version" \ + | tee "$PI_HOLE_CONFIG_DIR/"{GitHubVersions,localversions} > /dev/null #================================================= -# UPDATE A CRON JOB +# BUILD THE LISTS WITH GRAVITY #================================================= -ynh_script_progression --message="Updating a cron job..." --weight=1 +ynh_script_progression --message="Building the lists with Gravity..." --weight=7 -install -D -m 644 -T -o root -g root ${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole.cron /etc/cron.d/pihole - -# Randomize gravity update time -ynh_replace_string --match_string="59 1 " --replace_string="$((1 + RANDOM % 58)) $((3 + RANDOM % 2)) " --target_file="/etc/cron.d/pihole" - -# Randomize update checker time -ynh_replace_string --match_string="59 17" --replace_string="$((1 + RANDOM % 58)) $((12 + RANDOM % 8))" --target_file="/etc/cron.d/pihole" - -# Remove Git usage for version. Which fails because we use here a release instead of master. -ynh_replace_string --match_string=".*updatechecker.*" --replace_string="#&" --target_file=/etc/cron.d/pihole +ynh_add_config --template="adlists.default" --destination="$PI_HOLE_CONFIG_DIR/adlists.list" +ynh_exec_warn_less "$PI_HOLE_INSTALL_DIR/gravity.sh" --force #================================================= -# UPDATE LOGROTATE SCRIPT FOR PI-HOLE +# CONFIGURE DNS FOR THE LOCAL DOMAINS #================================================= -ynh_script_progression --message="Updating logrotate script for PI-HOLE..." --weight=1 +ynh_script_progression --message="Configuring DNS for the local domains..." --weight=7 -install -D -m 644 -T "${PI_HOLE_LOCAL_REPO}"/advanced/Templates/logrotate "$PI_HOLE_CONFIG_DIR/logrotate" +# List all YunoHost domains +while read -r perdomain; do + # Comment domain resolution in /etc/hosts on 127.0.0.1, because they can interfere with the local network resolution. + ynh_replace_string --match_string="^127.0.0.1.*$perdomain" --replace_string="#Commented by pihole# &" --target_file=/etc/hosts -sed -i "/# su #/d;" "$PI_HOLE_CONFIG_DIR/logrotate" + # And add a resolution on the local IP instead + grep -q "^$localipv4.*$perdomain" /etc/hosts || \ + echo "$localipv4 $perdomain #Added by pihole#" >> /etc/hosts +done <<< "$(yunohost domain list | grep "\." | sed 's/.*: \|.*- //')" #================================================= # DISABLING DNSMASQ #================================================= -ynh_script_progression --message="Disabling DNSMASQ..." --weight=1 +ynh_script_progression --message="Disabling Dnsmasq in system and yunohost..." --weight=1 -# Last version available -# Stopped dnsmasq to replace it by pihole-FTL +# Stop dnsmasq to replace it by pihole-FTL ynh_systemd_action --service_name=dnsmasq --action=stop # Disable the real dnsmasq service #ynh_exec_warn_less systemctl disable dnsmasq --quiet -#================================================= -# FINAL EXPORTS -#================================================= - -setupVars="$PI_HOLE_CONFIG_DIR/setupVars.conf" - -# Overwrite the setupVars config file only if it's allowed -if [ $overwrite_setupvars -eq 1 ] -then - ynh_script_progression --message="Final exports..." --weight=1 - - # Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script. - ynh_backup_if_checksum_is_different --file="$setupVars" - - # Get the default network interface - main_iface=$(ip route | grep --max-count=1 default | awk '{print $5;}') - echo "PIHOLE_INTERFACE=$main_iface" > $setupVars - echo "IPV4_ADDRESS=127.0.0.1" >> $setupVars - echo "IPV6_ADDRESS=::1" >> $setupVars - echo "PIHOLE_DNS_1=" >> $setupVars - echo "PIHOLE_DNS_2=" >> $setupVars - if [ $query_logging -eq 1 ]; then - query_logging=true - else - query_logging=false - fi - echo "QUERY_LOGGING=$query_logging" >> $setupVars - echo "INSTALL_WEB=true" >> $setupVars - echo "BLOCKING_ENABLED=true" >> $setupVars - - # Recalculate and store the checksum of the file for the next upgrade. - ynh_store_file_checksum --file="$setupVars" -fi - -#================================================= -# ENABLING FTL -#================================================= -ynh_script_progression --message="Enable FTL..." --weight=1 - -ynh_exec_warn_less systemctl enable pihole-FTL --quiet - # Replace the service dnsmasq by pihole-FTL # That way, YunoHost can continue to use dnsmasq by actually using pihole-FTL #ln -sf /run/systemd/generator.late/pihole-FTL.service /etc/systemd/system/dnsmasq.service @@ -282,85 +156,41 @@ systemctl mask dnsmasq.service # Reload systemd config systemctl daemon-reload -#================================================= -# CREATE LOG FILES -#================================================= -ynh_script_progression --message="Creating log files..." --weight=1 - -touch /var/log/{pihole,pihole-FTL}.log -chmod 644 /var/log/{pihole,pihole-FTL}.log -dnsmasq_user=$(grep DNSMASQ_USER= /etc/init.d/dnsmasq | cut -d'"' -f2) -chown $dnsmasq_user:root /var/log/{pihole,pihole-FTL}.log - -#================================================= -# BUILD THE LISTS WITH GRAVITY -#================================================= -ynh_script_progression --message="Building the lists with Gravity..." --weight=7 - -cp -f "../conf/adlists.default" "$PI_HOLE_CONFIG_DIR/adlists.list" -ynh_exec_warn_less $PI_HOLE_INSTALL_DIR/gravity.sh --force - -#================================================= -# CONFIGURE DNS FOR THE LOCAL DOMAINS -#================================================= -ynh_script_progression --message="Configuring DNS for the local domains..." --weight=7 - -# Find the IP associated to the network interface -localipv4=$(ip address | grep "${main_iface}\$" | awk '{print $2;}' | cut -d/ -f1) - -# List all YunoHost domains -while read perdomain -do - # Comment domain resolution in /etc/hosts on 127.0.0.1, because they can interfere with the local network resolution. - ynh_replace_string --match_string="^127.0.0.1.*$perdomain" --replace_string="#Commented by pihole# &" --target_file=/etc/hosts - - # And add a resolution on the local IP instead - grep -q "^$localipv4.*$perdomain" /etc/hosts || \ - echo "$localipv4 $perdomain #Added by pihole#" >> /etc/hosts -done <<< "$(yunohost domain list | grep "\." | sed 's/.*: \|.*- //')" - -#================================================= -# SET VERSIONS FOR THE FOOTER OF THE WEB INTERFACE -#================================================= -ynh_script_progression --message="Setting versions for the footer of the web interface..." --weight=1 - -echo "master master master" > $PI_HOLE_CONFIG_DIR/localbranches -echo "$(ynh_app_upstream_version) $pihole_adminlte_version $pihole_flt_version" | tee $PI_HOLE_CONFIG_DIR/{GitHubVersions,localversions} > /dev/null - -#================================================= -# UPDATE CONF_REGEN HOOK -#================================================= -ynh_script_progression --message="Updating conf_regen hook..." --weight=1 - -cp ../conf/dnsmasq_regenconf_hook /usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app -ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="/usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app" - -systemctl daemon-reload +# Workaround for strings to not be replaced +a_range="__A_RANGE__" +b_range="__B_RANGE__" +gateway="__GATEWAY__" +ynh_add_config --template="dnsmasq_regenconf_hook" --destination="/usr/share/yunohost/hooks/conf_regen/50-dnsmasq_$app" ynh_exec_warn_less yunohost tools regen-conf dnsmasq #================================================= -# GENERIC FINALIZATION +# REAPPLY SYSTEM CONFIGURATIONS #================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 +ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1 +# Create a dedicated PHP-FPM config +ynh_add_fpm_config + +# Create a dedicated NGINX config +ynh_add_nginx_config + +_add_sudoers_config + +_add_cron_jobs + +_add_logrotate_config + +install -T -m 0755 "${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole-FTL.service" "/etc/init.d/pihole-FTL" +ynh_exec_warn_less systemctl enable pihole-FTL --quiet yunohost service add pihole-FTL --description="PiHole backend service" --log="/var/log/pihole-FTL.log" --needs_exposed_ports 53 67 #================================================= # START SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Starting a systemd service..." --weight=2 +ynh_script_progression --message="Starting $app's systemd service..." --weight=2 ynh_systemd_action --service_name=pihole-FTL --action=restart --log_path="/var/log/pihole-FTL.log" -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 - -ynh_systemd_action --service_name=nginx --action=reload - #================================================= # DEACTIVE MAINTENANCE MODE #================================================= diff --git a/tests.toml b/tests.toml new file mode 100644 index 0000000..6fca611 --- /dev/null +++ b/tests.toml @@ -0,0 +1,32 @@ +#:schema https://raw.githubusercontent.com/YunoHost/apps/master/schemas/tests.v1.schema.json + +test_format = 1.0 + +[default] + + args.query_logging = 1 + args.enable_dhcp = 0 + + # ------------ + # Tests to run + # ------------ + + [default.test_upgrade_from.5cc0fe9d7586001602bbaf87084c0ddbbaa041a6] + name = "Last packagingv1 version" + args.admin = "package_checker" + args.domain = "domain.tld" + args.path = "/" + + # ; Config_panel + # main.overwrite_files.overwrite_setupvars=0|1 + # main.overwrite_files.overwrite_ftl=0|1 + # main.overwrite_files.overwrite_nginx=0|1 + # main.overwrite_files.overwrite_phpfpm=0|1 + # main.global_config.email_type=0|1 + # main.php_fpm_config.footprint=low|medium|high + # main.php_fpm_config.free_footprint=20 + # main.php_fpm_config.usage=low|medium|high + # main.php_fpm_config.force_max_children=20|0 + + # actions=0 + # config_panel=0