2016-10-18 00:36:50 +02:00
|
|
|
#!/bin/bash
|
|
|
|
#
|
|
|
|
# .---. . .
|
|
|
|
# | | |
|
|
|
|
# |--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-.
|
|
|
|
# | | (.-' (.-' ( | ( )| | | | )( )| | (.-'
|
|
|
|
# ' ' --' --' -' - -' ' ' -' -' -' ' - --'
|
|
|
|
#
|
|
|
|
# Freedom in the Cloud
|
|
|
|
#
|
|
|
|
# pi-hole ad blocker
|
|
|
|
#
|
|
|
|
# Adapted from instructions at:
|
|
|
|
# http://jacobsalmela.com/block-millions-ads-network-wide-with-a-raspberry-pi-hole-2-0/#manualsetup
|
|
|
|
#
|
|
|
|
# License
|
|
|
|
# =======
|
|
|
|
#
|
|
|
|
# Copyright (C) 2016 Bob Mottram <bob@robotics.uk.to>
|
|
|
|
#
|
|
|
|
# This program is free software: you can redistribute it and/or modify
|
|
|
|
# it under the terms of the GNU Affero General Public License as published by
|
|
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
|
|
# (at your option) any later version.
|
|
|
|
#
|
|
|
|
# This program is distributed in the hope that it will be useful,
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
# GNU Affero General Public License for more details.
|
|
|
|
#
|
|
|
|
# You should have received a copy of the GNU Affero General Public License
|
|
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
2016-10-18 15:35:00 +02:00
|
|
|
VARIANTS='full full-vim adblocker'
|
2016-10-18 00:36:50 +02:00
|
|
|
|
2016-10-19 22:52:59 +02:00
|
|
|
IN_DEFAULT_INSTALL=1
|
|
|
|
|
2016-10-18 00:36:50 +02:00
|
|
|
PIHOLE_IFACE=eth0
|
2016-10-18 15:35:00 +02:00
|
|
|
PIHOLE_DNS1='85.214.73.63'
|
|
|
|
PIHOLE_DNS2='213.73.91.35'
|
2016-10-18 00:36:50 +02:00
|
|
|
|
|
|
|
piholeBasename=pihole
|
|
|
|
piholeDir=/etc/$piholeBasename
|
|
|
|
PIHOLE_ADLIST=$piholeDir/gravity.list
|
|
|
|
PIHOLE_BLACKLIST=$piholeDir/blacklist.txt
|
|
|
|
PIHOLE_WHITELIST=$piholeDir/whitelist.txt
|
|
|
|
|
|
|
|
PIHOLE_REPO="https://github.com/pi-hole/pi-hole"
|
|
|
|
PIHOLE_COMMIT='dce24df37922171cef1dd3c3a025c09cb4a6a818'
|
|
|
|
|
|
|
|
pihole_variables=(ONION_ONLY
|
|
|
|
PIHOLE_IFACE
|
|
|
|
PIHOLE_DNS1
|
|
|
|
PIHOLE_DNS2)
|
|
|
|
|
2016-10-18 15:35:00 +02:00
|
|
|
function pihole_copy_files {
|
|
|
|
cp $INSTALL_DIR/pihole/adlists.default $piholeDir/adlists.default
|
|
|
|
if [ ! -f $PIHOLE_ADLIST ]; then
|
|
|
|
cp $INSTALL_DIR/pihole/adlists.default $PIHOLE_ADLIST
|
|
|
|
fi
|
|
|
|
cp $INSTALL_DIR/pihole/advanced/Scripts/* /opt/$piholeBasename
|
|
|
|
cp $INSTALL_DIR/pihole/advanced/01-pihole.conf /etc/dnsmasq.d/01-pihole.conf
|
|
|
|
cp $INSTALL_DIR/pihole/advanced/pihole.cron /etc/cron.d/pihole
|
2016-10-18 19:40:06 +02:00
|
|
|
cp $INSTALL_DIR/pihole/gravity.sh /opt/$piholeBasename
|
2016-10-18 15:35:00 +02:00
|
|
|
}
|
|
|
|
|
2016-10-19 13:35:08 +02:00
|
|
|
function pihole_change_ipv4 {
|
|
|
|
new_ipv4="$1"
|
|
|
|
if [ -f /usr/local/bin/pihole ]; then
|
|
|
|
setupVars=$piholeDir/setupVars.conf
|
|
|
|
if [ -f $setupVars ]; then
|
|
|
|
sed -i "s|IPv4_address=.*|IPv4_address=${new_ipv4}|g" $setupVars
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
2016-10-18 00:36:50 +02:00
|
|
|
function pihole_update {
|
|
|
|
if [ ! -f /usr/local/bin/gravity.sh ]; then
|
|
|
|
return
|
|
|
|
fi
|
|
|
|
|
2016-10-18 18:47:41 +02:00
|
|
|
IPv4_address=$(get_ipv4_address)
|
|
|
|
IPv6_address=$(get_ipv6_address)
|
2016-10-18 00:36:50 +02:00
|
|
|
|
|
|
|
setupVars=$piholeDir/setupVars.conf
|
|
|
|
echo "piholeInterface=${PIHOLE_IFACE}" > ${setupVars}
|
|
|
|
echo "IPv4_address=${IPv4_address}" >> ${setupVars}
|
|
|
|
echo "IPv6_address=${IPv6_address}" >> ${setupVars}
|
|
|
|
echo "piholeDNS1=${PIHOLE_DNS1}" >> ${setupVars}
|
|
|
|
echo "piholeDNS2=${PIHOLE_DNS1}" >> ${setupVars}
|
|
|
|
|
2016-10-18 15:35:00 +02:00
|
|
|
echo 'domain-needed' > /etc/dnsmasq.conf
|
|
|
|
echo 'bogus-priv' >> /etc/dnsmasq.conf
|
|
|
|
echo 'no-resolv' >> /etc/dnsmasq.conf
|
|
|
|
echo "server=${PIHOLE_DNS1}" >> /etc/dnsmasq.conf
|
|
|
|
echo "server=${PIHOLE_DNS2}" >> /etc/dnsmasq.conf
|
|
|
|
echo "interface=${PIHOLE_IFACE}" >> /etc/dnsmasq.conf
|
|
|
|
echo 'listen-address=127.0.0.1' >> /etc/dnsmasq.conf
|
|
|
|
echo 'log-queries' >> /etc/dnsmasq.conf
|
|
|
|
|
2016-10-18 19:40:06 +02:00
|
|
|
sed -i "0,/RE/s/server=.*/server=${PIHOLE_DNS1}/" /etc/dnsmasq.d/01-pihole.conf
|
|
|
|
sed -i "1,/RE/s/server=.*/server=${PIHOLE_DNS2}/" /etc/dnsmasq.d/01-pihole.conf
|
|
|
|
sed -i "s|interface=.*|interface=${PIHOLE_IFACE}|g" /etc/dnsmasq.d/01-pihole.conf
|
|
|
|
|
|
|
|
systemctl restart dnsmasq
|
2016-10-18 15:35:00 +02:00
|
|
|
|
|
|
|
pihole -g
|
|
|
|
}
|
|
|
|
|
|
|
|
function pihole_change_upstream_dns {
|
|
|
|
data=$(tempfile 2>/dev/null)
|
|
|
|
trap "rm -f $data" 0 1 2 5 15
|
|
|
|
dialog --backtitle $"Ad Blocker Upstream DNS" \
|
|
|
|
--radiolist $"Pick a domain name service (DNS):" 25 50 16 \
|
|
|
|
1 $"Digital Courage" on \
|
|
|
|
2 $"German Privacy Foundation 1" off \
|
|
|
|
3 $"German Privacy Foundation 2" off \
|
|
|
|
4 $"Chaos Computer Club" off \
|
|
|
|
5 $"ClaraNet" off \
|
|
|
|
6 $"OpenNIC 1" off \
|
|
|
|
7 $"OpenNIC 2" off \
|
|
|
|
8 $"OpenNIC 3" off \
|
|
|
|
9 $"OpenNIC 4" off \
|
|
|
|
10 $"OpenNIC 5" off \
|
|
|
|
11 $"OpenNIC 6" off \
|
|
|
|
12 $"OpenNIC 7" off \
|
|
|
|
13 $"PowerNS" off \
|
|
|
|
14 $"ValiDOM" off \
|
|
|
|
15 $"Freie Unzensierte" off \
|
|
|
|
16 $"Google" off 2> $data
|
|
|
|
sel=$?
|
|
|
|
case $sel in
|
|
|
|
1) exit 1;;
|
|
|
|
255) exit 1;;
|
|
|
|
esac
|
|
|
|
case $(cat $data) in
|
|
|
|
1) PIHOLE_DNS1='85.214.73.63'
|
|
|
|
PIHOLE_DNS2='213.73.91.35'
|
|
|
|
;;
|
|
|
|
2) PIHOLE_DNS1='87.118.100.175'
|
|
|
|
PIHOLE_DNS2='94.75.228.29'
|
|
|
|
;;
|
|
|
|
3) PIHOLE_DNS1='85.25.251.254'
|
|
|
|
PIHOLE_DNS2='2.141.58.13'
|
|
|
|
;;
|
|
|
|
4) PIHOLE_DNS1='213.73.91.35'
|
|
|
|
PIHOLE_DNS2='85.214.73.63'
|
|
|
|
;;
|
|
|
|
5) PIHOLE_DNS1='212.82.225.7'
|
|
|
|
PIHOLE_DNS2='212.82.226.212'
|
|
|
|
;;
|
|
|
|
6) PIHOLE_DNS1='58.6.115.42'
|
|
|
|
PIHOLE_DNS2='58.6.115.43'
|
|
|
|
;;
|
|
|
|
7) PIHOLE_DNS1='119.31.230.42'
|
|
|
|
PIHOLE_DNS2='200.252.98.162'
|
|
|
|
;;
|
|
|
|
8) PIHOLE_DNS1='217.79.186.148'
|
|
|
|
PIHOLE_DNS2='81.89.98.6'
|
|
|
|
;;
|
|
|
|
9) PIHOLE_DNS1='78.159.101.37'
|
|
|
|
PIHOLE_DNS2='203.167.220.153'
|
|
|
|
;;
|
|
|
|
10) PIHOLE_DNS1='82.229.244.191'
|
|
|
|
PIHOLE_DNS2='82.229.244.191'
|
|
|
|
;;
|
|
|
|
11) PIHOLE_DNS1='216.87.84.211'
|
|
|
|
PIHOLE_DNS2='66.244.95.20'
|
|
|
|
;;
|
|
|
|
12) PIHOLE_DNS1='207.192.69.155'
|
|
|
|
PIHOLE_DNS2='72.14.189.120'
|
|
|
|
;;
|
|
|
|
13) PIHOLE_DNS1='194.145.226.26'
|
|
|
|
PIHOLE_DNS2='77.220.232.44'
|
|
|
|
;;
|
|
|
|
14) PIHOLE_DNS1='78.46.89.147'
|
|
|
|
PIHOLE_DNS2='88.198.75.145'
|
|
|
|
;;
|
|
|
|
15) PIHOLE_DNS1='85.25.149.144'
|
|
|
|
PIHOLE_DNS2='87.106.37.196'
|
|
|
|
;;
|
|
|
|
16) PIHOLE_DNS1='8.8.8.8'
|
|
|
|
PIHOLE_DNS2='4.4.4.4'
|
|
|
|
;;
|
|
|
|
255) exit 1;;
|
|
|
|
esac
|
|
|
|
write_config_param "PIHOLE_DNS1" "$PIHOLE_DNS1"
|
|
|
|
write_config_param "PIHOLE_DNS2" "$PIHOLE_DNS2"
|
2016-10-18 19:40:06 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
function update_pihole_interactive {
|
|
|
|
clear
|
|
|
|
echo $'Updating Ad Blocker Lists'
|
|
|
|
echo ''
|
2016-10-18 15:35:00 +02:00
|
|
|
pihole_update
|
2016-10-18 00:36:50 +02:00
|
|
|
}
|
|
|
|
|
2016-10-18 19:40:06 +02:00
|
|
|
function configure_firewall_for_pihole {
|
|
|
|
if [[ $(is_completed $FUNCNAME) == "1" ]]; then
|
|
|
|
return
|
|
|
|
fi
|
|
|
|
#iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
|
|
|
|
iptables -A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
|
|
|
|
iptables -A INPUT -p udp -m udp --dport 53 -j ACCEPT
|
|
|
|
function_check save_firewall_settings
|
|
|
|
save_firewall_settings
|
|
|
|
|
|
|
|
OPEN_PORTS+=('DNS 53')
|
|
|
|
mark_completed $FUNCNAME
|
|
|
|
}
|
|
|
|
|
2016-10-18 00:36:50 +02:00
|
|
|
function configure_interactive_pihole {
|
2016-10-18 15:35:00 +02:00
|
|
|
while true
|
|
|
|
do
|
|
|
|
data=$(tempfile 2>/dev/null)
|
|
|
|
trap "rm -f $data" 0 1 2 5 15
|
|
|
|
dialog --backtitle $"Freedombone Control Panel" \
|
|
|
|
--title $"Ad Blocker" \
|
|
|
|
--radiolist $"Choose an operation:" 14 70 5 \
|
|
|
|
1 $"Edit ads list" off \
|
|
|
|
2 $"Edit blacklisted domain names" off \
|
|
|
|
3 $"Edit whitelisted domain names" off \
|
|
|
|
4 $"Change upstream DNS servers" off \
|
|
|
|
5 $"Exit" on 2> $data
|
|
|
|
sel=$?
|
|
|
|
case $sel in
|
|
|
|
1) exit 1;;
|
|
|
|
255) exit 1;;
|
|
|
|
esac
|
|
|
|
case $(cat $data) in
|
|
|
|
1) editor $PIHOLE_ADLIST
|
2016-10-18 19:40:06 +02:00
|
|
|
update_pihole_interactive
|
2016-10-18 15:35:00 +02:00
|
|
|
;;
|
|
|
|
2) editor $PIHOLE_BLACKLIST
|
2016-10-18 19:40:06 +02:00
|
|
|
update_pihole_interactive
|
2016-10-18 15:35:00 +02:00
|
|
|
;;
|
|
|
|
3) editor $PIHOLE_WHITELIST
|
2016-10-18 19:40:06 +02:00
|
|
|
update_pihole_interactive
|
|
|
|
;;
|
|
|
|
4) pihole_change_upstream_dns
|
|
|
|
update_pihole_interactive
|
2016-10-18 15:35:00 +02:00
|
|
|
;;
|
|
|
|
5) break;;
|
|
|
|
esac
|
|
|
|
done
|
2016-10-18 00:36:50 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
function install_interactive_pihole {
|
|
|
|
APP_INSTALLED=1
|
|
|
|
}
|
|
|
|
|
|
|
|
function change_password_pihole {
|
|
|
|
echo -n ''
|
|
|
|
}
|
|
|
|
|
|
|
|
function reconfigure_pihole {
|
|
|
|
echo -n ''
|
|
|
|
}
|
|
|
|
|
|
|
|
function upgrade_pihole {
|
2016-10-18 15:35:00 +02:00
|
|
|
function_check set_repo_commit
|
|
|
|
set_repo_commit $INSTALL_DIR/pihole "pihole commit" "$PIHOLE_COMMIT" $PIHOLE_REPO
|
|
|
|
|
|
|
|
pihole_copy_files
|
2016-10-18 00:36:50 +02:00
|
|
|
pihole_update
|
|
|
|
}
|
|
|
|
|
|
|
|
function backup_local_pihole {
|
2016-10-18 15:35:00 +02:00
|
|
|
function_check backup_directory_to_usb
|
|
|
|
backup_directory_to_usb $piholeDir pihole
|
2016-10-18 00:36:50 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
function restore_local_pihole {
|
2016-10-18 15:35:00 +02:00
|
|
|
function_check restore_directory_from_usb
|
|
|
|
restore_directory_from_usb / pihole
|
2016-10-18 00:36:50 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
function backup_remote_pihole {
|
2016-10-18 15:35:00 +02:00
|
|
|
function_check backup_directory_to_friend
|
|
|
|
backup_directory_to_friend $piholeDir pihole
|
2016-10-18 00:36:50 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
function restore_remote_pihole {
|
2016-10-18 15:35:00 +02:00
|
|
|
function_check restore_directory_from_friend
|
|
|
|
restore_directory_from_friend / pihole
|
2016-10-18 00:36:50 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
function remove_pihole {
|
|
|
|
apt-get -y remove --purge dnsmasq
|
|
|
|
|
|
|
|
if [ ! -d /var/www/pihole ]; then
|
|
|
|
rm -rf /var/www/pihole
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [ -f /usr/local/bin/gravity.sh ]; then
|
|
|
|
rm /usr/local/bin/gravity.sh
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [ -f /usr/local/bin/pihole ]; then
|
|
|
|
rm /usr/local/bin/pihole
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [ -d /opt/pihole ]; then
|
|
|
|
rm -rf /opt/pihole
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [ -d $piholeDir ]; then
|
|
|
|
rm -rf $piholeDir
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [ -f /var/log/pihole.log ]; then
|
|
|
|
rm /var/log/pihole.log
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [ -f /etc/cron.d/pihole ]; then
|
|
|
|
rm /etc/cron.d/pihole
|
|
|
|
fi
|
|
|
|
|
|
|
|
userdel -r pihole
|
|
|
|
}
|
|
|
|
|
|
|
|
function install_pihole {
|
|
|
|
apt-get -y install dnsmasq curl
|
|
|
|
adduser --disabled-login --gecos 'pi-hole' pihole
|
|
|
|
usermod -a -G www-data pihole
|
|
|
|
|
2016-10-18 15:35:00 +02:00
|
|
|
systemctl enable dnsmasq
|
|
|
|
|
2016-10-18 00:36:50 +02:00
|
|
|
if [ ! -d $INSTALL_DIR ]; then
|
|
|
|
mkdir -p $INSTALL_DIR
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [ ! -d $INSTALL_DIR/pihole ]; then
|
2016-10-18 15:35:00 +02:00
|
|
|
cd $INSTALL_DIR
|
|
|
|
git_clone $PIHOLE_REPO pihole
|
|
|
|
if [ ! -d $INSTALL_DIR/pihole ]; then
|
|
|
|
exit 523925
|
|
|
|
fi
|
|
|
|
cd $INSTALL_DIR/pihole
|
|
|
|
git checkout $PIHOLE_COMMIT -b $PIHOLE_COMMIT
|
|
|
|
set_completion_param "pihole commit" "$PIHOLE_COMMIT"
|
2016-10-18 00:36:50 +02:00
|
|
|
fi
|
|
|
|
|
|
|
|
if [ ! -d /var/www/pihole/htdocs ]; then
|
|
|
|
mkdir -p /var/www/pihole/htdocs
|
|
|
|
fi
|
|
|
|
|
|
|
|
# blank file which takes the place of ads
|
|
|
|
echo '<html>' > /var/www/pihole/htdocs/index.html
|
|
|
|
echo '<body>' >> /var/www/pihole/htdocs/index.html
|
|
|
|
echo '</body>' >> /var/www/pihole/htdocs/index.html
|
|
|
|
echo '</html>' >> /var/www/pihole/htdocs/index.html
|
|
|
|
|
|
|
|
if [ ! -f $INSTALL_DIR/pihole/gravity.sh ]; then
|
|
|
|
exit 26738
|
|
|
|
fi
|
|
|
|
cp $INSTALL_DIR/pihole/gravity.sh /usr/local/bin/gravity.sh
|
|
|
|
chmod 755 /usr/local/bin/gravity.sh
|
2016-10-18 15:35:00 +02:00
|
|
|
|
|
|
|
if [ ! -f $INSTALL_DIR/pihole/pihole ]; then
|
|
|
|
exit 52935
|
|
|
|
fi
|
|
|
|
cp $INSTALL_DIR/pihole/pihole /usr/local/bin/pihole
|
2016-10-18 00:36:50 +02:00
|
|
|
chmod 755 /usr/local/bin/pihole
|
|
|
|
|
|
|
|
if [ ! -d $piholeDir ]; then
|
|
|
|
mkdir $piholeDir
|
|
|
|
fi
|
|
|
|
if [ ! -d /opt/pihole ]; then
|
|
|
|
mkdir -p /opt/pihole
|
|
|
|
fi
|
|
|
|
|
2016-10-18 15:35:00 +02:00
|
|
|
pihole_copy_files
|
|
|
|
|
2016-10-18 00:36:50 +02:00
|
|
|
chown -R www-data:www-data /var/www/pihole/htdocs
|
|
|
|
|
2016-10-18 19:40:06 +02:00
|
|
|
configure_firewall_for_pihole
|
|
|
|
|
2016-10-18 00:36:50 +02:00
|
|
|
pihole_update
|
|
|
|
|
|
|
|
APP_INSTALLED=1
|
|
|
|
}
|
|
|
|
|
|
|
|
# NOTE: deliberately no exit 0
|