2016-10-18 00:36:50 +02:00
#!/bin/bash
2018-04-08 14:30:21 +02:00
# _____ _ _
# | __|___ ___ ___ _| |___ _____| |_ ___ ___ ___
# | __| _| -_| -_| . | . | | . | . | | -_|
# |__| |_| |___|___|___|___|_|_|_|___|___|_|_|___|
2016-10-18 00:36:50 +02:00
#
2018-04-08 14:30:21 +02:00
# Freedom in the Cloud
2016-10-18 00:36:50 +02:00
#
# pi-hole ad blocker
#
# Adapted from instructions at:
# http://jacobsalmela.com/block-millions-ads-network-wide-with-a-raspberry-pi-hole-2-0/#manualsetup
#
# License
# =======
#
2018-02-21 20:32:13 +01:00
# Copyright (C) 2016-2018 Bob Mottram <bob@freedombone.net>
2016-10-18 00:36:50 +02:00
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
2016-10-18 15:35:00 +02:00
VARIANTS='full full-vim adblocker'
2016-10-18 00:36:50 +02:00
2016-11-18 23:17:50 +01:00
IN_DEFAULT_INSTALL=0
SHOW_ON_ABOUT=0
2016-10-19 22:52:59 +02:00
2016-10-18 00:36:50 +02:00
PIHOLE_IFACE=eth0
2018-04-02 12:54:04 +02:00
PIHOLE_DNS1='91.239.100.100'
PIHOLE_DNS2='89.233.43.71'
2016-10-18 00:36:50 +02:00
piholeBasename=pihole
2016-11-01 00:08:39 +01:00
piholeDir=/etc/$piholeBasename
2016-11-01 11:09:07 +01:00
PIHOLE_CUSTOM_ADLIST=$piholeDir/adlists.list
2016-10-18 00:36:50 +02:00
PIHOLE_BLACKLIST=$piholeDir/blacklist.txt
PIHOLE_WHITELIST=$piholeDir/whitelist.txt
PIHOLE_REPO="https://github.com/pi-hole/pi-hole"
2018-06-03 14:57:38 +02:00
PIHOLE_COMMIT='fbee18e24d56b418e3329a56ae4156dbe8fe5e1f'
2016-10-18 00:36:50 +02:00
pihole_variables=(ONION_ONLY
PIHOLE_IFACE
PIHOLE_DNS1
PIHOLE_DNS2)
2017-07-01 20:14:28 +02:00
function logging_on_pihole {
echo -n ''
}
function logging_off_pihole {
echo -n ''
}
2016-10-18 15:35:00 +02:00
function pihole_copy_files {
2016-11-01 00:12:55 +01:00
if [ ! -d /etc/.pihole ]; then
mkdir /etc/.pihole
fi
2018-03-01 00:17:49 +01:00
cp "$INSTALL_DIR/pihole/adlists.default" /etc/.pihole/adlists.default
cp "$INSTALL_DIR/pihole/adlists.default" $piholeDir/adlists.default
2016-11-01 11:09:07 +01:00
if [ ! -f $PIHOLE_CUSTOM_ADLIST ]; then
2018-03-01 00:17:49 +01:00
cp "$INSTALL_DIR/pihole/adlists.default" $PIHOLE_CUSTOM_ADLIST
2016-11-01 11:09:07 +01:00
fi
2018-03-03 12:49:17 +01:00
cp "$INSTALL_DIR/pihole/advanced/Scripts/"* /opt/$piholeBasename
2016-11-01 00:00:22 +01:00
if [ -f /etc/dnsmasq.d/01-pihole.conf ]; then
rm /etc/dnsmasq.d/01-pihole.conf
fi
2018-03-01 00:17:49 +01:00
cp "$INSTALL_DIR/pihole/advanced/pihole.cron" /etc/cron.d/pihole
cp "$INSTALL_DIR/pihole/gravity.sh" /opt/$piholeBasename
2016-11-01 13:00:32 +01:00
chmod +x /opt/pihole/*.sh
2016-10-18 15:35:00 +02:00
}
2016-10-19 13:35:08 +02:00
function pihole_change_ipv4 {
new_ipv4="$1"
if [ -f /usr/local/bin/pihole ]; then
setupVars=$piholeDir/setupVars.conf
if [ -f $setupVars ]; then
sed -i "s|IPv4_address=.*|IPv4_address=${new_ipv4}|g" $setupVars
fi
fi
}
2016-10-18 00:36:50 +02:00
function pihole_update {
if [ ! -f /usr/local/bin/gravity.sh ]; then
return
fi
2018-03-01 00:17:49 +01:00
if [ ! -f "$HOME/${PROJECT_NAME}-wifi.cfg" ]; then
2016-10-21 11:48:39 +02:00
PIHOLE_IFACE=eth0
else
read_config_param WIFI_INTERFACE
PIHOLE_IFACE=$WIFI_INTERFACE
fi
2016-10-30 13:38:01 +01:00
IPv4_address="$(get_ipv4_address)"
IPv6_address="$(get_ipv6_address)"
2016-10-18 00:36:50 +02:00
setupVars=$piholeDir/setupVars.conf
echo "piholeInterface=${PIHOLE_IFACE}" > ${setupVars}
2016-12-22 10:44:22 +01:00
echo "IPV4_ADDRESS=${IPv4_address}" >> ${setupVars}
2016-11-01 12:48:55 +01:00
if [ ${#IPv6_address} -gt 0 ]; then
2016-12-22 10:44:22 +01:00
echo "IPV6_ADDRESS=${IPv6_address}" >> ${setupVars}
2016-11-01 12:48:55 +01:00
fi
2016-10-18 00:36:50 +02:00
echo "piholeDNS1=${PIHOLE_DNS1}" >> ${setupVars}
echo "piholeDNS2=${PIHOLE_DNS1}" >> ${setupVars}
2018-03-01 00:17:49 +01:00
{ echo 'domain-needed';
echo 'bogus-priv';
echo 'no-resolv';
echo "server=${PIHOLE_DNS1}";
echo "server=${PIHOLE_DNS2}";
echo "interface=${PIHOLE_IFACE}";
echo 'listen-address=127.0.0.1'; } > /etc/dnsmasq.conf
2016-10-18 15:35:00 +02:00
pihole -g
2016-11-01 00:00:22 +01:00
systemctl restart dnsmasq
2017-01-15 15:50:42 +01:00
# avoid having the tripwire report pihole updates
if ! grep -q '!/etc/pihole' /etc/tripwire/twpol.txt; then
sed -i '\|/etc\t\t->.*|a\ !/etc/pihole ;' /etc/tripwire/twpol.txt
fi
2016-10-18 15:35:00 +02:00
}
function pihole_change_upstream_dns {
2018-03-01 00:17:49 +01:00
data=$(mktemp 2>/dev/null)
2016-10-18 15:35:00 +02:00
dialog --backtitle $"Ad Blocker Upstream DNS" \
2018-04-02 12:54:04 +02:00
--radiolist $"Pick a domain name service (DNS):" 29 50 20 \
1 $"UncensoredDNS" on \
2 $"Digital Courage" off \
3 $"German Privacy Foundation 1" off \
4 $"German Privacy Foundation 2" off \
5 $"Chaos Computer Club" off \
6 $"ClaraNet" off \
7 $"OpenNIC 1" off \
8 $"OpenNIC 2" off \
9 $"OpenNIC 3" off \
10 $"OpenNIC 4" off \
11 $"OpenNIC 5" off \
12 $"OpenNIC 6" off \
13 $"OpenNIC 7" off \
14 $"PowerNS" off \
15 $"ValiDOM" off \
16 $"Freie Unzensierte" off \
17 $"DNS.Watch" off \
18 $"uncensoreddns.org" off \
19 $"Lorraine Data Network" off \
20 $"Google" off 2> "$data"
2016-10-18 15:35:00 +02:00
sel=$?
case $sel in
2018-03-01 00:17:49 +01:00
1) rm -f "$data"
exit 1;;
255) rm -f "$data"
exit 1;;
2016-10-18 15:35:00 +02:00
esac
2018-03-01 00:17:49 +01:00
case $(cat "$data") in
2018-04-02 12:54:04 +02:00
1) PIHOLE_DNS1='91.239.100.100'
PIHOLE_DNS2='89.233.43.71'
;;
2) PIHOLE_DNS1='85.214.73.63'
2016-10-18 15:35:00 +02:00
PIHOLE_DNS2='213.73.91.35'
;;
2018-04-02 12:54:04 +02:00
3) PIHOLE_DNS1='87.118.100.175'
2016-10-18 15:35:00 +02:00
PIHOLE_DNS2='94.75.228.29'
;;
2018-04-02 12:54:04 +02:00
4) PIHOLE_DNS1='85.25.251.254'
2016-10-18 15:35:00 +02:00
PIHOLE_DNS2='2.141.58.13'
;;
2018-04-02 12:54:04 +02:00
5) PIHOLE_DNS1='213.73.91.35'
2016-10-18 15:35:00 +02:00
PIHOLE_DNS2='85.214.73.63'
;;
2018-04-02 12:54:04 +02:00
6) PIHOLE_DNS1='212.82.225.7'
2016-10-18 15:35:00 +02:00
PIHOLE_DNS2='212.82.226.212'
;;
2018-04-02 12:54:04 +02:00
7) PIHOLE_DNS1='58.6.115.42'
2016-10-18 15:35:00 +02:00
PIHOLE_DNS2='58.6.115.43'
;;
2018-04-02 12:54:04 +02:00
8) PIHOLE_DNS1='119.31.230.42'
2016-10-18 15:35:00 +02:00
PIHOLE_DNS2='200.252.98.162'
;;
2018-04-02 12:54:04 +02:00
9) PIHOLE_DNS1='217.79.186.148'
2016-10-18 15:35:00 +02:00
PIHOLE_DNS2='81.89.98.6'
;;
2018-04-02 12:54:04 +02:00
10) PIHOLE_DNS1='78.159.101.37'
PIHOLE_DNS2='203.167.220.153'
;;
11) PIHOLE_DNS1='82.229.244.191'
2016-10-18 15:35:00 +02:00
PIHOLE_DNS2='82.229.244.191'
;;
2018-04-02 12:54:04 +02:00
12) PIHOLE_DNS1='216.87.84.211'
2016-10-18 15:35:00 +02:00
PIHOLE_DNS2='66.244.95.20'
;;
2018-04-02 12:54:04 +02:00
13) PIHOLE_DNS1='207.192.69.155'
2016-10-18 15:35:00 +02:00
PIHOLE_DNS2='72.14.189.120'
;;
2018-04-02 12:54:04 +02:00
14) PIHOLE_DNS1='194.145.226.26'
2016-10-18 15:35:00 +02:00
PIHOLE_DNS2='77.220.232.44'
;;
2018-04-02 12:54:04 +02:00
15) PIHOLE_DNS1='78.46.89.147'
2016-10-18 15:35:00 +02:00
PIHOLE_DNS2='88.198.75.145'
;;
2018-04-02 12:54:04 +02:00
16) PIHOLE_DNS1='85.25.149.144'
2016-10-18 15:35:00 +02:00
PIHOLE_DNS2='87.106.37.196'
;;
2018-04-02 12:54:04 +02:00
17) PIHOLE_DNS1='84.200.69.80'
2017-10-15 11:09:18 +02:00
PIHOLE_DNS2='84.200.70.40'
;;
2018-04-02 12:54:04 +02:00
18) PIHOLE_DNS1='91.239.100.100'
2017-10-15 11:18:39 +02:00
PIHOLE_DNS2='89.233.43.71'
;;
2018-04-02 12:54:04 +02:00
19) PIHOLE_DNS1='80.67.188.188'
2017-10-15 11:51:49 +02:00
PIHOLE_DNS2='89.234.141.66'
;;
2018-04-02 12:54:04 +02:00
20) PIHOLE_DNS1='8.8.8.8'
2016-10-18 15:35:00 +02:00
PIHOLE_DNS2='4.4.4.4'
2017-10-15 11:25:23 +02:00
dialog --title $"WARNING" \
2018-03-01 00:17:49 +01:00
--msgbox $"\\nGoogle's main purpose for providing DNS resolvers is to spy upon people and know which sites they are visiting.\\n\\nThis is something to consider, and you should only really be using Google DNS as a last resort if other resolvers are unavailable." 12 60
2016-10-18 15:35:00 +02:00
;;
2018-03-01 00:17:49 +01:00
255) rm -f "$data"
exit 1;;
2016-10-18 15:35:00 +02:00
esac
2018-03-01 00:17:49 +01:00
rm -f "$data"
2016-10-18 15:35:00 +02:00
write_config_param "PIHOLE_DNS1" "$PIHOLE_DNS1"
write_config_param "PIHOLE_DNS2" "$PIHOLE_DNS2"
2016-10-18 19:40:06 +02:00
}
function update_pihole_interactive {
clear
echo $'Updating Ad Blocker Lists'
echo ''
2016-10-18 15:35:00 +02:00
pihole_update
2016-10-18 00:36:50 +02:00
}
2016-10-18 19:40:06 +02:00
function configure_firewall_for_pihole {
2016-10-22 11:39:34 +02:00
firewall_add DNS 53
2016-10-18 19:40:06 +02:00
}
2016-10-30 12:47:09 +01:00
function pihole_pause {
pihole disable
dialog --title $"Pause Ad Blocker" \
--msgbox $"Ad blocking is paused" 6 60
}
function pihole_resume {
pihole enable
dialog --title $"Resume Ad Blocker" \
--msgbox $"Ad blocking has resumed" 6 60
}
2016-10-18 00:36:50 +02:00
function configure_interactive_pihole {
2018-06-03 15:14:45 +02:00
W=(1 $"Edit ads list"
2 $"Edit blacklisted domain names"
3 $"Edit whitelisted domain names"
4 $"Change upstream DNS servers"
5 $"Pause blocker"
6 $"Resume blocker")
2016-10-18 15:35:00 +02:00
while true
do
2018-06-03 15:14:45 +02:00
# shellcheck disable=SC2068
2018-06-03 15:20:44 +02:00
selection=$(dialog --backtitle $"Freedombone Administrator Control Panel" --title $"Ad blocker" --menu $"Choose an operation, or ESC for main menu:" 13 60 9 "${W[@]}" 3>&2 2>&1 1>&3)
2018-06-03 15:14:45 +02:00
if [ ! "$selection" ]; then
break
fi
case $selection in
2016-11-01 11:09:07 +01:00
1) editor $PIHOLE_CUSTOM_ADLIST
2016-10-18 19:40:06 +02:00
update_pihole_interactive
2016-10-18 15:35:00 +02:00
;;
2) editor $PIHOLE_BLACKLIST
2016-10-18 19:40:06 +02:00
update_pihole_interactive
2016-10-18 15:35:00 +02:00
;;
3) editor $PIHOLE_WHITELIST
2016-10-18 19:40:06 +02:00
update_pihole_interactive
;;
4) pihole_change_upstream_dns
update_pihole_interactive
2016-10-18 15:35:00 +02:00
;;
2016-10-30 12:47:09 +01:00
5) pihole_pause
;;
6) pihole_resume
;;
2016-10-18 15:35:00 +02:00
esac
done
2016-10-18 00:36:50 +02:00
}
function install_interactive_pihole {
APP_INSTALLED=1
}
function reconfigure_pihole {
echo -n ''
}
function upgrade_pihole {
2017-06-12 23:59:25 +02:00
CURR_PIHOLE_COMMIT=$(get_completion_param "pihole commit")
if [[ "$CURR_PIHOLE_COMMIT" == "$PIHOLE_COMMIT" ]]; then
return
fi
2016-10-18 15:35:00 +02:00
function_check set_repo_commit
2018-03-01 00:17:49 +01:00
set_repo_commit "$INSTALL_DIR/pihole" "pihole commit" "$PIHOLE_COMMIT" $PIHOLE_REPO
2016-10-18 15:35:00 +02:00
pihole_copy_files
2016-10-18 00:36:50 +02:00
pihole_update
}
function backup_local_pihole {
2016-10-18 15:35:00 +02:00
function_check backup_directory_to_usb
backup_directory_to_usb $piholeDir pihole
2016-10-18 00:36:50 +02:00
}
function restore_local_pihole {
2016-10-18 15:35:00 +02:00
function_check restore_directory_from_usb
restore_directory_from_usb / pihole
2016-10-18 00:36:50 +02:00
}
function backup_remote_pihole {
2016-10-18 15:35:00 +02:00
function_check backup_directory_to_friend
backup_directory_to_friend $piholeDir pihole
2016-10-18 00:36:50 +02:00
}
function restore_remote_pihole {
2016-10-18 15:35:00 +02:00
function_check restore_directory_from_friend
restore_directory_from_friend / pihole
2016-10-18 00:36:50 +02:00
}
function remove_pihole {
2016-10-23 20:38:14 +02:00
apt-get -yq remove --purge dnsmasq
2016-10-18 00:36:50 +02:00
if [ ! -d /var/www/pihole ]; then
rm -rf /var/www/pihole
fi
if [ -f /usr/local/bin/gravity.sh ]; then
rm /usr/local/bin/gravity.sh
fi
if [ -f /usr/local/bin/pihole ]; then
rm /usr/local/bin/pihole
fi
if [ -d /opt/pihole ]; then
rm -rf /opt/pihole
fi
if [ -d $piholeDir ]; then
rm -rf $piholeDir
fi
2016-11-01 00:12:55 +01:00
if [ -d /etc/.pihole ]; then
rm -rf /etc/.pihole
fi
2016-10-18 00:36:50 +02:00
if [ -f /var/log/pihole.log ]; then
rm /var/log/pihole.log
fi
if [ -f /etc/cron.d/pihole ]; then
rm /etc/cron.d/pihole
fi
2018-03-01 00:17:49 +01:00
if [ -d "$INSTALL_DIR/pihole" ]; then
rm -rf "$INSTALL_DIR/pihole"
2016-10-30 12:53:47 +01:00
fi
2016-10-22 11:39:34 +02:00
firewall_remove 53
2016-10-18 00:36:50 +02:00
userdel -r pihole
}
function install_pihole {
2016-11-01 12:45:12 +01:00
apt-get -yq install dnsmasq curl
2016-10-18 00:36:50 +02:00
adduser --disabled-login --gecos 'pi-hole' pihole
2017-06-10 19:34:45 +02:00
if [ ! -d /home/pihole ]; then
echo $"/home/pihole directory not created"
exit 538929
fi
2016-11-29 16:00:40 +01:00
chmod 600 /etc/shadow
chmod 600 /etc/gshadow
2016-10-18 00:36:50 +02:00
usermod -a -G www-data pihole
2016-11-29 16:00:40 +01:00
chmod 0000 /etc/shadow
chmod 0000 /etc/gshadow
2016-10-18 00:36:50 +02:00
2016-10-18 15:35:00 +02:00
systemctl enable dnsmasq
2018-03-01 00:17:49 +01:00
if [ ! -d "$INSTALL_DIR" ]; then
mkdir -p "$INSTALL_DIR"
2016-10-18 00:36:50 +02:00
fi
2018-03-01 00:17:49 +01:00
if [ ! -d "$INSTALL_DIR/pihole" ]; then
cd "$INSTALL_DIR" || exit 78245624527
2017-06-15 13:33:16 +02:00
if [ -d /repos/pihole ]; then
mkdir pihole
2017-06-17 19:37:06 +02:00
cp -r -p /repos/pihole/. pihole
2018-03-01 00:17:49 +01:00
cd pihole || exit 24572424684
2017-06-15 13:33:16 +02:00
git pull
else
git_clone $PIHOLE_REPO pihole
fi
2018-03-01 00:17:49 +01:00
if [ ! -d "$INSTALL_DIR/pihole" ]; then
2016-10-18 15:35:00 +02:00
exit 523925
fi
2018-03-01 00:17:49 +01:00
cd "$INSTALL_DIR/pihole" || exit 2682468242
git checkout "$PIHOLE_COMMIT" -b "$PIHOLE_COMMIT"
2016-10-18 15:35:00 +02:00
set_completion_param "pihole commit" "$PIHOLE_COMMIT"
2016-10-18 00:36:50 +02:00
fi
if [ ! -d /var/www/pihole/htdocs ]; then
mkdir -p /var/www/pihole/htdocs
fi
# blank file which takes the place of ads
2018-03-01 00:17:49 +01:00
{ echo '<html>';
echo '<body>';
echo '</body>';
echo '</html>'; } > /var/www/pihole/htdocs/index.html
2016-10-18 00:36:50 +02:00
2018-03-01 00:17:49 +01:00
if [ ! -f "$INSTALL_DIR/pihole/gravity.sh" ]; then
2016-10-18 00:36:50 +02:00
exit 26738
fi
2018-03-01 00:17:49 +01:00
cp "$INSTALL_DIR/pihole/gravity.sh" /usr/local/bin/gravity.sh
2016-10-18 00:36:50 +02:00
chmod 755 /usr/local/bin/gravity.sh
2016-10-18 15:35:00 +02:00
2018-03-01 00:17:49 +01:00
if [ ! -f "$INSTALL_DIR/pihole/pihole" ]; then
2016-10-18 15:35:00 +02:00
exit 52935
fi
2018-03-01 00:17:49 +01:00
cp "$INSTALL_DIR/pihole/pihole" /usr/local/bin/pihole
2016-10-18 00:36:50 +02:00
chmod 755 /usr/local/bin/pihole
if [ ! -d $piholeDir ]; then
mkdir $piholeDir
fi
if [ ! -d /opt/pihole ]; then
mkdir -p /opt/pihole
fi
2016-10-18 15:35:00 +02:00
pihole_copy_files
2016-10-18 00:36:50 +02:00
chown -R www-data:www-data /var/www/pihole/htdocs
2016-10-18 19:40:06 +02:00
configure_firewall_for_pihole
2016-10-18 00:36:50 +02:00
pihole_update
APP_INSTALLED=1
}
# NOTE: deliberately no exit 0
