free
/
freedombone
Obserwuj 1
Gwiazdka 0
Forkuj 0
Kod Problemy 0 Pull Requests 0 Wydania 0 Wiki Aktywność
8489 Commity
5 Gałęzie
Drzewo: 3f59c12af7
freedombone/src/freedombone-app-pihole

freedombone-app-pihole 13KB
Historia Czysty

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458 
  1. #!/bin/bash

  2. #

  3. # .---.                  .              .

  4. # |                      |              |

  5. # |--- .--. .-.  .-.  .-.|  .-. .--.--. |.-.  .-. .--.  .-.

  6. # |    |   (.-' (.-' (   | (   )|  |  | |   )(   )|  | (.-'

  7. # '    '     --'  --'  -' -  -' '  '   -' -'   -' '   -  --'

  8. #

  9. #                    Freedom in the Cloud

  10. #

  11. # pi-hole ad blocker

  12. #

  13. # Adapted from instructions at:

  14. #  http://jacobsalmela.com/block-millions-ads-network-wide-with-a-raspberry-pi-hole-2-0/#manualsetup

  15. #

  16. # License

  17. # =======

  18. #

  19. # Copyright (C) 2016-2018 Bob Mottram <bob@freedombone.net>

  20. #

  21. # This program is free software: you can redistribute it and/or modify

  22. # it under the terms of the GNU Affero General Public License as published by

  23. # the Free Software Foundation, either version 3 of the License, or

  24. # (at your option) any later version.

  25. #

  26. # This program is distributed in the hope that it will be useful,

  27. # but WITHOUT ANY WARRANTY; without even the implied warranty of

  28. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  29. # GNU Affero General Public License for more details.

  30. #

  31. # You should have received a copy of the GNU Affero General Public License

  32. # along with this program.  If not, see <http://www.gnu.org/licenses/>.

  33. 

  34. VARIANTS='full full-vim adblocker'

  35. 

  36. IN_DEFAULT_INSTALL=0

  37. SHOW_ON_ABOUT=0

  38. 

  39. PIHOLE_IFACE=eth0

  40. PIHOLE_DNS1='85.214.73.63'

  41. PIHOLE_DNS2='213.73.91.35'

  42. 

  43. piholeBasename=pihole

  44. piholeDir=/etc/$piholeBasename

  45. PIHOLE_CUSTOM_ADLIST=$piholeDir/adlists.list

  46. PIHOLE_BLACKLIST=$piholeDir/blacklist.txt

  47. PIHOLE_WHITELIST=$piholeDir/whitelist.txt

  48. 

  49. PIHOLE_REPO="https://github.com/pi-hole/pi-hole"

  50. PIHOLE_COMMIT='e602008459128c233899b1e9d70cca0f38f41670'

  51. 

  52. pihole_variables=(ONION_ONLY

  53.                   PIHOLE_IFACE

  54.                   PIHOLE_DNS1

  55.                   PIHOLE_DNS2)

  56. 

  57. function logging_on_pihole {

  58.     echo -n ''

  59. }

  60. 

  61. function logging_off_pihole {

  62.     echo -n ''

  63. }

  64. 

  65. function pihole_copy_files {

  66.     if [ ! -d /etc/.pihole ]; then

  67.         mkdir /etc/.pihole

  68.     fi

  69.     cp $INSTALL_DIR/pihole/adlists.default /etc/.pihole/adlists.default

  70.     cp $INSTALL_DIR/pihole/adlists.default $piholeDir/adlists.default

  71.     if [ ! -f $PIHOLE_CUSTOM_ADLIST ]; then

  72.         cp $INSTALL_DIR/pihole/adlists.default $PIHOLE_CUSTOM_ADLIST

  73.     fi

  74.     cp $INSTALL_DIR/pihole/advanced/Scripts/* /opt/$piholeBasename

  75.     if [ -f /etc/dnsmasq.d/01-pihole.conf ]; then

  76.         rm /etc/dnsmasq.d/01-pihole.conf

  77.     fi

  78.     cp $INSTALL_DIR/pihole/advanced/pihole.cron /etc/cron.d/pihole

  79.     cp $INSTALL_DIR/pihole/gravity.sh /opt/$piholeBasename

  80.     chmod +x /opt/pihole/*.sh

  81. }

  82. 

  83. function pihole_change_ipv4 {

  84.     new_ipv4="$1"

  85.     if [ -f /usr/local/bin/pihole ]; then

  86.         setupVars=$piholeDir/setupVars.conf

  87.         if [ -f $setupVars ]; then

  88.             sed -i "s|IPv4_address=.*|IPv4_address=${new_ipv4}|g" $setupVars

  89.         fi

  90.     fi

  91. }

  92. 

  93. function pihole_update {

  94.     if [ ! -f /usr/local/bin/gravity.sh ]; then

  95.         return

  96.     fi

  97. 

  98.     if [ ! -f $HOME/${PROJECT_NAME}-wifi.cfg ]; then

  99.         PIHOLE_IFACE=eth0

  100.     else

  101.         read_config_param WIFI_INTERFACE

  102.         PIHOLE_IFACE=$WIFI_INTERFACE

  103.     fi

  104. 

  105.     IPv4_address="$(get_ipv4_address)"

  106.     IPv6_address="$(get_ipv6_address)"

  107. 

  108.     setupVars=$piholeDir/setupVars.conf

  109.     echo "piholeInterface=${PIHOLE_IFACE}" > ${setupVars}

  110.     echo "IPV4_ADDRESS=${IPv4_address}" >> ${setupVars}

  111.     if [ ${#IPv6_address} -gt 0 ]; then

  112.         echo "IPV6_ADDRESS=${IPv6_address}" >> ${setupVars}

  113.     fi

  114.     echo "piholeDNS1=${PIHOLE_DNS1}" >> ${setupVars}

  115.     echo "piholeDNS2=${PIHOLE_DNS1}" >> ${setupVars}

  116. 

  117.     echo 'domain-needed' > /etc/dnsmasq.conf

  118.     echo 'bogus-priv' >> /etc/dnsmasq.conf

  119.     echo 'no-resolv' >> /etc/dnsmasq.conf

  120.     echo "server=${PIHOLE_DNS1}" >> /etc/dnsmasq.conf

  121.     echo "server=${PIHOLE_DNS2}" >> /etc/dnsmasq.conf

  122.     echo "interface=${PIHOLE_IFACE}" >> /etc/dnsmasq.conf

  123.     echo 'listen-address=127.0.0.1' >> /etc/dnsmasq.conf

  124. 

  125.     pihole -g

  126.     systemctl restart dnsmasq

  127. 

  128.     # avoid having the tripwire report pihole updates

  129.     if ! grep -q '!/etc/pihole' /etc/tripwire/twpol.txt; then

  130.         sed -i '\|/etc\t\t->.*|a\    !/etc/pihole ;' /etc/tripwire/twpol.txt

  131.     fi

  132. }

  133. 

  134. function pihole_change_upstream_dns {

  135.     data=$(tempfile 2>/dev/null)

  136.     trap "rm -f $data" 0 1 2 5 15

  137.     dialog --backtitle $"Ad Blocker Upstream DNS" \

  138.            --radiolist $"Pick a domain name service (DNS):" 28 50 19 \

  139.            1 $"Digital Courage" on \

  140.            2 $"German Privacy Foundation 1" off \

  141.            3 $"German Privacy Foundation 2" off \

  142.            4 $"Chaos Computer Club" off \

  143.            5 $"ClaraNet" off \

  144.            6 $"OpenNIC 1" off \

  145.            7 $"OpenNIC 2" off \

  146.            8 $"OpenNIC 3" off \

  147.            9 $"OpenNIC 4" off \

  148.            10 $"OpenNIC 5" off \

  149.            11 $"OpenNIC 6" off \

  150.            12 $"OpenNIC 7" off \

  151.            13 $"PowerNS" off \

  152.            14 $"ValiDOM" off \

  153.            15 $"Freie Unzensierte" off \

  154.            16 $"DNS.Watch" off \

  155.            17 $"uncensoreddns.org" off \

  156.            18 $"Lorraine Data Network" off \

  157.            19 $"Google" off 2> $data

  158.     sel=$?

  159.     case $sel in

  160.         1) exit 1;;

  161.         255) exit 1;;

  162.     esac

  163.     case $(cat $data) in

  164.         1) PIHOLE_DNS1='85.214.73.63'

  165.            PIHOLE_DNS2='213.73.91.35'

  166.            ;;

  167.         2) PIHOLE_DNS1='87.118.100.175'

  168.            PIHOLE_DNS2='94.75.228.29'

  169.            ;;

  170.         3) PIHOLE_DNS1='85.25.251.254'

  171.            PIHOLE_DNS2='2.141.58.13'

  172.            ;;

  173.         4) PIHOLE_DNS1='213.73.91.35'

  174.            PIHOLE_DNS2='85.214.73.63'

  175.            ;;

  176.         5) PIHOLE_DNS1='212.82.225.7'

  177.            PIHOLE_DNS2='212.82.226.212'

  178.            ;;

  179.         6) PIHOLE_DNS1='58.6.115.42'

  180.            PIHOLE_DNS2='58.6.115.43'

  181.            ;;

  182.         7) PIHOLE_DNS1='119.31.230.42'

  183.            PIHOLE_DNS2='200.252.98.162'

  184.            ;;

  185.         8) PIHOLE_DNS1='217.79.186.148'

  186.            PIHOLE_DNS2='81.89.98.6'

  187.            ;;

  188.         9) PIHOLE_DNS1='78.159.101.37'

  189.            PIHOLE_DNS2='203.167.220.153'

  190.            ;;

  191.         10) PIHOLE_DNS1='82.229.244.191'

  192.             PIHOLE_DNS2='82.229.244.191'

  193.             ;;

  194.         11) PIHOLE_DNS1='216.87.84.211'

  195.             PIHOLE_DNS2='66.244.95.20'

  196.             ;;

  197.         12) PIHOLE_DNS1='207.192.69.155'

  198.             PIHOLE_DNS2='72.14.189.120'

  199.             ;;

  200.         13) PIHOLE_DNS1='194.145.226.26'

  201.             PIHOLE_DNS2='77.220.232.44'

  202.             ;;

  203.         14) PIHOLE_DNS1='78.46.89.147'

  204.             PIHOLE_DNS2='88.198.75.145'

  205.             ;;

  206.         15) PIHOLE_DNS1='85.25.149.144'

  207.             PIHOLE_DNS2='87.106.37.196'

  208.             ;;

  209.         16) PIHOLE_DNS1='84.200.69.80'

  210.             PIHOLE_DNS2='84.200.70.40'

  211.             ;;

  212.         17) PIHOLE_DNS1='91.239.100.100'

  213.             PIHOLE_DNS2='89.233.43.71'

  214.             ;;

  215.         18) PIHOLE_DNS1='80.67.188.188'

  216.             PIHOLE_DNS2='89.234.141.66'

  217.             ;;

  218.         19) PIHOLE_DNS1='8.8.8.8'

  219.             PIHOLE_DNS2='4.4.4.4'

  220.             dialog --title $"WARNING" \

  221.                    --msgbox $"\nGoogle's main purpose for providing DNS resolvers is to spy upon people and know which sites they are visiting.\n\nThis is something to consider, and you should only really be using Google DNS as a last resort if other resolvers are unavailable." 12 60

  222.             ;;

  223.         255) exit 1;;

  224.     esac

  225.     write_config_param "PIHOLE_DNS1" "$PIHOLE_DNS1"

  226.     write_config_param "PIHOLE_DNS2" "$PIHOLE_DNS2"

  227. }

  228. 

  229. function update_pihole_interactive {

  230.     clear

  231.     echo $'Updating Ad Blocker Lists'

  232.     echo ''

  233.     pihole_update

  234. }

  235. 

  236. function configure_firewall_for_pihole {

  237.     firewall_add DNS 53

  238. }

  239. 

  240. function pihole_pause {

  241.     pihole disable

  242.     dialog --title $"Pause Ad Blocker" \

  243.            --msgbox $"Ad blocking is paused" 6 60

  244. }

  245. 

  246. function pihole_resume {

  247.     pihole enable

  248.     dialog --title $"Resume Ad Blocker" \

  249.            --msgbox $"Ad blocking has resumed" 6 60

  250. }

  251. 

  252. function configure_interactive_pihole {

  253.     while true

  254.     do

  255.         data=$(tempfile 2>/dev/null)

  256.         trap "rm -f $data" 0 1 2 5 15

  257.         dialog --backtitle $"Freedombone Control Panel" \

  258.                --title $"Ad Blocker" \

  259.                --radiolist $"Choose an operation:" 16 70 7 \

  260.                1 $"Edit ads list" off \

  261.                2 $"Edit blacklisted domain names" off \

  262.                3 $"Edit whitelisted domain names" off \

  263.                4 $"Change upstream DNS servers" off \

  264.                5 $"Pause blocker" off \

  265.                6 $"Resume blocker" off \

  266.                7 $"Exit" on 2> $data

  267.         sel=$?

  268.         case $sel in

  269.             1) exit 1;;

  270.             255) exit 1;;

  271.         esac

  272.         case $(cat $data) in

  273.             1) editor $PIHOLE_CUSTOM_ADLIST

  274.                update_pihole_interactive

  275.                ;;

  276.             2) editor $PIHOLE_BLACKLIST

  277.                update_pihole_interactive

  278.                ;;

  279.             3) editor $PIHOLE_WHITELIST

  280.                update_pihole_interactive

  281.                ;;

  282.             4) pihole_change_upstream_dns

  283.                update_pihole_interactive

  284.                ;;

  285.             5) pihole_pause

  286.                ;;

  287.             6) pihole_resume

  288.                ;;

  289.             7) break;;

  290.         esac

  291.     done

  292. }

  293. 

  294. function install_interactive_pihole {

  295.     APP_INSTALLED=1

  296. }

  297. 

  298. function reconfigure_pihole {

  299.     echo -n ''

  300. }

  301. 

  302. function upgrade_pihole {

  303.     CURR_PIHOLE_COMMIT=$(get_completion_param "pihole commit")

  304.     if [[ "$CURR_PIHOLE_COMMIT" == "$PIHOLE_COMMIT" ]]; then

  305.         return

  306.     fi

  307. 

  308.     function_check set_repo_commit

  309.     set_repo_commit $INSTALL_DIR/pihole "pihole commit" "$PIHOLE_COMMIT" $PIHOLE_REPO

  310. 

  311.     pihole_copy_files

  312.     pihole_update

  313. }

  314. 

  315. function backup_local_pihole {

  316.     function_check backup_directory_to_usb

  317.     backup_directory_to_usb $piholeDir pihole

  318. }

  319. 

  320. function restore_local_pihole {

  321.     function_check restore_directory_from_usb

  322.     restore_directory_from_usb / pihole

  323. }

  324. 

  325. function backup_remote_pihole {

  326.     function_check backup_directory_to_friend

  327.     backup_directory_to_friend $piholeDir pihole

  328. }

  329. 

  330. function restore_remote_pihole {

  331.     function_check restore_directory_from_friend

  332.     restore_directory_from_friend / pihole

  333. }

  334. 

  335. function remove_pihole {

  336.     apt-get -yq remove --purge dnsmasq

  337. 

  338.     if [ ! -d /var/www/pihole ]; then

  339.         rm -rf /var/www/pihole

  340.     fi

  341. 

  342.     if [ -f /usr/local/bin/gravity.sh ]; then

  343.         rm /usr/local/bin/gravity.sh

  344.     fi

  345. 

  346.     if [ -f /usr/local/bin/pihole ]; then

  347.         rm /usr/local/bin/pihole

  348.     fi

  349. 

  350.     if [ -d /opt/pihole ]; then

  351.         rm -rf /opt/pihole

  352.     fi

  353. 

  354.     if [ -d $piholeDir ]; then

  355.         rm -rf $piholeDir

  356.     fi

  357. 

  358.     if [ -d /etc/.pihole ]; then

  359.         rm -rf /etc/.pihole

  360.     fi

  361. 

  362.     if [ -f /var/log/pihole.log ]; then

  363.         rm /var/log/pihole.log

  364.     fi

  365. 

  366.     if [ -f /etc/cron.d/pihole ]; then

  367.         rm /etc/cron.d/pihole

  368.     fi

  369. 

  370.     if [ -d $INSTALL_DIR/pihole ]; then

  371.         rm -rf $INSTALL_DIR/pihole

  372.     fi

  373. 

  374.     firewall_remove 53

  375.     userdel -r pihole

  376. }

  377. 

  378. function install_pihole {

  379.     apt-get -yq install dnsmasq curl

  380.     adduser --disabled-login --gecos 'pi-hole' pihole

  381.     if [ ! -d /home/pihole ]; then

  382.         echo $"/home/pihole directory not created"

  383.         exit 538929

  384.     fi

  385. 

  386.     chmod 600 /etc/shadow

  387.     chmod 600 /etc/gshadow

  388.     usermod -a -G www-data pihole

  389.     chmod 0000 /etc/shadow

  390.     chmod 0000 /etc/gshadow

  391. 

  392.     systemctl enable dnsmasq

  393. 

  394.     if [ ! -d $INSTALL_DIR ]; then

  395.         mkdir -p $INSTALL_DIR

  396.     fi

  397. 

  398.     if [ ! -d $INSTALL_DIR/pihole ]; then

  399.         cd $INSTALL_DIR

  400. 

  401.         if [ -d /repos/pihole ]; then

  402.             mkdir pihole

  403.             cp -r -p /repos/pihole/. pihole

  404.             cd pihole

  405.             git pull

  406.         else

  407.             git_clone $PIHOLE_REPO pihole

  408.         fi

  409. 

  410.         if [ ! -d $INSTALL_DIR/pihole ]; then

  411.             exit 523925

  412.         fi

  413.         cd $INSTALL_DIR/pihole

  414.         git checkout $PIHOLE_COMMIT -b $PIHOLE_COMMIT

  415.         set_completion_param "pihole commit" "$PIHOLE_COMMIT"

  416.     fi

  417. 

  418.     if [ ! -d /var/www/pihole/htdocs ]; then

  419.         mkdir -p /var/www/pihole/htdocs

  420.     fi

  421. 

  422.     # blank file which takes the place of ads

  423.     echo '<html>' > /var/www/pihole/htdocs/index.html

  424.     echo '<body>' >> /var/www/pihole/htdocs/index.html

  425.     echo '</body>' >> /var/www/pihole/htdocs/index.html

  426.     echo '</html>' >> /var/www/pihole/htdocs/index.html

  427. 

  428.     if [ ! -f $INSTALL_DIR/pihole/gravity.sh ]; then

  429.         exit 26738

  430.     fi

  431.     cp $INSTALL_DIR/pihole/gravity.sh /usr/local/bin/gravity.sh

  432.     chmod 755 /usr/local/bin/gravity.sh

  433. 

  434.     if [ ! -f $INSTALL_DIR/pihole/pihole ]; then

  435.         exit 52935

  436.     fi

  437.     cp $INSTALL_DIR/pihole/pihole /usr/local/bin/pihole

  438.     chmod 755 /usr/local/bin/pihole

  439. 

  440.     if [ ! -d $piholeDir ]; then

  441.         mkdir $piholeDir

  442.     fi

  443.     if [ ! -d /opt/pihole ]; then

  444.         mkdir -p /opt/pihole

  445.     fi

  446. 

  447.     pihole_copy_files

  448. 

  449.     chown -R www-data:www-data /var/www/pihole/htdocs

  450. 

  451.     configure_firewall_for_pihole

  452. 

  453.     pihole_update

  454. 

  455.     APP_INSTALLED=1

  456. }

  457. 

  458. # NOTE: deliberately no exit 0