free
/
freedombone
关注 1
点赞 0
派生 0
代码 工单 0 合并请求 0 版本发布 0 百科 动态
9034 提交
5 分支
目录树: 9d169b3602
分支列表 标签列表
${ item.name }
创建分支 ${ searchTerm }
从 '9d169b3602'
${ noResults }
freedombone/src/freedombone-app-pihole

freedombone-app-pihole 13KB
文件历史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466 
  1. #!/bin/bash

  2. #  _____               _           _

  3. # |   __|___ ___ ___ _| |___ _____| |_ ___ ___ ___

  4. # |   __|  _| -_| -_| . | . |     | . | . |   | -_|

  5. # |__|  |_| |___|___|___|___|_|_|_|___|___|_|_|___|

  6. #

  7. #                              Freedom in the Cloud

  8. #

  9. # pi-hole ad blocker

  10. #

  11. # Adapted from instructions at:

  12. #  http://jacobsalmela.com/block-millions-ads-network-wide-with-a-raspberry-pi-hole-2-0/#manualsetup

  13. #

  14. # License

  15. # =======

  16. #

  17. # Copyright (C) 2016-2018 Bob Mottram <bob@freedombone.net>

  18. #

  19. # This program is free software: you can redistribute it and/or modify

  20. # it under the terms of the GNU Affero General Public License as published by

  21. # the Free Software Foundation, either version 3 of the License, or

  22. # (at your option) any later version.

  23. #

  24. # This program is distributed in the hope that it will be useful,

  25. # but WITHOUT ANY WARRANTY; without even the implied warranty of

  26. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  27. # GNU Affero General Public License for more details.

  28. #

  29. # You should have received a copy of the GNU Affero General Public License

  30. # along with this program.  If not, see <http://www.gnu.org/licenses/>.

  31. 

  32. VARIANTS='full full-vim adblocker'

  33. 

  34. IN_DEFAULT_INSTALL=0

  35. SHOW_ON_ABOUT=0

  36. 

  37. PIHOLE_IFACE=eth0

  38. PIHOLE_DNS1='91.239.100.100'

  39. PIHOLE_DNS2='89.233.43.71'

  40. 

  41. piholeBasename=pihole

  42. piholeDir=/etc/$piholeBasename

  43. PIHOLE_CUSTOM_ADLIST=$piholeDir/adlists.list

  44. PIHOLE_BLACKLIST=$piholeDir/blacklist.txt

  45. PIHOLE_WHITELIST=$piholeDir/whitelist.txt

  46. 

  47. PIHOLE_REPO="https://github.com/pi-hole/pi-hole"

  48. PIHOLE_COMMIT='e602008459128c233899b1e9d70cca0f38f41670'

  49. 

  50. pihole_variables=(ONION_ONLY

  51.                   PIHOLE_IFACE

  52.                   PIHOLE_DNS1

  53.                   PIHOLE_DNS2)

  54. 

  55. function logging_on_pihole {

  56.     echo -n ''

  57. }

  58. 

  59. function logging_off_pihole {

  60.     echo -n ''

  61. }

  62. 

  63. function pihole_copy_files {

  64.     if [ ! -d /etc/.pihole ]; then

  65.         mkdir /etc/.pihole

  66.     fi

  67.     cp "$INSTALL_DIR/pihole/adlists.default" /etc/.pihole/adlists.default

  68.     cp "$INSTALL_DIR/pihole/adlists.default" $piholeDir/adlists.default

  69.     if [ ! -f $PIHOLE_CUSTOM_ADLIST ]; then

  70.         cp "$INSTALL_DIR/pihole/adlists.default" $PIHOLE_CUSTOM_ADLIST

  71.     fi

  72.     cp "$INSTALL_DIR/pihole/advanced/Scripts/"* /opt/$piholeBasename

  73.     if [ -f /etc/dnsmasq.d/01-pihole.conf ]; then

  74.         rm /etc/dnsmasq.d/01-pihole.conf

  75.     fi

  76.     cp "$INSTALL_DIR/pihole/advanced/pihole.cron" /etc/cron.d/pihole

  77.     cp "$INSTALL_DIR/pihole/gravity.sh" /opt/$piholeBasename

  78.     chmod +x /opt/pihole/*.sh

  79. }

  80. 

  81. function pihole_change_ipv4 {

  82.     new_ipv4="$1"

  83.     if [ -f /usr/local/bin/pihole ]; then

  84.         setupVars=$piholeDir/setupVars.conf

  85.         if [ -f $setupVars ]; then

  86.             sed -i "s|IPv4_address=.*|IPv4_address=${new_ipv4}|g" $setupVars

  87.         fi

  88.     fi

  89. }

  90. 

  91. function pihole_update {

  92.     if [ ! -f /usr/local/bin/gravity.sh ]; then

  93.         return

  94.     fi

  95. 

  96.     if [ ! -f "$HOME/${PROJECT_NAME}-wifi.cfg" ]; then

  97.         PIHOLE_IFACE=eth0

  98.     else

  99.         read_config_param WIFI_INTERFACE

  100.         PIHOLE_IFACE=$WIFI_INTERFACE

  101.     fi

  102. 

  103.     IPv4_address="$(get_ipv4_address)"

  104.     IPv6_address="$(get_ipv6_address)"

  105. 

  106.     setupVars=$piholeDir/setupVars.conf

  107.     echo "piholeInterface=${PIHOLE_IFACE}" > ${setupVars}

  108.     echo "IPV4_ADDRESS=${IPv4_address}" >> ${setupVars}

  109.     if [ ${#IPv6_address} -gt 0 ]; then

  110.         echo "IPV6_ADDRESS=${IPv6_address}" >> ${setupVars}

  111.     fi

  112.     echo "piholeDNS1=${PIHOLE_DNS1}" >> ${setupVars}

  113.     echo "piholeDNS2=${PIHOLE_DNS1}" >> ${setupVars}

  114. 

  115.     { echo 'domain-needed';

  116.       echo 'bogus-priv';

  117.       echo 'no-resolv';

  118.       echo "server=${PIHOLE_DNS1}";

  119.       echo "server=${PIHOLE_DNS2}";

  120.       echo "interface=${PIHOLE_IFACE}";

  121.       echo 'listen-address=127.0.0.1'; } > /etc/dnsmasq.conf

  122. 

  123.     pihole -g

  124.     systemctl restart dnsmasq

  125. 

  126.     # avoid having the tripwire report pihole updates

  127.     if ! grep -q '!/etc/pihole' /etc/tripwire/twpol.txt; then

  128.         sed -i '\|/etc\t\t->.*|a\    !/etc/pihole ;' /etc/tripwire/twpol.txt

  129.     fi

  130. }

  131. 

  132. function pihole_change_upstream_dns {

  133.     data=$(mktemp 2>/dev/null)

  134.     dialog --backtitle $"Ad Blocker Upstream DNS" \

  135.            --radiolist $"Pick a domain name service (DNS):" 29 50 20 \

  136.            1 $"UncensoredDNS" on \

  137.            2 $"Digital Courage" off \

  138.            3 $"German Privacy Foundation 1" off \

  139.            4 $"German Privacy Foundation 2" off \

  140.            5 $"Chaos Computer Club" off \

  141.            6 $"ClaraNet" off \

  142.            7 $"OpenNIC 1" off \

  143.            8 $"OpenNIC 2" off \

  144.            9 $"OpenNIC 3" off \

  145.            10 $"OpenNIC 4" off \

  146.            11 $"OpenNIC 5" off \

  147.            12 $"OpenNIC 6" off \

  148.            13 $"OpenNIC 7" off \

  149.            14 $"PowerNS" off \

  150.            15 $"ValiDOM" off \

  151.            16 $"Freie Unzensierte" off \

  152.            17 $"DNS.Watch" off \

  153.            18 $"uncensoreddns.org" off \

  154.            19 $"Lorraine Data Network" off \

  155.            20 $"Google" off 2> "$data"

  156.     sel=$?

  157.     case $sel in

  158.         1) rm -f "$data"

  159.            exit 1;;

  160.         255) rm -f "$data"

  161.              exit 1;;

  162.     esac

  163.     case $(cat "$data") in

  164.         1) PIHOLE_DNS1='91.239.100.100'

  165.            PIHOLE_DNS2='89.233.43.71'

  166.            ;;

  167.         2) PIHOLE_DNS1='85.214.73.63'

  168.            PIHOLE_DNS2='213.73.91.35'

  169.            ;;

  170.         3) PIHOLE_DNS1='87.118.100.175'

  171.            PIHOLE_DNS2='94.75.228.29'

  172.            ;;

  173.         4) PIHOLE_DNS1='85.25.251.254'

  174.            PIHOLE_DNS2='2.141.58.13'

  175.            ;;

  176.         5) PIHOLE_DNS1='213.73.91.35'

  177.            PIHOLE_DNS2='85.214.73.63'

  178.            ;;

  179.         6) PIHOLE_DNS1='212.82.225.7'

  180.            PIHOLE_DNS2='212.82.226.212'

  181.            ;;

  182.         7) PIHOLE_DNS1='58.6.115.42'

  183.            PIHOLE_DNS2='58.6.115.43'

  184.            ;;

  185.         8) PIHOLE_DNS1='119.31.230.42'

  186.            PIHOLE_DNS2='200.252.98.162'

  187.            ;;

  188.         9) PIHOLE_DNS1='217.79.186.148'

  189.            PIHOLE_DNS2='81.89.98.6'

  190.            ;;

  191.         10) PIHOLE_DNS1='78.159.101.37'

  192.             PIHOLE_DNS2='203.167.220.153'

  193.             ;;

  194.         11) PIHOLE_DNS1='82.229.244.191'

  195.             PIHOLE_DNS2='82.229.244.191'

  196.             ;;

  197.         12) PIHOLE_DNS1='216.87.84.211'

  198.             PIHOLE_DNS2='66.244.95.20'

  199.             ;;

  200.         13) PIHOLE_DNS1='207.192.69.155'

  201.             PIHOLE_DNS2='72.14.189.120'

  202.             ;;

  203.         14) PIHOLE_DNS1='194.145.226.26'

  204.             PIHOLE_DNS2='77.220.232.44'

  205.             ;;

  206.         15) PIHOLE_DNS1='78.46.89.147'

  207.             PIHOLE_DNS2='88.198.75.145'

  208.             ;;

  209.         16) PIHOLE_DNS1='85.25.149.144'

  210.             PIHOLE_DNS2='87.106.37.196'

  211.             ;;

  212.         17) PIHOLE_DNS1='84.200.69.80'

  213.             PIHOLE_DNS2='84.200.70.40'

  214.             ;;

  215.         18) PIHOLE_DNS1='91.239.100.100'

  216.             PIHOLE_DNS2='89.233.43.71'

  217.             ;;

  218.         19) PIHOLE_DNS1='80.67.188.188'

  219.             PIHOLE_DNS2='89.234.141.66'

  220.             ;;

  221.         20) PIHOLE_DNS1='8.8.8.8'

  222.             PIHOLE_DNS2='4.4.4.4'

  223.             dialog --title $"WARNING" \

  224.                    --msgbox $"\\nGoogle's main purpose for providing DNS resolvers is to spy upon people and know which sites they are visiting.\\n\\nThis is something to consider, and you should only really be using Google DNS as a last resort if other resolvers are unavailable." 12 60

  225.             ;;

  226.         255) rm -f "$data"

  227.              exit 1;;

  228.     esac

  229.     rm -f "$data"

  230.     write_config_param "PIHOLE_DNS1" "$PIHOLE_DNS1"

  231.     write_config_param "PIHOLE_DNS2" "$PIHOLE_DNS2"

  232. }

  233. 

  234. function update_pihole_interactive {

  235.     clear

  236.     echo $'Updating Ad Blocker Lists'

  237.     echo ''

  238.     pihole_update

  239. }

  240. 

  241. function configure_firewall_for_pihole {

  242.     firewall_add DNS 53

  243. }

  244. 

  245. function pihole_pause {

  246.     pihole disable

  247.     dialog --title $"Pause Ad Blocker" \

  248.            --msgbox $"Ad blocking is paused" 6 60

  249. }

  250. 

  251. function pihole_resume {

  252.     pihole enable

  253.     dialog --title $"Resume Ad Blocker" \

  254.            --msgbox $"Ad blocking has resumed" 6 60

  255. }

  256. 

  257. function configure_interactive_pihole {

  258.     while true

  259.     do

  260.         data=$(mktemp 2>/dev/null)

  261.         dialog --backtitle $"Freedombone Control Panel" \

  262.                --title $"Ad Blocker" \

  263.                --radiolist $"Choose an operation:" 16 70 7 \

  264.                1 $"Edit ads list" off \

  265.                2 $"Edit blacklisted domain names" off \

  266.                3 $"Edit whitelisted domain names" off \

  267.                4 $"Change upstream DNS servers" off \

  268.                5 $"Pause blocker" off \

  269.                6 $"Resume blocker" off \

  270.                7 $"Exit" on 2> "$data"

  271.         sel=$?

  272.         case $sel in

  273.             1) rm -f "$data"

  274.                exit 1;;

  275.             255) rm -f "$data"

  276.                  exit 1;;

  277.         esac

  278.         case $(cat "$data") in

  279.             1) editor $PIHOLE_CUSTOM_ADLIST

  280.                update_pihole_interactive

  281.                ;;

  282.             2) editor $PIHOLE_BLACKLIST

  283.                update_pihole_interactive

  284.                ;;

  285.             3) editor $PIHOLE_WHITELIST

  286.                update_pihole_interactive

  287.                ;;

  288.             4) pihole_change_upstream_dns

  289.                update_pihole_interactive

  290.                ;;

  291.             5) pihole_pause

  292.                ;;

  293.             6) pihole_resume

  294.                ;;

  295.             7) rm -f "$data"

  296.                break;;

  297.         esac

  298.         rm -f "$data"

  299.     done

  300. }

  301. 

  302. function install_interactive_pihole {

  303.     APP_INSTALLED=1

  304. }

  305. 

  306. function reconfigure_pihole {

  307.     echo -n ''

  308. }

  309. 

  310. function upgrade_pihole {

  311.     CURR_PIHOLE_COMMIT=$(get_completion_param "pihole commit")

  312.     if [[ "$CURR_PIHOLE_COMMIT" == "$PIHOLE_COMMIT" ]]; then

  313.         return

  314.     fi

  315. 

  316.     function_check set_repo_commit

  317.     set_repo_commit "$INSTALL_DIR/pihole" "pihole commit" "$PIHOLE_COMMIT" $PIHOLE_REPO

  318. 

  319.     pihole_copy_files

  320.     pihole_update

  321. }

  322. 

  323. function backup_local_pihole {

  324.     function_check backup_directory_to_usb

  325.     backup_directory_to_usb $piholeDir pihole

  326. }

  327. 

  328. function restore_local_pihole {

  329.     function_check restore_directory_from_usb

  330.     restore_directory_from_usb / pihole

  331. }

  332. 

  333. function backup_remote_pihole {

  334.     function_check backup_directory_to_friend

  335.     backup_directory_to_friend $piholeDir pihole

  336. }

  337. 

  338. function restore_remote_pihole {

  339.     function_check restore_directory_from_friend

  340.     restore_directory_from_friend / pihole

  341. }

  342. 

  343. function remove_pihole {

  344.     apt-get -yq remove --purge dnsmasq

  345. 

  346.     if [ ! -d /var/www/pihole ]; then

  347.         rm -rf /var/www/pihole

  348.     fi

  349. 

  350.     if [ -f /usr/local/bin/gravity.sh ]; then

  351.         rm /usr/local/bin/gravity.sh

  352.     fi

  353. 

  354.     if [ -f /usr/local/bin/pihole ]; then

  355.         rm /usr/local/bin/pihole

  356.     fi

  357. 

  358.     if [ -d /opt/pihole ]; then

  359.         rm -rf /opt/pihole

  360.     fi

  361. 

  362.     if [ -d $piholeDir ]; then

  363.         rm -rf $piholeDir

  364.     fi

  365. 

  366.     if [ -d /etc/.pihole ]; then

  367.         rm -rf /etc/.pihole

  368.     fi

  369. 

  370.     if [ -f /var/log/pihole.log ]; then

  371.         rm /var/log/pihole.log

  372.     fi

  373. 

  374.     if [ -f /etc/cron.d/pihole ]; then

  375.         rm /etc/cron.d/pihole

  376.     fi

  377. 

  378.     if [ -d "$INSTALL_DIR/pihole" ]; then

  379.         rm -rf "$INSTALL_DIR/pihole"

  380.     fi

  381. 

  382.     firewall_remove 53

  383.     userdel -r pihole

  384. }

  385. 

  386. function install_pihole {

  387.     apt-get -yq install dnsmasq curl

  388.     adduser --disabled-login --gecos 'pi-hole' pihole

  389.     if [ ! -d /home/pihole ]; then

  390.         echo $"/home/pihole directory not created"

  391.         exit 538929

  392.     fi

  393. 

  394.     chmod 600 /etc/shadow

  395.     chmod 600 /etc/gshadow

  396.     usermod -a -G www-data pihole

  397.     chmod 0000 /etc/shadow

  398.     chmod 0000 /etc/gshadow

  399. 

  400.     systemctl enable dnsmasq

  401. 

  402.     if [ ! -d "$INSTALL_DIR" ]; then

  403.         mkdir -p "$INSTALL_DIR"

  404.     fi

  405. 

  406.     if [ ! -d "$INSTALL_DIR/pihole" ]; then

  407.         cd "$INSTALL_DIR" || exit 78245624527

  408. 

  409.         if [ -d /repos/pihole ]; then

  410.             mkdir pihole

  411.             cp -r -p /repos/pihole/. pihole

  412.             cd pihole || exit 24572424684

  413.             git pull

  414.         else

  415.             git_clone $PIHOLE_REPO pihole

  416.         fi

  417. 

  418.         if [ ! -d "$INSTALL_DIR/pihole" ]; then

  419.             exit 523925

  420.         fi

  421.         cd "$INSTALL_DIR/pihole" || exit 2682468242

  422.         git checkout "$PIHOLE_COMMIT" -b "$PIHOLE_COMMIT"

  423.         set_completion_param "pihole commit" "$PIHOLE_COMMIT"

  424.     fi

  425. 

  426.     if [ ! -d /var/www/pihole/htdocs ]; then

  427.         mkdir -p /var/www/pihole/htdocs

  428.     fi

  429. 

  430.     # blank file which takes the place of ads

  431.     { echo '<html>';

  432.       echo '<body>';

  433.       echo '</body>';

  434.       echo '</html>'; } > /var/www/pihole/htdocs/index.html

  435. 

  436.     if [ ! -f "$INSTALL_DIR/pihole/gravity.sh" ]; then

  437.         exit 26738

  438.     fi

  439.     cp "$INSTALL_DIR/pihole/gravity.sh" /usr/local/bin/gravity.sh

  440.     chmod 755 /usr/local/bin/gravity.sh

  441. 

  442.     if [ ! -f "$INSTALL_DIR/pihole/pihole" ]; then

  443.         exit 52935

  444.     fi

  445.     cp "$INSTALL_DIR/pihole/pihole" /usr/local/bin/pihole

  446.     chmod 755 /usr/local/bin/pihole

  447. 

  448.     if [ ! -d $piholeDir ]; then

  449.         mkdir $piholeDir

  450.     fi

  451.     if [ ! -d /opt/pihole ]; then

  452.         mkdir -p /opt/pihole

  453.     fi

  454. 

  455.     pihole_copy_files

  456. 

  457.     chown -R www-data:www-data /var/www/pihole/htdocs

  458. 

  459.     configure_firewall_for_pihole

  460. 

  461.     pihole_update

  462. 

  463.     APP_INSTALLED=1

  464. }

  465. 

  466. # NOTE: deliberately no exit 0