free
/
freedombone
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
9485 Commits
5 Branches
Tree: c93b8ecf20
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'c93b8ecf20'
${ noResults }
freedombone/src/freedombone-app-pihole

freedombone-app-pihole 12KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459 
  1. #!/bin/bash

  2. #  _____               _           _

  3. # |   __|___ ___ ___ _| |___ _____| |_ ___ ___ ___

  4. # |   __|  _| -_| -_| . | . |     | . | . |   | -_|

  5. # |__|  |_| |___|___|___|___|_|_|_|___|___|_|_|___|

  6. #

  7. #                              Freedom in the Cloud

  8. #

  9. # pi-hole ad blocker

  10. #

  11. # Adapted from instructions at:

  12. #  http://jacobsalmela.com/block-millions-ads-network-wide-with-a-raspberry-pi-hole-2-0/#manualsetup

  13. #

  14. # License

  15. # =======

  16. #

  17. # Copyright (C) 2016-2018 Bob Mottram <bob@freedombone.net>

  18. #

  19. # This program is free software: you can redistribute it and/or modify

  20. # it under the terms of the GNU Affero General Public License as published by

  21. # the Free Software Foundation, either version 3 of the License, or

  22. # (at your option) any later version.

  23. #

  24. # This program is distributed in the hope that it will be useful,

  25. # but WITHOUT ANY WARRANTY; without even the implied warranty of

  26. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  27. # GNU Affero General Public License for more details.

  28. #

  29. # You should have received a copy of the GNU Affero General Public License

  30. # along with this program.  If not, see <http://www.gnu.org/licenses/>.

  31. 

  32. VARIANTS='full full-vim adblocker'

  33. 

  34. IN_DEFAULT_INSTALL=0

  35. SHOW_ON_ABOUT=0

  36. 

  37. PIHOLE_IFACE=eth0

  38. PIHOLE_DNS1='91.239.100.100'

  39. PIHOLE_DNS2='89.233.43.71'

  40. 

  41. piholeBasename=pihole

  42. piholeDir=/etc/$piholeBasename

  43. PIHOLE_CUSTOM_ADLIST=$piholeDir/adlists.list

  44. PIHOLE_BLACKLIST=$piholeDir/blacklist.txt

  45. PIHOLE_WHITELIST=$piholeDir/whitelist.txt

  46. 

  47. PIHOLE_REPO="https://github.com/pi-hole/pi-hole"

  48. PIHOLE_COMMIT='fbee18e24d56b418e3329a56ae4156dbe8fe5e1f'

  49. 

  50. pihole_variables=(ONION_ONLY

  51.                   PIHOLE_IFACE

  52.                   PIHOLE_DNS1

  53.                   PIHOLE_DNS2)

  54. 

  55. function logging_on_pihole {

  56.     echo -n ''

  57. }

  58. 

  59. function logging_off_pihole {

  60.     echo -n ''

  61. }

  62. 

  63. function pihole_copy_files {

  64.     if [ ! -d /etc/.pihole ]; then

  65.         mkdir /etc/.pihole

  66.     fi

  67.     cp "$INSTALL_DIR/pihole/adlists.default" /etc/.pihole/adlists.default

  68.     cp "$INSTALL_DIR/pihole/adlists.default" $piholeDir/adlists.default

  69.     if [ ! -f $PIHOLE_CUSTOM_ADLIST ]; then

  70.         cp "$INSTALL_DIR/pihole/adlists.default" $PIHOLE_CUSTOM_ADLIST

  71.     fi

  72.     cp "$INSTALL_DIR/pihole/advanced/Scripts/"* /opt/$piholeBasename

  73.     if [ -f /etc/dnsmasq.d/01-pihole.conf ]; then

  74.         rm /etc/dnsmasq.d/01-pihole.conf

  75.     fi

  76.     cp "$INSTALL_DIR/pihole/advanced/pihole.cron" /etc/cron.d/pihole

  77.     cp "$INSTALL_DIR/pihole/gravity.sh" /opt/$piholeBasename

  78.     chmod +x /opt/pihole/*.sh

  79. }

  80. 

  81. function pihole_change_ipv4 {

  82.     new_ipv4="$1"

  83.     if [ -f /usr/local/bin/pihole ]; then

  84.         setupVars=$piholeDir/setupVars.conf

  85.         if [ -f $setupVars ]; then

  86.             sed -i "s|IPv4_address=.*|IPv4_address=${new_ipv4}|g" $setupVars

  87.         fi

  88.     fi

  89. }

  90. 

  91. function pihole_update {

  92.     if [ ! -f /usr/local/bin/gravity.sh ]; then

  93.         return

  94.     fi

  95. 

  96.     if [ ! -f "$HOME/${PROJECT_NAME}-wifi.cfg" ]; then

  97.         PIHOLE_IFACE=eth0

  98.     else

  99.         read_config_param WIFI_INTERFACE

  100.         PIHOLE_IFACE=$WIFI_INTERFACE

  101.     fi

  102. 

  103.     IPv4_address="$(get_ipv4_address)"

  104.     IPv6_address="$(get_ipv6_address)"

  105. 

  106.     setupVars=$piholeDir/setupVars.conf

  107.     echo "piholeInterface=${PIHOLE_IFACE}" > ${setupVars}

  108.     echo "IPV4_ADDRESS=${IPv4_address}" >> ${setupVars}

  109.     if [ ${#IPv6_address} -gt 0 ]; then

  110.         echo "IPV6_ADDRESS=${IPv6_address}" >> ${setupVars}

  111.     fi

  112.     echo "piholeDNS1=${PIHOLE_DNS1}" >> ${setupVars}

  113.     echo "piholeDNS2=${PIHOLE_DNS1}" >> ${setupVars}

  114. 

  115.     { echo 'domain-needed';

  116.       echo 'bogus-priv';

  117.       echo 'no-resolv';

  118.       echo "server=${PIHOLE_DNS1}";

  119.       echo "server=${PIHOLE_DNS2}";

  120.       echo "interface=${PIHOLE_IFACE}";

  121.       echo 'listen-address=127.0.0.1'; } > /etc/dnsmasq.conf

  122. 

  123.     pihole -g

  124.     systemctl restart dnsmasq

  125. 

  126.     # avoid having the tripwire report pihole updates

  127.     if ! grep -q '!/etc/pihole' /etc/tripwire/twpol.txt; then

  128.         sed -i '\|/etc\t\t->.*|a\    !/etc/pihole ;' /etc/tripwire/twpol.txt

  129.     fi

  130. }

  131. 

  132. function pihole_change_upstream_dns {

  133.     data=$(mktemp 2>/dev/null)

  134.     dialog --backtitle $"Ad Blocker Upstream DNS" \

  135.            --radiolist $"Pick a domain name service (DNS):" 29 50 20 \

  136.            1 $"UncensoredDNS" on \

  137.            2 $"Digital Courage" off \

  138.            3 $"German Privacy Foundation 1" off \

  139.            4 $"German Privacy Foundation 2" off \

  140.            5 $"Chaos Computer Club" off \

  141.            6 $"ClaraNet" off \

  142.            7 $"OpenNIC 1" off \

  143.            8 $"OpenNIC 2" off \

  144.            9 $"OpenNIC 3" off \

  145.            10 $"OpenNIC 4" off \

  146.            11 $"OpenNIC 5" off \

  147.            12 $"OpenNIC 6" off \

  148.            13 $"OpenNIC 7" off \

  149.            14 $"PowerNS" off \

  150.            15 $"ValiDOM" off \

  151.            16 $"Freie Unzensierte" off \

  152.            17 $"DNS.Watch" off \

  153.            18 $"uncensoreddns.org" off \

  154.            19 $"Lorraine Data Network" off \

  155.            20 $"Google" off 2> "$data"

  156.     sel=$?

  157.     case $sel in

  158.         1) rm -f "$data"

  159.            exit 1;;

  160.         255) rm -f "$data"

  161.              exit 1;;

  162.     esac

  163.     case $(cat "$data") in

  164.         1) PIHOLE_DNS1='91.239.100.100'

  165.            PIHOLE_DNS2='89.233.43.71'

  166.            ;;

  167.         2) PIHOLE_DNS1='85.214.73.63'

  168.            PIHOLE_DNS2='213.73.91.35'

  169.            ;;

  170.         3) PIHOLE_DNS1='87.118.100.175'

  171.            PIHOLE_DNS2='94.75.228.29'

  172.            ;;

  173.         4) PIHOLE_DNS1='85.25.251.254'

  174.            PIHOLE_DNS2='2.141.58.13'

  175.            ;;

  176.         5) PIHOLE_DNS1='213.73.91.35'

  177.            PIHOLE_DNS2='85.214.73.63'

  178.            ;;

  179.         6) PIHOLE_DNS1='212.82.225.7'

  180.            PIHOLE_DNS2='212.82.226.212'

  181.            ;;

  182.         7) PIHOLE_DNS1='58.6.115.42'

  183.            PIHOLE_DNS2='58.6.115.43'

  184.            ;;

  185.         8) PIHOLE_DNS1='119.31.230.42'

  186.            PIHOLE_DNS2='200.252.98.162'

  187.            ;;

  188.         9) PIHOLE_DNS1='217.79.186.148'

  189.            PIHOLE_DNS2='81.89.98.6'

  190.            ;;

  191.         10) PIHOLE_DNS1='78.159.101.37'

  192.             PIHOLE_DNS2='203.167.220.153'

  193.             ;;

  194.         11) PIHOLE_DNS1='82.229.244.191'

  195.             PIHOLE_DNS2='82.229.244.191'

  196.             ;;

  197.         12) PIHOLE_DNS1='216.87.84.211'

  198.             PIHOLE_DNS2='66.244.95.20'

  199.             ;;

  200.         13) PIHOLE_DNS1='207.192.69.155'

  201.             PIHOLE_DNS2='72.14.189.120'

  202.             ;;

  203.         14) PIHOLE_DNS1='194.145.226.26'

  204.             PIHOLE_DNS2='77.220.232.44'

  205.             ;;

  206.         15) PIHOLE_DNS1='78.46.89.147'

  207.             PIHOLE_DNS2='88.198.75.145'

  208.             ;;

  209.         16) PIHOLE_DNS1='85.25.149.144'

  210.             PIHOLE_DNS2='87.106.37.196'

  211.             ;;

  212.         17) PIHOLE_DNS1='84.200.69.80'

  213.             PIHOLE_DNS2='84.200.70.40'

  214.             ;;

  215.         18) PIHOLE_DNS1='91.239.100.100'

  216.             PIHOLE_DNS2='89.233.43.71'

  217.             ;;

  218.         19) PIHOLE_DNS1='80.67.188.188'

  219.             PIHOLE_DNS2='89.234.141.66'

  220.             ;;

  221.         20) PIHOLE_DNS1='8.8.8.8'

  222.             PIHOLE_DNS2='4.4.4.4'

  223.             dialog --title $"WARNING" \

  224.                    --msgbox $"\\nGoogle's main purpose for providing DNS resolvers is to spy upon people and know which sites they are visiting.\\n\\nThis is something to consider, and you should only really be using Google DNS as a last resort if other resolvers are unavailable." 12 60

  225.             ;;

  226.         255) rm -f "$data"

  227.              exit 1;;

  228.     esac

  229.     rm -f "$data"

  230.     write_config_param "PIHOLE_DNS1" "$PIHOLE_DNS1"

  231.     write_config_param "PIHOLE_DNS2" "$PIHOLE_DNS2"

  232. }

  233. 

  234. function update_pihole_interactive {

  235.     clear

  236.     echo $'Updating Ad Blocker Lists'

  237.     echo ''

  238.     pihole_update

  239. }

  240. 

  241. function configure_firewall_for_pihole {

  242.     firewall_add DNS 53

  243. }

  244. 

  245. function pihole_pause {

  246.     pihole disable

  247.     dialog --title $"Pause Ad Blocker" \

  248.            --msgbox $"Ad blocking is paused" 6 60

  249. }

  250. 

  251. function pihole_resume {

  252.     pihole enable

  253.     dialog --title $"Resume Ad Blocker" \

  254.            --msgbox $"Ad blocking has resumed" 6 60

  255. }

  256. 

  257. function configure_interactive_pihole {

  258.     W=(1 $"Edit ads list"

  259.        2 $"Edit blacklisted domain names"

  260.        3 $"Edit whitelisted domain names"

  261.        4 $"Change upstream DNS servers"

  262.        5 $"Pause blocker"

  263.        6 $"Resume blocker")

  264. 

  265.     while true

  266.     do

  267.         # shellcheck disable=SC2068

  268.         selection=$(dialog --backtitle $"Freedombone Administrator Control Panel" --title $"Ad blocker" --menu $"Choose an operation, or ESC for main menu:" 13 60 9 "${W[@]}" 3>&2 2>&1 1>&3)

  269. 

  270.         if [ ! "$selection" ]; then

  271.            break

  272.         fi

  273. 

  274.         case $selection in

  275.             1) editor $PIHOLE_CUSTOM_ADLIST

  276.                update_pihole_interactive

  277.                ;;

  278.             2) editor $PIHOLE_BLACKLIST

  279.                update_pihole_interactive

  280.                ;;

  281.             3) editor $PIHOLE_WHITELIST

  282.                update_pihole_interactive

  283.                ;;

  284.             4) pihole_change_upstream_dns

  285.                update_pihole_interactive

  286.                ;;

  287.             5) pihole_pause

  288.                ;;

  289.             6) pihole_resume

  290.                ;;

  291.         esac

  292.     done

  293. }

  294. 

  295. function install_interactive_pihole {

  296.     APP_INSTALLED=1

  297. }

  298. 

  299. function reconfigure_pihole {

  300.     echo -n ''

  301. }

  302. 

  303. function upgrade_pihole {

  304.     CURR_PIHOLE_COMMIT=$(get_completion_param "pihole commit")

  305.     if [[ "$CURR_PIHOLE_COMMIT" == "$PIHOLE_COMMIT" ]]; then

  306.         return

  307.     fi

  308. 

  309.     function_check set_repo_commit

  310.     set_repo_commit "$INSTALL_DIR/pihole" "pihole commit" "$PIHOLE_COMMIT" $PIHOLE_REPO

  311. 

  312.     pihole_copy_files

  313.     pihole_update

  314. }

  315. 

  316. function backup_local_pihole {

  317.     function_check backup_directory_to_usb

  318.     backup_directory_to_usb $piholeDir pihole

  319. }

  320. 

  321. function restore_local_pihole {

  322.     function_check restore_directory_from_usb

  323.     restore_directory_from_usb / pihole

  324. }

  325. 

  326. function backup_remote_pihole {

  327.     function_check backup_directory_to_friend

  328.     backup_directory_to_friend $piholeDir pihole

  329. }

  330. 

  331. function restore_remote_pihole {

  332.     function_check restore_directory_from_friend

  333.     restore_directory_from_friend / pihole

  334. }

  335. 

  336. function remove_pihole {

  337.     apt-get -yq remove --purge dnsmasq

  338. 

  339.     if [ ! -d /var/www/pihole ]; then

  340.         rm -rf /var/www/pihole

  341.     fi

  342. 

  343.     if [ -f /usr/local/bin/gravity.sh ]; then

  344.         rm /usr/local/bin/gravity.sh

  345.     fi

  346. 

  347.     if [ -f /usr/local/bin/pihole ]; then

  348.         rm /usr/local/bin/pihole

  349.     fi

  350. 

  351.     if [ -d /opt/pihole ]; then

  352.         rm -rf /opt/pihole

  353.     fi

  354. 

  355.     if [ -d $piholeDir ]; then

  356.         rm -rf $piholeDir

  357.     fi

  358. 

  359.     if [ -d /etc/.pihole ]; then

  360.         rm -rf /etc/.pihole

  361.     fi

  362. 

  363.     if [ -f /var/log/pihole.log ]; then

  364.         rm /var/log/pihole.log

  365.     fi

  366. 

  367.     if [ -f /etc/cron.d/pihole ]; then

  368.         rm /etc/cron.d/pihole

  369.     fi

  370. 

  371.     if [ -d "$INSTALL_DIR/pihole" ]; then

  372.         rm -rf "$INSTALL_DIR/pihole"

  373.     fi

  374. 

  375.     firewall_remove 53

  376.     userdel -r pihole

  377. }

  378. 

  379. function install_pihole {

  380.     apt-get -yq install dnsmasq curl

  381.     adduser --disabled-login --gecos 'pi-hole' pihole

  382.     if [ ! -d /home/pihole ]; then

  383.         echo $"/home/pihole directory not created"

  384.         exit 538929

  385.     fi

  386. 

  387.     chmod 600 /etc/shadow

  388.     chmod 600 /etc/gshadow

  389.     usermod -a -G www-data pihole

  390.     chmod 0000 /etc/shadow

  391.     chmod 0000 /etc/gshadow

  392. 

  393.     systemctl enable dnsmasq

  394. 

  395.     if [ ! -d "$INSTALL_DIR" ]; then

  396.         mkdir -p "$INSTALL_DIR"

  397.     fi

  398. 

  399.     if [ ! -d "$INSTALL_DIR/pihole" ]; then

  400.         cd "$INSTALL_DIR" || exit 78245624527

  401. 

  402.         if [ -d /repos/pihole ]; then

  403.             mkdir pihole

  404.             cp -r -p /repos/pihole/. pihole

  405.             cd pihole || exit 24572424684

  406.             git pull

  407.         else

  408.             git_clone $PIHOLE_REPO pihole

  409.         fi

  410. 

  411.         if [ ! -d "$INSTALL_DIR/pihole" ]; then

  412.             exit 523925

  413.         fi

  414.         cd "$INSTALL_DIR/pihole" || exit 2682468242

  415.         git checkout "$PIHOLE_COMMIT" -b "$PIHOLE_COMMIT"

  416.         set_completion_param "pihole commit" "$PIHOLE_COMMIT"

  417.     fi

  418. 

  419.     if [ ! -d /var/www/pihole/htdocs ]; then

  420.         mkdir -p /var/www/pihole/htdocs

  421.     fi

  422. 

  423.     # blank file which takes the place of ads

  424.     { echo '<html>';

  425.       echo '<body>';

  426.       echo '</body>';

  427.       echo '</html>'; } > /var/www/pihole/htdocs/index.html

  428. 

  429.     if [ ! -f "$INSTALL_DIR/pihole/gravity.sh" ]; then

  430.         exit 26738

  431.     fi

  432.     cp "$INSTALL_DIR/pihole/gravity.sh" /usr/local/bin/gravity.sh

  433.     chmod 755 /usr/local/bin/gravity.sh

  434. 

  435.     if [ ! -f "$INSTALL_DIR/pihole/pihole" ]; then

  436.         exit 52935

  437.     fi

  438.     cp "$INSTALL_DIR/pihole/pihole" /usr/local/bin/pihole

  439.     chmod 755 /usr/local/bin/pihole

  440. 

  441.     if [ ! -d $piholeDir ]; then

  442.         mkdir $piholeDir

  443.     fi

  444.     if [ ! -d /opt/pihole ]; then

  445.         mkdir -p /opt/pihole

  446.     fi

  447. 

  448.     pihole_copy_files

  449. 

  450.     chown -R www-data:www-data /var/www/pihole/htdocs

  451. 

  452.     configure_firewall_for_pihole

  453. 

  454.     pihole_update

  455. 

  456.     APP_INSTALLED=1

  457. }

  458. 

  459. # NOTE: deliberately no exit 0