free
/
freedombone
关注 1
点赞 0
派生 0
代码 工单 0 合并请求 0 版本发布 0 百科 动态
8522 提交
5 分支
目录树: fa8f96bfdb
分支列表 标签列表
${ item.name }
创建分支 ${ searchTerm }
从 'fa8f96bfdb'
${ noResults }
freedombone/src/freedombone-app-pihole

freedombone-app-pihole 13KB
文件历史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464 
  1. #!/bin/bash

  2. #

  3. # .---.                  .              .

  4. # |                      |              |

  5. # |--- .--. .-.  .-.  .-.|  .-. .--.--. |.-.  .-. .--.  .-.

  6. # |    |   (.-' (.-' (   | (   )|  |  | |   )(   )|  | (.-'

  7. # '    '     --'  --'  -' -  -' '  '   -' -'   -' '   -  --'

  8. #

  9. #                    Freedom in the Cloud

  10. #

  11. # pi-hole ad blocker

  12. #

  13. # Adapted from instructions at:

  14. #  http://jacobsalmela.com/block-millions-ads-network-wide-with-a-raspberry-pi-hole-2-0/#manualsetup

  15. #

  16. # License

  17. # =======

  18. #

  19. # Copyright (C) 2016-2018 Bob Mottram <bob@freedombone.net>

  20. #

  21. # This program is free software: you can redistribute it and/or modify

  22. # it under the terms of the GNU Affero General Public License as published by

  23. # the Free Software Foundation, either version 3 of the License, or

  24. # (at your option) any later version.

  25. #

  26. # This program is distributed in the hope that it will be useful,

  27. # but WITHOUT ANY WARRANTY; without even the implied warranty of

  28. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  29. # GNU Affero General Public License for more details.

  30. #

  31. # You should have received a copy of the GNU Affero General Public License

  32. # along with this program.  If not, see <http://www.gnu.org/licenses/>.

  33. 

  34. VARIANTS='full full-vim adblocker'

  35. 

  36. IN_DEFAULT_INSTALL=0

  37. SHOW_ON_ABOUT=0

  38. 

  39. PIHOLE_IFACE=eth0

  40. PIHOLE_DNS1='85.214.73.63'

  41. PIHOLE_DNS2='213.73.91.35'

  42. 

  43. piholeBasename=pihole

  44. piholeDir=/etc/$piholeBasename

  45. PIHOLE_CUSTOM_ADLIST=$piholeDir/adlists.list

  46. PIHOLE_BLACKLIST=$piholeDir/blacklist.txt

  47. PIHOLE_WHITELIST=$piholeDir/whitelist.txt

  48. 

  49. PIHOLE_REPO="https://github.com/pi-hole/pi-hole"

  50. PIHOLE_COMMIT='e602008459128c233899b1e9d70cca0f38f41670'

  51. 

  52. pihole_variables=(ONION_ONLY

  53.                   PIHOLE_IFACE

  54.                   PIHOLE_DNS1

  55.                   PIHOLE_DNS2)

  56. 

  57. function logging_on_pihole {

  58.     echo -n ''

  59. }

  60. 

  61. function logging_off_pihole {

  62.     echo -n ''

  63. }

  64. 

  65. function pihole_copy_files {

  66.     if [ ! -d /etc/.pihole ]; then

  67.         mkdir /etc/.pihole

  68.     fi

  69.     cp "$INSTALL_DIR/pihole/adlists.default" /etc/.pihole/adlists.default

  70.     cp "$INSTALL_DIR/pihole/adlists.default" $piholeDir/adlists.default

  71.     if [ ! -f $PIHOLE_CUSTOM_ADLIST ]; then

  72.         cp "$INSTALL_DIR/pihole/adlists.default" $PIHOLE_CUSTOM_ADLIST

  73.     fi

  74.     cp "$INSTALL_DIR/pihole/advanced/Scripts/*" /opt/$piholeBasename

  75.     if [ -f /etc/dnsmasq.d/01-pihole.conf ]; then

  76.         rm /etc/dnsmasq.d/01-pihole.conf

  77.     fi

  78.     cp "$INSTALL_DIR/pihole/advanced/pihole.cron" /etc/cron.d/pihole

  79.     cp "$INSTALL_DIR/pihole/gravity.sh" /opt/$piholeBasename

  80.     chmod +x /opt/pihole/*.sh

  81. }

  82. 

  83. function pihole_change_ipv4 {

  84.     new_ipv4="$1"

  85.     if [ -f /usr/local/bin/pihole ]; then

  86.         setupVars=$piholeDir/setupVars.conf

  87.         if [ -f $setupVars ]; then

  88.             sed -i "s|IPv4_address=.*|IPv4_address=${new_ipv4}|g" $setupVars

  89.         fi

  90.     fi

  91. }

  92. 

  93. function pihole_update {

  94.     if [ ! -f /usr/local/bin/gravity.sh ]; then

  95.         return

  96.     fi

  97. 

  98.     if [ ! -f "$HOME/${PROJECT_NAME}-wifi.cfg" ]; then

  99.         PIHOLE_IFACE=eth0

  100.     else

  101.         read_config_param WIFI_INTERFACE

  102.         PIHOLE_IFACE=$WIFI_INTERFACE

  103.     fi

  104. 

  105.     IPv4_address="$(get_ipv4_address)"

  106.     IPv6_address="$(get_ipv6_address)"

  107. 

  108.     setupVars=$piholeDir/setupVars.conf

  109.     echo "piholeInterface=${PIHOLE_IFACE}" > ${setupVars}

  110.     echo "IPV4_ADDRESS=${IPv4_address}" >> ${setupVars}

  111.     if [ ${#IPv6_address} -gt 0 ]; then

  112.         echo "IPV6_ADDRESS=${IPv6_address}" >> ${setupVars}

  113.     fi

  114.     echo "piholeDNS1=${PIHOLE_DNS1}" >> ${setupVars}

  115.     echo "piholeDNS2=${PIHOLE_DNS1}" >> ${setupVars}

  116. 

  117.     { echo 'domain-needed';

  118.       echo 'bogus-priv';

  119.       echo 'no-resolv';

  120.       echo "server=${PIHOLE_DNS1}";

  121.       echo "server=${PIHOLE_DNS2}";

  122.       echo "interface=${PIHOLE_IFACE}";

  123.       echo 'listen-address=127.0.0.1'; } > /etc/dnsmasq.conf

  124. 

  125.     pihole -g

  126.     systemctl restart dnsmasq

  127. 

  128.     # avoid having the tripwire report pihole updates

  129.     if ! grep -q '!/etc/pihole' /etc/tripwire/twpol.txt; then

  130.         sed -i '\|/etc\t\t->.*|a\    !/etc/pihole ;' /etc/tripwire/twpol.txt

  131.     fi

  132. }

  133. 

  134. function pihole_change_upstream_dns {

  135.     data=$(mktemp 2>/dev/null)

  136.     dialog --backtitle $"Ad Blocker Upstream DNS" \

  137.            --radiolist $"Pick a domain name service (DNS):" 28 50 19 \

  138.            1 $"Digital Courage" on \

  139.            2 $"German Privacy Foundation 1" off \

  140.            3 $"German Privacy Foundation 2" off \

  141.            4 $"Chaos Computer Club" off \

  142.            5 $"ClaraNet" off \

  143.            6 $"OpenNIC 1" off \

  144.            7 $"OpenNIC 2" off \

  145.            8 $"OpenNIC 3" off \

  146.            9 $"OpenNIC 4" off \

  147.            10 $"OpenNIC 5" off \

  148.            11 $"OpenNIC 6" off \

  149.            12 $"OpenNIC 7" off \

  150.            13 $"PowerNS" off \

  151.            14 $"ValiDOM" off \

  152.            15 $"Freie Unzensierte" off \

  153.            16 $"DNS.Watch" off \

  154.            17 $"uncensoreddns.org" off \

  155.            18 $"Lorraine Data Network" off \

  156.            19 $"Google" off 2> "$data"

  157.     sel=$?

  158.     case $sel in

  159.         1) rm -f "$data"

  160.            exit 1;;

  161.         255) rm -f "$data"

  162.              exit 1;;

  163.     esac

  164.     case $(cat "$data") in

  165.         1) PIHOLE_DNS1='85.214.73.63'

  166.            PIHOLE_DNS2='213.73.91.35'

  167.            ;;

  168.         2) PIHOLE_DNS1='87.118.100.175'

  169.            PIHOLE_DNS2='94.75.228.29'

  170.            ;;

  171.         3) PIHOLE_DNS1='85.25.251.254'

  172.            PIHOLE_DNS2='2.141.58.13'

  173.            ;;

  174.         4) PIHOLE_DNS1='213.73.91.35'

  175.            PIHOLE_DNS2='85.214.73.63'

  176.            ;;

  177.         5) PIHOLE_DNS1='212.82.225.7'

  178.            PIHOLE_DNS2='212.82.226.212'

  179.            ;;

  180.         6) PIHOLE_DNS1='58.6.115.42'

  181.            PIHOLE_DNS2='58.6.115.43'

  182.            ;;

  183.         7) PIHOLE_DNS1='119.31.230.42'

  184.            PIHOLE_DNS2='200.252.98.162'

  185.            ;;

  186.         8) PIHOLE_DNS1='217.79.186.148'

  187.            PIHOLE_DNS2='81.89.98.6'

  188.            ;;

  189.         9) PIHOLE_DNS1='78.159.101.37'

  190.            PIHOLE_DNS2='203.167.220.153'

  191.            ;;

  192.         10) PIHOLE_DNS1='82.229.244.191'

  193.             PIHOLE_DNS2='82.229.244.191'

  194.             ;;

  195.         11) PIHOLE_DNS1='216.87.84.211'

  196.             PIHOLE_DNS2='66.244.95.20'

  197.             ;;

  198.         12) PIHOLE_DNS1='207.192.69.155'

  199.             PIHOLE_DNS2='72.14.189.120'

  200.             ;;

  201.         13) PIHOLE_DNS1='194.145.226.26'

  202.             PIHOLE_DNS2='77.220.232.44'

  203.             ;;

  204.         14) PIHOLE_DNS1='78.46.89.147'

  205.             PIHOLE_DNS2='88.198.75.145'

  206.             ;;

  207.         15) PIHOLE_DNS1='85.25.149.144'

  208.             PIHOLE_DNS2='87.106.37.196'

  209.             ;;

  210.         16) PIHOLE_DNS1='84.200.69.80'

  211.             PIHOLE_DNS2='84.200.70.40'

  212.             ;;

  213.         17) PIHOLE_DNS1='91.239.100.100'

  214.             PIHOLE_DNS2='89.233.43.71'

  215.             ;;

  216.         18) PIHOLE_DNS1='80.67.188.188'

  217.             PIHOLE_DNS2='89.234.141.66'

  218.             ;;

  219.         19) PIHOLE_DNS1='8.8.8.8'

  220.             PIHOLE_DNS2='4.4.4.4'

  221.             dialog --title $"WARNING" \

  222.                    --msgbox $"\\nGoogle's main purpose for providing DNS resolvers is to spy upon people and know which sites they are visiting.\\n\\nThis is something to consider, and you should only really be using Google DNS as a last resort if other resolvers are unavailable." 12 60

  223.             ;;

  224.         255) rm -f "$data"

  225.              exit 1;;

  226.     esac

  227.     rm -f "$data"

  228.     write_config_param "PIHOLE_DNS1" "$PIHOLE_DNS1"

  229.     write_config_param "PIHOLE_DNS2" "$PIHOLE_DNS2"

  230. }

  231. 

  232. function update_pihole_interactive {

  233.     clear

  234.     echo $'Updating Ad Blocker Lists'

  235.     echo ''

  236.     pihole_update

  237. }

  238. 

  239. function configure_firewall_for_pihole {

  240.     firewall_add DNS 53

  241. }

  242. 

  243. function pihole_pause {

  244.     pihole disable

  245.     dialog --title $"Pause Ad Blocker" \

  246.            --msgbox $"Ad blocking is paused" 6 60

  247. }

  248. 

  249. function pihole_resume {

  250.     pihole enable

  251.     dialog --title $"Resume Ad Blocker" \

  252.            --msgbox $"Ad blocking has resumed" 6 60

  253. }

  254. 

  255. function configure_interactive_pihole {

  256.     while true

  257.     do

  258.         data=$(mktemp 2>/dev/null)

  259.         dialog --backtitle $"Freedombone Control Panel" \

  260.                --title $"Ad Blocker" \

  261.                --radiolist $"Choose an operation:" 16 70 7 \

  262.                1 $"Edit ads list" off \

  263.                2 $"Edit blacklisted domain names" off \

  264.                3 $"Edit whitelisted domain names" off \

  265.                4 $"Change upstream DNS servers" off \

  266.                5 $"Pause blocker" off \

  267.                6 $"Resume blocker" off \

  268.                7 $"Exit" on 2> "$data"

  269.         sel=$?

  270.         case $sel in

  271.             1) rm -f "$data"

  272.                exit 1;;

  273.             255) rm -f "$data"

  274.                  exit 1;;

  275.         esac

  276.         case $(cat "$data") in

  277.             1) editor $PIHOLE_CUSTOM_ADLIST

  278.                update_pihole_interactive

  279.                ;;

  280.             2) editor $PIHOLE_BLACKLIST

  281.                update_pihole_interactive

  282.                ;;

  283.             3) editor $PIHOLE_WHITELIST

  284.                update_pihole_interactive

  285.                ;;

  286.             4) pihole_change_upstream_dns

  287.                update_pihole_interactive

  288.                ;;

  289.             5) pihole_pause

  290.                ;;

  291.             6) pihole_resume

  292.                ;;

  293.             7) rm -f "$data"

  294.                break;;

  295.         esac

  296.         rm -f "$data"

  297.     done

  298. }

  299. 

  300. function install_interactive_pihole {

  301.     APP_INSTALLED=1

  302. }

  303. 

  304. function reconfigure_pihole {

  305.     echo -n ''

  306. }

  307. 

  308. function upgrade_pihole {

  309.     CURR_PIHOLE_COMMIT=$(get_completion_param "pihole commit")

  310.     if [[ "$CURR_PIHOLE_COMMIT" == "$PIHOLE_COMMIT" ]]; then

  311.         return

  312.     fi

  313. 

  314.     function_check set_repo_commit

  315.     set_repo_commit "$INSTALL_DIR/pihole" "pihole commit" "$PIHOLE_COMMIT" $PIHOLE_REPO

  316. 

  317.     pihole_copy_files

  318.     pihole_update

  319. }

  320. 

  321. function backup_local_pihole {

  322.     function_check backup_directory_to_usb

  323.     backup_directory_to_usb $piholeDir pihole

  324. }

  325. 

  326. function restore_local_pihole {

  327.     function_check restore_directory_from_usb

  328.     restore_directory_from_usb / pihole

  329. }

  330. 

  331. function backup_remote_pihole {

  332.     function_check backup_directory_to_friend

  333.     backup_directory_to_friend $piholeDir pihole

  334. }

  335. 

  336. function restore_remote_pihole {

  337.     function_check restore_directory_from_friend

  338.     restore_directory_from_friend / pihole

  339. }

  340. 

  341. function remove_pihole {

  342.     apt-get -yq remove --purge dnsmasq

  343. 

  344.     if [ ! -d /var/www/pihole ]; then

  345.         rm -rf /var/www/pihole

  346.     fi

  347. 

  348.     if [ -f /usr/local/bin/gravity.sh ]; then

  349.         rm /usr/local/bin/gravity.sh

  350.     fi

  351. 

  352.     if [ -f /usr/local/bin/pihole ]; then

  353.         rm /usr/local/bin/pihole

  354.     fi

  355. 

  356.     if [ -d /opt/pihole ]; then

  357.         rm -rf /opt/pihole

  358.     fi

  359. 

  360.     if [ -d $piholeDir ]; then

  361.         rm -rf $piholeDir

  362.     fi

  363. 

  364.     if [ -d /etc/.pihole ]; then

  365.         rm -rf /etc/.pihole

  366.     fi

  367. 

  368.     if [ -f /var/log/pihole.log ]; then

  369.         rm /var/log/pihole.log

  370.     fi

  371. 

  372.     if [ -f /etc/cron.d/pihole ]; then

  373.         rm /etc/cron.d/pihole

  374.     fi

  375. 

  376.     if [ -d "$INSTALL_DIR/pihole" ]; then

  377.         rm -rf "$INSTALL_DIR/pihole"

  378.     fi

  379. 

  380.     firewall_remove 53

  381.     userdel -r pihole

  382. }

  383. 

  384. function install_pihole {

  385.     apt-get -yq install dnsmasq curl

  386.     adduser --disabled-login --gecos 'pi-hole' pihole

  387.     if [ ! -d /home/pihole ]; then

  388.         echo $"/home/pihole directory not created"

  389.         exit 538929

  390.     fi

  391. 

  392.     chmod 600 /etc/shadow

  393.     chmod 600 /etc/gshadow

  394.     usermod -a -G www-data pihole

  395.     chmod 0000 /etc/shadow

  396.     chmod 0000 /etc/gshadow

  397. 

  398.     systemctl enable dnsmasq

  399. 

  400.     if [ ! -d "$INSTALL_DIR" ]; then

  401.         mkdir -p "$INSTALL_DIR"

  402.     fi

  403. 

  404.     if [ ! -d "$INSTALL_DIR/pihole" ]; then

  405.         cd "$INSTALL_DIR" || exit 78245624527

  406. 

  407.         if [ -d /repos/pihole ]; then

  408.             mkdir pihole

  409.             cp -r -p /repos/pihole/. pihole

  410.             cd pihole || exit 24572424684

  411.             git pull

  412.         else

  413.             git_clone $PIHOLE_REPO pihole

  414.         fi

  415. 

  416.         if [ ! -d "$INSTALL_DIR/pihole" ]; then

  417.             exit 523925

  418.         fi

  419.         cd "$INSTALL_DIR/pihole" || exit 2682468242

  420.         git checkout "$PIHOLE_COMMIT" -b "$PIHOLE_COMMIT"

  421.         set_completion_param "pihole commit" "$PIHOLE_COMMIT"

  422.     fi

  423. 

  424.     if [ ! -d /var/www/pihole/htdocs ]; then

  425.         mkdir -p /var/www/pihole/htdocs

  426.     fi

  427. 

  428.     # blank file which takes the place of ads

  429.     { echo '<html>';

  430.       echo '<body>';

  431.       echo '</body>';

  432.       echo '</html>'; } > /var/www/pihole/htdocs/index.html

  433. 

  434.     if [ ! -f "$INSTALL_DIR/pihole/gravity.sh" ]; then

  435.         exit 26738

  436.     fi

  437.     cp "$INSTALL_DIR/pihole/gravity.sh" /usr/local/bin/gravity.sh

  438.     chmod 755 /usr/local/bin/gravity.sh

  439. 

  440.     if [ ! -f "$INSTALL_DIR/pihole/pihole" ]; then

  441.         exit 52935

  442.     fi

  443.     cp "$INSTALL_DIR/pihole/pihole" /usr/local/bin/pihole

  444.     chmod 755 /usr/local/bin/pihole

  445. 

  446.     if [ ! -d $piholeDir ]; then

  447.         mkdir $piholeDir

  448.     fi

  449.     if [ ! -d /opt/pihole ]; then

  450.         mkdir -p /opt/pihole

  451.     fi

  452. 

  453.     pihole_copy_files

  454. 

  455.     chown -R www-data:www-data /var/www/pihole/htdocs

  456. 

  457.     configure_firewall_for_pihole

  458. 

  459.     pihole_update

  460. 

  461.     APP_INSTALLED=1

  462. }

  463. 

  464. # NOTE: deliberately no exit 0