diff --git a/Dockerfile b/Dockerfile index f80a97f..5a2b23d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,12 +4,12 @@ FROM "${PIHOLE_BASE:-ghcr.io/pi-hole/docker-pi-hole-base:bullseye-slim}" ARG PIHOLE_DOCKER_TAG ENV PIHOLE_DOCKER_TAG "${PIHOLE_DOCKER_TAG}" -ENV S6_OVERLAY_VERSION v2.1.0.2 +ENV S6_OVERLAY_VERSION v3.1.1.2 -COPY install.sh /usr/local/bin/install.sh +COPY ./scripts/install.sh /usr/local/bin/install.sh ENV PIHOLE_INSTALL /etc/.pihole/automated\ install/basic-install.sh -ENTRYPOINT [ "/s6-init" ] +ENTRYPOINT [ "/init" ] COPY s6/debian-root / COPY s6/service /usr/local/bin/service @@ -22,8 +22,9 @@ ARG PHP_ENV_CONFIG ENV PHP_ENV_CONFIG /etc/lighttpd/conf-enabled/15-fastcgi-php.conf ARG PHP_ERROR_LOG ENV PHP_ERROR_LOG /var/log/lighttpd/error-pihole.log -COPY ./start.sh / -COPY ./bash_functions.sh / +COPY ./scripts/start.sh / +COPY ./scripts/bash_functions.sh / +COPY ./scripts/gravityonboot.sh / # IPv6 disable flag for networks/devices that do not support it ENV IPv6 True diff --git a/s6/debian-root/etc/cont-init.d/05-changer-uid-gid.sh b/s6/debian-root/etc/cont-init.d/05-changer-uid-gid.sh old mode 100644 new mode 100755 index 1bc2106..84ad3d8 --- a/s6/debian-root/etc/cont-init.d/05-changer-uid-gid.sh +++ b/s6/debian-root/etc/cont-init.d/05-changer-uid-gid.sh @@ -1,4 +1,4 @@ -#!/usr/bin/with-contenv bash +#!/command/with-contenv bash set -e if [ "${PH_VERBOSE:-0}" -gt 0 ] ; then @@ -14,7 +14,7 @@ modifyUser() [[ ${currentId} -eq ${newId} ]] && return echo "Changing ID for user: ${username} (${currentId} => ${newId})" - usermod -o -u ${newId} ${username} + usermod -o -u ${newId} ${username} } modifyGroup() diff --git a/s6/debian-root/etc/cont-init.d/20-start.sh b/s6/debian-root/etc/cont-init.d/20-start.sh deleted file mode 100644 index 06c137d..0000000 --- a/s6/debian-root/etc/cont-init.d/20-start.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/usr/bin/with-contenv bash -set -e - -bashCmd='bash -e' -if [ "${PH_VERBOSE:-0}" -gt 0 ] ; then - set -x ; - bashCmd='bash -e -x' -fi - -$bashCmd /start.sh \ No newline at end of file diff --git a/s6/debian-root/etc/fix-attrs.d/01-resolver-resolv b/s6/debian-root/etc/fix-attrs.d/01-resolver-resolv old mode 100644 new mode 100755 diff --git a/s6/debian-root/etc/s6-overlay/s6-rc.d/1-gravityonboot/dependencies b/s6/debian-root/etc/s6-overlay/s6-rc.d/1-gravityonboot/dependencies new file mode 100755 index 0000000..c282670 --- /dev/null +++ b/s6/debian-root/etc/s6-overlay/s6-rc.d/1-gravityonboot/dependencies @@ -0,0 +1 @@ +pihole-FTL \ No newline at end of file diff --git a/s6/debian-root/etc/s6-overlay/s6-rc.d/1-gravityonboot/type b/s6/debian-root/etc/s6-overlay/s6-rc.d/1-gravityonboot/type new file mode 100755 index 0000000..3d92b15 --- /dev/null +++ b/s6/debian-root/etc/s6-overlay/s6-rc.d/1-gravityonboot/type @@ -0,0 +1 @@ +oneshot \ No newline at end of file diff --git a/s6/debian-root/etc/s6-overlay/s6-rc.d/1-gravityonboot/up b/s6/debian-root/etc/s6-overlay/s6-rc.d/1-gravityonboot/up new file mode 100755 index 0000000..1a88195 --- /dev/null +++ b/s6/debian-root/etc/s6-overlay/s6-rc.d/1-gravityonboot/up @@ -0,0 +1 @@ +bash /gravityonboot.sh \ No newline at end of file diff --git a/s6/debian-root/etc/s6-overlay/s6-rc.d/1-startup/type b/s6/debian-root/etc/s6-overlay/s6-rc.d/1-startup/type new file mode 100755 index 0000000..3d92b15 --- /dev/null +++ b/s6/debian-root/etc/s6-overlay/s6-rc.d/1-startup/type @@ -0,0 +1 @@ +oneshot \ No newline at end of file diff --git a/s6/debian-root/etc/s6-overlay/s6-rc.d/1-startup/up b/s6/debian-root/etc/s6-overlay/s6-rc.d/1-startup/up new file mode 100755 index 0000000..28ba549 --- /dev/null +++ b/s6/debian-root/etc/s6-overlay/s6-rc.d/1-startup/up @@ -0,0 +1,2 @@ +#!/usr/bin/execlineb +foreground { bash -e /start.sh } \ No newline at end of file diff --git a/s6/debian-root/etc/services.d/cron/finish b/s6/debian-root/etc/s6-overlay/s6-rc.d/cron/finish old mode 100644 new mode 100755 similarity index 58% rename from s6/debian-root/etc/services.d/cron/finish rename to s6/debian-root/etc/s6-overlay/s6-rc.d/cron/finish index 7d31867..14c0c72 --- a/s6/debian-root/etc/services.d/cron/finish +++ b/s6/debian-root/etc/s6-overlay/s6-rc.d/cron/finish @@ -1,4 +1,4 @@ -#!/usr/bin/with-contenv bash +#!/command/with-contenv bash s6-echo "Stopping cron" killall -9 cron diff --git a/s6/debian-root/etc/services.d/cron/run b/s6/debian-root/etc/s6-overlay/s6-rc.d/cron/run old mode 100644 new mode 100755 similarity index 69% rename from s6/debian-root/etc/services.d/cron/run rename to s6/debian-root/etc/s6-overlay/s6-rc.d/cron/run index df902ed..e9f582c --- a/s6/debian-root/etc/services.d/cron/run +++ b/s6/debian-root/etc/s6-overlay/s6-rc.d/cron/run @@ -1,4 +1,4 @@ -#!/usr/bin/with-contenv bash +#!/command/with-contenv bash s6-echo "Starting crond" exec -c diff --git a/s6/debian-root/etc/s6-overlay/s6-rc.d/cron/type b/s6/debian-root/etc/s6-overlay/s6-rc.d/cron/type new file mode 100755 index 0000000..1780f9f --- /dev/null +++ b/s6/debian-root/etc/s6-overlay/s6-rc.d/cron/type @@ -0,0 +1 @@ +longrun \ No newline at end of file diff --git a/s6/debian-root/etc/services.d/lighttpd-access-log/down b/s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd-access-log/down old mode 100644 new mode 100755 similarity index 100% rename from s6/debian-root/etc/services.d/lighttpd-access-log/down rename to s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd-access-log/down diff --git a/s6/debian-root/etc/services.d/lighttpd-access-log/finish b/s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd-access-log/finish old mode 100644 new mode 100755 similarity index 87% rename from s6/debian-root/etc/services.d/lighttpd-access-log/finish rename to s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd-access-log/finish index 5802d5b..d3da477 --- a/s6/debian-root/etc/services.d/lighttpd-access-log/finish +++ b/s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd-access-log/finish @@ -1,4 +1,4 @@ -#!/usr/bin/with-contenv bash +#!/command/with-contenv bash s6-echo "Stopping lighttpd-access-log" pid=$(ps -C cat -o pid=,args= |grep -oP "([0-9]+).+access\.log" |cut -f1 -d" ") diff --git a/s6/debian-root/etc/services.d/lighttpd-access-log/run b/s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd-access-log/run old mode 100644 new mode 100755 similarity index 78% rename from s6/debian-root/etc/services.d/lighttpd-access-log/run rename to s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd-access-log/run index 61d7cbb..c1d379e --- a/s6/debian-root/etc/services.d/lighttpd-access-log/run +++ b/s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd-access-log/run @@ -1,4 +1,4 @@ -#!/usr/bin/with-contenv bash +#!/command/with-contenv bash s6-echo "Starting lighttpd-access-log" diff --git a/s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd-access-log/type b/s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd-access-log/type new file mode 100755 index 0000000..1780f9f --- /dev/null +++ b/s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd-access-log/type @@ -0,0 +1 @@ +longrun \ No newline at end of file diff --git a/s6/debian-root/etc/services.d/lighttpd-error-log/down b/s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd-error-log/down old mode 100644 new mode 100755 similarity index 100% rename from s6/debian-root/etc/services.d/lighttpd-error-log/down rename to s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd-error-log/down diff --git a/s6/debian-root/etc/services.d/lighttpd-error-log/finish b/s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd-error-log/finish old mode 100644 new mode 100755 similarity index 87% rename from s6/debian-root/etc/services.d/lighttpd-error-log/finish rename to s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd-error-log/finish index 8fbad41..fe649a2 --- a/s6/debian-root/etc/services.d/lighttpd-error-log/finish +++ b/s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd-error-log/finish @@ -1,4 +1,4 @@ -#!/usr/bin/with-contenv bash +#!/command/with-contenv bash s6-echo "Stopping lighttpd-error-log" pid=$(ps -C cat -o pid=,args= |grep -oP "([0-9]+).+error\.log" |cut -f1 -d" ") diff --git a/s6/debian-root/etc/services.d/lighttpd-error-log/run b/s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd-error-log/run old mode 100644 new mode 100755 similarity index 78% rename from s6/debian-root/etc/services.d/lighttpd-error-log/run rename to s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd-error-log/run index 45e666a..59fe79b --- a/s6/debian-root/etc/services.d/lighttpd-error-log/run +++ b/s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd-error-log/run @@ -1,4 +1,4 @@ -#!/usr/bin/with-contenv bash +#!/command/with-contenv bash s6-echo "Starting lighttpd-error-log" diff --git a/s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd-error-log/type b/s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd-error-log/type new file mode 100755 index 0000000..1780f9f --- /dev/null +++ b/s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd-error-log/type @@ -0,0 +1 @@ +longrun \ No newline at end of file diff --git a/s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd/dependencies b/s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd/dependencies new file mode 100644 index 0000000..c282670 --- /dev/null +++ b/s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd/dependencies @@ -0,0 +1 @@ +pihole-FTL \ No newline at end of file diff --git a/s6/debian-root/etc/services.d/lighttpd/finish b/s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd/finish old mode 100644 new mode 100755 similarity index 79% rename from s6/debian-root/etc/services.d/lighttpd/finish rename to s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd/finish index b4dbfa4..0f6e5e3 --- a/s6/debian-root/etc/services.d/lighttpd/finish +++ b/s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd/finish @@ -1,4 +1,4 @@ -#!/usr/bin/with-contenv bash +#!/command/with-contenv bash s6-echo "Stopping lighttpd" service lighttpd-access-log stop diff --git a/s6/debian-root/etc/services.d/lighttpd/run b/s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd/run old mode 100644 new mode 100755 similarity index 97% rename from s6/debian-root/etc/services.d/lighttpd/run rename to s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd/run index 8a314fb..a0deb15 --- a/s6/debian-root/etc/services.d/lighttpd/run +++ b/s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd/run @@ -1,4 +1,4 @@ -#!/usr/bin/with-contenv bash +#!/command/with-contenv bash s6-echo "Starting lighttpd" diff --git a/s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd/type b/s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd/type new file mode 100755 index 0000000..1780f9f --- /dev/null +++ b/s6/debian-root/etc/s6-overlay/s6-rc.d/lighttpd/type @@ -0,0 +1 @@ +longrun \ No newline at end of file diff --git a/s6/debian-root/etc/s6-overlay/s6-rc.d/pihole-FTL/dependencies b/s6/debian-root/etc/s6-overlay/s6-rc.d/pihole-FTL/dependencies new file mode 100644 index 0000000..c81115b --- /dev/null +++ b/s6/debian-root/etc/s6-overlay/s6-rc.d/pihole-FTL/dependencies @@ -0,0 +1 @@ +1-startup \ No newline at end of file diff --git a/s6/debian-root/etc/services.d/pihole-FTL/finish b/s6/debian-root/etc/s6-overlay/s6-rc.d/pihole-FTL/finish old mode 100644 new mode 100755 similarity index 65% rename from s6/debian-root/etc/services.d/pihole-FTL/finish rename to s6/debian-root/etc/s6-overlay/s6-rc.d/pihole-FTL/finish index 4ed219a..57265c1 --- a/s6/debian-root/etc/services.d/pihole-FTL/finish +++ b/s6/debian-root/etc/s6-overlay/s6-rc.d/pihole-FTL/finish @@ -1,4 +1,4 @@ -#!/usr/bin/with-contenv bash +#!/command/with-contenv bash s6-echo "Stopping pihole-FTL" killall -15 pihole-FTL diff --git a/s6/debian-root/etc/services.d/pihole-FTL/run b/s6/debian-root/etc/s6-overlay/s6-rc.d/pihole-FTL/run old mode 100644 new mode 100755 similarity index 56% rename from s6/debian-root/etc/services.d/pihole-FTL/run rename to s6/debian-root/etc/s6-overlay/s6-rc.d/pihole-FTL/run index ababe8d..aac13d3 --- a/s6/debian-root/etc/services.d/pihole-FTL/run +++ b/s6/debian-root/etc/s6-overlay/s6-rc.d/pihole-FTL/run @@ -1,4 +1,37 @@ -#!/usr/bin/with-contenv bash +#!/command/with-contenv bash + +# Testing on Docker 20.10.14 with no caps set shows the following caps available to the container: +# Current: cap_chown,cap_dac_override,cap_fowner,cap_fsetid,cap_kill,cap_setgid,cap_setuid,cap_setpcap,cap_net_bind_service,cap_net_raw,cap_sys_chroot,cap_mknod,cap_audit_write,cap_setfcap=ep +# FTL can also use CAP_NET_ADMIN and CAP_SYS_NICE. If we try to set them when they haven't been explicitly enabled, FTL will not start. Test for them first: + +/sbin/capsh --has-p=cap_chown 2>/dev/null && CAP_STR+=',CAP_CHOWN' +/sbin/capsh --has-p=cap_net_bind_service 2>/dev/null && CAP_STR+=',CAP_NET_BIND_SERVICE' +/sbin/capsh --has-p=cap_net_raw 2>/dev/null && CAP_STR+=',CAP_NET_RAW' +/sbin/capsh --has-p=cap_net_admin 2>/dev/null && CAP_STR+=',CAP_NET_ADMIN' || DHCP_READY='false' +/sbin/capsh --has-p=cap_sys_nice 2>/dev/null && CAP_STR+=',CAP_SYS_NICE' + +if [[ ${CAP_STR} ]]; then + # We have the (some of) the above caps available to us - apply them to pihole-FTL + setcap ${CAP_STR:1}+ep "$(which pihole-FTL)" || ret=$? + + if [[ $DHCP_READY == false ]] && [[ $DHCP_ACTIVE == true ]]; then + # DHCP is requested but NET_ADMIN is not available. + echo "ERROR: DHCP requested but NET_ADMIN is not available. DHCP will not be started." + echo " Please add cap_net_admin to the container's capabilities or disable DHCP." + DHCP_ACTIVE='false' + change_setting "DHCP_ACTIVE" "false" + fi + + if [[ $ret -ne 0 && "${DNSMASQ_USER:-pihole}" != "root" ]]; then + echo "ERROR: Unable to set capabilities for pihole-FTL. Cannot run as non-root." + echo " If you are seeing this error, please set the environment variable 'DNSMASQ_USER' to the value 'root'" + exit 1 + fi +else + echo "WARNING: Unable to set capabilities for pihole-FTL." + echo " Please ensure that the container has the required capabilities." + exit 1 +fi s6-echo "Starting pihole-FTL ($FTL_CMD) as ${DNSMASQ_USER}" # Remove possible leftovers from previous pihole-FTL processes @@ -37,7 +70,7 @@ if [ ! -f /var/log/pihole-FTL.log ]; then fi # Call capsh with the detected capabilities -capsh --inh=${CAP_STR:1} --addamb=${CAP_STR:1} --user=$DNSMASQ_USER --keep=1 -- -c "/usr/bin/pihole-FTL $FTL_CMD >/dev/null 2>&1" +capsh --inh=${CAP_STR:1} --addamb=${CAP_STR:1} --user=$DNSMASQ_USER --keep=1 -- -c "/usr/bin/pihole-FTL $FTL_CMD >/dev/null 2>&1" # Notes on above: # - DNSMASQ_USER default of pihole is in Dockerfile & can be overwritten by runtime container env diff --git a/s6/debian-root/etc/s6-overlay/s6-rc.d/pihole-FTL/type b/s6/debian-root/etc/s6-overlay/s6-rc.d/pihole-FTL/type new file mode 100755 index 0000000..1780f9f --- /dev/null +++ b/s6/debian-root/etc/s6-overlay/s6-rc.d/pihole-FTL/type @@ -0,0 +1 @@ +longrun \ No newline at end of file diff --git a/s6/debian-root/etc/s6-overlay/s6-rc.d/user/contents.d/1-gravityonboot b/s6/debian-root/etc/s6-overlay/s6-rc.d/user/contents.d/1-gravityonboot new file mode 100644 index 0000000..e69de29 diff --git a/s6/debian-root/etc/s6-overlay/s6-rc.d/user/contents.d/1-startup b/s6/debian-root/etc/s6-overlay/s6-rc.d/user/contents.d/1-startup new file mode 100644 index 0000000..e69de29 diff --git a/s6/debian-root/etc/s6-overlay/s6-rc.d/user/contents.d/cron b/s6/debian-root/etc/s6-overlay/s6-rc.d/user/contents.d/cron new file mode 100644 index 0000000..e69de29 diff --git a/s6/debian-root/etc/s6-overlay/s6-rc.d/user/contents.d/lighttpd b/s6/debian-root/etc/s6-overlay/s6-rc.d/user/contents.d/lighttpd new file mode 100644 index 0000000..e69de29 diff --git a/s6/debian-root/etc/s6-overlay/s6-rc.d/user/contents.d/pihole-FTL b/s6/debian-root/etc/s6-overlay/s6-rc.d/user/contents.d/pihole-FTL new file mode 100644 index 0000000..e69de29 diff --git a/s6/service b/s6/service index 730c405..3db7c74 100755 --- a/s6/service +++ b/s6/service @@ -7,14 +7,16 @@ start() { } stop() { - s6-svc -wD -d -T2500 /var/run/s6/services/$service + #s6-svc -wD -d -T2500 /var/run/s6/services/$service + # /command/s6-svc -wD -d -T2500 /run/service/$service + /command/s6-rc -d change $service } restart() { local pid # Get the PID(s) of the service we are asking to restart - mapfile -t pids < <(pgrep $service) + mapfile -t pids < <(pgrep $service) # Only attempt to stop the service if it is already running if [ "${#pids[@]}" -gt 0 ]; then @@ -30,22 +32,25 @@ restart() { # Check it hasn't been started by something else in the meantime pid=$(pgrep $service) - + # Only attempt to start the service if it is not already running if [ -z "$pid" ]; then - s6-svc -wu -u -T2500 /var/run/s6/services/$service + # s6-svc -wu -u -T2500 /var/run/s6/services/$service + # /command/s6-svc -wu -u -T2500 /run/service/$service + /command/s6-rc -u change $service fi - + } status() { - s6-svstat /var/run/s6/services/$service + /command/s6-svstat /run/service/$service + #/var/run/s6/services/$service } service="$1" command="$2" -if [[ ! -d "/var/run/s6/services/$service" ]] ; then +if [[ ! -d "/run/service/$service" ]] ; then echo "s6 service not found for $service, exiting..." exit fi; diff --git a/bash_functions.sh b/scripts/bash_functions.sh similarity index 83% rename from bash_functions.sh rename to scripts/bash_functions.sh index 4813800..657c473 100644 --- a/bash_functions.sh +++ b/scripts/bash_functions.sh @@ -17,41 +17,6 @@ changeFTLsetting() { addOrEditKeyValPair "${FTLconf}" "${1}" "${2}" } -fix_capabilities() { - # Testing on Docker 20.10.14 with no caps set shows the following caps available to the container: - # Current: cap_chown,cap_dac_override,cap_fowner,cap_fsetid,cap_kill,cap_setgid,cap_setuid,cap_setpcap,cap_net_bind_service,cap_net_raw,cap_sys_chroot,cap_mknod,cap_audit_write,cap_setfcap=ep - # FTL can also use CAP_NET_ADMIN and CAP_SYS_NICE. If we try to set them when they haven't been explicitly enabled, FTL will not start. Test for them first: - - /sbin/capsh --has-p=cap_chown 2>/dev/null && CAP_STR+=',CAP_CHOWN' - /sbin/capsh --has-p=cap_net_bind_service 2>/dev/null && CAP_STR+=',CAP_NET_BIND_SERVICE' - /sbin/capsh --has-p=cap_net_raw 2>/dev/null && CAP_STR+=',CAP_NET_RAW' - /sbin/capsh --has-p=cap_net_admin 2>/dev/null && CAP_STR+=',CAP_NET_ADMIN' || DHCP_READY='false' - /sbin/capsh --has-p=cap_sys_nice 2>/dev/null && CAP_STR+=',CAP_SYS_NICE' - - if [[ ${CAP_STR} ]]; then - # We have the (some of) the above caps available to us - apply them to pihole-FTL - setcap ${CAP_STR:1}+ep "$(which pihole-FTL)" || ret=$? - - if [[ $DHCP_READY == false ]] && [[ $DHCP_ACTIVE == true ]]; then - # DHCP is requested but NET_ADMIN is not available. - echo "ERROR: DHCP requested but NET_ADMIN is not available. DHCP will not be started." - echo " Please add cap_net_admin to the container's capabilities or disable DHCP." - DHCP_ACTIVE='false' - change_setting "DHCP_ACTIVE" "false" - fi - - if [[ $ret -ne 0 && "${DNSMASQ_USER:-pihole}" != "root" ]]; then - echo "ERROR: Unable to set capabilities for pihole-FTL. Cannot run as non-root." - echo " If you are seeing this error, please set the environment variable 'DNSMASQ_USER' to the value 'root'" - exit 1 - fi - else - echo "WARNING: Unable to set capabilities for pihole-FTL." - echo " Please ensure that the container has the required capabilities." - exit 1 - fi -} - # shellcheck disable=SC2034 ensure_basic_configuration() { @@ -99,6 +64,8 @@ ensure_basic_configuration() { if [ ! -f /etc/dnsmasq.d/01-pihole.conf ] ; then cp /etc/.pihole/advanced/01-pihole.conf /etc/dnsmasq.d/ fi; + + # setup_or_skip_gravity } validate_env() { @@ -301,6 +268,14 @@ setup_FTL_upstream_DNS(){ fi } +setup_FTL_ProcessDNSSettings(){ + # Commit settings to 01-pihole.conf + + # shellcheck source=/dev/null + . /opt/pihole/webpage.sh + ProcessDNSSettings +} + setup_lighttpd_bind() { local serverip="${FTLCONF_REPLY_ADDR4}" # if using '--net=host' only bind lighttpd on $FTLCONF_REPLY_ADDR6 and localhost @@ -496,32 +471,3 @@ setup_admin_email() { pihole -a -e "$EMAIL" fi } - -setup_or_skip_gravity(){ - # Gotta go fast, no time for gravity - if [ -n "$PYTEST" ]; then - sed -i 's/^gravity_spinup$/#gravity_spinup # DISABLED FOR PYTEST/g' "$(which gravity.sh)" - fi - - gravityDBfile="/etc/pihole/gravity.db" - config_file="/etc/pihole/pihole-FTL.conf" - # make a point to mention which config file we're checking, as breadcrumb to revisit if/when pihole-FTL.conf is succeeded by TOML - echo " Checking if custom gravity.db is set in ${config_file}" - if [[ -f "${config_file}" ]]; then - gravityDBfile="$(grep --color=never -Po "^GRAVITYDB=\K.*" "${config_file}" 2> /dev/null || echo "/etc/pihole/gravity.db")" - fi - - - if [ -z "$SKIPGRAVITYONBOOT" ] || [ ! -e "${gravityDBfile}" ]; then - if [ -n "$SKIPGRAVITYONBOOT" ];then - echo " SKIPGRAVITYONBOOT is set, however ${gravityDBfile} does not exist (Likely due to a fresh volume). This is a required file for Pi-hole to operate." - echo " Ignoring SKIPGRAVITYONBOOT on this occaision." - fi - # shellcheck disable=SC2016 - echo '@reboot root PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updateGravity >/var/log/pihole/pihole_updateGravity.log || cat /var/log/pihole/pihole_updateGravity.log' > /etc/cron.d/gravity-on-boot - else - echo " Skipping Gravity Database Update." - [ ! -e /etc/cron.d/gravity-on-boot ] || rm /etc/cron.d/gravity-on-boot &>/dev/null - fi -} - diff --git a/scripts/gravityonboot.sh b/scripts/gravityonboot.sh new file mode 100755 index 0000000..d664a99 --- /dev/null +++ b/scripts/gravityonboot.sh @@ -0,0 +1,18 @@ +#!/bin/bash +gravityDBfile="/etc/pihole/gravity.db" +config_file="/etc/pihole/pihole-FTL.conf" +# make a point to mention which config file we're checking, as breadcrumb to revisit if/when pihole-FTL.conf is succeeded by TOML +echo " Checking if custom gravity.db is set in ${config_file}" +if [[ -f "${config_file}" ]]; then + gravityDBfile="$(grep --color=never -Po "^GRAVITYDB=\K.*" "${config_file}" 2> /dev/null || echo "/etc/pihole/gravity.db")" +fi + +if [ -z "$SKIPGRAVITYONBOOT" ] || [ ! -f "${gravityDBfile}" ]; then + if [ -n "$SKIPGRAVITYONBOOT" ];then + echo " SKIPGRAVITYONBOOT is set, however ${gravityDBfile} does not exist (Likely due to a fresh volume). This is a required file for Pi-hole to operate." + echo " Ignoring SKIPGRAVITYONBOOT on this occaision." + fi + pihole -g +else + echo " Skipping Gravity Database Update." +fi \ No newline at end of file diff --git a/install.sh b/scripts/install.sh similarity index 87% rename from install.sh rename to scripts/install.sh index 30c65f3..e190f82 100644 --- a/install.sh +++ b/scripts/install.sh @@ -9,24 +9,24 @@ WEB_LOCAL_REPO=/var/www/html/admin setupVars=/etc/pihole/setupVars.conf -s6_download_url() { +detect_arch() { DETECTED_ARCH=$(dpkg --print-architecture) S6_ARCH=$DETECTED_ARCH case $DETECTED_ARCH in + amd64) + S6_ARCH="x86_64";; armel) S6_ARCH="arm";; armhf) - S6_ARCH="arm";; + S6_ARCH="armhf";; arm64) S6_ARCH="aarch64";; i386) S6_ARCH="x86";; - ppc64el) - S6_ARCH="ppc64le";; esac - echo "https://github.com/just-containers/s6-overlay/releases/download/${S6_OVERLAY_VERSION}/s6-overlay-${S6_ARCH}.tar.gz" } + # Helps to have some additional tools in the dev image when debugging if [[ "${PIHOLE_DOCKER_TAG}" = 'nightly' || "${PIHOLE_DOCKER_TAG}" = 'dev' ]]; then apt-get update @@ -34,8 +34,10 @@ if [[ "${PIHOLE_DOCKER_TAG}" = 'nightly' || "${PIHOLE_DOCKER_TAG}" = 'dev' ]]; rm -rf /var/lib/apt/lists/* fi -curl -L -s "$(s6_download_url)" | tar xvzf - -C / -mv /init /s6-init +detect_arch + +curl -L -s "https://github.com/just-containers/s6-overlay/releases/download/${S6_OVERLAY_VERSION}/s6-overlay-noarch.tar.xz" | tar Jxpf - -C / +curl -L -s "https://github.com/just-containers/s6-overlay/releases/download/${S6_OVERLAY_VERSION}/s6-overlay-${S6_ARCH}.tar.xz" | tar Jxpf - -C / # Preseed variables to assist with using --unattended install { diff --git a/start.sh b/scripts/start.sh similarity index 87% rename from start.sh rename to scripts/start.sh index 0927e3a..ccc2659 100755 --- a/start.sh +++ b/scripts/start.sh @@ -27,7 +27,6 @@ echo " ::: Starting docker specific checks & setup for docker pihole/pihole" # Initial checks # =========================== -fix_capabilities validate_env || exit 1 ensure_basic_configuration @@ -44,9 +43,7 @@ setup_FTL_server || true [ -n "${DNS_FQDN_REQUIRED}" ] && change_setting "DNS_FQDN_REQUIRED" "$DNS_FQDN_REQUIRED" [ -n "${DNSSEC}" ] && change_setting "DNSSEC" "$DNSSEC" [ -n "${DNS_BOGUS_PRIV}" ] && change_setting "DNS_BOGUS_PRIV" "$DNS_BOGUS_PRIV" -# We call the following function directly as it also allows us to run ProcessDNSSettings -# (to commit settings to 01-pihole.conf) without sourcing webpage.sh -pihole -a -i "$DNSMASQ_LISTENING" +setup_FTL_ProcessDNSSettings # Web interface setup # =========================== @@ -72,8 +69,8 @@ test_configs [ -f /.piholeFirstBoot ] && rm /.piholeFirstBoot -echo " ::: Docker start setup complete" +echo "::: Docker start setup complete" pihole -v -echo " Container tag is: ${PIHOLE_DOCKER_TAG}" \ No newline at end of file +echo " Container tag is: ${PIHOLE_DOCKER_TAG}"