Pi-hole v5.17 (#5288)

.github/workflows/codeql-analysis.yml

@@ -25,7 +25,7 @@ jobs:
  steps:
  -
  name: Checkout repository
- uses: actions/checkout@v3.4.0
+ uses: actions/checkout@v3.5.2
  # Initializes the CodeQL tools for scanning.
  -
  name: Initialize CodeQL

.github/workflows/stale.yml

@@ -4,23 +4,42 @@ on:
  schedule:
  - cron: '0 8 * * *'
  workflow_dispatch:
+ issue_comment:
 
-jobs:
- stale:
+env:
+ stale_label: stale
 
+jobs:
+ stale_action:
+ if: github.event_name != 'issue_comment'
  runs-on: ubuntu-latest
  permissions:
  issues: write
 
  steps:
- - uses: actions/stale@v7.0.0
+ - uses: actions/stale@v8.0.0
  with:
  repo-token: ${{ secrets.GITHUB_TOKEN }}
  days-before-stale: 30
  days-before-close: 5
  stale-issue-message: 'This issue is stale because it has been open 30 days with no activity. Please comment or update this issue or it will be closed in 5 days.'
- stale-issue-label: 'stale'
+ stale-issue-label: $stale_label
  exempt-issue-labels: 'Internal, Fixed in next release, Bug: Confirmed, Documentation Needed'
  exempt-all-issue-assignees: true
  operations-per-run: 300
  close-issue-reason: 'not_planned'
+
+ remove_stale: # trigger "stale" removal immediately when stale issues are commented on
+ if: github.event_name == 'issue_comment'
+ permissions:
+ contents: read # for actions/checkout
+ issues: write # to edit issues label
+ runs-on: ubuntu-latest
+ steps:
+ - name: Checkout
+ uses: actions/[email protected]
+ - name: Remove 'stale' label
+ run: gh issue edit ${{ github.event.issue.number }} --remove-label $stale_label
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+

.github/workflows/stale_pr.yml

@@ -17,7 +17,7 @@ jobs:
  pull-requests: write
 
  steps:
- - uses: actions/stale@v7.0.0
+ - uses: actions/stale@v8.0.0
  with:
  repo-token: ${{ secrets.GITHUB_TOKEN }}
  # Do not automatically mark PR/issue as stale

.github/workflows/sync-back-to-dev.yml

@@ -33,7 +33,7 @@ jobs:
  name: Syncing branches
  steps:
  - name: Checkout
- uses: actions/checkout@v3.4.0
+ uses: actions/checkout@v3.5.2
  - name: Opening pull request
  run: gh pr create -B development -H master --title 'Sync master back into development' --body 'Created by Github action' --label 'internal'
  env:

.github/workflows/test.yml

@@ -13,7 +13,7 @@ jobs:
  runs-on: ubuntu-latest
  steps:
  - name: Checkout repository
- uses: actions/checkout@v3.4.0
+ uses: actions/checkout@v3.5.2
 
  - name: Check scripts in repository are executable
  run: |
@@ -53,19 +53,21 @@ jobs:
  debian_11,
  ubuntu_20,
  ubuntu_22,
+ ubuntu_23,
  centos_8,
  centos_9,
  fedora_36,
  fedora_37,
+ fedora_38,
  ]
  env:
  DISTRO: ${{matrix.distro}}
  steps:
  - name: Checkout repository
- uses: actions/checkout@v3.4.0
+ uses: actions/checkout@v3.5.2
 
  - name: Set up Python 3.10
- uses: actions/setup-python@v4.5.0
+ uses: actions/setup-python@v4.6.1
  with:
  python-version: "3.10"
 

advanced/Scripts/piholeDebug.sh

@@ -230,10 +230,8 @@ initialize_debug() {
 
 # This is a function for visually displaying the current test that is being run.
 # Accepts one variable: the name of what is being diagnosed
-# Colors do not show in the dashboard, but the icons do: [i], [✓], and [✗]
 echo_current_diagnostic() {
  # Colors are used for visually distinguishing each test in the output
- # These colors do not show in the GUI, but the formatting will
  log_write "\\n${COL_PURPLE}*** [ DIAGNOSING ]:${COL_NC} ${1}"
 }
 

advanced/Scripts/query.sh

@@ -69,31 +69,16 @@ if [[ -n "${str:-}" ]]; then
  exit 1
 fi
 
-# Scan an array of files for matching strings
-scanList(){
- # Escape full stops
- local domain="${1}" esc_domain="${1//./\\.}" lists="${2}" list_type="${3:-}"
-
- # Prevent grep from printing file path
- cd "$piholeDir" || exit 1
-
- # Prevent grep -i matching slowly: https://bit.ly/2xFXtUX
- export LC_CTYPE=C
-
- # /dev/null forces filename to be printed when only one list has been generated
- case "${list_type}" in
- "exact" ) grep -i -E -l "(^|(?<!#)\\s)${esc_domain}($|\\s|#)" "${lists}" /dev/null 2>/dev/null;;
- # Iterate through each regexp and check whether it matches the domainQuery
- # If it does, print the matching regexp and continue looping
- # Input 1 - regexps | Input 2 - domainQuery
- "regex" )
- for list in ${lists}; do
- if [[ "${domain}" =~ ${list} ]]; then
- printf "%b\n" "${list}";
- fi
- done;;
- * ) grep -i "${esc_domain}" "${lists}" /dev/null 2>/dev/null;;
- esac
+# Scan a domain again a list of RegEX
+scanRegExList(){
+ local domain="${1}" list="${2}"
+
+ for entry in ${list}; do
+ if [[ "${domain}" =~ ${entry} ]]; then
+ printf "%b\n" "${entry}";
+ fi
+ done
+
 }
 
 scanDatabaseTable() {
@@ -188,7 +173,7 @@ scanRegexDatabaseTable() {
  # Split regexps over a new line
  str_regexList=$(printf '%s\n' "${regexList[@]}")
  # Check domain against regexps
- mapfile -t regexMatches < <(scanList "${domain}" "${str_regexList}" "regex")
+ mapfile -t regexMatches < <(scanRegExList "${domain}" "${str_regexList}")
  # If there were regex matches
  if [[ "${#regexMatches[@]}" -ne 0 ]]; then
  # Split matching regexps over a new line

advanced/Scripts/webpage.sh

@@ -22,12 +22,14 @@ readonly dnscustomcnamefile="/etc/dnsmasq.d/05-pihole-custom-cname.conf"
 
 readonly gravityDBfile="/etc/pihole/gravity.db"
 
-# Source install script for ${setupVars}, ${PI_HOLE_BIN_DIR} and valid_ip()
-readonly PI_HOLE_FILES_DIR="/etc/.pihole"
-# shellcheck disable=SC2034 # used in basic-install to source the script without running it
-SKIP_INSTALL="true"
-source "${PI_HOLE_FILES_DIR}/automated install/basic-install.sh"
 
+readonly setupVars="/etc/pihole/setupVars.conf"
+readonly PI_HOLE_BIN_DIR="/usr/local/bin"
+
+# Root of the web server
+readonly webroot="/var/www/html"
+
+# Source utils script
 utilsfile="/opt/pihole/utils.sh"
 source "${utilsfile}"
 
@@ -98,6 +100,47 @@ HashPassword() {
  echo "${return}"
 }
 
+# Check an IP address to see if it is a valid one
+valid_ip() {
+ # Local, named variables
+ local ip=${1}
+ local stat=1
+
+ # Regex matching one IPv4 component, i.e. an integer from 0 to 255.
+ # See https://tools.ietf.org/html/rfc1340
+ local ipv4elem="(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]?|0)";
+ # Regex matching an optional port (starting with '#') range of 1-65536
+ local portelem="(#(6553[0-5]|655[0-2][0-9]|65[0-4][0-9]{2}|6[0-4][0-9]{3}|[1-5][0-9]{4}|[1-9][0-9]{0,3}|0))?";
+ # Build a full IPv4 regex from the above subexpressions
+ local regex="^${ipv4elem}\\.${ipv4elem}\\.${ipv4elem}\\.${ipv4elem}${portelem}$"
+
+ # Evaluate the regex, and return the result
+ [[ $ip =~ ${regex} ]]
+
+ stat=$?
+ return "${stat}"
+}
+
+valid_ip6() {
+ local ip=${1}
+ local stat=1
+
+ # Regex matching one IPv6 element, i.e. a hex value from 0000 to FFFF
+ local ipv6elem="[0-9a-fA-F]{1,4}"
+ # Regex matching an IPv6 CIDR, i.e. 1 to 128
+ local v6cidr="(\\/([1-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8])){0,1}"
+ # Regex matching an optional port (starting with '#') range of 1-65536
+ local portelem="(#(6553[0-5]|655[0-2][0-9]|65[0-4][0-9]{2}|6[0-4][0-9]{3}|[1-5][0-9]{4}|[1-9][0-9]{0,3}|0))?";
+ # Build a full IPv6 regex from the above subexpressions
+ local regex="^(((${ipv6elem}))*((:${ipv6elem}))*::((${ipv6elem}))*((:${ipv6elem}))*|((${ipv6elem}))((:${ipv6elem})){7})${v6cidr}${portelem}$"
+
+ # Evaluate the regex, and return the result
+ [[ ${ip} =~ ${regex} ]]
+
+ stat=$?
+ return "${stat}"
+}
+
 SetWebPassword() {
  if [ "${SUDO_USER}" == "www-data" ]; then
  echo "Security measure: user www-data is not allowed to change webUI password!"
@@ -613,7 +656,6 @@ Teleporter() {
  host="${host//./_}"
  filename="pi-hole-${host:-noname}-teleporter_${datetimestamp}.tar.gz"
  fi
- # webroot is sourced from basic-install above
  php "${webroot}/admin/scripts/pi-hole/php/teleporter.php" > "${filename}"
 }
 
@@ -622,7 +664,7 @@ checkDomain()
  local domain validDomain
  # Convert to lowercase
  domain="${1,,}"
- validDomain=$(grep -P "^((-|_)*[a-z\\d]((-|_)*[a-z\\d])*(-|_)*)(\\.(-|_)*([a-z\\d]((-|_)*[a-z\\d])*))*$" <<< "${domain}") # Valid chars check
+ validDomain=$(grep -P "^((-|_)*[a-z0-9]((-|_)*[a-z0-9)*(-|_)*)(\\.(-|_)*([a-z0-9]((-|_)*[a-z0-9])*))*$" <<< "${domain}") # Valid chars check
  validDomain=$(grep -P "^[^\\.]{1,63}(\\.[^\\.]{1,63})*$" <<< "${validDomain}") # Length of each label
  echo "${validDomain}"
 }

advanced/Templates/gravity_copy.sql

@@ -19,8 +19,6 @@ INSERT OR REPLACE INTO adlist SELECT * FROM OLD.adlist;
 DELETE FROM OLD.adlist_by_group WHERE adlist_id NOT IN (SELECT id FROM OLD.adlist);
 INSERT OR REPLACE INTO adlist_by_group SELECT * FROM OLD.adlist_by_group;
 
-INSERT OR REPLACE INTO info SELECT * FROM OLD.info;
-
 INSERT OR REPLACE INTO client SELECT * FROM OLD.client;
 DELETE FROM OLD.client_by_group WHERE client_id NOT IN (SELECT id FROM OLD.client);
 INSERT OR REPLACE INTO client_by_group SELECT * FROM OLD.client_by_group;

automated install/basic-install.sh

@@ -357,7 +357,7 @@ package_manager_detect() {
  # These variable names match the ones for apt-get. See above for an explanation of what they are for.
  PKG_INSTALL=("${PKG_MANAGER}" install -y)
  # CentOS package manager returns 100 when there are packages to update so we need to || true to prevent the script from exiting.
- PKG_COUNT="${PKG_MANAGER} check-update | grep -E '(.i686|.x86|.noarch|.arm|.src)' | wc -l || true"
+ PKG_COUNT="${PKG_MANAGER} check-update | grep -E '(.i686|.x86|.noarch|.arm|.src|.riscv64)' | wc -l || true"
  OS_CHECK_DEPS=(grep bind-utils)
  INSTALLER_DEPS=(git dialog iproute newt procps-ng chkconfig ca-certificates)
  PIHOLE_DEPS=(cronie curl findutils sudo unzip libidn2 psmisc libcap nmap-ncat jq)
@@ -2366,6 +2366,9 @@ get_binary_name() {
  # set the binary to be used
  l_binary="pihole-FTL-linux-x86_64"
  fi
+ elif [[ "${machine}" == "riscv64" ]]; then
+ printf "%b %b Detected riscv64 processor\\n" "${OVER}" "${TICK}"
+ l_binary="pihole-FTL-riscv64-linux-gnu"
  else
  # Something else - we try to use 32bit executable and warn the user
  if [[ ! "${machine}" == "i686" ]]; then