-
-
Notifications
You must be signed in to change notification settings - Fork 2.6k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'pi-hole:development' into development
- Loading branch information
Showing
5 changed files
with
123 additions
and
34 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
#!/usr/bin/env sh | ||
|
||
# Source utils.sh for getFTLPIDFile() | ||
PI_HOLE_SCRIPT_DIR='/opt/pihole' | ||
utilsfile="${PI_HOLE_SCRIPT_DIR}/utils.sh" | ||
# shellcheck disable=SC1090 | ||
. "${utilsfile}" | ||
|
||
# Get file paths | ||
FTL_PID_FILE="$(getFTLPIDFile)" | ||
|
||
# Cleanup | ||
rm -f /run/pihole/FTL.sock /dev/shm/FTL-* "${FTL_PID_FILE}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
#!/usr/bin/env sh | ||
|
||
# Source utils.sh for getFTLPIDFile() | ||
PI_HOLE_SCRIPT_DIR='/opt/pihole' | ||
utilsfile="${PI_HOLE_SCRIPT_DIR}/utils.sh" | ||
# shellcheck disable=SC1090 | ||
. "${utilsfile}" | ||
|
||
# Get file paths | ||
FTL_PID_FILE="$(getFTLPIDFile)" | ||
|
||
# Touch files to ensure they exist (create if non-existing, preserve if existing) | ||
# shellcheck disable=SC2174 | ||
mkdir -pm 0755 /run/pihole /var/log/pihole | ||
[ -f "${FTL_PID_FILE}" ] || install -D -m 644 -o pihole -g pihole /dev/null "${FTL_PID_FILE}" | ||
[ -f /var/log/pihole/FTL.log ] || install -m 644 -o pihole -g pihole /dev/null /var/log/pihole/FTL.log | ||
[ -f /var/log/pihole/pihole.log ] || install -m 640 -o pihole -g pihole /dev/null /var/log/pihole/pihole.log | ||
[ -f /etc/pihole/dhcp.leases ] || install -m 644 -o pihole -g pihole /dev/null /etc/pihole/dhcp.leases | ||
# Ensure that permissions are set so that pihole-FTL can edit all necessary files | ||
chown pihole:pihole /run/pihole /etc/pihole /var/log/pihole /var/log/pihole/FTL.log /var/log/pihole/pihole.log /etc/pihole/dhcp.leases | ||
# Ensure that permissions are set so that pihole-FTL can edit the files. We ignore errors as the file may not (yet) exist | ||
chmod -f 0644 /etc/pihole/macvendor.db /etc/pihole/dhcp.leases /var/log/pihole/FTL.log | ||
chmod -f 0640 /var/log/pihole/pihole.log | ||
# Chown database files to the user FTL runs as. We ignore errors as the files may not (yet) exist | ||
chown -f pihole:pihole /etc/pihole/pihole-FTL.db /etc/pihole/gravity.db /etc/pihole/macvendor.db | ||
# Chmod database file permissions so that the pihole group (web interface) can edit the file. We ignore errors as the files may not (yet) exist | ||
chmod -f 0664 /etc/pihole/pihole-FTL.db | ||
|
||
# Backward compatibility for user-scripts that still expect log files in /var/log instead of /var/log/pihole | ||
# Should be removed with Pi-hole v6.0 | ||
if [ ! -f /var/log/pihole.log ]; then | ||
ln -sf /var/log/pihole/pihole.log /var/log/pihole.log | ||
chown -h pihole:pihole /var/log/pihole.log | ||
fi | ||
if [ ! -f /var/log/pihole-FTL.log ]; then | ||
ln -sf /var/log/pihole/FTL.log /var/log/pihole-FTL.log | ||
chown -h pihole:pihole /var/log/pihole-FTL.log | ||
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
[Unit] | ||
Description=Pi-hole FTL | ||
# This unit is supposed to indicate when network functionality is available, but it is only | ||
# very weakly defined what that is supposed to mean, with one exception: at shutdown, a unit | ||
# that is ordered after network-online.target will be stopped before the network | ||
Wants=network-online.target | ||
After=network-online.target | ||
# A target that should be used as synchronization point for all host/network name service lookups. | ||
# All services for which the availability of full host/network name resolution is essential should | ||
# be ordered after this target, but not pull it in. | ||
Wants=nss-lookup.target | ||
Before=nss-lookup.target | ||
|
||
# Limit (re)start loop to 5 within 1 minute | ||
StartLimitBurst=5 | ||
StartLimitIntervalSec=60s | ||
|
||
[Service] | ||
User=pihole | ||
PermissionsStartOnly=true | ||
AmbientCapabilities=CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_NET_ADMIN CAP_SYS_NICE CAP_IPC_LOCK CAP_CHOWN | ||
|
||
ExecStartPre=/opt/pihole/pihole-FTL-prestart.sh | ||
ExecStart=/usr/bin/pihole-FTL -f | ||
Restart=on-failure | ||
RestartSec=5s | ||
ExecReload=/bin/kill -HUP $MAINPID | ||
ExecStopPost=/opt/pihole/pihole-FTL-poststop.sh | ||
|
||
# Use graceful shutdown with a reasonable timeout | ||
TimeoutStopSec=10s | ||
|
||
# Make /usr, /boot, /etc and possibly some more folders read-only... | ||
ProtectSystem=full | ||
# ... except /etc/pihole | ||
# This merely retains r/w access rights, it does not add any new. | ||
# Must still be writable on the host! | ||
ReadWriteDirectories=/etc/pihole | ||
|
||
[Install] | ||
WantedBy=multi-user.target |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters