From 366e8bddef63e3b1998e16289adfdf7428877a53 Mon Sep 17 00:00:00 2001 From: Bram Suurd Date: Sun, 4 Feb 2024 14:56:49 +0100 Subject: [PATCH] Add pihole-unbound.sh and pihole-unbound-install.sh scripts --- ct/pihole-unbound.sh | 71 +++++++++++++++++++++++++ install/pihole-unbound-install.sh | 87 +++++++++++++++++++++++++++++++ 2 files changed, 158 insertions(+) create mode 100644 ct/pihole-unbound.sh create mode 100644 install/pihole-unbound-install.sh diff --git a/ct/pihole-unbound.sh b/ct/pihole-unbound.sh new file mode 100644 index 00000000..739e4243 --- /dev/null +++ b/ct/pihole-unbound.sh @@ -0,0 +1,71 @@ +#!/usr/bin/env bash +source <(curl -s https://raw.githubusercontent.com/tteck/Proxmox/main/misc/build.func) +# Copyright (c) 2021-2024 tteck +# Author: tteck (tteckster) +# License: MIT +# https://github.com/tteck/Proxmox/raw/main/LICENSE + +function header_info { +clear +cat <<"EOF" + ____ ______ ______ __ ______ __ ___ ______ ____ __ ___ ______ + / __ \/ _/ / / / __ \/ / / ____/ __ / / / / | / / __ )/ __ \/ / / / | / / __ \ + / /_/ // // /_/ / / / / / / __/ __/ /_ / / / / |/ / __ / / / / / / / |/ / / / / + / ____// // __ / /_/ / /___/ /___ /_ __/ / /_/ / /| / /_/ / /_/ / /_/ / /| / /_/ / +/_/ /___/_/ /_/\____/_____/_____/ /_/ \____/_/ |_/_____/\____/\____/_/ |_/_____/ + +EOF +} +header_info +echo -e "Loading..." +APP="pihole-unbound" +var_disk="2" +var_cpu="1" +var_ram="512" +var_os="debian" +var_version="12" +variables +color +catch_errors + +function default_settings() { + CT_TYPE="1" + PW="" + CT_ID=$NEXTID + HN=$NSAPP + DISK_SIZE="$var_disk" + CORE_COUNT="$var_cpu" + RAM_SIZE="$var_ram" + BRG="vmbr0" + NET="dhcp" + GATE="" + APT_CACHER="" + APT_CACHER_IP="" + DISABLEIP6="no" + MTU="" + SD="" + NS="" + MAC="" + VLAN="" + SSH="no" + VERB="no" + echo_default +} + +function update_script() { +header_info +if [[ ! -d /etc/pihole ]]; then msg_error "No ${APP} Installation Found!"; exit; fi +msg_info "Updating ${APP} LXC" +apt-get update &>/dev/null +apt-get -y upgrade &>/dev/null +msg_ok "Updated Successfully" +exit +} + +start +build_container +description + +msg_ok "Completed Successfully!\n" +echo -e "${APP} should be reachable by going to the following URL. + ${BL}http://${IP}/admin${CL} \n" \ No newline at end of file diff --git a/install/pihole-unbound-install.sh b/install/pihole-unbound-install.sh new file mode 100644 index 00000000..cd81e155 --- /dev/null +++ b/install/pihole-unbound-install.sh @@ -0,0 +1,87 @@ +#!/usr/bin/env bash + +# Copyright (c) 2021-2024 tteck +# Author: tteck (tteckster) +# License: MIT +# https://github.com/tteck/Proxmox/raw/main/LICENSE + +source /dev/stdin <<< "$FUNCTIONS_FILE_PATH" +color +verb_ip6 +catch_errors +setting_up_container +network_check +update_os + +msg_info "Installing Dependencies" +$STD apt-get install -y curl +$STD apt-get install -y sudo +$STD apt-get install -y mc +$STD apt-get install -y ufw +$STD apt-get install -y ntp +$STD apt-get install -y unbound + +msg_ok "Installed Dependencies" + +msg_info "Configuring Unbound" +cat </etc/unbound/unbound.conf.d/pi-hole.conf +server: + verbosity: 0 + interface: 127.0.0.1 + port: 5335 + do-ip4: yes + do-udp: yes + do-tcp: yes + do-ip6: no + prefer-ip6: no + harden-glue: yes + harden-dnssec-stripped: yes + use-caps-for-id: no + edns-buffer-size: 1232 + prefetch: yes + num-threads: 1 + private-address: 192.168.0.0/16 + private-address: 169.254.0.0/16 + private-address: 172.16.0.0/12 + private-address: 10.0.0.0/8 + private-address: fd00::/8 + private-address: fe80::/10 +EOF + +cat </etc/dnsmasq.d/99-edns.conf +edns-packet-max=1232 +EOF + +wget https://www.internic.net/domain/named.root -qO- | sudo tee /var/lib/unbound/root.hints + +$STD systemctl enable unbound +$STD systemctl start unbound +msg_ok "Configured Unbound" + +msg_info "Installing Pi-hole" +mkdir -p /etc/pihole/ +cat </etc/pihole/setupVars.conf +PIHOLE_INTERFACE=eth0 +PIHOLE_DNS_1=localhost:5335 +QUERY_LOGGING=true +INSTALL_WEB_SERVER=true +INSTALL_WEB_INTERFACE=true +LIGHTTPD_ENABLED=true +CACHE_SIZE=10000 +DNS_FQDN_REQUIRED=true +DNS_BOGUS_PRIV=true +DNSMASQ_LISTENING=local +WEBPASSWORD=$(openssl rand -base64 48) +BLOCKING_ENABLED=true +EOF +# View script https://install.pi-hole.net +$STD bash <(curl -fsSL https://install.pi-hole.net) --unattended +msg_ok "Installed Pi-hole" + +motd_ssh +customize + +msg_info "Cleaning up" +$STD apt-get autoremove +$STD apt-get autoclean +msg_ok "Cleaned" \ No newline at end of file