Update 'Installer.sh'

2023-09-05 03:23:41 +02:00 · 2023-09-05 03:23:41 +02:00 · 88b1a1c26d
commit 88b1a1c26d
parent ebc858227f
1 changed files with 185 additions and 13 deletions
--- a/Installer.sh
+++ b/Installer.sh
@ -4,21 +4,21 @@
 #   Static Vars   #
 ##---------------##

-#APTMODE="debconf-apt-progress -- apt"
-#PKGM="$APTMODE"
-#PKGUD="$PKGM update"
-#PKGUP="$PKGM upgrade -y"
-#PKGI="${PKGM} install -y"
-#PKRM="$PKGM remove --purge -y"
-#PKARM="$PKGM autoremove -y"
+###DEBIAN###
+APTMODE="debconf-apt-progress -- apt"
+PKGM="$APTMODE"
+PKGUD="$PKGM update"
+PKGUP="$PKGM upgrade -y"
+PKGI="${PKGM} install -y"
+###DEBIAN###
+
+alias pihole="/usr/local/bin/pihole"
 REPO=Pi-Hole
 BRANCH=main
 GIT=https://git.ictcorpnet.com/b.waal/$REPO/raw



-https://git.ictcorpnet.com/b.waal/Pi-Hole/raw/branch/main
-
 ##-----------##
 #   Check OS  #
 ##-----------##
@ -26,12 +26,184 @@ https://git.ictcorpnet.com/b.waal/Pi-Hole/raw/branch/main
 wget $GIT/$BRANCH/Config/OScheck.sh -O /tmp/OScheck.sh
 source /tmp/OScheck.sh

-echo $dist
+
+##----------##
+#   Menu     #
+##----------##
+
+if [[ $dist == "Alpine" ]]; then
+  if (whiptail --title "Setup" --yesno "Use an APT-Cacher?" 8 78); then
+    CACHE=$(whiptail --inputbox "What is the IP address for APT-Cacher?" 8 78 192.168.1.102 --title "Setup" 3>&1 1>&2 2>&3)
+    echo "http://XXX.XXX.XXX.XXX/alpine/v3.18/main" > /etc/apk/repositories
+    echo "http://XXX.XXX.XXX.XXX/alpine/v3.18/community" >> /etc/apk/repositories
+    echo "http://XXX.XXX.XXX.XXX/alpine/edge/testing/" >> /etc/apk/repositories
+    sed -i "s/XXX.XXX.XXX.XXX/$CACHE/g" /etc/apk/repositories
+  else
+    echo ""
+  fi
+fi
+if [[ $dist == "Debian" ]]; then
+  if (whiptail --title "Setup" --yesno "Use an APT-Cacher?" 8 78); then
+    CACHE=$(whiptail --inputbox "What is the IP address for APT-Cacher?" 8 78 192.168.1.102 --title "Setup" 3>&1 1>&2 2>&3)
+    echo 'Acquire::http::Proxy "http://XXX.XXX.XXX.XXX:80";'> /etc/apt/apt.conf.d/01prox
+    sed -i "s/XXX.XXX.XXX.XXX/$CACHE/g" /etc/apt/apt.conf.d/01prox
+    echo 'APT::Install-Recommends "false";' >> /etc/apt/apt.conf.d/01Recommends
+    echo 'APT::Install-Suggests "false";' >> /etc/apt/apt.conf.d/01Suggests
+  else
+    echo ""
+  fi
+fi
+
+if (whiptail --title "Setup" --yesno "Install Unbound?" 8 78); then
+  UNBOUND=true
+else
+  UNBOUND=false
+fi
+if (whiptail --title "Setup" --yesno "Install UFW?" 8 78); then
+  UFW=true
+else
+  UFW=false
+fi
+if [[ $dist == "Debian" ]]; then
+  if (whiptail --title "Setup" --yesno "Unattended-Upgrades" 8 78); then
+    UNATTENDED=true
+  else
+    UNATTENDED=false
+  fi
+fi
+if (whiptail --title "Setup" --yesno "Disable IPv6?" 8 78); then
+  IPv6=false
+else
+  IPv6=true
+fi
+
+
+##-----------##
+#   Updater   #
+##-----------##
+
+if [[ $dist == "Alpine" ]]; then
+apk update
+apk upgrade
+fi
+
+if [[ $dist == "Debian" ]]; then
+apt update
+apt list --upgradeable 2>/dev/null | cut -d/ -f1 | grep -v Listing >> /tmp/install.list
+fi
+
+
+##--------------##
+#   Pre-Config   #
+##--------------##
+
+mkdir -p /etc/pihole
+wget $GIT/$BRANCH/Config/Pihole/pihole-FTL.conf -O /etc/pihole/pihole-FTL.conf
+wget $GIT/$BRANCH/Config/Pihole/setupVars.conf -O /etc/pihole/setupVars.conf
+
+if [[ $UNBOUND == "false" ]]; then
+  sed -i 's/INSTALL_UNBOUND=0/INSTALL_UNBOUND=1/g' /etc/pihole/setupVars.conf
+  sed -i 's/PIHOLE_DNS_1=127.0.0.1#5335/PIHOLE_DNS_1=1.1.1.1/g' /etc/pihole/setupVars.conf
+fi
+if [[ $IPv6 == "true" ]]; then
+  sed -i 's/RESOLVE_IPV6=no/RESOLVE_IPV6=yes/g' /etc/pihole/pihole-FTL.conf
+  else
+    if [[ $dist == "Alpine" ]]; then
+    wget $GIT/$BRANCH/Config/Alpine/Alpine-local.conf -O /etc/sysctl.d/local.conf
+    sysctl -p
+    fi
+    if [[ $dist == "Debian" ]]; then
+    echo "" >> /etc/sysctl.conf
+    echo "#Disable IPv6" >> /etc/sysctl.conf
+    echo "net.ipv6.conf.all.disable_ipv6 = 1" >> /etc/sysctl.conf
+    echo "net.ipv6.conf.default.disable_ipv6 = 1" >> /etc/sysctl.conf
+    echo "net.ipv6.conf.lo.disable_ipv6 = 1" >> /etc/sysctl.conf
+    sysctl -p
+  fi
+fi
+
+
+##-------------##
+#   Installer   #
+##-------------##
+
+if [[ $dist == "Alpine" ]]; then
+apk add dialog git newt procps dhcpcd openrc ncurses newt curl bind-tools nmap-ncat psmisc sudo unzip libidn nettle libcap openresolv iproute2-ss jq
+apk add --no-cache --upgrade grep
+  if [[ $UFW == "true" ]]; then
+  apk add ufw
+  fi
+git clone https://gitlab.com/yvelon/pi-hole /tmp/pi-hole
+bash /tmp/pi-hole/automated\ install/basic-install.sh --unattended
+fi
+
+if [[ $dist == "Debian" ]]; then
+  echo "git iproute2 dialog ca-certificates cron curl iputils-ping psmisc sudo unzip idn2 libcap2-bin dns-root-data libcap2 netcat-openbsd procps jq" /tmp/install.list
+  if [[ $UFW == "true" ]]; then
+  echo "ufw" >> /tmp/install.list
+  fi
+  if [[ $UNATTENDED == "true" ]]; then
+  echo "unattended-upgrades apt-listchanges" >> /tmp/install.list
+  fi
+  xargs < /tmp/install.list xargs apt install -y
+  git clone --depth 1 https://github.com/pi-hole/pi-hole.git /tmp/pi-hole
+  bash /tmp/pi-hole/automated\ install/basic-install.sh --unattended
+fi


 ##---------------##
-#   Dependencies  #
+#   Configuring   #
 ##---------------##

-#$PKGI curl wget whiptail
-apk update && apk add curl wget newt
+if [[ $UNBOUND == "true" ]]; then
+  if [[ $dist == "Alpine" ]]; then
+  service unbound stop && service pihole-FTL stop
+  mkdir -p /etc/unbound/unbound.conf.d
+  rm /etc/unbound/unbound.conf
+  wget $GIT/$BRANCH/Config/Unbound/unbound.conf -O /etc/unbound/unbound.conf
+  wget $GIT/$BRANCH/Config/Unbound/pi-hole.conf -O /etc/unbound/unbound.conf.d/pi-hole.conf
+  wget $GIT/$BRANCH/Config/Unbound/privacy.conf -O /etc/unbound/unbound.conf.d/privacy.conf
+  wget $GIT/$BRANCH/Config/Unbound/qname-minimisation.conf -O /etc/unbound/unbound.conf.d/qname-minimisation.conf
+  service unbound start && service pihole-FTL start
+  pihole restartdns
+  fi
+  if [[ $dist == "Debian" ]]; then
+  systemctl stop unbound && systemctl stop pihole-FTL
+  wget https://www.internic.net/domain/named.root -qO- | sudo tee /var/lib/unbound/root.hints
+  wget $GIT/$BRANCH/Config/Unbound/pi-hole.conf -O /etc/unbound/unbound.conf.d/pi-hole.conf
+  wget $GIT/$BRANCH/Config/Unbound/privacy.conf -O /etc/unbound/unbound.conf.d/privacy.conf
+  wget $GIT/$BRANCH/Config/Unbound/qname-minimisation.conf -O /etc/unbound/unbound.conf.d/qname-minimisation.conf
+  systemctl start unbound && systemctl start pihole-FTL
+  pihole restartdns
+  fi
+fi
+
+if [[ $UFW == "true" ]]; then
+  if [[ $IPv6 == "false" ]]; then
+    sed -i 's/IPV6=yes/IPV6=no/g' /etc/default/ufw
+    ufw allow 80/tcp
+    ufw allow 53/tcp
+    ufw limit 22/tcp
+    echo "y" | ufw enable
+  fi
+  if [[ $IPv6 == "true" ]]; then
+    ufw allow 80/tcp
+    ufw allow 53/tcp
+    ufw limit 22/tcp
+    echo "y" | ufw enable
+  fi
+fi
+
+if [[ $UNATTENDED == "true" ]]; then
+  wget https://git.ictcorpnet.com/b.waal/PiAutomation/raw/branch/main/Unattended-Security-Updates/20auto-upgrades -O /etc/apt/apt.conf.d/20auto-upgrades
+  wget https://git.ictcorpnet.com/b.waal/PiAutomation/raw/branch/main/Unattended-Security-Updates/50debian-unattended-upgrades -O /etc/apt/apt.conf.d/50unattended-upgrades
+fi
+
+
+##-------------##
+#   Finishing   #
+##-------------##
+
+ln -s /usr/local/bin/pihole /usr/bin/pihole
+whiptail --title "Done!" --msgbox "Pihole is now available on http://LXC.IP.ADDRESS.HERE/admin\n\nPress OK to continue." 10 78
+exit