[WIP] OPNblock, first dev version #808
Conversation
dns/opnblock/+POST_INSTALL
Outdated
| @@ -0,0 +1,3 @@ | |||
| if /usr/local/etc/rc.d/configd status > /dev/null; then | |||
| /usr/local/etc/rc.d/configd restart | |||
| fi | |||
There was a problem hiding this comment.
shouldn't it do this automatically?
There was a problem hiding this comment.
Yeah, you're right. I'll change.
| <?php | ||
| namespace OPNsense\opnblock; | ||
| use OPNsense\Base\BaseModel; | ||
| class opnblock extends BaseModel |
There was a problem hiding this comment.
classes must be camel case - in your case probably OpnBlock
| <Enabled type="BooleanField"> | ||
| <default>0</default> | ||
| <Required>Y</Required> | ||
| </Enabled> |
There was a problem hiding this comment.
keep all naming consistent - downcase to enabled so it matches the rest of your model
| <li>whatever else you suggest?</li> | ||
| </ul> | ||
| </p> | ||
| <br> <span style="font-family: Courier; font-size: 13px; border-radius: 5px 5px 5px 5px; background-color: #fff; color: #000; padding: 5px; margin: 5px;">You're using OPNblock version: 0.1-dev</span> |
There was a problem hiding this comment.
all strings should be translatable - this may be an exception because it looks like it should be removed some day.
There was a problem hiding this comment.
Definitely, I'd like to rewrite that whole section on index.volt soon; however at this current moment it's the last thing I'll do; after everything is functional! :)
There was a problem hiding this comment.
You can find a complete list here:
https://github.com/opnsense/core/tree/master/src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes
There was a problem hiding this comment.
Sorry, the comment should be an answer to another comment
| </p> | ||
| <br> <span style="font-family: Courier; font-size: 13px; border-radius: 5px 5px 5px 5px; background-color: #fff; color: #000; padding: 5px; margin: 5px;">You're using OPNblock version: 0.1-dev</span> | ||
| <br> | ||
| <br> </div> |
| # opnblock, opnblock.sh | ||
|
|
||
| # prep temp storage and conf file | ||
| rm -r '/tmp/hosts.working' '/var/unbound/opnblock.conf' |
There was a problem hiding this comment.
why -r - it is a file. It stands for recursive to delete directories and their contents.
| $("#saveAct").click(function () { | ||
| saveFormToEndpoint(url = "/api/opnblock/settings/set", formid = 'frm_GeneralSettings', callback_ok = function () { | ||
| ajaxCall(url = "/api/opnblock/service/refresh", sendData = {}, callback = function (data, status) { | ||
| $("#responseMsg").html(data['message']); |
There was a problem hiding this comment.
.text is more secure (does not support html formatting)
| $this->view->general = $this->getForm("general"); | ||
| $this->view->pick('OPNsense/opnblock/index'); | ||
|
|
||
| $this->view->generalForm = $this->getForm("general"); |
There was a problem hiding this comment.
please don't create redundant variables. You can very likely use the same on all places.
| use \OPNsense\Base\ApiControllerBase; | ||
| use \OPNsense\opnblock\opnblock; | ||
| use \OPNsense\Core\Config; | ||
| class SettingsController extends ApiControllerBase |
There was a problem hiding this comment.
use ApiMutableModelControllerBase instead. It will reduce the controller code to two lines.
dns/opnblock/src/opnsense/mvc/app/controllers/OPNsense/opnblock/forms/general.xml
Outdated
Show resolved
Hide resolved
|
@alec - Clean Opnsense installlation. Following your instructions https://github.com/al-ec/OPNblock package installs fine, but no OPNblock menu item appears. Something changed because I did have a menu option a couple of days ago. :) |
|
@marjohn56 try to delete the menu cache under /tmp. If it appears, the problem is solved. |
|
@alec - No luck. Tried that on my dev system, still the same. Installed onto my live system, no menu item there either... hang on, found it... It's appearing under Lobby. Methinks it should not be there. :) |
|
Getting this when I click on the menu item now..
|
|
@marjohn56 he removed it as I requested today but it seems like he forgot to adjust the view. Give him some time. |
|
@marjohn56 I corrected the view, give it another go! And it's in Lobby because for some reason, my dev server was kernel panicking when I'd assign it to the "Services" menu. And it's not really a service, but rather an utility. Where do you guys think it belongs? |
|
@AL-EC - will do. As for where it belongs. I would put it firewall. Franco will probably say elsewhere when he returns. :) @fabianfrz @AdSchellevis - Where do you think it should go? |
| @@ -0,0 +1,5 @@ | |||
| <menu> | |||
| <Lobby> | |||
| <OPNblock cssClass="fa fa-hand-paper-o" url="/ui/opnblock" /> | |||
There was a problem hiding this comment.
Not sure, are we using fa-fw here normally?
There was a problem hiding this comment.
I followed FA's guide for the stop sign icon. I'd be happy to change, please advise.
dns/opnblock/+POST_INSTALL
Outdated
| @@ -0,0 +1 @@ | |||
|
|
|||
There was a problem hiding this comment.
Delete empty file. Custom scripts are never good style. Did not see what this was used for earlier.
dns/opnblock/Makefile
Outdated
| @@ -0,0 +1,7 @@ | |||
| PLUGIN_NAME= OPNblock | |||
There was a problem hiding this comment.
Depending on the scope and clarity this could also be named unbound-adblock, but it’s up to you to use a cooler name. :)
There was a problem hiding this comment.
Hey @fichtner,
Is there any way to have this show up under "Unbound DNS" in the menu? Can a plugin literally plug-in to other plugin menu items?
There was a problem hiding this comment.
@AL-EC you can register anywhere in the menu, just use the same path as the existing item, without the additional attributes, something like:
<menu>
<Services>
<Unbound>
<OPNblock cssClass="fa fa-hand-paper-o" url="/ui/opnblock" />
</Unbound>
</Services>
</menu>
should do the trick.
There was a problem hiding this comment.
Yeah, with this we could move it to core under a less flashy “Adblock” menu item, change the MVC namespace to Unbound and work on better Unbound integration in general. But as I said it’s up to you to decide.
There was a problem hiding this comment.
Would it be as simple as just changing the namespace to Unbound and replace every mention of "opnblock" with "unbound-adblock"? Or would more go into it? Obviously it'll be a different page under the Unbound menu entry.
| $backend->configdRun('template reload OPNsense/opnblock'); | ||
| // refresh and build lists for unbound (opnblock.conf) | ||
| $backend->configdRun("opnblock refresh"); | ||
| return array("message" => "OPNblock's lists have been updated! Please restart your Unbound DNS server."); |
There was a problem hiding this comment.
Not translated using gettext()
There was a problem hiding this comment.
Thanks. Would you mind linking an example of this so I can see how it's done?
There was a problem hiding this comment.
In that case I would not do that since it is an api call. FYI in php it is just a function call.
| $backend->configdRun("opnblock refresh"); | ||
| return array("message" => "OPNblock's lists have been updated! Please restart your Unbound DNS server."); | ||
| } | ||
| return array("message" => "Something went wrong..."); |
| @@ -0,0 +1,9 @@ | |||
| <acl> | |||
| <page-lobby-opnblock> | |||
| <name>Lobby: OPNblock</name> | |||
There was a problem hiding this comment.
See other comment regarding menu items :)
| touch '/tmp/hosts.working' | ||
|
|
||
| # setup variables for curl'ing | ||
| whitelist=$(awk -F '=' '{if (! ($0 ~ /^;/) && $0 ~ /whitelist/) print $2}' /usr/local/etc/opnblock/opnblock.conf); |
There was a problem hiding this comment.
We normally write rc.conf files where the templates write this as shell variables so it’s easily loaded without further processing.
There was a problem hiding this comment.
Do you have an example of this? Thanks so much!
There was a problem hiding this comment.
you could just write
data.sh (generated)
whitelist="{{ your.opnsense.key.replace(',', ' ') }}"adblock.sh:
. /path/to/data.sh
# do stuffif this is what @fichtner wants to say.
There was a problem hiding this comment.
Yes, that’s what rc scripts do in a nutshell.
There was a problem hiding this comment.
Thinking a bit further, this has potential for core inclusion if we can make integration a bit less obvious. It would certainly required a bit of unbound core wirk for seamless integration and may help move the MVC rewrite up the priority chain. There are no outside dependencies so it’s more or less similar to the remote ACL feature of the web proxy.
In any case: Thanks for doing this work! 😊
|
Hey, @mimugmail! I've been very busy at work and with another personal DNS project (https://heatsink.io). I would absolutely love some help as I'm still pretty new to this plugin creation process. I appreciate it greatly, let me know what I can do to get this moving along. |
|
@fichtner @fabianfrz can you merge to a new branch? I'd fix some stuff :) |
|
@mimugmail yes that would work but the comments will not be kept because they are assigned to this pull request. Would that mean that you are going to fix everything mentioned here and then add you own stuff? Keep in mind that a squashed commit may kill your authorship from a git perspective. |
|
I dont mind for authoring this PR. Just move to a separate branch and I'll try to make it compatible :) |
| <div class="alert alert-info hidden" role="alert" id="responseMsg"> </div> | ||
| <div class="col-md-12"> {{ partial("layout_partials/base_form",['fields':general,'id':'frm_GeneralSettings']) }} | ||
| <button style="margin: 30px 0px 30px 0px;" class="btn btn-success" id="saveAct" type="button"> <b>{{ lang._('Save') }}</b><i id="saveAct_progress"></i> </button> | ||
| <p> <b>{{ lang._('REQUIRED') }}:</b> {{ lang._('You must include') }} <span style="font-family: Courier; font-size: 13px; border-radius: 5px 5px 5px 5px; background-color: #000; color: #fff; padding: 5px; margin: 5px;">include:/var/unbound/UnboundBL.conf</span> {{ lang._('in your') }} <a href="../services_unbound.php">Unbound DNS</a> {{ lang._('advanced settings configuration') }}! </p> |
|
Hey, @mimugmail. Have you had the time to do any work on this project? |
|
I'm waiting for @fichtner creating a new branch so you can open the PR against this and master. |
|
@mimugmail I can do this as well |
|
@fabianfrz it would be great if you could help out with your time indeed, thanks |
|
@AL-EC can you close and open against this branch? @fabianfrz will merge and then we can try to move on. |
|
@mimugmail you can create the PR as well. |
|
@mimugmail done |
|
Shit, this was fast .. seems there's some extra work waiting :) |
|
I am really looking forward to this :) |
|
@alectrocute any progress on this? Lack of time? Need help? Shall I take over? |
|
@alectrocute ping :) |
|
It would be nice to have it in the 19.x release. I think it's a kick ass feature. |
|
@mimugmail @bott0r @fabianfrz I'm going to get back into this immediately! |
|
Looking forward to it. I was just thinking about making a small vm for pi-hole. I does have the advantage of pretty graphs for usage though :-) |
|
I am basically checking the opnsense repo/plugin part everyday, any update on this? |
|
Also what are the memory requirements? I added a few lists and then my router locked up, pretty sure it was oom. It wouldn't finish rebooting either, got hung up just after unbound loaded, had to uninstall it. |
|
Maybe it's better to use the scripting logic of bind or dnscrypt .. |
|
any news on this ? |
|
@alectrocute TBH, I'm not sure how to go on here. This is a highly requested feature and will produce lots of feature requests and support issues, which in turn requires lots of your time and activity. |
|
Ping. Any progress in this plugin guys? |
|
Different approach now:
Still in development ... |
It has some problems and I'd love for critique/assistance getting it up to par. Thanks so much! :)