Access Pi-hole dashboard #31

Closed
jacobsalmela opened this Issue Aug 7, 2015 · 25 comments

Projects

None yet

9 participants

@jacobsalmela
Member

The Pi-hole redirects all requests to the blank HTML file. So if you try to go to the dashboard page, you can't get to it.

Some ideas to fix this:

  • Put some sort of if/else logic into the lighttpd.conf file (not sure how to do this just yet)
  • Use a different port
@Fourdee
Contributor
Fourdee commented Aug 7, 2015

The Pi-hole redirects all requests to the blank HTML file. So if you try to go to the dashboard page, you can't get to it.

This might be helpful:
For the DietPi install, I've set it up to use the default /var/www/index.html. No redirects. So, when Pi-hole blocks a site, the user will be sent to the default website /var/www/index.html.
This allows access to /var/www/pihole and doesn't restrict the use of the webserver to Pi-hole.

This isnt an "ideal" solution, however, works for now. As you mentioned, there needs to be a separate way of controlling which webpage/port Pi-hole sends to, allowing full use of the webserver.

@jacobsalmela
Member

That definitely works. I'll think it over some more.

@canihavesomecoffee

I've made a quick test on my local installation, and just adding a second line in the rewrite that catches any necessary admin pages seem to be working just fine, and the nice thing is that it's quite easy as well 👍

Edit: while checking the docs, it also looks like it should be no problem to pass possible GET parameters too.

@poblabs
poblabs commented Sep 8, 2015

Don't mean to hijack, just wanted to help a little.

This is working for me too. URL rewrite of pi-hole-admin/admin.php going to pihole/admin.html.

It looks like @jacobsalmela is looking to use AdminLTE as part of the admin dashboard, which I think would have to reside in it's own subdirectory (instead of just 1 file).

I haven't played with AdminLTE, but this slight modification of your rewrite seems to be working for a new subdirectory with index.html.

$HTTP["host"] =~ ".*" {
     url.rewrite = (
                "^/pihole/admin/.*" => "pihole/admin/",
                ".*" => "pihole/index.html"
         )
}

So http://your-pihole/pihole/admin/index.html works in this example scenario. Interestingly enough though, creating a valid blahblah.html, and accessing http://your-pihole/pihole/admin/blahblah.html brings you to index.html. So still some tweaking needed.

Of course, if AdminLTE is PHP-ran, then fastcgi would need to be configured as well.

@canihavesomecoffee

Yeah, I just did a quick test/POC with that specific url to see if it'd work, nothing more :)

@poblabs
poblabs commented Sep 8, 2015

I just updated my previous comment. Still some tweaking needed, because blahblah.html is a valid file, however the URL brings me to index.html only. Not sure how that would play in with AdminLTE.

@jacobsalmela
Member

Since I haven't added the admin interface yet as part of the automated installer, the files could go anywhere. Ideally, it would be nice to clone the repo into /var/www/ so http://your-pi-hole/index.php is the dashboard and then everything else gets redirected to /var/www/pihole/index.html as it does right now.

@jasonyates

Why not change the re-write to rewrite-if-not-file? I've done that on my local install and it works well in testing.

$HTTP["host"] =~ "." {
url.rewrite-if-not-file = (".
" => "pihole/index.html")
}

@prov3it
prov3it commented Sep 22, 2015

First of all Jacob -> i love PI-Hole. I used the autosetup and figured that there is a lot of stuff i dont want. So i started to do things manually. Especially because i wanted to use dnscrypt-proxy as well. Guess what its working. Except other people are having the same issues i have. I want to use lighttpd for some other stuff running on the rpi. so the line saying:

$HTTP["host"] =~ "." {
url.rewrite = (".
" => "pihole/index.html")
}

i replaced it with:
$HTTP["host"] =~ "(.ad|.ae|.ag|.al|.am|.ao|.ar|.as|.asia|.at|.au|.be|.bg|.biz|.br|.by|.ca|.cc|.cf|.ch|.cl|.cm|.cn|.co|.com|.cz|.de|.dk|.ec|.edu|.ee|.es|.eu|.fi|.fr|.ge|.gg|.gov|.gr|.hk|.hr|.hu|.id|.ie|.il|.im|.in|.info|.invalid|.io|.ir|.is|.it|.jp|.kr|.kz|.la|.lb|.li|.localhost|.lt|.lv|.ly|.ma|.me|.mk|.mobi|.ms|.mx|.my|.name|.net|.nf|.ng|.nl|.no|.nu|.nz|.org|.pe|.ph|.pk|.pl|.pt|.pw|.ro|.rs|.ru|.sa|.se|.sg|.sh|.si|.sk|.st|.su|.tc|.tf|.th|.tk|.to|.tr|.tv|.tw|.ua|.uk|.us|.ve|.vg|.vn|.vu|.ws|.xyz|.za)" {
url.rewrite = (".*" => "pihole/index.html")
}

for everything else (like accessing it locally) it simply forwards it to /var/www/index.html. If i want to set up my own domain, i simply use mydomain.com instead of all those tld's (
$HTTP["host"] =~ "mydomain.com" ).

I made this command to get all the tld's from the adList.conf, the file create by gravity.sh, so that i could simply copy en paste it in the lighttpd.conf:
cat /etc/dnsmasq.d/adList.conf | awk -F/ '{print $2}' | awk -F. '{print $NF}' | sort | uniq | sed 's/^/./' | sed ':a;N;$!ba;s/\n/|/g'

Now, there are some tld's like com\ and stuff like that but i think that everyone feagured that out by himself.

I also looked at other possibilties. like $HTTP["querystring"], because its always 'empty' when you access a blocked website, but i couldnt figure it out. May be someone else can?

@ghost
ghost commented Sep 23, 2015

With Nginx it works flawlessly: simply adding the dashboard to a sub-folder within the www-root; configuring nginx to look for .php as an index and then enabling php is suffice.

This is the configuration which is basically the default one with php enabled: http://pastebin.com/0a9CBa3b

@jofrep
Contributor
jofrep commented Sep 23, 2015

My two cents,
My Raspberry PI doesn't have a DNS name and hence I only access the web server using the IP. I have the following redirect

$HTTP["host"] != "172.16.1.1" {
url.rewrite = (".*" => "pihole/index.html")
}

you could use a domain name if you have one too

@jofrep
Contributor
jofrep commented Sep 23, 2015

I have a deployment with Apache instead on lighttpd.
In this server I have multiple domains and a default site to catch all IP based requests.
Everthing that hits the default server, is redirected to the blank page

root@domain.com:~# ls -la /etc/apache2/sites-enabled/
lrwxrwxrwx 1 root root 32 Mar 20 2012 00nonassigned -> ../sites-available/00nonassigned
lrwxrwxrwx 1 root root 35 Mar 19 2012 m.domain.com -> ../sites-available/m.domain.com
lrwxrwxrwx 1 root root 33 Mar 20 2012 domain.com -> ../sites-available/domain.com
lrwxrwxrwx 1 root root 37 Apr 14 2012 domain.com-ssl -> ../sites-available/domain.com-ssl

the 00nonassigned configuration file is

    DocumentRoot /var/www/root/     
    RewriteEngine On
    RewriteCond %{REQUEST_URI} !=/pihole/index.html
    RewriteRule . /pihole/index.html [R,L]

    ExpiresActive on
    ExpiresDefault "access plus 1 year"

    <Directory /var/www/root/>
            Options Indexes FollowSymLinks +Includes
            AllowOverride All
            Order deny,allow
            allow from all
    </Directory>
@jacobsalmela
Member

So in my testing, this seems to work (at least on "Jessie" with lighttpd version 1.4.35:

$HTTP["url"] =~ "^(?!/admin)/.*" {
    url.rewrite = (".*" => "pihole/index.html" )
}

I will need to test it on "wheezy" as well. Please try it out and see if you get the same results. Note that in "Jessie," the root Web folder is /var/www/html/

@korhadris
Contributor

I just did this and it seems great:

  1. Add pihole (or whatever you want to use as your dashboard server name) to blacklist.txt (This is to add an "alias" for your server that dnsmasq will serve up to dns requests.)
  2. Run gravity.sh
  3. Change the section below in the lighttpd.conf file (replace pihole with server name from above).
  4. Restart lighttpd service
$HTTP["host"] == "pihole" {
    server.document-root = "/var/www/admin"
}
else $HTTP["host"] =~ ".*" {
    url.rewrite = (".*" => "pihole/index.html")
}

Point your browser to http://pihole/ and enjoy. (If you have a domain set on Windows, you may have to point to http://pihole./ It wants the trailing . or it will append on its domain. The same can be found when doing an nslookup.)

@korhadris
Contributor

The above technique works well if you have multiple pages as well. For instance, I have made a separate page for tracking disk usage stats and system health that I can view using the hostname of server-status.

Just repeat the above steps add an additional else statement before the final section in section 3:

$HTTP["host"] == "pihole" {
    server.document-root = "/var/www/admin"
}
else $HTTP["host"] == "server-status" {
    server.document-root = "/var/www/status"
}
else $HTTP["host"] =~ ".*" {
    url.rewrite = (".*" => "pihole/index.html")
}
@jacobsalmela
Member

Very cool. Are you using PHP to display the data?

@korhadris
Contributor

Right now it's just a basic html page that I create periodically with a Python script. I like the style of AdminLTE, so I was going to try to get the data available within that framework. Once it looks pretty I'll try to pass it along through your AdminLTE fork if it'd be useful to combine with pihole stats. :)

@jacobsalmela
Member

Cool! I would be interested to see what you came up with.

@DonLexos

On my older NetGear NAS there is a plugin that used vpsinfo, which displays quite a few interesting things. The original website has long gone but I found it on GitHub, it's all in one php file:
https://github.com/robbiet480/MCSAdmin/blob/master/vpsinfo.php

What I did was simply upload it to the /admin/ folder to make sure it can be accessed easily. If you want the bandwidth stats you should also add vnstat (sudo apt-get install vnstat)
Source: : https://www.raspberrypi.org/forums/viewtopic.php?f=36&t=7390

@jacobsalmela
Member

Looks awesome! I will check it out.

@DonLexos

Just thinking about the original question regarding the redirects, maybe (not sure if lighthttpd supports it) you can redirect based on the request using .htaccess? So image request goto a 1x1 px file, and others can go to the blank index. Not sure what would happen though, that might depend. Sometimes an app/website might decide not to show anything if the ad domain does not resolve (ideal world), otherwise it might try to display the image using preset width/height (resulting in a whitespace in the size of the original banner).
Previously I used a hostfile which redirected to localhost, meaning the domain did not resolve at all. Many websites don't break and don't reserve the space anymore since they might have a loop checking if it loads and then simply disregards it (as temporarily unavailble). You could also give an error code (404 not found or 503 temp unavailable), but that depends a bit on the options there are in lighthttpd.

@Fourdee
Contributor
Fourdee commented Oct 12, 2015

Pi-hole | Apache2 .htaccess. Redirect all webtraffic to index.html.
Ensures redirect 301 code instead of 404 when a "non-"index.html filepath is used (eg: www.myblockedsite.com/folder1/page.html)

cat << EOF > /var/www/.htaccess
RewriteEngine On
RewriteCond %{REQUEST_URI} !=/index.html
RewriteCond %{REQUEST_URI} !=/apc.php
RewriteRule ^ /index.html [R=301]
EOF
#Allow overrides and redirects
sed -i "/AllowOverride/c\AllowOverride All" /etc/apache2/sites-enabled/000-default*
#+Jessie
sed -i "/AllowOverride/c\AllowOverride All" /etc/apache2/apache2.conf
#Enable apache2 rewrite engine
a2enmod rewrite
#Restart service
service apache2 restart

@DonLexos

Pi-Hole uses lighthttp instead of Apache I believe, have to check later if .htaccess is supported and works the same way.

@Fourdee
Contributor
Fourdee commented Oct 12, 2015

Just thinking about the original question regarding the redirects, maybe (not sure if lighthttpd supports it) you can redirect based on the request using .htaccess?

Was just showing you how it can be done with .htaccess on apache.

@DonLexos

Oh I was not trying to be smart or anything, will check if lighthttpd does support .htaccess and if I can make it work.

@jacobsalmela jacobsalmela added a commit that closed this issue Oct 27, 2015
@jacobsalmela jacobsalmela conditionals for accessing the web interface
This adds in some back end improvements for better debugging.  It also
allows you to access the Web interface, while you are connected to the
Pi-hole, which resolves #31
7b16a42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment