-
-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update query.sh to use FTL's API instead of directly interacting with the database #5361
Conversation
Signed-off-by: Christian König <ckoenig@posteo.de>
Signed-off-by: Christian König <ckoenig@posteo.de>
P.S. the function from |
I like this as an overall idea - the only "don't like" from me at the moment is that it requires entering the api password to run Is this an issue? I don't know - perhaps one that we should discuss before moving ahead however. |
It can be circumvented by excluding local API users from authentication (FTL has a dedicated option for this since the very early days). I agree this may require further discussion. We might want to add an extra option (defaulting to true?) to exclude only some local requests from auth - permitting only a few harmless things without password such as reading the lists |
This pull request has been mentioned on Pi-hole Userspace. There might be relevant details there: https://discourse.pi-hole.net/t/whitelist-blacklist-options-result-in-grep-errors/65521/2 |
@PromoFaux @yubiuser Any comments on my last idea (opt-out: exclude local API users from authentication)? |
I like the idea of having a additional option - like "excluding light" for local users. |
Dedicated option incoming via pi-hole/FTL#1662 |
Signed-off-by: Christian König <ckoenig@posteo.de>
c93c964
to
f7ba059
Compare
With the last commit, no authentication is required when one of |
Thanks, this code seems to work as expected (I also verified the However, given that ABP searching does not go along with partial matching, I wonder if exact matching would actually be the better default? On the web interface Enter also executes exact searching.
|
I can change the default behavior. I just kept it as it was in v5 -> partial was the default. |
Signed-off-by: Christian König <ckoenig@posteo.de>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approving how it is. Do you still want to improve the antigravity support (maybe similar to how I did it recently for web)?
Yes I want to improve anti-gravity support and also print a warning if 'N' is to small (FTL PR needs to be merged). I was busy reviewing your PRs 😉 |
I decided to merge already now - tweaking can happen later and others could use what we have in |
What does this PR aim to accomplish?:
This is a complete rewrite of
query.sh
So far, we have been using direct access to the gravity database to implement the functions provided by
pihole -q
(query the adlist/denylist for a given domain). With FTL v6, FTL provides an API endpoint/search/DOMAIN
which will do all the low-level work for us and outputs a json containing all the relevant data (and some more).This PR changes the implementation of
pihole -q
to use the provided API. To be able to do that, I added a helper file (api.sh
) which provides the necessary functions to authenticate with the API and request data from it and finally to delete the session if everything is done. It's the same function that I use to access FTL's API int the v6 branch of PADD. As we need to rewrite some more function to use FTL's API they can be reused in otherpihole
cli calls. Both, thequery.sh
as well asapi.sh
are POSIX style. The output colors are similar to that the v6 web interface is using. As we sourceCOL_TABLE
this was made POSIX compatible as well.Most of the code in
query.sh
is now the generation of the output (from the json returned by FTL). While working on it, I also changed the way we handle provided option (--exact
,--all
). They can be in an arbitrary position and handled gracefully. ThisPR supersedes #5349
By submitting this pull request, I confirm the following:
git rebase
)