move from etc on nas

Dockerfile

@@ -0,0 +1,6 @@
+FROM pihole/pihole:latest
+MAINTAINER Kameron Kenny
+
+COPY etc/pihole /etc/pihole
+COPY etc/dnsmasq.d /etc/dnsmasq.d
+

Jenkinsfile

@@ -0,0 +1,119 @@
+pipeline {
+  agent {
+    label 'pi501.in.thelinuxpro.net'
+  }
+
+  stages {
+    stage("verify tooling") {
+      steps {
+	sh '''
+        docker version
+	docker info
+        docker compose version
+        '''
+      }
+    }
+
+
+    stage("Build Containers and push to registry") {
+      steps {
+	script {
+	  def status = sh(returnStatus: true, script: 'docker images | grep pihole | grep $(grep image docker-compose.yml  | awk -F\':\' \'{ print $4 }\')')
+
+	  if (status != 0) {
+	    sh 'docker compose build --push'
+	  } else {
+	    echo "Primary Image version already exists, no need to rebuild."
+	  }
+	}
+      }
+    }
+
+    stage('Create contexts') {
+      steps {
+    	sh 'docker context ls | grep pi502 || docker context create pi502 --docker "host=ssh://pi503.in.thelinuxpro.net"'
+      }
+    }
+
+    stage('Stop pihole1') {
+      steps {
+	script {
+	  def status = sh(returnStatus: true, script: 'grep $(docker compose ps | tail -n1 | awk \'{ print $2 }\') docker-compose.yml')
+
+	  if (status != 0) {
+	    sh 'docker compose down'
+	    sh 'sleep 5'
+	  } else {
+	    echo 'skip'
+	  }
+	}
+      }
+    }
+
+    stage('Start pihole1') {
+      steps {
+	script {
+	  def status = sh(returnStatus: true, script: 'grep $(docker --context pi502 compose ps | tail -n1 | awk \'{ print $2 }\') docker-compose.yml')
+
+	  if (status != 0) {
+	    sh 'docker compose up -d'
+	    sh 'docker compose ps'
+            sh 'sleep 3'
+	    sh 'docker compose logs'
+	  } else {
+	    echo 'skip'
+	  }
+	}
+      }
+    }
+
+    stage('Stop pihole2') {
+      steps {
+	script {
+	  def status = sh(returnStatus: true, script: 'grep $(docker compose --context pi502 ps | tail -n1 | awk \'{ print $2 }\') docker-compose.yml')
+
+	  if (status != 0) {
+	    sh 'docker compose --context pi502 down'
+	    sh 'sleep 5'
+	  } else {
+	    echo 'skip'
+	  }
+	}
+      }
+    }
+
+    stage('Start pihole2') {
+      steps {
+	script {
+	  def status = sh(returnStatus: true, script: 'grep $(docker --context pi502 compose ps | tail -n1 | awk \'{ print $2 }\') docker-compose.yml')
+
+	  if (status != 0) {
+	    sh 'docker --context pi502 compose up -d'
+	    sh 'docker --context pi502 compose ps'
+            sh 'sleep 3'
+	    sh 'docker --context pi502 compose logs'
+	  } else {
+	    echo 'skip'
+	  }
+	}
+      }
+    }
+
+//    stage('Integration Tests') {
+//      steps {
+//	sh 'mkdir -p test/results/integration'
+//	sh 'bats -F junit test/integration/dns/thelinux.pro/*.bat test/integration/dns/thelinux.pro/**/*.bat > test/results/integration/TEST-Integration-dns-thelinux_pro.xml'
+//	sh 'bats -F junit test/integration/dns/kameronkenny.com/*.bat test/integration/dns/kameronkenny.com/**/*.bat > test/results/integration/TEST-Integration-dns-kameronkenny_com.xml'
+//	sh 'bats -F junit test/integration/dns/in.thelinuxpro.net/*.bat test/integration/dns/in.thelinuxpro.net/**/*.bat > test/results/integration/TEST-Integration-dns-in_thelinuxpro_net.xml'
+//     }
+//   }
+  }
+
+//  post {
+//    always {
+//      archiveArtifacts artifacts: 'test/results/**/*.xml', fingerprint: true
+//      junit 'test/results/**/*.xml'
+//      sh 'rm -rf test/results'
+//    }
+//  }
+}

etc/dnsmasq.d/01-pihole.conf

@@ -0,0 +1,39 @@
+# Pi-hole: A black hole for Internet advertisements
+# (c) 2017 Pi-hole, LLC (https://pi-hole.net)
+# Network-wide ad blocking via your own hardware.
+#
+# Dnsmasq config for Pi-hole's FTLDNS
+#
+# This file is copyright under the latest version of the EUPL.
+# Please see LICENSE file for your rights under this license.
+
+###############################################################################
+#      FILE AUTOMATICALLY POPULATED BY PI-HOLE INSTALL/UPDATE PROCEDURE.      #
+# ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
+#                                                                             #
+#        IF YOU WISH TO CHANGE THE UPSTREAM SERVERS, CHANGE THEM IN:          #
+#                      /etc/pihole/setupVars.conf                             #
+#                                                                             #
+#        ANY OTHER CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE           #
+#                    WITHIN /etc/dnsmasq.d/yourname.conf                      #
+###############################################################################
+
+addn-hosts=/etc/pihole/local.list
+addn-hosts=/etc/pihole/custom.list
+
+
+localise-queries
+
+
+no-resolv
+
+log-queries
+log-facility=/var/log/pihole/pihole.log
+
+log-async
+cache-size=10000
+server=8.8.8.8
+server=8.8.4.4
+server=10.200.53.254
+server=10.200.254.254
+interface=eth0

etc/dnsmasq.d/06-rfc6761.conf

@@ -0,0 +1,42 @@
+# Pi-hole: A black hole for Internet advertisements
+# (c) 2021 Pi-hole, LLC (https://pi-hole.net)
+# Network-wide ad blocking via your own hardware.
+#
+# RFC 6761 config file for Pi-hole
+#
+# This file is copyright under the latest version of the EUPL.
+# Please see LICENSE file for your rights under this license.
+
+###############################################################################
+#      FILE AUTOMATICALLY POPULATED BY PI-HOLE INSTALL/UPDATE PROCEDURE.      #
+# ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
+#                                                                             #
+#             CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE                #
+#                    WITHIN /etc/dnsmasq.d/yourname.conf                      #
+###############################################################################
+
+# RFC 6761: Caching DNS servers SHOULD recognize
+#     test, localhost, invalid
+# names as special and SHOULD NOT attempt to look up NS records for them, or
+# otherwise query authoritative DNS servers in an attempt to resolve these
+# names.
+server=/test/
+server=/localhost/
+server=/invalid/
+
+# The same RFC requests something similar for
+#     10.in-addr.arpa.      21.172.in-addr.arpa.  27.172.in-addr.arpa.
+#     16.172.in-addr.arpa.  22.172.in-addr.arpa.  28.172.in-addr.arpa.
+#     17.172.in-addr.arpa.  23.172.in-addr.arpa.  29.172.in-addr.arpa.
+#     18.172.in-addr.arpa.  24.172.in-addr.arpa.  30.172.in-addr.arpa.
+#     19.172.in-addr.arpa.  25.172.in-addr.arpa.  31.172.in-addr.arpa.
+#     20.172.in-addr.arpa.  26.172.in-addr.arpa.  168.192.in-addr.arpa.
+# Pi-hole implements this via the dnsmasq option "bogus-priv" (see
+# 01-pihole.conf) because this also covers IPv6.
+
+# OpenWRT furthermore blocks    bind, local, onion    domains
+# see https://git.openwrt.org/?p=openwrt/openwrt.git;a=blob_plain;f=package/network/services/dnsmasq/files/rfc6761.conf;hb=HEAD
+# and https://www.iana.org/assignments/special-use-domain-names/special-use-domain-names.xhtml
+# We do not include the ".local" rule ourselves, see https://github.com/pi-hole/pi-hole/pull/4282#discussion_r689112972
+server=/bind/
+server=/onion/

etc/pihole/dns-servers.conf

@@ -0,0 +1,9 @@
+Google (ECS, DNSSEC);8.8.8.8;8.8.4.4;2001:4860:4860:0:0:0:0:8888;2001:4860:4860:0:0:0:0:8844
+OpenDNS (ECS, DNSSEC);208.67.222.222;208.67.220.220;2620:119:35::35;2620:119:53::53
+Level3;4.2.2.1;4.2.2.2;;
+Comodo;8.26.56.26;8.20.247.20;;
+DNS.WATCH (DNSSEC);84.200.69.80;84.200.70.40;2001:1608:10:25:0:0:1c04:b12f;2001:1608:10:25:0:0:9249:d69b
+Quad9 (filtered, DNSSEC);9.9.9.9;149.112.112.112;2620:fe::fe;2620:fe::9
+Quad9 (unfiltered, no DNSSEC);9.9.9.10;149.112.112.10;2620:fe::10;2620:fe::fe:10
+Quad9 (filtered, ECS, DNSSEC);9.9.9.11;149.112.112.11;2620:fe::11;2620:fe::fe:11
+Cloudflare (DNSSEC);1.1.1.1;1.0.0.1;2606:4700:4700::1111;2606:4700:4700::1001

etc/pihole/list.1.raw.githubusercontent.com.domains.sha1

@@ -0,0 +1 @@
+263ffa732125443afec9f10793e124f80b763bb3  /etc/pihole/list.1.raw.githubusercontent.com.domains

etc/pihole/local.list

@@ -0,0 +1 @@
+### Do not modify this file, it will be overwritten by pihole -g

etc/pihole/logrotate

@@ -0,0 +1,21 @@
+/var/log/pihole/pihole.log {
+	su root root
+	daily
+	copytruncate
+	rotate 5
+	compress
+	delaycompress
+	notifempty
+	nomail
+}
+
+/var/log/pihole/FTL.log {
+	su root root
+	weekly
+	copytruncate
+	rotate 3
+	compress
+	delaycompress
+	notifempty
+	nomail
+}

etc/pihole/migration_backup/adlists.list

@@ -0,0 +1 @@
+https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts

etc/pihole/pihole-FTL.conf

@@ -0,0 +1,4 @@
+#; Pi-hole FTL config file
+#; Comments should start with #; to avoid issues with PHP and bash reading this file
+MACVENDORDB=/macvendor.db
+LOCAL_IPV4=10.200.53.241

etc/pihole/setupVars.conf

@@ -0,0 +1,11 @@
+INSTALL_WEB_INTERFACE=true
+WEBPASSWORD=6cb0639bf4ee3108b4f547f3ba6a401675131b8531e2c52e6b57526f8a02afd9
+WEBTHEME=default-dark
+TEMPERATUREUNIT=F
+PIHOLE_DNS_1=8.8.8.8
+PIHOLE_DNS_2=8.8.4.4
+PIHOLE_DNS_3=10.200.53.254
+PIHOLE_DNS_4=10.200.254.254
+PIHOLE_INTERFACE=eth0
+QUERY_LOGGING=true
+BLOCKING_ENABLED=true

etc/pihole/setupVars.conf.update.bak

@@ -0,0 +1 @@
+INSTALL_WEB_INTERFACE=true

etc/pihole/versions

@@ -0,0 +1,17 @@
+CORE_VERSION=v5.18.2
+CORE_BRANCH=master
+CORE_HASH=5490a6ea
+GITHUB_CORE_VERSION=v5.18.2
+GITHUB_CORE_HASH=5490a6ea
+WEB_VERSION=v5.21
+WEB_BRANCH=master
+WEB_HASH=be05b0f6
+GITHUB_WEB_VERSION=v5.21
+GITHUB_WEB_HASH=be05b0f6
+FTL_VERSION=v5.25.1
+FTL_BRANCH=master
+FTL_HASH=1c2257be
+GITHUB_FTL_VERSION=v5.25.1
+GITHUB_FTL_HASH=1c2257be
+DOCKER_VERSION=2024.03.2
+GITHUB_DOCKER_VERSION=2024.03.2