2022-08-05 11:07:59 -04:00
|
|
|
Name: 3isec-qubes-pihole
|
2024-02-03 01:04:04 -05:00
|
|
|
Version: 1.4
|
2022-08-05 11:07:59 -04:00
|
|
|
Release: 1%{?dist}
|
|
|
|
Summary: Creates Pi-hole server for Qubes
|
|
|
|
|
|
|
|
License: GPLv3+
|
2024-02-03 01:04:04 -05:00
|
|
|
SOURCE0: pihole
|
2022-08-05 11:07:59 -04:00
|
|
|
|
|
|
|
%description
|
|
|
|
This is Pi-hole.
|
|
|
|
It blocks advertisements and internet trackers by providing a DNS sinkhole.
|
|
|
|
|
|
|
|
The package will create a new standalone qube, sys-pihole.
|
|
|
|
It is a drop in replacement for sys-firewall.
|
|
|
|
Sys-pihole is attached to sys-net.
|
|
|
|
If you have sys-firewall as the default netvm, this will be changed to sys-pihole.
|
2022-08-05 21:30:13 -04:00
|
|
|
The installation will try to move all qubes with netvm of sys-firewall to sys-iphole.
|
2022-08-05 11:07:59 -04:00
|
|
|
sys-firewall will *not* be removed, so you can still use it for some qubes if you want.
|
|
|
|
|
|
|
|
If you want to use Tor, then you should reconfigure your system like this:
|
|
|
|
qubes -> sys-pihole ->Tor-gateway -> sys-firewall -> sys-net
|
|
|
|
|
|
|
|
You can clone sys-pihole.
|
|
|
|
If you do you must manually change the IP address of the clone.
|
|
|
|
|
|
|
|
Pi-hole will be installed with these default settings:
|
|
|
|
The DNS provider is Quad9 (filtered, DNSSEC)
|
|
|
|
StevenBlack's Unified Hosts List is included
|
2024-02-03 00:42:59 -05:00
|
|
|
The web interface is availble at http://localhost/admin
|
2022-08-05 11:07:59 -04:00
|
|
|
Query logging is enabled to show everything.
|
|
|
|
|
2024-02-03 00:42:59 -05:00
|
|
|
You can change these settings by logging in to the admin interface at http://localhost/admin
|
2022-08-05 11:07:59 -04:00
|
|
|
The default Admin Webpage login password is UpSNQsy4
|
|
|
|
You should change this on first use, by running:
|
|
|
|
`pihole -a -p`
|
|
|
|
|
2022-09-09 19:55:53 -04:00
|
|
|
Removing this package will only remove the salt files from /srv/salt.
|
|
|
|
It will NOT remove the sys-pihole qube.
|
|
|
|
It will NOT change Qubes networking.
|
|
|
|
You will have to make any changes as you wish.
|
|
|
|
|
2022-08-05 11:07:59 -04:00
|
|
|
%install
|
|
|
|
rm -rf %{buildroot}
|
|
|
|
mkdir -p %{buildroot}/srv/salt
|
|
|
|
cp -rv %{SOURCE0}/ %{buildroot}/srv/salt
|
|
|
|
|
|
|
|
%files
|
|
|
|
%defattr(-,root,root,-)
|
|
|
|
/srv/salt/pihole/*
|
|
|
|
|
|
|
|
%post
|
|
|
|
if [ $1 -eq 1 ]; then
|
|
|
|
qubesctl state.apply pihole.create
|
|
|
|
qubesctl --skip-dom0 --targets=sys-pihole state.apply pihole.install
|
2022-08-05 21:30:13 -04:00
|
|
|
/srv/salt/pihole/change_netvm.sh
|
2022-08-05 11:07:59 -04:00
|
|
|
fi
|
|
|
|
|
|
|
|
%preun
|
|
|
|
|
|
|
|
|
|
|
|
%changelog
|
2024-02-03 01:04:04 -05:00
|
|
|
* Sat Feb 03 2024 unman <unman@thirdeyesecurity.org> - 1.4
|
2024-02-03 00:42:59 -05:00
|
|
|
- Update package for Qubes 4.2
|
2023-02-21 08:52:35 -05:00
|
|
|
* Mon Feb 20 2023 unman <unman@thirdeyesecurity.org> - 1.3
|
|
|
|
- Use pillar for cacher to determine repo changes
|
2022-09-09 19:55:53 -04:00
|
|
|
* Fri Sep 9 2022 unman <unman@thirdeyesecurity.org>
|
|
|
|
- Include dom0-update,so full replacement for sys-firewall.
|
|
|
|
|
2022-08-05 11:07:59 -04:00
|
|
|
* Fri Aug 5 2022 unman <unman@thirdeyesecurity.org>
|
|
|
|
- First Build
|