From 4ff9c263b0546955f74f6f81a93dfbdf78cd619f Mon Sep 17 00:00:00 2001 From: Stan Grishin Date: Sat, 30 May 2020 11:41:12 +0000 Subject: [PATCH] luci-app-https-dns-proxy: decrease reliance on shell commands; proper acl.d file; add cloudflare family/protect Signed-off-by: Stan Grishin --- .../luci-app-https-dns-proxy/Makefile | 2 +- .../providers/com.cloudflare-dns.family.lua | 8 ++++ .../providers/com.cloudflare-dns.lua | 4 +- .../providers/com.cloudflare-dns.security.lua | 8 ++++ .../luasrc/model/cbi/https-dns-proxy.lua | 26 +++++++++--- .../po/templates/https-dns-proxy.pot | 42 +++++++++++-------- .../rpcd/acl.d/luci-app-https-dns-proxy.json | 27 ++++++++++-- 7 files changed, 89 insertions(+), 28 deletions(-) create mode 100644 applications/luci-app-https-dns-proxy/luasrc/https-dns-proxy/providers/com.cloudflare-dns.family.lua create mode 100644 applications/luci-app-https-dns-proxy/luasrc/https-dns-proxy/providers/com.cloudflare-dns.security.lua diff --git a/applications/luci-app-https-dns-proxy/Makefile b/applications/luci-app-https-dns-proxy/Makefile index 6a1ac2984..e04e73208 100644 --- a/applications/luci-app-https-dns-proxy/Makefile +++ b/applications/luci-app-https-dns-proxy/Makefile @@ -10,7 +10,7 @@ LUCI_TITLE:=DNS Over HTTPS Proxy Web UI LUCI_DESCRIPTION:=Provides Web UI for DNS Over HTTPS Proxy LUCI_DEPENDS:=+luci-compat +luci-mod-admin-full +https-dns-proxy LUCI_PKGARCH:=all -PKG_RELEASE:=6 +PKG_RELEASE:=8 include ../../luci.mk diff --git a/applications/luci-app-https-dns-proxy/luasrc/https-dns-proxy/providers/com.cloudflare-dns.family.lua b/applications/luci-app-https-dns-proxy/luasrc/https-dns-proxy/providers/com.cloudflare-dns.family.lua new file mode 100644 index 000000000..8bad0a077 --- /dev/null +++ b/applications/luci-app-https-dns-proxy/luasrc/https-dns-proxy/providers/com.cloudflare-dns.family.lua @@ -0,0 +1,8 @@ +return { + name = "Cloudflare-Family", + label = _("Cloudflare (Family Protection)"), + resolver_url = "https://family.cloudflare-dns.com/dns-query", + bootstrap_dns = "1.1.1.3,1.0.0.3,2606:4700:4700::1113,2606:4700:4700::1003", + help_link = "https://one.one.one.one/family/", + help_link_text = "Cloudflare" +} diff --git a/applications/luci-app-https-dns-proxy/luasrc/https-dns-proxy/providers/com.cloudflare-dns.lua b/applications/luci-app-https-dns-proxy/luasrc/https-dns-proxy/providers/com.cloudflare-dns.lua index e8673d5d5..7e30c125c 100644 --- a/applications/luci-app-https-dns-proxy/luasrc/https-dns-proxy/providers/com.cloudflare-dns.lua +++ b/applications/luci-app-https-dns-proxy/luasrc/https-dns-proxy/providers/com.cloudflare-dns.lua @@ -2,5 +2,7 @@ return { name = "Cloudflare", label = _("Cloudflare"), resolver_url = "https://cloudflare-dns.com/dns-query", - bootstrap_dns = "1.1.1.1,1.0.0.1" + bootstrap_dns = "1.1.1.1,1.0.0.1,2606:4700:4700::1111,2606:4700:4700::1001", + help_link = "https://one.one.one.one/family/", + help_link_text = "Cloudflare" } diff --git a/applications/luci-app-https-dns-proxy/luasrc/https-dns-proxy/providers/com.cloudflare-dns.security.lua b/applications/luci-app-https-dns-proxy/luasrc/https-dns-proxy/providers/com.cloudflare-dns.security.lua new file mode 100644 index 000000000..a862f438b --- /dev/null +++ b/applications/luci-app-https-dns-proxy/luasrc/https-dns-proxy/providers/com.cloudflare-dns.security.lua @@ -0,0 +1,8 @@ +return { + name = "Cloudflare-Security", + label = _("Cloudflare (Security Protection)"), + resolver_url = "https://security.cloudflare-dns.com/dns-query", + bootstrap_dns = "1.1.1.1,1.0.0.1,2606:4700:4700::1111,2606:4700:4700::1001", + help_link = "https://one.one.one.one/family/", + help_link_text = "Cloudflare" +} diff --git a/applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua b/applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua index c57de3872..a1da93b2f 100644 --- a/applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua +++ b/applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua @@ -9,7 +9,21 @@ local packageName = "https-dns-proxy" local providers_dir = "/usr/lib/lua/luci/" .. packageName .. "/providers/" local helperText = "" -function create_helper_text() +function getPackageVersion() + local opkgFile = "/usr/lib/opkg/status" + local line + local flag = false + for line in io.lines(opkgFile) do + if flag then + return line:match('[%d%.$-]+') or "" + elseif line:find("Package: " .. packageName:gsub("%-", "%%%-")) then + flag = true + end + end + return "" +end + +function createHelperText() local initText = "
" .. translate("For more information on different options check") .. " " for filename in fs.dir(providers_dir) do local p_func = loadfile(providers_dir .. filename) @@ -25,7 +39,7 @@ function create_helper_text() else helperText = helperText .. ", " end - helperText = helperText .. [[]] .. domain .. [[]] + helperText = helperText .. [[]] .. domain .. [[]] end end end @@ -35,7 +49,7 @@ function create_helper_text() end end -function get_provider_name(value) +function getProviderName(value) for filename in fs.dir(providers_dir) do local p_func = loadfile(providers_dir .. filename) setfenv(p_func, { _ = i18n.translate }) @@ -51,7 +65,7 @@ end local packageStatus, packageStatusCode local ubusStatus = util.ubus("service", "list", { name = packageName }) -local packageVersion = tostring(util.trim(sys.exec("opkg list-installed " .. packageName .. " | awk '{print $3}'"))) or "" +local packageVersion = getPackageVersion() if packageVersion == "" then packageStatusCode = -1 @@ -81,7 +95,7 @@ else end la = la or "127.0.0.1" lp = lp or n + 5053 - packageStatus = packageStatus .. translatef("Running: %s DoH at %s:%s", get_provider_name(url), la, lp) .. "\n" + packageStatus = packageStatus .. translatef("Running: %s DoH at %s:%s", getProviderName(url), la, lp) .. "\n" else break end @@ -108,7 +122,7 @@ else buttons.template = packageName .. "/buttons" end -create_helper_text() +createHelperText() s3 = m:section(TypedSection, "https-dns-proxy", translate("Instances"), translatef("When you add/remove any instances below, they will be used to override the 'DNS forwardings' section of %sDHCP and DNS%s.", "", "") .. helperText) s3.template = "cbi/tblsection" diff --git a/applications/luci-app-https-dns-proxy/po/templates/https-dns-proxy.pot b/applications/luci-app-https-dns-proxy/po/templates/https-dns-proxy.pot index f4dde2576..a9694e591 100644 --- a/applications/luci-app-https-dns-proxy/po/templates/https-dns-proxy.pot +++ b/applications/luci-app-https-dns-proxy/po/templates/https-dns-proxy.pot @@ -1,7 +1,7 @@ msgid "" msgstr "Content-Type: text/plain; charset=UTF-8" -#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:58 +#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:72 msgid "%s is not installed or not found" msgstr "" @@ -41,11 +41,19 @@ msgstr "" msgid "Cloudflare" msgstr "" +#: applications/luci-app-https-dns-proxy/luasrc/https-dns-proxy/providers/com.cloudflare-dns.family.lua:3 +msgid "Cloudflare (Family Protection)" +msgstr "" + +#: applications/luci-app-https-dns-proxy/luasrc/https-dns-proxy/providers/com.cloudflare-dns.security.lua:3 +msgid "Cloudflare (Security Protection)" +msgstr "" + #: applications/luci-app-https-dns-proxy/luasrc/controller/https-dns-proxy.lua:4 msgid "DNS HTTPS Proxy" msgstr "" -#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:92 +#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:106 msgid "DNS HTTPS Proxy Settings" msgstr "" @@ -61,7 +69,7 @@ msgstr "" msgid "Disable" msgstr "" -#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:163 +#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:177 msgid "EDNS client subnet" msgstr "" @@ -69,7 +77,7 @@ msgstr "" msgid "Enable" msgstr "" -#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:13 +#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:27 msgid "For more information on different options check" msgstr "" @@ -77,7 +85,7 @@ msgstr "" msgid "Google" msgstr "" -#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:112 +#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:126 msgid "Instances" msgstr "" @@ -89,11 +97,11 @@ msgstr "" msgid "LibreDNS (No Ads)" msgstr "" -#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:146 +#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:160 msgid "Listen address" msgstr "" -#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:159 +#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:173 msgid "Listen port" msgstr "" @@ -105,7 +113,7 @@ msgstr "" msgid "ODVR (nic.cz)" msgstr "" -#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:166 +#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:180 msgid "Proxy server" msgstr "" @@ -129,19 +137,19 @@ msgstr "" msgid "Reload" msgstr "" -#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:119 +#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:133 msgid "Resolver" msgstr "" -#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:84 +#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:98 msgid "Running: %s DoH at %s:%s" msgstr "" -#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:96 +#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:110 msgid "Service Status" msgstr "" -#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:94 +#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:108 msgid "Service Status [%s %s]" msgstr "" @@ -153,25 +161,25 @@ msgstr "" msgid "Stop" msgstr "" -#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:62 +#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:76 msgid "Stopped" msgstr "" -#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:49 +#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:63 msgid "Unknown Provider" msgstr "" -#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:113 +#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:127 msgid "" "When you add/remove any instances below, they will be used to override the " "'DNS forwardings' section of %sDHCP and DNS%s." msgstr "" -#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:34 +#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:48 msgid "and" msgstr "" -#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:64 +#: applications/luci-app-https-dns-proxy/luasrc/model/cbi/https-dns-proxy.lua:78 msgid "disabled" msgstr "" diff --git a/applications/luci-app-https-dns-proxy/root/usr/share/rpcd/acl.d/luci-app-https-dns-proxy.json b/applications/luci-app-https-dns-proxy/root/usr/share/rpcd/acl.d/luci-app-https-dns-proxy.json index 0886cc885..bcd4c5fd7 100644 --- a/applications/luci-app-https-dns-proxy/root/usr/share/rpcd/acl.d/luci-app-https-dns-proxy.json +++ b/applications/luci-app-https-dns-proxy/root/usr/share/rpcd/acl.d/luci-app-https-dns-proxy.json @@ -1,11 +1,32 @@ { "luci-app-https-dns-proxy": { - "description": "Grant UCI access for luci-app-https-dns-proxy", + "description": "Grant UCI and file access for luci-app-https-dns-proxy", "read": { - "uci": [ "https-dns-proxy" ] + "cgi-io": [ + "exec" + ], + "file": { + "/usr/lib/opkg/status": [ + "read" + ], + "/usr/lib/lua/luci/https-dns-proxy/providers/*": [ + "read" + ], + "/etc/init.d/dnsmasq *": [ + "exec" + ], + "/etc/init.d/https-dns-proxy *": [ + "exec" + ] + }, + "uci": [ + "https-dns-proxy" + ] }, "write": { - "uci": [ "https-dns-proxy" ] + "uci": [ + "https-dns-proxy" + ] } } } -- 2.25.1