Merge pull request #3941 from pi-hole/release/v5.2.2

Pi-hole Core v5.2.2
Merge pull request #3940 from pi-hole/fix/i386-arch
2020-12-24 11:07:36 +00:00 · 2020-12-24 08:38:53 +01:00 · 2020-12-23 14:59:28 -08:00 · 2020-12-20 15:31:02 +00:00 · 2020-12-19 17:37:17 -06:00 · 2020-12-12 10:08:05 +01:00
74 changed files with 2224 additions and 1202 deletions
--- a/.editorconfig
+++ b/.editorconfig
@@ -1,4 +1,4 @@
-# EditorConfig is awesome: http://EditorConfig.org
+# EditorConfig is awesome: https://editorconfig.org/
 # top-most EditorConfig file
 root = true
--- a/.github/ISSUE_TEMPLATE.md
+++ b/.github/ISSUE_TEMPLATE.md
@@ -1,37 +0,0 @@
 **In raising this issue, I confirm the following:** `{please fill the checkboxes, e.g: [X]}`
 - [] I have read and understood the [contributors guide](https://github.com/pi-hole/pi-hole/blob/master/CONTRIBUTING.md).
 - [] The issue I am reporting can be *replicated*.
 - [] The issue I am reporting isn't a duplicate (see [FAQs](https://github.com/pi-hole/pi-hole/wiki/FAQs), [closed issues](https://github.com/pi-hole/pi-hole/issues?utf8=%E2%9C%93&q=is%3Aissue%20is%3Aclosed%20), and [open issues](https://github.com/pi-hole/pi-hole/issues)).
 **How familiar are you with the the source code relevant to this issue?:**
 `{Replace this with a number from 1 to 10. 1 being not familiar, and 10 being very familiar}`
 ---
 **Expected behaviour:**
 `{A detailed description of what you expect to see}`
 **Actual behaviour:**
 `{A detailed description and/or screenshots of what you do see}`
 **Steps to reproduce:**
 `{Detailed steps of how we can reproduce this}`
 **Debug token provided by [uploading `pihole -d` log](https://discourse.pi-hole.net/t/the-pihole-command-with-examples/738#debug):**
 `{Alphanumeric token}`
 **Troubleshooting undertaken, and/or other relevant information:**
 `{Steps of what you have done to fix this}`
 > * `{Please delete this quoted section when opening your issue}`
 > * You must follow the template instructions. Failure to do so will result in your issue being closed.
 > * Please [submit any feature requests here](https://discourse.pi-hole.net/c/feature-requests), so it is votable and trackable by the community.
 > * Please respect that Pi-hole is developed by volunteers, who can only reply in their spare time.
 > * Detail helps us understand and resolve an issue quicker, but please ensure it's relevant.
 > * _This template was created based on the work of [`udemy-dl`](https://github.com/nishad/udemy-dl/blob/master/LICENSE)._
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -1,31 +0,0 @@
 **By submitting this pull request, I confirm the following:** 
 *please fill any appropriate checkboxes, e.g: [X]*
 - [ ] I have read and understood the [contributors guide](https://github.com/pi-hole/pi-hole/blob/master/CONTRIBUTING.md), as well as this entire template.
 - [ ] I have made only one major change in my proposed changes.
 - [ ] I have commented my proposed changes within the code.
 - [ ] I have tested my proposed changes, and have included unit tests where possible.
 - [ ] I am willing to help maintain this change if there are issues with it later.
 - [ ] I give this submission freely and claim no ownership.
 - [ ] It is compatible with the [EUPL 1.2 license](https://opensource.org/licenses/EUPL-1.1)
 - [ ] I have squashed any insignificant commits. ([`git rebase`](http://gitready.com/advanced/2009/02/10/squashing-commits-with-rebase.html))
 Please make sure you [Sign Off](https://github.com/pi-hole/pi-hole/wiki/How-to-signoff-your-commits.) all commits. Pi-hole enforces the [DCO](https://github.com/pi-hole/pi-hole/wiki/Contributing-to-the-project).
 ---
 **What does this PR aim to accomplish?:**
 *A detailed description, screenshots (if necessary), as well as links to any relevant GitHub issues*
 **How does this PR accomplish the above?:**
 *A detailed description (such as a changelog) and screenshots (if necessary) of the implemented fix*
 **What documentation changes (if any) are needed to support this PR?:**
 *A detailed list of any necessary changes*
 ---
 * You must follow the template instructions. Failure to do so will result in your pull request being closed.
 * Please respect that Pi-hole is developed by volunteers, who can only reply in their spare time.
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -0,0 +1,25 @@
 name: Test Supported Distributions
 on:
  pull_request:
    types: [opened, synchronize, reopened, ready_for_review]
 jobs:
  distro-test:
    if: github.event.pull_request.draft == false
    runs-on: ubuntu-latest
    strategy:
      matrix:
        distro: [debian_9, debian_10, ubuntu_16, ubuntu_18, ubuntu_20, centos_7, centos_8, fedora_31, fedora_32]
    env:
      DISTRO: ${{matrix.distro}}
    steps:
    - uses: actions/checkout@v1
    - name: Set up Python 3.7
      uses: actions/setup-python@v2
      with:
        python-version: 3.7
    - name: Install dependencies
      run: pip install -r test/requirements.txt
    - name: Test with tox
      run: tox -c test/tox.${DISTRO}.ini
--- a/.gitignore
+++ b/.gitignore
@@ -15,7 +15,7 @@ __pycache__
 # Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and Webstorm
 # Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
-# All idea files, with execptions
+# All idea files, with exceptions
 .idea
 !.idea/codeStyles/*
 !.idea/codeStyleSettings.xml
--- a/.stickler.yml
+++ b/.stickler.yml
@@ -2,5 +2,5 @@ linters:
  shellcheck:
    shell: bash
  phpcs:
  csslint:
  flake8:
    max-line-length: 120
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,12 +0,0 @@
 sudo: required
 services:
  - docker
 language: python
 python:
  - "2.7"
 install:
  - pip install -r requirements.txt
 script:
  # tox.ini handles setup, ordering of docker build first, and then run tests
  - tox
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -4,8 +4,8 @@ Please read and understand the contribution guide before creating an issue or pu
 ## Etiquette
- Our goal for Pi-hole is **stability before features**.  This means we focus on squashing critical bugs before adding new features.  Often, we can do both in tandem, but bugs will take priority over a new feature.
+- Our goal for Pi-hole is **stability before features**. This means we focus on squashing critical bugs before adding new features. Often, we can do both in tandem, but bugs will take priority over a new feature.
- Pi-hole is open source and [powered by donations](https://pi-hole.net/donate/), and as such, we give our **free time** to build, maintain, and **provide user support** for this project.  It would be extremely unfair for us to suffer abuse or anger for our hard work, so please take a moment to consider that.
+- Pi-hole is open source and [powered by donations](https://pi-hole.net/donate/), and as such, we give our **free time** to build, maintain, and **provide user support** for this project. It would be extremely unfair for us to suffer abuse or anger for our hard work, so please take a moment to consider that.
 - Please be considerate towards the developers and other users when raising issues or presenting pull requests.
 - Respect our decision(s), and do not be upset or abusive if your submission is not used.
@@ -26,13 +26,87 @@ When requesting or submitting new features, first consider whether it might be u
 - Check the codebase to ensure that your feature doesn't already exist.
 - Check the pull requests to ensure that another person hasn't already submitted the feature or fix.
- Read and understand the [DCO guidelines](https://github.com/pi-hole/pi-hole/wiki/Contributing-to-the-project) for the project.
+- Read and understand the [DCO guidelines](https://docs.pi-hole.net/guides/github/contributing/) for the project.
 ## Technical Requirements
 - Submit Pull Requests to the **development branch only**.
 - Before Submitting your Pull Request, merge `development` with your new branch and fix any conflicts. (Make sure you don't break anything in development!)
- Please use the [Google Style Guide for Shell](https://google.github.io/styleguide/shell.xml) for your code submission styles. 
+- Please use the [Google Style Guide for Shell](https://google.github.io/styleguide/shell.xml) for your code submission styles.
 - Commit Unix line endings.
 - Please use the Pi-hole brand: **Pi-hole** (Take a special look at the capitalized 'P' and a low 'h' with a hyphen)
 - (Optional fun) keep to the theme of Star Trek/black holes/gravity.
 ## Forking and Cloning from GitHub to GitHub
 1. Fork <https://github.com/pi-hole/pi-hole/> to a repo under a namespace you control, or have permission to use, for example: `https://github.com/<your_namespace>/<your_repo_name>/`. You can do this from the github.com website.
 2. Clone `https://github.com/<your_namespace>/<your_repo_name>/` with the tool of you choice.
 3. To keep your fork in sync with our repo, add an upstream remote for pi-hole/pi-hole to your repo.
    ```bash
    git remote add upstream https://github.com/pi-hole/pi-hole.git
    ```
 4. Checkout the `development` branch from your fork `https://github.com/<your_namespace>/<your_repo_name>/`.
 5. Create a topic/branch, based on the `development` branch code. *Bonus fun to keep to the theme of Star Trek/black holes/gravity.*
 6. Make your changes and commit to your topic branch in your repo.
 7. Rebase your commits and squash any insignificant commits. See the notes below for an example.
 8. Merge `development` your branch and fix any conflicts.
 9. Open a Pull Request to merge your topic branch into our repo's `development` branch.
 - Keep in mind the technical requirements from above.
 ## Forking and Cloning from GitHub to other code hosting sites
 - Forking is a GitHub concept and cannot be done from GitHub to other git-based code hosting sites. However, those sites may be able to mirror a GitHub repo.
 1. To contribute from another code hosting site, you must first complete the steps above to fork our repo to a GitHub namespace you have permission to use, for example: `https://github.com/<your_namespace>/<your_repo_name>/`.
 2. Create a repo in your code hosting site, for example: `https://gitlab.com/<your_namespace>/<your_repo_name>/`
 3. Follow the instructions from your code hosting site to create a mirror between `https://github.com/<your_namespace>/<your_repo_name>/` and `https://gitlab.com/<your_namespace>/<your_repo_name>/`.
 4. When you are ready to create a Pull Request (PR), follow the steps `(starting at step #6)` from [Forking and Cloning from GitHub to GitHub](#forking-and-cloning-from-github-to-github) and create the PR from `https://github.com/<your_namespace>/<your_repo_name>/`.
 ## Notes for squashing commits with rebase
 - To rebase your commits and squash previous commits, you can use:
    ```bash
    git rebase -i your_topic_branch~(number of commits to combine)
    ```
 - For more details visit [gitready.com](http://gitready.com/advanced/2009/02/10/squashing-commits-with-rebase.html)
 1. The following would combine the last four commits in the branch `mytopic`.
    ```bash
    git rebase -i mytopic~4
    ```
 2. An editor window opens with the most recent commits indicated: (edit the commands to the left of the commit ID)
    ```gitattributes
    pick 9dff55b2 existing commit comments
    squash ebb1a730 existing commit comments
    squash 07cc5b50 existing commit comments
    reword 9dff55b2 existing commit comments
    ```
 3. Save and close the editor. The next editor window opens: (edit the new commit message). *If you select reword for a commit, an additional editor window will open for you to edit the comment.*
    ```bash
    new commit comments
    Signed-off-by: yourname <your email address>
    ```
 4. Save and close the editor for the rebase process to execute. The terminal output should say something like the following:
    ```bash
    Successfully rebased and updated refs/heads/mytopic.
    ```
 5. Once you have a successful rebase, and before you sync your local clone, you have to force push origin to update your repo:
    ```bash
    git push -f origin
    ```
 6. Continue on from step #7 from [Forking and Cloning from GitHub to GitHub](#forking-and-cloning-from-github-to-github)
--- a/README.md
+++ b/README.md
@@ -1,14 +1,22 @@
 <!-- markdownlint-configure-file { "MD004": { "style": "consistent" } } -->
 <!-- markdownlint-disable MD033 -->
 <p align="center">
-<a href="https://pi-hole.net"><img src="https://pi-hole.github.io/graphics/Vortex/Vortex_with_text.png" width="150" height="255" alt="Pi-hole"></a><br/>
+    <a href="https://pi-hole.net/">
-<b>Network-wide ad blocking via your own Linux hardware</b><br/>
+        <img src="https://pi-hole.github.io/graphics/Vortex/Vortex_with_Wordmark.svg" width="150" height="260" alt="Pi-hole">
    </a>
    <br>
    <strong>Network-wide ad blocking via your own Linux hardware</strong>
 </p>
 <!-- markdownlint-enable MD033 -->
-The Pi-hole[®](https://pi-hole.net/trademark-rules-and-brand-guidelines/) is a [DNS sinkhole](https://en.wikipedia.org/wiki/DNS_Sinkhole) that protects your devices from unwanted content, without installing any client-side software.
+#
- **Easy-to-install**: our versatile installer walks you through the process, and [takes less than ten minutes](https://www.youtube.com/watch?v=vKWjx1AQYgs)
+The Pi-hole® is a [DNS sinkhole](https://en.wikipedia.org/wiki/DNS_Sinkhole) that protects your devices from unwanted content, without installing any client-side software.
 - **Easy-to-install**: our versatile installer walks you through the process, and takes less than ten minutes
 - **Resolute**: content is blocked in _non-browser locations_, such as ad-laden mobile apps and smart TVs
 - **Responsive**: seamlessly speeds up the feel of everyday browsing by caching DNS queries
- **Lightweight**: runs smoothly with [minimal hardware and software requirements](https://discourse.pi-hole.net/t/hardware-software-requirements/273)
+- **Lightweight**: runs smoothly with [minimal hardware and software requirements](https://docs.pi-hole.net/main/prerequisites/)
 - **Robust**: a command line interface that is quality assured for interoperability
 - **Insightful**: a beautiful responsive Web Interface dashboard to view and control your Pi-hole
 - **Versatile**: can optionally function as a [DHCP server](https://discourse.pi-hole.net/t/how-do-i-use-pi-holes-built-in-dhcp-server-and-why-would-i-want-to/3026), ensuring *all* your devices are protected automatically
@@ -17,32 +25,35 @@ The Pi-hole[®](https://pi-hole.net/trademark-rules-and-brand-guidelines/) is a
 - **Free**: open source software which helps ensure _you_ are the sole person in control of your privacy
 -----
-[![Codacy Badge](https://api.codacy.com/project/badge/Grade/c558a0f8d7124c99b02b84f0f5564238)](https://www.codacy.com/app/Pi-hole/pi-hole?utm_source=github.com&amp;utm_medium=referral&amp;utm_content=pi-hole/pi-hole&amp;utm_campaign=Badge_Grade)
+
-[![Build Status](https://travis-ci.org/pi-hole/pi-hole.svg?branch=development)](https://travis-ci.org/pi-hole/pi-hole)
+Master [![Build Status](https://travis-ci.com/pi-hole/pi-hole.svg?branch=master)](https://travis-ci.com/pi-hole/pi-hole) Development [![Build Status](https://travis-ci.com/pi-hole/pi-hole.svg?branch=development)](https://travis-ci.com/pi-hole/pi-hole)
 [![BountySource](https://www.bountysource.com/badge/tracker?tracker_id=3011939)](https://www.bountysource.com/trackers/3011939-pi-hole-pi-hole?utm_source=3011939&utm_medium=shield&utm_campaign=TRACKER_BADGE)
 ## One-Step Automated Install
 Those who want to get started quickly and conveniently may install Pi-hole using the following command:
-#### `curl -sSL https://install.pi-hole.net | bash`
+### `curl -sSL https://install.pi-hole.net | bash`
 ## Alternative Install Methods
-[Piping to `bash` is controversial](https://pi-hole.net/2016/07/25/curling-and-piping-to-bash), as it prevents you from [reading code that is about to run](https://github.com/pi-hole/pi-hole/blob/master/automated%20install/basic-install.sh) on your system. Therefore, we provide these alternative installation methods which allow code review before installation:
+
 Piping to `bash` is [controversial](https://pi-hole.net/2016/07/25/curling-and-piping-to-bash), as it prevents you from [reading code that is about to run](https://github.com/pi-hole/pi-hole/blob/master/automated%20install/basic-install.sh) on your system. Therefore, we provide these alternative installation methods which allow code review before installation:
 ### Method 1: Clone our repository and run
-```
+
 ```bash
 git clone --depth 1 https://github.com/pi-hole/pi-hole.git Pi-hole
 cd "Pi-hole/automated install/"
 sudo bash basic-install.sh
 ```
 ### Method 2: Manually download the installer and run
-```
+
 ```bash
 wget -O basic-install.sh https://install.pi-hole.net
 sudo bash basic-install.sh
 ```
-## Post-install: Make your network take advantage of Pi-hole
+## [Post-install: Make your network take advantage of Pi-hole](https://docs.pi-hole.net/main/post-install/)
 Once the installer has been run, you will need to [configure your router to have **DHCP clients use Pi-hole as their DNS server**](https://discourse.pi-hole.net/t/how-do-i-configure-my-devices-to-use-pi-hole-as-their-dns-server/245) which ensures that all devices connecting to your network will have content blocked without any further intervention.
@@ -53,161 +64,102 @@ As a last resort, you can always manually set each device to use Pi-hole as thei
 -----
 ## Pi-hole is free, but powered by your support
 There are many reoccurring costs involved with maintaining free, open source, and privacy-respecting software; expenses which [our volunteer developers](https://github.com/orgs/pi-hole/people) pitch in to cover out-of-pocket. This is just one example of how strongly we feel about our software, as well as the importance of keeping it maintained.
 Make no mistake: **your support is absolutely vital to help keep us innovating!**
-### Donations
+### [Donations](https://pi-hole.net/donate)
 Sending a donation using our links below is **extremely helpful** in offsetting a portion of our monthly expenses:
- <img src="https://pi-hole.github.io/graphics/Badges/paypal-badge-black.svg" width="24" height="24" alt="PP"/> <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=3J2L3Z4DHW9UY">Donate via PayPal</a><br/>
+Sending a donation using our Sponsor Button is **extremely helpful** in offsetting a portion of our monthly expenses:
 - <img src="https://pi-hole.github.io/graphics/Badges/bitcoin-badge-black.svg" width="24" height="24" alt="BTC"/> [Bitcoin, Bitcoin Cash, Ethereum, Litecoin](https://commerce.coinbase.com/checkout/dd304d04-f324-4a77-931b-0db61c77a41b)
 ### Alternative support
-If you'd rather not [donate](https://pi-hole.net/donate/) (_which is okay!_), there are other ways you can help support us:
+
 If you'd rather not donate (_which is okay!_), there are other ways you can help support us:
 - [Patreon](https://patreon.com/pihole) _Become a patron for rewards_
- [Digital Ocean](http://www.digitalocean.com/?refcode=344d234950e1) _affiliate link_
+- [Digital Ocean](https://www.digitalocean.com/?refcode=344d234950e1) _affiliate link_
 - [Stickermule](https://www.stickermule.com/unlock?ref_id=9127301701&utm_medium=link&utm_source=invite) _earn a $10 credit after your first purchase_
 - [Pi-hole Swag Store](https://pi-hole.net/shop/) _affiliate link_
 - [Amazon](http://www.amazon.com/exec/obidos/redirect-home/pihole09-20) _affiliate link_
 - [DNS Made Easy](https://cp.dnsmadeeasy.com/u/133706) _affiliate link_
 - [Vultr](http://www.vultr.com/?ref=7190426) _affiliate link_
 - Spreading the word about our software, and how you have benefited from it
 ### Contributing via GitHub
 We welcome _everyone_ to contribute to issue reports, suggest new features, and create pull requests.
 If you have something to add - anything from a typo through to a whole new feature, we're happy to check it out! Just make sure to fill out our template when submitting your request; the questions that it asks will help the volunteers quickly understand what you're aiming to achieve.
 You'll find that the [install script](https://github.com/pi-hole/pi-hole/blob/master/automated%20install/basic-install.sh) and the [debug script](https://github.com/pi-hole/pi-hole/blob/master/advanced/Scripts/piholeDebug.sh) have an abundance of comments, which will help you better understand how Pi-hole works. They're also a valuable resource to those who want to learn how to write scripts or code a program! We encourage anyone who likes to tinker to read through it and submit a pull request for us to review.
 ### Presentations about Pi-hole
 Word-of-mouth continues to help our project grow immensely, and so we are helping make this easier for people.
 If you are going to be presenting Pi-hole at a conference, meetup or even a school project, [get in touch with us](https://pi-hole.net/2017/05/17/giving-a-presentation-on-pi-hole-contact-us-first-for-some-goodies-and-support/) so we can hook you up with free swag to hand out to your audience!
 -----
 ## Getting in touch with us
 While we are primarily reachable on our <a href="https://discourse.pi-hole.net/">Discourse User Forum</a>, we can also be found on a variety of social media outlets. **Please be sure to check the FAQ's** before starting a new discussion, as we do not have the spare time to reply to every request for assistance.
-<ul>
+While we are primarily reachable on our [Discourse User Forum](https://discourse.pi-hole.net/), we can also be found on a variety of social media outlets. **Please be sure to check the FAQ's** before starting a new discussion, as we do not have the spare time to reply to every request for assistance.
-  <li><a href="https://discourse.pi-hole.net/c/faqs">Frequently Asked Questions</a></li>
+
-  <li><a href="https://github.com/pi-hole/pi-hole/wiki">Pi-hole Wiki</a></li>
+- [Frequently Asked Questions](https://discourse.pi-hole.net/c/faqs)
-  <li><a href="https://discourse.pi-hole.net/c/feature-requests?order=votes">Feature Requests</a></li>
+- [Feature Requests](https://discourse.pi-hole.net/c/feature-requests?order=votes)
-  <li><a href="https://discourse.pi-hole.net/">Discourse User Forum</a></li>
+- [Reddit](https://www.reddit.com/r/pihole/)
-  <li><a href="https://www.reddit.com/r/pihole/">Reddit</a></li>
+- [Twitter](https://twitter.com/The_Pi_hole)
  <li><a href="https://gitter.im/pi-hole/pi-hole">Gitter</a> (Real-time chat)</li>
  <li><a href="https://twitter.com/The_Pi_Hole">Twitter</a></li>
  <li><a href="https://www.youtube.com/channel/UCT5kq9w0wSjogzJb81C9U0w">YouTube</a></li>
  <li><a href="https://www.facebook.com/ThePiHole/">Facebook</a></li>
 </ul>
 -----
 ## Breakdown of Features
 ### The Command Line Interface
 The `pihole` command has all the functionality necessary to be able to fully administer the Pi-hole, without the need of the Web Interface. It's fast, user-friendly, and auditable by anyone with an understanding of `bash`.
-<a href="https://pi-hole.github.io/graphics/Screenshots/blacklist-cli.gif"><img src="https://pi-hole.github.io/graphics/Screenshots/blacklist-cli.gif" alt="Pi-hole Blacklist Demo"/></a>
+### The Command Line Interface
 The [pihole](https://docs.pi-hole.net/core/pihole-command/) command has all the functionality necessary to be able to fully administer the Pi-hole, without the need of the Web Interface. It's fast, user-friendly, and auditable by anyone with an understanding of `bash`.
 ![Pi-hole Blacklist Demo](https://pi-hole.github.io/graphics/Screenshots/blacklist-cli.gif)
 Some notable features include:
 * [Whitelisting, Blacklisting and Wildcards](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#whitelisting-blacklisting-and-wildcards)
 * [Debugging utility](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#debugger)
 * [Viewing the live log file](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#tail)
 * [Real-time Statistics via `ssh`](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#chronometer) or [your TFT LCD screen](http://www.amazon.com/exec/obidos/ASIN/B00ID39LM4/pihole09-20)
 * [Updating Ad Lists](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#gravity)
 * [Querying Ad Lists for blocked domains](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#query)
 * [Enabling and Disabling Pi-hole](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown#enable--disable)
 * ... and *many* more!
-You can read our [Core Feature Breakdown](https://github.com/pi-hole/pi-hole/wiki/Core-Function-Breakdown), as well as read up on [example usage](https://discourse.pi-hole.net/t/the-pihole-command-with-examples/738) for more information.
+- [Whitelisting, Blacklisting and Regex](https://docs.pi-hole.net/core/pihole-command/#whitelisting-blacklisting-and-regex)
 - [Debugging utility](https://docs.pi-hole.net/core/pihole-command/#debugger)
 - [Viewing the live log file](https://docs.pi-hole.net/core/pihole-command/#tail)
 - [Updating Ad Lists](https://docs.pi-hole.net/core/pihole-command/#gravity)
 - [Querying Ad Lists for blocked domains](https://docs.pi-hole.net/core/pihole-command/#query)
 - [Enabling and Disabling Pi-hole](https://docs.pi-hole.net/core/pihole-command/#enable-disable)
 - ... and *many* more!
 You can read our [Core Feature Breakdown](https://docs.pi-hole.net/core/pihole-command/#pi-hole-core) for more information.
 ### The Web Interface Dashboard
 This [optional dashboard](https://github.com/pi-hole/AdminLTE) allows you to view stats, change settings, and configure your Pi-hole. It's the power of the Command Line Interface, with none of the learning curve!
-<img src="https://pi-hole.github.io/graphics/Screenshots/pihole-dashboard.png"  alt="Pi-hole Dashboard"/></a>
+![Pi-hole Dashboard](https://pi-hole.github.io/graphics/Screenshots/pihole-dashboard.png)
 Some notable features include:
-* Mobile friendly interface
+
-* Password protection
+- Mobile friendly interface
-* Detailed graphs and doughnut charts
+- Password protection
-* Top lists of domains and clients
+- Detailed graphs and doughnut charts
-* A filterable and sortable query log
+- Top lists of domains and clients
-* Long Term Statistics to view data over user-defined time ranges
+- A filterable and sortable query log
-* The ability to easily manage and configure Pi-hole features
+- Long Term Statistics to view data over user-defined time ranges
-* ... and all the main features of the Command Line Interface!
+- The ability to easily manage and configure Pi-hole features
 - ... and all the main features of the Command Line Interface!
 There are several ways to [access the dashboard](https://discourse.pi-hole.net/t/how-do-i-access-pi-holes-dashboard-admin-interface/3168):
-1. `http://<IP_ADDPRESS_OF_YOUR_PI_HOLE>/admin/`
+1. `http://pi.hole/admin/` (when using Pi-hole as your DNS server)
-2. `http://pi.hole/admin/` (when using Pi-hole as your DNS server)
+2. `http://<IP_ADDPRESS_OF_YOUR_PI_HOLE>/admin/`
 3. `http://pi.hole/` (when using Pi-hole as your DNS server)
 ## Faster-than-light Engine
 FTLDNS is a lightweight, purpose-built daemon used to provide statistics needed for the Web Interface, and its API can be easily integrated into your own projects. As the name implies, FTLDNS does this all *very quickly*!
 Some of the statistics you can integrate include:
 * Total number of domains being blocked
 * Total number of DNS queries today
 * Total number of ads blocked today
 * Percentage of ads blocked
 * Unique domains
 * Queries forwarded (to your chosen upstream DNS server)
 * Queries cached
 * Unique clients
-The API can be accessed via [`telnet`](https://github.com/pi-hole/FTL), the Web (`admin/api.php`) and Command Line (`pihole -c -j`). You can out find [more details over here](https://discourse.pi-hole.net/t/pi-hole-api/1863).
+- Total number of domains being blocked
 - Total number of DNS queries today
 - Total number of ads blocked today
 - Percentage of ads blocked
 - Unique domains
 - Queries forwarded (to your chosen upstream DNS server)
 - Queries cached
 - Unique clients
-----
+The API can be accessed via [`telnet`](https://github.com/pi-hole/FTL), the Web (`admin/api.php`) and Command Line (`pihole -c -j`). You can find out [more details over here](https://discourse.pi-hole.net/t/pi-hole-api/1863).
 ## The Origin Of Pi-hole
 Pi-hole being an **advertising-aware DNS/Web server**, makes use of the following technologies:
 * [`dnsmasq`](http://www.thekelleys.org.uk/dnsmasq/doc.html) - a lightweight DNS and DHCP server
 * [`curl`](https://curl.haxx.se) - A command line tool for transferring data with URL syntax
 * [`lighttpd`](https://www.lighttpd.net) - web server designed and optimized for high performance
 * [`php`](https://secure.php.net) - a popular general-purpose web scripting language
 * [AdminLTE Dashboard](https://github.com/almasaeed2010/AdminLTE) - premium admin control panel based on Bootstrap 3.x
 While quite outdated at this point, [this original blog post about Pi-hole](https://jacobsalmela.com/2015/06/16/block-millions-ads-network-wide-with-a-raspberry-pi-hole-2-0/) goes into **great detail** about how Pi-hole was originally set up and how it works. Syntactically, it's no longer accurate, but the same basic principles and logic still apply to Pi-hole's current state.
 -----
 ## Coverage
 - [Lifehacker: Turn A Raspberry Pi Into An Ad Blocker With A Single Command](https://www.lifehacker.com.au/2015/02/turn-a-raspberry-pi-into-an-ad-blocker-with-a-single-command/) (February, 2015)
 - [MakeUseOf: Adblock Everywhere: The Raspberry Pi-Hole Way](http://www.makeuseof.com/tag/adblock-everywhere-raspberry-pi-hole-way/) (March, 2015)
 - [Catchpoint: Ad-Blocking on Apple iOS9: Valuing the End User Experience](http://blog.catchpoint.com/2015/09/14/ad-blocking-apple/) (September, 2015)
 - [Security Now Netcast: Pi-hole](https://www.youtube.com/watch?v=p7-osq_y8i8&t=100m26s) (October, 2015)
 - [TekThing: Raspberry Pi-Hole Makes Ads Disappear!](https://youtu.be/8Co59HU2gY0?t=2m) (December, 2015)
 - [Foolish Tech Show](https://youtu.be/bYyena0I9yc?t=2m4s) (December, 2015)
 - [Block Ads on All Home Devices for $53.18](https://medium.com/@robleathern/block-ads-on-all-home-devices-for-53-18-a5f1ec139693#.gj1xpgr5d) (December, 2015)
 - [Pi-Hole for Ubuntu 14.04](http://www.boyter.org/2015/12/pi-hole-ubuntu-14-04/) (December, 2015)
 - [MacObserver Podcast 585](https://www.macobserver.com/tmo/podcast/macgeekgab-585) (December, 2015)
 - [The Defrag Show: Endoscope USB Camera, The Final [HoloLens] Vote, Adblock Pi and more](https://channel9.msdn.com/Shows/The-Defrag-Show/Defrag-Endoscope-USB-Camera-The-Final-HoloLens-Vote-Adblock-Pi-and-more?WT.mc_id=dlvr_twitter_ch9#time=20m39s) (January, 2016)
 - [Adafruit: Pi-hole is a black hole for internet ads](https://blog.adafruit.com/2016/03/04/pi-hole-is-a-black-hole-for-internet-ads-piday-raspberrypi-raspberry_pi/) (March, 2016)
 - [Digital Trends: 5 Fun, Easy Projects You Can Try With a $35 Raspberry Pi](https://youtu.be/QwrKlyC2kdM?t=1m42s) (March, 2016)
 - [Adafruit: Raspberry Pi Quick Look at Pi Hole ad blocking server with Tony D](https://www.youtube.com/watch?v=eg4u2j1HYlI) (June, 2016)
 - [Devacron: OrangePi Zero as an Ad-Block server with Pi-Hole](http://www.devacron.com/orangepi-zero-as-an-ad-block-server-with-pi-hole/) (December, 2016)
 - [Linux Pro: The Hole Truth](http://www.linuxpromagazine.com/Issues/2017/200/The-sysadmin-s-daily-grind-Pi-hole) (July, 2017)
 - [Adafruit: installing Pi-hole on a Pi Zero W](https://learn.adafruit.com/pi-hole-ad-blocker-with-pi-zero-w/install-pi-hole) (August, 2017)
 - [CryptoAUSTRALIA: How We Tried 5 Privacy Focused Raspberry Pi Projects](https://blog.cryptoaustralia.org.au/2017/10/05/5-privacy-focused-raspberry-pi-projects/) (October, 2017)
 - [CryptoAUSTRALIA: Pi-hole Workshop](https://blog.cryptoaustralia.org.au/2017/11/02/pi-hole-network-wide-ad-blocker/) (November, 2017)
 - [Know How 355: Killing ads with a Raspberry Pi-Hole!](https://www.twit.tv/shows/know-how/episodes/355) (November, 2017)
 - [Hobohouse: Block Advertising on your Network with Pi-hole and Raspberry Pi](https://hobo.house/2018/02/27/block-advertising-with-pi-hole-and-raspberry-pi/) (March, 2018)
 - [Scott Helme: Securing DNS across all of my devices with Pi-Hole + DNS-over-HTTPS + 1.1.1.1](https://scotthelme.co.uk/securing-dns-across-all-of-my-devices-with-pihole-dns-over-https-1-1-1-1/) (April, 2018)
 - [Scott Helme: Catching and dealing with naughty devices on my home network](https://scotthelme.co.uk/catching-naughty-devices-on-my-home-network/) (April, 2018)
 - [Bloomberg Business Week: Brotherhood of the Ad blockers](https://www.bloomberg.com/news/features/2018-05-10/inside-the-brotherhood-of-pi-hole-ad-blockers) (May, 2018)
 - [Software Engineering Daily: Interview with the creator of Pi-hole](https://softwareengineeringdaily.com/2018/05/29/pi-hole-ad-blocker-hardware-with-jacob-salmela/) (May, 2018)
 - [Raspberry Pi: Block ads at home using Pi-hole and a Raspberry Pi](https://www.raspberrypi.org/blog/pi-hole-raspberry-pi/) (July, 2018)
 - [Troy Hunt: Mmm... Pi-hole...](https://www.troyhunt.com/mmm-pi-hole/) (September, 2018)
 - [PEBKAK Podcast: Interview With Jacob Salmela](https://www.jerseystudios.net/2018/10/11/150-pi-hole/) (October, 2018)
 -----
 ## Pi-hole Projects
 - [The Big Blocklist Collection](https://wally3k.github.io)
 - [Pie in the Sky-Hole](https://dlaa.me/blog/post/skyhole)
 - [Copernicus: Windows Tray Application](https://github.com/goldbattle/copernicus)
 - [Magic Mirror with DNS Filtering](https://zonksec.com/blog/magic-mirror-dns-filtering/#dnssoftware)
 - [Windows DNS Swapper](https://github.com/roots84/DNS-Swapper)
--- a/advanced/01-pihole.conf
+++ b/advanced/01-pihole.conf
@@ -34,7 +34,7 @@ server=@DNS2@
 interface=@INT@
-cache-size=10000
+cache-size=@CACHE_SIZE@
 log-queries
 log-facility=/var/log/pihole.log
--- a/advanced/Scripts/COL_TABLE
+++ b/advanced/Scripts/COL_TABLE
@@ -1,7 +1,7 @@
-# Determine if terminal is capable of showing colours
+# Determine if terminal is capable of showing colors
 if [[ -t 1 ]] && [[ $(tput colors) -ge 8 ]]; then
  # Bold and underline may not show up on all clients
-  # If something MUST be emphasised, use both
+  # If something MUST be emphasized, use both
  COL_BOLD='[1m'
  COL_ULINE='[4m'
--- a/advanced/Scripts/chronometer.sh
+++ b/advanced/Scripts/chronometer.sh
@@ -13,7 +13,7 @@ LC_NUMERIC=C
 # Retrieve stats from FTL engine
 pihole-FTL() {
-    ftl_port=$(cat /var/run/pihole-FTL.port 2> /dev/null)
+    ftl_port=$(cat /run/pihole-FTL.port 2> /dev/null)
    if [[ -n "$ftl_port" ]]; then
        # Open connection to FTL
        exec 3<>"/dev/tcp/127.0.0.1/$ftl_port"
@@ -72,7 +72,7 @@ printFunc() {
    # Remove excess characters from main text
    if [[ "$text_main_len" -gt "$text_main_max_len" ]]; then
-        # Trim text without colours
+        # Trim text without colors
        text_main_trim="${text_main_nocol:0:$text_main_max_len}"
        # Replace with trimmed text
        text_main="${text_main/$text_main_nocol/$text_main_trim}"
@@ -88,7 +88,7 @@ printFunc() {
    [[ "$spc_num" -le 0 ]] && spc_num="0"
    spc=$(printf "%${spc_num}s")
-    #spc="${spc// /.}" # Debug: Visualise spaces
+    #spc="${spc// /.}" # Debug: Visualize spaces
    printf "%s%s$spc" "$title" "$text_main"
@@ -131,7 +131,7 @@ get_init_stats() {
        printf "%s%02d:%02d:%02d\\n" "$days" "$hrs" "$mins" "$secs"
    }
-    # Set Colour Codes
+    # Set Color Codes
    coltable="/opt/pihole/COL_TABLE"
    if [[ -f "${coltable}" ]]; then
        source ${coltable}
@@ -153,7 +153,7 @@ get_init_stats() {
        sys_throttle_raw=$(vgt=$(sudo vcgencmd get_throttled); echo "${vgt##*x}")
-        # Active Throttle Notice: http://bit.ly/2gnunOo
+        # Active Throttle Notice: https://bit.ly/2gnunOo
        if [[ "$sys_throttle_raw" != "0" ]]; then
            case "$sys_throttle_raw" in
                *0001) thr_type="${COL_YELLOW}Under Voltage";;
@@ -228,15 +228,21 @@ get_sys_stats() {
        mapfile -t ph_ver_raw < <(pihole -v -c 2> /dev/null | sed -n 's/^.* v/v/p')
        if [[ -n "${ph_ver_raw[0]}" ]]; then
            ph_core_ver="${ph_ver_raw[0]}"
-            ph_lte_ver="${ph_ver_raw[1]}"
+            if [[ ${#ph_ver_raw[@]} -eq 2 ]]; then
-            ph_ftl_ver="${ph_ver_raw[2]}"
+                # AdminLTE not installed
                ph_lte_ver="(not installed)"
                ph_ftl_ver="${ph_ver_raw[1]}"
            else
                ph_lte_ver="${ph_ver_raw[1]}"
                ph_ftl_ver="${ph_ver_raw[2]}"
            fi
        else
            ph_core_ver="-1"
        fi
        sys_name=$(hostname)
-        [[ -n "$TEMPERATUREUNIT" ]] && temp_unit="$TEMPERATUREUNIT" || temp_unit="c"
+        [[ -n "$TEMPERATUREUNIT" ]] && temp_unit="${TEMPERATUREUNIT^^}" || temp_unit="C"
        # Get storage stats for partition mounted on /
        read -r -a disk_raw <<< "$(df -B1 / 2> /dev/null | awk 'END{ print $3,$2,$5 }')"
@@ -269,7 +275,7 @@ get_sys_stats() {
    scr_lines="${scr_size[0]}"
    scr_cols="${scr_size[1]}"
-    # Determine Chronometer size behaviour
+    # Determine Chronometer size behavior
    if [[ "$scr_cols" -ge 58 ]]; then
        chrono_width="large"
    elif [[ "$scr_cols" -gt 40 ]]; then
@@ -308,7 +314,7 @@ get_sys_stats() {
        [[ "${cpu_freq}" == *".0"* ]] && cpu_freq="${cpu_freq/.0/}"
    fi
-    # Determine colour for temperature
+    # Determine color for temperature
    if [[ -n "$temp_file" ]]; then
        if [[ "$temp_unit" == "C" ]]; then
            cpu_temp=$(printf "%.0fc\\n" "$(calcFunc "$(< $temp_file) / 1000")")
--- a/advanced/Scripts/database_migration/gravity-db.sh
+++ b/advanced/Scripts/database_migration/gravity-db.sh
@@ -110,4 +110,10 @@ upgrade_gravityDB(){
 		sqlite3 "${database}" < "${scriptPath}/11_to_12.sql"
 		version=12
 	fi
 	if [[ "$version" == "12" ]]; then
 		# Add column date_updated to alist table
 		echo -e "  ${INFO} Upgrading gravity database from version 12 to 13"
 		sqlite3 "${database}" < "${scriptPath}/12_to_13.sql"
 		version=13
 	fi
 }
--- a/advanced/Scripts/database_migration/gravity/12_to_13.sql
+++ b/advanced/Scripts/database_migration/gravity/12_to_13.sql
@@ -0,0 +1,18 @@
 .timeout 30000
 PRAGMA FOREIGN_KEYS=OFF;
 BEGIN TRANSACTION;
 ALTER TABLE adlist ADD COLUMN date_updated INTEGER;
 DROP TRIGGER tr_adlist_update;
 CREATE TRIGGER tr_adlist_update AFTER UPDATE OF address,enabled,comment ON adlist
    BEGIN
      UPDATE adlist SET date_modified = (cast(strftime('%s', 'now') as int)) WHERE id = NEW.id;
    END;
 UPDATE info SET value = 13 WHERE property = 'version';
 COMMIT;
--- a/advanced/Scripts/list.sh
+++ b/advanced/Scripts/list.sh
@@ -231,7 +231,15 @@ Displaylist() {
 }
 NukeList() {
-    sqlite3 "${gravityDBfile}" "DELETE FROM domainlist WHERE type = ${typeId};"
+    count=$(sqlite3 "${gravityDBfile}" "SELECT COUNT(1) FROM domainlist WHERE type = ${typeId};")
    listname="$(GetListnameFromTypeId "${typeId}")"    
    if [ "$count" -gt 0 ];then
        sqlite3 "${gravityDBfile}" "DELETE FROM domainlist WHERE type = ${typeId};"
        echo "  ${TICK} Removed ${count} domain(s) from the ${listname}"
    else
        echo "  ${INFO} ${listname} already empty. Nothing to do!"
    fi    
    exit 0;
 }
 GetComment() {
--- a/advanced/Scripts/pihole-reenable.sh
+++ b/advanced/Scripts/pihole-reenable.sh
@@ -0,0 +1,23 @@
 #!/bin/bash
 # Pi-hole: A black hole for Internet advertisements
 # (c) 2020 Pi-hole, LLC (https://pi-hole.net)
 # Network-wide ad blocking via your own hardware.
 #
 # This file is copyright under the latest version of the EUPL.
 # Please see LICENSE file for your rights under this license.
 #
 #
 # The pihole disable command has the option to set a specified time before
 # blocking is automatically re-enabled.
 #
 # Present script is responsible for the sleep & re-enable part of the job and
 # is automatically terminated if it is still running when pihole is enabled by
 # other means.
 #
 # This ensures that pihole ends up in the correct state after a sequence of
 # commands suchs as: `pihole disable 30s; pihole enable; pihole disable`
 readonly PI_HOLE_BIN_DIR="/usr/local/bin"
 sleep "${1}"
 "${PI_HOLE_BIN_DIR}"/pihole enable
--- a/advanced/Scripts/piholeCheckout.sh
+++ b/advanced/Scripts/piholeCheckout.sh
@@ -3,7 +3,7 @@
 # (c) 2017 Pi-hole, LLC (https://pi-hole.net)
 # Network-wide ad blocking via your own hardware.
 #
-# Switch Pi-hole subsystems to a different Github branch.
+# Switch Pi-hole subsystems to a different GitHub branch.
 #
 # This file is copyright under the latest version of the EUPL.
 # Please see LICENSE file for your rights under this license.
@@ -36,7 +36,7 @@ warning1() {
            return 0
            ;;
        *)
-            echo -e "\\n  ${INFO} Branch change has been cancelled"
+            echo -e "\\n  ${INFO} Branch change has been canceled"
            return 1
            ;;
    esac
@@ -84,7 +84,7 @@ checkout() {
        echo -e "  ${INFO} Shortcut \"dev\" detected - checking out development / devel branches..."
        echo ""
        echo -e "  ${INFO} Pi-hole Core"
-        fetch_checkout_pull_branch "${PI_HOLE_FILES_DIR}" "development" || { echo "  ${CROSS} Unable to pull Core developement branch"; exit 1; }
+        fetch_checkout_pull_branch "${PI_HOLE_FILES_DIR}" "development" || { echo "  ${CROSS} Unable to pull Core development branch"; exit 1; }
        if [[ "${INSTALL_WEB_INTERFACE}" == "true" ]]; then
            echo ""
            echo -e "  ${INFO} Web interface"
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -46,8 +46,9 @@ OBFUSCATED_PLACEHOLDER="<DOMAIN OBFUSCATED>"
 # FAQ URLs for use in showing the debug log
 FAQ_UPDATE_PI_HOLE="${COL_CYAN}https://discourse.pi-hole.net/t/how-do-i-update-pi-hole/249${COL_NC}"
 FAQ_CHECKOUT_COMMAND="${COL_CYAN}https://discourse.pi-hole.net/t/the-pihole-command-with-examples/738#checkout${COL_NC}"
-FAQ_HARDWARE_REQUIREMENTS="${COL_CYAN}https://discourse.pi-hole.net/t/hardware-software-requirements/273${COL_NC}"
+FAQ_HARDWARE_REQUIREMENTS="${COL_CYAN}https://docs.pi-hole.net/main/prerequisites/${COL_NC}"
-FAQ_HARDWARE_REQUIREMENTS_PORTS="${COL_CYAN}https://discourse.pi-hole.net/t/hardware-software-requirements/273#ports${COL_NC}"
+FAQ_HARDWARE_REQUIREMENTS_PORTS="${COL_CYAN}https://docs.pi-hole.net/main/prerequisites/#ports${COL_NC}"
 FAQ_HARDWARE_REQUIREMENTS_FIREWALLD="${COL_CYAN}https://docs.pi-hole.net/main/prerequisites/#firewalld${COL_NC}"
 FAQ_GATEWAY="${COL_CYAN}https://discourse.pi-hole.net/t/why-is-a-default-gateway-important-for-pi-hole/3546${COL_NC}"
 FAQ_ULA="${COL_CYAN}https://discourse.pi-hole.net/t/use-ipv6-ula-addresses-for-pi-hole/2127${COL_NC}"
 FAQ_FTL_COMPATIBILITY="${COL_CYAN}https://github.com/pi-hole/FTL#compatibility-list${COL_NC}"
@@ -87,7 +88,7 @@ PIHOLE_DHCP_CONFIG_FILE="${DNSMASQ_D_DIRECTORY}/02-pihole-dhcp.conf"
 PIHOLE_WILDCARD_CONFIG_FILE="${DNSMASQ_D_DIRECTORY}/03-wildcard.conf"
 WEB_SERVER_CONFIG_FILE="${WEB_SERVER_CONFIG_DIRECTORY}/lighttpd.conf"
-#WEB_SERVER_CUSTOM_CONFIG_FILE="${WEB_SERVER_CONFIG_DIRECTORY}/external.conf"
+WEB_SERVER_CUSTOM_CONFIG_FILE="${WEB_SERVER_CONFIG_DIRECTORY}/external.conf"
 PIHOLE_INSTALL_LOG_FILE="${PIHOLE_DIRECTORY}/install.log"
 PIHOLE_RAW_BLOCKLIST_FILES="${PIHOLE_DIRECTORY}/list.*"
@@ -124,6 +125,8 @@ get_ftl_conf_value() {
 PIHOLE_GRAVITY_DB_FILE="$(get_ftl_conf_value "GRAVITYDB" "${PIHOLE_DIRECTORY}/gravity.db")"
 PIHOLE_FTL_DB_FILE="$(get_ftl_conf_value "DBFILE" "${PIHOLE_DIRECTORY}/pihole-FTL.db")"
 PIHOLE_COMMAND="${BIN_DIRECTORY}/pihole"
 PIHOLE_COLTABLE_FILE="${BIN_DIRECTORY}/COL_TABLE"
@@ -138,7 +141,7 @@ PIHOLE_FTL_LOG="$(get_ftl_conf_value "LOGFILE" "${LOG_DIRECTORY}/pihole-FTL.log"
 PIHOLE_WEB_SERVER_ACCESS_LOG_FILE="${WEB_SERVER_LOG_DIRECTORY}/access.log"
 PIHOLE_WEB_SERVER_ERROR_LOG_FILE="${WEB_SERVER_LOG_DIRECTORY}/error.log"
-# An array of operating system "pretty names" that we officialy support
+# An array of operating system "pretty names" that we officially support
 # We can loop through the array at any time to see if it matches a value
 #SUPPORTED_OS=("Raspbian" "Ubuntu" "Fedora" "Debian" "CentOS")
@@ -166,11 +169,13 @@ REQUIRED_FILES=("${PIHOLE_CRON_FILE}"
 "${PIHOLE_DHCP_CONFIG_FILE}"
 "${PIHOLE_WILDCARD_CONFIG_FILE}"
 "${WEB_SERVER_CONFIG_FILE}"
 "${WEB_SERVER_CUSTOM_CONFIG_FILE}"
 "${PIHOLE_INSTALL_LOG_FILE}"
 "${PIHOLE_RAW_BLOCKLIST_FILES}"
 "${PIHOLE_LOCAL_HOSTS_FILE}"
 "${PIHOLE_LOGROTATE_FILE}"
 "${PIHOLE_SETUP_VARS_FILE}"
 "${PIHOLE_FTL_CONF_FILE}"
 "${PIHOLE_COMMAND}"
 "${PIHOLE_COLTABLE_FILE}"
 "${FTL_PID}"
@@ -296,11 +301,15 @@ compare_local_version_to_git_version() {
                log_write "${INFO} ${pihole_component}: ${COL_YELLOW}${remote_version:-Untagged}${COL_NC} (${FAQ_UPDATE_PI_HOLE})"
            fi
            # Print the repo upstreams
            remotes=$(git remote -v)
            log_write "${INFO} Remotes: ${remotes//$'\n'/'\n             '}"
            # If the repo is on the master branch, they are on the stable codebase
            if [[ "${remote_branch}" == "master" ]]; then
                # so the color of the text is green
                log_write "${INFO} Branch: ${COL_GREEN}${remote_branch}${COL_NC}"
-            # If it is any other branch, they are in a developement branch
+            # If it is any other branch, they are in a development branch
            else
                # So show that in yellow, signifying it's something to take a look at, but not a critical error
                log_write "${INFO} Branch: ${COL_YELLOW}${remote_branch:-Detached}${COL_NC} (${FAQ_CHECKOUT_COMMAND})"
@@ -309,7 +318,7 @@ compare_local_version_to_git_version() {
            log_write "${INFO} Commit: ${remote_commit}"
            # if `local_status` is non-null, then the repo is not clean, display details here
            if [[ ${local_status} ]]; then
-              #Replace new lines in the status with 12 spaces to make the output cleaner
+              # Replace new lines in the status with 12 spaces to make the output cleaner
              log_write "${INFO} Status: ${local_status//$'\n'/'\n            '}"
              local local_diff
              local_diff=$(git diff)
@@ -325,7 +334,17 @@ compare_local_version_to_git_version() {
            return 1
        fi
    else
-        :
+        # There is no git directory so check if the web interface was disabled
        local setup_vars_web_interface
        setup_vars_web_interface=$(< ${PIHOLE_SETUP_VARS_FILE} grep ^INSTALL_WEB_INTERFACE | cut -d '=' -f2)
        if [[ "${pihole_component}" == "Web" ]] && [[ "${setup_vars_web_interface}" == "false" ]]; then
            log_write "${INFO} ${pihole_component}: Disabled in setupVars.conf via INSTALL_WEB_INTERFACE=false"
        else
            # Return an error message
            log_write "${COL_RED}Directory ${git_dir} doesn't exist${COL_NC}"
            # and exit with a non zero code
            return 1
        fi
    fi
 }
@@ -357,14 +376,14 @@ check_component_versions() {
 get_program_version() {
    local program_name="${1}"
-    # Create a loval variable so this function can be safely reused
+    # Create a local variable so this function can be safely reused
    local program_version
    echo_current_diagnostic "${program_name} version"
    # Evalutate the program we are checking, if it is any of the ones below, show the version
    case "${program_name}" in
-        "lighttpd") program_version="$(${program_name} -v |& head -n1 | cut -d '/' -f2 | cut -d ' ' -f1)"
+        "lighttpd") program_version="$(${program_name} -v 2> /dev/null | head -n1 | cut -d '/' -f2 | cut -d ' ' -f1)"
                    ;;
-        "php") program_version="$(${program_name} -v |& head -n1 | cut -d '-' -f1 | cut -d ' ' -f2)"
+        "php") program_version="$(${program_name} -v 2> /dev/null | head -n1 | cut -d '-' -f1 | cut -d ' ' -f2)"
                ;;
        # If a match is not found, show an error
        *) echo "Unrecognized program";
@@ -387,53 +406,58 @@ check_critical_program_versions() {
    get_program_version "php"
 }
-is_os_supported() {
+os_check() {
-    local os_to_check="${1}"
+    # This function gets a list of supported OS versions from a TXT record at versions.pi-hole.net
-    # Strip just the base name of the system using sed
+    # and determines whether or not the script is running on one of those systems
-    # shellcheck disable=SC2001
+    local remote_os_domain valid_os valid_version detected_os detected_version cmdResult digReturnCode response
-    the_os=$(echo "${os_to_check}" | sed 's/ .*//')
+    remote_os_domain="versions.pi-hole.net"
    # If the variable is one of our supported OSes,
    case "${the_os}" in
        # Print it in green
        "Raspbian") log_write "${TICK} ${COL_GREEN}${os_to_check}${COL_NC}";;
        "Ubuntu") log_write "${TICK} ${COL_GREEN}${os_to_check}${COL_NC}";;
        "Fedora") log_write "${TICK} ${COL_GREEN}${os_to_check}${COL_NC}";;
        "Debian") log_write "${TICK} ${COL_GREEN}${os_to_check}${COL_NC}";;
        "CentOS") log_write "${TICK} ${COL_GREEN}${os_to_check}${COL_NC}";;
        # If not, show it in red and link to our software requirements page
        *) log_write "${CROSS} ${COL_RED}${os_to_check}${COL_NC} (${FAQ_HARDWARE_REQUIREMENTS})";
    esac
 }
-get_distro_attributes() {
+    detected_os=$(grep "\bID\b" /etc/os-release | cut -d '=' -f2 | tr -d '"')
-    # Put the current Internal Field Separator into another variable so it can be restored later
+    detected_version=$(grep VERSION_ID /etc/os-release | cut -d '=' -f2 | tr -d '"')
    OLD_IFS="$IFS"
    # Store the distro info in an array and make it global since the OS won't change,
    # but we'll keep it within the function for better unit testing
    local distro_info
    #shellcheck disable=SC2016
    IFS=$'\r\n' command eval 'distro_info=( $(cat /etc/*release) )'
-    # Set a named variable for better readability
+    cmdResult="$(dig +short -t txt ${remote_os_domain} @ns1.pi-hole.net 2>&1; echo $?)"
-    local distro_attribute
+    #Get the return code of the previous command (last line)
-    # For each line found in an /etc/*release file,
+    digReturnCode="${cmdResult##*$'\n'}"
-    for distro_attribute in "${distro_info[@]}"; do
+
-        # store the key in a variable
+    # Extract dig response
-        local pretty_name_key
+    response="${cmdResult%%$'\n'*}"
-        pretty_name_key=$(echo "${distro_attribute}" | grep "PRETTY_NAME" | cut -d '=' -f1)
+
-        # we need just the OS PRETTY_NAME,
+    IFS=" " read -r -a supportedOS < <(echo "${response}" | tr -d '"')
-        if [[ "${pretty_name_key}" == "PRETTY_NAME" ]]; then
+    for distro_and_versions in "${supportedOS[@]}"
-            # so save in in a variable when we find it
+    do
-            PRETTY_NAME_VALUE=$(echo "${distro_attribute}" | grep "PRETTY_NAME" | cut -d '=' -f2- | tr -d '"')
+        distro_part="${distro_and_versions%%=*}"
-            # then pass it as an argument that checks if the OS is supported
+        versions_part="${distro_and_versions##*=}"
-            is_os_supported "${PRETTY_NAME_VALUE}"
+
-        else
+        if [[ "${detected_os^^}" =~ ${distro_part^^} ]]; then
-            # Since we only need the pretty name, we can just skip over anything that is not a match
+            valid_os=true
-            :
+            IFS="," read -r -a supportedVer <<<"${versions_part}"
            for version in "${supportedVer[@]}"
            do
                if [[ "${detected_version}" =~ $version ]]; then
                    valid_version=true
                    break
                fi
            done
            break
        fi
    done
-    # Set the IFS back to what it was
+
-    IFS="$OLD_IFS"
+    log_write "${INFO} dig return code:  ${digReturnCode}"
    log_write "${INFO} dig response:  ${response}"
    if [ "$valid_os" = true ]; then
        log_write "${TICK} Distro:  ${COL_GREEN}${detected_os^}${COL_NC}"
        if [ "$valid_version" = true ]; then
            log_write "${TICK} Version: ${COL_GREEN}${detected_version}${COL_NC}"
        else
            log_write "${CROSS} Version: ${COL_RED}${detected_version}${COL_NC}"
            log_write "${CROSS} Error: ${COL_RED}${detected_os^} is supported but version ${detected_version} is currently unsupported (${FAQ_HARDWARE_REQUIREMENTS})${COL_NC}"
        fi
    else
        log_write "${CROSS} Distro:  ${COL_RED}${detected_os^}${COL_NC}"
        log_write "${CROSS} Error: ${COL_RED}${detected_os^} is not a supported distro (${FAQ_HARDWARE_REQUIREMENTS})${COL_NC}"
    fi
 }
 diagnose_operating_system() {
@@ -445,7 +469,7 @@ diagnose_operating_system() {
    # If there is a /etc/*release file, it's probably a supported operating system, so we can
    if ls /etc/*release 1> /dev/null 2>&1; then
        # display the attributes to the user from the function made earlier
-        get_distro_attributes
+        os_check
    else
        # If it doesn't exist, it's not a system we currently support and link to FAQ
        log_write "${CROSS} ${COL_RED}${error_msg}${COL_NC} (${FAQ_HARDWARE_REQUIREMENTS})"
@@ -482,6 +506,58 @@ check_selinux() {
    fi
 }
 check_firewalld() {
    # FirewallD ships by default on Fedora/CentOS/RHEL and enabled upon clean install
    # FirewallD is not configured by the installer and is the responsibility of the user
    echo_current_diagnostic "FirewallD"
    # Check if FirewallD service is enabled
    if command -v systemctl &> /dev/null; then
        # get its status via systemctl
        local firewalld_status
        firewalld_status=$(systemctl is-active firewalld)
        log_write "${INFO} ${COL_GREEN}Firewalld service ${firewalld_status}${COL_NC}";
        if [ "${firewalld_status}" == "active" ]; then
            # test common required service ports
            local firewalld_enabled_services
            firewalld_enabled_services=$(firewall-cmd --list-services)
            local firewalld_expected_services=("http" "dns" "dhcp" "dhcpv6")
            for i in "${firewalld_expected_services[@]}"; do
                if [[ "${firewalld_enabled_services}" =~ ${i} ]]; then
                    log_write "${TICK} ${COL_GREEN}  Allow Service: ${i}${COL_NC}";
                else
                    log_write "${CROSS} ${COL_RED}  Allow Service: ${i}${COL_NC} (${FAQ_HARDWARE_REQUIREMENTS_FIREWALLD})"
                fi
            done
            # check for custom FTL FirewallD zone
            local firewalld_zones
            firewalld_zones=$(firewall-cmd --get-zones)
            if [[ "${firewalld_zones}" =~ "ftl" ]]; then
                log_write "${TICK} ${COL_GREEN}FTL Custom Zone Detected${COL_NC}";
                # check FTL custom zone interface: lo
                local firewalld_ftl_zone_interfaces
                firewalld_ftl_zone_interfaces=$(firewall-cmd --zone=ftl --list-interfaces)
                if [[ "${firewalld_ftl_zone_interfaces}" =~ "lo" ]]; then
                    log_write "${TICK} ${COL_GREEN}  Local Interface Detected${COL_NC}";
                else
                    log_write "${CROSS} ${COL_RED}  Local Interface Not Detected${COL_NC} (${FAQ_HARDWARE_REQUIREMENTS_FIREWALLD})"
                fi
                # check FTL custom zone port: 4711
                local firewalld_ftl_zone_ports
                firewalld_ftl_zone_ports=$(firewall-cmd --zone=ftl --list-ports)
                if [[ "${firewalld_ftl_zone_ports}" =~ "4711/tcp" ]]; then
                    log_write "${TICK} ${COL_GREEN}  FTL Port 4711/tcp Detected${COL_NC}";
                else
                    log_write "${CROSS} ${COL_RED}  FTL Port 4711/tcp Not Detected${COL_NC} (${FAQ_HARDWARE_REQUIREMENTS_FIREWALLD})"
                fi
            else
                log_write "${CROSS} ${COL_RED}FTL Custom Zone Not Detected${COL_NC} (${FAQ_HARDWARE_REQUIREMENTS_FIREWALLD})"
            fi
        fi
    else
        log_write "${TICK} ${COL_GREEN}Firewalld service not detected${COL_NC}";
    fi
 }
 processor_check() {
    echo_current_diagnostic "Processor"
    # Store the processor type in a variable
@@ -494,7 +570,7 @@ processor_check() {
    else
        # Check if the architecture is currently supported for FTL
        case "${PROCESSOR}" in
-            "amd64") log_write "${TICK} ${COL_GREEN}${PROCESSOR}${COL_NC}"
+            "amd64" | "x86_64") log_write "${TICK} ${COL_GREEN}${PROCESSOR}${COL_NC}"
                ;;
            "armv6l") log_write "${TICK} ${COL_GREEN}${PROCESSOR}${COL_NC}"
                ;;
@@ -747,7 +823,7 @@ check_x_headers() {
    # Do it for the dashboard as well, as the header is different than above
    local dashboard
    dashboard=$(curl -Is localhost/admin/ | awk '/X-Pi-hole/' | tr -d '\r')
-    # Store what the X-Header shoud be in variables for comparision later
+    # Store what the X-Header shoud be in variables for comparison later
    local block_page_working
    block_page_working="X-Pi-hole: A black hole for Internet advertisements."
    local dashboard_working
@@ -818,7 +894,7 @@ dig_at() {
    # First, do a dig on localhost to see if Pi-hole can use itself to block a domain
    if local_dig=$(dig +tries=1 +time=2 -"${protocol}" "${random_url}" @${local_address} +short "${record_type}"); then
-        # If it can, show sucess
+        # If it can, show success
        log_write "${TICK} ${random_url} ${COL_GREEN}is ${local_dig}${COL_NC} via ${COL_CYAN}localhost$COL_NC (${local_address})"
    else
        # Otherwise, show a failure
@@ -882,6 +958,18 @@ process_status(){
    done
 }
 ftl_full_status(){
    # if using systemd print the full status of pihole-FTL
    echo_current_diagnostic "Pi-hole-FTL full status"
    local FTL_status
    if command -v systemctl &> /dev/null; then
      FTL_status=$(systemctl status --full --no-pager pihole-FTL.service)
      log_write "   ${FTL_status}"
    else
      log_write "${INFO} systemctl:  command not found"
    fi
 }
 make_array_from_file() {
    local filename="${1}"
    # The second argument can put a limit on how many line should be read from the file
@@ -899,7 +987,7 @@ make_array_from_file() {
        # Otherwise, read the file line by line
        while IFS= read -r line;do
            # Othwerise, strip out comments and blank lines
-            new_line=$(echo "${line}" | sed -e 's/#.*$//' -e '/^$/d')
+            new_line=$(echo "${line}" | sed -e 's/^\s*#.*$//' -e '/^$/d')
            # If the line still has content (a non-zero value)
            if [[ -n "${new_line}" ]]; then
                # Put it into the array
@@ -969,7 +1057,7 @@ check_name_resolution() {
 # This function can check a directory exists
 # Pi-hole has files in several places, so we will reuse this function
 dir_check() {
-    # Set the first argument passed to tihs function as a named variable for better readability
+    # Set the first argument passed to this function as a named variable for better readability
    local directory="${1}"
    # Display the current test that is running
    echo_current_diagnostic "contents of ${COL_CYAN}${directory}${COL_NC}"
@@ -987,14 +1075,14 @@ dir_check() {
 }
 list_files_in_dir() {
-    # Set the first argument passed to tihs function as a named variable for better readability
+    # Set the first argument passed to this function as a named variable for better readability
    local dir_to_parse="${1}"
    # Store the files found in an array
    mapfile -t files_found < <(ls "${dir_to_parse}")
    # For each file in the array,
    for each_file in "${files_found[@]}"; do
        if [[ -d "${dir_to_parse}/${each_file}" ]]; then
-            # If it's a directoy, do nothing
+            # If it's a directory, do nothing
            :
        elif [[ "${dir_to_parse}/${each_file}" == "${PIHOLE_DEBUG_LOG}" ]] || \
            [[ "${dir_to_parse}/${each_file}" == "${PIHOLE_RAW_BLOCKLIST_FILES}" ]] || \
@@ -1015,8 +1103,8 @@ list_files_in_dir() {
                    log_write "\\n${COL_GREEN}$(ls -ld "${dir_to_parse}"/"${each_file}")${COL_NC}"
                    # Check if the file we want to view has a limit (because sometimes we just need a little bit of info from the file, not the entire thing)
                    case "${dir_to_parse}/${each_file}" in
-                        # If it's Web server error log, just give the first 25 lines
+                        # If it's Web server error log, give the first and last 25 lines
-                        "${PIHOLE_WEB_SERVER_ERROR_LOG_FILE}") make_array_from_file "${dir_to_parse}/${each_file}" 25
+                        "${PIHOLE_WEB_SERVER_ERROR_LOG_FILE}") head_tail_log "${dir_to_parse}/${each_file}" 25
                            ;;
                        # Same for the FTL log
                        "${PIHOLE_FTL_LOG}") head_tail_log "${dir_to_parse}/${each_file}" 35
@@ -1106,6 +1194,46 @@ show_db_entries() {
    IFS="$OLD_IFS"
 }
 show_FTL_db_entries() {
    local title="${1}"
    local query="${2}"
    local widths="${3}"
    echo_current_diagnostic "${title}"
    OLD_IFS="$IFS"
    IFS=$'\r\n'
    local entries=()
    mapfile -t entries < <(\
        sqlite3 "${PIHOLE_FTL_DB_FILE}" \
            -cmd ".headers on" \
            -cmd ".mode column" \
            -cmd ".width ${widths}" \
            "${query}"\
    )
    for line in "${entries[@]}"; do
        log_write "   ${line}"
    done
    IFS="$OLD_IFS"
 }
 check_dhcp_servers() {
    echo_current_diagnostic "Discovering active DHCP servers (takes 10 seconds)"
    OLD_IFS="$IFS"
    IFS=$'\n'
    local entries=()
    mapfile -t entries < <(pihole-FTL dhcp-discover)
    for line in "${entries[@]}"; do
        log_write "   ${line}"
    done
    IFS="$OLD_IFS"
 }
 show_groups() {
    show_db_entries "Groups" "SELECT id,CASE enabled WHEN '0' THEN '   0' WHEN '1' THEN '      1' ELSE enabled END enabled,name,datetime(date_added,'unixepoch','localtime') date_added,datetime(date_modified,'unixepoch','localtime') date_modified,description FROM \"group\"" "4 7 50 19 19 50"
 }
@@ -1122,6 +1250,10 @@ show_clients() {
    show_db_entries "Clients" "SELECT id,GROUP_CONCAT(client_by_group.group_id) group_ids,ip,datetime(date_added,'unixepoch','localtime') date_added,datetime(date_modified,'unixepoch','localtime') date_modified,comment FROM client LEFT JOIN client_by_group ON client.id = client_by_group.client_id GROUP BY id;" "4 12 100 19 19 50"
 }
 show_messages() {
    show_FTL_db_entries "Pi-hole diagnosis messages" "SELECT id,datetime(timestamp,'unixepoch','localtime') timestamp,type,message,blob1,blob2,blob3,blob4,blob5 FROM message;" "4 19 20 60 20 20 20 20 20"
 }
 analyze_gravity_list() {
    echo_current_diagnostic "Gravity List and Database"
@@ -1187,7 +1319,7 @@ analyze_pihole_log() {
                # So first check if there are domains in the log that should be obfuscated
                if [[ -n ${line_to_obfuscate} ]]; then
                    # If there are, we need to use awk to replace only the domain name (the 6th field in the log)
-                    # so we substitue the domain for the placeholder value
+                    # so we substitute the domain for the placeholder value
                    obfuscated_line=$(echo "${line_to_obfuscate}" | awk -v placeholder="${OBFUSCATED_PLACEHOLDER}" '{sub($6,placeholder); print $0}')
                    log_write "   ${obfuscated_line}"
                else
@@ -1209,6 +1341,11 @@ tricorder_use_nc_or_curl() {
        log_write "    * Using ${COL_GREEN}curl${COL_NC} for transmission."
        # transmit he log via TLS and store the token returned in a variable
        tricorder_token=$(curl --silent --upload-file ${PIHOLE_DEBUG_LOG} https://tricorder.pi-hole.net:${TRICORDER_SSL_PORT_NUMBER})
        if [ -z "${tricorder_token}" ]; then
         # curl failed, fallback to nc
         log_write "    * ${COL_GREEN}curl${COL_NC} failed, falling back to ${COL_YELLOW}netcat${COL_NC} for transmission."
         tricorder_token=$(< ${PIHOLE_DEBUG_LOG} nc tricorder.pi-hole.net ${TRICORDER_NC_PORT_NUMBER})
        fi
    # Otherwise,
    else
        # use net cat
@@ -1235,7 +1372,7 @@ upload_to_tricorder() {
    log_write "    * The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only."
    log_write "    * For more information, see: ${TRICORDER_CONTEST}"
    log_write "    * If available, we'll use openssl to upload the log, otherwise it will fall back to netcat."
-    # If pihole -d is running automatically (usually throught the dashboard)
+    # If pihole -d is running automatically (usually through the dashboard)
    if [[ "${AUTOMATED}" ]]; then
        # let the user know
        log_write "${INFO} Debug script running in automated mode"
@@ -1251,7 +1388,7 @@ upload_to_tricorder() {
            # If they say yes, run our function for uploading the log
            [yY][eE][sS]|[yY]) tricorder_use_nc_or_curl;;
            # If they choose no, just exit out of the script
-            *) log_write "    * Log will ${COL_GREEN}NOT${COL_NC} be uploaded to tricorder.";exit;
+            *) log_write "    * Log will ${COL_GREEN}NOT${COL_NC} be uploaded to tricorder.\\n    * A local copy of the debug log can be found at: ${COL_CYAN}${PIHOLE_DEBUG_LOG}${COL_NC}\\n";exit;
        esac
    fi
    # Check if tricorder.pi-hole.net is reachable and provide token
@@ -1289,10 +1426,13 @@ check_component_versions
 check_critical_program_versions
 diagnose_operating_system
 check_selinux
 check_firewalld
 processor_check
 check_networking
 check_name_resolution
 check_dhcp_servers
 process_status
 ftl_full_status
 parse_setup_vars
 check_x_headers
 analyze_gravity_list
@@ -1301,6 +1441,7 @@ show_domainlist
 show_clients
 show_adlists
 show_content_of_pihole_files
 show_messages
 parse_locale
 analyze_pihole_log
 copy_to_debug_log
--- a/advanced/Scripts/query.sh
+++ b/advanced/Scripts/query.sh
@@ -29,7 +29,7 @@ scanList(){
    # Prevent grep from printing file path
    cd "$piholeDir" || exit 1
-    # Prevent grep -i matching slowly: http://bit.ly/2xFXtUX
+    # Prevent grep -i matching slowly: https://bit.ly/2xFXtUX
    export LC_CTYPE=C
    # /dev/null forces filename to be printed when only one list has been generated
--- a/advanced/Scripts/setupLCD.sh
+++ b/advanced/Scripts/setupLCD.sh
@@ -20,7 +20,7 @@ getInitSys() {
    elif [ -f /etc/init.d/cron ] && [ ! -h /etc/init.d/cron ]; then
        SYSTEMD=0
    else
-        echo "Unrecognised init system"
+        echo "Unrecognized init system"
        return 1
    fi
 }
@@ -70,5 +70,5 @@ setupcon
 reboot
 # Start showing the stats on the screen by running the command on another tty:
-# http://unix.stackexchange.com/questions/170063/start-a-process-on-a-different-tty
+# https://unix.stackexchange.com/questions/170063/start-a-process-on-a-different-tty
 #setsid sh -c 'exec /usr/local/bin/chronometer.sh <> /dev/tty1 >&0 2>&1'
--- a/advanced/Scripts/version.sh
+++ b/advanced/Scripts/version.sh
@@ -88,7 +88,7 @@ getRemoteVersion(){
    local arrCache
    cachedVersions="/etc/pihole/GitHubVersions"
-    #If the above file exists, then we can read from that. Prevents overuse of Github API
+    #If the above file exists, then we can read from that. Prevents overuse of GitHub API
    if [[ -f "$cachedVersions" ]]; then
        IFS=' ' read -r -a arrCache < "$cachedVersions"
        case $daemon in
@@ -203,7 +203,7 @@ Repositories:
 Options:
  -c, --current        Return the current version
  -l, --latest         Return the latest version
-  --hash               Return the Github hash from your local repositories
+  --hash               Return the GitHub hash from your local repositories
  -h, --help           Show this help dialog"
  exit 0
 }
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -10,17 +10,22 @@
 # This file is copyright under the latest version of the EUPL.
 # Please see LICENSE file for your rights under this license.
 readonly setupVars="/etc/pihole/setupVars.conf"
 readonly dnsmasqconfig="/etc/dnsmasq.d/01-pihole.conf"
 readonly dhcpconfig="/etc/dnsmasq.d/02-pihole-dhcp.conf"
 readonly FTLconf="/etc/pihole/pihole-FTL.conf"
 # 03 -> wildcards
 readonly dhcpstaticconfig="/etc/dnsmasq.d/04-pihole-static-dhcp.conf"
 readonly PI_HOLE_BIN_DIR="/usr/local/bin"
 readonly dnscustomfile="/etc/pihole/custom.list"
 readonly dnscustomcnamefile="/etc/dnsmasq.d/05-pihole-custom-cname.conf"
 readonly gravityDBfile="/etc/pihole/gravity.db"
 # Source install script for ${setupVars}, ${PI_HOLE_BIN_DIR} and valid_ip()
 readonly PI_HOLE_FILES_DIR="/etc/.pihole"
 # shellcheck disable=SC2034  # used in basic-install
 PH_TEST="true"
 source "${PI_HOLE_FILES_DIR}/automated install/basic-install.sh"
 coltable="/opt/pihole/COL_TABLE"
 if [[ -f ${coltable} ]]; then
    source ${coltable}
@@ -39,7 +44,7 @@ Options:
  -e, email           Set an administrative contact address for the Block Page
  -h, --help          Show this help dialog
  -i, interface       Specify dnsmasq's interface listening behavior
-  -l, privacylevel    Set privacy level (0 = lowest, 4 = highest)"
+  -l, privacylevel    Set privacy level (0 = lowest, 3 = highest)"
    exit 0
 }
@@ -162,9 +167,11 @@ ProcessDNSSettings() {
    fi
    delete_dnsmasq_setting "domain-needed"
    delete_dnsmasq_setting "expand-hosts"
    if [[ "${DNS_FQDN_REQUIRED}" == true ]]; then
        add_dnsmasq_setting "domain-needed"
        add_dnsmasq_setting "expand-hosts"
    fi
    delete_dnsmasq_setting "bogus-priv"
@@ -209,14 +216,74 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423
    fi
    if [[ "${CONDITIONAL_FORWARDING}" == true ]]; then
-        add_dnsmasq_setting "server=/${CONDITIONAL_FORWARDING_DOMAIN}/${CONDITIONAL_FORWARDING_IP}"
+        # Convert legacy "conditional forwarding" to rev-server configuration
-        add_dnsmasq_setting "server=/${CONDITIONAL_FORWARDING_REVERSE}/${CONDITIONAL_FORWARDING_IP}"
+        # Remove any existing REV_SERVER settings
        delete_setting "REV_SERVER"
        delete_setting "REV_SERVER_DOMAIN"
        delete_setting "REV_SERVER_TARGET"
        delete_setting "REV_SERVER_CIDR"
        REV_SERVER=true
        add_setting "REV_SERVER" "true"
        REV_SERVER_DOMAIN="${CONDITIONAL_FORWARDING_DOMAIN}"
        add_setting "REV_SERVER_DOMAIN" "${REV_SERVER_DOMAIN}"
        REV_SERVER_TARGET="${CONDITIONAL_FORWARDING_IP}"
        add_setting "REV_SERVER_TARGET" "${REV_SERVER_TARGET}"
        #Convert CONDITIONAL_FORWARDING_REVERSE if necessary e.g:
        #          1.1.168.192.in-addr.arpa to 192.168.1.1/32
        #          1.168.192.in-addr.arpa to 192.168.1.0/24
        #          168.192.in-addr.arpa to 192.168.0.0/16
        #          192.in-addr.arpa to 192.0.0.0/8
        if [[ "${CONDITIONAL_FORWARDING_REVERSE}" == *"in-addr.arpa" ]];then
            arrRev=("${CONDITIONAL_FORWARDING_REVERSE//./ }")        
            case ${#arrRev[@]} in 
                6   )   REV_SERVER_CIDR="${arrRev[3]}.${arrRev[2]}.${arrRev[1]}.${arrRev[0]}/32";;
                5   )   REV_SERVER_CIDR="${arrRev[2]}.${arrRev[1]}.${arrRev[0]}.0/24";;
                4   )   REV_SERVER_CIDR="${arrRev[1]}.${arrRev[0]}.0.0/16";;
                3   )   REV_SERVER_CIDR="${arrRev[0]}.0.0.0/8";; 
            esac
        else
          # Set REV_SERVER_CIDR to whatever value it was set to
          REV_SERVER_CIDR="${CONDITIONAL_FORWARDING_REVERSE}"
        fi
        # If REV_SERVER_CIDR is not converted by the above, then use the REV_SERVER_TARGET variable to derive it
        if [ -z "${REV_SERVER_CIDR}" ]; then
            # Convert existing input to /24 subnet (preserves legacy behavior)
            # This sed converts "192.168.1.2" to "192.168.1.0/24"
            # shellcheck disable=2001
            REV_SERVER_CIDR="$(sed "s+\\.[0-9]*$+\\.0/24+" <<< "${REV_SERVER_TARGET}")"
        fi
        add_setting "REV_SERVER_CIDR" "${REV_SERVER_CIDR}"
        # Remove obsolete settings from setupVars.conf
        delete_setting "CONDITIONAL_FORWARDING"
        delete_setting "CONDITIONAL_FORWARDING_REVERSE"
        delete_setting "CONDITIONAL_FORWARDING_DOMAIN"
        delete_setting "CONDITIONAL_FORWARDING_IP"
    fi
    if [[ "${REV_SERVER}" == true ]]; then
        add_dnsmasq_setting "rev-server=${REV_SERVER_CIDR},${REV_SERVER_TARGET}"
        if [ -n "${REV_SERVER_DOMAIN}" ]; then
            add_dnsmasq_setting "server=/${REV_SERVER_DOMAIN}/${REV_SERVER_TARGET}"
        fi
    fi
    # Prevent Firefox from automatically switching over to DNS-over-HTTPS
    # This follows https://support.mozilla.org/en-US/kb/configuring-networks-disable-dns-over-https
    # (sourced 7th September 2019)
    add_dnsmasq_setting "server=/use-application-dns.net/"
    # We need to process DHCP settings here as well to account for possible
    # changes in the non-FQDN forwarding. This cannot be done in 01-pihole.conf
    # as we don't want to delete all local=/.../ lines so it's much safer to
    # simply rewrite the entire corresponding config file (which is what the
    # DHCP settings subroutie is doing)
    ProcessDHCPSettings
 }
 SetDNSServers() {
@@ -225,7 +292,16 @@ SetDNSServers() {
    IFS=',' read -r -a array <<< "${args[2]}"
    for index in "${!array[@]}"
    do
-        add_setting "PIHOLE_DNS_$((index+1))" "${array[index]}"
+        # Replace possible "\#" by "#". This fixes AdminLTE#1427
        local ip
        ip="${array[index]//\\#/#}"
        if valid_ip "${ip}" || valid_ip6 "${ip}" ; then
            add_setting "PIHOLE_DNS_$((index+1))" "${ip}"
        else
            echo -e "  ${CROSS} Invalid IP has been passed"
            exit 1
        fi
    done
    if [[ "${args[3]}" == "domain-needed" ]]; then
@@ -246,16 +322,13 @@ SetDNSServers() {
        change_setting "DNSSEC" "false"
    fi
-    if [[ "${args[6]}" == "conditional_forwarding" ]]; then
+    if [[ "${args[6]}" == "rev-server" ]]; then
-        change_setting "CONDITIONAL_FORWARDING" "true"
+        change_setting "REV_SERVER" "true"
-        change_setting "CONDITIONAL_FORWARDING_IP" "${args[7]}"
+        change_setting "REV_SERVER_CIDR" "${args[7]}"
-        change_setting "CONDITIONAL_FORWARDING_DOMAIN" "${args[8]}"
+        change_setting "REV_SERVER_TARGET" "${args[8]}"
-        change_setting "CONDITIONAL_FORWARDING_REVERSE" "${args[9]}"
+        change_setting "REV_SERVER_DOMAIN" "${args[9]}"
    else
-        change_setting "CONDITIONAL_FORWARDING" "false"
+        change_setting "REV_SERVER" "false"
        delete_setting "CONDITIONAL_FORWARDING_IP"
        delete_setting "CONDITIONAL_FORWARDING_DOMAIN"
        delete_setting "CONDITIONAL_FORWARDING_REVERSE"
    fi
    ProcessDNSSettings
@@ -333,6 +406,14 @@ dhcp-leasefile=/etc/pihole/dhcp.leases
    if [[ "${PIHOLE_DOMAIN}" != "none" ]]; then
        echo "domain=${PIHOLE_DOMAIN}" >> "${dhcpconfig}"
        # When there is a Pi-hole domain set and "Never forward non-FQDNs" is
        # ticked, we add `local=/domain/` to tell FTL that this domain is purely
        # local and FTL may answer queries from /etc/hosts or DHCP but should
        # never forward queries on that domain to any upstream servers
        if  [[ "${DNS_FQDN_REQUIRED}" == true ]]; then
          echo "local=/${PIHOLE_DOMAIN}/" >> "${dhcpconfig}"
        fi
    fi
    # Sourced from setupVars
@@ -400,6 +481,10 @@ SetWebUILayout() {
    change_setting "WEBUIBOXEDLAYOUT" "${args[2]}"
 }
 SetWebUITheme() {
    change_setting "WEBTHEME" "${args[2]}"
 }
 CheckUrl(){
    local regex
    # Check for characters NOT allowed in URLs
@@ -592,9 +677,10 @@ clearAudit()
 }
 SetPrivacyLevel() {
-    # Set privacy level. Minimum is 0, maximum is 4
+    # Set privacy level. Minimum is 0, maximum is 3
-    if [ "${args[2]}" -ge 0 ] && [ "${args[2]}" -le 4 ]; then
+    if [ "${args[2]}" -ge 0 ] && [ "${args[2]}" -le 3 ]; then
        changeFTLsetting "PRIVACYLEVEL" "${args[2]}"
        pihole restartdns reload-lists
    fi
 }
@@ -620,6 +706,28 @@ RemoveCustomDNSAddress() {
    RestartDNS
 }
 AddCustomCNAMERecord() {
    echo -e "  ${TICK} Adding custom CNAME record..."
    domain="${args[2]}"
    target="${args[3]}"
    echo "cname=${domain},${target}" >> "${dnscustomcnamefile}"
    # Restart dnsmasq to load new custom CNAME records
    RestartDNS
 }
 RemoveCustomCNAMERecord() {
    echo -e "  ${TICK} Removing custom CNAME record..."
    domain="${args[2]}"
    target="${args[3]}"
    sed -i "/cname=${domain},${target}/d" "${dnscustomcnamefile}"
    # Restart dnsmasq to update removed custom CNAME records
    RestartDNS
 }
 main() {
    args=("$@")
@@ -638,6 +746,7 @@ main() {
        "enabledhcp"          ) EnableDHCP;;
        "disabledhcp"         ) DisableDHCP;;
        "layout"              ) SetWebUILayout;;
        "theme"               ) SetWebUITheme;;
        "-h" | "--help"       ) helpFunc;;
        "privacymode"         ) SetPrivacyMode;;
        "resolve"             ) ResolutionSettings;;
@@ -652,6 +761,8 @@ main() {
        "-l" | "privacylevel" ) SetPrivacyLevel;;
        "addcustomdns"        ) AddCustomDNSAddress;;
        "removecustomdns"     ) RemoveCustomDNSAddress;;
        "addcustomcname"      ) AddCustomCNAMERecord;;
        "removecustomcname"   ) RemoveCustomCNAMERecord;;
        *                     ) helpFunc;;
    esac
--- a/advanced/Templates/gravity.db.sql
+++ b/advanced/Templates/gravity.db.sql
@@ -16,11 +16,12 @@ CREATE TABLE domainlist
 (
 	id INTEGER PRIMARY KEY AUTOINCREMENT,
 	type INTEGER NOT NULL DEFAULT 0,
-	domain TEXT UNIQUE NOT NULL,
+	domain TEXT NOT NULL,
 	enabled BOOLEAN NOT NULL DEFAULT 1,
 	date_added INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
 	date_modified INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
-	comment TEXT
+	comment TEXT,
 	UNIQUE(domain, type)
 );
 CREATE TABLE adlist
@@ -30,7 +31,8 @@ CREATE TABLE adlist
 	enabled BOOLEAN NOT NULL DEFAULT 1,
 	date_added INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
 	date_modified INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
-	comment TEXT
+	comment TEXT,
 	date_updated INTEGER
 );
 CREATE TABLE adlist_by_group
@@ -52,7 +54,7 @@ CREATE TABLE info
 	value TEXT NOT NULL
 );
-INSERT INTO "info" VALUES('version','12');
+INSERT INTO "info" VALUES('version','13');
 CREATE TABLE domain_audit
 (
@@ -71,7 +73,7 @@ CREATE TABLE domainlist_by_group
 CREATE TABLE client
 (
 	id INTEGER PRIMARY KEY AUTOINCREMENT,
-	ip TEXT NOL NULL UNIQUE,
+	ip TEXT NOT NULL UNIQUE,
 	date_added INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
 	date_modified INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
 	comment TEXT
@@ -84,9 +86,9 @@ CREATE TABLE client_by_group
 	PRIMARY KEY (client_id, group_id)
 );
-CREATE TRIGGER tr_adlist_update AFTER UPDATE ON adlist
+CREATE TRIGGER tr_adlist_update AFTER UPDATE OF address,enabled,comment ON adlist
    BEGIN
-      UPDATE adlist SET date_modified = (cast(strftime('%s', 'now') as int)) WHERE address = NEW.address;
+      UPDATE adlist SET date_modified = (cast(strftime('%s', 'now') as int)) WHERE id = NEW.id;
    END;
 CREATE TRIGGER tr_client_update AFTER UPDATE ON client
--- a/advanced/Templates/pihole-FTL.service
+++ b/advanced/Templates/pihole-FTL.service
@@ -1,8 +1,8 @@
 #!/usr/bin/env bash
 ### BEGIN INIT INFO
 # Provides:          pihole-FTL
-# Required-Start:    $remote_fs $syslog
+# Required-Start:    $remote_fs $syslog $network
-# Required-Stop:     $remote_fs $syslog
+# Required-Stop:     $remote_fs $syslog $network
 # Default-Start:     2 3 4 5
 # Default-Stop:      0 1 6
 # Short-Description: pihole-FTL daemon
@@ -10,21 +10,10 @@
 ### END INIT INFO
 FTLUSER=pihole
-PIDFILE=/var/run/pihole-FTL.pid
+PIDFILE=/run/pihole-FTL.pid
 get_pid() {
    # First, try to obtain PID from PIDFILE
    if [ -s "${PIDFILE}" ]; then
        cat "${PIDFILE}"
        return
    fi
    # If the PIDFILE is empty or not available, obtain the PID using pidof
    pidof "pihole-FTL" | awk '{print $(NF)}'
 }
 is_running() {
-    ps "$(get_pid)" > /dev/null 2>&1
+    pgrep -o "pihole-FTL" > /dev/null 2>&1
 }
@@ -37,12 +26,12 @@ start() {
    touch /var/log/pihole-FTL.log /var/log/pihole.log
    touch /run/pihole-FTL.pid /run/pihole-FTL.port
    touch /etc/pihole/dhcp.leases
-    mkdir -p /var/run/pihole
+    mkdir -p /run/pihole
    mkdir -p /var/log/pihole
-    chown pihole:pihole /var/run/pihole /var/log/pihole
+    chown pihole:pihole /run/pihole /var/log/pihole
    # Remove possible leftovers from previous pihole-FTL processes
    rm -f /dev/shm/FTL-* 2> /dev/null
-    rm /var/run/pihole/FTL.sock 2> /dev/null
+    rm /run/pihole/FTL.sock 2> /dev/null
    # Ensure that permissions are set so that pihole-FTL can edit all necessary files
    chown pihole:pihole /run/pihole-FTL.pid /run/pihole-FTL.port
    chown pihole:pihole /etc/pihole /etc/pihole/dhcp.leases 2> /dev/null
@@ -50,7 +39,7 @@ start() {
    chmod 0644 /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole.log
    # Chown database files to the user FTL runs as. We ignore errors as the files may not (yet) exist
    chown pihole:pihole /etc/pihole/pihole-FTL.db /etc/pihole/gravity.db 2> /dev/null
-    if setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN+eip "$(which pihole-FTL)"; then
+    if setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN,CAP_SYS_NICE+eip "$(which pihole-FTL)"; then
      su -s /bin/sh -c "/usr/bin/pihole-FTL" "$FTLUSER"
    else
      echo "Warning: Starting pihole-FTL as root because setting capabilities is not supported on this system"
@@ -63,7 +52,7 @@ start() {
 # Stop the service
 stop() {
  if is_running; then
-    kill "$(get_pid)"
+    pkill -o pihole-FTL
    for i in {1..5}; do
      if ! is_running; then
        break
@@ -76,7 +65,7 @@ stop() {
    if is_running; then
      echo "Not stopped; may still be shutting down or shutdown may have failed, killing now"
-      kill -9 "$(get_pid)"
+      pkill -o -9 pihole-FTL
      exit 1
    else
      echo "Stopped"
--- a/advanced/Templates/pihole.cron
+++ b/advanced/Templates/pihole.cron
@@ -10,7 +10,7 @@
 #
 #
 # This file is under source-control of the Pi-hole installation and update
-# scripts, any changes made to this file will be overwritten when the softare
+# scripts, any changes made to this file will be overwritten when the software
 # is updated or re-installed. Please make any changes to the appropriate crontab
 # or other cron file snippets.
@@ -18,19 +18,19 @@
 #          early morning. Download any updates from the adlists
 #          Squash output to log, then splat the log to stdout on error to allow for
 #          standard crontab job error handling.
-59 1    * * 7   root    PATH="$PATH:/usr/local/bin/" pihole updateGravity >/var/log/pihole_updateGravity.log || cat /var/log/pihole_updateGravity.log
+59 1    * * 7   root    PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updateGravity >/var/log/pihole_updateGravity.log || cat /var/log/pihole_updateGravity.log
 # Pi-hole: Flush the log daily at 00:00
 #          The flush script will use logrotate if available
 #          parameter "once": logrotate only once (default is twice)
 #          parameter "quiet": don't print messages
-00 00   * * *   root    PATH="$PATH:/usr/local/bin/" pihole flush once quiet
+00 00   * * *   root    PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole flush once quiet
@reboot root /usr/sbin/logrotate /etc/pihole/logrotate
 # Pi-hole: Grab local version and branch every 10 minutes
-*/10 *  * * *   root    PATH="$PATH:/usr/local/bin/" pihole updatechecker local
+*/10 *  * * *   root    PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updatechecker local
 # Pi-hole: Grab remote version every 24 hours
-59 17  * * *   root    PATH="$PATH:/usr/local/bin/" pihole updatechecker remote
+59 17  * * *   root    PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updatechecker remote
-@reboot root    PATH="$PATH:/usr/local/bin/" pihole updatechecker remote reboot
+@reboot root    PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updatechecker remote reboot
--- a/advanced/bash-completion/pihole
+++ b/advanced/bash-completion/pihole
@@ -56,11 +56,11 @@ _pihole() {
 		;;
 		"privacylevel")
 			if ( [[ "$prev2" == "admin" ]] || [[ "$prev2" == "-a" ]] ); then
-				opts_privacy="0 1 2 3 4"
+				opts_privacy="0 1 2 3"
 				COMPREPLY=( $(compgen -W "${opts_privacy}" -- ${cur}) )
-			else 
+			else
 				return 1
-			fi	
+			fi
 		;;
 		"core"|"admin"|"ftl")
 			if [[ "$prev2" == "checkout" ]]; then
--- a/advanced/blockingpage.css
+++ b/advanced/blockingpage.css
@@ -6,45 +6,46 @@
 *  Please see LICENSE file for your rights under this license. */
 /* Text Customisation Options ======> */
-.title:before { content: "Website Blocked"; }
+.title::before { content: "Website Blocked"; }
-.altBtn:before { content: "Why am I here?"; }
+.altBtn::before { content: "Why am I here?"; }
-.linkPH:before { content: "About Pi-hole"; }
+.linkPH::before { content: "About Pi-hole"; }
-.linkEmail:before { content: "Contact Admin"; }
+.linkEmail::before { content: "Contact Admin"; }
-#bpOutput.add:before { content: "Info"; }
+#bpOutput.add::before { content: "Info"; }
-#bpOutput.add:after { content: "The domain is being whitelisted..."; }
+#bpOutput.add::after { content: "The domain is being whitelisted..."; }
-#bpOutput.error:before, .unhandled:before { content: "Error"; }
+#bpOutput.error::before, .unhandled::before { content: "Error"; }
-#bpOutput.unhandled:after { content: "An unhandled exception occured. This may happen when your browser is unable to load jQuery, or when the webserver is denying access to the Pi-hole API."; }
+#bpOutput.unhandled::after { content: "An unhandled exception occurred. This may happen when your browser is unable to load jQuery, or when the webserver is denying access to the Pi-hole API."; }
-#bpOutput.success:before { content: "Success"; }
+#bpOutput.success::before { content: "Success"; }
-#bpOutput.success:after { content: "Website has been whitelisted! You may need to flush your DNS cache"; }
+#bpOutput.success::after { content: "Website has been whitelisted! You may need to flush your DNS cache"; }
-.recentwl:before { content: "This site has been whitelisted. Please flush your DNS cache and/or restart your browser."; }
+.recentwl::before { content: "This site has been whitelisted. Please flush your DNS cache and/or restart your browser."; }
-.unknown:before { content: "This website is not found in any of Pi-hole's blacklists. The reason you have arrived here is unknown."; }
+.unknown::before { content: "This website is not found in any of Pi-hole's blacklists. The reason you have arrived here is unknown."; }
-.cname:before { content: "This site is an alias for "; } /* <a href="http://cname.com">cname.com</a> */
+.cname::before { content: "This site is an alias for "; } /* <a href="http://cname.com">cname.com</a> */
-.cname:after { content: ", which may be blocked by Pi-hole."; }
+.cname::after { content: ", which may be blocked by Pi-hole."; }
-.blacklist:before { content: "Manually Blacklisted"; }
+.blacklist::before { content: "Manually Blacklisted"; }
-.wildcard:before { content: "Manually Blacklisted by Wildcard"; }
+.wildcard::before { content: "Manually Blacklisted by Wildcard"; }
-.noblock:before { content: "Not found on any Blacklist"; }
+.noblock::before { content: "Not found on any Blacklist"; }
-#bpBlock:before { content: "Access to the following website has been denied:"; }
+#bpBlock::before { content: "Access to the following website has been denied:"; }
-#bpFlag:before { content: "This is primarily due to being flagged as:"; }
+#bpFlag::before { content: "This is primarily due to being flagged as:"; }
-#bpHelpTxt:before { content: "If you have an ongoing use for this website, please "; }
+#bpHelpTxt::before { content: "If you have an ongoing use for this website, please "; }
-#bpHelpTxt a:before, #bpHelpTxt span:before { content: "ask the administrator"; }
+#bpHelpTxt a::before, #bpHelpTxt span::before { content: "ask the administrator"; }
-#bpHelpTxt:after{ content: " of the Pi-hole on this network to have it whitelisted"; }
+#bpHelpTxt::after{ content: " of the Pi-hole on this network to have it whitelisted"; }
-#bpBack:before { content: "Back to safety"; }
+#bpBack::before { content: "Back to safety"; }
-#bpInfo:before { content: "Technical Info"; }
+#bpInfo::before { content: "Technical Info"; }
-#bpFoundIn:before { content: "This site is found in "; }
+#bpFoundIn::before { content: "This site is found in "; }
-#bpFoundIn span:after { content: " of "; }
+#bpFoundIn span::after { content: " of "; }
-#bpFoundIn:after { content: " lists:"; }
+#bpFoundIn::after { content: " lists:"; }
-#bpWhitelist:before { content: "Whitelist"; }
+#bpWhitelist::before { content: "Whitelist"; }
-footer span:before { content: "Page generated on "; }
+footer span::before { content: "Page generated on "; }
 /* Hide whitelisting form entirely */
 /* #bpWLButtons { display: none; } */
 /* Text Customisation Options <=============================== */
 /* http://necolas.github.io/normalize.css ======> */
@@ -98,7 +99,7 @@ html { font-size: 62.5%; }
 a { color: #3c8dbc; text-decoration: none; }
 a:hover { color: #72afda; text-decoration: underline; }
-b { color: rgb(68,68,68); }
+b { color: rgb(68, 68, 68); }
 p { margin: 0; }
 label, .buttons a {
@@ -111,7 +112,7 @@ label, .buttons a {
 label, .buttons *:not([disabled]) { cursor: pointer; }
 /* Touch device dark tap highlight */
-header h1 a, label, .buttons * { -webkit-tap-highlight-color: transparent; } 
+header h1 a, label, .buttons * { -webkit-tap-highlight-color: transparent; }
 /* Webkit Focus Glow */
 textarea, input, button { outline: none; }
@@ -120,14 +121,20 @@ textarea, input, button { outline: none; }
  font-family: "Source Sans Pro";
  font-style: normal;
  font-weight: 400;
-  src: local("Source Sans Pro"), local("SourceSansPro-Regular"), url("/admin/style/vendor/SourceSansPro/SourceSansPro-Regular.ttf") format("truetype");
+  font-display: swap;
  src: local("Source Sans Pro Regular"), local("SourceSansPro-Regular"),
       url("/admin/style/vendor/SourceSansPro/source-sans-pro-v13-latin-regular.woff2") format("woff2"),
       url("/admin/style/vendor/SourceSansPro/source-sans-pro-v13-latin-regular.woff") format("woff");
 }
@font-face {
  font-family: "Source Sans Pro";
  font-style: normal;
  font-weight: 700;
-  src: local("Source Sans Pro Bold"), local("SourceSansPro-Bold"), url("/admin/style/vendor/SourceSansPro/SourceSansPro-Bold.ttf") format("truetype");
+  font-display: swap;
  src: local("Source Sans Pro Bold"), local("SourceSansPro-Bold"),
       url("/admin/style/vendor/SourceSansPro/source-sans-pro-v13-latin-700.woff2") format("woff2"),
       url("/admin/style/vendor/SourceSansPro/source-sans-pro-v13-latin-700.woff") format("woff");
 }
 body {
@@ -138,14 +145,14 @@ body {
 }
 /* User is greeted with a splash page when browsing to Pi-hole IP address */
-#splashpage { background: #222; color: rgba(255,255,255,0.7); text-align: center; }
+#splashpage { background: #222; color: rgba(255, 255, 255, 0.7); text-align: center; }
 #splashpage img { margin: 5px; width: 256px; }
 #splashpage b { color: inherit; }
 #bpWrapper {
  margin: 0 auto;
  max-width: 1250px;
-  box-shadow: 0 0 8px rgba(0,0,0,0.5);
+  box-shadow: 0 0 8px rgba(0, 0, 0, 0.5);
 }
 header {
@@ -164,15 +171,15 @@ header h1, header h1 a, header .spc, header #bpAlt label {
 }
 h1 a {
-  background-color: rgba(0,0,0,0.1);
+  background-color: rgba(0, 0, 0, 0.1);
-  font-family: "Helvetica Neue", Helvetica, Arial ,sans-serif;
+  font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;
  font-size: 2rem;
-  font-weight: normal;
+  font-weight: 400;
  min-width: 230px;
-  text-align: center;  
+  text-align: center;
 }
-h1 a:hover, header #bpAlt:hover { background-color: rgba(0,0,0,0.12); color: inherit; text-decoration: none; }
+h1 a:hover, header #bpAlt:hover { background-color: rgba(0, 0, 0, 0.12); color: inherit; text-decoration: none; }
 header .spc { width: 100%; }
@@ -180,13 +187,14 @@ header #bpAlt label {
  background: url("/admin/img/logo.svg") no-repeat center left 15px;
  background-size: 15px 23px;
  padding: 0 15px;
-  text-indent: 30px; 
+  text-indent: 30px;
 }
-[type=checkbox][id$="Toggle"] { display: none; }
+[type="checkbox"][id$="Toggle"] { display: none; }
-[type=checkbox][id$="Toggle"]:checked ~ #bpAbout,
+[type="checkbox"][id$="Toggle"]:checked ~ #bpAbout,
-[type=checkbox][id$="Toggle"]:checked ~ #bpMoreInfo {
+[type="checkbox"][id$="Toggle"]:checked ~ #bpMoreInfo {
-  display: block; }
+  display: block;
 }
 /* Click anywhere else on screen to hide #bpAbout */
 #bpAboutToggle:checked {
@@ -197,28 +205,28 @@ header #bpAlt label {
  top: 0;
  opacity: 0;
  position: absolute;
-  width: 100%;  
+  width: 100%;
 }
 #bpAbout {
  background: #3c8dbc;
  border-bottom-left-radius: 5px;
-  border: 1px solid #FFF;
+  border: 1px solid #fff;
  border-right-width: 0;
-  box-shadow: -1px 1px 1px rgba(0,0,0,0.12);
+  box-shadow: -1px 1px 1px rgba(0, 0, 0, 0.12);
  box-sizing: border-box;
  display: none;
  font-size: 1.7rem;
  top: 50px;
  position: absolute;
  right: 0;
-  width: 280px;  
+  width: 280px;
  z-index: 1;
 }
 .aboutPH {
  box-sizing: border-box;
-  color: rgba(255,255,255,0.8);
+  color: rgba(255, 255, 255, 0.8);
  display: block;
  padding: 10px;
  width: 100%;
@@ -237,7 +245,7 @@ header #bpAlt label {
 .aboutPH p { margin: 10px 0; }
 .aboutPH small { display: block; font-size: 1.2rem; }
-.aboutLink { 
+.aboutLink {
  background: #fff;
  border-top: 1px solid #ddd;
  display: table;
@@ -261,16 +269,16 @@ main {
 #bpOutput {
  background: #00c0ef;
  border-radius: 3px;
-  border: 1px solid rgba(0,0,0,0.1);  
+  border: 1px solid rgba(0, 0, 0, 0.1);
  color: #fff;
  font-size: 1.4rem;
  margin-bottom: 10px;
  margin-top: 5px;
-  padding: 15px;  
+  padding: 15px;
 }
-#bpOutput:before {
+#bpOutput::before {
-  background: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' width='7' height='14' viewBox='0 0 7 14'%3E%3Cpath fill='%23fff' d='M6,11a1.371,1.371,0,0,1,1,1v1a1.371,1.371,0,0,1-1,1H1a1.371,1.371,0,0,1-1-1V12a1.371,1.371,0,0,1,1-1H2V8H1A1.371,1.371,0,0,1,0,7V6A1.371,1.371,0,0,1,1,5H4A1.371,1.371,0,0,1,5,6v5H6ZM3.5,0A1.5,1.5,0,1,1,2,1.5,1.5,1.5,0,0,1,3.5,0Z'/%3E%3C/svg%3E") no-repeat center left;
+  background: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' width='7' height='14' viewBox='0 0 7 14'%3E%3Cpath fill='%23fff' d='M6 11a1.371 1.371 0 011 1v1a1.371 1.371 0 01-1 1H1a1.371 1.371 0 01-1-1v-1a1.371 1.371 0 011-1h1V8H1a1.371 1.371 0 01-1-1V6a1.371 1.371 0 011-1h3a1.371 1.371 0 011 1v5h1zM3.5 0A1.5 1.5 0 112 1.5 1.5 1.5 0 013.5 0z'/%3E%3C/svg%3E") no-repeat center left;
  display: block;
  font-size: 1.8rem;
  text-indent: 15px;
@@ -281,8 +289,8 @@ main {
 #bpOutput.error { background: #dd4b39; }
 .blockMsg, .flagMsg {
-  font: bold 1.8rem Consolas, Courier, monospace;
+  font: 700 1.8rem Consolas, Courier, monospace;
-  padding: 5px 10px 10px 10px;
+  padding: 5px 10px 10px;
  text-indent: 15px;
 }
@@ -298,7 +306,7 @@ main {
  -moz-appearance: none;
  -webkit-appearance: none;
  border-radius: 3px;
-  border: 1px solid rgba(0,0,0,0.1);
+  border: 1px solid rgba(0, 0, 0, 0.1);
  box-sizing: content-box;
  display: table-cell;
  font-size: 1.65rem;
@@ -309,46 +317,48 @@ main {
  text-align: center;
  vertical-align: top;
  white-space: nowrap;
-  width: auto;  
+  width: auto;
 }
 .buttons a:hover { text-decoration: none; }
 /* Button hover dark overlay */
 .buttons *:not(input):not([disabled]):hover {
-  background-image: linear-gradient(to bottom, rgba(0,0,0,0.1), rgba(0,0,0,0.1));
+  background-image: linear-gradient(to bottom, rgba(0, 0, 0, 0.1), rgba(0, 0, 0, 0.1));
-  color: #FFF;
+  color: #fff;
 }
 /* Button active shadow inset */
 .buttons *:not([disabled]):not(input):active {
-  box-shadow: inset 0 3px 5px rgba(0,0,0,0.125);
+  box-shadow: inset 0 3px 5px rgba(0, 0, 0, 0.125);
 }
-/* Input border colour */
+/* Input border color */
 .buttons *:not([disabled]):hover, .buttons input:focus {
-  border-color: rgba(0,0,0,0.25);
+  border-color: rgba(0, 0, 0, 0.25);
 }
-#bpButtons * { width: 50%; color: #FFF; }
+#bpButtons *  { width: 50%; color: #fff; }
-#bpBack           { background-color: #00a65a; }
+#bpBack       { background-color: #00a65a; }
-#bpInfo           { background-color: #3c8dbc;  }
+#bpInfo       { background-color: #3c8dbc; }
 #bpWhitelist  { background-color: #dd4b39; }
-#blockpage .buttons [type=password][disabled] { color: rgba(0,0,0,1); }
+#blockpage .buttons [type="password"][disabled] { color: rgba(0, 0, 0, 1); }
-#blockpage .buttons [disabled] { color: rgba(0,0,0,0.55); background-color: #e3e3e3; }
+#blockpage .buttons [disabled] { color: rgba(0, 0, 0, 0.55); background-color: #e3e3e3; }
-#blockpage .buttons [type=password]:-ms-input-placeholder { color: rgba(51,51,51,0.8); }
+#blockpage .buttons [type="password"]:-ms-input-placeholder { color: rgba(51, 51, 51, 0.8); }
-input[type=password] { font-size: 1.5rem; }
+input[type="password"] { font-size: 1.5rem; }
@-webkit-keyframes slidein { from { max-height: 0; opacity: 0; } to { max-height: 300px; opacity: 1; } }
@keyframes slidein { from { max-height: 0; opacity: 0; } to { max-height: 300px; opacity: 1; } }
-#bpMoreToggle:checked ~ #bpMoreInfo { display: block; margin-top: 8px; animation: slidein 0.05s linear; }
+#bpMoreToggle:checked ~ #bpMoreInfo { display: block; margin-top: 8px; -webkit-animation: slidein 0.05s linear; animation: slidein 0.05s linear; }
 #bpMoreInfo { display: none; margin-top: 10px; }
 #bpQueryOutput {
  font-size: 1.2rem;
  line-height: 1.65rem;
-  margin: 5px 0 0 0;
+  margin: 5px 0 0;
  overflow: auto;
  padding: 0 5px;
  -webkit-overflow-scrolling: touch;
@@ -367,13 +377,13 @@ footer {
  border-top: 1px solid #d2d6de;
  color: #444;
  font: 1.2rem Consolas, Courier, monospace;
-  padding: 8px;  
+  padding: 8px;
 }
 /* Responsive Content */
@media only screen and (max-width: 500px) {
  h1 a { font-size: 1.8rem; min-width: 170px; }
-  footer span:before { content: "Generated "; }
+  footer span::before { content: "Generated "; }
  footer span { display: block; }
 }
--- a/advanced/dnsmasq.conf.original
+++ b/advanced/dnsmasq.conf.original
@@ -46,7 +46,7 @@
 #resolv-file=
 # By  default,  dnsmasq  will  send queries to any of the upstream
-# servers it knows about and tries to favour servers to are  known
+# servers it knows about and tries to favor servers to are  known
 # to  be  up.  Uncommenting this forces dnsmasq to try each query
 # with  each  server  strictly  in  the  order  they   appear   in
 # /etc/resolv.conf
@@ -189,7 +189,7 @@
 # add names to the DNS for the IPv6 address of SLAAC-configured dual-stack
 # hosts. Use the DHCPv4 lease to derive the name, network segment and
 # MAC address and assume that the host will also have an
-# IPv6 address calculated using the SLAAC alogrithm.
+# IPv6 address calculated using the SLAAC algorithm.
 #dhcp-range=1234::, ra-names
 # Do Router Advertisements, BUT NOT DHCP for this subnet.
@@ -210,7 +210,7 @@
 #dhcp-range=1234::, ra-stateless, ra-names
 # Do router advertisements for all subnets where we're doing DHCPv6
-# Unless overriden by ra-stateless, ra-names, et al, the router
+# Unless overridden by ra-stateless, ra-names, et al, the router
 # advertisements will have the M and O bits set, so that the clients
 # get addresses and configuration from DHCPv6, and the A bit reset, so the
 # clients don't use SLAAC addresses.
@@ -281,7 +281,7 @@
 # Give a fixed IPv6 address and name to client with
 # DUID 00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2
 # Note the MAC addresses CANNOT be used to identify DHCPv6 clients.
-# Note also the they [] around the IPv6 address are obilgatory.
+# Note also the they [] around the IPv6 address are obligatory.
 #dhcp-host=id:00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2, fred, [1234::5]
 # Ignore any clients which are not specified in dhcp-host lines
@@ -404,14 +404,14 @@
 #dhcp-option=vendor:MSFT,2,1i
 # Send the Encapsulated-vendor-class ID needed by some configurations of
-# Etherboot to allow is to recognise the DHCP server.
+# Etherboot to allow is to recognize the DHCP server.
 #dhcp-option=vendor:Etherboot,60,"Etherboot"
 # Send options to PXELinux. Note that we need to send the options even
 # though they don't appear in the parameter request list, so we need
 # to use dhcp-option-force here.
 # See http://syslinux.zytor.com/pxe.php#special for details.
-# Magic number - needed before anything else is recognised
+# Magic number - needed before anything else is recognized
 #dhcp-option-force=208,f1:00:74:7e
 # Configuration file name
 #dhcp-option-force=209,configs/common
--- a/advanced/index.php
+++ b/advanced/index.php
@@ -24,7 +24,7 @@ unset($setupVars);
 $landPage = "../landing.php";
 // Define array for hostnames to be accepted as self address for splash page
-$authorizedHosts = [];
+$authorizedHosts = [ "localhost" ];
 if (!empty($_SERVER["FQDN"])) {
    // If setenv.add-environment = ("fqdn" => "true") is configured in lighttpd,
    // append $serverName to $authorizedHosts
@@ -41,7 +41,7 @@ $validExtTypes = array("asp", "htm", "html", "php", "rss", "xml", "");
 $currentUrlExt = pathinfo($_SERVER["REQUEST_URI"], PATHINFO_EXTENSION);
 // Set mobile friendly viewport
-$viewPort = '<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"/>';
+$viewPort = '<meta name="viewport" content="width=device-width, initial-scale=1">';
 // Set response header
 function setHeader($type = "x") {
@@ -55,46 +55,69 @@ if ($serverName === "pi.hole"
    // Redirect to Web Interface
    exit(header("Location: /admin"));
 } elseif (filter_var($serverName, FILTER_VALIDATE_IP) || in_array($serverName, $authorizedHosts)) {
-    // Set Splash Page output
+    // When directly browsing via IP or authorized hostname
    // Render splash/landing page based off presence of $landPage file
    // Unset variables so as to not be included in $landPage or $splashPage
    unset($serverName, $svPasswd, $svEmail, $authorizedHosts, $validExtTypes, $currentUrlExt, $viewPort);
    // If $landPage file is present
    if (is_file(getcwd()."/$landPage")) {
        include $landPage;
        exit();
    }
    // If $landPage file was not present, Set Splash Page output
    $splashPage = "
-    <html>
+    <!doctype html>
-      <head>
+    <html lang='en'>
-        $viewPort
+        <head>
-        <link rel='stylesheet' href='pihole/blockingpage.css' type='text/css'/>
+            <meta charset='utf-8'>
-      </head>
+            $viewPort
-      <body id='splashpage'>
+            <title>● $serverName</title>
-        <img src='admin/img/logo.svg'/><br/>
+            <link rel='stylesheet' href='pihole/blockingpage.css'>
-        Pi-<b>hole</b>: Your black hole for Internet advertisements<br/>
+            <link rel='shortcut icon' href='admin/img/favicons/favicon.ico' type='image/x-icon'>
-        <a href='/admin'>Did you mean to go to the admin panel?</a>
+        </head>
-      </body>
+        <body id='splashpage'>
            <img src='admin/img/logo.svg' alt='Pi-hole logo' width='256' height='377'>
            <br>
            <p>Pi-<strong>hole</strong>: Your black hole for Internet advertisements</p>
            <a href='/admin'>Did you mean to go to the admin panel?</a>
        </body>
    </html>
    ";
-
+    exit($splashPage);
    // Set splash/landing page based off presence of $landPage
    $renderPage = is_file(getcwd()."/$landPage") ? include $landPage : "$splashPage";
    // Unset variables so as to not be included in $landPage
    unset($serverName, $svPasswd, $svEmail, $authorizedHosts, $validExtTypes, $currentUrlExt, $viewPort);
    // Render splash/landing page when directly browsing via IP or authorized hostname
    exit($renderPage);
 } elseif ($currentUrlExt === "js") {
-    // Serve Pi-hole Javascript for blocked domains requesting JS
+    // Serve Pi-hole JavaScript for blocked domains requesting JS
    exit(setHeader("js").'var x = "Pi-hole: A black hole for Internet advertisements."');
 } elseif (strpos($_SERVER["REQUEST_URI"], "?") !== FALSE && isset($_SERVER["HTTP_REFERER"])) {
    // Serve blank image upon receiving REQUEST_URI w/ query string & HTTP_REFERRER
    // e.g: An iframe of a blocked domain
-    exit(setHeader().'<html>
+    exit(setHeader().'<!doctype html>
-        <head><script>window.close();</script></head>
+    <html lang="en">
-        <body><img src="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs="></body>
+        <head>
            <meta charset="utf-8"><script>window.close();</script>
        </head>
        <body>
            <img src="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=">
        </body>
    </html>');
 } elseif (!in_array($currentUrlExt, $validExtTypes) || substr_count($_SERVER["REQUEST_URI"], "?")) {
    // Serve SVG upon receiving non $validExtTypes URL extension or query string
    // e.g: Not an iframe of a blocked domain, such as when browsing to a file/query directly
    // QoL addition: Allow the SVG to be clicked on in order to quickly show the full Block Page
-    $blockImg = '<a href="/"><svg xmlns="http://www.w3.org/2000/svg" width="110" height="16"><defs><style>a {text-decoration: none;} circle {stroke: rgba(152,2,2,0.5); fill: none; stroke-width: 2;} rect {fill: rgba(152,2,2,0.5);} text {opacity: 0.3; font: 11px Arial;}</style></defs><circle cx="8" cy="8" r="7"/><rect x="10.3" y="-6" width="2" height="12" transform="rotate(45)"/><text x="19.3" y="12">Blocked by Pi-hole</text></svg></a>';
+    $blockImg = '<a href="/">
-    exit(setHeader()."<html>
+    <svg xmlns="http://www.w3.org/2000/svg" width="110" height="16">
-        <head>$viewPort</head>
+      <circle cx="8" cy="8" r="7" fill="none" stroke="rgba(152,2,2,.5)" stroke-width="2"/>
      <path fill="rgba(152,2,2,.5)" d="M11.526 3.04l1.414 1.415-8.485 8.485-1.414-1.414z"/>
      <text x="19.3" y="12" opacity=".3" style="font:11px Arial">
        Blocked by Pi-hole
      </text>
    </svg>
    </a>';
    exit(setHeader()."<!doctype html>
    <html lang='en'>
        <head>
            <meta charset='utf-8'>
            $viewPort
        </head>
        <body>$blockImg</body>
    </html>");
 }
@@ -227,7 +250,7 @@ if (explode("-", $phVersion)[1] != "0")
 setHeader();
 ?>
-<!DOCTYPE html>
+<!doctype html>
 <!-- Pi-hole: A black hole for Internet advertisements
 *  (c) 2017 Pi-hole, LLC (https://pi-hole.net)
 *  Network-wide ad blocking via your own hardware.
@@ -235,12 +258,12 @@ setHeader();
 *  This file is copyright under the latest version of the EUPL. -->
 <html>
 <head>
-  <meta charset="UTF-8">
+  <meta charset="utf-8">
  <?=$viewPort ?>
-  <meta name="robots" content="noindex,nofollow"/>
+  <meta name="robots" content="noindex,nofollow">
  <meta http-equiv="x-dns-prefetch-control" content="off">
-  <link rel="shortcut icon" href="admin/img/favicon.png" type="image/x-icon"/>
+  <link rel="stylesheet" href="pihole/blockingpage.css">
-  <link rel="stylesheet" href="pihole/blockingpage.css" type="text/css"/>
+  <link rel="shortcut icon" href="admin/img/favicons/favicon.ico" type="image/x-icon">
  <title>● <?=$serverName ?></title>
  <script src="admin/scripts/vendor/jquery.min.js"></script>
  <script>
@@ -274,16 +297,16 @@ setHeader();
  </h1>
  <div class="spc"></div>
-  <input id="bpAboutToggle" type="checkbox"/>
+  <input id="bpAboutToggle" type="checkbox">
  <div id="bpAbout">
    <div class="aboutPH">
-      <div class="aboutImg"/></div>
+      <div class="aboutImg"></div>
      <p>Open Source Ad Blocker
        <small>Designed for Raspberry Pi</small>
      </p>
    </div>
    <div class="aboutLink">
-      <a class="linkPH" href="https://github.com/pi-hole/pi-hole/wiki/What-is-Pi-hole%3F-A-simple-explanation"><?php //About PH ?></a>
+      <a class="linkPH" href="https://docs.pi-hole.net/"><?php //About PH ?></a>
      <?php if (!empty($svEmail)) echo '<a class="linkEmail" href="mailto:'.$svEmail.'"></a>'; ?>
    </div>
  </div>
@@ -314,8 +337,9 @@ setHeader();
    <pre id='bpQueryOutput'><?php if ($featuredTotal > 0) foreach ($queryResults as $num => $value) { echo "<span>[$num]:</span>$adlistsUrls[$num]\n"; } ?></pre>
    <form id="bpWLButtons" class="buttons">
-      <input id="bpWLDomain" type="text" value="<?=$serverName ?>" disabled/>
+      <input id="bpWLDomain" type="text" value="<?=$serverName ?>" disabled>
-      <input id="bpWLPassword" type="password" placeholder="Javascript disabled" disabled/><button id="bpWhitelist" type="button" disabled></button>
+      <input id="bpWLPassword" type="password" placeholder="JavaScript disabled" disabled>
      <button id="bpWhitelist" type="button" disabled></button>
    </form>
  </div>
 </main>
--- a/advanced/lighttpd.conf.debian
+++ b/advanced/lighttpd.conf.debian
@@ -16,21 +16,21 @@
 ###############################################################################
 server.modules = (
-	"mod_access",
+    "mod_access",
-	"mod_accesslog",
+    "mod_accesslog",
-	"mod_auth",
+    "mod_auth",
-	"mod_expire",
+    "mod_expire",
-	"mod_compress",
+    "mod_compress",
-	"mod_redirect",
+    "mod_redirect",
-	"mod_setenv",
+    "mod_setenv",
-	"mod_rewrite"
+    "mod_rewrite"
 )
 server.document-root        = "/var/www/html"
 server.error-handler-404    = "/pihole/index.php"
 server.upload-dirs          = ( "/var/cache/lighttpd/uploads" )
 server.errorlog             = "/var/log/lighttpd/error.log"
-server.pid-file             = "/var/run/lighttpd.pid"
+server.pid-file             = "/run/lighttpd.pid"
 server.username             = "www-data"
 server.groupname            = "www-data"
 server.port                 = 80
@@ -41,18 +41,45 @@ index-file.names            = ( "index.php", "index.html", "index.lighttpd.html"
 url.access-deny             = ( "~", ".inc", ".md", ".yml", ".ini" )
 static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
-compress.cache-dir          = "/var/cache/lighttpd/compress/"
+compress.cache-dir = "/var/cache/lighttpd/compress/"
-compress.filetype           = ( "application/javascript", "text/css", "text/html", "text/plain" )
+compress.filetype  = (
    "application/json",
    "application/vnd.ms-fontobject",
    "application/xml",
    "font/eot",
    "font/opentype",
    "font/otf",
    "font/ttf",
    "image/bmp",
    "image/svg+xml",
    "image/vnd.microsoft.icon",
    "image/x-icon",
    "text/css",
    "text/html",
    "text/javascript",
    "text/plain",
    "text/xml"
 )
-mimetype.assign   = ( ".png"  => "image/png",
+mimetype.assign = (
-                      ".jpg"  => "image/jpeg",
+    ".ico"   => "image/x-icon",
-                      ".jpeg" => "image/jpeg",
+    ".jpeg"  => "image/jpeg",
-                      ".html" => "text/html",
+    ".jpg"   => "image/jpeg",
-                      ".css" => "text/css; charset=utf-8",
+    ".png"   => "image/png",
-                      ".js" => "application/javascript",
+    ".svg"   => "image/svg+xml",
-                      ".json" => "application/json",
+    ".css"   => "text/css; charset=utf-8",
-                      ".txt"  => "text/plain",
+    ".html"  => "text/html; charset=utf-8",
-                      ".svg"  => "image/svg+xml" )
+    ".js"    => "text/javascript; charset=utf-8",
    ".json"  => "application/json; charset=utf-8",
    ".map"   => "application/json; charset=utf-8",
    ".txt"   => "text/plain; charset=utf-8",
    ".eot"   => "application/vnd.ms-fontobject",
    ".otf"   => "font/otf",
    ".ttc"   => "font/collection",
    ".ttf"   => "font/ttf",
    ".woff"  => "font/woff",
    ".woff2" => "font/woff2"
 )
 # default listening port for IPv6 falls back to the IPv4 port
 include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
@@ -69,7 +96,7 @@ $HTTP["url"] =~ "^/admin/" {
        "X-Frame-Options" => "DENY"
    )
-    $HTTP["url"] =~ ".ttf$" {
+    $HTTP["url"] =~ "\.(eot|otf|tt[cf]|woff2?)$" {
        # Allow Block Page access to local fonts
        setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
    }
@@ -77,9 +104,12 @@ $HTTP["url"] =~ "^/admin/" {
 # Block . files from being served, such as .git, .github, .gitignore
 $HTTP["url"] =~ "^/admin/\.(.*)" {
-     url.access-deny = ("")
+    url.access-deny = ("")
 }
 # Default expire header
 expire.url = ( "" => "access plus 0 seconds" )
 # Add user chosen options held in external file
 # This uses include_shell instead of an include wildcard for compatibility
 include_shell "cat external.conf 2>/dev/null"
--- a/advanced/lighttpd.conf.fedora
+++ b/advanced/lighttpd.conf.fedora
@@ -2,7 +2,7 @@
 # (c) 2017 Pi-hole, LLC (https://pi-hole.net)
 # Network-wide ad blocking via your own hardware.
 #
-# lighttpd config for Pi-hole
+# Lighttpd config for Pi-hole
 #
 # This file is copyright under the latest version of the EUPL.
 # Please see LICENSE file for your rights under this license.
@@ -16,69 +16,95 @@
 ###############################################################################
 server.modules = (
-	"mod_access",
+    "mod_access",
-	"mod_auth",
+    "mod_auth",
-	"mod_fastcgi",
+    "mod_expire",
-	"mod_accesslog",
+    "mod_fastcgi",
-	"mod_expire",
+    "mod_accesslog",
-	"mod_compress",
+    "mod_compress",
-	"mod_redirect",
+    "mod_redirect",
-	"mod_setenv",
+    "mod_setenv",
-	"mod_rewrite"
+    "mod_rewrite"
 )
 server.document-root        = "/var/www/html"
 server.error-handler-404    = "/pihole/index.php"
 server.upload-dirs          = ( "/var/cache/lighttpd/uploads" )
 server.errorlog             = "/var/log/lighttpd/error.log"
-server.pid-file             = "/var/run/lighttpd.pid"
+server.pid-file             = "/run/lighttpd.pid"
 server.username             = "lighttpd"
 server.groupname            = "lighttpd"
 server.port                 = 80
 accesslog.filename          = "/var/log/lighttpd/access.log"
 accesslog.format            = "%{%s}t|%V|%r|%s|%b"
 index-file.names            = ( "index.php", "index.html", "index.lighttpd.html" )
 url.access-deny             = ( "~", ".inc", ".md", ".yml", ".ini" )
 static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
-compress.cache-dir          = "/var/cache/lighttpd/compress/"
+compress.cache-dir = "/var/cache/lighttpd/compress/"
-compress.filetype           = ( "application/javascript", "text/css", "text/html", "text/plain" )
+compress.filetype  = (
    "application/json",
    "application/vnd.ms-fontobject",
    "application/xml",
    "font/eot",
    "font/opentype",
    "font/otf",
    "font/ttf",
    "image/bmp",
    "image/svg+xml",
    "image/vnd.microsoft.icon",
    "image/x-icon",
    "text/css",
    "text/html",
    "text/javascript",
    "text/plain",
    "text/xml"
 )
-mimetype.assign   = ( ".png"  => "image/png",
+mimetype.assign = (
-                      ".jpg"  => "image/jpeg",
+    ".ico"   => "image/x-icon",
-                      ".jpeg" => "image/jpeg",
+    ".jpeg"  => "image/jpeg",
-                      ".html" => "text/html",
+    ".jpg"   => "image/jpeg",
-                      ".css" => "text/css; charset=utf-8",
+    ".png"   => "image/png",
-                      ".js" => "application/javascript",
+    ".svg"   => "image/svg+xml",
-                      ".json" => "application/json",
+    ".css"   => "text/css; charset=utf-8",
-                      ".txt"  => "text/plain",
+    ".html"  => "text/html; charset=utf-8",
-                      ".svg"  => "image/svg+xml" )
+    ".js"    => "text/javascript; charset=utf-8",
    ".json"  => "application/json; charset=utf-8",
    ".map"   => "application/json; charset=utf-8",
    ".txt"   => "text/plain; charset=utf-8",
    ".eot"   => "application/vnd.ms-fontobject",
    ".otf"   => "font/otf",
    ".ttc"   => "font/collection",
    ".ttf"   => "font/ttf",
    ".woff"  => "font/woff",
    ".woff2" => "font/woff2"
 )
 # default listening port for IPv6 falls back to the IPv4 port
 #include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
 #include_shell "/usr/share/lighttpd/create-mime.assign.pl"
 #include_shell "/usr/share/lighttpd/include-conf-enabled.pl"
-fastcgi.server = ( ".php" =>
+fastcgi.server = (
-                   ( "localhost" =>
+    ".php" => (
-                     (
+        "localhost" => (
-                       "socket" => "/tmp/php-fastcgi.socket",
+            "socket" => "/tmp/php-fastcgi.socket",
-                       "bin-path" => "/usr/bin/php-cgi"
+            "bin-path" => "/usr/bin/php-cgi"
-                     )
+        )
-                   )
+    )
-                 )
+)
 # If the URL starts with /admin, it is the Web interface
 $HTTP["url"] =~ "^/admin/" {
-	  # Create a response header for debugging using curl -I
+    # Create a response header for debugging using curl -I
    setenv.add-response-header = (
        "X-Pi-hole" => "The Pi-hole Web interface is working!",
        "X-Frame-Options" => "DENY"
    )
-    $HTTP["url"] =~ ".ttf$" {
+    $HTTP["url"] =~ "\.(eot|otf|tt[cf]|woff2?)$" {
        # Allow Block Page access to local fonts
        setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
    }
@@ -86,9 +112,12 @@ $HTTP["url"] =~ "^/admin/" {
 # Block . files from being served, such as .git, .github, .gitignore
 $HTTP["url"] =~ "^/admin/\.(.*)" {
-     url.access-deny = ("")
+    url.access-deny = ("")
 }
 # Default expire header
 expire.url = ( "" => "access plus 0 seconds" )
 # Add user chosen options held in external file
 # This uses include_shell instead of an include wildcard for compatibility
 include_shell "cat external.conf 2>/dev/null"
--- a/install/basic-install.sh
+++ b/install/basic-install.sh
@@ -21,6 +21,10 @@
 # instead of continuing the installation with something broken
 set -e
 # Set PATH to a usual default to assure that all basic commands are available.
 # When using "su" an uncomplete PATH could be passed: https://github.com/pi-hole/pi-hole/issues/3209
 export PATH+=':/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
 ######## VARIABLES #########
 # For better maintainability, we store as much information that can change in variables
 # This allows us to make a change in one place that can propagate to all instances of the variable
@@ -31,13 +35,13 @@ set -e
 # List of supported DNS servers
 DNS_SERVERS=$(cat << EOM
 Google (ECS);8.8.8.8;8.8.4.4;2001:4860:4860:0:0:0:0:8888;2001:4860:4860:0:0:0:0:8844
-OpenDNS (ECS);208.67.222.222;208.67.220.220;2620:119:35::35;2620:119:53::53
+OpenDNS (ECS, DNSSEC);208.67.222.222;208.67.220.220;2620:119:35::35;2620:119:53::53
 Level3;4.2.2.1;4.2.2.2;;
 Comodo;8.26.56.26;8.20.247.20;;
 DNS.WATCH;84.200.69.80;84.200.70.40;2001:1608:10:25:0:0:1c04:b12f;2001:1608:10:25:0:0:9249:d69b
 Quad9 (filtered, DNSSEC);9.9.9.9;149.112.112.112;2620:fe::fe;2620:fe::9
 Quad9 (unfiltered, no DNSSEC);9.9.9.10;149.112.112.10;2620:fe::10;2620:fe::fe:10
-Quad9 (filtered + ECS);9.9.9.11;149.112.112.11;2620:fe::11;
+Quad9 (filtered + ECS);9.9.9.11;149.112.112.11;2620:fe::11;2620:fe::fe:11
 Cloudflare;1.1.1.1;1.0.0.1;2606:4700:4700::1111;2606:4700:4700::1001
 EOM
 )
@@ -67,17 +71,20 @@ PI_HOLE_INSTALL_DIR="/opt/pihole"
 PI_HOLE_CONFIG_DIR="/etc/pihole"
 PI_HOLE_BIN_DIR="/usr/local/bin"
 PI_HOLE_BLOCKPAGE_DIR="${webroot}/pihole"
-useUpdateVars=false
+if [ -z "$useUpdateVars" ]; then
  useUpdateVars=false
 fi
 adlistFile="/etc/pihole/adlists.list"
 # Pi-hole needs an IP address; to begin, these variables are empty since we don't know what the IP is until
 # this script can run
-IPV4_ADDRESS=""
+IPV4_ADDRESS=${IPV4_ADDRESS}
-IPV6_ADDRESS=""
+IPV6_ADDRESS=${IPV6_ADDRESS}
 # By default, query logging is enabled and the dashboard is set to be installed
 QUERY_LOGGING=true
 INSTALL_WEB_INTERFACE=true
 PRIVACY_LEVEL=0
 CACHE_SIZE=10000
 if [ -z "${USER}" ]; then
  USER="$(id -un)"
@@ -106,7 +113,6 @@ c=$(( c < 70 ? 70 : c ))
 ######## Undocumented Flags. Shhh ########
 # These are undocumented flags; some of which we can use when repairing an installation
 # The runUnattended flag is one example of this
 skipSpaceCheck=false
 reconfigure=false
 runUnattended=false
 INSTALL_WEB_SERVER=true
@@ -114,7 +120,6 @@ INSTALL_WEB_SERVER=true
 for var in "$@"; do
    case "$var" in
        "--reconfigure" ) reconfigure=true;;
        "--i_do_not_follow_recommendations" ) skipSpaceCheck=true;;
        "--unattended" ) runUnattended=true;;
        "--disable-install-webserver" ) INSTALL_WEB_SERVER=false;;
    esac
@@ -174,6 +179,99 @@ is_command() {
    command -v "${check_command}" >/dev/null 2>&1
 }
 os_check() {
    if [ "$PIHOLE_SKIP_OS_CHECK" != true ]; then
        # This function gets a list of supported OS versions from a TXT record at versions.pi-hole.net
        # and determines whether or not the script is running on one of those systems
        local remote_os_domain valid_os valid_version valid_response detected_os detected_version display_warning cmdResult digReturnCode response
        remote_os_domain="versions.pi-hole.net"
        detected_os=$(grep "\bID\b" /etc/os-release | cut -d '=' -f2 | tr -d '"')
        detected_version=$(grep VERSION_ID /etc/os-release | cut -d '=' -f2 | tr -d '"')
        cmdResult="$(dig +short -t txt ${remote_os_domain} @ns1.pi-hole.net 2>&1; echo $?)"
        #Get the return code of the previous command (last line)
        digReturnCode="${cmdResult##*$'\n'}"
        if [ ! "${digReturnCode}" == "0" ]; then
            valid_response=false
        else
            # Dig returned 0 code, so get the actual response, and loop through it to determine if the detected variables above are valid
            response="${cmdResult%%$'\n'*}"
            # If the value of ${result} is a single 0, then this is the return code, not the response. Response is blank
            if [ "${response}" == 0 ]; then
                valid_response=false
            fi
            IFS=" " read -r -a supportedOS < <(echo "${response}" | tr -d '"')
            for distro_and_versions in "${supportedOS[@]}"
            do
                distro_part="${distro_and_versions%%=*}"
                versions_part="${distro_and_versions##*=}"
                if [[ "${detected_os^^}" =~ ${distro_part^^} ]]; then
                    valid_os=true
                    IFS="," read -r -a supportedVer <<<"${versions_part}"
                    for version in "${supportedVer[@]}"
                    do
                        if [[ "${detected_version}" =~ $version ]]; then
                            valid_version=true
                            break
                        fi
                    done
                    break
                fi
            done
        fi
        if [ "$valid_os" = true ] && [ "$valid_version" = true ] && [ ! "$valid_response" = false ]; then
            display_warning=false
        fi
        if [ "$display_warning" != false ]; then
            if [ "$valid_response" = false ]; then
                if [ "${digReturnCode}" -eq 0 ]; then
                    errStr="dig succeeded, but response was blank. Please contact support"
                else
                    errStr="dig failed with return code ${digReturnCode}"
                fi
                printf "  %b %bRetrieval of supported OS list failed. %s. %b\\n" "${CROSS}" "${COL_LIGHT_RED}" "${errStr}" "${COL_NC}"
                printf "      %bUnable to determine if the detected OS (%s %s) is supported%b\\n" "${COL_LIGHT_RED}" "${detected_os^}" "${detected_version}" "${COL_NC}"
                printf "      Possible causes for this include:\\n"
                printf "        - Firewall blocking certain DNS lookups from Pi-hole device\\n"
                printf "        - ns1.pi-hole.net being blocked (required to obtain TXT record from versions.pi-hole.net containing supported operating systems)\\n"
                printf "        - Other internet connectivity issues\\n"
            else
                printf "  %b %bUnsupported OS detected: %s %s%b\\n" "${CROSS}" "${COL_LIGHT_RED}" "${detected_os^}" "${detected_version}" "${COL_NC}"
                printf "      If you are seeing this message and you do have a supported OS, please contact support.\\n"
            fi
            printf "\\n"
            printf "      %bhttps://docs.pi-hole.net/main/prerequesites/#supported-operating-systems%b\\n" "${COL_LIGHT_GREEN}" "${COL_NC}"
            printf "\\n"
            printf "      If you wish to attempt to continue anyway, you can try one of the following commands to skip this check:\\n"
            printf "\\n"
            printf "      e.g: If you are seeing this message on a fresh install, you can run:\\n"
            printf "             %bcurl -sSL https://install.pi-hole.net | PIHOLE_SKIP_OS_CHECK=true sudo -E bash%b\\n" "${COL_LIGHT_GREEN}" "${COL_NC}"
            printf "\\n"
            printf "           If you are seeing this message after having run pihole -up:\\n"
            printf "             %bPIHOLE_SKIP_OS_CHECK=true sudo -E pihole -r%b\\n" "${COL_LIGHT_GREEN}" "${COL_NC}"
            printf "           (In this case, your previous run of pihole -up will have already updated the local repository)\\n"
            printf "\\n"
            printf "      It is possible that the installation will still fail at this stage due to an unsupported configuration.\\n"
            printf "      If that is the case, you can feel free to ask the community on Discourse with the %bCommunity Help%b category:\\n" "${COL_LIGHT_RED}" "${COL_NC}"
            printf "      %bhttps://discourse.pi-hole.net/c/bugs-problems-issues/community-help/%b\\n" "${COL_LIGHT_GREEN}" "${COL_NC}"
            printf "\\n"
            exit 1
        else
            printf "  %b %bSupported OS detected%b\\n" "${TICK}" "${COL_LIGHT_GREEN}" "${COL_NC}"
        fi
    else
        printf "  %b %bPIHOLE_SKIP_OS_CHECK env variable set to true - installer will continue%b\\n" "${INFO}" "${COL_LIGHT_GREEN}" "${COL_NC}"
    fi
 }
 # Compatibility
 distro_check() {
 # If apt-get is installed, then we know it's part of the Debian family
@@ -184,7 +282,7 @@ if is_command apt-get ; then
    # A variable to store the command used to update the package cache
    UPDATE_PKG_CACHE="${PKG_MANAGER} update"
    # An array for something...
-    PKG_INSTALL=("${PKG_MANAGER}" --yes --no-install-recommends install)
+    PKG_INSTALL=("${PKG_MANAGER}" -qq --no-install-recommends install)
    # grep -c will return 1 retVal on 0 matches, block this throwing the set -e with an OR TRUE
    PKG_COUNT="${PKG_MANAGER} -s -o Debug::NoLocking=true upgrade | grep -c ^Inst || true"
    # Some distros vary slightly so these fixes for dependencies may apply
@@ -192,8 +290,8 @@ if is_command apt-get ; then
    APT_SOURCES="/etc/apt/sources.list"
    if awk 'BEGIN{a=1;b=0}/bionic main/{a=0}/bionic.*universe/{b=1}END{exit a + b}' ${APT_SOURCES}; then
        if ! whiptail --defaultno --title "Dependencies Require Update to Allowed Repositories" --yesno "Would you like to enable 'universe' repository?\\n\\nThis repository is required by the following packages:\\n\\n- dhcpcd5" "${r}" "${c}"; then
-            printf "  %b Aborting installation: dependencies could not be installed.\\n" "${CROSS}"
+            printf "  %b Aborting installation: Dependencies could not be installed.\\n" "${CROSS}"
-            exit # exit the installer
+            exit 1 # exit the installer
        else
            printf "  %b Enabling universe package repository for Ubuntu Bionic\\n" "${INFO}"
            cp -p ${APT_SOURCES} ${APT_SOURCES}.backup # Backup current repo list
@@ -202,14 +300,18 @@ if is_command apt-get ; then
            printf "  %b Enabled %s\\n" "${TICK}" "'universe' repository"
        fi
    fi
-    # Debian 7 doesn't have iproute2 so if the dry run install is successful,
+    # Update package cache. This is required already here to assure apt-cache calls have package lists available.
-    if "${PKG_MANAGER}" install --dry-run iproute2 > /dev/null 2>&1; then
+    update_package_cache || exit 1
-        # we can install it
+    # Debian 7 doesn't have iproute2 so check if it's available first
    if apt-cache show iproute2 > /dev/null 2>&1; then
        iproute_pkg="iproute2"
-    # Otherwise,
+    # Otherwise, check if iproute is available
-    else
+    elif apt-cache show iproute > /dev/null 2>&1; then
        # use iproute
        iproute_pkg="iproute"
    # Else print error and exit
    else
        printf "  %b Aborting installation: iproute2 and iproute packages were not found in APT repository.\\n" "${CROSS}"
        exit 1
    fi
    # Check for and determine version number (major and minor) of current php install
    if is_command php ; then
@@ -224,30 +326,37 @@ if is_command apt-get ; then
    # Check if installed php is v 7.0, or newer to determine packages to install
    if [[ "$phpInsNewer" != true ]]; then
        # Prefer the php metapackage if it's there
-        if "${PKG_MANAGER}" install --dry-run php > /dev/null 2>&1; then
+        if apt-cache show php > /dev/null 2>&1; then
            phpVer="php"
-        # fall back on the php5 packages
+        # Else fall back on the php5 package if it's there
-        else
+        elif apt-cache show php5 > /dev/null 2>&1; then
            phpVer="php5"
        # Else print error and exit
        else
            printf "  %b Aborting installation: No PHP packages were found in APT repository.\\n" "${CROSS}"
            exit 1
        fi
    else
        # Newer php is installed, its common, cgi & sqlite counterparts are deps
        phpVer="php$phpInsMajor.$phpInsMinor"
    fi
    # We also need the correct version for `php-sqlite` (which differs across distros)
-    if "${PKG_MANAGER}" install --dry-run "${phpVer}-sqlite3" > /dev/null 2>&1; then
+    if apt-cache show "${phpVer}-sqlite3" > /dev/null 2>&1; then
        phpSqlite="sqlite3"
-    else
+    elif apt-cache show "${phpVer}-sqlite" > /dev/null 2>&1; then
        phpSqlite="sqlite"
    else
        printf "  %b Aborting installation: No SQLite PHP module was found in APT repository.\\n" "${CROSS}"
        exit 1
    fi
    # Since our install script is so large, we need several other programs to successfully get a machine provisioned
    # These programs are stored in an array so they can be looped through later
-    INSTALLER_DEPS=(dhcpcd5 git "${iproute_pkg}" whiptail)
+    INSTALLER_DEPS=(dhcpcd5 git "${iproute_pkg}" whiptail dnsutils)
    # Pi-hole itself has several dependencies that also need to be installed
-    PIHOLE_DEPS=(cron curl dnsutils iputils-ping lsof netcat psmisc sudo unzip wget idn2 sqlite3 libcap2-bin dns-root-data libcap2)
+    PIHOLE_DEPS=(cron curl iputils-ping lsof netcat psmisc sudo unzip wget idn2 sqlite3 libcap2-bin dns-root-data libcap2)
    # The Web dashboard has some that also need to be installed
    # It's useful to separate the two since our repos are also setup as "Core" code and "Web" code
-    PIHOLE_WEB_DEPS=(lighttpd "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-${phpSqlite}" "${phpVer}-xml" "php-intl")
+    PIHOLE_WEB_DEPS=(lighttpd "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-${phpSqlite}" "${phpVer}-xml" "${phpVer}-json" "${phpVer}-intl")
    # The Web server user,
    LIGHTTPD_USER="www-data"
    # group,
@@ -281,12 +390,10 @@ elif is_command rpm ; then
        PKG_MANAGER="yum"
    fi
    # Fedora and family update cache on every PKG_INSTALL call, no need for a separate update.
    UPDATE_PKG_CACHE=":"
    PKG_INSTALL=("${PKG_MANAGER}" install -y)
    PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l"
-    INSTALLER_DEPS=(git iproute newt procps-ng which chkconfig)
+    INSTALLER_DEPS=(git iproute newt procps-ng which chkconfig bind-utils)
-    PIHOLE_DEPS=(bind-utils cronie curl findutils nmap-ncat sudo unzip wget libidn2 psmisc sqlite libcap)
+    PIHOLE_DEPS=(cronie curl findutils nmap-ncat sudo unzip libidn2 psmisc sqlite libcap lsof)
    PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php-common php-cli php-pdo php-xml php-json php-intl)
    LIGHTTPD_USER="lighttpd"
    LIGHTTPD_GROUP="lighttpd"
@@ -421,16 +528,16 @@ make_repo() {
    printf "  %b %s..." "${INFO}" "${str}"
    # If the directory exists,
    if [[ -d "${directory}" ]]; then
-        # delete everything in it so git can clone into it
+        # Return with a 1 to exit the installer. We don't want to overwrite what could already be here in case it is not ours
-        rm -rf "${directory}"
+        str="Unable to clone ${remoteRepo} into ${directory} : Directory already exists"
        printf "%b  %b%s\\n" "${OVER}" "${CROSS}" "${str}"
        return 1
    fi
    # Clone the repo and return the return code from this command
    git clone -q --depth 20 "${remoteRepo}" "${directory}" &> /dev/null || return $?
    # Data in the repositories is public anyway so we can make it readable by everyone (+r to keep executable permission if already set by git)
    chmod -R a+rX "${directory}"
    # Move into the directory that was passed as an argument
    pushd "${directory}" &> /dev/null || return 1
-    # Check current branch. If it is master, then reset to the latest availible tag.
+    # Check current branch. If it is master, then reset to the latest available tag.
    # In case extra commits have been added after tagging/release (i.e in case of metadata updates/README.MD tweaks)
    curBranch=$(git rev-parse --abbrev-ref HEAD)
    if [[ "${curBranch}" == "master" ]]; then #If we're calling make_repo() then it should always be master, we may not need to check.
@@ -438,7 +545,8 @@ make_repo() {
    fi
    # Show a colored message showing it's status
    printf "%b  %b %s\\n" "${OVER}" "${TICK}" "${str}"
-
+    # Data in the repositories is public anyway so we can make it readable by everyone (+r to keep executable permission if already set by git)
    chmod -R a+rX "${directory}"
    # Move back into the original directory
    popd &> /dev/null || return 1
    return 0
@@ -466,7 +574,7 @@ update_repo() {
    git clean --quiet --force -d || true # Okay for already clean directory
    # Pull the latest commits
    git pull --quiet &> /dev/null || return $?
-    # Check current branch. If it is master, then reset to the latest availible tag.
+    # Check current branch. If it is master, then reset to the latest available tag.
    # In case extra commits have been added after tagging/release (i.e in case of metadata updates/README.MD tweaks)
    curBranch=$(git rev-parse --abbrev-ref HEAD)
    if [[ "${curBranch}" == "master" ]]; then
@@ -573,7 +681,7 @@ welcomeDialogs() {
    whiptail --msgbox --backtitle "Welcome" --title "Pi-hole automated installer" "\\n\\nThis installer will transform your device into a network-wide ad blocker!" "${r}" "${c}"
    # Request that users donate if they enjoy the software since we all work on it in our free time
-    whiptail --msgbox --backtitle "Plea" --title "Free and open source" "\\n\\nThe Pi-hole is free, but powered by your donations:  http://pi-hole.net/donate" "${r}" "${c}"
+    whiptail --msgbox --backtitle "Plea" --title "Free and open source" "\\n\\nThe Pi-hole is free, but powered by your donations:  https://pi-hole.net/donate/" "${r}" "${c}"
    # Explain the need for a static address
    whiptail --msgbox --backtitle "Initiating network interface" --title "Static IP Needed" "\\n\\nThe Pi-hole is a SERVER so it needs a STATIC IP ADDRESS to function properly.
@@ -581,53 +689,6 @@ welcomeDialogs() {
 In the next section, you can choose to use your current network settings (DHCP) or to manually edit them." "${r}" "${c}"
 }
 # We need to make sure there is enough space before installing, so there is a function to check this
 verifyFreeDiskSpace() {
    # 50MB is the minimum space needed (45MB install (includes web admin bootstrap/jquery libraries etc) + 5MB one day of logs.)
    # - Fourdee: Local ensures the variable is only created, and accessible within this function/void. Generally considered a "good" coding practice for non-global variables.
    local str="Disk space check"
    # Required space in KB
    local required_free_kilobytes=51200
    # Calculate existing free space on this machine
    local existing_free_kilobytes
    existing_free_kilobytes=$(df -Pk | grep -m1 '\/$' | awk '{print $4}')
    # If the existing space is not an integer,
    if ! [[ "${existing_free_kilobytes}" =~ ^([0-9])+$ ]]; then
        # show an error that we can't determine the free space
        printf "  %b %s\\n" "${CROSS}" "${str}"
        printf "  %b Unknown free disk space! \\n" "${INFO}"
        printf "      We were unable to determine available free disk space on this system.\\n"
        printf "      You may override this check, however, it is not recommended.\\n"
        printf "      The option '%b--i_do_not_follow_recommendations%b' can override this.\\n" "${COL_LIGHT_RED}" "${COL_NC}"
        printf "      e.g: curl -L https://install.pi-hole.net | bash /dev/stdin %b<option>%b\\n" "${COL_LIGHT_RED}" "${COL_NC}"
        # exit with an error code
        exit 1
    # If there is insufficient free disk space,
    elif [[ "${existing_free_kilobytes}" -lt "${required_free_kilobytes}" ]]; then
        # show an error message
        printf "  %b %s\\n" "${CROSS}" "${str}"
        printf "  %b Your system disk appears to only have %s KB free\\n" "${INFO}" "${existing_free_kilobytes}"
        printf "      It is recommended to have a minimum of %s KB to run the Pi-hole\\n" "${required_free_kilobytes}"
        # if the vcgencmd command exists,
        if is_command vcgencmd ; then
            # it's probably a Raspbian install, so show a message about expanding the filesystem
            printf "      If this is a new install you may need to expand your disk\\n"
            printf "      Run 'sudo raspi-config', and choose the 'expand file system' option\\n"
            printf "      After rebooting, run this installation again\\n"
            printf "      e.g: curl -L https://install.pi-hole.net | bash\\n"
        fi
        # Show there is not enough free space
        printf "\\n      %bInsufficient free space, exiting...%b\\n" "${COL_LIGHT_RED}" "${COL_NC}"
        # and exit with an error
        exit 1
    # Otherwise,
    else
        # Show that we're running a disk space check
        printf "  %b %s\\n" "${TICK}" "${str}"
    fi
 }
 # A function that let's the user pick an interface to use with Pi-hole
 chooseInterface() {
    # Turn the available interfaces into an array so it can be used with a whiptail dialog
@@ -665,7 +726,7 @@ chooseInterface() {
        # Feed the available interfaces into this while loop
        done <<< "${availableInterfaces}"
        # The whiptail command that will be run, stored in a variable
-        chooseInterfaceCmd=(whiptail --separate-output --radiolist "Choose An Interface (press space to select)" "${r}" "${c}" "${interfaceCount}")
+        chooseInterfaceCmd=(whiptail --separate-output --radiolist "Choose An Interface (press space to toggle selection)" "${r}" "${c}" "${interfaceCount}")
        # Now run the command using the interfaces saved into the array
        chooseInterfaceOptions=$("${chooseInterfaceCmd[@]}" "${interfacesArray[@]}" 2>&1 >/dev/tty) || \
        # If the user chooses Cancel, exit
@@ -755,8 +816,8 @@ use4andor6() {
    # Named local variables
    local useIPv4
    local useIPv6
-    # Let use select IPv4 and/or IPv6 via a checklist
+    # Let user choose IPv4 and/or IPv6 via a checklist
-    cmd=(whiptail --separate-output --checklist "Select Protocols (press space to select)" "${r}" "${c}" 2)
+    cmd=(whiptail --separate-output --checklist "Select Protocols (press space to toggle selection)" "${r}" "${c}" 2)
    # In an array, show the options available:
    # IPv4 (on by default)
    options=(IPv4 "Block ads over IPv4" on
@@ -819,13 +880,13 @@ It is also possible to use a DHCP reservation, but if you are going to do that,
        # Ask for the IPv4 address
        IPV4_ADDRESS=$(whiptail --backtitle "Calibrating network interface" --title "IPv4 address" --inputbox "Enter your desired IPv4 address" "${r}" "${c}" "${IPV4_ADDRESS}" 3>&1 1>&2 2>&3) || \
-        # Cancelling IPv4 settings window
+        # Canceling IPv4 settings window
        { ipSettingsCorrect=False; echo -e "  ${COL_LIGHT_RED}Cancel was selected, exiting installer${COL_NC}"; exit 1; }
        printf "  %b Your static IPv4 address: %s\\n" "${INFO}" "${IPV4_ADDRESS}"
        # Ask for the gateway
        IPv4gw=$(whiptail --backtitle "Calibrating network interface" --title "IPv4 gateway (router)" --inputbox "Enter your desired IPv4 default gateway" "${r}" "${c}" "${IPv4gw}" 3>&1 1>&2 2>&3) || \
-        # Cancelling gateway settings window
+        # Canceling gateway settings window
        { ipSettingsCorrect=False; echo -e "  ${COL_LIGHT_RED}Cancel was selected, exiting installer${COL_NC}"; exit 1; }
        printf "  %b Your static IPv4 gateway: %s\\n" "${INFO}" "${IPv4gw}"
@@ -954,22 +1015,36 @@ valid_ip() {
    local ip=${1}
    local stat=1
-    # If the IP matches the format xxx.xxx.xxx.xxx,
+    # One IPv4 element is 8bit: 0 - 256
-    if [[ "${ip}" =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
+    local ipv4elem="(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]?|0)";
-        # Save the old Internal Field Separator in a variable
+    # optional port number starting '#' with range of 1-65536
-        OIFS=$IFS
+    local portelem="(#([1-9]|[1-8][0-9]|9[0-9]|[1-8][0-9]{2}|9[0-8][0-9]|99[0-9]|[1-8][0-9]{3}|9[0-8][0-9]{2}|99[0-8][0-9]|999[0-9]|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-6]))?"
-        # and set the new one to a dot (period)
+    # build a full regex string from the above parts
-        IFS='.'
+    local regex="^${ipv4elem}\.${ipv4elem}\.${ipv4elem}\.${ipv4elem}${portelem}$"
-        # Put the IP into an array
+
-        read -r -a ip <<< "${ip}"
+    [[ $ip =~ ${regex} ]]
-        # Restore the IFS to what it was
+
-        IFS=${OIFS}
+    stat=$?
-        ## Evaluate each octet by checking if it's less than or equal to 255 (the max for each octet)
+    # Return the exit code
-        [[ "${ip[0]}" -le 255 && "${ip[1]}" -le 255 \
+    return "${stat}"
-        && "${ip[2]}" -le 255 && "${ip[3]}" -le 255 ]]
+}
-        # Save the exit code
+
-        stat=$?
+valid_ip6() {
-    fi
+    local ip=${1}
    local stat=1
    # One IPv6 element is 16bit: 0000 - FFFF
    local ipv6elem="[0-9a-fA-F]{1,4}"
    # CIDR for IPv6 is 1- 128 bit
    local v6cidr="(\\/([1-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8])){0,1}"
    # optional port number starting '#' with range of 1-65536
    local portelem="(#([1-9]|[1-8][0-9]|9[0-9]|[1-8][0-9]{2}|9[0-8][0-9]|99[0-9]|[1-8][0-9]{3}|9[0-8][0-9]{2}|99[0-8][0-9]|999[0-9]|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-6]))?"
    # build a full regex string from the above parts
    local regex="^(((${ipv6elem}))*((:${ipv6elem}))*::((${ipv6elem}))*((:${ipv6elem}))*|((${ipv6elem}))((:${ipv6elem})){7})${v6cidr}${portelem}$"
    [[ ${ip} =~ ${regex} ]]
    stat=$?
    # Return the exit code
    return "${stat}"
 }
@@ -1140,7 +1215,6 @@ setPrivacyLevel() {
        "1" "Hide domains" off
        "2" "Hide domains and clients" off
        "3" "Anonymous mode" off
        "4" "Disabled statistics" off
    )
    # Get the user's choice
@@ -1173,13 +1247,18 @@ setAdminFlag() {
            printf "  %b Web Interface Off\\n" "${INFO}"
            # or false
            INSTALL_WEB_INTERFACE=false
            # Deselect the web server as well, since it is obsolete then
            INSTALL_WEB_SERVER=false
            ;;
    esac
-    # Request user to install web server, if --disable-install-webserver has not been used (INSTALL_WEB_SERVER=true is default).
+    # Request user to install web server, if it has not been deselected before (INSTALL_WEB_SERVER=true is default).
    if [[ "${INSTALL_WEB_SERVER}" == true ]]; then
-        WebToggleCommand=(whiptail --separate-output --radiolist "Do you wish to install the web server (lighttpd)?\\n\\nNB: If you disable this, and, do not have an existing webserver installed, the web interface will not function." "${r}" "${c}" 6)
+        # Get list of required PHP modules, excluding base package (common) and handler (cgi)
-        # with the default being enabled
+        local i php_modules
        for i in "${PIHOLE_WEB_DEPS[@]}"; do [[ $i == 'php'* && $i != *'-common' && $i != *'-cgi' ]] && php_modules+=" ${i#*-}"; done
        WebToggleCommand=(whiptail --separate-output --radiolist "Do you wish to install the web server (lighttpd) and required PHP modules?\\n\\nNB: If you disable this, and, do not have an existing web server and required PHP modules (${php_modules# }) installed, the web interface will not function. Additionally the web server user needs to be member of the \"pihole\" group for full functionality." "${r}" "${c}" 6)
        # Enable as default and recommended option
        WebChooseOptions=("On (Recommended)" "" on
            Off "" off)
        WebChoices=$("${WebToggleCommand[@]}" "${WebChooseOptions[@]}" 2>&1 >/dev/tty) || (printf "  %bCancel was selected, exiting installer%b\\n" "${COL_LIGHT_RED}" "${COL_NC}" && exit 1)
@@ -1209,9 +1288,7 @@ chooseBlocklists() {
    cmd=(whiptail --separate-output --checklist "Pi-hole relies on third party lists in order to block ads.\\n\\nYou can use the suggestions below, and/or add your own after installation\\n\\nTo deselect any list, use the arrow keys and spacebar" "${r}" "${c}" 5)
    # In an array, show the options available (all off by default):
    options=(StevenBlack "StevenBlack's Unified Hosts List" on
-        MalwareDom "MalwareDomains" on
+        MalwareDom "MalwareDomains" on)
        DisconTrack "Disconnect.me Tracking" on
        DisconAd "Disconnect.me Ads" on)
    # In a variable, show the choices available; exit if Cancel is selected
    choices=$("${cmd[@]}" "${options[@]}" 2>&1 >/dev/tty) || { printf "  %bCancel was selected, exiting installer%b\\n" "${COL_LIGHT_RED}" "${COL_NC}"; rm "${adlistFile}" ;exit 1; }
@@ -1220,6 +1297,7 @@ chooseBlocklists() {
    do
        appendToListsFile "${choice}"
    done
    touch "${adlistFile}"
    chmod 644 "${adlistFile}"
 }
@@ -1230,8 +1308,6 @@ appendToListsFile() {
    case $1 in
        StevenBlack  )  echo "https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts" >> "${adlistFile}";;
        MalwareDom   )  echo "https://mirror1.malwaredomains.com/files/justdomains" >> "${adlistFile}";;
        DisconTrack  )  echo "https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt" >> "${adlistFile}";;
        DisconAd     )  echo "https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt" >> "${adlistFile}";;
    esac
 }
@@ -1245,8 +1321,6 @@ installDefaultBlocklists() {
    fi
    appendToListsFile StevenBlack
    appendToListsFile MalwareDom
    appendToListsFile DisconTrack
    appendToListsFile DisconAd
 }
 # Check if /etc/dnsmasq.conf is from pi-hole.  If so replace with an original and install new in .d directory
@@ -1314,6 +1388,9 @@ version_check_dnsmasq() {
        sed -i '/^server=@DNS2@/d' "${dnsmasq_pihole_01_location}"
    fi
 	# Set the cache size
 	sed -i "s/@CACHE_SIZE@/$CACHE_SIZE/" ${dnsmasq_pihole_01_location}
    #
    sed -i 's/^#conf-dir=\/etc\/dnsmasq.d$/conf-dir=\/etc\/dnsmasq.d/' "${dnsmasq_conf}"
@@ -1402,6 +1479,15 @@ installConfigs() {
            return 1
        fi
    fi
    # Install empty custom.list file if it does not exist
    if [[ ! -r "${PI_HOLE_CONFIG_DIR}/custom.list" ]]; then
        if ! install -o root -m 644 /dev/null "${PI_HOLE_CONFIG_DIR}/custom.list" &>/dev/null; then
            printf "  %bError: Unable to initialize configuration file %s/custom.list\\n" "${COL_LIGHT_RED}" "${PI_HOLE_CONFIG_DIR}"
            return 1
        fi
    fi
    # If the user chose to install the dashboard,
    if [[ "${INSTALL_WEB_SERVER}" == true ]]; then
        # and if the Web server conf directory does not exist,
@@ -1423,8 +1509,8 @@ installConfigs() {
            sed -i 's/^\(server\.error-handler-404\s*=\s*\).*$/\1"pihole\/custom\.php"/' /etc/lighttpd/lighttpd.conf
        fi
        # Make the directories if they do not exist and set the owners
-        mkdir -p /var/run/lighttpd
+        mkdir -p /run/lighttpd
-        chown ${LIGHTTPD_USER}:${LIGHTTPD_GROUP} /var/run/lighttpd
+        chown ${LIGHTTPD_USER}:${LIGHTTPD_GROUP} /run/lighttpd
        mkdir -p /var/cache/lighttpd/compress
        chown ${LIGHTTPD_USER}:${LIGHTTPD_GROUP} /var/cache/lighttpd/compress
        mkdir -p /var/cache/lighttpd/uploads
@@ -1764,18 +1850,49 @@ create_pihole_user() {
    printf "  %b %s..." "${INFO}" "${str}"
    # If the user pihole exists,
    if id -u pihole &> /dev/null; then
-        # just show a success
+        # if group exists
-        printf "%b  %b %s\\n" "${OVER}" "${TICK}" "${str}"
+        if getent group pihole > /dev/null 2>&1; then
            # just show a success
            printf "%b  %b %s\\n" "${OVER}" "${TICK}" "${str}"
        else
            local str="Checking for group 'pihole'"
            printf "  %b %s..." "${INFO}" "${str}"
            local str="Creating group 'pihole'"
            # if group can be created
            if groupadd pihole; then
                printf "%b  %b %s\\n" "${OVER}" "${TICK}" "${str}"
                local str="Adding user 'pihole' to group 'pihole'"
                printf "  %b %s..." "${INFO}" "${str}"
                # if pihole user can be added to group pihole
                if usermod -g pihole pihole; then
                    printf "%b  %b %s\\n" "${OVER}" "${TICK}" "${str}"
                else
                    printf "%b  %b %s\\n" "${OVER}" "${CROSS}" "${str}"
                fi
            else
                printf "%b  %b %s\\n" "${OVER}" "${CROSS}" "${str}"
            fi
        fi
    # Otherwise,
    else
        printf "%b  %b %s" "${OVER}" "${CROSS}" "${str}"
        local str="Creating user 'pihole'"
        printf "%b  %b %s..." "${OVER}" "${INFO}" "${str}"
        # create her with the useradd command
-        if useradd -r -s /usr/sbin/nologin pihole; then
+        if getent group pihole > /dev/null 2>&1; then
-          printf "%b  %b %s\\n" "${OVER}" "${TICK}" "${str}"
+            # add primary group pihole as it already exists
            if useradd -r --no-user-group -g pihole -s /usr/sbin/nologin pihole; then
                printf "%b  %b %s\\n" "${OVER}" "${TICK}" "${str}"
            else
                printf "%b  %b %s\\n" "${OVER}" "${CROSS}" "${str}"
            fi
        else
-          printf "%b  %b %s\\n" "${OVER}" "${CROSS}" "${str}"
+            # add user pihole with default group settings
            if useradd -r -s /usr/sbin/nologin pihole; then
                printf "%b  %b %s\\n" "${OVER}" "${TICK}" "${str}"
            else
                printf "%b  %b %s\\n" "${OVER}" "${CROSS}" "${str}"
            fi
        fi
    fi
 }
@@ -1798,7 +1915,7 @@ finalExports() {
    # If the setup variable file exists,
    if [[ -e "${setupVars}" ]]; then
        # update the variables in the file
-        sed -i.update.bak '/PIHOLE_INTERFACE/d;/IPV4_ADDRESS/d;/IPV6_ADDRESS/d;/PIHOLE_DNS_1/d;/PIHOLE_DNS_2/d;/QUERY_LOGGING/d;/INSTALL_WEB_SERVER/d;/INSTALL_WEB_INTERFACE/d;/LIGHTTPD_ENABLED/d;' "${setupVars}"
+        sed -i.update.bak '/PIHOLE_INTERFACE/d;/IPV4_ADDRESS/d;/IPV6_ADDRESS/d;/PIHOLE_DNS_1\b/d;/PIHOLE_DNS_2\b/d;/QUERY_LOGGING/d;/INSTALL_WEB_SERVER/d;/INSTALL_WEB_INTERFACE/d;/LIGHTTPD_ENABLED/d;/CACHE_SIZE/d;' "${setupVars}"
    fi
    # echo the information to the user
    {
@@ -1811,6 +1928,7 @@ finalExports() {
    echo "INSTALL_WEB_SERVER=${INSTALL_WEB_SERVER}"
    echo "INSTALL_WEB_INTERFACE=${INSTALL_WEB_INTERFACE}"
    echo "LIGHTTPD_ENABLED=${LIGHTTPD_ENABLED}"
    echo "CACHE_SIZE=${CACHE_SIZE}"
    }>> "${setupVars}"
    chmod 644 "${setupVars}"
@@ -1885,11 +2003,9 @@ installPihole() {
            # Set the owner and permissions
            chown ${LIGHTTPD_USER}:${LIGHTTPD_GROUP} ${webroot}
            chmod 0775 ${webroot}
-            # Repair permissions if /var/www/html is not world readable
+            # Repair permissions if webroot is not world readable
            chmod a+rx /var/www
-            chmod a+rx /var/www/html
+            chmod a+rx ${webroot}
            # Give pihole access to the Web server group
            usermod -a -G ${LIGHTTPD_GROUP} pihole
            # Give lighttpd access to the pihole group so the web interface can
            # manage the gravity.db database
            usermod -a -G pihole ${LIGHTTPD_USER}
@@ -1943,9 +2059,9 @@ checkSelinux() {
    local DEFAULT_SELINUX
    local CURRENT_SELINUX
    local SELINUX_ENFORCING=0
-    # Check if a SELinux configuration file exists
+    # Check for SELinux configuration file and getenforce command
-    if [[ -f /etc/selinux/config ]]; then
+    if [[ -f /etc/selinux/config ]] && command -v getenforce &> /dev/null; then
-        # If a SELinux configuration file was found, check the default SELinux mode.
+        # Check the default SELinux mode
        DEFAULT_SELINUX=$(awk -F= '/^SELINUX=/ {print $2}' /etc/selinux/config)
        case "${DEFAULT_SELINUX,,}" in
            enforcing)
@@ -1974,8 +2090,13 @@ checkSelinux() {
    if [[ "${SELINUX_ENFORCING}" -eq 1 ]] && [[ -z "${PIHOLE_SELINUX}" ]]; then
        printf "  Pi-hole does not provide an SELinux policy as the required changes modify the security of your system.\\n"
        printf "  Please refer to https://wiki.centos.org/HowTos/SELinux if SELinux is required for your deployment.\\n"
        printf "      This check can be skipped by setting the environment variable %bPIHOLE_SELINUX%b to %btrue%b\\n" "${COL_LIGHT_RED}" "${COL_NC}" "${COL_LIGHT_RED}" "${COL_NC}"
        printf "      e.g: export PIHOLE_SELINUX=true\\n"
        printf "      By setting this variable to true you acknowledge there may be issues with Pi-hole during or after the install\\n"
        printf "\\n  %bSELinux Enforcing detected, exiting installer%b\\n" "${COL_LIGHT_RED}" "${COL_NC}";
        exit 1;
    elif [[ "${SELINUX_ENFORCING}" -eq 1 ]] && [[ -n "${PIHOLE_SELINUX}" ]]; then
        printf "  %b %bSELinux Enforcing detected%b. PIHOLE_SELINUX env variable set - installer will continue\\n" "${INFO}" "${COL_LIGHT_RED}" "${COL_NC}"
    fi
 }
@@ -2277,7 +2398,7 @@ get_binary_name() {
    local l_binary
-    local str="Detecting architecture"
+    local str="Detecting processor"
    printf "  %b %s..." "${INFO}" "${str}"
    # If the machine is arm or aarch
    if [[ "${machine}" == "arm"* || "${machine}" == *"aarch"* ]]; then
@@ -2290,48 +2411,58 @@ get_binary_name() {
        lib=$(ldd /bin/ls | grep -E '^\s*/lib' | awk '{ print $1 }')
        #
        if [[ "${lib}" == "/lib/ld-linux-aarch64.so.1" ]]; then
-            printf "%b  %b Detected ARM-aarch64 architecture\\n" "${OVER}" "${TICK}"
+            printf "%b  %b Detected AArch64 (64 Bit ARM) processor\\n" "${OVER}" "${TICK}"
            # set the binary to be used
            l_binary="pihole-FTL-aarch64-linux-gnu"
        #
        elif [[ "${lib}" == "/lib/ld-linux-armhf.so.3" ]]; then
-            #
+            # Hard-float available: Use gnueabihf binaries
-            if [[ "${rev}" -gt 6 ]]; then
+            # If ARMv8 or higher is found (e.g., BCM2837 as found in Raspberry Pi Model 3B)
-                printf "%b  %b Detected ARM-hf architecture (armv7+)\\n" "${OVER}" "${TICK}"
+            if [[ "${rev}" -gt 7 ]]; then
                printf "%b  %b Detected ARMv8 (or newer) processor\\n" "${OVER}" "${TICK}"
                # set the binary to be used
-                l_binary="pihole-FTL-arm-linux-gnueabihf"
+                l_binary="pihole-FTL-armv8-linux-gnueabihf"
-            # Otherwise,
+            # Otherwise, if ARMv7 is found (e.g., BCM2836 as found in Raspberry Pi Model 2)
            elif [[ "${rev}" -eq 7 ]]; then
                printf "%b  %b Detected ARMv7 processor (with hard-float support)\\n" "${OVER}" "${TICK}"
                # set the binary to be used
                l_binary="pihole-FTL-armv7-linux-gnueabihf"
            # Otherwise, use the ARMv6 binary (e.g., BCM2835 as found in Raspberry Pi Zero and Model 1)
            else
-                printf "%b  %b Detected ARM-hf architecture (armv6 or lower) Using ARM binary\\n" "${OVER}" "${TICK}"
+                printf "%b  %b Detected ARMv6 processor (with hard-float support)\\n" "${OVER}" "${TICK}"
                # set the binary to be used
-                l_binary="pihole-FTL-arm-linux-gnueabi"
+                l_binary="pihole-FTL-armv6-linux-gnueabihf"
            fi
        else
-            if [[ -f "/.dockerenv" ]]; then
+            # No hard-float support found: Use gnueabi binaries
-                printf "%b  %b Detected ARM architecture in docker\\n" "${OVER}" "${TICK}"
+            # Use the ARMv4-compliant binary only if we detected an ARMv4T core
            if [[ "${rev}" -eq 4 ]]; then
                printf "%b  %b Detected ARMv4 processor\\n" "${OVER}" "${TICK}"
                # set the binary to be used
-                binary="pihole-FTL-armel-native"
+                l_binary="pihole-FTL-armv4-linux-gnueabi"
            # Otherwise, use the ARMv5 binary. To date (end of 2020), all modern ARM processors
            # are backwards-compatible to the ARMv5
            else
-                printf "%b  %b Detected ARM architecture\\n" "${OVER}" "${TICK}"
+                printf "%b  %b Detected ARMv5 (or newer) processor\\n" "${OVER}" "${TICK}"
                # set the binary to be used
-                binary="pihole-FTL-arm-linux-gnueabi"
+                l_binary="pihole-FTL-armv5-linux-gnueabi"
            fi
        fi
    elif [[ "${machine}" == "x86_64" ]]; then
-        # This gives the architecture of packages dpkg installs (for example, "i386")
+        # This gives the processor of packages dpkg installs (for example, "i386")
        local dpkgarch
-        dpkgarch=$(dpkg --print-architecture 2> /dev/null || true)
+        dpkgarch=$(dpkg --print-processor 2> /dev/null || dpkg --print-architecture 2> /dev/null)
        # Special case: This is a 32 bit OS, installed on a 64 bit machine
-        # -> change machine architecture to download the 32 bit executable
+        # -> change machine processor to download the 32 bit executable
        # We only check this for Debian-based systems as this has been an issue
        # in the past (see https://github.com/pi-hole/pi-hole/pull/2004)
        if [[ "${dpkgarch}" == "i386" ]]; then
-            printf "%b  %b Detected 32bit (i686) architecture\\n" "${OVER}" "${TICK}"
+            printf "%b  %b Detected 32bit (i686) processor\\n" "${OVER}" "${TICK}"
            l_binary="pihole-FTL-linux-x86_32"
        else
            # 64bit
-            printf "%b  %b Detected x86_64 architecture\\n" "${OVER}" "${TICK}"
+            printf "%b  %b Detected x86_64 processor\\n" "${OVER}" "${TICK}"
            # set the binary to be used
            l_binary="pihole-FTL-linux-x86_64"
        fi
@@ -2339,10 +2470,10 @@ get_binary_name() {
        # Something else - we try to use 32bit executable and warn the user
        if [[ ! "${machine}" == "i686" ]]; then
            printf "%b  %b %s...\\n" "${OVER}" "${CROSS}" "${str}"
-            printf "  %b %bNot able to detect architecture (unknown: %s), trying 32bit executable%b\\n" "${INFO}" "${COL_LIGHT_RED}" "${machine}" "${COL_NC}"
+            printf "  %b %bNot able to detect processor (unknown: %s), trying x86 (32bit) executable%b\\n" "${INFO}" "${COL_LIGHT_RED}" "${machine}" "${COL_NC}"
            printf "  %b Contact Pi-hole Support if you experience issues (e.g: FTL not running)\\n" "${INFO}"
        else
-            printf "%b  %b Detected 32bit (i686) architecture\\n" "${OVER}" "${TICK}"
+            printf "%b  %b Detected 32bit (i686) processor\\n" "${OVER}" "${TICK}"
        fi
        l_binary="pihole-FTL-linux-x86_32"
    fi
@@ -2486,7 +2617,7 @@ main() {
    # Otherwise,
    else
        # They do not have enough privileges, so let the user know
-        printf "  %b %s\\n" "${CROSS}" "${str}"
+        printf "  %b %s\\n" "${INFO}" "${str}"
        printf "  %b %bScript called with non-root privileges%b\\n" "${INFO}" "${COL_LIGHT_RED}" "${COL_NC}"
        printf "      The Pi-hole requires elevated privileges to install and run\\n"
        printf "      Please check the installer for any concerns regarding this requirement\\n"
@@ -2496,8 +2627,16 @@ main() {
        # If the sudo command exists,
        if is_command sudo ; then
            printf "%b  %b Sudo utility check\\n" "${OVER}"  "${TICK}"
-            # Download the install script and run it with admin rights
+
-            exec curl -sSL https://raw.githubusercontent.com/pi-hole/pi-hole/master/automated%20install/basic-install.sh | sudo bash "$@"
+            # when run via curl piping
            if [[ "$0" == "bash" ]]; then
                # Download the install script and run it with admin rights
                exec curl -sSL https://raw.githubusercontent.com/pi-hole/pi-hole/master/automated%20install/basic-install.sh | sudo bash "$@"
            else
                # when run via calling local bash script
                exec sudo bash "$0" "$@"
            fi
            exit $?
        # Otherwise,
        else
@@ -2529,22 +2668,15 @@ main() {
    fi
    # Start the installer
    # Verify there is enough disk space for the install
    if [[ "${skipSpaceCheck}" == true ]]; then
        printf "  %b Skipping free disk space verification\\n" "${INFO}"
    else
        verifyFreeDiskSpace
    fi
    # Update package cache
    update_package_cache || exit 1
    # Notify user of package availability
    notify_package_updates_available
    # Install packages used by this installation script
    install_dependent_packages "${INSTALLER_DEPS[@]}"
    # Check that the installed OS is officially supported - display warning if not
    os_check
    # Check if SELinux is Enforcing
    checkSelinux
--- a/install/uninstall.sh
+++ b/install/uninstall.sh
@@ -14,8 +14,8 @@ while true; do
    read -rp "  ${QST} Are you sure you would like to remove ${COL_WHITE}Pi-hole${COL_NC}? [y/N] " yn
    case ${yn} in
        [Yy]* ) break;;
-        [Nn]* ) echo -e "${OVER}  ${COL_LIGHT_GREEN}Uninstall has been cancelled${COL_NC}"; exit 0;;
+        [Nn]* ) echo -e "${OVER}  ${COL_LIGHT_GREEN}Uninstall has been canceled${COL_NC}"; exit 0;;
-        * ) echo -e "${OVER}  ${COL_LIGHT_GREEN}Uninstall has been cancelled${COL_NC}"; exit 0;;
+        * ) echo -e "${OVER}  ${COL_LIGHT_GREEN}Uninstall has been canceled${COL_NC}"; exit 0;;
    esac
 done
@@ -52,7 +52,7 @@ if [[ "${INSTALL_WEB_SERVER}" == true ]]; then
    DEPS+=("${PIHOLE_WEB_DEPS[@]}")
 fi
-# Compatability
+# Compatibility
 if [ -x "$(command -v apt-get)" ]; then
    # Debian Family
    PKG_REMOVE=("${PKG_MANAGER}" -y remove --purge)
@@ -188,9 +188,17 @@ removeNoPurge() {
            echo -e "  ${CROSS} Unable to remove 'pihole' user"
        fi
    fi
    # If the pihole group exists, then remove
    if getent group "pihole" &> /dev/null; then
        if ${SUDO} groupdel pihole 2> /dev/null; then
            echo -e "  ${TICK} Removed 'pihole' group"
        else
            echo -e "  ${CROSS} Unable to remove 'pihole' group"
        fi
    fi
    echo -e "\\n   We're sorry to see you go, but thanks for checking out Pi-hole!
-       If you need help, reach out to us on Github, Discourse, Reddit or Twitter
+       If you need help, reach out to us on GitHub, Discourse, Reddit or Twitter
       Reinstall at any time: ${COL_WHITE}curl -sSL https://install.pi-hole.net | bash${COL_NC}
      ${COL_LIGHT_RED}Please reset the DNS on your router/clients to restore internet connectivity
--- a/1
+++ b/1
@@ -1 +0,0 @@
 py.test -v -f test/
--- a/ads/lighttpd.conf
+++ b/ads/lighttpd.conf
@@ -1,43 +0,0 @@
 # Pi-hole: A black hole for Internet advertisements
 # (c) 2015, 2016 by Jacob Salmela
 # Network-wide ad blocking via your Raspberry Pi
 # http://pi-hole.net
 # Lighttpd config file for Pi-hole
 #
 # Pi-hole is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 2 of the License, or
 # (at your option) any later version.
 server.modules = (
 	"mod_access",
 	"mod_alias",
 	"mod_compress",
 	"mod_redirect",
   "mod_rewrite"
 )
 server.document-root        = "/var/www"
 server.upload-dirs          = ( "/var/cache/lighttpd/uploads" )
 server.errorlog             = "/var/log/lighttpd/error.log"
 server.pid-file             = "/var/run/lighttpd.pid"
 server.username             = "www-data"
 server.groupname            = "www-data"
 server.port                 = 80
 index-file.names            = ( "index.php", "index.html", "index.lighttpd.html" )
 url.access-deny             = ( "~", ".inc" )
 static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
 compress.cache-dir          = "/var/cache/lighttpd/compress/"
 compress.filetype           = ( "application/javascript", "text/css", "text/html", "text/plain" )
 # default listening port for IPv6 falls back to the IPv4 port
 include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
 include_shell "/usr/share/lighttpd/create-mime.assign.pl"
 include_shell "/usr/share/lighttpd/include-conf-enabled.pl"
 $HTTP["host"] =~ "ads.hulu.com|ads-v-darwin.hulu.com|ads-e-darwin.hulu.com" {
 	url.redirect = ( ".*" => "http://192.168.1.101:8200/MediaItems/19.mov")
 }
--- a/ads/minidlna.conf
+++ b/ads/minidlna.conf
@@ -1,17 +0,0 @@
 # Pi-hole: A black hole for Internet advertisements
 # (c) 2015, 2016 by Jacob Salmela
 # Network-wide ad blocking via your Raspberry Pi
 # http://pi-hole.net
 # MiniDLNA config file for Pi-hole
 #
 # Pi-hole is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 2 of the License, or
 # (at your option) any later version.
 media_dir=V,/var/lib/minidlna/videos/
 port=8200
 friendly_name=pihole
 serial=12345678
 model_number=1
 inotify=yes
--- a/gravity.sh
+++ b/gravity.sh
@@ -39,12 +39,9 @@ gravityDBfile="${piholeDir}/gravity.db"
 gravityTEMPfile="${piholeDir}/gravity_temp.db"
 gravityDBschema="${piholeGitDir}/advanced/Templates/gravity.db.sql"
 gravityDBcopy="${piholeGitDir}/advanced/Templates/gravity_copy.sql"
 optimize_database=false
 domainsExtension="domains"
 resolver="pihole-FTL"
 # Source setupVars from install script
 setupVars="${piholeDir}/setupVars.conf"
 if [[ -f "${setupVars}" ]];then
@@ -179,7 +176,7 @@ database_table_from_file() {
        echo "${rowid},\"${domain}\",${timestamp}" >> "${tmpFile}"
      elif [[ "${table}" == "adlist" ]]; then
        # Adlist table format
-        echo "${rowid},\"${domain}\",1,${timestamp},${timestamp},\"Migrated from ${source}\"" >> "${tmpFile}"
+        echo "${rowid},\"${domain}\",1,${timestamp},${timestamp},\"Migrated from ${source}\"," >> "${tmpFile}"
      else
        # White-, black-, and regexlist table format
        echo "${rowid},${type},\"${domain}\",1,${timestamp},${timestamp},\"Migrated from ${source}\"" >> "${tmpFile}"
@@ -209,6 +206,17 @@ database_table_from_file() {
    echo -e "  ${CROSS} Unable to remove ${tmpFile}"
 }
 # Update timestamp of last update of this list. We store this in the "old" database as all values in the new database will later be overwritten
 database_adlist_updated() {
  output=$( { printf ".timeout 30000\\nUPDATE adlist SET date_updated = (cast(strftime('%%s', 'now') as int)) WHERE id = %i;\\n" "${1}" | sqlite3 "${gravityDBfile}"; } 2>&1 )
  status="$?"
  if [[ "${status}" -ne 0 ]]; then
    echo -e "\\n  ${CROSS} Unable to update timestamp of adlist with ID ${1} in database ${gravityDBfile}\\n  ${output}"
    gravity_Cleanup "error"
  fi
 }
 # Migrate pre-v5.0 list files to database-based Pi-hole versions
 migrate_to_database() {
  # Create database file only if not present
@@ -271,7 +279,7 @@ gravity_CheckDNSResolutionAvailable() {
  fi
  # If the /etc/resolv.conf contains resolvers other than 127.0.0.1 then the local dnsmasq will not be queried and pi.hole is NXDOMAIN.
-  # This means that even though name resolution is working, the getent hosts check fails and the holddown timer keeps ticking and eventualy fails
+  # This means that even though name resolution is working, the getent hosts check fails and the holddown timer keeps ticking and eventually fails
  # So we check the output of the last command and if it failed, attempt to use dig +short as a fallback
  if timeout 4 dig +short "${lookupDomain}" &> /dev/null; then
    if [[ -n "${secs:-}" ]]; then
@@ -284,7 +292,7 @@ gravity_CheckDNSResolutionAvailable() {
  fi
  # Determine error output message
-  if pidof ${resolver} &> /dev/null; then
+  if pgrep pihole-FTL &> /dev/null; then
    echo -e "  ${CROSS} DNS resolution is currently unavailable"
  else
    echo -e "  ${CROSS} DNS service is not running"
@@ -336,7 +344,7 @@ gravity_DownloadBlocklists() {
    return 1
  fi
-  local url domain agent cmd_ext str target
+  local url domain agent cmd_ext str target compression
  echo ""
  # Prepare new gravity database
@@ -355,13 +363,24 @@ gravity_DownloadBlocklists() {
  target="$(mktemp -p "/tmp" --suffix=".gravity")"
  # Use compression to reduce the amount of data that is transfered
  # between the Pi-hole and the ad list provider. Use this feature
  # only if it is supported by the locally available version of curl
  if curl -V | grep -q "Features:.* libz"; then
    compression="--compressed"
    echo -e "  ${INFO} Using libz compression\n"
  else
      compression=""
      echo -e "  ${INFO} Libz compression not available\n"
    fi
  # Loop through $sources and download each one
  for ((i = 0; i < "${#sources[@]}"; i++)); do
    url="${sources[$i]}"
    domain="${sourceDomains[$i]}"
    id="${sourceIDs[$i]}"
    # Save the file as list.#.domain
-    saveLocation="${piholeDir}/list.${i}.${domain}.${domainsExtension}"
+    saveLocation="${piholeDir}/list.${id}.${domain}.${domainsExtension}"
    activeDomains[$i]="${saveLocation}"
    # Default user-agent (for Cloudflare's Browser Integrity Check: https://support.cloudflare.com/hc/en-us/articles/200170086-What-does-the-Browser-Integrity-Check-do-)
@@ -376,11 +395,11 @@ gravity_DownloadBlocklists() {
    echo -e "  ${INFO} Target: ${url}"
    local regex
    # Check for characters NOT allowed in URLs
-    regex="[^a-zA-Z0-9:/?&%=~._()-]"
+    regex="[^a-zA-Z0-9:/?&%=~._()-;]"
    if [[ "${url}" =~ ${regex} ]]; then
        echo -e "  ${CROSS} Invalid Target"
    else
-       gravity_DownloadBlocklistFromUrl "${url}" "${cmd_ext}" "${agent}" "${sourceIDs[$i]}" "${saveLocation}" "${target}"
+       gravity_DownloadBlocklistFromUrl "${url}" "${cmd_ext}" "${agent}" "${sourceIDs[$i]}" "${saveLocation}" "${target}" "${compression}"
    fi
    echo ""
  done
@@ -455,7 +474,7 @@ parseList() {
 # Download specified URL and perform checks on HTTP status and file content
 gravity_DownloadBlocklistFromUrl() {
-  local url="${1}" cmd_ext="${2}" agent="${3}" adlistID="${4}" saveLocation="${5}" target="${6}"
+  local url="${1}" cmd_ext="${2}" agent="${3}" adlistID="${4}" saveLocation="${5}" target="${6}" compression="${7}"
  local heisenbergCompensator="" patternBuffer str httpCode success=""
  # Create temp file to store content on disk instead of RAM
@@ -504,8 +523,9 @@ gravity_DownloadBlocklistFromUrl() {
    echo -ne "  ${INFO} ${str} Pending..."
    cmd_ext="--resolve $domain:$port:$ip $cmd_ext"
  fi
  # shellcheck disable=SC2086
-  httpCode=$(curl -s -L ${cmd_ext} ${heisenbergCompensator} -w "%{http_code}" -A "${agent}" "${url}" -o "${patternBuffer}" 2> /dev/null)
+  httpCode=$(curl -s -L ${compression} ${cmd_ext} ${heisenbergCompensator} -w "%{http_code}" -A "${agent}" "${url}" -o "${patternBuffer}" 2> /dev/null)
  case $url in
    # Did we "download" a local file?
@@ -545,6 +565,8 @@ gravity_DownloadBlocklistFromUrl() {
      gravity_ParseFileIntoDomains "${patternBuffer}" "${saveLocation}"
      # Add domains to database table file
      parseList "${adlistID}" "${saveLocation}" "${target}"
      # Update date_updated field in gravity database table
      database_adlist_updated "${adlistID}"
    else
      # Fall back to previously cached list if $patternBuffer is empty
      echo -e "  ${INFO} Received empty file: ${COL_LIGHT_GREEN}using previously cached list${COL_NC}"
@@ -568,7 +590,7 @@ gravity_ParseFileIntoDomains() {
  # Determine if we are parsing a consolidated list
  #if [[ "${source}" == "${piholeDir}/${matterAndLight}" ]]; then
    # Remove comments and print only the domain name
-    # Most of the lists downloaded are already in hosts file format but the spacing/formating is not contigious
+    # Most of the lists downloaded are already in hosts file format but the spacing/formating is not contiguous
    # This helps with that and makes it easier to read
    # It also helps with debugging so each stage of the script can be researched more in depth
    # 1) Remove carriage returns
@@ -730,28 +752,13 @@ gravity_Cleanup() {
  echo -e "${OVER}  ${TICK} ${str}"
  if ${optimize_database} ; then
    str="Optimizing domains database"
    echo -ne "  ${INFO} ${str}..."
    # Run VACUUM command on database to optimize it
    output=$( { sqlite3 "${gravityDBfile}" "VACUUM;"; } 2>&1 )
    status="$?"
    if [[ "${status}" -ne 0 ]]; then
      echo -e "\\n  ${CROSS} Unable to optimize gravity database ${gravityDBfile}\\n  ${output}"
      error="error"
    else
      echo -e "${OVER}  ${TICK} ${str}"
    fi
  fi
  # Only restart DNS service if offline
-  if ! pidof ${resolver} &> /dev/null; then
+  if ! pgrep pihole-FTL &> /dev/null; then
    "${PIHOLE_COMMAND}" restartdns
    dnsWasOffline=true
  fi
-  # Print Pi-hole status if an error occured
+  # Print Pi-hole status if an error occurred
  if [[ -n "${error}" ]]; then
    "${PIHOLE_COMMAND}" status
    exit 1
@@ -771,7 +778,6 @@ Options:
 for var in "$@"; do
  case "${var}" in
    "-f" | "--force" ) forceDelete=true;;
    "-o" | "--optimize" ) optimize_database=true;;
    "-r" | "--recreate" ) recreate_database=true;;
    "-h" | "--help" ) helpFunc;;
  esac
--- a/manpages/pihole-FTL.8
+++ b/manpages/pihole-FTL.8
@@ -1,4 +1,4 @@
-.TH "Pihole-FTL" "8" "pihole-FTL" "Pi-hole" "June 2018"
+.TH "Pihole-FTL" "8" "pihole-FTL" "Pi-hole" "November 2020"
 .SH "NAME"
 pihole-FTL - Pi-hole : The Faster-Than-Light (FTL) Engine
 .br
@@ -10,7 +10,7 @@ pihole-FTL - Pi-hole : The Faster-Than-Light (FTL) Engine
 .br
 \fBpihole-FTL test\fR
 .br
-\fBpihole-FTL -v\fR
+\fBpihole-FTL -v|-vv\fR
 .br
 \fBpihole-FTL -t\fR
 .br
@@ -22,6 +22,16 @@ pihole-FTL - Pi-hole : The Faster-Than-Light (FTL) Engine
 .br
 \fBpihole-FTL dnsmasq-test\fR
 .br
 \fBpihole-FTL regex-test str\fR
 .br
 \fBpihole-FTL regex-test str rgx\fR
 .br
 \fBpihole-FTL lua\fR
 .br
 \fBpihole-FTL luac\fR
 .br
 \fBpihole-FTL dhcp-discover\fR
 .br
 \fBpihole-FTL --\fR (\fBoptions\fR)
 .br
@@ -65,6 +75,11 @@ Command line arguments
    Don't start FTL, show only version
 .br
 \fB-vv\fR
 .br
    Don't start FTL, show verbose version information of embedded applications
 .br
 \fB-t, tag\fR
 .br
    Don't start FTL, show only git tag
@@ -90,6 +105,31 @@ Command line arguments
    Test resolver config file syntax
 .br
 \fBregex-test str\fR
 .br
    Test str against all regular expressions in the database
 .br
 \fBregex-test str rgx\fR
 .br
    Test str against regular expression given by rgx
 .br
 \fBlua\fR
 .br
    Start the embedded Lua interpreter
 .br
 \fBluac\fR
 .br
    Execute the embedded Lua compiler
 .br
 \fBdhcp-discover\fR
 .br
    Discover DHCP servers in the local network
 .br
 \fB--\fR  (options)
 .br
    Pass options to internal dnsmasq resolver
--- a/manpages/pihole-FTL.conf.5
+++ b/manpages/pihole-FTL.conf.5
@@ -1,4 +1,4 @@
-.TH "pihole-FTL.conf" "5" "pihole-FTL.conf" "pihole-FTL.conf" "June 2018"
+.TH "pihole-FTL.conf" "5" "pihole-FTL.conf" "pihole-FTL.conf" "November 2020"
 .SH "NAME"
 pihole-FTL.conf - FTL's config file
@@ -7,49 +7,32 @@ pihole-FTL.conf - FTL's config file
 /etc/pihole/pihole-FTL.conf will be read by \fBpihole-FTL(8)\fR on startup.
 .br
-
+For each setting the option shown first is the default.
 \fBSOCKET_LISTENING=localonly|all\fR
 .br
    Listen only for local socket connections or permit all connections
 .br
-\fBQUERY_DISPLAY=yes|no\fR
+\fBBLOCKINGMODE=IP|IP-AAAA-NODATA|NODATA|NXDOMAIN|NULL\fR
 .br
-    Display all queries? Set to no to hide query display
+    How should FTL reply to blocked queries?
    IP             - Pi-hole's IPs for blocked domains
    IP-AAAA-NODATA - Pi-hole's IP + NODATA-IPv6 for blocked domains
    NODATA         - Using NODATA for blocked domains
    NXDOMAIN       - NXDOMAIN for blocked domains
    NULL           - Null IPs for blocked domains
 .br
-\fBAAAA_QUERY_ANALYSIS=yes|no\fR
+\fBCNAME_DEEP_INSPECT=true|false\fR
 .br
-    Allow FTL to analyze AAAA queries from pihole.log?
+    Use this option to disable deep CNAME inspection. This might be beneficial for very low-end devices.
 .br
-\fBRESOLVE_IPV6=yes|no\fR
+\fBBLOCK_ESNI=true|false\fR
 .br
-    Should FTL try to resolve IPv6 addresses to host names?
+    Block requests to _esni.* sub-domains.
 .br
 \fBRESOLVE_IPV4=yes|no\fR
 .br
    Should FTL try to resolve IPv4 addresses to host names?
 .br
 \fBMAXDBDAYS=365\fR
 .br
    How long should queries be stored in the database?
 .br
    Setting this to 0 disables the database
 .br
 \fBDBINTERVAL=1.0\fR
 .br
    How often do we store queries in FTL's database [minutes]?
 .br
 \fBDBFILE=/etc/pihole/pihole-FTL.db\fR
 .br
    Specify path and filename of FTL's SQLite long-term database.
 .br
    Setting this to DBFILE= disables the database altogether
 .br
 \fBMAXLOGAGE=24.0\fR
@@ -59,14 +42,9 @@ pihole-FTL.conf - FTL's config file
    Maximum is 744 (31 days)
 .br
 \fBFTLPORT=4711\fR
 .br
    On which port should FTL be listening?
 .br
 \fBPRIVACYLEVEL=0|1|2|3|4\fR
 .br
-    Which privacy level is used?
+    Privacy level used to collect Pi-hole statistics.
 .br
    0 - show everything
 .br
@@ -84,13 +62,244 @@ pihole-FTL.conf - FTL's config file
    Should FTL ignore queries coming from the local machine?
 .br
-\fBBLOCKINGMODE=IP|IP-AAAA-NODATA|NXDOMAIN|NULL\fR
+\fBAAAA_QUERY_ANALYSIS=yes|no\fR
 .br
-    How should FTL reply to blocked queries?
+    Should FTL analyze AAAA queries?
 .br
-For each setting, the option shown first is the default.
+\fBANALYZE_ONLY_A_AND_AAAA=false|true\fR
 .br
    Should FTL only analyze A and AAAA queries?
 .br
 \fBSOCKET_LISTENING=localonly|all\fR
 .br
    Listen only for local socket connections on the API port or permit all connections.
 .br
 \fBFTLPORT=4711\fR
 .br
    On which port should FTL be listening?
 .br
 \fBRESOLVE_IPV6=yes|no\fR
 .br
    Should FTL try to resolve IPv6 addresses to hostnames?
 .br
 \fBRESOLVE_IPV4=yes|no\fR
 .br
    Should FTL try to resolve IPv4 addresses to hostnames?
 .br
 \fBDELAY_STARTUP=0\fR
 .br
    Time in seconds (between 0 and 300) to delay FTL startup.
 .br
 \fBNICE=-10\fR
 .br
    Set the niceness of the Pi-hole FTL process.
 .br
    Can be disabled altogether by setting a value of -999.
 .br
 \fBNAMES_FROM_NETDB=true|false\fR
 .br
    Control whether FTL should use a fallback option and try to obtain client names from checking the network table.
 .br
    E.g. IPv6 clients without a hostname will be compared via MAC address to known clients.
 .br
 \fB\fBREFRESH_HOSTNAMES=IPV4|ALL|NONE\fR
 .br
    Change how (and if) hourly PTR requests are made to check for changes in client and upstream server hostnames:
 .br
    IPV4 - Do the hourly PTR lookups only for IPv4 addresses resolving issues in networks with many short-lived PE IPv6 addresses.
 .br
    ALL  - Do the hourly PTR lookups for all addresses. This can create a lot of PTR queries in networks with many IPv6 addresses.
 .br
    NONE - Don't do hourly PTR lookups. Look up hostnames once (when first seeing a client) and never again. Future hostname changes may be missed.
 .br
 \fBMAXNETAGE=365\fR
 .br
    IP addresses (and associated host names) older than the specified number of days are removed.
 .br
    This avoids dead entries in the network overview table.
 .br
 \fBEDNS0_ECS=true|false\fR
 .br
    Should we overwrite the query source when client information is provided through EDNS0 client subnet (ECS) information?
 .br
 \fBPARSE_ARP_CACHE=true|false\fR
 .br
    Parse ARP cache to fill network overview table.
 .br
 \fBDBIMPORT=yes|no\fR
 .br
    Should FTL load information from the database on startup to be aware of the most recent history?
 .br
 \fBMAXDBDAYS=365\fR
 .br
    How long should queries be stored in the database? Setting this to 0 disables the database
 .br
 \fBDBINTERVAL=1.0\fR
 .br
    How often do we store queries in FTL's database [minutes]?
 .br
    Accepts value between 0.1 (6 sec) and 1440 (1 day)
 .br
 \fBDBFILE=/etc/pihole/pihole-FTL.db\fR
 .br
    Specify path and filename of FTL's SQLite long-term database.
 .br
    Setting this to DBFILE= disables the database altogether
 .br
 \fBLOGFILE=/var/log/pihole-FTL.log\fR
 .br
    The location of FTL's log file.
 .br
 \fBPIDFILE=/run/pihole-FTL.pid\fR
 .br
    The file which contains the PID of FTL's main process.
 .br
 \fBPORTFILE=/run/pihole-FTL.port\fR
 .br
    Specify path and filename where the FTL process will write its API port number.
 .br
 \fBSOCKETFILE=/run/pihole/FTL.sock\fR
 .br
    The file containing the socket FTL's API is listening on.
 .br
 \fBSETUPVARSFILE=/etc/pihole/setupVars.conf\fR
 .br
    The config file of Pi-hole containing, e.g., the current blocking status (do not change).
 .br
 \fBMACVENDORDB=/etc/pihole/macvendor.db\fR
 .br
    The database containing MAC -> Vendor information for the network table.
 .br
 \fBGRAVITYDB=/etc/pihole/gravity.db\fR
 .br
    Specify path and filename of FTL's SQLite3 gravity database. This database contains all domains relevant for Pi-hole's DNS blocking.
 .br
 \fBDEBUG_ALL=false|true\fR
 .br
    Enable all debug flags. If this is set to true, all other debug config options are ignored.
 .br
 \fBDEBUG_DATABASE=false|true\fR
 .br
    Print debugging information about database actions such as SQL statements and performance.
 .br
 \fBDEBUG_NETWORKING=false|true\fR
 .br
    Prints a list of the detected network interfaces on the startup of FTL.
 .br
 \fBDEBUG_LOCKS=false|true\fR
 .br
    Print information about shared memory locks.
 .br
    Messages will be generated when waiting, obtaining, and releasing a lock.
 .br
 \fBDEBUG_QUERIES=false|true\fR
 .br
    Print extensive DNS query information (domains, types, replies, etc.).
 .br
 \fBDEBUG_FLAGS=false|true\fR
 .br
    Print flags of queries received by the DNS hooks.
 .br
    Only effective when \fBDEBUG_QUERIES\fR is enabled as well.
 \fBDEBUG_SHMEM=false|true\fR
 .br
    Print information about shared memory buffers.
 .br
    Messages are either about creating or enlarging shmem objects or string injections.
 .br
 \fBDEBUG_GC=false|true\fR
 .br
    Print information about garbage collection (GC):
 .br
    What is to be removed, how many have been removed and how long did GC take.
 .br
 \fBDEBUG_ARP=false|true\fR
 .br
    Print information about ARP table processing:
 .br
    How long did parsing take, whether read MAC addresses are valid, and if the macvendor.db file exists.
 .br
 \fBDEBUG_REGEX=false|true\fR
 .br
    Controls if FTL should print extended details about regex matching.
 .br
 \fBDEBUG_API=false|true\fR
 .br
    Print extra debugging information during telnet API calls.
 .br
    Currently only used to send extra information when getting all queries.
 .br
 \fBDEBUG_OVERTIME=false|true\fR
 .br
    Print information about overTime memory operations, such as initializing or moving overTime slots.
 .br
 \fBDEBUG_EXTBLOCKED=false|true\fR
 .br
    Print information about why FTL decided that certain queries were recognized as being externally blocked.
 .br
 \fBDEBUG_CAPS=false|true\fR
 .br
    Print information about POSIX capabilities granted to the FTL process.
 .br
    The current capabilities are printed on receipt of SIGHUP i.e. after executing `killall -HUP pihole-FTL`.
 .br
 \fBDEBUG_DNSMASQ_LINES=false|true\fR
 .br
    Print file and line causing a dnsmasq event into FTL's log files.
 .br
    This is handy to implement additional hooks missing from FTL.
 .br
 \fBDEBUG_VECTORS=false|true\fR
 .br
    FTL uses dynamically allocated vectors for various tasks.
 .br
    This config option enables extensive debugging information such as information about allocation, referencing, deletion, and appending.
 .br
 \fBDEBUG_RESOLVER=false|true\fR
 .br
    Extensive information about hostname resolution like which DNS servers are used in the first and second hostname resolving tries.
 .br
 .SH "SEE ALSO"
 \fBpihole\fR(8), \fBpihole-FTL\fR(8)
--- a/manpages/pihole.8
+++ b/manpages/pihole.8
@@ -139,7 +139,7 @@ Available commands and options:
      -i, interface     Specify dnsmasq's interface listening behavior
 .br
      -l, privacylevel  <level> Set privacy level
-                        (0 = lowest, 4 = highest)
+                        (0 = lowest, 3 = highest)
 .br
 \fB-c, chronometer\fR	[options]
@@ -224,7 +224,7 @@ Available commands and options:
 .br
      -l, --latest      Return the latest version
 .br
-      --hash            Return the Github hash from your local
+      --hash            Return the GitHub hash from your local
                        repositories
 .br
@@ -257,19 +257,19 @@ Available commands and options:
 \fBrestartdns\fR [options]
 .br
-    Full restart Pi-hole subsystems
+    Full restart Pi-hole subsystems. Without any options (see below) a full restart causes config file parsing and history re-reading
 .br
    (restart options):
 .br
-      reload            Updates the lists and flushes DNS cache
+      reload            Updates the lists (incl. HOSTS files) and flushes DNS cache. Does not reparse config files
 .br
-      reload-lists      Updates the lists WITHOUT flushing the DNS cache
+      reload-lists      Updates the lists (excl. HOSTS files) WITHOUT flushing the DNS cache. Does not reparse config files
 .br
 \fBcheckout\fR [repo] [branch]
 .br
-    Switch Pi-hole subsystems to a different Github branch
+    Switch Pi-hole subsystems to a different GitHub branch
 .br
    (repo options):
--- a/70
+++ b/70
@@ -20,8 +20,6 @@ PI_HOLE_BIN_DIR="/usr/local/bin"
 readonly colfile="${PI_HOLE_SCRIPT_DIR}/COL_TABLE"
 source "${colfile}"
 resolver="pihole-FTL"
 webpageFunc() {
  source "${PI_HOLE_SCRIPT_DIR}/webpage.sh"
  main "$@"
@@ -107,19 +105,19 @@ restartDNS() {
  # Determine if we should reload or restart
  if [[ "${svcOption}" =~ "reload-lists" ]]; then
    # Reloading of the lists has been requested
-    # Note: This will NOT re-read any *.conf files
+    # Note 1: This will NOT re-read any *.conf files
    # Note 2: We cannot use killall here as it does
    #         not know about real-time signals
-    svc="kill -SIGRTMIN $(pidof ${resolver})"
+    svc="pkill -RTMIN pihole-FTL"
    str="Reloading DNS lists"
  elif [[ "${svcOption}" =~ "reload" ]]; then
    # Reloading of the DNS cache has been requested
    # Note: This will NOT re-read any *.conf files
-    svc="killall -s SIGHUP ${resolver}"
+    svc="pkill -HUP pihole-FTL"
    str="Flushing DNS cache"
  else
    # A full restart has been requested
-    svc="service ${resolver} restart"
+    svc="service pihole-FTL restart"
    str="Restarting DNS server"
  fi
@@ -164,7 +162,7 @@ Time:
          local str="Disabling blocking for ${tt} seconds"
          echo -e "  ${INFO} ${str}..."
          local str="Blocking will be re-enabled in ${tt} seconds"
-          nohup bash -c "sleep ${tt}; ${PI_HOLE_BIN_DIR}/pihole enable" </dev/null &>/dev/null &
+          nohup "${PI_HOLE_SCRIPT_DIR}"/pihole-reenable.sh ${tt} </dev/null &>/dev/null &
        else
          local error=true
        fi
@@ -175,7 +173,7 @@ Time:
          echo -e "  ${INFO} ${str}..."
          local str="Blocking will be re-enabled in ${tt} minutes"
          tt=$((${tt}*60))
-          nohup bash -c "sleep ${tt}; ${PI_HOLE_BIN_DIR}/pihole enable" </dev/null &>/dev/null &
+          nohup "${PI_HOLE_SCRIPT_DIR}"/pihole-reenable.sh ${tt} </dev/null &>/dev/null &
        else
          local error=true
        fi
@@ -197,6 +195,7 @@ Time:
    fi
  else
    # Enable Pi-hole
    killall -q pihole-reenable
    if grep -cq "BLOCKING_ENABLED=true" "${setupVars}"; then
      echo -e "  ${INFO} Blocking already enabled, nothing to do"
      exit 0
@@ -250,16 +249,47 @@ Options:
  echo -e "${OVER}  ${TICK} ${str}"
 }
 analyze_ports() {
  # FTL is listening at least on at least one port when this
  # function is getting called
  echo -e "  ${TICK} DNS service is listening"
  # Check individual address family/protocol combinations
  # For a healthy Pi-hole, they should all be up (nothing printed)
  if grep -q "IPv4.*UDP" <<< "${1}"; then
      echo -e "     ${TICK} UDP (IPv4)"
  else
      echo -e "     ${CROSS} UDP (IPv4)"
  fi
  if grep -q "IPv4.*TCP" <<< "${1}"; then
      echo -e "     ${TICK} TCP (IPv4)"
  else
      echo -e "     ${CROSS} TCP (IPv4)"
  fi
  if grep -q "IPv6.*UDP" <<< "${1}"; then
      echo -e "     ${TICK} UDP (IPv6)"
  else
      echo -e "     ${CROSS} UDP (IPv6)"
  fi
  if grep -q "IPv6.*TCP" <<< "${1}"; then
      echo -e "     ${TICK} TCP (IPv6)"
  else
      echo -e "     ${CROSS} TCP (IPv6)"
  fi
  echo ""
 }
 statusFunc() {
-  # Determine if service is running on port 53 (Cr: https://superuser.com/a/806331)
+  # Determine if there is a pihole service is listening on port 53
-  if (echo > /dev/tcp/127.0.0.1/53) >/dev/null 2>&1; then
+  local listening
  listening="$(lsof -Pni:53)"
  if grep -q "pihole" <<< "${listening}"; then
    if [[ "${1}" != "web" ]]; then
-      echo -e "  ${TICK} DNS service is running"
+      analyze_ports "${listening}"
    fi
  else
    case "${1}" in
      "web") echo "-1";;
-      *) echo -e "  ${CROSS} DNS service is NOT running";;
+      *) echo -e "  ${CROSS} DNS service is NOT listening";;
    esac
    return 0
  fi
@@ -269,13 +299,13 @@ statusFunc() {
    # A config is commented out
    case "${1}" in
      "web") echo 0;;
-      *) echo -e "  ${CROSS} Pi-hole blocking is Disabled";;
+      *) echo -e "  ${CROSS} Pi-hole blocking is disabled";;
    esac
  elif grep -q "BLOCKING_ENABLED=true" /etc/pihole/setupVars.conf;  then
    # Configs are set
    case "${1}" in
      "web") echo 1;;
-      *) echo -e "  ${TICK} Pi-hole blocking is Enabled";;
+      *) echo -e "  ${TICK} Pi-hole blocking is enabled";;
    esac
  else
    # No configs were found
@@ -302,9 +332,9 @@ tailFunc() {
  source /etc/pihole/setupVars.conf
  # Strip date from each line
-  # Colour blocklist/blacklist/wildcard entries as red
+  # Color blocklist/blacklist/wildcard entries as red
-  # Colour A/AAAA/DHCP strings as white
+  # Color A/AAAA/DHCP strings as white
-  # Colour everything else as gray
+  # Color everything else as gray
  tail -f /var/log/pihole.log | sed -E \
    -e "s,($(date +'%b %d ')| dnsmasq\[[0-9]*\]),,g" \
    -e "s,(.*(blacklisted |gravity blocked ).* is (0.0.0.0|::|NXDOMAIN|${IPV4_ADDRESS%/*}|${IPV6_ADDRESS:-NULL}).*),${COL_RED}&${COL_NC}," \
@@ -317,7 +347,7 @@ piholeCheckoutFunc() {
  if [[ "$2" == "-h" ]] || [[ "$2" == "--help" ]]; then
    echo "Usage: pihole checkout [repo] [branch]
 Example: 'pihole checkout master' or 'pihole checkout core dev'
-Switch Pi-hole subsystems to a different Github branch
+Switch Pi-hole subsystems to a different GitHub branch
 Repositories:
  core [branch]       Change the branch of Pi-hole's core subsystem
@@ -388,7 +418,7 @@ Whitelist/Blacklist Options:
 Debugging Options:
  -d, debug           Start a debugging session
-                        Add '-a' to enable automated debugging
+                        Add '-a' to automatically upload the log to tricorder.pi-hole.net
  -f, flush           Flush the Pi-hole log
  -r, reconfigure     Reconfigure or Repair Pi-hole subsystems
  -t, tail            View the live output of the Pi-hole log
@@ -416,7 +446,7 @@ Options:
  restartdns          Full restart Pi-hole subsystems
                        Add 'reload' to update the lists and flush the cache without restarting the DNS server
                        Add 'reload-lists' to only update the lists WITHOUT flushing the cache or restarting the DNS server
-  checkout            Switch Pi-hole subsystems to a different Github branch
+  checkout            Switch Pi-hole subsystems to a different GitHub branch
                        Add '-h' for more info on checkout usage
  arpflush            Flush information stored in Pi-hole's network tables";
  exit 0
--- a/supportedos.txt
+++ b/supportedos.txt
@@ -0,0 +1,5 @@
 Raspbian=9,10
 Ubuntu=16,18,20
 Debian=9,10
 Fedora=31,32
 CentOS=7,8
--- a/test/README.md
+++ b/test/README.md
@@ -7,11 +7,11 @@ From command line all you need to do is:
 - `pip install tox`
 - `tox`
-Tox handles setting up a virtual environment for python dependancies, installing dependancies, building the docker images used by tests, and finally running tests.  It's an easy way to have travis-ci like build behavior locally.
+Tox handles setting up a virtual environment for python dependencies, installing dependencies, building the docker images used by tests, and finally running tests.  It's an easy way to have travis-ci like build behavior locally.
 ## Alternative py.test method of running tests
-You're responsible for setting up your virtual env and dependancies in this situation.
+You're responsible for setting up your virtual env and dependencies in this situation.
 ```
 py.test -vv -n auto -m "build_stage"
--- a/test/_centos_7.Dockerfile
+++ b/test/_centos_7.Dockerfile
--- a/test/_centos_8.Dockerfile
+++ b/test/_centos_8.Dockerfile
@@ -1,4 +1,4 @@
-FROM fedora:30
+FROM centos:8
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole
--- a/test/_debian_10.Dockerfile
+++ b/test/_debian_10.Dockerfile
@@ -1,4 +1,4 @@
-FROM buildpack-deps:jessie-scm
+FROM buildpack-deps:buster-scm
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole
--- a/test/_debian_9.Dockerfile
+++ b/test/_debian_9.Dockerfile
@@ -0,0 +1,16 @@
 FROM buildpack-deps:stretch-scm
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole
 RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
 ADD . $GITDIR
 RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
 ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
 RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV PH_TEST true
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_fedora_31.Dockerfile
+++ b/test/_fedora_31.Dockerfile
@@ -0,0 +1,16 @@
 FROM fedora:31
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole
 RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
 ADD . $GITDIR
 RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
 ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
 RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV PH_TEST true
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_fedora_32.Dockerfile
+++ b/test/_fedora_32.Dockerfile
@@ -0,0 +1,16 @@
 FROM fedora:32
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole
 RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
 ADD . $GITDIR
 RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
 ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
 RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV PH_TEST true
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_ubuntu_16.Dockerfile
+++ b/test/_ubuntu_16.Dockerfile
@@ -0,0 +1,16 @@
 FROM buildpack-deps:xenial-scm
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole
 RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
 ADD . $GITDIR
 RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
 ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
 RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV PH_TEST true
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_ubuntu_18.Dockerfile
+++ b/test/_ubuntu_18.Dockerfile
@@ -0,0 +1,16 @@
 FROM buildpack-deps:bionic-scm
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole
 RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
 ADD . $GITDIR
 RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
 ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
 RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV PH_TEST true
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_ubuntu_20.Dockerfile
+++ b/test/_ubuntu_20.Dockerfile
@@ -0,0 +1,17 @@
 FROM buildpack-deps:focal-scm
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole
 RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
 ADD . $GITDIR
 RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
 ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
 ENV DEBIAN_FRONTEND=noninteractive
 RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV PH_TEST true
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/conftest.py
+++ b/test/conftest.py
@@ -14,9 +14,9 @@ SETUPVARS = {
    'PIHOLE_DNS_2': '4.2.2.2'
 }
-tick_box = "[\x1b[1;32m\xe2\x9c\x93\x1b[0m]".decode("utf-8")
+tick_box = "[\x1b[1;32m\u2713\x1b[0m]"
-cross_box = "[\x1b[1;31m\xe2\x9c\x97\x1b[0m]".decode("utf-8")
+cross_box = "[\x1b[1;31m\u2717\x1b[0m]"
-info_box = "[i]".decode("utf-8")
+info_box = "[i]"
@pytest.fixture
@@ -38,9 +38,7 @@ def Pihole(Docker):
        return out
    funcType = type(Docker.run)
-    Docker.run = funcType(run_bash,
+    Docker.run = funcType(run_bash, Docker)
                          Docker,
                          testinfra.backend.docker.DockerBackend)
    return Docker
@@ -71,7 +69,9 @@ def args(request):
    return '-t -d'
-@pytest.fixture(params=['debian', 'centos', 'fedora'])
+@pytest.fixture(params=[
    'test_container'
 ])
 def tag(request):
    '''
    consumed by image to make the test matrix
@@ -106,7 +106,7 @@ def mock_command(script, args, container):
    #!/bin/bash -e
    echo "\$0 \$@" >> /var/log/{script}
    case "\$1" in'''.format(script=script))
-    for k, v in args.iteritems():
+    for k, v in args.items():
        case = dedent('''
        {arg})
        echo {res}
@@ -133,7 +133,7 @@ def mock_command_2(script, args, container):
    #!/bin/bash -e
    echo "\$0 \$@" >> /var/log/{script}
    case "\$1 \$2" in'''.format(script=script))
-    for k, v in args.iteritems():
+    for k, v in args.items():
        case = dedent('''
        \"{arg}\")
        echo \"{res}\"
--- a/test/requirements.txt
+++ b/test/requirements.txt
--- a/test/setup.py
+++ b/test/setup.py
--- a/test/test_000_build_containers.py
+++ b/test/test_000_build_containers.py
@@ -1,23 +0,0 @@
 ''' This file starts with 000 to make it run first '''
 import pytest
 import testinfra
 run_local = testinfra.get_backend(
    "local://"
 ).get_module("Command").run
@pytest.mark.parametrize("image,tag", [
    ('test/debian.Dockerfile', 'pytest_pihole:debian'),
    ('test/centos.Dockerfile', 'pytest_pihole:centos'),
    ('test/fedora.Dockerfile', 'pytest_pihole:fedora'),
 ])
 # mark as 'build_stage' so we can ensure images are build first when tests
 # are executed in parallel. (not required when tests are executed serially)
@pytest.mark.build_stage
 def test_build_pihole_image(image, tag):
    build_cmd = run_local('docker build -f {} -t {} .'.format(image, tag))
    if build_cmd.rc != 0:
        print build_cmd.stdout
        print build_cmd.stderr
    assert build_cmd.rc == 0
--- a/test/test_automated_install.py
+++ b/test/test_automated_install.py
@@ -1,6 +1,6 @@
 from textwrap import dedent
 import re
-from conftest import (
+from .conftest import (
    SETUPVARS,
    tick_box,
    info_box,
@@ -34,7 +34,7 @@ def test_setupVars_are_sourced_to_global_scope(Pihole):
    This confirms the sourced variables are in scope between functions
    '''
    setup_var_file = 'cat <<EOF> /etc/pihole/setupVars.conf\n'
-    for k, v in SETUPVARS.iteritems():
+    for k, v in SETUPVARS.items():
        setup_var_file += "{}={}\n".format(k, v)
    setup_var_file += "EOF\n"
    Pihole.run(setup_var_file)
@@ -59,7 +59,7 @@ def test_setupVars_are_sourced_to_global_scope(Pihole):
    output = run_script(Pihole, script).stdout
-    for k, v in SETUPVARS.iteritems():
+    for k, v in SETUPVARS.items():
        assert "{}={}".format(k, v) in output
@@ -69,7 +69,7 @@ def test_setupVars_saved_to_file(Pihole):
    '''
    # dedent works better with this and padding matching script below
    set_setup_vars = '\n'
-    for k, v in SETUPVARS.iteritems():
+    for k, v in SETUPVARS.items():
        set_setup_vars += "    {}={}\n".format(k, v)
    Pihole.run(set_setup_vars).stdout
@@ -88,7 +88,7 @@ def test_setupVars_saved_to_file(Pihole):
    output = run_script(Pihole, script).stdout
-    for k, v in SETUPVARS.iteritems():
+    for k, v in SETUPVARS.items():
        assert "{}={}".format(k, v) in output
@@ -187,7 +187,55 @@ def test_FTL_detect_aarch64_no_errors(Pihole):
    ''')
    expected_stdout = info_box + ' FTL Checks...'
    assert expected_stdout in detectPlatform.stdout
-    expected_stdout = tick_box + ' Detected ARM-aarch64 architecture'
+    expected_stdout = tick_box + ' Detected AArch64 (64 Bit ARM) processor'
    assert expected_stdout in detectPlatform.stdout
    expected_stdout = tick_box + ' Downloading and Installing FTL'
    assert expected_stdout in detectPlatform.stdout
 def test_FTL_detect_armv4t_no_errors(Pihole):
    '''
    confirms only armv4t package is downloaded for FTL engine
    '''
    # mock uname to return armv4t platform
    mock_command('uname', {'-m': ('armv4t', '0')}, Pihole)
    # mock ldd to respond with ld-linux shared library
    mock_command('ldd', {'/bin/ls': ('/lib/ld-linux.so.3', '0')}, Pihole)
    detectPlatform = Pihole.run('''
    source /opt/pihole/basic-install.sh
    create_pihole_user
    funcOutput=$(get_binary_name)
    binary="pihole-FTL${funcOutput##*pihole-FTL}"
    theRest="${funcOutput%pihole-FTL*}"
    FTLdetect "${binary}" "${theRest}"
    ''')
    expected_stdout = info_box + ' FTL Checks...'
    assert expected_stdout in detectPlatform.stdout
    expected_stdout = tick_box + (' Detected ARMv4 processor')
    assert expected_stdout in detectPlatform.stdout
    expected_stdout = tick_box + ' Downloading and Installing FTL'
    assert expected_stdout in detectPlatform.stdout
 def test_FTL_detect_armv5te_no_errors(Pihole):
    '''
    confirms only armv5te package is downloaded for FTL engine
    '''
    # mock uname to return armv5te platform
    mock_command('uname', {'-m': ('armv5te', '0')}, Pihole)
    # mock ldd to respond with ld-linux shared library
    mock_command('ldd', {'/bin/ls': ('/lib/ld-linux.so.3', '0')}, Pihole)
    detectPlatform = Pihole.run('''
    source /opt/pihole/basic-install.sh
    create_pihole_user
    funcOutput=$(get_binary_name)
    binary="pihole-FTL${funcOutput##*pihole-FTL}"
    theRest="${funcOutput%pihole-FTL*}"
    FTLdetect "${binary}" "${theRest}"
    ''')
    expected_stdout = info_box + ' FTL Checks...'
    assert expected_stdout in detectPlatform.stdout
    expected_stdout = tick_box + (' Detected ARMv5 (or newer) processor')
    assert expected_stdout in detectPlatform.stdout
    expected_stdout = tick_box + ' Downloading and Installing FTL'
    assert expected_stdout in detectPlatform.stdout
@@ -199,7 +247,7 @@ def test_FTL_detect_armv6l_no_errors(Pihole):
    '''
    # mock uname to return armv6l platform
    mock_command('uname', {'-m': ('armv6l', '0')}, Pihole)
-    # mock ldd to respond with aarch64 shared library
+    # mock ldd to respond with ld-linux-armhf shared library
    mock_command('ldd', {'/bin/ls': ('/lib/ld-linux-armhf.so.3', '0')}, Pihole)
    detectPlatform = Pihole.run('''
    source /opt/pihole/basic-install.sh
@@ -211,8 +259,8 @@ def test_FTL_detect_armv6l_no_errors(Pihole):
    ''')
    expected_stdout = info_box + ' FTL Checks...'
    assert expected_stdout in detectPlatform.stdout
-    expected_stdout = tick_box + (' Detected ARM-hf architecture '
+    expected_stdout = tick_box + (' Detected ARMv6 processor '
-                                  '(armv6 or lower)')
+                                  '(with hard-float support)')
    assert expected_stdout in detectPlatform.stdout
    expected_stdout = tick_box + ' Downloading and Installing FTL'
    assert expected_stdout in detectPlatform.stdout
@@ -224,7 +272,7 @@ def test_FTL_detect_armv7l_no_errors(Pihole):
    '''
    # mock uname to return armv7l platform
    mock_command('uname', {'-m': ('armv7l', '0')}, Pihole)
-    # mock ldd to respond with aarch64 shared library
+    # mock ldd to respond with ld-linux-armhf shared library
    mock_command('ldd', {'/bin/ls': ('/lib/ld-linux-armhf.so.3', '0')}, Pihole)
    detectPlatform = Pihole.run('''
    source /opt/pihole/basic-install.sh
@@ -236,7 +284,32 @@ def test_FTL_detect_armv7l_no_errors(Pihole):
    ''')
    expected_stdout = info_box + ' FTL Checks...'
    assert expected_stdout in detectPlatform.stdout
-    expected_stdout = tick_box + ' Detected ARM-hf architecture (armv7+)'
+    expected_stdout = tick_box + (' Detected ARMv7 processor '
                                  '(with hard-float support)')
    assert expected_stdout in detectPlatform.stdout
    expected_stdout = tick_box + ' Downloading and Installing FTL'
    assert expected_stdout in detectPlatform.stdout
 def test_FTL_detect_armv8a_no_errors(Pihole):
    '''
    confirms only armv8a package is downloaded for FTL engine
    '''
    # mock uname to return armv8a platform
    mock_command('uname', {'-m': ('armv8a', '0')}, Pihole)
    # mock ldd to respond with ld-linux-armhf shared library
    mock_command('ldd', {'/bin/ls': ('/lib/ld-linux-armhf.so.3', '0')}, Pihole)
    detectPlatform = Pihole.run('''
    source /opt/pihole/basic-install.sh
    create_pihole_user
    funcOutput=$(get_binary_name)
    binary="pihole-FTL${funcOutput##*pihole-FTL}"
    theRest="${funcOutput%pihole-FTL*}"
    FTLdetect "${binary}" "${theRest}"
    ''')
    expected_stdout = info_box + ' FTL Checks...'
    assert expected_stdout in detectPlatform.stdout
    expected_stdout = tick_box + ' Detected ARMv8 (or newer) processor'
    assert expected_stdout in detectPlatform.stdout
    expected_stdout = tick_box + ' Downloading and Installing FTL'
    assert expected_stdout in detectPlatform.stdout
@@ -256,7 +329,7 @@ def test_FTL_detect_x86_64_no_errors(Pihole):
    ''')
    expected_stdout = info_box + ' FTL Checks...'
    assert expected_stdout in detectPlatform.stdout
-    expected_stdout = tick_box + ' Detected x86_64 architecture'
+    expected_stdout = tick_box + ' Detected x86_64 processor'
    assert expected_stdout in detectPlatform.stdout
    expected_stdout = tick_box + ' Downloading and Installing FTL'
    assert expected_stdout in detectPlatform.stdout
@@ -274,7 +347,7 @@ def test_FTL_detect_unknown_no_errors(Pihole):
    theRest="${funcOutput%pihole-FTL*}"
    FTLdetect "${binary}" "${theRest}"
    ''')
-    expected_stdout = 'Not able to detect architecture (unknown: mips)'
+    expected_stdout = 'Not able to detect processor (unknown: mips)'
    assert expected_stdout in detectPlatform.stdout
@@ -488,3 +561,37 @@ def test_validate_ip_invalid_letters(Pihole):
    ''')
    assert output.rc == 1
 def test_os_check_fails(Pihole):
    ''' Confirms install fails on unsupported OS '''
    Pihole.run('''
    source /opt/pihole/basic-install.sh
    distro_check
    install_dependent_packages ${INSTALLER_DEPS[@]}
    cat <<EOT > /etc/os-release
    ID=UnsupportedOS
    VERSION_ID="2"
    EOT
    ''')
    detectOS = Pihole.run('''t
    source /opt/pihole/basic-install.sh
    os_check
    ''')
    expected_stdout = 'Unsupported OS detected: UnsupportedOS'
    assert expected_stdout in detectOS.stdout
 def test_os_check_passes(Pihole):
    ''' Confirms OS meets the requirements '''
    Pihole.run('''
    source /opt/pihole/basic-install.sh
    distro_check
    install_dependent_packages ${INSTALLER_DEPS[@]}
    ''')
    detectOS = Pihole.run('''
    source /opt/pihole/basic-install.sh
    os_check
    ''')
    expected_stdout = 'Supported OS detected'
    assert expected_stdout in detectOS.stdout
--- a/test/test_centos_7_support.py
+++ b/test/test_centos_7_support.py
@@ -0,0 +1,60 @@
 from .conftest import (
    tick_box,
    info_box,
    mock_command,
 )
 def test_php_upgrade_default_optout_centos_eq_7(Pihole):
    '''
    confirms the default behavior to opt-out of installing PHP7 from REMI
    '''
    distro_check = Pihole.run('''
    source /opt/pihole/basic-install.sh
    distro_check
    ''')
    expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
                                  'Deprecated PHP may be in use.')
    assert expected_stdout in distro_check.stdout
    remi_package = Pihole.package('remi-release')
    assert not remi_package.is_installed
 def test_php_upgrade_user_optout_centos_eq_7(Pihole):
    '''
    confirms installer behavior when user opt-out of installing PHP7 from REMI
    (php not currently installed)
    '''
    # Whiptail dialog returns Cancel for user prompt
    mock_command('whiptail', {'*': ('', '1')}, Pihole)
    distro_check = Pihole.run('''
    source /opt/pihole/basic-install.sh
    distro_check
    ''')
    expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
                                  'Deprecated PHP may be in use.')
    assert expected_stdout in distro_check.stdout
    remi_package = Pihole.package('remi-release')
    assert not remi_package.is_installed
 def test_php_upgrade_user_optin_centos_eq_7(Pihole):
    '''
    confirms installer behavior when user opt-in to installing PHP7 from REMI
    (php not currently installed)
    '''
    # Whiptail dialog returns Continue for user prompt
    mock_command('whiptail', {'*': ('', '0')}, Pihole)
    distro_check = Pihole.run('''
    source /opt/pihole/basic-install.sh
    distro_check
    ''')
    assert 'opt-out' not in distro_check.stdout
    expected_stdout = info_box + (' Enabling Remi\'s RPM repository '
                                  '(https://rpms.remirepo.net)')
    assert expected_stdout in distro_check.stdout
    expected_stdout = tick_box + (' Remi\'s RPM repository has '
                                  'been enabled for PHP7')
    assert expected_stdout in distro_check.stdout
    remi_package = Pihole.package('remi-release')
    assert remi_package.is_installed
--- a/test/test_centos_8_support.py
+++ b/test/test_centos_8_support.py
@@ -0,0 +1,65 @@
 from .conftest import (
    tick_box,
    info_box,
    mock_command,
 )
 def test_php_upgrade_default_continue_centos_gte_8(Pihole):
    '''
    confirms the latest version of CentOS continues / does not optout
    (should trigger on CentOS7 only)
    '''
    distro_check = Pihole.run('''
    source /opt/pihole/basic-install.sh
    distro_check
    ''')
    unexpected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS.'
                                    ' Deprecated PHP may be in use.')
    assert unexpected_stdout not in distro_check.stdout
    # ensure remi was not installed on latest CentOS
    remi_package = Pihole.package('remi-release')
    assert not remi_package.is_installed
 def test_php_upgrade_user_optout_skipped_centos_gte_8(Pihole):
    '''
    confirms installer skips user opt-out of installing PHP7 from REMI on
    latest CentOS (should trigger on CentOS7 only)
    (php not currently installed)
    '''
    # Whiptail dialog returns Cancel for user prompt
    mock_command('whiptail', {'*': ('', '1')}, Pihole)
    distro_check = Pihole.run('''
    source /opt/pihole/basic-install.sh
    distro_check
    ''')
    unexpected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS.'
                                    ' Deprecated PHP may be in use.')
    assert unexpected_stdout not in distro_check.stdout
    # ensure remi was not installed on latest CentOS
    remi_package = Pihole.package('remi-release')
    assert not remi_package.is_installed
 def test_php_upgrade_user_optin_skipped_centos_gte_8(Pihole):
    '''
    confirms installer skips user opt-in to installing PHP7 from REMI on
    latest CentOS (should trigger on CentOS7 only)
    (php not currently installed)
    '''
    # Whiptail dialog returns Continue for user prompt
    mock_command('whiptail', {'*': ('', '0')}, Pihole)
    distro_check = Pihole.run('''
    source /opt/pihole/basic-install.sh
    distro_check
    ''')
    assert 'opt-out' not in distro_check.stdout
    unexpected_stdout = info_box + (' Enabling Remi\'s RPM repository '
                                    '(https://rpms.remirepo.net)')
    assert unexpected_stdout not in distro_check.stdout
    unexpected_stdout = tick_box + (' Remi\'s RPM repository has '
                                    'been enabled for PHP7')
    assert unexpected_stdout not in distro_check.stdout
    remi_package = Pihole.package('remi-release')
    assert not remi_package.is_installed
--- a/test/test_centos_common_support.py
+++ b/test/test_centos_common_support.py
@@ -0,0 +1,120 @@
 import pytest
 from .conftest import (
    tick_box,
    info_box,
    cross_box,
    mock_command,
 )
 def test_release_supported_version_check_centos(Pihole):
    '''
    confirms installer exits on unsupported releases of CentOS
    '''
    # modify /etc/redhat-release to mock an unsupported CentOS release
    Pihole.run('echo "CentOS Linux release 6.9" > /etc/redhat-release')
    distro_check = Pihole.run('''
    source /opt/pihole/basic-install.sh
    distro_check
    ''')
    expected_stdout = cross_box + (' CentOS 6 is not supported.')
    assert expected_stdout in distro_check.stdout
    expected_stdout = 'Please update to CentOS release 7 or later'
    assert expected_stdout in distro_check.stdout
 def test_enable_epel_repository_centos(Pihole):
    '''
    confirms the EPEL package repository is enabled when installed on CentOS
    '''
    distro_check = Pihole.run('''
    source /opt/pihole/basic-install.sh
    distro_check
    ''')
    expected_stdout = info_box + (' Enabling EPEL package repository '
                                  '(https://fedoraproject.org/wiki/EPEL)')
    assert expected_stdout in distro_check.stdout
    expected_stdout = tick_box + ' Installed epel-release'
    assert expected_stdout in distro_check.stdout
    epel_package = Pihole.package('epel-release')
    assert epel_package.is_installed
 def test_php_version_lt_7_detected_upgrade_default_optout_centos(Pihole):
    '''
    confirms the default behavior to opt-out of upgrading to PHP7 from REMI
    '''
    # first we will install the default php version to test installer behavior
    php_install = Pihole.run('yum install -y php')
    assert php_install.rc == 0
    php_package = Pihole.package('php')
    default_centos_php_version = php_package.version.split('.')[0]
    if int(default_centos_php_version) >= 7:  # PHP7 is supported/recommended
        pytest.skip("Test deprecated . Detected default PHP version >= 7")
    distro_check = Pihole.run('''
    source /opt/pihole/basic-install.sh
    distro_check
    ''')
    expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
                                  'Deprecated PHP may be in use.')
    assert expected_stdout in distro_check.stdout
    remi_package = Pihole.package('remi-release')
    assert not remi_package.is_installed
 def test_php_version_lt_7_detected_upgrade_user_optout_centos(Pihole):
    '''
    confirms installer behavior when user opt-out to upgrade to PHP7 via REMI
    '''
    # first we will install the default php version to test installer behavior
    php_install = Pihole.run('yum install -y php')
    assert php_install.rc == 0
    php_package = Pihole.package('php')
    default_centos_php_version = php_package.version.split('.')[0]
    if int(default_centos_php_version) >= 7:  # PHP7 is supported/recommended
        pytest.skip("Test deprecated . Detected default PHP version >= 7")
    # Whiptail dialog returns Cancel for user prompt
    mock_command('whiptail', {'*': ('', '1')}, Pihole)
    distro_check = Pihole.run('''
    source /opt/pihole/basic-install.sh
    distro_check
    ''')
    expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
                                  'Deprecated PHP may be in use.')
    assert expected_stdout in distro_check.stdout
    remi_package = Pihole.package('remi-release')
    assert not remi_package.is_installed
 def test_php_version_lt_7_detected_upgrade_user_optin_centos(Pihole):
    '''
    confirms installer behavior when user opt-in to upgrade to PHP7 via REMI
    '''
    # first we will install the default php version to test installer behavior
    php_install = Pihole.run('yum install -y php')
    assert php_install.rc == 0
    php_package = Pihole.package('php')
    default_centos_php_version = php_package.version.split('.')[0]
    if int(default_centos_php_version) >= 7:  # PHP7 is supported/recommended
        pytest.skip("Test deprecated . Detected default PHP version >= 7")
    # Whiptail dialog returns Continue for user prompt
    mock_command('whiptail', {'*': ('', '0')}, Pihole)
    distro_check = Pihole.run('''
    source /opt/pihole/basic-install.sh
    distro_check
    install_dependent_packages PIHOLE_WEB_DEPS[@]
    ''')
    expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
                                  'Deprecated PHP may be in use.')
    assert expected_stdout not in distro_check.stdout
    expected_stdout = info_box + (' Enabling Remi\'s RPM repository '
                                  '(https://rpms.remirepo.net)')
    assert expected_stdout in distro_check.stdout
    expected_stdout = tick_box + (' Remi\'s RPM repository has '
                                  'been enabled for PHP7')
    assert expected_stdout in distro_check.stdout
    remi_package = Pihole.package('remi-release')
    assert remi_package.is_installed
    updated_php_package = Pihole.package('php')
    updated_php_version = updated_php_package.version.split('.')[0]
    assert int(updated_php_version) == 7
--- a/test/test_centos_fedora_common_support.py
+++ b/test/test_centos_fedora_common_support.py
@@ -0,0 +1,65 @@
 from .conftest import (
    tick_box,
    cross_box,
    mock_command,
 )
 def mock_selinux_config(state, Pihole):
    '''
    Creates a mock SELinux config file with expected content
    '''
    # validate state string
    valid_states = ['enforcing', 'permissive', 'disabled']
    assert state in valid_states
    # getenforce returns the running state of SELinux
    mock_command('getenforce', {'*': (state.capitalize(), '0')}, Pihole)
    # create mock configuration with desired content
    Pihole.run('''
    mkdir /etc/selinux
    echo "SELINUX={state}" > /etc/selinux/config
    '''.format(state=state.lower()))
 def test_selinux_enforcing_exit(Pihole):
    '''
    confirms installer prompts to exit when SELinux is Enforcing by default
    '''
    mock_selinux_config("enforcing", Pihole)
    check_selinux = Pihole.run('''
    source /opt/pihole/basic-install.sh
    checkSelinux
    ''')
    expected_stdout = cross_box + ' Current SELinux: Enforcing'
    assert expected_stdout in check_selinux.stdout
    expected_stdout = 'SELinux Enforcing detected, exiting installer'
    assert expected_stdout in check_selinux.stdout
    assert check_selinux.rc == 1
 def test_selinux_permissive(Pihole):
    '''
    confirms installer continues when SELinux is Permissive
    '''
    mock_selinux_config("permissive", Pihole)
    check_selinux = Pihole.run('''
    source /opt/pihole/basic-install.sh
    checkSelinux
    ''')
    expected_stdout = tick_box + ' Current SELinux: Permissive'
    assert expected_stdout in check_selinux.stdout
    assert check_selinux.rc == 0
 def test_selinux_disabled(Pihole):
    '''
    confirms installer continues when SELinux is Disabled
    '''
    mock_selinux_config("disabled", Pihole)
    check_selinux = Pihole.run('''
    source /opt/pihole/basic-install.sh
    checkSelinux
    ''')
    expected_stdout = tick_box + ' Current SELinux: Disabled'
    assert expected_stdout in check_selinux.stdout
    assert check_selinux.rc == 0
--- a/test/test_centos_fedora_support.py
+++ b/test/test_centos_fedora_support.py
@@ -1,265 +0,0 @@
 import pytest
 from conftest import (
    tick_box,
    info_box,
    cross_box,
    mock_command,
    mock_command_2,
 )
 def mock_selinux_config(state, Pihole):
    '''
    Creates a mock SELinux config file with expected content
    '''
    # validate state string
    valid_states = ['enforcing', 'permissive', 'disabled']
    assert state in valid_states
    # getenforce returns the running state of SELinux
    mock_command('getenforce', {'*': (state.capitalize(), '0')}, Pihole)
    # create mock configuration with desired content
    Pihole.run('''
    mkdir /etc/selinux
    echo "SELINUX={state}" > /etc/selinux/config
    '''.format(state=state.lower()))
@pytest.mark.parametrize("tag", [('centos'), ('fedora'), ])
 def test_selinux_enforcing_exit(Pihole):
    '''
    confirms installer prompts to exit when SELinux is Enforcing by default
    '''
    mock_selinux_config("enforcing", Pihole)
    check_selinux = Pihole.run('''
    source /opt/pihole/basic-install.sh
    checkSelinux
    ''')
    expected_stdout = cross_box + ' Current SELinux: Enforcing'
    assert expected_stdout in check_selinux.stdout
    expected_stdout = 'SELinux Enforcing detected, exiting installer'
    assert expected_stdout in check_selinux.stdout
    assert check_selinux.rc == 1
@pytest.mark.parametrize("tag", [('centos'), ('fedora'), ])
 def test_selinux_permissive(Pihole):
    '''
    confirms installer continues when SELinux is Permissive
    '''
    mock_selinux_config("permissive", Pihole)
    check_selinux = Pihole.run('''
    source /opt/pihole/basic-install.sh
    checkSelinux
    ''')
    expected_stdout = tick_box + ' Current SELinux: Permissive'
    assert expected_stdout in check_selinux.stdout
    assert check_selinux.rc == 0
@pytest.mark.parametrize("tag", [('centos'), ('fedora'), ])
 def test_selinux_disabled(Pihole):
    '''
    confirms installer continues when SELinux is Disabled
    '''
    mock_selinux_config("disabled", Pihole)
    check_selinux = Pihole.run('''
    source /opt/pihole/basic-install.sh
    checkSelinux
    ''')
    expected_stdout = tick_box + ' Current SELinux: Disabled'
    assert expected_stdout in check_selinux.stdout
    assert check_selinux.rc == 0
@pytest.mark.parametrize("tag", [('fedora'), ])
 def test_epel_and_remi_not_installed_fedora(Pihole):
    '''
    confirms installer does not attempt to install EPEL/REMI repositories
    on Fedora
    '''
    distro_check = Pihole.run('''
    source /opt/pihole/basic-install.sh
    distro_check
    ''')
    assert distro_check.stdout == ''
    epel_package = Pihole.package('epel-release')
    assert not epel_package.is_installed
    remi_package = Pihole.package('remi-release')
    assert not remi_package.is_installed
@pytest.mark.parametrize("tag", [('centos'), ])
 def test_release_supported_version_check_centos(Pihole):
    '''
    confirms installer exits on unsupported releases of CentOS
    '''
    # modify /etc/redhat-release to mock an unsupported CentOS release
    Pihole.run('echo "CentOS Linux release 6.9" > /etc/redhat-release')
    distro_check = Pihole.run('''
    source /opt/pihole/basic-install.sh
    distro_check
    ''')
    expected_stdout = cross_box + (' CentOS 6 is not supported.')
    assert expected_stdout in distro_check.stdout
    expected_stdout = 'Please update to CentOS release 7 or later'
    assert expected_stdout in distro_check.stdout
@pytest.mark.parametrize("tag", [('centos'), ])
 def test_enable_epel_repository_centos(Pihole):
    '''
    confirms the EPEL package repository is enabled when installed on CentOS
    '''
    distro_check = Pihole.run('''
    source /opt/pihole/basic-install.sh
    distro_check
    ''')
    expected_stdout = info_box + (' Enabling EPEL package repository '
                                  '(https://fedoraproject.org/wiki/EPEL)')
    assert expected_stdout in distro_check.stdout
    expected_stdout = tick_box + ' Installed epel-release'
    assert expected_stdout in distro_check.stdout
    epel_package = Pihole.package('epel-release')
    assert epel_package.is_installed
@pytest.mark.parametrize("tag", [('centos'), ])
 def test_php_upgrade_default_optout_centos(Pihole):
    '''
    confirms the default behavior to opt-out of installing PHP7 from REMI
    '''
    distro_check = Pihole.run('''
    source /opt/pihole/basic-install.sh
    distro_check
    ''')
    expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
                                  'Deprecated PHP may be in use.')
    assert expected_stdout in distro_check.stdout
    remi_package = Pihole.package('remi-release')
    assert not remi_package.is_installed
@pytest.mark.parametrize("tag", [('centos'), ])
 def test_php_upgrade_user_optout_centos(Pihole):
    '''
    confirms installer behavior when user opt-out of installing PHP7 from REMI
    (php not currently installed)
    '''
    # Whiptail dialog returns Cancel for user prompt
    mock_command('whiptail', {'*': ('', '1')}, Pihole)
    distro_check = Pihole.run('''
    source /opt/pihole/basic-install.sh
    distro_check
    ''')
    expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
                                  'Deprecated PHP may be in use.')
    assert expected_stdout in distro_check.stdout
    remi_package = Pihole.package('remi-release')
    assert not remi_package.is_installed
@pytest.mark.parametrize("tag", [('centos'), ])
 def test_php_upgrade_user_optin_centos(Pihole):
    '''
    confirms installer behavior when user opt-in to installing PHP7 from REMI
    (php not currently installed)
    '''
    # Whiptail dialog returns Continue for user prompt
    mock_command('whiptail', {'*': ('', '0')}, Pihole)
    distro_check = Pihole.run('''
    source /opt/pihole/basic-install.sh
    distro_check
    ''')
    assert 'opt-out' not in distro_check.stdout
    expected_stdout = info_box + (' Enabling Remi\'s RPM repository '
                                  '(https://rpms.remirepo.net)')
    assert expected_stdout in distro_check.stdout
    expected_stdout = tick_box + (' Remi\'s RPM repository has '
                                  'been enabled for PHP7')
    assert expected_stdout in distro_check.stdout
    remi_package = Pihole.package('remi-release')
    assert remi_package.is_installed
@pytest.mark.parametrize("tag", [('centos'), ])
 def test_php_version_lt_7_detected_upgrade_default_optout_centos(Pihole):
    '''
    confirms the default behavior to opt-out of upgrading to PHP7 from REMI
    '''
    # first we will install the default php version to test installer behavior
    php_install = Pihole.run('yum install -y php')
    assert php_install.rc == 0
    php_package = Pihole.package('php')
    default_centos_php_version = php_package.version.split('.')[0]
    if int(default_centos_php_version) >= 7:  # PHP7 is supported/recommended
        pytest.skip("Test deprecated . Detected default PHP version >= 7")
    distro_check = Pihole.run('''
    source /opt/pihole/basic-install.sh
    distro_check
    ''')
    expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
                                  'Deprecated PHP may be in use.')
    assert expected_stdout in distro_check.stdout
    remi_package = Pihole.package('remi-release')
    assert not remi_package.is_installed
@pytest.mark.parametrize("tag", [('centos'), ])
 def test_php_version_lt_7_detected_upgrade_user_optout_centos(Pihole):
    '''
    confirms installer behavior when user opt-out to upgrade to PHP7 via REMI
    '''
    # first we will install the default php version to test installer behavior
    php_install = Pihole.run('yum install -y php')
    assert php_install.rc == 0
    php_package = Pihole.package('php')
    default_centos_php_version = php_package.version.split('.')[0]
    if int(default_centos_php_version) >= 7:  # PHP7 is supported/recommended
        pytest.skip("Test deprecated . Detected default PHP version >= 7")
    # Whiptail dialog returns Cancel for user prompt
    mock_command('whiptail', {'*': ('', '1')}, Pihole)
    distro_check = Pihole.run('''
    source /opt/pihole/basic-install.sh
    distro_check
    ''')
    expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
                                  'Deprecated PHP may be in use.')
    assert expected_stdout in distro_check.stdout
    remi_package = Pihole.package('remi-release')
    assert not remi_package.is_installed
@pytest.mark.parametrize("tag", [('centos'), ])
 def test_php_version_lt_7_detected_upgrade_user_optin_centos(Pihole):
    '''
    confirms installer behavior when user opt-in to upgrade to PHP7 via REMI
    '''
    # first we will install the default php version to test installer behavior
    php_install = Pihole.run('yum install -y php')
    assert php_install.rc == 0
    php_package = Pihole.package('php')
    default_centos_php_version = php_package.version.split('.')[0]
    if int(default_centos_php_version) >= 7:  # PHP7 is supported/recommended
        pytest.skip("Test deprecated . Detected default PHP version >= 7")
    # Whiptail dialog returns Continue for user prompt
    mock_command('whiptail', {'*': ('', '0')}, Pihole)
    distro_check = Pihole.run('''
    source /opt/pihole/basic-install.sh
    distro_check
    install_dependent_packages PIHOLE_WEB_DEPS[@]
    ''')
    expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
                                  'Deprecated PHP may be in use.')
    assert expected_stdout not in distro_check.stdout
    expected_stdout = info_box + (' Enabling Remi\'s RPM repository '
                                  '(https://rpms.remirepo.net)')
    assert expected_stdout in distro_check.stdout
    expected_stdout = tick_box + (' Remi\'s RPM repository has '
                                  'been enabled for PHP7')
    assert expected_stdout in distro_check.stdout
    remi_package = Pihole.package('remi-release')
    assert remi_package.is_installed
    updated_php_package = Pihole.package('php')
    updated_php_version = updated_php_package.version.split('.')[0]
    assert int(updated_php_version) == 7
--- a/test/test_fedora_support.py
+++ b/test/test_fedora_support.py
@@ -0,0 +1,15 @@
 def test_epel_and_remi_not_installed_fedora(Pihole):
    '''
    confirms installer does not attempt to install EPEL/REMI repositories
    on Fedora
    '''
    distro_check = Pihole.run('''
    source /opt/pihole/basic-install.sh
    distro_check
    ''')
    assert distro_check.stdout == ''
    epel_package = Pihole.package('epel-release')
    assert not epel_package.is_installed
    remi_package = Pihole.package('remi-release')
    assert not remi_package.is_installed
--- a/test/test_shellcheck.py
+++ b/test/test_shellcheck.py
@@ -1,18 +0,0 @@
 import testinfra
 run_local = testinfra.get_backend(
    "local://"
 ).get_module("Command").run
 def test_scripts_pass_shellcheck():
    '''
    Make sure shellcheck does not find anything wrong with our shell scripts
    '''
    shellcheck = ("find . -type f -name 'update.sh' "
                  "| while read file; do "
                  "shellcheck -x \"$file\" -e SC1090,SC1091; "
                  "done;")
    results = run_local(shellcheck)
    print results.stdout
    assert '' == results.stdout
--- a/test/tox.centos_7.ini
+++ b/test/tox.centos_7.ini
@@ -0,0 +1,8 @@
 [tox]
 envlist = py37
 [testenv]
 whitelist_externals = docker
 deps = -rrequirements.txt
 commands = docker build -f _centos_7.Dockerfile -t pytest_pihole:test_container ../
           pytest {posargs:-vv -n auto} ./test_automated_install.py ./test_centos_fedora_common_support.py ./test_centos_common_support.py ./test_centos_7_support.py
--- a/test/tox.centos_8.ini
+++ b/test/tox.centos_8.ini
@@ -0,0 +1,8 @@
 [tox]
 envlist = py37
 [testenv]
 whitelist_externals = docker
 deps = -rrequirements.txt
 commands = docker build -f _centos_8.Dockerfile -t pytest_pihole:test_container ../
           pytest {posargs:-vv -n auto} ./test_automated_install.py ./test_centos_fedora_common_support.py ./test_centos_common_support.py ./test_centos_8_support.py
--- a/test/tox.debian_10.ini
+++ b/test/tox.debian_10.ini
@@ -0,0 +1,8 @@
 [tox]
 envlist = py37
 [testenv]
 whitelist_externals = docker
 deps = -rrequirements.txt
 commands = docker build -f _debian_10.Dockerfile -t pytest_pihole:test_container ../
           pytest {posargs:-vv -n auto} ./test_automated_install.py
--- a/test/tox.debian_9.ini
+++ b/test/tox.debian_9.ini
@@ -0,0 +1,8 @@
 [tox]
 envlist = py37
 [testenv]
 whitelist_externals = docker
 deps = -rrequirements.txt
 commands = docker build -f _debian_9.Dockerfile -t pytest_pihole:test_container ../
           pytest {posargs:-vv -n auto} ./test_automated_install.py
--- a/test/tox.fedora_31.ini
+++ b/test/tox.fedora_31.ini
@@ -0,0 +1,8 @@
 [tox]
 envlist = py37
 [testenv]
 whitelist_externals = docker
 deps = -rrequirements.txt
 commands = docker build -f _fedora_31.Dockerfile -t pytest_pihole:test_container ../
           pytest {posargs:-vv -n auto} ./test_automated_install.py ./test_centos_fedora_common_support.py ./test_fedora_support.py
--- a/test/tox.fedora_32.ini
+++ b/test/tox.fedora_32.ini
@@ -0,0 +1,8 @@
 [tox]
 envlist = py37
 [testenv]
 whitelist_externals = docker
 deps = -rrequirements.txt
 commands = docker build -f _fedora_32.Dockerfile -t pytest_pihole:test_container ../
           pytest {posargs:-vv -n auto} ./test_automated_install.py ./test_centos_fedora_common_support.py ./test_fedora_support.py
--- a/test/tox.ubuntu_16.ini
+++ b/test/tox.ubuntu_16.ini
@@ -0,0 +1,8 @@
 [tox]
 envlist = py37
 [testenv]
 whitelist_externals = docker
 deps = -rrequirements.txt
 commands = docker build -f _ubuntu_16.Dockerfile -t pytest_pihole:test_container ../
           pytest {posargs:-vv -n auto} ./test_automated_install.py
--- a/test/tox.ubuntu_18.ini
+++ b/test/tox.ubuntu_18.ini
@@ -0,0 +1,8 @@
 [tox]
 envlist = py37
 [testenv]
 whitelist_externals = docker
 deps = -rrequirements.txt
 commands = docker build -f _ubuntu_18.Dockerfile -t pytest_pihole:test_container ../
           pytest {posargs:-vv -n auto} ./test_automated_install.py
--- a/test/tox.ubuntu_20.ini
+++ b/test/tox.ubuntu_20.ini
@@ -0,0 +1,8 @@
 [tox]
 envlist = py37
 [testenv]
 whitelist_externals = docker
 deps = -rrequirements.txt
 commands = docker build -f _ubuntu_20.Dockerfile -t pytest_pihole:test_container ../
           pytest {posargs:-vv -n auto} ./test_automated_install.py
--- a/tox.ini
+++ b/tox.ini
@@ -1,10 +0,0 @@
 [tox]
 envlist = py27
 [testenv]
 whitelist_externals = docker
 deps = -rrequirements.txt
 commands = docker build -f test/debian.Dockerfile -t pytest_pihole:debian .
           docker build -f test/centos.Dockerfile -t pytest_pihole:centos .
           docker build -f test/fedora.Dockerfile -t pytest_pihole:fedora .
           pytest {posargs:-vv -n auto} -m "not build_stage" ./test/