v5.14.2 (#5040 )

Fix pihole updatecheck reboot (#5035 )
Using shift to allow passing multiple arguments
2022-11-27 21:31:19 +00:00 · 2022-11-23 11:08:46 -08:00 · 2022-11-23 15:33:49 -03:00 · 2022-11-23 14:07:30 -03:00 · 2022-11-18 17:40:12 -08:00 · 2022-11-18 23:50:34 +01:00
43 changed files with 1235 additions and 1210 deletions
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -25,7 +25,7 @@ jobs:
    steps:
    -
      name: Checkout repository
-      uses: actions/checkout@v3.0.2
+      uses: actions/checkout@v3.1.0
    # Initializes the CodeQL tools for scanning.
    -
      name: Initialize CodeQL
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@@ -13,7 +13,7 @@ jobs:
      issues: write
    steps:
-      - uses: actions/stale@v5.1.1
+      - uses: actions/stale@v6.0.1
        with:
          repo-token: ${{ secrets.GITHUB_TOKEN }}
          days-before-stale: 30
--- a/.github/workflows/sync-back-to-dev.yml
+++ b/.github/workflows/sync-back-to-dev.yml
@@ -11,7 +11,7 @@ jobs:
    name: Syncing branches
    steps:
      - name: Checkout
-        uses: actions/checkout@v3.0.2
+        uses: actions/checkout@v3.1.0
      - name: Opening pull request
        id: pull
        uses: tretuna/sync-branches@1.4.0
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -12,29 +12,33 @@ jobs:
    if: github.event.pull_request.draft == false
    runs-on: ubuntu-latest
    steps:
-    -
+      - name: Checkout repository
-      name: Checkout repository
+        uses: actions/checkout@v3.1.0
      uses: actions/checkout@v3.0.2
    -
      name: Check scripts in repository are executable
      run: |
        IFS=$'\n';
        for f in $(find . -name '*.sh'); do if [[ ! -x $f ]]; then echo "$f is not executable" && FAIL=1; fi ;done
        unset IFS;
        # If FAIL is 1 then we fail.
        [[ $FAIL == 1 ]] && exit 1 || echo "Scripts are executable!"
    -
      name: Spell-Checking
      uses: codespell-project/actions-codespell@master
      with:
        ignore_words_file: .codespellignore
    -
      name: Get editorconfig-checker
      uses: editorconfig-checker/action-editorconfig-checker@main # tag v1.0.0 is really out of date
    -
      name: Run editorconfig-checker
      run: editorconfig-checker
      - name: Check scripts in repository are executable
        run: |
          IFS=$'\n';
          for f in $(find . -name '*.sh'); do if [[ ! -x $f ]]; then echo "$f is not executable" && FAIL=1; fi ;done
          unset IFS;
          # If FAIL is 1 then we fail.
          [[ $FAIL == 1 ]] && exit 1 || echo "Scripts are executable!"
      - name: Spell-Checking
        uses: codespell-project/actions-codespell@master
        with:
          ignore_words_file: .codespellignore
      - name: Get editorconfig-checker
        uses: editorconfig-checker/action-editorconfig-checker@main # tag v1.0.0 is really out of date
      - name: Run editorconfig-checker
        run: editorconfig-checker
      - name: Check python code formatting with black
        uses: psf/black@stable
        with:
          src: "./test"
          options: "--check --diff --color"
  distro-test:
    if: github.event.pull_request.draft == false
@@ -43,21 +47,30 @@ jobs:
    strategy:
      fail-fast: false
      matrix:
-        distro: [debian_10, debian_11, ubuntu_18, ubuntu_20, ubuntu_22, centos_8, fedora_34]
+        distro:
          [
            debian_10,
            debian_11,
            ubuntu_20,
            ubuntu_22,
            centos_8,
            centos_9,
            fedora_35,
            fedora_36,
          ]
    env:
      DISTRO: ${{matrix.distro}}
    steps:
-    -
+      - name: Checkout repository
-      name: Checkout repository
+        uses: actions/checkout@v3.1.0
-      uses: actions/checkout@v3.0.2
+
-    -
+      - name: Set up Python 3.10
-      name: Set up Python 3.8
+        uses: actions/setup-python@v4.3.0
-      uses: actions/setup-python@v4.2.0
+        with:
-      with:
+          python-version: "3.10"
-        python-version: 3.8
+
-    -
+      - name: Install dependencies
-      name: Install dependencies
+        run: pip install -r test/requirements.txt
-      run: pip install -r test/requirements.txt
+
-    -
+      - name: Test with tox
-      name: Test with tox
+        run: tox -c test/tox.${DISTRO}.ini
      run: tox -c test/tox.${DISTRO}.ini
--- a/README.md
+++ b/README.md
@@ -16,11 +16,11 @@
 The Pi-hole® is a [DNS sinkhole](https://en.wikipedia.org/wiki/DNS_Sinkhole) that protects your devices from unwanted content without installing any client-side software.
- **Easy-to-install**: our versatile installer walks you through the process and takes less than ten minutes
+- **Easy-to-install**: our dialogs walk you through the simple installation process in less than ten minutes
 - **Resolute**: content is blocked in _non-browser locations_, such as ad-laden mobile apps and smart TVs
 - **Responsive**: seamlessly speeds up the feel of everyday browsing by caching DNS queries
 - **Lightweight**: runs smoothly with [minimal hardware and software requirements](https://docs.pi-hole.net/main/prerequisites/)
- **Robust**: a command line interface that is quality assured for interoperability
+- **Robust**: a command-line interface that is quality assured for interoperability
 - **Insightful**: a beautiful responsive Web Interface dashboard to view and control your Pi-hole
 - **Versatile**: can optionally function as a [DHCP server](https://discourse.pi-hole.net/t/how-do-i-use-pi-holes-built-in-dhcp-server-and-why-would-i-want-to/3026), ensuring _all_ your devices are protected automatically
 - **Scalable**: [capable of handling hundreds of millions of queries](https://pi-hole.net/2017/05/24/how-much-traffic-can-pi-hole-handle/) when installed on server-grade hardware
@@ -60,7 +60,7 @@ Please refer to the [Pi-hole docker repo](https://github.com/pi-hole/docker-pi-h
 ## [Post-install: Make your network take advantage of Pi-hole](https://docs.pi-hole.net/main/post-install/)
-Once the installer has been run, you will need to [configure your router to have **DHCP clients use Pi-hole as their DNS server**](https://discourse.pi-hole.net/t/how-do-i-configure-my-devices-to-use-pi-hole-as-their-dns-server/245) which ensures that all devices connecting to your network will have content blocked without any further intervention.
+Once the installer has been run, you will need to [configure your router to have **DHCP clients use Pi-hole as their DNS server**](https://discourse.pi-hole.net/t/how-do-i-configure-my-devices-to-use-pi-hole-as-their-dns-server/245). This router configuration will ensure that all devices connecting to your network will have content blocked without any further intervention.
 If your router does not support setting the DNS server, you can [use Pi-hole's built-in DHCP server](https://discourse.pi-hole.net/t/how-do-i-use-pi-holes-built-in-dhcp-server-and-why-would-i-want-to/3026); be sure to disable DHCP on your router first (if it has that feature available).
@@ -70,7 +70,7 @@ As a last resort, you can manually set each device to use Pi-hole as their DNS s
 ## Pi-hole is free but powered by your support
-There are many reoccurring costs involved with maintaining free, open source, and privacy-respecting software; expenses which [our volunteer developers](https://github.com/orgs/pi-hole/people) pitch in to cover out-of-pocket. This is just one example of how strongly we feel about our software and the importance of keeping it maintained.
+There are many reoccurring costs involved with maintaining free, open-source, and privacy-respecting software; expenses which [our volunteer developers](https://github.com/orgs/pi-hole/people) pitch in to cover out-of-pocket. This is just one example of how strongly we feel about our software and the importance of keeping it maintained.
 Make no mistake: **your support is absolutely vital to help keep us innovating!**
@@ -87,7 +87,7 @@ If you'd rather not donate (_which is okay!_), there are other ways you can help
 - [Hetzner Cloud](https://hetzner.cloud/?ref=7aceisRX3AzA) _affiliate link_
 - [Digital Ocean](https://www.digitalocean.com/?refcode=344d234950e1) _affiliate link_
 - [Stickermule](https://www.stickermule.com/unlock?ref_id=9127301701&utm_medium=link&utm_source=invite) _earn a $10 credit after your first purchase_
- [Amazon US](http://www.amazon.com/exec/obidos/redirect-home/pihole09-20) _affiliate link_
+- [Amazon US](https://www.amazon.com/exec/obidos/redirect-home/pihole09-20) _affiliate link_
 - Spreading the word about our software and how you have benefited from it
 ### Contributing via GitHub
@@ -132,9 +132,9 @@ Some of the statistics you can integrate include:
 Access the API via [`telnet`](https://github.com/pi-hole/FTL), the Web (`admin/api.php`) and Command Line (`pihole -c -j`). You can find out [more details over here](https://discourse.pi-hole.net/t/pi-hole-api/1863).
-### The Command Line Interface
+### The Command-Line Interface
-The [pihole](https://docs.pi-hole.net/core/pihole-command/) command has all the functionality necessary to fully administer the Pi-hole, without the need of the Web Interface. It's fast, user-friendly, and auditable by anyone with an understanding of `bash`.
+The [pihole](https://docs.pi-hole.net/core/pihole-command/) command has all the functionality necessary to fully administer the Pi-hole, without the need for the Web Interface. It's fast, user-friendly, and auditable by anyone with an understanding of `bash`.
 Some notable features include:
--- a/advanced/01-pihole.conf
+++ b/advanced/01-pihole.conf
@@ -29,13 +29,6 @@ bogus-priv
 no-resolv
 server=@DNS1@
 server=@DNS2@
 interface=@INT@
 cache-size=@CACHE_SIZE@
 log-queries
 log-facility=/var/log/pihole/pihole.log
--- a/advanced/Scripts/chronometer.sh
+++ b/advanced/Scripts/chronometer.sh
@@ -14,7 +14,9 @@ LC_NUMERIC=C
 # Retrieve stats from FTL engine
 pihole-FTL() {
    local ftl_port LINE
-    ftl_port=$(cat /run/pihole-FTL.port 2> /dev/null)
+    # shellcheck disable=SC1091
    . /opt/pihole/utils.sh
    ftl_port=$(getFTLAPIPort)
    if [[ -n "$ftl_port" ]]; then
        # Open connection to FTL
        exec 3<>"/dev/tcp/127.0.0.1/$ftl_port"
@@ -503,11 +505,11 @@ chronoFunc() {
        fi
        printFunc "   Pi-hole: " "$ph_status" "$ph_info"
-        printFunc " Ads Today: " "$ads_percentage_today%" "$ads_info"
+        printFunc "   Blocked: " "$ads_percentage_today%" "$ads_info"
        printFunc "Local Qrys: " "$queries_cached_percentage%" "$dns_info"
-        printFunc "   Blocked: " "$recent_blocked"
+        printFunc "Last Block: " "$recent_blocked"
-        printFunc "Top Advert: " "$top_ad"
+        printFunc " Top Block: " "$top_ad"
        # Provide more stats on screens with more lines
        if [[ "$scr_lines" -eq 17 ]]; then
--- a/advanced/Scripts/piholeCheckout.sh
+++ b/advanced/Scripts/piholeCheckout.sh
@@ -164,6 +164,8 @@ checkout() {
            exit 1
        fi
        checkout_pull_branch "${webInterfaceDir}" "${2}"
        # Update local and remote versions via updatechecker
        /opt/pihole/updatecheck.sh
    elif [[ "${1}" == "ftl" ]] ; then
        local path
        local oldbranch
@@ -178,6 +180,8 @@ checkout() {
            FTLinstall "${binary}"
            restart_service pihole-FTL
            enable_service pihole-FTL
            # Update local and remote versions via updatechecker
            /opt/pihole/updatecheck.sh
        else
            echo "  ${CROSS} Requested branch \"${2}\" is not available"
            ftlbranches=( $(git ls-remote https://github.com/pi-hole/ftl | grep 'heads' | sed 's/refs\/heads\///;s/ //g' | awk '{print $2}') )
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@@ -41,18 +41,15 @@ else
    #OVER="\r\033[K"
 fi
-OBFUSCATED_PLACEHOLDER="<DOMAIN OBFUSCATED>"
+# shellcheck disable=SC1091
 . /etc/pihole/versions
 # FAQ URLs for use in showing the debug log
 FAQ_UPDATE_PI_HOLE="${COL_CYAN}https://discourse.pi-hole.net/t/how-do-i-update-pi-hole/249${COL_NC}"
 FAQ_CHECKOUT_COMMAND="${COL_CYAN}https://discourse.pi-hole.net/t/the-pihole-command-with-examples/738#checkout${COL_NC}"
 FAQ_HARDWARE_REQUIREMENTS="${COL_CYAN}https://docs.pi-hole.net/main/prerequisites/${COL_NC}"
 FAQ_HARDWARE_REQUIREMENTS_PORTS="${COL_CYAN}https://docs.pi-hole.net/main/prerequisites/#ports${COL_NC}"
 FAQ_HARDWARE_REQUIREMENTS_FIREWALLD="${COL_CYAN}https://docs.pi-hole.net/main/prerequisites/#firewalld${COL_NC}"
 FAQ_GATEWAY="${COL_CYAN}https://discourse.pi-hole.net/t/why-is-a-default-gateway-important-for-pi-hole/3546${COL_NC}"
 FAQ_ULA="${COL_CYAN}https://discourse.pi-hole.net/t/use-ipv6-ula-addresses-for-pi-hole/2127${COL_NC}"
 FAQ_FTL_COMPATIBILITY="${COL_CYAN}https://github.com/pi-hole/FTL#compatibility-list${COL_NC}"
 FAQ_BAD_ADDRESS="${COL_CYAN}https://discourse.pi-hole.net/t/why-do-i-see-bad-address-at-in-pihole-log/3972${COL_NC}"
 # Other URLs we may use
 FORUMS_URL="${COL_CYAN}https://discourse.pi-hole.net${COL_NC}"
@@ -71,7 +68,6 @@ WEB_SERVER_LOG_DIRECTORY="/var/log/lighttpd"
 WEB_SERVER_CONFIG_DIRECTORY="/etc/lighttpd"
 HTML_DIRECTORY="/var/www/html"
 WEB_GIT_DIRECTORY="${HTML_DIRECTORY}/admin"
 #BLOCK_PAGE_DIRECTORY="${HTML_DIRECTORY}/pihole"
 SHM_DIRECTORY="/dev/shm"
 ETC="/etc"
@@ -89,6 +85,7 @@ PIHOLE_LOGROTATE_FILE="${PIHOLE_DIRECTORY}/logrotate"
 PIHOLE_SETUP_VARS_FILE="${PIHOLE_DIRECTORY}/setupVars.conf"
 PIHOLE_FTL_CONF_FILE="${PIHOLE_DIRECTORY}/pihole-FTL.conf"
 PIHOLE_CUSTOM_HOSTS_FILE="${PIHOLE_DIRECTORY}/custom.list"
 PIHOLE_VERSIONS_FILE="${PIHOLE_DIRECTORY}/versions"
 # Read the value of an FTL config key. The value is printed to stdout.
 #
@@ -124,7 +121,6 @@ PIHOLE_COMMAND="${BIN_DIRECTORY}/pihole"
 PIHOLE_COLTABLE_FILE="${BIN_DIRECTORY}/COL_TABLE"
 FTL_PID="${RUN_DIRECTORY}/pihole-FTL.pid"
 FTL_PORT="${RUN_DIRECTORY}/pihole-FTL.port"
 PIHOLE_LOG="${LOG_DIRECTORY}/pihole.log"
 PIHOLE_LOG_GZIPS="${LOG_DIRECTORY}/pihole.log.[0-9].*"
@@ -153,7 +149,6 @@ REQUIRED_FILES=("${PIHOLE_CRON_FILE}"
 "${PIHOLE_COMMAND}"
 "${PIHOLE_COLTABLE_FILE}"
 "${FTL_PID}"
 "${FTL_PORT}"
 "${PIHOLE_LOG}"
 "${PIHOLE_LOG_GZIPS}"
 "${PIHOLE_DEBUG_LOG}"
@@ -162,7 +157,8 @@ REQUIRED_FILES=("${PIHOLE_CRON_FILE}"
 "${PIHOLE_WEB_SERVER_ERROR_LOG_FILE}"
 "${RESOLVCONF}"
 "${DNSMASQ_CONF}"
-"${PIHOLE_CUSTOM_HOSTS_FILE}")
+"${PIHOLE_CUSTOM_HOSTS_FILE}"
 "${PIHOLE_VERSIONS_FILE}")
 DISCLAIMER="This process collects information from your Pi-hole, and optionally uploads it to a unique and random directory on tricorder.pi-hole.net.
@@ -240,15 +236,7 @@ compare_local_version_to_git_version() {
    local git_dir="${1}"
    # The named component of the project (Core or Web)
    local pihole_component="${2}"
-    # If we are checking the Core versions,
+
    if [[ "${pihole_component}" == "Core" ]]; then
        # We need to search for "Pi-hole" when using pihole -v
        local search_term="Pi-hole"
    elif [[ "${pihole_component}" == "Web" ]]; then
        # We need to search for "AdminLTE" so store it in a variable as well
        #shellcheck disable=2034
        local search_term="AdminLTE"
    fi
    # Display what we are checking
    echo_current_diagnostic "${pihole_component} version"
    # Store the error message in a variable in case we want to change and/or reuse it
@@ -261,43 +249,35 @@ compare_local_version_to_git_version() {
        log_write "${COL_RED}Could not cd into ${git_dir}$COL_NC"
        if git status &> /dev/null; then
            # The current version the user is on
-            local remote_version
+            local local_version
-            remote_version=$(git describe --tags --abbrev=0);
+            local_version=$(git describe --tags --abbrev=0);
            # What branch they are on
-            local remote_branch
+            local local_branch
-            remote_branch=$(git rev-parse --abbrev-ref HEAD);
+            local_branch=$(git rev-parse --abbrev-ref HEAD);
            # The commit they are on
-            local remote_commit
+            local local_commit
-            remote_commit=$(git describe --long --dirty --tags --always)
+            local_commit=$(git describe --long --dirty --tags --always)
            # Status of the repo
            local local_status
            local_status=$(git status -s)
            # echo this information out to the user in a nice format
-            # If the current version matches what pihole -v produces, the user is up-to-date
+            log_write "${TICK} Version: ${local_version}"
            if [[ "${remote_version}" == "$(pihole -v | awk '/${search_term}/ {print $6}' | cut -d ')' -f1)" ]]; then
                log_write "${TICK} ${pihole_component}: ${COL_GREEN}${remote_version}${COL_NC}"
            # If not,
            else
                # echo the current version in yellow, signifying it's something to take a look at, but not a critical error
                # Also add a URL to an FAQ
                log_write "${INFO} ${pihole_component}: ${COL_YELLOW}${remote_version:-Untagged}${COL_NC} (${FAQ_UPDATE_PI_HOLE})"
            fi
            # Print the repo upstreams
            remotes=$(git remote -v)
            log_write "${INFO} Remotes: ${remotes//$'\n'/'\n             '}"
            # If the repo is on the master branch, they are on the stable codebase
-            if [[ "${remote_branch}" == "master" ]]; then
+            if [[ "${local_branch}" == "master" ]]; then
                # so the color of the text is green
-                log_write "${INFO} Branch: ${COL_GREEN}${remote_branch}${COL_NC}"
+                log_write "${INFO} Branch: ${COL_GREEN}${local_branch}${COL_NC}"
            # If it is any other branch, they are in a development branch
            else
                # So show that in yellow, signifying it's something to take a look at, but not a critical error
-                log_write "${INFO} Branch: ${COL_YELLOW}${remote_branch:-Detached}${COL_NC} (${FAQ_CHECKOUT_COMMAND})"
+                log_write "${INFO} Branch: ${COL_YELLOW}${local_branch:-Detached}${COL_NC}"
            fi
            # echo the current commit
-            log_write "${INFO} Commit: ${remote_commit}"
+            log_write "${INFO} Commit: ${local_commit}"
            # if `local_status` is non-null, then the repo is not clean, display details here
            if [[ ${local_status} ]]; then
              # Replace new lines in the status with 12 spaces to make the output cleaner
@@ -331,22 +311,15 @@ compare_local_version_to_git_version() {
 }
 check_ftl_version() {
    local ftl_name="FTL"
    local FTL_VERSION FTL_COMMIT FTL_BRANCH
-    echo_current_diagnostic "${ftl_name} version"
+    echo_current_diagnostic "FTL version"
    # Use the built in command to check FTL's version
-    FTL_VERSION=$(pihole-FTL -vv | grep -m 1 Version | awk '{printf $2}')
+    FTL_VERSION=$(pihole-FTL version)
-    FTL_BRANCH=$(pihole-FTL -vv | grep -m 1 Branch | awk '{printf $2}')
+    FTL_BRANCH=$(pihole-FTL branch)
-    FTL_COMMIT=$(pihole-FTL -vv | grep -m 1 Commit | awk '{printf $2}')
+    FTL_COMMIT=$(pihole-FTL --hash)
-    # Compare the current FTL version to the remote version
+
-    if [[ "${FTL_VERSION}" == "$(pihole -v | awk '/FTL/ {print $6}' | cut -d ')' -f1)" ]]; then
+    log_write "${TICK} Version: ${FTL_VERSION}"
        # If they are the same, FTL is up-to-date
        log_write "${TICK} ${ftl_name}: ${COL_GREEN}${FTL_VERSION}${COL_NC}"
    else
        # If not, show it in yellow, signifying there is an update
        log_write "${INFO} ${ftl_name}: ${COL_YELLOW}${FTL_VERSION}${COL_NC} (${FAQ_UPDATE_PI_HOLE})"
    fi
    # If they use the master branch, they are on the stable codebase
    if [[ "${FTL_BRANCH}" == "master" ]]; then
@@ -355,7 +328,7 @@ check_ftl_version() {
        # If it is any other branch, they are in a development branch
    else
        # So show that in yellow, signifying it's something to take a look at, but not a critical error
-        log_write "${INFO} Branch: ${COL_YELLOW}${FTL_BRANCH}${COL_NC} (${FAQ_CHECKOUT_COMMAND})"
+        log_write "${INFO} Branch: ${COL_YELLOW}${FTL_BRANCH}${COL_NC}"
    fi
    # echo the current commit
@@ -465,8 +438,8 @@ diagnose_operating_system() {
    # Display the current test that is running
    echo_current_diagnostic "Operating system"
-    # If the PIHOLE_DOCKER_TAG variable is set, include this information in the debug output
+    # If DOCKER_VERSION is set (Sourced from /etc/pihole/versions at start of script), include this information in the debug output
-    [ -n "${PIHOLE_DOCKER_TAG}" ] && log_write "${INFO} Pi-hole Docker Container: ${PIHOLE_DOCKER_TAG}"
+    [ -n "${DOCKER_VERSION}" ] && log_write "${INFO} Pi-hole Docker Container: ${DOCKER_VERSION}"
    # If there is a /etc/*release file, it's probably a supported operating system, so we can
    if ls /etc/*release 1> /dev/null 2>&1; then
@@ -676,15 +649,20 @@ ping_gateway() {
    local protocol="${1}"
    ping_ipv4_or_ipv6 "${protocol}"
    # Check if we are using IPv4 or IPv6
-    # Find the default gateway using IPv4 or IPv6
+    # Find the default gateways using IPv4 or IPv6
    local gateway
    gateway="$(ip -"${protocol}" route | grep default | grep "${PIHOLE_INTERFACE}" | cut -d ' ' -f 3)"
-    # If the gateway variable has a value (meaning a gateway was found),
+    log_write "${INFO} Default IPv${protocol} gateway(s):"
-    if [[ -n "${gateway}" ]]; then
+
-        log_write "${INFO} Default IPv${protocol} gateway: ${gateway}"
+    while IFS= read -r gateway; do
        log_write "     ${gateway}"
    done < <(ip -"${protocol}" route | grep default | grep "${PIHOLE_INTERFACE}" | cut -d ' ' -f 3)
    gateway=$(ip -"${protocol}" route | grep default | grep "${PIHOLE_INTERFACE}" | cut -d ' ' -f 3 | head -n 1)
    # If there was at least one gateway
    if [ -n "${gateway}" ]; then
        # Let the user know we will ping the gateway for a response
-        log_write "   * Pinging ${gateway}..."
+        log_write "   * Pinging first gateway ${gateway}..."
        # Try to quietly ping the gateway 3 times, with a timeout of 3 seconds, using numeric output only,
        # on the pihole interface, and tail the last three lines of the output
        # If pinging the gateway is not successful,
@@ -802,7 +780,7 @@ check_networking() {
    ping_gateway "6"
    # Skip the following check if installed in docker container. Unpriv'ed containers do not have access to the information required
    # to resolve the service name listening - and the container should not start if there was a port conflict anyway
-    [ -z "${PIHOLE_DOCKER_TAG}" ] && check_required_ports
+    [ -z "${DOCKER_VERSION}" ] && check_required_ports
 }
 check_x_headers() {
@@ -812,7 +790,7 @@ check_x_headers() {
    # Similarly, it will show "X-Pi-hole: The Pi-hole Web interface is working!" if you view the header returned
    # when accessing the dashboard (i.e curl -I pi.hole/admin/)
    # server is operating correctly
-    echo_current_diagnostic "Dashboard and block page"
+    echo_current_diagnostic "Dashboard headers"
    # Use curl -I to get the header and parse out just the X-Pi-hole one
    local full_curl_output_dashboard
    local dashboard
@@ -822,7 +800,7 @@ check_x_headers() {
    local dashboard_working
    dashboard_working="X-Pi-hole: The Pi-hole Web interface is working!"
-    # Same logic applies to the dashboard as above, if the X-Header matches what a working system should have,
+    # If the X-Header matches what a working system should have,
    if [[ $dashboard == "$dashboard_working" ]]; then
        # then we can show a success
        log_write "$TICK Web interface X-Header: ${COL_GREEN}${dashboard}${COL_NC}"
@@ -947,10 +925,21 @@ process_status(){
        else
            # Otherwise, use the service command and mock the output of `systemctl is-active`
            local status_of_process
-            if service "${i}" status | grep -E 'is\srunning' &> /dev/null; then
+
-                status_of_process="active"
+            # If DOCKER_VERSION is set, the output is slightly different (s6 init system on Docker)
            if [ -n "${DOCKER_VERSION}" ]; then
                if service "${i}" status | grep -E '^up' &> /dev/null; then
                    status_of_process="active"
                else
                    status_of_process="inactive"
                fi
            else
-                status_of_process="inactive"
+            # non-Docker system
                if service "${i}" status | grep -E 'is\srunning' &> /dev/null; then
                    status_of_process="active"
                else
                    status_of_process="inactive"
                fi
            fi
        fi
        # and print it out to the user
@@ -1274,7 +1263,7 @@ analyze_gravity_list() {
    # if users want to check database integrity
    if [[ "${CHECK_DATABASE}" = true ]]; then
-        database_integrity_check "${PIHOLE_FTL_DB_FILE}"
+        database_integrity_check "${PIHOLE_GRAVITY_DB_FILE}"
    fi
    show_db_entries "Info table" "SELECT property,value FROM info" "20 40"
@@ -1337,16 +1326,6 @@ database_integrity_check(){
 }
 check_database_integrity() {
    echo_current_diagnostic "Gravity Database"
    database_permissions "${PIHOLE_GRAVITY_DB_FILE}"
    database_integrity_check "${PIHOLE_GRAVITY_DB_FILE}"
    echo_current_diagnostic "Pi-hole FTL Query Database"
    database_permissions "${PIHOLE_FTL_DB_FILE}"
    database_integrity_check "${PIHOLE_FTL_DB_FILE}"
 }
 # Show a text spinner during a long process run
 spinner(){
    # Show the spinner only if there is a tty
@@ -1386,49 +1365,8 @@ spinner(){
    fi
 }
 obfuscated_pihole_log() {
  local pihole_log=("$@")
  local line
  local error_to_check_for
  local line_to_obfuscate
  local obfuscated_line
  for line in "${pihole_log[@]}"; do
      # A common error in the pihole.log is when there is a non-hosts formatted file
      # that the DNS server is attempting to read.  Since it's not formatted
      # correctly, there will be an entry for "bad address at line n"
      # So we can check for that here and highlight it in red so the user can see it easily
      error_to_check_for=$(echo "${line}" | grep 'bad address at')
      # Some users may not want to have the domains they visit sent to us
      # To that end, we check for lines in the log that would contain a domain name
      line_to_obfuscate=$(echo "${line}" | grep ': query\|: forwarded\|: reply')
      # If the variable contains a value, it found an error in the log
      if [[ -n ${error_to_check_for} ]]; then
          # So we can print it in red to make it visible to the user
          log_write "   ${CROSS} ${COL_RED}${line}${COL_NC} (${FAQ_BAD_ADDRESS})"
      else
          # If the variable does not a value (the current default behavior), so do not obfuscate anything
          if [[ -z ${OBFUSCATE} ]]; then
              log_write "   ${line}"
          # Otherwise, a flag was passed to this command to obfuscate domains in the log
          else
              # So first check if there are domains in the log that should be obfuscated
              if [[ -n ${line_to_obfuscate} ]]; then
                  # If there are, we need to use awk to replace only the domain name (the 6th field in the log)
                  # so we substitute the domain for the placeholder value
                  obfuscated_line=$(echo "${line_to_obfuscate}" | awk -v placeholder="${OBFUSCATED_PLACEHOLDER}" '{sub($6,placeholder); print $0}')
                  log_write "   ${obfuscated_line}"
              else
                  log_write "   ${line}"
              fi
          fi
      fi
  done
 }
 analyze_pihole_log() {
  echo_current_diagnostic "Pi-hole log"
  local pihole_log_head=()
  local pihole_log_tail=()
  local pihole_log_permissions
  local logging_enabled
@@ -1438,22 +1376,10 @@ analyze_pihole_log() {
      log_write "${INFO} Query logging is disabled"
      log_write ""
  fi
-  # Put the current Internal Field Separator into another variable so it can be restored later
+
  OLD_IFS="$IFS"
  # Get the lines that are in the file(s) and store them in an array for parsing later
  IFS=$'\r\n'
  pihole_log_permissions=$(ls -lhd "${PIHOLE_LOG}")
  log_write "${COL_GREEN}${pihole_log_permissions}${COL_NC}"
-  mapfile -t pihole_log_head < <(head -n 20 ${PIHOLE_LOG})
+  head_tail_log "${PIHOLE_LOG}" 20
  log_write "   ${COL_CYAN}-----head of $(basename ${PIHOLE_LOG})------${COL_NC}"
  obfuscated_pihole_log "${pihole_log_head[@]}"
  log_write ""
  mapfile -t pihole_log_tail < <(tail -n 20 ${PIHOLE_LOG})
  log_write "   ${COL_CYAN}-----tail of $(basename ${PIHOLE_LOG})------${COL_NC}"
  obfuscated_pihole_log "${pihole_log_tail[@]}"
  log_write ""
  # Set the IFS back to what it was
  IFS="$OLD_IFS"
 }
 curl_to_tricorder() {
--- a/advanced/Scripts/update.sh
+++ b/advanced/Scripts/update.sh
@@ -216,9 +216,8 @@ main() {
    fi
    if [[ "${FTL_update}" == true || "${core_update}" == true || "${web_update}" == true ]]; then
-        # Force an update of the updatechecker
+        # Update local and remote versions via updatechecker
        /opt/pihole/updatecheck.sh
        /opt/pihole/updatecheck.sh x remote
        echo -e "  ${INFO} Local version file information updated."
    fi
--- a/advanced/Scripts/updatecheck.sh
+++ b/advanced/Scripts/updatecheck.sh
@@ -15,16 +15,30 @@ function get_local_branch() {
 }
 function get_local_version() {
-    # Return active branch
+    # Return active version
    cd "${1}" 2> /dev/null || return 1
-    git describe --long --dirty --tags 2> /dev/null || return 1
+    git describe --tags --always 2> /dev/null || return 1
 }
 function get_local_hash() {
    cd "${1}" 2> /dev/null || return 1
    git rev-parse --short=8 HEAD || return 1
 }
 function get_remote_version() {
    curl -s "https://api.github.com/repos/pi-hole/${1}/releases/latest" 2> /dev/null | jq --raw-output .tag_name || return 1
 }
 function get_remote_hash(){
    git ls-remote "https://github.com/pi-hole/${1}" --tags "${2}" | awk '{print substr($0, 0,8);}' || return 1
 }
 # Source the setupvars config file
 # shellcheck disable=SC1091
 . /etc/pihole/setupVars.conf
-# Source the utils file
+# Source the utils file for addOrEditKeyValPair()
 # shellcheck disable=SC1091
 . /opt/pihole/utils.sh
@@ -38,50 +52,82 @@ VERSION_FILE="/etc/pihole/versions"
 touch "${VERSION_FILE}"
 chmod 644 "${VERSION_FILE}"
-if [[ "$2" == "remote" ]]; then
+# if /pihole.docker.tag file exists, we will use it's value later in this script
 DOCKER_TAG=$(cat /pihole.docker.tag 2>/dev/null)
 regex='^([0-9]+\.){1,2}(\*|[0-9]+)(-.*)?$|(^nightly$)|(^dev.*$)'
 if [[ ! "${DOCKER_TAG}" =~ $regex ]]; then
  # DOCKER_TAG does not match the pattern (see https://regex101.com/r/RsENuz/1), so unset it.
  unset DOCKER_TAG
 fi
-    if [[ "$3" == "reboot" ]]; then
+# used in cronjob
 if [[ "$1" == "reboot" ]]; then
        sleep 30
-    fi
+fi
    GITHUB_CORE_VERSION="$(curl -s 'https://api.github.com/repos/pi-hole/pi-hole/releases/latest' 2> /dev/null | jq --raw-output .tag_name)"
    addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_CORE_VERSION" "${GITHUB_CORE_VERSION}"
-    if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then
+# get Core versions
        GITHUB_WEB_VERSION="$(curl -s 'https://api.github.com/repos/pi-hole/AdminLTE/releases/latest' 2> /dev/null | jq --raw-output .tag_name)"
        addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_WEB_VERSION" "${GITHUB_WEB_VERSION}"
    fi
-    GITHUB_FTL_VERSION="$(curl -s 'https://api.github.com/repos/pi-hole/FTL/releases/latest' 2> /dev/null | jq --raw-output .tag_name)"
+CORE_VERSION="$(get_local_version /etc/.pihole)"
-    addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_FTL_VERSION" "${GITHUB_FTL_VERSION}"
+addOrEditKeyValPair "${VERSION_FILE}" "CORE_VERSION" "${CORE_VERSION}"
-    if [[ "${PIHOLE_DOCKER_TAG}" ]]; then
+CORE_BRANCH="$(get_local_branch /etc/.pihole)"
-        GITHUB_DOCKER_VERSION="$(curl -s 'https://api.github.com/repos/pi-hole/docker-pi-hole/releases/latest' 2> /dev/null | jq --raw-output .tag_name)"
+addOrEditKeyValPair "${VERSION_FILE}" "CORE_BRANCH" "${CORE_BRANCH}"
        addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_DOCKER_VERSION" "${GITHUB_DOCKER_VERSION}"
    fi
-else
+CORE_HASH="$(get_local_hash /etc/.pihole)"
 addOrEditKeyValPair "${VERSION_FILE}" "CORE_HASH" "${CORE_HASH}"
-    CORE_BRANCH="$(get_local_branch /etc/.pihole)"
+GITHUB_CORE_VERSION="$(get_remote_version pi-hole)"
-    addOrEditKeyValPair "${VERSION_FILE}" "CORE_BRANCH" "${CORE_BRANCH}"
+addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_CORE_VERSION" "${GITHUB_CORE_VERSION}"
-    if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then
+GITHUB_CORE_HASH="$(get_remote_hash pi-hole "${CORE_BRANCH}")"
-        WEB_BRANCH="$(get_local_branch /var/www/html/admin)"
+addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_CORE_HASH" "${GITHUB_CORE_HASH}"
        addOrEditKeyValPair "${VERSION_FILE}" "WEB_BRANCH" "${WEB_BRANCH}"
    fi
    FTL_BRANCH="$(pihole-FTL branch)"
    addOrEditKeyValPair "${VERSION_FILE}" "FTL_BRANCH" "${FTL_BRANCH}"
-    CORE_VERSION="$(get_local_version /etc/.pihole)"
+# get Web versions
    addOrEditKeyValPair "${VERSION_FILE}" "CORE_VERSION" "${CORE_VERSION}"
-    if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then
+if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then
        WEB_VERSION="$(get_local_version /var/www/html/admin)"
        addOrEditKeyValPair "${VERSION_FILE}" "WEB_VERSION" "${WEB_VERSION}"
    fi
-    FTL_VERSION="$(pihole-FTL version)"
+    WEB_VERSION="$(get_local_version /var/www/html/admin)"
-    addOrEditKeyValPair "${VERSION_FILE}" "FTL_VERSION" "${FTL_VERSION}"
+    addOrEditKeyValPair "${VERSION_FILE}" "WEB_VERSION" "${WEB_VERSION}"
    WEB_BRANCH="$(get_local_branch /var/www/html/admin)"
    addOrEditKeyValPair "${VERSION_FILE}" "WEB_BRANCH" "${WEB_BRANCH}"
    WEB_HASH="$(get_local_hash /var/www/html/admin)"
    addOrEditKeyValPair "${VERSION_FILE}" "WEB_HASH" "${WEB_HASH}"
    GITHUB_WEB_VERSION="$(get_remote_version AdminLTE)"
    addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_WEB_VERSION" "${GITHUB_WEB_VERSION}"
    GITHUB_WEB_HASH="$(get_remote_hash AdminLTE "${WEB_BRANCH}")"
    addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_WEB_HASH" "${GITHUB_WEB_HASH}"
 fi
 # get FTL versions
 FTL_VERSION="$(pihole-FTL version)"
 addOrEditKeyValPair "${VERSION_FILE}" "FTL_VERSION" "${FTL_VERSION}"
 FTL_BRANCH="$(pihole-FTL branch)"
 addOrEditKeyValPair "${VERSION_FILE}" "FTL_BRANCH" "${FTL_BRANCH}"
 FTL_HASH="$(pihole-FTL --hash)"
 addOrEditKeyValPair "${VERSION_FILE}" "FTL_HASH" "${FTL_HASH}"
 GITHUB_FTL_VERSION="$(get_remote_version FTL)"
 addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_FTL_VERSION" "${GITHUB_FTL_VERSION}"
 GITHUB_FTL_HASH="$(get_remote_hash FTL "${FTL_BRANCH}")"
 addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_FTL_HASH" "${GITHUB_FTL_HASH}"
 # get Docker versions
 if [[ "${DOCKER_TAG}" ]]; then
    addOrEditKeyValPair "${VERSION_FILE}" "DOCKER_VERSION" "${DOCKER_TAG}"
    GITHUB_DOCKER_VERSION="$(get_remote_version docker-pi-hole)"
    addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_DOCKER_VERSION" "${GITHUB_DOCKER_VERSION}"
 fi
--- a/advanced/Scripts/utils.sh
+++ b/advanced/Scripts/utils.sh
@@ -31,9 +31,12 @@ addOrEditKeyValPair() {
  local key="${2}"
  local value="${3}"
  # touch file to prevent grep error if file does not exist yet
  touch "${file}"
  if grep -q "^${key}=" "${file}"; then
-      # Key already exists in file, modify the value
+    # Key already exists in file, modify the value
-      sed -i "/^${key}=/c\\${key}=${value}" "${file}"
+    sed -i "/^${key}=/c\\${key}=${value}" "${file}"
  else
    # Key does not already exist, add it and it's value
    echo "${key}=${value}" >> "${file}"
@@ -51,9 +54,12 @@ addKey(){
  local file="${1}"
  local key="${2}"
  # touch file to prevent grep error if file does not exist yet
  touch "${file}"
  if ! grep -q "^${key}" "${file}"; then
-      # Key does not exist, add it.
+    # Key does not exist, add it.
-      echo "${key}" >> "${file}"
+    echo "${key}" >> "${file}"
  fi
 }
@@ -70,47 +76,27 @@ removeKey() {
  sed -i "/^${key}/d" "${file}"
 }
 #######################
 # returns path of FTL's port file
 #######################
 getFTLAPIPortFile() {
    local FTLCONFFILE="/etc/pihole/pihole-FTL.conf"
    local DEFAULT_PORT_FILE="/run/pihole-FTL.port"
    local FTL_APIPORT_FILE
    if [ -s "${FTLCONFFILE}" ]; then
        # if PORTFILE is not set in pihole-FTL.conf, use the default path
        FTL_APIPORT_FILE="$({ grep '^PORTFILE=' "${FTLCONFFILE}" || echo "${DEFAULT_PORT_FILE}"; } | cut -d'=' -f2-)"
    else
        # if there is no pihole-FTL.conf, use the default path
        FTL_APIPORT_FILE="${DEFAULT_PORT_FILE}"
    fi
      echo "${FTL_APIPORT_FILE}"
 }
 #######################
-# returns FTL's current telnet API port based on the content of the pihole-FTL.port file
+# returns FTL's current telnet API port based on the setting in /etc/pihole-FTL.conf
-#
+########################
 # Takes one argument: path to pihole-FTL.port
 # Example getFTLAPIPort "/run/pihole-FTL.port"
 #######################
 getFTLAPIPort(){
-    local PORTFILE="${1}"
+    local FTLCONFFILE="/etc/pihole/pihole-FTL.conf"
    local DEFAULT_FTL_PORT=4711
    local ftl_api_port
-    if [ -s "$PORTFILE" ]; then
+    if [ -s "$FTLCONFFILE" ]; then
-        # -s: FILE exists and has a size greater than zero
+        # if FTLPORT is not set in pihole-FTL.conf, use the default port
-        ftl_api_port=$(cat "${PORTFILE}")
+        ftl_api_port="$({ grep '^FTLPORT=' "${FTLCONFFILE}" || echo "${DEFAULT_FTL_PORT}"; } | cut -d'=' -f2-)"
-        # Exploit prevention: unset the variable if there is malicious content
+        # Exploit prevention: set the port to the default port if there is malicious (non-numeric)
-        # Verify that the value read from the file is numeric
+        # content set in pihole-FTL.conf
-        expr "$ftl_api_port" : "[^[:digit:]]" > /dev/null && unset ftl_api_port
+        expr "${ftl_api_port}" : "[^[:digit:]]" > /dev/null && ftl_api_port="${DEFAULT_FTL_PORT}"
    else
        # if there is no pihole-FTL.conf, use the default port
        ftl_api_port="${DEFAULT_FTL_PORT}"
    fi
-    # echo the port found in the portfile or default to the default port
+    echo "${ftl_api_port}"
    echo "${ftl_api_port:=$DEFAULT_FTL_PORT}"
 }
 #######################
--- a/advanced/Scripts/version.sh
+++ b/advanced/Scripts/version.sh
@@ -1,4 +1,4 @@
-#!/usr/bin/env bash
+#!/usr/bin/env sh
 # Pi-hole: A black hole for Internet advertisements
 # (c) 2017 Pi-hole, LLC (https://pi-hole.net)
 # Network-wide ad blocking via your own hardware.
@@ -8,179 +8,104 @@
 # This file is copyright under the latest version of the EUPL.
 # Please see LICENSE file for your rights under this license.
 # Variables
 DEFAULT="-1"
 COREGITDIR="/etc/.pihole/"
 WEBGITDIR="/var/www/html/admin/"
 # Source the setupvars config file
 # shellcheck disable=SC1091
-source /etc/pihole/setupVars.conf
+. /etc/pihole/setupVars.conf
 # Source the versions file poupulated by updatechecker.sh
 cachedVersions="/etc/pihole/versions"
 if [ -f ${cachedVersions} ]; then
    # shellcheck disable=SC1090
    . "$cachedVersions"
 else
    echo "Could not find /etc/pihole/versions. Running update now."
    pihole updatechecker
    # shellcheck disable=SC1090
    . "$cachedVersions"
 fi
 getLocalVersion() {
-    # FTL requires a different method
+    case ${1} in
-    if [[ "$1" == "FTL" ]]; then
+        "Pi-hole"   )  echo "${CORE_VERSION:=N/A}";;
-        pihole-FTL version
+        "AdminLTE"  )  [ "${INSTALL_WEB_INTERFACE}" = true ] && echo "${WEB_VERSION:=N/A}";;
-        return 0
+        "FTL"       )  echo "${FTL_VERSION:=N/A}";;
-    fi
+    esac
    # Get the tagged version of the local repository
    local directory="${1}"
    local version
    cd "${directory}" 2> /dev/null || { echo "${DEFAULT}"; return 1; }
    version=$(git describe --tags --always || echo "$DEFAULT")
    if [[ "${version}" =~ ^v ]]; then
        echo "${version}"
    elif [[ "${version}" == "${DEFAULT}" ]]; then
        echo "ERROR"
        return 1
    else
        echo "Untagged"
    fi
    return 0
 }
 getLocalHash() {
-    # Local FTL hash does not exist on filesystem
+    case ${1} in
-    if [[ "$1" == "FTL" ]]; then
+        "Pi-hole"   )  echo "${CORE_HASH:=N/A}";;
-        echo "N/A"
+        "AdminLTE"  )  [ "${INSTALL_WEB_INTERFACE}" = true ] && echo "${WEB_HASH:=N/A}";;
-        return 0
+        "FTL"       )  echo "${FTL_HASH:=N/A}";;
-    fi
+    esac
    # Get the short hash of the local repository
    local directory="${1}"
    local hash
    cd "${directory}" 2> /dev/null || { echo "${DEFAULT}"; return 1; }
    hash=$(git rev-parse --short HEAD || echo "$DEFAULT")
    if [[ "${hash}" == "${DEFAULT}" ]]; then
        echo "ERROR"
        return 1
    else
        echo "${hash}"
    fi
    return 0
 }
 getRemoteHash(){
-    # Remote FTL hash is not applicable
+    case ${1} in
-    if [[ "$1" == "FTL" ]]; then
+        "Pi-hole"   )  echo "${GITHUB_CORE_HASH:=N/A}";;
-        echo "N/A"
+        "AdminLTE"  )  [ "${INSTALL_WEB_INTERFACE}" = true ] && echo "${GITHUB_WEB_HASH:=N/A}";;
-        return 0
+        "FTL"       )  echo "${GITHUB_FTL_HASH:=N/A}";;
-    fi
+    esac
    local daemon="${1}"
    local branch="${2}"
    hash=$(git ls-remote --heads "https://github.com/pi-hole/${daemon}" | \
        awk -v bra="$branch" '$0~bra {print substr($0,0,8);exit}')
    if [[ -n "$hash" ]]; then
        echo "$hash"
    else
        echo "ERROR"
        return 1
    fi
    return 0
 }
 getRemoteVersion(){
-    # Get the version from the remote origin
+    case ${1} in
-    local daemon="${1}"
+        "Pi-hole"   )  echo "${GITHUB_CORE_VERSION:=N/A}";;
-    local version
+        "AdminLTE"  )  [ "${INSTALL_WEB_INTERFACE}" = true ] && echo "${GITHUB_WEB_VERSION:=N/A}";;
-    local cachedVersions
+        "FTL"       )  echo "${GITHUB_FTL_VERSION:=N/A}";;
-    cachedVersions="/etc/pihole/versions"
+    esac
    #If the above file exists, then we can read from that. Prevents overuse of GitHub API
    if [[ -f "$cachedVersions" ]]; then
        # shellcheck disable=SC1090
        . "$cachedVersions"
        case $daemon in
            "pi-hole"   )  echo "${GITHUB_CORE_VERSION}";;
            "AdminLTE"  )  [[ "${INSTALL_WEB_INTERFACE}" == true ]] && echo "${GITHUB_WEB_VERSION}";;
            "FTL"       )  echo "${GITHUB_FTL_VERSION}";;
        esac
        return 0
    fi
    version=$(curl --silent --fail "https://api.github.com/repos/pi-hole/${daemon}/releases/latest" | \
        awk -F: '$1 ~/tag_name/ { print $2 }' | \
        tr -cd '[[:alnum:]]._-')
    if [[ "${version}" =~ ^v ]]; then
        echo "${version}"
    else
        echo "ERROR"
        return 1
    fi
    return 0
 }
 getLocalBranch(){
-    # Get the checked out branch of the local directory
+    case ${1} in
-    local directory="${1}"
+        "Pi-hole"   )  echo "${CORE_BRANCH:=N/A}";;
-    local branch
+        "AdminLTE"  )  [ "${INSTALL_WEB_INTERFACE}" = true ] && echo "${WEB_BRANCH:=N/A}";;
-
+        "FTL"       )  echo "${FTL_BRANCH:=N/A}";;
-    # Local FTL btranch is stored in /etc/pihole/ftlbranch
+    esac
    if [[ "$1" == "FTL" ]]; then
        branch="$(pihole-FTL branch)"
    else
        cd "${directory}" 2> /dev/null || { echo "${DEFAULT}"; return 1; }
        branch=$(git rev-parse --abbrev-ref HEAD || echo "$DEFAULT")
    fi
    if [[ ! "${branch}" =~ ^v ]]; then
        if [[ "${branch}" == "master" ]]; then
            echo ""
        elif [[ "${branch}" == "HEAD" ]]; then
            echo "in detached HEAD state at "
        else
            echo "${branch} "
        fi
    else
        # Branch started in "v"
        echo "release "
    fi
    return 0
 }
 versionOutput() {
-    if [[ "$1" == "AdminLTE" && "${INSTALL_WEB_INTERFACE}" != true ]]; then
+    if [ "$1" = "AdminLTE" ] && [ "${INSTALL_WEB_INTERFACE}" != true ]; then
        echo "  WebAdmin not installed"
        return 1
    fi
-    [[ "$1" == "pi-hole" ]] && GITDIR=$COREGITDIR
+    [ "$2" = "-c" ] || [ "$2" = "--current" ] || [ -z "$2" ] && current=$(getLocalVersion "${1}") && branch=$(getLocalBranch "${1}")
-    [[ "$1" == "AdminLTE" ]] && GITDIR=$WEBGITDIR
+    [ "$2" = "-l" ] || [ "$2" = "--latest" ] || [ -z "$2" ] && latest=$(getRemoteVersion "${1}")
-    [[ "$1" == "FTL" ]] && GITDIR="FTL"
+    if [ "$2" = "--hash" ]; then
-
+        [ "$3" = "-c" ] || [ "$3" = "--current" ] || [ -z "$3" ] && curHash=$(getLocalHash "${1}") && branch=$(getLocalBranch "${1}")
-    [[ "$2" == "-c" ]] || [[ "$2" == "--current" ]] || [[ -z "$2" ]] && current=$(getLocalVersion $GITDIR) && branch=$(getLocalBranch $GITDIR)
+        [ "$3" = "-l" ] || [ "$3" = "--latest" ] || [ -z "$3" ] && latHash=$(getRemoteHash "${1}") && branch=$(getLocalBranch "${1}")
    [[ "$2" == "-l" ]] || [[ "$2" == "--latest" ]] || [[ -z "$2" ]] && latest=$(getRemoteVersion "$1")
    if [[ "$2" == "-h" ]] || [[ "$2" == "--hash" ]]; then
        [[ "$3" == "-c" ]] || [[ "$3" == "--current" ]] || [[ -z "$3" ]] && curHash=$(getLocalHash "$GITDIR") && branch=$(getLocalBranch $GITDIR)
        [[ "$3" == "-l" ]] || [[ "$3" == "--latest" ]] || [[ -z "$3" ]] && latHash=$(getRemoteHash "$1" "$(cd "$GITDIR" 2> /dev/null && git rev-parse --abbrev-ref HEAD)")
    fi
-    if [[ -n "$current" ]] && [[ -n "$latest" ]]; then
+
-        output="${1^} version is $branch$current (Latest: $latest)"
+    # We do not want to show the branch name when we are on master,
-    elif [[ -n "$current" ]] && [[ -z "$latest" ]]; then
+    # blank out the variable in this case
-        output="Current ${1^} version is $branch$current"
+    if [ "$branch" = "master" ]; then
-    elif [[ -z "$current" ]] && [[ -n "$latest" ]]; then
+        branch=""
-        output="Latest ${1^} version is $latest"
+    else
-    elif [[ "$curHash" == "N/A" ]] || [[ "$latHash" == "N/A" ]]; then
+        branch="$branch "
-        output="${1^} hash is not applicable"
+    fi
-    elif [[ -n "$curHash" ]] && [[ -n "$latHash" ]]; then
+
-        output="${1^} hash is $curHash (Latest: $latHash)"
+    if [ -n "$current" ] && [ -n "$latest" ]; then
-    elif [[ -n "$curHash" ]] && [[ -z "$latHash" ]]; then
+        output="${1} version is $branch$current (Latest: $latest)"
-        output="Current ${1^} hash is $curHash"
+    elif [ -n "$current" ] && [ -z "$latest" ]; then
-    elif [[ -z "$curHash" ]] && [[ -n "$latHash" ]]; then
+        output="Current ${1} version is $branch$current"
-        output="Latest ${1^} hash is $latHash"
+    elif [ -z "$current" ] && [ -n "$latest" ]; then
        output="Latest ${1} version is $latest"
    elif [ -n "$curHash" ] && [ -n "$latHash" ]; then
        output="Local ${1} hash is $curHash (Remote: $latHash)"
    elif [ -n "$curHash" ] && [ -z "$latHash" ]; then
        output="Current local ${1} hash is $curHash"
    elif [ -z "$curHash" ] && [ -n "$latHash" ]; then
        output="Latest remote ${1} hash is $latHash"
    elif [ -z "$curHash" ] && [ -z "$latHash" ]; then
        output="Hashes for ${1} not available"
    else
        errorOutput
        return 1
    fi
-    [[ -n "$output" ]] && echo "  $output"
+    [ -n "$output" ] && echo "  $output"
 }
 errorOutput() {
@@ -189,9 +114,9 @@ errorOutput() {
 }
 defaultOutput() {
-    versionOutput "pi-hole" "$@"
+    versionOutput "Pi-hole" "$@"
-    if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then
+    if [ "${INSTALL_WEB_INTERFACE}" = true ]; then
        versionOutput "AdminLTE" "$@"
    fi
@@ -217,7 +142,7 @@ Options:
 }
 case "${1}" in
-    "-p" | "--pihole"    ) shift; versionOutput "pi-hole" "$@";;
+    "-p" | "--pihole"    ) shift; versionOutput "Pi-hole" "$@";;
    "-a" | "--admin"     ) shift; versionOutput "AdminLTE" "$@";;
    "-f" | "--ftl"       ) shift; versionOutput "FTL" "$@";;
    "-h" | "--help"      ) helpFunc;;
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -393,13 +393,8 @@ ProcessDHCPSettings() {
        if [[ "${DHCP_LEASETIME}" == "0" ]]; then
            leasetime="infinite"
        elif [[ "${DHCP_LEASETIME}" == "" ]]; then
-            leasetime="24"
+            leasetime="24h"
-            addOrEditKeyValPair "${setupVars}" "DHCP_LEASETIME" "${leasetime}"
+            addOrEditKeyValPair "${setupVars}" "DHCP_LEASETIME" "24"
        elif [[ "${DHCP_LEASETIME}" == "24h" ]]; then
            #Installation is affected by known bug, introduced in a previous version.
            #This will automatically clean up setupVars.conf and remove the unnecessary "h"
            leasetime="24"
            addOrEditKeyValPair "${setupVars}" "DHCP_LEASETIME" "${leasetime}"
        else
            leasetime="${DHCP_LEASETIME}h"
        fi
@@ -632,6 +627,14 @@ checkDomain()
    echo "${validDomain}"
 }
 escapeDots()
 {
    # SC suggest bashism ${variable//search/replace}
    # shellcheck disable=SC2001
    escaped=$(echo "$1" | sed 's/\./\\./g')
    echo "${escaped}"
 }
 addAudit()
 {
    shift # skip "-a"
@@ -707,6 +710,7 @@ RemoveCustomDNSAddress() {
    validHost="$(checkDomain "${host}")"
    if [[ -n "${validHost}" ]]; then
        if valid_ip "${ip}" || valid_ip6 "${ip}" ; then
            validHost=$(escapeDots "${validHost}")
            sed -i "/^${ip} ${validHost}$/Id" "${dnscustomfile}"
        else
            echo -e "  ${CROSS} Invalid IP has been passed"
@@ -734,7 +738,12 @@ AddCustomCNAMERecord() {
    if [[ -n "${validDomain}" ]]; then
        validTarget="$(checkDomain "${target}")"
        if [[ -n "${validTarget}" ]]; then
-            echo "cname=${validDomain},${validTarget}" >> "${dnscustomcnamefile}"
+            if [ "${validDomain}" = "${validTarget}" ]; then
                echo "  ${CROSS} Domain and target are the same. This would cause a DNS loop."
                exit 1
            else
                echo "cname=${validDomain},${validTarget}" >> "${dnscustomcnamefile}"
            fi
        else
            echo "  ${CROSS} Invalid Target Passed!"
            exit 1
@@ -760,7 +769,9 @@ RemoveCustomCNAMERecord() {
    if [[ -n "${validDomain}" ]]; then
        validTarget="$(checkDomain "${target}")"
        if [[ -n "${validTarget}" ]]; then
-            sed -i "/cname=${validDomain},${validTarget}$/Id" "${dnscustomcnamefile}"
+            validDomain=$(escapeDots "${validDomain}")
            validTarget=$(escapeDots "${validTarget}")
            sed -i "/^cname=${validDomain},${validTarget}$/Id" "${dnscustomcnamefile}"
        else
            echo "  ${CROSS} Invalid Target Passed!"
            exit 1
--- a/advanced/Templates/pihole-FTL.service
+++ b/advanced/Templates/pihole-FTL.service
@@ -9,7 +9,7 @@
 # Description:       Enable service provided by pihole-FTL daemon
 ### END INIT INFO
-#source utils.sh for getFTLPIDFile(), getFTLPID (), getFTLAPIPortFile()
+#source utils.sh for getFTLPIDFile(), getFTLPID ()
 PI_HOLE_SCRIPT_DIR="/opt/pihole"
 utilsfile="${PI_HOLE_SCRIPT_DIR}/utils.sh"
 . "${utilsfile}"
@@ -31,7 +31,6 @@ start() {
    # Touch files to ensure they exist (create if non-existing, preserve if existing)
    mkdir -pm 0755 /run/pihole /var/log/pihole
    [ ! -f "${FTL_PID_FILE}" ] && install -D -m 644 -o pihole -g pihole /dev/null "${FTL_PID_FILE}"
    [ ! -f "${FTL_PORT_FILE}" ] && install -D -m 644 -o pihole -g pihole /dev/null "${FTL_PORT_FILE}"
    [ ! -f /var/log/pihole/FTL.log ] && install -m 644 -o pihole -g pihole /dev/null /var/log/pihole/FTL.log
    [ ! -f /var/log/pihole/pihole.log ] && install -m 640 -o pihole -g pihole /dev/null /var/log/pihole/pihole.log
    [ ! -f /etc/pihole/dhcp.leases ] && install -m 644 -o pihole -g pihole /dev/null /etc/pihole/dhcp.leases
@@ -91,7 +90,7 @@ stop() {
    echo "Not running"
  fi
  # Cleanup
-  rm -f /run/pihole/FTL.sock /dev/shm/FTL-* "${FTL_PID_FILE}" "${FTL_PORT_FILE}"
+  rm -f /run/pihole/FTL.sock /dev/shm/FTL-* "${FTL_PID_FILE}"
  echo
 }
@@ -111,7 +110,6 @@ status() {
 # Get file paths
 FTL_PID_FILE="$(getFTLPIDFile)"
 FTL_PORT_FILE="$(getFTLAPIPortFile)"
 # Get FTL's current PID
 FTL_PID="$(getFTLPID ${FTL_PID_FILE})"
--- a/advanced/Templates/pihole.cron
+++ b/advanced/Templates/pihole.cron
@@ -28,9 +28,6 @@
@reboot root /usr/sbin/logrotate --state /var/lib/logrotate/pihole /etc/pihole/logrotate
-# Pi-hole: Grab local version and branch every 10 minutes
+# Pi-hole: Grab remote and local version every 24 hours
-*/10 *  * * *   root    PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updatechecker local
+59 17  * * *   root    PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updatechecker
-
+@reboot root    PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updatechecker reboot
 # Pi-hole: Grab remote version every 24 hours
 59 17  * * *   root    PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updatechecker remote
@reboot root    PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updatechecker remote reboot
--- a/advanced/index.php
+++ b/advanced/index.php
@@ -29,7 +29,8 @@ if (!empty($_SERVER["FQDN"])) {
 if ($serverName === "pi.hole"
    || (!empty($_SERVER["VIRTUAL_HOST"]) && $serverName === $_SERVER["VIRTUAL_HOST"])) {
    // Redirect to Web Interface
-    exit(header("Location: /admin"));
+    header("Location: /admin");
    exit();
 } elseif (filter_var($serverName, FILTER_VALIDATE_IP) || in_array($serverName, $authorizedHosts)) {
    // When directly browsing via IP or authorized hostname
    // Render splash/landing page based off presence of $landPage file
@@ -75,6 +76,6 @@ EOT;
    exit($splashPage);
 }
-exit(header("HTTP/1.1 404 Not Found"));
+header("HTTP/1.1 404 Not Found");
-
+exit();
 ?>
--- a/advanced/lighttpd.conf.debian
+++ b/advanced/lighttpd.conf.debian
@@ -32,6 +32,8 @@ server.errorlog             = "/var/log/lighttpd/error-pihole.log"
 server.pid-file             = "/run/lighttpd.pid"
 server.username             = "www-data"
 server.groupname            = "www-data"
 # For lighttpd version 1.4.46 or above, the port can be overwritten in `/etc/lighttpd/external.conf` using the := operator
 # e.g. server.port := 8000
 server.port                 = 80
 accesslog.filename          = "/var/log/lighttpd/access-pihole.log"
 accesslog.format            = "%{%s}t|%V|%r|%s|%b"
--- a/advanced/lighttpd.conf.fedora
+++ b/advanced/lighttpd.conf.fedora
@@ -33,6 +33,8 @@ server.errorlog             = "/var/log/lighttpd/error-pihole.log"
 server.pid-file             = "/run/lighttpd.pid"
 server.username             = "lighttpd"
 server.groupname            = "lighttpd"
 # For lighttpd version 1.4.46 or above, the port can be overwritten in `/etc/lighttpd/external.conf` using the := operator
 # e.g. server.port := 8000
 server.port                 = 80
 accesslog.filename          = "/var/log/lighttpd/access-pihole.log"
 accesslog.format            = "%{%s}t|%V|%r|%s|%b"
--- a/install/basic-install.sh
+++ b/install/basic-install.sh
@@ -83,6 +83,7 @@ PI_HOLE_INSTALL_DIR="/opt/pihole"
 PI_HOLE_CONFIG_DIR="/etc/pihole"
 PI_HOLE_BIN_DIR="/usr/local/bin"
 PI_HOLE_404_DIR="${webroot}/pihole"
 FTL_CONFIG_FILE="${PI_HOLE_CONFIG_DIR}/pihole-FTL.conf"
 if [ -z "$useUpdateVars" ]; then
    useUpdateVars=false
 fi
@@ -357,9 +358,9 @@ package_manager_detect() {
        # These variable names match the ones for apt-get. See above for an explanation of what they are for.
        PKG_INSTALL=("${PKG_MANAGER}" install -y)
        # CentOS package manager returns 100 when there are packages to update so we need to || true to prevent the script from exiting.
-        PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l || true"
+        PKG_COUNT="${PKG_MANAGER} check-update | grep -E '(.i686|.x86|.noarch|.arm|.src)' | wc -l || true"
        OS_CHECK_DEPS=(grep bind-utils)
-        INSTALLER_DEPS=(git dialog iproute newt procps-ng which chkconfig ca-certificates)
+        INSTALLER_DEPS=(git dialog iproute newt procps-ng chkconfig ca-certificates)
        PIHOLE_DEPS=(cronie curl findutils sudo unzip libidn2 psmisc libcap nmap-ncat jq)
        PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php-common php-cli php-pdo php-xml php-json php-intl)
        LIGHTTPD_USER="lighttpd"
@@ -827,8 +828,11 @@ It is also possible to use a DHCP reservation, but if you are going to do that,
 # Configure networking via dhcpcd
 setDHCPCD() {
-    # Check if the IP is already in the file
+    # Regex for matching a non-commented static ip address setting
-    if grep -q "${IPV4_ADDRESS}" /etc/dhcpcd.conf; then
+    local regex="^[ \t]*static ip_address[ \t]*=[ \t]*${IPV4_ADDRESS}"
    # Check if static IP is already set in file
    if grep -q "${regex}" /etc/dhcpcd.conf; then
        printf "  %b Static IP already configured\\n" "${INFO}"
    # If it's not,
    else
@@ -999,10 +1003,10 @@ If you want to specify a port other than 53, separate it with a hash.\
                # and continue the loop.
                DNSSettingsCorrect=False
            else
-                dialog --no-shadow --keep-tite \
+                dialog --no-shadow --no-collapse --keep-tite \
                    --backtitle "Specify Upstream DNS Provider(s)" \
                    --title "Upstream DNS Provider(s)" \
-                    --yesno "Are these settings correct?\\n\\tDNS Server 1:\\t${PIHOLE_DNS_1}\\n\\tDNS Server 2:\\t${PIHOLE_DNS_2}" \
+                    --yesno "Are these settings correct?\\n"$'\t'"DNS Server 1:"$'\t'"${PIHOLE_DNS_1}\\n"$'\t'"DNS Server 2:"$'\t'"${PIHOLE_DNS_2}" \
                    "${r}" "${c}" && result=0 || result=$?
                case ${result} in
@@ -1264,35 +1268,30 @@ version_check_dnsmasq() {
    # Copy the new Pi-hole DNS config file into the dnsmasq.d directory
    install -D -m 644 -T "${dnsmasq_pihole_01_source}" "${dnsmasq_pihole_01_target}"
    printf "%b  %b Installed %s\n" "${OVER}"  "${TICK}" "${dnsmasq_pihole_01_target}"
-    # Replace our placeholder values with the GLOBAL DNS variables that we populated earlier
+    # Add settings with the GLOBAL DNS variables that we populated earlier
-    # First, swap in the interface to listen on,
+    # First, set the interface to listen on
-    sed -i "s/@INT@/$PIHOLE_INTERFACE/" "${dnsmasq_pihole_01_target}"
+    addOrEditKeyValPair "${dnsmasq_pihole_01_target}" "interface" "$PIHOLE_INTERFACE"
    if [[ "${PIHOLE_DNS_1}" != "" ]]; then
-        # then swap in the primary DNS server.
+        # then add in the primary DNS server.
-        sed -i "s/@DNS1@/$PIHOLE_DNS_1/" "${dnsmasq_pihole_01_target}"
+        addOrEditKeyValPair "${dnsmasq_pihole_01_target}" "server" "$PIHOLE_DNS_1"
    else
        # Otherwise, remove the line which sets DNS1.
        sed -i '/^server=@DNS1@/d' "${dnsmasq_pihole_01_target}"
    fi
    # Ditto if DNS2 is not empty
    if [[ "${PIHOLE_DNS_2}" != "" ]]; then
-        sed -i "s/@DNS2@/$PIHOLE_DNS_2/" "${dnsmasq_pihole_01_target}"
+        addKey "${dnsmasq_pihole_01_target}" "server=$PIHOLE_DNS_2"
    else
        sed -i '/^server=@DNS2@/d' "${dnsmasq_pihole_01_target}"
    fi
    # Set the cache size
-    sed -i "s/@CACHE_SIZE@/$CACHE_SIZE/" "${dnsmasq_pihole_01_target}"
+    addOrEditKeyValPair "${dnsmasq_pihole_01_target}" "cache-size" "$CACHE_SIZE"
    sed -i 's/^#conf-dir=\/etc\/dnsmasq.d$/conf-dir=\/etc\/dnsmasq.d/' "${dnsmasq_conf}"
    # If the user does not want to enable logging,
    if [[ "${QUERY_LOGGING}" == false ]] ; then
-        # disable it by commenting out the directive in the DNS config file
+        # remove itfrom the DNS config file
-        sed -i 's/^log-queries/#log-queries/' "${dnsmasq_pihole_01_target}"
+        removeKey "${dnsmasq_pihole_01_target}" "log-queries"
    else
-        # Otherwise, enable it by uncommenting the directive in the DNS config file
+        # Otherwise, enable it by adding the directive to the DNS config file
-        sed -i 's/^#log-queries/log-queries/' "${dnsmasq_pihole_01_target}"
+        addKey "${dnsmasq_pihole_01_target}" "log-queries"
    fi
    printf "  %b Installing %s..." "${INFO}" "${dnsmasq_rfc6761_06_source}"
@@ -1365,9 +1364,9 @@ installConfigs() {
    chmod 644 "${PI_HOLE_CONFIG_DIR}/dns-servers.conf"
    # Install template file if it does not exist
-    if [[ ! -r "${PI_HOLE_CONFIG_DIR}/pihole-FTL.conf" ]]; then
+    if [[ ! -r "${FTL_CONFIG_FILE}" ]]; then
        install -d -m 0755 ${PI_HOLE_CONFIG_DIR}
-        if ! install -T -o pihole -m 664 "${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole-FTL.conf" "${PI_HOLE_CONFIG_DIR}/pihole-FTL.conf" &>/dev/null; then
+        if ! install -T -o pihole -m 664 "${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole-FTL.conf" "${FTL_CONFIG_FILE}" &>/dev/null; then
            printf "  %b Error: Unable to initialize configuration file %s/pihole-FTL.conf\\n" "${COL_LIGHT_RED}" "${PI_HOLE_CONFIG_DIR}"
            return 1
        fi
@@ -1784,30 +1783,24 @@ create_pihole_user() {
 # This function saves any changes to the setup variables into the setupvars.conf file for future runs
 finalExports() {
-    # If the setup variable file exists,
+    # set or update the variables in the file
-    if [[ -e "${setupVars}" ]]; then
+
-        # update the variables in the file
+    addOrEditKeyValPair "${setupVars}" "PIHOLE_INTERFACE" "${PIHOLE_INTERFACE}"
-        sed -i.update.bak '/PIHOLE_INTERFACE/d;/PIHOLE_DNS_1\b/d;/PIHOLE_DNS_2\b/d;/QUERY_LOGGING/d;/INSTALL_WEB_SERVER/d;/INSTALL_WEB_INTERFACE/d;/LIGHTTPD_ENABLED/d;/CACHE_SIZE/d;/DNS_FQDN_REQUIRED/d;/DNS_BOGUS_PRIV/d;/DNSMASQ_LISTENING/d;' "${setupVars}"
+    addOrEditKeyValPair "${setupVars}" "PIHOLE_DNS_1" "${PIHOLE_DNS_1}"
-    fi
+    addOrEditKeyValPair "${setupVars}" "PIHOLE_DNS_2" "${PIHOLE_DNS_2}"
-    # echo the information to the user
+    addOrEditKeyValPair "${setupVars}" "QUERY_LOGGING" "${QUERY_LOGGING}"
-    {
+    addOrEditKeyValPair "${setupVars}" "INSTALL_WEB_SERVER" "${INSTALL_WEB_SERVER}"
-        echo "PIHOLE_INTERFACE=${PIHOLE_INTERFACE}"
+    addOrEditKeyValPair "${setupVars}" "INSTALL_WEB_INTERFACE" "${INSTALL_WEB_INTERFACE}"
-        echo "PIHOLE_DNS_1=${PIHOLE_DNS_1}"
+    addOrEditKeyValPair "${setupVars}" "LIGHTTPD_ENABLED" "${LIGHTTPD_ENABLED}"
-        echo "PIHOLE_DNS_2=${PIHOLE_DNS_2}"
+    addOrEditKeyValPair "${setupVars}" "CACHE_SIZE" "${CACHE_SIZE}"
-        echo "QUERY_LOGGING=${QUERY_LOGGING}"
+    addOrEditKeyValPair "${setupVars}" "DNS_FQDN_REQUIRED" "${DNS_FQDN_REQUIRED:-true}"
-        echo "INSTALL_WEB_SERVER=${INSTALL_WEB_SERVER}"
+    addOrEditKeyValPair "${setupVars}" "DNS_BOGUS_PRIV" "${DNS_BOGUS_PRIV:-true}"
-        echo "INSTALL_WEB_INTERFACE=${INSTALL_WEB_INTERFACE}"
+    addOrEditKeyValPair "${setupVars}" "DNSMASQ_LISTENING" "${DNSMASQ_LISTENING:-local}"
-        echo "LIGHTTPD_ENABLED=${LIGHTTPD_ENABLED}"
+
        echo "CACHE_SIZE=${CACHE_SIZE}"
        echo "DNS_FQDN_REQUIRED=${DNS_FQDN_REQUIRED:-true}"
        echo "DNS_BOGUS_PRIV=${DNS_BOGUS_PRIV:-true}"
        echo "DNSMASQ_LISTENING=${DNSMASQ_LISTENING:-local}"
    }>> "${setupVars}"
    chmod 644 "${setupVars}"
    # Set the privacy level
-    sed -i '/PRIVACYLEVEL/d' "${PI_HOLE_CONFIG_DIR}/pihole-FTL.conf"
+    addOrEditKeyValPair "${FTL_CONFIG_FILE}" "PRIVACYLEVEL" "${PRIVACY_LEVEL}"
    echo "PRIVACYLEVEL=${PRIVACY_LEVEL}" >> "${PI_HOLE_CONFIG_DIR}/pihole-FTL.conf"
    # Bring in the current settings and the functions to manipulate them
    source "${setupVars}"
@@ -1895,6 +1888,16 @@ installPihole() {
        printf "  %b Failure in dependent script copy function.\\n" "${CROSS}"
        exit 1
    fi
    # /opt/pihole/utils.sh should be installed by installScripts now, so we can use it
    if [ -f "${PI_HOLE_INSTALL_DIR}/utils.sh" ]; then
        # shellcheck disable=SC1091
        source "${PI_HOLE_INSTALL_DIR}/utils.sh"
    else
        printf "  %b Failure: /opt/pihole/utils.sh does not exist .\\n" "${CROSS}"
        exit 1
    fi
    # Install config files
    if ! installConfigs; then
        printf "  %b Failure in dependent config copy function.\\n" "${CROSS}"
@@ -2022,9 +2025,8 @@ update_dialogs() {
 \\n($strAdd)"\
                    "${r}" "${c}" 2 \
    "${opt1a}"  "${opt1b}" \
-    "${opt2a}"  "${opt2b}" || true)
+    "${opt2a}"  "${opt2b}") || result=$?
    result=$?
    case ${result} in
        "${DIALOG_CANCEL}" | "${DIALOG_ESC}")
            printf "  %b Cancel was selected, exiting installer%b\\n" "${COL_LIGHT_RED}" "${COL_NC}"
@@ -2268,7 +2270,7 @@ get_binary_name() {
        local rev
        rev=$(uname -m | sed "s/[^0-9]//g;")
        local lib
-        lib=$(ldd "$(which sh)" | grep -E '^\s*/lib' | awk '{ print $1 }')
+        lib=$(ldd "$(command -v sh)" | grep -E '^\s*/lib' | awk '{ print $1 }')
        if [[ "${lib}" == "/lib/ld-linux-aarch64.so.1" ]]; then
            printf "%b  %b Detected AArch64 (64 Bit ARM) processor\\n" "${OVER}" "${TICK}"
            # set the binary to be used
@@ -2569,8 +2571,8 @@ main() {
        source "${setupVars}"
        # Get the privacy level if it exists (default is 0)
-        if [[ -f "${PI_HOLE_CONFIG_DIR}/pihole-FTL.conf" ]]; then
+        if [[ -f "${FTL_CONFIG_FILE}" ]]; then
-            PRIVACY_LEVEL=$(sed -ne 's/PRIVACYLEVEL=\(.*\)/\1/p' "${PI_HOLE_CONFIG_DIR}/pihole-FTL.conf")
+            PRIVACY_LEVEL=$(sed -ne 's/PRIVACYLEVEL=\(.*\)/\1/p' "${FTL_CONFIG_FILE}")
            # If no setting was found, default to 0
            PRIVACY_LEVEL="${PRIVACY_LEVEL:-0}"
@@ -2694,9 +2696,8 @@ main() {
    # Download and compile the aggregated block list
    runGravity
-    # Force an update of the updatechecker
+    # Update local and remote versions via updatechecker
    /opt/pihole/updatecheck.sh
    /opt/pihole/updatecheck.sh x remote
    if [[ "${useUpdateVars}" == false ]]; then
        displayFinalMessage "${pw}"
--- a/gravity.sh
+++ b/gravity.sh
@@ -40,6 +40,7 @@ gravityDBschema="${piholeGitDir}/advanced/Templates/gravity.db.sql"
 gravityDBcopy="${piholeGitDir}/advanced/Templates/gravity_copy.sql"
 domainsExtension="domains"
 curl_connect_timeout=10
 # Source setupVars from install script
 setupVars="${piholeDir}/setupVars.conf"
@@ -641,7 +642,7 @@ gravity_DownloadBlocklistFromUrl() {
  fi
  # shellcheck disable=SC2086
-  httpCode=$(curl -s -L ${compression} ${cmd_ext} ${heisenbergCompensator} -w "%{http_code}" -A "${agent}" "${url}" -o "${patternBuffer}" 2> /dev/null)
+  httpCode=$(curl --connect-timeout ${curl_connect_timeout} -s -L ${compression} ${cmd_ext} ${heisenbergCompensator} -w "%{http_code}" -A "${agent}" "${url}" -o "${patternBuffer}" 2> /dev/null)
  case $url in
    # Did we "download" a local file?
@@ -719,72 +720,25 @@ gravity_DownloadBlocklistFromUrl() {
 # Parse source files into domains format
 gravity_ParseFileIntoDomains() {
-  local src="${1}" destination="${2}" firstLine
+  local src="${1}" destination="${2}"
-  # Determine if we are parsing a consolidated list
+  # Remove comments and print only the domain name
-  #if [[ "${src}" == "${piholeDir}/${matterAndLight}" ]]; then
+  # Most of the lists downloaded are already in hosts file format but the spacing/formatting is not contiguous
-    # Remove comments and print only the domain name
+  # This helps with that and makes it easier to read
-    # Most of the lists downloaded are already in hosts file format but the spacing/formatting is not contiguous
+  # It also helps with debugging so each stage of the script can be researched more in depth
-    # This helps with that and makes it easier to read
+  # 1) Remove carriage returns
-    # It also helps with debugging so each stage of the script can be researched more in depth
+  # 2) Convert all characters to lowercase
-    # 1) Remove carriage returns
+  # 3) Remove comments (text starting with "#", include possible spaces before the hash sign)
-    # 2) Convert all characters to lowercase
+  # 4) Remove lines containing "/"
-    # 3) Remove comments (text starting with "#", include possible spaces before the hash sign)
+  # 5) Remove leading tabs, spaces, etc.
-    # 4) Remove lines containing "/"
+  # 6) Delete lines not matching domain names
-    # 5) Remove leading tabs, spaces, etc.
+  < "${src}" tr -d '\r' | \
-    # 6) Delete lines not matching domain names
+  tr '[:upper:]' '[:lower:]' | \
-    < "${src}" tr -d '\r' | \
+  sed 's/\s*#.*//g' | \
-    tr '[:upper:]' '[:lower:]' | \
+  sed -r '/(\/).*$/d' | \
-    sed 's/\s*#.*//g' | \
+  sed -r 's/^.*\s+//g' | \
-    sed -r '/(\/).*$/d' | \
+  sed -r '/([^\.]+\.)+[^\.]{2,}/!d' >  "${destination}"
-    sed -r 's/^.*\s+//g' | \
+  chmod 644 "${destination}"
    sed -r '/([^\.]+\.)+[^\.]{2,}/!d' >  "${destination}"
    chmod 644 "${destination}"
    return 0
  #fi
  # Individual file parsing: Keep comments, while parsing domains from each line
  # We keep comments to respect the list maintainer's licensing
  read -r firstLine < "${src}"
  # Determine how to parse individual source file formats
  if [[ "${firstLine,,}" =~ (adblock|ublock|^!) ]]; then
    # Compare $firstLine against lower case words found in Adblock lists
    echo -e "  ${CROSS} Format: Adblock (list type not supported)"
  elif grep -q "^address=/" "${src}" &> /dev/null; then
    # Parse Dnsmasq format lists
    echo -e "  ${CROSS} Format: Dnsmasq (list type not supported)"
  elif grep -q -E "^https?://" "${src}" &> /dev/null; then
    # Parse URL list if source file contains "http://" or "https://"
    # Scanning for "^IPv4$" is too slow with large (1M) lists on low-end hardware
    echo -ne "  ${INFO} Format: URL"
    awk '
      # Remove URL scheme, optional "username:password@", and ":?/;"
      # The scheme must be matched carefully to avoid blocking the wrong URL
      # in cases like:
      #   http://www.evil.com?http://www.good.com
      # See RFC 3986 section 3.1 for details.
      /[:?\/;]/ { gsub(/(^[a-zA-Z][a-zA-Z0-9+.-]*:\/\/(.*:.*@)?|[:?\/;].*)/, "", $0) }
      # Skip lines which are only IPv4 addresses
      /^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$/ { next }
      # Print if nonempty
      length { print }
    ' "${src}" 2> /dev/null > "${destination}"
    chmod 644 "${destination}"
    echo -e "${OVER}  ${TICK} Format: URL"
  else
    # Default: Keep hosts/domains file in same format as it was downloaded
    output=$( { mv "${src}" "${destination}"; } 2>&1 )
    chmod 644 "${destination}"
    if [[ ! -e "${destination}" ]]; then
      echo -e "\\n  ${CROSS} Unable to move tmp file to ${piholeDir}
    ${output}"
      gravity_Cleanup "error"
    fi
  fi
 }
 # Report number of entries in a table
--- a/13
+++ b/13
@@ -104,6 +104,9 @@ restartDNS() {
  local svcOption svc str output status pid icon FTL_PID_FILE
  svcOption="${1:-restart}"
  # get the current path to the pihole-FTL.pid
  FTL_PID_FILE="$(getFTLPIDFile)"
  # Determine if we should reload or restart
  if [[ "${svcOption}" =~ "reload-lists" ]]; then
    # Reloading of the lists has been requested
@@ -111,9 +114,6 @@ restartDNS() {
    # Note 2: We cannot use killall here as it does
    #         not know about real-time signals
    # get the current path to the pihole-FTL.pid
    FTL_PID_FILE="$(getFTLPIDFile)"
    pid="$(getFTLPID ${FTL_PID_FILE})"
    if [[ "$pid" -eq "-1" ]]; then
      svc="true"
@@ -303,14 +303,13 @@ analyze_ports() {
 statusFunc() {
    # Determine if there is pihole-FTL service is listening
-    local pid port ftl_api_port ftl_pid_file ftl_apiport_file
+    local pid port ftl_api_port ftl_pid_file
    ftl_pid_file="$(getFTLPIDFile)"
    pid="$(getFTLPID ${ftl_pid_file})"
-    ftl_apiport_file="${getFTLAPIPortFile}"
+    ftl_api_port="$(getFTLAPIPort)"
    ftl_api_port="$(getFTLAPIPort ${ftl_apiport_file})"
    if [[ "$pid" -eq "-1" ]]; then
        case "${1}" in
            "web") echo "-1";;
@@ -554,7 +553,7 @@ case "${1}" in
  "restartdns"                  ) restartDNS "$2";;
  "-a" | "admin"                ) webpageFunc "$@";;
  "checkout"                    ) piholeCheckoutFunc "$@";;
-  "updatechecker"               ) updateCheckFunc "$@";;
+  "updatechecker"               ) shift; updateCheckFunc "$@";;
  "arpflush"                    ) arpFunc "$@";;
  "-t" | "tail"                 ) tailFunc "$2";;
 esac
--- a/test/_centos_8.Dockerfile
+++ b/test/_centos_8.Dockerfile
@@ -1,5 +1,5 @@
 FROM quay.io/centos/centos:stream8
-RUN yum install -y git
+RUN yum install -y git initscripts
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole
--- a/test/_centos_9.Dockerfile
+++ b/test/_centos_9.Dockerfile
@@ -0,0 +1,18 @@
 FROM quay.io/centos/centos:stream9
 RUN yum install -y --allowerasing curl git initscripts
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole
 RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
 ADD . $GITDIR
 RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
 ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
 RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV SKIP_INSTALL true
 ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_fedora_35.Dockerfile
+++ b/test/_fedora_35.Dockerfile
@@ -1,5 +1,5 @@
-FROM fedora:34
+FROM fedora:35
-RUN dnf install -y git
+RUN dnf install -y git initscripts
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole
--- a/test/_fedora_36.Dockerfile
+++ b/test/_fedora_36.Dockerfile
@@ -1,4 +1,5 @@
-FROM buildpack-deps:bionic-scm
+FROM fedora:36
 RUN dnf install -y git initscripts
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole
--- a/test/conftest.py
+++ b/test/conftest.py
@@ -6,12 +6,12 @@ from textwrap import dedent
 SETUPVARS = {
-    'PIHOLE_INTERFACE': 'eth99',
+    "PIHOLE_INTERFACE": "eth99",
-    'PIHOLE_DNS_1': '4.2.2.1',
+    "PIHOLE_DNS_1": "4.2.2.1",
-    'PIHOLE_DNS_2': '4.2.2.2'
+    "PIHOLE_DNS_2": "4.2.2.2",
 }
-IMAGE = 'pytest_pihole:test_container'
+IMAGE = "pytest_pihole:test_container"
 tick_box = "[\x1b[1;32m\u2713\x1b[0m]"
 cross_box = "[\x1b[1;31m\u2717\x1b[0m]"
@@ -38,132 +38,187 @@ testinfra.backend.docker.DockerBackend.run = run_bash
@pytest.fixture
 def host():
    # run a container
-    docker_id = subprocess.check_output(
+    docker_id = (
-        ['docker', 'run', '-t', '-d', '--cap-add=ALL', IMAGE]).decode().strip()
+        subprocess.check_output(["docker", "run", "-t", "-d", "--cap-add=ALL", IMAGE])
        .decode()
        .strip()
    )
    # return a testinfra connection to the container
    docker_host = testinfra.get_host("docker://" + docker_id)
    yield docker_host
    # at the end of the test suite, destroy the container
-    subprocess.check_call(['docker', 'rm', '-f', docker_id])
+    subprocess.check_call(["docker", "rm", "-f", docker_id])
 # Helper functions
 def mock_command(script, args, container):
-    '''
+    """
    Allows for setup of commands we don't really want to have to run for real
    in unit tests
-    '''
+    """
-    full_script_path = '/usr/local/bin/{}'.format(script)
+    full_script_path = "/usr/local/bin/{}".format(script)
-    mock_script = dedent(r'''\
+    mock_script = dedent(
        r"""\
    #!/bin/bash -e
    echo "\$0 \$@" >> /var/log/{script}
-    case "\$1" in'''.format(script=script))
+    case "\$1" in""".format(
            script=script
        )
    )
    for k, v in args.items():
-        case = dedent('''
+        case = dedent(
            """
        {arg})
        echo {res}
        exit {retcode}
-        ;;'''.format(arg=k, res=v[0], retcode=v[1]))
+        ;;""".format(
                arg=k, res=v[0], retcode=v[1]
            )
        )
        mock_script += case
-    mock_script += dedent('''
+    mock_script += dedent(
-    esac''')
+        """
-    container.run('''
+    esac"""
    )
    container.run(
        """
    cat <<EOF> {script}\n{content}\nEOF
    chmod +x {script}
-    rm -f /var/log/{scriptlog}'''.format(script=full_script_path,
+    rm -f /var/log/{scriptlog}""".format(
-                                         content=mock_script,
+            script=full_script_path, content=mock_script, scriptlog=script
-                                         scriptlog=script))
+        )
    )
 def mock_command_passthrough(script, args, container):
-    '''
+    """
    Per other mock_command* functions, allows intercepting of commands we don't want to run for real
    in unit tests, however also allows only specific arguments to be mocked. Anything not defined will
    be passed through to the actual command.
    Example use-case: mocking `git pull` but still allowing `git clone` to work as intended
-    '''
+    """
-    orig_script_path = container.check_output('command -v {}'.format(script))
+    orig_script_path = container.check_output("command -v {}".format(script))
-    full_script_path = '/usr/local/bin/{}'.format(script)
+    full_script_path = "/usr/local/bin/{}".format(script)
-    mock_script = dedent(r'''\
+    mock_script = dedent(
        r"""\
    #!/bin/bash -e
    echo "\$0 \$@" >> /var/log/{script}
-    case "\$1" in'''.format(script=script))
+    case "\$1" in""".format(
            script=script
        )
    )
    for k, v in args.items():
-        case = dedent('''
+        case = dedent(
            """
        {arg})
        echo {res}
        exit {retcode}
-        ;;'''.format(arg=k, res=v[0], retcode=v[1]))
+        ;;""".format(
                arg=k, res=v[0], retcode=v[1]
            )
        )
        mock_script += case
-    mock_script += dedent(r'''
+    mock_script += dedent(
        r"""
    *)
    {orig_script_path} "\$@"
-    ;;'''.format(orig_script_path=orig_script_path))
+    ;;""".format(
-    mock_script += dedent('''
+            orig_script_path=orig_script_path
-    esac''')
+        )
-    container.run('''
+    )
    mock_script += dedent(
        """
    esac"""
    )
    container.run(
        """
    cat <<EOF> {script}\n{content}\nEOF
    chmod +x {script}
-    rm -f /var/log/{scriptlog}'''.format(script=full_script_path,
+    rm -f /var/log/{scriptlog}""".format(
-                                         content=mock_script,
+            script=full_script_path, content=mock_script, scriptlog=script
-                                         scriptlog=script))
+        )
    )
 def mock_command_run(script, args, container):
-    '''
+    """
    Allows for setup of commands we don't really want to have to run for real
    in unit tests
-    '''
+    """
-    full_script_path = '/usr/local/bin/{}'.format(script)
+    full_script_path = "/usr/local/bin/{}".format(script)
-    mock_script = dedent(r'''\
+    mock_script = dedent(
        r"""\
    #!/bin/bash -e
    echo "\$0 \$@" >> /var/log/{script}
-    case "\$1 \$2" in'''.format(script=script))
+    case "\$1 \$2" in""".format(
            script=script
        )
    )
    for k, v in args.items():
-        case = dedent('''
+        case = dedent(
            """
        \"{arg}\")
        echo {res}
        exit {retcode}
-        ;;'''.format(arg=k, res=v[0], retcode=v[1]))
+        ;;""".format(
                arg=k, res=v[0], retcode=v[1]
            )
        )
        mock_script += case
-    mock_script += dedent('''
+    mock_script += dedent(
-    esac''')
+        """
-    container.run('''
+    esac"""
    )
    container.run(
        """
    cat <<EOF> {script}\n{content}\nEOF
    chmod +x {script}
-    rm -f /var/log/{scriptlog}'''.format(script=full_script_path,
+    rm -f /var/log/{scriptlog}""".format(
-                                         content=mock_script,
+            script=full_script_path, content=mock_script, scriptlog=script
-                                         scriptlog=script))
+        )
    )
 def mock_command_2(script, args, container):
-    '''
+    """
    Allows for setup of commands we don't really want to have to run for real
    in unit tests
-    '''
+    """
-    full_script_path = '/usr/local/bin/{}'.format(script)
+    full_script_path = "/usr/local/bin/{}".format(script)
-    mock_script = dedent(r'''\
+    mock_script = dedent(
        r"""\
    #!/bin/bash -e
    echo "\$0 \$@" >> /var/log/{script}
-    case "\$1 \$2" in'''.format(script=script))
+    case "\$1 \$2" in""".format(
            script=script
        )
    )
    for k, v in args.items():
-        case = dedent('''
+        case = dedent(
            """
        \"{arg}\")
        echo \"{res}\"
        exit {retcode}
-        ;;'''.format(arg=k, res=v[0], retcode=v[1]))
+        ;;""".format(
                arg=k, res=v[0], retcode=v[1]
            )
        )
        mock_script += case
-    mock_script += dedent('''
+    mock_script += dedent(
-    esac''')
+        """
-    container.run('''
+    esac"""
    )
    container.run(
        """
    cat <<EOF> {script}\n{content}\nEOF
    chmod +x {script}
-    rm -f /var/log/{scriptlog}'''.format(script=full_script_path,
+    rm -f /var/log/{scriptlog}""".format(
-                                         content=mock_script,
+            script=full_script_path, content=mock_script, scriptlog=script
-                                         scriptlog=script))
+        )
    )
 def run_script(Pihole, script):
--- a/test/requirements.txt
+++ b/test/requirements.txt
@@ -1,6 +1,5 @@
 docker-compose
 pytest
 pytest-xdist
 pytest-cov
 pytest-testinfra
 tox
--- a/test/setup.py
+++ b/test/setup.py
@@ -1,6 +1,7 @@
 from setuptools import setup
 setup(
-    setup_requires=['pytest-runner'],
+    py_modules=[],
-    tests_require=['pytest'],
+    setup_requires=["pytest-runner"],
    tests_require=["pytest"],
 )
--- a/test/test_any_automated_install.py
+++ b/test/test_any_automated_install.py
--- a/test/test_any_utils.py
+++ b/test/test_any_utils.py
@@ -1,22 +1,27 @@
 def test_key_val_replacement_works(host):
-    ''' Confirms addOrEditKeyValPair either adds or replaces a key value pair in a given file '''
+    """Confirms addOrEditKeyValPair either adds or replaces a key value pair in a given file"""
-    host.run('''
+    host.run(
        """
    source /opt/pihole/utils.sh
    addOrEditKeyValPair "./testoutput" "KEY_ONE" "value1"
    addOrEditKeyValPair "./testoutput" "KEY_TWO" "value2"
    addOrEditKeyValPair "./testoutput" "KEY_ONE" "value3"
    addOrEditKeyValPair "./testoutput" "KEY_FOUR" "value4"
-    ''')
+    """
-    output = host.run('''
+    )
    output = host.run(
        """
    cat ./testoutput
-    ''')
+    """
-    expected_stdout = 'KEY_ONE=value3\nKEY_TWO=value2\nKEY_FOUR=value4\n'
+    )
    expected_stdout = "KEY_ONE=value3\nKEY_TWO=value2\nKEY_FOUR=value4\n"
    assert expected_stdout == output.stdout
 def test_key_addition_works(host):
-    ''' Confirms addKey adds a key (no value) to a file without duplicating it '''
+    """Confirms addKey adds a key (no value) to a file without duplicating it"""
-    host.run('''
+    host.run(
        """
    source /opt/pihole/utils.sh
    addKey "./testoutput" "KEY_ONE"
    addKey "./testoutput" "KEY_ONE"
@@ -24,17 +29,21 @@ def test_key_addition_works(host):
    addKey "./testoutput" "KEY_TWO"
    addKey "./testoutput" "KEY_THREE"
    addKey "./testoutput" "KEY_THREE"
-    ''')
+    """
-    output = host.run('''
+    )
    output = host.run(
        """
    cat ./testoutput
-    ''')
+    """
-    expected_stdout = 'KEY_ONE\nKEY_TWO\nKEY_THREE\n'
+    )
    expected_stdout = "KEY_ONE\nKEY_TWO\nKEY_THREE\n"
    assert expected_stdout == output.stdout
 def test_key_removal_works(host):
-    ''' Confirms removeKey removes a key or key/value pair '''
+    """Confirms removeKey removes a key or key/value pair"""
-    host.run('''
+    host.run(
        """
    source /opt/pihole/utils.sh
    addOrEditKeyValPair "./testoutput" "KEY_ONE" "value1"
    addOrEditKeyValPair "./testoutput" "KEY_TWO" "value2"
@@ -42,81 +51,102 @@ def test_key_removal_works(host):
    addKey "./testoutput" "KEY_FOUR"
    removeKey "./testoutput" "KEY_TWO"
    removeKey "./testoutput" "KEY_FOUR"
-    ''')
+    """
-    output = host.run('''
+    )
    output = host.run(
        """
    cat ./testoutput
-    ''')
+    """
-    expected_stdout = 'KEY_ONE=value1\nKEY_THREE=value3\n'
+    )
-    assert expected_stdout == output.stdout
+    expected_stdout = "KEY_ONE=value1\nKEY_THREE=value3\n"
 def test_getFTLAPIPortFile_default(host):
    ''' Confirms getFTLAPIPortFile returns the default API port file path '''
    output = host.run('''
    source /opt/pihole/utils.sh
    getFTLAPIPortFile
    ''')
    expected_stdout = '/run/pihole-FTL.port\n'
    assert expected_stdout == output.stdout
 def test_getFTLAPIPort_default(host):
-    ''' Confirms getFTLAPIPort returns the default API port '''
+    """Confirms getFTLAPIPort returns the default API port"""
-    output = host.run('''
+    output = host.run(
        """
    source /opt/pihole/utils.sh
-    getFTLAPIPort "/run/pihole-FTL.port"
+    getFTLAPIPort
-    ''')
+    """
-    expected_stdout = '4711\n'
+    )
    expected_stdout = "4711\n"
    assert expected_stdout == output.stdout
-def test_getFTLAPIPortFile_and_getFTLAPIPort_custom(host):
+def test_getFTLAPIPort_custom(host):
-    ''' Confirms getFTLAPIPort returns a custom API port in a custom PORTFILE location '''
+    """Confirms getFTLAPIPort returns a custom API port"""
-    host.run('''
+    host.run(
-    tmpfile=$(mktemp)
+        """
-    echo "PORTFILE=${tmpfile}" > /etc/pihole/pihole-FTL.conf
+    echo "FTLPORT=1234" > /etc/pihole/pihole-FTL.conf
-    echo "1234" > ${tmpfile}
+    """
-    ''')
+    )
-    output = host.run('''
+    output = host.run(
        """
    source /opt/pihole/utils.sh
-    FTL_API_PORT_FILE=$(getFTLAPIPortFile)
+    getFTLAPIPort
-    getFTLAPIPort "${FTL_API_PORT_FILE}"
+    """
-    ''')
+    )
-    expected_stdout = '1234\n'
+    expected_stdout = "1234\n"
    assert expected_stdout == output.stdout
 def test_getFTLAPIPort_malicious(host):
    """Confirms getFTLAPIPort returns 4711 if the setting in pihole-FTL.conf contains non-digits"""
    host.run(
        """
    echo "FTLPORT=*$ssdfsd" > /etc/pihole/pihole-FTL.conf
    """
    )
    output = host.run(
        """
    source /opt/pihole/utils.sh
    getFTLAPIPort
    """
    )
    expected_stdout = "4711\n"
    assert expected_stdout == output.stdout
 def test_getFTLPIDFile_default(host):
-    ''' Confirms getFTLPIDFile returns the default PID file path '''
+    """Confirms getFTLPIDFile returns the default PID file path"""
-    output = host.run('''
+    output = host.run(
        """
    source /opt/pihole/utils.sh
    getFTLPIDFile
-    ''')
+    """
-    expected_stdout = '/run/pihole-FTL.pid\n'
+    )
    expected_stdout = "/run/pihole-FTL.pid\n"
    assert expected_stdout == output.stdout
 def test_getFTLPID_default(host):
-    ''' Confirms getFTLPID returns the default value if FTL is not running '''
+    """Confirms getFTLPID returns the default value if FTL is not running"""
-    output = host.run('''
+    output = host.run(
        """
    source /opt/pihole/utils.sh
    getFTLPID
-    ''')
+    """
-    expected_stdout = '-1\n'
+    )
    expected_stdout = "-1\n"
    assert expected_stdout == output.stdout
 def test_getFTLPIDFile_and_getFTLPID_custom(host):
-    ''' Confirms getFTLPIDFile returns a custom PID file path '''
+    """Confirms getFTLPIDFile returns a custom PID file path"""
-    host.run('''
+    host.run(
        """
    tmpfile=$(mktemp)
    echo "PIDFILE=${tmpfile}" > /etc/pihole/pihole-FTL.conf
    echo "1234" > ${tmpfile}
-    ''')
+    """
-    output = host.run('''
+    )
    output = host.run(
        """
    source /opt/pihole/utils.sh
    FTL_PID_FILE=$(getFTLPIDFile)
    getFTLPID "${FTL_PID_FILE}"
-    ''')
+    """
-    expected_stdout = '1234\n'
+    )
    expected_stdout = "1234\n"
    assert expected_stdout == output.stdout
--- a/test/test_centos_common_support.py
+++ b/test/test_centos_common_support.py
@@ -8,17 +8,20 @@ from .conftest import (
 def test_enable_epel_repository_centos(host):
-    '''
+    """
    confirms the EPEL package repository is enabled when installed on CentOS
-    '''
+    """
-    package_manager_detect = host.run('''
+    package_manager_detect = host.run(
        """
    source /opt/pihole/basic-install.sh
    package_manager_detect
-    ''')
+    """
-    expected_stdout = info_box + (' Enabling EPEL package repository '
+    )
-                                  '(https://fedoraproject.org/wiki/EPEL)')
+    expected_stdout = info_box + (
        " Enabling EPEL package repository " "(https://fedoraproject.org/wiki/EPEL)"
    )
    assert expected_stdout in package_manager_detect.stdout
-    expected_stdout = tick_box + ' Installed'
+    expected_stdout = tick_box + " Installed"
    assert expected_stdout in package_manager_detect.stdout
-    epel_package = host.package('epel-release')
+    epel_package = host.package("epel-release")
    assert epel_package.is_installed
--- a/test/test_centos_fedora_common_support.py
+++ b/test/test_centos_fedora_common_support.py
@@ -6,60 +6,70 @@ from .conftest import (
 def mock_selinux_config(state, host):
-    '''
+    """
    Creates a mock SELinux config file with expected content
-    '''
+    """
    # validate state string
-    valid_states = ['enforcing', 'permissive', 'disabled']
+    valid_states = ["enforcing", "permissive", "disabled"]
    assert state in valid_states
    # getenforce returns the running state of SELinux
-    mock_command('getenforce', {'*': (state.capitalize(), '0')}, host)
+    mock_command("getenforce", {"*": (state.capitalize(), "0")}, host)
    # create mock configuration with desired content
-    host.run('''
+    host.run(
        """
    mkdir /etc/selinux
    echo "SELINUX={state}" > /etc/selinux/config
-    '''.format(state=state.lower()))
+    """.format(
            state=state.lower()
        )
    )
 def test_selinux_enforcing_exit(host):
-    '''
+    """
    confirms installer prompts to exit when SELinux is Enforcing by default
-    '''
+    """
    mock_selinux_config("enforcing", host)
-    check_selinux = host.run('''
+    check_selinux = host.run(
        """
    source /opt/pihole/basic-install.sh
    checkSelinux
-    ''')
+    """
-    expected_stdout = cross_box + ' Current SELinux: enforcing'
+    )
    expected_stdout = cross_box + " Current SELinux: enforcing"
    assert expected_stdout in check_selinux.stdout
-    expected_stdout = 'SELinux Enforcing detected, exiting installer'
+    expected_stdout = "SELinux Enforcing detected, exiting installer"
    assert expected_stdout in check_selinux.stdout
    assert check_selinux.rc == 1
 def test_selinux_permissive(host):
-    '''
+    """
    confirms installer continues when SELinux is Permissive
-    '''
+    """
    mock_selinux_config("permissive", host)
-    check_selinux = host.run('''
+    check_selinux = host.run(
        """
    source /opt/pihole/basic-install.sh
    checkSelinux
-    ''')
+    """
-    expected_stdout = tick_box + ' Current SELinux: permissive'
+    )
    expected_stdout = tick_box + " Current SELinux: permissive"
    assert expected_stdout in check_selinux.stdout
    assert check_selinux.rc == 0
 def test_selinux_disabled(host):
-    '''
+    """
    confirms installer continues when SELinux is Disabled
-    '''
+    """
    mock_selinux_config("disabled", host)
-    check_selinux = host.run('''
+    check_selinux = host.run(
        """
    source /opt/pihole/basic-install.sh
    checkSelinux
-    ''')
+    """
-    expected_stdout = tick_box + ' Current SELinux: disabled'
+    )
    expected_stdout = tick_box + " Current SELinux: disabled"
    assert expected_stdout in check_selinux.stdout
    assert check_selinux.rc == 0
--- a/test/test_fedora_support.py
+++ b/test/test_fedora_support.py
@@ -1,13 +1,15 @@
 def test_epel_and_remi_not_installed_fedora(host):
-    '''
+    """
    confirms installer does not attempt to install EPEL/REMI repositories
    on Fedora
-    '''
+    """
-    package_manager_detect = host.run('''
+    package_manager_detect = host.run(
        """
    source /opt/pihole/basic-install.sh
    package_manager_detect
-    ''')
+    """
-    assert package_manager_detect.stdout == ''
+    )
    assert package_manager_detect.stdout == ""
-    epel_package = host.package('epel-release')
+    epel_package = host.package("epel-release")
    assert not epel_package.is_installed
--- a/test/tox.centos_8.ini
+++ b/test/tox.centos_8.ini
@@ -1,8 +1,8 @@
 [tox]
-envlist = py38
+envlist = py3
 [testenv]
-whitelist_externals = docker
+allowlist_externals = docker
 deps = -rrequirements.txt
 commands = docker build -f _centos_8.Dockerfile -t pytest_pihole:test_container ../
           pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py ./test_centos_fedora_common_support.py ./test_centos_common_support.py
--- a/test/tox.centos_9.ini
+++ b/test/tox.centos_9.ini
@@ -0,0 +1,8 @@
 [tox]
 envlist = py3
 [testenv]
 allowlist_externals = docker
 deps = -rrequirements.txt
 commands = docker build -f _centos_9.Dockerfile -t pytest_pihole:test_container ../
           pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py ./test_centos_fedora_common_support.py ./test_centos_common_support.py
--- a/test/tox.debian_10.ini
+++ b/test/tox.debian_10.ini
@@ -1,8 +1,8 @@
 [tox]
-envlist = py38
+envlist = py3
 [testenv]
-whitelist_externals = docker
+allowlist_externals = docker
 deps = -rrequirements.txt
 commands = docker build -f _debian_10.Dockerfile -t pytest_pihole:test_container ../
           pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py
--- a/test/tox.debian_11.ini
+++ b/test/tox.debian_11.ini
@@ -1,8 +1,8 @@
 [tox]
-envlist = py38
+envlist = py3
 [testenv]
-whitelist_externals = docker
+allowlist_externals = docker
 deps = -rrequirements.txt
 commands = docker build -f _debian_11.Dockerfile -t pytest_pihole:test_container ../
           pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py
--- a/test/tox.fedora_35.ini
+++ b/test/tox.fedora_35.ini
@@ -1,8 +1,8 @@
 [tox]
-envlist = py38
+envlist = py3
 [testenv]
-whitelist_externals = docker
+allowlist_externals = docker
 deps = -rrequirements.txt
-commands = docker build -f _fedora_34.Dockerfile -t pytest_pihole:test_container ../
+commands = docker build -f _fedora_35.Dockerfile -t pytest_pihole:test_container ../
           pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py ./test_centos_fedora_common_support.py ./test_fedora_support.py
--- a/test/tox.fedora_36.ini
+++ b/test/tox.fedora_36.ini
@@ -0,0 +1,8 @@
 [tox]
 envlist = py3
 [testenv]
 allowlist_externals = docker
 deps = -rrequirements.txt
 commands = docker build -f _fedora_36.Dockerfile -t pytest_pihole:test_container ../
           pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py ./test_centos_fedora_common_support.py ./test_fedora_support.py
--- a/test/tox.ubuntu_18.ini
+++ b/test/tox.ubuntu_18.ini
@@ -1,8 +0,0 @@
 [tox]
 envlist = py38
 [testenv]
 whitelist_externals = docker
 deps = -rrequirements.txt
 commands = docker build -f _ubuntu_18.Dockerfile -t pytest_pihole:test_container ../
           pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py
--- a/test/tox.ubuntu_20.ini
+++ b/test/tox.ubuntu_20.ini
@@ -1,8 +1,8 @@
 [tox]
-envlist = py38
+envlist = py3
 [testenv]
-whitelist_externals = docker
+allowlist_externals = docker
 deps = -rrequirements.txt
 commands = docker build -f _ubuntu_20.Dockerfile -t pytest_pihole:test_container ../
           pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py
--- a/test/tox.ubuntu_22.ini
+++ b/test/tox.ubuntu_22.ini
@@ -1,8 +1,8 @@
 [tox]
-envlist = py38
+envlist = py3
 [testenv]
-whitelist_externals = docker
+allowlist_externals = docker
 deps = -rrequirements.txt
 commands = docker build -f _ubuntu_22.Dockerfile -t pytest_pihole:test_container ../
           pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py