Explicitly log migration process

Signed-off-by: DL6ER <dl6er@dl6er.de>
Merge branch 'fix/install' into fix/migration_test
2024-12-23 08:52:56 +01:00 · 2024-12-23 08:44:24 +01:00 · 2024-12-22 21:46:32 +01:00 · 2024-12-21 07:10:46 +01:00 · 2024-12-16 17:22:12 +01:00 · 2024-12-16 15:55:34 +01:00
119 changed files with 5395 additions and 8987 deletions
--- a/.codespellignore
+++ b/.codespellignore
@@ -0,0 +1,4 @@
 doubleclick
 wan
 nwe
 padd
--- a/.editorconfig
+++ b/.editorconfig
@@ -13,26 +13,8 @@ tab_width = 4
 charset = utf-8
 trim_trailing_whitespace = true
-# Matches multiple files with brace expansion notation
+[*.yml]
-# Set default charset
+tab_width = 2
 [*.{js,py}]
 charset = utf-8
-# 4 space indentation
+[*.md]
-[*.py]
+tab_width = 2
 indent_style = space
 indent_size = 4
 # Tab indentation (no size specified)
 [Makefile]
 indent_style = tab
 # Indentation override for all JS under lib directory
 [scripts/**.js]
 indent_style = space
 indent_size = 2
 # Matches the exact files either package.json or .travis.yml
 [{package.json,.travis.yml}]
 indent_style = space
 indent_size = 2
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -7,4 +7,16 @@ updates:
    day: saturday
    time: "10:00"
  open-pull-requests-limit: 10
-  target-branch: developement
+  target-branch: development
  reviewers:
    - "pi-hole/core-maintainers"
 - package-ecosystem: pip
  directory: "/test"
  schedule:
    interval: weekly
    day: saturday
    time: "10:00"
  open-pull-requests-limit: 10
  target-branch: development
  reviewers:
    - "pi-hole/core-maintainers"
--- a/.github/release.yml
+++ b/.github/release.yml
@@ -0,0 +1,7 @@
 changelog:
  exclude:
    labels:
      - internal
    authors:
      - dependabot
      - github-actions
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -25,16 +25,16 @@ jobs:
    steps:
    -
      name: Checkout repository
-      uses: actions/checkout@v2
+      uses: actions/checkout@v4.2.2
    # Initializes the CodeQL tools for scanning.
    -
      name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
+      uses: github/codeql-action/init@v3
      with:
        languages: 'python'
    -
      name: Autobuild
-      uses: github/codeql-action/autobuild@v1
+      uses: github/codeql-action/autobuild@v3
    -
      name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+      uses: github/codeql-action/analyze@v3
--- a/.github/workflows/merge-conflict.yml
+++ b/.github/workflows/merge-conflict.yml
@@ -0,0 +1,21 @@
 name: "Check for merge conflicts"
 on:
  # So that PRs touching the same files as the push are updated
  push:
  # So that the `dirtyLabel` is removed if conflicts are resolve
  # We recommend `pull_request_target` so that github secrets are available.
  # In `pull_request` we wouldn't be able to change labels of fork PRs
  pull_request_target:
    types: [synchronize]
 jobs:
  main:
    runs-on: ubuntu-latest
    steps:
      - name: Check if PRs are have merge conflicts
        uses: eps1lon/actions-label-merge-conflict@v3.0.2
        with:
          dirtyLabel: "PR: Merge Conflict"
          repoToken: "${{ secrets.GITHUB_TOKEN }}"
          commentOnDirty: "This pull request has conflicts, please resolve those before we can evaluate the pull request."
          commentOnClean: "Conflicts have been resolved."
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@@ -0,0 +1,47 @@
 name: Mark stale issues
 on:
  schedule:
    - cron: '0 8 * * *'
  workflow_dispatch:
  issue_comment:
 env:
  stale_label: stale
 jobs:
  stale_action:
    if: github.event_name != 'issue_comment'
    runs-on: ubuntu-latest
    permissions:
      issues: write
    steps:
      - uses: actions/stale@v9.0.0
        with:
          repo-token: ${{ secrets.GITHUB_TOKEN }}
          days-before-stale: 30
          days-before-close: 5
          stale-issue-message: 'This issue is stale because it has been open 30 days with no activity. Please comment or update this issue or it will be closed in 5 days.'
          stale-issue-label: '${{ env.stale_label }}'
          exempt-issue-labels: 'Internal, Fixed in next release, Bug: Confirmed, Documentation Needed'
          exempt-all-issue-assignees: true
          operations-per-run: 300
          close-issue-reason: 'not_planned'
  remove_stale:
    # trigger "stale" removal immediately when stale issues are commented on
    # we need to explicitly check that the trigger does not run on comment on a PR as
    # https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#issue_comment-on-issues-only-or-pull-requests-only
    if: ${{ !github.event.issue.pull_request && github.event_name != 'schedule' }}
    permissions:
      contents: read #  for actions/checkout
      issues: write #  to edit issues label
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4.2.2
      - name: Remove 'stale' label
        run: gh issue edit ${{ github.event.issue.number }} --remove-label ${{ env.stale_label }}
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
--- a/.github/workflows/stale_pr.yml
+++ b/.github/workflows/stale_pr.yml
@@ -0,0 +1,35 @@
 name: Close stale PR
 # This action will add a `stale` label and close immediately every PR that meets the following conditions:
 #   - it is already marked with "merge conflict" label
 #   - there was no update/comment on the PR in the last 30 days.
 on:
  schedule:
    - cron: '0 10 * * *'
  workflow_dispatch:
 jobs:
  stale:
    runs-on: ubuntu-latest
    permissions:
      issues: write
      pull-requests: write
    steps:
      - uses: actions/stale@v9.0.0
        with:
          repo-token: ${{ secrets.GITHUB_TOKEN }}
          # Do not automatically mark PR/issue as stale
          days-before-stale: -1
          # Override 'days-before-stale' for PR only
          days-before-pr-stale: 30
          # Close PRs immediately, after marking them 'stale'
          days-before-pr-close: 0
          # only run the action on merge conflict PR
          any-of-labels: 'PR: Merge Conflict'
          exempt-pr-labels: 'internal, never-stale, ON HOLD, WIP'
          exempt-all-pr-assignees: true
          operations-per-run: 300
          stale-pr-message: ''
          close-pr-message: 'Existing merge conflicts have not been addressed. This PR is considered abandoned.'
--- a/.github/workflows/sync-back-to-dev.yml
+++ b/.github/workflows/sync-back-to-dev.yml
@@ -0,0 +1,40 @@
 name: Sync Back to Development
 on:
  push:
    branches:
      - master
 # The section is needed to drop the default write-all permissions for all jobs
 # that are granted on `push` event. By specifying any permission explicitly
 # all others are set to none. By using the principle of least privilege the damage a compromised
 # workflow can do (because of an injection or compromised third party tool or
 # action) is restricted. Adding labels to issues, commenting
 # on pull-requests, etc. may need additional permissions:
 #
 # Syntax for this section:
 # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
 #
 # Reference for how to assign permissions on a job-by-job basis:
 # https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
 #
 # Reference for available permissions that we can enable if needed:
 # https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token
 permissions: {}
 jobs:
  sync-branches:
    # The job needs to be able to pull the code and create a pull request.
    permissions:
      contents: read #  for actions/checkout
      pull-requests: write #  to create pull request
    runs-on: ubuntu-latest
    name: Syncing branches
    steps:
      - name: Checkout
        uses: actions/checkout@v4.2.2
      - name: Opening pull request
        run: gh pr create -B development -H master --title 'Sync master back into development' --body 'Created by Github action' --label 'internal'
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -4,45 +4,88 @@ on:
  pull_request:
    types: [opened, synchronize, reopened, ready_for_review]
 permissions:
  contents: read
 env:
  FORCE_COLOR: 1
  PYTHONUNBUFFERED: 1
  PYTHONUTF8: 1
 jobs:
-  smoke-test:
+  smoke-tests:
    if: github.event.pull_request.draft == false
    runs-on: ubuntu-latest
    steps:
-    -
+      - name: Checkout repository
-      name: Checkout repository
+        uses: actions/checkout@v4.2.2
-      uses: actions/checkout@v2
+
-    -
+      - name: Check scripts in repository are executable
-      name: Run Smoke Tests
+        run: |
-      run: |
+          IFS=$'\n';
-        # Ensure scripts in repository are executable
+          for f in $(find . -name '*.sh'); do if [[ ! -x $f ]]; then echo "$f is not executable" && FAIL=1; fi ;done
-        IFS=$'\n';
+          unset IFS;
-        for f in $(find . -name '*.sh'); do if [[ ! -x $f ]]; then echo "$f is not executable" && FAIL=1; fi ;done
+          # If FAIL is 1 then we fail.
-        unset IFS;
+          [[ $FAIL == 1 ]] && exit 1 || echo "Scripts are executable!"
-        # If FAIL is 1 then we fail.
+
-        [[ $FAIL == 1 ]] && exit 1 || echo "Smoke Tests Passed"
+      - name: Run shellcheck
        uses: ludeeus/action-shellcheck@master
        with:
          check_together: 'yes'
          format: tty
          severity: error
      - name: Spell-Checking
        uses: codespell-project/actions-codespell@master
        with:
          ignore_words_file: .codespellignore
      - name: Get editorconfig-checker
        uses: editorconfig-checker/action-editorconfig-checker@main # tag v1.0.0 is really out of date
      - name: Run editorconfig-checker
        run: editorconfig-checker
      - name: Check python code formatting with black
        uses: psf/black@stable
        with:
          src: "./test"
          options: "--check --diff --color"
  distro-test:
    if: github.event.pull_request.draft == false
    runs-on: ubuntu-latest
-    needs: smoke-test
+    needs: smoke-tests
    strategy:
      fail-fast: false
      matrix:
-        distro: [debian_9, debian_10, debian_11, ubuntu_16, ubuntu_18, ubuntu_20, ubuntu_21, centos_7, centos_8, fedora_33, fedora_34]
+        distro:
          [
            debian_11,
            debian_12,
            ubuntu_20,
            ubuntu_22,
            ubuntu_24,
            centos_9,
            fedora_40,
            fedora_41,
          ]
    env:
      DISTRO: ${{matrix.distro}}
    steps:
-    -
+      - name: Checkout repository
-      name: Checkout repository
+        uses: actions/checkout@v4.2.2
-      uses: actions/checkout@v2
+
-    -
+      - name: Set up Python 3.10
-      name: Set up Python 3.7
+        uses: actions/setup-python@v5.3.0
-      uses: actions/setup-python@v2
+        with:
-      with:
+          python-version: "3.10"
-        python-version: 3.7
+
-    -
+      - name: Install wheel
-      name: Install dependencies
+        run:  pip install wheel
-      run: pip install -r test/requirements.txt
+
-    -
+      - name: Install dependencies
-      name: Test with tox
+        run: pip install -r test/requirements.txt
-      run: tox -c test/tox.${DISTRO}.ini
+
      - name: Test with tox
        run: tox -c test/tox.${DISTRO}.ini
--- a/.gitignore
+++ b/.gitignore
@@ -9,3 +9,4 @@ __pycache__
 *.egg-info
 .idea/
 *.iml
 .vscode/
--- a/.stickler.yml
+++ b/.stickler.yml
@@ -1,6 +0,0 @@
 linters:
  shellcheck:
    shell: bash
  phpcs:
  flake8:
    max-line-length: 120
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -2,111 +2,4 @@
 Please read and understand the contribution guide before creating an issue or pull request.
-## Etiquette
+The guide can be found here: [https://docs.pi-hole.net/guides/github/contributing/](https://docs.pi-hole.net/guides/github/contributing/)
 - Our goal for Pi-hole is **stability before features**. This means we focus on squashing critical bugs before adding new features. Often, we can do both in tandem, but bugs will take priority over a new feature.
 - Pi-hole is open source and [powered by donations](https://pi-hole.net/donate/), and as such, we give our **free time** to build, maintain, and **provide user support** for this project. It would be extremely unfair for us to suffer abuse or anger for our hard work, so please take a moment to consider that.
 - Please be considerate towards the developers and other users when raising issues or presenting pull requests.
 - Respect our decision(s), and do not be upset or abusive if your submission is not used.
 ## Viability
 When requesting or submitting new features, first consider whether it might be useful to others. Open source projects are used by many people, who may have entirely different needs to your own. Think about whether or not your feature is likely to be used by other users of the project.
 ## Procedure
 **Before filing an issue:**
 - Attempt to replicate and **document** the problem, to ensure that it wasn't a coincidental incident.
 - Check to make sure your feature suggestion isn't already present within the project.
 - Check the pull requests tab to ensure that the bug doesn't have a fix in progress.
 - Check the pull requests tab to ensure that the feature isn't already in progress.
 **Before submitting a pull request:**
 - Check the codebase to ensure that your feature doesn't already exist.
 - Check the pull requests to ensure that another person hasn't already submitted the feature or fix.
 - Read and understand the [DCO guidelines](https://docs.pi-hole.net/guides/github/contributing/) for the project.
 ## Technical Requirements
 - Submit Pull Requests to the **development branch only**.
 - Before Submitting your Pull Request, merge `development` with your new branch and fix any conflicts. (Make sure you don't break anything in development!)
 - Please use the [Google Style Guide for Shell](https://google.github.io/styleguide/shell.xml) for your code submission styles.
 - Commit Unix line endings.
 - Please use the Pi-hole brand: **Pi-hole** (Take a special look at the capitalized 'P' and a low 'h' with a hyphen)
 - (Optional fun) keep to the theme of Star Trek/black holes/gravity.
 ## Forking and Cloning from GitHub to GitHub
 1. Fork <https://github.com/pi-hole/pi-hole/> to a repo under a namespace you control, or have permission to use, for example: `https://github.com/<your_namespace>/<your_repo_name>/`. You can do this from the github.com website.
 2. Clone `https://github.com/<your_namespace>/<your_repo_name>/` with the tool of you choice.
 3. To keep your fork in sync with our repo, add an upstream remote for pi-hole/pi-hole to your repo.
    ```bash
    git remote add upstream https://github.com/pi-hole/pi-hole.git
    ```
 4. Checkout the `development` branch from your fork `https://github.com/<your_namespace>/<your_repo_name>/`.
 5. Create a topic/branch, based on the `development` branch code. *Bonus fun to keep to the theme of Star Trek/black holes/gravity.*
 6. Make your changes and commit to your topic branch in your repo.
 7. Rebase your commits and squash any insignificant commits. See the notes below for an example.
 8. Merge `development` your branch and fix any conflicts.
 9. Open a Pull Request to merge your topic branch into our repo's `development` branch.
 - Keep in mind the technical requirements from above.
 ## Forking and Cloning from GitHub to other code hosting sites
 - Forking is a GitHub concept and cannot be done from GitHub to other git-based code hosting sites. However, those sites may be able to mirror a GitHub repo.
 1. To contribute from another code hosting site, you must first complete the steps above to fork our repo to a GitHub namespace you have permission to use, for example: `https://github.com/<your_namespace>/<your_repo_name>/`.
 2. Create a repo in your code hosting site, for example: `https://gitlab.com/<your_namespace>/<your_repo_name>/`
 3. Follow the instructions from your code hosting site to create a mirror between `https://github.com/<your_namespace>/<your_repo_name>/` and `https://gitlab.com/<your_namespace>/<your_repo_name>/`.
 4. When you are ready to create a Pull Request (PR), follow the steps `(starting at step #6)` from [Forking and Cloning from GitHub to GitHub](#forking-and-cloning-from-github-to-github) and create the PR from `https://github.com/<your_namespace>/<your_repo_name>/`.
 ## Notes for squashing commits with rebase
 - To rebase your commits and squash previous commits, you can use:
    ```bash
    git rebase -i your_topic_branch~(number of commits to combine)
    ```
 - For more details visit [gitready.com](http://gitready.com/advanced/2009/02/10/squashing-commits-with-rebase.html)
 1. The following would combine the last four commits in the branch `mytopic`.
    ```bash
    git rebase -i mytopic~4
    ```
 2. An editor window opens with the most recent commits indicated: (edit the commands to the left of the commit ID)
    ```gitattributes
    pick 9dff55b2 existing commit comments
    squash ebb1a730 existing commit comments
    squash 07cc5b50 existing commit comments
    reword 9dff55b2 existing commit comments
    ```
 3. Save and close the editor. The next editor window opens: (edit the new commit message). *If you select reword for a commit, an additional editor window will open for you to edit the comment.*
    ```bash
    new commit comments
    Signed-off-by: yourname <your email address>
    ```
 4. Save and close the editor for the rebase process to execute. The terminal output should say something like the following:
    ```bash
    Successfully rebased and updated refs/heads/mytopic.
    ```
 5. Once you have a successful rebase, and before you sync your local clone, you have to force push origin to update your repo:
    ```bash
    git push -f origin
    ```
 6. Continue on from step #7 from [Forking and Cloning from GitHub to GitHub](#forking-and-cloning-from-github-to-github)
--- a/README.md
+++ b/README.md
@@ -3,23 +3,26 @@
 #
 <p align="center">
-    <a href="https://pi-hole.net/">
+  <picture>
-        <img src="https://pi-hole.github.io/graphics/Vortex/Vortex_with_Wordmark.svg" width="150" height="260" alt="Pi-hole">
+    <source media="(prefers-color-scheme: dark)" srcset="https://pi-hole.github.io/graphics/Vortex/Vortex_Vertical_wordmark_darkmode.png">
-    </a>
+    <source media="(prefers-color-scheme: light)" srcset="https://pi-hole.github.io/graphics/Vortex/Vortex_Vertical_wordmark_lightmode.png">
    <img src="https://pi-hole.github.io/graphics/Vortex/Vortex_Vertical_wordmark_lightmode.png" width="168" height="270" alt="Pi-hole website">
  </picture>
    <br>
    <strong>Network-wide ad blocking via your own Linux hardware</strong>
 </p>
 <!-- markdownlint-enable MD033 -->
 The Pi-hole® is a [DNS sinkhole](https://en.wikipedia.org/wiki/DNS_Sinkhole) that protects your devices from unwanted content without installing any client-side software.
- **Easy-to-install**: our versatile installer walks you through the process and takes less than ten minutes
+- **Easy-to-install**: our dialogs walk you through the simple installation process in less than ten minutes
 - **Resolute**: content is blocked in _non-browser locations_, such as ad-laden mobile apps and smart TVs
 - **Responsive**: seamlessly speeds up the feel of everyday browsing by caching DNS queries
 - **Lightweight**: runs smoothly with [minimal hardware and software requirements](https://docs.pi-hole.net/main/prerequisites/)
- **Robust**: a command line interface that is quality assured for interoperability
+- **Robust**: a command-line interface that is quality assured for interoperability
 - **Insightful**: a beautiful responsive Web Interface dashboard to view and control your Pi-hole
- **Versatile**: can optionally function as a [DHCP server](https://discourse.pi-hole.net/t/how-do-i-use-pi-holes-built-in-dhcp-server-and-why-would-i-want-to/3026), ensuring *all* your devices are protected automatically
+- **Versatile**: can optionally function as a [DHCP server](https://discourse.pi-hole.net/t/how-do-i-use-pi-holes-built-in-dhcp-server-and-why-would-i-want-to/3026), ensuring _all_ your devices are protected automatically
 - **Scalable**: [capable of handling hundreds of millions of queries](https://pi-hole.net/2017/05/24/how-much-traffic-can-pi-hole-handle/) when installed on server-grade hardware
 - **Modern**: blocks ads over both IPv4 and IPv6
 - **Free**: open source software that helps ensure _you_ are the sole person in control of your privacy
@@ -30,7 +33,9 @@ The Pi-hole® is a [DNS sinkhole](https://en.wikipedia.org/wiki/DNS_Sinkhole) th
 Those who want to get started quickly and conveniently may install Pi-hole using the following command:
-### `curl -sSL https://install.pi-hole.net | bash`
+```bash
 curl -sSL https://install.pi-hole.net | bash
 ```
 ## Alternative Install Methods
@@ -50,12 +55,14 @@ sudo bash basic-install.sh
 wget -O basic-install.sh https://install.pi-hole.net
 sudo bash basic-install.sh
 ```
 ### Method 3: Using Docker to deploy Pi-hole
 Please refer to the [Pi-hole docker repo](https://github.com/pi-hole/docker-pi-hole) to use the Official Docker Images.
 ## [Post-install: Make your network take advantage of Pi-hole](https://docs.pi-hole.net/main/post-install/)
-Once the installer has been run, you will need to [configure your router to have **DHCP clients use Pi-hole as their DNS server**](https://discourse.pi-hole.net/t/how-do-i-configure-my-devices-to-use-pi-hole-as-their-dns-server/245) which ensures that all devices connecting to your network will have content blocked without any further intervention.
+Once the installer has been run, you will need to [configure your router to have **DHCP clients use Pi-hole as their DNS server**](https://discourse.pi-hole.net/t/how-do-i-configure-my-devices-to-use-pi-hole-as-their-dns-server/245). This router configuration will ensure that all devices connecting to your network will have content blocked without any further intervention.
 If your router does not support setting the DNS server, you can [use Pi-hole's built-in DHCP server](https://discourse.pi-hole.net/t/how-do-i-use-pi-holes-built-in-dhcp-server-and-why-would-i-want-to/3026); be sure to disable DHCP on your router first (if it has that feature available).
@@ -65,7 +72,7 @@ As a last resort, you can manually set each device to use Pi-hole as their DNS s
 ## Pi-hole is free but powered by your support
-There are many reoccurring costs involved with maintaining free, open source, and privacy-respecting software; expenses which [our volunteer developers](https://github.com/orgs/pi-hole/people) pitch in to cover out-of-pocket. This is just one example of how strongly we feel about our software and the importance of keeping it maintained.
+There are many reoccurring costs involved with maintaining free, open-source, and privacy-respecting software; expenses which [our volunteer developers](https://github.com/orgs/pi-hole/people) pitch in to cover out-of-pocket. This is just one example of how strongly we feel about our software and the importance of keeping it maintained.
 Make no mistake: **your support is absolutely vital to help keep us innovating!**
@@ -82,7 +89,7 @@ If you'd rather not donate (_which is okay!_), there are other ways you can help
 - [Hetzner Cloud](https://hetzner.cloud/?ref=7aceisRX3AzA) _affiliate link_
 - [Digital Ocean](https://www.digitalocean.com/?refcode=344d234950e1) _affiliate link_
 - [Stickermule](https://www.stickermule.com/unlock?ref_id=9127301701&utm_medium=link&utm_source=invite) _earn a $10 credit after your first purchase_
- [Amazon US](http://www.amazon.com/exec/obidos/redirect-home/pihole09-20) _affiliate link_
+- [Amazon US](https://www.amazon.com/exec/obidos/redirect-home/pihole09-20) _affiliate link_
 - Spreading the word about our software and how you have benefited from it
 ### Contributing via GitHub
@@ -112,7 +119,7 @@ While we are primarily reachable on our [Discourse User Forum](https://discourse
 ### [Faster-than-light Engine](https://github.com/pi-hole/ftl)
-[FTLDNS](https://github.com/pi-hole/ftl) is a lightweight, purpose-built daemon used to provide statistics needed for the Web Interface, and its API can be easily integrated into your own projects. As the name implies, FTLDNS does this all *very quickly*!
+[FTLDNS](https://github.com/pi-hole/ftl) is a lightweight, purpose-built daemon used to provide statistics needed for the Web Interface, and its API can be easily integrated into your own projects. As the name implies, FTLDNS does this all _very quickly_!
 Some of the statistics you can integrate include:
@@ -127,9 +134,9 @@ Some of the statistics you can integrate include:
 Access the API via [`telnet`](https://github.com/pi-hole/FTL), the Web (`admin/api.php`) and Command Line (`pihole -c -j`). You can find out [more details over here](https://discourse.pi-hole.net/t/pi-hole-api/1863).
-### The Command Line Interface
+### The Command-Line Interface
-The [pihole](https://docs.pi-hole.net/core/pihole-command/) command has all the functionality necessary to fully administer the Pi-hole, without the need of the Web Interface. It's fast, user-friendly, and auditable by anyone with an understanding of `bash`.
+The [pihole](https://docs.pi-hole.net/core/pihole-command/) command has all the functionality necessary to fully administer the Pi-hole, without the need for the Web Interface. It's fast, user-friendly, and auditable by anyone with an understanding of `bash`.
 Some notable features include:
@@ -139,13 +146,13 @@ Some notable features include:
 - [Updating Ad Lists](https://docs.pi-hole.net/core/pihole-command/#gravity)
 - [Querying Ad Lists for blocked domains](https://docs.pi-hole.net/core/pihole-command/#query)
 - [Enabling and Disabling Pi-hole](https://docs.pi-hole.net/core/pihole-command/#enable-disable)
- ... and *many* more!
+- ... and _many_ more!
 You can read our [Core Feature Breakdown](https://docs.pi-hole.net/core/pihole-command/#pi-hole-core) for more information.
 ### The Web Interface Dashboard
-This [optional dashboard](https://github.com/pi-hole/AdminLTE) allows you to view stats, change settings, and configure your Pi-hole. It's the power of the Command Line Interface, with none of the learning curve!
+This [optional dashboard](https://github.com/pi-hole/web) allows you to view stats, change settings, and configure your Pi-hole. It's the power of the Command Line Interface, with none of the learning curve!
 Some notable features include:
@@ -161,4 +168,4 @@ Some notable features include:
 There are several ways to [access the dashboard](https://discourse.pi-hole.net/t/how-do-i-access-pi-holes-dashboard-admin-interface/3168):
 1. `http://pi.hole/admin/` (when using Pi-hole as your DNS server)
-2. `http://<IP_ADDPRESS_OF_YOUR_PI_HOLE>/admin/`
+2. `http://<IP_ADDRESS_OF_YOUR_PI_HOLE>/admin/`
--- a/advanced/01-pihole.conf
+++ b/advanced/01-pihole.conf
@@ -1,42 +0,0 @@
 # Pi-hole: A black hole for Internet advertisements
 # (c) 2017 Pi-hole, LLC (https://pi-hole.net)
 # Network-wide ad blocking via your own hardware.
 #
 # Dnsmasq config for Pi-hole's FTLDNS
 #
 # This file is copyright under the latest version of the EUPL.
 # Please see LICENSE file for your rights under this license.
 ###############################################################################
 #      FILE AUTOMATICALLY POPULATED BY PI-HOLE INSTALL/UPDATE PROCEDURE.      #
 # ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
 #                                                                             #
 #        IF YOU WISH TO CHANGE THE UPSTREAM SERVERS, CHANGE THEM IN:          #
 #                      /etc/pihole/setupVars.conf                             #
 #                                                                             #
 #        ANY OTHER CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE           #
 #                    WITHIN /etc/dnsmasq.d/yourname.conf                      #
 ###############################################################################
 addn-hosts=/etc/pihole/local.list
 addn-hosts=/etc/pihole/custom.list
 domain-needed
 localise-queries
 bogus-priv
 no-resolv
 server=@DNS1@
 server=@DNS2@
 interface=@INT@
 cache-size=@CACHE_SIZE@
 log-queries
 log-facility=/var/log/pihole.log
 log-async
--- a/advanced/06-rfc6761.conf
+++ b/advanced/06-rfc6761.conf
@@ -1,41 +0,0 @@
 # Pi-hole: A black hole for Internet advertisements
 # (c) 2021 Pi-hole, LLC (https://pi-hole.net)
 # Network-wide ad blocking via your own hardware.
 #
 # RFC 6761 config file for Pi-hole
 #
 # This file is copyright under the latest version of the EUPL.
 # Please see LICENSE file for your rights under this license.
 ###############################################################################
 #      FILE AUTOMATICALLY POPULATED BY PI-HOLE INSTALL/UPDATE PROCEDURE.      #
 # ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
 #                                                                             #
 #             CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE                #
 #                    WITHIN /etc/dnsmasq.d/yourname.conf                      #
 ###############################################################################
 # RFC 6761: Caching DNS servers SHOULD recognize
 #     test, localhost, invalid
 # names as special and SHOULD NOT attempt to look up NS records for them, or
 # otherwise query authoritative DNS servers in an attempt to resolve these
 # names.
 server=/test/
 server=/localhost/
 server=/invalid/
 # The same RFC requests something similar for
 #     16.172.in-addr.arpa.  22.172.in-addr.arpa.  27.172.in-addr.arpa.
 #     17.172.in-addr.arpa.  30.172.in-addr.arpa.  28.172.in-addr.arpa.
 #     18.172.in-addr.arpa.  23.172.in-addr.arpa.  29.172.in-addr.arpa.
 #     19.172.in-addr.arpa.  24.172.in-addr.arpa.  31.172.in-addr.arpa.
 #     20.172.in-addr.arpa.  25.172.in-addr.arpa.  168.192.in-addr.arpa.
 # Pi-hole implements this via the dnsmasq option "bogus-priv" (see
 # 01-pihole.conf) because this also covers IPv6.
 # OpenWRT furthermore blocks    bind, local, onion    domains
 # see https://git.openwrt.org/?p=openwrt/openwrt.git;a=blob_plain;f=package/network/services/dnsmasq/files/rfc6761.conf;hb=HEAD
 # and https://www.iana.org/assignments/special-use-domain-names/special-use-domain-names.xhtml
 # We do not include the ".local" rule ourselves, see https://github.com/pi-hole/pi-hole/pull/4282#discussion_r689112972
 server=/bind/
 server=/onion/
--- a/advanced/GIFs/25Bytes.gif
+++ b/advanced/GIFs/25Bytes.gif
--- a/advanced/GIFs/26Bytes.gif
+++ b/advanced/GIFs/26Bytes.gif
--- a/advanced/GIFs/37Bytes.gif
+++ b/advanced/GIFs/37Bytes.gif
--- a/advanced/GIFs/43Bytes.gif
+++ b/advanced/GIFs/43Bytes.gif
--- a/advanced/Scripts/COL_TABLE
+++ b/advanced/Scripts/COL_TABLE
@@ -1,5 +1,5 @@
 # Determine if terminal is capable of showing colors
-if [[ -t 1 ]] && [[ $(tput colors) -ge 8 ]]; then
+if ([ -t 1 ] && [ $(tput colors) -ge 8 ]) || [ "${WEBCALL}" ]; then
  # Bold and underline may not show up on all clients
  # If something MUST be emphasized, use both
  COL_BOLD='[1m'
--- a/advanced/Scripts/api.sh
+++ b/advanced/Scripts/api.sh
@@ -0,0 +1,290 @@
 #!/usr/bin/env sh
 # shellcheck disable=SC3043 #https://github.com/koalaman/shellcheck/wiki/SC3043#exceptions
 # Pi-hole: A black hole for Internet advertisements
 # (c) 2017 Pi-hole, LLC (https://pi-hole.net)
 # Network-wide ad blocking via your own hardware.
 #
 # Script to hold api functions for use in other scripts
 #
 # This file is copyright under the latest version of the EUPL.
 # Please see LICENSE file for your rights under this license.
 # The basic usage steps are
 # 1) Test Availability of the API
 # 2) Try to authenticate (read password if needed)
 # 3) Get the data from the API endpoint
 # 4) Delete the session
 TestAPIAvailability() {
    # as we are running locally, we can get the port value from FTL directly
    local chaos_api_list availabilityResponse
    # Query the API URLs from FTL using CHAOS TXT local.api.ftl
    # The result is a space-separated enumeration of full URLs
    # e.g., "http://localhost:80/api/" "https://localhost:443/api/"
    chaos_api_list="$(dig +short chaos txt local.api.ftl @127.0.0.1)"
    # If the query was not successful, the variable is empty
    if [ -z "${chaos_api_list}" ]; then
        echo "API not available. Please check connectivity"
        exit 1
    fi
    # Iterate over space-separated list of URLs
    while [ -n "${chaos_api_list}" ]; do
        # Get the first URL
        API_URL="${chaos_api_list%% *}"
        # Strip leading and trailing quotes
        API_URL="${API_URL%\"}"
        API_URL="${API_URL#\"}"
        # Test if the API is available at this URL
        availabilityResponse=$(curl -skS -o /dev/null -w "%{http_code}" "${API_URL}auth")
        # Test if http status code was 200 (OK) or 401 (authentication required)
        if [ ! "${availabilityResponse}" = 200 ] && [ ! "${availabilityResponse}" = 401 ]; then
            # API is not available at this port/protocol combination
            API_PORT=""
        else
            # API is available at this URL combination
            if [ "${availabilityResponse}" = 200 ]; then
                # API is available without authentication
                needAuth=false
            fi
            break
        fi
        # Remove the first URL from the list
        local last_api_list
        last_api_list="${chaos_api_list}"
        chaos_api_list="${chaos_api_list#* }"
        # If the list did not change, we are at the last element
        if [ "${last_api_list}" = "${chaos_api_list}" ]; then
            # Remove the last element
            chaos_api_list=""
        fi
    done
    # if API_PORT is empty, no working API port was found
    if [ -n "${API_PORT}" ]; then
        echo "API not available at: ${API_URL}"
        echo "Exiting."
        exit 1
    fi
 }
 LoginAPI() {
    # If the API URL is not set, test the availability
    if [ -z "${API_URL}" ]; then
        TestAPIAvailability
    fi
    # Exit early if authentication is not needed
    if [ "${needAuth}" = false ]; then
        if [ "${1}" = "verbose" ]; then
            echo "API Authentication: Not needed"
        fi
        return
    fi
    # Try to read the CLI password (if enabled and readable by the current user)
    if [ -r /etc/pihole/cli_pw ]; then
        password=$(cat /etc/pihole/cli_pw)
        if [ "${1}" = "verbose" ]; then
            echo "API Authentication: Trying to use CLI password"
        fi
        # Try to authenticate using the CLI password
        Authentication "${1}"
    elif [ "${1}" = "verbose" ]; then
        echo "API Authentication: CLI password not available"
    fi
    # If this did not work, ask the user for the password
    while [ "${validSession}" = false ] || [ -z "${validSession}" ] ; do
        echo "Authentication failed. Please enter your Pi-hole password"
        # secretly read the password
        secretRead; printf '\n'
        # Try to authenticate again
        Authentication "${1}"
    done
 }
 Authentication() {
  sessionResponse="$(curl -skS -X POST "${API_URL}auth" --user-agent "Pi-hole cli " --data "{\"password\":\"${password}\"}" )"
  if [ -z "${sessionResponse}" ]; then
    echo "No response from FTL server. Please check connectivity"
    exit 1
  fi
  # obtain validity and session ID from session response
  validSession=$(echo "${sessionResponse}"| jq .session.valid 2>/dev/null)
  SID=$(echo "${sessionResponse}"| jq --raw-output .session.sid 2>/dev/null)
  if [ "${1}" = "verbose" ]; then
    if [ "${validSession}" = true ]; then
      echo "API Authentication: ${COL_GREEN}Success${COL_NC}"
    else
      echo "API Authentication: ${COL_RED}Failed${COL_NC}"
    fi
  fi
 }
 LogoutAPI() {
    # if a valid Session exists (no password required or successful Authentication) and
    # SID is not null (successful Authentication only), delete the session
    if [ "${validSession}" = true ] && [ ! "${SID}" = null ]; then
        # Try to delete the session. Omit the output, but get the http status code
        deleteResponse=$(curl -skS -o /dev/null -w "%{http_code}" -X DELETE "${API_URL}auth"  -H "Accept: application/json" -H "sid: ${SID}")
        case "${deleteResponse}" in
            "401") echo "Logout attempt without a valid session. Unauthorized!";;
            "204") if [ "${1}" = "verbose" ]; then echo "API Logout: ${COL_GREEN}Success${COL_NC} (session deleted)"; fi;;
        esac;
    elif [ "${1}" = "verbose" ]; then
        echo "API Logout: ${COL_GREEN}Success${COL_NC} (no valid session)"
    fi
 }
 GetFTLData() {
  local data response status
  # get the data from querying the API as well as the http status code
  response=$(curl -skS -w "%{http_code}" -X GET "${API_URL}$1" -H "Accept: application/json" -H "sid: ${SID}" )
  # status are the last 3 characters
  status="${response#"${response%???}"}"
  # data is everything from response without the last 3 characters
  data="${response%???}"
  if [ "${2}" = "raw" ]; then
    # return the raw response
    echo "${response}"
  else
    # return only the data
    if [ "${status}" = 200 ]; then
        # response OK
        echo "${data}"
    else
        # connection lost
        echo "${status}"
    fi
  fi
 }
 PostFTLData() {
  local data response status
  # send the data to the API
  response=$(curl -skS -w "%{http_code}" -X POST "${API_URL}$1" --data-raw "$2" -H "Accept: application/json" -H "sid: ${SID}" )
  # data is everything from response without the last 3 characters
  if [ "${3}" = "status" ]; then
    # Keep the status code appended if requested
    printf %s "${response}"
  else
    # Strip the status code
    printf %s "${response%???}"
  fi
 }
 secretRead() {
    # POSIX compliant function to read user-input and
    # mask every character entered by (*)
    #
    # This is challenging, because in POSIX, `read` does not support
    # `-s` option (suppressing the input) or
    # `-n` option (reading n chars)
    # This workaround changes the terminal characteristics to not echo input and later resets this option
    # credits https://stackoverflow.com/a/4316765
    # showing asterisk instead of password
    # https://stackoverflow.com/a/24600839
    # https://unix.stackexchange.com/a/464963
    # Save current terminal settings (needed for later restore after password prompt)
    stty_orig=$(stty -g)
    stty -echo # do not echo user input
    stty -icanon min 1 time 0 # disable canonical mode https://man7.org/linux/man-pages/man3/termios.3.html
    unset password
    unset key
    unset charcount
    charcount=0
    while key=$(dd ibs=1 count=1 2>/dev/null); do #read one byte of input
        if [ "${key}" = "$(printf '\0' | tr -d '\0')" ] ; then
            # Enter - accept password
            break
        fi
        if [ "${key}" = "$(printf '\177')" ] ; then
            # Backspace
            if [ $charcount -gt 0 ] ; then
                charcount=$((charcount-1))
                printf '\b \b'
                password="${password%?}"
            fi
        else
            # any other character
            charcount=$((charcount+1))
            printf '*'
            password="$password$key"
        fi
    done
    # restore original terminal settings
    stty "${stty_orig}"
 }
 apiFunc() {
  local data response status status_col
  # Authenticate with the API
  LoginAPI verbose
  echo ""
  echo "Requesting: ${COL_PURPLE}GET ${COL_CYAN}${API_URL}${COL_YELLOW}$1${COL_NC}"
  echo ""
  # Get the data from the API
  response=$(GetFTLData "$1" raw)
  # status are the last 3 characters
  status="${response#"${response%???}"}"
  # data is everything from response without the last 3 characters
  data="${response%???}"
  # Output the status (200 -> green, else red)
  if [ "${status}" = 200 ]; then
    status_col="${COL_GREEN}"
  else
    status_col="${COL_RED}"
  fi
  echo "Status: ${status_col}${status}${COL_NC}"
  # Output the data. Format it with jq if available and data is actually JSON.
  # Otherwise just print it
  echo "Data:"
  if command -v jq >/dev/null && echo "${data}" | jq . >/dev/null 2>&1; then
    echo "${data}" | jq .
  else
    echo "${data}"
  fi
  # Delete the session
  LogoutAPI verbose
 }
--- a/advanced/Scripts/chronometer.sh
+++ b/advanced/Scripts/chronometer.sh
@@ -1,575 +0,0 @@
 #!/usr/bin/env bash
 # shellcheck disable=SC1090,SC1091
 # Pi-hole: A black hole for Internet advertisements
 # (c) 2017 Pi-hole, LLC (https://pi-hole.net)
 # Network-wide ad blocking via your own hardware.
 #
 # Calculates stats and displays to an LCD
 #
 # This file is copyright under the latest version of the EUPL.
 # Please see LICENSE file for your rights under this license.
 LC_ALL=C
 LC_NUMERIC=C
 # Retrieve stats from FTL engine
 pihole-FTL() {
    local ftl_port LINE
    ftl_port=$(cat /run/pihole-FTL.port 2> /dev/null)
    if [[ -n "$ftl_port" ]]; then
        # Open connection to FTL
        exec 3<>"/dev/tcp/127.0.0.1/$ftl_port"
        # Test if connection is open
        if { "true" >&3; } 2> /dev/null; then
            # Send command to FTL and ask to quit when finished
            echo -e ">$1 >quit" >&3
            # Read input until we received an empty string and the connection is
            # closed
            read -r -t 1 LINE <&3
            until [[ -z "${LINE}" ]] && [[ ! -t 3 ]]; do
                echo "$LINE" >&1
                read -r -t 1 LINE <&3
            done
            # Close connection
            exec 3>&-
            exec 3<&-
        fi
    else
        echo "0"
    fi
 }
 # Print spaces to align right-side additional text
 printFunc() {
    local text_last
    title="$1"
    title_len="${#title}"
    text_main="$2"
    text_main_nocol="$text_main"
    if [[ "${text_main:0:1}" == "" ]]; then
        text_main_nocol=$(sed 's/\[[0-9;]\{1,5\}m//g' <<< "$text_main")
    fi
    text_main_len="${#text_main_nocol}"
    text_addn="$3"
    if [[ "$text_addn" == "last" ]]; then
        text_addn=""
        text_last="true"
    fi
    # If there is additional text, define max length of text_main
    if [[ -n "$text_addn" ]]; then
        case "$scr_cols" in
            [0-9]|1[0-9]|2[0-9]|3[0-9]|4[0-4]) text_main_max_len="9";;
            4[5-9]) text_main_max_len="14";;
            *) text_main_max_len="19";;
        esac
    fi
    [[ -z "$text_addn" ]] && text_main_max_len="$(( scr_cols - title_len ))"
    # Remove excess characters from main text
    if [[ "$text_main_len" -gt "$text_main_max_len" ]]; then
        # Trim text without colors
        text_main_trim="${text_main_nocol:0:$text_main_max_len}"
        # Replace with trimmed text
        text_main="${text_main/$text_main_nocol/$text_main_trim}"
    fi
    # Determine amount of spaces for each line
    if [[ -n "$text_last" ]]; then
        # Move cursor to end of screen
        spc_num=$(( scr_cols - ( title_len + text_main_len ) ))
    else
        spc_num=$(( text_main_max_len - text_main_len ))
    fi
    [[ "$spc_num" -le 0 ]] && spc_num="0"
    spc=$(printf "%${spc_num}s")
    #spc="${spc// /.}" # Debug: Visualize spaces
    printf "%s%s$spc" "$title" "$text_main"
    if [[ -n "$text_addn" ]]; then
        printf "%s(%s)%s\\n" "$COL_NC$COL_DARK_GRAY" "$text_addn" "$COL_NC"
    else
        # Do not print trailing newline on final line
        [[ -z "$text_last" ]] && printf "%s\\n" "$COL_NC"
    fi
 }
 # Perform on first Chrono run (not for JSON formatted string)
 get_init_stats() {
    calcFunc(){ awk "BEGIN {print $*}" 2> /dev/null; }
    # Convert bytes to human-readable format
    hrBytes() {
        awk '{
            num=$1;
            if(num==0) {
                print "0 B"
            } else {
                xxx=(num<0?-num:num)
                sss=(num<0?-1:1)
                split("B KB MB GB TB PB",type)
                for(i=5;yyy < 1;i--) {
                    yyy=xxx / (2^(10*i))
                }
            printf "%.0f " type[i+2], yyy*sss
            }
        }' <<< "$1";
    }
    # Convert seconds to human-readable format
    hrSecs() {
        day=$(( $1/60/60/24 )); hrs=$(( $1/3600%24 ))
        mins=$(( ($1%3600)/60 )); secs=$(( $1%60 ))
        [[ "$day" -ge "2" ]] && plu="s"
        [[ "$day" -ge "1" ]] && days="$day day${plu}, " || days=""
        printf "%s%02d:%02d:%02d\\n" "$days" "$hrs" "$mins" "$secs"
    }
    # Set Color Codes
    coltable="/opt/pihole/COL_TABLE"
    if [[ -f "${coltable}" ]]; then
        source ${coltable}
    else
        COL_NC="[0m"
        COL_DARK_GRAY="[1;30m"
        COL_LIGHT_GREEN="[1;32m"
        COL_LIGHT_BLUE="[1;34m"
        COL_LIGHT_RED="[1;31m"
        COL_YELLOW="[1;33m"
        COL_LIGHT_RED="[1;31m"
        COL_URG_RED="[39;41m"
    fi
    # Get RPi throttle state (RPi 3B only) & model number, or OS distro info
    if command -v vcgencmd &> /dev/null; then
        local sys_throttle_raw
        local sys_rev_raw
        sys_throttle_raw=$(vgt=$(sudo vcgencmd get_throttled); echo "${vgt##*x}")
        # Active Throttle Notice: https://bit.ly/2gnunOo
        if [[ "$sys_throttle_raw" != "0" ]]; then
            case "$sys_throttle_raw" in
                *0001) thr_type="${COL_YELLOW}Under Voltage";;
                *0002) thr_type="${COL_LIGHT_BLUE}Arm Freq Cap";;
                *0003) thr_type="${COL_YELLOW}UV${COL_DARK_GRAY},${COL_NC} ${COL_LIGHT_BLUE}AFC";;
                *0004) thr_type="${COL_LIGHT_RED}Throttled";;
                *0005) thr_type="${COL_YELLOW}UV${COL_DARK_GRAY},${COL_NC} ${COL_LIGHT_RED}TT";;
                *0006) thr_type="${COL_LIGHT_BLUE}AFC${COL_DARK_GRAY},${COL_NC} ${COL_LIGHT_RED}TT";;
                *0007) thr_type="${COL_YELLOW}UV${COL_DARK_GRAY},${COL_NC} ${COL_LIGHT_BLUE}AFC${COL_DARK_GRAY},${COL_NC} ${COL_LIGHT_RED}TT";;
            esac
        [[ -n "$thr_type" ]] && sys_throttle="$thr_type${COL_DARK_GRAY}"
        fi
        sys_rev_raw=$(awk '/Revision/ {print $3}' < /proc/cpuinfo)
        case "$sys_rev_raw" in
            000[2-6]) sys_model=" 1, Model B";; # 256MB
            000[7-9]) sys_model=" 1, Model A";; # 256MB
            000d|000e|000f) sys_model=" 1, Model B";; # 512MB
            0010|0013) sys_model=" 1, Model B+";; # 512MB
            0012|0015) sys_model=" 1, Model A+";; # 256MB
            a0104[0-1]|a21041|a22042) sys_model=" 2, Model B";; # 1GB
            900021) sys_model=" 1, Model A+";; # 512MB
            900032) sys_model=" 1, Model B+";; # 512MB
            90009[2-3]|920093) sys_model=" Zero";; # 512MB
            9000c1) sys_model=" Zero W";; # 512MB
            a02082|a[2-3]2082) sys_model=" 3, Model B";; # 1GB
            a020d3) sys_model=" 3, Model B+";; # 1GB
            *) sys_model="";;
        esac
        sys_type="Raspberry Pi$sys_model"
    else
        source "/etc/os-release"
        CODENAME=$(sed 's/[()]//g' <<< "${VERSION/* /}")
        sys_type="${NAME/ */} ${CODENAME^} $VERSION_ID"
    fi
    # Get core count
    sys_cores=$(grep -c "^processor" /proc/cpuinfo)
    # Test existence of clock speed file for ARM CPU
    if [[ -f "/sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq" ]]; then
        scaling_freq_file="/sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq"
    fi
    # Test existence of temperature file
    if [[ -f "/sys/class/thermal/thermal_zone0/temp" ]]; then
        temp_file="/sys/class/thermal/thermal_zone0/temp"
    elif [[ -f "/sys/class/hwmon/hwmon0/temp1_input" ]]; then
        temp_file="/sys/class/hwmon/hwmon0/temp1_input"
    else
        temp_file=""
    fi
    # Test existence of setupVars config
    if [[ -f "/etc/pihole/setupVars.conf" ]]; then
        setupVars="/etc/pihole/setupVars.conf"
    fi
 }
 get_sys_stats() {
    local ph_ver_raw
    local cpu_raw
    local ram_raw
    local disk_raw
    # Update every 12 refreshes (Def: every 60s)
    count=$((count+1))
    if [[ "$count" == "1" ]] || (( "$count" % 12 == 0 )); then
        # Do not source setupVars if file does not exist
        [[ -n "$setupVars" ]] && source "$setupVars"
        mapfile -t ph_ver_raw < <(pihole -v -c 2> /dev/null | sed -n 's/^.* v/v/p')
        if [[ -n "${ph_ver_raw[0]}" ]]; then
            ph_core_ver="${ph_ver_raw[0]}"
            if [[ ${#ph_ver_raw[@]} -eq 2 ]]; then
                # AdminLTE not installed
                ph_lte_ver="(not installed)"
                ph_ftl_ver="${ph_ver_raw[1]}"
            else
                ph_lte_ver="${ph_ver_raw[1]}"
                ph_ftl_ver="${ph_ver_raw[2]}"
            fi
        else
            ph_core_ver="-1"
        fi
        sys_name=$(hostname)
        [[ -n "$TEMPERATUREUNIT" ]] && temp_unit="${TEMPERATUREUNIT^^}" || temp_unit="C"
        # Get storage stats for partition mounted on /
        read -r -a disk_raw <<< "$(df -B1 / 2> /dev/null | awk 'END{ print $3,$2,$5 }')"
        disk_used="${disk_raw[0]}"
        disk_total="${disk_raw[1]}"
        disk_perc="${disk_raw[2]}"
        net_gateway=$(ip route | grep default | cut -d ' ' -f 3 | head -n 1)
        # Get DHCP stats, if feature is enabled
        if [[ "$DHCP_ACTIVE" == "true" ]]; then
            ph_dhcp_max=$(( ${DHCP_END##*.} - ${DHCP_START##*.} + 1 ))
        fi
        # Get DNS server count
        dns_count="0"
        [[ -n "${PIHOLE_DNS_1}" ]] && dns_count=$((dns_count+1))
        [[ -n "${PIHOLE_DNS_2}" ]] && dns_count=$((dns_count+1))
        [[ -n "${PIHOLE_DNS_3}" ]] && dns_count=$((dns_count+1))
        [[ -n "${PIHOLE_DNS_4}" ]] && dns_count=$((dns_count+1))
        [[ -n "${PIHOLE_DNS_5}" ]] && dns_count=$((dns_count+1))
        [[ -n "${PIHOLE_DNS_6}" ]] && dns_count=$((dns_count+1))
        [[ -n "${PIHOLE_DNS_7}" ]] && dns_count=$((dns_count+1))
        [[ -n "${PIHOLE_DNS_8}" ]] && dns_count=$((dns_count+1))
        [[ -n "${PIHOLE_DNS_9}" ]] && dns_count="$dns_count+"
    fi
    # Get screen size
    read -r -a scr_size <<< "$(stty size 2>/dev/null || echo 24 80)"
    scr_lines="${scr_size[0]}"
    scr_cols="${scr_size[1]}"
    # Determine Chronometer size behavior
    if [[ "$scr_cols" -ge 58 ]]; then
        chrono_width="large"
    elif [[ "$scr_cols" -gt 40 ]]; then
        chrono_width="medium"
    else
        chrono_width="small"
    fi
    # Determine max length of divider string
    scr_line_len=$(( scr_cols - 2 ))
    [[ "$scr_line_len" -ge 58 ]] && scr_line_len="58"
    scr_line_str=$(printf "%${scr_line_len}s")
    scr_line_str="${scr_line_str// /—}"
    sys_uptime=$(hrSecs "$(cut -d. -f1 /proc/uptime)")
    sys_loadavg=$(cut -d " " -f1,2,3 /proc/loadavg)
    # Get CPU usage, only counting processes over 1% as active
    # shellcheck disable=SC2009
    cpu_raw=$(ps -eo pcpu,rss --no-headers | grep -E -v "    0")
    cpu_tasks=$(wc -l <<< "$cpu_raw")
    cpu_taskact=$(sed -r "/(^ 0.)/d" <<< "$cpu_raw" | wc -l)
    cpu_perc=$(awk '{sum+=$1} END {printf "%.0f\n", sum/'"$sys_cores"'}' <<< "$cpu_raw")
    # Get CPU clock speed
    if [[ -n "$scaling_freq_file" ]]; then
        cpu_mhz=$(( $(< /sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq) / 1000 ))
    else
        cpu_mhz=$(lscpu | awk -F ":" '/MHz/ {print $2;exit}')
        cpu_mhz=$(printf "%.0f" "${cpu_mhz//[[:space:]]/}")
    fi
    # Determine whether to display CPU clock speed as MHz or GHz
    if [[ -n "$cpu_mhz" ]]; then
        [[ "$cpu_mhz" -le "999" ]] && cpu_freq="$cpu_mhz MHz" || cpu_freq="$(printf "%.1f" $(calcFunc "$cpu_mhz"/1000)) GHz"
        [[ "${cpu_freq}" == *".0"* ]] && cpu_freq="${cpu_freq/.0/}"
    fi
    # Determine color for temperature
    if [[ -n "$temp_file" ]]; then
        if [[ "$temp_unit" == "C" ]]; then
            cpu_temp=$(printf "%.0fc\\n" "$(calcFunc "$(< $temp_file) / 1000")")
            case "${cpu_temp::-1}" in
                -*|[0-9]|[1-3][0-9]) cpu_col="$COL_LIGHT_BLUE";;
                4[0-9]) cpu_col="";;
                5[0-9]) cpu_col="$COL_YELLOW";;
                6[0-9]) cpu_col="$COL_LIGHT_RED";;
                *) cpu_col="$COL_URG_RED";;
            esac
        # $COL_NC$COL_DARK_GRAY is needed for $COL_URG_RED
        cpu_temp_str=" @ $cpu_col$cpu_temp$COL_NC$COL_DARK_GRAY"
        elif [[ "$temp_unit" == "F" ]]; then
            cpu_temp=$(printf "%.0ff\\n" "$(calcFunc "($(< $temp_file) / 1000) * 9 / 5 + 32")")
            case "${cpu_temp::-1}" in
                -*|[0-9]|[0-9][0-9]) cpu_col="$COL_LIGHT_BLUE";;
                1[0-1][0-9]) cpu_col="";;
                1[2-3][0-9]) cpu_col="$COL_YELLOW";;
                1[4-5][0-9]) cpu_col="$COL_LIGHT_RED";;
                *) cpu_col="$COL_URG_RED";;
            esac
            cpu_temp_str=" @ $cpu_col$cpu_temp$COL_NC$COL_DARK_GRAY"
        else
            cpu_temp_str=$(printf " @ %.0fk\\n" "$(calcFunc "($(< $temp_file) / 1000) + 273.15")")
        fi
    else
        cpu_temp_str=""
    fi
    read -r -a ram_raw <<< "$(awk '/MemTotal:/{total=$2} /MemFree:/{free=$2} /Buffers:/{buffers=$2} /^Cached:/{cached=$2} END {printf "%.0f %.0f %.0f", (total-free-buffers-cached)*100/total, (total-free-buffers-cached)*1024, total*1024}' /proc/meminfo)"
    ram_perc="${ram_raw[0]}"
    ram_used="${ram_raw[1]}"
    ram_total="${ram_raw[2]}"
    if [[ "$(pihole status web 2> /dev/null)" == "1" ]]; then
        ph_status="${COL_LIGHT_GREEN}Active"
    else
        ph_status="${COL_LIGHT_RED}Offline"
    fi
    if [[ "$DHCP_ACTIVE" == "true" ]]; then
        local ph_dhcp_range
        ph_dhcp_range=$(seq -s "|" -f "${DHCP_START%.*}.%g" "${DHCP_START##*.}" "${DHCP_END##*.}")
        # Count dynamic leases from available range, and not static leases
        ph_dhcp_num=$(grep -cE "$ph_dhcp_range" "/etc/pihole/dhcp.leases")
        ph_dhcp_percent=$(( ph_dhcp_num * 100 / ph_dhcp_max ))
    fi
 }
 get_ftl_stats() {
    local stats_raw
    mapfile -t stats_raw < <(pihole-FTL "stats")
    domains_being_blocked_raw="${stats_raw[0]#* }"
    dns_queries_today_raw="${stats_raw[1]#* }"
    ads_blocked_today_raw="${stats_raw[2]#* }"
    ads_percentage_today_raw="${stats_raw[3]#* }"
    queries_forwarded_raw="${stats_raw[5]#* }"
    queries_cached_raw="${stats_raw[6]#* }"
    # Only retrieve these stats when not called from jsonFunc
    if [[ -z "$1" ]]; then
        local top_ad_raw
        local top_domain_raw
        local top_client_raw
        domains_being_blocked=$(printf "%.0f\\n" "${domains_being_blocked_raw}" 2> /dev/null)
        dns_queries_today=$(printf "%.0f\\n" "${dns_queries_today_raw}")
        ads_blocked_today=$(printf "%.0f\\n" "${ads_blocked_today_raw}")
        ads_percentage_today=$(printf "%'.0f\\n" "${ads_percentage_today_raw}")
        queries_cached_percentage=$(printf "%.0f\\n" "$(calcFunc "$queries_cached_raw * 100 / ( $queries_forwarded_raw + $queries_cached_raw )")")
        recent_blocked=$(pihole-FTL recentBlocked)
        read -r -a top_ad_raw <<< "$(pihole-FTL "top-ads (1)")"
        read -r -a top_domain_raw <<< "$(pihole-FTL "top-domains (1)")"
        read -r -a top_client_raw <<< "$(pihole-FTL "top-clients (1)")"
        top_ad="${top_ad_raw[2]}"
        top_domain="${top_domain_raw[2]}"
        if [[ "${top_client_raw[3]}" ]]; then
            top_client="${top_client_raw[3]}"
        else
            top_client="${top_client_raw[2]}"
        fi
    fi
 }
 get_strings() {
    # Expand or contract strings depending on screen size
    if [[ "$chrono_width" == "large" ]]; then
        phc_str="        ${COL_DARK_GRAY}Core"
        lte_str="        ${COL_DARK_GRAY}Web"
        ftl_str="        ${COL_DARK_GRAY}FTL"
        api_str="${COL_LIGHT_RED}API Offline"
        host_info="$sys_type"
        sys_info="$sys_throttle"
        sys_info2="Active: $cpu_taskact of $cpu_tasks tasks"
        used_str="Used: "
        leased_str="Leased: "
        domains_being_blocked=$(printf "%'.0f" "$domains_being_blocked")
        ads_blocked_today=$(printf "%'.0f" "$ads_blocked_today")
        dns_queries_today=$(printf "%'.0f" "$dns_queries_today")
        ph_info="Blocking: $domains_being_blocked sites"
        total_str="Total: "
    else
        phc_str=" ${COL_DARK_GRAY}Core"
        lte_str=" ${COL_DARK_GRAY}Web"
        ftl_str=" ${COL_DARK_GRAY}FTL"
        api_str="${COL_LIGHT_RED}API Down"
        ph_info="$domains_being_blocked blocked"
    fi
    [[ "$sys_cores" -ne 1 ]] && sys_cores_txt="${sys_cores}x "
    cpu_info="$sys_cores_txt$cpu_freq$cpu_temp_str"
    ram_info="$used_str$(hrBytes "$ram_used") of $(hrBytes "$ram_total")"
    disk_info="$used_str$(hrBytes "$disk_used") of $(hrBytes "$disk_total")"
    lan_info="Gateway: $net_gateway"
    dhcp_info="$leased_str$ph_dhcp_num of $ph_dhcp_max"
      ads_info="$total_str$ads_blocked_today of $dns_queries_today"
    dns_info="$dns_count DNS servers"
    [[ "$recent_blocked" == "0" ]] && recent_blocked="${COL_LIGHT_RED}FTL offline${COL_NC}"
 }
 chronoFunc() {
    local extra_arg="$1"
    local extra_value="$2"
    get_init_stats
    for (( ; ; )); do
        get_sys_stats
        get_ftl_stats
        get_strings
        # Strip excess development version numbers
        if [[ "$ph_core_ver" != "-1" ]]; then
            phc_ver_str="$phc_str: ${ph_core_ver%-*}${COL_NC}"
            lte_ver_str="$lte_str: ${ph_lte_ver%-*}${COL_NC}"
            ftl_ver_str="$ftl_str: ${ph_ftl_ver%-*}${COL_NC}"
        else
            phc_ver_str="$phc_str: $api_str${COL_NC}"
        fi
        # Get refresh number
        if [[ "${extra_arg}" = "refresh" ]]; then
            num="${extra_value}"
            num_str="Refresh set for every $num seconds"
        else
            num_str=""
        fi
        clear
        # Remove exit message heading on third refresh
        if [[ "$count" -le 2 ]] && [[ "${extra_arg}" != "exit" ]]; then
            echo -e " ${COL_LIGHT_GREEN}Pi-hole Chronometer${COL_NC}
            $num_str
            ${COL_LIGHT_RED}Press Ctrl-C to exit${COL_NC}
            ${COL_DARK_GRAY}$scr_line_str${COL_NC}"
        else
        echo -e "[0;1;31;91m|¯[0;1;33;93m¯[0;1;32;92m¯[0;1;32;92m(¯[0;1;36;96m)[0;1;34;94m_[0;1;35;95m|[0;1;33;93m¯[0;1;31;91m|_  [0;1;32;92m__[0;1;36;96m_|[0;1;31;91m¯[0;1;34;94m|[0;1;35;95m__[0;1;31;91m_[0m$phc_ver_str\\n[0;1;33;93m| ¯[0;1;32;92m_[0;1;36;96m/¯[0;1;34;94m|[0;1;35;95m_[0;1;31;91m| [0;1;33;93m' [0;1;32;92m\\/ [0;1;36;96m_ [0;1;34;94m\\ [0;1;35;95m/ [0;1;31;91m-[0;1;33;93m_)[0m$lte_ver_str\\n[0;1;32;92m|_[0;1;36;96m| [0;1;34;94m|_[0;1;35;95m| [0;1;33;93m|_[0;1;32;92m||[0;1;36;96m_\\[0;1;34;94m__[0;1;35;95m_/[0;1;31;91m_\\[0;1;33;93m__[0;1;32;92m_|[0m$ftl_ver_str\\n ${COL_DARK_GRAY}$scr_line_str${COL_NC}"
        fi
        printFunc "  Hostname: " "$sys_name" "$host_info"
        printFunc "    Uptime: " "$sys_uptime" "$sys_info"
        printFunc " Task Load: " "$sys_loadavg" "$sys_info2"
        printFunc " CPU usage: " "$cpu_perc%" "$cpu_info"
        printFunc " RAM usage: " "$ram_perc%" "$ram_info"
        printFunc " HDD usage: " "$disk_perc" "$disk_info"
        if [[ "$DHCP_ACTIVE" == "true" ]]; then
            printFunc "DHCP usage: " "$ph_dhcp_percent%" "$dhcp_info"
        fi
        printFunc "   Pi-hole: " "$ph_status" "$ph_info"
        printFunc " Ads Today: " "$ads_percentage_today%" "$ads_info"
        printFunc "Local Qrys: " "$queries_cached_percentage%" "$dns_info"
        printFunc "   Blocked: " "$recent_blocked"
        printFunc "Top Advert: " "$top_ad"
        # Provide more stats on screens with more lines
        if [[ "$scr_lines" -eq 17 ]]; then
            if [[ "$DHCP_ACTIVE" == "true" ]]; then
                printFunc "Top Domain: " "$top_domain" "last"
            else
                print_client="true"
            fi
        else
            print_client="true"
        fi
        if [[ -n "$print_client" ]]; then
            printFunc "Top Domain: " "$top_domain"
            printFunc "Top Client: " "$top_client" "last"
        fi
        # Handle exit/refresh options
        if [[ "${extra_arg}" == "exit" ]]; then
            exit 0
        else
            if [[ "${extra_arg}" == "refresh" ]]; then
                sleep "$num"
            else
                sleep 5
            fi
        fi
    done
 }
 jsonFunc() {
    get_ftl_stats "json"
    echo "{\"domains_being_blocked\":${domains_being_blocked_raw},\"dns_queries_today\":${dns_queries_today_raw},\"ads_blocked_today\":${ads_blocked_today_raw},\"ads_percentage_today\":${ads_percentage_today_raw}}"
 }
 helpFunc() {
    if [[ "$1" == "?" ]]; then
        echo "Unknown option. Please view 'pihole -c --help' for more information"
    else
        echo "Usage: pihole -c [options]
 Example: 'pihole -c -j'
 Calculates stats and displays to an LCD
 Options:
  -j, --json          Output stats as JSON formatted string
  -r, --refresh       Set update frequency (in seconds)
  -e, --exit          Output stats and exit without refreshing
  -h, --help          Display this help text"
  fi
  exit 0
 }
 if [[ $# = 0 ]]; then
    chronoFunc
 fi
 case "$1" in
    "-j" | "--json"    ) jsonFunc;;
    "-h" | "--help"    ) helpFunc;;
    "-r" | "--refresh" ) chronoFunc refresh "$2";;
    "-e" | "--exit"    ) chronoFunc exit;;
    *                  ) helpFunc "?";;
 esac
--- a/advanced/Scripts/database_migration/gravity-db.sh
+++ b/advanced/Scripts/database_migration/gravity-db.sh
@@ -13,119 +13,142 @@
 readonly scriptPath="/etc/.pihole/advanced/Scripts/database_migration/gravity"
 upgrade_gravityDB(){
-	local database piholeDir auditFile version
+    local database piholeDir version
-	database="${1}"
+    database="${1}"
-	piholeDir="${2}"
+    piholeDir="${2}"
 	auditFile="${piholeDir}/auditlog.list"
-	# Get database version
+    # Exit early if the database does not exist (e.g. in CI tests)
-	version="$(sqlite3 "${database}" "SELECT \"value\" FROM \"info\" WHERE \"property\" = 'version';")"
+    if [[ ! -f "${database}" ]]; then
        return
    fi
-	if [[ "$version" == "1" ]]; then
+    # Get database version
-		# This migration script upgrades the gravity.db file by
+    version="$(pihole-FTL sqlite3 -ni "${database}" "SELECT \"value\" FROM \"info\" WHERE \"property\" = 'version';")"
 		# adding the domain_audit table
 		echo -e "  ${INFO} Upgrading gravity database from version 1 to 2"
 		sqlite3 "${database}" < "${scriptPath}/1_to_2.sql"
 		version=2
-		# Store audit domains in database table
+    if [[ "$version" == "1" ]]; then
-		if [ -e "${auditFile}" ]; then
+        # This migration script upgraded the gravity.db file by
-			echo -e "  ${INFO} Migrating content of ${auditFile} into new database"
+        # adding the domain_audit table. It is now a no-op
-			# database_table_from_file is defined in gravity.sh
+        echo -e "  ${INFO} Upgrading gravity database from version 1 to 2"
-			database_table_from_file "domain_audit" "${auditFile}"
+        pihole-FTL sqlite3 -ni "${database}" < "${scriptPath}/1_to_2.sql"
-		fi
+        version=2
-	fi
+    fi
-	if [[ "$version" == "2" ]]; then
+    if [[ "$version" == "2" ]]; then
-		# This migration script upgrades the gravity.db file by
+        # This migration script upgrades the gravity.db file by
-		# renaming the regex table to regex_blacklist, and
+        # renaming the regex table to regex_blacklist, and
-		# creating a new regex_whitelist table + corresponding linking table and views
+        # creating a new regex_whitelist table + corresponding linking table and views
-		echo -e "  ${INFO} Upgrading gravity database from version 2 to 3"
+        echo -e "  ${INFO} Upgrading gravity database from version 2 to 3"
-		sqlite3 "${database}" < "${scriptPath}/2_to_3.sql"
+        pihole-FTL sqlite3 -ni "${database}" < "${scriptPath}/2_to_3.sql"
-		version=3
+        version=3
-	fi
+    fi
-	if [[ "$version" == "3" ]]; then
+    if [[ "$version" == "3" ]]; then
-		# This migration script unifies the formally separated domain
+        # This migration script unifies the formally separated domain
-		# lists into a single table with a UNIQUE domain constraint
+        # lists into a single table with a UNIQUE domain constraint
-		echo -e "  ${INFO} Upgrading gravity database from version 3 to 4"
+        echo -e "  ${INFO} Upgrading gravity database from version 3 to 4"
-		sqlite3 "${database}" < "${scriptPath}/3_to_4.sql"
+        pihole-FTL sqlite3 -ni "${database}" < "${scriptPath}/3_to_4.sql"
-		version=4
+        version=4
-	fi
+    fi
-	if [[ "$version" == "4" ]]; then
+    if [[ "$version" == "4" ]]; then
-		# This migration script upgrades the gravity and list views
+        # This migration script upgrades the gravity and list views
-		# implementing necessary changes for per-client blocking
+        # implementing necessary changes for per-client blocking
-		echo -e "  ${INFO} Upgrading gravity database from version 4 to 5"
+        echo -e "  ${INFO} Upgrading gravity database from version 4 to 5"
-		sqlite3 "${database}" < "${scriptPath}/4_to_5.sql"
+        pihole-FTL sqlite3 -ni "${database}" < "${scriptPath}/4_to_5.sql"
-		version=5
+        version=5
-	fi
+    fi
-	if [[ "$version" == "5" ]]; then
+    if [[ "$version" == "5" ]]; then
-		# This migration script upgrades the adlist view
+        # This migration script upgrades the adlist view
-		# to return an ID used in gravity.sh
+        # to return an ID used in gravity.sh
-		echo -e "  ${INFO} Upgrading gravity database from version 5 to 6"
+        echo -e "  ${INFO} Upgrading gravity database from version 5 to 6"
-		sqlite3 "${database}" < "${scriptPath}/5_to_6.sql"
+        pihole-FTL sqlite3 -ni "${database}" < "${scriptPath}/5_to_6.sql"
-		version=6
+        version=6
-	fi
+    fi
-	if [[ "$version" == "6" ]]; then
+    if [[ "$version" == "6" ]]; then
-		# This migration script adds a special group with ID 0
+        # This migration script adds a special group with ID 0
-		# which is automatically associated to all clients not
+        # which is automatically associated to all clients not
-		# having their own group assignments
+        # having their own group assignments
-		echo -e "  ${INFO} Upgrading gravity database from version 6 to 7"
+        echo -e "  ${INFO} Upgrading gravity database from version 6 to 7"
-		sqlite3 "${database}" < "${scriptPath}/6_to_7.sql"
+        pihole-FTL sqlite3 -ni "${database}" < "${scriptPath}/6_to_7.sql"
-		version=7
+        version=7
-	fi
+    fi
-	if [[ "$version" == "7" ]]; then
+    if [[ "$version" == "7" ]]; then
-		# This migration script recreated the group table
+        # This migration script recreated the group table
-		# to ensure uniqueness on the group name
+        # to ensure uniqueness on the group name
-		# We also add date_added and date_modified columns
+        # We also add date_added and date_modified columns
-		echo -e "  ${INFO} Upgrading gravity database from version 7 to 8"
+        echo -e "  ${INFO} Upgrading gravity database from version 7 to 8"
-		sqlite3 "${database}" < "${scriptPath}/7_to_8.sql"
+        pihole-FTL sqlite3 -ni "${database}" < "${scriptPath}/7_to_8.sql"
-		version=8
+        version=8
-	fi
+    fi
-	if [[ "$version" == "8" ]]; then
+    if [[ "$version" == "8" ]]; then
-		# This migration fixes some issues that were introduced
+        # This migration fixes some issues that were introduced
-		# in the previous migration script.
+        # in the previous migration script.
-		echo -e "  ${INFO} Upgrading gravity database from version 8 to 9"
+        echo -e "  ${INFO} Upgrading gravity database from version 8 to 9"
-		sqlite3 "${database}" < "${scriptPath}/8_to_9.sql"
+        pihole-FTL sqlite3 -ni "${database}" < "${scriptPath}/8_to_9.sql"
-		version=9
+        version=9
-	fi
+    fi
-	if [[ "$version" == "9" ]]; then
+    if [[ "$version" == "9" ]]; then
-		# This migration drops unused tables and creates triggers to remove
+        # This migration drops unused tables and creates triggers to remove
-		# obsolete groups assignments when the linked items are deleted
+        # obsolete groups assignments when the linked items are deleted
-		echo -e "  ${INFO} Upgrading gravity database from version 9 to 10"
+        echo -e "  ${INFO} Upgrading gravity database from version 9 to 10"
-		sqlite3 "${database}" < "${scriptPath}/9_to_10.sql"
+        pihole-FTL sqlite3 -ni "${database}" < "${scriptPath}/9_to_10.sql"
-		version=10
+        version=10
-	fi
+    fi
-	if [[ "$version" == "10" ]]; then
+    if [[ "$version" == "10" ]]; then
-		# This adds timestamp and an optional comment field to the client table
+        # This adds timestamp and an optional comment field to the client table
-		# These fields are only temporary and will be replaces by the columns
+        # These fields are only temporary and will be replaces by the columns
-		# defined in gravity.db.sql during gravity swapping. We add them here
+        # defined in gravity.db.sql during gravity swapping. We add them here
-		# to keep the copying process generic (needs the same columns in both the
+        # to keep the copying process generic (needs the same columns in both the
-		# source and the destination databases).
+        # source and the destination databases).
-		echo -e "  ${INFO} Upgrading gravity database from version 10 to 11"
+        echo -e "  ${INFO} Upgrading gravity database from version 10 to 11"
-		sqlite3 "${database}" < "${scriptPath}/10_to_11.sql"
+        pihole-FTL sqlite3 -ni "${database}" < "${scriptPath}/10_to_11.sql"
-		version=11
+        version=11
-	fi
+    fi
-	if [[ "$version" == "11" ]]; then
+    if [[ "$version" == "11" ]]; then
-		# Rename group 0 from "Unassociated" to "Default"
+        # Rename group 0 from "Unassociated" to "Default"
-		echo -e "  ${INFO} Upgrading gravity database from version 11 to 12"
+        echo -e "  ${INFO} Upgrading gravity database from version 11 to 12"
-		sqlite3 "${database}" < "${scriptPath}/11_to_12.sql"
+        pihole-FTL sqlite3 -ni "${database}" < "${scriptPath}/11_to_12.sql"
-		version=12
+        version=12
-	fi
+    fi
-	if [[ "$version" == "12" ]]; then
+    if [[ "$version" == "12" ]]; then
-		# Add column date_updated to adlist table
+        # Add column date_updated to adlist table
-		echo -e "  ${INFO} Upgrading gravity database from version 12 to 13"
+        echo -e "  ${INFO} Upgrading gravity database from version 12 to 13"
-		sqlite3 "${database}" < "${scriptPath}/12_to_13.sql"
+        pihole-FTL sqlite3 -ni "${database}" < "${scriptPath}/12_to_13.sql"
-		version=13
+        version=13
-	fi
+    fi
-	if [[ "$version" == "13" ]]; then
+    if [[ "$version" == "13" ]]; then
-		# Add columns number and status to adlist table
+        # Add columns number and status to adlist table
-		echo -e "  ${INFO} Upgrading gravity database from version 13 to 14"
+        echo -e "  ${INFO} Upgrading gravity database from version 13 to 14"
-		sqlite3 "${database}" < "${scriptPath}/13_to_14.sql"
+        pihole-FTL sqlite3 -ni "${database}" < "${scriptPath}/13_to_14.sql"
-		version=14
+        version=14
-	fi
+    fi
-	if [[ "$version" == "14" ]]; then
+    if [[ "$version" == "14" ]]; then
-	# Changes the vw_adlist created in 5_to_6
+        # Changes the vw_adlist created in 5_to_6
-	echo -e "  ${INFO} Upgrading gravity database from version 14 to 15"
+        echo -e "  ${INFO} Upgrading gravity database from version 14 to 15"
-	sqlite3 "${database}" < "${scriptPath}/14_to_15.sql"
+        pihole-FTL sqlite3 -ni "${database}" < "${scriptPath}/14_to_15.sql"
-	version=15
+        version=15
-fi
+    fi
    if [[ "$version" == "15" ]]; then
        # Add column abp_entries to adlist table
        echo -e "  ${INFO} Upgrading gravity database from version 15 to 16"
        pihole-FTL sqlite3 -ni "${database}" < "${scriptPath}/15_to_16.sql"
        version=16
    fi
    if [[ "$version" == "16" ]]; then
        # Add antigravity table
        # Add column type to adlist table (to support adlist types)
        echo -e "  ${INFO} Upgrading gravity database from version 16 to 17"
        pihole-FTL sqlite3 -ni "${database}" < "${scriptPath}/16_to_17.sql"
        version=17
    fi
    if [[ "$version" == "17" ]]; then
        # Add adlist.id to vw_gravity and vw_antigravity
        echo -e "  ${INFO} Upgrading gravity database from version 17 to 18"
        pihole-FTL sqlite3 -ni "${database}" < "${scriptPath}/17_to_18.sql"
        version=18
    fi
    if [[ "$version" == "18" ]]; then
        # Modify DELETE triggers to delete BEFORE instead of AFTER to prevent
        # foreign key constraint violations
        echo -e "  ${INFO} Upgrading gravity database from version 18 to 19"
        pihole-FTL sqlite3 -ni "${database}" < "${scriptPath}/18_to_19.sql"
        version=19
    fi
 }
--- a/advanced/Scripts/database_migration/gravity/11_to_12.sql
+++ b/advanced/Scripts/database_migration/gravity/11_to_12.sql
@@ -16,4 +16,4 @@ CREATE TRIGGER tr_group_zero AFTER DELETE ON "group"
 UPDATE info SET value = 12 WHERE property = 'version';
-COMMIT;
+COMMIT;
--- a/advanced/Scripts/database_migration/gravity/12_to_13.sql
+++ b/advanced/Scripts/database_migration/gravity/12_to_13.sql
@@ -15,4 +15,4 @@ CREATE TRIGGER tr_adlist_update AFTER UPDATE OF address,enabled,comment ON adlis
 UPDATE info SET value = 13 WHERE property = 'version';
-COMMIT;
+COMMIT;
--- a/advanced/Scripts/database_migration/gravity/15_to_16.sql
+++ b/advanced/Scripts/database_migration/gravity/15_to_16.sql
@@ -0,0 +1,11 @@
 .timeout 30000
 PRAGMA FOREIGN_KEYS=OFF;
 BEGIN TRANSACTION;
 ALTER TABLE adlist ADD COLUMN abp_entries INTEGER NOT NULL DEFAULT 0;
 UPDATE info SET value = 16 WHERE property = 'version';
 COMMIT;
--- a/advanced/Scripts/database_migration/gravity/16_to_17.sql
+++ b/advanced/Scripts/database_migration/gravity/16_to_17.sql
@@ -0,0 +1,33 @@
 .timeout 30000
 PRAGMA FOREIGN_KEYS=OFF;
 BEGIN TRANSACTION;
 ALTER TABLE adlist ADD COLUMN type INTEGER NOT NULL DEFAULT 0;
 UPDATE adlist SET type = 0;
 CREATE TABLE IF NOT EXISTS antigravity
 (
    domain TEXT NOT NULL,
    adlist_id INTEGER NOT NULL REFERENCES adlist (id)
 );
 CREATE VIEW vw_antigravity AS SELECT domain, adlist_by_group.group_id AS group_id
    FROM antigravity
    LEFT JOIN adlist_by_group ON adlist_by_group.adlist_id = antigravity.adlist_id
    LEFT JOIN adlist ON adlist.id = antigravity.adlist_id
    LEFT JOIN "group" ON "group".id = adlist_by_group.group_id
    WHERE adlist.enabled = 1 AND (adlist_by_group.group_id IS NULL OR "group".enabled = 1) AND adlist.type = 1;
 DROP VIEW vw_adlist;
 CREATE VIEW vw_adlist AS SELECT DISTINCT address, id, type
    FROM adlist
    WHERE enabled = 1
    ORDER BY id;
 UPDATE info SET value = 17 WHERE property = 'version';
 COMMIT;
--- a/advanced/Scripts/database_migration/gravity/17_to_18.sql
+++ b/advanced/Scripts/database_migration/gravity/17_to_18.sql
@@ -0,0 +1,25 @@
 .timeout 30000
 PRAGMA FOREIGN_KEYS=OFF;
 BEGIN TRANSACTION;
 DROP VIEW vw_gravity;
 CREATE VIEW vw_gravity AS SELECT domain, adlist.id AS adlist_id, adlist_by_group.group_id AS group_id
    FROM gravity
    LEFT JOIN adlist_by_group ON adlist_by_group.adlist_id = gravity.adlist_id
    LEFT JOIN adlist ON adlist.id = gravity.adlist_id
    LEFT JOIN "group" ON "group".id = adlist_by_group.group_id
    WHERE adlist.enabled = 1 AND (adlist_by_group.group_id IS NULL OR "group".enabled = 1);
 DROP VIEW vw_antigravity;
 CREATE VIEW vw_antigravity AS SELECT domain, adlist.id AS adlist_id, adlist_by_group.group_id AS group_id
    FROM antigravity
    LEFT JOIN adlist_by_group ON adlist_by_group.adlist_id = antigravity.adlist_id
    LEFT JOIN adlist ON adlist.id = antigravity.adlist_id
    LEFT JOIN "group" ON "group".id = adlist_by_group.group_id
    WHERE adlist.enabled = 1 AND (adlist_by_group.group_id IS NULL OR "group".enabled = 1) AND adlist.type = 1;
 UPDATE info SET value = 18 WHERE property = 'version';
 COMMIT;
--- a/advanced/Scripts/database_migration/gravity/18_to_19.sql
+++ b/advanced/Scripts/database_migration/gravity/18_to_19.sql
@@ -0,0 +1,27 @@
 .timeout 30000
 PRAGMA FOREIGN_KEYS=OFF;
 BEGIN TRANSACTION;
 DROP TRIGGER tr_domainlist_delete;
 CREATE TRIGGER tr_domainlist_delete BEFORE DELETE ON domainlist
    BEGIN
      DELETE FROM domainlist_by_group WHERE domainlist_id = OLD.id;
    END;
 DROP TRIGGER tr_adlist_delete;
 CREATE TRIGGER tr_adlist_delete BEFORE DELETE ON adlist
    BEGIN
      DELETE FROM adlist_by_group WHERE adlist_id = OLD.id;
    END;
 DROP TRIGGER tr_client_delete;
 CREATE TRIGGER tr_client_delete BEFORE DELETE ON client
    BEGIN
      DELETE FROM client_by_group WHERE client_id = OLD.id;
    END;
 UPDATE info SET value = 19 WHERE property = 'version';
 COMMIT;
--- a/advanced/Scripts/database_migration/gravity/1_to_2.sql
+++ b/advanced/Scripts/database_migration/gravity/1_to_2.sql
@@ -2,13 +2,6 @@
 BEGIN TRANSACTION;
 CREATE TABLE domain_audit
 (
 	id INTEGER PRIMARY KEY AUTOINCREMENT,
 	domain TEXT UNIQUE NOT NULL,
 	date_added INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int))
 );
 UPDATE info SET value = 2 WHERE property = 'version';
 COMMIT;
--- a/advanced/Scripts/database_migration/gravity/2_to_3.sql
+++ b/advanced/Scripts/database_migration/gravity/2_to_3.sql
@@ -8,9 +8,9 @@ ALTER TABLE regex RENAME TO regex_blacklist;
 CREATE TABLE regex_blacklist_by_group
 (
-	regex_blacklist_id INTEGER NOT NULL REFERENCES regex_blacklist (id),
+    regex_blacklist_id INTEGER NOT NULL REFERENCES regex_blacklist (id),
-	group_id INTEGER NOT NULL REFERENCES "group" (id),
+    group_id INTEGER NOT NULL REFERENCES "group" (id),
-	PRIMARY KEY (regex_blacklist_id, group_id)
+    PRIMARY KEY (regex_blacklist_id, group_id)
 );
 INSERT INTO regex_blacklist_by_group SELECT * FROM regex_by_group;
@@ -32,19 +32,19 @@ CREATE TRIGGER tr_regex_blacklist_update AFTER UPDATE ON regex_blacklist
 CREATE TABLE regex_whitelist
 (
-	id INTEGER PRIMARY KEY AUTOINCREMENT,
+    id INTEGER PRIMARY KEY AUTOINCREMENT,
-	domain TEXT UNIQUE NOT NULL,
+    domain TEXT UNIQUE NOT NULL,
-	enabled BOOLEAN NOT NULL DEFAULT 1,
+    enabled BOOLEAN NOT NULL DEFAULT 1,
-	date_added INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
+    date_added INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
-	date_modified INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
+    date_modified INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
-	comment TEXT
+    comment TEXT
 );
 CREATE TABLE regex_whitelist_by_group
 (
-	regex_whitelist_id INTEGER NOT NULL REFERENCES regex_whitelist (id),
+    regex_whitelist_id INTEGER NOT NULL REFERENCES regex_whitelist (id),
-	group_id INTEGER NOT NULL REFERENCES "group" (id),
+    group_id INTEGER NOT NULL REFERENCES "group" (id),
-	PRIMARY KEY (regex_whitelist_id, group_id)
+    PRIMARY KEY (regex_whitelist_id, group_id)
 );
 CREATE VIEW vw_regex_whitelist AS SELECT DISTINCT domain
--- a/advanced/Scripts/database_migration/gravity/3_to_4.sql
+++ b/advanced/Scripts/database_migration/gravity/3_to_4.sql
@@ -6,13 +6,13 @@ BEGIN TRANSACTION;
 CREATE TABLE domainlist
 (
-	id INTEGER PRIMARY KEY AUTOINCREMENT,
+    id INTEGER PRIMARY KEY AUTOINCREMENT,
-	type INTEGER NOT NULL DEFAULT 0,
+    type INTEGER NOT NULL DEFAULT 0,
-	domain TEXT UNIQUE NOT NULL,
+    domain TEXT UNIQUE NOT NULL,
-	enabled BOOLEAN NOT NULL DEFAULT 1,
+    enabled BOOLEAN NOT NULL DEFAULT 1,
-	date_added INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
+    date_added INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
-	date_modified INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
+    date_modified INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
-	comment TEXT
+    comment TEXT
 );
 ALTER TABLE whitelist ADD COLUMN type INTEGER;
@@ -41,9 +41,9 @@ DROP TABLE regex_whitelist_by_group;
 DROP TABLE regex_blacklist_by_group;
 CREATE TABLE domainlist_by_group
 (
-	domainlist_id INTEGER NOT NULL REFERENCES domainlist (id),
+    domainlist_id INTEGER NOT NULL REFERENCES domainlist (id),
-	group_id INTEGER NOT NULL REFERENCES "group" (id),
+    group_id INTEGER NOT NULL REFERENCES "group" (id),
-	PRIMARY KEY (domainlist_id, group_id)
+    PRIMARY KEY (domainlist_id, group_id)
 );
 DROP TRIGGER tr_whitelist_update;
@@ -93,4 +93,4 @@ CREATE VIEW vw_regex_blacklist AS SELECT domain, domainlist.id AS id, domainlist
 UPDATE info SET value = 4 WHERE property = 'version';
-COMMIT;
+COMMIT;
--- a/advanced/Scripts/database_migration/gravity/4_to_5.sql
+++ b/advanced/Scripts/database_migration/gravity/4_to_5.sql
@@ -7,9 +7,9 @@ BEGIN TRANSACTION;
 DROP TABLE gravity;
 CREATE TABLE gravity
 (
-	domain TEXT NOT NULL,
+    domain TEXT NOT NULL,
-	adlist_id INTEGER NOT NULL REFERENCES adlist (id),
+    adlist_id INTEGER NOT NULL REFERENCES adlist (id),
-	PRIMARY KEY(domain, adlist_id)
+    PRIMARY KEY(domain, adlist_id)
 );
 DROP VIEW vw_gravity;
@@ -22,17 +22,17 @@ CREATE VIEW vw_gravity AS SELECT domain, adlist_by_group.group_id AS group_id
 CREATE TABLE client
 (
-	id INTEGER PRIMARY KEY AUTOINCREMENT,
+    id INTEGER PRIMARY KEY AUTOINCREMENT,
-	ip TEXT NOL NULL UNIQUE
+    ip TEXT NOL NULL UNIQUE
 );
 CREATE TABLE client_by_group
 (
-	client_id INTEGER NOT NULL REFERENCES client (id),
+    client_id INTEGER NOT NULL REFERENCES client (id),
-	group_id INTEGER NOT NULL REFERENCES "group" (id),
+    group_id INTEGER NOT NULL REFERENCES "group" (id),
-	PRIMARY KEY (client_id, group_id)
+    PRIMARY KEY (client_id, group_id)
 );
 UPDATE info SET value = 5 WHERE property = 'version';
-COMMIT;
+COMMIT;
--- a/advanced/Scripts/database_migration/gravity/5_to_6.sql
+++ b/advanced/Scripts/database_migration/gravity/5_to_6.sql
@@ -15,4 +15,3 @@ CREATE VIEW vw_adlist AS SELECT DISTINCT address, adlist.id AS id
 UPDATE info SET value = 6 WHERE property = 'version';
 COMMIT;
--- a/advanced/Scripts/database_migration/gravity/7_to_8.sql
+++ b/advanced/Scripts/database_migration/gravity/7_to_8.sql
@@ -8,12 +8,12 @@ ALTER TABLE "group" RENAME TO "group__";
 CREATE TABLE "group"
 (
-	id INTEGER PRIMARY KEY AUTOINCREMENT,
+    id INTEGER PRIMARY KEY AUTOINCREMENT,
-	enabled BOOLEAN NOT NULL DEFAULT 1,
+    enabled BOOLEAN NOT NULL DEFAULT 1,
-	name TEXT UNIQUE NOT NULL,
+    name TEXT UNIQUE NOT NULL,
-	date_added INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
+    date_added INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
-	date_modified INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
+    date_modified INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
-	description TEXT
+    description TEXT
 );
 CREATE TRIGGER tr_group_update AFTER UPDATE ON "group"
--- a/advanced/Scripts/list.sh
+++ b/advanced/Scripts/list.sh
@@ -5,296 +5,223 @@
 # (c) 2017 Pi-hole, LLC (https://pi-hole.net)
 # Network-wide ad blocking via your own hardware.
 #
-# Whitelist and blacklist domains
+# allowlist and denylist domains
 #
 # This file is copyright under the latest version of the EUPL.
 # Please see LICENSE file for your rights under this license.
-# Globals
+readonly PI_HOLE_SCRIPT_DIR="/opt/pihole"
-piholeDir="/etc/pihole"
+readonly utilsfile="${PI_HOLE_SCRIPT_DIR}/utils.sh"
-GRAVITYDB="${piholeDir}/gravity.db"
+source "${utilsfile}"
-# Source pihole-FTL from install script
+
-pihole_FTL="${piholeDir}/pihole-FTL.conf"
+readonly apifile="${PI_HOLE_SCRIPT_DIR}/api.sh"
-if [[ -f "${pihole_FTL}" ]]; then
+source "${apifile}"
-  source "${pihole_FTL}"
+
 # Determine database location
 DBFILE=$(getFTLConfigValue "files.database")
 if [ -z "$DBFILE" ]; then
    DBFILE="/etc/pihole/pihole-FTL.db"
 fi
-# Set this only after sourcing pihole-FTL.conf as the gravity database path may
+# Determine gravity database location
-# have changed
+GRAVITYDB=$(getFTLConfigValue "files.gravity")
-gravityDBfile="${GRAVITYDB}"
+if [ -z "$GRAVITYDB" ]; then
    GRAVITYDB="/etc/pihole/gravity.db"
 fi
 noReloadRequested=false
 addmode=true
 verbose=true
 wildcard=false
 web=false
 domList=()
 typeId=""
 comment=""
 declare -i domaincount
 domaincount=0
 reload=false
 colfile="/opt/pihole/COL_TABLE"
 source ${colfile}
 # IDs are hard-wired to domain interpretation in the gravity database scheme
 # Clients (including FTL) will read them through the corresponding views
 readonly whitelist="0"
 readonly blacklist="1"
 readonly regex_whitelist="2"
 readonly regex_blacklist="3"
 GetListnameFromTypeId() {
    if [[ "$1" == "${whitelist}" ]]; then
        echo "whitelist"
    elif  [[ "$1" == "${blacklist}" ]]; then
        echo "blacklist"
    elif  [[ "$1" == "${regex_whitelist}" ]]; then
        echo "regex whitelist"
    elif  [[ "$1" == "${regex_blacklist}" ]]; then
        echo "regex blacklist"
    fi
 }
 GetListParamFromTypeId() {
    if [[ "${typeId}" == "${whitelist}" ]]; then
        echo "w"
    elif  [[ "${typeId}" == "${blacklist}" ]]; then
        echo "b"
    elif  [[ "${typeId}" == "${regex_whitelist}" && "${wildcard}" == true ]]; then
        echo "-white-wild"
    elif  [[ "${typeId}" == "${regex_whitelist}" ]]; then
        echo "-white-regex"
    elif  [[ "${typeId}" == "${regex_blacklist}" && "${wildcard}" == true ]]; then
        echo "-wild"
    elif  [[ "${typeId}" == "${regex_blacklist}" ]]; then
        echo "-regex"
    fi
 }
 helpFunc() {
-    local listname param
+    echo "Usage: pihole ${abbrv} [options] <domain> <domain2 ...>
-
+Example: 'pihole ${abbrv} site.com', or 'pihole ${abbrv} site1.com site2.com'
-    listname="$(GetListnameFromTypeId "${typeId}")"
+${typeId^} one or more ${kindId} domains
    param="$(GetListParamFromTypeId)"
    echo "Usage: pihole -${param} [options] <domain> <domain2 ...>
 Example: 'pihole -${param} site.com', or 'pihole -${param} site1.com site2.com'
 ${listname^} one or more domains
 Options:
-  -d, --delmode       Remove domain(s) from the ${listname}
+  remove, delete, -d  Remove domain(s)
  -nr, --noreload     Update ${listname} without reloading the DNS server
  -q, --quiet         Make output less verbose
  -h, --help          Show this help dialog
-  -l, --list          Display all your ${listname}listed domains
+  -l, --list          Display domains
-  --nuke              Removes all entries in a list"
+  --comment \"text\"    Add a comment to the domain. If adding multiple domains the same comment will be used for all"
  exit 0
 }
-ValidateDomain() {
+CreateDomainList() {
-    # Convert to lowercase
+    # Format domain into regex filter if requested
-    domain="${1,,}"
+    local dom=${1}
-
+    if [[ "${wildcard}" == true ]]; then
-    # Check validity of domain (don't check for regex entries)
+        dom="(\\.|^)${dom//\./\\.}$"
    if [[ "${#domain}" -le 253 ]]; then
        if [[ ( "${typeId}" == "${regex_blacklist}" || "${typeId}" == "${regex_whitelist}" ) && "${wildcard}" == false ]]; then
            validDomain="${domain}"
        else
            validDomain=$(grep -P "^((-|_)*[a-z\\d]((-|_)*[a-z\\d])*(-|_)*)(\\.(-|_)*([a-z\\d]((-|_)*[a-z\\d])*))*$" <<< "${domain}") # Valid chars check
            validDomain=$(grep -P "^[^\\.]{1,63}(\\.[^\\.]{1,63})*$" <<< "${validDomain}") # Length of each label
        fi
    fi
-
+    domList=("${domList[@]}" "${dom}")
    if [[ -n "${validDomain}" ]]; then
        domList=("${domList[@]}" "${validDomain}")
    else
        echo -e "  ${CROSS} ${domain} is not a valid argument or domain name!"
    fi
    domaincount=$((domaincount+1))
 }
 ProcessDomainList() {
    for dom in "${domList[@]}"; do
        # Format domain into regex filter if requested
        if [[ "${wildcard}" == true ]]; then
            dom="(\\.|^)${dom//\./\\.}$"
        fi
        # Logic: If addmode then add to desired list and remove from the other;
        # if delmode then remove from desired list but do not add to the other
        if ${addmode}; then
            AddDomain "${dom}"
        else
            RemoveDomain "${dom}"
        fi
  done
 }
 AddDomain() {
-    local domain num requestedListname existingTypeId existingListname
+    local json num data
    domain="$1"
-    # Is the domain in the list we want to add it to?
+    # Authenticate with the API
-    num="$(sqlite3 "${gravityDBfile}" "SELECT COUNT(*) FROM domainlist WHERE domain = '${domain}';")"
+    LoginAPI
    requestedListname="$(GetListnameFromTypeId "${typeId}")"
-    if [[ "${num}" -ne 0 ]]; then
+    # Prepare request to POST /api/domains/{type}/{kind}
-      existingTypeId="$(sqlite3 "${gravityDBfile}" "SELECT type FROM domainlist WHERE domain = '${domain}';")"
+    # Build JSON object of the following form
-      if [[ "${existingTypeId}" == "${typeId}" ]]; then
+    #  {
-        if [[ "${verbose}" == true ]]; then
+    #    "domain": [ <domains> ],
-            echo -e "  ${INFO} ${1} already exists in ${requestedListname}, no need to add!"
+    #    "comment": <comment>
-        fi
+    #  }
-      else
+    # where <domains> is an array of domain strings and <comment> is a string
-        existingListname="$(GetListnameFromTypeId "${existingTypeId}")"
+    # We use jq to build the JSON object
-        sqlite3 "${gravityDBfile}" "UPDATE domainlist SET type = ${typeId} WHERE domain='${domain}';"
+    json=$(jq --null-input --compact-output --arg domains "${domList[*]}" --arg comment "${comment}" '{domain: $domains | split(" "), comment: $comment}')
-        if [[ "${verbose}" == true ]]; then
+
-            echo -e "  ${INFO} ${1} already exists in ${existingListname}, it has been moved to ${requestedListname}!"
+    # Send the request
-        fi
+    data=$(PostFTLData "domains/${typeId}/${kindId}" "${json}")
-      fi
+
-      return
+    # Display domain(s) added
    # (they are listed in .processed.success, use jq)
    num=$(echo "${data}" | jq '.processed.success | length')
    if [[ "${num}" -gt 0 ]] && [[ "${verbose}" == true ]]; then
        echo -e "  ${TICK} Added ${num} domain(s):"
        for i in $(seq 0 $((num-1))); do
            echo -e "    - ${COL_BLUE}$(echo "${data}" | jq --raw-output ".processed.success[$i].item")${COL_NC}"
        done
    fi
    # Display failed domain(s)
    # (they are listed in .processed.errors, use jq)
    num=$(echo "${data}" | jq '.processed.errors | length')
    if [[ "${num}" -gt 0 ]] && [[ "${verbose}" == true ]]; then
        echo -e "  ${CROSS} Failed to add ${num} domain(s):"
        for i in $(seq 0 $((num-1))); do
            echo -e "    - ${COL_BLUE}$(echo "${data}" | jq --raw-output ".processed.errors[$i].item")${COL_NC}"
            error=$(echo "${data}" | jq --raw-output ".processed.errors[$i].error")
            if [[ "${error}" == "UNIQUE constraint failed: domainlist.domain, domainlist.type" ]]; then
                error="Domain already in the specified list"
            fi
            echo -e "      ${error}"
        done
    fi
-    # Domain not found in the table, add it!
+    # Log out
-    if [[ "${verbose}" == true ]]; then
+    LogoutAPI
        echo -e "  ${INFO} Adding ${domain} to the ${requestedListname}..."
    fi
    reload=true
    # Insert only the domain here. The enabled and date_added fields will be filled
    # with their default values (enabled = true, date_added = current timestamp)
    if [[ -z "${comment}" ]]; then
        sqlite3 "${gravityDBfile}" "INSERT INTO domainlist (domain,type) VALUES ('${domain}',${typeId});"
    else
        # also add comment when variable has been set through the "--comment" option
        sqlite3 "${gravityDBfile}" "INSERT INTO domainlist (domain,type,comment) VALUES ('${domain}',${typeId},'${comment}');"
    fi
 }
 RemoveDomain() {
-    local domain num requestedListname
+    local json num data status
    domain="$1"
-    # Is the domain in the list we want to remove it from?
+    # Authenticate with the API
-    num="$(sqlite3 "${gravityDBfile}" "SELECT COUNT(*) FROM domainlist WHERE domain = '${domain}' AND type = ${typeId};")"
+    LoginAPI
-    requestedListname="$(GetListnameFromTypeId "${typeId}")"
+    # Prepare request to POST /api/domains:batchDelete
    # Build JSON object of the following form
    #  [{
    #    "item": <domain>,
    #    "type": "${typeId}",
    #    "kind": "${kindId}",
    #  }]
    # where <domain> is the domain string and ${typeId} and ${kindId} are the type and kind IDs
    # We use jq to build the JSON object)
    json=$(jq --null-input --compact-output --arg domains "${domList[*]}" --arg typeId "${typeId}" --arg kindId "${kindId}" '[ $domains | split(" ")[] as $item | {item: $item, type: $typeId, kind: $kindId} ]')
-    if [[ "${num}" -eq 0 ]]; then
+    # Send the request
-      if [[ "${verbose}" == true ]]; then
+    data=$(PostFTLData "domains:batchDelete" "${json}" "status")
-          echo -e "  ${INFO} ${domain} does not exist in ${requestedListname}, no need to remove!"
+    # Separate the status from the data
-      fi
+    status=$(printf %s "${data#"${data%???}"}")
-      return
+    data=$(printf %s "${data%???}")
    # If there is an .error object in the returned data, display it
    local error
    error=$(jq --compact-output <<< "${data}" '.error')
    if [[ $error != "null" && $error != "" ]]; then
        echo -e "  ${CROSS} Failed to remove domain(s):"
        echo -e "      $(jq <<< "${data}" '.error')"
    elif [[ "${verbose}" == true && "${status}" == "204" ]]; then
        echo -e "  ${TICK} Domain(s) removed from the ${kindId} ${typeId}list"
    elif [[ "${verbose}" == true && "${status}" == "404" ]]; then
        echo -e "  ${TICK} Requested domain(s) not found on ${kindId} ${typeId}list"
    fi
-    # Domain found in the table, remove it!
+    # Log out
-    if [[ "${verbose}" == true ]]; then
+    LogoutAPI
        echo -e "  ${INFO} Removing ${domain} from the ${requestedListname}..."
    fi
    reload=true
    # Remove it from the current list
    sqlite3 "${gravityDBfile}" "DELETE FROM domainlist WHERE domain = '${domain}' AND type = ${typeId};"
 }
 Displaylist() {
-    local count num_pipes domain enabled status nicedate requestedListname
+    local data
-    requestedListname="$(GetListnameFromTypeId "${typeId}")"
+    # if either typeId or kindId is empty, we cannot display the list
-    data="$(sqlite3 "${gravityDBfile}" "SELECT domain,enabled,date_modified FROM domainlist WHERE type = ${typeId};" 2> /dev/null)"
+    if [[ -z "${typeId}" ]] || [[ -z "${kindId}" ]]; then
-
+        echo "  ${CROSS} Unable to display list. Please specify a list type and kind."
-    if [[ -z $data ]]; then
+        exit 1
        echo -e "Not showing empty list"
    else
        echo -e "Displaying ${requestedListname}:"
        count=1
        while IFS= read -r line
        do
            # Count number of pipes seen in this line
            # This is necessary because we can only detect the pipe separating the fields
            # from the end backwards as the domain (which is the first field) may contain
            # pipe symbols as they are perfectly valid regex filter control characters
            num_pipes="$(grep -c "^" <<< "$(grep -o "|" <<< "${line}")")"
            # Extract domain and enabled status based on the obtained number of pipe characters
            domain="$(cut -d'|' -f"-$((num_pipes-1))" <<< "${line}")"
            enabled="$(cut -d'|' -f"$((num_pipes))" <<< "${line}")"
            datemod="$(cut -d'|' -f"$((num_pipes+1))" <<< "${line}")"
            # Translate boolean status into human readable string
            if [[ "${enabled}" -eq 1 ]]; then
                status="enabled"
            else
                status="disabled"
            fi
            # Get nice representation of numerical date stored in database
            nicedate=$(date --rfc-2822 -d "@${datemod}")
            echo "  ${count}: ${domain} (${status}, last modified ${nicedate})"
            count=$((count+1))
        done <<< "${data}"
    fi
    exit 0;
 }
-NukeList() {
+    # Authenticate with the API
-    count=$(sqlite3 "${gravityDBfile}" "SELECT COUNT(1) FROM domainlist WHERE type = ${typeId};")
+    LoginAPI
-    listname="$(GetListnameFromTypeId "${typeId}")"
+
-    if [ "$count" -gt 0 ];then
+    # Send the request
-        sqlite3 "${gravityDBfile}" "DELETE FROM domainlist WHERE type = ${typeId};"
+    data=$(GetFTLData "domains/${typeId}/${kindId}")
-        echo "  ${TICK} Removed ${count} domain(s) from the ${listname}"
+
    # Display the list
    num=$(echo "${data}" | jq '.domains | length')
    if [[ "${num}" -gt 0 ]]; then
        echo -e "  ${TICK} Found ${num} domain(s) in the ${kindId} ${typeId}list:"
        for i in $(seq 0 $((num-1))); do
            echo -e "    - ${COL_BLUE}$(echo "${data}" | jq --compact-output ".domains[$i].domain")${COL_NC}"
            echo -e "      Comment: $(echo "${data}" | jq --compact-output ".domains[$i].comment")"
            echo -e "      Groups: $(echo "${data}" | jq --compact-output ".domains[$i].groups")"
            echo -e "      Added: $(date -d @"$(echo "${data}" | jq --compact-output ".domains[$i].date_added")")"
            echo -e "      Last modified: $(date -d @"$(echo "${data}" | jq --compact-output ".domains[$i].date_modified")")"
        done
    else
-        echo "  ${INFO} ${listname} already empty. Nothing to do!"
+        echo -e "  ${INFO} No domains found in the ${kindId} ${typeId}list"
    fi
-    exit 0;
+
    # Log out
    LogoutAPI
    # Return early without adding/deleting domains
    exit 0
 }
 GetComment() {
    comment="$1"
    if [[ "${comment}" =~ [^a-zA-Z0-9_\#:/\.,\ -] ]]; then
-      echo "  ${CROSS} Found invalid characters in domain comment!"
+        echo "  ${CROSS} Found invalid characters in domain comment!"
-      exit
+        exit 1
    fi
 }
 while (( "$#" )); do
    case "${1}" in
-        "-w" | "whitelist"   ) typeId=0;;
+        "allow" | "allowlist" ) kindId="exact"; typeId="allow"; abbrv="allow";;
-        "-b" | "blacklist"   ) typeId=1;;
+        "deny" | "denylist"   ) kindId="exact"; typeId="deny"; abbrv="deny";;
-        "--white-regex" | "white-regex" ) typeId=2;;
+        "--allow-regex" | "allow-regex" ) kindId="regex"; typeId="allow"; abbrv="--allow-regex";;
-        "--white-wild" | "white-wild" ) typeId=2; wildcard=true;;
+        "--allow-wild" | "allow-wild" ) kindId="regex"; typeId="allow"; wildcard=true; abbrv="--allow-wild";;
-        "--wild" | "wildcard" ) typeId=3; wildcard=true;;
+        "--regex" | "regex"   ) kindId="regex"; typeId="deny"; abbrv="--regex";;
-        "--regex" | "regex"   ) typeId=3;;
+        "--wild" | "wildcard" ) kindId="regex"; typeId="deny"; wildcard=true; abbrv="--wild";;
-        "-nr"| "--noreload"  ) noReloadRequested=true;;
+        "-d" | "remove" | "delete" ) addmode=false;;
        "-d" | "--delmode"   ) addmode=false;;
        "-q" | "--quiet"     ) verbose=false;;
        "-h" | "--help"      ) helpFunc;;
        "-l" | "--list"      ) Displaylist;;
        "--nuke"             ) NukeList;;
        "--web"              ) web=true;;
        "--comment"          ) GetComment "${2}"; shift;;
-        *                    ) ValidateDomain "${1}";;
+        *                    ) CreateDomainList "${1}";;
    esac
    shift
 done
 shift
-if [[ ${domaincount} == 0 ]]; then
+if [[ ${#domList[@]} == 0 ]]; then
    helpFunc
 fi
-ProcessDomainList
+if ${addmode}; then
-
+    AddDomain
-# Used on web interface
+else
-if $web; then
+    RemoveDomain
 echo "DONE"
 fi
 if [[ ${reload} == true && ${noReloadRequested} == false ]]; then
    pihole restartdns reload-lists
 fi
--- a/advanced/Scripts/pihole-reenable.sh
+++ b/advanced/Scripts/pihole-reenable.sh
@@ -1,23 +0,0 @@
 #!/bin/bash
 # Pi-hole: A black hole for Internet advertisements
 # (c) 2020 Pi-hole, LLC (https://pi-hole.net)
 # Network-wide ad blocking via your own hardware.
 #
 # This file is copyright under the latest version of the EUPL.
 # Please see LICENSE file for your rights under this license.
 #
 #
 # The pihole disable command has the option to set a specified time before
 # blocking is automatically re-enabled.
 #
 # Present script is responsible for the sleep & re-enable part of the job and
 # is automatically terminated if it is still running when pihole is enabled by
 # other means.
 #
 # This ensures that pihole ends up in the correct state after a sequence of
 # commands suchs as: `pihole disable 30s; pihole enable; pihole disable`
 readonly PI_HOLE_BIN_DIR="/usr/local/bin"
 sleep "${1}"
 "${PI_HOLE_BIN_DIR}"/pihole enable
--- a/advanced/Scripts/piholeARPTable.sh
+++ b/advanced/Scripts/piholeARPTable.sh
@@ -15,31 +15,33 @@ if [[ -f ${coltable} ]]; then
    source ${coltable}
 fi
 readonly PI_HOLE_SCRIPT_DIR="/opt/pihole"
 utilsfile="${PI_HOLE_SCRIPT_DIR}/utils.sh"
 source "${utilsfile}"
 # Determine database location
-# Obtain DBFILE=... setting from pihole-FTL.db
+DBFILE=$(getFTLConfigValue "files.database")
 # Constructed to return nothing when
 # a) the setting is not present in the config file, or
 # b) the setting is commented out (e.g. "#DBFILE=...")
 FTLconf="/etc/pihole/pihole-FTL.conf"
 if [ -e "$FTLconf" ]; then
    DBFILE="$(sed -n -e 's/^\s*DBFILE\s*=\s*//p' ${FTLconf})"
 fi
 # Test for empty string. Use standard path in this case.
 if [ -z "$DBFILE" ]; then
    DBFILE="/etc/pihole/pihole-FTL.db"
 fi
 flushARP(){
    local output
    if [[ "${args[1]}" != "quiet" ]]; then
        echo -ne "  ${INFO} Flushing network table ..."
    fi
    # Stop FTL to prevent database access
    if ! output=$(service pihole-FTL stop 2>&1); then
        echo -e "${OVER}  ${CROSS} Failed to stop FTL"
        echo "  Output: ${output}"
        return 1
    fi
    # Truncate network_addresses table in pihole-FTL.db
    # This needs to be done before we can truncate the network table due to
    # foreign key constraints
-    if ! output=$(sqlite3 "${DBFILE}" "DELETE FROM network_addresses" 2>&1); then
+    if ! output=$(pihole-FTL sqlite3 -ni "${DBFILE}" "DELETE FROM network_addresses" 2>&1); then
        echo -e "${OVER}  ${CROSS} Failed to truncate network_addresses table"
        echo "  Database location: ${DBFILE}"
        echo "  Output: ${output}"
@@ -47,13 +49,27 @@ flushARP(){
    fi
    # Truncate network table in pihole-FTL.db
-    if ! output=$(sqlite3 "${DBFILE}" "DELETE FROM network" 2>&1); then
+    if ! output=$(pihole-FTL sqlite3 -ni "${DBFILE}" "DELETE FROM network" 2>&1); then
        echo -e "${OVER}  ${CROSS} Failed to truncate network table"
        echo "  Database location: ${DBFILE}"
        echo "  Output: ${output}"
        return 1
    fi
    # Flush ARP cache of the host
    if ! output=$(ip -s -s neigh flush all 2>&1); then
        echo -e "${OVER}  ${CROSS} Failed to flush ARP cache"
        echo "  Output: ${output}"
        return 1
    fi
    # Start FTL again
    if ! output=$(service pihole-FTL restart 2>&1); then
        echo -e "${OVER}  ${CROSS} Failed to restart FTL"
        echo "  Output: ${output}"
        return 1
    fi
    if [[ "${args[1]}" != "quiet" ]]; then
        echo -e "${OVER}  ${TICK} Flushed network table"
    fi
--- a/advanced/Scripts/piholeCheckout.sh
+++ b/advanced/Scripts/piholeCheckout.sh
@@ -9,22 +9,19 @@
 # Please see LICENSE file for your rights under this license.
 readonly PI_HOLE_FILES_DIR="/etc/.pihole"
-PH_TEST="true"
+SKIP_INSTALL="true"
 source "${PI_HOLE_FILES_DIR}/automated install/basic-install.sh"
 # webInterfaceGitUrl set in basic-install.sh
 # webInterfaceDir set in basic-install.sh
 # piholeGitURL set in basic-install.sh
 # is_repo() sourced from basic-install.sh
 # setupVars set in basic-install.sh
 # check_download_exists sourced from basic-install.sh
 # fully_fetch_repo sourced from basic-install.sh
 # get_available_branches sourced from basic-install.sh
 # fetch_checkout_pull_branch sourced from basic-install.sh
 # checkout_pull_branch sourced from basic-install.sh
 source "${setupVars}"
 warning1() {
    echo "  Please note that changing branches severely alters your Pi-hole subsystems"
    echo "  Features that work on the master branch, may not on a development branch"
@@ -61,12 +58,11 @@ checkout() {
        echo -e "  Please re-run install script from https://github.com/pi-hole/pi-hole${COL_NC}"
        exit 1;
    fi
-    if [[ "${INSTALL_WEB_INTERFACE}" == "true" ]]; then
+
-        if ! is_repo "${webInterfaceDir}" ; then
+    if ! is_repo "${webInterfaceDir}" ; then
-            echo -e "  ${COL_LIGHT_RED}Error: Web Admin repo is missing from system!"
+        echo -e "  ${COL_LIGHT_RED}Error: Web Admin repo is missing from system!"
-            echo -e "  Please re-run install script from https://github.com/pi-hole/pi-hole${COL_NC}"
+        echo -e "  Please re-run install script from https://github.com/pi-hole/pi-hole${COL_NC}"
-            exit 1;
+        exit 1;
        fi
    fi
    if [[ -z "${1}" ]]; then
@@ -81,15 +77,13 @@ checkout() {
    if [[ "${1}" == "dev" ]] ; then
        # Shortcut to check out development branches
-        echo -e "  ${INFO} Shortcut \"dev\" detected - checking out development / devel branches..."
+        echo -e "  ${INFO} Shortcut \"${COL_YELLOW}dev${COL_NC}\" detected - checking out development branches..."
        echo ""
        echo -e "  ${INFO} Pi-hole Core"
        fetch_checkout_pull_branch "${PI_HOLE_FILES_DIR}" "development" || { echo "  ${CROSS} Unable to pull Core development branch"; exit 1; }
-        if [[ "${INSTALL_WEB_INTERFACE}" == "true" ]]; then
+        echo ""
-            echo ""
+        echo -e "  ${INFO} Web interface"
-            echo -e "  ${INFO} Web interface"
+        fetch_checkout_pull_branch "${webInterfaceDir}" "development" || { echo "  ${CROSS} Unable to pull Web development branch"; exit 1; }
            fetch_checkout_pull_branch "${webInterfaceDir}" "devel" || { echo "  ${CROSS} Unable to pull Web development branch"; exit 1; }
        fi
        #echo -e "  ${TICK} Pi-hole Core"
        local path
@@ -98,13 +92,11 @@ checkout() {
        chmod 644 /etc/pihole/ftlbranch
    elif [[ "${1}" == "master" ]] ; then
        # Shortcut to check out master branches
-        echo -e "  ${INFO} Shortcut \"master\" detected - checking out master branches..."
+        echo -e "  ${INFO} Shortcut \"${COL_YELLOW}master${COL_NC}\" detected - checking out master branches..."
        echo -e "  ${INFO} Pi-hole core"
        fetch_checkout_pull_branch "${PI_HOLE_FILES_DIR}" "master" || { echo "  ${CROSS} Unable to pull Core master branch"; exit 1; }
-        if [[ ${INSTALL_WEB_INTERFACE} == "true" ]]; then
+        echo -e "  ${INFO} Web interface"
-            echo -e "  ${INFO} Web interface"
+        fetch_checkout_pull_branch "${webInterfaceDir}" "master" || { echo "  ${CROSS} Unable to pull Web master branch"; exit 1; }
            fetch_checkout_pull_branch "${webInterfaceDir}" "master" || { echo "  ${CROSS} Unable to pull Web master branch"; exit 1; }
        fi
        #echo -e "  ${TICK} Web Interface"
        local path
        path="master/${binary}"
@@ -131,13 +123,13 @@ checkout() {
        echo ""
        # Have the user choose the branch they want
        if ! (for e in "${corebranches[@]}"; do [[ "$e" == "${2}" ]] && exit 0; done); then
-            echo -e "  ${INFO} Requested branch \"${2}\" is not available"
+            echo -e "  ${INFO} Requested branch \"${COL_CYAN}${2}${COL_NC}\" is not available"
            echo -e "  ${INFO} Available branches for Core are:"
            for e in "${corebranches[@]}"; do echo "      - $e"; done
            exit 1
        fi
        checkout_pull_branch "${PI_HOLE_FILES_DIR}" "${2}"
-    elif [[ "${1}" == "web" ]] && [[ "${INSTALL_WEB_INTERFACE}" == "true" ]] ; then
+    elif [[ "${1}" == "web" ]] ; then
        str="Fetching branches from ${webInterfaceGitUrl}"
        echo -ne "  ${INFO} $str"
        if ! fully_fetch_repo "${webInterfaceDir}" ; then
@@ -158,36 +150,82 @@ checkout() {
        echo ""
        # Have the user choose the branch they want
        if ! (for e in "${webbranches[@]}"; do [[ "$e" == "${2}" ]] && exit 0; done); then
-            echo -e "  ${INFO} Requested branch \"${2}\" is not available"
+            echo -e "  ${INFO} Requested branch \"${COL_CYAN}${2}${COL_NC}\" is not available"
            echo -e "  ${INFO} Available branches for Web Admin are:"
            for e in "${webbranches[@]}"; do echo "      - $e"; done
            exit 1
        fi
        checkout_pull_branch "${webInterfaceDir}" "${2}"
        # Update local and remote versions via updatechecker
        /opt/pihole/updatecheck.sh
    elif [[ "${1}" == "ftl" ]] ; then
        local path
        local oldbranch
        local existing=false
        path="${2}/${binary}"
        oldbranch="$(pihole-FTL -b)"
-        if check_download_exists "$path"; then
+        # Check if requested branch is available
-            echo "  ${TICK} Branch ${2} exists"
+        echo -e "  ${INFO} Checking for availability of branch ${COL_CYAN}${2}${COL_NC} on GitHub"
-            echo "${2}" > /etc/pihole/ftlbranch
+        ftlbranches=( $(git ls-remote https://github.com/pi-hole/ftl | grep "refs/heads" | cut -d'/' -f3- -) )
-            chmod 644 /etc/pihole/ftlbranch
+        # If returned array is empty -> connectivity issue
-            echo -e "  ${INFO} Switching to branch: \"${2}\" from \"${oldbranch}\""
+        if [[ ${#ftlbranches[@]} -eq 0 ]]; then
-            FTLinstall "${binary}"
+            echo -e "  ${CROSS} Unable to fetch branches from GitHub. Please check your Internet connection and try again later."
            restart_service pihole-FTL
            enable_service pihole-FTL
        else
            echo "  ${CROSS} Requested branch \"${2}\" is not available"
            ftlbranches=( $(git ls-remote https://github.com/pi-hole/ftl | grep 'heads' | sed 's/refs\/heads\///;s/ //g' | awk '{print $2}') )
            echo -e "  ${INFO} Available branches for FTL are:"
            for e in "${ftlbranches[@]}"; do echo "      - $e"; done
            exit 1
        fi
        for e in "${ftlbranches[@]}"; do [[ "$e" == "${2}" ]] && existing=true; done
        if [[ "${existing}" == false ]]; then
            echo -e "  ${CROSS} Requested branch is not available\n"
            echo -e "  ${INFO} Available branches are:"
            for e in "${ftlbranches[@]}"; do echo "      - $e"; done
            exit 1
        fi
        echo -e "  ${TICK} Branch ${2} exists on GitHub"
        echo -e "  ${INFO} Checking for ${COL_YELLOW}${binary}${COL_NC} binary on https://ftl.pi-hole.net"
        if check_download_exists "$path"; then
            echo "  ${TICK} Binary exists"
            echo "${2}" > /etc/pihole/ftlbranch
            chmod 644 /etc/pihole/ftlbranch
            echo -e "  ${INFO} Switching to branch: ${COL_CYAN}${2}${COL_NC} from ${COL_CYAN}${oldbranch}${COL_NC}"
            FTLinstall "${binary}"
            restart_service pihole-FTL
            enable_service pihole-FTL
            str="Restarting FTL..."
            echo -ne "  ${INFO} ${str}"
            # Wait until name resolution is working again after restarting FTL,
            # so that the updatechecker can run successfully and does not fail
            # trying to resolve github.com
            until getent hosts github.com &> /dev/null; do
                # Append one dot for each second waiting
                str="${str}."
                echo -ne "  ${OVER}  ${INFO} ${str}"
                sleep 1
            done
            echo -e "  ${OVER}  ${TICK} Restarted FTL service"
            # Update local and remote versions via updatechecker
            /opt/pihole/updatecheck.sh
        else
            if [ $? -eq 1 ]; then
                # Binary for requested branch is not available, may still be
                # int he process of being built or CI build job failed
                printf "  %b Binary for requested branch is not available, please try again later.\\n" ${CROSS}
                printf "      If the issue persists, please contact Pi-hole Support and ask them to re-generate the binary.\\n"
                exit 1
            elif [ $? -eq 2 ]; then
                printf "  %b Unable to download from ftl.pi-hole.net. Please check your Internet connection and try again later.\\n" "${CROSS}"
                exit 1
            else
                printf "  %b Unknown checkout error. Please contact Pi-hole Support\\n" "${CROSS}"
                exit 1
            fi
        fi
    else
-        echo -e "  ${INFO} Requested option \"${1}\" is not available"
+        echo -e "  ${CROSS} Requested option \"${1}\" is not available"
        exit 1
    fi
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
--- a/advanced/Scripts/piholeLogFlush.sh
+++ b/advanced/Scripts/piholeLogFlush.sh
@@ -11,32 +11,39 @@
 colfile="/opt/pihole/COL_TABLE"
 source ${colfile}
 readonly PI_HOLE_SCRIPT_DIR="/opt/pihole"
 utilsfile="${PI_HOLE_SCRIPT_DIR}/utils.sh"
 source "${utilsfile}"
 # In case we're running at the same time as a system logrotate, use a
 # separate logrotate state file to prevent stepping on each other's
 # toes.
 STATEFILE="/var/lib/logrotate/pihole"
 # Determine database location
-# Obtain DBFILE=... setting from pihole-FTL.db
+DBFILE=$(getFTLConfigValue "files.database")
 # Constructed to return nothing when
 # a) the setting is not present in the config file, or
 # b) the setting is commented out (e.g. "#DBFILE=...")
 FTLconf="/etc/pihole/pihole-FTL.conf"
 if [ -e "$FTLconf" ]; then
    DBFILE="$(sed -n -e 's/^\s*DBFILE\s*=\s*//p' ${FTLconf})"
 fi
 # Test for empty string. Use standard path in this case.
 if [ -z "$DBFILE" ]; then
    DBFILE="/etc/pihole/pihole-FTL.db"
 fi
-if [[ "$@" != *"quiet"* ]]; then
+# Determine log file location
-    echo -ne "  ${INFO} Flushing /var/log/pihole.log ..."
+LOGFILE=$(getFTLConfigValue "files.log.dnsmasq")
 if [ -z "$LOGFILE" ]; then
    LOGFILE="/var/log/pihole/pihole.log"
 fi
-if [[ "$@" == *"once"* ]]; then
+FTLFILE=$(getFTLConfigValue "files.log.ftl")
 if [ -z "$FTLFILE" ]; then
    FTLFILE="/var/log/pihole/FTL.log"
 fi
 if [[ "$*" == *"once"* ]]; then
    # Nightly logrotation
    if command -v /usr/sbin/logrotate >/dev/null; then
        # Logrotate once
        if [[ "$*" != *"quiet"* ]]; then
            echo -ne "  ${INFO} Running logrotate ..."
        fi
        /usr/sbin/logrotate --force --state "${STATEFILE}" /etc/pihole/logrotate
    else
        # Copy pihole.log over to pihole.log.1
@@ -44,32 +51,72 @@ if [[ "$@" == *"once"* ]]; then
        # Note that moving the file is not an option, as
        # dnsmasq would happily continue writing into the
        # moved file (it will have the same file handler)
-        cp -p /var/log/pihole.log /var/log/pihole.log.1
+        if [[ "$*" != *"quiet"* ]]; then
-        echo " " > /var/log/pihole.log
+            echo -ne "  ${INFO} Rotating ${LOGFILE} ..."
-        chmod 644 /var/log/pihole.log
+        fi
        cp -p "${LOGFILE}" "${LOGFILE}.1"
        echo " " > "${LOGFILE}"
        chmod 640 "${LOGFILE}"
        if [[ "$*" != *"quiet"* ]]; then
            echo -e "${OVER}  ${TICK} Rotated ${LOGFILE} ..."
        fi
        # Copy FTL.log over to FTL.log.1
        # and empty out FTL.log
        if [[ "$*" != *"quiet"* ]]; then
            echo -ne "  ${INFO} Rotating ${FTLFILE} ..."
        fi
        cp -p "${FTLFILE}" "${FTLFILE}.1"
        echo " " > "${FTLFILE}"
        chmod 640 "${FTLFILE}"
        if [[ "$*" != *"quiet"* ]]; then
            echo -e "${OVER}  ${TICK} Rotated ${FTLFILE} ..."
        fi
    fi
 else
    # Manual flushing
-    if command -v /usr/sbin/logrotate >/dev/null; then
+
-        # Logrotate twice to move all data out of sight of FTL
+    # Flush both pihole.log and pihole.log.1 (if existing)
-        /usr/sbin/logrotate --force --state "${STATEFILE}" /etc/pihole/logrotate; sleep 3
+    if [[ "$*" != *"quiet"* ]]; then
-        /usr/sbin/logrotate --force --state "${STATEFILE}" /etc/pihole/logrotate
+        echo -ne "  ${INFO} Flushing ${LOGFILE} ..."
    else
        # Flush both pihole.log and pihole.log.1 (if existing)
        echo " " > /var/log/pihole.log
        if [ -f /var/log/pihole.log.1 ]; then
            echo " " > /var/log/pihole.log.1
            chmod 644 /var/log/pihole.log.1
        fi
    fi
    echo " " > "${LOGFILE}"
    chmod 640 "${LOGFILE}"
    if [ -f "${LOGFILE}.1" ]; then
        echo " " > "${LOGFILE}.1"
        chmod 640 "${LOGFILE}.1"
    fi
    if [[ "$*" != *"quiet"* ]]; then
        echo -e "${OVER}  ${TICK} Flushed ${LOGFILE} ..."
    fi
    # Flush both FTL.log and FTL.log.1 (if existing)
    if [[ "$*" != *"quiet"* ]]; then
        echo -ne "  ${INFO} Flushing ${FTLFILE} ..."
    fi
    echo " " > "${FTLFILE}"
    chmod 640 "${FTLFILE}"
    if [ -f "${FTLFILE}.1" ]; then
        echo " " > "${FTLFILE}.1"
        chmod 640 "${FTLFILE}.1"
    fi
    if [[ "$*" != *"quiet"* ]]; then
        echo -e "${OVER}  ${TICK} Flushed ${FTLFILE} ..."
    fi
    if [[ "$*" != *"quiet"* ]]; then
        echo -ne "  ${INFO} Flushing database, DNS resolution temporarily unavailable ..."
    fi
    # Stop FTL to make sure it doesn't write to the database while we're deleting data
    service pihole-FTL stop
    # Delete most recent 24 hours from FTL's database, leave even older data intact (don't wipe out all history)
-    deleted=$(sqlite3 "${DBFILE}" "DELETE FROM queries WHERE timestamp >= strftime('%s','now')-86400; select changes() from queries limit 1")
+    deleted=$(pihole-FTL sqlite3 -ni "${DBFILE}" "DELETE FROM query_storage WHERE timestamp >= strftime('%s','now')-86400; select changes() from query_storage limit 1")
-    # Restart pihole-FTL to force reloading history
+    # Restart FTL
-    sudo pihole restartdns
+    service pihole-FTL restart
    if [[ "$*" != *"quiet"* ]]; then
        echo -e "${OVER}  ${TICK} Deleted ${deleted} queries from long-term query database"
    fi
 fi
 if [[ "$@" != *"quiet"* ]]; then
    echo -e "${OVER}  ${TICK} Flushed /var/log/pihole.log"
    echo -e "  ${TICK} Deleted ${deleted} queries from database"
 fi
--- a/advanced/Scripts/query.sh
+++ b/advanced/Scripts/query.sh
@@ -1,264 +1,157 @@
-#!/usr/bin/env bash
+#!/usr/bin/env sh
 # shellcheck disable=SC1090
 # Ignore warning about `local` being undefinded in POSIX
 # shellcheck disable=SC3043
 # https://github.com/koalaman/shellcheck/wiki/SC3043#exceptions
 # Pi-hole: A black hole for Internet advertisements
-# (c) 2018 Pi-hole, LLC (https://pi-hole.net)
+# (c) 2023 Pi-hole, LLC (https://pi-hole.net)
 # Network-wide ad blocking via your own hardware.
 #
-# Query Domain Lists
+# Search Adlists
 #
 # This file is copyright under the latest version of the EUPL.
 # Please see LICENSE file for your rights under this license.
 # Globals
-piholeDir="/etc/pihole"
+PI_HOLE_INSTALL_DIR="/opt/pihole"
-GRAVITYDB="${piholeDir}/gravity.db"
+max_results="20"
-options="$*"
+partial="false"
-all=""
+domain=""
 exact=""
 blockpage=""
 matchType="match"
 # Source pihole-FTL from install script
 pihole_FTL="${piholeDir}/pihole-FTL.conf"
 if [[ -f "${pihole_FTL}" ]]; then
  source "${pihole_FTL}"
 fi
 # Set this only after sourcing pihole-FTL.conf as the gravity database path may
 # have changed
 gravityDBfile="${GRAVITYDB}"
 # Source color table
 colfile="/opt/pihole/COL_TABLE"
-source "${colfile}"
+. "${colfile}"
-# Scan an array of files for matching strings
+# Source api functions
-scanList(){
+. "${PI_HOLE_INSTALL_DIR}/api.sh"
    # Escape full stops
    local domain="${1}" esc_domain="${1//./\\.}" lists="${2}" type="${3:-}"
-    # Prevent grep from printing file path
+Help() {
    cd "$piholeDir" || exit 1
    # Prevent grep -i matching slowly: https://bit.ly/2xFXtUX
    export LC_CTYPE=C
    # /dev/null forces filename to be printed when only one list has been generated
    case "${type}" in
        "exact" ) grep -i -E -l "(^|(?<!#)\\s)${esc_domain}($|\\s|#)" ${lists} /dev/null 2>/dev/null;;
        # Iterate through each regexp and check whether it matches the domainQuery
        # If it does, print the matching regexp and continue looping
        # Input 1 - regexps | Input 2 - domainQuery
        "regex" ) 
            for list in ${lists}; do
                if [[ "${domain}" =~ ${list} ]]; then
                    printf "%b\n" "${list}";
                fi
            done;;
        *       ) grep -i "${esc_domain}" ${lists} /dev/null 2>/dev/null;;
    esac
 }
 if [[ "${options}" == "-h" ]] || [[ "${options}" == "--help" ]]; then
    echo "Usage: pihole -q [option] <domain>
-Example: 'pihole -q -exact domain.com'
+Example: 'pihole -q --partial domain.com'
 Query the adlists for a specified domain
 Options:
-  -exact              Search the block lists for exact domain matches
+  --partial            Search the adlists for partially matching domains
-  -all                Return all query matches within a block list
+  --all                Return all query matches within the adlists
-  -h, --help          Show this help dialog"
+  -h, --help           Show this help dialog"
-  exit 0
+    exit 0
 fi
 # Handle valid options
 if [[ "${options}" == *"-bp"* ]]; then
    exact="exact"; blockpage=true
 else
    [[ "${options}" == *"-all"* ]] && all=true
    if [[ "${options}" == *"-exact"* ]]; then
        exact="exact"; matchType="exact ${matchType}"
    fi
 fi
 # Strip valid options, leaving only the domain and invalid options
 # This allows users to place the options before or after the domain
 options=$(sed -E 's/ ?-(bp|adlists?|all|exact) ?//g' <<< "${options}")
 # Handle remaining options
 # If $options contain non ASCII characters, convert to punycode
 case "${options}" in
    ""             ) str="No domain specified";;
    *" "*          ) str="Unknown query option specified";;
    *[![:ascii:]]* ) domainQuery=$(idn2 "${options}");;
    *              ) domainQuery="${options}";;
 esac
 if [[ -n "${str:-}" ]]; then
    echo -e "${str}${COL_NC}\\nTry 'pihole -q --help' for more information."
    exit 1
 fi
 scanDatabaseTable() {
    local domain table type querystr result extra
    domain="$(printf "%q" "${1}")"
    table="${2}"
    type="${3:-}"
    # As underscores are legitimate parts of domains, we escape them when using the LIKE operator.
    # Underscores are SQLite wildcards matching exactly one character. We obviously want to suppress this
    # behavior. The "ESCAPE '\'" clause specifies that an underscore preceded by an '\' should be matched
    # as a literal underscore character. We pretreat the $domain variable accordingly to escape underscores.
    if [[ "${table}" == "gravity" ]]; then
      case "${exact}" in
          "exact" ) querystr="SELECT gravity.domain,adlist.address,adlist.enabled FROM gravity LEFT JOIN adlist ON adlist.id = gravity.adlist_id WHERE domain = '${domain}'";;
          *       ) querystr="SELECT gravity.domain,adlist.address,adlist.enabled FROM gravity LEFT JOIN adlist ON adlist.id = gravity.adlist_id WHERE domain LIKE '%${domain//_/\\_}%' ESCAPE '\\'";;
      esac
    else
      case "${exact}" in
          "exact" ) querystr="SELECT domain,enabled FROM domainlist WHERE type = '${type}' AND domain = '${domain}'";;
          *       ) querystr="SELECT domain,enabled FROM domainlist WHERE type = '${type}' AND domain LIKE '%${domain//_/\\_}%' ESCAPE '\\'";;
      esac
    fi
    # Send prepared query to gravity database
    result="$(sqlite3 "${gravityDBfile}" "${querystr}")" 2> /dev/null
    if [[ -z "${result}" ]]; then
        # Return early when there are no matches in this table
        return
    fi
    if [[ "${table}" == "gravity" ]]; then
      echo "${result}"
      return
    fi
    # Mark domain as having been white-/blacklist matched (global variable)
    wbMatch=true
    # Print table name
    if [[ -z "${blockpage}" ]]; then
        echo " ${matchType^} found in ${COL_BOLD}exact ${table}${COL_NC}"
    fi
    # Loop over results and print them
    mapfile -t results <<< "${result}"
    for result in "${results[@]}"; do
        if [[ -n "${blockpage}" ]]; then
            echo "π ${result}"
            exit 0
        fi
        domain="${result/|*}"
        if [[ "${result#*|}" == "0" ]]; then
            extra=" (disabled)"
        else
            extra=""
        fi
        echo "   ${domain}${extra}"
    done
 }
-scanRegexDatabaseTable() {
+GenerateOutput() {
-    local domain list
+    local data gravity_data lists_data num_gravity num_lists search_type_str
-    domain="${1}"
+    local gravity_data_csv lists_data_csv line current_domain url type color
-    list="${2}"
+    data="${1}"
    type="${3:-}"
-    # Query all regex from the corresponding database tables
+    # construct a new json for the list results where each object contains the domain and the related type
-    mapfile -t regexList < <(sqlite3 "${gravityDBfile}" "SELECT domain FROM domainlist WHERE type = ${type}" 2> /dev/null)
+    lists_data=$(printf %s "${data}" | jq '.search.domains | [.[] | {domain: .domain, type: .type}]')
-    # If we have regexps to process
+    # construct a new json for the gravity results where each object contains the adlist URL and the related domains
-    if [[ "${#regexList[@]}" -ne 0 ]]; then
+    gravity_data=$(printf %s "${data}" | jq '.search.gravity  | group_by(.address,.type) | map({ address: (.[0].address), type: (.[0].type), domains: [.[] | .domain] })')
-        # Split regexps over a new line
+
-        str_regexList=$(printf '%s\n' "${regexList[@]}")
+    # number of objects in each json
-        # Check domain against regexps
+    num_gravity=$(printf %s "${gravity_data}" | jq length)
-        mapfile -t regexMatches < <(scanList "${domain}" "${str_regexList}" "regex")
+    num_lists=$(printf %s "${lists_data}" | jq length)
-        # If there were regex matches
+
-        if [[  "${#regexMatches[@]}" -ne 0 ]]; then
+    if [ "${partial}" = true ]; then
-            # Split matching regexps over a new line
+        search_type_str="partially"
-            str_regexMatches=$(printf '%s\n' "${regexMatches[@]}")
+    else
-            # Form a "matched" message
+        search_type_str="exactly"
-            str_message="${matchType^} found in ${COL_BOLD}regex ${list}${COL_NC}"
+    fi
-            # Form a "results" message
+
-            str_result="${COL_BOLD}${str_regexMatches}${COL_NC}"
+    # Results from allow/deny list
-            # If we are displaying more than just the source of the block
+    printf "%s\n\n" "Found ${num_lists} domains ${search_type_str} matching '${COL_BLUE}${domain}${COL_NC}'."
-            if [[ -z "${blockpage}" ]]; then
+    if [ "${num_lists}" -gt 0 ]; then
-                # Set the wildcard match flag
+        # Convert the data to a csv, each line is a "domain,type" string
-                wcMatch=true
+        # not using jq's @csv here as it quotes each value individually
-                # Echo the "matched" message, indented by one space
+        lists_data_csv=$(printf %s "${lists_data}" | jq --raw-output '.[] | [.domain, .type] | join(",")')
-                echo " ${str_message}"
+
-                # Echo the "results" message, each line indented by three spaces
+        # Generate output for each csv line, separating line in a domain and type substring at the ','
-                # shellcheck disable=SC2001
+        echo "${lists_data_csv}" | while read -r line; do
-                echo "${str_result}" | sed 's/^/   /'
+            printf "%s\n\n" "  - ${COL_GREEN}${line%,*}${COL_NC} (type: exact ${line#*,} domain)"
        done
    fi
    # Results from gravity
    printf "%s\n\n" "Found ${num_gravity} adlists ${search_type_str} matching '${COL_BLUE}${domain}${COL_NC}'."
    if [ "${num_gravity}" -gt 0 ]; then
        # Convert the data to a csv, each line is a "URL,domain,domain,...." string
        # not using jq's @csv here as it quotes each value individually
        gravity_data_csv=$(printf %s "${gravity_data}" | jq --raw-output '.[] | [.address, .type, .domains[]] | join(",")')
        # Generate line-by-line output for each csv line
        echo "${gravity_data_csv}" | while read -r line; do
            # Get first part of the line, the URL
            url=${line%%,*}
            # cut off URL, leaving "type,domain,domain,...."
            line=${line#*,}
            type=${line%%,*}
            # type == "block" -> red, type == "allow" -> green
            if [ "${type}" = "block" ]; then
                color="${COL_RED}"
            else
-                echo "π .wildcard"
+                color="${COL_GREEN}"
                exit 0
            fi
-        fi
+
            # print adlist URL
            printf "%s (%s)\n\n" "  - ${COL_BLUE}${url}${COL_NC}" "${color}${type}${COL_NC}"
            # cut off type, leaving "domain,domain,...."
            line=${line#*,}
            # print each domain and remove it from the string until nothing is left
            while [ ${#line} -gt 0 ]; do
                current_domain=${line%%,*}
                printf '    - %s\n' "${COL_GREEN}${current_domain}${COL_NC}"
                # we need to remove the current_domain and the comma in two steps because
                # the last domain won't have a trailing comma and the while loop wouldn't exit
                line=${line#"${current_domain}"}
                line=${line#,}
            done
            printf "\n\n"
        done
    fi
    # If no exact results were found, suggest using partial matching
    if [ "${num_lists}" -eq 0 ] && [ "${num_gravity}" -eq 0 ] && [ "${partial}" = false ]; then
        printf "%s\n" "Hint: Try partial matching with"
        printf "%s\n\n" "  ${COL_GREEN}pihole -q --partial ${domain}${COL_NC}"
    fi
 }
-# Scan Whitelist and Blacklist
+Main() {
-scanDatabaseTable "${domainQuery}" "whitelist" "0"
+    local data
 scanDatabaseTable "${domainQuery}" "blacklist" "1"
-# Scan Regex table
+    if [ -z "${domain}" ]; then
-scanRegexDatabaseTable "${domainQuery}" "whitelist" "2"
+        echo "No domain specified"
-scanRegexDatabaseTable "${domainQuery}" "blacklist" "3"
+        exit 1
 # Query block lists
 mapfile -t results <<< "$(scanDatabaseTable "${domainQuery}" "gravity")"
 # Handle notices
 if [[ -z "${wbMatch:-}" ]] && [[ -z "${wcMatch:-}" ]] && [[ -z "${results[*]}" ]]; then
    echo -e "  ${INFO} No ${exact/t/t }results found for ${COL_BOLD}${domainQuery}${COL_NC} within the block lists"
    exit 0
 elif [[ -z "${results[*]}" ]]; then
    # Result found in WL/BL/Wildcards
    exit 0
 elif [[ -z "${all}" ]] && [[ "${#results[*]}" -ge 100 ]]; then
    echo -e "  ${INFO} Over 100 ${exact/t/t }results found for ${COL_BOLD}${domainQuery}${COL_NC}
        This can be overridden using the -all option"
    exit 0
 fi
 # Print "Exact matches for" title
 if [[ -n "${exact}" ]] && [[ -z "${blockpage}" ]]; then
    plural=""; [[ "${#results[*]}" -gt 1 ]] && plural="es"
    echo " ${matchType^}${plural} for ${COL_BOLD}${domainQuery}${COL_NC} found in:"
 fi
 for result in "${results[@]}"; do
    match="${result/|*/}"
    extra="${result#*|}"
    adlistAddress="${extra/|*/}"
    extra="${extra#*|}"
    if [[ "${extra}" == "0" ]]; then
      extra="(disabled)"
    else
      extra=""
    fi
    # domains are lowercased and converted to punycode by FTL since
    # https://github.com/pi-hole/FTL/pull/1715
    # no need to do it here
-    if [[ -n "${blockpage}" ]]; then
+    # Authenticate with FTL
-        echo "0 ${adlistAddress}"
+    LoginAPI
    elif [[ -n "${exact}" ]]; then
        echo "  - ${adlistAddress} ${extra}"
    else
        if [[ ! "${adlistAddress}" == "${adlistAddress_prev:-}" ]]; then
            count=""
            echo " ${matchType^} found in ${COL_BOLD}${adlistAddress}${COL_NC}:"
            adlistAddress_prev="${adlistAddress}"
        fi
        : $((count++))
-        # Print matching domain if $max_count has not been reached
+    # send query again
-        [[ -z "${all}" ]] && max_count="50"
+    data=$(GetFTLData "search/${domain}?N=${max_results}&partial=${partial}")
-        if [[ -z "${all}" ]] && [[ "${count}" -ge "${max_count}" ]]; then
+
-            [[ "${count}" -gt "${max_count}" ]] && continue
+    GenerateOutput "${data}"
-            echo "   ${COL_GRAY}Over ${count} results found, skipping rest of file${COL_NC}"
+
-        else
+    # Delete session
-            echo "   ${match} ${extra}"
+    LogoutAPI
-        fi
+}
-    fi
+
 # Process all options (if present)
 while [ "$#" -gt 0 ]; do
    case "$1" in
    "-h" | "--help") Help ;;
    "--partial") partial="true" ;;
    "--all") max_results=10000 ;; # hard-coded FTL limit
    *) domain=$1 ;;
    esac
    shift
 done
-exit 0
+Main "${domain}"
--- a/advanced/Scripts/setupLCD.sh
+++ b/advanced/Scripts/setupLCD.sh
@@ -1,74 +0,0 @@
 #!/usr/bin/env bash
 # Pi-hole: A black hole for Internet advertisements
 # (c) 2017 Pi-hole, LLC (https://pi-hole.net)
 # Network-wide ad blocking via your own hardware.
 #
 # Automatically configures the Pi to use the 2.8 LCD screen to display stats on it (also works over ssh)
 #
 # This file is copyright under the latest version of the EUPL.
 # Please see LICENSE file for your rights under this license.
 ############ FUNCTIONS ###########
 # Borrowed from adafruit-pitft-helper < borrowed from raspi-config
 # https://github.com/adafruit/Adafruit-PiTFT-Helper/blob/master/adafruit-pitft-helper#L324-L334
 getInitSys() {
    if command -v systemctl > /dev/null && systemctl | grep -q '\-\.mount'; then
        SYSTEMD=1
    elif [ -f /etc/init.d/cron ] && [ ! -h /etc/init.d/cron ]; then
        SYSTEMD=0
    else
        echo "Unrecognized init system"
        return 1
    fi
 }
 # Borrowed from adafruit-pitft-helper:
 # https://github.com/adafruit/Adafruit-PiTFT-Helper/blob/master/adafruit-pitft-helper#L274-L285
 autoLoginPiToConsole() {
    if [ -e /etc/init.d/lightdm ]; then
        if [ ${SYSTEMD} -eq 1 ]; then
            systemctl set-default multi-user.target
            ln -fs /etc/systemd/system/autologin@.service /etc/systemd/system/getty.target.wants/getty@tty1.service
        else
            update-rc.d lightdm disable 2
            sed /etc/inittab -i -e "s/1:2345:respawn:\/sbin\/getty --noclear 38400 tty1/1:2345:respawn:\/bin\/login -f pi tty1 <\/dev\/tty1 >\/dev\/tty1 2>&1/"
        fi
    fi
 }
 ######### SCRIPT ###########
 # Set pi to log in automatically
 getInitSys
 autoLoginPiToConsole
 # Set chronomter to run automatically when pi logs in
 echo /usr/local/bin/chronometer.sh >> /home/pi/.bashrc
 # OR
 #$SUDO echo /usr/local/bin/chronometer.sh >> /etc/profile
 # Set up the LCD screen based on Adafruits instuctions:
 # https://learn.adafruit.com/adafruit-pitft-28-inch-resistive-touchscreen-display-raspberry-pi/easy-install
 curl -SLs https://apt.adafruit.com/add-pin | bash
 apt-get -y install raspberrypi-bootloader
 apt-get -y install adafruit-pitft-helper
 adafruit-pitft-helper -t 28r
 # Download the cmdline.txt file that prevents the screen from going blank after a period of time
 mv /boot/cmdline.txt /boot/cmdline.orig
 curl -o /boot/cmdline.txt https://raw.githubusercontent.com/pi-hole/pi-hole/master/advanced/cmdline.txt
 # Back up the original file and download the new one
 mv /etc/default/console-setup /etc/default/console-setup.orig
 curl -o /etc/default/console-setup https://raw.githubusercontent.com/pi-hole/pi-hole/master/advanced/console-setup
 # Instantly apply the font change to the LCD screen
 setupcon
 reboot
 # Start showing the stats on the screen by running the command on another tty:
 # https://unix.stackexchange.com/questions/170063/start-a-process-on-a-different-tty
 #setsid sh -c 'exec /usr/local/bin/chronometer.sh <> /dev/tty1 >&0 2>&1'
--- a/advanced/Scripts/update.sh
+++ b/advanced/Scripts/update.sh
@@ -11,13 +11,13 @@
 # Please see LICENSE file for your rights under this license.
 # Variables
-readonly ADMIN_INTERFACE_GIT_URL="https://github.com/pi-hole/AdminLTE.git"
+readonly ADMIN_INTERFACE_GIT_URL="https://github.com/pi-hole/web.git"
 readonly ADMIN_INTERFACE_DIR="/var/www/html/admin"
 readonly PI_HOLE_GIT_URL="https://github.com/pi-hole/pi-hole.git"
 readonly PI_HOLE_FILES_DIR="/etc/.pihole"
 # shellcheck disable=SC2034
-PH_TEST=true
+SKIP_INSTALL=true
 # when --check-only is passed to this script, it will not perform the actual update
 CHECK_ONLY=false
@@ -35,41 +35,56 @@ source "/opt/pihole/COL_TABLE"
 GitCheckUpdateAvail() {
    local directory
    local curBranch
    directory="${1}"
    curdir=$PWD
-    cd "${directory}" || return
+    cd "${directory}" || exit 1
    # Fetch latest changes in this repo
-    git fetch --quiet origin
+    if ! git fetch --quiet origin ; then
        echo -e "\\n  ${COL_LIGHT_RED}Error: Unable to update local repository. Contact Pi-hole Support.${COL_NC}"
        exit 1
    fi
-    # @ alone is a shortcut for HEAD. Older versions of git
+    # Check current branch. If it is master, then check for the latest available tag instead of latest commit.
-    # need @{0}
+    curBranch=$(git rev-parse --abbrev-ref HEAD)
-    LOCAL="$(git rev-parse "@{0}")"
+    if [[ "${curBranch}" == "master" ]]; then
        # get the latest local tag
        LOCAL=$(git describe --abbrev=0 --tags master)
        # get the latest tag from remote
        REMOTE=$(git describe --abbrev=0 --tags origin/master)
    else
        # @ alone is a shortcut for HEAD. Older versions of git
        # need @{0}
        LOCAL="$(git rev-parse "@{0}")"
        # The suffix @{upstream} to a branchname
        # (short form <branchname>@{u}) refers
        # to the branch that the branch specified
        # by branchname is set to build on top of#
        # (configured with branch.<name>.remote and
        # branch.<name>.merge). A missing branchname
        # defaults to the current one.
        REMOTE="$(git rev-parse "@{upstream}")"
    fi
    # The suffix @{upstream} to a branchname
    # (short form <branchname>@{u}) refers
    # to the branch that the branch specified
    # by branchname is set to build on top of#
    # (configured with branch.<name>.remote and
    # branch.<name>.merge). A missing branchname
    # defaults to the current one.
    REMOTE="$(git rev-parse "@{upstream}")"
    if [[ "${#LOCAL}" == 0 ]]; then
        echo -e "\\n  ${COL_LIGHT_RED}Error: Local revision could not be obtained, please contact Pi-hole Support"
        echo -e "  Additional debugging output:${COL_NC}"
        git status
-        exit
+        exit 1
    fi
    if [[ "${#REMOTE}" == 0 ]]; then
        echo -e "\\n  ${COL_LIGHT_RED}Error: Remote revision could not be obtained, please contact Pi-hole Support"
        echo -e "  Additional debugging output:${COL_NC}"
        git status
-        exit
+        exit 1
    fi
    # Change back to original directory
-    cd "${curdir}" || exit
+    cd "${curdir}" || exit 1
    if [[ "${LOCAL}" != "${REMOTE}" ]]; then
        # Local branch is behind remote branch -> Update
@@ -92,12 +107,10 @@ main() {
    web_update=false
    FTL_update=false
    # shellcheck disable=1090,2154
    source "${setupVars}"
    # Install packages used by this installation script (necessary if users have removed e.g. git from their systems)
    package_manager_detect
-    install_dependent_packages "${INSTALLER_DEPS[@]}"
+    build_dependency_package
    install_dependent_packages
    # This is unlikely
    if ! is_repo "${PI_HOLE_FILES_DIR}" ; then
@@ -116,20 +129,18 @@ main() {
        echo -e "  ${INFO} Pi-hole Core:\\t${COL_LIGHT_GREEN}up to date${COL_NC}"
    fi
-    if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then
+    if ! is_repo "${ADMIN_INTERFACE_DIR}" ; then
-        if ! is_repo "${ADMIN_INTERFACE_DIR}" ; then
+        echo -e "\\n  ${COL_LIGHT_RED}Error: Web Admin repo is missing from system!"
-            echo -e "\\n  ${COL_LIGHT_RED}Error: Web Admin repo is missing from system!"
+        echo -e "  Please re-run install script from https://pi-hole.net${COL_NC}"
-            echo -e "  Please re-run install script from https://pi-hole.net${COL_NC}"
+        exit 1;
-            exit 1;
+    fi
        fi
-        if GitCheckUpdateAvail "${ADMIN_INTERFACE_DIR}" ; then
+    if GitCheckUpdateAvail "${ADMIN_INTERFACE_DIR}" ; then
-            web_update=true
+        web_update=true
-            echo -e "  ${INFO} Web Interface:\\t${COL_YELLOW}update available${COL_NC}"
+        echo -e "  ${INFO} Web Interface:\\t${COL_YELLOW}update available${COL_NC}"
-        else
+    else
-            web_update=false
+        web_update=false
-            echo -e "  ${INFO} Web Interface:\\t${COL_LIGHT_GREEN}up to date${COL_NC}"
+        echo -e "  ${INFO} Web Interface:\\t${COL_LIGHT_GREEN}up to date${COL_NC}"
        fi
    fi
    local funcOutput
@@ -137,7 +148,7 @@ main() {
    local binary
    binary="pihole-FTL${funcOutput##*pihole-FTL}" #binary name will be the last line of the output of get_binary_name (it always begins with pihole-FTL)
-    if FTLcheckUpdate "${binary}" > /dev/null; then
+    if FTLcheckUpdate "${binary}" &>/dev/null; then
        FTL_update=true
        echo -e "  ${INFO} FTL:\\t\\t${COL_YELLOW}update available${COL_NC}"
    else
@@ -148,8 +159,13 @@ main() {
            2)
                echo -e "  ${INFO} FTL:\\t\\t${COL_LIGHT_RED}Branch is not available.${COL_NC}\\n\\t\\t\\tUse ${COL_LIGHT_GREEN}pihole checkout ftl [branchname]${COL_NC} to switch to a valid branch."
                ;;
            3)
                echo -e "  ${INFO} FTL:\\t\\t${COL_LIGHT_RED}Something has gone wrong, cannot reach download server${COL_NC}"
                exit 1
                ;;
            *)
                echo -e "  ${INFO} FTL:\\t\\t${COL_LIGHT_RED}Something has gone wrong, contact support${COL_NC}"
                exit 1
        esac
        FTL_update=false
    fi
@@ -200,16 +216,21 @@ main() {
    if [[ "${FTL_update}" == true || "${core_update}" == true ]]; then
        ${PI_HOLE_FILES_DIR}/automated\ install/basic-install.sh --reconfigure --unattended || \
-        echo -e "${basicError}" && exit 1
+            echo -e "${basicError}" && exit 1
    fi
    if [[ "${FTL_update}" == true || "${core_update}" == true || "${web_update}" == true ]]; then
-        # Force an update of the updatechecker
+        # Update local and remote versions via updatechecker
        /opt/pihole/updatecheck.sh
        /opt/pihole/updatecheck.sh x remote
        echo -e "  ${INFO} Local version file information updated."
    fi
    # if there was only a web update, show the new versions
    # (on core and FTL updates, this is done as part of the installer run)
    if [[ "${web_update}" == true &&  "${FTL_update}" == false && "${core_update}" == false ]]; then
        "${PI_HOLE_BIN_DIR}"/pihole version
    fi
    echo ""
    exit 0
 }
--- a/advanced/Scripts/updatecheck.sh
+++ b/advanced/Scripts/updatecheck.sh
@@ -8,87 +8,126 @@
 # This file is copyright under the latest version of the EUPL.
 # Please see LICENSE file for your rights under this license.
 # Credit: https://stackoverflow.com/a/46324904
 function json_extract() {
    local key=$1
    local json=$2
    local string_regex='"([^"\]|\\.)*"'
    local number_regex='-?(0|[1-9][0-9]*)(\.[0-9]+)?([eE][+-]?[0-9]+)?'
    local value_regex="${string_regex}|${number_regex}|true|false|null"
    local pair_regex="\"${key}\"[[:space:]]*:[[:space:]]*(${value_regex})"
    if [[ ${json} =~ ${pair_regex} ]]; then
        echo $(sed 's/^"\|"$//g' <<< "${BASH_REMATCH[1]}")
    else
        return 1
    fi
 }
 function get_local_branch() {
    # Return active branch
-    cd "${1}" 2> /dev/null || return 1
+    cd "${1}" 2>/dev/null || return 1
    git rev-parse --abbrev-ref HEAD || return 1
 }
 function get_local_version() {
-    # Return active branch
+    # Return active version
-    cd "${1}" 2> /dev/null || return 1
+    cd "${1}" 2>/dev/null || return 1
-    git describe --long --dirty --tags 2> /dev/null || return 1
+    git describe --tags --always 2>/dev/null || return 1
 }
-# Source the setupvars config file
+function get_local_hash() {
    cd "${1}" 2>/dev/null || return 1
    git rev-parse --short=8 HEAD || return 1
 }
 function get_remote_version() {
    # if ${2} is = "master" we need to use the "latest" endpoint, otherwise, we simply return null
    if [[ "${2}" == "master" ]]; then
        curl -s "https://api.github.com/repos/pi-hole/${1}/releases/latest" 2>/dev/null | jq --raw-output .tag_name || return 1
    else
        echo "null"
    fi
 }
 function get_remote_hash() {
    git ls-remote "https://github.com/pi-hole/${1}" --tags "${2}" | awk '{print substr($0, 1,8);}' || return 1
 }
 # Source the utils file for addOrEditKeyValPair()
 # shellcheck disable=SC1091
-. /etc/pihole/setupVars.conf
+. /opt/pihole/utils.sh
-if [[ "$2" == "remote" ]]; then
+# Remove the below three legacy files if they exist
 rm -f "/etc/pihole/GitHubVersions"
 rm -f "/etc/pihole/localbranches"
 rm -f "/etc/pihole/localversions"
-    if [[ "$3" == "reboot" ]]; then
+# Create new versions file if it does not exist
-        sleep 30
+VERSION_FILE="/etc/pihole/versions"
-    fi
+touch "${VERSION_FILE}"
-
+chmod 644 "${VERSION_FILE}"
    GITHUB_VERSION_FILE="/etc/pihole/GitHubVersions"
    GITHUB_CORE_VERSION="$(json_extract tag_name "$(curl -s 'https://api.github.com/repos/pi-hole/pi-hole/releases/latest' 2> /dev/null)")"
    echo -n "${GITHUB_CORE_VERSION}" > "${GITHUB_VERSION_FILE}"
    chmod 644 "${GITHUB_VERSION_FILE}"
    if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then
        GITHUB_WEB_VERSION="$(json_extract tag_name "$(curl -s 'https://api.github.com/repos/pi-hole/AdminLTE/releases/latest' 2> /dev/null)")"
        echo -n " ${GITHUB_WEB_VERSION}" >> "${GITHUB_VERSION_FILE}"
    fi
    GITHUB_FTL_VERSION="$(json_extract tag_name "$(curl -s 'https://api.github.com/repos/pi-hole/FTL/releases/latest' 2> /dev/null)")"
    echo -n " ${GITHUB_FTL_VERSION}" >> "${GITHUB_VERSION_FILE}"
 else
    LOCAL_BRANCH_FILE="/etc/pihole/localbranches"
    CORE_BRANCH="$(get_local_branch /etc/.pihole)"
    echo -n "${CORE_BRANCH}" > "${LOCAL_BRANCH_FILE}"
    chmod 644 "${LOCAL_BRANCH_FILE}"
    if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then
        WEB_BRANCH="$(get_local_branch /var/www/html/admin)"
        echo -n " ${WEB_BRANCH}" >> "${LOCAL_BRANCH_FILE}"
    fi
    FTL_BRANCH="$(pihole-FTL branch)"
    echo -n " ${FTL_BRANCH}" >> "${LOCAL_BRANCH_FILE}"
    LOCAL_VERSION_FILE="/etc/pihole/localversions"
    CORE_VERSION="$(get_local_version /etc/.pihole)"
    echo -n "${CORE_VERSION}" > "${LOCAL_VERSION_FILE}"
    chmod 644 "${LOCAL_VERSION_FILE}"
    if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then
        WEB_VERSION="$(get_local_version /var/www/html/admin)"
        echo -n " ${WEB_VERSION}" >> "${LOCAL_VERSION_FILE}"
    fi
    FTL_VERSION="$(pihole-FTL version)"
    echo -n " ${FTL_VERSION}" >> "${LOCAL_VERSION_FILE}"
 # if /pihole.docker.tag file exists, we will use it's value later in this script
 DOCKER_TAG=$(cat /pihole.docker.tag 2>/dev/null)
 release_regex='^([0-9]+\.){1,2}(\*|[0-9]+)(-.*)?$'
 regex=$release_regex'|(^nightly$)|(^dev.*$)'
 if [[ ! "${DOCKER_TAG}" =~ $regex ]]; then
    # DOCKER_TAG does not match the pattern (see https://regex101.com/r/RsENuz/1), so unset it.
    unset DOCKER_TAG
 fi
 # used in cronjob
 if [[ "$1" == "reboot" ]]; then
    sleep 30
 fi
 # get Core versions
 CORE_VERSION="$(get_local_version /etc/.pihole)"
 addOrEditKeyValPair "${VERSION_FILE}" "CORE_VERSION" "${CORE_VERSION}"
 CORE_BRANCH="$(get_local_branch /etc/.pihole)"
 addOrEditKeyValPair "${VERSION_FILE}" "CORE_BRANCH" "${CORE_BRANCH}"
 CORE_HASH="$(get_local_hash /etc/.pihole)"
 addOrEditKeyValPair "${VERSION_FILE}" "CORE_HASH" "${CORE_HASH}"
 GITHUB_CORE_VERSION="$(get_remote_version pi-hole "${CORE_BRANCH}")"
 addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_CORE_VERSION" "${GITHUB_CORE_VERSION}"
 GITHUB_CORE_HASH="$(get_remote_hash pi-hole "${CORE_BRANCH}")"
 addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_CORE_HASH" "${GITHUB_CORE_HASH}"
 # get Web versions
 WEB_VERSION="$(get_local_version /var/www/html/admin)"
 addOrEditKeyValPair "${VERSION_FILE}" "WEB_VERSION" "${WEB_VERSION}"
 WEB_BRANCH="$(get_local_branch /var/www/html/admin)"
 addOrEditKeyValPair "${VERSION_FILE}" "WEB_BRANCH" "${WEB_BRANCH}"
 WEB_HASH="$(get_local_hash /var/www/html/admin)"
 addOrEditKeyValPair "${VERSION_FILE}" "WEB_HASH" "${WEB_HASH}"
 GITHUB_WEB_VERSION="$(get_remote_version web "${WEB_BRANCH}")"
 addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_WEB_VERSION" "${GITHUB_WEB_VERSION}"
 GITHUB_WEB_HASH="$(get_remote_hash web "${WEB_BRANCH}")"
 addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_WEB_HASH" "${GITHUB_WEB_HASH}"
 # get FTL versions
 FTL_VERSION="$(pihole-FTL version)"
 addOrEditKeyValPair "${VERSION_FILE}" "FTL_VERSION" "${FTL_VERSION}"
 FTL_BRANCH="$(pihole-FTL branch)"
 addOrEditKeyValPair "${VERSION_FILE}" "FTL_BRANCH" "${FTL_BRANCH}"
 FTL_HASH="$(pihole-FTL --hash)"
 addOrEditKeyValPair "${VERSION_FILE}" "FTL_HASH" "${FTL_HASH}"
 GITHUB_FTL_VERSION="$(get_remote_version FTL "${FTL_BRANCH}")"
 addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_FTL_VERSION" "${GITHUB_FTL_VERSION}"
 GITHUB_FTL_HASH="$(get_remote_hash FTL "${FTL_BRANCH}")"
 addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_FTL_HASH" "${GITHUB_FTL_HASH}"
 # get Docker versions
 if [[ "${DOCKER_TAG}" ]]; then
    addOrEditKeyValPair "${VERSION_FILE}" "DOCKER_VERSION" "${DOCKER_TAG}"
    # Remote version check only if the tag is a valid release version
    docker_branch=""
    if [[ "${DOCKER_TAG}" =~ $release_regex ]]; then
        docker_branch="master"
    fi
    GITHUB_DOCKER_VERSION="$(get_remote_version docker-pi-hole "${docker_branch}")"
    addOrEditKeyValPair "${VERSION_FILE}" "GITHUB_DOCKER_VERSION" "${GITHUB_DOCKER_VERSION}"
 fi
--- a/advanced/Scripts/utils.sh
+++ b/advanced/Scripts/utils.sh
@@ -0,0 +1,95 @@
 #!/usr/bin/env sh
 # shellcheck disable=SC3043 #https://github.com/koalaman/shellcheck/wiki/SC3043#exceptions
 # Pi-hole: A black hole for Internet advertisements
 # (c) 2017 Pi-hole, LLC (https://pi-hole.net)
 # Network-wide ad blocking via your own hardware.
 #
 # Script to hold utility functions for use in other scripts
 #
 # This file is copyright under the latest version of the EUPL.
 # Please see LICENSE file for your rights under this license.
 # Basic Housekeeping rules
 #  - Functions must be self contained
 #  - Functions should be grouped with other similar functions
 #  - Functions must be documented
 #  - New functions must have a test added for them in test/test_any_utils.py
 #######################
 # Takes Three arguments: file, key, and value.
 #
 # Checks the target file for the existence of the key
 #   - If it exists, it changes the value
 #   - If it does not exist, it adds the value
 #
 # Example usage:
 # addOrEditKeyValPair "/etc/pihole/setupVars.conf" "BLOCKING_ENABLED" "true"
 #######################
 addOrEditKeyValPair() {
  local file="${1}"
  local key="${2}"
  local value="${3}"
  # touch file to prevent grep error if file does not exist yet
  touch "${file}"
  if grep -q "^${key}=" "${file}"; then
    # Key already exists in file, modify the value
    sed -i "/^${key}=/c\\${key}=${value}" "${file}"
  else
    # Key does not already exist, add it and it's value
    echo "${key}=${value}" >> "${file}"
  fi
 }
 #######################
 # returns FTL's PID based on the content of the pihole-FTL.pid file
 #
 # Takes one argument: path to pihole-FTL.pid
 # Example getFTLPID "/run/pihole-FTL.pid"
 #######################
 getFTLPID() {
    local FTL_PID_FILE="${1}"
    local FTL_PID
    if [ -s "${FTL_PID_FILE}" ]; then
        # -s: FILE exists and has a size greater than zero
        FTL_PID="$(cat "${FTL_PID_FILE}")"
        # Exploit prevention: unset the variable if there is malicious content
        # Verify that the value read from the file is numeric
        expr "${FTL_PID}" : "[^[:digit:]]" > /dev/null && unset FTL_PID
    fi
    # If FTL is not running, or the PID file contains malicious stuff, substitute
    # negative PID to signal this
    FTL_PID=${FTL_PID:=-1}
    echo  "${FTL_PID}"
 }
 #######################
 # returns value from FTLs config file using pihole-FTL --config
 #
 # Takes one argument: key
 # Example getFTLConfigValue dns.piholePTR
 #######################
 getFTLConfigValue(){
  pihole-FTL --config -q "${1}"
 }
 #######################
 # sets value in FTLs config file using pihole-FTL --config
 #
 # Takes two arguments: key and value
 # Example setFTLConfigValue dns.piholePTR PI.HOLE
 #
 # Note, for complex values such as dns.upstreams, you should wrap the value in single quotes:
 # setFTLConfigValue dns.upstreams '[ "8.8.8.8" , "8.8.4.4" ]'
 #######################
 setFTLConfigValue(){
  pihole-FTL --config "${1}" "${2}" >/dev/null
  if [[ $? -eq 5 ]]; then
    echo -e "  ${CROSS} ${1} set by environment variable. Please unset it to use this function"
    exit 5
  fi
 }
--- a/advanced/Scripts/version.sh
+++ b/advanced/Scripts/version.sh
@@ -1,4 +1,4 @@
-#!/usr/bin/env bash
+#!/usr/bin/env sh
 # Pi-hole: A black hole for Internet advertisements
 # (c) 2017 Pi-hole, LLC (https://pi-hole.net)
 # Network-wide ad blocking via your own hardware.
@@ -8,210 +8,51 @@
 # This file is copyright under the latest version of the EUPL.
 # Please see LICENSE file for your rights under this license.
-# Variables
+# Ignore warning about `local` being undefinded in POSIX
-DEFAULT="-1"
+# shellcheck disable=SC3043
-COREGITDIR="/etc/.pihole/"
+# https://github.com/koalaman/shellcheck/wiki/SC3043#exceptions
 WEBGITDIR="/var/www/html/admin/"
-getLocalVersion() {
+# Source the versions file poupulated by updatechecker.sh
-    # FTL requires a different method
+cachedVersions="/etc/pihole/versions"
-    if [[ "$1" == "FTL" ]]; then
+
-        pihole-FTL version
+if [ -f ${cachedVersions} ]; then
-        return 0
+    # shellcheck disable=SC1090
    . "$cachedVersions"
 else
    echo "Could not find /etc/pihole/versions. Running update now."
    pihole updatechecker
    # shellcheck disable=SC1090
    . "$cachedVersions"
 fi
 main() {
    local details
    details=false
    # Automatically show detailed information if
    # at least one of the components is not on master branch
    if [ ! "${CORE_BRANCH}" = "master" ] || [ ! "${WEB_BRANCH}" = "master" ] || [ ! "${FTL_BRANCH}" = "master" ]; then
        details=true
    fi
-    # Get the tagged version of the local repository
+    if [ "${details}" = true ]; then
-    local directory="${1}"
+        echo "Core"
-    local version
+        echo "    Version is ${CORE_VERSION:=N/A} (Latest: ${GITHUB_CORE_VERSION:=N/A})"
-
+        echo "    Branch is ${CORE_BRANCH:=N/A}"
-    cd "${directory}" 2> /dev/null || { echo "${DEFAULT}"; return 1; }
+        echo "    Hash is ${CORE_HASH:=N/A} (Latest: ${GITHUB_CORE_HASH:=N/A})"
-    version=$(git describe --tags --always || echo "$DEFAULT")
+        echo "Web"
-    if [[ "${version}" =~ ^v ]]; then
+        echo "    Version is ${WEB_VERSION:=N/A} (Latest: ${GITHUB_WEB_VERSION:=N/A})"
-        echo "${version}"
+        echo "    Branch is ${WEB_BRANCH:=N/A}"
-    elif [[ "${version}" == "${DEFAULT}" ]]; then
+        echo "    Hash is ${WEB_HASH:=N/A} (Latest: ${GITHUB_WEB_HASH:=N/A})"
-        echo "ERROR"
+        echo "FTL"
-        return 1
+        echo "    Version is ${FTL_VERSION:=N/A} (Latest: ${GITHUB_FTL_VERSION:=N/A})"
        echo "    Branch is ${FTL_BRANCH:=N/A}"
        echo "    Hash is ${FTL_HASH:=N/A} (Latest: ${GITHUB_FTL_HASH:=N/A})"
    else
-        echo "Untagged"
+        echo "Core version is ${CORE_VERSION:=N/A} (Latest: ${GITHUB_CORE_VERSION:=N/A})"
        echo "Web version is ${WEB_VERSION:=N/A} (Latest: ${GITHUB_WEB_VERSION:=N/A})"
        echo "FTL version is ${FTL_VERSION:=N/A} (Latest: ${GITHUB_FTL_VERSION:=N/A})"
    fi
    return 0
 }
-getLocalHash() {
+main
    # Local FTL hash does not exist on filesystem
    if [[ "$1" == "FTL" ]]; then
        echo "N/A"
        return 0
    fi
    # Get the short hash of the local repository
    local directory="${1}"
    local hash
    cd "${directory}" 2> /dev/null || { echo "${DEFAULT}"; return 1; }
    hash=$(git rev-parse --short HEAD || echo "$DEFAULT")
    if [[ "${hash}" == "${DEFAULT}" ]]; then
        echo "ERROR"
        return 1
    else
        echo "${hash}"
    fi
    return 0
 }
 getRemoteHash(){
    # Remote FTL hash is not applicable
    if [[ "$1" == "FTL" ]]; then
        echo "N/A"
        return 0
    fi
    local daemon="${1}"
    local branch="${2}"
    hash=$(git ls-remote --heads "https://github.com/pi-hole/${daemon}" | \
        awk -v bra="$branch" '$0~bra {print substr($0,0,8);exit}')
    if [[ -n "$hash" ]]; then
        echo "$hash"
    else
        echo "ERROR"
        return 1
    fi
    return 0
 }
 getRemoteVersion(){
    # Get the version from the remote origin
    local daemon="${1}"
    local version
    local cachedVersions
    local arrCache
    cachedVersions="/etc/pihole/GitHubVersions"
    #If the above file exists, then we can read from that. Prevents overuse of GitHub API
    if [[ -f "$cachedVersions" ]]; then
        IFS=' ' read -r -a arrCache < "$cachedVersions"
        case $daemon in
          "pi-hole"   )  echo "${arrCache[0]}";;
          "AdminLTE"  )  echo "${arrCache[1]}";;
          "FTL"       )  echo "${arrCache[2]}";;
        esac
        return 0
    fi
    version=$(curl --silent --fail "https://api.github.com/repos/pi-hole/${daemon}/releases/latest" | \
        awk -F: '$1 ~/tag_name/ { print $2 }' | \
        tr -cd '[[:alnum:]]._-')
    if [[ "${version}" =~ ^v ]]; then
        echo "${version}"
    else
        echo "ERROR"
        return 1
    fi
    return 0
 }
 getLocalBranch(){
    # Get the checked out branch of the local directory
    local directory="${1}"
    local branch
     # Local FTL btranch is stored in /etc/pihole/ftlbranch
    if [[ "$1" == "FTL" ]]; then
        branch="$(pihole-FTL branch)"
    else
        cd "${directory}" 2> /dev/null || { echo "${DEFAULT}"; return 1; }
        branch=$(git rev-parse --abbrev-ref HEAD || echo "$DEFAULT")
    fi
    if [[ ! "${branch}" =~ ^v ]]; then
        if [[ "${branch}" == "master" ]]; then
            echo ""
        elif [[ "${branch}" == "HEAD" ]]; then
            echo "in detached HEAD state at "
        else
            echo "${branch} "
        fi
    else
        # Branch started in "v"
        echo "release "
    fi
    return 0
 }
 versionOutput() {
    [[ "$1" == "pi-hole" ]] && GITDIR=$COREGITDIR
    [[ "$1" == "AdminLTE" ]] && GITDIR=$WEBGITDIR
    [[ "$1" == "FTL" ]] && GITDIR="FTL"
    [[ "$2" == "-c" ]] || [[ "$2" == "--current" ]] || [[ -z "$2" ]] && current=$(getLocalVersion $GITDIR) && branch=$(getLocalBranch $GITDIR)
    [[ "$2" == "-l" ]] || [[ "$2" == "--latest" ]] || [[ -z "$2" ]] && latest=$(getRemoteVersion "$1")
    if [[ "$2" == "-h" ]] || [[ "$2" == "--hash" ]]; then
        [[ "$3" == "-c" ]] || [[ "$3" == "--current" ]] || [[ -z "$3" ]] && curHash=$(getLocalHash "$GITDIR") && branch=$(getLocalBranch $GITDIR)
        [[ "$3" == "-l" ]] || [[ "$3" == "--latest" ]] || [[ -z "$3" ]] && latHash=$(getRemoteHash "$1" "$(cd "$GITDIR" 2> /dev/null && git rev-parse --abbrev-ref HEAD)")
    fi
    if [[ -n "$current" ]] && [[ -n "$latest" ]]; then
        output="${1^} version is $branch$current (Latest: $latest)"
    elif [[ -n "$current" ]] && [[ -z "$latest" ]]; then
        output="Current ${1^} version is $branch$current"
    elif [[ -z "$current" ]] && [[ -n "$latest" ]]; then
        output="Latest ${1^} version is $latest"
    elif [[ "$curHash" == "N/A" ]] || [[ "$latHash" == "N/A" ]]; then
        output="${1^} hash is not applicable"
    elif [[ -n "$curHash" ]] && [[ -n "$latHash" ]]; then
        output="${1^} hash is $curHash (Latest: $latHash)"
    elif [[ -n "$curHash" ]] && [[ -z "$latHash" ]]; then
        output="Current ${1^} hash is $curHash"
    elif [[ -z "$curHash" ]] && [[ -n "$latHash" ]]; then
        output="Latest ${1^} hash is $latHash"
    else
        errorOutput
    fi
    [[ -n "$output" ]] && echo "  $output"
 }
 errorOutput() {
    echo "  Invalid Option! Try 'pihole -v --help' for more information."
    exit 1
 }
 defaultOutput() {
    # Source the setupvars config file
    # shellcheck disable=SC1091
    source /etc/pihole/setupVars.conf
    versionOutput "pi-hole" "$@"
    if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then
        versionOutput "AdminLTE" "$@"
    fi
    versionOutput "FTL" "$@"
 }
 helpFunc() {
    echo "Usage: pihole -v [repo | option] [option]
 Example: 'pihole -v -p -l'
 Show Pi-hole, Admin Console & FTL versions
 Repositories:
  -p, --pihole         Only retrieve info regarding Pi-hole repository
  -a, --admin          Only retrieve info regarding AdminLTE repository
  -f, --ftl            Only retrieve info regarding FTL repository
 Options:
  -c, --current        Return the current version
  -l, --latest         Return the latest version
  --hash               Return the GitHub hash from your local repositories
  -h, --help           Show this help dialog"
  exit 0
 }
 case "${1}" in
    "-p" | "--pihole"    ) shift; versionOutput "pi-hole" "$@";;
    "-a" | "--admin"     ) shift; versionOutput "AdminLTE" "$@";;
    "-f" | "--ftl"       ) shift; versionOutput "FTL" "$@";;
    "-h" | "--help"      ) helpFunc;;
    *                    ) defaultOutput "$@";;
 esac
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -1,855 +0,0 @@
 #!/usr/bin/env bash
 # shellcheck disable=SC1090
 # Pi-hole: A black hole for Internet advertisements
 # (c) 2017 Pi-hole, LLC (https://pi-hole.net)
 # Network-wide ad blocking via your own hardware.
 #
 # Web interface settings
 #
 # This file is copyright under the latest version of the EUPL.
 # Please see LICENSE file for your rights under this license.
 readonly dnsmasqconfig="/etc/dnsmasq.d/01-pihole.conf"
 readonly dhcpconfig="/etc/dnsmasq.d/02-pihole-dhcp.conf"
 readonly FTLconf="/etc/pihole/pihole-FTL.conf"
 # 03 -> wildcards
 readonly dhcpstaticconfig="/etc/dnsmasq.d/04-pihole-static-dhcp.conf"
 readonly dnscustomfile="/etc/pihole/custom.list"
 readonly dnscustomcnamefile="/etc/dnsmasq.d/05-pihole-custom-cname.conf"
 readonly gravityDBfile="/etc/pihole/gravity.db"
 # Source install script for ${setupVars}, ${PI_HOLE_BIN_DIR} and valid_ip()
 readonly PI_HOLE_FILES_DIR="/etc/.pihole"
 # shellcheck disable=SC2034  # used in basic-install
 PH_TEST="true"
 source "${PI_HOLE_FILES_DIR}/automated install/basic-install.sh"
 coltable="/opt/pihole/COL_TABLE"
 if [[ -f ${coltable} ]]; then
    source ${coltable}
 fi
 helpFunc() {
    echo "Usage: pihole -a [options]
 Example: pihole -a -p password
 Set options for the Admin Console
 Options:
  -p, password        Set Admin Console password
  -c, celsius         Set Celsius as preferred temperature unit
  -f, fahrenheit      Set Fahrenheit as preferred temperature unit
  -k, kelvin          Set Kelvin as preferred temperature unit
  -e, email           Set an administrative contact address for the Block Page
  -h, --help          Show this help dialog
  -i, interface       Specify dnsmasq's interface listening behavior
  -l, privacylevel    Set privacy level (0 = lowest, 3 = highest)
  -t, teleporter      Backup configuration as an archive"
    exit 0
 }
 add_setting() {
    echo "${1}=${2}" >> "${setupVars}"
 }
 delete_setting() {
    sed -i "/^${1}/d" "${setupVars}"
 }
 change_setting() {
    delete_setting "${1}"
    add_setting "${1}" "${2}"
 }
 addFTLsetting() {
    echo "${1}=${2}" >> "${FTLconf}"
 }
 deleteFTLsetting() {
    sed -i "/^${1}/d" "${FTLconf}"
 }
 changeFTLsetting() {
    deleteFTLsetting "${1}"
    addFTLsetting "${1}" "${2}"
 }
 add_dnsmasq_setting() {
    if [[ "${2}" != "" ]]; then
        echo "${1}=${2}" >> "${dnsmasqconfig}"
    else
        echo "${1}" >> "${dnsmasqconfig}"
    fi
 }
 delete_dnsmasq_setting() {
    sed -i "/^${1}/d" "${dnsmasqconfig}"
 }
 SetTemperatureUnit() {
    change_setting "TEMPERATUREUNIT" "${unit}"
    echo -e "  ${TICK} Set temperature unit to ${unit}"
 }
 HashPassword() {
    # Compute password hash twice to avoid rainbow table vulnerability
    return=$(echo -n "${1}" | sha256sum | sed 's/\s.*$//')
    return=$(echo -n "${return}" | sha256sum | sed 's/\s.*$//')
    echo "${return}"
 }
 SetWebPassword() {
    if [ "${SUDO_USER}" == "www-data" ]; then
        echo "Security measure: user www-data is not allowed to change webUI password!"
        echo "Exiting"
        exit 1
    fi
    if [ "${SUDO_USER}" == "lighttpd" ]; then
        echo "Security measure: user lighttpd is not allowed to change webUI password!"
        echo "Exiting"
        exit 1
    fi
    if (( ${#args[2]} > 0 )) ; then
        readonly PASSWORD="${args[2]}"
        readonly CONFIRM="${PASSWORD}"
    else
        # Prevents a bug if the user presses Ctrl+C and it continues to hide the text typed.
        # So we reset the terminal via stty if the user does press Ctrl+C
        trap '{ echo -e "\nNo password will be set" ; stty sane ; exit 1; }' INT
        read -s -r -p "Enter New Password (Blank for no password): " PASSWORD
        echo ""
    if [ "${PASSWORD}" == "" ]; then
        change_setting "WEBPASSWORD" ""
        echo -e "  ${TICK} Password Removed"
        exit 0
    fi
    read -s -r -p "Confirm Password: " CONFIRM
    echo ""
    fi
    if [ "${PASSWORD}" == "${CONFIRM}" ] ; then
        # We do not wrap this in brackets, otherwise BASH will expand any appropriate syntax
        hash=$(HashPassword "$PASSWORD")
        # Save hash to file
        change_setting "WEBPASSWORD" "${hash}"
        echo -e "  ${TICK} New password set"
    else
        echo -e "  ${CROSS} Passwords don't match. Your password has not been changed"
        exit 1
    fi
 }
 ProcessDNSSettings() {
    source "${setupVars}"
    delete_dnsmasq_setting "server"
    COUNTER=1
    while true ; do
        var=PIHOLE_DNS_${COUNTER}
        if [ -z "${!var}" ]; then
            break;
        fi
        add_dnsmasq_setting "server" "${!var}"
        (( COUNTER++ ))
    done
    # The option LOCAL_DNS_PORT is deprecated
    # We apply it once more, and then convert it into the current format
    if [ -n "${LOCAL_DNS_PORT}" ]; then
        add_dnsmasq_setting "server" "127.0.0.1#${LOCAL_DNS_PORT}"
        add_setting "PIHOLE_DNS_${COUNTER}" "127.0.0.1#${LOCAL_DNS_PORT}"
        delete_setting "LOCAL_DNS_PORT"
    fi
    delete_dnsmasq_setting "domain-needed"
    delete_dnsmasq_setting "expand-hosts"
    if [[ "${DNS_FQDN_REQUIRED}" == true ]]; then
        add_dnsmasq_setting "domain-needed"
        add_dnsmasq_setting "expand-hosts"
    fi
    delete_dnsmasq_setting "bogus-priv"
    if [[ "${DNS_BOGUS_PRIV}" == true ]]; then
        add_dnsmasq_setting "bogus-priv"
    fi
    delete_dnsmasq_setting "dnssec"
    delete_dnsmasq_setting "trust-anchor="
    if [[ "${DNSSEC}" == true ]]; then
        echo "dnssec
 trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC683457104237C7F8EC8D
 " >> "${dnsmasqconfig}"
    fi
    delete_dnsmasq_setting "host-record"
    if [ -n "${HOSTRECORD}" ]; then
        add_dnsmasq_setting "host-record" "${HOSTRECORD}"
    fi
    # Setup interface listening behavior of dnsmasq
    delete_dnsmasq_setting "interface"
    delete_dnsmasq_setting "local-service"
    if [[ "${DNSMASQ_LISTENING}" == "all" ]]; then
        # Listen on all interfaces, permit all origins
        add_dnsmasq_setting "except-interface" "nonexisting"
    elif [[ "${DNSMASQ_LISTENING}" == "local" ]]; then
        # Listen only on all interfaces, but only local subnets
        add_dnsmasq_setting "local-service"
    else
        # Listen only on one interface
        # Use eth0 as fallback interface if interface is missing in setupVars.conf
        if [ -z "${PIHOLE_INTERFACE}" ]; then
            PIHOLE_INTERFACE="eth0"
        fi
        add_dnsmasq_setting "interface" "${PIHOLE_INTERFACE}"
    fi
    if [[ "${CONDITIONAL_FORWARDING}" == true ]]; then
        # Convert legacy "conditional forwarding" to rev-server configuration
        # Remove any existing REV_SERVER settings
        delete_setting "REV_SERVER"
        delete_setting "REV_SERVER_DOMAIN"
        delete_setting "REV_SERVER_TARGET"
        delete_setting "REV_SERVER_CIDR"
        REV_SERVER=true
        add_setting "REV_SERVER" "true"
        REV_SERVER_DOMAIN="${CONDITIONAL_FORWARDING_DOMAIN}"
        add_setting "REV_SERVER_DOMAIN" "${REV_SERVER_DOMAIN}"
        REV_SERVER_TARGET="${CONDITIONAL_FORWARDING_IP}"
        add_setting "REV_SERVER_TARGET" "${REV_SERVER_TARGET}"
        #Convert CONDITIONAL_FORWARDING_REVERSE if necessary e.g:
        #          1.1.168.192.in-addr.arpa to 192.168.1.1/32
        #          1.168.192.in-addr.arpa to 192.168.1.0/24
        #          168.192.in-addr.arpa to 192.168.0.0/16
        #          192.in-addr.arpa to 192.0.0.0/8
        if [[ "${CONDITIONAL_FORWARDING_REVERSE}" == *"in-addr.arpa" ]];then
            arrRev=("${CONDITIONAL_FORWARDING_REVERSE//./ }")
            case ${#arrRev[@]} in
                6   )   REV_SERVER_CIDR="${arrRev[3]}.${arrRev[2]}.${arrRev[1]}.${arrRev[0]}/32";;
                5   )   REV_SERVER_CIDR="${arrRev[2]}.${arrRev[1]}.${arrRev[0]}.0/24";;
                4   )   REV_SERVER_CIDR="${arrRev[1]}.${arrRev[0]}.0.0/16";;
                3   )   REV_SERVER_CIDR="${arrRev[0]}.0.0.0/8";;
            esac
        else
          # Set REV_SERVER_CIDR to whatever value it was set to
          REV_SERVER_CIDR="${CONDITIONAL_FORWARDING_REVERSE}"
        fi
        # If REV_SERVER_CIDR is not converted by the above, then use the REV_SERVER_TARGET variable to derive it
        if [ -z "${REV_SERVER_CIDR}" ]; then
            # Convert existing input to /24 subnet (preserves legacy behavior)
            # This sed converts "192.168.1.2" to "192.168.1.0/24"
            # shellcheck disable=2001
            REV_SERVER_CIDR="$(sed "s+\\.[0-9]*$+\\.0/24+" <<< "${REV_SERVER_TARGET}")"
        fi
        add_setting "REV_SERVER_CIDR" "${REV_SERVER_CIDR}"
        # Remove obsolete settings from setupVars.conf
        delete_setting "CONDITIONAL_FORWARDING"
        delete_setting "CONDITIONAL_FORWARDING_REVERSE"
        delete_setting "CONDITIONAL_FORWARDING_DOMAIN"
        delete_setting "CONDITIONAL_FORWARDING_IP"
    fi
    delete_dnsmasq_setting "rev-server"
    if [[ "${REV_SERVER}" == true ]]; then
        add_dnsmasq_setting "rev-server=${REV_SERVER_CIDR},${REV_SERVER_TARGET}"
        if [ -n "${REV_SERVER_DOMAIN}" ]; then
            # Forward local domain names to the CF target, too
            add_dnsmasq_setting "server=/${REV_SERVER_DOMAIN}/${REV_SERVER_TARGET}"
        fi
        if [[ "${DNS_FQDN_REQUIRED}" != true ]]; then
            # Forward unqualified names to the CF target only when the "never
            # forward non-FQDN" option is unticked
            add_dnsmasq_setting "server=//${REV_SERVER_TARGET}"
        fi
    fi
    # We need to process DHCP settings here as well to account for possible
    # changes in the non-FQDN forwarding. This cannot be done in 01-pihole.conf
    # as we don't want to delete all local=/.../ lines so it's much safer to
    # simply rewrite the entire corresponding config file (which is what the
    # DHCP settings subroutie is doing)
    ProcessDHCPSettings
 }
 SetDNSServers() {
    # Save setting to file
    delete_setting "PIHOLE_DNS"
    IFS=',' read -r -a array <<< "${args[2]}"
    for index in "${!array[@]}"
    do
        # Replace possible "\#" by "#". This fixes AdminLTE#1427
        local ip
        ip="${array[index]//\\#/#}"
        if valid_ip "${ip}" || valid_ip6 "${ip}" ; then
            add_setting "PIHOLE_DNS_$((index+1))" "${ip}"
        else
            echo -e "  ${CROSS} Invalid IP has been passed"
            exit 1
        fi
    done
    if [[ "${args[3]}" == "domain-needed" ]]; then
        change_setting "DNS_FQDN_REQUIRED" "true"
    else
        change_setting "DNS_FQDN_REQUIRED" "false"
    fi
    if [[ "${args[4]}" == "bogus-priv" ]]; then
        change_setting "DNS_BOGUS_PRIV" "true"
    else
        change_setting "DNS_BOGUS_PRIV" "false"
    fi
    if [[ "${args[5]}" == "dnssec" ]]; then
        change_setting "DNSSEC" "true"
    else
        change_setting "DNSSEC" "false"
    fi
    if [[ "${args[6]}" == "rev-server" ]]; then
        change_setting "REV_SERVER" "true"
        change_setting "REV_SERVER_CIDR" "${args[7]}"
        change_setting "REV_SERVER_TARGET" "${args[8]}"
        change_setting "REV_SERVER_DOMAIN" "${args[9]}"
    else
        change_setting "REV_SERVER" "false"
    fi
    ProcessDNSSettings
    # Restart dnsmasq to load new configuration
    RestartDNS
 }
 SetExcludeDomains() {
    change_setting "API_EXCLUDE_DOMAINS" "${args[2]}"
 }
 SetExcludeClients() {
    change_setting "API_EXCLUDE_CLIENTS" "${args[2]}"
 }
 Poweroff(){
    nohup bash -c "sleep 5; poweroff" &> /dev/null </dev/null &
 }
 Reboot() {
    nohup bash -c "sleep 5; reboot" &> /dev/null </dev/null &
 }
 RestartDNS() {
    "${PI_HOLE_BIN_DIR}"/pihole restartdns
 }
 SetQueryLogOptions() {
    change_setting "API_QUERY_LOG_SHOW" "${args[2]}"
 }
 ProcessDHCPSettings() {
    source "${setupVars}"
    if [[ "${DHCP_ACTIVE}" == "true" ]]; then
    interface="${PIHOLE_INTERFACE}"
    # Use eth0 as fallback interface
    if [ -z ${interface} ]; then
        interface="eth0"
    fi
    if [[ "${PIHOLE_DOMAIN}" == "" ]]; then
        PIHOLE_DOMAIN="lan"
        change_setting "PIHOLE_DOMAIN" "${PIHOLE_DOMAIN}"
    fi
    if [[ "${DHCP_LEASETIME}" == "0" ]]; then
        leasetime="infinite"
    elif [[ "${DHCP_LEASETIME}" == "" ]]; then
        leasetime="24"
        change_setting "DHCP_LEASETIME" "${leasetime}"
    elif [[ "${DHCP_LEASETIME}" == "24h" ]]; then
        #Installation is affected by known bug, introduced in a previous version.
        #This will automatically clean up setupVars.conf and remove the unnecessary "h"
        leasetime="24"
        change_setting "DHCP_LEASETIME" "${leasetime}"
    else
        leasetime="${DHCP_LEASETIME}h"
    fi
    # Write settings to file
    echo "###############################################################################
 #  DHCP SERVER CONFIG FILE AUTOMATICALLY POPULATED BY PI-HOLE WEB INTERFACE.  #
 #            ANY CHANGES MADE TO THIS FILE WILL BE LOST ON CHANGE             #
 ###############################################################################
 dhcp-authoritative
 dhcp-range=${DHCP_START},${DHCP_END},${leasetime}
 dhcp-option=option:router,${DHCP_ROUTER}
 dhcp-leasefile=/etc/pihole/dhcp.leases
 #quiet-dhcp
 " > "${dhcpconfig}"
    chmod 644 "${dhcpconfig}"
    if [[ "${PIHOLE_DOMAIN}" != "none" ]]; then
        echo "domain=${PIHOLE_DOMAIN}" >> "${dhcpconfig}"
        # When there is a Pi-hole domain set and "Never forward non-FQDNs" is
        # ticked, we add `local=/domain/` to tell FTL that this domain is purely
        # local and FTL may answer queries from /etc/hosts or DHCP but should
        # never forward queries on that domain to any upstream servers
        if  [[ "${DNS_FQDN_REQUIRED}" == true ]]; then
          echo "local=/${PIHOLE_DOMAIN}/" >> "${dhcpconfig}"
        fi
    fi
    # Sourced from setupVars
    # shellcheck disable=SC2154
    if [[ "${DHCP_rapid_commit}" == "true" ]]; then
        echo "dhcp-rapid-commit" >> "${dhcpconfig}"
    fi
    if [[ "${DHCP_IPv6}" == "true" ]]; then
        echo "#quiet-dhcp6
 #enable-ra
 dhcp-option=option6:dns-server,[::]
 dhcp-range=::100,::1ff,constructor:${interface},ra-names,slaac,64,3600
 ra-param=*,0,0
 " >> "${dhcpconfig}"
    fi
    else
        if [[ -f "${dhcpconfig}" ]]; then
            rm "${dhcpconfig}" &> /dev/null
        fi
    fi
 }
 EnableDHCP() {
    change_setting "DHCP_ACTIVE" "true"
    change_setting "DHCP_START" "${args[2]}"
    change_setting "DHCP_END" "${args[3]}"
    change_setting "DHCP_ROUTER" "${args[4]}"
    change_setting "DHCP_LEASETIME" "${args[5]}"
    change_setting "PIHOLE_DOMAIN" "${args[6]}"
    change_setting "DHCP_IPv6" "${args[7]}"
    change_setting "DHCP_rapid_commit" "${args[8]}"
    # Remove possible old setting from file
    delete_dnsmasq_setting "dhcp-"
    delete_dnsmasq_setting "quiet-dhcp"
    # If a DHCP client claims that its name is "wpad", ignore that.
    # This fixes a security hole. see CERT Vulnerability VU#598349
    # We also ignore "localhost" as Windows behaves strangely if a
    # device claims this host name
    add_dnsmasq_setting "dhcp-name-match=set:hostname-ignore,wpad
 dhcp-name-match=set:hostname-ignore,localhost
 dhcp-ignore-names=tag:hostname-ignore"
    ProcessDHCPSettings
    RestartDNS
 }
 DisableDHCP() {
    change_setting "DHCP_ACTIVE" "false"
    # Remove possible old setting from file
    delete_dnsmasq_setting "dhcp-"
    delete_dnsmasq_setting "quiet-dhcp"
    ProcessDHCPSettings
    RestartDNS
 }
 SetWebUILayout() {
    change_setting "WEBUIBOXEDLAYOUT" "${args[2]}"
 }
 SetWebUITheme() {
    change_setting "WEBTHEME" "${args[2]}"
 }
 CheckUrl(){
    local regex check_url
    # Check for characters NOT allowed in URLs
    regex="[^a-zA-Z0-9:/?&%=~._()-;]"
    # this will remove first @ that is after schema and before domain
    # \1 is optional schema, \2 is userinfo
    check_url="$( sed -re 's#([^:/]*://)?([^/]+)@#\1\2#' <<< "$1" )"
    if [[ "${check_url}" =~ ${regex} ]]; then
        return 1
    else
        return 0
    fi
 }
 CustomizeAdLists() {
    local address
    address="${args[3]}"
    local comment
    comment="${args[4]}"
    if CheckUrl "${address}"; then
        if [[ "${args[2]}" == "enable" ]]; then
            sqlite3 "${gravityDBfile}" "UPDATE adlist SET enabled = 1 WHERE address = '${address}'"
        elif [[ "${args[2]}" == "disable" ]]; then
            sqlite3 "${gravityDBfile}" "UPDATE adlist SET enabled = 0 WHERE address = '${address}'"
        elif [[ "${args[2]}" == "add" ]]; then
            sqlite3 "${gravityDBfile}" "INSERT OR IGNORE INTO adlist (address, comment) VALUES ('${address}', '${comment}')"
        elif [[ "${args[2]}" == "del" ]]; then
            sqlite3 "${gravityDBfile}" "DELETE FROM adlist WHERE address = '${address}'"
        else
            echo "Not permitted"
            return 1
        fi
    else
        echo "Invalid Url"
        return 1
    fi
 }
 SetPrivacyMode() {
    if [[ "${args[2]}" == "true" ]]; then
        change_setting "API_PRIVACY_MODE" "true"
    else
        change_setting "API_PRIVACY_MODE" "false"
    fi
 }
 ResolutionSettings() {
    typ="${args[2]}"
    state="${args[3]}"
    if [[ "${typ}" == "forward" ]]; then
        change_setting "API_GET_UPSTREAM_DNS_HOSTNAME" "${state}"
    elif [[ "${typ}" == "clients" ]]; then
        change_setting "API_GET_CLIENT_HOSTNAME" "${state}"
    fi
 }
 AddDHCPStaticAddress() {
    mac="${args[2]}"
    ip="${args[3]}"
    host="${args[4]}"
    if [[ "${ip}" == "noip" ]]; then
        # Static host name
        echo "dhcp-host=${mac},${host}" >> "${dhcpstaticconfig}"
    elif [[ "${host}" == "nohost" ]]; then
        # Static IP
        echo "dhcp-host=${mac},${ip}" >> "${dhcpstaticconfig}"
    else
        # Full info given
        echo "dhcp-host=${mac},${ip},${host}" >> "${dhcpstaticconfig}"
    fi
 }
 RemoveDHCPStaticAddress() {
    mac="${args[2]}"
    if [[ "$mac" =~ ^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$ ]]; then
        sed -i "/dhcp-host=${mac}.*/d" "${dhcpstaticconfig}"
    else
        echo "  ${CROSS} Invalid Mac Passed!"
        exit 1
    fi
 }
 SetAdminEmail() {
    if [[ "${1}" == "-h" ]] || [[ "${1}" == "--help" ]]; then
        echo "Usage: pihole -a email <address>
 Example: 'pihole -a email admin@address.com'
 Set an administrative contact address for the Block Page
 Options:
  \"\"                  Empty: Remove admin contact
  -h, --help          Show this help dialog"
        exit 0
    fi
    if [[ -n "${args[2]}" ]]; then
        # Sanitize email address in case of security issues
        # Regex from https://stackoverflow.com/a/2138832/4065967
        local regex
        regex="^[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,}\$"
        if [[ ! "${args[2]}" =~ ${regex} ]]; then
            echo -e "  ${CROSS} Invalid email address"
            exit 0
        fi
        change_setting "ADMIN_EMAIL" "${args[2]}"
        echo -e "  ${TICK} Setting admin contact to ${args[2]}"
    else
        change_setting "ADMIN_EMAIL" ""
        echo -e "  ${TICK} Removing admin contact"
    fi
 }
 SetListeningMode() {
    source "${setupVars}"
    if [[ "$3" == "-h" ]] || [[ "$3" == "--help" ]]; then
        echo "Usage: pihole -a -i [interface]
 Example: 'pihole -a -i local'
 Specify dnsmasq's network interface listening behavior
 Interfaces:
  local               Listen on all interfaces, but only allow queries from
                      devices that are at most one hop away (local devices)
  single              Listen only on ${PIHOLE_INTERFACE} interface
  all                 Listen on all interfaces, permit all origins"
        exit 0
  fi
    if [[ "${args[2]}" == "all" ]]; then
        echo -e "  ${INFO} Listening on all interfaces, permitting all origins. Please use a firewall!"
        change_setting "DNSMASQ_LISTENING" "all"
    elif [[ "${args[2]}" == "local" ]]; then
        echo -e "  ${INFO} Listening on all interfaces, permitting origins from one hop away (LAN)"
        change_setting "DNSMASQ_LISTENING" "local"
    else
        echo -e "  ${INFO} Listening only on interface ${PIHOLE_INTERFACE}"
        change_setting "DNSMASQ_LISTENING" "single"
    fi
    # Don't restart DNS server yet because other settings
    # will be applied afterwards if "-web" is set
    if [[ "${args[3]}" != "-web" ]]; then
        ProcessDNSSettings
        # Restart dnsmasq to load new configuration
        RestartDNS
    fi
 }
 Teleporter() {
    local datetimestamp
    local host
    datetimestamp=$(date "+%Y-%m-%d_%H-%M-%S")
    host=$(hostname)
    host="${host//./_}"
    php /var/www/html/admin/scripts/pi-hole/php/teleporter.php > "pi-hole-${host:-noname}-teleporter_${datetimestamp}.tar.gz"
 }
 checkDomain()
 {
    local domain validDomain
    # Convert to lowercase
    domain="${1,,}"
    validDomain=$(grep -P "^((-|_)*[a-z\\d]((-|_)*[a-z\\d])*(-|_)*)(\\.(-|_)*([a-z\\d]((-|_)*[a-z\\d])*))*$" <<< "${domain}") # Valid chars check
    validDomain=$(grep -P "^[^\\.]{1,63}(\\.[^\\.]{1,63})*$" <<< "${validDomain}") # Length of each label
    echo "${validDomain}"
 }
 addAudit()
 {
    shift # skip "-a"
    shift # skip "audit"
    local domains validDomain
    domains=""
    for domain in "$@"
    do
      # Check domain to be added. Only continue if it is valid
      validDomain="$(checkDomain "${domain}")"
      if [[ -n "${validDomain}" ]]; then
        # Put comma in between domains when there is
        # more than one domains to be added
        # SQL INSERT allows adding multiple rows at once using the format
        ## INSERT INTO table (domain) VALUES ('abc.de'),('fgh.ij'),('klm.no'),('pqr.st');
        if [[ -n "${domains}" ]]; then
          domains="${domains},"
        fi
        domains="${domains}('${domain}')"
      fi
    done
    # Insert only the domain here. The date_added field will be
    # filled with its default value (date_added = current timestamp)
    sqlite3 "${gravityDBfile}" "INSERT INTO domain_audit (domain) VALUES ${domains};"
 }
 clearAudit()
 {
    sqlite3 "${gravityDBfile}" "DELETE FROM domain_audit;"
 }
 SetPrivacyLevel() {
    # Set privacy level. Minimum is 0, maximum is 3
    if [ "${args[2]}" -ge 0 ] && [ "${args[2]}" -le 3 ]; then
        changeFTLsetting "PRIVACYLEVEL" "${args[2]}"
        pihole restartdns reload-lists
    fi
 }
 AddCustomDNSAddress() {
    echo -e "  ${TICK} Adding custom DNS entry..."
    ip="${args[2]}"
    host="${args[3]}"
    reload="${args[4]}"
    validHost="$(checkDomain "${host}")"
    if [[ -n "${validHost}" ]]; then
        if valid_ip "${ip}" || valid_ip6 "${ip}" ; then
            echo "${ip} ${validHost}" >> "${dnscustomfile}"
        else
            echo -e "  ${CROSS} Invalid IP has been passed"
            exit 1
        fi
    else
        echo "  ${CROSS} Invalid Domain passed!"
        exit 1
    fi
    # Restart dnsmasq to load new custom DNS entries only if $reload not false
    if [[ ! $reload == "false" ]]; then
      RestartDNS
    fi
 }
 RemoveCustomDNSAddress() {
    echo -e "  ${TICK} Removing custom DNS entry..."
    ip="${args[2]}"
    host="${args[3]}"
    reload="${args[4]}"
    validHost="$(checkDomain "${host}")"
    if [[ -n "${validHost}" ]]; then
        if valid_ip "${ip}" || valid_ip6 "${ip}" ; then
            sed -i "/^${ip} ${validHost}$/d" "${dnscustomfile}"
        else
            echo -e "  ${CROSS} Invalid IP has been passed"
            exit 1
        fi
        else
            echo "  ${CROSS} Invalid Domain passed!"
            exit 1
    fi
    # Restart dnsmasq to load new custom DNS entries only if reload is not false
    if [[ ! $reload == "false" ]]; then
      RestartDNS
    fi
 }
 AddCustomCNAMERecord() {
    echo -e "  ${TICK} Adding custom CNAME record..."
    domain="${args[2]}"
    target="${args[3]}"
    reload="${args[4]}"
    validDomain="$(checkDomain "${domain}")"
    if [[ -n "${validDomain}" ]]; then
        validTarget="$(checkDomain "${target}")"
        if [[ -n "${validTarget}" ]]; then
          echo "cname=${validDomain},${validTarget}" >> "${dnscustomcnamefile}"
        else
          echo "  ${CROSS} Invalid Target Passed!"
          exit 1
        fi
    else
        echo "  ${CROSS} Invalid Domain passed!"
        exit 1
    fi
    # Restart dnsmasq to load new custom CNAME records only if reload is not false
    if [[ ! $reload == "false" ]]; then
      RestartDNS
    fi
 }
 RemoveCustomCNAMERecord() {
    echo -e "  ${TICK} Removing custom CNAME record..."
    domain="${args[2]}"
    target="${args[3]}"
    reload="${args[4]}"
    validDomain="$(checkDomain "${domain}")"
    if [[ -n "${validDomain}" ]]; then
        validTarget="$(checkDomain "${target}")"
        if [[ -n "${validTarget}" ]]; then
            sed -i "/cname=${validDomain},${validTarget}$/d" "${dnscustomcnamefile}"
        else
          echo "  ${CROSS} Invalid Target Passed!"
          exit 1
        fi
    else
        echo "  ${CROSS} Invalid Domain passed!"
        exit 1
    fi
    # Restart dnsmasq to update removed custom CNAME records only if $reload not false
    if [[ ! $reload == "false" ]]; then
      RestartDNS
    fi
 }
 main() {
    args=("$@")
    case "${args[1]}" in
        "-p" | "password"     ) SetWebPassword;;
        "-c" | "celsius"      ) unit="C"; SetTemperatureUnit;;
        "-f" | "fahrenheit"   ) unit="F"; SetTemperatureUnit;;
        "-k" | "kelvin"       ) unit="K"; SetTemperatureUnit;;
        "setdns"              ) SetDNSServers;;
        "setexcludedomains"   ) SetExcludeDomains;;
        "setexcludeclients"   ) SetExcludeClients;;
        "poweroff"            ) Poweroff;;
        "reboot"              ) Reboot;;
        "restartdns"          ) RestartDNS;;
        "setquerylog"         ) SetQueryLogOptions;;
        "enabledhcp"          ) EnableDHCP;;
        "disabledhcp"         ) DisableDHCP;;
        "layout"              ) SetWebUILayout;;
        "theme"               ) SetWebUITheme;;
        "-h" | "--help"       ) helpFunc;;
        "privacymode"         ) SetPrivacyMode;;
        "resolve"             ) ResolutionSettings;;
        "addstaticdhcp"       ) AddDHCPStaticAddress;;
        "removestaticdhcp"    ) RemoveDHCPStaticAddress;;
        "-e" | "email"        ) SetAdminEmail "$3";;
        "-i" | "interface"    ) SetListeningMode "$@";;
        "-t" | "teleporter"   ) Teleporter;;
        "adlist"              ) CustomizeAdLists;;
        "audit"               ) addAudit "$@";;
        "clearaudit"          ) clearAudit;;
        "-l" | "privacylevel" ) SetPrivacyLevel;;
        "addcustomdns"        ) AddCustomDNSAddress;;
        "removecustomdns"     ) RemoveCustomDNSAddress;;
        "addcustomcname"      ) AddCustomCNAMERecord;;
        "removecustomcname"   ) RemoveCustomCNAMERecord;;
        *                     ) helpFunc;;
    esac
    shift
    if [[ $# = 0 ]]; then
        helpFunc
    fi
 }
--- a/advanced/Templates/gravity.db.sql
+++ b/advanced/Templates/gravity.db.sql
@@ -3,90 +3,92 @@ BEGIN TRANSACTION;
 CREATE TABLE "group"
 (
-	id INTEGER PRIMARY KEY AUTOINCREMENT,
+    id INTEGER PRIMARY KEY AUTOINCREMENT,
-	enabled BOOLEAN NOT NULL DEFAULT 1,
+    enabled BOOLEAN NOT NULL DEFAULT 1,
-	name TEXT UNIQUE NOT NULL,
+    name TEXT UNIQUE NOT NULL,
-	date_added INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
+    date_added INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
-	date_modified INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
+    date_modified INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
-	description TEXT
+    description TEXT
 );
 INSERT INTO "group" (id,enabled,name,description) VALUES (0,1,'Default','The default group');
 CREATE TABLE domainlist
 (
-	id INTEGER PRIMARY KEY AUTOINCREMENT,
+    id INTEGER PRIMARY KEY AUTOINCREMENT,
-	type INTEGER NOT NULL DEFAULT 0,
+    type INTEGER NOT NULL DEFAULT 0,
-	domain TEXT NOT NULL,
+    domain TEXT NOT NULL,
-	enabled BOOLEAN NOT NULL DEFAULT 1,
+    enabled BOOLEAN NOT NULL DEFAULT 1,
-	date_added INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
+    date_added INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
-	date_modified INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
+    date_modified INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
-	comment TEXT,
+    comment TEXT,
-	UNIQUE(domain, type)
+    UNIQUE(domain, type)
 );
 CREATE TABLE adlist
 (
-	id INTEGER PRIMARY KEY AUTOINCREMENT,
+    id INTEGER PRIMARY KEY AUTOINCREMENT,
-	address TEXT UNIQUE NOT NULL,
+    address TEXT NOT NULL,
-	enabled BOOLEAN NOT NULL DEFAULT 1,
+    enabled BOOLEAN NOT NULL DEFAULT 1,
-	date_added INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
+    date_added INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
-	date_modified INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
+    date_modified INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
-	comment TEXT,
+    comment TEXT,
-	date_updated INTEGER,
+    date_updated INTEGER,
-	number INTEGER NOT NULL DEFAULT 0,
+    number INTEGER NOT NULL DEFAULT 0,
-	invalid_domains INTEGER NOT NULL DEFAULT 0,
+    invalid_domains INTEGER NOT NULL DEFAULT 0,
-	status INTEGER NOT NULL DEFAULT 0
+    status INTEGER NOT NULL DEFAULT 0,
    abp_entries INTEGER NOT NULL DEFAULT 0,
    type INTEGER NOT NULL DEFAULT 0,
    UNIQUE(address, type)
 );
 CREATE TABLE adlist_by_group
 (
-	adlist_id INTEGER NOT NULL REFERENCES adlist (id),
+    adlist_id INTEGER NOT NULL REFERENCES adlist (id),
-	group_id INTEGER NOT NULL REFERENCES "group" (id),
+    group_id INTEGER NOT NULL REFERENCES "group" (id),
-	PRIMARY KEY (adlist_id, group_id)
+    PRIMARY KEY (adlist_id, group_id)
 );
 CREATE TABLE gravity
 (
-	domain TEXT NOT NULL,
+    domain TEXT NOT NULL,
-	adlist_id INTEGER NOT NULL REFERENCES adlist (id)
+    adlist_id INTEGER NOT NULL REFERENCES adlist (id)
 );
 CREATE TABLE antigravity
 (
    domain TEXT NOT NULL,
    adlist_id INTEGER NOT NULL REFERENCES adlist (id)
 );
 CREATE TABLE info
 (
-	property TEXT PRIMARY KEY,
+    property TEXT PRIMARY KEY,
-	value TEXT NOT NULL
+    value TEXT NOT NULL
 );
-INSERT INTO "info" VALUES('version','15');
+INSERT INTO "info" VALUES('version','19');
 CREATE TABLE domain_audit
 (
 	id INTEGER PRIMARY KEY AUTOINCREMENT,
 	domain TEXT UNIQUE NOT NULL,
 	date_added INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int))
 );
 CREATE TABLE domainlist_by_group
 (
-	domainlist_id INTEGER NOT NULL REFERENCES domainlist (id),
+    domainlist_id INTEGER NOT NULL REFERENCES domainlist (id),
-	group_id INTEGER NOT NULL REFERENCES "group" (id),
+    group_id INTEGER NOT NULL REFERENCES "group" (id),
-	PRIMARY KEY (domainlist_id, group_id)
+    PRIMARY KEY (domainlist_id, group_id)
 );
 CREATE TABLE client
 (
-	id INTEGER PRIMARY KEY AUTOINCREMENT,
+    id INTEGER PRIMARY KEY AUTOINCREMENT,
-	ip TEXT NOT NULL UNIQUE,
+    ip TEXT NOT NULL UNIQUE,
-	date_added INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
+    date_added INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
-	date_modified INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
+    date_modified INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int)),
-	comment TEXT
+    comment TEXT
 );
 CREATE TABLE client_by_group
 (
-	client_id INTEGER NOT NULL REFERENCES client (id),
+    client_id INTEGER NOT NULL REFERENCES client (id),
-	group_id INTEGER NOT NULL REFERENCES "group" (id),
+    group_id INTEGER NOT NULL REFERENCES "group" (id),
-	PRIMARY KEY (client_id, group_id)
+    PRIMARY KEY (client_id, group_id)
 );
 CREATE TRIGGER tr_adlist_update AFTER UPDATE OF address,enabled,comment ON adlist
@@ -136,14 +138,21 @@ CREATE VIEW vw_regex_blacklist AS SELECT domain, domainlist.id AS id, domainlist
    AND domainlist.type = 3
    ORDER BY domainlist.id;
-CREATE VIEW vw_gravity AS SELECT domain, adlist_by_group.group_id AS group_id
+CREATE VIEW vw_gravity AS SELECT domain, adlist.id AS adlist_id, adlist_by_group.group_id AS group_id
    FROM gravity
    LEFT JOIN adlist_by_group ON adlist_by_group.adlist_id = gravity.adlist_id
    LEFT JOIN adlist ON adlist.id = gravity.adlist_id
    LEFT JOIN "group" ON "group".id = adlist_by_group.group_id
    WHERE adlist.enabled = 1 AND (adlist_by_group.group_id IS NULL OR "group".enabled = 1);
-CREATE VIEW vw_adlist AS SELECT DISTINCT address, id
+CREATE VIEW vw_antigravity AS SELECT domain, adlist.id AS adlist_id, adlist_by_group.group_id AS group_id
    FROM antigravity
    LEFT JOIN adlist_by_group ON adlist_by_group.adlist_id = antigravity.adlist_id
    LEFT JOIN adlist ON adlist.id = antigravity.adlist_id
    LEFT JOIN "group" ON "group".id = adlist_by_group.group_id
    WHERE adlist.enabled = 1 AND (adlist_by_group.group_id IS NULL OR "group".enabled = 1) AND adlist.type = 1;
 CREATE VIEW vw_adlist AS SELECT DISTINCT address, id, type
    FROM adlist
    WHERE enabled = 1
    ORDER BY id;
--- a/advanced/Templates/gravity_copy.sql
+++ b/advanced/Templates/gravity_copy.sql
@@ -9,17 +9,17 @@ DROP TRIGGER tr_client_add;
 DROP TRIGGER tr_adlist_add;
 INSERT OR REPLACE INTO "group" SELECT * FROM OLD."group";
 INSERT OR REPLACE INTO domain_audit SELECT * FROM OLD.domain_audit;
 INSERT OR REPLACE INTO domainlist SELECT * FROM OLD.domainlist;
 DELETE FROM OLD.domainlist_by_group WHERE domainlist_id NOT IN (SELECT id FROM OLD.domainlist);
 INSERT OR REPLACE INTO domainlist_by_group SELECT * FROM OLD.domainlist_by_group;
 INSERT OR REPLACE INTO adlist SELECT * FROM OLD.adlist;
 DELETE FROM OLD.adlist_by_group WHERE adlist_id NOT IN (SELECT id FROM OLD.adlist);
 INSERT OR REPLACE INTO adlist_by_group SELECT * FROM OLD.adlist_by_group;
 INSERT OR REPLACE INTO info SELECT * FROM OLD.info;
 INSERT OR REPLACE INTO client SELECT * FROM OLD.client;
 DELETE FROM OLD.client_by_group WHERE client_id NOT IN (SELECT id FROM OLD.client);
 INSERT OR REPLACE INTO client_by_group SELECT * FROM OLD.client_by_group;
--- a/advanced/Templates/logrotate
+++ b/advanced/Templates/logrotate
@@ -1,21 +1,32 @@
-/var/log/pihole.log {
+/var/log/pihole/pihole.log {
-	# su #
+    # su #
-	daily
+    daily
-	copytruncate
+    copytruncate
-	rotate 5
+    rotate 5
-	compress
+    compress
-	delaycompress
+    delaycompress
-	notifempty
+    notifempty
-	nomail
+    nomail
 }
-/var/log/pihole-FTL.log {
+/var/log/pihole/FTL.log {
-	# su #
+    # su #
-	weekly
+    weekly
-	copytruncate
+    copytruncate
-	rotate 3
+    rotate 3
-	compress
+    compress
-	delaycompress
+    delaycompress
-	notifempty
+    notifempty
-	nomail
+    nomail
 }
 /var/log/pihole/webserver.log {
    # su #
    weekly
    copytruncate
    rotate 3
    compress
    delaycompress
    notifempty
    nomail
 }
--- a/advanced/Templates/pihole-FTL-poststop.sh
+++ b/advanced/Templates/pihole-FTL-poststop.sh
@@ -0,0 +1,13 @@
 #!/usr/bin/env sh
 # Source utils.sh for getFTLConfigValue()
 PI_HOLE_SCRIPT_DIR='/opt/pihole'
 utilsfile="${PI_HOLE_SCRIPT_DIR}/utils.sh"
 # shellcheck disable=SC1090
 . "${utilsfile}"
 # Get file paths
 FTL_PID_FILE="$(getFTLConfigValue files.pid)"
 # Cleanup
 rm -f /run/pihole/FTL.sock /dev/shm/FTL-* "${FTL_PID_FILE}"
--- a/advanced/Templates/pihole-FTL-prestart.sh
+++ b/advanced/Templates/pihole-FTL-prestart.sh
@@ -0,0 +1,34 @@
 #!/usr/bin/env sh
 # Source utils.sh for getFTLConfigValue()
 PI_HOLE_SCRIPT_DIR='/opt/pihole'
 utilsfile="${PI_HOLE_SCRIPT_DIR}/utils.sh"
 # shellcheck disable=SC1090
 . "${utilsfile}"
 # Get file paths
 FTL_PID_FILE="$(getFTLConfigValue files.pid)"
 # Ensure that permissions are set so that pihole-FTL can edit all necessary files
 # shellcheck disable=SC2174
 mkdir -pm 0640 /var/log/pihole
 chown -R pihole:pihole /etc/pihole /var/log/pihole
 chmod -R 0640 /var/log/pihole
 chmod -R 0660 /etc/pihole
 # Logrotate config file need to be owned by root and must not be writable by group and others
 chown root:root /etc/pihole/logrotate
 chmod 0644 /etc/pihole/logrotate
 # allow all users to enter the directories
 chmod 0755 /etc/pihole /var/log/pihole
 # allow pihole to access subdirs in /etc/pihole (sets execution bit on dirs)
 # credits https://stackoverflow.com/a/11512211
 find /etc/pihole -type d -exec chmod 0755 {} \;
 # Touch files to ensure they exist (create if non-existing, preserve if existing)
 [ -f "${FTL_PID_FILE}" ] || install -D -m 644 -o pihole -g pihole /dev/null "${FTL_PID_FILE}"
 [ -f /var/log/pihole/FTL.log ] || install -m 640 -o pihole -g pihole /dev/null /var/log/pihole/FTL.log
 [ -f /var/log/pihole/pihole.log ] || install -m 640 -o pihole -g pihole /dev/null /var/log/pihole/pihole.log
 [ -f /etc/pihole/dhcp.leases ] || install -m 644 -o pihole -g pihole /dev/null /etc/pihole/dhcp.leases
--- a/advanced/Templates/pihole-FTL.service
+++ b/advanced/Templates/pihole-FTL.service
@@ -9,8 +9,23 @@
 # Description:       Enable service provided by pihole-FTL daemon
 ### END INIT INFO
 # Source utils.sh for getFTLConfigValue(), getFTLPID()
 PI_HOLE_SCRIPT_DIR="/opt/pihole"
 utilsfile="${PI_HOLE_SCRIPT_DIR}/utils.sh"
 # shellcheck disable=SC1090
 . "${utilsfile}"
 is_running() {
-  pgrep -xo "pihole-FTL" > /dev/null
+  if [ -d "/proc/${FTL_PID}" ]; then
    return 0
  fi
  return 1
 }
 cleanup() {
    # Run post-stop script, which does cleanup among runtime files
    sh "${PI_HOLE_SCRIPT_DIR}/pihole-FTL-poststop.sh"
 }
@@ -19,24 +34,21 @@ start() {
  if is_running; then
    echo "pihole-FTL is already running"
  else
-    # Touch files to ensure they exist (create if non-existing, preserve if existing)
+    # Run pre-start script, which pre-creates all expected files with correct permissions
-    mkdir -pm 0755 /run/pihole
+    sh "${PI_HOLE_SCRIPT_DIR}/pihole-FTL-prestart.sh"
-    touch /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases
+
-    # Ensure that permissions are set so that pihole-FTL can edit all necessary files
+    if setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN,CAP_SYS_NICE,CAP_IPC_LOCK,CAP_CHOWN,CAP_SYS_TIME+eip "/usr/bin/pihole-FTL"; then
    chown pihole:pihole /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases /run/pihole /etc/pihole
    chmod 0644 /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases
    # Ensure that permissions are set so that pihole-FTL can edit the files. We ignore errors as the file may not (yet) exist
    chmod -f 0644 /etc/pihole/macvendor.db
    # Chown database files to the user FTL runs as. We ignore errors as the files may not (yet) exist
    chown -f pihole:pihole /etc/pihole/pihole-FTL.db /etc/pihole/gravity.db /etc/pihole/macvendor.db
    # Chown database file permissions so that the pihole group (web interface) can edit the file. We ignore errors as the files may not (yet) exist
    chmod -f 0664 /etc/pihole/pihole-FTL.db
    if setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN,CAP_SYS_NICE,CAP_IPC_LOCK,CAP_CHOWN+eip "/usr/bin/pihole-FTL"; then
      su -s /bin/sh -c "/usr/bin/pihole-FTL" pihole
    else
      echo "Warning: Starting pihole-FTL as root because setting capabilities is not supported on this system"
      /usr/bin/pihole-FTL
    fi
    rc=$?
    # Cleanup if startup failed
    if [ "${rc}" != 0 ]; then
        cleanup
        exit $rc
    fi
    echo
  fi
 }
@@ -44,7 +56,7 @@ start() {
 # Stop the service
 stop() {
  if is_running; then
-    pkill -xo "pihole-FTL"
+    kill "${FTL_PID}"
    for i in 1 2 3 4 5; do
      if ! is_running; then
        break
@@ -57,16 +69,14 @@ stop() {
    if is_running; then
      echo "Not stopped; may still be shutting down or shutdown may have failed, killing now"
-      pkill -xo -9 "pihole-FTL"
+      kill -9 "${FTL_PID}"
      exit 1
    else
      echo "Stopped"
    fi
  else
    echo "Not running"
  fi
-  # Cleanup
+  cleanup
  rm -f /run/pihole/FTL.sock /dev/shm/FTL-*
  echo
 }
@@ -83,6 +93,16 @@ status() {
 ### main logic ###
 # catch sudden termination
 trap 'cleanup; exit 1' INT HUP TERM ABRT
 # Get FTL's PID file path
 FTL_PID_FILE="$(getFTLConfigValue files.pid)"
 # Get FTL's current PID
 FTL_PID="$(getFTLPID "${FTL_PID_FILE}")"
 case "$1" in
  stop)
        stop
--- a/advanced/Templates/pihole-FTL.systemd
+++ b/advanced/Templates/pihole-FTL.systemd
@@ -0,0 +1,41 @@
 [Unit]
 Description=Pi-hole FTL
 # This unit is supposed to indicate when network functionality is available, but it is only
 # very weakly defined what that is supposed to mean, with one exception: at shutdown, a unit
 # that is ordered after network-online.target will be stopped before the network
 Wants=network-online.target
 After=network-online.target
 # A target that should be used as synchronization point for all host/network name service lookups.
 # All services for which the availability of full host/network name resolution is essential should
 # be ordered after this target, but not pull it in.
 Wants=nss-lookup.target
 Before=nss-lookup.target
 # Limit (re)start loop to 5 within 1 minute
 StartLimitBurst=5
 StartLimitIntervalSec=60s
 [Service]
 User=pihole
 PermissionsStartOnly=true
 AmbientCapabilities=CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_NET_ADMIN CAP_SYS_NICE CAP_IPC_LOCK CAP_CHOWN CAP_SYS_TIME
 ExecStartPre=/opt/pihole/pihole-FTL-prestart.sh
 ExecStart=/usr/bin/pihole-FTL -f
 Restart=on-failure
 RestartSec=5s
 ExecReload=/bin/kill -HUP $MAINPID
 ExecStopPost=/opt/pihole/pihole-FTL-poststop.sh
 # Use graceful shutdown with a reasonable timeout
 TimeoutStopSec=10s
 # Make /usr, /boot, /etc and possibly some more folders read-only...
 ProtectSystem=full
 # ... except /etc/pihole
 # This merely retains r/w access rights, it does not add any new.
 # Must still be writable on the host!
 ReadWriteDirectories=/etc/pihole
 [Install]
 WantedBy=multi-user.target
--- a/advanced/Templates/pihole.cron
+++ b/advanced/Templates/pihole.cron
@@ -18,7 +18,7 @@
 #          early morning. Download any updates from the adlists
 #          Squash output to log, then splat the log to stdout on error to allow for
 #          standard crontab job error handling.
-59 1    * * 7   root    PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updateGravity >/var/log/pihole_updateGravity.log || cat /var/log/pihole_updateGravity.log
+59 1    * * 7   root    PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updateGravity >/var/log/pihole/pihole_updateGravity.log || cat /var/log/pihole/pihole_updateGravity.log
 # Pi-hole: Flush the log daily at 00:00
 #          The flush script will use logrotate if available
@@ -28,9 +28,6 @@
@reboot root /usr/sbin/logrotate --state /var/lib/logrotate/pihole /etc/pihole/logrotate
-# Pi-hole: Grab local version and branch every 10 minutes
+# Pi-hole: Grab remote and local version every 24 hours
-*/10 *  * * *   root    PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updatechecker local
+59 17  * * *   root    PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updatechecker
-
+@reboot root    PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updatechecker reboot
 # Pi-hole: Grab remote version every 24 hours
 59 17  * * *   root    PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updatechecker remote
@reboot root    PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updatechecker remote reboot
--- a/advanced/Templates/pihole.sudo
+++ b/advanced/Templates/pihole.sudo
@@ -1,9 +0,0 @@
 # Pi-hole: A black hole for Internet advertisements
 # (c) 2017 Pi-hole, LLC (https://pi-hole.net)
 # Network-wide ad blocking via your own hardware.
 #
 # Allows the WebUI to use Pi-hole commands
 #
 # This file is copyright under the latest version of the EUPL.
 # Please see LICENSE file for your rights under this license.
 #
--- a/advanced/bash-completion/pihole
+++ b/advanced/bash-completion/pihole
@@ -1,79 +1,51 @@
 _pihole() {
-	local cur prev opts opts_admin opts_checkout opts_chronometer opts_debug opts_interface  opts_logging opts_privacy opts_query opts_update opts_version
+    local cur prev opts opts_checkout opts_debug opts_logging opts_query opts_update opts_version
-	COMPREPLY=()
+    COMPREPLY=()
-	cur="${COMP_WORDS[COMP_CWORD]}"
+    cur="${COMP_WORDS[COMP_CWORD]}"
-	prev="${COMP_WORDS[COMP_CWORD-1]}"
+    prev="${COMP_WORDS[COMP_CWORD-1]}"
-	prev2="${COMP_WORDS[COMP_CWORD-2]}"
+    prev2="${COMP_WORDS[COMP_CWORD-2]}"
-	case "${prev}" in
+    case "${prev}" in
-		"pihole")
+        "pihole")
-			opts="admin blacklist checkout chronometer debug disable enable flush help logging query reconfigure regex restartdns status tail uninstall updateGravity updatePihole version wildcard whitelist arpflush"
+            opts="allow allow-regex allow-wild deny checkout debug disable enable flush help logging query reconfigure regex reloaddns reloadlists status tail uninstall updateGravity updatePihole version wildcard arpflush api"
-			COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) )
+            COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) )
-		;;
+        ;;
-		"whitelist"|"blacklist"|"wildcard"|"regex")
+        "allow"|"deny"|"wildcard"|"regex"|"allow-regex"|"allow-wild")
-			opts_lists="\--delmode \--noreload \--quiet \--list \--nuke"
+            opts_lists="\not \--delmode \--quiet \--list \--help"
-			COMPREPLY=( $(compgen -W "${opts_lists}" -- ${cur}) )
+            COMPREPLY=( $(compgen -W "${opts_lists}" -- ${cur}) )
-		;;
+        ;;
-		"admin")
+        "checkout")
-			opts_admin="celsius email fahrenheit interface kelvin password privacylevel"
+            opts_checkout="core ftl web master dev"
-			COMPREPLY=( $(compgen -W "${opts_admin}" -- ${cur}) )
+            COMPREPLY=( $(compgen -W "${opts_checkout}" -- ${cur}) )
-		;;
+        ;;
-		"checkout")
+        "debug")
-			opts_checkout="core ftl web master dev"
+            opts_debug="-a"
-			COMPREPLY=( $(compgen -W "${opts_checkout}" -- ${cur}) )
+            COMPREPLY=( $(compgen -W "${opts_debug}" -- ${cur}) )
-		;;
+        ;;
-		"chronometer")
+        "logging")
-			opts_chronometer="\--exit \--json \--refresh"
+            opts_logging="on off 'off noflush'"
-			COMPREPLY=( $(compgen -W "${opts_chronometer}" -- ${cur}) )
+            COMPREPLY=( $(compgen -W "${opts_logging}" -- ${cur}) )
-		;;
+        ;;
-		"debug")
+        "query")
-			opts_debug="-a"
+            opts_query="--partial --all"
-			COMPREPLY=( $(compgen -W "${opts_debug}" -- ${cur}) )
+            COMPREPLY=( $(compgen -W "${opts_query}" -- ${cur}) )
-		;;
+        ;;
-		"logging")
+        "updatePihole"|"-up")
-			opts_logging="on off 'off noflush'"
+            opts_update="--check-only"
-			COMPREPLY=( $(compgen -W "${opts_logging}" -- ${cur}) )
+            COMPREPLY=( $(compgen -W "${opts_update}" -- ${cur}) )
-		;;
+        ;;
-		"query")
+        "core"|"admin"|"ftl")
-			opts_query="-adlist -all -exact"
+            if [[ "$prev2" == "checkout" ]]; then
-			COMPREPLY=( $(compgen -W "${opts_query}" -- ${cur}) )
+                opts_checkout="master dev"
-		;;
+                COMPREPLY=( $(compgen -W "${opts_checkout}" -- ${cur}) )
-		"updatePihole"|"-up")
+            else
-			opts_update="--check-only"
+                return 1
-			COMPREPLY=( $(compgen -W "${opts_update}" -- ${cur}) )
+            fi
-		;;
+        ;;
-		"version")
+        *)
-			opts_version="\--admin \--current \--ftl \--hash \--latest \--pihole"
+        return 1
-			COMPREPLY=( $(compgen -W "${opts_version}" -- ${cur}) )
+        ;;
-		;;
+    esac
-		"interface")
+    return 0
 			if ( [[ "$prev2" == "admin" ]] || [[ "$prev2" == "-a" ]] ); then
 				opts_interface="$(cat /proc/net/dev | cut -d: -s -f1)"
 				COMPREPLY=( $(compgen -W "${opts_interface}" -- ${cur}) )
 			else
 				return 1
 			fi
 		;;
 		"privacylevel")
 			if ( [[ "$prev2" == "admin" ]] || [[ "$prev2" == "-a" ]] ); then
 				opts_privacy="0 1 2 3"
 				COMPREPLY=( $(compgen -W "${opts_privacy}" -- ${cur}) )
 			else
 				return 1
 			fi
 		;;
 		"core"|"admin"|"ftl")
 			if [[ "$prev2" == "checkout" ]]; then
 				opts_checkout="master dev"
 				COMPREPLY=( $(compgen -W "${opts_checkout}" -- ${cur}) )
 			else
 				return 1
 			fi
 		;;
 		*)
 		return 1
 		;;
 	esac
 	return 0
 }
 complete -F _pihole pihole
--- a/advanced/blockingpage.css
+++ b/advanced/blockingpage.css
@@ -1,455 +0,0 @@
 /* Pi-hole: A black hole for Internet advertisements
 *  (c) 2017 Pi-hole, LLC (https://pi-hole.net)
 *  Network-wide ad blocking via your own hardware.
 *
 *  This file is copyright under the latest version of the EUPL.
 *  Please see LICENSE file for your rights under this license. */
 /* Text Customisation Options ======> */
 .title::before { content: "Website Blocked"; }
 .altBtn::before { content: "Why am I here?"; }
 .linkPH::before { content: "About Pi-hole"; }
 .linkEmail::before { content: "Contact Admin"; }
 #bpOutput.add::before { content: "Info"; }
 #bpOutput.add::after { content: "The domain is being whitelisted..."; }
 #bpOutput.error::before, .unhandled::before { content: "Error"; }
 #bpOutput.unhandled::after { content: "An unhandled exception occurred. This may happen when your browser is unable to load jQuery, or when the webserver is denying access to the Pi-hole API."; }
 #bpOutput.success::before { content: "Success"; }
 #bpOutput.success::after { content: "Website has been whitelisted! You may need to flush your DNS cache"; }
 .recentwl::before { content: "This site has been whitelisted. Please flush your DNS cache and/or restart your browser."; }
 .unknown::before { content: "This website is not found in any of Pi-hole's blacklists. The reason you have arrived here is unknown."; }
 .cname::before { content: "This site is an alias for "; } /* <a href="http://cname.com">cname.com</a> */
 .cname::after { content: ", which may be blocked by Pi-hole."; }
 .blacklist::before { content: "Manually Blacklisted"; }
 .wildcard::before { content: "Manually Blacklisted by Wildcard"; }
 .noblock::before { content: "Not found on any Blacklist"; }
 #bpBlock::before { content: "Access to the following website has been denied:"; }
 #bpFlag::before { content: "This is primarily due to being flagged as:"; }
 #bpHelpTxt::before { content: "If you have an ongoing use for this website, please "; }
 #bpHelpTxt a::before, #bpHelpTxt span::before { content: "ask the administrator"; }
 #bpHelpTxt::after{ content: " of the Pi-hole on this network to have it whitelisted"; }
 #bpBack::before { content: "Back to safety"; }
 #bpInfo::before { content: "Technical Info"; }
 #bpFoundIn::before { content: "This site is found in "; }
 #bpFoundIn span::after { content: " of "; }
 #bpFoundIn::after { content: " lists:"; }
 #bpWhitelist::before { content: "Whitelist"; }
 footer span::before { content: "Page generated on "; }
 /* Hide whitelisting form entirely */
 /* #bpWLButtons { display: none; } */
 /* Text Customisation Options <=============================== */
 /* http://necolas.github.io/normalize.css ======> */
 html { font-family: sans-serif; line-height: 1.15; -ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%; }
 body { margin: 0; }
 article, aside, footer, header, nav, section { display: block; }
 h1 { font-size: 2em; margin: 0.67em 0; }
 figcaption, figure, main { display: block; }
 figure { margin: 1em 40px; }
 hr { box-sizing: content-box; height: 0; overflow: visible; }
 pre { font-family: monospace, monospace; font-size: 1em; }
 a { background-color: transparent; -webkit-text-decoration-skip: objects; }
 a:active, a:hover { outline-width: 0; }
 abbr[title] { border-bottom: none; text-decoration: underline; text-decoration: underline dotted; }
 b, strong { font-weight: inherit; }
 b, strong { font-weight: bolder; }
 code, kbd, samp { font-family: monospace, monospace; font-size: 1em; }
 dfn { font-style: italic; }
 mark { background-color: #ff0; color: #000; }
 small { font-size: 80%; }
 sub, sup { font-size: 75%; line-height: 0; position: relative; vertical-align: baseline; }
 sub { bottom: -0.25em; }
 sup { top: -0.5em; }
 audio, video { display: inline-block; }
 audio:not([controls]) { display: none; height: 0; }
 img { border-style: none; }
 svg:not(:root) { overflow: hidden; }
 button, input, optgroup, select, textarea { font-family: sans-serif; font-size: 100%; line-height: 1.15; margin: 0; }
 button, input { overflow: visible; }
 button, select { text-transform: none; }
 button, html [type="button"], [type="reset"], [type="submit"] { -webkit-appearance: button; }
 button::-moz-focus-inner, [type="button"]::-moz-focus-inner, [type="reset"]::-moz-focus-inner, [type="submit"]::-moz-focus-inner { border-style: none; padding: 0; }
 button:-moz-focusring, [type="button"]:-moz-focusring, [type="reset"]:-moz-focusring, [type="submit"]:-moz-focusring { outline: 1px dotted ButtonText; }
 fieldset { border: 1px solid #c0c0c0; margin: 0 2px; padding: 0.35em 0.625em 0.75em; }
 legend { box-sizing: border-box; color: inherit; display: table; max-width: 100%; padding: 0; white-space: normal; }
 progress { display: inline-block; vertical-align: baseline; }
 textarea { overflow: auto; }
 [type="checkbox"], [type="radio"] { box-sizing: border-box; padding: 0; }
 [type="number"]::-webkit-inner-spin-button, [type="number"]::-webkit-outer-spin-button { height: auto; }
 [type="search"] { -webkit-appearance: textfield; outline-offset: -2px; }
 [type="search"]::-webkit-search-cancel-button, [type="search"]::-webkit-search-decoration { -webkit-appearance: none; }
 ::-webkit-file-upload-button { -webkit-appearance: button; font: inherit; }
 details, menu { display: block; }
 summary { display: list-item; }
 canvas { display: inline-block; }
 template { display: none; }
 [hidden] { display: none; }
 /* Normalize.css <=============================== */
 html { font-size: 62.5%; }
 a { color: #3c8dbc; text-decoration: none; }
 a:hover { color: #72afda; text-decoration: underline; }
 b { color: rgb(68, 68, 68); }
 p { margin: 0; }
 label, .buttons a {
  -webkit-user-select: none;
  -moz-user-select: none;
  -ms-user-select: none;
  user-select: none;
 }
 label, .buttons *:not([disabled]) { cursor: pointer; }
 /* Touch device dark tap highlight */
 header h1 a, label, .buttons * { -webkit-tap-highlight-color: transparent; }
 /* Webkit Focus Glow */
 textarea, input, button { outline: none; }
@font-face {
  font-family: "Source Sans Pro";
  font-style: normal;
  font-weight: 400;
  font-display: swap;
  src: local("Source Sans Pro Regular"), local("SourceSansPro-Regular"),
       url("/admin/style/vendor/SourceSansPro/source-sans-pro-v13-latin-regular.woff2") format("woff2"),
       url("/admin/style/vendor/SourceSansPro/source-sans-pro-v13-latin-regular.woff") format("woff");
 }
@font-face {
  font-family: "Source Sans Pro";
  font-style: normal;
  font-weight: 700;
  font-display: swap;
  src: local("Source Sans Pro Bold"), local("SourceSansPro-Bold"),
       url("/admin/style/vendor/SourceSansPro/source-sans-pro-v13-latin-700.woff2") format("woff2"),
       url("/admin/style/vendor/SourceSansPro/source-sans-pro-v13-latin-700.woff") format("woff");
 }
 body {
  background: #dbdbdb url("/admin/img/boxed-bg.jpg") repeat fixed;
  color: #333;
  font: 1.4rem "Source Sans Pro", "Helvetica Neue", Helvetica, Arial, sans-serif;
  line-height: 2.2rem;
 }
 /* User is greeted with a splash page when browsing to Pi-hole IP address */
 #splashpage {
  background: #222;
  color: rgba(255, 255, 255, 0.7);
  text-align: center;
  width: 100%;
  height: 100%;
  display: flex;
  align-items: center;
  justify-content: center;
 }
 #splashpage img { margin: 5px; width: 256px; }
 #splashpage b { color: inherit; }
 #bpWrapper {
  margin: 0 auto;
  max-width: 1250px;
  box-shadow: 0 0 8px rgba(0, 0, 0, 0.5);
 }
 header {
  background: #3c8dbc;
  display: table;
  position: relative;
  width: 100%;
 }
 header h1, header h1 a, header .spc, header #bpAlt label {
  display: table-cell;
  color: #fff;
  white-space: nowrap;
  vertical-align: middle;
  height: 50px; /* Must match #bpAbout top value */
 }
 h1 a {
  background-color: rgba(0, 0, 0, 0.1);
  font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;
  font-size: 2rem;
  font-weight: 400;
  min-width: 230px;
  text-align: center;
 }
 h1 a:hover, header #bpAlt:hover { background-color: rgba(0, 0, 0, 0.12); color: inherit; text-decoration: none; }
 header .spc { width: 100%; }
 header #bpAlt label {
  background: url("/admin/img/logo.svg") no-repeat center left 15px;
  background-size: 15px 23px;
  padding: 0 15px;
  text-indent: 30px;
 }
 [type="checkbox"][id$="Toggle"] { display: none; }
 [type="checkbox"][id$="Toggle"]:checked ~ #bpAbout,
 [type="checkbox"][id$="Toggle"]:checked ~ #bpMoreInfo {
  display: block;
 }
 html, body {
    height: 100%;
 }
 #pihole_card {
    width: 400px;
    height: auto;
    max-width: 400px;
 }
    #pihole_card p, #pihole_card a {
        font-size: 13pt;
        text-align: center;
    }
 #pihole_logo_splash {
    height: auto;
    width: 100%;
 }
 /* Click anywhere else on screen to hide #bpAbout */
 #bpAboutToggle:checked {
  display: block;
  height: 300px; /* VH Fallback */
  height: 100vh;
  left: 0;
  top: 0;
  opacity: 0;
  position: absolute;
  width: 100%;
 }
 #bpAbout {
  background: #3c8dbc;
  border-bottom-left-radius: 5px;
  border: 1px solid #fff;
  border-right-width: 0;
  box-shadow: -1px 1px 1px rgba(0, 0, 0, 0.12);
  box-sizing: border-box;
  display: none;
  font-size: 1.7rem;
  top: 50px;
  position: absolute;
  right: 0;
  width: 280px;
  z-index: 1;
 }
 .aboutPH {
  box-sizing: border-box;
  color: rgba(255, 255, 255, 0.8);
  display: block;
  padding: 10px;
  width: 100%;
  text-align: center;
 }
 .aboutImg {
  background: url("/admin/img/logo.svg") no-repeat center;
  background-size: 90px 90px;
  height: 90px;
  margin: 0 auto;
  padding: 2px;
  width: 90px;
 }
 .aboutPH p { margin: 10px 0; }
 .aboutPH small { display: block; font-size: 1.2rem; }
 .aboutLink {
  background: #fff;
  border-top: 1px solid #ddd;
  display: table;
  font-size: 1.4rem;
  text-align: center;
  width: 100%;
 }
 .aboutLink a {
  display: table-cell;
  padding: 14px;
  min-width: 50%;
 }
 main {
  background: #ecf0f5;
  font-size: 1.65rem;
  padding: 10px;
 }
 #bpOutput {
  background: #00c0ef;
  border-radius: 3px;
  border: 1px solid rgba(0, 0, 0, 0.1);
  color: #fff;
  font-size: 1.4rem;
  margin-bottom: 10px;
  margin-top: 5px;
  padding: 15px;
 }
 #bpOutput::before {
  background: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' width='7' height='14' viewBox='0 0 7 14'%3E%3Cpath fill='%23fff' d='M6 11a1.371 1.371 0 011 1v1a1.371 1.371 0 01-1 1H1a1.371 1.371 0 01-1-1v-1a1.371 1.371 0 011-1h1V8H1a1.371 1.371 0 01-1-1V6a1.371 1.371 0 011-1h3a1.371 1.371 0 011 1v5h1zM3.5 0A1.5 1.5 0 112 1.5 1.5 1.5 0 013.5 0z'/%3E%3C/svg%3E") no-repeat center left;
  display: block;
  font-size: 1.8rem;
  text-indent: 15px;
 }
 #bpOutput.hidden { display: none; }
 #bpOutput.success { background: #00a65a; }
 #bpOutput.error { background: #dd4b39; }
 .blockMsg, .flagMsg {
  font: 700 1.8rem Consolas, Courier, monospace;
  padding: 5px 10px 10px;
  text-indent: 15px;
 }
 #bpHelpTxt { padding-bottom: 10px; }
 .buttons {
  border-spacing: 5px 0;
  display: table;
  width: 100%;
 }
 .buttons * {
  -moz-appearance: none;
  -webkit-appearance: none;
  border-radius: 3px;
  border: 1px solid rgba(0, 0, 0, 0.1);
  box-sizing: content-box;
  display: table-cell;
  font-size: 1.65rem;
  margin-right: 5px;
  min-height: 20px;
  padding: 6px 12px;
  position: relative;
  text-align: center;
  vertical-align: top;
  white-space: nowrap;
  width: auto;
 }
 .buttons a:hover { text-decoration: none; }
 /* Button hover dark overlay */
 .buttons *:not(input):not([disabled]):hover {
  background-image: linear-gradient(to bottom, rgba(0, 0, 0, 0.1), rgba(0, 0, 0, 0.1));
  color: #fff;
 }
 /* Button active shadow inset */
 .buttons *:not([disabled]):not(input):active {
  box-shadow: inset 0 3px 5px rgba(0, 0, 0, 0.125);
 }
 /* Input border color */
 .buttons *:not([disabled]):hover, .buttons input:focus {
  border-color: rgba(0, 0, 0, 0.25);
 }
 #bpButtons *  { width: 50%; color: #fff; }
 #bpBack       { background-color: #00a65a; }
 #bpInfo       { background-color: #3c8dbc; }
 #bpWhitelist  { background-color: #dd4b39; }
 #blockpage .buttons [type="password"][disabled] { color: rgba(0, 0, 0, 1); }
 #blockpage .buttons [disabled] { color: rgba(0, 0, 0, 0.55); background-color: #e3e3e3; }
 #blockpage .buttons [type="password"]:-ms-input-placeholder { color: rgba(51, 51, 51, 0.8); }
 input[type="password"] { font-size: 1.5rem; }
@-webkit-keyframes slidein { from { max-height: 0; opacity: 0; } to { max-height: 300px; opacity: 1; } }
@keyframes slidein { from { max-height: 0; opacity: 0; } to { max-height: 300px; opacity: 1; } }
 #bpMoreToggle:checked ~ #bpMoreInfo { display: block; margin-top: 8px; -webkit-animation: slidein 0.05s linear; animation: slidein 0.05s linear; }
 #bpMoreInfo { display: none; margin-top: 10px; }
 #bpQueryOutput {
  font-size: 1.2rem;
  line-height: 1.65rem;
  margin: 5px 0 0;
  overflow: auto;
  padding: 0 5px;
  -webkit-overflow-scrolling: touch;
 }
 #bpQueryOutput span { margin-right: 4px; }
 #bpWLButtons { width: auto; margin-top: 10px; }
 #bpWLButtons * { display: inline-block; }
 #bpWLDomain { display: none; }
 #bpWLPassword { width: 160px; }
 #bpWhitelist { color: #fff; }
 footer {
  background: #fff;
  border-top: 1px solid #d2d6de;
  color: #444;
  font: 1.2rem Consolas, Courier, monospace;
  padding: 8px;
 }
 /* Responsive Content */
@media only screen and (max-width: 500px) {
  h1 a {
        font-size: 1.8rem;
        min-width: 170px;
    }
    footer span::before {
        content: "Generated ";
    }
    footer span {
        display: block;
    }
 }
@media only screen and (min-width: 1251px) {
  #bpWrapper, footer {
        border-radius: 0 0 5px 5px;
    }
    #bpAbout {
        border-right-width: 1px;
    }
 }
@media only screen and (max-width: 400px) {
    #pihole_card {
        width: 100%;
        height: auto;
    }
        #pihole_card p, #pihole_card a {
            font-size: 100%;
        }
 }
@media only screen and (max-width: 256px) {
    #pihole_logo_splash {
        width: 90% !important;
        height: auto;
    }
 }
--- a/advanced/cmdline.txt
+++ b/advanced/cmdline.txt
@@ -1 +0,0 @@
 dwc_otg.lpm_enable=0 console=ttyAMA0,115200 console=tty1 root=/dev/mmcblk0p2 rootfstype=ext4 elevator=deadline fsck.repair=yes rootwait fbcon=map:10 fbcon=font:VGA8x8 consoleblank=0
--- a/advanced/console-setup
+++ b/advanced/console-setup
@@ -1,17 +0,0 @@
 # CONFIGURATION FILE FOR SETUPCON
 # Consult the console-setup(5) manual page.
 ACTIVE_CONSOLES="/dev/tty[1-6]"
 CHARMAP="UTF-8"
 # For best results with the Adafruit 2.8 LCD and Pi-hole's chronometer
 CODESET="guess"
 FONTFACE="Terminus"
 FONTSIZE="10x20"
 VIDEOMODE=
 # The following is an example how to use a braille font
 # FONT='lat9w-08.psf.gz brl-8x8.psf'
--- a/advanced/dnsmasq.conf.original
+++ b/advanced/dnsmasq.conf.original
@@ -1,648 +0,0 @@
 # Configuration file for dnsmasq.
 #
 # Format is one option per line, legal options are the same
 # as the long options legal on the command line. See
 # "/usr/sbin/dnsmasq --help" or "man 8 dnsmasq" for details.
 # Listen on this specific port instead of the standard DNS port
 # (53). Setting this to zero completely disables DNS function,
 # leaving only DHCP and/or TFTP.
 #port=5353
 # The following two options make you a better netizen, since they
 # tell dnsmasq to filter out queries which the public DNS cannot
 # answer, and which load the servers (especially the root servers)
 # unnecessarily. If you have a dial-on-demand link they also stop
 # these requests from bringing up the link unnecessarily.
 # Never forward plain names (without a dot or domain part)
 #domain-needed
 # Never forward addresses in the non-routed address spaces.
 #bogus-priv
 # Uncomment these to enable DNSSEC validation and caching:
 # (Requires dnsmasq to be built with DNSSEC option.)
 #conf-file=%%PREFIX%%/share/dnsmasq/trust-anchors.conf
 #dnssec
 # Replies which are not DNSSEC signed may be legitimate, because the domain
 # is unsigned, or may be forgeries. Setting this option tells dnsmasq to
 # check that an unsigned reply is OK, by finding a secure proof that a DS
 # record somewhere between the root and the domain does not exist.
 # The cost of setting this is that even queries in unsigned domains will need
 # one or more extra DNS queries to verify.
 #dnssec-check-unsigned
 # Uncomment this to filter useless windows-originated DNS requests
 # which can trigger dial-on-demand links needlessly.
 # Note that (amongst other things) this blocks all SRV requests,
 # so don't use it if you use eg Kerberos, SIP, XMMP or Google-talk.
 # This option only affects forwarding, SRV records originating for
 # dnsmasq (via srv-host= lines) are not suppressed by it.
 #filterwin2k
 # Change this line if you want dns to get its upstream servers from
 # somewhere other that /etc/resolv.conf
 #resolv-file=
 # By  default,  dnsmasq  will  send queries to any of the upstream
 # servers it knows about and tries to favor servers to are  known
 # to  be  up.  Uncommenting this forces dnsmasq to try each query
 # with  each  server  strictly  in  the  order  they   appear   in
 # /etc/resolv.conf
 #strict-order
 # If you don't want dnsmasq to read /etc/resolv.conf or any other
 # file, getting its servers from this file instead (see below), then
 # uncomment this.
 #no-resolv
 # If you don't want dnsmasq to poll /etc/resolv.conf or other resolv
 # files for changes and re-read them then uncomment this.
 #no-poll
 # Add other name servers here, with domain specs if they are for
 # non-public domains.
 #server=/localnet/192.168.0.1
 # Example of routing PTR queries to nameservers: this will send all
 # address->name queries for 192.168.3/24 to nameserver 10.1.2.3
 #server=/3.168.192.in-addr.arpa/10.1.2.3
 # Add local-only domains here, queries in these domains are answered
 # from /etc/hosts or DHCP only.
 #local=/localnet/
 # Add domains which you want to force to an IP address here.
 # The example below send any host in double-click.net to a local
 # web-server.
 #address=/double-click.net/127.0.0.1
 # --address (and --server) work with IPv6 addresses too.
 #address=/www.thekelleys.org.uk/fe80::20d:60ff:fe36:f83
 # Add the IPs of all queries to yahoo.com, google.com, and their
 # subdomains to the vpn and search ipsets:
 #ipset=/yahoo.com/google.com/vpn,search
 # You can control how dnsmasq talks to a server: this forces
 # queries to 10.1.2.3 to be routed via eth1
 # server=10.1.2.3@eth1
 # and this sets the source (ie local) address used to talk to
 # 10.1.2.3 to 192.168.1.1 port 55 (there must be a interface with that
 # IP on the machine, obviously).
 # server=10.1.2.3@192.168.1.1#55
 # If you want dnsmasq to change uid and gid to something other
 # than the default, edit the following lines.
 #user=
 #group=
 # If you want dnsmasq to listen for DHCP and DNS requests only on
 # specified interfaces (and the loopback) give the name of the
 # interface (eg eth0) here.
 # Repeat the line for more than one interface.
 #interface=
 # Or you can specify which interface _not_ to listen on
 #except-interface=
 # Or which to listen on by address (remember to include 127.0.0.1 if
 # you use this.)
 #listen-address=
 # If you want dnsmasq to provide only DNS service on an interface,
 # configure it as shown above, and then use the following line to
 # disable DHCP and TFTP on it.
 #no-dhcp-interface=
 # On systems which support it, dnsmasq binds the wildcard address,
 # even when it is listening on only some interfaces. It then discards
 # requests that it shouldn't reply to. This has the advantage of
 # working even when interfaces come and go and change address. If you
 # want dnsmasq to really bind only the interfaces it is listening on,
 # uncomment this option. About the only time you may need this is when
 # running another nameserver on the same machine.
 #bind-interfaces
 # If you don't want dnsmasq to read /etc/hosts, uncomment the
 # following line.
 #no-hosts
 # or if you want it to read another file, as well as /etc/hosts, use
 # this.
 #addn-hosts=/etc/banner_add_hosts
 # Set this (and domain: see below) if you want to have a domain
 # automatically added to simple names in a hosts-file.
 #expand-hosts
 # Set the domain for dnsmasq. this is optional, but if it is set, it
 # does the following things.
 # 1) Allows DHCP hosts to have fully qualified domain names, as long
 #     as the domain part matches this setting.
 # 2) Sets the "domain" DHCP option thereby potentially setting the
 #    domain of all systems configured by DHCP
 # 3) Provides the domain part for "expand-hosts"
 #domain=thekelleys.org.uk
 # Set a different domain for a particular subnet
 #domain=wireless.thekelleys.org.uk,192.168.2.0/24
 # Same idea, but range rather then subnet
 #domain=reserved.thekelleys.org.uk,192.68.3.100,192.168.3.200
 # Uncomment this to enable the integrated DHCP server, you need
 # to supply the range of addresses available for lease and optionally
 # a lease time. If you have more than one network, you will need to
 # repeat this for each network on which you want to supply DHCP
 # service.
 #dhcp-range=192.168.0.50,192.168.0.150,12h
 # This is an example of a DHCP range where the netmask is given. This
 # is needed for networks we reach the dnsmasq DHCP server via a relay
 # agent. If you don't know what a DHCP relay agent is, you probably
 # don't need to worry about this.
 #dhcp-range=192.168.0.50,192.168.0.150,255.255.255.0,12h
 # This is an example of a DHCP range which sets a tag, so that
 # some DHCP options may be set only for this network.
 #dhcp-range=set:red,192.168.0.50,192.168.0.150
 # Use this DHCP range only when the tag "green" is set.
 #dhcp-range=tag:green,192.168.0.50,192.168.0.150,12h
 # Specify a subnet which can't be used for dynamic address allocation,
 # is available for hosts with matching --dhcp-host lines. Note that
 # dhcp-host declarations will be ignored unless there is a dhcp-range
 # of some type for the subnet in question.
 # In this case the netmask is implied (it comes from the network
 # configuration on the machine running dnsmasq) it is possible to give
 # an explicit netmask instead.
 #dhcp-range=192.168.0.0,static
 # Enable DHCPv6. Note that the prefix-length does not need to be specified
 # and defaults to 64 if missing/
 #dhcp-range=1234::2, 1234::500, 64, 12h
 # Do Router Advertisements, BUT NOT DHCP for this subnet.
 #dhcp-range=1234::, ra-only
 # Do Router Advertisements, BUT NOT DHCP for this subnet, also try and
 # add names to the DNS for the IPv6 address of SLAAC-configured dual-stack
 # hosts. Use the DHCPv4 lease to derive the name, network segment and
 # MAC address and assume that the host will also have an
 # IPv6 address calculated using the SLAAC algorithm.
 #dhcp-range=1234::, ra-names
 # Do Router Advertisements, BUT NOT DHCP for this subnet.
 # Set the lifetime to 46 hours. (Note: minimum lifetime is 2 hours.)
 #dhcp-range=1234::, ra-only, 48h
 # Do DHCP and Router Advertisements for this subnet. Set the A bit in the RA
 # so that clients can use SLAAC addresses as well as DHCP ones.
 #dhcp-range=1234::2, 1234::500, slaac
 # Do Router Advertisements and stateless DHCP for this subnet. Clients will
 # not get addresses from DHCP, but they will get other configuration information.
 # They will use SLAAC for addresses.
 #dhcp-range=1234::, ra-stateless
 # Do stateless DHCP, SLAAC, and generate DNS names for SLAAC addresses
 # from DHCPv4 leases.
 #dhcp-range=1234::, ra-stateless, ra-names
 # Do router advertisements for all subnets where we're doing DHCPv6
 # Unless overridden by ra-stateless, ra-names, et al, the router
 # advertisements will have the M and O bits set, so that the clients
 # get addresses and configuration from DHCPv6, and the A bit reset, so the
 # clients don't use SLAAC addresses.
 #enable-ra
 # Supply parameters for specified hosts using DHCP. There are lots
 # of valid alternatives, so we will give examples of each. Note that
 # IP addresses DO NOT have to be in the range given above, they just
 # need to be on the same network. The order of the parameters in these
 # do not matter, it's permissible to give name, address and MAC in any
 # order.
 # Always allocate the host with Ethernet address 11:22:33:44:55:66
 # The IP address 192.168.0.60
 #dhcp-host=11:22:33:44:55:66,192.168.0.60
 # Always set the name of the host with hardware address
 # 11:22:33:44:55:66 to be "fred"
 #dhcp-host=11:22:33:44:55:66,fred
 # Always give the host with Ethernet address 11:22:33:44:55:66
 # the name fred and IP address 192.168.0.60 and lease time 45 minutes
 #dhcp-host=11:22:33:44:55:66,fred,192.168.0.60,45m
 # Give a host with Ethernet address 11:22:33:44:55:66 or
 # 12:34:56:78:90:12 the IP address 192.168.0.60. Dnsmasq will assume
 # that these two Ethernet interfaces will never be in use at the same
 # time, and give the IP address to the second, even if it is already
 # in use by the first. Useful for laptops with wired and wireless
 # addresses.
 #dhcp-host=11:22:33:44:55:66,12:34:56:78:90:12,192.168.0.60
 # Give the machine which says its name is "bert" IP address
 # 192.168.0.70 and an infinite lease
 #dhcp-host=bert,192.168.0.70,infinite
 # Always give the host with client identifier 01:02:02:04
 # the IP address 192.168.0.60
 #dhcp-host=id:01:02:02:04,192.168.0.60
 # Always give the host with client identifier "marjorie"
 # the IP address 192.168.0.60
 #dhcp-host=id:marjorie,192.168.0.60
 # Enable the address given for "judge" in /etc/hosts
 # to be given to a machine presenting the name "judge" when
 # it asks for a DHCP lease.
 #dhcp-host=judge
 # Never offer DHCP service to a machine whose Ethernet
 # address is 11:22:33:44:55:66
 #dhcp-host=11:22:33:44:55:66,ignore
 # Ignore any client-id presented by the machine with Ethernet
 # address 11:22:33:44:55:66. This is useful to prevent a machine
 # being treated differently when running under different OS's or
 # between PXE boot and OS boot.
 #dhcp-host=11:22:33:44:55:66,id:*
 # Send extra options which are tagged as "red" to
 # the machine with Ethernet address 11:22:33:44:55:66
 #dhcp-host=11:22:33:44:55:66,set:red
 # Send extra options which are tagged as "red" to
 # any machine with Ethernet address starting 11:22:33:
 #dhcp-host=11:22:33:*:*:*,set:red
 # Give a fixed IPv6 address and name to client with
 # DUID 00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2
 # Note the MAC addresses CANNOT be used to identify DHCPv6 clients.
 # Note also the they [] around the IPv6 address are obligatory.
 #dhcp-host=id:00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2, fred, [1234::5]
 # Ignore any clients which are not specified in dhcp-host lines
 # or /etc/ethers. Equivalent to ISC "deny unknown-clients".
 # This relies on the special "known" tag which is set when
 # a host is matched.
 #dhcp-ignore=tag:!known
 # Send extra options which are tagged as "red" to any machine whose
 # DHCP vendorclass string includes the substring "Linux"
 #dhcp-vendorclass=set:red,Linux
 # Send extra options which are tagged as "red" to any machine one
 # of whose DHCP userclass strings includes the substring "accounts"
 #dhcp-userclass=set:red,accounts
 # Send extra options which are tagged as "red" to any machine whose
 # MAC address matches the pattern.
 #dhcp-mac=set:red,00:60:8C:*:*:*
 # If this line is uncommented, dnsmasq will read /etc/ethers and act
 # on the ethernet-address/IP pairs found there just as if they had
 # been given as --dhcp-host options. Useful if you keep
 # MAC-address/host mappings there for other purposes.
 #read-ethers
 # Send options to hosts which ask for a DHCP lease.
 # See RFC 2132 for details of available options.
 # Common options can be given to dnsmasq by name:
 # run "dnsmasq --help dhcp" to get a list.
 # Note that all the common settings, such as netmask and
 # broadcast address, DNS server and default route, are given
 # sane defaults by dnsmasq. You very likely will not need
 # any dhcp-options. If you use Windows clients and Samba, there
 # are some options which are recommended, they are detailed at the
 # end of this section.
 # Override the default route supplied by dnsmasq, which assumes the
 # router is the same machine as the one running dnsmasq.
 #dhcp-option=3,1.2.3.4
 # Do the same thing, but using the option name
 #dhcp-option=option:router,1.2.3.4
 # Override the default route supplied by dnsmasq and send no default
 # route at all. Note that this only works for the options sent by
 # default (1, 3, 6, 12, 28) the same line will send a zero-length option
 # for all other option numbers.
 #dhcp-option=3
 # Set the NTP time server addresses to 192.168.0.4 and 10.10.0.5
 #dhcp-option=option:ntp-server,192.168.0.4,10.10.0.5
 # Send DHCPv6 option. Note [] around IPv6 addresses.
 #dhcp-option=option6:dns-server,[1234::77],[1234::88]
 # Send DHCPv6 option for namservers as the machine running
 # dnsmasq and another.
 #dhcp-option=option6:dns-server,[::],[1234::88]
 # Ask client to poll for option changes every six hours. (RFC4242)
 #dhcp-option=option6:information-refresh-time,6h
 # Set the NTP time server address to be the same machine as
 # is running dnsmasq
 #dhcp-option=42,0.0.0.0
 # Set the NIS domain name to "welly"
 #dhcp-option=40,welly
 # Set the default time-to-live to 50
 #dhcp-option=23,50
 # Set the "all subnets are local" flag
 #dhcp-option=27,1
 # Send the etherboot magic flag and then etherboot options (a string).
 #dhcp-option=128,e4:45:74:68:00:00
 #dhcp-option=129,NIC=eepro100
 # Specify an option which will only be sent to the "red" network
 # (see dhcp-range for the declaration of the "red" network)
 # Note that the tag: part must precede the option: part.
 #dhcp-option = tag:red, option:ntp-server, 192.168.1.1
 # The following DHCP options set up dnsmasq in the same way as is specified
 # for the ISC dhcpcd in
 # http://www.samba.org/samba/ftp/docs/textdocs/DHCP-Server-Configuration.txt
 # adapted for a typical dnsmasq installation where the host running
 # dnsmasq is also the host running samba.
 # you may want to uncomment some or all of them if you use
 # Windows clients and Samba.
 #dhcp-option=19,0           # option ip-forwarding off
 #dhcp-option=44,0.0.0.0     # set netbios-over-TCP/IP nameserver(s) aka WINS server(s)
 #dhcp-option=45,0.0.0.0     # netbios datagram distribution server
 #dhcp-option=46,8           # netbios node type
 # Send an empty WPAD option. This may be REQUIRED to get windows 7 to behave.
 #dhcp-option=252,"\n"
 # Send RFC-3397 DNS domain search DHCP option. WARNING: Your DHCP client
 # probably doesn't support this......
 #dhcp-option=option:domain-search,eng.apple.com,marketing.apple.com
 # Send RFC-3442 classless static routes (note the netmask encoding)
 #dhcp-option=121,192.168.1.0/24,1.2.3.4,10.0.0.0/8,5.6.7.8
 # Send vendor-class specific options encapsulated in DHCP option 43.
 # The meaning of the options is defined by the vendor-class so
 # options are sent only when the client supplied vendor class
 # matches the class given here. (A substring match is OK, so "MSFT"
 # matches "MSFT" and "MSFT 5.0"). This example sets the
 # mtftp address to 0.0.0.0 for PXEClients.
 #dhcp-option=vendor:PXEClient,1,0.0.0.0
 # Send microsoft-specific option to tell windows to release the DHCP lease
 # when it shuts down. Note the "i" flag, to tell dnsmasq to send the
 # value as a four-byte integer - that's what microsoft wants. See
 # http://technet2.microsoft.com/WindowsServer/en/library/a70f1bb7-d2d4-49f0-96d6-4b7414ecfaae1033.mspx?mfr=true
 #dhcp-option=vendor:MSFT,2,1i
 # Send the Encapsulated-vendor-class ID needed by some configurations of
 # Etherboot to allow is to recognize the DHCP server.
 #dhcp-option=vendor:Etherboot,60,"Etherboot"
 # Send options to PXELinux. Note that we need to send the options even
 # though they don't appear in the parameter request list, so we need
 # to use dhcp-option-force here.
 # See http://syslinux.zytor.com/pxe.php#special for details.
 # Magic number - needed before anything else is recognized
 #dhcp-option-force=208,f1:00:74:7e
 # Configuration file name
 #dhcp-option-force=209,configs/common
 # Path prefix
 #dhcp-option-force=210,/tftpboot/pxelinux/files/
 # Reboot time. (Note 'i' to send 32-bit value)
 #dhcp-option-force=211,30i
 # Set the boot filename for netboot/PXE. You will only need
 # this is you want to boot machines over the network and you will need
 # a TFTP server; either dnsmasq's built in TFTP server or an
 # external one. (See below for how to enable the TFTP server.)
 #dhcp-boot=pxelinux.0
 # The same as above, but use custom tftp-server instead machine running dnsmasq
 #dhcp-boot=pxelinux,server.name,192.168.1.100
 # Boot for Etherboot gPXE. The idea is to send two different
 # filenames, the first loads gPXE, and the second tells gPXE what to
 # load. The dhcp-match sets the gpxe tag for requests from gPXE.
 #dhcp-match=set:gpxe,175 # gPXE sends a 175 option.
 #dhcp-boot=tag:!gpxe,undionly.kpxe
 #dhcp-boot=mybootimage
 # Encapsulated options for Etherboot gPXE. All the options are
 # encapsulated within option 175
 #dhcp-option=encap:175, 1, 5b         # priority code
 #dhcp-option=encap:175, 176, 1b       # no-proxydhcp
 #dhcp-option=encap:175, 177, string   # bus-id
 #dhcp-option=encap:175, 189, 1b       # BIOS drive code
 #dhcp-option=encap:175, 190, user     # iSCSI username
 #dhcp-option=encap:175, 191, pass     # iSCSI password
 # Test for the architecture of a netboot client. PXE clients are
 # supposed to send their architecture as option 93. (See RFC 4578)
 #dhcp-match=peecees, option:client-arch, 0 #x86-32
 #dhcp-match=itanics, option:client-arch, 2 #IA64
 #dhcp-match=hammers, option:client-arch, 6 #x86-64
 #dhcp-match=mactels, option:client-arch, 7 #EFI x86-64
 # Do real PXE, rather than just booting a single file, this is an
 # alternative to dhcp-boot.
 #pxe-prompt="What system shall I netboot?"
 # or with timeout before first available action is taken:
 #pxe-prompt="Press F8 for menu.", 60
 # Available boot services. for PXE.
 #pxe-service=x86PC, "Boot from local disk"
 # Loads <tftp-root>/pxelinux.0 from dnsmasq TFTP server.
 #pxe-service=x86PC, "Install Linux", pxelinux
 # Loads <tftp-root>/pxelinux.0 from TFTP server at 1.2.3.4.
 # Beware this fails on old PXE ROMS.
 #pxe-service=x86PC, "Install Linux", pxelinux, 1.2.3.4
 # Use bootserver on network, found my multicast or broadcast.
 #pxe-service=x86PC, "Install windows from RIS server", 1
 # Use bootserver at a known IP address.
 #pxe-service=x86PC, "Install windows from RIS server", 1, 1.2.3.4
 # If you have multicast-FTP available,
 # information for that can be passed in a similar way using options 1
 # to 5. See page 19 of
 # http://download.intel.com/design/archives/wfm/downloads/pxespec.pdf
 # Enable dnsmasq's built-in TFTP server
 #enable-tftp
 # Set the root directory for files available via FTP.
 #tftp-root=/var/ftpd
 # Make the TFTP server more secure: with this set, only files owned by
 # the user dnsmasq is running as will be send over the net.
 #tftp-secure
 # This option stops dnsmasq from negotiating a larger blocksize for TFTP
 # transfers. It will slow things down, but may rescue some broken TFTP
 # clients.
 #tftp-no-blocksize
 # Set the boot file name only when the "red" tag is set.
 #dhcp-boot=tag:red,pxelinux.red-net
 # An example of dhcp-boot with an external TFTP server: the name and IP
 # address of the server are given after the filename.
 # Can fail with old PXE ROMS. Overridden by --pxe-service.
 #dhcp-boot=/var/ftpd/pxelinux.0,boothost,192.168.0.3
 # If there are multiple external tftp servers having a same name
 # (using /etc/hosts) then that name can be specified as the
 # tftp_servername (the third option to dhcp-boot) and in that
 # case dnsmasq resolves this name and returns the resultant IP
 # addresses in round robin fasion. This facility can be used to
 # load balance the tftp load among a set of servers.
 #dhcp-boot=/var/ftpd/pxelinux.0,boothost,tftp_server_name
 # Set the limit on DHCP leases, the default is 150
 #dhcp-lease-max=150
 # The DHCP server needs somewhere on disk to keep its lease database.
 # This defaults to a sane location, but if you want to change it, use
 # the line below.
 #dhcp-leasefile=/var/lib/misc/dnsmasq.leases
 # Set the DHCP server to authoritative mode. In this mode it will barge in
 # and take over the lease for any client which broadcasts on the network,
 # whether it has a record of the lease or not. This avoids long timeouts
 # when a machine wakes up on a new network. DO NOT enable this if there's
 # the slightest chance that you might end up accidentally configuring a DHCP
 # server for your campus/company accidentally. The ISC server uses
 # the same option, and this URL provides more information:
 # http://www.isc.org/files/auth.html
 #dhcp-authoritative
 # Run an executable when a DHCP lease is created or destroyed.
 # The arguments sent to the script are "add" or "del",
 # then the MAC address, the IP address and finally the hostname
 # if there is one.
 #dhcp-script=/bin/echo
 # Set the cachesize here.
 #cache-size=150
 # If you want to disable negative caching, uncomment this.
 #no-negcache
 # Normally responses which come from /etc/hosts and the DHCP lease
 # file have Time-To-Live set as zero, which conventionally means
 # do not cache further. If you are happy to trade lower load on the
 # server for potentially stale date, you can set a time-to-live (in
 # seconds) here.
 #local-ttl=
 # If you want dnsmasq to detect attempts by Verisign to send queries
 # to unregistered .com and .net hosts to its sitefinder service and
 # have dnsmasq instead return the correct NXDOMAIN response, uncomment
 # this line. You can add similar lines to do the same for other
 # registries which have implemented wildcard A records.
 #bogus-nxdomain=64.94.110.11
 # If you want to fix up DNS results from upstream servers, use the
 # alias option. This only works for IPv4.
 # This alias makes a result of 1.2.3.4 appear as 5.6.7.8
 #alias=1.2.3.4,5.6.7.8
 # and this maps 1.2.3.x to 5.6.7.x
 #alias=1.2.3.0,5.6.7.0,255.255.255.0
 # and this maps 192.168.0.10->192.168.0.40 to 10.0.0.10->10.0.0.40
 #alias=192.168.0.10-192.168.0.40,10.0.0.0,255.255.255.0
 # Change these lines if you want dnsmasq to serve MX records.
 # Return an MX record named "maildomain.com" with target
 # servermachine.com and preference 50
 #mx-host=maildomain.com,servermachine.com,50
 # Set the default target for MX records created using the localmx option.
 #mx-target=servermachine.com
 # Return an MX record pointing to the mx-target for all local
 # machines.
 #localmx
 # Return an MX record pointing to itself for all local machines.
 #selfmx
 # Change the following lines if you want dnsmasq to serve SRV
 # records.  These are useful if you want to serve ldap requests for
 # Active Directory and other windows-originated DNS requests.
 # See RFC 2782.
 # You may add multiple srv-host lines.
 # The fields are <name>,<target>,<port>,<priority>,<weight>
 # If the domain part if missing from the name (so that is just has the
 # service and protocol sections) then the domain given by the domain=
 # config option is used. (Note that expand-hosts does not need to be
 # set for this to work.)
 # A SRV record sending LDAP for the example.com domain to
 # ldapserver.example.com port 389
 #srv-host=_ldap._tcp.example.com,ldapserver.example.com,389
 # A SRV record sending LDAP for the example.com domain to
 # ldapserver.example.com port 389 (using domain=)
 #domain=example.com
 #srv-host=_ldap._tcp,ldapserver.example.com,389
 # Two SRV records for LDAP, each with different priorities
 #srv-host=_ldap._tcp.example.com,ldapserver.example.com,389,1
 #srv-host=_ldap._tcp.example.com,ldapserver.example.com,389,2
 # A SRV record indicating that there is no LDAP server for the domain
 # example.com
 #srv-host=_ldap._tcp.example.com
 # The following line shows how to make dnsmasq serve an arbitrary PTR
 # record. This is useful for DNS-SD. (Note that the
 # domain-name expansion done for SRV records _does_not
 # occur for PTR records.)
 #ptr-record=_http._tcp.dns-sd-services,"New Employee Page._http._tcp.dns-sd-services"
 # Change the following lines to enable dnsmasq to serve TXT records.
 # These are used for things like SPF and zeroconf. (Note that the
 # domain-name expansion done for SRV records _does_not
 # occur for TXT records.)
 #Example SPF.
 #txt-record=example.com,"v=spf1 a -all"
 #Example zeroconf
 #txt-record=_http._tcp.example.com,name=value,paper=A4
 # Provide an alias for a "local" DNS name. Note that this _only_ works
 # for targets which are names from DHCP or /etc/hosts. Give host
 # "bert" another name, bertrand
 #cname=bertand,bert
 # For debugging purposes, log each DNS query as it passes through
 # dnsmasq.
 #log-queries
 # Log lots of extra information about DHCP transactions.
 #log-dhcp
 # Include another lot of configuration options.
 #conf-file=/etc/dnsmasq.more.conf
 #conf-dir=/etc/dnsmasq.d
 # Include all the files in a directory except those ending in .bak
 #conf-dir=/etc/dnsmasq.d,.bak
 # Include all files in a directory which end in .conf
 #conf-dir=/etc/dnsmasq.d/*.conf
--- a/advanced/index.php
+++ b/advanced/index.php
@@ -1,395 +0,0 @@
 <?php
 /* Pi-hole: A black hole for Internet advertisements
 *  (c) 2017 Pi-hole, LLC (https://pi-hole.net)
 *  Network-wide ad blocking via your own hardware.
 *
 *  This file is copyright under the latest version of the EUPL.
 *  Please see LICENSE file for your rights under this license. */
 // Sanitize SERVER_NAME output
 $serverName = htmlspecialchars($_SERVER["SERVER_NAME"]);
 // Remove external ipv6 brackets if any
 $serverName = preg_replace('/^\[(.*)\]$/', '${1}', $serverName);
 if (!is_file("/etc/pihole/setupVars.conf"))
  die("[ERROR] File not found: <code>/etc/pihole/setupVars.conf</code>");
 // Get values from setupVars.conf
 $setupVars = parse_ini_file("/etc/pihole/setupVars.conf");
 $svPasswd = !empty($setupVars["WEBPASSWORD"]);
 $svEmail = (!empty($setupVars["ADMIN_EMAIL"]) && filter_var($setupVars["ADMIN_EMAIL"], FILTER_VALIDATE_EMAIL)) ? $setupVars["ADMIN_EMAIL"] : "";
 unset($setupVars);
 // Set landing page location, found within /var/www/html/
 $landPage = "../landing.php";
 // Define array for hostnames to be accepted as self address for splash page
 $authorizedHosts = [ "localhost" ];
 if (!empty($_SERVER["FQDN"])) {
    // If setenv.add-environment = ("fqdn" => "true") is configured in lighttpd,
    // append $serverName to $authorizedHosts
    array_push($authorizedHosts, $serverName);
 } else if (!empty($_SERVER["VIRTUAL_HOST"])) {
    // Append virtual hostname to $authorizedHosts
    array_push($authorizedHosts, $_SERVER["VIRTUAL_HOST"]);
 }
 // Set which extension types render as Block Page (Including "" for index.ext)
 $validExtTypes = array("asp", "htm", "html", "php", "rss", "xml", "");
 // Get extension of current URL
 $currentUrlExt = pathinfo($_SERVER["REQUEST_URI"], PATHINFO_EXTENSION);
 // Set mobile friendly viewport
 $viewPort = '<meta name="viewport" content="width=device-width, initial-scale=1">';
 // Set response header
 function setHeader($type = "x") {
    header("X-Pi-hole: A black hole for Internet advertisements.");
    if (isset($type) && $type === "js") header("Content-Type: application/javascript");
 }
 // Determine block page type
 if ($serverName === "pi.hole"
    || (!empty($_SERVER["VIRTUAL_HOST"]) && $serverName === $_SERVER["VIRTUAL_HOST"])) {
    // Redirect to Web Interface
    exit(header("Location: /admin"));
 } elseif (filter_var($serverName, FILTER_VALIDATE_IP) || in_array($serverName, $authorizedHosts)) {
    // When directly browsing via IP or authorized hostname
    // Render splash/landing page based off presence of $landPage file
    // Unset variables so as to not be included in $landPage or $splashPage
    unset($svPasswd, $svEmail, $authorizedHosts, $validExtTypes, $currentUrlExt);
    // If $landPage file is present
    if (is_file(getcwd()."/$landPage")) {
        unset($serverName, $viewPort); // unset extra variables not to be included in $landpage
        include $landPage;
        exit();
    }
    // If $landPage file was not present, Set Splash Page output
    $splashPage = <<<EOT
    <!doctype html>
    <html lang='en'>
        <head>
            <meta charset='utf-8'>
            $viewPort
            <title>● $serverName</title>
            <link rel='stylesheet' href='/pihole/blockingpage.css'>
            <link rel='shortcut icon' href='/admin/img/favicons/favicon.ico' type='image/x-icon'>
        </head>
        <body id='splashpage'>
            <div id="pihole_card">
              <img src='/admin/img/logo.svg' alt='Pi-hole logo' id="pihole_logo_splash" />
              <p>Pi-<strong>hole</strong>: Your black hole for Internet advertisements</p>
              <a href='/admin'>Did you mean to go to the admin panel?</a>
            </div>
        </body>
    </html>
 EOT;
    exit($splashPage);
 } elseif ($currentUrlExt === "js") {
    // Serve Pi-hole JavaScript for blocked domains requesting JS
    exit(setHeader("js").'var x = "Pi-hole: A black hole for Internet advertisements."');
 } elseif (strpos($_SERVER["REQUEST_URI"], "?") !== FALSE && isset($_SERVER["HTTP_REFERER"])) {
    // Serve blank image upon receiving REQUEST_URI w/ query string & HTTP_REFERRER
    // e.g: An iframe of a blocked domain
    exit(setHeader().'<!doctype html>
    <html lang="en">
        <head>
            <meta charset="utf-8"><script>window.close();</script>
        </head>
        <body>
            <img src="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=">
        </body>
    </html>');
 } elseif (!in_array($currentUrlExt, $validExtTypes) || substr_count($_SERVER["REQUEST_URI"], "?")) {
    // Serve SVG upon receiving non $validExtTypes URL extension or query string
    // e.g: Not an iframe of a blocked domain, such as when browsing to a file/query directly
    // QoL addition: Allow the SVG to be clicked on in order to quickly show the full Block Page
    $blockImg = '<a href="/">
    <svg xmlns="http://www.w3.org/2000/svg" width="110" height="16">
      <circle cx="8" cy="8" r="7" fill="none" stroke="rgba(152,2,2,.5)" stroke-width="2"/>
      <path fill="rgba(152,2,2,.5)" d="M11.526 3.04l1.414 1.415-8.485 8.485-1.414-1.414z"/>
      <text x="19.3" y="12" opacity=".3" style="font:11px Arial">
        Blocked by Pi-hole
      </text>
    </svg>
    </a>';
    exit(setHeader()."<!doctype html>
    <html lang='en'>
        <head>
            <meta charset='utf-8'>
            $viewPort
        </head>
        <body>$blockImg</body>
    </html>");
 }
 /* Start processing Block Page from here */
 // Define admin email address text based off $svEmail presence
 $bpAskAdmin = !empty($svEmail) ? '<a href="mailto:'.$svEmail.'?subject=Site Blocked: '.$serverName.'"></a>' : "<span/>";
 // Get possible non-standard location of FTL's database
 $FTLsettings = parse_ini_file("/etc/pihole/pihole-FTL.conf");
 if (isset($FTLsettings["GRAVITYDB"])) {
    $gravityDBFile = $FTLsettings["GRAVITYDB"];
 } else {
    $gravityDBFile = "/etc/pihole/gravity.db";
 }
 // Connect to gravity.db
 try {
    $db = new SQLite3($gravityDBFile, SQLITE3_OPEN_READONLY);
 } catch (Exception $exception) {
    die("[ERROR]: Failed to connect to gravity.db");
 }
 // Get all adlist addresses
 $adlistResults = $db->query("SELECT address FROM vw_adlist");
 $adlistsUrls = array();
 while ($row = $adlistResults->fetchArray()) {
    array_push($adlistsUrls, $row[0]);
 }
 if (empty($adlistsUrls))
    die("[ERROR]: There are no adlists enabled");
 // Get total number of blocklists (Including Whitelist, Blacklist & Wildcard lists)
 $adlistsCount = count($adlistsUrls) + 3;
 // Set query timeout
 ini_set("default_socket_timeout", 3);
 // Logic for querying blocklists
 function queryAds($serverName) {
    // Determine the time it takes while querying adlists
    $preQueryTime = microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"];
    $queryAdsURL = sprintf(
        "http://127.0.0.1:%s/admin/scripts/pi-hole/php/queryads.php?domain=%s&bp",
        $_SERVER["SERVER_PORT"],
        $serverName
    );
    $queryAds = file($queryAdsURL, FILE_IGNORE_NEW_LINES);
    $queryAds = array_values(array_filter(preg_replace("/data:\s+/", "", $queryAds)));
    $queryTime = sprintf("%.0f", (microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"]) - $preQueryTime);
    // Exception Handling
    try {
        // Define Exceptions
        if (strpos($queryAds[0], "No exact results") !== FALSE) {
            // Return "none" into $queryAds array
            return array("0" => "none");
        } else if ($queryTime >= ini_get("default_socket_timeout")) {
            // Connection Timeout
            throw new Exception ("Connection timeout (".ini_get("default_socket_timeout")."s)");
        } elseif (!strpos($queryAds[0], ".") !== false) {
            // Unknown $queryAds output
            throw new Exception ("Unhandled error message (<code>$queryAds[0]</code>)");
        }
        return $queryAds;
    } catch (Exception $e) {
        // Return exception as array
        return array("0" => "error", "1" => $e->getMessage());
    }
 }
 // Get results of queryads.php exact search
 $queryAds = queryAds($serverName);
 // Pass error through to Block Page
 if ($queryAds[0] === "error")
    die("[ERROR]: Unable to parse results from <i>queryads.php</i>: <code>".$queryAds[1]."</code>");
 // Count total number of matching blocklists
 $featuredTotal = count($queryAds);
 // Place results into key => value array
 $queryResults = null;
 foreach ($queryAds as $str) {
    $value = explode(" ", $str);
    @$queryResults[$value[0]] .= "$value[1]";
 }
 // Determine if domain has been blacklisted, whitelisted, wildcarded or CNAME blocked
 if (strpos($queryAds[0], "blacklist") !== FALSE) {
    $notableFlagClass = "blacklist";
    $adlistsUrls = array("π" => substr($queryAds[0], 2));
 } elseif (strpos($queryAds[0], "whitelist") !== FALSE) {
    $notableFlagClass = "noblock";
    $adlistsUrls = array("π" => substr($queryAds[0], 2));
    $wlInfo = "recentwl";
 } elseif (strpos($queryAds[0], "wildcard") !== FALSE) {
    $notableFlagClass = "wildcard";
    $adlistsUrls = array("π" => substr($queryAds[0], 2));
 } elseif ($queryAds[0] === "none") {
    $featuredTotal = "0";
    $notableFlagClass = "noblock";
    // QoL addition: Determine appropriate info message if CNAME exists
    // Suggests to the user that $serverName has a CNAME (alias) that may be blocked
    $dnsRecord = dns_get_record("$serverName")[0];
    if (array_key_exists("target", $dnsRecord)) {
        $wlInfo = $dnsRecord['target'];
    } else {
        $wlInfo = "unknown";
    }
 }
 // Set #bpOutput notification
 $wlOutputClass = (isset($wlInfo) && $wlInfo === "recentwl") ? $wlInfo : "hidden";
 $wlOutput = (isset($wlInfo) && $wlInfo !== "recentwl") ? "<a href='http://$wlInfo'>$wlInfo</a>" : "";
 // Get Pi-hole Core version
 $phVersion = exec("cd /etc/.pihole/ && git describe --long --tags");
 // Print $execTime on development branches
 // Testing for - is marginally faster than "git rev-parse --abbrev-ref HEAD"
 if (explode("-", $phVersion)[1] != "0")
  $execTime = microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"];
 // Please Note: Text is added via CSS to allow an admin to provide a localized
 // language without the need to edit this file
 setHeader();
 ?>
 <!doctype html>
 <!-- Pi-hole: A black hole for Internet advertisements
 *  (c) 2017 Pi-hole, LLC (https://pi-hole.net)
 *  Network-wide ad blocking via your own hardware.
 *
 *  This file is copyright under the latest version of the EUPL. -->
 <html>
 <head>
  <meta charset="utf-8">
  <?=$viewPort ?>
  <meta name="robots" content="noindex,nofollow">
  <meta http-equiv="x-dns-prefetch-control" content="off">
  <link rel="stylesheet" href="pihole/blockingpage.css">
  <link rel="shortcut icon" href="admin/img/favicons/favicon.ico" type="image/x-icon">
  <title>● <?=$serverName ?></title>
  <script src="admin/scripts/vendor/jquery.min.js"></script>
  <script>
    window.onload = function () {
      <?php
      // Remove href fallback from "Back to safety" button
      if ($featuredTotal > 0) {
        echo '$("#bpBack").removeAttr("href");';
        // Enable whitelisting if JS is available
        echo '$("#bpWhitelist").prop("disabled", false);';
        // Enable password input if necessary
        if (!empty($svPasswd)) {
          echo '$("#bpWLPassword").attr("placeholder", "Password");';
          echo '$("#bpWLPassword").prop("disabled", false);';
        }
        // Otherwise hide the input
        else {
          echo '$("#bpWLPassword").hide();';
        }
      }
      ?>
    }
  </script>
 </head>
 <body id="blockpage"><div id="bpWrapper">
 <header>
  <h1 id="bpTitle">
    <a class="title" href="/"><?php //Website Blocked ?></a>
  </h1>
  <div class="spc"></div>
  <input id="bpAboutToggle" type="checkbox">
  <div id="bpAbout">
    <div class="aboutPH">
      <div class="aboutImg"></div>
      <p>Open Source Ad Blocker
        <small>Designed for Raspberry Pi</small>
      </p>
    </div>
    <div class="aboutLink">
      <a class="linkPH" href="https://docs.pi-hole.net/"><?php //About PH ?></a>
      <?php if (!empty($svEmail)) echo '<a class="linkEmail" href="mailto:'.$svEmail.'"></a>'; ?>
    </div>
  </div>
  <div id="bpAlt">
    <label class="altBtn" for="bpAboutToggle"><?php //Why am I here? ?></label>
  </div>
 </header>
 <main>
  <div id="bpOutput" class="<?=$wlOutputClass ?>"><?=$wlOutput ?></div>
  <div id="bpBlock">
    <p class="blockMsg"><?=$serverName ?></p>
  </div>
  <?php if(isset($notableFlagClass)) { ?>
    <div id="bpFlag">
        <p class="flagMsg <?=$notableFlagClass ?>"></p>
    </div>
  <?php } ?>
  <div id="bpHelpTxt"><?=$bpAskAdmin ?></div>
  <div id="bpButtons" class="buttons">
    <a id="bpBack" onclick="javascript:history.back()" href="about:home"></a>
    <?php if ($featuredTotal > 0) echo '<label id="bpInfo" for="bpMoreToggle"></label>'; ?>
  </div>
  <input id="bpMoreToggle" type="checkbox">
  <div id="bpMoreInfo">
    <span id="bpFoundIn"><span><?=$featuredTotal ?></span><?=$adlistsCount ?></span>
    <pre id='bpQueryOutput'><?php if ($featuredTotal > 0) foreach ($queryResults as $num => $value) { echo "<span>[$num]:</span>$adlistsUrls[$num]\n"; } ?></pre>
    <form id="bpWLButtons" class="buttons">
      <input id="bpWLDomain" type="text" value="<?=$serverName ?>" disabled>
      <input id="bpWLPassword" type="password" placeholder="JavaScript disabled" disabled>
      <button id="bpWhitelist" type="button" disabled></button>
    </form>
  </div>
 </main>
 <footer><span><?=date("l g:i A, F dS"); ?>.</span> Pi-hole <?=$phVersion ?> (<?=gethostname()."/".$_SERVER["SERVER_ADDR"]; if (isset($execTime)) printf("/%.2fs", $execTime); ?>)</footer>
 </div>
 <script>
  function add() {
    $("#bpOutput").removeClass("hidden error exception");
    $("#bpOutput").addClass("add");
    var domain = "<?=$serverName ?>";
    var pw = $("#bpWLPassword");
    if(domain.length === 0) {
      return;
    }
    $.ajax({
      url: "/admin/scripts/pi-hole/php/add.php",
      method: "post",
      data: {"domain":domain, "list":"white", "pw":pw.val()},
      success: function(response) {
        if(response.indexOf("Pi-hole blocking") !== -1) {
          setTimeout(function(){window.location.reload(1);}, 10000);
          $("#bpOutput").removeClass("add");
          $("#bpOutput").addClass("success");
          $("#bpOutput").html("");
        } else {
          $("#bpOutput").removeClass("add");
          $("#bpOutput").addClass("error");
          $("#bpOutput").html(""+response+"");
        }
      },
      error: function(jqXHR, exception) {
        $("#bpOutput").removeClass("add");
        $("#bpOutput").addClass("exception");
        $("#bpOutput").html("");
      }
    });
  }
  <?php if ($featuredTotal > 0) { ?>
    $(document).keypress(function(e) {
        if(e.which === 13 && $("#bpWLPassword").is(":focus")) {
            add();
        }
    });
    $("#bpWhitelist").on("click", function() {
        add();
    });
  <?php } ?>
 </script>
 </body></html>
--- a/advanced/lighttpd.conf.debian
+++ b/advanced/lighttpd.conf.debian
@@ -1,96 +0,0 @@
 # Pi-hole: A black hole for Internet advertisements
 # (c) 2017 Pi-hole, LLC (https://pi-hole.net)
 # Network-wide ad blocking via your own hardware.
 #
 # Lighttpd config for Pi-hole
 #
 # This file is copyright under the latest version of the EUPL.
 # Please see LICENSE file for your rights under this license.
 ###############################################################################
 #     FILE AUTOMATICALLY OVERWRITTEN BY PI-HOLE INSTALL/UPDATE PROCEDURE.     #
 # ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
 #                                                                             #
 #              CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE:              #
 #                         /etc/lighttpd/external.conf                         #
 ###############################################################################
 server.modules = (
    "mod_access",
    "mod_accesslog",
    "mod_auth",
    "mod_expire",
    "mod_redirect",
    "mod_setenv",
    "mod_rewrite"
 )
 server.document-root        = "/var/www/html"
 server.error-handler-404    = "/pihole/index.php"
 server.upload-dirs          = ( "/var/cache/lighttpd/uploads" )
 server.errorlog             = "/var/log/lighttpd/error.log"
 server.pid-file             = "/run/lighttpd.pid"
 server.username             = "www-data"
 server.groupname            = "www-data"
 server.port                 = 80
 accesslog.filename          = "/var/log/lighttpd/access.log"
 accesslog.format            = "%{%s}t|%V|%r|%s|%b"
 index-file.names            = ( "index.php", "index.html", "index.lighttpd.html" )
 url.access-deny             = ( "~", ".inc", ".md", ".yml", ".ini" )
 static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
 mimetype.assign = (
    ".ico"   => "image/x-icon",
    ".jpeg"  => "image/jpeg",
    ".jpg"   => "image/jpeg",
    ".png"   => "image/png",
    ".svg"   => "image/svg+xml",
    ".css"   => "text/css; charset=utf-8",
    ".html"  => "text/html; charset=utf-8",
    ".js"    => "text/javascript; charset=utf-8",
    ".json"  => "application/json; charset=utf-8",
    ".map"   => "application/json; charset=utf-8",
    ".txt"   => "text/plain; charset=utf-8",
    ".eot"   => "application/vnd.ms-fontobject",
    ".otf"   => "font/otf",
    ".ttc"   => "font/collection",
    ".ttf"   => "font/ttf",
    ".woff"  => "font/woff",
    ".woff2" => "font/woff2"
 )
 # Add user chosen options held in external file
 # This uses include_shell instead of an include wildcard for compatibility
 include_shell "cat external.conf 2>/dev/null"
 # default listening port for IPv6 falls back to the IPv4 port
 include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
 # Prevent Lighttpd from enabling Let's Encrypt SSL for every blocked domain
 #include_shell "/usr/share/lighttpd/include-conf-enabled.pl"
 include_shell "find /etc/lighttpd/conf-enabled -name '*.conf' -a ! -name 'letsencrypt.conf' -printf 'include \"%p\"\n' 2>/dev/null"
 # If the URL starts with /admin, it is the Web interface
 $HTTP["url"] =~ "^/admin/" {
    # Create a response header for debugging using curl -I
    setenv.add-response-header = (
        "X-Pi-hole" => "The Pi-hole Web interface is working!",
        "X-Frame-Options" => "DENY"
    )
 }
 # Block . files from being served, such as .git, .github, .gitignore
 $HTTP["url"] =~ "^/admin/\.(.*)" {
    url.access-deny = ("")
 }
 # allow teleporter iframe on settings page
 $HTTP["url"] =~ "/teleporter\.php$" {
    $HTTP["referer"] =~ "/admin/settings\.php" {
        setenv.add-response-header = ( "X-Frame-Options" => "SAMEORIGIN" )
    }
 }
 # Default expire header
 expire.url = ( "" => "access plus 0 seconds" )
--- a/advanced/lighttpd.conf.fedora
+++ b/advanced/lighttpd.conf.fedora
@@ -1,104 +0,0 @@
 # Pi-hole: A black hole for Internet advertisements
 # (c) 2017 Pi-hole, LLC (https://pi-hole.net)
 # Network-wide ad blocking via your own hardware.
 #
 # Lighttpd config for Pi-hole
 #
 # This file is copyright under the latest version of the EUPL.
 # Please see LICENSE file for your rights under this license.
 ###############################################################################
 #     FILE AUTOMATICALLY OVERWRITTEN BY PI-HOLE INSTALL/UPDATE PROCEDURE.     #
 # ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
 #                                                                             #
 #              CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE:              #
 #                         /etc/lighttpd/external.conf                         #
 ###############################################################################
 server.modules = (
    "mod_access",
    "mod_auth",
    "mod_expire",
    "mod_fastcgi",
    "mod_accesslog",
    "mod_redirect",
    "mod_setenv",
    "mod_rewrite"
 )
 server.document-root        = "/var/www/html"
 server.error-handler-404    = "/pihole/index.php"
 server.upload-dirs          = ( "/var/cache/lighttpd/uploads" )
 server.errorlog             = "/var/log/lighttpd/error.log"
 server.pid-file             = "/run/lighttpd.pid"
 server.username             = "lighttpd"
 server.groupname            = "lighttpd"
 server.port                 = 80
 accesslog.filename          = "/var/log/lighttpd/access.log"
 accesslog.format            = "%{%s}t|%V|%r|%s|%b"
 index-file.names            = ( "index.php", "index.html", "index.lighttpd.html" )
 url.access-deny             = ( "~", ".inc", ".md", ".yml", ".ini" )
 static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
 mimetype.assign = (
    ".ico"   => "image/x-icon",
    ".jpeg"  => "image/jpeg",
    ".jpg"   => "image/jpeg",
    ".png"   => "image/png",
    ".svg"   => "image/svg+xml",
    ".css"   => "text/css; charset=utf-8",
    ".html"  => "text/html; charset=utf-8",
    ".js"    => "text/javascript; charset=utf-8",
    ".json"  => "application/json; charset=utf-8",
    ".map"   => "application/json; charset=utf-8",
    ".txt"   => "text/plain; charset=utf-8",
    ".eot"   => "application/vnd.ms-fontobject",
    ".otf"   => "font/otf",
    ".ttc"   => "font/collection",
    ".ttf"   => "font/ttf",
    ".woff"  => "font/woff",
    ".woff2" => "font/woff2"
 )
 # Add user chosen options held in external file
 # This uses include_shell instead of an include wildcard for compatibility
 include_shell "cat external.conf 2>/dev/null"
 # default listening port for IPv6 falls back to the IPv4 port
 #include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
 #include_shell "/usr/share/lighttpd/create-mime.assign.pl"
 #include_shell "/usr/share/lighttpd/include-conf-enabled.pl"
 fastcgi.server = (
    ".php" => (
        "localhost" => (
            "socket" => "/tmp/php-fastcgi.socket",
            "bin-path" => "/usr/bin/php-cgi"
        )
    )
 )
 # If the URL starts with /admin, it is the Web interface
 $HTTP["url"] =~ "^/admin/" {
    # Create a response header for debugging using curl -I
    setenv.add-response-header = (
        "X-Pi-hole" => "The Pi-hole Web interface is working!",
        "X-Frame-Options" => "DENY"
    )
 }
 # Block . files from being served, such as .git, .github, .gitignore
 $HTTP["url"] =~ "^/admin/\.(.*)" {
    url.access-deny = ("")
 }
 # allow teleporter iframe on settings page
 $HTTP["url"] =~ "/teleporter\.php$" {
    $HTTP["referer"] =~ "/admin/settings\.php" {
        setenv.add-response-header = ( "X-Frame-Options" => "SAMEORIGIN" )
    }
 }
 # Default expire header
 expire.url = ( "" => "access plus 0 seconds" )
--- a/install/basic-install.sh
+++ b/install/basic-install.sh
--- a/install/uninstall.sh
+++ b/install/uninstall.sh
@@ -11,10 +11,9 @@
 source "/opt/pihole/COL_TABLE"
 while true; do
-    read -rp "  ${QST} Are you sure you would like to remove ${COL_WHITE}Pi-hole${COL_NC}? [y/N] " yn
+    read -rp "  ${QST} Are you sure you would like to remove ${COL_WHITE}Pi-hole${COL_NC}? [y/N] " answer
-    case ${yn} in
+    case ${answer} in
        [Yy]* ) break;;
        [Nn]* ) echo -e "${OVER}  ${COL_LIGHT_GREEN}Uninstall has been canceled${COL_NC}"; exit 0;;
        * ) echo -e "${OVER}  ${COL_LIGHT_GREEN}Uninstall has been canceled${COL_NC}"; exit 0;;
    esac
 done
@@ -37,74 +36,27 @@ else
 fi
 readonly PI_HOLE_FILES_DIR="/etc/.pihole"
-PH_TEST="true"
+SKIP_INSTALL="true"
 source "${PI_HOLE_FILES_DIR}/automated install/basic-install.sh"
 # setupVars set in basic-install.sh
 source "${setupVars}"
 # package_manager_detect() sourced from basic-install.sh
 package_manager_detect
 # Install packages used by the Pi-hole
 DEPS=("${INSTALLER_DEPS[@]}" "${PIHOLE_DEPS[@]}")
 if [[ "${INSTALL_WEB_SERVER}" == true ]]; then
    # Install the Web dependencies
    DEPS+=("${PIHOLE_WEB_DEPS[@]}")
 fi
-# Compatibility
+removeMetaPackage() {
-if [ -x "$(command -v apt-get)" ]; then
+    # Purge Pi-hole meta package
    # Debian Family
    PKG_REMOVE=("${PKG_MANAGER}" -y remove --purge)
    package_check() {
        dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed"
    }
 elif [ -x "$(command -v rpm)" ]; then
    # Fedora Family
    PKG_REMOVE=("${PKG_MANAGER}" remove -y)
    package_check() {
        rpm -qa | grep "^$1-" > /dev/null
    }
 else
    echo -e "  ${CROSS} OS distribution not supported"
    exit 1
 fi
 removeAndPurge() {
    # Purge dependencies
    echo ""
-    for i in "${DEPS[@]}"; do
+    echo -ne "  ${INFO} Removing Pi-hole meta package...";
-        if package_check "${i}" > /dev/null; then
+    eval "${SUDO}" "${PKG_REMOVE}" "pihole-meta" &> /dev/null;
-            while true; do
+    echo -e "${OVER}  ${INFO} Removed Pi-hole meta package";
                read -rp "  ${QST} Do you wish to remove ${COL_WHITE}${i}${COL_NC} from your system? [Y/N] " yn
                case ${yn} in
                    [Yy]* )
                        echo -ne "  ${INFO} Removing ${i}...";
                        ${SUDO} "${PKG_REMOVE[@]}" "${i}" &> /dev/null;
                        echo -e "${OVER}  ${INFO} Removed ${i}";
                        break;;
                    [Nn]* ) echo -e "  ${INFO} Skipped ${i}"; break;;
                esac
            done
        else
            echo -e "  ${INFO} Package ${i} not installed"
        fi
    done
    # Remove dnsmasq config files
    ${SUDO} rm -f /etc/dnsmasq.conf /etc/dnsmasq.conf.orig /etc/dnsmasq.d/*-pihole*.conf &> /dev/null
    echo -e "  ${TICK} Removing dnsmasq config files"
    # Call removeNoPurge to remove Pi-hole specific files
    removeNoPurge
 }
-removeNoPurge() {
+removePiholeFiles() {
    # Only web directories/files that are created by Pi-hole should be removed
    echo -ne "  ${INFO} Removing Web Interface..."
    ${SUDO} rm -rf /var/www/html/admin &> /dev/null
-    ${SUDO} rm -rf /var/www/html/pihole &> /dev/null
+
    ${SUDO} rm -f /var/www/html/index.lighttpd.orig &> /dev/null
    # If the web directory is empty after removing these files, then the parent html directory can be removed.
    if [ -d "/var/www/html" ]; then
@@ -131,22 +83,8 @@ removeNoPurge() {
        echo -e "  ${TICK} Removed /etc/cron.d/pihole"
    fi
    if package_check lighttpd > /dev/null; then
        if [[ -f /etc/lighttpd/lighttpd.conf.orig ]]; then
            ${SUDO} mv /etc/lighttpd/lighttpd.conf.orig /etc/lighttpd/lighttpd.conf
        fi
        if [[ -f /etc/lighttpd/external.conf ]]; then
            ${SUDO} rm /etc/lighttpd/external.conf
        fi
        echo -e "  ${TICK} Removed lighttpd configs"
    fi
    ${SUDO} rm -f /etc/dnsmasq.d/adList.conf &> /dev/null
    ${SUDO} rm -f /etc/dnsmasq.d/01-pihole.conf &> /dev/null
    ${SUDO} rm -f /etc/dnsmasq.d/06-rfc6761.conf &> /dev/null
    ${SUDO} rm -rf /var/log/*pihole* &> /dev/null
    ${SUDO} rm -rf /var/log/pihole/*pihole* &> /dev/null
    ${SUDO} rm -rf /etc/pihole/ &> /dev/null
    ${SUDO} rm -rf /etc/.pihole/ &> /dev/null
    ${SUDO} rm -rf /opt/pihole/ &> /dev/null
@@ -169,6 +107,18 @@ removeNoPurge() {
        else
            service pihole-FTL stop
        fi
        ${SUDO} rm -f /etc/systemd/system/pihole-FTL.service
        if [[ -d '/etc/systemd/system/pihole-FTL.service.d' ]]; then
            read -rp "  ${QST} FTL service override directory /etc/systemd/system/pihole-FTL.service.d detected. Do you wish to remove this from your system? [y/N] " answer
            case $answer in
                [yY]*)
                    echo -ne "  ${INFO} Removing /etc/systemd/system/pihole-FTL.service.d..."
                    ${SUDO} rm -R /etc/systemd/system/pihole-FTL.service.d
                    echo -e "${OVER}  ${INFO} Removed /etc/systemd/system/pihole-FTL.service.d"
                ;;
                *) echo -e "  ${INFO} Leaving /etc/systemd/system/pihole-FTL.service.d in place.";;
            esac
        fi
        ${SUDO} rm -f /etc/init.d/pihole-FTL
        ${SUDO} rm -f /usr/bin/pihole-FTL
        echo -e "${OVER}  ${TICK} Removed pihole-FTL"
@@ -202,23 +152,11 @@ removeNoPurge() {
       If you need help, reach out to us on GitHub, Discourse, Reddit or Twitter
       Reinstall at any time: ${COL_WHITE}curl -sSL https://install.pi-hole.net | bash${COL_NC}
-      ${COL_LIGHT_RED}Please reset the DNS on your router/clients to restore internet connectivity
+      ${COL_LIGHT_RED}Please reset the DNS on your router/clients to restore internet connectivity${COL_NC}
      ${INFO} Pi-hole's meta package has been removed, use the 'autoremove' function from your package manager to remove unused dependencies${COL_NC}
      ${COL_LIGHT_GREEN}Uninstallation Complete! ${COL_NC}"
 }
 ######### SCRIPT ###########
-echo -e "  ${INFO} Be sure to confirm if any dependencies should not be removed"
+removeMetaPackage
-while true; do
+removePiholeFiles
    echo -e "  ${INFO} ${COL_YELLOW}The following dependencies may have been added by the Pi-hole install:"
    echo -n "    "
    for i in "${DEPS[@]}"; do
        echo -n "${i} "
    done
    echo "${COL_NC}"
    read -rp "  ${QST} Do you wish to go through each dependency for removal? (Choosing No will leave all dependencies installed) [Y/n] " yn
    case ${yn} in
        [Yy]* ) removeAndPurge; break;;
        [Nn]* ) removeNoPurge; break;;
        * ) removeAndPurge; break;;
    esac
 done
--- a/gravity.sh
+++ b/gravity.sh
--- a/manpages/pihole-FTL.8
+++ b/manpages/pihole-FTL.8
@@ -1,152 +0,0 @@
 .TH "Pihole-FTL" "8" "pihole-FTL" "Pi-hole" "November 2020"
 .SH "NAME"
 pihole-FTL - Pi-hole : The Faster-Than-Light (FTL) Engine
 .br
 .SH "SYNOPSIS"
 \fBservice pihole-FTL \fR(\fBstart\fR|\fBstop\fR|\fBrestart\fR)
 .br
 \fBpihole-FTL debug\fR
 .br
 \fBpihole-FTL test\fR
 .br
 \fBpihole-FTL -v|-vv\fR
 .br
 \fBpihole-FTL -t\fR
 .br
 \fBpihole-FTL -b\fR
 .br
 \fBpihole-FTL -f\fR
 .br
 \fBpihole-FTL -h\fR
 .br
 \fBpihole-FTL dnsmasq-test\fR
 .br
 \fBpihole-FTL regex-test str\fR
 .br
 \fBpihole-FTL regex-test str rgx\fR
 .br
 \fBpihole-FTL lua\fR
 .br
 \fBpihole-FTL luac\fR
 .br
 \fBpihole-FTL dhcp-discover\fR
 .br
 \fBpihole-FTL --\fR (\fBoptions\fR)
 .br
 .SH "DESCRIPTION"
 Pi-hole : The Faster-Than-Light (FTL) Engine is a lightweight, purpose-built daemon used to provide statistics needed for the Pi-hole Web Interface, and its API can be easily integrated into your own projects. Although it is an optional component of the Pi-hole ecosystem, it will be installed by default to provide statistics. As the name implies, FTL does its work \fIvery\fR \fIquickly\fR!
 .br
 Usage
 .br
 \fBservice pihole-FTL start\fR
 .br
    Start the pihole-FTL daemon
 .br
 \fBservice pihole-FTL stop\fR
 .br
    Stop the pihole-FTL daemon
 .br
 \fBservice pihole-FTL restart\fR
 .br
    If the pihole-FTP daemon is running, stop and then start, otherwise start.
 .br
 Command line arguments
 .br
 \fBdebug\fR
 .br
    Don't go into daemon mode (stay in foreground) + more verbose logging
 .br
 \fBtest\fR
 .br
    Start FTL and process everything, but shut down immediately afterwards
 .br
 \fB-v, version\fR
 .br
    Don't start FTL, show only version
 .br
 \fB-vv\fR
 .br
    Don't start FTL, show verbose version information of embedded applications
 .br
 \fB-t, tag\fR
 .br
    Don't start FTL, show only git tag
 .br
 \fB-b, branch\fR
 .br
    Don't start FTL, show only git branch FTL was compiled from
 .br
 \fB-f, no-daemon\fR
 .br
    Don't go into background (daemon mode)
 .br
 \fB-h, help\fR
 .br
    Don't start FTL, show help
 .br
 \fBdnsmasq-test\fR
 .br
    Test resolver config file syntax
 .br
 \fBregex-test str\fR
 .br
    Test str against all regular expressions in the database
 .br
 \fBregex-test str rgx\fR
 .br
    Test str against regular expression given by rgx
 .br
 \fBlua\fR
 .br
    Start the embedded Lua interpreter
 .br
 \fBluac\fR
 .br
    Execute the embedded Lua compiler
 .br
 \fBdhcp-discover\fR
 .br
    Discover DHCP servers in the local network
 .br
 \fB--\fR  (options)
 .br
    Pass options to internal dnsmasq resolver
 .br
 .SH "EXAMPLE"
 Command line arguments can be arbitrarily combined, e.g:
 .br
 \fBpihole-FTL debug test\fR
 .br
 Start ftl in foreground with more verbose logging, process everything and shutdown immediately
 .br
 .SH "SEE ALSO"
 \fBpihole\fR(8), \fBpihole-FTL.conf\fR(5)
 .br
 .SH "COLOPHON"
 Get sucked into the latest news and community activity by entering Pi-hole's orbit. Information about Pi-hole, and the latest version of the software can be found at https://pi-hole.net
 .br
--- a/manpages/pihole-FTL.conf.5
+++ b/manpages/pihole-FTL.conf.5
@@ -1,313 +0,0 @@
 .TH "pihole-FTL.conf" "5" "pihole-FTL.conf" "pihole-FTL.conf" "November 2020"
 .SH "NAME"
 pihole-FTL.conf - FTL's config file
 .br
 .SH "DESCRIPTION"
 /etc/pihole/pihole-FTL.conf will be read by \fBpihole-FTL(8)\fR on startup.
 .br
 For each setting the option shown first is the default.
 .br
 \fBBLOCKINGMODE=IP|IP-AAAA-NODATA|NODATA|NXDOMAIN|NULL\fR
 .br
    How should FTL reply to blocked queries?
    IP             - Pi-hole's IPs for blocked domains
    IP-AAAA-NODATA - Pi-hole's IP + NODATA-IPv6 for blocked domains
    NODATA         - Using NODATA for blocked domains
    NXDOMAIN       - NXDOMAIN for blocked domains
    NULL           - Null IPs for blocked domains
 .br
 \fBCNAME_DEEP_INSPECT=true|false\fR
 .br
    Use this option to disable deep CNAME inspection. This might be beneficial for very low-end devices.
 .br
 \fBBLOCK_ESNI=true|false\fR
 .br
    Block requests to _esni.* sub-domains.
 .br
 \fBMAXLOGAGE=24.0\fR
 .br
    Up to how many hours of queries should be imported from the database and logs?
 .br
    Maximum is 744 (31 days)
 .br
 \fBPRIVACYLEVEL=0|1|2|3|4\fR
 .br
    Privacy level used to collect Pi-hole statistics.
 .br
    0 - show everything
 .br
    1 - hide domains
 .br
    2 - hide domains and clients
 .br
    3 - anonymous mode (hide everything)
 .br
    4 - disable all statistics
 .br
 \fBIGNORE_LOCALHOST=no|yes\fR
 .br
    Should FTL ignore queries coming from the local machine?
 .br
 \fBAAAA_QUERY_ANALYSIS=yes|no\fR
 .br
    Should FTL analyze AAAA queries?
 .br
 \fBANALYZE_ONLY_A_AND_AAAA=false|true\fR
 .br
    Should FTL only analyze A and AAAA queries?
 .br
 \fBSOCKET_LISTENING=localonly|all\fR
 .br
    Listen only for local socket connections on the API port or permit all connections.
 .br
 \fBFTLPORT=4711\fR
 .br
    On which port should FTL be listening?
 .br
 \fBRESOLVE_IPV6=yes|no\fR
 .br
    Should FTL try to resolve IPv6 addresses to hostnames?
 .br
 \fBRESOLVE_IPV4=yes|no\fR
 .br
    Should FTL try to resolve IPv4 addresses to hostnames?
 .br
 \fBDELAY_STARTUP=0\fR
 .br
    Time in seconds (between 0 and 300) to delay FTL startup.
 .br
 \fBNICE=-10\fR
 .br
    Set the niceness of the Pi-hole FTL process.
 .br
    Can be disabled altogether by setting a value of -999.
 .br
 \fBNAMES_FROM_NETDB=true|false\fR
 .br
    Control whether FTL should use a fallback option and try to obtain client names from checking the network table.
 .br
    E.g. IPv6 clients without a hostname will be compared via MAC address to known clients.
 .br
 \fB\fBREFRESH_HOSTNAMES=IPV4|ALL|NONE\fR
 .br
    Change how (and if) hourly PTR requests are made to check for changes in client and upstream server hostnames:
 .br
    IPV4 - Do the hourly PTR lookups only for IPv4 addresses resolving issues in networks with many short-lived PE IPv6 addresses.
 .br
    ALL  - Do the hourly PTR lookups for all addresses. This can create a lot of PTR queries in networks with many IPv6 addresses.
 .br
    NONE - Don't do hourly PTR lookups. Look up hostnames once (when first seeing a client) and never again. Future hostname changes may be missed.
 .br
 \fBMAXNETAGE=365\fR
 .br
    IP addresses (and associated host names) older than the specified number of days are removed.
 .br
    This avoids dead entries in the network overview table.
 .br
 \fBEDNS0_ECS=true|false\fR
 .br
    Should we overwrite the query source when client information is provided through EDNS0 client subnet (ECS) information?
 .br
 \fBPARSE_ARP_CACHE=true|false\fR
 .br
    Parse ARP cache to fill network overview table.
 .br
 \fBDBIMPORT=yes|no\fR
 .br
    Should FTL load information from the database on startup to be aware of the most recent history?
 .br
 \fBMAXDBDAYS=365\fR
 .br
    How long should queries be stored in the database? Setting this to 0 disables the database
 .br
 \fBDBINTERVAL=1.0\fR
 .br
    How often do we store queries in FTL's database [minutes]?
 .br
    Accepts value between 0.1 (6 sec) and 1440 (1 day)
 .br
 \fBDBFILE=/etc/pihole/pihole-FTL.db\fR
 .br
    Specify path and filename of FTL's SQLite long-term database.
 .br
    Setting this to DBFILE= disables the database altogether
 .br
 \fBLOGFILE=/var/log/pihole-FTL.log\fR
 .br
    The location of FTL's log file.
 .br
 \fBPIDFILE=/run/pihole-FTL.pid\fR
 .br
    The file which contains the PID of FTL's main process.
 .br
 \fBPORTFILE=/run/pihole-FTL.port\fR
 .br
    Specify path and filename where the FTL process will write its API port number.
 .br
 \fBSOCKETFILE=/run/pihole/FTL.sock\fR
 .br
    The file containing the socket FTL's API is listening on.
 .br
 \fBSETUPVARSFILE=/etc/pihole/setupVars.conf\fR
 .br
    The config file of Pi-hole containing, e.g., the current blocking status (do not change).
 .br
 \fBMACVENDORDB=/etc/pihole/macvendor.db\fR
 .br
    The database containing MAC -> Vendor information for the network table.
 .br
 \fBGRAVITYDB=/etc/pihole/gravity.db\fR
 .br
    Specify path and filename of FTL's SQLite3 gravity database. This database contains all domains relevant for Pi-hole's DNS blocking.
 .br
 \fBDEBUG_ALL=false|true\fR
 .br
    Enable all debug flags. If this is set to true, all other debug config options are ignored.
 .br
 \fBDEBUG_DATABASE=false|true\fR
 .br
    Print debugging information about database actions such as SQL statements and performance.
 .br
 \fBDEBUG_NETWORKING=false|true\fR
 .br
    Prints a list of the detected network interfaces on the startup of FTL.
 .br
 \fBDEBUG_LOCKS=false|true\fR
 .br
    Print information about shared memory locks.
 .br
    Messages will be generated when waiting, obtaining, and releasing a lock.
 .br
 \fBDEBUG_QUERIES=false|true\fR
 .br
    Print extensive DNS query information (domains, types, replies, etc.).
 .br
 \fBDEBUG_FLAGS=false|true\fR
 .br
    Print flags of queries received by the DNS hooks.
 .br
    Only effective when \fBDEBUG_QUERIES\fR is enabled as well.
 \fBDEBUG_SHMEM=false|true\fR
 .br
    Print information about shared memory buffers.
 .br
    Messages are either about creating or enlarging shmem objects or string injections.
 .br
 \fBDEBUG_GC=false|true\fR
 .br
    Print information about garbage collection (GC):
 .br
    What is to be removed, how many have been removed and how long did GC take.
 .br
 \fBDEBUG_ARP=false|true\fR
 .br
    Print information about ARP table processing:
 .br
    How long did parsing take, whether read MAC addresses are valid, and if the macvendor.db file exists.
 .br
 \fBDEBUG_REGEX=false|true\fR
 .br
    Controls if FTL should print extended details about regex matching.
 .br
 \fBDEBUG_API=false|true\fR
 .br
    Print extra debugging information during telnet API calls.
 .br
    Currently only used to send extra information when getting all queries.
 .br
 \fBDEBUG_OVERTIME=false|true\fR
 .br
    Print information about overTime memory operations, such as initializing or moving overTime slots.
 .br
 \fBDEBUG_EXTBLOCKED=false|true\fR
 .br
    Print information about why FTL decided that certain queries were recognized as being externally blocked.
 .br
 \fBDEBUG_CAPS=false|true\fR
 .br
    Print information about POSIX capabilities granted to the FTL process.
 .br
    The current capabilities are printed on receipt of SIGHUP i.e. after executing `killall -HUP pihole-FTL`.
 .br
 \fBDEBUG_DNSMASQ_LINES=false|true\fR
 .br
    Print file and line causing a dnsmasq event into FTL's log files.
 .br
    This is handy to implement additional hooks missing from FTL.
 .br
 \fBDEBUG_VECTORS=false|true\fR
 .br
    FTL uses dynamically allocated vectors for various tasks.
 .br
    This config option enables extensive debugging information such as information about allocation, referencing, deletion, and appending.
 .br
 \fBDEBUG_RESOLVER=false|true\fR
 .br
    Extensive information about hostname resolution like which DNS servers are used in the first and second hostname resolving tries.
 .br
 .SH "SEE ALSO"
 \fBpihole\fR(8), \fBpihole-FTL\fR(8)
 .br
 .SH "COLOPHON"
 Pi-hole : The Faster-Than-Light (FTL) Engine is a lightweight, purpose-built daemon used to provide statistics needed for the Pi-hole Web Interface, and its API can be easily integrated into your own projects. Although it is an optional component of the Pi-hole ecosystem, it will be installed by default to provide statistics. As the name implies, FTL does its work \fIvery quickly\fR!
 .br
 Get sucked into the latest news and community activity by entering Pi-hole's orbit. Information about Pi-hole, and the latest version of the software can be found at https://pi-hole.net
 .br
--- a/manpages/pihole.8
+++ b/manpages/pihole.8
@@ -5,29 +5,23 @@ Pi-hole : A black-hole for internet advertisements
 .br
 .SH "SYNOPSIS"
-\fBpihole\fR (\fB-w\fR|\fB-b\fR|\fB--wild\fR|\fB--regex\fR) [options] domain(s)
+\fBpihole\fR (\fB-allow\fR|\fB-deny\fR) [options] domain(s)
 .br
-\fBpihole -a\fR \fB-p\fR password
+\fBpihole\fR (\fB--allow-regex\fR|\fB--regex\fR) [options] domain(s)
 .br
-\fBpihole -a\fR (\fB-c|-f|-k\fR)
+\fBpihole\fR (\fB--allow-wild\fR|\fB--wild\fR) [options] domain(s)
 .br
-\fBpihole -a -e\fR email
+\fBpihole setpassword\fR password
 .br
-\fBpihole -a -i\fR interface
+\fBpihole\fR \fB-d\fR [-a] [-c]
 .br
 \fBpihole -a -l\fR privacylevel
 .br
 \fBpihole -c\fR [-j|-r|-e]
 .br
 \fBpihole\fR \fB-d\fR [-a]
 .br
 \fBpihole -f
 .br
 pihole -r
 .br
-pihole -t
+\fBpihole\fR \fB-t\fR [arg]
 .br
-pihole -g\fR
+\fBpihole -g\fR
 .br
 \fBpihole\fR -\fBq\fR [options]
 .br
@@ -35,18 +29,22 @@ pihole -g\fR
 .br
 \fBpihole -up \fR[--check-only]
 .br
-\fBpihole -v\fR [-p|-a|-f] [-c|-l|-hash]
+\fBpihole -v\fR
 .br
-\fBpihole uninstall
+\fBpihole uninstall\fR
 .br
-pihole status
+\fBpihole status\fR
 .br
-pihole restartdns\fR [options]
+\fBpihole reloaddns\fR
 .br
 \fBpihole reloadlists\fR
 .br
 \fBpihole\fR (\fBenable\fR|\fBdisable\fR [time])
 .br
 \fBpihole\fR \fBcheckout\fR repo [branch]
 .br
 \fBpihole\fR \api\fR endpoint
 .br
 \fBpihole\fR \fBhelp\fR
 .br
 .SH "DESCRIPTION"
@@ -54,47 +52,43 @@ pihole restartdns\fR [options]
 Available commands and options:
 .br
-\fB-w, whitelist\fR [options] [<domain1> <domain2 ...>]
+\fBallow, allowlist\fR [options] [<domain1> <domain2 ...>]
 .br
-    Adds or removes specified domain or domains to the Whitelist
+    Adds or removes specified domain or domains to the Allowlist
 .br
-\fB-b, blacklist\fR [options] [<domain1> <domain2 ...>]
+\fBdeny, denylist\fR [options] [<domain1> <domain2 ...>]
 .br
-    Adds or removes specified domain or domains to the blacklist
+    Adds or removes specified domain or domains to the denylist
 .br
 \fB--regex, regex\fR [options] [<regex1> <regex2 ...>]
 .br
-    Add or removes specified regex filter to the regex blacklist
+    Add or removes specified regex filter to the regex denylist
 .br
-\fB--white-regex\fR [options] [<regex1> <regex2 ...>]
+\fB--allow-regex\fR [options] [<regex1> <regex2 ...>]
 .br
-    Add or removes specified regex filter to the regex whitelist
+    Add or removes specified regex filter to the regex allowlist
 .br
 \fB--wild, wildcard\fR [options] [<domain1> <domain2 ...>]
 .br
-    Add or removes specified domain to the wildcard blacklist
+    Add or removes specified domain to the wildcard denylist
 .br
-\fB--white-wild\fR [options] [<domain1> <domain2 ...>]
+\fB--allow-wild\fR [options] [<domain1> <domain2 ...>]
 .br
-    Add or removes specified domain to the wildcard whitelist
+    Add or removes specified domain to the wildcard allowlist
 .br
-    (Whitelist/Blacklist manipulation options):
+    (Allow-/denylist manipulation options):
 .br
-      -d, --delmode     Remove domain(s) from the list
+      not, -d, --delmode  Remove domain(s) from the list
 .br
-      -nr, --noreload   Update list without refreshing dnsmasq
+      -q, --quiet         Make output less verbose
 .br
-      -q, --quiet       Make output less verbose
+      -l, --list          Display all your listed domains
 .br
      -l, --list        Display all your listed domains
 .br
      --nuke            Removes all entries in a list
 .br
 \fB-d, debug\fR [-a]
@@ -103,6 +97,7 @@ Available commands and options:
 .br
      -a                Enable automated debugging
      -c                Include a Pi-hole database integrity check
 .br
 \fB-f, flush\fR
@@ -115,45 +110,13 @@ Available commands and options:
    Reconfigure or Repair Pi-hole subsystems
 .br
-\fB-t, tail\fR
+\fB-t, tail\fR [arg]
 .br
    View the live output of the Pi-hole log
 .br
-\fB-a, admin\fR [options]
+      [arg]             Optional argument to filter the log for
-.br
+                        (regular expressions are supported)
    (Admin options):
 .br
      -p, password      Set Web Interface password
 .br
      -c, celsius       Set Celsius as preferred temperature unit
 .br
      -f, fahrenheit    Set Fahrenheit as preferred temperature unit
 .br
      -k, kelvin        Set Kelvin as preferred temperature unit
 .br
      -e, email         Set an administrative contact address for the
                        Block Page
 .br
      -i, interface     Specify dnsmasq's interface listening behavior
 .br
      -l, privacylevel  <level> Set privacy level
                        (0 = lowest, 3 = highest)
 .br
 \fB-c, chronometer\fR	[options]
 .br
    Calculates stats and displays to an LCD
 .br
    (Chronometer Options):
 .br
      -j, --json        Output stats as JSON formatted string
 .br
      -r, --refresh     Set update frequency (in seconds)
 .br
      -e, --exit        Output stats and exit without refreshing
 .br
 \fB-g, updateGravity\fR
@@ -168,11 +131,9 @@ Available commands and options:
    (Query options):
 .br
-      -adlist           Print the name of the block list URL
+      -partial          Search the adlists for partially matching domains
 .br
-      -exact            Search the block lists for exact domain matches
+      -all              Return all query matches within a adlists
 .br
      -all              Return all query matches within a block list
 .br
 \fB-h, --help, help\fR
@@ -185,14 +146,14 @@ Available commands and options:
    Specify whether the Pi-hole log should be used
 .br
-	(Logging options):
+    (Logging options):
 .br
-      on                Enable the Pi-hole log at /var/log/pihole.log
+      on                Enable the Pi-hole log at /var/log/pihole/pihole.log
 .br
      off               Disable and flush the Pi-hole log at
-                        /var/log/pihole.log
+                        /var/log/pihole/pihole.log
 .br
-      off noflush       Disable the Pi-hole log at /var/log/pihole.log
+      off noflush       Disable the Pi-hole log at /var/log/pihole/pihole.log
 .br
 \fB-up, updatePihole\fR [--check-only]
@@ -203,29 +164,14 @@ Available commands and options:
      --check-only      Exit script before update is performed.
 .br
-\fB-v, version\fR [repo] [options]
+\fB-v, version\fR
 .br
    Show installed versions of Pi-hole, Web Interface &amp; FTL
 .br
 \fBsetpassword\fR
 .br
-    (repo options):
+    Set Web Interface password
 .br
      -p, --pihole      Only retrieve info regarding Pi-hole repository
 .br
      -a, --admin       Only retrieve info regarding AdminLTE
                        repository
 .br
      -f, --ftl         Only retrieve info regarding FTL repository
 .br
    (version options):
 .br
      -c, --current     Return the current version
 .br
      -l, --latest      Return the latest version
 .br
      --hash            Return the GitHub hash from your local
                        repositories
 .br
 \fBuninstall\fR
@@ -238,14 +184,14 @@ Available commands and options:
    Display the running status of Pi-hole subsystems
 .br
-\fBenable\fR
+\fBenable\fR [time]
 .br
-    Enable Pi-hole subsystems
+    Enable Pi-hole blocking, optionally for a set duration
 .br
 \fBdisable\fR [time]
 .br
-    Disable Pi-hole subsystems, optionally for a set duration
+    Disable Pi-hole blocking, optionally for a set duration
 .br
    (time options):
@@ -255,16 +201,14 @@ Available commands and options:
      #m                Disable Pi-hole functionality for # minute(s)
 .br
-\fBrestartdns\fR [options]
+\fBreloaddns\fR
 .br
-    Full restart Pi-hole subsystems. Without any options (see below) a full restart causes config file parsing and history re-reading
+    Update the lists and flush the cache without restarting the DNS server
 .br
-    (restart options):
+\fBreloadlists\fR
 .br
-      reload            Updates the lists (incl. HOSTS files) and flushes DNS cache. Does not reparse config files
+    Update the lists WITHOUT flushing the cache or restarting the DNS server
 .br
      reload-lists      Updates the lists (excl. HOSTS files) WITHOUT flushing the DNS cache. Does not reparse config files
 .br
 \fBcheckout\fR [repo] [branch]
@@ -289,22 +233,27 @@ Available commands and options:
 .br
      branchname        Update subsystems to the specified branchname
 .br
 \fBapi\fR endpoint
 .br
    Query the Pi-hole API at <endpoint>
 .br
 .SH "EXAMPLE"
 Some usage examples
 .br
-Whitelist/blacklist manipulation
+Allow-/denylist manipulation
 .br
-\fBpihole -w iloveads.example.com\fR
+\fBpihole allow iloveads.example.com\fR
 .br
-    Adds "iloveads.example.com" to whitelist
+    Allow "iloveads.example.com"
 .br
-\fBpihole -b -d noads.example.com\fR
+\fBpihole deny remove noads.example.com\fR
 .br
-    Removes "noads.example.com" from blacklist
+    Removes "noads.example.com" from denylist
 .br
 \fBpihole --wild example.com\fR
@@ -322,7 +271,7 @@ Whitelist/blacklist manipulation
 Changing the Web Interface password
 .br
-\fBpihole -a -p ExamplePassword\fR
+\fBpihole setpassword ExamplePassword\fR
 .br
    Change the password to "ExamplePassword"
 .br
@@ -338,9 +287,9 @@ Updating lists from internet sources
 Displaying version information
 .br
-\fBpihole -v -a -c\fR
+\fBpihole -v\fR
 .br
-    Display the current version of AdminLTE
+    Display the current version of Pi-hole
 .br
 Temporarily disabling Pi-hole
@@ -369,10 +318,11 @@ Switching Pi-hole subsystem branches
    Flush information stored in Pi-hole's network tables
 .br
-.SH "SEE ALSO"
+\fBpihole api stats/summary\fR
 \fBlighttpd\fR(8), \fBpihole-FTL\fR(8)
 .br
    Queries FTL for the stats/summary endpoint
 .br
 .SH "COLOPHON"
 Get sucked into the latest news and community activity by entering Pi-hole's orbit. Information about Pi-hole, and the latest version of the software can be found at https://pi-hole.net.
--- a/551
+++ b/551
@@ -11,20 +11,59 @@
 readonly PI_HOLE_SCRIPT_DIR="/opt/pihole"
-# setupVars and PI_HOLE_BIN_DIR are not readonly here because in some functions (checkout),
+# PI_HOLE_BIN_DIR is not readonly here because in some functions (checkout),
 # they might get set again when the installer is sourced. This causes an
 # error due to modifying a readonly variable.
 setupVars="/etc/pihole/setupVars.conf"
 PI_HOLE_BIN_DIR="/usr/local/bin"
 readonly FTL_PID_FILE="/run/pihole-FTL.pid"
 readonly colfile="${PI_HOLE_SCRIPT_DIR}/COL_TABLE"
 source "${colfile}"
-webpageFunc() {
+readonly utilsfile="${PI_HOLE_SCRIPT_DIR}/utils.sh"
-  source "${PI_HOLE_SCRIPT_DIR}/webpage.sh"
+source "${utilsfile}"
-  main "$@"
+
-  exit 0
+# Source api functions
 readonly apifile="${PI_HOLE_SCRIPT_DIR}/api.sh"
 source "${apifile}"
 versionsfile="/etc/pihole/versions"
 if [ -f "${versionsfile}" ]; then
    # Only source versionsfile if the file exits
    # fixes a warning during installation where versionsfile does not exist yet
    # but gravity calls `pihole -status` and thereby sourcing the file
    source "${versionsfile}"
 fi
 # TODO: We can probably remove the reliance on this function too, just tell people to pihole-FTL --config webserver.api.password "password"
 SetWebPassword() {
    if [ -n "$2" ] ; then
        readonly PASSWORD="$2"
        readonly CONFIRM="${PASSWORD}"
    else
        # Prevents a bug if the user presses Ctrl+C and it continues to hide the text typed.
        # So we reset the terminal via stty if the user does press Ctrl+C
        trap '{ echo -e "\nNot changed" ; stty sane ; exit 1; }' INT
        read -s -r -p "Enter New Password (Blank for no password): " PASSWORD
        echo ""
        if [ "${PASSWORD}" == "" ]; then
            setFTLConfigValue "webserver.api.password" ""
            echo -e "  ${TICK} Password Removed"
            exit 0
        fi
        read -s -r -p "Confirm Password: " CONFIRM
        echo ""
    fi
    if [ "${PASSWORD}" == "${CONFIRM}" ] ; then
        # pihole-FTL will automatically hash the password
        setFTLConfigValue "webserver.api.password" "${PASSWORD}"
        echo -e "  ${TICK} New password set"
    else
        echo -e "  ${CROSS} Passwords don't match. Your password has not been changed"
        exit 1
    fi
 }
 listFunc() {
@@ -33,19 +72,20 @@ listFunc() {
 }
 debugFunc() {
-  local automated
+    local automated
-  local web
+    local web
    local check_database_integrity
    # Pull off the `debug` leaving passed call augmentation flags in $1
    shift
-  # Pull off the `debug` leaving passed call augmentation flags in $1
+    for value in "$@"; do
-  shift
+        [[ "$value"  == *"-a"* ]] && automated="true"
-  if [[ "$@" == *"-a"* ]]; then
+        [[ "$value"  == *"-w"* ]] && web="true"
-    automated="true"
+        [[ "$value"  == *"-c"* ]] && check_database_integrity="true"
-  fi
+        [[ "$value" == *"--check_database"* ]] && check_database_integrity="true"
-  if [[ "$@" == *"-w"* ]]; then
+    done
    web="true"
  fi
-  AUTOMATED=${automated:-} WEBCALL=${web:-} "${PI_HOLE_SCRIPT_DIR}"/piholeDebug.sh
+  AUTOMATED=${automated:-} WEBCALL=${web:-} CHECK_DATABASE=${check_database_integrity:-} "${PI_HOLE_SCRIPT_DIR}"/piholeDebug.sh
  exit 0
 }
@@ -60,19 +100,26 @@ arpFunc() {
 }
 updatePiholeFunc() {
-  shift
+  if [ -n "${DOCKER_VERSION}" ]; then
-  "${PI_HOLE_SCRIPT_DIR}"/update.sh "$@"
+    unsupportedFunc
-  exit 0
+  else
    shift
    "${PI_HOLE_SCRIPT_DIR}"/update.sh "$@"
    exit 0
  fi
 }
 reconfigurePiholeFunc() {
-  /etc/.pihole/automated\ install/basic-install.sh --reconfigure
+  if [ -n "${DOCKER_VERSION}" ]; then
-  exit 0;
+    unsupportedFunc
  else
    /etc/.pihole/automated\ install/basic-install.sh --reconfigure
    exit 0;
  fi
 }
 updateGravityFunc() {
-  "${PI_HOLE_SCRIPT_DIR}"/gravity.sh "$@"
+  exec "${PI_HOLE_SCRIPT_DIR}"/gravity.sh "$@"
  exit $?
 }
 queryFunc() {
@@ -82,43 +129,30 @@ queryFunc() {
 }
 chronometerFunc() {
-  shift
+  echo "Chronometer is gone, use PADD (https://github.com/pi-hole/PADD)"
  "${PI_HOLE_SCRIPT_DIR}"/chronometer.sh "$@"
  exit 0
 }
 uninstallFunc() {
-  "${PI_HOLE_SCRIPT_DIR}"/uninstall.sh
+  if [ -n "${DOCKER_VERSION}" ]; then
-  exit 0
+    unsupportedFunc
  else
    "${PI_HOLE_SCRIPT_DIR}"/uninstall.sh
    exit 0
  fi
 }
 versionFunc() {
-  shift
+  exec "${PI_HOLE_SCRIPT_DIR}"/version.sh
  "${PI_HOLE_SCRIPT_DIR}"/version.sh "$@"
  exit 0
 }
-# Get PID of main pihole-FTL process
+reloadDNS() {
-getFTLPID() {
+  local svcOption svc str output status pid icon FTL_PID_FILE
-  local pid
+  svcOption="${1:-reload}"
-  if [ -s "${FTL_PID_FILE}" ]; then
+  # get the current path to the pihole-FTL.pid
-    # -s: FILE exists and has a size greater than zero
+  FTL_PID_FILE="$(getFTLConfigValue files.pid)"
    pid="$(<"$FTL_PID_FILE")"
    # Exploit prevention: unset the variable if there is malicious content
    # Verify that the value read from the file is numeric
    [[ "$pid" =~ [^[:digit:]] ]] && unset pid
  fi
  # If FTL is not running, or the PID file contains malicious stuff, substitute
  # negative PID to signal this to the caller
  echo "${pid:=-1}"
 }
 restartDNS() {
  local svcOption svc str output status pid icon
  svcOption="${1:-restart}"
  # Determine if we should reload or restart
  if [[ "${svcOption}" =~ "reload-lists" ]]; then
@@ -126,7 +160,8 @@ restartDNS() {
    # Note 1: This will NOT re-read any *.conf files
    # Note 2: We cannot use killall here as it does
    #         not know about real-time signals
-    pid="$(getFTLPID)"
+
    pid="$(getFTLPID ${FTL_PID_FILE})"
    if [[ "$pid" -eq "-1" ]]; then
      svc="true"
      str="FTL is not running"
@@ -139,7 +174,7 @@ restartDNS() {
  elif [[ "${svcOption}" =~ "reload" ]]; then
    # Reloading of the DNS cache has been requested
    # Note: This will NOT re-read any *.conf files
-    pid="$(getFTLPID)"
+    pid="$(getFTLPID ${FTL_PID_FILE})"
    if [[ "$pid" -eq "-1" ]]; then
      svc="true"
      str="FTL is not running"
@@ -149,11 +184,6 @@ restartDNS() {
      str="Flushing DNS cache"
      icon="${TICK}"
    fi
  else
    # A full restart has been requested
    svc="service pihole-FTL restart"
    str="Restarting DNS server"
    icon="${TICK}"
  fi
  # Print output to Terminal, but not to Web Admin
@@ -174,75 +204,60 @@ restartDNS() {
 piholeEnable() {
  if [[ "${2}" == "-h" ]] || [[ "${2}" == "--help" ]]; then
-    echo "Usage: pihole disable [time]
+    echo "Usage: pihole enable/disable [time]
-Example: 'pihole disable', or 'pihole disable 5m'
+Example: 'pihole enable', or 'pihole disable 5m'
-Disable Pi-hole subsystems
+En- or disable Pi-hole subsystems
 Time:
-  #s                  Disable Pi-hole functionality for # second(s)
+  #s               En-/disable Pi-hole functionality for # second(s)
-  #m                  Disable Pi-hole functionality for # minute(s)"
+  #m               En-/disable Pi-hole functionality for # minute(s)"
    exit 0
  elif [[ "${1}" == "0" ]]; then
    # Disable Pi-hole
    if grep -cq "BLOCKING_ENABLED=false" "${setupVars}"; then
      echo -e "  ${INFO} Blocking already disabled, nothing to do"
      exit 0
    fi
    if [[ $# > 1 ]]; then
      local error=false
      if [[ "${2}" == *"s" ]]; then
        tt=${2%"s"}
        if [[ "${tt}" =~ ^-?[0-9]+$ ]];then
          local str="Disabling blocking for ${tt} seconds"
          echo -e "  ${INFO} ${str}..."
          local str="Blocking will be re-enabled in ${tt} seconds"
          nohup "${PI_HOLE_SCRIPT_DIR}"/pihole-reenable.sh ${tt} </dev/null &>/dev/null &
        else
          local error=true
        fi
      elif [[ "${2}" == *"m" ]]; then
        tt=${2%"m"}
          if [[ "${tt}" =~ ^-?[0-9]+$ ]];then
          local str="Disabling blocking for ${tt} minutes"
          echo -e "  ${INFO} ${str}..."
          local str="Blocking will be re-enabled in ${tt} minutes"
          tt=$((${tt}*60))
          nohup "${PI_HOLE_SCRIPT_DIR}"/pihole-reenable.sh ${tt} </dev/null &>/dev/null &
        else
          local error=true
        fi
      elif [[ -n "${2}" ]]; then
        local error=true
      else
        echo -e "  ${INFO} Disabling blocking"
      fi
      if [[ ${error} == true ]];then
        echo -e "  ${COL_LIGHT_RED}Unknown format for delayed reactivation of the blocking!${COL_NC}"
        echo -e "  Try 'pihole disable --help' for more information."
        exit 1
      fi
      local str="Pi-hole Disabled"
      sed -i "/BLOCKING_ENABLED=/d" "${setupVars}"
      echo "BLOCKING_ENABLED=false" >> "${setupVars}"
    fi
  else
    # Enable Pi-hole
    killall -q pihole-reenable
    if grep -cq "BLOCKING_ENABLED=true" "${setupVars}"; then
      echo -e "  ${INFO} Blocking already enabled, nothing to do"
      exit 0
    fi
    echo -e "  ${INFO} Enabling blocking"
    local str="Pi-hole Enabled"
    sed -i "/BLOCKING_ENABLED=/d" "${setupVars}"
    echo "BLOCKING_ENABLED=true" >> "${setupVars}"
  fi
-  restartDNS reload-lists
+  # Get timer
  local tt="null"
  if [[ $# -gt 1 ]]; then
    local error=false
    if [[ "${2}" == *"s" ]]; then
      tt=${2%"s"}
      if [[ ! "${tt}" =~ ^-?[0-9]+$ ]];then
        local error=true
      fi
    elif [[ "${2}" == *"m" ]]; then
      tt=${2%"m"}
      if [[ "${tt}" =~ ^-?[0-9]+$ ]];then
        tt=$((${tt}*60))
      else
        local error=true
      fi
    elif [[ -n "${2}" ]]; then
      local error=true
    fi
    if [[ ${error} == true ]];then
      echo -e "  ${COL_LIGHT_RED}Unknown format for blocking timer!${COL_NC}"
      echo -e "  Try 'pihole disable --help' for more information."
      exit 1
    fi
  fi
  # Authenticate with the API
  LoginAPI
  # Send the request
  data=$(PostFTLData "dns/blocking" "{ \"blocking\": ${1}, \"timer\": ${tt} }")
  # Check the response
  local extra=" forever"
  local timer="$(echo "${data}"| jq --raw-output '.timer' )"
  if [[ "${timer}" != "null" ]]; then
    extra=" for ${timer}s"
  fi
  local str="Pi-hole $(echo "${data}" | jq --raw-output '.blocking')${extra}"
  # Logout from the API
  LogoutAPI
  echo -e "${OVER}  ${TICK} ${str}"
 }
@@ -255,14 +270,13 @@ Example: 'pihole logging on'
 Specify whether the Pi-hole log should be used
 Options:
-  on                  Enable the Pi-hole log at /var/log/pihole.log
+  on                  Enable the Pi-hole log at /var/log/pihole/pihole.log
-  off                 Disable and flush the Pi-hole log at /var/log/pihole.log
+  off                 Disable and flush the Pi-hole log at /var/log/pihole/pihole.log
-  off noflush         Disable the Pi-hole log at /var/log/pihole.log"
+  off noflush         Disable the Pi-hole log at /var/log/pihole/pihole.log"
    exit 0
  elif [[ "${1}" == "off" ]]; then
    # Disable logging
-    sed -i 's/^log-queries/#log-queries/' /etc/dnsmasq.d/01-pihole.conf
+    setFTLConfigValue dns.queryLogging false
    sed -i 's/^QUERY_LOGGING=true/QUERY_LOGGING=false/' /etc/pihole/setupVars.conf
    if [[ "${2}" != "noflush" ]]; then
      # Flush logs
      "${PI_HOLE_BIN_DIR}"/pihole -f
@@ -271,8 +285,7 @@ Options:
    local str="Logging has been disabled!"
  elif [[ "${1}" == "on" ]]; then
    # Enable logging
-    sed -i 's/^#log-queries/log-queries/' /etc/dnsmasq.d/01-pihole.conf
+    setFTLConfigValue dns.queryLogging true
    sed -i 's/^QUERY_LOGGING=false/QUERY_LOGGING=true/' /etc/pihole/setupVars.conf
    echo -e "  ${INFO} Enabling logging..."
    local str="Logging has been enabled!"
  else
@@ -280,32 +293,33 @@ Options:
  Try 'pihole logging --help' for more information."
    exit 1
  fi
  restartDNS
  echo -e "${OVER}  ${TICK} ${str}"
 }
 analyze_ports() {
  local lv4 lv6 port=${1}
  # FTL is listening at least on at least one port when this
  # function is getting called
  echo -e "  ${TICK} DNS service is listening"
  # Check individual address family/protocol combinations
  # For a healthy Pi-hole, they should all be up (nothing printed)
-  if grep -q "IPv4.*UDP" <<< "${1}"; then
+  lv4="$(ss --ipv4 --listening --numeric --tcp --udp src :${port})"
  if grep -q "udp " <<< "${lv4}"; then
      echo -e "     ${TICK} UDP (IPv4)"
  else
      echo -e "     ${CROSS} UDP (IPv4)"
  fi
-  if grep -q "IPv4.*TCP" <<< "${1}"; then
+  if grep -q "tcp " <<< "${lv4}"; then
      echo -e "     ${TICK} TCP (IPv4)"
  else
      echo -e "     ${CROSS} TCP (IPv4)"
  fi
-  if grep -q "IPv6.*UDP" <<< "${1}"; then
+  lv6="$(ss --ipv6 --listening --numeric --tcp --udp src :${port})"
  if grep -q "udp " <<< "${lv6}"; then
      echo -e "     ${TICK} UDP (IPv6)"
  else
      echo -e "     ${CROSS} UDP (IPv6)"
  fi
-  if grep -q "IPv6.*TCP" <<< "${1}"; then
+  if grep -q "tcp " <<< "${lv6}"; then
      echo -e "     ${TICK} TCP (IPv6)"
  else
      echo -e "     ${CROSS} TCP (IPv6)"
@@ -314,88 +328,104 @@ analyze_ports() {
 }
 statusFunc() {
-  # Determine if there is a pihole service is listening on port 53
+    # Determine if there is pihole-FTL service is listening
-  local listening
+    local pid port ftl_pid_file block_status
-  listening="$(lsof -Pni:53)"
+
-  if grep -q "pihole" <<< "${listening}"; then
+    ftl_pid_file="$(getFTLConfigValue files.pid)"
-    if [[ "${1}" != "web" ]]; then
+
-      analyze_ports "${listening}"
+    pid="$(getFTLPID ${ftl_pid_file})"
    if [[ "$pid" -eq "-1" ]]; then
        case "${1}" in
            "web") echo "-1";;
            *) echo -e "  ${CROSS} DNS service is NOT running";;
        esac
        exit 0
    else
        # get the DNS port pihole-FTL is listening on
        port="$(getFTLConfigValue dns.port)"
        if [[ "${port}" == "0" ]]; then
            case "${1}" in
                "web") echo "-1";;
                *) echo -e "  ${CROSS} DNS service is NOT listening";;
            esac
            exit 0
        else
            if [[ "${1}" != "web" ]]; then
                echo -e "  ${TICK} FTL is listening on port ${port}"
                analyze_ports "${port}"
            fi
        fi
    fi
  else
    case "${1}" in
      "web") echo "-1";;
      *) echo -e "  ${CROSS} DNS service is NOT listening";;
    esac
    return 0
  fi
  # Determine if Pi-hole's blocking is enabled
-  if grep -q "BLOCKING_ENABLED=false" /etc/pihole/setupVars.conf; then
+  block_status=$(getFTLConfigValue dns.blocking.active)
-    # A config is commented out
+  if [ ${block_status} == "true" ]; then
    case "${1}" in
      "web") echo "$port";;
      *) echo -e "  ${TICK} Pi-hole blocking is enabled";;
    esac
  else
    case "${1}" in
      "web") echo 0;;
      *) echo -e "  ${CROSS} Pi-hole blocking is disabled";;
    esac
  elif grep -q "BLOCKING_ENABLED=true" /etc/pihole/setupVars.conf;  then
    # Configs are set
    case "${1}" in
      "web") echo 1;;
      *) echo -e "  ${TICK} Pi-hole blocking is enabled";;
    esac
  else
    # No configs were found
    case "${1}" in
      "web") echo 99;;
      *) echo -e "  ${INFO} Pi-hole blocking will be enabled";;
    esac
    # Enable blocking
    "${PI_HOLE_BIN_DIR}"/pihole enable
  fi
  exit 0
 }
 tailFunc() {
  # Warn user if Pi-hole's logging is disabled
-  local logging_enabled=$(grep -c "^log-queries" /etc/dnsmasq.d/01-pihole.conf)
+  local logging_enabled=$(getFTLConfigValue dns.queryLogging)
-  if [[ "${logging_enabled}" == "0" ]]; then
+  if [[ "${logging_enabled}" != "true" ]]; then
    # No "log-queries" lines are found.
    # Commented out lines (such as "#log-queries") are ignored
    echo "  ${CROSS} Warning: Query logging is disabled"
  fi
  echo -e "  ${INFO} Press Ctrl-C to exit"
  # Get logfile path
  readonly LOGFILE=$(getFTLConfigValue files.log.dnsmasq)
  # Strip date from each line
-  # Color blocklist/blacklist/wildcard entries as red
+  # Color blocklist/denylist/wildcard entries as red
  # Color A/AAAA/DHCP strings as white
  # Color everything else as gray
-  tail -f /var/log/pihole.log | grep --line-buffered "${1}" | sed -E \
+  tail -f $LOGFILE | grep --line-buffered "${1}" | sed -E \
    -e "s,($(date +'%b %d ')| dnsmasq\[[0-9]*\]),,g" \
-    -e "s,(.*(blacklisted |gravity blocked ).*),${COL_RED}&${COL_NC}," \
+    -e "s,(.*(denied |gravity blocked ).*),${COL_RED}&${COL_NC}," \
    -e "s,.*(query\\[A|DHCP).*,${COL_NC}&${COL_NC}," \
    -e "s,.*,${COL_GRAY}&${COL_NC},"
  exit 0
 }
 piholeCheckoutFunc() {
-  if [[ "$2" == "-h" ]] || [[ "$2" == "--help" ]]; then
+  if [ -n "${DOCKER_VERSION}" ]; then
-    echo "Usage: pihole checkout [repo] [branch]
+    unsupportedFunc
-Example: 'pihole checkout master' or 'pihole checkout core dev'
+  else
-Switch Pi-hole subsystems to a different GitHub branch
+    if [[ "$2" == "-h" ]] || [[ "$2" == "--help" ]]; then
      echo "Switch Pi-hole subsystems to a different GitHub branch
    Usage: ${COL_GREEN}pihole checkout${COL_NC} ${COL_YELLOW}shortcut${COL_NC}
        or ${COL_GREEN}pihole checkout${COL_NC} ${COL_PURPLE}repo${COL_NC} ${COL_CYAN}branch${COL_NC}
-Repositories:
+  Example: ${COL_GREEN}pihole checkout${COL_NC} ${COL_YELLOW}master${COL_NC}
-  core [branch]       Change the branch of Pi-hole's core subsystem
+       or  ${COL_GREEN}pihole checkout${COL_NC} ${COL_PURPLE}ftl ${COL_CYAN}development${COL_NC}
  web [branch]        Change the branch of Web Interface subsystem
  ftl [branch]        Change the branch of Pi-hole's FTL subsystem
-Branches:
+  Shortcuts:
-  master              Update subsystems to the latest stable release
+    ${COL_YELLOW}master${COL_NC}            Update all subsystems to the latest stable release
-  dev                 Update subsystems to the latest development release
+    ${COL_YELLOW}dev${COL_NC}               Update all subsystems to the latest development release
-  branchname          Update subsystems to the specified branchname"
+
-    exit 0
+  Individual components:
    ${COL_PURPLE}core${COL_NC} ${COL_CYAN}branch${COL_NC}       Change the branch of Pi-hole's core subsystem
    ${COL_PURPLE}web${COL_NC} ${COL_CYAN}branch${COL_NC}        Change the branch of the web interface subsystem
    ${COL_PURPLE}ftl${COL_NC} ${COL_CYAN}branch${COL_NC}        Change the branch of Pi-hole's FTL subsystem"
      exit 0
    fi
    source "${PI_HOLE_SCRIPT_DIR}"/piholeCheckout.sh
    shift
    checkout "$@"
  fi
  source "${PI_HOLE_SCRIPT_DIR}"/piholeCheckout.sh
  shift
  checkout "$@"
 }
 tricorderFunc() {
@@ -424,35 +454,41 @@ updateCheckFunc() {
  exit 0
 }
 unsupportedFunc(){
  echo "Function not supported in Docker images"
  exit 0
 }
 helpFunc() {
  echo "Usage: pihole [options]
-Example: 'pihole -w -h'
+Example: 'pihole allow -h'
 Add '-h' after specific commands for more information on usage
-Whitelist/Blacklist Options:
+Domain Options:
-  -w, whitelist       Whitelist domain(s)
+  allow, allowlist    Allow domain(s)
-  -b, blacklist       Blacklist domain(s)
+  deny, denylist      Deny domain(s)
-  --regex, regex      Regex blacklist domains(s)
+  --regex, regex      Regex deny domains(s)
-  --white-regex       Regex whitelist domains(s)
+  --allow-regex       Regex allow domains(s)
-  --wild, wildcard    Wildcard blacklist domain(s)
+  --wild, wildcard    Wildcard deny domain(s)
-  --white-wild        Wildcard whitelist domain(s)
+  --allow-wild        Wildcard allow domain(s)
-                        Add '-h' for more info on whitelist/blacklist usage
+                        Add '-h' for more info on allow/deny usage
 Debugging Options:
  -d, debug           Start a debugging session
                        Add '-c' or '--check-database' to include a Pi-hole database integrity check
                        Add '-a' to automatically upload the log to tricorder.pi-hole.net
  -f, flush           Flush the Pi-hole log
  -r, reconfigure     Reconfigure or Repair Pi-hole subsystems
  -t, tail [arg]      View the live output of the Pi-hole log.
                      Add an optional argument to filter the log
                      (regular expressions are supported)
  api <endpoint>      Query the Pi-hole API at <endpoint>
 Options:
-  -a, admin           Web interface options
+  setpassword [pwd]   Set the password for the web interface
-                        Add '-h' for more info on Web Interface usage
+                        Without optional argument, password is read interactively.
-  -c, chronometer     Calculates stats and displays to an LCD
+                        When specifying a password directly, enclose it in single quotes.
                        Add '-h' for more info on chronometer usage
  -g, updateGravity   Update the list of ad-serving domains
  -h, --help, help    Show this help dialog
  -l, logging         Specify whether the Pi-hole log should be used
@@ -462,15 +498,14 @@ Options:
  -up, updatePihole   Update Pi-hole subsystems
                        Add '--check-only' to exit script before update is performed.
  -v, version         Show installed versions of Pi-hole, Web Interface & FTL
                        Add '-h' for more info on version usage
  uninstall           Uninstall Pi-hole from your system
  status              Display the running status of Pi-hole subsystems
  enable              Enable Pi-hole subsystems
                        Add '-h' for more info on enable usage
  disable             Disable Pi-hole subsystems
                        Add '-h' for more info on disable usage
-  restartdns          Full restart Pi-hole subsystems
+  reloaddns           Update the lists and flush the cache without restarting the DNS server
-                        Add 'reload' to update the lists and flush the cache without restarting the DNS server
+  reloadlists         Update the lists WITHOUT flushing the cache or restarting the DNS server
                        Add 'reload-lists' to only update the lists WITHOUT flushing the cache or restarting the DNS server
  checkout            Switch Pi-hole subsystems to a different GitHub branch
                        Add '-h' for more info on checkout usage
  arpflush            Flush information stored in Pi-hole's network tables";
@@ -481,49 +516,81 @@ if [[ $# = 0 ]]; then
  helpFunc
 fi
 # functions that do not require sudo power
 need_root=1
 case "${1}" in
-  "-h" | "help" | "--help"      ) helpFunc;;
+  "-h" | "help" | "--help"        ) helpFunc;;
  "-v" | "version"                ) versionFunc;;
  "-c" | "chronometer"            ) chronometerFunc "$@";;
  "-q" | "query"                  ) queryFunc "$@";;
  "status"                        ) statusFunc "$2";;
  "tricorder"                     ) tricorderFunc;;
  # we need to add all arguments that require sudo power to not trigger the * argument
  "allow" | "allowlist"           ) need_root=0;;
  "deny" | "denylist"             ) need_root=0;;
  "--wild" | "wildcard"           ) need_root=0;;
  "--regex" | "regex"             ) need_root=0;;
  "--allow-regex" | "allow-regex" ) need_root=0;;
  "--allow-wild" | "allow-wild"   ) need_root=0;;
  "-f" | "flush"                  ) ;;
  "-up" | "updatePihole"          ) ;;
  "-r"  | "reconfigure"           ) ;;
  "-l" | "logging"                ) ;;
  "uninstall"                     ) ;;
  "enable"                        ) need_root=0;;
  "disable"                       ) need_root=0;;
  "-d" | "debug"                  ) ;;
  "-g" | "updateGravity"          ) ;;
  "reloaddns"                     ) ;;
  "reloadlists"                   ) ;;
  "setpassword"                   ) ;;
  "checkout"                      ) ;;
  "updatechecker"                 ) ;;
  "arpflush"                      ) ;;
  "-t" | "tail"                   ) ;;
  "api"                           ) need_root=0;;
  *                               ) helpFunc;;
 esac
-# Must be root to use this tool
+# In the case of alpine running in a container, the USER variable appears to be blank
-if [[ ! $EUID -eq 0 ]];then
+# which prevents the next trap from working correctly. Set it by running whoami
-  if [[ -x "$(command -v sudo)" ]]; then
+if [[ -z ${USER} ]]; then
-    exec sudo bash "$0" "$@"
+  USER=$(whoami)
-    exit $?
+fi
-  else
+
-    echo -e "  ${CROSS} sudo is needed to run pihole commands.  Please run this script as root or install sudo."
+# Check if the current user is neither root nor pihole and if the command
-    exit 1
+# requires root. If so, exit with an error message.
-  fi
+if [[ $EUID -ne 0 && ${USER} != "pihole" && need_root -eq 1 ]];then
  echo -e "  ${CROSS} The Pi-hole command requires root privileges, try:"
  echo -e "      ${COL_GREEN}sudo pihole $*${COL_NC}"
  exit 1
 fi
 # Handle redirecting to specific functions based on arguments
 case "${1}" in
-  "-w" | "whitelist"            ) listFunc "$@";;
+  "allow" | "allowlist"           ) listFunc "$@";;
-  "-b" | "blacklist"            ) listFunc "$@";;
+  "deny" | "denylist"             ) listFunc "$@";;
-  "--wild" | "wildcard"         ) listFunc "$@";;
+  "--wild" | "wildcard"           ) listFunc "$@";;
-  "--regex" | "regex"           ) listFunc "$@";;
+  "--regex" | "regex"             ) listFunc "$@";;
-  "--white-regex" | "white-regex" ) listFunc "$@";;
+  "--allow-regex" | "allow-regex" ) listFunc "$@";;
-  "--white-wild" | "white-wild"   ) listFunc "$@";;
+  "--allow-wild" | "allow-wild"   ) listFunc "$@";;
-  "-d" | "debug"                ) debugFunc "$@";;
+  "-d" | "debug"                  ) debugFunc "$@";;
-  "-f" | "flush"                ) flushFunc "$@";;
+  "-f" | "flush"                  ) flushFunc "$@";;
-  "-up" | "updatePihole"        ) updatePiholeFunc "$@";;
+  "-up" | "updatePihole"          ) updatePiholeFunc "$@";;
-  "-r"  | "reconfigure"         ) reconfigurePiholeFunc;;
+  "-r"  | "reconfigure"           ) reconfigurePiholeFunc;;
-  "-g" | "updateGravity"        ) updateGravityFunc "$@";;
+  "-g" | "updateGravity"          ) updateGravityFunc "$@";;
-  "-c" | "chronometer"          ) chronometerFunc "$@";;
+  "-l" | "logging"                ) piholeLogging "$@";;
-  "-h" | "help"                 ) helpFunc;;
+  "uninstall"                     ) uninstallFunc;;
-  "-v" | "version"              ) versionFunc "$@";;
+  "enable"                        ) piholeEnable true "$2";;
-  "-q" | "query"                ) queryFunc "$@";;
+  "disable"                       ) piholeEnable false "$2";;
-  "-l" | "logging"              ) piholeLogging "$@";;
+  "reloaddns"                     ) reloadDNS "reload";;
-  "uninstall"                   ) uninstallFunc;;
+  "reloadlists"                   ) reloadDNS "reload-lists";;
-  "enable"                      ) piholeEnable 1;;
+  "setpassword"                   ) SetWebPassword "$@";;
-  "disable"                     ) piholeEnable 0 "$2";;
+  "checkout"                      ) piholeCheckoutFunc "$@";;
-  "status"                      ) statusFunc "$2";;
+  "updatechecker"                 ) shift; updateCheckFunc "$@";;
-  "restartdns"                  ) restartDNS "$2";;
+  "arpflush"                      ) arpFunc "$@";;
-  "-a" | "admin"                ) webpageFunc "$@";;
+  "-t" | "tail"                   ) tailFunc "$2";;
-  "-t" | "tail"                 ) tailFunc "$2";;
+  "api"                           ) apiFunc "$2";;
-  "checkout"                    ) piholeCheckoutFunc "$@";;
+  *                               ) helpFunc;;
  "tricorder"                   ) tricorderFunc;;
  "updatechecker"               ) updateCheckFunc "$@";;
  "arpflush"                    ) arpFunc "$@";;
  *                             ) helpFunc;;
 esac
--- a/test/README.md
+++ b/test/README.md
@@ -18,8 +18,8 @@ py.test -vv -n auto -m "build_stage"
 py.test -vv -n auto -m "not build_stage"
 ```
-The build_stage tests have to run first to create the docker images, followed by the actual tests which utilize said images.  Unless you're changing your dockerfiles you shouldn't have to run the build_stage every time - but it's a good idea to rebuild at least once a day in case the base Docker images or packages change.
+The build_stage tests have to run first to create the docker images, followed by the actual tests which utilize said images. Unless you're changing your dockerfiles you shouldn't have to run the build_stage every time - but it's a good idea to rebuild at least once a day in case the base Docker images or packages change.
 # How do I debug python?
-Highly recommended: Setup PyCharm on a **Docker enabled** machine.  Having a python debugger like PyCharm changes your life if you've never used it :)
+Highly recommended: Setup PyCharm on a **Docker enabled** machine. Having a python debugger like PyCharm changes your life if you've never used it :)
--- a/test/_centos_7.Dockerfile
+++ b/test/_centos_7.Dockerfile
@@ -1,17 +0,0 @@
 FROM centos:7
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole
 RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
 ADD . $GITDIR
 RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
 ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
 RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV PH_TEST true
 ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_centos_8.Dockerfile
+++ b/test/_centos_8.Dockerfile
@@ -1,17 +0,0 @@
 FROM centos:8
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole
 RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
 ADD . $GITDIR
 RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
 ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
 RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV PH_TEST true
 ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_centos_9.Dockerfile
+++ b/test/_centos_9.Dockerfile
@@ -0,0 +1,20 @@
 FROM quay.io/centos/centos:stream9
 # Disable SELinux
 RUN echo "SELINUX=disabled" > /etc/selinux/config
 RUN yum install -y --allowerasing curl git initscripts
 ENV GITDIR=/etc/.pihole
 ENV SCRIPTDIR=/opt/pihole
 RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
 ADD . $GITDIR
 RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $GITDIR/advanced/Scripts/COL_TABLE $SCRIPTDIR/
 ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
 RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV SKIP_INSTALL=true
 ENV OS_CHECK_DOMAIN_NAME=dev-supportedos.pi-hole.net
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_debian_10.Dockerfile
+++ b/test/_debian_10.Dockerfile
@@ -1,17 +0,0 @@
 FROM buildpack-deps:buster-scm
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole
 RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
 ADD . $GITDIR
 RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
 ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
 RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV PH_TEST true
 ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_debian_11.Dockerfile
+++ b/test/_debian_11.Dockerfile
@@ -1,17 +1,17 @@
 FROM buildpack-deps:bullseye-scm
-ENV GITDIR /etc/.pihole
+ENV GITDIR=/etc/.pihole
-ENV SCRIPTDIR /opt/pihole
+ENV SCRIPTDIR=/opt/pihole
 RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
 ADD . $GITDIR
-RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
+RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $GITDIR/advanced/Scripts/COL_TABLE $SCRIPTDIR/
-ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
+ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
 RUN true && \
    chmod +x $SCRIPTDIR/*
-ENV PH_TEST true
+ENV SKIP_INSTALL=true
-ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
+ENV OS_CHECK_DOMAIN_NAME=dev-supportedos.pi-hole.net
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_debian_12.Dockerfile
+++ b/test/_debian_12.Dockerfile
@@ -0,0 +1,17 @@
 FROM buildpack-deps:bookworm-scm
 ENV GITDIR=/etc/.pihole
 ENV SCRIPTDIR=/opt/pihole
 RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
 ADD . $GITDIR
 RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $GITDIR/advanced/Scripts/COL_TABLE $SCRIPTDIR/
 ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
 RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV SKIP_INSTALL=true
 ENV OS_CHECK_DOMAIN_NAME=dev-supportedos.pi-hole.net
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_debian_9.Dockerfile
+++ b/test/_debian_9.Dockerfile
@@ -1,17 +0,0 @@
 FROM buildpack-deps:stretch-scm
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole
 RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
 ADD . $GITDIR
 RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
 ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
 RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV PH_TEST true
 ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_fedora_33.Dockerfile
+++ b/test/_fedora_33.Dockerfile
@@ -1,17 +0,0 @@
 FROM fedora:33
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole
 RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
 ADD . $GITDIR
 RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
 ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
 RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV PH_TEST true
 ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_fedora_34.Dockerfile
+++ b/test/_fedora_34.Dockerfile
@@ -1,17 +0,0 @@
 FROM fedora:34
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole
 RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
 ADD . $GITDIR
 RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
 ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
 RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV PH_TEST true
 ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_fedora_40.Dockerfile
+++ b/test/_fedora_40.Dockerfile
@@ -0,0 +1,18 @@
 FROM fedora:40
 RUN dnf install -y git initscripts
 ENV GITDIR=/etc/.pihole
 ENV SCRIPTDIR=/opt/pihole
 RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
 ADD . $GITDIR
 RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $GITDIR/advanced/Scripts/COL_TABLE $SCRIPTDIR/
 ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
 RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV SKIP_INSTALL=true
 ENV OS_CHECK_DOMAIN_NAME=dev-supportedos.pi-hole.net
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_fedora_41.Dockerfile
+++ b/test/_fedora_41.Dockerfile
@@ -0,0 +1,18 @@
 FROM fedora:41
 RUN dnf install -y git initscripts
 ENV GITDIR=/etc/.pihole
 ENV SCRIPTDIR=/opt/pihole
 RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
 ADD . $GITDIR
 RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $GITDIR/advanced/Scripts/COL_TABLE $SCRIPTDIR/
 ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
 RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV SKIP_INSTALL=true
 ENV OS_CHECK_DOMAIN_NAME=dev-supportedos.pi-hole.net
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_ubuntu_16.Dockerfile
+++ b/test/_ubuntu_16.Dockerfile
@@ -1,17 +0,0 @@
 FROM buildpack-deps:xenial-scm
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole
 RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
 ADD . $GITDIR
 RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
 ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
 RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV PH_TEST true
 ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_ubuntu_18.Dockerfile
+++ b/test/_ubuntu_18.Dockerfile
@@ -1,17 +0,0 @@
 FROM buildpack-deps:bionic-scm
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole
 RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
 ADD . $GITDIR
 RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
 ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
 RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV PH_TEST true
 ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_ubuntu_20.Dockerfile
+++ b/test/_ubuntu_20.Dockerfile
@@ -1,18 +1,17 @@
 FROM buildpack-deps:focal-scm
-ENV GITDIR /etc/.pihole
+ENV GITDIR=/etc/.pihole
-ENV SCRIPTDIR /opt/pihole
+ENV SCRIPTDIR=/opt/pihole
 RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
 ADD . $GITDIR
-RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
+RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $GITDIR/advanced/Scripts/COL_TABLE $SCRIPTDIR/
-ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
+ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
 ENV DEBIAN_FRONTEND=noninteractive
 RUN true && \
    chmod +x $SCRIPTDIR/*
-ENV PH_TEST true
+ENV SKIP_INSTALL=true
-ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
+ENV OS_CHECK_DOMAIN_NAME=dev-supportedos.pi-hole.net
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_ubuntu_22.Dockerfile
+++ b/test/_ubuntu_22.Dockerfile
@@ -1,18 +1,18 @@
-FROM buildpack-deps:hirsute-scm
+FROM buildpack-deps:jammy-scm
-ENV GITDIR /etc/.pihole
+ENV GITDIR=/etc/.pihole
-ENV SCRIPTDIR /opt/pihole
+ENV SCRIPTDIR=/opt/pihole
 RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
 ADD . $GITDIR
-RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
+RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $GITDIR/advanced/Scripts/COL_TABLE $SCRIPTDIR/
-ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
+ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
 ENV DEBIAN_FRONTEND=noninteractive
 RUN true && \
    chmod +x $SCRIPTDIR/*
-ENV PH_TEST true
+ENV SKIP_INSTALL=true
-ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
+ENV OS_CHECK_DOMAIN_NAME=dev-supportedos.pi-hole.net
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_ubuntu_23.Dockerfile
+++ b/test/_ubuntu_23.Dockerfile
@@ -0,0 +1,18 @@
 FROM buildpack-deps:lunar-scm
 ENV GITDIR=/etc/.pihole
 ENV SCRIPTDIR=/opt/pihole
 RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
 ADD . $GITDIR
 RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $GITDIR/advanced/Scripts/COL_TABLE $SCRIPTDIR/
 ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
 ENV DEBIAN_FRONTEND=noninteractive
 RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV SKIP_INSTALL=true
 ENV OS_CHECK_DOMAIN_NAME=dev-supportedos.pi-hole.net
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_ubuntu_24.Dockerfile
+++ b/test/_ubuntu_24.Dockerfile
@@ -0,0 +1,18 @@
 FROM buildpack-deps:24.04-scm
 ENV GITDIR=/etc/.pihole
 ENV SCRIPTDIR=/opt/pihole
 RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
 ADD . $GITDIR
 RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $GITDIR/advanced/Scripts/COL_TABLE $SCRIPTDIR/
 ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
 ENV DEBIAN_FRONTEND=noninteractive
 RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV SKIP_INSTALL=true
 ENV OS_CHECK_DOMAIN_NAME=dev-supportedos.pi-hole.net
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/conftest.py
+++ b/test/conftest.py
@@ -1,151 +1,216 @@
 import pytest
 import testinfra
 import testinfra.backend.docker
 import subprocess
 from textwrap import dedent
-check_output = testinfra.get_backend(
+IMAGE = "pytest_pihole:test_container"
-    "local://"
+tick_box = "[✓]"
-).get_module("Command").check_output
+cross_box = "[✗]"
 SETUPVARS = {
    'PIHOLE_INTERFACE': 'eth99',
    'PIHOLE_DNS_1': '4.2.2.1',
    'PIHOLE_DNS_2': '4.2.2.2'
 }
 tick_box = "[\x1b[1;32m\u2713\x1b[0m]"
 cross_box = "[\x1b[1;31m\u2717\x1b[0m]"
 info_box = "[i]"
-@pytest.fixture
+# Monkeypatch sh to bash, if they ever support non hard code /bin/sh this can go away
-def Pihole(Docker):
+# https://github.com/pytest-dev/pytest-testinfra/blob/master/testinfra/backend/docker.py
-    '''
+def run_bash(self, command, *args, **kwargs):
-    used to contain some script stubbing, now pretty much an alias.
+    cmd = self.get_command(command, *args)
-    Also provides bash as the default run function shell
+    if self.user is not None:
-    '''
+        out = self.run_local(
-    def run_bash(self, command, *args, **kwargs):
+            "docker exec -u %s %s /bin/bash -c %s", self.user, self.name, cmd
-        cmd = self.get_command(command, *args)
+        )
-        if self.user is not None:
+    else:
-            out = self.run_local(
+        out = self.run_local("docker exec %s /bin/bash -c %s", self.name, cmd)
-                "docker exec -u %s %s /bin/bash -c %s",
+    out.command = self.encode(cmd)
-                self.user, self.name, cmd)
+    return out
        else:
            out = self.run_local(
                "docker exec %s /bin/bash -c %s", self.name, cmd)
        out.command = self.encode(cmd)
        return out
-    funcType = type(Docker.run)
+
-    Docker.run = funcType(run_bash, Docker)
+testinfra.backend.docker.DockerBackend.run = run_bash
    return Docker
@pytest.fixture
-def Docker(request, args, image, cmd):
+def host():
-    '''
+    # run a container
-    combine our fixtures into a docker run command and setup finalizer to
+    docker_id = (
-    cleanup
+        subprocess.check_output(["docker", "run", "-t", "-d", "--cap-add=ALL", IMAGE])
-    '''
+        .decode()
-    assert 'docker' in check_output('id'), "Are you in the docker group?"
+        .strip()
-    docker_run = "docker run {} {} {}".format(args, image, cmd)
+    )
    docker_id = check_output(docker_run)
-    def teardown():
+    # return a testinfra connection to the container
-        check_output("docker rm -f %s", docker_id)
+    docker_host = testinfra.get_host("docker://" + docker_id)
    request.addfinalizer(teardown)
-    docker_container = testinfra.get_backend("docker://" + docker_id)
+    yield docker_host
-    docker_container.id = docker_id
+    # at the end of the test suite, destroy the container
-    return docker_container
+    subprocess.check_call(["docker", "rm", "-f", docker_id])
@pytest.fixture
 def args(request):
    '''
    -t became required when tput began being used
    '''
    return '-t -d'
@pytest.fixture(params=[
    'test_container'
 ])
 def tag(request):
    '''
    consumed by image to make the test matrix
    '''
    return request.param
@pytest.fixture()
 def image(request, tag):
    '''
    built by test_000_build_containers.py
    '''
    return 'pytest_pihole:{}'.format(tag)
@pytest.fixture()
 def cmd(request):
    '''
    default to doing nothing by tailing null, but don't exit
    '''
    return 'tail -f /dev/null'
 # Helper functions
 def mock_command(script, args, container):
-    '''
+    """
    Allows for setup of commands we don't really want to have to run for real
    in unit tests
-    '''
+    """
-    full_script_path = '/usr/local/bin/{}'.format(script)
+    full_script_path = "/usr/local/bin/{}".format(script)
-    mock_script = dedent('''\
+    mock_script = dedent(
        r"""\
    #!/bin/bash -e
    echo "\$0 \$@" >> /var/log/{script}
-    case "\$1" in'''.format(script=script))
+    case "\$1" in""".format(
            script=script
        )
    )
    for k, v in args.items():
-        case = dedent('''
+        case = dedent(
            """
        {arg})
        echo {res}
        exit {retcode}
-        ;;'''.format(arg=k, res=v[0], retcode=v[1]))
+        ;;""".format(
                arg=k, res=v[0], retcode=v[1]
            )
        )
        mock_script += case
-    mock_script += dedent('''
+    mock_script += dedent(
-    esac''')
+        """
-    container.run('''
+    esac"""
    )
    container.run(
        """
    cat <<EOF> {script}\n{content}\nEOF
    chmod +x {script}
-    rm -f /var/log/{scriptlog}'''.format(script=full_script_path,
+    rm -f /var/log/{scriptlog}""".format(
-                                         content=mock_script,
+            script=full_script_path, content=mock_script, scriptlog=script
-                                         scriptlog=script))
+        )
    )
 def mock_command_passthrough(script, args, container):
    """
    Per other mock_command* functions, allows intercepting of commands we don't want to run for real
    in unit tests, however also allows only specific arguments to be mocked. Anything not defined will
    be passed through to the actual command.
    Example use-case: mocking `git pull` but still allowing `git clone` to work as intended
    """
    orig_script_path = container.check_output("command -v {}".format(script))
    full_script_path = "/usr/local/bin/{}".format(script)
    mock_script = dedent(
        r"""\
    #!/bin/bash -e
    echo "\$0 \$@" >> /var/log/{script}
    case "\$1" in""".format(
            script=script
        )
    )
    for k, v in args.items():
        case = dedent(
            """
        {arg})
        echo {res}
        exit {retcode}
        ;;""".format(
                arg=k, res=v[0], retcode=v[1]
            )
        )
        mock_script += case
    mock_script += dedent(
        r"""
    *)
    {orig_script_path} "\$@"
    ;;""".format(
            orig_script_path=orig_script_path
        )
    )
    mock_script += dedent(
        """
    esac"""
    )
    container.run(
        """
    cat <<EOF> {script}\n{content}\nEOF
    chmod +x {script}
    rm -f /var/log/{scriptlog}""".format(
            script=full_script_path, content=mock_script, scriptlog=script
        )
    )
 def mock_command_run(script, args, container):
    """
    Allows for setup of commands we don't really want to have to run for real
    in unit tests
    """
    full_script_path = "/usr/local/bin/{}".format(script)
    mock_script = dedent(
        r"""\
    #!/bin/bash -e
    echo "\$0 \$@" >> /var/log/{script}
    case "\$1 \$2" in""".format(
            script=script
        )
    )
    for k, v in args.items():
        case = dedent(
            """
        \"{arg}\")
        echo {res}
        exit {retcode}
        ;;""".format(
                arg=k, res=v[0], retcode=v[1]
            )
        )
        mock_script += case
    mock_script += dedent(
        """
    esac"""
    )
    container.run(
        """
    cat <<EOF> {script}\n{content}\nEOF
    chmod +x {script}
    rm -f /var/log/{scriptlog}""".format(
            script=full_script_path, content=mock_script, scriptlog=script
        )
    )
 def mock_command_2(script, args, container):
-    '''
+    """
    Allows for setup of commands we don't really want to have to run for real
    in unit tests
-    '''
+    """
-    full_script_path = '/usr/local/bin/{}'.format(script)
+    full_script_path = "/usr/local/bin/{}".format(script)
-    mock_script = dedent('''\
+    mock_script = dedent(
        r"""\
    #!/bin/bash -e
    echo "\$0 \$@" >> /var/log/{script}
-    case "\$1 \$2" in'''.format(script=script))
+    case "\$1 \$2" in""".format(
            script=script
        )
    )
    for k, v in args.items():
-        case = dedent('''
+        case = dedent(
            """
        \"{arg}\")
        echo \"{res}\"
        exit {retcode}
-        ;;'''.format(arg=k, res=v[0], retcode=v[1]))
+        ;;""".format(
                arg=k, res=v[0], retcode=v[1]
            )
        )
        mock_script += case
-    mock_script += dedent('''
+    mock_script += dedent(
-    esac''')
+        """
-    container.run('''
+    esac"""
    )
    container.run(
        """
    cat <<EOF> {script}\n{content}\nEOF
    chmod +x {script}
-    rm -f /var/log/{scriptlog}'''.format(script=full_script_path,
+    rm -f /var/log/{scriptlog}""".format(
-                                         content=mock_script,
+            script=full_script_path, content=mock_script, scriptlog=script
-                                         scriptlog=script))
+        )
    )
 def run_script(Pihole, script):
--- a/test/requirements.txt
+++ b/test/requirements.txt
@@ -1,6 +1,6 @@
-docker-compose==1.23.2
+pyyaml == 6.0.2
-pytest==4.3.0
+pytest == 8.3.4
-pytest-xdist==1.26.1
+pytest-xdist == 3.6.1
-pytest-cov==2.6.1
+pytest-testinfra == 10.1.1
-testinfra==1.19.0
+tox == 4.23.2
-tox==3.7.0
+pytest-clarity == 1.0.1
--- a/test/setup.py
+++ b/test/setup.py
@@ -1,6 +1,7 @@
 from setuptools import setup
 setup(
-    setup_requires=['pytest-runner'],
+    py_modules=[],
-    tests_require=['pytest'],
+    setup_requires=["pytest-runner"],
    tests_require=["pytest"],
 )
--- a/test/test_any_automated_install.py
+++ b/test/test_any_automated_install.py
@@ -0,0 +1,556 @@
 import pytest
 from textwrap import dedent
 import re
 from .conftest import (
    tick_box,
    info_box,
    cross_box,
    mock_command,
    mock_command_run,
    mock_command_2,
    mock_command_passthrough,
    run_script,
 )
 FTL_BRANCH = "development"
 def test_supported_package_manager(host):
    """
    confirm installer exits when no supported package manager found
    """
    # break supported package managers
    host.run("rm -rf /usr/bin/apt-get")
    host.run("rm -rf /usr/bin/rpm")
    package_manager_detect = host.run(
        """
    source /opt/pihole/basic-install.sh
    package_manager_detect
    """
    )
    expected_stdout = cross_box + " No supported package manager found"
    assert expected_stdout in package_manager_detect.stdout
    # assert package_manager_detect.rc == 1
 def test_selinux_not_detected(host):
    """
    confirms installer continues when SELinux configuration file does not exist
    """
    check_selinux = host.run(
        """
    rm -f /etc/selinux/config
    source /opt/pihole/basic-install.sh
    checkSelinux
    """
    )
    expected_stdout = info_box + " SELinux not detected"
    assert expected_stdout in check_selinux.stdout
    assert check_selinux.rc == 0
 def get_directories_recursive(host, directory):
    if directory is None:
        return directory
    # returns all non-hidden subdirs of 'directory'
    dirs_raw = host.run("find {} -type d -not -path '*/.*'".format(directory))
    dirs = list(filter(bool, dirs_raw.stdout.splitlines()))
    return dirs
 def test_installPihole_fresh_install_readableFiles(host):
    """
    confirms all necessary files are readable by pihole user
    """
    # dialog returns Cancel for user prompt
    mock_command("dialog", {"*": ("", "0")}, host)
    # mock git pull
    mock_command_passthrough("git", {"pull": ("", "0")}, host)
    # mock systemctl to not start FTL
    mock_command_2(
        "systemctl",
        {
            "enable pihole-FTL": ("", "0"),
            "restart pihole-FTL": ("", "0"),
            "start pihole-FTL": ("", "0"),
            "*": ('echo "systemctl call with $@"', "0"),
        },
        host,
    )
    # try to install man
    host.run("command -v apt-get > /dev/null && apt-get install -qq man")
    host.run("command -v dnf > /dev/null && dnf install -y man")
    host.run("command -v yum > /dev/null && yum install -y man")
    # Workaround to get FTLv6 installed until it reaches master branch
    host.run('echo "' + FTL_BRANCH + '" > /etc/pihole/ftlbranch')
    install = host.run(
        """
    export TERM=xterm
    export DEBIAN_FRONTEND=noninteractive
    umask 0027
    runUnattended=true
    useUpdateVars=true
    source /opt/pihole/basic-install.sh > /dev/null
    runUnattended=true
    useUpdateVars=true
    main
    /opt/pihole/pihole-FTL-prestart.sh
    """
    )
    assert 0 == install.rc
    maninstalled = True
    if (info_box + " man not installed") in install.stdout:
        maninstalled = False
    if (info_box + " man pages not installed") in install.stdout:
        maninstalled = False
    piholeuser = "pihole"
    exit_status_success = 0
    test_cmd = 'su --shell /bin/bash --command "test -{0} {1}" -p {2}'
    # check files in /etc/pihole for read, write and execute permission
    check_etc = test_cmd.format("r", "/etc/pihole", piholeuser)
    actual_rc = host.run(check_etc).rc
    assert exit_status_success == actual_rc
    check_etc = test_cmd.format("x", "/etc/pihole", piholeuser)
    actual_rc = host.run(check_etc).rc
    assert exit_status_success == actual_rc
    # readable and writable dhcp.leases
    check_leases = test_cmd.format("r", "/etc/pihole/dhcp.leases", piholeuser)
    actual_rc = host.run(check_leases).rc
    assert exit_status_success == actual_rc
    check_leases = test_cmd.format("w", "/etc/pihole/dhcp.leases", piholeuser)
    actual_rc = host.run(check_leases).rc
    # readable dns-servers.conf
    assert exit_status_success == actual_rc
    check_servers = test_cmd.format("r", "/etc/pihole/dns-servers.conf", piholeuser)
    actual_rc = host.run(check_servers).rc
    assert exit_status_success == actual_rc
    # readable install.log
    check_install = test_cmd.format("r", "/etc/pihole/install.log", piholeuser)
    actual_rc = host.run(check_install).rc
    assert exit_status_success == actual_rc
    # readable versions
    check_localversion = test_cmd.format("r", "/etc/pihole/versions", piholeuser)
    actual_rc = host.run(check_localversion).rc
    assert exit_status_success == actual_rc
    # readable logrotate
    check_logrotate = test_cmd.format("r", "/etc/pihole/logrotate", piholeuser)
    actual_rc = host.run(check_logrotate).rc
    assert exit_status_success == actual_rc
    # readable macvendor.db
    check_macvendor = test_cmd.format("r", "/etc/pihole/macvendor.db", piholeuser)
    actual_rc = host.run(check_macvendor).rc
    assert exit_status_success == actual_rc
    # check readable and executable /etc/init.d/pihole-FTL
    check_init = test_cmd.format("x", "/etc/init.d/pihole-FTL", piholeuser)
    actual_rc = host.run(check_init).rc
    assert exit_status_success == actual_rc
    check_init = test_cmd.format("r", "/etc/init.d/pihole-FTL", piholeuser)
    actual_rc = host.run(check_init).rc
    assert exit_status_success == actual_rc
    # check readable and executable manpages
    if maninstalled is True:
        check_man = test_cmd.format("x", "/usr/local/share/man", piholeuser)
        actual_rc = host.run(check_man).rc
        assert exit_status_success == actual_rc
        check_man = test_cmd.format("r", "/usr/local/share/man", piholeuser)
        actual_rc = host.run(check_man).rc
        assert exit_status_success == actual_rc
        check_man = test_cmd.format("x", "/usr/local/share/man/man8", piholeuser)
        actual_rc = host.run(check_man).rc
        assert exit_status_success == actual_rc
        check_man = test_cmd.format("r", "/usr/local/share/man/man8", piholeuser)
        actual_rc = host.run(check_man).rc
        assert exit_status_success == actual_rc
        check_man = test_cmd.format("x", "/usr/local/share/man/man5", piholeuser)
        actual_rc = host.run(check_man).rc
        assert exit_status_success == actual_rc
        check_man = test_cmd.format("r", "/usr/local/share/man/man5", piholeuser)
        actual_rc = host.run(check_man).rc
        assert exit_status_success == actual_rc
        check_man = test_cmd.format(
            "r", "/usr/local/share/man/man8/pihole.8", piholeuser
        )
        actual_rc = host.run(check_man).rc
        assert exit_status_success == actual_rc
    # check not readable cron file
    check_sudo = test_cmd.format("x", "/etc/cron.d/", piholeuser)
    actual_rc = host.run(check_sudo).rc
    assert exit_status_success == actual_rc
    check_sudo = test_cmd.format("r", "/etc/cron.d/", piholeuser)
    actual_rc = host.run(check_sudo).rc
    assert exit_status_success == actual_rc
    check_sudo = test_cmd.format("r", "/etc/cron.d/pihole", piholeuser)
    actual_rc = host.run(check_sudo).rc
    assert exit_status_success == actual_rc
    directories = get_directories_recursive(host, "/etc/.pihole/")
    for directory in directories:
        check_pihole = test_cmd.format("r", directory, piholeuser)
        actual_rc = host.run(check_pihole).rc
        check_pihole = test_cmd.format("x", directory, piholeuser)
        actual_rc = host.run(check_pihole).rc
        findfiles = 'find "{}" -maxdepth 1 -type f  -exec echo {{}} \\;;'
        filelist = host.run(findfiles.format(directory))
        files = list(filter(bool, filelist.stdout.splitlines()))
        for file in files:
            check_pihole = test_cmd.format("r", file, piholeuser)
            actual_rc = host.run(check_pihole).rc
 def test_update_package_cache_success_no_errors(host):
    """
    confirms package cache was updated without any errors
    """
    updateCache = host.run(
        """
    source /opt/pihole/basic-install.sh
    package_manager_detect
    update_package_cache
    """
    )
    expected_stdout = tick_box + " Update local cache of available packages"
    assert expected_stdout in updateCache.stdout
    assert "error" not in updateCache.stdout.lower()
 def test_update_package_cache_failure_no_errors(host):
    """
    confirms package cache was not updated
    """
    mock_command("apt-get", {"update": ("", "1")}, host)
    updateCache = host.run(
        """
    source /opt/pihole/basic-install.sh
    package_manager_detect
    update_package_cache
    """
    )
    expected_stdout = cross_box + " Update local cache of available packages"
    assert expected_stdout in updateCache.stdout
    assert "Error: Unable to update package cache." in updateCache.stdout
@pytest.mark.parametrize(
    "arch,detected_string,supported",
    [
        ("aarch64", "AArch64 (64 Bit ARM)", True),
        ("armv6", "ARMv6", True),
        ("armv7l", "ARMv7 (or newer)", True),
        ("armv7", "ARMv7 (or newer)", True),
        ("armv8a", "ARMv7 (or newer)", True),
        ("x86_64", "x86_64", True),
        ("riscv64", "riscv64", True),
        ("mips", "mips", False),
    ],
 )
 def test_FTL_detect_no_errors(host, arch, detected_string, supported):
    """
    confirms only correct package is downloaded for FTL engine
    """
    # mock uname to return passed platform
    mock_command("uname", {"-m": (arch, "0")}, host)
    # mock readelf to respond with passed CPU architecture
    mock_command_2(
        "readelf",
        {
            "-A /bin/sh": ("Tag_CPU_arch: " + arch, "0"),
            "-A /usr/bin/sh": ("Tag_CPU_arch: " + arch, "0"),
        },
        host,
    )
    host.run('echo "' + FTL_BRANCH + '" > /etc/pihole/ftlbranch')
    detectPlatform = host.run(
        """
    source /opt/pihole/basic-install.sh
    create_pihole_user
    funcOutput=$(get_binary_name)
    binary="pihole-FTL${funcOutput##*pihole-FTL}"
    theRest="${funcOutput%pihole-FTL*}"
    FTLdetect "${binary}" "${theRest}"
    """
    )
    if supported:
        expected_stdout = info_box + " FTL Checks..."
        assert expected_stdout in detectPlatform.stdout
        expected_stdout = tick_box + " Detected " + detected_string + " architecture"
        assert expected_stdout in detectPlatform.stdout
        expected_stdout = tick_box + " Downloading and Installing FTL"
        assert expected_stdout in detectPlatform.stdout
    else:
        expected_stdout = (
            "Not able to detect architecture (unknown: " + detected_string + ")"
        )
        assert expected_stdout in detectPlatform.stdout
 def test_FTL_development_binary_installed_and_responsive_no_errors(host):
    """
    confirms FTL development binary is copied and functional in installed location
    """
    host.run('echo "' + FTL_BRANCH + '" > /etc/pihole/ftlbranch')
    host.run(
        """
    source /opt/pihole/basic-install.sh
    create_pihole_user
    funcOutput=$(get_binary_name)
    binary="pihole-FTL${funcOutput##*pihole-FTL}"
    theRest="${funcOutput%pihole-FTL*}"
    FTLdetect "${binary}" "${theRest}"
    """
    )
    version_check = host.run(
        """
    VERSION=$(pihole-FTL version)
    echo ${VERSION:0:1}
    """
    )
    expected_stdout = "v"
    assert expected_stdout in version_check.stdout
 def test_IPv6_only_link_local(host):
    """
    confirms IPv6 blocking is disabled for Link-local address
    """
    # mock ip -6 address to return Link-local address
    mock_command_2(
        "ip",
        {"-6 address": ("inet6 fe80::d210:52fa:fe00:7ad7/64 scope link", "0")},
        host,
    )
    detectPlatform = host.run(
        """
    source /opt/pihole/basic-install.sh
    find_IPv6_information
    """
    )
    expected_stdout = "Unable to find IPv6 ULA/GUA address"
    assert expected_stdout in detectPlatform.stdout
 def test_IPv6_only_ULA(host):
    """
    confirms IPv6 blocking is enabled for ULA addresses
    """
    # mock ip -6 address to return ULA address
    mock_command_2(
        "ip",
        {
            "-6 address": (
                "inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global",
                "0",
            )
        },
        host,
    )
    detectPlatform = host.run(
        """
    source /opt/pihole/basic-install.sh
    find_IPv6_information
    """
    )
    expected_stdout = "Found IPv6 ULA address"
    assert expected_stdout in detectPlatform.stdout
 def test_IPv6_only_GUA(host):
    """
    confirms IPv6 blocking is enabled for GUA addresses
    """
    # mock ip -6 address to return GUA address
    mock_command_2(
        "ip",
        {
            "-6 address": (
                "inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global",
                "0",
            )
        },
        host,
    )
    detectPlatform = host.run(
        """
    source /opt/pihole/basic-install.sh
    find_IPv6_information
    """
    )
    expected_stdout = "Found IPv6 GUA address"
    assert expected_stdout in detectPlatform.stdout
 def test_IPv6_GUA_ULA_test(host):
    """
    confirms IPv6 blocking is enabled for GUA and ULA addresses
    """
    # mock ip -6 address to return GUA and ULA addresses
    mock_command_2(
        "ip",
        {
            "-6 address": (
                "inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global\n"
                "inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global",
                "0",
            )
        },
        host,
    )
    detectPlatform = host.run(
        """
    source /opt/pihole/basic-install.sh
    find_IPv6_information
    """
    )
    expected_stdout = "Found IPv6 ULA address"
    assert expected_stdout in detectPlatform.stdout
 def test_IPv6_ULA_GUA_test(host):
    """
    confirms IPv6 blocking is enabled for GUA and ULA addresses
    """
    # mock ip -6 address to return ULA and GUA addresses
    mock_command_2(
        "ip",
        {
            "-6 address": (
                "inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global\n"
                "inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global",
                "0",
            )
        },
        host,
    )
    detectPlatform = host.run(
        """
    source /opt/pihole/basic-install.sh
    find_IPv6_information
    """
    )
    expected_stdout = "Found IPv6 ULA address"
    assert expected_stdout in detectPlatform.stdout
 def test_validate_ip(host):
    """
    Tests valid_ip for various IP addresses
    """
    def test_address(addr, success=True):
        output = host.run(
            """
        source /opt/pihole/basic-install.sh
        valid_ip "{addr}"
        """.format(
                addr=addr
            )
        )
        assert output.rc == 0 if success else 1
    test_address("192.168.1.1")
    test_address("127.0.0.1")
    test_address("255.255.255.255")
    test_address("255.255.255.256", False)
    test_address("255.255.256.255", False)
    test_address("255.256.255.255", False)
    test_address("256.255.255.255", False)
    test_address("1092.168.1.1", False)
    test_address("not an IP", False)
    test_address("8.8.8.8#", False)
    test_address("8.8.8.8#0")
    test_address("8.8.8.8#1")
    test_address("8.8.8.8#42")
    test_address("8.8.8.8#888")
    test_address("8.8.8.8#1337")
    test_address("8.8.8.8#65535")
    test_address("8.8.8.8#65536", False)
    test_address("8.8.8.8#-1", False)
    test_address("00.0.0.0", False)
    test_address("010.0.0.0", False)
    test_address("001.0.0.0", False)
    test_address("0.0.0.0#00", False)
    test_address("0.0.0.0#01", False)
    test_address("0.0.0.0#001", False)
    test_address("0.0.0.0#0001", False)
    test_address("0.0.0.0#00001", False)
 def test_os_check_fails(host):
    """Confirms install fails on unsupported OS"""
    host.run(
        """
    source /opt/pihole/basic-install.sh
    package_manager_detect
    build_dependency_package
    install_dependent_packages
    cat <<EOT > /etc/os-release
 ID=UnsupportedOS
 VERSION_ID="2"
 EOT
    """
    )
    detectOS = host.run(
        """t
    source /opt/pihole/basic-install.sh
    os_check
    """
    )
    expected_stdout = "Unsupported OS detected: UnsupportedOS"
    assert expected_stdout in detectOS.stdout
 def test_os_check_passes(host):
    """Confirms OS meets the requirements"""
    host.run(
        """
    source /opt/pihole/basic-install.sh
    package_manager_detect
    build_dependency_package
    install_dependent_packages
    """
    )
    detectOS = host.run(
        """
    source /opt/pihole/basic-install.sh
    os_check
    """
    )
    expected_stdout = "Supported OS detected"
    assert expected_stdout in detectOS.stdout
 def test_package_manager_has_pihole_deps(host):
    """Confirms OS is able to install the required packages for Pi-hole"""
    mock_command("dialog", {"*": ("", "0")}, host)
    output = host.run(
        """
    source /opt/pihole/basic-install.sh
    package_manager_detect
    build_dependency_package
    install_dependent_packages
    """
    )
    assert "No package" not in output.stdout
    assert output.rc == 0
 def test_meta_package_uninstall(host):
    """Confirms OS is able to install and uninstall the Pi-hole meta package"""
    mock_command("dialog", {"*": ("", "0")}, host)
    install = host.run(
        """
    source /opt/pihole/basic-install.sh
    package_manager_detect
    build_dependency_package
    install_dependent_packages
    """
    )
    assert install.rc == 0
    uninstall = host.run(
        """
    source /opt/pihole/uninstall.sh
    removeMetaPackage
    """
    )
    assert uninstall.rc == 0
--- a/test/test_any_utils.py
+++ b/test/test_any_utils.py
@@ -0,0 +1,59 @@
 def test_key_val_replacement_works(host):
    """Confirms addOrEditKeyValPair either adds or replaces a key value pair in a given file"""
    host.run(
        """
    source /opt/pihole/utils.sh
    addOrEditKeyValPair "./testoutput" "KEY_ONE" "value1"
    addOrEditKeyValPair "./testoutput" "KEY_TWO" "value2"
    addOrEditKeyValPair "./testoutput" "KEY_ONE" "value3"
    addOrEditKeyValPair "./testoutput" "KEY_FOUR" "value4"
    """
    )
    output = host.run(
        """
    cat ./testoutput
    """
    )
    expected_stdout = "KEY_ONE=value3\nKEY_TWO=value2\nKEY_FOUR=value4\n"
    assert expected_stdout == output.stdout
 def test_getFTLPID_default(host):
    """Confirms getFTLPID returns the default value if FTL is not running"""
    output = host.run(
        """
    source /opt/pihole/utils.sh
    getFTLPID
    """
    )
    expected_stdout = "-1\n"
    assert expected_stdout == output.stdout
 def test_setFTLConfigValue_getFTLConfigValue(host):
    """
    Confirms getFTLConfigValue works (also assumes setFTLConfigValue works)
    Requires FTL to be installed, so we do that first
    (taken from test_FTL_development_binary_installed_and_responsive_no_errors)
    """
    host.run(
        """
    source /opt/pihole/basic-install.sh
    create_pihole_user
    funcOutput=$(get_binary_name)
    echo "development" > /etc/pihole/ftlbranch
    binary="pihole-FTL${funcOutput##*pihole-FTL}"
    theRest="${funcOutput%pihole-FTL*}"
    FTLdetect "${binary}" "${theRest}"
    """
    )
    output = host.run(
        """
    source /opt/pihole/utils.sh
    setFTLConfigValue "dns.upstreams" '["9.9.9.9"]' > /dev/null
    getFTLConfigValue "dns.upstreams"
    """
    )
    assert "[ 9.9.9.9 ]" in output.stdout
--- a/test/test_automated_install.py
+++ b/test/test_automated_install.py
@@ -1,639 +0,0 @@
 from textwrap import dedent
 import re
 from .conftest import (
    SETUPVARS,
    tick_box,
    info_box,
    cross_box,
    mock_command,
    mock_command_2,
    run_script
 )
 def test_supported_package_manager(Pihole):
    '''
    confirm installer exits when no supported package manager found
    '''
    # break supported package managers
    Pihole.run('rm -rf /usr/bin/apt-get')
    Pihole.run('rm -rf /usr/bin/rpm')
    package_manager_detect = Pihole.run('''
    source /opt/pihole/basic-install.sh
    package_manager_detect
    ''')
    expected_stdout = cross_box + ' No supported package manager found'
    assert expected_stdout in package_manager_detect.stdout
    # assert package_manager_detect.rc == 1
 def test_setupVars_are_sourced_to_global_scope(Pihole):
    '''
    currently update_dialogs sources setupVars with a dot,
    then various other functions use the variables.
    This confirms the sourced variables are in scope between functions
    '''
    setup_var_file = 'cat <<EOF> /etc/pihole/setupVars.conf\n'
    for k, v in SETUPVARS.items():
        setup_var_file += "{}={}\n".format(k, v)
    setup_var_file += "EOF\n"
    Pihole.run(setup_var_file)
    script = dedent('''\
    set -e
    printSetupVars() {
        # Currently debug test function only
        echo "Outputting sourced variables"
        echo "PIHOLE_INTERFACE=${PIHOLE_INTERFACE}"
        echo "PIHOLE_DNS_1=${PIHOLE_DNS_1}"
        echo "PIHOLE_DNS_2=${PIHOLE_DNS_2}"
    }
    update_dialogs() {
        . /etc/pihole/setupVars.conf
    }
    update_dialogs
    printSetupVars
    ''')
    output = run_script(Pihole, script).stdout
    for k, v in SETUPVARS.items():
        assert "{}={}".format(k, v) in output
 def test_setupVars_saved_to_file(Pihole):
    '''
    confirm saved settings are written to a file for future updates to re-use
    '''
    # dedent works better with this and padding matching script below
    set_setup_vars = '\n'
    for k, v in SETUPVARS.items():
        set_setup_vars += "    {}={}\n".format(k, v)
    Pihole.run(set_setup_vars).stdout
    script = dedent('''\
    set -e
    echo start
    TERM=xterm
    source /opt/pihole/basic-install.sh
    {}
    mkdir -p /etc/dnsmasq.d
    version_check_dnsmasq
    echo "" > /etc/pihole/pihole-FTL.conf
    finalExports
    cat /etc/pihole/setupVars.conf
    '''.format(set_setup_vars))
    output = run_script(Pihole, script).stdout
    for k, v in SETUPVARS.items():
        assert "{}={}".format(k, v) in output
 def test_selinux_not_detected(Pihole):
    '''
    confirms installer continues when SELinux configuration file does not exist
    '''
    check_selinux = Pihole.run('''
    rm -f /etc/selinux/config
    source /opt/pihole/basic-install.sh
    checkSelinux
    ''')
    expected_stdout = info_box + ' SELinux not detected'
    assert expected_stdout in check_selinux.stdout
    assert check_selinux.rc == 0
 def test_installPiholeWeb_fresh_install_no_errors(Pihole):
    '''
    confirms all web page assets from Core repo are installed on a fresh build
    '''
    installWeb = Pihole.run('''
    source /opt/pihole/basic-install.sh
    installPiholeWeb
    ''')
    expected_stdout = info_box + ' Installing blocking page...'
    assert expected_stdout in installWeb.stdout
    expected_stdout = tick_box + (' Creating directory for blocking page, '
                                  'and copying files')
    assert expected_stdout in installWeb.stdout
    expected_stdout = info_box + ' Backing up index.lighttpd.html'
    assert expected_stdout in installWeb.stdout
    expected_stdout = ('No default index.lighttpd.html file found... '
                       'not backing up')
    assert expected_stdout in installWeb.stdout
    expected_stdout = tick_box + ' Installing sudoer file'
    assert expected_stdout in installWeb.stdout
    web_directory = Pihole.run('ls -r /var/www/html/pihole').stdout
    assert 'index.php' in web_directory
    assert 'blockingpage.css' in web_directory
 def test_update_package_cache_success_no_errors(Pihole):
    '''
    confirms package cache was updated without any errors
    '''
    updateCache = Pihole.run('''
    source /opt/pihole/basic-install.sh
    package_manager_detect
    update_package_cache
    ''')
    expected_stdout = tick_box + ' Update local cache of available packages'
    assert expected_stdout in updateCache.stdout
    assert 'error' not in updateCache.stdout.lower()
 def test_update_package_cache_failure_no_errors(Pihole):
    '''
    confirms package cache was not updated
    '''
    mock_command('apt-get', {'update': ('', '1')}, Pihole)
    updateCache = Pihole.run('''
    source /opt/pihole/basic-install.sh
    package_manager_detect
    update_package_cache
    ''')
    expected_stdout = cross_box + ' Update local cache of available packages'
    assert expected_stdout in updateCache.stdout
    assert 'Error: Unable to update package cache.' in updateCache.stdout
 def test_FTL_detect_aarch64_no_errors(Pihole):
    '''
    confirms only aarch64 package is downloaded for FTL engine
    '''
    # mock uname to return aarch64 platform
    mock_command('uname', {'-m': ('aarch64', '0')}, Pihole)
    # mock ldd to respond with aarch64 shared library
    mock_command(
        'ldd',
        {
            '/bin/ls': (
                '/lib/ld-linux-aarch64.so.1',
                '0'
            )
        },
        Pihole
    )
    detectPlatform = Pihole.run('''
    source /opt/pihole/basic-install.sh
    create_pihole_user
    funcOutput=$(get_binary_name)
    binary="pihole-FTL${funcOutput##*pihole-FTL}"
    theRest="${funcOutput%pihole-FTL*}"
    FTLdetect "${binary}" "${theRest}"
    ''')
    expected_stdout = info_box + ' FTL Checks...'
    assert expected_stdout in detectPlatform.stdout
    expected_stdout = tick_box + ' Detected AArch64 (64 Bit ARM) processor'
    assert expected_stdout in detectPlatform.stdout
    expected_stdout = tick_box + ' Downloading and Installing FTL'
    assert expected_stdout in detectPlatform.stdout
 def test_FTL_detect_armv4t_no_errors(Pihole):
    '''
    confirms only armv4t package is downloaded for FTL engine
    '''
    # mock uname to return armv4t platform
    mock_command('uname', {'-m': ('armv4t', '0')}, Pihole)
    # mock ldd to respond with ld-linux shared library
    mock_command('ldd', {'/bin/ls': ('/lib/ld-linux.so.3', '0')}, Pihole)
    detectPlatform = Pihole.run('''
    source /opt/pihole/basic-install.sh
    create_pihole_user
    funcOutput=$(get_binary_name)
    binary="pihole-FTL${funcOutput##*pihole-FTL}"
    theRest="${funcOutput%pihole-FTL*}"
    FTLdetect "${binary}" "${theRest}"
    ''')
    expected_stdout = info_box + ' FTL Checks...'
    assert expected_stdout in detectPlatform.stdout
    expected_stdout = tick_box + (' Detected ARMv4 processor')
    assert expected_stdout in detectPlatform.stdout
    expected_stdout = tick_box + ' Downloading and Installing FTL'
    assert expected_stdout in detectPlatform.stdout
 def test_FTL_detect_armv5te_no_errors(Pihole):
    '''
    confirms only armv5te package is downloaded for FTL engine
    '''
    # mock uname to return armv5te platform
    mock_command('uname', {'-m': ('armv5te', '0')}, Pihole)
    # mock ldd to respond with ld-linux shared library
    mock_command('ldd', {'/bin/ls': ('/lib/ld-linux.so.3', '0')}, Pihole)
    detectPlatform = Pihole.run('''
    source /opt/pihole/basic-install.sh
    create_pihole_user
    funcOutput=$(get_binary_name)
    binary="pihole-FTL${funcOutput##*pihole-FTL}"
    theRest="${funcOutput%pihole-FTL*}"
    FTLdetect "${binary}" "${theRest}"
    ''')
    expected_stdout = info_box + ' FTL Checks...'
    assert expected_stdout in detectPlatform.stdout
    expected_stdout = tick_box + (' Detected ARMv5 (or newer) processor')
    assert expected_stdout in detectPlatform.stdout
    expected_stdout = tick_box + ' Downloading and Installing FTL'
    assert expected_stdout in detectPlatform.stdout
 def test_FTL_detect_armv6l_no_errors(Pihole):
    '''
    confirms only armv6l package is downloaded for FTL engine
    '''
    # mock uname to return armv6l platform
    mock_command('uname', {'-m': ('armv6l', '0')}, Pihole)
    # mock ldd to respond with ld-linux-armhf shared library
    mock_command('ldd', {'/bin/ls': ('/lib/ld-linux-armhf.so.3', '0')}, Pihole)
    detectPlatform = Pihole.run('''
    source /opt/pihole/basic-install.sh
    create_pihole_user
    funcOutput=$(get_binary_name)
    binary="pihole-FTL${funcOutput##*pihole-FTL}"
    theRest="${funcOutput%pihole-FTL*}"
    FTLdetect "${binary}" "${theRest}"
    ''')
    expected_stdout = info_box + ' FTL Checks...'
    assert expected_stdout in detectPlatform.stdout
    expected_stdout = tick_box + (' Detected ARMv6 processor '
                                  '(with hard-float support)')
    assert expected_stdout in detectPlatform.stdout
    expected_stdout = tick_box + ' Downloading and Installing FTL'
    assert expected_stdout in detectPlatform.stdout
 def test_FTL_detect_armv7l_no_errors(Pihole):
    '''
    confirms only armv7l package is downloaded for FTL engine
    '''
    # mock uname to return armv7l platform
    mock_command('uname', {'-m': ('armv7l', '0')}, Pihole)
    # mock ldd to respond with ld-linux-armhf shared library
    mock_command('ldd', {'/bin/ls': ('/lib/ld-linux-armhf.so.3', '0')}, Pihole)
    detectPlatform = Pihole.run('''
    source /opt/pihole/basic-install.sh
    create_pihole_user
    funcOutput=$(get_binary_name)
    binary="pihole-FTL${funcOutput##*pihole-FTL}"
    theRest="${funcOutput%pihole-FTL*}"
    FTLdetect "${binary}" "${theRest}"
    ''')
    expected_stdout = info_box + ' FTL Checks...'
    assert expected_stdout in detectPlatform.stdout
    expected_stdout = tick_box + (' Detected ARMv7 processor '
                                  '(with hard-float support)')
    assert expected_stdout in detectPlatform.stdout
    expected_stdout = tick_box + ' Downloading and Installing FTL'
    assert expected_stdout in detectPlatform.stdout
 def test_FTL_detect_armv8a_no_errors(Pihole):
    '''
    confirms only armv8a package is downloaded for FTL engine
    '''
    # mock uname to return armv8a platform
    mock_command('uname', {'-m': ('armv8a', '0')}, Pihole)
    # mock ldd to respond with ld-linux-armhf shared library
    mock_command('ldd', {'/bin/ls': ('/lib/ld-linux-armhf.so.3', '0')}, Pihole)
    detectPlatform = Pihole.run('''
    source /opt/pihole/basic-install.sh
    create_pihole_user
    funcOutput=$(get_binary_name)
    binary="pihole-FTL${funcOutput##*pihole-FTL}"
    theRest="${funcOutput%pihole-FTL*}"
    FTLdetect "${binary}" "${theRest}"
    ''')
    expected_stdout = info_box + ' FTL Checks...'
    assert expected_stdout in detectPlatform.stdout
    expected_stdout = tick_box + ' Detected ARMv8 (or newer) processor'
    assert expected_stdout in detectPlatform.stdout
    expected_stdout = tick_box + ' Downloading and Installing FTL'
    assert expected_stdout in detectPlatform.stdout
 def test_FTL_detect_x86_64_no_errors(Pihole):
    '''
    confirms only x86_64 package is downloaded for FTL engine
    '''
    detectPlatform = Pihole.run('''
    source /opt/pihole/basic-install.sh
    create_pihole_user
    funcOutput=$(get_binary_name)
    binary="pihole-FTL${funcOutput##*pihole-FTL}"
    theRest="${funcOutput%pihole-FTL*}"
    FTLdetect "${binary}" "${theRest}"
    ''')
    expected_stdout = info_box + ' FTL Checks...'
    assert expected_stdout in detectPlatform.stdout
    expected_stdout = tick_box + ' Detected x86_64 processor'
    assert expected_stdout in detectPlatform.stdout
    expected_stdout = tick_box + ' Downloading and Installing FTL'
    assert expected_stdout in detectPlatform.stdout
 def test_FTL_detect_unknown_no_errors(Pihole):
    ''' confirms only generic package is downloaded for FTL engine '''
    # mock uname to return generic platform
    mock_command('uname', {'-m': ('mips', '0')}, Pihole)
    detectPlatform = Pihole.run('''
    source /opt/pihole/basic-install.sh
    create_pihole_user
    funcOutput=$(get_binary_name)
    binary="pihole-FTL${funcOutput##*pihole-FTL}"
    theRest="${funcOutput%pihole-FTL*}"
    FTLdetect "${binary}" "${theRest}"
    ''')
    expected_stdout = 'Not able to detect processor (unknown: mips)'
    assert expected_stdout in detectPlatform.stdout
 def test_FTL_download_aarch64_no_errors(Pihole):
    '''
    confirms only aarch64 package is downloaded for FTL engine
    '''
    # mock whiptail answers and ensure installer dependencies
    mock_command('whiptail', {'*': ('', '0')}, Pihole)
    Pihole.run('''
    source /opt/pihole/basic-install.sh
    package_manager_detect
    install_dependent_packages ${INSTALLER_DEPS[@]}
    ''')
    download_binary = Pihole.run('''
    source /opt/pihole/basic-install.sh
    create_pihole_user
    FTLinstall "pihole-FTL-aarch64-linux-gnu"
    ''')
    expected_stdout = tick_box + ' Downloading and Installing FTL'
    assert expected_stdout in download_binary.stdout
    assert 'error' not in download_binary.stdout.lower()
 def test_FTL_binary_installed_and_responsive_no_errors(Pihole):
    '''
    confirms FTL binary is copied and functional in installed location
    '''
    installed_binary = Pihole.run('''
    source /opt/pihole/basic-install.sh
    create_pihole_user
    funcOutput=$(get_binary_name)
    binary="pihole-FTL${funcOutput##*pihole-FTL}"
    theRest="${funcOutput%pihole-FTL*}"
    FTLdetect "${binary}" "${theRest}"
    pihole-FTL version
    ''')
    expected_stdout = 'v'
    assert expected_stdout in installed_binary.stdout
 # def test_FTL_support_files_installed(Pihole):
 #     '''
 #     confirms FTL support files are installed
 #     '''
 #     support_files = Pihole.run('''
 #     source /opt/pihole/basic-install.sh
 #     FTLdetect
 #     stat -c '%a %n' /var/log/pihole-FTL.log
 #     stat -c '%a %n' /run/pihole-FTL.port
 #     stat -c '%a %n' /run/pihole-FTL.pid
 #     ls -lac /run
 #     ''')
 #     assert '644 /run/pihole-FTL.port' in support_files.stdout
 #     assert '644 /run/pihole-FTL.pid' in support_files.stdout
 #     assert '644 /var/log/pihole-FTL.log' in support_files.stdout
 def test_IPv6_only_link_local(Pihole):
    '''
    confirms IPv6 blocking is disabled for Link-local address
    '''
    # mock ip -6 address to return Link-local address
    mock_command_2(
        'ip',
        {
            '-6 address': (
                'inet6 fe80::d210:52fa:fe00:7ad7/64 scope link',
                '0'
            )
        },
        Pihole
    )
    detectPlatform = Pihole.run('''
    source /opt/pihole/basic-install.sh
    find_IPv6_information
    ''')
    expected_stdout = ('Unable to find IPv6 ULA/GUA address')
    assert expected_stdout in detectPlatform.stdout
 def test_IPv6_only_ULA(Pihole):
    '''
    confirms IPv6 blocking is enabled for ULA addresses
    '''
    # mock ip -6 address to return ULA address
    mock_command_2(
        'ip',
        {
            '-6 address': (
                'inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global',
                '0'
            )
        },
        Pihole
    )
    detectPlatform = Pihole.run('''
    source /opt/pihole/basic-install.sh
    find_IPv6_information
    ''')
    expected_stdout = 'Found IPv6 ULA address'
    assert expected_stdout in detectPlatform.stdout
 def test_IPv6_only_GUA(Pihole):
    '''
    confirms IPv6 blocking is enabled for GUA addresses
    '''
    # mock ip -6 address to return GUA address
    mock_command_2(
        'ip',
        {
            '-6 address': (
                'inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global',
                '0'
            )
        },
        Pihole
    )
    detectPlatform = Pihole.run('''
    source /opt/pihole/basic-install.sh
    find_IPv6_information
    ''')
    expected_stdout = 'Found IPv6 GUA address'
    assert expected_stdout in detectPlatform.stdout
 def test_IPv6_GUA_ULA_test(Pihole):
    '''
    confirms IPv6 blocking is enabled for GUA and ULA addresses
    '''
    # mock ip -6 address to return GUA and ULA addresses
    mock_command_2(
        'ip',
        {
            '-6 address': (
                'inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global\n'
                'inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global',
                '0'
            )
        },
        Pihole
    )
    detectPlatform = Pihole.run('''
    source /opt/pihole/basic-install.sh
    find_IPv6_information
    ''')
    expected_stdout = 'Found IPv6 ULA address'
    assert expected_stdout in detectPlatform.stdout
 def test_IPv6_ULA_GUA_test(Pihole):
    '''
    confirms IPv6 blocking is enabled for GUA and ULA addresses
    '''
    # mock ip -6 address to return ULA and GUA addresses
    mock_command_2(
        'ip',
        {
            '-6 address': (
                'inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global\n'
                'inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global',
                '0'
            )
        },
        Pihole
    )
    detectPlatform = Pihole.run('''
    source /opt/pihole/basic-install.sh
    find_IPv6_information
    ''')
    expected_stdout = 'Found IPv6 ULA address'
    assert expected_stdout in detectPlatform.stdout
 def test_validate_ip(Pihole):
    '''
    Tests valid_ip for various IP addresses
    '''
    def test_address(addr, success=True):
        output = Pihole.run('''
        source /opt/pihole/basic-install.sh
        valid_ip "{addr}"
        '''.format(addr=addr))
        assert output.rc == 0 if success else 1
    test_address('192.168.1.1')
    test_address('127.0.0.1')
    test_address('255.255.255.255')
    test_address('255.255.255.256', False)
    test_address('255.255.256.255', False)
    test_address('255.256.255.255', False)
    test_address('256.255.255.255', False)
    test_address('1092.168.1.1', False)
    test_address('not an IP', False)
    test_address('8.8.8.8#', False)
    test_address('8.8.8.8#0')
    test_address('8.8.8.8#1')
    test_address('8.8.8.8#42')
    test_address('8.8.8.8#888')
    test_address('8.8.8.8#1337')
    test_address('8.8.8.8#65535')
    test_address('8.8.8.8#65536', False)
    test_address('8.8.8.8#-1', False)
    test_address('00.0.0.0', False)
    test_address('010.0.0.0', False)
    test_address('001.0.0.0', False)
    test_address('0.0.0.0#00', False)
    test_address('0.0.0.0#01', False)
    test_address('0.0.0.0#001', False)
    test_address('0.0.0.0#0001', False)
    test_address('0.0.0.0#00001', False)
 def test_os_check_fails(Pihole):
    ''' Confirms install fails on unsupported OS '''
    Pihole.run('''
    source /opt/pihole/basic-install.sh
    package_manager_detect
    install_dependent_packages ${OS_CHECK_DEPS[@]}
    install_dependent_packages ${INSTALLER_DEPS[@]}
    cat <<EOT > /etc/os-release
    ID=UnsupportedOS
    VERSION_ID="2"
    EOT
    ''')
    detectOS = Pihole.run('''t
    source /opt/pihole/basic-install.sh
    os_check
    ''')
    expected_stdout = 'Unsupported OS detected: UnsupportedOS'
    assert expected_stdout in detectOS.stdout
 def test_os_check_passes(Pihole):
    ''' Confirms OS meets the requirements '''
    Pihole.run('''
    source /opt/pihole/basic-install.sh
    package_manager_detect
    install_dependent_packages ${OS_CHECK_DEPS[@]}
    install_dependent_packages ${INSTALLER_DEPS[@]}
    ''')
    detectOS = Pihole.run('''
    source /opt/pihole/basic-install.sh
    os_check
    ''')
    expected_stdout = 'Supported OS detected'
    assert expected_stdout in detectOS.stdout
 def test_package_manager_has_installer_deps(Pihole):
    ''' Confirms OS is able to install the required packages for the installer'''
    mock_command('whiptail', {'*': ('', '0')}, Pihole)
    output = Pihole.run('''
    source /opt/pihole/basic-install.sh
    package_manager_detect
    install_dependent_packages ${INSTALLER_DEPS[@]}
    ''')
    assert 'No package' not in output.stdout  # centos7 still exits 0...
    assert output.rc == 0
 def test_package_manager_has_pihole_deps(Pihole):
    ''' Confirms OS is able to install the required packages for Pi-hole '''
    mock_command('whiptail', {'*': ('', '0')}, Pihole)
    output = Pihole.run('''
    source /opt/pihole/basic-install.sh
    package_manager_detect
    select_rpm_php
    install_dependent_packages ${PIHOLE_DEPS[@]}
    ''')
    assert 'No package' not in output.stdout  # centos7 still exits 0...
    assert output.rc == 0
 def test_package_manager_has_web_deps(Pihole):
    ''' Confirms OS is able to install the required packages for web '''
    mock_command('whiptail', {'*': ('', '0')}, Pihole)
    output = Pihole.run('''
    source /opt/pihole/basic-install.sh
    package_manager_detect
    select_rpm_php
    install_dependent_packages ${PIHOLE_WEB_DEPS[@]}
    ''')
    assert 'No package' not in output.stdout  # centos7 still exits 0...
    assert output.rc == 0
--- a/test/test_centos_7_support.py
+++ b/test/test_centos_7_support.py
@@ -1,63 +0,0 @@
 from .conftest import (
    tick_box,
    info_box,
    mock_command,
 )
 def test_php_upgrade_default_optout_centos_eq_7(Pihole):
    '''
    confirms the default behavior to opt-out of installing PHP7 from REMI
    '''
    package_manager_detect = Pihole.run('''
    source /opt/pihole/basic-install.sh
    package_manager_detect
    select_rpm_php
    ''')
    expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
                                  'Deprecated PHP may be in use.')
    assert expected_stdout in package_manager_detect.stdout
    remi_package = Pihole.package('remi-release')
    assert not remi_package.is_installed
 def test_php_upgrade_user_optout_centos_eq_7(Pihole):
    '''
    confirms installer behavior when user opt-out of installing PHP7 from REMI
    (php not currently installed)
    '''
    # Whiptail dialog returns Cancel for user prompt
    mock_command('whiptail', {'*': ('', '1')}, Pihole)
    package_manager_detect = Pihole.run('''
    source /opt/pihole/basic-install.sh
    package_manager_detect
    select_rpm_php
    ''')
    expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
                                  'Deprecated PHP may be in use.')
    assert expected_stdout in package_manager_detect.stdout
    remi_package = Pihole.package('remi-release')
    assert not remi_package.is_installed
 def test_php_upgrade_user_optin_centos_eq_7(Pihole):
    '''
    confirms installer behavior when user opt-in to installing PHP7 from REMI
    (php not currently installed)
    '''
    # Whiptail dialog returns Continue for user prompt
    mock_command('whiptail', {'*': ('', '0')}, Pihole)
    package_manager_detect = Pihole.run('''
    source /opt/pihole/basic-install.sh
    package_manager_detect
    select_rpm_php
    ''')
    assert 'opt-out' not in package_manager_detect.stdout
    expected_stdout = info_box + (' Enabling Remi\'s RPM repository '
                                  '(https://rpms.remirepo.net)')
    assert expected_stdout in package_manager_detect.stdout
    expected_stdout = tick_box + (' Remi\'s RPM repository has '
                                  'been enabled for PHP7')
    assert expected_stdout in package_manager_detect.stdout
    remi_package = Pihole.package('remi-release')
    assert remi_package.is_installed
--- a/test/test_centos_8_support.py
+++ b/test/test_centos_8_support.py
@@ -1,68 +0,0 @@
 from .conftest import (
    tick_box,
    info_box,
    mock_command,
 )
 def test_php_upgrade_default_continue_centos_gte_8(Pihole):
    '''
    confirms the latest version of CentOS continues / does not optout
    (should trigger on CentOS7 only)
    '''
    package_manager_detect = Pihole.run('''
    source /opt/pihole/basic-install.sh
    package_manager_detect
    select_rpm_php
    ''')
    unexpected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS.'
                                    ' Deprecated PHP may be in use.')
    assert unexpected_stdout not in package_manager_detect.stdout
    # ensure remi was not installed on latest CentOS
    remi_package = Pihole.package('remi-release')
    assert not remi_package.is_installed
 def test_php_upgrade_user_optout_skipped_centos_gte_8(Pihole):
    '''
    confirms installer skips user opt-out of installing PHP7 from REMI on
    latest CentOS (should trigger on CentOS7 only)
    (php not currently installed)
    '''
    # Whiptail dialog returns Cancel for user prompt
    mock_command('whiptail', {'*': ('', '1')}, Pihole)
    package_manager_detect = Pihole.run('''
    source /opt/pihole/basic-install.sh
    package_manager_detect
    select_rpm_php
    ''')
    unexpected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS.'
                                    ' Deprecated PHP may be in use.')
    assert unexpected_stdout not in package_manager_detect.stdout
    # ensure remi was not installed on latest CentOS
    remi_package = Pihole.package('remi-release')
    assert not remi_package.is_installed
 def test_php_upgrade_user_optin_skipped_centos_gte_8(Pihole):
    '''
    confirms installer skips user opt-in to installing PHP7 from REMI on
    latest CentOS (should trigger on CentOS7 only)
    (php not currently installed)
    '''
    # Whiptail dialog returns Continue for user prompt
    mock_command('whiptail', {'*': ('', '0')}, Pihole)
    package_manager_detect = Pihole.run('''
    source /opt/pihole/basic-install.sh
    package_manager_detect
    select_rpm_php
    ''')
    assert 'opt-out' not in package_manager_detect.stdout
    unexpected_stdout = info_box + (' Enabling Remi\'s RPM repository '
                                    '(https://rpms.remirepo.net)')
    assert unexpected_stdout not in package_manager_detect.stdout
    unexpected_stdout = tick_box + (' Remi\'s RPM repository has '
                                    'been enabled for PHP7')
    assert unexpected_stdout not in package_manager_detect.stdout
    remi_package = Pihole.package('remi-release')
    assert not remi_package.is_installed
--- a/test/test_centos_common_support.py
+++ b/test/test_centos_common_support.py
@@ -1,125 +0,0 @@
 import pytest
 from .conftest import (
    tick_box,
    info_box,
    cross_box,
    mock_command,
 )
 def test_release_supported_version_check_centos(Pihole):
    '''
    confirms installer exits on unsupported releases of CentOS
    '''
    # modify /etc/redhat-release to mock an unsupported CentOS release
    Pihole.run('echo "CentOS Linux release 6.9" > /etc/redhat-release')
    package_manager_detect = Pihole.run('''
    source /opt/pihole/basic-install.sh
    package_manager_detect
    select_rpm_php
    ''')
    expected_stdout = cross_box + (' CentOS 6 is not supported.')
    assert expected_stdout in package_manager_detect.stdout
    expected_stdout = 'Please update to CentOS release 7 or later'
    assert expected_stdout in package_manager_detect.stdout
 def test_enable_epel_repository_centos(Pihole):
    '''
    confirms the EPEL package repository is enabled when installed on CentOS
    '''
    package_manager_detect = Pihole.run('''
    source /opt/pihole/basic-install.sh
    package_manager_detect
    select_rpm_php
    ''')
    expected_stdout = info_box + (' Enabling EPEL package repository '
                                  '(https://fedoraproject.org/wiki/EPEL)')
    assert expected_stdout in package_manager_detect.stdout
    expected_stdout = tick_box + ' Installed epel-release'
    assert expected_stdout in package_manager_detect.stdout
    epel_package = Pihole.package('epel-release')
    assert epel_package.is_installed
 def test_php_version_lt_7_detected_upgrade_default_optout_centos(Pihole):
    '''
    confirms the default behavior to opt-out of upgrading to PHP7 from REMI
    '''
    # first we will install the default php version to test installer behavior
    php_install = Pihole.run('yum install -y php')
    assert php_install.rc == 0
    php_package = Pihole.package('php')
    default_centos_php_version = php_package.version.split('.')[0]
    if int(default_centos_php_version) >= 7:  # PHP7 is supported/recommended
        pytest.skip("Test deprecated . Detected default PHP version >= 7")
    package_manager_detect = Pihole.run('''
    source /opt/pihole/basic-install.sh
    package_manager_detect
    select_rpm_php
    ''')
    expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
                                  'Deprecated PHP may be in use.')
    assert expected_stdout in package_manager_detect.stdout
    remi_package = Pihole.package('remi-release')
    assert not remi_package.is_installed
 def test_php_version_lt_7_detected_upgrade_user_optout_centos(Pihole):
    '''
    confirms installer behavior when user opt-out to upgrade to PHP7 via REMI
    '''
    # first we will install the default php version to test installer behavior
    php_install = Pihole.run('yum install -y php')
    assert php_install.rc == 0
    php_package = Pihole.package('php')
    default_centos_php_version = php_package.version.split('.')[0]
    if int(default_centos_php_version) >= 7:  # PHP7 is supported/recommended
        pytest.skip("Test deprecated . Detected default PHP version >= 7")
    # Whiptail dialog returns Cancel for user prompt
    mock_command('whiptail', {'*': ('', '1')}, Pihole)
    package_manager_detect = Pihole.run('''
    source /opt/pihole/basic-install.sh
    package_manager_detect
    select_rpm_php
    ''')
    expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
                                  'Deprecated PHP may be in use.')
    assert expected_stdout in package_manager_detect.stdout
    remi_package = Pihole.package('remi-release')
    assert not remi_package.is_installed
 def test_php_version_lt_7_detected_upgrade_user_optin_centos(Pihole):
    '''
    confirms installer behavior when user opt-in to upgrade to PHP7 via REMI
    '''
    # first we will install the default php version to test installer behavior
    php_install = Pihole.run('yum install -y php')
    assert php_install.rc == 0
    php_package = Pihole.package('php')
    default_centos_php_version = php_package.version.split('.')[0]
    if int(default_centos_php_version) >= 7:  # PHP7 is supported/recommended
        pytest.skip("Test deprecated . Detected default PHP version >= 7")
    # Whiptail dialog returns Continue for user prompt
    mock_command('whiptail', {'*': ('', '0')}, Pihole)
    package_manager_detect = Pihole.run('''
    source /opt/pihole/basic-install.sh
    package_manager_detect
    select_rpm_php
    install_dependent_packages PIHOLE_WEB_DEPS[@]
    ''')
    expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
                                  'Deprecated PHP may be in use.')
    assert expected_stdout not in package_manager_detect.stdout
    expected_stdout = info_box + (' Enabling Remi\'s RPM repository '
                                  '(https://rpms.remirepo.net)')
    assert expected_stdout in package_manager_detect.stdout
    expected_stdout = tick_box + (' Remi\'s RPM repository has '
                                  'been enabled for PHP7')
    assert expected_stdout in package_manager_detect.stdout
    remi_package = Pihole.package('remi-release')
    assert remi_package.is_installed
    updated_php_package = Pihole.package('php')
    updated_php_version = updated_php_package.version.split('.')[0]
    assert int(updated_php_version) == 7
--- a/Show More
+++ b/Show More
`@@ -16,4 +16,4 @@ CREATE TRIGGER tr_group_zero AFTER DELETE ON "group"`

	`UPDATE info SET value = 12 WHERE property = 'version';`	`UPDATE info SET value = 12 WHERE property = 'version';`

	`COMMIT;`	`COMMIT;`
`@@ -15,4 +15,4 @@ CREATE TRIGGER tr_adlist_update AFTER UPDATE OF address,enabled,comment ON adlis`

	`UPDATE info SET value = 13 WHERE property = 'version';`	`UPDATE info SET value = 13 WHERE property = 'version';`

	`COMMIT;`	`COMMIT;`
`@@ -15,4 +15,3 @@ CREATE VIEW vw_adlist AS SELECT DISTINCT address, adlist.id AS id`
	`UPDATE info SET value = 6 WHERE property = 'version';`	`UPDATE info SET value = 6 WHERE property = 'version';`

	`COMMIT;`	`COMMIT;`
		`@@ -1 +0,0 @@`
			`dwc_otg.lpm_enable=0 console=ttyAMA0,115200 console=tty1 root=/dev/mmcblk0p2 rootfstype=ext4 elevator=deadline fsck.repair=yes rootwait fbcon=map:10 fbcon=font:VGA8x8 consoleblank=0`