technolog/nginxpm-pihole-adapter
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

finally got this working!!!!

Browse Source
This commit is contained in:
iRaven 2024-09-19 02:12:15 -05:00
parent 866c3d9339
commit 05aa90a1cb
2 changed files with 136 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
conf-template.json
View File

@ -1,7 +1,10 @@
{ {
"loglevel": "debug", "loglevel": "info",
"npmapi": "https://npm.corp.iraven.net", "npmdnshostname": "<put the DNS hostname of your Nginx Proxy Manager server here>",
"npmkey": "Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJhcGkiLCJzY29wZSI6WyJ1c2VyIl0sImF0dHJzIjp7ImlkIjoxfSwiZXhwaXJlc0luIjoiMWQiLCJqdGkiOiJaT0IrNmV6WkRVVHR0RW9SIiwiaWF0IjoxNzIyODMyMjU2LCJleHAiOjE3MjI5MTg2NTZ9.utpeUVqOWSq1N2qXTsjjMjmvIenTFkLvQTsYPSFMAwK7v2U8XJgDhuQaqaas0Tv1tVpAuVK8LpJC7WQUPE1TkOzQormp5tb7EqGvQy4jRQRZ5q6xkUuE_KW2ME5M4rboy1cjANNiWeRMhCpkWBg4JreFYd0-vWZIQf-3LnkXux-rcaWyRvDsWoB3xkNXvQLnuTIREAAH3CuGkFpbsJD8AjMN8ciYofWP8ZaE9zzbPDMFQ84mXRhpmmQVgorWC9JlGEzz_-AYUrq-bB5v03tHeqVfWvFtmVlfUpObUlDIDQr2MBGXHErIPa8d9amqqZLHSbo7D96QsFMrfavLn9TBRg", "npmemail": "<put your Nginx Proxy Manager email here>",
"piholeapi": "https://pihole.corp.iraven.net", "npmpassword": "<put your Nginx Proxy Manager password here>",
"piholekey": "balls" "removedead": "True/False",
"adddisabled": "True/False",
"piholeurl": "<Put your pi-hole url here>",
"piholepass": "<Put your pi-hole password here>"
} }

159
main.py
View File

@ -2,6 +2,7 @@ import os
import json import json
import logging import logging
import requests import requests
import re
from ipaddress import ip_address from ipaddress import ip_address
# Open the config file and make it accessible via "cfg" # Open the config file and make it accessible via "cfg"
@ -25,88 +26,170 @@ log.debug("Logger was initialized")
def checkIfIP(host): def checkIfIP(host):
try: try:
ip_address(host) ip_address(host)
logging.debug(str(host) + " is an IP address") log.debug(str(host) + " is an IP address")
return True return True
except: except:
logging.debug(host + " is not an IP address.") log.debug(host + " is not an IP address.")
return False return False
def getNPMHosts(apiurl,apikey,type): def loginToNPM(apiurl, user, pw): # To retrieve NPM's API session token
# Returns the token used for API requests.
session = requests.Session()
url = apiurl + "/api/tokens"
loginreq = session.post(url,data={"identity": user, "secret": pw})
if loginreq.status_code == 200: # Check if the API accepted our creds.
log.info("Logged into Nginx Proxy Manager")
response = loginreq.json()
return response['token']
elif loginreq.status_code == 401:
log.error("Your Nginx Proxy Manager credentials are incorrect. Please verify you put in the right ones!")
exit()
else:
log.error("Nginx Proxy Manager: " + response['error']['message'])
return None
def loginToPihole(apiurl, phpassword):
# For whatever reason, Pi-hole's web CSRF token is in a hidden <div> element returned by the login.php in the homepage right after you login.
# This took *WAY* too long to figure out. This should be in the header for ease-of-use.
session = requests.Session()
url = apiurl + "/login.php"
loginrq = session.post(url,data={"pw": phpassword})
phpsessid = (str(loginrq.cookies.get_dict()["PHPSESSID"]))
regex = r'(<div id="token" hidden>)(\S+)(<\/div>)'
token = re.findall(regex, loginrq.text, re.MULTILINE)[0][1]
log.debug("phpsessid: " + phpsessid + " Token: "+ token)
return {'phpsessid': phpsessid, "csrftoken": token}
def getNPMHosts(apiurl,type):
log.debug("Type is set to "+str(type)+".") log.debug("Type is set to "+str(type)+".")
# Add the port if it exists in the config
if cfg["npmadminport"] is not None:
log.debug("Added port "+ cfg["npmadminport"] + " to the URL")
apiurl = "http://"+ apiurl + ":" + cfg["npmadminport"]
if type == "proxy": if type == "proxy":
log.info("Retrieving proxy hosts from NPM API...") log.info("Retrieving proxy hosts from NPM API...")
url = apiurl + '/api/nginx/proxy-hosts' url = apiurl + '/api/nginx/proxy-hosts'
logging.debug("Set hosts API URL to " + url + ".") log.debug("Set hosts API URL to " + url + ".")
elif type == "redir": elif type == "redir":
log.info("Retrieving redirection hosts from NPM API...") log.info("Retrieving redirection hosts from NPM API...")
url = apiurl + '/api/nginx/redirection-hosts' url = apiurl + '/api/nginx/redirection-hosts'
logging.debug("Set hosts API URL to " + url + ".") log.debug("Set hosts API URL to " + url + ".")
elif type == "404" or type == "dead": elif type == "404" or type == "dead":
log.info("Retrieving 404 (dead) hosts from NPM API...") log.info("Retrieving 404 (dead) hosts from NPM API...")
url = apiurl + '/api/nginx/dead-hosts' url = apiurl + '/api/nginx/dead-hosts'
logging.debug("Set hosts API URL to " + url + ".") log.debug("Set hosts API URL to " + url + ".")
else: else:
log.error("No type of hosts to retrieve from NPM was specified.") log.error("No type of hosts to retrieve from NPM was specified.")
return None return None
hostlist = [] # Make the list. hostlist = [] # Make the list.
# url = apiurl + '/api/nginx/proxy-hosts' apikey = loginToNPM(apiurl,cfg["npmemail"],cfg["npmpassword"])
# logging.debug("Set hosts API URL to " + url + ".") apireq = requests.get(url, headers={'Authorization': "Bearer "+apikey})
apireq = requests.get(url, headers={'Authorization': apikey})
if apireq.headers['content-type'] == "application/json; charset=utf-8": # Check if the API shat us a JSON. if apireq.headers['content-type'] == "application/json; charset=utf-8": # Check if the API shat us a JSON.
logging.debug("Passed content-type = application/json check.") log.debug("Passed content-type = application/json check.")
logging.debug("HTTP Status Code: "+ str(apireq.status_code))
if apireq.status_code == 200: # Check if the API returned a 200 and accepted our token/key. if apireq.status_code == 200: # Check if the API returned a 200 and accepted our token/key.
logging.debug("API returned a 200, proceeding.") # We're good c: log.debug("API returned a 200, proceeding.") # We're good c:
fullresponse = apireq.json() fullresponse = apireq.json()
for i in range(len(fullresponse)): for i in range(len(fullresponse)):
logging.debug("Adding indice " + str(i) + " to list, containing "+ str(fullresponse[i]['domain_names'])) if cfg['addDisabled']:
log.debug("Adding indice " + str(i) + " to list, containing "+ str(fullresponse[i]['domain_names']))
hostlist = hostlist + fullresponse[i]['domain_names'] hostlist = hostlist + fullresponse[i]['domain_names']
logging.debug("List has been created.") else:
if fullresponse[i]['enabled'] == 1:
log.debug("Adding indice " + str(i) + " to list, containing "+ str(fullresponse[i]['domain_names']))
hostlist = hostlist + fullresponse[i]['domain_names']
else:
log.debug("Not adding indice " + str(i) + "to list.")
log.debug(type + " list has been created.")
for h in range(len(hostlist)): for h in range(len(hostlist)):
if checkIfIP(hostlist[h]): if checkIfIP(hostlist[h]):
logging.debug("Deleting IP address "+ hostlist[h] + " from the list of hosts.") log.info("Deleting IP address "+ hostlist[h] + " from the list of " + type + " hosts.")
hostlist.pop(h) hostlist.pop(h)
break # Temp fix!! break # Temp fix!!
log.info(type + " hosts have been retrieved. Count: " + str(len(hostlist)))
return hostlist return hostlist
elif apireq.status_code == 403: # If the API gave us a 403 Forbidden/Permission Denied elif apireq.status_code == 403: # If the API gave us a 403 Forbidden/Permission Denied
logging.debug("API returned a 403, halting!") log.debug("API returned a 403, halting!")
logging.error("The API retured a permission denied error!") log.error("The API retured a permission denied error!")
logging.error("Please make sure your Nginx Proxy Manager API key in conf.json is correct and accurate.") log.error("Please make sure your Nginx Proxy Manager API key in conf.json is correct and accurate.")
return None
elif apireq.status_code == 401: # If the API gave us a 401 Unauthorized
log.debug("API returned a 401, halting!")
log.error("The API retured an unauthorized error!")
log.error("Please make sure your Nginx Proxy Manager API key in conf.json is correct and accurate.")
return None return None
else: else:
logging.error("The API returned a " + str(apireq.status_code)+".") log.error("The API returned a " + str(apireq.status_code)+".")
logging.error("Please make sure your Nginx Proxy Manager API key or URL in conf.json is correct and accurate.") log.error("Please make sure your Nginx Proxy Manager API key or URL in conf.json is correct and accurate.")
return None return None
else: # If we don't get a JSON else: # If we don't get a JSON
logging.error("The API did not return a JSON, and instead a content type of "+str(apireq.headers['content-type'])+".") log.error("The API did not return a JSON, and instead a content type of "+str(apireq.headers['content-type'])+".")
logging.error("Please make sure your Nginx Proxy Manager API key or URL in conf.json is correct and accurate.") log.error("Please make sure your Nginx Proxy Manager API key or URL in conf.json is correct and accurate.")
return None return None
def addPiHoleHosts(apiurl, apikey,targetsvr, list): def addPiHoleHosts(apiurl, phpassword, targetsvr, list):
url = apiurl + "/scripts/pi-hole/php/customcname.php" url = apiurl + "/scripts/pi-hole/php/customcname.php"
piauth = loginToPihole(apiurl,phpassword)
for i in list: for i in list:
payload = "action=add&domain="+list[i]+"&target="+targetsvr+"&token="+apikey payload = {"action": "add", "domain": i, "target": targetsvr, "token": piauth["csrftoken"]}
apireq = requests.post(url,data=payload) apireq = requests.post(url,data=payload,cookies={"PHPSESSID": piauth["phpsessid"]})
if apireq.status_code == 200: # Check if the API returned a 200 and accepted our token/key.
log.debug("Adding host "+ i + " to Pi-hole's CNAME list.")
response = apireq.json()
log.debug(response)
try:
if response['success'] == False:
if "There is already" in response['message']:
log.info("There is already a CNAME record for " + i)
else:
log.debug("Pi-Hole API returned false!")
log.warning("The Pi-Hole API gave the following message:"+ response['message'])
elif response['success'] == True:
log.info("Added " + i + " to CNAME list.")
log.debug("PiHole API returned true. Message returned: "+ response['message'])
except:
log.error("Pi-hole returned this message and was not JSON: "+ response)
def removePiHoleHosts(apiurl, phpassword, targetsvr, list):
url = apiurl + "/scripts/pi-hole/php/customcname.php"
piauth = loginToPihole(apiurl,phpassword)
for i in list:
log.debug("Removing host "+ i + " from Pi-hole's CNAME list.")
payload = {"action": "add", "domain": i, "target": targetsvr, "token": piauth["csrftoken"]}
apireq = requests.post(url,data=payload,cookies={"PHPSESSID": piauth["phpsessid"]})
if apireq.status_code == 200: # Check if the API returned a 200 and accepted our token/key. if apireq.status_code == 200: # Check if the API returned a 200 and accepted our token/key.
response = apireq.json() response = apireq.json()
try:
if response['success'] == "false": if response['success'] == "false":
log.debug("Pi-Hole API returned false!") log.debug("Pi-Hole API returned false!")
log.warning("The Pi-Hole API gave the following message:"+ response['message']) log.warning("The Pi-Hole API gave the following message:"+ response['message'])
elif response['success'] == "true": elif response['success'] == "true":
logging.debug("PiHole API returned true. Message returned: "+ response['message']) log.debug("PiHole API returned true. Message returned: "+ response['message'])
else: except:
log.error("Pi-hole returned this message: "+ response)
log.debug("Script has started!") log.debug("Script has started!")
proxyhosts = getNPMHosts(cfg['npmapi'],cfg['npmkey'],"proxy") # Get Proxy Hosts log.info("Getting all NPM hosts.")
redirhosts = getNPMHosts(cfg['npmapi'],cfg['npmkey'],"redir") # Get Redir Hosts proxyhosts = getNPMHosts(cfg['npmdnshostname'],"proxy") # Get All Proxy Hosts
deadhosts = getNPMHosts(cfg['npmapi'],cfg['npmkey'],"dead") # Get 404 Hosts redirhosts = getNPMHosts(cfg['npmdnshostname'],"redir") # Get All Redir Hosts
log.debug("Adding all the hosts together") deadhosts = getNPMHosts(cfg['npmdnshostname'],"dead") # Get All 404 Hosts
allhosts = proxyhosts + redirhosts
if cfg['removedead'] == False: # if "removedead" in the config is true, add the dead hosts to the main list, but otherwise no. if ((proxyhosts == None) or (redirhosts == None) or (deadhosts == None)):
allhosts = allhosts + deadhosts log.error("One (or more) of the lists of hosts returned None. Check above for any errors while retriving hosts from NPM.")
exit()
else: else:
removePiHoleHosts(cfg["piholeapi"],cfg["piholekey"],deadhosts) log.info("NPM Hosts were retrieved!")
print(allhosts) log.debug("Adding all the hosts together")
import random if cfg['removeDead'] == False: # if "removeDead" in the config is true, add the dead hosts to the main list, but otherwise no.
print(allhosts[random.randint()]) allhosts = proxyhosts + redirhosts + deadhosts
else:
allhosts = proxyhosts + redirhosts
log.info("Adding all hosts in the list to specified Pi-Hole server at "+ cfg["piholeurl"] + "...")
addPiHoleHosts(cfg["piholeurl"],cfg["piholepass"],cfg["npmdnshostname"],allhosts)
log.info("Success!")
log.debug("Script ending")