fix insecure, expand readme

This commit is contained in:
Cyberes 2024-02-28 14:26:50 -07:00
parent a25e80e359
commit 2839416831
2 changed files with 7 additions and 6 deletions

View File

@ -26,8 +26,9 @@ able to resolve your custom domains.
```shell ```shell
sudo cp pihole-opnsense-sync.service /etc/systemd/system/pihole-opnsense-sync.service sudo cp pihole-opnsense-sync.service /etc/systemd/system/pihole-opnsense-sync.service
``` ```
The service runs as the `pihole:pihole` user. The service is configured to run as the `pihole:pihole` user.
5. Enable and start the service: 5. Edit the service file. You might need to modify `--opnsense` and add `--insecure`.
6. Enable and start the service:
```shell ```shell
sudo systemctl enable --now pihole-opnsense-sync sudo systemctl enable --now pihole-opnsense-sync
sleep 2 sleep 2

View File

@ -23,7 +23,7 @@ class WatchdogHandler(FileSystemEventHandler):
def file_modified(args): def file_modified(args):
response = requests.get(args.opnsense + "/api/unbound/settings/searchHostOverride", auth=(args.api_key, args.api_secret), verify=args.insecure) response = requests.get(args.opnsense + "/api/unbound/settings/searchHostOverride", auth=(args.api_key, args.api_secret), verify=not args.insecure)
if response.status_code == 200: if response.status_code == 200:
data = response.json() data = response.json()
@ -40,7 +40,7 @@ def file_modified(args):
for item_ip, item_domain in to_remove: for item_ip, item_domain in to_remove:
item_data = current_overrides_uuid[item_domain] item_data = current_overrides_uuid[item_domain]
p = requests.post(args.opnsense + f"/api/unbound/settings/delHostOverride/{item_data['uuid']}", auth=(args.api_key, args.api_secret), verify=args.insecure) p = requests.post(args.opnsense + f"/api/unbound/settings/delHostOverride/{item_data['uuid']}", auth=(args.api_key, args.api_secret), verify=not args.insecure)
if p.status_code != 200: if p.status_code != 200:
raise Exception(f'Failed to delete item {item_domain}: {p.status_code} - {p.text}') raise Exception(f'Failed to delete item {item_domain}: {p.status_code} - {p.text}')
else: else:
@ -62,13 +62,13 @@ def file_modified(args):
'description': f'Synced from Pi-hole {dt_string}' 'description': f'Synced from Pi-hole {dt_string}'
} }
} }
p = requests.post(args.opnsense + "/api/unbound/settings/addHostOverride", json=p_data, auth=(args.api_key, args.api_secret), verify=args.insecure) p = requests.post(args.opnsense + "/api/unbound/settings/addHostOverride", json=p_data, auth=(args.api_key, args.api_secret), verify=not args.insecure)
if p.status_code != 200: if p.status_code != 200:
raise Exception(f'Failed to add item {item_domain}: {p.status_code} - {p.text}') raise Exception(f'Failed to add item {item_domain}: {p.status_code} - {p.text}')
else: else:
logger.info(f'Added: {item_domain}') logger.info(f'Added: {item_domain}')
p_reload = requests.post(args.opnsense + "/api/unbound/service/reconfigure", auth=(args.api_key, args.api_secret), verify=args.insecure) p_reload = requests.post(args.opnsense + "/api/unbound/service/reconfigure", auth=(args.api_key, args.api_secret), verify=not args.insecure)
if p_reload.status_code != 200: if p_reload.status_code != 200:
raise Exception(f'Failed to reload service: {p_reload.status_code} - {p_reload.text}') raise Exception(f'Failed to reload service: {p_reload.status_code} - {p_reload.text}')
else: else: