#!/bin/bash -x# README:'Version 2.1-----------------------------Credi

1. #!/bin/bash -x
2. #  README
3. :'
4. Version 2.1
5. -----------------------------
6. Credit to redditor /u/jvinch76  https://www.reddit.com/user/jvinch76 for creating the basis for this modification.
7. -----------------------------
8. Original Source https://www.reddit.com/r/pihole/comments/9gw6hx/sync_two_piholes_bash_script/
9. Previous Pastebin https://pastebin.com/KFzg7Uhi
10. -----------------------------
11. Reddit link https://www.reddit.com/r/pihole/comments/9hi5ls/dual_pihole_sync_20/
12. -----------------------------
13. Improvements:  check for existence of files before rsync and skip if not present, allow for remote command to be run without password by adding ssh keys to remote host no no longer require hard coding password in this script, HAPASS removed
14. -----------------------------
15.  
16. I had been thinking of a script like his to keep my primary and secondary pihole in sync, but could not find the motivation to create it.
17. /u/jvinch76 did the heavy lifting and I made changes I hope you find useful.
18.  
19. I modified the code to increase the frequency of the sync to every 5 minutes and reduce the file writes by using rsync to compare the files and only transfer changes.
20. Furthermore, gravity will be updated and services restarted only if files are modified and a sync occurs.
21.  
22. I am unsure of the performance cost, but it is likely there is a trade-off with rsync being more cpu heavy, but this script reduces the disk write to minimal amounts if no sync is necessary.
23.  
24. Why run dual piholes?
25. If you are not, you really, really should be.  If the primary pihole is being updated, undergoing maintenance, running a backup, or simply failed you will not have a backup pihole available.
26. This will happen on your network.  Your only other option during an outage (usually unexpected) is to configure your DHCP server to forward to a non-pihole, public DNS, thusly defeating why you have pihole installed in the first place.
27. Furthermore, DNS is high availability by design and the secondary\tertiary DNS always receives some portion of the DNS traffic and if configured with a public DNS IP, your devices will be bypassing the safety of pihole blocking.
28. If you are running a single pihole and have that pihole listed as the only DNS entry in your DHCP setting, all devices on your network will immediately be unable to resolve DNS if that pihole goes offline.
29. I recommend running a PI3 as your primary and a PI3/PI2/ZeroW as your secondary.  PI2/ZeroW is more than sufficient as a secondary and emergency failover.
30.  
31. What about using my pihole for DHCP?
32. I still prefer to use my router for DHCP, if you need help refer to /u/jvinch76 post https://www.reddit.com/r/pihole/comments/9gw6hx/sync_two_piholes_bash_script/
33. or other docs about using pihole for DHCP with this script.
34.  
35. /u/LandlordTiberius
36.  
37. '
38.  
39. # INSTALLATION STEPS ON PRIMARY PIHOLE
40. : '
41. 1. Login to pihole
42. 2. type "SUDO NANO ~/piholesync.rsync.sh" to create file
43. 3. cut and paste all information in this code snippet
44. 4. edit PIHOLE2 and HAUSER to match your SECONDARY pihole settings
45. 5. save and exit
46. 6. type "chmod +x ~/piholesync.rsync.sh" to make file executable
47.  
48. # CREATE SSH file transfer permissions
49. 7. type "ssh-keygen"
50. 8. type "ssh-copy-id root@192.168.1.3" <- type the same HAUSER and IP as PIHOLE2, this IP is specific to your network, 192.168.1.3 is an example only
51. 9. type "yes" - YOU MUST TYPE "yes", not "y"
52. 10. type the password of your secondary pihole
53.  
54. # ENABLE REMOTE COMMANDS USING SSH Keys ON Remote pihole
55. 11  type "cd ~/.ssh"
56. 12. type "eval `ssh-agent`" <- this step may not be needed, depending upon what is running on your primary pihole
57. 13. type "ssh-add id_rsa.pub"
58. 14. type "scp id_rsa.pub root@192.168.1.3:~/.ssh/"
59. 15. login to secondary pihole (PIHOLE2) by typing "ssh root@192.168.1.3"
60. 16. type "cd ~/.ssh"
61. 17. type "cat id_rsa.pub >> authorized_keys"
62. 18. type "exit"
63. # see https://www.dotkam.com/2009/03/10/run-commands-remotely-via-ssh-with-no-password/ for further information on running ssh commands remotely without a password.
64.  
65. # INSTALL CRON Job
66. 19. type "crontab -e"
67. 20. scroll to the bottom of the editor, and on a new blank line,
68. 21. type "*/5 * * * * /bin/bash /root/piholesync.rsync.sh" <- this will run rsync every 5 minutes, edit per your preferences\tolerence, see https://crontab.guru/every-5-minutes for help
69. 22. save and exit
70.  
71. # DONE
72. '
73.  
74. #VARS
75. FILES=(black.list blacklist.txt regex.list whitelist.txt lan.list) #list of files you want to sync
76. PIHOLEDIR=/etc/pihole #working dir of pihole
77. PIHOLE2=192.168.1.3 #IP of 2nd PiHole
78. HAUSER=root #user of second pihole
79.  
80. #LOOP FOR FILE TRANSFER
81. RESTART=0 # flag determine if service restart is needed
82. for FILE in ${FILES[@]}
83. do
84.   if [[ -f $PIHOLEDIR/$FILE ]]; then
85.   RSYNC_COMMAND=$(rsync -ai $PIHOLEDIR/$FILE $HAUSER@$PIHOLE2:$PIHOLEDIR)
86.     if [[ -n "${RSYNC_COMMAND}" ]]; then
87.       # rsync copied changes
88.       RESTART=1 # restart flagged
89.      # else
90.        # no changes
91.      fi
92.   # else
93.     # file does not exist, skipping
94.   fi
95. done
96.  
97. FILE="adlists.list"
98. RSYNC_COMMAND=$(rsync -ai $PIHOLEDIR/$FILE $HAUSER@$PIHOLE2:$PIHOLEDIR)
99. if [[ -n "${RSYNC_COMMAND}" ]]; then
100.   # rsync copied changes, update GRAVITY
101.   ssh $HAUSER@$PIHOLE2 "sudo -S pihole -g"
102. # else
103.   # no changes
104. fi
105.  
106. if [ $RESTART == "1" ]; then
107.   # INSTALL FILES AND RESTART pihole
108.   ssh $HAUSER@$PIHOLE2 "sudo -S service pihole-FTL stop"
109.   ssh $HAUSER@$PIHOLE2 "sudo -S pkill pihole-FTL"
110.   ssh $HAUSER@$PIHOLE2 "sudo -S service pihole-FTL start"
111. fi