42 lines
1.5 KiB
Markdown
42 lines
1.5 KiB
Markdown
# Pi-hole v6 API & CLI Quirks
|
|
|
|
## CLI Changes from v5
|
|
|
|
| v5 command | v6 equivalent | Notes |
|
|
|---|---|---|
|
|
| `pihole -w <domain>` | `pihole allow <domain>` | Whitelist/allow |
|
|
| `pihole -b <domain>` | `pihole deny <domain>` | Blacklist/deny |
|
|
| `pihole -c` | REMOVED | Use PADD instead |
|
|
| `pihole -g` | `pihole updateGravity` | Same, but `-g` still works |
|
|
|
|
## API Endpoints
|
|
|
|
| Old (v5) | New (v6) |
|
|
|---|---|
|
|
| `/admin/api.php` | `/api` |
|
|
| Query string auth | POST `/api/auth` with `{"password":"..."}` |
|
|
| No auth needed for some endpoints | Auth required for most endpoints |
|
|
|
|
## Password & Auth
|
|
|
|
- Password stored as hash in `/etc/pihole/pihole.toml` → `pwhash`
|
|
- Temporary CLI password at `/etc/pihole/cli_pw` (regenerated on FTL restart, limited permissions)
|
|
- Docker env `WEBPASSWORD` sets the password but is masked in `docker inspect`
|
|
- App passwords for 2FA: set `app_pwhash` in pihole.toml
|
|
|
|
## FTL Telnet API
|
|
|
|
- Port 4711 inside container (`127.0.0.1:4711`)
|
|
- Not exposed outside the container by default
|
|
- Commands like `>stats`, `>recent` work via `nc 127.0.0.1 4711` inside container
|
|
- May require authentication in newer versions
|
|
|
|
## Database Schema (v6)
|
|
|
|
Key tables:
|
|
- `queries` — all DNS queries (timestamp, domain, client, status)
|
|
- `gravity` — no longer exists as separate table; integrated differently
|
|
- `domainlist` — may not exist; allow/deny lists stored in different structure
|
|
- `network`, `network_addresses` — client tracking
|
|
- `counters` — summary stats
|