doggeddalle · October 9, 2025 10:18
diff --git a/pihole-unbound-diagnostic.sh b/pihole-unbound-diagnostic.sh
 #!/bin/bash
 # Pi-hole + Unbound verification script (for Pi-hole v6)

 GREEN="\e[32m"; RED="\e[31m"; YELLOW="\e[33m"; RESET="\e[0m"

 ok()   { echo -e "${GREEN}✔ $1${RESET}"; }
 fail() { echo -e "${RED}✘ $1${RESET}"; }
 warn() { echo -e "${YELLOW}⚠ $1${RESET}"; }

 echo -e "\n=== Pi-hole + Unbound Diagnostic ===\n"

 # --- Check services ---
 systemctl is-active --quiet unbound && ok "Unbound service is active" || fail "Unbound service NOT running"
 systemctl is-active --quiet pihole-FTL && ok "Pi-hole FTL service is active" || fail "Pi-hole FTL NOT running"

 # --- Verify Pi-hole upstream configuration ---
 if grep -q '127\.0\.0\.1#5335' /etc/pihole/pihole.toml 2>/dev/null; then
  ok "Pi-hole upstream points to Unbound (127.0.0.1#5335)"
 else
  fail "Pi-hole upstream is NOT set to 127.0.0.1#5335"
 fi

 # --- Test Unbound directly ---
 dig @127.0.0.1 -p 5335 google.com +short > /tmp/dig_unbound.txt 2>/dev/null
 if grep -qE '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$' /tmp/dig_unbound.txt; then
  ok "Unbound resolves domains directly"
 else
  fail "Unbound failed to resolve google.com"
 fi

 # --- Test Pi-hole DNS (forwarded to Unbound) ---
 dig @127.0.0.1 google.com +short > /tmp/dig_pihole.txt 2>/dev/null
 if grep -qE '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$' /tmp/dig_pihole.txt; then
  ok "Pi-hole resolves via Unbound successfully"
 else
  fail "Pi-hole failed to resolve google.com"
 fi

 # --- Optional recursion trace test ---
 if dig +trace google.com @127.0.0.1 -p 5335 | grep -q "root-servers.net"; then
  ok "Unbound is performing full recursive resolution"
 else
  warn "Couldn't confirm recursion (trace may be blocked or trimmed)"
 fi

 echo -e "\nDiagnostics complete.\n"
	#!/bin/bash
	# Pi-hole + Unbound verification script (for Pi-hole v6)

	GREEN="\e[32m"; RED="\e[31m"; YELLOW="\e[33m"; RESET="\e[0m"

	ok() { echo -e "${GREEN}✔ $1${RESET}"; }
	fail() { echo -e "${RED}✘ $1${RESET}"; }
	warn() { echo -e "${YELLOW}⚠ $1${RESET}"; }

	echo -e "\n=== Pi-hole + Unbound Diagnostic ===\n"

	# --- Check services ---
	systemctl is-active --quiet unbound && ok "Unbound service is active" \|\| fail "Unbound service NOT running"
	systemctl is-active --quiet pihole-FTL && ok "Pi-hole FTL service is active" \|\| fail "Pi-hole FTL NOT running"

	# --- Verify Pi-hole upstream configuration ---
	if grep -q '127\.0\.0\.1#5335' /etc/pihole/pihole.toml 2>/dev/null; then
	ok "Pi-hole upstream points to Unbound (127.0.0.1#5335)"
	else
	fail "Pi-hole upstream is NOT set to 127.0.0.1#5335"
	fi

	# --- Test Unbound directly ---
	dig @127.0.0.1 -p 5335 google.com +short > /tmp/dig_unbound.txt 2>/dev/null
	if grep -qE '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$' /tmp/dig_unbound.txt; then
	ok "Unbound resolves domains directly"
	else
	fail "Unbound failed to resolve google.com"
	fi

	# --- Test Pi-hole DNS (forwarded to Unbound) ---
	dig @127.0.0.1 google.com +short > /tmp/dig_pihole.txt 2>/dev/null
	if grep -qE '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$' /tmp/dig_pihole.txt; then
	ok "Pi-hole resolves via Unbound successfully"
	else
	fail "Pi-hole failed to resolve google.com"
	fi

	# --- Optional recursion trace test ---
	if dig +trace google.com @127.0.0.1 -p 5335 \| grep -q "root-servers.net"; then
	ok "Unbound is performing full recursive resolution"
	else
	warn "Couldn't confirm recursion (trace may be blocked or trimmed)"
	fi

	echo -e "\nDiagnostics complete.\n"
No results found