Change default webport to 80

Signed-off-by: Christian König <[email protected]> Signed-off-by: DL6ER <[email protected]>
pi-hole · Aug 1, 2023 · da544dc · da544dc
1 parent 70bb611
commit da544dc
Show file tree

Hide file tree

Showing 6 changed files with 24 additions and 24 deletions.
diff --git a/src/api/docs/content/specs/config.yaml b/src/api/docs/content/specs/config.yaml
@@ -637,7 +637,7 @@ components:
           webserver:
             domain: pi.hole
             acl: "+0.0.0.0/0,::/0"
-            port: 8080,[::]:8080
+            port: 80,[::]:80
             sessionTimeout: 300
             tls:
               rev_proxy: false

diff --git a/src/config/config.c b/src/config/config.c
@@ -824,10 +824,10 @@ void initConfig(struct config *conf)
 	conf->webserver.acl.d.s = (char*)"";
 
 	conf->webserver.port.k = "webserver.port";
-	conf->webserver.port.h = "Ports to be used by the webserver.\n Comma-separated list of ports to listen on. It is possible to specify an IP address to bind to. In this case, an IP address and a colon must be prepended to the port number. For example, to bind to the loopback interface on port 80 (IPv4) and to all interfaces port 8080 (IPv4), use \"127.0.0.1:80,8080\". \"[::]:8080\" can be used to listen to IPv6 connections to port 8080. IPv6 addresses of network interfaces can be specified as well, e.g. \"[::1]:8080\" for the IPv6 loopback interface. [::]:80 will bind to port 80 IPv6 only.\n In order to use port 8080 for all interfaces, both IPv4 and IPv6, use either the configuration \"8080,[::]:8080\" (create one socket for IPv4 and one for IPv6 only), or \"+8080\" (create one socket for both, IPv4 and IPv6). The + notation to use IPv4 and IPv6 will only work if no network interface is specified. Depending on your operating system version and IPv6 network environment, some configurations might not work as expected, so you have to test to find the configuration most suitable for your needs. In case \"+8080\" does not work for your environment, you need to use \"8080,[::]:8080\".\n If the port is TLS/SSL, a letter 's' must be appended, for example, \"8080,443s\" will open port 8080 and port 443, and connections on port 443 will be encrypted. For non-encrypted ports, it is allowed to append letter 'r' (as in redirect). Redirected ports will redirect all their traffic to the first configured SSL port. For example, if webserver.port is \"8080r,443s\", then all HTTP traffic coming at port 8080 will be redirected to HTTPS port 443.";
+	conf->webserver.port.h = "Ports to be used by the webserver.\n Comma-separated list of ports to listen on. It is possible to specify an IP address to bind to. In this case, an IP address and a colon must be prepended to the port number. For example, to bind to the loopback interface on port 80 (IPv4) and to all interfaces port 8080 (IPv4), use \"127.0.0.1:80,8080\". \"[::]:80\" can be used to listen to IPv6 connections to port 80. IPv6 addresses of network interfaces can be specified as well, e.g. \"[::1]:80\" for the IPv6 loopback interface. [::]:80 will bind to port 80 IPv6 only.\n In order to use port 80 for all interfaces, both IPv4 and IPv6, use either the configuration \"80,[::]:80\" (create one socket for IPv4 and one for IPv6 only), or \"+80\" (create one socket for both, IPv4 and IPv6). The + notation to use IPv4 and IPv6 will only work if no network interface is specified. Depending on your operating system version and IPv6 network environment, some configurations might not work as expected, so you have to test to find the configuration most suitable for your needs. In case \"+80\" does not work for your environment, you need to use \"80,[::]:80\".\n If the port is TLS/SSL, a letter 's' must be appended, for example, \"80,443s\" will open port 80 and port 443, and connections on port 443 will be encrypted. For non-encrypted ports, it is allowed to append letter 'r' (as in redirect). Redirected ports will redirect all their traffic to the first configured SSL port. For example, if webserver.port is \"80r,443s\", then all HTTP traffic coming at port 80 will be redirected to HTTPS port 443.";
 	conf->webserver.port.a = cJSON_CreateStringReference("comma-separated list of <[ip_address:]port>");
 	conf->webserver.port.t = CONF_STRING;
-	conf->webserver.port.d.s = (char*)"8080,[::]:8080,443s,[::]:443s";
+	conf->webserver.port.d.s = (char*)"80,[::]:80,443s,[::]:443s";
 
 	conf->webserver.tls.rev_proxy.k = "webserver.tls.rev_proxy";
 	conf->webserver.tls.rev_proxy.h = "Is Pi-hole running behind a reverse proxy? If yes, Pi-hole will not consider HTTP-only connections being insecure. This is useful if you are running Pi-hole in a trusted environment, for example, in a local network, and you are using a reverse proxy to provide TLS encryption, e.g., by using Traefik (docker). If you are using a reverse proxy, you can alternatively set webserver.tls.cert to the path of the TLS certificate file and let Pi-hole handle true end-to-end encryption.";

diff --git a/src/config/legacy_reader.c b/src/config/legacy_reader.c
@@ -266,7 +266,7 @@ const char *readFTLlegacy(struct config *conf)
 
 	// WEBPORT
 	// On which port should FTL's API be listening?
-	// defaults to: 8080
+	// defaults to: 80
 	buffer = parseFTLconf(fp, "WEBPORT");
 
 	value = 0;

diff --git a/test/api/checkAPI.py b/test/api/checkAPI.py
@@ -20,7 +20,7 @@
 		exit(1)
 
 	# Get endpoints from FTL
-	ftl = FTLAPI("http://127.0.0.1:8080", "ABC")
+	ftl = FTLAPI("http://127.0.0.1", "ABC")
 	ftl.get_endpoints()
 
 	errs = [0, 0, 0]

diff --git a/test/pihole.toml b/test/pihole.toml
@@ -494,28 +494,28 @@
   # Comma-separated list of ports to listen on. It is possible to specify an IP address
   # to bind to. In this case, an IP address and a colon must be prepended to the port
   # number. For example, to bind to the loopback interface on port 80 (IPv4) and to all
-  # interfaces port 8080 (IPv4), use "127.0.0.1:80,8080". "[::]:8080" can be used to
-  # listen to IPv6 connections to port 8080. IPv6 addresses of network interfaces can be
-  # specified as well, e.g. "[::1]:8080" for the IPv6 loopback interface. [::]:80 will
+  # interfaces port 80 (IPv4), use "127.0.0.1:80,80". "[::]:808 can be used to
+  # listen to IPv6 connections to port 80. IPv6 addresses of network interfaces can be
+  # specified as well, e.g. "[::1]:80 for the IPv6 loopback interface. [::]:80 will
   # bind to port 80 IPv6 only.
-  # In order to use port 8080 for all interfaces, both IPv4 and IPv6, use either the
-  # configuration "8080,[::]:8080" (create one socket for IPv4 and one for IPv6 only),
-  # or "+8080" (create one socket for both, IPv4 and IPv6). The + notation to use IPv4
+  # In order to use port 80 for all interfaces, both IPv4 and IPv6, use either the
+  # configuration "80,[::]:80" (create one socket for IPv4 and one for IPv6 only),
+  # or "+80" (create one socket for both, IPv4 and IPv6). The + notation to use IPv4
   # and IPv6 will only work if no network interface is specified. Depending on your
   # operating system version and IPv6 network environment, some configurations might not
   # work as expected, so you have to test to find the configuration most suitable for
-  # your needs. In case "+8080" does not work for your environment, you need to use
-  # "8080,[::]:8080".
-  # If the port is TLS/SSL, a letter 's' must be appended, for example, "8080,443s" will
-  # open port 8080 and port 443, and connections on port 443 will be encrypted. For
+  # your needs. In case "+80" does not work for your environment, you need to use
+  # "80,[::]:80".
+  # If the port is TLS/SSL, a letter 's' must be appended, for example, "80,443s" will
+  # open port 80 and port 443, and connections on port 443 will be encrypted. For
   # non-encrypted ports, it is allowed to append letter 'r' (as in redirect). Redirected
   # ports will redirect all their traffic to the first configured SSL port. For example,
-  # if webserver.port is "8080r,443s", then all HTTP traffic coming at port 8080 will be
+  # if webserver.port is "80r,443s", then all HTTP traffic coming at port 80 will be
   # redirected to HTTPS port 443.
   #
   # Possible values are:
   #     comma-separated list of <[ip_address:]port>
-  port = "8080,[::]:8080,443s"
+  port = "80,[::]:80,443s"
 
   # Session timeout in seconds. If a session is inactive for more than this time, it will
   # be terminated. Sessions are continuously refreshed by the web interface, preventing

diff --git a/test/test_suite.bats b/test/test_suite.bats
@@ -982,13 +982,13 @@
 }
 
 @test "HTTP server responds with JSON error 404 to unknown API path" {
-  run bash -c 'curl -s 127.0.0.1:8080/api/undefined'
+  run bash -c 'curl -s 127.0.0.1/api/undefined'
   printf "%s\n" "${lines[@]}"
   [[ ${lines[0]} == '{"error":{"key":"not_found","message":"Not found","hint":"/api/undefined"},"took":'*'}' ]]
 }
 
 @test "HTTP server responds with normal error 404 to path outside /admin" {
-  run bash -c 'curl -s 127.0.0.1:8080/undefined'
+  run bash -c 'curl -s 127.0.0.1/undefined'
   printf "%s\n" "${lines[@]}"
   [[ ${lines[0]} == "Error 404: Not Found" ]]
 }
@@ -1234,27 +1234,27 @@
 }
 
 @test "API authorization (without password): No login required" {
-  run bash -c 'curl -s 127.0.0.1:8080/api/auth'
+  run bash -c 'curl -s 127.0.0.1/api/auth'
   printf "%s\n" "${lines[@]}"
   [[ ${lines[0]} == '{"session":{"valid":true,"totp":false,"sid":null,"validity":-1},"dns":true,"took":'*'}' ]]
 }
 
 @test "API authorization: Setting password" {
   # Password: ABC
-  run bash -c 'curl -s -X PATCH http://127.0.0.1:8080/api/config/webserver/api/password -d "{\"config\":{\"webserver\":{\"api\":{\"password\":\"ABC\"}}}}"'
+  run bash -c 'curl -s -X PATCH http://127.0.0.1/api/config/webserver/api/password -d "{\"config\":{\"webserver\":{\"api\":{\"password\":\"ABC\"}}}}"'
   printf "%s\n" "${lines[@]}"
   [[ ${lines[0]} == "{\"config\":{\"webserver\":{\"api\":{\"password\":\"********\"}}},\"took\":"*"}" ]]
 }
 
 @test "API authorization (with password): Incorrect password is rejected if password auth is enabled" {
   # Password: ABC
-  run bash -c 'curl -s -X POST 127.0.0.1:8080/api/auth -d "{\"password\":\"XXX\"}" | jq .session.valid'
+  run bash -c 'curl -s -X POST 127.0.0.1/api/auth -d "{\"password\":\"XXX\"}" | jq .session.valid'
   printf "%s\n" "${lines[@]}"
   [[ ${lines[0]} == "false" ]]
 }
 
 @test "API authorization (with password): Correct password is accepted" {
-  session="$(curl -s -X POST 127.0.0.1:8080/api/auth -d "{\"password\":\"ABC\"}")"
+  session="$(curl -s -X POST 127.0.0.1/api/auth -d "{\"password\":\"ABC\"}")"
   printf "Session: %s\n" "${session}"
   run jq .session.valid <<< "${session}"
   printf "%s\n" "${lines[@]}"
@@ -1331,7 +1331,7 @@
   [[ "${lines[0]}" == "[]" ]]
   run bash -c './pihole-FTL --config webserver.port'
   printf "%s\n" "${lines[@]}"
-  [[ "${lines[0]}" == "8080,[::]:8080,443s" ]]
+  [[ "${lines[0]}" == "80,[::]:80,443s" ]]
 }
 
 @test "Create, verify and re-import Teleporter file via CLI" {