Hi, i'm also facing the same issue, i have heimdall and homeassistant connecting to pihole trough API, and they lost the ability to show general statistics since the update described in this link:
If i remove the web password, both heimdall and homeassistant can immediatly show statistics again, if i re-enable the password they both stop working.
In both heimdall and homeassistant, if i changed the URL from:
http://pi.hole/admin/api.php?status
to:
http://pi.hole/admin/api.php?status&auth=<TOKEN> (replacing with the token i get from /etc/pihole/setupVars.conf' on 'WEBPASSWORD'
Both heimdall and homeassistant still do not work, and i have questions:
1-Can the API behaviour work like before, general statistics don't need authentication, others or configurations changes require it
2-Can i have a webpassword, but have API interaction not authenticaded?
3-If both question 1&2 are negative, i have to wait for heimdall or homeassistant to update their end?
Just to make sure you have the urls right you may test them in a web browser like FireFox.
Just enter something like : http://192.168.123.123/admin/api.php?status&auth=...................... http://192.168.123.123/admin/api.php?summary&auth=......................
and when these give you data you know you have the right urls.
I am not sure but I do not think that you can have an unprotected web api because they say that authentication is required for more endpoints.
Those URLs work in a browser, the "status" URL returns "enabled" the "summary" URL returns the general statistics.
I tried placing the "status" URL in the API URL config of heimdall, no error, but also no statistics showing.
I also tried placing it on homeassistant and it says it cant connect.
Maybe i am doing something wrong, but don't know what.
It would be great if that worked as a whitelist , like for example "these 2 IP's don't need password, every other IP needs to authenticate", but from what i understand from that suggestion, i would loose access to the admin panel from any IP that wasn't on the list?
Note:
Some applications used simply /admin/api.php to retrieve the summary information, without adding the endpoint summaryRaw or summary.
This won't work on the current version if you are using the token (using /admin/api.php?auth=<your_token> will return nothing).
In this case, the URL should be changed to /admin/api.php?summaryRaw&auth=<your_token>.
Probably every developer will need to change their applications.
After a couple of days of climbing down every forum hole I could find, I think I have a solution to show the stats on the enhanced Pihole app in Heimdall. Full disclaimer, I'm not claiming this is the best way, but it works right now.
As others have mentioned, for the app Config URL use:
It'll say test successful, but I still wasn't seeing the stats on the dashboard tile, so I went into my Heimdall container (docker) and edited the heimdall pihole.php file. Mine is located in '/opt/heimdall/config/www/SupportedApps/Pihole/Pihole.php' but yours is likely different.
Within Pihole.php Look for:
public function livestats()
{
$status = "inactive";
$res = parent::execute($this->url("api.php?"));
$details = json_decode($res->getBody());
See that "url(api.php?)" part? I suspected that while Heimdall was receiving a positive response from the Pihole API, it was not passing the auth to retrieve the stats data. So, I augmented that line to:
"/config/www/SupportedApps/Pihole" and it's also mounted on my host, so it will keep persistent as the container gets updated!
I wish i knew PHP, there are a lot of enhanced APPs on Heimdall that i never got working because there are no instructions for them and i don't how to fix them.
One related question, did you find this on a forum where there is a lot of discussion on Heimdall enhanced APPs? If so where? maybe i can find answers about the other enhanced APPs! Thanks again!
Note that changes inside a Docker container won't change the image, so they would likely be lost on container restart or image updates.
This should be brought to the attention of Heimdall maintainers, or the maintainers responsible for the Pi-hole plugin for Heimdall respectively.
That way, the maintainers could QA your patch, and the fix could be consistently applied and released for all Heimdall users, instead of being only available to those few that find your post here and are willing to apply manual changes.
Nope, I just saw several people that had posted about this issue (here, reddit, buddy at work, etc.) so I dove into the configs to see what was going on. This was a manual workaround for sure and not exactly sustainable. I am also not so good with php and was just a bit surprised that my bandaid actually worked in the interim Definitely go with the developers' solution.
Not sure how I missed that thread. Thanks for the research assist and sharing the knowledge Bucking_Horn! (sorry, account still to new to @ mention anyone).
Definitely go with the developers' solution.