1
0
mirror of https://github.com/billz/raspap-webgui.git synced 2023-10-10 13:37:24 +02:00
raspap-webgui/README.md

238 lines
13 KiB
Markdown
Raw Normal View History

2019-06-11 12:37:29 +02:00
![](https://i.imgur.com/xeKD93p.png)
2019-11-08 11:14:44 +01:00
# `$raspap` [![Release 2.0](https://img.shields.io/badge/Release-2.0-green.svg)](https://github.com/billz/raspap-webgui/releases) [![Awesome](https://awesome.re/badge.svg)](https://github.com/thibmaek/awesome-raspberry-pi) [![Sponsor](https://img.shields.io/badge/sponsor-%F0%9F%92%96-green)](https://github.com/sponsors/billz)
2018-09-22 13:02:02 +02:00
2017-11-06 17:09:38 +01:00
A simple, responsive web interface to control wifi, hostapd and related services on the Raspberry Pi.
2015-02-27 16:10:52 +01:00
2019-11-01 18:29:44 +01:00
This project was inspired by a [blog post](http://sirlagz.net/2013/02/06/script-web-configuration-page-for-raspberry-pi/) by SirLagz about using a web page rather than ssh to configure wifi and hostapd settings on the Raspberry Pi. I began by prettifying the UI by wrapping it in [SB Admin 2](https://github.com/BlackrockDigital/startbootstrap-sb-admin-2), a Bootstrap based admin theme. Since then, the project has evolved to include greater control over many aspects of a networked RPi, better security, authentication, a Quick Installer, support for themes and more. RaspAP has been featured on sites such as [Instructables](http://www.instructables.com/id/Raspberry-Pi-As-Completely-Wireless-Router/), [Adafruit](https://blog.adafruit.com/2016/06/24/raspap-wifi-configuration-portal-piday-raspberrypi-raspberry_pi/), [Raspberry Pi Weekly](https://www.raspberrypi.org/weekly/commander/) and [Awesome Raspberry Pi](https://project-awesome.org/thibmaek/awesome-raspberry-pi) and implemented in countless projects.
2015-02-27 17:18:06 +01:00
We'd be curious to hear about how you use this with [your own RPi-powered projects](https://github.com/billz/raspap-awesome). Until then, here are some screenshots:
2015-02-27 16:10:52 +01:00
2019-11-18 13:58:33 +01:00
![](https://i.imgur.com/fwekyGE.gif)
2019-11-01 18:29:44 +01:00
![](https://i.imgur.com/EiIpdOS.gif)
![](https://i.imgur.com/eCjUS1H.gif)
![](https://i.imgur.com/5FT2BcS.gif)
![](https://i.imgur.com/RKaBFrZ.gif)
2015-02-27 16:10:52 +01:00
## Contents
2015-03-11 11:34:35 +01:00
- [Prerequisites](#prerequisites)
2016-06-16 17:02:47 +02:00
- [Quick installer](#quick-installer)
2019-04-09 21:56:19 +02:00
- [Simultaneous AP and Wifi client](#simultaneous-ap-and-wifi-client)
2019-03-11 23:38:42 +01:00
- [Support us](#support-us)
2016-06-16 17:02:47 +02:00
- [Manual installation](#manual-installation)
2018-06-01 20:19:07 +02:00
- [Multilingual support](#multilingual-support)
2019-07-30 02:36:54 +02:00
- [HTTPS support](#https-support)
2019-11-18 13:44:02 +01:00
- [OpenVPN support](#openvpn-support)
2015-02-27 16:10:52 +01:00
- [How to contribute](#how-to-contribute)
2019-04-13 18:08:21 +02:00
- [Reporting issues](#reporting-issues)
2015-03-11 12:17:03 +01:00
- [License](#license)
2015-02-27 16:10:52 +01:00
2015-03-11 11:34:35 +01:00
## Prerequisites
2019-06-28 10:08:32 +02:00
Start with a clean install of the [latest release of Raspbian](https://www.raspberrypi.org/downloads/raspbian/) (currently Buster). Raspbian Buster Lite is recommended.
2015-03-11 11:34:35 +01:00
2019-03-06 01:34:34 +01:00
1. Update Raspbian, including the kernel and firmware, followed by a reboot:
```
sudo apt-get update
sudo apt-get dist-upgrade
sudo reboot
```
2. Set the WiFi country in raspi-config's **Localisation Options**: `sudo raspi-config`
2015-03-11 11:34:35 +01:00
2019-03-06 01:34:34 +01:00
3. If you have an older Raspberry Pi without an onboard WiFi chipset, the [**Edimax Wireless 802.11b/g/n nano USB adapter**](https://www.edimax.com/edimax/merchandise/merchandise_detail/data/edimax/global/wireless_adapters_n150/ew-7811un) is an excellent option it's small, cheap and has good driver support.
2015-03-11 11:34:35 +01:00
2019-03-06 01:34:34 +01:00
With the prerequisites done, you can proceed with either the Quick installer or Manual installation steps below.
2015-03-11 12:17:03 +01:00
2016-06-16 17:02:47 +02:00
## Quick installer
Install RaspAP from your RaspberryPi's shell prompt:
```sh
2019-04-04 15:11:06 +02:00
wget -q https://git.io/voEUQ -O /tmp/raspap && bash /tmp/raspap
2016-06-16 17:02:47 +02:00
```
The installer will complete the steps in the manual installation (below) for you.
2016-10-23 22:39:22 +02:00
After the reboot at the end of the installation the wireless network will be
configured as an access point as follows:
* IP address: 10.3.141.1
* Username: admin
* Password: secret
2016-10-23 22:39:22 +02:00
* DHCP range: 10.3.141.50 to 10.3.141.255
* SSID: `raspi-webgui`
* Password: ChangeMe
2019-04-17 22:14:14 +02:00
**Note:** As the name suggests, the Quick Installer is a great way to quickly setup a new AP. However, it does not automagically detect the unique configuration of your RPi. Best results are obtained by connecting an RPi to ethernet (`eth0`) or as a WiFi client, also known as managed mode, with `wlan0`. For the latter, refer to [this FAQ](https://github.com/billz/raspap-webgui/wiki/FAQs#how-do-i-prepare-the-sd-card-to-connect-to-wifi-in-headless-mode). Please [read this](https://github.com/billz/raspap-webgui/wiki/Reporting-issues) before reporting an issue.
2019-04-16 15:47:42 +02:00
2019-04-09 21:56:19 +02:00
## Simultaneous AP and Wifi client
2019-04-17 22:14:14 +02:00
RaspAP lets you easily create an AP with a Wifi client configuration. With your RPi configured in managed mode, enable the AP from the **Advanced** tab of **Configure hotspot** by sliding the **Wifi client AP mode** toggle. Save settings and start the hotspot. The managed mode AP is functional without restart.
2019-04-09 21:56:19 +02:00
2019-11-01 19:12:31 +01:00
![](https://i.imgur.com/YObvd32.gif)
2019-04-09 21:56:19 +02:00
2019-04-17 22:14:14 +02:00
**Note:** For a Raspberry Pi operating in [managed mode](https://github.com/billz/raspap-webgui/wiki/FAQs#how-do-i-prepare-the-sd-card-to-connect-to-wifi-in-headless-mode) without an `eth0` connection, this configuration must be enabled _before_ a reboot.
2019-04-15 09:18:20 +02:00
2019-03-11 23:38:42 +01:00
## Support us
2019-10-31 20:48:16 +01:00
RaspAP is free software, but powered by your support. If you find RaspAP useful for your personal or commercial projects, please [become a sponsor](https://github.com/sponsors/billz) or make a one-time donation with [Beerpay](https://beerpay.io/billz/raspap-webgui). Either option makes a big difference!
2019-03-11 23:38:42 +01:00
2019-10-31 20:48:16 +01:00
[![Beerpay](https://beerpay.io/billz/raspap-webgui/badge.svg)](https://beerpay.io/billz/raspap-webgui)
2019-06-29 10:14:25 +02:00
2016-06-16 17:02:47 +02:00
## Manual installation
2019-06-28 10:12:07 +02:00
These steps apply to the latest release of Raspbian (currently [Buster](https://www.raspberrypi.org/downloads/raspbian/)). Notes for previously released versions are provided, where applicable. Start off by installing git, lighttpd, php7, hostapd and dnsmasq.
2015-02-27 16:10:52 +01:00
```sh
2019-06-28 10:12:07 +02:00
sudo apt-get install git lighttpd php7.1-cgi hostapd dnsmasq vnstat
2015-02-27 16:10:52 +01:00
```
2019-06-28 10:12:07 +02:00
**Note:** for Raspbian Stretch, replace `php7.1-cgi` with `php7.0-cgi`. For Raspbian Jessie and older versions, use `php5-cgi`. After that, enable PHP for lighttpd and restart it for the settings to take effect.
2015-02-27 16:10:52 +01:00
```sh
2017-11-17 08:11:18 +01:00
sudo lighttpd-enable-mod fastcgi-php
2016-10-22 23:02:39 +02:00
sudo service lighttpd restart
2015-02-27 16:10:52 +01:00
```
2015-02-28 00:31:34 +01:00
Now comes the fun part. For security reasons, the `www-data` user which lighttpd runs under is not allowed to start or stop daemons, or run commands like ifdown and ifup, all of which we want our page to do.
2019-04-10 11:16:04 +02:00
So what I have done is added the `www-data` user to the sudoers file, but with restrictions on what commands the user can run. Add the following to the end of `/etc/sudoers`:
2015-02-27 16:10:52 +01:00
```sh
2019-04-10 11:16:04 +02:00
www-data ALL=(ALL) NOPASSWD:/sbin/ifdown
www-data ALL=(ALL) NOPASSWD:/sbin/ifup
www-data ALL=(ALL) NOPASSWD:/bin/cat /etc/wpa_supplicant/wpa_supplicant.conf
2019-04-10 11:12:32 +02:00
www-data ALL=(ALL) NOPASSWD:/bin/cat /etc/wpa_supplicant/wpa_supplicant-wlan[0-9].conf
www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/wifidata /etc/wpa_supplicant/wpa_supplicant.conf
2019-04-10 11:12:32 +02:00
www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/wifidata /etc/wpa_supplicant/wpa_supplicant-wlan[0-9].conf
www-data ALL=(ALL) NOPASSWD:/sbin/wpa_cli -i wlan[0-9] scan_results
www-data ALL=(ALL) NOPASSWD:/sbin/wpa_cli -i wlan[0-9] scan
www-data ALL=(ALL) NOPASSWD:/sbin/wpa_cli -i wlan[0-9] reconfigure
www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/hostapddata /etc/hostapd/hostapd.conf
www-data ALL=(ALL) NOPASSWD:/etc/init.d/hostapd start
www-data ALL=(ALL) NOPASSWD:/etc/init.d/hostapd stop
www-data ALL=(ALL) NOPASSWD:/etc/init.d/dnsmasq start
www-data ALL=(ALL) NOPASSWD:/etc/init.d/dnsmasq stop
www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/dhcpddata /etc/dnsmasq.conf
www-data ALL=(ALL) NOPASSWD:/sbin/shutdown -h now
www-data ALL=(ALL) NOPASSWD:/sbin/reboot
2019-04-10 11:12:32 +02:00
www-data ALL=(ALL) NOPASSWD:/sbin/ip link set wlan[0-9] down
www-data ALL=(ALL) NOPASSWD:/sbin/ip link set wlan[0-9] up
www-data ALL=(ALL) NOPASSWD:/sbin/ip -s a f label wlan[0-9]
2017-11-17 08:11:18 +01:00
www-data ALL=(ALL) NOPASSWD:/bin/cp /etc/raspap/networking/dhcpcd.conf /etc/dhcpcd.conf
www-data ALL=(ALL) NOPASSWD:/etc/raspap/hostapd/enablelog.sh
www-data ALL=(ALL) NOPASSWD:/etc/raspap/hostapd/disablelog.sh
2019-04-10 11:12:32 +02:00
www-data ALL=(ALL) NOPASSWD:/etc/raspap/hostapd/servicestart.sh
2015-02-27 16:10:52 +01:00
```
2015-02-27 17:38:09 +01:00
2016-08-31 10:45:00 +02:00
Once those modifications are done, git clone the files to `/var/www/html`.
**Note:** for older versions of Raspbian (before Jessie, May 2016) use
2016-08-31 10:48:56 +02:00
`/var/www` instead.
2015-02-27 17:38:09 +01:00
```sh
2016-08-31 10:45:00 +02:00
sudo rm -rf /var/www/html
sudo git clone https://github.com/billz/raspap-webgui /var/www/html
2015-02-27 17:38:09 +01:00
```
2019-04-25 00:24:26 +02:00
Move the high-res favicons to the web root.
```
2019-10-10 21:06:03 +02:00
sudo mv /var/www/html/app/icons/* /var/www/html
2019-04-25 00:24:26 +02:00
```
2015-02-27 17:38:09 +01:00
Set the files ownership to `www-data` user.
```sh
2016-08-31 10:45:00 +02:00
sudo chown -R www-data:www-data /var/www/html
2015-02-27 17:38:09 +01:00
```
2019-04-25 00:24:26 +02:00
Move the RaspAP configuration file to the correct location.
2016-05-29 17:38:43 +02:00
```sh
sudo mkdir /etc/raspap
2016-08-31 10:45:00 +02:00
sudo mv /var/www/html/raspap.php /etc/raspap/
sudo chown -R www-data:www-data /etc/raspap
2016-05-29 17:38:43 +02:00
```
2019-07-09 00:20:18 +02:00
Move the HostAPD logging and service control shell scripts to the correct location.
2017-11-17 08:11:18 +01:00
```sh
sudo mkdir /etc/raspap/hostapd
sudo mv /var/www/html/installers/*log.sh /etc/raspap/hostapd
2019-07-09 00:20:18 +02:00
sudo mv /var/www/html/installers/service*.sh /etc/raspap/hostapd
```
Set ownership and permissions for logging and service control scripts.
```sh
sudo chown -c root:www-data /etc/raspap/hostapd/*.sh
sudo chmod 750 /etc/raspap/hostapd/*.sh
2017-11-17 08:11:18 +01:00
```
2019-04-10 11:12:32 +02:00
Add the following lines to `/etc/rc.local` before `exit 0`.
```sh
echo 1 > /proc/sys/net/ipv4/ip_forward #RASPAP
iptables -t nat -A POSTROUTING -j MASQUERADE #RASPAP
iptables -t nat -A POSTROUTING -s 192.168.50.0/24 ! -d 192.168.50.0/24 -j MASQUERADE #RASPAP
```
2019-04-10 11:18:44 +02:00
Force a reload of new settings in `/etc/rc.local`.
2019-04-10 11:12:32 +02:00
```sh
sudo systemctl restart rc-local.service
sudo systemctl daemon-reload
```
2019-04-10 11:16:04 +02:00
Unmask and enable the hostapd service.
```sh
sudo systemctl unmask hostapd.service
sudo systemctl enable hostapd.service
```
2019-04-21 20:27:06 +02:00
Move the raspap service to the correct location and enable it.
```
sudo mv /var/www/html/installers/raspap.service /lib/systemd/system
sudo systemctl enable raspap.service
```
2015-02-27 17:38:09 +01:00
Reboot and it should be up and running!
```sh
sudo reboot
```
2015-03-11 12:17:03 +01:00
2016-05-29 17:38:43 +02:00
The default username is 'admin' and the default password is 'secret'.
2018-06-01 20:19:07 +02:00
## Multilingual support
RaspAP uses [GNU Gettext](https://www.gnu.org/software/gettext/) to manage multilingual messages. In order to use RaspAP with one of our supported translations, you must configure a corresponding language package on your RPi. To list languages currently installed on your system, use `locale -a` at the shell prompt. To generate new locales, run `sudo dpkg-reconfigure locales` and select any other desired locales. Details are provided on our [wiki](https://github.com/billz/raspap-webgui/wiki/Translations#raspap-in-your-language).
The following translations are currently maintained by the project:
2018-06-16 23:48:00 +02:00
- Deutsch
2018-06-01 20:19:07 +02:00
- Français
- Italiano
- Português
- Svenska
- Nederlands
2018-10-17 17:56:21 +02:00
- 简体中文 (Chinese Simplified)
2019-10-30 08:14:08 +01:00
- Indonesian
- 한국어 (Korean)
- 日本語 (Japanese)
- Tiếng Việt (Vietnamese)
2018-11-04 18:02:04 +01:00
- Čeština
2018-11-19 18:26:44 +01:00
- Русский
2019-01-13 09:56:48 +01:00
- Español
2019-03-05 00:17:03 +01:00
- Finnish
- Sinhala
2019-06-10 11:37:39 +02:00
- Türkçe
2018-06-01 20:19:07 +02:00
If your language is not in the list above, why not [contribute a translation](https://github.com/billz/raspap-webgui/wiki/Translations#contributing-a-translation)? Contributors will receive credit as the original translators.
2019-07-30 02:36:54 +02:00
## HTTPS support
2019-11-08 11:14:44 +01:00
The Quick Installer may be used to [generate SSL certificates](https://github.com/billz/raspap-webgui/wiki/SSL-certificates-(Quick-Installer)) with `mkcert`. The installer automates the manual steps [described in the wiki](https://github.com/billz/raspap-webgui/wiki/SSL-(Manual-steps)), including configuring lighttpd with SSL support.
Simply append the `-c` or `--cert` option to the Quick Installer, like so:
```
wget -q https://git.io/voEUQ -O /tmp/raspap && bash /tmp/raspap --cert
```
**Note**: this only installs mkcert and generates an SSL certificate with the input you provide. It does *not* (re)install RaspAP.
More information on SSL certificates and HTTPS support is available [on our wiki](https://github.com/billz/raspap-webgui/wiki/SSL-certificates-(Quick-Installer)).
2019-07-30 02:36:54 +02:00
2019-11-18 13:44:02 +01:00
## OpenVPN support
OpenVPN may be optionally installed by the Quick Installer. Once this is done, you can managage a client configuration and the `openvpn-client` service with RaspAP.
2015-03-11 12:17:03 +01:00
2019-11-18 18:35:22 +01:00
![](https://i.imgur.com/yrDOYRT.gif)
2019-11-18 13:44:02 +01:00
To configure an OpenVPN client, upload a valid .ovpn file and, optionally, specify your login credentials. RaspAP will store your client configuration and add firewall rules to forward traffic from OpenVPN's `tun0` interface to your configured wireless interface.
**Note**: this feature is currently in beta. Please [read this](https://github.com/billz/raspap-webgui/wiki/FAQs#-openvpn-fails-to-start-andor-i-have-no-internet-help) before reporting an issue.
2015-03-11 12:17:03 +01:00
2015-02-27 16:10:52 +01:00
## How to contribute
2019-04-10 10:57:47 +02:00
1. File an issue in the repository describing the contribution you'd like to make. This will help us get you started on the
2015-02-27 16:10:52 +01:00
right foot.
2019-04-10 10:57:47 +02:00
2. Fork the project in your account and create a new branch: `your-great-feature`.
2015-02-27 16:10:52 +01:00
3. Commit your changes in that branch.
2019-04-10 10:57:47 +02:00
4. Open a pull request, and reference the initial issue in the pull request message.
This project follows the [PSR-2](http://www.php-fig.org/psr/psr-2/) coding style guidelines. There are many ways to check your code for PSR-2. An excellent tool is [PHP_CodeSniffer](https://github.com/squizlabs/PHP_CodeSniffer). The command line tool `phpcs` can be run against any single file. [Phing](https://www.phing.info/), a PHP build tool, integrates nicely with `phpcs` to automate PSR-2 checks across all source files in a project.
2015-02-27 16:10:52 +01:00
2019-04-13 18:08:21 +02:00
## Reporting issues
Please [read this](https://github.com/billz/raspap-webgui/wiki/Reporting-issues) before reporting a bug.
2015-02-27 16:10:52 +01:00
## License
2016-05-01 08:54:24 +02:00
See the [LICENSE](./LICENSE) file.