2019-06-24 21:57:49 +00:00
#!/bin/bash
#
2020-03-23 09:31:18 +00:00
# RaspAP installation functions
# Author: @billz <billzimmerman@gmail.com>
2020-12-16 10:01:11 +00:00
# Author URI: https://github.com/billz/
2020-03-23 09:31:18 +00:00
# License: GNU General Public License v3.0
2021-02-03 09:07:15 +00:00
# License URI: https://github.com/raspap/raspap-webgui/blob/master/LICENSE
2020-12-16 10:01:11 +00:00
2020-03-23 09:31:18 +00:00
# You are not obligated to bundle the LICENSE file with your RaspAP projects as long
# as you leave these references intact in the header comments of your source files.
# Exit on error
set -o errexit
# Exit on error inside functions
set -o errtrace
# Turn on traces, disabled by default
# set -o xtrace
# Set defaults
readonly raspap_dir = "/etc/raspap"
readonly raspap_user = "www-data"
readonly raspap_sudoers = "/etc/sudoers.d/090_raspap"
2020-12-12 19:29:43 +00:00
readonly raspap_default = "/etc/dnsmasq.d/090_raspap.conf"
readonly raspap_wlan0 = "/etc/dnsmasq.d/090_wlan0.conf"
2020-04-01 07:51:53 +00:00
readonly raspap_adblock = "/etc/dnsmasq.d/090_adblock.conf"
2020-03-23 09:31:18 +00:00
readonly raspap_sysctl = "/etc/sysctl.d/90_raspap.conf"
2020-12-05 09:14:07 +00:00
readonly raspap_network = " $raspap_dir /networking/ "
2021-04-01 16:46:07 +01:00
readonly raspap_router = "/etc/lighttpd/conf-available/50-raspap-router.conf"
2020-03-25 22:59:51 +00:00
readonly rulesv4 = "/etc/iptables/rules.v4"
2020-04-13 08:49:18 +01:00
readonly notracking_url = "https://raw.githubusercontent.com/notracking/hosts-blocklists/master/"
2019-06-24 21:57:49 +00:00
webroot_dir = "/var/www/html"
2021-03-09 11:38:40 +00:00
if [ " $insiders " = = 1 ] ; then
repo = "RaspAP/raspap-insiders"
branch = ${ RASPAP_INSIDERS_LATEST }
fi
git_source_url = " https://github.com/ $repo "
2016-08-31 16:30:28 +02:00
2020-03-21 17:31:38 +00:00
# NOTE: all the below functions are overloadable for system-specific installs
2020-12-16 10:01:11 +00:00
function _install_raspap( ) {
_display_welcome
_config_installation
_update_system_packages
_install_dependencies
_enable_php_lighttpd
_create_raspap_directories
_optimize_php
_check_for_old_configs
_download_latest_files
_change_file_ownership
_create_hostapd_scripts
_create_lighttpd_scripts
2021-01-30 16:56:49 +00:00
_install_lighttpd_configs
2020-12-16 10:01:11 +00:00
_move_config_file
_default_configuration
_configure_networking
_prompt_install_adblock
_prompt_install_openvpn
2021-04-22 08:13:05 +01:00
_install_mobile_clients
2021-03-09 11:38:40 +00:00
_prompt_install_wireguard
2020-12-16 10:01:11 +00:00
_patch_system_files
_install_complete
}
2016-06-16 15:16:19 +02:00
2021-04-22 08:13:05 +01:00
# search for optional installation files names install_feature_*.sh
function _install_mobile_clients( ) {
if [ " $insiders " = = 1 ] ; then
_install_log "Installing support for mobile data clients"
for feature in $( ls $webroot_dir /installers/install_feature_*.sh) ; do
source $feature
f = $( basename $feature )
func = " _ ${ f %.* } "
if declare -f -F $func > /dev/null; then
echo " Installing $func "
$func || _install_status 1 " Unable to install feature ( $func ) "
else
_install_status 1 " Install file $f is missing install function $func "
fi
done
fi
}
2020-03-23 09:31:18 +00:00
# Prompts user to set installation options
function _config_installation( ) {
2020-06-24 23:36:19 +01:00
if [ " $upgrade " = = 1 ] ; then
opt = ( Upgrade Upgrading upgrade)
else
opt = ( Install Installing installation)
fi
_install_log " Configure ${ opt [2] } "
2020-03-23 09:31:18 +00:00
_get_linux_distro
2020-03-20 12:07:50 +00:00
echo " Detected OS: ${ DESC } "
echo " Using GitHub repository: ${ repo } ${ branch } branch "
2020-06-24 23:36:19 +01:00
echo " Configuration directory: ${ raspap_dir } "
echo -n " lighttpd root: ${ webroot_dir } ? [Y/n]: "
2019-11-18 11:51:59 +00:00
if [ " $assume_yes " = = 0 ] ; then
2019-11-19 11:42:06 +00:00
read answer < /dev/tty
2019-11-18 11:51:59 +00:00
if [ " $answer " != " ${ answer #[Nn] } " ] ; then
2020-03-20 20:13:33 +00:00
read -e -p < /dev/tty "Enter alternate lighttpd directory: " -i "/var/www/html" webroot_dir
2019-11-05 07:25:48 +00:00
fi
else
echo -e
fi
2020-06-24 23:36:19 +01:00
echo " ${ opt [1] } lighttpd directory: ${ webroot_dir } "
if [ " $upgrade " = = 1 ] ; then
2021-03-09 11:38:40 +00:00
echo " This will upgrade your existing install to version ${ RASPAP_RELEASE } "
2020-06-24 23:36:19 +01:00
echo "Your configuration will NOT be changed"
fi
echo -n " Complete ${ opt [2] } with these values? [Y/n]: "
2019-11-18 11:51:59 +00:00
if [ " $assume_yes " = = 0 ] ; then
2019-11-19 11:42:06 +00:00
read answer < /dev/tty
2019-11-18 11:51:59 +00:00
if [ " $answer " != " ${ answer #[Nn] } " ] ; then
2019-09-30 18:42:04 +01:00
echo "Installation aborted."
exit 0
fi
else
echo -e
2016-06-16 15:16:19 +02:00
fi
}
2020-07-03 12:43:47 +01:00
# Determines host Linux distribution details
2020-03-23 09:31:18 +00:00
function _get_linux_distro( ) {
2020-03-21 17:31:38 +00:00
if type lsb_release >/dev/null 2>& 1; then # linuxbase.org
OS = $( lsb_release -si)
RELEASE = $( lsb_release -sr)
CODENAME = $( lsb_release -sc)
DESC = $( lsb_release -sd)
elif [ -f /etc/os-release ] ; then # freedesktop.org
. /etc/os-release
OS = $ID
RELEASE = $VERSION_ID
CODENAME = $VERSION_CODENAME
DESC = $PRETTY_NAME
else
2020-04-10 10:40:21 +01:00
_install_status 1 "Unsupported Linux distribution"
2020-03-21 17:31:38 +00:00
fi
}
2020-03-23 09:31:18 +00:00
# Sets php package option based on Linux version, abort if unsupported distro
function _set_php_package( ) {
2020-03-21 17:31:38 +00:00
case $RELEASE in
2020-05-23 18:01:11 +01:00
18.04| 19.10) # Ubuntu Server
2020-03-21 17:31:38 +00:00
php_package = "php7.4-cgi"
phpcgiconf = "/etc/php/7.4/cgi/php.ini" ; ;
2020-05-23 18:01:11 +01:00
10*)
2020-03-21 17:31:38 +00:00
php_package = "php7.3-cgi"
phpcgiconf = "/etc/php/7.3/cgi/php.ini" ; ;
2020-05-23 18:01:11 +01:00
9*)
2020-03-21 17:31:38 +00:00
php_package = "php7.0-cgi"
phpcgiconf = "/etc/php/7.0/cgi/php.ini" ; ;
2020-05-23 18:01:11 +01:00
8)
2020-04-10 10:40:21 +01:00
_install_status 1 " ${ DESC } and php5 are not supported. Please upgrade. " ; ;
2020-03-21 17:31:38 +00:00
*)
2020-04-10 10:40:21 +01:00
_install_status 1 " ${ DESC } is unsupported. Please install on a supported distro. " ; ;
2020-03-21 17:31:38 +00:00
esac
}
2016-06-16 15:16:19 +02:00
# Runs a system software update to make sure we're using all fresh packages
2020-03-23 09:31:18 +00:00
function _install_dependencies( ) {
_install_log "Installing required packages"
_set_php_package
2020-03-20 20:13:33 +00:00
if [ " $php_package " = "php7.4-cgi" ] ; then
echo "Adding apt-repository ppa:ondrej/php"
2020-04-19 01:30:23 -04:00
sudo apt-get install $apt_option software-properties-common || _install_status 1 "Unable to install dependency"
sudo add-apt-repository $apt_option ppa:ondrej/php || _install_status 1 "Unable to add-apt-repository ppa:ondrej/php"
2020-03-20 20:13:33 +00:00
fi
2020-03-22 18:16:57 +00:00
if [ ${ OS ,, } = "debian" ] || [ ${ OS ,, } = "ubuntu" ] ; then
dhcpcd_package = "dhcpcd5"
fi
2020-03-21 17:31:38 +00:00
# Set dconf-set-selections
echo iptables-persistent iptables-persistent/autosave_v4 boolean true | sudo debconf-set-selections
echo iptables-persistent iptables-persistent/autosave_v6 boolean true | sudo debconf-set-selections
2020-04-10 10:40:21 +01:00
sudo apt-get install $apt_option lighttpd git hostapd dnsmasq iptables-persistent $php_package $dhcpcd_package vnstat qrencode || _install_status 1 "Unable to install dependencies"
_install_status 0
2016-06-16 15:16:19 +02:00
}
# Enables PHP for lighttpd and restarts service for settings to take effect
2020-03-23 09:31:18 +00:00
function _enable_php_lighttpd( ) {
_install_log "Enabling PHP for lighttpd"
2017-11-16 02:28:59 +01:00
sudo lighttpd-enable-mod fastcgi-php
2017-11-16 01:24:02 +00:00
sudo service lighttpd force-reload
2020-04-10 10:40:21 +01:00
sudo systemctl restart lighttpd.service || _install_status 1 "Unable to restart lighttpd"
2016-06-16 15:16:19 +02:00
}
# Verifies existence and permissions of RaspAP directory
2020-03-23 09:31:18 +00:00
function _create_raspap_directories( ) {
_install_log "Creating RaspAP directories"
2016-10-21 22:28:00 +01:00
if [ -d " $raspap_dir " ] ; then
2020-04-10 10:40:21 +01:00
sudo mv $raspap_dir " $raspap_dir .`date +%F-%R` " || _install_status 1 " Unable to move old ' $raspap_dir ' out of the way "
2016-06-16 15:16:19 +02:00
fi
2020-04-10 10:40:21 +01:00
sudo mkdir -p " $raspap_dir " || _install_status 1 " Unable to create directory ' $raspap_dir ' "
2017-10-28 02:40:30 +08:00
2017-10-01 20:54:16 +08:00
# Create a directory for existing file backups.
sudo mkdir -p " $raspap_dir /backups "
2016-06-16 15:16:19 +02:00
2017-10-28 02:40:30 +08:00
# Create a directory to store networking configs
2020-03-23 09:31:18 +00:00
echo " Creating $raspap_dir /networking "
2017-10-28 02:40:30 +08:00
sudo mkdir -p " $raspap_dir /networking "
2021-04-22 08:13:05 +01:00
# Copy existing dhcpcd.conf to use as base config
echo "Adding /etc/dhcpcd.conf as base configuration"
cat /etc/dhcpcd.conf | sudo tee -a /etc/raspap/networking/defaults > /dev/null
2021-03-09 11:38:40 +00:00
echo " Changing file ownership of $raspap_dir "
sudo chown -R $raspap_user :$raspap_user " $raspap_dir " || _install_status 1 " Unable to change file ownership for ' $raspap_dir ' "
2016-06-16 15:16:19 +02:00
}
2019-03-06 10:48:18 +00:00
# Generate hostapd logging and service control scripts
2020-03-23 09:31:18 +00:00
function _create_hostapd_scripts( ) {
_install_log "Creating hostapd logging & control scripts"
2020-04-10 10:40:21 +01:00
sudo mkdir $raspap_dir /hostapd || _install_status 1 " Unable to create directory ' $raspap_dir /hostapd' "
2017-11-16 22:38:03 +00:00
2019-03-06 10:48:18 +00:00
# Move logging shell scripts
2020-04-10 10:40:21 +01:00
sudo cp " $webroot_dir /installers/ " *log.sh " $raspap_dir /hostapd " || _install_status 1 "Unable to move logging scripts"
2019-03-06 10:48:18 +00:00
# Move service control shell scripts
2020-04-10 10:40:21 +01:00
sudo cp " $webroot_dir /installers/ " service*.sh " $raspap_dir /hostapd " || _install_status 1 "Unable to move service control scripts"
2018-08-27 23:10:56 +02:00
# Make enablelog.sh and disablelog.sh not writable by www-data group.
2020-04-10 10:40:21 +01:00
sudo chown -c root:" $raspap_user " " $raspap_dir /hostapd/ " *.sh || _install_status 1 "Unable change owner and/or group"
sudo chmod 750 " $raspap_dir /hostapd/ " *.sh || _install_status 1 "Unable to change file permissions"
_install_status 0
2017-11-02 22:43:41 +08:00
}
2019-11-10 22:21:55 +00:00
# Generate lighttpd service control scripts
2020-03-23 09:31:18 +00:00
function _create_lighttpd_scripts( ) {
_install_log "Creating lighttpd control scripts"
2020-04-10 10:40:21 +01:00
sudo mkdir $raspap_dir /lighttpd || _install_status 1 " Unable to create directory ' $raspap_dir /lighttpd "
2019-11-10 22:21:55 +00:00
# Move service control shell scripts
2020-04-10 10:40:21 +01:00
echo " Copying configport.sh to $raspap_dir /lighttpd "
sudo cp " $webroot_dir /installers/ " configport.sh " $raspap_dir /lighttpd " || _install_status 1 "Unable to move service control scripts"
2019-11-18 11:51:59 +00:00
# Make configport.sh writable by www-data group
2020-04-10 10:40:21 +01:00
echo "Changing file ownership"
sudo chown -c root:" $raspap_user " " $raspap_dir /lighttpd/ " *.sh || _install_status 1 "Unable change owner and/or group"
sudo chmod 750 " $raspap_dir /lighttpd/ " *.sh || _install_status 1 "Unable to change file permissions"
_install_status 0
2019-11-10 22:21:55 +00:00
}
2017-11-16 01:24:02 +00:00
2021-01-31 06:23:54 +00:00
# Copy extra config files required to configure lighttpd
2020-12-15 13:48:51 +00:00
function _install_lighttpd_configs( ) {
_install_log "Copying lighttpd extra config files"
# Copy config files
echo "Copying 50-raspap-router.conf to /etc/lighttpd/conf-available"
2021-03-02 14:37:50 +00:00
CONFSRC = " $webroot_dir /config/50-raspap-router.conf "
LTROOT = $( grep "server.document-root" /etc/lighttpd/lighttpd.conf | awk -F '=' '{print $2}' | tr -d " \"" )
2021-04-01 16:46:07 +01:00
# Compare values and get difference
2021-03-02 14:37:50 +00:00
HTROOT = ${ webroot_dir / $LTROOT }
2021-04-01 16:46:07 +01:00
# Remove trailing slash if present
2021-03-02 14:37:50 +00:00
HTROOT = $( echo " $HTROOT " | sed -e 's/\/$//' )
2021-04-01 16:46:07 +01:00
# Substitute values
2021-03-02 14:37:50 +00:00
awk " {gsub(\"/REPLACE_ME\",\" $HTROOT \")}1 " $CONFSRC > /tmp/50-raspap-router.conf
2021-04-01 16:46:07 +01:00
# Copy into place
2021-03-02 14:37:50 +00:00
sudo cp /tmp/50-raspap-router.conf /etc/lighttpd/conf-available/ || _install_status 1 "Unable to copy lighttpd config file into place."
2021-04-01 16:46:07 +01:00
# Link into conf-enabled
2021-03-02 14:37:50 +00:00
echo "Creating link to /etc/lighttpd/conf-enabled"
2021-04-01 16:46:07 +01:00
if ! [ -L $raspap_router ] ; then
echo "Existing 50-raspap-router.conf found. Unlinking."
sudo unlink "/etc/lighttpd/conf-enabled/50-raspap-router.conf"
fi
echo "Linking 50-raspap-router.conf to /etc/lighttpd/conf-enabled/"
2021-03-02 14:37:50 +00:00
sudo ln -s "/etc/lighttpd/conf-available/50-raspap-router.conf" "/etc/lighttpd/conf-enabled/50-raspap-router.conf" || _install_status 1 "Unable to symlink lighttpd config file (this is normal if the link already exists)."
2020-12-15 13:48:51 +00:00
sudo systemctl restart lighttpd.service || _install_status 1 "Unable to restart lighttpd"
_install_status 0
}
2021-03-02 14:37:50 +00:00
2020-04-13 08:49:18 +01:00
# Prompt to install ad blocking
2020-03-31 21:54:46 +00:00
function _prompt_install_adblock( ) {
2020-04-13 08:49:18 +01:00
_install_log "Configure ad blocking (Beta)"
echo -n "Install ad blocking and enable list management? [Y/n]: "
if [ " $assume_yes " = = 0 ] ; then
read answer < /dev/tty
if [ " $answer " != " ${ answer #[Nn] } " ] ; then
echo -e
else
_install_adblock
2020-03-31 21:54:46 +00:00
fi
2020-04-13 08:49:18 +01:00
elif [ " $adblock_option " = = 1 ] ; then
_install_adblock
else
echo "(Skipped)"
2020-03-31 21:54:46 +00:00
fi
}
# Download notracking adblock lists and enable option
function _install_adblock( ) {
2020-04-13 08:49:18 +01:00
_install_log "Creating ad blocking base configuration (Beta)"
2020-03-31 21:54:46 +00:00
if [ ! -d " $raspap_dir /adblock " ] ; then
echo " Creating $raspap_dir /adblock "
sudo mkdir -p " $raspap_dir /adblock "
fi
if [ ! -f /tmp/hostnames.txt ] ; then
echo "Fetching latest hostnames list"
2020-04-01 18:49:25 +00:00
wget ${ notracking_url } hostnames.txt -q --show-progress --progress= bar:force -O /tmp/hostnames.txt 2>& 1 \
2020-04-10 10:40:21 +01:00
|| _install_status 1 "Unable to download notracking hostnames"
2020-03-31 21:54:46 +00:00
fi
if [ ! -f /tmp/domains.txt ] ; then
echo "Fetching latest domains list"
2020-04-01 18:49:25 +00:00
wget ${ notracking_url } domains.txt -q --show-progress --progress= bar:force -O /tmp/domains.txt 2>& 1 \
2020-04-10 10:40:21 +01:00
|| _install_status 1 "Unable to download notracking domains"
2020-03-31 21:54:46 +00:00
fi
echo " Adding blocklists to $raspap_dir /adblock "
2020-04-10 10:40:21 +01:00
sudo cp /tmp/hostnames.txt $raspap_dir /adblock || _install_status 1 "Unable to move notracking hostnames"
sudo cp /tmp/domains.txt $raspap_dir /adblock || _install_status 1 "Unable to move notracking domains"
2020-03-31 21:54:46 +00:00
echo "Moving and setting permissions for blocklist update script"
2020-04-10 10:40:21 +01:00
sudo cp " $webroot_dir /installers/ " update_blocklist.sh " $raspap_dir /adblock " || _install_status 1 "Unable to move blocklist update script"
2020-03-31 21:54:46 +00:00
# Make blocklists and update script writable by www-data group
2020-04-10 10:40:21 +01:00
sudo chown -c root:" $raspap_user " " $raspap_dir /adblock/ " *.* || _install_status 1 "Unable to change owner/group"
2020-03-31 21:54:46 +00:00
sudo chmod 750 " $raspap_dir /adblock/ " *.sh || install_error "Unable to change file permissions"
2020-04-01 07:51:53 +00:00
# Create 090_adblock.conf and write values to /etc/dnsmasq.d
if [ ! -f " $raspap_adblock " ] ; then
echo "Adding 090_addblock.conf to /etc/dnsmasq.d"
sudo touch " $raspap_adblock "
2020-04-10 10:40:21 +01:00
echo " conf-file= $raspap_dir /adblock/domains.txt " | sudo tee -a " $raspap_adblock " > /dev/null || _install_status 1 " Unable to write to $raspap_adblock "
echo " addn-hosts= $raspap_dir /adblock/hostnames.txt " | sudo tee -a " $raspap_adblock " > /dev/null || _install_status 1 " Unable to write to $raspap_adblock "
2020-04-01 07:51:53 +00:00
fi
2020-12-05 22:21:39 +00:00
# Remove dhcp-option=6 in dnsmasq.d/090_wlan0.conf to force local DNS resolution for DHCP clients
2020-04-03 09:51:59 +00:00
echo "Enabling local DNS name resolution for DHCP clients"
2020-12-12 19:29:43 +00:00
sudo sed -i '/dhcp-option=6/d' $raspap_wlan0 || _install_status 1 " Unable to modify $raspap_dnsmasq "
2020-04-03 09:51:59 +00:00
2020-03-31 21:54:46 +00:00
echo "Enabling ad blocking management option"
2020-04-10 10:40:21 +01:00
sudo sed -i "s/\('RASPI_ADBLOCK_ENABLED', \)false/\1true/g" " $webroot_dir /includes/config.php " || _install_status 1 "Unable to modify config.php"
_install_status 0
2020-03-31 21:54:46 +00:00
}
2019-11-18 11:51:59 +00:00
# Prompt to install openvpn
2020-03-23 09:31:18 +00:00
function _prompt_install_openvpn( ) {
2020-04-13 08:49:18 +01:00
_install_log "Configure OpenVPN support"
2019-11-18 11:51:59 +00:00
echo -n "Install OpenVPN and enable client configuration? [Y/n]: "
if [ " $assume_yes " = = 0 ] ; then
2019-11-19 11:42:06 +00:00
read answer < /dev/tty
2019-11-18 11:51:59 +00:00
if [ " $answer " != " ${ answer #[Nn] } " ] ; then
echo -e
else
2020-03-23 09:31:18 +00:00
_install_openvpn
2019-11-18 11:51:59 +00:00
fi
2019-11-22 14:05:49 +00:00
elif [ " $ovpn_option " = = 1 ] ; then
2020-03-23 09:31:18 +00:00
_install_openvpn
2020-04-13 08:49:18 +01:00
else
echo "(Skipped)"
2019-11-18 11:51:59 +00:00
fi
}
2021-03-09 11:38:40 +00:00
# Prompt to install WireGuard
function _prompt_install_wireguard( ) {
if [ " $insiders " = = 1 ] ; then
_install_log "Configure WireGuard support"
echo -n "Install WireGuard and enable VPN tunnel configuration? [Y/n]: "
if [ " $assume_yes " = = 0 ] ; then
read answer < /dev/tty
if [ " $answer " != " ${ answer #[Nn] } " ] ; then
echo -e
else
_install_wireguard
fi
elif [ " $wg_option " = = 1 ] ; then
_install_wireguard
else
echo "(Skipped)"
fi
fi
}
# Install Wireguard from the Debian unstable distro
function _install_wireguard( ) {
_install_log "Configure WireGuard support"
2021-04-14 20:06:19 +01:00
if [ " $OS " = = "Debian" ] ; then
echo 'deb http://ftp.debian.org/debian buster-backports main' | sudo tee /etc/apt/sources.list.d/buster-backports.list || _install_status 1 "Unable to add Debian backports repo"
2021-03-09 11:38:40 +00:00
fi
2021-04-14 20:06:19 +01:00
echo "Installing wireguard from apt"
2021-03-09 11:38:40 +00:00
sudo apt-get update && sudo apt-get install $apt_option wireguard || _install_status 1 "Unable to install wireguard"
echo "Enabling wg-quick@wg0"
sudo systemctl enable wg-quick@wg0 || _install_status 1 "Failed to enable wg-quick service"
echo "Enabling WireGuard management option"
2021-04-14 20:06:19 +01:00
sudo sed -i "s/\('RASPI_WIREGUARD_ENABLED', \)false/\1true/g" " $webroot_dir /includes/config.php " || _install_status 1 "Unable to modify config.php"
2021-03-09 11:38:40 +00:00
_install_status 0
}
2019-11-18 11:51:59 +00:00
# Install openvpn and enable client configuration option
2020-03-23 09:31:18 +00:00
function _install_openvpn( ) {
_install_log "Installing OpenVPN and enabling client configuration"
2020-10-14 11:40:02 +01:00
echo "Adding packages via apt-get"
2020-11-02 08:23:55 +00:00
sudo apt-get install -y openvpn || _install_status 1 "Unable to install openvpn"
2020-04-10 10:40:21 +01:00
sudo sed -i "s/\('RASPI_OPENVPN_ENABLED', \)false/\1true/g" " $webroot_dir /includes/config.php " || _install_status 1 "Unable to modify config.php"
2019-11-22 12:41:19 +00:00
echo "Enabling openvpn-client service on boot"
2020-04-10 10:40:21 +01:00
sudo systemctl enable openvpn-client@client || _install_status 1 "Unable to enable openvpn-client daemon"
_create_openvpn_scripts || _install_status 1 "Unable to create openvpn control scripts"
2019-11-18 11:51:59 +00:00
}
2019-11-15 08:57:17 +00:00
# Generate openvpn logging and auth control scripts
2020-03-23 09:31:18 +00:00
function _create_openvpn_scripts( ) {
_install_log "Creating OpenVPN control scripts"
2020-04-10 10:40:21 +01:00
sudo mkdir $raspap_dir /openvpn || _install_status 1 " Unable to create directory ' $raspap_dir /openvpn' "
2019-11-15 08:57:17 +00:00
2021-03-09 11:38:40 +00:00
# Move service auth control & logging shell scripts
2020-04-10 10:40:21 +01:00
sudo cp " $webroot_dir /installers/ " configauth.sh " $raspap_dir /openvpn " || _install_status 1 "Unable to move auth control script"
2021-03-09 11:38:40 +00:00
sudo cp " $webroot_dir /installers/ " openvpnlog.sh " $raspap_dir /openvpn " || _install_status 1 "Unable to move logging script"
# Make scripts executable by www-data group
2020-04-10 10:40:21 +01:00
sudo chown -c root:" $raspap_user " " $raspap_dir /openvpn/ " *.sh || _install_status 1 "Unable change owner and/or group"
sudo chmod 750 " $raspap_dir /openvpn/ " *.sh || _install_status 1 "Unable to change file permissions"
_install_status 0
2019-11-15 08:57:17 +00:00
}
2016-06-16 15:16:19 +02:00
# Fetches latest files from github to webroot
2020-03-23 09:31:18 +00:00
function _download_latest_files( ) {
2019-11-05 07:25:48 +00:00
if [ ! -d " $webroot_dir " ] ; then
2020-04-10 10:40:21 +01:00
sudo mkdir -p $webroot_dir || _install_status 1 "Unable to create new webroot directory"
2019-11-05 07:25:48 +00:00
fi
2016-10-23 16:39:33 +01:00
if [ -d " $webroot_dir " ] ; then
2020-04-10 10:40:21 +01:00
sudo mv $webroot_dir " $webroot_dir .`date +%F-%R` " || _install_status 1 "Unable to remove old webroot directory"
2016-06-16 15:16:19 +02:00
fi
2020-03-23 09:31:18 +00:00
_install_log "Cloning latest files from github"
2020-12-07 09:55:01 +00:00
git clone --branch $branch --depth 1 -c advice.detachedHead= false $git_source_url /tmp/raspap-webgui || _install_status 1 "Unable to download files from github"
2020-03-10 00:05:46 +01:00
2020-04-10 10:40:21 +01:00
sudo mv /tmp/raspap-webgui $webroot_dir || _install_status 1 "Unable to move raspap-webgui to web root"
2020-06-24 23:36:19 +01:00
if [ " $upgrade " = = 1 ] ; then
_install_log " Applying existing configuration to ${ webroot_dir } /includes "
sudo mv /tmp/config.php $webroot_dir /includes || _install_status 1 " Unable to move config.php to ${ webroot_dir } /includes "
fi
2020-04-10 10:40:21 +01:00
_install_status 0
2016-06-16 15:16:19 +02:00
}
# Sets files ownership in web root directory
2020-03-23 09:31:18 +00:00
function _change_file_ownership( ) {
2016-06-16 15:16:19 +02:00
if [ ! -d " $webroot_dir " ] ; then
2020-04-10 10:40:21 +01:00
_install_status 1 "Web root directory doesn't exist"
2016-06-16 15:16:19 +02:00
fi
2020-03-23 09:31:18 +00:00
_install_log "Changing file ownership in web root directory"
2020-04-10 10:40:21 +01:00
sudo chown -R $raspap_user :$raspap_user " $webroot_dir " || _install_status 1 " Unable to change file ownership for ' $webroot_dir ' "
2016-06-16 15:16:19 +02:00
}
2020-03-20 07:32:23 +00:00
# Check for existing configuration files
2020-03-23 09:31:18 +00:00
function _check_for_old_configs( ) {
2020-06-24 23:36:19 +01:00
if [ " $upgrade " = = 1 ] ; then
_install_log "Moving existing configuration to /tmp"
sudo mv $webroot_dir /includes/config.php /tmp || _install_status 1 "Unable to move config.php to /tmp"
else
_install_log " Backing up existing configs to ${ raspap_dir } /backups "
if [ -f /etc/network/interfaces ] ; then
sudo cp /etc/network/interfaces " $raspap_dir /backups/interfaces.`date +%F-%R` "
sudo ln -sf " $raspap_dir /backups/interfaces.`date +%F-%R` " " $raspap_dir /backups/interfaces "
fi
2017-10-02 03:34:14 +08:00
2020-06-24 23:36:19 +01:00
if [ -f /etc/hostapd/hostapd.conf ] ; then
sudo cp /etc/hostapd/hostapd.conf " $raspap_dir /backups/hostapd.conf.`date +%F-%R` "
sudo ln -sf " $raspap_dir /backups/hostapd.conf.`date +%F-%R` " " $raspap_dir /backups/hostapd.conf "
fi
2017-10-02 03:34:14 +08:00
2020-12-12 19:29:43 +00:00
if [ -f $raspap_default ] ; then
sudo cp $raspap_default " $raspap_dir /backups/090_raspap.conf.`date +%F-%R` "
sudo ln -sf " $raspap_dir /backups/090_raspap.conf.`date +%F-%R` " " $raspap_dir /backups/090_raspap.conf "
fi
if [ -f $raspap_wlan0 ] ; then
sudo cp $raspap_wlan0 " $raspap_dir /backups/090_wlan0.conf.`date +%F-%R` "
2020-12-03 20:26:17 +00:00
sudo ln -sf " $raspap_dir /backups/090_wlan0.conf.`date +%F-%R` " " $raspap_dir /backups/090_wlan0.conf "
2020-06-24 23:36:19 +01:00
fi
2017-10-21 22:39:29 +08:00
2020-06-24 23:36:19 +01:00
if [ -f /etc/dhcpcd.conf ] ; then
sudo cp /etc/dhcpcd.conf " $raspap_dir /backups/dhcpcd.conf.`date +%F-%R` "
sudo ln -sf " $raspap_dir /backups/dhcpcd.conf.`date +%F-%R` " " $raspap_dir /backups/dhcpcd.conf "
2020-03-10 16:42:08 +08:00
fi
2020-06-24 23:36:19 +01:00
for file in /etc/systemd/network/raspap-*.net*; do
if [ -f " ${ file } " ] ; then
filename = $( basename $file )
sudo cp " $file " " ${ raspap_dir } /backups/ ${ filename } .`date +%F-%R` "
sudo ln -sf " ${ raspap_dir } /backups/ ${ filename } .`date +%F-%R` " " ${ raspap_dir } /backups/ ${ filename } "
fi
done
fi
2020-04-10 10:40:21 +01:00
_install_status 0
2017-10-01 20:54:16 +08:00
}
2016-06-16 15:16:19 +02:00
# Move configuration file to the correct location
2020-03-23 09:31:18 +00:00
function _move_config_file( ) {
2020-07-21 22:42:39 +01:00
if [ ! -d " $raspap_dir " ] ; then
_install_status 1 " ' $raspap_dir ' directory doesn't exist "
2020-07-14 08:15:27 +01:00
fi
2020-07-21 22:42:39 +01:00
_install_log " Moving configuration file to $raspap_dir "
sudo cp " $webroot_dir " /raspap.php " $raspap_dir " || _install_status 1 " Unable to move files to ' $raspap_dir ' "
sudo chown -R $raspap_user :$raspap_user " $raspap_dir " || _install_status 1 " Unable to change file ownership for ' $raspap_dir ' "
2016-06-16 15:16:19 +02:00
}
2016-10-23 16:39:33 +01:00
# Set up default configuration
2020-03-23 09:31:18 +00:00
function _default_configuration( ) {
2020-06-24 23:36:19 +01:00
if [ " $upgrade " = = 0 ] ; then
_install_log "Applying default configuration to installed services"
2020-12-09 17:16:25 +00:00
2020-06-24 23:36:19 +01:00
sudo cp $webroot_dir /config/hostapd.conf /etc/hostapd/hostapd.conf || _install_status 1 "Unable to move hostapd configuration file"
2020-12-12 19:29:43 +00:00
sudo cp $webroot_dir /config/090_raspap.conf $raspap_default || _install_status 1 "Unable to move dnsmasq default configuration file"
sudo cp $webroot_dir /config/090_wlan0.conf $raspap_wlan0 || _install_status 1 "Unable to move dnsmasq wlan0 configuration file"
2020-06-24 23:36:19 +01:00
sudo cp $webroot_dir /config/dhcpcd.conf /etc/dhcpcd.conf || _install_status 1 "Unable to move dhcpcd configuration file"
2020-12-05 22:21:39 +00:00
sudo cp $webroot_dir /config/defaults.json $raspap_network || _install_status 1 "Unable to move defaults.json settings"
echo " Changing file ownership of $raspap_dir "
sudo chown -R $raspap_user :$raspap_user " $raspap_dir " || _install_status 1 " Unable to change file ownership for ' $raspap_dir ' "
2020-06-24 23:36:19 +01:00
echo "Checking for existence of /etc/dnsmasq.d"
[ -d /etc/dnsmasq.d ] || sudo mkdir /etc/dnsmasq.d
echo "Copying bridged AP config to /etc/systemd/network"
sudo systemctl stop systemd-networkd
sudo systemctl disable systemd-networkd
sudo cp $webroot_dir /config/raspap-bridge-br0.netdev /etc/systemd/network/raspap-bridge-br0.netdev || _install_status 1 "Unable to move br0 netdev file"
sudo cp $webroot_dir /config/raspap-br0-member-eth0.network /etc/systemd/network/raspap-br0-member-eth0.network || _install_status 1 "Unable to move br0 member file"
echo "Copying primary RaspAP config to includes/config.php"
if [ ! -f " $webroot_dir /includes/config.php " ] ; then
sudo cp " $webroot_dir /config/config.php " " $webroot_dir /includes/config.php "
fi
_install_status 0
2019-11-05 15:30:08 +01:00
fi
2020-03-21 08:07:40 +00:00
}
2019-11-05 15:30:08 +01:00
2020-03-21 08:07:40 +00:00
# Install and enable RaspAP daemon
2020-03-23 09:31:18 +00:00
function _enable_raspap_daemon( ) {
_install_log "Enabling RaspAP daemon"
2020-03-22 13:40:34 +00:00
echo "Disable with: sudo systemctl disable raspapd.service"
2020-04-10 10:40:21 +01:00
sudo cp $webroot_dir /installers/raspapd.service /lib/systemd/system/ || _install_status 1 "Unable to move raspap.service file"
2020-03-21 08:07:40 +00:00
sudo systemctl daemon-reload
2020-04-10 10:40:21 +01:00
sudo systemctl enable raspapd.service || _install_status 1 "Failed to enable raspap.service"
2020-03-21 08:07:40 +00:00
}
2020-03-21 17:31:38 +00:00
# Configure IP forwarding, set IP tables rules, prompt to install RaspAP daemon
2020-03-23 09:31:18 +00:00
function _configure_networking( ) {
_install_log "Configuring networking"
2020-03-21 17:31:38 +00:00
echo "Enabling IP forwarding"
2020-04-10 10:40:21 +01:00
echo "net.ipv4.ip_forward=1" | sudo tee $raspap_sysctl > /dev/null || _install_status 1 "Unable to set IP forwarding"
sudo sysctl -p $raspap_sysctl || _install_status 1 "Unable to execute sysctl"
sudo /etc/init.d/procps restart || _install_status 1 "Unable to execute procps"
2020-03-21 17:31:38 +00:00
2020-03-25 22:59:51 +00:00
echo "Checking iptables rules"
rules = (
"-A POSTROUTING -j MASQUERADE"
"-A POSTROUTING -s 192.168.50.0/24 ! -d 192.168.50.0/24 -j MASQUERADE"
)
for rule in " ${ rules [@] } " ; do
if grep -- " $rule " $rulesv4 > /dev/null; then
echo " Rule already exits: ${ rule } "
else
rule = $( sed -e 's/^\(-A POSTROUTING\)/-t nat \1/' <<< $rule )
echo " Adding rule: ${ rule } "
2020-04-10 10:40:21 +01:00
sudo iptables $rule || _install_status 1 "Unable to execute iptables"
2020-03-25 22:59:51 +00:00
added = true
fi
done
# Persist rules if added
if [ " $added " = true ] ; then
echo "Persisting IP tables rules"
2020-04-10 10:40:21 +01:00
sudo iptables-save | sudo tee $rulesv4 > /dev/null || _install_status 1 "Unable to execute iptables-save"
2020-03-25 22:59:51 +00:00
fi
2019-04-19 11:36:09 +00:00
2019-09-30 18:42:04 +01:00
# Prompt to install RaspAP daemon
2019-04-21 10:59:36 +00:00
echo -n "Enable RaspAP control service (Recommended)? [Y/n]: "
2019-11-18 11:51:59 +00:00
if [ " $assume_yes " = = 0 ] ; then
2019-11-19 11:42:06 +00:00
read answer < /dev/tty
2019-11-18 11:51:59 +00:00
if [ " $answer " != " ${ answer #[Nn] } " ] ; then
echo -e
else
2020-03-23 09:31:18 +00:00
_enable_raspap_daemon
2019-09-30 18:42:04 +01:00
fi
else
echo -e
2020-03-23 09:31:18 +00:00
_enable_raspap_daemon
2019-04-21 10:59:36 +00:00
fi
2020-04-10 10:40:21 +01:00
_install_status 0
2020-03-21 08:07:40 +00:00
}
2019-09-30 18:42:04 +01:00
2020-03-20 09:55:49 +00:00
# Add sudoers file to /etc/sudoers.d/ and set file permissions
2020-03-23 09:31:18 +00:00
function _patch_system_files( ) {
2019-11-18 11:51:59 +00:00
2020-03-19 09:37:05 +00:00
# Create sudoers if not present
if [ ! -f $raspap_sudoers ] ; then
2020-03-23 09:31:18 +00:00
_install_log " Adding raspap.sudoers to ${ raspap_sudoers } "
2020-04-10 10:40:21 +01:00
sudo cp " $webroot_dir /installers/raspap.sudoers " $raspap_sudoers || _install_status 1 " Unable to apply raspap.sudoers to $raspap_sudoers "
sudo chmod 0440 $raspap_sudoers || _install_status 1 " Unable to change file permissions for $raspap_sudoers "
2017-10-02 03:34:14 +08:00
fi
2019-03-09 17:48:51 +00:00
2019-12-13 16:54:01 +00:00
# Add symlink to prevent wpa_cli cmds from breaking with multiple wlan interfaces
2020-03-23 09:31:18 +00:00
_install_log "Symlinked wpa_supplicant hooks for multiple wlan interfaces"
2019-12-13 16:54:01 +00:00
if [ ! -f /usr/share/dhcpcd/hooks/10-wpa_supplicant ] ; then
sudo ln -s /usr/share/dhcpcd/hooks/10-wpa_supplicant /etc/dhcp/dhclient-enter-hooks.d/
fi
2019-03-09 19:45:27 +01:00
# Unmask and enable hostapd.service
2020-03-23 09:31:18 +00:00
_install_log "Unmasking and enabling hostapd service"
2019-03-09 17:48:51 +00:00
sudo systemctl unmask hostapd.service
2019-03-09 19:45:27 +01:00
sudo systemctl enable hostapd.service
2020-04-10 10:40:21 +01:00
_install_status 0
2016-06-16 15:16:19 +02:00
}
2018-08-21 23:43:50 +02:00
2018-09-05 12:59:49 +00:00
# Optimize configuration of php-cgi.
2020-03-23 09:31:18 +00:00
function _optimize_php( ) {
2020-06-24 23:36:19 +01:00
if [ " $upgrade " = = 0 ] ; then
_install_log "Optimize PHP configuration"
if [ ! -f " $phpcgiconf " ] ; then
_install_warning "PHP configuration could not be found."
return
2019-09-30 18:42:04 +01:00
fi
2020-06-24 23:36:19 +01:00
# Backup php.ini and create symlink for restoring.
datetimephpconf = $( date +%F-%R)
sudo cp " $phpcgiconf " " $raspap_dir /backups/php.ini. $datetimephpconf "
sudo ln -sf " $raspap_dir /backups/php.ini. $datetimephpconf " " $raspap_dir /backups/php.ini "
2018-08-31 23:38:30 +02:00
2020-06-24 23:36:19 +01:00
echo -n "Enable HttpOnly for session cookies (Recommended)? [Y/n]: "
2019-11-18 11:51:59 +00:00
if [ " $assume_yes " = = 0 ] ; then
2019-11-19 11:42:06 +00:00
read answer < /dev/tty
2019-11-18 11:51:59 +00:00
if [ " $answer " != " ${ answer #[Nn] } " ] ; then
echo -e
else
2020-06-24 23:36:19 +01:00
php_session_cookie = 1;
2019-09-30 18:42:04 +01:00
fi
fi
2020-06-24 23:36:19 +01:00
if [ " $assume_yes " = = 1 ] || [ " $php_session_cookie " = = 1 ] ; then
echo "Php-cgi enabling session.cookie_httponly."
sudo sed -i -E 's/^session\.cookie_httponly\s*=\s*(0|([O|o]ff)|([F|f]alse)|([N|n]o))\s*$/session.cookie_httponly = 1/' " $phpcgiconf "
fi
if [ " $php_package " = "php7.1-cgi" ] ; then
echo -n "Enable PHP OPCache (Recommended)? [Y/n]: "
if [ " $assume_yes " = = 0 ] ; then
read answer < /dev/tty
if [ " $answer " != " ${ answer #[Nn] } " ] ; then
echo -e
else
php_opcache = 1;
fi
fi
if [ " $assume_yes " = = 1 ] || [ " $phpopcache " = = 1 ] ; then
echo -e "Php-cgi enabling opcache.enable."
sudo sed -i -E 's/^;?opcache\.enable\s*=\s*(0|([O|o]ff)|([F|f]alse)|([N|n]o))\s*$/opcache.enable = 1/' " $phpcgiconf "
# Make sure opcache extension is turned on.
if [ -f "/usr/sbin/phpenmod" ] ; then
sudo phpenmod opcache
else
_install_status 2 "phpenmod not found."
fi
2018-08-23 00:44:12 +02:00
fi
fi
2018-08-21 23:43:50 +02:00
fi
}
2020-03-23 09:31:18 +00:00
function _install_complete( ) {
2020-07-03 12:43:47 +01:00
_install_log "Installation completed"
2021-03-10 06:27:29 +00:00
echo "Join RaspAP Insiders for early access to exclusive features!"
2020-07-03 12:43:47 +01:00
echo -e " ${ ANSI_RASPBERRY } "
2021-03-10 06:27:29 +00:00
echo "> https://docs.raspap.com/insiders/"
echo "> https://github.com/sponsors/RaspAP/"
2020-07-03 12:43:47 +01:00
echo -e " ${ ANSI_RESET } "
2019-11-18 11:51:59 +00:00
if [ " $assume_yes " = = 0 ] ; then
2019-09-30 18:42:04 +01:00
# Prompt to reboot if wired ethernet (eth0) is connected.
# With default_configuration this will create an active AP on restart.
if ip a | grep -q ': eth0:.*state UP' ; then
echo -n "The system needs to be rebooted as a final step. Reboot now? [y/N]: "
2019-11-19 11:42:06 +00:00
read answer < /dev/tty
2019-11-18 11:51:59 +00:00
if [ " $answer " != " ${ answer #[Nn] } " ] ; then
2019-09-30 18:42:04 +01:00
echo "Installation reboot aborted."
exit 0
fi
2020-04-10 10:40:21 +01:00
sudo shutdown -r now || _install_status 1 "Unable to execute shutdown"
2019-04-07 22:13:05 +00:00
fi
2016-06-16 15:16:19 +02:00
fi
}