From 445b0af4b56d7cda80efa5f1bc5f8cf38c149824 Mon Sep 17 00:00:00 2001 From: billz Date: Tue, 9 Mar 2021 09:51:15 +0000 Subject: [PATCH 1/3] Add @zbchristian's token option, fix private repo handling --- installers/common.sh | 78 ++++++++++++++++++++++++++++++++++++++++-- installers/raspbian.sh | 34 ++++++++++++------ 2 files changed, 99 insertions(+), 13 deletions(-) diff --git a/installers/common.sh b/installers/common.sh index 6acb021f..d38c0b4f 100755 --- a/installers/common.sh +++ b/installers/common.sh @@ -26,9 +26,15 @@ readonly raspap_adblock="/etc/dnsmasq.d/090_adblock.conf" readonly raspap_sysctl="/etc/sysctl.d/90_raspap.conf" readonly raspap_network="$raspap_dir/networking/" readonly rulesv4="/etc/iptables/rules.v4" +readonly raspap_client_scripts="/usr/local/sbin" readonly notracking_url="https://raw.githubusercontent.com/notracking/hosts-blocklists/master/" webroot_dir="/var/www/html" -git_source_url="https://github.com/$repo" # $repo from install.raspap.com + +if [ "$insiders" == 1 ]; then + repo="RaspAP/raspap-insiders" + branch=${RASPAP_INSIDERS_LATEST} +fi +git_source_url="https://github.com/$repo" # NOTE: all the below functions are overloadable for system-specific installs function _install_raspap() { @@ -50,6 +56,8 @@ function _install_raspap() { _configure_networking _prompt_install_adblock _prompt_install_openvpn + _prompt_install_wireguard + _install_client_config _patch_system_files _install_complete } @@ -77,7 +85,7 @@ function _config_installation() { fi echo "${opt[1]} lighttpd directory: ${webroot_dir}" if [ "$upgrade" == 1 ]; then - echo "This will upgrade your existing install to version ${RASPAP_LATEST}" + echo "This will upgrade your existing install to version ${RASPAP_RELEASE}" echo "Your configuration will NOT be changed" fi echo -n "Complete ${opt[2]} with these values? [Y/n]: " @@ -145,6 +153,7 @@ function _install_dependencies() { echo iptables-persistent iptables-persistent/autosave_v4 boolean true | sudo debconf-set-selections echo iptables-persistent iptables-persistent/autosave_v6 boolean true | sudo debconf-set-selections sudo apt-get install $apt_option lighttpd git hostapd dnsmasq iptables-persistent $php_package $dhcpcd_package vnstat qrencode || _install_status 1 "Unable to install dependencies" + sudo apt-get install wvdial socat bc || _install_status 1 "Unable to install dependencies" _install_status 0 } @@ -170,6 +179,11 @@ function _create_raspap_directories() { # Create a directory to store networking configs echo "Creating $raspap_dir/networking" sudo mkdir -p "$raspap_dir/networking" + # Copy existing dhcpcd.conf to use as base config + echo "Adding /etc/dhcpcd.conf as base configuration" + cat /etc/dhcpcd.conf | sudo tee -a /etc/raspap/networking/defaults > /dev/null + echo "Changing file ownership of $raspap_dir" + sudo chown -R $raspap_user:$raspap_user "$raspap_dir" || _install_status 1 "Unable to change file ownership for '$raspap_dir'" } # Generate hostapd logging and service control scripts @@ -313,6 +327,49 @@ function _prompt_install_openvpn() { fi } +# Prompt to install WireGuard +function _prompt_install_wireguard() { + if [ "$insiders" == 1 ]; then + _install_log "Configure WireGuard support" + echo -n "Install WireGuard and enable VPN tunnel configuration? [Y/n]: " + if [ "$assume_yes" == 0 ]; then + read answer < /dev/tty + if [ "$answer" != "${answer#[Nn]}" ]; then + echo -e + else + _install_wireguard + fi + elif [ "$wg_option" == 1 ]; then + _install_wireguard + else + echo "(Skipped)" + fi + fi +} + +# Install Wireguard from the Debian unstable distro +function _install_wireguard() { + _install_log "Configure WireGuard support" + if [ "$OS" == "Raspbian" ]; then + echo "Installing raspberrypi-kernel-headers" + sudo apt-get install $apt_option raspberrypi-kernel-headers || _install_status 1 "Unable to install raspberrypi-kernel-headers" + fi + echo "Installing WireGuard from Debian unstable distro" + echo "Adding Debian distro" + echo "deb http://deb.debian.org/debian/ unstable main" | sudo tee --append /etc/apt/sources.list.d/unstable.list || _install_status 1 "Unable to append to sources.list" + sudo apt-get install dirmngr || _install_status 1 "Unable to install dirmngr" + echo "Adding Debian distro keys" + sudo wget -q -O - https://ftp-master.debian.org/keys/archive-key-$(lsb_release -sr).asc | sudo apt-key add - || _install_status 1 "Unable to add keys" + printf 'Package: *\nPin: release a=unstable\nPin-Priority: 150\n' | sudo tee --append /etc/apt/preferences.d/limit-unstable || _install_status 1 "Unable to append to preferences.d" + echo "Installing WireGuard" + sudo apt-get update && sudo apt-get install $apt_option wireguard || _install_status 1 "Unable to install wireguard" + echo "Enabling wg-quick@wg0" + sudo systemctl enable wg-quick@wg0 || _install_status 1 "Failed to enable wg-quick service" + echo "Enabling WireGuard management option" + sudo sed -i "s/\('RASPI_WIREGUARD_ENABLED', \)false/\1true/g" "$webroot_dir/includes/config.php" || _install_status 1 "Unable to modify config.php" + _install_status 0 +} + # Install openvpn and enable client configuration option function _install_openvpn() { _install_log "Installing OpenVPN and enabling client configuration" @@ -464,6 +521,23 @@ function _enable_raspap_daemon() { sudo systemctl enable raspapd.service || _install_status 1 "Failed to enable raspap.service" } +function _install_client_config() { + _install_log "Install mobile client scripts and settings" + # Move scripts + sudo cp "$webroot_dir/config/client_config/"*.sh "$raspap_client_scripts/" || _install_status 1 "Unable to move client scripts" + sudo chmod a+rx "$raspap_client_scripts/"*.sh || _install_status 1 "Unable to chmod client scripts" + sudo cp "$webroot_dir/config/client_config/mcc-mnc-table.csv" "$raspap_client_scripts/" || _install_status 1 "Unable to move client data" + # wvdial settings + sudo cp "$webroot_dir/config/client_config/wvdial.conf" "/etc/" || _install_status 1 "Unable to install client configuration" + sudo cp "$webroot_dir/config/client_config/interfaces" "/etc/network/interfaces" || _install_status 1 "Unable to install interface settings" + # udev rules/services to auto start mobile data services + sudo cp "$webroot_dir/config/client_config/70-mobile-data-sticks.rules" "/etc/udev/rules.d/" || _install_status 1 "Unable to install client udev rules" + sudo cp "$webroot_dir/config/client_config/80-raspap-net-devices.rules" "/etc/udev/rules.d/" || _install_status 1 "Unable to install client udev rules" + sudo cp "$webroot_dir/config/client_config/"*.service "/etc/systemd/system/" || _install_status 1 "Unable to install client startup services" + # client configuration and udev rule templates + sudo cp "$webroot_dir/config/client_udev_prototypes.json" "/etc/raspap/networking/" || _install_status 1 "Unable to install client configuration" +} + # Configure IP forwarding, set IP tables rules, prompt to install RaspAP daemon function _configure_networking() { _install_log "Configuring networking" diff --git a/installers/raspbian.sh b/installers/raspbian.sh index 469fff7f..da84a728 100755 --- a/installers/raspbian.sh +++ b/installers/raspbian.sh @@ -17,6 +17,7 @@ # -a, --adblock Used with -y, --yes, sets Adblock install option (0=no install) # -r, --repo, --repository Overrides the default GitHub repo (raspap/raspap-webgui) # -b, --branch Overrides the default git branch (master) +# -t, --token Token to access a private repository # -u, --upgrade Upgrades an existing installation to the latest release version # -i, --insiders Installs from the Insiders Edition (raspap/raspap-insiders) # -v, --version Outputs release info and exits @@ -36,8 +37,7 @@ set -eo pipefail function _main() { # set defaults - repo="raspap/raspap-webgui" # override with -r, --repo option - + repo="RaspAP/raspap-webgui" # override with -r, --repo option _parse_params "$@" _setup_colors _log_output @@ -50,6 +50,8 @@ function _parse_params() { upgrade=0 ovpn_option=1 adblock_option=1 + insiders=0 + acctoken="" while :; do case "${1-}" in @@ -83,7 +85,10 @@ function _parse_params() { upgrade=1 ;; -i|--insiders) - repo="raspap/raspap-insiders" + insiders=1 + ;; + -t|--token) + acctoken="$2" ;; -v|--version) _version @@ -129,6 +134,7 @@ OPTIONS: -a, --adblock Used with -y, --yes, sets Adblock install option (0=no install) -r, --repo, --repository Overrides the default GitHub repo (raspap/raspap-webgui) -b, --branch Overrides the default git branch (latest release) +-t, --token Token to access a private repository -u, --upgrade Upgrades an existing installation to the latest release version -i, --insiders Installs from the Insiders Edition (raspap/raspap-insiders) -v, --version Outputs release info and exits @@ -153,7 +159,7 @@ EOF function _version() { _get_release - echo -e "RaspAP v${RASPAP_LATEST} - Simple wireless AP setup & management for Debian-based devices" + echo -e "RaspAP v${RASPAP_RELEASE} - Simple wireless AP setup & management for Debian-based devices" exit } @@ -167,18 +173,19 @@ function _display_welcome() { echo -e " 88 88 88. .88 88 88. .88 88 88 88" echo -e " dP dP 88888P8 88888P 88Y888P 88 88 dP" echo -e " 88" - echo -e " dP version ${RASPAP_LATEST}" + echo -e " dP version ${RASPAP_RELEASE}" echo -e "${ANSI_GREEN}" echo -e "The Quick Installer will guide you through a few easy steps${ANSI_RESET}\n\n" } # Fetch latest release from GitHub API function _get_release() { - if [ "$repo" == "raspap/raspap-insiders" ]; then - readonly RASPAP_LATEST="Insiders" - branch="master" + readonly RASPAP_LATEST=$(curl -s "https://api.github.com/repos/$repo/releases/latest" | grep -Po '"tag_name": "\K.*?(?=")' ) + if [ "$insiders" == 1 ]; then + RASPAP_INSIDERS_LATEST=$(curl -s "https://install.raspap.com/repos/RaspAP/raspap-insiders/releases/latest/" | grep -Po '"tag_name": "\K.*?(?=")' ) + RASPAP_RELEASE="${RASPAP_INSIDERS_LATEST} Insiders" else - readonly RASPAP_LATEST=$(curl -s "https://api.github.com/repos/$repo/releases/latest" | grep -Po '"tag_name": "\K.*?(?=")' ) + RASPAP_RELEASE="${RASPAP_LATEST}" fi } @@ -214,6 +221,7 @@ function _update_system_packages() { # Fetch required installer functions function _load_installer() { + # fetch latest release tag _get_release @@ -223,14 +231,18 @@ function _load_installer() { fi UPDATE_URL="https://raw.githubusercontent.com/$repo/$branch/" + header=() + if [[ ! -z "$acctoken" ]]; then + header=(--header "Authorization: token $acctoken") + fi if [ "${install_cert:-}" = 1 ]; then source="mkcert" - wget -q ${UPDATE_URL}installers/${source}.sh -O /tmp/raspap_${source}.sh + wget "${header[@]}" -q ${UPDATE_URL}installers/${source}.sh -O /tmp/raspap_${source}.sh source /tmp/raspap_${source}.sh && rm -f /tmp/raspap_${source}.sh _install_certificate || _install_status 1 "Unable to install certificate" else source="common" - wget -q ${UPDATE_URL}installers/${source}.sh -O /tmp/raspap_${source}.sh + wget "${header[@]}" -q ${UPDATE_URL}installers/${source}.sh -O /tmp/raspap_${source}.sh source /tmp/raspap_${source}.sh && rm -f /tmp/raspap_${source}.sh _install_raspap || _install_status 1 "Unable to install RaspAP" fi From 76e87508bdc23cee5d10580cb2b0c00cb440269f Mon Sep 17 00:00:00 2001 From: billz Date: Tue, 9 Mar 2021 09:58:05 +0000 Subject: [PATCH 2/3] Remove feature branch routines --- installers/common.sh | 23 ----------------------- 1 file changed, 23 deletions(-) diff --git a/installers/common.sh b/installers/common.sh index d38c0b4f..8b532be3 100755 --- a/installers/common.sh +++ b/installers/common.sh @@ -26,7 +26,6 @@ readonly raspap_adblock="/etc/dnsmasq.d/090_adblock.conf" readonly raspap_sysctl="/etc/sysctl.d/90_raspap.conf" readonly raspap_network="$raspap_dir/networking/" readonly rulesv4="/etc/iptables/rules.v4" -readonly raspap_client_scripts="/usr/local/sbin" readonly notracking_url="https://raw.githubusercontent.com/notracking/hosts-blocklists/master/" webroot_dir="/var/www/html" @@ -57,7 +56,6 @@ function _install_raspap() { _prompt_install_adblock _prompt_install_openvpn _prompt_install_wireguard - _install_client_config _patch_system_files _install_complete } @@ -153,7 +151,6 @@ function _install_dependencies() { echo iptables-persistent iptables-persistent/autosave_v4 boolean true | sudo debconf-set-selections echo iptables-persistent iptables-persistent/autosave_v6 boolean true | sudo debconf-set-selections sudo apt-get install $apt_option lighttpd git hostapd dnsmasq iptables-persistent $php_package $dhcpcd_package vnstat qrencode || _install_status 1 "Unable to install dependencies" - sudo apt-get install wvdial socat bc || _install_status 1 "Unable to install dependencies" _install_status 0 } @@ -179,9 +176,6 @@ function _create_raspap_directories() { # Create a directory to store networking configs echo "Creating $raspap_dir/networking" sudo mkdir -p "$raspap_dir/networking" - # Copy existing dhcpcd.conf to use as base config - echo "Adding /etc/dhcpcd.conf as base configuration" - cat /etc/dhcpcd.conf | sudo tee -a /etc/raspap/networking/defaults > /dev/null echo "Changing file ownership of $raspap_dir" sudo chown -R $raspap_user:$raspap_user "$raspap_dir" || _install_status 1 "Unable to change file ownership for '$raspap_dir'" } @@ -521,23 +515,6 @@ function _enable_raspap_daemon() { sudo systemctl enable raspapd.service || _install_status 1 "Failed to enable raspap.service" } -function _install_client_config() { - _install_log "Install mobile client scripts and settings" - # Move scripts - sudo cp "$webroot_dir/config/client_config/"*.sh "$raspap_client_scripts/" || _install_status 1 "Unable to move client scripts" - sudo chmod a+rx "$raspap_client_scripts/"*.sh || _install_status 1 "Unable to chmod client scripts" - sudo cp "$webroot_dir/config/client_config/mcc-mnc-table.csv" "$raspap_client_scripts/" || _install_status 1 "Unable to move client data" - # wvdial settings - sudo cp "$webroot_dir/config/client_config/wvdial.conf" "/etc/" || _install_status 1 "Unable to install client configuration" - sudo cp "$webroot_dir/config/client_config/interfaces" "/etc/network/interfaces" || _install_status 1 "Unable to install interface settings" - # udev rules/services to auto start mobile data services - sudo cp "$webroot_dir/config/client_config/70-mobile-data-sticks.rules" "/etc/udev/rules.d/" || _install_status 1 "Unable to install client udev rules" - sudo cp "$webroot_dir/config/client_config/80-raspap-net-devices.rules" "/etc/udev/rules.d/" || _install_status 1 "Unable to install client udev rules" - sudo cp "$webroot_dir/config/client_config/"*.service "/etc/systemd/system/" || _install_status 1 "Unable to install client startup services" - # client configuration and udev rule templates - sudo cp "$webroot_dir/config/client_udev_prototypes.json" "/etc/raspap/networking/" || _install_status 1 "Unable to install client configuration" -} - # Configure IP forwarding, set IP tables rules, prompt to install RaspAP daemon function _configure_networking() { _install_log "Configuring networking" From 80c525c042a1e97f8eee00a754494010fd588ef7 Mon Sep 17 00:00:00 2001 From: billz Date: Tue, 9 Mar 2021 10:58:15 +0000 Subject: [PATCH 3/3] Minor: update comments --- installers/raspbian.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/installers/raspbian.sh b/installers/raspbian.sh index da84a728..fed9b619 100755 --- a/installers/raspbian.sh +++ b/installers/raspbian.sh @@ -178,7 +178,7 @@ function _display_welcome() { echo -e "The Quick Installer will guide you through a few easy steps${ANSI_RESET}\n\n" } -# Fetch latest release from GitHub API +# Fetch latest release from GitHub or RaspAP Installer API function _get_release() { readonly RASPAP_LATEST=$(curl -s "https://api.github.com/repos/$repo/releases/latest" | grep -Po '"tag_name": "\K.*?(?=")' ) if [ "$insiders" == 1 ]; then