frodovdr/raspap-webgui
1
0
Fork 0
mirror of https://github.com/billz/raspap-webgui.git synced 2023-10-10 13:37:24 +02:00
Code Issues Releases Wiki Activity

WIP

Browse Source
This commit is contained in:
billz 2019-11-07 10:41:05 +00:00
parent 61fe3cc6ee
commit 5f4bd25ddc
1 changed files with 30 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
installers/mkcert.sh Normal file → Executable file
View File

@ -6,6 +6,7 @@
certname=$HOSTNAME."local" certname=$HOSTNAME."local"
lighttpd_ssl="/etc/lighttpd/ssl" lighttpd_ssl="/etc/lighttpd/ssl"
webroot_dir="/var/www/html"
### NOTE: all the below functions are overloadable for system-specific installs ### NOTE: all the below functions are overloadable for system-specific installs
@ -26,15 +27,16 @@ function config_installation() {
if [ $assume_yes == 0 ]; then if [ $assume_yes == 0 ]; then
read answer read answer
if [[ $answer != "y" ]]; then if [[ $answer != "y" ]]; then
read -e -p "Enter alternate Lighttpd SSL directory: " -i "${lighttpd_ssl}/" lighttpd_ssl read -e -p "Enter alternate Lighttpd SSL directory: " -i "${lighttpd_ssl}" lighttpd_ssl
fi fi
else else
echo -e echo -e
fi fi
echo -e "\033[1;32m***************************************************************$*\033[m"
install_divider
echo "A new SSL certificate for: ${certname}" echo "A new SSL certificate for: ${certname}"
echo "will be installed to Lighttpd SSL directory: ${lighttpd_ssl}" echo "will be installed to lighttpd SSL directory: ${lighttpd_ssl}"
echo -e "\033[1;32m***************************************************************$*\033[m" install_divider
echo -n "Complete installation with these values? [y/N]: " echo -n "Complete installation with these values? [y/N]: "
if [ $assume_yes == 0 ]; then if [ $assume_yes == 0 ]; then
read answer read answer
@ -50,7 +52,7 @@ function config_installation() {
# Installs pre-built mkcert binary for Arch Linux ARM # Installs pre-built mkcert binary for Arch Linux ARM
function install_mkcert() { function install_mkcert() {
install_log "Fetching mkcert binary" install_log "Fetching mkcert binary"
sudo wget https://github.com/FiloSottile/mkcert/releases/download/v1.3.0/mkcert-v1.3.0-linux-arm -O /usr/local/bin/mkcert || install_error "Unable to download mkcert" sudo wget -q https://github.com/FiloSottile/mkcert/releases/download/v1.3.0/mkcert-v1.3.0-linux-arm -O /usr/local/bin/mkcert || install_error "Unable to download mkcert"
sudo chmod +x /usr/local/bin/mkcert sudo chmod +x /usr/local/bin/mkcert
install_log "Installing mkcert" install_log "Installing mkcert"
@ -64,7 +66,8 @@ function generate_certificate() {
mkcert $certname "*.${certname}.local" $certname || install_error "Failed to generate certificate for $certname" mkcert $certname "*.${certname}.local" $certname || install_error "Failed to generate certificate for $certname"
install_log "Combining private key and certificate" install_log "Combining private key and certificate"
cat $certname+2-key.pem $certname+2.pem > $certname.pem || install_error "Failed to combine key and certificate" cat $certname+2-key.pem $certname+2.pem > $certname.pem || install_error "Failed to combine key and certificate"a
echo "OK"
} }
# Create a directory for the combined .pem file in lighttpd # Create a directory for the combined .pem file in lighttpd
@ -72,33 +75,44 @@ function create_lighttpd_dir() {
#todo: check for existence #todo: check for existence
install_log "Create SLL directory for lighttpd" install_log "Create SLL directory for lighttpd"
sudo mkdir -p "$lighttpd_ssl" || install_error "Failed to create lighttpd directory" sudo mkdir -p "$lighttpd_ssl" || install_error "Failed to create lighttpd directory"
echo "OK"
install_log "Setting permissions and moving the .pem file" install_log "Setting permissions and moving .pem file"
chmod 400 /home/pi/"$certname".pem || install_error "Unable to set permissions for .pem file" chmod 400 /home/pi/"$certname".pem || install_error "Unable to set permissions for .pem file"
sudo mv /home/pi/"$certname".pem /etc/lighttpd/ssl sudo mv /home/pi/"$certname".pem /etc/lighttpd/ssl
echo "OK"
} }
# Edit the lighttpd configuration # Edit the lighttpd configuration
function configure_lighttpd() { function configure_lighttpd() {
install_log "Configuring lighttpd for SSL" install_log "Configuring lighttpd for SSL"
echo "OK"
} }
# Copy rootCA.pem to RaspAP web root # Copy rootCA.pem to RaspAP web root
function copy_rootca() { function copy_rootca() {
install_log "Copying rootCA.pem to RaspAP web root" install_log "Copying rootCA.pem to RaspAP web root" || install_error "Unable to copy rootCA.pem to ${webroot_dir}"
sudo cp /home/pi/.local/share/mkcert/rootCA.pem ${webroot_dir} sudo cp /home/pi/.local/share/mkcert/rootCA.pem ${webroot_dir}
echo "OK"
}
# Restart lighttpd service
function restart_lighttpd() {
install_log "Restarting lighttpd service"
sudo systemctl restart lighttpd.service || install_error "Unable to restart lighttpd service"
sudo systemctl status lighttpd.service
} }
function install_complete() { function install_complete() {
install_log "Installation completed!" install_log "SSL certificate install completed!"
install_divider
if [ "${assume_yes:-}" = 0 ]; then echo "Open a browser and enter the address: http://${certname}/rootCA.pem"
# Prompt to reboot if wired ethernet (eth0) is connected. echo "Download the root certificate to your client and add it to your system keychain."
# With default_configuration this will create an active AP on restart. echo "Note: Be sure to set this certificate to "Always trust" to avoid browser warnings."
echo "ok" echo "Finally, enter the address https://${certname} in your browser."
fi echo "Enjoy an encrypted SSL connection to RaspAP 🔒"
install_divider
} }
function install_certificate() { function install_certificate() {