From b0c874254a69c6e9643459a117cd566bbde529cd Mon Sep 17 00:00:00 2001 From: billz Date: Thu, 7 Nov 2019 08:39:33 +0000 Subject: [PATCH 01/16] Move shared functions --- installers/common.sh | 41 +++-------------------------------------- 1 file changed, 3 insertions(+), 38 deletions(-) diff --git a/installers/common.sh b/installers/common.sh index 3e7982f5..6d36e78b 100755 --- a/installers/common.sh +++ b/installers/common.sh @@ -35,42 +35,7 @@ elif [ "$php_package" = "php5-cgi" ]; then phpcgiconf="/etc/php5/cgi/php.ini" fi -# Outputs a RaspAP Install log line -function install_log() { - echo -e "\033[1;32mRaspAP Install: $*\033[m" -} - -# Outputs a RaspAP Install Error log line and exits with status code 1 -function install_error() { - echo -e "\033[1;37;41mRaspAP Install Error: $*\033[m" - exit 1 -} - -# Outputs a RaspAP Warning line -function install_warning() { - echo -e "\033[1;33mWarning: $*\033[m" -} - -# Outputs a welcome message -function display_welcome() { - raspberry='\033[0;35m' - green='\033[1;32m' - - echo -e "${raspberry}\n" - echo -e " 888888ba .d888888 888888ba" - echo -e " 88 8b d8 88 88 8b" - echo -e "a88aaaa8P' .d8888b. .d8888b. 88d888b. 88aaaaa88a a88aaaa8P" - echo -e " 88 8b. 88 88 Y8ooooo. 88 88 88 88 88" - echo -e " 88 88 88. .88 88 88. .88 88 88 88" - echo -e " dP dP 88888P8 88888P 88Y888P 88 88 dP" - echo -e " 88" - echo -e " dP version ${VERSION}" - echo -e "${green}" - echo -e "The Quick Installer will guide you through a few easy steps\n\n" -} - ### NOTE: all the below functions are overloadable for system-specific installs -### NOTE: some of the below functions MUST be overloaded due to system-specific installs function config_installation() { install_log "Configure installation" @@ -100,9 +65,9 @@ function config_installation() { } # Runs a system software update to make sure we're using all fresh packages -function update_system_packages() { - # OVERLOAD THIS - install_error "No function definition for update_system_packages" +function install_dependencies() { + install_log "Installing required packages" + sudo apt-get install $apt_option lighttpd $php_package git hostapd dnsmasq vnstat || install_error "Unable to install dependencies" } # Installs additional dependencies using system package manager From cf63968ca3a2143c213dd83456d580bfa5aa5450 Mon Sep 17 00:00:00 2001 From: billz Date: Thu, 7 Nov 2019 08:39:54 +0000 Subject: [PATCH 02/16] Initial commit --- installers/mkcert.sh | 115 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 115 insertions(+) create mode 100644 installers/mkcert.sh diff --git a/installers/mkcert.sh b/installers/mkcert.sh new file mode 100644 index 00000000..5d95c75a --- /dev/null +++ b/installers/mkcert.sh @@ -0,0 +1,115 @@ +#!/bin/bash +# +# RaspAP SSL certificate installation functions +# author: @billz +# license: GNU General Public License v3.0 + +certname=$HOSTNAME."local" +lighttpd_ssl="/etc/lighttpd/ssl" + +### NOTE: all the below functions are overloadable for system-specific installs + +function config_installation() { + install_log "Configure a new SSL certificate" + echo "Current system hostname is ${certname}" + echo -n "Create an SSL certificate for ${certname}? (Recommended) [y/N]" + if [ $assume_yes == 0 ]; then + read answer + if [[ $answer != "y" ]]; then + read -e -p "Enter an alternate certificate name: " -i "${certname}" certname + fi + else + echo -e + fi + + echo -n "Install to Lighttpd SSL directory: ${lighttpd_ssl}? [y/N]: " + if [ $assume_yes == 0 ]; then + read answer + if [[ $answer != "y" ]]; then + read -e -p "Enter alternate Lighttpd SSL directory: " -i "${lighttpd_ssl}/" lighttpd_ssl + fi + else + echo -e + fi + echo -e "\033[1;32m***************************************************************$*\033[m" + echo "A new SSL certificate for: ${certname}" + echo "will be installed to Lighttpd SSL directory: ${lighttpd_ssl}" + echo -e "\033[1;32m***************************************************************$*\033[m" + echo -n "Complete installation with these values? [y/N]: " + if [ $assume_yes == 0 ]; then + read answer + if [[ $answer != "y" ]]; then + echo "Installation aborted." + exit 0 + fi + else + echo -e + fi +} + +# Installs pre-built mkcert binary for Arch Linux ARM +function install_mkcert() { + install_log "Fetching mkcert binary" + sudo wget https://github.com/FiloSottile/mkcert/releases/download/v1.3.0/mkcert-v1.3.0-linux-arm -O /usr/local/bin/mkcert || install_error "Unable to download mkcert" + sudo chmod +x /usr/local/bin/mkcert + + install_log "Installing mkcert" + mkcert -install || install_error "Failed to install mkcert" +} + +# Generate a certificate for host +function generate_certificate() { + install_log "Generating a new certificate for $certname" + cd /home/pi + mkcert $certname "*.${certname}.local" $certname || install_error "Failed to generate certificate for $certname" + + install_log "Combining private key and certificate" + cat $certname+2-key.pem $certname+2.pem > $certname.pem || install_error "Failed to combine key and certificate" +} + +# Create a directory for the combined .pem file in lighttpd +function create_lighttpd_dir() { + #todo: check for existence + install_log "Create SLL directory for lighttpd" + sudo mkdir -p "$lighttpd_ssl" || install_error "Failed to create lighttpd directory" + + install_log "Setting permissions and moving the .pem file" + chmod 400 /home/pi/"$certname".pem || install_error "Unable to set permissions for .pem file" + sudo mv /home/pi/"$certname".pem /etc/lighttpd/ssl +} + +# Edit the lighttpd configuration +function configure_lighttpd() { + install_log "Configuring lighttpd for SSL" + + +} + +# Copy rootCA.pem to RaspAP web root +function copy_rootca() { + install_log "Copying rootCA.pem to RaspAP web root" + sudo cp /home/pi/.local/share/mkcert/rootCA.pem ${webroot_dir} +} + +function install_complete() { + install_log "Installation completed!" + + if [ "${assume_yes:-}" = 0 ]; then + # Prompt to reboot if wired ethernet (eth0) is connected. + # With default_configuration this will create an active AP on restart. + echo "ok" + fi +} + +function install_certificate() { + display_welcome + config_installation + install_mkcert + generate_certificate + create_lighttpd_dir + configure_lighttpd + copy_rootca + restart_lighttpd + install_complete +} + From de56289ca6849dd19fa8a428227b6e2e7615e8a6 Mon Sep 17 00:00:00 2001 From: billz Date: Thu, 7 Nov 2019 08:44:13 +0000 Subject: [PATCH 03/16] Generalize installer --- installers/raspbian.sh | 89 +++++++++++++++++++++++++++++++----------- 1 file changed, 66 insertions(+), 23 deletions(-) diff --git a/installers/raspbian.sh b/installers/raspbian.sh index f5ad7923..a3627262 100755 --- a/installers/raspbian.sh +++ b/installers/raspbian.sh @@ -9,36 +9,79 @@ UPDATE_URL="https://raw.githubusercontent.com/billz/raspap-webgui/master/" VERSION=$(curl -s https://api.github.com/repos/billz/raspap-webgui/releases/latest | jq -r .tag_name) -wget -q ${UPDATE_URL}/installers/common.sh -O /tmp/raspapcommon.sh -source /tmp/raspapcommon.sh && rm -f /tmp/raspapcommon.sh - +USAGE="Usage: -y, --yes, --assume-yes, -c --cert" assume_yes=0 -positional=() -while [[ $# -gt 0 ]] -do -key="$1" -case $key in - -y|--yes|--assume-yes) - assume_yes=1 - apt_option="-y" - shift # past argument - shift # past value - ;; - *) # unknown option - shift # past argument - ;; -esac +while :; do + case $1 in + -y|--yes|--assume-yes) + assume_yes=1 + apt_option="-y" + echo "assume_yes" + ;; + -c|--cert) + install_cert=1 + echo "install_cert" + ;; + *) + #echo $USAGE + break + ;; + esac + shift done +# Outputs a welcome message +function display_welcome() { + raspberry='\033[0;35m' + green='\033[1;32m' + + echo -e "${raspberry}\n" + echo -e " 888888ba .d888888 888888ba" + echo -e " 88 8b d8 88 88 8b" + echo -e "a88aaaa8P' .d8888b. .d8888b. 88d888b. 88aaaaa88a a88aaaa8P" + echo -e " 88 8b. 88 88 Y8ooooo. 88 88 88 88 88" + echo -e " 88 88 88. .88 88 88. .88 88 88 88" + echo -e " dP dP 88888P8 88888P 88Y888P 88 88 dP" + echo -e " 88" + echo -e " dP version ${VERSION}" + echo -e "${green}" + echo -e "The Quick Installer will guide you through a few easy steps\n\n" +} + +# Outputs a RaspAP Install log line +function install_log() { + echo -e "\033[1;32mRaspAP Install: $*\033[m" +} + +# Outputs a RaspAP Install Error log line and exits with status code 1 +function install_error() { + echo -e "\033[1;37;41mRaspAP Install Error: $*\033[m" + exit 1 +} + +# Outputs a RaspAP Warning line +function install_warning() { + echo -e "\033[1;33mWarning: $*\033[m" +} + function update_system_packages() { install_log "Updating sources" sudo apt-get update || install_error "Unable to update package list" } -function install_dependencies() { - install_log "Installing required packages" - sudo apt-get install $apt_option lighttpd $php_package git hostapd dnsmasq vnstat || install_error "Unable to install dependencies" -} +if [ "${install_cert:-}" = 1 ]; then + source="mkcert" + #wget -q ${UPDATE_URL}installers/${source}.sh -O /tmp/raspap_${source} + echo "${UPDATE_URL}installers/${source}.sh -O /tmp/raspap_${source}" + source /var/www/html/installers/${source}.sh + install_certificate +else + source="common" + #wget -q ${UPDATE_URL}installers/${source}.sh -O /tmp/raspap$_{source} + echo "${UPDATE_URL}installers/${source}.sh -O /tmp/raspap$_{source}" + source /var/www/html/installers/${source}.sh + install_raspap +fi + -install_raspap From 61fe3cc6ee5c0716c23440a7f4c85f57b217d8de Mon Sep 17 00:00:00 2001 From: billz Date: Thu, 7 Nov 2019 10:35:17 +0000 Subject: [PATCH 04/16] Removed trailing slash on webroot prompt --- installers/common.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/installers/common.sh b/installers/common.sh index 6d36e78b..fcabbc4f 100755 --- a/installers/common.sh +++ b/installers/common.sh @@ -45,7 +45,7 @@ function config_installation() { if [ $assume_yes == 0 ]; then read answer if [[ $answer != "y" ]]; then - read -e -p "Enter alternate Lighttpd directory: " -i "/var/www/html/" webroot_dir + read -e -p "Enter alternate Lighttpd directory: " -i "/var/www/html" webroot_dir fi else echo -e From 5f4bd25ddc65f084886d366e5e04c4338707f320 Mon Sep 17 00:00:00 2001 From: billz Date: Thu, 7 Nov 2019 10:41:05 +0000 Subject: [PATCH 05/16] WIP --- installers/mkcert.sh | 46 +++++++++++++++++++++++++++++--------------- 1 file changed, 30 insertions(+), 16 deletions(-) mode change 100644 => 100755 installers/mkcert.sh diff --git a/installers/mkcert.sh b/installers/mkcert.sh old mode 100644 new mode 100755 index 5d95c75a..c588c26e --- a/installers/mkcert.sh +++ b/installers/mkcert.sh @@ -6,6 +6,7 @@ certname=$HOSTNAME."local" lighttpd_ssl="/etc/lighttpd/ssl" +webroot_dir="/var/www/html" ### NOTE: all the below functions are overloadable for system-specific installs @@ -26,15 +27,16 @@ function config_installation() { if [ $assume_yes == 0 ]; then read answer if [[ $answer != "y" ]]; then - read -e -p "Enter alternate Lighttpd SSL directory: " -i "${lighttpd_ssl}/" lighttpd_ssl + read -e -p "Enter alternate Lighttpd SSL directory: " -i "${lighttpd_ssl}" lighttpd_ssl fi else echo -e fi - echo -e "\033[1;32m***************************************************************$*\033[m" + + install_divider echo "A new SSL certificate for: ${certname}" - echo "will be installed to Lighttpd SSL directory: ${lighttpd_ssl}" - echo -e "\033[1;32m***************************************************************$*\033[m" + echo "will be installed to lighttpd SSL directory: ${lighttpd_ssl}" + install_divider echo -n "Complete installation with these values? [y/N]: " if [ $assume_yes == 0 ]; then read answer @@ -50,7 +52,7 @@ function config_installation() { # Installs pre-built mkcert binary for Arch Linux ARM function install_mkcert() { install_log "Fetching mkcert binary" - sudo wget https://github.com/FiloSottile/mkcert/releases/download/v1.3.0/mkcert-v1.3.0-linux-arm -O /usr/local/bin/mkcert || install_error "Unable to download mkcert" + sudo wget -q https://github.com/FiloSottile/mkcert/releases/download/v1.3.0/mkcert-v1.3.0-linux-arm -O /usr/local/bin/mkcert || install_error "Unable to download mkcert" sudo chmod +x /usr/local/bin/mkcert install_log "Installing mkcert" @@ -64,7 +66,8 @@ function generate_certificate() { mkcert $certname "*.${certname}.local" $certname || install_error "Failed to generate certificate for $certname" install_log "Combining private key and certificate" - cat $certname+2-key.pem $certname+2.pem > $certname.pem || install_error "Failed to combine key and certificate" + cat $certname+2-key.pem $certname+2.pem > $certname.pem || install_error "Failed to combine key and certificate"a + echo "OK" } # Create a directory for the combined .pem file in lighttpd @@ -72,33 +75,44 @@ function create_lighttpd_dir() { #todo: check for existence install_log "Create SLL directory for lighttpd" sudo mkdir -p "$lighttpd_ssl" || install_error "Failed to create lighttpd directory" + echo "OK" - install_log "Setting permissions and moving the .pem file" + install_log "Setting permissions and moving .pem file" chmod 400 /home/pi/"$certname".pem || install_error "Unable to set permissions for .pem file" sudo mv /home/pi/"$certname".pem /etc/lighttpd/ssl + echo "OK" } # Edit the lighttpd configuration function configure_lighttpd() { install_log "Configuring lighttpd for SSL" - + echo "OK" } # Copy rootCA.pem to RaspAP web root function copy_rootca() { - install_log "Copying rootCA.pem to RaspAP web root" + install_log "Copying rootCA.pem to RaspAP web root" || install_error "Unable to copy rootCA.pem to ${webroot_dir}" sudo cp /home/pi/.local/share/mkcert/rootCA.pem ${webroot_dir} + echo "OK" +} + +# Restart lighttpd service +function restart_lighttpd() { + install_log "Restarting lighttpd service" + sudo systemctl restart lighttpd.service || install_error "Unable to restart lighttpd service" + sudo systemctl status lighttpd.service } function install_complete() { - install_log "Installation completed!" - - if [ "${assume_yes:-}" = 0 ]; then - # Prompt to reboot if wired ethernet (eth0) is connected. - # With default_configuration this will create an active AP on restart. - echo "ok" - fi + install_log "SSL certificate install completed!" + install_divider + echo "Open a browser and enter the address: http://${certname}/rootCA.pem" + echo "Download the root certificate to your client and add it to your system keychain." + echo "Note: Be sure to set this certificate to "Always trust" to avoid browser warnings." + echo "Finally, enter the address https://${certname} in your browser." + echo "Enjoy an encrypted SSL connection to RaspAP 🔒" + install_divider } function install_certificate() { From 23d1ab83c74835cd727c293046bc669272715ab5 Mon Sep 17 00:00:00 2001 From: billz Date: Thu, 7 Nov 2019 10:41:56 +0000 Subject: [PATCH 06/16] Update version method --- installers/raspbian.sh | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/installers/raspbian.sh b/installers/raspbian.sh index a3627262..5f1c81f7 100755 --- a/installers/raspbian.sh +++ b/installers/raspbian.sh @@ -8,7 +8,7 @@ # Assume "yes" as answer to all prompts and run non-interactively UPDATE_URL="https://raw.githubusercontent.com/billz/raspap-webgui/master/" -VERSION=$(curl -s https://api.github.com/repos/billz/raspap-webgui/releases/latest | jq -r .tag_name) +VERSION=$(curl -s "https://api.github.com/repos/billz/raspap-webgui/releases/latest" | grep -Po '"tag_name": "\K.*?(?=")' ) USAGE="Usage: -y, --yes, --assume-yes, -c --cert" assume_yes=0 @@ -65,6 +65,11 @@ function install_warning() { echo -e "\033[1;33mWarning: $*\033[m" } +# Outputs a RaspAP divider +function install_divider() { + echo -e "\033[1;32m***************************************************************$*\033[m" +} + function update_system_packages() { install_log "Updating sources" sudo apt-get update || install_error "Unable to update package list" From 7914110a77f723218d9a7cb5bbf292f17061a81c Mon Sep 17 00:00:00 2001 From: billz Date: Thu, 7 Nov 2019 12:33:17 +0000 Subject: [PATCH 07/16] Added configure_lighttpd() --- installers/mkcert.sh | 26 +++++++++++++++++++++++--- 1 file changed, 23 insertions(+), 3 deletions(-) diff --git a/installers/mkcert.sh b/installers/mkcert.sh index c588c26e..b7dd11c5 100755 --- a/installers/mkcert.sh +++ b/installers/mkcert.sh @@ -6,6 +6,7 @@ certname=$HOSTNAME."local" lighttpd_ssl="/etc/lighttpd/ssl" +lighttpd_conf="/etc/lighttpd/lighttpd.conf" webroot_dir="/var/www/html" ### NOTE: all the below functions are overloadable for system-specific installs @@ -72,9 +73,10 @@ function generate_certificate() { # Create a directory for the combined .pem file in lighttpd function create_lighttpd_dir() { - #todo: check for existence install_log "Create SLL directory for lighttpd" - sudo mkdir -p "$lighttpd_ssl" || install_error "Failed to create lighttpd directory" + if [ ! -d "$lighttpd_ssl" ]; then + sudo mkdir -p "$lighttpd_ssl" || install_error "Failed to create lighttpd directory" + fi echo "OK" install_log "Setting permissions and moving .pem file" @@ -86,7 +88,25 @@ function create_lighttpd_dir() { # Edit the lighttpd configuration function configure_lighttpd() { install_log "Configuring lighttpd for SSL" - + # Generate config to enable SSL in lighttpd + lines=( + 'server.modules += ("mod_openssl")' + '$SERVER["socket"] == ":443" {' + 'ssl.engine = "enable"' + 'ssl.pemfile = "'$lighttpd_ssl/$certname'.pem"' + 'ssl.ca-file = "/home/pi/.local/share/mkcert/rootCA.pem"' + 'server.name = "'$certname'"' + 'server.document-root = "'${webroot_dir}'"}' + ) + for line in "${lines[@]}"; do + if grep -Fxq "${line}" "${lighttpd_conf}" > /dev/null; then + echo "$line: Line already added" + else + sudo sed -i "$ a $line" $lighttpd_conf + echo "Adding line $line" + fi + #echo $line + done echo "OK" } From fbcb6c38366429691f5a2b262c21787fa02f6005 Mon Sep 17 00:00:00 2001 From: billz Date: Thu, 7 Nov 2019 13:24:06 +0000 Subject: [PATCH 08/16] Updated install_complete help text --- installers/mkcert.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/installers/mkcert.sh b/installers/mkcert.sh index b7dd11c5..132613f3 100755 --- a/installers/mkcert.sh +++ b/installers/mkcert.sh @@ -132,6 +132,7 @@ function install_complete() { echo "Note: Be sure to set this certificate to "Always trust" to avoid browser warnings." echo "Finally, enter the address https://${certname} in your browser." echo "Enjoy an encrypted SSL connection to RaspAP 🔒" + echo "For advanced options, run mkcert -help" install_divider } From 2f0db789558974222acb6a01db71a2dbc0bcb9fc Mon Sep 17 00:00:00 2001 From: billz Date: Thu, 7 Nov 2019 13:29:42 +0000 Subject: [PATCH 09/16] Added usage notes, handle default & known cases --- installers/raspbian.sh | 34 +++++++++++++++++++++------------- 1 file changed, 21 insertions(+), 13 deletions(-) diff --git a/installers/raspbian.sh b/installers/raspbian.sh index 5f1c81f7..92e22081 100755 --- a/installers/raspbian.sh +++ b/installers/raspbian.sh @@ -4,27 +4,35 @@ # author: @billz # license: GNU General Public License v3.0 # -# Command-line options: -y, --yes, --assume-yes +# Command-line options: +# -y, --yes, --assume-yes # Assume "yes" as answer to all prompts and run non-interactively +# +# c, --crt, --certficate +# Installs mkcert and generates an SSL certificate for lighttpd UPDATE_URL="https://raw.githubusercontent.com/billz/raspap-webgui/master/" VERSION=$(curl -s "https://api.github.com/repos/billz/raspap-webgui/releases/latest" | grep -Po '"tag_name": "\K.*?(?=")' ) -USAGE="Usage: -y, --yes, --assume-yes, -c --cert" +USAGE=$'Usage: raspbian.sh [OPTION] \n\n-y, --yes, --assume-yes\n\tAssumes "yes" as an answer to all prompts' +USAGE+=$'\n-c, --crt, --certficate\n\tInstalls an SSL certificate for lighttpd\n' + assume_yes=0 while :; do case $1 in - -y|--yes|--assume-yes) - assume_yes=1 - apt_option="-y" - echo "assume_yes" - ;; - -c|--cert) - install_cert=1 - echo "install_cert" - ;; - *) - #echo $USAGE + -y|--yes|--assume-yes) + assume_yes=1 + apt_option="-y" + ;; + -c|--crt|--certificate) + install_cert=1 + ;; + -*|--*) + echo "Unknown option: $1"; + echo "$USAGE" + exit 1 + ;; + *) break ;; esac From 1786d65809087aa39a53a1710178809b53dab922 Mon Sep 17 00:00:00 2001 From: billz Date: Thu, 7 Nov 2019 13:30:02 +0000 Subject: [PATCH 10/16] Update .gitignore --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index c171831c..1dd450a5 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,4 @@ node_modules yarn-error.log *.swp includes/config.php +rootCA.pem From 76ee50ec96e6820cbbc2b663f02885ee8f2a104f Mon Sep 17 00:00:00 2001 From: billz Date: Thu, 7 Nov 2019 13:36:21 +0000 Subject: [PATCH 11/16] Cleanup debug output --- installers/raspbian.sh | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/installers/raspbian.sh b/installers/raspbian.sh index 92e22081..68f854d1 100755 --- a/installers/raspbian.sh +++ b/installers/raspbian.sh @@ -85,16 +85,13 @@ function update_system_packages() { if [ "${install_cert:-}" = 1 ]; then source="mkcert" - #wget -q ${UPDATE_URL}installers/${source}.sh -O /tmp/raspap_${source} - echo "${UPDATE_URL}installers/${source}.sh -O /tmp/raspap_${source}" - source /var/www/html/installers/${source}.sh + wget -q ${UPDATE_URL}installers/${source}.sh -O /tmp/raspap_${source} + source /var/www/html/installers/raspap_${source}.sh install_certificate else source="common" - #wget -q ${UPDATE_URL}installers/${source}.sh -O /tmp/raspap$_{source} - echo "${UPDATE_URL}installers/${source}.sh -O /tmp/raspap$_{source}" - source /var/www/html/installers/${source}.sh + wget -q ${UPDATE_URL}installers/${source}.sh -O /tmp/raspap_${source} + source /var/www/html/installers/raspap_${source}.sh install_raspap fi - From bf9647c5bb5dc239100e66ab5c849a1e012626d0 Mon Sep 17 00:00:00 2001 From: billz Date: Thu, 7 Nov 2019 13:48:30 +0000 Subject: [PATCH 12/16] Update installer paths --- installers/raspbian.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/installers/raspbian.sh b/installers/raspbian.sh index 68f854d1..2c915abd 100755 --- a/installers/raspbian.sh +++ b/installers/raspbian.sh @@ -86,12 +86,12 @@ function update_system_packages() { if [ "${install_cert:-}" = 1 ]; then source="mkcert" wget -q ${UPDATE_URL}installers/${source}.sh -O /tmp/raspap_${source} - source /var/www/html/installers/raspap_${source}.sh + source /tmp/raspap_${source}.sh && rm -f /tmp/raspap_${source}.sh install_certificate else source="common" wget -q ${UPDATE_URL}installers/${source}.sh -O /tmp/raspap_${source} - source /var/www/html/installers/raspap_${source}.sh + source /tmp/raspap_${source}.sh && rm -f /tmp/raspap_${source}.sh install_raspap fi From 3a0540c2663e4bf98150d718da5e5a1d1efd3de4 Mon Sep 17 00:00:00 2001 From: billz Date: Thu, 7 Nov 2019 16:45:21 +0000 Subject: [PATCH 13/16] Replace $certname with $HOSTNAME --- installers/mkcert.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/installers/mkcert.sh b/installers/mkcert.sh index 132613f3..7ae52d55 100755 --- a/installers/mkcert.sh +++ b/installers/mkcert.sh @@ -13,7 +13,7 @@ webroot_dir="/var/www/html" function config_installation() { install_log "Configure a new SSL certificate" - echo "Current system hostname is ${certname}" + echo "Current system hostname is $HOSTNAME" echo -n "Create an SSL certificate for ${certname}? (Recommended) [y/N]" if [ $assume_yes == 0 ]; then read answer From a66bb13703c92e8d06423dd219b2784d65bf4a9a Mon Sep 17 00:00:00 2001 From: billz Date: Thu, 7 Nov 2019 18:04:41 +0000 Subject: [PATCH 14/16] Cleanup + error handling --- installers/mkcert.sh | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/installers/mkcert.sh b/installers/mkcert.sh index 7ae52d55..453f0724 100755 --- a/installers/mkcert.sh +++ b/installers/mkcert.sh @@ -67,13 +67,13 @@ function generate_certificate() { mkcert $certname "*.${certname}.local" $certname || install_error "Failed to generate certificate for $certname" install_log "Combining private key and certificate" - cat $certname+2-key.pem $certname+2.pem > $certname.pem || install_error "Failed to combine key and certificate"a + cat $certname+2-key.pem $certname+2.pem > $certname.pem || install_error "Failed to combine key and certificate" echo "OK" } # Create a directory for the combined .pem file in lighttpd function create_lighttpd_dir() { - install_log "Create SLL directory for lighttpd" + install_log "Creating SLL directory for lighttpd" if [ ! -d "$lighttpd_ssl" ]; then sudo mkdir -p "$lighttpd_ssl" || install_error "Failed to create lighttpd directory" fi @@ -81,14 +81,13 @@ function create_lighttpd_dir() { install_log "Setting permissions and moving .pem file" chmod 400 /home/pi/"$certname".pem || install_error "Unable to set permissions for .pem file" - sudo mv /home/pi/"$certname".pem /etc/lighttpd/ssl + sudo mv /home/pi/"$certname".pem /etc/lighttpd/ssl || install_error "Unable to move .pem file" echo "OK" } -# Edit the lighttpd configuration +# Generate config to enable SSL in lighttpd function configure_lighttpd() { install_log "Configuring lighttpd for SSL" - # Generate config to enable SSL in lighttpd lines=( 'server.modules += ("mod_openssl")' '$SERVER["socket"] == ":443" {' @@ -105,15 +104,14 @@ function configure_lighttpd() { sudo sed -i "$ a $line" $lighttpd_conf echo "Adding line $line" fi - #echo $line done echo "OK" } # Copy rootCA.pem to RaspAP web root function copy_rootca() { - install_log "Copying rootCA.pem to RaspAP web root" || install_error "Unable to copy rootCA.pem to ${webroot_dir}" - sudo cp /home/pi/.local/share/mkcert/rootCA.pem ${webroot_dir} + install_log "Copying rootCA.pem to RaspAP web root" + sudo cp /home/pi/.local/share/mkcert/rootCA.pem ${webroot_dir} || install_error "Unable to copy rootCA.pem to ${webroot_dir}" echo "OK" } From 35894bc4fcbc760a21d9780afb0b3966ac27228f Mon Sep 17 00:00:00 2001 From: billz Date: Thu, 7 Nov 2019 20:12:23 +0000 Subject: [PATCH 15/16] Minor: messages --- installers/mkcert.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/installers/mkcert.sh b/installers/mkcert.sh index 453f0724..0de09b0c 100755 --- a/installers/mkcert.sh +++ b/installers/mkcert.sh @@ -24,11 +24,11 @@ function config_installation() { echo -e fi - echo -n "Install to Lighttpd SSL directory: ${lighttpd_ssl}? [y/N]: " + echo -n "Install to lighttpd SSL directory: ${lighttpd_ssl}? [y/N]: " if [ $assume_yes == 0 ]; then read answer if [[ $answer != "y" ]]; then - read -e -p "Enter alternate Lighttpd SSL directory: " -i "${lighttpd_ssl}" lighttpd_ssl + read -e -p "Enter alternate lighttpd SSL directory: " -i "${lighttpd_ssl}" lighttpd_ssl fi else echo -e From 0fa61f86261e25b5721971b693caa312ba99bc9d Mon Sep 17 00:00:00 2001 From: billz Date: Thu, 7 Nov 2019 20:12:41 +0000 Subject: [PATCH 16/16] Bugfix --- installers/raspbian.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/installers/raspbian.sh b/installers/raspbian.sh index 2c915abd..de6036c4 100755 --- a/installers/raspbian.sh +++ b/installers/raspbian.sh @@ -8,13 +8,13 @@ # -y, --yes, --assume-yes # Assume "yes" as answer to all prompts and run non-interactively # -# c, --crt, --certficate +# c, --cert, --certficate # Installs mkcert and generates an SSL certificate for lighttpd UPDATE_URL="https://raw.githubusercontent.com/billz/raspap-webgui/master/" VERSION=$(curl -s "https://api.github.com/repos/billz/raspap-webgui/releases/latest" | grep -Po '"tag_name": "\K.*?(?=")' ) USAGE=$'Usage: raspbian.sh [OPTION] \n\n-y, --yes, --assume-yes\n\tAssumes "yes" as an answer to all prompts' -USAGE+=$'\n-c, --crt, --certficate\n\tInstalls an SSL certificate for lighttpd\n' +USAGE+=$'\n-c, --cert, --certficate\n\tInstalls an SSL certificate for lighttpd\n' assume_yes=0 @@ -24,7 +24,7 @@ while :; do assume_yes=1 apt_option="-y" ;; - -c|--crt|--certificate) + -c|--cert|--certificate) install_cert=1 ;; -*|--*) @@ -85,12 +85,12 @@ function update_system_packages() { if [ "${install_cert:-}" = 1 ]; then source="mkcert" - wget -q ${UPDATE_URL}installers/${source}.sh -O /tmp/raspap_${source} + wget -q ${UPDATE_URL}installers/${source}.sh -O /tmp/raspap_${source}.sh source /tmp/raspap_${source}.sh && rm -f /tmp/raspap_${source}.sh install_certificate else source="common" - wget -q ${UPDATE_URL}installers/${source}.sh -O /tmp/raspap_${source} + wget -q ${UPDATE_URL}installers/${source}.sh -O /tmp/raspap_${source}.sh source /tmp/raspap_${source}.sh && rm -f /tmp/raspap_${source}.sh install_raspap fi