1
0
mirror of https://github.com/billz/raspap-webgui.git synced 2023-10-10 13:37:24 +02:00

Merge pull request #428 from billz/extend-installer

Extend quick installer
This commit is contained in:
Bill Zimmerman 2019-11-07 21:52:25 +01:00 committed by GitHub
commit 68ca768502
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 229 additions and 62 deletions

1
.gitignore vendored
View File

@ -3,3 +3,4 @@ node_modules
yarn-error.log yarn-error.log
*.swp *.swp
includes/config.php includes/config.php
rootCA.pem

View File

@ -35,42 +35,7 @@ elif [ "$php_package" = "php5-cgi" ]; then
phpcgiconf="/etc/php5/cgi/php.ini" phpcgiconf="/etc/php5/cgi/php.ini"
fi fi
# Outputs a RaspAP Install log line
function install_log() {
echo -e "\033[1;32mRaspAP Install: $*\033[m"
}
# Outputs a RaspAP Install Error log line and exits with status code 1
function install_error() {
echo -e "\033[1;37;41mRaspAP Install Error: $*\033[m"
exit 1
}
# Outputs a RaspAP Warning line
function install_warning() {
echo -e "\033[1;33mWarning: $*\033[m"
}
# Outputs a welcome message
function display_welcome() {
raspberry='\033[0;35m'
green='\033[1;32m'
echo -e "${raspberry}\n"
echo -e " 888888ba .d888888 888888ba"
echo -e " 88 8b d8 88 88 8b"
echo -e "a88aaaa8P' .d8888b. .d8888b. 88d888b. 88aaaaa88a a88aaaa8P"
echo -e " 88 8b. 88 88 Y8ooooo. 88 88 88 88 88"
echo -e " 88 88 88. .88 88 88. .88 88 88 88"
echo -e " dP dP 88888P8 88888P 88Y888P 88 88 dP"
echo -e " 88"
echo -e " dP version ${VERSION}"
echo -e "${green}"
echo -e "The Quick Installer will guide you through a few easy steps\n\n"
}
### NOTE: all the below functions are overloadable for system-specific installs ### NOTE: all the below functions are overloadable for system-specific installs
### NOTE: some of the below functions MUST be overloaded due to system-specific installs
function config_installation() { function config_installation() {
install_log "Configure installation" install_log "Configure installation"
@ -80,7 +45,7 @@ function config_installation() {
if [ $assume_yes == 0 ]; then if [ $assume_yes == 0 ]; then
read answer read answer
if [[ $answer != "y" ]]; then if [[ $answer != "y" ]]; then
read -e -p "Enter alternate Lighttpd directory: " -i "/var/www/html/" webroot_dir read -e -p "Enter alternate Lighttpd directory: " -i "/var/www/html" webroot_dir
fi fi
else else
echo -e echo -e
@ -100,9 +65,9 @@ function config_installation() {
} }
# Runs a system software update to make sure we're using all fresh packages # Runs a system software update to make sure we're using all fresh packages
function update_system_packages() { function install_dependencies() {
# OVERLOAD THIS install_log "Installing required packages"
install_error "No function definition for update_system_packages" sudo apt-get install $apt_option lighttpd $php_package git hostapd dnsmasq vnstat || install_error "Unable to install dependencies"
} }
# Installs additional dependencies using system package manager # Installs additional dependencies using system package manager

148
installers/mkcert.sh Executable file
View File

@ -0,0 +1,148 @@
#!/bin/bash
#
# RaspAP SSL certificate installation functions
# author: @billz
# license: GNU General Public License v3.0
certname=$HOSTNAME."local"
lighttpd_ssl="/etc/lighttpd/ssl"
lighttpd_conf="/etc/lighttpd/lighttpd.conf"
webroot_dir="/var/www/html"
### NOTE: all the below functions are overloadable for system-specific installs
function config_installation() {
install_log "Configure a new SSL certificate"
echo "Current system hostname is $HOSTNAME"
echo -n "Create an SSL certificate for ${certname}? (Recommended) [y/N]"
if [ $assume_yes == 0 ]; then
read answer
if [[ $answer != "y" ]]; then
read -e -p "Enter an alternate certificate name: " -i "${certname}" certname
fi
else
echo -e
fi
echo -n "Install to lighttpd SSL directory: ${lighttpd_ssl}? [y/N]: "
if [ $assume_yes == 0 ]; then
read answer
if [[ $answer != "y" ]]; then
read -e -p "Enter alternate lighttpd SSL directory: " -i "${lighttpd_ssl}" lighttpd_ssl
fi
else
echo -e
fi
install_divider
echo "A new SSL certificate for: ${certname}"
echo "will be installed to lighttpd SSL directory: ${lighttpd_ssl}"
install_divider
echo -n "Complete installation with these values? [y/N]: "
if [ $assume_yes == 0 ]; then
read answer
if [[ $answer != "y" ]]; then
echo "Installation aborted."
exit 0
fi
else
echo -e
fi
}
# Installs pre-built mkcert binary for Arch Linux ARM
function install_mkcert() {
install_log "Fetching mkcert binary"
sudo wget -q https://github.com/FiloSottile/mkcert/releases/download/v1.3.0/mkcert-v1.3.0-linux-arm -O /usr/local/bin/mkcert || install_error "Unable to download mkcert"
sudo chmod +x /usr/local/bin/mkcert
install_log "Installing mkcert"
mkcert -install || install_error "Failed to install mkcert"
}
# Generate a certificate for host
function generate_certificate() {
install_log "Generating a new certificate for $certname"
cd /home/pi
mkcert $certname "*.${certname}.local" $certname || install_error "Failed to generate certificate for $certname"
install_log "Combining private key and certificate"
cat $certname+2-key.pem $certname+2.pem > $certname.pem || install_error "Failed to combine key and certificate"
echo "OK"
}
# Create a directory for the combined .pem file in lighttpd
function create_lighttpd_dir() {
install_log "Creating SLL directory for lighttpd"
if [ ! -d "$lighttpd_ssl" ]; then
sudo mkdir -p "$lighttpd_ssl" || install_error "Failed to create lighttpd directory"
fi
echo "OK"
install_log "Setting permissions and moving .pem file"
chmod 400 /home/pi/"$certname".pem || install_error "Unable to set permissions for .pem file"
sudo mv /home/pi/"$certname".pem /etc/lighttpd/ssl || install_error "Unable to move .pem file"
echo "OK"
}
# Generate config to enable SSL in lighttpd
function configure_lighttpd() {
install_log "Configuring lighttpd for SSL"
lines=(
'server.modules += ("mod_openssl")'
'$SERVER["socket"] == ":443" {'
'ssl.engine = "enable"'
'ssl.pemfile = "'$lighttpd_ssl/$certname'.pem"'
'ssl.ca-file = "/home/pi/.local/share/mkcert/rootCA.pem"'
'server.name = "'$certname'"'
'server.document-root = "'${webroot_dir}'"}'
)
for line in "${lines[@]}"; do
if grep -Fxq "${line}" "${lighttpd_conf}" > /dev/null; then
echo "$line: Line already added"
else
sudo sed -i "$ a $line" $lighttpd_conf
echo "Adding line $line"
fi
done
echo "OK"
}
# Copy rootCA.pem to RaspAP web root
function copy_rootca() {
install_log "Copying rootCA.pem to RaspAP web root"
sudo cp /home/pi/.local/share/mkcert/rootCA.pem ${webroot_dir} || install_error "Unable to copy rootCA.pem to ${webroot_dir}"
echo "OK"
}
# Restart lighttpd service
function restart_lighttpd() {
install_log "Restarting lighttpd service"
sudo systemctl restart lighttpd.service || install_error "Unable to restart lighttpd service"
sudo systemctl status lighttpd.service
}
function install_complete() {
install_log "SSL certificate install completed!"
install_divider
echo "Open a browser and enter the address: http://${certname}/rootCA.pem"
echo "Download the root certificate to your client and add it to your system keychain."
echo "Note: Be sure to set this certificate to "Always trust" to avoid browser warnings."
echo "Finally, enter the address https://${certname} in your browser."
echo "Enjoy an encrypted SSL connection to RaspAP 🔒"
echo "For advanced options, run mkcert -help"
install_divider
}
function install_certificate() {
display_welcome
config_installation
install_mkcert
generate_certificate
create_lighttpd_dir
configure_lighttpd
copy_rootca
restart_lighttpd
install_complete
}

View File

@ -4,41 +4,94 @@
# author: @billz # author: @billz
# license: GNU General Public License v3.0 # license: GNU General Public License v3.0
# #
# Command-line options: -y, --yes, --assume-yes # Command-line options:
# -y, --yes, --assume-yes
# Assume "yes" as answer to all prompts and run non-interactively # Assume "yes" as answer to all prompts and run non-interactively
#
# c, --cert, --certficate
# Installs mkcert and generates an SSL certificate for lighttpd
UPDATE_URL="https://raw.githubusercontent.com/billz/raspap-webgui/master/" UPDATE_URL="https://raw.githubusercontent.com/billz/raspap-webgui/master/"
VERSION=$(curl -s "https://api.github.com/repos/billz/raspap-webgui/releases/latest" | grep -Po '"tag_name": "\K.*?(?=")' ) VERSION=$(curl -s "https://api.github.com/repos/billz/raspap-webgui/releases/latest" | grep -Po '"tag_name": "\K.*?(?=")' )
wget -q ${UPDATE_URL}/installers/common.sh -O /tmp/raspapcommon.sh USAGE=$'Usage: raspbian.sh [OPTION] \n\n-y, --yes, --assume-yes\n\tAssumes "yes" as an answer to all prompts'
source /tmp/raspapcommon.sh && rm -f /tmp/raspapcommon.sh USAGE+=$'\n-c, --cert, --certficate\n\tInstalls an SSL certificate for lighttpd\n'
assume_yes=0 assume_yes=0
positional=()
while [[ $# -gt 0 ]]
do
key="$1"
case $key in while :; do
case $1 in
-y|--yes|--assume-yes) -y|--yes|--assume-yes)
assume_yes=1 assume_yes=1
apt_option="-y" apt_option="-y"
shift # past argument
shift # past value
;; ;;
*) # unknown option -c|--cert|--certificate)
shift # past argument install_cert=1
;;
-*|--*)
echo "Unknown option: $1";
echo "$USAGE"
exit 1
;;
*)
break
;; ;;
esac esac
shift
done done
# Outputs a welcome message
function display_welcome() {
raspberry='\033[0;35m'
green='\033[1;32m'
echo -e "${raspberry}\n"
echo -e " 888888ba .d888888 888888ba"
echo -e " 88 8b d8 88 88 8b"
echo -e "a88aaaa8P' .d8888b. .d8888b. 88d888b. 88aaaaa88a a88aaaa8P"
echo -e " 88 8b. 88 88 Y8ooooo. 88 88 88 88 88"
echo -e " 88 88 88. .88 88 88. .88 88 88 88"
echo -e " dP dP 88888P8 88888P 88Y888P 88 88 dP"
echo -e " 88"
echo -e " dP version ${VERSION}"
echo -e "${green}"
echo -e "The Quick Installer will guide you through a few easy steps\n\n"
}
# Outputs a RaspAP Install log line
function install_log() {
echo -e "\033[1;32mRaspAP Install: $*\033[m"
}
# Outputs a RaspAP Install Error log line and exits with status code 1
function install_error() {
echo -e "\033[1;37;41mRaspAP Install Error: $*\033[m"
exit 1
}
# Outputs a RaspAP Warning line
function install_warning() {
echo -e "\033[1;33mWarning: $*\033[m"
}
# Outputs a RaspAP divider
function install_divider() {
echo -e "\033[1;32m***************************************************************$*\033[m"
}
function update_system_packages() { function update_system_packages() {
install_log "Updating sources" install_log "Updating sources"
sudo apt-get update || install_error "Unable to update package list" sudo apt-get update || install_error "Unable to update package list"
} }
function install_dependencies() { if [ "${install_cert:-}" = 1 ]; then
install_log "Installing required packages" source="mkcert"
sudo apt-get install $apt_option lighttpd $php_package git hostapd dnsmasq vnstat || install_error "Unable to install dependencies" wget -q ${UPDATE_URL}installers/${source}.sh -O /tmp/raspap_${source}.sh
} source /tmp/raspap_${source}.sh && rm -f /tmp/raspap_${source}.sh
install_certificate
else
source="common"
wget -q ${UPDATE_URL}installers/${source}.sh -O /tmp/raspap_${source}.sh
source /tmp/raspap_${source}.sh && rm -f /tmp/raspap_${source}.sh
install_raspap install_raspap
fi