mirror of
https://github.com/billz/raspap-webgui.git
synced 2023-10-10 13:37:24 +02:00
Merge pull request #428 from billz/extend-installer
Extend quick installer
This commit is contained in:
commit
68ca768502
1
.gitignore
vendored
1
.gitignore
vendored
@ -3,3 +3,4 @@ node_modules
|
|||||||
yarn-error.log
|
yarn-error.log
|
||||||
*.swp
|
*.swp
|
||||||
includes/config.php
|
includes/config.php
|
||||||
|
rootCA.pem
|
||||||
|
@ -35,42 +35,7 @@ elif [ "$php_package" = "php5-cgi" ]; then
|
|||||||
phpcgiconf="/etc/php5/cgi/php.ini"
|
phpcgiconf="/etc/php5/cgi/php.ini"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Outputs a RaspAP Install log line
|
|
||||||
function install_log() {
|
|
||||||
echo -e "\033[1;32mRaspAP Install: $*\033[m"
|
|
||||||
}
|
|
||||||
|
|
||||||
# Outputs a RaspAP Install Error log line and exits with status code 1
|
|
||||||
function install_error() {
|
|
||||||
echo -e "\033[1;37;41mRaspAP Install Error: $*\033[m"
|
|
||||||
exit 1
|
|
||||||
}
|
|
||||||
|
|
||||||
# Outputs a RaspAP Warning line
|
|
||||||
function install_warning() {
|
|
||||||
echo -e "\033[1;33mWarning: $*\033[m"
|
|
||||||
}
|
|
||||||
|
|
||||||
# Outputs a welcome message
|
|
||||||
function display_welcome() {
|
|
||||||
raspberry='\033[0;35m'
|
|
||||||
green='\033[1;32m'
|
|
||||||
|
|
||||||
echo -e "${raspberry}\n"
|
|
||||||
echo -e " 888888ba .d888888 888888ba"
|
|
||||||
echo -e " 88 8b d8 88 88 8b"
|
|
||||||
echo -e "a88aaaa8P' .d8888b. .d8888b. 88d888b. 88aaaaa88a a88aaaa8P"
|
|
||||||
echo -e " 88 8b. 88 88 Y8ooooo. 88 88 88 88 88"
|
|
||||||
echo -e " 88 88 88. .88 88 88. .88 88 88 88"
|
|
||||||
echo -e " dP dP 88888P8 88888P 88Y888P 88 88 dP"
|
|
||||||
echo -e " 88"
|
|
||||||
echo -e " dP version ${VERSION}"
|
|
||||||
echo -e "${green}"
|
|
||||||
echo -e "The Quick Installer will guide you through a few easy steps\n\n"
|
|
||||||
}
|
|
||||||
|
|
||||||
### NOTE: all the below functions are overloadable for system-specific installs
|
### NOTE: all the below functions are overloadable for system-specific installs
|
||||||
### NOTE: some of the below functions MUST be overloaded due to system-specific installs
|
|
||||||
|
|
||||||
function config_installation() {
|
function config_installation() {
|
||||||
install_log "Configure installation"
|
install_log "Configure installation"
|
||||||
@ -80,7 +45,7 @@ function config_installation() {
|
|||||||
if [ $assume_yes == 0 ]; then
|
if [ $assume_yes == 0 ]; then
|
||||||
read answer
|
read answer
|
||||||
if [[ $answer != "y" ]]; then
|
if [[ $answer != "y" ]]; then
|
||||||
read -e -p "Enter alternate Lighttpd directory: " -i "/var/www/html/" webroot_dir
|
read -e -p "Enter alternate Lighttpd directory: " -i "/var/www/html" webroot_dir
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
echo -e
|
echo -e
|
||||||
@ -100,9 +65,9 @@ function config_installation() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
# Runs a system software update to make sure we're using all fresh packages
|
# Runs a system software update to make sure we're using all fresh packages
|
||||||
function update_system_packages() {
|
function install_dependencies() {
|
||||||
# OVERLOAD THIS
|
install_log "Installing required packages"
|
||||||
install_error "No function definition for update_system_packages"
|
sudo apt-get install $apt_option lighttpd $php_package git hostapd dnsmasq vnstat || install_error "Unable to install dependencies"
|
||||||
}
|
}
|
||||||
|
|
||||||
# Installs additional dependencies using system package manager
|
# Installs additional dependencies using system package manager
|
||||||
|
148
installers/mkcert.sh
Executable file
148
installers/mkcert.sh
Executable file
@ -0,0 +1,148 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
#
|
||||||
|
# RaspAP SSL certificate installation functions
|
||||||
|
# author: @billz
|
||||||
|
# license: GNU General Public License v3.0
|
||||||
|
|
||||||
|
certname=$HOSTNAME."local"
|
||||||
|
lighttpd_ssl="/etc/lighttpd/ssl"
|
||||||
|
lighttpd_conf="/etc/lighttpd/lighttpd.conf"
|
||||||
|
webroot_dir="/var/www/html"
|
||||||
|
|
||||||
|
### NOTE: all the below functions are overloadable for system-specific installs
|
||||||
|
|
||||||
|
function config_installation() {
|
||||||
|
install_log "Configure a new SSL certificate"
|
||||||
|
echo "Current system hostname is $HOSTNAME"
|
||||||
|
echo -n "Create an SSL certificate for ${certname}? (Recommended) [y/N]"
|
||||||
|
if [ $assume_yes == 0 ]; then
|
||||||
|
read answer
|
||||||
|
if [[ $answer != "y" ]]; then
|
||||||
|
read -e -p "Enter an alternate certificate name: " -i "${certname}" certname
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
echo -e
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo -n "Install to lighttpd SSL directory: ${lighttpd_ssl}? [y/N]: "
|
||||||
|
if [ $assume_yes == 0 ]; then
|
||||||
|
read answer
|
||||||
|
if [[ $answer != "y" ]]; then
|
||||||
|
read -e -p "Enter alternate lighttpd SSL directory: " -i "${lighttpd_ssl}" lighttpd_ssl
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
echo -e
|
||||||
|
fi
|
||||||
|
|
||||||
|
install_divider
|
||||||
|
echo "A new SSL certificate for: ${certname}"
|
||||||
|
echo "will be installed to lighttpd SSL directory: ${lighttpd_ssl}"
|
||||||
|
install_divider
|
||||||
|
echo -n "Complete installation with these values? [y/N]: "
|
||||||
|
if [ $assume_yes == 0 ]; then
|
||||||
|
read answer
|
||||||
|
if [[ $answer != "y" ]]; then
|
||||||
|
echo "Installation aborted."
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
echo -e
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
# Installs pre-built mkcert binary for Arch Linux ARM
|
||||||
|
function install_mkcert() {
|
||||||
|
install_log "Fetching mkcert binary"
|
||||||
|
sudo wget -q https://github.com/FiloSottile/mkcert/releases/download/v1.3.0/mkcert-v1.3.0-linux-arm -O /usr/local/bin/mkcert || install_error "Unable to download mkcert"
|
||||||
|
sudo chmod +x /usr/local/bin/mkcert
|
||||||
|
|
||||||
|
install_log "Installing mkcert"
|
||||||
|
mkcert -install || install_error "Failed to install mkcert"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Generate a certificate for host
|
||||||
|
function generate_certificate() {
|
||||||
|
install_log "Generating a new certificate for $certname"
|
||||||
|
cd /home/pi
|
||||||
|
mkcert $certname "*.${certname}.local" $certname || install_error "Failed to generate certificate for $certname"
|
||||||
|
|
||||||
|
install_log "Combining private key and certificate"
|
||||||
|
cat $certname+2-key.pem $certname+2.pem > $certname.pem || install_error "Failed to combine key and certificate"
|
||||||
|
echo "OK"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Create a directory for the combined .pem file in lighttpd
|
||||||
|
function create_lighttpd_dir() {
|
||||||
|
install_log "Creating SLL directory for lighttpd"
|
||||||
|
if [ ! -d "$lighttpd_ssl" ]; then
|
||||||
|
sudo mkdir -p "$lighttpd_ssl" || install_error "Failed to create lighttpd directory"
|
||||||
|
fi
|
||||||
|
echo "OK"
|
||||||
|
|
||||||
|
install_log "Setting permissions and moving .pem file"
|
||||||
|
chmod 400 /home/pi/"$certname".pem || install_error "Unable to set permissions for .pem file"
|
||||||
|
sudo mv /home/pi/"$certname".pem /etc/lighttpd/ssl || install_error "Unable to move .pem file"
|
||||||
|
echo "OK"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Generate config to enable SSL in lighttpd
|
||||||
|
function configure_lighttpd() {
|
||||||
|
install_log "Configuring lighttpd for SSL"
|
||||||
|
lines=(
|
||||||
|
'server.modules += ("mod_openssl")'
|
||||||
|
'$SERVER["socket"] == ":443" {'
|
||||||
|
'ssl.engine = "enable"'
|
||||||
|
'ssl.pemfile = "'$lighttpd_ssl/$certname'.pem"'
|
||||||
|
'ssl.ca-file = "/home/pi/.local/share/mkcert/rootCA.pem"'
|
||||||
|
'server.name = "'$certname'"'
|
||||||
|
'server.document-root = "'${webroot_dir}'"}'
|
||||||
|
)
|
||||||
|
for line in "${lines[@]}"; do
|
||||||
|
if grep -Fxq "${line}" "${lighttpd_conf}" > /dev/null; then
|
||||||
|
echo "$line: Line already added"
|
||||||
|
else
|
||||||
|
sudo sed -i "$ a $line" $lighttpd_conf
|
||||||
|
echo "Adding line $line"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
echo "OK"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Copy rootCA.pem to RaspAP web root
|
||||||
|
function copy_rootca() {
|
||||||
|
install_log "Copying rootCA.pem to RaspAP web root"
|
||||||
|
sudo cp /home/pi/.local/share/mkcert/rootCA.pem ${webroot_dir} || install_error "Unable to copy rootCA.pem to ${webroot_dir}"
|
||||||
|
echo "OK"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Restart lighttpd service
|
||||||
|
function restart_lighttpd() {
|
||||||
|
install_log "Restarting lighttpd service"
|
||||||
|
sudo systemctl restart lighttpd.service || install_error "Unable to restart lighttpd service"
|
||||||
|
sudo systemctl status lighttpd.service
|
||||||
|
}
|
||||||
|
|
||||||
|
function install_complete() {
|
||||||
|
install_log "SSL certificate install completed!"
|
||||||
|
install_divider
|
||||||
|
echo "Open a browser and enter the address: http://${certname}/rootCA.pem"
|
||||||
|
echo "Download the root certificate to your client and add it to your system keychain."
|
||||||
|
echo "Note: Be sure to set this certificate to "Always trust" to avoid browser warnings."
|
||||||
|
echo "Finally, enter the address https://${certname} in your browser."
|
||||||
|
echo "Enjoy an encrypted SSL connection to RaspAP 🔒"
|
||||||
|
echo "For advanced options, run mkcert -help"
|
||||||
|
install_divider
|
||||||
|
}
|
||||||
|
|
||||||
|
function install_certificate() {
|
||||||
|
display_welcome
|
||||||
|
config_installation
|
||||||
|
install_mkcert
|
||||||
|
generate_certificate
|
||||||
|
create_lighttpd_dir
|
||||||
|
configure_lighttpd
|
||||||
|
copy_rootca
|
||||||
|
restart_lighttpd
|
||||||
|
install_complete
|
||||||
|
}
|
||||||
|
|
@ -4,41 +4,94 @@
|
|||||||
# author: @billz
|
# author: @billz
|
||||||
# license: GNU General Public License v3.0
|
# license: GNU General Public License v3.0
|
||||||
#
|
#
|
||||||
# Command-line options: -y, --yes, --assume-yes
|
# Command-line options:
|
||||||
|
# -y, --yes, --assume-yes
|
||||||
# Assume "yes" as answer to all prompts and run non-interactively
|
# Assume "yes" as answer to all prompts and run non-interactively
|
||||||
|
#
|
||||||
|
# c, --cert, --certficate
|
||||||
|
# Installs mkcert and generates an SSL certificate for lighttpd
|
||||||
|
|
||||||
UPDATE_URL="https://raw.githubusercontent.com/billz/raspap-webgui/master/"
|
UPDATE_URL="https://raw.githubusercontent.com/billz/raspap-webgui/master/"
|
||||||
VERSION=$(curl -s "https://api.github.com/repos/billz/raspap-webgui/releases/latest" | grep -Po '"tag_name": "\K.*?(?=")' )
|
VERSION=$(curl -s "https://api.github.com/repos/billz/raspap-webgui/releases/latest" | grep -Po '"tag_name": "\K.*?(?=")' )
|
||||||
wget -q ${UPDATE_URL}/installers/common.sh -O /tmp/raspapcommon.sh
|
USAGE=$'Usage: raspbian.sh [OPTION] \n\n-y, --yes, --assume-yes\n\tAssumes "yes" as an answer to all prompts'
|
||||||
source /tmp/raspapcommon.sh && rm -f /tmp/raspapcommon.sh
|
USAGE+=$'\n-c, --cert, --certficate\n\tInstalls an SSL certificate for lighttpd\n'
|
||||||
|
|
||||||
assume_yes=0
|
assume_yes=0
|
||||||
positional=()
|
|
||||||
while [[ $# -gt 0 ]]
|
|
||||||
do
|
|
||||||
key="$1"
|
|
||||||
|
|
||||||
case $key in
|
while :; do
|
||||||
|
case $1 in
|
||||||
-y|--yes|--assume-yes)
|
-y|--yes|--assume-yes)
|
||||||
assume_yes=1
|
assume_yes=1
|
||||||
apt_option="-y"
|
apt_option="-y"
|
||||||
shift # past argument
|
|
||||||
shift # past value
|
|
||||||
;;
|
;;
|
||||||
*) # unknown option
|
-c|--cert|--certificate)
|
||||||
shift # past argument
|
install_cert=1
|
||||||
|
;;
|
||||||
|
-*|--*)
|
||||||
|
echo "Unknown option: $1";
|
||||||
|
echo "$USAGE"
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
break
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
|
shift
|
||||||
done
|
done
|
||||||
|
|
||||||
|
# Outputs a welcome message
|
||||||
|
function display_welcome() {
|
||||||
|
raspberry='\033[0;35m'
|
||||||
|
green='\033[1;32m'
|
||||||
|
|
||||||
|
echo -e "${raspberry}\n"
|
||||||
|
echo -e " 888888ba .d888888 888888ba"
|
||||||
|
echo -e " 88 8b d8 88 88 8b"
|
||||||
|
echo -e "a88aaaa8P' .d8888b. .d8888b. 88d888b. 88aaaaa88a a88aaaa8P"
|
||||||
|
echo -e " 88 8b. 88 88 Y8ooooo. 88 88 88 88 88"
|
||||||
|
echo -e " 88 88 88. .88 88 88. .88 88 88 88"
|
||||||
|
echo -e " dP dP 88888P8 88888P 88Y888P 88 88 dP"
|
||||||
|
echo -e " 88"
|
||||||
|
echo -e " dP version ${VERSION}"
|
||||||
|
echo -e "${green}"
|
||||||
|
echo -e "The Quick Installer will guide you through a few easy steps\n\n"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Outputs a RaspAP Install log line
|
||||||
|
function install_log() {
|
||||||
|
echo -e "\033[1;32mRaspAP Install: $*\033[m"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Outputs a RaspAP Install Error log line and exits with status code 1
|
||||||
|
function install_error() {
|
||||||
|
echo -e "\033[1;37;41mRaspAP Install Error: $*\033[m"
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
|
||||||
|
# Outputs a RaspAP Warning line
|
||||||
|
function install_warning() {
|
||||||
|
echo -e "\033[1;33mWarning: $*\033[m"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Outputs a RaspAP divider
|
||||||
|
function install_divider() {
|
||||||
|
echo -e "\033[1;32m***************************************************************$*\033[m"
|
||||||
|
}
|
||||||
|
|
||||||
function update_system_packages() {
|
function update_system_packages() {
|
||||||
install_log "Updating sources"
|
install_log "Updating sources"
|
||||||
sudo apt-get update || install_error "Unable to update package list"
|
sudo apt-get update || install_error "Unable to update package list"
|
||||||
}
|
}
|
||||||
|
|
||||||
function install_dependencies() {
|
if [ "${install_cert:-}" = 1 ]; then
|
||||||
install_log "Installing required packages"
|
source="mkcert"
|
||||||
sudo apt-get install $apt_option lighttpd $php_package git hostapd dnsmasq vnstat || install_error "Unable to install dependencies"
|
wget -q ${UPDATE_URL}installers/${source}.sh -O /tmp/raspap_${source}.sh
|
||||||
}
|
source /tmp/raspap_${source}.sh && rm -f /tmp/raspap_${source}.sh
|
||||||
|
install_certificate
|
||||||
|
else
|
||||||
|
source="common"
|
||||||
|
wget -q ${UPDATE_URL}installers/${source}.sh -O /tmp/raspap_${source}.sh
|
||||||
|
source /tmp/raspap_${source}.sh && rm -f /tmp/raspap_${source}.sh
|
||||||
install_raspap
|
install_raspap
|
||||||
|
fi
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user