diff --git a/BACKERS.md b/BACKERS.md index 6c51208d..cabd988b 100644 --- a/BACKERS.md +++ b/BACKERS.md @@ -19,6 +19,9 @@ When backers were asked which feature they'd most like to see added to RaspAP, t ✅ Multiple OpenVPN client configs ✅ OpenVPN service logging +✅ Night mode toggle +✅ Restrict network to static clients +⚙️ WireGuard support (in progress) ⚙️ Traffic shaping (in progress) Look for the list above to grow as we add more exclusive features. @@ -29,6 +32,9 @@ Below is a list of funding targets. When a funding target is reached, the featur #### $500 ✅ Multiple OpenVPN client configs ✅ OpenVPN service logging +✅ Night mode toggle +✅ Restrict network to static clients +⚙️ WireGuard support (in progress) ⚙️ Traffic shaping (in progress) ### Frequently asked questions diff --git a/README.md b/README.md index 42266b4b..f754d941 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ ![](https://i.imgur.com/DpgvLIO.png) -[![Release 2.7](https://img.shields.io/badge/release-v2.7-green)](https://github.com/raspap/raspap-insiders/releases) [![Awesome](https://awesome.re/badge.svg)](https://github.com/thibmaek/awesome-raspberry-pi) [![Financial Contributors on Open Collective](https://opencollective.com/raspap/all/badge.svg?label=financial+contributors)](https://opencollective.com/raspap) ![https://travis-ci.com/github/raspap/raspap-webgui/](https://api.travis-ci.org/RaspAP/raspap-webgui.svg) [![Crowdin](https://badges.crowdin.net/raspap/localized.svg)](https://crowdin.com/project/raspap) [![Twitter URL](https://img.shields.io/twitter/url?label=%40RaspAP&logoColor=%23d8224c&url=https%3A%2F%2Ftwitter.com%2Frasp_ap)](https://twitter.com/rasp_ap) [![Subreddit subscribers](https://img.shields.io/reddit/subreddit-subscribers/RaspAP?style=social)](https://www.reddit.com/r/RaspAP/) +[![Release 2.7.1](https://img.shields.io/badge/release-v2.7.1-green)](https://github.com/raspap/raspap-insiders/releases) [![Awesome](https://awesome.re/badge.svg)](https://github.com/thibmaek/awesome-raspberry-pi) [![Financial Contributors on Open Collective](https://opencollective.com/raspap/all/badge.svg?label=financial+contributors)](https://opencollective.com/raspap) ![https://travis-ci.com/github/raspap/raspap-webgui/](https://api.travis-ci.org/RaspAP/raspap-webgui.svg) [![Crowdin](https://badges.crowdin.net/raspap/localized.svg)](https://crowdin.com/project/raspap) [![Twitter URL](https://img.shields.io/twitter/url?label=%40RaspAP&logoColor=%23d8224c&url=https%3A%2F%2Ftwitter.com%2Frasp_ap)](https://twitter.com/rasp_ap) [![Subreddit subscribers](https://img.shields.io/reddit/subreddit-subscribers/RaspAP?style=social)](https://www.reddit.com/r/RaspAP/) Welcome to **RaspAP Insiders**. You, the members of the Insiders community, support the sponsorware release model, which means that new features are first exclusively released to sponsors as part of Insiders. Read on for details about how this strategy works—and *thank you* for joining us on this journey. @@ -30,6 +30,8 @@ When backers were asked which feature they'd most like to see added to RaspAP, t ✅ Manage OpenVPN client configs ✅ OpenVPN service logging ✅ Night mode toggle +✅ Restrict network to static clients +✅ WireGuard support ⚙️ Traffic shaping (in progress) Look for the list above to grow as we add more exlcusive features. Have an idea or suggestion for a future enhancement? Start or join an [Insiders discussion](https://github.com/orgs/RaspAP/teams/insiders/discussions) and let us know! @@ -41,17 +43,19 @@ Following is a list of funding targets. When a funding target is reached, the fe ✅ Manage OpenVPN client configs ✅ OpenVPN service logging ✅ Night mode toggle -⚙️ Traffic shaping (in progress) +✅ Restrict network to static clients +✅ WireGuard support +⚙️ Traffic shaping (in progress) ## Frequently asked questions ### Upgrading *I have an existing RaspAP installation. How do I upgrade to Insiders?* -Upgrading is easy. Simply invoke the Quick Installer with the `--upgrade` switch, specifying the private Insiders repo, like so: +Upgrading is easy. Simply invoke the Quick Installer with the --upgrade switch, specifying the private Insiders Edition, like so: ``` -curl -sL https://install.raspap.com | bash -s -- --upgrade --repo raspap/raspap-insiders +curl -sL https://install.raspap.com | bash -s -- --upgrade --insiders ``` If you haven't [added SSH keys to your GitHub account](https://docs.github.com/en/github/authenticating-to-github/connecting-to-github-with-ssh) you will be prompted to authenticate. If so, just enter your GitHub credentials during the install: diff --git a/config/50-raspap-router.conf b/config/50-raspap-router.conf index 31ac6b1a..c7634436 100644 --- a/config/50-raspap-router.conf +++ b/config/50-raspap-router.conf @@ -2,8 +2,8 @@ server.modules += ( "mod_rewrite", ) -$HTTP["url"] =~ "^/(?!(dist|app|ajax|config)).*" { - url.rewrite-once = ( - "^/[^\?]*(\?.*)?" => "/index.php$1" - ) +$HTTP["url"] =~ "^/REPLACE_ME/(?!(dist|app|ajax|config)).*" { + url.rewrite-once = ( "^/REPLACE_ME/(.*?)(\?.+)?$"=>"/REPLACE_ME/index.php/$1?$2" ) + server.error-handler-404 = "/REPLACE_ME/index.php" } + diff --git a/includes/defaults.php b/includes/defaults.php index d3261fca..f6009f17 100755 --- a/includes/defaults.php +++ b/includes/defaults.php @@ -6,7 +6,7 @@ if (!defined('RASPI_CONFIG')) { $defaults = [ 'RASPI_BRAND_TEXT' => 'RaspAP', - 'RASPI_VERSION' => '2.7', + 'RASPI_VERSION' => '2.7.1', 'RASPI_CONFIG_NETWORK' => RASPI_CONFIG.'/networking/defaults.json', 'RASPI_ADMIN_DETAILS' => RASPI_CONFIG.'/raspap.auth', 'RASPI_WIFI_AP_INTERFACE' => 'wlan0', diff --git a/includes/hostapd.php b/includes/hostapd.php index 9aeb59e2..43e04bd1 100755 --- a/includes/hostapd.php +++ b/includes/hostapd.php @@ -306,8 +306,8 @@ function SaveHostAPDConfig($wpa_array, $enc_types, $modes, $interfaces, $status) if ($bridgedEnable == 1) { $config = array_keys(getDefaultNetOpts('dhcp')); $config[] = PHP_EOL.'# RaspAP br0 configuration'; - $config[] = 'interface br0'; $config[] = 'denyinterfaces eth0 wlan0'; + $config[] = 'interface br0'; $config[] = PHP_EOL; } elseif ($wifiAPEnable == 1) { $config = array_keys(getDefaultNetOpts('dhcp')); diff --git a/index.php b/index.php index 6d4fb478..59549062 100755 --- a/index.php +++ b/index.php @@ -14,7 +14,7 @@ * @author Lawrence Yau * @author Bill Zimmerman * @license GNU General Public License, version 3 (GPL-3.0) - * @version 2.7 + * @version 2.7.1 * @link https://github.com/raspap/raspap-insiders/ * @link https://raspap.com/ * @see http://sirlagz.net/2013/02/08/raspap-webgui/ @@ -50,7 +50,7 @@ require_once 'includes/torproxy.php'; $config = getConfig(); $output = $return = 0; -$page = $_SERVER['REQUEST_URI']; +$page = $_SERVER['PATH_INFO']; $theme_url = getThemeOpt(); $toggleState = getSidebarState(); diff --git a/installers/common.sh b/installers/common.sh index 70d52b56..8b532be3 100755 --- a/installers/common.sh +++ b/installers/common.sh @@ -28,7 +28,12 @@ readonly raspap_network="$raspap_dir/networking/" readonly rulesv4="/etc/iptables/rules.v4" readonly notracking_url="https://raw.githubusercontent.com/notracking/hosts-blocklists/master/" webroot_dir="/var/www/html" -git_source_url="https://github.com/$repo" # $repo from install.raspap.com + +if [ "$insiders" == 1 ]; then + repo="RaspAP/raspap-insiders" + branch=${RASPAP_INSIDERS_LATEST} +fi +git_source_url="https://github.com/$repo" # NOTE: all the below functions are overloadable for system-specific installs function _install_raspap() { @@ -78,7 +83,7 @@ function _config_installation() { fi echo "${opt[1]} lighttpd directory: ${webroot_dir}" if [ "$upgrade" == 1 ]; then - echo "This will upgrade your existing install to version ${RASPAP_LATEST}" + echo "This will upgrade your existing install to version ${RASPAP_RELEASE}" echo "Your configuration will NOT be changed" fi echo -n "Complete ${opt[2]} with these values? [Y/n]: " @@ -171,6 +176,8 @@ function _create_raspap_directories() { # Create a directory to store networking configs echo "Creating $raspap_dir/networking" sudo mkdir -p "$raspap_dir/networking" + echo "Changing file ownership of $raspap_dir" + sudo chown -R $raspap_user:$raspap_user "$raspap_dir" || _install_status 1 "Unable to change file ownership for '$raspap_dir'" } # Generate hostapd logging and service control scripts @@ -209,14 +216,30 @@ function _install_lighttpd_configs() { # Copy config files echo "Copying 50-raspap-router.conf to /etc/lighttpd/conf-available" - sudo cp "$webroot_dir/config/50-raspap-router.conf" "/etc/lighttpd/conf-available" || _install_status 1 "Unable to copy lighttpd config file." + + CONFSRC="$webroot_dir/config/50-raspap-router.conf" + LTROOT=$(grep "server.document-root" /etc/lighttpd/lighttpd.conf | awk -F '=' '{print $2}' | tr -d " \"") + + # compare values and get difference + HTROOT=${webroot_dir/$LTROOT} + + # remove trailing slash if present + HTROOT=$(echo "$HTROOT" | sed -e 's/\/$//') + + # substitute values + awk "{gsub(\"/REPLACE_ME\",\"$HTROOT\")}1" $CONFSRC > /tmp/50-raspap-router.conf + + # copy into place + sudo cp /tmp/50-raspap-router.conf /etc/lighttpd/conf-available/ || _install_status 1 "Unable to copy lighttpd config file into place." + # link into conf-enabled - echo "Creating link to /etc/lighttpd/conf-enabled"|| _install_status 1 "Unable to copy lighttpd config file." - sudo ln -s "/etc/lighttpd/conf-available/50-raspap-router.conf" "/etc/lighttpd/conf-enabled/50-raspap-router.conf" || _install_status 1 "Unable to symlink lighttpd config file." + echo "Creating link to /etc/lighttpd/conf-enabled" + sudo ln -s "/etc/lighttpd/conf-available/50-raspap-router.conf" "/etc/lighttpd/conf-enabled/50-raspap-router.conf" || _install_status 1 "Unable to symlink lighttpd config file (this is normal if the link already exists)." sudo systemctl restart lighttpd.service || _install_status 1 "Unable to restart lighttpd" _install_status 0 } + # Prompt to install ad blocking function _prompt_install_adblock() { _install_log "Configure ad blocking (Beta)" @@ -300,19 +323,21 @@ function _prompt_install_openvpn() { # Prompt to install WireGuard function _prompt_install_wireguard() { - _install_log "Configure WireGuard support" - echo -n "Install WireGuard and enable VPN tunnel configuration? [Y/n]: " - if [ "$assume_yes" == 0 ]; then - read answer < /dev/tty - if [ "$answer" != "${answer#[Nn]}" ]; then - echo -e - else + if [ "$insiders" == 1 ]; then + _install_log "Configure WireGuard support" + echo -n "Install WireGuard and enable VPN tunnel configuration? [Y/n]: " + if [ "$assume_yes" == 0 ]; then + read answer < /dev/tty + if [ "$answer" != "${answer#[Nn]}" ]; then + echo -e + else + _install_wireguard + fi + elif [ "$wg_option" == 1 ]; then _install_wireguard + else + echo "(Skipped)" fi - elif [ "$wg_option" == 1 ]; then - _install_wireguard - else - echo "(Skipped)" fi } diff --git a/installers/raspbian.sh b/installers/raspbian.sh index 4b8011fd..fed9b619 100755 --- a/installers/raspbian.sh +++ b/installers/raspbian.sh @@ -17,9 +17,11 @@ # -a, --adblock Used with -y, --yes, sets Adblock install option (0=no install) # -r, --repo, --repository Overrides the default GitHub repo (raspap/raspap-webgui) # -b, --branch Overrides the default git branch (master) -# -h, --help Outputs usage notes and exits +# -t, --token Token to access a private repository # -u, --upgrade Upgrades an existing installation to the latest release version +# -i, --insiders Installs from the Insiders Edition (raspap/raspap-insiders) # -v, --version Outputs release info and exits +# -h, --help Outputs usage notes and exits # # Depending on options passed to the installer, ONE of the following # additional shell scripts will be downloaded and sourced: @@ -35,8 +37,7 @@ set -eo pipefail function _main() { # set defaults - repo="raspap/raspap-webgui" # override with -r, --repo option - + repo="RaspAP/raspap-webgui" # override with -r, --repo option _parse_params "$@" _setup_colors _log_output @@ -49,6 +50,8 @@ function _parse_params() { upgrade=0 ovpn_option=1 adblock_option=1 + insiders=0 + acctoken="" while :; do case "${1-}" in @@ -81,6 +84,12 @@ function _parse_params() { -u|--upgrade) upgrade=1 ;; + -i|--insiders) + insiders=1 + ;; + -t|--token) + acctoken="$2" + ;; -v|--version) _version ;; @@ -125,7 +134,9 @@ OPTIONS: -a, --adblock Used with -y, --yes, sets Adblock install option (0=no install) -r, --repo, --repository Overrides the default GitHub repo (raspap/raspap-webgui) -b, --branch Overrides the default git branch (latest release) +-t, --token Token to access a private repository -u, --upgrade Upgrades an existing installation to the latest release version +-i, --insiders Installs from the Insiders Edition (raspap/raspap-insiders) -v, --version Outputs release info and exits -h, --help Outputs usage notes and exits @@ -139,13 +150,16 @@ Examples: Invoke installer remotely, run non-interactively with option flags: curl -sL https://install.raspap.com | bash -s -- --yes --openvpn 1 --adblock 0 + Invoke remotely, uprgrade an existing install to the Insiders Edition: + curl -sL https://install.raspap.com | bash -s -- --upgrade --insiders + EOF exit } function _version() { _get_release - echo -e "RaspAP v${RASPAP_LATEST} - Simple AP setup & WiFi management for Debian-based devices" + echo -e "RaspAP v${RASPAP_RELEASE} - Simple wireless AP setup & management for Debian-based devices" exit } @@ -159,14 +173,20 @@ function _display_welcome() { echo -e " 88 88 88. .88 88 88. .88 88 88 88" echo -e " dP dP 88888P8 88888P 88Y888P 88 88 dP" echo -e " 88" - echo -e " dP version ${RASPAP_LATEST}" + echo -e " dP version ${RASPAP_RELEASE}" echo -e "${ANSI_GREEN}" echo -e "The Quick Installer will guide you through a few easy steps${ANSI_RESET}\n\n" } -# Fetch latest release from GitHub API +# Fetch latest release from GitHub or RaspAP Installer API function _get_release() { readonly RASPAP_LATEST=$(curl -s "https://api.github.com/repos/$repo/releases/latest" | grep -Po '"tag_name": "\K.*?(?=")' ) + if [ "$insiders" == 1 ]; then + RASPAP_INSIDERS_LATEST=$(curl -s "https://install.raspap.com/repos/RaspAP/raspap-insiders/releases/latest/" | grep -Po '"tag_name": "\K.*?(?=")' ) + RASPAP_RELEASE="${RASPAP_INSIDERS_LATEST} Insiders" + else + RASPAP_RELEASE="${RASPAP_LATEST}" + fi } # Outputs a RaspAP Install log line @@ -201,6 +221,7 @@ function _update_system_packages() { # Fetch required installer functions function _load_installer() { + # fetch latest release tag _get_release @@ -210,14 +231,18 @@ function _load_installer() { fi UPDATE_URL="https://raw.githubusercontent.com/$repo/$branch/" + header=() + if [[ ! -z "$acctoken" ]]; then + header=(--header "Authorization: token $acctoken") + fi if [ "${install_cert:-}" = 1 ]; then source="mkcert" - wget -q ${UPDATE_URL}installers/${source}.sh -O /tmp/raspap_${source}.sh + wget "${header[@]}" -q ${UPDATE_URL}installers/${source}.sh -O /tmp/raspap_${source}.sh source /tmp/raspap_${source}.sh && rm -f /tmp/raspap_${source}.sh _install_certificate || _install_status 1 "Unable to install certificate" else source="common" - wget -q ${UPDATE_URL}installers/${source}.sh -O /tmp/raspap_${source}.sh + wget "${header[@]}" -q ${UPDATE_URL}installers/${source}.sh -O /tmp/raspap_${source}.sh source /tmp/raspap_${source}.sh && rm -f /tmp/raspap_${source}.sh _install_raspap || _install_status 1 "Unable to install RaspAP" fi