mirror of
https://github.com/billz/raspap-webgui.git
synced 2023-10-10 13:37:24 +02:00
Update README.md
This commit is contained in:
parent
ff2c91fe8d
commit
815a479ca5
134
README.md
134
README.md
@ -19,6 +19,7 @@ We'd be curious to hear about how you use this with [your own RPi-powered projec
|
|||||||
- [Simultaneous AP and Wifi client](#simultaneous-ap-and-wifi-client)
|
- [Simultaneous AP and Wifi client](#simultaneous-ap-and-wifi-client)
|
||||||
- [Support us](#support-us)
|
- [Support us](#support-us)
|
||||||
- [Manual installation](#manual-installation)
|
- [Manual installation](#manual-installation)
|
||||||
|
- [802.11ac 5GHz support](#802.11ac-5GHz-support)
|
||||||
- [Multilingual support](#multilingual-support)
|
- [Multilingual support](#multilingual-support)
|
||||||
- [HTTPS support](#https-support)
|
- [HTTPS support](#https-support)
|
||||||
- [OpenVPN support](#openvpn-support)
|
- [OpenVPN support](#openvpn-support)
|
||||||
@ -73,126 +74,10 @@ RaspAP is free software, but powered by your support. If you find RaspAP useful
|
|||||||
[![Beerpay](https://beerpay.io/billz/raspap-webgui/badge.svg)](https://beerpay.io/billz/raspap-webgui)
|
[![Beerpay](https://beerpay.io/billz/raspap-webgui/badge.svg)](https://beerpay.io/billz/raspap-webgui)
|
||||||
|
|
||||||
## Manual installation
|
## Manual installation
|
||||||
These steps apply to the latest release of Raspbian (currently [Buster](https://www.raspberrypi.org/downloads/raspbian/)). Notes for previously released versions are provided, where applicable. Start off by installing git, lighttpd, php7, hostapd and dnsmasq.
|
Detailed manual setup instructions are provided [on our wiki](https://github.com/billz/raspap-webgui/wiki/Manual-installation).
|
||||||
```sh
|
|
||||||
sudo apt-get install git lighttpd php7.1-cgi hostapd dnsmasq vnstat
|
|
||||||
```
|
|
||||||
**Note:** for Raspbian Stretch, replace `php7.1-cgi` with `php7.0-cgi`. For Raspbian Jessie and older versions, use `php5-cgi`. After that, enable PHP for lighttpd and restart it for the settings to take effect.
|
|
||||||
```sh
|
|
||||||
sudo lighttpd-enable-mod fastcgi-php
|
|
||||||
sudo service lighttpd restart
|
|
||||||
```
|
|
||||||
Now comes the fun part. For security reasons, the `www-data` user which lighttpd runs under is not allowed to start or stop daemons, or run commands like ifdown and ifup, all of which we want our page to do.
|
|
||||||
So what I have done is added the `www-data` user to the sudoers file, but with restrictions on what commands the user can run. Add the following to the end of `/etc/sudoers`:
|
|
||||||
|
|
||||||
```sh
|
## 802.11ac 5GHz support
|
||||||
www-data ALL=(ALL) NOPASSWD:/sbin/ifdown
|
RaspAP provides an 802.11ac wireless mode option for supported hardware (currently the RPi 3B+/4) and wireless regulatory domains. See [this FAQ](https://github.com/billz/raspap-webgui/wiki/FAQs#80211ac) for more information.
|
||||||
www-data ALL=(ALL) NOPASSWD:/sbin/ifup
|
|
||||||
www-data ALL=(ALL) NOPASSWD:/bin/cat /etc/wpa_supplicant/wpa_supplicant.conf
|
|
||||||
www-data ALL=(ALL) NOPASSWD:/bin/cat /etc/wpa_supplicant/wpa_supplicant-wlan[0-9].conf
|
|
||||||
www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/wifidata /etc/wpa_supplicant/wpa_supplicant.conf
|
|
||||||
www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/wifidata /etc/wpa_supplicant/wpa_supplicant-wlan[0-9].conf
|
|
||||||
www-data ALL=(ALL) NOPASSWD:/sbin/wpa_cli -i wlan[0-9] scan_results
|
|
||||||
www-data ALL=(ALL) NOPASSWD:/sbin/wpa_cli -i wlan[0-9] scan
|
|
||||||
www-data ALL=(ALL) NOPASSWD:/sbin/wpa_cli -i wlan[0-9] reconfigure
|
|
||||||
www-data ALL=(ALL) NOPASSWD:/sbin/wpa_cli -i wlan[0-9] select_network
|
|
||||||
www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/hostapddata /etc/hostapd/hostapd.conf
|
|
||||||
www-data ALL=(ALL) NOPASSWD:/bin/systemctl start hostapd.service
|
|
||||||
www-data ALL=(ALL) NOPASSWD:/bin/systemctl stop hostapd.service
|
|
||||||
www-data ALL=(ALL) NOPASSWD:/bin/systemctl start dnsmasq.service
|
|
||||||
www-data ALL=(ALL) NOPASSWD:/bin/systemctl stop dnsmasq.service
|
|
||||||
www-data ALL=(ALL) NOPASSWD:/bin/systemctl start openvpn-client@client
|
|
||||||
www-data ALL=(ALL) NOPASSWD:/bin/systemctl stop openvpn-client@client
|
|
||||||
www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/openvpn.ovpn /etc/openvpn/client/client.conf
|
|
||||||
www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/authdata /etc/openvpn/client/login.conf
|
|
||||||
www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/dnsmasqdata /etc/dnsmasq.conf
|
|
||||||
www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/dhcpddata /etc/dhcpcd.conf
|
|
||||||
www-data ALL=(ALL) NOPASSWD:/sbin/shutdown -h now
|
|
||||||
www-data ALL=(ALL) NOPASSWD:/sbin/reboot
|
|
||||||
www-data ALL=(ALL) NOPASSWD:/sbin/ip link set wlan[0-9] down
|
|
||||||
www-data ALL=(ALL) NOPASSWD:/sbin/ip link set wlan[0-9] up
|
|
||||||
www-data ALL=(ALL) NOPASSWD:/sbin/ip -s a f label wlan[0-9]
|
|
||||||
www-data ALL=(ALL) NOPASSWD:/bin/cp /etc/raspap/networking/dhcpcd.conf /etc/dhcpcd.conf
|
|
||||||
www-data ALL=(ALL) NOPASSWD:/etc/raspap/hostapd/enablelog.sh
|
|
||||||
www-data ALL=(ALL) NOPASSWD:/etc/raspap/hostapd/disablelog.sh
|
|
||||||
www-data ALL=(ALL) NOPASSWD:/etc/raspap/hostapd/servicestart.sh
|
|
||||||
www-data ALL=(ALL) NOPASSWD:/etc/raspap/lighttpd/configport.sh
|
|
||||||
www-data ALL=(ALL) NOPASSWD:/etc/raspap/openvpn/configauth.sh
|
|
||||||
```
|
|
||||||
|
|
||||||
Once those modifications are done, git clone the files to `/var/www/html`.
|
|
||||||
**Note:** for older versions of Raspbian (before Jessie, May 2016) use
|
|
||||||
`/var/www` instead.
|
|
||||||
```sh
|
|
||||||
sudo rm -rf /var/www/html
|
|
||||||
sudo git clone https://github.com/billz/raspap-webgui /var/www/html
|
|
||||||
```
|
|
||||||
Move the high-res favicons to the web root.
|
|
||||||
```
|
|
||||||
sudo mv /var/www/html/app/icons/* /var/www/html
|
|
||||||
```
|
|
||||||
Set the files ownership to `www-data` user.
|
|
||||||
```sh
|
|
||||||
sudo chown -R www-data:www-data /var/www/html
|
|
||||||
```
|
|
||||||
Move the RaspAP configuration file to the correct location.
|
|
||||||
```sh
|
|
||||||
sudo mkdir /etc/raspap
|
|
||||||
sudo mv /var/www/html/raspap.php /etc/raspap/
|
|
||||||
sudo chown -R www-data:www-data /etc/raspap
|
|
||||||
```
|
|
||||||
Move the HostAPD logging and service control shell scripts to the correct location.
|
|
||||||
```sh
|
|
||||||
sudo mkdir /etc/raspap/hostapd
|
|
||||||
sudo mv /var/www/html/installers/*log.sh /etc/raspap/hostapd
|
|
||||||
sudo mv /var/www/html/installers/service*.sh /etc/raspap/hostapd
|
|
||||||
```
|
|
||||||
Set ownership and permissions for logging and service control scripts.
|
|
||||||
```sh
|
|
||||||
sudo chown -c root:www-data /etc/raspap/hostapd/*.sh
|
|
||||||
sudo chmod 750 /etc/raspap/hostapd/*.sh
|
|
||||||
```
|
|
||||||
Add the following lines to `/etc/rc.local` before `exit 0`.
|
|
||||||
```sh
|
|
||||||
echo 1 > /proc/sys/net/ipv4/ip_forward #RASPAP
|
|
||||||
iptables -t nat -A POSTROUTING -j MASQUERADE #RASPAP
|
|
||||||
iptables -t nat -A POSTROUTING -s 192.168.50.0/24 ! -d 192.168.50.0/24 -j MASQUERADE #RASPAP
|
|
||||||
```
|
|
||||||
Force a reload of new settings in `/etc/rc.local`.
|
|
||||||
```sh
|
|
||||||
sudo systemctl restart rc-local.service
|
|
||||||
sudo systemctl daemon-reload
|
|
||||||
```
|
|
||||||
Unmask and enable the hostapd service.
|
|
||||||
```sh
|
|
||||||
sudo systemctl unmask hostapd.service
|
|
||||||
sudo systemctl enable hostapd.service
|
|
||||||
```
|
|
||||||
Move the raspap service to the correct location and enable it.
|
|
||||||
```
|
|
||||||
sudo mv /var/www/html/installers/raspap.service /lib/systemd/system
|
|
||||||
sudo systemctl enable raspap.service
|
|
||||||
```
|
|
||||||
Copy the configuration files for dhcpcd, dnsmasq, and hostapd.
|
|
||||||
```
|
|
||||||
sudo mv /var/www/html/config/default_hostapd /etc/default/hostapd
|
|
||||||
sudo mv /var/www/html/config/hostapd.conf /etc/hostapd/hostapd.conf
|
|
||||||
sudo mv /var/www/html/config/dnsmasq.conf /etc/dnsmasq.conf
|
|
||||||
sudo mv /var/www/html/config/dhcpcd.conf /etc/dhcpcd.conf
|
|
||||||
sudo mv /var/www/html/config/config.php /var/www/html/includes/
|
|
||||||
```
|
|
||||||
(Optional) Optimize PHP
|
|
||||||
```
|
|
||||||
sudo sed -i -E 's/^session\.cookie_httponly\s*=\s*(0|([O|o]ff)|([F|f]alse)|([N|n]o))\s*$/session.cookie_httponly = 1/' /etc/php/7.1/cgi/php.ini
|
|
||||||
sudo sed -i -E 's/^;?opcache\.enable\s*=\s*(0|([O|o]ff)|([F|f]alse)|([N|n]o))\s*$/opcache.enable = 1/' /etc/php/7.1/cgi/php.ini
|
|
||||||
sudo phpenmod opcache
|
|
||||||
```
|
|
||||||
Reboot and it should be up and running!
|
|
||||||
```sh
|
|
||||||
sudo reboot
|
|
||||||
```
|
|
||||||
|
|
||||||
The default username is 'admin' and the default password is 'secret'.
|
|
||||||
|
|
||||||
## Multilingual support
|
## Multilingual support
|
||||||
RaspAP uses [GNU Gettext](https://www.gnu.org/software/gettext/) to manage multilingual messages. In order to use RaspAP with one of our supported translations, you must configure a corresponding language package on your RPi. To list languages currently installed on your system, use `locale -a` at the shell prompt. To generate new locales, run `sudo dpkg-reconfigure locales` and select any other desired locales. Details are provided on our [wiki](https://github.com/billz/raspap-webgui/wiki/Translations#raspap-in-your-language).
|
RaspAP uses [GNU Gettext](https://www.gnu.org/software/gettext/) to manage multilingual messages. In order to use RaspAP with one of our supported translations, you must configure a corresponding language package on your RPi. To list languages currently installed on your system, use `locale -a` at the shell prompt. To generate new locales, run `sudo dpkg-reconfigure locales` and select any other desired locales. Details are provided on our [wiki](https://github.com/billz/raspap-webgui/wiki/Translations#raspap-in-your-language).
|
||||||
@ -240,12 +125,11 @@ To configure an OpenVPN client, upload a valid .ovpn file and, optionally, speci
|
|||||||
**Note**: this feature is currently in beta. Please [read this](https://github.com/billz/raspap-webgui/wiki/FAQs#-openvpn-fails-to-start-andor-i-have-no-internet-help) before reporting an issue.
|
**Note**: this feature is currently in beta. Please [read this](https://github.com/billz/raspap-webgui/wiki/FAQs#-openvpn-fails-to-start-andor-i-have-no-internet-help) before reporting an issue.
|
||||||
|
|
||||||
## How to contribute
|
## How to contribute
|
||||||
|
|
||||||
1. File an issue in the repository describing the contribution you'd like to make. This will help us get you started on the
|
1. Fork the project in your account and create a new branch: `your-great-feature`.
|
||||||
right foot.
|
2. Open a feature request issue in the repository describing the contribution you'd like to make. This will help us get you started on the right foot.
|
||||||
2. Fork the project in your account and create a new branch: `your-great-feature`.
|
3. Commit changes in your feature branch.
|
||||||
3. Commit your changes in that branch.
|
4. Open a pull request and reference the initial issue in the pull request message.
|
||||||
4. Open a pull request, and reference the initial issue in the pull request message.
|
|
||||||
|
|
||||||
This project follows the [PSR-2](http://www.php-fig.org/psr/psr-2/) coding style guidelines. There are many ways to check your code for PSR-2. An excellent tool is [PHP_CodeSniffer](https://github.com/squizlabs/PHP_CodeSniffer). The command line tool `phpcs` can be run against any single file. [Phing](https://www.phing.info/), a PHP build tool, integrates nicely with `phpcs` to automate PSR-2 checks across all source files in a project.
|
This project follows the [PSR-2](http://www.php-fig.org/psr/psr-2/) coding style guidelines. There are many ways to check your code for PSR-2. An excellent tool is [PHP_CodeSniffer](https://github.com/squizlabs/PHP_CodeSniffer). The command line tool `phpcs` can be run against any single file. [Phing](https://www.phing.info/), a PHP build tool, integrates nicely with `phpcs` to automate PSR-2 checks across all source files in a project.
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user