Update installer + sudoers for wg
This commit is contained in:
billz
parent
5c4814585a
commit
8d73fb774f
|
|
@ -235,37 +235,37 @@ function _install_adblock() {
|
||||||
_install_status 0
|
_install_status 0
|
||||||
}
|
}
|
||||||
|
|
||||||
# Prompt to install VPN
|
# Prompt to install openvpn
|
||||||
function _prompt_install_vpn() {
|
function _prompt_install_openvpn() {
|
||||||
_install_log "Configure VPN support"
|
_install_log "Configure OpenVPN support"
|
||||||
echo -n "Install VPN and enable client configuration? [Y/n]: "
|
echo -n "Install OpenVPN and enable client configuration? [Y/n]: "
|
||||||
if [ "$assume_yes" == 0 ]; then
|
if [ "$assume_yes" == 0 ]; then
|
||||||
read answer < /dev/tty
|
read answer < /dev/tty
|
||||||
if [ "$answer" != "${answer#[Nn]}" ]; then
|
if [ "$answer" != "${answer#[Nn]}" ]; then
|
||||||
echo -e
|
echo -e
|
||||||
else
|
else
|
||||||
_install_vpn
|
_install_openvpn
|
||||||
fi
|
fi
|
||||||
elif [ "$ovpn_option" == 1 ]; then
|
elif [ "$ovpn_option" == 1 ]; then
|
||||||
_install_vpn
|
_install_openvpn
|
||||||
else
|
else
|
||||||
echo "(Skipped)"
|
echo "(Skipped)"
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function _install_vpn() {
|
# Prompt to install WireGuard
|
||||||
echo -n "Install [O]penVPN or [W]ireGuard? [O/W]: "
|
function _prompt_install_wireguard() {
|
||||||
|
_install_log "Configure WireGuard support"
|
||||||
|
echo -n "Install WireGuard and enable VPN tunnel configuration? [Y/n]: "
|
||||||
if [ "$assume_yes" == 0 ]; then
|
if [ "$assume_yes" == 0 ]; then
|
||||||
read answer < /dev/tty
|
read answer < /dev/tty
|
||||||
case $answer in
|
if [ "$answer" != "${answer#[Nn]}" ]; then
|
||||||
[oO]* )
|
echo -e
|
||||||
_install_openvpn;
|
else
|
||||||
break;;
|
_install_wireguard
|
||||||
[wW]* )
|
fi
|
||||||
_install_wireguard;
|
elif [ "$wg_option" == 1 ]; then
|
||||||
esac
|
_install_wireguard
|
||||||
elif [ "$ovpn_option" == 1 ]; then
|
|
||||||
_install_openvpn
|
|
||||||
else
|
else
|
||||||
echo "(Skipped)"
|
echo "(Skipped)"
|
||||||
fi
|
fi
|
||||||
|
|
@ -283,6 +283,8 @@ function _install_wireguard() {
|
||||||
printf 'Package: *\nPin: release a=unstable\nPin-Priority: 150\n' | sudo tee --append /etc/apt/preferences.d/limit-unstable || _install_status 1 "Unable to append to preferences.d"
|
printf 'Package: *\nPin: release a=unstable\nPin-Priority: 150\n' | sudo tee --append /etc/apt/preferences.d/limit-unstable || _install_status 1 "Unable to append to preferences.d"
|
||||||
echo "Installing WireGuard"
|
echo "Installing WireGuard"
|
||||||
sudo apt-get update && sudo apt-get install $apt_option wireguard || _install_status 1 "Unable to install wireguard"
|
sudo apt-get update && sudo apt-get install $apt_option wireguard || _install_status 1 "Unable to install wireguard"
|
||||||
|
echo "Enabling wg-quick@wg0"
|
||||||
|
sudo systemctl enable wg-quick@wg0 || _install_status 1 "Failed to enable wg-quick service"
|
||||||
echo "Enabling WireGuard management option"
|
echo "Enabling WireGuard management option"
|
||||||
sudo sed -i "s/\('RASPI_WIREGUARD_ENABLED', \)false/\1true/g" "$webroot_dir/includes/config.php" || _install_status 1 "Unable to modify config.php"
|
sudo sed -i "s/\('RASPI_WIREGUARD_ENABLED', \)false/\1true/g" "$webroot_dir/includes/config.php" || _install_status 1 "Unable to modify config.php"
|
||||||
_install_status 0
|
_install_status 0
|
||||||
|
|
@ -572,7 +574,8 @@ function _install_raspap() {
|
||||||
_default_configuration
|
_default_configuration
|
||||||
_configure_networking
|
_configure_networking
|
||||||
_prompt_install_adblock
|
_prompt_install_adblock
|
||||||
_prompt_install_vpn
|
_prompt_install_openvpn
|
||||||
|
_prompt_install_wireguard
|
||||||
_patch_system_files
|
_patch_system_files
|
||||||
_install_complete
|
_install_complete
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -37,4 +37,8 @@ www-data ALL=(ALL) NOPASSWD:/bin/chmod o+r /tmp/hostapd.log
|
||||||
www-data ALL=(ALL) NOPASSWD:/bin/chmod o+r /tmp/dnsmasq.log
|
www-data ALL=(ALL) NOPASSWD:/bin/chmod o+r /tmp/dnsmasq.log
|
||||||
www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/dnsmasqdata /etc/dnsmasq.d/090_adblock.conf
|
www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/dnsmasqdata /etc/dnsmasq.d/090_adblock.conf
|
||||||
www-data ALL=(ALL) NOPASSWD:/etc/raspap/adblock/update_blocklist.sh
|
www-data ALL=(ALL) NOPASSWD:/etc/raspap/adblock/update_blocklist.sh
|
||||||
|
www-data ALL=(ALL) NOPASSWD:/usr/bin/wg-quick up wg0
|
||||||
|
www-data ALL=(ALL) NOPASSWD:/usr/bin/wg-quick down wg0
|
||||||
|
www-data ALL=(ALL) NOPASSWD:/usr/bin/wg
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -14,6 +14,8 @@
|
||||||
# Used with -y, --yes, sets OpenVPN install option (0=no install)
|
# Used with -y, --yes, sets OpenVPN install option (0=no install)
|
||||||
# -a, --adblock <flag>
|
# -a, --adblock <flag>
|
||||||
# Used with -y, --yes, sets Adblock install option (0=no install)
|
# Used with -y, --yes, sets Adblock install option (0=no install)
|
||||||
|
# -w, --wireguard <flag>
|
||||||
|
# Used with -y, --yes, sets WireGuard install option (0=no install)
|
||||||
# -r, --repo, --repository <name>
|
# -r, --repo, --repository <name>
|
||||||
# Overrides the default GitHub repo (billz/raspap-webgui)
|
# Overrides the default GitHub repo (billz/raspap-webgui)
|
||||||
# -b, --branch <name>
|
# -b, --branch <name>
|
||||||
|
|
@ -39,6 +41,7 @@ branch="master"
|
||||||
assume_yes=0
|
assume_yes=0
|
||||||
ovpn_option=1
|
ovpn_option=1
|
||||||
adblock_option=1
|
adblock_option=1
|
||||||
|
wg_option=1
|
||||||
|
|
||||||
# Define colors
|
# Define colors
|
||||||
readonly ANSI_RED="\033[0;31m"
|
readonly ANSI_RED="\033[0;31m"
|
||||||
|
|
@ -58,6 +61,7 @@ Usage: raspbian.sh [OPTION]\n
|
||||||
-c, --cert, --certificate\n\tInstalls an SSL certificate for lighttpd
|
-c, --cert, --certificate\n\tInstalls an SSL certificate for lighttpd
|
||||||
-o, --openvpn <flag>\n\tUsed with -y, --yes, sets OpenVPN install option (0=no install)
|
-o, --openvpn <flag>\n\tUsed with -y, --yes, sets OpenVPN install option (0=no install)
|
||||||
-a, --adblock <flag>\n\tUsed with -y, --yes, sets Adblock install option (0=no install)
|
-a, --adblock <flag>\n\tUsed with -y, --yes, sets Adblock install option (0=no install)
|
||||||
|
-w, --wireguard <flag>\n\tUsed with -y, --yes, sets WireGuard install option (0=no install)
|
||||||
-r, --repo, --repository <name>\n\tOverrides the default GitHub repo (billz/raspap-webgui)
|
-r, --repo, --repository <name>\n\tOverrides the default GitHub repo (billz/raspap-webgui)
|
||||||
-b, --branch <name>\n\tOverrides the default git branch (master)
|
-b, --branch <name>\n\tOverrides the default git branch (master)
|
||||||
-h, --help\n\tOutputs usage notes and exits
|
-h, --help\n\tOutputs usage notes and exits
|
||||||
|
|
@ -80,6 +84,10 @@ while :; do
|
||||||
adblock_option="$2"
|
adblock_option="$2"
|
||||||
shift
|
shift
|
||||||
;;
|
;;
|
||||||
|
-w|--wireguard)
|
||||||
|
wg_option="$2"
|
||||||
|
shift
|
||||||
|
;;
|
||||||
-c|--cert|--certificate)
|
-c|--cert|--certificate)
|
||||||
install_cert=1
|
install_cert=1
|
||||||
;;
|
;;
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue