diff --git a/README.md b/README.md index 523539fb..140796d9 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ -![RaspAP Custom OS images](https://github.com/user-attachments/assets/e871adf1-123c-450b-94eb-80a185c242cc) -[![Release 3.4.0](https://img.shields.io/badge/release-v3.4.0-green)](https://github.com/raspap/raspap-webgui/releases) [![Awesome](https://awesome.re/badge.svg)](https://github.com/thibmaek/awesome-raspberry-pi) [![Join Insiders](https://img.shields.io/static/v1?label=Insiders&message=%E2%9D%A4&logo=GitHub&color=ff69b4)](https://github.com/sponsors/RaspAP) [![Build Status](https://app.travis-ci.com/RaspAP/raspap-webgui.svg?branch=master)](https://app.travis-ci.com/RaspAP/raspap-webgui) [![Crowdin](https://badges.crowdin.net/raspap/localized.svg)](https://crowdin.com/project/raspap) [![Twitter URL](https://img.shields.io/twitter/url?label=%40RaspAP&logoColor=%23d8224c&url=https%3A%2F%2Ftwitter.com%2Frasp_ap)](https://twitter.com/rasp_ap) [![Reddit](https://img.shields.io/badge/%2Fr%2FRaspAP-e05d44?style=flat&logo=Reddit&logoColor=white&labelColor=e05d44&color=b14835)](https://reddit.com/r/RaspAP) [![Discord](https://img.shields.io/discord/642436993451819018?color=7289DA&label=Discord&logo=discord&style=flat)](https://discord.gg/KVAsaAR) +![RaspAP Hero](https://i.imgur.com/aNAG3Wa.jpeg) +[![Release 3.4.3](https://img.shields.io/badge/release-v3.4.3-green)](https://github.com/raspap/raspap-webgui/releases) [![Awesome](https://awesome.re/badge.svg)](https://github.com/thibmaek/awesome-raspberry-pi) [![Join Insiders](https://img.shields.io/static/v1?label=Insiders&message=%E2%9D%A4&logo=GitHub&color=ff69b4)](https://github.com/sponsors/RaspAP) [![Build Status](https://app.travis-ci.com/RaspAP/raspap-webgui.svg?branch=master)](https://app.travis-ci.com/RaspAP/raspap-webgui) [![Crowdin](https://badges.crowdin.net/raspap/localized.svg)](https://crowdin.com/project/raspap) [![Twitter URL](https://img.shields.io/twitter/url?label=%40RaspAP&logoColor=%23d8224c&url=https%3A%2F%2Ftwitter.com%2Frasp_ap)](https://twitter.com/rasp_ap) [![Reddit](https://img.shields.io/badge/%2Fr%2FRaspAP-e05d44?style=flat&logo=Reddit&logoColor=white&labelColor=e05d44&color=b14835)](https://reddit.com/r/RaspAP) [![Discord](https://img.shields.io/discord/642436993451819018?color=7289DA&label=Discord&logo=discord&style=flat)](https://discord.gg/KVAsaAR) RaspAP is feature-rich wireless router software that _just works_ on many popular [Debian-based devices](#supported-operating-systems), including the Raspberry Pi. Our [custom OS images](#pre-built-image), [Quick installer](#quick-installer) and [Docker container](#docker-support) create a known-good default configuration for all current Raspberry Pis with onboard wireless. A fully responsive, mobile-ready interface gives you control over the relevant services and networking options. Advanced DHCP settings, [WireGuard](https://docs.raspap.com/wireguard/), [Tailscale](https://docs.raspap.com/tailscale/) and [OpenVPN](https://docs.raspap.com/openvpn/) support, [SSL certificates](https://docs.raspap.com/ssl/), [ad blocking](#ad-blocking), security audits, [captive portal integration](https://docs.raspap.com/captive/), themes and [multilingual options](https://docs.raspap.com/translations/) are included. diff --git a/app/css/all.css b/app/css/all.css index f6aec2cd..e63272b5 100644 --- a/app/css/all.css +++ b/app/css/all.css @@ -48,8 +48,15 @@ th { } .navbar-logo { - margin-top: 0.5em; - margin-left: 0.5em; + margin-top: 0.2em; + margin-left: 0.7em; +} + +.login-logo { + width: 70px; + height: 70px; + margin-left: 1.2rem; + margin-bottom: -0.5rem; } .page-header { diff --git a/app/css/custom.php b/app/css/custom.php index 9113ef39..da824ff1 100644 --- a/app/css/custom.php +++ b/app/css/custom.php @@ -2,6 +2,7 @@ /* Theme Name: RaspAP default @@ -11,7 +12,7 @@ Description: Default theme for RaspAP License: GNU General Public License v3.0 */ -@import url('all.css'); +@import url('?v='); :root { --raspap-theme-color: ; diff --git a/app/img/raspAP-logo.php b/app/img/raspAP-logo.php index c8115634..2b02519a 100755 --- a/app/img/raspAP-logo.php +++ b/app/img/raspAP-logo.php @@ -1,7 +1,10 @@ image/svg+xml + version="1.1"> + + + + + + + + + + + + + + diff --git a/config/50-raspap-router.conf b/config/50-raspap-router.conf index 1c10d26f..6f25bc3e 100644 --- a/config/50-raspap-router.conf +++ b/config/50-raspap-router.conf @@ -2,7 +2,7 @@ server.modules += ( "mod_rewrite", ) -$HTTP["url"] =~ "^/REPLACE_ME/(?!(dist|app|ajax|config)).*" { +$HTTP["url"] =~ "^/REPLACE_ME/(?!(dist|app|ajax|config|rootCA\.pem)).*" { url.rewrite-once = ( "^/REPLACE_ME/(.*?)(\?.+)?$"=>"/REPLACE_ME/index.php/$1$2" ) server.error-handler-404 = "/REPLACE_ME/index.php" } diff --git a/config/config.php b/config/config.php index 2dd0223c..546441e6 100755 --- a/config/config.php +++ b/config/config.php @@ -69,6 +69,7 @@ define('RASPI_SYSTEM_ENABLED', true); define('RASPI_MONITOR_ENABLED', false); define('RASPI_RESTAPI_ENABLED', false); define('RASPI_PLUGINS_ENABLED', true); +define('RASPI_UI_STATIC_LOGO', false); // Locale settings define('LOCALE_ROOT', 'locale'); diff --git a/config/defaults.json b/config/defaults.json index 8713d5dd..c9770cc1 100644 --- a/config/defaults.json +++ b/config/defaults.json @@ -1,15 +1,15 @@ { - "hostapd":{ - "modes":{ - "n":{ - "settings":[ + "hostapd": { + "modes": { + "n": { + "settings": [ "hw_mode=g", "ieee80211n=1", "wmm_enabled=1" ] }, - "ac":{ - "settings":[ + "ac": { + "settings": [ "hw_mode=a", "# N", "ieee80211n=1", @@ -25,90 +25,117 @@ "vht_oper_centr_freq_seg0_idx={VHT_FREQ_IDX}" ] }, - "g":{ - "settings":[ + "g": { + "settings": [ "hw_mode=g", "ieee80211n=0" ] }, - "a":{ - "settings":[ + "a": { + "settings": [ "hw_mode=a", "ieee80211n=0" ] }, - "b":{ - "settings":[ + "b": { + "settings": [ "hw_mode=b", "ieee80211n=0" ] } + } + }, + "dhcp": { + "wlan0": { + "static ip_address": [ "10.3.141.1" ], + "static routers": [ "10.3.141.1" ], + "static domain_name_server": [ "1.1.1.1 8.8.8.8" ], + "subnetmask": [ "255.255.255.0" ] }, - "dhcp":{ - "wlan0":{ - "static ip_address":[ "10.3.141.1/24" ], - "static routers":[ "10.3.141.1" ], - "static domain_name_server":[ "1.1.1.1 8.8.8.8" ], - "subnetmask":[ "255.255.255.0" ] - }, - "wlan1":{ - "static ip_address":[ "10.9.141.1/24" ], - "static routers":[ "10.9.141.1" ], - "static domain_name_server":[ "1.1.1.1 8.8.8.8" ], - "subnetmask":[ "255.255.255.0" ] - }, - "uap0":{ - "static ip_address":[ "192.168.50.1/24" ], - "static routers":[ "192.168.50.1" ], - "static domain_name_server":[ "1.1.1.1 8.8.8.8" ], - "subnetmask":[ "255.255.255.0" ] - }, - "options":{ - "# RaspAP default configuration":null, - "hostname":null, - "clientid":null, - "persistent":null, - "option rapid_commit":null, - "option domain_name_servers, domain_name, domain_search, host_name":null, - "option classless_static_routes":null, - "option ntp_servers":null, - "require dhcp_server_identifier":null, - "slaac private":null, - "nohook lookup-hostname":null - } + "wlan1": { + "static ip_address": [ "10.9.141.1" ], + "static routers": [ "10.9.141.1" ], + "static domain_name_server": [ "1.1.1.1 8.8.8.8" ], + "subnetmask": [ "255.255.255.0" ] }, - "dnsmasq":{ - "wlan0":{ - "dhcp-range":[ "10.3.141.50,10.3.141.254,255.255.255.0,12h" ] - }, - "wlan1":{ - "dhcp-range":[ "10.9.141.50,10.9.141.254,255.255.255.0,12h" ] - }, - "uap0":{ - "dhcp-range":[ "192.168.50.50,192.168.50.150,12h" ] - } + "wlan2": { + "static ip_address": [ "10.6.141.1" ], + "static routers": [ "10.6.141.1" ], + "static domain_name_server": [ "1.1.1.1 8.8.8.8" ], + "subnetmask": [ "255.255.255.0" ] }, - "wireguard":{ - "server":{ - "Address":[ "10.8.2.1/24" ], - "ListenPort":[ "51820" ], - "DNS":[ "9.9.9.9" ], - "PostUp":[ "iptables -A FORWARD -i wlan0 -o wg0 -j ACCEPT; iptables -A FORWARD -i wg0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT; iptables -t nat -A POSTROUTING -o wg0 -j MASQUERADE" ], - "PostDown":[ "iptables -D FORWARD -i wlan0 -o wg0 -j ACCEPT; iptables -D FORWARD -i wg0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT; iptables -t nat -D POSTROUTING -o wg0 -j MASQUERADE" ], - "PostUpEx":[ "iptables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL ! -d %s -j REJECT" ], - "PreDown":[ "iptables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL ! -d %s -j REJECT" ] - }, - "peer":{ - "Address":[ "10.8.1.2/24" ], - "Endpoint":[ "10.8.2.1:51820" ], - "ListenPort":[ "21841" ], - "AllowedIPs":[ "10.8.2.0/24" ], - "PersistentKeepalive":[ "15" ] - } - }, - "txpower": { - "dbm": [ "auto", "30", "20", "17", "10", "6", "3", "1", "0" ] - } + "uap0": { + "static ip_address": ["192.168.50.1" ], + "static routers": [ "192.168.50.1" ], + "static domain_name_server": [ "1.1.1.1 8.8.8.8" ], + "subnetmask": [ "255.255.255.0" ] + }, + "eth0": { + "static ip_address": [ "192.168.55.1" ], + "static routers": [ "192.168.55.1" ], + "static domain_name_server": [ "1.1.1.1 8.8.8.8" ], + "subnetmask": [ "255.255.255.0" ] + }, + "enx": { + "static ip_address": [ "192.168.60.1" ], + "static routers": [ "192.168.60.1" ], + "static domain_name_server": [ "1.1.1.1 8.8.8.8" ], + "subnetmask": [ "255.255.255.0" ] + }, + "options": { + "# RaspAP default configuration": null, + "hostname": null, + "clientid": null, + "persistent": null, + "option rapid_commit": null, + "option domain_name_servers, domain_name, domain_search, host_name": null, + "option classless_static_routes": null, + "option ntp_servers": null, + "require dhcp_server_identifier": null, + "slaac private": null, + "nohook lookup-hostname": null + } + }, + "dnsmasq": { + "wlan0": { + "dhcp-range": [ "10.3.141.50,10.3.141.254,255.255.255.0,12h" ] + }, + "wlan1": { + "dhcp-range": [ "10.9.141.50,10.9.141.254,255.255.255.0,12h" ] + }, + "wlan2": { + "dhcp-range": [ "10.6.141.50,10.6.141.254,255.255.255.0,12h" ] + }, + "uap0": { + "dhcp-range": [ "192.168.50.50,192.168.50.150,12h" ] + }, + "eth0": { + "dhcp-range": [ "192.168.55.50,192.168.55.150,12h" ] + }, + "enx": { + "dhcp-range": [ "192.168.60.50,192.168.60.150,12h" ] + } + }, + "wireguard": { + "server": { + "Address": [ "10.8.2.1/24" ], + "ListenPort": [ "51820" ], + "DNS": [ "9.9.9.9" ], + "PostUp": [ "iptables -A FORWARD -i wlan0 -o %i -j ACCEPT; iptables -A FORWARD -i %i -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT; iptables -t nat -A POSTROUTING -o %i -j MASQUERADE" ], + "PostDown": [ "iptables -D FORWARD -i wlan0 -o %i -j ACCEPT; iptables -D FORWARD -i %i -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT; iptables -t nat -D POSTROUTING -o %i -j MASQUERADE" ], + "PostUpEx": [ "iptables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL ! -d %s -j REJECT" ], + "PreDown": [ "iptables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL ! -d %s -j REJECT" ] + }, + "peer": { + "Address": [ "10.8.1.2/24" ], + "Endpoint": [ "10.8.2.1:51820" ], + "ListenPort": [ "21841" ], + "AllowedIPs": [ "10.8.2.0/24" ], + "PersistentKeepalive": [ "15" ] + } + }, + "txpower": { + "dbm": [ "auto", "30", "20", "17", "10", "6", "3", "1", "0" ] } } diff --git a/dist/raspap/css/fonts/RaspAP.eot b/dist/raspap/css/fonts/RaspAP.eot index 90b07249..d23e5940 100755 Binary files a/dist/raspap/css/fonts/RaspAP.eot and b/dist/raspap/css/fonts/RaspAP.eot differ diff --git a/dist/raspap/css/fonts/RaspAP.svg b/dist/raspap/css/fonts/RaspAP.svg index 774ff8c3..94922807 100755 --- a/dist/raspap/css/fonts/RaspAP.svg +++ b/dist/raspap/css/fonts/RaspAP.svg @@ -11,4 +11,5 @@ + \ No newline at end of file diff --git a/dist/raspap/css/fonts/RaspAP.ttf b/dist/raspap/css/fonts/RaspAP.ttf index 67097ef2..1288a9c7 100755 Binary files a/dist/raspap/css/fonts/RaspAP.ttf and b/dist/raspap/css/fonts/RaspAP.ttf differ diff --git a/dist/raspap/css/fonts/RaspAP.woff b/dist/raspap/css/fonts/RaspAP.woff index 15e90438..882e69ae 100755 Binary files a/dist/raspap/css/fonts/RaspAP.woff and b/dist/raspap/css/fonts/RaspAP.woff differ diff --git a/dist/raspap/css/style.css b/dist/raspap/css/style.css index 02666a1d..14bf2607 100644 --- a/dist/raspap/css/style.css +++ b/dist/raspap/css/style.css @@ -1,16 +1,15 @@ @font-face { font-family: 'RaspAP'; - src: url('fonts/RaspAP.eot?3vjloy'); - src: url('fonts/RaspAP.eot?3vjloy#iefix') format('embedded-opentype'), - url('fonts/RaspAP.ttf?3vjloy') format('truetype'), - url('fonts/RaspAP.woff?3vjloy') format('woff'), - url('fonts/RaspAP.svg?3vjloy#RaspAP') format('svg'); + src: url('fonts/RaspAP.eot?8h3d6d'); + src: url('fonts/RaspAP.eot?8h3d6d#iefix') format('embedded-opentype'), + url('fonts/RaspAP.ttf?8h3d6d') format('truetype'), + url('fonts/RaspAP.woff?8h3d6d') format('woff'), + url('fonts/RaspAP.svg?8h3d6d#RaspAP') format('svg'); font-weight: normal; font-style: normal; font-display: block; } - [class^="ra-"], [class*=" ra-"] { /* use !important to prevent issues with browser extensions that change fonts */ font-family: 'RaspAP' !important; @@ -26,10 +25,15 @@ -moz-osx-font-smoothing: grayscale; } +.ra-wireshark:before { + font-size: 1.3rem; + font-weight: bold; + content: "\e904"; + vertical-align: bottom; +} .ra-wireguard:before { font-size: 1.1rem; content: "\e900"; - vertical-align: middle; } .ra-raspap:before { content: "\e901"; @@ -46,19 +50,3 @@ content: "\e903"; vertical-align: top; } -.card-header .ra-wireguard:before, -.card-header .ra-tailscale:before, -.card-header .ra-torproxy:before { - color: #fff; -} - -.sidebar .nav-item.active .nav-link span.ra-wireguard:before, -.sidebar .nav-item.active .nav-link span.ra-tailscale:before, -.sidebar .nav-item.active .nav-link span.ra-torproxy:before { - color: #6e707e; -} - -.sb-nav-link-icon .ra-tailscale { - margin-bottom: 0.4rem; -} - diff --git a/includes/dashboard.php b/includes/dashboard.php index 303060f1..441cd052 100755 --- a/includes/dashboard.php +++ b/includes/dashboard.php @@ -82,12 +82,15 @@ function DisplayDashboard(&$extraFooterScripts): void $vpnStatus = $vpn ? "active" : "inactive"; $vpnManaged = $vpn ? $dashboard->getVpnManaged($vpn) : null; $firewallManaged = $firewallStatus = ""; - $firewallInstalled = array_filter($plugins, fn($p) => str_ends_with($p, 'Firewall')) ? true : false; + $firewallInstalled = (bool) array_filter($plugins, function($p) { + return substr($p, -strlen('Firewall')) === 'Firewall'; + }); if (!$firewallInstalled) { $firewallUnavailable = ''; } else { $firewallManaged = ''; $firewallStatus = ($dashboard->firewallEnabled() == true) ? "active" : ""; + $firewallUnavailable = null; } echo renderTemplate( diff --git a/includes/defaults.php b/includes/defaults.php index a07f5f3f..2be9ae80 100755 --- a/includes/defaults.php +++ b/includes/defaults.php @@ -7,7 +7,7 @@ if (!defined('RASPI_CONFIG')) { $defaults = [ 'RASPI_BRAND_TEXT' => 'RaspAP', 'RASPI_BRAND_TITLE' => RASPI_BRAND_TEXT.' Admin Panel', - 'RASPI_VERSION' => '3.4.0', + 'RASPI_VERSION' => '3.4.3', 'RASPI_CONFIG_NETWORK' => RASPI_CONFIG.'/networking/defaults.json', 'RASPI_CONFIG_PROVIDERS' => 'config/vpn-providers.json', 'RASPI_CONFIG_API' => RASPI_CONFIG.'/api', diff --git a/includes/functions.php b/includes/functions.php index 8b388cf4..38e972eb 100755 --- a/includes/functions.php +++ b/includes/functions.php @@ -915,7 +915,7 @@ function renderStatus($hostapd_led, $hostapd_status, $memused_led, $memused, $cp ?>
- +
Status
diff --git a/includes/wireguard.php b/includes/wireguard.php index af6dbe28..0493510c 100755 --- a/includes/wireguard.php +++ b/includes/wireguard.php @@ -49,7 +49,9 @@ function DisplayWireGuardConfig() exec('sudo cat '. RASPI_WIREGUARD_CONFIG, $return); $conf = ParseConfig($return, $parseFlag); $wg_srvpubkey = exec('sudo cat '. RASPI_WIREGUARD_PATH .'wg-server-public.key', $return); - $wg_srvport = ($conf['ListenPort'] == '') ? getDefaultNetValue('wireguard','server','ListenPort') : $conf['ListenPort']; + $wg_srvport = ($conf['ListenPort'] ?? '') === '' + ? getDefaultNetValue('wireguard','server','ListenPort') + : $conf['ListenPort']; $wg_srvipaddress = ($conf['Address'] == '') ? getDefaultNetValue('wireguard','server','Address') : $conf['Address']; $wg_srvdns = ($conf['DNS'] == '') ? getDefaultNetValue('wireguard','server','DNS') : $conf['DNS']; if (is_array($wg_srvdns)) { diff --git a/index.php b/index.php index 2e15ab58..15c1c1d3 100755 --- a/index.php +++ b/index.php @@ -14,7 +14,7 @@ * @author Lawrence Yau * @author Bill Zimmerman * @license GNU General Public License, version 3 (GPL-3.0) - * @version 3.4.0 + * @version 3.4.3 * @link https://github.com/RaspAP/raspap-webgui/ * @link https://raspap.com/ * @see http://sirlagz.net/2013/02/08/raspap-webgui/ diff --git a/installers/common.sh b/installers/common.sh index 28014b61..013018c7 100755 --- a/installers/common.sh +++ b/installers/common.sh @@ -149,21 +149,24 @@ function _get_linux_distro() { # Sets php package option based on Linux version, abort if unsupported distro function _set_php_package() { case $RELEASE in + 13) # Debian 13 trixie + php_package="php8.4-fpm" + phpiniconf="/etc/php/8.4/fpm/php.ini" ;; 23.05|12*) # Debian 12 & Armbian 23.05 php_package="php8.2-cgi" - phpcgiconf="/etc/php/8.2/cgi/php.ini" ;; + phpiniconf="/etc/php/8.2/cgi/php.ini" ;; 23.04) # Ubuntu Server 23.04 php_package="php8.1-cgi" - phpcgiconf="/etc/php/8.1/cgi/php.ini" ;; + phpiniconf="/etc/php/8.1/cgi/php.ini" ;; 22.04|20.04|18.04|19.10|11*) # Previous Ubuntu Server, Debian & Armbian distros php_package="php7.4-cgi" - phpcgiconf="/etc/php/7.4/cgi/php.ini" ;; + phpiniconf="/etc/php/7.4/cgi/php.ini" ;; 10*|11*) php_package="php7.3-cgi" - phpcgiconf="/etc/php/7.3/cgi/php.ini" ;; + phpiniconf="/etc/php/7.3/cgi/php.ini" ;; 9*) php_package="php7.0-cgi" - phpcgiconf="/etc/php/7.0/cgi/php.ini" ;; + phpiniconf="/etc/php/7.0/cgi/php.ini" ;; 8) _install_status 1 "${DESC} and php5 are not supported. Please upgrade." exit 1 ;; @@ -272,6 +275,12 @@ function _install_dependencies() { echo iptables-persistent iptables-persistent/autosave_v4 boolean true | sudo debconf-set-selections echo iptables-persistent iptables-persistent/autosave_v6 boolean true | sudo debconf-set-selections sudo apt-get install -y lighttpd git hostapd dnsmasq iptables-persistent $php_package $dhcpcd_package $iw_package $rsync_package $network_tools $ifconfig_package vnstat qrencode jq isoquery || _install_status 1 "Unable to install dependencies" + + if [[ "$php_package" == *"-fpm" ]]; then + install_log "Enabling lighttpd fastcgi-php-fpm module for $php_package" + sudo lighty-enable-mod fastcgi-php-fpm || install_status 1 "Unable to enable fastcgi-php-fpm module" + fi + _install_status 0 } @@ -956,14 +965,14 @@ function _patch_system_files() { function _optimize_php() { if [ "$upgrade" == 0 ]; then _install_log "Optimize PHP configuration" - if [ ! -f "$phpcgiconf" ]; then + if [ ! -f "$phpiniconf" ]; then _install_status 2 "PHP configuration could not be found." return fi # Backup php.ini and create symlink for restoring. datetimephpconf=$(date +%F-%R) - sudo cp "$phpcgiconf" "$raspap_dir/backups/php.ini.$datetimephpconf" + sudo cp "$phpiniconf" "$raspap_dir/backups/php.ini.$datetimephpconf" sudo ln -sf "$raspap_dir/backups/php.ini.$datetimephpconf" "$raspap_dir/backups/php.ini" echo -n "Enable HttpOnly for session cookies (Recommended)? [Y/n]: " @@ -978,7 +987,7 @@ function _optimize_php() { if [ "$assume_yes" == 1 ] || [ "$php_session_cookie" == 1 ]; then echo "Php-cgi enabling session.cookie_httponly." - sudo sed -i -E 's/^session\.cookie_httponly\s*=\s*(0|([O|o]ff)|([F|f]alse)|([N|n]o))\s*$/session.cookie_httponly = 1/' "$phpcgiconf" + sudo sed -i -E 's/^session\.cookie_httponly\s*=\s*(0|([O|o]ff)|([F|f]alse)|([N|n]o))\s*$/session.cookie_httponly = 1/' "$phpiniconf" fi if [ "$php_package" = "php7.1-cgi" ]; then @@ -994,7 +1003,7 @@ function _optimize_php() { if [ "$assume_yes" == 1 ] || [ "$phpopcache" == 1 ]; then echo -e "Php-cgi enabling opcache.enable." - sudo sed -i -E 's/^;?opcache\.enable\s*=\s*(0|([O|o]ff)|([F|f]alse)|([N|n]o))\s*$/opcache.enable = 1/' "$phpcgiconf" + sudo sed -i -E 's/^;?opcache\.enable\s*=\s*(0|([O|o]ff)|([F|f]alse)|([N|n]o))\s*$/opcache.enable = 1/' "$phpiniconf" # Make sure opcache extension is turned on. if [ -f "/usr/sbin/phpenmod" ]; then sudo phpenmod opcache diff --git a/installers/raspap.sudoers b/installers/raspap.sudoers index bd073f33..b7a8a589 100644 --- a/installers/raspap.sudoers +++ b/installers/raspap.sudoers @@ -87,5 +87,6 @@ www-data ALL=(ALL) NOPASSWD:/usr/bin/nmap --script=broadcast-dhcp-discover -e [a www-data ALL=(ALL) NOPASSWD:/usr/bin/vnstat * www-data ALL=(ALL) NOPASSWD:/usr/sbin/visudo -cf * www-data ALL=(ALL) NOPASSWD:/etc/raspap/plugins/plugin_helper.sh -www-data ALL=(ALL) NOPASSWD: /bin/systemctl start raspap-network-activity@*.service -www-data ALL=(ALL) NOPASSWD: /bin/systemctl stop raspap-network-activity@*.service +www-data ALL=(ALL) NOPASSWD:/bin/systemctl start raspap-network-activity@*.service +www-data ALL=(ALL) NOPASSWD:/bin/systemctl stop raspap-network-activity@*.service +www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/wpa_conf_* /etc/wpa_supplicant/wpa_supplicant.conf diff --git a/installers/raspbian.sh b/installers/raspbian.sh index 6f667147..c65a3568 100755 --- a/installers/raspbian.sh +++ b/installers/raspbian.sh @@ -308,7 +308,10 @@ function _check_internet() { tput civis # hide cursor # run check in background - ( curl -Is --connect-timeout 3 --max-time 15 https://github.com | head -n 1 | grep "HTTP/2 200" >/dev/null ) & + ( + curl -Is --connect-timeout 3 --max-time 15 https://github.com \ + | grep -q "^HTTP/2 200" + ) & local pid=$! # display spinner while curl runs @@ -318,8 +321,9 @@ function _check_internet() { done printf "\r" - # check exit status of curl - wait $pid || exit_code=$? + # capture exit status + wait "$pid" + exit_code=$? tput cnorm # restore cursor diff --git a/installers/uninstall.sh b/installers/uninstall.sh index 9ee7b929..0d68545d 100755 --- a/installers/uninstall.sh +++ b/installers/uninstall.sh @@ -48,21 +48,24 @@ function _get_linux_distro() { # Sets php package option based on Linux version, abort if unsupported distro function _set_php_package() { case $RELEASE in + 13) # Debian 13 trixie + php_package="php8.4-fpm" + phpiniconf="/etc/php/8.4/fpm/php.ini" ;; 23.05|12*) # Debian 12 & Armbian 23.05 php_package="php8.2-cgi" - phpcgiconf="/etc/php/8.2/cgi/php.ini" ;; + phpiniconf="/etc/php/8.2/cgi/php.ini" ;; 23.04) # Ubuntu Server 23.04 php_package="php8.1-cgi" - phpcgiconf="/etc/php/8.1/cgi/php.ini" ;; + phpiniconf="/etc/php/8.1/cgi/php.ini" ;; 22.04|20.04|18.04|19.10|11*) # Previous Ubuntu Server, Debian & Armbian distros php_package="php7.4-cgi" - phpcgiconf="/etc/php/7.4/cgi/php.ini" ;; + phpiniconf="/etc/php/7.4/cgi/php.ini" ;; 10*|11*) php_package="php7.3-cgi" - phpcgiconf="/etc/php/7.3/cgi/php.ini" ;; + phpiniconf="/etc/php/7.3/cgi/php.ini" ;; 9*) php_package="php7.0-cgi" - phpcgiconf="/etc/php/7.0/cgi/php.ini" ;; + phpiniconf="/etc/php/7.0/cgi/php.ini" ;; 8) _install_error "${DESC} and php5 are unsupported." exit 1 ;; @@ -127,11 +130,11 @@ function _check_for_backups() { sudo cp "$raspap_dir/backups/dhcpcd.conf" /etc/dhcpcd.conf fi fi - if [ -f "$raspap_dir/backups/php.ini" ] && [ -f "$phpcgiconf" ]; then + if [ -f "$raspap_dir/backups/php.ini" ] && [ -f "$phpiniconf" ]; then echo -n "Restore the last php.ini file? [y/N]: " read answer if [[ $answer -eq 'y' ]]; then - sudo cp "$raspap_dir/backups/php.ini" "$phpcgiconf" + sudo cp "$raspap_dir/backups/php.ini" "$phpiniconf" fi fi fi diff --git a/plugins b/plugins index 054f6bc0..b8e51de4 160000 --- a/plugins +++ b/plugins @@ -1 +1 @@ -Subproject commit 054f6bc0abe6999ddd629cc6878d5ada1749a6e8 +Subproject commit b8e51de4480fa502ab88e861604f13a91c2233a4 diff --git a/src/RaspAP/Networking/Hotspot/DhcpcdManager.php b/src/RaspAP/Networking/Hotspot/DhcpcdManager.php index 9b8f58db..b49e9285 100644 --- a/src/RaspAP/Networking/Hotspot/DhcpcdManager.php +++ b/src/RaspAP/Networking/Hotspot/DhcpcdManager.php @@ -41,7 +41,7 @@ class DhcpcdManager { // determine static IP, routers, DNS $jsonData = $this->getInterfaceConfig($ap_iface); - //error_log("DhcpcdManager::buildConfig() jsonData =" . print_r($jsonData, true)); + $ip_address = empty($jsonData['StaticIP']) ? getDefaultNetValue('dhcp', $ap_iface, 'static ip_address') : $jsonData['StaticIP']; @@ -485,6 +485,21 @@ class DhcpcdManager } } } + } else { + // fallback to defaults + $rangeRaw = getDefaultNetValue('dnsmasq', $iface, 'dhcp-range'); + if ($rangeRaw) { + $result['DHCPEnabled'] = true; + $rangeParts = explode(',', $rangeRaw); + $result['RangeStart'] = $rangeParts[0] ?? null; + $result['RangeEnd'] = $rangeParts[1] ?? null; + $result['RangeMask'] = $rangeParts[2] ?? null; + $leaseSpec = $rangeParts[3] ?? null; + if ($leaseSpec && preg_match('/^(\d+)([smhd])?$/i', $leaseSpec, $m)) { + $result['leaseTime'] = $m[1]; + $result['leaseTimeInterval'] = $m[2] ?? 'h'; + } + } } // dhcpcd @@ -513,6 +528,11 @@ class DhcpcdManager $result['FallbackEnabled'] = (bool) preg_match('/fallback\s+static_' . preg_quote($iface, '/') . '/i', $block); $result['DefaultRoute'] = (bool) preg_match('/\bgateway\b/', $block); $result['NoHookWPASupplicant'] = (bool) preg_match('/nohook\s+wpa_supplicant/i', $block); + } else { + $result['StaticIP'] = getDefaultNetValue('dhcp', $iface, 'static ip_address'); + $result['SubnetMask'] = getDefaultNetValue('dhcp', $iface, 'subnetmask'); + $result['StaticRouters'] = getDefaultNetValue('dhcp', $iface, 'static routers'); + $result['StaticDNS'] = getDefaultNetValue('dhcp', $iface, 'static domain_name_server'); } } return $result; diff --git a/src/RaspAP/Networking/Hotspot/DnsmasqManager.php b/src/RaspAP/Networking/Hotspot/DnsmasqManager.php index 49bb8ee7..ddfb1aa5 100644 --- a/src/RaspAP/Networking/Hotspot/DnsmasqManager.php +++ b/src/RaspAP/Networking/Hotspot/DnsmasqManager.php @@ -61,8 +61,17 @@ class DnsmasqManager * @return array $config * @throws \RuntimeException */ - public function buildConfig(array $syscfg, string $iface, bool $wifiAPEnable, bool $bridgedEnable): array + public function buildConfig(?array $syscfg, string $iface, bool $wifiAPEnable, bool $bridgedEnable): array { + // fallback: if no syscfg for interface seed with defaults + if ($syscfg === null) { + $syscfg = []; + $dhcp_range = getDefaultNetValue('dnsmasq', $iface, 'dhcp-range'); + if ($dhcp_range !== false) { + $syscfg['dhcp-range'] = $dhcp_range; + } + } + if ($wifiAPEnable == 1) { // Enable uap0 configuration for ap-sta mode // Set dhcp-range from system config, fallback to default if undefined @@ -159,7 +168,7 @@ class DnsmasqManager if ($post_data['no-resolv'] == "1") { $config[] = "no-resolv"; } - foreach ($post_data['server'] as $server) { + foreach (($post_data['server'] ?? []) as $server) { $config[] = "server=$server"; } if (!empty($post_data['DNS1'])) { diff --git a/src/RaspAP/Networking/Hotspot/WiFiManager.php b/src/RaspAP/Networking/Hotspot/WiFiManager.php index 316ba074..1c69e49e 100644 --- a/src/RaspAP/Networking/Hotspot/WiFiManager.php +++ b/src/RaspAP/Networking/Hotspot/WiFiManager.php @@ -313,6 +313,8 @@ class WiFiManager */ public function setKnownStationsWPA($networks) { + $this->ensureWpaSupplicant(); + $iface = escapeshellarg($_SESSION['wifi_client_interface']); $output = shell_exec("sudo wpa_cli -i $iface list_networks 2>&1"); @@ -475,5 +477,41 @@ class WiFiManager return false; } + /** + * Ensures /etc/wpa_supplicant/wpa_supplicant.conf exists with minimal safe contents + * Does not overwrite an existing file + * + * @throws \RuntimeException on permission or write failure + */ + public function ensureWpaSupplicant(): void + { + $confPath = '/etc/wpa_supplicant/wpa_supplicant.conf'; + + if (file_exists($confPath)) { + return; + } + + $contents = << 0) { $enabled = true; } exec('pidof dnsmasq | wc -l', $dnsmasq); $dnsmasq_state = ($dnsmasq[0] > 0); - $status = $dnsmasq_state && $enabled ? true : false; + + $status = $dnsmasq_state && $enabled; return $status; } diff --git a/src/RaspAP/UI/Dashboard.php b/src/RaspAP/UI/Dashboard.php index fea6804a..3f31811a 100644 --- a/src/RaspAP/UI/Dashboard.php +++ b/src/RaspAP/UI/Dashboard.php @@ -301,14 +301,12 @@ class Dashboard { */ public function firewallEnabled(): bool { - $conf = array(); - if (file_exists($this->firewallConfig) ) { - $conf = parse_ini_file($this->firewallConfig); + if (!file_exists($this->firewallConfig)) { + return false; } - if ($conf["firewall-enable"] == 1) { - return true; - } - return false; + + $conf = parse_ini_file($this->firewallConfig) ?: []; + return !empty($conf['firewall-enable']) && (int)$conf['firewall-enable'] === 1; } /* diff --git a/templates/login.php b/templates/login.php index 071876c7..990632ad 100755 --- a/templates/login.php +++ b/templates/login.php @@ -8,7 +8,7 @@
- +
diff --git a/templates/wg/logging.php b/templates/wg/logging.php index 26ab9e5d..6e52e956 100644 --- a/templates/wg/logging.php +++ b/templates/wg/logging.php @@ -8,7 +8,7 @@ aria-describedby="wgLogEnable">
- '.htmlspecialchars($wg_log, ENT_QUOTES).''; + '.htmlspecialchars($log, ENT_QUOTES).''; ?>