You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

216 lines
7.6 KiB

#!/bin/bash
# Wifi Hotspot app for YunoHost
# Copyright (C) 2015 Julien Vaubourg <julien@vaubourg.com>
# Contribute at https://github.com/jvaubourg/hotspot_ynh
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# Retrieve arguments
domain=${1}
url_path=${2}
wifi_ssid=${3}
wifi_passphrase=${4}
firmware_nonfree=${5}
##
## These arguments are optional but YunoHost is not yet able to handle them with the web installer
## See manifest.json.options
##
#
#ip6_net=${6}
# Check arguments
if [ -z "${wifi_ssid}" -o -z "${wifi_passphrase}" ]; then
echo "ERROR: Your Wifi Hotspot needs a name and a password" >&2
exit 1
fi
wifi_passphrase_length="$(echo -n "${wifi_passphrase}" | wc -c)"
if [ "${wifi_passphrase_length}" -lt 8 -o "${wifi_passphrase_length}" -gt 63 ]; then
echo "ERROR: Your password must from 8 to 63 characters (WPA2 passphrase)" >&2
exit 1
fi
echo "${wifi_passphrase}" | grep -qP '[^[:print:]]'
if [ $? -eq 0 ]; then
echo "ERROR: Only printable ASCII characters are permitted in your password (WPA2 passphrase)" >&2
exit 1
fi
# Check domain/path availability
sudo yunohost app checkurl ${domain}${url_path} -a hotspot
if [ ! $? -eq 0 ]; then
exit 1
fi
# Install packages
packages='php5-fpm sipcalc hostapd iptables wireless-tools dnsmasq'
export DEBIAN_FRONTEND=noninteractive
# Packaged USB Wireless Device firmwares
# Based on https://wiki.debian.org/WiFi#USB_Devices
if [ "${firmware_nonfree}" == yes ]; then
packages="$packages firmware-atheros atmel-firmware firmware-linux-free firmware-linux-nonfree firmware-realtek firmware-ralink firmware-libertas zd1211-firmware"
else
packages="$packages firmware-linux-free"
fi
sudo apt-get --assume-yes --force-yes install ${packages}
if [ $? -ne 0 ]; then
sudo apt-get update
sudo apt-get --assume-yes --force-yes install ${packages}
fi
# Compute extra arguments
if [ -z "${ip6_net}" ]; then
ip6_net=none
ip6_addr=none
if [ -e /tmp/.ynh-vpnclient-started ]; then
vpnclient_ip6_net=$(sudo yunohost app setting vpnclient ip6_net 2>&1)
vpnclient_ip6_addr=$(sudo yunohost app setting vpnclient ip6_addr 2>&1)
if [[ "${vpnclient_ip6_net}" =~ :: && "${vpnclient_ip6_addr}" =~ :: ]]; then
ip6_net=${vpnclient_ip6_net}
ip6_addr=${vpnclient_ip6_addr}
fi
fi
#else
# ip6_net=$(bash ../conf/ipv6_expanded "${ip6_net}")
#
# if [ -z "${ip6_net}" ]; then
# echo "ERROR: The IPv6 Delegated Prefix format looks bad" >&2
# exit 1
# fi
#
# ip6_addr="$(echo "${ip6_net}" | cut -d: -f1-7):42"
# ip6_net=$(bash ../conf/ipv6_compressed "${ip6_net}")
# ip6_addr=$(bash ../conf/ipv6_compressed "${ip6_addr}")
fi
wifi_device=$(sudo iwconfig 2>&1 | grep 802.11 | head -n1 | awk '{ print $1 }')
wifi_n=0
if [ -z "${wifi_device}" ]; then
echo "ERROR: No wifi interface found" >&2
exit 1
fi
sudo iwconfig "${wifi_device}" | grep -q 'n *ESSID'
if [ $? -eq 0 ]; then
wifi_n=1
fi
# Save arguments
sudo yunohost app setting hotspot service_enabled -v 1
sudo yunohost app setting hotspot wifi_ssid -v "${wifi_ssid}"
sudo yunohost app setting hotspot wifi_secure -v 1
sudo yunohost app setting hotspot wifi_passphrase -v "${wifi_passphrase}"
sudo yunohost app setting hotspot wifi_device -v "${wifi_device}"
sudo yunohost app setting hotspot wifi_channel -v 6
sudo yunohost app setting hotspot wifi_n -v "${wifi_n}"
sudo yunohost app setting hotspot ip6_addr -v "${ip6_addr}"
sudo yunohost app setting hotspot ip6_net -v "${ip6_net}"
sudo yunohost app setting hotspot ip6_dns0 -v 2001:913::8
sudo yunohost app setting hotspot ip6_dns1 -v 2001:910:800::12
sudo yunohost app setting hotspot ip4_dns0 -v 80.67.188.188
sudo yunohost app setting hotspot ip4_dns1 -v 80.67.169.12
sudo yunohost app setting hotspot ip4_nat_prefix -v 10.0.242
sudo yunohost app setting hotspot vpnclient -v no
# Install IPv6 scripts
sudo install -o root -g root -m 0755 ../conf/ipv6_expanded /usr/local/bin/
sudo install -o root -g root -m 0755 ../conf/ipv6_compressed /usr/local/bin/
# Copy confs
sudo mkdir -pm 0755 /var/log/nginx/
sudo mkdir -pm 0755 /etc/dnsmasq.d.tpl/
sudo chown root: /etc/dnsmasq.d.tpl/
sudo install -b -o root -g root -m 0644 ../conf/hostapd.conf.tpl /etc/hostapd/
sudo install -b -o root -g root -m 0644 ../conf/dnsmasq_dhcpdv6.conf.tpl /etc/dnsmasq.d.tpl/dhcpdv6.conf.tpl
sudo install -b -o root -g root -m 0644 ../conf/dnsmasq_dhcpdv4.conf.tpl /etc/dnsmasq.d.tpl/dhcpdv4.conf.tpl
sudo install -b -o root -g root -m 0644 ../conf/nginx_wifiadmin.conf "/etc/nginx/conf.d/${domain}.d/wifiadmin.conf"
sudo install -b -o root -g root -m 0644 ../conf/phpfpm_wifiadmin.conf /etc/php5/fpm/pool.d/wifiadmin.conf
# Copy (free) firmwares
# Extract from http://packages.trisquel.info/toutatis-updates/open-ath9k-htc-firmware
# https://www.fsf.org/news/ryf-certification-thinkpenguin-usb-with-atheros-chip
sudo install -b -o root -g root -m 0644 ../conf/firmware_htc-7010.fw /lib/firmware/htc-7010.fw
sudo install -b -o root -g root -m 0644 ../conf/firmware_htc-9271.fw /lib/firmware/htc-9271.fw
# Copy web sources
sudo mkdir -pm 0755 /var/www/wifiadmin/
sudo cp -a ../sources/* /var/www/wifiadmin/
sudo chown -R root: /var/www/wifiadmin/
sudo chmod -R 0644 /var/www/wifiadmin/*
sudo find /var/www/wifiadmin/ -type d -exec chmod +x {} \;
# Fix confs
## hostapd
sudo sed 's|^DAEMON_CONF=$|&/etc/hostapd/hostapd.conf|' -i /etc/init.d/hostapd
## nginx
sudo sed "s|<TPL:NGINX_LOCATION>|${url_path}|g" -i "/etc/nginx/conf.d/${domain}.d/wifiadmin.conf"
sudo sed 's|<TPL:NGINX_REALPATH>|/var/www/wifiadmin/|g' -i "/etc/nginx/conf.d/${domain}.d/wifiadmin.conf"
sudo sed 's|<TPL:PHP_NAME>|wifiadmin|g' -i "/etc/nginx/conf.d/${domain}.d/wifiadmin.conf"
## php-fpm
sudo sed 's|<TPL:PHP_NAME>|wifiadmin|g' -i /etc/php5/fpm/pool.d/wifiadmin.conf
sudo sed 's|<TPL:PHP_USER>|admin|g' -i /etc/php5/fpm/pool.d/wifiadmin.conf
sudo sed 's|<TPL:PHP_GROUP>|admins|g' -i /etc/php5/fpm/pool.d/wifiadmin.conf
sudo sed 's|<TPL:NGINX_REALPATH>|/var/www/wifiadmin/|g' -i /etc/php5/fpm/pool.d/wifiadmin.conf
# Fix sources
sudo sed "s|<TPL:NGINX_LOCATION>|${url_path}|g" -i /var/www/wifiadmin/config.php
# Copy init script
sudo install -o root -g root -m 0755 ../conf/init_ynh-hotspot /etc/init.d/ynh-hotspot
# Update firewall for DHCP
sudo yunohost firewall allow --no-upnp --ipv6 UDP 547
sudo yunohost firewall allow --no-upnp UDP 67
# Set default inits
# The boot order of these services are important, so they are disabled by default
# and the ynh-hotspot service handles them.
# All services are registred by yunohost in order to prevent conflicts after the uninstall.
sudo yunohost service add hostapd
sudo yunohost service stop hostapd
sudo yunohost service disable hostapd
sudo yunohost service add php5-fpm
sudo yunohost service enable php5-fpm
sudo service nginx reload
# Remove IPv6 address set if there is a VPN installed
if [ "${ip6_addr}" != none ]; then
sudo ip -6 address show dev tun0 2> /dev/null | grep -q "${ip6_addr}/"
if [ "$?" -eq 0 ]; then
sudo ip address delete "${ip6_addr}/128" dev tun0 &> /dev/null
fi
fi
sudo yunohost service add ynh-hotspot
sudo yunohost service enable ynh-hotspot
sudo service ynh-hotspot start
# Update SSO for wifiadmin
sudo yunohost app ssowatconf
exit 0