YunoHost-Apps/hotspot_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/hotspot_ynh.git synced 2024-09-03 19:25:53 +02:00
Code Issues Activity Actions

Merge 42072cbd92 into 023e82ef7f

Browse source
This commit is contained in:
ljf (zamentur) 2024-08-19 19:26:09 +02:00 committed by GitHub
commit b15190515a
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
22 changed files with 314 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
ALL_README.md
View file

@ -5,4 +5,6 @@
- [Irakurri README euskaraz](README_eu.md) - [Irakurri README euskaraz](README_eu.md)
- [Lire le README en français](README_fr.md) - [Lire le README en français](README_fr.md)
- [Le o README en galego](README_gl.md) - [Le o README en galego](README_gl.md)
- [Baca README dalam bahasa bahasa Indonesia](README_id.md)
- [Прочитать README на русский](README_ru.md)
- [阅读中文(简体)的 README](README_zh_Hans.md) - [阅读中文(简体)的 README](README_zh_Hans.md)

2
README.md
View file

@ -5,7 +5,7 @@ It shall NOT be edited by hand.
# Wifi Hotspot for YunoHost # Wifi Hotspot for YunoHost
[![Integration level](https://dash.yunohost.org/integration/hotspot.svg)](https://dash.yunohost.org/appci/app/hotspot) ![Working status](https://ci-apps.yunohost.org/ci/badges/hotspot.status.svg) ![Maintenance status](https://ci-apps.yunohost.org/ci/badges/hotspot.maintain.svg) [![Integration level](https://dash.yunohost.org/integration/hotspot.svg)](https://ci-apps.yunohost.org/ci/apps/hotspot/) ![Working status](https://ci-apps.yunohost.org/ci/badges/hotspot.status.svg) ![Maintenance status](https://ci-apps.yunohost.org/ci/badges/hotspot.maintain.svg)
[![Install Wifi Hotspot with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=hotspot) [![Install Wifi Hotspot with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=hotspot)

2
README_es.md
View file

@ -5,7 +5,7 @@ No se debe editar a mano.
# Wifi Hotspot para Yunohost # Wifi Hotspot para Yunohost
[![Nivel de integración](https://dash.yunohost.org/integration/hotspot.svg)](https://dash.yunohost.org/appci/app/hotspot) ![Estado funcional](https://ci-apps.yunohost.org/ci/badges/hotspot.status.svg) ![Estado En Mantención](https://ci-apps.yunohost.org/ci/badges/hotspot.maintain.svg) [![Nivel de integración](https://dash.yunohost.org/integration/hotspot.svg)](https://ci-apps.yunohost.org/ci/apps/hotspot/) ![Estado funcional](https://ci-apps.yunohost.org/ci/badges/hotspot.status.svg) ![Estado En Mantención](https://ci-apps.yunohost.org/ci/badges/hotspot.maintain.svg)
[![Instalar Wifi Hotspot con Yunhost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=hotspot) [![Instalar Wifi Hotspot con Yunhost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=hotspot)

2
README_eu.md
View file

@ -5,7 +5,7 @@ EZ editatu eskuz.
# Wifi Hotspot YunoHost-erako # Wifi Hotspot YunoHost-erako
[![Integrazio maila](https://dash.yunohost.org/integration/hotspot.svg)](https://dash.yunohost.org/appci/app/hotspot) ![Funtzionamendu egoera](https://ci-apps.yunohost.org/ci/badges/hotspot.status.svg) ![Mantentze egoera](https://ci-apps.yunohost.org/ci/badges/hotspot.maintain.svg) [![Integrazio maila](https://dash.yunohost.org/integration/hotspot.svg)](https://ci-apps.yunohost.org/ci/apps/hotspot/) ![Funtzionamendu egoera](https://ci-apps.yunohost.org/ci/badges/hotspot.status.svg) ![Mantentze egoera](https://ci-apps.yunohost.org/ci/badges/hotspot.maintain.svg)
[![Instalatu Wifi Hotspot YunoHost-ekin](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=hotspot) [![Instalatu Wifi Hotspot YunoHost-ekin](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=hotspot)

2
README_fr.md
View file

@ -5,7 +5,7 @@ Il NE doit PAS être modifié à la main.
# Wifi Hotspot pour YunoHost # Wifi Hotspot pour YunoHost
[![Niveau dintégration](https://dash.yunohost.org/integration/hotspot.svg)](https://dash.yunohost.org/appci/app/hotspot) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/hotspot.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/hotspot.maintain.svg) [![Niveau dintégration](https://dash.yunohost.org/integration/hotspot.svg)](https://ci-apps.yunohost.org/ci/apps/hotspot/) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/hotspot.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/hotspot.maintain.svg)
[![Installer Wifi Hotspot avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=hotspot) [![Installer Wifi Hotspot avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=hotspot)

2
README_gl.md
View file

@ -5,7 +5,7 @@ NON debe editarse manualmente.
# Wifi Hotspot para YunoHost # Wifi Hotspot para YunoHost
[![Nivel de integración](https://dash.yunohost.org/integration/hotspot.svg)](https://dash.yunohost.org/appci/app/hotspot) ![Estado de funcionamento](https://ci-apps.yunohost.org/ci/badges/hotspot.status.svg) ![Estado de mantemento](https://ci-apps.yunohost.org/ci/badges/hotspot.maintain.svg) [![Nivel de integración](https://dash.yunohost.org/integration/hotspot.svg)](https://ci-apps.yunohost.org/ci/apps/hotspot/) ![Estado de funcionamento](https://ci-apps.yunohost.org/ci/badges/hotspot.status.svg) ![Estado de mantemento](https://ci-apps.yunohost.org/ci/badges/hotspot.maintain.svg)
[![Instalar Wifi Hotspot con YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=hotspot) [![Instalar Wifi Hotspot con YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=hotspot)

47
README_id.md Normal file
View file

@ -0,0 +1,47 @@
<!--
N.B.: README ini dibuat secara otomatis oleh <https://github.com/YunoHost/apps/tree/master/tools/readme_generator>
Ini TIDAK boleh diedit dengan tangan.
-->
# Wifi Hotspot untuk YunoHost
[![Tingkat integrasi](https://dash.yunohost.org/integration/hotspot.svg)](https://ci-apps.yunohost.org/ci/apps/hotspot/) ![Status kerja](https://ci-apps.yunohost.org/ci/badges/hotspot.status.svg) ![Status pemeliharaan](https://ci-apps.yunohost.org/ci/badges/hotspot.maintain.svg)
[![Pasang Wifi Hotspot dengan YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=hotspot)
*[Baca README ini dengan bahasa yang lain.](./ALL_README.md)*
> *Paket ini memperbolehkan Anda untuk memasang Wifi Hotspot secara cepat dan mudah pada server YunoHost.*
> *Bila Anda tidak mempunyai YunoHost, silakan berkonsultasi dengan [panduan](https://yunohost.org/install) untuk mempelajari bagaimana untuk memasangnya.*
## Ringkasan
* Broadcast a Wi-Fi access point from your self-hosted server
* Combine with the [VPN Client app](https://github.com/labriqueinternet/vpnclient_ynh) to obtain a VPN-protected WiFi
**Versi terkirim:** 2.3.1~ynh1
## Tangkapan Layar
![Tangkapan Layar pada Wifi Hotspot](./doc/screenshots/hotspot.png)
## Dokumentasi dan sumber daya
- Website aplikasi resmi: <https://internetcu.be/>
- Gudang YunoHost: <https://apps.yunohost.org/app/hotspot>
- Laporkan bug: <https://github.com/YunoHost-Apps/hotspot_ynh/issues>
## Info developer
Silakan kirim pull request ke [`testing` branch](https://github.com/YunoHost-Apps/hotspot_ynh/tree/testing).
Untuk mencoba branch `testing`, silakan dilanjutkan seperti:
```bash
sudo yunohost app install https://github.com/YunoHost-Apps/hotspot_ynh/tree/testing --debug
atau
sudo yunohost app upgrade hotspot -u https://github.com/YunoHost-Apps/hotspot_ynh/tree/testing --debug
```
**Info lebih lanjut mengenai pemaketan aplikasi:** <https://yunohost.org/packaging_apps>

47
README_ru.md Normal file
View file

@ -0,0 +1,47 @@
<!--
Важно: этот README был автоматически сгенерирован <https://github.com/YunoHost/apps/tree/master/tools/readme_generator>
Он НЕ ДОЛЖЕН редактироваться вручную.
-->
# Wifi Hotspot для YunoHost
[![Уровень интеграции](https://dash.yunohost.org/integration/hotspot.svg)](https://ci-apps.yunohost.org/ci/apps/hotspot/) ![Состояние работы](https://ci-apps.yunohost.org/ci/badges/hotspot.status.svg) ![Состояние сопровождения](https://ci-apps.yunohost.org/ci/badges/hotspot.maintain.svg)
[![Установите Wifi Hotspot с YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=hotspot)
*[Прочтите этот README на других языках.](./ALL_README.md)*
> *Этот пакет позволяет Вам установить Wifi Hotspot быстро и просто на YunoHost-сервер.*
> *Если у Вас нет YunoHost, пожалуйста, посмотрите [инструкцию](https://yunohost.org/install), чтобы узнать, как установить его.*
## Обзор
* Broadcast a Wi-Fi access point from your self-hosted server
* Combine with the [VPN Client app](https://github.com/labriqueinternet/vpnclient_ynh) to obtain a VPN-protected WiFi
**Поставляемая версия:** 2.3.1~ynh1
## Снимки экрана
![Снимок экрана Wifi Hotspot](./doc/screenshots/hotspot.png)
## Документация и ресурсы
- Официальный веб-сайт приложения: <https://internetcu.be/>
- Магазин YunoHost: <https://apps.yunohost.org/app/hotspot>
- Сообщите об ошибке: <https://github.com/YunoHost-Apps/hotspot_ynh/issues>
## Информация для разработчиков
Пришлите Ваш запрос на слияние в [ветку `testing`](https://github.com/YunoHost-Apps/hotspot_ynh/tree/testing).
Чтобы попробовать ветку `testing`, пожалуйста, сделайте что-то вроде этого:
```bash
sudo yunohost app install https://github.com/YunoHost-Apps/hotspot_ynh/tree/testing --debug
или
sudo yunohost app upgrade hotspot -u https://github.com/YunoHost-Apps/hotspot_ynh/tree/testing --debug
```
**Больше информации о пакетировании приложений:** <https://yunohost.org/packaging_apps>

2
README_zh_Hans.md
View file

@ -5,7 +5,7 @@
# YunoHost 上的 Wifi Hotspot # YunoHost 上的 Wifi Hotspot
[![集成程度](https://dash.yunohost.org/integration/hotspot.svg)](https://dash.yunohost.org/appci/app/hotspot) ![工作状态](https://ci-apps.yunohost.org/ci/badges/hotspot.status.svg) ![维护状态](https://ci-apps.yunohost.org/ci/badges/hotspot.maintain.svg) [![集成程度](https://dash.yunohost.org/integration/hotspot.svg)](https://ci-apps.yunohost.org/ci/apps/hotspot/) ![工作状态](https://ci-apps.yunohost.org/ci/badges/hotspot.status.svg) ![维护状态](https://ci-apps.yunohost.org/ci/badges/hotspot.maintain.svg)
[![使用 YunoHost 安装 Wifi Hotspot](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=hotspot) [![使用 YunoHost 安装 Wifi Hotspot](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=hotspot)

13
conf/captiveportal_fakedns.service Normal file
View file

@ -0,0 +1,13 @@
[Unit]
Description=YunoHost Wifi Captive Portal
Requires=network.target
After=network.target
[Service]
Type=oneshot
User=root
ExecStart=/usr/local/bin/captiveportal_fakedns
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target

6
conf/nginx.conf Normal file
View file

@ -0,0 +1,6 @@
location / {
if ($remote_addr ~ "^__IP4_NAT_PREFIX__.\d+$") {
return 302 __CAPTIVE_PORTAL_URL__;
}
return 302 https://$http_host/yunohost/admin;
}

12
config_panel.toml
View file

@ -108,3 +108,15 @@ name = "Configuration"
pattern.regexp = '^([0-9.]{7,15}|[0-9a-fA-F:]+)$' pattern.regexp = '^([0-9.]{7,15}|[0-9a-fA-F:]+)$'
pattern.error = "Not an ip" pattern.error = "Not an ip"
[main.hotspot.captive_portal]
ask = "Captive portal"
type = "boolean"
visible = "advanced"
help = "Activate the captive portal mode"
[main.hotspot.captive_portal_url]
ask = "Local captive portal URL"
type = "string"
visible = "advanced && captive_portal"
help = "Local URL on which redirect onto when the user mac address is not yet allowed"

57
hooks/post_iptables_rules Normal file
View file

@ -0,0 +1,57 @@
#!/bin/bash
wifi_device=$(ynh_app_setting_get --app=$app --key=wifi_device)
captive_portal=$(ynh_app_setting_get --app=$app --key=captive_portal)
ip4_prefix=$(ynh_app_setting_get --app=$app --key=ip4_nat_prefix)
ip6_prefix=$(ynh_app_setting_get --app=$app --key=ip6_net)
iptables -w -N hotspot_fwd
ip6tables -w -N hotspot_fwd
if [[ "${captive_portal}" != "1" ]]
then
exit 0
fi
for iptables_cmd in iptables ip6tables;
do
if [[ "${iptables_cmd}" == "iptables" ]]; then
prefix="${ip4_prefix}"
ip="${ip4_prefix}.1"
subnet="${ip4_prefix}.0/24"
else
prefix="${ip6_prefix}"
ip="${ip6_prefix}1"
subnet="${ip6_prefix}1/64"
fi
mac_addresses=$(grep "${prefix}" /etc/hostapd/$app/allowed.csv | cut -d, -f3)
# Allow to request 4253 port
$iptables_cmd -w -A INPUT -i "${wifi_device}" -m udp -p udp --dport 4253 -j ACCEPT
# Drop all packets going on external internet
$iptables_cmd -w -A hotspot_fwd -s "${subnet}" -j DROP
# Force to use the fakeDNS
$iptables_cmd -w -A PREROUTING -i "${wifi_device}" -s "${subnet}" -p udp --dport 53 -j DNAT --to-destination "${ip}:4253"
# Make things working with DoH
# Warning: this rules to ssupport DoH let info in nginx logs on which website the user try to access...
# Only activating 80 and not 443 reduces a bit the issues.
# A better approach could be to list all ips used by domains dedicated to captive portal detection.
$iptables_cmd -w -A PREROUTING -i "${wifi_device}" -s "${subnet}" -p tcp --dport 80 -j DNAT --to-destination "${ip}:80"
#$iptables_cmd -w -A PREROUTING -i "${wifi_device}" -s "${subnet}" -p tcp --dport 443 -j DNAT --to-destination "${ip}:443"
# Maybe needed, maybe not (i din't need this when vpn is activated)
#$iptables_cmd -t nat -A POSTROUTING -o "${wifi_device}" -j MASQUERADE
# Allow specific mac adress to use external internet
for mac in ${mac_addresses}; do
$iptables_cmd -w -I hotspot_fwd 1 -s "${subnet}" -m mac --mac-source "${mac}" -j ACCEPT
$iptables_cmd -t nat -w -I PREROUTING 1 -i "${wifi_device}" -s "${subnet}" -m mac --mac-source "${mac}" -j ACCEPT
done
$iptables_cmd -w -I FORWARD 1 -i "${wifi_device}" -j hotspot_fwd
done
exit 0

3
scripts/backup
View file

@ -24,12 +24,15 @@ ynh_backup --src_path="/etc/dnsmasq.$app/dhcpdv6.conf" --not_mandatory
ynh_backup --src_path="/etc/dnsmasq.$app/dhcpdv4.conf" --not_mandatory ynh_backup --src_path="/etc/dnsmasq.$app/dhcpdv4.conf" --not_mandatory
ynh_backup --src_path="/usr/local/bin/$service_name" ynh_backup --src_path="/usr/local/bin/$service_name"
ynh_backup --src_path="/usr/local/bin/captiveportal_fakedns"
ynh_backup --src_path="/usr/local/bin/captiveportal_allow"
ynh_backup --src_path="/etc/openvpn/scripts/route-up.d/90-$service_name" ynh_backup --src_path="/etc/openvpn/scripts/route-up.d/90-$service_name"
ynh_backup --src_path="/etc/openvpn/scripts/route-down.d/90-$service_name" ynh_backup --src_path="/etc/openvpn/scripts/route-down.d/90-$service_name"
ynh_backup --src_path="/etc/systemd/system/$service_name.service" ynh_backup --src_path="/etc/systemd/system/$service_name.service"
ynh_backup --src_path="/etc/systemd/system/hostapd@$app.service" ynh_backup --src_path="/etc/systemd/system/hostapd@$app.service"
ynh_backup --src_path="/etc/systemd/system/captiveportal_fakedns.service"
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT

16
scripts/config
View file

@ -196,6 +196,22 @@ ynh_app_config_apply() {
yunohost service stop $service_name yunohost service stop $service_name
_ynh_app_config_apply _ynh_app_config_apply
# Activate captive portal or not
captive_portal=$(ynh_app_setting_get --app=$app --key=captive_portal)
captive_portal_url=$(ynh_app_setting_get --app=$app --key=captive_portal_url)
domain=$(cut -d'/' -f 3 <<< "${captive_portal_url}")
if [[ "${captive_portal}" -eq 1 ]]; then
ynh_add_nginx_config
ynh_systemd_action --service_name=captiveportal_fakedns --action="start" --log_path=systemd
else
ynh_remove_nginx_config
ynh_systemd_action --service_name=captiveportal_fakedns --action="stop" --log_path=systemd
fi
# Start vpn client
ynh_print_info --message="Starting hotspot service if needed"
/usr/local/bin/ynh-hotspot start
if [[ "${service_enabled}" -eq 1 ]]; then if [[ "${service_enabled}" -eq 1 ]]; then
configure_hostapd configure_hostapd

14
scripts/install
View file

@ -83,6 +83,8 @@ ynh_app_setting_set --app=$app --key=ip6_net --value="${ip6_net}"
ynh_app_setting_set --app=$app --key=ip6_dns --value="${ip6_dns}" ynh_app_setting_set --app=$app --key=ip6_dns --value="${ip6_dns}"
ynh_app_setting_set --app=$app --key=ip4_dns --value="${ip4_dns}" ynh_app_setting_set --app=$app --key=ip4_dns --value="${ip4_dns}"
ynh_app_setting_set --app=$app --key=ip4_nat_prefix --value="${ip4_nat_prefix}" ynh_app_setting_set --app=$app --key=ip4_nat_prefix --value="${ip4_nat_prefix}"
ynh_app_setting_set --app=$app --key=captive_portal --value=0
ynh_app_setting_set --app=$app --key=captive_portal_url --value=""
if [[ -z "$wifi_device" ]]; then if [[ -z "$wifi_device" ]]; then
ynh_app_setting_set --app=$app --key=service_enabled --value=0 ynh_app_setting_set --app=$app --key=service_enabled --value=0
@ -105,10 +107,17 @@ chown root: /etc/hostapd/$app/
mkdir -pm 0755 /etc/dnsmasq.$app/ mkdir -pm 0755 /etc/dnsmasq.$app/
chown root: /etc/dnsmasq.$app/ chown root: /etc/dnsmasq.$app/
touch /etc/hostapd/$app/allowed.csv
# Copy init script # Copy init script
ynh_add_config --template="../conf/ynh-hotspot" --destination="/usr/local/bin/$service_name" ynh_add_config --template="../conf/ynh-hotspot" --destination="/usr/local/bin/$service_name"
chmod 0755 "/usr/local/bin/$service_name" chmod 0755 "/usr/local/bin/$service_name"
ynh_add_config --template="../sources/captiveportal_fakedns" --destination="/usr/local/bin/captiveportal_fakedns"
chmod 0755 "/usr/local/bin/captiveportal_fakedns"
ynh_add_config --template="../sources/captiveportal_allow" --destination="/usr/local/bin/captiveportal_allow"
chmod 0755 "/usr/local/bin/captiveportal_allow"
# Copy openvpn scripts # Copy openvpn scripts
mkdir -pm 0755 /etc/openvpn/scripts mkdir -pm 0755 /etc/openvpn/scripts
mkdir -pm 0755 /etc/openvpn/scripts/route-up.d mkdir -pm 0755 /etc/openvpn/scripts/route-up.d
@ -140,11 +149,14 @@ ynh_script_progression --message="Configuring systemd service..."
# Create a dedicated systemd config # Create a dedicated systemd config
ynh_add_systemd_config --service=$service_name ynh_add_systemd_config --service=$service_name
# Create custom systemd config for hostapd to handle multiple wifi devices # Create custom systemd config for hostapd to handle multiple wifi devices
ynh_add_systemd_config --service="hostapd@$app" --template="../conf/systemd_hostapd.service" ynh_add_systemd_config --service="hostapd@$app" --template="../conf/systemd_hostapd.service"
yunohost service add $service_name --description "Creates a Wi-Fi access point" --test_status "systemctl is-active hostapd@$app" --need_lock yunohost service add $service_name --description "Creates a Wi-Fi access point" --test_status "systemctl is-active hostapd@$app" --need_lock
ynh_add_systemd_config --service="captiveportal_fakedns" --template="../conf/captiveportal_fakedns.service"
yunohost service add captiveportal_fakedns --description "Captive portal dns service" --test_status "systemctl is-active captiveportal_fakedns"
#================================================= #=================================================
# START SYSTEMD SERVICE # START SYSTEMD SERVICE
#================================================= #=================================================

8
scripts/remove
View file

@ -20,8 +20,13 @@ ynh_script_progression --message="Removing $app service"
yunohost service stop $service_name yunohost service stop $service_name
yunohost service remove $service_name yunohost service remove $service_name
ynh_script_progression --message="Removing $app captiveportal_fakedns service"
yunohost service stop captiveportal_fakedns
yunohost service remove captiveportal_fakedns
ynh_remove_systemd_config --service=$service_name ynh_remove_systemd_config --service=$service_name
ynh_remove_systemd_config --service="hostapd@$app" ynh_remove_systemd_config --service="hostapd@$app"
ynh_remove_systemd_config --service=captiveportal_fakedns
#================================================= #=================================================
# REMOVE APP MAIN DIR # REMOVE APP MAIN DIR
@ -31,6 +36,9 @@ ynh_script_progression --message="Removing $app configurations..."
ynh_secure_remove --file="/etc/openvpn/scripts/route-up.d/90-${service_name}" ynh_secure_remove --file="/etc/openvpn/scripts/route-up.d/90-${service_name}"
ynh_secure_remove --file="/etc/openvpn/scripts/route-down.d/90-${service_name}" ynh_secure_remove --file="/etc/openvpn/scripts/route-down.d/90-${service_name}"
ynh_secure_remove --file="/usr/local/bin/$service_name" ynh_secure_remove --file="/usr/local/bin/$service_name"
ynh_secure_remove --file="/usr/local/bin/captiveportal_fakedns"
ynh_secure_remove --file="/usr/local/bin/captiveportal_allow"
ynh_secure_remove --file="/etc/hotspot"
for FILE in $(ls /tmp/.${service_name}-* 2>/dev/null); do for FILE in $(ls /tmp/.${service_name}-* 2>/dev/null); do
ynh_secure_remove --file="$FILE" ynh_secure_remove --file="$FILE"

1
scripts/restore
View file

@ -43,6 +43,7 @@ ynh_script_progression --message="Restoring configurations ..."
ynh_restore ynh_restore
yunohost service add "$service_name" --description "Creates a Wi-Fi access point" --test_status "systemctl is-active hostapd@$app" --need_lock yunohost service add "$service_name" --description "Creates a Wi-Fi access point" --test_status "systemctl is-active hostapd@$app" --need_lock
yunohost service add captiveportal_fakedns --description "Captive portal dns service" --test_status "systemctl is-active captiveportal_fakedns"
#================================================= #=================================================
# START SYSTEMD SERVICE # START SYSTEMD SERVICE

19
scripts/upgrade
View file

@ -45,6 +45,15 @@ if [ -z ${service_name:-} ]; then
ynh_app_setting_set --app=$app --key=service_name --value=$service_name ynh_app_setting_set --app=$app --key=service_name --value=$service_name
fi fi
if [ -z ${captive_portal:-} ]; then
captive_portal=0
ynh_app_setting_set --app=$app --key=captive_portal --value=$captive_portal
fi
if [ -z ${captive_portal_url:-} ]; then
captive_portal_url=""
ynh_app_setting_set --app=$app --key=captive_portal_url --value=$captive_portal_url
fi
if [[ -n "${multissid:-}" ]] && [[ "${multissid}" -gt 1 ]]; then if [[ -n "${multissid:-}" ]] && [[ "${multissid}" -gt 1 ]]; then
wifi_ssid=$(cut -d'|' -f 1 <<< ${wifi_ssid}) wifi_ssid=$(cut -d'|' -f 1 <<< ${wifi_ssid})
wifi_secure=$(cut -d'|' -f 1 <<< ${wifi_secure}) wifi_secure=$(cut -d'|' -f 1 <<< ${wifi_secure})
@ -157,6 +166,8 @@ chown root: /etc/hostapd/$app/
mkdir -pm 0755 /etc/dnsmasq.$app/ mkdir -pm 0755 /etc/dnsmasq.$app/
chown root: /etc/dnsmasq.$app/ chown root: /etc/dnsmasq.$app/
touch /etc/hostapd/$app/allowed.csv
if [[ -n "${wifi_device:-}" ]]; then if [[ -n "${wifi_device:-}" ]]; then
configure_hostapd configure_hostapd
configure_dhcp configure_dhcp
@ -170,6 +181,11 @@ fi
ynh_add_config --template="../conf/ynh-hotspot" --destination="/usr/local/bin/$service_name" ynh_add_config --template="../conf/ynh-hotspot" --destination="/usr/local/bin/$service_name"
chmod 0755 "/usr/local/bin/$service_name" chmod 0755 "/usr/local/bin/$service_name"
ynh_add_config --template="../sources/captiveportal_fakedns" --destination="/usr/local/bin/captiveportal_fakedns"
chmod 0755 "/usr/local/bin/captiveportal_fakedns"
ynh_add_config --template="../sources/captiveportal_allow" --destination="/usr/local/bin/captiveportal_allow"
chmod 0755 "/usr/local/bin/captiveportal_allow"
# Copy openvpn scripts # Copy openvpn scripts
mkdir -pm 0755 /etc/openvpn/scripts mkdir -pm 0755 /etc/openvpn/scripts
mkdir -pm 0755 /etc/openvpn/scripts/route-up.d mkdir -pm 0755 /etc/openvpn/scripts/route-up.d
@ -191,6 +207,9 @@ ynh_add_systemd_config --service="hostapd@$app" --template="../conf/systemd_host
yunohost service add $service_name --description "Creates a Wi-Fi access point" --test_status "systemctl is-active hostapd@$app" --need_lock yunohost service add $service_name --description "Creates a Wi-Fi access point" --test_status "systemctl is-active hostapd@$app" --need_lock
ynh_add_systemd_config --service="captiveportal_fakedns" --template="../conf/captiveportal_fakedns.service"
yunohost service add captiveportal_fakedns --description "Captive portal dns service" --test_status "systemctl is-active captiveportal_fakedns"
#================================================= #=================================================
# START SYSTEMD SERVICE # START SYSTEMD SERVICE
#================================================= #=================================================

11
sources/captiveportal_allow Normal file
View file

@ -0,0 +1,11 @@
#!/bin/bash
date=$(date +"%Y-%m-%d %T")
ip=$1
mac=$(arp -a $ip | cut -d" " -f4 | head -n1)
interface=$(grep wifi_device /etc/yunohost/apps/hotspot/settings.yml | cut -d: -f2 | sed "s/[ ']//g")
if ! grep $mac /etc/hostapd/$app/allowed.csv ; then
echo "$date,$ip,$mac" >> /etc/hostapd/$app/allowed.csv
iptables -w -I hotspot_fwd 1 -s $ip -m mac --mac-source $mac -j ACCEPT
iptables -t nat -w -I PREROUTING 1 -i $interface -s $ip -m mac --mac-source $mac -j ACCEPT
fi

51
sources/captiveportal_fakedns Normal file
View file

@ -0,0 +1,51 @@
#!/usr/bin/perl
use strict;
use warnings;
use Net::DNS::Nameserver;
use IO::Socket::INET;
# This idea was stolen from Net::Address::IP::Local::connected_to()
sub get_local_ip_address {
my $socket = IO::Socket::INET->new(
Proto => 'udp',
PeerAddr => '198.41.0.4', # a.root-servers.net
PeerPort => '53', # DNS
);
# A side-effect of making a socket connection is that our IP address
# is available from the 'sockhost' method
my $local_ip_address = $socket->sockhost;
return $local_ip_address;
}
my $ip4_addr = get_local_ip_address();
sub reply_handler {
my ($qname, $qclass, $qtype, $peerhost,$query,$conn) = @_;
my ($rcode, @ans, @auth, @add);
if($qtype eq "A") {
my ($ttl, $rdata) = (1, $ip4_addr);
my $rr = new Net::DNS::RR("$qname $ttl $qclass $qtype $rdata");
push @ans, $rr;
$rcode = "NOERROR";
} else {
$rcode = "NXDOMAIN";
}
return ($rcode, \@ans, \@auth, \@add, { aa => 1 });
}
my $ns = new Net::DNS::Nameserver(
LocalPort => 4253,
LocalAddr => '0.0.0.0',
ReplyHandler => \&reply_handler,
Verbose => 0
) || die "Couldn't create fake nameserver object.\n";
$ns->main_loop;
exit 0;

2
sources/index.php Normal file
View file

@ -0,0 +1,2 @@
<?php
`/usr/local/bin/captiveportal_allow $_SERVER['REMOTE_ADDR']`;