#!/bin/bash # Wifi Hotspot app for YunoHost # Copyright (C) 2015 Julien Vaubourg # Contribute at https://github.com/jvaubourg/hotspot_ynh # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU Affero General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU Affero General Public License for more details. # # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see . # Retrieve arguments domain=${1} url_path=${2} wifi_ssid=${3} wifi_passphrase=${4} firmware_nonfree=${5} ## ## These arguments are optional but YunoHost is not yet able to handle them with the web installer ## See manifest.json.options ## # #ip6_net=${6} # Check YunoHost version ynh_version=$(sudo dpkg -l yunohost | grep ii | awk '{ print $3 }' | sed 's/\.//g') if [ "${ynh_version}" -lt 220 ]; then echo "ERROR: You need a YunoHost version equals or greater than 2.2.0" exit 1 fi sudo systemctl status dnsmasq status --quiet &> /dev/null if [ $? -ne 0 ]; then echo "ERROR: You need to enable dnsmasq instead of bind9 (apt-get remove bind && systemctl start dnsmasq)" exit 1 fi # Check arguments if [ -z "${wifi_ssid}" -o -z "${wifi_passphrase}" ]; then echo "ERROR: Your Wifi Hotspot needs a name and a password" >&2 exit 1 fi wifi_passphrase_length="$(echo -n "${wifi_passphrase}" | wc -c)" if [ "${wifi_passphrase_length}" -lt 8 -o "${wifi_passphrase_length}" -gt 63 ]; then echo "ERROR: Your password must from 8 to 63 characters (WPA2 passphrase)" >&2 exit 1 fi echo "${wifi_passphrase}" | grep -qP '[^[:print:]]' if [ $? -eq 0 ]; then echo "ERROR: Only printable ASCII characters are permitted in your password (WPA2 passphrase)" >&2 exit 1 fi # Check domain/path availability sudo yunohost app checkurl ${domain}${url_path} -a hotspot if [ ! $? -eq 0 ]; then exit 1 fi # Install packages packages='php5-fpm sipcalc hostapd iptables iw dnsmasq' export DEBIAN_FRONTEND=noninteractive # Packaged USB Wireless Device firmwares # Based on https://wiki.debian.org/WiFi#USB_Devices if [ "${firmware_nonfree}" == yes ]; then packages="$packages firmware-atheros atmel-firmware firmware-linux-free firmware-linux-nonfree firmware-realtek firmware-ralink firmware-libertas zd1211-firmware" else packages="$packages firmware-linux-free" fi sudo apt-get --assume-yes --force-yes install ${packages} if [ $? -ne 0 ]; then sudo apt-get update sudo apt-get --assume-yes --force-yes install ${packages} fi # Copy (free) firmwares # Extract from http://packages.trisquel.info/toutatis-updates/open-ath9k-htc-firmware # https://www.fsf.org/news/ryf-certification-thinkpenguin-usb-with-atheros-chip sudo install -b -o root -g root -m 0644 ../conf/firmware_htc-7010.fw /lib/firmware/htc-7010.fw sudo install -b -o root -g root -m 0644 ../conf/firmware_htc-9271.fw /lib/firmware/htc-9271.fw # Compute extra arguments if [ -z "${ip6_net}" ]; then ip6_net=none ip6_addr=none if [ -e /tmp/.ynh-vpnclient-started ]; then vpnclient_ip6_net=$(sudo yunohost app setting vpnclient ip6_net 2>&1) vpnclient_ip6_addr=$(sudo yunohost app setting vpnclient ip6_addr 2>&1) if [[ "${vpnclient_ip6_net}" =~ :: && "${vpnclient_ip6_addr}" =~ :: ]]; then ip6_net=${vpnclient_ip6_net} ip6_addr=${vpnclient_ip6_addr} fi fi #else # ip6_net=$(bash ../conf/ipv6_expanded "${ip6_net}") # # if [ -z "${ip6_net}" ]; then # echo "ERROR: The IPv6 Delegated Prefix format looks bad" >&2 # exit 1 # fi # # ip6_addr="$(echo "${ip6_net}" | cut -d: -f1-7):42" # ip6_net=$(bash ../conf/ipv6_compressed "${ip6_net}") # ip6_addr=$(bash ../conf/ipv6_compressed "${ip6_addr}") fi wifi_device=$(sudo bash ../conf/iw_devices | awk -F\| '{ print $1 }') if [ -z "${wifi_device}" ]; then echo "ERROR: No wifi interface found" >&2 exit 1 fi # Save arguments sudo yunohost app setting hotspot service_enabled -v 1 sudo yunohost app setting hotspot multissid -v 1 sudo yunohost app setting hotspot wifi_ssid -v "${wifi_ssid}" sudo yunohost app setting hotspot wifi_secure -v 1 sudo yunohost app setting hotspot wifi_passphrase -v "${wifi_passphrase}" sudo yunohost app setting hotspot wifi_device -v "${wifi_device}" sudo yunohost app setting hotspot wifi_channel -v 6 sudo yunohost app setting hotspot ip6_addr -v "${ip6_addr}" sudo yunohost app setting hotspot ip6_net -v "${ip6_net}" sudo yunohost app setting hotspot ip6_dns0 -v 2001:913::8 sudo yunohost app setting hotspot ip6_dns1 -v 2001:910:800::12 sudo yunohost app setting hotspot ip4_dns0 -v 80.67.188.188 sudo yunohost app setting hotspot ip4_dns1 -v 80.67.169.12 sudo yunohost app setting hotspot ip4_nat_prefix -v 10.0.242 sudo yunohost app setting hotspot vpnclient -v no # Install custom scripts sudo install -o root -g root -m 0755 ../conf/iw_multissid /usr/local/bin/ sudo install -o root -g root -m 0755 ../conf/iw_devices /usr/local/bin/ sudo install -o root -g root -m 0755 ../conf/iw_ssids /usr/local/bin/ sudo install -o root -g root -m 0755 ../conf/ipv6_expanded /usr/local/bin/ sudo install -o root -g root -m 0755 ../conf/ipv6_compressed /usr/local/bin/ sudo install -o root -g root -m 0755 ../conf/ynh-hotspot /usr/local/bin/ # Copy confs sudo mkdir -pm 0755 /var/log/nginx/ sudo mkdir -pm 0755 /etc/dnsmasq.dhcpd/ sudo chown root: /etc/dnsmasq.dhcpd/ sudo install -b -o root -g root -m 0644 ../conf/hostapd.conf.tpl? /etc/hostapd/ sudo install -b -o root -g root -m 0644 ../conf/dnsmasq_dhcpdv6.conf.tpl /etc/dnsmasq.dhcpd/dhcpdv6.conf.tpl sudo install -b -o root -g root -m 0644 ../conf/dnsmasq_dhcpdv4.conf.tpl /etc/dnsmasq.dhcpd/dhcpdv4.conf.tpl sudo install -b -o root -g root -m 0644 ../conf/nginx_wifiadmin.conf "/etc/nginx/conf.d/${domain}.d/wifiadmin.conf" sudo install -b -o root -g root -m 0644 ../conf/phpfpm_wifiadmin.conf /etc/php5/fpm/pool.d/wifiadmin.conf # Copy web sources sudo mkdir -pm 0755 /var/www/wifiadmin/ sudo cp -a ../sources/* /var/www/wifiadmin/ sudo chown -R root: /var/www/wifiadmin/ sudo chmod -R 0644 /var/www/wifiadmin/* sudo find /var/www/wifiadmin/ -type d -exec chmod +x {} \; # Fix confs ## hostapd sudo sed 's|^DAEMON_CONF=$|&/etc/hostapd/hostapd.conf|' -i /etc/init.d/hostapd ## nginx sudo sed "s||${url_path}|g" -i "/etc/nginx/conf.d/${domain}.d/wifiadmin.conf" sudo sed 's||/var/www/wifiadmin/|g' -i "/etc/nginx/conf.d/${domain}.d/wifiadmin.conf" sudo sed 's||wifiadmin|g' -i "/etc/nginx/conf.d/${domain}.d/wifiadmin.conf" ## php-fpm sudo sed 's||wifiadmin|g' -i /etc/php5/fpm/pool.d/wifiadmin.conf sudo sed 's||admin|g' -i /etc/php5/fpm/pool.d/wifiadmin.conf sudo sed 's||admins|g' -i /etc/php5/fpm/pool.d/wifiadmin.conf sudo sed 's||/var/www/wifiadmin/|g' -i /etc/php5/fpm/pool.d/wifiadmin.conf # Fix sources sudo sed "s||${url_path}|g" -i /var/www/wifiadmin/config.php # Copy init script sudo install -o root -g root -m 0755 ../conf/ynh-hotspot.service /lib/systemd/system/ynh-hotspot.service # Update firewall for DHCP sudo yunohost firewall allow --no-upnp --ipv6 UDP 547 sudo yunohost firewall allow --no-upnp UDP 67 # Set default inits # The boot order of these services are important, so they are disabled by default # and the ynh-hotspot service handles them. # All services are registred by yunohost in order to prevent conflicts after the uninstall. sudo yunohost service add hostapd sudo yunohost service stop hostapd sudo yunohost service disable hostapd sudo yunohost service add php5-fpm sudo yunohost service enable php5-fpm sudo systemcld reload nginx # Remove IPv6 address set if there is a VPN installed if [ "${ip6_addr}" != none ]; then sudo ip -6 address show dev tun0 2> /dev/null | grep -q "${ip6_addr}/" if [ "$?" -eq 0 ]; then sudo ip address delete "${ip6_addr}/128" dev tun0 &> /dev/null fi fi sudo yunohost service add ynh-hotspot sudo yunohost service enable ynh-hotspot sudo systemctl reenable ynh-hotspot sudo systemcld start ynh-hotspot # Update SSO for wifiadmin sudo yunohost app ssowatconf exit 0