labriqueinternet
/
hotspot_ynh
miroir de https://github.com/labriqueinternet/hotspot_ynh


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176
							#!/bin/bash

#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================

source _common.sh
source /usr/share/yunohost/helpers

service_name=ynh-$app
ynh_app_setting_set --app=$app --key=service_name --value=$service_name

#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================

# FIXME : we could probably implement all these checks in manifest.toml directly ?
ynh_script_progression --message="Validating installation parameters..."

# Check arguments
if [[ -z $wifi_ssid ]] || [[ -z $wifi_passphrase ]]; then
	ynh_die --message="Your Wifi Hotspot needs a name and a password"
fi

# Check passphrase length
wifi_passphrase_length="$(wc -c <<< "${wifi_passphrase}")"
if [[ $wifi_passphrase_length -lt 8 ]] || [[ $wifi_passphrase_length -gt 63 ]]; then
	ynh_die --message="Your password must have between 8 and 63 characters (WPA2 passphrase)"
fi

# Check no special characters are present in the passphrase
if [[ $wifi_passphrase =~ [^[:print:]] ]]; then
	ynh_die --message="Only printable ASCII characters are permitted in your password (WPA2 passphrase)"
fi

#=================================================
# STANDARD MODIFICATIONS
#=================================================
# FIND AND OPEN A PORT
#=================================================
ynh_script_progression --message="Configuring firewall..."

# Update firewall for DHCP
# FIXME : move to manifest.toml
ynh_exec_warn_less yunohost firewall allow --no-upnp --ipv6 UDP 547
ynh_exec_warn_less yunohost firewall allow --no-upnp UDP 67

# Meh idk where to put this ... On RPi, by default wlan is blocked
if test -e /usr/sbin/rfkill && rfkill | grep wlan | grep -q -w 'blocked'
then
    ynh_print_info "Unblocking wlan interface..."
    /usr/sbin/rfkill unblock wlan
fi

#=================================================
# SPECIFIC SETTINGS
#=================================================
ynh_script_progression --message="Configuring hotspot..."

ip6_net=""
ip6_dns=""

ip4_nat_prefix_index=${app##*__}
if [[ "${ip4_nat_prefix_index}" == "${app}" ]]; then
  	ip4_nat_prefix_index=0
fi
ip4_nat_prefix="10.${ip4_nat_prefix_index}.242"
ip4_dns="${ip4_nat_prefix}.1"

hot_reload_usb_wifi_cards
wifi_device=$(unused_iw_devices | head -n 1)
wifi_secure=1
wifi_channel=6

ynh_app_setting_set --app=$app --key=wifi_secure --value="${wifi_secure}"
ynh_app_setting_set --app=$app --key=wifi_device --value="${wifi_device}"
ynh_app_setting_set --app=$app --key=wifi_channel --value="${wifi_channel}"
ynh_app_setting_set --app=$app --key=advanced --value=0
ynh_app_setting_set --app=$app --key=ip6_firewall --value=1
ynh_app_setting_set --app=$app --key=ip6_net --value="${ip6_net}"
ynh_app_setting_set --app=$app --key=ip6_dns --value="${ip6_dns}"
ynh_app_setting_set --app=$app --key=ip4_dns --value="${ip4_dns}"
ynh_app_setting_set --app=$app --key=ip4_nat_prefix --value="${ip4_nat_prefix}"
ynh_app_setting_set --app=$app --key=captive_portal --value=0
ynh_app_setting_set --app=$app --key=captive_portal_url --value=""

if [[ -z "$wifi_device" ]]; then
	ynh_app_setting_set --app=$app --key=service_enabled --value=0
else
	ynh_app_setting_set --app=$app --key=service_enabled --value=1
fi

# We must explicitly save the wifi passphrase despite being in the install question
# because password-type questions are not saved automatically
ynh_app_setting_set --app=$app --key=wifi_passphrase --value="$wifi_passphrase"

#=================================================
# COPY CONFIGS
#=================================================
ynh_script_progression --message="Copying configuration files..."

mkdir -pm 0755 /etc/hostapd/$app/
chown root: /etc/hostapd/$app/

mkdir -pm 0755 /etc/dnsmasq.$app/
chown root: /etc/dnsmasq.$app/

touch /etc/hotspot/allowed.csv

# Copy init script
ynh_add_config --template="../conf/ynh-hotspot" --destination="/usr/local/bin/$service_name"
chmod 0755 "/usr/local/bin/$service_name"

ynh_add_config --template="../conf/captiveportal_fakedns" --destination="/usr/local/bin/captiveportal_fakedns"
chmod 0755 "/usr/local/bin/captiveportal_fakedns"
ynh_add_config --template="../conf/captiveportal_allow" --destination="/usr/local/bin/captiveportal_allow"
chmod 0755 "/usr/local/bin/captiveportal_allow"

# Copy openvpn scripts
mkdir -pm 0755 /etc/openvpn/scripts
mkdir -pm 0755 /etc/openvpn/scripts/route-up.d
mkdir -pm 0755 /etc/openvpn/scripts/route-down.d
ynh_add_config --template="../conf/openvpn_90-hotspot" --destination="/etc/openvpn/scripts/route-up.d/90-$service_name"
ynh_add_config --template="../conf/openvpn_90-hotspot" --destination="/etc/openvpn/scripts/route-down.d/90-$service_name"
chmod 0755 "/etc/openvpn/scripts/route-up.d/90-${service_name}"
chmod 0755 "/etc/openvpn/scripts/route-down.d/90-${service_name}"

#=================================================
# CONFIGURE HOSTAPD
#=================================================
ynh_script_progression --message="Configuring hostapd..."

# Disable hostapd, we'll use hostapd@$app instead (for multissid support etc)
systemctl disable hostapd --quiet 2>&1
systemctl stop hostapd 2>&1
systemctl mask hostapd 2>&1

if [[ -n "${wifi_device}" ]]; then 
    configure_hostapd
    configure_dhcp
fi

#=================================================
# SETUP SYSTEMD
#=================================================
ynh_script_progression --message="Configuring systemd service..."

# Create a dedicated systemd config
ynh_add_systemd_config --service=$service_name

# Create custom systemd config for hostapd to handle multiple wifi devices
ynh_add_systemd_config --service="hostapd@$app" --template="../conf/systemd_hostapd.service"
yunohost service add $service_name --description "Creates a Wi-Fi access point" --test_status "systemctl is-active hostapd@$app" --need_lock

ynh_add_systemd_config --service="captiveportal_fakedns" --template="captiveportal_fakedns"
yunohost service add captiveportal_fakedns --description "Captive portal dns service" --test_status "systemctl is-active captiveportal_fakedns"

#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting the hotspot..."

# Start a systemd service if device is present
if [[ $wifi_device == "" ]]; then
	echo "WARNING: Wifi Hotspot is not started because no wifi device was found (check the Hotspot configuration in the webadmin > Applications > Hotspot > the config panel)" >&2
else
    yunohost service start $service_name
fi

#=================================================
# END OF SCRIPT
#=================================================

ynh_script_progression --message="Installation of $app completed"