From 18ece8489ea27d38890208be1a88a73e02b23aa8 Mon Sep 17 00:00:00 2001 From: Willow Hayward Date: Mon, 19 Feb 2024 03:59:58 +1000 Subject: [PATCH 1/8] Added sh script to automatically configure SSID name & password, as well as web ui username, password, and port --- Dockerfile | 6 ++- env-setup.sh | 114 +++++++++++++++++++++++++++++++++++++++++ password-generator.php | 3 ++ 3 files changed, 122 insertions(+), 1 deletion(-) create mode 100755 env-setup.sh create mode 100644 password-generator.php diff --git a/Dockerfile b/Dockerfile index ef39cd1..fad24cc 100644 --- a/Dockerfile +++ b/Dockerfile @@ -30,4 +30,8 @@ RUN curl -sL https://install.raspap.com | bash -s -- --yes --wireguard 1 --openv COPY firewall-rules.sh /home/firewall-rules.sh COPY wpa_supplicant.conf /etc/wpa_supplicant/ RUN chmod +x /home/firewall-rules.sh -CMD [ "/bin/bash", "-c", "/home/firewall-rules.sh && /lib/systemd/systemd" ] +COPY env-setup.sh /home/env-setup.sh +RUN chmod +x /home/env-setup.sh +COPY password-generator.php /home/password-generator.php + +CMD [ "/bin/bash", "-c", "/home/env-setup.sh && /home/firewall-rules.sh && /lib/systemd/systemd" ] diff --git a/env-setup.sh b/env-setup.sh new file mode 100755 index 0000000..d985119 --- /dev/null +++ b/env-setup.sh @@ -0,0 +1,114 @@ +#!/bin/bash +declare -A aliases=( + [RASPAP_SSID]=RASPAP_hostapd_ssid + [RASPAP_SSID_PASS]=RASPAP_hostapd_wpa_passphrase +) + +# Files that follow a predictable key=value format +declare -A conf_files=( + [raspap]=/etc/dnsmasq.d/090_raspap.conf + [wlan0]=/etc/dnsmasq.d/090_wlan0.conf + [hostapd]=/etc/hostapd/hostapd.conf +) + +raspap_auth=/etc/raspap/raspap.auth +lighttpd_conf=/etc/lighttpd/lighttpd.conf + +function main() { + alias_env_vars + update_webgui_auth $RASPAP_WEBGUI_USER $RASPAP_WEBGUI_PASS + update_webgui_port $RASPAP_WEBGUI_PORT + update_confs +} + +function alias_env_vars() { + for alias in "${!aliases[@]}" + do + if [ ! -z "${!alias}" ] + then + declare -g ${aliases[$alias]}="${!alias}" + export ${aliases[$alias]} + fi + done +} + +# $1 - Username +# $2 - Password +function update_webgui_auth() { + declare user=$1 + declare pass=$2 + if [ -z $user ] + then + # If not set, keep existing value + user=$(head $raspap_auth -n+1) + fi + + if [ -z "${pass}" ] + then + # If not set, keep existing value + pass=$(tail $raspap_auth -n+2) + else + # Hash password + pass=$(php /home/password-generator.php ${pass}) + fi + + echo "$user" > "$raspap_auth" + echo "$pass" >> "$raspap_auth" +} + +# $1 - Port +function update_webgui_port() { + port=$1 + if [ ! -z "${!port}" ] + then + # Only update if env var is set + return + fi + old="server.port = 80" + new="server.port = ${port}" + sudo sed -i "s/$old/$new/g" ${lighttpd_conf} +} + +update_confs() { + for conf in "${!conf_files[@]}" + do + path=${conf_files[$conf]} + prefix=RASPAP_${conf}_ + vars=$(get_prefixed_env_vars ${prefix}) + for var in ${vars} + do + key=${var#"$prefix"} + replace_in_conf $key ${!var} $path + done + done +} + +# $1 - Prefix +function get_prefixed_env_vars() { + prefix=$1 + matches=$(printenv | grep -o "${prefix}[^=]*") + echo $matches +} + +# $1 - Target key +# $2 - New value +# $3 - conf path +function replace_in_conf() { + key=$1 + val=$2 + path=$3 + + old="$key"=".*" + new="$key"="$val" + + if [ -z "$(grep "$old" $path)" ] + then + # Add value + echo $new >> $path + else + # Value exists in conf + sudo sed -i "s/$old/$new/g" $path + fi +} + +main diff --git a/password-generator.php b/password-generator.php new file mode 100644 index 0000000..e385580 --- /dev/null +++ b/password-generator.php @@ -0,0 +1,3 @@ + From 8c50855811ecd66e97ce0f5512ba6d44b65a2036 Mon Sep 17 00:00:00 2001 From: Willow Hayward Date: Mon, 19 Feb 2024 11:36:24 +1000 Subject: [PATCH 2/8] Added hostapd country_code alias --- env-setup.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/env-setup.sh b/env-setup.sh index d985119..a11fc09 100755 --- a/env-setup.sh +++ b/env-setup.sh @@ -2,6 +2,7 @@ declare -A aliases=( [RASPAP_SSID]=RASPAP_hostapd_ssid [RASPAP_SSID_PASS]=RASPAP_hostapd_wpa_passphrase + [RASPAP_COUNTRY]=RASPAP_hostapd_country_code ) # Files that follow a predictable key=value format From 9a6458a23d7964a869f2d6248995cf9c91964b35 Mon Sep 17 00:00:00 2001 From: Willow Hayward Date: Mon, 19 Feb 2024 11:36:47 +1000 Subject: [PATCH 3/8] Updated README to include environment variables --- README.md | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/README.md b/README.md index b698326..3712a12 100644 --- a/README.md +++ b/README.md @@ -33,3 +33,25 @@ git clone https://github.com/RaspAP/raspap-docker.git cd raspap-docker docker compose up -d ``` + +## Environment Variables +Several environment variables are made available in this docker image to aid in configuration. + +| Environment Variable | Description | Default | +|------------------------|--------------------------------------------------|---------------| +| RASPAP_SSID | The SSID name | raspap-webgui | +| RASPAP_SSID_PASS | The SSID password | ChangeMe | +| RASPAP_COUNTRY | The SSID country code | GB | +| RASPAP_WEBGUI_USER | The admin username for the RaspAP user interface | admin | +| RASPAP_WEBGUI_PASSWORD | The admin password for the RaspAP user interface | secret | +| RASPAP_WEBGUI_PORT | The RaspAP web user interface port | 80 | + +Some further configuration is also possible through the use of the following prefixed environment variables, in the form RASAPAP_\[target]_\[key] + +| Environment Variable Prefix | Target File | +|-----------------------------|--------------------------------| +| RASPAP_hostapd_ | /etc/hostapd/hostapd.conf | +| RASPAP_raspap_ | /etc/dnsmasq.d/090_raspap.conf | +| RASPAP_wlan0_ | /etc/dnsmasq.d/090_wlan0.conf | + +For example, `RASPAP_hostapd_driver` would set the `driver` value in `/etc/hostapd/hostapd.conf` From 9758939cdf9e2f5e46cf96da28c0d08c99e5cf25 Mon Sep 17 00:00:00 2001 From: Willow Hayward Date: Mon, 19 Feb 2024 16:38:09 +1000 Subject: [PATCH 4/8] Fixed bug with webgui port replacement --- env-setup.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/env-setup.sh b/env-setup.sh index a11fc09..47b9f95 100755 --- a/env-setup.sh +++ b/env-setup.sh @@ -65,7 +65,7 @@ function update_webgui_port() { # Only update if env var is set return fi - old="server.port = 80" + old="server.port = 80$" new="server.port = ${port}" sudo sed -i "s/$old/$new/g" ${lighttpd_conf} } From acded40ebb0e365ffebc6aa14690d164eee48c7e Mon Sep 17 00:00:00 2001 From: Willow Hayward Date: Mon, 19 Feb 2024 17:09:30 +1000 Subject: [PATCH 5/8] Made port replacement more generic --- env-setup.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/env-setup.sh b/env-setup.sh index 47b9f95..8448d06 100755 --- a/env-setup.sh +++ b/env-setup.sh @@ -65,7 +65,7 @@ function update_webgui_port() { # Only update if env var is set return fi - old="server.port = 80$" + old="server.port = [0-9]*" new="server.port = ${port}" sudo sed -i "s/$old/$new/g" ${lighttpd_conf} } From be762bbde8449767bff42b99f05122f1b52895de Mon Sep 17 00:00:00 2001 From: Willow Hayward Date: Tue, 20 Feb 2024 09:32:54 +1000 Subject: [PATCH 6/8] Updated docker-compose.yml with sample environment variables --- docker-compose.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/docker-compose.yaml b/docker-compose.yaml index 8ce2c3c..b805a32 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -7,6 +7,13 @@ services: privileged: true network_mode: host #cgroup: host # uncomment when using an ARM device + environment: + - RASPAP_SSID=raspap-webgui + - RASPAP_SSID_PASS=ChangeMe + - RASPAP_COUNTRY=GB + - RASPAP_WEBGUI_USER=admin + - RASPAP_WEBGUI_PASSWORD=secret + - RASPAP_WEBGUI_PORT=80 cap_add: - SYS_ADMIN volumes: From ae6ea41fbf90989c8c3cebbba919d7d2e6d6b35c Mon Sep 17 00:00:00 2001 From: Willow Hayward Date: Tue, 20 Feb 2024 09:35:16 +1000 Subject: [PATCH 7/8] Added env vars to docker-compose.yml, fixed typo in webgui pass var --- README.md | 2 +- docker-compose.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 3712a12..b0ad7d3 100644 --- a/README.md +++ b/README.md @@ -43,7 +43,7 @@ Several environment variables are made available in this docker image to aid in | RASPAP_SSID_PASS | The SSID password | ChangeMe | | RASPAP_COUNTRY | The SSID country code | GB | | RASPAP_WEBGUI_USER | The admin username for the RaspAP user interface | admin | -| RASPAP_WEBGUI_PASSWORD | The admin password for the RaspAP user interface | secret | +| RASPAP_WEBGUI_PASS | The admin password for the RaspAP user interface | secret | | RASPAP_WEBGUI_PORT | The RaspAP web user interface port | 80 | Some further configuration is also possible through the use of the following prefixed environment variables, in the form RASAPAP_\[target]_\[key] diff --git a/docker-compose.yaml b/docker-compose.yaml index b805a32..4790768 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -12,10 +12,10 @@ services: - RASPAP_SSID_PASS=ChangeMe - RASPAP_COUNTRY=GB - RASPAP_WEBGUI_USER=admin - - RASPAP_WEBGUI_PASSWORD=secret + - RASPAP_WEBGUI_PASS=secret - RASPAP_WEBGUI_PORT=80 cap_add: - SYS_ADMIN volumes: - /sys/fs/cgroup:/sys/fs/cgroup:rw - restart: unless-stopped \ No newline at end of file + restart: unless-stopped From 568e610479c087e0087a6eba264962a7aea9bcf3 Mon Sep 17 00:00:00 2001 From: Willow Hayward Date: Thu, 22 Feb 2024 12:39:04 +1000 Subject: [PATCH 8/8] Fixed bug in env-setup script when no values are supplied --- env-setup.sh | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/env-setup.sh b/env-setup.sh index 8448d06..f89d743 100755 --- a/env-setup.sh +++ b/env-setup.sh @@ -15,6 +15,8 @@ declare -A conf_files=( raspap_auth=/etc/raspap/raspap.auth lighttpd_conf=/etc/lighttpd/lighttpd.conf +password_generator=/home/password-generator.php + function main() { alias_env_vars update_webgui_auth $RASPAP_WEBGUI_USER $RASPAP_WEBGUI_PASS @@ -38,15 +40,27 @@ function alias_env_vars() { function update_webgui_auth() { declare user=$1 declare pass=$2 + + if ! [ -f $raspap_auth ] + then + # If the raspap.auth file doesn't exist, create it with default values + default_user=admin + default_pass=$(php ${password_generator} secret) + + echo "$default_user" > "$raspap_auth" + echo "$default_pass" >> "$raspap_auth" + chown www-data:www-data $raspap_auth # To allow later updating from the webgui + fi + if [ -z $user ] then - # If not set, keep existing value + # If no user var is set, keep the existing user value user=$(head $raspap_auth -n+1) fi if [ -z "${pass}" ] then - # If not set, keep existing value + # If no password var is set, keep the existing password value pass=$(tail $raspap_auth -n+2) else # Hash password @@ -60,7 +74,8 @@ function update_webgui_auth() { # $1 - Port function update_webgui_port() { port=$1 - if [ ! -z "${!port}" ] + + if [ -z "${port}" ] then # Only update if env var is set return