diff --git a/README.md b/README.md index cd1668b4..a6cd6384 100644 --- a/README.md +++ b/README.md @@ -19,6 +19,7 @@ We'd be curious to hear about how you use this with [your own RPi-powered projec - [Simultaneous AP and Wifi client](#simultaneous-ap-and-wifi-client) - [Support us](#support-us) - [Manual installation](#manual-installation) + - [802.11ac 5GHz support](#802.11ac-5GHz-support) - [Multilingual support](#multilingual-support) - [HTTPS support](#https-support) - [OpenVPN support](#openvpn-support) @@ -73,126 +74,10 @@ RaspAP is free software, but powered by your support. If you find RaspAP useful [![Beerpay](https://beerpay.io/billz/raspap-webgui/badge.svg)](https://beerpay.io/billz/raspap-webgui) ## Manual installation -These steps apply to the latest release of Raspbian (currently [Buster](https://www.raspberrypi.org/downloads/raspbian/)). Notes for previously released versions are provided, where applicable. Start off by installing git, lighttpd, php7, hostapd and dnsmasq. -```sh -sudo apt-get install git lighttpd php7.1-cgi hostapd dnsmasq vnstat -``` -**Note:** for Raspbian Stretch, replace `php7.1-cgi` with `php7.0-cgi`. For Raspbian Jessie and older versions, use `php5-cgi`. After that, enable PHP for lighttpd and restart it for the settings to take effect. -```sh -sudo lighttpd-enable-mod fastcgi-php -sudo service lighttpd restart -``` -Now comes the fun part. For security reasons, the `www-data` user which lighttpd runs under is not allowed to start or stop daemons, or run commands like ifdown and ifup, all of which we want our page to do. -So what I have done is added the `www-data` user to the sudoers file, but with restrictions on what commands the user can run. Add the following to the end of `/etc/sudoers`: +Detailed manual setup instructions are provided [on our wiki](https://github.com/billz/raspap-webgui/wiki/Manual-installation). -```sh -www-data ALL=(ALL) NOPASSWD:/sbin/ifdown -www-data ALL=(ALL) NOPASSWD:/sbin/ifup -www-data ALL=(ALL) NOPASSWD:/bin/cat /etc/wpa_supplicant/wpa_supplicant.conf -www-data ALL=(ALL) NOPASSWD:/bin/cat /etc/wpa_supplicant/wpa_supplicant-wlan[0-9].conf -www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/wifidata /etc/wpa_supplicant/wpa_supplicant.conf -www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/wifidata /etc/wpa_supplicant/wpa_supplicant-wlan[0-9].conf -www-data ALL=(ALL) NOPASSWD:/sbin/wpa_cli -i wlan[0-9] scan_results -www-data ALL=(ALL) NOPASSWD:/sbin/wpa_cli -i wlan[0-9] scan -www-data ALL=(ALL) NOPASSWD:/sbin/wpa_cli -i wlan[0-9] reconfigure -www-data ALL=(ALL) NOPASSWD:/sbin/wpa_cli -i wlan[0-9] select_network -www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/hostapddata /etc/hostapd/hostapd.conf -www-data ALL=(ALL) NOPASSWD:/bin/systemctl start hostapd.service -www-data ALL=(ALL) NOPASSWD:/bin/systemctl stop hostapd.service -www-data ALL=(ALL) NOPASSWD:/bin/systemctl start dnsmasq.service -www-data ALL=(ALL) NOPASSWD:/bin/systemctl stop dnsmasq.service -www-data ALL=(ALL) NOPASSWD:/bin/systemctl start openvpn-client@client -www-data ALL=(ALL) NOPASSWD:/bin/systemctl stop openvpn-client@client -www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/openvpn.ovpn /etc/openvpn/client/client.conf -www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/authdata /etc/openvpn/client/login.conf -www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/dnsmasqdata /etc/dnsmasq.conf -www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/dhcpddata /etc/dhcpcd.conf -www-data ALL=(ALL) NOPASSWD:/sbin/shutdown -h now -www-data ALL=(ALL) NOPASSWD:/sbin/reboot -www-data ALL=(ALL) NOPASSWD:/sbin/ip link set wlan[0-9] down -www-data ALL=(ALL) NOPASSWD:/sbin/ip link set wlan[0-9] up -www-data ALL=(ALL) NOPASSWD:/sbin/ip -s a f label wlan[0-9] -www-data ALL=(ALL) NOPASSWD:/bin/cp /etc/raspap/networking/dhcpcd.conf /etc/dhcpcd.conf -www-data ALL=(ALL) NOPASSWD:/etc/raspap/hostapd/enablelog.sh -www-data ALL=(ALL) NOPASSWD:/etc/raspap/hostapd/disablelog.sh -www-data ALL=(ALL) NOPASSWD:/etc/raspap/hostapd/servicestart.sh -www-data ALL=(ALL) NOPASSWD:/etc/raspap/lighttpd/configport.sh -www-data ALL=(ALL) NOPASSWD:/etc/raspap/openvpn/configauth.sh -``` - -Once those modifications are done, git clone the files to `/var/www/html`. -**Note:** for older versions of Raspbian (before Jessie, May 2016) use -`/var/www` instead. -```sh -sudo rm -rf /var/www/html -sudo git clone https://github.com/billz/raspap-webgui /var/www/html -``` -Move the high-res favicons to the web root. -``` -sudo mv /var/www/html/app/icons/* /var/www/html -``` -Set the files ownership to `www-data` user. -```sh -sudo chown -R www-data:www-data /var/www/html -``` -Move the RaspAP configuration file to the correct location. -```sh -sudo mkdir /etc/raspap -sudo mv /var/www/html/raspap.php /etc/raspap/ -sudo chown -R www-data:www-data /etc/raspap -``` -Move the HostAPD logging and service control shell scripts to the correct location. -```sh -sudo mkdir /etc/raspap/hostapd -sudo mv /var/www/html/installers/*log.sh /etc/raspap/hostapd -sudo mv /var/www/html/installers/service*.sh /etc/raspap/hostapd -``` -Set ownership and permissions for logging and service control scripts. -```sh -sudo chown -c root:www-data /etc/raspap/hostapd/*.sh -sudo chmod 750 /etc/raspap/hostapd/*.sh -``` -Add the following lines to `/etc/rc.local` before `exit 0`. -```sh -echo 1 > /proc/sys/net/ipv4/ip_forward #RASPAP -iptables -t nat -A POSTROUTING -j MASQUERADE #RASPAP -iptables -t nat -A POSTROUTING -s 192.168.50.0/24 ! -d 192.168.50.0/24 -j MASQUERADE #RASPAP -``` -Force a reload of new settings in `/etc/rc.local`. -```sh -sudo systemctl restart rc-local.service -sudo systemctl daemon-reload -``` -Unmask and enable the hostapd service. -```sh -sudo systemctl unmask hostapd.service -sudo systemctl enable hostapd.service -``` -Move the raspap service to the correct location and enable it. -``` -sudo mv /var/www/html/installers/raspap.service /lib/systemd/system -sudo systemctl enable raspap.service -``` -Copy the configuration files for dhcpcd, dnsmasq, and hostapd. -``` -sudo mv /var/www/html/config/default_hostapd /etc/default/hostapd -sudo mv /var/www/html/config/hostapd.conf /etc/hostapd/hostapd.conf -sudo mv /var/www/html/config/dnsmasq.conf /etc/dnsmasq.conf -sudo mv /var/www/html/config/dhcpcd.conf /etc/dhcpcd.conf -sudo mv /var/www/html/config/config.php /var/www/html/includes/ -``` -(Optional) Optimize PHP -``` -sudo sed -i -E 's/^session\.cookie_httponly\s*=\s*(0|([O|o]ff)|([F|f]alse)|([N|n]o))\s*$/session.cookie_httponly = 1/' /etc/php/7.1/cgi/php.ini -sudo sed -i -E 's/^;?opcache\.enable\s*=\s*(0|([O|o]ff)|([F|f]alse)|([N|n]o))\s*$/opcache.enable = 1/' /etc/php/7.1/cgi/php.ini -sudo phpenmod opcache -``` -Reboot and it should be up and running! -```sh -sudo reboot -``` - -The default username is 'admin' and the default password is 'secret'. +## 802.11ac 5GHz support +RaspAP provides an 802.11ac wireless mode option for supported hardware (currently the RPi 3B+/4) and wireless regulatory domains. See [this FAQ](https://github.com/billz/raspap-webgui/wiki/FAQs#80211ac) for more information. ## Multilingual support RaspAP uses [GNU Gettext](https://www.gnu.org/software/gettext/) to manage multilingual messages. In order to use RaspAP with one of our supported translations, you must configure a corresponding language package on your RPi. To list languages currently installed on your system, use `locale -a` at the shell prompt. To generate new locales, run `sudo dpkg-reconfigure locales` and select any other desired locales. Details are provided on our [wiki](https://github.com/billz/raspap-webgui/wiki/Translations#raspap-in-your-language). @@ -240,12 +125,11 @@ To configure an OpenVPN client, upload a valid .ovpn file and, optionally, speci **Note**: this feature is currently in beta. Please [read this](https://github.com/billz/raspap-webgui/wiki/FAQs#-openvpn-fails-to-start-andor-i-have-no-internet-help) before reporting an issue. ## How to contribute - -1. File an issue in the repository describing the contribution you'd like to make. This will help us get you started on the - right foot. -2. Fork the project in your account and create a new branch: `your-great-feature`. -3. Commit your changes in that branch. -4. Open a pull request, and reference the initial issue in the pull request message. + +1. Fork the project in your account and create a new branch: `your-great-feature`. +2. Open a feature request issue in the repository describing the contribution you'd like to make. This will help us get you started on the right foot. +3. Commit changes in your feature branch. +4. Open a pull request and reference the initial issue in the pull request message. This project follows the [PSR-2](http://www.php-fig.org/psr/psr-2/) coding style guidelines. There are many ways to check your code for PSR-2. An excellent tool is [PHP_CodeSniffer](https://github.com/squizlabs/PHP_CodeSniffer). The command line tool `phpcs` can be run against any single file. [Phing](https://www.phing.info/), a PHP build tool, integrates nicely with `phpcs` to automate PSR-2 checks across all source files in a project.