mirror of
https://github.com/RaspAP/raspap-webgui.git
synced 2024-11-25 09:00:25 +00:00
Merge branch 'master' into feature/zbchristian-clients
This commit is contained in:
commit
e16844294b
29 changed files with 1001 additions and 42 deletions
12
README.md
12
README.md
|
@ -1,5 +1,5 @@
|
|||
![](https://i.imgur.com/DpgvLIO.png)
|
||||
[![Release 2.7.1](https://img.shields.io/badge/release-v2.7.1-green)](https://github.com/raspap/raspap-insiders/releases) [![Awesome](https://awesome.re/badge.svg)](https://github.com/thibmaek/awesome-raspberry-pi) [![Financial Contributors on Open Collective](https://opencollective.com/raspap/all/badge.svg?label=financial+contributors)](https://opencollective.com/raspap) ![https://travis-ci.com/github/raspap/raspap-webgui/](https://api.travis-ci.org/RaspAP/raspap-webgui.svg) [![Crowdin](https://badges.crowdin.net/raspap/localized.svg)](https://crowdin.com/project/raspap) [![Twitter URL](https://img.shields.io/twitter/url?label=%40RaspAP&logoColor=%23d8224c&url=https%3A%2F%2Ftwitter.com%2Frasp_ap)](https://twitter.com/rasp_ap) [![Subreddit subscribers](https://img.shields.io/reddit/subreddit-subscribers/RaspAP?style=social)](https://www.reddit.com/r/RaspAP/)
|
||||
![](https://i.imgur.com/TCJKWT4.png)
|
||||
[![Release 2.7.2](https://img.shields.io/badge/release-v2.7.2-green)](https://github.com/raspap/raspap-insiders/releases) [![Awesome](https://awesome.re/badge.svg)](https://github.com/thibmaek/awesome-raspberry-pi) [![Financial Contributors on Open Collective](https://opencollective.com/raspap/all/badge.svg?label=financial+contributors)](https://opencollective.com/raspap) ![https://travis-ci.com/github/raspap/raspap-webgui/](https://api.travis-ci.org/RaspAP/raspap-webgui.svg) [![Crowdin](https://badges.crowdin.net/raspap/localized.svg)](https://crowdin.com/project/raspap) [![Twitter URL](https://img.shields.io/twitter/url?label=%40RaspAP&logoColor=%23d8224c&url=https%3A%2F%2Ftwitter.com%2Frasp_ap)](https://twitter.com/rasp_ap) [![Subreddit subscribers](https://img.shields.io/reddit/subreddit-subscribers/RaspAP?style=social)](https://www.reddit.com/r/RaspAP/)
|
||||
|
||||
Welcome to **RaspAP Insiders**. You, the members of the Insiders community, support the sponsorware release model, which means that new features are first exclusively released to sponsors as part of Insiders. Read on for details about how this strategy works—and *thank you* for joining us on this journey.
|
||||
|
||||
|
@ -25,16 +25,16 @@ As part of the initial rollout of Insiders, all previous one-time backers of Ras
|
|||
> ℹ️ **Important**: If you're [sponsoring](https://github.com/sponsors/RaspAP) RaspAP through a GitHub organization, please send a short email to [sponsors@raspap.com](mailto:sponsors@raspap.com) with the name of your organization and the account that should be added as a collaborator. <sup>[2](#footnote-2)</sup>
|
||||
|
||||
## Exclusive features
|
||||
When backers were asked which feature they'd most like to see added to RaspAP, the ability to manage multiple OpenVPN client configurations topped the list of requests. Therefore, we're adding this as the first feature exclusive to insiders.
|
||||
The following features are currently available exclusively to sponsors. A tangible side benefit of sponsorship is that Insiders are able to help steer future development of RaspAP. This is done through your Insiders access to discussions, feature requests, issues and pull requests in the private GitHub repository.
|
||||
|
||||
✅ Manage OpenVPN client configs
|
||||
✅ OpenVPN service logging
|
||||
✅ Night mode toggle
|
||||
✅ Restrict network to static clients
|
||||
⚙️ WireGuard support (in progress)
|
||||
✅ WireGuard support
|
||||
⚙️ Traffic shaping (in progress)
|
||||
|
||||
Look for the list above to grow as we add more exlcusive features. Have an idea or suggestion for a future enhancement? Start or join an [Insiders discussion](https://github.com/orgs/RaspAP/teams/insiders/discussions) and let us know!
|
||||
Look for the list above to grow as we add more exlcusive features. Have an idea or suggestion for a future enhancement? Start or join an [Insiders discussion](https://github.com/RaspAP/raspap-insiders/discussions) and let us know!
|
||||
|
||||
## Funding targets
|
||||
Following is a list of funding targets. When a funding target is reached, the features that are tied to it are merged back into RaspAP and released to the public for general availability.
|
||||
|
@ -44,7 +44,7 @@ Following is a list of funding targets. When a funding target is reached, the fe
|
|||
✅ OpenVPN service logging
|
||||
✅ Night mode toggle
|
||||
✅ Restrict network to static clients
|
||||
⚙️ WireGuard support (in progress)
|
||||
✅ WireGuard support
|
||||
⚙️ Traffic shaping (in progress)
|
||||
|
||||
## Frequently asked questions
|
||||
|
|
9
ajax/networking/get_wgcfg.php
Normal file
9
ajax/networking/get_wgcfg.php
Normal file
|
@ -0,0 +1,9 @@
|
|||
<?php
|
||||
|
||||
require '../../includes/csrf.php';
|
||||
require_once '../../includes/config.php';
|
||||
|
||||
// fetch wg client.conf
|
||||
exec('sudo cat '. RASPI_WIREGUARD_PATH.'client.conf', $return);
|
||||
echo implode(PHP_EOL,$return);
|
||||
|
22
ajax/networking/get_wgkey.php
Normal file
22
ajax/networking/get_wgkey.php
Normal file
|
@ -0,0 +1,22 @@
|
|||
<?php
|
||||
|
||||
require '../../includes/csrf.php';
|
||||
require_once '../../includes/config.php';
|
||||
|
||||
$entity = $_POST['entity'];
|
||||
|
||||
if (isset($entity)) {
|
||||
|
||||
// generate public/private key pairs for entity
|
||||
$pubkey = RASPI_WIREGUARD_PATH.$entity.'-public.key';
|
||||
$privkey = RASPI_WIREGUARD_PATH.$entity.'-private.key';
|
||||
$pubkey_tmp = '/tmp/'.$entity.'-public.key';
|
||||
$privkey_tmp = '/tmp/'.$entity.'-private.key';
|
||||
|
||||
exec("sudo wg genkey | tee $privkey_tmp | wg pubkey > $pubkey_tmp", $return);
|
||||
$wgdata['pubkey'] = str_replace("\n",'',file_get_contents($pubkey_tmp));
|
||||
exec("sudo mv $privkey_tmp $privkey", $return);
|
||||
exec("sudo mv $pubkey_tmp $pubkey", $return);
|
||||
|
||||
echo json_encode($wgdata);
|
||||
}
|
|
@ -75,6 +75,9 @@ h5.card-title {
|
|||
font-family: Verdana, Geneva, sans-serif;
|
||||
}
|
||||
|
||||
.sidebar-light hr.sidebar-divider {
|
||||
padding-top: 0.5rem;
|
||||
}
|
||||
|
||||
ul.nav-tabs, .nav-tabs .nav-link {
|
||||
background-color: #f6f6ef;
|
||||
|
@ -154,6 +157,7 @@ ul.nav-tabs, .nav-tabs .nav-link {
|
|||
.info-item-xs {
|
||||
font-size: 0.7rem;
|
||||
margin-left: 0.3rem;
|
||||
line-height: 1.5em;
|
||||
}
|
||||
|
||||
.info-item-wifi {
|
||||
|
@ -190,6 +194,10 @@ ul.nav-tabs, .nav-tabs .nav-link {
|
|||
}
|
||||
}
|
||||
|
||||
.fas.fa-circle {
|
||||
font-size: 0.5rem;
|
||||
}
|
||||
|
||||
.logoutput {
|
||||
width:100%;
|
||||
height:300px;
|
||||
|
|
28
app/img/wg-qr-code.php
Normal file
28
app/img/wg-qr-code.php
Normal file
|
@ -0,0 +1,28 @@
|
|||
<?php
|
||||
|
||||
require_once '../../includes/config.php';
|
||||
require_once '../../includes/defaults.php';
|
||||
require_once '../../includes/functions.php';
|
||||
|
||||
// prevent direct file access
|
||||
if (!isset($_SERVER['HTTP_REFERER'])) {
|
||||
header('HTTP/1.0 403 Forbidden');
|
||||
exit;
|
||||
}
|
||||
|
||||
exec("sudo cat " .RASPI_WIREGUARD_PATH.'client.conf', $return);
|
||||
$peer_conf = implode(PHP_EOL,$return);
|
||||
$peer_conf.= PHP_EOL;
|
||||
$command = "qrencode -t svg -m 0 -o - " . mb_escapeshellarg($peer_conf);
|
||||
$svg = shell_exec($command);
|
||||
$etag = hash('sha256', $peer_conf);
|
||||
$content_length = strlen($svg);
|
||||
$last_modified = date("Y-m-d H:i:s");
|
||||
|
||||
header("Content-Type: image/svg+xml");
|
||||
header("Content-Length: $content_length");
|
||||
header("Last-Modified: $last_modified");
|
||||
header("ETag: \"$etag\"");
|
||||
header("X-QR-Code-Content: $peer_conf");
|
||||
echo shell_exec($command);
|
||||
|
|
@ -10,11 +10,6 @@ if (!isset($_SERVER['HTTP_REFERER'])) {
|
|||
exit;
|
||||
}
|
||||
|
||||
function qr_encode($str)
|
||||
{
|
||||
return preg_replace('/(?<!\\\)([\":;,])/', '\\\\\1', $str);
|
||||
}
|
||||
|
||||
$hostapd = parse_ini_file(RASPI_HOSTAPD_CONFIG, false, INI_SCANNER_RAW);
|
||||
|
||||
// assume wpa encryption and get the passphrase
|
||||
|
|
|
@ -367,6 +367,55 @@ function updateBlocklist() {
|
|||
function clearBlocklistStatus() {
|
||||
$('#cbxblocklist-status').removeClass('check-updated').addClass('check-hidden');
|
||||
}
|
||||
|
||||
// Handler for the wireguard generate key button
|
||||
$('.wg-keygen').click(function(){
|
||||
var entity_pub = $(this).parent('div').prev('input[type="text"]');
|
||||
var entity_priv = $(this).parent('div').next('input[type="hidden"]');
|
||||
var updated = entity_pub.attr('name')+"-pubkey-status";
|
||||
$.post('ajax/networking/get_wgkey.php',{'entity':entity_pub.attr('name') },function(data){
|
||||
var jsonData = JSON.parse(data);
|
||||
entity_pub.val(jsonData.pubkey);
|
||||
$('#' + updated).removeClass('check-hidden').addClass('check-updated').delay(500).animate({ opacity: 1 }, 700);
|
||||
})
|
||||
})
|
||||
|
||||
// Handler for wireguard client.conf download
|
||||
$('.wg-client-dl').click(function(){
|
||||
var req = new XMLHttpRequest();
|
||||
var url = 'ajax/networking/get_wgcfg.php';
|
||||
req.open('get', url, true);
|
||||
req.responseType = 'blob';
|
||||
req.setRequestHeader('Content-type', 'text/plain; charset=UTF-8');
|
||||
req.onreadystatechange = function (event) {
|
||||
if(req.readyState == 4 && req.status == 200) {
|
||||
var blob = req.response;
|
||||
var link=document.createElement('a');
|
||||
link.href=window.URL.createObjectURL(blob);
|
||||
link.download = 'client.conf';
|
||||
link.click();
|
||||
}
|
||||
}
|
||||
req.send();
|
||||
})
|
||||
|
||||
// Event listener for Bootstrap's form validation
|
||||
window.addEventListener('load', function() {
|
||||
// Fetch all the forms we want to apply custom Bootstrap validation styles to
|
||||
var forms = document.getElementsByClassName('needs-validation');
|
||||
// Loop over them and prevent submission
|
||||
var validation = Array.prototype.filter.call(forms, function(form) {
|
||||
form.addEventListener('submit', function(event) {
|
||||
//console.log(event.submitter);
|
||||
if (form.checkValidity() === false) {
|
||||
event.preventDefault();
|
||||
event.stopPropagation();
|
||||
}
|
||||
form.classList.add('was-validated');
|
||||
}, false);
|
||||
});
|
||||
}, false);
|
||||
|
||||
// Static Array method
|
||||
Array.range = (start, end) => Array.from({length: (end - start)}, (v, k) => k + start);
|
||||
|
||||
|
|
|
@ -21,6 +21,8 @@ define('RASPI_WPA_CTRL_INTERFACE', '/var/run/wpa_supplicant');
|
|||
define('RASPI_OPENVPN_CLIENT_CONFIG', '/etc/openvpn/client/client.conf');
|
||||
define('RASPI_OPENVPN_CLIENT_LOGIN', '/etc/openvpn/client/login.conf');
|
||||
define('RASPI_OPENVPN_SERVER_CONFIG', '/etc/openvpn/server/server.conf');
|
||||
define('RASPI_WIREGUARD_PATH', '/etc/wireguard/');
|
||||
define('RASPI_WIREGUARD_CONFIG', RASPI_WIREGUARD_PATH.'wg0.conf');
|
||||
define('RASPI_TORPROXY_CONFIG', '/etc/tor/torrc');
|
||||
define('RASPI_LIGHTTPD_CONFIG', '/etc/lighttpd/lighttpd.conf');
|
||||
define('RASPI_ACCESS_CHECK_IP', '1.1.1.1');
|
||||
|
@ -39,6 +41,7 @@ define('RASPI_NETWORK_ENABLED', true);
|
|||
define('RASPI_DHCP_ENABLED', true);
|
||||
define('RASPI_ADBLOCK_ENABLED', false);
|
||||
define('RASPI_OPENVPN_ENABLED', false);
|
||||
define('RASPI_WIREGUARD_ENABLED', false);
|
||||
define('RASPI_TORPROXY_ENABLED', false);
|
||||
define('RASPI_CONFAUTH_ENABLED', true);
|
||||
define('RASPI_CHANGETHEME_ENABLED', true);
|
||||
|
|
|
@ -33,6 +33,22 @@
|
|||
"uap0": {
|
||||
"dhcp-range": [ "192.168.50.50,192.168.50.150,12h" ]
|
||||
}
|
||||
},
|
||||
"wireguard": {
|
||||
"server": {
|
||||
"Address": [ "10.8.2.1/24" ],
|
||||
"ListenPort": [ "51820" ],
|
||||
"DNS": [ "9.9.9.9" ],
|
||||
"PostUp": [ "iptables -A FORWARD -i wlan0 -o wg0 -j ACCEPT; iptables -A FORWARD -i wg0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT; iptables -t nat -A POSTROUTING -o wg0 -j MASQUERADE" ],
|
||||
"PostDown": [ "iptables -D FORWARD -i wlan0 -o wg0 -j ACCEPT; iptables -D FORWARD -i wg0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT; iptables -t nat -D POSTROUTING -o wg0 -j MASQUERADE" ]
|
||||
},
|
||||
"peer": {
|
||||
"Address": [ "10.8.1.2/24" ],
|
||||
"Endpoint": [ "10.8.2.1:51820" ],
|
||||
"ListenPort": [ "21841" ],
|
||||
"AllowedIPs": ["10.8.2.0/24"],
|
||||
"PersistentKeepalive": [ "15" ]
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
BIN
dist/raspap/css/fonts/RaspAP.eot
vendored
Executable file
BIN
dist/raspap/css/fonts/RaspAP.eot
vendored
Executable file
Binary file not shown.
12
dist/raspap/css/fonts/RaspAP.svg
vendored
Executable file
12
dist/raspap/css/fonts/RaspAP.svg
vendored
Executable file
|
@ -0,0 +1,12 @@
|
|||
<?xml version="1.0" standalone="no"?>
|
||||
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd" >
|
||||
<svg xmlns="http://www.w3.org/2000/svg">
|
||||
<metadata>Generated by IcoMoon</metadata>
|
||||
<defs>
|
||||
<font id="RaspAP" horiz-adv-x="1024">
|
||||
<font-face units-per-em="1024" ascent="960" descent="-64" />
|
||||
<missing-glyph horiz-adv-x="1024" />
|
||||
<glyph unicode=" " horiz-adv-x="512" d="" />
|
||||
<glyph unicode="" glyph-name="wireguard" d="M1023.147 463.147c0 0 23.595 496.853-522.453 496.853-482.859 0-497.963-476.587-497.963-476.587s-70.997-547.413 509.141-547.413c556.501 0 511.275 527.147 511.275 527.147zM347.947 636.757c102.4 62.72 233.344 24.363 282.368-69.888 9.301-17.877 10.496-45.355 4.608-64.128-20.352-64.683-68.309-100.949-134.187-116.395 19.413 16.64 34.859 35.499 39.808 61.525 1.195 5.504 1.88 11.827 1.88 18.31 0 20.027-6.533 38.528-17.584 53.488l0.174-0.246c-16.797 22.874-43.588 37.556-73.809 37.556-11.257 0-22.038-2.037-31.995-5.763l0.63 0.207c-40.533-15.36-62.72-52.395-58.752-97.877 3.712-42.24 35.797-69.632 95.787-80.043-8.96-4.736-15.872-8.235-22.613-11.989-27.988-15.524-51.374-35.995-69.74-60.451l-0.404-0.562c-6.101-8.192-10.24-8.875-19.541-3.2-120.619 73.771-128.384 258.859 3.371 339.456zM257.707 180.992c-19.413-4.949-38.187-12.203-57.984-18.688 9.685 65.365 86.229 125.568 150.997 118.699-18.043-24.598-29.583-54.982-31.551-87.945l-0.022-0.46c-21.504-3.968-41.813-6.613-61.44-11.605zM669.995 819.2c19.115-0.725 38.315-0.427 57.472-0.853 5.287-0.363 10.162-1.075 14.91-2.128l-0.659 0.123c-4.574-6.938-9.348-12.986-14.582-18.599l0.076 0.082c-6.827-6.4-14.549-12.629-24.448-2.944-2.347 2.347-7.979 1.792-12.075 1.877-19.072 0.213-38.144 0.853-57.173 0.128-17.856-0.589-34.82-2.396-51.386-5.353l2.149 0.318c-3.072-0.555-7.595-10.667-6.229-14.421 3.328-8.832 8.149-18.56 15.317-24.192 26.411-20.907 54.485-39.595 81.067-60.288 25.771-20.139 49.792-42.24 64.427-72.533 19.029-39.595 19.627-81.067 11.392-122.752-13.739-69.547-48.939-127.147-105.941-169.045-22.955-16.853-51.413-26.453-77.696-38.528-23.168-10.667-46.933-19.84-70.144-30.379-41.813-19.029-65.28-64.427-58.411-111.573 6.357-43.307 44.373-79.445 87.851-86.912 52.181-8.96 106.069 25.003 118.827 78.080 14.336 59.605-18.048 112.896-78.72 129.024l-10.923 2.816c16.213 7.253 30.208 12.416 43.179 19.541q33.835 18.645 66.475 39.467c6.4 4.096 9.856 4.096 15.36-0.597 41.685-36.096 66.56-80.981 73.557-135.979 11.52-91.093-31.573-174.763-112.896-217.643-125.781-66.347-279.765 9.173-307.541 148.651-23.808 119.467 60.501 227.84 162.005 248.747 43.648 9.003 83.541 27.179 114.56 60.8 20.053 21.675 29.739 40.277 33.067 48.683 5.86 14.568 9.259 31.458 9.259 49.142 0 0.094 0 0.187 0 0.281v-0.014c-0.72 15.473-4.371 29.921-10.408 43.044l0.296-0.719c-10.581 24.149-51.2 62.549-61.227 70.656l-95.573 74.837c-3.371 2.773-7.168 2.56-15.36 2.005-9.813-0.683-34.773-2.048-45.525 0.768 8.704 6.613 32.427 16.213 42.667 23.893-30.976 20.907-66.304 13.397-98.773 19.627 7.509 13.995 44.629 35.456 65.749 37.888-1.455 13.545-3.483 25.484-6.166 37.173l0.406-2.101c-1.28 4.736-6.571 9.387-11.221 12.075-11.179 6.571-23.083 11.989-35.968 18.517 10.935 7.156 24.244 11.558 38.555 11.945l0.101 0.002c1.66 0.068 3.608 0.107 5.566 0.107 11.77 0 23.21-1.408 34.163-4.064l-0.987 0.202c23.040-5.248 41.387-1.792 59.691 13.824-14.421 5.803-28.843 11.093-42.795 17.365-16.163 7.396-29.343 14.415-42.082 22.091l1.89-1.056c36.267-5.035 71.296-18.645 108.373-13.653l0.939 5.035-86.101 20.053c51.328 4.693 99.115 5.461 144.384-16.555 12.757-6.229 26.027-11.349 38.272-18.432 5.973-3.413 9.941-10.24 14.848-15.573 3.84-4.181 6.997-9.813 11.776-12.373 18.091-9.6 37.973-9.984 58.283-9.515l0.427 6.827c20.437-6.4 43.392-29.952 43.392-47.147-33.109 0-66.133 0.128-99.2-0.171-3.541 0-7.040-2.603-10.539-4.011 3.328-1.963 6.613-5.461 10.027-5.589zM627.328 868.139c-1.461-0.899-2.42-2.488-2.42-4.302 0-1.516 0.67-2.876 1.731-3.799l0.006-0.005c1.344-2.305 3.804-3.83 6.62-3.83 1.429 0 2.767 0.393 3.91 1.076l-0.035-0.019c3.2 1.621 6.315 3.328 10.155 5.333-3.072 2.645-5.547 4.864-8.107 6.955-4.523 3.712-8.235 1.365-11.861-1.408z" />
|
||||
<glyph unicode="" glyph-name="raspap" horiz-adv-x="1031" d="M540.058 281.983c0-104.182-84.446-188.637-188.625-188.637-104.176 0-188.62 84.455-188.62 188.637 0 104.171 84.444 188.625 188.62 188.625 104.179 0 188.625-84.455 188.625-188.625zM351.437 550.062c-147.818 0-268.074-120.259-268.074-268.080 0-147.826 120.257-268.091 268.074-268.091s268.077 120.265 268.077 268.091c0 147.821-120.259 268.080-268.077 268.080zM351.437-58.985c-188 0-340.95 152.958-340.95 340.967 0 188.003 152.95 340.956 340.95 340.956 188.003 0 340.953-152.953 340.953-340.956 0-188.009-152.95-340.967-340.953-340.967zM404.82 698.222c185.52 0 339.484-137.497 365.479-315.929l79.208-5.253c-24.125 224.046-214.339 399.077-444.686 399.077-10.909 0-21.723-0.412-32.433-1.186l5.16-77.823c9.017 0.661 18.093 1.113 27.272 1.113zM404.989 874.303c285.73 0 520.41-222.659 539.731-503.584l78.375-5.205c-16.843 326.355-287.644 586.685-618.106 586.685-14.884 0-29.644-0.561-44.264-1.6l5.157-77.719c12.919 0.928 25.958 1.424 39.106 1.424z" />
|
||||
</font></defs></svg>
|
After Width: | Height: | Size: 5 KiB |
BIN
dist/raspap/css/fonts/RaspAP.ttf
vendored
Executable file
BIN
dist/raspap/css/fonts/RaspAP.ttf
vendored
Executable file
Binary file not shown.
BIN
dist/raspap/css/fonts/RaspAP.woff
vendored
Executable file
BIN
dist/raspap/css/fonts/RaspAP.woff
vendored
Executable file
Binary file not shown.
54
dist/raspap/css/style.css
vendored
Normal file
54
dist/raspap/css/style.css
vendored
Normal file
|
@ -0,0 +1,54 @@
|
|||
/*!
|
||||
* RaspAP-Brands Brand Icons - https://raspap.com
|
||||
* License - https://github.com/billz/RaspAP-Brands-webgui/blob/master/LICENSE
|
||||
*/
|
||||
@font-face {
|
||||
font-family: 'RaspAP';
|
||||
src: url('fonts/RaspAP.eot?e76qs3');
|
||||
src: url('fonts/RaspAP.eot?e76qs3#iefix') format('embedded-opentype'),
|
||||
url('fonts/RaspAP.ttf?e76qs3') format('truetype'),
|
||||
url('fonts/RaspAP.woff?e76qs3') format('woff'),
|
||||
url('fonts/RaspAP.svg?e76qs3#RaspAP') format('svg');
|
||||
font-weight: normal;
|
||||
font-style: normal;
|
||||
font-display: block;
|
||||
}
|
||||
|
||||
[class^="ra-"], [class*=" ra-"] {
|
||||
/* use !important to prevent issues with browser extensions that change ..webfonts */
|
||||
font-family: 'RaspAP' !important;
|
||||
speak: none;
|
||||
font-style: normal;
|
||||
font-weight: normal;
|
||||
font-variant: normal;
|
||||
text-transform: none;
|
||||
line-height: 1;
|
||||
|
||||
/* Better Font Rendering =========== */
|
||||
-webkit-font-smoothing: antialiased;
|
||||
-moz-osx-font-smoothing: grayscale;
|
||||
}
|
||||
|
||||
.ra-wireguard:before {
|
||||
font-size: 1.2rem;
|
||||
content: "\e900";
|
||||
color: #d1d3e2;
|
||||
vertical-align: middle;
|
||||
}
|
||||
|
||||
.card-header .ra-wireguard:before {
|
||||
color: #fff;
|
||||
}
|
||||
|
||||
.sidebar .nav-item.active .nav-link
|
||||
span.ra-wireguard:before {
|
||||
color: #6e707e;
|
||||
}
|
||||
|
||||
.ra-raspap:before {
|
||||
font-size: 4.35rem;
|
||||
content: "\e901";
|
||||
color: #d8224c;
|
||||
margin-left: 0.1em;
|
||||
}
|
||||
|
|
@ -6,7 +6,7 @@ if (!defined('RASPI_CONFIG')) {
|
|||
|
||||
$defaults = [
|
||||
'RASPI_BRAND_TEXT' => 'RaspAP',
|
||||
'RASPI_VERSION' => '2.7.1',
|
||||
'RASPI_VERSION' => '2.7.2',
|
||||
'RASPI_CONFIG_NETWORK' => RASPI_CONFIG.'/networking/defaults.json',
|
||||
'RASPI_ADMIN_DETAILS' => RASPI_CONFIG.'/raspap.auth',
|
||||
'RASPI_WIFI_AP_INTERFACE' => 'wlan0',
|
||||
|
@ -26,6 +26,8 @@ $defaults = [
|
|||
'RASPI_OPENVPN_CLIENT_CONFIG' => '/etc/openvpn/client/client.conf',
|
||||
'RASPI_OPENVPN_CLIENT_LOGIN' => '/etc/openvpn/client/login.conf',
|
||||
'RASPI_OPENVPN_SERVER_CONFIG' => '/etc/openvpn/server/server.conf',
|
||||
'RASPI_WIREGUARD_PATH' => '/etc/wireguard/',
|
||||
'RASPI_WIREGUARD_CONFIG' => RASPI_WIREGUARD_PATH.'wg0.conf',
|
||||
'RASPI_TORPROXY_CONFIG' => '/etc/tor/torrc',
|
||||
'RASPI_LIGHTTPD_CONFIG' => '/etc/lighttpd/lighttpd.conf',
|
||||
'RASPI_ACCESS_CHECK_IP' => '1.1.1.1',
|
||||
|
@ -42,6 +44,7 @@ $defaults = [
|
|||
'RASPI_DHCP_ENABLED' => true,
|
||||
'RASPI_ADBLOCK_ENABLED' => false,
|
||||
'RASPI_OPENVPN_ENABLED' => false,
|
||||
'RASPI_WIREGUARD_ENABLED' => false,
|
||||
'RASPI_TORPROXY_ENABLED' => false,
|
||||
'RASPI_CONFAUTH_ENABLED' => true,
|
||||
'RASPI_CHANGETHEME_ENABLED' => true,
|
||||
|
|
|
@ -715,6 +715,33 @@ function getBridgedState()
|
|||
return $arrHostapdConf['BridgedEnable'];
|
||||
}
|
||||
|
||||
/**
|
||||
* Validates the format of a CIDR notation string
|
||||
*
|
||||
* @param string $cidr
|
||||
* @return bool
|
||||
*/
|
||||
function validateCidr($cidr)
|
||||
{
|
||||
$parts = explode('/', $cidr);
|
||||
if(count($parts) != 2) {
|
||||
return false;
|
||||
}
|
||||
$ip = $parts[0];
|
||||
$netmask = intval($parts[1]);
|
||||
|
||||
if($netmask < 0) {
|
||||
return false;
|
||||
}
|
||||
if(filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
|
||||
return $netmask <= 32;
|
||||
}
|
||||
if(filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
|
||||
return $netmask <= 128;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
// Validates a host or FQDN
|
||||
function validate_host($host) {
|
||||
return preg_match('/^([a-z\d](-*[a-z\d])*)(\.([a-z\d](-*[a-z\d])*))*$/i', $host);
|
||||
|
@ -740,3 +767,11 @@ function preg_only_match($pat,$haystack) {
|
|||
}
|
||||
return $match;
|
||||
}
|
||||
|
||||
// Sanitizes a string for QR encoding
|
||||
// @param string $str
|
||||
// @return string
|
||||
function qr_encode($str)
|
||||
{
|
||||
return preg_replace('/(?<!\\\)([\":;,])/', '\\\\\1', $str);
|
||||
}
|
222
includes/wireguard.php
Normal file
222
includes/wireguard.php
Normal file
|
@ -0,0 +1,222 @@
|
|||
<?php
|
||||
|
||||
require_once 'includes/status_messages.php';
|
||||
require_once 'config.php';
|
||||
|
||||
/**
|
||||
* Displays wireguard server & peer configuration
|
||||
*/
|
||||
function DisplayWireGuardConfig()
|
||||
{
|
||||
$status = new StatusMessages();
|
||||
if (!RASPI_MONITOR_ENABLED) {
|
||||
if (isset($_POST['savewgsettings'])) {
|
||||
SaveWireGuardConfig($status);
|
||||
} elseif (isset($_POST['startwg'])) {
|
||||
$status->addMessage('Attempting to start WireGuard', 'info');
|
||||
exec('sudo /bin/systemctl start wg-quick@wg0', $return);
|
||||
foreach ($return as $line) {
|
||||
$status->addMessage($line, 'info');
|
||||
}
|
||||
} elseif (isset($_POST['stopwg'])) {
|
||||
$status->addMessage('Attempting to stop WireGuard', 'info');
|
||||
exec('sudo /bin/systemctl stop wg-quick@wg0', $return);
|
||||
foreach ($return as $line) {
|
||||
$status->addMessage($line, 'info');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// fetch wg config
|
||||
exec('sudo cat '. RASPI_WIREGUARD_CONFIG, $return);
|
||||
$conf = ParseConfig($return);
|
||||
$wg_srvpubkey = exec('sudo cat '. RASPI_WIREGUARD_PATH .'wg-server-public.key', $return);
|
||||
$wg_srvport = ($conf['ListenPort'] == '') ? getDefaultNetValue('wireguard','server','ListenPort') : $conf['ListenPort'];
|
||||
$wg_srvipaddress = ($conf['Address'] == '') ? getDefaultNetValue('wireguard','server','Address') : $conf['Address'];
|
||||
$wg_srvdns = ($conf['DNS'] == '') ? getDefaultNetValue('wireguard','server','DNS') : $conf['DNS'];
|
||||
$wg_peerpubkey = exec('sudo cat '. RASPI_WIREGUARD_PATH .'wg-peer-public.key', $return);
|
||||
if (sizeof($conf) >0) {
|
||||
$wg_senabled = true;
|
||||
}
|
||||
|
||||
// todo: iterate multiple peer configs
|
||||
exec('sudo cat '. RASPI_WIREGUARD_PATH.'client.conf', $preturn);
|
||||
$conf = ParseConfig($preturn);
|
||||
$wg_pipaddress = ($conf['Address'] == '') ? getDefaultNetValue('wireguard','peer','Address') : $conf['Address'];
|
||||
$wg_plistenport = ($conf['ListenPort'] == '') ? getDefaultNetValue('wireguard','peer','ListenPort') : $conf['ListenPort'];
|
||||
$wg_pendpoint = ($conf['Endpoint'] == '') ? getDefaultNetValue('wireguard','peer','Endpoint') : $conf['Endpoint'];
|
||||
$wg_pallowedips = ($conf['AllowedIPs'] == '') ? getDefaultNetValue('wireguard','peer','AllowedIPs') : $conf['AllowedIPs'];
|
||||
$wg_pkeepalive = ($conf['PersistentKeepalive'] == '') ? getDefaultNetValue('wireguard','peer','PersistentKeepalive') : $conf['PersistentKeepalive'];
|
||||
if (sizeof($conf) >0) {
|
||||
$wg_penabled = true;
|
||||
}
|
||||
|
||||
// fetch service status
|
||||
exec('pidof wg-crypt-wg0 | wc -l', $wgstatus);
|
||||
$serviceStatus = $wgstatus[0] == 0 ? "down" : "up";
|
||||
$wg_state = ($wgstatus[0] > 0);
|
||||
|
||||
echo renderTemplate(
|
||||
"wireguard", compact(
|
||||
"status",
|
||||
"wg_state",
|
||||
"serviceStatus",
|
||||
"wg_log",
|
||||
"peer_id",
|
||||
"wg_srvpubkey",
|
||||
"wg_srvport",
|
||||
"wg_srvipaddress",
|
||||
"wg_srvdns",
|
||||
"wg_senabled",
|
||||
"wg_penabled",
|
||||
"wg_pipaddress",
|
||||
"wg_plistenport",
|
||||
"wg_peerpubkey",
|
||||
"wg_pendpoint",
|
||||
"wg_pallowedips",
|
||||
"wg_pkeepalive"
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Validate user input, save wireguard configuration
|
||||
*
|
||||
* @param object $status
|
||||
* @return boolean
|
||||
*/
|
||||
function SaveWireGuardConfig($status)
|
||||
{
|
||||
// Set defaults
|
||||
$good_input = true;
|
||||
$peer_id = 1;
|
||||
// Validate server input
|
||||
if ($_POST['wg_senabled'] == 1) {
|
||||
if (isset($_POST['wg_srvport'])) {
|
||||
if (strlen($_POST['wg_srvport']) > 5 || !is_numeric($_POST['wg_srvport'])) {
|
||||
$status->addMessage('Invalid value for server local port', 'danger');
|
||||
$good_input = false;
|
||||
}
|
||||
}
|
||||
if (isset($_POST['wg_plistenport'])) {
|
||||
if (strlen($_POST['wg_plistenport']) > 5 || !is_numeric($_POST['wg_plistenport'])) {
|
||||
$status->addMessage('Invalid value for peer local port', 'danger');
|
||||
$good_input = false;
|
||||
}
|
||||
}
|
||||
if (isset($_POST['wg_srvipaddress'])) {
|
||||
if (!validateCidr($_POST['wg_srvipaddress'])) {
|
||||
$status->addMessage('Invalid value for server IP address', 'danger');
|
||||
$good_input = false;
|
||||
}
|
||||
}
|
||||
if (isset($_POST['wg_srvdns'])) {
|
||||
if (!filter_var($_POST['wg_srvdns'],FILTER_VALIDATE_IP)) {
|
||||
$status->addMessage('Invalid value for DNS', 'danger');
|
||||
$good_input = false;
|
||||
}
|
||||
}
|
||||
}
|
||||
// Validate peer input
|
||||
if ($_POST['wg_penabled'] == 1) {
|
||||
if (isset($_POST['wg_pipaddress'])) {
|
||||
if (!validateCidr($_POST['wg_pipaddress'])) {
|
||||
$status->addMessage('Invalid value for peer IP address', 'danger');
|
||||
$good_input = false;
|
||||
}
|
||||
}
|
||||
if (isset($_POST['wg_pendpoint']) && strlen(trim($_POST['wg_pendpoint']) >0 )) {
|
||||
$wg_pendpoint_seg = substr($_POST['wg_pendpoint'],0,strpos($_POST['wg_pendpoint'],':'));
|
||||
if (!filter_var($wg_pendpoint_seg,FILTER_VALIDATE_IP)) {
|
||||
$status->addMessage('Invalid value for endpoint address', 'danger');
|
||||
$good_input = false;
|
||||
}
|
||||
}
|
||||
if (isset($_POST['wg_pallowedips']) && strlen(trim($_POST['wg_pallowedips']) >0)) {
|
||||
if (!validateCidr($_POST['wg_pallowedips'])) {
|
||||
$status->addMessage('Invalid value for allowed IPs', 'danger');
|
||||
$good_input = false;
|
||||
}
|
||||
}
|
||||
if (isset($_POST['wg_pkeepalive']) && strlen(trim($_POST['wg_pkeepalive']) >0 )) {
|
||||
if (strlen($_POST['wg_pkeepalive']) > 4 || !is_numeric($_POST['wg_pkeepalive'])) {
|
||||
$status->addMessage('Invalid value for persistent keepalive', 'danger');
|
||||
$good_input = false;
|
||||
}
|
||||
}
|
||||
}
|
||||
// Save settings
|
||||
if ($good_input) {
|
||||
// server (wg0.conf)
|
||||
if ($_POST['wg_senabled'] == 1) {
|
||||
// fetch server private key from filesytem
|
||||
$wg_srvprivkey = exec('sudo cat '. RASPI_WIREGUARD_PATH .'wg-server-private.key', $return);
|
||||
$config[] = '[Interface]';
|
||||
$config[] = 'Address = '.$_POST['wg_srvipaddress'];
|
||||
$config[] = 'ListenPort = '.$_POST['wg_srvport'];
|
||||
$config[] = 'DNS = '.$_POST['wg_srvdns'];
|
||||
$config[] = 'PrivateKey = '.$wg_srvprivkey;
|
||||
$config[] = 'PostUp = '.getDefaultNetValue('wireguard','server','PostUp');
|
||||
$config[] = 'PostDown = '.getDefaultNetValue('wireguard','server','PostDown');
|
||||
$config[] = '';
|
||||
$config[] = '[Peer]';
|
||||
$config[] = 'PublicKey = '.$_POST['wg-peer'];
|
||||
$config[] = 'AllowedIPs = '.$_POST['wg_pallowedips'];
|
||||
if ($_POST['wg_pkeepalive'] !== '') {
|
||||
$config[] = 'PersistentKeepalive = '.trim($_POST['wg_pkeepalive']);
|
||||
}
|
||||
$config[] = '';
|
||||
$config = join(PHP_EOL, $config);
|
||||
|
||||
file_put_contents("/tmp/wgdata", $config);
|
||||
system('sudo cp /tmp/wgdata '.RASPI_WIREGUARD_CONFIG, $return);
|
||||
} else {
|
||||
# remove selected conf + keys
|
||||
system('sudo rm '. RASPI_WIREGUARD_PATH .'wg-server-private.key', $return);
|
||||
system('sudo rm '. RASPI_WIREGUARD_PATH .'wg-server-public.key', $return);
|
||||
system('sudo rm '. RASPI_WIREGUARD_CONFIG, $return);
|
||||
}
|
||||
// client1 (client.conf)
|
||||
if ($_POST['wg_penabled'] == 1) {
|
||||
// fetch peer private key from filesystem
|
||||
$wg_peerprivkey = exec('sudo cat '. RASPI_WIREGUARD_PATH .'wg-peer-private.key', $return);
|
||||
$config = [];
|
||||
$config[] = '[Interface]';
|
||||
$config[] = 'Address = '.trim($_POST['wg_pipaddress']);
|
||||
$config[] = 'PrivateKey = '.$wg_peerprivkey;
|
||||
$config[] = 'ListenPort = '.$_POST['wg_plistenport'];
|
||||
$config[] = '';
|
||||
$config[] = '[Peer]';
|
||||
$config[] = 'PublicKey = '.$_POST['wg-server'];
|
||||
$config[] = 'AllowedIPs = '.$_POST['wg_pallowedips'];
|
||||
$config[] = 'Endpoint = '.$_POST['wg_pendpoint'];
|
||||
if ($_POST['wg_pkeepalive'] !== '') {
|
||||
$config[] = 'PersistentKeepalive = '.trim($_POST['wg_pkeepalive']);
|
||||
}
|
||||
$config[] = '';
|
||||
$config = join(PHP_EOL, $config);
|
||||
|
||||
file_put_contents("/tmp/wgdata", $config);
|
||||
system('sudo cp /tmp/wgdata '.RASPI_WIREGUARD_PATH.'client.conf', $return);
|
||||
} else {
|
||||
# remove selected conf + keys
|
||||
system('sudo rm '. RASPI_WIREGUARD_PATH .'wg-peer-private.key', $return);
|
||||
system('sudo rm '. RASPI_WIREGUARD_PATH .'wg-peer-public.key', $return);
|
||||
system('sudo rm '. RASPI_WIREGUARD_PATH.'client.conf', $return);
|
||||
}
|
||||
|
||||
// handle log option
|
||||
if ($_POST['wg_log'] == "1") {
|
||||
exec("sudo /bin/systemctl status wg-quick@wg0 | sudo tee /tmp/wireguard.log > /dev/null");
|
||||
}
|
||||
foreach ($return as $line) {
|
||||
$status->addMessage($line, 'info');
|
||||
}
|
||||
if ($return == 0) {
|
||||
$status->addMessage('WireGuard configuration updated successfully', 'success');
|
||||
} else {
|
||||
$status->addMessage('WireGuard configuration failed to be updated', 'danger');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
14
index.php
14
index.php
|
@ -14,7 +14,7 @@
|
|||
* @author Lawrence Yau <sirlagz@gmail.com>
|
||||
* @author Bill Zimmerman <billzimmerman@gmail.com>
|
||||
* @license GNU General Public License, version 3 (GPL-3.0)
|
||||
* @version 2.7.1
|
||||
* @version 2.7.2
|
||||
* @link https://github.com/raspap/raspap-insiders/
|
||||
* @link https://raspap.com/
|
||||
* @see http://sirlagz.net/2013/02/08/raspap-webgui/
|
||||
|
@ -45,6 +45,7 @@ require_once 'includes/themes.php';
|
|||
require_once 'includes/data_usage.php';
|
||||
require_once 'includes/about.php';
|
||||
require_once 'includes/openvpn.php';
|
||||
require_once 'includes/wireguard.php';
|
||||
require_once 'includes/torproxy.php';
|
||||
|
||||
$config = getConfig();
|
||||
|
@ -82,6 +83,9 @@ $bridgedEnabled = getBridgedState();
|
|||
<!-- Custom Fonts -->
|
||||
<link href="dist/fontawesome-free/css/all.min.css" rel="stylesheet" type="text/css">
|
||||
|
||||
<!-- RaspAP Fonts -->
|
||||
<link href="dist/raspap/css/style.css" rel="stylesheet" type="text/css">
|
||||
|
||||
<!-- Custom CSS -->
|
||||
<link href="<?php echo $theme_url; ?>" title="main" rel="stylesheet">
|
||||
|
||||
|
@ -161,6 +165,11 @@ $bridgedEnabled = getBridgedState();
|
|||
<?php if (RASPI_OPENVPN_ENABLED) : ?>
|
||||
<li class="nav-item">
|
||||
<a class="nav-link" href="openvpn_conf"><i class="fas fa-key fa-fw mr-2"></i><span class="nav-label"><?php echo _("OpenVPN"); ?></a>
|
||||
</li>
|
||||
<?php endif; ?>
|
||||
<?php if (RASPI_WIREGUARD_ENABLED) : ?>
|
||||
<li class="nav-item">
|
||||
<a class="nav-link" href="wg_conf"><span class="ra-wireguard mr-2"></span><span class="nav-label"><?php echo _("WireGuard"); ?></a>
|
||||
</li>
|
||||
<?php endif; ?>
|
||||
<?php if (RASPI_TORPROXY_ENABLED) : ?>
|
||||
|
@ -259,6 +268,9 @@ $bridgedEnabled = getBridgedState();
|
|||
case "/openvpn_conf":
|
||||
DisplayOpenVPNConfig();
|
||||
break;
|
||||
case "/wg_conf":
|
||||
DisplayWireGuardConfig();
|
||||
break;
|
||||
case "/torproxy_conf":
|
||||
DisplayTorProxyConfig();
|
||||
break;
|
||||
|
|
|
@ -28,7 +28,12 @@ readonly raspap_network="$raspap_dir/networking/"
|
|||
readonly rulesv4="/etc/iptables/rules.v4"
|
||||
readonly notracking_url="https://raw.githubusercontent.com/notracking/hosts-blocklists/master/"
|
||||
webroot_dir="/var/www/html"
|
||||
git_source_url="https://github.com/$repo" # $repo from install.raspap.com
|
||||
|
||||
if [ "$insiders" == 1 ]; then
|
||||
repo="RaspAP/raspap-insiders"
|
||||
branch=${RASPAP_INSIDERS_LATEST}
|
||||
fi
|
||||
git_source_url="https://github.com/$repo"
|
||||
|
||||
# NOTE: all the below functions are overloadable for system-specific installs
|
||||
function _install_raspap() {
|
||||
|
@ -51,6 +56,7 @@ function _install_raspap() {
|
|||
_prompt_install_adblock
|
||||
_prompt_install_openvpn
|
||||
_install_features
|
||||
_prompt_install_wireguard
|
||||
_patch_system_files
|
||||
_install_complete
|
||||
}
|
||||
|
@ -93,7 +99,7 @@ function _config_installation() {
|
|||
fi
|
||||
echo "${opt[1]} lighttpd directory: ${webroot_dir}"
|
||||
if [ "$upgrade" == 1 ]; then
|
||||
echo "This will upgrade your existing install to version ${RASPAP_LATEST}"
|
||||
echo "This will upgrade your existing install to version ${RASPAP_RELEASE}"
|
||||
echo "Your configuration will NOT be changed"
|
||||
fi
|
||||
echo -n "Complete ${opt[2]} with these values? [Y/n]: "
|
||||
|
@ -334,6 +340,49 @@ function _prompt_install_openvpn() {
|
|||
fi
|
||||
}
|
||||
|
||||
# Prompt to install WireGuard
|
||||
function _prompt_install_wireguard() {
|
||||
if [ "$insiders" == 1 ]; then
|
||||
_install_log "Configure WireGuard support"
|
||||
echo -n "Install WireGuard and enable VPN tunnel configuration? [Y/n]: "
|
||||
if [ "$assume_yes" == 0 ]; then
|
||||
read answer < /dev/tty
|
||||
if [ "$answer" != "${answer#[Nn]}" ]; then
|
||||
echo -e
|
||||
else
|
||||
_install_wireguard
|
||||
fi
|
||||
elif [ "$wg_option" == 1 ]; then
|
||||
_install_wireguard
|
||||
else
|
||||
echo "(Skipped)"
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
# Install Wireguard from the Debian unstable distro
|
||||
function _install_wireguard() {
|
||||
_install_log "Configure WireGuard support"
|
||||
if [ "$OS" == "Raspbian" ]; then
|
||||
echo "Installing raspberrypi-kernel-headers"
|
||||
sudo apt-get install $apt_option raspberrypi-kernel-headers || _install_status 1 "Unable to install raspberrypi-kernel-headers"
|
||||
fi
|
||||
echo "Installing WireGuard from Debian unstable distro"
|
||||
echo "Adding Debian distro"
|
||||
echo "deb http://deb.debian.org/debian/ unstable main" | sudo tee --append /etc/apt/sources.list.d/unstable.list || _install_status 1 "Unable to append to sources.list"
|
||||
sudo apt-get install dirmngr || _install_status 1 "Unable to install dirmngr"
|
||||
echo "Adding Debian distro keys"
|
||||
sudo wget -q -O - https://ftp-master.debian.org/keys/archive-key-$(lsb_release -sr).asc | sudo apt-key add - || _install_status 1 "Unable to add keys"
|
||||
printf 'Package: *\nPin: release a=unstable\nPin-Priority: 150\n' | sudo tee --append /etc/apt/preferences.d/limit-unstable || _install_status 1 "Unable to append to preferences.d"
|
||||
echo "Installing WireGuard"
|
||||
sudo apt-get update && sudo apt-get install $apt_option wireguard || _install_status 1 "Unable to install wireguard"
|
||||
echo "Enabling wg-quick@wg0"
|
||||
sudo systemctl enable wg-quick@wg0 || _install_status 1 "Failed to enable wg-quick service"
|
||||
echo "Enabling WireGuard management option"
|
||||
sudo sed -i "s/\('RASPI_WIREGUARD_ENABLED', \)false/\1true/g" "$webroot_dir/includes/config.php" || _install_status 1 "Unable to modify config.php"
|
||||
_install_status 0
|
||||
}
|
||||
|
||||
# Install openvpn and enable client configuration option
|
||||
function _install_openvpn() {
|
||||
_install_log "Installing OpenVPN and enabling client configuration"
|
||||
|
|
|
@ -41,8 +41,11 @@ www-data ALL=(ALL) NOPASSWD:/etc/raspap/openvpn/configauth.sh
|
|||
www-data ALL=(ALL) NOPASSWD:/etc/raspap/openvpn/openvpnlog.sh
|
||||
www-data ALL=(ALL) NOPASSWD:/bin/chmod o+r /tmp/hostapd.log
|
||||
www-data ALL=(ALL) NOPASSWD:/bin/chmod o+r /tmp/dnsmasq.log
|
||||
www-data ALL=(ALL) NOPASSWD:/bin/chmod o+r /tmp/wireguard.log
|
||||
www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/dnsmasqdata /etc/dnsmasq.d/090_adblock.conf
|
||||
www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/dnsmasq_custom /etc/raspap/adblock/custom.txt
|
||||
www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/wgdata /etc/wireguard/*.conf
|
||||
www-data ALL=(ALL) NOPASSWD:/bin/mv /tmp/wg-*.key /etc/wireguard/wg-*.key
|
||||
www-data ALL=(ALL) NOPASSWD:/etc/raspap/adblock/update_blocklist.sh
|
||||
www-data ALL=(ALL) NOPASSWD:/usr/bin/socat - /dev/ttyUSB[0-9]
|
||||
www-data ALL=(ALL) NOPASSWD:/usr/local/sbin/onoff_huawei_hilink.sh *
|
||||
|
@ -50,3 +53,10 @@ www-data ALL=(ALL) NOPASSWD:/bin/sed -i * /etc/wvdial.conf
|
|||
www-data ALL=(ALL) NOPASSWD:/bin/sed -i * /etc/udev/rules.d/80-raspap-net-devices.rules
|
||||
www-data ALL=(ALL) NOPASSWD:/usr/bin/tee -a /etc/udev/rules.d/80-raspap-net-devices.rules
|
||||
www-data ALL=(ALL) NOPASSWD:/usr/local/sbin/switchClientState.sh *
|
||||
www-data ALL=(ALL) NOPASSWD:/usr/bin/tee /tmp/wireguard.log
|
||||
www-data ALL=(ALL) NOPASSWD:/bin/systemctl * wg-quick@wg0
|
||||
www-data ALL=(ALL) NOPASSWD:/usr/bin/wg
|
||||
www-data ALL=(ALL) NOPASSWD:/bin/cat /etc/wireguard/*.conf
|
||||
www-data ALL=(ALL) NOPASSWD:/bin/cat /etc/wireguard/wg-*.key
|
||||
www-data ALL=(ALL) NOPASSWD:/bin/rm /etc/wireguard/*.conf
|
||||
www-data ALL=(ALL) NOPASSWD:/bin/rm /etc/wireguard/wg-*.key
|
|
@ -15,11 +15,11 @@
|
|||
# -c, --cert, --certficate Installs mkcert and generates an SSL certificate for lighttpd
|
||||
# -o, --openvpn <flag> Used with -y, --yes, sets OpenVPN install option (0=no install)
|
||||
# -a, --adblock <flag> Used with -y, --yes, sets Adblock install option (0=no install)
|
||||
# -r, --repo, --repository <name> Overrides the default GitHub repo (raspap/raspap-webgui)
|
||||
# -r, --repo, --repository <name> Overrides the default GitHub repo (RaspAP/raspap-webgui)
|
||||
# -b, --branch <name> Overrides the default git branch (master)
|
||||
# -t, --token <accesstoken> Token to access a private repository
|
||||
# -t, --token <accesstoken> Specify a GitHub token to access a private repository
|
||||
# -u, --upgrade Upgrades an existing installation to the latest release version
|
||||
# -i, --insiders Installs from the Insiders Edition (raspap/raspap-insiders)
|
||||
# -i, --insiders Installs from the Insiders Edition (RaspAP/raspap-insiders)
|
||||
# -v, --version Outputs release info and exits
|
||||
# -h, --help Outputs usage notes and exits
|
||||
#
|
||||
|
@ -37,7 +37,7 @@ set -eo pipefail
|
|||
|
||||
function _main() {
|
||||
# set defaults
|
||||
repo="raspap/raspap-webgui" # override with -r, --repo option
|
||||
repo="RaspAP/raspap-webgui" # override with -r, --repo option
|
||||
_parse_params "$@"
|
||||
_setup_colors
|
||||
_log_output
|
||||
|
@ -45,11 +45,12 @@ function _main() {
|
|||
}
|
||||
|
||||
function _parse_params() {
|
||||
# default flag values
|
||||
# default option values
|
||||
assume_yes=0
|
||||
upgrade=0
|
||||
ovpn_option=1
|
||||
adblock_option=1
|
||||
insiders=0
|
||||
acctoken=""
|
||||
|
||||
while :; do
|
||||
|
@ -84,7 +85,11 @@ function _parse_params() {
|
|||
upgrade=1
|
||||
;;
|
||||
-i|--insiders)
|
||||
repo="raspap/raspap-insiders"
|
||||
insiders=1
|
||||
;;
|
||||
-t|--token)
|
||||
acctoken="$2"
|
||||
shift
|
||||
;;
|
||||
-t|--token)
|
||||
acctoken="$2"
|
||||
|
@ -132,10 +137,11 @@ OPTIONS:
|
|||
-c, --cert, --certificate Installs an SSL certificate for lighttpd
|
||||
-o, --openvpn <flag> Used with -y, --yes, sets OpenVPN install option (0=no install)
|
||||
-a, --adblock <flag> Used with -y, --yes, sets Adblock install option (0=no install)
|
||||
-r, --repo, --repository <name> Overrides the default GitHub repo (raspap/raspap-webgui)
|
||||
-r, --repo, --repository <name> Overrides the default GitHub repo (RaspAP/raspap-webgui)
|
||||
-b, --branch <name> Overrides the default git branch (latest release)
|
||||
-t, --token <accesstoken> Specify a GitHub token to access a private repository
|
||||
-u, --upgrade Upgrades an existing installation to the latest release version
|
||||
-i, --insiders Installs from the Insiders Edition (raspap/raspap-insiders)
|
||||
-i, --insiders Installs from the Insiders Edition (RaspAP/raspap-insiders)
|
||||
-v, --version Outputs release info and exits
|
||||
-h, --help Outputs usage notes and exits
|
||||
|
||||
|
@ -158,7 +164,7 @@ EOF
|
|||
|
||||
function _version() {
|
||||
_get_release
|
||||
echo -e "RaspAP v${RASPAP_LATEST} - Simple wireless AP setup & management for Debian-based devices"
|
||||
echo -e "RaspAP v${RASPAP_RELEASE} - Simple wireless AP setup & management for Debian-based devices"
|
||||
exit
|
||||
}
|
||||
|
||||
|
@ -172,20 +178,19 @@ function _display_welcome() {
|
|||
echo -e " 88 88 88. .88 88 88. .88 88 88 88"
|
||||
echo -e " dP dP 88888P8 88888P 88Y888P 88 88 dP"
|
||||
echo -e " 88"
|
||||
echo -e " dP version ${RASPAP_LATEST}"
|
||||
echo -e " dP version ${RASPAP_RELEASE}"
|
||||
echo -e "${ANSI_GREEN}"
|
||||
echo -e "The Quick Installer will guide you through a few easy steps${ANSI_RESET}\n\n"
|
||||
}
|
||||
|
||||
# Fetch latest release from GitHub API
|
||||
# Fetch latest release from GitHub or RaspAP Installer API
|
||||
function _get_release() {
|
||||
if [ "$repo" == "raspap/raspap-insiders" ]; then
|
||||
readonly RASPAP_LATEST="Insiders"
|
||||
if [ -z ${branch} ]; then
|
||||
branch="master"
|
||||
fi
|
||||
else
|
||||
readonly RASPAP_LATEST=$(curl -s "https://api.github.com/repos/$repo/releases/latest" | grep -Po '"tag_name": "\K.*?(?=")' )
|
||||
if [ "$insiders" == 1 ]; then
|
||||
readonly RASPAP_INSIDERS_LATEST=$(curl -s "https://install.raspap.com/repos/RaspAP/raspap-insiders/releases/latest/" | grep -Po '"tag_name": "\K.*?(?=")' )
|
||||
readonly RASPAP_RELEASE="${RASPAP_INSIDERS_LATEST} Insiders"
|
||||
else
|
||||
readonly RASPAP_RELEASE="${RASPAP_LATEST}"
|
||||
fi
|
||||
}
|
||||
|
||||
|
@ -230,6 +235,12 @@ function _load_installer() {
|
|||
branch=$RASPAP_LATEST
|
||||
fi
|
||||
|
||||
# add optional auth token header if defined with -t, --token option
|
||||
header=()
|
||||
if [[ ! -z "$acctoken" ]]; then
|
||||
header=(--header "Authorization: token $acctoken")
|
||||
fi
|
||||
|
||||
UPDATE_URL="https://raw.githubusercontent.com/$repo/$branch/"
|
||||
header=()
|
||||
if [[ ! -z "$acctoken" ]]; then
|
||||
|
|
Binary file not shown.
|
@ -10,7 +10,7 @@ msgstr ""
|
|||
"Project-Id-Version: 1.2.1\n"
|
||||
"Report-Msgid-Bugs-To: Bill Zimmerman <billzimmerman@gmail.com>\n"
|
||||
"POT-Creation-Date: 2017-10-19 08:56+0000\n"
|
||||
"PO-Revision-Date: 2020-03-29 00:05+0000\n"
|
||||
"PO-Revision-Date: 2021-03-08 09:00+0000\n"
|
||||
"Last-Translator: Bill Zimmerman <billzimmerman@gmail.com>\n"
|
||||
"Language-Team: \n"
|
||||
"Language: en_US\n"
|
||||
|
@ -725,12 +725,6 @@ msgstr "Cancel"
|
|||
msgid "Enable this option to log <code>openvpn</code> activity."
|
||||
msgstr "Enable this option to log <code>openvpn</code> activity."
|
||||
|
||||
msgid "Cancel"
|
||||
msgstr "Cancel"
|
||||
|
||||
msgid "Cancel"
|
||||
msgstr "Cancel"
|
||||
|
||||
#: includes/torproxy.php
|
||||
msgid "TOR is not running"
|
||||
msgstr "TOR is not running"
|
||||
|
@ -856,3 +850,89 @@ msgstr "Invalid custom IP address found on line "
|
|||
msgid "Invalid custom host found on line "
|
||||
msgstr "Invalid custom host found on line "
|
||||
|
||||
#: includes/wireguard.php
|
||||
|
||||
msgid "Tunnel settings"
|
||||
msgstr "Tunnel settings"
|
||||
|
||||
msgid "Enable server"
|
||||
msgstr "Enable server"
|
||||
|
||||
msgid "Enable this option to encrypt traffic by creating a tunnel between RaspAP and configured peers."
|
||||
msgstr "Enable this option to encrypt traffic by creating a tunnel between RaspAP and configured peers."
|
||||
|
||||
msgid "This option adds <code>wg0.conf</code> to the WireGuard configuration."
|
||||
msgstr "This option adds <code>wg0.conf</code> to the WireGuard configuration."
|
||||
|
||||
msgid "Local public key"
|
||||
msgstr "Local public key"
|
||||
|
||||
msgid "Local Port"
|
||||
msgstr "Local Port"
|
||||
|
||||
msgid "IP Address"
|
||||
msgstr "IP Address"
|
||||
|
||||
msgid "DNS"
|
||||
msgstr "DNS"
|
||||
|
||||
msgid "Peer"
|
||||
msgstr "Peer"
|
||||
|
||||
msgid "Enable peer"
|
||||
msgstr "Enable peer"
|
||||
|
||||
msgid "Enable this option to encrypt traffic by creating a tunnel between RaspAP and this peer."
|
||||
msgstr "Enable this option to encrypt traffic by creating a tunnel between RaspAP and this peer."
|
||||
|
||||
msgid "This option adds <code>client.conf</code> to the WireGuard configuration."
|
||||
msgstr "This option adds <code>client.conf</code> to the WireGuard configuration."
|
||||
|
||||
msgid "Peer public key"
|
||||
msgstr "Peer public key"
|
||||
|
||||
msgid "Endpoint address"
|
||||
msgstr "Endpoint address"
|
||||
|
||||
msgid "Allowed IPs"
|
||||
msgstr "Allowed IPs"
|
||||
|
||||
msgid "Persistent keepalive"
|
||||
msgstr "Persistent keepalive"
|
||||
|
||||
msgid "Display WireGuard status"
|
||||
msgstr "Display WireGuard status"
|
||||
|
||||
msgid "Enable this option to display an updated WireGuard status."
|
||||
msgstr "Enable this option to display an updated WireGuard status."
|
||||
|
||||
msgid "Scan this QR code with your client to connect to this tunnel"
|
||||
msgstr "Scan this QR code with your client to connect to this tunnel"
|
||||
|
||||
msgid "or download the <code>client.conf</code> file to your device."
|
||||
msgstr "or download the <code>client.conf</code> file to your device."
|
||||
|
||||
msgid "Download"
|
||||
msgstr "Download"
|
||||
|
||||
msgid "Start WireGuard"
|
||||
msgstr "Start WireGuard"
|
||||
|
||||
msgid "Stop WireGuard"
|
||||
msgstr "Stop WireGuard"
|
||||
|
||||
msgid "Information provided by wireguard"
|
||||
msgstr "Information provided by wireguard"
|
||||
|
||||
msgid "Attempting to start WireGuard"
|
||||
msgstr "Attempting to start WireGuard"
|
||||
|
||||
msgid "Attempting to stop WireGuard"
|
||||
msgstr "Attempting to stop WireGuard"
|
||||
|
||||
msgid "WireGuard configuration updated successfully"
|
||||
msgstr "WireGuard configuration updated successfully"
|
||||
|
||||
msgid "WireGuard configuration failed to be updated"
|
||||
msgstr "WireGuard configuration failed to be updated"
|
||||
|
||||
|
|
Binary file not shown.
|
@ -3,8 +3,8 @@ msgstr ""
|
|||
"Project-Id-Version: raspap\n"
|
||||
"Report-Msgid-Bugs-To: Bill Zimmerman <billzimmerman@gmail.com>\n"
|
||||
"POT-Creation-Date: 2017-10-19 08:56+0000\n"
|
||||
"PO-Revision-Date: 2021-01-21 10:40\n"
|
||||
"Last-Translator: Luca Sasdelli\n"
|
||||
"PO-Revision-Date: 2021-03-20 14:38\n"
|
||||
"Last-Translator: Ioma Taani (iomataani)\n"
|
||||
"Language-Team: Italian\n"
|
||||
"Language: it_IT\n"
|
||||
"MIME-Version: 1.0\n"
|
||||
|
@ -361,6 +361,24 @@ msgstr "Registra le richieste DHCP"
|
|||
msgid "Log DNS queries"
|
||||
msgstr "Registra query DNS"
|
||||
|
||||
msgid "Restrict access"
|
||||
msgstr "Limita l'accesso"
|
||||
|
||||
msgid "Limit network access to static clients"
|
||||
msgstr "Limita l'accesso di rete ai client statici"
|
||||
|
||||
msgid "Enable this option if you want RaspAP to <b>ignore any clients</b> which are not specified in the static leases list."
|
||||
msgstr "Abilita questa opzione se vuoi che RaspAP <b>ignori qualsiasi client</b> non sono specificato nell'elenco dei lease statici."
|
||||
|
||||
msgid "This option adds <code>dhcp-ignore</code> to the dnsmasq configuration."
|
||||
msgstr "Questa opzione aggiunge <code>dhcp-ignore</code> alla configurazione di dnsmasq."
|
||||
|
||||
msgid "Clients with a particular hardware MAC address can always be allocated the same IP address."
|
||||
msgstr "I client con un particolare indirizzo MAC possono essere assegnati sempre allo stesso indirizzo IP."
|
||||
|
||||
msgid "This option adds <code>dhcp-host</code> entries to the dnsmasq configuration."
|
||||
msgstr "Questa opzione aggiunge <code>dhcp-host</code> alla configurazione dnsmasq."
|
||||
|
||||
#: includes/hostapd.php
|
||||
msgid "Basic"
|
||||
msgstr "Base"
|
||||
|
@ -676,6 +694,36 @@ msgstr "Tentativo di avviare openvpn in corso"
|
|||
msgid "Attempting to stop openvpn"
|
||||
msgstr "Tentativo di arrestare openvpn in corso"
|
||||
|
||||
msgid "Configurations"
|
||||
msgstr "Configurazioni"
|
||||
|
||||
msgid "Currently available OpenVPN client configurations are displayed below."
|
||||
msgstr "Le configurazioni client OpenVPN attualmente disponibili sono visualizzate di seguito."
|
||||
|
||||
msgid "Activating a configuraton will restart the <code>openvpn-client</code> service."
|
||||
msgstr "Attivando la configurazione si riavvierà il servizio <code>openvpn-client</code>."
|
||||
|
||||
msgid "Delete OpenVPN client"
|
||||
msgstr "Elimina client OpenVPN"
|
||||
|
||||
msgid "Delete client configuration? This cannot be undone."
|
||||
msgstr "Eliminare la configurazione del client? Questa operazione non può essere annullata."
|
||||
|
||||
msgid "Activate OpenVPN client"
|
||||
msgstr "Attiva client OpenVPN"
|
||||
|
||||
msgid "Activate client configuration? This will restart the openvpn-client service."
|
||||
msgstr "Attivare la configurazione del client? Questo riavvierà il servizio openvpn-client."
|
||||
|
||||
msgid "Activate"
|
||||
msgstr "Attiva"
|
||||
|
||||
msgid "Cancel"
|
||||
msgstr "Annulla"
|
||||
|
||||
msgid "Enable this option to log <code>openvpn</code> activity."
|
||||
msgstr "Abilita questa opzione per registrare l'attività di <code>openvpn</code>."
|
||||
|
||||
#: includes/torproxy.php
|
||||
msgid "TOR is not running"
|
||||
msgstr "TOR non è in esecuzione"
|
||||
|
@ -799,3 +847,87 @@ msgstr "Host personalizzato non valido trovato sulla riga "
|
|||
msgid "Invalid custom host found on line "
|
||||
msgstr "Host personalizzato non valido trovato sulla riga "
|
||||
|
||||
msgid "Tunnel settings"
|
||||
msgstr "Impostazioni del tunnel"
|
||||
|
||||
msgid "Enable server"
|
||||
msgstr "Abilita il server"
|
||||
|
||||
msgid "Enable this option to encrypt traffic by creating a tunnel between RaspAP and configured peers."
|
||||
msgstr "Abilita questa opzione per cifrare il traffico creando un tunnel tra RaspAP e peer configurati."
|
||||
|
||||
msgid "This option adds <code>wg0.conf</code> to the WireGuard configuration."
|
||||
msgstr "Questa opzione aggiunge <code>wg0.conf</code> alla configurazione di WireGuard."
|
||||
|
||||
msgid "Local public key"
|
||||
msgstr "Chiave pubblica locale"
|
||||
|
||||
msgid "Local Port"
|
||||
msgstr "Porta locale"
|
||||
|
||||
msgid "IP Address"
|
||||
msgstr "Indirizzo IP"
|
||||
|
||||
msgid "DNS"
|
||||
msgstr "DNS"
|
||||
|
||||
msgid "Peer"
|
||||
msgstr "Peer"
|
||||
|
||||
msgid "Enable peer"
|
||||
msgstr "Abilita peer"
|
||||
|
||||
msgid "Enable this option to encrypt traffic by creating a tunnel between RaspAP and this peer."
|
||||
msgstr "Abilita questa opzione per cifrare il traffico creando un tunnel tra RaspAP e questo peer."
|
||||
|
||||
msgid "This option adds <code>client.conf</code> to the WireGuard configuration."
|
||||
msgstr "Questa opzione aggiunge <code>client.conf</code> alla configurazione di WireGuard."
|
||||
|
||||
msgid "Peer public key"
|
||||
msgstr "Chiave pubblica del peer"
|
||||
|
||||
msgid "Endpoint address"
|
||||
msgstr "Indirizzo di endpoint"
|
||||
|
||||
msgid "Allowed IPs"
|
||||
msgstr "IP consentiti"
|
||||
|
||||
msgid "Persistent keepalive"
|
||||
msgstr "Keepalive permanente"
|
||||
|
||||
msgid "Display WireGuard status"
|
||||
msgstr "Mostra lo stato di WireGuard"
|
||||
|
||||
msgid "Enable this option to display an updated WireGuard status."
|
||||
msgstr "Abilita questa opzione per visualizzare lo stato aggiornato di WireGuard."
|
||||
|
||||
msgid "Scan this QR code with your client to connect to this tunnel"
|
||||
msgstr "Scansiona questo codice QR con il tuo client per connetterti a questo tunnel"
|
||||
|
||||
msgid "or download the <code>client.conf</code> file to your device."
|
||||
msgstr "o scarica il file <code>client.conf</code> sul tuo dispositivo."
|
||||
|
||||
msgid "Download"
|
||||
msgstr "Scarica"
|
||||
|
||||
msgid "Start WireGuard"
|
||||
msgstr "Avvia WireGuard"
|
||||
|
||||
msgid "Stop WireGuard"
|
||||
msgstr "Ferma WireGuard"
|
||||
|
||||
msgid "Information provided by wireguard"
|
||||
msgstr "Informazioni fornite da wireguard"
|
||||
|
||||
msgid "Attempting to start WireGuard"
|
||||
msgstr "Tentativo di avviare WireGuard in corso"
|
||||
|
||||
msgid "Attempting to stop WireGuard"
|
||||
msgstr "Tentativo di arrestare WireGuard in corso"
|
||||
|
||||
msgid "WireGuard configuration updated successfully"
|
||||
msgstr "Configurazione WireGuard aggiornata con successo"
|
||||
|
||||
msgid "WireGuard configuration failed to be updated"
|
||||
msgstr "Impossibile aggiornare la configurazione di WireGuard"
|
||||
|
||||
|
|
55
templates/wg/general.php
Normal file
55
templates/wg/general.php
Normal file
|
@ -0,0 +1,55 @@
|
|||
<!-- wireguard settings tab -->
|
||||
<div class="tab-pane active" id="wgsettings">
|
||||
<div class="row">
|
||||
<div class="col-md-6">
|
||||
<h4 class="mt-3"><?php echo _("Tunnel settings"); ?></h4>
|
||||
<div class="input-group">
|
||||
<div class="custom-control custom-switch">
|
||||
<input class="custom-control-input" id="server_enabled" type="checkbox" name="wg_senabled" value="1" <?php echo $wg_senabled ? ' checked="checked"' : "" ?> aria-describedby="server-description">
|
||||
<label class="custom-control-label" for="server_enabled"><?php echo _("Enable server") ?></label>
|
||||
</div>
|
||||
<p id="wg-description">
|
||||
<small><?php echo _("Enable this option to encrypt traffic by creating a tunnel between RaspAP and configured peers.") ?></small>
|
||||
<small><?php echo _("This option adds <code>wg0.conf</code> to the WireGuard configuration.") ?></small>
|
||||
</p>
|
||||
</div>
|
||||
|
||||
<div class="row">
|
||||
<div class="col-xs-3 col-sm-6">
|
||||
<label for="code"><?php echo _("Local public key"); ?></label>
|
||||
</div>
|
||||
<div class="input-group col-md-12 mb-3">
|
||||
<input type="text" class="form-control" name="wg-server" id="wg-srvpubkey" value="<?php echo htmlspecialchars($wg_srvpubkey, ENT_QUOTES); ?>" />
|
||||
<div class="input-group-append">
|
||||
<button class="btn btn-outline-secondary rounded-right wg-keygen" type="button"><i class="fas fa-magic"></i></button>
|
||||
<span id="wg-server-pubkey-status" class="input-group-addon check-hidden ml-2 mt-1"><i class="fas fa-check"></i></span>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="row">
|
||||
<div class="form-group col-xs-3 col-sm-3">
|
||||
<label for="code"><?php echo _("Local Port"); ?></label>
|
||||
<input type="text" class="form-control" name="wg_srvport" value="<?php echo htmlspecialchars($wg_srvport, ENT_QUOTES); ?>" />
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="row">
|
||||
<div class="form-group col-md-6">
|
||||
<label for="code"><?php echo _("IP Address"); ?></label>
|
||||
<input type="text" class="form-control" name="wg_srvipaddress" value="<?php echo htmlspecialchars($wg_srvipaddress, ENT_QUOTES); ?>" />
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="row">
|
||||
<div class="form-group col-md-6">
|
||||
<label for="code"><?php echo _("DNS"); ?></label>
|
||||
<input type="text" class="form-control" name="wg_srvdns" value="<?php echo htmlspecialchars($wg_srvdns, ENT_QUOTES); ?>" />
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
</div><!-- /.row -->
|
||||
</div><!-- /.tab-pane | settings tab -->
|
||||
|
||||
|
19
templates/wg/logging.php
Normal file
19
templates/wg/logging.php
Normal file
|
@ -0,0 +1,19 @@
|
|||
<!-- wireguard logging tab -->
|
||||
<div class="tab-pane fade" id="wglogging">
|
||||
<div class="row">
|
||||
<div class="col-md-12">
|
||||
<h4 class="mt-3"><?php echo _("Logging"); ?></h4>
|
||||
<div class="custom-control custom-switch">
|
||||
<input class="custom-control-input" id="wg_log" type="checkbox" name="wg_log" value="1" <?php echo $wg_log ? ' checked="checked"' : "" ?> aria-describedby="wg_log">
|
||||
<label class="custom-control-label" for="wg_log"><?php echo _("Display WireGuard status") ?></label>
|
||||
</div>
|
||||
<p><small><?php echo _("Enable this option to display an updated WireGuard status.") ?></small></p>
|
||||
<?php
|
||||
exec('sudo chmod o+r /tmp/wireguard.log');
|
||||
$log = file_get_contents('/tmp/wireguard.log');
|
||||
echo '<textarea class="logoutput my-3">'.htmlspecialchars($log, ENT_QUOTES).'</textarea>';
|
||||
?>
|
||||
</div>
|
||||
</div><!-- /.row -->
|
||||
</div><!-- /.tab-pane | logging tab -->
|
||||
|
82
templates/wg/peers.php
Normal file
82
templates/wg/peers.php
Normal file
|
@ -0,0 +1,82 @@
|
|||
<!-- wireguard peers tab -->
|
||||
<div class="tab-pane fade" id="wgpeers">
|
||||
<div class="row">
|
||||
<div class="col-md-6">
|
||||
<h4 class="mt-3"><?php echo _("Peer"); ?></h4>
|
||||
<div class="input-group">
|
||||
<input type="hidden" name="peer_id" value="1">
|
||||
<div class="custom-control custom-switch">
|
||||
<input class="custom-control-input" id="peer_enabled" type="checkbox" name="wg_penabled" value="1" <?php echo $wg_penabled ? ' checked="checked"' : "" ?> aria-describedby="endpoint-description">
|
||||
<label class="custom-control-label" for="peer_enabled"><?php echo _("Enable peer") ?></label>
|
||||
</div>
|
||||
<p id="wg-description">
|
||||
<small><?php echo _("Enable this option to encrypt traffic by creating a tunnel between RaspAP and this peer.") ?></small>
|
||||
<small><?php echo _("This option adds <code>client.conf</code> to the WireGuard configuration.") ?></small>
|
||||
</p>
|
||||
</div>
|
||||
|
||||
<div class="row">
|
||||
<div class="col-xs-3 col-sm-6 mt-3">
|
||||
<label for="code"><?php echo _("Peer public key"); ?></label>
|
||||
</div>
|
||||
<div class="input-group col-md-12">
|
||||
<input type="text" class="form-control" name="wg-peer" id="wg-peerpubkey" value="<?php echo htmlspecialchars($wg_peerpubkey, ENT_QUOTES); ?>" />
|
||||
<div class="input-group-append">
|
||||
<button class="btn btn-outline-secondary rounded-right wg-keygen" type="button"><i class="fas fa-magic"></i></button>
|
||||
<span id="wg-peer-pubkey-status" class="input-group-addon check-hidden ml-2 mt-1"><i class="fas fa-check"></i></span>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="row">
|
||||
<div class="form-group col-xs-3 col-sm-3 mt-3">
|
||||
<label for="code"><?php echo _("Local Port"); ?></label>
|
||||
<input type="text" class="form-control" name="wg_plistenport" value="<?php echo htmlspecialchars($wg_plistenport, ENT_QUOTES); ?>" />
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="row">
|
||||
<div class="form-group col-xs-3 col-sm-6">
|
||||
<label for="code"><?php echo _("IP Address"); ?></label>
|
||||
<input type="text" class="form-control" name="wg_pipaddress" value="<?php echo htmlspecialchars($wg_pipaddress, ENT_QUOTES); ?>" />
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="row">
|
||||
<div class="form-group col-xs-3 col-sm-6">
|
||||
<label for="code"><?php echo _("Endpoint address"); ?></label>
|
||||
<input type="text" class="form-control" name="wg_pendpoint" value="<?php echo htmlspecialchars($wg_pendpoint, ENT_QUOTES); ?>" />
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="row">
|
||||
<div class="col-xs-3 col-sm-6">
|
||||
<label for="code"><?php echo _("Allowed IPs"); ?></label>
|
||||
<input type="text" class="form-control mb-3" name="wg_pallowedips" value="<?php echo htmlspecialchars($wg_pallowedips, ENT_QUOTES); ?>" />
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="row">
|
||||
<div class="col-xs-3 col-sm-6">
|
||||
<label for="code"><?php echo _("Persistent keepalive"); ?></label>
|
||||
<input type="text" class="form-control col-sm-3 mb-3" name="wg_pkeepalive" value="<?php echo htmlspecialchars($wg_pkeepalive, ENT_QUOTES); ?>" />
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="col-md-6 mt-5">
|
||||
<figure class="figure w-75 ml-3">
|
||||
<?php if ($wg_penabled == true ) : ?>
|
||||
<img src="app/img/wg-qr-code.php" class="figure-img img-fluid" alt="RaspAP Wifi QR code" style="width:100%;">
|
||||
<figcaption class="figure-caption">
|
||||
<?php echo _("Scan this QR code with your client to connect to this tunnel"); ?>
|
||||
<?php echo _("or download the <code>client.conf</code> file to your device."); ?>
|
||||
</figcaption>
|
||||
<button class="btn btn-outline-secondary rounded-right wg-client-dl mt-2" type="button"><?php echo _("Download"); ?> <i class="fas fa-download ml-1"></i></button>
|
||||
<?php endif; ?>
|
||||
</figure>
|
||||
</div>
|
||||
|
||||
</div><!-- /.row -->
|
||||
</div><!-- /.tab-pane | peers tab -->
|
||||
|
53
templates/wireguard.php
Normal file
53
templates/wireguard.php
Normal file
|
@ -0,0 +1,53 @@
|
|||
<?php ob_start() ?>
|
||||
<?php if (!RASPI_MONITOR_ENABLED) : ?>
|
||||
<input type="submit" class="btn btn-outline btn-primary" name="savewgsettings" value="<?php echo _("Save settings"); ?>">
|
||||
<?php if ($wg_state) : ?>
|
||||
<input type="submit" class="btn btn-warning" name="stopwg" value="<?php echo _("Stop WireGuard"); ?>">
|
||||
<?php else : ?>
|
||||
<input type="submit" class="btn btn-success" name="startwg" value="<?php echo _("Start WireGuard"); ?>">
|
||||
<?php endif ?>
|
||||
<?php endif ?>
|
||||
<?php $buttons = ob_get_clean(); ob_end_clean() ?>
|
||||
|
||||
<div class="row">
|
||||
<div class="col-lg-12">
|
||||
<div class="card">
|
||||
<div class="card-header">
|
||||
<div class="row">
|
||||
<div class="col">
|
||||
<span class="ra-wireguard mr-2"></span><?php echo _("WireGuard"); ?>
|
||||
</div>
|
||||
<div class="col">
|
||||
<button class="btn btn-light btn-icon-split btn-sm service-status float-right">
|
||||
<span class="icon text-gray-600"><i class="fas fa-circle service-status-<?php echo $serviceStatus ?>"></i></span>
|
||||
<span class="text service-status">wg <?php echo _($serviceStatus) ?></span>
|
||||
</button>
|
||||
</div>
|
||||
</div><!-- /.row -->
|
||||
</div><!-- /.card-header -->
|
||||
<div class="card-body">
|
||||
<?php $status->showMessages(); ?>
|
||||
<form role="form" action="/wg_conf" enctype="multipart/form-data" method="POST">
|
||||
<?php echo CSRFTokenFieldTag() ?>
|
||||
<!-- Nav tabs -->
|
||||
<ul class="nav nav-tabs">
|
||||
<li class="nav-item"><a class="nav-link active" id="settingstab" href="#wgsettings" data-toggle="tab"><?php echo _("Settings"); ?></a></li>
|
||||
<li class="nav-item"><a class="nav-link" id="peertab" href="#wgpeers" data-toggle="tab"><?php echo _("Peer"); ?></a></li>
|
||||
<li class="nav-item"><a class="nav-link" id="loggingtab" href="#wglogging" data-toggle="tab"><?php echo _("Logging"); ?></a></li>
|
||||
</ul>
|
||||
|
||||
<!-- Tab panes -->
|
||||
<div class="tab-content">
|
||||
<?php echo renderTemplate("wg/general", $__template_data) ?>
|
||||
<?php echo renderTemplate("wg/peers", $__template_data) ?>
|
||||
<?php echo renderTemplate("wg/logging", $__template_data) ?>
|
||||
</div><!-- /.tab-content -->
|
||||
|
||||
<?php echo $buttons ?>
|
||||
</form>
|
||||
</div><!-- /.card-body -->
|
||||
<div class="card-footer"><?php echo _("Information provided by wireguard"); ?></div>
|
||||
</div><!-- /.card -->
|
||||
</div><!-- /.col-lg-12 -->
|
||||
</div><!-- /.row -->
|
||||
|
Loading…
Reference in a new issue