Simple wireless AP setup & management for Debian-based devices
Find a file
2019-04-13 18:16:01 +02:00
ajax new feature data usage hourly 2019-02-27 20:42:36 +01:00
config Added support for wireless client AP mode 2019-03-06 00:55:31 +01:00
dist Updated styles for configure_client UI elements 2018-11-16 07:34:34 +00:00
img Added 8-bit authors image 2019-03-15 12:40:08 +00:00
includes Updated version number 2019-04-13 15:19:13 +00:00
installers Minor, fixed indent 2019-04-10 09:02:28 +00:00
js new feature data usage hourly 2019-02-27 20:42:36 +01:00
less Added assets + dependencies 2015-02-25 14:08:14 +01:00
locale Update & recompile messages 2019-04-08 16:01:13 +00:00
vendor Added bootstrap-toggle 2019-03-06 10:02:32 +01:00
.gitignore Initial commit 2015-02-28 08:47:39 +01:00
_config.yml Revert "Update _config.yml" 2018-04-10 12:34:57 +02:00
bower.json Updated dependencies 2019-03-06 09:59:03 +01:00
CNAME Create CNAME 2018-04-10 11:41:57 +02:00
CONTRIBUTING.md Create CONTRIBUTING.md 2017-10-23 23:52:43 +02:00
gulpfile.js Added vendor directory & gulp support for better dependency organization + compiling less & js files. added gulp 2018-03-09 02:03:53 +00:00
index.php Updated version number 2019-04-13 15:19:13 +00:00
ISSUE_TEMPLATE.md Update ISSUE_TEMPLATE.md 2019-04-13 18:16:01 +02:00
LICENSE Intial commit 2015-03-02 13:39:45 +01:00
package.json Added vendor directory & gulp support for better dependency organization + compiling less & js files. added gulp 2018-03-09 02:03:53 +00:00
raspap.php Processed with phpcs for PSR-2 coding standard 2019-04-10 08:37:35 +00:00
README.md Update README.md 2019-04-13 18:08:21 +02:00

$ raspap-webgui Release 1.5 Awesome

A simple, responsive web interface to control wifi, hostapd and related services on the Raspberry Pi.

This project was inspired by a blog post by SirLagz about using a web page rather than ssh to configure wifi and hostapd settings on the Raspberry Pi. I began by prettifying the UI by wrapping it in SB Admin 2, a Bootstrap based admin theme. Since then, the project has evolved to include greater control over many aspects of a networked RPi, better security, authentication, a Quick Installer, support for themes and more. RaspAP has been featured on sites such as Instructables, Adafruit, Raspberry Pi Weekly and Awesome Raspberry Pi and implemented in countless projects.

We'd be curious to hear about how you use this with your own RPi-powered projects. Until then, here are some screenshots:

Contents

Prerequisites

Start with a clean install of the latest release of Raspbian (currently Stretch). Raspbian Stretch Lite is recommended.

  1. Update Raspbian, including the kernel and firmware, followed by a reboot:
sudo apt-get update
sudo apt-get dist-upgrade
sudo reboot
  1. Set the WiFi country in raspi-config's Localisation Options: sudo raspi-config

  2. If you have an older Raspberry Pi without an onboard WiFi chipset, the Edimax Wireless 802.11b/g/n nano USB adapter is an excellent option it's small, cheap and has good driver support.

With the prerequisites done, you can proceed with either the Quick installer or Manual installation steps below.

Quick installer

Install RaspAP from your RaspberryPi's shell prompt:

wget -q https://git.io/voEUQ -O /tmp/raspap && bash /tmp/raspap

The installer will complete the steps in the manual installation (below) for you.

After the reboot at the end of the installation the wireless network will be configured as an access point as follows:

  • IP address: 10.3.141.1
    • Username: admin
    • Password: secret
  • DHCP range: 10.3.141.50 to 10.3.141.255
  • SSID: raspi-webgui
  • Password: ChangeMe

Simultaneous AP and Wifi client

RaspAP lets you easily create an AP with a Wifi client configuration (also known as managed mode). When configured as a WiFi client, enable the AP from the Advanced tab of Configure hotspot by sliding the Wifi client AP mode toggle. Save settings and start the hotspot. The managed mode AP is functional without restart.

Support us

RaspAP is free software, but powered by your support. If you find RaspAP useful for your personal projects, please consider making a small donation. We believe strongly about creating high quality, intuitive software for the Raspberry Pi, as well as the importance of keeping it maintained.

Beerpay

Manual installation

These steps apply to the latest release of Raspbian (currently Stretch). Notes for previously released versions are provided, where applicable. Start off by installing git, lighttpd, php7, hostapd and dnsmasq.

sudo apt-get install git lighttpd php7.0-cgi hostapd dnsmasq vnstat

Note: for Raspbian Jessie and Wheezy, replace php7.0-cgi with php5-cgi. After that, enable PHP for lighttpd and restart it for the settings to take effect.

sudo lighttpd-enable-mod fastcgi-php
sudo service lighttpd restart

Now comes the fun part. For security reasons, the www-data user which lighttpd runs under is not allowed to start or stop daemons, or run commands like ifdown and ifup, all of which we want our page to do. So what I have done is added the www-data user to the sudoers file, but with restrictions on what commands the user can run. Add the following to the end of /etc/sudoers:

www-data ALL=(ALL) NOPASSWD:/sbin/ifdown
www-data ALL=(ALL) NOPASSWD:/sbin/ifup
www-data ALL=(ALL) NOPASSWD:/bin/cat /etc/wpa_supplicant/wpa_supplicant.conf
www-data ALL=(ALL) NOPASSWD:/bin/cat /etc/wpa_supplicant/wpa_supplicant-wlan[0-9].conf
www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/wifidata /etc/wpa_supplicant/wpa_supplicant.conf
www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/wifidata /etc/wpa_supplicant/wpa_supplicant-wlan[0-9].conf
www-data ALL=(ALL) NOPASSWD:/sbin/wpa_cli -i wlan[0-9] scan_results
www-data ALL=(ALL) NOPASSWD:/sbin/wpa_cli -i wlan[0-9] scan
www-data ALL=(ALL) NOPASSWD:/sbin/wpa_cli -i wlan[0-9] reconfigure
www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/hostapddata /etc/hostapd/hostapd.conf
www-data ALL=(ALL) NOPASSWD:/etc/init.d/hostapd start
www-data ALL=(ALL) NOPASSWD:/etc/init.d/hostapd stop
www-data ALL=(ALL) NOPASSWD:/etc/init.d/dnsmasq start
www-data ALL=(ALL) NOPASSWD:/etc/init.d/dnsmasq stop
www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/dhcpddata /etc/dnsmasq.conf
www-data ALL=(ALL) NOPASSWD:/sbin/shutdown -h now
www-data ALL=(ALL) NOPASSWD:/sbin/reboot
www-data ALL=(ALL) NOPASSWD:/sbin/ip link set wlan[0-9] down
www-data ALL=(ALL) NOPASSWD:/sbin/ip link set wlan[0-9] up
www-data ALL=(ALL) NOPASSWD:/sbin/ip -s a f label wlan[0-9]
www-data ALL=(ALL) NOPASSWD:/bin/cp /etc/raspap/networking/dhcpcd.conf /etc/dhcpcd.conf
www-data ALL=(ALL) NOPASSWD:/etc/raspap/hostapd/enablelog.sh
www-data ALL=(ALL) NOPASSWD:/etc/raspap/hostapd/disablelog.sh
www-data ALL=(ALL) NOPASSWD:/etc/raspap/hostapd/servicestart.sh

Once those modifications are done, git clone the files to /var/www/html. Note: for older versions of Raspbian (before Jessie, May 2016) use /var/www instead.

sudo rm -rf /var/www/html
sudo git clone https://github.com/billz/raspap-webgui /var/www/html

Set the files ownership to www-data user.

sudo chown -R www-data:www-data /var/www/html

Move the RaspAP configuration file to the correct location

sudo mkdir /etc/raspap
sudo mv /var/www/html/raspap.php /etc/raspap/
sudo chown -R www-data:www-data /etc/raspap

Move the HostAPD logging scripts to the correct location

sudo mkdir /etc/raspap/hostapd
sudo mv /var/www/html/installers/*log.sh /etc/raspap/hostapd 

Add the following lines to /etc/rc.local before exit 0.

echo 1 > /proc/sys/net/ipv4/ip_forward #RASPAP
iptables -t nat -A POSTROUTING -j MASQUERADE #RASPAP 
iptables -t nat -A POSTROUTING -s 192.168.50.0/24 ! -d 192.168.50.0/24 -j MASQUERADE #RASPAP

Force a reload of new settings in /etc/rc.local.

sudo systemctl restart rc-local.service
sudo systemctl daemon-reload

Unmask and enable the hostapd service.

sudo systemctl unmask hostapd.service
sudo systemctl enable hostapd.service

Reboot and it should be up and running!

sudo reboot

The default username is 'admin' and the default password is 'secret'.

Multilingual support

RaspAP uses GNU Gettext to manage multilingual messages. In order to use RaspAP with one of our supported translations, you must configure a corresponding language package on your RPi. To list languages currently installed on your system, use locale -a at the shell prompt. To generate new locales, run sudo dpkg-reconfigure locales and select any other desired locales. Details are provided on our wiki.

The following translations are currently maintained by the project:

  • Deutsch
  • Français
  • Italiano
  • Português
  • Svenska
  • Nederlands
  • 简体中文 (Chinese Simplified)
  • Čeština
  • Русский
  • Español
  • Finnish
  • Sinhala

If your language is not in the list above, why not contribute a translation? Contributors will receive credit as the original translators.

Optional services

OpenVPN and TOR are two additional services that run perfectly well on the RPi, and are a nice way to extend the usefulness of your WiFi router. I've started on interfaces to administer these services. Not everyone will need them, so for the moment they are disabled by default. You can enable them by changing these options in /var/www/html/includes/config.php:

// Optional services, set to true to enable.
define('RASPI_OPENVPN_ENABLED', false );
define('RASPI_TORPROXY_ENABLED', false );

Please note that these are only UI's for now. If there's enough interest I'll complete the funtionality for these optional admin screens.

How to contribute

  1. File an issue in the repository describing the contribution you'd like to make. This will help us get you started on the right foot.
  2. Fork the project in your account and create a new branch: your-great-feature.
  3. Commit your changes in that branch.
  4. Open a pull request, and reference the initial issue in the pull request message.

This project follows the PSR-2 coding style guidelines. There are many ways to check your code for PSR-2. An excellent tool is PHP_CodeSniffer. The command line tool phpcs can be run against any single file. Phing, a PHP build tool, integrates nicely with phpcs to automate PSR-2 checks across all source files in a project.

Reporting issues

Please read this before reporting a bug.

License

See the LICENSE file.