Add bin/ap-ref.sh

2024-08-07 14:41:13 -04:00
parent 99fffc5a12
commit 8008463215
1 changed files with 252 additions and 0 deletions
--- a/bin/ap-ref.sh
+++ b/bin/ap-ref.sh
@@ -0,0 +1,252 @@
+#!/bin/bash
+# Created by srepac@kvmnerds.com
+#
+# Filename:  hotspot
+VER=1.6
+## CHANGELOG:
+# 1.0   03/02/22    Created
+# 1.1   03/03/22    Added ability to always run services at boot (also otgnet network DHCP entry for dnsmasq)
+# 1.2   03/04/22    Add ap0 interface on top of wlan0 for use as hotspot AP
+# 1.3   03/11/22    Create script/service so that AP starts up on boot and make it easy to change hotspot network
+# 1.4   03/12/22    Updated SSID to be hostname-AP; DNSport pick between 53 and 5553; refactoring
+# 1.5   03/14/22    Use the current nameservers for use with dnsmasq
+# 1.6   03/22/22    Consolidated to one script for usage on both Arch and Raspbian
+#
+# This script was written to allow PiKVM to run its wifi as hotspot AP akin to how GoPro is first configured
+#
+#   SSID:         $(hostname)-AP
+#   Passphrase:   pikvmisawesome
+#
+#   Hotspot network IP 10.5.4.1/24   DHCP range 10.5.4.10 - 10.5.4.250
+###
+# Change SSID and PASSPHRASE here
+SSID="$(hostname)-AP"
+PASSPHRASE='pikvmisawesome'
+# Replace the first 3 octets of hotspot network here (change it to whatever you want)  Default: NETWORK="10.5.4"
+NETWORK="10.5.4"
+###
+: '
+Before running this script, you should connect your wifi to SSID first, and then run this script creating ap0
+... that acts like a wifi hotspot that other systems can connect to.
+
+In addition, if the pi eth0/wlan0 is connected to internet, the systems connected to the wifi
+... hotspot will also have internet access.
+' ### end of comments ###
+
+### unblock wifi in the very beginning just in case
+rfkill unblock wifi
+
+if [[ "$1" == "-h" || "$1" == "--help" ]]; then
+  echo "usage:  $0 [-f] where -f forces hotspot to run at boot; default is to run on this session only"
+  exit 1
+fi
+
+if [ -e /usr/local/bin/rw ]; then rw; fi
+set -x
+
+### added 03/14/22 - create list of DNS servers from /etc/resolv.conf
+if [ ! -e /etc/kvmd/custom.dns ]; then
+  NAMESERVERS=$( for i in `grep ^nameserver /etc/resolv.conf | awk '{print $2}' | sort -r -u`; do echo -n "$i,"; done | sed 's/,$//' )
+else
+  # comma separated list of DNS servers to use
+  NAMESERVERS=$( egrep -v '^#' /etc/kvmd/custom.dns )
+fi
+
+### Added on 03/22/22 to allow usage on both Arch and Debian (Raspbian) ###
+case $( grep ^NAME= /etc/os-release | cut -d'"' -f 2 | cut -d' ' -f1 ) in
+  "Arch")
+    # Install required packages if not already installed
+    if [ $( pacman -Q | grep -wc hostapd ) -ne 1 ]; then
+      # first, update db's
+      pacman -Syy
+      # then, install hostapd and dnsmasq packages
+      pacman --noconfirm -S hostapd dnsmasq
+    fi
+    ;;
+  "Debian"|"Raspbian")
+    # install required packages if not already installed
+    if [ $( apt list 2> /dev/null | grep hostapd | grep -cw installed ) -ne 1 ]; then
+      # first, update db's
+      apt-get update
+      # then, install hostapd and dnsmasq packages
+      apt-get install -y hostapd dnsmasq wireless-tools iw
+    fi
+    ;;
+  *)
+    echo "Running on unsupported OS.  Exiting."
+    exit 1
+    ;;
+esac
+
+# Delete and re-create ap0 interface on top of wlan0
+iw dev ap0 del 2> /dev/null
+iw dev wlan0 interface add ap0 type __ap
+
+# Stop any dnsmasq and hostapd services in case already running
+systemctl disable --now hostapd dnsmasq kvmd-otgnet-dnsmasq
+
+sed -i 's#^DAEMON_CONF=.*#DAEMON_CONF=/etc/hostapd/hostapd.conf#' /etc/init.d/hostapd
+
+### Add /var/lib/misc entry in /etc/fstab
+# Required for dnsmasq to keep track of leased IPs and logs
+if [ $( grep -wc misc /etc/fstab ) -ne 1 ]; then
+
+  cat <<FSTAB >> /etc/fstab
+tmpfs /var/lib/misc     tmpfs  mode=0755               0 0
+FSTAB
+
+  # mount /var/lib/misc
+  mount /var/lib/misc
+
+fi
+
+# Backup original /etc/dnsmasq.conf
+if [ ! -e /etc/dnsmas.conf.orig ]; then cp /etc/dnsmasq.conf /etc/dnsmasq.conf.orig; fi
+
+### Create custom /etc/dnsmasq.conf file
+if [[ $( netstat -nap | grep :53\ | grep -v dnsmasq | wc -l ) -eq 0 ]]; then
+  # use dnsmasq default port
+  DNSPORT=53
+else
+  # another dns resolver is listening on port 53, so use different port
+  DNSPORT=5553
+fi
+
+cat <<DNSMASQ > /etc/dnsmasq.conf
+log-facility=/var/lib/misc/dnsmasq.log
+dhcp-range=interface:ap0,${NETWORK}.10,${NETWORK}.250,12h
+port=${DNSPORT}   # use this to listen for DNS requests
+dhcp-option=6,${NAMESERVERS}
+log-queries
+DNSMASQ
+
+ifconfig ap0 down
+ifconfig ap0 up
+ifconfig ap0 ${NETWORK}.1/24
+
+### Add firewall rule to allow ap0 routed through current default static route interface ###
+iptables -t nat -F
+iptables -F
+
+# use the first default static route interface
+IFACE=$( ip route | grep default | awk '{print $5}' | head -1 )
+
+iptables -t nat -A POSTROUTING -o $IFACE -j MASQUERADE
+iptables -A FORWARD -i ap0 -o $IFACE -j ACCEPT
+echo '1' > /proc/sys/net/ipv4/ip_forward
+
+## Add entry in /etc/dhcpcd.conf so that wifi doesn't get a DHCP address
+if [ $( grep -wc nohook /etc/dhcpcd.conf ) -ne 1 ]; then
+
+  cat <<DHCPCD >> /etc/dhcpcd.conf
+interface ap0
+static ip_address=${NETWORK}.1/24
+nohook wpa_supplicant
+DHCPCD
+
+fi
+
+### Add required routed-ap configuration
+if [ ! -e /etc/sysctl.d/routed-ap.conf ]; then
+
+  cat <<ROUTEDAP  > /etc/sysctl.d/routed-ap.conf
+# Enable IPv4 routing
+net.ipv4.ip_forward=1
+ROUTEDAP
+
+fi
+
+### overwrite /etc/hostapd/hostapd.conf config
+cat <<EOF > /etc/hostapd/hostapd.conf
+country_code=US
+interface=ap0
+driver=nl80211
+channel=1
+hw_mode=g
+macaddr_acl=0
+auth_algs=1
+ignore_broadcast_ssid=0
+
+ssid=${SSID}
+wpa=2
+wpa_passphrase=${PASSPHRASE}
+
+wpa_key_mgmt=WPA-PSK
+wpa_pairwise=CCMP
+# Change the broadcasted/multicasted keys after this many seconds.
+wpa_group_rekey=600
+# Change the master key after this many seconds. Master key is used as a basis
+wpa_gmk_rekey=86400
+EOF
+
+systemctl unmask hostapd
+# If -f (force) option is passed in, then enable services to run at boot
+if [[ "$1" == "-f" || "$1" == "--firstboot" ]]; then
+
+  rm -f /usr/bin/hotspot-enable
+  cat <<SCRIPT > /usr/bin/hotspot-enable
+#!/bin/bash
+# Script to enable hotspot at anytime
+set -x
+# Delete and re-create ap0 interface on top of wlan0
+iw dev ap0 del 2> /dev/null
+iw dev wlan0 interface add ap0 type __ap
+
+ifconfig ap0 down
+ifconfig ap0 up
+ifconfig ap0 ${NETWORK}.1/24
+
+iptables -t nat -F
+iptables -F
+iptables -t nat -A POSTROUTING -o $IFACE -j MASQUERADE
+iptables -A FORWARD -i ap0 -o $IFACE -j ACCEPT
+echo '1' > /proc/sys/net/ipv4/ip_forward
+
+systemctl restart hostapd dnsmasq
+SCRIPT
+
+  chmod +x /usr/bin/hotspot-enable
+
+  # Create service file to run hotspot-enable script at boot (that runs with -f option)
+  rm -f /usr/lib/systemd/system/hotspot.service
+  cat <<FWSVC > /usr/lib/systemd/system/hotspot.service
+[Unit]
+Description=Run Hotspot AP at boot
+After=network.target network-online.target nss-lookup.target
+
+[Service]
+User=root
+Type=simple
+ExecStart=/usr/bin/hotspot-enable
+
+[Install]
+WantedBy=multi-user.target
+FWSVC
+
+  # enable and start hotspot.service to start at boot
+  systemctl enable --now hotspot.service hostapd dnsmasq
+
+else
+
+  # disable hotspot.service
+  systemctl disable --now hotspot.service
+
+fi
+
+# Restat hostapd and dnsmasq so the config changes take effect
+systemctl restart hostapd dnsmasq
+
+### Added on 03/03/22 -- just in case kvmd-otgnet-dnsmasq was already running
+# fix it by adding entry for usb0 DHCP
+if [ ! -e /usr/bin/otgnet.sh ]; then
+  wget -O /usr/bin/otgnet.sh  https://kvmnerds.com/PiKVM/otgnet.sh 2> /dev/null
+  chmod +x /usr/bin/otgnet.sh
+fi
+/usr/bin/otgnet.sh
+
+sleep 3
+ip -br a | grep ap0
+iwconfig ap0
+systemctl status hostapd dnsmasq
+
+if [ -e /usr/local/bin/ro ]; then ro; fi