|
#!/bin/bash
|
|
# ══════════════════════════════════════════════════════════════════════
|
|
# setup_captive_portal.sh - Version NetworkManager uniquement
|
|
# Pas besoin de hostapd ni dnsmasq séparément !
|
|
# Usage: sudo bash setup_captive_portal.sh
|
|
# ══════════════════════════════════════════════════════════════════════
|
|
|
|
set -e
|
|
|
|
AP_IP="192.168.4.1"
|
|
AP_INTERFACE="wlan0"
|
|
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
|
|
SERVER_SCRIPT="$SCRIPT_DIR/server.py"
|
|
SERVICE_NAME="freecad-usb-server"
|
|
SSID="FabLab-FreeCAD"
|
|
PASSPHRASE="fablab1234"
|
|
CON_NAME="hotspot"
|
|
|
|
echo "══════════════════════════════════════════════"
|
|
echo " Configuration Hotspot via NetworkManager"
|
|
echo "══════════════════════════════════════════════"
|
|
|
|
if [ "$EUID" -ne 0 ]; then
|
|
echo "❌ Lancez avec: sudo bash setup_captive_portal.sh"
|
|
exit 1
|
|
fi
|
|
|
|
# ── 1. Packages ───────────────────────────────────────────────────────
|
|
echo ""
|
|
echo "📦 [1/5] Vérification des paquets..."
|
|
apt-get install -y network-manager iptables 2>/dev/null || true
|
|
|
|
# Arrête hostapd et dnsmasq s'ils tournent (on n'en a plus besoin)
|
|
systemctl stop hostapd 2>/dev/null || true
|
|
systemctl disable hostapd 2>/dev/null || true
|
|
systemctl stop dnsmasq 2>/dev/null || true
|
|
systemctl disable dnsmasq 2>/dev/null || true
|
|
systemctl stop lighttpd 2>/dev/null || true
|
|
systemctl disable lighttpd 2>/dev/null || true
|
|
|
|
echo " ✓ hostapd/dnsmasq/lighttpd désactivés"
|
|
|
|
# ── 2. NetworkManager gère wlan0 ─────────────────────────────────────
|
|
echo "🔌 [2/5] Configuration NetworkManager..."
|
|
|
|
# Supprime la règle qui bloquait wlan0
|
|
rm -f /etc/NetworkManager/conf.d/no-wlan0.conf
|
|
|
|
# S'assure que NetworkManager est actif
|
|
systemctl enable NetworkManager
|
|
systemctl start NetworkManager
|
|
sleep 2
|
|
|
|
echo " ✓ NetworkManager actif"
|
|
|
|
# ── 3. Création du hotspot WiFi ───────────────────────────────────────
|
|
echo "📡 [3/5] Création du hotspot WiFi '$SSID'..."
|
|
|
|
# Supprime l'ancienne connexion hotspot si elle existe
|
|
nmcli con delete "$CON_NAME" 2>/dev/null || true
|
|
sleep 1
|
|
|
|
# Crée le hotspot
|
|
nmcli con add \
|
|
type wifi \
|
|
ifname $AP_INTERFACE \
|
|
con-name "$CON_NAME" \
|
|
autoconnect yes \
|
|
ssid "$SSID"
|
|
|
|
# Configure le mode Access Point
|
|
nmcli con modify "$CON_NAME" \
|
|
802-11-wireless.mode ap \
|
|
802-11-wireless.band bg \
|
|
802-11-wireless.channel 6
|
|
|
|
# Configure la sécurité WPA2
|
|
nmcli con modify "$CON_NAME" \
|
|
wifi-sec.key-mgmt wpa-psk \
|
|
wifi-sec.psk "$PASSPHRASE"
|
|
|
|
# Configure l'IP fixe et le partage (NetworkManager fait le DHCP automatiquement)
|
|
nmcli con modify "$CON_NAME" \
|
|
ipv4.method shared \
|
|
ipv4.addresses "$AP_IP/24"
|
|
|
|
# Désactive IPv6
|
|
nmcli con modify "$CON_NAME" \
|
|
ipv6.method disabled
|
|
|
|
# Active le hotspot
|
|
nmcli con up "$CON_NAME"
|
|
sleep 3
|
|
|
|
# Vérifie que wlan0 a l'IP
|
|
IP_CHECK=$(ip addr show $AP_INTERFACE | grep "inet $AP_IP" || true)
|
|
if [ -n "$IP_CHECK" ]; then
|
|
echo " ✓ Hotspot actif - WiFi '$SSID' diffusé sur $AP_IP"
|
|
else
|
|
echo " ⚠️ Hotspot créé mais IP non visible encore, continuons..."
|
|
fi
|
|
|
|
# ── 4. iptables: portail captif ───────────────────────────────────────
|
|
echo "🔀 [4/5] Configuration portail captif (iptables)..."
|
|
|
|
# NetworkManager avec ipv4.method=shared fait déjà du NAT
|
|
# On ajoute juste la redirection DNS pour le portail captif
|
|
# Redirige toutes les requêtes DNS vers notre serveur
|
|
iptables -t nat -F PREROUTING 2>/dev/null || true
|
|
iptables -t nat -A PREROUTING -i $AP_INTERFACE -p udp --dport 53 -j REDIRECT --to-port 53 2>/dev/null || true
|
|
iptables -t nat -A PREROUTING -i $AP_INTERFACE -p tcp --dport 80 -j REDIRECT --to-port 80 2>/dev/null || true
|
|
|
|
# Sauvegarde
|
|
mkdir -p /etc/iptables
|
|
iptables-save > /etc/iptables/rules.v4 2>/dev/null || true
|
|
|
|
# Restore au démarrage
|
|
cat > /etc/networkd-dispatcher/routable.d/50-iptables-restore << 'EOF'
|
|
#!/bin/bash
|
|
iptables-restore < /etc/iptables/rules.v4
|
|
EOF
|
|
chmod +x /etc/networkd-dispatcher/routable.d/50-iptables-restore 2>/dev/null || true
|
|
|
|
echo " ✓ iptables configuré"
|
|
|
|
# ── 5. Service freecad-usb-server ────────────────────────────────────
|
|
echo "⚙️ [5/5] Configuration du service web..."
|
|
|
|
cat > /etc/systemd/system/$SERVICE_NAME.service << EOF
|
|
[Unit]
|
|
Description=Serveur FreeCAD USB Upload + Portail Captif
|
|
After=network.target NetworkManager.service
|
|
Wants=NetworkManager.service
|
|
|
|
[Service]
|
|
Type=simple
|
|
User=root
|
|
WorkingDirectory=$SCRIPT_DIR
|
|
ExecStart=/usr/bin/python3 $SERVER_SCRIPT
|
|
Restart=always
|
|
RestartSec=5
|
|
StandardOutput=journal
|
|
StandardError=journal
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
EOF
|
|
|
|
systemctl daemon-reload
|
|
systemctl enable $SERVICE_NAME
|
|
systemctl restart $SERVICE_NAME
|
|
sleep 2
|
|
|
|
systemctl is-active --quiet $SERVICE_NAME \
|
|
&& echo " ✓ Serveur web actif sur http://$AP_IP" \
|
|
|| echo " ⚠️ Problème serveur web: sudo journalctl -u $SERVICE_NAME -n 20"
|
|
|
|
# ── Résumé final ──────────────────────────────────────────────────────
|
|
echo ""
|
|
echo "══════════════════════════════════════════════"
|
|
echo " ✅ Configuration terminée !"
|
|
echo "══════════════════════════════════════════════"
|
|
echo ""
|
|
echo " 📡 WiFi: $SSID"
|
|
echo " 🔑 Mot de passe: $PASSPHRASE"
|
|
echo " 🌐 Portail: http://$AP_IP"
|
|
echo ""
|
|
echo " État:"
|
|
nmcli con show --active | grep -q "$CON_NAME" \
|
|
&& echo " ✓ Hotspot WiFi actif" \
|
|
|| echo " ✗ Hotspot WiFi PROBLÈME"
|
|
systemctl is-active $SERVICE_NAME \
|
|
&& echo " ✓ Serveur web actif" \
|
|
|| echo " ✗ Serveur web PROBLÈME"
|
|
echo ""
|
|
echo " Commandes utiles:"
|
|
echo " nmcli con show $CON_NAME # Info hotspot"
|
|
echo " sudo journalctl -u $SERVICE_NAME -f # Logs serveur"
|
|
echo " ip addr show $AP_INTERFACE # Vérifier IP"
|
|
echo "══════════════════════════════════════════════"
|