diff --git a/hassio-hostapd/CHANGELOG.md b/hassio-hostapd/CHANGELOG.md index e6bdb50..9824be8 100644 --- a/hassio-hostapd/CHANGELOG.md +++ b/hassio-hostapd/CHANGELOG.md @@ -1,5 +1,18 @@ # Changelog +## [1.0.4] +### Fixed +- Remove networkmanager, net-tools, sudo versions (as per https://github.com/davidramosweb/hassio-addons/pull/15, https://github.com/davidramosweb/hassio-addons/pull/8, https://github.com/davidramosweb/hassio-addons/issues/14, https://github.com/davidramosweb/hassio-addons/issues/13) +- Corrected broadcast address (as per https://github.com/davidramosweb/hassio-addons/pull/1) + + +### Changed +- Allow hidden SSIDs (as per https://github.com/davidramosweb/hassio-addons/pull/6) +- Allow specification of interface name (defaults to wlan0) (as per https://github.com/davidramosweb/hassio-addons/issues/11) +- Added MAC address filtering +- Enabled wmm ("QoS support, also required for full speed on 802.11n/ac/ax") - have tested on mutiple RPIs, but needs further compatibility testing, and potentially moving option to addon config +- Remove interfaces file. Now generate it with specified interface name + ## [1.0.3] ### Fixed - Update apk networkmanager and sudo in Dockefile. diff --git a/hassio-hostapd/README.md b/hassio-hostapd/README.md index a09fa2c..968e983 100644 --- a/hassio-hostapd/README.md +++ b/hassio-hostapd/README.md @@ -26,9 +26,17 @@ The available configuration options are as follows (this is filled in with some "channel": "6", "address": "192.168.99.1", "netmask": "255.255.255.0", - "broadcast": "192.168.99.254" + "broadcast": "192.168.99.255", + "interface": "wlan0", + "hide_ssid": "0", + "allow_mac_addresses": [], + "deny_mac_addresses": ['ab:cd:ef:fe:dc:ba'] } ``` +**Required config options**: ssid, wpa_passphrase, channel, address, netmask, broadcast + +**Optional config options**: interface (defaults to wlan0), hide_ssid (defaults to 0/visible), allow_mac_addresses, deny_mac_addresses + **Note**: _This is just an example, don't copy and paste it! Create your own!_ [buymeacoffee-shield]: https://www.buymeacoffee.com/assets/img/guidelines/download-assets-sm-2.svg diff --git a/hassio-hostapd/config.json b/hassio-hostapd/config.json deleted file mode 100644 index b783a30..0000000 --- a/hassio-hostapd/config.json +++ /dev/null @@ -1,48 +0,0 @@ -{ - "name": "Hassio Hostapd", - "version": "1.0.3", - "slug": "hassio-hostapd", - "description": "Raspberry Pi as hotspot in hass.io", - "arch": ["armhf", "armv7", "aarch64", "amd64", "i386"], - "url": "https://github.com/davidramosweb/hassio-addons/tree/master/hassio-hostapd", - "startup": "system", - "boot": "auto", - "host_network": true, - "apparmor": false, - "host_dbus": true, - "full_access": true, - "privileged": [ - "NET_ADMIN", - "SYS_ADMIN", - "SYS_RAWIO", - "SYS_TIME", - "SYS_NICE" - ], - "devices": [ - "/dev/mem:/dev/mem:rwm" - ], - "map": [ - "config:rw", - "ssl:rw", - "addons:rw", - "share:rw", - "backup:rw" - ], - "options": { - "ssid": "", - "wpa_passphrase": "", - "channel": "6", - "address": "192.168.99.1", - "netmask": "255.255.255.0", - "broadcast": "192.168.99.254" - - }, - "schema": { - "ssid": "str", - "wpa_passphrase": "str", - "channel": "int", - "address": "str", - "netmask": "str", - "broadcast": "str" - } -} diff --git a/hassio-hostapd/hassio-hostapd/Dockerfile b/hassio-hostapd/hassio-hostapd/Dockerfile index 2889a72..5cbd877 100644 --- a/hassio-hostapd/hassio-hostapd/Dockerfile +++ b/hassio-hostapd/hassio-hostapd/Dockerfile @@ -9,11 +9,10 @@ SHELL ["/bin/bash", "-o", "pipefail", "-c"] ENV LANG C.UTF-8 # Install requirements for add-on -RUN apk update && apk add --no-cache bash jq iw hostapd networkmanager=1.20.8-r0 net-tools=1.60_git20140218-r2 sudo=1.8.31-r0 && rm -rf /var/cache/apk/* +RUN apk update && apk add --no-cache bash jq iw hostapd networkmanager net-tools sudo && rm -rf /var/cache/apk/* COPY hostapd.conf / -COPY interfaces /etc/network/interfaces COPY run.sh / RUN chmod a+x /run.sh diff --git a/hassio-hostapd/hassio-hostapd/config.json b/hassio-hostapd/hassio-hostapd/config.json index b783a30..6cfbbb1 100644 --- a/hassio-hostapd/hassio-hostapd/config.json +++ b/hassio-hostapd/hassio-hostapd/config.json @@ -1,6 +1,6 @@ { "name": "Hassio Hostapd", - "version": "1.0.3", + "version": "1.0.4", "slug": "hassio-hostapd", "description": "Raspberry Pi as hotspot in hass.io", "arch": ["armhf", "armv7", "aarch64", "amd64", "i386"], @@ -34,7 +34,11 @@ "channel": "6", "address": "192.168.99.1", "netmask": "255.255.255.0", - "broadcast": "192.168.99.254" + "broadcast": "192.168.99.255", + "interface": "wlan0", + "hide_ssid": "0", + "allow_mac_addresses": [], + "deny_mac_addresses": [] }, "schema": { @@ -43,6 +47,10 @@ "channel": "int", "address": "str", "netmask": "str", - "broadcast": "str" + "broadcast": "str", + "interface": "str", + "hide_ssid": "int", + "allow_mac_addresses": ["str"], + "deny_mac_addresses": ["str"] } } diff --git a/hassio-hostapd/hassio-hostapd/hostapd.conf b/hassio-hostapd/hassio-hostapd/hostapd.conf index 34ca3e2..eeac23d 100644 --- a/hassio-hostapd/hassio-hostapd/hostapd.conf +++ b/hassio-hostapd/hassio-hostapd/hostapd.conf @@ -1,5 +1,5 @@ # This is the name of the WiFi interface we configured above -interface=wlan0 +## removed and added to addon config ## interface=wlan0 # Use the nl80211 driver with the brcmfmac driver driver=nl80211 @@ -11,20 +11,17 @@ hw_mode=g ieee80211n=1 # Enable WMM -wmm_enabled=0 +wmm_enabled=1 # was 0, potential performance increase for wireles n/ac/ax # Enable 40MHz channels with 20ns guard interval ht_capab=[HT40][SHORT-GI-20][DSSS_CCK-40] # Accept all MAC addresses -macaddr_acl=0 +## removed and added to addon config ## macaddr_acl=0 # Bit field: 1=wpa, 2=wep, 3=both auth_algs=1 -# Require clients to know the network name -ignore_broadcast_ssid=0 - # Use WPA2 wpa=2 diff --git a/hassio-hostapd/hassio-hostapd/interfaces b/hassio-hostapd/hassio-hostapd/interfaces deleted file mode 100644 index 6e7c7bc..0000000 --- a/hassio-hostapd/hassio-hostapd/interfaces +++ /dev/null @@ -1 +0,0 @@ -iface wlan0 inet static diff --git a/hassio-hostapd/hassio-hostapd/run.sh b/hassio-hostapd/hassio-hostapd/run.sh index 7ecac59..f898089 100644 --- a/hassio-hostapd/hassio-hostapd/run.sh +++ b/hassio-hostapd/hassio-hostapd/run.sh @@ -3,20 +3,14 @@ # SIGTERM-handler this funciton will be executed when the container receives the SIGTERM signal (when stopping) term_handler(){ echo "Stopping..." - ifdown wlan0 - ip link set wlan0 down - ip addr flush dev wlan0 + ifdown $INTERFACE + ip link set $INTERFACE down + ip addr flush dev $INTERFACE exit 0 } -# Setup signal handlers -trap 'term_handler' SIGTERM - echo "Starting..." -echo "Set nmcli managed no" -nmcli dev set wlan0 managed no - CONFIG_PATH=/data/options.json SSID=$(jq --raw-output ".ssid" $CONFIG_PATH) @@ -25,6 +19,53 @@ CHANNEL=$(jq --raw-output ".channel" $CONFIG_PATH) ADDRESS=$(jq --raw-output ".address" $CONFIG_PATH) NETMASK=$(jq --raw-output ".netmask" $CONFIG_PATH) BROADCAST=$(jq --raw-output ".broadcast" $CONFIG_PATH) +INTERFACE=$(jq --raw-output ".interface" $CONFIG_PATH) +HIDE_SSID=$(jq --raw-output ".hide_ssid" $CONFIG_PATH) +ALLOW_MAC_ADDRESSES=$(jq --raw-output '.allow_mac_addresses | join(" ")' $CONFIG_PATH) +DENY_MAC_ADDRESSES=$(jq --raw-output '.deny_mac_addresses | join(" ")' $CONFIG_PATH) + +# Set interface as wlan0 if not specified in config +if [ ${#INTERFACE} -eq 0 ]; then + INTERFACE="wlan0" +fi + +echo "iface $INTERFACE inet static"$'\n' >> /etc/network/interfaces + +echo "Set nmcli managed no" +nmcli dev set $INTERFACE managed no + +# Setup signal handlers +trap 'term_handler' SIGTERM + + +### MAC address filtering +## Allow is more restrictive, so we prioritise that and set +## macaddr_acl to 1, and add allowed MAC addresses to hostapd.allow +if [ ${#ALLOW_MAC_ADDRESSES} -ge 1 ]; then + echo "macaddr_acl=1"$'\n' >> /hostapd.conf + ALLOWED=($ALLOW_MAC_ADDRESSES) + for mac in "${ALLOWED[@]}"; do + echo "$mac"$'\n' >> /hostapd.allow + done + echo "accept_mac_file=/hostapd.allow"$'\n' >> /hostapd.conf +## else set macaddr_acl to 0, and add denied MAC addresses to hostapd.deny + else + if [ ${#DENY_MAC_ADDRESSES} -ge 1 ]; then + echo "macaddr_acl=0"$'\n' >> /hostapd.conf + DENIED=($DENY_MAC_ADDRESSES) + for mac in "${DENIED[@]}"; do + echo "$mac"$'\n' >> /hostapd.deny + done + echo "deny_mac_file=/hostapd.deny"$'\n' >> /hostapd.conf +## else set macaddr_acl to 0, with blank allow and deny files + else + echo "macaddr_acl=0"$'\n' >> /hostapd.conf + fi + +fi + +# Add interface to hostapd.conf +echo "interface=$INTERFACE"$'\n' >> /hostapd.conf # Enforces required env variables required_vars=(SSID WPA_PASSPHRASE CHANNEL ADDRESS NETMASK BROADCAST) @@ -35,6 +76,11 @@ for required_var in "${required_vars[@]}"; do fi done +# Sanitise config value for hide_ssid +if [ $HIDE_SSID -ne 1 ]; then + HIDE_SSID=0 +fi + if [[ -n $error ]]; then exit 1 fi @@ -44,6 +90,7 @@ echo "Setup hostapd ..." echo "ssid=$SSID"$'\n' >> /hostapd.conf echo "wpa_passphrase=$WPA_PASSPHRASE"$'\n' >> /hostapd.conf echo "channel=$CHANNEL"$'\n' >> /hostapd.conf +echo "ignore_broadcast_ssid=$HIDE_SSID"$'\n' >> /hostapd.conf # Setup interface echo "Setup interface ..." @@ -53,12 +100,14 @@ echo "Setup interface ..." #ip addr add ${IP_ADDRESS}/24 dev wlan0 #ip link set wlan0 up +ip link set $INTERFACE down + echo "address $ADDRESS"$'\n' >> /etc/network/interfaces echo "netmask $NETMASK"$'\n' >> /etc/network/interfaces echo "broadcast $BROADCAST"$'\n' >> /etc/network/interfaces -ifdown wlan0 -ifup wlan0 +ip link set $INTERFACE up + echo "Starting HostAP daemon ..." -hostapd -d /hostapd.conf & wait ${!} +killall hostapd; hostapd -d /hostapd.conf & wait ${!}