mirror of
				https://github.com/iiab/iiab.git
				synced 2025-03-09 15:40:17 +00:00 
			
		
		
		
	bring cp changes on top of current HEAD
This commit is contained in:
		
							parent
							
								
									f79ce9d236
								
							
						
					
					
						commit
						0a3f9062e0
					
				
					 17 changed files with 305 additions and 287 deletions
				
			
		|  | @ -1,153 +0,0 @@ | |||
| - name: Download & install python-dateutil, sqlite3 | ||||
|   package: | ||||
|     name: "{{ item }}" | ||||
|     state: present | ||||
|   with_items: | ||||
|     - python-dateutil | ||||
|     - sqlite3    # @georgejhunt hopes to move this to 2-common (or more likely 3-base-server, alongside MySQL) in October 2018 | ||||
| 
 | ||||
| - name: Install libapache2-mod-wsgi (debuntu) | ||||
|   package: | ||||
|     name: libapache2-mod-wsgi | ||||
|     state: present | ||||
|   when: is_debuntu | bool | ||||
| 
 | ||||
| - name: Install mod_wsgi (not debuntu) | ||||
|   package: | ||||
|     name: mod_wsgi | ||||
|     state: present | ||||
|   when: not is_debuntu | ||||
| 
 | ||||
| - name: Create directory /opt/iiab/captive-portal for scripts & templates | ||||
|   file: | ||||
|     path: /opt/iiab/captive-portal | ||||
|     state: directory | ||||
|     owner: "{{ apache_user }}" | ||||
| 
 | ||||
| - name: 'Copy scripts: checkurls, capture-wsgi.py' | ||||
|   template: | ||||
|     src: "{{ item.src }}" | ||||
|     dest: /opt/iiab/captive-portal/ | ||||
|     mode: "{{ item.mode }}" | ||||
|   with_items: | ||||
|     - { src: roles/captive-portal/templates/checkurls, mode: '0644' } | ||||
|     - { src: roles/captive-portal/templates/capture-wsgi.py, mode: '0755' } | ||||
| 
 | ||||
| - name: 'Copy templates: simple.template, mac.template' | ||||
|   copy: | ||||
|     src: "{{ item }}" | ||||
|     dest: /opt/iiab/captive-portal/ | ||||
|   with_items: | ||||
|     - roles/captive-portal/files/simple.template | ||||
|     - roles/captive-portal/files/mac.template | ||||
| 
 | ||||
| - name: Copy iiab-catch & iiab-uncatch into /usr/bin/ | ||||
|   template: | ||||
|     src: "{{ item }}" | ||||
|     dest: /usr/bin/ | ||||
|     owner: root | ||||
|     group: root | ||||
|     mode: 0755 | ||||
|   with_items: | ||||
|     - roles/captive-portal/templates/iiab-catch | ||||
|     - roles/captive-portal/templates/iiab-uncatch | ||||
| 
 | ||||
| - name: Run iiab-uncatch to generate diversion lists for dnsmasq and apache2 | ||||
|   shell: /usr/bin/iiab-uncatch | ||||
|       | ||||
| #- name: Install systemd unit file captive-portal.service from template | ||||
| #  template: | ||||
| #    src: roles/captive-portal/templates/captive-portal.service.j2 | ||||
| #    dest: /etc/systemd/system/captive-portal.service | ||||
| #    owner: root | ||||
| #    group: root | ||||
| #    mode: 0644 | ||||
| 
 | ||||
| - name: Install Apache's captive-portal.conf from template if captive_portal_enabled | ||||
|   template: | ||||
|     src: roles/captive-portal/templates/001-captive-portal.conf | ||||
|     dest: /etc/{{ apache_config_dir }}/001-captive-portal.conf | ||||
|     owner: root | ||||
|     group: root | ||||
|     mode: 0644 | ||||
|   when: captive_portal_enabled | bool | ||||
| 
 | ||||
| - name: Enable Apache's captive-portal.conf if captive_portal_enabled (debuntu) | ||||
|   file: | ||||
|     src: /etc/apache2/sites-available/001-captive-portal.conf | ||||
|     path: /etc/apache2/sites-enabled/001-captive-portal.conf | ||||
|     state: link | ||||
|   when: captive_portal_enabled and is_debuntu | ||||
| 
 | ||||
| - name: Enable Apache's default-ssl.conf if captive_portal_enabled (debuntu) | ||||
|   file: | ||||
|     src: /etc/apache2/sites-available/default-ssl.conf | ||||
|     path: /etc/apache2/sites-enabled/default-ssl.conf | ||||
|     state: link | ||||
|   when: captive_portal_enabled and is_debuntu | ||||
| 
 | ||||
| #- name: Enable & Start systemd service captive-portal.service if captive_portal_enabled | ||||
| #  systemd: | ||||
| #    name: captive-portal.service | ||||
| #    daemon-reload: yes | ||||
| #    enabled: yes | ||||
| #    state: started | ||||
| #  when: captive_portal_enabled | bool | ||||
| 
 | ||||
| #- name: Disable & Stop captive-portal.service if not captive_portal_enabled | ||||
| #  systemd: | ||||
| #    name: captive-portal.service | ||||
| #    enabled: no | ||||
| #    state: stopped | ||||
| #  when: not captive_portal_enabled | ||||
| 
 | ||||
| - name: Disable Apache's captive-portal.conf if not captive_portal_enabled (debuntu) | ||||
|   file: | ||||
|     path: /etc/apache2/sites-enabled/001-captive-portal.conf | ||||
|     state: absent | ||||
|   when: not captive_portal_enabled and is_debuntu | ||||
| 
 | ||||
| - name: Disable Apache's default-ssl.conf if not captive_portal_enabled (debuntu) | ||||
|   file: | ||||
|     path: /etc/apache2/sites-enabled/default-ssl.conf | ||||
|     state: absent | ||||
|   when: not captive_portal_enabled and is_debuntu | ||||
| 
 | ||||
| - name: Make sure dnsmasq is not diverting if not captive_portal_enabled | ||||
|   file: | ||||
|     path: /etc/dnsmasq.d/capture | ||||
|     state: absent | ||||
|   when: not captive_portal_enabled | ||||
| 
 | ||||
| - name: Add 'captive_portal_installed' variable values to {{ iiab_state_file }} | ||||
|   lineinfile: | ||||
|     dest: "{{ iiab_state_file }}" | ||||
|     regexp: '^captive_portal_installed' | ||||
|     line: 'captive_portal_installed: True' | ||||
|     state: present | ||||
| 
 | ||||
| - name: Restart Apache service ({{ apache_service }})    # i.e. apache2 on most distros | ||||
|   systemd:  | ||||
|     name: "{{ apache_service }}" | ||||
|     state: restarted | ||||
| 
 | ||||
| #- name: Restart dnsmasq | ||||
| #  systemd: | ||||
| #    name: dnsmasq | ||||
| #    state: restarted | ||||
| #  when: dnsmasq_enabled | bool | ||||
| 
 | ||||
| # ABOVE DOES NOT WORK ON UBUNTU 16.04 -- what follows is a crude hack (seems to work!) | ||||
| 
 | ||||
| - name: Stop dnsmasq | ||||
|   systemd: | ||||
|     name: dnsmasq | ||||
|     state: stopped | ||||
|   when: dnsmasq_enabled | bool | ||||
| 
 | ||||
| - name: Start dnsmasq | ||||
|   systemd: | ||||
|     name: dnsmasq | ||||
|     state: started | ||||
|   when: dnsmasq_enabled | bool | ||||
|    | ||||
|  | @ -1,43 +0,0 @@ | |||
| <VirtualHost _default_:80> | ||||
|    ErrorLog /var/log/apache2/error.log | ||||
|    CustomLog /var/log/apache2/access.log combined | ||||
|    <Directory {{ doc_root }}> | ||||
|        Options Indexes FollowSymLinks | ||||
|        AllowOverride None | ||||
|        Require all granted | ||||
|    </Directory> | ||||
| </VirtualHost> | ||||
| 
 | ||||
| <VirtualHost *:80> | ||||
| 	# The ServerName directive sets the request scheme, hostname and port that | ||||
| 	# the server uses to identify itself. This is used when creating | ||||
| 	# redirection URLs. In the context of virtual hosts, the ServerName | ||||
| 	# specifies what hostname must appear in the request's Host: header to | ||||
| 	# match this virtual host. For the default virtual host (this file) this | ||||
| 	# value is not decisive as it is used as a last resort host regardless. | ||||
| 	# However, you must set it for any further virtual host explicitly. | ||||
| 	ServerName iiab.io | ||||
|    Include /etc/apache2/capture | ||||
| #   ProxyPreserveHost On | ||||
| #   ProxyPass / http://box.lan:{{ captive_portal_port }}/ | ||||
| #   ProxyPassReverse / http://box.lan:{{ captive_portal_port }}/ | ||||
|    ErrorLog /var/log/apache2/cp_error.log | ||||
| WSGIScriptAlias / /opt/iiab/captive-portal/capture-wsgi.py | ||||
| #WSGIScriptAlias / /opt/iiab/captive-portal/test.py | ||||
| WSGIScriptReloading On | ||||
|    <Directory /opt/iiab/captive-portal> | ||||
|        AllowOverride None | ||||
|        Require all granted | ||||
|    </Directory> | ||||
| 
 | ||||
| </VirtualHost> | ||||
| 
 | ||||
| <VirtualHost 127.0.0.1:80> | ||||
|    ErrorLog /var/log/apache2/error.log | ||||
|    CustomLog /var/log/apache2/access.log combined | ||||
|    <Directory /library/www/html> | ||||
|        Options Indexes FollowSymLinks | ||||
|        AllowOverride None | ||||
|        Require all granted | ||||
|    </Directory> | ||||
| </VirtualHost> | ||||
|  | @ -1,15 +0,0 @@ | |||
| [Unit] | ||||
| Description=Captive portal | ||||
| After=syslog.target | ||||
| 
 | ||||
| [Service] | ||||
| Type=simple | ||||
| User=root | ||||
| Group=root | ||||
| WorkingDirectory=/opt/iiab/captive-portal | ||||
| ExecStart=/opt/iiab/captive-portal/capture-wsgi.py -l | ||||
| StandardOutput=syslog | ||||
| StandardError=syslog | ||||
| 
 | ||||
| [Install] | ||||
| WantedBy=multi-user.target | ||||
|  | @ -1,9 +0,0 @@ | |||
| #!/bin/bash -x | ||||
| # substitute our own server to catch OS connectivity checking URL's | ||||
| 
 | ||||
| systemctl stop {{ apache_service }} | ||||
| # systemctl stop captive-portal | ||||
| echo address=/#/172.18.96.1 > /etc/dnsmasq.d/capture | ||||
| /opt/iiab/captive-portal/capture-wsgi.py -d & | ||||
| # write the pid just started | ||||
| echo $! > /opt/iiab/captive-portal/pid | ||||
|  | @ -1,15 +0,0 @@ | |||
| #!/bin/bash -x | ||||
| # Turn off URL recording mode, and return to serving with apache2 | ||||
| 
 | ||||
| kill $(cat /opt/iiab/captive-portal/pid) | ||||
| # during testing, I start capture by hand -- recorded pid may be stale | ||||
| pid=$(ps aux | grep "capture-wsgi.py -d" | grep -v grep | awk '{print $2}') | ||||
| if [ -n "$pid" ]; then | ||||
|     kill $pid | ||||
| fi | ||||
| awk '{print("address=/" $1 "/172.18.96.1")}' /opt/iiab/captive-portal/checkurls > /etc/dnsmasq.d/capture | ||||
| echo "#following tells windows 7 that captive portal is active" >>/etc/dnsmasq.d/capture | ||||
| echo "address=/dns.msftncsi.com/131.107.255.255" >> /etc/dnsmasq.d/capture | ||||
| awk '{print("ServerAlias ",$1)}' /opt/iiab/captive-portal/checkurls > /etc/apache2/capture | ||||
| # systemctl start captive-portal | ||||
| systemctl start {{ apache_service }} | ||||
|  | @ -1,7 +1,7 @@ | |||
| # captive_portal_install: False | ||||
| # captive_portal_enabled: False | ||||
| 
 | ||||
| # captive_portal_port: 9090 | ||||
| # captiveportal_port: 9090 | ||||
| 
 | ||||
| # All above are set in: github.com/iiab/iiab/blob/master/vars/default_vars.yml | ||||
| # If nec, change them by editing /etc/iiab/local_vars.yml prior to installing! | ||||
							
								
								
									
										110
									
								
								roles/captiveportal/tasks/main.yml
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										110
									
								
								roles/captiveportal/tasks/main.yml
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,110 @@ | |||
| - name: Download & install python-dateutil, sqlite3 | ||||
|   package: | ||||
|     name: "{{ item }}" | ||||
|     state: present | ||||
|   with_items: | ||||
|     - python3-dateutil | ||||
|     - python3-jinja2 | ||||
| 
 | ||||
| - name: Create directory /opt/iiab/captiveportal for scripts & templates | ||||
|   file: | ||||
|     path: /opt/iiab/captiveportal | ||||
|     state: directory | ||||
|     owner: "{{ apache_user }}" | ||||
| 
 | ||||
| - name: 'Copy scripts: checkurls, capture-wsgi.py' | ||||
|   template: | ||||
|     src: "{{ item.src }}" | ||||
|     dest: "{{ item.dest }}" | ||||
|     mode: "{{ item.mode }}" | ||||
|   with_items: | ||||
|     - { src: checkurls, mode: '0644', dest: /opt/iiab/captiveportal/ } | ||||
|     - { src: capture-wsgi.py, mode: '0755', dest: /opt/iiab/captiveportal/ } | ||||
|     - { src: iiab-make-cp-servers.py, mode: '0755', dest: /usr/sbin/ } | ||||
|     - { src: iiab-divert-to-nginx, mode: '0755', dest: /usr/sbin/ } | ||||
| 
 | ||||
| - name: 'Copy templates: simple.template, mac.template' | ||||
|   copy: | ||||
|     src: "{{ item }}" | ||||
|     dest: /opt/iiab/captiveportal/ | ||||
|   with_items: | ||||
|     - roles/captiveportal/files/simple.template | ||||
|     - roles/captiveportal/files/mac.template | ||||
| 
 | ||||
| - name: Copy uWSGI config file | ||||
|   template: | ||||
|     src: captiveportal.ini | ||||
|     dest: /etc/uwsgi/apps-available/ | ||||
| 
 | ||||
| - name: Enable uwsgi config for captiveportal | ||||
|   file: | ||||
|     src: /etc/uwsgi/apps-available/captiveportal.ini | ||||
|     path: /etc/uwsgi/apps-enabled/captiveportal.ini | ||||
|     state: link | ||||
|   when: captiveportal_enabled | bool | ||||
| 
 | ||||
| - name: Copy unit file for uWSGI service | ||||
|   template: | ||||
|     src: uwsgi-captiveportal.service | ||||
|     dest: /etc/systemd/system/ | ||||
| 
 | ||||
| - name: Start or restart server which responds to browsers trying to detect a captive portal | ||||
|   systemd:  | ||||
|     name: uwsgi-captiveportal.service | ||||
|     state: restarted | ||||
|   when: captiveportal_enabled | bool | ||||
| 
 | ||||
| - name: Stop uWSGI server if captive portal has been disabled | ||||
|   systemd:  | ||||
|     name: uwsgi-captiveportal.service | ||||
|     state: stopped | ||||
|   when: not captiveportal_enabled | bool | ||||
| 
 | ||||
| - name: Run divert to generate diversion lists for nginx | ||||
|   shell: iiab-divert-to-nginx | ||||
|       | ||||
| - name: Run script to generate nginx servers from checkurls input list | ||||
|   shell: iiab-make-cp-servers.py | ||||
|       | ||||
| - name: Install nginx's captiveportal.conf from template if captiveportal_enabled | ||||
|   template: | ||||
|     src: roles/captiveportal/templates/captiveportal-nginx.conf | ||||
|     dest: /etc/nginx/conf.d/ | ||||
|     owner: root | ||||
|     group: root | ||||
|     mode: 0644 | ||||
|   when: captiveportal_enabled | bool | ||||
| 
 | ||||
| - name: Make sure dnsmasq is not diverting if not captiveportal_enabled | ||||
|   file: | ||||
|     path: /etc/dnsmasq.d/capture | ||||
|     state: absent | ||||
|   when: not captiveportal_enabled | ||||
| 
 | ||||
| - name: Add 'captiveportal_installed' variable values to {{ iiab_state_file }} | ||||
|   lineinfile: | ||||
|     dest: "{{ iiab_state_file }}" | ||||
|     regexp: '^captiveportal_installed' | ||||
|     line: 'captiveportal_installed: True' | ||||
|     state: present | ||||
| 
 | ||||
| #- name: Restart dnsmasq | ||||
| #  systemd: | ||||
| #    name: dnsmasq | ||||
| #    state: restarted | ||||
| #  when: dnsmasq_enabled | bool | ||||
| 
 | ||||
| # ABOVE DOES NOT WORK ON UBUNTU 16.04 -- what follows is a crude hack (seems to work!) | ||||
| 
 | ||||
| - name: Stop dnsmasq | ||||
|   systemd: | ||||
|     name: dnsmasq | ||||
|     state: stopped | ||||
|   when: dnsmasq_enabled | bool | ||||
| 
 | ||||
| - name: Start dnsmasq | ||||
|   systemd: | ||||
|     name: dnsmasq | ||||
|     state: started | ||||
|   when: dnsmasq_enabled | bool | ||||
|    | ||||
							
								
								
									
										9
									
								
								roles/captiveportal/templates/captiveportal-nginx.conf
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										9
									
								
								roles/captiveportal/templates/captiveportal-nginx.conf
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,9 @@ | |||
| location /capture { | ||||
|    rewrite /capture/(.+) /$1 break; | ||||
|    include uwsgi_params; | ||||
|    #uwsgi_pass unix:///tmp/captiveportal.sock; | ||||
|    uwsgi_pass localhost:9090; | ||||
| } | ||||
| 
 | ||||
|    | ||||
| 
 | ||||
							
								
								
									
										12
									
								
								roles/captiveportal/templates/captiveportal.ini
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										12
									
								
								roles/captiveportal/templates/captiveportal.ini
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,12 @@ | |||
| [uwsgi] | ||||
|    uid = www-data | ||||
|    gid = www-data | ||||
|    http-socket = :9090 | ||||
|    chdir = /opt/iiab/captiveportal | ||||
|    wsgi-file = capture-wsgi.py | ||||
|    #wsgi-file = very_simple.py | ||||
|    master = true | ||||
|    plugins = python3 | ||||
|    log-to = /var/log/uwsgi/app/captiveportal.log | ||||
|    #die-on-term = true | ||||
|    py-autoreload = 2 | ||||
|  | @ -1,4 +1,4 @@ | |||
| #! /usr/bin/env python | ||||
| #! /usr/bin/env python3 | ||||
| # -*- coding: utf-8 -*- | ||||
| # using Python's bundled WSGI server | ||||
| 
 | ||||
|  | @ -23,7 +23,7 @@ import re | |||
| #  | ||||
| 
 | ||||
| # Create the jinja2 environment. | ||||
| CAPTIVE_PORTAL_BASE = "/opt/iiab/captive-portal" | ||||
| CAPTIVE_PORTAL_BASE = "/opt/iiab/captiveportal" | ||||
| j2_env = Environment(loader=FileSystemLoader(CAPTIVE_PORTAL_BASE),trim_blocks=True) | ||||
| 
 | ||||
| # Define time outs | ||||
|  | @ -40,45 +40,15 @@ doc_root = get_iiab_env("WWWROOT") | |||
| fully_qualified_domain_name = get_iiab_env("FQDN") | ||||
| 
 | ||||
| 
 | ||||
| loggingLevel = "DEBUG" | ||||
| # set up some logging -- selectable for diagnostics | ||||
| # Create dummy iostream to capture stderr and stdout | ||||
| class StreamToLogger(object): | ||||
|     """ | ||||
|     Fake file-like stream object that redirects writes to a logger instance. | ||||
|     """ | ||||
|     def __init__(self, logger, log_level=logging.INFO): | ||||
|         self.logger = logger | ||||
|         self.log_level = log_level | ||||
|         self.linebuf = '' | ||||
| 
 | ||||
|     def write(self, buf): | ||||
|         for line in buf.rstrip().splitlines(): | ||||
|             self.logger.log(self.log_level, line.rstrip()) | ||||
| 
 | ||||
| #if len(sys.argv) > 1 and sys.argv[1] == '-l': | ||||
| if True: | ||||
|     loggingLevel = logging.DEBUG | ||||
|     try: | ||||
|       os.remove('/var/log/apache2/portal.log') | ||||
|     except: | ||||
|       pass | ||||
| else: | ||||
|     loggingLevel = logging.ERROR | ||||
| 
 | ||||
| # divert stdout and stderr to logger | ||||
| logging.basicConfig(filename='/var/log/apache2/portal.log',format='%(asctime)s.%(msecs)03d:%(name)s:%(message)s', datefmt='%M:%S',level=loggingLevel) | ||||
| logger = logging.getLogger('/var/log/apache2/portal.log') | ||||
| handler = RotatingFileHandler("/var/log/apache2/portal.log", maxBytes=100000, backupCount=2) | ||||
| logger.addHandler(handler) | ||||
| 
 | ||||
| stdout_logger = logging.getLogger('STDOUT') | ||||
| sl = StreamToLogger(stdout_logger, logging.ERROR) | ||||
| sys.stdout = sl | ||||
| 
 | ||||
| stderr_logger = logging.getLogger('STDERR') | ||||
| sl = StreamToLogger(stderr_logger, logging.ERROR) | ||||
| sys.stderr = sl | ||||
| PORT={{ captive_portal_port }} | ||||
| #PORT={{ captiveportal_port }} | ||||
| PORT=9090 | ||||
| 
 | ||||
| 
 | ||||
| # Define globals | ||||
|  | @ -178,12 +148,13 @@ def set_lasttimestamp(ip): | |||
| 
 | ||||
| #  ###################  Action routines based on OS  ################3 | ||||
| def microsoft(environ,start_response): | ||||
|     print('in microsoft') | ||||
|     # firefox -- seems both mac and Windows use it | ||||
|     agent = environ.get('HTTP_USER_AGENT','default_agent') | ||||
|     if agent.startswith('Mozilla'): | ||||
|        return home(environ, start_response)  | ||||
|     logger.debug("sending microsoft redirect") | ||||
|     response_body = "" | ||||
|     response_body = b"" | ||||
|     status = '302 Moved Temporarily' | ||||
|     response_headers = [('Location','http://box.lan/home'), | ||||
|             ('Content-type','text/html'), | ||||
|  | @ -193,7 +164,7 @@ def microsoft(environ,start_response): | |||
| 
 | ||||
| def home(environ,start_response): | ||||
|     logger.debug("sending direct to home") | ||||
|     response_body = "" | ||||
|     response_body = b"" | ||||
|     status = '302 Moved Temporarily' | ||||
|     response_headers = [('Location','http://' + fully_qualified_domain_name + '/home'), | ||||
|             ('Content-type','text/html'), | ||||
|  | @ -220,7 +191,7 @@ def android(environ, start_response): | |||
|         #set_204after(ip,20) | ||||
|         location = '/android_https' | ||||
|     agent = environ.get('HTTP_USER_AGENT','default_agent') | ||||
|     response_body = "hello" | ||||
|     response_body = b"hello" | ||||
|     status = '302 Moved Temporarily' | ||||
|     response_headers = [('Location',location)] | ||||
|     start_response(status, response_headers) | ||||
|  | @ -240,6 +211,7 @@ def android_splash(environ, start_response): | |||
|     elif lang == "es": | ||||
|         txt = es_txt | ||||
|     response_body = str(j2_env.get_template("simple.template").render(**txt)) | ||||
|     response_body = response_body.encode() | ||||
|     status = '200 OK' | ||||
|     response_headers = [('Content-type','text/html'), | ||||
|             ('Content-Length',str(len(response_body)))] | ||||
|  | @ -261,6 +233,7 @@ def android_https(environ, start_response): | |||
|     elif lang == "es": | ||||
|         txt = es_txt | ||||
|     response_body = str(j2_env.get_template("simple.template").render(**txt)) | ||||
|     response_body = response_body.encode() | ||||
|     status = '200 OK' | ||||
|     response_headers = [('Content-type','text/html'), | ||||
|             ('Content-Length',str(len(response_body)))] | ||||
|  | @ -268,9 +241,10 @@ def android_https(environ, start_response): | |||
|     return [response_body] | ||||
| 
 | ||||
| def mac_splash(environ,start_response): | ||||
|     print('in mac_splash') | ||||
|     logger.debug("in function mac_splash") | ||||
|     en_txt={ 'message':"Click on the button to go to the IIAB home page",\ | ||||
|             'btn1':"GO TO IIAB HOME PAGE",'success_token': 'Success', | ||||
|     en_txt={ 'message': "Click on the button to go to the IIAB home page",\ | ||||
|             'btn1': "GO TO IIAB HOME PAGE",'success_token': 'Success', | ||||
|             "FQDN": fully_qualified_domain_name, \ | ||||
|             'doc_root':get_iiab_env("WWWROOT")} | ||||
|     es_txt={ 'message':"Haga clic en el botón para ir a la página de inicio de IIAB",\ | ||||
|  | @ -283,6 +257,7 @@ def mac_splash(environ,start_response): | |||
|         txt = es_txt | ||||
|     set_lasttimestamp(ip) | ||||
|     response_body = str(j2_env.get_template("mac.template").render(**txt)) | ||||
|     response_body = response_body.encode() | ||||
|     status = '200 Success' | ||||
|     response_headers = [('Content-type','text/html'), | ||||
|             ('Content-Length',str(len(response_body)))] | ||||
|  | @ -290,6 +265,7 @@ def mac_splash(environ,start_response): | |||
|     return [response_body] | ||||
| 
 | ||||
| def macintosh(environ, start_response): | ||||
|     print('in macintosh') | ||||
|     global ip | ||||
|     logger.debug("in function mcintosh") | ||||
|     #print >> sys.stderr , "Geo Print to stderr" + environ['HTTP_HOST'] | ||||
|  | @ -302,6 +278,7 @@ def macintosh(environ, start_response): | |||
|         response_body = """<html><head><script> | ||||
|             window.location.reload(true) | ||||
|             </script></body></html>""" | ||||
|         response_body = response_body.encode() | ||||
|         status = '302 Moved Temporarily' | ||||
|         response_headers = [('content','text/html')] | ||||
|         start_response(status, response_headers) | ||||
|  | @ -309,12 +286,6 @@ def macintosh(environ, start_response): | |||
|     else: | ||||
|         return mac_splash(environ,start_response) | ||||
| 
 | ||||
| def microsoft_connect(environ,start_response): | ||||
|     status = '200 ok' | ||||
|     headers = [('Content-type', 'text/html')] | ||||
|     start_response(status, headers) | ||||
|     return ["Microsoft Connect Test"] | ||||
| 
 | ||||
| # =============  Return html pages  ============================ | ||||
| def banner(environ, start_response): | ||||
|     status = '200 OK' | ||||
|  | @ -351,18 +322,18 @@ def null(environ, start_response): | |||
|     status = '404 Not Found' | ||||
|     headers = [('Content-type', 'text/html')] | ||||
|     start_response(status, headers) | ||||
|     return [""] | ||||
|     return [b""] | ||||
| 
 | ||||
| def success(environ, start_response): | ||||
|     status = '200 ok' | ||||
|     html = '<html><head><title>Success</title></head><body>Success</body></html>' | ||||
|     html = b'<html><head><title>Success</title></head><body>Success</body></html>' | ||||
|     headers = [('Content-type', 'text/html')] | ||||
|     start_response(status, headers) | ||||
|     return [html] | ||||
| 
 | ||||
| def put_204(environ, start_response): | ||||
|     status = '204 No Data' | ||||
|     response_body = '' | ||||
|     response_body = b'' | ||||
|     response_headers = [('Content-type','text/html'), | ||||
|             ('Content-Length',str(len(response_body)))] | ||||
|     start_response(status, response_headers) | ||||
|  | @ -371,7 +342,7 @@ def put_204(environ, start_response): | |||
| 
 | ||||
| def put_302(environ, start_response): | ||||
|     status = '302 Moved Temporarily' | ||||
|     response_body = '' | ||||
|     response_body = b'' | ||||
|     location = "http://" + fully_qualified_domain_name + "/home" | ||||
|     response_headers = [('Content-type','text/html'), | ||||
|             ('Location',location),  | ||||
|  | @ -545,5 +516,5 @@ if __name__ == "__main__": | |||
|     ) | ||||
| 
 | ||||
|     httpd.serve_forever() | ||||
| #vim: tabstop=3 expandtab shiftwidth=3 softtabstop=3 background=dark | ||||
| #vim: tabstop=4 expandtab shiftwidth=4 softtabstop=4 background=dark | ||||
| 
 | ||||
							
								
								
									
										111
									
								
								roles/captiveportal/templates/checkurls-nginx
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										111
									
								
								roles/captiveportal/templates/checkurls-nginx
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,111 @@ | |||
| server { | ||||
|     listen 80; | ||||
|     server_name clients3.google.com | ||||
|     rewrite ^clients3.google.com http://127.0.0.1/captive | ||||
| } | ||||
| server { | ||||
|     listen 80; | ||||
|     server_name connectivitycheck.gstatic.com | ||||
|     rewrite ^connectivitycheck.gstatic.com http://127.0.0.1/captive | ||||
| } | ||||
| server { | ||||
|     listen 80; | ||||
|     server_name detectportal.firefox.com | ||||
|     rewrite ^detectportal.firefox.com http://127.0.0.1/captive | ||||
| } | ||||
| server { | ||||
|     listen 80; | ||||
|     server_name *.akamaitechnologies.com | ||||
|     rewrite ^*.akamaitechnologies.com http://127.0.0.1/captive | ||||
| } | ||||
| server { | ||||
|     listen 80; | ||||
|     server_name appleiphonecell.com | ||||
|     rewrite ^appleiphonecell.com http://127.0.0.1/captive | ||||
| } | ||||
| server { | ||||
|     listen 80; | ||||
|     server_name thinkdifferent.us | ||||
|     rewrite ^thinkdifferent.us http://127.0.0.1/captive | ||||
| } | ||||
| server { | ||||
|     listen 80; | ||||
|     server_name *.apple.com.edgekey.net | ||||
|     rewrite ^*.apple.com.edgekey.net http://127.0.0.1/captive | ||||
| } | ||||
| server { | ||||
|     listen 80; | ||||
|     server_name ipv6.msftncsi.com | ||||
|     rewrite ^ipv6.msftncsi.com http://127.0.0.1/captive | ||||
| } | ||||
| server { | ||||
|     listen 80; | ||||
|     server_name ipv6.msftncsi.com.edgesuite.net | ||||
|     rewrite ^ipv6.msftncsi.com.edgesuite.net http://127.0.0.1/captive | ||||
| } | ||||
| server { | ||||
|     listen 80; | ||||
|     server_name www.msftncsi.com | ||||
|     rewrite ^www.msftncsi.com http://127.0.0.1/captive | ||||
| } | ||||
| server { | ||||
|     listen 80; | ||||
|     server_name www.msftncsi.com.edgesuite.net | ||||
|     rewrite ^www.msftncsi.com.edgesuite.net http://127.0.0.1/captive | ||||
| } | ||||
| server { | ||||
|     listen 80; | ||||
|     server_name www.msftconnecttest.com | ||||
|     rewrite ^www.msftconnecttest.com http://127.0.0.1/captive | ||||
| } | ||||
| server { | ||||
|     listen 80; | ||||
|     server_name www.msn.com | ||||
|     rewrite ^www.msn.com http://127.0.0.1/captive | ||||
| } | ||||
| server { | ||||
|     listen 80; | ||||
|     server_name teredo.ipv6.microsoft.com | ||||
|     rewrite ^teredo.ipv6.microsoft.com http://127.0.0.1/captive | ||||
| } | ||||
| server { | ||||
|     listen 80; | ||||
|     server_name teredo.ipv6.microsoft.com.nsatc.net | ||||
|     rewrite ^teredo.ipv6.microsoft.com.nsatc.net http://127.0.0.1/captive | ||||
| } | ||||
| server { | ||||
|     listen 80; | ||||
|     server_name captive.apple.com | ||||
|     rewrite ^captive.apple.com http://127.0.0.1/captive | ||||
| } | ||||
| server { | ||||
|     listen 80; | ||||
|     server_name init-p01st.push.apple.com | ||||
|     rewrite ^init-p01st.push.apple.com http://127.0.0.1/captive | ||||
| } | ||||
| server { | ||||
|     listen 80; | ||||
|     server_name mtalk.google.com | ||||
|     rewrite ^mtalk.google.com http://127.0.0.1/captive | ||||
| } | ||||
| server { | ||||
|     listen 80; | ||||
|     server_name connectivitycheck.android.com | ||||
|     rewrite ^connectivitycheck.android.com http://127.0.0.1/captive | ||||
| } | ||||
| server { | ||||
|     listen 80; | ||||
|     server_name alt7-mtalk.google.com | ||||
|     rewrite ^alt7-mtalk.google.com http://127.0.0.1/captive | ||||
| } | ||||
| server { | ||||
|     listen 80; | ||||
|     server_name alt6-mtalk.google.com | ||||
|     rewrite ^alt6-mtalk.google.com http://127.0.0.1/captive | ||||
| } | ||||
| server { | ||||
|     listen 80; | ||||
|     server_name captive.lan | ||||
|     rewrite ^captive.lan http://127.0.0.1/captive | ||||
| } | ||||
| 
 | ||||
							
								
								
									
										4
									
								
								roles/captiveportal/templates/iiab-divert-to-nginx
									
										
									
									
									
										Executable file
									
								
							
							
						
						
									
										4
									
								
								roles/captiveportal/templates/iiab-divert-to-nginx
									
										
									
									
									
										Executable file
									
								
							|  | @ -0,0 +1,4 @@ | |||
| #!/bin/bash -x | ||||
| awk '{print("address=/" $1 "/ 172.18.96.1")}' /opt/iiab/captiveportal/checkurls > /etc/dnsmasq.d/capture | ||||
| echo "#following tells windows 7 that captive portal is active" >>/etc/dnsmasq.d/capture | ||||
| echo "address=/dns.msftncsi.com/131.107.255.255" >> /etc/dnsmasq.d/capture | ||||
							
								
								
									
										23
									
								
								roles/captiveportal/templates/iiab-make-cp-servers.py
									
										
									
									
									
										Executable file
									
								
							
							
						
						
									
										23
									
								
								roles/captiveportal/templates/iiab-make-cp-servers.py
									
										
									
									
									
										Executable file
									
								
							|  | @ -0,0 +1,23 @@ | |||
| #!/usr/bin/env python3 | ||||
| # read list of online portal checkers, make nginx server blocks  | ||||
| 
 | ||||
| import os | ||||
| outstr = '' | ||||
| 
 | ||||
| os.chdir('{{ iiab_dir }}/roles/captiveportal/templates') | ||||
| with open('checkurls','r') as urls: | ||||
|    for line in urls: | ||||
|       line = line.replace('*','.*') | ||||
|       outstr += 'server {\n' | ||||
|       outstr += '    listen 80;\n' | ||||
|       outstr += '    server_name {};\n'.format(line.strip()) | ||||
|       outstr += '    location / {\n' | ||||
|       outstr += '        proxy_set_header   X-Forwarded-For $remote_addr;\n' | ||||
|       outstr += '        proxy_set_header   Host $http_host;\n' | ||||
|       outstr += '        proxy_pass         "http://127.0.0.1:9090";\n' | ||||
|       outstr += '    }\n'  | ||||
|       outstr += '}\n' | ||||
| #print(outstr) | ||||
| with open('/etc/nginx/sites-available/capture.conf','w') as config: | ||||
|    config.write(outstr) | ||||
| 
 | ||||
							
								
								
									
										13
									
								
								roles/captiveportal/templates/uwsgi-captiveportal.service
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										13
									
								
								roles/captiveportal/templates/uwsgi-captiveportal.service
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,13 @@ | |||
| [Unit] | ||||
| Description=uWSGI Service | ||||
| 
 | ||||
| [Service] | ||||
| ExecStart=/usr/bin/uwsgi --ini  /etc/uwsgi/apps-enabled/captiveportal.ini | ||||
| Restart=always | ||||
| RestartSec=5 | ||||
| KillSignal=SIGQUIT | ||||
| Type=notify | ||||
| NotifyAccess=all | ||||
| 
 | ||||
| [Install] | ||||
| WantedBy=multi-user.target | ||||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue