#!/usr/bin/haserl --shell=/bin/bash --upload-limit=32768 --upload-dir=/tmp <%# upload limit: 32Mb %> <% ## SuperGlue project | http://superglue.it | 2014-2015 | GPLv3 ## http://git.superglue.it/superglue/serverfiles ## ## admin2.cgi - control panel for Superglue personal server ## ## example POST request: ## curl --data-urlencode 'key=value' http://host/uri ## ## returns: 200 (+ output of operation) on success ## 406 (+ error message in debug mode) on error readonly _WWW='/www' readonly _PWDFILE="/opt/lib/htpasswd" readonly _TMP='/tmp' readonly _LOG="${_WWW}/log/admin.log" readonly _SCRIPTS='/opt/lib/scripts' readonly _DEBUG=1 readonly _IFS=$IFS err() { _ERR="$?" [[ "$_ERR" -gt 0 ]] || return 0 logThis "$1" headerPrint "${2:='400'}" exit "$_ERR" } logThis() { [[ "$_DEBUG" -gt 0 ]] || return 0 local _TYPE='I:' [[ "$_ERR" -gt 0 ]] && _TYPE='E:' local _TIME; printf -v _TIME '%(%d.%m.%Y %H:%M:%S)T' -1 printf '%b\n' "$_TIME $_TYPE ${@} " >> "$_LOG" [[ "$_DEBUG" -gt 1 ]] && printf '%b\n' "[verbose] $_TYPE ${1}" return $_ERR } headerPrint() { case "$1" in 200|'') printf '%b' 'Status: 200 OK\r\n';; 301) printf '%b' "Status: 301 Moved Permanently\r\nLocation: $HTTP_REFERER\r\n";; 403) printf '%b' 'Status: 403 Forbidden\r\n';; 405) printf '%b' 'Status: 405 Method Not Allowed\r\n';; 406) printf '%b' 'Status: 406 Not Acceptable\r\n';; *) printf '%b' 'Status: 400 Bad Request\r\n';; esac printf '%b' 'Content-Type: text/html\r\n\r\n'; } ## faster echo _echo() { printf "%b" "${*}" } urlDec() { local value=${*//+/%20} for part in ${value//%/ \\x}; do printf "%b%s" "${part:0:4}" "${part:4}" done } setQueryVars() { _VARS=( ${!POST_*} ) # local v # for v in ${_VARS[@]}; do # echo $v # v=$(urlDec "${v}") # eval "_${v//POST_/}=${!v}"; # done local v for v in ${_VARS[@]}; do logThis "$v=${!v}" done #echo $POST_lanssid #env } getQueryFile() { # setQueryVars local _UPLD="${HASERL_fwupload_path##*/}" logThis "'multipart': decoding stream" mv "$_TMP/$_UPLD" "$_TMP/fwupload.bin" 2>/dev/null || _ERR=$? if [[ $_ERR -gt 0 ]]; then showMesg 'Firmware upload has failed' '60' 'Reboot your Superglue server and try again' fi } validIp() { local _IP=$1 local _RET=1 if [[ $_IP =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then OIFS=$IFS IFS='.' _IP=($_IP) IFS=$OIFS [[ ${_IP[0]} -le 255 && ${_IP[1]} -le 255 && ${_IP[2]} -le 255 && ${_IP[3]} -le 255 ]] _RET=$? fi return $_RET } pwdChange() { local _USER='admin' local _REALM='superglue' [[ -e $_PWDFILE ]] || showMesg 'Password file not found' [[ -z "${POST_pwd##$POST_pwdd}" ]] || showMesg 'Passwords did not match' [[ ${#POST_pwd} -ge 6 ]] || showMesg 'Password must be at least 6 characters long' local _HASH=$(printf '%s' "$_USER:$_REALM:${POST_pwd}" | md5sum | cut -b -32) && printf '%b' "${POST_pwd}\n${POST_pwd}\n" | passwd root && printf '%b' "$_USER:$_REALM:$_HASH\n" > $_PWDFILE && showMesg 'Password is changed' '2' || showMesg 'Password change failed!' '5' } lanAddr() { logThis "new LAN addr is: $POST_lanipaddr" validIp $POST_lanipaddr || showMesg 'Not valid network address' doUci set lanipaddr $POST_lanipaddr && doUci commit network && dtach -n -zE $_SCRIPTS/net-restart.sh &>/dev/null && showMesg 'New network address is set' '30' "Your server is now accessible under http://superglue.local/admin" || showMesg 'Setting network address failed' } wanSet() { if [[ ! -z $POST_wanifname ]]; then ## eth and wlan wan cases are different! ## eth wan requires: ## config interface 'wan' ## option proto 'dhcp' ## option ifname 'eth0' ## ## wlan wan requires: ## config interface 'wan' ## option proto 'dhcp' (and no 'option ifname' specified!) logThis "wan.ifname=$POST_wanifname" if [[ $POST_wanifname == 'eth0' ]]; then doUci set wanifname $POST_wanifname doUci set wanwifacedis '1' elif [[ $POST_wanifname == 'wlan1' ]]; then doUci set wanifname '' doUci set wanwifacedis '' fi if [[ $POST_wanproto == 'dhcp' ]]; then doUci set wanproto dhcp doUci set wanipaddr '' doUci set wanmask '' doUci set wangw '' doUci set wandns '' elif [[ $POST_wanproto == 'static' ]]; then logThis "wan.ipaddr=$POST_wanipaddr" validIp $POST_wanipaddr || showMesg 'Our IP address is not valid' '3' 'make sure to use correct address notation' validIp $POST_wangw || showMesg 'Gateway is not a valid IP address' '3' 'make sure to use correct address notation' validIp $POST_wandns || showMesg 'DNS is not a valid IP address' '3' 'make sure to use correct address notation' doUci set wanproto static doUci set wanipaddr $POST_wanipaddr doUci set wanmask '255.255.255.0' ## fix me doUci set wangw $POST_wangw doUci set wandns $POST_wandns fi if [[ $POST_wanifname == 'wlan1' ]]; then ssidChange || showMesg 'wanSet: Wireless configuration failed' else doUci commit network && doUci commit wireless && dtach -n -zE $_SCRIPTS/net-restart.sh &>/dev/null fi _ERR=$? [[ $_ERR -eq 0 ]] && showMesg 'Internet connection is being configured' '25' 'check your Internet connection on completion' || showMesg 'Configuring Internet connection failed' '5' fi } ssidChange() { ## check for iface [[ $POST_iface =~ ^('wan'|'lan')$ ]] || showMesg 'Error changing wireless settings' '5' 'unknown or unconfigured interface' logThis "$POST_iface is being set" _p=$POST_iface ## default enc for now local _enc='psk2' if [[ $POST_iface == 'wan' ]]; then local _mode='sta' local _ssid="${POST_wanssid}" local _key="${POST_wankey}" else local _mode='ap' local _ssid="${POST_lanssid}" local _key="${POST_lankey}" fi #logThis "ssid: $_ssid [$_mode], key: $_key [$_enc]" #logThis $POST_wanssid [[ ${#_ssid} -ge 3 ]] || showMesg 'SSID must be at least 3 characters long' doUci set $_p'ssid' "${_ssid}" if [[ -z $_key ]]; then ## if key is empty set encryption to none and remove key doUci set $_p'key' && doUci set $_p'enc' 'none' _ERR=$? else [[ ${#_key} -ge 8 ]] || showMesg 'Passphrase must be at least 8 characters long' doUci set $_p'key' "${_key}" && doUci set $_p'enc' "${_enc}" fi [[ $_ERR -eq 0 ]] || showMesg 'ssidChange: Wireless configuration failed' if [[ $POST_iface == 'lan' ]]; then if [[ "$(doUci get lanipaddr)" != "${POST_lanipaddr}" ]]; then logThis 'local IP was changed' lanAddr fi fi doUci commit wireless _ERR=$? [[ $_ERR -eq 0 ]] && dtach -n -zE $_SCRIPTS/net-restart.sh &>/dev/null || showMesg 'Wireless configuration failed' '5' [[ $POST_iface == 'lan' ]] && showMesg 'Local network configuration is progress' '30' 'check your connection on completion' || return 0 ## in this case wanSet() handles success message } showMesg() { local _RET=$? local _MSG=$1 local _TIMEOUT=$2 local _SUBMSG=$3 ## if set, global _ERR value prevails [[ $_ERR -gt $_RET ]] && _RET=$_ERR _MSG=${_MSG:='Configuration'} _TIMEOUT=${_TIMEOUT:='5'} _SUBMSG="${_SUBMSG} ${_TIMEOUT} seconds to get ready.." if [[ $_RET -gt 0 ]]; then local _TYPE='ERROR: ' headerPrint 406 else local _TYPE='OK: ' headerPrint 200 fi htmlHead "" _echo "

Superglue control panel

$_TYPE $_MSG

$_SUBMSG
" exit $_RET } updateFw() { local _FWFILE="${_TMP}/fwupload.bin" _OUT="$(sysupgrade -T $_FWFILE 2>&1)" || { _ERR=$?; rm -rf $_FWFILE; showMesg 'This is not a firmware!' '3' "$_OUT"; } [[ $POST_fwreset == 'on' ]] && { _FWRESET='-n'; logThis 'fw reset requested'; } ## using dtach to prevent sysupgrade getting killed dtach -n -zE sysupgrade $_FWRESET $_FWFILE 2>&1 && showMesg 'Firmware update is in progress..' '120' 'DO NOT INTERRUPT!' || { _ERR=$?; rm -rf $_FWFILE; showMesg 'Firmware update failed..' '3'; } } usbInit() { . $_SCRIPTS/usb-part.sh _OUT="$(usbPart)" && showMesg 'USB storage initialization is completed' '30' || showMesg "USB init failed!\n$_OUT" # logThis 'usb init..' } rebootNow() { logThis "reboot: now!" reboot showMesg 'Rebooting..' '60' } upTime() { local _T="$(uptime)" && { headerPrint 200; printf '%b' "$_T\n"; exit 0; } || headerPrint 406 } iwScan() { . $_SCRIPTS/iw-scan.sh headerPrint 200 iwScan exit 0 } findUsbstor() { local _P='/sys/block/' local _D _DEV for _D in ${_P}sd*; do _DEV=$(readlink -f ${_D}/device) if [[ ${_DEV/usb} != $_DEV ]]; then _USBDEV="/dev/${_D/$_P}" fi done [[ $_USBDEV ]] || return 1 } storageInfo() { if mountpoint -q $_WWW; then IFS=$'\n' _STOR=( $(df -h $_WWW) ) IFS=$_IFS _STOR=( ${_STOR[1]} ) else return 1 fi } swapInfo() { IFS=$'\n' _SWAP=( $(swapon -s) ) IFS=$_IFS if [[ ${_SWAP[1]} ]]; then IFS=$'\t' _SWAP=( ${_SWAP[1]} ) IFS=$_IFS ## for the lack of floats add trailing 0 ## divide by 1023 and split last digit by a period _SWAP[1]="$((${_SWAP[1]}0/1023))" _SWAP[1]="${_SWAP[1]%?}.${_SWAP[1]/??}M" else unset _SWAP return 1 fi } trimSpaces() { local v="$*" v="${v#"${v%%[![:space:]]*}"}" v="${v%"${v##*[![:space:]]}"}" return "$v" } dynDns() { ## curently only http://freedns.afraid.org is supported [[ $POST_dyndnsname && $POST_dyndnsuser && $POST_dyndnspass ]] || showMesg 'All values must be set!' doUci set dyndnsname "$POST_dyndnsname" && doUci set dyndnsuser "$POST_dyndnsuser" && doUci set dyndnspass "$POST_dyndnspass" || showMesg 'DynDNS settings failed..' ## create sha1 string per http://freedns.afraid.org/api local _DURL local _AFRAID='http://freedns.afraid.org/api/?action=getdyndns&sha=' _DURL=$(_echo "$POST_dyndnsuser|$POST_dyndnspass" | sha1sum) _DURL="$_AFRAID${_DURL/ -/}" _DURL="$(wget -q $_DURL -O -)" local _L local _RES for _L in $_DURL do case $_L in "${POST_dyndnsname}|"*) IFS='|' _RES=( $_L ); break;; 'ERROR'*) _RES=0; break;; *) unset _RES;; esac; done [[ $_RES ]] || showMesg 'Domain name is not found' '10' 'Make sure you entered correct domain name -' [[ $_RES -eq 0 ]] || showMesg 'Authentication failed' '10' 'Check your username and password and try again -' logThis "${_RES[@]}" doUci set dyndnsurl "${_RES[2]}" && doUci set dyndnsdis '' && doUci commit showMesg 'DynDNS configuration is in progress..' '10' 'After completion, your URL will become available with in 10-15 minutes' } doUci() { local _CMD='' local _ARG='' case $1 in get|set|commit) _CMD=$1;; *) logThis 'bad UCI command'; headerPrint 405; echo 'bad UCI command'; exit 1 ;; esac case $2 in lanssid) _ARG='wireless.@wifi-iface[0].ssid';; lanenc) _ARG='wireless.@wifi-iface[0].encryption';; lankey) _ARG='wireless.@wifi-iface[0].key';; lanipaddr) _ARG='network.lan.ipaddr';; wanifname) _ARG='network.wan.ifname';; wanproto) _ARG='network.wan.proto';; wanipaddr) _ARG='network.wan.ipaddr';; wanmask) _ARG='network.wan.netmask';; wangw) _ARG='network.wan.gateway';; wandns) _ARG='network.wan.dns';; wanwifacedis) _ARG='wireless.@wifi-iface[1].disabled';; wanssid) _ARG='wireless.@wifi-iface[1].ssid';; wanenc) _ARG='wireless.@wifi-iface[1].encryption';; wankey) _ARG='wireless.@wifi-iface[1].key';; dyndnsdis) _ARG='superglue.dyndns.disabled';; dyndnsurl) _ARG='superglue.dyndns.updateurl';; dyndnsname) _ARG='superglue.dyndns.domainname';; dyndnsuser) _ARG='superglue.dyndns.username';; dyndnspass) _ARG='superglue.dyndns.password';; *) if [[ $_CMD == 'commit' ]]; then _ARG=$2 else logThis "bad UCI entry: $2" _ERR=1 showMesg 'bad UCI entry' fi ;; esac if [[ $_CMD == 'get' ]]; then if [ ! -z $_ARG ]; then /sbin/uci -q get $_ARG || return $? fi fi if [[ $_CMD == 'set' ]]; then local _VAL=$3 if [ -z $_VAL ]; then logThis "empty $_ARG value, removing record" /sbin/uci delete $_ARG || ( echo "uci delete $_ARG: error"; exit 1; ) fi if [ ! -z $_ARG ]; then logThis "setting $_ARG value" /sbin/uci set $_ARG=$_VAL || ( echo "uci set $_ARG: error"; exit 1; ) fi fi if [[ $_CMD == 'commit' ]]; then /sbin/uci commit $_ARG || echo "uci commit $_ARG: error" fi } ## call with argument to inject additional lines ## ie: htmlhead "" htmlHead() { _echo " Superglue | Control panel $@ " } footerBody() { _echo " " } if [[ "${REQUEST_METHOD^^}" == "POST" ]]; then [[ $CONTENT_LENGTH -gt 0 ]] || err 'content length is zero, 301 back to referer' '301' case "${CONTENT_TYPE^^}" in APPLICATION/X-WWW-FORM-URLENCODED*) setQueryVars;; MULTIPART/FORM-DATA*) getQueryFile;; *) _ERR=1; _OUT='this is not a post';; esac case $REQUEST_URI in *pwdchange) pwdChange;; *ssidchange) ssidChange;; *lanaddr) lanAddr;; *updatefw) updateFw;; *usbinit) usbInit;; *rebootnow) rebootNow;; *wan) wanSet;; *uptime) upTime;; *iwscan) iwScan;; *dyndns) dynDns;; *) logThis 'bad action'; headerPrint 405; echo 'no such thing'; exit 1;; esac fi headerPrint '200' htmlHead read sgver < /etc/superglue_version read devmod < /etc/superglue_model read openwrt < /etc/openwrt_version . /opt/lib/scripts/jshn-helper.sh ## this does not work when iface isn't configured IFS="," wan=( $(ifaceStat wan) ) IFS=$OFS wanifname=${wan[3]} wanproto=$(doUci get wanproto) wanipaddr=${wan[0]} wangw=${wan[2]} wandns=${wan[5]} wanuptime=${wan[4]} wanssid=$(doUci get wanssid) wankey=$(doUci get wankey) %>

Superglue control panel

<% printf "System version: %s | Device: %s | OpenWRT: %s" "$sgver" "$devmod" "$openwrt" %> <% uptime %>

Internet connection:

>
help
placeholder='ip address'> placeholder='gateway/router'> placeholder='dns server'>
help

Domain name:

Dynamic DNS:

Register your free domain name (external Free DNS service, will open in a new tab)
help

Local wireless network:

help

Storage:

<% if findUsbstor; then %> <% if storageInfo; then %>
File storage: <% _echo "${_STOR[2]} used, ${_STOR[3]} available" %>
Swap: <% swapInfo && _echo "${_SWAP[1]}" || _echo 'n/a' %>
<% else %>
USB storage device must be initialized
<% fi %> <% else %>

USB storage device not found!

Please check and try again
<% fi %> help

Change password:

help

Firmware upgrade:

help

Memory: 
<% free %>
Storage: 
<% df -h %>
Environment: 
<% env %>
<% footerBody exit 0 %>