RaspAProuter/install.sh

#!/bin/bash

printInfo() {
  echo "Welcome to the RaspbiAPinstaller, this will turn your rPi into an AIO router and AP"
  echo "This is very usefull for if you have a usb hotspot that you want access to without the device limit that they usually come with"
  echo "If you choose no hotspot then that means only the ethernet will be used"
  echo "Once completed the rPi will reboot"
}

getVars() {
read -p "Do you want the rPi to be a wifi hotspot? [y/n]: " hotspot

hotspot="${hotspot,,}"

if [[ "${hotspot}" == "y" ]];
then
  echo "Hotspot will be installed and configured"
elif [[ "${hotspot}" == "n" ]];
then
  echo "Hotspot will not be configured"
else
  echo "Please choose y/n"
fi

read -p "What is the NIC for the USB hotspot" usbNIC
usbNIC="${usbNIC,,}"

if [[ "${hotspot}" == "y" ]]
then
  read -p "What would you like your SSID to be?: " ssid
  read -p " What woudl you like your passphrase to be?: " passphrase
fi
}

installPreReqs() {
apt update
apt upgrade -y
apt install -y tmux htop curl wget
apt purge -y iptables
apt install -y firewalld dnsmasq bridge-utils

systemctl stop dnsmasq

if [[ "${hotspot}" == "y" ]]
then
  apt install -y hostapd
  systemctl stop hostapd
fi
}

firewallConfig() {
sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g' /etc/sysctl.conf

firewall-cmd --zone=home --add-interface=br0
firewall-cmd --zone=public --add-interface=${usbNIC}
firewall-cmd --zone=public --add-masquerade
firewall-cmd --zone=home --add-service=dns
firewall-cmd --zone=home --add-service=dhcp
firewall-cmd --zone=home --add-service=ssh
firewall-cmd --zone=public --add-service=ssh
firewall-cmd --runtime-to-permanent
}

apConfig() {
echo 'country=US' | tee -a /etc/wpa_supplicant/wpa_supplicant.conf
echo 'DAEMON_CONF="/etc/hostapd/hostapd.conf"' >> etc/default/hostapd

echo 'bridge=br0' > /etc/hostapd/hostapd.conf
echo '' >> /etc/hostapd/hostapd.conf
echo "ssid=${ssid}" >> /etc/hostapd/hostapd.conf
echo "wpa_passphrase=${passphrase}" >> /etc/hostapd/hostapd.conf
echo '' >> /etc/hostapd/hostapd.conf
echo 'country_code=US' >> /etc/hostapd/hostapd.conf
echo '' >> /etc/hostapd/hostapd.conf
echo 'interface=wlan0' >> /etc/hostapd/hostapd.conf
echo 'driver=nl80211' >> /etc/hostapd/hostapd.conf
echo '' >> /etc/hostapd/hostapd.conf
echo 'wpa=2' >> /etc/hostapd/hostapd.conf
echo 'wpa_key_mgmt=WPA-PSK' >> /etc/hostapd/hostapd.conf
echo 'rsn_pairwise=CCMP' >> /etc/hostapd/hostapd.conf
echo '' >> /etc/hostapd/hostapd.conf
echo 'macaddr_acl=0' >> /etc/hostapd/hostapd.conf
echo '' >> /etc/hostapd/hostapd.conf
echo 'logger_syslog=0' >> /etc/hostapd/hostapd.conf
echo 'logger_syslog_level=4' >> /etc/hostapd/hostapd.conf
echo 'logger_stdout=-1' >> /etc/hostapd/hostapd.conf
echo 'logger_stdout_level=0' >> /etc/hostapd/hostapd.conf
echo '' >> /etc/hostapd/hostapd.conf
echo 'hw_mode=a' >> /etc/hostapd/hostapd.conf
echo 'wmm_enabled=1' >> /etc/hostapd/hostapd.conf
echo '' >> /etc/hostapd/hostapd.conf
echo '# N' >> /etc/hostapd/hostapd.conf
echo 'ieee80211n=1' >> /etc/hostapd/hostapd.conf
echo 'require_ht=1' >> /etc/hostapd/hostapd.conf
echo 'ht_capab=[MAX-AMSDU-3839][HT40+][SHORT-GI-20][SHORT-GI-40][DSSS_CCK-40]' >> /etc/hostapd/hostapd.conf
echo '' >> /etc/hostapd/hostapd.conf
echo '# AC' >> /etc/hostapd/hostapd.conf
echo 'ieee80211ac=1' >> /etc/hostapd/hostapd.conf
echo 'require_vht=1' >> /etc/hostapd/hostapd.conf
echo 'ieee80211d=0' >> /etc/hostapd/hostapd.conf
echo 'ieee80211h=0' >> /etc/hostapd/hostapd.conf
echo 'vht_capab=[MAX-AMSDU-3839][SHORT-GI-80]' >> /etc/hostapd/hostapd.conf
echo 'vht_oper_chwidth=1' >> /etc/hostapd/hostapd.conf
echo 'channel=36' >> /etc/hostapd/hostapd.conf
echo 'vht_oper_centr_freq_seg0_idx=42' >> /etc/hostapd/hostapd.conf
systemctl enable hostapd
}

bridgeConfig() {
echo "allow-hotplug ${usbNIC}" >> /etc/network/interfaces
echo "auto ${usbNIC}" >> /etc/network/interfaces
echo "iface ${usbNIC} inet dhcp" >> /etc/network/interfaces
echo '' >> /etc/network/interfaces
echo 'auto eth0' >> /etc/network/interfaces
echo 'allow-hotplug eth0' >> /etc/network/interfaces
echo 'iface eth0 inet manual' >> /etc/network/interfaces
echo '' >> /etc/network/interfaces

if [[ "${hotspot}" == "y" ]]
then
  echo 'auto wlan0' >> /etc/network/interfaces
  echo 'allow-hotplug wlan0' >> /etc/network/interfaces
  echo 'iface wlan0 inet manual' >> /etc/network/interfaces
  echo '' >> /etc/network/interfaces
fi

echo 'auto br0' >> /etc/network/interfaces
echo 'iface br0 inet static' >> /etc/network/interfaces
echo '        address 192.168.5.1' >> /etc/network/interfaces
echo '        netmask 255.255.255.0' >> /etc/network/interfaces

if [[ "${hotspot}" == "y" ]]
then
  echo '        bridge_ports eth0 wlan0' >> /etc/network/interfaces
else
  echo '        bridge_ports eth0' >> /etc/network/interfaces
fi

echo '        bridge_fd 0' >> /etc/network/interfaces
echo '        bridge_stp off' >> /etc/network/interfaces

}

dnsConfig() {
sed -i 's/#interface=/interface=br0/g' /etc/dnsmasq.conf
sed -i 's/#dhcp-range=192.168.0.50,192.168.0.150,12h/dhcp-range=192.168.5.50,192.168.5.150,4h/g' /etc/dnsmasq.conf
systemctl enable dnsmasq
}

### Start Here ###
getVars
installPreReqs
firewallConfig

if [[ "${hotspot}" == "y" ]]
then
  bridgeConfig
  apConfig
fi

echo "The rPi will reboot now"
reboot

### End Here ###