#!/bin/bash 
# ap-wifi-gw: split wifi, enable upstream and downstream

# are optomizing for low connectivity -- update/upgrade should be optional
#apt-get update
#apt-get -y upgrade

# haveged adds entropy (randomness for hostapd)
apt-get install -y iptables dnsmasq hostapd haveged

if [ $(id -u) -ne 0 ];then
   echo Please run as root
   exit 1
fi

# hostapdstart script runs from rc.local
cat <<EOF > /usr/local/bin/hostapdstart
#!/bin/bash

      # need to find out which channel is used upstream
      wpa_supplicant -iwlan0 -c/etc/wpa_supplicant/wpa_supplicant.conf &
      sleep 3
      CHANNEL=\$(iw wlan0 info|grep channel|cut -d' ' -f2)
      echo \$CHANNEL
      /usr/bin/killall wpa_supplicant

      # We need second interface and a unique MAC address
      /sbin/iw dev wlan0 interface add uap0 type __ap
      /sbin/ip link set uap0 address b8:27:99:12:34:56
      /sbin/ifup uap0

      # Set up for Proxying clients to the internet
      systemctl restart dnsmasq.service
      sysctl net.ipv4.ip_forward=1
      sysctl net.ipv6.all.disable=1
      iptables -t nat -A POSTROUTING -s 172.18.96.0/19 ! -d 172.18.96.0/19 -j MASQUERADE

      # get the channel that is in use -- supplied by upstream wifi
      if [ ! -z "\$CHANNEL" ]; then
         sed -i -e "s/^channel.*/channel=\$CHANNEL /" /etc/hostapd/hostapd.conf
      fi
      systemctl unmask hostapd.service
      systemctl restart hostapd.service
      sleep 3
      wpa_supplicant -iwlan0 -c/etc/wpa_supplicant/wpa_supplicant.conf &
      sleep 2
      dhclient
EOF

chmod 755 /usr/local/bin/hostapdstart

# insert the hostapdstart script from /etc/rc.local
cat /etc/rc.local | grep hostapdstart
if [ $? -ne 0 ]; then
  sed -i '/^ *exit/i \
/usr/local/bin/hostapdstart' /etc/rc.local
fi

# put netwoking files
cat <<EOF > /etc/network/interfaces.d/station
# Generated by IIAB
# /etc/network/interfaces.d/station
allow-hotplug wlan0
iface wlan0 inet manual
conf /etc/wpa_supplicant/wpa_supplicant.conf
EOF

cat <<EOF > /etc/network/interfaces.d/access-point
# Generated by IIAB
# /etc/network/interfaces.d/access-point in cooperation with hostapd
auto uap0
iface uap0 inet static
address 172.18.96.1
netmask 255.255.224.0
EOF

cat <<EOF > /etc/hostapd/hostapd.conf
# Generated by IIAB
# /etc/hostapd/hostapd.conf
interface=uap0
ssid=APandGateway
hw_mode=g
channel=6
macaddr_acl=0
country_code=US
ieee80211d=1
EOF


cat <<EOF > /etc/dnsmasq.conf
# Generated by IIAB
# acknowledgement https://imti.co/iot-wifi/#legacy-instructions-the-manual-way
interface=lo
interface=uap0
no-dhcp-interface=lo,wlan0
bind-interfaces
server=8.8.8.8
domain-needed
bogus-priv
dhcp-range=172.18.100.0,172.18.126.254,12h

# Delays sending DHCPOFFER and proxydhcp replies for at least the specified number of seconds.
dhcp-reply-delay=2

EOF

# dnsmasq uses /etc/hosts to populate it's own name cache
# so put box.lan in hosts
cat /etc/hosts|grep "-172.18.96.1" > /dev/null
if [ $? -ne 0 ]; then
	echo "172.18.96.1     box.lan box" >> /etc/hosts
fi

# dhcpcd needs some values also
cat <<EOF > /etc/dhcpcd.conf
hostname box

# Use the hardware address of the interface for the Client ID.
clientid

# Persist interface configuration when dhcpcd exits.
persistent

# Rapid commit support.
# Safe to enable by default because it requires the equivalent option set
# on the server to actually work.
option rapid_commit

# A list of options to request from the DHCP server.
option domain_name_servers, domain_name, domain_search, host_name
option classless_static_routes
# Most distributions have NTP support.
option ntp_servers
# Respect the network MTU. This is applied to DHCP routes.
option interface_mtu

# A ServerID is required by RFC2131.
require dhcp_server_identifier

# Generate Stable Private IPv6 Addresses instead of hardware based ones
slaac private
denyinterfaces uap0
# Example static IP configuration:
interface wlan0
EOF
echo
echo
echo Updates for Access Point AND Gateway have been installed.
echo Please do a reboot to enable.
