LokiAP interfaces witht Lokinet daemon to facilitate connections to the the Lokinet global privacy network. LokiAP provides a simple, responsive web interface to control wifi, hostapd and related services necessary to access Lokinet on the Raspberry Pi.
LokiAP interfaces witht Lokinet daemon to facilitate connections to the the Lokinet global privacy network. LokiAP provides a simple, responsive web interface to control wifi, hostapd, Lokinet daemon and related services necessary to access Lokinet on the Raspberry Pi or Orange Pi.
### WHAT IS LOKI?
@ -16,49 +16,84 @@ Loki
This project branches from the work of Raspap and SB Admin 2.
![](https://i.imgur.com/ZmBxM3R.jpg)
![](https://i.imgur.com/qdXbAGn.png)
## Contents
- [Prerequisites](#prerequisites)
- [Quick installer](#quick-installer)
- [Test Site](#test-site)
- [Support us](#support-us)
- [Manual installation](#manual-installation)
- [Multilingual support](#multilingual-support)
- [Optional services](#optional-services)
- [How to contribute](#how-to-contribute)
- [License](#license)
## Prerequisites
Start with a clean install of the [latest release of Raspbian](https://www.raspberrypi.org/downloads/raspbian/) (currently Stretch). Raspbian Stretch Lite is recommended.
Start with a clean install of the [latest release of Raspbian](https://www.raspberrypi.org/downloads/raspbian/) (currently Buster and Stretch are verified as working). Lite versions are recommended. If using Raspbian Buster you will need to run the command ```sudo apt-get update --allow-releaseinfo-change``` then elevate to root with ```sudo su``` before running the LokiAP installer script.
1. Update Raspbian, including the kernel and firmware, followed by a reboot:
For OrangePi Zero you can use an Armbian Buster "nightly" found here": https://dl.armbian.com/orangepizero/nightly/ or stable Armbian Stretch found here: https://dl.armbian.com/orangepizero/
For Orange Pi R1 you can use Armbian Buster "nightly" found here: https://dl.armbian.com/orangepi-r1/nightly/ or stable Stretch found here: https://dl.armbian.com/orangepi-r1/
Be aware "nightly" Armbian releases can be unstable but are needed to run Buster. If in doubt use a Stretch release build.
To burn the image to an SD card on your PC you can use Etcher:
https://www.balena.io/etcher/
## Preparing the image
For Raspbian you will need to remove the SD card from the computer, reinsert it, open the boot directory up and create a new textfile file named `ssh` with no .txt file extension i.e. just `ssh` in order to remotely connect. This step is not required for Armbian.
Insert the SD card into the device and power it up.
1. Log into your router from your PC and find the address it assigned to the Pi.
2. Start Putty up and enter this obtained address into Putty with settings:
Host Name Address = the address obtained from router | Port `22` | connection type `SSH` | then `OPEN`
For Raspbian the default login is `root` password `raspberry`
For Armbian the default login is `root` password `1234`
3. Follow any first user password instructions provided once logged in.
4. If you want to get the lastest updates before installing LokiAP:
```
sudo apt-get update
sudo apt-get dist-upgrade
sudo apt-get upgrade
sudo reboot
```
2. Set the WiFi country in raspi-config's **Localisation Options**: `sudo raspi-config`
5. Set the WiFi country in raspi-config's / armbian-config's **Localisation Options**: `sudo raspi-config` or `sudo arbmian-config` for RasperryPi or OrangePi respectively.
3. If you have an older Raspberry Pi without an onboard WiFi chipset, the [**Edimax Wireless 802.11b/g/n nano USB adapter**](https://www.edimax.com/edimax/merchandise/merchandise_detail/data/edimax/global/wireless_adapters_n150/ew-7811un) is an excellent option – it's small, cheap and has good driver support.
6. If you have an older Raspberry Pi without an onboard WiFi chipset, the [**Edimax Wireless 802.11b/g/n nano USB adapter**](https://www.edimax.com/edimax/merchandise/merchandise_detail/data/edimax/global/wireless_adapters_n150/ew-7811un) is an excellent option – it's small, cheap and has good driver support.
With the prerequisites done, you can proceed with either the Quick installer or Manual installation steps below.
## Quick installer
Install LokiAP from your RaspberryPi's shell prompt:
The installer will complete the steps in the manual installation (below) for you.
The installer will complete the steps in the manual installation (below) for you. You will be occasionally prompted to answer `y` or `n`. Answering yes to all prompts will in almost all cases be the answer you want so if in doubt respond with `y` that you want the default set up and the AP will work.
After the reboot at the end of the installation the wireless network will be
configured as an access point as follows:
* IP address: 10.3.141.1
* Username: admin
* Password: secret
* Username: `admin`
* Password: `secret`
* DHCP range: 10.3.141.1 to 10.3.141.24
* SSID: `loki-access`
* Password: ChangeMe
* Password: `ChangeMe`
## Test site
To test the connection navigate to Loki's wiki page found at
These steps apply to the latest release of Raspbian (currently [Stretch](https://www.raspberrypi.org/downloads/raspbian/)). Notes for previously released versions are provided, where applicable. Start off by installing git, lighttpd, php7, hostapd and dnsmasq.
**Note:** for Raspbian Jessie and Wheezy, replace `php7.0-cgi` with `php5-cgi`. After that, enable PHP for lighttpd and restart it for the settings to take effect.
```sh
sudo lighttpd-enable-mod fastcgi-php
sudo service lighttpd restart
```
Now comes the fun part. For security reasons, the `www-data` user which lighttpd runs under is not allowed to start or stop daemons, or run commands like ifdown and ifup, all of which we want our page to do.
So what I have done is added the `www-data` user to the sudoers file, but with restrictions on what commands the user can run. Add the following to the end of `/etc/sudoers`, substituting your wireless interface for `wlan0` if needed:
The default username is 'admin' and the default password is 'secret'.
## Multilingual support
LokiAP uses [GNU Gettext](https://www.gnu.org/software/gettext/) to manage multilingual messages. In order to use LokiAP with one of our supported translations, you must configure a corresponding language package on your RPi. To list languages currently installed on your system, use `locale -a` at the shell prompt. To generate new locales, run `sudo dpkg-reconfigure locales` and select any other desired locales. Details are provided on our [wiki](https://github.com/billz/raspap-webgui/wiki/Translations#raspap-in-your-language).
The following translations are currently maintained by the project:
- Deutsch
- Français
- Italiano
- Português
- Svenska
- Nederlands
- 简体中文 (Chinese Simplified)
- Čeština
- Русский
- Español
- Finnish
- Sinhala
If your language is not in the list above, why not [contribute a translation](https://github.com/billz/raspap-webgui/wiki/Translations#contributing-a-translation)? Contributors will receive credit as the original translators.
## Optional services
OpenVPN and TOR are two additional services that run perfectly well on the RPi, and are a nice way to extend the usefulness of your WiFi router. I've started on interfaces to administer these services. Not everyone will need them, so for the moment they are disabled by default. You can enable them by changing these options in `/var/www/html/includes/config.php`:
```sh
// Optional services, set to true to enable.
define('RASPI_OPENVPN_ENABLED', false );
define('RASPI_TORPROXY_ENABLED', false );
```
Please note that these are only UI's for now. If there's enough interest I'll complete the funtionality for these optional admin screens.
## How to contribute
1. File an issue in the repository, using the bug tracker, describing the
<divid="instruct"class="collapse">The 3 buttons below must be active (green) to connect to Lokinet. If there isn't a current lokinet.ini file found on the system the "Generate.ini" button will be red. The .ini file must be generated prior to connecting to Lokinet by pressing the button which will automatically write the required .ini file. Similarly the absense of a valid bootstrap will be indicated by a red "Bootstrap" button. Applying a bootstrap by pressing the apply button without submitting a valid URL in the textbox area will apply the original default bootstrap in place of one being provided. Stopping the daemon also exits Lokinet. To summarize, if necessary generate the .ini and bootstrap Lokinet then you are able to connect to Lokinet by starting the daemon and letting the network establish itself.
<divid="instruct"class="collapse">The 3 buttons below must be armed (red) to connect to Lokinet. If there isn't a current lokinet.ini file found on the system the "Generate.ini" button will be green. The .ini file must be generated prior to connecting to Lokinet by pressing the button which will automatically write the required .ini file. Similarly the absense of a valid bootstrap will be indicated by a green "Bootstrap" button. Applying a bootstrap by pressing the apply button without submitting a valid URL in the textbox area will apply the original default bootstrap in place of one being provided. Stopping the daemon also exits Lokinet. To summarize, if necessary generate the .ini and bootstrap Lokinet then you are able to connect to Lokinet by starting the daemon and letting the network establish itself.