commit e5d64bae29c9eef3b8b4436be73c8870af7e7694 Author: Wojtek Porczyk Date: Tue May 19 18:52:14 2020 +0200 Initial commit diff --git a/README.rst b/README.rst new file mode 100644 index 0000000..b09d96d --- /dev/null +++ b/README.rst @@ -0,0 +1,45 @@ +******** +maszt.5g +******** + +About +===== + +This is fake "administration interface", which is "accidentally" discovered as +captive portal ("Sign in to the WiFi network") served by ``MASZT 5G TEST 200% +MOCY`` network connected to by the conspiracy theorist determined to uncover the +truth about 5G. + +Implemented as simple Flask app on uWSGI and Nginx, for the limited amount of +dynamic content (like current date, in the future maybe some info about +connected device). In reference deployment uses openwrt as AP+router for captive +portal redirection. + +Features +======== + +* confirmation of various conspiracy theories about: + * 5G base stations spreading coronavirus + * chemtrails + * world government + +Installation +============ + +on captive portal host +---------------------- + +.. code-block:: sh + + git clone https://code.hackerspace.pl/woju/fiveg /srv/www/maszt.5g + ln -s "$PWD"/contrib/nginx.conf /etc/nginx/sites-enabled/fiveg.conf + ln -s "$PWD"/contrib/uwsgi.ini /etc/uwsgi/apps-enabled/fiveg.ini + systemctl restart uwsgi nginx + +on OpenWrt host +--------------- + +This has to be done manually, and better be. The files in +:file:`contrib/openwrt/config/{*}` should be appended to their respective +counterparts in :file:`/etc/config`. :file:`contrib/openwrt/firewall.user` +should be copied/appended to :file:`/etc/firewall.user` diff --git a/contrib/nginx.conf b/contrib/nginx.conf new file mode 100644 index 0000000..151c356 --- /dev/null +++ b/contrib/nginx.conf @@ -0,0 +1,16 @@ +server { + listen 80; + listen [::]:80; + server_name maszt.5g; + + root /srv/www/maszt.5g/root; + + location / { + include uwsgi_params; + uwsgi_pass unix:/run/uwsgi/app/fiveg/socket; + + location /static { + alias /srv/www/maszt.5g/static; + } + } +} diff --git a/contrib/openwrt/config/dhcp b/contrib/openwrt/config/dhcp new file mode 100644 index 0000000..88a2d95 --- /dev/null +++ b/contrib/openwrt/config/dhcp @@ -0,0 +1,9 @@ +config dhcp '5g' + option start '100' + option leasetime '12h' + option limit '150' + option interface '5g' + +config domain + option name 'maszt.5g' + option ip 'FIXME' diff --git a/contrib/openwrt/config/firewall b/contrib/openwrt/config/firewall new file mode 100644 index 0000000..c087bff --- /dev/null +++ b/contrib/openwrt/config/firewall @@ -0,0 +1,5 @@ +config zone + option input 'ACCEPT' + option name '5g' + option output 'ACCEPT' + option forward 'REJECT' diff --git a/contrib/openwrt/config/network b/contrib/openwrt/config/network new file mode 100644 index 0000000..76cf256 --- /dev/null +++ b/contrib/openwrt/config/network @@ -0,0 +1,5 @@ +config interface '5g' + option proto 'static' + option ipaddr 'FIXME' + option netmask '24' + option type 'bridge' diff --git a/contrib/openwrt/config/wireless b/contrib/openwrt/config/wireless new file mode 100644 index 0000000..1bebec4 --- /dev/null +++ b/contrib/openwrt/config/wireless @@ -0,0 +1,6 @@ +config wifi-iface '5g_radio0' + option device 'radio0' + option mode 'ap' + option ssid 'MASZT 5G TEST 200% MOCY' + option network '5g' + option encryption 'none' diff --git a/contrib/openwrt/firewall.user b/contrib/openwrt/firewall.user new file mode 100644 index 0000000..944e591 --- /dev/null +++ b/contrib/openwrt/firewall.user @@ -0,0 +1,25 @@ +#!/bin/sh + +lookup() { + # on resolution failure, this will attempt to index nil value + # and lua will exit nonzero + lua -l nixio -e "print(nixio.getaddrinfo('$1')[1].address)" 2>/dev/null +} + +ip_captive=$(lookup maszt.5g) +ip_login=$(lookup pis.org.pl) + +if test -n "$ip_login" +then + iptables -t nat -A prerouting_rule -i br-5g -d "$ip_login" \ + -j ACCEPT + iptables -t filter -A forwarding_rule -p tcp --dport 80 -d "$ip_login" \ + -j ACCEPT +fi + +iptables -t nat -A prerouting_rule -i br-5g -p tcp --dport 80 \ + -j DNAT --to-destination "$ip_captive" +iptables -t filter -A forwarding_rule -p tcp --dport 80 -d "$ip_captive" \ + -j ACCEPT + +# vim: ts=4 sts=4 sw=4 et diff --git a/contrib/uwsgi.ini b/contrib/uwsgi.ini new file mode 100644 index 0000000..d89068c --- /dev/null +++ b/contrib/uwsgi.ini @@ -0,0 +1,8 @@ +[uwsgi] +plugin = python3 +master = true +processes = 2 +uid = nobody + +wsgi-file = /srv/www/maszt.5g/fiveg.py +buffer-size = 65536 diff --git a/fiveg.py b/fiveg.py new file mode 100644 index 0000000..9c15060 --- /dev/null +++ b/fiveg.py @@ -0,0 +1,20 @@ +import datetime +import flask + +app = flask.Flask(__name__) + +@app.context_processor +def inject_libs(): + return { + 'datetime': datetime + } + +@app.route('/') +def index(): + return flask.render_template('index.html', today=datetime.date.today()) + +@app.errorhandler(404) +def error_404(error): + return flask.render_template('error.html', error=error) + +application = app diff --git a/static/style.css b/static/style.css new file mode 100644 index 0000000..b6d4d89 --- /dev/null +++ b/static/style.css @@ -0,0 +1,45 @@ +html { + font-family: sans; + max-width: 790px; + margin: 0 auto; +} + +h1 { + font-size: 1.5rem; +} + +fieldset { + border: 1px solid #000; +} + +.float { + float: right; + text-align: right; + width: 75%; +} + +td, th { + text-align: left; + vertical-align: top; + padding: 2px; +} + +td.ok { + background-color: #4e9a06; + color: #fff; +} + +.warning { + color: #cc0000; + margin-bottom: 0.8rem; +} + +label.warning { + color: #fff; + background-color: #cc0000; + padding: 2px; +} + +footer { + margin-top: 0.5rem; +} diff --git a/templates/error.html b/templates/error.html new file mode 100644 index 0000000..12c6776 --- /dev/null +++ b/templates/error.html @@ -0,0 +1,11 @@ +{% extends 'layout.html' %} +{% block body %} +
+ Błąd +
+ {{ error }} +
+
+{% endblock %} + +{# vim: set ft=jinja : #} diff --git a/templates/index.html b/templates/index.html new file mode 100644 index 0000000..e6f5aa0 --- /dev/null +++ b/templates/index.html @@ -0,0 +1,71 @@ +{% extends 'layout.html' %} + +{% set test_start = today - datetime.timedelta(days=today.weekday()) %} +{% set test_end = test_start + datetime.timedelta(days=7) %} + +{% block body %} +
Status + + + + + +
Status:OK
Pozostała ilość płynu:12,7 l
Aktywny okres testu:{{ test_start.strftime('%d.%m.%Y') }} + — {{ test_end.strftime('%d.%m.%Y') }}
+
+ +
Moc nadajnika +
+ UWAGA: ustawianie mocy powyżej 100% jest niewskazane! +
+ + + {% for power in [25, 50, 75, 90, 95, 100, 150, 200] %} + + + + + {% endfor %} +
+ + +
+
+ +{% macro checkbox(name, checked) %} + + + + + + +{% endmacro -%} + +
Inne ustawienia + + {% call checkbox('surveillance', true) -%} + Upoważnij operatora sieci 5G do przeglądania zawartości + urządzeń elektronicznych w zasięgu nadajnika.{% endcall %} + {% call checkbox('sars-cov-2', true) -%} + Test integracji z modułem CN-CNV-19.{% endcall %} + {% call checkbox('acl', false) -%} + Zabezpiecz interfejs przed dostępem osób niepowołanych.{% endcall %} +
+
+ +
Zapisz ustawienia +
+ Dostęp tylko do odczytu. Zmiana ustawień jest możliwa po zalogowaniu. +
+ + + Login +
+{% endblock %} + +{# vim: set ft=jinja : #} diff --git a/templates/layout.html b/templates/layout.html new file mode 100644 index 0000000..b2aa95f --- /dev/null +++ b/templates/layout.html @@ -0,0 +1,18 @@ + + + +Interfejs administracyjny + + + +

Interfejs administracyjny

+
+{% block body %}{% endblock %} +
+ + + + +{#- vim: set ft=jinja : #}