Table of Contents
Compile and install KeexyBox + Packaging it
DEBIAN 12 IN PROGRESS…
Manual installation
Requirement
The manual installation have to be done on RaspiOS or Debian.
Create environment
Create KeexyBox project folder:
mkdir -p /opt/keexybox/logs
Create keexybox system user:
useradd -d /opt/keexybox/ -s /bin/bash keexybox
Install prerequisite packages
Update APT:
apt-get update
Install dev tools:
apt-get install gcc make git
MariaDB :
apt-get install mariadb-server mariadb-client default-libmysqlclient-dev
HTTP server:
apt-get install apache2 libapache2-mod-php
System tools:
apt-get install sudo ntp acl arp-scan
PHP:
apt-get install php php-gettext php-tcpdf php-gd php-intl php-json php-mcrypt php-mysql php-readline php-sqlite3
Perl:
apt-get install libproc-daemon-perl libfile-pid-perl
Python:
apt-get install python-pip python-dev python-mysqldb libssl-dev
Fix a bug MariaDB with python
sed '/st_mysql_options options;/a unsigned int reconnect;' /usr/include/mysql/mysql.h -i.bkp
Installation of Python modules:
pip install mysql MySQL-python mysql-connector wget
KeexyApp
KeexyApp is the core of KeexyBox that also provide the Web Interface.
Go to KeexyBox home directory:
cd /opt/keexybox/
Clone keexybox/keexyapp from GitHub:
git clone https://github.com/keexybox/keexyapp
Create missing directories:
mkdir /opt/keexybox/keexyapp/logs
ISC Bind
Bind is a DNS server used by KeexyBox.
Compile and install
Install required packages:
apt-get install libmariadb-dev-compat libmariadb-dev libssl-dev pkg-config libuv1-dev libcap-dev python3-ply
Check the lastest stable version of bind: https://www.isc.org/downloads/
Download and extract source code of Bind:
cd /usr/src/ wget https://downloads.isc.org/isc/bind9/9.18.25/bind-9.18.25.tar.xz tar xJf bind-9.18.25.tar.xz
Compile Bind:
cd bind-9.18.25/ ./configure --prefix=/opt/keexybox/bind --with-dlz-mysql --enable-threads=no --disable-doh make make install
The option –enable-threads=no
is added because the MySQL drivers cannot work with several threads. For more details, see: http://bind-dlz.sourceforge.net/mysql_driver.html
TEMP EDIT
Configuration
Create redirectories required for Bind:
mkdir -p /opt/keexybox/bind/var/log/
Generate rndc.key
:
/opt/keexybox/bind/sbin/rndc-confgen -a
Go to Bind configuration directory:
cd /opt/keexybox/bind/etc/
Download db.root
file:
wget -O db.root ftp://ftp.internic.net/domain/named.cache
Create and edit file db.0
:
; ; BIND reverse data file for broadcast zone ; $TTL 604800 @ IN SOA localhost. root.localhost. ( 1 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS localhost.
Create and edit file db.127
:
; ; BIND reverse data file for local loopback interface ; $TTL 604800 @ IN SOA localhost. root.localhost. ( 1 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS localhost. 1.0.0 IN PTR localhost.
Create and edit file db.255
:
; ; BIND reverse data file for broadcast zone ; $TTL 604800 @ IN SOA localhost. root.localhost. ( 1 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS localhost.
Create and edit file db.local
:
; ; BIND data file for local loopback interface ; $TTL 604800 @ IN SOA localhost. root.localhost. ( 2 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS localhost. @ IN A 127.0.0.1 @ IN AAAA ::1
Create and edit file named.conf.default-zones
:
// prime the server with knowledge of the root servers zone "." { type hint; file "/opt/keexybox/bind/etc/db.root"; }; // be authoritative for the localhost forward and reverse zones, and for // broadcast zones as per RFC 1912 zone "localhost" { type master; file "/opt/keexybox/bind/etc/db.local"; }; zone "127.in-addr.arpa" { type master; file "/opt/keexybox/bind/etc/db.127"; }; zone "0.in-addr.arpa" { type master; file "/opt/keexybox/bind/etc/db.0"; }; zone "255.in-addr.arpa" { type master; file "/opt/keexybox/bind/etc/db.255"; };
ISC DHCPd
It is a DHCP server used by KeexyBox.
Compile and install
Check the lastest stable version of dhcpd: https://www.isc.org/downloads/
Download and extract source code of DHCPd:
cd /usr/src/ wget https://downloads.isc.org/isc/dhcp/4.4.2/dhcp-4.4.2.tar.gz tar xzf dhcp-4.4.2.tar.gz
Compile DHCPd:
cd dhcp-4.4.2 ./configure --prefix=/opt/keexybox/dhcpd make make install
Create file:
touch /opt/keexybox/dhcpd/etc/dhcpd.leases
Tor
Tor is the software to anonymize your Internet connection.
Compile and install
Install required packages:
apt-get install libevent-dev
Check the lastest stable version of tor: https://dist.torproject.org/
Download and extract source code of Tor:
cd /usr/src/ wget https://dist.torproject.org/tor-0.4.5.7.tar.gz tar xzf tor-0.4.5.7.tar.gz
Compile Tor:
cd tor-0.4.5.7/ ./configure --prefix=/opt/keexybox/tor make make install
Configuration
Create a missing directory:
mkdir -p /opt/keexybox/tor/var/run
Hostapd
It is the Wifi Access Point software used by KeexyBox.
Install required packages
apt-get install libnl-3-dev libnl-genl-3-dev libssl-dev pkg-config
Compile and install
Check the lastest stable version of hostapd: http://w1.fi/hostapd/
Download and extract source code of Hostapd:
cd /usr/src/ wget http://w1.fi/releases/hostapd-2.9.tar.gz tar xzf hostapd-2.9.tar.gz
Prepare config file for compilation:
cd hostapd-2.9/hostapd/ cp defconfig .config
Edit .config
and uncomment :
CONFIG_ACS=y
Compile Hostapd:
make mkdir /opt/keexybox/hostapd make install DESTDIR=/opt/keexybox/hostapd
Create config directory:
mkdir /opt/keexybox/hostapd/etc
Create KeexyBox installation package
We explain here how to create KeexyBox archive for KeexyBox installation scripts.
Clone KeexyBox/installer from GitHub:
cd ~ git clone https://github.com/keexybox/installer mv installer keexybox-x.x.x
Create archives of extra softwares (that have been compiled and install above):
cd /opt/keexybox/ tar czf ~/keexybox-x.x.x/install_pkg/keexybox-bind.tar.gz bind tar czf ~/keexybox-x.x.x/install_pkg/keexybox-tor.tar.gz tor tar czf ~/keexybox-x.x.x/install_pkg/keexybox-dhcpd.tar.gz dhcpd tar czf ~/keexybox-x.x.x/install_pkg/keexybox-hostapd.tar.gz hostapd
And then create archive for KeexyBox Application:
tar czf ~/keexybox-x.x.x/install_pkg/keexybox-keexyapp.tar.gz \ --exclude keexyapp/.git \ --exclude keexyapp/tmp \ --exclude keexyapp/logs \ --exclude keexyapp/config/app.php \ --exclude keexyapp/src/Shell/scripts/config.py keexyapp
Create final archive:
tar czf ~/keexybox-x.x.x.tar.gz --exclude keexybox-x.x.x/.git keexybox-x.x.x
Configure KeexyApp
We explain here how to configure KeexyBox manually to get it work.
Initialize KeexyBox's Databases
Run MySQL client:
mysql -u root -p
In MySQL:
CREATE DATABASE keexybox; GRANT ALL PRIVILEGES on keexybox.* to "keexybox"@'localhost' IDENTIFIED BY 'MyPassword'; CREATE DATABASE keexybox_blacklist; GRANT ALL PRIVILEGES on keexybox_blacklist.* to "keexybox"@'localhost' IDENTIFIED BY 'MyPassword'; CREATE DATABASE keexybox_logs; GRANT ALL PRIVILEGES on keexybox_logs.* to "keexybox"@'localhost' IDENTIFIED BY 'MyPassword';
You have to replace MyPassword
by you own database password.
Import Schema and Keexybox DB config:
mysql -u root -p keexybox < /opt/keexybox/keexyapp/config/schema/keexybox.sql mysql -u root -p keexybox_blacklist < /opt/keexybox/keexyapp/config/schema/keexybox_blacklist.sql mysql -u root -p keexybox_logs < /opt/keexybox/keexyapp/config/schema/keexybox_logs.sql mysql -u root -p keexybox < /opt/keexybox/keexyapp/config/schema/keexybox.config.sql
Setup KeexyApp DB config
Copy config template file with replacement:
sed "s/CHANGE_DATABASE_KEEXYBOX_HOST/127.0.0.1/g" /opt/keexybox/keexyapp/config/app.template.php | sed "s/CHANGE_DATABASE_KEEXYBOX_USER/keexybox/g" | sed "s/CHANGE_DATABASE_KEEXYBOX_PASSWORD/MyPassword/g" | sed "s/CHANGE_DATABASE_KEEXYBOX_DATABASE/keexybox/g" | sed "s/CHANGE_DATABASE_KEEXYBOX_BLACKLIST_HOST/127.0.0.1/g" | sed "s/CHANGE_DATABASE_KEEXYBOX_BLACKLIST_USER/keexybox/g" | sed "s/CHANGE_DATABASE_KEEXYBOX_BLACKLIST_PASSWORD/MyPassword/g" | sed "s/CHANGE_DATABASE_KEEXYBOX_BLACKLIST_DATABASE/keexybox_blacklist/g" | sed "s/CHANGE_DATABASE_KEEXYBOX_LOGS_HOST/127.0.0.1/g" | sed "s/CHANGE_DATABASE_KEEXYBOX_LOGS_USER/keexybox/g" | sed "s/CHANGE_DATABASE_KEEXYBOX_LOGS_PASSWORD/MyPassword/g" | sed "s/CHANGE_DATABASE_KEEXYBOX_LOGS_DATABASE/keexybox_logs/g" > /opt/keexybox/keexyapp/config/app.php
You have to replace MyPassword
by you own database password.
Reset admin password and create default profile
Create admin
account with password MyPassword
:
/opt/keexybox/keexyapp/bin/cake users UpdateAdminPassword MyPassword
Create default connection profile:
/opt/keexybox/keexyapp/bin/cake profiles ResetDefaultProfile
Configure Apache HTTP server
Generate certificate:
mkdir /opt/keexybox/ssl /opt/keexybox/keexyapp/bin/cake config certificate generate
Generate Apache configuration files:
/opt/keexybox/keexyapp/bin/cake config apache all
Enable modules on apache:
cd /etc/apache2/mods-enabled/ ln -s ../mods-available/rewrite.load ln -s ../mods-available/ssl.load
Start apache:
/etc/init.d/apache2 restart
Set permissions and misc actions
Create logrotate configuration:
/opt/keexybox/keexyapp/bin/cake config logrotate all
Set sudoers:
/opt/keexybox/keexyapp/bin/cake config sudoers all /etc/init.d/sudo restart
Set permissions for KeexyBox:
/opt/keexybox/keexyapp/src/Shell/scripts/pre-startup-keexybox.sh
KeexyBox startup script:
cd /etc/init.d/ ln -s /opt/keexybox/keexyapp/src/Shell/scripts/init_keexybox keexybox
If you want to start KeexyBox on startup:
update-rc.d keexybox defaults
Configuration from WebUI
Access the KeexyBox's Web interface by the current IP address of your Raspberry. For example:
http://192.168.1.254:8001
Configure Network and DHCP:
- Configure the Network: KeexyBox - Network settings
- Configure the DHCP: KeexyBox - DHCP settings
Go to Advanced config
page. Example:
http://192.168.1.254:8001/config/advanced
In the section Generate configuration files
, Generate each of configuration files:
- apache
- bind
- dhcpd
- hostapd
- ntp
- scripts
- tor
About KeexyBox Project: