nils/gluon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #2352 from lemoer/pr_site_vpn_mtu_in_provider

Browse Source 
RFC: gluon-mesh-vpn-*: make MTU of VPN device provider specific
This commit is contained in:
David Bauer 2022-05-22 11:45:10 +02:00 committed by GitHub
commit 1ef3edbe58
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
13 changed files with 24 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
contrib/ci/minimal-site/site.conf
View File

@ -93,7 +93,6 @@
mesh_vpn = { mesh_vpn = {
-- enabled = true, -- enabled = true,
mtu = 1312,
fastd = { fastd = {
-- Refer to https://fastd.readthedocs.io/en/latest/ to better understand -- Refer to https://fastd.readthedocs.io/en/latest/ to better understand
@ -101,6 +100,7 @@
-- List of crypto-methods to use. -- List of crypto-methods to use.
methods = {'salsa2012+umac'}, methods = {'salsa2012+umac'},
mtu = 1312,
-- configurable = true, -- configurable = true,
-- syslog_level = 'warn', -- syslog_level = 'warn',

2
docs/multidomain-site-example/site.conf
View File

@ -20,10 +20,10 @@
}, },
mesh_vpn = { mesh_vpn = {
mtu = 1312,
fastd = { fastd = {
methods = {'salsa2012+umac'}, methods = {'salsa2012+umac'},
mtu = 1312,
}, },
bandwidth_limit = { bandwidth_limit = {

2
docs/site-example/site.conf
View File

@ -105,7 +105,6 @@
mesh_vpn = { mesh_vpn = {
-- enabled = true, -- enabled = true,
mtu = 1312,
fastd = { fastd = {
-- Refer to https://fastd.readthedocs.io/en/latest/ to better understand -- Refer to https://fastd.readthedocs.io/en/latest/ to better understand
@ -113,6 +112,7 @@
-- List of crypto-methods to use. -- List of crypto-methods to use.
methods = {'salsa2012+umac'}, methods = {'salsa2012+umac'},
mtu = 1312,
-- configurable = true, -- configurable = true,
-- syslog_level = 'warn', -- syslog_level = 'warn',

3
docs/user/site.rst
View File

@ -331,10 +331,10 @@ mesh_vpn
mesh_vpn = { mesh_vpn = {
-- enabled = true, -- enabled = true,
mtu = 1312,
-- pubkey_privacy = true, -- pubkey_privacy = true,
fastd = { fastd = {
mtu = 1312,
methods = {'salsa2012+umac'}, methods = {'salsa2012+umac'},
-- configurable = true, -- configurable = true,
-- syslog_level = 'warn', -- syslog_level = 'warn',
@ -384,6 +384,7 @@ mesh_vpn
}, },
tunneldigger = { tunneldigger = {
mtu = 1312,
brokers = {'vpn1.alpha-centauri.freifunk.net'} brokers = {'vpn1.alpha-centauri.freifunk.net'}
}, },

1
package/gluon-mesh-vpn-core/check_site.lua
View File

@ -1,5 +1,4 @@
need_boolean(in_site({'mesh_vpn', 'enabled'}), false) need_boolean(in_site({'mesh_vpn', 'enabled'}), false)
need_number({'mesh_vpn', 'mtu'})
need_boolean(in_site({'mesh_vpn', 'pubkey_privacy'}), false) need_boolean(in_site({'mesh_vpn', 'pubkey_privacy'}), false)
need_boolean(in_site({'mesh_vpn', 'bandwidth_limit', 'enabled'}), false) need_boolean(in_site({'mesh_vpn', 'bandwidth_limit', 'enabled'}), false)

3
package/gluon-mesh-vpn-core/luasrc/lib/gluon/upgrade/500-mesh-vpn
View File

@ -7,6 +7,7 @@ local util = require 'gluon.util'
local uci = require('simple-uci').cursor() local uci = require('simple-uci').cursor()
local vpn_core = require 'gluon.mesh-vpn' local vpn_core = require 'gluon.mesh-vpn'
local _, active_vpn = vpn_core.get_active_provider()
uci:section('network', 'interface', 'mesh_vpn', { uci:section('network', 'interface', 'mesh_vpn', {
ifname = vpn_core.get_interface(), ifname = vpn_core.get_interface(),
@ -14,7 +15,7 @@ uci:section('network', 'interface', 'mesh_vpn', {
transitive = true, transitive = true,
fixed_mtu = true, fixed_mtu = true,
macaddr = util.generate_mac(7), macaddr = util.generate_mac(7),
mtu = site.mesh_vpn.mtu(), mtu = active_vpn.mtu(),
}) })
uci:save('network') uci:save('network')

1
package/gluon-mesh-vpn-fastd/check_site.lua
View File

@ -1,6 +1,7 @@
local fastd_methods = {'salsa2012+umac', 'null+salsa2012+umac', 'null@l2tp', 'null'} local fastd_methods = {'salsa2012+umac', 'null+salsa2012+umac', 'null@l2tp', 'null'}
need_array_of({'mesh_vpn', 'fastd', 'methods'}, fastd_methods) need_array_of({'mesh_vpn', 'fastd', 'methods'}, fastd_methods)
need_boolean(in_site({'mesh_vpn', 'fastd', 'configurable'}), false) need_boolean(in_site({'mesh_vpn', 'fastd', 'configurable'}), false)
need_number({'mesh_vpn', 'fastd', 'mtu'})
need_one_of(in_site({'mesh_vpn', 'fastd', 'syslog_level'}), need_one_of(in_site({'mesh_vpn', 'fastd', 'syslog_level'}),
{'error', 'warn', 'info', 'verbose', 'debug', 'debug2'}, false) {'error', 'warn', 'info', 'verbose', 'debug', 'debug2'}, false)

3
package/gluon-mesh-vpn-fastd/luasrc/lib/gluon/upgrade/400-mesh-vpn-fastd
View File

@ -3,6 +3,7 @@
local site = require 'gluon.site' local site = require 'gluon.site'
local util = require 'gluon.util' local util = require 'gluon.util'
local vpn_core = require 'gluon.mesh-vpn' local vpn_core = require 'gluon.mesh-vpn'
local _, active_vpn = vpn_core.get_active_provider()
local uci = require('simple-uci').cursor() local uci = require('simple-uci').cursor()
local unistd = require 'posix.unistd' local unistd = require 'posix.unistd'
@ -49,7 +50,7 @@ uci:section('fastd', 'fastd', 'mesh_vpn', {
secret = secret, secret = secret,
interface = vpn_core.get_interface(), interface = vpn_core.get_interface(),
mode = 'tap', mode = 'tap',
mtu = site.mesh_vpn.mtu(), mtu = active_vpn.mtu(),
secure_handshakes = true, secure_handshakes = true,
method = methods, method = methods,
packet_mark = 1, packet_mark = 1,

4
package/gluon-mesh-vpn-fastd/luasrc/usr/lib/lua/gluon/mesh-vpn/provider/fastd.lua
View File

@ -39,4 +39,8 @@ function M.set_limit(ingress_limit, egress_limit)
uci:save('simple-tc') uci:save('simple-tc')
end end
function M.mtu()
return site.mesh_vpn.fastd.mtu()
end
return M return M

1
package/gluon-mesh-vpn-tunneldigger/check_site.lua
View File

@ -1 +1,2 @@
need_string_array(in_domain({'mesh_vpn', 'tunneldigger', 'brokers'})) need_string_array(in_domain({'mesh_vpn', 'tunneldigger', 'brokers'}))
need_number({'mesh_vpn', 'tunneldigger', 'mtu'})

4
package/gluon-mesh-vpn-tunneldigger/luasrc/usr/lib/lua/gluon/mesh-vpn/provider/tunneldigger.lua
View File

@ -39,4 +39,8 @@ function M.set_limit(ingress_limit, egress_limit)
uci:save('simple-tc') uci:save('simple-tc')
end end
function M.mtu()
return site.mesh_vpn.tunneldigger.mtu()
end
return M return M

1
package/gluon-mesh-vpn-wireguard/check_site.lua
View File

@ -7,3 +7,4 @@ local function check_peer(k)
end end
need_table({'mesh_vpn', 'wireguard', 'peers'}, check_peer) need_table({'mesh_vpn', 'wireguard', 'peers'}, check_peer)
need_number({'mesh_vpn', 'wireguard', 'mtu'})

4
package/gluon-mesh-vpn-wireguard/luasrc/usr/lib/lua/gluon/mesh-vpn/provider/wireguard.lua
View File

@ -40,4 +40,8 @@ function M.set_limit(ingress_limit, egress_limit)
uci:save('simple-tc') uci:save('simple-tc')
end end
function M.mtu()
return site.mesh_vpn.wireguard.mtu()
end
return M return M