diff --git a/.editorconfig b/.editorconfig index 5174a187..9dca9dab 100644 --- a/.editorconfig +++ b/.editorconfig @@ -25,7 +25,7 @@ indent_size = 4 [*.rst] indent_style = space -indent_size = 3 +indent_size = 2 [*.yml] indent_style = space diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000..f1b24d13 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,12 @@ +# Docs: + +version: 2 + +updates: + - package-ecosystem: github-actions + directory: / + schedule: {interval: monthly} + + - package-ecosystem: pip + directory: /docs/ + schedule: {interval: monthly} diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml new file mode 100644 index 00000000..ec3e5db8 --- /dev/null +++ b/.github/workflows/backport.yml @@ -0,0 +1,21 @@ +name: Backport +on: + pull_request_target: + types: [closed, labeled] +jobs: + backport: + name: Backport Pull Request + if: github.repository_owner == 'freifunk-gluon' && github.event.pull_request.merged == true && (github.event_name != 'labeled' || startsWith('backport', github.event.label.name)) + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + with: + ref: ${{ github.event.pull_request.head.sha }} + - name: Create backport PRs + uses: zeebe-io/backport-action@v0.0.7 + with: + # Config README: https://github.com/zeebe-io/backport-action#backport-action + github_token: ${{ secrets.GITHUB_TOKEN }} + github_workspace: ${{ github.workspace }} + pull_description: |- + Automatic backport to `${target_branch}`, triggered by a label in #${pull_number}. diff --git a/.github/workflows/build-docs.yml b/.github/workflows/build-docs.yml index ccd51090..9ff3504e 100644 --- a/.github/workflows/build-docs.yml +++ b/.github/workflows/build-docs.yml @@ -20,7 +20,7 @@ jobs: - name: Build documentation run: make -C docs html - name: Archive build output - uses: actions/upload-artifact@v1 + uses: actions/upload-artifact@v2.3.1 with: name: docs_output path: docs/_build/html diff --git a/.github/workflows/build-gluon.yml b/.github/workflows/build-gluon.yml index 897e7744..dccdb347 100644 --- a/.github/workflows/build-gluon.yml +++ b/.github/workflows/build-gluon.yml @@ -1,7 +1,3 @@ - -# Update this file after adding/removing/renaming a target by running -# `make list-targets BROKEN=1 | ./contrib/actions/generate-actions.py > ./.github/workflows/build-gluon.yml` - name: Build Gluon on: push: @@ -28,6 +24,7 @@ jobs: build_firmware: needs: changed + if: ${{ needs.changed.outputs.targets != '[]' && needs.changed.outputs.targets != '' }} strategy: fail-fast: false matrix: @@ -45,13 +42,13 @@ jobs: - name: Archive build logs if: ${{ !cancelled() }} - uses: actions/upload-artifact@v1 + uses: actions/upload-artifact@v2.3.1 with: name: ${{ matrix.target }}_logs path: openwrt/logs - name: Archive build output - uses: actions/upload-artifact@v1 + uses: actions/upload-artifact@v2.3.1 with: name: ${{ matrix.target }}_output path: output diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index ebc5817e..b18c02a5 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -10,7 +10,7 @@ jobs: steps: - uses: actions/checkout@v2 - name: Install Dependencies - run: sudo apt install lua-check + run: sudo apt-get -y update && sudo apt-get -y install lua-check - name: Install example site run: ln -s ./docs/site-example ./site - name: Lint Lua code @@ -22,7 +22,7 @@ jobs: steps: - uses: actions/checkout@v2 - name: Install Dependencies - run: sudo apt install shellcheck + run: sudo apt-get -y update && sudo apt-get -y install shellcheck - name: Install example site run: ln -s ./docs/site-example ./site - name: Lint shell code diff --git a/Makefile b/Makefile index 760335a2..e3aa596f 100644 --- a/Makefile +++ b/Makefile @@ -19,14 +19,15 @@ escape = '$(subst ','\'',$(1))' GLUON_SITEDIR ?= site $(eval $(call mkabspath,GLUON_SITEDIR)) -$(GLUON_SITEDIR)/site.mk: - $(error No site configuration was found. Please check out a site configuration to $(GLUON_SITEDIR)) +ifeq ($(realpath $(GLUON_SITEDIR)/site.mk),) +$(error No site configuration was found. Please check out a site configuration to $(GLUON_SITEDIR)) +endif include $(GLUON_SITEDIR)/site.mk GLUON_RELEASE ?= $(error GLUON_RELEASE not set. GLUON_RELEASE can be set in site.mk or on the command line) -GLUON_DEPRECATED ?= $(error GLUON_DEPRECATED not set. Please consult the documentation) +GLUON_DEPRECATED ?= 0 ifneq ($(GLUON_BRANCH),) $(warning *** Warning: GLUON_BRANCH has been deprecated, please set GLUON_AUTOUPDATER_BRANCH and GLUON_AUTOUPDATER_ENABLED instead.) @@ -70,7 +71,7 @@ GLUON_VARS = \ GLUON_VERSION GLUON_SITE_VERSION \ GLUON_RELEASE GLUON_REGION GLUON_MULTIDOMAIN GLUON_AUTOREMOVE GLUON_DEBUG GLUON_MINIFY GLUON_DEPRECATED \ GLUON_DEVICES GLUON_TARGETSDIR GLUON_PATCHESDIR GLUON_TMPDIR GLUON_IMAGEDIR GLUON_PACKAGEDIR GLUON_DEBUGDIR \ - GLUON_SITEDIR GLUON_RELEASE GLUON_AUTOUPDATER_BRANCH GLUON_AUTOUPDATER_ENABLED GLUON_LANGS GLUON_BASE_FEEDS \ + GLUON_SITEDIR GLUON_AUTOUPDATER_BRANCH GLUON_AUTOUPDATER_ENABLED GLUON_LANGS GLUON_BASE_FEEDS \ GLUON_TARGET BOARD SUBTARGET unexport $(GLUON_VARS) @@ -185,6 +186,10 @@ config: $(LUA) FORCE $(GLUON_ENV) $(LUA) scripts/target_config_check.lua +container: FORCE + @scripts/container.sh + + all: config +@ $(GLUON_ENV) $(LUA) scripts/clean_output.lua diff --git a/README.md b/README.md index d04d8096..647f0e58 100644 --- a/README.md +++ b/README.md @@ -15,7 +15,7 @@ If you're new to Gluon and ready to get your feet wet, have a look at the Gluon's developers frequent an IRC chatroom at [#gluon](ircs://irc.hackint.org/#gluon) on [hackint](https://hackint.org/). There is also a [webchat](https://webirc.hackint.org/#irc://irc.hackint.org/#gluon) -that allows for uncomplicated access from within your browser. +that allows for uncomplicated access from within your browser. This channel is also available as a bridged Matrix Room at [#gluon:hackint.org](https://matrix.to/#/#gluon:hackint.org). ## Issues & Feature requests diff --git a/contrib/Dockerfile b/contrib/docker/Dockerfile similarity index 100% rename from contrib/Dockerfile rename to contrib/docker/Dockerfile diff --git a/contrib/lsupgrade.sh b/contrib/lsupgrade.sh index f8e28f9a..284fe44b 100755 --- a/contrib/lsupgrade.sh +++ b/contrib/lsupgrade.sh @@ -28,7 +28,7 @@ fi pushd "$(dirname "$0")/.." >/dev/null -find ./package packages -name Makefile | while read -r makefile; do +find ./package packages -name Makefile | grep -v '^packages/packages/' | while read -r makefile; do dir="$(dirname "$makefile")" pushd "$dir" >/dev/null @@ -37,13 +37,12 @@ find ./package packages -name Makefile | while read -r makefile; do dirname="$(dirname "$dir" | cut -d/ -f 3-)" package="$(basename "$dir")" - for file in "${SUFFIX1}"/*; do - echo "${GREEN}$(basename "${file}")${RESET}" "(${BLUE}${repo}${RESET}/${dirname}${dirname:+/}${RED}${package}${RESET}/${SUFFIX1})" - done - for file in "${SUFFIX2}"/*; do - echo "${GREEN}$(basename "${file}")${RESET}" "(${BLUE}${repo}${RESET}/${dirname}${dirname:+/}${RED}${package}${RESET}/${SUFFIX2})" + for file in "${SUFFIX1}"/* "${SUFFIX2}"/*; do + basename="$(basename "${file}")" + suffix="$(dirname "${file}")" + printf "%s\t%s\n" "${basename}" "${BLUE}${repo}${RESET}/${dirname}${dirname:+/}${RED}${package}${RESET}/${suffix}/${GREEN}${basename}${RESET}" done popd >/dev/null -done | sort +done | sort | cut -f2- popd >/dev/null diff --git a/contrib/push_pkg.sh b/contrib/push_pkg.sh index 4b9fe740..c12a02e6 100755 --- a/contrib/push_pkg.sh +++ b/contrib/push_pkg.sh @@ -48,7 +48,7 @@ shift $(( OPTIND - 1 )) if [ "$build_only" -eq 0 ]; then remote_info=$(ssh -p "${ssh_port}" "root@${ssh_host}" ' source /etc/os-release - printf "%s\t%s\n" "$OPENWRT_BOARD" "$OPENWRT_ARCH" + printf "%s\\t%s\\n" "$OPENWRT_BOARD" "$OPENWRT_ARCH" ') REMOTE_OPENWRT_BOARD="$(echo "$remote_info" | cut -f 1)" REMOTE_OPENWRT_ARCH="$(echo "$remote_info" | cut -f 2)" @@ -92,7 +92,7 @@ while [ $# -gt 0 ]; do opkg_packages="$(make TOPDIR="${topdir}" -C "${pkgdir}" DUMP=1 | awk '/^Package: / { print $2 }')" search_package() { - find "$2" -name "$1_*.ipk" -printf "%f\n" + find "$2" -name "$1_*.ipk" -printf '%f\n' } make TOPDIR="${topdir}" -C "${pkgdir}" clean diff --git a/docs/dev/basics.rst b/docs/dev/basics.rst index 5508897c..27ba23d3 100644 --- a/docs/dev/basics.rst +++ b/docs/dev/basics.rst @@ -23,6 +23,7 @@ webbrowser. You're welcome to join us! .. _hackint: https://hackint.org/ .. _webchat: https://webirc.hackint.org/#irc://irc.hackint.org/#gluon +.. _working-with-repositories: Working with repositories ------------------------- @@ -32,7 +33,7 @@ rerun :: - make update + make update `make update` also applies the patches that can be found in the directories found in `patches`; the resulting branch will be called `patched`, while the commit specified in `modules` @@ -44,7 +45,7 @@ using :: - make update-patches + make update-patches If applying a patch fails because you have changed the base commit, the repository will be reset to the old `patched` branch and you can try rebasing it onto the new `base` branch yourself and after that call `make update-patches` to fix the problem. @@ -54,7 +55,7 @@ commits, making `git reflog` the only way to recover them! :: - make refresh-patches + make refresh-patches In order to refresh patches when updating feeds or the OpenWrt base, `make refresh-patches` applies and updates all of their patches without installing feed packages to the OpenWrt buildsystem. diff --git a/docs/dev/debugging.rst b/docs/dev/debugging.rst index 52073428..ca1cd041 100644 --- a/docs/dev/debugging.rst +++ b/docs/dev/debugging.rst @@ -32,12 +32,12 @@ The tooling is contained in the kernel source tree in the file `decode_stacktrace.sh `__. This file and the needed source tree are available in the directory: :: - openwrt/build_dir/target-/linux-/linux-/ + openwrt/build_dir/target-/linux-/linux-/ .. note:: - Make sure to use a kernel tree that matches the version and patches - that was used to build the kernel. - If in doubt just re-build the images for the target. + Make sure to use a kernel tree that matches the version and patches + that was used to build the kernel. + If in doubt just re-build the images for the target. Some more information on how to use this tool can be found at `LWN `__. @@ -48,4 +48,4 @@ Obtaining Stacktraces On many targets stacktraces can be read from the following location after reboot: :: - /sys/kernel/debug/crashlog + /sys/kernel/debug/crashlog diff --git a/docs/dev/packages.rst b/docs/dev/packages.rst index 098b0276..7c239675 100644 --- a/docs/dev/packages.rst +++ b/docs/dev/packages.rst @@ -9,13 +9,16 @@ Development workflow When you are developing packages, it often happens that you iteratively want to deploy and verify the state your development. There are two ways to verify your changes: -1) One way is to rebuild the complete firmware, flash it, configure it and verify your - development then. This usually takes at least a few minutes to get your changes - working so you can test them. Especially if you iterate a lot, this becomes tedious. -2) Another way is to rebuild only the package you are currently working on and - to deploy this package to your test system. Here not even a reboot is required. - This makes iterating relatively fast. Your test system could be real hardware or - even a qemu in most cases. +1) + One way is to rebuild the complete firmware, flash it, configure it and verify your + development then. This usually takes at least a few minutes to get your changes + working so you can test them. Especially if you iterate a lot, this becomes tedious. + +2) + Another way is to rebuild only the package you are currently working on and + to deploy this package to your test system. Here not even a reboot is required. + This makes iterating relatively fast. Your test system could be real hardware or + even a qemu in most cases. Gluon provides scripts to enhance workflow 2). Here is an example illustrating the workflow using these scripts: diff --git a/docs/features/autoupdater.rst b/docs/features/autoupdater.rst index 6e011245..545b8237 100644 --- a/docs/features/autoupdater.rst +++ b/docs/features/autoupdater.rst @@ -99,16 +99,16 @@ These commands can be used on a node: :: - # Update with some probability - autoupdater + # Update with some probability + autoupdater :: - # Force update check, even when the updater is disabled - autoupdater -f + # Force update check, even when the updater is disabled + autoupdater -f :: - # If fallback is true the updater will perform an update only if the timespan - # PRIORITY days (as defined in the manifest) and another 24h have passed - autoupdater --fallback + # If fallback is true the updater will perform an update only if the timespan + # PRIORITY days (as defined in the manifest) and another 24h have passed + autoupdater --fallback diff --git a/docs/features/multidomain.rst b/docs/features/multidomain.rst index 7abd59a8..80cae0de 100644 --- a/docs/features/multidomain.rst +++ b/docs/features/multidomain.rst @@ -21,18 +21,18 @@ Overview Multidomain support allows to build a single firmware with multiple, switchable domain configurations. The nomenclature is as follows: -- ``site``: an aggregate over multiple domains -- ``domain``: mesh network with connectivity parameters that prevent - accidental bridging with other domains -- ``domain code``: unique domain identifier -- ``domain name``: pretty name for a domain code +- ``site``: an aggregate over multiple domains +- ``domain``: mesh network with connectivity parameters that prevent + accidental bridging with other domains +- ``domain code``: unique domain identifier +- ``domain name``: pretty name for a domain code By default Gluon builds firmware with a single domain embedded into ``site.conf``. To use multiple domains, enable it in ``site.mk``: :: - GLUON_MULTIDOMAIN=1 + GLUON_MULTIDOMAIN=1 In the site repository, create the ``domains/`` directory, which will hold your domain configurations. Each domain configuration file is named @@ -41,26 +41,26 @@ supported. :: - site/ - |-- site.conf - |-- site.mk - |-- i18n/ - |-- domains/ - |-- alpha_centauri.conf - |-- beta_centauri.conf - |-- gamma_centauri.conf + site/ + |-- site.conf + |-- site.mk + |-- i18n/ + |-- domains/ + |-- alpha_centauri.conf + |-- beta_centauri.conf + |-- gamma_centauri.conf The domain configuration ``alpha_centauri.conf`` could look like this. :: - { - domain_names = { - alpha_centauri = 'Alpha Centauri' - }, + { + domain_names = { + alpha_centauri = 'Alpha Centauri' + }, - -- more domain specific config follows below - } + -- more domain specific config follows below + } In this example “Alpha Centauri” is the user-visible ``domain_name`` for the domain_code ``alpha_centauri``. Also note that the domain code @@ -93,12 +93,12 @@ Via commandline :: - gluon-switch-domain 'newdomaincode' + gluon-switch-domain 'newdomaincode' When the node is not in config mode, ``gluon-switch-domain`` will automatically reboot the node by default. This can be suppressed by passing ``--no-reboot``:: - gluon-switch-domain --no-reboot 'newdomaincode' + gluon-switch-domain --no-reboot 'newdomaincode' Switching the domain without reboot is currently **experimental**. @@ -123,115 +123,115 @@ site or domain context. site.conf only variables ^^^^^^^^^^^^^^^^^^^^^^^^ -- Used in as initial default values, when the firmware was just flashed - and/or the config mode is skipped, so they do not make sense in a - domain specific way: +- Used in as initial default values, when the firmware was just flashed + and/or the config mode is skipped, so they do not make sense in a + domain specific way: - - authorized_keys - - default_domain - - poe_passthrough - - mesh_on_wan - - mesh_on_lan - - single_as_lan - - setup_mode.skip - - autoupdater.branch - - mesh_vpn.enabled - - mesh_vpn.pubkey_privacy - - mesh_vpn.bandwidth_limit - - mesh_vpn.bandwidth_limit.enabled - - mesh_vpn.bandwidth_limit.ingress - - mesh_vpn.bandwidth_limit.egress + - authorized_keys + - default_domain + - poe_passthrough + - mesh_on_wan + - mesh_on_lan + - single_as_lan + - setup_mode.skip + - autoupdater.branch + - mesh_vpn.enabled + - mesh_vpn.pubkey_privacy + - mesh_vpn.bandwidth_limit + - mesh_vpn.bandwidth_limit.enabled + - mesh_vpn.bandwidth_limit.ingress + - mesh_vpn.bandwidth_limit.egress -- Variables that influence the appearance of the config mode, - domain-independent because they are relevant before a domain was selected. +- Variables that influence the appearance of the config mode, + domain-independent because they are relevant before a domain was selected. - - config_mode.geo_location.show_altitude - - config_mode.hostname.optional - - config_mode.remote_login - - config_mode.remote_login.show_password_form - - config_mode.remote_login.min_password_length - - hostname_prefix - - mesh_vpn.fastd.configurable - - roles.default - - roles.list + - config_mode.geo_location.show_altitude + - config_mode.hostname.optional + - config_mode.remote_login + - config_mode.remote_login.show_password_form + - config_mode.remote_login.min_password_length + - hostname_prefix + - mesh_vpn.fastd.configurable + - roles.default + - roles.list -- Specific to a firmware build itself: +- Specific to a firmware build itself: - - site_code - - site_name - - autoupdater.branches.*.name - - autoupdater.branches.*.good_signatures - - autoupdater.branches.*.pubkeys + - site_code + - site_name + - autoupdater.branches.*.name + - autoupdater.branches.*.good_signatures + - autoupdater.branches.*.pubkeys -- We simply do not see any reason, why these variables could be helpful - in a domain specific way: +- We simply do not see any reason, why these variables could be helpful + in a domain specific way: - - mesh_vpn.fastd.syslog_level - - timezone - - regdom + - mesh_vpn.fastd.syslog_level + - timezone + - regdom domain.conf only variables ^^^^^^^^^^^^^^^^^^^^^^^^^^ -- Obviously: +- Obviously: - - domain_names + - domain_names - - a table of domain codes to domain names - ``domain_names = { foo = 'Foo Domain', bar = 'Bar Domain', baz = 'Baz Domain' }`` + - a table of domain codes to domain names + ``domain_names = { foo = 'Foo Domain', bar = 'Bar Domain', baz = 'Baz Domain' }`` - - hide_domain + - hide_domain - - prevents a domain name(s) from appearing in config mode, either - boolean or array of domain codes + - prevents a domain name(s) from appearing in config mode, either + boolean or array of domain codes - - ``true``, ``false`` - - ``{ 'foo', 'bar' }`` + - ``true``, ``false`` + - ``{ 'foo', 'bar' }`` -- Because each domain is considered as an own layer 2 network, these - values should be different in each domain: +- Because each domain is considered a separate layer 2 network, these + values should be different in each domain: - - next_node.ip4 - - next_node.ip6 - - next_node.name - - prefix6 - - prefix4 - - extra_prefixes6 + - next_node.ip4 + - next_node.ip6 + - next_node.name + - prefix6 + - prefix4 + - extra_prefixes6 -- To prevent accidental bridging of different domains, all meshing - technologies should be separated: +- To prevent accidental bridging of different domains, all meshing + technologies should be separated: - - domain_seed (wired mesh) + - domain_seed (wired mesh) - - must be a random value used to derive the vxlan id for wired meshing + - must be a random value used to derive the vxlan id for wired meshing - - wifi*.mesh.id - - mesh_vpn.fastd.groups.*.peers.remotes - - mesh_vpn.fastd.groups.*.peers.key - - mesh_vpn.tunneldigger.brokers + - wifi*.mesh.id + - mesh_vpn.fastd.groups.*.peers.remotes + - mesh_vpn.fastd.groups.*.peers.key + - mesh_vpn.tunneldigger.brokers -- Clients consider WiFi networks sharing the same ESSID as if they were - the same L2 network and try to reconfirm and reuse previous - addressing. If multiple neighbouring domains shared the same ESSID, - the roaming experience of clients would degrade. +- Clients consider WiFi networks sharing the same ESSID as if they were + the same L2 network and try to reconfirm and reuse previous + addressing. If multiple neighbouring domains shared the same ESSID, + the roaming experience of clients would degrade. - - wifi*.ap.ssid + - wifi*.ap.ssid -- Some values should be only set in legacy domains and not in new domains. +- Some values should be only set in legacy domains and not in new domains. - - mesh.vxlan + - mesh.vxlan - - By default, this value is `true`. It should be only set to `false` - for one legacy domain, since vxlan prevents accidental wired - merges of domains. For old domains this value is still available - to keep compatibility between all nodes in one domain. + - By default, this value is `true`. It should be only set to `false` + for one legacy domain, since vxlan prevents accidental wired + merges of domains. For old domains this value is still available + to keep compatibility between all nodes in one domain. - - next_node.mac + - next_node.mac - - For new domains, the default value should be used, since there is - no need for a special mac (or domain specific mac). For old domains - this value is still available to keep compatibility between all - nodes in one domain. + - For new domains, the default value should be used, since there is + no need for a special mac (or domain specific mac). For old domains + this value is still available to keep compatibility between all + nodes in one domain. Example config -------------- diff --git a/docs/features/vpn.rst b/docs/features/vpn.rst index 8697baad..c1ed9336 100644 --- a/docs/features/vpn.rst +++ b/docs/features/vpn.rst @@ -52,6 +52,6 @@ socket can be interrogated, after installing for example `socat`. :: - opkg update - opkg install socat - socat - UNIX-CONNECT:/var/run/fastd.mesh_vpn.socket + opkg update + opkg install socat + socat - UNIX-CONNECT:/var/run/fastd.mesh_vpn.socket diff --git a/docs/multidomain-site-example/site.mk b/docs/multidomain-site-example/site.mk index df282a53..64ce6fa1 100644 --- a/docs/multidomain-site-example/site.mk +++ b/docs/multidomain-site-example/site.mk @@ -58,6 +58,3 @@ GLUON_REGION ?= eu # Languages to include GLUON_LANGS ?= en de - -# Do not build images for deprecated devices -GLUON_DEPRECATED ?= 0 diff --git a/docs/package/gluon-mesh-batman-adv.rst b/docs/package/gluon-mesh-batman-adv.rst index 29135324..cd362ede 100644 --- a/docs/package/gluon-mesh-batman-adv.rst +++ b/docs/package/gluon-mesh-batman-adv.rst @@ -2,7 +2,7 @@ gluon-mesh-batman-adv ===================== .. image:: gluon-mesh-batman-adv-logo.svg - :width: 300 px + :width: 300 px B.A.T.M.A.N. Advanced (often referenced as batman-adv) is an implementation of the B.A.T.M.A.N. routing protocol in form of a linux kernel module operating on layer 2. @@ -47,7 +47,7 @@ Multicast Architecture ---------------------- .. image:: gluon-mesh-batman-adv-multicast.svg - :width: 300 px + :width: 300 px While generally broadcast capability is a nice feature of a layer 2 mesh protocol, it quickly reaches its limit. diff --git a/docs/package/gluon-scheduled-domain-switch.rst b/docs/package/gluon-scheduled-domain-switch.rst index ee1fe146..f67c500d 100644 --- a/docs/package/gluon-scheduled-domain-switch.rst +++ b/docs/package/gluon-scheduled-domain-switch.rst @@ -15,15 +15,15 @@ site.conf All those settings have to be defined exclusively in the domain, not the site. domain_switch : optional (needed for domains to switch) - target_domain : - - target domain to switch to - switch_after_offline_mins : - - amount of time without reachable gateway to switch unconditionally - switch_time : - - UNIX epoch after which domain will be switched - connection_check_targets : - - array of IPv6 addresses which are probed to determine if the node is - connected to the mesh + target_domain : + - target domain to switch to + switch_after_offline_mins : + - amount of time without reachable gateway to switch unconditionally + switch_time : + - UNIX epoch after which domain will be switched + connection_check_targets : + - array of IPv6 addresses which are probed to determine if the node is + connected to the mesh Example:: diff --git a/docs/releases/v2015.1.rst b/docs/releases/v2015.1.rst index 2fd694c1..785c2b28 100644 --- a/docs/releases/v2015.1.rst +++ b/docs/releases/v2015.1.rst @@ -170,16 +170,16 @@ Site changes for example:: fastd_mesh_vpn = { - methods = {'salsa2012+umac'}, - mtu = 1426, - groups = { - backbone = { - limit = 2, - peers = { - -- ... - } - } + methods = {'salsa2012+umac'}, + mtu = 1426, + groups = { + backbone = { + limit = 2, + peers = { + -- ... + } } + } } - ``config_mode``: The config mode messages aren't configured in ``site.conf`` anymore. Instead, they are @@ -190,11 +190,11 @@ Site changes in the site i18n files. The ``site.conf`` section becomes:: roles = { - default = 'foo', - list = { - 'foo', - 'bar', - } + default = 'foo', + list = { + 'foo', + 'bar', + } } The display string use i18n message IDs like ``gluon-luci-node-role:role:foo`` and ``gluon-luci-node-role:role:bar``. diff --git a/docs/releases/v2016.1.5.rst b/docs/releases/v2016.1.5.rst index 142be29e..8752a917 100644 --- a/docs/releases/v2016.1.5.rst +++ b/docs/releases/v2016.1.5.rst @@ -9,21 +9,21 @@ ar71xx-generic * OpenMesh - - MR600 (v1, v2) - - MR900 (v1, v2) - - OM2P (v1, v2) - - OM2P-HS (v1, v2) - - OM2P-LC - - OM5P - - OM5P-AN + - MR600 (v1, v2) + - MR900 (v1, v2) + - OM2P (v1, v2) + - OM2P-HS (v1, v2) + - OM2P-LC + - OM5P + - OM5P-AN * Ubiquiti - - Rocket M XW + - Rocket M XW * TP-LINK - - TL-WR841N/ND v11 + - TL-WR841N/ND v11 Bugfixes ~~~~~~~~ diff --git a/docs/releases/v2019.1.1.rst b/docs/releases/v2019.1.1.rst index 0385e8bf..024d5ad6 100644 --- a/docs/releases/v2019.1.1.rst +++ b/docs/releases/v2019.1.1.rst @@ -30,13 +30,15 @@ Known issues * The integration of the BATMAN_V routing algorithm is incomplete. - - | Mesh neighbors don't appear on the status page. (`#1726 `_) - | Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput - | metric. + - Mesh neighbors don't appear on the status page. (`#1726 `_) - - | Throughput values are not correctly acquired for different interface types. - | (`#1728 `_) - | This affects virtual interface types like bridges and VXLAN. + Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput + metric. + + - Throughput values are not correctly acquired for different interface types. + (`#1728 `_) + + This affects virtual interface types like bridges and VXLAN. * Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 `_) diff --git a/docs/releases/v2019.1.2.rst b/docs/releases/v2019.1.2.rst index 7d44fd49..7ee0de32 100644 --- a/docs/releases/v2019.1.2.rst +++ b/docs/releases/v2019.1.2.rst @@ -26,13 +26,15 @@ Known issues * The integration of the BATMAN_V routing algorithm is incomplete. - - | Mesh neighbors don't appear on the status page. (`#1726 `_) - | Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput - | metric. + - Mesh neighbors don't appear on the status page. (`#1726 `_) - - | Throughput values are not correctly acquired for different interface types. - | (`#1728 `_) - | This affects virtual interface types like bridges and VXLAN. + Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput + metric. + + - Throughput values are not correctly acquired for different interface types. + (`#1728 `_) + + This affects virtual interface types like bridges and VXLAN. * Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 `_) diff --git a/docs/releases/v2019.1.3.rst b/docs/releases/v2019.1.3.rst index 11dd0959..7a78dfb2 100644 --- a/docs/releases/v2019.1.3.rst +++ b/docs/releases/v2019.1.3.rst @@ -36,13 +36,15 @@ Known issues * The integration of the BATMAN_V routing algorithm is incomplete. - - | Mesh neighbors don't appear on the status page. (`#1726 `_) - | Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput - | metric. + - Mesh neighbors don't appear on the status page. (`#1726 `_) - - | Throughput values are not correctly acquired for different interface types. - | (`#1728 `_) - | This affects virtual interface types like bridges and VXLAN. + Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput + metric. + + - Throughput values are not correctly acquired for different interface types. + (`#1728 `_) + + This affects virtual interface types like bridges and VXLAN. * Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 `_) diff --git a/docs/releases/v2019.1.rst b/docs/releases/v2019.1.rst index a9e0a829..43f5c3e7 100644 --- a/docs/releases/v2019.1.rst +++ b/docs/releases/v2019.1.rst @@ -73,8 +73,8 @@ ramips-mt7621 .. note:: - The ``ipq806x`` target has been flagged as broken, as none of its devices are fully supported in this OpenWrt - release yet. You might have to update your build scripts accordingly. + The ``ipq806x`` target has been flagged as broken, as none of its devices are fully supported in this OpenWrt + release yet. You might have to update your build scripts accordingly. @@ -109,20 +109,20 @@ have outdoor mode automatically enabled during their initial setup, specifically * Ubiquiti - - Bullet M - - Litebeam M5 - - Nanostation M5 - - Nanostation M5 Loco - - Rocket M5 - - Rocket M5 TI - - Unifi AC Mesh - - Unifi AC Mesh Pro - - Unifi Outdoor + - Bullet M + - Litebeam M5 + - Nanostation M5 + - Nanostation M5 Loco + - Rocket M5 + - Rocket M5 TI + - Unifi AC Mesh + - Unifi AC Mesh Pro + - Unifi Outdoor * TP-Link - - CPE510 - - WBS510 + - CPE510 + - WBS510 See the :ref:`wifi5 ` section for the *site.conf* configuration of this feature. @@ -253,13 +253,15 @@ Known issues * The integration of the BATMAN_V routing algorithm is incomplete. - - | Mesh neighbors don't appear on the status page. (`#1726 `_) - | Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput - | metric. + - Mesh neighbors don't appear on the status page. (`#1726 `_) - - | Throughput values are not correctly acquired for different interface types. - | (`#1728 `_) - | This affects virtual interface types like bridges and VXLAN. + Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput + metric. + + - Throughput values are not correctly acquired for different interface types. + (`#1728 `_) + + This affects virtual interface types like bridges and VXLAN. * Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 `_) diff --git a/docs/releases/v2020.1.1.rst b/docs/releases/v2020.1.1.rst index f18d1133..e165863f 100644 --- a/docs/releases/v2020.1.1.rst +++ b/docs/releases/v2020.1.1.rst @@ -25,13 +25,15 @@ Known issues - The integration of the BATMAN_V routing algorithm is incomplete. - - | Mesh neighbors don't appear on the status page. (`#1726 `_) - | Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput - | metric. + - Mesh neighbors don't appear on the status page. (`#1726 `_) - - | Throughput values are not correctly acquired for different interface types. - | (`#1728 `_) - | This affects virtual interface types like bridges and VXLAN. + Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput + metric. + + - Throughput values are not correctly acquired for different interface types. + (`#1728 `_) + + This affects virtual interface types like bridges and VXLAN. - Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 `_) diff --git a/docs/releases/v2020.1.2.rst b/docs/releases/v2020.1.2.rst index 37adb6a1..378917ea 100644 --- a/docs/releases/v2020.1.2.rst +++ b/docs/releases/v2020.1.2.rst @@ -50,13 +50,15 @@ Known issues - The integration of the BATMAN_V routing algorithm is incomplete. - - | Mesh neighbors don't appear on the status page. (`#1726 `_) - | Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput - | metric. + - Mesh neighbors don't appear on the status page. (`#1726 `_) - - | Throughput values are not correctly acquired for different interface types. - | (`#1728 `_) - | This affects virtual interface types like bridges and VXLAN. + Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput + metric. + + - Throughput values are not correctly acquired for different interface types. + (`#1728 `_) + + This affects virtual interface types like bridges and VXLAN. - Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 `_) diff --git a/docs/releases/v2020.1.3.rst b/docs/releases/v2020.1.3.rst index 429d4c78..7a9f5d8e 100644 --- a/docs/releases/v2020.1.3.rst +++ b/docs/releases/v2020.1.3.rst @@ -30,13 +30,15 @@ Known issues - The integration of the BATMAN_V routing algorithm is incomplete. - - | Mesh neighbors don't appear on the status page. (`#1726 `_) - | Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput - | metric. + - Mesh neighbors don't appear on the status page. (`#1726 `_) - - | Throughput values are not correctly acquired for different interface types. - | (`#1728 `_) - | This affects virtual interface types like bridges and VXLAN. + Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput + metric. + + - Throughput values are not correctly acquired for different interface types. + (`#1728 `_) + + This affects virtual interface types like bridges and VXLAN. - Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 `_) diff --git a/docs/releases/v2020.1.rst b/docs/releases/v2020.1.rst index d3bea233..bebd07c4 100644 --- a/docs/releases/v2020.1.rst +++ b/docs/releases/v2020.1.rst @@ -11,80 +11,80 @@ Added hardware support ath79-generic ~~~~~~~~~~~~~ -- devolo WiFi pro 1200e -- devolo WiFi pro 1200i -- devolo WiFi pro 1750c -- devolo WiFi pro 1750e -- devolo WiFi pro 1750i -- devolo WiFi pro 1750x -- GL.iNet GL-AR300M-Lite -- OCEDO Raccoon -- TP-Link Archer C6 v2 +- devolo WiFi pro 1200e +- devolo WiFi pro 1200i +- devolo WiFi pro 1750c +- devolo WiFi pro 1750e +- devolo WiFi pro 1750i +- devolo WiFi pro 1750x +- GL.iNet GL-AR300M-Lite +- OCEDO Raccoon +- TP-Link Archer C6 v2 ipq40xx-generic ~~~~~~~~~~~~~~~ -- Aruba AP-303 -- Aruba Instant On AP11 -- AVM FRITZ!Repeater 1200 +- Aruba AP-303 +- Aruba Instant On AP11 +- AVM FRITZ!Repeater 1200 ipq806x-generic ~~~~~~~~~~~~~~~ -- Netgear R7800 +- Netgear R7800 lantiq-xway ~~~~~~~~~~~ -- AVM FRITZ!Box 7312 -- AVM FRITZ!Box 7320 -- AVM FRITZ!Box 7330 -- AVM FRITZ!Box 7330 SL +- AVM FRITZ!Box 7312 +- AVM FRITZ!Box 7320 +- AVM FRITZ!Box 7330 +- AVM FRITZ!Box 7330 SL lantiq-xrx200 ~~~~~~~~~~~~~ -- AVM FRITZ!Box 7360 (v1, v2) -- AVM FRITZ!Box 7360 SL -- AVM FRITZ!Box 7362 SL -- AVM FRITZ!Box 7412 +- AVM FRITZ!Box 7360 (v1, v2) +- AVM FRITZ!Box 7360 SL +- AVM FRITZ!Box 7362 SL +- AVM FRITZ!Box 7412 mpc85xx-p1020 ~~~~~~~~~~~~~ -- Enterasys WS-AP3710i -- OCEDO Panda +- Enterasys WS-AP3710i +- OCEDO Panda ramips-mt7620 ~~~~~~~~~~~~~ -- TP-Link Archer C2 (v1) -- TP-Link Archer C20 (v1) -- TP-Link Archer C20i -- TP-Link Archer C50 (v1) -- Xiaomi MiWifi Mini +- TP-Link Archer C2 (v1) +- TP-Link Archer C20 (v1) +- TP-Link Archer C20i +- TP-Link Archer C50 (v1) +- Xiaomi MiWifi Mini ramips-mt7621 ~~~~~~~~~~~~~ -- Netgear EX6150 (v1) -- Netgear R6220 +- Netgear EX6150 (v1) +- Netgear R6220 ramips-mt76x8 ~~~~~~~~~~~~~ -- GL.iNet VIXMINI -- TP-Link TL-MR3020 (v3) -- TP-Link TL-WA801ND (v5) -- TP-Link TL-WR902AC (v3) +- GL.iNet VIXMINI +- TP-Link TL-MR3020 (v3) +- TP-Link TL-WA801ND (v5) +- TP-Link TL-WR902AC (v3) Removed hardware support ------------------------ -- ALFA Network Hornet-UB [#kernelpartition_too_small]_ -- ALFA Network Tube2H [#kernelpartition_too_small]_ -- ALFA Network N2 [#kernelpartition_too_small]_ -- ALFA Network N5 [#kernelpartition_too_small]_ +- ALFA Network Hornet-UB [#kernelpartition_too_small]_ +- ALFA Network Tube2H [#kernelpartition_too_small]_ +- ALFA Network N2 [#kernelpartition_too_small]_ +- ALFA Network N5 [#kernelpartition_too_small]_ .. [#kernelpartition_too_small] The kernel partition on this device is too small to build a working image. @@ -162,8 +162,8 @@ Site changes site.mk ~~~~~~~ -- The ``GLUON_WLAN_MESH`` variable can be dropped, as 802.11s is - the only supported wireless transport from now on. +- The ``GLUON_WLAN_MESH`` variable can be dropped, as 802.11s is + the only supported wireless transport from now on. Internals --------- @@ -206,13 +206,15 @@ Known issues * The integration of the BATMAN_V routing algorithm is incomplete. - - | Mesh neighbors don't appear on the status page. (`#1726 `_) - | Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput - | metric. + - Mesh neighbors don't appear on the status page. (`#1726 `_) - - | Throughput values are not correctly acquired for different interface types. - | (`#1728 `_) - | This affects virtual interface types like bridges and VXLAN. + Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput + metric. + + - Throughput values are not correctly acquired for different interface types. + (`#1728 `_) + + This affects virtual interface types like bridges and VXLAN. * Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 `_) diff --git a/docs/requirements.txt b/docs/requirements.txt index f85be1ff..5babfe38 100644 --- a/docs/requirements.txt +++ b/docs/requirements.txt @@ -1 +1 @@ -sphinx-rtd-theme==0.5.2 +sphinx-rtd-theme==1.0.0 diff --git a/docs/site-example/site.mk b/docs/site-example/site.mk index cff17523..30671b18 100644 --- a/docs/site-example/site.mk +++ b/docs/site-example/site.mk @@ -55,6 +55,3 @@ GLUON_REGION ?= eu # Languages to include GLUON_LANGS ?= en de - -# Do not build images for deprecated devices -GLUON_DEPRECATED ?= 0 diff --git a/docs/user/getting_started.rst b/docs/user/getting_started.rst index 7cf00834..57ffe83b 100644 --- a/docs/user/getting_started.rst +++ b/docs/user/getting_started.rst @@ -40,6 +40,12 @@ freshly installed Debian Stretch system the following packages are required: * `time` (built-in `time` doesn't work) * `qemu-utils` +We also provide a container environment that already tracks all these dependencies. It quickly gets you up and running, if you already have either Docker or Podman installed locally. + +:: + + ./scripts/container.sh + Building the images ------------------- @@ -48,31 +54,31 @@ version you'd like to checkout, e.g. *v2021.1*. :: - git clone https://github.com/freifunk-gluon/gluon.git gluon -b RELEASE + git clone https://github.com/freifunk-gluon/gluon.git gluon -b RELEASE This command will create a directory named *gluon/*. It might also tell a scary message about being in a *detached state*. **Don't panic!** Everything's fine. Now, enter the freshly created directory:: - cd gluon + cd gluon It's time to add (or create) your site configuration. If you already have a site repository, just clone it:: - git clone https://github.com/freifunk-alpha-centauri/site-ffac.git site + git clone https://github.com/freifunk-alpha-centauri/site-ffac.git site If you want to build a new site, create a new git repository *site/*:: - mkdir site - cd site - git init + mkdir site + cd site + git init Copy *site.conf*, *site.mk* and *i18n* from *docs/site-example*:: - cp ../docs/site-example/site.conf . - cp ../docs/site-example/site.mk . - cp -r ../docs/site-example/i18n . + cp ../docs/site-example/site.conf . + cp ../docs/site-example/site.mk . + cp -r ../docs/site-example/i18n . Edit these files as you see fit and commit them into the site repository. Extensive documentation about the site configuration can be found at: @@ -80,11 +86,11 @@ Extensive documentation about the site configuration can be found at: site directory should always be a git repository by itself; committing site-specific files to the Gluon main repository should be avoided, as it will make updates more complicated. -Next go back to the top-level Gluon directory and build Gluon:: +Next go back to the top-level Gluon directory and build Gluon\ [#make_update]_:: - cd .. - make update # Get other repositories used by Gluon - make GLUON_TARGET=ath79-generic # Build Gluon + cd .. + make update # Get other repositories used by Gluon + make GLUON_TARGET=ath79-generic # Build Gluon In case of errors read the messages carefully and try to fix the stated issues (e.g. install missing tools not available or look for Troubleshooting_ in the wiki. @@ -96,9 +102,9 @@ To see a complete list of supported targets, call ``make`` without setting ``GLU To build all targets use a loop like this:: - for TARGET in $(make list-targets); do - make GLUON_TARGET=$TARGET - done + for TARGET in $(make list-targets); do + make GLUON_TARGET=$TARGET + done You should generally reserve 5GB of disk space and additionally about 10GB for each `GLUON_TARGET`. @@ -111,7 +117,7 @@ system. of multiple copies of the same image. If your webserver's configuration prohibits following symlinks, you can use the following command to resolve these links while copying the images:: - cp -rL output/images /var/www + cp -rL output/images /var/www The directory `output/debug` contains a compressed kernel image for each architecture. @@ -119,19 +125,29 @@ These can be used for debugging and should be stored along with the images to allow debugging of kernel problems on devices in the field. See :ref:`Debugging ` for more information. +.. rubric:: Footnotes + +.. [#make_update] ``make update`` only needs to be called again after updating the + Gluon repository (using ``git pull`` or similar) or after changing branches, + not for each build. Running it more often than necessary is undesirable, as + the update will take some time, and may undo manual modifications of the + external repositories while developing on Gluon. + + See :ref:`working-with-repositories` for more information. + Cleaning the build tree ....................... There are two levels of `make clean`:: - make clean GLUON_TARGET=ath79-generic + make clean GLUON_TARGET=ath79-generic will ensure all packages are rebuilt for a single target. This is usually not necessary, but may fix certain kinds of build failures. :: - make dirclean + make dirclean will clean the entire tree, so the toolchain will be rebuilt as well, which will take a while. @@ -197,7 +213,7 @@ GLUON_DEPRECATED Usually, devices are deprecated because their flash size is insufficient to support future Gluon versions. The recommended setting is ``0`` for new sites, and ``upgrade`` for existing configurations (where upgrades for existing - deployments of low-flash devices are required). + deployments of low-flash devices are required). Defaults to ``0``. GLUON_LANGS Space-separated list of languages to include for the config mode/advanced settings. Defaults to ``en``. diff --git a/docs/user/site.rst b/docs/user/site.rst index a3d221c4..28297e38 100644 --- a/docs/user/site.rst +++ b/docs/user/site.rst @@ -12,543 +12,536 @@ Configuration The ``site.conf`` is a lua dictionary with the following defined keys. hostname_prefix - A string which shall prefix the default hostname of a device. + A string which shall prefix the default hostname of a device. site_name - The name of your community. + The name of your community. site_code - The code of your community. It is good practice to use the TLD of - your community here. + The code of your community. It is good practice to use the TLD of + your community here. domain_seed - 32 bytes of random data, encoded in hexadecimal, used to seed other random - values specific to the mesh domain. It must be the same for all nodes of one - mesh, but should be different for firmware that is not supposed to mesh with - each other. + 32 bytes of random data, encoded in hexadecimal, used to seed other random + values specific to the mesh domain. It must be the same for all nodes of one + mesh, but should be different for firmware that is not supposed to mesh with + each other. - The recommended way to generate a value for a new site is: - :: + The recommended way to generate a value for a new site is:: - echo $(hexdump -v -n 32 -e '1/1 "%02x"' `. + These NTP servers must be reachable via IPv6 from the nodes. If you don't want to set an IPv6 address + explicitly, but use a hostname (which is recommended), see also the :ref:`FAQ `. opkg \: optional - ``opkg`` package manager configuration. + ``opkg`` package manager configuration. - There are two optional fields in the ``opkg`` section: + There are two optional fields in the ``opkg`` section: - - ``openwrt`` overrides the default OpenWrt repository URL. The default URL would - correspond to ``http://downloads.openwrt.org/snapshots/packages/%A`` - and usually doesn't need to be changed when nodes are expected to have IPv6 - internet connectivity. - - ``extra`` specifies a table of additional repositories (with arbitrary keys) + - ``openwrt`` overrides the default OpenWrt repository URL. The default URL would + correspond to ``http://downloads.openwrt.org/snapshots/packages/%A`` + and usually doesn't need to be changed when nodes are expected to have IPv6 + internet connectivity. + - ``extra`` specifies a table of additional repositories (with arbitrary keys) - :: + :: - opkg = { - openwrt = 'http://opkg.services.ffac/openwrt/snapshots/packages/%A', - extra = { - gluon = 'http://opkg.services.ffac/modules/gluon-%GS-%GR/%S', - }, - } + opkg = { + openwrt = 'http://opkg.services.ffac/openwrt/snapshots/packages/%A', + extra = { + gluon = 'http://opkg.services.ffac/modules/gluon-%GS-%GR/%S', + }, + } - There are various patterns which can be used in the URLs: + There are various patterns which can be used in the URLs: - - ``%d`` is replaced by the OpenWrt distribution name ("openwrt") - - ``%v`` is replaced by the OpenWrt version number (e.g. "17.01") - - ``%S`` is replaced by the target board (e.g. "ath79/generic") - - ``%A`` is replaced by the target architecture (e.g. "mips_24kc") - - ``%GS`` is replaced by the Gluon site code (as specified in ``site.conf``) - - ``%GV`` is replaced by the Gluon version - - ``%GR`` is replaced by the Gluon release (as specified in ``site.mk``) + - ``%d`` is replaced by the OpenWrt distribution name ("openwrt") + - ``%v`` is replaced by the OpenWrt version number (e.g. "17.01") + - ``%S`` is replaced by the target board (e.g. "ath79/generic") + - ``%A`` is replaced by the target architecture (e.g. "mips_24kc") + - ``%GS`` is replaced by the Gluon site code (as specified in ``site.conf``) + - ``%GV`` is replaced by the Gluon version + - ``%GR`` is replaced by the Gluon release (as specified in ``site.mk``) regdom \: optional - The wireless regulatory domain responsible for your area, e.g.: - :: + The wireless regulatory domain responsible for your area, e.g. :: - regdom = 'DE' + regdom = 'DE' - Setting ``regdom`` is mandatory if ``wifi24`` or ``wifi5`` is defined. + Setting ``regdom`` is mandatory if ``wifi24`` or ``wifi5`` is defined. wifi24 \: optional - WLAN configuration for 2.4 GHz devices. - ``channel`` must be set to a valid wireless channel for your radio. - ``beacon_interval`` can be specified to set a custom beacon interval in - time units (TU). A time unit is equivalent to 1024 µs. - If not set, the default value of 100 TU (=102.4 ms) is used. + WLAN configuration for 2.4 GHz devices. + ``channel`` must be set to a valid wireless channel for your radio. + ``beacon_interval`` can be specified to set a custom beacon interval in + time units (TU). A time unit is equivalent to 1024 µs. + If not set, the default value of 100 TU (=102.4 ms) is used. + There are currently two interface types available. You may choose to + configure any subset of them: - There are currently two interface types available. You may choose to - configure any subset of them: + - ``ap`` creates a master interface where clients may connect + - ``mesh`` creates an 802.11s mesh interface with forwarding disabled - - ``ap`` creates a master interface where clients may connect - - ``mesh`` creates an 802.11s mesh interface with forwarding disabled + Each interface may be disabled by setting ``disabled`` to ``true``. + This will only affect new installations. + Upgrades will not change the disabled state. - Each interface may be disabled by setting ``disabled`` to ``true``. - This will only affect new installations. - Upgrades will not change the disabled state. + ``ap`` holds the client network configuration. + To create an unencrypted client network, a string named ``ssid`` which sets the + interface's ESSID is required. This is the wireless network clients connect to. + For an OWE secured network, the ``owe_ssid`` string has to be set. It sets the + SSID for the opportunistically encrypted wireless network, to which compatible + clients can connect to. + For OWE to work, the ``wireless-encryption-wpa3`` has to be enabled (usually by + adding it to ``GLUON_FEATURES_standard``) in your ``site.mk``. + To utilize the OWE transition mode, ``owe_transition_mode`` has to be set to true. + When ``owe_transition_mode`` is enabled, the OWE secured SSID will be hidden. + Compatible devices will automatically connect to the OWE secured SSID when selecting + the open SSID. + Note that for the transition mode to work, both ``ssid`` as well as ``owe_ssid`` + have to be enabled. Also, some devices with a broken implementation might not be able + to connect with a transition-mode enabled network. - ``ap`` holds the client network configuration. - To create an unencrypted client network, a string named ``ssid`` which sets the - interface's ESSID is required. This is the wireless network clients connect to. - For an OWE secured network, the ``owe_ssid`` string has to be set. It sets the - SSID for the opportunistically encrypted wireless network, to which compatible - clients can connect to. - For OWE to work, the ``wireless-encryption-wpa3`` has to be enabled (usually by - adding it to ``GLUON_FEATURES_standard``) in your ``site.mk``. - To utilize the OWE transition mode, ``owe_transition_mode`` has to be set to true. - When ``owe_transition_mode`` is enabled, the OWE secured SSID will be hidden. - Compatible devices will automatically connect to the OWE secured SSID when selecting - the open SSID. - Note that for the transition mode to work, both ``ssid`` as well as ``owe_ssid`` - have to be enabled. Also, some devices with a broken implementation might not be able - to connect with a transition-mode enabled network. + ``mesh`` requires a single parameter, a string, named ``id`` which sets the + mesh id, also visible as an open WiFi in some network managers. Usually you + don't want users to connect to this mesh-SSID, so use a cryptic id that no + one will accidentally mistake for the client WiFi. - ``mesh`` requires a single parameter, a string, named ``id`` which sets the - mesh id, also visible as an open WiFi in some network managers. Usually you - don't want users to connect to this mesh-SSID, so use a cryptic id that no - one will accidentally mistake for the client WiFi. + ``mesh`` also accepts an optional ``mcast_rate`` (kbit/s) parameter for + setting the multicast bitrate. Increasing the default value of 1000 to something + like 12000 is recommended. - ``mesh`` also accepts an optional ``mcast_rate`` (kbit/s) parameter for - setting the multicast bitrate. Increasing the default value of 1000 to something - like 12000 is recommended. - :: + :: - wifi24 = { - channel = 11, - ap = { - ssid = 'alpha-centauri.freifunk.net', - owe_ssid = 'owe.alpha-centauri.freifunk.net', - owe_transition_mode = true, - }, - mesh = { - id = 'ueH3uXjdp', - mcast_rate = 12000, - }, - }, + wifi24 = { + channel = 11, + ap = { + ssid = 'alpha-centauri.freifunk.net', + owe_ssid = 'owe.alpha-centauri.freifunk.net', + owe_transition_mode = true, + }, + mesh = { + id = 'ueH3uXjdp', + mcast_rate = 12000, + }, + }, .. _user-site-wifi5: wifi5 \: optional - Same as `wifi24` but for the 5 GHz radio. + Same as `wifi24` but for the 5 GHz radio. - Additionally a range of channels that are safe to use outsides on the 5 GHz band can - be set up through ``outdoor_chanlist``, which allows for a space-separated list of - channels and channel ranges, separated by a hyphen. - When set this offers the outdoor mode flag for 5 GHz radios in the config mode which - reconfigures the AP to select its channel from outdoor chanlist, while respecting - regulatory specifications, and disables mesh on that radio. - The ``outdoors`` option in turn allows to configure when outdoor mode will be enabled. - When set to ``true`` all 5 GHz radios will use outdoor channels, while on ``false`` - the outdoor mode will be completely disabled. The default setting is ``'preset'``, - which will enable outdoor mode automatically on outdoor-capable devices. + Additionally a range of channels that are safe to use outsides on the 5 GHz band can + be set up through ``outdoor_chanlist``, which allows for a space-separated list of + channels and channel ranges, separated by a hyphen. + When set this offers the outdoor mode flag for 5 GHz radios in the config mode which + reconfigures the AP to select its channel from outdoor chanlist, while respecting + regulatory specifications, and disables mesh on that radio. + The ``outdoors`` option in turn allows to configure when outdoor mode will be enabled. + When set to ``true`` all 5 GHz radios will use outdoor channels, while on ``false`` + the outdoor mode will be completely disabled. The default setting is ``'preset'``, + which will enable outdoor mode automatically on outdoor-capable devices. - It can be beneficial to look up the WLAN channels that are used by `weather radars`_ - when constructing ``outdoor_chanlist`` to try and minimize the impact of DFS events. + It can be beneficial to look up the WLAN channels that are used by `weather radars`_ + when constructing ``outdoor_chanlist`` to try and minimize the impact of DFS events. - .. _weather radars: https://homepage.univie.ac.at/albert.rafetseder/RADARs/help.html + .. _weather radars: https://homepage.univie.ac.at/albert.rafetseder/RADARs/help.html - :: + :: - wifi5 = { - channel = 44, - outdoor_chanlist = "100-140", + wifi5 = { + channel = 44, + outdoor_chanlist = "100-140", - [...] - }, + [...] + }, next_node \: package - Configuration of the local node feature of Gluon - :: + Configuration of the local node feature of Gluon - next_node = { - name = { 'nextnode.location.community.example.org', 'nextnode', 'nn' }, - ip4 = '10.23.42.1', - ip6 = 'fdca:ffee:babe:1::1', - mac = '16:41:95:40:f7:dc' - } + :: - All values of this section are optional. If the IPv4 or IPv6 address is - omitted, there will be no IPv4 or IPv6 anycast address. The MAC address - defaults to ``16:41:95:40:f7:dc``; this value usually doesn't need to be - changed, but it can be adjusted to match existing deployments that use a - different value. + next_node = { + name = { 'nextnode.location.community.example.org', 'nextnode', 'nn' }, + ip4 = '10.23.42.1', + ip6 = 'fdca:ffee:babe:1::1', + mac = '16:41:95:40:f7:dc' + } - When the nodes' next-node address is used as a DNS resolver by clients - (by passing it via DHCP or router advertisements), it may be useful to - allow resolving a next-node hostname without referring to an upstream DNS - server (e.g. to allow reaching the node using such a hostname via HTTP or SSH - in isolated mesh segments). This is possible by providing one or more names - in the ``name`` field. + All values of this section are optional. If the IPv4 or IPv6 address is + omitted, there will be no IPv4 or IPv6 anycast address. The MAC address + defaults to ``16:41:95:40:f7:dc``; this value usually doesn't need to be + changed, but it can be adjusted to match existing deployments that use a + different value. + + When the nodes' next-node address is used as a DNS resolver by clients + (by passing it via DHCP or router advertisements), it may be useful to + allow resolving a next-node hostname without referring to an upstream DNS + server (e.g. to allow reaching the node using such a hostname via HTTP or SSH + in isolated mesh segments). This is possible by providing one or more names + in the ``name`` field. .. _user-site-mesh: mesh - Configuration of general mesh functionality. + Configuration of general mesh functionality. - To avoid inter-mesh links, Gluon can encapsulate the mesh protocol in VXLAN - for Mesh-on-LAN/WAN. It is recommended to set *mesh.vxlan* to ``true`` to - enable VXLAN in new setups. Setting it to ``false`` disables this - encapsulation to allow meshing with other nodes that don't support VXLAN - (Gluon 2017.1.x and older). In multi-domain setups, *mesh.vxlan* is optional - and defaults to ``true``. + To avoid inter-mesh links, Gluon can encapsulate the mesh protocol in VXLAN + for Mesh-on-LAN/WAN. It is recommended to set *mesh.vxlan* to ``true`` to + enable VXLAN in new setups. Setting it to ``false`` disables this + encapsulation to allow meshing with other nodes that don't support VXLAN + (Gluon 2017.1.x and older). In multi-domain setups, *mesh.vxlan* is optional + and defaults to ``true``. - Gluon generally segments layer-2 meshes so that each node becomes IGMP/MLD - querier for its own local clients. This is necessary for reliable multicast - snooping. The segmentation is realized by preventing IGMP/MLD queries from - passing through the mesh. See also - :ref:`gluon-mesh-batman-adv ` for details. + Gluon generally segments layer-2 meshes so that each node becomes IGMP/MLD + querier for its own local clients. This is necessary for reliable multicast + snooping. The segmentation is realized by preventing IGMP/MLD queries from + passing through the mesh. See also + :ref:`gluon-mesh-batman-adv ` for details. - By default, not only queries are filtered, but also membership report and - leave packets, as they add to the background noise of the mesh. As a - consequence, snooping switches outside the mesh that are connected to a - Gluon node need to be configured to forward all multicast traffic towards - the mesh; this is usually not a problem, as such setups are unusual. If - you run a special-purpose mesh that requires membership reports to be - working, this filtering can be disabled by setting the - optional *filter_membership_reports* value to ``false``. + By default, not only queries are filtered, but also membership report and + leave packets, as they add to the background noise of the mesh. As a + consequence, snooping switches outside the mesh that are connected to a + Gluon node need to be configured to forward all multicast traffic towards + the mesh; this is usually not a problem, as such setups are unusual. If + you run a special-purpose mesh that requires membership reports to be + working, this filtering can be disabled by setting the + optional *filter_membership_reports* value to ``false``. - In addition, options specific to the batman-adv routing protocol can be set - in the *batman_adv* section: + In addition, options specific to the batman-adv routing protocol can be set + in the *batman_adv* section: - The mandatory value *routing_algo* selects the batman-adv protocol variant. - The following values are supported: + The mandatory value *routing_algo* selects the batman-adv protocol variant. + The following values are supported: - - ``BATMAN_IV`` - - ``BATMAN_V`` + - ``BATMAN_IV`` + - ``BATMAN_V`` - The optional value *gw_sel_class* sets the gateway selection class, the - default is ``20`` for B.A.T.M.A.N. IV and ``5000`` kbit/s for B.A.T.M.A.N. V. + The optional value *gw_sel_class* sets the gateway selection class, the + default is ``20`` for B.A.T.M.A.N. IV and ``5000`` kbit/s for B.A.T.M.A.N. V. - - **B.A.T.M.A.N. IV:** with the value ``20`` the gateway is selected based - on the link quality (TQ) only; with class ``1`` it is calculated from - both, the TQ and the announced bandwidth. - - **B.A.T.M.A.N. V:** with the value ``1500`` the gateway is selected if the - throughput is at least 1500 kbit/s faster than the throughput of the - currently selected gateway. + - **B.A.T.M.A.N. IV:** with the value ``20`` the gateway is selected based + on the link quality (TQ) only; with class ``1`` it is calculated from + both, the TQ and the announced bandwidth. + - **B.A.T.M.A.N. V:** with the value ``1500`` the gateway is selected if the + throughput is at least 1500 kbit/s faster than the throughput of the + currently selected gateway. - For details on determining the threshold, when to switch to a new gateway, - see `batctl manpage`_, section "gw_mode". + For details on determining the threshold, when to switch to a new gateway, + see `batctl manpage`_, section "gw_mode". - .. _batctl manpage: https://www.open-mesh.org/projects/batman-adv/wiki/Gateways + .. _batctl manpage: https://www.open-mesh.org/projects/batman-adv/wiki/Gateways - :: + :: - mesh = { - vxlan = true, - filter_membership_reports = false, - batman_adv = { - routing_algo = 'BATMAN_IV', - gw_sel_class = 1, - }, - } + mesh = { + vxlan = true, + filter_membership_reports = false, + batman_adv = { + routing_algo = 'BATMAN_IV', + gw_sel_class = 1, + }, + } mesh_vpn - Remote server setup for the mesh VPN. + Remote server setup for the mesh VPN. - The `enabled` option can be set to true to enable the VPN by default. `mtu` - defines the MTU of the VPN interface, determining a proper MTU value is described - in the :ref:`FAQ `. + The `enabled` option can be set to true to enable the VPN by default. `mtu` + defines the MTU of the VPN interface, determining a proper MTU value is described + in the :ref:`FAQ `. - By default the public key of a node's VPN daemon is not added to announced respondd - data; this prevents malicious ISPs from correlating VPN sessions with specific mesh - nodes via public respondd data. If this is of no concern in your threat model, - this behaviour can be disabled (and thus announcing the public key be enabled) by - setting `pubkey_privacy` to `false`. At the moment, this option only affects fastd. + By default the public key of a node's VPN daemon is not added to announced respondd + data; this prevents malicious ISPs from correlating VPN sessions with specific mesh + nodes via public respondd data. If this is of no concern in your threat model, + this behaviour can be disabled (and thus announcing the public key be enabled) by + setting `pubkey_privacy` to `false`. At the moment, this option only affects fastd. - The `fastd` section configures settings specific to the *fastd* VPN - implementation. + The `fastd` section configures settings specific to the *fastd* VPN + implementation. - If `configurable` is set to `false` or unset, the method list will be replaced on updates - with the list from the site configuration. Setting `configurable` to `true` will allow the user to - add the method ``null`` to the beginning of the method list or remove ``null`` from it, - and make this change survive updates. Setting `configurable` is necessary for the - package `gluon-web-mesh-vpn-fastd`, which adds a UI for this configuration. + If `configurable` is set to `false` or unset, the method list will be replaced on updates + with the list from the site configuration. Setting `configurable` to `true` will allow the user to + add the method ``null`` to the beginning of the method list or remove ``null`` from it, + and make this change survive updates. Setting `configurable` is necessary for the + package `gluon-web-mesh-vpn-fastd`, which adds a UI for this configuration. - In any case, the ``null`` method should always be the first method in the list - if it is supported at all. You should only set `configurable` to `true` if the - configured peers support both the ``null`` method and methods with encryption. + In any case, the ``null`` method should always be the first method in the list + if it is supported at all. You should only set `configurable` to `true` if the + configured peers support both the ``null`` method and methods with encryption. - You can set syslog_level from verbose (default) to warn to reduce syslog output. + You can set syslog_level from verbose (default) to warn to reduce syslog output. - fastd allows to configure a tree of peer groups and peers. By default, the - list of groups and peers configured in the *fastd* UCI config is completely - replaced by the list from site.conf on upgrades. To allow custom modifications - to the peer list, removal and modification of peers can be prevented by - setting the *preserve* option of a peer to ``1`` in UCI. + fastd allows to configure a tree of peer groups and peers. By default, the + list of groups and peers configured in the *fastd* UCI config is completely + replaced by the list from site.conf on upgrades. To allow custom modifications + to the peer list, removal and modification of peers can be prevented by + setting the *preserve* option of a peer to ``1`` in UCI. - The `tunneldigger` section is used to define the *tunneldigger* broker list. + The `tunneldigger` section is used to define the *tunneldigger* broker list. - **Note:** It doesn't make sense to include both `fastd` and `tunneldigger` - sections in the same configuration file, as only one of the packages *gluon-mesh-vpn-fastd* - and *gluon-mesh-vpn-tunneldigger* should be installed with the current - implementation. + **Note:** It doesn't make sense to include both `fastd` and `tunneldigger` + sections in the same configuration file, as only one of the packages *gluon-mesh-vpn-fastd* + and *gluon-mesh-vpn-tunneldigger* should be installed with the current + implementation. - **Note:** It may be interesting to include the package *gluon-iptables-clamp-mss-to-pmtu* - in the build when using *gluon-mesh-babel* to work around ICMP blackholes on the internet. + **Note:** It may be interesting to include the package *gluon-iptables-clamp-mss-to-pmtu* + in the build when using *gluon-mesh-babel* to work around ICMP blackholes on the internet. - :: + :: - mesh_vpn = { - -- enabled = true, - mtu = 1312, - -- pubkey_privacy = true, + mesh_vpn = { + -- enabled = true, + mtu = 1312, + -- pubkey_privacy = true, - fastd = { - methods = {'salsa2012+umac'}, - -- configurable = true, - -- syslog_level = 'warn', - groups = { - backbone = { - -- Limit number of connected peers from this group - limit = 1, - peers = { - peer1 = { - key = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', - -- Having multiple domains prevents SPOF in freifunk.net - remotes = { - 'ipv4 "vpn1.alpha-centauri.freifunk.net" port 10000', - 'ipv4 "vpn1.alpha-centauri-freifunk.de" port 10000', - }, - }, - peer2 = { - key = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', - -- You can also omit the ipv4 to allow both connection via ipv4 and ipv6 - remotes = {'"vpn2.alpha-centauri.freifunk.net" port 10000'}, - }, - peer3 = { - key = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', - -- In addition to domains you can also add ip addresses, which provides - -- resilience in case of dns outages - remotes = { - '"vpn3.alpha-centauri.freifunk.net" port 10000', - '[2001:db8::3:1]:10000', - '192.0.2.3:10000', - }, + fastd = { + methods = {'salsa2012+umac'}, + -- configurable = true, + -- syslog_level = 'warn', + groups = { + backbone = { + -- Limit number of connected peers from this group + limit = 1, + peers = { + peer1 = { + key = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', + -- Having multiple domains prevents SPOF in freifunk.net + remotes = { + 'ipv4 "vpn1.alpha-centauri.freifunk.net" port 10000', + 'ipv4 "vpn1.alpha-centauri-freifunk.de" port 10000', + }, + }, + peer2 = { + key = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', + -- You can also omit the ipv4 to allow both connection via ipv4 and ipv6 + remotes = {'"vpn2.alpha-centauri.freifunk.net" port 10000'}, + }, + peer3 = { + key = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', + -- In addition to domains you can also add ip addresses, which provides + -- resilience in case of dns outages + remotes = { + '"vpn3.alpha-centauri.freifunk.net" port 10000', + '[2001:db8::3:1]:10000', + '192.0.2.3:10000', }, }, - -- Optional: nested peer groups - -- groups = { - -- lowend_backbone = { - -- limit = 1, - -- peers = ... - -- }, - -- }, }, - -- Optional: additional peer groups, possibly with other limits - -- peertopeer = { - -- limit = 10, - -- peers = { ... }, + -- Optional: nested peer groups + -- groups = { + -- lowend_backbone = { + -- limit = 1, + -- peers = ... + -- }, -- }, }, + -- Optional: additional peer groups, possibly with other limits + -- peertopeer = { + -- limit = 10, + -- peers = { ... }, + -- }, }, + }, - tunneldigger = { - brokers = {'vpn1.alpha-centauri.freifunk.net'} - }, + tunneldigger = { + brokers = {'vpn1.alpha-centauri.freifunk.net'} + }, - bandwidth_limit = { - -- The bandwidth limit can be enabled by default here. - enabled = false, + bandwidth_limit = { + -- The bandwidth limit can be enabled by default here. + enabled = false, - -- Default upload limit (kbit/s). - egress = 200, + -- Default upload limit (kbit/s). + egress = 200, - -- Default download limit (kbit/s). - ingress = 3000, - }, - } + -- Default download limit (kbit/s). + ingress = 3000, + }, + } mesh_on_wan \: optional - Enables the mesh on the WAN port (``true`` or ``false``). - :: + Enables the mesh on the WAN port (``true`` or ``false``). + :: - mesh_on_wan = true, + mesh_on_wan = true, mesh_on_lan \: optional - Enables the mesh on the LAN port (``true`` or ``false``). - :: + Enables the mesh on the LAN port (``true`` or ``false``). + :: - mesh_on_lan = true, + mesh_on_lan = true, poe_passthrough \: optional - Enable PoE passthrough by default on hardware with such a feature. + Enable PoE passthrough by default on hardware with such a feature. autoupdater \: package - Configuration for the autoupdater feature of Gluon. + Configuration for the autoupdater feature of Gluon. - Specifying a default branch in *site.conf* is optional. See - :doc:`../features/autoupdater` for information how to change the behaviour - of the autoupdater during image build. + Specifying a default branch in *site.conf* is optional. See + :doc:`../features/autoupdater` for information how to change the behaviour + of the autoupdater during image build. - The mirrors are checked in random order until the manifest could be downloaded - successfully or all mirrors have been tried. - :: + The mirrors are checked in random order until the manifest could be downloaded + successfully or all mirrors have been tried. + :: - autoupdater = { - branch = 'stable', -- optional - branches = { - stable = { - name = 'stable', - mirrors = { - 'http://[fdca:ffee:babe:1::fec1]/firmware/stable/sysupgrade/', - 'http://autoupdate.alpha-centauri.freifunk.net/firmware/stable/sysupgrade/', - }, - -- Number of good signatures required - good_signatures = 2, - pubkeys = { - 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', -- someguy - 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', -- someother - } + autoupdater = { + branch = 'stable', -- optional + branches = { + stable = { + name = 'stable', + mirrors = { + 'http://[fdca:ffee:babe:1::fec1]/firmware/stable/sysupgrade/', + 'http://autoupdate.alpha-centauri.freifunk.net/firmware/stable/sysupgrade/', + }, + -- Number of good signatures required + good_signatures = 2, + pubkeys = { + 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', -- someguy + 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX', -- someother } } } + } - All configured mirrors must be reachable from the nodes via IPv6. If you don't want to set an IPv6 address - explicitly, but use a hostname (which is recommended), see also the :ref:`FAQ `. + All configured mirrors must be reachable from the nodes via IPv6. If you don't want to set an IPv6 address + explicitly, but use a hostname (which is recommended), see also the :ref:`FAQ `. .. _user-site-config_mode: config_mode \: optional - Additional configuration for the configuration web interface. All values are - optional. + Additional configuration for the configuration web interface. All values are + optional. - When no hostname is specified, a default hostname based on the *hostname_prefix* - and the node's primary MAC address is assigned. Manually setting a hostname - can be enforced by setting *hostname.optional* to *false*. + When no hostname is specified, a default hostname based on the *hostname_prefix* + and the node's primary MAC address is assigned. Manually setting a hostname + can be enforced by setting *hostname.optional* to *false*. - To not prefill the hostname-field in config-mode with the default hostname, - set *hostname.prefill* to *false*. + To not prefill the hostname-field in config-mode with the default hostname, + set *hostname.prefill* to *false*. - By default, no altitude field is shown by the *gluon-config-mode-geo-location* - package. Set *geo_location.show_altitude* to *true* if you want the altitude - field to be visible. + By default, no altitude field is shown by the *gluon-config-mode-geo-location* + package. Set *geo_location.show_altitude* to *true* if you want the altitude + field to be visible. - The *geo_location.osm* section is only relevant when the *gluon-config-mode-geo-location-osm* - package is used. The *center.lon* and *center.lat* values are mandatory in this case and - define the default center of the map when no position has been picked yet. The *zoom* level - defaults to 12 in this case. + The *geo_location.osm* section is only relevant when the *gluon-config-mode-geo-location-osm* + package is used. The *center.lon* and *center.lat* values are mandatory in this case and + define the default center of the map when no position has been picked yet. The *zoom* level + defaults to 12 in this case. - *openlayers_url* allows to override the base URL of the - *build/ol.js* and *css/ol.css* files (the default is - ``https://cdn.rawgit.com/openlayers/openlayers.github.io/master/en/v5.2.0``). - It is also possible to replace the default tile layer (which is OpenStreetMap) - with a custom one using the *tile_layer* section. Only XYZ layers are supported - at this point. + *openlayers_url* allows to override the base URL of the + *build/ol.js* and *css/ol.css* files (the default is + ``https://cdn.rawgit.com/openlayers/openlayers.github.io/master/en/v5.2.0``). + It is also possible to replace the default tile layer (which is OpenStreetMap) + with a custom one using the *tile_layer* section. Only XYZ layers are supported + at this point. - The remote login page only shows SSH key configuration by default. A - password form can be displayed by setting *remote_login.show_password_form* - to true; in this case, *remote_login.min_password_length* defines the - minimum password length. - :: + The remote login page only shows SSH key configuration by default. A + password form can be displayed by setting *remote_login.show_password_form* + to true; in this case, *remote_login.min_password_length* defines the + minimum password length. + :: - config_mode = { - hostname = { - optional = false, - prefill = true, - }, - geo_location = { - show_altitude = true, - osm = { - center = { - lat = 52.951947558, - lon = 8.744238281, - }, - zoom = 13, - -- openlayers_url = 'http://ffac.example.org/openlayer', - -- tile_layer = { - -- type = 'XYZ', - -- url = 'https://{a-c}.tile.openstreetmap.org/{z}/{x}/{y}.png', - -- attributions = '© OpenStreetMap contributors.', - -- }, - }, - }, - remote_login = { - show_password_form = true, - min_password_length = 10, + config_mode = { + hostname = { + optional = false, + prefill = true, + }, + geo_location = { + show_altitude = true, + osm = { + center = { + lat = 52.951947558, + lon = 8.744238281, }, + zoom = 13, + -- openlayers_url = 'http://ffac.example.org/openlayer', + -- tile_layer = { + -- type = 'XYZ', + -- url = 'https://{a-c}.tile.openstreetmap.org/{z}/{x}/{y}.png', + -- attributions = '© OpenStreetMap contributors.', + -- }, }, + }, + remote_login = { + show_password_form = true, + min_password_length = 10, + }, + }, roles \: optional - Optional role definitions. Nodes will announce their role inside the mesh. - This will allow in the backend to distinguish between normal, backbone and - service nodes or even gateways (if they advertise that role). It is up to - the community which roles to define. See the section below as an example. - ``default`` takes the default role which is set initially. This value should be - part of ``list``. If you want node owners to change the role via config mode add - the package ``gluon-web-node-role`` to ``site.mk``. + Optional role definitions. Nodes will announce their role inside the mesh. + This will allow in the backend to distinguish between normal, backbone and + service nodes or even gateways (if they advertise that role). It is up to + the community which roles to define. See the section below as an example. + ``default`` takes the default role which is set initially. This value should be + part of ``list``. If you want node owners to change the role via config mode add + the package ``gluon-web-node-role`` to ``site.mk``. - The strings to display in the web interface are configured per language in the - ``i18n/en.po``, ``i18n/de.po``, etc. files of the site repository using message IDs like - ``gluon-web-node-role:role:node`` and ``gluon-web-node-role:role:backbone``. - :: + The strings to display in the web interface are configured per language in the + ``i18n/en.po``, ``i18n/de.po``, etc. files of the site repository using message IDs like + ``gluon-web-node-role:role:node`` and ``gluon-web-node-role:role:backbone``. + :: - roles = { - default = 'node', - list = { - 'node', - 'test', - 'backbone', - 'service', - }, + roles = { + default = 'node', + list = { + 'node', + 'test', + 'backbone', + 'service', }, + }, setup_mode \: package - Allows skipping setup mode (config mode) at first boot when attribute - ``skip`` is set to ``true``. This is optional and may be left out. - :: + Allows skipping setup mode (config mode) at first boot when attribute + ``skip`` is set to ``true``. This is optional and may be left out. + :: - setup_mode = { - skip = true, - }, + setup_mode = { + skip = true, + }, .. _user-site-build-configuration: @@ -559,59 +552,59 @@ The ``site.mk`` is a Makefile which defines various values involved in the build process of Gluon. GLUON_DEPRECATED - Controls whether images for deprecated devices should be built. The following - values are supported: + Controls whether images for deprecated devices should be built. The following + values are supported: - - ``0``: Do not build any images for deprecated devices. - - ``upgrade``: Only build sysupgrade images for deprecated devices. - - ``full``: Build both sysupgrade and factory images for deprecated devices. + - ``0``: Do not build any images for deprecated devices. + - ``upgrade``: Only build sysupgrade images for deprecated devices. + - ``full``: Build both sysupgrade and factory images for deprecated devices. - Usually, devices are deprecated because their flash size is insufficient to - support future Gluon versions. The recommended setting is ``0`` for new sites, - and ``upgrade`` for existing configurations (where upgrades for existing - deployments of low-flash devices are required). + Usually, devices are deprecated because their flash size is insufficient to + support future Gluon versions. The recommended setting is ``0`` for new sites, + and ``upgrade`` for existing configurations (where upgrades for existing + deployments of low-flash devices are required). Defaults to ``0``. GLUON_FEATURES - Defines a list of features to include. Depending on the device, the feature list - defined from this value is combined with the feature list for either the standard - or the tiny device-class. The resulting feature list is used to generate the default - package set. + Defines a list of features to include. Depending on the device, the feature list + defined from this value is combined with the feature list for either the standard + or the tiny device-class. The resulting feature list is used to generate the default + package set. GLUON_FEATURES_standard - Defines a list of additional features to include or exclude for devices of - the standard device-class. + Defines a list of additional features to include or exclude for devices of + the standard device-class. GLUON_FEATURES_tiny - Defines a list of additional features to include or exclude for devices of - the tiny device-class. + Defines a list of additional features to include or exclude for devices of + the tiny device-class. GLUON_SITE_PACKAGES - Defines a list of packages which should be installed in addition to the - default package set. It is also possible to remove packages from the - default set by prepending a minus sign to the package name. + Defines a list of packages which should be installed in addition to the + default package set. It is also possible to remove packages from the + default set by prepending a minus sign to the package name. GLUON_SITE_PACKAGES_standard - Defines a list of additional packages to include or exclude for devices of - the standard device-class. + Defines a list of additional packages to include or exclude for devices of + the standard device-class. GLUON_SITE_PACKAGES_tiny - Defines a list of additional packages to include or exclude for devices of - the tiny device-class. + Defines a list of additional packages to include or exclude for devices of + the tiny device-class. GLUON_RELEASE - The current release version Gluon should use. + The current release version Gluon should use. GLUON_PRIORITY - The default priority for the generated manifests (see the autoupdater documentation - for more information). + The default priority for the generated manifests (see the autoupdater documentation + for more information). GLUON_REGION - Region code to build into images where necessary. Valid values are the empty string, - ``us`` and ``eu``. + Region code to build into images where necessary. Valid values are the empty string, + ``us`` and ``eu``. GLUON_LANGS - List of languages (as two-letter-codes) to be included in the web interface. Should always contain - ``en``. + List of languages (as two-letter-codes) to be included in the web interface. Should always contain + ``en``. .. _user-site-feature-flags: @@ -689,31 +682,31 @@ The community-defined texts in the config mode are configured in PO files in the of the site configuration. The message IDs currently defined are: gluon-config-mode:welcome - Welcome text on the top of the config wizard page. + Welcome text on the top of the config wizard page. gluon-config-mode:pubkey - Information about the public VPN key on the reboot page. + Information about the public VPN key on the reboot page. gluon-config-mode:novpn - Information shown on the reboot page, if the mesh VPN was not selected. + Information shown on the reboot page, if the mesh VPN was not selected. gluon-config-mode:contact-help - Description for the usage of the ``contact`` field + Description for the usage of the ``contact`` field gluon-config-mode:contact-note - Note shown (in small font) below the ``contact`` field + Note shown (in small font) below the ``contact`` field gluon-config-mode:hostname-help - Description for the usage of the ``hostname`` field + Description for the usage of the ``hostname`` field gluon-config-mode:geo-location-help - Description for the usage of the longitude/latitude fields (and altitude, if shown) + Description for the usage of the longitude/latitude fields (and altitude, if shown) gluon-config-mode:altitude-label - Label for the ``altitude`` field + Label for the ``altitude`` field gluon-config-mode:reboot - General information shown on the reboot page. + General information shown on the reboot page. There is a POT file in the site example directory which can be used to create templates for the language files. The command ``msginit -l en -i ../../docs/site-example/i18n/gluon-site.pot`` @@ -722,12 +715,12 @@ utilities are installed. .. note:: - An empty ``msgstr``, as is the default after running ``msginit``, leads to - the ``msgid`` being printed as-is. It does *not* hide the whole text, as - might be expected. + An empty ``msgstr``, as is the default after running ``msginit``, leads to + the ``msgid`` being printed as-is. It does *not* hide the whole text, as + might be expected. - Depending on the context, you might be able to use comments like - ```` as translations to effectively hide the text. + Depending on the context, you might be able to use comments like + ```` as translations to effectively hide the text. Site modules ------------ @@ -742,21 +735,21 @@ tree, with the important different that the list of feeds must be assigned to the variable ``GLUON_SITE_FEEDS``. Multiple feed names must be separated by spaces, for example:: - GLUON_SITE_FEEDS='foo bar' + GLUON_SITE_FEEDS='foo bar' The feed names may only contain alphanumerical characters, underscores and slashes. For each of the feeds, the following variables are used to specify how to update the feed: PACKAGES_${feed}_REPO - The URL of the git repository to clone (usually ``git://`` or ``http(s)://``) + The URL of the git repository to clone (usually ``git://`` or ``http(s)://``) PACKAGES_${feed}_COMMIT - The commit ID of the repository to use + The commit ID of the repository to use PACKAGES_${feed}_BRANCH - Optional: The branch of the repository the given commit ID can be found in. - Defaults to the default branch of the repository (usually ``master``) + Optional: The branch of the repository the given commit ID can be found in. + Defaults to the default branch of the repository (usually ``master``) These variables are always all uppercase, so for an entry ``foo`` in GLUON_SITE_FEEDS, the corresponding configuration variables would be ``PACKAGES_FOO_REPO``, diff --git a/docs/user/supported_devices.rst b/docs/user/supported_devices.rst index f243270e..ec7808dd 100644 --- a/docs/user/supported_devices.rst +++ b/docs/user/supported_devices.rst @@ -44,6 +44,7 @@ ath79-generic * TP-Link + - Archer A7 (v5) - Archer C6 (v2) - CPE220 (v3.0) - CPE510 (v2.0) diff --git a/modules b/modules index 97d8043f..5654db74 100644 --- a/modules +++ b/modules @@ -2,15 +2,15 @@ GLUON_FEEDS='packages routing gluon' OPENWRT_REPO=https://github.com/openwrt/openwrt.git OPENWRT_BRANCH=openwrt-21.02 -OPENWRT_COMMIT=dec9e8395605d9ff3f1eb09f9dfb7d743939ee37 +OPENWRT_COMMIT=97b95ef8b9186518cda6f2d3cec8a01860fae2e7 PACKAGES_PACKAGES_REPO=https://github.com/openwrt/packages.git PACKAGES_PACKAGES_BRANCH=openwrt-21.02 -PACKAGES_PACKAGES_COMMIT=f71a9c91cb44f4e50fbfb53ce5666fa0097d61a0 +PACKAGES_PACKAGES_COMMIT=444b64e36cfb9d1dbbb6733bd713aacd2f91a821 PACKAGES_ROUTING_REPO=https://github.com/openwrt/routing.git PACKAGES_ROUTING_BRANCH=openwrt-21.02 -PACKAGES_ROUTING_COMMIT=da7d7a0255efec87c1b0a511d6082e86754cba7e +PACKAGES_ROUTING_COMMIT=c2e138d49fa4796ab03f0eadb7b4d37aac75498a PACKAGES_GLUON_REPO=https://github.com/freifunk-gluon/packages.git -PACKAGES_GLUON_COMMIT=52d7ac4aea7dc17c639c96ad9e179137ca66e614 +PACKAGES_GLUON_COMMIT=308166e3c6b2d571606dd1dbfadd2bb8e31d8f90 diff --git a/package/gluon-client-bridge/luasrc/lib/gluon/upgrade/320-gluon-client-bridge-wireless b/package/gluon-client-bridge/luasrc/lib/gluon/upgrade/320-gluon-client-bridge-wireless index 972b9b61..b74af5bf 100755 --- a/package/gluon-client-bridge/luasrc/lib/gluon/upgrade/320-gluon-client-bridge-wireless +++ b/package/gluon-client-bridge/luasrc/lib/gluon/upgrade/320-gluon-client-bridge-wireless @@ -1,6 +1,5 @@ #!/usr/bin/lua -local platform = require 'gluon.platform' local wireless = require 'gluon.wireless' local uci = require('simple-uci').cursor() @@ -52,7 +51,7 @@ local function configure_owe(radio, index, config, radio_name) -- Don't configure OWE in case our device -- can't do MFP, as it's mandatory for OWE. - if not platform.device_supports_mfp(uci) then + if not wireless.device_supports_mfp(uci) then return end @@ -80,7 +79,7 @@ local function configure_owe_transition_mode(config, radio_name) -- Don't configure OWE in case our device -- can't do MFP, as it's mandatory for OWE. - if not platform.device_supports_mfp(uci) then + if not wireless.device_supports_mfp(uci) then return end diff --git a/package/gluon-config-mode-outdoor/luasrc/lib/gluon/config-mode/wizard/0250-outdoor.lua b/package/gluon-config-mode-outdoor/luasrc/lib/gluon/config-mode/wizard/0250-outdoor.lua index 2fbc0fba..947fa0b4 100644 --- a/package/gluon-config-mode-outdoor/luasrc/lib/gluon/config-mode/wizard/0250-outdoor.lua +++ b/package/gluon-config-mode-outdoor/luasrc/lib/gluon/config-mode/wizard/0250-outdoor.lua @@ -2,7 +2,7 @@ return function(form, uci) local platform = require 'gluon.platform' local wireless = require 'gluon.wireless' - if not (platform.is_outdoor_device() and platform.device_uses_11a(uci)) then + if not (platform.is_outdoor_device() and wireless.device_uses_11a(uci)) then -- only visible on wizard for outdoor devices return end @@ -31,7 +31,7 @@ return function(form, uci) if data == false then local mesh_ifaces_5ghz = {} uci:foreach('wireless', 'wifi-device', function(config) - if config.hwmode ~= '11a' and config.hwmode ~= '11na' then + if config.band ~= '5g' then return end diff --git a/package/gluon-core/Makefile b/package/gluon-core/Makefile index c56b78bb..93b2d599 100644 --- a/package/gluon-core/Makefile +++ b/package/gluon-core/Makefile @@ -31,7 +31,6 @@ endef define Package/gluon-core/conffiles /etc/config/gluon -/etc/config/gluon-core endef define Package/gluon-core/install diff --git a/package/gluon-core/files/etc/config/gluon-core b/package/gluon-core/files/etc/config/gluon-core deleted file mode 100644 index 9787ccc9..00000000 --- a/package/gluon-core/files/etc/config/gluon-core +++ /dev/null @@ -1 +0,0 @@ -config wireless diff --git a/package/gluon-core/luasrc/lib/gluon/upgrade/001-upgrade b/package/gluon-core/luasrc/lib/gluon/upgrade/001-upgrade deleted file mode 100755 index f4897d18..00000000 --- a/package/gluon-core/luasrc/lib/gluon/upgrade/001-upgrade +++ /dev/null @@ -1,10 +0,0 @@ -#!/usr/bin/lua - -local sysconfig = require 'gluon.sysconfig' -local unistd = require 'posix.unistd' - - -if unistd.access('/lib/gluon/version/core') and not sysconfig.gluon_version then - -- This isn't an initial upgrade, so set gluon_version - sysconfig.gluon_version = '' -end diff --git a/package/gluon-core/luasrc/lib/gluon/upgrade/005-wireless-migration b/package/gluon-core/luasrc/lib/gluon/upgrade/005-wireless-migration new file mode 100755 index 00000000..fc79249b --- /dev/null +++ b/package/gluon-core/luasrc/lib/gluon/upgrade/005-wireless-migration @@ -0,0 +1,20 @@ +#!/usr/bin/lua + +local uci = require('simple-uci').cursor() + +-- Migration from hwmode to band (OpenWrt 21.02) +-- Use uci:foreach(), as wireless.foreach_radio() depends on band already being set +uci:foreach('wireless', 'wifi-device', function(radio) + local radio_name = radio['.name'] + local hwmode = radio.hwmode + if not radio.band then + if hwmode == '11g' or hwmode == '11ng' then + uci:set('wireless', radio_name, 'band', '2g') + elseif hwmode == '11a' or hwmode == '11na' then + uci:set('wireless', radio_name, 'band', '5g') + end + end + uci:delete('wireless', radio_name, 'hwmode') +end) + +uci:save('wireless') diff --git a/package/gluon-core/luasrc/lib/gluon/upgrade/010-primary-mac b/package/gluon-core/luasrc/lib/gluon/upgrade/010-primary-mac index 6331211c..58c0fc06 100755 --- a/package/gluon-core/luasrc/lib/gluon/upgrade/010-primary-mac +++ b/package/gluon-core/luasrc/lib/gluon/upgrade/010-primary-mac @@ -74,6 +74,7 @@ local primary_addrs = { {'ath79', 'generic', { 'glinet,gl-ar750s-nor', 'ocedo,raccoon', + 'tplink,archer-a7-v5', 'tplink,archer-c2-v3', 'tplink,archer-d50-v1', }}, diff --git a/package/gluon-core/luasrc/lib/gluon/upgrade/020-interfaces b/package/gluon-core/luasrc/lib/gluon/upgrade/020-interfaces index d2814968..6371cc61 100755 --- a/package/gluon-core/luasrc/lib/gluon/upgrade/020-interfaces +++ b/package/gluon-core/luasrc/lib/gluon/upgrade/020-interfaces @@ -50,7 +50,11 @@ end local lan_ifname = iface_exists(lan_interfaces) local wan_ifname = iface_exists(wan_interfaces) -if platform.match('lantiq') then +if platform.match('ath79', 'generic', { + 'tplink,wbs210-v2', +}) then + lan_ifname, wan_ifname = wan_ifname, lan_ifname +elseif platform.match('lantiq') then local switch_data = board_data.switch or {} local switch0_data = switch_data.switch0 or {} local roles_data = switch0_data.roles or {} diff --git a/package/gluon-core/luasrc/lib/gluon/upgrade/180-outdoors b/package/gluon-core/luasrc/lib/gluon/upgrade/180-outdoors index 5c5a92e2..59704bff 100755 --- a/package/gluon-core/luasrc/lib/gluon/upgrade/180-outdoors +++ b/package/gluon-core/luasrc/lib/gluon/upgrade/180-outdoors @@ -13,6 +13,7 @@ end local sysconfig = require 'gluon.sysconfig' local platform = require 'gluon.platform' +local wireless = require 'gluon.wireless' local config = site.wifi5.outdoors('preset') local outdoor @@ -22,7 +23,7 @@ if sysconfig.gluon_version then outdoor = false elseif config == 'preset' then -- enable outdoor mode through presets on new installs - outdoor = platform.is_outdoor_device() and platform.device_uses_11a(uci) + outdoor = platform.is_outdoor_device() and wireless.device_uses_11a(uci) else -- enable/disable outdoor mode unconditionally on new installs outdoor = config diff --git a/package/gluon-core/luasrc/lib/gluon/upgrade/200-wireless b/package/gluon-core/luasrc/lib/gluon/upgrade/200-wireless index b86e006e..b0a5485f 100755 --- a/package/gluon-core/luasrc/lib/gluon/upgrade/200-wireless +++ b/package/gluon-core/luasrc/lib/gluon/upgrade/200-wireless @@ -38,11 +38,11 @@ if not sysconfig.gluon_version then if radio_band_count["band24"] <= radio_band_count["band5"] then -- Assign radio to 2.4GHz band radio_band_count["band24"] = radio_band_count["band24"] + 1 - uci:set('wireless', radio_name, 'hwmode', '11g') + uci:set('wireless', radio_name, 'band', '2g') else -- Assign radio to 5GHz band radio_band_count["band5"] = radio_band_count["band5"] + 1 - uci:set('wireless', radio_name, 'hwmode', '11a') + uci:set('wireless', radio_name, 'band', '5g') end end end) @@ -57,7 +57,7 @@ local function get_channel(radio, config) if wireless.preserve_channels(uci) then -- preserved channel always wins channel = radio.channel - elseif (radio.hwmode == '11a' or radio.hwmode == '11na') and is_outdoor() then + elseif radio.band == '5g' and is_outdoor() then -- actual channel will be picked and probed from chanlist channel = 'auto' end @@ -66,7 +66,7 @@ local function get_channel(radio, config) end local function get_htmode(radio) - if (radio.hwmode == '11a' or radio.hwmode == '11na') and is_outdoor() then + if radio.band == '5g' and is_outdoor() then local outdoor_htmode = uci:get('gluon', 'wireless', 'outdoor_' .. radio['.name'] .. '_htmode') if outdoor_htmode ~= nil then return outdoor_htmode @@ -207,11 +207,11 @@ wireless.foreach_radio(uci, function(radio, index, config) uci:delete('wireless', radio_name, 'supported_rates') uci:delete('wireless', radio_name, 'basic_rate') - local hwmode = radio.hwmode - if hwmode == '11g' or hwmode == '11ng' then + local band = radio.band + if band == '2g' then uci:set('wireless', radio_name, 'legacy_rates', false) configure_mesh_wireless(radio, index, config) - elseif (hwmode == '11a' or hwmode == '11na') then + elseif (band == '5g') then if is_outdoor() then uci:set('wireless', radio_name, 'channels', config.outdoor_chanlist()) diff --git a/package/gluon-core/luasrc/lib/gluon/upgrade/210-interface-wan b/package/gluon-core/luasrc/lib/gluon/upgrade/210-interface-wan index 051b213e..cf6eff71 100755 --- a/package/gluon-core/luasrc/lib/gluon/upgrade/210-interface-wan +++ b/package/gluon-core/luasrc/lib/gluon/upgrade/210-interface-wan @@ -22,8 +22,4 @@ if uci:get('network', 'mesh_wan', 'transitive') == nil then uci:set('network', 'mesh_wan', 'transitive', true) end -uci:delete('network', 'mesh_wan', 'auto') -uci:delete('network', 'mesh_wan', 'fixed_mtu') -uci:delete('network', 'mesh_wan', 'legacy') - uci:save('network') diff --git a/package/gluon-core/luasrc/lib/gluon/upgrade/220-interface-lan b/package/gluon-core/luasrc/lib/gluon/upgrade/220-interface-lan index 19ccfb49..55586435 100755 --- a/package/gluon-core/luasrc/lib/gluon/upgrade/220-interface-lan +++ b/package/gluon-core/luasrc/lib/gluon/upgrade/220-interface-lan @@ -50,8 +50,4 @@ if uci:get('network', 'mesh_lan', 'transitive') == nil then uci:set('network', 'mesh_lan', 'transitive', true) end -uci:delete('network', 'mesh_lan', 'auto') -uci:delete('network', 'mesh_lan', 'fixed_mtu') -uci:delete('network', 'mesh_lan', 'legacy') - uci:save('network') diff --git a/package/gluon-core/luasrc/lib/gluon/upgrade/800-migrate-batadv b/package/gluon-core/luasrc/lib/gluon/upgrade/800-migrate-batadv deleted file mode 100755 index ddd03c0a..00000000 --- a/package/gluon-core/luasrc/lib/gluon/upgrade/800-migrate-batadv +++ /dev/null @@ -1,24 +0,0 @@ -#!/usr/bin/lua - -local uci = require('simple-uci').cursor() - -local function migrate_iface(iface) - if iface.proto ~= 'batadv' or iface.mesh ~= 'bat0' then - return - end - - local s = iface['.name'] - - uci:set('network', s, 'proto', 'gluon_mesh') - uci:set('network', s, 'fixed_mtu', true) - - if iface.mesh_no_rebroadcast then - uci:set('network', s, 'transitive', iface.mesh_no_rebroadcast) - end - - uci:delete('network', s, 'mesh') - uci:delete('network', s, 'mesh_no_rebroadcast') -end - -uci:foreach('network', 'interface', migrate_iface) -uci:save('network') diff --git a/package/gluon-core/luasrc/usr/bin/gluon-info b/package/gluon-core/luasrc/usr/bin/gluon-info new file mode 100755 index 00000000..c25018d1 --- /dev/null +++ b/package/gluon-core/luasrc/usr/bin/gluon-info @@ -0,0 +1,38 @@ +#!/usr/bin/lua + +local uci = require('simple-uci').cursor() +local pretty_hostname = require 'pretty_hostname' + +local site = require 'gluon.site' +local sysconfig = require 'gluon.sysconfig' +local platform = require 'gluon.platform' +local util = require 'gluon.util' +local has_vpn, vpn = pcall(require, 'gluon.mesh-vpn') + +local pubkey +if has_vpn and vpn.enabled() then + local _, active_vpn = vpn.get_active_provider() + + if active_vpn ~= nil then + pubkey = active_vpn.public_key() + end +end + +local values = { + { 'Hostname', pretty_hostname.get(uci) }, + { 'MAC address', sysconfig.primary_mac }, + { 'Hardware model', platform.get_model() }, + { 'Gluon version / Site version', util.trim(util.readfile('/lib/gluon/gluon-version')) + .. ' / ' .. util.trim(util.readfile('/lib/gluon/site-version')) }, + { 'Firmware release', util.trim(util.readfile('/lib/gluon/release')) }, + { 'Site', site.site_name() }, + { 'Public VPN key', pubkey or 'n/a' }, +} + +local padTo = 24 + +for _, info in ipairs(values) do + local labelLen = string.len(info[1]) + 1 + + print(info[1] .. ':' .. string.rep(' ', padTo - labelLen), info[2]) +end diff --git a/package/gluon-core/luasrc/usr/lib/lua/gluon/platform.lua b/package/gluon-core/luasrc/usr/lib/lua/gluon/platform.lua index 9c4974ea..df0eda08 100644 --- a/package/gluon-core/luasrc/usr/lib/lua/gluon/platform.lua +++ b/package/gluon-core/luasrc/usr/lib/lua/gluon/platform.lua @@ -1,7 +1,5 @@ local platform_info = require 'platform_info' local util = require 'gluon.util' -local wireless = require 'gluon.wireless' -local unistd = require 'posix.unistd' local M = setmetatable({}, { @@ -48,41 +46,4 @@ function M.is_outdoor_device() return false end -function M.device_supports_wpa3() - return unistd.access('/lib/gluon/features/wpa3') -end - -function M.device_supports_mfp(uci) - local supports_mfp = true - - if not M.device_supports_wpa3() then - return false - end - - uci:foreach('wireless', 'wifi-device', function(radio) - local phy = wireless.find_phy(radio) - local phypath = '/sys/kernel/debug/ieee80211/' .. phy .. '/' - - if not util.file_contains_line(phypath .. 'hwflags', 'MFP_CAPABLE') then - supports_mfp = false - return false - end - end) - - return supports_mfp -end - -function M.device_uses_11a(uci) - local ret = false - - uci:foreach('wireless', 'wifi-device', function(radio) - if radio.hwmode == '11a' or radio.hwmode == '11na' then - ret = true - return false - end - end) - - return ret -end - return M diff --git a/package/gluon-core/luasrc/usr/lib/lua/gluon/wireless.lua b/package/gluon-core/luasrc/usr/lib/lua/gluon/wireless.lua index 0eb68023..62fe3228 100644 --- a/package/gluon-core/luasrc/usr/lib/lua/gluon/wireless.lua +++ b/package/gluon-core/luasrc/usr/lib/lua/gluon/wireless.lua @@ -112,18 +112,66 @@ function M.foreach_radio(uci, f) end) for index, radio in ipairs(radios) do - local hwmode = radio.hwmode + local band = radio.band - if hwmode == '11g' or hwmode == '11ng' then + if band == '2g' then f(radio, index, site.wifi24) - elseif hwmode == '11a' or hwmode == '11na' then + elseif band == '5g' then f(radio, index, site.wifi5) end end end function M.preserve_channels(uci) - return uci:get_first('gluon-core', 'wireless', 'preserve_channels') + return uci:get('gluon', 'wireless', 'preserve_channels') +end + +function M.device_supports_wpa3() + return unistd.access('/lib/gluon/features/wpa3') +end + +function M.device_supports_mfp(uci) + local supports_mfp = true + + if not M.device_supports_wpa3() then + return false + end + + uci:foreach('wireless', 'wifi-device', function(radio) + local phy = M.find_phy(radio) + local phypath = '/sys/kernel/debug/ieee80211/' .. phy .. '/' + + if not util.file_contains_line(phypath .. 'hwflags', 'MFP_CAPABLE') then + supports_mfp = false + return false + end + end) + + return supports_mfp +end + +function M.device_uses_wlan(uci) + local ret = false + + uci:foreach('wireless', 'wifi-device', function() + ret = true + return false + end) + + return ret +end + +function M.device_uses_11a(uci) + local ret = false + + uci:foreach('wireless', 'wifi-device', function(radio) + if radio.band == '5g' then + ret = true + return false + end + end) + + return ret end return M diff --git a/package/gluon-ebtables-filter-ra-dhcp/luasrc/lib/gluon/ebtables/200-dir-dhcpv4 b/package/gluon-ebtables-filter-ra-dhcp/luasrc/lib/gluon/ebtables/200-dir-dhcpv4 index ec56ff1d..87b4bd7f 100644 --- a/package/gluon-ebtables-filter-ra-dhcp/luasrc/lib/gluon/ebtables/200-dir-dhcpv4 +++ b/package/gluon-ebtables-filter-ra-dhcp/luasrc/lib/gluon/ebtables/200-dir-dhcpv4 @@ -1,5 +1,11 @@ -rule 'FORWARD -p IPv4 --ip-protocol udp --ip-destination-port 67 -j OUT_ONLY' -rule 'OUTPUT -p IPv4 --ip-protocol udp --ip-destination-port 67 -j OUT_ONLY' +local uci = require('simple-uci').cursor() -rule 'FORWARD -p IPv4 --ip-protocol udp --ip-destination-port 68 -j IN_ONLY' -rule 'INPUT -p IPv4 --ip-protocol udp --ip-destination-port 68 -j IN_ONLY' +local gw_mode = uci:get('network', 'gluon_bat0', 'gw_mode') + +if gw_mode ~= 'server' then + rule 'FORWARD -p IPv4 --ip-protocol udp --ip-destination-port 67 -j OUT_ONLY' + rule 'OUTPUT -p IPv4 --ip-protocol udp --ip-destination-port 67 -j OUT_ONLY' + + rule 'FORWARD -p IPv4 --ip-protocol udp --ip-destination-port 68 -j IN_ONLY' + rule 'INPUT -p IPv4 --ip-protocol udp --ip-destination-port 68 -j IN_ONLY' +end diff --git a/package/gluon-ebtables-limit-arp/src/gluon-arp-limiter.c b/package/gluon-ebtables-limit-arp/src/gluon-arp-limiter.c index 9c764006..c14fce6b 100644 --- a/package/gluon-ebtables-limit-arp/src/gluon-arp-limiter.c +++ b/package/gluon-ebtables-limit-arp/src/gluon-arp-limiter.c @@ -25,6 +25,8 @@ static struct addr_store ip_store; static struct addr_store mac_store; +int clock; + char *addr_mac_ntoa(void *addr) { return mac_ntoa((struct mac_addr *)addr); diff --git a/package/gluon-ebtables-limit-arp/src/gluon-arp-limiter.h b/package/gluon-ebtables-limit-arp/src/gluon-arp-limiter.h index 203ab217..3715ed70 100644 --- a/package/gluon-ebtables-limit-arp/src/gluon-arp-limiter.h +++ b/package/gluon-ebtables-limit-arp/src/gluon-arp-limiter.h @@ -8,6 +8,6 @@ #ifndef _GLUON_ARP_LIMITER_H_ #define _GLUON_ARP_LIMITER_H_ -int clock; +extern int clock; #endif /* _GLUON_ARP_LIMITER_H_ */ diff --git a/package/gluon-l3roamd/luasrc/lib/gluon/upgrade/380-gluon-l3roamd-route b/package/gluon-l3roamd/luasrc/lib/gluon/upgrade/380-gluon-l3roamd-route deleted file mode 100755 index d425252c..00000000 --- a/package/gluon-l3roamd/luasrc/lib/gluon/upgrade/380-gluon-l3roamd-route +++ /dev/null @@ -1,7 +0,0 @@ -#!/usr/bin/lua -local uci = require('simple-uci').cursor() - -uci:delete('network', 'l3roam') -uci:delete('network', 'l3roamd_client') - -uci:save('network') diff --git a/package/gluon-mesh-batman-adv/luasrc/lib/gluon/upgrade/310-gluon-mesh-batman-adv-mesh b/package/gluon-mesh-batman-adv/luasrc/lib/gluon/upgrade/310-gluon-mesh-batman-adv-mesh index 9ba1289f..40943207 100755 --- a/package/gluon-mesh-batman-adv/luasrc/lib/gluon/upgrade/310-gluon-mesh-batman-adv-mesh +++ b/package/gluon-mesh-batman-adv/luasrc/lib/gluon/upgrade/310-gluon-mesh-batman-adv-mesh @@ -6,14 +6,10 @@ local util = require 'gluon.util' local uci = require('simple-uci').cursor() -local gw_mode = uci:get('network', 'gluon_bat0', 'gw_mode') or uci:get('network', 'bat0', 'gw_mode') or 'client' - -uci:delete('batman-adv-legacy', 'bat0') -uci:save('batman-adv-legacy') - uci:delete('batman-adv', 'bat0') uci:save('batman-adv') +local gw_mode = uci:get('network', 'gluon_bat0', 'gw_mode') or 'client' uci:delete('network', 'gluon_bat0') uci:section('network', 'interface', 'gluon_bat0', { proto = 'gluon_bat0', diff --git a/package/gluon-mesh-batman-adv/luasrc/lib/gluon/upgrade/320-gluon-mesh-batman-adv-client-bridge b/package/gluon-mesh-batman-adv/luasrc/lib/gluon/upgrade/320-gluon-mesh-batman-adv-client-bridge index 2f113ece..fc14a6e6 100755 --- a/package/gluon-mesh-batman-adv/luasrc/lib/gluon/upgrade/320-gluon-mesh-batman-adv-client-bridge +++ b/package/gluon-mesh-batman-adv/luasrc/lib/gluon/upgrade/320-gluon-mesh-batman-adv-client-bridge @@ -21,10 +21,6 @@ uci:section('network', 'interface', 'client', { query_response_interval = 500, }) -uci:delete('network', 'client_lan') - -uci:delete('network', 'local_node_route') - uci:delete('network', 'local_node_route6') uci:section('network', 'route6', 'local_node_route6', { interface = 'client', @@ -42,6 +38,4 @@ networks = uci:get_list('firewall', 'drop', 'network') util.remove_from_set(networks, 'client') uci:set_list('firewall', 'drop', 'network', networks) -uci:delete('firewall', 'local_node_dns') - uci:save('firewall') diff --git a/package/gluon-mesh-vpn-fastd/luasrc/lib/gluon/upgrade/400-mesh-vpn-fastd b/package/gluon-mesh-vpn-fastd/luasrc/lib/gluon/upgrade/400-mesh-vpn-fastd index b59ef2c7..5fed1e8c 100755 --- a/package/gluon-mesh-vpn-fastd/luasrc/lib/gluon/upgrade/400-mesh-vpn-fastd +++ b/package/gluon-mesh-vpn-fastd/luasrc/lib/gluon/upgrade/400-mesh-vpn-fastd @@ -9,6 +9,11 @@ local uci = require('simple-uci').cursor() local syslog_level = uci:get('fastd', 'mesh_vpn', 'syslog_level') or 'verbose' +local secret = uci:get('fastd', 'mesh_vpn', 'secret') +if not secret or not secret:match(('%x'):rep(64)) then + secret = 'generate' +end + local methods if site.mesh_vpn.fastd.configurable(false) then @@ -38,6 +43,7 @@ end uci:section('fastd', 'fastd', 'mesh_vpn', { group = 'gluon-mesh-vpn', syslog_level = syslog_level, + secret = secret, interface = vpn_core.get_interface(), mode = 'tap', mtu = site.mesh_vpn.mtu(), @@ -46,7 +52,6 @@ uci:section('fastd', 'fastd', 'mesh_vpn', { packet_mark = 1, status_socket = '/var/run/fastd.mesh_vpn.socket', }) -uci:delete('fastd', 'mesh_vpn', 'user') -- Collect list of groups that have peers with 'preserve' flag diff --git a/package/gluon-mesh-vpn-fastd/luasrc/lib/gluon/upgrade/410-mesh-vpn-fastd-generate-secret b/package/gluon-mesh-vpn-fastd/luasrc/lib/gluon/upgrade/410-mesh-vpn-fastd-generate-secret deleted file mode 100755 index f43e8b1f..00000000 --- a/package/gluon-mesh-vpn-fastd/luasrc/lib/gluon/upgrade/410-mesh-vpn-fastd-generate-secret +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/lua - -local uci = require 'simple-uci' - -local c = uci.cursor() - -local secret = c:get("fastd", "mesh_vpn", "secret") - -if not secret or not secret:match(("%x"):rep(64)) then - c:set("fastd", "mesh_vpn", "secret", "generate") - c:save("fastd") -end diff --git a/package/gluon-mesh-vpn-fastd/luasrc/usr/lib/lua/gluon/mesh-vpn/provider/fastd.lua b/package/gluon-mesh-vpn-fastd/luasrc/usr/lib/lua/gluon/mesh-vpn/provider/fastd.lua index 1d628dc7..bcc6b5e1 100644 --- a/package/gluon-mesh-vpn-fastd/luasrc/usr/lib/lua/gluon/mesh-vpn/provider/fastd.lua +++ b/package/gluon-mesh-vpn-fastd/luasrc/usr/lib/lua/gluon/mesh-vpn/provider/fastd.lua @@ -7,7 +7,13 @@ local vpn_core = require 'gluon.mesh-vpn' local M = {} function M.public_key() - return util.trim(util.exec('/etc/init.d/fastd show_key mesh_vpn')) + local key = util.trim(util.exec('/etc/init.d/fastd show_key mesh_vpn')) + + if key == '' then + key = nil + end + + return key end function M.enable(val) diff --git a/package/gluon-mesh-vpn-tunneldigger/luasrc/lib/gluon/upgrade/400-mesh-vpn-tunneldigger b/package/gluon-mesh-vpn-tunneldigger/luasrc/lib/gluon/upgrade/400-mesh-vpn-tunneldigger index b37bb476..9888d87e 100755 --- a/package/gluon-mesh-vpn-tunneldigger/luasrc/lib/gluon/upgrade/400-mesh-vpn-tunneldigger +++ b/package/gluon-mesh-vpn-tunneldigger/luasrc/lib/gluon/upgrade/400-mesh-vpn-tunneldigger @@ -7,22 +7,7 @@ local vpn_core = require 'gluon.mesh-vpn' local uci = require('simple-uci').cursor() -local enabled - --- Delete old broker config section (remove in 2019) -if not uci:get('tunneldigger', 'mesh_vpn') then - if uci:get_first('tunneldigger', 'broker', 'interface') == 'mesh-vpn' then - enabled = uci:get_first('tunneldigger', 'broker', 'enabled') - end - - -- In the usual case (no migration from old tunneldigger package), the - -- enabled state is set in the 500-mesh-vpn script - - uci:delete_all('tunneldigger', 'broker') -end - uci:section('tunneldigger', 'broker', 'mesh_vpn', { - enabled = enabled, uuid = util.node_id(), interface = vpn_core.get_interface(), bind_interface = 'br-wan', diff --git a/package/gluon-mesh-vpn-wireguard/luasrc/usr/lib/lua/gluon/mesh-vpn/provider/wireguard.lua b/package/gluon-mesh-vpn-wireguard/luasrc/usr/lib/lua/gluon/mesh-vpn/provider/wireguard.lua index 5065e217..b531b80e 100644 --- a/package/gluon-mesh-vpn-wireguard/luasrc/usr/lib/lua/gluon/mesh-vpn/provider/wireguard.lua +++ b/package/gluon-mesh-vpn-wireguard/luasrc/usr/lib/lua/gluon/mesh-vpn/provider/wireguard.lua @@ -7,7 +7,13 @@ local vpn_core = require 'gluon.mesh-vpn' local M = {} function M.public_key() - return util.trim(util.exec("/lib/gluon/mesh-vpn/wireguard_pubkey.sh")) + local key = util.trim(util.exec("/lib/gluon/mesh-vpn/wireguard_pubkey.sh")) + + if key == '' then + key = nil + end + + return key end function M.enable(val) diff --git a/package/gluon-node-info/luasrc/lib/gluon/upgrade/520-node-info-whitespace-fix b/package/gluon-node-info/luasrc/lib/gluon/upgrade/520-node-info-whitespace-fix deleted file mode 100755 index 62cd4beb..00000000 --- a/package/gluon-node-info/luasrc/lib/gluon/upgrade/520-node-info-whitespace-fix +++ /dev/null @@ -1,15 +0,0 @@ -#!/usr/bin/lua -local uci = require('simple-uci').cursor() -local util = require 'gluon.util' - -local sname = uci:get_first('gluon-node-info', 'location') -if sname then - local options = {'longitude', 'latitude', 'altitude'} - for _, option in ipairs(options) do - local value = uci:get('gluon-node-info', sname, option) - if value then - uci:set('gluon-node-info', sname, option, util.trim(value)) - end - end - uci:save('gluon-node-info') -end diff --git a/package/gluon-radvd/luasrc/lib/gluon/upgrade/500-radvd-remove-user b/package/gluon-radvd/luasrc/lib/gluon/upgrade/500-radvd-remove-user deleted file mode 100755 index 036406af..00000000 --- a/package/gluon-radvd/luasrc/lib/gluon/upgrade/500-radvd-remove-user +++ /dev/null @@ -1,5 +0,0 @@ -#!/usr/bin/lua - -local users = require 'gluon.users' - -users.remove_user('gluon-radvd') diff --git a/package/gluon-respondd/luasrc/lib/gluon/upgrade/400-respondd-firewall b/package/gluon-respondd/luasrc/lib/gluon/upgrade/400-respondd-firewall index a9d0b43b..74a2e11b 100755 --- a/package/gluon-respondd/luasrc/lib/gluon/upgrade/400-respondd-firewall +++ b/package/gluon-respondd/luasrc/lib/gluon/upgrade/400-respondd-firewall @@ -3,8 +3,6 @@ local uci = require('simple-uci').cursor() local site = require('gluon.site') -uci:delete('firewall', 'wan_announced') - -- Allow respondd port on WAN to allow resolving neighbours over mesh-on-wan uci:section('firewall', 'rule', 'wan_respondd', { name = 'wan_respondd', diff --git a/package/gluon-setup-mode/luasrc/lib/gluon/upgrade/310-setup-mode-migrate b/package/gluon-setup-mode/luasrc/lib/gluon/upgrade/310-setup-mode-migrate deleted file mode 100755 index ecaa07f9..00000000 --- a/package/gluon-setup-mode/luasrc/lib/gluon/upgrade/310-setup-mode-migrate +++ /dev/null @@ -1,14 +0,0 @@ -#!/usr/bin/lua - -local uci = require('simple-uci').cursor() - - -local old = uci:get_first('gluon-config-mode', 'wizard', 'configured') -if old == '1' then - local setup_mode = uci:get_first('gluon-setup-mode', 'setup_mode') - uci:set('gluon-setup-mode', setup_mode, 'configured', true) - - uci:save('gluon-setup-mode') -end - -os.remove('/etc/config/gluon-config-mode') diff --git a/package/gluon-status-page/files/lib/gluon/status-page/view/status-page.html b/package/gluon-status-page/files/lib/gluon/status-page/view/status-page.html index bdce64fb..6957599f 100644 --- a/package/gluon-status-page/files/lib/gluon/status-page/view/status-page.html +++ b/package/gluon-status-page/files/lib/gluon/status-page/view/status-page.html @@ -1,7 +1,11 @@ <%- + local iwinfo = require 'iwinfo' local ubus = require 'ubus' local unistd = require 'posix.unistd' local util = require 'gluon.util' + local wireless = require 'gluon.wireless' + + local uci = require('simple-uci').cursor() local translations = {} local site_i18n = i18n 'gluon-site' @@ -35,22 +39,22 @@ return interfaces end - local function get_radios(uconn) - local radios = uconn:call("network.wireless", "status", {}) + local function get_radios() local ret = {} - for radio, info in pairs(radios) do - if info.up then + wireless.foreach_radio(uci, function(radio) + local channel = iwinfo.nl80211.channel(wireless.find_phy(radio)) + if channel then table.insert(ret, { - name = radio, - channel = info.config.channel, + name = radio['.name'], + channel = channel, }) end - end - + end) table.sort(ret, function(a, b) return a.name < b.name end) + return ret end @@ -72,10 +76,11 @@ end local interfaces = get_interfaces(uconn) - local radios = get_radios(uconn) ubus.close(uconn) + local radios = get_radios() + local function sorted(t) t = {unpack(t)} table.sort(t) @@ -163,10 +168,10 @@
<%:Bandwidth limit%>
<% if nodeinfo.network.mesh_vpn.bandwidth_limit.ingress then -%> - ▼ <%| formatBits(nodeinfo.network.mesh_vpn.bandwidth_limit.ingress*1000) %>/s <%:downstream%> + ▼ <%| formatBits(nodeinfo.network.mesh_vpn.bandwidth_limit.ingress*1000) %>/s <%:downstream%>
<%- end %> <% if nodeinfo.network.mesh_vpn.bandwidth_limit.egress then -%> - ▲ <%| formatBits(nodeinfo.network.mesh_vpn.bandwidth_limit.egress*1000) %>/s <%:upstream%>
+ ▲ <%| formatBits(nodeinfo.network.mesh_vpn.bandwidth_limit.egress*1000) %>/s <%:upstream%> <%- end %>
<%- end %> diff --git a/package/gluon-web-admin/files/lib/gluon/config-mode/view/admin/info.html b/package/gluon-web-admin/files/lib/gluon/config-mode/view/admin/info.html index 87c1179e..7e2c9e2d 100644 --- a/package/gluon-web-admin/files/lib/gluon/config-mode/view/admin/info.html +++ b/package/gluon-web-admin/files/lib/gluon/config-mode/view/admin/info.html @@ -18,17 +18,13 @@ if active_vpn ~= nil then pubkey = active_vpn.public_key() end - - if pubkey == '' then - pubkey = nil - end end local values = { { _('Hostname'), pretty_hostname.get(uci) }, { _('MAC address'), sysconfig.primary_mac }, { _('Hardware model'), platform.get_model() }, - { _('Gluon version') .. " / " .. _('Site version'), util.trim(util.readfile('/lib/gluon/gluon-version')) + { _('Gluon version') .. " / " .. _('Site version'), util.trim(util.readfile('/lib/gluon/gluon-version')) .. " / " .. util.trim(util.readfile('/lib/gluon/site-version')) }, { _('Firmware release'), util.trim(util.readfile('/lib/gluon/release')) }, { _('Site'), site.site_name() }, diff --git a/package/gluon-web-admin/files/lib/gluon/config-mode/view/admin/upgrade.html b/package/gluon-web-admin/files/lib/gluon/config-mode/view/admin/upgrade.html index 31555f16..7778be4a 100644 --- a/package/gluon-web-admin/files/lib/gluon/config-mode/view/admin/upgrade.html +++ b/package/gluon-web-admin/files/lib/gluon/config-mode/view/admin/upgrade.html @@ -44,7 +44,6 @@ $Id$
-
diff --git a/package/gluon-web-admin/files/lib/gluon/config-mode/view/admin/upgrade_confirm.html b/package/gluon-web-admin/files/lib/gluon/config-mode/view/admin/upgrade_confirm.html index 92c25a63..9733132f 100644 --- a/package/gluon-web-admin/files/lib/gluon/config-mode/view/admin/upgrade_confirm.html +++ b/package/gluon-web-admin/files/lib/gluon/config-mode/view/admin/upgrade_confirm.html @@ -49,13 +49,11 @@ You may obtain a copy of the License at
" /> -
" /> -
diff --git a/package/gluon-web-model/files/lib/gluon/web/view/model/form.html b/package/gluon-web-model/files/lib/gluon/web/view/model/form.html index 06270be3..d222dde2 100644 --- a/package/gluon-web-model/files/lib/gluon/web/view/model/form.html +++ b/package/gluon-web-model/files/lib/gluon/web/view/model/form.html @@ -1,5 +1,4 @@
-
diff --git a/package/gluon-web-private-wifi/luasrc/lib/gluon/config-mode/controller/admin/privatewifi.lua b/package/gluon-web-private-wifi/luasrc/lib/gluon/config-mode/controller/admin/privatewifi.lua index febfb4e4..0b4647cf 100644 --- a/package/gluon-web-private-wifi/luasrc/lib/gluon/config-mode/controller/admin/privatewifi.lua +++ b/package/gluon-web-private-wifi/luasrc/lib/gluon/config-mode/controller/admin/privatewifi.lua @@ -1,3 +1,8 @@ +local uci = require("simple-uci").cursor() +local wireless = require 'gluon.wireless' + package 'gluon-web-private-wifi' -entry({"admin", "privatewifi"}, model("admin/privatewifi"), _("Private WLAN"), 30) +if wireless.device_uses_wlan(uci) then + entry({"admin", "privatewifi"}, model("admin/privatewifi"), _("Private WLAN"), 30) +end diff --git a/package/gluon-web-private-wifi/luasrc/lib/gluon/config-mode/model/admin/privatewifi.lua b/package/gluon-web-private-wifi/luasrc/lib/gluon/config-mode/model/admin/privatewifi.lua index a3b80432..8be95ed6 100644 --- a/package/gluon-web-private-wifi/luasrc/lib/gluon/config-mode/model/admin/privatewifi.lua +++ b/package/gluon-web-private-wifi/luasrc/lib/gluon/config-mode/model/admin/privatewifi.lua @@ -1,5 +1,4 @@ local uci = require("simple-uci").cursor() -local platform = require 'gluon.platform' local wireless = require 'gluon.wireless' -- where to read the configuration from @@ -30,7 +29,7 @@ key.default = uci:get('wireless', primary_iface, "key") local encryption = s:option(ListValue, "encryption", translate("Encryption")) encryption:depends(enabled, true) encryption:value("psk2", translate("WPA2")) -if platform.device_supports_wpa3() then +if wireless.device_supports_wpa3() then encryption:value("psk3-mixed", translate("WPA2 / WPA3")) encryption:value("psk3", translate("WPA3")) end @@ -39,7 +38,7 @@ encryption.default = uci:get('wireless', primary_iface, 'encryption') or "psk2" local mfp = s:option(ListValue, "mfp", translate("Management Frame Protection")) mfp:depends(enabled, true) mfp:value("0", translate("Disabled")) -if platform.device_supports_mfp(uci) then +if wireless.device_supports_mfp(uci) then mfp:value("1", translate("Optional")) mfp:value("2", translate("Required")) end @@ -68,7 +67,7 @@ function f:write() }) -- hostapd-mini won't start in case 802.11w is configured - if platform.device_supports_mfp(uci) then + if wireless.device_supports_mfp(uci) then uci:set('wireless', name, 'ieee80211w', mfp.data) else uci:delete('wireless', name, 'ieee80211w') diff --git a/package/gluon-web-wifi-config/luasrc/lib/gluon/config-mode/controller/admin/wifi-config.lua b/package/gluon-web-wifi-config/luasrc/lib/gluon/config-mode/controller/admin/wifi-config.lua index 4a0b5256..c6c45075 100644 --- a/package/gluon-web-wifi-config/luasrc/lib/gluon/config-mode/controller/admin/wifi-config.lua +++ b/package/gluon-web-wifi-config/luasrc/lib/gluon/config-mode/controller/admin/wifi-config.lua @@ -1,3 +1,8 @@ +local uci = require("simple-uci").cursor() +local wireless = require 'gluon.wireless' + package 'gluon-web-wifi-config' -entry({"admin", "wifi-config"}, model("admin/wifi-config"), _("WLAN"), 20) +if wireless.device_uses_wlan(uci) then + entry({"admin", "wifi-config"}, model("admin/wifi-config"), _("WLAN"), 20) +end diff --git a/package/gluon-web-wifi-config/luasrc/lib/gluon/config-mode/model/admin/wifi-config.lua b/package/gluon-web-wifi-config/luasrc/lib/gluon/config-mode/model/admin/wifi-config.lua index 49580413..13ac6434 100644 --- a/package/gluon-web-wifi-config/luasrc/lib/gluon/config-mode/model/admin/wifi-config.lua +++ b/package/gluon-web-wifi-config/luasrc/lib/gluon/config-mode/model/admin/wifi-config.lua @@ -24,18 +24,6 @@ local function txpower_list(phy) return new end -local function has_5ghz_radio() - local result = false - uci:foreach('wireless', 'wifi-device', function(config) - local radio = config['.name'] - local hwmode = uci:get('wireless', radio, 'hwmode') - - result = result or (hwmode == '11a' or hwmode == '11na') - end) - - return result -end - local f = Form(translate("WLAN")) f:section(Section, nil, translate( @@ -56,9 +44,9 @@ uci:foreach('wireless', 'wifi-device', function(config) local is_5ghz = false local title - if config.hwmode == '11g' or config.hwmode == '11ng' then + if config.band == '2g' then title = translate("2.4GHz WLAN") - elseif config.hwmode == '11a' or config.hwmode == '11na' then + elseif config.band == '5g' then is_5ghz = true title = translate("5GHz WLAN") else @@ -142,7 +130,7 @@ uci:foreach('wireless', 'wifi-device', function(config) end) -if has_5ghz_radio() and not wireless.preserve_channels(uci) then +if wireless.device_uses_11a(uci) and not wireless.preserve_channels(uci) then local r = f:section(Section, translate("Outdoor Installation"), translate( "Configuring the node for outdoor use tunes the 5 GHz radio to a frequency " .. "and transmission power that conforms with the local regulatory requirements. " @@ -167,9 +155,9 @@ if has_5ghz_radio() and not wireless.preserve_channels(uci) then uci:foreach('wireless', 'wifi-device', function(config) local radio = config['.name'] - local hwmode = uci:get('wireless', radio, 'hwmode') + local band = uci:get('wireless', radio, 'band') - if hwmode ~= '11a' and hwmode ~= '11na' then + if band ~= '5g' then return end diff --git a/package/gluon-web/luasrc/usr/lib/lua/gluon/web/dispatcher.lua b/package/gluon-web/luasrc/usr/lib/lua/gluon/web/dispatcher.lua index 42dc47d1..d2a6b500 100644 --- a/package/gluon-web/luasrc/usr/lib/lua/gluon/web/dispatcher.lua +++ b/package/gluon-web/luasrc/usr/lib/lua/gluon/web/dispatcher.lua @@ -184,9 +184,15 @@ local function dispatch(config, http, request) return end - http:parse_input(node.filehandler) + local ok, err = pcall(http.parse_input, http, node.filehandler) + if not ok then + http:status(400, "Bad request") + http:prepare_content("text/plain") + http:write(err .. "\r\n") + return + end - local ok, err = pcall(node.target) + ok, err = pcall(node.target) if not ok then http:status(500, "Internal Server Error") renderer.render_layout("error/500", { @@ -208,6 +214,6 @@ return function(config, http) if not ok then http:status(500, "Internal Server Error") http:prepare_content("text/plain") - http:write(err) + http:write(err .. "\r\n") end end diff --git a/package/gluon-web/luasrc/usr/lib/lua/gluon/web/http/protocol.lua b/package/gluon-web/luasrc/usr/lib/lua/gluon/web/http/protocol.lua index 8d070d95..5f56fa1b 100644 --- a/package/gluon-web/luasrc/usr/lib/lua/gluon/web/http/protocol.lua +++ b/package/gluon-web/luasrc/usr/lib/lua/gluon/web/http/protocol.lua @@ -108,16 +108,11 @@ end -- o String value containing a chunk of the file data -- o Boolean which indicates whether the current chunk is the last one (eof) local function mimedecode_message_body(src, msg, filecb) - - if msg and msg.env.CONTENT_TYPE then - msg.mime_boundary = msg.env.CONTENT_TYPE:match("^multipart/form%-data; boundary=(.+)$") + local mime_boundary = (msg.env.CONTENT_TYPE or ''):match("^multipart/form%-data; boundary=(.+)$") + if not mime_boundary then + error("Invalid Content-Type found") end - if not msg.mime_boundary then - return nil, "Invalid Content-Type found" - end - - local tlen = 0 local inhdr = false local field = nil @@ -188,10 +183,10 @@ local function mimedecode_message_body(src, msg, filecb) local spos, epos, found repeat - spos, epos = data:find("\r\n--" .. msg.mime_boundary .. "\r\n", 1, true) + spos, epos = data:find("\r\n--" .. mime_boundary .. "\r\n", 1, true) if not spos then - spos, epos = data:find("\r\n--" .. msg.mime_boundary .. "--\r\n", 1, true) + spos, epos = data:find("\r\n--" .. mime_boundary .. "--\r\n", 1, true) end @@ -250,20 +245,61 @@ local function mimedecode_message_body(src, msg, filecb) return true end - return pump(src, snk) + assert(pump(src, snk)) +end + +local function check_post_origin(msg) + local default_port = '80' + local request_scheme = 'http' + if msg.env.HTTPS then + default_port = '443' + request_scheme = 'https' + end + + local request_host = msg.env.HTTP_HOST + if not request_host then + error('POST request without Host header') + end + if not request_host:match(':[0-9]+$') then + request_host = request_host .. ':' .. default_port + end + + local origin = msg.env.HTTP_ORIGIN + if not origin then + error('POST request without Origin header') + end + local origin_scheme, origin_host = origin:match('^([^:]*)://(.*)$') + if not origin_host then + error('POST request with invalid Origin header') + end + if not origin_host:match(':[0-9]+$') then + local origin_port + if origin_scheme == 'http' then + origin_port = '80' + elseif origin_scheme == 'https' then + origin_port = '443' + else + error('POST request with invalid Origin header') + end + origin_host = origin_host .. ':' .. origin_port + end + + if request_scheme ~= origin_scheme or request_host ~= origin_host then + error('Invalid cross-origin POST') + end end -- This function will examine the Content-Type within the given message object -- to select the appropriate content decoder. -- Currently only the multipart/form-data mime type is supported. function M.parse_message_body(src, msg, filecb) - if not (msg.env.REQUEST_METHOD == "POST" and msg.env.CONTENT_TYPE) then + if msg.env.REQUEST_METHOD ~= "POST" then return end - if msg.env.CONTENT_TYPE:match("^multipart/form%-data") then - return mimedecode_message_body(src, msg, filecb) - end + check_post_origin(msg) + + mimedecode_message_body(src, msg, filecb) end return M diff --git a/patches/openwrt/0004-kernel-ebtables-add-support-for-ICMP-IGMP-type-matches.patch b/patches/openwrt/0004-kernel-ebtables-add-support-for-ICMP-IGMP-type-matches.patch deleted file mode 100644 index 37698460..00000000 --- a/patches/openwrt/0004-kernel-ebtables-add-support-for-ICMP-IGMP-type-matches.patch +++ /dev/null @@ -1,240 +0,0 @@ -From: Matthias Schiffer -Date: Thu, 12 Apr 2018 07:50:02 +0200 -Subject: kernel: ebtables: add support for ICMP/IGMP type matches - -Signed-off-by: Matthias Schiffer - -diff --git a/target/linux/generic/backport-4.14/096-0001-ebtables-add-support-for-matching-ICMP-type-and-code.patch b/target/linux/generic/backport-4.14/096-0001-ebtables-add-support-for-matching-ICMP-type-and-code.patch -new file mode 100644 -index 0000000000000000000000000000000000000000..fe9c479338a7b597be649c761c70a63085b51c5f ---- /dev/null -+++ b/target/linux/generic/backport-4.14/096-0001-ebtables-add-support-for-matching-ICMP-type-and-code.patch -@@ -0,0 +1,134 @@ -+From: Matthias Schiffer -+Date: Sat, 3 Mar 2018 11:55:21 +0100 -+Subject: [PATCH 1/2] ebtables: add support for matching ICMP type and code -+ -+We already have ICMPv6 type/code matches. This adds support for IPv4 ICMP -+matches in the same way. -+ -+Signed-off-by: Matthias Schiffer -+--- -+ include/uapi/linux/netfilter_bridge/ebt_ip.h | 13 +++++++-- -+ net/bridge/netfilter/ebt_ip.c | 43 +++++++++++++++++++++------- -+ 2 files changed, 43 insertions(+), 13 deletions(-) -+ -+--- a/include/uapi/linux/netfilter_bridge/ebt_ip.h -++++ b/include/uapi/linux/netfilter_bridge/ebt_ip.h -+@@ -24,8 +24,9 @@ -+ #define EBT_IP_PROTO 0x08 -+ #define EBT_IP_SPORT 0x10 -+ #define EBT_IP_DPORT 0x20 -++#define EBT_IP_ICMP 0x40 -+ #define EBT_IP_MASK (EBT_IP_SOURCE | EBT_IP_DEST | EBT_IP_TOS | EBT_IP_PROTO |\ -+- EBT_IP_SPORT | EBT_IP_DPORT ) -++ EBT_IP_SPORT | EBT_IP_DPORT | EBT_IP_ICMP) -+ #define EBT_IP_MATCH "ip" -+ -+ /* the same values are used for the invflags */ -+@@ -38,8 +39,14 @@ struct ebt_ip_info { -+ __u8 protocol; -+ __u8 bitmask; -+ __u8 invflags; -+- __u16 sport[2]; -+- __u16 dport[2]; -++ union { -++ __u16 sport[2]; -++ __u8 icmp_type[2]; -++ }; -++ union { -++ __u16 dport[2]; -++ __u8 icmp_code[2]; -++ }; -+ }; -+ -+ #endif -+--- a/net/bridge/netfilter/ebt_ip.c -++++ b/net/bridge/netfilter/ebt_ip.c -+@@ -19,9 +19,15 @@ -+ #include -+ #include -+ -+-struct tcpudphdr { -+- __be16 src; -+- __be16 dst; -++union pkthdr { -++ struct { -++ __be16 src; -++ __be16 dst; -++ } tcpudphdr; -++ struct { -++ u8 type; -++ u8 code; -++ } icmphdr; -+ }; -+ -+ static bool -+@@ -30,8 +36,8 @@ ebt_ip_mt(const struct sk_buff *skb, str -+ const struct ebt_ip_info *info = par->matchinfo; -+ const struct iphdr *ih; -+ struct iphdr _iph; -+- const struct tcpudphdr *pptr; -+- struct tcpudphdr _ports; -++ const union pkthdr *pptr; -++ union pkthdr _pkthdr; -+ -+ ih = skb_header_pointer(skb, 0, sizeof(_iph), &_iph); -+ if (ih == NULL) -+@@ -50,29 +56,38 @@ ebt_ip_mt(const struct sk_buff *skb, str -+ if (info->bitmask & EBT_IP_PROTO) { -+ if (NF_INVF(info, EBT_IP_PROTO, info->protocol != ih->protocol)) -+ return false; -+- if (!(info->bitmask & EBT_IP_DPORT) && -+- !(info->bitmask & EBT_IP_SPORT)) -++ if (!(info->bitmask & (EBT_IP_DPORT | EBT_IP_SPORT | -++ EBT_IP_ICMP))) -+ return true; -+ if (ntohs(ih->frag_off) & IP_OFFSET) -+ return false; -++ -++ /* min icmp headersize is 4, so sizeof(_pkthdr) is ok. */ -+ pptr = skb_header_pointer(skb, ih->ihl*4, -+- sizeof(_ports), &_ports); -++ sizeof(_pkthdr), &_pkthdr); -+ if (pptr == NULL) -+ return false; -+ if (info->bitmask & EBT_IP_DPORT) { -+- u32 dst = ntohs(pptr->dst); -++ u32 dst = ntohs(pptr->tcpudphdr.dst); -+ if (NF_INVF(info, EBT_IP_DPORT, -+ dst < info->dport[0] || -+ dst > info->dport[1])) -+ return false; -+ } -+ if (info->bitmask & EBT_IP_SPORT) { -+- u32 src = ntohs(pptr->src); -++ u32 src = ntohs(pptr->tcpudphdr.src); -+ if (NF_INVF(info, EBT_IP_SPORT, -+ src < info->sport[0] || -+ src > info->sport[1])) -+ return false; -+ } -++ if ((info->bitmask & EBT_IP_ICMP) && -++ NF_INVF(info, EBT_IP_ICMP, -++ pptr->icmphdr.type < info->icmp_type[0] || -++ pptr->icmphdr.type > info->icmp_type[1] || -++ pptr->icmphdr.code < info->icmp_code[0] || -++ pptr->icmphdr.code > info->icmp_code[1])) -++ return false; -+ } -+ return true; -+ } -+@@ -101,6 +116,14 @@ static int ebt_ip_mt_check(const struct -+ return -EINVAL; -+ if (info->bitmask & EBT_IP_SPORT && info->sport[0] > info->sport[1]) -+ return -EINVAL; -++ if (info->bitmask & EBT_IP_ICMP) { -++ if ((info->invflags & EBT_IP_PROTO) || -++ info->protocol != IPPROTO_ICMP) -++ return -EINVAL; -++ if (info->icmp_type[0] > info->icmp_type[1] || -++ info->icmp_code[0] > info->icmp_code[1]) -++ return -EINVAL; -++ } -+ return 0; -+ } -+ -diff --git a/target/linux/generic/backport-4.14/096-0002-ebtables-add-support-for-matching-IGMP-type.patch b/target/linux/generic/backport-4.14/096-0002-ebtables-add-support-for-matching-IGMP-type.patch -new file mode 100644 -index 0000000000000000000000000000000000000000..4c8144834d87c58ff90363cdc2f2933194e54fdc ---- /dev/null -+++ b/target/linux/generic/backport-4.14/096-0002-ebtables-add-support-for-matching-IGMP-type.patch -@@ -0,0 +1,88 @@ -+From: Matthias Schiffer -+Date: Sat, 3 Mar 2018 12:02:21 +0100 -+Subject: [PATCH 2/2] ebtables: add support for matching IGMP type -+ -+We already have ICMPv6 type/code matches (which can be used to distinguish -+different types of MLD packets). Add support for IPv4 IGMP matches in the -+same way. -+ -+Signed-off-by: Matthias Schiffer -+--- -+ include/uapi/linux/netfilter_bridge/ebt_ip.h | 4 +++- -+ net/bridge/netfilter/ebt_ip.c | 19 +++++++++++++++++-- -+ 2 files changed, 20 insertions(+), 3 deletions(-) -+ -+--- a/include/uapi/linux/netfilter_bridge/ebt_ip.h -++++ b/include/uapi/linux/netfilter_bridge/ebt_ip.h -+@@ -25,8 +25,9 @@ -+ #define EBT_IP_SPORT 0x10 -+ #define EBT_IP_DPORT 0x20 -+ #define EBT_IP_ICMP 0x40 -++#define EBT_IP_IGMP 0x80 -+ #define EBT_IP_MASK (EBT_IP_SOURCE | EBT_IP_DEST | EBT_IP_TOS | EBT_IP_PROTO |\ -+- EBT_IP_SPORT | EBT_IP_DPORT | EBT_IP_ICMP) -++ EBT_IP_SPORT | EBT_IP_DPORT | EBT_IP_ICMP | EBT_IP_IGMP) -+ #define EBT_IP_MATCH "ip" -+ -+ /* the same values are used for the invflags */ -+@@ -42,6 +43,7 @@ struct ebt_ip_info { -+ union { -+ __u16 sport[2]; -+ __u8 icmp_type[2]; -++ __u8 igmp_type[2]; -+ }; -+ union { -+ __u16 dport[2]; -+--- a/net/bridge/netfilter/ebt_ip.c -++++ b/net/bridge/netfilter/ebt_ip.c -+@@ -28,6 +28,9 @@ union pkthdr { -+ u8 type; -+ u8 code; -+ } icmphdr; -++ struct { -++ u8 type; -++ } igmphdr; -+ }; -+ -+ static bool -+@@ -57,12 +60,12 @@ ebt_ip_mt(const struct sk_buff *skb, str -+ if (NF_INVF(info, EBT_IP_PROTO, info->protocol != ih->protocol)) -+ return false; -+ if (!(info->bitmask & (EBT_IP_DPORT | EBT_IP_SPORT | -+- EBT_IP_ICMP))) -++ EBT_IP_ICMP | EBT_IP_IGMP))) -+ return true; -+ if (ntohs(ih->frag_off) & IP_OFFSET) -+ return false; -+ -+- /* min icmp headersize is 4, so sizeof(_pkthdr) is ok. */ -++ /* min icmp/igmp headersize is 4, so sizeof(_pkthdr) is ok. */ -+ pptr = skb_header_pointer(skb, ih->ihl*4, -+ sizeof(_pkthdr), &_pkthdr); -+ if (pptr == NULL) -+@@ -88,6 +91,11 @@ ebt_ip_mt(const struct sk_buff *skb, str -+ pptr->icmphdr.code < info->icmp_code[0] || -+ pptr->icmphdr.code > info->icmp_code[1])) -+ return false; -++ if ((info->bitmask & EBT_IP_IGMP) && -++ NF_INVF(info, EBT_IP_IGMP, -++ pptr->igmphdr.type < info->igmp_type[0] || -++ pptr->igmphdr.type > info->igmp_type[1])) -++ return false; -+ } -+ return true; -+ } -+@@ -124,6 +132,13 @@ static int ebt_ip_mt_check(const struct -+ info->icmp_code[0] > info->icmp_code[1]) -+ return -EINVAL; -+ } -++ if (info->bitmask & EBT_IP_IGMP) { -++ if ((info->invflags & EBT_IP_PROTO) || -++ info->protocol != IPPROTO_IGMP) -++ return -EINVAL; -++ if (info->igmp_type[0] > info->igmp_type[1]) -++ return -EINVAL; -++ } -+ return 0; -+ } -+ diff --git a/patches/openwrt/0006-wireguard-tools-allow-generating-private_key-v3.patch b/patches/openwrt/0004-wireguard-tools-allow-generating-private_key-v3.patch similarity index 100% rename from patches/openwrt/0006-wireguard-tools-allow-generating-private_key-v3.patch rename to patches/openwrt/0004-wireguard-tools-allow-generating-private_key-v3.patch diff --git a/patches/openwrt/0005-package-uci-backport-cli-add-option-for-changing-save-path.patch b/patches/openwrt/0005-package-uci-backport-cli-add-option-for-changing-save-path.patch deleted file mode 100644 index a3f4f92a..00000000 --- a/patches/openwrt/0005-package-uci-backport-cli-add-option-for-changing-save-path.patch +++ /dev/null @@ -1,83 +0,0 @@ -From: Leonardo Mörlein -Date: Sat, 16 Jan 2021 23:11:01 +0100 -Subject: package/uci: backport: "cli: add option for changing save path" - -This is a backport of - -https://git.openwrt.org/?p=project/uci.git;a=commit;h=4b3db1179747b6a6779029407984bacef851325c - -diff --git a/package/system/uci/Makefile b/package/system/uci/Makefile -index 75fc1bdfad0694aac99830b9b0cc87b42ea16e7d..924d5bb4824f567888e2ffd2954429af8f4fd504 100644 ---- a/package/system/uci/Makefile -+++ b/package/system/uci/Makefile -@@ -9,7 +9,7 @@ - include $(TOPDIR)/rules.mk - - PKG_NAME:=uci --PKG_RELEASE:=5 -+PKG_RELEASE:=6 - - PKG_SOURCE_URL=$(PROJECT_GIT)/project/uci.git - PKG_SOURCE_PROTO:=git -diff --git a/package/system/uci/patches/0001-cli-add-option-for-changin-save-path.patch b/package/system/uci/patches/0001-cli-add-option-for-changin-save-path.patch -new file mode 100644 -index 0000000000000000000000000000000000000000..377aec41fe6928aa26bccdde9fd77576d57ec4ed ---- /dev/null -+++ b/package/system/uci/patches/0001-cli-add-option-for-changin-save-path.patch -@@ -0,0 +1,56 @@ -+From: Rafał Miłecki -+Date: Mon, 12 Apr 2021 14:05:52 +0000 (+0200) -+Subject: cli: add option for changing save path -+X-Git-Url: http://git.openwrt.org/?p=project%2Fuci.git;a=commitdiff_plain;h=4b3db1179747b6a6779029407984bacef851325c;hp=52bbc99f69ea6f67b6fe264f424dac91bde5016c -+ -+cli: add option for changing save path -+ -+Save path is a directory where config change (delta) files are stored. -+Having a custom individual save dir can be used to prevent two (or more) -+"uci" cli callers (e.g. bash scripts) from commiting each other changes. -+ -+In the following example: -+ -+App0 App1 -+---- ---- -+uci set system.@system[0].timezone=UTC -+ uci set system.@system[0].hostname=OpenWrt -+ uci commit system -+ -+App1 would unintentionally commit changes made by App0. This can be -+avoided by at least 1 "uci" cli user specifying a custom -t option. -+ -+Signed-off-by: Rafał Miłecki -+--- -+ -+diff --git a/cli.c b/cli.c -+index 267437d..2fce39d 100644 -+--- a/cli.c -++++ b/cli.c -+@@ -167,6 +167,7 @@ static void uci_usage(void) -+ "\t-N don't name unnamed sections\n" -+ "\t-p add a search path for config change files\n" -+ "\t-P add a search path for config change files and use as default\n" -++ "\t-t set save path for config change files\n" -+ "\t-q quiet mode (don't print error messages)\n" -+ "\t-s force strict mode (stop on parser errors, default)\n" -+ "\t-S disable strict mode\n" -+@@ -706,7 +707,7 @@ int main(int argc, char **argv) -+ return 1; -+ } -+ -+- while((c = getopt(argc, argv, "c:d:f:LmnNp:P:sSqX")) != -1) { -++ while((c = getopt(argc, argv, "c:d:f:LmnNp:P:qsSt:X")) != -1) { -+ switch(c) { -+ case 'c': -+ uci_set_confdir(ctx, optarg); -+@@ -754,6 +755,9 @@ int main(int argc, char **argv) -+ case 'q': -+ flags |= CLI_FLAG_QUIET; -+ break; -++ case 't': -++ uci_set_savedir(ctx, optarg); -++ break; -+ case 'X': -+ flags &= ~CLI_FLAG_SHOW_EXT; -+ break; diff --git a/patches/packages/packages/0001-perl-don-t-build-in-parallel-and-bump-release.patch b/patches/packages/packages/0001-perl-don-t-build-in-parallel-and-bump-release.patch new file mode 100644 index 00000000..52eeb6c9 --- /dev/null +++ b/patches/packages/packages/0001-perl-don-t-build-in-parallel-and-bump-release.patch @@ -0,0 +1,24 @@ +From: Martin Weinelt +Date: Tue, 8 Feb 2022 21:09:20 +0100 +Subject: perl: don't build in parallel and bump release + +Parallel builds cause spurious build failures with high core counts. + +https://github.com/openwrt/packages/issues/8238 +https://github.com/openwrt/packages/pull/17274 + +diff --git a/lang/perl/Makefile b/lang/perl/Makefile +index 443164f0a4a6a1c9fa189bf9c3c033d70db30ca0..121a3bfe653f46ecac7d10b1f3ae480fcd02f155 100644 +--- a/lang/perl/Makefile ++++ b/lang/perl/Makefile +@@ -34,8 +34,8 @@ PKG_BUILD_DIR:=$(BUILD_DIR)/perl/$(PKG_NAME)-$(PKG_VERSION) + HOST_BUILD_DIR:=$(BUILD_DIR_HOST)/perl/$(PKG_NAME)-$(PKG_VERSION) + PKG_INSTALL:=1 + PKG_BUILD_DEPENDS:=perl/host +-PKG_BUILD_PARALLEL:=1 +-HOST_BUILD_PARALLEL:=1 ++PKG_BUILD_PARALLEL:=0 ++HOST_BUILD_PARALLEL:=0 + + # Variables used during configuration/build + HOST_PERL_PREFIX:=$(STAGING_DIR_HOSTPKG)/usr diff --git a/scripts/container.sh b/scripts/container.sh new file mode 100755 index 00000000..072d2ec1 --- /dev/null +++ b/scripts/container.sh @@ -0,0 +1,24 @@ +#!/usr/bin/env bash + +set -euo pipefail + +# move into base directory, in case this script is not executed via `make container` +cd "$(dirname "$0")/.." + +# normalize branch name to reflect a valid image name +BRANCH=$(git branch --show-current 2>/dev/null | sed 's/[^a-z0-9-]/_/ig') +TAG="gluon:${BRANCH:-latest}" + +if [ "$(command -v podman)" ] +then + podman build -t "${TAG}" contrib/docker + podman run -it --rm --userns=keep-id --volume="$(pwd):/gluon" "${TAG}" +elif [ "$(command -v docker)" ] +then + docker build -t "${TAG}" contrib/docker + docker run -it --rm --volume="$(pwd):/gluon" "${TAG}" +else + 1>&2 echo "Please install either podman or docker. Exiting" >/dev/null + exit 1 +fi + diff --git a/scripts/lint-sh.sh b/scripts/lint-sh.sh index 71ce5463..96335c7a 100755 --- a/scripts/lint-sh.sh +++ b/scripts/lint-sh.sh @@ -17,7 +17,7 @@ find package -type f | while read -r file; do is_scriptfile "$file" || continue echo "Checking $file" - shellcheck -f gcc -x -s sh -e SC2039,SC1091,SC2155,SC2034 "$file" + shellcheck -f gcc -x -s sh -e SC2039,SC1091,SC2155,SC2034,SC3043,SC3037,SC3057 "$file" done find scripts -type f | while read -r file; do diff --git a/scripts/target_lib.lua b/scripts/target_lib.lua index 36a6ee91..1c2395e6 100644 --- a/scripts/target_lib.lua +++ b/scripts/target_lib.lua @@ -267,47 +267,6 @@ function F.device(image, name, options) end end -function F.factory_image(image, name, ext, options) - options = merge(default_options, options) - - if not want_device(image, options) then - return - end - - if options.deprecated and not full_deprecated then - return - end - - add_image { - image = image, - name = name, - subdir = 'factory', - in_suffix = '', - out_suffix = '', - extension = ext, - aliases = options.aliases, - } -end - -function F.sysupgrade_image(image, name, ext, options) - options = merge(default_options, options) - - if not want_device(image, options) then - return - end - - add_image { - image = image, - name = name, - subdir = 'sysupgrade', - in_suffix = '', - out_suffix = '-sysupgrade', - extension = ext, - aliases = options.aliases, - manifest_aliases = options.manifest_aliases, - } -end - function F.defaults(options) default_options = merge(default_options, options) end diff --git a/targets/ath79-generic b/targets/ath79-generic index 680c9f81..cd005100 100644 --- a/targets/ath79-generic +++ b/targets/ath79-generic @@ -103,6 +103,10 @@ device('siemens-ws-ap3610', 'siemens_ws-ap3610', { -- TP-Link +device('tp-link-archer-a7-v5', 'tplink_archer-a7-v5', { + packages = ATH10K_PACKAGES_QCA9880, +}) + device('tp-link-archer-c2-v3', 'tplink_archer-c2-v3', { packages = ATH10K_PACKAGES_QCA9887, class = 'tiny', diff --git a/targets/x86-64 b/targets/x86-64 index 1ab9938d..288e3d50 100644 --- a/targets/x86-64 +++ b/targets/x86-64 @@ -1,9 +1,14 @@ include 'x86.inc' packages { - 'kmod-gpio-nct5104d', - 'kmod-leds-gpio', - 'kmod-pcengines-apuv2', + 'kmod-gpio-nct5104d', + 'kmod-leds-gpio', + 'kmod-pcengines-apuv2', } -device('x86-64', 'generic') +device('x86-64', 'generic', { + extra_images = { + {'-kernel', '-kernel', '.bin'}, + {'-squashfs-rootfs', '-rootfs', '.img.gz'}, + }, +}) diff --git a/targets/x86-generic b/targets/x86-generic index 0e6d2b39..bee0bd95 100644 --- a/targets/x86-generic +++ b/targets/x86-generic @@ -1,12 +1,16 @@ include 'x86.inc' packages { - 'kmod-gpio-nct5104d', - 'kmod-leds-gpio', - 'kmod-pcengines-apuv2', + 'kmod-gpio-nct5104d', + 'kmod-leds-gpio', + 'kmod-pcengines-apuv2', } device('x86-generic', 'generic', { + extra_images = { + {'-kernel', '-kernel', '.bin'}, + {'-squashfs-rootfs', '-rootfs', '.img.gz'}, + }, manifest_aliases = { 'x86-kvm', 'x86-xen_domu',