nils/gluon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'v2018.1.x' of https://github.com/freifunk-gluon/gluon

Browse Source
This commit is contained in:
GoliathLabs 2018-08-14 16:38:42 +02:00
commit d33760b8b0
818 changed files with 36297 additions and 21871 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.gitignore vendored
View File

@ -1,7 +1,6 @@
*~
/build
/lede
/output
/site
/openwrt
/tmp
/packages
/modules.local

16
CONTRIBUTING.md
View File

@ -46,24 +46,8 @@ fix some bug, detail in the remaining commit message exactly how it could be
triggered and what you did to fix it. If in question, have a glance at the
existing commit messages to get the idea.
Squash commits
--------------
Most changes are trivial enough to fit in one single commit in order to not
clutter the history. While developing a new feature, you are free to use
multiple commits, but if your feature is to be merged, reduce the number of
commits to a minimum. Even huge feature introductions like the 802.11s mesh
(commit [2a93c58]) fit into a single commit.
If you developed your change in multiple smaller commits, you can easily
[squash] those before opening the pull request. While discussing, it is okay to
do your changes using `git commit --amend` and force-push them to your head of
the pull request. This way, your change always consists of only one commit and
can be merged in the instant everybody is content with the whole thing.
[packages]: http://gluon.readthedocs.org/en/latest/user/site.html#packages
[#gluon]: https://webirc.hackint.org/#gluon
[mailing list]: mailto:gluon@luebeck.freifunk.net
[list of rejected features]: https://github.com/freifunk-gluon/gluon/issues?q=label%3Arejected
[2a93c58]: https://github.com/freifunk-gluon/gluon/commit/2a93c580428d10724116b0d2d1238e2745715a14
[squash]: https://www.git-scm.com/book/en/v2/Git-Tools-Rewriting-History#Squashing-Commits

10
LICENSE
View File

@ -1,7 +1,7 @@
The code of Project Gluon may be distributed under the following terms, unless
noted otherwise in individual files or subtrees.
Copyright (c) 2013, Project Gluon
Copyright (c) 2013-2017, Project Gluon
All rights reserved.
Redistribution and use in source and binary forms, with or without
@ -25,10 +25,10 @@ OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
OpenWrt is licensed under the terms of the GNU General Public License Version 2,
which can be found under openwrt/LICENSE after the openwrt submodule has been
obtained. This applies to the following submodules:
* openwrt
LEDE and OpenWrt are licensed under the terms of the GNU General Public License
Version 2, which can be found at lede/LICENSE after the lede repository has been
obtained. This applies to the following repositories:
* lede
* packages/openwrt
* packages/routing
* packages/luci

585
Makefile
View File

@ -4,489 +4,180 @@ LC_ALL:=C
LANG:=C
export LC_ALL LANG
export SHELL:=/usr/bin/env bash
GLUONPATH ?= $(PATH)
export GLUONPATH := $(GLUONPATH)
# initialize (possibly already user set) directory variables
GLUON_SITEDIR ?= site
GLUON_TMPDIR ?= tmp
GLUON_OUTPUTDIR ?= output
empty:=
space:= $(empty) $(empty)
GLUON_IMAGEDIR ?= $(GLUON_OUTPUTDIR)/images
GLUON_PACKAGEDIR ?= $(GLUON_OUTPUTDIR)/packages
GLUONMAKE_EARLY = PATH=$(GLUONPATH) $(SUBMAKE) -C $(GLUON_ORIGOPENWRTDIR) -f $(GLUONDIR)/Makefile GLUON_TOOLS=0 QUILT=
GLUONMAKE = PATH=$(GLUONPATH) $(SUBMAKE) -C $(GLUON_OPENWRTDIR) -f $(GLUONDIR)/Makefile
# check for spaces & resolve possibly relative paths
define mkabspath
ifneq (1,$(words [$($(1))]))
$$(error $(1) must not contain spaces)
endif
override $(1) := $(abspath $($(1)))
endef
ifneq ($(OPENWRT_BUILD),1)
$(eval $(call mkabspath,GLUON_SITEDIR))
$(eval $(call mkabspath,GLUON_TMPDIR))
$(eval $(call mkabspath,GLUON_OUTPUTDIR))
$(eval $(call mkabspath,GLUON_IMAGEDIR))
$(eval $(call mkabspath,GLUON_PACKAGEDIR))
GLUONDIR:=${CURDIR}
export GLUON_TMPDIR GLUON_IMAGEDIR GLUON_PACKAGEDIR DEVICES
include $(GLUONDIR)/include/gluon.mk
TOPDIR:=$(GLUON_ORIGOPENWRTDIR)
export TOPDIR
$(GLUON_SITEDIR)/site.mk:
$(error No site configuration was found. Please check out a site configuration to $(GLUON_SITEDIR))
include $(GLUON_SITEDIR)/site.mk
GLUON_RELEASE ?= $(error GLUON_RELEASE not set. GLUON_RELEASE can be set in site.mk or on the command line)
GLUON_MULTIDOMAIN ?= 0
GLUON_WLAN_MESH ?= 11s
GLUON_DEBUG ?= 0
export GLUON_RELEASE GLUON_REGION GLUON_MULTIDOMAIN GLUON_WLAN_MESH GLUON_DEBUG
show-release:
@echo '$(GLUON_RELEASE)'
update: FORCE
$(GLUONDIR)/scripts/update.sh
$(GLUONDIR)/scripts/patch.sh
@GLUON_SITEDIR='$(GLUON_SITEDIR)' scripts/update.sh
@GLUON_SITEDIR='$(GLUON_SITEDIR)' scripts/patch.sh
@GLUON_SITEDIR='$(GLUON_SITEDIR)' scripts/feeds.sh
update-patches: FORCE
$(GLUONDIR)/scripts/update.sh
$(GLUONDIR)/scripts/update-patches.sh
$(GLUONDIR)/scripts/patch.sh
@GLUON_SITEDIR='$(GLUON_SITEDIR)' scripts/update.sh
@GLUON_SITEDIR='$(GLUON_SITEDIR)' scripts/update-patches.sh
@GLUON_SITEDIR='$(GLUON_SITEDIR)' scripts/patch.sh
-include $(TOPDIR)/include/host.mk
_SINGLE=export MAKEFLAGS=$(space);
override OPENWRT_BUILD=1
override GLUON_TOOLS=1
GREP_OPTIONS=
export OPENWRT_BUILD GLUON_TOOLS GREP_OPTIONS
-include $(TOPDIR)/include/debug.mk
-include $(TOPDIR)/include/depends.mk
include $(GLUONDIR)/include/toplevel.mk
update-feeds: FORCE
@GLUON_SITEDIR='$(GLUON_SITEDIR)' scripts/feeds.sh
include $(GLUONDIR)/targets/targets.mk
GLUON_TARGETS :=
define GluonTarget
gluon_target := $(1)$$(if $(2),-$(2))
GLUON_TARGETS += $$(gluon_target)
GLUON_TARGET_$$(gluon_target)_BOARD := $(1)
GLUON_TARGET_$$(gluon_target)_SUBTARGET := $(if $(3),$(3),$(2))
endef
include targets/targets.mk
CheckTarget := [ -n '$(GLUON_TARGET)' -a -n '$(GLUON_TARGET_$(GLUON_TARGET)_BOARD)' ] \
|| (echo -e 'Please set GLUON_TARGET to a valid target. Gluon supports the following targets:$(subst $(space),\n * ,$(GLUON_TARGETS))'; false)
LEDEMAKE = $(MAKE) -C lede
BOARD := $(GLUON_TARGET_$(GLUON_TARGET)_BOARD)
SUBTARGET := $(GLUON_TARGET_$(GLUON_TARGET)_SUBTARGET)
GLUON_CONFIG_VARS := \
GLUON_SITEDIR='$(GLUON_SITEDIR)' \
GLUON_RELEASE='$(GLUON_RELEASE)' \
GLUON_BRANCH='$(GLUON_BRANCH)' \
GLUON_LANGS='$(GLUON_LANGS)' \
BOARD='$(BOARD)' \
SUBTARGET='$(SUBTARGET)'
LEDE_TARGET := $(BOARD)$(if $(SUBTARGET),-$(SUBTARGET))
export LEDE_TARGET
CheckExternal := test -d $(GLUON_ORIGOPENWRTDIR) || (echo 'You don'"'"'t seem to have obtained the external repositories needed by Gluon; please call `make update` first!'; false)
CheckTarget := [ '$(LEDE_TARGET)' ] \
|| (echo 'Please set GLUON_TARGET to a valid target. Gluon supports the following targets:'; $(foreach target,$(GLUON_TARGETS),echo ' * $(target)';) false)
CheckExternal := test -d lede || (echo 'You don'"'"'t seem to have obtained the external repositories needed by Gluon; please call `make update` first!'; false)
define CheckSite
@GLUON_SITEDIR='$(GLUON_SITEDIR)' GLUON_SITE_CONFIG='$(1).conf' $(LUA) scripts/site_config.lua \
|| (echo 'Your site configuration ($(1).conf) did not pass validation.'; false)
endef
list-targets: FORCE
@$(foreach target,$(GLUON_TARGETS),echo '$(target)';)
create-key: FORCE
@$(CheckExternal)
+@$(GLUONMAKE_EARLY) create-key
GLUON_FEATURE_PACKAGES := $(shell scripts/features.sh '$(GLUON_FEATURES)' || echo '__ERROR__')
ifneq ($(filter __ERROR__,$(GLUON_FEATURE_PACKAGES)),)
$(error Error while evaluating GLUON_FEATURES)
endif
prepare-target: FORCE
GLUON_PACKAGES :=
define merge_packages
$(foreach pkg,$(1),
GLUON_PACKAGES := $$(strip $$(filter-out -$$(patsubst -%,%,$(pkg)) $$(patsubst -%,%,$(pkg)),$$(GLUON_PACKAGES)) $(pkg))
)
endef
$(eval $(call merge_packages,$(GLUON_FEATURE_PACKAGES) $(GLUON_SITE_PACKAGES)))
config: FORCE
@$(CheckExternal)
@$(CheckTarget)
+@$(GLUONMAKE_EARLY) prepare-target
@$(GLUON_CONFIG_VARS) \
scripts/target_config.sh '$(GLUON_TARGET)' '$(GLUON_PACKAGES)' \
> lede/.config
+@$(LEDEMAKE) defconfig
@$(GLUON_CONFIG_VARS) \
scripts/target_config_check.sh '$(GLUON_TARGET)' '$(GLUON_PACKAGES)'
LUA := lede/staging_dir/hostpkg/bin/lua
$(LUA):
@$(CheckExternal)
+@[ -e lede/.config ] || $(LEDEMAKE) defconfig
+@$(LEDEMAKE) tools/install
+@$(LEDEMAKE) package/lua/host/install
prepare-target: config $(LUA) ;
all: prepare-target
+@$(GLUONMAKE) build-key
+@$(GLUONMAKE) prepare
+@$(GLUONMAKE) images
+@$(GLUONMAKE) modules
$(foreach conf,site $(patsubst $(GLUON_SITEDIR)/%.conf,%,$(wildcard $(GLUON_SITEDIR)/domains/*.conf)),$(call CheckSite,$(conf)))
prepare: prepare-target
+@$(GLUONMAKE) build-key
+@$(GLUONMAKE) $@
@scripts/clean_output.sh
+@$(LEDEMAKE)
@GLUON_SITEDIR='$(GLUON_SITEDIR)' scripts/copy_output.sh '$(GLUON_TARGET)'
clean download images modules: FORCE
@$(CheckExternal)
@$(CheckTarget)
+@$(GLUONMAKE_EARLY) maybe-prepare-target
+@$(GLUONMAKE) build-key
+@$(GLUONMAKE) $@
clean download: config
+@$(LEDEMAKE) $@
toolchain/% package/% target/% image/%: FORCE
@$(CheckExternal)
@$(CheckTarget)
+@$(GLUONMAKE_EARLY) maybe-prepare-target
+@$(GLUONMAKE) build-key
+@$(GLUONMAKE) $@
dirclean: FORCE
+@[ -e lede/.config ] || $(LEDEMAKE) defconfig
+@$(LEDEMAKE) dirclean
@rm -rf $(GLUON_TMPDIR) $(GLUON_OUTPUTDIR)
manifest: FORCE
@[ -n '$(GLUON_BRANCH)' ] || (echo 'Please set GLUON_BRANCH to create a manifest.'; false)
manifest: $(LUA) FORCE
@[ '$(GLUON_BRANCH)' ] || (echo 'Please set GLUON_BRANCH to create a manifest.'; false)
@echo '$(GLUON_PRIORITY)' | grep -qE '^([0-9]*\.)?[0-9]+$$' || (echo 'Please specify a numeric value for GLUON_PRIORITY to create a manifest.'; false)
@$(CheckExternal)
( \
@( \
echo 'BRANCH=$(GLUON_BRANCH)' && \
echo 'DATE=$(shell $(GLUON_ORIGOPENWRTDIR)/staging_dir/host/bin/lua $(GLUONDIR)/scripts/rfc3339date.lua)' && \
echo "DATE=$$($(LUA) scripts/rfc3339date.lua)" && \
echo 'PRIORITY=$(GLUON_PRIORITY)' && \
echo \
) > $(GLUON_BUILDDIR)/$(GLUON_BRANCH).manifest.tmp
+($(foreach GLUON_TARGET,$(GLUON_TARGETS), \
( [ ! -e $(BOARD_BUILDDIR)/prepared ] || ( $(GLUONMAKE) manifest GLUON_TARGET='$(GLUON_TARGET)' V=s$(OPENWRT_VERBOSE) ) ) && \
) :)
mkdir -p $(GLUON_IMAGEDIR)/sysupgrade
mv $(GLUON_BUILDDIR)/$(GLUON_BRANCH).manifest.tmp $(GLUON_IMAGEDIR)/sysupgrade/$(GLUON_BRANCH).manifest
dirclean : FORCE
for dir in build_dir dl staging_dir tmp; do \
rm -rf $(GLUON_ORIGOPENWRTDIR)/$$dir; \
done
rm -rf $(GLUON_BUILDDIR) $(GLUON_OUTPUTDIR)
else
TOPDIR=${CURDIR}
export TOPDIR
include rules.mk
include $(GLUONDIR)/include/gluon.mk
include $(INCLUDE_DIR)/host.mk
include $(INCLUDE_DIR)/depends.mk
include $(INCLUDE_DIR)/subdir.mk
include package/Makefile
include tools/Makefile
include toolchain/Makefile
include target/Makefile
PROFILES :=
PROFILE_PACKAGES :=
define Profile
$(eval $(call Profile/Default))
$(eval $(call Profile/$(1)))
endef
define GluonProfile
PROFILES += $(1)
PROFILE_PACKAGES += $(filter-out -%,$(2) $(GLUON_$(1)_SITE_PACKAGES))
GLUON_$(1)_PROFILE := $(if $(3),$(3),$(1))
GLUON_$(1)_DEFAULT_PACKAGES := $(2)
GLUON_$(1)_FACTORY_SUFFIX := -squashfs-factory
GLUON_$(1)_SYSUPGRADE_SUFFIX := -squashfs-sysupgrade
GLUON_$(1)_FACTORY_EXT := .bin
GLUON_$(1)_SYSUPGRADE_EXT := .bin
GLUON_$(1)_MODELS :=
endef
define GluonProfileFactorySuffix
GLUON_$(1)_FACTORY_SUFFIX := $(2)
GLUON_$(1)_FACTORY_EXT := $(3)
endef
define GluonProfileSysupgradeSuffix
GLUON_$(1)_SYSUPGRADE_SUFFIX := $(2)
GLUON_$(1)_SYSUPGRADE_EXT := $(3)
endef
define GluonModel
GLUON_$(1)_MODELS += $(3)
GLUON_$(1)_MODEL_$(3) := $(2)
GLUON_$(1)_MODEL_$(3)_ALIASES :=
endef
define GluonModelAlias
GLUON_$(1)_MODEL_$(2)_ALIASES += $(3)
endef
export SHA512SUM := $(GLUONDIR)/scripts/sha512sum.sh
prereq: FORCE
+$(NO_TRACE_MAKE) prereq
prepare-tmpinfo: FORCE
@+$(MAKE) -r -s staging_dir/host/.prereq-build OPENWRT_BUILD= QUIET=0
mkdir -p tmp/info
$(_SINGLE)$(NO_TRACE_MAKE) -j1 -r -s -f include/scan.mk SCAN_TARGET="packageinfo" SCAN_DIR="package" SCAN_NAME="package" SCAN_DEPS="$(TOPDIR)/include/package*.mk $(TOPDIR)/overlay/*/*.mk" SCAN_EXTRA=""
$(_SINGLE)$(NO_TRACE_MAKE) -j1 -r -s -f include/scan.mk SCAN_TARGET="targetinfo" SCAN_DIR="target/linux" SCAN_NAME="target" SCAN_DEPS="profiles/*.mk $(TOPDIR)/include/kernel*.mk $(TOPDIR)/include/target.mk" SCAN_DEPTH=2 SCAN_EXTRA="" SCAN_MAKEOPTS="TARGET_BUILD=1"
for type in package target; do \
f=tmp/.$${type}info; t=tmp/.config-$${type}.in; \
[ "$$t" -nt "$$f" ] || ./scripts/metadata.pl $${type}_config "$$f" > "$$t" || { rm -f "$$t"; echo "Failed to build $$t"; false; break; }; \
done
[ tmp/.config-feeds.in -nt tmp/.packagefeeds ] || ./scripts/feeds feed_config > tmp/.config-feeds.in
./scripts/metadata.pl package_mk tmp/.packageinfo > tmp/.packagedeps || { rm -f tmp/.packagedeps; false; }
./scripts/metadata.pl package_feeds tmp/.packageinfo > tmp/.packagefeeds || { rm -f tmp/.packagefeeds; false; }
touch $(TOPDIR)/tmp/.build
feeds: FORCE
rm -rf $(TOPDIR)/package/feeds
mkdir $(TOPDIR)/package/feeds
[ ! -f $(GLUON_SITEDIR)/modules ] || . $(GLUON_SITEDIR)/modules && for feed in $$GLUON_SITE_FEEDS; do ln -s ../../../packages/$$feed $(TOPDIR)/package/feeds/$$feed; done
ln -s ../../../package $(TOPDIR)/package/feeds/gluon
. $(GLUONDIR)/modules && for feed in $$GLUON_FEEDS; do ln -s ../../../packages/$$feed $(TOPDIR)/package/feeds/module_$$feed; done
+$(GLUONMAKE_EARLY) prepare-tmpinfo
gluon-tools: FORCE
+$(GLUONMAKE_EARLY) tools/patch/install
+$(GLUONMAKE_EARLY) tools/sed/install
+$(GLUONMAKE_EARLY) tools/cmake/install
+$(GLUONMAKE_EARLY) package/lua/host/install package/usign/host/install
early_prepared_stamp := $(GLUON_BUILDDIR)/prepared_$(shell \
( \
$(SHA512SUM) $(GLUONDIR)/modules; \
[ ! -r $(GLUON_SITEDIR)/modules ] || $(SHA512SUM) $(GLUON_SITEDIR)/modules \
) | $(SHA512SUM) )
prepare-early: FORCE
for dir in build_dir dl staging_dir; do \
mkdir -p $(GLUON_ORIGOPENWRTDIR)/$$dir; \
done
+$(GLUONMAKE_EARLY) feeds
+$(GLUONMAKE_EARLY) gluon-tools
mkdir -p $$(dirname $(early_prepared_stamp))
touch $(early_prepared_stamp)
$(early_prepared_stamp):
rm -f $(GLUON_BUILDDIR)/prepared_*
+$(GLUONMAKE_EARLY) prepare-early
$(GLUON_OPKG_KEY): $(early_prepared_stamp) FORCE
[ -s $(GLUON_OPKG_KEY) -a -s $(GLUON_OPKG_KEY).pub ] || \
( mkdir -p $$(dirname $(GLUON_OPKG_KEY)) && $(STAGING_DIR_HOST)/bin/usign -G -s $(GLUON_OPKG_KEY) -p $(GLUON_OPKG_KEY).pub -c "Gluon opkg key" )
$(GLUON_OPKG_KEY).pub: $(GLUON_OPKG_KEY)
create-key: $(GLUON_OPKG_KEY).pub
include $(GLUONDIR)/targets/targets.mk
ifneq ($(GLUON_TARGET),)
include $(GLUONDIR)/targets/$(GLUON_TARGET)/profiles.mk
BOARD := $(GLUON_TARGET_$(GLUON_TARGET)_BOARD)
override SUBTARGET := $(GLUON_TARGET_$(GLUON_TARGET)_SUBTARGET)
target_prepared_stamp := $(BOARD_BUILDDIR)/target-prepared
gluon_prepared_stamp := $(BOARD_BUILDDIR)/prepared
PREPARED_RELEASE = $$(cat $(gluon_prepared_stamp))
IMAGE_PREFIX = gluon-$(GLUON_SITE_CODE)-$(PREPARED_RELEASE)
MODULE_PREFIX = gluon-$(GLUON_SITE_CODE)-$(PREPARED_RELEASE)
include $(INCLUDE_DIR)/target.mk
build-key: FORCE
rm -f $(BUILD_KEY) $(BUILD_KEY).pub
cp $(GLUON_OPKG_KEY) $(BUILD_KEY)
cp $(GLUON_OPKG_KEY).pub $(BUILD_KEY).pub
config: FORCE
+$(NO_TRACE_MAKE) scripts/config/conf OPENWRT_BUILD= QUIET=0
+$(GLUONMAKE) prepare-tmpinfo
( \
cat $(GLUONDIR)/include/config; \
echo 'CONFIG_TARGET_$(GLUON_TARGET_$(GLUON_TARGET)_BOARD)=y'; \
$(if $(GLUON_TARGET_$(GLUON_TARGET)_SUBTARGET), \
echo 'CONFIG_TARGET_$(GLUON_TARGET_$(GLUON_TARGET)_BOARD)_$(GLUON_TARGET_$(GLUON_TARGET)_SUBTARGET)=y'; \
) \
cat $(GLUONDIR)/targets/$(GLUON_TARGET)/config 2>/dev/null; \
echo 'CONFIG_BUILD_SUFFIX="gluon-$(GLUON_TARGET)"'; \
echo '$(patsubst %,CONFIG_PACKAGE_%=m,$(sort $(filter-out -%,$(GLUON_DEFAULT_PACKAGES) $(GLUON_SITE_PACKAGES) $(PROFILE_PACKAGES))))' \
| sed -e 's/ /\n/g'; \
echo '$(patsubst %,CONFIG_LUCI_LANG_%=y,$(GLUON_LANGS))' \
| sed -e 's/ /\n/g'; \
) > $(BOARD_BUILDDIR)/config.tmp
scripts/config/conf --defconfig=$(BOARD_BUILDDIR)/config.tmp Config.in
+$(SUBMAKE) tools/install
prepare-target: $(GLUON_OPKG_KEY).pub
rm $(GLUON_OPENWRTDIR)/tmp || true
mkdir -p $(GLUON_OPENWRTDIR)/tmp
for link in build_dir config Config.in dl include Makefile package rules.mk scripts staging_dir target toolchain tools; do \
ln -sf $(GLUON_ORIGOPENWRTDIR)/$$link $(GLUON_OPENWRTDIR); \
done
+$(GLUONMAKE) config
touch $(target_prepared_stamp)
$(target_prepared_stamp):
+$(GLUONMAKE_EARLY) prepare-target
maybe-prepare-target: $(target_prepared_stamp)
+$(GLUONMAKE_EARLY) $(GLUON_OPKG_KEY).pub
$(BUILD_DIR)/.prepared: Makefile
@mkdir -p $$(dirname $@)
@touch $@
$(toolchain/stamp-install): $(tools/stamp-install)
$(package/stamp-compile): $(package/stamp-cleanup)
clean: FORCE
+$(SUBMAKE) clean
rm -f $(gluon_prepared_stamp)
download: FORCE
+$(SUBMAKE) tools/download
+$(SUBMAKE) toolchain/download
+$(SUBMAKE) package/download
+$(SUBMAKE) target/download
toolchain: $(toolchain/stamp-install) $(tools/stamp-install)
include $(INCLUDE_DIR)/kernel.mk
kernel: FORCE
+$(NO_TRACE_MAKE) -C $(TOPDIR)/target/linux/$(BOARD) $(LINUX_DIR)/.image TARGET_BUILD=1
+$(NO_TRACE_MAKE) -C $(TOPDIR)/target/linux/$(BOARD) $(LINUX_DIR)/.modules TARGET_BUILD=1
packages: $(package/stamp-compile)
$(_SINGLE)$(SUBMAKE) -r package/index
prepare-image: FORCE
rm -rf $(BOARD_KDIR)
mkdir -p $(BOARD_KDIR)
-cp $(KERNEL_BUILD_DIR)/* $(BOARD_KDIR)/
+$(SUBMAKE) -C $(TOPDIR)/target/linux/$(BOARD)/image image_prepare KDIR="$(BOARD_KDIR)"
prepare: FORCE
@$(STAGING_DIR_HOST)/bin/lua $(GLUONDIR)/scripts/site_config.lua \
|| (echo 'Your site configuration did not pass validation.'; false)
mkdir -p $(GLUON_IMAGEDIR) $(BOARD_BUILDDIR)
echo 'src packages file:../openwrt/bin/$(BOARD)/packages' > $(BOARD_BUILDDIR)/opkg.conf
+$(GLUONMAKE) toolchain
+$(GLUONMAKE) kernel
+$(GLUONMAKE) packages
+$(GLUONMAKE) prepare-image
echo "$(GLUON_RELEASE)" > $(gluon_prepared_stamp)
$(gluon_prepared_stamp):
+$(GLUONMAKE) prepare
modules: FORCE $(gluon_prepared_stamp)
-rm -f $(GLUON_MODULEDIR)/*/$(BOARD)/$(if $(SUBTARGET),$(SUBTARGET),generic)/*
-rmdir -p $(GLUON_MODULEDIR)/*/$(BOARD)/$(if $(SUBTARGET),$(SUBTARGET),generic)
mkdir -p $(GLUON_MODULEDIR)/$(MODULE_PREFIX)/$(BOARD)/$(if $(SUBTARGET),$(SUBTARGET),generic)
cp $(PACKAGE_DIR)/kmod-*.ipk $(GLUON_MODULEDIR)/$(MODULE_PREFIX)/$(BOARD)/$(if $(SUBTARGET),$(SUBTARGET),generic)
$(_SINGLE)$(SUBMAKE) -r package/index PACKAGE_DIR=$(GLUON_MODULEDIR)/$(MODULE_PREFIX)/$(BOARD)/$(if $(SUBTARGET),$(SUBTARGET),generic)
include $(INCLUDE_DIR)/package-ipkg.mk
# override variables from rules.mk
PACKAGE_DIR = $(GLUON_OPENWRTDIR)/bin/$(BOARD)/packages
PROFILE_BUILDDIR = $(BOARD_BUILDDIR)/profiles/$(PROFILE)
PROFILE_KDIR = $(PROFILE_BUILDDIR)/kernel
BIN_DIR = $(PROFILE_BUILDDIR)/images
TARGET_DIR = $(PROFILE_BUILDDIR)/root
OPKG:= \
IPKG_TMP="$(TMP_DIR)/ipkgtmp" \
IPKG_INSTROOT="$(TARGET_DIR)" \
IPKG_CONF_DIR="$(TMP_DIR)" \
IPKG_OFFLINE_ROOT="$(TARGET_DIR)" \
$(STAGING_DIR_HOST)/bin/opkg \
-f $(BOARD_BUILDDIR)/opkg.conf \
--cache $(TMP_DIR)/dl \
--offline-root $(TARGET_DIR) \
--force-postinstall \
--add-dest root:/ \
--add-arch all:100 \
--add-arch $(ARCH_PACKAGES):200
EnableInitscript = ! grep -q '\#!/bin/sh /etc/rc.common' $(1) || bash ./etc/rc.common $(1) enable
enable_initscripts: FORCE
cd $(TARGET_DIR) && ( export IPKG_INSTROOT=$(TARGET_DIR); \
$(foreach script,$(wildcard $(TARGET_DIR)/etc/init.d/*), \
$(call EnableInitscript,$(script)); \
echo && \
$(foreach GLUON_TARGET,$(GLUON_TARGETS), \
GLUON_SITEDIR='$(GLUON_SITEDIR)' scripts/generate_manifest.sh '$(GLUON_TARGET)' && \
) : \
)
) > 'tmp/$(GLUON_BRANCH).manifest.tmp'
@mkdir -p '$(GLUON_IMAGEDIR)/sysupgrade'
@mv 'tmp/$(GLUON_BRANCH).manifest.tmp' '$(GLUON_IMAGEDIR)/sysupgrade/$(GLUON_BRANCH).manifest'
# Generate package list
$(eval $(call merge-lists,INSTALL_PACKAGES,DEFAULT_PACKAGES GLUON_DEFAULT_PACKAGES GLUON_SITE_PACKAGES GLUON_$(PROFILE)_DEFAULT_PACKAGES GLUON_$(PROFILE)_SITE_PACKAGES))
FORCE: ;
package_install: FORCE
$(OPKG) update
$(OPKG) install $(PACKAGE_DIR)/base-files_*.ipk $(PACKAGE_DIR)/libc_*.ipk
$(OPKG) install $(PACKAGE_DIR)/kernel_*.ipk
$(OPKG) install $(INSTALL_PACKAGES)
+$(GLUONMAKE) enable_initscripts
rm -f $(TARGET_DIR)/usr/lib/opkg/lists/* $(TARGET_DIR)/tmp/opkg.lock
# Remove opkg database when opkg is not intalled
if [ ! -x $(TARGET_DIR)/bin/opkg ]; then rm -rf $(TARGET_DIR)/usr/lib/opkg; fi
include $(INCLUDE_DIR)/version.mk
opkg_config: FORCE
for d in base packages luci routing telephony management; do \
echo "src/gz %n_$$d %U/$$d"; \
done > $(TARGET_DIR)/etc/opkg/distfeeds.conf
$(VERSION_SED) $(TARGET_DIR)/etc/opkg/distfeeds.conf
image: FORCE
rm -rf $(TARGET_DIR) $(BIN_DIR) $(PROFILE_KDIR)
mkdir -p $(TARGET_DIR) $(BIN_DIR) $(TARGET_DIR)/tmp $(GLUON_IMAGEDIR)/factory $(GLUON_IMAGEDIR)/sysupgrade
cp -r $(BOARD_KDIR) $(PROFILE_KDIR)
+$(GLUONMAKE) package_install
+$(GLUONMAKE) opkg_config
$(call Image/mkfs/prepare)
$(_SINGLE)$(NO_TRACE_MAKE) -C $(TOPDIR)/target/linux/$(BOARD)/image install TARGET_BUILD=1 IMG_PREFIX=gluon \
PROFILE="$(GLUON_$(PROFILE)_PROFILE)" KDIR="$(PROFILE_KDIR)" TARGET_DIR="$(TARGET_DIR)" BIN_DIR="$(BIN_DIR)" TMP_DIR="$(TMP_DIR)"
$(foreach model,$(GLUON_$(PROFILE)_MODELS), \
$(if $(GLUON_$(PROFILE)_SYSUPGRADE_EXT), \
rm -f $(GLUON_IMAGEDIR)/sysupgrade/gluon-*-$(model)-sysupgrade$(GLUON_$(PROFILE)_SYSUPGRADE_EXT) && \
cp $(BIN_DIR)/gluon-$(GLUON_$(PROFILE)_MODEL_$(model))$(GLUON_$(PROFILE)_SYSUPGRADE_SUFFIX)$(GLUON_$(PROFILE)_SYSUPGRADE_EXT) $(GLUON_IMAGEDIR)/sysupgrade/$(IMAGE_PREFIX)-$(model)-sysupgrade$(GLUON_$(PROFILE)_SYSUPGRADE_EXT) && \
) \
$(if $(GLUON_$(PROFILE)_FACTORY_EXT), \
rm -f $(GLUON_IMAGEDIR)/factory/gluon-*-$(model)$(GLUON_$(PROFILE)_FACTORY_EXT) && \
cp $(BIN_DIR)/gluon-$(GLUON_$(PROFILE)_MODEL_$(model))$(GLUON_$(PROFILE)_FACTORY_SUFFIX)$(GLUON_$(PROFILE)_FACTORY_EXT) $(GLUON_IMAGEDIR)/factory/$(IMAGE_PREFIX)-$(model)$(GLUON_$(PROFILE)_FACTORY_EXT) && \
) \
\
$(foreach alias,$(GLUON_$(PROFILE)_MODEL_$(model)_ALIASES), \
$(if $(GLUON_$(PROFILE)_SYSUPGRADE_EXT), \
rm -f $(GLUON_IMAGEDIR)/sysupgrade/gluon-*-$(alias)-sysupgrade$(GLUON_$(PROFILE)_SYSUPGRADE_EXT) && \
ln -s $(IMAGE_PREFIX)-$(model)-sysupgrade$(GLUON_$(PROFILE)_SYSUPGRADE_EXT) $(GLUON_IMAGEDIR)/sysupgrade/$(IMAGE_PREFIX)-$(alias)-sysupgrade$(GLUON_$(PROFILE)_SYSUPGRADE_EXT) && \
) \
$(if $(GLUON_$(PROFILE)_FACTORY_EXT), \
rm -f $(GLUON_IMAGEDIR)/factory/gluon-*-$(alias)$(GLUON_$(PROFILE)_FACTORY_EXT) && \
ln -s $(IMAGE_PREFIX)-$(model)$(GLUON_$(PROFILE)_FACTORY_EXT) $(GLUON_IMAGEDIR)/factory/$(IMAGE_PREFIX)-$(alias)$(GLUON_$(PROFILE)_FACTORY_EXT) && \
) \
) \
) :
image/%: $(gluon_prepared_stamp)
+$(GLUONMAKE) image PROFILE="$(patsubst image/%,%,$@)" V=s$(OPENWRT_VERBOSE)
call_image/%: FORCE
+$(GLUONMAKE) $(patsubst call_image/%,image/%,$@)
images: $(patsubst %,call_image/%,$(PROFILES)) ;
manifest: FORCE
( \
cd $(GLUON_IMAGEDIR)/sysupgrade; \
$(foreach profile,$(PROFILES), \
$(if $(GLUON_$(profile)_SYSUPGRADE_EXT), \
$(foreach model,$(GLUON_$(profile)_MODELS), \
file="$(IMAGE_PREFIX)-$(model)-sysupgrade$(GLUON_$(profile)_SYSUPGRADE_EXT)"; \
[ -e "$$file" ] && echo '$(model)' "$(PREPARED_RELEASE)" "$$($(SHA512SUM) "$$file")" "$$file"; \
\
$(foreach alias,$(GLUON_$(profile)_MODEL_$(model)_ALIASES), \
file="$(IMAGE_PREFIX)-$(alias)-sysupgrade$(GLUON_$(profile)_SYSUPGRADE_EXT)"; \
[ -e "$$file" ] && echo '$(alias)' "$(PREPARED_RELEASE)" "$$($(SHA512SUM) "$$file")" "$$file"; \
) \
) \
) \
) : \
) >> $(GLUON_BUILDDIR)/$(GLUON_BRANCH).manifest.tmp
.PHONY: all create-key prepare images modules clean gluon-tools manifest
endif
endif
.PHONY: FORCE
.NOTPARALLEL:

14
README.md
View File

@ -1,10 +1,10 @@
Documentation (incomplete at this time, contribute if you can!) may be found at
http://gluon.readthedocs.org/.
https://gluon.readthedocs.org/.
If you're new to Gluon and ready to get your feet wet, have a look at the
[Getting Started Guide](http://gluon.readthedocs.org/en/latest/user/getting_started.html).
[Getting Started Guide](https://gluon.readthedocs.org/en/latest/user/getting_started.html).
**Gluon IRC channel: `#gluon` in [hackint](http://hackint.org/)**
**Gluon IRC channel: `#gluon` in [hackint](https://hackint.org/)**
## Issues & Feature requests
@ -18,8 +18,8 @@ the future development of Gluon.
## Use a release!
Please refrain from using the `master` branch for anything else but development purposes!
Use the most recent release instead. You can list all relaseses by running `git branch -a`
and switch to one by running `git checkout v2016.1.5 && make update`.
Use the most recent release instead. You can list all releases by running `git tag`
and switch to one by running `git checkout v2018.1 && make update`.
If you're using the autoupdater, do not autoupdate nodes with anything but releases.
If you upgrade using random master commits the nodes *will break* eventually.
@ -28,11 +28,11 @@ If you upgrade using random master commits the nodes *will break* eventually.
To subscribe to the list, send a message to:
gluon-subscribe@luebeck.freifunk.net
gluon+subscribe@luebeck.freifunk.net
To remove your address from the list, just send a message to
the address in the `List-Unsubscribe` header of any list
message. If you haven't changed addresses since subscribing,
you can also send a message to:
gluon-unsubscribe@luebeck.freifunk.net
gluon+unsubscribe@luebeck.freifunk.net

128
contrib/i18n-scan.pl Executable file
View File

@ -0,0 +1,128 @@
#!/usr/bin/perl
use strict;
use warnings;
use Text::Balanced qw(extract_bracketed extract_delimited extract_tagged);
@ARGV >= 1 || die "Usage: $0 <source direcory>\n";
my %stringtable;
sub dec_lua_str
{
my $s = shift;
$s =~ s/[\s\n]+/ /g;
$s =~ s/\\n/\n/g;
$s =~ s/\\t/\t/g;
$s =~ s/\\(.)/$1/g;
$s =~ s/^ //;
$s =~ s/ $//;
return $s;
}
sub dec_tpl_str
{
my $s = shift;
$s =~ s/-$//;
$s =~ s/[\s\n]+/ /g;
$s =~ s/^ //;
$s =~ s/ $//;
$s =~ s/\\/\\\\/g;
return $s;
}
if( open F, "find @ARGV -type f '(' -name '*.html' -o -name '*.lua' ')' |" )
{
while( defined( my $file = readline F ) )
{
chomp $file;
if( open S, "< $file" )
{
local $/ = undef;
my $raw = <S>;
close S;
my $text = $raw;
while( $text =~ s/ ^ .*? (?:translate|translatef|_) [\n\s]* \( /(/sgx )
{
( my $code, $text ) = extract_bracketed($text, q{('")});
$code =~ s/\\\n/ /g;
$code =~ s/^\([\n\s]*//;
$code =~ s/[\n\s]*\)$//;
my $res = "";
my $sub = "";
if( $code =~ /^['"]/ )
{
while( defined $sub )
{
( $sub, $code ) = extract_delimited($code, q{'"}, q{\s*(?:\.\.\s*)?});
if( defined $sub && length($sub) > 2 )
{
$res .= substr $sub, 1, length($sub) - 2;
}
else
{
undef $sub;
}
}
}
elsif( $code =~ /^(\[=*\[)/ )
{
my $stag = quotemeta $1;
my $etag = $stag;
$etag =~ s/\[/]/g;
( $res ) = extract_tagged($code, $stag, $etag);
$res =~ s/^$stag//;
$res =~ s/$etag$//;
}
$res = dec_lua_str($res);
$stringtable{$res}++ if $res;
}
$text = $raw;
while( $text =~ s/ ^ .*? <% -? [:_] /<%/sgx )
{
( my $code, $text ) = extract_tagged($text, '<%', '%>');
if( defined $code )
{
$code = dec_tpl_str(substr $code, 2, length($code) - 4);
$stringtable{$code}++;
}
}
}
}
close F;
}
if( open C, "| msgcat -" )
{
printf C "msgid \"\"\nmsgstr \"Content-Type: text/plain; charset=UTF-8\"\n\n";
foreach my $key ( sort keys %stringtable )
{
if( length $key )
{
$key =~ s/"/\\"/g;
printf C "msgid \"%s\"\nmsgstr \"\"\n\n", $key;
}
}
close C;
}

12
contrib/lsupgrade.sh
View File

@ -2,10 +2,11 @@
# Script to list all upgrade scripts in a clear manner
# Limitations:
# * Does only show scripts of packages whose `files' directory represent the whole image filesystem (which are all Gluon packages)
# * Does only show scripts of packages whose `files'/`luasrc' directories represent the whole image filesystem (which are all Gluon packages)
SUFFIX=files/lib/gluon/upgrade
SUFFIX1=files/lib/gluon/upgrade
SUFFIX2=luasrc/lib/gluon/upgrade
shopt -s nullglob
@ -35,8 +36,11 @@ find ./package packages -name Makefile | while read makefile; do
dirname="$(dirname "$dir" | cut -d/ -f 3-)"
package="$(basename "$dir")"
for file in "${SUFFIX}"/*; do
echo "${GREEN}$(basename "${file}")${RESET}" "(${BLUE}${repo}${RESET}/${dirname}${dirname:+/}${RED}${package}${RESET}/${SUFFIX})"
for file in "${SUFFIX1}"/*; do
echo "${GREEN}$(basename "${file}")${RESET}" "(${BLUE}${repo}${RESET}/${dirname}${dirname:+/}${RED}${package}${RESET}/${SUFFIX1})"
done
for file in "${SUFFIX2}"/*; do
echo "${GREEN}$(basename "${file}")${RESET}" "(${BLUE}${repo}${RESET}/${dirname}${dirname:+/}${RED}${package}${RESET}/${SUFFIX2})"
done
popd >/dev/null
done | sort

2
contrib/sign.sh
View File

@ -15,7 +15,7 @@ The script may be performed multiple times to the same document
to indicate an approval by multiple developers.
See also
* edcsautils on https://github.com/tcatm/ecdsautils
* ecdsautils on https://github.com/tcatm/ecdsautils
EOHELP
exit 1

6
docs/conf.py
View File

@ -47,16 +47,16 @@ master_doc = 'index'
# General information about the project.
project = 'Gluon'
copyright = '2015-2016, Project Gluon'
copyright = '2015-2018, Project Gluon'
# The version info for the project you're documenting, acts as replacement for
# |version| and |release|, also used in various other places throughout the
# built documents.
#
# The short X.Y version.
version = '2016.1+'
version = '2018.1'
# The full version, including alpha/beta/rc tags.
release = '2016.1+'
release = '2018.1'
# The language for content autogenerated by Sphinx. Refer to documentation
# for a list of supported languages.

32
docs/dev/basics.rst
View File

@ -34,21 +34,7 @@ rerun
`patches`; the resulting branch will be called `patched`, while the commit specified in `modules`
can be refered to by the branch `base`.
::
make unpatch
sets the repositories to the `base` branch,
::
make patch
re-applies the patches by resetting the `patched` branch to `base` and calling `git am`
for the patch files. Calling `make` or a similar command after calling `make unpatch`
is generally not a good idea.
After new patches have been commited on top of the patched branch (or existing commits
After new patches have been commited on top of the `patched` branch (or existing commits
since the base commit have been edited or removed), the patch directories can be regenerated
using
@ -61,3 +47,19 @@ and you can try rebasing it onto the new `base` branch yourself and after that c
Always call `make update-patches` after making changes to a module repository as `make update` will overwrite your
commits, making `git reflog` the only way to recover them!
Development Guidelines
----------------------
lua should be used instead of sh whenever sensible. The following criteria
should be considered:
- Is the script doing more than just executing external commands? if so, use lua
- Is the script parsing/editing json-data? If so, use lua for speed
- When using sh, use jsonfilter instead of json_* functions for speed
Code formatting may sound like a topic for the pedantic, however it helps if
the code in the project is formatted in the same way. The following rules
apply:
- use tabs instead of spaces
- trailing whitespaces must be eliminated

92
docs/dev/configmode.rst
View File

@ -1,92 +0,0 @@
Config Mode
===========
As of 2014.4 `gluon-config-mode` consists of several modules.
gluon-config-mode-core
This modules provides the core functionality for the config mode.
All modules must depend on it.
gluon-config-mode-hostname
Provides a hostname field.
gluon-config-mode-autoupdater
Informs whether the autoupdater is enabled.
gluon-config-mode-mesh-vpn
Allows toggling of mesh-vpn-fastd and setting a bandwidth limit.
gluon-config-mode-geo-location
Enables the user to set the geographical location of the node.
gluon-config-mode-contact-info
Adds a field where the user can provide contact information.
In order to get a config mode close to the one found in 2014.3.x you may add
these modules to your `site.mk`:
gluon-config-mode-hostname,
gluon-config-mode-autoupdater,
gluon-config-mode-mesh-vpn,
gluon-config-mode-geo-location,
gluon-config-mode-contact-info
Writing Config Mode Modules
~~~~~~~~~~~~~~~~~~~~~~~~~~~
Config mode modules are located at `/lib/gluon/config-mode/wizard` and
`/lib/gluon/config-mode/reboot`. Modules are named like `0000-name.lua` and
are executed in lexical order. If you take the standard set of modules, the
order is, for wizard modules:
- 0050-autoupdater-info
- 0100-hostname
- 0300-mesh-vpn
- 0400-geo-location
- 0500-contact-info
While for reboot modules it is:
- 0100-mesh-vpn
- 0900-msg-reboot
Wizards
-------
Wizard modules return a UCI section. A simple module capable of changing the
hostname might look like this::
local cbi = require "luci.cbi"
local uci = luci.model.uci.cursor()
local M = {}
function M.section(form)
local s = form:section(cbi.SimpleSection, nil, nil)
local o = s:option(cbi.Value, "_hostname", "Hostname")
o.value = uci:get_first("system", "system", "hostname")
o.rmempty = false
o.datatype = "hostname"
end
function M.handle(data)
uci:set("system", uci:get_first("system", "system"), "hostname", data._hostname)
uci:save("system")
uci:commit("system")
end
return M
Reboot page
-----------
Reboot modules return a function that will be called when the page is to be
rendered or nil (i.e. the module is skipped)::
if no_hello_world_today then
return nil
else
return function ()
luci.template.render_string("Hello World!")
end
end

150
docs/dev/hardware.rst
View File

@ -7,78 +7,138 @@ Hardware requirements
---------------------
Having an ath9k (or ath10k) based WLAN adapter is highly recommended,
although other chipsets may also work. VAP (multiple SSID) support
is a requirement. At the moment, Gluon's scripts can't handle devices
without WLAN adapters (although such environments may also be interesting,
e.g. for automated testing in virtual machines).
is a requirement.
.. _hardware-adding-profiles:
Adding profiles
---------------
The vast majority of devices with ath9k WLAN uses the ar71xx target of OpenWrt.
If the hardware you want to add support for is also ar71xx, adding a new profile
is enough.
The vast majority of devices with ath9k WLAN is based on the ar71xx target of LEDE.
If the hardware you want to add support for is ar71xx, adding a new profile
is sufficient.
Profiles are defined in ``targets/<target>-<subtarget>/profiles.mk``. There are two macros
used to define which images are generated: ``GluonProfile`` and ``GluonModel``. The following examples
are taken from ``profiles.mk`` of the ``ar71xx-generic`` target::
Profiles are defined in ``targets/*`` in a shell-based DSL (so common shell
command syntax like ``if`` can be used).
$(eval $(call GluonProfile,TLWR1043))
$(eval $(call GluonModel,TLWR1043,tl-wr1043nd-v1-squashfs,tp-link-tl-wr1043n-nd-v1))
$(eval $(call GluonModel,TLWR1043,tl-wr1043nd-v2-squashfs,tp-link-tl-wr1043n-nd-v2))
The ``device`` command is used to define an image build for a device. It takes
two or three parameters.
The ``GluonProfile`` macro takes at least one parameter, the profile name as it is
defined in the Makefiles of OpenWrt (``openwrt/target/linux/<target>/<subtarget>/profiles/*``
and ``openwrt/target/linux/<target>/image/Makefile``). If the target you are on doesn't define
profiles (e.g. on x86), just add a single profile called ``Generic`` or similar.
It may optionally take a second parameter which defines additional packages to include for the profile
(e.g. ath10k). The additional packages defined in ``openwrt/target/linux/<target>/<subtarget>/profiles/*``
aren't used.
The ``GluonModel`` macro takes three parameters: The profile name, the suffix of the image file
generated by OpenWrt (without the file extension), and the final image name of the Gluon image.
The final image name must be the same that is returned by the following command.
::
The first parameter defines the Gluon profile name, which is used to refer to the
device and is part of the generated image name. The profile name must be same as
the output of the following command (on the target device), so the autoupdater
can work::
lua -e 'print(require("platform_info").get_image_name())'
While porting Gluon to a new device, it might happen that the profile name is un-
known. Best practise is to generate an image first by using an arbitrary value
and then executing the lua command on the device and use its output from then on.
This is just so the autoupdater can work. The command has to be executed _on_ the target (eg. the hardware router with a flashed image). So you'll first have to build an image with a guessed name, and afterwards build a new, correctly named image. On targets which aren't supported by the autoupdater,
``require("platform_info").get_image_name()`` will just return ``nil`` and the final image name
may be defined arbitrarily.
The second parameter defines the name of the image files generated by LEDE. Usually,
it is also the LEDE profile name; for devices that still use the old image build
code, a third parameter with the LEDE profile name can be passed. The profile names
can be found in the image Makefiles in ``lede/target/linux/<target>/image/Makefile``.
Examples::
device tp-link-tl-wr1043n-nd-v1 tl-wr1043nd-v1
device alfa-network-hornet-ub hornet-ub HORNETUB
Suffixes and extensions
'''''''''''''''''''''''
By default, image files are expected to have the extension ``.bin``. In addition,
the images generated by LEDE have a suffix before the extension that defaults to
``-squashfs-factory`` and ``-squashfs-sysupgrade``.
This can be changed using the ``factory`` and ``sysupgrade`` commands, either at
the top of the file to set the defaults for all images, or for a single image. There
are three forms with 0 to 2 arguments (all work with ``sysupgrade`` as well)::
factory SUFFIX .EXT
factory .EXT
factory
When only an extension is given, the default suffix is retained. When no arguments
are given, this signals that no factory (or sysupgrade) image exists.
Aliases
'''''''
Sometimes multiple models use the same LEDE images. In this case, the ``alias``
command can be used to create symlinks and additional entries in the autoupdater
manifest for the alternative models.
Standalone images
'''''''''''''''''
On targets without *per-device rootfs* support in LEDE, the commands described above
can't be used. Instead, ``factory_image`` and ``sysupgrade_image`` are used::
factory_image PROFILE IMAGE .EXT
sysupgrade_image PROFILE IMAGE .EXT
Again, the profile name must match the value printed by the aforementioned Lua
command. The image name must match the part between the target name and the extension
as generated by LEDE and is to be omitted when no such part exists.
Packages
''''''''
The ``packages`` command takes an arbitrary number of arguments. Each argument
defines an additional package to include in the images in addition to the default
package sets defined by LEDE. When a package name is prefixed by a minus sign, the
packages are excluded instead.
The ``packages`` command may be used at the top of a target definition to modify
the default package list for all images, or just for a single device (when the
target supports *per-default rootfs*).
Configuration
'''''''''''''
The ``config`` command allows to add arbitary target-specific LEDE configuration
to be emitted to ``.config``.
Notes
'''''
On devices with multiple WLAN adapters, care must also be taken that the primary MAC address is
configured correctly. ``/lib/gluon/core/sysconfig/primary_mac`` should contain the MAC address which
can be found on a label on most hardware; if it does not, ``/lib/gluon/upgrade/010-primary-mac``
in ``gluon-core`` might need a fix. (There have also been cases in which the address was incorrect
even on devices with only one WLAN adapter, in these cases an OpenWrt bug was the cause).
even on devices with only one WLAN adapter, in these cases a LEDE bug was the cause).
Adding support for new hardware targets
---------------------------------------
Adding a new target is much more complex than adding a new profile. There are two basic steps
required for adding a new target:
Adjust packages
'''''''''''''''
One package that definitely needs adjustments for every new target added is ``lua-platform-info``. Just
start with a copy of an existing platform info script, adjust it for the new target, and add the new target
to the list of supported targets in the package Makefile.
Package adjustments
'''''''''''''''''''
On many targets, Gluon's network setup scripts (mainly in the packages ``gluon-core`` and ``gluon-mesh-batman-adv-core``)
One package that may need adjustments for new targets is ``libplatforminfo`` (to be found in
`packages/gluon/libs/libplatforminfo <https://github.com/freifunk-gluon/packages/tree/master/libs/libplatforminfo>`_).
If the new platform works fine with the definitions found in ``default.c``, nothing needs to be done. Otherwise,
create a definition for the added target or subtarget, either by symlinking one of the files in the ``templates``
directory, or adding a new source file.
On many targets, Gluon's network setup scripts (mainly in the package ``gluon-core``)
won't run correctly without some adjustments, so better double check that everything is fine there (and the files
``primary_mac``, ``lan_ifname`` and ``wan_ifname`` in ``/lib/gluon/core/sysconfig/`` contain sensible values).
Add support to the build system
'''''''''''''''''''''''''''''''
A directory for the new target must be created under ``targets``, and it must be added
to ``targets/targets.mk``. In the new target directory, the following files must be created:
Build system support
''''''''''''''''''''
* profiles.mk
* config (optional)
For ``profiles.mk``, see :ref:`hardware-adding-profiles`.
The file ``config`` can be used to add additional, target-specific options to the OpenWrt config.
A definition for the new target must be created under ``targets``, and it must be added
to ``targets/targets.mk``. The ``GluonTarget`` macro takes one to three arguments:
the target name, the Gluon subtarget name (if the target has subtargets), and the
LEDE subtarget name (if it differs from the Gluon subtarget). The third argument
can be used to define multiple Gluon targets with different configuration for the
same LEDE target, like it is done for the ``ar71xx-tiny`` target.
After this, is should be sufficient to call ``make GLUON_TARGET=<target>`` to build the images for the new target.

88
docs/dev/i18n.rst
View File

@ -1,88 +0,0 @@
Internationalization support
============================
General guidelines
------------------
* All config mode packages must be fully translatable, with complete English and German texts.
* All new expert mode packages be fully translatable. English texts are required, German texts recommended.
* Existing expert mode packages should be made translatable as soon as possible.
* The "message IDs" (which are the arguments to the ``translate`` function) should be the
English texts.
i18n support in LuCI
--------------------
Internationalization support can be found in the ``luci.i18n`` package.
Strings are translated using the ``i18n.translate`` and ``i18n.translatef`` functions
(``translate`` for static strings, ``translatef`` for printf-like formatted string).
Example from the ``gluon-config-mode-geo-location`` package::
local i18n = require "luci.i18n"
o = s:option(cbi.Flag, "_location", i18n.translate("Show node on the map"))
Adding translation templates to Gluon packages
----------------------------------------------
The i18n support is based on the standard gettext system. For each translatable package,
a translation template with extension ``.pot`` can be created using the ``i18n-scan.pl``
script from the LuCI repository::
cd package/gluon-config-mode-geo-location
mkdir i18n
cd i18n
../../../packages/luci/build/i18n-scan.pl ../files > gluon-config-mode-geo-location.pot
The entries in the template can be reordered after the generation if desirable. Lots of standard
translations like "Cancel" are already available in the LuCI base translation file (see
``packages/luci/po/templates/base.pot``) and can be removed from the template.
In addition, some additions to the Makefile must be made. Instead of OpenWrt's default package.mk,
the Gluon version ``$(GLUONDIR)/include/package.mk`` must be used. The i18n files must be installed
and PKG_CONFIG_DEPENDS must be added::
...
include $(GLUONDIR)/include/package.mk
PKG_CONFIG_DEPENDS += $(GLUON_I18N_CONFIG)
...
define Build/Compile
$(call GluonBuildI18N,gluon-config-mode-geo-location,i18n)
endef
define Package/gluon-config-mode-geo-location/install
...
$(call GluonInstallI18N,gluon-config-mode-geo-location,$(1))
endef
...
Adding translations
-------------------
A new translation file for a template can be added using the ``msginit`` command::
cd package/gluon-config-mode-geo-location/i18n
msginit -l de
This will create the file ``de.po`` in which the translations can be added.
The translation file can be updated to a new template version using the ``msgmerge`` command::
msgmerge -U de.po gluon-config-mode-geo-location.pot
After the merge, the translation file should be checked for "fuzzy matched" entries where
the original English texts have changed. All entries from the the translation file should be
translated in the ``.po`` file (or removed from it, so the original English texts are displayed
instead).
Adding support for new languages
--------------------------------
A list of all languages supported by LuCI can be found in the ``packages/luci/luci.mk`` file after
Gluon's dependencies have been downloaded using ``make update``. Adding translations for these
languages is straightforward using the ``msginit`` command.
For other languages, support must be added tu LuCI first, which constitutes completely translating
the ``base.pot``. Please contact the upstream LuCI maintainers if you'd like to do this.

18
docs/dev/mac_addresses.rst Normal file
View File

@ -0,0 +1,18 @@
MAC addresses
=============
Many devices don't have enough unique MAC addresses assigned by the vendor
(in batman-adv, each mesh interface needs an own MAC address that must be unique
mesh-wide).
Gluon tries to solve this issue by using a hash of the primary MAC address as a
45 bit MAC address prefix. The resulting 8 addresses are used as follows:
* 0: client0; WAN
* 1: mesh0
* 2: ibss0
* 3: wan_radio0 (private WLAN); batman-adv primary address
* 4: client1; LAN
* 5: mesh1
* 6: ibss1
* 7: wan_radio1 (private WLAN); mesh VPN

114
docs/dev/packages.rst Normal file
View File

@ -0,0 +1,114 @@
Package development
###################
Gluon packages are OpenWrt packages and follow the same rules described at https://openwrt.org/docs/guide-developer/packages.
Gluon package makefiles
=======================
As many packages share the same or a similar structure, Gluon provides a ``package/gluon.mk`` that
can be included for common definitions. This file replaces OpenWrt's ``$(INCLUDE_DIR)/package.mk``;
it is usually included as ``include ../gluon.mk`` from Gluon core packages, or as
``include $(TOPDIR)../package/gluon.mk`` from feeds.
Provided macros
***************
* *GluonBuildI18N* (arguments: *<source directory>*)
Converts the *.po* files for all enabled languages from the given source directory to
the binary *.lmo* format and stores them in ``$(PKG_BUILD_DIR)/i18n``.
* *GluonInstallI18N*
Install *.lmo* files from ``$(PKG_BUILD_DIR)/i18n`` to ``/lib/gluon/web/i18n`` in the
package install directory.
* *GluonSrcDiet* (arguments: *<source directory>*, *<destination directory>*)
Copies a directory tree, processing all files in it using *LuaSrcDiet*. The directory
tree should only contain Lua files.
* *GluonCheckSite* (arguments: *<source file>*)
Intended to be used in a package postinst script. It will use the passed Lua
snippet to verify package-specific site configuration.
* *BuildPackageGluon* (replaces *BuildPackage*)
Extends the *Package/<name>* definition with common defaults, sets the package
install script to the common *Gluon/Build/Install*, and automatically creates
a postinst script using *GluonCheckSite* if a ``check_site.lua`` is found in the
package directory.
Default build steps
*******************
These defaults greatly reduce the boilerplate in each package, but they can also
be confusing because of the many implicit behaviors depending on files in the
package directory. If any part of *Gluon/Build/Compile* or *Gluon/Build/Install*
does not work as intended for a package, the compile and install steps can
always be replaced or extended.
*Build/Compile* is set to *Gluon/Build/Compile* by default, which will
* run OpenWrt standard default commands (*Build/Compile/Default*) if a ``src/Makefile``
or ``src/CMakeLists.txt`` is found
* run *GluonSrcDiet* on all files in the ``luasrc`` directory
* run *GluonBuildI18N* if a ``i18n`` directory is found
*Package/<name>* defaults to *Gluon/Build/Install* for packages defined using
*BuildPackageGluon*, which will
* copy all files from ``$(PKG_INSTALL_DIR)`` into the package if ``$(PKG_INSTALL)`` is 1
* copy all files from ``files`` into the package
* copy all Lua files built from ``luasrc`` into the package
* installs ``$(PKG_BUILD_DIR)/respondd.so`` to ``/usr/lib/respondd/$(PKG_NAME).so`` if ``src/respondd.c`` exists
* installs compiled i18n *.lmo* files
Feature flags
=============
Feature flags provide a convenient way to define package selections without
making it necessary to list each package explicitly.
The main feature flag definition file is ``package/features``, but each package
feed can provide additional defintions in a file called ``features`` at the root
of the feed repository.
Each flag *$flag* without any explicit definition will simply include the package
with the name *gluon-$flag* by default. The feature definition file can modify
the package selection in two ways:
* The *nodefault* function suppresses default of including the *gluon-$flag*
package
* The *packages* function adds a list of packages (or removes, when package
names are prepended with minus signs) when a given logical expression
is satisfied
Example::
nodefault 'web-wizard'
packages 'web-wizard' \
'gluon-config-mode-hostname' \
'gluon-config-mode-geo-location' \
'gluon-config-mode-contact-info'
packages 'web-wizard & (mesh-vpn-fastd | mesh-vpn-tunneldigger)' \
'gluon-config-mode-mesh-vpn'
This will
* disable the inclusion of a (non-existent) package called *gluon-web-wizard*
* enable three config mode packages when the *web-wizard* feature is enabled
* enable *gluon-config-mode-mesh-vpn* when both *web-wizard* and one
of *mesh-vpn-fastd* and *mesh-vpn-tunneldigger* are enabled
Supported syntax elements of logical expressions are:
* \& (and)
* \| (or)
* \! (not)
* parentheses

36
docs/dev/site_library.rst Normal file
View File

@ -0,0 +1,36 @@
gluon.site library
==================
The *gluon.site* library allows convenient access to the site configuration
from Lua scripts. Example:
.. code-block:: lua
local site = require 'gluon.site'
print(site.wifi24.ap.ssid())
The *site* object in this example does not directly represent the *site.conf* data structure;
instead, it is wrapped in a way that makes it more convenient to access deeply nested elements.
To access the the underlying values, they must be unwrapped using the function call notation
(the ``()`` after ``site.wifi24.ap.ssid`` in the example).
The wrapper objects have two advantages over simple Lua tables:
* Accessing non-existing values is never an error: ``site.wifi24.ap.ssid()`` will simply
return *nil* if ``site.wifi24`` or ``site.wifi24.ap`` do not exist
* Default values: A default value can be passed to the unwrapping function call:
.. code-block:: lua
print(site.wifi24.ap.ssid('Default'))
will return *'Default'* instead of *nil* when the value is unset.
Note that *nil* values and unset values are equivalent in Lua.
A simple way to access the whole site configuration as a simple table
is to unwrap the top-level site object:
.. code-block:: lua
local site_table = site()

10
docs/dev/upgrade.rst
View File

@ -6,7 +6,7 @@ Basics
After each sysupgrade (including the initial installation), Gluon will execute all scripts
under ``/lib/gluon/upgrade``. These scripts' filenames usually begin with a 3-digit number
specifying the order of execution.
specifying the order of execution. Note that the script files need to be executable.
To get an overview of the ordering of all scripts of all packages, the helper script ``contrib/lsupgrade.sh``
in the Gluon repository can be used, which will print all upgrade scripts' filenames and directories. If executed
@ -16,17 +16,15 @@ Best practices
--------------
* Most upgrade scripts are written in Lua. This allows using lots of helper functions provided
by LuCi and Gluon, e.g. to access the site configuration or edit UCI configuration files.
by Gluon, e.g. to access the site configuration or edit UCI configuration files.
* Whenever possible, scripts shouldn't check if they are running for the first time, but just edit configuration
files to achive a valid configuration (without overwriting configuration changes made by the user where desirable).
files to achieve a valid configuration (without overwriting configuration changes made by the user where desirable).
This allows using the same code to create the initial configuration and upgrade configurations on upgrades.
* If it is unavoidable to run different code during the initial installation, the ``sysconfig.gluon_version`` variable
can be checked. This variable is ``nil`` during the initial installation and contains the previously install Gluon
version otherwise. The package ``gluon-legacy`` (which is responsible for upgrades from the old firmwares of
Hamburg/Kiel/Lübeck) uses the special value ``legacy``; other packages should handle this value just as any other
string.
version otherwise.
Script ordering
---------------

2
docs/dev/wan.rst
View File

@ -46,4 +46,4 @@ so the WAN DNS servers aren't leaked to the primary DNS daemon.
*libpacketmark* is used to make the secondary DNS daemon send its requests over the WAN interface.
The package ``gluon-mesh-vpn-fastd`` provides an iptables rule which will redirect all DNS requests from processes running
with the primary group ``gluon-fastd`` to ``127.0.0.1:54``, thus making fastd use the secondary DNS daemon.
with the primary group ``gluon-mesh-vpn`` to ``127.0.0.1:54``, thus making fastd use the secondary DNS daemon.

82
docs/dev/web/config-mode.rst Normal file
View File

@ -0,0 +1,82 @@
Config Mode
===========
The `Config Mode` consists of several modules that provide a range of different
condiguration options:
gluon-config-mode-core
This modules provides the core functionality for the config mode.
All modules must depend on it.
gluon-config-mode-hostname
Provides a hostname field.
gluon-config-mode-autoupdater
Informs whether the autoupdater is enabled.
gluon-config-mode-mesh-vpn
Allows toggling of mesh-vpn-fastd and setting a bandwidth limit.
gluon-config-mode-geo-location
Enables the user to set the geographical location of the node.
gluon-config-mode-contact-info
Adds a field where the user can provide contact information.
Writing Config Mode modules
~~~~~~~~~~~~~~~~~~~~~~~~~~~
Config mode modules are located at ``/lib/gluon/config-mode/wizard`` and
``/lib/gluon/config-mode/reboot``. Modules are named like ``0000-name.lua`` and
are executed in lexical order. In the standard package set, the
order is, for wizard modules:
- 0050-autoupdater-info
- 0100-hostname
- 0300-mesh-vpn
- 0400-geo-location
- 0500-contact-info
The reboot module order is:
- 0100-mesh-vpn
- 0900-msg-reboot
All modules are run in the gluon-web model context and have access to the same
variables as "full" gluon-web modules.
Wizards
-------
Wizard modules must return a function that is provided with the wizard form and an
UCI cursor. The function can create configuration sections in the form:
.. code-block:: lua
return function(form, uci)
local s = form:section(Section)
local o = s:option(Value, "hostname", "Hostname")
o.default = uci:get_first("system", "system", "hostname")
o.datatype = "hostname"
function o:write(data)
uci:set("system", uci:get_first("system", "system"), "hostname", data)
end
return {'system'}
end
The function may return a table of UCI packages to commit after the individual
fields' `write` methods have been executed. This is done to avoid committing the
packages repeatedly when multiple wizard modules modify the same package.
Reboot page
-----------
Reboot modules are simply executed when the reboot page is
rendered:
.. code-block:: lua
renderer.render_string("Hello World!")

123
docs/dev/web/controller.rst Normal file
View File

@ -0,0 +1,123 @@
Controllers
===========
Controllers live in ``/lib/gluon/web/controller``. They define which pages ("routes")
exist under the ``/cgi-bin/gluon`` path, and what code is run when these pages are requested.
Controller scripts usually start with a *package* declaration, followed by calls
to the *entry* function, which each define one route:
.. code-block:: lua
package 'gluon-web-admin'
entry({"admin"}, alias("admin", "info"), _("Advanced settings"), 10)
entry({"admin", "info"}, template("admin/info"), _("Information"), 1)
*package* defines the translation namespace for the titles of the defined
pages as well as the referenced views and models. The entry function expects 4
arguments:
- `path`: Components of the path to define a route for.
The above example defines routes for the paths ``admin`` and ``admin/info``.
- `target`: Dispatcher for the route. See the following section for details.
- `title`: Page title (also used in navigation). The underscore function is used
to mark the strings as translatable for ``i18n-scan.pl``.
- `order`: Sort index in navigation (defaults to 100)
Navigation indexes are automatically generated for each path level. Pages can be
hidden from the navigation by setting the `hidden` property of the node object
returned by `entry`:
.. code-block:: lua
entry({"hidden"}, alias("foo"), _("I'm hidden!")).hidden = true
Dispatchers
-----------
- *alias* (*path*, ...): Redirects to a different page. The path components are
passed as individual arguments.
- *call* (*func*, ...): Runs a Lua function for custom request handling. The given
function is called with the HTTP object and the template renderer as first
two arguments, followed by all additional arguments passed to `call`.
- *template* (*view*): Renders the given view. See :doc:`view`.
- *model* (*name*): Displays and evaluates a form as defined by the given model. See the
:doc:`model` page for an explanation of gluon-web models.
.. _web-controller-http:
The HTTP object
---------------
The HTTP object provides information about the HTTP requests and allows to add
data to the reply. Using it directly is rarely necessary when gluon-web
models and views are used.
Useful functions:
- *getenv* (*key*): Returns a value from the CGI environment passed by the webserver.
- *formvalue* (*key*): Returns a value passed in a query string or in the content
of a POST request. If multiple values with the same name have been passed, only
the first is returned.
- *formvaluetable* (*key*): Similar to *formvalue*, but returns a table of all
values for the given key.
- *status* (*code*, *message*): Writes the HTTP status to the reply. Has no effect
if a status has already been sent or non-header data has been written.
- *header* (*key*, *value*): Adds an HTTP header to the reply to be sent to to
the client. Has no effect when non-header data has already been written.
- *prepare_content* (*mime*): Sets the *Content-Type* header to the given MIME
type, potentially setting additional headers or modifying the MIME type to
accommodate browser quirks
- *write* (*data*, ...): Sends the given data to the client. If headers have not
been sent, it will be done before the data is written.
HTTP functions are called in method syntax, for example:
.. code-block:: lua
http:write('Output!')
.. _web-controller-template-renderer:
The template renderer
---------------------
The template renderer allows to render templates (views). The most useful functions
are:
- *render* (*view*, *scope*, *pkg*): Renders the given view, optionally passing a table
with additional variables to make available in the template. The passed package
defines the translation namespace.
- *render_string* (*str*, *scope*, *pkg*): Same as *render*, but the template is passed
directly instead of being loaded from the view directory.
The renderer functions are called in property syntax, for example:
.. code-block:: lua
renderer.render('layout')
Differences from LuCI
---------------------
- Controllers must not use the *module* function to define a Lua module (*gluon-web*
will set up a proper environment for each controller itself)
- Entries are defined at top level, not inside an *index* function
- The *alias* dispatcher triggers an HTTP redirect instead of directly running
the dispatcher of the aliased route.
- The *call* dispatcher is passed a function instead of a string with a function
name.
- The *cbi* dispatcher of LuCI has been renamed to *model*.
- The HTTP POST handler support the multipart/form-data encoding only, so
``enctype="multipart/form-data"`` must be included in all *<form>* HTML
elements.
- Other dispatchers like *form* are not provided.

109
docs/dev/web/i18n.rst Normal file
View File

@ -0,0 +1,109 @@
Internationalization support
============================
General guidelines
------------------
* All config mode packages must be fully translatable, with complete English and German texts.
* All new expert mode packages must be fully translatable. English texts are required.
* German translations are recommended. Other supported languages, especially French, are
nice-to-have, but not required. If you don't know a language well, rather leave the translation
blank, so it is obvious that there is no proper translation yet.
* Existing expert mode packages should be made translatable as soon as possible.
* The "message IDs" (which are the arguments to the *translate* function) should be the
English texts.
i18n support in Gluon
---------------------
Internationalization support is available in all components (models, view and
controllers) of *gluon-web*-based packages. Strings are translated using the *translate*,
*_translate* and *translatef* functions (*translate* for static strings, *translatef*
for printf-like formatted string; *_translate* works the same as *translate*, but
will return *nil* instead of the original string when no translation is available).
In views, the special tags ``<%:...%>`` can be used to translate the contained string.
Example from the *gluon-config-mode-geo-location* package:
.. code-block:: lua
local share_location = s:option(Flag, "location", translate("Show node on the map"))
Note that translations are *namespaced*: each package will only use its own
translation strings by default. For this purpose, the package name must by
specified in a package's controller. It is possible to access a different
translation package using the *i18n* function from models and view, which is
necessary when strings from the site configuration are used, or packages do not
have their own controller (which is the case for config mode wizard components).
.. code-block:: lua
local site_i18n = i18n 'gluon-site'
local msg = site_i18n._translate('gluon-config-mode:welcome')
Adding translation templates to Gluon packages
----------------------------------------------
The i18n support is based on the standard gettext system. For each translatable package,
a translation template with extension ``.pot`` can be created using the *i18n-scan.pl*
script in the ``contrib`` directory:
.. code-block:: sh
cd package/gluon-web-mesh-vpn-fastd
mkdir i18n
cd i18n
../../../contrib/i18n-scan.pl ../files ../luasrc > gluon-web-mesh-vpn-fastd.pot
The same command can be run again to update the template.
In addition, the Makefile must be adjusted. Instead of LEDE's default *package.mk*,
the Gluon version (``../gluon.mk`` for core packages) must be used. The i18n files must be installed
and PKG_CONFIG_DEPENDS must be added::
...
include ../gluon.mk
PKG_CONFIG_DEPENDS += $(GLUON_I18N_CONFIG)
...
define Build/Compile
$(call GluonBuildI18N,gluon-web-mesh-vpn-fastd,i18n)
endef
define Package/gluon-web-mesh-vpn-fastd/install
...
$(call GluonInstallI18N,gluon-web-mesh-vpn-fastd,$(1))
endef
...
Adding translations
-------------------
A new translation file for a template can be added using the *msginit* command:
.. code-block:: sh
cd package/gluon-web-mesh-vpn-fastd/i18n
msginit -l de
This will create the file *de.po* in which the translations can be added.
The translation file can be updated to a new template version using the *msgmerge* command:
.. code-block:: sh
msgmerge -U de.po gluon-web-mesh-vpn-fastd.pot
After the merge, the translation file should be checked for "fuzzy matched" entries where
the original English texts have changed. All entries from the translation file should be
translated in the *.po* file (or removed from it, so the original English texts are displayed
instead).
Adding support for new languages
--------------------------------
A list of all languages supported by *gluon-web* can be found in ``package/gluon.mk``.
New languages just need to be added to *GLUON_SUPPORTED_LANGS*, and a human-readable
language name must be defined.

148
docs/dev/web/model.rst Normal file
View File

@ -0,0 +1,148 @@
Models
======
Models are defined in ``/lib/gluon/web/model``. Each model defines one or more
forms to display on a page, and how the submitted form data is handled.
Let's start with an example:
.. code-block:: lua
local f = Form(translate('Hostname'))
local s = f:section(Section)
local o = s:option(Value, 'hostname', translate('Hostname'))
o.default = uci:get_first('system', 'system', 'hostname')
function o:write(data)
uci:set('system', uci:get_first('system', 'system'), 'hostname', data)
uci:commit('system')
end
return f
The toplevel element of a model is always a *Form*, but it is also possible for
a model to return multiple forms, which are displayed one below the other.
A *Form* has one or more *Sections*, and each *Section* has different types
of options.
All of these elements have an *id*, which is used to identify them in the HTML
form and handlers. If no ID is given, numerical IDs will be assigned automatically,
but using explicitly named elements is often advisable (and it is required if a
form does not always include the same elements, i.e., some forms, sections or
options are added conditionally). IDs are hierarchical, so in the above example,
the *Value* would get the ID ``1.1.hostname`` (value *hostname* in first section
of first form).
Classes and methods
-------------------
- *Form* (*title*, *description*, *id*)
- *Form:section* (*type*, *title*, *description*, *id*)
Creates a new section of the given type (usually *Section*).
- *Form:write* ()
Is called after the form has beed submitted (but only if the data is valid). It
is called last (after all options' *write* methods) and is usually used
to commit changed UCI packages.
The default implementation of *write* doesn't do anything, but it can be
overridden.
- *Section* (usually instanciated through *Form:section*)
- *Section:option* (*type*, *id*, *title*, *description*)
Creates a new option of the given type. Option types:
- *Value*: simple text entry
- *TextValue*: multiline text field
- *ListValue*: radio buttons or dropdown selection
- *DynamicList*: variable number of text entry fields
- *Flag*: checkbox
Most option types share the same properties and methods:
- *default*: default value
- *optional*: value may be empty
- *datatype*: one of the types described in :ref:`web-model-datatypes`
By default (when *datatype* is *nil*), all values are accepted.
- *state*: has one of the values *FORM_NODATA*, *FORM_VALID* and *FORM_INVALID*
when read in a form handler
An option that has not been submitted because of its dependencies will have
the state *FORM_NODATA*, *FORM_INVALID* if the submitted value is not valid
according to the set *datatype*, and *FORM_VALID* otherwise.
- *data*: can be read in form handlers to get the submitted value
- *depends* (*self*, *option*, *value*): adds a dependency on another option
The option will only be shown when the passed option has the given value. This
is mainly useful when the other value is a *Flag* or *ListValue*.
- *depends* (*self*, *deps*): adds a dependency on multiple other options
*deps* must be a table with options as keys and values as values. The option
will only be shown when all passed options have the corresponding values.
Multiple alternative dependencies can be added by calling *depends* repeatedly.
- *value* (*self*, *value*, *text*): adds a choice to a *ListValue*
- *write* (*self*, *data*): is called with the submitted value when all form data is valid.
Does not do anything by default, but can be overridden.
The *default* value, the *value* argument to *depends* and the output *data* always have
the same type, which is usually a string (or *nil* for optional values). Exceptions
are:
- *Flag* uses boolean values
- *DynamicList* uses a table of strings
Despite its name, the *datatype* setting does not affect the returned value type,
but only defines a validator the check the submitted value with.
For a more complete example that actually makes use of most of these features,
have a look at the model of the *gluon-web-network* package.
.. _web-model-datatypes:
Data types
----------
- *integer*: an integral number
- *uinteger*: an integral number greater than or equal to zero
- *float*: a number
- *ufloat*: a number greater than or equal to zero
- *ipaddr*: an IPv4 or IPv6 address
- *ip4addr*: an IPv4 address
- *ip6addr*: an IPv6 address
- *wpakey*: a string usable as a WPA key (either between 8 and 63 characters, or 64 hex digits)
- *range* (*min*, *max*): a number in the given range (inclusive)
- *min* (*min*): a number greater than or equal to the given minimum
- *max* (*max*): a number less than or equal to the given maximum
- *irange* (*min*, *max*): an integral number in the given range (inclusive)
- *imin* (*min*): an integral number greater than or equal to the given minimum
- *imax* (*max*): an integral number less than or equal to the given maximum
- *minlength* (*min*): a string with the given minimum length
- *maxlength* (*max*): a string with the given maximum length
Differences from LuCI
---------------------
- LuCI's *SimpleForm* and *SimpleSection* are called *Form* and *Section*, respectively
- Is it not possible to add options to a *Form* directly, a *Section* must always
be created explicitly
- Many of LuCI's CBI classes have been removed, most importantly the *Map*
- The *rmempty* option attribute does not exist, use *optional* instead
- Only the described data types are supported
- Form handlers work completely differently (in particular, a *Form*'s *handle*
method should usually not be overridden in *gluon-web*)

55
docs/dev/web/view.rst Normal file
View File

@ -0,0 +1,55 @@
Views
=====
The template parser reads views from ``/lib/gluon/web/view``. Writing own view
should be avoided in favour of using :doc:`model` with their predefined views.
Views are partial HTML pages, with additional template tags that allow
to embed Lua code and translation strings. The following tags are defined:
- ``<%`` ... ``%>`` evaluates the enclosed Lua expression.
- ``<%=`` ... ``%>`` evaluates the enclosed Lua expression and prints its value.
- ``<%+`` ... ``%>`` includes another template.
- ``<%:`` ... ``%>`` translates the enclosed string using the loaded i18n catalog.
- ``<%_`` ... ``%>`` translates the enclosed string *without escaping HTML entities*
in the translation. This only makes sense when the i18n catalog contains HTML code.
- ``<%#`` ... ``%>`` is a comment.
All of these also come in the whitespace-stripping variants ``<%-`` and ``-%>`` that
remove all whitespace before or after the tag.
Complex combinations of HTML and Lua code are possible, for example:
.. code-block:: text
<div>
<% if foo then %>
Content
<% end %>
</div>
Variables and functions
-----------------------
Many call sites define additional variables (for example, model templates can
access the model as *self* and a unique element ID as *id*), but the following
variables and functions should always be available for the embedded Lua code:
- *renderer*: :ref:`web-controller-template-renderer`
- *http*: :ref:`web-controller-http`
- *request*: Table containing the path components of the current page
- *url* (*path*): returns the URL for the given path, which is passed as a table of path components.
- *attr* (*key*, *value*): Returns a string of the form ``key="value"``
(with a leading space character before the key).
*value* is converted to a string (tables are serialized as JSON) and HTML entities
are escaped. Returns an empty string when *value* is *nil* or *false*.
- *include* (*template*): Includes another template.
- *node* (*path*, ...): Returns the controller node for the given page (passed as
one argument per path component).
Use ``node(unpack(request))`` to get the node for the current page.
- *pcdata* (*str*): Escapes HTML entities in the passed string.
- *urlencode* (*str*): Escapes the passed string for use in an URL.
- *translate*, *_translate*, *translatef* and *i18n*: see :doc:`i18n`

33
docs/features/autoupdater.rst
View File

@ -11,14 +11,24 @@ during development), but it can be enabled by setting the variable GLUON_BRANCH
to override the default branch set in the set in the site configuration.
A manifest file for the updater can be generated with `make manifest`. A signing script (using
ecdsautils) can by found in the `contrib` directory. When creating the manifest, ``GLUON_PRIORITY`` can
be set on the command line, or it can be taken from the ``site.mk``.
``ecdsautils``) can by found in the `contrib` directory. When creating the manifest, the
``PRIORITY`` value may be defined by setting ``GLUON_PRIORITY`` on the command line or in ``site.mk``.
The priority defines the maximum number of days that may pass between releasing an update and installation
of the images. The update probability will start at 0 after the release time mentioned in the manifest
and then slowly rise to 1 up to the point when the number of days given by the priority has passed.
``GLUON_PRIORITY`` defines the maximum number of days that may pass between releasing an update and installation
of the images. The update probability will start at 0 after the release time declared in the manifest file
by the variable DATE and then slowly rise up to 1 when ``GLUON_PRIORITY`` days have passed. The autoupdater checks
for updates hourly (at a random minute of the hour), but usually only updates during its run between
4am and 5am, except when the whole ``GLUON_PRIORITY`` days and another 24 hours have passed.
The priority may be an integer or a decimal fraction.
``GLUON_PRIORITY`` may be an integer or a decimal fraction.
If ``GLUON_RELEASE`` is passed to ``make`` explicitly or it is generated dynamically
in ``site.mk``, care must be taken to pass the same ``GLUON_RELEASE`` to ``make manifest``,
as otherwise the generated manifest will be incomplete.
Automated nightly builds
------------------------
A fully automated nightly build could use the following commands:
@ -28,8 +38,9 @@ A fully automated nightly build could use the following commands:
(cd site && git pull)
make update
make clean
make -j5 GLUON_TARGET=ar71xx-generic GLUON_BRANCH=experimental
make manifest GLUON_BRANCH=experimental
NUM_CORES_PLUS_ONE=$(expr $(nproc) + 1)
make -j$NUM_CORES_PLUS_ONE GLUON_TARGET=ar71xx-generic GLUON_BRANCH=experimental
make manifest GLUON_BRANCH=$GLUON_BRANCH GLUON_RELEASE=$GLUON_RELEASE
contrib/sign.sh $SECRETKEY output/images/sysupgrade/experimental.manifest
rm -rf /where/to/put/this/experimental
@ -73,8 +84,6 @@ These commands can be used on a node:
::
# If fallback is true the updater will perform an update only if
# the timespan given by the priority and another 24h have passed
# If fallback is true the updater will perform an update only if the timespan
# PRIORITY days (as defined in the manifest) and another 24h have passed
autoupdater --fallback

26
docs/features/dns-forwarder.rst Normal file
View File

@ -0,0 +1,26 @@
DNS forwarder
=============
A Gluon node can be configured to act as a DNS forwarder. Requests for the
next-node hostname(s) can be answered locally, without querying the upstream
resolver.
**Note:** While this reduces answer time and allows to use the next-node
hostname without upstream connectivity, this feature should not be used for
next-node hostnames that are FQDN when the zone uses DNSSEC.
One or more upstream resolvers can be configured in the *dns.servers* setting.
When *next_node.name* is set, A and/or AAAA records for the next-node IP
addresses are placed in the dnsmasq configuration.
::
dns = {
servers = { '2001:db8::1', },
},
next_node = {
name = { 'nextnode.location.community.example.org', 'nextnode', 'nn' },
ip6 = '2001:db8:8::1',
ip4 = '198.51.100.1',
}

BIN
docs/features/fastd_mode.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 28 KiB

4
docs/features/monitoring.rst
View File

@ -45,7 +45,7 @@ retrieve the data you'll need both a local alfred daemon and alfred-json_
installed. Please note that at least one alfred daemon is required to run as
`master`.
.. _alfred-json: https://github.com/tcatm/alfred-json
.. _alfred-json: https://github.com/ffnord/alfred-json
The following datatypes are used:
@ -97,7 +97,7 @@ In order to retrieve statistics data you could run:
You can find more information about alfred in its README_.
.. _README: http://www.open-mesh.org/projects/alfred/repository/revisions/master/entry/README
.. _README: https://git.open-mesh.org/alfred.git/blob_plain/refs/heads/master:/README
gluon-respondd
~~~~~~~~~~~~~~

272
docs/features/multidomain.rst Normal file
View File

@ -0,0 +1,272 @@
Multidomain Support
===================
Preamble
--------
There comes a time when a mesh network grows past sensible boundaries.
As broadcast traffic grows, mesh networks experience scaling issues and
using them becomes very unpleasant. An approach to solve this follows
the well-known “divide and conquer” paradigm and splits a large network
into multiple smaller networks. These smaller networks start with a
dedicated layer 2 network each, which are interconnected via their
gateways by layer 3 routing. Gluon is already field-tested handling a
single domain and the multidomain feature allows for the reconfiguration
of key parameters that decide which domain a node participates in,
without the need of a distinct set of firmware images for each mesh domain.
Overview
--------
Multidomain support allows to build a single firmware with multiple,
switchable domain configurations. The nomenclature is as follows:
- ``site``: an aggregate over multiple domains
- ``domain``: mesh network with connectivity parameters that prevent
accidental bridging with other domains
- ``domain code``: unique domain identifier
- ``domain name``: pretty name for a domain code
By default Gluon builds firmware with a single domain embedded into
``site.conf``. To use multiple domains, enable it in ``site.mk``:
::
GLUON_MULTIDOMAIN=1
In the site repository, create the ``domains/`` directory, which will
hold your domain configurations. Each domain configuration file is named
after its primary ``domain_code``, additional domain codes and names are
supported.
::
site/
|-- site.conf
|-- site.mk
|-- i18n/
|-- domains/
|-- alpha_centauri.conf
|-- beta_centauri.conf
|-- gamma_centauri.conf
The domain configuration ``alpha_centauri.conf`` could look like this.
::
{
domain_names = {
alpha_centauri = 'Alpha Centauri'
},
-- more domain specific config follows below
}
In this example “Alpha Centauri” is the user-visible ``domain_name`` for the
domain_code ``alpha_centauri``. Also note that the domain code
``alpha_centauri`` matches the filename ``alpha_centauri.conf``.
Additional domain codes/names can be added to ``domain_names``, which
are treated as aliases for the their domain configuration. Aliases can
be used to offer more fine-grained and well-recognizable domain choices
to users. Having multiple aliases on a single domain is a helpful
precursor to splitting the domain into even smaller blocks.
Furthermore you have to specify the ``default_domain`` in the ``site.conf``.
This domain is applied in following cases:
- When the config mode is skipped.
- When a domain is removed in a new firmware release, the default_domain
will be chosen then.
- When a user selects a wrong domain code via uci.
Please note, that this value is saved to uci, so changing the `default_domain`
value in the `site.conf` in a new firmware release only affects the actual
domain of a router, if and only if one of the above conditions matches.
Switching the domain
--------------------
**via commandline**:
::
uci set gluon.core.domain="newdomaincode"
gluon-reconfigure
reboot
**via config mode:**
To allow switching the domain via config mode, ``config-mode-domain-select``
has to be added to GLUON_FEATURES in the site.mk.
|image0|
Allowed site variables
----------------------
Internally the site variables are merged from the ``site.conf`` and the
selected ``domain.conf``, so the most variables are also allowed in
``site.conf`` and in ``domain.conf``. But there are some exceptions,
which do not make sense in a domain or site specific way. The following
sections give an overview over variables that are only usable in either
site or domain context.
site.conf only variables
^^^^^^^^^^^^^^^^^^^^^^^^
- Used in as initial default values, when the firmware was just flashed
and/or the config mode is skipped, so they do not make sense in a
domain specific way:
- authorized_keys
- default_domain
- poe_passthrough
- mesh_on_wan
- mesh_on_lan
- single_as_lan
- setup_mode.skip
- autoupdater.branch
- mesh_vpn.enabled
- mesh_vpn.pubkey_privacy
- mesh_vpn.bandwidth_limit
- mesh_vpn.bandwidth_limit.enabled
- mesh_vpn.bandwidth_limit.ingress
- mesh_vpn.bandwidth_limit.egress
- Variables that influence the appearance of the config mode,
domain-independent because they are relevant before a domain was selected.
- config_mode.geo_location.show_altitude
- config_mode.hostname.optional
- config_mode.remote_login
- config_mode.remote_login.show_password_form
- config_mode.remote_login.min_password_length
- hostname_prefix
- mesh_vpn.fastd.configurable
- roles.default
- roles.list
- Specific to a firmware build itself:
- site_code
- site_name
- autoupdater.branches.*.name
- autoupdater.branches.*.good_signatures
- autoupdater.branches.*.pubkeys
- We simply do not see any reason, why these variables could be helpful
in a domain specific way:
- mesh_vpn.fastd.syslog_level
- wifi*.ibss.supported_basic_rates
- wifi*.mesh.supported_basic_rates
- timezone
- regdom
domain.conf only variables
^^^^^^^^^^^^^^^^^^^^^^^^^^
- Obviously:
- domain_names
- a table of domain codes to domain names
``domain_names = { foo = 'Foo Domain', bar = 'Bar Domain', baz = 'Baz Domain' }``
- hide_domain
- prevents a domain name(s) from appearing in config mode, either
boolean or array of domain codes
- ``true``, ``false``
- ``{ 'foo', 'bar' }``
- Because each domain is considered as an own layer 2 network, these
values should be different in each domain:
- next_node.ip4
- next_node.ip6
- next_node.name
- prefix6
- prefix4
- extra_prefixes6
- To prevent accidential bridging of different domains, all meshing
technologies should be seperated:
- domain_seed (wired mesh)
- must be a random value used to derive the vxlan id for wired meshing
- wifi*.ibss.ssid
- wifi*.ibss.bssid
- wifi*.mesh.id
- mesh_vpn.fastd.groups.*.peers.remotes
- mesh_vpn.fastd.groups.*.peers.key
- mesh_vpn.tunneldigger.brokers
- Clients consider WiFi networks sharing the same ESSID as if they were
the same L2 network and try to reconfirm and reuse previous
addressing. If multiple neighbouring domains shared the same ESSID,
the roaming experience of clients would degrade.
- wifi*.ap.ssid
- Some values should be only set in legacy domains and not in new domains.
- mesh.vxlan
- By default, this value is `true`. It should be only set to `false`
for one legacy domain, since vxlan prevents accidental wired
merges of domains. For old domains this value is still available
to keep compatibility between all nodes in one domain.
- next_node.mac
- For new domains, the default value should be used, since there is
no need for a special mac (or domain specific mac). For old domains
this value is still available to keep compatibility between all
nodes in one domain.
Example config
--------------
site.mk
^^^^^^^
.. literalinclude:: ../multidomain-site-example/site.mk
:language: makefile
site.conf
^^^^^^^^^
.. literalinclude:: ../multidomain-site-example/site.conf
:language: lua
domains/alpha_centauri.conf
^^^^^^^^^^^^^^^^^^^^^^^^^^^
.. literalinclude:: ../multidomain-site-example/domains/alpha_centauri.conf
:language: lua
i18n/en.po
^^^^^^^^^^
.. literalinclude:: ../multidomain-site-example/i18n/en.po
:language: po
i18n/de.po
^^^^^^^^^^
.. literalinclude:: ../multidomain-site-example/i18n/de.po
:language: po
modules
^^^^^^^
.. literalinclude:: ../multidomain-site-example/modules
:language: makefile
.. |image0| image:: multidomain_configmode.gif

BIN
docs/features/multidomain_configmode.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 57 KiB

23
docs/features/private-wlan.rst
View File

@ -4,17 +4,22 @@ Private WLAN
It is possible to set up a private WLAN that bridges the WAN port and is seperated from the mesh network.
Please note that you should not enable ``mesh_on_wan`` simultaneously.
The private WLAN can be enabled through the config mode if the package ``gluon-luci-private-wifi`` is installed.
The private WLAN can be enabled through the config mode if the package ``gluon-web-private-wifi`` is installed.
You may also enable a private WLAN using the command line::
uci set wireless.wan_radio0=wifi-iface
uci set wireless.wan_radio0.device=radio0
uci set wireless.wan_radio0.network=wan
uci set wireless.wan_radio0.mode=ap
uci set wireless.wan_radio0.encryption=psk2
uci set wireless.wan_radio0.ssid="$SSID"
uci set wireless.wan_radio0.key="$KEY"
uci set wireless.wan_radio0.disabled=0
RID=0
SSID="privateWLANname"
KEY="yoursecret1337password"
uci set wireless.wan_radio$RID=wifi-iface
uci set wireless.wan_radio$RID.device=radio$RID
uci set wireless.wan_radio$RID.network=wan
uci set wireless.wan_radio$RID.mode=ap
uci set wireless.wan_radio$RID.encryption=psk2
uci set wireless.wan_radio$RID.ssid="$SSID"
uci set wireless.wan_radio$RID.key="$KEY"
uci set wireless.wan_radio$RID.disabled=0
uci set wireless.wan_radio$RID.macaddr="$($(echo "lua -e print(require('gluon.util').generate_mac(3+4*$RID))"))"
uci commit
wifi

16
docs/features/roles.rst
View File

@ -11,18 +11,20 @@ For this the section ``roles`` in ``site.conf`` is needed::
roles = {
default = 'node',
list = {
node = 'Normal Node',
test = 'Test Node',
backbone = 'Backbone Node',
service = 'Service Node',
'node',
'test',
'backbone',
'service',
},
},
The strings to display in the web interface are configured per language in the
``i18n/en.po``, ``i18n/de.po``, etc. files of the site repository using message IDs like
``gluon-web-node-role:role:node`` and ``gluon-web-node-role:role:backbone``.
The value of ``default`` is the role every node will initially own. This value should be part of ``list`` as well.
If you want node owners to change the defined roles via config-mode you can add the package
``gluon-luci-node-role`` to your ``site.mk``. Then, you can select one of the defined roles from a dropdown list
where the right-handed value is the one which is displayed and the left-handed key the one which is configured into
the system.
``gluon-web-node-role`` to your ``site.mk``.
The role is saved in ``gluon-node-info.system.role``. To change the role using command line do::

57
docs/features/vpn.rst Normal file
View File

@ -0,0 +1,57 @@
Mesh-VPN
========
Gluon integrates several OSI-Layer 2 tunneling protocols to
enable interconnects between local meshes and provide
internetwork access. Available protocols currently are:
- fastd
- L2TPv3 (via tunneldigger)
fastd is a lightweight userspace tunneling daemon, that
implements cipher suites that are specifically designed
to work well on embedded devices. It offers encryption
and authentication. Its primary drawback are the necessary
context-switches when forwarding packets.
L2TPv3 is an in-kernel tunneling protocol that performs well,
but offers no security properties by itself.
The brokering of the tunnel happens through tunneldigger,
its primary drawback being the lack of IPv6 support.
fastd
-----
Configurable Cipher
^^^^^^^^^^^^^^^^^^^
From the site configuration fastd can be allowed to offer
toggleable encryption in the config mode with the intent to
increase throughput, although in practice the gain is minimal.
**Site configuration:**
1) Install ``gluon-web-mesh-vpn-fastd`` in ``site.mk``
2) Set ``mesh_vpn.fastd.configurable = true`` in ``site.conf``
**Gateway configuration:**
1) Prepend the ``null`` cipher in fastd's method list
**Config Mode:**
The resulting firmware will allow users to choose between secure (encrypted) and fast (unencrypted) transport.
.. image:: fastd_mode.gif
**Unix socket:**
To confirm whether the correct cipher is being used, fastds unix
socket can be interrogated, after installing for example `socat`.
::
opkg update
opkg install socat
socat - UNIX-CONNECT:/var/run/fastd.mesh_vpn.socket

80
docs/features/wired-mesh.rst
View File

@ -1,8 +1,8 @@
Wired mesh (Mesh-on-WAN/LAN)
============================
############################
In addition to meshing over WLAN and VPN, it is also possible to
configured wired meshing over the LAN or WAN ports. This allows
configure wired meshing over the LAN or WAN ports. This allows
nodes to be connected directly or over wireless bridges.
Mesh-on-WAN can be enabled in addition to the mesh VPN, so multiple nodes
@ -11,55 +11,77 @@ Enabling Mesh-on-WAN should be avoided if the local network is also bridged with
a WLAN access point, as meshing over batman-adv causes large amounts of
multicast traffic, which will take up a lot of airtime.
Enabling Mesh-on-LAN will replace the normal "client network" function
Enabling Mesh-on-LAN replaces the normal "client network" function
of the LAN ports, as client network ports may never be connected (so care must be taken to always
enable Mesh-on-LAN before connecting two nodes' LAN ports).
Wired mesh encapsulation
************************
Since version 2018.1, Gluon supports encapsulating wired mesh traffic in
`VXLAN <https://en.wikipedia.org/wiki/Virtual_Extensible_LAN>`_, a new standard with
usecases similar to VLANs, but a much greater ID space of 24bit; in addition, VXLAN
packets pass through VLAN-aware switches without any special configuration.
Encapsulating mesh traffic has two advantages:
* By using a different VXLAN ID for each site and mesh domain, accidental
wired mesh connections between nodes of different domains will be prevented.
This has special importance when nodes migrate between domains automatically,
as currently possible through different site-specific packages.
* While batman-adv traffic does not interact with non-mesh traffic in the same wired
network in any way (so Gluon nodes can mesh over existing wired networks), this is
not the case for layer 3 mesh protocols like Babel. Encapsulating the traffic allows
to distinguish mesh traffic from unrelated packets.
As enabling VXLAN encapsulation will prevent wired mesh communication with old nodes
that do not support VXLAN yet, VXLANs can be enabled per-domain using the site configuration
setting *mesh.vxlan*. VXLAN is enabled by default in multidomain setups; in single-domain
site configurations, the *mesh.vxlan* setting is mandatory. We recommend to enable
VXLAN encapsulation in all new sites and domains.
Non-encapsulated ("legacy") wired meshing will be removed in a future Gluon release.
We cannot give a concrete timeframe for the removal yet; a missing prerequisite is the
implementation of a robust migration path for existing deployments.
Configuration
~~~~~~~~~~~~~
*************
Both Mesh-on-WAN and Mesh-on-LAN can be configured on the "Network" page
of the *Expert Mode* (if the package ``gluon-luci-portconfig`` is installed).
of the *Advanced settings* (if the package ``gluon-web-network`` is installed).
It is also possible to enable Mesh-on-WAN and Mesh-on-LAN by default by
adding ``mesh_on_wan = true`` and ``mesh_on_lan = true`` to ``site.conf``.
Commandline configuration
-------------------------
Commandline
===========
Mesh-on-WAN
...........
Enable Mesh-on-WAN::
It's possible to enable Mesh-on-WAN like this::
uci set network.mesh_wan.disabled=0
uci commit network
uci set network.mesh_wan.auto=1
uci commit
Disable Mesh-on-WAN::
It may be disabled by running::
uci set network.mesh_wan.disabled=1
uci commit network
uci set network.mesh_wan.auto=0
uci commit
Enable Mesh-on-LAN::
Mesh-on-LAN
...........
Configuring Mesh-on-LAN is a bit more complicated::
uci set network.mesh_lan.auto=1
uci set network.mesh_lan.disabled=0
for ifname in $(cat /lib/gluon/core/sysconfig/lan_ifname); do
uci del_list network.client.ifname=$ifname
done
uci commit
uci commit network
It may be disabled by running::
Disable Mesh-on-LAN::
uci set network.mesh_lan.auto=0
uci set network.mesh_lan.disabled=1
for ifname in $(cat /lib/gluon/core/sysconfig/lan_ifname); do
uci add_list network.client.ifname=$ifname
done
uci commit
uci commit network
Please note that this configuration has changed in Gluon v2016.1. Using
the old commands on v2016.1 will break the corresponding Expert Mode
settings.
Please note that this configuration has changed in Gluon 2016.1. Using
the old commands on 2016.1 and later will break the corresponding options
in the *Advanced settings*.

2
docs/features/wlan-configuration.rst
View File

@ -13,7 +13,7 @@ Upgrade behaviour
For each of these networks, the site configuration may define a `disabled` flag (by
default, all configured networks are enabled). This flag is merely a default setting,
on upgrades the existing setting is always retained (as this setting may have been changed
by the user). This means that is is not possible to enable or disable an existing network
by the user). This means that it is not possible to enable or disable an existing network
configurations during upgrades.
For the "mesh" and "ibss" networks, the default setting only has an effect if none

290
docs/index.rst
View File

@ -5,10 +5,8 @@ Gluon is a modular framework for creating OpenWrt-based firmwares for wireless m
Several Freifunk communities in Germany use Gluon as the foundation of their Freifunk firmwares.
User Documentation
------------------
.. toctree::
:caption: User Documentation
:maxdepth: 2
user/getting_started
@ -16,10 +14,8 @@ User Documentation
user/x86
user/faq
Features
--------
.. toctree::
:caption: Features
:maxdepth: 2
features/configmode
@ -27,40 +23,72 @@ Features
features/wlan-configuration
features/private-wlan
features/wired-mesh
features/dns-forwarder
features/monitoring
features/multidomain
features/authorized-keys
features/roles
Developer Documentation
-----------------------
features/vpn
.. toctree::
:caption: Developer Documentation
:maxdepth: 2
dev/basics
dev/hardware
dev/packages
dev/upgrade
dev/configmode
dev/wan
dev/i18n
Packages
--------
dev/mac_addresses
dev/site_library
.. toctree::
:caption: gluon-web Reference
:maxdepth: 1
dev/web/controller
dev/web/model
dev/web/view
dev/web/i18n
dev/web/config-mode
.. toctree::
:caption: Packages
:maxdepth: 1
package/gluon-client-bridge
package/gluon-config-mode-geo-location
package/gluon-config-mode-domain-select
package/gluon-ebtables-filter-multicast
package/gluon-ebtables-filter-ra-dhcp
Releases
--------
package/gluon-ebtables-limit-arp
package/gluon-ebtables-source-filter
package/gluon-radv-filterd
package/gluon-web-admin
package/gluon-web-logging
.. toctree::
:caption: Releases
:maxdepth: 1
releases/v2018.1
releases/v2017.1.8
releases/v2017.1.7
releases/v2017.1.6
releases/v2017.1.5
releases/v2017.1.4
releases/v2017.1.3
releases/v2017.1.2
releases/v2017.1.1
releases/v2017.1
releases/v2016.2.7
releases/v2016.2.6
releases/v2016.2.5
releases/v2016.2.4
releases/v2016.2.3
releases/v2016.2.2
releases/v2016.2.1
releases/v2016.2
releases/v2016.1.6
releases/v2016.1.5
releases/v2016.1.4
releases/v2016.1.3
@ -88,34 +116,40 @@ ar71xx-generic
* ALFA Network
- AP121
- AP121F
- AP121U
- Hornet-UB
- Tube2H
- N2
- N5
* Allnet
- ALL0315N
* AVM
- Fritz!Box 4020
* Buffalo
- WZR-HP-AG300H / WZR-600DHP
- WZR-HP-G300NH
- WZR-HP-G300NH2
- WZR-HP-G450H
* Cisco Meraki
- MR12 / MR62
- MR16 / MR66
* D-Link
- DIR-505 (A1)
- DIR-615 (C1)
- DIR-505 (A1, A2)
- DIR-825 (B1)
* GL-Inet
* GL Innovations
- 6408A (v1)
- 6416A (v1)
- GL-AR150
- GL-AR300M
- GL-AR750 [#ath10k]_
- GL-iNet 6408A (v1)
- GL-iNet 6416A (v1)
* Linksys
@ -123,7 +157,7 @@ ar71xx-generic
* Netgear
- WNDR3700 (v1, v2)
- WNDR3700 (v1, v2, v5)
- WNDR3800
- WNDRMAC (v2)
@ -133,65 +167,59 @@ ar71xx-generic
* OpenMesh
- MR1750
- A40
- A60
- MR600 (v1, v2)
- MR900 (v1, v2)
- OM2P (v1, v2)
- OM2P-HS (v1, v2)
- MR1750 (v1, v2) [#ath10k]_
- OM2P (v1, v2, v4)
- OM2P-HS (v1, v2, v3, v4)
- OM2P-LC
- OM5P
- OM5P-AC (v1, v2)
- OM5P-AN
- OM5P-AC (v1, v2) [#ath10k]_
* TP-Link
- CPE210 (v1.0, v1.1)
- CPE220 (v1.0, v1.1)
- Archer C5 (v1) [#ath10k]_
- Archer C59 (v1) [#80211s]_
- Archer C7 (v2, v4) [#ath10k]_
- CPE210 (v1.0, v1.1, v2.0)
- CPE220 (v1.1)
- CPE510 (v1.0, v1.1)
- CPE520 (v1.0, v1.1)
- TL-MR13U (v1)
- TL-MR3020 (v1)
- TL-MR3040 (v1, v2)
- TL-MR3220 (v1, v2)
- TL-MR3420 (v1, v2)
- TL-WA701N/ND (v1, v2)
- TL-WA750RE (v1)
- TL-WA7510N (v1)
- TL-WA801N/ND (v1, v2)
- TL-WA830RE (v1, v2)
- TL-WA850RE (v1)
- TL-WA860RE (v1)
- TL-WA901N/ND (v1, v2, v3)
- CPE520 (v1.1)
- RE450 [#ath10k]_
- TL-WDR3500 (v1)
- TL-WDR3600 (v1)
- TL-WDR4300 (v1)
- TL-WR703N (v1)
- TL-WR710N (v1, v2)
- TL-WR740N (v1, v3, v4, v5)
- TL-WR741N/ND (v1, v2, v4, v5)
- TL-WR743N/ND (v1, v2)
- TL-WR801N/ND (v1, v2)
- TL-WR841N/ND (v3, v5, v7, v8, v9, v10, v11)
- TL-WR842N/ND (v1, v2)
- TL-WR843N/ND (v1)
- TL-WR940N (v1, v2, v3)
- TL-WR941ND (v2, v3, v4, v5, v6)
- TL-WR1043N/ND (v1, v2, v3)
- TL-WR710N (v1, v2.1)
- TL-WR842N/ND (v1, v2, v3)
- TL-WR1043N/ND (v1, v2, v3, v4, v5)
- TL-WR2543N/ND (v1)
- WBS210 (v1.20)
- WBS510 (v1.20)
* Ubiquiti
- Air Gateway
- Air Gateway LR
- Air Gateway PRO
- Air Router
- Bullet M
- Loco M
- Loco M XW
- Nanostation M
- Nanostation M XW
- Picostation M
- Rocket M
- Rocket M XW
- Bullet M2/M5
- Loco M2/M5
- Loco M2/M5 XW
- Nanostation M2/M5
- Nanostation M2/M5 XW
- Picostation M2/M5
- Rocket M2/M5
- Rocket M2/M5 Ti
- Rocket M2/M5 XW
- UniFi AC Mesh [#ath10k]_
- UniFi AP
- UniFi AP AC Lite [#ath10k]_
- UniFi AP AC LR [#ath10k]_
- UniFi AP AC Pro [#ath10k]_
- UniFi AP LR
- UniFi AP Pro
- UniFi AP Outdoor
- UniFi AP Outdoor+
@ -209,6 +237,61 @@ ar71xx-nand
- WNDR3700 (v4)
- WNDR4300 (v1)
* ZyXEL
- NBG6716 [#ath10k]_
ar71xx-tiny
^^^^^^^^^^^
* D-Link
- DIR-615 (C1)
* TP-Link
- TL-MR13U (v1)
- TL-MR3020 (v1)
- TL-MR3040 (v1, v2)
- TL-MR3220 (v1, v2)
- TL-MR3420 (v1, v2)
- TL-WA701N/ND (v1, v2)
- TL-WA730RE (v1)
- TL-WA750RE (v1)
- TL-WA801N/ND (v1, v2, v3)
- TL-WA830RE (v1, v2)
- TL-WA850RE (v1)
- TL-WA860RE (v1)
- TL-WA901N/ND (v1, v2, v3, v4, v5)
- TL-WA7210N (v2)
- TL-WA7510N (v1)
- TL-WR703N (v1)
- TL-WR710N (v1, v2, v2.1)
- TL-WR740N (v1, v3, v4, v5)
- TL-WR741N/ND (v1, v2, v4, v5)
- TL-WR743N/ND (v1, v2)
- TL-WR841N/ND (v3, v5, v7, v8, v9, v10, v11, v12)
- TL-WR843N/ND (v1)
- TL-WR940N (v1, v2, v3, v4, v5, v6)
- TL-WR941ND (v2, v3, v4, v5, v6)
brcm2708-bcm2708
^^^^^^^^^^^^^^^^
* RaspberryPi 1
brcm2708-bcm2709
^^^^^^^^^^^^^^^^
* RaspberryPi 2
ipq806x
^^^^^^^
* TP-Link
- Archer C2600 [#80211s]_
mpc85xx-generic
^^^^^^^^^^^^^^^
@ -216,34 +299,87 @@ mpc85xx-generic
- TL-WDR4900 (v1)
ramips-mt7620
^^^^^^^^^^^^^
* GL Innovations
- GL-MT300A [#80211s]_
- GL-MT300N [#80211s]_
- GL-MT750 [#80211s]_
ramips-mt7621
^^^^^^^^^^^^^
* Ubiquiti
- EdgeRouter X
- EdgeRouter X-SFP
ramips-mt7628
^^^^^^^^^^^^^
* VoCore
- VoCore2 [#80211s]_
ramips-rt305x
^^^^^^^^^^^^^
* A5-V11 [#80211s]_
* D-Link
- DIR-615 (D1, D2, D3, D4, H1) [#80211s]_
* VoCore
- VoCore (8M) [#80211s]_
- VoCore (16M) [#80211s]_
sunxi
^^^^^
* LeMaker
- Banana Pi M1
x86-generic
^^^^^^^^^^^
* x86-generic
* x86-virtualbox
* x86-vmware
See also: :doc:`user/x86`
x86-kvm_guest
^^^^^^^^^^^^^
* x86-kvm
x86-geode
^^^^^^^^^
See also: :doc:`user/x86`
x86-xen_domu
^^^^^^^^^^^^
* x86-xen
* x86-geode
See also: :doc:`user/x86`
x86-64
^^^^^^
* x86-64-generic
* x86-64-virtualbox
* x86-64-vmware
See also: :doc:`user/x86`
Footnotes
^^^^^^^^^
.. [#ath10k]
Device uses the ath10k WLAN driver; images are built for 11s by default unless GLUON_WLAN_MESH
is set as described in :ref:`getting-started-make-variables`
.. [#80211s]
Device does not support IBSS; images are built by default unless GLUON_WLAN_MESH
is explicitly set to something other than *11s*
License
-------

62
docs/multidomain-site-example/domains/alpha_centauri.conf Normal file
View File

@ -0,0 +1,62 @@
{
-- multiple codes/names can be defined, the first one is the primary name
-- additional aliases can be defined
domain_names = {
alpha_centauri = 'Alpha Centauri',
rigil_kentaurus = 'Rigil Kentaurus',
proxima_centauri = 'Proxima Centauri',
},
-- 32 byte random data in hexadecimal encoding
-- This data must be unique among all sites and domains!
-- Can be generated using: echo $(hexdump -v -n 32 -e '1/1 "%02x"' </dev/urandom)
domain_seed = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx',
-- unique network prefixes per domain
prefix4 = '10.xxx.0.0/20',
prefix6 = 'fdxx:xxxx:xxxx:xxxx::/64',
next_node = {
ip4 = '10.xxx.yyy.zzz',
ip6 = 'fdxx:xxxx:xxxx:xxxx::xxxx',
},
wifi24= {
ap = {
ssid = "alpha-centauri.example.org",
channel = 1,
},
mesh = {
id = 'ueH3uXjdp', -- usually you don't want users to connect to this mesh-SSID, so use a cryptic id that no one will accidentally mistake for the client WiFi
},
},
wifi5= {
ap = {
ssid = "alpha-centauri.example.org",
channel = 44,
},
mesh = {
id = 'ueH3uXjdp',
},
},
mesh_vpn = {
fastd = {
groups = {
backbone = {
peers = {
peer1 = {
key = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx',
remotes = {'"peer1.example.org" port xxxxx'},
},
peer2 = {
key = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx',
remotes = {'"peer2.example.org" port xxxxx'},
},
},
},
},
},
},
}

1
docs/multidomain-site-example/i18n Symbolic link
View File

@ -0,0 +1 @@
../site-example/i18n/

1
docs/multidomain-site-example/modules Symbolic link
View File

@ -0,0 +1 @@
../site-example/modules

52
docs/multidomain-site-example/site.conf Normal file
View File

@ -0,0 +1,52 @@
{
site_name = 'Centauri Mesh',
site_code = 'centauri',
default_domain = 'alpha_centauri',
timezone = 'CET-1CEST,M3.5.0,M10.5.0/3',
ntp_server = {'ntp1.example.org', 'ntp2.example.org'},
regdom = 'DE',
wifi24 = {
mesh = {
mcast_rate = 12000,
},
},
wifi5 = {
mesh = {
mcast_rate = 12000,
},
},
mesh_vpn = {
mtu = 1312,
fastd = {
methods = {'salsa2012+umac'},
},
bandwidth_limit = {
enabled = false,
egress = 200, -- kbit/s
ingress = 3000, -- kbit/s
},
},
autoupdater = {
branch = 'stable',
branches = {
stable = {
name = 'stable',
mirrors = {'http://update.example.org/stable/sysupgrade'},
good_signatures = 2,
pubkeys = {
'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx', -- Alice
'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx', -- Bob
'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx', -- Mary
},
},
},
},
}

61
docs/multidomain-site-example/site.mk Normal file
View File

@ -0,0 +1,61 @@
## gluon site.mk makefile example
## GLUON_FEATURES
# Specify Gluon features/packages to enable;
# Gluon will automatically enable a set of packages
# depending on the combination of features listed
GLUON_FEATURES := \
autoupdater \
ebtables-filter-multicast \
ebtables-filter-ra-dhcp \
ebtables-limit-arp \
mesh-batman-adv-15 \
mesh-vpn-fastd \
radvd \
respondd \
status-page \
web-advanced \
web-wizard
## GLUON_MULTIDOMAIN
# Build gluon with multidomain support.
GLUON_MULTIDOMAIN=1
## GLUON_SITE_PACKAGES
# Specify additional Gluon/LEDE packages to include here;
# A minus sign may be prepended to remove a packages from the
# selection that would be enabled by default or due to the
# chosen feature flags
GLUON_SITE_PACKAGES := haveged iwinfo
## DEFAULT_GLUON_RELEASE
# version string to use for images
# gluon relies on
# opkg compare-versions "$1" '>>' "$2"
# to decide if a version is newer or not.
DEFAULT_GLUON_RELEASE := 0.6+exp$(shell date '+%Y%m%d')
# Variables set with ?= can be overwritten from the command line
## GLUON_RELEASE
# call make with custom GLUON_RELEASE flag, to use your own release version scheme.
# e.g.:
# $ make images GLUON_RELEASE=23.42+5
# would generate images named like this:
# gluon-ff%site_code%-23.42+5-%router_model%.bin
GLUON_RELEASE ?= $(DEFAULT_GLUON_RELEASE)
# Default priority for updates.
GLUON_PRIORITY ?= 0
# Region code required for some images; supported values: us eu
GLUON_REGION ?= eu
# Languages to include
GLUON_LANGS ?= en de

19
docs/package/gluon-config-mode-domain-select.rst Normal file
View File

@ -0,0 +1,19 @@
gluon-config-mode-domain-select
===============================
This package provides a drop-down list for the config mode to select the domain
the node will be placed in. If the selection has changed the upgrade scripts in
``/lib/gluon/upgrade/`` are triggered to update the nodes configuration.
Hiding domains could be useful for default or testing domains, which should not
be accidentally selected by a node operater.
domains/\*.conf
---------------
hide_domain \: optional (defaults to false)
- ``false`` shows this domain in drop-down list
- ``true`` hides this domain
Example::
hide_domain = true

14
docs/package/gluon-config-mode-geo-location.rst
View File

@ -1,14 +0,0 @@
gluon-config-mode-geo-location
==============================
This package enables the user to set latitude, longitude and altitude of their
node within config mode. As the usage of the altitude is not well defined the
corresponding field can be disabled.
site.conf
---------
config_mode.geo_location.show_altitude : optional
- ``true`` enables the altitude field
- ``false`` disables the altitude field if altitude has not yet been set
- defaults to ``true``

23
docs/package/gluon-ebtables-limit-arp.rst Normal file
View File

@ -0,0 +1,23 @@
gluon-ebtables-limit-arp
========================
The *gluon-ebtables-limit-arp* package adds filters to limit the
amount of ARP requests client devices are allowed to send into the
mesh.
The limits per client device, identified by its MAC address, are
6 packets per minute and 1 per second per node in total.
A burst of up to 50 ARP requests is allowed until the rate-limiting
takes effect (see ``--limit-burst`` in ``ebtables(8)``).
Furthermore, ARP requests for a target IP already present in the
batman-adv DAT cache are excluded from rate-limiting, in regard
to both counting and filtering, as batman-adv will be able
to respond locally without a burden for the mesh. Therefore, this
limiter should not affect popular target IP addresses, like those
of gateways or nameservers.
However it mitigates the impact on the mesh when a larger range of
its IPv4 subnet is being scanned, which would otherwise result in
a significant amount of ARP chatter, even for unused IP addresses.

33
docs/package/gluon-ebtables-source-filter.rst Normal file
View File

@ -0,0 +1,33 @@
gluon-ebtables-source-filter
============================
The *gluon-ebtables-source-filter* package adds an additional layer-2 filter
ruleset to prevent unreasonable traffic entering the network via the nodes.
Unreasonable means traffic entering the mesh via a node which source IP does
not belong to the configured IP space.
You may first check if there is a certain proportion of unreasonable traffic,
before adding this package to the firmware image. Furthermore, you should not
use this package if some kind of gateway or upstream network is provided by
a device connected to the client port.
site.conf
---------
prefix4 : optional
- IPv4 subnet
prefix6 :
- IPv6 subnet
extra_prefixes6 : optional
- list of additional IPv6 subnets
Example::
prefix4 = '198.51.100.0/21',
prefix6 = '2001:db8:8::/64',
extra_prefixes6 = {
'2001:db8:9::/64',
'2001:db8:100::/60',
},

61
docs/package/gluon-radv-filterd.rst Normal file
View File

@ -0,0 +1,61 @@
gluon-radv-filterd
==================
This package drops all incoming router advertisements except for the
default router with the best metric according to B.A.T.M.A.N. advanced.
Note that advertisements originating from the node itself (for example
via gluon-radvd) are not affected and considered at all.
Selected router
---------------
The router selection mechanism is independent from the batman-adv gateway mode.
In contrast, the device originating the router advertisment could be any router
or client connected to the mesh, as radv-filterd captures all router
advertisements originating from it. All nodes announcing router advertisement
**with** a default lifetime greater than 0 are being considered as candidates.
In case a router is not a batman-adv originator itself, its TQ is defined by
the originator it is connected to. This lookup uses the batman-adv global
translation table.
Initially the router is the selected by choosing the candidate with the
strongest TQ. When another candidate can provide a better TQ metric it is not
picked up as the selected router until it will outperform the currently
selected router by X metric units. The hysteresis threshold is configurable
and prevents excessive flapping of the gateway.
"Local" routers
---------------
The package has functionality to select "local" routers, i.e. those connected
via cable or WLAN instead of via the mesh (technically: appearing in the
``transtable_local``), a fake TQ of 512 so that they are always preferred.
However, if used together with the :doc:`gluon-ebtables-filter-ra-dhcp`
package, these router advertisements are filtered anyway and reach neither the
node nor any other client. You currently have to disable the package or insert
custom ebtables rules in order to use local routers.
respondd module
---------------
This package also contains a module for respondd that announces the currently
selected router via the ``statistics.gateway6`` property using its interface MAC
address. Note that this is different from the ``statistics.gateway`` property,
which contains the MAC address of the main B.A.T.M.A.N. adv slave interface of
the selected IPv4 gateway.
site.conf
---------
radv_filterd.threshold : optional
- minimal difference in TQ value that another gateway has to be better than
the currently chosen gateway to become the new chosen gateway
- defaults to ``20``
Example::
radv_filterd = {
threshold = 20,
}

29
docs/package/gluon-web-admin.rst Normal file
View File

@ -0,0 +1,29 @@
gluon-web-admin
===============
This package allows the user to set options like the password for ssh access
within config mode. You can define in your ``site.conf`` whether it should be
possible to access the nodes via ssh with a password or not and what the mimimum
password length must be.
site.conf
---------
config_mode.remote_login.show_password_form \: optional
- ``true`` the password section in config mode is shown
- ``false`` the password section in config mode is hidden
- defaults to ``false``
config_mode.remote_login.min_password_length \: optional
- sets the minimum allowed password length. Set this to ``1`` to disable the
length check.
- defaults to ``12``
Example::
config_mode = {
remote_login = {
show_password_form = true, -- default false
min_password_length = 12
}
}

5
docs/package/gluon-web-logging.rst Normal file
View File

@ -0,0 +1,5 @@
gluon-web-logging
=================
The *gluon-web-logging* package adds a new section to advanced settings
to allow GUI-based configuration of a remote syslog server.

55
docs/releases/v2016.1.6.rst Normal file
View File

@ -0,0 +1,55 @@
Gluon 2016.1.6
==============
Bugfixes
~~~~~~~~
* build: fix nodejs host build on Debian Wheezy (`#776 <https://github.com/freifunk-gluon/gluon/issues/776>`_)
* build: fix parallel builds with Make 4.2+
Trying to use ``-j N`` with Make 4.2 would spawn an unlimited number of processes,
eventually leading to memory exhaustion.
* build: fix occasional build failure in libpcap package
* build: don't require hexdump for x86 builds (`#811 <https://github.com/freifunk-gluon/gluon/issues/811>`_)
Trying to build Gluon for x86 on systems without hexdump would silently generate
broken images.
* Add support for DNS servers given by their link-local IPv6 address in Router Advertisements
(`#854 <https://github.com/freifunk-gluon/gluon/issues/854>`_)
* ar71xx-generic: correctly setup LNA GPIOs on CPE210/510 (`#796 <https://github.com/freifunk-gluon/gluon/issues/796>`_)
Improves the reception by about 20dB.
* ar71xx-generic: switch default WAN/LAN assignment on Ubiquiti UAP Pro
(`#764 <https://github.com/freifunk-gluon/gluon/issues/764>`_)
Switch to the usual "PoE is WAN/setup mode, secondary is LAN" scheme. This only affects
new installations; the assignment won't be changed on updates unless the configuration is
reset.
* ar71xx-generic: fix ath10k memory leak (`#690 <https://github.com/freifunk-gluon/gluon/issues/690>`_)
* ar71xx-generic: add support for new TP-Link region codes
(`#860 <https://github.com/freifunk-gluon/gluon/issues/860>`_)
TP-Link has started providing US- and EU-specific firmwares for the Archer C7 v2. To generate
Gluon images installable from these new firmwares, the ``GLUON_REGION`` variable must be set
to ``eu`` or ``us`` in ``site.mk`` or on the ``make`` command line (the images will still be
installable from all old firmwares without region codes).
Known Issues
~~~~~~~~~~~~
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Expert Mode is recommended.
* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promicious mode is disallowed).
* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.

6
docs/releases/v2016.1.rst
View File

@ -175,9 +175,9 @@ Site changes
mesh_vpn = {
ifname = 'mesh-vpn',
enabled = false,
limit_ingress = 3000,
limit_egress = 200,
}
limit_ingress = 3000,
},
}
needs to be changed to
@ -189,8 +189,8 @@ Site changes
bandwidth_limit = {
enabled = false,
ingress = 3000,
egress = 200,
ingress = 3000,
},
}

59
docs/releases/v2016.2.1.rst Normal file
View File

@ -0,0 +1,59 @@
Gluon 2016.2.1
==============
Added hardware support
~~~~~~~~~~~~~~~~~~~~~~
ar71xx-generic
^^^^^^^^^^^^^^
* TP-Link
- TL-WA901ND v4
Bugfixes
~~~~~~~~
* Make status page work with disabled cookies/local storage
(`#912 <https://github.com/freifunk-gluon/gluon/pull/912>`_)
* Update kernel to 3.18.44
Fixes CVE-2016-5195 and CVE-2016-7117. It is unlikely that these issues pose
a threat to usual Gluon setups, but installing additional packages may make a
system vulnerable. In any case, updating is highly recommended.
* Downgrade mac80211 to an earlier state
Unfortunately, a mac80211 update that was done shortly before the release of
Gluon v2016.2 (that seemed necessary to properly support ath10k devices) had
again caused severe ath9k stability issues that remained unreported until v2016.2
was out.
We have now reverted mac80211 to an earlier state that was reported to be very
stable (while keeping the ath10k-specific changes); in addition, some patches
that were reported to cause connection or performance issues with certain clients
have been reverted. While is it still not perfectly stable, is should be at least
as good as (and probably better than) the v2016.1.x release series.
Known Issues
~~~~~~~~~~~~
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promicious mode is disallowed).
* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
* Git HTTPS downloads from git.kernel.org fail on Debian Wheezy (`#919 <https://github.com/freifunk-gluon/gluon/issues/919>`_)
The GnuTLS version on Debian Wheezy is too old and can't establish a connection with
git.kernel.org anymore. A newer GnuTLS version is available in wheezy-backports, but
as there is no libcurl3-gnutls package linked against the new version, installing the
new version has no effect.

78
docs/releases/v2016.2.2.rst Normal file
View File

@ -0,0 +1,78 @@
Gluon 2016.2.2
==============
Added hardware support
~~~~~~~~~~~~~~~~~~~~~~
ar71xx-generic
^^^^^^^^^^^^^^
* TP-Link
- CPE210/510 EU/US versions
- TL-WA801N/ND v3
- TL-WR841ND v11 EU/US versions
Bugfixes
~~~~~~~~
* Fix boot on certain QCA955x-based devices (e.g. OpenMesh OM5P AC v2) (`#965 <https://github.com/freifunk-gluon/gluon/pull/965>`_)
This issue was a regression in Gluon v2016.2.1.
* Build: Fix git downloads from git.kernel.org on Debian Wheezy (`#919 <https://github.com/freifunk-gluon/gluon/issues/919>`_)
We've switched back from HTTPS to the git protocol for now to avoid using
the old GnuTLS version of Debian Wheezy which can't establish a HTTPS connection
with git.kernel.org anymore.
This issue was a regression in Gluon v2016.2.
* Fix RX filter of Ubiquiti UAP Outdoor+ (`d43147a8e03d <https://github.com/freifunk-gluon/gluon/commit/d43147a8e03dd17bc27e4ab203736f2151f9db3d>`_)
This issue was a regression in Gluon v2016.2.
* Fix switched WAN/LAN interface assignment on CPE210 (`59deb2064d54 <https://github.com/freifunk-gluon/gluon/commit/59deb2064d54a37e27139b76a3b6064f5f10f364>`_)
This issue was a regression in Gluon v2016.2.
* Significantly reduce CPU load used by signal strength LEDs (`#897 <https://github.com/freifunk-gluon/gluon/issues/897>`_)
* Fix ethernet port of the Ubiquiti UAP AC Lite (`#911 <https://github.com/freifunk-gluon/gluon/issues/911>`_)
* Build: Don't use host ``/tmp`` directory (`f9072a36411b <https://github.com/freifunk-gluon/gluon/commit/f9072a36411b92089c697b2c0a564155bfe10bd1>`_)
Fixes build when ``/tmp`` is mounted with *noexec*.
* Fix mesh interface type respondd/alfred announcements when using VLANs over IBSS (`#941 <https://github.com/freifunk-gluon/gluon/issues/941>`_)
* Fix next-node ebtables rules without *next_node.ip4* (`9dbe9f785d2b <https://github.com/freifunk-gluon/gluon/commit/9dbe9f785d2b439c3ebdae365b808ebf42b3cf03>`_)
Gluon v2016.2 added support for using the next-node feature without specifying an IPv4
address. Some scripts had not been adjusted, making the next-node unreliable when
no IPv4 address was specified.
Other changes
~~~~~~~~~~~~~
* x86-generic and x86-64 images now have PATA and MMC support to allow using them
on various devices that were previously unsupported.
* Clean up opkg postinst scripts up on image generation
OpenWrt does this by default to save a little space.
Known Issues
~~~~~~~~~~~~
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promicious mode is disallowed).
* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.

62
docs/releases/v2016.2.3.rst Normal file
View File

@ -0,0 +1,62 @@
Gluon 2016.2.3
==============
Added hardware support
~~~~~~~~~~~~~~~~~~~~~~
ar71xx-generic
^^^^^^^^^^^^^^
* TP-Link TL-WR940N v4
* TP-Link TL-WR1043ND v4
Removed hardware support
~~~~~~~~~~~~~~~~~~~~~~~~
Support for Meraki devices (MR12/16/62/66) has been removed for now because of
severe problems (all devices were using the same MAC addresses). Support will return
when the issues have been fixed.
Bugfixes
~~~~~~~~
* Automatically restart respondd on failure (`#863 <https://github.com/freifunk-gluon/gluon/issues/863>`_)
There have been many reports of respondd processes disappearing; the exact cause is unclear,
but might be related to the batman-adv debugfs interface and/or out-of-memory conditions.
A new respondd initscript uses procd to automatically restart respondd when it dies.
* Make autoupdater timeouts more robust (`#987 <https://github.com/freifunk-gluon/gluon/issues/987>`_)
It was reported that wget processes sometimes hang indefinitely during the autoupdater manifest
download. The autoupdater has been improved to ensure that wget can always be interrupted after
a timeout.
This issue, together with the recent addition of lock files to ensure that only one instance
of the autoupdater can run at a time, had caused the autoupdater to blocked completely
by hanging processes in some cases (till a node was rebooted).
* Fix regulation domain switching in ath10k (`#1001 <https://github.com/freifunk-gluon/gluon/pull/1001>`_)
Prevents use of too high transmission power in some cases.
* Ensure that *prefix6* in site.conf is always a /64 prefix (`6b62e2f <https://github.com/freifunk-gluon/gluon/commit/6b62e2fc788cd1f83f6634288a15724dfc42b0fd>`_)
Other prefix lengths were never supported and don't make sense in many places the prefix is used. Ensure
that such configurations will not pass validation.
Known Issues
~~~~~~~~~~~~
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promicious mode is disallowed).
* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.

55
docs/releases/v2016.2.4.rst Normal file
View File

@ -0,0 +1,55 @@
Gluon 2016.2.4
==============
Bugfixes
~~~~~~~~
* Fix batman-adv (compat 15) not being able to transmit packages of specific sizes (`b7eeef9 <https://github.com/freifunk-gluon/gluon/commit/b7eeef9b04b44a70b2a953c4efe35a3fdceba2db>`_)
We suspect that this issue was also the reason for the autoupdater/wget hangs observed by many communities.
Non-Gluon nodes like gateways should be updated to batman-adv 2017.0.1 to get the fix.
* Fix build after ftp.all.kernel.org discontinuation (`#1059 <https://github.com/freifunk-gluon/gluon/issues/1059>`_)
* Fix high load because of frequent calls of the respondd initscript (`9a0aeb9 <https://github.com/freifunk-gluon/gluon/commit/9a0aeb9b7482df4e4515e61356b9d393e3a7eacb>`_)
The respondd restart triggers added in v2016.2.3 ran a significant portion of the respondd initscript for each router advertisement
received. This was fixed by a backport of a netifd patch.
* x86 sysupgrade fixes (`41fd50d <https://github.com/freifunk-gluon/gluon/commit/41fd50d20ba31d73c4796c5b2d4eb44ad2258b90>`_,
`ad37e2b <https://github.com/freifunk-gluon/gluon/commit/ad37e2b6b43b2c3389356d892b04f3873d8f6b93>`_)
This fixes sysupgrade on mmcblk and similar devices.
Other changes
~~~~~~~~~~~~~
* The manifest generator has been extended to generate SHA256 checksums in addition to SHA512 ones
(`f9d59be <https://github.com/freifunk-gluon/gluon/commit/f9d59be731efd31a26c59e049ccbdc4b1762f6b1>`_)
We have recently switched the autoupdater to SHA256 in the Gluon master to avoid mixing two different
lengths of hashes for no good reason. This makes the manifests of Gluon v2016.2.x compatible with the
new autoupdater so it doesn't prevent backports or downgrades.
**Note:** Downgrades of major Gluon versions are generally unsupported and will often lead to
broken configurations.
Known Issues
~~~~~~~~~~~~
* x86 sysupgrade (sometimes) loses config when kernel partition grows (`#1010 <https://github.com/freifunk-gluon/gluon/issues/1010>`_)
This issue affects upgrades from v2016.2.x and older to the Gluon master only, we hope to fix it before the next
major release.
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promicious mode is disallowed).
* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.

36
docs/releases/v2016.2.5.rst Normal file
View File

@ -0,0 +1,36 @@
Gluon 2016.2.5
==============
This version contains only a single bugfix for a regression introduced in Gluon v2016.2.4.
As the regression affects batman-adv compat 15 only, firmwares using the compat 14 legacy
version don't need to be updated.
Bugfixes
~~~~~~~~
* Fix kernel crash with batman-adv compat 15 (`d452a7c <https://github.com/freifunk-gluon/gluon/commit/d452a7c2cf1c0da4e034666a50dc0e7aa9ddc592>`_)
An incorrect backport of a fix for a very improbable kernel crash caused a much more
frequent kernel crash. The backport has been fixed.
This bug a regression in Gluon v2016.2.4.
Known Issues
~~~~~~~~~~~~
* x86 sysupgrade (sometimes) loses config when kernel partition grows (`#1010 <https://github.com/freifunk-gluon/gluon/issues/1010>`_)
This issue affects upgrades from v2016.2.x and older to the Gluon master only, we hope to fix it before the next
major release.
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promicious mode is disallowed).
* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.

57
docs/releases/v2016.2.6.rst Normal file
View File

@ -0,0 +1,57 @@
Gluon 2016.2.6
==============
Added hardware support
~~~~~~~~~~~~~~~~~~~~~~
ar71xx-generic
^^^^^^^^^^^^^^
* TP-Link TL-WR841N/ND v12
Bugfixes
~~~~~~~~
* Fix `CVE-2016-10229 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10229>`_
(`#1097 <https://github.com/freifunk-gluon/gluon/issues/1097>`_)
Fortunately, the standard Gluon setup is not vulnerable, as the issue only affects
applications that use MSG_PEEK on UDP sockets. dnsmasq does use MSG_PEEK, but
only in the DHCP component, which is not enabled during normal node operation.
* Fix roaming issue affecting communication between clients
(`#1121 <https://github.com/freifunk-gluon/gluon/issues/1121>`_)
This issue affects all previous releases of Gluon v2016.2.x.
* Fix build against OpenSSL 1.1 (`b6a22ce <https://github.com/freifunk-gluon/gluon/commit/b6a22ce79307853b175192178bb0333d976a3a6f>`_)
* Fix build with long path names (`#1120 <https://github.com/freifunk-gluon/gluon/issues/1120>`_)
* Use new staged sysupgrade procedure (`d4a69c0 <https://github.com/freifunk-gluon/gluon/commit/d4a69c00047f72696a2400cd7129be032de458e3>`_)
The new sysupgrade fixes an issue affecting x86, causing nodes to lose their
configuration on upgrade when the size of the kernel partition grows. This is
the case when upgrading from Gluon v2016.2.x to newer (LEDE-based) Gluon
versions. **This means that a Gluon node running an older version must be
upgraded to Gluon v2016.2.6 first before switching to a LEDE-based version!**
One downside of the staged sysupgrade is that all processes, including the SSH
server, will be terminated at the start of the sysupgrade to allow unmounting
the root filesystem. This makes it impossible to get any feedback from the
upgrade process without a serial console.
Known Issues
~~~~~~~~~~~~
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promicious mode is disallowed).
* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.

31
docs/releases/v2016.2.7.rst Normal file
View File

@ -0,0 +1,31 @@
Gluon 2016.2.7
==============
This release only fixes a single regression introduced in Gluon v2016.2.6, and
add support for building using Perl 5.26.
Bugfixes
~~~~~~~~
* Improve sysupgrade error handling (`#1160 <https://github.com/freifunk-gluon/gluon/issues/1160>`_)
If for some reason processes don't react to SIGKILL (usually because of a kernel bug),
a node could hang forever in sysupgrade, requiring a power cycle. This has been
fixed, triggering a reboot instead.
* Backport fixes to support building with Perl 5.26 or newer (`76753ed <https://github.com/freifunk-gluon/gluon/commit/76753ede0da78e24208f10675fa288247deec961>`_)
Known Issues
~~~~~~~~~~~~
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promicious mode is disallowed).
* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.

179
docs/releases/v2016.2.rst Normal file
View File

@ -0,0 +1,179 @@
Gluon 2016.2
============
Added hardware support
~~~~~~~~~~~~~~~~~~~~~~
ar71xx-generic
^^^^^^^^^^^^^^
* ALFA Network
- Tube2H
- N2
- N5
* Buffalo
- WZR-HP-G300NH2
* GL Innovations
- GL-AR150
* OpenMesh
- MR1750 v1, v2 [#ath10k]_
- OM2P-HS v3
- OM5P-AC v1, v2 [#ath10k]_
* TP-Link
- Archer C5 v1 [#ath10k]_
- Archer C7 v2 [#ath10k]_
- TL-WR710N v2.1
- TL-WR842N/ND v3
* Ubiquiti
- UniFi AP AC Lite [#ath10k]_
- UniFi AP AC Pro [#ath10k]_
.. [#ath10k]
Device uses the ath10k WLAN driver; no image is built unless GLUON_ATH10K_MESH
is set as described in :ref:`getting-started-make-variables`
brcm2708-bcm2708
^^^^^^^^^^^^^^^^
* RaspberryPi 1
brcm2708-bcm2709
^^^^^^^^^^^^^^^^
* RaspberryPi 2
New features
~~~~~~~~~~~~
* Many UBNT Airmax XM model names are detected correctly now (e.g., the Loco
is no longer displayed as Bullet) (`#632 <https://github.com/freifunk-gluon/gluon/pull/632>`_)
Also, various new image aliases have been added for these devices.
* batman-adv: mesh_no_rebroadcast is now enabled for Mesh-on-WAN/LAN (`#652 <https://github.com/freifunk-gluon/gluon/issues/652>`_)
* The new UCI option ``gluon-core.@wireless[0].preserve_channels`` can be used to
prevent a changed WLAN channel from being reset on firmware upgrades (`#640 <https://github.com/freifunk-gluon/gluon/issues/640>`_)
* PoE passthrough can now be configured from site.conf and the Advanced Settings
on TP-Link CPE 210/510 and Ubiquiti NanoStations (`#328 <https://github.com/freifunk-gluon/gluon/issues/328>`_)
* The config mode *altitude* field can now be hidden using the ``config_mode.geo_location.show_altitude``
site.conf setting (`#693 <https://github.com/freifunk-gluon/gluon/issues/693>`_)
* The contact information field in the config mode can be made obligatory using
the ``config_mode.owner.obligatory`` site.conf option
* The *node name* setting in the config mode is no longer restricted to valid DNS
hostnames, but allows any UTF-8 string (`#414 <https://github.com/freifunk-gluon/gluon/issues/414>`_)
* Besides the hostname, public key, site config and primary MAC address, the contact
information can now be accessed from config mode site texts
* The functions ``escape`` and ``urlescape`` for HTML and URL escaping are now available from config mode
site texts. They should always be used when including user-provided information like
hostnames and contact information in HTML code or URLs.
* Dropbear has been updated to a newer version, enabling new SSH crypto methods and removing
some old ones like DSA. This reduces the time needed for the first boot and makes
SSH logins faster (`#223 <https://github.com/freifunk-gluon/gluon/issues/223>`_)
* WLAN basic and supported rate sets have been made configurable, to allow disabling
802.11b rates (`#810 <https://github.com/freifunk-gluon/gluon/pull/810>`_)
* ath10k-based devices are now supported officially; it's possible to choose between
IBSS- and 11s-capable firmwares in site.mk (`#864 <https://github.com/freifunk-gluon/gluon/pull/864>`_)
* The ``prefix4`` and ``next_node.ip4`` site.conf options are optional now.
Bugfixes
~~~~~~~~
* The stability of the ath9k WLAN driver has been improved significantly
(`#605 <https://github.com/freifunk-gluon/gluon/issues/605>`_)
mac80211, hostapd and other related drivers and services have been backported from LEDE ``42f559e``.
* Extremely slow downloads could lead to multiple instances of the autoupdater
running concurrently (`#582 <https://github.com/freifunk-gluon/gluon/pull/582>`_)
A lockfile is used to prevent this and timeouts have been added to download processes.
* Usage of static DNS servers on the WAN port has been fixed
(`#886 <https://github.com/freifunk-gluon/gluon/issues/886>`_)
This is a regression introduced in Gluon v2016.1.6.
Other changes
~~~~~~~~~~~~~
* The "Expert Mode" has been renamed to "Advanced Settings"
Site changes
~~~~~~~~~~~~
site.mk
^^^^^^^
If you want to support ath10k-based devices, you should set GLUON_ATH10K_MESH
and GLUON_REGION as described in :ref:`getting-started-make-variables`.
i18n
^^^^
As the hostname field may now contain an arbitrary UTF-8 string, escaping must
be added.
Change
::
<%=hostname%>
to
::
<%=escape(hostname)%>
Inside of URLs, ``urlescape`` must be used instead of ``escape``.
Internals
~~~~~~~~~
* Mesh interfaces are now configured in a protocol-independent way in UCI (`#870 <https://github.com/freifunk-gluon/gluon/pull/870>`_)
The MAC address assignment of all mesh and WLAN interfaces has been modified to prepare for support of
Ralink/Mediatek-based WLAN chips.
* Preparations for supporting the new batman-adv multicast optimizations have been made
(`#674 <https://github.com/freifunk-gluon/gluon/pull/674>`_, `#675 <https://github.com/freifunk-gluon/gluon/pull/675>`_,
`#679 <https://github.com/freifunk-gluon/gluon/pull/679>`_)
* All Lua code is minified now to save some space
Known Issues
~~~~~~~~~~~~
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promicious mode is disallowed).
* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.

41
docs/releases/v2017.1.1.rst Normal file
View File

@ -0,0 +1,41 @@
Gluon 2017.1.1
==============
Bugfixes
~~~~~~~~
* The autoupdater manifest has been extended to allow automatic upgrades from
old *x86-kvm* and *x86-xen_domu* systems to the new *x86-generic* image
(`869ceb4 <https://github.com/freifunk-gluon/gluon/commit/869ceb425cd5f9db3eafddcc52377fd94c6ba0dd>`_)
* Make flash writable again on Ubiquiti PicoStations with certain bootloader
versions (and possibly other devices)
(`9a787c9 <https://github.com/freifunk-gluon/gluon/commit/9a787c9878069158151c843b8fd9aa338815d61e>`_)
Units affected by this issue running Gluon v2017.1 can't leave config mode and
no regular sysupgrades are possible. TFTP recovery is necessary to make them
work again.
* Add workaround to prevent sporadic segfaults of busybox (ash) when running shell scripts on ar71xx
(`#1157 <https://github.com/freifunk-gluon/gluon/issues/1157>`_)
* Disable batman-adv multicast optimizations to work around issue causing large
amounts of management traffic
(`819758f <https://github.com/freifunk-gluon/gluon/commit/819758f4250af8820851945ba1a6c17748b0ab4b>`_)
Multicast optimizations will be enabled again when a proper fix is available.
Known issues
~~~~~~~~~~~~
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promicious mode is disallowed).
* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.

84
docs/releases/v2017.1.2.rst Normal file
View File

@ -0,0 +1,84 @@
Gluon 2017.1.2
==============
New features
~~~~~~~~~~~~
* Preserve *gw_mode* on sysupgrades (`#1196 <https://github.com/freifunk-gluon/gluon/issues/1196>`_)
When a Gluon node is used as uplink (for example by connecting it to a router with
a DHCP server directly, instead of using non-Gluon servers for the internet uplink),
the *gw_mode* must be set to *server* on that node. The changed *gw_mode* is now
preserved on upgrades.
* Allow configuring the batman-adv routing algorithm (*BATMAN IV* or *BATMAN V*)
in *site.conf* (`#1185 <https://github.com/freifunk-gluon/gluon/issues/1185>`_)
*BATMAN V* still hasn't received extensive testing (and is incompatible with *BATMAN IV*).
This new option allows to set up *BATMAN V*-based test meshes. If unset, the routing
algorithm will default to *BATMAN IV*.
Configuration:
.. code-block:: lua
mesh = {
batman_adv = {
routing_algo = 'BATMAN_V'
}
}
* New *show-release* Make target
The command ``make show-release`` can be used to print the release number
defined by *GLUON_RELEASE* to the standard output. This can be useful for build scripts
when a ``$(shell ...)`` expression is used in *site.mk* to generate the release
number.
Bugfixes
~~~~~~~~
* The image build code used for some devices has been fixed, solving multiple
issues (`#1193 <https://github.com/freifunk-gluon/gluon/issues/1193>`_)
Problems caused by this issue include:
- sysupgrade rejecting Allnet images
- OpenMesh devices losing their configuration on upgrades
This is a regression introduced in Gluon v2017.1.
* Improve sysupgrade error handling (`#1160 <https://github.com/freifunk-gluon/gluon/issues/1160>`_)
If for some reason processes don't react to SIGKILL (usually because of a kernel bug),
a node could hang forever in sysupgrade, requiring a power cycle. This has been
fixed, triggering a reboot instead.
* Also display *gluon-config-mode:novpn* message when Tunneldigger is installed, but disabled
(`#1172 <https://github.com/freifunk-gluon/gluon/issues/1172>`_)
It was only displayed on nodes with fastd before.
* Fix migration of enabled/disabled state between fastd and Tunneldigger
(`#1187 <https://github.com/freifunk-gluon/gluon/issues/1187>`_)
Known issues
~~~~~~~~~~~~
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promicious mode is disallowed).
* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
* Sporadic segfaults of busybox (ash) when running shell scripts on ar71xx
(`#1157 <https://github.com/freifunk-gluon/gluon/issues/1157>`_)
The workaround added in Gluon v2017.1.1 has greatly reduced the frequency of
segfaults, but did not make them disappear completely.

65
docs/releases/v2017.1.3.rst Normal file
View File

@ -0,0 +1,65 @@
Gluon 2017.1.3
==============
The LEDE base of Gluon has been updated to v17.01.3, including various updates,
stability improvements and security fixes. This includes some critical fixes
to core packages like dnsmasq (see below for details); upgrading all Gluon
nodes to v2017.1.3 is highly recommended.
Bugfixes
~~~~~~~~
* dnsmasq has been upgraded to v2.78, fixing CVE-2017-13704, CVE-2017-14491,
CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, 2017-CVE-14495 and
2017-CVE-14496
While many of the most severe (remote code execution) vulnarabilities are in
the DHCP component of dnsmasq, which is not active on a Gluon node unless in
Config Mode, CVE-2017-14491 does affect us. An attacker can cause memory
corruption and possibly remote code execution by deploying a malicious DNS
server and tricking a node into querying this server.
* The Linux kernel has been upgraded to v4.4.89
* Multiple security issues have been fixed in packages that are not usually part
of the Gluon build, including tcpdump, curl and mbedtls
Please refer to the
`LEDE commit log <https://git.lede-project.org/?p=source.git;a=shortlog;h=refs/heads/lede-17.01>`_
for details.
* Filtering of multicast packets between the mesh and the *local-node* interface
has been fixed (`#1230 <https://github.com/freifunk-gluon/gluon/issues/1230>`_)
This issue was causing gluon-radvd to send a router advertisement to the local
clients whenever a router solicitation from the mesh was received. In busy
meshes, it would continuously send router advertisements every 3 seconds.
* Reject autoupdater mirror URLs not starting with ``http://`` during build
(`9ab93992d1fc <https://github.com/freifunk-gluon/gluon/commit/9ab93992d1fca1b9cfa09c54d39cc92d3699055a>`_)
* Fix MAC addresses on TP-Link TL-WR1043ND v4 when installing Gluon over newer
stock firmwares (`#1223 <https://github.com/freifunk-gluon/gluon/issues/1223>`_)
Known issues
~~~~~~~~~~~~
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promicious mode is disallowed).
* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
* Sporadic segfaults of busybox (ash) when running shell scripts on ar71xx
(`#1157 <https://github.com/freifunk-gluon/gluon/issues/1157>`_)
The workaround added in Gluon v2017.1.1 has greatly reduced the frequency of
segfaults, but did not make them disappear completely.

56
docs/releases/v2017.1.4.rst Normal file
View File

@ -0,0 +1,56 @@
Gluon 2017.1.4
==============
Added hardware support
~~~~~~~~~~~~~~~~~~~~~~
ar71xx-generic
^^^^^^^^^^^^^^
* GL Innovations GL-AR300M
Bugfixes
~~~~~~~~
* LEDE has been updated to the latest stable commit, including various fixes for
the kernel (including security updates), and making opkg work again. This also
includes fixes for the KRACK issue (which is irrelevant for most Gluon
deployments, as Gluon nodes are rarely used as WLAN clients)
(`b62af904bbfd <https://github.com/freifunk-gluon/gluon/commit/b62af904bbfd6360ed728fc9ae69af3d8e8db1d7>`_,
`ba56b41ddaf6 <https://github.com/freifunk-gluon/gluon/commit/ba56b41ddaf6033e3cdef18d30da6b34cd438e8c>`_,
`ad0824136e5b <https://github.com/freifunk-gluon/gluon/commit/ad0824136e5b47482e11483c50e7bc88ba2c506e>`_,
`017fbe88bb8a <https://github.com/freifunk-gluon/gluon/commit/017fbe88bb8a89623464b02e09178696c1d077a6>`_)
* Fix DNS resolution for mesh VPN (fastd / tunneldigger) on ARM-based targets
(`#1245 <https://github.com/freifunk-gluon/gluon/issues/1245>`_)
* Fix a build issue in *kmod-jool*
(`06842728233a <https://github.com/freifunk-gluon/gluon/commit/06842728233a39784c437767eb9df4167ab07a87>`_)
* Fix enabling/disabling PoE Passthrough in *site.conf* or in the
advanced settings
(`7268e49a301f <https://github.com/freifunk-gluon/gluon/commit/7268e49a301fcd643a49b329bd6097a0f85bdaBb>`_,
`7c2636d28264 <https://github.com/freifunk-gluon/gluon/commit/7c2636d28264df20b448b0160b69f5059c40b84a>`_)
Known issues
~~~~~~~~~~~~
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promicious mode is disallowed).
* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
* Sporadic segfaults of busybox (ash) when running shell scripts on ar71xx
(`#1157 <https://github.com/freifunk-gluon/gluon/issues/1157>`_)
The workaround added in Gluon v2017.1.1 has greatly reduced the frequency of
segfaults, but it did not make them disappear completely.

57
docs/releases/v2017.1.5.rst Normal file
View File

@ -0,0 +1,57 @@
Gluon 2017.1.5
==============
Added hardware support
~~~~~~~~~~~~~~~~~~~~~~
ar71xx-generic
^^^^^^^^^^^^^^
* TP-Link TL-WR1043N v5
ramips-mt7621
^^^^^^^^^^^^^
* Ubiquiti EdgeRouter-X
* Ubiquiti EdgeRouter-X SFP
Bugfixes
~~~~~~~~
* Fix build with empty ``site/modules``
(`#1262 <https://github.com/freifunk-gluon/gluon/issues/1262>`_)
* Fix Ethernet stalls at high throughput on certain devices
(`#1101 <https://github.com/freifunk-gluon/gluon/issues/1101>`_)
* Update Tunneldigger to support connections with servers running newer kernel
versions (`9ed6ff752eb7 <https://github.com/freifunk-gluon/gluon/commit/9ed6ff752eb7972d90b138197641f12eeb4572fb>`_)
* Fix batman-adv Bridge Loop Avoidance (BLA) with *gluon-ebtables-filter-multicast*
(`#1198 <https://github.com/freifunk-gluon/gluon/issues/1198>`_)
Known issues
~~~~~~~~~~~~
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promicious mode is disallowed).
* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
* Sporadic segfaults of busybox (ash) when running shell scripts on ar71xx
(`#1157 <https://github.com/freifunk-gluon/gluon/issues/1157>`_)
The workaround added in Gluon v2017.1.1 has greatly reduced the frequency of
segfaults, but it did not make them disappear completely.
* Frequent reboots due to out-of-memory on weak hardware in larger meshes
(`#1243 <https://github.com/freifunk-gluon/gluon/issues/1243>`_)

91
docs/releases/v2017.1.6.rst Normal file
View File

@ -0,0 +1,91 @@
Gluon 2017.1.6
==============
Bugfixes
~~~~~~~~
* Remove broken DNS cache feature
(`#1362 <https://github.com/freifunk-gluon/gluon/issues/1362>`_)
It was found that dnsmasq does not handle all answer records
equally. In particular, its cached answers are missing DNSKEY and DS
records, breaking DNSSEC validation on clients.
Nodes can still resolve the next-node hostname locally and will continue to
work as DNS forwarders. The DNS cache feature may return if dnsmasq is fixed
or if we switch to a different resolver.
* Ensure that corefiles are stored in /tmp rather than cluttering the root
filesystem
(`00df8b76e54c <https://github.com/freifunk-gluon/gluon/commit/00df8b76e54c9bb89299df4b2ec49e972046d6b6>`_)
Nodes upgrades from Gluon v2016.2.x or earlier did not set kernel.core_pattern
correctly, leading to corefiles being stored in the current directory (usually
/ for system services) in the case of crashes.
This is a regression introduced in Gluon v2017.1.
* Only request a single IPv6 address instead of a prefix on the WAN interface
(`5db54ba78c3 <https://github.com/freifunk-gluon/gluon/commit/5db54ba78c3e245f06e4a407371608f6cb247b49>`_)
* Fix signal graph on status page when there are many neighbours
(packages/`d1e0b6e0bdae <https://github.com/freifunk-gluon/packages/commit/d1e0b6e0bdaea14d8b9425cee6ca83087be1a905>`_)
* Fix config files managed by opkg not being saved on sysupgrades on ar71xx-tiny
(LEDE/`17c0362178ca <https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=17c0362178caf837680a4631b8d0de94e5393448>`_,
LEDE/`75be005e8bdc <https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=75be005e8bdcbf86f9ad167a8737126dda98a444>`_)
* Fix kernel crash in batman-adv-14
(`#1358 <https://github.com/freifunk-gluon/gluon/issues/1358>`_)
Starting with Gluon v2017.1, respondd could trigger a kernel crash caused by
a use-after-free in batman-adv-14, in particular after a gateway disappeared.
batman-adv-15 is not affected.
* Increase bridge multicast querier timeout ("robustness") to avoid
"querier appeared/disappeared" log spam by batman-adv in the presence of
an external querier
(`e305a8c01917 <https://github.com/freifunk-gluon/gluon/commit/e305a8c019179472dbfc6fccea6c87cf40c08a75>`_)
* Fix "broken pipe" log spam caused by the status page
(`883c32f2f1dc <https://github.com/freifunk-gluon/gluon/commit/883c32f2f1dc368626069865c07a5701e3e9bcae>`_)
* Reduce memory limit of WLAN packet queues to 256KB on devices with small RAM
(`e63c6ca01f50 <https://github.com/freifunk-gluon/gluon/commit/e63c6ca01f50c96d76e5570faa290617a8a312b4>`_)
Will hopefully make out-of-memory crashes in busy meshes less likely.
* Improve image validation for TP-Link CPE/WBS 210/510 and make it ready for
future images
(LEDE/`6577fe2198f5 <https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=6577fe2198f5c75acb1dba789941d96a036f4dae>`_)
Future OpenWrt/Gluon images will move the image metadata ("support-list") of
the CPE/WBS 210/510 images to a different offset. Make sysupgrade ready
to allow installing such images.
This change was also backported to Gluon v2016.2.x to allow direct updates
to future Gluon master versions without installing v2017.1.x first.
* Sporadic segfaults of busybox (ash) when running shell scripts on ar71xx
have disappeared with the latest updates
(`#1157 <https://github.com/freifunk-gluon/gluon/issues/1157>`_)
Known issues
~~~~~~~~~~~~
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promicious mode is disallowed).
* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
* Frequent reboots due to out-of-memory on weak hardware in larger meshes
(`#1243 <https://github.com/freifunk-gluon/gluon/issues/1243>`_)

34
docs/releases/v2017.1.7.rst Normal file
View File

@ -0,0 +1,34 @@
Gluon 2017.1.7
==============
Bugfixes
~~~~~~~~
* Fix boot failure on many Ubiquiti devices
(`#1370 <https://github.com/freifunk-gluon/gluon/issues/1370>`_)
A kernel update in Gluon 2017.1.6 led to boot failures on Ubiquiti Airmax M2/M5
(NanoStation, Bullet, etc.) if the device had been running AirOS 5.6 before
installing Gluon/OpenWrt. The XW hardware revision is unaffected.
While the root cause is a bug in Ubiquiti's bootloader, the issue is mitigated in
Gluon 2017.1.7.
Known issues
~~~~~~~~~~~~
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promicious mode is disallowed).
* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
* Frequent reboots due to out-of-memory on weak hardware in larger meshes
(`#1243 <https://github.com/freifunk-gluon/gluon/issues/1243>`_)

71
docs/releases/v2017.1.8.rst Normal file
View File

@ -0,0 +1,71 @@
Gluon 2017.1.8
==============
Added hardware support
~~~~~~~~~~~~~~~~~~~~~~
ar71xx-generic
^^^^^^^^^^^^^^
* GL.iNet GL-AR750
* TP-Link Archer C7 v4
* Ubiquiti UniFi AC Mesh
ar71xx-tiny
^^^^^^^^^^^
* TP-Link TL-WR940N v6
Bugfixes
~~~~~~~~
* Fix refcounting issue in batman-adv leading to hangs on interface restarts
(`#1258 <https://github.com/freifunk-gluon/gluon/issues/1258>`_)
This fix applied to both batman-adv compat 14 (legacy) and 15.
* Various batman-adv bugfixes have been backported
(`f5b3c0c3bc7e <https://github.com/freifunk-gluon/gluon/commit/f5b3c0c3bc7e795b4b544cbaa49e9c6ca7581ce9>`_ and
`5947ba300e50 <https://github.com/freifunk-gluon/gluon/commit/5947ba300e50726a8af38fb115b834172780ab26>`_,
fixing
`#1321 <https://github.com/freifunk-gluon/gluon/issues/1321>`_,
`#1380 <https://github.com/freifunk-gluon/gluon/issues/1380>`_,
`#1382 <https://github.com/freifunk-gluon/gluon/issues/1382>`_,
`#1419 <https://github.com/freifunk-gluon/gluon/issues/1419>`_
and a number of other minor issues)
The listed bugs could lead to high rates of batman-adv management traffic
(causing considerable load), trigger warnings about packet checksum failues
in certain non-standard interface configurations, and possibly other issues.
Other changes
~~~~~~~~~~~~~
* Linux kernel has been updated to v4.4.129 (LEDE/`81573ea25924 <https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=81573ea259247f1c6c1a7a490de174d0a6c48a64>`_)
* The description of the "contact information" field in the configuration wizard
has been extended with regard to the EU General Data Protection Regulation (GDPR)
(`fd355cf0ef7b <https://github.com/freifunk-gluon/gluon/commit/fd355cf0ef7ba0d1c9137bfb8fd76e87ad5d1aba>`_)
The *mandatory* site option for the contact information field has been removed.
Known issues
~~~~~~~~~~~~
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promicious mode is disallowed).
* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
* Frequent reboots due to out-of-memory on weak hardware in larger meshes
(`#1243 <https://github.com/freifunk-gluon/gluon/issues/1243>`_)

232
docs/releases/v2017.1.rst Normal file
View File

@ -0,0 +1,232 @@
Gluon 2017.1
============
General changes
~~~~~~~~~~~~~~~
Gluon 2017.1 is the first release of Gluon based on the LEDE 17.01 branch. The
kernel has been updated from 3.18.x to 4.4.x.
We've used the opportunity to greatly simplify the Gluon build system, removing
many hacks that were required to make the build work with older OpenWrt releases.
The *output/modules* directory is now called *output/packages* and provides a
replacement for the whole repository with target-specific packages of LEDE (in
contrast to packages that are common for all targets of the same architecture).
Another change to the build system makes it necessary that the same *GLUON_RELEASE*
value that is used to build the images is also set for ``make manifest``.
GCC 4.8 or newer is now required to build Gluon.
**Note: There is an issue in all Gluon versions before 2016.2.6 that will
lead to x86 systems losing their configuration when upgrading to Gluon 2017.1!**
Older Gluon versions should be upgraded to 2016.2.6 first before switching to
2017.1.
Another potential issue mostly affects virtual machines: Gluon 2017.1 images are
bigger than 2016.2.x images on x86. If your virtual harddisk is based on a
2016.2.x image, it must be resized to 273MB or bigger before upgrading to Gluon
2017.1. Using qemu, the command
::
qemu-img resize $IMAGE 273MB
can be used to do this.
Added hardware support
~~~~~~~~~~~~~~~~~~~~~~
ar71xx-generic
^^^^^^^^^^^^^^
* TP-Link
- RE450
- WBS210 v1.20
- WBS510 v1.20
* Ubiquiti
- AirGateway LR
- AirGateway PRO
- Rocket M2/M5 Ti
- UniFi AP LR
ar71xx-tiny
^^^^^^^^^^^
The new *ar71xx-tiny* target has split out of *ar71xx-generic*; all
*ar71xx-generic* devices with only 4MB of flash have been moved to this target.
In contrast to *ar71xx-generic*, *ar71xx-tiny* **does not support opkg anymore**
to save some space.
* TP-Link
- TL-WA730RE v1
- TL-WA7210N v2
x86-generic
^^^^^^^^^^^
The *x86-kvm* and *x86-xen_domu* targets have been removed; the *x86-generic*
images now support these usecases as well, so no separate targets are needed
anymore.
x86-geode
^^^^^^^^^
The new *x86-geode* target for hardware based on Geode CPUs has been added.
New features
~~~~~~~~~~~~
* Localization support has been added to the status page. In addition to German,
there are English and Russian translations now (`#1044 <https://github.com/freifunk-gluon/gluon/issues/1044>`_)
* Add support for making nodes a DNS cache for clients
(`#1000 <https://github.com/freifunk-gluon/gluon/issues/1000>`_)
* Add L2TP via tunneldigger as an alternative VPN system
(`#978 <https://github.com/freifunk-gluon/gluon/issues/978>`_)
L2TP will usually give better performance than fastd as it runs in kernel
space, but it does not provide encryption. Also, tunneling over IPv6 is
currently unsupported by tunneldigger.
It is not possible to include both fastd and tunneldigger in the same
firmware.
* Add source filter package (`#1015 <https://github.com/freifunk-gluon/gluon/issues/1015>`_)
The new package *gluon-ebtables-source-filter* can be used to prevent traffic
using unexpected IP addresses or packet types from entering the mesh.
See also: :doc:`../package/gluon-ebtables-source-filter`
Bugfixes
~~~~~~~~
* Disabling batman-adv on an interface (for example when an Ethernet link is lost
or before sysupgrades) could lead to a kernel crash in certain configurations
(`#680 <https://github.com/freifunk-gluon/gluon/issues/680>`_)
* A race condition in the network setup scripts could lead to incomplete setup
during boot or when interfaces were added or removed from batman-adv after
Ethernet link changes (`#905 <https://github.com/freifunk-gluon/gluon/issues/905>`_)
The fix also solved the long-standing issue of Ethernet-only nodes (i.e. no
WLAN or VPN mesh) not booting up correctly without an Ethernet mesh link.
* Some fixes in the WLAN stack of LEDE have improved the stability of the ath9k
driver (`#605 <https://github.com/freifunk-gluon/gluon/issues/605>`_)
Site changes
~~~~~~~~~~~~
site.mk
^^^^^^^
* The *gluon-legacy* package does not exist anymore
* All *gluon-luci-* packages have been renamed to *gluon-web-*;
*gluon-luci-portconfig* is now called *gluon-web-network*
* The *gluon-next-node* package has been merged into the Gluon core and must not
be specified in *site.mk* anymore
site.conf
^^^^^^^^^
* The *fastd_mesh_vpn* configuration section has been restructured to allow
sharing more options with tunneldigger. Instead of
.. code-block:: lua
fastd_mesh_vpn = {
mtu = 1280,
configurable = true,
methods = {'salsa2012+umac'},
groups = { ... },
bandwidth_limit = { ... },
}
the configuration must look like this now:
.. code-block:: lua
mesh_vpn = {
mtu = 1280,
fastd = {
configurable = true,
methods = {'salsa2012+umac'},
groups = { ... },
}
bandwidth_limit = { ... },
}
* The *opkg.openwrt* option has been renamed to *opkg.lede*
i18n
^^^^
* The *escape* function has been removed as it was duplicating the existing
*pcdata* function. All uses of *escape* in i18n templates must be changed to
use *pcdata* instead.
* The *gluon-config-mode:altitude-label* and *gluon-config-mode:altitude-help*
translation IDs have been added to allow adjusting the texts for different
kinds of altitudes that might be expected.
* The optional *gluon-config-mode:novpn* label has been added, which will be
shown in place of *gluon-config-mode:pubkey* when mesh VPN is disabled.
Internals
~~~~~~~~~
* The LuCI base libraries have been replaced by a stripped-down
version called "gluon-web" (`#1007 <https://github.com/freifunk-gluon/gluon/issues/1007>`_)
Custom packages will need to be adjusted; in particular, all uses of *luci.model.uci*
need to be replaced with *simple-uci*. The Gluon documentation explains the most important
changes required to migrate from LuCI to gluon-web.
* respondd now listens on ``ff05::2:1001`` in addition to ``ff02::2:1001`` for mesh-wide
operation (`#984 <https://github.com/freifunk-gluon/gluon/issues/984>`_)
Eventually, ``ff02::2:1001`` will be available for exchanging information
between neighbouring nodes only; map servers should be moved to ``ff05::2:1001``.
* batman-adv has been updated to version 2017.1
* Directly running make commands in the *lede* directory is supported now. Consequently,
build targets like ``target/linux/clean`` and ``package/NAME/compile`` can't be used
in the Gluon repository root anymore.
The command ``make config`` will set up the LEDE *.config* in the way a normal
Gluon build would, so it's possible to build individual packages for testing
and development afterwards.
* Target definitions have been migrated from a Make-based format to a simpler
shell-based DSL
* Gluon does not pass any custom variables into the LEDE build anymore, so things
like *GLUONDIR*, *GLUON_VERSION*, or *GLUON_SITEDIR* aren't available
to package Makefiles in Gluon 2017.1.
Instead of ``$(GLUONDIR)/package.mk``, ``$(TOPDIR)/../package/gluon.mk`` must
be included in custom packages now.
Known issues
~~~~~~~~~~~~
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promicious mode is disallowed).
* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.

402
docs/releases/v2018.1.rst Normal file
View File

@ -0,0 +1,402 @@
Gluon 2018.1
############
Important notes
***************
This version changes the flash partition layout on some devices (TP-Link CPE/WBS 210/510). To avoid
upgrade failures, make sure to upgrade to Gluon 2017.1.8 or the latest Gluon 2016.2.x (unreleased)
before installing Gluon 2018.1.
Some of the following paragraphs describe so-called "feature flags". This new concept is
explained in :ref:`user-site-feature-flags`.
Added hardware support
**********************
ar71xx-generic
==============
* ALFA NETWORK
- AP121F
* AVM
- FRITZ!Box 4020
* OpenMesh
- A40
- A60
- OM2P v4
- OM2P-HS v4
* TP-Link
- Archer C59 v1 [#noibss]_
- CPE210 v2
ar71xx-nand
===========
* ZyXEL
- NBG6716
ar71xx-tiny
===========
* TP-Link
- TL-WA901ND v5
ipq806x [#newtarget]_ [#noibss]_
================================
* TP-Link
- Archer C2600
ramips-mt7620 [#newtarget]_ [#noibss]_
======================================
* GL Innovations
- GL-MT300A
- GL-MT300N
- GL-MT750
ramips-mt7628 [#newtarget]_ [#noibss]_
======================================
* VoCore
- VoCore 2
ramips-rt305x [#newtarget]_ [#noibss]_
======================================
* A5
- V11
* D-Link
- DIR615 (D1, D2, D3, D4, H1)
* VoCore
- VoCore (8MB, 16MB)
sunxi [#newtarget]_
===================
* LeMaker/SinoVoip
- Banana Pi (M1)
.. [#newtarget]
New target
.. [#noibss]
Device or target does not support AP+IBSS mode: This device or target will not be built
when *GLUON_WLAN_MESH* is set to ``ibss``.
New features
************
Multidomain support
===================
When mesh networks grow too large, it becomes necessary to split them into
multiple independent mesh domains to allow the meshes to work with reasonable
performance. Formerly, the only way to achieve this with Gluon was to build
a separate set of firmware images for each domain.
With Gluon 2018.1, multidomain firmwares can be used to achieve the same,
using only a single site configuration that is basis for several different
domain-specific configurations. The feature is explained in detail in
:doc:`../features/multidomain`.
Wired mesh encapsulation
========================
Gluon now supports encapsulating wired mesh traffic (Mesh on LAN/WAN) in
`VXLAN <https://en.wikipedia.org/wiki/Virtual_Extensible_LAN>`_.
See :doc:`../features/wired-mesh` for details on this feature.
Router advertisement filtering
==============================
Similar to the builtin batman-adv gateway feature for IPv4, the *gluon-radv-filterd* package
(*radv-filterd* feature flag) allows to filter IPv6 router advertisements received from the mesh
so that only the RAs with the best routing metric (TQ) reach the clients, ensuring that
the "best" (topologically closest) gateway is chosen as the IPv6 default route, thereby
reducing gateway crosstalk.
At the moment, this feature only filters RAs forwarded to clients; the RAs handled on
the nodes themselves will be unfiltered, so the nodes will still use arbitrary default
gateways.
IGMP/MLD segmentation
=====================
The IGMP/MLD segmentation feature previously provided by the *gluon-ebtables-segment-mld*
package has been extended and moved into the Gluon core; it does not exist as a separate package
anymore.
Filtering IGMP/MLD queries directed towards the mesh ensures that each node becomes the multicast querier
for its own clients (unless there are other multicast-aware switches connected to the node), rather
than electing a single, basically arbitrary node in the mesh to become the querier. Overall,
this should significantly improve the reliablity of multicast in the mesh. This is especially
important for IPv6, as the IPv6 Neighbour Discovery Protocol (NDP) is based on local multicast.
See also the documentation of the :ref:`site.conf mesh section <user-site-mesh>`.
gluon-ebtables-limit-arp
========================
The *gluon-ebtables-limit-arp* (*ebtables-limit-arp* feature flag) package adds filters to limit the
rate of ARP requests client devices are allowed to send into the mesh.
Certain client applications are known to generate a significant amount of such ARP requests and
are reportedly becoming more and more common. Without this package, such clients are one
known cause for mesh wide load and congestion problems (see also the :ref:`releases-v2018.1-known-issues`
section below).
Because of this package's implementation, which relies on frequent dynamic updates
- something ebtables does not perform well at - it is not included by default, as it can
cause unnecessary load. Feedback, especially with a close look on load and congestion on
nodes with a large number of changing client devices, is very much welcome. Depending on the
feedback, we might enable this feature by default in a future release.
Public key in respondd data (optional)
======================================
If desired, the fastd public key of a node can be included in the respondd nodeinfo data,
faciliating the correlations of VPN peers and nodes. As the VPN key is transmitted unencrypted
in the fastd handshake, this would theoretically allow an ISP to determine which nodes
are operated behind which internet line. Therefore, this feature must be enabled explicitly
by setting *mesh_vpn.pubkey_privacy* to ``false`` in *site.conf*.
B.A.T.M.A.N. V (experimental)
=============================
When using batman-adv compat 15, it is now possible to switch to the new routing
algorithm B.A.T.M.A.N. V (while the old algorithm is called B.A.T.M.A.N. IV) by
setting *mesh.batman_adv.routing_algo* to ``"BATMAN_V"``. Note that the new routing
algorithm is not backwards-compatible, so nodes using different algorithms can
not interoperate.
.. _releases-v2018.1-site-changes:
Site changes
************
site.mk
=======
* Due to improved package dependency handling, the packages
*gluon-config-mode-core* and *gluon-setup-mode* do not need
to be listed explicitly in *site.mk* anymore; they will be
pulled in implicitly.
* Including the *ebtables-limit-arp* feature flag is recommended. Please note
the abovementioned caveats on this feature.
* We recommend to use *GLUON_FEATURES* for all Gluon packages, and rely on
*GLUON_SITE_PACKAGES* for non-Gluon (OpenWrt) packages only, as explained
in :ref:`user-site-feature-flags`.
site.conf
=========
When updating a site configuration from Gluon 2017.1.x, the following changes
must be made:
* .. code-block:: lua
domain_seed = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx',
These 32 bytes of random data (encoded in hexadecimal) are used to seed a number
of site/domain specific random values that must be the same on all nodes of the
same mesh, but different for different meshes. The following command
can be used to generate such a random value:
.. code-block:: shell
echo $(hexdump -v -n 32 -e '1/1 "%02x"' </dev/urandom)
In multidomain setups, repeat this command for each domain.
At this time, only the VXLAN ID for wired meshing is derived from the domain seed.
* .. code-block:: lua
mesh = {
vxlan = true, -- or false
-- ...
},
In single domain setups, the new *mesh.vxlan* option is mandatory. It should be set to *true* in new
meshes; existing setups should set it to *false* to retain compatibility with older versions of Gluon.
In multidomain setups, *mesh.vxlan* defaults to *true* and does not need to be set explicitly.
It can still be set to *false* for individual domains that should allow wired meshing with existing
setups, which is also useful for migrating an existing mesh to a multidomain-capable firmware.
* Password change form
The password change form in the "Advanced settings" is not shown by default anymore, as SSH keys are
the recommended means of authentication. It is still possible to set a password via SSH while in
config mode.
Set
.. code-block:: lua
config_mode = {
remote_login = {
show_password_form = true,
-- ...
},
-- ...
},
to restore the old behaviour.
When shown, the password form requires a minimum password length of 12 characters now. This requirement
can be modified using the *config_mode.remote_login.min_password_length* setting.
* Next-node hostnames
The builtin DNS resolver of Gluon can be configured to resolve a next-node hostname to the
next-node IP address without querying an upstream DNS server. Since Gluon v2018.1, multiple
names can be specified. Old configurations setting *next_node.name* to a string must be
updated to provide an array of strings instead:
.. code-block:: lua
next_node = {
name = { 'nextnode.location.community.example.org' },
-- ...
},
i18n
====
It is now possible to override a few labels and descriptions in the configuration
wizard. The available message IDs are listed in :ref:`site-config-mode-texts`.
These new i18n strings are optional; leaving them empty or unset will retain the
default texts.
Internals
*********
Status page rewrite
===================
The status page has been rewritten to simplify the code and reduce its size. Rather than
having a static frontend and retrieving all information via JavaScript, all static information
in the status page is now generated on the node, and JavaScript is only used for dynamic data.
Many status page API endpoints have been removed; for all remaining endpoints, CORS
(Cross-Origin Resource Sharing) has been disabled, as it led to a privacy issues:
malicious websites could access the API via cross-site scripting, determining which
node a user was connected to.
The removal of CORS breaks compatibility with the node switching feature of the
old status page implementation: In the new status page, switching to another node will
reload the whole status page from the target node, while the old implementation would
only switch to another backend host. While this will facilitate future updates, as
frontend and backend always come from the same node and no stable API needs to be maintained,
it prevents switching from the old status page to nodes running the new version.
To achieve all this, the status page was ported to the gluon-web framework. The new status page
also makes use of Gluon's usual i18n facilities now. In addition, the gluon-web-model
package was split out of the gluon-web core package, as model support is only required
for config mode packages, but not for the new status page.
i18n namespaces
===============
In earlier version of Gluon, all gluon-web (formerly LuCI) packages shared the same i18n namespace,
so independent packages could override each others translations (with an arbitrary translation of
the same string "winning"). This issue has been solved by giving each package its own translation
namespace, which is defined by the *package* directive in a package's controller. It is still
possible to access a different i18n namespace (e.g. gluon-web base or site translations), which is
described in :doc:`../dev/web/i18n`.
Package Makefile cleanup
========================
The Makefiles of the individual Gluon packages have been cleaned up significantly by moving a
lot of boilerplate code to *package/gluon.mk*. The new features of *package/gluon.mk* are
explained in detail in :doc:`../dev/packages`.
Site checker
============
* New JSON/Lua path specification
The old string-based path specifications in site check scripts (e.g. ``'autoupdater.branch'``)
have been replaced with arrays (``{'autoupdater', 'branch'}``). This will implicitly ensure that
*autoupdater* is a table when it exists (simplifying checks for deep structures), and it makes it easier
to specify paths with variable components (by referencing a variable as an array element).
* Alternatives
The site check library has gained support for *alternatives*. It is now possible to check
if a configuration satisfies one of multiple checks:
.. code-block:: lua
-- foo can be a boolean or a string!
alternatives(function()
need_boolean({'foo'})
end, function()
need_string({'foo'})
end)
As many branches (functions) as necessary can be passed to a single *alternatives* call, which will succeed when
at least one of the branches succeeds.
batman-adv multicast optimizations
==================================
After various extra rounds of testing and fixes, the batman-adv (compat 15) multicast optimizations were
reenabled: knowledge about potential multicast listeners is gathered and distributed through the mesh again.
This is the next step towards the addition of the actual multicast distribution optimizations, which are
being prepared in `#1357 <https://github.com/freifunk-gluon/gluon/pull/1357>`_. When finished, the optimizations
will help reduce the remaining Layer-2-specific network overhead, e.g. multicasted ICMPv6 messages.
No behaviour changes are expected yet, as the multicast sender side is still disabled.
Once the majority of the mesh network has been updated to Gluon 2018.1, it can be activated on
dedicated nodes by including `#1357 <https://github.com/freifunk-gluon/gluon/pull/1357>`_ in the firmware
build. Test feedback is very welcome.
.. _releases-v2018.1-known-issues:
Known issues
************
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promicious mode is disallowed).
* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
* Frequent reboots due to out-of-memory or high load due to memory pressure on weak hardware specially in larger meshes
(`#1243 <https://github.com/freifunk-gluon/gluon/issues/1243>`_)
Optimizations in Gluon 2018.1 have significantly improved memory usage.
There are still known bugs leading to unreasonably high load that we hope to
solve in future releases.

63
docs/site-example/i18n/de.po
View File

@ -12,33 +12,76 @@ msgstr ""
msgid "gluon-config-mode:welcome"
msgstr ""
"Willkommen zum Einrichtungsassistenten für deinen neuen Entenhausener "
"Willkommen zum Einrichtungsassistenten für deinen neuen Alpha Centauri "
"Freifunk-Knoten. Fülle das folgende Formular deinen Vorstellungen "
"entsprechend aus und sende es ab."
msgid "gluon-config-mode:domain"
msgstr "Domäne"
msgid "gluon-config-mode:domain-select"
msgstr ""
"Hier hast du die Möglichkeit, die Mesh-Domäne, in der sich dein Knoten "
"befindet, auszuwählen. Bitte denke daran, dass sich dein Knoten nur mit den "
"Knoten der ausgewählten Domäne verbinden kann."
msgid "gluon-config-mode:pubkey"
msgstr ""
"<p>Dies ist der öffentliche Schlüssel deines Freifunk-Knotens. Erst nachdem "
"er auf den Servern des Entenhausener Freifunk-Projektes eingetragen wurde, "
"kann sich dein Knoten mit dem Entenhausener Mesh-VPN verbinden. Bitte "
"er auf den Servern des Freifunk-Projektes auf Alpha Centauri eingetragen wurde, "
"kann sich dein Knoten mit dem Mesh-VPN dort verbinden. Bitte "
"schicke dazu diesen Schlüssel und den Namen deines Knotens "
"(<em><%=hostname%></em>) an "
"<a href=\"mailto:keys@entenhausen.freifunk.net\">keys@entenhausen.freifunk.net</a>."
"(<em><%=pcdata(hostname)%></em>) an "
"<a href=\"mailto:keys@alpha-centauri.freifunk.net?subject=<%= urlencode('Anmeldung: ' .. hostname) %>&amp;"
"body=<%= urlencode('# ' .. hostname .. '\n' .. pubkey) %>\">keys@alpha-centauri.freifunk.net</a>."
"</p>"
"<div class=\"the-key\">"
" # <%= hostname %>"
" # <%= pcdata(hostname) %>"
" <br />"
"<%= pubkey %>"
"</div>"
msgid "gluon-config-mode:novpn"
msgstr ""
"<p>Du hast ausgewählt, <strong>kein Mesh-VPN</strong> "
"zu nutzen. Dein Knoten kann also nur dann eine Verbindung zum Freifunk-Netz "
"aufbauen, wenn andere Freifunk-Router in WLAN-Reichweite sind."
"</p>"
msgid "gluon-config-mode:reboot"
msgstr ""
"<p>Dein Knoten startet gerade neu und wird anschließend versuchen, "
"sich mit anderen Freifunkknoten in seiner Nähe zu "
"<p>Dein Knoten <em><%= pcdata(hostname) %></em> startet gerade neu und wird "
"anschließend versuchen, sich mit anderen Freifunkknoten in seiner Nähe zu "
"verbinden. Weitere Informationen zur "
"Entenhausener Freifunk-Community findest du auf "
"<a href=\"https://entenhausen.freifunk.net/\">unserer Webseite</a>.</p>"
"Alpha Centauri Freifunk-Community findest du auf "
"<a href=\"https://alpha-centauri.freifunk.net/\">unserer Webseite</a>.</p>"
"<p>Um zu dieser Konfigurationsseite zurückzugelangen, drücke im normalen "
"Betrieb für drei Sekunden den Reset-Button. Das Gerät wird dann im Config "
"Mode neustarten.</p>"
"<p>Viel Spaß mit deinem Knoten und der Erkundung von Freifunk!</p>"
msgid "gluon-config-mode:altitude-label"
msgstr "Höhe"
msgid "gluon-config-mode:altitude-help"
msgstr ""
"Die Höhenangabe ist optional und sollte nur gesetzt werden, wenn ein "
"exakter Wert bekannt ist."
# Leave empty to use the default text, which can be found in:
# package/gluon-config-mode-hostname/i18n/
msgid "gluon-config-mode:hostname-help"
msgstr ""
# Leave empty to use the default text, which can be found in:
# package/gluon-config-mode-geo-location/i18n/
msgid "gluon-config-mode:geo-location-help"
msgstr ""
# Leave empty to use the default text, which can be found in:
# package/gluon-config-mode-contact-info/i18n/
msgid "gluon-config-mode:contact-help"
msgstr ""
msgid "gluon-config-mode:contact-note"
msgstr ""

60
docs/site-example/i18n/en.po
View File

@ -12,31 +12,71 @@ msgstr ""
msgid "gluon-config-mode:welcome"
msgstr ""
"Welcome to the setup wizard of your new Freifunk Duckburg node. "
"Welcome to the setup wizard of your new Freifunk Alpha Centauri node. "
"Please fill out the following form and submit it."
msgid "gluon-config-mode:domain"
msgstr "Domain"
msgid "gluon-config-mode:domain-select"
msgstr ""
"Here you have the possibility of selecting the mesh domain in which your node "
"is placed. Please keep in mind that your router only connects with the nodes "
"of the selected domain"
msgid "gluon-config-mode:pubkey"
msgstr ""
"<p>This is your Freifunk node's public key. The node won't be able to "
"connect to the mesh VPN until the key has been registered on the Freifunk "
"Duckburg servers. "
"To register, send the key together with your node's name (<em><%=hostname%></em>) to "
"<a href=\"mailto:keys@entenhausen.freifunk.net\">keys@entenhausen.freifunk.net</a>."
"connect to the mesh VPN until the key has been registered on the Freifunk servers. "
"To register, send the key together with your node's name (<em><%=pcdata(hostname)%></em>) to "
"<a href=\"mailto:keys@alpha-centauri.freifunk.net?subject=<%= urlencode('Registration: ' .. hostname) %>&amp;"
"body=<%= urlencode('# ' .. hostname .. '\n' .. pubkey) %>\">keys@alpha-centauri.freifunk.net</a>."
"</p>"
"<div class=\"the-key\">"
" # <%= hostname %>"
" # <%= pcdata(hostname) %>"
" <br />"
"<%= pubkey %>"
"</div>"
msgid "gluon-config-mode:novpn"
msgstr ""
"<p>You have selected <strong>not</strong> to use the mesh VPN. "
"Your node will only be able to connect to the Freifunk network if other nodes in reach "
"already have a connection.</p>"
msgid "gluon-config-mode:reboot"
msgstr ""
"<p>The node is currently rebooting and will try to connect to other "
"nearby Freifunk nodes after that. "
"For more information on the Freifunk Duckburg community, have a look at "
"<a href=\"https://entenhausen.freifunk.net/\">our homepage</a>.</p>"
"<p>Your node <em><%= pcdata(hostname) %></em> is currently rebooting and will "
"try to connect to other nearby Freifunk nodes after that. For more "
"information about the Freifunk community on Alpha Centauri, have a look at "
"<a href=\"https://alpha-centauri.freifunk.net/\">our homepage</a>.</p>"
"<p>To get back to this configuration interface, press the reset button for "
"3 seconds during normal operation. The device will then reboot into config "
"mode.</p>"
"<p>Have fun with your node and exploring of the Freifunk network!</p>"
msgid "gluon-config-mode:altitude-label"
msgstr "Altitude"
msgid "gluon-config-mode:altitude-help"
msgstr ""
"Specifying the altitude is optional and should only be done if a proper "
"value is known."
# Leave empty to use the default text, which can be found in:
# package/gluon-config-mode-hostname/i18n/
msgid "gluon-config-mode:hostname-help"
msgstr ""
# Leave empty to use the default text, which can be found in:
# package/gluon-config-mode-geo-location/i18n/
msgid "gluon-config-mode:geo-location-help"
msgstr ""
# Leave empty to use the default text, which can be found in:
# package/gluon-config-mode-contact-info/i18n/
msgid "gluon-config-mode:contact-help"
msgstr ""
msgid "gluon-config-mode:contact-note"
msgstr ""

51
docs/site-example/i18n/fr.po
View File

@ -16,28 +16,67 @@ msgstr ""
"Freifunk. Remplissez le formulaire suivant en fonction de vos besoins "
"et enregistrez le"
msgid "gluon-config-mode:domain"
msgstr "Domaine"
msgid "gluon-config-mode:domain-select"
msgstr ""
msgid "gluon-config-mode:pubkey"
msgstr ""
"<p>Ceci est la clé publique de votre nœud Freifunk. Seulment après que la clé soit "
"entrée sur les serveurs de votre groupe de Freifunk votre nœud pourra se connecter "
"sur les serveur Mesh-VPN de votre groupe Freifunk. Veuillez envoyer la clé avec le "
"nom de votre nœud "
"(<em><%=hostname%></em>) à "
"<a href=\"mailto:keys@entenhausen.freifunk.net\">keys@entenhausen.freifunk.net</a>."
"(<em><%=pcdata(hostname)%></em>) à "
"<a href=\"mailto:keys@alpha-centauri.freifunk.net?subject=<%= urlencode('Enregistrement: ' .. hostname) %>&amp;"
"body=<%= urlencode('# ' .. hostname .. '\n' .. pubkey) %>\">keys@alpha-centauri.freifunk.net</a>."
"</p>"
"<div class=\"the-key\">"
" # <%= hostname %>"
" # <%= pcdata(hostname) %>"
" <br />"
"<%= pubkey %>"
"</div>"
msgid "gluon-config-mode:novpn"
msgstr ""
"<p>Vous avez choisi de <strong>ne pas utiliser</strong> "
"le réseau VPN. Votre nœud ne pourra se connecter au réseau Freifunk que si "
"d'autres nœuds à portée ont déjà une connexion.</p>"
msgid "gluon-config-mode:reboot"
msgstr ""
"<p>Votre nœud es en train de redémarrer et va ensuite éssayer de se connecter "
"avec les autres nœuds du réseau Freifunk "
"<p>Votre nœud <em><%= pcdata(hostname) %></em> es en train de redémarrer et "
"va ensuite éssayer de se connecter avec les autres nœuds du réseau Freifunk "
"Vous pourrez trouver plus d'informations sur votre groupe Freifunk sur la page "
"<a href=\"https://entenhausen.freifunk.net/\"> de ton groupe </a>.</p> "
"<a href=\"https://alpha-centauri.freifunk.net/\"> de ton groupe </a>.</p> "
"<p> Pour retrouver cette page de configuration veuillier appuyez pendant le "
"fonctionement normal pendant 3 Secondes sur le bouton reset. L'appareil va ensuite "
"redémarer en mode configuration.</p> "
"<p>Profitez votre de nœud et amusez vous à découvrir le réseau Freifunk!</p>"
msgid "gluon-config-mode:altitude-label"
msgstr "Hauteur"
msgid "gluon-config-mode:altitude-help"
msgstr ""
"La altitude est optionelle et ne devrait que être ajoutée si la valeur "
"exacte est connue."
# Leave empty to use the default text, which can be found in:
# package/gluon-config-mode-hostname/i18n/
msgid "gluon-config-mode:hostname-help"
msgstr ""
# Leave empty to use the default text, which can be found in:
# package/gluon-config-mode-geo-location/i18n/
msgid "gluon-config-mode:geo-location-help"
msgstr ""
# Leave empty to use the default text, which can be found in:
# package/gluon-config-mode-contact-info/i18n/
msgid "gluon-config-mode:contact-help"
msgstr ""
msgid "gluon-config-mode:contact-note"
msgstr ""

27
docs/site-example/i18n/gluon-site.pot
View File

@ -4,8 +4,35 @@ msgstr "Content-Type: text/plain; charset=UTF-8"
msgid "gluon-config-mode:welcome"
msgstr ""
msgid "gluon-config-mode:domain"
msgstr ""
msgid "gluon-config-mode:domain-select"
msgstr ""
msgid "gluon-config-mode:pubkey"
msgstr ""
msgid "gluon-config-mode:novpn"
msgstr ""
msgid "gluon-config-mode:reboot"
msgstr ""
msgid "gluon-config-mode:altitude-label"
msgstr ""
msgid "gluon-config-mode:altitude-help"
msgstr ""
msgid "gluon-config-mode:contact-help"
msgstr ""
msgid "gluon-config-mode:contact-note"
msgstr ""
msgid "gluon-config-mode:hostname-help"
msgstr ""
msgid "gluon-config-mode:geo-location-help"
msgstr ""

78
docs/site-example/site.conf
View File

@ -1,21 +1,28 @@
-- This is an example site configuration for Gluon v2016.1+
-- This is an example site configuration for Gluon v2018.1
--
-- Take a look at the documentation located at
-- http://gluon.readthedocs.org/ for details.
--
-- This configuration will not work as it. You're required to make
-- This configuration will not work as is. You're required to make
-- community specific changes to it!
{
-- Used for generated hostnames, e.g. freifunk-abcdef123456. (optional)
-- hostname_prefix = 'freifunk-',
-- Name of the community.
site_name = 'Freifunk Entenhausen',
site_name = 'Freifunk Alpha Centauri',
-- Shorthand of the community.
site_code = 'ffxx',
-- Prefixes used within the mesh. Both are required.
-- 32 bytes of random data, encoded in hexadecimal
-- This data must be unique among all sites and domains!
-- Can be generated using: echo $(hexdump -v -n 32 -e '1/1 "%02x"' </dev/urandom)
domain_seed = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx',
-- Prefixes used within the mesh.
-- prefix6 is required, prefix4 can be omitted if next_node.ip4
-- is not set.
prefix4 = '10.xxx.0.0/20',
prefix6 = 'fdxx:xxxx:xxxx::/64',
@ -35,17 +42,25 @@
-- Wireless channel.
channel = 1,
-- List of supported wifi rates (optional)
-- Example removes 802.11b compatibility for better performance
supported_rates = {6000, 9000, 12000, 18000, 24000, 36000, 48000, 54000},
-- List of basic wifi rates (optional, required if supported_rates is set)
-- Example removes 802.11b compatibility for better performance
basic_rate = {6000, 9000, 18000, 36000, 54000},
-- ESSID used for client network.
ap = {
ssid = 'entenhausen.freifunk.net',
-- disabled = true, (optional)
ssid = 'alpha-centauri.freifunk.net',
-- disabled = true, -- (optional)
},
mesh = {
-- Adjust these values!
id = 'ffxx-mesh',
id = 'ueH3uXjdp', -- usually you don't want users to connect to this mesh-SSID, so use a cryptic id that no one will accidentally mistake for the client WiFi
mcast_rate = 12000,
-- disabled = true, (optional)
-- disabled = true, -- (optional)
},
},
@ -55,23 +70,26 @@
wifi5 = {
channel = 44,
ap = {
ssid = 'entenhausen.freifunk.net',
ssid = 'alpha-centauri.freifunk.net',
},
mesh = {
id = 'ffxx-mesh',
-- Adjust these values!
id = 'ueH3uXjdp',
mcast_rate = 12000,
},
},
mesh = {
vxlan = true,
},
-- The next node feature allows clients to always reach the node it is
-- connected to using a known IP address.
next_node = {
-- anycast IPs of all nodes
-- name = { 'nextnode.location.community.example.org', 'nextnode', 'nn' },
ip4 = '10.xxx.0.xxx',
ip6 = 'fdxx:xxxx:xxxx::xxxx',
-- anycast MAC of all nodes
mac = 'xe:xx:xx:xx:xx:xx',
},
-- Options specific to routing protocols (optional)
@ -85,15 +103,19 @@
-- },
-- },
mesh_vpn = {
-- enabled = true,
mtu = 1312,
fastd = {
-- Refer to http://fastd.readthedocs.org/en/latest/ to better understand
-- what these options do.
fastd_mesh_vpn = {
-- List of crypto-methods to use.
methods = {'salsa2012+umac'},
-- enabled = true,
-- configurable = true,
-- syslog_level = 'warn',
mtu = 1280,
groups = {
backbone = {
-- Limit number of connected peers to reduce bandwidth.
@ -127,6 +149,7 @@
-- ...
-- },
},
},
bandwidth_limit = {
-- The bandwidth limit can be enabled by default here.
@ -167,27 +190,4 @@
},
},
},
-- Node roles
-- roles = {
-- default = 'node',
-- list = {
-- 'node',
-- 'test',
-- 'backbone',
-- 'service',
-- },
-- },
-- Skip setup mode (config mode) on first boot
-- setup_mode = {
-- skip = true,
-- },
-- Show/hide the altitude field
-- config_mode = {
-- geo_location = {
-- show_altitude = false,
-- },
-- },
}

57
docs/site-example/site.mk
View File

@ -1,34 +1,30 @@
## gluon site.mk makefile example
## GLUON_SITE_PACKAGES
# specify gluon/openwrt packages to include here
# The gluon-mesh-batman-adv-* package must come first because of the dependency resolution
## GLUON_FEATURES
# Specify Gluon features/packages to enable;
# Gluon will automatically enable a set of packages
# depending on the combination of features listed
GLUON_SITE_PACKAGES := \
gluon-mesh-batman-adv-15 \
gluon-alfred \
gluon-respondd \
gluon-autoupdater \
gluon-config-mode-autoupdater \
gluon-config-mode-contact-info \
gluon-config-mode-core \
gluon-config-mode-geo-location \
gluon-config-mode-hostname \
gluon-config-mode-mesh-vpn \
gluon-ebtables-filter-multicast \
gluon-ebtables-filter-ra-dhcp \
gluon-luci-admin \
gluon-luci-autoupdater \
gluon-luci-portconfig \
gluon-luci-wifi-config \
gluon-next-node \
gluon-mesh-vpn-fastd \
gluon-radvd \
gluon-setup-mode \
gluon-status-page \
haveged \
iptables \
iwinfo
GLUON_FEATURES := \
autoupdater \
ebtables-filter-multicast \
ebtables-filter-ra-dhcp \
ebtables-limit-arp \
mesh-batman-adv-15 \
mesh-vpn-fastd \
radvd \
respondd \
status-page \
web-advanced \
web-wizard
## GLUON_SITE_PACKAGES
# Specify additional Gluon/LEDE packages to include here;
# A minus sign may be prepended to remove a packages from the
# selection that would be enabled by default or due to the
# chosen feature flags
GLUON_SITE_PACKAGES := haveged iwinfo
## DEFAULT_GLUON_RELEASE
# version string to use for images
@ -38,6 +34,7 @@ GLUON_SITE_PACKAGES := \
DEFAULT_GLUON_RELEASE := 0.6+exp$(shell date '+%Y%m%d')
# Variables set with ?= can be overwritten from the command line
## GLUON_RELEASE
# call make with custom GLUON_RELEASE flag, to use your own release version scheme.
@ -46,11 +43,13 @@ DEFAULT_GLUON_RELEASE := 0.6+exp$(shell date '+%Y%m%d')
# would generate images named like this:
# gluon-ff%site_code%-23.42+5-%router_model%.bin
# Allow overriding the release number from the command line
GLUON_RELEASE ?= $(DEFAULT_GLUON_RELEASE)
# Default priority for updates.
GLUON_PRIORITY ?= 0
# Region code required for some images; supported values: us eu
GLUON_REGION ?= eu
# Languages to include
GLUON_LANGS ?= en de

82
docs/user/faq.rst
View File

@ -15,3 +15,85 @@ interface. This DNS server must be announced in router advertisements (using
on *batman-adv*. If your mesh does not have global IPv6 connectivity, you can setup
your *radvd* not to announce a default route by setting the *default lifetime* to 0;
in this case, the *radvd* is only used to announce the DNS server.
.. _faq-mtu:
What is a good MTU on the mesh-vpn
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Setting the MTU on the transport interface requires careful consideration, as
setting it too low will cause excessive fragmentation and setting it too high
may leave peers with a broken tunnel due to packet loss.
Consider these key values:
- Payload: Allow for the transport of IPv6 packets, by adhering to the minimum MTU
of 1280 Byte specified in RFC 2460
- and configure `MSS clamping`_ accordingly,
- and announce your link MTU via Router Advertisments and DHCP
.. _MSS clamping: http://www.tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.cookbook.mtu-mss.html
- Encapsulation: Account for the overhead created by the configured mesh protocol
encapsulating the payload, which is
- up to 32 Byte (14 Byte Ethernet + 18 Byte batadv) for batman-adv compat v15 (v2014.0 and later)
- up to 28 Byte (14 Byte Ethernet + 14 Byte batadv) for batman-adv compat v14 (v2011.3.0 until and including v2013.4.0)
- PMTU: What MTU does the path between your gateway and each of its peers support?
For reference, the complete MTU stack looks like this:
.. image:: mtu-diagram_v5.png
Minimum MTU
-----------
Calculcate the minimum transport MTU by adding the encapsulation overhead to the
minimum payload MTU required. This is the lowest recommended value, since going
lower would cause unnecessary fragmentation for clients which respect the announced
link MTU.
Example: Our network currently uses batman-adv v15, it therefore requires up
to 32 Bytes of encapsulation overhead on top of the minimal link MTU required for
transporting IPv6.::
\ 1312 1294 1280 0
\---------+-----------------+-------------+----------------------------------+
\TAP | batadv v15 | Ethernet | Payload |
\-------+-----------------+-------------+----------------------------------+
\ ^
|
MTU_LOW = 1280 Byte + 14 Byte + 18 Byte = 1312 Byte
Maximum MTU
-----------
Calculating the maximum transport MTU is interesting, because it increases the
throughput, by allowing larger payloads to be transported, but also more difficult
as you have to take into account the tunneling overhead and each peers PMTU, which
varies between providers.
The underlying reasons are mostly PPPoE, Tunneling and IPv6 transition technologies
like DS-Lite.
Example: The peer with the smallest MTU on your network is behind DS-Lite and can
transport IPv4 packets up to 1436 Bytes in size. Your tunnel uses IPv4 (20 Byte),
UDP (8 Byte), Fastd (24 byte) and you require TAP (14 Byte) for Layer 2 (Ethernet)
Tunneling.::
1436 1416 1408 1384 1370 \
+-------------------+--------+-----------------------+-------------+------\
| IP | UDP | Fastd | TAP | bat\
+-------------------+--------+-----------------------+-------------+--------\
^ \
|
MTU_HIGH = 1436 Byte - 20 Byte - 8 Byte - 24 Byte - 14 Byte = 1370 Byte
Conclusion
----------
Determining the maximum MTU can be a tedious process, especially since the PMTU
of peers could change at any time. The general recommendation for maximized
compatibility is therefore the minimum MTU of 1312 Byte, which works well with
all combinations of IPv4, IPv6, batman-adv compat v14 and v15.

108
docs/user/getting_started.rst
View File

@ -8,7 +8,7 @@ Gluon's releases are managed using `Git tags`_. If you are just getting
started with Gluon we recommend to use the latest stable release of Gluon.
Take a look at the `list of gluon releases`_ and notice the latest release,
e.g. *v2016.1.5*. Always get Gluon using git and don't try to download it
e.g. *v2018.1*. Always get Gluon using git and don't try to download it
as a Zip archive as the archive will be missing version information.
Please keep in mind that there is no "default Gluon" build; a site configuration
@ -36,13 +36,14 @@ freshly installed Debian Wheezy system the following packages are required:
* `libncurses-dev` (actually `libncurses5-dev`)
* `libz-dev` (actually `zlib1g-dev`)
* `libssl-dev`
* `wget`
Building the images
-------------------
To build Gluon, first check out the repository. Replace *RELEASE* with the
version you'd like to checkout, e.g. *v2016.1.5*.
version you'd like to checkout, e.g. *v2018.1*.
::
@ -58,7 +59,7 @@ Now, enter the freshly created directory::
It's time to add (or create) your site configuration. If you already
have a site repository, just clone it::
git clone https://github.com/freifunk-duckburg/site-ffdb.git site
git clone https://github.com/freifunk-alpha-centauri/site-ffac.git site
If you want to build a new site, create a new git repository *site/*::
@ -84,17 +85,16 @@ Next go back to the top-level Gluon directory and build Gluon::
make update # Get other repositories used by Gluon
make GLUON_TARGET=ar71xx-generic # Build Gluon
When calling make, the OpenWrt build environment is prepared/updated.
In case of errors read the messages carefully and try to fix the stated issues (e.g. install tools not available yet).
``ar71xx-generic`` is the most common target and will generate images for most of the supported hardware.
To see a complete list of supported targets, call ``make`` without setting ``GLUON_TARGET``.
You should reserve about 10GB of disk space for each `GLUON_TARGET`.
You should generally reserve 5GB of disk space and additionally about 10GB for each `GLUON_TARGET`.
The built images can be found in the directory `output/images`. Of these, the `factory`
images are to be used when flashing from the original firmware a device came with,
and `sysupgrade` is to upgrade from other versions of Gluon or any other OpenWrt-based
and `sysupgrade` is to upgrade from other versions of Gluon or any other OpenWrt/LEDE-based
system.
**Note:** The images for some models are identical; to save disk space, symlinks are generated instead
@ -110,28 +110,25 @@ There are two levels of `make clean`::
make clean GLUON_TARGET=ar71xx-generic
will ensure all packages are rebuilt for a single target; this is what you normally want to do after an update.
will ensure all packages are rebuilt for a single target. This normally not
necessary, but may fix certain kinds of build failures.
::
make dirclean
will clean the entire tree, so the toolchain will be rebuilt as well, which is
not necessary in most cases, and will take a while.
will clean the entire tree, so the toolchain will be rebuilt as well, which will take a while.
opkg repositories
-----------------
Gluon is mostly compatible with OpenWrt, so the normal OpenWrt package repositories
can be used for Gluon as well. It is advisable to setup a mirror or reverse proxy
reachable over IPv6 and add it to ``site.conf`` as http://downloads.openwrt.org/ does
not support IPv6.
Gluon is mostly compatible with LEDE, so the normal LEDE package repositories
can be used for Gluon as well.
This is not true for kernel modules; the Gluon kernel is incompatible with the
kernel of the default OpenWrt images. Therefore, Gluon will not only generate images,
but also an opkg repository containing all kernel modules provided by OpenWrt/Gluon
for the kernel of the generated images.
kernel of the default LEDE images. Therefore, Gluon will not only generate images,
but also an opkg repository containing all core packages provided by LEDE,
including modules for the kernel of the generated images.
Signing keys
............
@ -139,53 +136,66 @@ Signing keys
Gluon does not support HTTPS for downloading packages; fortunately, opkg deploys
public-key cryptography to ensure package integrity.
The Gluon images will contain two public keys: the official OpenWrt signing key
The Gluon images will contain public keys from two sources: the official LEDE keyring
(to allow installing userspace packages) and a Gluon-specific key (which is used
to sign the generated module repository).
to sign the generated package repository).
By default, Gluon will handle the generation and handling of the keys itself.
LEDE will handle the generation and handling of the keys itself.
When making firmware releases based on Gluon, it might make sense to store
the keypair, so updating the module repository later is possible.
The location the keys are stored at and read from can be changed
(see :ref:`getting-started-environment-variables`). To only generate the keypair
at the configured location without doing a full build, use ``make create-key``.
.. _getting-started-make-variables:
.. _getting-started-environment-variables:
Make variables
--------------
Environment variables
---------------------
Gluon's build process can be controlled by various variables. They can
usually be set on the command line or in ``site.mk``.
Gluon's build process can be controlled by various environment variables.
Common variables
................
GLUON_SITEDIR
Path to the site configuration. Defaults to ``site``.
GLUON_BRANCH
Sets the default branch of the autoupdater. If unset, the autoupdater is disabled
by default. For the ``make manifest`` command, GLUON_BRANCH defines the branch to
generate a manifest for.
GLUON_LANGS
Space-separated list of languages to include for the config mode/advanced settings. Defaults to ``en``.
``en`` should always be included, other supported languages are ``de`` and ``fr``.
GLUON_PRIORITY
Defines the priority of an automatic update in ``make manifest``. See :doc:`../features/autoupdater` for
a detailed description of this value.
GLUON_REGION
Some devices (at the moment the TP-Link Archer C7) contain a region code that restricts
firmware installations. Set GLUON_REGION to ``eu`` or ``us`` to make the resulting
images installable from the respective stock firmwares.
GLUON_RELEASE
Firmware release number: This string is displayed in the config mode, announced
via respondd/alfred and used by the autoupdater to decide if a newer version
is available. The same GLUON_RELEASE has to be passed to ``make`` and ``make manifest``
to generate a correct manifest.
GLUON_TARGET
Target architecture to build.
Special variables
.................
GLUON_BUILDDIR
Working directory during build. Defaults to ``build``.
GLUON_OPKG_KEY
Path key file used to sign the module opkg repository. Defaults to ``$(GLUON_BULDDIR)/gluon-opkg-key``.
GLUON_IMAGEDIR
Path where images will be stored. Defaults to ``$(GLUON_OUTPUTDIR)/images``.
The private key will be stored as ``$(GLUON_OPKG_KEY)``, the public key as ``$(GLUON_OPKG_KEY).pub``.
GLUON_PACKAGEDIR
Path where the opkg package repository will be stored. Defaults to ``$(GLUON_OUTPUTDIR)/packages``.
GLUON_OUTPUTDIR
Path where output files will be stored. Defaults to ``output``.
GLUON_IMAGEDIR
Path where images will be stored. Defaults to ``$(GLUON_OUTPUTDIR)/images``.
GLUON_MODULEDIR
Path where the kernel module opkg repository will be stored. Defaults to ``$(GLUON_OUTPUTDIR)/modules``.
So all in all, to update and rebuild a Gluon build tree, the following commands should be used (repeat the
``make clean`` and ``make`` for all targets you want to build):
::
git pull
(cd site && git pull)
make update
make clean GLUON_TARGET=ar71xx-generic
make GLUON_TARGET=ar71xx-generic
GLUON_SITEDIR
Path to the site configuration. Defaults to ``site``.

BIN
docs/user/mtu-diagram_v5.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 208 KiB

417
docs/user/site.rst
View File

@ -21,12 +21,25 @@ site_code
The code of your community. It is good practice to use the TLD of
your community here.
prefix4
domain_seed
32 bytes of random data, encoded in hexadecimal, used to seed other random
values specific to the mesh domain. It must be the same for all nodes of one
mesh, but should be different for firmwares that are not supposed to mesh with
each other.
The recommended way to generate a value for a new site is:
::
echo $(hexdump -v -n 32 -e '1/1 "%02x"' </dev/urandom)
prefix4 \: optional
The IPv4 Subnet of your community mesh network in CIDR notation, e.g.
::
prefix4 = '10.111.111.0/18'
Required if ``next_node.ip4`` is set.
prefix6
The IPv6 subnet of your community mesh network, e.g.
::
@ -44,7 +57,7 @@ ntp_server
List of NTP servers available in your community or used by your community, e.g.:
::
ntp_servers = {'1.ntp.services.ffeh','2.ntp.services.ffeh'}
ntp_servers = {'1.ntp.services.ffac','2.ntp.services.ffac'}
This NTP servers must be reachable via IPv6 from the nodes. If you don't want to set an IPv6 address
explicitly, but use a hostname (which is recommended), see also the :ref:`FAQ <faq-dns>`.
@ -54,23 +67,27 @@ opkg \: optional
There are two optional fields in the ``opkg`` section:
- ``openwrt`` overrides the default OpenWrt repository URL
- ``lede`` overrides the default LEDE repository URL. The default URL would
correspond to ``http://downloads.lede-project.org/snapshots/packages/%A``
and usually doesn't need to be changed when nodes are expected to have IPv6
internet connectivity.
- ``extra`` specifies a table of additional repositories (with arbitrary keys)
::
opkg = {
openwrt = 'http://opkg.services.ffeh/openwrt/%n/%v/%S/packages',
lede = 'http://opkg.services.ffac/lede/snapshots/packages/%A',
extra = {
modules = 'http://opkg.services.ffeh/modules/gluon-%GS-%GR/%S',
gluon = 'http://opkg.services.ffac/modules/gluon-%GS-%GR/%S',
},
}
There are various patterns which can be used in the URLs:
- ``%n`` is replaced by the OpenWrt version codename (e.g. "chaos_calmer")
- ``%v`` is replaced by the OpenWrt version number (e.g. "15.05")
- ``%S`` is replaced by the target architecture (e.g. "ar71xx/generic")
- ``%n`` is replaced by the LEDE version codename
- ``%v`` is replaced by the LEDE version number (e.g. "17.01")
- ``%S`` is replaced by the target board (e.g. "ar71xx/generic")
- ``%A`` is replaced by the target architecture (e.g. "mips_24kc")
- ``%GS`` is replaced by the Gluon site code (as specified in ``site.conf``)
- ``%GV`` is replaced by the Gluon version
- ``%GR`` is replaced by the Gluon release (as specified in ``site.mk``)
@ -81,13 +98,13 @@ regdom \: optional
regdom = 'DE'
Setting ``regdom`` in mandatory if ``wifi24`` or ``wifi5`` is defined.
Setting ``regdom`` is mandatory if ``wifi24`` or ``wifi5`` is defined.
wifi24 \: optional
WLAN configuration for 2.4 GHz devices.
``channel`` must be set to a valid wireless channel for your radio.
There are currently three interface types available. You many choose to
There are currently three interface types available. You may choose to
configure any subset of them:
- ``ap`` creates a master interface where clients may connect
@ -96,27 +113,39 @@ wifi24 \: optional
Each interface may be disabled by setting ``disabled`` to ``true``.
This will only affect new installations.
Upgrades will not changed the disabled state.
Upgrades will not change the disabled state.
Additionally it is possible to configure the ``supported_rates`` and ``basic_rate``
of each radio. Both are optional, by default hostapd/driver dictate the rates.
If ``supported_rates`` is set, ``basic_rate`` is required, because ``basic_rate``
has to be a subset of ``supported_rates``.
The example below disables 802.11b rates.
``ap`` requires a single parameter, a string, named ``ssid`` which sets the
interface's ESSID.
interface's ESSID. This is the WiFi the clients connect to.
``mesh`` requires a single parameter, a string, named ``id`` which sets the mesh id.
``mesh`` requires a single parameter, a string, named ``id`` which sets the
mesh id, also visible as an open WiFi in some network managers. Usually you
don't want users to connect to this mesh-SSID, so use a cryptic id that no
one will accidentally mistake for the client WiFi.
``ibss`` requires two parametersr: ``ssid`` (a string) and ``bssid`` (a MAC).
An optional parameter ``vlan`` (integer) is supported.
Both ``mesh`` and ``ibss`` accept an optional ``mcast_rate`` (kbit/s) parameter for
setting the default multicast datarate.
setting the multicast bitrate. Increasing the default value of 1000 to something
like 12000 is recommended.
::
wifi24 = {
channel = 11,
supported_rates = {6000, 9000, 12000, 18000, 24000, 36000, 48000, 54000},
basic_rate = {6000, 9000, 18000, 36000, 54000},
ap = {
ssid = 'entenhausen.freifunk.net',
ssid = 'alpha-centauri.freifunk.net',
},
mesh = {
id = 'entenhausen-mesh',
id = 'ueH3uXjdp',
mcast_rate = 12000,
},
ibss = {
@ -134,49 +163,114 @@ next_node \: package
::
next_node = {
name = { 'nextnode.location.community.example.org', 'nextnode', 'nn' },
ip4 = '10.23.42.1',
ip6 = 'fdca:ffee:babe:1::1',
mac = 'ca:ff:ee:ba:be:00'
mac = '16:41:95:40:f7:dc'
}
mesh \: optional
Options specific to routing protocols.
All values of this section are optional. If the IPv4 or IPv6 address is
omitted, there will be no IPv4 or IPv6 anycast address. The MAC address
defaults to ``16:41:95:40:f7:dc``; this value usually doesn't need to be
changed, but it can be adjusted to match existing deployments that use a
different value.
At the moment, only the ``batman_adv`` routing protocol has such options:
When the nodes' next-node address is used as a DNS resolver by clients
(by passing it via DHCP or router advertisements), it may be useful to
allow resolving a next-node hostname without referring to an upstream DNS
server (e.g. to allow reaching the node using such a hostname via HTTP or SSH
in isolated mesh segments). This is possible by providing one or more names
in the ``name`` field.
The optional value ``gw_sel_class`` sets the gateway selection class. The default
class 20 is based on the link quality (TQ) only, class 1 is calculated from
both the TQ and the announced bandwidth.
.. _user-site-mesh:
mesh
Configuration of general mesh functionality.
To avoid inter-mesh links, Gluon can encapsulate the mesh protocol in VXLAN
for Mesh-on-LAN/WAN. It is recommended to set *mesh.vxlan* to ``true`` to
enable VXLAN in new setups. Setting it to ``false`` disables this
encapsulation to allow meshing with other nodes that don't support VXLAN
(Gluon 2017.1.x and older). In multi-domain setups, *mesh.vxlan* is optional
and defaults to ``true``.
Gluon generally segments layer-2 meshes so that each node becomes IGMP/MLD
querier for its own local clients. This is necessary for reliable multicast
snooping. The segmentation is realized by preventing IGMP/MLD queries from
passing through the mesh.
By default, not only queries are filtered, but also membership report and
leave packets, as they add to the background noise of the mesh. As a
consequence, snooping switches outside the mesh that are connected to a
Gluon node need to be configured to forward all multicast traffic towards
the mesh; this is usually not a problem, as such setups are unusual. If
you run a special-purpose mesh that requires membership reports to be
working, this filtering can be disabled by setting the
optional *filter_membership_reports* value to ``false``.
In addition, options specific to the batman-adv routing protocol can be set
in the *batman_adv* section:
The optional value *gw_sel_class* sets the gateway selection class. The
default is class 20, which is based on the link quality (TQ) only; class 1
is calculated from both the TQ and the announced bandwidth.
::
mesh = {
vxlan = true,
filter_membership_reports = false,
batman_adv = {
gw_sel_class = 1,
},
}
fastd_mesh_vpn
Remote server setup for the fastd-based mesh VPN.
mesh_vpn
Remote server setup for the mesh VPN.
The `enabled` option can be set to true to enable the VPN by default.
The `enabled` option can be set to true to enable the VPN by default. `mtu`
defines the MTU of the VPN interface, determining a proper MTU value is described
in the :ref:`FAQ <faq-mtu>`.
By default the public key of a node's VPN daemon is not added to announced respondd
data; this prevents malicious ISPs from correlating VPN sessions with specific mesh
nodes via public respondd data. If this is of no concern in your threat model,
this behaviour can be disabled (and thus announcing the public key be enabled) by
setting `pubkey_privacy` to `false`. At the moment, this option only affects fastd.
The `fastd` section configures settings specific to the *fastd* VPN
implementation.
If `configurable` is set to `false` or unset, the method list will be replaced on updates
with the list from the site configuration. Setting `configurable` to `true` will allow the user to
add the method ``null`` to the beginning of the method list or remove ``null`` from it,
and make this change survive updates. Setting `configurable` is necessary for the
package `gluon-luci-mesh-vpn-fastd`, which adds a UI for this configuration.
package `gluon-web-mesh-vpn-fastd`, which adds a UI for this configuration.
In any case, the ``null`` method should always be the first method in the list
if it is supported at all. You should only set `configurable` to `true` if the
configured peers support both the ``null`` method and methods with encryption.
You can set syslog_level from verbose (default) to warn to reduce syslog output.
The `tunneldigger` section is used to define the *tunneldigger* broker list.
**Note:** It doesn't make sense to include both `fastd` and `tunneldigger`
sections in the same configuration file, as only one of the packages *gluon-mesh-vpn-fastd*
and *gluon-mesh-vpn-tunneldigger* should be installed with the current
implementation.
::
fastd_mesh_vpn = {
methods = {'salsa2012+umac'},
mesh_vpn = {
-- enabled = true,
mtu = 1312,
-- pubkey_privacy = true,
fastd = {
methods = {'salsa2012+umac'},
-- configurable = true,
mtu = 1280,
-- syslog_level = 'warn',
groups = {
backbone = {
-- Limit number of connected peers from this group
@ -186,14 +280,24 @@ fastd_mesh_vpn
key = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX',
-- Having multiple domains prevents SPOF in freifunk.net
remotes = {
'ipv4 "vpn1.entenhausen.freifunk.net" port 10000',
'ipv4 "vpn1.entenhausener-freifunk.de" port 10000',
'ipv4 "vpn1.alpha-centauri.freifunk.net" port 10000',
'ipv4 "vpn1.alpha-centauri-freifunk.de" port 10000',
},
},
peer2 = {
key = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX',
-- You can also omit the ipv4 to allow both connection via ipv4 and ipv6
remotes = {'"vpn2.entenhausen.freifunk.net" port 10000'},
remotes = {'"vpn2.alpha-centauri.freifunk.net" port 10000'},
},
peer3 = {
key = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX',
-- In addition to domains you can also add ip addresses, which provides
-- resilience in case of dns outages
remotes = {
'"vpn3.alpha-centauri.freifunk.net" port 10000',
'[2001:db8::3:1]:10000',
'192.0.2.3:10000',
},
},
},
-- Optional: nested peer groups
@ -210,6 +314,11 @@ fastd_mesh_vpn
-- peers = { ... },
-- },
},
},
tunneldigger = {
brokers = {'vpn1.alpha-centauri.freifunk.net'}
},
bandwidth_limit = {
-- The bandwidth limit can be enabled by default here.
@ -225,12 +334,24 @@ fastd_mesh_vpn
mesh_on_wan \: optional
Enables the mesh on the WAN port (``true`` or ``false``).
::
mesh_on_wan = true,
mesh_on_lan \: optional
Enables the mesh on the LAN port (``true`` or ``false``).
::
mesh_on_lan = true,
poe_passthrough \: optional
Enable PoE passthrough by default on hardware with such a feature.
autoupdater \: package
Configuration for the autoupdater feature of Gluon.
The mirrors are checked in random order until the manifest could be downloaded
successfully or all mirrors have been tried.
::
autoupdater = {
@ -240,7 +361,7 @@ autoupdater \: package
name = 'stable',
mirrors = {
'http://[fdca:ffee:babe:1::fec1]/firmware/stable/sysupgrade/',
'http://autoupdate.entenhausen.freifunk.net/firmware/stable/sysupgrade/',
'http://autoupdate.alpha-centauri.freifunk.net/firmware/stable/sysupgrade/',
},
-- Number of good signatures required
good_signatures = 2,
@ -255,6 +376,39 @@ autoupdater \: package
All configured mirrors must be reachable from the nodes via IPv6. If you don't want to set an IPv6 address
explicitly, but use a hostname (which is recommended), see also the :ref:`FAQ <faq-dns>`.
config_mode \: optional
Additional configuration for the configuration web interface. All values are
optional.
When no hostname is specified, a default hostname based on the *hostname_prefix*
and the node's primary MAC address is assigned. Manually setting a hostname
can be enforced by setting *hostname.optional* to *false*.
By default, no altitude fields are shown by the *gluon-config-mode-geo-location*
package. If *geo_location.show_altitude* is set to *true*, the *gluon-config-mode:altitude-label*
and *gluon-config-mode:altitude-help* strings must be provided in the site i18n
data as well.
The remote login page only shows SSH key configuration by default. A
password form can be displayed by setting *remote_login.show_password_form*
to true; in this case, *remote_login.min_password_length* defines the
minimum password length.
::
config_mode = {
hostname = {
optional = false,
},
geo_location = {
show_altitude = true,
},
remote_login = {
show_password_form = true,
min_password_length = 10,
},
},
roles \: optional
Optional role definitions. Nodes will announce their role inside the mesh.
This will allow in the backend to distinguish between normal, backbone and
@ -262,11 +416,11 @@ roles \: optional
the community which roles to define. See the section below as an example.
``default`` takes the default role which is set initially. This value should be
part of ``list``. If you want node owners to change the role via config mode add
the package ``gluon-luci-node-role`` to ``site.mk``.
the package ``gluon-web-node-role`` to ``site.mk``.
The strings to display in the LuCI interface can be configured per language in the
The strings to display in the web interface are configured per language in the
``i18n/en.po``, ``i18n/de.po``, etc. files of the site repository using message IDs like
``gluon-luci-node-role:role:node`` and ``gluon-luci-node-role:role:backbone``.
``gluon-web-node-role:role:node`` and ``gluon-web-node-role:role:backbone``.
::
roles = {
@ -288,30 +442,20 @@ setup_mode \: package
skip = true,
},
legacy \: package
Configuration for the legacy upgrade path.
This is only required in communities upgrading from Lübeck's LFF-0.3.x.
::
Build configuration
-------------------
legacy = {
version_files = {'/etc/.freifunk_version_keep', '/etc/.eff_version_keep'},
old_files = {'/etc/config/config_mode', '/etc/config/ffeh', '/etc/config/freifunk'},
config_mode_configs = {'config_mode', 'ffeh', 'freifunk'},
fastd_configs = {'ffeh_mesh_vpn', 'mesh_vpn'},
mesh_ifname = 'freifunk',
tc_configs = {'ffki', 'freifunk'},
wifi_names = {'wifi_freifunk', 'wifi_freifunk5', 'wifi_mesh', 'wifi_mesh5'},
}
Packages
--------
The ``site.mk`` is a Makefile which should define constants
The ``site.mk`` is a Makefile which defines various values
involved in the build process of Gluon.
GLUON_FEATURES
Defines a list of features to include. The feature list is used to generate
the default package set.
GLUON_SITE_PACKAGES
Defines a list of packages which should be installed additionally
to the ``gluon-core`` package.
Defines a list of packages which should be installed in addition to the
default package set. It is also possible to remove packages from the
default set by prepending a minus sign to the package name.
GLUON_RELEASE
The current release version Gluon should use.
@ -320,10 +464,86 @@ GLUON_PRIORITY
The default priority for the generated manifests (see the autoupdater documentation
for more information).
GLUON_REGION
Region code to build into images where necessary. Valid values are the empty string,
``us`` and ``eu``.
GLUON_LANGS
List of languages (as two-letter-codes) to be included in the web interface. Should always contain
``en``.
GLUON_WLAN_MESH
Setting this to ``11s`` or ``ibss`` will enable generation of matching images for devices which don't
support both meshing modes, either at all (e.g. ralink and mediatek don't support AP+IBSS) or in the
same firmware (ath10k-based 5GHz). Defaults to ``11s``.
.. _user-site-feature-flags:
Feature flags
^^^^^^^^^^^^^
With the addition of more and more features that interact in complex ways, it
has become necessary to split certain packages into multiple parts, so it is
possible to install just what is needed for a specific usecase. One example
is the package *gluon-status-page-mesh-batman-adv*: There are batman-adv-specific
status page components; they should only be installed when both batman-adv and
the status page are enabled, making the addition of a specific package for this
combination necessary.
With the ongoing modularization, e.g. for the purpose of supporting new
routing protocols, specifying all such split packages in *site.mk* would
soon become very cumbersome: In the future, further components like
respondd support or languages might be split off as separate packages,
leading to entangled package names like *gluon-mesh-vpn-fastd-respondd* or
*gluon-status-page-mesh-batman-adv-i18n-de*.
For this reason, we have introduced *feature flags*, which can be specified
in the *GLUON_FEATURES* variable. These flags allow to specify a set of features
on a higher level than individual package names.
Most Gluon packages can simply be specified as feature flags by removing the ``gluon-``
prefix: The feature flag corresponding to the package *gluon-mesh-batman-adv-15* is
*mesh-batman-adv-15*.
The file ``package/features`` in the Gluon repository (or
``features`` in site feeds) can specify additional rules for deriving package lists
from feature flags, e.g. specifying both *status-page* and either *mesh-batman-adv-14*
or *mesh-batman-adv-15* will automatically select the additional package
*gluon-status-page-mesh-batman-adv*. In the future, selecting the flags
*mesh-vpn-fastd* and *respondd* might automatically enable the additional
package *gluon-mesh-vpn-fastd-respondd*, and enabling *status-page* and
*mesh-batman-adv-15* (or *-14*) with ``de`` in *GLUON_LANGS* could
add the package *gluon-status-page-mesh-batman-adv-i18n-de*.
In short, it is not necessary anymore to list all the individual packages that are
relevant for a firmware; instead, the package list is derived from a list of feature
flags using a flexible ruleset defined in the Gluon repo or site package feeds.
To some extent, it will even allow us to further modularize existing Gluon packages,
without necessitating changes to existing site configurations.
It is still possible to override such automatic rules using *GLUON_SITE_PACKAGES*
(e.g., ``-gluon-status-page-mesh-batman-adv`` to remove the automatically added
package *gluon-status-page-mesh-batman-adv*).
For convenience, there are two feature flags that do not directly correspond to a Gluon
package:
* web-wizard
Includes the *gluon-config-mode-...* base packages (hostname, geolocation and contact info),
as well as the *gluon-config-mode-autoupdater* (when *autoupdater* is in *GLUON_FEATURES*),
and *gluon-config-mode-mesh-vpn* (when *mesh-vpn-fastd* or *mesh-vpn-tunneldigger* are in
*GLUON_FEATURES*)
* web-advanced
Includes the *gluon-web-...* base packages (admin, network, WiFi config),
as well as the *gluon-web-autoupdater* (when *autoupdater* is in *GLUON_FEATURES*)
We recommend to use *GLUON_SITE_PACKAGES* for non-Gluon OpenWrt packages only and
completely rely on *GLUON_FEATURES* for Gluon packages, as it is shown in the
example *site.mk*.
.. _site-config-mode-texts:
Config mode texts
@ -338,6 +558,27 @@ gluon-config-mode:welcome
gluon-config-mode:pubkey
Information about the public VPN key on the reboot page.
gluon-config-mode:novpn
Information shown on the reboot page, if the mesh VPN was not selected.
gluon-config-mode:altitude-label
Label for the ``altitude`` field
gluon-config-mode:altitude-help
Description for the usage of the ``altitude`` field
gluon-config-mode:contact-help
Description for the usage of the ``contact`` field
gluon-config-mode:contact-note
Note shown (in small font) below the ``contact`` field
gluon-config-mode:hostname-help
Description for the usage of the ``hostname`` field
gluon-config-mode:geo-location-help
Description for the usage of the longitude/latitude fields
gluon-config-mode:reboot
General information shown on the reboot page.
@ -355,6 +596,41 @@ utilities are installed.
Depending on the context, you might be able to use comments like
``<!-- empty -->`` as translations to effectively hide the text.
Site modules
------------
The file ``modules`` in the site repository is completely optional and can be used
to supply additional package feeds from which packages are built. The git repositories
specified here are retrieved in addition to the default feeds when ``make update``
it called.
This file's format is very similar to the toplevel ``modules`` file of the Gluon
tree, with the important different that the list of feeds must be assigned to
the variable ``GLUON_SITE_FEEDS``. Multiple feed names must be separated by spaces,
for example::
GLUON_SITE_FEEDS='foo bar'
The feed names may only contain alphanumerical characters, underscores and slashes.
For each of the feeds, the following variables are used to specify how to update
the feed:
PACKAGES_${feed}_REPO
The URL of the git repository to clone (usually ``git://`` or ``http(s)://``)
PACKAGES_${feed}_COMMIT
The commit ID of the repository to use
PACKAGES_${feed}_BRANCH
Optional: The branch of the repository the given commit ID can be found in.
Defaults to the default branch of the repository (usually ``master``)
These variables are always all uppercase, so for an entry ``foo`` in GLUON_SITE_FEEDS,
the corresponding configuration variables would be ``PACKAGES_FOO_REPO``,
``PACKAGES_FOO_COMMIT`` and ``PACKAGES_FOO_BRANCH``. Slashes in feed names are
replaced by underscores to get valid shell variable identifiers.
Examples
--------
@ -394,23 +670,38 @@ site-repos in the wild
This is a non-exhaustive list of site-repos from various communities:
* `site-ffa <https://github.com/tecff/site-ffa>`_ (Altdorf, Landshut & Umgebung)
* `site-ffac <https://github.com/ffac/site>`_ (Regio Aachen)
* `site-ffbs <https://github.com/ffbs/site-ffbs>`_ (Braunschweig)
* `site-ffhb <https://github.com/FreifunkBremen/gluon-site-ffhb>`_ (Bremen)
* `site-ffda <https://github.com/freifunk-darmstadt/site-ffda>`_ (Darmstadt)
* `site-ffda <https://git.darmstadt.ccc.de/ffda/site>`_ (Darmstadt)
* `site-ff3l <https://github.com/ff3l/site-ff3l>`_ (Dreiländereck)
* `site-ffeh <https://github.com/freifunk-ehingen/site-ffeh>`_ (Ehingen)
* `site-fffl <https://github.com/freifunk-flensburg/site-fffl>`_ (Flensburg)
* `site-ffgoe <https://github.com/freifunk-goettingen/site-ffgoe>`_ (Göttingen)
* `site-ffgt-rhw <https://github.com/ffgtso/site-ffgt-rhw>`_ (Guetersloh)
* `site-ffhh <https://github.com/freifunkhamburg/site-ffhh>`_ (Hamburg)
* `site-ffho <https://git.c3pb.de/freifunk-pb/site-ffho>`_ (Hochstift)
* `site-ffho <https://git.ffho.net/freifunkhochstift/ffho-site>`_ (Hochstift)
* `site-ffhgw <https://github.com/lorenzo-greifswald/site-ffhgw>`_ (Greifswald)
* `site-ffka <https://github.com/ffka/site-ffka>`_ (Karlsruhe)
* `site-ffki <https://git.freifunk.in-kiel.de/ffki-site/>`_ (Kiel)
* `site-fflz <https://github.com/freifunk-lausitz/site-fflz>`_ (Lausitz)
* `site-ffl <https://github.com/freifunk-leipzig/freifunk-gluon-leipzig>`_ (Leipzig)
* `site-ffhl <https://github.com/freifunk-luebeck/site-ffhl>`_ (Lübeck)
* `site-fflg <https://github.com/kartenkarsten/site-fflg>`_ (Lüneburg)
* `site-ffmd <https://github.com/FreifunkMD/site-ffmd>`_ (Magdeburg)
* `site-ffmwu <https://github.com/freifunk-mwu/site-ffmwu>`_ (Mainz, Wiesbaden & Umgebung)
* `site-ffmwu <https://github.com/freifunk-mwu/sites-ffmwu>`_ (Mainz, Wiesbaden & Umgebung)
* `site-ffmyk <https://github.com/FreifunkMYK/site-ffmyk>`_ (Mayen-Koblenz)
* `site-ffmo <https://github.com/ffruhr/site-ffmo>`_ (Moers)
* `site-ffmg <https://github.com/ffruhr/site-ffmg>`_ (Mönchengladbach)
* `site-ffm <https://github.com/freifunkMUC/site-ffm>`_ (München)
* `site-ffhmue <https://github.com/Freifunk-Muenden/site-conf>`_ (Münden)
* `site-ffms <https://github.com/FreiFunkMuenster/site-ffms>`_ (Münsterland)
* `site-neuss <https://github.com/ffne/site-neuss>`_ (Neuss)
* `site-ffniers <https://github.com/ffruhr/site-ffniers>`_ (Niersufer)
* `site-ffndh <https://github.com/freifunk-nordheide/ffnordheide/tree/ffnh-lede/ffndh-site>`_ (Nordheide)
* `site-ffnw <https://git.nordwest.freifunk.net/ffnw-firmware/siteconf/tree/master>`_ (Nordwest)
* `site-ffka <https://github.com/ffka/site-ffka>`_ (Karlsruhe)
* `site-ffrl <https://github.com/ffrl/sites-ffrl>`_ (Rheinland)
* `site-ffrg <https://github.com/ffruhr/site-ffruhr>`_ (Ruhrgebiet)
* `site-ffrgb <https://github.com/ffrgb/site-ffrgb>`_ (Regensburg)
* `site-ffrn <https://github.com/Freifunk-Rhein-Neckar/site-ffrn>`_ (Rhein-Neckar)
* `site-ffruhr <https://github.com/ffruhr?utf8=✓&query=site>`_ (Ruhrgebiet, Multi-Communities)
* `site-ffs <https://github.com/freifunk-stuttgart/site-ffs>`_ (Stuttgart)
* `site-fftr <https://github.com/freifunktrier/site-fftr>`_ (Trier)

13
docs/user/x86.rst
View File

@ -22,15 +22,8 @@ The following targets for x86 images exist:
These images only differ in the image file format, the content is the same. Therefore there is
only a single `x86-generic` sysupgrade image instead of three.
Please note that the `x86-generic` image doesn't include VirtIO support, so another virtual NIC
like `pcnet32` must be chosen when using VirtualBox.
`x86-kvm`
The `x86-kvm` image uses VirtIO as its harddisk and network driver.
`x86-xen_domu`
The `x86-xen_domu` target contains the necessary drivers for use in Xen.
`x86-geode`
x86 image for Geode CPUs.
`x86-64`
64bit version of `x86-generic`. Also has VirtIO support, so there's no need for an
`x86-64-kvm` target.
64bit version of `x86-generic`.

22
include/config
View File

@ -1,22 +0,0 @@
CONFIG_IMAGEOPT=y
# CONFIG_PER_FEED_REPO is not set
# CONFIG_TARGET_ROOTFS_INITRAMFS is not set
CONFIG_DEVEL=y
CONFIG_ALL_KMODS=y
CONFIG_BUSYBOX_CUSTOM=y
CONFIG_BUSYBOX_CONFIG_SHA512SUM=y
# CONFIG_BUSYBOX_CONFIG_FEATURE_PREFER_IPV4_ADDRESS is not set
CONFIG_BUSYBOX_CONFIG_IP=y
CONFIG_BUSYBOX_CONFIG_FEATURE_IP_ADDRESS=y
CONFIG_BUSYBOX_CONFIG_FEATURE_IP_LINK=y
CONFIG_BUSYBOX_CONFIG_FEATURE_IP_ROUTE=y
CONFIG_BUSYBOX_CONFIG_FEATURE_IP_TUNNEL=y
CONFIG_BUSYBOX_CONFIG_FEATURE_IP_RULE=y
CONFIG_BUSYBOX_CONFIG_FEATURE_IP_SHORT_FORMS=y
CONFIG_BUSYBOX_CONFIG_FEATURE_WGET_TIMEOUT=y
CONFIG_ATH_USER_REGD=y
CONFIG_PACKAGE_ATH_DEBUG=y
CONFIG_LUCI_SRCDIET=y

82
include/gluon.mk
View File

@ -1,82 +0,0 @@
ifneq ($(__gluon_inc),1)
__gluon_inc=1
GLUON_SITEDIR ?= $(GLUONDIR)/site
GLUON_BUILDDIR ?= $(GLUONDIR)/build
GLUON_ORIGOPENWRTDIR := $(GLUONDIR)/openwrt
GLUON_SITE_CONFIG := $(GLUON_SITEDIR)/site.conf
GLUON_OUTPUTDIR ?= $(GLUONDIR)/output
GLUON_IMAGEDIR ?= $(GLUON_OUTPUTDIR)/images
GLUON_MODULEDIR ?= $(GLUON_OUTPUTDIR)/modules
GLUON_OPKG_KEY ?= $(GLUON_BUILDDIR)/gluon-opkg-key
export GLUONDIR GLUON_SITEDIR GLUON_BUILDDIR GLUON_SITE_CONFIG GLUON_OUTPUTDIR GLUON_IMAGEDIR GLUON_MODULEDIR
BOARD_BUILDDIR = $(GLUON_BUILDDIR)/$(GLUON_TARGET)
BOARD_KDIR = $(BOARD_BUILDDIR)/kernel
export BOARD_BUILDDIR
LINUX_RELEASE := 2
export LINUX_RELEASE
GLUON_OPENWRTDIR = $(BOARD_BUILDDIR)/openwrt
$(GLUON_SITEDIR)/site.mk:
$(error There was no site configuration found. Please check out a site configuration to $(GLUON_SITEDIR))
-include $(GLUON_SITEDIR)/site.mk
GLUON_VERSION := $(shell cd $(GLUONDIR) && git describe --always 2>/dev/null || echo unknown)
export GLUON_VERSION
GLUON_LANGS ?= en
export GLUON_LANGS
ifeq ($(OPENWRT_BUILD),1)
ifeq ($(GLUON_TOOLS),1)
GLUON_OPENWRT_FEEDS := base packages luci routing telephony management
export GLUON_OPENWRT_FEEDS
GLUON_SITE_CODE := $(shell $(GLUONDIR)/scripts/site.sh site_code)
export GLUON_SITE_CODE
ifeq ($(GLUON_RELEASE),)
$(error GLUON_RELEASE not set. GLUON_RELEASE can be set in site.mk or on the command line.)
endif
export GLUON_RELEASE
endif
endif
define merge-lists
$(1) :=
$(foreach var,$(2),$(1) := $$(filter-out -% $$(patsubst -%,%,$$(filter -%,$$($(var)))),$$($(1)) $$($(var)))
)
endef
GLUON_TARGETS :=
define GluonTarget
gluon_target := $(1)$$(if $(2),-$(2))
GLUON_TARGETS += $$(gluon_target)
GLUON_TARGET_$$(gluon_target)_BOARD := $(1)
GLUON_TARGET_$$(gluon_target)_SUBTARGET := $(2)
endef
GLUON_DEFAULT_PACKAGES := gluon-core kmod-ipv6 firewall ip6tables -uboot-envtools -wpad-mini hostapd-mini
override DEFAULT_PACKAGES.router :=
endif #__gluon_inc

35
include/package.mk
View File

@ -1,35 +0,0 @@
include $(INCLUDE_DIR)/package.mk
# Annoyingly, make's shell function replaces all newlines with spaces, so we have to do some escaping work. Yuck.
define GluonCheckSite
[ -z "$$GLUONDIR" ] || sed -e 's/-@/\n/g' -e 's/+@/@/g' <<'END__GLUON__CHECK__SITE' | "$$GLUONDIR"/scripts/check_site.sh
$(shell cat $(1) | sed -ne '1h; 1!H; $$ {g; s/@/+@/g; s/\n/-@/g; p}')
END__GLUON__CHECK__SITE
endef
# Languages supported by LuCi
GLUON_SUPPORTED_LANGS := ca zh_cn en fr de el he hu it ja ms no pl pt_br pt ro ru es sv uk vi
GLUON_I18N_PACKAGES := $(foreach lang,$(GLUON_SUPPORTED_LANGS),+LUCI_LANG_$(lang):luci-i18n-base-$(lang))
GLUON_I18N_CONFIG := $(foreach lang,$(GLUON_SUPPORTED_LANGS),CONFIG_LUCI_LANG_$(lang))
GLUON_ENABLED_LANGS := $(foreach lang,$(GLUON_SUPPORTED_LANGS),$(if $(CONFIG_LUCI_LANG_$(lang)),$(lang)))
define GluonBuildI18N
mkdir -p $$(PKG_BUILD_DIR)/i18n
for lang in $$(GLUON_ENABLED_LANGS); do \
if [ -e $(2)/$$$$lang.po ]; then \
rm -f $$(PKG_BUILD_DIR)/i18n/$(1).$$$$lang.lmo; \
po2lmo $(2)/$$$$lang.po $$(PKG_BUILD_DIR)/i18n/$(1).$$$$lang.lmo; \
fi; \
done
endef
define GluonInstallI18N
$$(INSTALL_DIR) $(2)/usr/lib/lua/luci/i18n
for lang in $$(GLUON_ENABLED_LANGS); do \
if [ -e $$(PKG_BUILD_DIR)/i18n/$(1).$$$$lang.lmo ]; then \
$$(INSTALL_DATA) $$(PKG_BUILD_DIR)/i18n/$(1).$$$$lang.lmo $(2)/usr/lib/lua/luci/i18n/$(1).$$$$lang.lmo; \
fi; \
done
endef

62
include/toplevel.mk
View File

@ -1,62 +0,0 @@
# Makefile for OpenWrt
#
# Copyright (C) 2007-2012 OpenWrt.org
# Copyright (C) 2013-2014 Project Gluon
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
RELEASE:=Chaos Calmer
PREP_MK= OPENWRT_BUILD= QUIET=0
export IS_TTY=$(shell tty -s && echo 1 || echo 0)
include $(GLUONDIR)/include/verbose.mk
REVISION:=$(shell [ -d $(TOPDIR) ] && cd $(TOPDIR) && ./scripts/getver.sh 2>/dev/null)
HOSTCC ?= gcc
OPENWRTVERSION:=$(RELEASE)$(if $(REVISION), ($(REVISION)))
export RELEASE
export REVISION
export OPENWRTVERSION
export IS_TTY=$(shell tty -s && echo 1 || echo 0)
export LD_LIBRARY_PATH:=$(subst ::,:,$(if $(LD_LIBRARY_PATH),$(LD_LIBRARY_PATH):)$(STAGING_DIR_HOST)/lib)
export DYLD_LIBRARY_PATH:=$(subst ::,:,$(if $(DYLD_LIBRARY_PATH),$(DYLD_LIBRARY_PATH):)$(STAGING_DIR_HOST)/lib)
export GIT_CONFIG_PARAMETERS='core.autocrlf=false'
export MAKE_JOBSERVER=$(filter --jobserver%,$(MAKEFLAGS))
# prevent perforce from messing with the patch utility
unexport P4PORT P4USER P4CONFIG P4CLIENT
# prevent user defaults for quilt from interfering
unexport QUILT_PATCHES QUILT_PATCH_OPTS
unexport C_INCLUDE_PATH CROSS_COMPILE ARCH
# prevent distro default LPATH from interfering
unexport LPATH
# make sure that a predefined CFLAGS variable does not disturb packages
export CFLAGS=
ifneq ($(shell $(HOSTCC) 2>&1 | grep clang),)
export HOSTCC_REAL?=$(HOSTCC)
export HOSTCC_WRAPPER:=$(TOPDIR)/scripts/clang-gcc-wrapper
else
export HOSTCC_WRAPPER:=$(HOSTCC)
endif
SCAN_COOKIE?=$(shell echo $$$$)
export SCAN_COOKIE
SUBMAKE:=umask 022; $(SUBMAKE)
ULIMIT_FIX=_limit=`ulimit -n`; [ "$$_limit" = "unlimited" -o "$$_limit" -ge 1024 ] || ulimit -n 1024;
FORCE: ;
.PHONY: FORCE
.NOTPARALLEL:

67
include/verbose.mk
View File

@ -1,67 +0,0 @@
#
# Copyright (C) 2006 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
ifndef OPENWRT_VERBOSE
OPENWRT_VERBOSE:=
endif
ifeq ("$(origin V)", "command line")
OPENWRT_VERBOSE:=$(V)
endif
ifeq ($(OPENWRT_VERBOSE),1)
OPENWRT_VERBOSE:=w
endif
ifeq ($(OPENWRT_VERBOSE),99)
OPENWRT_VERBOSE:=s
endif
ifeq ($(NO_TRACE_MAKE),)
NO_TRACE_MAKE := $(MAKE) V=s$(OPENWRT_VERBOSE)
export NO_TRACE_MAKE
endif
ifeq ($(IS_TTY),1)
ifneq ($(strip $(NO_COLOR)),1)
_Y:=\\033[33m
_R:=\\033[31m
_N:=\\033[m
endif
endif
ifeq ($(findstring s,$(OPENWRT_VERBOSE)),)
define MESSAGE
printf "$(_Y)%s$(_N)\n" "$(1)" >&8
endef
define ERROR_MESSAGE
printf "$(_R)%s$(_N)\n" "$(1)" >&8
endef
ifeq ($(QUIET),1)
ifneq ($(CURDIR),$(TOPDIR))
_DIR:=$(patsubst $(TOPDIR)/%,%,${CURDIR})
else
_DIR:=
endif
_NULL:=$(if $(MAKECMDGOALS),$(shell \
$(call MESSAGE, make[$(MAKELEVEL)]$(if $(_DIR), -C $(_DIR)) $(MAKECMDGOALS)); \
))
SUBMAKE=$(MAKE)
else
SILENT:=>/dev/null $(if $(findstring w,$(OPENWRT_VERBOSE)),,2>&1)
export QUIET:=1
SUBMAKE=cmd() { $(SILENT) $(MAKE) -s $$* < /dev/null || { echo "make $$*: build failed. Please re-run make with V=s to see what's going on"; false; } } 8>&1 9>&2; cmd
endif
.SILENT: $(MAKECMDGOALS)
else
SUBMAKE=$(MAKE) -w
define MESSAGE
printf "%s\n" "$(1)"
endef
ERROR_MESSAGE=$(MESSAGE)
endif

26
modules
View File

@ -1,18 +1,20 @@
GLUON_FEEDS='openwrt gluon routing luci'
OPENWRT_REPO=git://git.openwrt.org/15.05/openwrt.git
OPENWRT_COMMIT=eadf19c0b43d2f75f196ea8d875a08c7c348530c
LEDE_REPO=https://git.openwrt.org/openwrt/openwrt.git
LEDE_BRANCH=lede-17.01
LEDE_COMMIT=0a2c984222d03d940c52c3675849dd6398b34e64
PACKAGES_OPENWRT_REPO=git://github.com/openwrt/packages.git
PACKAGES_OPENWRT_COMMIT=9622fe984bba3a4547f48bc507ebaba7637eb2b0
PACKAGES_OPENWRT_BRANCH=for-15.05
PACKAGES_OPENWRT_REPO=https://github.com/openwrt/packages.git
PACKAGES_OPENWRT_BRANCH=lede-17.01
PACKAGES_OPENWRT_COMMIT=338690b2f79e2c7090be4e9adbb19b452c9e3c36
PACKAGES_GLUON_REPO=git://github.com/freifunk-gluon/packages.git
PACKAGES_GLUON_COMMIT=63376e23c81e53c21d3c5250c3fb7444a90dc019
PACKAGES_GLUON_REPO=https://github.com/freifunk-gluon/packages.git
PACKAGES_GLUON_COMMIT=be2c35785994e443d895225c7240474a46f64f5e
PACKAGES_ROUTING_REPO=git://github.com/openwrt-routing/packages.git
PACKAGES_ROUTING_COMMIT=2a8338559de5c4b077cde7a83f43f4700a17d5cc
PACKAGES_ROUTING_REPO=https://github.com/openwrt-routing/packages.git
PACKAGES_ROUTING_BRANCH=openwrt-18.06
PACKAGES_ROUTING_COMMIT=1b9d1c419f0ecefda51922a7845ab2183d6acd76
PACKAGES_LUCI_REPO=git://github.com/openwrt/luci.git
PACKAGES_LUCI_COMMIT=cdcdfd2594634804ab09dc8105e46116edce0cd6
PACKAGES_LUCI_BRANCH=for-15.05
PACKAGES_LUCI_REPO=https://github.com/openwrt/luci.git
PACKAGES_LUCI_BRANCH=lede-17.01
PACKAGES_LUCI_COMMIT=1f014bd2180b364bec4c3f6457f72a0621884f9a

10
overlay/opkg.mk Normal file
View File

@ -0,0 +1,10 @@
# LEDE doesn't have a nice way to set the list of feeds in
# /etc/opkg/distfeeds.conf, so we use this overlay file (which is included by
# the opkg package Makefile though LEDE's IncludeOverlay mechanism).
# The following definitions make /etc/opkg/distfeeds.conf match the one included
# in official LEDE builds (by default, FEEDS_DISABLED contains the original list
# of feeds (which are unused by Gluon), and FEEDS_ENABLED our own feed list).
FEEDS_ENABLED := $(FEEDS_DISABLED)
FEEDS_DISABLED :=

26
package/features Normal file
View File

@ -0,0 +1,26 @@
nodefault 'web-wizard'
packages 'web-wizard' \
'gluon-config-mode-hostname' \
'gluon-config-mode-geo-location' \
'gluon-config-mode-contact-info'
packages 'web-wizard & autoupdater' \
'gluon-config-mode-autoupdater'
packages 'web-wizard & (mesh-vpn-fastd | mesh-vpn-tunneldigger)' \
'gluon-config-mode-mesh-vpn'
nodefault 'web-advanced'
packages 'web-advanced' \
'gluon-web-admin' \
'gluon-web-network' \
'gluon-web-wifi-config'
packages 'web-advanced & autoupdater' \
'gluon-web-autoupdater'
packages 'status-page & (mesh-batman-adv-14 | mesh-batman-adv-15)' \
'gluon-status-page-mesh-batman-adv'

24
package/gluon-alfred/Makefile
View File

@ -4,29 +4,11 @@ PKG_NAME:=gluon-alfred
PKG_VERSION:=1
PKG_RELEASE:=1
PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
include $(INCLUDE_DIR)/package.mk
include ../gluon.mk
define Package/gluon-alfred
SECTION:=gluon
CATEGORY:=Gluon
DEPENDS:=+gluon-core +gluon-respondd +gluon-neighbour-info +micrond +alfred
DEPENDS:=+gluon-core +gluon-respondd +gluon-neighbour-info gluon-mesh-batman-adv +micrond +alfred
TITLE:=Configure alfred
endef
define Build/Prepare
mkdir -p $(PKG_BUILD_DIR)
endef
define Build/Configure
endef
define Build/Compile
endef
define Package/gluon-alfred/install
$(CP) ./files/* $(1)/
endef
$(eval $(call BuildPackage,gluon-alfred))
$(eval $(call BuildPackageGluon,gluon-alfred))

18
package/gluon-alfred/files/lib/gluon/upgrade/500-enable-alfred
View File

@ -1,18 +0,0 @@
#!/usr/bin/lua
local uci = require 'luci.model.uci'
local c = uci.cursor()
c:delete('alfred', 'alfred')
c:section('alfred', 'alfred', 'alfred',
{
interface = 'br-client',
mode = 'slave',
batmanif = 'bat0',
start_vis = '1',
run_facters = '0',
}
)
c:save('alfred')

14
package/gluon-alfred/luasrc/lib/gluon/upgrade/400-alfred-firewall Executable file
View File

@ -0,0 +1,14 @@
#!/usr/bin/lua
local uci = require('simple-uci').cursor()
uci:section('firewall', 'rule', 'mesh_respondd', {
name = 'mesh_respondd',
src = 'mesh',
src_ip = 'fe80::/64',
dest_port = '16962',
proto = 'udp',
target = 'ACCEPT',
})
uci:save('firewall')

14
package/gluon-alfred/luasrc/lib/gluon/upgrade/500-enable-alfred Executable file
View File

@ -0,0 +1,14 @@
#!/usr/bin/lua
local uci = require('simple-uci').cursor()
uci:delete('alfred', 'alfred')
uci:section('alfred', 'alfred', 'alfred', {
interface = 'br-client',
mode = 'slave',
batmanif = 'bat0',
start_vis = true,
run_facters = false,
})
uci:save('alfred')

27
package/gluon-authorized-keys/Makefile
View File

@ -3,34 +3,11 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=gluon-authorized-keys
PKG_VERSION:=2
PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
include $(GLUONDIR)/include/package.mk
include ../gluon.mk
define Package/gluon-authorized-keys
SECTION:=gluon
CATEGORY:=Gluon
TITLE:=Fill /etc/dropbear/authorized_keys from site.conf
DEPENDS:=+gluon-core
endef
define Build/Prepare
mkdir -p $(PKG_BUILD_DIR)
endef
define Build/Configure
endef
define Build/Compile
endef
define Package/gluon-authorized-keys/install
$(CP) ./files/* $(1)/
endef
define Package/gluon-authorized-keys/postinst
#!/bin/sh
$(call GluonCheckSite,check_site.lua)
endef
$(eval $(call BuildPackage,gluon-authorized-keys))
$(eval $(call BuildPackageGluon,gluon-authorized-keys))

2
package/gluon-authorized-keys/check_site.lua
View File

@ -1 +1 @@
need_string_array 'authorized_keys'
need_string_array(in_site({'authorized_keys'}))

4
package/gluon-authorized-keys/files/lib/gluon/upgrade/100-authorized-keys → package/gluon-authorized-keys/luasrc/lib/gluon/upgrade/100-authorized-keys
View File

@ -1,6 +1,6 @@
#!/usr/bin/lua
local site = require 'gluon.site_config'
local site = require 'gluon.site'
local file = '/etc/dropbear/authorized_keys'
local keys = {}
@ -14,7 +14,7 @@ end
pcall(load_keys)
local f = io.open(file, 'a')
for _, key in ipairs(site.authorized_keys) do
for _, key in ipairs(site.authorized_keys()) do
if not keys[key] then
f:write(key .. '\n')
end

36
package/gluon-autoupdater/Makefile
View File

@ -2,40 +2,30 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=gluon-autoupdater
PKG_VERSION:=4
PKG_RELEASE:=$(GLUON_BRANCH)
PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
PKG_BUILD_DEPENDS := respondd
PKG_CONFIG_DEPENDS := CONFIG_GLUON_BRANCH
include $(GLUONDIR)/include/package.mk
include ../gluon.mk
define Package/gluon-autoupdater
SECTION:=gluon
CATEGORY:=Gluon
DEPENDS:=+gluon-core +libgluonutil +micrond +autoupdater
TITLE:=Automatically update firmware
endef
define Build/Prepare
mkdir -p $(PKG_BUILD_DIR)
$(CP) ./src/* $(PKG_BUILD_DIR)/
define Package/gluon-autoupdater/config
config GLUON_BRANCH
string "Gluon autoupdater branch"
depends on PACKAGE_gluon-autoupdater
default ""
endef
define Package/gluon-autoupdater/install
$(CP) ./files/* $(1)/
$(Gluon/Build/Install)
$(INSTALL_DIR) $(1)/lib/gluon/respondd
$(CP) $(PKG_BUILD_DIR)/respondd.so $(1)/lib/gluon/respondd/autoupdater.so
if [ '$(GLUON_BRANCH)' ]; then \
$(INSTALL_DIR) $(1)/lib/gluon/autoupdater; \
echo '$(GLUON_BRANCH)' > $(1)/lib/gluon/autoupdater/default_branch; \
fi
ifneq ($(CONFIG_GLUON_BRANCH),"")
$(INSTALL_DIR) $(1)/lib/gluon/autoupdater
echo '$(call qstrip,$(CONFIG_GLUON_BRANCH))' > $(1)/lib/gluon/autoupdater/default_branch
endif
endef
define Package/gluon-autoupdater/postinst
#!/bin/sh
$(call GluonCheckSite,check_site.lua)
endef
$(eval $(call BuildPackage,gluon-autoupdater))
$(eval $(call BuildPackageGluon,gluon-autoupdater))

20
package/gluon-autoupdater/check_site.lua
View File

@ -1,14 +1,10 @@
need_string 'autoupdater.branch'
need_string(in_site({'autoupdater', 'branch'}))
local function check_branch(k, _)
assert_uci_name(k)
need_table({'autoupdater', 'branches'}, function(branch)
need_alphanumeric_key(branch)
local prefix = string.format('autoupdater.branches[%q].', k)
need_string(prefix .. 'name')
need_string_array(prefix .. 'mirrors')
need_number(prefix .. 'good_signatures')
need_string_array(prefix .. 'pubkeys')
end
need_table('autoupdater.branches', check_branch)
need_string(in_site(extend(branch, {'name'})))
need_string_array_match(extend(branch, {'mirrors'}), '^http://')
need_number(in_site(extend(branch, {'good_signatures'})))
need_string_array_match(in_site(extend(branch, {'pubkeys'})), '^%x+$')
end)

8
package/gluon-autoupdater/files/lib/gluon/autoupdater/lib.sh
View File

@ -2,15 +2,15 @@
stop() {
if [ -x /etc/init.d/$1 ]; then
if [ -x /etc/init.d/"$1" ]; then
echo "Stopping $1..."
/etc/init.d/$1 stop
/etc/init.d/"$1" stop
fi
}
start_enabled() {
if [ -x /etc/init.d/$1 ] && /etc/init.d/$1 enabled; then
if [ -x /etc/init.d/"$1" ] && /etc/init.d/"$1" enabled; then
echo "Starting $1..."
/etc/init.d/$1 start
/etc/init.d/"$1" start
fi
}

56
package/gluon-autoupdater/files/lib/gluon/upgrade/500-autoupdater
View File

@ -1,56 +0,0 @@
#!/usr/bin/lua
local site = require 'gluon.site_config'
local uci = require 'luci.model.uci'
local c = uci.cursor()
for name, config in pairs(site.autoupdater.branches) do
c:delete('autoupdater', name)
c:section('autoupdater', 'branch', name,
{
name = config.name,
mirror = config.mirrors,
good_signatures = config.good_signatures,
pubkey = config.pubkeys,
}
)
end
if not c:get('autoupdater', 'settings') then
local enabled = 0
local branch = site.autoupdater.branch
local f = io.open('/lib/gluon/autoupdater/default_branch')
if f then
enabled = 1
branch = f:read('*line')
f:close()
end
c:section('autoupdater', 'autoupdater', 'settings',
{
enabled = enabled,
branch = branch,
}
)
end
c:set('autoupdater', 'settings', 'version_file', '/lib/gluon/release')
c:save('autoupdater')
local autoupdater_util = require 'autoupdater.util'
autoupdater_util.randomseed()
-- Perform updates at a random time between 04:00 and 05:00, and once an hour
-- a fallback update (used after the regular updates haven't
local minute = math.random(0, 59)
local f = io.open('/usr/lib/micron.d/autoupdater', 'w')
f:write(string.format('%i 4 * * * /usr/sbin/autoupdater\n', minute))
f:write(string.format('%i 0-3,5-23 * * * /usr/sbin/autoupdater --fallback\n', minute))
f:close()

53
package/gluon-autoupdater/luasrc/lib/gluon/upgrade/500-autoupdater Executable file
View File

@ -0,0 +1,53 @@
#!/usr/bin/lua
local site = require 'gluon.site'
local uci = require('simple-uci').cursor()
for name, config in pairs(site.autoupdater.branches()) do
uci:delete('autoupdater', name)
uci:section('autoupdater', 'branch', name, {
name = config.name,
mirror = config.mirrors,
good_signatures = config.good_signatures,
pubkey = config.pubkeys,
})
end
if not uci:get('autoupdater', 'settings') then
local enabled = false
local branch = site.autoupdater.branch()
local f = io.open('/lib/gluon/autoupdater/default_branch')
if f then
enabled = true
branch = f:read('*line')
f:close()
end
uci:section('autoupdater', 'autoupdater', 'settings', {
enabled = enabled,
branch = branch,
})
end
uci:set('autoupdater', 'settings', 'version_file', '/lib/gluon/release')
uci:save('autoupdater')
local urandom = io.open('/dev/urandom', 'r')
local seed1, seed2 = urandom:read(2):byte(1, 2)
math.randomseed(seed1*0x100 + seed2)
urandom:close()
-- Perform updates at a random time between 04:00 and 05:00, and once an hour
-- a fallback update (used after the regular updates haven't worked for
-- (priority+1) days after a firmware release, for example because the node
-- is always offline at night)
local minute = math.random(0, 59)
local f = io.open('/usr/lib/micron.d/autoupdater', 'w')
f:write(string.format('%i 4 * * * /usr/sbin/autoupdater\n', minute))
f:write(string.format('%i 0-3,5-23 * * * /usr/sbin/autoupdater --fallback\n', minute))
f:close()

2
package/gluon-autoupdater/src/respondd.c
View File

@ -36,6 +36,8 @@
static struct json_object * get_autoupdater(void) {
struct uci_context *ctx = uci_alloc_context();
if (!ctx)
return NULL;
ctx->flags &= ~UCI_FLAG_STRICT;
struct uci_package *p;

29
package/gluon-client-bridge/Makefile
View File

@ -3,34 +3,11 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=gluon-client-bridge
PKG_VERSION:=1
PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
include $(GLUONDIR)/include/package.mk
include ../gluon.mk
define Package/gluon-client-bridge
SECTION:=gluon
CATEGORY:=Gluon
TITLE:=Provides a bridge and a wireless interface for clients to connect to
DEPENDS:=+gluon-core
DEPENDS:=+gluon-core +kmod-veth +@GLUON_SPECIALIZE_KERNEL:KERNEL_VETH
endef
define Build/Prepare
mkdir -p $(PKG_BUILD_DIR)
endef
define Build/Configure
endef
define Build/Compile
endef
define Package/gluon-client-bridge/install
$(CP) ./files/* $(1)/
endef
define Package/gluon-client-bridge/postinst
#!/bin/sh
$(call GluonCheckSite,check_site.lua)
endef
$(eval $(call BuildPackage,gluon-client-bridge))
$(eval $(call BuildPackageGluon,gluon-client-bridge))

Some files were not shown because too many files have changed in this diff Show More