From d9634cd81510b53e516062cb7a73a970711b9c3c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Maciej=20Kr=C3=BCger?= <mkg20001@gmail.com>
Date: Tue, 25 Apr 2023 22:07:07 +0200
Subject: [PATCH] gluon-mesh-vpn-core: migrate to gluon-nftables

---
 package/gluon-mesh-vpn-core/Makefile                     | 2 +-
 .../nftables.rules => nftables/mesh_vpn_dns.nft}         | 0
 .../luasrc/lib/gluon/nftables/mesh_vpn.lua               | 4 ++++
 .../luasrc/lib/gluon/upgrade/500-mesh-vpn                | 9 ---------
 4 files changed, 5 insertions(+), 10 deletions(-)
 rename package/gluon-mesh-vpn-core/files/lib/gluon/{mesh-vpn/nftables.rules => nftables/mesh_vpn_dns.nft} (100%)
 create mode 100644 package/gluon-mesh-vpn-core/luasrc/lib/gluon/nftables/mesh_vpn.lua

diff --git a/package/gluon-mesh-vpn-core/Makefile b/package/gluon-mesh-vpn-core/Makefile
index 64f0e65b..c183c542 100644
--- a/package/gluon-mesh-vpn-core/Makefile
+++ b/package/gluon-mesh-vpn-core/Makefile
@@ -6,7 +6,7 @@ include ../gluon.mk
 
 define Package/gluon-mesh-vpn-core
   TITLE:=Basic support for connecting meshes via VPN tunnels
-  DEPENDS:=+gluon-core +gluon-wan-dnsmasq +simple-tc
+  DEPENDS:=+gluon-core +gluon-nftables +gluon-wan-dnsmasq +simple-tc
   USERID:=:gluon-mesh-vpn=800
 endef
 
diff --git a/package/gluon-mesh-vpn-core/files/lib/gluon/mesh-vpn/nftables.rules b/package/gluon-mesh-vpn-core/files/lib/gluon/nftables/mesh_vpn_dns.nft
similarity index 100%
rename from package/gluon-mesh-vpn-core/files/lib/gluon/mesh-vpn/nftables.rules
rename to package/gluon-mesh-vpn-core/files/lib/gluon/nftables/mesh_vpn_dns.nft
diff --git a/package/gluon-mesh-vpn-core/luasrc/lib/gluon/nftables/mesh_vpn.lua b/package/gluon-mesh-vpn-core/luasrc/lib/gluon/nftables/mesh_vpn.lua
new file mode 100644
index 00000000..88dba355
--- /dev/null
+++ b/package/gluon-mesh-vpn-core/luasrc/lib/gluon/nftables/mesh_vpn.lua
@@ -0,0 +1,4 @@
+include('mesh_vpn_dns', {
+	position = 'chain-prepend',
+	chain = 'dstnat',
+})
diff --git a/package/gluon-mesh-vpn-core/luasrc/lib/gluon/upgrade/500-mesh-vpn b/package/gluon-mesh-vpn-core/luasrc/lib/gluon/upgrade/500-mesh-vpn
index 0cf971a0..61f88217 100755
--- a/package/gluon-mesh-vpn-core/luasrc/lib/gluon/upgrade/500-mesh-vpn
+++ b/package/gluon-mesh-vpn-core/luasrc/lib/gluon/upgrade/500-mesh-vpn
@@ -25,15 +25,6 @@ uci:save('network')
 users.remove_user('gluon-fastd')
 users.remove_group('gluon-fastd')
 
-uci:section('firewall', 'include', 'mesh_vpn_dns', {
-	type = 'nftables',
-	path = '/lib/gluon/mesh-vpn/nftables.rules',
-	position = 'chain-prepend',
-	chain = 'dstnat',
-})
-
-uci:save('firewall')
-
 
 -- VPN migration
 if not uci:get('gluon', 'mesh_vpn') then