Commit Graph

12 Commits

Author SHA1 Message Date
Matthias Schiffer
7c6befc7c3
gluon-mesh-vpn-fastd: add L2TP offload support 2022-02-08 21:09:15 +01:00
lemoer
3f7c0b3ae8
gluon-mesh-vpn-wireguard: add package (#2168)
The address of the vpn interface is calculated in the style of
modified EUI-64, based on a virtual mac address. This virtual mac
address consists of 0x00 as first byte and the other five bytes
are taken from the first bytes of md5sum(base64 encoded public key).

The algorithm was taken by the ffmuc, with a slight difference. ffmuc
calculated the result of md5sum(base64 encoded public key + '\n')
which was interpreted as accidential fault and therefore dropped.

Example:
- Public-Key: "gP3VJnTTvnQut+z4O+m0N9RgMyXbgyUbUkF3E3TKX2w="
- Address: "fe80::02ca:b8ff:fedc:2eb3"

The following interfaces are used for wireguard:
- wg_mesh  -> wireguard interface
- mesh-vpn -> vxlan iface on top of wg_mesh

If you use this new feature, make sure the NTP servers in your site
config are publicly reachable. This is necessary, since wireguard
requires correct time before the vpn connection is established.
Therefore gluon performs ntp time synchronisation via WAN before it
establishes the vpn connection. Therefore the NTP servers have to
be publicly reachable (and not only via mesh).
2021-09-15 01:25:59 +02:00
Matthias Schiffer
13b743d51e features: fix handling of logical expressions
The rewrite of the feature handling introduced multiple major bugs. One
of them was caused by the way Lua's logical operators work:

An expression of the form

    _'autoupdater' and _'web-advanced'

would return 'web-advanced' rather than the boolean true when _ returned
both strings unchanged (because the features are enabled).

As entries with more than a single feature name in their expressions did
not set no_default, Gluon would then attempt to add gluon-web-advanced to
the package selection, as web-advanced is a "pure" feature.

To fix this, and get rid of the annoying nodefault, separate handling of
"pure" feature and handling of logical expressions into two separate
functions, called feature() and when(). To simplify the feature
definitions, the package list is now passed directly to these functions
rather than in a table with a single field 'packages'.

Fixes: ee5ec5afe5 ("build: rewrite features.sh in Lua")
2020-08-28 22:27:38 +02:00
Matthias Schiffer
ee5ec5afe5 build: rewrite features.sh in Lua
The `features` file is converted to a Lua-based DSL.

A helper function `_` is used in the DSL; this will return the original
string for enabled features, and nil for disabled features. This allows
to use boolean operations on features without making the code too
verbose.

Besides having more readable and robust code, this also fixes the bug
that all files `packages/*/features` were evaluated instead of only
using the feature definitions of currently active feeds.
2020-07-01 20:35:22 +02:00
David Bauer
00e029500e features: add hostapd-mini by default
If WPA3 is not selected as a feature, autmatically include
hostapd-mini.
2020-03-25 02:05:18 +01:00
Matthias Schiffer
5b97d36c7e gluon-mesh-batman-adv: remove gluon-mesh-batman-adv-14 2019-09-25 21:57:52 +02:00
Matthias Schiffer
dcb18e6efe
features: include gluon-radvd by default
Fixes #1775
2019-08-21 19:34:12 +02:00
Martin Weinelt
501c3b38bb add gluon-config-mode-outdoor package
adds a section to the wizard for outdoor capable devices
that informs the user of of the regulatory situation and
allows a quick toggle of the outdoor mode.
2019-04-28 18:19:43 +02:00
Tata
1a690d2fd6 package/features: add gluon-ebtables-limit-arp to batman feature (#1516)
this activates the package by default when using the batman feature
while still allowing to explicitly remove it like this:

GLUON_SITE_PACKAGES := \
  -gluon-ebtables-limit-arp
2018-09-05 04:45:41 +02:00
Christof Schulze
8959d8c3ea
gluon-status-page: make status page mesh protocol agnostic
batman-adv-specific parts are moved to a new package
gluon-status-page-mesh-batman-adv.
2018-04-15 12:46:01 +02:00
Matthias Schiffer
7f812e8754
package/features: never implicitly enable gluon-web-mesh-vpn-fastd
This package only provides the choice between "security" and "performance
mode". It should only be enabled when specified in site.mk.
2018-03-12 13:57:57 +01:00
Matthias Schiffer
6ca841bad5
build: introduce GLUON_FEATURES
To reduce the number of packages that need to be listed in
GLUON_SITE_PACKAGES, this adds a new variable GLUON_FEATURES. Sets of
packages are enabled automatically based on the combination of listed
feature flags.

Site-specified package feeds can provide their own feature flag
definitions.
2017-07-09 02:31:38 +02:00