add invariant script "001-node-system" to add section "system" if not exist; add invariant script "010-node-role"
to add section "system" if not exist; add invariant script "010-node-role" to set role to default value
(site.roles.default) if not exist; depends on new site.conf section
the ports were interchanged, see the following packet flow:
client:546 --> [ff02::1:2]:547
server:547 --> client:546
therefore we need to allow outgoing multicast packets with dst-port 547
and unicast packets from bat0 to clients with dst-port 546 and 547 in the other direction
This package will run as invariant script after each upgrade and copy
all keys from site.conf's authorized_keys entry to
/etc/dropbear/authorized_keys.
Existing keys will be preserved.
The site.conf entry 'authorized_keys' is required (if this package is
selected) and must contain a list of strings, each representing a line
of the resulting file.
Using the line
```
* * * * echo "foobar"
```
(notice the missing fifth time field) in a crontab causes gluon-cron
to enter an endless loop while parsing it, thus it won't even execute
the other, valid crontabs.
This is caused by the loop in [line 138] where `begin - min`
substracts the unsigned `min` from the signed `begin`. If now `begin`
is invalid, `strict_atoi` returns -1 and the loop starts at
`(-1)-1=MAX_INT` and runs while `i <= MAX_INT` which is always true.
The real culprit lies in [line 134] where exactly this case
`begin < min` is checked - but because of the signedness, this check doesn't
work as expected either.
The easiest solution is to make `min` a signed integer instead of an unsigned
one, as we do not require it to be very large and only pass the constants 0 or
1 to it.
To avoid other similar problems, this patch makes the input variable `n` a
signed integer as well.
Since switching to Barrier Breaker/procd, we'd not notice if we were
upgrading from a version before renaming the config file to gluon-setup-mode
as the upgrade scripts run after the preinit.
Fix this by checking later during setup mode init again and rebooting into the
regular run mode if we detect this case.
Die Bezeichnung "Mesh-VPN" ist etwas irreführend. Man kann denken, dass hiermit das Meshing aktiviert wird, wobei es ja — im Gegenteil — um eine Nutzung des WAN geht.
This adds
"client" { "total": <int>, "wifi": <int>" }
to statistics.d. "total" will be the number of clients connected.
"wifi" will be the number of clients connected over wifi. I.e. "total"
will always be equal to or greater than "wifi".
The node will not count itself.