diff --git a/.gitignore b/.gitignore index b25c15b..81b1ca8 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ -*~ +info +sites diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..08c41b8 --- /dev/null +++ b/Makefile @@ -0,0 +1,31 @@ +sites: clean info sites/ffhh-nowe sites/ffhh-ost sites/ffhh-sued sites/ffhh-west + +info: config/defaults.erb template/info.erb + erb -T- config/defaults.erb template/$@.erb >$@ + +.PHONY: clean +clean: + rm -rf sites + rm -f info + +sites/%: config/%.erb + mkdir -p $@ + cd $@ && $(MAKE) -f ../../Makefile site SITE=$(@F) + +site: siteclean site.mk site.conf modules i18n + +.PHONY: siteclean +siteclean: + rm -f site.mk site.conf modules + +modules: + erb -T- ../../config/defaults.erb ../../config/$(SITE).erb ../../template/$@.erb >$@ + +site.conf: + erb -T- ../../config/defaults.erb ../../config/$(SITE).erb ../../template/$@.erb >$@ + +site.mk: + erb -T- ../../config/defaults.erb ../../config/$(SITE).erb ../../template/$@.erb >$@ + +i18n: + ln -s ../../i18n diff --git a/README.md b/README.md index 50a73cf..1fe6667 100644 --- a/README.md +++ b/README.md @@ -3,14 +3,23 @@ git clone https://github.com/freifunk-gluon/gluon.git # Get the official Gluon repository cd gluon git clone https://github.com/freifunkhamburg/site-ffhh.git site # Get the Freifunk Hamburg site repository - make update # Get other repositories used by Gluon - make # Build Gluon + cd site + make + cd .. + make update # Get other repositories used by Gluon + make GLUON_SITEDIR=site/sites/ffhh # Build Gluon Please see [the official Gluon repository](https://github.com/freifunk-gluon/gluon) for an in-depth explanation of the build process. #### Gluon versions used for specific Hamburg Freifunk Firmware builds +- 0.8.6: v2016.2.7 Fix gw01-new key, add 3.ntp.services.ffhh to NTP servers, add Firmware signing keys for Alexander and Olli, remove old domain +- 0.8.5: v2016.2.7 Domain split, new package: ffho-ebtables-net-rules +- 0.8.4: v2016.2.7 (updated openwrt/package/network/services/dnsmasq/Makefile: PKG\_VERSION:=2.78 & PKG\_MD5SUM:=6d0241b72c79d2b510776ccc4ed69ca4) +- 0.8.3: v2016.2.6 (ffhh-sued only) +- 0.8.2: v2016.2.5 +- 0.8.1: v2016.2.4 (ffhh-sued only) - 0.8: v2016.1.4 - 0.7.1: v2015.1.2 - 0.7: v2015.1 diff --git a/build.sh b/build.sh new file mode 100755 index 0000000..55974cf --- /dev/null +++ b/build.sh @@ -0,0 +1,102 @@ +#!/bin/bash -e + +function announce () { + echo '############################' $* >&2 +} + +proc=$(nproc) +gluon_out="${HOME}/firmware" + +while getopts g:j:l:o:s:u:bmv opt; do + case "$opt" in + g) gluon_path="$OPTARG" ;; + l) sites="$OPTARG" ;; + o) gluon_out="$OPTARG" ;; + s) signature="$OPTARG" ;; + u) uploadscript="$OPTARG" ;; + b) export BROKEN=1 ;; + m) dont_make_sites=1 ;; + j) proc="$OPTARG" ;; + v) verbose=V=s ;; + esac +done +if [ -z "${gluon_path}" ]; then + echo "Usage: $0 -g GLUON_PATH" >&2 + echo " -g GLUON_PATH Path to a checkout of the gluon repository." >&2 + echo " -l SITES Comma separated list of sites to build" >&2 + echo " -o OUT_PATH Path to the firmware output directory. Default: ${gluon_out}" >&2 + echo " -s SIGNATURE Sign firmware with signature" >&2 + echo " -u UPLOADSCRIPT Run UPLOADSCRIPT after building. Argument: $gluon_out/" >&2 + echo " -b BROKEN=1" >&2 + echo " -m Do not regenerate the sites" >&2 + echo " -v verbose" >&2 + echo " -j JOBS Run build with -jJOBS. Default: ${proc}" >&2 + exit 1 +fi + +gluon_path=$(realpath $gluon_path) +gluon_out=$(realpath $gluon_out) +site_path=$(realpath $(dirname $BASH_SOURCE)) + +announce GLUON: $gluon_path >&2 +announce FFHH SITE PATH: $site_path >&2 + +pushd $site_path +if [ "$dont_make_sites" == "" ]; then + # Build the site repo and generate all site configs + announce Building site repo and reading data >&2 + make +fi +. ./info +export GLUON_RELEASE +export GLUON_BRANCH +# get the available sites... +sites="$(echo "$sites" | sed -e 's_,_ _g')" +if [ "$sites" == "" ]; then + for s in sites/*; do sites="${sites} ${s##*/}"; done +fi +announce Gluon will be built for the following sites:$sites >&2 +announce The following targets will be generated: $targets >&2 +popd + +pushd "${gluon_path}" +announce Starting make update... +for s in $sites; do + export GLUON_SITEDIR="${site_path}/sites/${s}" + export GLUON_OUTPUTDIR="${gluon_out}/${GLUON_RELEASE}/${GLUON_BRANCH}/${s}" + export GLUON_IMAGEDIR="${GLUON_OUTPUTDIR}/images" + export GLUON_MODULEDIR="${GLUON_OUTPUTDIR}/modules" + rm -rf "${GLUON_OUTPUTDIR}" + mkdir -p "${GLUON_IMAGEDIR}" "${GLUON_MODULEDIR}" + make update + # Try to install patches. I wasn't able to figure out how patches in gluon/site/patches work. + for p in ${site_path}/patches/*.patch; do + if [ -e "$p" -a ! -f "${gluon_path}/${p##*/}" ]; then + announce Installing patch $p + patch -p1 < $p + touch "${gluon_path}/${p##*/}" + fi + done + for t in $targets; do + announce make clean for $s/$t... >&2 + make -j1 clean GLUON_TARGET=$t + announce Starting build for $s/$t... >&2 + make -j$(nproc) GLUON_TARGET=$t $verbose + done + announce Building manifest... + make manifest + if [ -n "${signature}" ]; then + if [ "$GLUON_BRANCH" == "experimental" ]; then + announce Signing + "${gluon_path}/contrib/sign.sh" "${signature}" "${GLUON_IMAGEDIR}/sysupgrade/experimental.manifest" + else + echo ERROR: can only sign experimental branch >&2 + exit 1 + fi + fi +done +popd +if [ -n "$uploadscript" ]; then + announce Starting upload. Executing: $uploadscript $gluon_out/$GLUON_RELEASE + "$uploadscript" "$gluon_out/$GLUON_RELEASE" +fi diff --git a/config/defaults.erb b/config/defaults.erb new file mode 100644 index 0000000..3f9cb64 --- /dev/null +++ b/config/defaults.erb @@ -0,0 +1,59 @@ +<% +gluon_branch = "stable" +#gluon_branch = "experimental" +gluon_release = "0.8.6" + +# Add the +exp and current date if this is an experimental release +gluon_release += "+exp" + Time.new.strftime("%Y%m%d") if gluon_branch == "experimental" + +gluon_targets = %w( + ar71xx-generic + ar71xx-nand + mpc85xx-generic + x86-generic + x86-64 +) + +gluon_site_packages = %w( + gluon-autoupdater + gluon-config-mode-autoupdater + gluon-config-mode-core + gluon-config-mode-hostname + gluon-config-mode-mesh-vpn + gluon-config-mode-reboot-ffhh + gluon-ebtables-filter-multicast + gluon-ebtables-filter-ra-dhcp + gluon-ebtables-segment-mld + gluon-luci-admin + gluon-luci-autoupdater + gluon-luci-portconfig + gluon-luci-private-wifi + gluon-luci-wifi-config + gluon-next-node + gluon-mesh-vpn-fastd + gluon-radvd + gluon-respondd + gluon-setup-mode + gluon-status-page + iwinfo + iptables + haveged + ffho-ebtables-net-rules +) + +gluon_ath10k_mesh = "11s" + +signing_keys = [ + 'ef73bc52b929fd11efce9a5c8f0b5463f1766bb995c8a0b3b6bcd7ba45b8b1e6', # leo + '3f0fc50d4e5c893f9f58f98874bd21080b93c28ff5e4d4946352cada1b4e6441', # andre + '1d37eacbd70f72730b1f5aba246a6a8eab100e2d45dda0163d9ad827f70f88d4', # gernot + 'bd5a70d4c3df30eaa860d615c0e0526b0dda5bc60c09c20972bce4ffa7512659', # bjoern + 'd9992853c0fe1a2e983cc222b6bd26e70d4fb2a53862ac099144e9e8142238d0', # daniel + '961495a04512e5ba1843fd3c216d8af6ef2fdb19f93055142803e2da26d670b9', # alexander + 'ed6278f168f0382adf4f058cb9c31d8f1145abb968a8626045de7d6d87a0be40', # olli +] +signing_keys_experimental = [ + '1a0112fe489860068480c611c5dc56196c2f1a645db651ea2ed19ae0f0e8e1d1', # 1.builder +] + +-%> diff --git a/config/ffhh-nowe.erb b/config/ffhh-nowe.erb new file mode 100644 index 0000000..f7d3f61 --- /dev/null +++ b/config/ffhh-nowe.erb @@ -0,0 +1,42 @@ +<% +site_name = 'Freifunk Hamburg Nordwest' +site_code = 'ffhh-nowe' + +gluon_site_packages += %w( gluon-mesh-batman-adv-15 ) +gluon_ath10k_mesh = "11s" + +prefix4 = '10.112.192.0/19' +prefix6 = '2a03:2267:3::/64' + +next_node_ipv4 = '10.112.192.1' +next_node_ipv6 = '2a03:2267:3::1' + +mtu = 1312 + +gateways = { + "gateway01" => { + "key" => "aa88fb5cc3e729c124589e3714b817a505d809f381d9b3494040c382edfd4f3b", + "remotes" => [ '"gw01-new.hamburg.freifunk.net" port 10007' ] + }, + "gateway02" => { + "key" => "462b4e21ab5eb0f9de687efd97252880c895ba55cc9cc0755a75347b0965b6e0", + "remotes" => [ '"gw02-new.hamburg.freifunk.net" port 10007' ] + }, + "gateway03" => { + "key" => "e15295b86138ac490d611e4100f847ccfb7052d5091ded4659f25940be2c0546", + "remotes" => [ '"gw03-new.hamburg.freifunk.net" port 10007' ] + }, + "gateway04" => { + "key" => "a00e092c236c3b56043fb3b5d0b3da3da08d8325fb18e7bae6ed035d50d50669", + "remotes" => [ '"gw04-new.hamburg.freifunk.net" port 10008' ] + }, + "gateway05" => { + "key" => "291197d88a5ed510a62fec87f30d13315c1e031c62c927c23e1643a72796708f", + "remotes" => [ '"gw05-new.hamburg.freifunk.net" port 10008' ] + }, + "gateway06" => { + "key" => "8d400e8a9db05b145c36583d46b4170f6b66d1e16177540f8a2f9f5ad0dc4c43", + "remotes" => [ '"gw06-new.hamburg.freifunk.net" port 10008' ] + }, +} +-%> diff --git a/config/ffhh-ost.erb b/config/ffhh-ost.erb new file mode 100644 index 0000000..53052c8 --- /dev/null +++ b/config/ffhh-ost.erb @@ -0,0 +1,42 @@ +<% +site_name = 'Freifunk Hamburg Ost' +site_code = 'ffhh-ost' + +gluon_site_packages += %w( gluon-mesh-batman-adv-15 ) +gluon_ath10k_mesh = "11s" + +prefix4 = '10.112.224.0/19' +prefix6 = '2a03:2267:4::/64' + +next_node_ipv4 = '10.112.224.1' +next_node_ipv6 = '2a03:2267:4::1' + +mtu = 1312 + +gateways = { + "gateway01" => { + "key" => "aa88fb5cc3e729c124589e3714b817a505d809f381d9b3494040c382edfd4f3b", + "remotes" => [ '"gw01-new.hamburg.freifunk.net" port 10009' ] + }, + "gateway02" => { + "key" => "462b4e21ab5eb0f9de687efd97252880c895ba55cc9cc0755a75347b0965b6e0", + "remotes" => [ '"gw02-new.hamburg.freifunk.net" port 10009' ] + }, + "gateway03" => { + "key" => "e15295b86138ac490d611e4100f847ccfb7052d5091ded4659f25940be2c0546", + "remotes" => [ '"gw03-new.hamburg.freifunk.net" port 10009' ] + }, + "gateway04" => { + "key" => "a00e092c236c3b56043fb3b5d0b3da3da08d8325fb18e7bae6ed035d50d50669", + "remotes" => [ '"gw04-new.hamburg.freifunk.net" port 10010' ] + }, + "gateway05" => { + "key" => "291197d88a5ed510a62fec87f30d13315c1e031c62c927c23e1643a72796708f", + "remotes" => [ '"gw05-new.hamburg.freifunk.net" port 10010' ] + }, + "gateway06" => { + "key" => "8d400e8a9db05b145c36583d46b4170f6b66d1e16177540f8a2f9f5ad0dc4c43", + "remotes" => [ '"gw06-new.hamburg.freifunk.net" port 10010' ] + }, +} +-%> diff --git a/config/ffhh-sued.erb b/config/ffhh-sued.erb new file mode 100644 index 0000000..a8b1ea4 --- /dev/null +++ b/config/ffhh-sued.erb @@ -0,0 +1,42 @@ +<% +site_name = 'Freifunk Hamburg Sued' +site_code = 'ffhh-sued' + +gluon_site_packages += %w( gluon-mesh-batman-adv-15 ) +gluon_ath10k_mesh = "11s" + +prefix4 = '10.112.64.0/19' +prefix6 = '2a03:2267:1::/64' + +next_node_ipv4 = '10.112.64.1' +next_node_ipv6 = '2a03:2267:1::1' + +mtu = 1312 + +gateways = { + "gateway01" => { + "key" => "aa88fb5cc3e729c124589e3714b817a505d809f381d9b3494040c382edfd4f3b", + "remotes" => [ '"gw01-new.hamburg.freifunk.net" port 10003' ] + }, + "gateway02" => { + "key" => "462b4e21ab5eb0f9de687efd97252880c895ba55cc9cc0755a75347b0965b6e0", + "remotes" => [ '"gw02-new.hamburg.freifunk.net" port 10003' ] + }, + "gateway03" => { + "key" => "e15295b86138ac490d611e4100f847ccfb7052d5091ded4659f25940be2c0546", + "remotes" => [ '"gw03-new.hamburg.freifunk.net" port 10003' ] + }, + "gateway04" => { + "key" => "a00e092c236c3b56043fb3b5d0b3da3da08d8325fb18e7bae6ed035d50d50669", + "remotes" => [ '"gw04-new.hamburg.freifunk.net" port 10004' ] + }, + "gateway05" => { + "key" => "291197d88a5ed510a62fec87f30d13315c1e031c62c927c23e1643a72796708f", + "remotes" => [ '"gw05-new.hamburg.freifunk.net" port 10004' ] + }, + "gateway06" => { + "key" => "8d400e8a9db05b145c36583d46b4170f6b66d1e16177540f8a2f9f5ad0dc4c43", + "remotes" => [ '"gw06-new.hamburg.freifunk.net" port 10004' ] + }, +} +-%> diff --git a/config/ffhh-west.erb b/config/ffhh-west.erb new file mode 100644 index 0000000..428199e --- /dev/null +++ b/config/ffhh-west.erb @@ -0,0 +1,42 @@ +<% +site_name = 'Freifunk Hamburg West' +site_code = 'ffhh-west' + +gluon_site_packages += %w( gluon-mesh-batman-adv-15 ) +gluon_ath10k_mesh = "11s" + +prefix4 = '10.112.96.0/19' +prefix6 = '2a03:2267:2::/64' + +next_node_ipv4 = '10.112.96.1' +next_node_ipv6 = '2a03:2267:2::1' + +mtu = 1312 + +gateways = { + "gateway01" => { + "key" => "aa88fb5cc3e729c124589e3714b817a505d809f381d9b3494040c382edfd4f3b", + "remotes" => [ '"gw01-new.hamburg.freifunk.net" port 10005' ] + }, + "gateway02" => { + "key" => "462b4e21ab5eb0f9de687efd97252880c895ba55cc9cc0755a75347b0965b6e0", + "remotes" => [ '"gw02-new.hamburg.freifunk.net" port 10005' ] + }, + "gateway03" => { + "key" => "e15295b86138ac490d611e4100f847ccfb7052d5091ded4659f25940be2c0546", + "remotes" => [ '"gw03-new.hamburg.freifunk.net" port 10005' ] + }, + "gateway04" => { + "key" => "a00e092c236c3b56043fb3b5d0b3da3da08d8325fb18e7bae6ed035d50d50669", + "remotes" => [ '"gw04-new.hamburg.freifunk.net" port 10006' ] + }, + "gateway05" => { + "key" => "291197d88a5ed510a62fec87f30d13315c1e031c62c927c23e1643a72796708f", + "remotes" => [ '"gw05-new.hamburg.freifunk.net" port 10006' ] + }, + "gateway06" => { + "key" => "8d400e8a9db05b145c36583d46b4170f6b66d1e16177540f8a2f9f5ad0dc4c43", + "remotes" => [ '"gw06-new.hamburg.freifunk.net" port 10006' ] + }, +} +-%> diff --git a/modules b/modules deleted file mode 100644 index 6416262..0000000 --- a/modules +++ /dev/null @@ -1,5 +0,0 @@ -GLUON_SITE_FEEDS='ffhh_packages' - -PACKAGES_FFHH_PACKAGES_REPO=git://github.com/freifunkhamburg/ffhh-packages.git -PACKAGES_FFHH_PACKAGES_COMMIT=ef9fcc1222f74c3c045b1450537a4b8b80efb56c - diff --git a/patches/0001-dnsmasq2.78.patch b/patches/0001-dnsmasq2.78.patch new file mode 100644 index 0000000..b2f1fd4 --- /dev/null +++ b/patches/0001-dnsmasq2.78.patch @@ -0,0 +1,236 @@ +diff -Naur a/openwrt/package/network/services/dnsmasq/Makefile b/openwrt/package/network/services/dnsmasq/Makefile +--- a/openwrt/package/network/services/dnsmasq/Makefile 2017-10-18 22:57:32.713534131 +0200 ++++ b/openwrt/package/network/services/dnsmasq/Makefile 2017-10-18 22:58:50.228018635 +0200 +@@ -8,12 +8,12 @@ + include $(TOPDIR)/rules.mk + + PKG_NAME:=dnsmasq +-PKG_VERSION:=2.73 ++PKG_VERSION:=2.78 + PKG_RELEASE:=1 + + PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz + PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq +-PKG_MD5SUM:=b8bfe96d22945c8cf4466826ba9b21bd ++PKG_MD5SUM:=6d0241b72c79d2b510776ccc4ed69ca4 + + PKG_LICENSE:=GPL-2.0 + PKG_LICENSE_FILES:=COPYING +diff -Naur a/openwrt/package/network/services/dnsmasq/patches/100-fix-dhcp-no-address-warning.patch b/openwrt/package/network/services/dnsmasq/patches/100-fix-dhcp-no-address-warning.patch +--- a/openwrt/package/network/services/dnsmasq/patches/100-fix-dhcp-no-address-warning.patch 2017-10-18 22:57:32.713534131 +0200 ++++ b/openwrt/package/network/services/dnsmasq/patches/100-fix-dhcp-no-address-warning.patch 1970-01-01 01:00:00.000000000 +0100 +@@ -1,47 +0,0 @@ +---- a/src/dhcp.c +-+++ b/src/dhcp.c +-@@ -146,7 +146,7 @@ void dhcp_packet(time_t now, int pxe_fd) +- struct iovec iov; +- ssize_t sz; +- int iface_index = 0, unicast_dest = 0, is_inform = 0; +-- struct in_addr iface_addr; +-+ struct in_addr iface_addr, *addrp = NULL; +- struct iface_param parm; +- #ifdef HAVE_LINUX_NETWORK +- struct arpreq arp_req; +-@@ -272,11 +272,9 @@ void dhcp_packet(time_t now, int pxe_fd) +- { +- ifr.ifr_addr.sa_family = AF_INET; +- if (ioctl(daemon->dhcpfd, SIOCGIFADDR, &ifr) != -1 ) +-- iface_addr = ((struct sockaddr_in *) &ifr.ifr_addr)->sin_addr; +-- else +- { +-- my_syslog(MS_DHCP | LOG_WARNING, _("DHCP packet received on %s which has no address"), ifr.ifr_name); +-- return; +-+ addrp = &iface_addr; +-+ iface_addr = ((struct sockaddr_in *) &ifr.ifr_addr)->sin_addr; +- } +- +- for (tmp = daemon->dhcp_except; tmp; tmp = tmp->next) +-@@ -295,7 +293,7 @@ void dhcp_packet(time_t now, int pxe_fd) +- parm.relay_local.s_addr = 0; +- parm.ind = iface_index; +- +-- if (!iface_check(AF_INET, (struct all_addr *)&iface_addr, ifr.ifr_name, NULL)) +-+ if (!iface_check(AF_INET, (struct all_addr *)addrp, ifr.ifr_name, NULL)) +- { +- /* If we failed to match the primary address of the interface, see if we've got a --listen-address +- for a secondary */ +-@@ -315,6 +313,12 @@ void dhcp_packet(time_t now, int pxe_fd) +- complete_context(match.addr, iface_index, NULL, match.netmask, match.broadcast, &parm); +- } +- +-+ if (!addrp) +-+ { +-+ my_syslog(MS_DHCP | LOG_WARNING, _("DHCP packet received on %s which has no address"), ifr.ifr_name); +-+ return; +-+ } +-+ +- if (!iface_enumerate(AF_INET, &parm, complete_context)) +- return; +- +diff -Naur a/openwrt/package/network/services/dnsmasq/patches/110-ipset-remove-old-kernel-support.patch b/openwrt/package/network/services/dnsmasq/patches/110-ipset-remove-old-kernel-support.patch +--- a/openwrt/package/network/services/dnsmasq/patches/110-ipset-remove-old-kernel-support.patch 2017-10-18 22:57:32.713534131 +0200 ++++ b/openwrt/package/network/services/dnsmasq/patches/110-ipset-remove-old-kernel-support.patch 1970-01-01 01:00:00.000000000 +0100 +@@ -1,110 +0,0 @@ +---- a/src/ipset.c +-+++ b/src/ipset.c +-@@ -22,7 +22,6 @@ +- #include +- #include +- #include +--#include +- #include +- #include +- #include +-@@ -72,7 +71,7 @@ struct my_nfgenmsg { +- +- #define NL_ALIGN(len) (((len)+3) & ~(3)) +- static const struct sockaddr_nl snl = { .nl_family = AF_NETLINK }; +--static int ipset_sock, old_kernel; +-+static int ipset_sock; +- static char *buffer; +- +- static inline void add_attr(struct nlmsghdr *nlh, uint16_t type, size_t len, const void *data) +-@@ -87,25 +86,7 @@ static inline void add_attr(struct nlmsg +- +- void ipset_init(void) +- { +-- struct utsname utsname; +-- int version; +-- char *split; +-- +-- if (uname(&utsname) < 0) +-- die(_("failed to find kernel version: %s"), NULL, EC_MISC); +-- +-- split = strtok(utsname.release, "."); +-- version = (split ? atoi(split) : 0); +-- split = strtok(NULL, "."); +-- version = version * 256 + (split ? atoi(split) : 0); +-- split = strtok(NULL, "."); +-- version = version * 256 + (split ? atoi(split) : 0); +-- old_kernel = (version < KERNEL_VERSION(2,6,32)); +-- +-- if (old_kernel && (ipset_sock = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) != -1) +-- return; +-- +-- if (!old_kernel && +-+ if ( +- (buffer = safe_malloc(BUFF_SZ)) && +- (ipset_sock = socket(AF_NETLINK, SOCK_RAW, NETLINK_NETFILTER)) != -1 && +- (bind(ipset_sock, (struct sockaddr *)&snl, sizeof(snl)) != -1)) +-@@ -168,62 +149,16 @@ static int new_add_to_ipset(const char * +- } +- +- +--static int old_add_to_ipset(const char *setname, const struct all_addr *ipaddr, int remove) +--{ +-- socklen_t size; +-- struct ip_set_req_adt_get { +-- unsigned op; +-- unsigned version; +-- union { +-- char name[IPSET_MAXNAMELEN]; +-- uint16_t index; +-- } set; +-- char typename[IPSET_MAXNAMELEN]; +-- } req_adt_get; +-- struct ip_set_req_adt { +-- unsigned op; +-- uint16_t index; +-- uint32_t ip; +-- } req_adt; +-- +-- if (strlen(setname) >= sizeof(req_adt_get.set.name)) +-- { +-- errno = ENAMETOOLONG; +-- return -1; +-- } +-- +-- req_adt_get.op = 0x10; +-- req_adt_get.version = 3; +-- strcpy(req_adt_get.set.name, setname); +-- size = sizeof(req_adt_get); +-- if (getsockopt(ipset_sock, SOL_IP, 83, &req_adt_get, &size) < 0) +-- return -1; +-- req_adt.op = remove ? 0x102 : 0x101; +-- req_adt.index = req_adt_get.set.index; +-- req_adt.ip = ntohl(ipaddr->addr.addr4.s_addr); +-- if (setsockopt(ipset_sock, SOL_IP, 83, &req_adt, sizeof(req_adt)) < 0) +-- return -1; +-- +-- return 0; +--} +-- +-- +-- +- int add_to_ipset(const char *setname, const struct all_addr *ipaddr, int flags, int remove) +- { +- int af = AF_INET; +- +- #ifdef HAVE_IPV6 +- if (flags & F_IPV6) +-- { +- af = AF_INET6; +-- /* old method only supports IPv4 */ +-- if (old_kernel) +-- return -1; +-- } +- #endif +- +-- return old_kernel ? old_add_to_ipset(setname, ipaddr, remove) : new_add_to_ipset(setname, ipaddr, af, remove); +-+ return new_add_to_ipset(setname, ipaddr, af, remove); +- } +- +- #endif +diff -Naur a/openwrt/package/network/services/dnsmasq/patches/210-dnssec-improve-timestamp-heuristic.patch b/openwrt/package/network/services/dnsmasq/patches/210-dnssec-improve-timestamp-heuristic.patch +--- a/openwrt/package/network/services/dnsmasq/patches/210-dnssec-improve-timestamp-heuristic.patch 2017-10-18 22:57:32.713534131 +0200 ++++ b/openwrt/package/network/services/dnsmasq/patches/210-dnssec-improve-timestamp-heuristic.patch 1970-01-01 01:00:00.000000000 +0100 +@@ -1,49 +0,0 @@ +-From 79e60e145f8a595bca5a784c00b437216d51de68 Mon Sep 17 00:00:00 2001 +-From: Steven Barth +-Date: Mon, 13 Apr 2015 09:45:20 +0200 +-Subject: [PATCH] dnssec: improve timestamp heuristic +- +-Signed-off-by: Steven Barth +---- +- src/dnssec.c | 15 +++++++++++---- +- 1 file changed, 11 insertions(+), 4 deletions(-) +- +---- a/src/dnssec.c +-+++ b/src/dnssec.c +-@@ -432,17 +432,24 @@ static int back_to_the_future; +- int setup_timestamp(void) +- { +- struct stat statbuf; +-- +-+ time_t now; +-+ time_t base = 1420070400; /* 1-1-2015 */ +-+ +- back_to_the_future = 0; +- +- if (!daemon->timestamp_file) +- return 0; +-- +-+ +-+ now = time(NULL); +-+ +-+ if (!stat("/proc/self/exe", &statbuf) && difftime(statbuf.st_mtime, base) > 0) +-+ base = statbuf.st_mtime; +-+ +- if (stat(daemon->timestamp_file, &statbuf) != -1) +- { +- timestamp_time = statbuf.st_mtime; +- check_and_exit: +-- if (difftime(timestamp_time, time(0)) <= 0) +-+ if (difftime(now, base) >= 0 && difftime(timestamp_time, now) <= 0) +- { +- /* time already OK, update timestamp, and do key checking from the start. */ +- if (utime(daemon->timestamp_file, NULL) == -1) +-@@ -463,7 +470,7 @@ int setup_timestamp(void) +- +- close(fd); +- +-- timestamp_time = timbuf.actime = timbuf.modtime = 1420070400; /* 1-1-2015 */ +-+ timestamp_time = timbuf.actime = timbuf.modtime = base; +- if (utime(daemon->timestamp_file, &timbuf) == 0) +- goto check_and_exit; +- } diff --git a/site.conf b/site.conf deleted file mode 100644 index 9352061..0000000 --- a/site.conf +++ /dev/null @@ -1,156 +0,0 @@ -{ - hostname_prefix = 'GibMirEinenNamen', - site_name = 'Freifunk Hamburg', - site_code = 'ffhh', - - opkg = { - openwrt = 'http://opkg.services.ffhh/%n/%v/%S/packages', - extra = { - modules = 'http://updates.hamburg.freifunk.net/stable/archive/modules/gluon-%GS-%GR/%S', - }, - }, - - prefix4 = '10.112.0.0/18', - prefix6 = '2a03:2267::/64', - - timezone = 'CET-1CEST,M3.5.0,M10.5.0/3', -- Europe/Berlin - ntp_servers = {'1.ntp.services.ffhh','2.ntp.services.ffhh'}, - regdom = 'DE', - - wifi24 = { - channel = 1, - - supported_rates = {6000, 9000, 12000, 18000, 24000, 36000, 48000, 54000}, - basic_rate = {6000, 9000, 18000, 36000, 54000}, - - ap = { - ssid = 'hamburg.freifunk.net', - }, - ibss = { - ssid = 'f8:d1:11:87:52:2e', - bssid = 'f8:d1:11:87:52:2e', - mcast_rate = 12000, - }, - --[[ mesh = { - id = 'ffhh-mesh', - mcast_rate = 12000, - }, --]] - }, - - wifi5 = { - channel = 44, - ap = { - ssid = 'hamburg.freifunk.net', - }, - ibss = { - ssid = 'f8:d1:11:87:52:2e', - bssid = 'f8:d1:11:87:52:2e', - mcast_rate = 12000, - }, - --[[ mesh = { - id = 'ffhh-mesh', - mcast_rate = 12000, - }, --]] - }, - - next_node = { - ip4 = '10.112.0.1', - ip6 = '2a03:2267::1', - - mac = '16:41:95:40:f7:dc', - }, - - fastd_mesh_vpn = { - enabled = true, - methods = {'salsa2012+umac'}, - mtu = 1280, - groups = { - backbone = { - limit = 1, - peers = { - gateway01 = { - key = 'cb09c68e2d2f7d374d47035cd532e0a60b8b3a7447aa5a7f76f4f15c8ffa9e58', - remotes = {'"gw01.hamburg.freifunk.net" port 10001'}, - }, - gateway02 = { - key = '462b4e21ab5eb0f9de687efd97252880c895ba55cc9cc0755a75347b0965b6e0', - remotes = {'"gw02.hamburg.freifunk.net" port 10001'}, - }, - gateway03 = { - key = 'e15295b86138ac490d611e4100f847ccfb7052d5091ded4659f25940be2c0546', - remotes = {'"gw03.hamburg.freifunk.net" port 10001'}, - }, - gateway04 = { - key = 'fca88dd58316f4ab50d2a697123dddf4d0ba3aad52ddeb0ba7835cdbbeb60dbf', - remotes = {'"gw04.hamburg.freifunk.net" port 10000'}, - }, - gateway05 = { - key = '84986658775167dff6918dc8e0529c4a4524cb1782849a80933ddb6d8c6bd3f5', - remotes = {'"gw05.hamburg.freifunk.net" port 10001'}, - }, - gateway06 = { - key = 'fb608aa75180ba88b4a3399a6498e68796d200afc1bfd275a0dcb903a31f39b6', - remotes = {'"gw06.hamburg.freifunk.net" port 10000'}, - }, - gateway08 = { - key = '67e9b215248ada3f4ffcc9db0bdf897128f6236a0d4e8d660762b77bebc914d4', - remotes = {'"gw08.hamburg.freifunk.net" port 10001'}, - }, - gateway09 = { - key = '5f483f6d26ac9106d86c0edcd08cf92c18caf67933719a394915ab809d1fb2bc', - remotes = {'"gw09.hamburg.freifunk.net" port 10001'}, - }, - gateway12 = { - key = 'facbbfb07525782fcde22b929f36ea508a295619eca35782003d9ca2dd3cc524', - remotes = {'"gw12.hamburg.freifunk.net" port 10001'}, - }, - }, - }, - }, - bandwidth_limit = { - enabled = false, - ingress = 8096, - egress = 1024, - }, - }, - - autoupdater = { - branch = 'experimental', - branches = { - stable = { - name = 'stable', - mirrors = {'http://1.updates.services.ffhh/stable/sysupgrade','http://2.updates.services.ffhh/stable/sysupgrade'}, - good_signatures = 2, - pubkeys = { - '417ef22f886539ddbcffbad35e9f493195ca53e05f75bd8d8011a4999498b589', -- baldo - 'ef73bc52b929fd11efce9a5c8f0b5463f1766bb995c8a0b3b6bcd7ba45b8b1e6', -- leo - '3f0fc50d4e5c893f9f58f98874bd21080b93c28ff5e4d4946352cada1b4e6441', -- andre - '1d37eacbd70f72730b1f5aba246a6a8eab100e2d45dda0163d9ad827f70f88d4', -- gernot - 'bd5a70d4c3df30eaa860d615c0e0526b0dda5bc60c09c20972bce4ffa7512659', -- bjoern - }, - }, - beta = { - name = 'beta', - mirrors = {'http://1.updates.services.ffhh/beta/sysupgrade','http://2.updates.services.ffhh/beta/sysupgrade'}, - good_signatures = 2, - pubkeys = { - '417ef22f886539ddbcffbad35e9f493195ca53e05f75bd8d8011a4999498b589', -- baldo - 'ef73bc52b929fd11efce9a5c8f0b5463f1766bb995c8a0b3b6bcd7ba45b8b1e6', -- leo - '3f0fc50d4e5c893f9f58f98874bd21080b93c28ff5e4d4946352cada1b4e6441', -- andre - '1d37eacbd70f72730b1f5aba246a6a8eab100e2d45dda0163d9ad827f70f88d4', -- gernot - 'bd5a70d4c3df30eaa860d615c0e0526b0dda5bc60c09c20972bce4ffa7512659', -- bjoern - }, - }, - experimental = { - name = 'experimental', - mirrors = {'http://1.updates.services.ffhh/experimental/sysupgrade','http://2.updates.services.ffhh/experimental/sysupgrade'}, - good_signatures = 1, - pubkeys = { - '1a0112fe489860068480c611c5dc56196c2f1a645db651ea2ed19ae0f0e8e1d1', -- 1.builder - }, - }, - }, - }, - - poe_passthrough = false, -} diff --git a/site.mk b/site.mk deleted file mode 100644 index 4d22bed..0000000 --- a/site.mk +++ /dev/null @@ -1,41 +0,0 @@ -GLUON_SITE_PACKAGES := \ - gluon-mesh-batman-adv-14 \ - gluon-alfred \ - gluon-autoupdater \ - gluon-config-mode-autoupdater \ - gluon-config-mode-core \ - gluon-config-mode-hostname \ - gluon-config-mode-mesh-vpn \ - gluon-config-mode-reboot-ffhh \ - gluon-ebtables-filter-multicast \ - gluon-ebtables-filter-ra-dhcp \ - gluon-ebtables-segment-mld \ - gluon-luci-admin \ - gluon-luci-autoupdater \ - gluon-luci-portconfig \ - gluon-luci-private-wifi \ - gluon-luci-wifi-config \ - gluon-next-node \ - gluon-mesh-vpn-fastd \ - gluon-radvd \ - gluon-respondd \ - gluon-setup-mode \ - gluon-status-page \ - iwinfo \ - iptables \ - haveged - - -DEFAULT_GLUON_RELEASE := 0.8+exp$(shell date '+%Y%m%d') - -# Allow overriding the release number from the command line -GLUON_RELEASE ?= $(DEFAULT_GLUON_RELEASE) - -GLUON_PRIORITY ?= 0 - -# Region code required for some images; supported values: us eu -GLUON_REGION ?= eu - -GLUON_ATH10K_MESH ?= ibss - -GLUON_LANGS ?= en de diff --git a/template/info.erb b/template/info.erb new file mode 100644 index 0000000..685d4a9 --- /dev/null +++ b/template/info.erb @@ -0,0 +1,3 @@ +GLUON_RELEASE="<%= gluon_release %>" +GLUON_BRANCH="<%= gluon_branch %>" +targets="<%= gluon_targets.join(" ") %>" diff --git a/template/modules.erb b/template/modules.erb new file mode 100644 index 0000000..4810c9b --- /dev/null +++ b/template/modules.erb @@ -0,0 +1,8 @@ +GLUON_SITE_FEEDS='ffhh_packages ffho_packages' + +PACKAGES_FFHH_PACKAGES_REPO=git://github.com/freifunkhamburg/ffhh-packages.git +PACKAGES_FFHH_PACKAGES_COMMIT=ef9fcc1222f74c3c045b1450537a4b8b80efb56c + +PACKAGES_FFHO_PACKAGES_REPO=git://github.com/FreifunkHochstift/ffho-packages.git +PACKAGES_FFHO_PACKAGES_COMMIT=72ba236324fb538dc304695285fae059489365b9 +PACKAGES_FFHO_PACKAGES_BRANCH=v2016.2.x diff --git a/template/site.conf.erb b/template/site.conf.erb new file mode 100644 index 0000000..082b55d --- /dev/null +++ b/template/site.conf.erb @@ -0,0 +1,130 @@ +{ + hostname_prefix = 'GibMirEinenNamen', + site_name = '<%= site_name %>', + site_code = '<%= site_code %>', + + opkg = { + openwrt = 'http://opkg.services.ffhh/%n/%v/%S/packages', + extra = { + modules = 'http://updates.hamburg.freifunk.net/%GS/stable/archive/modules/gluon-%GS-%GR/%S', + }, + }, + + prefix4 = '<%= prefix4 %>', + prefix6 = '<%= prefix6 %>', + + timezone = 'CET-1CEST,M3.5.0,M10.5.0/3', -- Europe/Berlin + ntp_servers = {'1.ntp.services.ffhh','2.ntp.services.ffhh','3.ntp.services.ffhh'}, + regdom = 'DE', + + wifi24 = { + channel = 1, + + supported_rates = {6000, 9000, 12000, 18000, 24000, 36000, 48000, 54000}, + basic_rate = {6000, 9000, 18000, 36000, 54000}, + + ap = { + ssid = 'hamburg.freifunk.net', + }, +<% if gluon_ath10k_mesh == "11s" -%> + mesh = { + id = '<%= ("00000000" + site_code)[-8..-1].each_byte.map { |b| b.to_s(16) }.join.upcase %>', + mcast_rate = 12000, + }, +<% else -%> + ibss = { + ssid = 'f8:d1:11:87:52:2e', + bssid = 'f8:d1:11:87:52:2e', + mcast_rate = 12000, + }, +<% end -%> + }, + + wifi5 = { + channel = 44, + ap = { + ssid = 'hamburg.freifunk.net', + }, +<% if gluon_ath10k_mesh == "11s" -%> + mesh = { + id = '<%= ("00000000" + site_code)[-8..-1].each_byte.map { |b| b.to_s(16) }.join.upcase %>', + mcast_rate = 12000, + }, +<% else -%> + ibss = { + ssid = 'f8:d1:11:87:52:2e', + bssid = 'f8:d1:11:87:52:2e', + mcast_rate = 12000, + }, +<% end -%> + }, + + next_node = { + ip4 = '<%= next_node_ipv4 %>', + ip6 = '<%= next_node_ipv6 %>', + + mac = '16:41:95:40:f7:dc', + }, + + fastd_mesh_vpn = { + enabled = true, + methods = {'salsa2012+umac'}, + mtu = <%= mtu %>, + groups = { + backbone = { + limit = 1, + peers = { +<% gateways.each_pair do | name, gw_data | -%> + <%= name %> = { + key = '<%= gw_data['key'] %>', + remotes = { '<%= gw_data['remotes'].join("', '") %>' }, + }, +<% end -%> + }, + }, + }, + bandwidth_limit = { + enabled = false, + ingress = 8096, + egress = 1024, + }, + }, + + autoupdater = { + branch = '<%= gluon_branch %>', + branches = { + stable = { + name = 'stable', + mirrors = {'http://1.updates.services.ffhh/<%= site_code %>/stable/sysupgrade','http://2.updates.services.ffhh/<%= site_code %>/stable/sysupgrade'}, + good_signatures = 2, + pubkeys = { +<% signing_keys.each do | key | -%> + '<%= key %>', +<% end -%> + }, + }, + beta = { + name = 'beta', + mirrors = {'http://1.updates.services.ffhh/<%= site_code %>/beta/sysupgrade','http://2.updates.services.ffhh/<%= site_code %>/beta/sysupgrade'}, + good_signatures = 2, + pubkeys = { +<% signing_keys.each do | key | -%> + '<%= key %>', +<% end -%> + }, + }, + experimental = { + name = 'experimental', + mirrors = {'http://1.updates.services.ffhh/<%= site_code %>/experimental/sysupgrade','http://2.updates.services.ffhh/<%= site_code %>/experimental/sysupgrade'}, + good_signatures = 1, + pubkeys = { +<% signing_keys_experimental.each do | key | -%> + '<%= key %>', +<% end -%> + }, + }, + }, + }, + + poe_passthrough = false, +} diff --git a/template/site.mk.erb b/template/site.mk.erb new file mode 100644 index 0000000..345d9a9 --- /dev/null +++ b/template/site.mk.erb @@ -0,0 +1,37 @@ +GLUON_SITE_PACKAGES :=<% gluon_site_packages.each do | p | -%> +<%= " " + p -%> +<% end -%> + + +# EXTRA_SOFTWARE_TOOLS_01 +EXTRA_SOFTWARE_TOOLS_01 := \ + nano \ + htop \ + ethtool + +# x86 +ifeq ($(GLUON_TARGET),x86-generic) +GLUON_SITE_PACKAGES += \ + $(EXTRA_SOFTWARE_TOOLS_01) +endif + +# x86-64 +ifeq ($(GLUON_TARGET),x86-64) +GLUON_SITE_PACKAGES += \ + $(EXTRA_SOFTWARE_TOOLS_01) +endif + + +DEFAULT_GLUON_RELEASE := <%= gluon_release %> + +# Allow overriding the release number from the command line +GLUON_RELEASE ?= $(DEFAULT_GLUON_RELEASE) + +GLUON_PRIORITY ?= 0 + +# Region code required for some images; supported values: us eu +GLUON_REGION ?= eu + +GLUON_ATH10K_MESH ?= <%= gluon_ath10k_mesh %> + +GLUON_LANGS ?= en de