Most of the entries in /etc/sysupgrade.conf are generated by a
uci-defaults script in the fff-sysupgrade package. The only entry
added in a different place is rc.local.fff_userconfig.
Consolidate all entries to be added by the uci-defaults script in
fff-sysupgrade.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Currently there is no way to persistently configure firewall rules on a
router. This might be desirable as home-use of the Freifunk network is
quite common these days.
To allow for the most flexibility while keeping maintenance efforts low,
add a persistent, user-customizable nftables hook. It is evaluated after
all firewall rules have already been configured, so it is possible to
override them.
Users of this hook are responsible for keeping up with changes to the
firmware and modify it appropriately, before updating the system.
Fixes: #314
Signed-off-by: Fabian Bläse <fabian@blaese.de>
COMMITCOUNT allows to have the PKG_RELEASE calculated automatically
based on the number of commits for the package folder.
AUTORELEASE will count the number of commits since the last upstream
bump. This is relevant for packages with PKG_VERSION or
PKG_SOURCE_DATE set, but will not work for us since it assumes the
use of certain identifiers in commit titles.
COMMITCOUNT works fine for most of our packages, with the following
exceptions:
* fff-nodewatcher would yield a commit count of 55, while the
current PKG_RELEASE is 61. Thus, we do not touch it for now.
* Packages that have been renamed will start counting from 1 after
the rename, since folder renames are not tracked by git. This
will result in descreasing PKG_RELEASE after the change for
these packages.
However, since moving essentially creates a new package anyway,
counting from 1 makes sense conceptually, and PKG_RELEASE is
still replaced for these packages.
* alfred-json and fff-macnock use upstream code and thus would
normally require AUTORELEASE. As discussed above, this will
not work for us, so just leave these two untouched.
Note that all this is quite irrelevant for the way we use packages
currently, as without opkg PKG_RELEASE does not matter to us anyway.
So, let's just be happy about not having to bump PKG_RELEASE
anymore, while keeping the basic functionality intact.
The only package where the PKG_RELEASE is actually used for
something is fff-nodewatcher, where the version will be displayed
in the Monitoring.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
[fabian@blaese.de: rebase, add new packages]
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Robert Langhammer <rlanghammer@web.de>
Reviewed-by: Johannes Kimmel <fff@bareminimum.eu>
Dropbear supports ed25519 keys since OpenWrt 21.02.
Also, ecdsa is supported since v19.07, but disabled in our firmware.
Keep the generated ed25519 and ecdsa host key accross upgrades.
While at it, remove dss host keys, as they are not supported anymore.
5eb7864aadd5 ("dropbear: rewrite init script startup logic to handle both host key files")
8a7a93947004 ("dropbear: remove generation and configuration of DSS keys")
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The SPDX license identifier provides a standardized way for specifying
licenses that is both human- and machine-readable. It is used upstream
both in OpenWrt and the Linux kernel.
Replace licenses in our repository by those identifiers.
The full-text licenses corresponding to these identifiers are
provided in the LICENSES folder.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Acked-by: Fabian Bläse <fabian@blaese.de>
PKG_BUILD_DIR has the following default values set in include/package.mk,
in case no BUILD_VARIANT is set:
With PKG_VERSION set: $(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
Without PKG_VERSION: $(BUILD_DIR)/$(PKG_NAME)
Consequently, all PKG_BUILD_DIR definitions in our packages are
redundant. Remove them.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Robert Langhammer <rlanghammer@web.de>
Build/Prepare and Build/Configure are not required for packages
which only contain local files and do not need any compilation.
Remove them.
Note that Build/Compile needs to be present and empty to overwrite
the defaults, though.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Robert Langhammer <rlanghammer@web.de>
uci-defaults scripts are supposed to be run once after firstboot
and then removed. However, the removal only takes place if the
subshell created for the sourced scripts returns exit code 0.
For some of the files, the last command returned a different exit
code, though, leading to the script remaining in its location and
being executed for every boot.
To prevent cases like the latter, this adds an "exit 0" to all
uci-defaults files in our package store. While at it, remove the
shebang for all these files since they are sourced (and not
executed).
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Fabian Bläse <fabian@blaese.de>
On modern targets in OpenWrt, the board name follows the
"vendor,model" syntax. Since commas in file names are uncommon
and ugly, file names use the same pattern with an underscore,
"vendor_model".
Since this also applies to image file names, this patch
adjusts fff-upgrade.sh to replace the comma from board name
by an underscore for all devices. This should be possible
without harm as OpenWrt images can safely be expected to
either contain a comma in the right place or no comma at all.
It has been discussed whether the same should be applied to
the network.* files as well. However, expecting those to
be removed in the foreseeable future does make this undesirable,
as a lot of code would be inserted now and be removed again a few
months later, only to fix the name for one device.
For the same reason, we won't touch the board name replace
for the TL-WDR4900 v1 for now.
Suggested-by: Fabian Bläse <fabian@blaese.de>
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Fabian Bläse <fabian@blaese.de>
The old name "sysupgrade.sh" is easy to be confused with OpenWrt's
/sbin/sysupgrade. Rename our script to clearly indicate its
purpose.
While at it, move from /etc to /sbin, as the former is an odd location
for an executable script.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Robert Langhammer <rlanghammer@web.de>
Reviewed-by: Fabian Bläse <fabian@blaese.de>
This simplifies and shortens filenames quite significantly.
A rewrite script will be installed on the update servers
to allow updating routers with older firmwares.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Christian Dresel <fff@chrisi01.de>
In OpenWrt commit 055cdab2bb22 ("uclient: add ALTERNATIVES for wget")
uclient is registered as ALTERNATIVES provider for wget. Since
the priority for busybox as provider is lowest, this overwrites
the link set for /usr/bin/wget, now pointing to uclient wget.
However, uclient wget does not support IPv6 link-local addresses,
as it's not aware of the "%" to separate address from link identifier.
To prevent wget from failing when those addresses are used, this
patch explicitly uses busybox wget.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Fabian Bläse <fabian@blaese.de>
PKG_VERSION is meant to refer to the version of external packages,
as we do e.g. in the tunneldigger package.
For our own packages, we just need the PKG_RELEASE variable.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Fabian Bläse <fabian@blaese.de>
[Rebased onto current state of master]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
User configuration for layer3 firmware is stored in
/etc/config/gateway. To preserve this file across updates it
is added to sysupgrade.conf
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Robert Langhammer <rlanghammer@web.de>
This might reduce the chance to break devices with 32 MB RAM
during sysupgrade.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Fabian Bläse <fabian@blaese.de>
This is just meant to make image names shorter.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Christian Dresel <fff@chrisi01.de>
Currently, Makefile use a mixture of tabs and spaces with various
indents. This harmonizes all Makefiles to use tab indentation only.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Tim Niemeyer <tim@tn-x.org>
This make it easier to use new targets without subtarget.
Signed-off-by: Christian Dresel <fff@chrisi01.de>
Reviewed-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The previous version seemed to work only for numeric data.
Fixes#113
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Fabian Bläse <fabian@blaese.de>
Signed-off-by: Tim Niemeyer <tim@tn-x.org>
Reviewed-by: Fabian Bläse <fabian@blaese.de>
[Set PKG_RELEASE back to 1]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Seems like the /etc/config/fff is owned by fff-config.
Signed-off-by: Tim Niemeyer <tim@tn-x.org>
Reviewed-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
To reduce the number of possible corner cases
in the first keyxchangev2 release, this patch
removes the sector file with the intention to
add it back after release.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Tim Niemeyer <tim@tn-x.org>
Reviewed-by: Robert Langhammer <rlanghammer@web.de>
Tested-by: Fabian Bläse <fabian@blaese.de>
Code which is reused by other functionalities is put into the
fff-hoodutils package, so it can be used without including
configurehood.
This also allows setting missing dependencies of other packages.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Tim Niemeyer <tim@tn-x.org>
Add a complete hoodfile to /etc/hoodfile to use only this file
Signed-off-by: Christian Dresel <fff@chrisi01.de>
Reviewed-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
- Changed according to Adrian's review
Reviewed-by: Tim Niemeyer <tim@tn-x.org>
This moves the FFF configuration from
/etc/config/system to a new file /etc/config/fff. Thus,
this file can be copied as a whole during upgrade (with
compatibility provided) and then resulting values in
other files are re-set later.
This also fixes the bandwidth settings not being persistent
during upgrade. Other settings may join ...
I tried to go through all the code and update all occurrences
of the relevant system variables (looking for "system" both
in GitHub and my local src folder).
Note that a downgrade will result in loss of configuration!
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Tested-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Tim Niemeyer <tim@tn-x.org>
- Rebased
Signed-off-by: Tim Niemeyer <tim@tn-x.org>
This patch achieves multiple goals:
- Align WR841 boardnames with image names
- Fix wrong name replace in sysupgrade
- Support sysupgrade of WR841 v12
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Tim Niemeyer <tim@tn-x.org>
- Rebased
Signed-off-by: Tim Niemeyer <tim@tn-x.org>
Since there is a PKG_NAME variable, there is no need to repeat
the individual package name five times.
This makes editing and particularly copying Makefiles much
easier, as only the PKG_NAME has to be changed.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Tim Niemeyer <tim@tn-x.org>
This removes all references to community.cfg except in the
buildscript and except the file itself.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Tested-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This writes CLIENT/BATMAN/WAN port configurations for devices
with switches to a separate file. This file can be changed
based on the desired setup and is then preserved during
firmware upgrade. In case of a future bugfix concerning the
entries of a specific network.* file, this will still be
effective as only the port configurations reside in the
new file, while the other settings could be overwritten by
the upgrade.
For one- and two-port devices, adjustments have been made so
that their relevant settings also reside in the new file now.
This also adds a WebUI interface for setting the two-port
devices (CPE210 and CPE510).
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Tested-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Tim Niemeyer <tim@tn-x.org>
Signed-off-by: Tim Niemeyer <tim@tn-x.org>
- Changed doc in network.mode
This reverts commit d6f2f18e49.
The Netmon is gone, so this workaround is not needed any longer.
Signed-off-by: Jan Kraus <mayosemmel@gmail.com>
Reviewed-by: Tim Niemeyer <tim@tn-x.org>
Tested-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
- Removed micrond dependency and rebased
Signed-off-by: Tim Niemeyer <tim@tn-x.org>
- This will fix the LEDs on LEDE
- We will lose the power heartbeat trigger on the LED
- We will lose the VPN signaling on the LEDs
While remove the default system config, the LEDE system now
configures wrong ntp service. We fix this by deleting these
entries in the fff-timeserver package.
If the file is already present on the devices, we need to upgrade it.
Therefore the 05-config-system-migration is now part of the fff-sysupgrade
package.
Signed-off-by: Tim Niemeyer <tim@tn-x.org>
Reviewed-by: Christian Dresel <fff@chrisi01.de>
Reviewed-by: Jan Kraus <mayosemmel@gmail.com>
Unfortunately the sysupgrade.conf is installed by base-files. The installed file
just contains examples and will be overwritten with this.
Signed-off-by: Tim Niemeyer <tim@tn-x.org>
Reviewed-by: Christian Dresel <fff@chrisi01.de>
Reviewed-by: Jan Kraus <mayosemmel@gmail.com>
The error only occurs if there isn't any network connection.
Fixes#23
Also added prevention for applying empty coordinates.
Signed-off-by: Jan Kraus <mayosemmel@gmail.com>
Reviewed-by: Tobias Klaus <tk+ff@meskal.net>
Reviewed-by: Tim Niemeyer <tim@tn-x.org>