Commit c3e7fb77 authored by Yaroslav Petrov's avatar Yaroslav Petrov
Browse files

Inital Openwrt 21.02

parent e268c632
Pipeline #1704 canceled with stage
in 113 minutes and 54 seconds
......@@ -133,6 +133,21 @@
"subtarget":"mt7621",
"variant":"generic"
},
{
"name":"ramips.mt7621.generic.21.02",
"target":"ramips",
"subtarget":"generic",
"openwrt_rev":"faf9528a23fcc4885110a405a06b9c9f0c92332e", # 21.02 13-05-2021
"openwrt_variant":"21.02",
"selector-config":"21.02", # used to select config
"selector-feeds":"21.02", # used to select feeds
"selector-patches":"21.02", # used to select patches
"feeds" : [
{"type":"src-link", "name":"ddmesh_own", "src":"feeds-own" },
{"type":"src-git", "name":"packages", "src":"https://git.openwrt.org/feed/packages.git", "rev":"b63d8a32fc17309b5a9b6ea2f3b783d1f5f9a893"},
{"type":"src-git", "name":"routing", "src":"https://git.openwrt.org/feed/routing.git", "rev":"5b4d4c7fb6a97cac68c7d8b156fd0ab27bab4dcc"}
]
},
{
"name":"ramips.mt7621.ubiquiti-edgerouter-x",
"target":"ramips",
......
#
# Copyright (C) 2006-2012 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=OVPNCerts
PKG_VERSION:=2.5
#PKG_RELEASE:=1
PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
include $(INCLUDE_DIR)/package.mk
define Package/OVPNCerts
SECTION:=base
CATEGORY:=ddmesh
DEFAULT:=n
DEPENDS:=+openvpn-mbedtls
TITLE:=Open VPN Tunnel
SUBMENU:=Packages
endef
define Package/OVPNCerts/description
Open VPN Tunnel - allows to installed cert.tgz files to setup internet tunnel.
A script parses the configuration and creates it dynamically
endef
define Build/Prepare
endef
define Build/Configure
endef
define Build/Compile
endef
define Package/OVPNCerts/install
$(INSTALL_DIR) $(1)/etc/config
# copy as openvpn.ffdd because of install conflics when OVPNCerts
# is included directly into firmware
# it will be renamed in ddmesh-init.d.sh
$(INSTALL_DATA) files/openvpn.config $(1)/etc/config/openvpn.ffdd
$(INSTALL_DIR) $(1)/etc/openvpn
$(INSTALL_DATA) files/up.sh $(1)/etc/openvpn/up.sh
$(INSTALL_DATA) files/down.sh $(1)/etc/openvpn/down.sh
$(INSTALL_DATA) files/gen-config.sh $(1)/etc/openvpn/gen-config.sh
chmod 755 $(1)/etc/openvpn/up.sh
chmod 755 $(1)/etc/openvpn/down.sh
chmod 755 $(1)/etc/openvpn/gen-config.sh
$(INSTALL_DIR) $(1)/www/admin
$(INSTALL_DATA) files/36-tunnel $(1)/www/admin
$(INSTALL_DATA) files/tunnel.cgi $(1)/www/admin
endef
$(eval $(call BuildPackage,OVPNCerts))
<TR><TD><DIV CLASS="subplugin"><A CLASS="plugin" HREF="tunnel.cgi">Inet-Tunnel</A></DIV></TD></TR>
#!/bin/ash
#cmd tun_dev tun_mtu link_mtu ifconfig_local_ip ifconfig_remote_ip
#dont use "uci -P /var/state.." because statefile grows up with each connection/disconnection
#add a default route instead with metric 1 to allow multiple default routes
ip route del default dev $dev via $route_vpn_gateway table main metric 9999
#iptables -t nat -A POSTROUTING -o $dev -j SNAT --to-source $ifconfig_local
#update gateway infos and routing tables, fast after openvpn closes connection
#Run in background, else openvpn blocks
/usr/lib/ddmesh/ddmesh-gateway-check.sh&
#tell always "ok" to openvpn;else in case of errors of "ip route..." openvpn exits
exit 0
#!/bin/sh
CONF=/etc/openvpn/openvpn.conf
#modifies config to match firmware requirements
test -z "$1" && {
echo "usage: gen-config.sh config-file"
exit 1
}
echo "#generated by gen-config.sh" > $CONF
cat "$1" | sed '
s#^[ ]*##
s/#.*$//
s#[ ]*$##
/^$/d
/^#/d
/^dev/d
/^persist-key/d
/^persist-tun/d
/^keepalive/d
/^verb/d
/^script/d
/^up/d
/^down/d
/^route/d
/^ifconfig/d
/^resolv/d
/^float/d
/^dhcp-renew/d
/^dhcp-release/d
/^ping/d
/^pull-filter/d
s#^auth-user-pass.*#auth-user-pass openvpn.login#
' >> $CONF
#add newline
cat<<EOM >> $CONF
dev vpn0
dev-type tun
resolv-retry infinite
# dont use keepalive, airvpn connections would fail
script-security 2
float
route-noexec
ifconfig-noexec
up /etc/openvpn/up.sh
down /etc/openvpn/down.sh
verb 3
EOM
config openvpn InternetTunnel
# Set to 1 to enable this instance:
option enabled 0
# Include OpenVPN configuration
option config /etc/openvpn/openvpn.conf
#!/bin/sh
. /lib/functions.sh
export TITLE="Verwaltung > Software"
OVPN_FILE="/tmp/ovpn.tgz"
if [ "$REQUEST_METHOD" = "GET" -a -n "$QUERY_STRING" ]; then
. /usr/lib/www/page-pre.sh ${0%/*}
notebox 'GET not allowed'
. /usr/lib/www/page-post.sh ${0%/*}
exit 0
fi
#get form data and optionally file
eval $(/usr/bin/freifunk-upload -e 2>/dev/null)
. /usr/lib/www/page-pre.sh ${0%/*}
echo "<H1>$TITLE</H1>"
avail_size="$(df -k /overlay | sed -n '2,1{s# \+# #g; s#[^ ]\+ [^ ]\+ [^ ]\+ \([^ ]\+\) .*#\1#;p}')"
[ "$form_action" != "install" ] && rm -f $OVPN_FILE
show_page() {
cat<<EOM
<form name="form_upload" ACTION="tunnel.cgi" ENCTYPE="multipart/form-data" METHOD="POST">
<input name="form_action" value="upload" type="hidden">
<fieldset class="bubble">
<legend>Openvpn Zertifikat-Installation</legend>
<table>
<tr><th width="100">Certifikate&nbsp;(*.tgz,&nbsp;*.tar.gz,&nbsp;*.ovpn,&nbsp;*.conf):</th>
<td><input name="form_filename" size="40" type="file" value="Durchsuche..."></td></tr>
<tr><td colspan="2">&nbsp;</td></tr>
<tr><td colspan="2"><input name="form_submit" type="submit" value="Zertifikate laden">
<input name="form_abort" type="reset" value="Abbruch"></td></tr>
</table>
</fieldset>
</form>
<br />
<fieldset class="bubble">
<legend>Hinweise</legend>
Wenn die Openvpn Config bereits alle Zertifikate enth&auml;lt, kann das File direkt verwendet werden.<br/>
Besteht jedoch das Zertifikat/Konfiguration aus mehreren Files, so muss ein tgz-File angelegt werden.
<ul>
<li> Das tgz-file sollte alle Openvpn-Zertifikate und das Config-File enthalten.</li>
<li> Das Config-File muss auf <b>.conf</b> oder <b>.ovpn</b> enden.</li>
<li> Es sollte auf Unterverzeichnisse verzichtet werden. Wenn Pfade verwendet werden, sollten diese im Config-File als
relative Pfade aufgef&uuml;hrte werden.</li>
<li> Werden Login Daten gebraucht, so muss das File welches Nutzerkennung (1.Zeile) und Passwort (2.Zeile) <b>openvpn.login</b> hei&szlig;en;</li>
</ul>
<pre>
Die <b>fett</b> geschriebenen Bestandteile der Filenamen sind zwingend so zu benennen!
Beispiel bei dem alle Zertifikate im config file hinterlegt sind und Nutzerkennung/Passwort verwendet werden:
./abc.<b>conf</b> (oder abc.<b>ovpn</b>)
./<b>openvpn.login</b>
Beispiel bei dem Zertifikate und Keys extra liegen und keine Nutzerkennung/Passwort verwendet werden, sondern Zertifikate:
./ca.crt
./ca.key
./client.crt
./client.key
./client.<b>conf</b> (oder client.<b>ovpn</b>)
</pre>
</fieldset>
EOM
}
if [ -z "$form_action" ]; then
show_page
else #form_action
case "$form_action" in
upload)
mv $ffout $OVPN_FILE
cat<<EOM
<fieldset class="bubble">
<legend>Zertifikate Installieren</legend>
<form name="form_update" action="tunnel.cgi" method="POST">
<input name="form_action" value="install" type="hidden">
<table>
<tr><th>Datei:</th><td>$ffout</td></tr>
<tr><td colspan="2">
<input name="form_submit" type="submit" value="Zertifikate installieren">
<input name="form_abort" type="submit" value="Abbruch">
</td></tr>
</table>
</form>
</fieldset>
EOM
;;
install)
#extract to tmp
rm -rf /tmp/openvpn
mkdir -p /tmp/openvpn
cd /tmp/openvpn
# try tgz first, then assume direct config
tar xzf $OVPN_FILE 2>/dev/null || mv $OVPN_FILE config.ovpn
conf="$(ls *.ovpn *.conf)"
login="$(ls *.login)"
#prepare conf dir
mkdir -p /etc/openvpn
cd /etc/openvpn/
cp -a /tmp/openvpn/* /etc/openvpn/
rm *.conf *.ovpn *.login 2>/dev/null
test -f "/tmp/openvpn/$login" && cp "/tmp/openvpn/$login" /etc/openvpn/openvpn.login
/etc/openvpn/gen-config.sh "/tmp/openvpn/$conf"
chown -R root:root /etc/openvpn
chmod -R g-rwx,o-rwx /etc/openvpn/
uci set openvpn.InternetTunnel.enabled='1'
notebox "Die ge&auml;nderten Einstellungen wurden &uuml;bernommen. Die Einstellungen sind erst beim n&auml;chsten <A HREF="reset.cgi">Neustart</A> aktiv."
;;
*)
;;
esac
fi
. /usr/lib/www/page-post.sh ${0%/*}
#!/bin/ash
#make a point-to-point connection with "route_vpn_gateway" because this was working for
#ovpn.to; Freie Netze e.V.;CyberGhost
ifconfig $dev $ifconfig_local dstaddr $route_vpn_gateway
#dont use "uci -P /var/state.." because statefile grows up with each connection/disconnection
#add a default route instead with metric 1 to allow multiple default routes
ip route add default dev $dev via $route_vpn_gateway table main metric 9999
#update gateway infos and routing tables, fast after openvpn open connection
#Run in background, else openvpn blocks. but avoid restarting ovpn by check-script
#if no connection could be made. this would produces a permanent fast restart loop of
#openvpn/usr/lib/ddmesh/ddmesh-gateway-check.sh no-ovpn-restart &
DEFAULT_DNS="8.8.8.8; 8.8.4.4;" # semicolon is IMPORTANT
# flush public_dns routing table
ip route flush table public_dns
# parse any other foreign options to setup DNS for bind9.
# all local resolv goes via /etc/resolv.conf.
# any other resolving come from freifunk network and are processed by bind9
# here I create a configuration fragment which is included in /etc/bind/named.conf.options
dns_list=""
IFS='
'
for opt in $(set | sed -n 's#^foreign_option_[0-9]\+=\(.\+\)$#\1#p')
do
if [ -n "$(echo $opt | sed -n '/^dhcp-option DNS/p')" ]; then
dns="${x#*dhcp-option DNS}"
dns_list="$dns_list $dns;"
# add public dns to routing table
ip route add $dns dev $dev table public_dns
fi
done
#if openvpn did not deliver DNS, use default DNS
test -z "$dns_list" && dns_list="$DEFAULT_DNS"
#tell always "ok" to openvpn;else in case of errors of "ip route..." openvpn exits
exit 0
../../common/bmxd
\ No newline at end of file
include $(TOPDIR)/rules.mk
PKG_NAME:=ddmesh
PKG_VERSION:=1
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)
include $(INCLUDE_DIR)/package.mk
##########################################################
define Package/$(PKG_NAME)-base
CATEGORY:=ddmesh
DEFAULT:=y
DEPENDS:= +kmod-ledtrig-timer +kmod-tun +libmbedtls +libustream-mbedtls \
+kmod-ipip \
+uhttpd \
+bmxd +freifunk-upload \
+ddns-scripts +ddns-scripts_no-ip_com \
+iptables \
+px5g-mbedtls \
+iperf3
TITLE:=Meta package to select all needed basic packages
endef
define Package/$(PKG_NAME)-base/description
Meta package to select all needed basic packages
endef
# This section holds only package configurations (compile switches).
# Each config may depend on some packages and is displayed if this
# packages was selected
define Package/$(PKG_NAME)-base/config
# menu is optional. It is directly inserted below current package menu entry (same window)
#menu "Modules"
# menu point is displayed when dependings are set
#depends on PACKAGE_ddmesh-base
# use SYMBOL of package that should be selected
config PACKAGE_fastd
# menu point is displayed when dependings are set
depends on PACKAGE_ddmesh-base
tristate "fastd"
help
Create fastd tunnel to backbone servers.
config PACKAGE_wireguard
# menu point is displayed when dependings are set
depends on PACKAGE_ddmesh-base
tristate "wireguard"
help
Create wireguard tunnel to backbone servers.
# use SYMBOL of package that should be selected
config PACKAGE_bmxd
# menu point is displayed when dependings are set
depends on PACKAGE_ddmesh-base
tristate "bmxd"
help
required by firmware
# use SYMBOL of package that should be selected
config PACKAGE_ddns-scripts
# menu point is displayed when dependings are set
depends on PACKAGE_ddmesh-base
tristate "ddns-scripts"
help
required by firmware
# use SYMBOL of package that should be selected
config PACKAGE_freifunk-upload
# menu point is displayed when dependings are set
depends on PACKAGE_ddmesh-base
tristate "freifunk-upload"
help
required by firmware
# use SYMBOL of package that should be selected
config PACKAGE_wshaper
# menu point is displayed when dependings are set
depends on PACKAGE_ddmesh-base
tristate "wshaper"
help
required by firmware
#endmenu
endef
##########################################################
define Package/$(PKG_NAME)-wifi
CATEGORY:=ddmesh
# keep it as default. if I create a new config for non-wifi targets, it would select wifi
DEFAULT:=n
# to enable basic wifi, kmod-mac80211 is needed
#
# If wpa-basic is not selected wpa-cli will not appear in menu. And because of this
# the complete package "ddmesh-wifi" will also not be visible.
# only solution is to specify dependency as "SYMBOL" to select (+@PACKAGE_wpa-cli).
# This simply just selects wpa-cli without hiding current packet
DEPENDS:= +iw +iwinfo +@ddmesh-mesh-wifi:PACKAGE_wpad-mesh-openssl +@!ddmesh-mesh-wifi:PACKAGE_wpad-basic +@PACKAGE_wpa-cli
TITLE:=Selects all addtional wifi tools.
endef
define Package/$(PKG_NAME)-wifi/config
#menu "config"
# menu point is displayed when dependings are set
config ddmesh-mesh-wifi
# menu point is displayed when dependings are set
depends on PACKAGE_$(PKG_NAME)-wifi
boolean "wifi 802.11s support"
help
This option adds wifi mesh. Only router with at least 8 MByte Flash and 64MByte RAM should use this option.
# AFTER config, there MUST be at least one empty line !
#endmenu
endef
define Package/$(PKG_NAME)-wifi/description
Selects all addtional wifi tools.
When platform was selected all needed default wifi driver and tools are selected.
This module selects some tools in additon for Freifunk Dresden firmware.
endef
##########################################################
define Package/$(PKG_NAME)-usb-storage
CATEGORY:=ddmesh
# keep it as default. if I create a new config for non-wifi targets, it would select wifi
DEFAULT:=n
DEPENDS:= +kmod-usb-core +kmod-usb2 +kmod-usb-ohci +kmod-usb-ledtrig-usbport +kmod-usb-storage \
+kmod-fs-vfat \
+block-mount
TITLE:=Meta package to enable usb storage
endef
define Package/$(PKG_NAME)-usb-storage/description
Meta package to enable usb storage support
endef
##########################################################
define Package/$(PKG_NAME)-lte
CATEGORY:=ddmesh
# keep it as default. if I create a new config for non-wifi targets, it would select wifi
DEFAULT:=n
# usb umts/lte sticks has storage device. but I is normally not needed.
DEPENDS:= +kmod-usb-core +kmod-usb2 +kmod-usb-ohci \
+kmod-usb-ledtrig-usbport +kmod-usb-storage \
+usb-modeswitch \
+kmod-mii +kmod-usb-net +kmod-usb-wdm +kmod-usb-net-qmi-wwan +uqmi \
+kmod-usb-net-cdc-mbim +umbim \
+kmod-usb-serial-option +kmod-usb-serial +kmod-usb-serial-wwan \
+kmod-usb-net-cdc-ether
TITLE:=Meta package to enable usb LTE modem support
endef
define Package/$(PKG_NAME)-lte/description
Meta package to enable qmi LTE modem support
https://openwrt.org/docs/guide-user/network/wan/wwan/ltedongle
LTE Stick must be switch to "ndis" interface via AT commands instead of "modem"
see: https://openwrt.org/docs/guide-user/network/wan/wwan/at_commands
See: http://m2msupport.net/m2msupport/tutorial-for-huawei-modules/
Huawei: https://rychly.gitlab.io/post/huawei-e173s1/
ACHTUNG: Never turn Off PC interface (2:PCUI in this example)!
Denn da diese Settings persistent sind, kann man nicht mehr via terminal auf
den stick zu greifen und ihn mit AT commands konfigurieren
Huawei E173
-------------
GSM modem (1-port) converters attached to
- /dev/ttyUSB0 (AT commands),
- /dev/ttyUSB1 (data),
- /dev/ttyUSB2 (status & AT commands)
AT Commands (general)
- ATI - displays gsm modul information
Manufacturer: huawei
Model: E173
Revision: 11.126.29.00.1130
IMEI: xxxxxxxx
+GCAP: +CGSM,+DS,+ES
- AT+COPS? get active network Name and ID
+COPS: 1,0,"disco",2
- AT+CSQ get signal strength as +CSQ rssi (higher is better) and ber (lower is better; 99 = unknown)
-
AT Commands for Huawei
- AT^GETPORTMODE to display a list of devices present in a USB-stick
^GETPORTMODE:TYPE:WCDMA:Qualcomm,MDM:0,NDIS:1,DIAG:2,PCUI:3,CDROM:4,SD:5
- AT^SYSCFG? to display network-mode preferences
^SYSCFG:2,2,3FFFFFFF,1,2
- AT^U2DIAG? for reading/controlling default mode (an alternative to usb_modeswitch)
276 - means: currently factory reset values are set (all enabled)
usb_modeswitch will do all the needed steps to switch from SDCard to Modem.
endef
##########################################################
define Package/$(PKG_NAME)-wifi-extra
CATEGORY:=ddmesh
# keep it as default. if I create a new config for non-wifi targets, it would select wifi
DEFAULT:=n
DEPENDS:= $(PKG_NAME)-wifi \
+kmod-usb-core +kmod-usb2 +kmod-usb-ohci \
+kmod-ath10k-ct +kmod-ath5k +kmod-ath9k \
+kmod-p54-usb \
+kmod-rt2500-usb \
+kmod-rt2800-usb \
+kmod-rt2x00-usb \
+kmod-rt73-usb \
+kmod-rtl8187
TITLE:=Meta package to select extra wifi drivers
endef
define Package/$(PKG_NAME)-wifi-extra/description
Meta package to select extra wifi drivers for usb sticks.
This is useful for Futro with usb stick wifi support
endef
##########################################################
define Package/$(PKG_NAME)-extra-modules
CATEGORY:=ddmesh
# when this module is selected, it also selects all depending modules as module.
# The "config" section can contain "default", but this is ignored.
# If the package itself setups DEFAULT, then this is used.
# The DEFAULT of this package (ddmesh-extra-modules) overwrites the default. But it can not
# go below package DEFAULT. Means: N -> <N|M|Y> OR M -> {M|Y} OR Y -> {Y}
#
# The "default" value of the menu below is completely ignored
DEFAULT:=m
# I do not select all possible modules, so I can disable them
#DEPENDS:= +tcpdump +OVPNCerts +feinstaubsensor
#DEPENDS:= +tcpdump +OVPNCerts
TITLE:=Meta package to select extra packages
# when MENU:=1 than this package also has a submenu.
# all under "config" section below is moved to it
# MENU:=1
endef
define Package/$(PKG_NAME)-extra-modules/description
Meta package to select some packages commonly included in firmware
endef
define Package/$(PKG_NAME)-extra-modules/config