diff --git a/package/network/services/unetd/Makefile b/package/network/services/unetd/Makefile new file mode 100644 index 0000000000..3a61ed43bb --- /dev/null +++ b/package/network/services/unetd/Makefile @@ -0,0 +1,83 @@ +# +# Copyright (C) 2022 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=unetd +PKG_SOURCE_PROTO:=git +PKG_SOURCE_URL=$(PROJECT_GIT)/project/unetd.git +PKG_SOURCE_DATE:=2022-08-25 +PKG_SOURCE_VERSION:=d8220b098010041232374761fee258a8deff0865 +PKG_MIRROR_HASH:=6efced0eb451f6ac5d7facec3f45ce7f6928fae4481650ffcebf3b6434478550 + +PKG_LICENSE:=GPL-2.0 +PKG_MAINTAINER:=Felix Fietkau + +PKG_BUILD_DEPENDS:=bpf-headers + +PKG_BUILD_PARALLEL:=1 + +include $(INCLUDE_DIR)/package.mk +include $(INCLUDE_DIR)/cmake.mk +include $(INCLUDE_DIR)/bpf.mk +include $(INCLUDE_DIR)/nls.mk + +define Package/unetd + SECTION:=net + CATEGORY:=Network + TITLE:=WireGuard based VPN connection manager for OpenWrt + DEPENDS:=+libubox +libubus +libblobmsg-json +libnl-tiny +kmod-wireguard +libbpf $(BPF_DEPENDS) +endef + +define Package/unet-cli + SECTION:=net + CATEGORY:=Network + DEPENDS:=unetd +ucode +ucode-mod-fs + TITLE:=unetd administration command line utility +endef + +TARGET_CFLAGS += \ + -I$(STAGING_DIR)/usr/include/libnl-tiny \ + -I$(STAGING_DIR)/usr/include + +CMAKE_OPTIONS += \ + -DLIBNL_LIBS=-lnl-tiny + +define Build/Compile + $(call CompileBPF,$(PKG_BUILD_DIR)/mss-bpf.c) + $(call Build/Compile/Default,) +endef + +define Package/unetd/conffiles +/etc/unetd +endef + +define Package/unetd/install + $(INSTALL_DIR) \ + $(1)/etc/unetd \ + $(1)/lib/bpf \ + $(1)/etc/init.d \ + $(1)/lib/netifd/proto \ + $(1)/usr/sbin \ + $(1)/usr/lib + $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libunet.so* $(1)/usr/lib/ + $(INSTALL_BIN) \ + $(PKG_INSTALL_DIR)/usr/sbin/unetd \ + $(PKG_INSTALL_DIR)/usr/sbin/unet-tool \ + $(1)/usr/sbin/ + $(INSTALL_DATA) $(PKG_BUILD_DIR)/mss-bpf.o $(1)/lib/bpf/mss.o + $(INSTALL_BIN) ./files/unetd.init $(1)/etc/init.d/unetd + $(INSTALL_BIN) ./files/unetd.sh $(1)/lib/netifd/proto +endef + +define Package/unet-cli/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_BUILD_DIR)/scripts/unet-cli $(1)/usr/sbin +endef + +$(eval $(call BuildPackage,unetd)) +$(eval $(call BuildPackage,unet-cli)) diff --git a/package/network/services/unetd/files/unetd.init b/package/network/services/unetd/files/unetd.init new file mode 100644 index 0000000000..0ec48b2b92 --- /dev/null +++ b/package/network/services/unetd/files/unetd.init @@ -0,0 +1,17 @@ +#!/bin/sh /etc/rc.common +# Copyright (c) 2022 OpenWrt.org + +START=19 + +USE_PROCD=1 +PROG=/usr/sbin/unetd + +start_service() { + mkdir -p /var/run/unetd /etc/unetd + + procd_open_instance + procd_set_param command "$PROG" -h /var/run/unetd/hosts + procd_set_param respawn + procd_set_param limits core="unlimited" + procd_close_instance +} diff --git a/package/network/services/unetd/files/unetd.sh b/package/network/services/unetd/files/unetd.sh new file mode 100644 index 0000000000..8e56fbd869 --- /dev/null +++ b/package/network/services/unetd/files/unetd.sh @@ -0,0 +1,87 @@ +#!/bin/sh + +[ -x /usr/sbin/unetd ] || exit 0 + +. /lib/functions.sh +. /lib/functions/network.sh +. ../netifd-proto.sh + +init_proto "$@" + +proto_unet_init_config() { + proto_config_add_string device + proto_config_add_string type + proto_config_add_string auth_key + proto_config_add_string key + proto_config_add_string file + proto_config_add_int keepalive + proto_config_add_string domain + proto_config_add_string "tunnels:list(string)" + proto_config_add_string "connect:list(string)" + no_device=1 + available=1 + no_proto_task=1 +} + +proto_unet_setup() { + local config="$1" + + local device type key file keepalive domain tunnels + json_get_vars device type auth_key key file keepalive domain tunnels connect + device="${device:-$config}" + + [ -n "$auth_key" ] && type="${type:-dynamic}" + [ -n "$file" ] && type="${type:-file}" + + json_init + json_add_string name "$device" + json_add_string type "$type" + json_add_string interface "$config" + json_add_string auth_key "$auth_key" + json_add_string key "$key" + json_add_string file "$file" + [ -n "$keepalive" ] && json_add_int keepalive "$keepalive" + json_add_string domain "$domain" + + json_add_object tunnels + for t in $tunnels; do + local ifname="${t%%=*}" + local service="${t#*=}" + [ -n "$ifname" -a -n "$service" -a "$ifname" != "$t" ] || continue + json_add_string "$ifname" "$service" + done + json_close_object + + json_add_array auth_connect + for c in $connect; do + json_add_string "" "$c" + done + json_close_array + + ip link del dev "$device" >/dev/null 2>&1 + ip link add dev "$device" type wireguard || { + echo "Could not create wireguard device $device" + proto_setup_failed "$config" + exit 1 + } + + ubus call unetd network_add "$(json_dump)" +} + +proto_unet_teardown() { + local config="$1" + local iface="$2" + + local device + json_get_vars device + device="${device:-$iface}" + + json_init + json_add_string name "$device" + + ip link del dev "$device" + + ubus call unetd network_del "$(json_dump)" +} + +add_protocol unet