Add ah-ap-121 and bump version
This commit is contained in:
parent
c55cf88cf9
commit
5402e7ce24
4
.gitignore
vendored
4
.gitignore
vendored
@ -1 +1,3 @@
|
||||
bin/
|
||||
generic/ath79/
|
||||
generic/x86/
|
||||
generic/mediatek/
|
||||
|
@ -7,7 +7,7 @@ RUN --mount=type=cache,dst=/var/cache/apt/archives apt-get install --no-install-
|
||||
ca-certificates \
|
||||
git
|
||||
|
||||
RUN git clone --depth='1' --branch='v23.05.0-rc4' https://git.openwrt.org/openwrt/openwrt.git /root/OpenWRT
|
||||
RUN git clone --depth='1' --branch='v23.05.2' https://git.openwrt.org/openwrt/openwrt.git /root/OpenWRT
|
||||
WORKDIR /root/OpenWRT
|
||||
|
||||
RUN --mount=type=cache,dst=/var/cache/apt/archives apt-get install --no-install-recommends -y \
|
||||
|
@ -1,4 +1,4 @@
|
||||
FROM localhost/openwrt-base:debian AS builder
|
||||
FROM localhost/openwrt-base:debian-23.05.2 AS builder
|
||||
|
||||
ARG PLATFORM=x86
|
||||
ARG SUBTARGET=64
|
||||
@ -30,6 +30,7 @@ RUN --mount=type=cache,dst=/root/.ccache make -j$(nproc) \
|
||||
toolchain/compile
|
||||
|
||||
ADD config /run/config
|
||||
ADD files/ files/
|
||||
RUN cat /run/target.config /run/config >> .config
|
||||
RUN make defconfig
|
||||
|
||||
|
@ -1,6 +1,7 @@
|
||||
.DEFAULT_GOAL: all
|
||||
|
||||
TARGETS := \
|
||||
ath79/nand/aerohive_hiveap-121 \
|
||||
ath79/generic/ubnt_unifiac-pro \
|
||||
mediatek/filogic/bananapi_bpi-r3 \
|
||||
mediatek/mt7622/ubnt_unifi-6-lr-v1 \
|
||||
@ -9,7 +10,7 @@ TARGETS := \
|
||||
|
||||
all: $(TARGETS)
|
||||
|
||||
$(TARGETS): Containerfile config
|
||||
$(TARGETS): files/ Containerfile config
|
||||
buildah build \
|
||||
--layers=true \
|
||||
--network=host \
|
||||
|
@ -7,7 +7,7 @@ CONFIG_LUCI_LANG_de=y
|
||||
CONFIG_PACKAGE_luci-mod-dashboard=y
|
||||
CONFIG_PACKAGE_luci-mod-network=y
|
||||
CONFIG_PACKAGE_luci-mod-status=y
|
||||
CONFIG_PACKAGE_luci-theme-openwrt-2020=y
|
||||
CONFIG_PACKAGE_luci-theme-bootstrap=y
|
||||
|
||||
# Protocol support
|
||||
CONFIG_PACKAGE_luci-proto-ipv6=y
|
||||
@ -17,10 +17,20 @@ CONFIG_PACKAGE_luci-proto-relay=y
|
||||
# Application support
|
||||
CONFIG_PACKAGE_luci-app-wireguard=y
|
||||
CONFIG_PACKAGE_luci-app-firewall=y
|
||||
CONFIG_PACKAGE_luci-app-wol=y
|
||||
|
||||
# Misc
|
||||
# Monitoring
|
||||
CONFIG_PACKAGE_zabbix-agentd=y
|
||||
|
||||
# Used for certificate generation and usage
|
||||
CONFIG_PACKAGE_openssl-util=y
|
||||
|
||||
# Prometheus requires libubus-lua to work as it tries all modules anyways
|
||||
CONFIG_PACKAGE_prometheus-node-exporter-lua=y
|
||||
CONFIG_PACKAGE_prometheus-node-exporter-lua-hostapd_stations=y
|
||||
CONFIG_PACKAGE_prometheus-node-exporter-lua-openwrt=y
|
||||
CONFIG_PACKAGE_prometheus-node-exporter-lua-wifi=y
|
||||
|
||||
# ZRAM
|
||||
CONFIG_PROCD_ZRAM_TMPFS=y
|
||||
CONFIG_PACKAGE_kmod-zram=m
|
||||
|
21
generic/files/etc/uci-defaults/00-configsync-prime
Executable file
21
generic/files/etc/uci-defaults/00-configsync-prime
Executable file
@ -0,0 +1,21 @@
|
||||
#!/bin/sh
|
||||
set -e
|
||||
|
||||
printf '%s\n\t%s\n' "package configsync" "config configdata 'configdata'" | uci import
|
||||
echo "* * * * * /usr/bin/configsync" >> /etc/crontabs/root
|
||||
|
||||
uci rename 'firewall.@zone[0]'=lan
|
||||
uci delete 'firewall.lan.network'
|
||||
uci add_list 'firewall.lan.network'=iface_lan
|
||||
|
||||
uci rename 'network.lan'=iface_lan
|
||||
|
||||
uci rename 'network.@device[0]'=br_lan
|
||||
|
||||
uci rename 'wireless.radio0'=radio24
|
||||
uci rename 'wireless.default_radio0'=iface_radio24
|
||||
|
||||
uci rename 'wireless.radio1'=radio5
|
||||
uci rename 'wireless.default_radio1'=iface_radio5
|
||||
|
||||
while uci -q delete 'dhcp.@dhcp[0]'; do :; done # Delete any DHCP configuration on initial setup
|
4
generic/files/etc/uci-defaults/90-sshkeys
Executable file
4
generic/files/etc/uci-defaults/90-sshkeys
Executable file
@ -0,0 +1,4 @@
|
||||
#!/bin/sh
|
||||
|
||||
mkdir -vp /root/.ssh
|
||||
echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGvF6ftc49bcvQTmfmB6ulukduJfaykFdLnayXta5y+p alexd/2023-10-12" >> /root/.ssh/authorized_keys
|
90
generic/files/usr/bin/configsync
Executable file
90
generic/files/usr/bin/configsync
Executable file
@ -0,0 +1,90 @@
|
||||
#!/bin/sh
|
||||
set -x
|
||||
|
||||
CONFDIR="$(mktemp -p /tmp -d "configsync.XXXXXXXXX")" || return 1
|
||||
CFGPATH="$CONFDIR/config"
|
||||
CSUMPATH="$CONFDIR/checksum"
|
||||
ROLLBACKPATH="/etc/uci-defaults/00-rollback-config"
|
||||
CONFIGSAVE="configsync.configdata"
|
||||
TIMEOUT="10"
|
||||
|
||||
deps() {
|
||||
# Check that everything is present
|
||||
for bin in sha256sum rm rmdir wget printf chmod cat uci; do
|
||||
which "$bin" >/dev/null 2>&1 || return 1
|
||||
done
|
||||
}
|
||||
|
||||
cleanup() {
|
||||
rm -v "$CFGPATH" "$CSUMPATH"
|
||||
rmdir "$CONFDIR"
|
||||
}
|
||||
|
||||
fetch() {
|
||||
local dl=1
|
||||
for endpoint in $(uci get "$CONFIGSAVE".endpoints); do
|
||||
wget -T "$TIMEOUT" "$endpoint/config" -O "$CFGPATH" || continue
|
||||
wget -T "$TIMEOUT" "$endpoint/checksum" -O "$CSUMPATH" || continue
|
||||
dl=0
|
||||
break
|
||||
done
|
||||
return $dl
|
||||
}
|
||||
|
||||
verify() {
|
||||
if [ -r "$CFGPATH" ] && [ -r "$CSUMPATH" ]; then
|
||||
local cfgcsum="$(sha256sum "$CFGPATH" | cut -d' ' -f1)"
|
||||
local expcsum="$(cat "$CSUMPATH")"
|
||||
local badcsum="$(uci -q get "$CONFIGSAVE".lastbadcsum)"
|
||||
if [ "$cfgcsum" != "$expcsum" ]; then
|
||||
echo "sha256 checksum mismatched, discarding" >&2
|
||||
return 1
|
||||
fi
|
||||
if [ "$expcsum" == "$badcsum" ]; then
|
||||
echo "known bad config, discarding" >&2
|
||||
return 1
|
||||
fi
|
||||
uci set "$CONFIGSAVE".currentcsum="$(cat "$CSUMPATH")"
|
||||
fi
|
||||
}
|
||||
|
||||
exp_cfg() {
|
||||
# Export config for rollback
|
||||
EXPORT="$(uci export)" || return
|
||||
printf '%s\n%s\n%s\n%s\n%s\n' \
|
||||
'#!/bin/sh' \
|
||||
'uci import <<EOF' \
|
||||
"$EXPORT" \
|
||||
'EOF' \
|
||||
'reload_config' > "$ROLLBACKPATH"
|
||||
chmod +x "$ROLLBACKPATH"
|
||||
}
|
||||
|
||||
run_cfg() {
|
||||
chmod +x "$CFGPATH"
|
||||
"$CFGPATH"
|
||||
}
|
||||
|
||||
rollback() {
|
||||
# Mark current checksum as bad
|
||||
uci set "$CONFIGSAVE".lastbadcsum="$(uci -q get "$CONFIGSAVE".currentcsum)"
|
||||
|
||||
# Rollback if config commit has been attempted
|
||||
[ -x "$ROLLBACKPATH" ] && "$ROLLBACKPATH" && echo "Rolled back last known working config" >&2
|
||||
}
|
||||
|
||||
ret=0
|
||||
if deps; then
|
||||
if fetch; then
|
||||
if ! (verify && exp_cfg && run_cfg); then
|
||||
ret=1
|
||||
fi
|
||||
else
|
||||
rollback
|
||||
fi
|
||||
else
|
||||
ret=1
|
||||
fi
|
||||
|
||||
cleanup
|
||||
return $ret
|
Loading…
Reference in New Issue
Block a user