From 27c43a443f43feb04670c0ea7e96de0bbbd811ba Mon Sep 17 00:00:00 2001 From: Bastian Maeuser Date: Tue, 3 Mar 2015 11:27:16 +0100 Subject: [PATCH] FORK RGB --- CHANGELOG.md | 37 ++++++++ Makefile | 50 ++++++++++ site.conf | 256 +++++++++++++++++++++++++++++++++++++++++++++++++++ site.mk | 31 +++++++ 4 files changed, 374 insertions(+) create mode 100644 CHANGELOG.md create mode 100644 Makefile create mode 100644 site.conf create mode 100644 site.mk diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000..503c669 --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,37 @@ +# Freifunk München Firmware Changelog + +## v2015.1 + - Updated to Gluon 2014.4 release + - Autoupdater + - Now enabled per default + - Also fetch firmware from build.freifunk-muenchen.de + - Require two signatures instead of one for stable autoupdate + +## snapshot~20141119 + - fixed ipv4-prefix to /16 netmask + - changed gateways ips to domain-names + - changed `msg_pub_key` to automate entering the node-data to our key-form + - changed mesh-SSID from 02:0E:8E:1E:61:17 to mesh.ffm + - added `ntp_servers` '2.ntp.services.ffm','3.ntp.services.ffm','4.ntp.services.ffm' + - changed `site_code` back to ffmuc (instead of ffm) + - changed `hostname_prefix` to NULL + - changed `mesh_ssid` to mesh.ffmuc + - added public key from fpletz + +## 0.6~stable20141018 + - changed ip address for gw02 + +## 0.6~stable20141011 + - gw04 hinzugefügt + - Text "Knoten hinzufügen" geändert + - Autoupdater auf "stable" als Standart-Wert gesetzt + +## 0.6~exp20141004 + - Autoupdater hinzugefügt + +## 0.6~exp20140926 + - Bugfixes + - gw02 hinzugefügt + +## 0.6~exp20140907 + - initiale Version diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..4e23a29 --- /dev/null +++ b/Makefile @@ -0,0 +1,50 @@ +GLUON_BUILD_DIR := gluon-build +GLUON_GIT_URL := git://github.com/freifunk-gluon/gluon.git +GLUON_GIT_REF := v2014.4 + +SECRET_KEY_FILE ?= ${HOME}/.gluon-secret-key + +_GIT_DESCRIBE = $(shell git describe --tags 2>/dev/null) +ifneq (,${_GIT_DESCRIBE}) + GLUON_RELEASE := ${_GIT_DESCRIBE} + GLUON_BRANCH := stable +else + GLUON_RELEASE ?= snapshot~$(shell date '+%Y%m%d')~$(shell git describe --always) + GLUON_BRANCH := experimental +endif + +JOBS ?= $(shell cat /proc/cpuinfo | grep processor | wc -l) + +GLUON_MAKE := ${MAKE} -j ${JOBS} -C ${GLUON_BUILD_DIR} \ + GLUON_RELEASE=${GLUON_RELEASE} \ + GLUON_BRANCH=${GLUON_BRANCH} + +all: gluon-clean + ${MAKE} manifest + ${MAKE} gluon-clean + +build: gluon-prepare + ${GLUON_MAKE} + +manifest: build + ${GLUON_MAKE} manifest + mv ${GLUON_BUILD_DIR}/images . + +sign: manifest + ${GLUON_BUILD_DIR}/contrib/sign.sh ${SECRET_KEY_FILE} images/sysupgrade/${GLUON_BRANCH}.manifest + +${GLUON_BUILD_DIR}: + git clone ${GLUON_GIT_URL} ${GLUON_BUILD_DIR} + +gluon-prepare: images-clean ${GLUON_BUILD_DIR} + (cd ${GLUON_BUILD_DIR} && git fetch origin && git checkout -q ${GLUON_GIT_REF}) + ln -sfT .. ${GLUON_BUILD_DIR}/site + ${GLUON_MAKE} update + +gluon-clean: + rm -rf ${GLUON_BUILD_DIR} + +images-clean: + rm -rf images + +clean: gluon-clean images-clean diff --git a/site.conf b/site.conf new file mode 100644 index 0000000..08aa28f --- /dev/null +++ b/site.conf @@ -0,0 +1,256 @@ +--[[ + gluon site.conf example + + This file contains the Munich freifunk site.conf which was adopted from the original freifunk suite used in Luebeck. + There are comments added to most switches to explain the usage of gluon. + + This is lua code now, not perl anymore. + + Happy compiling! +]] + +{ + --[[ Community settings + hostname_prefix: Nodename prefix + freifunk-abcdef123456 (hex-part is generated from node's MAC address) + site_name: Name of your community + site_code: Shortcode of your community + ]] + + hostname_prefix = 'freifunk', + site_name = 'Freifunk München', + site_code = 'ffrgb-bat14', + opkg_repo = 'http://openwrt.draic.info/barrier_breaker/14.07/%S/packages', + + + --[[ General network settings + prefix4: IPv4 range of your community + prefix6: IPv6 range of your community + is also required for radvd ]] + + prefix4 = '10.80.0.0/16', + prefix6 = 'fdef:ffc0:4fff::/64', + + + --[[ NTP settings + Synchronize the time of the nodes + timezone: Timezone of your community + http://wiki.openwrt.org/doc/uci/system#time.zones + ntp_servers: List of NTP-Servers to query. You can use any public and/or your private NTP-Servers of your community. + http://www.pool.ntp.org/zone/de ]] + + timezone = 'CET-1CEST,M3.5.0,M10.5.0/3', + ntp_servers = {'1.ntp.services.ffm','3.ntp.services.ffm'}, + + --[[ Wireless settings + regdom: IEEE 802.11 Regulatory Domain + http://en.wikipedia.org/wiki/IEEE_802.11#Regulatory_domains_and_legal_compliance + wifi24: Wifi settings for 2.4 GHz frequency devices + wifi5: Wifi settings for 5 GHz frequency devices + sub + ssid: Wifi name shown to the user (We recommend %site_code%.freifunk.net) + channel: Wifi channel to use + htmode: Specifies the channel width in 802.11n and 802.11ac mode, possible values are: + HT20 (single 20MHz channel), + HT40- (2x 20MHz channels, primary/control channel is upper, secondary channel is below) + HT40+ (2x 20MHz channels, primary/control channel is lower, secondary channel is above). + VHT20 / VHT40 / VHT80 / VHT160 (channel width in 802.11ac, extra channels are picked according to the specification) + http://wiki.openwrt.org/doc/uci/wireless#common.options (-> htmode) + mesh_ssid: SSID of the mesh-interface, an ugly SSID prevent clients from connecting (We recommend not to change this) + mesh_bssid: BSSID of the mesh-interface + mesh_mcast_rate: multicast rate of the mesh-interface ]] + + regdom = 'DE', + + wifi24 = { + ssid = 'regensburg.freifunk.net', + channel = 1, + htmode = 'HT40+', + mesh_ssid = 'mesh.ffmuc', + mesh_bssid = '02:0E:8E:1E:61:17', --[[ from https://muenchen.freifunk.net/wiki/Knoten#B.A.T.M.A.N._Advanced ]] + mesh_mcast_rate = 12000, + }, + + wifi5 = { + ssid = 'regensburg.freifunk.net', + channel = 44, + htmode = 'HT40+', + mesh_ssid = 'mesh.ffmuc', + mesh_bssid = '02:0E:8E:1E:61:17', + mesh_mcast_rate = 12000, + }, + + + --[[ Next-Node + next_node: Howto reach the node you are currently connected to + The node will always be reachable at that address, and it's the same on all nodes. Because next_node packets are redirected within the node itself, there will be no conflicts. + sub + ip4: IPv4 Address to use + ip6: IPv6 Address to use + mac: MAC Address to use + (TODO: What is the purpose of this MAC-Address here?) ]] + + next_node = { + ip4 = '10.80.0.1', + ip6 = 'fdef:ffc0:4fff::1', + mac = '16:41:95:40:f7:dc', + }, + + + --[[ Gateway settings + fastd_mesh_vpn: fastd vpn settings + https://projects.universe-factory.net/projects/fastd/wiki/User_manual + sub + methods: encryption algorithms to use + https://projects.universe-factory.net/projects/fastd/wiki/Methods + When multiple method statements are given, the first one has the highest preference. + mtu: package size + backbone: fastd vpn gateways of your community + sub + limit: Number of gateways each node connects to + On startup, each node tries to connect to every gateway, and then chooses the number of 'limit' fastest gateways it could reach + peers: Gateways + sub sub + key: public fastd key of your gateway + https://github.com/tcatm/ecdsautils + remotes: List of fastd configuration strings to connect to your gateway server ]] + + + fastd_mesh_vpn = { + methods = {'salsa2012+umac', 'salsa2012+gmac'}, + mtu = 1426, + backbone = { + limit = 2, + peers = { + vpn_gw01 = { --[[ VPN Server von Ole (netcap) ]] + key = '0ac59c349980993c99e74e1c5242c39cdd7282fbab0b9575b35762993df510f3', + remotes = {'ipv4 "37.120.168.150" port 10000'}, + }, + vpn_gw04 = { --[[ VPN Server von mephisto ]] + key = '40ebfaf04da006d9150d3d8adeaab0dfa62ca645b416403537cb009bbf2125b5', + remotes = {'ipv4 "213.166.225.3" port 10000'}, + }, + }, + }, + }, + + --[[ gluon autoupdater section + a how-to can be found here: http://gluon.readthedocs.org/en/latest/features/autoupdater.html + enable: 0, 1 + branch: stable, beta, experimental + name: name of the branch + mirrors: comma separated ipv6 based mirror-servers to access the firmware image + good_signatures: number of at leased good signatures signed by the authors of the firmware + pubkeys: public keys of the authors of the firmware image ]] + +autoupdater = { + enabled = 1, + branch = 'stable', + branches = { + stable = { + name = 'stable', + mirrors = { + 'http://[fdef:ffc0:4fff::14]/firmware/stable/sysupgrade/', + }, + probability = 0.08, + good_signatures = 1, + pubkeys = { + '4d6b1a8e2ecfdb59469c38c3659916dd6046cd5270ddd31c3319b21c508eaa07', -- mephisto + }, + }, + experimental = { + name = 'experimental', + mirrors = { + 'http://[fdef:ffc0:4fff::14]/firmware/experimental/sysupgrade/', + }, + probability = 0.1, + good_signatures = 1, + pubkeys = { + '4d6b1a8e2ecfdb59469c38c3659916dd6046cd5270ddd31c3319b21c508eaa07', -- mephisto + }, + }, + }, + }, + + + + --[[ Simple TC settings to limit the bandwidth of the vpn-uplink + mesh_vpn: + sub + ifname: name of the interface/bridge + enabled: default-value + limit_egress: default-value + limit_ingress: default-value ]] + + simple_tc = { + mesh_vpn = { + ifname = 'mesh-vpn', + enabled = false, + limit_egress = 200, + limit_ingress = 3000, + }, + }, + + + --[[ Config Mode settings + Text shown on local website on node while in config mode (after initial flashing or after a long press and hold on the primary button and reboot). You can use html here. + msg_welcome: Welcome message shown at startup + msg_pubkey: Instructions for the user how your community handles the key exchange + only shown if VPN setting is selected + msg_reboot: Message shown when configuration is finished while the node is rebooting. + + Variables + Within the text given here you can use variables which are + replaced when the respective website is delivered to the user. + Variables must be used in the format <%=NAME%>. See msg_pubkey for an example. + hostname: hostname of the node + pubkey: fastd public key of the node + sysconfig.primary_mac the primary mac of the node, also found printed beneath the device + ... other sysconfig.* variables: config_ifname, lan_ifname, wan_ifname ]] + + + config_mode = { + msg_welcome = [[ +Willkommen zum Einrichtungsassistenten für deinen neuen Münchner +Freifunk-Knoten. Fülle das folgende Formular deinen Vorstellungen +entsprechend aus und sende es ab. +]], + msg_pubkey = [[ +

+Dies ist der öffentliche Schlüssel deines Freifunk-Knotens. Erst nachdem +er auf den Servern des Münchener Freifunk-Projektes eingetragen wurde, +kann sich dein Knoten mit dem Münchner Mesh-VPN verbinden. +

+ +

+Um deinen Knoten einzutragen, öffne in einem Browser deiner Wahl bitte Keyformular, fülle das Formular aus und schicke es ab. + +

+ +

Informationen für das Formular: +

+

+ +

+Sollte das Formular nicht verfügbar sein, sende bitte eine Mail an Ole oder frnk. +

+]], + msg_reboot = [[ +

+Dein Knoten startet gerade neu und wird anschließend versuchen, +sich mit anderen Freifunk-Knoten in seiner Nähe zu +verbinden. Weitere Informationen zur +Münchner Freifunk-Community findest du auf +unserer Webseite. +

+

+Viel Spaß mit deinem Knoten und der Erkundung von Freifunk! +

+]], + }, +} +-- vim: set ft=lua:ts=2:sw=2:et diff --git a/site.mk b/site.mk new file mode 100644 index 0000000..717a1b2 --- /dev/null +++ b/site.mk @@ -0,0 +1,31 @@ +GLUON_SITE_PACKAGES := \ + gluon-mesh-batman-adv-14 \ + gluon-alfred \ + gluon-announced \ + gluon-autoupdater \ + gluon-config-mode-autoupdater \ + gluon-config-mode-hostname \ + gluon-config-mode-mesh-vpn \ + gluon-config-mode-geo-location \ + gluon-config-mode-contact-info \ + gluon-ebtables-filter-multicast \ + gluon-ebtables-filter-ra-dhcp \ + gluon-luci-admin \ + gluon-luci-autoupdater \ + gluon-luci-portconfig \ + gluon-luci-private-wifi \ + gluon-next-node \ + gluon-mesh-vpn-fastd \ + gluon-radvd \ + gluon-status-page \ + iwinfo \ + iptables \ + haveged + + +DEFAULT_GLUON_RELEASE := snapshot~$(shell date '+%Y%m%d') + +# Allow overriding the release number from the command line +GLUON_RELEASE ?= $(DEFAULT_GLUON_RELEASE) + +GLUON_PRIORITY ?= 0