Automated build of OpenWrt based firmware
Go to file
Daniel Gröber 9862e8ec12 Move access-points automation to top level 2023-09-08 23:50:59 +02:00
control Move access-points automation to top level 2023-09-08 23:50:59 +02:00
files Move access-points automation to top level 2023-09-08 23:50:59 +02:00
images Move access-points automation to top level 2023-09-08 23:50:59 +02:00
keys Move access-points automation to top level 2023-09-08 23:50:59 +02:00
private Add Unifi AC LITE backup 2018-04-13 19:43:39 +02:00
.gitignore Move access-points automation to top level 2023-09-08 23:50:59 +02:00
Makefile Move access-points automation to top level 2023-09-08 23:50:59 +02:00
README.md Move access-points automation to top level 2023-09-08 23:50:59 +02:00
build-image.sh Move access-points automation to top level 2023-09-08 23:50:59 +02:00
doc-ap-reset.txt Move access-points automation to top level 2023-09-08 23:50:59 +02:00

README.md

ITS WiFi Access Points Setup

This directory contains the scripts and configuration for the automated building of OpenWrt image-build based firmware images.

We use this to build fully pre-configured images for our 802.11 access-points. The deployed images are completely hands-off. No configuration of the running firmware should be necessary as all the device specific setup is done using /etc/uci-defaults/ by keying off the device's MAC address.

See files/common/its/etc/uci-defaults/50-config-from-mac for details.

Note that some of the files in this repository contain secrets, like passwords. These files are stored using git-annex which merely stores a hash in the (public) git repo and ships the relevant file contents off to a fileserver or other internal storage location.

Building Images

The Makefile provides a target for each device type we have images for, to build images for all devices at the space you can use:

$ make its
[...]
Wrote images to images/v0.20180506-3-g115cc99-dirty

the resulting sysupgrade images land in a directory in images/. The symlink images/latest points to the directory of the image built most recently. The build system also produces a *.image-manifest file which contains the URL to the ImageBuilder used as well its hash and the corresponding image's hash.

Each produced image file contains the target, subtarget and profile names for the targeted device (among other things), for example the Ubiquity UniFi AC Lite's image is called *-ath79-generic-ubnt_unifiac-lite*-sysupgrade.bin standing for TARGET=ath79, SUBTARGET=generic, PROFILE=ubnt_unifiac-lite.

These images can then be deployed by copying them to the respective device in /tmp using scp and then running, over ssh:

# sysupgrade -n /tmp/*-sysupgrade.bin

If this fails for some reason and the target device is subsequently bricked so bad it cannot even boot into failsafe mode any more, see OpenWrt Debricking Guide.

Using Released Binaries

The offically released and deployed images are available in this repo in the images/ directory. They need to be retrived from an internal server using git annex before they can be accessed. The public git repo only contains their hashes.

We also use git-annex to add the secrets used for generating the images to the repo, which will then only be available to authorized people using the internal git-annex store. For an example, see files/common/its/etc/uci-defaults/51-secrets. This file just sets up secrets, such as the WiFi/root password.