aps: Improve documentation
This commit is contained in:
parent
245e704a9e
commit
4eec0bbbbc
3 changed files with 42 additions and 697 deletions
46
README.md
46
README.md
|
@ -2,35 +2,55 @@ ITS WiFi Access Points Setup
|
||||||
============================
|
============================
|
||||||
|
|
||||||
We build the access points in use at the space using the LEDE/OpenWrt image
|
We build the access points in use at the space using the LEDE/OpenWrt image
|
||||||
builder. The deployed images are completely hands-off no configuration of the
|
builder. The deployed images are completely hands-off. No configuration of the
|
||||||
running firmware should be necessary as all the device specific setup is done
|
running firmware should be necessary as all the device specific setup is done
|
||||||
using `/etc/uci-defaults/` by keying off the MAC address.
|
using `/etc/uci-defaults/` by keying off the device's MAC address.
|
||||||
|
|
||||||
See [`files/common/its/etc/uci-defaults/50-config-from-mac`](files/common/its/etc/uci-defaults/50-config-from-mac) for details.
|
See [`files/common/its/etc/uci-defaults/50-config-from-mac`](files/common/its/etc/uci-defaults/50-config-from-mac) for details.
|
||||||
|
|
||||||
Building Images
|
Building Images
|
||||||
---------------
|
---------------
|
||||||
|
|
||||||
To build the `its` images, run:
|
The [`Makefile`][./Makefile] provides a target for each device type we have
|
||||||
|
images for, to build images for all devices at the space you can use:
|
||||||
|
|
||||||
```
|
```
|
||||||
$ make its
|
$ make its
|
||||||
|
[...]
|
||||||
|
Wrote images to images/v0.20180506-3-g115cc99-dirty
|
||||||
```
|
```
|
||||||
|
|
||||||
the resulting images land in `images/v0.$(date +'%Y%m%d')`. The build system
|
the resulting sysupgrade images land in a directory in `images/`. The symlink
|
||||||
also produces a `*.image-manifest` file which contains the URL to the
|
`images/latest` points to the directory of the image built most recently. The
|
||||||
ImageBuilder used as well its hash and the corresponding image's hash.
|
build system also produces a `*.image-manifest` file which contains the URL to
|
||||||
|
the ImageBuilder used as well its hash and the corresponding image's hash.
|
||||||
|
|
||||||
|
Each produced image file contains the target, subtarget and profile names for
|
||||||
|
the targeted device (among other things), for example the Ubiquity UniFi AC
|
||||||
|
Lite's image is called `*-ar71xx-generic-ubnt-unifiac-lite*-sysupgrade.bin`
|
||||||
|
standing for `TARGET=ar71xx`, `SUBTARGET=generic`, `PROFILE=ubnt-unifiac-lite`.
|
||||||
|
|
||||||
|
These images can then be deployed by copying them to the respective device in
|
||||||
|
`/tmp` using `scp` and then running, over ssh:
|
||||||
|
|
||||||
|
# sysupgrade -n /tmp/*-sysupgrade.bin
|
||||||
|
|
||||||
|
If this fails for some reason and the target device is subsequently bricked so
|
||||||
|
bad it cannot even boot into
|
||||||
|
[failsafe mode](https://openwrt.org/docs/guide-user/troubleshooting/failsafe_and_factory_reset#entering_failsafe_mode)
|
||||||
|
any more, see
|
||||||
|
[OpenWrt Debricking Guide](https://openwrt.org/docs/guide-user/troubleshooting/generic.debrick).
|
||||||
|
|
||||||
Using Released Binaries
|
Using Released Binaries
|
||||||
-----------------------
|
-----------------------
|
||||||
|
|
||||||
The offically released and deployed images are added to the repo using
|
The offically released and deployed images are available in this repo in the
|
||||||
[`git annex`](https://git-annex.branchable.com) since this will not actually add
|
[`images/`](images/) directory. They need to be retrived from an internal server
|
||||||
the files to git but rather just a symlink containing its hash. The actual
|
using [`git annex`](https://git-annex.branchable.com) before they can be
|
||||||
binary images can then be uploaded to an internal server.
|
accessed. The public git repo only contains their hashes.
|
||||||
|
|
||||||
We also use git-annex to add secrets to the repo which will then only be
|
We also use git-annex to add the secrets used for generating the images to the
|
||||||
available to authorized people using the internal git-annex store. For an
|
repo, which will then only be available to authorized people using the internal
|
||||||
example, see
|
git-annex store. For an example, see
|
||||||
[`files/common/its/etc/uci-defaults/51-secrets`](files/common/its/etc/uci-defaults/51-secrets). This
|
[`files/common/its/etc/uci-defaults/51-secrets`](files/common/its/etc/uci-defaults/51-secrets). This
|
||||||
file just sets up secrets, such as the WiFi/root password.
|
file just sets up secrets, such as the WiFi/root password.
|
||||||
|
|
|
@ -28,6 +28,7 @@ tar -C "$BUILDDIR" -axf "$DLDIR"/"$imagebuilder"
|
||||||
|
|
||||||
IMAGEBUILDER_DIR="$BUILDDIR"/"$(tar -atf "$DLDIR"/"$imagebuilder" | head -n1)"
|
IMAGEBUILDER_DIR="$BUILDDIR"/"$(tar -atf "$DLDIR"/"$imagebuilder" | head -n1)"
|
||||||
|
|
||||||
|
# source control file and extract variables
|
||||||
profile=$(. "$CONTROL"; echo "${PROFILE}")
|
profile=$(. "$CONTROL"; echo "${PROFILE}")
|
||||||
target=$(. "$CONTROL"; echo "${TARGET}")
|
target=$(. "$CONTROL"; echo "${TARGET}")
|
||||||
subtarget=$(. "$CONTROL"; echo "${SUBTARGET}")
|
subtarget=$(. "$CONTROL"; echo "${SUBTARGET}")
|
||||||
|
@ -35,6 +36,7 @@ subtarget=$(. "$CONTROL"; echo "${SUBTARGET}")
|
||||||
(
|
(
|
||||||
IFS='
|
IFS='
|
||||||
'
|
'
|
||||||
|
# `make` below consumes these
|
||||||
export PROFILE PACKAGES
|
export PROFILE PACKAGES
|
||||||
|
|
||||||
. "$CONTROL"
|
. "$CONTROL"
|
||||||
|
@ -59,6 +61,8 @@ subtarget=$(. "$CONTROL"; echo "${SUBTARGET}")
|
||||||
|
|
||||||
cp "$IMAGEBUILDER_DIR"/bin/targets/ar71xx/"${subtarget}"/openwrt*-"${target}-${subtarget}-${profile}"-squashfs-sysupgrade.bin "$IMAGEDIR"/
|
cp "$IMAGEBUILDER_DIR"/bin/targets/ar71xx/"${subtarget}"/openwrt*-"${target}-${subtarget}-${profile}"-squashfs-sysupgrade.bin "$IMAGEDIR"/
|
||||||
|
|
||||||
|
ln -snf "$VERSION" images/latest
|
||||||
|
|
||||||
{
|
{
|
||||||
printf '%s\n' "Date: $(date -R)"
|
printf '%s\n' "Date: $(date -R)"
|
||||||
printf '%s\n' "Image-Builder: $IMAGEBUILDER_URL"
|
printf '%s\n' "Image-Builder: $IMAGEBUILDER_URL"
|
||||||
|
@ -69,3 +73,8 @@ cp "$IMAGEBUILDER_DIR"/bin/targets/ar71xx/"${subtarget}"/openwrt*-"${target}-${s
|
||||||
( cd "$IMAGEDIR"; sha512sum openwrt*-"${target}-${subtarget}-${profile}"-squashfs-sysupgrade.bin )
|
( cd "$IMAGEDIR"; sha512sum openwrt*-"${target}-${subtarget}-${profile}"-squashfs-sysupgrade.bin )
|
||||||
} | sed 's/^/ /'
|
} | sed 's/^/ /'
|
||||||
} > "$IMAGEDIR"/"${profile}".image-manifest
|
} > "$IMAGEDIR"/"${profile}".image-manifest
|
||||||
|
|
||||||
|
echo
|
||||||
|
echo
|
||||||
|
echo "Wrote images to $IMAGEDIR"
|
||||||
|
echo
|
||||||
|
|
|
@ -1,684 +0,0 @@
|
||||||
# Reinstall guide for Openwrt based APs (TL-WR841N/ND)
|
|
||||||
# ====================================================
|
|
||||||
|
|
||||||
alias $=true # make sure this file is a valid shell script
|
|
||||||
|
|
||||||
$ wget https://downloads.openwrt.org/snapshots/trunk/ar71xx/generic/OpenWrt-ImageBuilder-ar71xx-generic.Linux-x86_64.tar.bz2
|
|
||||||
|
|
||||||
$ tar -xf OpenWrt-ImageBuilder-ar71xx-generic.Linux-x86_64.tar.bz2
|
|
||||||
|
|
||||||
$ cd OpenWrt-ImageBuilder-ar71xx-generic.Linux-x86_64/
|
|
||||||
|
|
||||||
$ sh <WHEREVER>/doc-ap-reinstall.txt # yes, seriously
|
|
||||||
|
|
||||||
$ make image PROFILE=TLWR841 FILES=files/ PACKAGES="collectd collectd-mod-wireless collectd-mod-interface collectd-mod-load collectd-mod-network -firewall -ip6tables -kmod-ip6tables"
|
|
||||||
|
|
||||||
# Now you should get the binary for flashing at:
|
|
||||||
# bin/ar71xx/openwrt-ar71xx-generic-tl-wr841n-v10-squashfs-sysupgrade.bin
|
|
||||||
|
|
||||||
# If your ssh key is in the config you can now connect to any LAN port (orange)
|
|
||||||
# on the AP, trigger a failsafe reset, scp the image into /tmp and flash the AP (see below).
|
|
||||||
# If it's not just add it to files/etc/dropbear/authorized_keys before running make
|
|
||||||
|
|
||||||
# 1) trigger factory reset (deletes /dev/mtdblock3, i.e. /overlay):
|
|
||||||
$ firstboot -y
|
|
||||||
# type 'y' and ENTER
|
|
||||||
$ reboot -f
|
|
||||||
|
|
||||||
# 2) wait for the router to come back up, do the failsafe mode dance again
|
|
||||||
# finally and copy the image there:
|
|
||||||
|
|
||||||
$ scp bin/ar71xx/openwrt-ar71xx-generic-tl-wr841n-v10-squashfs-sysupgrade.bin root@192.168.1.1:/tmp
|
|
||||||
|
|
||||||
# 3) finally flash the AP:
|
|
||||||
$ sysupgrade openwrt-*.bin
|
|
||||||
|
|
||||||
# now connect the WAN port (blue) to the correct patch port and make sure this
|
|
||||||
# is connected to VLAN 2 on SW0 (ports 29,30,31,32,33,34 are for now)
|
|
||||||
|
|
||||||
# WTF?
|
|
||||||
|
|
||||||
# /bin/sh ignores lines that start with '#' and the 'alias' above makes sure '$'
|
|
||||||
# is not a command that exists, so everything in this file is ignored up the the
|
|
||||||
# shar(1) archive, neat huh?
|
|
||||||
|
|
||||||
# ---- shar archive follows ----
|
|
||||||
#!/bin/sh
|
|
||||||
# This is a shell archive (produced by GNU sharutils 4.15.2).
|
|
||||||
# To extract the files from this archive, save it to some FILE, remove
|
|
||||||
# everything before the '#!/bin/sh' line above, then type 'sh FILE'.
|
|
||||||
#
|
|
||||||
lock_dir=_sh06036
|
|
||||||
# Made on 2016-06-06 01:42 CEST by <dxld@Sam>.
|
|
||||||
# Source directory was '/home/dxld/var/build/OpenWrt-ImageBuilder-ar71xx-generic.Linux-x86_64'.
|
|
||||||
#
|
|
||||||
# Existing files will *not* be overwritten, unless '-c' is specified.
|
|
||||||
#
|
|
||||||
# This shar contains:
|
|
||||||
# length mode name
|
|
||||||
# ------ ---------- ------------------------------------------
|
|
||||||
# 611 -rw------- files/etc/collectd.conf
|
|
||||||
# 286 -rw-r--r-- files/etc/config/dhcp
|
|
||||||
# 136 -rw-r--r-- files/etc/config/dropbear
|
|
||||||
# 105 -rw-r--r-- files/etc/config/firewall
|
|
||||||
# 630 -rw-r--r-- files/etc/config/network
|
|
||||||
# 1063 -rw-r--r-- files/etc/config/system
|
|
||||||
# 0 -rw-r--r-- files/etc/config/ubootenv
|
|
||||||
# 325 -rw-r--r-- files/etc/config/wireless
|
|
||||||
# 390 -rw-r--r-- files/etc/dropbear/authorized_keys
|
|
||||||
# 503 -rwxr-xr-x files/etc/uci-defaults/50-config-from-mac
|
|
||||||
#
|
|
||||||
MD5SUM=${MD5SUM-md5sum}
|
|
||||||
f=`${MD5SUM} --version | egrep '^md5sum .*(core|text)utils'`
|
|
||||||
test -n "${f}" && md5check=true || md5check=false
|
|
||||||
${md5check} || \
|
|
||||||
echo 'Note: not verifying md5sums. Consider installing GNU coreutils.'
|
|
||||||
if test "X$1" = "X-c"
|
|
||||||
then keep_file=''
|
|
||||||
else keep_file=true
|
|
||||||
fi
|
|
||||||
echo=echo
|
|
||||||
save_IFS="${IFS}"
|
|
||||||
IFS="${IFS}:"
|
|
||||||
gettext_dir=
|
|
||||||
locale_dir=
|
|
||||||
set_echo=false
|
|
||||||
|
|
||||||
for dir in $PATH
|
|
||||||
do
|
|
||||||
if test -f $dir/gettext \
|
|
||||||
&& ($dir/gettext --version >/dev/null 2>&1)
|
|
||||||
then
|
|
||||||
case `$dir/gettext --version 2>&1 | sed 1q` in
|
|
||||||
*GNU*) gettext_dir=$dir
|
|
||||||
set_echo=true
|
|
||||||
break ;;
|
|
||||||
esac
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
|
|
||||||
if ${set_echo}
|
|
||||||
then
|
|
||||||
set_echo=false
|
|
||||||
for dir in $PATH
|
|
||||||
do
|
|
||||||
if test -f $dir/shar \
|
|
||||||
&& ($dir/shar --print-text-domain-dir >/dev/null 2>&1)
|
|
||||||
then
|
|
||||||
locale_dir=`$dir/shar --print-text-domain-dir`
|
|
||||||
set_echo=true
|
|
||||||
break
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
|
|
||||||
if ${set_echo}
|
|
||||||
then
|
|
||||||
TEXTDOMAINDIR=$locale_dir
|
|
||||||
export TEXTDOMAINDIR
|
|
||||||
TEXTDOMAIN=sharutils
|
|
||||||
export TEXTDOMAIN
|
|
||||||
echo="$gettext_dir/gettext -s"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
IFS="$save_IFS"
|
|
||||||
if (echo "testing\c"; echo 1,2,3) | grep c >/dev/null
|
|
||||||
then if (echo -n test; echo 1,2,3) | grep n >/dev/null
|
|
||||||
then shar_n= shar_c='
|
|
||||||
'
|
|
||||||
else shar_n=-n shar_c= ; fi
|
|
||||||
else shar_n= shar_c='\c' ; fi
|
|
||||||
f=shar-touch.$$
|
|
||||||
st1=200112312359.59
|
|
||||||
st2=123123592001.59
|
|
||||||
st2tr=123123592001.5 # old SysV 14-char limit
|
|
||||||
st3=1231235901
|
|
||||||
|
|
||||||
if touch -am -t ${st1} ${f} >/dev/null 2>&1 && \
|
|
||||||
test ! -f ${st1} && test -f ${f}; then
|
|
||||||
shar_touch='touch -am -t $1$2$3$4$5$6.$7 "$8"'
|
|
||||||
|
|
||||||
elif touch -am ${st2} ${f} >/dev/null 2>&1 && \
|
|
||||||
test ! -f ${st2} && test ! -f ${st2tr} && test -f ${f}; then
|
|
||||||
shar_touch='touch -am $3$4$5$6$1$2.$7 "$8"'
|
|
||||||
|
|
||||||
elif touch -am ${st3} ${f} >/dev/null 2>&1 && \
|
|
||||||
test ! -f ${st3} && test -f ${f}; then
|
|
||||||
shar_touch='touch -am $3$4$5$6$2 "$8"'
|
|
||||||
|
|
||||||
else
|
|
||||||
shar_touch=:
|
|
||||||
echo
|
|
||||||
${echo} 'WARNING: not restoring timestamps. Consider getting and
|
|
||||||
installing GNU '\''touch'\'', distributed in GNU coreutils...'
|
|
||||||
echo
|
|
||||||
fi
|
|
||||||
rm -f ${st1} ${st2} ${st2tr} ${st3} ${f}
|
|
||||||
#
|
|
||||||
if test ! -d ${lock_dir} ; then :
|
|
||||||
else ${echo} "lock directory ${lock_dir} exists"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
if mkdir ${lock_dir}
|
|
||||||
then ${echo} "x - created lock directory ${lock_dir}."
|
|
||||||
else ${echo} "x - failed to create lock directory ${lock_dir}."
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
# ============= files/etc/collectd.conf ==============
|
|
||||||
if test ! -d 'files'; then
|
|
||||||
mkdir 'files'
|
|
||||||
if test $? -eq 0
|
|
||||||
then ${echo} "x - created directory files."
|
|
||||||
else ${echo} "x - failed to create directory files."
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
if test ! -d 'files/etc'; then
|
|
||||||
mkdir 'files/etc'
|
|
||||||
if test $? -eq 0
|
|
||||||
then ${echo} "x - created directory files/etc."
|
|
||||||
else ${echo} "x - failed to create directory files/etc."
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
if test -n "${keep_file}" && test -f 'files/etc/collectd.conf'
|
|
||||||
then
|
|
||||||
${echo} "x - SKIPPING files/etc/collectd.conf (file already exists)"
|
|
||||||
|
|
||||||
else
|
|
||||||
${echo} "x - extracting files/etc/collectd.conf (text)"
|
|
||||||
sed 's/^X//' << 'SHAR_EOF' > 'files/etc/collectd.conf' &&
|
|
||||||
# Config file for collectd. More info: https://collectd.org/
|
|
||||||
# Note: Luci statistics will generate a new config and overwrite this file.
|
|
||||||
X
|
|
||||||
#Hostname "localhost"
|
|
||||||
#FQDNLookup true
|
|
||||||
BaseDir "/var/run/collectd"
|
|
||||||
Include "/etc/collectd/conf.d"
|
|
||||||
PIDFile "/var/run/collectd.pid"
|
|
||||||
PluginDir "/usr/lib/collectd"
|
|
||||||
TypesDB "/usr/share/collectd/types.db"
|
|
||||||
Interval 30
|
|
||||||
ReadThreads 2
|
|
||||||
X
|
|
||||||
LoadPlugin interface
|
|
||||||
LoadPlugin load
|
|
||||||
#LoadPlugin ping
|
|
||||||
X
|
|
||||||
<Plugin interface>
|
|
||||||
X IgnoreSelected false
|
|
||||||
X Interface "lan""
|
|
||||||
</Plugin>
|
|
||||||
X
|
|
||||||
LoadPlugin network
|
|
||||||
<Plugin network>
|
|
||||||
X Server "sozial.asozial" "25826"
|
|
||||||
X Forward false
|
|
||||||
</Plugin>
|
|
||||||
X
|
|
||||||
X
|
|
||||||
LoadPlugin wireless
|
|
||||||
SHAR_EOF
|
|
||||||
(set 20 16 03 14 20 20 43 'files/etc/collectd.conf'
|
|
||||||
eval "${shar_touch}") && \
|
|
||||||
chmod 0600 'files/etc/collectd.conf'
|
|
||||||
if test $? -ne 0
|
|
||||||
then ${echo} "restore of files/etc/collectd.conf failed"
|
|
||||||
fi
|
|
||||||
if ${md5check}
|
|
||||||
then (
|
|
||||||
${MD5SUM} -c >/dev/null 2>&1 || ${echo} 'files/etc/collectd.conf': 'MD5 check failed'
|
|
||||||
) << \SHAR_EOF
|
|
||||||
317af4e906f9877fb3942b2c969ec6f8 files/etc/collectd.conf
|
|
||||||
SHAR_EOF
|
|
||||||
|
|
||||||
else
|
|
||||||
test `LC_ALL=C wc -c < 'files/etc/collectd.conf'` -ne 611 && \
|
|
||||||
${echo} "restoration warning: size of 'files/etc/collectd.conf' is not 611"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
# ============= files/etc/config/dhcp ==============
|
|
||||||
if test ! -d 'files/etc'; then
|
|
||||||
mkdir 'files/etc'
|
|
||||||
if test $? -eq 0
|
|
||||||
then ${echo} "x - created directory files/etc."
|
|
||||||
else ${echo} "x - failed to create directory files/etc."
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
if test ! -d 'files/etc/config'; then
|
|
||||||
mkdir 'files/etc/config'
|
|
||||||
if test $? -eq 0
|
|
||||||
then ${echo} "x - created directory files/etc/config."
|
|
||||||
else ${echo} "x - failed to create directory files/etc/config."
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
if test -n "${keep_file}" && test -f 'files/etc/config/dhcp'
|
|
||||||
then
|
|
||||||
${echo} "x - SKIPPING files/etc/config/dhcp (file already exists)"
|
|
||||||
|
|
||||||
else
|
|
||||||
${echo} "x - extracting files/etc/config/dhcp (text)"
|
|
||||||
sed 's/^X//' << 'SHAR_EOF' > 'files/etc/config/dhcp' &&
|
|
||||||
X
|
|
||||||
config dnsmasq
|
|
||||||
X option listen 0
|
|
||||||
X
|
|
||||||
config dhcp 'lan'
|
|
||||||
X option interface 'lan'
|
|
||||||
X option ignore 1
|
|
||||||
X
|
|
||||||
config dhcp 'wan'
|
|
||||||
X option interface 'wan'
|
|
||||||
X option ignore '1'
|
|
||||||
X
|
|
||||||
config odhcpd 'odhcpd'
|
|
||||||
X option maindhcp '0'
|
|
||||||
X option leasefile '/tmp/hosts/odhcpd'
|
|
||||||
X option leasetrigger '/usr/sbin/odhcpd-update'
|
|
||||||
X
|
|
||||||
SHAR_EOF
|
|
||||||
(set 20 16 02 18 23 07 05 'files/etc/config/dhcp'
|
|
||||||
eval "${shar_touch}") && \
|
|
||||||
chmod 0644 'files/etc/config/dhcp'
|
|
||||||
if test $? -ne 0
|
|
||||||
then ${echo} "restore of files/etc/config/dhcp failed"
|
|
||||||
fi
|
|
||||||
if ${md5check}
|
|
||||||
then (
|
|
||||||
${MD5SUM} -c >/dev/null 2>&1 || ${echo} 'files/etc/config/dhcp': 'MD5 check failed'
|
|
||||||
) << \SHAR_EOF
|
|
||||||
14380207dcdfc80dcf7ad0f874385a4f files/etc/config/dhcp
|
|
||||||
SHAR_EOF
|
|
||||||
|
|
||||||
else
|
|
||||||
test `LC_ALL=C wc -c < 'files/etc/config/dhcp'` -ne 286 && \
|
|
||||||
${echo} "restoration warning: size of 'files/etc/config/dhcp' is not 286"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
# ============= files/etc/config/dropbear ==============
|
|
||||||
if test ! -d 'files/etc/config'; then
|
|
||||||
mkdir 'files/etc/config'
|
|
||||||
if test $? -eq 0
|
|
||||||
then ${echo} "x - created directory files/etc/config."
|
|
||||||
else ${echo} "x - failed to create directory files/etc/config."
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
if test -n "${keep_file}" && test -f 'files/etc/config/dropbear'
|
|
||||||
then
|
|
||||||
${echo} "x - SKIPPING files/etc/config/dropbear (file already exists)"
|
|
||||||
|
|
||||||
else
|
|
||||||
${echo} "x - extracting files/etc/config/dropbear (text)"
|
|
||||||
sed 's/^X//' << 'SHAR_EOF' > 'files/etc/config/dropbear' &&
|
|
||||||
config dropbear
|
|
||||||
X option PasswordAuth 'off'
|
|
||||||
X option RootPasswordAuth 'off'
|
|
||||||
X option Port '22'
|
|
||||||
# option BannerFile '/etc/banner'
|
|
||||||
SHAR_EOF
|
|
||||||
(set 20 16 02 19 01 22 09 'files/etc/config/dropbear'
|
|
||||||
eval "${shar_touch}") && \
|
|
||||||
chmod 0644 'files/etc/config/dropbear'
|
|
||||||
if test $? -ne 0
|
|
||||||
then ${echo} "restore of files/etc/config/dropbear failed"
|
|
||||||
fi
|
|
||||||
if ${md5check}
|
|
||||||
then (
|
|
||||||
${MD5SUM} -c >/dev/null 2>&1 || ${echo} 'files/etc/config/dropbear': 'MD5 check failed'
|
|
||||||
) << \SHAR_EOF
|
|
||||||
4e428f3d36b40c3de857bf73d3bc27ce files/etc/config/dropbear
|
|
||||||
SHAR_EOF
|
|
||||||
|
|
||||||
else
|
|
||||||
test `LC_ALL=C wc -c < 'files/etc/config/dropbear'` -ne 136 && \
|
|
||||||
${echo} "restoration warning: size of 'files/etc/config/dropbear' is not 136"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
# ============= files/etc/config/firewall ==============
|
|
||||||
if test -n "${keep_file}" && test -f 'files/etc/config/firewall'
|
|
||||||
then
|
|
||||||
${echo} "x - SKIPPING files/etc/config/firewall (file already exists)"
|
|
||||||
|
|
||||||
else
|
|
||||||
${echo} "x - extracting files/etc/config/firewall (text)"
|
|
||||||
sed 's/^X//' << 'SHAR_EOF' > 'files/etc/config/firewall' &&
|
|
||||||
config defaults
|
|
||||||
X option syn_flood 1
|
|
||||||
X option input ACCEPT
|
|
||||||
X option output ACCEPT
|
|
||||||
X option forward ACCEPT
|
|
||||||
SHAR_EOF
|
|
||||||
(set 20 16 03 14 20 19 47 'files/etc/config/firewall'
|
|
||||||
eval "${shar_touch}") && \
|
|
||||||
chmod 0644 'files/etc/config/firewall'
|
|
||||||
if test $? -ne 0
|
|
||||||
then ${echo} "restore of files/etc/config/firewall failed"
|
|
||||||
fi
|
|
||||||
if ${md5check}
|
|
||||||
then (
|
|
||||||
${MD5SUM} -c >/dev/null 2>&1 || ${echo} 'files/etc/config/firewall': 'MD5 check failed'
|
|
||||||
) << \SHAR_EOF
|
|
||||||
3aca9392cad163a47cd8ed892ad1fbee files/etc/config/firewall
|
|
||||||
SHAR_EOF
|
|
||||||
|
|
||||||
else
|
|
||||||
test `LC_ALL=C wc -c < 'files/etc/config/firewall'` -ne 105 && \
|
|
||||||
${echo} "restoration warning: size of 'files/etc/config/firewall' is not 105"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
# ============= files/etc/config/network ==============
|
|
||||||
if test -n "${keep_file}" && test -f 'files/etc/config/network'
|
|
||||||
then
|
|
||||||
${echo} "x - SKIPPING files/etc/config/network (file already exists)"
|
|
||||||
|
|
||||||
else
|
|
||||||
${echo} "x - extracting files/etc/config/network (text)"
|
|
||||||
sed 's/^X//' << 'SHAR_EOF' > 'files/etc/config/network' &&
|
|
||||||
X
|
|
||||||
config interface 'loopback'
|
|
||||||
X option ifname 'lo'
|
|
||||||
X option proto 'static'
|
|
||||||
X option ipaddr '127.0.0.1'
|
|
||||||
X option netmask '255.0.0.0'
|
|
||||||
X
|
|
||||||
config interface 'apctl'
|
|
||||||
X option ifname 'eth1.2'
|
|
||||||
X option proto 'dhcp'
|
|
||||||
X
|
|
||||||
config interface 'lan'
|
|
||||||
X option type 'bridge'
|
|
||||||
X option ifname 'eth1'
|
|
||||||
X option proto 'static'
|
|
||||||
X
|
|
||||||
config interface 'recovery'
|
|
||||||
X option type 'bridge'
|
|
||||||
X option ifname 'eth0'
|
|
||||||
X option proto 'static'
|
|
||||||
X option ipaddr '192.168.1.1'
|
|
||||||
X option netmask '255.0.0.0'
|
|
||||||
X
|
|
||||||
X
|
|
||||||
config switch
|
|
||||||
X option name 'switch0'
|
|
||||||
X option reset '1'
|
|
||||||
X option enable '1'
|
|
||||||
X option enable_vlan '1'
|
|
||||||
X
|
|
||||||
config switch_vlan
|
|
||||||
X option device 'switch0'
|
|
||||||
X option vlan '1'
|
|
||||||
X option ports '1 2 3 4 0'
|
|
||||||
SHAR_EOF
|
|
||||||
(set 20 16 03 14 20 26 56 'files/etc/config/network'
|
|
||||||
eval "${shar_touch}") && \
|
|
||||||
chmod 0644 'files/etc/config/network'
|
|
||||||
if test $? -ne 0
|
|
||||||
then ${echo} "restore of files/etc/config/network failed"
|
|
||||||
fi
|
|
||||||
if ${md5check}
|
|
||||||
then (
|
|
||||||
${MD5SUM} -c >/dev/null 2>&1 || ${echo} 'files/etc/config/network': 'MD5 check failed'
|
|
||||||
) << \SHAR_EOF
|
|
||||||
e953d88ed06acffbef2e9086fa727fd7 files/etc/config/network
|
|
||||||
SHAR_EOF
|
|
||||||
|
|
||||||
else
|
|
||||||
test `LC_ALL=C wc -c < 'files/etc/config/network'` -ne 630 && \
|
|
||||||
${echo} "restoration warning: size of 'files/etc/config/network' is not 630"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
# ============= files/etc/config/system ==============
|
|
||||||
if test -n "${keep_file}" && test -f 'files/etc/config/system'
|
|
||||||
then
|
|
||||||
${echo} "x - SKIPPING files/etc/config/system (file already exists)"
|
|
||||||
|
|
||||||
else
|
|
||||||
${echo} "x - extracting files/etc/config/system (text)"
|
|
||||||
sed 's/^X//' << 'SHAR_EOF' > 'files/etc/config/system' &&
|
|
||||||
X
|
|
||||||
config system
|
|
||||||
X option hostname 'ITS-AP-unassigned'
|
|
||||||
X option timezone 'UTC'
|
|
||||||
X
|
|
||||||
config timeserver 'ntp'
|
|
||||||
X list server '0.openwrt.pool.ntp.org'
|
|
||||||
X list server '1.openwrt.pool.ntp.org'
|
|
||||||
X list server '2.openwrt.pool.ntp.org'
|
|
||||||
X list server '3.openwrt.pool.ntp.org'
|
|
||||||
X option enabled '1'
|
|
||||||
X option enable_server '0'
|
|
||||||
X
|
|
||||||
config led 'led_wan'
|
|
||||||
X option name 'WAN'
|
|
||||||
X option sysfs 'tp-link:green:wan'
|
|
||||||
X option trigger 'netdev'
|
|
||||||
X option mode 'link tx rx'
|
|
||||||
X option dev 'eth1'
|
|
||||||
X
|
|
||||||
config led 'led_lan1'
|
|
||||||
X option name 'LAN1'
|
|
||||||
X option sysfs 'tp-link:green:lan1'
|
|
||||||
X option trigger 'switch0'
|
|
||||||
X option port_mask '0x10'
|
|
||||||
X
|
|
||||||
config led 'led_lan2'
|
|
||||||
X option name 'LAN2'
|
|
||||||
X option sysfs 'tp-link:green:lan2'
|
|
||||||
X option trigger 'switch0'
|
|
||||||
X option port_mask '0x08'
|
|
||||||
X
|
|
||||||
config led 'led_lan3'
|
|
||||||
X option name 'LAN3'
|
|
||||||
X option sysfs 'tp-link:green:lan3'
|
|
||||||
X option trigger 'switch0'
|
|
||||||
X option port_mask '0x04'
|
|
||||||
X
|
|
||||||
config led 'led_lan4'
|
|
||||||
X option name 'LAN4'
|
|
||||||
X option sysfs 'tp-link:green:lan4'
|
|
||||||
X option trigger 'switch0'
|
|
||||||
X option port_mask '0x02'
|
|
||||||
X
|
|
||||||
config led 'led_wlan'
|
|
||||||
X option name 'WLAN'
|
|
||||||
X option sysfs 'tp-link:green:wlan'
|
|
||||||
X option trigger 'phy0tpt'
|
|
||||||
SHAR_EOF
|
|
||||||
(set 20 16 03 14 17 41 57 'files/etc/config/system'
|
|
||||||
eval "${shar_touch}") && \
|
|
||||||
chmod 0644 'files/etc/config/system'
|
|
||||||
if test $? -ne 0
|
|
||||||
then ${echo} "restore of files/etc/config/system failed"
|
|
||||||
fi
|
|
||||||
if ${md5check}
|
|
||||||
then (
|
|
||||||
${MD5SUM} -c >/dev/null 2>&1 || ${echo} 'files/etc/config/system': 'MD5 check failed'
|
|
||||||
) << \SHAR_EOF
|
|
||||||
9473b26be0e31d238df7fb716f2b4964 files/etc/config/system
|
|
||||||
SHAR_EOF
|
|
||||||
|
|
||||||
else
|
|
||||||
test `LC_ALL=C wc -c < 'files/etc/config/system'` -ne 1063 && \
|
|
||||||
${echo} "restoration warning: size of 'files/etc/config/system' is not 1063"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
# ============= files/etc/config/ubootenv ==============
|
|
||||||
if test -n "${keep_file}" && test -f 'files/etc/config/ubootenv'
|
|
||||||
then
|
|
||||||
${echo} "x - SKIPPING files/etc/config/ubootenv (file already exists)"
|
|
||||||
|
|
||||||
else
|
|
||||||
${echo} "x - extracting files/etc/config/ubootenv (empty)"
|
|
||||||
> 'files/etc/config/ubootenv' &&
|
|
||||||
(set 20 16 02 07 15 30 04 'files/etc/config/ubootenv'
|
|
||||||
eval "${shar_touch}") && \
|
|
||||||
chmod 0644 'files/etc/config/ubootenv'
|
|
||||||
if test $? -ne 0
|
|
||||||
then ${echo} "restore of files/etc/config/ubootenv failed"
|
|
||||||
fi
|
|
||||||
if ${md5check}
|
|
||||||
then (
|
|
||||||
${MD5SUM} -c >/dev/null 2>&1 || ${echo} 'files/etc/config/ubootenv': 'MD5 check failed'
|
|
||||||
) << \SHAR_EOF
|
|
||||||
d41d8cd98f00b204e9800998ecf8427e files/etc/config/ubootenv
|
|
||||||
SHAR_EOF
|
|
||||||
|
|
||||||
else
|
|
||||||
test `LC_ALL=C wc -c < 'files/etc/config/ubootenv'` -ne 0 && \
|
|
||||||
${echo} "restoration warning: size of 'files/etc/config/ubootenv' is not 0"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
# ============= files/etc/config/wireless ==============
|
|
||||||
if test -n "${keep_file}" && test -f 'files/etc/config/wireless'
|
|
||||||
then
|
|
||||||
${echo} "x - SKIPPING files/etc/config/wireless (file already exists)"
|
|
||||||
|
|
||||||
else
|
|
||||||
${echo} "x - extracting files/etc/config/wireless (text)"
|
|
||||||
sed 's/^X//' << 'SHAR_EOF' > 'files/etc/config/wireless' &&
|
|
||||||
config wifi-device radio0
|
|
||||||
X option type mac80211
|
|
||||||
X option channel 11
|
|
||||||
X option hwmode 11g
|
|
||||||
X option path 'platform/qca953x_wmac'
|
|
||||||
X option htmode HT20
|
|
||||||
X
|
|
||||||
config wifi-iface
|
|
||||||
X option device radio0
|
|
||||||
X option network lan
|
|
||||||
X option mode ap
|
|
||||||
X option ssid it-syndikat
|
|
||||||
X option encryption psk2
|
|
||||||
X option key '<WIRELESS KEY HERE>'
|
|
||||||
SHAR_EOF
|
|
||||||
(set 20 16 06 06 01 41 58 'files/etc/config/wireless'
|
|
||||||
eval "${shar_touch}") && \
|
|
||||||
chmod 0644 'files/etc/config/wireless'
|
|
||||||
if test $? -ne 0
|
|
||||||
then ${echo} "restore of files/etc/config/wireless failed"
|
|
||||||
fi
|
|
||||||
if ${md5check}
|
|
||||||
then (
|
|
||||||
${MD5SUM} -c >/dev/null 2>&1 || ${echo} 'files/etc/config/wireless': 'MD5 check failed'
|
|
||||||
) << \SHAR_EOF
|
|
||||||
06b38e06f26ea56e8a8e5f51a6566ff8 files/etc/config/wireless
|
|
||||||
SHAR_EOF
|
|
||||||
|
|
||||||
else
|
|
||||||
test `LC_ALL=C wc -c < 'files/etc/config/wireless'` -ne 325 && \
|
|
||||||
${echo} "restoration warning: size of 'files/etc/config/wireless' is not 325"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
# ============= files/etc/dropbear/authorized_keys ==============
|
|
||||||
if test ! -d 'files/etc/dropbear'; then
|
|
||||||
mkdir 'files/etc/dropbear'
|
|
||||||
if test $? -eq 0
|
|
||||||
then ${echo} "x - created directory files/etc/dropbear."
|
|
||||||
else ${echo} "x - failed to create directory files/etc/dropbear."
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
if test -n "${keep_file}" && test -f 'files/etc/dropbear/authorized_keys'
|
|
||||||
then
|
|
||||||
${echo} "x - SKIPPING files/etc/dropbear/authorized_keys (file already exists)"
|
|
||||||
|
|
||||||
else
|
|
||||||
${echo} "x - extracting files/etc/dropbear/authorized_keys (text)"
|
|
||||||
sed 's/^X//' << 'SHAR_EOF' | uudecode &&
|
|
||||||
begin 600 files/etc/dropbear/authorized_keys
|
|
||||||
M<W-H+7)S82!!04%!0C-.>F%#,7EC,D5!04%!1$%104)!04%"05%#,41B=VMS
|
|
||||||
M>75-,FE652]M4U-18CAF8U14,W-M3T1Y96%Z=%!V<&8Q94\T.61N-$UE8T%C
|
|
||||||
M534X>G$R9S1$2W5M0S5Q,6)#<DUQ<&A9.65A*U534W)9<&8K6BLK9F5Z3W-0
|
|
||||||
M>&%D-$UR-&EX=3!(83A6;S1#3$-F1'AC07A::%EU;$%X;E!D,G<X9T)Y25%)
|
|
||||||
M56YM1UI"1WE!6'5$,%EX:2LR8W!N,VI'5TDQ3CDV8W=Y:%-Z63`O46UJ9F55
|
|
||||||
M8G%B*W!D:45J;2]*5$)U;R]S0FUF2FUD.5%A>4UV>$]Z,5)R>C%4=4\X.79M
|
|
||||||
M+U9L,5`K:TE&4W1O0G-%955(."M9<75)4'50<6=Q,V0V2"MI538X3DYT8G!9
|
|
||||||
M07=-2E,S,'5M-'5H=2]X3R]62&-L0V%F<4]U47994FMJ0DI!4DY0;4UL+T15
|
|
||||||
>8VET:$Y#5S)!=D1C=$IS6G!",6P@9'AL9$!%;&D*
|
|
||||||
`
|
|
||||||
end
|
|
||||||
SHAR_EOF
|
|
||||||
(set 20 16 02 19 01 22 39 'files/etc/dropbear/authorized_keys'
|
|
||||||
eval "${shar_touch}") && \
|
|
||||||
chmod 0644 'files/etc/dropbear/authorized_keys'
|
|
||||||
if test $? -ne 0
|
|
||||||
then ${echo} "restore of files/etc/dropbear/authorized_keys failed"
|
|
||||||
fi
|
|
||||||
if ${md5check}
|
|
||||||
then (
|
|
||||||
${MD5SUM} -c >/dev/null 2>&1 || ${echo} 'files/etc/dropbear/authorized_keys': 'MD5 check failed'
|
|
||||||
) << \SHAR_EOF
|
|
||||||
9641a516022df2dc59a071c9d16be7aa files/etc/dropbear/authorized_keys
|
|
||||||
SHAR_EOF
|
|
||||||
|
|
||||||
else
|
|
||||||
test `LC_ALL=C wc -c < 'files/etc/dropbear/authorized_keys'` -ne 390 && \
|
|
||||||
${echo} "restoration warning: size of 'files/etc/dropbear/authorized_keys' is not 390"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
# ============= files/etc/uci-defaults/50-config-from-mac ==============
|
|
||||||
if test ! -d 'files/etc/uci-defaults'; then
|
|
||||||
mkdir 'files/etc/uci-defaults'
|
|
||||||
if test $? -eq 0
|
|
||||||
then ${echo} "x - created directory files/etc/uci-defaults."
|
|
||||||
else ${echo} "x - failed to create directory files/etc/uci-defaults."
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
if test -n "${keep_file}" && test -f 'files/etc/uci-defaults/50-config-from-mac'
|
|
||||||
then
|
|
||||||
${echo} "x - SKIPPING files/etc/uci-defaults/50-config-from-mac (file already exists)"
|
|
||||||
|
|
||||||
else
|
|
||||||
${echo} "x - extracting files/etc/uci-defaults/50-config-from-mac (text)"
|
|
||||||
sed 's/^X//' << 'SHAR_EOF' > 'files/etc/uci-defaults/50-config-from-mac' &&
|
|
||||||
#!/bin/sh
|
|
||||||
set -e
|
|
||||||
X
|
|
||||||
mac=$(cat /sys/class/net/eth1/address)
|
|
||||||
X
|
|
||||||
hostname=
|
|
||||||
channel=
|
|
||||||
if [ "$mac" = 60:e3:27:b8:16:ed ]; then
|
|
||||||
X hostname=cz-ap0
|
|
||||||
X channel=6
|
|
||||||
elif [ "$mac" = 60:e3:27:b8:09:db ]; then
|
|
||||||
X hostname=cz-ap1
|
|
||||||
X channel=12
|
|
||||||
elif [ "$mac" = 60:e3:27:ed:9b:b1 ]; then
|
|
||||||
X hostname=cz-ap2
|
|
||||||
X channel=1
|
|
||||||
fi
|
|
||||||
X
|
|
||||||
uci set system.@system[0].hostname=$hostname
|
|
||||||
uci commit system
|
|
||||||
uci set wireless.radio0.channel=$channel
|
|
||||||
uci commit wireless
|
|
||||||
echo $(uci get system.@system[0].hostname) > /proc/sys/kernel/hostname
|
|
||||||
SHAR_EOF
|
|
||||||
(set 20 16 03 20 16 53 15 'files/etc/uci-defaults/50-config-from-mac'
|
|
||||||
eval "${shar_touch}") && \
|
|
||||||
chmod 0755 'files/etc/uci-defaults/50-config-from-mac'
|
|
||||||
if test $? -ne 0
|
|
||||||
then ${echo} "restore of files/etc/uci-defaults/50-config-from-mac failed"
|
|
||||||
fi
|
|
||||||
if ${md5check}
|
|
||||||
then (
|
|
||||||
${MD5SUM} -c >/dev/null 2>&1 || ${echo} 'files/etc/uci-defaults/50-config-from-mac': 'MD5 check failed'
|
|
||||||
) << \SHAR_EOF
|
|
||||||
689a299be8256d569a668704a26d27c3 files/etc/uci-defaults/50-config-from-mac
|
|
||||||
SHAR_EOF
|
|
||||||
|
|
||||||
else
|
|
||||||
test `LC_ALL=C wc -c < 'files/etc/uci-defaults/50-config-from-mac'` -ne 503 && \
|
|
||||||
${echo} "restoration warning: size of 'files/etc/uci-defaults/50-config-from-mac' is not 503"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
if rm -fr ${lock_dir}
|
|
||||||
then ${echo} "x - removed lock directory ${lock_dir}."
|
|
||||||
else ${echo} "x - failed to remove lock directory ${lock_dir}."
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
exit 0
|
|
Loading…
Reference in a new issue