From a967f49f8dbb38323094c440b89923f375b7b255 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Gr=C3=B6ber?= Date: Wed, 4 Oct 2017 18:52:03 +0200 Subject: [PATCH] Automate access-point image build --- .gitignore | 2 + build-image.sh | 60 ++ control/tl-wr841-v10 | 11 + doc-ap-reinstall.txt | 684 ++++++++++++++++++ doc-ap-reset.txt | 2 + files/tl-wr841-v10/etc/collectd.conf | 30 + files/tl-wr841-v10/etc/config/dhcp | 17 + files/tl-wr841-v10/etc/config/dropbear | 5 + files/tl-wr841-v10/etc/config/firewall | 5 + files/tl-wr841-v10/etc/config/network | 32 + files/tl-wr841-v10/etc/config/system | 48 ++ files/tl-wr841-v10/etc/config/ubootenv | 0 files/tl-wr841-v10/etc/config/wireless | 15 + .../tl-wr841-v10/etc/dropbear/authorized_keys | 1 + .../iface/10-disable-wifi-when-uplink-gone | 20 + .../etc/uci-defaults/50-config-from-mac | 23 + .../tl-wr841-v10/etc/uci-defaults/51-secrets | 1 + 17 files changed, 956 insertions(+) create mode 100644 .gitignore create mode 100755 build-image.sh create mode 100644 control/tl-wr841-v10 create mode 100644 doc-ap-reinstall.txt create mode 100644 doc-ap-reset.txt create mode 100644 files/tl-wr841-v10/etc/collectd.conf create mode 100644 files/tl-wr841-v10/etc/config/dhcp create mode 100644 files/tl-wr841-v10/etc/config/dropbear create mode 100644 files/tl-wr841-v10/etc/config/firewall create mode 100644 files/tl-wr841-v10/etc/config/network create mode 100644 files/tl-wr841-v10/etc/config/system create mode 100644 files/tl-wr841-v10/etc/config/ubootenv create mode 100644 files/tl-wr841-v10/etc/config/wireless create mode 100644 files/tl-wr841-v10/etc/dropbear/authorized_keys create mode 100644 files/tl-wr841-v10/etc/hotplug.d/iface/10-disable-wifi-when-uplink-gone create mode 100755 files/tl-wr841-v10/etc/uci-defaults/50-config-from-mac create mode 120000 files/tl-wr841-v10/etc/uci-defaults/51-secrets diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..103c816 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +build/ +dl/ diff --git a/build-image.sh b/build-image.sh new file mode 100755 index 0000000..1866f55 --- /dev/null +++ b/build-image.sh @@ -0,0 +1,60 @@ +#!/bin/sh + +[ $# -ge 1 ] || exit 1 +CONTROL="$1"; shift +IMAGEBUILDER_URL=${IMAGEBUILDER_URL:-http://downloads.lede-project.org/snapshots/targets/ar71xx/generic/lede-imagebuilder-ar71xx-generic.Linux-x86_64.tar.xz} + +TOPDIR="$PWD" +DLDIR=${DLDIR:-"dl"} +BUILDDIR=${BUILDDIR:-"build"} +IMAGEDIR=${IMAGEDIR:-"images"} + +mkdir -p "$DLDIR" +mkdir -p "$BUILDDIR"; rm -rf "$BUILDDIR"/* +mkdir -p "$IMAGEDIR" + +VERSION="$(basename "$(git describe --always --tags --dirty --match 'access-points/*')")" +IMAGEDIR="$IMAGEDIR"/"$VERSION" +mkdir "$IMAGEDIR" + +imagebuilder="$(basename "$IMAGEBUILDER_URL")" + +( + cd "$DLDIR" + wget --continue "$IMAGEBUILDER_URL" -O "$imagebuilder" +) + +tar -C "$BUILDDIR" -axf "$DLDIR"/"$imagebuilder" + +IMAGEBUILDER_DIR="$BUILDDIR"/"$(tar -atf "$DLDIR"/"$imagebuilder" | head -n1)" + +image="lede-ar71xx-generic-tl-wr841-v10-squashfs-sysupgrade.bin" + + +( + IFS=' +' + export PROFILE PACKAGES + . "$CONTROL" + + tmp=$(mktemp --tmpdir -d files.XXXXXXXXX) + + cp -aLTv "$TOPDIR/$FILES" "$tmp" + echo "$VERSION" > "$tmp"/etc/its-access-point-version + + cd "$IMAGEBUILDER_DIR" + make image FILES="$tmp" +) + +cp "$IMAGEBUILDER_DIR"/bin/targets/ar71xx/generic/"$image" "$IMAGEDIR"/ + +{ + printf '%s\n' "Date: $(date -R)" + printf '%s\n' "Image-Builder: $IMAGEBUILDER_URL" + printf '%s\n' + printf 'Checksums-Sha512:\n' + { + ( cd "$DLDIR" ; sha512sum "$imagebuilder" ) + ( cd "$IMAGEDIR"; sha512sum "$image") + } | sed 's/^/ /' +} > "$IMAGEDIR"/image-manifest diff --git a/control/tl-wr841-v10 b/control/tl-wr841-v10 new file mode 100644 index 0000000..67dc39e --- /dev/null +++ b/control/tl-wr841-v10 @@ -0,0 +1,11 @@ +PROFILE=tl-wr841-v10 +FILES=files/tl-wr841-v10 +PACKAGES=' + collectd + collectd-mod-wireless + collectd-mod-interface + collectd-mod-load + collectd-mod-network + -firewall + -ip6tables + -kmod-ip6tables' diff --git a/doc-ap-reinstall.txt b/doc-ap-reinstall.txt new file mode 100644 index 0000000..81ea13f --- /dev/null +++ b/doc-ap-reinstall.txt @@ -0,0 +1,684 @@ +# Reinstall guide for Openwrt based APs (TL-WR841N/ND) +# ==================================================== + +alias $=true # make sure this file is a valid shell script + +$ wget https://downloads.openwrt.org/snapshots/trunk/ar71xx/generic/OpenWrt-ImageBuilder-ar71xx-generic.Linux-x86_64.tar.bz2 + +$ tar -xf OpenWrt-ImageBuilder-ar71xx-generic.Linux-x86_64.tar.bz2 + +$ cd OpenWrt-ImageBuilder-ar71xx-generic.Linux-x86_64/ + +$ sh /doc-ap-reinstall.txt # yes, seriously + +$ make image PROFILE=TLWR841 FILES=files/ PACKAGES="collectd collectd-mod-wireless collectd-mod-interface collectd-mod-load collectd-mod-network -firewall -ip6tables -kmod-ip6tables" + +# Now you should get the binary for flashing at: +# bin/ar71xx/openwrt-ar71xx-generic-tl-wr841n-v10-squashfs-sysupgrade.bin + +# If your ssh key is in the config you can now connect to any LAN port (orange) +# on the AP, trigger a failsafe reset, scp the image into /tmp and flash the AP (see below). +# If it's not just add it to files/etc/dropbear/authorized_keys before running make + +# 1) trigger factory reset (deletes /dev/mtdblock3, i.e. /overlay): +$ firstboot -y +# type 'y' and ENTER +$ reboot -f + +# 2) wait for the router to come back up, do the failsafe mode dance again +# finally and copy the image there: + +$ scp bin/ar71xx/openwrt-ar71xx-generic-tl-wr841n-v10-squashfs-sysupgrade.bin root@192.168.1.1:/tmp + +# 3) finally flash the AP: +$ sysupgrade openwrt-*.bin + +# now connect the WAN port (blue) to the correct patch port and make sure this +# is connected to VLAN 2 on SW0 (ports 29,30,31,32,33,34 are for now) + +# WTF? + +# /bin/sh ignores lines that start with '#' and the 'alias' above makes sure '$' +# is not a command that exists, so everything in this file is ignored up the the +# shar(1) archive, neat huh? + +# ---- shar archive follows ---- +#!/bin/sh +# This is a shell archive (produced by GNU sharutils 4.15.2). +# To extract the files from this archive, save it to some FILE, remove +# everything before the '#!/bin/sh' line above, then type 'sh FILE'. +# +lock_dir=_sh06036 +# Made on 2016-06-06 01:42 CEST by . +# Source directory was '/home/dxld/var/build/OpenWrt-ImageBuilder-ar71xx-generic.Linux-x86_64'. +# +# Existing files will *not* be overwritten, unless '-c' is specified. +# +# This shar contains: +# length mode name +# ------ ---------- ------------------------------------------ +# 611 -rw------- files/etc/collectd.conf +# 286 -rw-r--r-- files/etc/config/dhcp +# 136 -rw-r--r-- files/etc/config/dropbear +# 105 -rw-r--r-- files/etc/config/firewall +# 630 -rw-r--r-- files/etc/config/network +# 1063 -rw-r--r-- files/etc/config/system +# 0 -rw-r--r-- files/etc/config/ubootenv +# 325 -rw-r--r-- files/etc/config/wireless +# 390 -rw-r--r-- files/etc/dropbear/authorized_keys +# 503 -rwxr-xr-x files/etc/uci-defaults/50-config-from-mac +# +MD5SUM=${MD5SUM-md5sum} +f=`${MD5SUM} --version | egrep '^md5sum .*(core|text)utils'` +test -n "${f}" && md5check=true || md5check=false +${md5check} || \ + echo 'Note: not verifying md5sums. Consider installing GNU coreutils.' +if test "X$1" = "X-c" +then keep_file='' +else keep_file=true +fi +echo=echo +save_IFS="${IFS}" +IFS="${IFS}:" +gettext_dir= +locale_dir= +set_echo=false + +for dir in $PATH +do + if test -f $dir/gettext \ + && ($dir/gettext --version >/dev/null 2>&1) + then + case `$dir/gettext --version 2>&1 | sed 1q` in + *GNU*) gettext_dir=$dir + set_echo=true + break ;; + esac + fi +done + +if ${set_echo} +then + set_echo=false + for dir in $PATH + do + if test -f $dir/shar \ + && ($dir/shar --print-text-domain-dir >/dev/null 2>&1) + then + locale_dir=`$dir/shar --print-text-domain-dir` + set_echo=true + break + fi + done + + if ${set_echo} + then + TEXTDOMAINDIR=$locale_dir + export TEXTDOMAINDIR + TEXTDOMAIN=sharutils + export TEXTDOMAIN + echo="$gettext_dir/gettext -s" + fi +fi +IFS="$save_IFS" +if (echo "testing\c"; echo 1,2,3) | grep c >/dev/null +then if (echo -n test; echo 1,2,3) | grep n >/dev/null + then shar_n= shar_c=' +' + else shar_n=-n shar_c= ; fi +else shar_n= shar_c='\c' ; fi +f=shar-touch.$$ +st1=200112312359.59 +st2=123123592001.59 +st2tr=123123592001.5 # old SysV 14-char limit +st3=1231235901 + +if touch -am -t ${st1} ${f} >/dev/null 2>&1 && \ + test ! -f ${st1} && test -f ${f}; then + shar_touch='touch -am -t $1$2$3$4$5$6.$7 "$8"' + +elif touch -am ${st2} ${f} >/dev/null 2>&1 && \ + test ! -f ${st2} && test ! -f ${st2tr} && test -f ${f}; then + shar_touch='touch -am $3$4$5$6$1$2.$7 "$8"' + +elif touch -am ${st3} ${f} >/dev/null 2>&1 && \ + test ! -f ${st3} && test -f ${f}; then + shar_touch='touch -am $3$4$5$6$2 "$8"' + +else + shar_touch=: + echo + ${echo} 'WARNING: not restoring timestamps. Consider getting and +installing GNU '\''touch'\'', distributed in GNU coreutils...' + echo +fi +rm -f ${st1} ${st2} ${st2tr} ${st3} ${f} +# +if test ! -d ${lock_dir} ; then : +else ${echo} "lock directory ${lock_dir} exists" + exit 1 +fi +if mkdir ${lock_dir} +then ${echo} "x - created lock directory ${lock_dir}." +else ${echo} "x - failed to create lock directory ${lock_dir}." + exit 1 +fi +# ============= files/etc/collectd.conf ============== +if test ! -d 'files'; then + mkdir 'files' +if test $? -eq 0 +then ${echo} "x - created directory files." +else ${echo} "x - failed to create directory files." + exit 1 +fi +fi +if test ! -d 'files/etc'; then + mkdir 'files/etc' +if test $? -eq 0 +then ${echo} "x - created directory files/etc." +else ${echo} "x - failed to create directory files/etc." + exit 1 +fi +fi +if test -n "${keep_file}" && test -f 'files/etc/collectd.conf' +then +${echo} "x - SKIPPING files/etc/collectd.conf (file already exists)" + +else +${echo} "x - extracting files/etc/collectd.conf (text)" + sed 's/^X//' << 'SHAR_EOF' > 'files/etc/collectd.conf' && +# Config file for collectd. More info: https://collectd.org/ +# Note: Luci statistics will generate a new config and overwrite this file. +X +#Hostname "localhost" +#FQDNLookup true +BaseDir "/var/run/collectd" +Include "/etc/collectd/conf.d" +PIDFile "/var/run/collectd.pid" +PluginDir "/usr/lib/collectd" +TypesDB "/usr/share/collectd/types.db" +Interval 30 +ReadThreads 2 +X +LoadPlugin interface +LoadPlugin load +#LoadPlugin ping +X + +X IgnoreSelected false +X Interface "lan"" + +X +LoadPlugin network + +X Server "sozial.asozial" "25826" +X Forward false + +X +X +LoadPlugin wireless +SHAR_EOF + (set 20 16 03 14 20 20 43 'files/etc/collectd.conf' + eval "${shar_touch}") && \ + chmod 0600 'files/etc/collectd.conf' +if test $? -ne 0 +then ${echo} "restore of files/etc/collectd.conf failed" +fi + if ${md5check} + then ( + ${MD5SUM} -c >/dev/null 2>&1 || ${echo} 'files/etc/collectd.conf': 'MD5 check failed' + ) << \SHAR_EOF +317af4e906f9877fb3942b2c969ec6f8 files/etc/collectd.conf +SHAR_EOF + +else +test `LC_ALL=C wc -c < 'files/etc/collectd.conf'` -ne 611 && \ + ${echo} "restoration warning: size of 'files/etc/collectd.conf' is not 611" + fi +fi +# ============= files/etc/config/dhcp ============== +if test ! -d 'files/etc'; then + mkdir 'files/etc' +if test $? -eq 0 +then ${echo} "x - created directory files/etc." +else ${echo} "x - failed to create directory files/etc." + exit 1 +fi +fi +if test ! -d 'files/etc/config'; then + mkdir 'files/etc/config' +if test $? -eq 0 +then ${echo} "x - created directory files/etc/config." +else ${echo} "x - failed to create directory files/etc/config." + exit 1 +fi +fi +if test -n "${keep_file}" && test -f 'files/etc/config/dhcp' +then +${echo} "x - SKIPPING files/etc/config/dhcp (file already exists)" + +else +${echo} "x - extracting files/etc/config/dhcp (text)" + sed 's/^X//' << 'SHAR_EOF' > 'files/etc/config/dhcp' && +X +config dnsmasq +X option listen 0 +X +config dhcp 'lan' +X option interface 'lan' +X option ignore 1 +X +config dhcp 'wan' +X option interface 'wan' +X option ignore '1' +X +config odhcpd 'odhcpd' +X option maindhcp '0' +X option leasefile '/tmp/hosts/odhcpd' +X option leasetrigger '/usr/sbin/odhcpd-update' +X +SHAR_EOF + (set 20 16 02 18 23 07 05 'files/etc/config/dhcp' + eval "${shar_touch}") && \ + chmod 0644 'files/etc/config/dhcp' +if test $? -ne 0 +then ${echo} "restore of files/etc/config/dhcp failed" +fi + if ${md5check} + then ( + ${MD5SUM} -c >/dev/null 2>&1 || ${echo} 'files/etc/config/dhcp': 'MD5 check failed' + ) << \SHAR_EOF +14380207dcdfc80dcf7ad0f874385a4f files/etc/config/dhcp +SHAR_EOF + +else +test `LC_ALL=C wc -c < 'files/etc/config/dhcp'` -ne 286 && \ + ${echo} "restoration warning: size of 'files/etc/config/dhcp' is not 286" + fi +fi +# ============= files/etc/config/dropbear ============== +if test ! -d 'files/etc/config'; then + mkdir 'files/etc/config' +if test $? -eq 0 +then ${echo} "x - created directory files/etc/config." +else ${echo} "x - failed to create directory files/etc/config." + exit 1 +fi +fi +if test -n "${keep_file}" && test -f 'files/etc/config/dropbear' +then +${echo} "x - SKIPPING files/etc/config/dropbear (file already exists)" + +else +${echo} "x - extracting files/etc/config/dropbear (text)" + sed 's/^X//' << 'SHAR_EOF' > 'files/etc/config/dropbear' && +config dropbear +X option PasswordAuth 'off' +X option RootPasswordAuth 'off' +X option Port '22' +# option BannerFile '/etc/banner' +SHAR_EOF + (set 20 16 02 19 01 22 09 'files/etc/config/dropbear' + eval "${shar_touch}") && \ + chmod 0644 'files/etc/config/dropbear' +if test $? -ne 0 +then ${echo} "restore of files/etc/config/dropbear failed" +fi + if ${md5check} + then ( + ${MD5SUM} -c >/dev/null 2>&1 || ${echo} 'files/etc/config/dropbear': 'MD5 check failed' + ) << \SHAR_EOF +4e428f3d36b40c3de857bf73d3bc27ce files/etc/config/dropbear +SHAR_EOF + +else +test `LC_ALL=C wc -c < 'files/etc/config/dropbear'` -ne 136 && \ + ${echo} "restoration warning: size of 'files/etc/config/dropbear' is not 136" + fi +fi +# ============= files/etc/config/firewall ============== +if test -n "${keep_file}" && test -f 'files/etc/config/firewall' +then +${echo} "x - SKIPPING files/etc/config/firewall (file already exists)" + +else +${echo} "x - extracting files/etc/config/firewall (text)" + sed 's/^X//' << 'SHAR_EOF' > 'files/etc/config/firewall' && +config defaults +X option syn_flood 1 +X option input ACCEPT +X option output ACCEPT +X option forward ACCEPT +SHAR_EOF + (set 20 16 03 14 20 19 47 'files/etc/config/firewall' + eval "${shar_touch}") && \ + chmod 0644 'files/etc/config/firewall' +if test $? -ne 0 +then ${echo} "restore of files/etc/config/firewall failed" +fi + if ${md5check} + then ( + ${MD5SUM} -c >/dev/null 2>&1 || ${echo} 'files/etc/config/firewall': 'MD5 check failed' + ) << \SHAR_EOF +3aca9392cad163a47cd8ed892ad1fbee files/etc/config/firewall +SHAR_EOF + +else +test `LC_ALL=C wc -c < 'files/etc/config/firewall'` -ne 105 && \ + ${echo} "restoration warning: size of 'files/etc/config/firewall' is not 105" + fi +fi +# ============= files/etc/config/network ============== +if test -n "${keep_file}" && test -f 'files/etc/config/network' +then +${echo} "x - SKIPPING files/etc/config/network (file already exists)" + +else +${echo} "x - extracting files/etc/config/network (text)" + sed 's/^X//' << 'SHAR_EOF' > 'files/etc/config/network' && +X +config interface 'loopback' +X option ifname 'lo' +X option proto 'static' +X option ipaddr '127.0.0.1' +X option netmask '255.0.0.0' +X +config interface 'apctl' +X option ifname 'eth1.2' +X option proto 'dhcp' +X +config interface 'lan' +X option type 'bridge' +X option ifname 'eth1' +X option proto 'static' +X +config interface 'recovery' +X option type 'bridge' +X option ifname 'eth0' +X option proto 'static' +X option ipaddr '192.168.1.1' +X option netmask '255.0.0.0' +X +X +config switch +X option name 'switch0' +X option reset '1' +X option enable '1' +X option enable_vlan '1' +X +config switch_vlan +X option device 'switch0' +X option vlan '1' +X option ports '1 2 3 4 0' +SHAR_EOF + (set 20 16 03 14 20 26 56 'files/etc/config/network' + eval "${shar_touch}") && \ + chmod 0644 'files/etc/config/network' +if test $? -ne 0 +then ${echo} "restore of files/etc/config/network failed" +fi + if ${md5check} + then ( + ${MD5SUM} -c >/dev/null 2>&1 || ${echo} 'files/etc/config/network': 'MD5 check failed' + ) << \SHAR_EOF +e953d88ed06acffbef2e9086fa727fd7 files/etc/config/network +SHAR_EOF + +else +test `LC_ALL=C wc -c < 'files/etc/config/network'` -ne 630 && \ + ${echo} "restoration warning: size of 'files/etc/config/network' is not 630" + fi +fi +# ============= files/etc/config/system ============== +if test -n "${keep_file}" && test -f 'files/etc/config/system' +then +${echo} "x - SKIPPING files/etc/config/system (file already exists)" + +else +${echo} "x - extracting files/etc/config/system (text)" + sed 's/^X//' << 'SHAR_EOF' > 'files/etc/config/system' && +X +config system +X option hostname 'ITS-AP-unassigned' +X option timezone 'UTC' +X +config timeserver 'ntp' +X list server '0.openwrt.pool.ntp.org' +X list server '1.openwrt.pool.ntp.org' +X list server '2.openwrt.pool.ntp.org' +X list server '3.openwrt.pool.ntp.org' +X option enabled '1' +X option enable_server '0' +X +config led 'led_wan' +X option name 'WAN' +X option sysfs 'tp-link:green:wan' +X option trigger 'netdev' +X option mode 'link tx rx' +X option dev 'eth1' +X +config led 'led_lan1' +X option name 'LAN1' +X option sysfs 'tp-link:green:lan1' +X option trigger 'switch0' +X option port_mask '0x10' +X +config led 'led_lan2' +X option name 'LAN2' +X option sysfs 'tp-link:green:lan2' +X option trigger 'switch0' +X option port_mask '0x08' +X +config led 'led_lan3' +X option name 'LAN3' +X option sysfs 'tp-link:green:lan3' +X option trigger 'switch0' +X option port_mask '0x04' +X +config led 'led_lan4' +X option name 'LAN4' +X option sysfs 'tp-link:green:lan4' +X option trigger 'switch0' +X option port_mask '0x02' +X +config led 'led_wlan' +X option name 'WLAN' +X option sysfs 'tp-link:green:wlan' +X option trigger 'phy0tpt' +SHAR_EOF + (set 20 16 03 14 17 41 57 'files/etc/config/system' + eval "${shar_touch}") && \ + chmod 0644 'files/etc/config/system' +if test $? -ne 0 +then ${echo} "restore of files/etc/config/system failed" +fi + if ${md5check} + then ( + ${MD5SUM} -c >/dev/null 2>&1 || ${echo} 'files/etc/config/system': 'MD5 check failed' + ) << \SHAR_EOF +9473b26be0e31d238df7fb716f2b4964 files/etc/config/system +SHAR_EOF + +else +test `LC_ALL=C wc -c < 'files/etc/config/system'` -ne 1063 && \ + ${echo} "restoration warning: size of 'files/etc/config/system' is not 1063" + fi +fi +# ============= files/etc/config/ubootenv ============== +if test -n "${keep_file}" && test -f 'files/etc/config/ubootenv' +then +${echo} "x - SKIPPING files/etc/config/ubootenv (file already exists)" + +else +${echo} "x - extracting files/etc/config/ubootenv (empty)" + > 'files/etc/config/ubootenv' && + (set 20 16 02 07 15 30 04 'files/etc/config/ubootenv' + eval "${shar_touch}") && \ + chmod 0644 'files/etc/config/ubootenv' +if test $? -ne 0 +then ${echo} "restore of files/etc/config/ubootenv failed" +fi + if ${md5check} + then ( + ${MD5SUM} -c >/dev/null 2>&1 || ${echo} 'files/etc/config/ubootenv': 'MD5 check failed' + ) << \SHAR_EOF +d41d8cd98f00b204e9800998ecf8427e files/etc/config/ubootenv +SHAR_EOF + +else +test `LC_ALL=C wc -c < 'files/etc/config/ubootenv'` -ne 0 && \ + ${echo} "restoration warning: size of 'files/etc/config/ubootenv' is not 0" + fi +fi +# ============= files/etc/config/wireless ============== +if test -n "${keep_file}" && test -f 'files/etc/config/wireless' +then +${echo} "x - SKIPPING files/etc/config/wireless (file already exists)" + +else +${echo} "x - extracting files/etc/config/wireless (text)" + sed 's/^X//' << 'SHAR_EOF' > 'files/etc/config/wireless' && +config wifi-device radio0 +X option type mac80211 +X option channel 11 +X option hwmode 11g +X option path 'platform/qca953x_wmac' +X option htmode HT20 +X +config wifi-iface +X option device radio0 +X option network lan +X option mode ap +X option ssid it-syndikat +X option encryption psk2 +X option key '' +SHAR_EOF + (set 20 16 06 06 01 41 58 'files/etc/config/wireless' + eval "${shar_touch}") && \ + chmod 0644 'files/etc/config/wireless' +if test $? -ne 0 +then ${echo} "restore of files/etc/config/wireless failed" +fi + if ${md5check} + then ( + ${MD5SUM} -c >/dev/null 2>&1 || ${echo} 'files/etc/config/wireless': 'MD5 check failed' + ) << \SHAR_EOF +06b38e06f26ea56e8a8e5f51a6566ff8 files/etc/config/wireless +SHAR_EOF + +else +test `LC_ALL=C wc -c < 'files/etc/config/wireless'` -ne 325 && \ + ${echo} "restoration warning: size of 'files/etc/config/wireless' is not 325" + fi +fi +# ============= files/etc/dropbear/authorized_keys ============== +if test ! -d 'files/etc/dropbear'; then + mkdir 'files/etc/dropbear' +if test $? -eq 0 +then ${echo} "x - created directory files/etc/dropbear." +else ${echo} "x - failed to create directory files/etc/dropbear." + exit 1 +fi +fi +if test -n "${keep_file}" && test -f 'files/etc/dropbear/authorized_keys' +then +${echo} "x - SKIPPING files/etc/dropbear/authorized_keys (file already exists)" + +else +${echo} "x - extracting files/etc/dropbear/authorized_keys (text)" + sed 's/^X//' << 'SHAR_EOF' | uudecode && +begin 600 files/etc/dropbear/authorized_keys +MF%#,7EC,D5!04%!1$%104)!04%"05%#,41B=VMS +M>75-,FE652]M4U-18CAF8U14,W-M3T1Y96%Z=%!V<&8Q94\T.61N-$UE8T%C +M534X>G$R9S1$2W5M0S5Q,6)#&%D-$UR-&EX=3!(83A6;S1#3$-F1'AC07A::%EU;$%X;E!D,G4UV>$]Z,5)R>C%4=4\X.79M +M+U9L,5`K:TE&4W1O0G-%955(."M9<75)4'50<6=Q,V0V2"MI538X3DYT8G!9 +M07=-2E,S,'5M-'5H=2]X3R]62&-L0V%F<4]U47994FMJ0DI!4DY0;4UL+T15 +>8VET:$Y#5S)!=D1C=$IS6G!",6P@9'AL9$!%;&D* +` +end +SHAR_EOF + (set 20 16 02 19 01 22 39 'files/etc/dropbear/authorized_keys' + eval "${shar_touch}") && \ + chmod 0644 'files/etc/dropbear/authorized_keys' +if test $? -ne 0 +then ${echo} "restore of files/etc/dropbear/authorized_keys failed" +fi + if ${md5check} + then ( + ${MD5SUM} -c >/dev/null 2>&1 || ${echo} 'files/etc/dropbear/authorized_keys': 'MD5 check failed' + ) << \SHAR_EOF +9641a516022df2dc59a071c9d16be7aa files/etc/dropbear/authorized_keys +SHAR_EOF + +else +test `LC_ALL=C wc -c < 'files/etc/dropbear/authorized_keys'` -ne 390 && \ + ${echo} "restoration warning: size of 'files/etc/dropbear/authorized_keys' is not 390" + fi +fi +# ============= files/etc/uci-defaults/50-config-from-mac ============== +if test ! -d 'files/etc/uci-defaults'; then + mkdir 'files/etc/uci-defaults' +if test $? -eq 0 +then ${echo} "x - created directory files/etc/uci-defaults." +else ${echo} "x - failed to create directory files/etc/uci-defaults." + exit 1 +fi +fi +if test -n "${keep_file}" && test -f 'files/etc/uci-defaults/50-config-from-mac' +then +${echo} "x - SKIPPING files/etc/uci-defaults/50-config-from-mac (file already exists)" + +else +${echo} "x - extracting files/etc/uci-defaults/50-config-from-mac (text)" + sed 's/^X//' << 'SHAR_EOF' > 'files/etc/uci-defaults/50-config-from-mac' && +#!/bin/sh +set -e +X +mac=$(cat /sys/class/net/eth1/address) +X +hostname= +channel= +if [ "$mac" = 60:e3:27:b8:16:ed ]; then +X hostname=cz-ap0 +X channel=6 +elif [ "$mac" = 60:e3:27:b8:09:db ]; then +X hostname=cz-ap1 +X channel=12 +elif [ "$mac" = 60:e3:27:ed:9b:b1 ]; then +X hostname=cz-ap2 +X channel=1 +fi +X +uci set system.@system[0].hostname=$hostname +uci commit system +uci set wireless.radio0.channel=$channel +uci commit wireless +echo $(uci get system.@system[0].hostname) > /proc/sys/kernel/hostname +SHAR_EOF + (set 20 16 03 20 16 53 15 'files/etc/uci-defaults/50-config-from-mac' + eval "${shar_touch}") && \ + chmod 0755 'files/etc/uci-defaults/50-config-from-mac' +if test $? -ne 0 +then ${echo} "restore of files/etc/uci-defaults/50-config-from-mac failed" +fi + if ${md5check} + then ( + ${MD5SUM} -c >/dev/null 2>&1 || ${echo} 'files/etc/uci-defaults/50-config-from-mac': 'MD5 check failed' + ) << \SHAR_EOF +689a299be8256d569a668704a26d27c3 files/etc/uci-defaults/50-config-from-mac +SHAR_EOF + +else +test `LC_ALL=C wc -c < 'files/etc/uci-defaults/50-config-from-mac'` -ne 503 && \ + ${echo} "restoration warning: size of 'files/etc/uci-defaults/50-config-from-mac' is not 503" + fi +fi +if rm -fr ${lock_dir} +then ${echo} "x - removed lock directory ${lock_dir}." +else ${echo} "x - failed to remove lock directory ${lock_dir}." + exit 1 +fi +exit 0 diff --git a/doc-ap-reset.txt b/doc-ap-reset.txt new file mode 100644 index 0000000..0d1b9fb --- /dev/null +++ b/doc-ap-reset.txt @@ -0,0 +1,2 @@ +Hold reset button for ~25+ sec. LED goes off then starts flashing fast if you +hold it too long it will start flashing slowly and that's no good. diff --git a/files/tl-wr841-v10/etc/collectd.conf b/files/tl-wr841-v10/etc/collectd.conf new file mode 100644 index 0000000..a9b5b55 --- /dev/null +++ b/files/tl-wr841-v10/etc/collectd.conf @@ -0,0 +1,30 @@ +# Config file for collectd. More info: https://collectd.org/ +# Note: Luci statistics will generate a new config and overwrite this file. + +#Hostname "localhost" +#FQDNLookup true +BaseDir "/var/run/collectd" +Include "/etc/collectd/conf.d" +PIDFile "/var/run/collectd.pid" +PluginDir "/usr/lib/collectd" +TypesDB "/usr/share/collectd/types.db" +Interval 30 +ReadThreads 2 + +LoadPlugin interface +LoadPlugin load +#LoadPlugin ping + + + IgnoreSelected false + Interface "lan" + + +LoadPlugin network + + Server "collectd.asozial" "25826" + Forward false + + + +LoadPlugin wireless diff --git a/files/tl-wr841-v10/etc/config/dhcp b/files/tl-wr841-v10/etc/config/dhcp new file mode 100644 index 0000000..d3dc5b8 --- /dev/null +++ b/files/tl-wr841-v10/etc/config/dhcp @@ -0,0 +1,17 @@ + +config dnsmasq + option listen 0 + +config dhcp 'lan' + option interface 'lan' + option ignore 1 + +config dhcp 'wan' + option interface 'wan' + option ignore '1' + +config odhcpd 'odhcpd' + option maindhcp '0' + option leasefile '/tmp/hosts/odhcpd' + option leasetrigger '/usr/sbin/odhcpd-update' + diff --git a/files/tl-wr841-v10/etc/config/dropbear b/files/tl-wr841-v10/etc/config/dropbear new file mode 100644 index 0000000..8bef2d1 --- /dev/null +++ b/files/tl-wr841-v10/etc/config/dropbear @@ -0,0 +1,5 @@ +config dropbear + option PasswordAuth 'off' + option RootPasswordAuth 'off' + option Port '22' +# option BannerFile '/etc/banner' diff --git a/files/tl-wr841-v10/etc/config/firewall b/files/tl-wr841-v10/etc/config/firewall new file mode 100644 index 0000000..e993787 --- /dev/null +++ b/files/tl-wr841-v10/etc/config/firewall @@ -0,0 +1,5 @@ +config defaults + option syn_flood 1 + option input ACCEPT + option output ACCEPT + option forward ACCEPT diff --git a/files/tl-wr841-v10/etc/config/network b/files/tl-wr841-v10/etc/config/network new file mode 100644 index 0000000..e41af30 --- /dev/null +++ b/files/tl-wr841-v10/etc/config/network @@ -0,0 +1,32 @@ +config interface 'loopback' + option ifname 'lo' + option proto 'static' + option ipaddr '127.0.0.1' + option netmask '255.0.0.0' + +config interface 'apctl' + option ifname 'eth1.2' + option proto 'dhcp' + +config interface 'lan' + option type 'bridge' + option ifname 'eth1' + option proto 'static' + +config interface 'recovery' + option type 'bridge' + option ifname 'eth0' + option proto 'static' + option ipaddr '192.168.1.1' + option netmask '255.0.0.0' + +config switch + option name 'switch0' + option reset '1' + option enable '1' + option enable_vlan '1' + +config switch_vlan + option device 'switch0' + option vlan '1' + option ports '1 2 3 4 0' diff --git a/files/tl-wr841-v10/etc/config/system b/files/tl-wr841-v10/etc/config/system new file mode 100644 index 0000000..d554a0d --- /dev/null +++ b/files/tl-wr841-v10/etc/config/system @@ -0,0 +1,48 @@ + +config system + option hostname 'ITS-AP-unassigned' + option timezone 'UTC' + +config timeserver 'ntp' + list server '0.openwrt.pool.ntp.org' + list server '1.openwrt.pool.ntp.org' + list server '2.openwrt.pool.ntp.org' + list server '3.openwrt.pool.ntp.org' + option enabled '1' + option enable_server '0' + +config led 'led_wan' + option name 'WAN' + option sysfs 'tp-link:green:wan' + option trigger 'netdev' + option mode 'link tx rx' + option dev 'eth1' + +config led 'led_lan1' + option name 'LAN1' + option sysfs 'tp-link:green:lan1' + option trigger 'switch0' + option port_mask '0x10' + +config led 'led_lan2' + option name 'LAN2' + option sysfs 'tp-link:green:lan2' + option trigger 'switch0' + option port_mask '0x08' + +config led 'led_lan3' + option name 'LAN3' + option sysfs 'tp-link:green:lan3' + option trigger 'switch0' + option port_mask '0x04' + +config led 'led_lan4' + option name 'LAN4' + option sysfs 'tp-link:green:lan4' + option trigger 'switch0' + option port_mask '0x02' + +config led 'led_wlan' + option name 'WLAN' + option sysfs 'tp-link:green:wlan' + option trigger 'phy0tpt' diff --git a/files/tl-wr841-v10/etc/config/ubootenv b/files/tl-wr841-v10/etc/config/ubootenv new file mode 100644 index 0000000..e69de29 diff --git a/files/tl-wr841-v10/etc/config/wireless b/files/tl-wr841-v10/etc/config/wireless new file mode 100644 index 0000000..cb98dea --- /dev/null +++ b/files/tl-wr841-v10/etc/config/wireless @@ -0,0 +1,15 @@ +config wifi-device radio0 + option type mac80211 + option channel 1 + option hwmode 11g + option path 'platform/qca953x_wmac' + option htmode HT20 + option disabled '1' + +config wifi-iface + option device radio0 + option network lan + option mode ap + option ssid it-syndikat + option encryption psk2 + option key '' diff --git a/files/tl-wr841-v10/etc/dropbear/authorized_keys b/files/tl-wr841-v10/etc/dropbear/authorized_keys new file mode 100644 index 0000000..bccae01 --- /dev/null +++ b/files/tl-wr841-v10/etc/dropbear/authorized_keys @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1DbwksyuM2iVU/mSSQb8fcTT3smODyeaztPvpf1eO49dn4MecAcU58zq2g4DKumC5q1bCrMqphY9ea+USSrYpf+Z++fezOsPxad4Mr4ixu0Ha8Vo4CLCfDxcAxZhYulAxnPd2w8gByIQIUnmGZBGyAXuD0Yxi+2cpn3jGWI1N96cwyhSzY0/QmjfeUbqb+pdiEjm/JTBuo/sBmfJmd9QayMvxOz1Rrz1TuO89vm/Vl1P+kIFStoBsEeUH8+YquIPuPqgq3d6H+iU68NNtbpYAwMJS30um4uhu/xO/VHclCafqOuQvYRkjBJARNPmMl/DUcithNCW2AvDctJsZpB1l dxld@Eli diff --git a/files/tl-wr841-v10/etc/hotplug.d/iface/10-disable-wifi-when-uplink-gone b/files/tl-wr841-v10/etc/hotplug.d/iface/10-disable-wifi-when-uplink-gone new file mode 100644 index 0000000..83afd32 --- /dev/null +++ b/files/tl-wr841-v10/etc/hotplug.d/iface/10-disable-wifi-when-uplink-gone @@ -0,0 +1,20 @@ +#!/bin/sh + +logger -t wifi-uplink hotplug "$DEVICE" "$INTERFACE" "$ACTION" + +# 'lan' doesn't work for some reason +[ "$INTERFACE" = apctl ] || exit 0 + +logger -t wifi-uplink devchange "$DEVICE" "$INTERFACE" "$ACTION" + +[ "$ACTION" = ifup ] && { + logger -t wifi-uplink up "$DEVICE" "$INTERFACE" "$ACTION" + uci set wireless.@wifi-device[0].disabled=0 + wifi +} + +[ "$ACTION" = ifdown ] && { + logger -t wifi-uplink down "$DEVICE" "$INTERFACE" "$ACTION" + wifi down + uci set wireless.@wifi-device[0].disabled=1 +} diff --git a/files/tl-wr841-v10/etc/uci-defaults/50-config-from-mac b/files/tl-wr841-v10/etc/uci-defaults/50-config-from-mac new file mode 100755 index 0000000..e876d66 --- /dev/null +++ b/files/tl-wr841-v10/etc/uci-defaults/50-config-from-mac @@ -0,0 +1,23 @@ +#!/bin/sh +set -e + +mac=$(cat /sys/class/net/wlan0/address) + +hostname= +channel= +if [ "$mac" = 60:e3:27:b8:16:ec ]; then + hostname=cz-ap0 + channel=6 +elif [ "$mac" = 60:e3:27:ed:86:9a ]; then + hostname=cz-ap1 + channel=11 +elif [ "$mac" = 60:e3:27:ed:9b:b0 ]; then + hostname=lz-ap0 + channel=1 +fi + +uci set system.@system[0].hostname=$hostname +uci commit system +uci set wireless.radio0.channel=$channel +uci commit wireless +echo $(uci get system.@system[0].hostname) > /proc/sys/kernel/hostname diff --git a/files/tl-wr841-v10/etc/uci-defaults/51-secrets b/files/tl-wr841-v10/etc/uci-defaults/51-secrets new file mode 120000 index 0000000..e3807b7 --- /dev/null +++ b/files/tl-wr841-v10/etc/uci-defaults/51-secrets @@ -0,0 +1 @@ +../../../../../.git/annex/objects/Vk/8w/SHA256E-s95--196dc6eecef78da77ea459b552dc3e0690f7c8e99007105d9715020ba7c60480/SHA256E-s95--196dc6eecef78da77ea459b552dc3e0690f7c8e99007105d9715020ba7c60480 \ No newline at end of file