AtaraxiaDev/openwrt-auto-extroot
1
0
Fork 0
Code Issues Pull Requests Actions Projects Releases Wiki Activity

some customization

Browse Source
This commit is contained in:
Dmitriy Kholkin 2024-08-09 00:22:16 +03:00
parent 3c30f5f34e
commit 35d7a187cf
Signed by: AtaraxiaDev
GPG Key ID: FD266B810DF48DF2
11 changed files with 224 additions and 274 deletions

1
.gitignore vendored

@ -1,2 +1,3 @@
notes.txt notes.txt
build/ build/
.rootpass

153
README.md

@ -1,152 +1,3 @@
# What # openwrt-auto-extroot
It's a script to build a customized Customized fork of https://github.com/attila-lendvai/openwrt-auto-extroot
[OpenWrt](https://openwrt.org/docs/guide-user/start)
firmware image using
[ImageBuilder](https://openwrt.org/docs/guide-user/additional-software/imagebuilder).
If the generated image is flashed on a router, then during its boot
process it will try to automatically set up
[extroot](https://openwrt.org/docs/guide-user/additional-software/extroot_configuration)
on **any (!)** storage device plugged into the USB port (`/dev/sda`),
including your already working extroot pendrive if you plug it in too
late in the boot process.
# Why
So that e.g. customers can buy a router on their own, download and flash our custom
firmware, plug in a pendrive, and manage their SIP (telephony) node
from our webapp.
I've extracted the generic parts from the above mentioned auto-provision
project because I thought it's useful enough for making it public.
It also serves me well on my own routers ever since then.
# How
You can read more about the underlying technology on the OpenWrt wiki: see e.g. the
[ImageBuilder](https://openwrt.org/docs/guide-user/additional-software/imagebuilder)
page, or the page that lists some other
[ImageBuilder frontends](https://openwrt.org/docs/guide-developer/imagebuilder_frontends).
As for the actual mechanism: custom scripts are baked into the boot
process of the flashed firmware. If the extroot overlay is properly
set up, then these scripts get hidden by it; i.e. they will only be run
when the extroot has failed to mount early in the boot process.
Keep in mind that **this will automatically erase/format any inserted
storage device while the router is in the initial setup phase**!
Unfortunately there's little that can be done at that point to ask the
user for confirmation.
### Building
OpenWrt's ImageBuilder only works on Linux x86_64. To build a firmware, issue the following command:
`./build.sh architecture variant device-profile`, e.g.:
* `./build.sh ath79 generic tplink_tl-wr1043nd-v1`
* `./build.sh ath79 generic tplink_archer-c6-v2`
* `./build.sh ath79 generic tplink_tl-wdr4300-v1`
* `./build.sh bcm53xx generic dlink_dir-885l`
Results will be under `build/openwrt-imagebuilder-${release}-${architecture}-${variant}.Linux-x86_64/bin/`.
To see a list of available targets, run `make info` in the ImageBuilder dir.
If you want to change which OpenWrt version is used, then try editing
the relevant variable(s) in `build.sh`. It's not guaranteed to work
across OpenWrt releases, therefore we keep git branches for the past
releases.
### Setup stages
Blinking leds show which phase the extroot setup scripts are in. Consult the
sources for details: [autoprovision-functions.sh](image-extras/common/root/autoprovision-functions.sh#L49).
#### Stage 1: setup extroot
When the custom firmware first boots, the autoprovision script will
wait for anything (!) in `/dev/sda` to show up (that is >= 512M), then erase
it and set up a `swap`, an `extroot`, and a `data`filesystem (for the remaining
space), and then reboot.
#### Stage 2: download and install some packages from the internet
Once it rebooted into the new extroot, it will continuously keep trying to install
some OpenWrt packages until an internet connection is set up on the router. You
need to do that manually either by using ssh or the web UI (LuCI).
#### Stage 3, optional
We also have a 3rd stage, written in Python, but it's commented out here.
Search for `autoprovision-stage3.py` to see how it's done.
### Login
After flashing the firmware the router will have the standard
`192.168.1.1` IP address.
By default the root passwd is not set, so the router will start telnet with
no password. If you want to set up a password, then edit the stage 2 script:
[autoprovision-stage2.sh](image-extras/common/root/autoprovision-stage2.sh#L53).
If a password is set, then telnet is disabled by OpenWrt and SSH will listen
using the keys specified in [authorized_keys](image-extras/common/etc/dropbear/authorized_keys).
Once connected, you can read the log with `logread -f`.
# Status
This is more of a template than something standalone, but I use it for
my home routers as is. For more specific applications you most
probably want to customize this script here and there; search for
`CUSTOMIZE` for places of interest.
Most importantly, **set up a password and maybe add your ssh key** by
adding it to `image-extras/common/etc/dropbear/authorized_keys`.
None of this script is hardware specific except `setLedAttribute`,
which is used to provide feedback about the progress of the initial
setup phase. At the time of writing it only works on a few routers
(mostly `ath79` ones), but without this everything should work fine,
if only a bit less convenient.
# Troubleshooting
## Which file should I flash?
You should consult the [OpenWrt documentation](https://openwrt.org/docs/guide-user/start).
The produced firmware files should be somewhere around
```./build/openwrt-imagebuilder-21.02.0-ath79-generic.Linux-x86_64/bin/targets/ath79/generic/```.
In short:
* You need a file with the name ```-factory.bin``` or ```-sysupgrade.bin```. The former is to
be used when you first install OpenWrt, the latter is when you upgrade an already installed
OpenWrt.
* You must carefully pick the proper firmware file for your **hardware version**! I advise you
to look up the wiki page for your hardware on the [OpenWrt wiki](https://openwrt.org),
because most of them have a table of the released hardware versions with comments on their
status (sometimes new hardware revisions are only supported by the latest OpenWrt, which is
not released yet).
## Help! The build has finished but there's no firmware file!
If the build doesn't yield a firmware file (```*-factory.bin``` and/or ```*-sysupgrade.bin```):
when there's not enough space in the flash memory of the target device to install everything
then the OpenWrt ImageBuilder prints a hardly visible error into its flow of output and
silently continues. Look into [build.sh](build.sh#L31) and try to remove some packages
that you can live without.
## Extroot is not mounted after a `sysupgrade`
In short, this is an OpenWrt issue, and the solution is to mount the extroot
somewhere, and delete `/etc/.extroot-uuid`. More details are available in
[this issue](https://github.com/attila-lendvai/openwrt-auto-extroot/issues/12),
and a way to deal with it can be found in
[this blog post](https://blog.mbirth.de/archives/2014/05/26/openwrt-sysupgrade-with-extroot.html).
You may also want to check out the
[official OpenWrt wiki](https://openwrt.org/docs/guide-user/additional-software/extroot_configuration#system_upgrade)
on this topic.

71
build.sh

@ -14,26 +14,32 @@ BUILD="$(dirname "${0}")/build/"
BUILD="$(readlink -f "${BUILD}")" BUILD="$(readlink -f "${BUILD}")"
### ###
### chose a release ### chose a release or "SNAPSHOT"
### ###
RELEASE="23.05.2" RELEASE="23.05.4"
if [ RELEASE = "SNAPSHOT" ]; then
IMGBUILDER_NAME="openwrt-imagebuilder-${TARGET_ARCHITECTURE}-${TARGET_VARIANT}.Linux-x86_64"
IMGBUILDER_ARCHIVE="${IMGBUILDER_NAME}.tar.zst"
HOME_URL="/home/ataraxia/projects/openwrt-snapshot/r27082-b733b6acb5"
IMGBUILDERURL="${HOME_URL}/snapshots/targets/${TARGET_ARCHITECTURE}/${TARGET_VARIANT}/${IMGBUILDER_ARCHIVE}"
else
IMGBUILDER_NAME="openwrt-imagebuilder-${RELEASE}-${TARGET_ARCHITECTURE}-${TARGET_VARIANT}.Linux-x86_64"
IMGBUILDER_ARCHIVE="${IMGBUILDER_NAME}.tar.xz"
HOME_URL=""
IMGBUILDERURL="https://downloads.openwrt.org/releases/${RELEASE}/targets/${TARGET_ARCHITECTURE}/${TARGET_VARIANT}/${IMGBUILDER_ARCHIVE}"
fi
IMGBUILDER_NAME="openwrt-imagebuilder-${RELEASE}-${TARGET_ARCHITECTURE}-${TARGET_VARIANT}.Linux-x86_64"
IMGBUILDER_DIR="${BUILD}/${IMGBUILDER_NAME}" IMGBUILDER_DIR="${BUILD}/${IMGBUILDER_NAME}"
IMGBUILDER_ARCHIVE="${IMGBUILDER_NAME}.tar.xz"
IMGTEMPDIR="${BUILD}/image-extras" IMGTEMPDIR="${BUILD}/image-extras"
# see this feature request:
# FS#1670 - consistent naming convention for the imagebuilder.tar.xz URL
# https://bugs.openwrt.org/index.php?do=details&task_id=1670
IMGBUILDERURL="https://downloads.openwrt.org/releases/${RELEASE}/targets/${TARGET_ARCHITECTURE}/${TARGET_VARIANT}/${IMGBUILDER_ARCHIVE}"
if [ -z ${TARGET_DEVICE} ]; then if [ -z ${TARGET_DEVICE} ]; then
echo "Usage: $0 architecture variant device-profile" echo "Usage: $0 architecture variant device-profile"
echo " e.g.: $0 ath79 generic tplink_tl-wr1043nd-v1" echo " e.g.: $0 ath79 generic tplink_tl-wr1043nd-v1"
echo " $0 ath79 generic tplink_archer-c6-v2" echo " $0 ath79 generic tplink_archer-c6-v2"
echo " $0 ath79 generic tplink_tl-wdr4300-v1" echo " $0 ath79 generic tplink_tl-wdr4300-v1"
echo " $0 bcm53xx generic dlink_dir-885l" echo " $0 ipq40xx mikrotik mikrotik_hap-ac2"
echo " to get a list of supported devices issue a 'make info' in the OpenWRT image builder directory:" echo " to get a list of supported devices issue a 'make info' in the OpenWRT image builder directory:"
echo " '${IMGBUILDER_DIR}'" echo " '${IMGBUILDER_DIR}'"
echo " the build results will be under '${IMGBUILDER_DIR}/bin/targets/'" echo " the build results will be under '${IMGBUILDER_DIR}/bin/targets/'"
@ -41,33 +47,44 @@ if [ -z ${TARGET_DEVICE} ]; then
fi fi
# the absolute minimum for extroot to work at all (i.e. when the disk is already set up, for example by hand). # the absolute minimum for extroot to work at all (i.e. when the disk is already set up, for example by hand).
# this list may be smaller and/or different for your router, but it works with my ath79. PREINSTALLED_PACKAGES="block-mount kmod-fs-f2fs kmod-usb-storage"
# blockdev is needed to re-read the partition table using `blockdev --rereadpt /dev/sdX`
PREINSTALLED_PACKAGES="block-mount kmod-fs-ext4 kmod-usb-storage blockdev"
# some kernel modules may also be needed for your hardware
#PREINSTALLED_PACKAGES+=" kmod-usb-uhci kmod-usb-ohci"
# these are needed for the proper functioning of the auto extroot scripts # these are needed for the proper functioning of the auto extroot scripts
PREINSTALLED_PACKAGES+=" blkid mount-utils swap-utils e2fsprogs fdisk" # blockdev is needed to re-read the partition table using `blockdev --rereadpt /dev/sdX`
PREINSTALLED_PACKAGES+=" mount-utils swap-utils sgdisk blockdev f2fs-tools"
# the following packages are optional, feel free to (un)comment them # the following packages are optional, feel free to (un)comment them
PREINSTALLED_PACKAGES+=" wireless-tools firewall4" PREINSTALLED_PACKAGES+=" zram-swap kmod-lib-lz4 logrotate dnsmasq-full"
PREINSTALLED_PACKAGES+=" kmod-usb-storage-extras kmod-mmc"
PREINSTALLED_PACKAGES+=" ppp ppp-mod-pppoe ppp-mod-pppol2tp ppp-mod-pptp kmod-ppp kmod-pppoe"
PREINSTALLED_PACKAGES+=" luci"
# you exclude packages with this to shrink the image for # you exclude packages with this to shrink the image for routers with smaller flash storage.
# routers with smaller flash storage. SAVE_SPACE_PACKAGES=" -ppp -ppp-mod-pppoe -dnsmasq -luci"
# SAVE_SPACE_PACKAGES=" -ppp -ppp-mod-pppoe -ip6tables -odhcp6c -kmod-ipv6 -kmod-ip6tables -ath10k"
SAVE_SPACE_PACKAGES=""
PREINSTALLED_PACKAGES+=${SAVE_SPACE_PACKAGES} PREINSTALLED_PACKAGES+=${SAVE_SPACE_PACKAGES}
# these packages would be autoprovisioned in stage2
# LuCi + some utilities
AUTOPROVISIONED_PACKAGES="luci rsync bottom drill luci-proto-wireguard kmod-nf-nathelper-extra kmod-ipt-conntrack-extra"
# AUTOPROVISIONED_PACKAGES="lua luci rsync diffutils bottom drill"
# # Wireguard + Proxies + PBR
# AUTOPROVISIONED_PACKAGES+=" luci-proto-wireguard sing-box xray-core dnscrypt-proxy2 pbr luci-app-pbr"
# # PPTP
# AUTOPROVISIONED_PACKAGES+=" ppp-mod-pptp kmod-pptp kmod-nf-nathelper-extra kmod-ipt-conntrack-extra luci-proto-ppp"
mkdir -pv "${BUILD}" mkdir -pv "${BUILD}"
rm -rf "${IMGTEMPDIR}" rm -rf "${IMGTEMPDIR}"
cp -r image-extras/common/ "${IMGTEMPDIR}" cp -r image-extras/common/ "${IMGTEMPDIR}"
# Setup root password
if [ -f .rootpass ]; then
rootpass=$(cat .rootpass)
sed -i "s/ROOT_PASS/\"${rootpass}\"/" "${IMGTEMPDIR}/root/autoprovision-stage2.sh"
else
sed -i "s/ROOT_PASS/\"\"/" "${IMGTEMPDIR}/root/autoprovision-stage2.sh"
fi
# Setup autoprovisioned pkgs
sed -i "s/AUTOPROVISIONED_PACKAGES/${AUTOPROVISIONED_PACKAGES}/" "${IMGTEMPDIR}/root/autoprovision-stage2.sh"
PER_PLATFORM_IMAGE_EXTRAS="image-extras/${TARGET_DEVICE}/" PER_PLATFORM_IMAGE_EXTRAS="image-extras/${TARGET_DEVICE}/"
if [ -e "${PER_PLATFORM_IMAGE_EXTRAS}" ]; then if [ -e "${PER_PLATFORM_IMAGE_EXTRAS}" ]; then
rsync -pr "${PER_PLATFORM_IMAGE_EXTRAS}" "${IMGTEMPDIR}/" rsync -pr "${PER_PLATFORM_IMAGE_EXTRAS}" "${IMGTEMPDIR}/"
@ -78,6 +95,10 @@ if [ ! -e "${IMGBUILDER_DIR}" ]; then
# --no-check-certificate if needed # --no-check-certificate if needed
wget --continue "${IMGBUILDERURL}" wget --continue "${IMGBUILDERURL}"
xz -d <"${IMGBUILDER_ARCHIVE}" | tar vx xz -d <"${IMGBUILDER_ARCHIVE}" | tar vx
# cp "${IMGBUILDERURL}" ./
# zstd -d "${IMGBUILDER_ARCHIVE}" --stdout | tar xvf -
# sed -i "s|https://downloads.openwrt.org|file://${HOME_URL}|" "${IMGBUILDER_DIR}/repositories.conf"
popd popd
fi fi

65
default.nix

@ -1,19 +1,50 @@
{ pkgs ? import <nixpkgs> {} }: { pkgs ? import <nixpkgs> {}
, extraPkgs ? []
}:
pkgs.mkShell { let
buildInputs = with pkgs; [ fixWrapper = pkgs.runCommand "fix-wrapper" {} ''
coreutils posix_man_pages bash-completion less mkdir -p $out/bin
gitFull diffutils for i in ${pkgs.gcc.cc}/bin/*-gnu-gcc*; do
gnumake which ln -s ${pkgs.gcc}/bin/gcc $out/bin/$(basename "$i")
ncurses perl python2 python3 done
for i in ${pkgs.gcc.cc}/bin/*-gnu-{g++,c++}*; do
# keep this line if you use bash ln -s ${pkgs.gcc}/bin/g++ $out/bin/$(basename "$i")
bashInteractive done
];
shellHook =
''
alias ..='cd ..'
alias ...='cd ../..'
''; '';
}
fhs = pkgs.buildFHSUserEnv {
name = "openwrt-env";
targetPkgs = pkgs: with pkgs; [
git
perl
gnumake
gcc
unzip
util-linux
(python312.withPackages(ps: with ps; [ distutils ]))
rsync
patch
wget
file
subversion
which
pkg-config
openssl
fixWrapper
systemd
binutils
ncurses
zlib
zlib.static
glibc.static
] ++ extraPkgs;
multiPkgs = null;
extraOutputsToInstall = [ "dev" ];
profile = ''
export hardeningDisable=all
'';
runScript = "zsh";
};
in fhs.env

4
image-extras/common/etc/config/fstab

@ -13,7 +13,7 @@ config swap
config mount config mount
option target '/overlay' option target '/overlay'
option uuid '05d615b3-bef8-460c-9a23-52db8d09e000' option uuid '05d615b3-bef8-460c-9a23-52db8d09e000'
option fstype 'ext4' option fstype 'f2fs'
option options 'rw,noatime' option options 'rw,noatime'
option enabled '1' option enabled '1'
option enabled_fsck '0' option enabled_fsck '0'
@ -21,7 +21,7 @@ config mount
config mount config mount
option target '/mnt/data' option target '/mnt/data'
option uuid '05d615b3-bef8-460c-9a23-52db8d09e001' option uuid '05d615b3-bef8-460c-9a23-52db8d09e001'
option fstype 'ext4' option fstype 'f2fs'
option options 'rw,noatime' option options 'rw,noatime'
option enabled '1' option enabled '1'
option enabled_fsck '0' option enabled_fsck '0'

0
image-extras/common/etc/dropbear/.gitignore → image-extras/common/root/.ssh/.gitignore vendored

99
image-extras/common/root/autoprovision-stage1.sh

@ -23,7 +23,8 @@ getPendriveSize()
hasBigEnoughPendrive() hasBigEnoughPendrive()
{ {
local size=$(getPendriveSize) local size=$(getPendriveSize)
if [ $size -ge 100000 ]; then # 6GB minimum
if [ $size -ge 12288000 ]; then
log "Found a pendrive of size: $(($size / 2 / 1024)) MB" log "Found a pendrive of size: $(($size / 2 / 1024)) MB"
return 0 return 0
else else
@ -39,9 +40,9 @@ rereadPartitionTable()
setupPendrivePartitions() setupPendrivePartitions()
{ {
log "Erasing partition table" # log "Erasing partition table"
# erase partition table # # erase partition table
dd if=/dev/zero of=/dev/sda bs=1k count=256 # dd if=/dev/zero of=/dev/sda bs=1k count=256
rereadPartitionTable rereadPartitionTable
@ -49,30 +50,12 @@ setupPendrivePartitions()
# sda1 is 'swap' # sda1 is 'swap'
# sda2 is 'root' # sda2 is 'root'
# sda3 is 'data', if there's any space left # sda3 is 'data', if there's any space left
fdisk /dev/sda <<EOF sgdisk --zap-all /dev/sda
o sgdisk -n1:1MiB:+128MiB -t1:8200 /dev/sda
n sgdisk -n2:0:+6144MiB -t2:8300 /dev/sda
p sgdisk -n3:0:0 -t3:8300 /dev/sda
1
+64M log "Finished partitioning /dev/sda using sgdisk"
n
p
2
+512M
n
p
3
t
1
82
w
q
EOF
log "Finished partitioning /dev/sda using fdisk"
rereadPartitionTable rereadPartitionTable
@ -83,8 +66,8 @@ EOF
done done
mkswap -L swap -U $swapUUID /dev/sda1 mkswap -L swap -U $swapUUID /dev/sda1
mkfs.ext4 -F -L root -U $rootUUID /dev/sda2 mkfs.f2fs -f -l root -U $rootUUID /dev/sda2
mkfs.ext4 -F -L data -U $dataUUID /dev/sda3 mkfs.f2fs -f -l data -U $dataUUID /dev/sda3
log "Finished setting up filesystems" log "Finished setting up filesystems"
} }
@ -94,6 +77,8 @@ setupExtroot()
mkdir -p /mnt/extroot/ mkdir -p /mnt/extroot/
mount -U $rootUUID /mnt/extroot mount -U $rootUUID /mnt/extroot
tar -C /overlay -cvf - . | tar -C /mnt/extroot -xf -
overlay_root=/mnt/extroot/upper overlay_root=/mnt/extroot/upper
# at this point we could copy the entire root (a previous version of this script did that), or just the overlay from the flash, # at this point we could copy the entire root (a previous version of this script did that), or just the overlay from the flash,
@ -106,20 +91,56 @@ setupExtroot()
exit 0 exit 0
EOF EOF
# TODO FIXME when this below is enabled then Chaos Calmer doesn't turn on the network and the device remains unreachable
# make sure that we shadow the /var -> /tmp symlink in the new extroot, so that /var becomes persistent across reboots.
# mkdir -p ${overlay_root}/var
# KLUDGE: /var/state is assumed to be transient, so link it to tmp, see https://dev.openwrt.org/ticket/12228
# cd ${overlay_root}/var
# ln -s /tmp state
# cd -
disableStage1 disableStage1
log "Finished setting up extroot" log "Finished setting up extroot"
} }
setupFstab()
{
log "Modify fstab"
ORIG="$(block info | sed -n -e '/MOUNT="\S*\/overlay"/s/:\s.*$//p')"
uci -q delete fstab.swap
uci -q delete fstab.extroot
uci -q delete fstab.data
uci -q delete fstab.rwm
uci set fstab.@global[0]=global
uci set fstab.@global[0].anon_swap="0"
uci set fstab.@global[0].anon_mount="0"
uci set fstab.@global[0].auto_swap="0"
uci set fstab.@global[0].auto_mount="0"
uci set fstab.@global[0].delay_root="10"
uci set fstab.@global[0].check_fs="0"
uci set fstab.@swap[0]=swap
uci set fstab.@swap[0].uuid="${swapUUID}"
uci set fstab.@swap[0].enabled="1"
uci set fstab.extroot=mount
uci set fstab.extroot.uuid="${rootUUID}"
uci set fstab.extroot.target="/overlay"
uci set fstab.extroot.fstype="f2fs"
uci set fstab.extroot.options="rw,noatime"
uci set fstab.extroot.enabled="1"
uci set fstab.extroot.enabled_fsck="0"
uci set fstab.data=mount
uci set fstab.data.uuid="${dataUUID}"
uci set fstab.data.target="/mnt/data"
uci set fstab.data.fstype="f2fs"
uci set fstab.data.options="rw,noatime"
uci set fstab.data.enabled="1"
uci set fstab.data.enabled_fsck="0"
uci set fstab.rwm=mount
uci set fstab.rwm.device="${ORIG}"
uci set fstab.rwm.target="/rwm"
uci set fstab.rwm.enabled="1"
uci set fstab.rwm.enabled_fsck="0"
uci commit fstab
log "Finished modifying fstab"
}
disableStage1() disableStage1()
{ {
# FIXME it would be more future-proof to transform the rc.local file # FIXME it would be more future-proof to transform the rc.local file
@ -159,6 +180,8 @@ autoprovisionStage1()
sleep 1 sleep 1
setupExtroot setupExtroot
# setupFstab
sync sync
stopSignallingAnything stopSignallingAnything
reboot reboot

54
image-extras/common/root/autoprovision-stage2.sh

@ -21,21 +21,20 @@ installPackages()
log "Autoprovisioning stage2 is about to install packages" log "Autoprovisioning stage2 is about to install packages"
# switch ssh from dropbear to openssh (needed to install sshtunnel) # switch ssh from dropbear to openssh (needed to install sshtunnel)
#opkg remove dropbear /etc/init.d/dropbear stop
#opkg install openssh-server openssh-sftp-server sshtunnel opkg remove dropbear
rm -rf /etc/dropbear
#/etc/init.d/sshd enable opkg install openssh-server openssh-sftp-server sshtunnel
#mkdir /root/.ssh
#chmod 0700 /root/.ssh sed -i 's/^#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
#mv /etc/dropbear/authorized_keys /root/.ssh/ chmod 0700 /root/.ssh
#rm -rf /etc/dropbear /etc/init.d/sshd enable
/etc/init.d/sshd restart
# CUSTOMIZE # CUSTOMIZE
# install some more packages that don't need any extra steps # install some more packages that don't need any extra steps
opkg install lua luci ppp-mod-pppoe screen mc unzip logrotate opkg install AUTOPROVISIONED_PACKAGES
# this is needed for the vlans on tp-link 3020 with only a single hw ethernet port
opkg install kmod-macvlan ip
# just in case if we were run in a firmware that didn't already have luci # just in case if we were run in a firmware that didn't already have luci
/etc/init.d/uhttpd enable /etc/init.d/uhttpd enable
@ -60,7 +59,28 @@ autoprovisionStage2()
# please note that stage2 requires internet connection to install packages and you most probably want to log in # please note that stage2 requires internet connection to install packages and you most probably want to log in
# on the GUI to set up a WAN connection. but on the other hand you don't want to end up using a publically # on the GUI to set up a WAN connection. but on the other hand you don't want to end up using a publically
# available default password anywhere, therefore the random here... # available default password anywhere, therefore the random here...
#setRootPassword "" setRootPassword ROOT_PASS
# Setup stangri's repo
echo -e -n 'untrusted comment: OpenWrt usign key of Stan Grishin\nRWR//HUXxMwMVnx7fESOKO7x8XoW4/dRidJPjt91hAAU2L59mYvHy0Fa\n' > /etc/opkg/keys/7ffc7517c4cc0c56
sed -i '/stangri_repo/d' /etc/opkg/customfeeds.conf
echo 'src/gz stangri_repo https://repo.openwrt.melmac.net' >> /etc/opkg/customfeeds.conf
# Preserve opkg list
sed -i -e "/^lists_dir\s/s:/var/opkg-lists$:/usr/lib/opkg/lists:" /etc/opkg.conf
mkdir -p /var/log/archive
# logrotate is complaining without this directory
mkdir -p /var/lib
uci set system.@system[0].log_type=file
uci set system.@system[0].log_file=/var/log/syslog
uci set system.@system[0].log_size=0
uci set system.@system[0].zram_comp_algo="lz4"
# uci set system.@system[0].zram_size_mb="64"
uci set network.lan.ipaddr="10.10.10.1"
uci commit
/etc/init.d/network restart
installPackages installPackages
@ -69,16 +89,6 @@ autoprovisionStage2()
0 0 * * * /usr/sbin/logrotate /etc/logrotate.conf 0 0 * * * /usr/sbin/logrotate /etc/logrotate.conf
EOF EOF
mkdir -p /var/log/archive
# logrotate is complaining without this directory
mkdir -p /var/lib
uci set system.@system[0].log_type=file
uci set system.@system[0].log_file=/var/log/syslog
uci set system.@system[0].log_size=0
uci commit
sync sync
reboot reboot
fi fi

20
image-extras/common/root/local-repo-sync.sh Executable file

@ -0,0 +1,20 @@
#!/bin/sh
. /etc/os-release
REPO_LOCAL="file://${1:-/srv/${ID}}/"
REPO_URL="rsync://rsync.${HOME_URL#*//}"
case "${VERSION_ID}" in
(snapshot) REPO_DIR="downloads/snapshots" ;;
(*) REPO_DIR="downloads/releases/${VERSION_ID}" ;;
esac
REPO_CORE="${REPO_DIR}/targets/${OPENWRT_BOARD}"
REPO_PKGS="${REPO_DIR}/packages/${OPENWRT_ARCH}"
for REPO_DIR in "${REPO_CORE}" "${REPO_PKGS}"; do
mkdir -p "${REPO_LOCAL#*//}${REPO_DIR#*/}"
rsync --bwlimit="8M" --del -r -t -v \
"${REPO_URL}${REPO_DIR}/" \
"${REPO_LOCAL#*//}${REPO_DIR#*/}/"
done

12
image-extras/common/root/set-local-repo.sh Executable file

@ -0,0 +1,12 @@
#!/bin/sh
. /etc/os-release
# Configure opkg to use local repo
REPO_LOCAL="file://${1:-/srv/${ID}}/"
REPO_URL="https://downloads.${HOME_URL#*//}"
sed -i -e "s|${REPO_URL}|${REPO_LOCAL}|" /etc/opkg/distfeeds.conf
# Share the repository on the LAN
ln -f -s ${REPO_LOCAL#*//} /www/${ID}
opkg update

19
manifest.scm

@ -1,19 +0,0 @@
;; This is the complete list of Guix packages necessary for building.
;;
;; The following shell command will run the tests:
;;
;; guix shell -m manifest.scm --pure -- ./build.sh ath79 generic tplink_tl-wdr4300-v1
;;
;; TODO ...ideally. some dependencies are not listed, and it fails when using --pure
(specifications->manifest
'("coreutils"
"bash"
"make"
"perl"
"gcc-toolchain"
"git"
"git:gui"
;; "man-pages"
"less"
"time"))