4 trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
9 # background: upgrading all packages is not recommended because it
10 # doesn't go into the firmware. build new firmware if you want
14 if ! (( $
(date -r $f +%s
) + 60*60*24 > $
(date +%s
) )); then
21 if [[ ! $
(opkg list-installed
"$x") ]]; then
33 cat >/usr
/bin
/arch-pxe-mount
<<'EOFOUTER'
35 # symlinks are collapsed for nfs mount points, so use a bind mount.
36 # tried putting this in /etc/config/fstab,
37 # then doig block mount, it didn't work. This doesn't persist across reboots,
38 # todo: figure that out
39 d=/run/archiso/bootmnt
40 cat > /etc/fstab <<EOF
41 /mnt/usb/tftpboot $d none bind 0 0
43 mount | grep $d &>/dev/null || mount $d
44 /etc/init.d/nfsd restart
46 chmod +x
/usr
/bin
/arch-pxe-mount
49 # changing login shell emits spam on ssh single commands & scp
50 # sed -i 's#/bin/ash$#/bin/bash#' /etc/passwd
51 #https://dev.openwrt.org/ticket/13852
57 v pi kmod-usb-storage block-mount kmod-fs-ext4 nfs-kernel-server \
58 tcpdump openvpn-openssl
62 sed -ri "s/option[[:space:]]*encryption[[:space:]]*'?none'?/option encryption psk2\n option key pictionary49/" /etc
/config
/wireless
63 sed -i '/^[[:space:]]*option disabled/d' /etc
/config
/wireless
67 v
/etc
/init.d
/fstab
enable ||
:
69 # rebooting makes mounting work, but comparing lsmod,
70 # i'm guessing this will too. todo, test it.
71 # 255 == module already loaded
72 for mod
in scsi_mod sd_mod
; do v modprobe
$mod ||
[[ $?
== 255 ]]; done
74 # for arch pxe. The default settings in the installer expect to find
75 # the NFS at /run/archiso/bootmnt
76 mkdir
-p /run
/archiso
/bootmnt
78 # todo: at some later time, i found /mnt/usb not mounted, watch to see if
79 # that is the case after running this or rebooting.
80 # wiki says safe to do in case of fstab changes:
81 cedit
/etc
/config
/fstab
<<'EOF' || { v block umount; v block mount; }
82 config global automount
86 config global autoswap
91 option target /mnt/usb
92 option device /dev/sda2
94 option options rw,async,noatime,nodiratime
99 option device /dev/sda1
106 # exportfs -ra wont cut it when its the same path, but now a bind mount
107 cedit
/etc
/exports
<<'EOF' || v /etc/init.d/nfsd restart ||:
108 /mnt/usb 192.168.1.0/255.255.255.0(rw,no_root_squash,insecure,sync,no_subtree_check)
110 /run/archiso/bootmnt 192.168.1.0/255.255.255.0(rw,no_root_squash,insecure,sync,no_subtree_check)
114 v
/etc
/init.d
/portmap start
115 v
/etc
/init.d
/nfsd start
116 v
/etc
/init.d
/portmap
enable
117 v
/etc
/init.d
/nfsd
enable
124 ######### uci example:#######
125 # # https://wiki.openwrt.org/doc/uci
126 # wan_index=$(uci show firewall | sed -rn 's/firewall\.@zone\[([0-9])+\]\.name=wan/\1/p')
127 # wan="firewall.@zone[$wan_index]"
128 # if [[ $(uci get firewall.@forwarding[0].dest) != $forward_dest ]]; then
130 # v uci set firewall.@forwarding[0].dest=$forward_dest
131 # uci commit firewall
132 # firewall_restart=true
137 ########## openvpn exampl
138 ########## missing firewall settings for routing lan
140 # v /etc/init.d/openvpn start
141 # v /etc/init.d/openvpn enable
143 # # from https://wiki.openwrt.org/doc/uci/firewall
144 # # todo: not sure if /etc/init.d/network needs restarting.
145 # # I did, and I had to restart the vpn afterwards.
146 # # This maps a uci interface to a real interface which is
147 # # managed outside of uci.
148 # v cedit /etc/config/network <<'EOF' ||:
149 # config interface 'tun0'
150 # option ifname 'tun0'
151 # option proto 'none'
153 # v cedit /etc/config/openvpn <<'EOF' || v /etc/init.d/openvpn restart
154 # config openvpn my_client_config
156 # option config /etc/openvpn/client.conf
161 v cedit
/etc
/config
/firewall
<<'EOF' || firewall_restart=true
166 option dest_ip 192.168.1.2
177 dnsmasq_restart
=false
178 v cedit
/etc
/hosts
<<EOF || dnsmasq_restart=true
180 192.168.1.2 treetowl faiserver
190 # cant ssh to do when on vpn. some routing/firewall rule or something,
191 # I don't know. I can get there from wrt but not my machine.
192 # but we can get to it from this address, so, good enough.
197 # avoid using the dns servers that my isp tells me about.
198 if [[ $
(uci get dhcp.@dnsmasq
[0].resolvfile
) ]]; then
199 # default is '/tmp/resolv.conf.auto', we switch to the dnsmasq default of
201 v uci delete dhcp.@dnsmasq
[0].resolvfile
207 # useful: http://wiki.openwrt.org/doc/howto/dhcp.dnsmasq
209 v cedit
/etc
/dnsmasq.conf
<<'EOF' || dnsmasq_restart=true
211 ############ updating dns servers ###################3
214 # this says the ip of default gateway and dns server,
215 # but I think they are unneded and default
216 #dhcp-option=3,192.168.1.1
217 #dhcp-option=6,192.168.1.1
221 # results from googling around dnsmasq optimizations
222 # about 50k in memory. router has 62 megs.
223 # in a browsing session, I probably won't ever do 5000 lookups
224 # before the ttl expiration or whatever does expiration.
227 # ask all servers, use the one which responds first.
228 # http://ma.ttwagner.com/make-dns-fly-with-dnsmasq-all-servers/
231 # namebench benchmarks dns servers. google's dns was only
232 # slightly less fast than some others, and I trust it more
233 # to give accurate results, stay relatively fast, and
234 # not do anythin too malicious, so just use that.
235 # download namebench and run it like this:
236 # for x in all regional isp global preferred nearby; do ./namebench.py -s $x -c US -i firefox -m weighted -J 10 -w; echo $x; hr; done
240 server=2001:4860:4860::8888
241 server=2001:4860:4860::8844
244 # to fixup existin ips, on the client you can do
245 # sudo dhclient -r; sudo dhclient <interface-name>
247 # default dhcp range is 100-150
248 dhcp-host=f4:6d:04:02:ed:66,set:treetowl,192.168.1.2,treetowl
249 dhcp-host=00:26:18:97:bb:16,set:frodo,192.168.1.3,frodo
250 dhcp-host=10:78:d2:da:29:22,set:htpc,192.168.1.4,htpc
251 dhcp-host=00:1f:16:16:39:24,set:x2,192.168.1.5,x2
252 # this is so fai can have an explicit name to use for testing,
253 # or else any random machine which did a pxe boot would get
254 # reformatted. The mac is from doing a virt-install, cancelling it,
255 # and copying the generated mac, so it should be randomish.
256 dhcp-host=52:54:00:9c:ef:ad,set:demohost,192.168.1.6,demohost
257 dhcp-host=52:54:00:56:09:f9,set:faiserver,192.168.1.7,faiserver
258 dhcp-host=80:fa:5b:1c:6e:cf,set:tp,192.168.1.8,tp
259 # this is the ip it picks by default if dhcp fails,
260 # so might as well use it.
261 # hostname is the name it uses according to telnet
262 dhcp-host=b4:75:0e:94:29:ca,set:switch9429ca,192.168.1.251,switch9429ca
266 # dhcp-host=,192.168.1.,
268 # Just leave the tftp server up even if we aren't doing pxe boot.
269 # It has no sensitive info.
270 tftp-root=/mnt/usb/tftpboot
273 if $dnsmasq_restart; then
274 v
/etc
/init.d
/dnsmasq restart
277 if $firewall_restart; then
278 v
/etc
/init.d
/firewall restart