iankelling.org
/
git
/
automated-distro-installer
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
431d059
)
wrt setup fixes and improvements
author
Ian Kelling
<iank@fsf.org>
Tue, 12 Mar 2019 20:50:59 +0000
(16:50 -0400)
committer
Ian Kelling
<iank@fsf.org>
Tue, 12 Mar 2019 20:50:59 +0000
(16:50 -0400)
wrt-setup
patch
|
blob
|
history
wrt-setup-local
patch
|
blob
|
history
diff --git
a/wrt-setup
b/wrt-setup
index 746b16f29e84966720cbe21bcb4427b548958d4d..3e71ef5099816bcdc45dd6b76785008ce0ea5819 100755
(executable)
--- a/
wrt-setup
+++ b/
wrt-setup
@@
-23,28
+23,44
@@
x="$(readlink -f "$BASH_SOURCE")"; cd ${x%/*}
usage() {
cat <<EOF
usage() {
cat <<EOF
-usage: ${0##*/} [-h|--help] [HOST/IP]
+usage: ${0##*/} [-h|--help] [
-d|--dev2] [
HOST/IP]
setup my router in general: dhcp, dns, etc.
setup my router in general: dhcp, dns, etc.
+
+dev2 is for setting up a second device for testing etc.
EOF
exit $1
}
h=root@10.0.0.1
EOF
exit $1
}
h=root@10.0.0.1
-if [[ $1 ]]; then
+temp=$(getopt -l help,dev2 h2 "$@") || usage 1
+eval set -- "$temp"
+while true; do
case $1 in
case $1 in
+ -2|--dev2) local_arg=-2; shift ;;
-h|--help) usage ;;
-h|--help) usage ;;
- *) h=root@$1 ;;
+ --) shift; break ;;
+ *) echo "$0: Internal error! unexpected args: $*" ; exit 1 ;;
esac
esac
+done
+
+if (( $# > 1 )); then
+ usage 1
+fi
+
+if [[ $# == 1 ]]; then
+ read h <<<"$@"
fi
cat ~/.ssh/home.pub | ssh $h dd of=/etc/dropbear/authorized_keys 2>/dev/null
scp /a/bin/fai/wrt-setup-local /a/bin/cedit/cedit $h:/usr/bin
fi
cat ~/.ssh/home.pub | ssh $h dd of=/etc/dropbear/authorized_keys 2>/dev/null
scp /a/bin/fai/wrt-setup-local /a/bin/cedit/cedit $h:/usr/bin
+# build for openwrt 18.06.2, r7676-cddd7b4c77
+scp /a/opt/openwrt/source/bin/packages/mips_24kc/mypackages/relay_1.0-1_mips_24kc.ipk $h:
ssh $h <<EOF
if ! opkg list-installed|grep bash; then
opkg update
opkg install bash
fi
export HOME_DOMAIN=$HOME_DOMAIN
ssh $h <<EOF
if ! opkg list-installed|grep bash; then
opkg update
opkg install bash
fi
export HOME_DOMAIN=$HOME_DOMAIN
-wrt-setup-local
+wrt-setup-local
$local_arg
EOF
EOF
diff --git
a/wrt-setup-local
b/wrt-setup-local
index 43628bc8bee6f049a19807c2fc0c549ad45ab01c..e043e7dfaf5b7f6b1249b409cdd6eac8e5568e6c 100755
(executable)
--- a/
wrt-setup-local
+++ b/
wrt-setup-local
@@
-18,6
+18,11
@@
set -eE -o pipefail
trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
set -eE -o pipefail
trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
+dev2=false
+if [[ $1 == -2 ]]; then
+ dev2=true
+fi
+
pmirror() {
# background: upgrading all packages is not recommended because it
# doesn't go into the firmware. build new firmware if you want
pmirror() {
# background: upgrading all packages is not recommended because it
# doesn't go into the firmware. build new firmware if you want
@@
-46,6
+51,10
@@
v() {
###
ssid="check out gnu.org"
lan=10.0.0.0
###
ssid="check out gnu.org"
lan=10.0.0.0
+if $dev2; then
+ ssid="test1"
+ lan=10.1.0.0
+fi
mask=255.255.0.0
l=${lan%.0}
mask=255.255.0.0
l=${lan%.0}
@@
-68,14
+77,9
@@
done
EOFOUTER
chmod +x /usr/bin/archlike-pxe-mount
EOFOUTER
chmod +x /usr/bin/archlike-pxe-mount
-cat >.profile <<'EOF'
-# changing login shell emits spam on ssh single commands & scp
- # sed -i 's#/bin/ash$#/bin/bash#' /etc/passwd
-# https://github.com/openwrt/packages/issues/6137
-[ "$BASH_VERSION" != "" ] || exec /bin/bash -i
-EOF
+sed -i '/^root:/s,/bin/ash$,/bin/bash,' /etc/passwd
v pi kmod-usb-storage block-mount kmod-fs-ext4 nfs-kernel-server \
v pi kmod-usb-storage block-mount kmod-fs-ext4 nfs-kernel-server \
- tcpdump openvpn-openssl adblock
+ tcpdump openvpn-openssl adblock
libusb-compat /root/relay_1.0-1_mips_24kc.ipk
@@
-99,17
+103,20
@@
mkdir -p /run/parabolaiso/bootmnt
## ian: usb broke on old router. if that happens, can just comment this to disable problems
echo | cedit /etc/config/fstab ||:
## ian: usb broke on old router. if that happens, can just comment this to disable problems
echo | cedit /etc/config/fstab ||:
-cedit /etc/config/fstab <<
'EOF'
|| { v block umount; v block mount; }
+cedit /etc/config/fstab <<
EOF
|| { v block umount; v block mount; }
config global automount
option from_fstab 1
option anon_mount 1
config mount
config global automount
option from_fstab 1
option anon_mount 1
config mount
+# /overlay is an / overlay mount for installing extra packages, etc.
+# https://openwrt.org/docs/guide-user/additional-software/extroot_configuration
option target /mnt/usb
option target /mnt/usb
+# option target /overlay
option device /dev/sda1
option fstype ext4
option options rw,async,noatime,nodiratime
option device /dev/sda1
option fstype ext4
option options rw,async,noatime,nodiratime
- option enabled
1
+ option enabled
0
EOF
EOF
@@
-126,7
+133,9
@@
EOF
# exportfs -ra wont cut it when its the same path, but now a bind mount
# exportfs -ra wont cut it when its the same path, but now a bind mount
-cedit /etc/exports <<EOF || v /etc/init.d/nfsd restart ||:
+# todo: restart nfs when nfs is enabled?
+#cedit /etc/exports <<EOF || v /etc/init.d/nfsd restart ||:
+cedit /etc/exports <<EOF ||:
/mnt/usb $lan/$netmask(rw,no_root_squash,insecure,sync,no_subtree_check)
# for arch pxe
/run/archiso/bootmnt $lan/$netmask(rw,no_root_squash,insecure,sync,no_subtree_check)
/mnt/usb $lan/$netmask(rw,no_root_squash,insecure,sync,no_subtree_check)
# for arch pxe
/run/archiso/bootmnt $lan/$netmask(rw,no_root_squash,insecure,sync,no_subtree_check)
@@
-134,10
+143,11
@@
cedit /etc/exports <<EOF || v /etc/init.d/nfsd restart ||:
EOF
EOF
-v /etc/init.d/portmap start
-v /etc/init.d/nfsd start
-v /etc/init.d/portmap enable
-v /etc/init.d/nfsd enable
+# todo: enable nfs when we need it only.
+# v /etc/init.d/portmap start
+# v /etc/init.d/nfsd start
+# v /etc/init.d/portmap enable
+# v /etc/init.d/nfsd enable
@@
-156,29
+166,38
@@
v /etc/init.d/nfsd enable
# fi
# fi
+uset() {
+ local key="$1"
+ local val="$2"
+ local service="${key%%.*}"
+ restart_var=${service}_restart
+ if [[ ! ${!restart_var} ]]; then
+ eval $restart_var=false
+ fi
+ if [[ $(uci get "$key") != "$val" ]]; then
+ v uci set "$key"="$val"
+ uci commit $service
+ eval $restart_var=true
+ fi
+}
+
+uset dropbear.@dropbear[0].PasswordAuth 0
+uset dropbear.@dropbear[0].RootPasswordAuth 0
+uset dropbear.@dropbear[0].Port 2220
+
wireless_restart=false
key=pictionary49
for x in 0 1; do
wireless_restart=false
key=pictionary49
for x in 0 1; do
- if [[ $(uci get wireless.default_radio$x.ssid) != "$ssid" ]]; then
- v uci set wireless.default_radio$x.ssid="$ssid"
- wireless_restart=true
- fi
- if [[ $(uci get wireless.default_radio$x.key) != $key ]]; then
- v uci set wireless.default_radio$x.key=$key
- wireless_restart=true
- fi
- if [[ $(uci get wireless.default_radio$x.encryption) != psk2 ]]; then
- v uci set wireless.default_radio$x.encryption=psk2
- wireless_restart=true
- fi
- if [[ $(uci get wireless.default_radio$x.disabled 2>/dev/null) ]]; then
- v uci delete wireless.default_radio$x.disabled
+ uset wireless.default_radio$x.ssid "$ssid"
+ uset wireless.default_radio$x.key $key
+ uset wireless.default_radio$x.encryption psk2
+ if [[ $(uci get wireless.radio$x.disabled 2>/dev/null) ]]; then
+ v uci delete wireless.radio$x.disabled
wireless_restart=true
fi
done
if $wireless_restart; then
wireless_restart=true
fi
done
if $wireless_restart; then
- uci commit wireless
v wifi
fi
v wifi
fi
@@
-240,6
+259,12
@@
config rule
option target ACCEPT
option dest_port 2222
option target ACCEPT
option dest_port 2222
+config rule
+ option src wan
+ option target ACCEPT
+ option dest_port 2220
+
+
config redirect
option src wan
option src_dport 443
config redirect
option src wan
option src_dport 443
@@
-296,7
+321,6
@@
EOF
dnsmasq_restart=false
dnsmasq_restart=false
-mail_host=$(grep -F mail.iankelling.org /etc/hosts | awk '{print $1}')
v cedit /etc/hosts <<EOF || dnsmasq_restart=true
127.0.1.1 wrt
$l.1 wrt
v cedit /etc/hosts <<EOF || dnsmasq_restart=true
127.0.1.1 wrt
$l.1 wrt
@@
-318,6
+342,7
@@
$l.12 fz
10.173.0.2 transmission
EOF
10.173.0.2 transmission
EOF
+#mail_host=$(grep -F mail.iankelling.org /etc/hosts | awk '{print $1}')
# if [[ $mail_host ]]; then
# sed -i '/^$mail_host/a mail.iankelling.org' /etc/hosts
# fi
# if [[ $mail_host ]]; then
# sed -i '/^$mail_host/a mail.iankelling.org' /etc/hosts
# fi
@@
-332,22
+357,9
@@
if [[ $(uci get dhcp.@dnsmasq[0].resolvfile 2>/dev/null) ]]; then
dnsmasq_restart=true
fi
dnsmasq_restart=true
fi
-if [[ $(uci get dhcp.@dnsmasq[0].domain) != b8.nz ]]; then
- v uci set dhcp.@dnsmasq[0].domain=b8.nz
- uci commit dhcp
- dnsmasq_restart=true
-fi
-if [[ $(uci get dhcp.@dnsmasq[0].local) != /b8.nz/ ]]; then
- v uci set dhcp.@dnsmasq[0].local=/b8.nz/
- uci commit dhcp
- dnsmasq_restart=true
-fi
-
-if [[ $(uci get system.@system[0].hostname) != wrt ]]; then
- v uci set system.@system[0].hostname=wrt
- uci commit system
-fi
-
+uset dhcp.@dnsmasq[0].domain b8.nz
+uset dhcp.@dnsmasq[0].local /b8.nz/
+uset system.@system[0].hostname wrt
if [[ $(uci get adblock.global.adb_enabled) != 1 ]]; then
v uci set adblock.global.adb_enabled=1
if [[ $(uci get adblock.global.adb_enabled) != 1 ]]; then
v uci set adblock.global.adb_enabled=1
@@
-443,20
+455,14
@@
if $firewall_restart; then
v /etc/init.d/firewall restart
fi
v /etc/init.d/firewall restart
fi
+uset network.lan.ipaddr $l.1
+uset network.lan.netmask $mask
-reboot=false
-if [[ $(uci get network.lan.ipaddr) != $l.1 ]]; then
- v uci set network.lan.ipaddr=$l.1
- uci commit network
- reboot=true
+if $network_restart; then
+ reboot
fi
fi
-if [[ $(uci get network.lan.netmask) != $mask ]]; then
- v uci set network.lan.netmask=$mask
- uci commit network
- reboot=true
+if $dropbear_restart; then
+ v /etc/init.d/dropbear restart
fi
fi
-if $reboot; then
- reboot
-fi
exit 0
exit 0