From 7894812298494ef9a704d54bca3fd1f3bbf88f5f Mon Sep 17 00:00:00 2001 From: Ian Kelling Date: Wed, 19 Jul 2023 21:35:45 -0400 Subject: [PATCH] various fixes and add cmc secondary ap --- README | 7 ++- wrt-init | 2 +- wrt-setup | 2 +- wrt-setup-local | 133 +++++++++++++++++++++++++++++++----------------- 4 files changed, 92 insertions(+), 52 deletions(-) diff --git a/README b/README index b73c104..5d8a7c2 100644 --- a/README +++ b/README @@ -71,8 +71,6 @@ Before doing a fai install, you will need to populate a class file. I use one called 51-multi-boot, which you can see example of in fai/config/class/50-host-classes. - - Before doing a fai install, you will need to populate /q/root/luks and /q/root/shadow, see their references. You might also want to copy existing /etc/ssh/*host* to @@ -89,6 +87,11 @@ fai/config/distro-install-common/end and which shadow file / luks file(s) to copy into the new machine depends on fai-redep arguments. +Also, setup dns in bind and wrt-setup-local. + +After install, btrbk to setup data, and then distro-begin && distro end. +See notes in distro-begin for other configuration. + # Scripts (meant to be used directly): diff --git a/wrt-init b/wrt-init index d6e9817..0df2e12 100755 --- a/wrt-init +++ b/wrt-init @@ -1,5 +1,5 @@ #!/bin/sh -set -x +set -xe # librecmc 1.5.1 is missing nfs-kernel-server and screen source /etc/os-release if [ "$ID" == librecmc ] && [ "$VERSION" == v1.5.1-core ]; then diff --git a/wrt-setup b/wrt-setup index 33d8f38..bf663b9 100755 --- a/wrt-setup +++ b/wrt-setup @@ -77,7 +77,7 @@ scp /a/work/libremanage/libremanage /a/bin/fai/wrt-init /a/bin/fai/wrt-setup-loc #/a/opt/openwrt/source/bin/packages/mips_24kc/mypackages/relay_1.0-1_mips_24kc.ipk \ scp /q/root/shadow/router /p/c/machine_specific/wrt/etc/dropbear/dropbear_rsa_host_key \ - /p/router-secrets /p/c/machine_specific/wrt/etc/wg.{key,psk} /b/errhandle/err $h: + /p/router-secrets /p/c/machine_specific/wrt/etc/wg.{key,psk} /b/ds/ptr-data /b/errhandle/err $h: scp ../openwrtkeyring/usign/* $h:/etc/opkg/keys ssh $h wrt-init ${HOME_DOMAIN:-b8.nz} "$@" diff --git a/wrt-setup-local b/wrt-setup-local index 6e917f6..094fd11 100755 --- a/wrt-setup-local +++ b/wrt-setup-local @@ -18,7 +18,6 @@ f=/usr/local/lib/err;test -r $f || { echo "error: $0 no $f" >&2;exit 1;}; . $f - usage() { cat <&2; usage 1 ;; esac ;; @@ -93,9 +98,12 @@ shift "$((OPTIND-1))" # Discard the options and sentinel -- if [[ $1 ]]; then h=$1 +elif [[ $hostname ]]; then + h=$hostname else h=cmc fi + if [[ ! $hostname ]]; then hostname=$h fi @@ -212,7 +220,7 @@ cedit() { lan=10.0.0.0 if $test; then lan=10.1.0.0 -elif [[ $hostname == cmc ]]; then +elif [[ $hostname == cmc || $hostname == cmcap ]]; then lan=10.2.0.0 elif $client; then lan=10.3.0.0 @@ -284,8 +292,8 @@ fi uset network.lan.ipaddr $l.$lanip uset network.lan.netmask $mask -if $dev2 || $client; then - if $dev2; then +if $dev2 || $client || $ap; then + if $dev2 || $ap; then uset network.lan.gateway $l.1 uset network.wan.proto none uset network.wan6.proto none @@ -295,10 +303,16 @@ if $dev2 || $client; then /etc/init.d/odhcpd stop /etc/init.d/odhcpd disable rm -f /etc/resolv.conf - cat >/etc/resolv.conf <<'EOF' + if $ap; then + cat >/etc/resolv.conf </etc/resolv.conf <<'EOF' nameserver 8.8.8.8 nameserver 8.8.4.4 EOF + fi # things i tried to keep dnsmasq running but not enabled except local dns, # but it didnt work right and i dont need it anyways. @@ -350,7 +364,7 @@ else if [[ $mac ]]; then uset wireless.default_radio$x.macaddr $macpre$((macsuf + 2*x)) fi - # secondary device has wireless disabled + # disable/enable. secondary device has wireless disabled uset wireless.radio$x.disabled $dev2 done fi @@ -368,12 +382,15 @@ EOF uset wireless.radio0.disassoc_low_ack 0 uset wireless.radio1.disassoc_low_ack 0 fi -case $HOSTNAME in - cmc) - # found with https://openwrt.org/docs/guide-user/network/wifi/iwchan - uset wireless.radio0.channel 11 - ;; -esac + + +# found with https://openwrt.org/docs/guide-user/network/wifi/iwchan. +# However, the default also chooses 11, and better to let it choose in case things change. +# case $HOSTNAME in +# cmc) +# uset wireless.radio0.channel 11 +# ;; +# esac # usb, screen, relay are for libremanage @@ -384,10 +401,26 @@ esac # # note: prometheus-node-exporter-lua-openwrt seems to be a dependency of # prometheus-node-exporter-lua in practice. -v pi tcpdump screen rsync unbound-daemon unbound-checkconf \ - kmod-usb-storage block-mount kmod-fs-ext4 \ - prometheus-node-exporter-lua-openwrt \ + +pkgs=( + tcpdump + screen + rsync + kmod-usb-storage + block-mount + kmod-fs-ext4 + prometheus-node-exporter-lua-openwrt prometheus-node-exporter-lua +) + +if ! $ap; then + pkgs+=( + unbound-daemon + unbound-checkconf + ) +fi + +v pi "${pkgs[@]}" # nfs-kernel-server \ # openvpn-openssl adblock libusb-compat \ # kmod-usb-serial-cp210x kmod-usb-serial-ftdi \ @@ -519,9 +552,9 @@ fi cedit /etc/config/network <&2 - exit 1 + if $unbound_restart; then + /etc/init.d/unbound restart + if ! unbound-checkconf; then + echo $0: error: unbound-checkconf failed >&2 + exit 1 + fi fi -fi - +fi # end if $ap # # disabled for now. i want to selectively enable it # # for specific hosts. @@ -1275,7 +1309,7 @@ dhcp-optsfile=/var/run/dnsmasq/dhcpopts.conf EOF -if $dnsmasq_restart && ! $dev2; then +if $dnsmasq_restart && ! $dev2 && ! $ap; then # todo: can our ptr records be put in /etc/hosts? # eg: user normal /etc/hosts records, and they wont be used for A resolution # due to the other settings, but will be used for ptr? then maybe @@ -1292,7 +1326,10 @@ if $dnsmasq_restart && ! $dev2; then v /etc/init.d/dnsmasq restart fi -if $firewall_restart; then +if $ap; then + v /etc/init.d/firewall disable + v /etc/init.d/firewall stop +elif $firewall_restart; then v /etc/init.d/firewall restart fi @@ -1311,4 +1348,4 @@ if $network_restart; then reboot fi -exit 0 +v exit 0 -- 2.30.2