Commit 79eee44d authored by Hamza Dely's avatar Hamza Dely
Browse files

Initialisation du dépôt

parents
#
# Copyright (C) 2016 Crans
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
include $(INCLUDE_DIR)/kernel.mk
include $(INCLUDE_DIR)/version.mk
PKG_NAME:=crans
PKG_VERSION:=1.0
PKG_RELEASE:=1
PKG_LICENSE:=GPL-2.0
PKG_BUILD_DEPENDS:=base-files dropbear monit
include $(INCLUDE_DIR)/package.mk
SECRET:=$(shell PYTHONPATH=/etc/crans/secrets/ python -c "import secrets; print secrets.radius_eap_key")
# Pour installer network, il faut regarder quel est le type de borne ciblé
ifeq ($(CONFIG_TARGET_ar71xx_generic_ESR1750),y)
NETWORKFILE:="network.esr1750"
else ($(CONFIG_TARGET_ar71xx_generic_UAPPRO),y)
NETWORKFILE:="network.uap_pro"
else
NETWORKFILE:="network"
endif
define Package/base-files/conffiles
/etc/banner
/etc/openwrt_version
/etc/monitrc
/etc/config/dhcp
/etc/config/network
/etc/config/system
/etc/config/dropbear
/etc/config/wireless
/etc/dropbear/
/etc/dropbear/authorized_keys
/etc/monit
/etc/uci-defaults/dhcp.crans
$(call $(TARGET)/conffiles)
endef
define Package/crans
SECTION:=base
CATEGORY:=Crans configuration
TITLE:=Crans-specific configuration for OpenWrt
DEPENDS:=+base-files +dropbear +monit
VERSION:=$(PKG_RELEASE)
endef
define Package/crans/description
Configuration spécifique au Crans
endef
define Package/crans/install
$(INSTALL_DIR) $(1)/etc/
$(INSTALL_DATA) files/etc/banner $(1)/etc/banner
$(INSTALL_DATA) files/etc/openwrt_version $(1)/etc/openwrt_version
$(INSTALL_DATA) files/etc/monitrc $(1)/etc/monitrc
$(INSTALL_DIR) $(1)/etc/config/
$(INSTALL_DATA) files/etc/config/dhcp $(1)/etc/config/dhcp
$(INSTALL_DATA) files/etc/config/$(NETWORKFILE) $(1)/etc/config/network
$(INSTALL_DATA) files/etc/config/system $(1)/etc/config/system
$(INSTALL_DATA) files/etc/config/dropbear $(1)/etc/config/dropbear
install -d -m0700 $(1)/etc/dropbear/
$(INSTALL_CONF) files/etc/dropbear/authorized_keys $(1)/etc/dropbear/authorized_keys
$(INSTALL_DIR) $(1)/etc/init.d/
$(INSTALL_BIN) files/etc/init.d/monit $(1)/etc/init.d/monit
$(INSTALL_DIR) $(1)/usr/share/watch_net/
$(INSTALL_BIN) files/usr/share/watch_net/watch_net.sh $(1)/usr/share/watch_net/watch_net.sh
$(INSTALL_DIR) $(1)/lib/wifi/
$(INSTALL_DATA) files/lib/wifi/mac80211.sh $(1)/lib/wifi/mac80211.sh
$(INSTALL_DIR) $(1)/etc/uci-defaults/
$(INSTALL_BIN) files/etc/uci-defaults/dhcp.crans $(1)/etc/uci-defaults/dhcp.crans
$(INSTALL_DIR) $(1)/lib/netifd/
$(INSTALL_BIN) files/lib/netifd/dhcp.script $(1)/lib/netifd/dhcp.script
$(VERSION_SED) \
$(1)/etc/banner \
$(1)/etc/openwrt_version
touch $(1)/etc/config/eap_radius_key
echo -n $(SECRET) > $(1)/etc/config/eap_radius_key
endef
define Build/Prepare
mkdir -p $(PKG_BUILD_DIR)
endef
define Build/Compile/Default
endef
Build/Compile = $(Build/Compile/Default)
$(eval $(call BuildPackage,crans))
 _______ ________ __
| |.-----.-----.-----.| | | |.----.| |_
| - || _ | -__| || | | || _|| _|
|_______|| __|_____|__|__||________||__| |____|
|__| W I R E L E S S F R E E D O M
-----------------------------------------------------
 %N  ( %C, %R )
 Cr@ns Edition ( wifi.crans.org ) 
-----------------------------------------------------
* 1 1/2 oz Gin Shake with a glassful
* 1/4 oz Triple Sec of broken ice and pour
* 3/4 oz Lime Juice unstrained into a goblet.
* 1 1/2 oz Orange Juice
* 1 tsp. Grenadine Syrup
----------------------------------------------------
config 'dnsmasq'
option domainneeded 1
option boguspriv 1
option filterwin2k 0
option localise_queries 1
option rebind_protection 1
option rebind_localhost 0
option local '/lan/'
option domain 'lan'
option expandhosts 1
option nonegcache 0
# option authoritative 1
option readethers 1
# option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
option interface lo
config dropbear
option PasswordAuth 'on'
option RootPasswordAuth 'off'
option Port '22'
# option BannerFile '/etc/banner'
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config interface 'vlan3'
option ifname 'eth0.3'
option type 'bridge'
option proto 'dhcp'
config interface 'vlan3_6'
option ifname 'br-vlan3'
option proto 'dhcpv6'
config interface 'vlan6'
option ifname 'eth0.6'
option type 'bridge'
option proto 'none'
config interface 'vlan10'
option ifname 'eth0.10'
option type 'bridge'
option proto 'none'
config interface 'vlan22'
option ifname 'eth0.22'
option type 'bridge'
option proto 'none'
config interface 'vlan7'
option ifname 'eth0.7'
option type 'bridge'
option proto 'none'
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config interface 'vlan3'
option ifname 'eth0.3'
option type 'bridge'
option proto 'dhcp'
config interface 'vlan3_6'
option ifname 'br-vlan3'
option proto 'dhcpv6'
config interface 'vlan6'
option ifname 'eth0.6'
option type 'bridge'
option proto 'none'
config interface 'vlan10'
option ifname 'eth0.10'
option type 'bridge'
option proto 'none'
config interface 'vlan22'
option ifname 'eth0.22'
option type 'bridge'
option proto 'none'
config interface 'vlan7'
option ifname 'eth0.7'
option type 'bridge'
option proto 'none'
# Configuration du switch pour les EnGenius ESR1750
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '0t 5'
config switch_vlan
option device 'switch0'
option vlan '3'
option ports '0t 1t 2t 3t 4t 5t'
config switch_vlan
option device 'switch0'
option vlan '10'
option ports '0t 1t 2t 3t 4t 5t'
config switch_vlan
option device 'switch0'
option vlan '7'
option ports '0t 1t 2t 3t 4t 5t'
config switch_vlan
option device 'switch0'
option vlan '6'
option ports '0t 1t 2t 3t 4t 5t'
config switch_vlan
option device 'switch0'
option vlan '22'
option ports '0t 1t 2t 3t 4t 5t'
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config interface 'vlan3'
option ifname 'eth0.3'
option type 'bridge'
option proto 'dhcp'
config interface 'vlan3_6'
option ifname 'br-vlan3'
option proto 'dhcpv6'
config interface 'vlan6'
option ifname 'eth0.6'
option type 'bridge'
option proto 'none'
config interface 'vlan10'
option ifname 'eth0.10'
option type 'bridge'
option proto 'none'
config interface 'vlan22'
option ifname 'eth0.22'
option type 'bridge'
option proto 'none'
config interface 'vlan7'
option ifname 'eth0.7'
option type 'bridge'
option proto 'none'
# Configuration du switch pour les UAP Pro
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '3'
option ports '0t 1t 2t'
config switch_vlan
option device 'switch0'
option vlan '10'
option ports '0t 1t 2t'
config switch_vlan
option device 'switch0'
option vlan '7'
option ports '0t 1t 2t'
config switch_vlan
option device 'switch0'
option vlan '6'
option ports '0t 1t 2t'
config switch_vlan
option device 'switch0'
option vlan '22'
option ports '0t 1t 2t'
config system
option timezone 'CET-1CEST'
option zonename 'Europe/Paris'
option log_type file
# thot.crans.org
option log_ip '10.231.148.38'
option log_file /dev/null
config timeserver ntp
option enable_server 0
list server ntp.crans.org
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDoByWN7RvH9ICpbqLbm8kd/JLDpPMLNYMHSOXNncImhNVQWKjdIpaosRXkN/KmiVZcHQJpKX7Sj5J3+TnrbZHwafgSS319eNdcGdHyQlYl9gbtMs4b4LC9YgJm7Tz3xxk/RXrITrix7J85b1q7hvzvcNCrnqDbeyvggOxQxmsLLD2cpWVw/TXfv+9wRSgEsHYawqDRXgmcmIXufrnmFAkU6efGi3cfs4BQawylnmRM9BQ5evOMRj8OMmR2Dlp4OvCIV5Rut0NXrLphLRUPxxW38aeSguE8lXz76FKdrg8KKRBlPeekPj4YcN6b9Z0FfREZzVeQbZhiYlL/bhCSnTzB apprentis
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCuEDiPDYBcCa5AxeCA+D4DH6C8EeZcJb8Xy/7mm+2nxr7SbnNR8PgiEdHmeTbm6eSHqPsM40aXMbEd97IJ91TDPxghtZHxCVHZp6Tipbpqkj/+gJCSA0Svsf3FZNtCip6aoJlWs5HVz4wmLjs8Y8U1OJ2gAa5LPtc0UFMlyIYk2L2hD7Y9Z+0Ow6F3oDO8cki+MQCN7S/FNdEqIO8dlFN/gbxF0pn9uFNPsQBZHKckX7mhzY7rrD6PoV3h4Byht5s+CNT6kwlE+gWKcnLd/FwXCmKAHcXPZOTgHo4qFJwezwEtWhuIGvIQD7r/Pyuzl3UjS71L8wLZnoPVd2Gmu1lntDgZPgOqFIZsgytswqtlF5JDu/ayhF0Qwtnk7bOrvFVw4fOIvecNxl1MzwcrRjN5I4FFHMCDDZLuUikIh+Y4wGSYkZE40kuvTjDkturO8e7DgjlQZx776gLyVK92oiHcfYclYoMcf/aVxyh2EaKP1pU0o1pLw2QOJjuNetVa7z3gsNfekR+ZJkJlBwfh/Vh4eAuonlJokJup62NHUiTll4jlLL+uI0KURVSPvCbNEwVc5Hv5Wacg6OoQjBjLuPdM40piAJoHH2+UhOWUk2ctoRd2JWLvdgcvMYSWZf8SUegKJ50+juaBEUiOSXBWm/36lKXW5NpE+90pOTF9/gFWHQ== clefwifinew
#!/bin/sh /etc/rc.common
# Copyright (C) 2006-2012 OpenWrt.org
START=60
SERVICE_USE_PID=1
start() {
[ -f /etc/monitrc ] || return 1
ls -l /etc/monitrc | grep -q '^-rw-------'
[ $? -eq 0 ] || chmod 0700 /etc/monitrc
service_start /usr/bin/monit
}
stop() {
service_stop /usr/bin/monit
}
###############################################################################
## Monit Cr@ns Config !
###############################################################################
##
## Start Monit in the background (run as a daemon):
#
set daemon 60 # check services at 1-minute intervals
with start delay 30 # optional: delay the first check by 4-minutes (by
# # default Monit check immediately after Monit start)
set logfile syslog facility log_daemon
#set logfile /tmp/monit_log # Test logging
#
## Set the location of the Monit id file which stores the unique id for the
## Monit instance. The id is generated and stored on first Monit start. By
## default the file is placed in $HOME/.monit.id.
#
set idfile /var/.monit.id
# Bind and authorize only to localhost:
set httpd port 2812 and
use address localhost
allow localhost
#
## Set the location of the Monit state file which saves monitoring states
## on each cycle. By default the file is placed in $HOME/.monit.state. If
## the state file is stored on a persistent filesystem, Monit will recover
## the monitoring state across reboots. If it is on temporary filesystem, the
## state will be lost on reboot which may be convenient in some situations.
#
set statefile /var/.monit.state
## Check hostapd
check process hostapd-0 with pidfile /var/run/wifi-phy0.pid
start program = "/usr/sbin/hostapd -P /var/run/wifi-phy0.pid -B /var/run/hostapd-phy0.conf" with timeout 60 seconds
stop program = "/usr/bin/killall hostapd"
if 5 restarts within 5 cycles then timeout
check process sshd with pidfile /var/run/dropbear.1.pid
start program "/etc/init.d/dropbear start"
stop program "/etc/init.d/dropbear stop"
if failed port 22 protocol ssh then restart
if 5 restarts within 5 cycles then timeout
check program watch_net with path "/usr/share/watch_net/watch_net.sh"
if status != 0 then alert
check process logread with pidfile /var/run/logread.2.pid
start program "/etc/init.d start"
stop program "/etc/init.d stop"
if 5 restarts within 5 cycles then timeout
#!/bin/sh
uci set dhcp.@dnsmasq[0].rebind_localhost=0
uci delete dhcp.@dnsmasq[0].authoritative
uci delete dhcp.@dnsmasq[0].leasefile
uci delete dhcp.@dnsmasq[0].localservice
uci set dhcp.@dnsmasq[0].interface='lo'
uci delete dhcp.lan
uci delete dhcp.wan
uci commit dhcp
exit 0
#!/bin/sh
[ -z "$1" ] && echo "Error: should be run by udhcpc" && exit 1
. /lib/functions.sh
. /lib/netifd/netifd-proto.sh
set_classless_routes() {
local max=128
while [ -n "$1" -a -n "$2" -a $max -gt 0 ]; do
proto_add_ipv4_route "${1%%/*}" "${1##*/}" "$2" "$ip"
max=$(($max-1))
shift 2
done
}
setup_interface () {
proto_init_update "*" 1
proto_add_ipv4_address "$ip" "${subnet:-255.255.255.0}"
# TODO: apply $broadcast
for i in $router; do
proto_add_ipv4_route "$i" 32 "" "$ip"
proto_add_ipv4_route 0.0.0.0 0 "$i" "$ip"
for r in $CUSTOMROUTES; do
proto_add_ipv4_route "${r%%/*}" "${r##*/}" "$i" "$ip"
done
done
# CIDR STATIC ROUTES (rfc3442)
[ -n "$staticroutes" ] && set_classless_routes $staticroutes
[ -n "$msstaticroutes" ] && set_classless_routes $msstaticroutes
for dns in $dns; do
proto_add_dns_server "$dns"
done
for domain in $domain; do
proto_add_dns_search "$domain"
done
proto_add_data
[ -n "$ZONE" ] && json_add_string zone "$ZONE"
[ -n "$ntpsrv" ] && json_add_string ntpserver "$ntpsrv"
[ -n "$timesvr" ] && json_add_string timeserver "$timesvr"
[ -n "$hostname" ] && json_add_string hostname "$hostname"
[ -n "$message" ] && json_add_string message "$message"
[ -n "$timezone" ] && json_add_int timezone "$timezone"
[ -n "$lease" ] && json_add_int leasetime "$lease"
proto_close_data
proto_send_update "$INTERFACE"
if [ "$IFACE6RD" != 0 -a -n "$ip6rd" ]; then
local v4mask="${ip6rd%% *}"
ip6rd="${ip6rd#* }"
local ip6rdprefixlen="${ip6rd%% *}"
ip6rd="${ip6rd#* }"
local ip6rdprefix="${ip6rd%% *}"
ip6rd="${ip6rd#* }"
local ip6rdbr="${ip6rd%% *}"
[ -n "$ZONE" ] || ZONE=$(fw3 -q network $INTERFACE)
[ -z "$IFACE6RD" -o "$IFACE6RD" = 1 ] && IFACE6RD=${INTERFACE}_6
json_init
json_add_string name "$IFACE6RD"
json_add_string ifname "@$INTERFACE"
json_add_string proto "6rd"
json_add_string peeraddr "$ip6rdbr"
json_add_int ip4prefixlen "$v4mask"
json_add_string ip6prefix "$ip6rdprefix"
json_add_int ip6prefixlen "$ip6rdprefixlen"
json_add_string tunlink "$INTERFACE"
[ -n "$IFACE6RD_DELEGATE" ] && json_add_boolean delegate "$IFACE6RD_DELEGATE"
[ -n "$ZONE6RD" ] || ZONE6RD=$ZONE
[ -n "$ZONE6RD" ] && json_add_string zone "$ZONE6RD"
[ -n "$MTU6RD" ] && json_add_string mtu "$MTU6RD"
json_close_object
ubus call network add_dynamic "$(json_dump)"
fi
# Cr@ns: hostname fourni par dhcp
config_get old_host system hostname OpenWrt
[ "$old_host" == "OpenWrt" ] && {
/sbin/uci set system.@system[0].hostname="$hostname"
/sbin/uci commit system
echo "$hostname" > /proc/sys/kernel/hostname
}
}
deconfig_interface() {
proto_init_update "*" 0
proto_send_update "$INTERFACE"
}
case "$1" in
deconfig)
deconfig_interface
;;
renew|bound)
setup_interface
;;
esac
# user rules
[ -f /etc/udhcpc.user ] && . /etc/udhcpc.user "$@"
exit 0
#!/bin/sh
append DRIVERS "mac80211"
eap_radius_key=$(cat /etc/config/eap_radius_key)
lookup_phy() {
[ -n "$phy" ] && {
[ -d /sys/class/ieee80211/$phy ] && return
}
local devpath
config_get devpath "$device" path
[ -n "$devpath" ] && {
for phy in $(ls /sys/class/ieee80211 2>/dev/null); do
case "$(readlink -f /sys/class/ieee80211/$phy/device)" in
*$devpath) return;;
esac
done
}
local macaddr="$(config_get "$device" macaddr | tr 'A-Z' 'a-z')"
[ -n "$macaddr" ] && {
for _phy in /sys/class/ieee80211/*; do
[ -e "$_phy" ] || continue
[ "$macaddr" = "$(cat ${_phy}/macaddress)" ] || continue
phy="${_phy##*/}"
return
done
}
phy=
return
}
find_mac80211_phy() {
local device="$1"
config_get phy "$device" phy
lookup_phy
[ -n "$phy" -a -d "/sys/class/ieee80211/$phy" ] || {
echo "PHY for wifi device $1 not found"
return 1
}
config_set "$device" phy "$phy"
config_get macaddr "$device" macaddr
[ -z "$macaddr" ] && {
config_set "$device" macaddr "$(cat /sys/class/ieee80211/${phy}/macaddress)"
}
return 0
}
check_mac80211_device() {
config_get phy "$1" phy
[ -z "$phy" ] && {
find_mac80211_phy "$1" >/dev/null || return 0
config_get phy "$1" phy
}
[ "$phy" = "$dev" ] && found=1
}
detect_mac80211() {
devidx=0
config_load wireless
while :; do
config_get type "radio$devidx" type
[ -n "$type" ] || break
devidx=$(($devidx + 1))
done
for _dev in /sys/class/ieee80211/*; do
[ -e "$_dev" ] || continue
dev="${_dev##*/}"
found=0
config_foreach check_mac80211_device wifi-device
[ "$found" -gt 0 ] && continue
mode_band="g"
channel="11"
htmode=""
ht_capab=""
iw phy "$dev" info | grep -q 'Capabilities:' && htmode=HT20
iw phy "$dev" info | grep -q '2412 MHz' || { mode_band="a"; channel="36"; }
vht_cap=$(iw phy "$dev" info | grep -c 'VHT Capabilities')
cap_5ghz=$(iw phy "$dev" info | grep -c "Band 2")
[ "$vht_cap" -gt 0 -a "$cap_5ghz" -gt 0 ] && {
mode_band="a";
channel="36"
htmode="VHT80"
}
[ -n $htmode ] && append ht_capab " option htmode $htmode" "$N"
if [ -x /usr/bin/readlink -a -h /sys/class/ieee80211/${dev} ]; then
path="$(readlink -f /sys/class/ieee80211/${dev}/device)"