arcad
/
emissary-firmware
17
0
Fork 0
Code Issues 1 Pull Requests Projects Releases 3 Wiki Activity

feat: initial commit

This commit is contained in:
wpetit 2023-02-03 16:40:47 +01:00
commit 110b6b0df8
16 changed files with 723 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
.gitignore vendored Normal file
View File

@ -0,0 +1,12 @@
/tmp
/imagebuilder
/packages
/packages.zip
/bin
/tools
/gitea-dl
/files/etc/emissary
/files/usr/local/bin/emissary
/files/var/lib/emissary
/files/usr/share/emissary
/.gitea-release

166
Makefile Normal file
View File

@ -0,0 +1,166 @@
OPENWRT_DEVICE ?= 192.168.1.1
BACKUP_DATE ?=
GIT_VERSION := $(shell git describe --always)
OPENWRT_VERSION ?= 22.03.2
OPENWRT_TARGET ?= mvebu/cortexa9
OPENWRT_TARGET_DASHED ?= $(shell echo $(OPENWRT_TARGET) | sed 's|/|-|')
OPENWRT_PROFILE ?= linksys_wrt1200ac
OPENWRT_PACKAGES ?= $(shell cat packages.txt)
EXTRA_IMAGE_NAME ?= emissary-$(GIT_VERSION)
BIN_DIR_NAME_SUFFIX ?=
IMAGEBUILDER_URL ?= https://downloads.openwrt.org/releases/$(OPENWRT_VERSION)/targets/$(OPENWRT_TARGET)/openwrt-imagebuilder-$(OPENWRT_VERSION)-$(OPENWRT_TARGET_DASHED).Linux-x86_64.tar.xz
IMAGEBUILDER_ARCHIVE_PATH := tmp/imagebuilder-$(OPENWRT_VERSION)-$(OPENWRT_TARGET_DASHED).tar.xz
IMAGEBUILDER_DIR_PATH := $(PWD)/imagebuilder/$(OPENWRT_VERSION)/$(OPENWRT_TARGET)
IMAGEBUILDER_CUSTOM_PACKAGES_DIR_PATH := $(IMAGEBUILDER_DIR_PATH)/packages
IMAGEBUILDER_CUSTOM_FILES_DIR_PATH := $(IMAGEBUILDER_DIR_PATH)/files
BIN_DIR := "$(shell readlink -f bin)/$(OPENWRT_VERSION)/$(OPENWRT_TARGET)/$(OPENWRT_PROFILE)$(BIN_DIR_NAME_SUFFIX)"
GITEA_DOWNLOAD_RELEASE_NAME ?= latest
EMISSARY_ARCH ?= armv6
EMISSARY_RECONCILIATION_INTERVAL ?=
EMISSARY_SERVER_URL ?=
include targets/*.mk
all:
build: $(IMAGEBUILDER_DIR_PATH) $(IMAGEBUILDER_CUSTOM_PACKAGES_DIR_PATH) $(IMAGEBUILDER_CUSTOM_FILES_DIR_PATH)
# Create artefacts directory
mkdir -p "$(BIN_DIR)"
# Add local packages to repositories
sed -i -n -e '/^src imagebuilder file:packages/!p' -e '$$asrc imagebuilder file:packages' -e 's/^option check_signature//' "$(IMAGEBUILDER_DIR_PATH)/repositories.conf"
# Cleanup old packages signature
rm -f $(IMAGEBUILDER_DIR_PATH)/Packages $(IMAGEBUILDER_DIR_PATH)/Packages.gz $(IMAGEBUILDER_DIR_PATH)/Packages.sig
# Build firmware
$(MAKE) \
-C "$(IMAGEBUILDER_DIR_PATH)" \
EXTRA_IMAGE_NAME="$(EXTRA_IMAGE_NAME)" \
PROFILE="$(OPENWRT_PROFILE)" \
PACKAGES="$(OPENWRT_PACKAGES)" \
CONFIG_IPV6=n \
FILES="$(IMAGEBUILDER_CUSTOM_FILES_DIR_PATH)" \
BIN_DIR="$(BIN_DIR)" \
clean image
$(IMAGEBUILDER_DIR_PATH): $(IMAGEBUILDER_ARCHIVE_PATH)
mkdir -p "$(IMAGEBUILDER_DIR_PATH)"
tar -xf "$(IMAGEBUILDER_ARCHIVE_PATH)" --strip-components 1 -C "$(IMAGEBUILDER_DIR_PATH)"
$(IMAGEBUILDER_ARCHIVE_PATH):
mkdir -p $(shell dirname "$(IMAGEBUILDER_ARCHIVE_PATH)")
wget -O "$(IMAGEBUILDER_ARCHIVE_PATH)" "$(IMAGEBUILDER_URL)"
.PHONY: $(IMAGEBUILDER_CUSTOM_PACKAGES_DIR_PATH)
$(IMAGEBUILDER_CUSTOM_PACKAGES_DIR_PATH):
rm -rf "$(IMAGEBUILDER_CUSTOM_PACKAGES_DIR_PATH)"
mkdir -p packages
ln -fs "$(shell readlink -f packages)" "$(IMAGEBUILDER_CUSTOM_PACKAGES_DIR_PATH)"
.PHONY: $(IMAGEBUILDER_CUSTOM_FILES_DIR_PATH)
$(IMAGEBUILDER_CUSTOM_FILES_DIR_PATH):
rm -rf "$(IMAGEBUILDER_CUSTOM_FILES_DIR_PATH)"
mkdir -p "$(IMAGEBUILDER_CUSTOM_FILES_DIR_PATH)/etc"
echo "# Firmware built with https://forge.cadoles.com/Cadoles/emissary-firmware" > "$(IMAGEBUILDER_CUSTOM_FILES_DIR_PATH)/etc/emissary_firmware"
echo "BUILD_DATE=$(shell date --iso-8601=seconds)" >> "$(IMAGEBUILDER_CUSTOM_FILES_DIR_PATH)/etc/emissary_firmware"
echo "GIT_VERSION=$(GIT_VERSION)" >> "$(IMAGEBUILDER_CUSTOM_FILES_DIR_PATH)/etc/emissary_firmware"
echo "OPENWRT_PROFILE=$(OPENWRT_PROFILE)" >> "$(IMAGEBUILDER_CUSTOM_FILES_DIR_PATH)/etc/emissary_firmware"
$(MAKE) copy-emissary-files
cp -rf files/* $(IMAGEBUILDER_CUSTOM_FILES_DIR_PATH)/
flash:
OPENWRT_DEVICE=$(OPENWRT_DEVICE) OPENWRT_PROFILE=$(OPENWRT_PROFILE) OPENWRT_VERSION=$(OPENWRT_VERSION) misc/script/flash.sh
restore:
OPENWRT_DEVICE=$(OPENWRT_DEVICE) BACKUP_DATE=$(BACKUP_DATE) misc/script/restore.sh
gitea-release: tools/gitea-release/bin/gitea-release.sh
mkdir -p .gitea-release
rm -rf .gitea-release/*
find bin \
\( -name '*.img.gz' \
-or -name '*.bin' \
-or -name '*.img' \
\) -exec cp {} .gitea-release/ \;
GITEA_RELEASE_PROJECT="emissary-firmware" \
GITEA_RELEASE_ORG="arcad" \
GITEA_RELEASE_BASE_URL="https://forge.cadoles.com" \
GITEA_RELEASE_VERSION="$(GIT_VERSION)" \
GITEA_RELEASE_NAME="$(GIT_VERSION)" \
GITEA_RELEASE_COMMITISH_TARGET="$(GIT_VERSION)" \
GITEA_RELEASE_IS_DRAFT="false" \
GITEA_RELEASE_BODY="" \
GITEA_RELEASE_ATTACHMENTS="$(shell find .gitea-release/* -type f)" \
tools/gitea-release/bin/gitea-release.sh
.PHONY: download-emissary-release
download-emissary-release: tools/gitea-download/bin/gitea-download.sh
rm -rf gitea-dl
GITEA_DOWNLOAD_PROJECT="emissary" \
GITEA_DOWNLOAD_ORG="arcad" \
GITEA_DOWNLOAD_BASE_URL="https://forge.cadoles.com" \
GITEA_DOWNLOAD_RELEASE_NAME="$(GITEA_DOWNLOAD_RELEASE_NAME)" \
tools/gitea-download/bin/gitea-download.sh
.PHONY: copy-emissary-files
copy-emissary-files: download-emissary-release tools/yq/bin/yq tools/upx/bin/upx
mkdir -p gitea-dl/emissary-agent_linux_$(EMISSARY_ARCH)
cd gitea-dl && tar -xzf emissary-agent_*_linux_$(EMISSARY_ARCH).tar.gz -C emissary-agent_linux_$(EMISSARY_ARCH)
# Copy agent config
mkdir -p files/etc/emissary
cp gitea-dl/emissary-agent_linux_$(EMISSARY_ARCH)/misc/packaging/common/config-agent.yml files/etc/emissary/agent.yml
# Patch agent config
tools/yq/bin/yq -i '.agent.controllers.spec.serverUrl = "$${EMISSARY_SERVER_URL}"' files/etc/emissary/agent.yml
tools/yq/bin/yq -i '.agent.reconciliationInterval = "$${EMISSARY_RECONCILIATION_INTERVAL}"' files/etc/emissary/agent.yml
# Copy emissary binary
mkdir -p files/usr/local/bin
cp gitea-dl/emissary-agent_linux_$(EMISSARY_ARCH)/emissary files/usr/local/bin/emissary
chmod +x files/usr/local/bin/emissary
# Set defaults
mkdir -p files/etc/emissary
rm -rf files/etc/emissary/default.conf
echo "EMISSARY_RECONCILIATION_INTERVAL='$(EMISSARY_RECONCILIATION_INTERVAL)'" > files/etc/emissary/default.conf
echo "EMISSARY_SERVER_URL='$(EMISSARY_SERVER_URL)'" >> files/etc/emissary/default.conf
# Compress emissary binary
tools/upx/bin/upx -9 files/usr/local/bin/emissary
tools/gitea-release/bin/gitea-release.sh:
mkdir -p tools/gitea-release/bin
curl --output tools/gitea-release/bin/gitea-release.sh https://forge.cadoles.com/Cadoles/Jenkins/raw/branch/master/resources/com/cadoles/gitea/gitea-release.sh
chmod +x tools/gitea-release/bin/gitea-release.sh
tools/gitea-download/bin/gitea-download.sh:
mkdir -p tools/gitea-download/bin
curl --output tools/gitea-download/bin/gitea-download.sh https://forge.cadoles.com/Cadoles/Jenkins/raw/branch/master/resources/com/cadoles/gitea/gitea-download.sh
chmod +x tools/gitea-download/bin/gitea-download.sh
tools/yq/bin/yq:
mkdir -p tools/yq/bin
curl -L --output tools/yq/bin/yq https://github.com/mikefarah/yq/releases/download/v4.31.1/yq_linux_amd64
chmod +x tools/yq/bin/yq
UPX_VERSION := 4.0.2
tools/upx/bin/upx:
mkdir -p tools/upx/bin
curl -L --output tools/upx/upx-$(UPX_VERSION)-amd64_linux.tar.xz https://github.com/upx/upx/releases/download/v$(UPX_VERSION)/upx-$(UPX_VERSION)-amd64_linux.tar.xz
cd tools/upx && tar -xJf upx-$(UPX_VERSION)-amd64_linux.tar.xz
ln -s $(shell readlink -f tools/upx/upx-$(UPX_VERSION)-amd64_linux/upx) tools/upx/bin/upx

7
README.md Normal file
View File

@ -0,0 +1,7 @@
# Emissary - Firmware
Recette de construction de firmwares OpenWRT personnalisés intégrant les binaires Emissary.
## Documentation
[Voir `doc/`](./doc/README.md)

7
doc/README.md Normal file
View File

@ -0,0 +1,7 @@
# Documentation
## Tutoriels
- [Premiers pas](./tutorials/first-steps.md)
- [Compiler un firmware](./tutorials/firmware-compilation.md)
- [Flasher une borne](./tutorials/device-flashing.md)

11
doc/tutorials/device-flashing.md Normal file
View File

@ -0,0 +1,11 @@
# Flasher une borne
> TODO
```shell
# Construire le firmware
make <target>
# Flasher la borne avec le firmware correspondant à son modèle
make OPENWRT_DEVICE=<ip_borne> OPENWRT_PROFILE=<profile> flash
```

16
doc/tutorials/firmware-compilation.md Normal file
View File

@ -0,0 +1,16 @@
# Compiler un firmware
> TODO
```shell
# Exemple: construire un firmware OpenWRT
# Pour le routeur Linksys WRT1200AC
make linksys-wrt1200ac
# Pour le routeur Linksys WRT1900AC
make linksys-wrt1900ac
# Pourt le router Linksys WRT3200ACM
make linksys-wrt3200acm
```

330
doc/tutorials/first-steps.md Normal file
View File

@ -0,0 +1,330 @@
# Premiers pas
## Récupérer et lancer un serveur Emissary sur sa machine
1. Aller sur [la page "Releases"](https://forge.cadoles.com/arcad/emissary/releases) du projet `arcad/emissary` et télécharger la dernière archive disponible `emissary-server_<version>_linux_<arch>.tar.gz` (où `<arch>` correspond à l'architecture de votre machine).
2. Extraire l'archive sur votre poste de travail
3. Dans un terminal, se positionner dans le dossier extrait puis faire:
```bash
./emissary --config '' server config dump > config.yml # Générer un fichier de configuration pour votre instance
./emissary -c config.yml server database migrate # Appliquer les migrations à la base de données SQLite
./emissary -c config.yml server run # Lancer le serveur Emissary
```
Vous devriez avoir une sortie du type:
```
2023-02-22 20:54:26.876 [INFO] <server.go:100> http server listening
2023-02-22 20:54:26.876 [INFO] <run.go:42> listening {"url": "http://127.0.0.1:3000"}
```
## Récupérer et lancer une VM OpenWRT avec l'agent Emissary dans Qemu
1. Aller sur [la page "Releases"](https://forge.cadoles.com/arcad/emissary-firmware/releases) du projet `arcad/emissary-firmware` et télécharger la dernière archive d'image disque `openwrt-22.03.2-emissary-<gitref>-x86-generic-generic-squashfs-combined.img.gz`.
2. Décompresser l'image disque téléchargée
```bash
gunzip openwrt-22.03.2-emissary-*-x86-generic-generic-squashfs-combined.img.gz
```
3. Lancer une machine virtuelle avec Qemu en utilisant l'image disque
```bash
qemu-system-x86_64 \
-enable-kvm \
-nographic \
-drive file=$(ls openwrt-22.03.2-emissary-*-x86-generic-generic-squashfs-combined.img),id=d0,if=none \
-device ide-hd,drive=d0,bus=ide.0 \
-netdev bridge,br=virbr0,id=hn0 \
-device e1000,netdev=hn0,id=nic1 \
-netdev user,id=hn1 \
-device e1000,netdev=hn1,id=nic2
```
La machine virtuelle devrait démarrer. La console s'arrêtera sur une sortie proche de:
```
[ 10.095596] e1000: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[ 10.098872] IPv6: ADDRCONF(NETDEV_CHANGE): eth1: link becomes ready
[ 11.034720] IPv6: ADDRCONF(NETDEV_CHANGE): br-lan: link becomes ready
```
Appuyer sur la touche `Entrée`.
Vous devriez arriver sur le shell OpenWRT avec une sortie équivalente à:
```
BusyBox v1.35.0 (2023-02-18 18:31:16 UTC) built-in shell (ash)
_______ ________ __
| |.-----.-----.-----.| | | |.----.| |_
| - || _ | -__| || | | || _|| _|
|_______|| __|_____|__|__||________||__| |____|
|__| W I R E L E S S F R E E D O M
-----------------------------------------------------
OpenWrt 22.03.2, r19803-9a599fee93
-----------------------------------------------------
=== WARNING! =====================================
There is no root password defined on this device!
Use the "passwd" command to set up a new password
in order to prevent unauthorized SSH logins.
--------------------------------------------------
root@OpenWrt:/#
```
4. Dans la console OpenWRT et via la commande `uci`, modifier l'URL de base du serveur Emissary associé à votre agent:
```bash
uci set emissary.agent.server_url='http://10.0.2.2:3000'
```
> L'adresse `10.0.2.2` correspond à l'IP de la passerelle de la VM et donc à votre machine sur laquelle est lancé le serveur Emissary.
5. Diminuer l'intervalle de réconciliation de l'agent Emissary pour accélerer le temps de convergence de la configuration pour cette démonstration:
```bash
uci set emissary.agent.reconciliation_interval='10'
```
6. Enregistrer la configuration et relancer le service `emissary-agent`
```bash
uci commit # Enregistrer les modifications de configuration
/etc/init.d/emissary-agent restart # Redémarrer le service emissary-agent
logread -f # Surveiller les logs de la machine
```
## Autoriser l'agent à communiquer avec le serveur
1. Sur votre machine, dans un nouveau terminal, interroger l'API avec la commande `curl`
```bash
curl -v http://127.0.0.1:3000/api/v1/agents
```
La sortie devrait ressembler à:
```json
{
"data": {
"agents": [
{
"id": 1,
"remoteId": "24uS35UciKh95pDtMiMXfYUPsfrCXJBvq9uhjvx6mJyx3XVo6qfXk2isHg3oTHw4qyDbPwc57oRkMWRhuBzRgSvd",
"status": 0,
"createdAt": "2023-02-22T21:18:47.14565137Z",
"updatedAt": "2023-02-22T21:18:47.14565137Z"
}
],
"total": 1
}
}
```
> L'attribut `status` ici égal à `0` indique que l'agent n'est pas encore autorisé à se synchroniser avec les spécifications fournies par le serveur.
2. Autoriser l'agent à se synchroniser avec les spécifications du serveur
```bash
curl -XPUT -H 'Content-Type:application/json' -d '{"status":1}' "http://127.0.0.1:3000/api/v1/agents/${AGENT_ID}"
```
`${AGENT_ID}` est à remplacer par l'identifiant associé à votre agent dans la sortie de l'étape précédente (attribut `id` de l'objet correspondant à votre agent).
La sortie de la commande devrait ressembler à:
```json
{
"data": {
"agent": {
"id": 1,
"remoteId": "24uS35UciKh95pDtMiMXfYUPsfrCXJBvq9uhjvx6mJyx3XVo6qfXk2isHg3oTHw4qyDbPwc57oRkMWRhuBzRgSvd",
"status": 1,
"createdAt": "2023-02-22T21:28:57.174187323Z",
"updatedAt": "2023-02-22T21:18:47.14565137Z"
}
}
}
```
Votre agent peut désormais commencer à récupérer les spécifications qui lui sont associées sur le serveur.
## Exemple: modifier le `hostname` de la machine
> On va utiliser ici la spécification `uci.emissary.cadoles.com` pour modifier la configuration [UCI](https://openwrt.org/docs/guide-user/base-system/uci) de la machine hôte de l'agent Emissary.
1. Sur votre machine, créer une spécification pour votre agent:
```bash
cat > my-uci-spec.json <<EOF
{
"Name": "uci.emissary.cadoles.com",
"Revision": 0,
"Data": {
"config": {
"packages": [
{
"name": "system",
"configs": [
{
"name": "system",
"options": [
{
"type": "option",
"name": "hostname",
"value": "MyEmissaryAgent"
}
]
}
]
}
]
}
}
}
EOF
```
2. Avec la commande `curl`, charger la spécification pour votre agent:
```bash
curl -XPOST -d @my-uci-spec.json -H 'Content-Type:application/json' "http://127.0.0.1:3000/api/v1/agents/${AGENT_ID}/specs"
```
Le réponse devrait ressembler à:
```json
{
"data": {
"spec": {
"id": 2,
"name": "uci.emissary.cadoles.com",
"data": {
"config": {
"packages": [
{
"configs": [
{
"name": "system",
"options": [
{
"name": "hostname",
"type": "option",
"value": "MyEmissaryAgent"
}
]
}
],
"name": "system"
}
]
}
},
"revision": 0,
"createdAt": "2023-02-22T22:46:12.769547646Z",
"updatedAt": "2023-02-22T22:46:12.769547646Z"
}
}
}
```
3. Dans la console de la VM, après un cycle de réconciliation, vérifier que la configuration a bien été mise à jour:
```bash
uci export system
```
La sortie devrait ressembler à:
```
package system
config system
option hostname 'MyEmissaryAgent'
```
4. Rédémarrer la VM via sa console:
```shell
reboot
```
Après redémarrage, la console devrait être:
```
root@MyEmissaryAgent:/#
```
> **Astuce** Dans la console de la VM, vous pouvez utiliser la commande `uci export | /usr/local/bin/emissary agent openwrt uci transform` pour obtenir la représentation JSON d'une configuration UCI existante.
## Exemple: créer une passerelle vers un site arbitraire
> On va utiliser ici la spécification `gateway.emissary.cadoles.com` pour créer une passerelle inverse sur la machine vers un site web distant.
1. Sur votre machine, créer une spécification pour votre agent:
```bash
cat > my-gateway-spec.json <<EOF
{
"Name": "gateway.emissary.cadoles.com",
"Revision": 0,
"Data": {
"gateways": {
"cadoles.com":{
"address":":8080",
"target":"http://example.com/"
}
}
}
}
EOF
```
> Cette spécification déclare une "gateway" pointant vers le site `http://example.com/` et qui écoutera sur le port 8080 (sur toutes les interfaces) sur la machine hébergeant l'agent.
2. Avec la commande `curl`, charger la spécification pour votre agent:
```bash
curl -XPOST -d @my-gateway-spec.json -H 'Content-Type:application/json' "http://127.0.0.1:3000/api/v1/agents/${AGENT_ID}/specs"
```
Le réponse devrait ressembler à:
```json
{
"data": {
"spec": {
"id": 1,
"name": "gateway.emissary.cadoles.com",
"data": {
"gateways": {
"cadoles.com": {
"address": ":8080",
"target": "http://example.com/"
}
}
},
"revision": 0,
"createdAt": "2023-02-22T21:48:37.542822727Z",
"updatedAt": "2023-02-22T21:48:37.542822727Z"
}
}
}
```
3. Dans la console de la VM, après un cycle de réconciliation, vérifier que la passerelle est bien créée:
```bash
netstat -tlnup
```
La réponse devrait contenir une ligne équivalente à:
```bash
tcp 0 0 :::8080 :::* LISTEN 2100/emissary
```

5
files/etc/config/emissary Normal file
View File

@ -0,0 +1,5 @@
package emissary
config main 'agent'
option reconciliation_interval '60'
option server_url 'https://emissary.cadol.es'

35
files/etc/init.d/emissary-agent Executable file
View File

@ -0,0 +1,35 @@
#!/bin/sh /etc/rc.common
USE_PROCD=1
START=50
STOP=50
start_service() {
config_load emissary
mkdir -p /usr/share/emissary
mkdir -p /var/lib/emissary
config_get emissary_reconciliation_interval agent 'reconciliation_interval' "60"
config_get emissary_server_url agent 'server_url' "https://emissary.cadol.es"
local config_file="/etc/emissary/agent.yml"
procd_open_instance emissary-agent
procd_set_param env EMISSARY_SERVER_URL="$emissary_server_url" EMISSARY_RECONCILIATION_INTERVAL="$emissary_reconciliation_interval"
procd_set_param command /usr/local/bin/emissary
procd_append_param command --workdir /usr/share/emissary
procd_append_param command --config "$config_file"
procd_append_param command agent run
procd_set_param respawn ${respawn_threshold:-3600} ${respawn_timeout:-5} ${respawn_retry:-5}
procd_set_param file "$config_file"
procd_set_param stdout 1
procd_set_param stderr 1
procd_set_param pidfile /var/run/emissary-agent.pid
procd_close_instance
}
service_triggers()
{
# Reload service (restart) on emissary config changes
procd_add_reload_trigger "emissary"
}

30
files/etc/uci-defaults/99-emissary.sh Normal file
View File

@ -0,0 +1,30 @@
#/bin/sh
set -e
main() {
local default_config="/etc/emissary/default.conf"
if [ ! -f "${default_config}" ]; then
exit 0
fi
source "${default_config}"
if [ ! -z "${EMISSARY_RECONCILIATION_INTERVAL}" ]; then
uci set "emissary.agent.reconciliation_interval=${EMISSARY_RECONCILIATION_INTERVAL}"
fi
if [ ! -z "${EMISSARY_SERVER_URL}" ]; then
uci set "emissary.agent.server_url=${EMISSARY_SERVER_URL}"
fi
# Commit modifications
uci commit
# Delete file
rm -f "${default_config}"
/etc/init.d/emissary-agent enable
}
main

24
files/etc/uci-defaults/99-machine-id.sh Executable file
View File

@ -0,0 +1,24 @@
#/bin/sh
set -e
main() {
local machine_id_file="/etc/machine-id"
if [ -f "$machine_id_file" ]; then
echo "Machine ID already generated. Doing nothing."
exit 0
fi
# Accumulate data to create unique machine id
local mac_addresses=$(cat /sys/class/net/*/address | uniq | sort)
local device_model=$(cat /sys/firmware/devicetree/base/model)
# Ensure destination directory
mkdir -p "$(dirname "$machine_id_file")"
# Generate SHA256 hash of data and save it to $machine_id_file
echo "$mac_adresses $device_model" | sha256sum | cut -d ' ' -f1 > "$machine_id_file"
}
main

29
misc/script/flash.sh Executable file
View File

@ -0,0 +1,29 @@
#!/bin/bash
set -xeo pipefail
ssh-copy-id root@${OPENWRT_DEVICE}
TARGET_ARCH=$(ssh root@${OPENWRT_DEVICE} source /etc/os-release \&\& echo \${OPENWRT_BOARD:-\$LEDE_BOARD})
FIRMWARE_FILE=bin/${OPENWRT_VERSION}/${TARGET_ARCH}/${OPENWRT_PROFILE}/openwrt-*-squashfs-factory.img
FIRMWARE_FILE=${CUSTOM_FIRMWARE_FILE:-$FIRMWARE_FILE}
NOW=$(date +%Y-%m-%d)
BACKUP_FILENAME="backup_${OPENWRT_DEVICE}_${NOW}.tar.gz"
ssh root@${OPENWRT_DEVICE} \
rm -f "/tmp/${BACKUP_FILENAME}" \
\&\& sysupgrade -b "/tmp/${BACKUP_FILENAME}"
mkdir -p tmp/backups
scp "root@${OPENWRT_DEVICE}:/tmp/${BACKUP_FILENAME}" ./tmp/backups/
ssh root@${OPENWRT_DEVICE} \
mkdir -p /tmp/firmwares \
\&\& rm /tmp/firmwares/* \|\| exit 0;
scp $FIRMWARE_FILE root@${OPENWRT_DEVICE}:/tmp/firmwares/
ssh root@${OPENWRT_DEVICE} sysupgrade --force -p -v -n "/tmp/firmwares/$(basename $FIRMWARE_FILE)"

18
misc/script/restore.sh Executable file
View File

@ -0,0 +1,18 @@
#!/bin/bash
set -o pipefail
NOW=$(date +%Y-%m-%d)
BACKUP_DATE=${BACKUP_DATE:-${NOW}}
BACKUP_FILENAME="backup_${OPENWRT_DEVICE}_${NOW}.tar.gz"
printf "%s" "Waiting for ${OPENWRT_DEVICE} ..."
while ! ping -c 1 -n -w 1 ${OPENWRT_DEVICE} &> /dev/null
do
printf "%c" "."
done
printf "\n%s\n" "Server is back online"
scp "./tmp/backups/${BACKUP_FILENAME}" root@${OPENWRT_DEVICE}:/tmp/
ssh root@${OPENWRT_DEVICE} sysupgrade -r "/tmp/${BACKUP_FILENAME}"

3
packages.txt Normal file
View File

@ -0,0 +1,3 @@
luci
openssh-server
openssh-sftp-server

12
targets/linksys-wrtXXXXac.mk Normal file
View File

@ -0,0 +1,12 @@
all: linksys-wrtXXXXac
linksys-wrtXXXXac: linksys-wrt1200ac linksys-wrt1900ac linksys-wrt3200acm
linksys-wrt1200ac:
$(MAKE) OPENWRT_TARGET="mvebu/cortexa9" EMISSARY_ARCH="armv6" OPENWRT_PROFILE="linksys_wrt1200ac" build
linksys-wrt1900ac:
$(MAKE) OPENWRT_TARGET="mvebu/cortexa9" EMISSARY_ARCH="armv6" OPENWRT_PROFILE="linksys_wrt1900ac-v2" build
linksys-wrt3200acm:
$(MAKE) OPENWRT_TARGET="mvebu/cortexa9" EMISSARY_ARCH="armv6" OPENWRT_PROFILE="linksys_wrt3200acm" build

18
targets/x86_generic.mk Normal file
View File

@ -0,0 +1,18 @@
all: x86_generic
x86_generic:
$(MAKE) OPENWRT_TARGET="x86/generic" EMISSARY_ARCH="386" OPENWRT_PROFILE="generic" build
run_x86_generic: bin/$(OPENWRT_VERSION)/x86/generic/generic/openwrt-$(OPENWRT_VERSION)-emissary-*-ext4-combined.img
qemu-system-x86_64 \
-enable-kvm \
-nographic \
-drive file=$(shell ls bin/$(OPENWRT_VERSION)/x86/generic/generic/openwrt-$(OPENWRT_VERSION)-emissary-*-ext4-combined.img),id=d0,if=none \
-device ide-hd,drive=d0,bus=ide.0 \
-netdev bridge,br=virbr0,id=hn0 \
-device e1000,netdev=hn0,id=nic1 \
-netdev user,id=hn1 \
-device e1000,netdev=hn1,id=nic2
bin/$(OPENWRT_VERSION)/x86/generic/generic/openwrt-$(OPENWRT_VERSION)-emissary-*-ext4-combined.img:
gunzip bin/$(OPENWRT_VERSION)/x86/generic/generic/openwrt-$(OPENWRT_VERSION)-emissary-*-ext4-combined.img.gz || exit 0