feat: differentiate machine-id generation in x86 target

Makefile

@@ -30,6 +30,7 @@ EMISSARY_SERVER_URL ?=
 
 BASE_INSTALL ?= install-emissary-files
 ADDITIONAL_INSTALL ?=
+ADDITIONAL_OPENWRT_PACKAGES ?=
 
 include targets/*.mk
 include install/*.mk
@@ -51,7 +52,7 @@ build: $(IMAGEBUILDER_DIR_PATH) $(IMAGEBUILDER_CUSTOM_PACKAGES_DIR_PATH) $(IMAGE
 		-C "$(IMAGEBUILDER_DIR_PATH)" \
 		EXTRA_IMAGE_NAME="$(EXTRA_IMAGE_NAME)" \
 		PROFILE="$(OPENWRT_PROFILE)" \
-		PACKAGES="$(OPENWRT_PACKAGES)" \
+		PACKAGES="$(OPENWRT_PACKAGES) $(ADDITIONAL_OPENWRT_PACKAGES)" \
 		CONFIG_IPV6=n \
 		FILES="$(IMAGEBUILDER_CUSTOM_FILES_DIR_PATH)" \
 		BIN_DIR="$(BIN_DIR)" \

install/x86.mk

@@ -2,6 +2,6 @@ install-x86-network-config:
 	mkdir -p files/etc/config
 	cp misc/x86/uci/network files/etc/config/network
 
-install-x86-firewall-rules:
+install-x86-uci-defaults:
 	mkdir -p files/etc/uci-defaults
-	cp misc/x86/uci-defaults/99-x86-firewall-rules.sh files/etc/uci-defaults/99-x86-firewall-rules.sh
+	cp misc/x86/uci-defaults/* files/etc/uci-defaults/

misc/emissary/uci-defaults/99-machine-id.sh

@@ -12,13 +12,13 @@ main() {
 
     # Accumulate data to create unique machine id
     local mac_addresses=$(cat /sys/class/net/*/address | uniq | sort)
-    local device_uuid=$(dmidecode | grep UUID)
+    local device_model=$(cat /sys/firmware/devicetree/base/model)
 
     # Ensure destination directory
     mkdir -p "$(dirname "$machine_id_file")"
 
     # Generate SHA256 hash of data and save it to $machine_id_file
-    echo "$mac_adresses $device_uuid" | sha256sum | cut -d ' ' -f1 > "$machine_id_file"
+    echo "$mac_adresses $device_model" | sha256sum | cut -d ' ' -f1 > "$machine_id_file"
 }
 
 main

misc/x86/uci-defaults/99-machine-id.sh

@@ -0,0 +1,24 @@
+#/bin/sh
+
+set -e
+
+main() {
+    local machine_id_file="/etc/machine-id"
+
+    if [ -f "$machine_id_file" ]; then
+        echo "Machine ID already generated. Doing nothing."
+        exit 0
+    fi
+
+    # Accumulate data to create unique machine id
+    local mac_addresses=$(cat /sys/class/net/*/address | uniq | sort)
+    local device_uuid=$(dmidecode | grep UUID)
+
+    # Ensure destination directory
+    mkdir -p "$(dirname "$machine_id_file")"
+
+    # Generate SHA256 hash of data and save it to $machine_id_file
+    echo "$mac_adresses $device_uuid" | sha256sum | cut -d ' ' -f1 > "$machine_id_file"
+}
+
+main

misc/x86/uci-defaults/99-x86-uci-custom.sh

@@ -3,6 +3,7 @@
 set -e
 
 main() {
+    # Update default firewall ruleset
     uci add firewall rule
     uci set firewall.@rule[-1].name='Allow SSH on WAN'
     uci set firewall.@rule[-1].src='wan'
@@ -25,15 +26,12 @@ main() {
     uci set firewall.@rule[-1].target='ACCEPT'
 
     uci commit firewall
-    service firewall restart
-
-    # Forward DNS queries to public DNS
-    ( uci -q delete dhcp.@dnsmasq[0].server || exit 0 )
-    uci add_list dhcp.@dnsmasq[0].server="8.8.8.8"
-    uci add_list dhcp.@dnsmasq[0].server="8.8.4.4"
     
+    # Disable DNS-rebind protection
+    uci set dhcp.@dnsmasq[0].rebind_protection='0'
     uci commit dhcp
-    service dnsmasq restart
+
+    reload_config
 }
 
 main

packages.txt

@@ -1,4 +1,3 @@
 luci 
 openssh-server
 openssh-sftp-server
-dmidecode

targets/generic.mk

@@ -2,7 +2,8 @@ all: x86-generic
 
 x86-generic:
 	$(MAKE) \
-		ADDITIONAL_INSTALL="install-x86-network-config install-x86-firewall-rules" \
+		ADDITIONAL_INSTALL="install-x86-network-config install-x86-uci-defaults" \
+		ADDITIONAL_OPENWRT_PACKAGES="dmidecode" \
 		OPENWRT_TARGET="x86/generic" \
 		EMISSARY_ARCH="386" \
 		OPENWRT_PROFILE="generic" \