feat: add turris omnia target

Makefile

@@ -2,13 +2,15 @@ OPENWRT_DEVICE ?= 192.168.1.1
 BACKUP_DATE ?=
 
 GIT_VERSION := $(shell git describe --always)
+DATE_VERSION := $(shell date +%Y.%m.%d)
+FULL_VERSION := v$(DATE_VERSION)-$(GIT_VERSION)
 
 OPENWRT_VERSION ?= 22.03.2
 OPENWRT_TARGET ?= mvebu/cortexa9
 OPENWRT_TARGET_DASHED ?= $(shell echo $(OPENWRT_TARGET) | sed 's|/|-|')
 OPENWRT_PROFILE ?= linksys_wrt1200ac
 OPENWRT_PACKAGES ?= $(shell cat packages.txt)
-EXTRA_IMAGE_NAME ?= emissary-$(GIT_VERSION)
+EXTRA_IMAGE_NAME ?= emissary-$(FULL_VERSION)
 BIN_DIR_NAME_SUFFIX ?= 
 
 IMAGEBUILDER_URL ?= https://downloads.openwrt.org/releases/$(OPENWRT_VERSION)/targets/$(OPENWRT_TARGET)/openwrt-imagebuilder-$(OPENWRT_VERSION)-$(OPENWRT_TARGET_DASHED).Linux-x86_64.tar.xz
@@ -28,6 +30,7 @@ EMISSARY_SERVER_URL ?=
 
 BASE_INSTALL ?= install-emissary-files
 ADDITIONAL_INSTALL ?=
+ADDITIONAL_OPENWRT_PACKAGES ?=
 
 include targets/*.mk
 include install/*.mk
@@ -49,7 +52,7 @@ build: $(IMAGEBUILDER_DIR_PATH) $(IMAGEBUILDER_CUSTOM_PACKAGES_DIR_PATH) $(IMAGE
 		-C "$(IMAGEBUILDER_DIR_PATH)" \
 		EXTRA_IMAGE_NAME="$(EXTRA_IMAGE_NAME)" \
 		PROFILE="$(OPENWRT_PROFILE)" \
-		PACKAGES="$(OPENWRT_PACKAGES)" \
+		PACKAGES="$(OPENWRT_PACKAGES) $(ADDITIONAL_OPENWRT_PACKAGES)" \
 		CONFIG_IPV6=n \
 		FILES="$(IMAGEBUILDER_CUSTOM_FILES_DIR_PATH)" \
 		BIN_DIR="$(BIN_DIR)" \
@@ -103,8 +106,8 @@ gitea-release: tools/gitea-release/bin/gitea-release.sh
 	GITEA_RELEASE_PROJECT="emissary-firmware" \
 		GITEA_RELEASE_ORG="arcad" \
 		GITEA_RELEASE_BASE_URL="https://forge.cadoles.com" \
-		GITEA_RELEASE_VERSION="$(GIT_VERSION)" \
+		GITEA_RELEASE_VERSION="$(FULL_VERSION)" \
-		GITEA_RELEASE_NAME="$(GIT_VERSION)" \
+		GITEA_RELEASE_NAME="$(FULL_VERSION)" \
 		GITEA_RELEASE_COMMITISH_TARGET="$(GIT_VERSION)" \
 		GITEA_RELEASE_IS_DRAFT="false" \
 		GITEA_RELEASE_BODY="" \

files/etc/config/emissary

@@ -1,5 +0,0 @@
-package emissary
-
-config main 'agent'
-    option reconciliation_interval '60'
-    option server_url 'https://emissary.cadol.es'

files/etc/init.d/emissary-agent

@@ -1,35 +0,0 @@
-#!/bin/sh /etc/rc.common
-
-USE_PROCD=1
-START=50
-STOP=50
-
-start_service() {
-  config_load emissary
-
-  mkdir -p /usr/share/emissary
-  mkdir -p /var/lib/emissary
-
-  config_get emissary_reconciliation_interval agent 'reconciliation_interval' "60"
-  config_get emissary_server_url agent 'server_url' "https://emissary.cadol.es"
-
-  local config_file="/etc/emissary/agent.yml"
-  procd_open_instance emissary-agent
-  procd_set_param env EMISSARY_SERVER_URL="$emissary_server_url" EMISSARY_RECONCILIATION_INTERVAL="$emissary_reconciliation_interval"
-  procd_set_param command /usr/local/bin/emissary
-  procd_append_param command --workdir /usr/share/emissary
-  procd_append_param command --config "$config_file"
-  procd_append_param command agent run
-  procd_set_param respawn ${respawn_threshold:-3600} ${respawn_timeout:-5} ${respawn_retry:-5}
-  procd_set_param file "$config_file"
-  procd_set_param stdout 1
-  procd_set_param stderr 1
-  procd_set_param pidfile /var/run/emissary-agent.pid
-  procd_close_instance
-}
-
-service_triggers()
-{
-  # Reload service (restart) on emissary config changes
-  procd_add_reload_trigger "emissary"
-}

files/etc/uci-defaults/99-emissary.sh

@@ -1,30 +0,0 @@
-#/bin/sh
-
-set -e
-
-main() {
-    local default_config="/etc/emissary/default.conf"
-    
-    if [ ! -f "${default_config}" ]; then
-        exit 0
-    fi
-
-    source "${default_config}"
-
-    if [ ! -z "${EMISSARY_RECONCILIATION_INTERVAL}" ]; then
-        uci set "emissary.agent.reconciliation_interval=${EMISSARY_RECONCILIATION_INTERVAL}"
-    fi
-    if [ ! -z "${EMISSARY_SERVER_URL}" ]; then
-        uci set "emissary.agent.server_url=${EMISSARY_SERVER_URL}"
-    fi
-
-    # Commit modifications
-    uci commit
-
-    # Delete file
-    rm -f "${default_config}"
-
-    /etc/init.d/emissary-agent enable
-}
-
-main

install/x86.mk

@@ -2,6 +2,6 @@ install-x86-network-config:
 	mkdir -p files/etc/config
 	cp misc/x86/uci/network files/etc/config/network
 
-install-x86-firewall-rules:
+install-x86-uci-defaults:
 	mkdir -p files/etc/uci-defaults
-	cp misc/x86/uci-defaults/99-x86-firewall-rules.sh files/etc/uci-defaults/99-x86-firewall-rules.sh
+	cp misc/x86/uci-defaults/* files/etc/uci-defaults/

misc/x86/uci-defaults/99-machine-id.sh

@@ -12,13 +12,13 @@ main() {
 
     # Accumulate data to create unique machine id
     local mac_addresses=$(cat /sys/class/net/*/address | uniq | sort)
-    local device_model=$(cat /sys/firmware/devicetree/base/model)
+    local device_uuid=$(dmidecode | grep UUID)
 
     # Ensure destination directory
     mkdir -p "$(dirname "$machine_id_file")"
 
     # Generate SHA256 hash of data and save it to $machine_id_file
-    echo "$mac_adresses $device_model" | sha256sum | cut -d ' ' -f1 > "$machine_id_file"
+    echo "$mac_adresses $device_uuid" | sha256sum | cut -d ' ' -f1 > "$machine_id_file"
 }
 
 main

misc/x86/uci-defaults/99-x86-uci-custom.sh

@@ -3,6 +3,7 @@
 set -e
 
 main() {
+    # Update default firewall ruleset
     uci add firewall rule
     uci set firewall.@rule[-1].name='Allow SSH on WAN'
     uci set firewall.@rule[-1].src='wan'
@@ -25,15 +26,12 @@ main() {
     uci set firewall.@rule[-1].target='ACCEPT'
 
     uci commit firewall
-    service firewall restart
-
-    # Forward DNS queries to public DNS
-    uci -q delete dhcp.@dnsmasq[0].server
-    uci add_list dhcp.@dnsmasq[0].server="8.8.8.8"
-    uci add_list dhcp.@dnsmasq[0].server="8.8.4.4"
     
+    # Disable DNS-rebind protection
+    uci set dhcp.@dnsmasq[0].rebind_protection='0'
     uci commit dhcp
-    service dnsmasq restart
+
+    reload_config
 }
 
 main

targets/generic.mk

@@ -1,14 +1,15 @@
-all: x86_generic
+all: x86-generic
 
-x86_generic:
+x86-generic:
 	$(MAKE) \
-		ADDITIONAL_INSTALL="install-x86-network-config install-x86-firewall-rules" \
+		ADDITIONAL_INSTALL="install-x86-network-config install-x86-uci-defaults" \
+		ADDITIONAL_OPENWRT_PACKAGES="dmidecode" \
 		OPENWRT_TARGET="x86/generic" \
 		EMISSARY_ARCH="386" \
 		OPENWRT_PROFILE="generic" \
 		build
 
-run_x86_generic: bin/$(OPENWRT_VERSION)/x86/generic/generic/openwrt-$(OPENWRT_VERSION)-emissary-*-ext4-combined.img
+run-x86-generic: bin/$(OPENWRT_VERSION)/x86/generic/generic/openwrt-$(OPENWRT_VERSION)-emissary-*-ext4-combined.img
 	qemu-system-x86_64 \
 		-enable-kvm \
 		-nographic \

targets/raspberry-pi.mk

@@ -0,0 +1,17 @@
+all: rpi-4 rpi-3
+
+rpi-4:
+	$(MAKE) \
+		ADDITIONAL_INSTALL="" \
+		OPENWRT_TARGET="bcm27xx/bcm2711" \
+		EMISSARY_ARCH="arm64" \
+		OPENWRT_PROFILE="rpi-4" \
+		build
+
+rpi-3:
+	$(MAKE) \
+		ADDITIONAL_INSTALL="" \
+		OPENWRT_TARGET="bcm27xx/bcm2710" \
+		EMISSARY_ARCH="arm64" \
+		OPENWRT_PROFILE="rpi-3" \
+		build

targets/turris.mk

@@ -0,0 +1,9 @@
+all: omnia
+
+omnia:
+	$(MAKE) \
+		ADDITIONAL_INSTALL="" \
+		OPENWRT_TARGET="mvebu/cortexa9" \
+		EMISSARY_ARCH="arm64" \
+		OPENWRT_PROFILE="cznic_turris-omnia" \
+		build