From 1b692afab60e814479f3b4677b33435825c02e60 Mon Sep 17 00:00:00 2001 From: Martin/Geno Date: Fri, 5 Oct 2018 16:05:58 +0200 Subject: [PATCH] move to vpn04, update + disable ipv4 --- gluon | 2 +- modules | 14 ++++------- site.conf | 72 +++++++++++++++++++------------------------------------ site.mk | 8 +++---- 4 files changed, 34 insertions(+), 62 deletions(-) diff --git a/gluon b/gluon index ecfed19..25e0cb2 160000 --- a/gluon +++ b/gluon @@ -1 +1 @@ -Subproject commit ecfed1939e927425c32678b1f3dbac0ddc028677 +Subproject commit 25e0cb266a4a0b391c69b231c6bf84f73c0507a1 diff --git a/modules b/modules index 423df5c..12e04fd 100644 --- a/modules +++ b/modules @@ -1,16 +1,12 @@ -GLUON_SITE_FEEDS='ffhb ffffmpackages christfopenwrt christfddhcp' +GLUON_SITE_FEEDS='ffhb ffffmpackages ffmgpackages' PACKAGES_FFHB_REPO=git://github.com/FreifunkBremen/ffhb-packages.git PACKAGES_FFHB_COMMIT=e314a51ebbd5e8b6da3ab2744354869b7740913a PACKAGES_FFFFMPACKAGES_REPO=git://github.com/freifunk-ffm/packages.git -PACKAGES_FFFFMPACKAGES_COMMIT=155140775e39933eef4634ca108817401f0437b8 +PACKAGES_FFFFMPACKAGES_COMMIT=9999a19165011c25d9fcb2f14ad668ebf1865b90 PACKAGES_FFFFMPACKAGES_BRANCH=master -PACKAGES_CHRISTFOPENWRT_REPO=https://github.com/christf/packages-2.git -PACKAGES_CHRISTFOPENWRT_COMMIT=195777327886718695351187760abc81c9234cba -PACKAGES_CHRISTFOPENWRT_BRANCH=add_nltrace - -PACKAGES_CHRISTFDDHCP_REPO=https://github.com/christf/gluon-sargon.git -PACKAGES_CHRISTFDDHCP_COMMIT=d81a81af9f593dfd6aa5f7afbdb076c7c144c901 -PACKAGES_CHRISTFDDHCP_BRANCH=bump +PACKAGES_FFMGPACKAGES_REPO=git://github.com/freifunk-ffm/packages-1.git +PACKAGES_FFMGPACKAGES_COMMIT=135478fec65e2218179a5db74797c78de00c6994 +PACKAGES_FFMGPACKAGES_BRANCH=mmfd diff --git a/site.conf b/site.conf index c8578e0..4535a3b 100644 --- a/site.conf +++ b/site.conf @@ -3,16 +3,15 @@ site_code = 'ffhb', domain_seed = '9c689a5be0e7610716aa9952d3c186345bd8d72dfa8950977e255e26ea24d978', - prefix4 = '10.196.0.0/17', prefix6 = '2a06:8782:ffbb:bab1::/64', -- (freifunk wide ip) node_prefix6 = '2a06:8782:ffbb:bab0::/64', -- (freifunk wide inter node ip) node_client_prefix6 = 'fd2f:5119:f2c::/64', -- infrastructure net (ULA) for node-client-ip addresses (node wide ip) - clat_range = 'fd2f:5119:f2c:426::/48', -- infrastructure net (ULA) from which a /96 clat prefix will be generated (for ipv4 - 464xlat). - plat_range = 'fd2f:5119:f2c:624::/48', -- infrastructure net (ULA) from which a /96 plat prefix will be generated (for ipv6 - 464xlat). + clat_range = 'fd2f:5119:f2c:426::/48', -- not needed, just for build + plat_range = 'fd2f:5119:f2c:624::/48', -- not needed, just for build timezone = 'CET-1CEST,M3.5.0,M10.5.0/3', -- Europe/Berlin ntp_servers = { - '5.ntp.bremen.freifunk.net', + '4.ntp.bremen.freifunk.net', }, regdom = 'DE', @@ -44,13 +43,12 @@ 'node.ffhb.de', 'node.bremen.freifunk.net', }, - ip4 = '10.196.0.127', ip6 = '2a06:8782:ffbb:bab1::127', mac = '16:41:95:40:f7:dc', }, dns = { servers = { - '2a06:8782:ffbb:bab0::5', + '2a06:8782:ffbb:bab0::4', }, }, @@ -64,9 +62,27 @@ backbone = { limit = 1, peers = { - vpn05 = { - key = '6cff5957231ca2936aabaa75ae5a7985f4077246b8956273b2ce2da559f344a9', - remotes = {'"vpn05.bremen.freifunk.net" port 50001', '"vpn05.ffhb.de" port 50001'}, + vpn04 = { + key = '6714e89d253d260848abbd3419f6226ef8d76c64a37d300acfc13016bcad6395', + remotes = {'"vpn04.bremen.freifunk.net" port 50001', '"vpn04.ffhb.de" port 50001'}, + }, + }, + }, + }, + }, + wireguard = { + configurable = true, + enabled = true, + groups = { + backbone = { + limit = '1', -- currently unused + peers = { + vpn04 = { + iface = 'wg-mesh-vpn04', + enabled = '1', + PublicKey ='ih0oVlwTSI1TfsKSxDW5hS3i3jaIsuk75Uh8/J3mQxw=', + remote = 'vpn04.bremen.freifunk.net:41000', + broker = 'vpn04.bremen.freifunk.net:40999', }, }, }, @@ -98,44 +114,6 @@ '4bc6c2c3f36f984a9c370558a453d8a91933323679dd6dbbf6568834133a6030', -- autobuilder }, }, - nightly = { - name = 'nightly', - mirrors = { - 'http://downloads.bremen.freifunk.net/firmware/nightly/sysupgrade', - }, - good_signatures = 1, - pubkeys = { - '4bc6c2c3f36f984a9c370558a453d8a91933323679dd6dbbf6568834133a6030', -- autobuilder - }, - }, - testing = { - name = 'testing', - mirrors = { - 'http://downloads.bremen.freifunk.net/firmware/testing/sysupgrade', - }, - good_signatures = 1, - pubkeys = { - 'c3e3f0486664e4ae692fa8d773038eb7347b8ea1cd1cb670b33eff980ad65d62', -- jplitza - '5a83733dec4de52c238548194d85b5ff54a92836f7a5a75579f5ddcf8dd90ee8', -- corny - '99d180f2e3d5b0844ebbe4a4cee2b305e1d35e3112f0ab09f162c988ffc63131', -- SimJoSt - 'd22449306f5e592a5554053714e40101c6a7b053acb715504d68ef82fce9ccbe', -- oliver - 'b3d1fe3851f4c70b1eda7103fd835d56f3a5dc7f057b6730f83d895332a9caa2', -- janeric - }, - }, - stable = { - name = 'stable', - mirrors = { - 'http://downloads.bremen.freifunk.net/firmware/stable/sysupgrade', - }, - good_signatures = 2, - pubkeys = { - 'c3e3f0486664e4ae692fa8d773038eb7347b8ea1cd1cb670b33eff980ad65d62', -- jplitza - '5a83733dec4de52c238548194d85b5ff54a92836f7a5a75579f5ddcf8dd90ee8', -- corny - '99d180f2e3d5b0844ebbe4a4cee2b305e1d35e3112f0ab09f162c988ffc63131', -- SimJoSt - 'd22449306f5e592a5554053714e40101c6a7b053acb715504d68ef82fce9ccbe', -- oliver - 'b3d1fe3851f4c70b1eda7103fd835d56f3a5dc7f057b6730f83d895332a9caa2', -- janeric - }, - }, }, }, diff --git a/site.mk b/site.mk index 8400c7a..c744316 100755 --- a/site.mk +++ b/site.mk @@ -13,10 +13,12 @@ GLUON_SITE_PACKAGES := \ gluon-web-admin \ gluon-web-autoupdater \ gluon-web-mesh-vpn-fastd \ + gluon-web-mesh-vpn-wireguard \ gluon-web-network \ gluon-web-private-wifi \ gluon-web-wifi-config \ gluon-mesh-vpn-fastd \ + gluon-mesh-vpn-wireguard \ gluon-client-bridge \ gluon-radvd \ gluon-setup-mode \ @@ -26,11 +28,7 @@ GLUON_SITE_PACKAGES := \ iwinfo \ iptables \ gluon-iptables-clamp-mss-to-pmtu \ - kmod-nat46 \ - babeldev \ - ddhcpd \ - gluon-ddhcpd -# gluon-xlat464-clat # route back from jool to clients does not exist, (ipv4)-tcp connections break with this package when roaming + babeldev # Allow overriding the these variables from the command line GLUON_RELEASE ?= $(patsubst v%,%,$(shell git -C $(GLUON_SITEDIR) describe --tags --dirty=+))