aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorficus <ficus@robocracy.org>2012-09-23 04:22:14 +0200
committerficus <ficus@robocracy.org>2012-09-23 04:22:14 +0200
commitb1aec80110e822d835f6c97a2320b7dfc5fba039 (patch)
tree3f88cf6ec6a8e2836c91705baf2bfc31ab51d0dd
parente2973e8ea5c57bfa6ed41293e0250c68d29cfed9 (diff)
downloadtorouter-b1aec80110e822d835f6c97a2320b7dfc5fba039.zip
torouter-b1aec80110e822d835f6c97a2320b7dfc5fba039.tar.gz
possibly functional image builder
-rw-r--r--NOTES17
-rw-r--r--TODO1
l---------configs1
-rw-r--r--freedom-maker/TODO25
-rwxr-xr-xfreedom-maker/bin/finalize6
-rw-r--r--freedom-maker/bin/install.sh (renamed from freedom-maker/source/install.sh)10
-rwxr-xr-xfreedom-maker/bin/projects33
-rwxr-xr-xfreedom-maker/bin/projects-chroot1
-rwxr-xr-xfreedom-maker/buildrootfs.sh8
-rw-r--r--packages/Makefile2
-rw-r--r--packages/torouter-prep/Makefile3
-rw-r--r--packages/torouter-prep/configs/apt-preferences.d-backports3
-rw-r--r--packages/torouter-prep/configs/apt.conf1
-rw-r--r--packages/torouter-prep/configs/etc/apt/sources.list2
-rw-r--r--packages/torouter-prep/configs/etc/default/openntpd (renamed from packages/torouter-prep/configs/openntpd-default)0
-rwxr-xr-xpackages/torouter-prep/configs/etc/default/ttdnsd (renamed from packages/torouter-prep/configs/ttdnsd-default)0
-rw-r--r--packages/torouter-prep/configs/etc/dhcp/dhcpd.conf32
-rw-r--r--packages/torouter-prep/configs/etc/dnsmasq.conf (renamed from packages/torouter-prep/configs/dnsmasq.conf)0
-rw-r--r--packages/torouter-prep/configs/etc/fstab6
-rw-r--r--packages/torouter-prep/configs/etc/hostname (renamed from packages/torouter-prep/configs/hostname)0
-rw-r--r--packages/torouter-prep/configs/etc/hosts7
-rwxr-xr-xpackages/torouter-prep/configs/etc/init.d/first-run71
-rwxr-xr-xpackages/torouter-prep/configs/etc/init.d/proxy61
-rw-r--r--packages/torouter-prep/configs/etc/inittab (renamed from packages/torouter-prep/configs/inittab)0
-rw-r--r--packages/torouter-prep/configs/etc/modprobe.d/blacklist.conf (renamed from packages/torouter-prep/configs/modprobe.d-blacklist.conf)4
-rw-r--r--packages/torouter-prep/configs/etc/mtab0
-rw-r--r--packages/torouter-prep/configs/etc/network/interfaces (renamed from packages/torouter-prep/configs/interfaces)2
-rw-r--r--packages/torouter-prep/configs/etc/ntp.conf (renamed from packages/torouter-prep/configs/ntp.conf)0
-rw-r--r--packages/torouter-prep/configs/etc/openvpn/client.conf0
-rw-r--r--packages/torouter-prep/configs/etc/openvpn/static.key0
l---------packages/torouter-prep/configs/etc/rc1.d/S01first-run1
l---------packages/torouter-prep/configs/etc/rc2.d/S01first-run1
l---------packages/torouter-prep/configs/etc/rc2.d/S50proxy1
-rw-r--r--packages/torouter-prep/configs/etc/resolv.conf2
-rw-r--r--packages/torouter-prep/configs/etc/ssh/sshd_config/sshd_config (renamed from packages/torouter-prep/configs/sshd_config)0
-rw-r--r--packages/torouter-prep/configs/etc/sysctl.conf5
-rw-r--r--packages/torouter-prep/configs/etc/tor/torrc (renamed from packages/torouter-prep/configs/torrc)0
-rw-r--r--packages/torouter-prep/configs/etc/udev/rules.d/75-persistent-net-generator.rules0
-rw-r--r--packages/torouter-prep/configs/fstab2
-rw-r--r--packages/torouter-prep/configs/hosts1
-rw-r--r--packages/torouter-prep/configs/sbin/copy2dream47
-rw-r--r--packages/torouter-prep/configs/sources.list29
-rw-r--r--packages/torouter-prep/configs/tmp/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.apt-keybin0 -> 3742 bytes
-rw-r--r--packages/torouter-prep/debian/changelog2
-rw-r--r--packages/torouter-prep/debian/files2
-rwxr-xr-x[-rw-r--r--]packages/torouter-prep/src/torouter_config.sh30
-rwxr-xr-x[-rw-r--r--]packages/torouter-prep/src/torouter_takeover.sh0
47 files changed, 280 insertions, 139 deletions
diff --git a/NOTES b/NOTES
index 19ce4b8..fe696f1 100644
--- a/NOTES
+++ b/NOTES
@@ -1,21 +1,20 @@
system config files should live here in ./config
system config scripts should live here in ./scripts
- torouter-takeover
+ torouter_takeover.sh
add torproject keys (prompt?)
setup sources.list
apt-get update
install dependancies like tor and torouterui
run torouter_preboot.sh
- torouter-preboot
+ new ssh keys?
+ torouter_preboot.sh
check that dependancies are installed (tor, torouterui, etc) or fail
- copy/install all configuration files
- install
- create users and groups
+ copy/install configuration files
remove/disable unwanted packages
- setup firstboot
- torouter-firstboot (just generates ssh keys; could be done elsewhere?)
- torouter-copy2internal (TODO)
- torouter-setupuboot (TODO)
+ stop libertas module from loading
+ create users and groups
+ torouter_copy2internal.sh (TODO)
+ torouter_setupuboot.sh (TODO)
torouter-prep contains all the above files
diff --git a/TODO b/TODO
index 21dc926..dfc2bda 100644
--- a/TODO
+++ b/TODO
@@ -1,3 +1,4 @@
- fix signing key for torrouter.torproject.org (should have a keyring .deb)
- re-enable source builds in install.sh
- random apt-get segfault issue
+- add crontab package
diff --git a/configs b/configs
new file mode 120000
index 0000000..50b409d
--- /dev/null
+++ b/configs
@@ -0,0 +1 @@
+packages/torouter-prep/configs \ No newline at end of file
diff --git a/freedom-maker/TODO b/freedom-maker/TODO
deleted file mode 100644
index 184aca5..0000000
--- a/freedom-maker/TODO
+++ /dev/null
@@ -1,25 +0,0 @@
-- [ ] initial boot configuration improvements, as there are a few
- things we really do want to defer to first boot, or at least make it
- trivial to fix up per-system
-
- - [X] ssh host keys
- - [ ] root password
-- [ ] add Sheeva as a build target
-- [X] add x86 virtualized as a build target (use vmdebootstrap?)
-- [ ] investigate and integrate software components that looks interesting
- - channel-server, the buddycloud channels service for XMPP
- - babeld, loop-free distance-vector routing protocol
- - tahoe-lafs, secure distributed filesystem
-- [ ] virtualbox should build with dreamplug configuration
-
-*** stuff to do for first feature release ***
-
- - [ ] pre-configured user interface
- - [X] DHCP and HTTP servers on eth0 and/or eth1
- - [ ] plinth-based initial config interface
-
- - [ ] freedom buddy installed
- - [ ] openvpn server setup
- - [ ] the privoxy fork configured as a transparent proxy
- - [ ] plinth configured to at display these config details and to
- control whatever is feasible
diff --git a/freedom-maker/bin/finalize b/freedom-maker/bin/finalize
index a6cb7da..a530380 100755
--- a/freedom-maker/bin/finalize
+++ b/freedom-maker/bin/finalize
@@ -49,6 +49,10 @@ echo $hostname > $target/etc/hostname
chown root:root $target/sbin/copy2dream
chmod 744 $target/sbin/copy2dream
+# copy over install script
+cp bin/install.sh $target/
+chmod 744 $target/install.sh
+
# prepare chroot package finalization
cp bin/packages-chroot $target/
@@ -57,8 +61,6 @@ chmod 755 $target/install.sh
cp /usr/bin/qemu-arm-static $target/usr/bin
echo "Running install script from source/install.sh"
chroot $target /install.sh
-echo "Running install script from bin/projects-chroot"
-chroot $target /packages-chroot
# clean up.
rm "${target}/packages-chroot"
diff --git a/freedom-maker/source/install.sh b/freedom-maker/bin/install.sh
index fc13d2b..01b063b 100644
--- a/freedom-maker/source/install.sh
+++ b/freedom-maker/bin/install.sh
@@ -25,6 +25,13 @@ cut -f 1 < /tmp/selections | cut -d ':' -f 1 > /tmp/packages
# sshd may be left running by the postinst, clean that up
/etc/init.d/ssh stop
+echo "Running install script from bin/projects-chroot"
+/packages-chroot
+
+# torouter setup
+echo "Running torouter_preboot.sh..."
+/usr/bin/torouter_preboot.sh
+
# process installed kernel to create uImage, uInitrd, dtb
# using flash-kernel would be a good approach, except it fails in the cross
# build environment due to too many environment checks...
@@ -36,6 +43,7 @@ cut -f 1 < /tmp/selections | cut -d ':' -f 1 > /tmp/packages
# emulated chroot environment, which means our root= on the kernel command
# line is completely ignored! repack the initrd to remove this evil...
+echo "Mangling kernel..."
mkdir /tmp/initrd-repack
(cd /tmp/initrd-repack ; \
zcat /boot/initrd.img-3.2.0-3-kirkwood | cpio -i ; \
@@ -59,7 +67,7 @@ echo "Set root password to "$rootpassword
echo root:$rootpassword | /usr/sbin/chpasswd
# Create a default user
-echo "Creating fbx user, password: $userpassword"
+echo "Creating $user user, password: $userpassword"
useradd $user
echo $user:$userpassword | /usr/sbin/chpasswd
diff --git a/freedom-maker/bin/projects b/freedom-maker/bin/projects
deleted file mode 100755
index 2b5ed3c..0000000
--- a/freedom-maker/bin/projects
+++ /dev/null
@@ -1,33 +0,0 @@
-#! /bin/bash
-#
-# Copyright 2012 by Nick Daly <nick.m.daly@gmail.com>
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see <http://www.gnu.org/licenses/>.
-#
-
-# projects
-#
-# Installs external projects to the system.
-
-# We don't tolerate errors.
-set -e
-
-
-echo "Adding a few FreedomBox projects to the image."
-
-git clone git://github.com/NickDaly/Plinth.git $homedir/plinth
-git clone git://github.com/jvasile/freedombox-privoxy $homedir/freedombox-privoxy
-git clone git://github.com/jvasile/withsqlite.git $homedir/withsqlite
-# hg clone https://hg@bitbucket.org/nickdaly/plugserver $homedir/plugserver
-chown -R 1000:1000 $homedir
diff --git a/freedom-maker/bin/projects-chroot b/freedom-maker/bin/projects-chroot
deleted file mode 100755
index 50d4884..0000000
--- a/freedom-maker/bin/projects-chroot
+++ /dev/null
@@ -1 +0,0 @@
-#! /bin/sh
diff --git a/freedom-maker/buildrootfs.sh b/freedom-maker/buildrootfs.sh
index 856f49f..10ba598 100755
--- a/freedom-maker/buildrootfs.sh
+++ b/freedom-maker/buildrootfs.sh
@@ -104,14 +104,6 @@ rsync -av $source/ $target
# add extra packages to the image
bin/packages
-# torouter!
-echo "Explicitly copying some torouter files..."
-# TODO: these should be redundant
-# Override the above stuff - we know better
-cp ../packages/torouter-prep/configs/interfaces $target/etc/network/interfaces
-# Stop the libertas module from loading
-cp ../packages/torouter-prep/configs/modprobe.d-blacklist.conf $target/etc/modprobe.d/blacklist.conf
-
# cleanup and finalize the image so it boots correctly.
echo "Finalizing..."
bin/finalize
diff --git a/packages/Makefile b/packages/Makefile
index 3fff908..875f65f 100644
--- a/packages/Makefile
+++ b/packages/Makefile
@@ -2,7 +2,7 @@ debs: webdeb prepdeb mvdebs
webdeb:
# By default we will but not sign for now
- cd torouter-web && debuild --no-tgz-check -us -uc
+ #cd torouter-web && debuild --no-tgz-check -us -uc
prepdeb:
# By default we will but not sign for now
diff --git a/packages/torouter-prep/Makefile b/packages/torouter-prep/Makefile
index 8fbf692..be5548f 100644
--- a/packages/torouter-prep/Makefile
+++ b/packages/torouter-prep/Makefile
@@ -5,9 +5,10 @@ build:
install:
install -o root -g root -m 750 src/torouter_config.sh $(DESTDIR)/usr/bin
+ install -o root -g root -m 750 src/torouter_preboot.sh $(DESTDIR)/usr/bin
install -o root -g root -m 750 src/torouter_takeover.sh $(DESTDIR)/usr/bin
mkdir -p $(DESTDIR)/usr/share/torouter-prep
- cp -ar configs $(DESTDIR)/usr/share/torouter-prep/example-configs/
+ cp -ar configs/ $(DESTDIR)/usr/share/torouter-prep/example-configs/
clean:
echo "nothing to clean"
diff --git a/packages/torouter-prep/configs/apt-preferences.d-backports b/packages/torouter-prep/configs/apt-preferences.d-backports
deleted file mode 100644
index 8e9275b..0000000
--- a/packages/torouter-prep/configs/apt-preferences.d-backports
+++ /dev/null
@@ -1,3 +0,0 @@
-Package: *
-Pin: release a=squeeze-backports
-Pin-Priority: 200
diff --git a/packages/torouter-prep/configs/apt.conf b/packages/torouter-prep/configs/apt.conf
deleted file mode 100644
index 4143a94..0000000
--- a/packages/torouter-prep/configs/apt.conf
+++ /dev/null
@@ -1 +0,0 @@
-APT::Default-Release "stable";
diff --git a/packages/torouter-prep/configs/etc/apt/sources.list b/packages/torouter-prep/configs/etc/apt/sources.list
new file mode 100644
index 0000000..c06710c
--- /dev/null
+++ b/packages/torouter-prep/configs/etc/apt/sources.list
@@ -0,0 +1,2 @@
+deb http://http.debian.net/debian wheezy main
+deb-src http://http.debian.net/debian wheezy main
diff --git a/packages/torouter-prep/configs/openntpd-default b/packages/torouter-prep/configs/etc/default/openntpd
index 318e7bd..318e7bd 100644
--- a/packages/torouter-prep/configs/openntpd-default
+++ b/packages/torouter-prep/configs/etc/default/openntpd
diff --git a/packages/torouter-prep/configs/ttdnsd-default b/packages/torouter-prep/configs/etc/default/ttdnsd
index 0a22bc4..0a22bc4 100755
--- a/packages/torouter-prep/configs/ttdnsd-default
+++ b/packages/torouter-prep/configs/etc/default/ttdnsd
diff --git a/packages/torouter-prep/configs/etc/dhcp/dhcpd.conf b/packages/torouter-prep/configs/etc/dhcp/dhcpd.conf
new file mode 100644
index 0000000..ec502c6
--- /dev/null
+++ b/packages/torouter-prep/configs/etc/dhcp/dhcpd.conf
@@ -0,0 +1,32 @@
+#
+# FreedomBox ISC dhcpd configuration
+#
+#
+
+# The ddns-updates-style parameter controls whether or not the server will
+# attempt to do a DNS update when a lease is confirmed. We default to the
+# behavior of the version 2 packages ('none', since DHCP v2 didn't
+# have support for DDNS.)
+ddns-update-style none;
+
+# option definitions common to all supported networks...
+option domain-name "free.dom";
+option domain-name-servers ns1.free.dom, ns2.free.dom;
+
+default-lease-time 600;
+max-lease-time 7200;
+
+# If this DHCP server is the official DHCP server for the local
+# network, the authoritative directive should be uncommented.
+authoritative;
+
+# Use this to send dhcp log messages to a different log file (you also
+# have to hack syslog.conf to complete the redirection).
+log-facility local7;
+
+# basic subnet configuration for the 'downstream' wired network
+
+subnet 192.168.1.0 netmask 255.255.255.0 {
+ range 192.168.1.10 192.168.1.100;
+ option routers 192.168.1.1;
+}
diff --git a/packages/torouter-prep/configs/dnsmasq.conf b/packages/torouter-prep/configs/etc/dnsmasq.conf
index 2711486..2711486 100644
--- a/packages/torouter-prep/configs/dnsmasq.conf
+++ b/packages/torouter-prep/configs/etc/dnsmasq.conf
diff --git a/packages/torouter-prep/configs/etc/fstab b/packages/torouter-prep/configs/etc/fstab
new file mode 100644
index 0000000..7c48827
--- /dev/null
+++ b/packages/torouter-prep/configs/etc/fstab
@@ -0,0 +1,6 @@
+/dev/sdc2 / auto relatime,rw 0 0
+proc /proc proc none 0 0
+sys /sys sysfs none 0 0
+none /dev/pts devpts defaults 0 0
+tmpfs /tmp tmpfs rw,nosuid,nodev 0 0
+/dev/sdc1 /boot vfat defaults 0 0
diff --git a/packages/torouter-prep/configs/hostname b/packages/torouter-prep/configs/etc/hostname
index a4a2962..a4a2962 100644
--- a/packages/torouter-prep/configs/hostname
+++ b/packages/torouter-prep/configs/etc/hostname
diff --git a/packages/torouter-prep/configs/etc/hosts b/packages/torouter-prep/configs/etc/hosts
new file mode 100644
index 0000000..42dbc33
--- /dev/null
+++ b/packages/torouter-prep/configs/etc/hosts
@@ -0,0 +1,7 @@
+127.0.0.1 localhost torouter
+::1 localhost ip6-localhost ip6-loopback
+fe00::0 ip6-localnet
+ff00::0 ip6-mcastprefix
+ff02::1 ip6-allnodes
+ff02::2 ip6-allrouters
+
diff --git a/packages/torouter-prep/configs/etc/init.d/first-run b/packages/torouter-prep/configs/etc/init.d/first-run
new file mode 100755
index 0000000..8df2c2d
--- /dev/null
+++ b/packages/torouter-prep/configs/etc/init.d/first-run
@@ -0,0 +1,71 @@
+#!/bin/bash
+#
+# Script to complete the post-install process on first FBX boot.
+
+### BEGIN INIT INFO
+# Provides: first-run
+# Default-Start: 1 2
+# Required-Start: 2
+# Required-Stop:
+# Default-Stop:
+# Short-Description: Finish FBX install on DreamPlug
+### END INIT INFO
+
+function tweak-kernel {
+ # Update the kernel unless requested otherwise.
+
+ if [ -e /var/freedombox/dont-tweak-kernel ]
+ then
+ rm /var/freedombox/dont-tweak-kernel
+ else
+ kernel_version="$(/bin/ls $mountpoint/boot/vmlinuz-*-kirkwood | sort -rn | head -n1 | sed s#$mountpoint/boot/vmlinuz-##)"
+
+ mount -t proc proc /proc
+ flash-kernel $kernel_version
+ umount /proc
+ fi
+}
+
+function wifi-ap-setup {
+ # configure wireless access point with spinifex's prebuilt firmware
+
+ echo "Sleeping 30s for DHCP"
+ sleep 30 # wait for dhcp
+
+ echo "Installing UAP Firmware."
+ wget -O /tmp/marvell_wifi_firmware.tar.gz http://www.spinifex.com.au/plugs/downloads/dreamplug/marvell_wifi_firmware.tar.gz
+ tar -C /tmp -zxf /tmp/marvell_wifi_firmware.tar.gz
+ mkdir -p /lib/firmware/mrvl
+ cp /tmp/lib/firmware/mrvl/* /lib/firmware/mrvl
+}
+
+function create-keys {
+ echo "Creating Keys."
+
+ echo "Creating SSH keys."
+ rm /etc/ssh/ssh_host_*
+ dpkg-reconfigure openssh-server
+
+ echo "Need to create other keys."
+ # gpg --batch --gen-key
+ # see http://lists.gnupg.org/pipermail/gnupg-users/2003-March/017376.html
+}
+
+function remove-self {
+ rm -f /etc/init.d/first-run
+ rm -f /etc/rc1.d/S01first-run
+ rm -f /etc/rc2.d/S01first-run
+ rm /etc/init.d/first-run
+ rm /etc/rc1.d/S01first-run
+ rm /etc/rc2.d/S01first-run
+}
+
+create-keys
+# wifi-ap-setup
+
+# the last things we do before quitting.
+tweak-kernel
+remove-self
+
+echo "Kernel flashed. Rebooting."
+reboot
diff --git a/packages/torouter-prep/configs/etc/init.d/proxy b/packages/torouter-prep/configs/etc/init.d/proxy
new file mode 100755
index 0000000..901507b
--- /dev/null
+++ b/packages/torouter-prep/configs/etc/init.d/proxy
@@ -0,0 +1,61 @@
+#! /bin/sh
+
+### BEGIN INIT INFO
+# Provides: proxy
+# Required-Start: $network $remote_fs $syslog
+# Required-Stop: $remote_fs $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Proxy for clients.
+### END INIT INFO
+
+set -e
+
+INTIF1="eth0"
+INTIF2="uap0"
+EXTIF="eth1"
+EXTIP="`/sbin/ifconfig $EXTIF | grep 'inet addr' | awk '{print $2}' | sed -e 's/.*://'`"
+
+loadModules() {
+ depmod -a
+ modprobe ip_tables
+ modprobe ip_conntrack
+ modprobe ip_conntrack_ftp
+ modprobe ip_conntrack_irc
+ modprobe iptable_nat
+ modprobe ip_nat_ftp
+}
+
+setProc() {
+ echo "1" > /proc/sys/net/ipv4/ip_forward
+ echo "1" > /proc/sys/net/ipv4/ip_dynaddr
+}
+
+configIpTables() {
+ iptables -P INPUT ACCEPT
+ iptables -F INPUT
+ iptables -P OUTPUT ACCEPT
+ iptables -F OUTPUT
+ iptables -P FORWARD DROP
+ iptables -F FORWARD
+ iptables -t nat -F
+
+ iptables -A FORWARD -i $EXTIF -o $INTIF1 -m state --state ESTABLISHED,RELATED -j ACCEPT
+ iptables -A FORWARD -i $EXTIF -o $INTIF2 -m state --state ESTABLISHED,RELATED -j ACCEPT
+ iptables -A FORWARD -i $INTIF1 -o $EXTIF -j ACCEPT
+ iptables -A FORWARD -i $INTIF2 -o $EXTIF -j ACCEPT
+
+ iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE
+}
+
+case "$1" in
+ start)
+ loadModules
+ setProc
+ configIpTables
+ ;;
+ *)
+ log_success_msg "Usage: /etc/init.d/proxy {start}"
+ exit 1
+ ;;
+esac
diff --git a/packages/torouter-prep/configs/inittab b/packages/torouter-prep/configs/etc/inittab
index 98dca83..98dca83 100644
--- a/packages/torouter-prep/configs/inittab
+++ b/packages/torouter-prep/configs/etc/inittab
diff --git a/packages/torouter-prep/configs/modprobe.d-blacklist.conf b/packages/torouter-prep/configs/etc/modprobe.d/blacklist.conf
index e14a9d0..dfb7967 100644
--- a/packages/torouter-prep/configs/modprobe.d-blacklist.conf
+++ b/packages/torouter-prep/configs/etc/modprobe.d/blacklist.conf
@@ -24,7 +24,3 @@ blacklist iTCO_wdt
# We do not need or want ipv6 right now
blacklist ipv6
-
-# This wireless driver does not give us AP support, sadly
-blacklist libertas
-blacklist libertas_sdio
diff --git a/packages/torouter-prep/configs/etc/mtab b/packages/torouter-prep/configs/etc/mtab
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/packages/torouter-prep/configs/etc/mtab
diff --git a/packages/torouter-prep/configs/interfaces b/packages/torouter-prep/configs/etc/network/interfaces
index fdc8765..255075f 100644
--- a/packages/torouter-prep/configs/interfaces
+++ b/packages/torouter-prep/configs/etc/network/interfaces
@@ -7,7 +7,7 @@ iface lo inet loopback
# The primary network interface
auto eth0
-iface eth0 inet dhcp
+iface eth0 inet manual
post-up ifup uap0
post-down ifdown uap0
diff --git a/packages/torouter-prep/configs/ntp.conf b/packages/torouter-prep/configs/etc/ntp.conf
index cb7d021..cb7d021 100644
--- a/packages/torouter-prep/configs/ntp.conf
+++ b/packages/torouter-prep/configs/etc/ntp.conf
diff --git a/packages/torouter-prep/configs/etc/openvpn/client.conf b/packages/torouter-prep/configs/etc/openvpn/client.conf
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/packages/torouter-prep/configs/etc/openvpn/client.conf
diff --git a/packages/torouter-prep/configs/etc/openvpn/static.key b/packages/torouter-prep/configs/etc/openvpn/static.key
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/packages/torouter-prep/configs/etc/openvpn/static.key
diff --git a/packages/torouter-prep/configs/etc/rc1.d/S01first-run b/packages/torouter-prep/configs/etc/rc1.d/S01first-run
new file mode 120000
index 0000000..e24a808
--- /dev/null
+++ b/packages/torouter-prep/configs/etc/rc1.d/S01first-run
@@ -0,0 +1 @@
+../init.d/first-run \ No newline at end of file
diff --git a/packages/torouter-prep/configs/etc/rc2.d/S01first-run b/packages/torouter-prep/configs/etc/rc2.d/S01first-run
new file mode 120000
index 0000000..e24a808
--- /dev/null
+++ b/packages/torouter-prep/configs/etc/rc2.d/S01first-run
@@ -0,0 +1 @@
+../init.d/first-run \ No newline at end of file
diff --git a/packages/torouter-prep/configs/etc/rc2.d/S50proxy b/packages/torouter-prep/configs/etc/rc2.d/S50proxy
new file mode 120000
index 0000000..9855df4
--- /dev/null
+++ b/packages/torouter-prep/configs/etc/rc2.d/S50proxy
@@ -0,0 +1 @@
+../init.d/proxy \ No newline at end of file
diff --git a/packages/torouter-prep/configs/etc/resolv.conf b/packages/torouter-prep/configs/etc/resolv.conf
new file mode 100644
index 0000000..af9304d
--- /dev/null
+++ b/packages/torouter-prep/configs/etc/resolv.conf
@@ -0,0 +1,2 @@
+nameserver 208.67.222.222
+nameserver 208.67.220.220
diff --git a/packages/torouter-prep/configs/sshd_config b/packages/torouter-prep/configs/etc/ssh/sshd_config/sshd_config
index d079ac0..d079ac0 100644
--- a/packages/torouter-prep/configs/sshd_config
+++ b/packages/torouter-prep/configs/etc/ssh/sshd_config/sshd_config
diff --git a/packages/torouter-prep/configs/etc/sysctl.conf b/packages/torouter-prep/configs/etc/sysctl.conf
new file mode 100644
index 0000000..916e972
--- /dev/null
+++ b/packages/torouter-prep/configs/etc/sysctl.conf
@@ -0,0 +1,5 @@
+# Reduce writes to flash drives
+vm.laptop_mode=5
+vm.swappiness=0
+vm.dirty_writeback_centisecs=1500
+vm.dirty_expire_centisecs=1500
diff --git a/packages/torouter-prep/configs/torrc b/packages/torouter-prep/configs/etc/tor/torrc
index 5023d57..5023d57 100644
--- a/packages/torouter-prep/configs/torrc
+++ b/packages/torouter-prep/configs/etc/tor/torrc
diff --git a/packages/torouter-prep/configs/etc/udev/rules.d/75-persistent-net-generator.rules b/packages/torouter-prep/configs/etc/udev/rules.d/75-persistent-net-generator.rules
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/packages/torouter-prep/configs/etc/udev/rules.d/75-persistent-net-generator.rules
diff --git a/packages/torouter-prep/configs/fstab b/packages/torouter-prep/configs/fstab
deleted file mode 100644
index 292e521..0000000
--- a/packages/torouter-prep/configs/fstab
+++ /dev/null
@@ -1,2 +0,0 @@
-# This is the weird boot partition (hopefully ext2/3/4 later)
-/dev/sda1 /boot vfat nodev,noexec,nosuid 0 0
diff --git a/packages/torouter-prep/configs/hosts b/packages/torouter-prep/configs/hosts
deleted file mode 100644
index 9a3311b..0000000
--- a/packages/torouter-prep/configs/hosts
+++ /dev/null
@@ -1 +0,0 @@
- 127.0.0.1 localhost torouter
diff --git a/packages/torouter-prep/configs/sbin/copy2dream b/packages/torouter-prep/configs/sbin/copy2dream
new file mode 100644
index 0000000..267c2b6
--- /dev/null
+++ b/packages/torouter-prep/configs/sbin/copy2dream
@@ -0,0 +1,47 @@
+#!/bin/sh
+#
+# this script assumes the current root filesystem is the source, and the
+# internal microSD on a DreamPlug is the target .. all existing content on
+# the microSD card will be lost.
+#
+
+# partition microSD card inside DreamPlug
+echo "=> partition internal microSD card"
+parted -s /dev/sda mklabel msdos
+parted -s /dev/sda mkpart primary fat16 0 128
+parted -s /dev/sda mkpart primary ext2 128 100%
+
+# create filesystems on new partitions
+echo "=> create filesystems on internal microSD card"
+mkdosfs /dev/sda1
+mke2fs -j /dev/sda2
+
+echo "=> mount target partitions"
+mount /dev/sda2 /media
+mkdir -p /media/boot
+mount /dev/sda1 /media/boot
+
+echo "=> copy filesystem content from USB stick to target partitions"
+(cd / ; tar cpSf - `/bin/ls | grep -v boot | grep -v proc | grep -v sys | grep -v media | grep -v dev`) | (cd /media ; tar xpf -)
+# the following intentionally ignores subdirectories
+cp /boot/* /media/boot/
+
+echo "=> touch up target root partition"
+mkdir /media/proc /media/sys /media/media /media/dev
+mknod /media/dev/console c 5 1
+mknod /media/dev/random c 1 8
+mknod /media/dev/urandom c 1 9
+mknod /media/dev/null c 1 3
+mknod /media/dev/ptmx c 5 2
+
+# patch up /etc/fstab entry for /boot
+sed -e 's/sdc/sda/g' < /etc/fstab > /media/etc/fstab
+
+# flash the kernel and create the device's keys
+chroot /media /etc/init.d/first-run
+
+echo "unmount target partitions"
+umount /dev/sda1
+umount /dev/sda2
+
+echo "=> installation complete, see docs to boot from internal microSD"
diff --git a/packages/torouter-prep/configs/sources.list b/packages/torouter-prep/configs/sources.list
deleted file mode 100644
index 42bc62b..0000000
--- a/packages/torouter-prep/configs/sources.list
+++ /dev/null
@@ -1,29 +0,0 @@
-deb http://ftp.de.debian.org/pub/debian/ squeeze main non-free contrib
-deb-src http://ftp.de.debian.org/pub/debian/ squeeze main non-free contrib
-deb http://security.debian.org/ squeeze/updates main
-
-# Sid for uaputl
-deb http://ftp.debian.org/debian sid main
-
-# experimental for natpmp
-deb http://ftp.debian.org/debian experimental main
-deb-src http://ftp.debian.org/debian experimental main
-
-# backports for upnp
-deb http://backports.debian.org/debian-backports squeeze-backports main
-
-# Tor project repo
-deb http://deb.torproject.org/torproject.org/ squeeze main
-deb-src http://deb.torproject.org/torproject.org squeeze main
-
-# Tor project experimental package repo
-deb http://deb.torproject.org/torproject.org experimental-squeeze main
-deb-src http://deb.torproject.org/torproject.org experimental-squeeze main
-
-# Tor 0.2.3.x package repo
-deb http://deb.torproject.org/torproject.org tor-0.2.3.x-stable main
-deb-src http://deb.torproject.org/torproject.org tor-0.2.3.x-stable main
-
-
-# Torouter project repo
-deb http://torrouter.torproject.org/torrouter torrouter main
diff --git a/packages/torouter-prep/configs/tmp/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.apt-key b/packages/torouter-prep/configs/tmp/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.apt-key
new file mode 100644
index 0000000..5b6a4d3
--- /dev/null
+++ b/packages/torouter-prep/configs/tmp/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.apt-key
Binary files differ
diff --git a/packages/torouter-prep/debian/changelog b/packages/torouter-prep/debian/changelog
index 14ff45a..9b94c42 100644
--- a/packages/torouter-prep/debian/changelog
+++ b/packages/torouter-prep/debian/changelog
@@ -1,4 +1,4 @@
-torouter-prep (0.0.1-1) unstable; urgency=low
+torouter-prep (0.0.1-dev) unstable; urgency=low
* Initial release (Closes: #nnnn) <nnnn is the bug number of your ITP>
diff --git a/packages/torouter-prep/debian/files b/packages/torouter-prep/debian/files
index 298935e..f19b131 100644
--- a/packages/torouter-prep/debian/files
+++ b/packages/torouter-prep/debian/files
@@ -1 +1 @@
-torouter-prep_0.0.1-1_all.deb unknown extra
+torouter-prep_0.0.1-dev_all.deb unknown extra
diff --git a/packages/torouter-prep/src/torouter_config.sh b/packages/torouter-prep/src/torouter_config.sh
index 93e8608..96bfaad 100644..100755
--- a/packages/torouter-prep/src/torouter_config.sh
+++ b/packages/torouter-prep/src/torouter_config.sh
@@ -24,15 +24,15 @@ apt-key add $config_dir/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.apt-key
apt-key add $config_dir/047E6A24.asc
# Set us to have a default host name and hosts file
-cp $config_dir/hostname /etc/hostname
-cp $config_dir/hosts /etc/hosts
+cp $config_dir/etc/hostname /etc/hostname
+cp $config_dir/etc/hosts /etc/hosts
# We need to prep apt to understand that we want packages from other repos
cp $config_dir/sources.list /etc/apt/sources.list
# We're creating this file to ensure we get updates
-cp $config_dir/apt-preferences.d-backports /etc/apt/preferences.d/backports
-cp $config_dir/apt.conf /etc/apt/apt.conf
+cp $config_dir/etc/apt/apt-preferences.d/backports /etc/apt/preferences.d/backports
+cp $config_dir/etc/apt/apt.conf /etc/apt/apt.conf
apt-get -y update
@@ -104,33 +104,33 @@ apt-get -y install unbound
zcat $config_dir/armrc.sample.gz > ~$ADMINUSER/.armrc
# Reconfigure /etc/inittab here
-cp $config_dir/inittab /etc/inittab
+cp $config_dir/etc/inittab /etc/inittab
# Reconfigure fstab
-cp $config_dir/fstab /etc/fstab
+cp $config_dir/etc/fstab /etc/fstab
# Configure the network
# eth0 is our "internet" interface with a dhcp client
-cp $config_dir/interfaces /etc/network/interfaces
+cp $config_dir/etc/network/interfaces /etc/network/interfaces
# Configure dnsmasq
-cp $config_dir/dnsmasq.conf /etc/dnsmasq.conf
+cp $config_dir/etc/dnsmasq.conf /etc/dnsmasq.conf
# Configure ntp
-cp $config_dir/ntp.conf /etc/ntp.conf
-cp $config_dir/openntpd-default /etc/default/openntpd
+cp $config_dir/etc/ntp.conf /etc/ntp.conf
+cp $config_dir/etc/default/openntpd /etc/default/openntpd
# Configure ssh
-cp $config_dir/sshd_config /etc/ssh/sshd_config
+cp $config_dir/etc/ssh/sshd_config /etc/ssh/sshd_config
# XXX We should configure ufw here
# XXX We should configure denyhosts
-cp $config_dir/torrc /etc/tor/torrc
-cp $config_dir/ttdnsd-default /etc/default/ttdnsd
+cp $config_dir/etc/tor/torrc /etc/tor/torrc
+cp $config_dir/etc/default/ttdnsd /etc/default/ttdnsd
# Configure sshd
-cp $config_dir/sshd_config /etc/ssh/sshd_config
+cp $config_dir/etc/ssh/sshd_config /etc/ssh/sshd_config
# Clean up our cache
apt-get -f -y remove --purge polipo minissdpd
@@ -145,7 +145,7 @@ apt-get -y clean
apt-get install -f
## Disable ipv6 support for now
-cp $config_dir/modprobe.d-blacklist.conf /etc/modprobe.d/blacklist.conf
+cp $config_dir/etc/modprobe.d/blacklist.conf /etc/modprobe.d/blacklist.conf
# We don't need this if the ipv6 module is not loaded
#echo net.ipv6.conf.all.disable_ipv6=1 > /etc/sysctl.d/disableipv6.conf
##
diff --git a/packages/torouter-prep/src/torouter_takeover.sh b/packages/torouter-prep/src/torouter_takeover.sh
index 2b76502..2b76502 100644..100755
--- a/packages/torouter-prep/src/torouter_takeover.sh
+++ b/packages/torouter-prep/src/torouter_takeover.sh