aboutsummaryrefslogtreecommitdiffstats
path: root/freedom-maker/source
diff options
context:
space:
mode:
authorficus <ficus@robocracy.org>2012-09-11 01:16:38 +0200
committerficus <ficus@robocracy.org>2012-09-12 01:25:30 +0200
commite55744bb195f0d665332ceb48acb57b4a4e186b5 (patch)
tree70824873c9dad07bf55c9e8101a97321f78fc6f5 /freedom-maker/source
parente109d94422d0687fc84d8aa1804c2b209785d0aa (diff)
downloadtorouter-e55744bb195f0d665332ceb48acb57b4a4e186b5.tar.gz
torouter-e55744bb195f0d665332ceb48acb57b4a4e186b5.zip
update to FBx public-0.1 freedom-maker
Snapshot commit with no torouter-specific changes re-applied. Updated freedom-maker image to a significantly more recent version, used by the FreedomBox project. This includes a shift from debian "stable" to "testing" (wheezy), which has a Linux 3.2 kernel. date Fri, 24 Aug 2012 03:50:41 +0000 repo git://anonscm.debian.org/freedombox/freedom-maker.git commit de1f66f0651a3a7c306331eeda1db93535b1470a (public-0.1)
Diffstat (limited to 'freedom-maker/source')
-rw-r--r--freedom-maker/source/etc/apt/sources.list2
-rw-r--r--freedom-maker/source/etc/dhcp/dhcpd.conf32
-rw-r--r--freedom-maker/source/etc/dnsmasq.conf24
-rw-r--r--freedom-maker/source/etc/fstab6
-rw-r--r--freedom-maker/source/etc/hosts7
-rwxr-xr-xfreedom-maker/source/etc/init.d/first-run71
-rwxr-xr-xfreedom-maker/source/etc/init.d/proxy61
-rw-r--r--freedom-maker/source/etc/mtab0
-rw-r--r--freedom-maker/source/etc/network/interfaces25
-rw-r--r--freedom-maker/source/etc/openvpn/client.conf0
-rw-r--r--freedom-maker/source/etc/openvpn/static.key0
l---------freedom-maker/source/etc/rc1.d/S01first-run1
l---------freedom-maker/source/etc/rc2.d/S01first-run1
l---------freedom-maker/source/etc/rc2.d/S50proxy1
-rw-r--r--freedom-maker/source/etc/resolv.conf2
-rw-r--r--freedom-maker/source/etc/sysctl.conf5
-rw-r--r--freedom-maker/source/etc/udev/rules.d/75-persistent-net-generator.rules0
-rw-r--r--freedom-maker/source/install.sh76
-rw-r--r--freedom-maker/source/sbin/copy2dream47
19 files changed, 361 insertions, 0 deletions
diff --git a/freedom-maker/source/etc/apt/sources.list b/freedom-maker/source/etc/apt/sources.list
new file mode 100644
index 0000000..c06710c
--- /dev/null
+++ b/freedom-maker/source/etc/apt/sources.list
@@ -0,0 +1,2 @@
+deb http://http.debian.net/debian wheezy main
+deb-src http://http.debian.net/debian wheezy main
diff --git a/freedom-maker/source/etc/dhcp/dhcpd.conf b/freedom-maker/source/etc/dhcp/dhcpd.conf
new file mode 100644
index 0000000..ec502c6
--- /dev/null
+++ b/freedom-maker/source/etc/dhcp/dhcpd.conf
@@ -0,0 +1,32 @@
+#
+# FreedomBox ISC dhcpd configuration
+#
+#
+
+# The ddns-updates-style parameter controls whether or not the server will
+# attempt to do a DNS update when a lease is confirmed. We default to the
+# behavior of the version 2 packages ('none', since DHCP v2 didn't
+# have support for DDNS.)
+ddns-update-style none;
+
+# option definitions common to all supported networks...
+option domain-name "free.dom";
+option domain-name-servers ns1.free.dom, ns2.free.dom;
+
+default-lease-time 600;
+max-lease-time 7200;
+
+# If this DHCP server is the official DHCP server for the local
+# network, the authoritative directive should be uncommented.
+authoritative;
+
+# Use this to send dhcp log messages to a different log file (you also
+# have to hack syslog.conf to complete the redirection).
+log-facility local7;
+
+# basic subnet configuration for the 'downstream' wired network
+
+subnet 192.168.1.0 netmask 255.255.255.0 {
+ range 192.168.1.10 192.168.1.100;
+ option routers 192.168.1.1;
+}
diff --git a/freedom-maker/source/etc/dnsmasq.conf b/freedom-maker/source/etc/dnsmasq.conf
new file mode 100644
index 0000000..71403d7
--- /dev/null
+++ b/freedom-maker/source/etc/dnsmasq.conf
@@ -0,0 +1,24 @@
+log-facility=DAEMON
+
+local=/fbx/
+local=/freedombox/
+
+# Upstream DNS server
+# FIXME this should be updated on boot.
+server=192.168.0.1@eth1
+
+# We will serve this DNS domain
+# (DHCP hosts will receive a .lan suffix in DNS)
+domain=lan
+
+# We're the authoritative dhcpd
+# Read the manpage for a good explanation of what this does
+dhcp-authoritative
+
+# We are going to serve hosts for:
+# - LAN (192.168.1.0/24) (Only static hosts)
+# - WLAN (192.168.2.0/24)
+# New clients will receive an IP from the WLAN range.
+
+dhcp-range=interface:eth0,set:lan,192.168.1.10,192.168.1.100,255.255.255.0,2h
+# dhcp-range=interface:uap0,set:lan,192.168.2.10,192.168.2.100,255.255.255.0,2h
diff --git a/freedom-maker/source/etc/fstab b/freedom-maker/source/etc/fstab
new file mode 100644
index 0000000..7c48827
--- /dev/null
+++ b/freedom-maker/source/etc/fstab
@@ -0,0 +1,6 @@
+/dev/sdc2 / auto relatime,rw 0 0
+proc /proc proc none 0 0
+sys /sys sysfs none 0 0
+none /dev/pts devpts defaults 0 0
+tmpfs /tmp tmpfs rw,nosuid,nodev 0 0
+/dev/sdc1 /boot vfat defaults 0 0
diff --git a/freedom-maker/source/etc/hosts b/freedom-maker/source/etc/hosts
new file mode 100644
index 0000000..e252996
--- /dev/null
+++ b/freedom-maker/source/etc/hosts
@@ -0,0 +1,7 @@
+127.0.0.1 localhost freedombox fbx
+::1 localhost ip6-localhost ip6-loopback
+fe00::0 ip6-localnet
+ff00::0 ip6-mcastprefix
+ff02::1 ip6-allnodes
+ff02::2 ip6-allrouters
+
diff --git a/freedom-maker/source/etc/init.d/first-run b/freedom-maker/source/etc/init.d/first-run
new file mode 100755
index 0000000..8df2c2d
--- /dev/null
+++ b/freedom-maker/source/etc/init.d/first-run
@@ -0,0 +1,71 @@
+#!/bin/bash
+#
+# Script to complete the post-install process on first FBX boot.
+
+### BEGIN INIT INFO
+# Provides: first-run
+# Default-Start: 1 2
+# Required-Start: 2
+# Required-Stop:
+# Default-Stop:
+# Short-Description: Finish FBX install on DreamPlug
+### END INIT INFO
+
+function tweak-kernel {
+ # Update the kernel unless requested otherwise.
+
+ if [ -e /var/freedombox/dont-tweak-kernel ]
+ then
+ rm /var/freedombox/dont-tweak-kernel
+ else
+ kernel_version="$(/bin/ls $mountpoint/boot/vmlinuz-*-kirkwood | sort -rn | head -n1 | sed s#$mountpoint/boot/vmlinuz-##)"
+
+ mount -t proc proc /proc
+ flash-kernel $kernel_version
+ umount /proc
+ fi
+}
+
+function wifi-ap-setup {
+ # configure wireless access point with spinifex's prebuilt firmware
+
+ echo "Sleeping 30s for DHCP"
+ sleep 30 # wait for dhcp
+
+ echo "Installing UAP Firmware."
+ wget -O /tmp/marvell_wifi_firmware.tar.gz http://www.spinifex.com.au/plugs/downloads/dreamplug/marvell_wifi_firmware.tar.gz
+ tar -C /tmp -zxf /tmp/marvell_wifi_firmware.tar.gz
+ mkdir -p /lib/firmware/mrvl
+ cp /tmp/lib/firmware/mrvl/* /lib/firmware/mrvl
+}
+
+function create-keys {
+ echo "Creating Keys."
+
+ echo "Creating SSH keys."
+ rm /etc/ssh/ssh_host_*
+ dpkg-reconfigure openssh-server
+
+ echo "Need to create other keys."
+ # gpg --batch --gen-key
+ # see http://lists.gnupg.org/pipermail/gnupg-users/2003-March/017376.html
+}
+
+function remove-self {
+ rm -f /etc/init.d/first-run
+ rm -f /etc/rc1.d/S01first-run
+ rm -f /etc/rc2.d/S01first-run
+ rm /etc/init.d/first-run
+ rm /etc/rc1.d/S01first-run
+ rm /etc/rc2.d/S01first-run
+}
+
+create-keys
+# wifi-ap-setup
+
+# the last things we do before quitting.
+tweak-kernel
+remove-self
+
+echo "Kernel flashed. Rebooting."
+reboot
diff --git a/freedom-maker/source/etc/init.d/proxy b/freedom-maker/source/etc/init.d/proxy
new file mode 100755
index 0000000..901507b
--- /dev/null
+++ b/freedom-maker/source/etc/init.d/proxy
@@ -0,0 +1,61 @@
+#! /bin/sh
+
+### BEGIN INIT INFO
+# Provides: proxy
+# Required-Start: $network $remote_fs $syslog
+# Required-Stop: $remote_fs $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Proxy for clients.
+### END INIT INFO
+
+set -e
+
+INTIF1="eth0"
+INTIF2="uap0"
+EXTIF="eth1"
+EXTIP="`/sbin/ifconfig $EXTIF | grep 'inet addr' | awk '{print $2}' | sed -e 's/.*://'`"
+
+loadModules() {
+ depmod -a
+ modprobe ip_tables
+ modprobe ip_conntrack
+ modprobe ip_conntrack_ftp
+ modprobe ip_conntrack_irc
+ modprobe iptable_nat
+ modprobe ip_nat_ftp
+}
+
+setProc() {
+ echo "1" > /proc/sys/net/ipv4/ip_forward
+ echo "1" > /proc/sys/net/ipv4/ip_dynaddr
+}
+
+configIpTables() {
+ iptables -P INPUT ACCEPT
+ iptables -F INPUT
+ iptables -P OUTPUT ACCEPT
+ iptables -F OUTPUT
+ iptables -P FORWARD DROP
+ iptables -F FORWARD
+ iptables -t nat -F
+
+ iptables -A FORWARD -i $EXTIF -o $INTIF1 -m state --state ESTABLISHED,RELATED -j ACCEPT
+ iptables -A FORWARD -i $EXTIF -o $INTIF2 -m state --state ESTABLISHED,RELATED -j ACCEPT
+ iptables -A FORWARD -i $INTIF1 -o $EXTIF -j ACCEPT
+ iptables -A FORWARD -i $INTIF2 -o $EXTIF -j ACCEPT
+
+ iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE
+}
+
+case "$1" in
+ start)
+ loadModules
+ setProc
+ configIpTables
+ ;;
+ *)
+ log_success_msg "Usage: /etc/init.d/proxy {start}"
+ exit 1
+ ;;
+esac
diff --git a/freedom-maker/source/etc/mtab b/freedom-maker/source/etc/mtab
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/freedom-maker/source/etc/mtab
diff --git a/freedom-maker/source/etc/network/interfaces b/freedom-maker/source/etc/network/interfaces
new file mode 100644
index 0000000..9680bed
--- /dev/null
+++ b/freedom-maker/source/etc/network/interfaces
@@ -0,0 +1,25 @@
+# This file describes the network interfaces available on your system
+# and how to activate them. For more information, see interfaces(5).
+
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The primary network interface
+auto eth0
+iface eth0 inet static
+ address 192.168.1.1
+ netmask 255.255.255.0
+
+allow-hotplug eth1
+iface eth1 inet dhcp
+
+# auto uap0
+# iface uap0 inet static
+# address 192.168.2.1
+# netmask 255.255.255.0
+# post-up uaputl sys_cfg_ssid "freedombox"
+# post-up uaputl sys_cfg_protocol 32 # WPA2
+# post-up uaputl sys_cfg_wpa_passphrase "freedombox123"
+# post-up uaputl sys_cfg_cipher 8 8 # AES CCMP
+# post-up uaputl bss_start
diff --git a/freedom-maker/source/etc/openvpn/client.conf b/freedom-maker/source/etc/openvpn/client.conf
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/freedom-maker/source/etc/openvpn/client.conf
diff --git a/freedom-maker/source/etc/openvpn/static.key b/freedom-maker/source/etc/openvpn/static.key
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/freedom-maker/source/etc/openvpn/static.key
diff --git a/freedom-maker/source/etc/rc1.d/S01first-run b/freedom-maker/source/etc/rc1.d/S01first-run
new file mode 120000
index 0000000..e24a808
--- /dev/null
+++ b/freedom-maker/source/etc/rc1.d/S01first-run
@@ -0,0 +1 @@
+../init.d/first-run \ No newline at end of file
diff --git a/freedom-maker/source/etc/rc2.d/S01first-run b/freedom-maker/source/etc/rc2.d/S01first-run
new file mode 120000
index 0000000..e24a808
--- /dev/null
+++ b/freedom-maker/source/etc/rc2.d/S01first-run
@@ -0,0 +1 @@
+../init.d/first-run \ No newline at end of file
diff --git a/freedom-maker/source/etc/rc2.d/S50proxy b/freedom-maker/source/etc/rc2.d/S50proxy
new file mode 120000
index 0000000..9855df4
--- /dev/null
+++ b/freedom-maker/source/etc/rc2.d/S50proxy
@@ -0,0 +1 @@
+../init.d/proxy \ No newline at end of file
diff --git a/freedom-maker/source/etc/resolv.conf b/freedom-maker/source/etc/resolv.conf
new file mode 100644
index 0000000..af9304d
--- /dev/null
+++ b/freedom-maker/source/etc/resolv.conf
@@ -0,0 +1,2 @@
+nameserver 208.67.222.222
+nameserver 208.67.220.220
diff --git a/freedom-maker/source/etc/sysctl.conf b/freedom-maker/source/etc/sysctl.conf
new file mode 100644
index 0000000..916e972
--- /dev/null
+++ b/freedom-maker/source/etc/sysctl.conf
@@ -0,0 +1,5 @@
+# Reduce writes to flash drives
+vm.laptop_mode=5
+vm.swappiness=0
+vm.dirty_writeback_centisecs=1500
+vm.dirty_expire_centisecs=1500
diff --git a/freedom-maker/source/etc/udev/rules.d/75-persistent-net-generator.rules b/freedom-maker/source/etc/udev/rules.d/75-persistent-net-generator.rules
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/freedom-maker/source/etc/udev/rules.d/75-persistent-net-generator.rules
diff --git a/freedom-maker/source/install.sh b/freedom-maker/source/install.sh
new file mode 100644
index 0000000..76547ba
--- /dev/null
+++ b/freedom-maker/source/install.sh
@@ -0,0 +1,76 @@
+echo "Preconfiguring dash - else dash and bash will be left in a broken state"
+/var/lib/dpkg/info/dash.preinst install
+
+# don't leave target image containing apt config of the build host
+echo "Configuring all packages"
+export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true
+export LC_ALL=C LANGUAGE=C LANG=C
+
+# allow flash-kernel to work without valid /proc contents
+# ** this doesn't *really* work, since there are too many checks that fail
+# in an emulated environment! We'll have to do it by hand below anyway...
+export FK_MACHINE="Globalscale Technologies Dreamplug"
+
+# configure all packages unpacked earlier by multistrap
+dpkg --configure -a
+
+echo "Adding source packages to filesystem"
+dpkg --get-selections > /tmp/selections
+mkdir -p /sourcecode
+cd sourcecode
+cut -f 1 < /tmp/selections | cut -d ':' -f 1 > /tmp/packages
+apt-get source --download-only `cat /tmp/packages`
+
+# sshd may be left running by the postinst, clean that up
+/etc/init.d/ssh stop
+
+# process installed kernel to create uImage, uInitrd, dtb
+# using flash-kernel would be a good approach, except it fails in the cross
+# build environment due to too many environment checks...
+#FK_MACHINE="Globalscale Technologies Dreamplug" flash-kernel
+# so, let's do it manually...
+
+# flash-kernel's hook-functions provided to mkinitramfs have the unfortunate
+# side-effect of creating /conf/param.conf in the initrd when run from our
+# emulated chroot environment, which means our root= on the kernel command
+# line is completely ignored! repack the initrd to remove this evil...
+
+mkdir /tmp/initrd-repack
+(cd /tmp/initrd-repack ; \
+ zcat /boot/initrd.img-3.2.0-3-kirkwood | cpio -i ; \
+ rm -f conf/param.conf ; \
+ find . | cpio --quiet -o -H newc | \
+ gzip -9 > /boot/initrd.img-3.2.0-3-kirkwood )
+rm -rf /tmp/initrd-repack
+
+(cd /boot ; \
+ cp /usr/lib/linux-image-3.2.0-3-kirkwood/kirkwood-dreamplug.dtb dtb ; \
+ cat vmlinuz-3.2.0-3-kirkwood dtb >> temp-kernel ; \
+ mkimage -A arm -O linux -T kernel -n 'Debian kernel 3.2.0-3-kirkwood' \
+ -C none -a 0x8000 -e 0x8000 -d temp-kernel uImage ; \
+ rm -f temp-kernel ; \
+ mkimage -A arm -O linux -T ramdisk -C gzip -a 0x0 -e 0x0 \
+ -n 'Debian ramdisk 3.2.0-3-kirkwood' \
+ -d initrd.img-3.2.0-3-kirkwood uInitrd )
+
+# Establish an initial root password
+echo "Set root password to "$rootpassword
+echo root:$rootpassword | /usr/sbin/chpasswd
+
+# Create a default user
+echo "Creating fbx user, password: $userpassword"
+useradd $user
+echo $user:$userpassword | /usr/sbin/chpasswd
+
+# By default, spawn a console on the serial port
+echo "Adding a getty on the serial port"
+echo "T0:12345:respawn:/sbin/getty -L ttyS0 115200 vt100" >> /etc/inittab
+
+echo "Deleting this very same script"
+rm -f /install.sh
+
+echo "Syncing filesystem just in case something didn't get written"
+sync
+
+echo "End configuration progress by exiting from the chroot"
+exit
diff --git a/freedom-maker/source/sbin/copy2dream b/freedom-maker/source/sbin/copy2dream
new file mode 100644
index 0000000..267c2b6
--- /dev/null
+++ b/freedom-maker/source/sbin/copy2dream
@@ -0,0 +1,47 @@
+#!/bin/sh
+#
+# this script assumes the current root filesystem is the source, and the
+# internal microSD on a DreamPlug is the target .. all existing content on
+# the microSD card will be lost.
+#
+
+# partition microSD card inside DreamPlug
+echo "=> partition internal microSD card"
+parted -s /dev/sda mklabel msdos
+parted -s /dev/sda mkpart primary fat16 0 128
+parted -s /dev/sda mkpart primary ext2 128 100%
+
+# create filesystems on new partitions
+echo "=> create filesystems on internal microSD card"
+mkdosfs /dev/sda1
+mke2fs -j /dev/sda2
+
+echo "=> mount target partitions"
+mount /dev/sda2 /media
+mkdir -p /media/boot
+mount /dev/sda1 /media/boot
+
+echo "=> copy filesystem content from USB stick to target partitions"
+(cd / ; tar cpSf - `/bin/ls | grep -v boot | grep -v proc | grep -v sys | grep -v media | grep -v dev`) | (cd /media ; tar xpf -)
+# the following intentionally ignores subdirectories
+cp /boot/* /media/boot/
+
+echo "=> touch up target root partition"
+mkdir /media/proc /media/sys /media/media /media/dev
+mknod /media/dev/console c 5 1
+mknod /media/dev/random c 1 8
+mknod /media/dev/urandom c 1 9
+mknod /media/dev/null c 1 3
+mknod /media/dev/ptmx c 5 2
+
+# patch up /etc/fstab entry for /boot
+sed -e 's/sdc/sda/g' < /etc/fstab > /media/etc/fstab
+
+# flash the kernel and create the device's keys
+chroot /media /etc/init.d/first-run
+
+echo "unmount target partitions"
+umount /dev/sda1
+umount /dev/sda2
+
+echo "=> installation complete, see docs to boot from internal microSD"