aboutsummaryrefslogtreecommitdiffstats
path: root/freedom-maker
diff options
context:
space:
mode:
Diffstat (limited to 'freedom-maker')
-rw-r--r--freedom-maker/Makefile124
-rw-r--r--freedom-maker/README432
-rw-r--r--freedom-maker/TODO38
-rw-r--r--freedom-maker/bin/copy2dream.sh30
-rwxr-xr-xfreedom-maker/bin/finalize65
-rwxr-xr-xfreedom-maker/bin/partition-stick37
-rwxr-xr-xfreedom-maker/bin/projects33
-rwxr-xr-xfreedom-maker/bin/projects-chroot1
-rw-r--r--freedom-maker/fbx-base.conf13
-rwxr-xr-xfreedom-maker/freedombox-customize49
-rwxr-xr-xfreedom-maker/mk_dreamplug_rootfs187
-rwxr-xr-xfreedom-maker/mk_virtualbox_image31
-rw-r--r--freedom-maker/multistrap-configs/fbx-amd64.conf (renamed from freedom-maker/fbx-armel.conf)2
-rw-r--r--freedom-maker/multistrap-configs/fbx-armel.conf14
-rw-r--r--freedom-maker/multistrap-configs/fbx-base.conf14
-rw-r--r--freedom-maker/multistrap-configs/fbx-i386.conf3
-rw-r--r--freedom-maker/source/etc/apt/sources.list2
-rw-r--r--freedom-maker/source/etc/dhcp/dhcpd.conf32
-rw-r--r--freedom-maker/source/etc/dnsmasq.conf24
-rw-r--r--freedom-maker/source/etc/fstab6
-rw-r--r--freedom-maker/source/etc/hosts7
-rwxr-xr-xfreedom-maker/source/etc/init.d/first-run71
-rwxr-xr-xfreedom-maker/source/etc/init.d/proxy61
-rw-r--r--freedom-maker/source/etc/mtab0
-rw-r--r--freedom-maker/source/etc/network/interfaces25
-rw-r--r--freedom-maker/source/etc/openvpn/client.conf0
-rw-r--r--freedom-maker/source/etc/openvpn/static.key0
l---------freedom-maker/source/etc/rc1.d/S01first-run1
l---------freedom-maker/source/etc/rc2.d/S01first-run1
l---------freedom-maker/source/etc/rc2.d/S50proxy1
-rw-r--r--freedom-maker/source/etc/resolv.conf2
-rw-r--r--freedom-maker/source/etc/sysctl.conf5
-rw-r--r--freedom-maker/source/etc/udev/rules.d/75-persistent-net-generator.rules0
-rw-r--r--freedom-maker/source/install.sh76
-rw-r--r--freedom-maker/source/sbin/copy2dream47
35 files changed, 1194 insertions, 240 deletions
diff --git a/freedom-maker/Makefile b/freedom-maker/Makefile
index e8fc80a..5adc490 100644
--- a/freedom-maker/Makefile
+++ b/freedom-maker/Makefile
@@ -1,17 +1,117 @@
-# copy DreamPlug root filesystem to a usb stick with an ext3 partition
-dreamstick: stamp-dreamplug-rootfs
- mount /media/freedom
- sudo rsync -atvz --progress --delete build/dreamplug/ /media/freedom/
- umount /media/freedom
+# /usr/bin/make
+
+# armel amd64 i386
+ARCHITECTURE = armel
+# dreamplug guruplug
+MACHINE = dreamplug
+# card usb
+DESTINATION = card
+BUILD = $(MACHINE)-$(ARCHITECTURE)-$(DESTINATION)
+BUILD_DIR = build/$(ARCHITECTURE)
+MOUNTPOINT = /media/freedom
+BOOTPOINT = $(MOUNTPOINT)/boot
+DEVICE = /dev/sdb
+TODAY = `date +%Y.%m%d`
+NAME = freedombox-unstable_$(TODAY)_$(BUILD)
+IMAGE = $(NAME).img
+ARCHIVE = $(NAME).tar.bz2
+LOOP = /dev/loop0
# populate a tree with DreamPlug root filesystem
-stamp-dreamplug-rootfs: fbx-armel.conf fbx-base.conf mk_dreamplug_rootfs
- sudo ./mk_dreamplug_rootfs
- touch stamp-dreamplug-rootfs
+rootfs: rootfs-$(ARCHITECTURE)
+rootfs-$(ARCHITECTURE): multistrap-configs/fbx-base.conf \
+ multistrap-configs/fbx-$(ARCHITECTURE).conf \
+ mk_dreamplug_rootfs \
+ bin/projects bin/finalize bin/projects-chroot
+ -sudo umount `pwd`/$(BUILD_DIR)/var/cache/apt/
+ sudo ./mk_dreamplug_rootfs $(ARCHITECTURE) multistrap-configs/fbx-$(ARCHITECTURE).conf
+ touch rootfs-$(ARCHITECTURE)
+
+# copy DreamPlug root filesystem to a usb stick or microSD card
+# stick assumed to have 2 partitions, 128meg FAT and the rest ext3 partition
+image: rootfs-$(ARCHITECTURE)
+ -umount $(BOOTPOINT)
+ -umount $(MOUNTPOINT)
+ mount $(MOUNTPOINT)
+ sudo mkdir -p $(BOOTPOINT)
+ mount $(BOOTPOINT)
+ sudo rsync -atvz --progress --delete --exclude=boot $(BUILD_DIR)/ $(MOUNTPOINT)/
+ cp $(BUILD_DIR)/boot/* $(BOOTPOINT)/
+ifeq ($(DESTINATION),usb)
+# prevent the first-run script from running during boot.
+# we'll do this during copy2dream.
+ rm $(MOUNTPOINT)/etc/rc1.d/S01first-run $(MOUNTPOINT)/etc/rc2.d/S01first-run
+# add u-boot binary for the DreamPlug to the FAT partition for easy access
+ cp -r $(MOUNTPOINT)/usr/lib/u-boot/dreamplug $(MOUNTPOINT)/boot
+endif
+ifeq ($(DESTINATION),card)
+# we don't need to copy2dream, this is the microSD card.
+ sudo rm $(MOUNTPOINT)/sbin/copy2dream
+# fix fstab for the SD card.
+ sudo sh -c "sed -e 's/sdc1/sda1/g' < $(BUILD_DIR)/etc/fstab > $(MOUNTPOINT)/etc/fstab"
+endif
+ifeq ($(MACHINE),guruplug)
+# we can't flash the guru plug's kernel
+ mkdir -p $(MOUNTPOINT)/var/freedombox/
+ touch $(MOUNTPOINT)/var/freedombox/dont-tweak-kernel
+endif
+ sync
+ sleep 1
+ umount $(BOOTPOINT)
+ umount $(MOUNTPOINT)
+ @echo "Build complete."
+
+# build a virtualbox image
+virtualbox-image: stamp-vbox-predepend
+ ./mk_virtualbox_image freedombox-unstable_$(TODAY)_virtualbox-i386-hdd
+
+# build the weekly test image
+weekly-image: image
+# if we aren't installing to an armel system, assume we need a bootloader.
+ifneq ($(ARCHITECTURE),armel)
+# also, try my best to protect users from themselves:
+ifneq ($(DEVICE),/dev/sda)
+ sudo grub-install $(DEVICE)
+endif
+endif
+ dd if=$(DEVICE) of=$(IMAGE) bs=1M
+ @echo "Image copied. The microSD card may now be removed."
+ tar -cjvf $(ARCHIVE) $(IMAGE)
+
+#
+# meta
+#
+
+# install required files so users don't need to do it themselves.
+stamp-predepend:
+ sudo sh -c "apt-get install multistrap qemu-user-static u-boot-tools git mercurial"
+ touch stamp-predepend
+
+stamp-vbox-predepend:
+ sudo sh -c "apt-get install debootstrap extlinux qemu-utils parted mbr kpartx python-cliapp"
+ touch stamp-vbox-predepend
clean:
- rm -f stamp-dreamplug-rootfs
- sudo rm -rf build/dreamplug
+# just in case I tried to build before plugging in the USB drive.
+ -sudo umount `pwd`/$(BUILD_DIR)/var/cache/apt/
+ sudo rm -rf $(BUILD_DIR)
+ -rm -f $(IMAGE) $(ARCHIVE)
+ -rm -f rootfs-* stamp-*
+
+distclean: clean
+ sudo rm -rf build
+
+# remove all data from the microSD card to repopulate it with a pristine image.
+clean-card:
+ -umount $(BOOTPOINT)
+ -umount $(MOUNTPOINT)
+
+ sudo mkdir -p $(BOOTPOINT)
+ mount $(BOOTPOINT)
+ sudo rm -rf $(BOOTPOINT)/*
+ umount $(BOOTPOINT)
-distclean: clean
- rm -rf build
+ sudo mkdir -p $(MOUNTPOINT)
+ mount $(MOUNTPOINT)
+ sudo rm -rf $(MOUNTPOINT)/*
+ umount $(MOUNTPOINT)
diff --git a/freedom-maker/README b/freedom-maker/README
index 1428d26..6039861 100644
--- a/freedom-maker/README
+++ b/freedom-maker/README
@@ -1,60 +1,418 @@
Freedom-Maker - Bdale's building tools for the FreedomBox project
-Install required build packages:
- apt-get install multistrap qemu-user-static
+Welcome to the FreedomBox! This project is the central hub of the FreedomBox
+project, it builds and installs the file-system image that turns any computer
+into a FreedomBox.
-To build for a DreamPlug, use
+There are a couple ways to use this system:
- sudo ./mk_dreamplug_rootfs
+1. If you just want to use a FreedomBox and don't care about changing how it
+ works or mucking about in its insides (if you're like most people), you
+ should get a pre-built image from someone and copy it to an SD card or USB
+ drive. If you don't have a JTAG or don't know what one is, make sure to ask
+ for the SD card image.
-This will yield a file tree under build/dreamplug, representing the
-contents of a root file system. Get that onto a USB stick with a Linux
-friendly file system (ext3 and not vfat) with something like
+2. If you want to change and build on it, you can use:
- sudo mount /dev/sdc1 /media/freedom
- sudo rsync -atvz --progress build/dreamplug/ /media/freedom/
- sudo umount /media/freedom
+ A. A USB stick. This requires a JTAG, but doesn't require opening up the
+ DreamPlug, or,
-Move the USB stick to the DreamPlug, and arrange to boot the existing kernel
-from internal microSD pointing to our new root filesystem by interrupting the
-boot to talk to U-Boot:
+ B. A microSD card and adapter. You can use the one from inside the
+ DreamPlug. You won't need a JTAG, but you will need to open the DreamPlug
+ and void the warranty.
+
+***
+*** Warning! There are no "training wheels" here .. read the scripts and
+*** understand what they're going to do before you run them...
+***
+
+# Recent Firmware Necessary!
+
+Modern kernels need a relatively recent version of the u-boot firmware. If
+you still use old firmware (including what Global Scale ships on the units by
+default), then you need to update, which requires having the JTAG dongle (to
+gain console serial port access). One way to know you've got old firmware
+is if booting a Linux kernel results in errors about corrupt gzip data and
+a failure to launch the kernel.
+
+Note that re-flashing firmware will erase all configuration variables. If
+preserving your exising boot config is important, use printenv and make notes
+before proceeding. Also note that any time you're re-flashing boot firmware,
+there is a slight chance you could 'brick' your device leaving it unbootable.
+If that happens, the JTAG interface can be used to recover.
+
+The instructions for updating firmaware go something like this (thanks to
+Ian Campbell for his notes):
+
+ Using 2012.04.01-2 which is current Wheezy. Prep by mounting a USB stick.
+
+ wget http://http.debian.net/debian/pool/main/u/u-boot/u-boot_2012.04.01-2_armel.deb
+ dpkg-deb -x u-boot_2012.04.01-2_armel.deb u-boot_2012.04.01-2_armel
+ cp u-boot_2012.04.01-2_armel/usr/lib/u-boot/dreamplug/* /media/usbdisk
+
+ Move the USB stick to your DreamPlug. Flash the new firmare:
+
+ usb start
+ fatload usb 2 0x6400000 u-boot.kwb
+ sf probe 0
+ sf erase 0x0 0x80000
+ sf write 0x6400000 0x0 0x${filesize}
+
+ (You must, of course, fill in the size of the file you're loading in hex)
+
+At this point, you should be able to reset the DreamPlug and have it boot to
+a serial console prompt. If that fails, you'll need real JTAG magic to try
+again.
+
+Note that if you use the 'make usb' target to create a bootable USB stick
+image, we include the required firmware in /boot/dreamplug, so the above
+fatload command might be replaced with:
+
+ fatload usb 2 0x6400000 dreamplug/u-boot.kwb
+
+# To Use It
+
+You'll need to copy the image to the memory card or USB stick:
+
+1. Figure out which device your card actually is.
+
+ A. Unplug your card.
+
+ B. Run "df" to show you the list of devices your computer actually knows
+ about.
+
+ C. Plug your card in.
+
+ D. Run "df" again, your computer should know about a new device or two: your
+ memory card. It's probably "/dev/sd(someletter)". It *won't be*
+ /dev/sda.
+
+2. Decompress the image:
+
+ $ tar -xjvf freedombox-unstable_*.tar.bz2
+
+3. Copy the image to your card. Whatever you do, make sure you don't copy it to
+ /dev/sda. That'll break your system.
+
+ # dd bs=1M if=freedombox-unstable_*.img of=/dev/sd(thesameletter)
+
+ When picking a device, use the drive-letter destination, like /dev/sdb, not a
+ numbered destination, like /dev/sdb1. The device-without-a-number refers to
+ the entire device, while the device-with-a-number refers to a specific
+ partition. We want to use the whole device.
+
+Now, what you need to do depends on whether you're using the microSD card or USB
+stick method:
+
+- USB drive: You'll hook the JTAG up to the DreamPlug before booting and use the
+ JTAG to control the boot process, so we can boot from the USB drive.
+
+- microSD card: You'll put the microSD card into the DreamPlug's internal
+ microSD card slot and boot the DreamPlug. It'll restart once to finish the
+ install process, then it's ready to use.
+
+## Running from a microSD Card
+
+When DD has finished, take the microSD card out of your computer and plug it
+into your DreamPlug. If you have a JTAG, you can watch it boot. You'll see it
+restart once during the boot process. If you don't have a JTAG, wait a while (5
+minutes or less) and it'll be available over SSH (port 22). You might need to
+use nmap to find it:
+
+ $ nmap -p 22 --open -sV 192.168.0.0/24
+
+ ...
+ Interesting ports on 192.168.0.13:
+ PORT STATE SERVICE VERSION
+ 22/tcp open ssh OpenSSH 6.0p1 Debian 2 (protocol 2.0)
+ Service Info: OS: Linux
+ ...
+
+Once you've found it, SSH into the box:
+
+ $ ssh root@192.168.0.13
+
+## Running from a USB Stick
+
+Move the USB stick to the DreamPlug, obtain a serial console, and hit reset. A
+good way to access the serial console (actually USB serial emulation provided by
+the optional JTAG dongle), is to use 'screen', like so:
screen /dev/ttyUSB0 115200
-# Reboot the DreamPlug
-# You should see "Hit any key to stop autoboot: " - hit a key, any key
- setenv x_bootargs_root root=/dev/sdc1 rootdelay=10
- saveenv
- reset
-The system should boot to a login prompt and the default password is
-'freedom' for the root user.
+Interrupt the boot by pressing a key during the autoboot countdown, and type the
+following to boot from the USB stick:
+
+ setenv bootcmd '${x_bootcmd_usb}; ${x_bootcmd_kernel}; ${x_bootcmd_initrd}; setenv bootargs ${x_bootargs} ${x_bootargs_root}; bootm 0x6400000 0x6900000;'
+ setenv x_bootcmd_kernel fatload usb 2 0x6400000 uImage
+ setenv x_bootcmd_initrd fatload usb 2 0x6900000 uInitrd
+ setenv x_bootargs_root root=/dev/sdc2 rootdelay=10
+ boot
+
+The system should boot to a login prompt, using only the bits on the stick.
+
+The default root password is 'freedom'. The normal user is "fbx" and the
+password is "frdm".
- - - - -
-If you want to set things up to boot from the internal microSD card, once
-you're logged into the system booted from root on USB stick you can use:
+To set things up to boot from the internal microSD card, once you're logged into
+the system booted from root on USB stick you can use:
- sh /boot/copy2dream.sh
+ /sbin/copy2dream
-If you choose to to reflash the device entirely you'll want to do the
-following to switch the root filesystem back to the internal microSD card:
+Note that if you don't have a reasonable system date and time set in the
+DreamPlug before running this command, you may see a long stream of warnings
+from tar about timestamps being in the future. It is safe to ignore these.
- screen /dev/ttyUSB0 115200
-# Reboot the DreamPlug
-# You should see "Hit any key to stop autoboot: " - hit a key, any key
+On reboot, you may want to interrupt the boot and type the following to ensure
+you boot from the internal microSD by default. This bootcmd line elides the
+time-consuming attempts to boot grom gigE, which makes boot go much faster:
+
+ setenv bootcmd '${x_bootcmd_usb}; ${x_bootcmd_kernel}; ${x_bootcmd_initrd}; setenv bootargs ${x_bootargs} ${x_bootargs_root}; bootm 0x6400000 0x6900000;'
+ setenv x_bootcmd_kernel fatload usb 0 0x6400000 uImage
+ setenv x_bootcmd_initrd fatload usb 0 0x6900000 uInitrd
setenv x_bootargs_root root=/dev/sda2 rootdelay=10
saveenv
reset
-- - - - -
+# To Make It
+
+If you want to build your own image yourself, you're more than welcome to.
+Whether you're using a USB drive or a microSD card, you'll need to ensure that
+it's at least 2 GB in size and that it has two partitons:
+
+1. The stick must start with a 128 MB FAT partition for the boot directory.
+
+2. The rest of the stick is an EXT2 partition, for the main installation.
+
+The rest of the steps you need to follow depend on whether you're using a USB
+stick or a microSD card.
+
+## Building on a USB Stick
+
+Partition a USB stick to have a small FAT partition and large ext2 partition,
+create a /media/freedom mount point, and add entries to /etc/fstab like:
+
+ /dev/sdb1 /media/freedom/boot vfat user,noauto 0 0
+ /dev/sdb2 /media/freedom ext2 user,noauto 0 0
+
+This will allow the Makefile to mount and unmount the stick at will.
+
+If you have a favorite Debian mirror, update the file fbx-base.conf setting the
+source= line.
+
+To populate the stick with bits for a DreamPlug, just plug it in to your
+computer and type:
+
+ make
+
+This will build a file tree under build/dreamplug, representing the contents of
+a root file system, then that content will be copied to the stick.
+
+## Building it on a microSD card.
+
+Changing the image and building your own is a simple 18 step process! Lots of
+thanks to Nick Hardiman for putting these instructions together.
+
+### Get Ready
+
+1. Start your workstation.
+
+2. Use a Debian OS, the version doesn't matter. A virtual image, such
+ as a VirtualBox image, is fine. Usually.
+
+3. Use the root account.
+
+### Prepare an SD Card
+
+4. Find a microSD card with SD card holder. It must be at least 2GB
+ in size.
+
+5. Insert the card into your workstation.
+
+6. Install a partition editor. Install parted if you are a masochist.
+
+ # apt-get install parted
+
+7. Create 2 partitions. Use cfdisk, parted, gparted or similar.
+
+ # cfdisk /dev/sdb
+
+ a. First partition: 128meg (no smaller or the kernel copy will run
+ out of room and make - see below - will end with an error).
+
+ b. Second partition: The rest of the card (anything over 600 MB
+ should work).
+
+8. Make a note of the SD card’s device name. Mine is /dev/sdb (my
+ workstation’s layout is simple: one disk called /dev/sda and
+ nothing else defined).
+
+9. Format the two partitions.
+
+ a. First partition: FAT
+
+ # mkdosfs /dev/sdb1
+
+ b. Second partition: ext3
+
+ # mkfs.ext3 /dev/sdb2
+
+10. Create the mountpoints on your workstation.
+
+ # mkdir -p /media/freedom/boot
+
+11. Mount the second partition.
+
+ # mount /dev/sdb2 /media/freedom/
+
+12. Mount the first partition.
+
+ # mount /dev/sdb1 /media/freedom/boot/
+
+13. Check your work.
+
+ # mount
+
+ sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
+ ...
+ /dev/sdb2 on /media/freedom type ext3
+ (rw,relatime,errors=continue,barrier=1,data=ordered)
+ /dev/sdb1 on /media/freedom/boot type vfat
+ (rw,relatime,fmask=0022,dmask=0022,codepage=cp437,iocharset=utf8,shortname=mixed,errors=remount-ro)
+
+### Clone the Git Repository
+
+14. Install git.
+
+ # apt-get install git
+
+ Reading package lists... Done
+ ...
+ After this operation, 15.3 MB of additional disk space will be used.
+ Do you want to continue [Y/n]?
+ ...
+
+15. Clone Nick Daly’s repository.
+
+ $ git clone https://github.com/NickDaly/freedom-maker.git
+
+ Cloning into 'freedom-maker'...
+
+
+### Create the Debian OS.
+
+16. Change to the new directory.
+
+ $ cd ~/freedom-maker/
+
+17. Kick off:
+
+ $ make weekly-card
+
+18. Enter your password when asked by "sudo". If that fails, run:
+
+ $ su -c "make weekly-card"
+
+If you do that, you'll need to enter the root password to build the image.
+
+The next part took about an hour, but required no input from me. Packages were
+downloaded. Lots of commands were run. Many harmless errors were ignored:
+
+ sysvinit: restarting...init: timeout opening/writing control channel /run/initctl
+ .init: timeout opening/writing control channel /run/initctl
+ ...
+
+There was good news:
+
+ Multistrap system installed successfully...
+ Copying the source directory to the FreedomBox root.
+
+There was an enormous amount of this:
+
+ bin/bash
+ 818092 100% 7.07MB/s 0:00:00 (xfer#1, to-check=1102/1123)
+ bin/cat
+ 42736 100% 362.91kB/s 0:00:00 (xfer#2, to-check=1101/1123)
+ bin/chgrp
+ 54996 100% 383.62kB/s 0:00:00 (xfer#3, to-check=1100/1123)
+ ...
+
+Finally an image is copied and zipped up for redistribution:
+
+ dd if=/dev/sdb of="freedombox-unstable_`date +%Y.%m%d`.img" bs=1M
+ 3781+1 records in
+ 3781+1 records out
+ 3965190144 bytes (4.0 GB) copied, 266.174 s, 14.9 MB/s
+ Image copied. The microSD card may now be removed.
+ tar -cjvf "freedombox-unstable_`date +%Y.%m%d`.tar.bz2"
+ "freedombox-unstable_`date +%Y.%m%d`.img"
+ freedombox-unstable_2012.0705.img
+
+The end. Hooray! The SD card is ready for the DreamPlug.
+
+# To Understand It
+
+Be aware that this is a *very* imcomplete solution for now, suitable only
+for developers .. you will want to at least do things like create unique
+ssh host keys for your device!
+
+Digging into the code should be fairly straightforward. There are only six
+files you need to be aware of:
+
+- /Makefile: The makefile that describes and builds the system.
+- /mk_dreamplug_rootfs: Builds the DreamPlug's root file-system.
+- /bin/projects: The place for external projects to hook into and customize
+ themselves before they're copied to the image.
+- /bin/finalize: Finalizes and prepares the build for booting.
+- /source: The root file system.
+- /source/install.sh: Pre-boot configuration that needs to be run on the device
+ itself (from within a chroot).
+
+## Makefile
+
+There are three major targets to be aware of:
+
+- dreamstick: The default target. This loads an image to a USB drive that can
+ be used to install the FreedomBox without opening up your DreamPlug and
+ voiding the warranty. You'll need a JTAG, though.
+- weekly-card: The target used to produce the weekly FreedomBox test release.
+ This will copy the image to a card that can be popped directly into the
+ microSD card slot in the DreamPlug. The DreamPlug will boot happily without
+ needing a JTAG.
+- stamp-dreamplug-rootfs: The root file system itself. It doesn't get installed
+ anywhere (that's done by the other two targets), but is a good way to test
+ whether the image will actually build, without waiting for all that pesky
+ hardware I/O.
+
+## mk_dreamplug_rootfs
+
+Starts building the system by creating all the destination directories and
+installing the base system.
+
+## /bin/projects
+
+Where projects that want to integrate into the FreedomBox should hook into.
+Keep in mind, we aren't in a chroot at this point. The only environment
+variables you'll probably need are:
+
+- user: The non-root user's name (uid = 1000).
+- homedir: The non-root user's home-directory.
+
+## /bin/finalize
+
+Getting the system ready for boot, doing the things that don't need to be done
+inside a chroot. You probably don't need to change this.
+
+## /source
-To turn the device into a Torouter you'll want to do the following:
- # ssh or login to the router
- wget https://gitweb.torproject.org/torouter.git/blob_plain/HEAD:/packages/torouter_easy_setup.sh
- bash torouter_easy_setup.sh
- reboot
+The root file system on the DreamPlug. Modify this, and you're modifying what
+ends up on the FreedomBox.
-This should result in a proper Torouter without any need for further configuration.
+## /source/install.sh
-Be aware that this is an imcomplete solution for now .. you will want to at
-least do things like create unique ssh host keys for your device!
+This is executed from a chroot during the build process to do configuration that
+needs to be done on the device itself. You shouldn't need to modify this. If
+you're installing a project that needs to change how the system configures
+itself, you're probably doing something wrong.
diff --git a/freedom-maker/TODO b/freedom-maker/TODO
index 32c138d..184aca5 100644
--- a/freedom-maker/TODO
+++ b/freedom-maker/TODO
@@ -1,13 +1,25 @@
-- re-factor the script(s) to allow building for at least Sheeva and Dream
-- fold in use of vmdebootstrap to build x86 image(s)
-- there are a few things we really do want to defer to first boot, or at least
- make it trivial to fix up per-system
- - ssh host keys
- - root password
-- decide what we're going to do about the provided u-boot .. use or replace?
-- decide which kernel we actually want to run and incorporate into the build
-- work out recommended process for getting from freedom-maker outputs to bits
- installed and running on each target type
- - DreamPlug: sh /boot/copy2dream.sh
-- add Sheeva as a build target
-- add x86 virtualized as a build target (use vmdebootstrap?)
+- [ ] initial boot configuration improvements, as there are a few
+ things we really do want to defer to first boot, or at least make it
+ trivial to fix up per-system
+
+ - [X] ssh host keys
+ - [ ] root password
+- [ ] add Sheeva as a build target
+- [X] add x86 virtualized as a build target (use vmdebootstrap?)
+- [ ] investigate and integrate software components that looks interesting
+ - channel-server, the buddycloud channels service for XMPP
+ - babeld, loop-free distance-vector routing protocol
+ - tahoe-lafs, secure distributed filesystem
+- [ ] virtualbox should build with dreamplug configuration
+
+*** stuff to do for first feature release ***
+
+ - [ ] pre-configured user interface
+ - [X] DHCP and HTTP servers on eth0 and/or eth1
+ - [ ] plinth-based initial config interface
+
+ - [ ] freedom buddy installed
+ - [ ] openvpn server setup
+ - [ ] the privoxy fork configured as a transparent proxy
+ - [ ] plinth configured to at display these config details and to
+ control whatever is feasible
diff --git a/freedom-maker/bin/copy2dream.sh b/freedom-maker/bin/copy2dream.sh
deleted file mode 100644
index cc800e9..0000000
--- a/freedom-maker/bin/copy2dream.sh
+++ /dev/null
@@ -1,30 +0,0 @@
-#!/bin/sh
-#
-# this script assumes the current root filesystem is the source, and the
-# internal microSD on a DreamPlug is the target .. copy the kernel uImage to
-# the FAT partition on sda1, and the root contents to the ext3 on sda2
-#
-mount /dev/sda1 /media
-mv /media/uImage /media/uImage.old
-cp /boot/uImage /media/uImage
-umount /media
-
-mke2fs -j /dev/sda2
-mount /dev/sda2 /media
-(cd / ; tar cf - `/bin/ls | grep -v proc | grep -v sys | grep -v media | grep -v dev`) | \
- (cd /media ; tar xvf -)
-
-mkdir /media/proc /media/sys /media/media
-
-echo "Creating basic device nodes"
-mkdir /media/dev
-mknod /media/dev/console c 5 1
-mknod /media/dev/random c 1 8
-mknod /media/dev/urandom c 1 9
-mknod /media/dev/null c 1 3
-mknod /media/dev/ptmx c 5 2
-
-umount /dev/sda2
-
-echo "interrupt the next boot and change the root path to /dev/sda2"
-
diff --git a/freedom-maker/bin/finalize b/freedom-maker/bin/finalize
new file mode 100755
index 0000000..9995b77
--- /dev/null
+++ b/freedom-maker/bin/finalize
@@ -0,0 +1,65 @@
+#! /bin/bash
+#
+# Copyright 2011 by Bdale Garbee <bdale@gag.com>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+# based on work by <ivan@sanchezortega.es>, who released his script under
+# the following license terms:
+# ----------------------------------------------------------------------------
+# "THE BEER-WARE LICENSE" (Revision 42):
+# As long as you retain this notice you can do whatever you want with
+# this stuff. If we meet some day, and you think this stuff is worth it,
+# you can buy me a beer in return.
+# ----------------------------------------------------------------------------
+
+# finalize
+#
+# Readies the root filesystem to silently complete package
+# configuration on the first boot-up.
+
+# We don't tolerate errors.
+set -e
+
+# Until udev is configured and run for the first time, dev nodes won't be created, but we need some basic ones for spawning a console (console) and creating RSA keys for SSH (urandom).
+echo "Creating basic device nodes"
+mknod $target/dev/console c 5 1
+mknod $target/dev/random c 1 8
+mknod $target/dev/urandom c 1 9
+mknod $target/dev/null c 1 3
+mknod $target/dev/ptmx c 5 2
+
+# Set up hostname
+echo "Setting up hostname."
+echo $hostname > $target/etc/hostname
+
+# prepare to copy, when we do it later.
+chown root:root $target/sbin/copy2dream
+chmod 744 $target/sbin/copy2dream
+
+# prepare chroot project finalization
+cp bin/projects-chroot $target/
+
+echo "Using qemu-user-static to perform first-boot configuration now."
+chmod 755 $target/install.sh
+cp /usr/bin/qemu-arm-static $target/usr/bin
+echo "Running install script from source/install.sh"
+chroot $target /install.sh
+echo "Running install script from bin/projects-chroot"
+chroot $target /projects-chroot
+
+# clean up.
+rm "${target}/projects-chroot"
+rm "${target}/usr/bin/qemu-arm-static"
diff --git a/freedom-maker/bin/partition-stick b/freedom-maker/bin/partition-stick
new file mode 100755
index 0000000..e54dc9a
--- /dev/null
+++ b/freedom-maker/bin/partition-stick
@@ -0,0 +1,37 @@
+#!/bin/sh
+# create required partitions on a USB stick
+
+# Do not tolerate errors.
+set -e
+
+if [ $# -ne 1 ]; then
+ echo 'Usage: partition-stick <block device>'
+ exit 1
+fi
+
+if [ ! -b $1 ]; then
+ echo "Error: $1 is not a block device."
+ exit 1
+fi
+
+if grep -q $1 /etc/mtab; then
+ echo "Error: $1 is currently mounted."
+ exit 1;
+fi
+
+repeat=1
+while [ $repeat -eq 1 ]; do
+ read -p "Do you really want to format (and lose all data on) device $MOUNTED? [y/n] " CONFIRMATION
+ case "$CONFIRMATION" in
+ y|Y) repeat=0 ;;
+ n|N) exit 0 ;;
+ *) echo "You have to type 'y' or 'n'." ;;
+ esac
+done
+
+sudo parted -s $1 mklabel msdos
+sudo parted -a optimal -s $1 mkpart primary fat16 0 128
+sudo parted -a optimal -s $1 mkpart primary ext2 128 100%
+
+sudo mkdosfs ${1}1
+sudo mkfs.ext3 -j ${1}2
diff --git a/freedom-maker/bin/projects b/freedom-maker/bin/projects
new file mode 100755
index 0000000..2b5ed3c
--- /dev/null
+++ b/freedom-maker/bin/projects
@@ -0,0 +1,33 @@
+#! /bin/bash
+#
+# Copyright 2012 by Nick Daly <nick.m.daly@gmail.com>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+# projects
+#
+# Installs external projects to the system.
+
+# We don't tolerate errors.
+set -e
+
+
+echo "Adding a few FreedomBox projects to the image."
+
+git clone git://github.com/NickDaly/Plinth.git $homedir/plinth
+git clone git://github.com/jvasile/freedombox-privoxy $homedir/freedombox-privoxy
+git clone git://github.com/jvasile/withsqlite.git $homedir/withsqlite
+# hg clone https://hg@bitbucket.org/nickdaly/plugserver $homedir/plugserver
+chown -R 1000:1000 $homedir
diff --git a/freedom-maker/bin/projects-chroot b/freedom-maker/bin/projects-chroot
new file mode 100755
index 0000000..50d4884
--- /dev/null
+++ b/freedom-maker/bin/projects-chroot
@@ -0,0 +1 @@
+#! /bin/sh
diff --git a/freedom-maker/fbx-base.conf b/freedom-maker/fbx-base.conf
deleted file mode 100644
index 3412768..0000000
--- a/freedom-maker/fbx-base.conf
+++ /dev/null
@@ -1,13 +0,0 @@
-[General]
-cleanup=false
-noauth=false
-unpack=true
-aptsources=Debian
-debootstrap=Debian
-
-[Debian]
-packages=base-files netbase openssh-server zile wget iproute net-tools hostname module-init-tools wget resolvconf udev isc-dhcp-client ifupdown rsyslog libertas-firmware apt
-source=http://ftp.ba.debian.org/debian
-keyring=debian-archive-keyring
-suite=squeeze
-components=main contrib non-free
diff --git a/freedom-maker/freedombox-customize b/freedom-maker/freedombox-customize
new file mode 100755
index 0000000..1f3ee69
--- /dev/null
+++ b/freedom-maker/freedombox-customize
@@ -0,0 +1,49 @@
+#!/usr/bin/python
+
+import crypt
+import os
+import subprocess
+import sys
+
+
+user = "fbx"
+password = "frdm"
+rootdir = sys.argv[1]
+home = "/home/{0}/".format(user)
+
+
+def runchroot(argv):
+ return runcmd(["chroot", rootdir] + argv)
+
+def runcmd(argv, stdin='', ignore_fail=False, **kwargs):
+ p = subprocess.Popen(argv, stdin=subprocess.PIPE,
+ stdout=subprocess.PIPE, stderr=subprocess.PIPE,
+ **kwargs)
+ out, err = p.communicate(stdin)
+ if p.returncode != 0:
+ msg = 'command failed: %s\n%s\n%s' % (argv, out, err)
+ if not ignore_fail:
+ print (msg)
+ raise Exception(msg)
+ return out
+
+if __name__ == "__main__":
+ print 'Customizing freedombox'
+
+ # Create a fboxlite account.
+ runchroot(['adduser', '--gecos', user, '--disabled-password', user])
+ encrypted = crypt.crypt(password, '..')
+ runchroot(['usermod', '-p', encrypted, user])
+
+ # Create all projects
+ runchroot(['git', 'clone', 'git://github.com/NickDaly/Plinth.git',
+ home + 'plinth'])
+ runchroot(['git', 'clone', 'git://github.com/jvasile/freedombox-privoxy',
+ home + 'freedombox-privoxy'])
+ runchroot(['git', 'clone', 'git://github.com/jvasile/withsqlite.git',
+ home + 'withsqlite'])
+ runchroot(['hg', 'clone', 'https://hg@bitbucket.org/nickdaly/plugserver',
+ home + 'plugserver'])
+
+ # change home directory ownership appropriately
+ runchroot(['chown', '-R', '1000:1000', home])
diff --git a/freedom-maker/mk_dreamplug_rootfs b/freedom-maker/mk_dreamplug_rootfs
index 5f11bc9..5b56e08 100755
--- a/freedom-maker/mk_dreamplug_rootfs
+++ b/freedom-maker/mk_dreamplug_rootfs
@@ -29,157 +29,76 @@
#
# Runs multistrap and readies the resulting root filesystem to silently
# complete package configuration on the first boot-up.
+#
+# Accepts the multistrap config file name as an argument.
-# where to build images, etc
-basedir=`pwd`/build
-target=$basedir/dreamplug
-tmpdir=$basedir/tmp
-pkgcache=$tmpdir/aptcache
-
-mkdir -p $target
-mkdir -p $tmpdir
-mkdir -p $pkgcache
-
-hostname='freedombox'
-rootpassword='freedom'
-
-kernelimage=http://www.newit.co.uk/kernels/Dreamplug/Dreamplug-prerelease/uImage
-kernelmodules=http://www.newit.co.uk/kernels/Dreamplug/Dreamplug-prerelease/Modules.tar.gz
+# We don't tolerate errors.
+set -e
-if [ ! -f $tmpdir/uImage ]
+architecture=armel
+if [ -n "$1" ]
then
- wget -c $kernelimage --output-document="$tmpdir/uImage"
+ architecture=$1
fi
-if [ ! -f $tmpdir/linux.tar.gz ]
+
+config=multistrap-configs/fbx-$architecture.conf
+if [ -n "$2" ]
then
- wget -c $kernelmodules --output-document="$tmpdir/linux.tar.gz"
+ config=$2
fi
-rm -rf $target/*
+# users
+hostname='freedombox'
+rootpassword='freedom'
+user='fbx'
+userpassword='frdm'
+export hostname
+export rootpassword
+export user
+export userpassword
+# where to build images, etc
+basedir=`pwd`/build
+source=`pwd`/source
+target=$basedir/$architecture
+tmpdir=$basedir/tmp
+pkgcache=$tmpdir/aptcache
+homedir=$target/home/$user
+export basedir
+export source
+export target
+export tmpdir
+export pkgcache
+export homedir
+
+# make the directories we'll need.
+mkdir -p $target
+rm -rf $target/*
+mkdir -p $tmpdir
+mkdir -p $pkgcache
mkdir -p $target/var/cache/apt/ && mount -o bind $pkgcache $target/var/cache/apt/
+mkdir -p $target/var/cache/apt/archives
+mkdir -p $target/usr/bin
+# multistrap
echo "Multistrapping..."
-multistrap -f fbx-armel.conf --no-auth -d $target
+multistrap -f $config -d $target
+rm -f $target/etc/apt/sources.list.d/multistrap-debian.list
+# un-do the bind mount so we don't trip over it later
umount $target/var/cache/apt/
-mkdir $target/var/cache/apt/archives
-
-echo "Unpacking kernel modules..."
-mkdir -p $target/lib/modules/
-tar -C $target/lib/ -zxvf $tmpdir/linux.tar.gz | tail
-echo "copy uImage to target filesystem"
-mkdir -p $target/boot
-cp build/tmp/uImage $target/boot/uImage
-echo "copy copy2dream.sh script to target filesystem"
-cp bin/copy2dream.sh $target/boot/copy2dream.sh
+# copy!
+echo "Copying the source directory to the FreedomBox root."
+rsync -av $source/ $target
-# Until udev is configured and run for the first time, dev nodes won't be created, but we need some basic ones for spawning a console (console) and creating RSA keys for SSH (urandom).
-echo "Creating basic device nodes"
-mknod $target/dev/console c 5 1
-mknod $target/dev/random c 1 8
-mknod $target/dev/urandom c 1 9
-mknod $target/dev/null c 1 3
-mknod $target/dev/ptmx c 5 2
+# add projects to the image to make it a useful FreedomBox.
+bin/projects
-# Basic fstab & mtab..
-echo "Setting up basic fstab & mtab"
-echo "
-rootfs / rootfs relatime,rw 0 0
-proc /proc proc none 0 0
-sys /sys sysfs none 0 0
-none /dev/pts devpts defaults 0 0
-tmpfs /tmp tmpfs rw,nosuid,nodev 0 0
-" > $target/etc/fstab
-
-touch $target/etc/mtab
-
-# Set up hostname
-echo "Setting up hostname, /etc/network/interfaces, nameservers, persistent-net-generator rules"
-echo $hostname > $target/etc/hostname
-
-# Create /etc/network/interfaces
-echo "# This file describes the network interfaces available on your system
-# and how to activate them. For more information, see interfaces(5).
-
-# The loopback network interface
-auto lo
-iface lo inet loopback
-
-# The primary network interface
-allow-hotplug eth0
-iface eth0 inet dhcp
-
-allow-hotplug eth1
-iface eth1 inet dhcp
- " > $target/etc/network/interfaces
-
-# Override the above stuff - we know better
-cp ../packages/torouter-prep/configs/interfaces $target/etc/network/interfaces
-
-# Stop the libertas module from loading
-cp ../packages/torouter-prep/configs/modprobe.d-blacklist.conf $target/etc/modprobe.d/blacklist.conf
-
-# Setup nameserver (use OpenDNS by default)
-echo "nameserver 208.67.222.222
-nameserver 208.67.220.220" > $target/etc/resolv.conf
-
-# Touch the net generator udev so that eth0 won't be reassigned in case the user
-# changes the MAC address - this may happen if you change the rootfs between plugs.
-touch $target/etc/udev/rules.d/75-persistent-net-generator.rules
-
-# generate configuration script
-
-echo "Create script to configure packages in qemu-user-static"
-
-echo "
-echo \"Preconfiguring dash - else dash and bash will be left in a broken state\"
-/var/lib/dpkg/info/dash.preinst install
-
-echo \"Configuring all packages\"
-export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true
-export LC_ALL=C LANGUAGE=C LANG=C
-dpkg --configure -a
-
-# Establish an initial root password
-echo \"Set root password to \"$rootpassword
-echo root:$rootpassword | /usr/sbin/chpasswd
-
-# By default, spawn a console on the serial port
-echo \"Adding a getty on the serial port\"
-echo \"T0:12345:respawn:/sbin/getty -L ttyS0 115200 vt100\" >> /etc/inittab
-
-echo \"Tweaks to reduce flash writes as per http://www.plugcomputer.org/plugwiki/index.php/Reduce_Flash_Writes\"
-echo \"
-# Reduce writes to flash drives
-vm.laptop_mode=5
-vm.swappiness=0
-vm.dirty_writeback_centisecs=1500
-vm.dirty_expire_centisecs=1500
-\" >> /etc/sysctl.conf
-
-echo \"Deleting this very same script\"
-rm -f /install.sh
-
-echo \"Syncing filesystem just in case something didn't get written\"
-sync
-
-echo \"End configuration progress by exiting from the chroot\"
-exit
-
-" > $target/install.sh
-
-chmod 755 $target/install.sh
-
-echo "Use qemu-user-static to perform first-boot configuration now"
-
-mkdir -p $target/usr/bin
-cp /usr/bin/qemu-arm-static $target/usr/bin
-chroot $target /install.sh
-rm $target/usr/bin/qemu-arm-static
+# cleanup and finalize the image so it boots correctly.
+bin/finalize
+# finish!
echo "Syncing..."
sync
-
echo "Finished. You may now copy the rootfs to the plug."
diff --git a/freedom-maker/mk_virtualbox_image b/freedom-maker/mk_virtualbox_image
new file mode 100755
index 0000000..abdd730
--- /dev/null
+++ b/freedom-maker/mk_virtualbox_image
@@ -0,0 +1,31 @@
+#!/bin/bash
+
+# Ensure git\VBoxManage is installed
+# Get vmdebootstrap code
+# Run vmdebootstrap script to create image
+# Convert image to vdi hard drive
+
+# don't tolerate errors.
+set -e
+
+basedir=`pwd`
+IMAGE=$1
+
+# Get vmdebootstrap code
+rm -rf vmdebootstrap
+git clone git://gitorious.org/~nickdaly/vmdebootstrap/nickdalys-vmdebootstrap.git
+
+# Run vmdebootstrap script to create image
+sudo ./vmdebootstrap/vmdebootstrap --log freedombox.log --log-level debug --image $IMAGE.img --hostname freedombox \
+ --size 1G --verbose --enable-dhcp --package ssh --package apache2 --package git --package mercurial \
+ --package build-essential --package checkinstall --package python-simplejson \
+ --mirror http://ftp.uk.debian.org/debian/ --package pandoc --package python-cheetah \
+ --package python-argparse \
+ --customize=$basedir/freedombox-customize --root-password=password1 --arch=i386
+
+# Convert image to vdi hard drive
+VBoxManage convertdd $IMAGE.img $IMAGE.vdi
+
+#mkdir testing
+#sudo mount -o loop,offset=1048576 freedombox.img testing/
+#sudo umount testing/
diff --git a/freedom-maker/fbx-armel.conf b/freedom-maker/multistrap-configs/fbx-amd64.conf
index a6a7d6c..857fad5 100644
--- a/freedom-maker/fbx-armel.conf
+++ b/freedom-maker/multistrap-configs/fbx-amd64.conf
@@ -1,3 +1,3 @@
[General]
-arch=armel
+arch=amd64
include=fbx-base.conf
diff --git a/freedom-maker/multistrap-configs/fbx-armel.conf b/freedom-maker/multistrap-configs/fbx-armel.conf
new file mode 100644
index 0000000..aeb64a7
--- /dev/null
+++ b/freedom-maker/multistrap-configs/fbx-armel.conf
@@ -0,0 +1,14 @@
+[General]
+include=fbx-base.conf
+arch=armel
+aptsources=Debian armel
+debootstrap=Debian armel
+
+[armel]
+packages=linux-image-3.2.0-3-kirkwood flash-kernel u-boot-tools u-boot
+source=http://http.debian.net/debian/
+keyring=debian-archive-keyring
+suite=wheezy
+components=main
+omitdebsrc=false
+
diff --git a/freedom-maker/multistrap-configs/fbx-base.conf b/freedom-maker/multistrap-configs/fbx-base.conf
new file mode 100644
index 0000000..be65b72
--- /dev/null
+++ b/freedom-maker/multistrap-configs/fbx-base.conf
@@ -0,0 +1,14 @@
+[General]
+cleanup=true
+noauth=false
+unpack=true
+debootstrap=Debian
+aptsources=Debian
+
+[Debian]
+packages=base-files netbase openssh-server zile wget iproute net-tools hostname module-init-tools wget resolvconf udev isc-dhcp-client ifupdown rsyslog devio initramfs-tools uboot-mkimage parted dosfstools apt jwchat prosody liblua5.1-sec1 monkeysphere iputils-ping haveged python python-cheetah pandoc python-simplejson make isc-dhcp-server dialog locales-all uaputl dnsmasq iptables
+source=http://http.debian.net/debian/
+keyring=debian-archive-keyring
+suite=wheezy
+components=main
+omitdebsrc=false
diff --git a/freedom-maker/multistrap-configs/fbx-i386.conf b/freedom-maker/multistrap-configs/fbx-i386.conf
new file mode 100644
index 0000000..888c46b
--- /dev/null
+++ b/freedom-maker/multistrap-configs/fbx-i386.conf
@@ -0,0 +1,3 @@
+[General]
+arch=i386
+include=fbx-base.conf
diff --git a/freedom-maker/source/etc/apt/sources.list b/freedom-maker/source/etc/apt/sources.list
new file mode 100644
index 0000000..c06710c
--- /dev/null
+++ b/freedom-maker/source/etc/apt/sources.list
@@ -0,0 +1,2 @@
+deb http://http.debian.net/debian wheezy main
+deb-src http://http.debian.net/debian wheezy main
diff --git a/freedom-maker/source/etc/dhcp/dhcpd.conf b/freedom-maker/source/etc/dhcp/dhcpd.conf
new file mode 100644
index 0000000..ec502c6
--- /dev/null
+++ b/freedom-maker/source/etc/dhcp/dhcpd.conf
@@ -0,0 +1,32 @@
+#
+# FreedomBox ISC dhcpd configuration
+#
+#
+
+# The ddns-updates-style parameter controls whether or not the server will
+# attempt to do a DNS update when a lease is confirmed. We default to the
+# behavior of the version 2 packages ('none', since DHCP v2 didn't
+# have support for DDNS.)
+ddns-update-style none;
+
+# option definitions common to all supported networks...
+option domain-name "free.dom";
+option domain-name-servers ns1.free.dom, ns2.free.dom;
+
+default-lease-time 600;
+max-lease-time 7200;
+
+# If this DHCP server is the official DHCP server for the local
+# network, the authoritative directive should be uncommented.
+authoritative;
+
+# Use this to send dhcp log messages to a different log file (you also
+# have to hack syslog.conf to complete the redirection).
+log-facility local7;
+
+# basic subnet configuration for the 'downstream' wired network
+
+subnet 192.168.1.0 netmask 255.255.255.0 {
+ range 192.168.1.10 192.168.1.100;
+ option routers 192.168.1.1;
+}
diff --git a/freedom-maker/source/etc/dnsmasq.conf b/freedom-maker/source/etc/dnsmasq.conf
new file mode 100644
index 0000000..71403d7
--- /dev/null
+++ b/freedom-maker/source/etc/dnsmasq.conf
@@ -0,0 +1,24 @@
+log-facility=DAEMON
+
+local=/fbx/
+local=/freedombox/
+
+# Upstream DNS server
+# FIXME this should be updated on boot.
+server=192.168.0.1@eth1
+
+# We will serve this DNS domain
+# (DHCP hosts will receive a .lan suffix in DNS)
+domain=lan
+
+# We're the authoritative dhcpd
+# Read the manpage for a good explanation of what this does
+dhcp-authoritative
+
+# We are going to serve hosts for:
+# - LAN (192.168.1.0/24) (Only static hosts)
+# - WLAN (192.168.2.0/24)
+# New clients will receive an IP from the WLAN range.
+
+dhcp-range=interface:eth0,set:lan,192.168.1.10,192.168.1.100,255.255.255.0,2h
+# dhcp-range=interface:uap0,set:lan,192.168.2.10,192.168.2.100,255.255.255.0,2h
diff --git a/freedom-maker/source/etc/fstab b/freedom-maker/source/etc/fstab
new file mode 100644
index 0000000..7c48827
--- /dev/null
+++ b/freedom-maker/source/etc/fstab
@@ -0,0 +1,6 @@
+/dev/sdc2 / auto relatime,rw 0 0
+proc /proc proc none 0 0
+sys /sys sysfs none 0 0
+none /dev/pts devpts defaults 0 0
+tmpfs /tmp tmpfs rw,nosuid,nodev 0 0
+/dev/sdc1 /boot vfat defaults 0 0
diff --git a/freedom-maker/source/etc/hosts b/freedom-maker/source/etc/hosts
new file mode 100644
index 0000000..e252996
--- /dev/null
+++ b/freedom-maker/source/etc/hosts
@@ -0,0 +1,7 @@
+127.0.0.1 localhost freedombox fbx
+::1 localhost ip6-localhost ip6-loopback
+fe00::0 ip6-localnet
+ff00::0 ip6-mcastprefix
+ff02::1 ip6-allnodes
+ff02::2 ip6-allrouters
+
diff --git a/freedom-maker/source/etc/init.d/first-run b/freedom-maker/source/etc/init.d/first-run
new file mode 100755
index 0000000..8df2c2d
--- /dev/null
+++ b/freedom-maker/source/etc/init.d/first-run
@@ -0,0 +1,71 @@
+#!/bin/bash
+#
+# Script to complete the post-install process on first FBX boot.
+
+### BEGIN INIT INFO
+# Provides: first-run
+# Default-Start: 1 2
+# Required-Start: 2
+# Required-Stop:
+# Default-Stop:
+# Short-Description: Finish FBX install on DreamPlug
+### END INIT INFO
+
+function tweak-kernel {
+ # Update the kernel unless requested otherwise.
+
+ if [ -e /var/freedombox/dont-tweak-kernel ]
+ then
+ rm /var/freedombox/dont-tweak-kernel
+ else
+ kernel_version="$(/bin/ls $mountpoint/boot/vmlinuz-*-kirkwood | sort -rn | head -n1 | sed s#$mountpoint/boot/vmlinuz-##)"
+
+ mount -t proc proc /proc
+ flash-kernel $kernel_version
+ umount /proc
+ fi
+}
+
+function wifi-ap-setup {
+ # configure wireless access point with spinifex's prebuilt firmware
+
+ echo "Sleeping 30s for DHCP"
+ sleep 30 # wait for dhcp
+
+ echo "Installing UAP Firmware."
+ wget -O /tmp/marvell_wifi_firmware.tar.gz http://www.spinifex.com.au/plugs/downloads/dreamplug/marvell_wifi_firmware.tar.gz
+ tar -C /tmp -zxf /tmp/marvell_wifi_firmware.tar.gz
+ mkdir -p /lib/firmware/mrvl
+ cp /tmp/lib/firmware/mrvl/* /lib/firmware/mrvl
+}
+
+function create-keys {
+ echo "Creating Keys."
+
+ echo "Creating SSH keys."
+ rm /etc/ssh/ssh_host_*
+ dpkg-reconfigure openssh-server
+
+ echo "Need to create other keys."
+ # gpg --batch --gen-key
+ # see http://lists.gnupg.org/pipermail/gnupg-users/2003-March/017376.html
+}
+
+function remove-self {
+ rm -f /etc/init.d/first-run
+ rm -f /etc/rc1.d/S01first-run
+ rm -f /etc/rc2.d/S01first-run
+ rm /etc/init.d/first-run
+ rm /etc/rc1.d/S01first-run
+ rm /etc/rc2.d/S01first-run
+}
+
+create-keys
+# wifi-ap-setup
+
+# the last things we do before quitting.
+tweak-kernel
+remove-self
+
+echo "Kernel flashed. Rebooting."
+reboot
diff --git a/freedom-maker/source/etc/init.d/proxy b/freedom-maker/source/etc/init.d/proxy
new file mode 100755
index 0000000..901507b
--- /dev/null
+++ b/freedom-maker/source/etc/init.d/proxy
@@ -0,0 +1,61 @@
+#! /bin/sh
+
+### BEGIN INIT INFO
+# Provides: proxy
+# Required-Start: $network $remote_fs $syslog
+# Required-Stop: $remote_fs $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Proxy for clients.
+### END INIT INFO
+
+set -e
+
+INTIF1="eth0"
+INTIF2="uap0"
+EXTIF="eth1"
+EXTIP="`/sbin/ifconfig $EXTIF | grep 'inet addr' | awk '{print $2}' | sed -e 's/.*://'`"
+
+loadModules() {
+ depmod -a
+ modprobe ip_tables
+ modprobe ip_conntrack
+ modprobe ip_conntrack_ftp
+ modprobe ip_conntrack_irc
+ modprobe iptable_nat
+ modprobe ip_nat_ftp
+}
+
+setProc() {
+ echo "1" > /proc/sys/net/ipv4/ip_forward
+ echo "1" > /proc/sys/net/ipv4/ip_dynaddr
+}
+
+configIpTables() {
+ iptables -P INPUT ACCEPT
+ iptables -F INPUT
+ iptables -P OUTPUT ACCEPT
+ iptables -F OUTPUT
+ iptables -P FORWARD DROP
+ iptables -F FORWARD
+ iptables -t nat -F
+
+ iptables -A FORWARD -i $EXTIF -o $INTIF1 -m state --state ESTABLISHED,RELATED -j ACCEPT
+ iptables -A FORWARD -i $EXTIF -o $INTIF2 -m state --state ESTABLISHED,RELATED -j ACCEPT
+ iptables -A FORWARD -i $INTIF1 -o $EXTIF -j ACCEPT
+ iptables -A FORWARD -i $INTIF2 -o $EXTIF -j ACCEPT
+
+ iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE
+}
+
+case "$1" in
+ start)
+ loadModules
+ setProc
+ configIpTables
+ ;;
+ *)
+ log_success_msg "Usage: /etc/init.d/proxy {start}"
+ exit 1
+ ;;
+esac
diff --git a/freedom-maker/source/etc/mtab b/freedom-maker/source/etc/mtab
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/freedom-maker/source/etc/mtab
diff --git a/freedom-maker/source/etc/network/interfaces b/freedom-maker/source/etc/network/interfaces
new file mode 100644
index 0000000..9680bed
--- /dev/null
+++ b/freedom-maker/source/etc/network/interfaces
@@ -0,0 +1,25 @@
+# This file describes the network interfaces available on your system
+# and how to activate them. For more information, see interfaces(5).
+
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The primary network interface
+auto eth0
+iface eth0 inet static
+ address 192.168.1.1
+ netmask 255.255.255.0
+
+allow-hotplug eth1
+iface eth1 inet dhcp
+
+# auto uap0
+# iface uap0 inet static
+# address 192.168.2.1
+# netmask 255.255.255.0
+# post-up uaputl sys_cfg_ssid "freedombox"
+# post-up uaputl sys_cfg_protocol 32 # WPA2
+# post-up uaputl sys_cfg_wpa_passphrase "freedombox123"
+# post-up uaputl sys_cfg_cipher 8 8 # AES CCMP
+# post-up uaputl bss_start
diff --git a/freedom-maker/source/etc/openvpn/client.conf b/freedom-maker/source/etc/openvpn/client.conf
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/freedom-maker/source/etc/openvpn/client.conf
diff --git a/freedom-maker/source/etc/openvpn/static.key b/freedom-maker/source/etc/openvpn/static.key
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/freedom-maker/source/etc/openvpn/static.key
diff --git a/freedom-maker/source/etc/rc1.d/S01first-run b/freedom-maker/source/etc/rc1.d/S01first-run
new file mode 120000
index 0000000..e24a808
--- /dev/null
+++ b/freedom-maker/source/etc/rc1.d/S01first-run
@@ -0,0 +1 @@
+../init.d/first-run \ No newline at end of file
diff --git a/freedom-maker/source/etc/rc2.d/S01first-run b/freedom-maker/source/etc/rc2.d/S01first-run
new file mode 120000
index 0000000..e24a808
--- /dev/null
+++ b/freedom-maker/source/etc/rc2.d/S01first-run
@@ -0,0 +1 @@
+../init.d/first-run \ No newline at end of file
diff --git a/freedom-maker/source/etc/rc2.d/S50proxy b/freedom-maker/source/etc/rc2.d/S50proxy
new file mode 120000
index 0000000..9855df4
--- /dev/null
+++ b/freedom-maker/source/etc/rc2.d/S50proxy
@@ -0,0 +1 @@
+../init.d/proxy \ No newline at end of file
diff --git a/freedom-maker/source/etc/resolv.conf b/freedom-maker/source/etc/resolv.conf
new file mode 100644
index 0000000..af9304d
--- /dev/null
+++ b/freedom-maker/source/etc/resolv.conf
@@ -0,0 +1,2 @@
+nameserver 208.67.222.222
+nameserver 208.67.220.220
diff --git a/freedom-maker/source/etc/sysctl.conf b/freedom-maker/source/etc/sysctl.conf
new file mode 100644
index 0000000..916e972
--- /dev/null
+++ b/freedom-maker/source/etc/sysctl.conf
@@ -0,0 +1,5 @@
+# Reduce writes to flash drives
+vm.laptop_mode=5
+vm.swappiness=0
+vm.dirty_writeback_centisecs=1500
+vm.dirty_expire_centisecs=1500
diff --git a/freedom-maker/source/etc/udev/rules.d/75-persistent-net-generator.rules b/freedom-maker/source/etc/udev/rules.d/75-persistent-net-generator.rules
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/freedom-maker/source/etc/udev/rules.d/75-persistent-net-generator.rules
diff --git a/freedom-maker/source/install.sh b/freedom-maker/source/install.sh
new file mode 100644
index 0000000..76547ba
--- /dev/null
+++ b/freedom-maker/source/install.sh
@@ -0,0 +1,76 @@
+echo "Preconfiguring dash - else dash and bash will be left in a broken state"
+/var/lib/dpkg/info/dash.preinst install
+
+# don't leave target image containing apt config of the build host
+echo "Configuring all packages"
+export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true
+export LC_ALL=C LANGUAGE=C LANG=C
+
+# allow flash-kernel to work without valid /proc contents
+# ** this doesn't *really* work, since there are too many checks that fail
+# in an emulated environment! We'll have to do it by hand below anyway...
+export FK_MACHINE="Globalscale Technologies Dreamplug"
+
+# configure all packages unpacked earlier by multistrap
+dpkg --configure -a
+
+echo "Adding source packages to filesystem"
+dpkg --get-selections > /tmp/selections
+mkdir -p /sourcecode
+cd sourcecode
+cut -f 1 < /tmp/selections | cut -d ':' -f 1 > /tmp/packages
+apt-get source --download-only `cat /tmp/packages`
+
+# sshd may be left running by the postinst, clean that up
+/etc/init.d/ssh stop
+
+# process installed kernel to create uImage, uInitrd, dtb
+# using flash-kernel would be a good approach, except it fails in the cross
+# build environment due to too many environment checks...
+#FK_MACHINE="Globalscale Technologies Dreamplug" flash-kernel
+# so, let's do it manually...
+
+# flash-kernel's hook-functions provided to mkinitramfs have the unfortunate
+# side-effect of creating /conf/param.conf in the initrd when run from our
+# emulated chroot environment, which means our root= on the kernel command
+# line is completely ignored! repack the initrd to remove this evil...
+
+mkdir /tmp/initrd-repack
+(cd /tmp/initrd-repack ; \
+ zcat /boot/initrd.img-3.2.0-3-kirkwood | cpio -i ; \
+ rm -f conf/param.conf ; \
+ find . | cpio --quiet -o -H newc | \
+ gzip -9 > /boot/initrd.img-3.2.0-3-kirkwood )
+rm -rf /tmp/initrd-repack
+
+(cd /boot ; \
+ cp /usr/lib/linux-image-3.2.0-3-kirkwood/kirkwood-dreamplug.dtb dtb ; \
+ cat vmlinuz-3.2.0-3-kirkwood dtb >> temp-kernel ; \
+ mkimage -A arm -O linux -T kernel -n 'Debian kernel 3.2.0-3-kirkwood' \
+ -C none -a 0x8000 -e 0x8000 -d temp-kernel uImage ; \
+ rm -f temp-kernel ; \
+ mkimage -A arm -O linux -T ramdisk -C gzip -a 0x0 -e 0x0 \
+ -n 'Debian ramdisk 3.2.0-3-kirkwood' \
+ -d initrd.img-3.2.0-3-kirkwood uInitrd )
+
+# Establish an initial root password
+echo "Set root password to "$rootpassword
+echo root:$rootpassword | /usr/sbin/chpasswd
+
+# Create a default user
+echo "Creating fbx user, password: $userpassword"
+useradd $user
+echo $user:$userpassword | /usr/sbin/chpasswd
+
+# By default, spawn a console on the serial port
+echo "Adding a getty on the serial port"
+echo "T0:12345:respawn:/sbin/getty -L ttyS0 115200 vt100" >> /etc/inittab
+
+echo "Deleting this very same script"
+rm -f /install.sh
+
+echo "Syncing filesystem just in case something didn't get written"
+sync
+
+echo "End configuration progress by exiting from the chroot"
+exit
diff --git a/freedom-maker/source/sbin/copy2dream b/freedom-maker/source/sbin/copy2dream
new file mode 100644
index 0000000..267c2b6
--- /dev/null
+++ b/freedom-maker/source/sbin/copy2dream
@@ -0,0 +1,47 @@
+#!/bin/sh
+#
+# this script assumes the current root filesystem is the source, and the
+# internal microSD on a DreamPlug is the target .. all existing content on
+# the microSD card will be lost.
+#
+
+# partition microSD card inside DreamPlug
+echo "=> partition internal microSD card"
+parted -s /dev/sda mklabel msdos
+parted -s /dev/sda mkpart primary fat16 0 128
+parted -s /dev/sda mkpart primary ext2 128 100%
+
+# create filesystems on new partitions
+echo "=> create filesystems on internal microSD card"
+mkdosfs /dev/sda1
+mke2fs -j /dev/sda2
+
+echo "=> mount target partitions"
+mount /dev/sda2 /media
+mkdir -p /media/boot
+mount /dev/sda1 /media/boot
+
+echo "=> copy filesystem content from USB stick to target partitions"
+(cd / ; tar cpSf - `/bin/ls | grep -v boot | grep -v proc | grep -v sys | grep -v media | grep -v dev`) | (cd /media ; tar xpf -)
+# the following intentionally ignores subdirectories
+cp /boot/* /media/boot/
+
+echo "=> touch up target root partition"
+mkdir /media/proc /media/sys /media/media /media/dev
+mknod /media/dev/console c 5 1
+mknod /media/dev/random c 1 8
+mknod /media/dev/urandom c 1 9
+mknod /media/dev/null c 1 3
+mknod /media/dev/ptmx c 5 2
+
+# patch up /etc/fstab entry for /boot
+sed -e 's/sdc/sda/g' < /etc/fstab > /media/etc/fstab
+
+# flash the kernel and create the device's keys
+chroot /media /etc/init.d/first-run
+
+echo "unmount target partitions"
+umount /dev/sda1
+umount /dev/sda2
+
+echo "=> installation complete, see docs to boot from internal microSD"