Commit Graph

1238 Commits

Author SHA1 Message Date
Daniel Barlow
87f6a31a06 improve firewall log format 2024-02-08 17:21:26 +00:00
Daniel Barlow
a9ea01428e firewall: don't drop in conntrack rule
as there are other rules following that might want to accept
2024-02-08 17:20:39 +00:00
Daniel Barlow
92b0bec038 rotuer: add schnapps and the rest of the lan interfaces 2024-02-07 23:48:10 +00:00
Daniel Barlow
82537bbe68 delete commented-out code 2024-02-07 23:47:38 +00:00
Daniel Barlow
efb29c5901 demo-firewall: add some rules for ipv4 2024-02-07 23:47:09 +00:00
Daniel Barlow
29e61be26c rotuer: get lan rfc1918 prefix from secrets 2024-02-07 23:46:16 +00:00
Daniel Barlow
6f1f9d6f20 firewall: fix module loading 2024-02-07 23:43:41 +00:00
Daniel Barlow
34291292c0 fix dependency on kernel moduels in firewall service 2024-02-07 16:21:14 +00:00
Daniel Barlow
c9e4c1b0da kernel-modules: use linuxArch instead of case expression 2024-02-07 16:20:34 +00:00
Arnout Engelen
63e3f2aa58 Add support for TP-Link Archer AX23 2024-02-06 18:00:55 +01:00
Arnout Engelen
61494fdc0c Add tplink module for creating 'safeloader' images 2024-02-06 17:59:38 +01:00
Daniel Barlow
891d6e5f20 thenk 2024-02-05 19:20:13 +00:00
dan
c4041b00f6 Merge pull request 'docs: add hardware recommendation' (#2) from raboof/liminix:hardware-recommendations into main
Reviewed-on: https://gti.telent.net/dan/liminix/pulls/2
2024-02-05 15:56:07 +00:00
Daniel Barlow
f875622100 improve formatting 2024-02-04 18:24:01 +00:00
Daniel Barlow
49ec4a2961 installation instructions for Turris Omnia
feels like a milestone, or at least a big step towards one
2024-02-04 18:20:04 +00:00
Daniel Barlow
c8154a2db9 kernel: add "conditional" config
imagine: you are using a device that requires
CONFIG_MYDEVICE_FROBOZZ_DRIVER but only if CONFIG_FROBOZZ has been
specified elsewhere. Because we check that every requested config
symbol actually appears in .config then it can't be added
unconditionally or the build will fail if CONFIG_FROBOZZ wasn't asked
for.

I'm not 100% happy about this design but it's the best I've thought of
so far.
2024-02-04 18:12:15 +00:00
Daniel Barlow
02cf2c6b80 add ssh keys in recovry image 2024-02-04 18:10:58 +00:00
Daniel Barlow
b0709a6443 systemconfig: fix missing backslashes on env vars 2024-02-04 17:19:03 +00:00
Daniel Barlow
86f5c9b568 schnapps needs util-linux for mount
specifically, it expects mount /dev/foo -o blah /dest to work,
but busybox mount expects options to precede all the other
command line args
2024-02-04 15:50:25 +00:00
Daniel Barlow
ef707de8b1 add extlinux in recovery example
this needlessly bloats the TFTP image, which is a shame, but is
needed for installing onto usb stick
2024-02-02 19:51:41 +00:00
Daniel Barlow
89c88dd472 specify type for rootDevice module option 2024-02-02 19:50:13 +00:00
Daniel Barlow
c1ad139310 whitespace 2024-02-02 19:43:34 +00:00
Daniel Barlow
f682b26c29 omnia seems very fussy about tftp load address
when loading with 0x1000000 base address, something was getting
corrupted in the uncompressed rootfs

$ head -c $(printf "%d" 0x2be0000) rootfs | sha1sum
142571fe0436c18191727d1d4c2fd32163c1f2e1  -
=> sha1sum 0x1000000 2be0000
sha1 for 01000000 ... 03bdffff ==> 142571fe0436c18191727d1d4c2fd32163c1f2e1

but!

$  head -c $(printf "%d" 0x2bf0000) rootfs | sha1sum
7aa004ba87c6772bade491fbade164e2dfe100f9  -
=> sha1sum 0x1000000 2bf0000
sha1 for 01000000 ... 03beffff ==> 1a0923a94784d0c0b86006c5e6fff1649770dad3
2024-02-02 19:36:11 +00:00
Daniel Barlow
84ce618213 recovery: grow fs to partition size before starting sshd
sshd expects there to be space in /persist/secrets that it can
use to write host keys, but when we make ext4fs images we don't
put any free space in them
2024-01-28 11:30:19 +00:00
Daniel Barlow
9e199c6957 tftpboot: compute dtbSize *after* changing dtb
Adding the reserved-memory node to the dtb can cause it to grow
by enough that it needs an extra page - this will overlap the start
of the kernel image if we calculate offsets based on the original size

Reported-by: sinavir
Authored-by: sinavir
2024-01-26 22:51:58 +00:00
Daniel Barlow
c8e3d84bf4 think 2024-01-26 22:46:36 +00:00
Daniel Barlow
dd8ec18881 restore boot.tftp.freeSpaceBytes 2024-01-26 22:46:36 +00:00
Daniel Barlow
1730cf07b1 bug workaround
If we set squashfs rootfsType, the image doesn't rebuild when
the kernel config is changed. Need to figure out why
2024-01-26 22:46:36 +00:00
Daniel Barlow
de51bfe13d default root device in recovery to sda1
It will probably work fine for USB-stick boot (except in the case
where there is > 1 usb device plugged in, so maybe don't do that)

It doesn't matter for TFTP boot because boot.scr overrides the root=
param anyway
2024-01-26 22:46:36 +00:00
Daniel Barlow
b09723345c don't put all of util-linux in recovery
it adds ~ 5MB to the image size
2024-01-26 22:46:36 +00:00
Daniel Barlow
1781d4b6e4 add lzma to buildenv 2024-01-26 22:46:36 +00:00
Daniel Barlow
c219350d7c add usb storage for turris omnia
ideally we would make this a module instead of compiling in
directly
2024-01-26 22:46:36 +00:00
dan
6f83282ff5 Merge pull request 'openwrt: update to v23.05.2' (#4) from raboof/liminix:openwrt-update-to-v23.05.2 into main
Reviewed-on: https://gti.telent.net/dan/liminix/pulls/4
2024-01-26 22:39:11 +00:00
Arnout Engelen
04895f9cf6 openwrt: update to v23.05.2 2024-01-25 12:29:03 +01:00
dan
5f2d1660bd Merge pull request 'belkin-rt3200: Enable watchdog drivers' (#3) from sinavir/liminix:add_belkin_watchdog into main
Reviewed-on: https://gti.telent.net/dan/liminix/pulls/3
2024-01-24 14:36:08 +00:00
sinavir
7642e23c0a belkin-rt3200: Enable watchdog drivers 2024-01-24 13:38:55 +01:00
Daniel Barlow
83ee488e4c systemconfig: /boot needs to go inside /persist 2024-01-09 13:10:02 +00:00
Daniel Barlow
f19a937eda omnia needs MARVELL_PHY for the WAN port to work
interestingly, we only see this when it boots from mmc, because
for tftpboot the bootloader has already performed negotiation
and therefore it works despite the missing option.
2024-01-09 13:07:14 +00:00
Daniel Barlow
f0490f37d5 turris omnia: tidy config, remove dead bits 2024-01-08 19:22:42 +00:00
Daniel Barlow
c1101d3af5 make extlinux work with liminix-rebuild
add /boot to the systemConfiguration closure
2024-01-08 18:58:07 +00:00
Daniel Barlow
9a3d7a387e correct turris omnia root device 2024-01-08 18:55:41 +00:00
Daniel Barlow
228c0a1668 pass rootOptions config as rootflags= kernel cmdline opt 2024-01-08 18:54:49 +00:00
Daniel Barlow
63f034e362 preinit: parse rootflags= in kernel command line 2024-01-08 00:35:13 +00:00
Daniel Barlow
6971d03520 preinit: check return from write() 2024-01-07 21:24:16 +00:00
Daniel Barlow
7bc9cb6c55 why is extlink hardcoding root device? 2024-01-07 20:30:23 +00:00
Daniel Barlow
a251ceeb99 omnia releng 2024-01-07 16:54:44 +00:00
Daniel Barlow
38a7f0b03b turris omnia: add all lan devices
I think we might turn "lan" into a bridge, but that's for later
2024-01-07 16:54:44 +00:00
Daniel Barlow
c0c4752350 systemconfig "install" cmd honours prefix on source 2024-01-07 16:54:44 +00:00
Daniel Barlow
3c941b4ce2 partial btrfs support
doesn't actually know how to make the filesystem, just
kernel config and accept it as a valid option
2024-01-07 16:43:43 +00:00
Daniel Barlow
243295aab8 recovery config for turris omnia 2024-01-07 14:58:46 +00:00