Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
firmware
FFS Gluon
Commits
71c3b832
Unverified
Commit
71c3b832
authored
May 26, 2021
by
David Bauer
Committed by
GitHub
May 26, 2021
Browse files
Merge pull request #2102 from blocktrron/mesh-vpn-abstraction
mesh-vpn: fully abstract VPN methods
parents
17dd5abd
98a1c196
Changes
12
Hide whitespace changes
Inline
Side-by-side
package/gluon-config-mode-mesh-vpn/luasrc/lib/gluon/config-mode/reboot/0100-mesh-vpn.lua
View file @
71c3b832
local
site_i18n
=
i18n
'gluon-site'
local
uci
=
require
(
"simple-uci"
).
cursor
()
local
unistd
=
require
'posix.unistd'
local
platform
=
require
'gluon.platform'
local
site
=
require
'gluon.site'
local
sysconfig
=
require
'gluon.sysconfig'
local
util
=
require
"
gluon.
util"
local
vpn
=
require
'
gluon.
mesh-vpn'
local
pretty_hostname
=
require
'pretty_hostname'
local
has_fastd
=
unistd
.
access
(
'/lib/gluon/mesh-vpn/fastd'
)
local
has_tunneldigger
=
unistd
.
access
(
'/lib/gluon/mesh-vpn/tunneldigger'
)
local
hostname
=
pretty_hostname
.
get
(
uci
)
local
contact
=
uci
:
get_first
(
"gluon-node-info"
,
"owner"
,
"contact"
)
...
...
@@ -22,19 +16,18 @@ local pubkey
local
msg
if
has_tunneldigger
then
local
tunneldigger_enabled
=
uci
:
get_bool
(
"tunneldigger"
,
"mesh_vpn"
,
"enabled"
)
if
not
tunneldigger_enabled
then
msg
=
site_i18n
.
_translate
(
'gluon-config-mode:novpn'
)
if
vpn
.
enabled
()
then
local
_
,
active_vpn
=
vpn
.
get_active_provider
()
if
active_vpn
~=
nil
then
pubkey
=
active_vpn
.
public_key
()
end
elseif
has_fastd
then
local
fastd_enabled
=
uci
:
get_bool
(
"fastd"
,
"mesh_vpn"
,
"enabled"
)
if
fastd_enabled
then
pubkey
=
util
.
trim
(
util
.
exec
(
"/etc/init.d/fastd show_key mesh_vpn"
))
if
pubkey
~=
nil
then
msg
=
site_i18n
.
_translate
(
'gluon-config-mode:pubkey'
)
else
msg
=
site_i18n
.
_translate
(
'gluon-config-mode:novpn'
)
end
else
msg
=
site_i18n
.
_translate
(
'gluon-config-mode:novpn'
)
end
if
not
msg
then
return
end
...
...
package/gluon-config-mode-mesh-vpn/luasrc/lib/gluon/config-mode/wizard/0300-mesh-vpn.lua
View file @
71c3b832
local
unistd
=
require
'posix.unistd'
local
has_fastd
=
unistd
.
access
(
'/lib/gluon/mesh-vpn/fastd'
)
local
has_tunneldigger
=
unistd
.
access
(
'/lib/gluon/mesh-vpn/tunneldigger'
)
local
vpn
=
require
'gluon.mesh-vpn'
local
_
,
active_vpn
=
vpn
.
get_active_provider
()
return
function
(
form
,
uci
)
if
not
(
has_fastd
or
has_tunneldigger
)
then
if
active_vpn
==
nil
then
return
end
...
...
package/gluon-mesh-vpn-core/luasrc/lib/gluon/mesh-vpn/update-config
View file @
71c3b832
#!/usr/bin/lua
local
uci
=
require
(
'simple-uci'
).
cursor
()
local
unistd
=
require
'posix.unistd'
local
vpn
if
unistd
.
access
(
'/lib/gluon/mesh-vpn/fastd'
)
then
vpn
=
'fastd'
elseif
unistd
.
access
(
'/lib/gluon/mesh-vpn/tunneldigger'
)
then
vpn
=
'tunneldigger'
end
local
vpn_name
,
vpn
=
require
(
'gluon.mesh-vpn'
).
get_active_provider
()
local
vpn_config
=
{
enabled
=
uci
:
get_bool
(
'gluon'
,
'mesh_vpn'
,
'enabled'
),
...
...
@@ -17,32 +10,20 @@ local vpn_config = {
limit_ingress
=
uci
:
get
(
'gluon'
,
'mesh_vpn'
,
'limit_ingress'
),
}
uci
:
delete
(
'simple-tc'
,
'mesh_vpn'
)
uci
:
section
(
'simple-tc'
,
'interface'
,
'mesh_vpn'
,
{
ifname
=
'mesh-vpn'
,
enabled
=
vpn_config
.
limit_enabled
,
limit_egress
=
vpn_config
.
limit_egress
,
})
if
vpn
==
'fastd'
then
uci
:
set
(
'fastd'
,
'mesh_vpn'
,
'enabled'
,
vpn_config
.
enabled
)
uci
:
set
(
'simple-tc'
,
'mesh_vpn'
,
'limit_ingress'
,
vpn_config
.
limit_ingress
)
else
if
vpn_name
~=
'fastd'
then
uci
:
set
(
'fastd'
,
'mesh_vpn'
,
'enabled'
,
false
)
uci
:
save
(
'fastd'
)
end
uci
:
save
(
'fastd'
)
if
vpn
==
'tunneldigger'
then
uci
:
set
(
'tunneldigger'
,
'mesh_vpn'
,
'enabled'
,
vpn_config
.
enabled
)
if
vpn_name
~=
'tunneldigger'
then
uci
:
set
(
'tunneldigger'
,
'mesh_vpn'
,
'enabled'
,
false
)
uci
:
save
(
'tunneldigger'
)
end
if
vpn_config
.
limit_enabled
then
uci
:
set
(
'tunneldigger'
,
'mesh_vpn'
,
'limit_bw_down'
,
vpn_config
.
limit_ingress
)
else
uci
:
delete
(
'tunneldigger'
,
'mesh_vpn'
,
'limit_bw_down'
)
end
vpn
.
enable
(
vpn_config
.
enabled
)
if
vpn_config
.
limit_enabled
then
vpn
.
set_limit
(
vpn_config
.
limit_ingress
,
vpn_config
.
limit_egress
)
else
uci
:
set
(
'tunneldigger'
,
'mesh_vpn'
,
'enabled'
,
false
)
vpn
.
set_limit
(
nil
,
nil
)
end
uci
:
save
(
'tunneldigger'
)
uci
:
save
(
'simple-tc'
)
package/gluon-mesh-vpn-core/luasrc/lib/gluon/upgrade/500-mesh-vpn
View file @
71c3b832
...
...
@@ -5,11 +5,11 @@ local users = require 'gluon.users'
local
util
=
require
'gluon.util'
local
uci
=
require
(
'simple-uci'
).
cursor
()
local
unistd
=
require
'posix.unistd'
local
vpn_core
=
require
'gluon.mesh-vpn'
uci
:
section
(
'network'
,
'interface'
,
'mesh_vpn'
,
{
ifname
=
'mesh-vpn'
,
ifname
=
vpn_core
.
get_interface
()
,
proto
=
'gluon_mesh'
,
transitive
=
true
,
fixed_mtu
=
true
,
...
...
@@ -35,12 +35,7 @@ uci:save('firewall')
-- VPN migration
if
not
uci
:
get
(
'gluon'
,
'mesh_vpn'
)
then
local
vpn
if
unistd
.
access
(
'/lib/gluon/mesh-vpn/fastd'
)
then
vpn
=
'fastd'
elseif
unistd
.
access
(
'/lib/gluon/mesh-vpn/tunneldigger'
)
then
vpn
=
'tunneldigger'
end
local
vpn
,
_
=
vpn_core
.
get_active_provider
()
local
fastd_enabled
=
uci
:
get
(
'fastd'
,
'mesh_vpn'
,
'enabled'
)
local
tunneldigger_enabled
=
uci
:
get
(
'tunneldigger'
,
'mesh_vpn'
,
'enabled'
)
...
...
package/gluon-mesh-vpn-core/luasrc/usr/lib/lua/gluon/mesh-vpn.lua
View file @
71c3b832
local
uci
=
require
(
'simple-uci'
).
cursor
()
local
util
=
require
'gluon.util'
local
M
=
{}
function
M
.
get_mesh_vpn_interface
()
return
'mesh-vpn'
function
M
.
enabled
()
return
uci
:
get_bool
(
'gluon'
,
'mesh_vpn'
,
'enabled'
)
end
function
M
.
enable
(
val
)
return
uci
:
set
(
'gluon'
,
'mesh_vpn'
,
'enabled'
,
val
)
end
function
M
.
get_interface
()
return
'mesh-vpn'
end
function
M
.
get_provider
(
name
)
return
require
(
'gluon.mesh-vpn.provider.'
..
name
)
end
function
M
.
get_provider_names
()
local
out
=
{}
for
_
,
v
in
ipairs
(
util
.
glob
(
'/lib/gluon/mesh-vpn/provider/*'
))
do
table.insert
(
out
,
v
:
match
(
'([^/]+)$'
))
end
return
out
end
function
M
.
get_active_provider
()
-- Active provider is the provider in use
-- by the currently active site / domain
for
_
,
name
in
ipairs
(
M
.
get_provider_names
())
do
local
provider
=
M
.
get_provider
(
name
)
if
provider
.
active
()
then
return
name
,
provider
end
end
return
nil
,
nil
end
return
M
package/gluon-mesh-vpn-fastd/files/lib/gluon/mesh-vpn/fastd
→
package/gluon-mesh-vpn-fastd/files/lib/gluon/mesh-vpn/
provider/
fastd
View file @
71c3b832
File moved
package/gluon-mesh-vpn-fastd/luasrc/lib/gluon/upgrade/400-mesh-vpn-fastd
View file @
71c3b832
...
...
@@ -2,6 +2,7 @@
local
site
=
require
'gluon.site'
local
util
=
require
'gluon.util'
local
vpn_core
=
require
'gluon.mesh-vpn'
local
uci
=
require
(
'simple-uci'
).
cursor
()
...
...
@@ -37,7 +38,7 @@ end
uci
:
section
(
'fastd'
,
'fastd'
,
'mesh_vpn'
,
{
group
=
'gluon-mesh-vpn'
,
syslog_level
=
syslog_level
,
interface
=
'mesh-vpn'
,
interface
=
vpn_core
.
get_interface
()
,
mode
=
'tap'
,
mtu
=
site
.
mesh_vpn
.
mtu
(),
secure_handshakes
=
true
,
...
...
package/gluon-mesh-vpn-fastd/luasrc/usr/lib/lua/gluon/mesh-vpn/provider/fastd.lua
0 → 100644
View file @
71c3b832
local
uci
=
require
(
'simple-uci'
).
cursor
()
local
site
=
require
'gluon.site'
local
util
=
require
'gluon.util'
local
vpn_core
=
require
'gluon.mesh-vpn'
local
M
=
{}
function
M
.
public_key
()
return
util
.
trim
(
util
.
exec
(
'/etc/init.d/fastd show_key mesh_vpn'
))
end
function
M
.
enable
(
val
)
uci
:
set
(
'fastd'
,
'mesh_vpn'
,
'enabled'
,
val
)
uci
:
save
(
'fastd'
)
end
function
M
.
active
()
return
site
.
mesh_vpn
.
fastd
()
~=
nil
end
function
M
.
set_limit
(
ingress_limit
,
egress_limit
)
uci
:
delete
(
'simple-tc'
,
'mesh_vpn'
)
if
ingress_limit
~=
nil
and
egress_limit
~=
nil
then
uci
:
section
(
'simple-tc'
,
'interface'
,
'mesh_vpn'
,
{
ifname
=
vpn_core
.
get_interface
(),
enabled
=
true
,
limit_egress
=
egress_limit
,
limit_ingress
=
ingress_limit
,
})
end
uci
:
save
(
'simple-tc'
)
end
return
M
package/gluon-mesh-vpn-tunneldigger/files/lib/gluon/mesh-vpn/tunneldigger
→
package/gluon-mesh-vpn-tunneldigger/files/lib/gluon/mesh-vpn/
provider/
tunneldigger
View file @
71c3b832
File moved
package/gluon-mesh-vpn-tunneldigger/luasrc/lib/gluon/upgrade/400-mesh-vpn-tunneldigger
View file @
71c3b832
...
...
@@ -2,6 +2,7 @@
local
site
=
require
'gluon.site'
local
util
=
require
'gluon.util'
local
vpn_core
=
require
'gluon.mesh-vpn'
local
uci
=
require
(
'simple-uci'
).
cursor
()
...
...
@@ -23,7 +24,7 @@ end
uci
:
section
(
'tunneldigger'
,
'broker'
,
'mesh_vpn'
,
{
enabled
=
enabled
,
uuid
=
util
.
node_id
(),
interface
=
'mesh-vpn'
,
interface
=
vpn_core
.
get_interface
()
,
bind_interface
=
'br-wan'
,
group
=
'gluon-mesh-vpn'
,
broker_selection
=
'usage'
,
...
...
package/gluon-mesh-vpn-tunneldigger/luasrc/lib/lua/gluon/mesh-vpn/provider/tunneldigger.lua
0 → 100644
View file @
71c3b832
local
uci
=
require
(
'simple-uci'
).
cursor
()
local
site
=
require
'gluon.site'
local
vpn_core
=
require
'gluon.mesh-vpn'
local
M
=
{}
function
M
.
public_key
()
return
nil
end
function
M
.
enable
(
val
)
uci
:
set
(
'tunneldigger'
,
'mesh_vpn'
,
'enabled'
,
val
)
uci
:
save
(
'tunneldigger'
)
end
function
M
.
active
()
return
site
.
mesh_vpn
.
tunneldigger
()
~=
nil
end
function
M
.
set_limit
(
ingress_limit
,
egress_limit
)
if
ingress_limit
~=
nil
then
uci
:
set
(
'tunneldigger'
,
'mesh_vpn'
,
'limit_bw_down'
,
ingress_limit
)
else
uci
:
delete
(
'tunneldigger'
,
'mesh_vpn'
,
'limit_bw_down'
)
end
if
egress_limit
~=
nil
then
uci
:
section
(
'simple-tc'
,
'interface'
,
'mesh_vpn'
,
{
ifname
=
vpn_core
.
get_interface
(),
enabled
=
true
,
limit_egress
=
egress_limit
,
})
else
uci
:
delete
(
'simple-tc'
,
'mesh_vpn'
)
end
uci
:
save
(
'tunneldigger'
)
uci
:
save
(
'simple-tc'
)
end
return
M
package/gluon-web-admin/files/lib/gluon/config-mode/view/admin/info.html
View file @
71c3b832
...
...
@@ -6,14 +6,19 @@
local
sysconfig =
require
'
gluon.sysconfig
'
local
platform =
require
'
gluon.platform
'
local
util =
require
"
gluon.util
"
local
has_vpn
,
vpn =
pcall(require,
'
gluon.mesh-vpn
')
local
_ =
translate
local
pubkey
local
meshvpn_enabled =
uci:get_bool("fastd",
"
mesh_vpn
",
"
enabled
")
if
meshvpn_enabled
then
pubkey =
util.trim(util.exec('/etc/init.d/fastd
show_key
mesh_vpn
'))
if
has_vpn
and
vpn.enabled
()
then
local
_
,
active_vpn =
vpn.get_active_provider()
if
active_vpn
~=
nil
then
pubkey =
active_vpn.public_key()
end
if
pubkey =
=
''
then
pubkey =
nil
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment