Makefile

@@ -19,14 +19,31 @@ escape = '$(subst ','\'',$(1))'
 GLUON_SITEDIR ?= site
 $(eval $(call mkabspath,GLUON_SITEDIR))
 
-$(GLUON_SITEDIR)/site.mk:
-	$(error No site configuration was found. Please check out a site configuration to $(GLUON_SITEDIR))
+ifeq ($(realpath $(GLUON_SITEDIR)/site.mk),)
+$(error No site configuration was found. Please check out a site configuration to $(GLUON_SITEDIR))
+endif
 
 include $(GLUON_SITEDIR)/site.mk
 
 GLUON_RELEASE ?= $(error GLUON_RELEASE not set. GLUON_RELEASE can be set in site.mk or on the command line)
 
-GLUON_DEPRECATED ?= $(error GLUON_DEPRECATED not set. Please consult the documentation)
+GLUON_DEPRECATED ?= 0
+
+ifneq ($(GLUON_BRANCH),)
+  $(warning *** Warning: GLUON_BRANCH has been deprecated, please set GLUON_AUTOUPDATER_BRANCH and GLUON_AUTOUPDATER_ENABLED instead.)
+  GLUON_AUTOUPDATER_BRANCH ?= $(GLUON_BRANCH)
+  GLUON_AUTOUPDATER_ENABLED ?= 1
+endif
+
+ifneq ($(GLUON_FEATURES)$(GLUON_FEATURES_standard)$(GLUON_FEATURES_tiny),)
+  $(error *** Warning: GLUON_FEATURES has been obsolete, please use the image-customization.lua file instead.)
+endif
+
+ifneq ($(GLUON_SITE_PACKAGES)$(GLUON_SITE_PACKAGES_standard)$(GLUON_SITE_PACKAGES_tiny),)
+  $(error *** Warning: GLUON_SITE_PACKAGES has been obsolete, please use the image-customization.lua file instead.)
+endif
+
+GLUON_AUTOUPDATER_ENABLED ?= 0
 
 # initialize (possibly already user set) directory variables
 GLUON_TMPDIR ?= tmp
@@ -44,9 +61,14 @@ $(eval $(call mkabspath,GLUON_PACKAGEDIR))
 $(eval $(call mkabspath,GLUON_TARGETSDIR))
 $(eval $(call mkabspath,GLUON_PATCHESDIR))
 
+GLUON_VERSION := $(shell scripts/getversion.sh '.')
+
+# Set default SITE_VERSION if not set by user
+GLUON_SITE_VERSION ?= $(shell scripts/getversion.sh '$(GLUON_SITEDIR)')
+
 GLUON_MULTIDOMAIN ?= 0
 GLUON_AUTOREMOVE ?= 0
-GLUON_DEBUG ?= 0
+GLUON_DEBUG ?= 1
 GLUON_MINIFY ?= 1
 
 # Can be overridden via environment/command line/... to use the Gluon
@@ -56,9 +78,10 @@ src-link gluon_base ../../package
 endef
 
 GLUON_VARS = \
+	GLUON_VERSION GLUON_SITE_VERSION \
 	GLUON_RELEASE GLUON_REGION GLUON_MULTIDOMAIN GLUON_AUTOREMOVE GLUON_DEBUG GLUON_MINIFY GLUON_DEPRECATED \
 	GLUON_DEVICES GLUON_TARGETSDIR GLUON_PATCHESDIR GLUON_TMPDIR GLUON_IMAGEDIR GLUON_PACKAGEDIR GLUON_DEBUGDIR \
-	GLUON_SITEDIR GLUON_RELEASE GLUON_BRANCH GLUON_LANGS GLUON_BASE_FEEDS \
+	GLUON_SITEDIR GLUON_AUTOUPDATER_BRANCH GLUON_AUTOUPDATER_ENABLED GLUON_LANGS GLUON_BASE_FEEDS \
 	GLUON_TARGET BOARD SUBTARGET
 
 unexport $(GLUON_VARS)
@@ -82,9 +105,21 @@ update-patches: FORCE
 	scripts/update-patches.sh
 	scripts/patch.sh
 
+refresh-patches: FORCE
+	@
+	export $(GLUON_ENV)
+	scripts/update.sh
+	scripts/patch.sh
+	scripts/update-patches.sh
+
 update-feeds: FORCE
 	@$(GLUON_ENV) scripts/feeds.sh
 
+update-modules: FORCE
+	@scripts/update-modules.sh
+
+update-ci: FORCE
+	@$(GLUON_ENV) scripts/update-ci.sh
 
 GLUON_TARGETS :=
 
@@ -114,13 +149,6 @@ define CheckTarget
 	fi
 endef
 
-define CheckExternal
-	if [ ! -d openwrt ]; then
-		echo "You don't seem to have obtained the external repositories needed by Gluon; please call \`make update\` first!"
-		exit 1
-	fi
-endef
-
 define CheckSite
 	if ! GLUON_SITEDIR='$(GLUON_SITEDIR)' GLUON_SITE_CONFIG='$(1).conf' $(LUA) -e 'assert(dofile("scripts/site_config.lua")(os.getenv("GLUON_SITE_CONFIG")))'; then
 		echo 'Your site configuration ($(1).conf) did not pass validation'
@@ -133,7 +161,10 @@ list-targets: FORCE
 		echo "$$target"
 	done
 
-lint: lint-lua lint-sh
+lint: lint-editorconfig lint-lua lint-sh
+
+lint-editorconfig: FORCE
+	@scripts/lint-editorconfig.sh
 
 lint-lua: FORCE
 	@scripts/lint-lua.sh
@@ -147,9 +178,10 @@ LUA := openwrt/staging_dir/hostpkg/bin/lua
 $(LUA):
 	+@
 
-	$(CheckExternal)
+	scripts/module_check.sh
 
-	[ -e openwrt/.config ] || $(OPENWRTMAKE) defconfig
+	$(GLUON_ENV) scripts/basic_openwrt_config.sh > openwrt/.config
+	$(OPENWRTMAKE) defconfig
 	$(OPENWRTMAKE) tools/install
 	$(OPENWRTMAKE) package/lua/host/compile
 
@@ -157,17 +189,22 @@ $(LUA):
 config: $(LUA) FORCE
 	+@
 
-	$(CheckExternal)
+	scripts/module_check.sh
 	$(CheckTarget)
 	$(foreach conf,site $(patsubst $(GLUON_SITEDIR)/%.conf,%,$(wildcard $(GLUON_SITEDIR)/domains/*.conf)),\
 		$(call CheckSite,$(conf)); \
 	)
 
+	$(OPENWRTMAKE) prepare-tmpinfo
 	$(GLUON_ENV) $(LUA) scripts/target_config.lua > openwrt/.config
 	$(OPENWRTMAKE) defconfig
 	$(GLUON_ENV) $(LUA) scripts/target_config_check.lua
 
 
+container: FORCE
+	@scripts/container.sh
+
+
 all: config
 	+@
 	$(GLUON_ENV) $(LUA) scripts/clean_output.lua
@@ -185,23 +222,23 @@ dirclean: FORCE
 
 manifest: $(LUA) FORCE
 	@
-	[ '$(GLUON_BRANCH)' ] || (echo 'Please set GLUON_BRANCH to create a manifest.'; false)
+	[ '$(GLUON_AUTOUPDATER_BRANCH)' ] || (echo 'Please set GLUON_AUTOUPDATER_BRANCH to create a manifest.'; false)
 	echo '$(GLUON_PRIORITY)' | grep -qE '^([0-9]*\.)?[0-9]+$$' || (echo 'Please specify a numeric value for GLUON_PRIORITY to create a manifest.'; false)
-	$(CheckExternal)
+	scripts/module_check.sh
 
 	(
 		export $(GLUON_ENV)
-		echo 'BRANCH=$(GLUON_BRANCH)'
+		echo 'BRANCH=$(GLUON_AUTOUPDATER_BRANCH)'
 		echo "DATE=$$($(LUA) scripts/rfc3339date.lua)"
 		echo 'PRIORITY=$(GLUON_PRIORITY)'
 		echo
 		for target in $(GLUON_TARGETS); do
 			$(LUA) scripts/generate_manifest.lua "$$target"
 		done
-	) > 'tmp/$(GLUON_BRANCH).manifest.tmp'
+	) > 'tmp/$(GLUON_AUTOUPDATER_BRANCH).manifest.tmp'
 
 	mkdir -p '$(GLUON_IMAGEDIR)/sysupgrade'
-	mv 'tmp/$(GLUON_BRANCH).manifest.tmp' '$(GLUON_IMAGEDIR)/sysupgrade/$(GLUON_BRANCH).manifest'
+	mv 'tmp/$(GLUON_AUTOUPDATER_BRANCH).manifest.tmp' '$(GLUON_IMAGEDIR)/sysupgrade/$(GLUON_AUTOUPDATER_BRANCH).manifest'
 
 FORCE: ;
 

README.md

-Documentation (incomplete at this time, contribute if you can!) may be found at
-https://gluon.readthedocs.io/.
+[![Build Gluon](https://github.com/freifunk-gluon/gluon/actions/workflows/build-gluon.yml/badge.svg?branch=main)](https://github.com/freifunk-gluon/gluon/actions/workflows/build-gluon.yml)
+[![License](https://img.shields.io/badge/License-BSD%202--Clause-orange.svg)](https://opensource.org/license/bsd-2-clause/)
+[![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/freifunk-gluon/gluon?sort=semver)](https://github.com/freifunk-gluon/gluon/releases/latest)
+
+# Gluon
+
+Gluon is a firmware framework to build preconfigured OpenWrt images for public mesh networks.
+
+## Overview
+
+Gluon provides an easy-to-use firmware for a public, decentral WLAN and/or wire based mesh network.
+Common network capable devices, like smartphones, laptops or desktop PCs can connect to the mesh network and communicate over it, without the need of passwords for access and without the need of installing special software.
+Additionally, internet access and merging mesh clouds can be accomplished over a WAN through VPN connected gateways.
+
+Gluon's features include:
+
+* a decentral mesh network
+* easy configuration mode for less techy users
+* community-specific technical settings and customizations through a common site.conf and site.mk
+* ecdsa signature-based autoupdater
+* node status web page
+* publication of node information + statistics through respondd
+* a variety of preconfigured mesh and VPN protocols:
+
+
+Supported mesh protocols:
+
+* batman-adv (BATMAN IV fully, BATMAN V partially)
+* OLSRv2 (partially)
+
+
+Supported protocols for node-to-node connections:
+
+* WLAN: 802.11s (with forwarding disabled)
+* WAN: VPNs via fastd and Wireguard
+* LAN: via VXLAN
+
+## Getting started
+
+We have a huge amount of documentation over at https://gluon.readthedocs.io/.
 
 If you're new to Gluon and ready to get your feet wet, have a look at the
 [Getting Started Guide](https://gluon.readthedocs.io/en/latest/user/getting_started.html).
 
 Gluon's developers frequent an IRC chatroom at [#gluon](ircs://irc.hackint.org/#gluon)
-on [hackint](https://hackint.org/). There is also a [webchat](https://webirc.hackint.org/#irc://irc.hackint.org/#gluon)
-that allows for access from within your browser.
+on [hackint](https://hackint.org/). There is also a [webchat](https://chat.hackint.org/?join=gluon)
+that allows for uncomplicated access from within your browser. This channel is also available as a bridged Matrix Room at [#gluon:hackint.org](https://matrix.to/#/#gluon:hackint.org).
 
 ## Issues & Feature requests
 
@@ -19,12 +57,12 @@ the future development of Gluon.
 
 ## Use a release!
 
-Please refrain from using the `master` branch for anything else but development purposes!
+Please refrain from using the `main` branch for anything else but development purposes!
 Use the most recent release instead. You can list all releases by running `git tag`
-and switch to one by running `git checkout v2020.2 && make update`.
+and switch to one by running `git checkout v2023.2.4 && make update`.
 
 If you're using the autoupdater, do not autoupdate nodes with anything but releases.
-If you upgrade using random master commits the nodes *will break* eventually.
+If you upgrade using random main commits the nodes *might break* eventually.
 
 ## Mailinglist
 

contrib/Dockerfile

-FROM debian:buster-slim
-
-RUN apt update && apt install -y --no-install-recommends \
-    ca-certificates \
-    file \
-    git \
-    subversion \
-    python \
-    build-essential \
-    gawk \
-    unzip \
-    libncurses5-dev \
-    zlib1g-dev \
-    libssl-dev \
-    libelf-dev \
-    wget \
-    time \
-    ecdsautils \
-    lua-check \
-    shellcheck \
-  && rm -rf /var/lib/apt/lists/*
-
-RUN useradd -d /gluon gluon
-USER gluon
-
-VOLUME /gluon
-WORKDIR /gluon

contrib/actions/free-runner-space.sh

+#!/bin/bash
+
+# For a List of pre-installed packages on the runner image see
+# https://github.com/actions/runner-images/tree/main?tab=readme-ov-file#available-images
+
+echo "Disk space before cleanup"
+df -h
+
+# Remove packages not required to run the Gluon build CI
+sudo apt-get -y remove \
+	dotnet-* \
+	firefox \
+	google-chrome-stable \
+	kubectl \
+	microsoft-edge-stable \
+	temurin-*-jdk
+
+# Remove Android SDK tools
+sudo rm -rf /usr/local/lib/android
+
+echo "Disk space after cleanup"
+df -h
+

contrib/actions/generate-actions.py

-#!/usr/bin/env python3
-
-import sys
-
-ACTIONS_HEAD = """
-# Update this file after adding/removing/renaming a target by running
-# `make list-targets BROKEN=1 | ./contrib/actions/generate-actions.py > ./.github/workflows/build-gluon.yml`
-
-name: Build Gluon
-on:
-  push:
-    branches:
-      - master
-      - next
-      - v20*
-  pull_request:
-    types: [opened, synchronize, reopened]
-jobs:
-"""
-
-ACTIONS_TARGET="""
-  {target_name}:
-    name: {target_name}
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v1
-      - name: Install Dependencies
-        run: sudo contrib/actions/install-dependencies.sh
-      - name: Build
-        run: contrib/actions/run-build.sh {target_name}
-      - name: Archive build logs
-        if: ${{{{ !cancelled() }}}}
-        uses: actions/upload-artifact@v1
-        with:
-          name: {target_name}_logs
-          path: openwrt/logs
-      - name: Archive build output
-        uses: actions/upload-artifact@v1
-        with:
-          name: {target_name}_output
-          path: output
-"""
-
-output = ACTIONS_HEAD
-
-for target in sys.stdin:
-	output += ACTIONS_TARGET.format(target_name=target.strip())
-
-print(output)

contrib/actions/generate-target-filters.py

+#!/usr/bin/env python3
+
+# Update target filters using
+#   make update-ci
+
+import re
+import os
+import sys
+import json
+
+# these changes trigger rebuilds on all targets
+common = [
+    ".github/workflows/build-gluon.yml",
+    "modules",
+    "Makefile",
+    "patches/**",
+    "scripts/**",
+    "targets/generic",
+    "targets/targets.mk",
+]
+
+# these changes are only built on x86-64
+extra = [
+    "contrib/ci/minimal-site/**",
+    "package/**"
+]
+
+_filter = dict()
+
+# INCLUDE_PATTERN matches:
+# include '...'
+# include "..."
+# include("...")
+# include('...')
+INCLUDE_PATTERN = "^\\s*include *\\(? *[\"']([^\"']+)[\"']"
+
+# construct filters map from stdin
+for target in sys.stdin:
+    target = target.strip()
+
+    _filter[target] = [
+        f"targets/{target}"
+    ] + common
+
+    target_file = os.path.join(os.environ['GLUON_TARGETSDIR'], target)
+    with open(target_file) as f:
+        includes = re.findall(INCLUDE_PATTERN, f.read(), re.MULTILINE)
+        _filter[target].extend([f"targets/{i}" for i in includes])
+
+    if target == "x86-64":
+        _filter[target].extend(extra)
+
+# print filters to stdout in json format, because json is stdlib and yaml compatible.
+print(json.dumps(_filter, indent=2))

contrib/actions/install-dependencies.sh

-#!/bin/sh
-
-set -e
-
-cp contrib/actions/sources.list /etc/apt/sources.list
-rm -rf /etc/apt/sources.list.d
-apt update
-apt install git subversion build-essential python gawk unzip libncurses5-dev zlib1g-dev libssl-dev wget time
-apt clean
-rm -rf /var/lib/apt/lists/*

contrib/actions/run-build.sh

@@ -6,8 +6,12 @@ export BROKEN=1
 export GLUON_AUTOREMOVE=1
 export GLUON_DEPRECATED=1
 export GLUON_SITEDIR="contrib/ci/minimal-site"
-export GLUON_TARGET=$1
+export GLUON_TARGET="$1"
 export BUILD_LOG=1
 
+BUILD_THREADS="$(($(nproc) + 1))"
+
+echo "Building Gluon with $BUILD_THREADS threads"
+
 make update
-make -j2 V=s
+make -j$BUILD_THREADS V=s

contrib/actions/show-system-info.sh

+#!/bin/bash
+
+echo "-- CPU --"
+cat /proc/cpuinfo
+
+echo "-- Memory --"
+cat /proc/meminfo
+
+echo "-- Disk --"
+df -h
+
+echo "-- Kernel --"
+uname -a
+
+echo "-- Network --"
+ip addr

contrib/actions/sources.list

-deb http://mirror.netcologne.de/ubuntu/ bionic main restricted
-deb http://mirror.netcologne.de/ubuntu/ bionic-updates main restricted

contrib/ci/Jenkinsfile

-pipeline {
-	agent none
-	environment {
-		GLUON_SITEDIR = "contrib/ci/minimal-site"
-		GLUON_TARGET = "x86-64"
-		BUILD_LOG = "1"
-	}
-	stages {
-		stage('lint') {
-			parallel {
-				stage('lint-lua') {
-					agent { label 'gluon-docker' }
-					steps {
-						sh label: 'Identify runner', script: 'echo $SLAVE_NAME'
-						sh 'make lint-lua'
-					}
-				}
-				stage('lint-sh') {
-					agent { label 'gluon-docker-v1' }
-					steps {
-						sh label: 'Identify runner', script: 'echo $SLAVE_NAME'
-						sh 'make lint-sh'
-					}
-				}
-			}
-		}
-		stage('docs') {
-			agent { label 'gluon-docker' }
-			steps {
-				sh label: 'Identify runner', script: 'echo $SLAVE_NAME'
-				sh 'make -C docs html'
-			}
-		}
-		stage('build') {
-			agent { label 'gluon-docker-v2' }
-			steps {
-				sh label: 'Identify runner', script: 'echo $SLAVE_NAME'
-				sh 'make update'
-				sh 'test -d /dl_cache && ln -s /dl_cache openwrt/dl || true'
-				timeout(time: 2, unit: "HOURS") {
-					sh 'make -j$(nproc) V=s'
-				}
-				stash includes: '**/output/images/factory/*-x86-64.img.gz', name: 'gluon-x86-64-factory'
-			}
-		}
-		stage('test') {
-			agent { label 'gluon-vmx' }
-			steps {
-				sh label: 'Identify runner', script: 'echo $SLAVE_NAME'
-				unstash 'gluon-x86-64-factory'
-				sh label: 'Unpack image', script: 'gunzip -cd ./output/images/factory/*x86-64*.img.gz > ./image.img'
-				sh label: 'Print python environment', script: 'python3 -m pip freeze'
-				script {
-					for (f in findFiles(glob: 'tests/*.py')) {
-						timeout(time: 10, unit: "MINUTES") {
-							sh label: "Test ${f.name}", script: "python3 tests/${f.name} --use-tmp-workdir"
-						}
-					}
-				}
-			}
-		}
-	}
-}
-
-/*
- api-history:
-
- Every time the build dependencies of gluon change, the version
- every container has to be rebuilt. Therefore, we use Jenkins
- labels which intoduce a version number which is documented here.
- As soon, as you properly rebuilt your docker container, you
- can notify lemoer, that you have updated your node.
-
- - gluon-docker-v1:
-   - add shellcheck binary to the build environment
- - gluon-docker-v2:
-   - add qemu-testlab testing, requires KVM virtualization support
-   - require rsync dependency to be able to build the next branch
- - gluon-vmx
-   - splits the qemu testing from the gluon-docker-v2 label to accomodate
-     nodes without the vmx cpu flag
-*/

contrib/ci/jenkins-community-slave/Dockerfile

-FROM gluonmesh/build:latest
-
-USER root
-
-# this is needed to install default-jre-headless in debian slim images
-RUN mkdir -p /usr/share/man/man1
- 
-RUN apt-get update && apt-get install -y default-jre-headless curl git netcat-openbsd python3 python3-pip qemu-system-x86 iproute2 openssh-client rsync
-RUN python3 -m pip install jenkins-webapi sphinx sphinx_rtd_theme gluon-qemu-testlab==0.0.5
- 
-# Get docker-compose in the agent container
-RUN mkdir -p /home/jenkins
-RUN mkdir -p /var/lib/jenkins
-RUN mkdir -p /remoting
-RUN chown gluon /home/jenkins
-RUN chown gluon /var/lib/jenkins
-RUN chown gluon /remoting
- 
-# Start-up script to attach the slave to the master
-ADD slave.py /var/lib/jenkins/slave.py
-
-USER gluon
- 
-WORKDIR /home/jenkins
-
-ENV JENKINS_URL "https://build.ffh.zone/"
-ENV JENKINS_SLAVE_ADDRESS ""
-ENV SLAVE_EXECUTORS "1"
-ENV SLAVE_LABELS "docker"
-ENV SLAVE_WORING_DIR ""
-ENV CLEAN_WORKING_DIR "true"
- 
-CMD [ "python3", "-u", "/var/lib/jenkins/slave.py" ]

contrib/ci/jenkins-community-slave/README.md

-# Gluon CI using Jenkins
-
-## Requirements
-- Linux system
-  - with docker installed
-  - with Hardware Virtualisation (KVM Support)
-    - Verify using: `lscpu | grep vmx`
-    - If machine is virtualized host needs to load `kvm_intel` with `nested=1` option and cpuflags need to include `vmx`
-
-## Architecture
-
-![Screenshot from 2019-09-24 00-20-32](https://user-images.githubusercontent.com/601153/65468827-9edf2c80-de65-11e9-9fe0-56c3487719c3.png)
-
-## Installation
-You can support the gluon CI with your infrastructure:
-1. You need to query @lemoer (freifunk@irrelefant.net) for credentials.
-2. He will give you a `SLAVE_NAME` and a `SLAVE_SECRET` for your host.
-3. Then go to your docker host and substitute the values for  `SLAVE_NAME` and a `SLAVE_SECRET` in the following statements:
-``` shell
-git clone https://github.com/freifunk-gluon/gluon/
-cd gluon/contrib/ci/jenkins-community-slave/
-docker build -t gluon-jenkins .
-mkdir /var/cache/openwrt_dl_cache/
-chown 1000:1000 /var/cache/openwrt_dl_cache
-echo "z /dev/kvm 0666 - kvm -" > /etc/tmpfiles.d/kvm.conf
-systemd-tmpfiles --create
-docker run --detach --restart always \
-    --env "SLAVE_NAME=whoareyou" \
-    --env "SLAVE_SECRET=changeme" \
-    --device /dev/kvm:/dev/kvm \
-    --volume /var/cache/openwrt_dl_cache/:/dl_cache \
-    gluon-jenkins
-```
-4. Check whether the instance is running correctly:
-   - Your node should appear [here](https://build.ffh.zone/label/gluon-docker/).
-   - When clicking on it, Jenkins should state "Agent is connected." like here: 
-![Screenshot from 2019-09-24 01-00-52](https://user-images.githubusercontent.com/601153/65469209-dac6c180-de66-11e9-9d62-0d1c3b6b940b.png)
-5. **Your docker container needs to be rebuilt, when the build dependencies of gluon change. As soon as build dependencies have changed, the build dependency api level has to be raised.** After you rebuilt your docker container, notifiy @lemoer, so he can bump the versioning number.
-
-## Backoff
-- If @lemoer is not reachable, please be patient at first if possible. Otherwise contact info@hannover.freifunk.net or join the channel `#freifunkh` on hackint.

contrib/ci/jenkins-community-slave/slave.py

-from jenkins import Jenkins, JenkinsError, NodeLaunchMethod
-import os
-import signal
-import sys
-import subprocess
-import shutil
-import requests
-import time
-
-slave_jar = '/var/lib/jenkins/slave.jar'
-slave_name = os.environ['SLAVE_NAME'] if os.environ['SLAVE_NAME'] != '' else 'docker-slave-' + os.environ['HOSTNAME']
-jnlp_url = os.environ['JENKINS_URL'] + '/computer/' + slave_name + '/slave-agent.jnlp'
-slave_jar_url = os.environ['JENKINS_URL'] + '/jnlpJars/slave.jar'
-print(slave_jar_url)
-process = None
-
-def clean_dir(dir):
-    for root, dirs, files in os.walk(dir):
-        for f in files:
-            os.unlink(os.path.join(root, f))
-        for d in dirs:
-            shutil.rmtree(os.path.join(root, d))
-
-def slave_create(node_name, working_dir, executors, labels):
-    j = Jenkins(os.environ['JENKINS_URL'], os.environ['JENKINS_USER'], os.environ['JENKINS_PASS'])
-    j.node_create(node_name, working_dir, num_executors = int(executors), labels = labels, launcher = NodeLaunchMethod.JNLP)
-
-def slave_delete(node_name):
-    j = Jenkins(os.environ['JENKINS_URL'], os.environ['JENKINS_USER'], os.environ['JENKINS_PASS'])
-    j.node_delete(node_name)
-
-def slave_download(target):
-    if os.path.isfile(slave_jar):
-        os.remove(slave_jar)
-
-    r = requests.get(os.environ['JENKINS_URL'] + '/jnlpJars/slave.jar')
-    with open('/var/lib/jenkins/slave.jar', 'wb') as f:
-        f.write(r.content)
-
-def slave_run(slave_jar, jnlp_url):
-    params = [ 'java', '-jar', slave_jar, '-jnlpUrl', jnlp_url ]
-    if os.environ['JENKINS_SLAVE_ADDRESS'] != '':
-        params.extend([ '-connectTo', os.environ['JENKINS_SLAVE_ADDRESS' ] ])
-
-    if os.environ['SLAVE_SECRET'] == '':
-        params.extend([ '-jnlpCredentials', os.environ['JENKINS_USER'] + ':' + os.environ['JENKINS_PASS'] ])
-    else:
-        params.extend([ '-secret', os.environ['SLAVE_SECRET'] ])
-    return subprocess.Popen(params, stdout=subprocess.PIPE)
-
-def signal_handler(sig, frame):
-    if process != None:
-        process.send_signal(signal.SIGINT)
-
-signal.signal(signal.SIGINT, signal_handler)
-signal.signal(signal.SIGTERM, signal_handler)
-
-def h():
-    print("ERROR!: please specify environment variables")
-    print("")
-    print('docker run -e "SLAVE_NAME=test" -e "SLAVE_SECRET=..." jenkins')
-
-if os.environ.get('SLAVE_NAME') is None:
-    h()
-    sys.exit(1)
-
-if os.environ.get('SLAVE_SECRET') is None:
-    h()
-    sys.exit(1)
-
-def master_ready(url):
-    try:
-        r = requests.head(url, timeout=None)
-        return r.status_code == requests.codes.ok
-    except:
-        return False
-
-while not master_ready(slave_jar_url):
-    print("Master not ready yet, sleeping for 10sec!")
-    time.sleep(10)
-
-slave_download(slave_jar)
-print('Downloaded Jenkins slave jar.')
-
-if os.environ['SLAVE_WORING_DIR']:
-    os.setcwd(os.environ['SLAVE_WORING_DIR'])
-
-if os.environ['CLEAN_WORKING_DIR'] == 'true':
-    clean_dir(os.getcwd())
-    print("Cleaned up working directory.")
-
-if os.environ['SLAVE_NAME'] == '':
-    slave_create(slave_name, os.getcwd(), os.environ['SLAVE_EXECUTORS'], os.environ['SLAVE_LABELS'])
-    print('Created temporary Jenkins slave.')
-
-process = slave_run(slave_jar, jnlp_url)
-print('Started Jenkins slave with name "' + slave_name + '" and labels [' + os.environ['SLAVE_LABELS'] + '].')
-process.wait()
-
-print('Jenkins slave stopped.')
-if os.environ['SLAVE_NAME'] == '':
-    slave_delete(slave_name)
-    print('Removed temporary Jenkins slave.')

contrib/ci/minimal-site/image-customization.lua

+features {
+	'autoupdater',
+	'ebtables-filter-multicast',
+	'ebtables-filter-ra-dhcp',
+	'ebtables-limit-arp',
+	'mesh-batman-adv-15',
+	'mesh-vpn-fastd',
+	'respondd',
+	'status-page',
+	'web-advanced',
+	'web-wizard',
+}
+
+if not device_class('tiny') then
+	features {'wireless-encryption-wpa3'}
+end

contrib/ci/minimal-site/site.conf

--- This is an example site configuration for Gluon v2018.2+
+-- This is an example site configuration
 --
 -- Take a look at the documentation located at
 -- https://gluon.readthedocs.io/ for details.
@@ -10,7 +10,7 @@
   -- hostname_prefix = 'freifunk-',
 
   -- Name of the community.
-  site_name = 'Continious Integration',
+  site_name = 'Continuous Integration',
 
   -- Shorthand of the community.
   site_code = 'ci',
@@ -42,10 +42,14 @@
     -- Wireless channel.
     channel = 1,
 
-    -- ESSID used for client network.
+    -- ESSIDs used for client network.
     ap = {
       ssid = 'gluon-ci-ssid',
       -- disabled = true, -- (optional)
+
+      -- Configuration for a backward compatible OWE network below.
+      owe_ssid = 'owe.gluon-ci-ssid', -- (optional - SSID for OWE client network)
+      owe_transition_mode = true, -- (optional - enables transition-mode - requires ssid as well as owe_ssid)
     },
 
     mesh = {
@@ -72,6 +76,12 @@
     },
   },
 
+  mesh = {
+    vxlan = true,
+    batman_adv = {
+      routing_algo = 'BATMAN_IV',
+    },
+  },
 
   -- The next node feature allows clients to always reach the node it is
   -- connected to using a known IP address.
@@ -82,16 +92,19 @@
     ip6 = 'fd::1',
   },
 
-  mesh = {
-    vxlan = true,
-    batman_adv = {
-      routing_algo = 'BATMAN_IV'
-    }
-  },
+  -- Options specific to routing protocols (optional)
+  -- mesh = {
+    -- Options specific to the batman-adv routing protocol (optional)
+    -- batman_adv = {
+      -- Gateway selection class (optional)
+      -- The default class 20 is based on the link quality (TQ) only,
+      -- class 1 is calculated from both the TQ and the announced bandwidth
+      -- gw_sel_class = 1,
+    -- },
+  -- },
 
   mesh_vpn = {
     -- enabled = true,
-    mtu = 1312,
 
     fastd = {
       -- Refer to https://fastd.readthedocs.io/en/latest/ to better understand
@@ -99,6 +112,7 @@
 
       -- List of crypto-methods to use.
       methods = {'salsa2012+umac'},
+      mtu = 1312,
       -- configurable = true,
       -- syslog_level = 'warn',
 
@@ -111,7 +125,18 @@
           peers = {
           },
 
+          -- Optional: nested peer groups
+          -- groups = {
+            -- backbone_sub = {
+              -- ...
+            -- },
+          -- ...
+          -- },
         },
+        -- Optional: additional peer groups, possibly with other limits
+        -- backbone2 = {
+          -- ...
+        -- },
       },
     },
 
@@ -128,7 +153,8 @@
   },
 
   autoupdater = {
-    -- Default branch. Don't forget to set GLUON_BRANCH when building!
+    -- Default branch (optional), can be overridden by setting GLUON_AUTOUPDATER_BRANCH when building.
+    -- Set GLUON_AUTOUPDATER_ENABLED to enable the autoupdater by default for newly installed nodes.
     branch = 'stable',
 
     -- List of branches. You may define multiple branches.
@@ -143,7 +169,7 @@
         -- Have multiple maintainers sign your build and only
         -- accept it when a sufficient number of them have
         -- signed it.
-        good_signatures = 2,
+        good_signatures = 0,
 
         -- List of public keys of maintainers.
         pubkeys = {

contrib/ci/olsr-site/i18n

+../minimal-site/i18n
\ No newline at end of file

contrib/ci/olsr-site/image-customization.lua

+features {
+	'autoupdater',
+	'ebtables-filter-multicast',
+	'ebtables-filter-ra-dhcp',
+	'ebtables-limit-arp',
+	'mesh-olsrd',
+	'mesh-vpn-fastd',
+	'respondd',
+	'status-page',
+	'web-advanced',
+	'web-wizard',
+}
+
+packages {
+	'iwinfo',
+}
+
+if not device_class('tiny') then
+	features {'wireless-encryption-wpa3'}
+end

contrib/ci/olsr-site/modules

+../minimal-site/modules
\ No newline at end of file

contrib/ci/olsr-site/site.conf

+-- This is an example site configuration
+--
+-- Take a look at the documentation located at
+-- https://gluon.readthedocs.io/ for details.
+--
+-- This configuration will not work as is. You're required to make
+-- community specific changes to it!
+{
+  -- Used for generated hostnames, e.g. freifunk-abcdef123456. (optional)
+  -- hostname_prefix = 'freifunk-',
+
+  -- Name of the community.
+  site_name = 'Continuous Integration',
+
+  -- Shorthand of the community.
+  site_code = 'ci',
+
+  -- 32 bytes of random data, encoded in hexadecimal
+  -- This data must be unique among all sites and domains!
+  -- Can be generated using: echo $(hexdump -v -n 32 -e '1/1 "%02x"' </dev/urandom)
+  domain_seed = 'e9608c4ff338b920992d629190e9ff11049de1dfc3f299eac07792dfbcda341c',
+
+  -- Prefixes used by clients within the mesh.
+  -- prefix6 is required, prefix4 can be omitted if next_node.ip4
+  -- is not set.
+  prefix6 = 'fdff:cafe:cafe:cafe::/64',
+
+  -- Prefixes used by nodes within the mesh
+  node_prefix6 = 'fdff:cafe:cafe:cafe::/64',
+
+  -- Timezone of your community.
+  -- See https://openwrt.org/docs/guide-user/base-system/system_configuration#time_zones
+  timezone = 'CET-1CEST,M3.5.0,M10.5.0/3',
+
+  -- List of NTP servers in your community.
+  -- Must be reachable using IPv6!
+  --  ntp_servers = {'1.ntp.services.ffxx'},
+
+  -- Wireless regulatory domain of your community.
+  regdom = 'DE',
+
+  -- Wireless configuration for 2.4 GHz interfaces.
+  wifi24 = {
+    -- Wireless channel.
+    channel = 1,
+
+    -- ESSIDs used for client network.
+    ap = {
+      ssid = 'gluon-ci-ssid',
+      -- disabled = true, -- (optional)
+
+      -- Configuration for a backward compatible OWE network below.
+      owe_ssid = 'owe.gluon-ci-ssid', -- (optional - SSID for OWE client network)
+      owe_transition_mode = true, -- (optional - enables transition-mode - requires ssid as well as owe_ssid)
+    },
+
+    mesh = {
+      -- Adjust these values!
+      id = 'ueH3uXjdp', -- usually you don't want users to connect to this mesh-SSID, so use a cryptic id that no one will accidentally mistake for the client WiFi
+      mcast_rate = 12000,
+      -- disabled = true, -- (optional)
+    },
+  },
+
+  -- Wireless configuration for 5 GHz interfaces.
+  -- This should be equal to the 2.4 GHz variant, except
+  -- for channel.
+  wifi5 = {
+    channel = 44,
+    outdoor_chanlist = '100-140',
+    ap = {
+      ssid = 'gluon-ci-ssid',
+      -- disabled = true, -- (optional)
+
+      -- Configuration for a backward compatible OWE network below.
+      owe_ssid = 'owe.gluon-ci-ssid', -- (optional - SSID for OWE client network)
+      owe_transition_mode = true, -- (optional - enables transition-mode - requires ssid as well as owe_ssid)
+    },
+    mesh = {
+      -- Adjust these values!
+      id = 'ueH3uXjdp',
+      mcast_rate = 12000,
+    },
+  },
+
+
+  -- The next node feature allows clients to always reach the node it is
+  -- connected to using a known IP address.
+  next_node = {
+    -- anycast IPs of all nodes
+    name = { 'nextnode.location.community.example.org', 'nextnode', 'nn' },
+    ip4 = '10.0.0.1',
+    ip6 = 'fd::1',
+  },
+
+  -- Options specific to routing protocols (optional)
+  mesh = {
+    vxlan = true,
+    olsrd = {},
+  },
+
+  mesh_vpn = {
+    -- enabled = true,
+
+    fastd = {
+      -- Refer to https://fastd.readthedocs.io/en/latest/ to better understand
+      -- what these options do.
+
+      -- List of crypto-methods to use.
+      methods = {'salsa2012+umac'},
+      mtu = 1312,
+      -- configurable = true,
+      -- syslog_level = 'warn',
+
+      groups = {
+        backbone = {
+          -- Limit number of connected peers to reduce bandwidth.
+          limit = 1,
+
+          -- List of peers.
+          peers = {
+          },
+
+          -- Optional: nested peer groups
+          -- groups = {
+            -- backbone_sub = {
+              -- ...
+            -- },
+          -- ...
+          -- },
+        },
+        -- Optional: additional peer groups, possibly with other limits
+        -- backbone2 = {
+          -- ...
+        -- },
+      },
+    },
+
+    bandwidth_limit = {
+      -- The bandwidth limit can be enabled by default here.
+      enabled = false,
+
+      -- Default upload limit (kbit/s).
+      egress = 200,
+
+      -- Default download limit (kbit/s).
+      ingress = 3000,
+    },
+  },
+
+  autoupdater = {
+    -- Default branch (optional), can be overridden by setting GLUON_AUTOUPDATER_BRANCH when building.
+    -- Set GLUON_AUTOUPDATER_ENABLED to enable the autoupdater by default for newly installed nodes.
+    branch = 'stable',
+
+    -- List of branches. You may define multiple branches.
+    branches = {
+      stable = {
+        name = 'stable',
+
+        -- List of mirrors to fetch images from. IPv6 required!
+        mirrors = {'http://1.updates.services.ffhl/stable/sysupgrade'},
+
+        -- Number of good signatures required.
+        -- Have multiple maintainers sign your build and only
+        -- accept it when a sufficient number of them have
+        -- signed it.
+        good_signatures = 0,
+
+        -- List of public keys of maintainers.
+        pubkeys = {
+        },
+      },
+    },
+  },
+}