Commit graph

135 commits

Author SHA1 Message Date
Daniel Barlow
aca3e11631 firewall: make ipv4 work 2024-02-08 23:15:48 +00:00
Daniel Barlow
87f6a31a06 improve firewall log format 2024-02-08 17:21:26 +00:00
Daniel Barlow
a9ea01428e firewall: don't drop in conntrack rule
as there are other rules following that might want to accept
2024-02-08 17:20:39 +00:00
Daniel Barlow
92b0bec038 rotuer: add schnapps and the rest of the lan interfaces 2024-02-07 23:48:10 +00:00
Daniel Barlow
efb29c5901 demo-firewall: add some rules for ipv4 2024-02-07 23:47:09 +00:00
Daniel Barlow
29e61be26c rotuer: get lan rfc1918 prefix from secrets 2024-02-07 23:46:16 +00:00
Daniel Barlow
49ec4a2961 installation instructions for Turris Omnia
feels like a milestone, or at least a big step towards one
2024-02-04 18:20:04 +00:00
Daniel Barlow
02cf2c6b80 add ssh keys in recovry image 2024-02-04 18:10:58 +00:00
Daniel Barlow
ef707de8b1 add extlinux in recovery example
this needlessly bloats the TFTP image, which is a shame, but is
needed for installing onto usb stick
2024-02-02 19:51:41 +00:00
Daniel Barlow
84ce618213 recovery: grow fs to partition size before starting sshd
sshd expects there to be space in /persist/secrets that it can
use to write host keys, but when we make ext4fs images we don't
put any free space in them
2024-01-28 11:30:19 +00:00
Daniel Barlow
dd8ec18881 restore boot.tftp.freeSpaceBytes 2024-01-26 22:46:36 +00:00
Daniel Barlow
1730cf07b1 bug workaround
If we set squashfs rootfsType, the image doesn't rebuild when
the kernel config is changed. Need to figure out why
2024-01-26 22:46:36 +00:00
Daniel Barlow
de51bfe13d default root device in recovery to sda1
It will probably work fine for USB-stick boot (except in the case
where there is > 1 usb device plugged in, so maybe don't do that)

It doesn't matter for TFTP boot because boot.scr overrides the root=
param anyway
2024-01-26 22:46:36 +00:00
Daniel Barlow
b09723345c don't put all of util-linux in recovery
it adds ~ 5MB to the image size
2024-01-26 22:46:36 +00:00
Daniel Barlow
c219350d7c add usb storage for turris omnia
ideally we would make this a module instead of compiling in
directly
2024-01-26 22:46:36 +00:00
Daniel Barlow
c1101d3af5 make extlinux work with liminix-rebuild
add /boot to the systemConfiguration closure
2024-01-08 18:58:07 +00:00
Daniel Barlow
228c0a1668 pass rootOptions config as rootflags= kernel cmdline opt 2024-01-08 18:54:49 +00:00
Daniel Barlow
3c941b4ce2 partial btrfs support
doesn't actually know how to make the filesystem, just
kernel config and accept it as a valid option
2024-01-07 16:43:43 +00:00
Daniel Barlow
243295aab8 recovery config for turris omnia 2024-01-07 14:58:46 +00:00
Daniel Barlow
55fa9992d4 WIP 2023-12-13 21:54:15 +00:00
Daniel Barlow
5eeb277564 move output module imports example -> device
The outputs available are a characteristic of the device, not
the example.
2023-12-10 16:38:53 +00:00
Daniel Barlow
c81e7c4d35 move all output modules to subdirectory, trash standard.nix
standard.nix isn't, is the essence here. Not all devices
support flashimage as it is currently defined - some
have diskimage, some have neither
2023-12-10 15:23:12 +00:00
Daniel Barlow
e2ea145ce5 wip 2023-11-26 22:43:56 +00:00
Daniel Barlow
27ce61ae4e add bootable config for Turris Omnia 2023-11-24 23:29:12 +00:00
Daniel Barlow
a0bd250963 switch from getty to root shell on console
this just makes things marginally simpler
2023-11-21 23:09:48 +00:00
Daniel Barlow
a896c4e31c rename wlan services for devices with > 1 radio
let's standardise on having 2.4GHz radio be "wlan", and
5GHz as "wlan5"
2023-10-07 22:28:57 +01:00
Daniel Barlow
3c483ebd9a set PARTITION_ADVANCED only in ramdisk module 2023-09-30 21:29:12 +01:00
Daniel Barlow
c59a228955 this is the dhcp6c service we want 2023-09-26 16:43:03 +01:00
Daniel Barlow
1673a71831 WIP third example 2023-09-24 23:11:28 +01:00
Daniel Barlow
56261f77b0 add example with real hardware 2023-09-17 17:03:56 +01:00
Daniel Barlow
bb280c6d97 rename qemu example 2023-09-17 17:03:56 +01:00
Daniel Barlow
0f31afee2b hellonet: set password for root
otherwise incoming ssh gets a bit fraught
2023-09-17 17:03:56 +01:00
Daniel Barlow
98c63e7498 hellonet: don't run ntp
it's a bit pointless when there's no connectivity to
any ntp server
2023-09-17 17:03:56 +01:00
Daniel Barlow
c6faf88dd1 doc WIP: build "hello net" example 2023-09-17 17:03:56 +01:00
Daniel Barlow
f7b30939b5 remove service-state when service exits 2023-09-13 22:49:00 +01:00
Daniel Barlow
92e107d77c update acquire-delegated-prefix to use svc.events 2023-09-13 17:49:57 +01:00
Daniel Barlow
fa040a194c acquire-wan-address remove boundness checking
if we're unbound then the script will be called with
empty ADDRESSES and so the usual case will handle this fine
by removing all the previosuly set addresses
2023-09-13 13:17:58 +01:00
Daniel Barlow
3bdb7754d3 replace var/each with accumulate 2023-09-12 20:55:08 +01:00
Daniel Barlow
8f97c5bf3c anoia service :events method behaves as iterator 2023-09-12 20:46:52 +01:00
Daniel Barlow
7904c6bfe9 anoia users now need lfs
... and we need to figure out how to do transitive
dependencies, because this is not a great experience
2023-09-12 18:46:04 +01:00
Daniel Barlow
0a737c62cd convert acquire-wan-address to writeFennel
this means we can get rid of the inelegant environent variable
check at the bottom of the file
2023-09-12 17:51:00 +01:00
Daniel Barlow
d49cbbb8ed test for acquire-wan-address 2023-09-11 00:07:49 +01:00
Daniel Barlow
7683ed69de acquire-wan-address uses parsed addresses from odhcp 2023-09-11 00:07:11 +01:00
Daniel Barlow
91e957ced7 static leases for rotuer 2023-09-04 23:07:13 +01:00
Daniel Barlow
a24c2a23a0 whitespace 2023-09-04 22:06:15 +01:00
Daniel Barlow
9e52faa0b6 remove unused imports 2023-09-04 22:05:42 +01:00
Daniel Barlow
3bdc986dd7 extract "mount filesystem" to module 2023-09-04 21:17:52 +01:00
Daniel Barlow
83092b7b73 add watchdog service 2023-09-02 17:28:40 +01:00
Daniel Barlow
6805e0090d working down the TODOs 2023-09-01 17:57:22 +01:00
Daniel Barlow
7ad848cb77 add service to enable packet forwarding
might be worth looking into adding RA config to this
2023-09-01 17:34:47 +01:00