PeterSurda
/
openwrt
forked from Sysdeploy/openwrt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: PeterSurda:1e60f1fd335da23463fafcfe15e1c0f8e31ab21a
Branches Tags
PeterSurda:main
PeterSurda:kernel-drivers
Sysdeploy:23.05.3
Sysdeploy:kernel-test
Sysdeploy:main
Sysdeploy:collectd-build-debug
Sysdeploy:kmod-nvme
...
compare: PeterSurda:11ac4e16728de8325bd590561127f4453dd6686d
Branches Tags
PeterSurda:kernel-drivers
PeterSurda:main
Sysdeploy:23.05.3
Sysdeploy:kernel-test
Sysdeploy:main
Sysdeploy:collectd-build-debug
Sysdeploy:kmod-nvme

2 Commits
1e60f1fd33 ... 11ac4e1672

Author SHA1 Message Date
Peter Šurda 11ac4e1672
Add packages
buildbot/travis_bionic Build done. Details
buildbot/multibuild_parent Build done. Details
buildbot/job/openwrt Build done. Details 
- found some missing and nice to have packages during testing
- also increase rootfs size
- also add encryption support to collectd network protocol
 2023-02-28 15:15:50 +01:00
Peter Šurda 85c081df3d
Replace opessh-server with dropbear
buildbot/travis_bionic Build done. Details
buildbot/multibuild_parent Build done. Details
buildbot/job/openwrt Build done. Details 
- apparently dropbear now supports ed25519 keys so openssh isn't
  necessary anymore
 2023-02-23 20:44:13 +08:00
4 changed files with 32 additions and 10 deletions
Show Stats Expand all files Collapse all files

19
.buildbot/openwrt/build.sh
View File

@ -44,16 +44,18 @@ cp ${sdkdir}/bin/packages/aarch64_cortex-a72/quectel/*.ipk packages/
make info
# Double the size of the root partition
echo "CONFIG_TARGET_ROOTFS_PARTSIZE=208" >> .config
# Increase the size of the root partition
echo "CONFIG_TARGET_ROOTFS_PARTSIZE=308" >> .config
# Disable ext4 images
echo "CONFIG_TARGET_ROOTFS_EXT4FS=n" >> .config
# Enable collectd network encryption
echo ""PACKAGE_COLLECTD_ENCRYPTED_NETWORK=y" >> .config"
# Setup files
mkdir -p files/root/.ssh
chmod 0700 files/root files/root/.ssh
cp ${pwd}/authorized_keys files/root/.ssh/
chmod 0400 files/root/.ssh/authorized_keys
mkdir -p files/etc/dropbear
chmod 0750 files/etc/dropbear
cp ${pwd}/authorized_keys files/etc/dropbear
chmod 0400 files/etc/dropbear/authorized_keys
mkdir -p files/etc/uci-defaults
cp ${pwd}/defaults/* files/etc/uci-defaults
@ -69,7 +71,7 @@ PACKAGES="kmod-nf-nathelper-extra kmod-rtc-ds1307 \
asterisk-chan-quectel \
ca-certificates \
collectd collectd-mod-contextswitch collectd-mod-cpu \
collectd-mod-curl \
collectd-mod-curl collectd-mod-df \
collectd-mod-dhcpleases collectd-mod-disk \
collectd-mod-dns collectd-mod-entropy \
collectd-mod-ethstat collectd-mod-exec \
@ -89,8 +91,9 @@ PACKAGES="kmod-nf-nathelper-extra kmod-rtc-ds1307 \
luci-app-mwan3 luci-app-upnp \
luci-ssl-nginx luci-app-acme \
python3-packages python3-yaml \
openssh-sftp-server tcpdump \
iptables-nft ip6tables-nft \
wireguard-tools wget-ssl \
openssh-server \
"
make image PROFILE=rpi-4 \

4
defaults/00-defaults Normal file
View File

@ -0,0 +1,4 @@
touch /etc/config/defaults
/sbin/uci get defaults.version || /sbin/uci set defaults.version=version && \
/sbin/uci commit defaults

17
defaults/50-dropbear Normal file
View File

@ -0,0 +1,17 @@
VERSION=1
[ "$(uci -q get defaults.version.dropbear)" -ge "$VERSION" ] && exit 0
# save version
/sbin/uci set defaults.version.dropbear="$VERSION"
/sbin/uci -q batch << EOF
set defaults.version.dropbear="$VERSION"
commit defaults
set dropbear.@dropbear[0].PasswordAuth='off'
set dropbear.@dropbear[0].RootPasswordAuth='off'
commit dropbear
EOF
/sbin/service dropbear enable
/sbin/service dropbear restart

2
defaults/50-sshd
View File

@ -1,2 +0,0 @@
echo "PasswordAuthentication no" >> /etc/ssh/sshd_config
/sbin/service sshd restart