227 lines
6.5 KiB
Markdown
227 lines
6.5 KiB
Markdown
# openwrt build
|
|
|
|
## base config
|
|
### etc
|
|
#### blacklist.dns
|
|
```
|
|
127.0.0.1 lmlicenses.wip4.adobe.com
|
|
127.0.0.1 lm.licenses.adobe.com
|
|
127.0.0.1 na1r.services.adobe.com
|
|
127.0.0.1 hlrcv.stage.adobe.com
|
|
127.0.0.1 practivate.adobe.com
|
|
127.0.0.1 activate.adobe.com
|
|
```
|
|
#### rc.local
|
|
```
|
|
# iw phy1 set distance auto
|
|
touch /var/run/mosquitto.pid
|
|
chown mosquitto:mosquitto /var/run/mosquitto.pid
|
|
service mosquitto start
|
|
|
|
/root/precache_dns.sh
|
|
```
|
|
#### /etc/config/luci
|
|
```
|
|
config command
|
|
option name 'WPS sys@localhost'
|
|
option command 'hostapd_cli -i wlan0 wps_pbc'
|
|
|
|
config command
|
|
option name 'WPS sys@legacy'
|
|
option command 'hostapd_cli -i wlan1 wps_pbc'
|
|
|
|
config command
|
|
option name 'WPS @ IoT'
|
|
option command 'hostapd_cli -i wlan1-1 wps_pbc'
|
|
|
|
config command
|
|
option name 'WOL NAS1'
|
|
option command '/usr/bin/etherwake -i br-lan A8:A1:59:51:38:10'
|
|
|
|
config command
|
|
option name 'refreh dynvpn desec'
|
|
option command 'curl -s -f --header "Authorization:Token 367e6bae0552cdfd133a9d222f56dcf9a79a0e99" https://update.dedyn.io/update?username=koelner.dedyn.io 2>&1 > /dev/null'
|
|
```
|
|
#### /etc/crontabs/root
|
|
```
|
|
# 5 */1 * * * curl -s -f -X PUT -u "waenger@googlemail.com:e04d4a9f56cbdd8d6da7fe91119807e7fbb85dba" -d '{"ip_address": "auto"}' https://api.twodns.de/hosts/koelner.dynvpn.de 2>&1 > /dev/null
|
|
5 */5 * * * curl -s -f --header "Authorization:Token 367e6bae0552cdfd133a9d222f56dcf9a79a0e99" https://update.dedyn.io/update?username=koelner.dedyn.io 2>&1 > /dev/null
|
|
#
|
|
5 2 * * * curl -s -f --header "Authorization:Token 367e6bae0552cdfd133a9d222f56dcf9a79a0e99" https://update.dedyn.io/update?username=geekable.dedyn.io 2>&1 > /dev/null
|
|
# 5 */5 * * * curl -s -f --header "Authorization:Token 367e6bae0552cdfd133a9d222f56dcf9a79a0e99" https://update6.dedyn.io/update?username=koelner.dedyn.io 2>&1 > /dev/null
|
|
# 5 */1 * * * curl -s -f --header "Authorization:Token 367e6bae0552cdfd133a9d222f56dcf9a79a0e99" https://update.dedyn.io/update?username=cloud.koelner.dedyn.io 2>&1 > /dev/null
|
|
# 5 */1 * * * curl -s -f --header "Authorization:Token 367e6bae0552cdfd133a9d222f56dcf9a79a0e99" https://update.dedyn.io/update?username=git.koelner.dedyn.io 2>&1 > /dev/null
|
|
# 5 */1 * * * curl -s -f --header "Authorization:Token 367e6bae0552cdfd133a9d222f56dcf9a79a0e99" https://update.dedyn.io/update?username=sync.koelner.dedyn.io 2>&1 > /dev/null
|
|
# 5 */1 * * * curl -s -f --header "Authorization:Token 367e6bae0552cdfd133a9d222f56dcf9a79a0e99" https://update.dedyn.io/update?username=pyload.koelner.dedyn.io 2>&1 > /dev/null
|
|
```
|
|
#### /etc/mosquitto/mosquitto.conf
|
|
```
|
|
acl_file /etc/mosquitto/acl
|
|
password_file /etc/mosquitto/passwd
|
|
listener 1883
|
|
protocol mqtt
|
|
max_inflight_messages 20
|
|
max_queued_messages 100
|
|
allow_zero_length_clientid true
|
|
use_username_as_clientid false
|
|
pid_file /var/run/mosquitto.pid
|
|
sys_interval 60
|
|
user mosquitto
|
|
```
|
|
#### /usr/share/nlbwmon/protocols
|
|
`6 22000 syncthing`
|
|
|
|
### root helper script
|
|
#### .profile
|
|
```
|
|
#!/bin/sh
|
|
|
|
opkgInstalled="$(opkg list-installed 2> /dev/null | wc -l)" # silencing error output
|
|
opkgUpgradable="$(opkg list-upgradable 2> /dev/null | wc -l)" # silencing error output
|
|
|
|
echo "$opkgInstalled packages are installed." && echo "$opkgUpgradable packages can be upgraded." && echo
|
|
echo "Upgrade commands:"
|
|
echo "List available updates: opkg list-upgradable"
|
|
echo "Upgrade package: upgrade <PACKAGE>"
|
|
echo "Upgrade all packages: opkg list-upgradable | cut -f 1 -d ' ' | xargs opkg upgrade" && echo
|
|
```
|
|
#### precache_dns.sh
|
|
```
|
|
/usr/bin/nslookup google.de 2>&1 >/dev/null &
|
|
/usr/bin/nslookup google.com 2>&1 >/dev/null &
|
|
/usr/bin/nslookup desec.io 2>&1 >/dev/null &
|
|
/usr/bin/nslookup twodns.de 2>&1 >/dev/null &
|
|
/usr/bin/nslookup update.dedyn.io 2>&1 >/dev/null &
|
|
/usr/bin/nslookup api.twodns.de 2>&1 >/dev/null &
|
|
/usr/bin/nslookup fernwartung.dynvpn.de 2>&1 >/dev/null &
|
|
/usr/bin/nslookup koelner.dynvpn.de 2>&1 >/dev/null &
|
|
/usr/bin/nslookup koelner.dedyn.io 2>&1 >/dev/null &
|
|
/usr/bin/nslookup mailbox.org 2>&1 >/dev/null &
|
|
/usr/bin/nslookup mail.google.com 2>&1 >/dev/null &
|
|
/usr/bin/nslookup github.com 2>&1 >/dev/null &
|
|
/usr/bin/nslookup gitlab.com 2>&1 >/dev/null &
|
|
/usr/bin/nslookup mozilla.org 2>&1 >/dev/null &
|
|
/usr/bin/nslookup startpage.com 2>&1 >/dev/null &
|
|
```
|
|
#### wifi-reboot.sh
|
|
```
|
|
#!/bin/sh
|
|
|
|
# list the interfaces names.
|
|
INTERFACES=$(iw dev | awk '$1=="Interface"{print $2}')
|
|
|
|
# list interfaces that does not have any clients connected.
|
|
for INTERFACE in $INTERFACES
|
|
do
|
|
ASSOC_CLIENTS=`iw dev $INTERFACE station dump | awk '$1=="Station"' | grep -c "Station"`
|
|
|
|
if [ "$ASSOC_CLIENTS" -lt 1 ]
|
|
then
|
|
RESTART_LIST="$RESTART_LIST $INTERFACE"
|
|
fi
|
|
done
|
|
|
|
if [ ! -z $RESTART_LIST ]
|
|
then
|
|
echo "$(date +"%F_%T"): restarting wifi - no clients or issues with $RESTART_LIST"
|
|
wifi down
|
|
sleep 1
|
|
wifi up
|
|
fi
|
|
```
|
|
#### wol_nas1.sh
|
|
```
|
|
/usr/bin/etherwake -i br-lan A8:A1:59:51:38:10
|
|
```
|
|
## package list
|
|
#### useful packages
|
|
```
|
|
ath10k-firmware-qca988x base-files busybox ca-bundle dnsmasq dropbear firewall4 fstools kmod-ath10k kmod-ath9k kmod-gpio-button-hotplug kmod-nft-offload kmod-usb-ledtrig-usbport kmod-usb2 libc libgcc libustream-wolfssl logd mtd netifd nftables odhcp6c odhcpd-ipv6only opkg ppp ppp-mod-pppoe procd procd-seccomp procd-ujail swconfig uboot-envtools uci uclient-fetch urandom-seed urngd
|
|
|
|
wget-ssl
|
|
curl
|
|
wireguard-tools
|
|
fwknopd
|
|
#fwknop
|
|
mosquitto-client-ssl
|
|
#mosquitto-ssl
|
|
stubby
|
|
|
|
wpad-wolfssl
|
|
hostapd-utils
|
|
coreutils
|
|
coreutils-sort
|
|
addrwatch
|
|
htop
|
|
tmux
|
|
vim
|
|
zram-swap
|
|
luci
|
|
luci-ssl
|
|
luci-theme-bootstrap
|
|
luci-theme-material
|
|
luci-app-commands
|
|
luci-app-nlbwmon
|
|
# luci-app-ntpc chrony-nts
|
|
luci-app-upnp
|
|
luci-app-wireguard
|
|
luci-app-wol
|
|
luci-app-fwknopd
|
|
#luci-app-mosquitto
|
|
luci-proto-wireguard
|
|
|
|
blkid
|
|
block-mount
|
|
usbutils
|
|
usbids
|
|
|
|
kmod-nls-cp437
|
|
kmod-nls-cp850
|
|
kmod-nls-iso8859-1
|
|
kmod-nls-utf8
|
|
kmod-loop
|
|
kmod-fs-vfat
|
|
kmod-usb-serial
|
|
kmod-usb-serial-ch341
|
|
kmod-usb-serial-cp210x
|
|
kmod-usb-serial-ftdi
|
|
kmod-usb-serial-pl2303
|
|
kmod-usb-storage
|
|
kmod-usb-storage-uas
|
|
kmod-usb-gadget
|
|
kmod-usb-gadget-mass-storage
|
|
kmod-usb-gadget-serial
|
|
```
|
|
|
|
#### chrony-nts
|
|
chrony does not support the ref clock via gpsd shm
|
|
```
|
|
root@heimdall:/tmp/etc/chrony.d# cat /etc/config/chrony
|
|
config pool
|
|
option hostname 'ptbtime1.ptb.de'
|
|
option maxpoll '12'
|
|
option iburst 'yes'
|
|
option nts '1'
|
|
|
|
config pool
|
|
option hostname 'ptbtime2.ptb.de'
|
|
option maxpoll '12'
|
|
option iburst 'yes'
|
|
option nts '1'
|
|
|
|
|
|
config dhcp_ntp_server
|
|
option iburst 'yes'
|
|
option disabled 'no'
|
|
|
|
config allow
|
|
option interface 'lan'
|
|
|
|
config makestep
|
|
option threshold '1.0'
|
|
option limit '3'
|
|
|
|
config nts
|
|
option rtccheck 'yes'
|
|
option systemcerts 'yes'
|
|
``` |