coelner/gedankensplitter
1
0
Fork 0
Code Pull Requests Releases Activity
a7825a69e9
gedankensplitter/openwrt-selfbuild.md
coelner 72d40b9e75 update
2023-08-10 17:52:26 +02:00

227 lines
6.5 KiB
Markdown
Raw Blame History

# openwrt build
## base config
### etc
#### blacklist.dns
```
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com
```
#### rc.local
```
# iw phy1 set distance auto
touch /var/run/mosquitto.pid
chown mosquitto:mosquitto /var/run/mosquitto.pid
service mosquitto start
/root/precache_dns.sh
```
#### /etc/config/luci
```
config command
option name 'WPS sys@localhost'
option command 'hostapd_cli -i wlan0 wps_pbc'
config command
option name 'WPS sys@legacy'
option command 'hostapd_cli -i wlan1 wps_pbc'
config command
option name 'WPS @ IoT'
option command 'hostapd_cli -i wlan1-1 wps_pbc'
config command
option name 'WOL NAS1'
option command '/usr/bin/etherwake -i br-lan A8:A1:59:51:38:10'
config command
option name 'refreh dynvpn desec'
option command 'curl -s -f --header "Authorization:Token 367e6bae0552cdfd133a9d222f56dcf9a79a0e99" https://update.dedyn.io/update?username=koelner.dedyn.io 2>&1 > /dev/null'
```
#### /etc/crontabs/root
```
# 5 */1 * * * curl -s -f -X PUT -u "waenger@googlemail.com:e04d4a9f56cbdd8d6da7fe91119807e7fbb85dba" -d '{"ip_address": "auto"}' https://api.twodns.de/hosts/koelner.dynvpn.de 2>&1 > /dev/null
5 */5 * * * curl -s -f --header "Authorization:Token 367e6bae0552cdfd133a9d222f56dcf9a79a0e99" https://update.dedyn.io/update?username=koelner.dedyn.io 2>&1 > /dev/null
#
5 2 * * * curl -s -f --header "Authorization:Token 367e6bae0552cdfd133a9d222f56dcf9a79a0e99" https://update.dedyn.io/update?username=geekable.dedyn.io 2>&1 > /dev/null
# 5 */5 * * * curl -s -f --header "Authorization:Token 367e6bae0552cdfd133a9d222f56dcf9a79a0e99" https://update6.dedyn.io/update?username=koelner.dedyn.io 2>&1 > /dev/null
# 5 */1 * * * curl -s -f --header "Authorization:Token 367e6bae0552cdfd133a9d222f56dcf9a79a0e99" https://update.dedyn.io/update?username=cloud.koelner.dedyn.io 2>&1 > /dev/null
# 5 */1 * * * curl -s -f --header "Authorization:Token 367e6bae0552cdfd133a9d222f56dcf9a79a0e99" https://update.dedyn.io/update?username=git.koelner.dedyn.io 2>&1 > /dev/null
# 5 */1 * * * curl -s -f --header "Authorization:Token 367e6bae0552cdfd133a9d222f56dcf9a79a0e99" https://update.dedyn.io/update?username=sync.koelner.dedyn.io 2>&1 > /dev/null
# 5 */1 * * * curl -s -f --header "Authorization:Token 367e6bae0552cdfd133a9d222f56dcf9a79a0e99" https://update.dedyn.io/update?username=pyload.koelner.dedyn.io 2>&1 > /dev/null
```
#### /etc/mosquitto/mosquitto.conf
```
acl_file /etc/mosquitto/acl
password_file /etc/mosquitto/passwd
listener 1883
protocol mqtt
max_inflight_messages 20
max_queued_messages 100
allow_zero_length_clientid true
use_username_as_clientid false
pid_file /var/run/mosquitto.pid
sys_interval 60
user mosquitto
```
#### /usr/share/nlbwmon/protocols
`6 22000 syncthing`
### root helper script
#### .profile
```
#!/bin/sh
opkgInstalled="$(opkg list-installed 2> /dev/null | wc -l)" # silencing error output
opkgUpgradable="$(opkg list-upgradable 2> /dev/null | wc -l)" # silencing error output
echo "$opkgInstalled packages are installed." && echo "$opkgUpgradable packages can be upgraded." && echo
echo "Upgrade commands:"
echo "List available updates: opkg list-upgradable"
echo "Upgrade package: upgrade <PACKAGE>"
echo "Upgrade all packages: opkg list-upgradable | cut -f 1 -d ' ' | xargs opkg upgrade" && echo
```
#### precache_dns.sh
```
/usr/bin/nslookup google.de 2>&1 >/dev/null &
/usr/bin/nslookup google.com 2>&1 >/dev/null &
/usr/bin/nslookup desec.io 2>&1 >/dev/null &
/usr/bin/nslookup twodns.de 2>&1 >/dev/null &
/usr/bin/nslookup update.dedyn.io 2>&1 >/dev/null &
/usr/bin/nslookup api.twodns.de 2>&1 >/dev/null &
/usr/bin/nslookup fernwartung.dynvpn.de 2>&1 >/dev/null &
/usr/bin/nslookup koelner.dynvpn.de 2>&1 >/dev/null &
/usr/bin/nslookup koelner.dedyn.io 2>&1 >/dev/null &
/usr/bin/nslookup mailbox.org 2>&1 >/dev/null &
/usr/bin/nslookup mail.google.com 2>&1 >/dev/null &
/usr/bin/nslookup github.com 2>&1 >/dev/null &
/usr/bin/nslookup gitlab.com 2>&1 >/dev/null &
/usr/bin/nslookup mozilla.org 2>&1 >/dev/null &
/usr/bin/nslookup startpage.com 2>&1 >/dev/null &
```
#### wifi-reboot.sh
```
#!/bin/sh
# list the interfaces names.
INTERFACES=$(iw dev | awk '$1=="Interface"{print $2}')
# list interfaces that does not have any clients connected.
for INTERFACE in $INTERFACES
do
ASSOC_CLIENTS=`iw dev $INTERFACE station dump | awk '$1=="Station"' | grep -c "Station"`
if [ "$ASSOC_CLIENTS" -lt 1 ]
then
RESTART_LIST="$RESTART_LIST $INTERFACE"
fi
done
if [ ! -z $RESTART_LIST ]
then
echo "$(date +"%F_%T"): restarting wifi - no clients or issues with $RESTART_LIST"
wifi down
sleep 1
wifi up
fi
```
#### wol_nas1.sh
```
/usr/bin/etherwake -i br-lan A8:A1:59:51:38:10
```
## package list
#### useful packages
```
ath10k-firmware-qca988x base-files busybox ca-bundle dnsmasq dropbear firewall4 fstools kmod-ath10k kmod-ath9k kmod-gpio-button-hotplug kmod-nft-offload kmod-usb-ledtrig-usbport kmod-usb2 libc libgcc libustream-wolfssl logd mtd netifd nftables odhcp6c odhcpd-ipv6only opkg ppp ppp-mod-pppoe procd procd-seccomp procd-ujail swconfig uboot-envtools uci uclient-fetch urandom-seed urngd
wget-ssl
curl
wireguard-tools
fwknopd
#fwknop
mosquitto-client-ssl
#mosquitto-ssl
stubby
wpad-wolfssl
hostapd-utils
coreutils
coreutils-sort
addrwatch
htop
tmux
vim
zram-swap
luci
luci-ssl
luci-theme-bootstrap
luci-theme-material
luci-app-commands
luci-app-nlbwmon
# luci-app-ntpc chrony-nts
luci-app-upnp
luci-app-wireguard
luci-app-wol
luci-app-fwknopd
#luci-app-mosquitto
luci-proto-wireguard
blkid
block-mount
usbutils
usbids
kmod-nls-cp437
kmod-nls-cp850
kmod-nls-iso8859-1
kmod-nls-utf8
kmod-loop
kmod-fs-vfat
kmod-usb-serial
kmod-usb-serial-ch341
kmod-usb-serial-cp210x
kmod-usb-serial-ftdi
kmod-usb-serial-pl2303
kmod-usb-storage
kmod-usb-storage-uas
kmod-usb-gadget
kmod-usb-gadget-mass-storage
kmod-usb-gadget-serial
```
#### chrony-nts
chrony does not support the ref clock via gpsd shm
```
root@heimdall:/tmp/etc/chrony.d# cat /etc/config/chrony
config pool
option hostname 'ptbtime1.ptb.de'
option maxpoll '12'
option iburst 'yes'
option nts '1'
config pool
option hostname 'ptbtime2.ptb.de'
option maxpoll '12'
option iburst 'yes'
option nts '1'
config dhcp_ntp_server
option iburst 'yes'
option disabled 'no'
config allow
option interface 'lan'
config makestep
option threshold '1.0'
option limit '3'
config nts
option rtccheck 'yes'
option systemcerts 'yes'
```
View Git Blame Copy Permalink