coelner/gedankensplitter
1
0
Fork 0
Code Pull Requests Releases Activity
e1dc865ff8
gedankensplitter/openwrt-selfbuild.md
coelner a609a26025 openwrt 23.05
2023-11-04 08:30:21 +01:00

7.2 KiB
Raw Blame History

openwrt build

base config

etc

blacklist.dns

127.0.0.1	lmlicenses.wip4.adobe.com
127.0.0.1	lm.licenses.adobe.com
127.0.0.1	na1r.services.adobe.com
127.0.0.1	hlrcv.stage.adobe.com
127.0.0.1	practivate.adobe.com 
127.0.0.1	activate.adobe.com

rc.local

# iw phy1 set distance auto
touch /var/run/mosquitto.pid
chown mosquitto:mosquitto /var/run/mosquitto.pid
service mosquitto start

/root/precache_dns.sh

/etc/config/luci

config command
	option name 'WPS sys@localhost'
	option command 'hostapd_cli -i wlan0 wps_pbc'

config command
	option name 'WPS sys@legacy'
	option command 'hostapd_cli -i wlan1 wps_pbc'

config command
	option name 'WPS @ IoT'
	option command 'hostapd_cli -i wlan1-1 wps_pbc'

config command
	option name 'WOL NAS1'
	option command '/usr/bin/etherwake -i br-lan A8:A1:59:51:38:10'

config command
	option name 'refreh dynvpn desec'
        option command 'curl -s -f --header "Authorization:Token 367e6bae0552cdfd133a9d222f56dcf9a79a0e99" https://update.dedyn.io/update?username=koelner.dedyn.io 2>&1 > /dev/null'

/etc/crontabs/root

# 5 */1 * *  * curl -s -f -X PUT -u "waenger@googlemail.com:e04d4a9f56cbdd8d6da7fe91119807e7fbb85dba" -d '{"ip_address": "auto"}' https://api.twodns.de/hosts/koelner.dynvpn.de 2>&1 > /dev/null
5 */5 * *  * curl -s -f --header "Authorization:Token 367e6bae0552cdfd133a9d222f56dcf9a79a0e99" https://update.dedyn.io/update?username=koelner.dedyn.io 2>&1 > /dev/null
#
5 2 * *  * curl -s -f --header "Authorization:Token 367e6bae0552cdfd133a9d222f56dcf9a79a0e99" https://update.dedyn.io/update?username=geekable.dedyn.io 2>&1 > /dev/null
# 5 */5 * *  * curl -s -f --header "Authorization:Token 367e6bae0552cdfd133a9d222f56dcf9a79a0e99" https://update6.dedyn.io/update?username=koelner.dedyn.io 2>&1 > /dev/null
# 5 */1 * *  * curl -s -f --header "Authorization:Token 367e6bae0552cdfd133a9d222f56dcf9a79a0e99" https://update.dedyn.io/update?username=cloud.koelner.dedyn.io 2>&1 > /dev/null
# 5 */1 * *  * curl -s -f --header "Authorization:Token 367e6bae0552cdfd133a9d222f56dcf9a79a0e99" https://update.dedyn.io/update?username=git.koelner.dedyn.io 2>&1 > /dev/null
# 5 */1 * *  * curl -s -f  --header "Authorization:Token 367e6bae0552cdfd133a9d222f56dcf9a79a0e99" https://update.dedyn.io/update?username=sync.koelner.dedyn.io 2>&1 > /dev/null
# 5 */1 * *  * curl -s -f --header "Authorization:Token 367e6bae0552cdfd133a9d222f56dcf9a79a0e99" https://update.dedyn.io/update?username=pyload.koelner.dedyn.io 2>&1 > /dev/null

/etc/mosquitto/mosquitto.conf

acl_file /etc/mosquitto/acl
password_file /etc/mosquitto/passwd
listener 1883
protocol mqtt
max_inflight_messages 20
max_queued_messages 100
allow_zero_length_clientid true
use_username_as_clientid false
pid_file /var/run/mosquitto.pid
sys_interval 60
user mosquitto

/usr/share/nlbwmon/protocols

6 22000 syncthing

root helper script

.profile

#!/bin/sh

opkgInstalled="$(opkg list-installed 2> /dev/null | wc -l)" # silencing error output
opkgUpgradable="$(opkg list-upgradable 2> /dev/null | wc -l)" # silencing error output

echo "$opkgInstalled packages are installed." && echo "$opkgUpgradable packages can be upgraded." && echo
echo "Upgrade commands:"
echo "List available updates: opkg list-upgradable"
echo "Upgrade package: upgrade <PACKAGE>"
echo "Upgrade all packages: opkg list-upgradable | cut -f 1 -d ' ' | xargs opkg upgrade" && echo

precache_dns.sh

/usr/bin/nslookup google.de 2>&1 >/dev/null &
/usr/bin/nslookup google.com 2>&1 >/dev/null &
/usr/bin/nslookup desec.io 2>&1 >/dev/null &
/usr/bin/nslookup twodns.de 2>&1 >/dev/null &
/usr/bin/nslookup update.dedyn.io 2>&1 >/dev/null &
/usr/bin/nslookup api.twodns.de 2>&1 >/dev/null &
/usr/bin/nslookup fernwartung.dynvpn.de 2>&1 >/dev/null &
/usr/bin/nslookup koelner.dynvpn.de 2>&1 >/dev/null &
/usr/bin/nslookup koelner.dedyn.io 2>&1 >/dev/null &
/usr/bin/nslookup mailbox.org 2>&1 >/dev/null &
/usr/bin/nslookup mail.google.com 2>&1 >/dev/null &
/usr/bin/nslookup github.com 2>&1 >/dev/null &
/usr/bin/nslookup gitlab.com 2>&1 >/dev/null &
/usr/bin/nslookup mozilla.org 2>&1 >/dev/null &
/usr/bin/nslookup startpage.com 2>&1 >/dev/null &

wifi-reboot.sh

#!/bin/sh

# list the interfaces names.
INTERFACES=$(iw dev | awk '$1=="Interface"{print $2}')

# list interfaces that does not have any clients connected.
for INTERFACE in $INTERFACES
do
  ASSOC_CLIENTS=`iw dev $INTERFACE station dump | awk '$1=="Station"' | grep -c "Station"`

  if [ "$ASSOC_CLIENTS" -lt 1 ]
  then
    RESTART_LIST="$RESTART_LIST $INTERFACE"
  fi
done

if [ ! -z $RESTART_LIST ]
then
  echo "$(date +"%F_%T"): restarting wifi - no clients or issues with $RESTART_LIST"
  wifi down
  sleep 1
  wifi up
fi

wol_nas1.sh

/usr/bin/etherwake -i br-lan A8:A1:59:51:38:10

check-dyndns.sh

#!/usr/bin/env ash
echo "current external IP"
curl https://checkipv4.dedyn.io
echo -e "\ndesec.io"
nslookup koelner.dedyn.io 9.9.9.9 | grep "Address"
#echo "dynvpn.de"
#nslookup koelner.dynvpn.de 9.9.9.9 | grep "Address"

package list

useful packages

ath10k-firmware-qca988x base-files busybox ca-bundle dnsmasq dropbear firewall4 fstools kmod-ath10k kmod-ath9k kmod-gpio-button-hotplug kmod-nft-offload kmod-usb-ledtrig-usbport kmod-usb2 libc libgcc libustream-wolfssl logd mtd netifd nftables odhcp6c odhcpd-ipv6only opkg ppp ppp-mod-pppoe procd procd-seccomp procd-ujail swconfig uboot-envtools uci uclient-fetch urandom-seed urngd

wget-ssl
curl
wireguard-tools
fwknopd
#fwknop
mosquitto-client-ssl
#mosquitto-ssl
stubby

wpad-wolfssl
hostapd-utils
coreutils
coreutils-sort
addrwatch
htop
tmux
vim
zram-swap
luci
luci-ssl
luci-theme-bootstrap
luci-theme-material
luci-app-commands
luci-app-nlbwmon
# luci-app-ntpc chrony-nts
luci-app-upnp
luci-app-wireguard
luci-app-wol
luci-app-fwknopd
#luci-app-mosquitto
luci-proto-wireguard

blkid
block-mount
usbutils
usbids
ugpsd

kmod-nft-dup-inet
kmod-nls-cp437
kmod-nls-cp850
kmod-nls-iso8859-1
kmod-nls-utf8
kmod-loop
kmod-fs-vfat
kmod-usb-serial
kmod-usb-serial-ch341
kmod-usb-serial-cp210x
kmod-usb-serial-ftdi
kmod-usb-serial-pl2303
kmod-usb-storage
kmod-usb-storage-uas
kmod-usb-gadget
kmod-usb-gadget-mass-storage
kmod-usb-gadget-serial
default 23.05 packages
ath10k-firmware-qca988x-ct base-files busybox ca-bundle dnsmasq dropbear firewall4 fstools kmod-ath10k-ct kmod-ath9k kmod-gpio-button-hotplug kmod-nft-offload kmod-usb-ledtrig-usbport kmod-usb2 libc libgcc libustream-mbedtls logd luci mtd netifd nftables odhcp6c odhcpd-ipv6only opkg ppp ppp-mod-pppoe procd procd-seccomp procd-ujail swconfig uboot-envtools uci uclient-fetch urandom-seed urngd wpad-basic-mbedtls

chrony-nts

chrony does not support the ref clock via gpsd shm

root@heimdall:/tmp/etc/chrony.d# cat /etc/config/chrony 
config pool
        option hostname 'ptbtime1.ptb.de'
        option maxpoll '12'
        option iburst 'yes'
        option nts '1'

config pool
        option hostname 'ptbtime2.ptb.de'
        option maxpoll '12'
        option iburst 'yes'
        option nts '1'


config dhcp_ntp_server
        option iburst 'yes'
        option disabled 'no'

config allow
        option interface 'lan'

config makestep
        option threshold '1.0'
        option limit '3'

config nts
        option rtccheck 'yes'
        option systemcerts 'yes'