Difference between revisions of "Mesh/Firmware/Generating"
(9 intermediate revisions by 4 users not shown) | |||
Line 1: | Line 1: | ||
= | = Model (rough) = | ||
Build Server: | |||
The one and only server responsible for building and signing SudoMesh OpenWRT images, mostly a collection of bash scripts. | |||
Configuration Server: | |||
One of possibly multiple servers responsible for and authenticated to query, configure and update nodes. | |||
* python SSL socket server for configuring nodes over secure socket. | |||
* python web server as a UI to the SSL configuration server. | |||
** SSL libraries on the client (node) are often big. BusyBox wget does not support SSL for example. In wlan slovenija we were thinking of using SSH/SCP instead. [[User:Mitar|Mitar]] ([[User talk:Mitar|talk]]) 06:09, 17 October 2013 (PDT) | |||
Node: | |||
The basic build block of any mesh! | |||
*node-admin: extended from the openWRT admin page, used by node owner for configuration. | |||
*node-conf-client: lua client for accepting configs and answering config queries from a configuraion server. | |||
= Node Attributes = | |||
The following attributes are required of the Build Server at image build time: | |||
*Hardware model | |||
*Firmware version | |||
The following attributes are required of the Configuration Server for initial configuration: | |||
*SSH host RSA keypair | |||
*SSH host DSA keypair (optional?) | |||
*SSH host ECDSA keypair (optional?) | |||
*SSH keys allowed root access for debugging | |||
The | The following attributes are required of the Node Op for initial configuration through the Configuration Server: | ||
* | *Geographic address | ||
*Node Op name | |||
*Node Op email address | |||
*Node Op phone number | |||
= freifunk = | = freifunk = | ||
Line 38: | Line 56: | ||
After looking at the code, I am not inclined to use it. Lots of freifunk-specific stuff. Few comments. In the end, all it does that we really care about is take a few values from the web app, write some config files for openwrt and run "make image" with some parameters. It does have a system for queuing builds, which is nice. Honestly, I think we're going to be better off making our own system | After looking at the code, I am not inclined to use it. Lots of freifunk-specific stuff. Few comments. In the end, all it does that we really care about is take a few values from the web app, write some config files for openwrt and run "make image" with some parameters. It does have a system for queuing builds, which is nice. Honestly, I think we're going to be better off making our own system | ||
= SQLite = | |||
SQL Script for meshnode database: | |||
<pre> | |||
BEGIN TRANSACTION; | |||
CREATE TABLE node (model TEXT, version TEXT, id TEXT, rsakeypair TEXT, dsakeypair TEXT, ecdsakeypair TEXT, rootkeypair TEXT, geoloc TEXT, opname TEXT, opemail TEXT, opphone TEXT); | |||
INSERT INTO node VALUES('Ubiquity','PICO2-H EU','5f80ce728aa2032a55e6f86bb3d0dd7b154c5c39','-----BEGIN PUBLIC KEY----- | |||
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtBqXujQ9kefbhpS2sLgu3G6bw | |||
iwUySFTd10+8X3cVx2OkZnRqqWCRMyjfMhMfRl7duBxcaDb0Q5MhqjsYO7W1y3V+ | |||
Rqu2xn9+HdAYl2EGXD4jwzSiGgMCvtB0vogI+wQVYHVi6X60pu6rfyNWI/4LfVeD | |||
HAMgIU/cBt7SQ1ESUwIDAQAB | |||
-----END PUBLIC KEY-----','cc:50:d4:85:86:56:b8:8a:77:57:61:51:63:89:46:09','045894609CCECF9A92533F630DE713A958E96C97CCB8F5ABB5A688A238DEED6DC2D9D0C94EBFB7D526BA6A61764175B99CB6011E2047F9F067293F57F5','-----BEGIN PUBLIC KEY----- | |||
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANBUpUcWbR5e8EX5BCdz3pz4D7Xbq5cJ | |||
6zY9rq94lXoZ2vOijwkAcwrCFzdXDXWETw9/KdO7m6xJa0Yebu7W9zUCAwEAAQ== | |||
-----END PUBLIC KEY-----','37.810869,-122.267554','Chris Jefferies','operator@gmail.com','510.444.5555'); | |||
CREATE UNIQUE INDEX id ON node(id ASC); | |||
COMMIT; | |||
</pre> | |||
SQLite database definition: | |||
<pre> | |||
SQLite format 3���@ ���� | |||
��:�:ÅC������Çitablenodenode�CREATE TABLE node (model TEXT, version TEXT, id TEXT, rsakeypair TEXT, dsakeypair TEXT, ecdsakeypair TEXT, rootkeypair TEXT, geoloc TEXT, opname TEXT, opemail TEXT, opphone ) | |||
� | |||
</pre> |
Latest revision as of 21:06, 24 October 2013
Model (rough)
Build Server: The one and only server responsible for building and signing SudoMesh OpenWRT images, mostly a collection of bash scripts.
Configuration Server: One of possibly multiple servers responsible for and authenticated to query, configure and update nodes.
- python SSL socket server for configuring nodes over secure socket.
- python web server as a UI to the SSL configuration server.
Node: The basic build block of any mesh!
- node-admin: extended from the openWRT admin page, used by node owner for configuration.
- node-conf-client: lua client for accepting configs and answering config queries from a configuraion server.
Node Attributes
The following attributes are required of the Build Server at image build time:
- Hardware model
- Firmware version
The following attributes are required of the Configuration Server for initial configuration:
- SSH host RSA keypair
- SSH host DSA keypair (optional?)
- SSH host ECDSA keypair (optional?)
- SSH keys allowed root access for debugging
The following attributes are required of the Node Op for initial configuration through the Configuration Server:
- Geographic address
- Node Op name
- Node Op email address
- Node Op phone number
freifunk
Freifunk has a web app called meshkit for generating images.
Meshkit takes a strange approach. From the readme file:
Meshkit itself just writes a uci config file and stores it in /etc/config/meshkwizard in the resulting firmware image. The actual configuration is done by meshwizard, which uses community profiles and the settings from meshkit to configure the device at first boot after the device has been flashed.
While I understand why community profiles would be a good idea, it seems odd that the configuration would happen on the device. Why not generate all of the required configuration before generating the image? That way you save a bit of space and an extra reboot of the device.
After looking at the code, I am not inclined to use it. Lots of freifunk-specific stuff. Few comments. In the end, all it does that we really care about is take a few values from the web app, write some config files for openwrt and run "make image" with some parameters. It does have a system for queuing builds, which is nice. Honestly, I think we're going to be better off making our own system
SQLite
SQL Script for meshnode database:
BEGIN TRANSACTION; CREATE TABLE node (model TEXT, version TEXT, id TEXT, rsakeypair TEXT, dsakeypair TEXT, ecdsakeypair TEXT, rootkeypair TEXT, geoloc TEXT, opname TEXT, opemail TEXT, opphone TEXT); INSERT INTO node VALUES('Ubiquity','PICO2-H EU','5f80ce728aa2032a55e6f86bb3d0dd7b154c5c39','-----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtBqXujQ9kefbhpS2sLgu3G6bw iwUySFTd10+8X3cVx2OkZnRqqWCRMyjfMhMfRl7duBxcaDb0Q5MhqjsYO7W1y3V+ Rqu2xn9+HdAYl2EGXD4jwzSiGgMCvtB0vogI+wQVYHVi6X60pu6rfyNWI/4LfVeD HAMgIU/cBt7SQ1ESUwIDAQAB -----END PUBLIC KEY-----','cc:50:d4:85:86:56:b8:8a:77:57:61:51:63:89:46:09','045894609CCECF9A92533F630DE713A958E96C97CCB8F5ABB5A688A238DEED6DC2D9D0C94EBFB7D526BA6A61764175B99CB6011E2047F9F067293F57F5','-----BEGIN PUBLIC KEY----- MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANBUpUcWbR5e8EX5BCdz3pz4D7Xbq5cJ 6zY9rq94lXoZ2vOijwkAcwrCFzdXDXWETw9/KdO7m6xJa0Yebu7W9zUCAwEAAQ== -----END PUBLIC KEY-----','37.810869,-122.267554','Chris Jefferies','operator@gmail.com','510.444.5555'); CREATE UNIQUE INDEX id ON node(id ASC); COMMIT;
SQLite database definition:
SQLite format 3���@ ���� ��:�:ÅC������Çitablenodenode�CREATE TABLE node (model TEXT, version TEXT, id TEXT, rsakeypair TEXT, dsakeypair TEXT, ecdsakeypair TEXT, rootkeypair TEXT, geoloc TEXT, opname TEXT, opemail TEXT, opphone ) �