From Sudo Room
Jump to navigation Jump to search

Model (rough)

Build Server: The one and only server responsible for building and signing SudoMesh OpenWRT images, mostly a collection of bash scripts.

Configuration Server: One of possibly multiple servers responsible for and authenticated to query, configure and update nodes.

  • python SSL socket server for configuring nodes over secure socket.
  • python web server as a UI to the SSL configuration server.
    • SSL libraries on the client (node) are often big. BusyBox wget does not support SSL for example. In wlan slovenija we were thinking of using SSH/SCP instead. Mitar (talk) 06:09, 17 October 2013 (PDT)

Node: The basic build block of any mesh!

  • node-admin: extended from the openWRT admin page, used by node owner for configuration.
  • node-conf-client: lua client for accepting configs and answering config queries from a configuraion server.

Node Attributes

The following attributes are required of the Build Server at image build time:

  • Hardware model
  • Firmware version

The following attributes are required of the Configuration Server for initial configuration:

  • SSH host RSA keypair
  • SSH host DSA keypair (optional?)
  • SSH host ECDSA keypair (optional?)
  • SSH keys allowed root access for debugging

The following attributes are required of the Node Op for initial configuration through the Configuration Server:

  • Geographic address
  • Node Op name
  • Node Op email address
  • Node Op phone number


Freifunk has a web app called meshkit for generating images.

Meshkit takes a strange approach. From the readme file:

Meshkit itself just writes a uci config file and stores it in
/etc/config/meshkwizard in the resulting firmware image. The actual
configuration is done by meshwizard, which uses community profiles
and the settings from meshkit to configure the device at first boot after
the device has been flashed.

While I understand why community profiles would be a good idea, it seems odd that the configuration would happen on the device. Why not generate all of the required configuration before generating the image? That way you save a bit of space and an extra reboot of the device.

After looking at the code, I am not inclined to use it. Lots of freifunk-specific stuff. Few comments. In the end, all it does that we really care about is take a few values from the web app, write some config files for openwrt and run "make image" with some parameters. It does have a system for queuing builds, which is nice. Honestly, I think we're going to be better off making our own system


SQL Script for meshnode database:

CREATE TABLE node (model TEXT, version TEXT, id TEXT, rsakeypair TEXT, dsakeypair TEXT, ecdsakeypair TEXT, rootkeypair TEXT, geoloc TEXT, opname TEXT, opemail TEXT, opphone TEXT);
INSERT INTO node VALUES('Ubiquity','PICO2-H EU','5f80ce728aa2032a55e6f86bb3d0dd7b154c5c39','-----BEGIN PUBLIC KEY-----
-----END PUBLIC KEY-----','cc:50:d4:85:86:56:b8:8a:77:57:61:51:63:89:46:09','045894609CCECF9A92533F630DE713A958E96C97CCB8F5ABB5A688A238DEED6DC2D9D0C94EBFB7D526BA6A61764175B99CB6011E2047F9F067293F57F5','-----BEGIN PUBLIC KEY-----
-----END PUBLIC KEY-----','37.810869,-122.267554','Chris Jefferies','','510.444.5555');

SQLite database definition:

SQLite format 3���@  ����
��:�:ÅC������Çitablenodenode�CREATE TABLE node (model TEXT, version TEXT, id TEXT, rsakeypair TEXT, dsakeypair TEXT, ecdsakeypair TEXT, rootkeypair TEXT, geoloc TEXT, opname TEXT, opemail TEXT, opphone )