diff options
Diffstat (limited to 'ext/openwrt/turret')
| -rw-r--r-- | ext/openwrt/turret/default.nix | 32 | ||||
| -rw-r--r-- | ext/openwrt/turret/files/etc/config/dhcp | 50 | ||||
| -rw-r--r-- | ext/openwrt/turret/files/etc/config/dropbear | 7 | ||||
| -rw-r--r-- | ext/openwrt/turret/files/etc/config/firewall | 131 | ||||
| -rw-r--r-- | ext/openwrt/turret/files/etc/config/https-dns-proxy | 16 | ||||
| -rw-r--r-- | ext/openwrt/turret/files/etc/config/luci | 41 | ||||
| -rw-r--r-- | ext/openwrt/turret/files/etc/config/network | 30 | ||||
| -rw-r--r-- | ext/openwrt/turret/files/etc/config/rpcd | 10 | ||||
| -rw-r--r-- | ext/openwrt/turret/files/etc/config/system | 16 | ||||
| -rw-r--r-- | ext/openwrt/turret/files/etc/config/ucitrack | 56 | ||||
| -rw-r--r-- | ext/openwrt/turret/files/etc/config/uhttpd | 31 | ||||
| -rw-r--r-- | ext/openwrt/turret/files/etc/config/wireless | 34 | ||||
| -rw-r--r-- | ext/openwrt/turret/files/etc/dropbear/authorized_keys | 1 |
13 files changed, 0 insertions, 455 deletions
diff --git a/ext/openwrt/turret/default.nix b/ext/openwrt/turret/default.nix deleted file mode 100644 index 90ec750..0000000 --- a/ext/openwrt/turret/default.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ - pkgs, - openwrt-imagebuilder, - ... -}: let - wrtProfiles = openwrt-imagebuilder.lib.profiles { - inherit pkgs; - release = "22.03.3"; - }; - - image = - wrtProfiles.identifyProfile "netgear_wac104" - // { - packages = ["https-dns-proxy"]; - - files = pkgs.runCommand "image-files" {} '' - mkdir -p $out/etc/uci-defaults - - cat > $out/etc/uci-defaults/99-custom <<EOF - uci -q batch << EOI - set system.@system[0].hostname='turret' - commit - EOI - EOF - - # copy custom files - cp -fr ${./files}/* $out/ - chmod 0644 $out/etc/{config,dropbear}/* - ''; - }; -in - openwrt-imagebuilder.lib.build image diff --git a/ext/openwrt/turret/files/etc/config/dhcp b/ext/openwrt/turret/files/etc/config/dhcp deleted file mode 100644 index f1ffd42..0000000 --- a/ext/openwrt/turret/files/etc/config/dhcp +++ /dev/null @@ -1,50 +0,0 @@ - -config dnsmasq - option domainneeded '1' - option localise_queries '1' - option rebind_protection '1' - option rebind_localhost '1' - option local '/lan/' - option domain 'lan' - option expandhosts '1' - option authoritative '1' - option readethers '1' - option leasefile '/tmp/dhcp.leases' - option localservice '1' - option ednspacket_max '1232' - option doh_backup_noresolv '-1' - option noresolv '1' - list doh_backup_server '' - list doh_backup_server '/mask.icloud.com/' - list doh_backup_server '/mask-h2.icloud.com/' - list doh_backup_server '/use-application-dns.net/' - list doh_backup_server '127.0.0.1#5054' - list doh_backup_server '127.0.0.1#5053' - list server '/mask.icloud.com/' - list server '/mask-h2.icloud.com/' - list server '/use-application-dns.net/' - list server '127.0.0.1#5054' - list server '127.0.0.1#5053' - -config dhcp 'lan' - option interface 'lan' - option start '100' - option limit '150' - option leasetime '12h' - option dhcpv4 'server' - option dhcpv6 'server' - option ra 'server' - option ra_slaac '1' - list ra_flags 'managed-config' - list ra_flags 'other-config' - -config dhcp 'wan' - option interface 'wan' - option ignore '1' - -config odhcpd 'odhcpd' - option maindhcp '0' - option leasefile '/tmp/hosts/odhcpd' - option leasetrigger '/usr/sbin/odhcpd-update' - option loglevel '4' - diff --git a/ext/openwrt/turret/files/etc/config/dropbear b/ext/openwrt/turret/files/etc/config/dropbear deleted file mode 100644 index 95eb1d5..0000000 --- a/ext/openwrt/turret/files/etc/config/dropbear +++ /dev/null @@ -1,7 +0,0 @@ - -config dropbear - option Port '22' - option Interface 'lan' - option PasswordAuth 'off' - option RootPasswordAuth 'off' - diff --git a/ext/openwrt/turret/files/etc/config/firewall b/ext/openwrt/turret/files/etc/config/firewall deleted file mode 100644 index d4f7394..0000000 --- a/ext/openwrt/turret/files/etc/config/firewall +++ /dev/null @@ -1,131 +0,0 @@ - -config defaults - option syn_flood '1' - option input 'ACCEPT' - option output 'ACCEPT' - option forward 'REJECT' - -config zone - option name 'lan' - list network 'lan' - option input 'ACCEPT' - option output 'ACCEPT' - option forward 'ACCEPT' - -config zone - option name 'wan' - list network 'wan' - list network 'wan6' - option input 'REJECT' - option output 'ACCEPT' - option forward 'REJECT' - option masq '1' - option mtu_fix '1' - -config forwarding - option src 'lan' - option dest 'wan' - -config rule - option name 'Allow-DHCP-Renew' - option src 'wan' - option proto 'udp' - option dest_port '68' - option target 'ACCEPT' - option family 'ipv4' - -config rule - option name 'Allow-Ping' - option src 'wan' - option proto 'icmp' - option icmp_type 'echo-request' - option family 'ipv4' - option target 'ACCEPT' - -config rule - option name 'Allow-IGMP' - option src 'wan' - option proto 'igmp' - option family 'ipv4' - option target 'ACCEPT' - -config rule - option name 'Allow-DHCPv6' - option src 'wan' - option proto 'udp' - option dest_port '546' - option family 'ipv6' - option target 'ACCEPT' - -config rule - option name 'Allow-MLD' - option src 'wan' - option proto 'icmp' - option src_ip 'fe80::/10' - list icmp_type '130/0' - list icmp_type '131/0' - list icmp_type '132/0' - list icmp_type '143/0' - option family 'ipv6' - option target 'ACCEPT' - -config rule - option name 'Allow-ICMPv6-Input' - option src 'wan' - option proto 'icmp' - list icmp_type 'echo-request' - list icmp_type 'echo-reply' - list icmp_type 'destination-unreachable' - list icmp_type 'packet-too-big' - list icmp_type 'time-exceeded' - list icmp_type 'bad-header' - list icmp_type 'unknown-header-type' - list icmp_type 'router-solicitation' - list icmp_type 'neighbour-solicitation' - list icmp_type 'router-advertisement' - list icmp_type 'neighbour-advertisement' - option limit '1000/sec' - option family 'ipv6' - option target 'ACCEPT' - -config rule - option name 'Allow-ICMPv6-Forward' - option src 'wan' - option dest '*' - option proto 'icmp' - list icmp_type 'echo-request' - list icmp_type 'echo-reply' - list icmp_type 'destination-unreachable' - list icmp_type 'packet-too-big' - list icmp_type 'time-exceeded' - list icmp_type 'bad-header' - list icmp_type 'unknown-header-type' - option limit '1000/sec' - option family 'ipv6' - option target 'ACCEPT' - -config rule - option name 'Allow-IPSec-ESP' - option src 'wan' - option dest 'lan' - option proto 'esp' - option target 'ACCEPT' - -config rule - option name 'Allow-ISAKMP' - option src 'wan' - option dest 'lan' - option dest_port '500' - option proto 'udp' - option target 'ACCEPT' - -config redirect - option dest 'lan' - option target 'DNAT' - option name 'tf2' - option src 'wan' - option src_dport '37015' - option dest_ip '192.168.1.157' - option dest_port '37015' - option enabled '0' - diff --git a/ext/openwrt/turret/files/etc/config/https-dns-proxy b/ext/openwrt/turret/files/etc/config/https-dns-proxy deleted file mode 100644 index 76e3c60..0000000 --- a/ext/openwrt/turret/files/etc/config/https-dns-proxy +++ /dev/null @@ -1,16 +0,0 @@ - -config main 'config' - option dnsmasq_config_update '*' - list force_dns_port '53' - list force_dns_port '853' - option procd_trigger_wan6 '0' - option force_dns '0' - -config https-dns-proxy - option bootstrap_dns '1.1.1.1,1.0.0.1' - option resolver_url 'https://cloudflare-dns.com/dns-query' - option listen_addr '127.0.0.1' - option listen_port '5054' - option user 'nobody' - option group 'nogroup' - diff --git a/ext/openwrt/turret/files/etc/config/luci b/ext/openwrt/turret/files/etc/config/luci deleted file mode 100644 index 8eb8a9b..0000000 --- a/ext/openwrt/turret/files/etc/config/luci +++ /dev/null @@ -1,41 +0,0 @@ - -config core 'main' - option lang 'auto' - option mediaurlbase '/luci-static/bootstrap' - option resourcebase '/luci-static/resources' - option ubuspath '/ubus/' - -config extern 'flash_keep' - option uci '/etc/config/' - option dropbear '/etc/dropbear/' - option openvpn '/etc/openvpn/' - option passwd '/etc/passwd' - option opkg '/etc/opkg.conf' - option firewall '/etc/firewall.user' - option uploads '/lib/uci/upload/' - -config internal 'languages' - -config internal 'sauth' - option sessionpath '/tmp/luci-sessions' - option sessiontime '3600' - -config internal 'ccache' - option enable '1' - -config internal 'themes' - option Bootstrap '/luci-static/bootstrap' - option BootstrapDark '/luci-static/bootstrap-dark' - option BootstrapLight '/luci-static/bootstrap-light' - -config internal 'apply' - option rollback '90' - option holdoff '4' - option timeout '5' - option display '1.5' - -config internal 'diag' - option dns 'openwrt.org' - option ping 'openwrt.org' - option route 'openwrt.org' - diff --git a/ext/openwrt/turret/files/etc/config/network b/ext/openwrt/turret/files/etc/config/network deleted file mode 100644 index cb24fec..0000000 --- a/ext/openwrt/turret/files/etc/config/network +++ /dev/null @@ -1,30 +0,0 @@ - -config interface 'loopback' - option device 'lo' - option proto 'static' - option ipaddr '127.0.0.1' - option netmask '255.0.0.0' - -config globals 'globals' - option packet_steering '1' - option ula_prefix 'fd26:3166:dece::/48' - -config device - option name 'br-lan' - option type 'bridge' - list ports 'lan2' - list ports 'lan3' - list ports 'lan4' - -config interface 'lan' - option device 'br-lan' - option proto 'static' - option ipaddr '192.168.1.1' - option netmask '255.255.255.0' - option ip6assign '60' - -config interface 'wan' - option device 'lan1' - option proto 'dhcp' - option type 'bridge' - diff --git a/ext/openwrt/turret/files/etc/config/rpcd b/ext/openwrt/turret/files/etc/config/rpcd deleted file mode 100644 index 176c643..0000000 --- a/ext/openwrt/turret/files/etc/config/rpcd +++ /dev/null @@ -1,10 +0,0 @@ -config rpcd - option socket /var/run/ubus/ubus.sock - option timeout 30 - -config login - option username 'root' - option password '$p$root' - list read '*' - list write '*' - diff --git a/ext/openwrt/turret/files/etc/config/system b/ext/openwrt/turret/files/etc/config/system deleted file mode 100644 index ee3415f..0000000 --- a/ext/openwrt/turret/files/etc/config/system +++ /dev/null @@ -1,16 +0,0 @@ - -config system - option hostname 'turret' - option timezone 'UTC' - option ttylogin '0' - option log_size '64' - option urandom_seed '0' - option compat_version '1.1' - -config timeserver 'ntp' - option enabled '1' - option enable_server '0' - list server '0.openwrt.pool.ntp.org' - list server '1.openwrt.pool.ntp.org' - list server '2.openwrt.pool.ntp.org' - list server '3.openwrt.pool.ntp.org' diff --git a/ext/openwrt/turret/files/etc/config/ucitrack b/ext/openwrt/turret/files/etc/config/ucitrack deleted file mode 100644 index bb4cdbc..0000000 --- a/ext/openwrt/turret/files/etc/config/ucitrack +++ /dev/null @@ -1,56 +0,0 @@ -config network - option init network - list affects dhcp - -config wireless - list affects network - -config firewall - option init firewall - list affects luci-splash - list affects qos - list affects miniupnpd - -config olsr - option init olsrd - -config dhcp - option init dnsmasq - list affects odhcpd - -config odhcpd - option init odhcpd - -config dropbear - option init dropbear - -config httpd - option init httpd - -config fstab - option exec '/sbin/block mount' - -config qos - option init qos - -config system - option init led - option exec '/etc/init.d/log reload' - list affects luci_statistics - list affects dhcp - -config luci_splash - option init luci_splash - -config upnpd - option init miniupnpd - -config ntpclient - option init ntpclient - -config samba - option init samba - -config tinyproxy - option init tinyproxy - diff --git a/ext/openwrt/turret/files/etc/config/uhttpd b/ext/openwrt/turret/files/etc/config/uhttpd deleted file mode 100644 index cb2ff71..0000000 --- a/ext/openwrt/turret/files/etc/config/uhttpd +++ /dev/null @@ -1,31 +0,0 @@ - -config uhttpd 'main' - list listen_http '0.0.0.0:80' - list listen_http '[::]:80' - list listen_https '0.0.0.0:443' - list listen_https '[::]:443' - option redirect_https '0' - option home '/www' - option rfc1918_filter '1' - option max_requests '3' - option max_connections '100' - option cert '/etc/uhttpd.crt' - option key '/etc/uhttpd.key' - option cgi_prefix '/cgi-bin' - list lua_prefix '/cgi-bin/luci=/usr/lib/lua/luci/sgi/uhttpd.lua' - option script_timeout '60' - option network_timeout '30' - option http_keepalive '20' - option tcp_keepalive '1' - option ubus_prefix '/ubus' - -config cert 'defaults' - option days '730' - option key_type 'ec' - option bits '2048' - option ec_curve 'P-256' - option country 'ZZ' - option state 'Somewhere' - option location 'Unknown' - option commonname 'OpenWrt' - diff --git a/ext/openwrt/turret/files/etc/config/wireless b/ext/openwrt/turret/files/etc/config/wireless deleted file mode 100644 index 115fc2c..0000000 --- a/ext/openwrt/turret/files/etc/config/wireless +++ /dev/null @@ -1,34 +0,0 @@ - -config wifi-device 'radio0' - option type 'mac80211' - option path '1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0' - option band '2g' - option disabled '0' - option cell_density '0' - option htmode 'HT20' - option channel 'auto' - -config wifi-iface 'default_radio0' - option device 'radio0' - option mode 'ap' - option ssid 'Box-2.4G' - option encryption 'psk2' - option key 'REPLACEME' - option network 'lan wan' - -config wifi-device 'radio1' - option type 'mac80211' - option path '1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0' - option band '5g' - option disabled '0' - option cell_density '0' - option htmode 'VHT80' - option channel 'auto' - -config wifi-iface 'default_radio1' - option device 'radio1' - option mode 'ap' - option ssid 'Box-5G' - option key 'REPLACEME' - option encryption 'psk2' - option network 'lan wan' diff --git a/ext/openwrt/turret/files/etc/dropbear/authorized_keys b/ext/openwrt/turret/files/etc/dropbear/authorized_keys deleted file mode 100644 index 495c605..0000000 --- a/ext/openwrt/turret/files/etc/dropbear/authorized_keys +++ /dev/null @@ -1 +0,0 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIERx0I8DKtALZ9VrYnY1iBEpwl2pBlRiS8oJQvZwpl5e seth@glados
|