catching up on old e-mail
On Wed, 9 Dec 2015, Lukáš Macura wrote:
Hello,
I would want to start some discussion about first boot provisioning and
theoretical inclusion of some script into default images.
Today, if somebody want some automatic way to autoconfigure OpenWrt boxes, he
has to create its own image. But if there is some possibility directly in
OpenWrt, how to do some well-documented procedure during first boot, first boot
auto configuration could be offloaded from image. I know there are some
security issues. But I think that such procedure could be very tiny and
efficient.
For example, it is very easy to write handler for reset button
/etc/rc.button/reset :
if [ "$SEEN" -lt 1 ]
then
echo "REBOOT" > /dev/console
sync
reboot
elif [ "$SEEN" -gt 10 ]
then
( echo "PROVISIONING"
wget -q -O- http://openwrt-prov/opkg.repo >/etc/opkg/provisioned.conf
packages=$(wget -q -O- http://openwrt-prov/default/opkg.install)
[ -n "$packages" ] && opkg update && opkg install $packages
) 2>&1 | logger
elif [ "$SEEN" -gt 5 ]
then
echo "FACTORY RESET" > /dev/console
jffs2reset -y && reboot &
fi
so if you press reset button for more than 10 seconds, box will download two
files from some server. One which can add some local repositories and second to
get package names to install. Next to this, it will do opkg update and install.
There are more ways how to trigger first boot procedure. This is only proof of
concept.
Another way is to include this procedure in uci-defaults and run each time when
device is in factory defaults mode.
Some questions:
- - How to form url? Which url?
- - Is it secure to download some external content by default? No, but this
will hapen only during first boot.
- - Should this procedure be manual? eg. it needs to press button or
automaticaly?
It all depends on the environment. For he Scale conference last week, I had 120
APs out and they got configured by a combination of the base image (populating
/files) and DHCP parameters. That wouldn't work in home systems where the AP is
the DHCP.
Automating configuation and updates from your own system is a great thing to do.
Doing so from someone else's system on the Internet is something else. And
taking on the responsibility for holding such configs (and the potential
liability if the configs get tampered with and access is granted to lots of
peoples systmes) is something else again. It's not something Openwrt is going to
want to get involved with.
The bigger issue is that the reason why most openwrt devices get updated by
flashing a complete image is the shortage of storage on them. By using a
pre-compressed, read-only filesystem, the compression ratio is much higher, but
it means that anything that gets installed on the device after that point has
two versions taking up space, the original, highly compressed version, and a
later, less compressed version. You very quickly run out of space updating
individual packages and overriding basic configs.
But I do like the idea of holding the reset button down to pull from a local
system. I'll use that trick in the future :-)
David Lang
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel