2017-03-10 15:21:32 +00:00
|
|
|
#!/usr/bin/lua
|
|
|
|
|
2017-08-11 18:47:35 +00:00
|
|
|
local site = require 'gluon.site'
|
2017-03-10 15:21:32 +00:00
|
|
|
local users = require 'gluon.users'
|
|
|
|
local util = require 'gluon.util'
|
|
|
|
|
|
|
|
local uci = require('simple-uci').cursor()
|
2018-07-13 17:32:55 +00:00
|
|
|
local unistd = require 'posix.unistd'
|
2017-03-10 15:21:32 +00:00
|
|
|
|
|
|
|
|
|
|
|
uci:section('network', 'interface', 'mesh_vpn', {
|
|
|
|
ifname = 'mesh-vpn',
|
|
|
|
proto = 'gluon_mesh',
|
|
|
|
transitive = true,
|
|
|
|
fixed_mtu = true,
|
|
|
|
macaddr = util.generate_mac(7),
|
2017-08-11 18:47:35 +00:00
|
|
|
mtu = site.mesh_vpn.mtu(),
|
2017-03-10 15:21:32 +00:00
|
|
|
})
|
|
|
|
|
|
|
|
uci:save('network')
|
|
|
|
|
|
|
|
|
2018-07-13 17:32:55 +00:00
|
|
|
if unistd.access('/etc/config/gluon-simple-tc') then
|
2017-03-10 15:21:32 +00:00
|
|
|
os.rename('/etc/config/gluon-simple-tc', '/etc/config/simple-tc')
|
|
|
|
end
|
|
|
|
|
|
|
|
if not uci:get('simple-tc', 'mesh_vpn') then
|
2017-08-11 18:47:35 +00:00
|
|
|
uci:section('simple-tc', 'interface', 'mesh_vpn', {
|
2017-03-10 15:21:32 +00:00
|
|
|
ifname = 'mesh-vpn',
|
2017-08-11 18:47:35 +00:00
|
|
|
enabled = site.mesh_vpn.bandwidth_limit.enabled(false),
|
|
|
|
limit_ingress = site.mesh_vpn.bandwidth_limit.ingress(),
|
|
|
|
limit_egress = site.mesh_vpn.bandwidth_limit.egress(),
|
|
|
|
})
|
2017-03-10 15:21:32 +00:00
|
|
|
uci:save('simple-tc')
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
|
-- The previously used user and group are removed, we now have a generic group
|
|
|
|
users.remove_user('gluon-fastd')
|
|
|
|
users.remove_group('gluon-fastd')
|
|
|
|
|
|
|
|
uci:section('firewall', 'include', 'mesh_vpn_dns', {
|
|
|
|
type = 'restore',
|
|
|
|
path = '/lib/gluon/mesh-vpn/iptables.rules',
|
|
|
|
family = 'ipv4',
|
|
|
|
})
|
|
|
|
|
|
|
|
uci:save('firewall')
|
2017-03-10 18:10:01 +00:00
|
|
|
|
|
|
|
|
|
|
|
-- VPN migration
|
2018-07-13 17:32:55 +00:00
|
|
|
local has_fastd = unistd.access('/lib/gluon/mesh-vpn/fastd')
|
2017-08-07 23:28:53 +00:00
|
|
|
local fastd_enabled = uci:get('fastd', 'mesh_vpn', 'enabled')
|
2017-03-10 18:10:01 +00:00
|
|
|
|
2019-06-09 15:36:22 +00:00
|
|
|
local has_tunneldigger = (not has_fastd) and unistd.access('/lib/gluon/mesh-vpn/tunneldigger')
|
2017-08-07 23:28:53 +00:00
|
|
|
local tunneldigger_enabled = uci:get('tunneldigger', 'mesh_vpn', 'enabled')
|
|
|
|
|
|
|
|
local enabled
|
|
|
|
|
|
|
|
-- If the installed VPN package has its enabled state set, keep the value
|
|
|
|
if has_fastd and fastd_enabled then
|
|
|
|
enabled = fastd_enabled == '1'
|
|
|
|
elseif has_tunneldigger and tunneldigger_enabled then
|
|
|
|
enabled = tunneldigger_enabled == '1'
|
|
|
|
-- Otherwise, migrate the other package's value if any is set
|
|
|
|
elseif fastd_enabled or tunneldigger_enabled then
|
|
|
|
enabled = fastd_enabled == '1' or tunneldigger_enabled == '1'
|
|
|
|
-- If nothing is set, use the default
|
|
|
|
else
|
2017-08-11 18:47:35 +00:00
|
|
|
enabled = site.mesh_vpn.enabled(false)
|
2017-08-07 23:28:53 +00:00
|
|
|
end
|
2017-03-10 18:10:01 +00:00
|
|
|
|
2017-08-07 23:28:53 +00:00
|
|
|
if has_fastd then
|
|
|
|
uci:set('fastd', 'mesh_vpn', 'enabled', enabled)
|
|
|
|
else
|
|
|
|
uci:delete('fastd', 'mesh_vpn')
|
|
|
|
end
|
|
|
|
uci:save('fastd')
|
2017-03-10 18:10:01 +00:00
|
|
|
|
2017-08-07 23:28:53 +00:00
|
|
|
if has_tunneldigger then
|
|
|
|
uci:set('tunneldigger', 'mesh_vpn', 'enabled', enabled)
|
2018-07-25 23:26:00 +00:00
|
|
|
if site.mesh_vpn.bandwidth_limit.enabled(false) then
|
|
|
|
uci:set('tunneldigger', 'mesh_vpn', 'limit_bw_down', site.mesh_vpn.bandwidth_limit.ingress())
|
|
|
|
uci:set('simple-tc', 'mesh_vpn', 'limit_ingress', 0)
|
|
|
|
uci:save('simple-tc')
|
|
|
|
end
|
2017-08-07 23:28:53 +00:00
|
|
|
else
|
|
|
|
uci:delete('tunneldigger', 'mesh_vpn')
|
|
|
|
end
|
|
|
|
uci:save('tunneldigger')
|