This script wants to get the upgrade process of a freifunk-berlin router via terminal smooth and easy.
For a more complete and more recent documentation (currently only in German), have a look for /doc/paper_autoupdate.pdf
-
manual mode
- saves a backup on your (remote) machine
- (needs to be configured in /etc/config/autoupdate)
- gets the model of the router and its uplink type
- fetches the corresponding sysupgrade.bin and downloads it
- does the upgrade
- saves a backup on your (remote) machine
-
automatic mode
- does save backup in /root/
- does upgrade automatically
At default autoupdate is only avaiable in manual mode. To set it working automatically, you need to set a variable in the config file.
The script will give some explanatory text, if you start it without operators.
To start autoupdate in manual mode, type autoupdate -m
in the CLI of your Freifunk Berlin router.
Before setting the script into auto mode (see below) it is strongly recommended to run it one time manually! Please check, if
the router model and the uplink type is recognised correctly (especially hardware revisions). If not, you should override
them by storing the correct values in the config file. /etc/config/autoupdate
For example:
TP-LINK TL-WR1043ND v3
states itself as TP-LINK TL-WR1043ND v2
. To fix that, set
config 'autoupdate' 'router'
option 'router' 'null'
to
config 'autoupdate' 'router'
option 'router' 'TP-LINK TL-WR1043ND v3'
You may also use uci, if you are more comfortable with that:
uci set autoupdate.router.router='TP-LINK TL-WR1043ND v3'
uci commit autoupdate
Set autoupdate.automode.automode='true'
in the config file. Also the valueson, yes, 1
are accepted. The script will
check for updates weekly on Thursday.
If automode is set on, the automatic update might also be started manually by autoupdate -a
.
If you set up the values in config file, this will trigger the router to save a backup directly onto your remote machine. For this your machine must be accessible via ssh. Please mind to really give a slash at the end of the remote path.
option 'client_path' '/complete/path/to/your/backups/'
This "sends" (have a look in details section) the router string to the developers. This happens every week on Monday. With that string sent we can manage to take the link lists up to date, because the strings may vary in different firmware versions. (have a look above)
To get the right download link, the script loads a signed json file. This file should have a form like this:
{
"date":"20190512",
"ROUTER-NAME#1":
{
"default": "http://link-to-sysupgrade.bin",
"tunneldigger": "http://link-to-sysupgrade.bin"
},
"ROUTER-NAME#2":
{
"default": "http://link-to-sysupgrade.bin",
"tunneldigger": "http://link-to-sysupgrade.bin"
}
}
To generate those files automatically, you should have a look at json-creator https://github.com/Akira25/json-creator
The authenticy check function checks the signatures of the link definition file againts all the public keys
in /usr/share/autoupdate/keys/. Update do only proceed, if a certain amount of signatures was valid. This amount is specified
in /etc/config/autoupdate.
We use openwrt-built-in usign
for that.
The value should match with the importance of the upgrade branch. For example:
branch name | minimum amount of valid signatures |
---|---|
stable | 4 |
testing | 3 |
experimental | 1 |
One signature in each branch might be generated by the buildbot itself.
Caution: If you change the branch, you should change amount of signatures accordingly.
Please check json-creator manual.
Actually the string is not "send". Due to firewalls and that wole stuff, the string is transmitted via wget. wget will
try to get http://some-defined-server.berlin/devicename;$ROUTER;
. It will fail by intention, but the device strings can be
extracted fairly easy from the web server's access.log
.
Have a look at name-finder.
Upgrades which are not supported by the developers of Freifunk Berlin might break your configuration. Therefore this script should not be used in crucial environments like backbone-setups.
If you are comfortable with C, you should have a look at gluon-autoupdater too. https://github.com/freifunk-gluon/packages/tree/master/admin/autoupdater