diff --git a/package/network/services/unetd/Makefile b/package/network/services/unetd/Makefile new file mode 100644 index 000000000..687306149 --- /dev/null +++ b/package/network/services/unetd/Makefile @@ -0,0 +1,113 @@ +# +# Copyright (C) 2022 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=unetd +PKG_SOURCE_PROTO:=git +PKG_SOURCE_URL=$(PROJECT_GIT)/project/unetd.git +PKG_SOURCE_DATE:=2024-03-31 +PKG_SOURCE_VERSION:=806457664ab6e952a7f4febb82e891f596fe577c +PKG_MIRROR_HASH:=0d3952f8079476e68487094b49c9c39074a1068c932f204a87c609074ce30d74 + +PKG_LICENSE:=GPL-2.0 +PKG_MAINTAINER:=Felix Fietkau + +PKG_BUILD_DEPENDS:=HAS_BPF_TOOLCHAIN:bpf-headers + +PKG_BUILD_PARALLEL:=1 + +PKG_CONFIG_DEPENDS += CONFIG_UNETD_VXLAN_SUPPORT + +include $(INCLUDE_DIR)/package.mk +include $(INCLUDE_DIR)/cmake.mk +include $(INCLUDE_DIR)/bpf.mk +include $(INCLUDE_DIR)/nls.mk + +define Package/unetd + SECTION:=net + CATEGORY:=Network + TITLE:=WireGuard based VPN connection manager for OpenWrt + DEPENDS:=+libubox +libubus +libblobmsg-json +libnl-tiny +kmod-wireguard +UNETD_VXLAN_SUPPORT:libbpf +endef + +define Package/unetd/config + config UNETD_VXLAN_SUPPORT + bool "VXLAN support" + depends on PACKAGE_unetd + depends on HAS_BPF_TOOLCHAIN + default y + +endef + +define Package/unet-dht + SECTION:=net + CATEGORY:=Network + DEPENDS:=unetd + TITLE:=unetd DHT discovery support +endef + +define Package/unet-cli + SECTION:=net + CATEGORY:=Network + DEPENDS:=+unetd +ucode +ucode-mod-fs + TITLE:=unetd administration command line utility +endef + +TARGET_CFLAGS += \ + -I$(STAGING_DIR)/usr/include/libnl-tiny \ + -I$(STAGING_DIR)/usr/include + +CMAKE_OPTIONS += \ + -DLIBNL_LIBS=-lnl-tiny \ + -DVXLAN_SUPPORT=$(if $(CONFIG_UNETD_VXLAN_SUPPORT),ON,OFF) + +ifdef CONFIG_UNETD_VXLAN_SUPPORT + define Build/Compile + $(call CompileBPF,$(PKG_BUILD_DIR)/mss-bpf.c) + $(call Build/Compile/Default,) + endef +endif + +define Package/unetd/conffiles +/etc/unetd +endef + +define Package/unetd/install + $(INSTALL_DIR) \ + $(1)/etc/unetd \ + $(1)/lib/bpf \ + $(1)/etc/init.d \ + $(1)/lib/netifd/proto \ + $(1)/usr/sbin \ + $(1)/usr/lib + $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libunet.so* $(1)/usr/lib/ + $(INSTALL_BIN) \ + $(PKG_INSTALL_DIR)/usr/sbin/unetd \ + $(PKG_INSTALL_DIR)/usr/sbin/unet-tool \ + $(1)/usr/sbin/ + $(if $(CONFIG_UNETD_VXLAN_SUPPORT),$(INSTALL_DATA) $(PKG_BUILD_DIR)/mss-bpf.o $(1)/lib/bpf/mss.o) + $(INSTALL_BIN) ./files/unetd.init $(1)/etc/init.d/unetd + $(INSTALL_BIN) ./files/unetd.sh $(1)/lib/netifd/proto +endef + +define Package/unet-dht/install + $(INSTALL_DIR) \ + $(1)/etc/init.d \ + $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_BUILD_DIR)/unet-dht $(1)/usr/sbin + $(INSTALL_BIN) ./files/unet-dht.init $(1)/etc/init.d/unet-dht +endef + +define Package/unet-cli/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_BUILD_DIR)/scripts/unet-cli $(1)/usr/sbin +endef + +$(eval $(call BuildPackage,unetd)) +$(eval $(call BuildPackage,unet-dht)) +$(eval $(call BuildPackage,unet-cli)) diff --git a/package/network/services/unetd/files/unet-dht.init b/package/network/services/unetd/files/unet-dht.init new file mode 100644 index 000000000..272626a93 --- /dev/null +++ b/package/network/services/unetd/files/unet-dht.init @@ -0,0 +1,24 @@ +#!/bin/sh /etc/rc.common +# Copyright (c) 2022 OpenWrt.org + +START=19 + +USE_PROCD=1 +PROG=/usr/sbin/unet-dht + +unet_dht_id() { + cat \ + /sys/class/net/eth?/address \ + /sys/class/ieee80211/phy*/macaddress \ + /etc/board.json | md5sum | awk '{ print $1 }' +} + +start_service() { + mkdir -p /var/run/unetd /etc/unetd + + procd_open_instance + procd_set_param command "$PROG" -u /var/run/unetd/socket -n /var/run/unetd/nodes.dat $(unet_dht_id) + procd_set_param respawn + procd_set_param limits core="unlimited" + procd_close_instance +} diff --git a/package/network/services/unetd/files/unetd.init b/package/network/services/unetd/files/unetd.init new file mode 100644 index 000000000..c1124821e --- /dev/null +++ b/package/network/services/unetd/files/unetd.init @@ -0,0 +1,17 @@ +#!/bin/sh /etc/rc.common +# Copyright (c) 2022 OpenWrt.org + +START=19 + +USE_PROCD=1 +PROG=/usr/sbin/unetd + +start_service() { + mkdir -p /var/run/unetd /etc/unetd + + procd_open_instance + procd_set_param command "$PROG" -h /var/run/unetd/hosts -u /var/run/unetd/socket + procd_set_param respawn + procd_set_param limits core="unlimited" + procd_close_instance +} diff --git a/package/network/services/unetd/files/unetd.sh b/package/network/services/unetd/files/unetd.sh new file mode 100644 index 000000000..2f0f0c478 --- /dev/null +++ b/package/network/services/unetd/files/unetd.sh @@ -0,0 +1,99 @@ +#!/bin/sh + +[ -x /usr/sbin/unetd ] || exit 0 + +. /lib/functions.sh +. /lib/functions/network.sh +. ../netifd-proto.sh + +init_proto "$@" + +proto_unet_init_config() { + proto_config_add_string device + proto_config_add_string type + proto_config_add_string auth_key + proto_config_add_string key + proto_config_add_string file + proto_config_add_int keepalive + proto_config_add_string domain + proto_config_add_boolean dht + proto_config_add_array "tunnels:list(string)" + proto_config_add_array "connect:list(string)" + proto_config_add_array "peer_data:list(string)" + no_device=1 + available=1 + no_proto_task=1 +} + +proto_unet_setup() { + local config="$1" + + local device type key file keepalive domain tunnels + json_get_vars device type auth_key key file keepalive domain dht + json_get_values tunnels tunnels + json_get_values connect connect + json_get_values peer_data peer_data + device="${device:-$config}" + + [ -n "$auth_key" ] && type="${type:-dynamic}" + [ -n "$file" ] && type="${type:-file}" + + json_init + json_add_string name "$device" + json_add_string type "$type" + json_add_string interface "$config" + json_add_string auth_key "$auth_key" + json_add_string key "$key" + json_add_string file "$file" + [ -n "$keepalive" ] && json_add_int keepalive "$keepalive" + [ -n "$dht" ] && json_add_boolean dht "$dht" + json_add_string domain "$domain" + + json_add_object tunnels + for t in $tunnels; do + local ifname="${t%%=*}" + local service="${t#*=}" + [ -n "$ifname" -a -n "$service" -a "$ifname" != "$t" ] || continue + json_add_string "$ifname" "$service" + done + json_close_object + + json_add_array auth_connect + for c in $connect; do + json_add_string "" "$c" + done + json_close_array + + json_add_array peer_data + for c in $peer_data; do + json_add_string "" "$c" + done + json_close_array + + ip link del dev "$device" >/dev/null 2>&1 + ip link add dev "$device" type wireguard || { + echo "Could not create wireguard device $device" + proto_setup_failed "$config" + exit 1 + } + + ubus call unetd network_add "$(json_dump)" +} + +proto_unet_teardown() { + local config="$1" + local iface="$2" + + local device + json_get_vars device + device="${device:-$iface}" + + json_init + json_add_string name "$device" + + ip link del dev "$device" + + ubus call unetd network_del "$(json_dump)" +} + +add_protocol unet