RADIUSdesk

Trace:

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
md:openwrt-meshdesk_17 [2021/11/20 05:46] – [Select Packages To Include With Firmware] adminmd:openwrt-meshdesk_17 [2021/11/20 18:18] (current) – [captive_portal.json] admin
Line 96: Line 96:
 | **libuci-lua**     | Libraries |     | | **libuci-lua**     | Libraries |     |
 | **luci**           | Luci -> Collections |    | | **luci**           | Luci -> Collections |    |
-| **luci-compat**    | Luci -> Modules | Needs this modules for our package **VERY IMPORTANT** | 
 | **luci-app-meshdesk**    | Luci -> Applications | Luci App to enable and disable central management | | **luci-app-meshdesk**    | Luci -> Applications | Luci App to enable and disable central management |
 | **luci-theme-material**   | Luci -> Themes | Modern theme that is easy to customize | | **luci-theme-material**   | Luci -> Themes | Modern theme that is easy to customize |
 | **luci-lib-httpclient**  | Luci ->  Libraries |  | | **luci-lib-httpclient**  | Luci ->  Libraries |  |
-| **luci-lib-httpprotoutils**  | Luci ->  Libraries |  | 
 | **luci-lib-json**  | Luci ->  Libraries |  | | **luci-lib-json**  | Luci ->  Libraries |  |
 | **luci-lib-jsonc**  | Luci ->  Libraries |  | | **luci-lib-jsonc**  | Luci ->  Libraries |  |
-**coova-chilli**   | Network -> Captive Portals | Select **OpenSSL** as **SSL Library**. Also select **Enable the JSON interface..** and **..Coova miniportal...** |+| coova-chilli   | Network -> Captive Portals | Select **OpenSSL** as **SSL Library** //Do not include to save space eg on **OM2P**// |
 | **curl**  | Network -> File Transfer |     | | **curl**  | Network -> File Transfer |     |
 | **relayd**  | Network -> Routing and Redirection |      | | **relayd**  | Network -> Routing and Redirection |      |
-| **wpad IEEE 802.1x Auth/Supplicant (built-in full)** | Network -> WirelessAPD | Un-select wpad-basic| +| batctl  | Network  |
-| batctl-full  | Network Un-select batctl-default |+
 | mosquitto-client-ssl | Network | Note the **CLIENT** package | | mosquitto-client-ssl | Network | Note the **CLIENT** package |
 +| wpad IEEE 802.1x Auth/Supplicant (built-in full) | Network  | //Use default wpad-mini to save space eg on **OM2P**//|
  
   * After you selected these packages you can save the configuration and issue **make** to build the firmware.   * After you selected these packages you can save the configuration and issue **make** to build the firmware.
Line 114: Line 112:
         * Username and Password is **root** and **admin** for Luci and ssh.         * Username and Password is **root** and **admin** for Luci and ssh.
   * The next section will cover the files you have to attend to for the specific hardware tweaks.   * The next section will cover the files you have to attend to for the specific hardware tweaks.
 +
 +<WRAP center round info 90%>
 +Although the  **OM2P** has 16M FLASH there is a 7M fail-safe partition which complicates things a bit.
 +To keep things small I //included// the mesh parts (Batman) but //excluded// **coova-chilli** and the full version of **wpad** in the firmware I created
 +</WRAP>
 +
  
 ===== Initial File Preparation ===== ===== Initial File Preparation =====
Line 121: Line 125:
 <file bash network> <file bash network>
 config interface 'loopback' config interface 'loopback'
- option device 'lo'+ option ifname 'lo'
  option proto 'static'  option proto 'static'
  option ipaddr '127.0.0.1'  option ipaddr '127.0.0.1'
Line 127: Line 131:
  
 config globals 'globals' config globals 'globals'
- option ula_prefix 'auto'+ option ula_prefix 'fd15:97e0:cb63::/48'
  
-config device +config interface 'lan'
- option name 'br-lan'+
  option type 'bridge'  option type 'bridge'
- list ports 'eth0.1' + option ifname 'eth0'
- +
-config interface 'lan' +
- option device 'br-lan'+
  option proto 'static'  option proto 'static'
  option ipaddr '192.168.1.1'  option ipaddr '192.168.1.1'
  option netmask '255.255.255.0'  option netmask '255.255.255.0'
  option ip6assign '60'  option ip6assign '60'
- 
-config device 
- option name 'eth0.2' 
- option macaddr '9c:9d:7e:f6:22:1c' 
  
 config interface 'wan' config interface 'wan'
- option device 'eth0.2'+ option ifname 'eth1'
  option proto 'dhcp'  option proto 'dhcp'
  
 config interface 'wan6' config interface 'wan6'
- option device 'eth0.2'+ option ifname 'eth1'
  option proto 'dhcpv6'  option proto 'dhcpv6'
- 
-config switch 
- option name 'switch0' 
- option reset '1' 
- option enable_vlan '1' 
- 
-config switch_vlan 
- option device 'switch0' 
- option vlan '1' 
- option ports '4 2 6t' 
- 
-config switch_vlan 
- option device 'switch0' 
- option vlan '2' 
- option ports '0 6t' 
  
 </file> </file>
 +  * With this setup we have the POE port as LAN (The port next to the Power Jack).
 +  * We also have the WAN sitting next to the antenna.
 +  * This is **not ideal** for us since we want to feed power onto the WAN port.
   * Next look at the **/etc/MESHdesk/configs/wan_network** file that is derived from it.   * Next look at the **/etc/MESHdesk/configs/wan_network** file that is derived from it.
-<file bash network>+<file bash wan_network>
 config interface 'loopback' config interface 'loopback'
     option proto 'static'     option proto 'static'
Line 178: Line 162:
  
 config interface 'lan' config interface 'lan'
-    option ifname 'eth0.1'+    option ifname 'eth0'
     option type 'bridge'     option type 'bridge'
     option proto 'dhcp'     option proto 'dhcp'
Line 188: Line 172:
     option proto 'dhcp'     option proto 'dhcp'
  
-config switch +</file> 
-    option name 'switch0' +  * Note there are no **switch** sections. Please refer to the other Wiki pages on the convention to use if the //network// file has **switch** sections. 
-    option reset '1' +  * **client_0** and **client_1** interface sections can always be kept as is. 
-    option enable_vlan '1'+  * **lan** interface section is in actuality the **WAN** port. (This is due to the historical nature of the project and also that we support hardware with a single Ethernet port) 
 +  * Since we wanted the port with POE (eth0) as WAN we actually kept the membership of the **lan** interface as is (remember it is actually the **WAN** port) 
 +  * Next we will look at the ///etc/config/meshdesk// file and tweak it to work with our environment and our hardware.
  
-config switch_vlan +<WRAP center round tip 90%> 
-    option device 'switch0+  * There is a growing list of existing sample **wan_network** files under the ///openwrt/package/zzz-MESHdesk/files/MESHdesk/configs// folder. 
-    option vlan '1' +  * They have a convention of **network_<firmware_id>** e.g. network_xiaomi_4a_100 
-    option ports '6t'+  * Simply copy that file over //openwrt/package/zzz-MESHdesk/files/MESHdesk/configs/wan_network// 
 +  * Those files will have a matching existing hardware section in the //openwrt/package/zzz-MESHdesk/files/MESHdesk/meshdesk// file  
 +</WRAP> 
 +==== meshdesk ==== 
 +=== Tweaks For Our Hardware === 
 +  * MESHdesk use the LEDs of the device it is installed on to signal about the environment 
 +        * It signals during startup about the method it uses to try and fetch its settings at that moment. 
 +        * If the device is used in a mesh network it will signal how many neighboring nodes it sees after startup. 
 +        * There is also another LED used to indicate if the device has proper contact with the controller. (The LED can be either ON or OFF in such a case) 
 +        * Finally on mesh networks we can also specify a LED that will indicate mesh traffic flowing through a node. 
 +        * Again lets look at the **OM2P** as a sample. 
 +<code bash> 
 +#change directory to where the LEDs are 
 +cd /sys/class/leds/ 
 +ls  
 +#These are the LEDs available 
 +ath9k-phy0        om2p:blue:lan     om2p:blue:power   om2p:blue:wan     om2p:green:wifi   om2p:red:wifi     om2p:yellow:wifi 
 +#turn it off 
 +echo "0" > om2p\:blue\:lan/brightness 
 +#turn it on 
 +echo "1" > om2p\:blue\:lan/brightness 
 +#Go through all of them and confirm which is which on the device 
 +</code> 
 +  * This device has an interesting LED. It is the **tricolor wifi** LED. 
 +  * In our case we can use the **om2p:yellow:wifi** of the tricolor to light up if the comms to the controller is broken. 
 +  * We can also use the **om2p:green:wifi** of the tricolor to light up if the comms to the controller is OK. 
 +  * We can use the **om2p:blue:wan LED** to signal during startup and neighbor counts. 
 +  * We can use **om2p:blue:lan** for the mesh traffic indicator.  
 +  * With this info we can create a hardware section in ///etc/config/meshdesk// 
 +<code bash> 
 +config hardware 'om2p'                                                         
 +        option morse_led '/sys/class/leds/om2p:blue:wan/brightness'       
 +        option internet_led '/sys/class/leds/om2p:yellow:wifi/brightness' 
 +        option wifi_led 'om2p:blue:lan' 
 +</code> 
 +  * This have to match the value for hardware under the **settings** section 
 +<code bash> 
 +config settings 'settings' 
 + option hardware 'om2p' 
 + option id_if 'eth0' 
 + option lan_up_file '/tmp/lan_up' 
 +</code> 
 +<WRAP center round info 90%> 
 +Don't make the name of the hardware section more than 14characters. Longer names break things during deployment. 
 +</WRAP> 
 + 
 +  * Later we will also use the value of **om2p** to define the hardware on the controller. 
 +  * The final tweak for the hardware in the config file is the interface that must be used as the **id_if**. 
 +        * It will typically be **eth0**. 
 +  * Since we want the **yellow LED** to be off when the comms to the controller is fine we need to check what the current setup is 
 +  * With this device we also want to light up the green LED when the comms is fine. 
 +<code bash> 
 +vi /etc/MESHdesk/reporting/report_to_server.lua  
 +#Look for this section 
 +    if(ok_flag)then                                  
 +        internetLED('0'); -- NOTE Here we can swap thme around eg make it 0 to turn off a red LED when the internet is OK 
 +        checkForContollerReboot('1');                    
 +    else                                                                              
 +        internetLED('1');                                                         
 +        checkForContollerReboot('0');                   
 +    end 
 +     
 +#Also modify the internetLED function to look like this: 
 +function internetLED(state)             
 +    local hardware  = x.get('meshdesk', 'settings', 'hardware'); 
 +    local led       = x.get('meshdesk', hardware, 'internet_led'); 
 +    if(state == '0')then                                                  
 +         os.execute('echo 1 > /sys/class/leds/om2p\:green\:wifi/brightness' ); 
 +    end                                              
 +    if(state == '1')then                                    
 +         os.execute('echo 0 > /sys/class/leds/om2p\:green\:wifi/brightness' ); 
 +    end                             
 +    os.execute('echo '..state..' > ' .. led );                    
 +end 
 + 
 +</code> 
 + 
 +  * To activate the mesh traffic indicator LED you need to edit the ///etc/config/system// file's wifi_led section 
 +  * See this snippet as reference. 
 +<file bash>
  
-config switch_vlan +config led 'wifi_led' 
-    option device 'switch0+ option name 'wifi' 
-    option vlan '2+ option trigger 'netdev' 
-    option ports '4 2 6t'+ option dev 'bat0
 + option mode 'link tx rx
 + option sysfs 'om2p:blue:lan'
 </file> </file>
  
-  * We took the **switch** config sections from  ///etc/config/network// and simply **swapped** vlan nr 1 and vlan nr 2 around. +  *  The following table lists some of the important items with comments 
-  * This means that eth0.1 is now on the **WAN** port. +
-  * We also kept the old config style which is still supported in **21.02** +
-  * **client_0** and **client_1** interface sections can always be kept as is. +
-  * **lan** interface section is in actuality the **WAN** port. (This is due to the historical nature of the project and also that we support hardware with a single Ethernet port)+
  
 +^ Item        ^ Typical value           ^ Comment    ^
 +| settings -> hardware | om2p | Must match a hw definition in the file itself  |
 +| settings -> id_if  | eth0 | eg eth0, eth1 or wan - NOT eth0.1 (for those boards its just eth0)  |
 +| settings -> skip_radio_0  | 0 | set to 1 when radio0 is a 5G radio and you don't want to use it for config SSID  |
  
-  Lets look at another sample file. This time the **Xiaomi 4A Gigabit Edition**. This board does not have any **switch** sections and is much simpler.+=== Tweaks For Our Environment === 
 +   The following table lists some of the important items with comments 
  
-<file bash wan_network> +^ Item        ^ Typical value           ^ Comment    ^ 
-config interface 'loopback' +| internet1 -disabled    | 1  | change it to 0 in order for the device to be centrally controlled   | 
-    option proto 'static' +| internet1 -> dns    | cloud.radiusdesk.com  | Supply Dummy Value If Not Using DNS System | 
-    option ipaddr '127.0.0.1' +| internet1 -> protocol | https | Can be http or https | 
-    option netmask '255.0.0.0' +| internet1 -> ip | 176.31.15.210 | Fallback when FQDN does not resolve on FQDN not used |
-    option ifname 'lo'+
  
-config interface 'lan' +  * We are nearly done. The last stop is to edit the **captive_config.json** file to fit our specific hardware.
-    option ifname 'wan' +
-    option type 'bridge' +
-    option proto 'dhcp'+
  
-config interface 'client_0' 
-    option proto 'dhcp' 
  
-config interface 'client_1' +==== captive_portal.json ==== 
-    option proto 'dhcp' +  * Edit the file ///etc/MESHdesk/configs/captive_config.json//
-     +  * This file is a JSON structure that the device uses as a reference to configure itself with a special captive portal when it is not yet managed by the controller. 
-</file+  * There are only two items that might need to be tweaked 
-  * Here you can see there is no **switch** sections and we specified the ifname for the **lan** interface as **wan**. Plain and simple+        * The radio number for the 2.4G band. 
-  * Next we will look at the ///etc/config/meshdesk// file and tweak it to work with our environment and our hardware.+        * The **ifname** for the **lan** interface (We use the WAN port in out implementation) 
 +  * With the **OM2P** radio0 is the 2.4G radio so no need to tweak that item. (If the hardware has radio1 as the 2.4G band simply look for all the references to **radio0** and make them radio1) 
 +  * See this snippet of a device which has radio1 using the 2.4G band 
 +<code javascript> 
 +"wireless":
 +            { 
 +                "wifi-device": "radio1", 
 +                "options":
 +                    "channel": 1, 
 +                    "disabled": 0, 
 +                    "hwmode": "11g", 
 +                    "htmode": "HT20" 
 +                } 
 +            },   
 +            { 
 +                "wifi-iface": "two", 
 +                "options":
 +                    "device": "radio1", 
 +                    "ifname": "two0", 
 +                    "mode": "ap", 
 +                    "network": "ex_two", 
 +                    "encryption": "none", 
 +                    "ssid": "_Replace_", 
 +                    "key": "", 
 +                    "hidden": false, 
 +                    "isolate": false, 
 +                    "auth_server": "", 
 +                    "auth_secret": "" 
 +                } 
 +            }, 
 +            { 
 +                "wifi-iface": "web_by_w", 
 +                "options":
 +                    "device": "radio1", 
 +                    "mode": "sta", 
 +                    "network": "web_by_w", 
 +                    "encryption": "psk2", 
 +                    "key": "radiusdesk", 
 +                    "ssid": "meshdesk_config", 
 +                    "disabled": "1" 
 +                } 
 +            } 
 +        ], 
 +</code
 +  * With the **OM2P** the **ifname** we use is **eth0** for the **lan** interface definition. 
 +<code javascript> 
 +
 +    "interface": "lan", 
 +    "options":
 +        "ifname": "eth0", 
 +        "type": "bridge", 
 +        "proto": "static", 
 +        "ipaddr": "10.50.50.50", 
 +        "netmask": "255.255.255.0" 
 +    } 
 +}, 
 +</code> 
 +  Once the tweaks are completed we can test everything out.  
 +  The following link shows how to point the device to the controller using the GUI. 
 +  [[2021:xiaomi_md|OpenWrt Access Points Running MESHdesk Firmware]] 
 +  Point the device to your controller and reboot it
 +  * If all goes well it will show up in **Unknown Nodes** 
 +  * If it is a new hardware type add it to the controller as described here: [[2021:rd_full_hardware|Hardwares]] (Again Once Off) 
 +  * [[md:xiaomi-attach|Attach A Device To Demo1 Mesh]]
  
-<WRAP center round tip 90%> +===== The Final Built ===== 
-  * There is growing list of existing sample **wan_network** files under the ///openwrt/package/zzz-MESHdesk/files/MESHdesk/configs// folder. +  * If everything on the device work as intended you can use those tweaked files to build final version of the firmware for the specific hardware. 
-  * They have a convention of **network_<firmware_id>** e.g. network_xiaomi_4a_100 +  Copy the files to a temporary folder on the machine where you are building the firmware. 
-  * Simply copy that file over //openwrt/package/zzz-MESHdesk/files/MESHdesk/configs/wan_network// +  * Use the following as a lookup for the location inside the SDK where the tweaked files need to go. 
-  * Those files will have a matching existing hardware section in the //openwrt/package/zzz-MESHdesk/files/MESHdesk/meshdesk// file  + 
-</WRAP>+^On Device   ^On SDK    ^ 
 +|/etc/MESHdesk/configs/wan_network  |openwrt/package/zzz-MESHdesk/files/MESHdesk/configs/  | 
 +|/etc/config/meshdesk openwrt/package/zzz-MESHdesk/files/MESHdesk/  | 
 +|/etc/MESHdesk/configs/captive_config.json  |openwrt/package/zzz-MESHdesk/files/MESHdesk/configs/ 
 +|/etc/MESHdesk/reporting/report_to_server.lua  |openwrt/package/zzz-MESHdesk/files/MESHdesk/reporting  | 
 + 
 +  * This brings us to the end of the page on how to build MESHdesk firmware for specific hardware.
  
Last modified: 2021/11/20 05:46