ansible-openwisp2-imagegenerator

[Xavier Maysonnave]

Hi All,

I started to experiment the image generator following the Readme.md and faces some questions :

1 - in the hosts file I specified an IP address instead of 'mycompiler.mydomain.com'

However in the playbook.yml file at the beginning there is :

- hosts: your_host_here

I assume we need also to reference 'mycompiler.mydomain.com'

That way we can organize multiple compiler servers if needed ?

2 - I don't understand how the root_password is encrypted as I do not see any salt in the playbook.yml except the one described in the luci_openwisp entry.

3 - Is there somewhere an exhaustive list of variables we can use, it's a little bit magic for me :-)

Thanks.

[Federico Capoano]

Hey, 

See inline replies

Il sab 28 gen 2017, 12:14 Xavier Maysonnave <x.mays...@gmail.com> ha scritto:

Hi All,

I started to experiment the image generator following the Readme.md and faces some questions :

1 - in the hosts file I specified an IP address instead of 'mycompiler.mydomain.com'

However in the playbook.yml file at the beginning there is :

- hosts: your_host_here

I assume we need also to reference 'mycompiler.mydomain.com'

That way we can organize multiple compiler servers if needed ?

You can use an ip in the host file, but you have to give it a name that then you reference to in the YAML file.

Yes you can setup multiple builders, and you can do a lot more. Consult the ansible documentation if in doubt, it is very complete.

2 - I don't understand how the root_password is encrypted as I do not see any salt in the playbook.yml except the one described in the luci_openwisp entry.

I use the passwd command on an openwrt test router, copy the entire hash and salt from /etc/shadow and I put itin the yaml.

Try this way. I'd like to make it simpler in the future though.

3 - Is there somewhere an exhaustive list of variables we can use, it's a little bit magic for me :-)

Eheh. Yeah there are many variables and I couldn't find the time to document all of them. Try to take a look at the default.yml linked in the README, if in doubt, ask here, you will give me motivation to improve the docs.

Thanks for your feedback.

[Xavier Maysonnave]

Hi Federico,

Thanks for your clarification.

1 - I successfully managed how to work with the hosts file and the playbook.yml

2 - I was asking about a variables list because I was wondering whether or not a root_password_salt exists.

However I understand and will try your trick for the time being.

Xavier

[Federico Capoano]

Hi Xavier,

On Tue, Jan 31, 2017 at 4:24 AM Xavier Maysonnave <x.mays...@gmail.com> wrote:

1 - I successfully managed how to work with the hosts file and the playbook.yml

 

Great news!

2 - I was asking about a variables list because I was wondering whether or not a root_password_salt exists.

However I understand and will try your trick for the time being.

The example in the README is:

root_password: "$1$8YoE5Fl2$N49pL.Pa.6/fZ/E/f/afw/"  # encrypted version of "myPassword"

8YoE5Fl2 is the salt, and N49pL.Pa.6/fZ/E/f/afw/ is the password.

Yea, pretty cumbersome, I found out it's easy to generate the encrypted password to put in the /etc/shadow file with python:

>>> import crypt

>>> print(crypt.crypt('myPassword', '$1$8YoE5Fl2$'))

$1$8YoE5Fl2$N49pL.Pa.6/fZ/E/f/afw/

I opened a new issue here: https://github.com/openwisp/ansible-openwisp2-imagegenerator/issues/4 

You can also remove the root_password element if you like, in that case the generated images will have no default password and you will have to set the password manually on each one. It depends if you intend to manage all the devices yourself or let each user of your community manage his/her own device.

Regarding the default variables, those variables and their respective default values are listed here:

https://github.com/openwisp/ansible-openwisp2-imagegenerator/blob/master/defaults/main.yml

There are some comments that try to explain the purpose of each variable but I am aware that the process is complex and its documentation will need to be improved.

Hopefully I'll be able to do that incrementally over time.

Federico

[Xavier Maysonnave]

Hi Federico,

I've already checked that file but I haven't found any root_password informations in that one.

Anyway your clarifications are very welcome and I thing I can manage that properly.

My first build crashed and then I need to investigate why. I attached the log file in case it helps.

Thanks

Le samedi 28 janvier 2017 16:44:32 UTC+5:30, Xavier Maysonnave a écrit :

[Xavier Maysonnave]

Hi All,

I made a little step further and found the following errors:

checking whether mknod can create fifo without root privileges... configure: error: in `/work/openwisp2/build/openwisp2-firmware-source/build_dir/host/tar-1.28':
configure: error: you should not run configure as root (set FORCE_UNSAFE_CONFIGURE=1 in environment to bypass this check)
See `config.log' for more details                          
Makefile:30: recipe for target '/work/openwisp2/build/openwisp2-firmware-source/build_dir/host/tar-1.28/.configured' failed
make[3]: *** [/work/openwisp2/build/openwisp2-firmware-source/build_dir/host/tar-1.28/.configured] Error 1

I was a little surprised to see that the generator needed to sudo while building. in the source directory everything belongs to root. While sudoing could be necessary at some steps I was expecting some specific user:group to do the job.

Is there a way to ensure that the build process is done with a dedicated user:group ?

Thanks

Le samedi 28 janvier 2017 16:44:32 UTC+5:30, Xavier Maysonnave a écrit :

[Federico Capoano]

Run the playbook with that user with -u <user>, if the user doesn't have sudo privileges just run the last 3 steps by passing -t compile,generator,build

The sudo privileges are needed to run "apt-get install" of the dependencies needed to compile, but compilation cannot be executed as root.

--
You received this message because you are subscribed to the Google Groups "OpenWISP" group.
To unsubscribe from this group and stop receiving emails from it, send an email to openwisp+u...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Xavier Maysonnave]

Hi Federico,

the user I use have sudo rights. The source directory contains the source firmware but everything belongs to root not to the user I specified.

In the source directory you have a ./logs/tools/tar directory who contains a compile.txt here attached. Still complaining about root.

I also include the playbook.yml I use and the main.yml from /etc/ansible/roles/openwisp.openwisp2-imagegenerator

Here is also the command lines I used :

ansible-playbook -v -i hosts playbook.yml -u xavier -k -e "recompile=1 cores=4" -t compile,generator,build

or

ansible-playbook -v -i hosts playbook.yml -u xavier -k --ask-become-pass -e "recompile=1 cores=4"

Thanks.

Le samedi 28 janvier 2017 16:44:32 UTC+5:30, Xavier Maysonnave a écrit :

[Federico Capoano]

Try deleting the 3 directories:

/work/openwisp2/build/openwisp2-firmware-source

/work/openwisp2/build/openwisp2-firmware-generator

/work/openwisp2/build/openwisp2-firmware-builds

Those have been created as root and may be giving you problems.

Federico

[Xavier Maysonnave]

Hi Federico,

I made some progress. I made a mistake in my playbook.yml with the become: yes directive, by doing so everything belonged to root.

Removing this directive was the trick. Now I use the following command :

ansible-playbook -v -i hosts playbook.yml -u xavier -k --ask-become-pass -e "recompile=1 cores=4"

with the following playbook.yml:

# playbook.yml
- hosts: firmware 

 #become: yes <- do not do that...
 become_method: sudo
 roles:
   - openwisp.openwisp2-imagegenerator
 vars:
   openwisp2fw_source_dir: /work/openwisp2/build/openwisp2-firmware-source
   openwisp2fw_generator_dir: /work/openwisp2/build/openwisp2-firmware-generator
   openwisp2fw_bin_dir: /work/openwisp2/build/openwisp2-firmware-builds
   openwisp2fw_organizations:
     - name: org # name of the org
       flavours: # supported flavours
         - standard
       luci_openwisp: # /etc/config/luci_openwisp
         # other config keys can be added freely
         username: "operator"
         # "password" string encrypted
         password: "$1$openwisp$iQpdG2IrO4lya98cODuUB/"
         salt: "openwisp"
       openwisp: # /etc/config/openwisp
         # other config keys can be added freely
         url: "https://my-openwisp2-instance.com"
         shared_secret: "my-openwisp2-secret"
         unmanaged: "{{ openwisp2fw_default_unmanaged }}"
       # encrypted password that will be put in /etc/shadow

       root_password: "$1$8YoE5Fl2$N49pL.Pa.6/fZ/E/f/afw/"  # encrypted version of "myPassword"

The process is still crashing and got the logs from: /work/openwisp2/build/openwisp2-firmware-source/logs/tools/mkimage/compile.txt

/work/openwisp2/build/openwisp2-firmware-source/build_dir/host/u-boot-2014.10/lib/rsa/rsa-sign.c:279:21: error: dereferencing pointer to incomplete type 'RSA {aka struct rsa_st}'

  if (BN_num_bits(key->e) > 64)

                     ^~

scripts/Makefile.host:134: recipe for target 'tools/lib/rsa/rsa-sign.o' failed

make[5]: *** [tools/lib/rsa/rsa-sign.o] Error 1

Makefile:1195: recipe for target 'tools-only' failed

make[4]: *** [tools-only] Error 2

make[4]: Leaving directory '/work/openwisp2/build/openwisp2-firmware-source/build_dir/host/u-boot-2014.10'

Makefile:46: recipe for target '/work/openwisp2/build/openwisp2-firmware-source/build_dir/host/u-boot-2014.10/.built' failed

make[3]: *** [/work/openwisp2/build/openwisp2-firmware-source/build_dir/host/u-boot-2014.10/.built] Error 2

Thanks.

Le samedi 28 janvier 2017 16:44:32 UTC+5:30, Xavier Maysonnave a écrit :

[Federico Capoano]

Argh, this is a classic OpenWRT compilation error.

You could try going in the directory of the OpenWRT source and run "make -j 1 V=s" to get verbose output of the compilation to better understand what's wrong. Google the errors and keep trying, there's also two IRC rooms on freenode for support #openwrt and #lede-dev, you can find me in those rooms as nemesis-ninux.

Here you can see an example of a working playbook using openwisp2-image-generator that is compiling the current stable OpenWRT version (Chaos Calmer - 15.05.1):

https://github.com/ninuxorg/ansible-nnxx/blob/master/firmware.yml

Federico

[Xavier Maysonnave]

Hi Federico,

I switched to the LEDE project as their 17.01.RC1 is out.

I didn't face the previous crash, now I try to build for my real target a GL-MT300A.

I'll provide feedback.

Thanks

Le samedi 28 janvier 2017 16:44:32 UTC+5:30, Xavier Maysonnave a écrit :

[Federico Capoano]

That's great news!

While developing the ansible image generator, I tried setting LEDE as the default but I couldn't compile successfully most of the time so I had to switch back to OpenWRT.

When the LEDE stable will be out, if we like it more than OpenWRT, I'd be happy to switch the image generator to use the new LEDE stable as default.

Federico

[Xavier Maysonnave]

Hi Federico,

I have built a while ago a LEDE firmware for my device a GL-MT300A, I use it as a reference, especially the content of the .config file.

This one contains the following:

CONFIG_TARGET_BOARD="ramips"

CONFIG_TARGET_SUBTARGET="mt7620"

CONFIG_TARGET_PROFILE="DEVICE_gl-mt300a"

My playbook contains the following:

    openwisp2fw_source_archs:

      - ramips

I made many tests but I don't know how to specify the subtarget and the profile ?

Thanks

[Federico Capoano]

Argh, you hit on the same problem I hit a week ago:

https://github.com/openwisp/ansible-openwisp2-imagegenerator/issues/3

It is not possible to specify subtargets and specific profiles yet. I have to implement this.

I was thinking of introducing a new variable that would deprecate the old one, something like:

openwisp2fw_source_targets:

    - board: ar71xx

      subtarget: Generic

      profile: Default

    - board: ramips

      subtarget: ramips_mt7620

      profile: ramips_mt7620_XIAOMI-MIWIFI-MINI

    - board: ramips

      subtarget: ramips_mt7620

      profile: DEVICE_gl-mt300a

The entire process could become more complex, so I have to find the time to test this idea a bit and implement it.

For the moment I think you can workaround this issue in two ways:

1. manual

compile the default target, go in the source directory and proceed manually with a make menuconfig and proceed to select your desired target

2. ugly temporary workaround

you could try using the variable openwisp2fw_source_other_configs in the following way:

# other OpenWRT/LEDE configurations

    openwisp2fw_source_other_configs:

        # busybox

        - CONFIG_BUSYBOX_CUSTOM=y

        - CONFIG_BUSYBOX_CONFIG_FEATURE_EDITING_SAVEHISTORY=y

        - CONFIG_BUSYBOX_CONFIG_FEATURE_EDITING_SAVE_ON_EXIT=y

        - CONFIG_BUSYBOX_CONFIG_FEATURE_REVERSE_SEARCH=y

        - CONFIG_BUSYBOX_CONFIG_FEATURE_VI_UNDO=y

        - CONFIG_BUSYBOX_CONFIG_WATCH=y

        # workaround to avoid conflicts between wpad and wpad-mini

        - "# CONFIG_PACKAGE_wpad-mini is not set"

        # workaround to compile GL-MT300A

        CONFIG_TARGET_SUBTARGET="mt7620"

        CONFIG_TARGET_PROFILE="DEVICE_gl-mt300a"

I am sorry you had to go through all of this to find out about this issue, but now that I know that I'm not the only one facing this issue I will be more motivated to fix it in the short term.

Federico

[Federico Capoano]

Sorry, the syntax in my previous mail was not correct. The following should work:

    # other OpenWRT/LEDE configurations
    openwisp2fw_source_other_configs:
        # busybox
        - CONFIG_BUSYBOX_CUSTOM=y
        - CONFIG_BUSYBOX_CONFIG_FEATURE_EDITING_SAVEHISTORY=y
        - CONFIG_BUSYBOX_CONFIG_FEATURE_EDITING_SAVE_ON_EXIT=y
        - CONFIG_BUSYBOX_CONFIG_FEATURE_REVERSE_SEARCH=y
        - CONFIG_BUSYBOX_CONFIG_FEATURE_VI_UNDO=y
        - CONFIG_BUSYBOX_CONFIG_WATCH=y
        # workaround to avoid conflicts between wpad and wpad-mini
        - "# CONFIG_PACKAGE_wpad-mini is not set"
        # workaround to compile GL-MT300A

        - 'CONFIG_TARGET_SUBTARGET="mt7620"'
        - 'CONFIG_TARGET_PROFILE="DEVICE_gl-mt300a"'

Federico

[Xavier Maysonnave]

Hi Federico,

The new variable make sense, it sounds to me that this the way to go.

The proposed workaround doesn't work for me as the generated .config seems to ignore the following snippet included in my playbook as it always generates a non desired subtarget.

Anyway the workaround breaks the idea of the generator as in that case only one target could be supported.

Thanks for your help and your support.

Thanks

# workaround to avoid conflicts between wpad and wpad-mini
      - "# CONFIG_PACKAGE_wpad-mini is not set"

      - 'CONFIG_TARGET_SUBTARGET="mt7620"'
      - 'CONFIG_TARGET_PROFILE="ramips_mt7620_DEVICE_gl-mt300a"'      
# supported architectures
    openwisp2fw_source_archs:
      - ramips

Here is the generated .config :

#
# Automatically generated file; DO NOT EDIT.
# LEDE Configuration
#
CONFIG_MODULES=y
CONFIG_HAVE_DOT_CONFIG=y
# CONFIG_TARGET_arm64 is not set
# CONFIG_TARGET_sunxi is not set
# CONFIG_TARGET_apm821xx is not set
# CONFIG_TARGET_ath25 is not set
# CONFIG_TARGET_ar71xx is not set
# CONFIG_TARGET_at91 is not set
# CONFIG_TARGET_brcm2708 is not set
# CONFIG_TARGET_bcm53xx is not set
# CONFIG_TARGET_brcm47xx is not set
# CONFIG_TARGET_brcm63xx is not set
# CONFIG_TARGET_cns3xxx is not set
# CONFIG_TARGET_octeon is not set
# CONFIG_TARGET_gemini is not set
# CONFIG_TARGET_mpc85xx is not set
# CONFIG_TARGET_imx6 is not set
# CONFIG_TARGET_mxs is not set
# CONFIG_TARGET_adm8668 is not set
# CONFIG_TARGET_adm5120 is not set
# CONFIG_TARGET_xburst is not set
# CONFIG_TARGET_ixp4xx is not set
# CONFIG_TARGET_lantiq is not set
# CONFIG_TARGET_malta is not set
# CONFIG_TARGET_mvebu is not set
# CONFIG_TARGET_kirkwood is not set
# CONFIG_TARGET_mediatek is not set
CONFIG_TARGET_ramips=y
# CONFIG_TARGET_rb532 is not set
# CONFIG_TARGET_mcs814x is not set
# CONFIG_TARGET_layerscape is not set
# CONFIG_TARGET_oxnas is not set
# CONFIG_TARGET_armvirt is not set
# CONFIG_TARGET_ipq806x is not set
# CONFIG_TARGET_au1000 is not set
# CONFIG_TARGET_arc770 is not set
# CONFIG_TARGET_archs38 is not set
# CONFIG_TARGET_ar7 is not set
# CONFIG_TARGET_omap is not set
# CONFIG_TARGET_uml is not set
# CONFIG_TARGET_zynq is not set
# CONFIG_TARGET_x86 is not set
CONFIG_TARGET_ramips_rt305x=y
# CONFIG_TARGET_ramips_mt7620 is not set
# CONFIG_TARGET_ramips_mt7621 is not set
# CONFIG_TARGET_ramips_mt7628 is not set
# CONFIG_TARGET_ramips_mt7688 is not set
# CONFIG_TARGET_ramips_rt3883 is not set
# CONFIG_TARGET_ramips_rt288x is not set
# CONFIG_TARGET_MULTI_PROFILE is not set
CONFIG_TARGET_ramips_rt305x_Default=y
# CONFIG_TARGET_ramips_rt305x_DEVICE_px-4885-4M is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_px-4885-8M is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_carambola is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_a5-v11 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_w502u is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_freestation5 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_wr6202 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_mr-102n is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_air3gii is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_ALL02393G is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_all0256n-4M is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_all0256n-8M is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_all5002 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_all5003 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_asl26555-8M is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_asl26555-16M is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_atp-52b is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_awapn2403 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_awm002-evb-4M is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_awm002-evb-8M is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_awm003-evb is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_rt-g32-b1 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_rt-n10-plus is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_rt-n13u is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_wl-330n is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_wl-330n3g is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_hw550-3g is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_f5d8235-v2 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_f7c027 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_WHRG300N is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_dap-1350 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_DCS930 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_DCS930LB1 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_dir-300-b1 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_dir-300-b7 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_dir-320-b1 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_dir-600-b1 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_dir-610-a1 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_dir-615-d is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_dir-615-h1 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_dir-620-a1 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_dir-620-d1 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_dwr-512-b is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_wizard8800 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_3g-6200n is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_3g-6200nl is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_esr-9753 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_fonera20n is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_mpr-a1 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_mpr-a2 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_broadway is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_hlk-rm04 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_ht-tm02 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_d105 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_m2m is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_jhr-n805r is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_jhr-n825r is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_jhr-n926r is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_mofi3500-3gn is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_nw718 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_wnce2001 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_bc2 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_wt1520-4M is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_wt1520-8M is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_nixcore-x1-16M is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_nixcore-x1-8M is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_miniembplug is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_miniembwifi is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_psr-680w is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_mzk-dp150n is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_mzk-w300nh2 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_mzk-wdpr is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_ip2202 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_m3 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_m4-4M is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_m4-8M is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_x5 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_x8 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_pwh2004 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_rt5350f-olinuxino is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_rt5350f-olinuxino-evb is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_v22rw-2x2 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_WL-341V3 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_wl-351 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_sl-r7205 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_wcr-150gn is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_tew-714tru is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_rut5xx is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_3g150b is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_3g300m is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_w150m is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_w306r-v20 is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_ur-326n4g is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_ur-336un is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_vocore-16M is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_vocore-8M is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_wizfi630a is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_wr512-3gn-4M is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_wr512-3gn-8M is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_ncs601w is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_xdxrn502j is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_nbg-419n is not set
# CONFIG_TARGET_ramips_rt305x_DEVICE_nbg-419n2 is not set
CONFIG_HAS_SUBTARGETS=y
CONFIG_HAS_DEVICES=y
CONFIG_TARGET_BOARD="ramips"
CONFIG_TARGET_SUBTARGET="rt305x"
CONFIG_TARGET_PROFILE="Default"
CONFIG_TARGET_ARCH_PACKAGES="mipsel_24kc"
CONFIG_DEFAULT_TARGET_OPTIMIZATION="-Os -pipe -mno-branch-likely -mips32r2 -mtune=24kc"

[Federico Capoano]

Next week I'll try to do something about it and let you know how it goes.

Thank you for your feedback.

[Jon Mitchell]

Can anyone confirm that the ansible drive image generator found at the following link can be used to create LEDE based images?

https://github.com/openwisp/ansible-openwisp2-imagegenerator

I have tried setting openwisp2fw_source_repo: "https://git.lede-project.org/source.git" within my working playbook but the compilation did not complete.

The error over flowed the buffer within screen so I was unable to capture error or analyze the source of the problem.

I have successfully created a Designated Driver based image which auto configures against a openwisp2 server which has the zabbix agent packages included. I've tested the image on both a tl-wr1043nd-v3 as well as a gl-ar150.

I am also interested in compiling for ramips as we have a number of Ubiquiti edgerouter x that I would like to manage with the same interface.

Xavier Maysonnave: would you be willing to share your playbook?

[Xavier Maysonnave]

Hi Jon,

The image generator is unable to generate the firmware I want to build on my GL-MT300A. 

My goal is to use the generator to target two devices as a first step.

Federico is aware of the problem and will address soon this issue as stated on the previous post on this thread.

Right now I've successfully generated and flashed the firmware based on LEDE-17.01 RC with the openwisp-config.

As soon as the router will talk to the controller I'll provide some feedback.

I'm quite interrested with your architecture maybe we can open new threads on this forum where one could describe his requirement.

I think it could help Federico to address our various needs.

I try to achieve a Freeradius, multi-role system, monitored, vouchers,...

Right now I would prefer to have a captive portal at the router level.

By the way you can call me Xavier :-)

Cheers

[Federico Capoano]

The issue Xavier is mentioning is: https://github.com/openwisp/ansible-openwisp2-imagegenerator/issues/3

We didn't have that issue because we are using mostly ar71xx and x86 generic.

Federico

[Federico Capoano]

Hey Xavier,

On Thursday, February 9, 2017 at 5:07:58 AM UTC+1, Xavier Maysonnave wrote:

[cut]

 

Right now I've successfully generated and flashed the firmware based on LEDE-17.01 RC with the openwisp-config.

As soon as the router will talk to the controller I'll provide some feedback.

 

Have you encountered a roadblock of some sort? If you successfully generated the firmware and flashed it on a router, the router should be able to connect to openwisp2 almost straightaway.

I'm quite interrested with your architecture maybe we can open new threads on this forum where one could describe his requirement.

I think it could help Federico to address our various needs.

 

Yes, this information is interesting for all the parties involved if we want to create an ecosystem of interoperable tools.

I try to achieve a Freeradius, multi-role system, monitored, vouchers,...

What's a voucher?

Do you use Freeradius as is or do you use some frontend web interface on top of it?

 

Right now I would prefer to have a captive portal at the router level.

 

That's interesting. Can I ask you what type of captive portal software are you using there?

[Xavier Maysonnave]

Hi Federico,

A lot of question in the same mail, let's start :

1 - Right now the router do not contact the controller. I got the following from logread :

Failed to connect to controller during registration: curl exit code 48 who means as far as I found.

CURLE_UNKNOWN_OPTION (48)

     An option passed to libcurl is not recognized/known. Refer to the appropriate documentation. This is most likely a problem in the program that uses libcurl. The error buffer might contain more specific information about which exact option it concerns.

I started to study the openwisp-config code and realized some assumptions like the SSID should LEDE or OpenWrt. I wanted to use my own numbering system.

I defined a default configuration at the controller level with the appropriate MAC address, tested with both OpenWrt and OpenWisp backend, a bit lost here as my backend is LEDE with OpenWisp.

I don't know yet what the purpose of the Configuration key as I defined in the router the shared secret I use in my ansible-openwisp2 playbook shared secret who seems to be different.

2 - The system I want to build will manage pre-paid vouchers for visitors and post-paid for regular users. 

Users will have multi-role that way we can manage accounting at various levels.

3 - Yes I want to use Freeradius, applying the AAA paradigm. I need a web frontend to manage that as well as a monitoring system.

4 - I considered pfSense but it seems to me a little bit overkill to use it only for its captive portal features I would prefer to use coova-chilli at the router level (OpenVPN rather than PPTP).

pfSense seems also a bit difficult or expensive to be hosted on a VPS.

5 - I evaluated Daloradius and Radiusdesk :

- Daloradius is quite easy to deploy but do not target the scale we want to reach

- I like the frontend of Radiusdesk

- anyway OpenWisp use python, as scalability in its DNA, the imagenerator is here to manage multiple targets, it'll will be easier to put in a versioning system and open the gate for a CI integration.

- right now I'm not sure if Django is the way to go as micro-framework like flask seems to be more flexible

Warmly

[Federico Capoano]

Hey Xavier

On Friday, February 10, 2017 at 10:41:00 AM UTC+1, Xavier Maysonnave wrote:

... 

1 - Right now the router do not contact the controller. I got the following from logread :

Failed to connect to controller during registration: curl exit code 48 who means as far as I found.

CURLE_UNKNOWN_OPTION (48)

     An option passed to libcurl is not recognized/known. Refer to the appropriate documentation. This is most likely a problem in the program that uses libcurl. The error buffer might contain more specific information about which exact option it concerns.

 

Weird.

On the firmwares I'm compiling I get the following CURL version: 7.40.0, what about you?

Check this with:

curl --version

Could you paste the contents of /etc/config/openwisp (removing sensitive data)?

Are you compiling from the LEDE RC?

I started to study the openwisp-config code and realized some assumptions like the SSID should LEDE or OpenWrt. I wanted to use my own numbering system.

I'm not following you very well.

 

I defined a default configuration at the controller level with the appropriate MAC address, tested with both OpenWrt and OpenWisp backend, a bit lost here as my backend is LEDE with OpenWisp.

Use the OpenWrt backend, OpenWisp is for OpenWISP-Firmware 1.3 (I'm adding a note to make this more explicit).

 

I don't know yet what the purpose of the Configuration key as I defined in the router the shared secret I use in my ansible-openwisp2 playbook shared secret who seems to be different.

The shared secret is for auto-registration. Once registered, each device has its own uuid and key. See the "Introduction to OpenWISP2" screencast for more information.

 

2 - The system I want to build will manage pre-paid vouchers for visitors and post-paid for regular users. 

Users will have multi-role that way we can manage accounting at various levels.

Ok, thx for the info.

 

3 - Yes I want to use Freeradius, applying the AAA paradigm. I need a web frontend to manage that as well as a monitoring system.

ok

 

4 - I considered pfSense but it seems to me a little bit overkill to use it only for its captive portal features I would prefer to use coova-chilli at the router level (OpenVPN rather than PPTP).

pfSense seems also a bit difficult or expensive to be hosted on a VPS.

 

mm not sure I agree on the expensive claim, but surely it's a different operating system that you need to learn, so if you are used to linux you will want to stick with that.

5 - I evaluated Daloradius and Radiusdesk :

- Daloradius is quite easy to deploy but do not target the scale we want to reach

- I like the frontend of Radiusdesk

- anyway OpenWisp use python, as scalability in its DNA, the imagenerator is here to manage multiple targets, it'll will be easier to put in a versioning system and open the gate for a CI integration.

- right now I'm not sure if Django is the way to go as micro-framework like flask seems to be more flexible

You quite a lot to choose from. The only suggestion I can give you is to pay attention to stability, ecosystem, community and documentation.

Federico

[Xavier Maysonnave]

Hi Federico,

I suggest to open a new thread as this one start to be cluttered and off topic.

Warmly

Le samedi 28 janvier 2017 16:44:32 UTC+5:30, Xavier Maysonnave a écrit :

[Federico Capoano]

Hi all,

we just released a few improvements to ansible-openwisp2-imagegenerator in version 0.3.3:

* we implemented subtargets (the syntax to use in the playbook changed slightly)

* now passwords can be written in cleartext and will be automatically hashed

Now it should be easier to work with, at least we hope so!

Upgrade with:

sudo ansible-galaxy install --force openwisp.openwisp2-imagegenerator

See the updated example playbook.yml.

Federico

[gold...@gmail.com]

Hi Xavier,

a successful make for GL-MT300A
my playbook

Saisissez le code ici...openwisp2fw_source_targets:
            #- system: ar71xx
            #subtarget: generic
            #profile: Default
            #- system: x86
            #subtarget: generic
            #profile: Generic
         - system: ramips
           subtarget: mt7620
           profile: DEVICE_gl-mt300a

here is the error:

fatal: [10.0.0.106]: FAILED! => {
    "changed": true,
    "cmd": [
        "./build-images.sh"
    ],
    "delta": "0:00:00.021893",
    "end": "2017-12-04 13:45:37.171862",
    "failed": true,
    "invocation": {
        "module_args": {
            "_raw_params": "./build-images.sh",
            "_uses_shell": false,
            "chdir": "/root/user/openwisp2-firmware-generator",
            "creates": null,
            "executable": null,
            "removes": null,
            "warn": true
        },
        "module_name": "command"
    },
    "rc": 1,
    "start": "2017-12-04 13:45:37.149969",
    "stderr": "ln: failed to create symbolic link '/root/user/openwisp2-firmware-builds/snakeoil/latest': File exists",
    "stdout": "",
    "stdout_lines": [],
    "warnings": []
}
    to retry, use: --limit @/root/my-openwisp2-firmware-conf/playbook.retry

PLAY RECAP *********************************************************************
10.0.0.106                 : ok=22   changed=17   unreachable=0    failed=1  
Saisissez le code ici...

[Federico Capoano]

Is snakeoil the name of the organization?

[David MISTRETTA]

Yes

    openwisp2fw_organizations:
        - name: snakeoil # name of the org

          flavours: # supported flavours
            - standard
          luci_openwisp: # /etc/config/luci_openwisp
            # other config keys can be added freely
            username: "operator"

If I use, I do not have an error

    openwisp2fw_source_targets:
          - system: ar71xx
            subtarget: generic
            profile: Default
          - system: x86
            subtarget: generic
            profile: Generic

[Federico Capoano]

Try launching the build-images.sh script manually and try to understand which line fails.

If you can find a fix, let us know.

I think the lines that cause the error may be:

https://github.com/openwisp/ansible-openwisp2-imagegenerator/blob/master/templates/build/build-images.sh.jinja2#L46-L49

But I'm not 100% sure.

Federico

[David MISTRETTA]

Hi Frederico

root@openwisp2:~/user/openwisp2-firmware-generator/ramips-mt7620# make image  PROFILE="gl-mt300a" PACKAGES="" FILES="/root/user/openwisp2-firmware-generator/files/snakeoil"
he does not find
Unknown package 'wpad-mini'.
....
....
Collected errors:
 * opkg_install_cmd: Cannot install package wpad-mini.
Makefile:140: recipe for target 'package_install' failed
make[2]: *** [package_install] Error 255
make[2]: Leaving directory '/root/user/openwisp2-firmware-generator/ramips-mt7620'
Makefile:110: recipe for target '_call_image' failed
make[1]: *** [_call_image] Error 2
make[1]: Leaving directory '/root/user/openwisp2-firmware-generator/ramips-mt7620'
Makefile:196: recipe for target 'image' failed
make: *** [image] Error 2

he does not download wpad-mini
I add manually in package
http://downloads.lede-project.org/releases/17.01-SNAPSHOT/packages/mipsel_24kc/base/wpad-mini_2016-12-19-ad02e79d-6_mipsel_24kc.ipk
he has successfully compiled manually


how to add it in my playbook, if it's possible ?

Le lundi 4 décembre 2017 16:20:34 UTC+1, Federico Capoano a écrit :

[Federico Capoano]

the problem is that PACKAGES flag is empty, it should show a series of packages separated by space.

It looks like a bug and unfortunately I don't know how to fix it because I am busy on other fronts right now.

If you could open a bug report at https://github.com/openwisp/ansible-openwisp2-imagegenerator/issues it would be helpful.

If you can't find a fix I suggest to compile manually.

Federico

--