Add new package gluon-luci-mesh-vpn-fastd

This new package allows enabling or disabling the null method for the
fastd mesh VPN.

package/gluon-luci-mesh-vpn-fastd/Makefile

@@ -0,0 +1,41 @@
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=gluon-luci-mesh-vpn-fastd
+PKG_VERSION:=1
+PKG_RELEASE:=1
+
+PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
+
+include $(GLUONDIR)/include/package.mk
+
+PKG_CONFIG_DEPENDS += $(GLUON_I18N_CONFIG)
+
+define Package/gluon-luci-mesh-vpn-fastd
+  SECTION:=gluon
+  CATEGORY:=Gluon
+  TITLE:=Luci module to enable and disable encryption for the mesh VPN
+  DEPENDS:=+gluon-luci-admin +gluon-mesh-vpn-fastd
+endef
+
+define Build/Prepare
+	mkdir -p $(PKG_BUILD_DIR)
+endef
+
+define Build/Configure
+endef
+
+define Build/Compile
+	$(call GluonBuildI18N,gluon-mesh-vpn-fastd,i18n)
+endef
+
+define Package/gluon-luci-mesh-vpn-fastd/install
+	$(CP) ./files/* $(1)/
+	$(call GluonInstallI18N,gluon-mesh-vpn-fastd,$(1))
+endef
+
+define Package/gluon-luci-mesh-vpn-fastd/postinst
+#!/bin/sh
+$(call GluonCheckSite,check_site.lua)
+endef
+
+$(eval $(call BuildPackage,gluon-luci-mesh-vpn-fastd))

package/gluon-luci-mesh-vpn-fastd/check_site.lua

@@ -0,0 +1,2 @@
+assert(need_boolean('fastd_mesh_vpn.configurable') == true,
+       "site.conf error: expected `fastd_mesh_vpn.configurable' to be true")

package/gluon-luci-mesh-vpn-fastd/files/usr/lib/lua/luci/controller/admin/mesh_vpn_fastd.lua

@@ -0,0 +1,5 @@
+module("luci.controller.admin.mesh_vpn_fastd", package.seeall)
+
+function index()
+  entry({"admin", "mesh_vpn_fastd"}, cbi("admin/mesh_vpn_fastd"), _("Mesh VPN"), 20)
+end

package/gluon-luci-mesh-vpn-fastd/files/usr/lib/lua/luci/model/cbi/admin/mesh_vpn_fastd.lua

@@ -0,0 +1,41 @@
+local uci = luci.model.uci.cursor()
+local util = luci.util
+
+local f = SimpleForm('mesh_vpn', translate('Mesh VPN'))
+f.template = "admin/expertmode"
+
+local s = f:section(SimpleSection)
+
+local o = s:option(Value, 'mode')
+o.template = "gluon/cbi/mesh-vpn-fastd-mode"
+
+local methods = uci:get('fastd', 'mesh_vpn', 'method')
+if util.contains(methods, 'null') then
+  o.default = 'performance'
+else
+  o.default = 'security'
+end
+
+function f.handle(self, state, data)
+  if state == FORM_VALID then
+    local site = require 'gluon.site_config'
+
+    local methods = {}
+    if data.mode == 'performance' then
+      table.insert(methods, 'null')
+    end
+
+    for _, method in ipairs(site.fastd_mesh_vpn.methods) do
+      if method ~= 'null' then
+	table.insert(methods, method)
+      end
+    end
+
+    uci:set('fastd', 'mesh_vpn', 'method', methods)
+
+    uci:save('fastd')
+    uci:commit('fastd')
+  end
+end
+
+return f

package/gluon-luci-mesh-vpn-fastd/files/usr/lib/lua/luci/view/gluon/cbi/mesh-vpn-fastd-mode.htm

@@ -0,0 +1,32 @@
+<div class="cbi-value">
+  <div class="cbi-value-title">
+    <input class="cbi-input-radio" onclick="cbi_d_update(this.id)" onchange="cbi_d_update(this.id)" type="radio" value="security"<%= attr("id", cbid..'1') .. attr("name", cbid) .. ifattr((self:cfgvalue(section) or self.default) == "security", "checked", "checked") %> />
+  </div>
+  <div class="cbi-value-field-long">
+    <label<%= attr("for", cbid..'1') %> class="cbi-value-title"><%:Security mode%></label>
+    <br />
+    <%= translate(
+        'In security mode, the mesh VPN uses an encrypted tunnel to connect to the VPN servers. ' ..
+        'The encryption ensures that it is impossible for your internet access provider to see what ' ..
+        'data is exchanged over your node.'
+    ) %>
+    <br />
+  </div>
+  <div class="cbi-value-field-long-after"></div>
+</div>
+
+<div class="cbi-value cbi-value-last">
+  <div class="cbi-value-title">
+    <input class="cbi-input-radio" onclick="cbi_d_update(this.id)" onchange="cbi_d_update(this.id)" type="radio" value="performance"<%= attr("id", cbid..'2') .. attr("name", cbid) .. ifattr((self:cfgvalue(section) or self.default) == "performance", "checked", "checked") %> />
+  </div>
+  <div class="cbi-value-field-long">
+    <label<%= attr("for", cbid..'2') %> class="cbi-value-title"><%:Performance mode%></label>
+    <br />
+    <%= translate(
+        'In performance mode, no encryption is used. This usually allows for higher throughput, but the data exchanged over your node is not ' ..
+        'protected against eavesdroppers.'
+    ) %>
+    <br />
+  </div>
+  <div class="cbi-value-field-long-after"></div>
+</div>

package/gluon-luci-mesh-vpn-fastd/i18n/de.po

@@ -0,0 +1,38 @@
+msgid ""
+msgstr ""
+"Content-Type: text/plain; charset=UTF-8\n"
+"Project-Id-Version: PACKAGE VERSION\n"
+"PO-Revision-Date: 2015-05-03 20:39+0200\n"
+"Last-Translator:  <mschiffer@universe-factory.net>\n"
+"Language-Team: German\n"
+"Language: de\n"
+"MIME-Version: 1.0\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+msgid ""
+"In performance mode, no encryption is used. This usually allows for higher "
+"throughput, but the data exchanged over your node is not protected against "
+"eavesdroppers."
+msgstr ""
+"Im Modus &bdquo;Hohe Geschwindigkeit&ldquo; wird auf Verschlüsselung verzichtet. "
+"Dies erlaubt häufig eine höhere Bandbreite als mit Verschlüsselung, aber die "
+"Verbindung ist nicht gegen Abhören geschützt."
+
+msgid ""
+"In security mode, the mesh VPN uses an encrypted tunnel to connect to the "
+"VPN servers. The encryption ensures that it is impossible for your internet "
+"access provider to see what data is exchanged over your node."
+msgstr ""
+"Im Modus &bdquo;Hohe Sicherheit&ldquo; wird ein verschlüsselter Tunnel verwendet. "
+"Dies schließt aus, dass dein Internetzugangsprovider herausfinden kann, was für "
+"Daten über deinen Knoten übertragen werden."
+
+msgid "Mesh VPN"
+msgstr "Mesh-VPN"
+
+msgid "Performance mode"
+msgstr "Hohe Geschwindigkeit"
+
+msgid "Security mode"
+msgstr "Hohe Sicherheit"

package/gluon-luci-mesh-vpn-fastd/i18n/gluon-luci-mesh-vpn-fastd.pot

@@ -0,0 +1,23 @@
+msgid ""
+msgstr "Content-Type: text/plain; charset=UTF-8"
+
+msgid ""
+"In performance mode, no encryption is used. This usually allows for higher "
+"throughput, but the data exchanged over your node is not protected against "
+"eavesdroppers."
+msgstr ""
+
+msgid ""
+"In security mode, the mesh VPN uses an encrypted tunnel to connect to the "
+"VPN servers. The encryption ensures that it is impossible for your internet "
+"access provider to see what data is exchanged over your node."
+msgstr ""
+
+msgid "Mesh VPN"
+msgstr ""
+
+msgid "Performance mode"
+msgstr ""
+
+msgid "Security mode"
+msgstr ""