123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687 |
- #!/usr/bin/lua
- local site = require 'gluon.site'
- local users = require 'gluon.users'
- local util = require 'gluon.util'
- local fs = require 'nixio.fs'
- local uci = require('simple-uci').cursor()
- uci:section('network', 'interface', 'mesh_vpn', {
- ifname = 'mesh-vpn',
- proto = 'gluon_mesh',
- transitive = true,
- fixed_mtu = true,
- macaddr = util.generate_mac(7),
- mtu = site.mesh_vpn.mtu(),
- })
- uci:save('network')
- if fs.access('/etc/config/gluon-simple-tc') then
- os.rename('/etc/config/gluon-simple-tc', '/etc/config/simple-tc')
- end
- if not uci:get('simple-tc', 'mesh_vpn') then
- uci:section('simple-tc', 'interface', 'mesh_vpn', {
- ifname = 'mesh-vpn',
- enabled = site.mesh_vpn.bandwidth_limit.enabled(false),
- limit_ingress = site.mesh_vpn.bandwidth_limit.ingress(),
- limit_egress = site.mesh_vpn.bandwidth_limit.egress(),
- })
- uci:save('simple-tc')
- end
- -- The previously used user and group are removed, we now have a generic group
- users.remove_user('gluon-fastd')
- users.remove_group('gluon-fastd')
- users.add_group('gluon-mesh-vpn', 800)
- uci:section('firewall', 'include', 'mesh_vpn_dns', {
- type = 'restore',
- path = '/lib/gluon/mesh-vpn/iptables.rules',
- family = 'ipv4',
- })
- uci:save('firewall')
- -- VPN migration
- local has_fastd = fs.access('/lib/gluon/mesh-vpn/fastd')
- local fastd_enabled = uci:get('fastd', 'mesh_vpn', 'enabled')
- local has_tunneldigger = fs.access('/lib/gluon/mesh-vpn/tunneldigger')
- local tunneldigger_enabled = uci:get('tunneldigger', 'mesh_vpn', 'enabled')
- local enabled
- -- If the installed VPN package has its enabled state set, keep the value
- if has_fastd and fastd_enabled then
- enabled = fastd_enabled == '1'
- elseif has_tunneldigger and tunneldigger_enabled then
- enabled = tunneldigger_enabled == '1'
- -- Otherwise, migrate the other package's value if any is set
- elseif fastd_enabled or tunneldigger_enabled then
- enabled = fastd_enabled == '1' or tunneldigger_enabled == '1'
- -- If nothing is set, use the default
- else
- enabled = site.mesh_vpn.enabled(false)
- end
- if has_fastd then
- uci:set('fastd', 'mesh_vpn', 'enabled', enabled)
- else
- uci:delete('fastd', 'mesh_vpn')
- end
- uci:save('fastd')
- if has_tunneldigger then
- uci:set('tunneldigger', 'mesh_vpn', 'enabled', enabled)
- else
- uci:delete('tunneldigger', 'mesh_vpn')
- end
- uci:save('tunneldigger')
|