gnunet: use uci-defaults and further break core into components

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2026-04-30 15:38:40 +01:00 · 2016-04-28 03:04:55 +02:00
parent 9227efaa1e
commit ca3dfcfec2
7 changed files with 156 additions and 116 deletions
@@ -1,7 +0,0 @@
-#!/bin/sh
-
-ip link show gnunet-dns 1>/dev/null 2>/dev/null || exit 0
-
-iptables -t mangle -I OUTPUT 1 -p udp -m owner --gid-owner gnunetdns --dport 53 -j ACCEPT
-iptables -t mangle -I OUTPUT 2 -p udp --dport 53 -j MARK --set-mark 136708149
-
@@ -0,0 +1,13 @@
+#!/bin/sh
+
+uci -q get gnunet.namestore || uci set gnunet.namestore=gnunet-config
+uci -q get gnunet.namecache || uci set gnunet.namecache=gnunet-config
+
+uci -q batch <<EOF
+	del gnunet.namestore_flat
+	set gnunet.namestore_flat=gnunet.config
+	set gnunet.namestore_flat.FILENAME=/etc/gnunet/namestore.flat
+	set gnunet.namestore.DATABASE=flat
+	set gnunet.namecache.DATABASE=flat
+	commit gnunet
+EOF
@@ -0,0 +1,50 @@
+#!/bin/sh
+
+uci -q batch <<EOF
+del network.gnunetdns
+set network.gnunetdns=interface
+set network.gnunetdns.ifname='gnunet-dns'
+set network.gnunetdns.proto='gnunet'
+
+del network.gndnsrtt
+set network.gndnsrtt=route
+set network.gndnsrtt.interface='gnunetdns'
+set network.gndnsrtt.table='53'
+set network.gndnsrtt.target='0.0.0.0/0'
+
+del network.gndnsrl
+set network.gndnsrl=rule
+set network.gndnsrl.mark='0x8260035'
+set network.gndnsrl.lookup='53'
+
+commit network
+
+del firewall.gnunetdns
+set firewall.gnunetdns=zone
+set firewall.gnunetdns.name='gnunetdns'
+set firewall.gnunetdns.network='gnunetdns'
+set firewall.gnunetdns.input='ACCEPT'
+set firewall.gnunetdns.output='ACCEPT'
+set firewall.gnunetdns.forward='ACCEPT'
+
+del firewall.gndnsrl
+set firewall.gndnsrl=rule
+set firewall.gndnsrl.name='Mark-local-DNS-for-GNUnet'
+set firewall.gndnsrl.proto='udp'
+set firewall.gndnsrl.dest_port='53'
+set firewall.gndnsrl.extra='-m owner ! --gid-owner gnunetdns'
+set firewall.gndnsrl.target='MARK'
+set firewall.gndnsrl.set_mark='136708149'
+
+del firewall.gndnsrl2
+set firewall.gndnsrl2=rule
+set firewall.gndnsrl2.name='Mark-forwarded-DNS-for-GNUnet'
+set firewall.gndnsrl2.enabled='0'
+set firewall.gndnsrl2.src='*'
+set firewall.gndnsrl2.proto='udp'
+set firewall.gndnsrl2.dest_port='53'
+set firewall.gndnsrl2.target='MARK'
+set firewall.gndnsrl2.set_mark='136708149'
+
+commit firewall
+EOF
@@ -0,0 +1,16 @@
+#!/bin/sh
+
+uci -q get gnunet.namestore || uci set gnunet.namestore=gnunet-config
+uci -q get gnunet.namecache || uci set gnunet.namecache=gnunet-config
+
+uci -q batch <<EOF
+	del gnunet.namestore_sqlite
+	set gnunet.namestore_sqlite=gnunet-config
+	set gnunet.namestore_sqlite.FILENAME=/etc/gnunet/namestore.sqlite
+	set gnunet.namestore.DATABASE=sqlite
+	set gnunet.namecache.DATABASE=sqlite
+	del gnunet.peerstore_sqlite
+	set gnunet.peerstore_sqlite=gnunet-config
+	set gnunet.peerstore_sqlite.FILENAME=/etc/gnunet/peerstore.sqlite
+	commit gnunet
+EOF
@@ -0,0 +1,34 @@
+#!/bin/sh
+
+uci -q batch <<EOF
+del network.gnunetvpn
+set network.gnunetvpn=interface
+set network.gnunetvpn.ifname='vpn-gnunet'
+set network.gnunetvpn.proto='gnunet'
+del network.gnunetexit
+set network.gnunetexit=interface
+set network.gnunetexit.ifname='exit-gnunet'
+set network.gnunetexit.proto='gnunet'
+commit network
+
+del firewall.gnunetvpn
+set firewall.gnunetvpn=zone
+set firewall.gnunetvpn.name='gnunetvpn'
+set firewall.gnunetvpn.network='gnunetvpn'
+set firewall.gnunetvpn.input='ACCEPT'
+set firewall.gnunetvpn.output='ACCEPT'
+set firewall.gnunetvpn.forward='REJECT'
+del firewall.gnunetexit
+set firewall.gnunetexit=zone
+set firewall.gnunetexit.name='gnunetexit'
+set firewall.gnunetexit.network='gnunetexit'
+set firewall.gnunetexit.input='ACCEPT'
+set firewall.gnunetexit.output='ACCEPT'
+set firewall.gnunetexit.forward='REJECT'
+
+del firewall.gnexitfwd
+set firewall.gnexitfwd=forwarding
+set firewall.gnexitfwd.src='gnunetexit'
+set firewall.gnexitfwd.dest='wan'
+commit firewall
+EOF
@@ -48,13 +48,12 @@ prepare_config() {
 		chown gnunet:gnunet /etc/gnunet
 	}

-	# defaults paths
+	# defaults paths for persistent files
 	gnunet-config -c $CONFIGFILE -s PATHS -o GNUNET_CONFIG_HOME -V /etc/gnunet
 	gnunet-config -c $CONFIGFILE -s PEER -o PRIVATE_KEY -V /etc/gnunet/private_key.ecc
 	gnunet-config -c $CONFIGFILE -s identity -o EGODIR -V /etc/gnunet/identity/egos
 	gnunet-config -c $CONFIGFILE -s revocation -o DATABASE -V /etc/gnunet/revocation.dat
 	gnunet-config -c $CONFIGFILE -s nse -o PROOFFILE -V /etc/gnunet/proof.dat
-	gnunet-config -c $CONFIGFILE -s namestore-sqlite -o FILENAME -V /etc/gnunet/namestore.sqlite

 	# enable all installed transport plugins
 	transport_plugins=$(gnunet-config -c $CONFIGFILE -s transport -o PLUGINS)