Merge branch 'new_ffrl_prefix'

* new_ffrl_prefix:
  Add script to recreate/combine manifests, add sign.sh
  Fix syntax error
  Bump release to 0.9.0, disable building x86/ x86-64 (broken atm)
  Update site.conf for new supernodes, switch mesh to 802.11s

Dockerfile

@@ -3,10 +3,11 @@ MAINTAINER Markus Lindenberg <markus@lindenberg.io>
 
 ENV GLUON_SITE ffdo
 ENV GLUON_TAG v2016.1.2
-ENV GLUON_RELEASE 0.8.1
+ENV GLUON_RELEASE 0.9.0
 ENV GLUON_BRANCH stable
 ENV GLUON_BROKEN 1
-ENV GLUON_TARGETS ar71xx-generic ar71xx-nand mpc85xx-generic x86-generic x86-64
+#ENV GLUON_TARGETS ar71xx-generic ar71xx-nand mpc85xx-generic x86-generic x86-64
+ENV GLUON_TARGETS ar71xx-generic ar71xx-nand mpc85xx-generic
 
 ENV DEBIAN_FRONTEND noninteractive
 ENV DEBIAN_PRIORITY critical

manifest.py

@@ -0,0 +1,32 @@
+#!/usr/bin/env python3
+
+import argparse
+import time
+
+parser = argparse.ArgumentParser(description='Combine multiple manifests into a new manifest')
+parser.add_argument('-b', '--branch', default='stable', help='Branch name to set')
+parser.add_argument('-p', '--priority', type=int, default=0, help='Priority to set')
+parser.add_argument('manifest', nargs='+', help='Manifest files to include in output manifest')
+
+def main():
+    args = parser.parse_args()
+    print('BRANCH=%s' % args.branch)
+    offset = time.strftime('%z')
+    print('DATE=%s' % time.strftime('%Y-%m-%d %H:%M:%S') + '%s:%s' % (offset[:-2], offset[3:]))
+    print('PRIORITY=%d' % args.priority)
+    print()
+
+    for manifest in args.manifest:
+        with open(manifest) as mfile:
+            for line in mfile:
+                if '=' in line:
+                    continue
+                l = line.strip()
+                if l != '':
+                    print(l)
+
+
+
+if __name__ == '__main__':
+    main()
+

sign.sh

@@ -0,0 +1,44 @@
+#!/bin/sh
+
+set -e
+
+if [ $# -ne 2 -o "-h" = "$1" -o "--help" = "$1" -o ! -r "$1" -o ! -r "$2" ]; then
+	cat <<EOHELP
+Usage: $0 <secret> <manifest>
+
+sign.sh adds lines to a manifest to indicate the approval
+of the integrity of the firmware as required for automated
+updates. The first argument <secret> references a file harboring
+the private key of a public-private key pair of a developer
+that referenced by its public key in the site configuration.
+The script may be performed multiple times to the same document
+to indicate an approval by multiple developers.
+
+See also
+ * edcsautils on https://github.com/tcatm/ecdsautils
+
+EOHELP
+	exit 1
+fi
+
+SECRET="$1"
+
+manifest="$2"
+upper="$(mktemp)"
+lower="$(mktemp)"
+
+trap 'rm -f "$upper" "$lower"' EXIT
+
+awk 'BEGIN    { sep=0 }
+     /^---$/ { sep=1; next }
+              { if(sep==0) print > "'"$upper"'";
+                else       print > "'"$lower"'"}' \
+    "$manifest"
+
+ecdsasign "$upper" < "$SECRET" >> "$lower"
+
+(
+	cat  "$upper"
+	echo ---
+	cat  "$lower"
+) > "$manifest"

site.conf

@@ -4,7 +4,7 @@
 	site_code = 'ffdo',
 
 	prefix4 = '10.233.0.0/16',
-	prefix6 = '2a03:2260:50:5::/64',
+	prefix6 = '2a03:2260:300a:1000::/64',
 
 	timezone = 'CET-1CEST,M3.5.0,M10.5.0/3', -- Europe/Berlin
 	ntp_servers = {'ntp.services.ffdo.de'},
@@ -22,9 +22,8 @@
 		ap = {
 			ssid = 'Freifunk',
 		},
-		ibss = {
-			ssid = 'wifimesh-dortmund',
-			bssid = '02:ff:d0:09:ff:01',
+		mesh = {
+			id = 'ffdo-mesh-batadv',
 			mcast_rate = 12000,
 		},
 	},
@@ -34,17 +33,16 @@
 		ap = {
 			ssid = 'Freifunk (5GHz)',
 		},
-		ibss = {
-			ssid = 'wifimesh-dortmund5',
-			bssid = '02:ff:d0:09:ff:02',
+		mesh = {
+			id = 'ffdo-mesh-batadv',
 			mcast_rate = 12000,
 		},
 	},
 
 	next_node = {
 		ip4 = '10.233.254.254',
-		ip6 = '2a03:2260:50:5::cafe',
-		mac = '16:41:95:40:f7:dc',
+		ip6 = '2a03:2260:300a:1000::ffd0',
+		mac = '02:ff:d0:09:ff:02',
 	},
 
 	fastd_mesh_vpn = {
@@ -55,20 +53,20 @@
 				limit = 1,
 				peers = {
 					do01100 = {
-						key = '8a334499c905966d48b1cdb01d668b114b17cd6490ead54c6eb5e2d15c1852e4',
-						remotes = {'"snode01-1.ffdo.de" port 10000'},
+						key = '4e3871281764a80fddff41152a24f198d8646f62bd240db8659495bd7f6ef0da',
+						remotes = {'"sn-dtm01.ffdo.de" port 10000'},
 					},
 					do01200 = {
-						key = 'd2de261203853d14389d80ca004c98d6a67c244bfe4096b7a6f36a0a8484c55a',
-						remotes = {'"snode01-2.ffdo.de" port 10000'},
+						key = 'dbf766f9f268ed1b301f4bf77a9665faa696fd9a15b9447247ce12fab6fb6718',
+						remotes = {'"sn-dtm02.ffdo.de" port 10000'},
 					},
 					do02100 = {
-						key = '12b94258d16f864c863f7bab07a77514eddffe3ba01c9d4948bd84a192d28f42',
-						remotes = {'"snode02-1.ffdo.de" port 10000'},
+						key = 'f92dc908adcb99bf55c8de10ee7717e69eacac12bcef559aebc14ea2ec109337',
+						remotes = {'"sn-ber01.ffdo.de" port 10000'},
 					},
 					do02200 = {
-						key = '2a0e055aa71e68f2caf09307e8f8c89c22ec36419fb38e089005cc40687e5187',
-						remotes = {'"snode02-2.ffdo.de" port 10000'},
+						key = 'e6029a94aa2ac28014ea208b30398092c33836f05897e5aa5fa1d8525e35a136',
+						remotes = {'"sn-ber02.ffdo.de" port 10000'},
 					},
 				},
 			},