Browse Source

Move mesh install functions

Otherwise dns lookups fail
Bob Mottram 8 years ago
parent
commit
1089939777
1 changed files with 501 additions and 24 deletions
  1. 501
    24
      src/freedombone-image-customise

+ 501
- 24
src/freedombone-image-customise View File

@@ -394,17 +394,511 @@ atheros_wifi() {
394 394
 	fi
395 395
 }
396 396
 
397
+configure_wifi() {
398
+	if [[ $VARIANT == "mesh" ]]; then
399
+		return
400
+	fi
401
+
402
+	if [ -f $WIFI_NETWORKS_FILE ]; then
403
+		chroot "$rootdir" ${PROJECT_NAME}-wifi -i $WIFI_INTERFACE --networks $WIFI_NETWORKS_FILE
404
+		return
405
+	fi
406
+
407
+	if [[ $WIFI_TYPE != 'none' ]]; then
408
+		if [ ${#WIFI_PASSPHRASE} -lt 2 ]; then
409
+			return
410
+		fi
411
+		chroot "$rootdir" ${PROJECT_NAME}-wifi -i $WIFI_INTERFACE -s $WIFI_SSID -t $WIFI_TYPE -p $WIFI_PASSPHRASE --hotspot $WIFI_HOTSPOT
412
+	else
413
+		chroot "$rootdir" ${PROJECT_NAME}-wifi -i $WIFI_INTERFACE -s $WIFI_SSID -t $WIFI_TYPE --hotspot $WIFI_HOTSPOT
414
+	fi
415
+}
416
+
417
+##############################################################################
418
+# Mesh networking
419
+##############################################################################
420
+
421
+# for mesh installs
422
+TRACKER_PORT=6969
423
+
424
+WIFI_CHANNEL=2
425
+
426
+# B.A.T.M.A.N settings
427
+BATMAN_CELLID='02:BA:00:00:03:01'
428
+WIFI_SSID='mesh'
429
+
430
+rootdir=''
431
+FN=
432
+CHROOT_PREFIX=chroot "$rootdir"
433
+FRIENDS_MIRRORS_SERVER=
434
+
435
+# To avoid confusions these are obtained from the main project file
436
+TOXID_REPO=
437
+TOX_PORT=
438
+TOXCORE_REPO=
439
+TOXIC_REPO=
440
+TOXCORE_COMMIT=
441
+TOXIC_COMMIT=
442
+# These are some default nodes, but you can replace them with trusted nodes
443
+# as you prefer. See https://wiki.tox.im/Nodes
444
+TOX_NODES=
445
+#TOX_NODES=(
446
+#  '192.254.75.102,2607:5600:284::2,33445,951C88B7E75C867418ACDB5D273821372BB5BD652740BCDF623A4FA293E75D2F,Tox RELENG,US'
447
+#  '144.76.60.215,2a01:4f8:191:64d6::1,33445,04119E835DF3E78BACF0F84235B300546AF8B936F035185E2A8E9E0A67C8924F,sonOfRa,DE'
448
+#)
449
+
450
+# To avoid confusions these are obtained from the main project file
451
+ZERONET_REPO=
452
+ZERONET_COMMIT=
453
+ZERONET_PORT=
454
+
455
+# Directory where source code is downloaded and compiled
456
+INSTALL_DIR=$HOME/build
457
+
458
+function mesh_avahi {
459
+	chroot "$rootdir" apt-get -y install avahi-utils avahi-autoipd avahi-dnsconfd
460
+
461
+	decarray=( 1 2 3 4 5 6 7 8 9 0 )
462
+	PEER_ID=${decarray[$RANDOM%10]}${decarray[$RANDOM%10]}${decarray[$RANDOM%10]}${decarray[$RANDOM%10]}${decarray[$RANDOM%10]}${decarray[$RANDOM%10]}${decarray[$RANDOM%10]}${decarray[$RANDOM%10]}
463
+	sed -i "s|#host-name=.*|host-name=P$PEER_ID|g" $rootdir/etc/avahi/avahi-daemon.conf
464
+
465
+	if [ ! -d $rootdir/etc/avahi/services ]; then
466
+		mkdir -p $rootdir/etc/avahi/services
467
+	fi
468
+
469
+	# remove an avahi service which isn't used
470
+	if [ -f $rootdir/etc/avahi/services/udisks.service ]; then
471
+		rm $rootdir/etc/avahi/services/udisks.service
472
+	fi
473
+
474
+	# Add an ssh service
475
+	echo '<?xml version="1.0" standalone="no"?><!--*-nxml-*-->' > $rootdir/etc/avahi/services/ssh.service
476
+	echo '<!DOCTYPE service-group SYSTEM "avahi-service.dtd">' >> $rootdir/etc/avahi/services/ssh.service
477
+	echo '<service-group>' >> $rootdir/etc/avahi/services/ssh.service
478
+	echo '  <name replace-wildcards="yes">%h SSH</name>' >> $rootdir/etc/avahi/services/ssh.service
479
+	echo '  <service>' >> $rootdir/etc/avahi/services/ssh.service
480
+	echo '    <type>_ssh._tcp</type>' >> $rootdir/etc/avahi/services/ssh.service
481
+	echo "    <port>$SSH_PORT</port>" >> $rootdir/etc/avahi/services/ssh.service
482
+	echo '  </service>' >> $rootdir/etc/avahi/services/ssh.service
483
+	echo '</service-group>' >> $rootdir/etc/avahi/services/ssh.service
484
+
485
+	# keep the daemon running
486
+	WATCHDOG_SCRIPT_NAME="keepon"
487
+	echo '' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
488
+	echo '# keep avahi daemon running' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
489
+	echo 'AVAHI_RUNNING=$(pgrep avahi-daemon > /dev/null && echo Running)' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
490
+	echo 'if [ ! $AVAHI_RUNNING ]; then' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
491
+	echo '  systemctl start avahi-daemon' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
492
+	echo '  echo -n $CURRENT_DATE >> $LOGFILE' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
493
+	echo '  echo " Avahi daemon restarted" >> $LOGFILE' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
494
+	echo 'fi' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
495
+	chmod +x $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
496
+}
497
+
498
+function mesh_batman {
499
+	chroot "$rootdir" apt-get -y install iproute bridge-utils libnetfilter-conntrack3 batctl
500
+	chroot "$rootdir" apt-get -y install python-dev libevent-dev ebtables python-pip git
501
+	chroot "$rootdir" apt-get -y install wireless-tools rfkill
502
+
503
+	if ! grep -q "batman_adv" $rootdir/etc/modules; then
504
+		echo 'batman_adv' >> $rootdir/etc/modules
505
+	fi
506
+
507
+	BATMAN_SCRIPT=$rootdir/var/lib/batman
508
+
509
+	if [ -f /usr/local/bin/${PROJECT_NAME}-mesh-batman ]; then
510
+		cp /usr/local/bin/${PROJECT_NAME}-mesh-batman $BATMAN_SCRIPT
511
+	else
512
+		cp /usr/bin/${PROJECT_NAME}-mesh-batman $BATMAN_SCRIPT
513
+	fi
514
+
515
+	BATMAN_DAEMON=$rootdir/etc/systemd/system/batman.service
516
+	echo '[Unit]' > $BATMAN_DAEMON
517
+	echo 'Description=B.A.T.M.A.N. Advanced' >> $BATMAN_DAEMON
518
+	echo '' >> $BATMAN_DAEMON
519
+	echo '[Service]' >> $BATMAN_DAEMON
520
+	echo 'Type=oneshot' >> $BATMAN_DAEMON
521
+	echo "ExecStart=/var/lib/batman start" >> $BATMAN_DAEMON
522
+	echo "ExecStop=/var/lib/batman stop" >> $BATMAN_DAEMON
523
+	echo 'RemainAfterExit=yes' >> $BATMAN_DAEMON
524
+	echo '' >> $BATMAN_DAEMON
525
+	echo '# Allow time for the server to start/stop' >> $BATMAN_DAEMON
526
+	echo 'TimeoutSec=300' >> $BATMAN_DAEMON
527
+	echo '' >> $BATMAN_DAEMON
528
+	echo '[Install]' >> $BATMAN_DAEMON
529
+	echo 'WantedBy=multi-user.target' >> $BATMAN_DAEMON
530
+	chroot "$rootdir" systemctl enable batman
531
+}
532
+
533
+function mesh_firewall {
534
+	FIREWALL_FILENAME=${rootdir}/etc/systemd/system/meshfirewall.service
535
+	MESH_FIREWALL_SCRIPT=${rootdir}/usr/bin/mesh-firewall
536
+
537
+	echo '#!/bin/bash' > $MESH_FIREWALL_SCRIPT
538
+	echo 'iptables -P INPUT ACCEPT' >> $MESH_FIREWALL_SCRIPT
539
+	echo 'ip6tables -P INPUT ACCEPT' >> $MESH_FIREWALL_SCRIPT
540
+	echo 'iptables -F' >> $MESH_FIREWALL_SCRIPT
541
+	echo 'ip6tables -F' >> $MESH_FIREWALL_SCRIPT
542
+	echo 'iptables -t nat -F' >> $MESH_FIREWALL_SCRIPT
543
+	echo 'ip6tables -t nat -F' >> $MESH_FIREWALL_SCRIPT
544
+	echo 'iptables -X' >> $MESH_FIREWALL_SCRIPT
545
+	echo 'ip6tables -X' >> $MESH_FIREWALL_SCRIPT
546
+	echo 'iptables -P INPUT DROP' >> $MESH_FIREWALL_SCRIPT
547
+	echo 'ip6tables -P INPUT DROP' >> $MESH_FIREWALL_SCRIPT
548
+	echo 'iptables -A INPUT -i lo -j ACCEPT' >> $MESH_FIREWALL_SCRIPT
549
+	echo 'iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT' >> $MESH_FIREWALL_SCRIPT
550
+	echo '' >> $MESH_FIREWALL_SCRIPT
551
+	echo '# Make sure incoming tcp connections are SYN packets' >> $MESH_FIREWALL_SCRIPT
552
+	echo 'iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP' >> $MESH_FIREWALL_SCRIPT
553
+	echo '' >> $MESH_FIREWALL_SCRIPT
554
+	echo '# Drop packets with incoming fragments' >> $MESH_FIREWALL_SCRIPT
555
+	echo 'iptables -A INPUT -f -j DROP' >> $MESH_FIREWALL_SCRIPT
556
+	echo '' >> $MESH_FIREWALL_SCRIPT
557
+	echo '# Drop bogons' >> $MESH_FIREWALL_SCRIPT
558
+	echo 'iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP' >> $MESH_FIREWALL_SCRIPT
559
+	echo 'iptables -A INPUT -p tcp --tcp-flags ALL FIN,PSH,URG -j DROP' >> $MESH_FIREWALL_SCRIPT
560
+	echo 'iptables -A INPUT -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j DROP' >> $MESH_FIREWALL_SCRIPT
561
+	echo '' >> $MESH_FIREWALL_SCRIPT
562
+	echo '# Incoming malformed NULL packets:' >> $MESH_FIREWALL_SCRIPT
563
+	echo 'iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP' >> $MESH_FIREWALL_SCRIPT
564
+	echo '' >> $MESH_FIREWALL_SCRIPT
565
+	echo "iptables -A INPUT -p tcp --dport $TOX_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
566
+	echo "iptables -A INPUT -i $WIFI_INTERFACE -p udp --dport $ZERONET_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
567
+	echo "iptables -A INPUT -i $WIFI_INTERFACE -p tcp --dport $ZERONET_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
568
+	echo "iptables -A INPUT -i $WIFI_INTERFACE -p udp --dport $TRACKER_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
569
+	echo "iptables -A INPUT -i $WIFI_INTERFACE -p tcp --dport $TRACKER_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
570
+	echo "iptables -A INPUT -i $WIFI_INTERFACE -p udp --dport 1900 -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
571
+	chmod +x $MESH_FIREWALL_SCRIPT
572
+
573
+	echo '[Unit]' > $FIREWALL_FILENAME
574
+	echo 'Description=Mesh Firewall' >> $FIREWALL_FILENAME
575
+	echo '' >> $FIREWALL_FILENAME
576
+	echo '[Service]' >> $FIREWALL_FILENAME
577
+	echo 'Type=oneshot' >> $FIREWALL_FILENAME
578
+	echo 'ExecStart=/usr/bin/mesh-firewall' >> $FIREWALL_FILENAME
579
+	echo 'RemainAfterExit=no' >> $FIREWALL_FILENAME
580
+	echo '' >> $FIREWALL_FILENAME
581
+	echo 'TimeoutSec=30' >> $FIREWALL_FILENAME
582
+	echo '' >> $FIREWALL_FILENAME
583
+	echo '[Install]' >> $FIREWALL_FILENAME
584
+	echo 'WantedBy=multi-user.target' >> $FIREWALL_FILENAME
585
+	chroot "$rootdir" systemctl enable meshfirewall
586
+}
587
+
588
+function mesh_tox_node {
589
+	# obtain commits from the main file
590
+	if [ -f /usr/local/bin/${PROJECT_NAME} ]; then
591
+		TOXCORE_COMMIT_MAIN=$(cat /usr/local/bin/${PROJECT_NAME} | grep "TOXCORE_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
592
+	else
593
+		TOXCORE_COMMIT_MAIN=$(cat /usr/bin/${PROJECT_NAME} | grep "TOXCORE_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
594
+	fi
595
+	if [ ${#TOXCORE_COMMIT_MAIN} -gt 10 ]; then
596
+		TOXCORE_COMMIT=$TOXCORE_COMMIT_MAIN
597
+	fi
598
+	if [ ! $TOXCORE_COMMIT ]; then
599
+		echo $'No Tox commit was specified'
600
+		exit 76325
601
+	fi
602
+
603
+	if [ -f /usr/local/bin/${PROJECT_NAME} ]; then
604
+		TOXID_REPO_MAIN=$(cat /usr/local/bin/${PROJECT_NAME} | grep "TOXID_REPO=" | head -n 1 | awk -F '"' '{print $2}')
605
+	else
606
+		TOXID_REPO_MAIN=$(cat /usr/bin/${PROJECT_NAME} | grep "TOXID_REPO=" | head -n 1 | awk -F '"' '{print $2}')
607
+	fi
608
+	if [ ${#TOXID_REPO_MAIN} -gt 5 ]; then
609
+		TOXID_REPO=$TOXID_REPO_MAIN
610
+	fi
611
+	if [ ! $TOXID_REPO ]; then
612
+		echo $'No ToxID repo was specified'
613
+		exit 78252
614
+	fi
615
+
616
+	if [ -f /usr/local/bin/${PROJECT_NAME} ]; then
617
+		TOX_PORT_MAIN=$(cat /usr/local/bin/${PROJECT_NAME} | grep "TOX_PORT=" | head -n 1 | awk -F '=' '{print $2}')
618
+	else
619
+		TOX_PORT_MAIN=$(cat /usr/bin/${PROJECT_NAME} | grep "TOX_PORT=" | head -n 1 | awk -F '=' '{print $2}')
620
+	fi
621
+	if [ ${#TOX_PORT_MAIN} -gt 2 ]; then
622
+		TOX_PORT=$TOX_PORT_MAIN
623
+	fi
624
+	if [ ! $TOX_PORT ]; then
625
+		echo $'No Tox port was specified'
626
+		exit 32856
627
+	fi
628
+
629
+	if [ -f /usr/local/bin/${PROJECT_NAME} ]; then
630
+		TOXCORE_REPO_MAIN=$(cat /usr/local/bin/${PROJECT_NAME} | grep "TOXCORE_REPO=" | head -n 1 | awk -F '"' '{print $2}')
631
+	else
632
+		TOXCORE_REPO_MAIN=$(cat /usr/bin/${PROJECT_NAME} | grep "TOXCORE_REPO=" | head -n 1 | awk -F '"' '{print $2}')
633
+	fi
634
+	if [ ${#TOXCORE_REPO_MAIN} -gt 10 ]; then
635
+		TOXCORE_REPO=$TOXCORE_REPO_MAIN
636
+	fi
637
+	if [ ! $TOXCORE_REPO ]; then
638
+		echo $'No Tox repo was specified'
639
+		exit 16865
640
+	fi
641
+
642
+	chroot "$rootdir" apt-get -y install build-essential libtool autotools-dev
643
+	chroot "$rootdir" apt-get -y install automake checkinstall check git yasm
644
+	chroot "$rootdir" apt-get -y install libsodium13 libsodium-dev libcap2-bin
645
+	chroot "$rootdir" apt-get -y install libconfig9 libconfig-dev
646
+
647
+	chroot "$rootdir" git clone $TOXCORE_REPO $INSTALL_DIR/toxcore
648
+	chroot "$rootdir" cd $INSTALL_DIR/toxcore; git checkout $TOXCORE_COMMIT -b $TOXCORE_COMMIT
649
+
650
+	chroot "$rootdir" cd $INSTALL_DIR/toxcore; autoreconf -i
651
+	chroot "$rootdir" cd $INSTALL_DIR/toxcore; ./configure --enable-daemon --disable-av
652
+	if [ ! "$?" = "0" ]; then
653
+		return
654
+	fi
655
+	chroot "$rootdir" cd $INSTALL_DIR/toxcore; make
656
+	if [ ! "$?" = "0" ]; then
657
+		return
658
+	fi
659
+	chroot "$rootdir" cd $INSTALL_DIR/toxcore; make install
660
+	chroot "$rootdir" cp /usr/local/lib/libtoxcore* /usr/lib/
661
+
662
+	if [ ! -f $rootdir/usr/local/bin/tox-bootstrapd ]; then
663
+		echo $"File not found /usr/local/bin/tox-bootstrapd"
664
+		return
665
+	fi
666
+
667
+	chroot "$rootdir" useradd --home-dir /var/lib/tox-bootstrapd --create-home --system --shell /sbin/nologin --comment $"Account to run Tox's DHT bootstrap daemon" --user-group tox-bootstrapd
668
+	chroot "$rootdir" chmod 700 /var/lib/tox-bootstrapd
669
+	if [ ! -f $rootdir/$INSTALL_DIR/toxcore/other/bootstrap_daemon/tox-bootstrapd.conf ]; then
670
+		echo $"File not found $INSTALL_DIR/toxcore/other/bootstrap_daemon/tox-bootstrapd.conf"
671
+	fi
672
+	# remove Maildir
673
+	if [ -d $rootdir/var/lib/tox-bootstrapd/Maildir ]; then
674
+		rm -rf $rootdir/var/lib/tox-bootstrapd/Maildir
675
+	fi
676
+
677
+	# create configuration file
678
+	TOX_BOOTSTRAP_CONFIG=${rootdir}/etc/tox-bootstrapd.conf
679
+	echo "port = $TOX_PORT" > $TOX_BOOTSTRAP_CONFIG
680
+	echo 'keys_file_path = "/var/lib/tox-bootstrapd/keys"' >> $TOX_BOOTSTRAP_CONFIG
681
+	echo 'pid_file_path = "/var/run/tox-bootstrapd/tox-bootstrapd.pid"' >> $TOX_BOOTSTRAP_CONFIG
682
+	echo 'enable_ipv6 = true' >> $TOX_BOOTSTRAP_CONFIG
683
+	echo 'enable_ipv4_fallback = true' >> $TOX_BOOTSTRAP_CONFIG
684
+	echo 'enable_lan_discovery = true' >> $TOX_BOOTSTRAP_CONFIG
685
+	echo 'enable_tcp_relay = true' >> $TOX_BOOTSTRAP_CONFIG
686
+	echo "tcp_relay_ports = [443, 3389, $TOX_PORT]" >> $TOX_BOOTSTRAP_CONFIG
687
+	echo 'enable_motd = true' >> $TOX_BOOTSTRAP_CONFIG
688
+	echo 'motd = "tox-bootstrapd"' >> $TOX_BOOTSTRAP_CONFIG
689
+
690
+	if [ $TOX_NODES ]; then
691
+		echo 'bootstrap_nodes = (' >> $TOX_BOOTSTRAP_CONFIG
692
+		toxcount=0
693
+		while [ "x${TOX_NODES[toxcount]}" != "x" ]
694
+		do
695
+			toxval_ipv4=$(echo $TOX_NODES[toxcount] | awk -F ',' '{print $1}')
696
+			toxval_ipv6=$(echo $TOX_NODES[toxcount] | awk -F ',' '{print $2}')
697
+			toxval_port=$(echo $TOX_NODES[toxcount] | awk -F ',' '{print $3}')
698
+			toxval_pubkey=$(echo $TOX_NODES[toxcount] | awk -F ',' '{print $4}')
699
+			toxval_maintainer=$(echo $TOX_NODES[toxcount] | awk -F ',' '{print $5}')
700
+			echo "{ // $toxval_maintainer" >> $TOX_BOOTSTRAP_CONFIG
701
+			if [[ $toxval_ipv6 != 'NONE' ]]; then
702
+				echo "  address = \"$toxval_ipv6\"" >> $TOX_BOOTSTRAP_CONFIG
703
+			else
704
+				echo "  address = \"$toxval_ipv4\"" >> $TOX_BOOTSTRAP_CONFIG
705
+			fi
706
+			echo "  port = $toxval_port" >> $TOX_BOOTSTRAP_CONFIG
707
+			echo "  public_key = \"$toxval_pubkey\"" >> $TOX_BOOTSTRAP_CONFIG
708
+			toxcount=$(( $toxcount + 1 ))
709
+			if [ "x${TOX_NODES[toxcount]}" != "x" ]; then
710
+				echo "}," >> $TOX_BOOTSTRAP_CONFIG
711
+			else
712
+				echo "}" >> $TOX_BOOTSTRAP_CONFIG
713
+			fi
714
+		done
715
+		echo ')' >> $TOX_BOOTSTRAP_CONFIG
716
+	fi
717
+
718
+	if [ ! -f $rootdir/$INSTALL_DIR/toxcore/other/bootstrap_daemon/tox-bootstrapd.service ]; then
719
+		echo $"File not found $INSTALL_DIR/toxcore/other/bootstrap_daemon/tox-bootstrapd.service"
720
+		return
721
+	fi
722
+	cp $rootdir/$INSTALL_DIR/toxcore/other/bootstrap_daemon/tox-bootstrapd.service $rootdir/etc/systemd/system/
723
+	sed -i 's|ExecStart=.*|ExecStart=/usr/local/bin/tox-bootstrapd --config /etc/tox-bootstrapd.conf|g' $rootdir/etc/systemd/system/tox-bootstrapd.service
724
+
725
+	chroot "$rootdir" systemctl daemon-reload
726
+	chroot "$rootdir" systemctl enable tox-bootstrapd.service
727
+}
728
+
729
+function mesh_tox_client {
730
+	if [ -f /usr/local/bin/${PROJECT_NAME} ]; then
731
+		TOXIC_FILE=$(cat /usr/local/bin/${PROJECT_NAME} | grep "TOXIC_FILE=" | head -n 1 | awk -F '=' '{print $2}')
732
+	else
733
+		TOXIC_FILE=$(cat /usr/bin/${PROJECT_NAME} | grep "TOXIC_FILE=" | head -n 1 | awk -F '=' '{print $2}')
734
+	fi
735
+
736
+	# obtain commits from the main file
737
+	if [ -f /usr/local/bin/${PROJECT_NAME} ]; then
738
+		TOXIC_COMMIT_MAIN=$(cat /usr/local/bin/${PROJECT_NAME} | grep "TOXIC_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
739
+	else
740
+		TOXIC_COMMIT_MAIN=$(cat /usr/bin/${PROJECT_NAME} | grep "TOXIC_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
741
+	fi
742
+	if [ ${#TOXIC_COMMIT_MAIN} -gt 10 ]; then
743
+		TOXIC_COMMIT=$TOXIC_COMMIT_MAIN
744
+	fi
745
+
746
+	if [ -f /usr/local/bin/${PROJECT_NAME} ]; then
747
+		TOXIC_REPO_MAIN=$(cat /usr/local/bin/${PROJECT_NAME} | grep "TOXIC_REPO=" | head -n 1 | awk -F '"' '{print $2}')
748
+	else
749
+		TOXIC_REPO_MAIN=$(cat /usr/bin/${PROJECT_NAME} | grep "TOXIC_REPO=" | head -n 1 | awk -F '"' '{print $2}')
750
+	fi
751
+	if [ ${#TOXIC_REPO_MAIN} -gt 5 ]; then
752
+		TOXIC_REPO=$TOXIC_REPO_MAIN
753
+	fi
754
+
755
+	chroot "$rootdir" apt-get -y install libncursesw5-dev libconfig-dev libqrencode-dev
756
+	chroot "$rootdir" apt-get -y install libcurl4-openssl-dev libvpx-dev libopenal-dev
757
+
758
+	if [ ! -f $rootdir$INSTALL_DIR ]; then
759
+		mkdir -p $rootdir$INSTALL_DIR
760
+	fi
761
+	chroot "$rootdir" git clone $TOXIC_REPO $INSTALL_DIR/toxic
762
+	chroot "$rootdir" cd $INSTALL_DIR/toxic; git checkout $TOXIC_COMMIT -b $TOXIC_COMMIT
763
+	if ! grep -q "Toxic commit" $rootdir$COMPLETION_FILE; then
764
+		echo "Toxic commit:$TOXIC_COMMIT" >> $rootdir$COMPLETION_FILE
765
+	else
766
+		sed -i "s|Toxic commit.*|Toxic commit:$TOXIC_COMMIT|g" $rootdir$COMPLETION_FILE
767
+	fi
768
+
769
+	chroot "$rootdir" cd $INSTALL_DIR/toxic; make
770
+	if [ ! -f $INSTALL_DIR/toxic/build/toxic ]; then
771
+		exit 74872
772
+	fi
773
+	chroot "$rootdir" cd $INSTALL_DIR/toxic; make install
774
+	if [ ! -f $TOXIC_FILE ]; then
775
+		echo $'Tox client was not installed'
776
+		exit 63278
777
+	fi
778
+}
779
+
780
+function mesh_zeronet {
781
+	# obtain commits from the main file
782
+	if [ -f /usr/local/bin/${PROJECT_NAME} ]; then
783
+		ZERONET_COMMIT_MAIN=$(cat /usr/local/bin/${PROJECT_NAME} | grep "ZERONET_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
784
+	else
785
+		ZERONET_COMMIT_MAIN=$(cat /usr/bin/${PROJECT_NAME} | grep "ZERONET_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
786
+	fi
787
+	if [ ${#ZERONET_COMMIT_MAIN} -gt 10 ]; then
788
+		ZERONET_COMMIT=$ZERONET_COMMIT_MAIN
789
+	fi
790
+	if [ ! $ZERONET_COMMIT ]; then
791
+		echo $'No Tox commit was specified'
792
+		exit 37046
793
+	fi
794
+
795
+	if [ -f /usr/local/bin/${PROJECT_NAME} ]; then
796
+		ZERONET_REPO_MAIN=$(cat /usr/local/bin/${PROJECT_NAME} | grep "ZERONET_REPO=" | head -n 1 | awk -F '"' '{print $2}')
797
+	else
798
+		ZERONET_REPO_MAIN=$(cat /usr/bin/${PROJECT_NAME} | grep "ZERONET_REPO=" | head -n 1 | awk -F '"' '{print $2}')
799
+	fi
800
+	if [ ${#ZERONET_REPO_MAIN} -gt 5 ]; then
801
+		ZERONET_REPO=$ZERONET_REPO_MAIN
802
+	fi
803
+	if [ ! $ZERONET_REPO ]; then
804
+		echo $'No Tox commit was specified'
805
+		exit 37046
806
+	fi
807
+
808
+	if [ -f /usr/local/bin/${PROJECT_NAME} ]; then
809
+		ZERONET_PORT_MAIN=$(cat /usr/local/bin/${PROJECT_NAME} | grep "ZERONET_PORT=" | head -n 1 | awk -F '=' '{print $2}')
810
+	else
811
+		ZERONET_PORT_MAIN=$(cat /usr/bin/${PROJECT_NAME} | grep "ZERONET_PORT=" | head -n 1 | awk -F '=' '{print $2}')
812
+	fi
813
+	if [ ${#ZERONET_PORT_MAIN} -gt 1 ]; then
814
+		ZERONET_PORT=$ZERONET_PORT_MAIN
815
+	fi
816
+	if [ ! $ZERONET_PORT ]; then
817
+		echo $'No zeronet port was specified'
818
+		exit 67433
819
+	fi
820
+
821
+	chroot "$rootdir" apt-get -y install python python-msgpack python-gevent
822
+	chroot "$rootdir" apt-get -y install python-pip bittornado
823
+	chroot "$rootdir" pip install msgpack-python --upgrade
824
+
825
+	chroot "$rootdir" useradd -d /opt/zeronet/ -s /bin/false zeronet
826
+	git clone $ZERONET_REPO $rootdir/opt/zeronet
827
+	if [ ! -d $rootdir/opt/zeronet ]; then
828
+		echo 'WARNING: Unable to clone zeronet'
829
+		return
830
+	fi
831
+	cd $rootdir/opt/zeronet
832
+	git checkout $ZERONET_COMMIT -b $ZERONET_COMMIT
833
+	if ! grep -q "ZeroNet commit" $COMPLETION_FILE; then
834
+		echo "ZeroNet commit:$ZERONET_COMMIT" >> $rootdir$COMPLETION_FILE
835
+	else
836
+		sed -i "s/ZeroNet commit.*/ZeroNet commit:$ZERONET_COMMIT/g" $COMPLETION_FILE
837
+	fi
838
+	chown -R zeronet:zeronet $rootdir/opt/zeronet
839
+
840
+	# Hack to ensure that the file access port is opened
841
+	# This is because zeronet normally relies on an internet site
842
+	# to do this, but on a purely local mesh the internet isn't available
843
+	sed -i 's|fileserver_port = 0|fileserver_port = config.fileserver_port\n            sys.modules["main"].file_server.port_opened = True|g' $rootdir/opt/zeronet/src/Site/Site.py
844
+
845
+	ZERPNET_DAEMON=$rootdir/etc/systemd/system/zeronet.service
846
+	echo '[Unit]' > $ZERONET_DAEMON
847
+	echo 'Description=Zeronet Server' >> $ZERONET_DAEMON
848
+	echo 'After=syslog.target' >> $ZERONET_DAEMON
849
+	echo 'After=network.target' >> $ZERONET_DAEMON
850
+	echo '[Service]' >> $ZERONET_DAEMON
851
+	echo 'Type=simple' >> $ZERONET_DAEMON
852
+	echo 'User=zeronet' >> $ZERONET_DAEMON
853
+	echo 'Group=zeronet' >> $ZERONET_DAEMON
854
+	echo 'WorkingDirectory=/opt/zeronet' >> $ZERONET_DAEMON
855
+	echo 'ExecStart=/usr/bin/python zeronet.py --ip_external replace.local --trackers_file /opt/zeronet/bootstrap' >> $ZERONET_DAEMON
856
+	echo '' >> $ZERONET_DAEMON
857
+	echo 'TimeoutSec=300' >> $ZERONET_DAEMON
858
+	echo '' >> $ZERONET_DAEMON
859
+	echo '[Install]' >> $ZERONET_DAEMON
860
+	echo 'WantedBy=multi-user.target' >> $ZERONET_DAEMON
861
+
862
+	TRACKER_DAEMON=$rootdir/etc/systemd/system/tracker.service
863
+	echo '[Unit]' > $TRACKER_DAEMON
864
+	echo 'Description=Torrent Tracker' >> $TRACKER_DAEMON
865
+	echo 'After=syslog.target' >> $TRACKER_DAEMON
866
+	echo 'After=network.target' >> $TRACKER_DAEMON
867
+	echo '[Service]' >> $TRACKER_DAEMON
868
+	echo 'Type=simple' >> $TRACKER_DAEMON
869
+	echo 'User=tracker' >> $TRACKER_DAEMON
870
+	echo 'Group=tracker' >> $TRACKER_DAEMON
871
+	echo 'WorkingDirectory=/opt/tracker' >> $TRACKER_DAEMON
872
+	echo "ExecStart=/usr/bin/bttrack --port $TRACKER_PORT --dfile /opt/tracker/dstate --logfile /opt/tracker/tracker.log --nat_check 0 --scrape_allowed full --ipv6_enabled 0" >> $TRACKER_DAEMON
873
+	echo '' >> $TRACKER_DAEMON
874
+	echo 'TimeoutSec=300' >> $TRACKER_DAEMON
875
+	echo '' >> $TRACKER_DAEMON
876
+	echo '[Install]' >> $TRACKER_DAEMON
877
+	echo 'WantedBy=multi-user.target' >> $TRACKER_DAEMON
878
+
879
+	chroot "$rootdir" useradd -d /opt/tracker/ -s /bin/false tracker
880
+	if [ ! -d $rootdir/opt/tracker ]; then
881
+		mkdir $rootdir/opt/tracker
882
+	fi
883
+	chown -R tracker:tracker $rootdir/opt/tracker
884
+
885
+	# publish regularly
886
+	echo "* *     * * *   root    zeronetavahi > /dev/null" >> $rootdir/etc/crontab
887
+
888
+	chroot "$rootdir" systemctl enable tracker.service
889
+	chroot "$rootdir" systemctl enable zeronet.service
890
+}
397 891
 
398 892
 initialise_mesh() {
399 893
 	if [[ $VARIANT != "mesh" || $DEBIAN_INSTALL_ONLY != "no" ]]; then
400 894
 		return
401 895
 	fi
402
-	chroot "$rootdir" freedombone-mesh-install -f firewall
403
-	chroot "$rootdir" freedombone-mesh-install -f avahi
404
-	chroot "$rootdir" freedombone-mesh-install -f batman
405
-	chroot "$rootdir" freedombone-mesh-install -f tox_node
406
-	chroot "$rootdir" freedombone-mesh-install -f tox_client
407
-	chroot "$rootdir" freedombone-mesh-install -f zeronet
896
+	mesh_firewall
897
+	mesh_avahi
898
+	mesh_batman
899
+	mesh_tox_node
900
+	mesh_tox_client
901
+	mesh_zeronet
408 902
 
409 903
 	MESH_SERVICE='mesh-setup.service'
410 904
 	MESH_SETUP_DAEMON=$rootdir/etc/systemd/system/$MESH_SERVICE
@@ -427,25 +921,8 @@ initialise_mesh() {
427 921
 	chroot "$rootdir" systemctl enable $MESH_SERVICE
428 922
 }
429 923
 
430
-configure_wifi() {
431
-	if [[ $VARIANT == "mesh" ]]; then
432
-		return
433
-	fi
434
-
435
-	if [ -f $WIFI_NETWORKS_FILE ]; then
436
-		chroot "$rootdir" ${PROJECT_NAME}-wifi -i $WIFI_INTERFACE --networks $WIFI_NETWORKS_FILE
437
-		return
438
-	fi
924
+##############################################################################
439 925
 
440
-	if [[ $WIFI_TYPE != 'none' ]]; then
441
-		if [ ${#WIFI_PASSPHRASE} -lt 2 ]; then
442
-			return
443
-		fi
444
-		chroot "$rootdir" ${PROJECT_NAME}-wifi -i $WIFI_INTERFACE -s $WIFI_SSID -t $WIFI_TYPE -p $WIFI_PASSPHRASE --hotspot $WIFI_HOTSPOT
445
-	else
446
-		chroot "$rootdir" ${PROJECT_NAME}-wifi -i $WIFI_INTERFACE -s $WIFI_SSID -t $WIFI_TYPE --hotspot $WIFI_HOTSPOT
447
-	fi
448
-}
449 926
 
450 927
 # Set to true/false to control if eatmydata is used during build
451 928
 use_eatmydata=true