@@ -15,7 +15,7 @@
 readonly _WWW='/www'
 readonly _PWDFILE="/opt/lib/htpasswd"
-readonly _TMP="${_WWW}/tmp"
+readonly _TMP='/tmp'
 readonly _LOG="${_WWW}/log/admin.log"
 readonly _DEBUG=1
 readonly _IFS=$IFS

@@ -0,0 +1,476 @@
+#!/usr/bin/haserl --shell=/bin/bash  --upload-limit=32768 --upload-dir=/www/tmp 
+<%# upload limit: 32Mb %>
+_LOG="${_WWW}/systemupdate.log"  ## safe persistently
+err() {
+  _ERR="$?"
+  [[ "$_ERR" -gt 0 ]] || return 0
+  log "$1"
+  head "${2:='400'}"
+  exit "$_ERR"
+logThis() {
+  [[ "$_DEBUG" -gt 0 ]] || return 0
+  local _TYPE='I:'
+  [[ "$_ERR" -gt 0 ]] && _TYPE='E:'
+  local _TIME; printf -v _TIME '%(%d.%m.%Y %H:%M:%S)T' -1
+  printf '%b\n' "$_TIME  $_TYPE ${@} " >> "$_LOG"
+  [[ "$_DEBUG" -gt 1 ]] && printf '%b\n' "[verbose] $_TYPE ${1}"
+headerPrint() {
+  case "$1" in
+ 200|'') printf '%b' 'HTTP/1.1 200 OK\r\n';;
+    301) printf '%b' "HTTP/1.1 301 Moved Permanently\r\nLocation: $HTTP_REFERER\r\n";;
+    403) printf '%b' 'HTTP/1.1 403 Forbidden\r\n';;
+    405) printf '%b' 'HTTP/1.1 405 Method Not Allowed\r\n';;
+    406) printf '%b' 'HTTP/1.1 406 Not Acceptable\r\n';;
+      *) printf '%b' 'HTTP/1.1 400 Bad Request\r\n';;
+  esac
+  printf '%b' 'Content-Type: text/html\r\n\r\n';
+setQueryVars() {
+  env
+runSuid() {
+  local _SID=$(/usr/bin/ps -p $$ -o sid=)  ## pass session id to the child
+  local _CMD=$@
+  sudo ./suid.sh $_CMD $_SID 2>/dev/null
+getQueryFile() {
+  local _UPLD="${HASERL_fwupload_path##*/}"
+  logThis "'multipart': decoding stream"
+  mv "$_TMP/$_UPLD" "$_TMP/fwupload.bin" 2>/dev/null || _ERR=$?
+  if [[ $_ERR -gt 0 ]]; then
+    showMesg 'Firmware upload has failed' 'Reboot your Superglue server and try again'
+  fi
+validIp() {
+  local _IP=$1
+  local _RET=1
+  if [[ $_IP =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
+    OIFS=$IFS
+    IFS='.'
+    _IP=($_IP)
+    IFS=$OIFS
+    [[ ${_IP[0]} -le 255 && ${_IP[1]} -le 255 && ${_IP[2]} -le 255 && ${_IP[3]} -le 255 ]]
+    _RET=$?
+  fi
+  return $_RET
+pwdChange() {
+  if [[ ! -z "${_pwd##$_pwdd}" ]]; then 
+    _ERR=1
+    showMesg 'Passwords did not match'
+  fi
+  if [[ ${#_pwd} -lt 6 ]]; then
+    _ERR=1
+    showMesg 'Password must be at least 6 characters long'
+  fi
+  runSuid "echo -e \"$_pwd\n$_pwd\" | passwd root"
+  runSuid "echo $(htDigest $_pwd) > $_PWDFILE"
+  _ERR=$?
+  if [[ $_ERR -gt 0 ]]; then
+    showMesg 'Password change failed'
+  else
+    showMesg 'Password is changed'
+  fi
+lanAddr() {
+  logThis "new LAN addr is: $_laddr"
+  validIp $_laddr || showMesg 'Not valid network address'
+  doUci set laddr $_laddr
+  _ERR=$?
+  if [[ $_ERR -gt 0 ]]; then
+    showMesg 'Setting network address failed'
+  else
+    (sleep 1; doUci commit network; doUci commit wireless;)&
+    showMesg 'New network address is set' "Your server is now accessible under <a href='http://superglue.local/admin'>http://superglue.local/admin</a>"
+  fi 
+wanSet() {
+  if [[ ! -z $_wanifname ]]; then
+    ## eth and wlan wan cases are different!
+    ## eth wan requires:
+    ##   config interface 'wan'
+    ##     option ifname 'eth0'
+    ##
+    ##   config wifi-iface
+    ##     option device 'radio0'
+    ##     option network 'wan'     
+    ##     option disabled '1' (or no 'config wifi-iface' section at all)
+    ##
+    ## wlan wan requires:
+    ##   config interface 'wan'
+    ##     option proto 'dhcp'
+    ##     (without 'option ifname' specified!)
+    ##
+    ##    config wifi-iface 
+    ##      option device 'radio0'
+    ##      option network 'wan'
+    logThis "wan.ifname=$_wanifname"
+    if [[ $_wanifname == 'eth0' ]]; then
+      doUci set wanifname $_wanifname
+      doUci set wanwifacedis '1'
+    elif [[ $_wanifname == 'wlan1' ]]; then
+      doUci set wanifname ''
+      doUci set wanwifacedis ''
+    fi
+    if [[ $_wanproto == 'dhcp' ]]; then
+      doUci set wanproto dhcp
+    elif [[ $_wanproto == 'static' ]]; then
+      logThis "wan.ipaddr=$_wanipaddr"
+      doUci set wanproto static
+      doUci set wanipaddr $_wanipaddr
+      doUci set wannetmask $_wannetmask
+    fi
+    if [[ $_wanifname == 'wlan1' ]]; then
+      ssidChange || showMesg 'Wireless changes failed'
+    fi
+    ## background the following
+    doUci commit network &&
+    showMesg 'Internet connection is configured' 'Waiting for device to get ready' ||
+    showMesg 'Configuring Internet connection failed'
+  fi
+  logThis "new WAN iface is: $_wanifname"
+ssidChange() {
+  ## check for iface
+  [[ ! $_iface =~ ^('wan'|'lan')$ ]] && showMesg 'Error changing wireless settings' 'unknown/unconfigured interface'
+  logThis "$_iface is being set"
+  _p=$_iface
+  ## default enc for now
+  local _enc='psk2'
+  if [[ $_iface == 'wan' ]]; then
+    local _mode='sta'
+    local _ssid="${_wanssid}"
+    local _key="${_wankey}"
+  else 
+    local _mode='ap'
+    local _ssid="${_lanssid}"
+    local _key="${_lankey}"
+  fi
+  logThis "ssid: $_ssid [$_mode], key: $_key [$_enc]"
+  logThis $_wanssid
+  if [[ ${#_ssid} -lt 4 ]]; then
+   _ERR=1
+   showMesg 'SSID must be at least 4 characters long'
+  fi
+  doUci set $_p'ssid' "${_ssid}"
+  _ERR=$?
+  [[ $_ERR -gt 0 ]] && showMesg 'New SSID is not set'
+  if [[ -z $_key ]]; then
+    ## if key is empty set encryption to none and remove key
+    doUci set $_p'key' && doUci set $_p'enc' 'none'
+    _ERR=$?
+  else
+    if [[ ${#_key} -lt 8 ]]; then
+     _ERR=1
+      showMesg 'Passphrase must be at least 8 characters long'
+    fi
+    doUci set $_p'key' "${_key}" && doUci set $_p'enc' "${_enc}"
+    _ERR=$?
+    [[ $_ERR -gt 0 ]] && showMesg 'Passphrase is not set'
+  fi
+  [[ $_ERR -gt 0 ]] && return $_ERR  ##showMesg 'Wireless changes failed'
+  doUci commit wireless ##&& showMesg 'Wireless changes applied'
+#showError() {
+#  headerPrint 406
+#  logThis "$@"
+#  echo "ERROR: $@"
+#  exit 1
+showMesg() {
+  logThis "$@"
+  local _MSG=$1
+  local _SUBMSG=$2
+  _MSG=${_MSG:='Not defined'}
+  _SUBMSG=${_SUBMSG:='back to control panel in a second..'}
+  if [[ $_ERR -gt 0 ]]; then
+    local _TYPE='ERROR: '
+    headerPrint 406
+  else
+    local _TYPE='OK: '
+    headerPrint 200
+  fi
+  htmlHead "<meta http-equiv='refresh' content='3;url=${HTTP_REFERER}'>"
+  echo "<body>
+<h1>Superglue system update</h1>
+<h2 style='display:inline'>$_TYPE $_MSG</h2>
+<span style='display:inline; margin-left: 50px;'>$_SUBMSG</span>
+  exit 0
+updateFw() {
+  logThis "updating fw"
+  _FWFILE="${_TMP}/fwupload.bin"
+  logThis "fwfile is: $(ls -lad $_FWFILE)"
+  _OUT="$(/sbin/sysupgrade -T $_FWFILE 2>&1)"
+  _ERR=$?
+  [[ $_ERR -gt 0 ]] && showMesg "$_OUT"
+  _OUT="$(runSuid /sbin/mtd -e firmware -q write $_FWFILE firmware)"
+  _ERR=$?
+  [[ $_ERR -gt 0 ]] && showMesg "update failed, $_OUT"
+  _OUT="$(/sbin/mtd verify $_FWFILE firmware_2>&1)"
+  _ERR=$?
+  [[ $_ERR -gt 0 ]] && showMesg "update check failed, $_OUT"
+  runSuid reboot
+  showMesg 'Firmware update is completed, rebooting..' 'this might take up to 60 seconds'
+rebootNow() {
+  logThis "reboot: now!"
+  runSuid reboot
+  showMesg 'Rebooting..' 'this might take up to 60 seconds'
+doUci() {
+  local _CMD=''
+  local _ARG=''
+  case $1 in
+    get|set|commit) _CMD=$1;;
+          *) logThis 'bad UCI command'; headerPrint 405; echo 'bad UCI command'; exit 1 ;;
+  esac
+  case $2 in
+    lanssid) _ARG='wireless.@wifi-iface[0].ssid';;
+    lanenc) _ARG='wireless.@wifi-iface[0].encryption';;
+    lankey) _ARG='wireless.@wifi-iface[0].key';;
+    lanipaddr) _ARG='network.lan.ipaddr';;
+    wanifname) _ARG='network.wan.ifname';;
+    wanproto) _ARG='network.wan.proto';;
+    wanipaddr) _ARG='network.wan.ipaddr';;
+    wannetmask) _ARG='network.wan.netmask';;
+    wanwifacedis) _ARG='wireless.@wifi-iface[1].disabled';;
+    wanssid) _ARG='wireless.@wifi-iface[1].ssid';;
+    wanenc) _ARG='wireless.@wifi-iface[1].encryption';;
+    wankey) _ARG='wireless.@wifi-iface[1].key';;
+    *) if [[ $_CMD == 'commit' ]]; then
+        _ARG=$2
+       else 
+        logThis "bad UCI entry: $2"
+        _ERR=1
+        showMesg 'bad UCI entry'
+       fi ;;
+  esac
+  if [[ $_CMD == 'get' ]]; then
+    if [ ! -z $_ARG ]; then
+      /sbin/uci -q get $_ARG || return $?
+    fi
+  fi
+  if [[ $_CMD == 'set' ]]; then
+    local _VAL=$3
+    if [ -z $_VAL ]; then
+      logThis "empty $_ARG value, removing record"
+      runSuid /sbin/uci delete $_ARG || ( echo "uci delete $_ARG: error"; exit 1; )
+    fi
+    if [ ! -z $_ARG ]; then
+      logThis "setting $_ARG value"
+      runSuid /sbin/uci set $_ARG=$_VAL || ( echo "uci set $_ARG: error"; exit 1; )
+    fi
+  fi
+  if [[ $_CMD == 'commit' ]]; then
+    runSuid /sbin/uci commit $_ARG|| echo "uci commit $_ARG: error"
+    if [[ "$_ARG" == 'wireless' ]]; then
+      runSuid /sbin/wifi || echo 'wifi: error'
+    fi
+    if [[ "$_ARG" == 'network' ]]; then
+      runSuid /etc/init.d/dnsmasq restart && runSuid /etc/init.d/network restart || echo 'network: error'
+    fi
+  fi
+getStat() {
+  . /usr/share/libubox/jshn.sh
+  local _IFACE=$1
+  local _IFSTAT=$(runSuid ubus call network.interface.wan status 2>/dev/null)
+  logThis "$_IFSTAT"
+  json_get_type _IFSTAT ipv4_address
+  if json_get_type _IFSTAT ipv4_address && [[ "$_IFSTAT" == 'array' ]]; then
+    json_select ipv4_address
+    json_get_type _IFSTAT 1
+    if [[ "$_IFSTAT" == 'object' ]]; then
+      json_select 1
+      json_get_var IP4 address
+      json_get_var Subnet4 mask
+      [[ "$IP4" != '' ]] && [[ "$Subnet4" != '' ]] && IP4="$IP4/$Subnet4"
+    fi
+  fi
+  logThis $IP4
+htmlHead() {
+echo "<!-- obnoxious code below, keep your ports tight -->
+<!doctype html>
+<head><title>SuperGlue | System update</title>
+<link rel='stylesheet' type='text/css' href='http://${HTTP_HOST}/resources/admin/admin.css'>
+if [[ "${REQUEST_METHOD^^}" == "POST" ]]; then
+  [[ $CONTENT_LENGTH -gt 0 ]] || err 'content length is zero, 301 back to referer' '301'
+  case "${CONTENT_TYPE^^}" in 
+                  MULTIPART/FORM-DATA*) getQueryFile;;
+                                     *) _ERR=1; _OUT='this is not a post';;
+  esac
+  case $REQUEST_URI in
+                *pwdchange) pwdChange;;
+               *ssidchange) ssidChange;;
+                  *lanaddr) lanAddr;;
+                 *updatefw) updateFw;;
+                *rebootnow) rebootNow;;
+                      *wan) wanSet;;
+                         *) logThis 'bad action'; headerPrint 405; 
+                            echo 'no such thing'; exit 1;;
+  esac
+headerPrint 200
+## html head
+sgver=$(cat /etc/superglue_version)
+devmod=$(cat /etc/superglue_model)
+openwrt=$(cat /etc/openwrt_version)
+wanifname=$(doUci get wanifname || echo 'wlan0') ## TODO fix this
+wanproto=$(doUci get wanproto)
+wanipaddr=$(doUci get wanipaddr) 
+wannetmask=$(doUci get wannetmask)
+wanssid=$(doUci get wanssid)
+wankey=$(doUci get wankey)
+echo "<body>
+<img src='/resources/images/superglue-logo.png' id='sg-logo'>
+<h2 style='display:inline'>Superglue system update</h2>
+<span style='display:block;'>System version: $sgver | Device: $devmod</span>
+<span style='display:block;'>$(uptime)</span>
+<span class='title2'>Firmware update:</span>
+<p>The main purpose of Superglue <b>system update mode</b> is to ensure smooth and simple upgrades to the latest versions of Superglue firmware (OS) during the period of active project development. These updates help us get rid of the bugs and introduce new features (and sometimes, the other way around)</p>
+<p>Before you begin, please make sure to obtain the latest firmware by visiting our <a href='http://discourse.superglue.it/category/superglue/l/latest' target='_blank'>online users comminuty</a> or directly via the <a href='http://dev.superglue.it/firmware/latest' target='_blank'>Superglue firmware repository</a>.</p>
+<p>Once you are ready, upload the firmware update file using the form below:</p> 
+<form method='post' action='/systemupdate/updatefw' enctype='multipart/form-data' name='fwupdate'>
+<div id='uploadbox'>
+<input id='uploadfile' placeholder='Choose file' disabled='disabled' style='width:400px'>
+<input id='uploadbtn' name='fwupload' type='file'>
+<input type='submit' value='Upload'>
+<p>Configuration options below are optional.<br>Unless you upgrade the current firmware any changes done to the setting will not be saved.</p>
+Internet connection:
+<form method='post' action='/systemupdate/wan' name='wan' onchange='formChange();'>
+  <div style='display:inline-flex'>
+  <div style='display:inline-block;'>
+  <select name='wanifname' id='wanifname' style='display:block'>
+  <option value='eth0' id='eth' $([[ $wanifname =~ ('eth') ]] && echo 'selected')>Wired (WAN port)</option>
+  <option value='wlan1' id='wlan' $([[ $wanifname =~ ('wlan') ]] && echo 'selected')>Wireless (Wi-Fi)</option>
+  </select>
+  <fieldset id='wanwifi' class='hide'>
+  <input type='text' name='wanssid' value='$wanssid'>
+  <input type='password' name='wankey' value='$wankey'>
+  </fieldset>
+  </div>
+  <div style='display:inline-block;'>
+  <select name='wanproto' id='wanproto' style='display:block'>
+  <option value='dhcp' name='dhcp' id='dhcp' $([[ $wanproto == 'dhcp' ]] && echo 'selected')>Automatic (DHCP)</option>
+  <option value='stat' name='dhcp' id='stat' $([[ $wanproto == 'static' ]] && echo 'selected')>Manual (Static IP)</option>
+  </select>
+  <fieldset id='wanaddr' class='hide' >
+  <input type='text' name='wanipaddr' id='wanipaddr' value='$wanipaddr'>
+  <input type='text' name='wangw' id='wannetmask' value='$wannetmask'>
+  </fieldset>
+  </div>
+  </div>
+  <input type='hidden' name='iface' value='wan' class='inline'>
+  <input type='submit' value='Apply'>
+Local wireless network:
+<form method='post' action='/systemupdate/ssidchange'>
+  <div style='display:inline-flex'>
+  <div style='display:inline-block;'>
+    <input type='text' name='lanssid' value='$(doUci get lanssid)'>
+    <input type='password' name='lankey' value='$(doUci get lankey)'>
+  </div>
+  <div style='display:inline-block;'>
+    <input type='text' name='lanipaddr' value='$(doUci get lanipaddr)'>
+    <input type='hidden' name='iface' value='lan' class='inline'>
+  </div>
+  </div>
+  <input type='submit' value='Apply'>
+<form action='/systemupdate/rebootnow' method='post' class='inline'>
+<input type='hidden' name='reboot' value='now' class='inline'>
+<input type='submit' value='Reboot' class='inline'>
+<form action='http://logout@${HTTP_HOST}/systemupdate' method='get' class='inline'>
+<input type='submit' value='Logout' class='inline'>
+<pre>$(df -h)</pre>
+<script type='text/javascript' src='http://${HTTP_HOST}/resources/admin/admin.js'></script>

openwrt/openwrt.revision → openwrt/include/openwrt.revision

@@ -0,0 +1 @@

@@ -1 +0,0 @@

openwrt/auto_scp.sh → openwrt/tools/auto_scp.sh

openwrt/copy_ssh_auth.sh → openwrt/tools/copy_ssh_auth.sh

openwrt/make_fw.sh → openwrt/tools/make_fw.sh

@@ -10,13 +10,18 @@
 ## - Superglue serverfiles local repo (which this script is part of):
 ##    http://git.superglue.it/superglue/serverfiles/tree/master
+set -e
+## make sure we are running from upper level directory
+[[ $(pwd) == $( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd ) ]] && (echo "ERROR: must be run as ./tools/$(basename $0), exiting"; exit 1;)
-set -e
 [[ -e $_IMAGEBUILDER ]] || (echo 'ImageBuilder is missing'; exit 1;)
 [[ -e $_BUILDS ]] || (echo 'Builds directory is missing'; exit 1;)
 set +e
 ## dirs with platform specific files
@@ -30,9 +35,12 @@ _MAJOR='0.1'  ## bump that on major changes
 #_SUFFIX='git'  ## could be 'beta', 'rc', etc
 _SUFFIX='k0a1a'  ## could be 'beta', 'rc', etc
 ## read build serial, incremented on every successful build
-if [[ -e sg_$_MAJOR.revision ]]; then
-  read _MINOR < sg_$_MAJOR.revision
+if [[ -e $_SG_REVISION ]]; then
+  read _MINOR < $_SG_REVISION
   let _MINOR++
 else _MINOR=0
@@ -40,7 +48,7 @@ fi
 ## get OpenWRT revision number
 _OPENWRT=$(fgrep -m1 'REVISION:=' $_IMAGEBUILDER/include/version.mk || echo 'r00000')
-echo $_OPENWRT > openwrt.revision
@@ -91,7 +99,7 @@ done
 if [[ $_ERR -eq 0 ]]; then
   ## if build succeeded bump revision
-  echo $_MINOR > sg_$_MAJOR.revision
+  echo $_MINOR > $_SG_REVISION
   echo -e "\nBuilding SUCCEEDED! :)\n"
   ## create symlinks to latest

openwrt/sgproxy.sh → openwrt/tools/sgproxy.sh