Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Image-Builder Procedure for OpenWRT - LEDE
# ------------------------------------------------------------------------
# Image-Builder Procedure for OpenWRT - LEDE (In this case using Debian x64 NetInstall virtual machine)
# ------------------------------------------------------------------------
su
apt-get update # Optional, make and upgrade too in case it has too many old pakackes.
apt-get install make aria2 screen ncftp -y
screen -
cd ~
mkdir imagebuilders && cd imagebuilders
# Download ImageBuilder (Chose OpenWRT or LEDE, Release or Snapshots)
# Note: This specific URL is sample for "ar71xx/generic" target, you should chose your desired one.
aria2c -x 6 -s 6 http://downloads.openwrt.org/chaos_calmer/15.05.1/ar71xx/generic/OpenWrt-ImageBuilder-15.05.1-ar71xx-generic.Linux-x86_64.tar.bz2
aria2c -x 6 -s 6 https://downloads.lede-project.org/releases/17.01.2/targets/ar71xx/generic/lede-imagebuilder-17.01.2-ar71xx-generic.Linux-x86_64.tar.xz
# WARNING: Snapshots/Trunk branch is compiled often, packages would be valid for just for some days we should download and modify /etc/opkg/distfeeds.conf
aria2c -x 6 -s 6 http://downloads.openwrt.org/snapshots/trunk/ar71xx/generic/OpenWrt-ImageBuilder-ar71xx-generic.Linux-x86_64.tar.bz2
aria2c -x 6 -s 6 https://downloads.lede-project.org/snapshots/targets/ar71xx/generic/lede-imagebuilder-ar71xx-generic.Linux-x86_64.tar.xz
# Around 128mb, should take around 30 minutes at slow 100kbps
# uncompress
tar -xvjf *-?mage?uilder-*.tar.bz2
cd *-?mage?uilder-*
cd ~/imagebuilders/*-?mage?uilder-*
# Info About Packages: -------------------------------------------------
# MR3040 CHAOS CALMER (15.05, r46767)
root@OpenWrt:/# opkg list-installed | awk '{print $1}' | sed ':M;N;$!bM;s#\n# #g'
base-files busybox dnsmasq dropbear firewall fstools hostapd-common ip6tables iptables iw jshn jsonfilter kernel kmod-ath kmod-ath9k kmod-ath9k-common kmod-cfg80211 kmod-crypto-aes kmod-crypto-arc4 kmod-crypto-core kmod-gpio-button-hotplug kmod-ip6tables kmod-ipt-conntrack kmod-ipt-core kmod-ipt-nat kmod-ipv6 kmod-ledtrig-usbdev kmod-lib-crc-ccitt kmod-mac80211 kmod-nf-conntrack kmod-nf-conntrack6 kmod-nf-ipt kmod-nf-ipt6 kmod-nf-nat kmod-nf-nathelper kmod-nls-base kmod-ppp kmod-pppoe kmod-pppox kmod-slhc kmod-usb-core kmod-usb2 libblobmsg-json libc libgcc libip4tc libip6tc libiwinfo libiwinfo-lua libjson-c libjson-script liblua libnl-tiny libubox libubus libubus-lua libuci libuci-lua libxtables lua luci luci-app-firewall luci-base luci-lib-ip luci-lib-nixio luci-mod-admin-full luci-proto-ipv6 luci-proto-ppp luci-theme-bootstrap mtd netifd odhcp6c odhcpd opkg ppp ppp-mod-pppoe procd rpcd swconfig uboot-envtools ubox ubus ubusd uci uhttpd uhttpd-mod-ubus usign wpad-mini
# MR3040 DESIGNATED DRIVER (Bleeding Edge, r47278) TRUNK
root@OpenWrt:~# opkg list-installed | awk '{print $1}' | sed ':M;N;$!bM;s#\n# #g'
base-files busybox dnsmasq dropbear firewall fstools hostapd-common ip6tables iptables iw iwinfo jshn jsonfilter kernel kmod-ath kmod-ath9k kmod-ath9k-common kmod-cfg80211 kmod-gpio-button-hotplug kmod-ip6tables kmod-ipt-conntrack kmod-ipt-core kmod-ipt-nat kmod-ledtrig-usbdev kmod-lib-crc-ccitt kmod-mac80211 kmod-nf-conntrack kmod-nf-conntrack6 kmod-nf-ipt kmod-nf-ipt6 kmod-nf-nat kmod-nf-nathelper kmod-nls-base kmod-ppp kmod-pppoe kmod-pppox kmod-slhc kmod-usb-core kmod-usb-ohci kmod-usb2 libblobmsg-json libc libexpat libgcc libip4tc libip6tc libiwinfo libjson-c libjson-script libnl-tiny libubox libubus libuci libxtables mtd netifd odhcp6c odhcpd opkg ppp ppp-mod-pppoe procd swconfig uboot-envtools ubox ubus ubusd uci usign wpad-mini
# Difference between r46767 y r47278 (CHAOS CALMER has more, we could remove those packages, ¿?)
-kmod-crypto-aes -kmod-crypto-arc4 -kmod-crypto-core -kmod-ipv6 -libiwinfo-lua -libubus-lua -libuci-lua -lua -uhttpd -uhttpd-mod-ubus
# Packages that CHAOS CALMER have but NO TRUNK:
kmod-crypto-aes kmod-crypto-arc4 kmod-crypto-core kmod-ipv6 libiwinfo-lua liblua libubus-lua
libuci-lua lua luci luci-app-firewall luci-base luci-lib-ip luci-lib-nixio luci-mod-admin-full
luci-proto-ipv6 luci-proto-ppp luci-theme-bootstrap rpcd uhttpd uhttpd-mod-ubus
trunk
# Packages that has TRUNK, but NO CHAOS CALMER:
iwinfo kmod-usb-ohci libc libip6tc
# End of Info About Packages ------------------------------------------
make info # Shows available profiles/targets
# make image allows add pkg1, pkg2 y and remove pkg4 pkg5 and add custom files to the image:
#make image PROFILE=XXX PACKAGES="pkg1 pkg2 pkg3 -pkg4 -pkg5 -pkg6" FILES=files/
# To add custom files:
# -------------------------------------
# We should create the directory for files
# mkdir -p ~/files/etc/config
mkdir -p files/etc/config
# and add the last parameter "FILES"
make image PROFILE=TLMR3420 PACKAGES="" FILES=files/
#scp root@192.168.1.1:/etc/config/network files/etc/config/
#scp root@192.168.1.1:/etc/config/wireless files/etc/config/
#scp root@192.168.1.1:/etc/config/firewall files/etc/config/
# IMPORTANT, PENDING FOR EXT ROOT, add e2fsprogs for e2fsck, is fsck for ext
We could modify /etc/banner
# Clean all crap we generate:
rm ~/imagebuilders/*-?mage?uilder-*/bin/ar71xx/*
# Customised, change PROFILE with TLMR3020 TLMR3040 TLMR3420
# ExtRoot
#make image PROFILE=TLMR3040 PACKAGES="kmod-usb-storage block-mount kmod-fs-ext4 -libiwinfo-lua -libubus-lua -libuci-lua -lua -uhttpd -uhttpd-mod-ubus"
# ExtRoot (version with FSCK)
make image PROFILE=TLMR3020 FILES=files/ PACKAGES="kmod-usb-storage block-mount kmod-fs-ext4 e2fsprogs -libiwinfo-lua -libubus-lua -libuci-lua -lua -uhttpd -uhttpd-mod-ubus"
# PrintServer p910nd
make image PROFILE=TLMR3020 FILES=files/ PACKAGES="p910nd -dnsmasq -firewall -libiwinfo-lua -libubus-lua -libuci-lua -lua -uhttpd -uhttpd-mod-ubus"
# PrintServer p910nd + Client Bridge (RelayD + IGMPProxy)
make image PROFILE=TLMR3020 FILES=files/ PACKAGES="p910nd relayd igmpproxy -dnsmasq -firewall -libiwinfo-lua -libubus-lua -libuci-lua -lua -uhttpd -uhttpd-mod-ubus"
make image PROFILE=TLMR3040 FILES=files/ PACKAGES="p910nd relayd igmpproxy -dnsmasq -firewall -libiwinfo-lua -libubus-lua -libuci-lua -lua -uhttpd -uhttpd-mod-ubus"
make image PROFILE=TLMR3420 FILES=files/ PACKAGES="p910nd relayd igmpproxy -dnsmasq -firewall -libiwinfo-lua -libubus-lua -libuci-lua -lua -uhttpd -uhttpd-mod-ubus"
# MR3040 ExtRoot + 3G Dongle
make image PROFILE=TLMR3040 FILES=files/ PACKAGES="kmod-usb-storage block-mount kmod-fs-ext4 e2fsprogs usb-modeswitch comgt kmod-usb-acm kmod-usb-serial-option kmod-usb-net-cdc-ether kmod-usb-net-rndis -libiwinfo-lua -libubus-lua -libuci-lua -lua -uhttpd -uhttpd-mod-ubus"
# MR3040 ExtRoot + 3G Dongle + vfat
make image PROFILE=TLMR3040 FILES=files/ PACKAGES="kmod-usb-storage block-mount kmod-fs-ext4 e2fsprogs usb-modeswitch comgt kmod-usb-acm kmod-usb-serial-option kmod-usb-net-cdc-ether kmod-usb-net-rndis dosfsck kmod-fs-vfat kmod-nls-cp437 kmod-nls-iso8859-1 kmod-nls-utf8 dosfsck -libiwinfo-lua -libubus-lua -libuci-lua -lua -uhttpd -uhttpd-mod-ubus"
## ExtRoot + TimeMachine Time Capsule with ext3
#(WARNING: It does not fit 4MB)
# netatalk # brings libgpg-error libgcrypt attr libxml2 libdb47 # Brinda soporte APF
# avahi-daemon # has support for Zeroconf/Bonjour
make image PROFILE=XXXXXXXX FILES=files/ PACKAGES="kmod-usb-storage block-mount netatalk avahi-daemon shadow-useradd shadow-groupadd -dnsmasq -firewall -kmod-crypto-aes -kmod-crypto-arc4 -kmod-crypto-core -kmod-ipv6 -libiwinfo-lua -liblua -libubus-lua -libuci-lua -lua -luci -luci-app-firewall -luci-base -luci-lib-ip -luci-lib-nixio -luci-mod-admin-full -luci-proto-ipv6 -luci-proto-ppp -luci-theme-bootstrap -rpcd -uhttpd -uhttpd-mod-ubus"
## ExtRoot + TimeMachine Time Capsule with HFS+
#(WARNING: It does not fit 4MB)
# (it does not have GUID for Kernel)
# shadow-useradd shadow-groupadd # to create user and group
# hfsfsck # is the fsck for HFS+
make image PROFILE=XXXXXXXX FILES=files/ PACKAGES="kmod-usb-storage block-mount netatalk avahi-daemon hfsfsck kmod-fs-hfsplus shadow-useradd shadow-groupadd -dnsmasq -firewall -kmod-crypto-aes -kmod-crypto-arc4 -kmod-crypto-core -kmod-ipv6 -libiwinfo-lua -liblua -libubus-lua -libuci-lua -lua -luci -luci-app-firewall -luci-base -luci-lib-ip -luci-lib-nixio -luci-mod-admin-full -luci-proto-ipv6 -luci-proto-ppp -luci-theme-bootstrap -rpcd -uhttpd -uhttpd-mod-ubus"
make image PROFILE=WDR FILES=files/ PACKAGES="kmod-usb-storage block-mount netatalk avahi-daemon hfsfsck kmod-fs-hfsplus shadow-useradd shadow-groupadd -dnsmasq -firewall -kmod-crypto-aes -kmod-crypto-arc4 -kmod-crypto-core -kmod-ipv6 -libiwinfo-lua -liblua -libubus-lua -libuci-lua -lua -luci -luci-app-firewall -luci-base -luci-lib-ip -luci-lib-nixio -luci-mod-admin-full -luci-proto-ipv6 -luci-proto-ppp -luci-theme-bootstrap -rpcd -uhttpd -uhttpd-mod-ubus"
## ExtRoot + FileHistory with Samba
#(WARNING: It does not fit 4MB)
make image PROFILE=XXXXXXXX FILES=files/ PACKAGES="kmod-usb-storage block-mount samba36-server kmod-fs-ntfs ntfs-3g ntfs-3g-utils -dnsmasq -firewall -kmod-crypto-aes -kmod-crypto-arc4 -kmod-crypto-core -kmod-ipv6 -libiwinfo-lua -liblua -libubus-lua -libuci-lua -lua -luci -luci-app-firewall -luci-base -luci-lib-ip -luci-lib-nixio -luci-mod-admin-full -luci-proto-ipv6 -luci-proto-ppp -luci-theme-bootstrap -rpcd -uhttpd -uhttpd-mod-ubus"
## OpenVPN (to do a OpenVPN Client Router)
#(WARNING: It does not fit 4MB)
#openvpn-openssl # brings kmod-tun liblzo
make image PROFILE=XXXXXXXX FILES=files/ PACKAGES="openvpn-openssl kmod-tun liblzo -kmod-crypto-aes -kmod-crypto-arc4 -kmod-crypto-core -kmod-ipv6 -libiwinfo-lua -liblua -libubus-lua -libuci-lua -lua -luci -luci-app-firewall -luci-base -luci-lib-ip -luci-lib-nixio -luci-mod-admin-full -luci-proto-ipv6 -luci-proto-ppp -luci-theme-bootstrap -rpcd -uhttpd -uhttpd-mod-ubus"
## OpenVPN (to do a OpenVPN Client Router)
# Another metod, not yet testerd, in RAM, another way is compiling it using Imagebuilder
# https://tokyobreeze.wordpress.com/2015/01/15/install-openvpn-in-a-router-with-4mb-flash/
# https://forum.openwrt.org/viewtopic.php?id=48866
make image PROFILE=XXXXXXXX FILES=files/ PACKAGES="libopenssl kmod-tun zlib liblzo -kmod-crypto-aes -kmod-crypto-arc4 -kmod-crypto-core -kmod-ipv6 -libiwinfo-lua -liblua -libubus-lua -libuci-lua -lua -luci -luci-app-firewall -luci-base -luci-lib-ip -luci-lib-nixio -luci-mod-admin-full -luci-proto-ipv6 -luci-proto-ppp -luci-theme-bootstrap -rpcd -uhttpd -uhttpd-mod-ubus"
## PPTP, INSECURE (to do a PPTP Client Router)
# CAREFUL, is INSECURE
# It fits on 4MB
make image PROFILE=TLMR3040 FILES=files/ PACKAGES="kmod-pptp ppp-mod-pptp -kmod-crypto-aes -kmod-crypto-arc4 -kmod-crypto-core -kmod-ipv6 -libiwinfo-lua -liblua -libubus-lua -libuci-lua -lua -luci -luci-app-firewall -luci-base -luci-lib-ip -luci-lib-nixio -luci-mod-admin-full -luci-proto-ipv6 -luci-proto-ppp -luci-theme-bootstrap -rpcd -uhttpd -uhttpd-mod-ubus"
## L2TP, INSECURE (to do a L2TP Client Router)
# It fits on 4MB
make image PROFILE=TLMR3040 FILES=files/ PACKAGES="kmod-l2tp kmod-l2tp-eth kmod-l2tp-ip kmod-pppol2tp ppp-mod-pppol2tp xl2tpd -kmod-crypto-aes -kmod-crypto-arc4 -kmod-crypto-core -kmod-ipv6 -libiwinfo-lua -liblua -libubus-lua -libuci-lua -lua -luci -luci-app-firewall -luci-base -luci-lib-ip -luci-lib-nixio -luci-mod-admin-full -luci-proto-ipv6 -luci-proto-ppp -luci-theme-bootstrap -rpcd -uhttpd -uhttpd-mod-ubus"
# WR841N in Spanish
# luci-i18n-diag-core-es
# customimage-15.05.1-r48532-spanish
make image PROFILE=TLWR841 PACKAGES="luci-i18n-base-es miniupnpd"
make image PROFILE=TLWR841 PACKAGES="luci-i18n-base-es luci-i18n-firewall-es luci-i18n-upnp-es"
# -------------------------------------------
# FILES for p910nd (MR3020)
# -------------------------------------------
mkdir ./files/etc/uci-defaults/
cat <<'__EOF__' > ./files/etc/uci-defaults/default-p910nd.sh
#!/bin/sh
/etc/init.d/dnsmasq disable
/etc/init.d/dnsmasq stop
/etc/init.d/odhcpd disable
/etc/init.d/odhcpd stop
/etc/init.d/firewall disable
/etc/init.d/firewall stop
__EOF__
#cat <<'__EOF__' > ./files/etc/rc.local
##!/bin/sh
#/etc/init.d/dnsmasq disable
#/etc/init.d/dnsmasq stop
#/etc/init.d/odhcpd disable
#/etc/init.d/odhcpd stop
#/etc/init.d/firewall disable
#/etc/init.d/firewall stop
#exit 0
#__EOF__
make image PROFILE=TLMR3020 FILES=files/ PACKAGES="p910nd kmod-usb-printer -kmod-crypto-aes -kmod-crypto-arc4 -kmod-crypto-core -kmod-ipv6 -libiwinfo-lua -libubus-lua -libuci-lua -lua -uhttpd -uhttpd-mod-ubus"
# -------------------------------------------
# Sample preparation of custom FILES for Router Without Ethernet (or with Ethernet ports burned)
# -------------------------------------------
# In this case we will use it as Repeater/WDS:
1. Remove firewall (it will used as Repeater)
2. We will put relayd and igmpproxy (just in case, but we will use it with WDS if it is possible)
3. By default we will activate wifi (if we reset it or we of a `firstboot` we could configure it via wifi)
4. We will Write some warning at /etc/banner very visible to know that this Router does not have working ethernet (just reminder to us)
mkdir -p files/etc/config
SOURCE_FILES="./build_dir/target-mips_34kc_uClibc-0.9.33.2/root-ar71xx"
cp $SOURCE_FILES/etc/banner.failsafe files/etc/banner.failsafe
cp $SOURCE_FILES/etc/banner files/etc/banner
nano files/etc/banner # Here we could edit /etc/banner
nano files/etc/banner.failsafe # Here we could edit files/etc/banner.failsafe
mkdir ./files/etc/uci-defaults/
cat <<'__EOF__' > ./files/etc/uci-defaults/99_default-no-eth.sh
#!/bin/sh
# If Zone is New York then exit, (is a sysupgrade prpeserving changes)
# Since we use Buenos Aires time always then we change this line.
#[ "$(uci -q get system.@system[0].zonename)" = "America/New York" ] && exit 0
[ "$(uci -q get system.@system[0].zonename)" = "America/Argentina/Buenos Aires" ] && exit 0
[ -e /etc/config/no-ethernet ] && exit 0
touch /etc/config/no-ethernet
uci batch <<EOC
set system.@system[0].timezone='ART3'
set system.@system[0].zonename='America/Argentina/Buenos Aires'
del network.lan.ifname
del network.wan
del network.wan6
del network.@switch[0]
del network.@switch_vlan[0]
set wireless.radio0.htmode='HT40'
set wireless.radio0.channel='auto'
set wireless.radio0.disabled='0'
# This is a TP-Link Router
set wireless.@wifi-iface[0].ssid="TP-LINK_$(ifconfig eth0 | awk '/HWaddr/ { printf $5 }' | tr -d : | tail -c 6)"
set wireless.@wifi-iface[0].key="$(dd if=/dev/mtdblock0 bs=1 skip=130560 count=8 2>/dev/null)"
set wireless.@wifi-iface[0].encryption='psk2+aes'
commit
EOC
/etc/init.d/network restart
exit 0 # IMPORTANT, IF WE NO PUT THIS, WILL EXECUTED ENDLESSLY
__EOF__
# Make image for the WR841 without WAN/LAN Ports, with relayd and igmpproxy packages
make image PROFILE=TLWR841 FILES=files/ PACKAGES="relayd igmpproxy"
# Verify if was generated properly (pay attention at datetime of the files):
ls -lath bin/ar71xx/
ls -aR bin
# -------------------------------------------
# Upload compiled images to ftp server
# -------------------------------------------
MYFTPSERVER=CHANGEME
MYUSERNAME=CHANGEME
PASS=CHANGEME
# Create directory online.
ftp -n <<EOF
open "$MYFTPSERVER"
user "$MYUSERNAME" "$PASS"
cd /subdomains/devices/openwrt
mkdir customimage-15.05.1-extroot
mkdir customimage-15.05.1-p910nd
mkdir customimage-15.05.1-p910nd-relayd
mkdir customimage-15.05.1-no-ethernet
mkdir customimage-15.05.1-spanish
cd /subdomains/devices/lede
mkdir customimage-17.01.2-extroot
EOF
# We will see the filesize of everything
ls -laht ~/imagebuilders/*-?mage?uilder-*/bin/ar71xx/ | head -n1
du -h ~/imagebuilders/*-?mage?uilder-*/bin/ar71xx/ | cut -c -4
# Upload to FTP:
# -m # Creates directory if not exists
# -v # shows progress
# -z # tries to resume uploads
# -R # recursive, subdirectories
# ExtRoot
ncftpput -z -v -u "$MYUSERNAME" -p "$PASS" "$MYFTPSERVER" \
/subdomains/devices/openwrt/customimage-15.05.1-extroot \
~/imagebuilders/*-?mage?uilder-*/bin/ar71xx/md5sums \
~/imagebuilders/*-?mage?uilder-*/bin/ar71xx/*-squashfs-*.bin
ncftpput -z -v -u "$MYUSERNAME" -p "$PASS" "$MYFTPSERVER" \
/subdomains/devices/lede/customimage-17.01.2-extroot \
~/imagebuilders/*-?mage?uilder-*/bin/ar71xx/sha256sums \
~/imagebuilders/*-?mage?uilder-*/bin/ar71xx/*-squashfs-*.bin
# We clean all the crap we generate:
rm ~/imagebuilders/*-?mage?uilder-*/bin/ar71xx/*
# Now we can wget, check sums and sysupgrade the image:
cd /tmp && wget http://devices.myserver.com/openwrt/customimage-15.05.1-no-ethernet/openwrt-15.05.1-ar71xx-generic-tl-wr841n-v9-squashfs-sysupgrade.bin
cd /tmp && wget http://devices.myserver.com/openwrt/customimage-15.05.1-no-ethernet/md5sums
md5sum -c md5sums 2> /dev/null | grep OK
cd /tmp && wget http://devices.myserver.com/lede/customimage-15.05.1-no-ethernet/lede-17.01.2-ar71xx-generic-tl-wr841n-v9-squashfs-sysupgrade.bin
cd /tmp && wget http://devices.myserver.com/lede/customimage-15.05.1-no-ethernet/sha356sums
sha256sum -c sha256sums 2> /dev/null | grep OK
# Verify files that will be preserved with configuration:
sysupgrade -l
# Susupgrade:
sysupgrade -v -c /tmp/*-sysupgrade.bin # Preserve config
sysupgrade -v -n /tmp/*-sysupgrade.bin # NO Preserve config - Restore Defaults
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.