pmeerw's blog

Thu, 01 Jan 2009

CF died, renew server configuration

Unfortunately, my compact flash (CF) holding the root file system of my alix2c3 system died; I replaced it with a 4 GB CF and set up latest OpenWrt Kamikaze and updated several packages: Python 2.5.4, Mercurial 1.1.2, Lighttpd 1.4.20.

posted at: 07:00 | path: /projects/OpenWrt | permanent link

Wed, 27 Aug 2008

OCF-Linux (Linux port of the BSD crypto framework) CryptoDev for Linux

posted at: 15:04 | path: /projects/OpenWrt | permanent link

Tue, 26 Aug 2008

OpenWRT on Alix board

I got a PC Engines alix2c3 board which now runs OpenWRT. WLAN is provided by Gigabyte GN-W101HT 802.11.agb mini PCI card with an Atheros AR5413 chipset (got everything from varia-store.com).

OpenWRT is trunk (rev. 12393) and I had to try the new LUA based web configuration interfaced named LuCI (trunk, rev. 2955). Main problem was missing dependencies in various OpenWRT packages, so you have to guess what you might need...

Here's my custom kernel config (gzipped).

posted at: 17:06 | path: /projects/OpenWrt | permanent link

Sun, 13 Apr 2008

Serving Mercurial repositories with lighttpd on OpenWrt

Sadly, Mercurial is not in OpenWrt yet; here is my lighttpd config (/etc/lighttpd.conf):

server.modules = (
        "mod_rewrite",
        "mod_alias",
        "mod_auth",
        "mod_cgi"
)

# OpenWrt has troubles with more advanced backends (#2401)
server.network-backend = "write"
# needed to store data of POST requests (#2224)
server.upload-dirs = ( "/tmp" )

static-file.exclude-extensions = ( ".cgi" )
cgi.assign = ( ".cgi" => "/usr/bin/python" )

# where hgwegdir.cgi resides
alias.url = ( "/cgi-bin/" => "/data/www-cgi/" )

# I have public and a private repositories
url.rewrite += ( "^/hg-priv([/?].*)?$" => "/cgi-bin/hgwebdir_priv.cgi$1" )
url.rewrite += ( "^/hg([/?].*)?$" => "/cgi-bin/hgwebdir.cgi$1" )

# require user/password for private repositories under /data/hg-priv
auth.debug = 0
auth.backend = "htdigest"
auth.backend.htdigest.userfile = "/data/hg-priv/.htdigest"
auth.require = ( "/cgi-bin/hgwebdir_priv.cgi" => (
    "method" => "digest",
    "realm" => "Private Mercurial repositories",
    "require" => "valid-user"))

# only require require user/password for push requests to public
# repositories under /data/hg
$HTTP["url"] =~ "^/cgi-bin/hgwebdir.py" {
    $HTTP["querystring"] =~ "cmd=unbundle" {
        auth.debug = 0
        auth.backend = "htdigest"
        auth.backend.htdigest.userfile = "/data/hg/.htdigest"
        auth.require = ( "/cgi-bin/hgwebdir.cgi" => (
            "method" => "digest",
            "realm" => "Mercurial repositories",
            "require" => "valid-user"))
    }
}

$SERVER["socket"] == "nslu2:80" {
}

$SERVER["socket"] == "nslu2:443" {
  ssl.engine = "enable"
  ssl.pemfile = "/etc/ssl/server.pem"
}

And the hgweb.config configuration file (in /data/www-cgi/):

[collections]
/data/hg/repos/ = /data/hg/repos/

[web]
motd = 

Repositories maintained by me

baseurl = /hg push_ssl = true

posted at: 21:49 | path: /projects/OpenWrt | permanent link

Sun, 06 Jan 2008

Everything's fine with iodine (and iptables)

To allow packets from dns0 to be forwarded to the wan interface:

iptables -A FORWARD -i dns0 -o $wan_ifname -j ACCEPT

posted at: 16:17 | path: /projects/OpenWrt | permanent link

Made with PyBlosxom