Frequent Flashers' Config Approaches

@richb-hanover-priv asked in another thread, Best ways to conduct Speed and Network Performance test from OpenWrt?

  • A script to configure a router repeatably (if you're flashing frequently)

I can definitely say that I fall into the "flashing frequently" category with over 300 build in the last month.

Here are some approaches I have used, why I find them helpful and in what situations. More suggestions are always welcome!

Use ./files/ or FILES=

If you're a frequent flasher, you are (or perhaps should be) building images yourself.

The "cleanest" way to have the router pre-configured on first boot is to include the config you need in the ./files/ directory of your build tree, or use the FILES=/path/to/your/files/ option for the image builder.

As long as the file is root:root, and doesn't need to be device-specific (things like different IP addresses for each of 5 routers), you're done. (All files in ROM are owned by root, no matter the ownership on the build system; no need to make them root-owned on your build system.)

Symlinks work here as well. I prefer relative ones so that they refer to the proper file on my build machine as well (and reduce the risk of messing up the build machine with an errant command that modifies the target on your build machine's /etc/, for example).

Enhance with /etc/uci-defaults/

Even if they're not UCI!

The files in this directory get run at each boot until they return a success exit code (0). Once they do, they get deleted.

This is a good place for things like chown -R userx:userx ~userx/

There are many utilities available for things like MAC extraction from partitions, MAC manipulation (add N, set to be locally administered, ...) in the base system. You can see examples with

root@OpenWrt:~# ls /rom/etc/uci-defaults/
10-fstab                   12_network-generate-ula    20_migrate-feeds           30_uboot-envtools          50_update_banner           70_nginx-luci-support-ssl
10_migrate-shadow          13_fix_group_user          30_luci-theme-bootstrap    50_luci-mod-admin-full     60_nginx-luci-support      odhcpd.defaults

These scripts may run "too early" if networking is needed for the task.

Run Scripts on the Router

scp a shell script to the router, or build it in the image. SSH into the router and run them.

This is also a good way to "tailor" to the router's specifics (such as IP address) if using one of the other methods that install a "generic" config that needs tweaking.

Use rsync

Copies, when needed, files from a local directory structure to that of the router. It's not small, a few hundred kB, but is easy and doesn't overwrite files that are the same. So if your local copy of /etc/config/something is the same as on the ROM or overlay already, you're not re-writing it.

rsync -aviihP /path/to/local/files/ root@192.168.1.1:/ 

is one set of options I often use.

--dry-run is your friend.

Use tar

Like rsync, but will always overwrite. sysupgrade -b is one way to get a "starter" backup of your device, which you can then extract, locally modify, rebundle (don't use compression past gzip, or your implementation of tar on your device may not be able to extract it), copy to the device, and extract.

rsync is "easier", but tar doesn't require the storage overhead of the rsync package on the device.

Use scp

For single files or "trees", this is a good option

Manage Your Config With git

Yep, this will swallow up a good chunk of flash, but if you're messing with config, it makes it easy to roll back (as well as seeing just what you did to break things, or to fix them).

You can

  • Manually git init /etc/ and manually add your remote
  • Put an init-ed repo with the remote pre-installed into your ROM

then git fetch <remote> and git checkout <branch>

Edit: I tend to gitignore everything and add the files as I need. There can be some funkiness on roll-back or branch switches when files come and go from the repo (especially go), but I haven't gotten into unrecoverable situations. Yet...

Script Over SSH

Ugh, this is ugly, but sometimes you need more than a shell script.

It's so ugly that I haven't resorted to it yet, but I can see needing Python or your favorite scripting language to do things that would be challenging and nearly incomprehensible in a shell script. If you do go this way, keyed access or use of ssh-agent would be essential.

4 Likes

Aren't you worried about the durability of the flash memory with that many updates?

1 Like

LOL, yes, if I can't get this EA8300 whipped into shape soon!

Thankfully the flash lifetime is typically spec-ed somewhere over a few thousand for NOR and often higher for NAND. But yes, it has crossed my mind several times.

1 Like

I have a few scripts i include in files/ - a remote upgrade script, and a diagnostics script to quickly see if all essential services are up and configured correctly, and a script that sets up a guest network in a jiffy.

Besides that I also have a lot of stuff in /etc/uci-defaults/. And a per-device rootfs (which is only possible with buildroot).

For those using the buildroot and compiling for multiple devices, using env is very handy as well - to store your configuration (.config and /etc/uci-defaults/).

1 Like