The development cycle currently seems very agile and rapid, but stable is always going to be preferred or a good idea, as eventually a stable release would need to be in master to then backport down to 21.02 or whatever the latest release branch is.
Maybe after the 1.0.0 milestone, releases may settle down a bit, but I'm happy to PR new stable releases, in conjunction with maintainers. It's easy enough to get alerts when new releases happen and I've got an OpenWrt buildroot setup to compile test packages.
I've tested doing the Nginx reverse proxy setup with AdGuard Home, it works, however at least on 19.07 there is a part in the default LuCI SSL Nginx config which can cause issues and had me banging my head against the wall for a while.
This can potentially break additional reverse proxy location rules based on the ordering, because many requests will match on this location rule first and hence never makes it to the desired proxy_pass call. I'm assuming it's there for caching purposes given it's targeting static resources, however this can break various CSS/JS and other asset requests for reverse proxied services, it did for AdGuard Home and Netdata (which I also happen to use)
Commenting it out, resolves the issue. It looks like in 21.02 the Nginx configs have changed somewhat so this might not be a problem for 21.02 and snapshot releases.
The reverse proxy method is probably the best recommendation in terms of following a standard procedure/setup guide, doing it this way means you don't have to configure TLS/HTTPS on AdGuard Home and instead utilise the SSL of LuCI. It also means you can have AdGuard Home on non standard ports or even the default TCP 3000 and simply proxy it to a more friendly URL.
@mercygroundabyss , I have a doubt: in the configuration of the reverse dns, you say to put 192.168.1.1:5353, but in the following figure it appears 127.0.0.1:5353. Which of the two is correct?
#Set IPv6 Announced DNS
uci add_list dhcp.lan.dns='::1'
It instructed clients to set their ipv6 dns server as ::1 - which is equivalent to 127.0.0.1. Therefore, clients would to access a dns server on itself as opposed to the router.
Getting rid of this setting ensures correct behavior(on 21.02 atleast).
Note that you will need to add your router's ipv6 addr to adguard.yaml's bind_hosts too. You can find your lan ipv6 addr in network->interfaces on on the webui or ip addr show br-lan on ssh.
I may have to redo that script to pick up the ULA prefix and add it. I thought i could shortcut and use ::1 as a shortcut and thus not need to handle the prefix. Unfortunately because my ISP lives in the dark ages I'm actually unable to test this. (They have been promising IPv6 for years... and done nothing.)
I may have to reconsider if using AGH DHCP may be a simpler option. Downside is that their DHCP is vastly inferior to OpenWrt's setup. Upside would be easier configuration as AGH would hand out the proper IP4/6 DNS to clients.
Sorry for the late response. The current behaviour is definitely invalid, since --check-config really shouldn't rewrite the configuration file.
As for the original use case, we'll probably consider adding a mechanism for setting some default values on the first run, including user information and addresses, in the future. But that will require a refactoring of the configuration handling, which should happen around v0.108.
This would aid with scripting the install and hopefully will be "Soon(tm)" as 108 builds are on edge channel now.
I've done some thinking and i think what i shall do is revamp my install script to pull ip4 and ip6 addresses from uci and thus parse those values into the script. The bonus to that is that I can remove the warnings for people who aren't using 192.168.1.1 for OpenWrt as it will use the routers config to do it instead. I'll try have this fixed for this week.
I have one more question: how do I find out which package I should download to update adguard home? I use a xiaomi miwifi 3g, using the command uname -a, it shows the mips information, but it has the mipsle package on the adguard home github, so which of the two packages is the correct one for the mi router 3g?
The manual script i developed for tight on space routers and it was purely for my router variant. There is however no reason you couldn't adapt it for your router. However it should not be needed soon as AGH team are redoing their updating so limited space routers are handled better.
If you check your syslog you should see a line like this (even if it fails to update due to lack of space)
There is an issue filed for disk space and failed updates which is being worked on. Its been pushed back to 108 due to them needing to know actual sizes and compression so they can automate it better.
Here only the blue tab appears with the message that a new update is available, but not the update now button. I even added a pendrive as extroot, followed the openwrt website tutorial, I didn't create swap.
Ok if you are using the edge version it should give you the update button. I'd raise an issue with AGH team but only after a full reboot #incase. Mostly because reboots fix everything... unless it doesn't. Dont you love IT?
Well it turns out you cannot pull the ipv6 address from the uci system therefore its time for some bash scripting.
(edit make sure you have the jq package installed first. opkg update then opkg install jq)
fixIP6DNS.sh
#!/bin/sh
NET_ADDR=$(/sbin/ip -o -4 addr list br-lan | awk 'NR==1{ split($4, ip_addr, "/"); print ip_addr[1] }')
NET_ADDR6=$(/sbin/ip -o -6 addr list br-lan scope global | awk 'NR==1{ split($4, ip_addr, "/"); print ip_addr[1] }')
echo "Router IPv4 : ""${NET_ADDR}"
echo "Router IPv6 : ""${NET_ADDR6}"
#delete incorrect ipv6 DNS server and replace with proper ip
uci -q delete dhcp.lan.dns
for OUTPUT in $(ip -json address list br-lan | jq -r '.[0].addr_info[] | select(.family=="inet6" and .scope=="global") | .local')
do
echo "Adding $OUTPUT to DNS"
uci add_list dhcp.lan.dns=$OUTPUT
done
# Save changes
uci commit dhcp
# Restart dnsmasq service to reflect changes
/etc/init.d/dnsmasq restart
For completeness change your AdGuardHome.yaml file and add your ipv6 router ip.
Ok. Main post updated. IPv6 DNS fix is in and I split my script into two parts. The first removes your ISP DNS and sets the router DNS to use Cloudflare. You may ignore that and continue with the master install script if you wish.
The install script is now fixed for IPv6. It also looks up the first ipv4 and v6 addresses to use for installing. It uses the br-lan interface for this. If you have a different interface you will need to change the script.
I was confused on that part. Is the ipv6 address you say to add here the one that appears in br-lan, the ipv6 address that is below ipv4, which in this case is 192.168.1.1?
What values did you use? I have a mi router 3g, it has the same chipset.
(while this does improve speed of DNS queries, you have to understand that this will continually refresh EVERY DNS request that was passed to the server, instead of letting them expire and only cache used ones.)
