Rpi4 < $(community_build)

Seems there is some demand... so... let's get the ball rolling


NOTE: 20201121

There are two variants... 'extra' which has many packages... and std which has less ( original ) package set... for the time being... 'extra' is the recommended version... unless you'd really prefer as minimal as possible... they really only differ in what 'modules' are preloaded...


DOWNLOAD: https://github.com/wulfy23/rpi4/tree/master/builds/

INSTALLATION:

  • rc.local note: non-community upgrade make sure the last line of your rc.local is 'exit 0' and if you have things in it... make a separate copy

  • sysupgrade -p ( when flashing over a build with smaller partitions. ), luci should work ok, if partitions are the same.

  • ext4 ( report back re: squashfs )

  • note: slow sdcards can take a good 6-7 minutes+ quick ones are closer to 3 and a half...


SAMPLE INSTALL COMMANDS
############################## SYSUPGRADE
### note: safer to backup and start fresh... you may also need to use -F ( post 20201217 ) @ validate bug
scp <rpi4-abc123>-ext4-sysuprade.img.gz root@<routerip>:/tmp/sysup.img.gz
ssh root@<routerip> 'sysupgrade -p /tmp/sysup.img.gz'
(note: luci will work if partitions match i.e. you have used -p before or started with our factory )


############################## SDCARD FACTORY ( ! wipes drive ! )
zcat <rpi4-abc123>-ext4-factory.tar.gz | dd of=/dev/sdW; sync

#OR if you are not comfortable with linux

-LUCI>SYSTEM>BACKUP>GENERATE BACKUP
-Power down insert sdcard into pc and use win32diskimagerNOTNEEDABETTERTOOL and the ext4_factory ( may need to gunzip it first )
-Re-insert sdcard wait for it to boot ( 192.168.1.1 )
-LUCI>SYSTEM>BACKUP>RESTORE BACKUP ( normal ip will be restored )

@stargeizer windows instructions with wan setup tips


AUTOMATED UPGRADES (only use once confident with your backup / sysupgrade.conf / wrt.ini settings )

#/bin/rpi-sysup-online.sh  -R  current                                            #curl -sSL "https://raw.github.com/wulfy23/rpi4/master/utilities/rpi-sysup-online.sh" > /bin/rpi-sysup-online.sh; sync; chmod +x /bin/rpi-sysup-online.sh; /bin/rpi-sysup-online.sh -R current check

GENERAL NOTES:

  1. NON DEFAULT SERVICES ARE DISABLED
  • Unlike a regular build... most additional services installed into this build are default disabled. So you need to enable what you use each install...
  • command line '/etc/init.d/SERVICE enable; /etc/init.d/SERVICE start'
  • LUCI>SYSTEM>Startup>ClickDISABLED+START....
  • The custom settings file wrt.ini has a parameter ENABLEDSERVICES that can be used to automate this each install... it is explained in the post below.
  1. USE COMMON SENSE / ESTABLISHED BASICS / GUIDES
  • manually backup your stuff or use a second sdcard etc. for the first build or three
  1. SAFETY / SECURITY
disclaimers and assurances
  • any community build is almost always marginally more risk than a default release. extra code / packages, custom features etc. all add stuff that you don't find on "vanilla" systems.

  • that said... I hereby vouch that there are no intentional "gremlins"... and anything of particular note will be mentioned ( i.e. /bin/updatecheck.sh does check if there are newer releases on the openwrt official http servers - this is the only 'active' feature and can be disabled ) edit: there may also be particularly during installs, some minor traffic related to opkg autorestore, basic net connectivity diagnostics... my philosophy is anti-active generally although in this case, autopackagerestore and ease of setup have taken precedence during the development phase... all this equates to is pretty much an opkg update and ping 8.8.8.8 to see if internet is ok during install to attempt to restore the previous package set...

  • at the end of the day, this is an unofficial build and not endorsed by OpenWrt, with no express liability, warranty or guarantees.


  • builds prior to r15250 accidentally changed console/UART config ( not used by most )
  • extroot-overlay is not supported on this build ( use usb-mount and point service data there if needed )

OPKG NOTES:

  • (base|core|luci) are git customfeeds ( report back on things )

rolling official packages will likely require

opkg install --force-checksum
  • mwan3 is fluxworthy and known to have quirks...

ADDITIONS:

  • Users are encouraged to add customisations so, if you have any scripts / mods / ideas or (regulars) want commit access to the sources by all means! :dancer:
7 Likes

PACKAGELIST: see git > builds > ABC > packages.txt

out-of-tree: ARGON THEME git


CUSTOM FEATURES(optional):

  • The file /root/wrt.ini is intended to be used to enable/disable built in script functionality.
  • add this to your /etc/sysupgrade.conf
  • when you re-flash check the newer one in /etc/custom/wrt.ini
  • or manually add desired options from the list below
available options
####################################################### @/bin/*-sysup*<git<*sysup.sh stable current testing
# UPGRADEsFLAVOUR="stable"
############### NOTE: sysupgrade -R (once off or post install packagesrestore.sh are preferred to the two options below search the thread for packagesrestore.sh ) the longer between builds the more likely youll hit a bug with this feature...
# AUTORESTOREAPPLY=1                     #resinstallspackages on firstboot
# NOAUTORESTORE=1                           #disables application of diff from previous installed_packages.txt
###################################################################################
# NORCCUSTOM=1					#rc.local negates most options here
###################################################################################
# EXPERIMENTAL=1				#enables tweaks that are non-standard+may result in unexpected results
###################################################################################
# ENABLEDSERVICES="banip adblock sqm"            #enable and start
########################/bin/updatecheck.sh (luci>bootstrap-only||profile.d)
# NOUPDATECHECK=1                            
# LUCIDEFAULTTHEME="bootstrap"
# LUCIQRCODES=1                                    #bootstraponly add external SSID PASSWORDS to /etc/luciqrcodes.txt
# LUCISSHON=1
# NOLUCIMODS=1
# NOBANNERMOD=1
# NOOPKGSNAPSHOTFIX=1				         #~ core|base|luci># in distfeeds.conf as customfeeds.conf replaces... only useful on same day releases
# NOHOTPLUGNTPLOG=1				             #do not log ntp stratum to syslog
###################################################################################
# RPIUARTALT=1
# RPICASEGPIO=1
################################################################################### NOTE: PERF TWEAKS ARE EXPERIMENTAL 1.1.50-13+ 1.2.11-39+
# POWERPROFILE="quicker"                     # default quick quicker quickest reduced
# IRQMANAGEMENT="irqbalance"                 # irqbalance none
###################################################################################
# RCSHBASH=1
# RCSHDDIR="/usbstick"
###################################################################################
# COLORBASH="monominimal"
# COLORBASH="mono"
# COLORBASH="gandalf"
#######################
# COLORASH="ocean"
# COLORASH="unix"
################################################################################### NOTE ALL OPTIONS BELOW ARE EXPERIMENTAL AND LIKELY IMPERFECT 1.1.50-13+ 1.2.11-39+
# FWCUSTOM=1
# i.e. FWCUSTOMGEO="TR,IL,EG,BE,KY,ZM,SN,SO,NG,LR,KZ,KG"
### NOTE rfc1918 needs logic for ppp please post in the thread before enabling this
# FWCUSTOMRFC1918=1
# FWCUSTOMRFC1918LOG=1
#################### the two below require you to have a functioning cake-sqm
# SQMDSCPMARKS=1
# DSCPCONSOLEMACS="aa:bb:cc 11:22:33" #optional you probably dont need it
###################################################################################
# SQMUPDEFAULT=17000
# SQMDOWNDEFAULT=45000
##################################################################################
######################### attempt to enable non-vanilla + disabled wifi at boottime for this duration
# WIFIADMINBOOT=1
# WIFIADMINBOOTTIME=300
#########################
# WIFIDEFAULTFORCE=1                        # if config is non-vanilla or force these values WIFIAUTOSETUP is off
# WIFIAUTOSETUP=1                           # setup ac ap default off
# WIFIDEFAULTENABLED=1                      # enable this ap
########################
# WIFIDEFAULTSSID="ap101"
# WIFIDEFAULTPWD="somerandomlongpassword" #!!!must be 9 characters
# WIFIDEFAULTCHANNEL="auto" #36
# WIFIDEFAULTMODE="ap"
# WIFIDEFAULTHWMODE="11a"
# WIFIDEFAULTCOUNTRY="AU"
################################################################################### OPTIONS for USB backup PARTITION ( note: keep a space partition only for this purpose and not a common partition used for other things )
bmnt="/mnt/snapback"                            # where to mount the 'usb' partition
blabel="wrtboot"                                 #use one of either blabel or bpart
#bpart="a3a32eba-96b3-4d3a-9f73-cdb165476117"             #uuid or /dev/sdX

(note: 1.15.17-45+ you can edit in banip>advanced>wrt.ini)


/etc/packagesremove.txt ( in your sysupgrade.conf )

  • Package names to be auto uninstalled

/etc/packagesinstall.txt ( in your sysupgrade.conf )

  • Package names to be auto installed ( 2.3.11-29+ )

HOW SHOULD I UPGRADE?

  • add any extra services you enable to ENABLEDSERVICES="service1 service2" in wrt.ini
  • add any special data files and folders to /etc/sysupgrade.conf
  • use the command line: 'rpi-sysup-online.sh -R current' or if flashing from LUCI you also have to enable AUTORESTOREAPPLY=1 in wrt.ini ( if you do not wish to re-install packages... the remove the '-R' or disable AUTORESTOREAPPLY=1 )
always make separate manual backups: you can use 'sysupgrade-clean-backup.sh' to dump 'clean' post-install restorable tar.gz
if you do not wish to use rpi-sysup-online.sh... regular 'sysupgrade -R /tmp/sysupgrade.img.gz' is also fine ( -k is automatic ) and the autorestore.sh script is still generated without -R ... just not applied

UTILITY SCRIPTS (beta):

sqmadjust.sh

  • sample net speeds and optionally update sqm rates

rollback.sh

  • remote configuration / reboot timer... on expiry all config/* is reverted ( NOTE: no service restarts happen so you must use a reboot-on-expire with a sane timeout if you really don't want to be locked out )

opK

  • 'opK' command... wrapper for opkg... that primarily generates diffs (needs a rewrite / clean)

sqm-dscp-logic: hisham2630 (and others)


ntop

  • /etc/init.d/ntop.... be aware 150M+ for the chroot... insecured(local) out of the box... ( sets up a default password of admin, runs under root user, runs on all 3000 sockets - fw blocks wan )...

  • running as a 'once-off'... don't recommend you run it for 'days' without hardening / disk tweaks. script can be easily adapted to run most things from the alpine universe.


PINOUT


source: community.octoprint.org

For my builds I add:

  • Acme
  • DDNS
  • Collectd
  • nlbwmon
  • USB drivers for storage and network adapters (RTL-8152/3)
  • 6in4 support
  • Wireguard
  • FAT32, NTFS, and Ext4 support
  • Luci (including any relevant luci apps for above packages)
  • banip
  • irqbalance
  • SQM
  • nano
2 Likes

mwan3
vpn-policy-routing
openvpn
wireguard
banip
bind-dig
bind-host
e2fsprogs
fdisk
ip-full
iptraf-ng
irqbalance
nmap
tcpdump
sqm
watchcat
+3G/LTE modules and luci protocols
+USBtoETH modules

2 Likes

Here is a list of my packages that I think can be considered as general:

opkg install usbutils curl mc wget
opkg install kmod-usb-net-rtl8152
opkg install kmod-hwmon-rpi-poe-fan
opkg install luci-ssl-nginx
opkg install kmod-wireguard luci-app-wireguard luci-proto-wireguard wireguard wireguard-tools qrencode
opkg install luci-app-adblock
opkg install luci-app-statistics collectd-mod-thermal
opkg install block-mount kmod-fs-ext4 kmod-usb-storage e2fsprogs kmod-usb-ohci kmod-usb-uhci fdisk
opkg install openssh-sftp-server

Also I would suggest an 16GB SD card image, whoever has larger SD's can define an add'l partition.

1 Like

my current sloppy list

samples
wget
curl
kmod-leds-gpio ###+++
kmod-ledtrig-transient
dtc
kmod-usb-serial-ftdi
iptables-mod-geoip
xz
atftpd
collectd-mod-thermal
collectd-mod-irq
collectd-mod-conntrack
conntrack
file
blkid
-wpad-basic
wpad-openssl
zoneinfo-australia-nz
kmod-usb-net-rtl8152                            #UE300 usb3 gigabit nic
kmod-usb-net-pegasus                            #usb2 100M ethernet
-dnsmasq
dnsmasq-full
block-mount
ipset
at
bash
lsof
htop
diffutils
vim-fuller
unzip
unrar
rsync
nmap
strace
tcpdump
usbutils
pciutils            #lspci
openssl-util
inotifywatch
luci
luci-app-commands
luci-app-uhttpd
luci-app-sqm
luci-app-travelmate
luci-app-adblock
adblock
banip
luci-app-banip
sqm-scripts
sqm-scripts-extra
luci-app-sqm
nlbwmon
luci-app-nlbwmon
wireguard
kmod-wireguard
luci-app-wireguard
openvpn-openssl
kmod-tun
luci-app-openvpn
openvpn-easy-rsa
vpn-policy-routing
luci-app-vpn-policy-routing
kmod-veth
iperf3
iptraf-ng
block-mount
fdisk
losetup
ntfs-3g                   #dont really use these but good for a commonimg
ntfs-3g-utils
irqbalance
minicom
openssh-client #for cisco access
-ip-tiny
ip-full
file
atftpd
collectd-mod-thermal
collectd-mod-irq
collectd-mod-conntrack
conntrack
kmod-leds-gpio
kmod-ledtrig-default-on
kmod-ledtrig-gpio
kmod-ledtrig-heartbeat
kmod-ledtrig-netdev
kmod-ledtrig-oneshot
kmod-ledtrig-timer
kmod-ledtrig-transient
luci-app-statistics
collectd-mod-network
collectd-mod-exec
collectd-mod-sqm

I guess things like 'nlbwmon' can be disabled out of the box... should the make it to the final list...

what package names for these?

6in4, acme, ddns-scripts. I also add acme-dnsapi and ddns-scripts_cloudflare.com-v4.

1 Like

wwan
usbutils
usb-modeswitch
uqmi
luci-proto-qmi
luci-proto-ncm
kmod-usb-net-cdc-ether
kmod-usb-net-cdc-mbim
kmod-usb-net-cdc-ncm
kmod-usb-net-huawei-cdc-ncm
kmod-usb-net-qmi-wwan

also not to forget
screen
snmpd

1 Like
kmod-macvlan
kmod-tun
1 Like

can i use this to update my pi4 snapshot?
i have SQM, DNS over HTTPS and some other packages to monitor thermal and usage and network monitor
OpenWrt SNAPSHOT r13903-f206461153 / LuCI Master git-20.139.68368-4a378e6

is it ext4 or squashfs? are the packages you need for DNS over HTTPS included in the build already?

these are the commands i used

opkg install dnsmasq https-dns-proxy
opkg install luci-app-https-dns-proxy
opkg remove qos-scripts luci-app-qos
opkg update && opkg install luci-app-sqm

and these packages from luci
luci-app-statistics
collectd
collectd-mod-thermal
collectd-mod-sensors

hold off for a day... currently ironing out a bug

the build currently does not have

https-dns-proxy
luci-app-https-dns-proxy

the other apps you mention are included...

1 Like

ok sure thank you for building these images :slightly_smiling_face:

added to the build: 1.1.17+ [disabled]... thanks for the addition! :lab_coat:

Big fan of this community build.. however, I spent hours today wrestling with setting up Pi 4 WiFi in access point mode & just couldn’t get it to work. As soon as I loaded the regular OpenWrt vanilla/standard snapshot I was able to get ap mode working. So I’m not sure if there’s something in the community version that’s causing an issue or it’s just me.. & FYI also about the only way I could get Pi 4 WiFi working at all is to use legacy modes - if anyone has successfully got AC mode working I’d really appreciate someone sharing their config. My objective is to create a Pi 4 travel router with wireguard vpn enabled to different wireguard servers on different ssids. Thanks & please keep up the good work on this build.

2 Likes

This is the main glaringly obvious wifi alteration... so you could try remove wpad-openssl and put back plain wpad.... edit: did some more testing and ap/ac works with sane settings...(doubt it's anything build specific) not sure how you managed to use stock-os fine and not this one... thanks for testing it out... unintended conflicts like these are expected with things like this... very useful information :lab_coat:

can you please tell how to install and update my current build? and how to save my configs files?

i've updated the section in the top post labelled 'sample install commands' (click the little triangle)

1 Like