Thanks to a couple people here, I was able to create an image for my device using Image Builder. It was awesome to learn and I'm still learning, but now I have another question....
I have a Netgear WAX220 access point and I flashed the stock OpenWRT image to it. It's running great, love the device. Now I want to build an image in Image Builder since I want to remove specific packages like odhcpd and dnsmasq (don't need them since it's an AP). I was able to make an image using some of the options below:
I would like to use the FILES option in the build and have it set to my network subnet, along with the SSID's and passwords. I read the article here about using the FILES option and created a file/etc/config folder in the build directory and I have a network and wireless file inside.
My question is if I have multiple files I want to use in the image, do I just reference the files/etc/config folder or do I need to reference the path for both files?
IE; FILES="files/etc/config/"
or FILES="files/etc/config/network files/etc/config/wireless"
JFTR, the "correct" way to preconfigure images, especially the network configuration, is by using UCI-defaults scripts that modify the configuration at first boot.
Hi @takimata, I did read that but not sure I understand it very well. I am just getting into building images and this is my time doing something like this. If you are able to guide me to build images the correct way, I am more than willing to learn.
I will say that I did run an image using what I posted earlier but got a different output than when I built an image for my unifi6plus device. Granted I wasn't trying to set the device to my subnet (as I dint know how to t that point), so the output looked correct.
The point is, while you can include fully formed configuration files in an image, there's a non-zero chance that a configuration file that worked with one version of OpenWrt or one device will not work with another. Worst case this will render the device inaccessible, and then you have no recourse because the device is forced to use the wrong configuration you baked in.
That's why it is usually safer, at least for essential configuration like network, to use the UCI-defaults facility. Those are small scripts that, at the very first boot after a fresh install, apply select configuration changes to the defaults. This way you can pre-configure your image, but only change the select spots where you want the changes, and without making them permanent, so you can still start up with the stock defaults in failsafe mode.
Understood. However I guess the issue for me is the syntax that should be used since I have the AP configured with 3 different VLANs. Just for reference, this is how I have one WAX220 AP configured:
Network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fda6:8ab6:c8ff::/48'
option packet_steering '1'
config device
option name 'br-lan'
option type 'bridge'
list ports 'eth0'
config bridge-vlan
option device 'br-lan'
option vlan '1'
list ports 'eth0:u*'
config bridge-vlan
option device 'br-lan'
option vlan '20'
list ports 'eth0:t'
config bridge-vlan
option device 'br-lan'
option vlan '21'
list ports 'eth0:t'
config interface 'lan'
option device 'br-lan.1'
option proto 'static'
option ipaddr '192.168.10.12'
option netmask '255.255.255.0'
option ip6assign '60'
option gateway '192.168.10.1'
list dns '192.168.10.1'
config interface 'vlan20'
option device 'br-lan.20'
option proto 'none'
option type 'bridge'
config interface 'vlan21'
option device 'br-lan.21'
option proto 'none'
option type 'bridge'
config device
option name 'br-lan.1'
option type '8021q'
option ifname 'br-lan'
option vid '1'
option ipv6 '0'
config device
option name 'br-lan.20'
option type '8021q'
option ifname 'br-lan'
option vid '20'
option ipv6 '0'
config device
option name 'br-lan.21'
option type '8021q'
option ifname 'br-lan'
option vid '21'
option ipv6 '0'
The AP is on the LAN, which is where it's managed. Then I have the other VLANs for Wifi and guest access. The example in the article you linked shows how to set the IP for the LAN and set the SSID. However how do I add the other VLANs using that syntax? Can I configure the passwords for those other VLANs using that defaults method?
Again these are things I am not sure how to do, which is why I am on here to seek the correct way to do it. I'd like to have the AP configured as much as possible after I flash. However if there is only so much I can do, then I want to make sure I understand it so I can do the same for other devices I have.
Hi, if you connect to your router and execute uci show network you will see the syntax used to create the config. Compare it to the examples (with uci add) and test it in a new file in /etc/config if you want to make sure it works.
So basically I can use the syntax shown in the command you provided in my uci-defaults script and the AP should have those settings after being flashed?
Yes, but test it first on your current router to make sure it creates a correct mirror of the network/wireless file.
You can create a script in /tmp/ that executes all network commands and puts the config in, let's say, /etc/config/testnetwork. Don't forget to use uci commit or uci commit testnetwork at the end to apply all changes.
Also, if I may, consider if any of this is actually worth the effort. While I wholeheartedly support a learning experience, realistically your AP may only ever be an AP and not actually need more space for any other packages, configuration files are reinserted into the device in a matter of seconds, and maybe you don't actually want to recreate your image every time you change the wifi configuration.
I completely understand your point. Part of the reason for me wanting learn this is due to having the AP configured using DynamicPSK based on the thread you created. Since OpenWRT uses the wpad-basic-mbedtls package, and your recommendation is to use the full package, I figured that building the image with the full package would be more efficient, especially when doing firmware upgrades since the full package would be removed when using the stock OpenWRT image. Also, as you pointed out, this will only ever be an AP. So removing the dnsmasq, firewall, and odhcpd packages would be great. That’s less that I would need to disable after flashing the device.
Now if there is a more efficient way to accomplish what I’m trying to do, then I am def open to it. If it means not having the wifi configured after flashing the image, that’s fine. I have backups of the config from other devices and can copy it over via SSH. Having the IP set to my subnet after the initial flash would be great tho so I don’t have to go thru having to set my computer to the default 1.1 subnet and change it from there.
Please let me know your thoughts and any recommendations you have that will help me accomplish my goal
