make door_daemon run again on openwrt based torwaechter #67
Conversation
rsync, lsblk
there is a tmpfs mounted on that later on
intentionally kept them in history, maybe usefull for someone in the future
gebi
force-pushed
the
make_door_daemon_great_again
branch
from
0a5979e
to
e685d22
Compare
gebi
changed the title
|
i also patched door_door daemon to enable the security separation between different users, so users tuerctl is now able to speak to door_daemon over unix socket (all users of group tuerctl should be allowed too) tuerctl@torwaechter:/$ /usr/local/bin/door_client
the latest commit of this PR is now running without local modifications on torwaechter :)! |
|
note: I'm not so sure about porting /etc/default/door to uci config system as it would bind the complete stack rather strict to openwrt, and the config file /etc/default/door (symlinked to tuer) is used by nearly all scripts that integrated with door_daemon. |
|
@gebi I'm afraid you missunderstood the openwrt_mixin config. You don't need to create directories because the role will take care of the creation of all directories needed for a file. At the moment the creation of empty directories is not possible. I added a hacky fix for this issue but since this is a valid use-case we should add support for this in the openwrt/image role. I still don't know why the openwrt_mount does not work. Actually i don't know why this has worked in the first place. Normally under OpenWRT you need the block-mount package and configure mounts in /etc/config/fstab using UCI. Probably earlier versions of OpenWRT also supported /etc/fstab and now this feature is gone... |
|
@nbraud what are you thoughs on the OpenWRT mounts issue? I never used it. Did this work before? |
Actually I disagree. The current /etc/default/door thing would also be usesless on installations using systemd. On OpenWRT every configuration is done via UCI and it would make things way easier once we have support to change the OpenWRT configuration using ansible directly - aka no need to always rebuild the whole image if we just want to change one little thing... |
|
@gebi i just pushed a better fix for the empty directory issue. |
|
yes, having the configuration done via UCI would be nice in the future, but i'm not sure when i have the time for that migration. thx for the directory fix, i'll try it on the next ocasion. |
|
@btittelbach did you already test your changes such that torwaechter runs the current ansible changes from this branch and only that? |
|
I checked all files and afaict current torwächter has been running with HEAD of the make_door_daemon_great_again branch for over a year now. The only difference being, that ruru and ddd also have tuer-git access. This change is not yet in make_door_daemon_great_again but it seems it already was in master, so everything should be fine after merge. |
|
oha... did "not changing anything" or "reverting a chagne" or the "removal of users from the yaml file, by reverting a change" confuse the vault script? |
|
@equinox0815 @nbraud can this branch be merged? torwaechter is running with HEAD of this branch since 1.5 years. |
gebi
force-pushed
the
make_door_daemon_great_again
branch
from
a3d5e25
to
059b837
Compare
debugged door_daemon on torwaechter together with @PeterTheOne and got a first version of door_daemon running, started through an init script that's able to run on torwaechter.
init script is available, properly running as tuerd (as thought?)
We've put all files into https://github.com/realraum/door_and_sensors/tree/make_door_daemon_great_again as they where initially there.
A few Questions:
Outcome:
door_locked: True in status.json is set when door is closed :)