Essentially, there are 3 levels of ‘source’ for the Valibox:
- The base router image software (OpenWRT): The Valibox uses a standard OpenWRT as the base; there are no source modifications in OpenWRT itself, but we do provide default .config files and device configuration files for the Valibox.
- The custom OpenWRT packages for the Valibox (with valibox-specific patches)
- The actual software for those packages (e.g. unbound, etc.)
The Valibox is really just OpenWRT with a few custom packages installed, so essentially there are a few separate components:
Create from scratch
We have created a builder helper script, which can be found at GitHub.
Alternatively, you can build the system manually;
We have based our release on LEDE 17.01, commit afca23558a2fbfb2cb044ec69bfb9a7447121927.
Copy the feeds.conf.default file to feeds.conf in the base directory
cp feeds.conf.default feeds.conf
Add a feeds list for the SIDN packages.
echo "src-git sidn https://github.com/SIDN/sidn_openwrt_pkgs" >> feeds.conf
(or download this source tree and use src-link source-directory)
Update the package feeds
./scripts/feeds update ./scripts/feeds install -a
Configure your environment
For starters, pick the chipset and profile for your relevant device (for instance, for the GL-Inet AR-150, this is target system ‘Atheros AR7xxx/AR9xxx’ and profile ‘GL AR150’).
For a full valibox system, there are a few packages to select under SIDN; autonta, spin, and all packages in SIDN/unbound (our custom unbound version). To allow for updates, also enable base packages->ca-bundle.
To get the default valibox configurations, you will also need to copy the files directory tree from our builder repository; find the device of your choice in devices/, and copy the files/ directory to your lede-source checkout.
cp -r /path/to/valibox-spin-builder/devices/your_device/files ./
If you have a different device than the ones present there, you may need to make some adjustments.
Then just run make and go and have a coffee or two
In this example, the final image will be places in bin/ar71xx/, the name depends on your profile and device, but you should be looking for the squashfs version, like:
You can install this image with the LuCI interface or over ssh with sysupdate on the device.
Note: when selecting a target system that has very small devices (<4m of total storage), compilation might fail, and these specific devices need to be disabled from the profile list.
Using the ImageGenerator
We need to see if this is possible, might need to wait until we release pre-built packages.
Custom OpenWRT packages
The custom packages, as already used in the steps above, can be found at http://github.com/SIDN/sidn_openwrt_pkgs
Some of these packages are unique (sidn-extra-files, autonta), but a number of them are clones of existing packages, with a few additional patches for the valibox.
These sources can be updated and modified similar to any OpenWRT package feed; you can use them during build by changing the feeds.conf in the openwrt build process to your local package feed.
At this time, we do not have a separate compiled-package release system yet.
Information on and source code for Unbound can be found https://unbound.net.
AutoNTA is a tool developed for the Valibox; it is a small web application based on web.py that can set negative trust anchors for unbound.
This is a set of extra files to set up the Valibox; it contains additional configuration and some local scripts.
This is a prototype of the SPIN system, see our tech report at https://www.sidnlabs.nl/downloads/papers-reports/SIDN-TR-2017-002.pdf