Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
update the git ignore to suit new dev location
- Loading branch information
Showing
9 changed files
with
1,236 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,4 @@ | ||
/dev/ | ||
/_dev | ||
/.idea | ||
/nbproject | ||
*.pyc |
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
#!/bin/bash | ||
|
||
remote_host=${1} | ||
remote_user=root | ||
local_base_path=~/personal/projects/pfsense_fauxapi | ||
|
||
if [ -z ${remote_host} ]; then | ||
echo 'usage: '$0' <host-address>' | ||
exit 1 | ||
fi | ||
|
||
PORTNAME=pfSense-pkg-FauxAPI | ||
STAGEDIR=$remote_user@$remote_host:/ | ||
|
||
rsync -rv --delete ${local_base_path}/${PORTNAME}/ ${STAGEDIR}/usr/ports/sysutils/${PORTNAME} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,77 @@ | ||
|
||
https://forum.pfsense.org/index.php?topic=112807.0 | ||
|
||
https://gist.github.com/jdillard/3f44d06ba616fec60890488abfd7e5f5 | ||
|
||
|
||
# Making a package for pfSense 2.3 | ||
|
||
This a short set of notes from my experience making my first pfSense package. | ||
|
||
> This sort of thing is not my forte so there might be a better way to do certain parts and there certainly many different ways. | ||
|
||
## Setting up a FreeBSD (build) server | ||
|
||
### Download and Install FreeBSD | ||
|
||
https://www.freebsd.org/where.html | ||
|
||
I used the version of FreeBSD that matched the base version that I was developing for, as well as the architecture, and used the disc option. I'm sure you have leeway here. | ||
|
||
The name of the image name I used: `FreeBSD-10.3-RELEASE-amd64-disc1.iso` | ||
|
||
During installation, you can unselect the option to install the ports tree since it will be cloned from the pfSense repo later on. | ||
|
||
### Allow root login over SSH | ||
|
||
At the end of the install process choose the option to enter into shell and enable root access over ssh: | ||
|
||
`vi /etc/ssh/sshd_config` | ||
|
||
find `#PermitRootLogin no` | ||
|
||
and change to: `PermitRootLogin yes` | ||
|
||
### Clone the pfSense ports repo | ||
|
||
reboot, ssh in, and choose Option 8 to enter the shell. | ||
|
||
then `pkg install git` to install git | ||
|
||
then `cd /usr/` | ||
|
||
then `git clone https://github.com/pfsense/FreeBSD-ports.git` to clone the pfSense ports repo | ||
|
||
then `mv FreeBSD-ports ports` | ||
|
||
I just like to treat this as a build server and not commit to git directly from it. | ||
|
||
## Making your package | ||
|
||
For my use case I copied a previous package I had helped work on as it was similar to my new one. | ||
|
||
## Building your package | ||
|
||
run `make package` from inside the directory of the package you are making. | ||
|
||
If you need to clean things up before running it again for whatever reason, run `make clean`. | ||
|
||
Once that has completed successfully, there should be a .txz file in that directory that you can scp to the home directory of your pfSense instance. | ||
|
||
## Installing your package in pfSense | ||
|
||
ssh into our pfSense box and run `pkg install <the_name_of_your_built_package.txz>` | ||
|
||
## Checking for errors | ||
|
||
Before submitting your package you need to intall run portlint on your build server. | ||
|
||
run `pkg install portlint`. | ||
|
||
run `echo DEVELOPER=yes >> /etc/make.conf`. | ||
|
||
cd into your package directory. | ||
|
||
run `portlint -CN` and fix any errors. | ||
|
||
congrats! |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
;; FauxAPI credentials | ||
;; | ||
;; format:- | ||
;; | ||
;; [<PFFAapikey_value>] | ||
;; secret = <apisecret_value> | ||
;; owner = <free form text field to help self-manage who the key was issued to> | ||
;; permit = <comma seperated set of actions permitted by this apikey> | ||
;; | ||
;; | ||
;; NB1: <apikey_value> and <apisecret_value> must have alphanumeric chars ONLY! | ||
;; be sure to remove /+= chars possible from a naive base64encode call | ||
;; NB2: <apikey_value> MUST start with the prefix PFFA (ie. pfSense Faux API) | ||
;; NB3: <apikey_value> MUST be >= 12 chars AND <= 40 chars in total length | ||
;; NB4: <apisecret_value> MUST be >= 40 chars AND <= 128 chars in length | ||
;; NB5: <owner> provides no function other than display | ||
;; NB6: <permit> wildcard * character may be used to construct action matches | ||
;; | ||
;; Generate a valid <apikey_value> using the following command line example:- | ||
;; $ echo PFFA`head /dev/urandom | base64 -w0 | tr -d /+= | head -c 20` | ||
;; | ||
;; Generate a valid <apisecret_value> using the following command line example:- | ||
;; $ echo `head /dev/urandom | base64 -w0 | tr -d /+= | head -c 60` | ||
;; | ||
|
||
;; PFFAexample01 is hardcoded to be inoperative | ||
[PFFAexample01] | ||
secret = abcdefghijklmnopqrstuvwxyz0123456789abcd | ||
permit = alias_*, config_*, gateway_*, rule_*, send_*, system_*, function_* | ||
owner = example key PFFAexample01 - hardcoded to be inoperative | ||
|
||
;; PFFAexample02 is hardcoded to be inoperative | ||
[PFFAexample02] | ||
secret = ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789ABCD | ||
permit = * | ||
owner = example key PFFAexample02 - hardcoded to be inoperative | ||
|
||
[PFFAdevtrash] | ||
secret = devtrashdevtrashdevtrashdevtrashdevtrash | ||
permit = * | ||
owner = development only local user |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
#!/bin/bash | ||
|
||
remote_host=${1} | ||
remote_user=root | ||
|
||
if [ -z ${remote_host} ]; then | ||
echo 'usage: '$0' <host-address>' | ||
exit 1 | ||
fi | ||
|
||
PORTNAME=pfSense-pkg-FauxAPI | ||
PREFIX=usr/local | ||
DATADIR=${PREFIX}/share/${PORTNAME} | ||
|
||
ssh $remote_user@$remote_host "/usr/local/bin/php -f /etc/rc.packages ${PORTNAME} DEINSTALL" | ||
|
||
ssh $remote_user@$remote_host "rm -Rf /${DATADIR}" | ||
ssh $remote_user@$remote_host "rm -Rf /${PREFIX}/pkg/fauxapi.xml" | ||
ssh $remote_user@$remote_host "rm -Rf /etc/inc/priv/fauxapi.priv.inc" | ||
ssh $remote_user@$remote_host "rm -Rf /etc/fauxapi" | ||
ssh $remote_user@$remote_host "rm -Rf /etc/inc/fauxapi" | ||
ssh $remote_user@$remote_host "rm -Rf /cf/conf/fauxapi" | ||
ssh $remote_user@$remote_host "rm -Rf /${PREFIX}/www/fauxapi" | ||
|
||
ssh $remote_user@$remote_host "/usr/local/bin/php -f /etc/rc.packages ${PORTNAME} POST-DEINSTALL" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,72 @@ | ||
#!/bin/bash | ||
|
||
remote_host=${1} | ||
remote_user=root | ||
local_base_path=~/personal/projects/pfsense_fauxapi | ||
|
||
if [ -z ${remote_host} ]; then | ||
echo 'usage: '$0' <host-address>' | ||
exit 1 | ||
fi | ||
|
||
PORTNAME=pfSense-pkg-FauxAPI | ||
FILESDIR=${local_base_path}/${PORTNAME}/files/ | ||
PREFIX=usr/local | ||
DATADIR=${PREFIX}/share/${PORTNAME} | ||
STAGEDIR=$remote_user@$remote_host:/ | ||
|
||
ssh $remote_user@$remote_host " \ | ||
mkdir -p /${DATADIR}; \ | ||
mkdir -p /${PREFIX}/pkg; \ | ||
mkdir -p /etc/inc/priv; \ | ||
mkdir -p /etc/fauxapi; \ | ||
mkdir -p /etc/inc/fauxapi; \ | ||
mkdir -p /${PREFIX}/www/fauxapi/v1; \ | ||
mkdir -p /${PREFIX}/www/fauxapi/admin; \ | ||
" | ||
|
||
scp ${FILESDIR}${PREFIX}/pkg/fauxapi.xml \ | ||
${STAGEDIR}${PREFIX}/pkg | ||
|
||
scp ${FILESDIR}/etc/inc/priv/fauxapi.priv.inc \ | ||
${STAGEDIR}/etc/inc/priv | ||
|
||
# scp ${FILESDIR}/etc/fauxapi/credentials.ini \ | ||
# ${STAGEDIR}/etc/fauxapi | ||
scp ${local_base_path}/dev/credentials.ini \ | ||
${STAGEDIR}/etc/fauxapi | ||
|
||
scp ${FILESDIR}/etc/fauxapi/pfsense_function_calls.txt \ | ||
${STAGEDIR}/etc/fauxapi | ||
|
||
scp ${FILESDIR}${PREFIX}/www/fauxapi/v1/index.php \ | ||
${STAGEDIR}${PREFIX}/www/fauxapi/v1 | ||
|
||
scp ${FILESDIR}${PREFIX}/www/fauxapi/admin/about.php \ | ||
${STAGEDIR}${PREFIX}/www/fauxapi/admin | ||
|
||
scp ${FILESDIR}${PREFIX}/www/fauxapi/admin/credentials.php \ | ||
${STAGEDIR}${PREFIX}/www/fauxapi/admin | ||
|
||
scp ${FILESDIR}/etc/inc/fauxapi/fauxapi.inc \ | ||
${STAGEDIR}/etc/inc/fauxapi | ||
|
||
scp ${FILESDIR}/etc/inc/fauxapi/fauxapi_actions.inc \ | ||
${STAGEDIR}/etc/inc/fauxapi | ||
|
||
scp ${FILESDIR}/etc/inc/fauxapi/fauxapi_auth.inc \ | ||
${STAGEDIR}/etc/inc/fauxapi | ||
|
||
scp ${FILESDIR}/etc/inc/fauxapi/fauxapi_logger.inc \ | ||
${STAGEDIR}/etc/inc/fauxapi | ||
|
||
scp ${FILESDIR}/etc/inc/fauxapi/fauxapi_pfsense_interface.inc \ | ||
${STAGEDIR}/etc/inc/fauxapi | ||
|
||
scp ${FILESDIR}/etc/inc/fauxapi/fauxapi_utils.inc \ | ||
${STAGEDIR}/etc/inc/fauxapi | ||
|
||
scp ${FILESDIR}${DATADIR}/info.xml \ | ||
${STAGEDIR}${DATADIR} | ||
|
||
ssh $remote_user@$remote_host "/usr/local/bin/php -f /etc/rc.packages ${PORTNAME} POST-INSTALL" |
Oops, something went wrong.