lordwelch/router7
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
394 Commits 3 Branches 23 Tags
master
Commit Graph

394 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Timmy Welch
0784da4bb9 Update dns for ipv6 addresses 2025-12-27 18:13:52 -08:00
Timmy Welch
15e2ab97d6 Merge remote-tracking branch 'github/master' 2025-12-27 16:45:54 -08:00
Michael Stapelberg
acdc5313ee netconfig: create bridge with future MAC address to avoid temporary 
On one of my router7 installations, I’m using a bridge for uplink0
(so that I can use the built-in SFP interface, or fall back
to an external media converter in case of trouble without reconfig).

On that installation, I have observed the following bug:

  1. System boots, netconfig creates uplink0.
  2. The Linux kernel assigns a MAC address (e.g. ce:fa:ba:3c:66:84).
  3. Netconfig cannot add the interfaces to the bridge yet,
     presumably because they are not created yet.
  4. The dhcp4 program starts and reads the MAC address.
  5. Netconfig adds the interfaces to the bridge, the MAC changes.
  6. dhcp4 still has the old (incorrect) MAC address.
  7. dhcp4 never obtains a lease, the router never becomes healthy,
     you’re stuck in this state.

This will be prevented by not letting the kernel assign a MAC address,
but instead determining the future MAC address (in our case:
we just use the first configured MAC address) and creating the bridge
interface correctly configured to begin with, thereby eliminating
the race condition entirely.
 2025-12-14 08:19:36 +01:00
dependabot[bot]
16933dd2ca build(deps): bump github.com/eclipse/paho.mqtt.golang (#94) 
Bumps [github.com/eclipse/paho.mqtt.golang](https://github.com/eclipse/paho.mqtt.golang) from 1.4.1 to 1.5.1.
- [Release notes](https://github.com/eclipse/paho.mqtt.golang/releases)
- [Commits](https://github.com/eclipse/paho.mqtt.golang/compare/v1.4.1...v1.5.1)

---
updated-dependencies:
- dependency-name: github.com/eclipse/paho.mqtt.golang
  dependency-version: 1.5.1
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-03 08:29:53 +01:00
dependabot[bot]
5603d88134 build(deps): bump golang.org/x/crypto from 0.36.0 to 0.45.0 (#93) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.36.0 to 0.45.0.
- [Commits](https://github.com/golang/crypto/compare/v0.36.0...v0.45.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.45.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-20 07:37:23 +01:00
Michael Stapelberg
2189376204 dhcp: clone hardware addresses throughout 
I still noticed DHCP requests with incorrect MAC source addresses.
Turns out there were still a number of incorrect HardwareAddr usages.
 2025-10-16 11:23:58 +02:00
Michael Stapelberg
e2d4de4768 diagd: log error message when reporting unhealthy 
I noticed that there seem to be transient periods of unhealthiness,
so let’s figure out which particular check is failing.
 2025-09-14 11:48:36 +02:00
Michael Stapelberg
128a7e98ef diagd: export healthiness as prometheus metric (for monitoring) 2025-09-11 08:21:10 +02:00
Michael Stapelberg
0b9afc9273 dhcp4: clone HardwareAddr bytes defensively 
I suspect that Go’s net package reuses its buffers and these bytes don’t remain
valid forever (perhaps only if the network interfaces of the machine change?).

At least that would explain why my DHCP client sent requests with a wrong address.
 2025-08-15 08:29:33 +02:00
Michael Stapelberg
35fcfc15c8 GitHub Actions: run tests in nix-shell, not Docker 
For some reason, the MAC address reported by dnsmasq in Docker on GitHub Actions
no longer matches the address expected by the test. With Nix, it works.
 2025-07-20 22:57:13 +02:00
Michael Stapelberg
2e5277d689 internal/dns: retry over TCP upon truncated response 
This fixes resolving login.tailscale.com as of the time of writing,
the first DNS name for which I noticed an error in 7 years of router7.
 2025-07-20 18:31:45 +02:00
dependabot[bot]
52826d6011 build(deps): bump golang.org/x/net from 0.37.0 to 0.38.0 (#92) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.37.0 to 0.38.0.
- [Commits](https://github.com/golang/net/compare/v0.37.0...v0.38.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-version: 0.38.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-17 16:27:12 +02:00
Michael Stapelberg
6e73981e36 add push script to publish self-hosted website (from docs/) 2025-03-20 08:48:57 +01:00
Michael Stapelberg
58fa19ba32 go.{mod,sum}: pull in latest x/ packages 2025-03-13 08:42:32 +01:00
Michael Stapelberg
ea317e0e7a go.{mod,sum}: pull in latest gokrazy/rsync 2025-03-13 08:42:10 +01:00
Michael Stapelberg
e9cfa01d4a dyndns: fix updating the root record of a zone 
(Required for self-hosting gokrazy.org.)
 2025-03-07 17:47:26 +01:00
dependabot[bot]
9f55a9f5dc build(deps): bump golang.org/x/net from 0.23.0 to 0.33.0 (#89) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.23.0 to 0.33.0.
- [Commits](https://github.com/golang/net/compare/v0.23.0...v0.33.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-24 06:54:42 +01:00
Michael Stapelberg
4ca26a5a32 GitHub Actions: update action versions 2025-02-24 06:50:25 +01:00
Michael Stapelberg
3fbc5260b3 Dockerfile: dnsutils is now bind9-dnsutils (for dig) 2025-02-24 06:47:27 +01:00
Michael Stapelberg
20840d4904 fix example: func Example() must be niladic 2025-02-24 06:42:48 +01:00
Michael Stapelberg
07b85b9624 backupd: serve /perm via rsync, too 
This allows for more efficient incremental backup.
 2025-02-23 22:28:01 +01:00
Michael Stapelberg
fe43422499 go.mod: bump language version to 1.24 2025-02-23 22:27:37 +01:00
Timmy Welch
fdc36b64ef Merge remote-tracking branch 'github/master' 2025-01-31 21:55:15 -08:00
Michael Stapelberg
13e1c1bbb4 netconfig: move /tmp/resolv.conf symlink out of the way 
Commit 0f75b1cbef was incomplete.
 2025-01-27 08:26:03 +01:00
Michael Stapelberg
0f75b1cbef netconfigd: write /tmp/resolv.conf only once, do not clobber 
This fixes tailscale name resolution breaking again and again.
 2025-01-26 10:16:38 +01:00
Michael Stapelberg
07325dde93 netconfigd: do not hardcode 10.0.0.0/24 netmask for hairpinning 
related to https://github.com/rtr7/router7/issues/53
 2025-01-12 10:29:42 +01:00
Timmy Welch
fc2e21cfd6 Fix nft run 2024-12-24 11:09:11 -08:00
Michael Stapelberg
af27264a03 dhcp4: drop expired lease on server error (faster time to recovery) 
netconfigd still keeps the address configured for as long as possible,
but dhcp4 now more quickly returns to a from-scratch DHCP exchange.
 2024-12-21 16:07:56 +01:00
dependabot[bot]
ed7523c311 build(deps): bump golang.org/x/crypto from 0.21.0 to 0.31.0 (#88) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.21.0 to 0.31.0.
- [Commits](https://github.com/golang/crypto/compare/v0.21.0...v0.31.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-12-12 08:24:06 +01:00
Michael Stapelberg
fe0c57fc09 dhcp4: fix drop-lease-and-restart logic 
The code should immediately attempt obtaining a lease from scratch instead of
remaining stuck in the wait-until-renew loop.
 2024-09-27 17:11:50 +02:00
Timmy Welch
971b8f2521 Use nextdns 2024-08-17 11:21:07 -07:00
Timmy Welch
ab82f05a21 Merge remote-tracking branch 'github/master' 2024-05-25 19:00:45 -07:00
Michael Stapelberg
f835cdf1d6 netconfig: do not re-create nftables ruleset from scratch 
The current behavior stomps on the rules that programs like
podman or tailscale set up for port forwarding.

With this change, we split port forwardings into a separate chain,
which allows us to create the ruleset once at startup and then only
update the port forwardings specifically (the only dynamic part
of router7’s nftables ruleset).
 2024-05-09 10:06:23 +02:00
Michael Stapelberg
ac71701d8c update go.{mod,sum} 2024-05-09 09:55:27 +02:00
dependabot[bot]
07f1eb855e build(deps): bump golang.org/x/net from 0.17.0 to 0.23.0 (#86) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.17.0 to 0.23.0.
- [Commits](https://github.com/golang/net/compare/v0.17.0...v0.23.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-19 19:16:42 +02:00
dependabot[bot]
8a9aa00289 build(deps): bump google.golang.org/protobuf from 1.28.1 to 1.33.0 (#85) 
Bumps google.golang.org/protobuf from 1.28.1 to 1.33.0.

---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-14 08:54:37 +01:00
Timmy Welch
bf58d46748 Merge remote-tracking branch 'github/master' 2024-01-20 11:49:11 -08:00
Timmy Welch
ab5bce1356 updates 2024-01-20 11:41:04 -08:00
dependabot[bot]
95fc74327d build(deps): bump golang.org/x/crypto from 0.14.0 to 0.17.0 (#82) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.14.0 to 0.17.0.
- [Commits](https://github.com/golang/crypto/compare/v0.14.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-19 08:52:41 +01:00
dependabot[bot]
c3e79d839f build(deps): bump golang.org/x/net from 0.7.0 to 0.17.0 (#80) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.7.0 to 0.17.0.
- [Commits](https://github.com/golang/net/compare/v0.7.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-12 08:11:39 +02:00
Timmy Welch
996061b126 Merge remote-tracking branch 'github/master' 2023-09-23 17:56:39 -07:00
Michael Stapelberg
05a7b11ba6 diagd: allow disabling ipv6 connectivity check in health.json 
This makes rtr7-safe-update work in environments without IPv6.
 2023-08-12 16:14:13 +02:00
Michael Stapelberg
681ccd815c go.mod: bump to go1.20 2023-03-12 09:06:35 +01:00
Michael Stapelberg
0b55d8980c pull in latest mdlayher/packet to fix tests 2023-03-12 09:06:23 +01:00
Michael Stapelberg
b2db10d68b dhcp4d: allow handing out static leases outside of the pool 2023-03-12 09:06:02 +01:00
dependabot[bot]
fd975db6a5 build(deps): bump golang.org/x/net (#78) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.0.0-20220826154423-83b083e8dc8b to 0.7.0.
- [Release notes](https://github.com/golang/net/releases)
- [Commits](https://github.com/golang/net/commits/v0.7.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-25 18:48:55 +01:00
Michael Stapelberg
92f746b23a website: update docs for gokrazy instance config 2023-01-15 13:58:20 +01:00
Michael Stapelberg
7bc59a8b27 Makefile: update rtr7-recover invocation 
based on what I last used successfully
 2023-01-13 00:04:24 +01:00
Michael Stapelberg
7cda93aeb3 Makefile: qemu: document chown 2023-01-11 17:56:00 +01:00
Michael Stapelberg
c84c18cebf Makefile: qemu: mkdir -p 2023-01-11 17:55:50 +01:00