[WIP] - New release v0.5.0-rc.1 to master (#390)

    Yggdrasil IPTunnel now does not change config files
    Yggdrasil IPtunnel drop in service adjustment
    Yggdrsail IPTunnel supports IPv6 and routed IPv6
    Yggdrsail version bump
    Support for x86 and x64
    Profile selection menu format changed in Dialog
    Rewritten and simplified board detection
    IPFS Improvments #284
    CJDNS now module
    Prototype can run without CJDNS now
    Better docs
    Grafan database now can be removed when uninstalling
    Moved network config to interface.d model
    Removed Network Manager
    Added Modules.md
    Added confSet function and implemented confget/confset config files
    NodeJS now shared module
    NodeJS version bump
    MESH_NAME now a config
    Added ipv6 netcat option
    Localized Patch Foo in TOMESH repo to prevent version conflicts and outage
    Added support for PI4
    Added support for Buster
    Fixed ETH0 vs BR0 issue on espressoBIN
    Prometheus version bump
    Raspberry Pi Watch Dog Timer

Author: darkdrgn2k

README.md

@@ -4,7 +4,7 @@
 
 The following instructions will help you set up an encrypted mesh network on Raspberry Pi's. It takes about 15 minutes to set up a node with the Pi 3. Obviously, to have a mesh you will need more than one node. 
 
-Many board that run [Armbian](https://www.armbian.com/) such as many models of Orange Pi hardware are also supported. The same installation steps can be followed, except you would flash the SD card with Armbian instead of Raspbian. See [Hardware Table](#hardware-table) for the full list of supported hardware and check for board specific installation details in our [Frequently Asked Questions](./docs/FAQ.md).
+The software also supports Debian running on x86 and x64 boards, and many board that run [Armbian](https://www.armbian.com/) (such as many models of Orange Pi hardware family). The same installation steps can be followed, except you would flash the SD card with Armbian instead of Raspbian or have Debian installed onto the computer. See [Hardware Table](#hardware-table) for the full list of supported hardware and check for board specific installation details in our [Frequently Asked Questions](./docs/FAQ.md). 
 
 ## Set Up
 
@@ -16,7 +16,7 @@ Many board that run [Armbian](https://www.armbian.com/) such as many models of O
       * For [802.11s Mesh Point](https://github.com/o11s/open80211s/wiki/HOWTO) wireless links (recommended), device such as the [TP-LINK TL-WN722N v1](http://www.tp-link.com/en/products/details/TL-WN722N.html), [Toplinkst TOP-GS07](https://github.com/tomeshnet/documents/blob/master/technical/20170208_mesh-point-with-topgs07-rt5572.md) or [another supported device](https://github.com/phillymesh/802.11s-adapters/blob/master/README.md).
       * For [ad-hoc](https://en.wikipedia.org/wiki/Wireless_ad_hoc_network) wireless links (experimental), any device that supports linux and ad-hoc.
 
-1. Flash the SD card with [Raspbian Stretch Lite](https://www.raspberrypi.org/downloads/raspbian/).
+1. Flash the SD card with [Raspbian Buster Lite](https://www.raspberrypi.org/downloads/raspbian/).
 
 1. Create an empty file named **ssh** to enable SSH when the Pi boots:
 
@@ -44,6 +44,8 @@ Many board that run [Armbian](https://www.armbian.com/) such as many models of O
 
 During the installation, you may be able to pick a profile, or choose between many modules. To learn what each module is for, look at [MODULES.md](./docs/MODULES.md). This is important for the installation.
 
+There is also the [contrib](./contrib/) folder for software that has been contributed to the project, but which might not actually be maintained by the core developers.
+
 ## Check Status
 
 1. Give the Pi about 15 seconds to reboot and SSH back into it. You should find the status of your mesh node automatically printed. You can also print this anytime by running `status`.
@@ -76,11 +78,13 @@ List of tested hardware:
 
 | Hardware                  | Base OS         | [CJDNS Benchmark](https://github.com/phillymesh/cjdns-optimizations) <sub>(salsa20/poly1305, switching)</sub> | iPerf3 | USB | Ethernet | Notes    |
 | :-------------------------|:----------------|:--------------------------------------------------------------------------------------------------------------|:-------|:----|:---------|:---------|
-| Raspberry Pi 3b+          | [Raspbian Lite](https://www.raspberrypi.org/downloads/raspbian/) | 405k, 119k | ~90 Mbps| 2       | 10/100/1000 | Eth only ~320mbps. Onboard wifi dual band |
-| Raspberry Pi 3b           | [Raspbian Lite](https://www.raspberrypi.org/downloads/raspbian/) | 350k, 100k | 89 Mbps | 2       | 10/100 | |
-| Raspberry Pi 2            | [Raspbian Lite](https://www.raspberrypi.org/downloads/raspbian/) | 145k,  55k | 39 Mbps | 2       | 10/100 | |
-| Raspberry Pi 1 A+         | [Raspbian Lite](https://www.raspberrypi.org/downloads/raspbian/) |  35k,   -  | ~9 Mbps | 1       | None   | |
-| Raspberry Pi 1 B+         | [Raspbian Lite](https://www.raspberrypi.org/downloads/raspbian/) |  51k,  22k | ~8 Mbps | 2       | 10/100 | |
+| Genericx x86              | Debian 9                                                         |            |         |         |   |  Performance depended on underlying hardware. |
+| Raspberry Pi 4B (2GB ram)           | [Raspbian Lite](https://www.raspberrypi.org/downloads/raspbian/) | 650k, 230k | ~160 Mbps| 4       | 10/100/1000 | Onboard wifi dual band |
+| Raspberry Pi 3b+          | [Raspbian Lite](https://www.raspberrypi.org/downloads/raspbian/) | 405k, 119k | ~90 Mbps| 4       | 10/100/1000 | Eth only ~320mbps. Onboard wifi dual band |
+| Raspberry Pi 3b           | [Raspbian Lite](https://www.raspberrypi.org/downloads/raspbian/) | 350k, 100k | 89 Mbps | 4       | 10/100 | |
+| Raspberry Pi 2b            | [Raspbian Lite](https://www.raspberrypi.org/downloads/raspbian/) | 145k,  55k | 39 Mbps | 4       | 10/100 | |
+| Raspberry Pi 1a+         | [Raspbian Lite](https://www.raspberrypi.org/downloads/raspbian/) |  35k,   -  | ~9 Mbps | 1       | None   | |
+| Raspberry Pi 1b+         | [Raspbian Lite](https://www.raspberrypi.org/downloads/raspbian/) |  51k,  22k | ~8 Mbps | 2       | 10/100 | |
 | Raspberry Pi Zero         | [Raspbian Lite](https://www.raspberrypi.org/downloads/raspbian/) |  68k,  30k | ~9 Mbps | 1*      | None   | *Need OTG Cable No FPV |
 | Orange Pi Lite            | [Armbian](https://dl.armbian.com/orangepilite/)                  | 160k,  74k | 67 Mbps | 2       | None   | |
 | Orange Pi One             | [Armbian](https://dl.armbian.com/orangepione/)                   | 160k,  74k | 67 Mbps | 1       | 10/100 | |
@@ -116,6 +120,8 @@ To add a new module, use **scripts/ipfs/** as an example to:
 
 * We keep a list of [Frequently Asked Questions](./docs/FAQ.md). Feel free to add to this list with the issues you experienced on your boards.
 
-* Your computer can be a node too! It will mesh with the Pi's over your router. See the [cjdns repository](https://github.com/cjdelisle/cjdns) on how to set this up.
+* We have a [Troubleshooting](./docs/TROUBLESHOOT.MD) doc with information to point you in the right direction of some common problems.
+
+* Your computer can be a node too! It will mesh with the Pi's over your router. See the [cjdns repository](https://github.com/cjdelisle/cjdns) on how to set this up. You can now also install this prototype stack on debian/ubuntu PC hardware. This includes a Virtual Machine.
 
 * Original plan for this repository and early benchmark results are available in [the doc folder](./docs).

contrib/GeoLocation/geo.php

@@ -0,0 +1,16 @@
+<?php
+// Place on a server as proxy for hideing the google API key
+$apiKey="<YOUR GOOGLE API KEY FOR GEO LOCATION";
+
+$json= file_get_contents('php://input');
+$json = str_replace(",}}","}}",$json);
+
+$url='https://www.googleapis.com/geolocation/v1/geolocate?key=' . $apiKey;
+
+$ch = curl_init($url);
+curl_setopt($ch, CURLOPT_POST, 1);
+curl_setopt($ch, CURLOPT_POSTFIELDS, $json);
+curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json'));
+$result = curl_exec($ch);
+echo $result;
+?>

contrib/GeoLocation/install.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+sudo apt-get install -y jq
+sudo cp "nodeinfo-geolocation" /opt/tomesh/nodeinfo.d/geolocation
+sudo chmod +x /opt/tomesh/nodeinfo.d/geolocation

contrib/GeoLocation/nodeinfo-geolocation

@@ -0,0 +1,23 @@
+#!/bin/bash
+
+echo "{ "wifiAccessPoints": {" > /tmp/locationScan
+iwlist  wlan0 scanning | grep Cell | grep Address | awk '{print "\"macAddress\": \""$5"\","}' >>/tmp/locationScan
+echo "}}" >> /tmp/locationScan
+
+curl -d @/tmp/locationScan -H "Content-Type: application/json" "http://node2.e-mesh.net/geo.php" -o /tmp/locationResult > /dev/null
+
+if [ -z "$(type jq)" ]; then
+   a=$(cat /tmp/locationResult |grep \"accuracy\" | awk '{print $2}')
+   lat=$(cat /tmp/locationResult |grep \"lat\" | awk '{print $2}')
+   lng=$(cat /tmp/locationResult |grep \"lng\" | awk '{print $2}')
+else
+  a=`jq -r ".accuracy" /tmp/locationResult 2>/dev/null`
+  lat=`jq -r ".location.lat" /tmp/locationResult 2>/dev/null`
+  lng=`jq -r ".location.lng" /tmp/locationResult 2>/dev/null`
+fi
+
+echo "\"geolocation\": {"
+echo "    \"latitude\": \"$lat\","
+echo "    \"longitude\": \"$lng\","
+echo "    \"accuracy\": \"$a\""
+echo "},"

contrib/board-espressobin/config.sh

@@ -0,0 +1,20 @@
+#!/bin/sh
+
+# Break bridge configured by default
+
+# Disable systemd management of network interfaces except to bring up eth0 with random MAC address
+sudo rm -rf /etc/systemd/network/*
+
+sudo tee /etc/systemd/network/10-eth0.network << END
+[Match]
+Name=eth0
+[Network]
+DHCP=ipv4
+END
+
+sudo tee /etc/systemd/network/10-eth0.link << END
+[Match]
+MACAddress=f0:ad:4e:03:64:7f
+[Link]
+MACAddressPolicy=random
+END

contrib/captive-portal/README.md

@@ -0,0 +1,22 @@
+# NoDogSplash captive portal
+
+Source: https://github.com/nodogsplash/nodogsplash
+
+Nodogsplash is a Captive Portal that offers a simple way to provide restricted access to the Internet by showing a splash page to the user before Internet access is granted.
+
+This script install and configured the Nodogsplash captive portal to run on `wlan-ap` interface of the prototype stack.
+
+## Installation
+
+```
+chmod +x install-nodogsplash.sh
+./install-nodogsplash.sh
+```
+
+## Issues
+
+Some people have objections using captive portal because it hijacks traffic and could potentially be a privacy violation. Additionally it prevents headless devices from accessing the internet.
+
+## Nice to have
+
+- [ ] Nice tomesh splash screen (/etc/nodogsplash/htdocs/splash.sh)

contrib/captive-portal/install-nodogsplash.sh

@@ -0,0 +1,18 @@
+#!/bin/bash
+
+sudo apt install -y libmicrohttpd-dev
+
+mkdir tmp
+cd tmp
+git clone https://github.com/nodogsplash/nodogsplash.git
+cd nodogsplash
+make
+sudo make install
+sudo cp debian/nodogsplash.service /etc/systemd/system
+cd ..
+cd ..
+rm -rf tmp
+
+cp nodogsplash.conf /etc/nodogsplash/nodogsplash.conf
+sudo systemctl enable nodogsplash
+sudo systemctl start nodogsplash

contrib/captive-portal/nodogsplash.conf

@@ -0,0 +1,21 @@
+GatewayInterface wlan-ap
+#login_option_enabled 1
+FirewallRuleSet authenticated-users {
+  FirewallRule allow all
+}
+FirewallRuleSet preauthenticated-users {
+#  FirewallRule allow tcp port 80 to 123.321.123.321
+}
+FirewallRuleSet users-to-router {
+    FirewallRule allow udp port 53
+    FirewallRule allow tcp port 53
+    FirewallRule allow udp port 67
+   FirewallRule allow tcp port 22
+#   FirewallRule allow tcp port 80
+#   FirewallRule allow tcp port 443
+}
+GatewayName ToMeshNode
+GatewayAddress 10.0.0.1   
+GatewayPort 2050
+MaxClients 250
+AuthIdleTimeout 480