Compare revisions

Martin Weinelt · bobcanthelpyou · Martin Weinelt · Martin Weinelt · lemoer · David Bauer
--- a/README.md
+++ b/README.md
@@ -21,7 +21,7 @@ the future development of Gluon.

 Please refrain from using the `master` branch for anything else but development purposes!
 Use the most recent release instead. You can list all releases by running `git tag`
-and switch to one by running `git checkout v2019.1 && make update`.
+and switch to one by running `git checkout v2019.1.3 && make update`.

 If you're using the autoupdater, do not autoupdate nodes with anything but releases.
 If you upgrade using random master commits the nodes *will break* eventually.

--- a/contrib/ci/Jenkinsfile
+++ b/contrib/ci/Jenkinsfile
+pipeline {
+    agent { label 'gluon-docker' }
+    environment {
+        GLUON_SITEDIR = "contrib/ci/minimal-site"
+        GLUON_TARGET = "x86-64"
+        BUILD_LOG = "1"
+    }
+    stages {
+        stage('lint') {
+            steps {
+                sh 'luacheck package scripts targets'
+            }
+        }
+        stage('docs') {
+            steps {
+                sh 'make -C docs html'
+            }
+        }
+        stage('build') {
+            steps {
+                sh 'make update'
+                sh 'test -d /dl_cache && ln -s /dl_cache openwrt/dl || true'
+                sh 'make -j$(nproc) V=s'
+            }
+        }
+    }
+}
--- a/contrib/ci/jenkins-community-slave/Dockerfile
+++ b/contrib/ci/jenkins-community-slave/Dockerfile
+FROM gluon
+
+USER root
+
+# this is needed to install default-jre-headless in debian slim images
+RUN mkdir -p /usr/share/man/man1
+ 
+RUN apt-get update && apt-get install -y default-jre-headless curl python3 python3-pip python3-sphinx git
+RUN pip3 install jenkins-webapi sphinx_rtd_theme
+ 
+# Get docker-compose in the agent container
+RUN mkdir -p /home/jenkins
+RUN mkdir -p /var/lib/jenkins
+RUN mkdir -p /remoting
+RUN chown gluon /home/jenkins
+RUN chown gluon /var/lib/jenkins
+RUN chown gluon /remoting
+ 
+# Start-up script to attach the slave to the master
+ADD slave.py /var/lib/jenkins/slave.py
+
+USER gluon
+ 
+WORKDIR /home/jenkins
+
+ENV JENKINS_URL "https://build.ffh.zone/"
+ENV JENKINS_SLAVE_ADDRESS ""
+ENV SLAVE_EXECUTORS "1"
+ENV SLAVE_LABELS "docker"
+ENV SLAVE_WORING_DIR ""
+ENV CLEAN_WORKING_DIR "true"
+ 
+CMD [ "python3", "-u", "/var/lib/jenkins/slave.py" ]
--- a/contrib/ci/jenkins-community-slave/README.md
+++ b/contrib/ci/jenkins-community-slave/README.md
+# Gluon CI using Jenkins
+
+## Requirements
+- Only a host with docker.
+
+## Architecture
+
+![Screenshot from 2019-09-24 00-20-32](https://user-images.githubusercontent.com/601153/65468827-9edf2c80-de65-11e9-9fe0-56c3487719c3.png)
+
+## Installation
+You can support the gluon CI with your infrastructure:
+1. You need to query @lemoer (freifunk@irrelefant.net) for credentials.
+2. He will give you a `SLAVE_NAME` and a `SLAVE_SECRET` for your host.
+3. Then go to your docker host and substitute the values for  `SLAVE_NAME` and a `SLAVE_SECRET` in the following statements:
+``` shell
+git clone https://github.com/freifunk-gluon/gluon/
+cd gluon/contrib/ci/jenkins-community-slave/
+docker build -t gluon-jenkins .
+mkdir /var/cache/openwrt_dl_cache/
+docker run --detach --restart always \
+    -e "SLAVE_NAME=whoareyou" \
+    -e "SLAVE_SECRET=changeme" \
+    -v /var/cache/openwrt_dl_cache/:/dl_cache
+```
+4. Check whether the instance is running correctly:
+   - Your node should appear [here](https://build.ffh.zone/label/gluon-docker/).
+   - When clicking on it, Jenkins should state "Agent is connected." like here: 
+![Screenshot from 2019-09-24 01-00-52](https://user-images.githubusercontent.com/601153/65469209-dac6c180-de66-11e9-9d62-0d1c3b6b940b.png)
+5. **Your docker container needs to be rebuilt, when the build dependencies of gluon change. So please be aware of that and update your docker container in that case.** 
+
+## Backoff
+- If @lemoer is not reachable, please be patient at first if possible. Otherwise contact info@hannover.freifunk.net or join the channel `#freifunkh` on hackint.
--- a/contrib/ci/jenkins-community-slave/slave.py
+++ b/contrib/ci/jenkins-community-slave/slave.py
+from jenkins import Jenkins, JenkinsError, NodeLaunchMethod
+import os
+import signal
+import sys
+import urllib.request
+import subprocess
+import shutil
+import requests
+import time
+
+slave_jar = '/var/lib/jenkins/slave.jar'
+slave_name = os.environ['SLAVE_NAME'] if os.environ['SLAVE_NAME'] != '' else 'docker-slave-' + os.environ['HOSTNAME']
+jnlp_url = os.environ['JENKINS_URL'] + '/computer/' + slave_name + '/slave-agent.jnlp'
+slave_jar_url = os.environ['JENKINS_URL'] + '/jnlpJars/slave.jar'
+print(slave_jar_url)
+process = None
+
+def clean_dir(dir):
+    for root, dirs, files in os.walk(dir):
+        for f in files:
+            os.unlink(os.path.join(root, f))
+        for d in dirs:
+            shutil.rmtree(os.path.join(root, d))
+
+def slave_create(node_name, working_dir, executors, labels):
+    j = Jenkins(os.environ['JENKINS_URL'], os.environ['JENKINS_USER'], os.environ['JENKINS_PASS'])
+    j.node_create(node_name, working_dir, num_executors = int(executors), labels = labels, launcher = NodeLaunchMethod.JNLP)
+
+def slave_delete(node_name):
+    j = Jenkins(os.environ['JENKINS_URL'], os.environ['JENKINS_USER'], os.environ['JENKINS_PASS'])
+    j.node_delete(node_name)
+
+def slave_download(target):
+    if os.path.isfile(slave_jar):
+        os.remove(slave_jar)
+
+    loader = urllib.request.URLopener()
+    loader.retrieve(os.environ['JENKINS_URL'] + '/jnlpJars/slave.jar', '/var/lib/jenkins/slave.jar')
+
+def slave_run(slave_jar, jnlp_url):
+    params = [ 'java', '-jar', slave_jar, '-jnlpUrl', jnlp_url ]
+    if os.environ['JENKINS_SLAVE_ADDRESS'] != '':
+        params.extend([ '-connectTo', os.environ['JENKINS_SLAVE_ADDRESS' ] ])
+
+    if os.environ['SLAVE_SECRET'] == '':
+        params.extend([ '-jnlpCredentials', os.environ['JENKINS_USER'] + ':' + os.environ['JENKINS_PASS'] ])
+    else:
+        params.extend([ '-secret', os.environ['SLAVE_SECRET'] ])
+    return subprocess.Popen(params, stdout=subprocess.PIPE)
+
+def signal_handler(sig, frame):
+    if process != None:
+        process.send_signal(signal.SIGINT)
+
+signal.signal(signal.SIGINT, signal_handler)
+signal.signal(signal.SIGTERM, signal_handler)
+
+def h():
+    print("ERROR!: please specify environment variables")
+    print("")
+    print('docker run -e "SLAVE_NAME=test" -e "SLAVE_SECRET=..." jenkins')
+
+if os.environ.get('SLAVE_NAME') is None:
+    h()
+    sys.exit(1)
+
+if os.environ.get('SLAVE_SECRET') is None:
+    h()
+    sys.exit(1)
+
+def master_ready(url):
+    try:
+        r = requests.head(url, verify=False, timeout=None)
+        return r.status_code == requests.codes.ok
+    except:
+        return False
+
+while not master_ready(slave_jar_url):
+    print("Master not ready yet, sleeping for 10sec!")
+    time.sleep(10)
+
+slave_download(slave_jar)
+print('Downloaded Jenkins slave jar.')
+
+if os.environ['SLAVE_WORING_DIR']:
+    os.setcwd(os.environ['SLAVE_WORING_DIR'])
+
+if os.environ['CLEAN_WORKING_DIR'] == 'true':
+    clean_dir(os.getcwd())
+    print("Cleaned up working directory.")
+
+if os.environ['SLAVE_NAME'] == '':
+    slave_create(slave_name, os.getcwd(), os.environ['SLAVE_EXECUTORS'], os.environ['SLAVE_LABELS'])
+    print('Created temporary Jenkins slave.')
+
+process = slave_run(slave_jar, jnlp_url)
+print('Started Jenkins slave with name "' + slave_name + '" and labels [' + os.environ['SLAVE_LABELS'] + '].')
+process.wait()
+
+print('Jenkins slave stopped.')
+if os.environ['SLAVE_NAME'] == '':
+    slave_delete(slave_name)
+    print('Removed temporary Jenkins slave.')
--- a/contrib/ci/minimal-site/i18n
+++ b/contrib/ci/minimal-site/i18n
+../../../docs/site-example/i18n/
\ No newline at end of file
--- a/contrib/ci/minimal-site/modules
+++ b/contrib/ci/minimal-site/modules
+../../../docs/site-example/modules
\ No newline at end of file
--- a/contrib/ci/minimal-site/site.conf
+++ b/contrib/ci/minimal-site/site.conf
+-- This is an example site configuration for Gluon v2018.2+
+--
+-- Take a look at the documentation located at
+-- https://gluon.readthedocs.io/ for details.
+--
+-- This configuration will not work as is. You're required to make
+-- community specific changes to it!
+{
+  -- Used for generated hostnames, e.g. freifunk-abcdef123456. (optional)
+  -- hostname_prefix = 'freifunk-',
+
+  -- Name of the community.
+  site_name = 'Continious Integration',
+
+  -- Shorthand of the community.
+  site_code = 'ci',
+
+  -- 32 bytes of random data, encoded in hexadecimal
+  -- This data must be unique among all sites and domains!
+  -- Can be generated using: echo $(hexdump -v -n 32 -e '1/1 "%02x"' </dev/urandom)
+  domain_seed = 'e9608c4ff338b920992d629190e9ff11049de1dfc3f299eac07792dfbcda341c',
+
+  -- Prefixes used within the mesh.
+  -- prefix6 is required, prefix4 can be omitted if next_node.ip4
+  -- is not set.
+  prefix4 = '10.0.0.0/20',
+  prefix6 = 'fd::/64',
+
+  -- Timezone of your community.
+  -- See https://openwrt.org/docs/guide-user/base-system/system_configuration#time_zones
+  timezone = 'CET-1CEST,M3.5.0,M10.5.0/3',
+
+  -- List of NTP servers in your community.
+  -- Must be reachable using IPv6!
+  --  ntp_servers = {'1.ntp.services.ffxx'},
+
+  -- Wireless regulatory domain of your community.
+  regdom = 'DE',
+
+  -- Wireless configuration for 2.4 GHz interfaces.
+  wifi24 = {
+    -- Wireless channel.
+    channel = 1,
+
+    -- ESSID used for client network.
+    ap = {
+      ssid = 'gluon-ci-ssid',
+      -- disabled = true, -- (optional)
+    },
+
+    mesh = {
+      -- Adjust these values!
+      id = 'ueH3uXjdp', -- usually you don't want users to connect to this mesh-SSID, so use a cryptic id that no one will accidentally mistake for the client WiFi
+      mcast_rate = 12000,
+      -- disabled = true, -- (optional)
+    },
+  },
+
+  -- Wireless configuration for 5 GHz interfaces.
+  -- This should be equal to the 2.4 GHz variant, except
+  -- for channel.
+  wifi5 = {
+    channel = 44,
+    outdoor_chanlist = '100-140',
+    ap = {
+      ssid = 'gluon-ci-ssid',
+    },
+    mesh = {
+      -- Adjust these values!
+      id = 'ueH3uXjdp',
+      mcast_rate = 12000,
+    },
+  },
+
+
+  -- The next node feature allows clients to always reach the node it is
+  -- connected to using a known IP address.
+  next_node = {
+    -- anycast IPs of all nodes
+    -- name = { 'nextnode.location.community.example.org', 'nextnode', 'nn' },
+    ip4 = '10.0.0.1',
+    ip6 = 'fd::1',
+  },
+
+  mesh = {
+    vxlan = true,
+    batman_adv = {
+      routing_algo = 'BATMAN_IV'
+    }
+  },
+
+  mesh_vpn = {
+    -- enabled = true,
+    mtu = 1312,
+
+    fastd = {
+      -- Refer to https://fastd.readthedocs.io/en/latest/ to better understand
+      -- what these options do.
+
+      -- List of crypto-methods to use.
+      methods = {'salsa2012+umac'},
+      -- configurable = true,
+      -- syslog_level = 'warn',
+
+      groups = {
+        backbone = {
+          -- Limit number of connected peers to reduce bandwidth.
+          limit = 1,
+
+          -- List of peers.
+          peers = {
+          },
+
+        },
+      },
+    },
+
+    bandwidth_limit = {
+      -- The bandwidth limit can be enabled by default here.
+      enabled = false,
+
+      -- Default upload limit (kbit/s).
+      egress = 200,
+
+      -- Default download limit (kbit/s).
+      ingress = 3000,
+    },
+  },
+
+  autoupdater = {
+    -- Default branch. Don't forget to set GLUON_BRANCH when building!
+    branch = 'stable',
+
+    -- List of branches. You may define multiple branches.
+    branches = {
+      stable = {
+        name = 'stable',
+
+        -- List of mirrors to fetch images from. IPv6 required!
+        mirrors = {'http://1.updates.services.ffhl/stable/sysupgrade'},
+
+        -- Number of good signatures required.
+        -- Have multiple maintainers sign your build and only
+        -- accept it when a sufficient number of them have
+        -- signed it.
+        good_signatures = 2,
+
+        -- List of public keys of maintainers.
+        pubkeys = {
+        },
+      },
+    },
+  },
+}
--- a/contrib/ci/minimal-site/site.mk
+++ b/contrib/ci/minimal-site/site.mk
+../../../docs/site-example/site.mk
\ No newline at end of file
--- a/docs/conf.py
+++ b/docs/conf.py
@@ -24,7 +24,7 @@ copyright = '2015-2019, Project Gluon'
 author = 'Project Gluon'

 # The short X.Y version
-version = '2018.2+'
+version = '2019.1.3'
 # The full version, including alpha/beta/rc tags
 release = version


--- a/docs/features/roles.rst
+++ b/docs/features/roles.rst
@@ -28,7 +28,7 @@ If you want node owners to change the defined roles via config-mode you can add

 The role is saved in ``gluon-node-info.system.role``. To change the role using command line do::

-  uci set gluon-node-info.system.role="$ROLE"
+  uci set gluon-node-info.@system[0].role="$ROLE"
  uci commit

 Please replace ``$ROLE`` by the role you want the node to own.
--- a/docs/index.rst
+++ b/docs/index.rst
@@ -74,7 +74,11 @@ Several Freifunk communities in Germany use Gluon as the foundation of their Fre
   :caption: Releases
   :maxdepth: 1

+   releases/v2019.1.3
+   releases/v2019.1.2
+   releases/v2019.1.1
   releases/v2019.1
+   releases/v2018.2.4
   releases/v2018.2.3
   releases/v2018.2.2
   releases/v2018.2.1

--- a/docs/package/gluon-hoodselector.rst
+++ b/docs/package/gluon-hoodselector.rst
@@ -36,7 +36,7 @@ example of a regional domain:
 Behaviour
 ------------------

-The following is an abstract state diagramm which gives an overview
+The following is an abstract state diagram which gives an overview
 of the process:

 .. image:: ./gluon-hoodselector.svg
@@ -61,7 +61,7 @@ It provides a fallback to the default domain.
 Domain shapes
 -------------

-There are two types of domains: the unique dehault one without a defined shape
+There are two types of domains: the unique default one without a defined shape
 and others which contain shapes.

 * **default domain**

--- a/docs/package/gluon-mesh-batman-adv.rst
+++ b/docs/package/gluon-mesh-batman-adv.rst
@@ -99,7 +99,7 @@ Furthermore, by default IGMP and MLD messages are filtered. See
 :ref:`site.conf mesh section <user-site-mesh>` and
 :ref:`igmp-mld-domain-segmentation` for details.

-To achieve some level of scalabilty for multicast, multicast group
+To achieve some level of scalability for multicast, multicast group
 awareness is implemented and utilized in the following ways:

 Node-Local Multicast Handling

--- a/docs/releases/v2018.2.4.rst
+++ b/docs/releases/v2018.2.4.rst
+Gluon 2018.2.4
+==============
+
+End of life
+~~~~~~~~~~~~~~
+
+This will be the final release of the v2018.2.x series. Updating to the v2019.1.x release series is the recommended course of action, which should be fairly easy.
+
+Bugfixes
+~~~~~~~~
+
+* Fixes device alias for Ubiquiti UniFi AC LR. (`#1834 <https://github.com/freifunk-gluon/gluon/issues/1834>`_)
+  Autoupdates on this model were impossible before, since we were missing the proper device alias.
+
+* Add correct ath10k firmware package for OCEDO Koala. (`#1838 <https://github.com/freifunk-gluon/gluon/pull/1838>`_)
+
+* Fixes various batman-adv bugs with backports from 2019.4 and 2019.5 by updating the openwrt-routing packages feed
+
+Other changes
+~~~~~~~~~~~~~
+
+* Linux kernel has been updated to either
+  
+  - 4.9.207 (ar71xx, brcm2708, mpc85xx) or
+  - 4.14.160 (ipq40xx, ipq806x, mvebu, ramips, sunxi, x86).
+
+Known issues
+~~~~~~~~~~~~
+
+* Default TX power on many Ubiquiti devices is too high, correct offsets are
+  unknown (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
+
+  Reducing the TX power in the Advanced Settings is recommended.
+
+* The MAC address of the WAN interface is modified even when Mesh-on-WAN is
+  disabled (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
+
+  This may lead to issues in environments where a fixed MAC address is expected
+  (like VMware when promiscuous mode is disallowed).
+
+* Inconsistent respondd API
+  (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
+
+  The current API is inconsistent and will be replaced eventually. The old API
+  will still be supported for a while.
+
+* Frequent reboots due to out-of-memory or high load due to memory pressure on
+  weak hardware especially in larger meshes
+  (`#1243 <https://github.com/freifunk-gluon/gluon/issues/1243>`_)
+
+  Optimizations in Gluon 2018.1 have significantly improved memory usage.
+  There are still known bugs leading to unreasonably high load that we hope to
+  solve in future releases.
--- a/docs/releases/v2019.1.1.rst
+++ b/docs/releases/v2019.1.1.rst
+Gluon 2019.1.1
+##############
+
+Bugfixes
+********
+
+* Fixes device alias for Ubiquiti UniFi AC LR. (`#1834 <https://github.com/freifunk-gluon/gluon/issues/1834>`_)
+  Autoupdates on this model were impossible before, since we were missing the proper device alias.
+
+* Add correct ath10k firmware package for OCEDO Koala. (`#1838 <https://github.com/freifunk-gluon/gluon/pull/1838>`_)
+
+* Fixes various batman-adv bugs with backports from 2019.4 and 2019.5 by updating the openwrt-routing packages feed.
+
+* Fixes node role list.  (`#1851 <https://github.com/freifunk-gluon/gluon/issues/1851>`_)
+  With Gluon v2019.1 it became impossible to change the role of a node via the config mode.
+
+Other Changes
+*************
+
+* Linux kernel has been updated to either
+
+  - 4.9.207 (ar71xx, brcm2708, mpc85xx) or
+  - 4.14.160 (ipq40xx, ipq806x, mvebu, ramips, sunxi, x86).
+
+Known issues
+************
+
+* Out of memory situations with high client count on ath9k.
+  (`#1768 <https://github.com/freifunk-gluon/gluon/issues/1768>`_)
+
+* The integration of the BATMAN_V routing algorithm is incomplete.
+
+   - | Mesh neighbors don't appear on the status page. (`#1726 <https://github.com/freifunk-gluon/gluon/issues/1726>`_)
+     | Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput
+     | metric.
+
+   - | Throughput values are not correctly acquired for different interface types.
+     | (`#1728 <https://github.com/freifunk-gluon/gluon/issues/1728>`_)
+     | This affects virtual interface types like bridges and VXLAN.
+
+* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown
+  (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
+
+  Reducing the TX power in the Advanced Settings is recommended.
+
+* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled
+  (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
+
+  This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is
+  disallowed).
+
+* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
+
+  The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
+
+* Frequent reboots due to out-of-memory or high load due to memory pressure on weak hardware especially in larger
+  meshes (`#1243 <https://github.com/freifunk-gluon/gluon/issues/1243>`_)
+
+  Optimizations in Gluon 2018.1 have significantly improved memory usage.
+  There are still known bugs leading to unreasonably high load that we hope to
+  solve in future releases.
+
--- a/docs/releases/v2019.1.2.rst
+++ b/docs/releases/v2019.1.2.rst
+Gluon 2019.1.2
+##############
+
+Bugfixes
+********
+
+* Fixes a buffer-overflow vulnerability in libubox, a core component of OpenWrt
+  (CVE-2020-7248)
+
+* Fixes a vulnerability in the OpenWrt package manager (opkg). By using this vulnerability,
+  an attacker could bypass the integrity check of the package artifacts. (CVE-2020-7982)
+
+Other Changes
+*************
+
+* Linux kernel has been updated to either
+
+  - 4.9.211 (ar71xx, brcm2708, mpc85xx) or
+  - 4.14.167 (ipq40xx, ipq806x, mvebu, ramips, sunxi, x86).
+
+Known issues
+************
+
+* Out of memory situations with high client count on ath9k.
+  (`#1768 <https://github.com/freifunk-gluon/gluon/issues/1768>`_)
+
+* The integration of the BATMAN_V routing algorithm is incomplete.
+
+   - | Mesh neighbors don't appear on the status page. (`#1726 <https://github.com/freifunk-gluon/gluon/issues/1726>`_)
+     | Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput
+     | metric.
+
+   - | Throughput values are not correctly acquired for different interface types.
+     | (`#1728 <https://github.com/freifunk-gluon/gluon/issues/1728>`_)
+     | This affects virtual interface types like bridges and VXLAN.
+
+* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown
+  (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
+
+  Reducing the TX power in the Advanced Settings is recommended.
+
+* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled
+  (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
+
+  This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is
+  disallowed).
+
+* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
+
+  The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
+
+* Frequent reboots due to out-of-memory or high load due to memory pressure on weak hardware especially in larger
+  meshes (`#1243 <https://github.com/freifunk-gluon/gluon/issues/1243>`_)
+
+  Optimizations in Gluon 2018.1 have significantly improved memory usage.
+  There are still known bugs leading to unreasonably high load that we hope to
+  solve in future releases.
+
--- a/docs/releases/v2019.1.3.rst
+++ b/docs/releases/v2019.1.3.rst
+Gluon 2019.1.3
+==============
+
+Bugfixes
+--------
+
+- Fixes a bug in the tunneldigger watchdog where the watchdog would incorrectly find itself while looking up the running tunneldigger process. It then went on and assumed a PID mismatch between the tunneldigger service and its PID file and therefore caused an unnecessary restart of the tunnel. (`#1952 <https://github.com/freifunk-gluon/gluon/issues/1952>`_)
+
+- Fixes an oversight in the firewalling of the respondd service where queries from prefix listed in ``extra_prefixes6`` would be dropped. (`#1941 <https://github.com/freifunk-gluon/gluon/issues/1941>`_)
+
+- Fixes a bug in ``gluon-web`` where forms would not correctly update their field visibility on reset. This affected, for example, the private wifi page in the config mode. (`#1970 <https://github.com/freifunk-gluon/gluon/pull/1970>`_)
+
+- Fixes RX buffer sizing in the ath10k driver to allow for frames larger than 1528 Bytes. (`#1992 <https://github.com/freifunk-gluon/gluon/pull/1992>`_)
+
+- Fixed handling of mesh interfaces together with outdoor mode, site.conf defaults and config mode (`#2049 <https://github.com/freifunk-gluon/gluon/pull/2049>`_) (`#2054 <https://github.com/freifunk-gluon/gluon/pull/2054>`_)
+
+- Fixes a bug with perl when building Gluon v2019.1.x with GCC10
+
+- Fixes a buffer leak in fastd when receiving invalid packets
+
+Other Changes
+-------------
+
+- Linux kernel has been updated to either
+
+  - 4.9.237 (ar71xx, brcm2708, mpc85xx) or
+  - 4.14.199 (ipq40xx, ipq806x, mvebu, ramips, sunxi, x86).
+
+- Backports of batman-adv bugfixes
+
+Known issues
+------------
+
+* Out of memory situations with high client count on ath9k.
+  (`#1768 <https://github.com/freifunk-gluon/gluon/issues/1768>`_)
+
+* The integration of the BATMAN_V routing algorithm is incomplete.
+
+   - | Mesh neighbors don't appear on the status page. (`#1726 <https://github.com/freifunk-gluon/gluon/issues/1726>`_)
+     | Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput
+     | metric.
+
+   - | Throughput values are not correctly acquired for different interface types.
+     | (`#1728 <https://github.com/freifunk-gluon/gluon/issues/1728>`_)
+     | This affects virtual interface types like bridges and VXLAN.
+
+* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown
+  (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
+
+  Reducing the TX power in the Advanced Settings is recommended.
+
+* The MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled
+  (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
+
+  This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is
+  disallowed).
+
+* Inconsistent respondd API (`#522 <https://github.com/freifunk-gluon/gluon/issues/522>`_)
+
+  The current API is inconsistent and will be replaced eventually. The old API will still be supported for a while.
+
+* Frequent reboots due to out-of-memory or high load due to memory pressure on weak hardware especially in larger
+  meshes (`#1243 <https://github.com/freifunk-gluon/gluon/issues/1243>`_)
+
+  Optimizations in Gluon 2018.1 have significantly improved memory usage.
+  There are still known bugs leading to unreasonably high load that we hope to
+  solve in future releases.
+
--- a/docs/releases/v2019.1.rst
+++ b/docs/releases/v2019.1.rst
@@ -91,7 +91,7 @@ to decide which module gets loaded and the scheduled domain switching functional
 the two versions.

 Note that if you were using ``gluon-mesh-batman-adv-14`` ("batman-adv-legacy") before you will need to update the
-``mesh.batman_adv.routing_algo`` setting from from ``BATMAN_IV`` to ``BATMAN_IV_LEGACY`` if you want to
+``mesh.batman_adv.routing_algo`` setting from ``BATMAN_IV`` to ``BATMAN_IV_LEGACY`` if you want to
 stay on v14 compat.

 See the :ref:`mesh <user-site-mesh>` section for the *site.conf* configuration of this feature.
@@ -157,7 +157,7 @@ Bugfixes
  (`#1777 <https://github.com/freifunk-gluon/gluon/issues/1777>`_)

 * Fixes cross-domain leakage of respondd data by not joining the link-local multicast group on br-client. Nodes will
-  not be answering respondd queries on  ``[ff02::2:1001]:1001`` anymore. Respondd queries using that adresss must be
+  not be answering respondd queries on  ``[ff02::2:1001]:1001`` anymore. Respondd queries using that address must be
  updated to the new address ``[ff05::2:1001]:1001``. (`#1701 <https://github.com/freifunk-gluon/gluon/issues/1701>`_)



--- a/docs/site-example/site.conf
+++ b/docs/site-example/site.conf
-- This is an example site configuration for Gluon v2019.1
+-- This is an example site configuration for Gluon v2019.1.3
 --
 -- Take a look at the documentation located at
 -- https://gluon.readthedocs.io/ for details.
No results found