diff --git a/contrib/ci/minimal-site/site.conf b/contrib/ci/minimal-site/site.conf
index 3f7373f65204825383804fe1047a43b02f4e67b3..62a5bc3a35735aa15ff662004eee05fbe4f95e7c 100644
--- a/contrib/ci/minimal-site/site.conf
+++ b/contrib/ci/minimal-site/site.conf
@@ -93,7 +93,6 @@
mesh_vpn = {
-- enabled = true,
- mtu = 1312,
fastd = {
-- Refer to https://fastd.readthedocs.io/en/latest/ to better understand
@@ -101,6 +100,7 @@
-- List of crypto-methods to use.
methods = {'salsa2012+umac'},
+ mtu = 1312,
-- configurable = true,
-- syslog_level = 'warn',
diff --git a/docs/multidomain-site-example/site.conf b/docs/multidomain-site-example/site.conf
index 25eaeb6958bd20c5268be84af8720489ba1633d1..fc5298f7ad5b6ca2c874d8fbc4d08f92274e212b 100644
--- a/docs/multidomain-site-example/site.conf
+++ b/docs/multidomain-site-example/site.conf
@@ -20,10 +20,10 @@
},
mesh_vpn = {
- mtu = 1312,
fastd = {
methods = {'salsa2012+umac'},
+ mtu = 1312,
},
bandwidth_limit = {
diff --git a/docs/site-example/site.conf b/docs/site-example/site.conf
index bd7a9a15664d53edc12e2f464083c552137a52c5..538a8c3e977ed86e9a486e4b0ba57f0ef31b8a6f 100644
--- a/docs/site-example/site.conf
+++ b/docs/site-example/site.conf
@@ -105,7 +105,6 @@
mesh_vpn = {
-- enabled = true,
- mtu = 1312,
fastd = {
-- Refer to https://fastd.readthedocs.io/en/latest/ to better understand
@@ -113,6 +112,7 @@
-- List of crypto-methods to use.
methods = {'salsa2012+umac'},
+ mtu = 1312,
-- configurable = true,
-- syslog_level = 'warn',
diff --git a/docs/user/site.rst b/docs/user/site.rst
index 5b2e0eeb04878ecd659453930a27f05de2b877a0..1784e0ffced9b71e3b942464b8bb2eb00ce146b5 100644
--- a/docs/user/site.rst
+++ b/docs/user/site.rst
@@ -331,10 +331,10 @@ mesh_vpn
mesh_vpn = {
-- enabled = true,
- mtu = 1312,
-- pubkey_privacy = true,
fastd = {
+ mtu = 1312,
methods = {'salsa2012+umac'},
-- configurable = true,
-- syslog_level = 'warn',
@@ -384,6 +384,7 @@ mesh_vpn
},
tunneldigger = {
+ mtu = 1312,
brokers = {'vpn1.alpha-centauri.freifunk.net'}
},
diff --git a/package/gluon-mesh-vpn-core/check_site.lua b/package/gluon-mesh-vpn-core/check_site.lua
index 04ff3c8428b8d2f9468c3f5825c0c840f38d49b9..cff076e100e75a103e5e4e7a7ee74da4e882a2db 100644
--- a/package/gluon-mesh-vpn-core/check_site.lua
+++ b/package/gluon-mesh-vpn-core/check_site.lua
@@ -1,5 +1,4 @@
need_boolean(in_site({'mesh_vpn', 'enabled'}), false)
-need_number({'mesh_vpn', 'mtu'})
need_boolean(in_site({'mesh_vpn', 'pubkey_privacy'}), false)
need_boolean(in_site({'mesh_vpn', 'bandwidth_limit', 'enabled'}), false)
diff --git a/package/gluon-mesh-vpn-core/luasrc/lib/gluon/upgrade/500-mesh-vpn b/package/gluon-mesh-vpn-core/luasrc/lib/gluon/upgrade/500-mesh-vpn
index a476afdb3e97087c3dd6e922f5fe7cb7545ad707..b14952552dab8844dd9073eddce2eaa18c761fd7 100755
--- a/package/gluon-mesh-vpn-core/luasrc/lib/gluon/upgrade/500-mesh-vpn
+++ b/package/gluon-mesh-vpn-core/luasrc/lib/gluon/upgrade/500-mesh-vpn
@@ -7,6 +7,7 @@ local util = require 'gluon.util'
local uci = require('simple-uci').cursor()
local vpn_core = require 'gluon.mesh-vpn'
+local _, active_vpn = vpn_core.get_active_provider()
uci:section('network', 'interface', 'mesh_vpn', {
ifname = vpn_core.get_interface(),
@@ -14,7 +15,7 @@ uci:section('network', 'interface', 'mesh_vpn', {
transitive = true,
fixed_mtu = true,
macaddr = util.generate_mac(7),
- mtu = site.mesh_vpn.mtu(),
+ mtu = active_vpn.mtu(),
})
uci:save('network')
diff --git a/package/gluon-mesh-vpn-fastd/check_site.lua b/package/gluon-mesh-vpn-fastd/check_site.lua
index 6f3c0832d4fe8ee18a446743d6be4ced62979ec9..dadcc917be7244265b437c55f9a754f9be9c7040 100644
--- a/package/gluon-mesh-vpn-fastd/check_site.lua
+++ b/package/gluon-mesh-vpn-fastd/check_site.lua
@@ -1,6 +1,7 @@
local fastd_methods = {'salsa2012+umac', 'null+salsa2012+umac', 'null@l2tp', 'null'}
need_array_of({'mesh_vpn', 'fastd', 'methods'}, fastd_methods)
need_boolean(in_site({'mesh_vpn', 'fastd', 'configurable'}), false)
+need_number({'mesh_vpn', 'fastd', 'mtu'})
need_one_of(in_site({'mesh_vpn', 'fastd', 'syslog_level'}),
{'error', 'warn', 'info', 'verbose', 'debug', 'debug2'}, false)
diff --git a/package/gluon-mesh-vpn-fastd/luasrc/lib/gluon/upgrade/400-mesh-vpn-fastd b/package/gluon-mesh-vpn-fastd/luasrc/lib/gluon/upgrade/400-mesh-vpn-fastd
index c889875506ce5b9c3cbc70c635358462a68e6663..4c2dc046652670ab21f8bb1b2326f25cf8df1c16 100755
--- a/package/gluon-mesh-vpn-fastd/luasrc/lib/gluon/upgrade/400-mesh-vpn-fastd
+++ b/package/gluon-mesh-vpn-fastd/luasrc/lib/gluon/upgrade/400-mesh-vpn-fastd
@@ -3,6 +3,7 @@
local site = require 'gluon.site'
local util = require 'gluon.util'
local vpn_core = require 'gluon.mesh-vpn'
+local _, active_vpn = vpn_core.get_active_provider()
local uci = require('simple-uci').cursor()
local unistd = require 'posix.unistd'
@@ -49,7 +50,7 @@ uci:section('fastd', 'fastd', 'mesh_vpn', {
secret = secret,
interface = vpn_core.get_interface(),
mode = 'tap',
- mtu = site.mesh_vpn.mtu(),
+ mtu = active_vpn.mtu(),
secure_handshakes = true,
method = methods,
packet_mark = 1,
diff --git a/package/gluon-mesh-vpn-fastd/luasrc/usr/lib/lua/gluon/mesh-vpn/provider/fastd.lua b/package/gluon-mesh-vpn-fastd/luasrc/usr/lib/lua/gluon/mesh-vpn/provider/fastd.lua
index bcc6b5e13e91d6cdd86a41be1c6c86ad78942324..20ac4777c53cabcdd7c9725173283b6d6f79c735 100644
--- a/package/gluon-mesh-vpn-fastd/luasrc/usr/lib/lua/gluon/mesh-vpn/provider/fastd.lua
+++ b/package/gluon-mesh-vpn-fastd/luasrc/usr/lib/lua/gluon/mesh-vpn/provider/fastd.lua
@@ -39,4 +39,8 @@ function M.set_limit(ingress_limit, egress_limit)
uci:save('simple-tc')
end
+function M.mtu()
+ return site.mesh_vpn.fastd.mtu()
+end
+
return M
diff --git a/package/gluon-mesh-vpn-tunneldigger/check_site.lua b/package/gluon-mesh-vpn-tunneldigger/check_site.lua
index 188433fd565cddb2151ab34dd1ed65781ef89147..77ea83c5cf304de82ce26d1b0fe6b1387256d2c4 100644
--- a/package/gluon-mesh-vpn-tunneldigger/check_site.lua
+++ b/package/gluon-mesh-vpn-tunneldigger/check_site.lua
@@ -1 +1,2 @@
need_string_array(in_domain({'mesh_vpn', 'tunneldigger', 'brokers'}))
+need_number({'mesh_vpn', 'tunneldigger', 'mtu'})
diff --git a/package/gluon-mesh-vpn-tunneldigger/luasrc/usr/lib/lua/gluon/mesh-vpn/provider/tunneldigger.lua b/package/gluon-mesh-vpn-tunneldigger/luasrc/usr/lib/lua/gluon/mesh-vpn/provider/tunneldigger.lua
index d324a3cc1f836c3c568a744ffdfdc01b07e78f58..9ae67539ddfd01ba89692c8a1f424e78fb5b03df 100644
--- a/package/gluon-mesh-vpn-tunneldigger/luasrc/usr/lib/lua/gluon/mesh-vpn/provider/tunneldigger.lua
+++ b/package/gluon-mesh-vpn-tunneldigger/luasrc/usr/lib/lua/gluon/mesh-vpn/provider/tunneldigger.lua
@@ -39,4 +39,8 @@ function M.set_limit(ingress_limit, egress_limit)
uci:save('simple-tc')
end
+function M.mtu()
+ return site.mesh_vpn.tunneldigger.mtu()
+end
+
return M
diff --git a/package/gluon-mesh-vpn-wireguard/check_site.lua b/package/gluon-mesh-vpn-wireguard/check_site.lua
index f5a0d94e57d13864d6df00b7f5e8ee526dfb8eb1..5769e36e5c933aabd618b3df540e327b77988e62 100644
--- a/package/gluon-mesh-vpn-wireguard/check_site.lua
+++ b/package/gluon-mesh-vpn-wireguard/check_site.lua
@@ -7,3 +7,4 @@ local function check_peer(k)
end
need_table({'mesh_vpn', 'wireguard', 'peers'}, check_peer)
+need_number({'mesh_vpn', 'wireguard', 'mtu'})
diff --git a/package/gluon-mesh-vpn-wireguard/luasrc/usr/lib/lua/gluon/mesh-vpn/provider/wireguard.lua b/package/gluon-mesh-vpn-wireguard/luasrc/usr/lib/lua/gluon/mesh-vpn/provider/wireguard.lua
index b531b80ef2dc0cc8e88549709457d1397eb9887a..fb5041c536879ca1bf491bc04b4588911df03e08 100644
--- a/package/gluon-mesh-vpn-wireguard/luasrc/usr/lib/lua/gluon/mesh-vpn/provider/wireguard.lua
+++ b/package/gluon-mesh-vpn-wireguard/luasrc/usr/lib/lua/gluon/mesh-vpn/provider/wireguard.lua
@@ -40,4 +40,8 @@ function M.set_limit(ingress_limit, egress_limit)
uci:save('simple-tc')
end
+function M.mtu()
+ return site.mesh_vpn.wireguard.mtu()
+end
+
return M