.gitlab-ci.yml

+build:
+    stage: build
+    image: python:3.9
+    tags: 
+    - docker
+    script:
+    - cd flamingo
+    - echo $CI_COMMIT_REF_SLUG > REF_SLUG
+    - make html
+    artifacts:
+        paths:
+        - flamingo/output
+        - contact
+        expire_in: 1 week
+
+deployment:
+    stage: deploy
+    tags:
+    - ffbs-deploy-frido
+    only:
+        refs:
+        - master
+        - /^testbed/i
+        variables:
+        - $CI_PROJECT_PATH == "ffbs/ffbs-website"
+    script:
+    - rm -r /var/www/website/$CI_COMMIT_REF_SLUG/*
+    - cp -r flamingo/output /var/www/website/$CI_COMMIT_REF_SLUG/htdocs
+    - cp -r contact /var/www/website/$CI_COMMIT_REF_SLUG/contact
+    - chmod go+r -R /var/www/website/$CI_COMMIT_REF_SLUG/*

LICENSE

+This website is licensed unter CC0:
+https://creativecommons.org/publicdomain/zero/1.0/deed.de
+
+By contributing to this repository you agree to license your
+work the same license.

cgi/approve_key

-#!/usr/bin/env python2
-# coding=utf-8
-import cgi
-import cgitb
-import re
-import subprocess
-cgitb.enable()
-
-NAME_PATTERN = '^[a-zA-Z0-9-_\. äÄöÖüÜß]+$'
-CODE_PATTERN = '^[a-zA-Z0-9]{64}$'
-
-KEY_DIR='/home/kasalehlia/keys/'
-KEY_SCRIPT = '/home/kasalehlia/bin/ffbs_keys'
-GIT_DIR = '/home/kasalehlia/peers'
-
-print "Content-Type: text/html;charset=utf-8"
-print ""
-
-form = cgi.FieldStorage()
-
-try:
-    name = form['name'].value
-    code = form['code'].value
-    if re.match(NAME_PATTERN, name) and re.match(CODE_PATTERN, code) and name not in ['.','..']:
-        with open(KEY_DIR+'codes/'+code, 'r') as f:
-            validate = f.read()
-        if validate == name:
-            try:
-                print subprocess.check_output([KEY_SCRIPT, 'approve', name])
-                _ = subprocess.check_output(['/usr/bin/git', 'pull'], cwd=GIT_DIR)
-                _ = subprocess.check_output(['/usr/bin/git', 'add', 'peers/'+name], cwd=GIT_DIR)
-                _ = subprocess.check_output(['/usr/bin/git', 'commit', '-m', 'automated commit'], cwd=GIT_DIR)
-                _ = subprocess.check_output(['/usr/bin/git', 'push'], cwd=GIT_DIR)
-            except subprocess.CalledProcessError as e:
-                print e.output
-        else:
-            print "invalid request"
-    else:
-        print "invalid request"
-except Exception as e:
-    print "Die Anfrage ist ungültig"
-
-

cgi/contact

-#!/usr/bin/env python2
-# coding=utf-8
-
-import cgi
-import cgitb
-import re
-import smtplib
-import uuid
-import datetime
-from email.mime.text import MIMEText
-from subprocess import Popen, PIPE
-cgitb.enable()
-
-CONTACT_EMAIL_TO = 'kontakt@freifunk-bs.de'
-
-EMAIL_REGEX = r"(^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$)"
-
-print "Content-Type: text/html"
-print ""
-
-template = """<meta charset="utf-8">\n%s<br>\n<a href="/kontakt.html">zurück</a>"""
-form = cgi.FieldStorage()
-
-try:
-    email = form['email'].value
-    if not re.match(EMAIL_REGEX, email):
-        raise ValueError()
-    message = form['message'].value
-    
-    captcha = form['captcha'].value
-    captcha = captcha.replace("'", "")
-    captcha = captcha.replace('"', "")
-    captcha = captcha.strip()
-
-    today = str(datetime.datetime.now().day)
-    if today == captcha:
-        msg = MIMEText(message, 'plain', 'utf-8')
-        msg['From'] = "kontakt@freifunk-bs.de"
-        msg['To'] = CONTACT_EMAIL_TO
-        msg['Subject'] = 'Kontaktanfrage von %s' % email
-        msg['Reply-To'] = ','.join([email,CONTACT_EMAIL_TO])
-        uuid = str(uuid.uuid4()) #get a random uuid
-        msg['Message-ID'] = '<'+uuid+'@freifunk-bs.de>'
-        p = Popen(["/usr/sbin/sendmail", "-t", "-oi", "-FKontaktformular"], stdin=PIPE)
-        p.communicate(msg.as_string())
-        print template % "Ihre Nachricht wurde entgegengenommen"
-    else:
-        msg = MIMEText(message, 'plain', 'utf-8')
-        msg['From'] = "kontakt@freifunk-bs.de"
-        msg['To'] = CONTACT_EMAIL_TO
-        msg['Subject'] = '[CAPTCHA]Kontaktanfrage von %s' % email
-        msg['Reply-To'] = ','.join([email,CONTACT_EMAIL_TO])
-        uuid = str(uuid.uuid4()) #get a random uuid
-        msg['Message-ID'] = '<'+uuid+'@freifunk-bs.de>'
-        msg['X-FFBS-CAPTCHA'] = "Failed: User tried: {}; I expected: {}".format(captcha, today)
-        p = Popen(["/usr/sbin/sendmail", "-t", "-oi", "-FKontaktformular"], stdin=PIPE)
-        p.communicate(msg.as_string())
-        print template % "Der Spamschutz wurde nicht erfolgreich ausgefüllt. Bitte versuchen Sie es erneut."
-except Exception as e:
-    print template % "Die Anfrage ist ungültig"
-
-

cgi/deny_key

-#!/usr/bin/env python2
-# coding=utf-8
-import cgi
-import cgitb
-import re
-import subprocess
-cgitb.enable()
-
-NAME_PATTERN = '^[a-zA-Z0-9-_\. äÄöÖüÜß]+$'
-CODE_PATTERN = '^[a-zA-Z0-9]{64}$'
-
-KEY_DIR='/home/kasalehlia/keys/'
-KEY_SCRIPT = '/home/kasalehlia/bin/ffbs_keys'
-
-print "Content-Type: text/html"
-print ""
-
-form = cgi.FieldStorage()
-
-try:
-    name = form['name'].value
-    code = form['code'].value
-    if re.match(NAME_PATTERN, name) and re.match(CODE_PATTERN, code) and name not in ['.','..']:
-        with open(KEY_DIR+'codes/'+code, 'r') as f:
-            validate = f.read()
-        if validate == name:
-            try:
-                print subprocess.check_output([KEY_SCRIPT, 'deny', name])
-            except subprocess.CalledProcessError as e:
-                print e.output
-        else:
-            print "invalid request"
-    else:
-        print "invalid request"
-except Exception as e:
-    print template % "Die Anfrage ist ungültig"
-
-

cgi/gwstatus_push

-#!/usr/bin/env python2
-# coding=utf-8
-
-import cgi
-import cgitb
-import datetime
-import json
-
-SECRET = "ahqu2Choshi7sahDme8aePh4iegh8Wee"
-
-print "Content-Type: text/html"
-print ""
-
-params = cgi.FieldStorage()
-
-if 'secret' in params and params['secret'].value == SECRET:
-    info = dict()
-    info['updated'] = datetime.datetime.now().isoformat()
-    for i in xrange(100): # be prepared for many gateways
-        key = "gw"+str(i).zfill(2)
-        if key in params:
-            try:
-                info[key] = int(params[key].value)
-            except ValueError: # value is not a number
-                pass
-    print "accepted status for "+str(len(info))+" gateways"
-    with open('/home/kasalehlia/ffbs-website/gatewaystatus.json','w') as f:
-        json.dump(info, f)
-else:
-    print "nothing to see here"
-
-
-

cgi/newkey

-#!/usr/bin/env python2
-# coding=utf-8
-
-import cgi
-import cgitb
-import os
-import random
-import re
-import smtplib
-import string
-import time
-from email.mime.text import MIMEText
-from subprocess import Popen, PIPE, check_output, CalledProcessError
-cgitb.enable()
-
-KEY_DIR='/home/kasalehlia/keys/'
-CONTACT_FILE='/home/kasalehlia/contacts.txt'
-
-KEY_PATTERN = r'# ([a-zA-Z0-9-_\. äÄöÖüÜß]+) ?#? ?([\S ]+)?\r?\n([0-9a-f]{64})$';
-#KEY_PATTERN = r'# ([\w.- ]+) ?#? ?([\S ]+)?\r?\n([0-9a-f]{64})$';
-EMAIL_FROM = 'keys@freifunk-bs.de'
-EMAIL_TO = 'ffbs-admin@stratum0.org'
-#EMAIL_TO = 'kasa@shakik.de'
-EMAIL_TEXT = """Key approval request: {name} with key {key}.\n
-To approve: http://www.freifunk-bs.de/approve_key?name={name}&code={code}\n
-To deny: http://www.freifunk-bs.de/deny_key?name={name}&code={code}\n
-\n`{quote}`"""
-QUOTES = list(open('/home/kasalehlia/portal.quotes'))
-
-print "Content-Type: application/json; charset=utf-8"
-print ""
-
-form = cgi.FieldStorage()
-
-try:
-    inp = form['key'].value.strip()
-    contact = form.getfirst('contact','').strip()
-    match = re.match(KEY_PATTERN, inp)
-    if match:
-        name,_contact,key = match.groups()
-        name = name.strip()
-        if not contact:
-            contact = _contact
-        code = ''.join(random.choice(string.letters + string.digits) for _ in xrange(64))
-        if os.path.isfile(KEY_DIR+name):
-            print '{"success":false, "message":"Dieser Name oder dieser Schlüssel ist bereits eingetragen"}'
-        else:
-            try:
-                res = check_output(['/bin/grep','-r','--exclude-dir=codes',key,KEY_DIR])
-            except CalledProcessError as e:
-                res = e.output
-            if len(res):
-                print '{"success":false, "message":"Dieser Name oder dieser Schlüssel ist bereits eingetragen"}'
-            else:
-                with open(KEY_DIR+name,'w') as f:
-                    f.write('key "%s";\n' % key)
-                with open(KEY_DIR+'/codes/'+code,'w') as f:
-                    f.write(name)
-                with open(CONTACT_FILE, 'a') as f:
-                    f.write('{},{},{},{}\n'.format(time.time(),key,name,contact))
-                #s = smtplib.SMTP('localhost')
-                if 'NOMAIL' not in name:
-                    msg = MIMEText(EMAIL_TEXT.format(name=name.replace(' ', '%20'), key=key, code=code, quote=random.choice(QUOTES)[:-1]),'plain','utf-8')
-                    msg['From'] = EMAIL_FROM
-                    msg['To'] = EMAIL_TO
-                    msg['Subject'] = 'Key approval request for %s' % name
-                    #s.sendmail(EMAIL_FROM, [EMAIL_TO], msg.as_string())
-                    #s.quit()
-                    p = Popen(["/usr/sbin/sendmail", "-t", "-oi"], stdin=PIPE)
-                    p.communicate(msg.as_string())
-                    print '{"success":true, "message":"Dein Schlüssel wurde eingetragen, muss aber noch von einem Administrator bestätigt werden"}'
-                else:
-                    print '{"success":true, "message":"debug input accepted"}'
-    else:
-        print '{"success":false, "message":"Die Eingabe ist fehlerhaft"}'
-except Exception as e:
-    print '{"success":false, "message":"Die Eingabe ist fehlerhaft", "err":"'+repr(e)+'"}'
-    #raise e
-
-

contact/REQUIREMENTS.txt

+aiohttp

contact/contact.py

+#!/usr/bin/env python3
+# coding=utf-8
+
+from aiohttp import web
+import asyncio
+import re
+import smtplib
+import uuid
+import datetime
+from email.mime.text import MIMEText
+from subprocess import Popen, PIPE
+
+import logging
+logging.basicConfig(level=logging.INFO)
+
+CONTACT_EMAIL_TO = 'kontakt@freifunk-bs.de'
+
+EMAIL_REGEX = r"(^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$)"
+
+template = """
+<html>
+<head>
+<meta charset="utf-8">
+</head>
+<body>
+%s<br>
+<a href="/kontakt.html">zurück</a>
+</body>
+</html>
+"""
+
+async def handle(req):
+    logging.debug('Got a new request:')
+    form = await req.post()
+    logging.debug(f'Form data: {form}')
+    try:
+        email = form['email']
+        if not re.match(EMAIL_REGEX, email):
+            raise ValueError()
+        message = form['message']
+        
+        captcha = form['captcha']
+        captcha = captcha.replace("'", "")
+        captcha = captcha.replace('"', "")
+        captcha = captcha.strip()
+
+        today = str(datetime.datetime.now().day)
+        if today == captcha:
+            logging.info('CAPTCHA successfull')
+            msg = MIMEText(message, 'plain', 'utf-8')
+            msg['From'] = "kontakt@freifunk-bs.de"
+            msg['To'] = CONTACT_EMAIL_TO
+            msg['Subject'] = 'Kontaktanfrage von %s' % email
+            msg['Reply-To'] = ','.join([email,CONTACT_EMAIL_TO])
+            ruuid = str(uuid.uuid4()) #get a random uuid
+            msg['Message-ID'] = '<'+ruuid+'@freifunk-bs.de>'
+            p = Popen(["/usr/sbin/sendmail", "-t", "-oi", "-FKontaktformular"], stdin=PIPE)
+            p.communicate(msg.as_string().encode())
+            logging.info('Mail sent')
+            return web.Response(body = template % "Ihre Nachricht wurde entgegengenommen", content_type='text/html')
+        else:
+            logging.info('CAPTCHA NOT successfull')
+            return web.Response(body = template % "Der Spamschutz wurde nicht erfolgreich ausgefüllt. Bitte versuchen Sie es erneut.", content_type='text/html')
+    except Exception as e:
+        logging.exception('Request failed! Exception:')
+        return web.Response(body = template % "Die Anfrage ist ungültig", content_type='text/html')
+
+app = web.Application()
+app.add_routes([web.post('/contact', handle)])
+
+if __name__ == '__main__':
+    web.run_app(app, host='0.0.0.0', port=7392)
+
+# vim: expandtab:shiftwidth=4:softtabstop=4

contact/contrib/ffbs-contact.service

+[Unit]
+Description=Provide our contact form backend
+
+[Service]
+Type=simple
+Environment="PYTHONUNBUFFERED=1"
+ExecStart=/var/www/website/venv/bin/python3 /var/www/website/master/contact/contact.py
+Restart=always
+RestartSec=60
+StartLimitInterval=0
+User=gitlab-runner
+
+[Install]
+WantedBy=multi-user.target
+~                                

flamingo/Makefile

@@ -3,25 +3,33 @@ PYTHON_VENV=env
 
 PROJECT_ROOT=.
 WEBSERVER_PORT=8080
-WEBSERVER_HOST=localhost
+WEBSERVER_HOST=0.0.0.0
 
 FLAMINGO_OUTPUT=output
-FLAMINGO_ARGS=-p $(PROJECT_ROOT)
+FLAMINGO_ARGS=-s settings.py
 FLAMINGO_SERVER_ARGS=$(FLAMINGO_ARGS) --port=$(WEBSERVER_PORT) --host=$(WEBSERVER_HOST)
 
 
 all: server
 
 # setup / clean ###############################################################
-$(PYTHON_VENV)/.created:
+$(PYTHON_VENV)/.created.deploy:
 	rm -rf $(PYTHON_VENV) && \
 	$(PYTHON) -m venv $(PYTHON_VENV) && \
 	. $(PYTHON_VENV)/bin/activate && \
-	pip install -r ./REQUIREMENTS.txt > $(PYTHON_VENV)/build.log 2>&1 && \
-	(date > $(PYTHON_VENV)/.created) || \
+	pip install --upgrade -r ./REQUIREMENTS-deploy.txt > $(PYTHON_VENV)/build.log 2>&1 && \
+	(date > $(PYTHON_VENV)/.created.deploy) || \
 	(echo "\e[31m"; cat $(PYTHON_VENV)/build.log; echo "\e[0m"; exit 1)
 
-env: $(PYTHON_VENV)/.created
+deployenv: $(PYTHON_VENV)/.created.deploy
+
+$(PYTHON_VENV)/.created.full:
+	. $(PYTHON_VENV)/bin/activate && \
+	pip install --upgrade -r ./REQUIREMENTS-full.txt > $(PYTHON_VENV)/build.log 2>&1 && \
+	(date > $(PYTHON_VENV)/.created.full) || \
+	(echo "\e[31m"; cat $(PYTHON_VENV)/build.log; echo "\e[0m"; exit 1)
+
+env: deployenv $(PYTHON_VENV)/.created.full
 
 clean:
 	rm -rf $(FLAMINGO_OUTPUT)
@@ -31,7 +39,8 @@ distclean:
 
 
 # build #######################################################################
-html: env
+
+html: deployenv
 	. $(PYTHON_VENV)/bin/activate && \
 	flamingo build $(FLAMINGO_ARGS)
 

flamingo/README

+How to use a flamingo-based website?
+====================================
+
+Requirements
+------------
+
+You will need at least Python 3.5.3 to run the live-server.
+
+Writing Content
+---------------
+
+To write new content create a new file in `content/`.
+If there is already a file that looks simliar to what you want
+to do (e.g. write a blog post) just copy it.
+
+If you want to manipulate existing content:
+Take a look into the generated HTML. Between `</head>` and `<body>` is 
+a section containing some information about the file.
+Find the file listed in `path` inside the `context/`-directory and
+just edit the file ¯\_(ツ)_/¯
+
+Preview
+-------
+
+Go into the base path of the project (that is where is `Makefile` is)
+and type:
+
+make server
+
+Open your webbroser and navigate to http://localhost:8080/live-server .
+
+A page in the live-server will reload every time to change the input.
+Be aware that sometimes menus are broken in the preview.
+
+
+Test-Deploy
+-----------
+
+If you want your changes to be reviewed by someone else you can push
+your changed to a branch namend `testbed`.
+Be aware that this branch may be overridden by others.
+Always keep your changes in a personalized topic branch, e.g. `chrissi/blog`.
+
+Your preview will be availalble at
+https://testbed.freifunk-bs.de
+
+Deploy
+------
+
+Push your changes to `master` and wait for the pipeline to finish
+deployment.

flamingo/REQUIREMENTS-deploy.txt

+flamingo[full]
+beautifulsoup4
+Pillow
+ipython==6
+coloredlogs

flamingo/REQUIREMENTS-full.txt

+flamingo[full]
+beautifulsoup4
+Pillow
+ipython==6
+coloredlogs

flamingo/REQUIREMENTS.txt

-git+git://github.com/pengutronix/flamingo@master#egg=flamingo
-beautifulsoup4==4.5.3
-Pillow==4.3.0
-ipython==6
-

flamingo/content/attic/BulletM2.wiki

+disabled: true
+title: Bullet M2
+
+
+{{Infobox Router
+|Name = Bullet M2
+|Bild = Router_Bullet_side.jpg
+|Bildunterschrift = ''Bullet M2''
+|Hersteller = Ubiquity
+|Modell = Bullet M2
+|2.4GHz = Ja
+|5GHz = Nein
+|Standards = IEEE 802.11n,g,b
+|Antennen = keine
+|AbstrahlungHorizontal = n/a
+|AbstrahlungVertikal = n/a
+|Reichweite = n/a
+|Outdoor = Outdoor
+|Stromversorgung = POE
+|Durchsatz= ca. 8 Mbps
+|Clients = ca. 15
+|LANPorts = keiner
+|Gesamtpreis= ca. 80 Eur
+}}
+Die Bullet M2 besitzt keine mitgelieferte Antenne. Vielmehr kann das Gerät mittels des N-Steckers (Bullet M2: Buchse, Antenne: Stecker) an eine Richtfunk- oder Rundstrahlantenne direkt angeschlossen werden.
+
+Die Bullet ist in einer Kunststoff- und einer "Titanium" Variante erhätlich. Die Titanium - Variante ist aus Aluminium, und besitzt keine Status - LEDs.
+
+== Einsatzszenarien ==
+Der Bullet M2 ist ein semiprofessionelles Gerät für den Innen- und Außenbereich und gut geeignet um kleinere Hallen, Strassenbereiche oder Plätze auszuleuchten oder um eine Richtfunkstrecke aufzubauen.
+
+Der Router kann eine kleinere Anzahl Clients (ca. 15) mit einer Gesamtbandbreite von ca. 8MBit/s versorgen.
+
+== Antennen ==
+Als Rundstrahlantennen kommen bspw. die Alfa, oder Engenius Antenne in Betracht.
+
+Die Alfa Antenne ist ein preiswertes Modell (ca 15 Euro), der Lieferumfang umfaßt die reine Antenne.
+Die Engenius Antenne ist ein mittelpreisiges Modell (ca 45 Euro), im Lieferumfang sind Masthalterungen enthalten.
+
+== Stromversorgung ==
+Die Bullet M2 benötigt ein abgesetztes 24V / 1A POE - Netzteil versorgt. Im Gegensatz zu den Nanostations ist dieses NICHT im Lieferumfang enthalten.
+
+== Anschlüsse und Bedienelemente ==
+Die Bullet M2 besitzt lediglich einen WAN Port, dementsprechend sind Szenarien wie Mesh on LAN oder die zusätzliche Anbindung von PCs nicht möglich. 
+In das zum heimischen Router führende Kabel wird das POE Netzteil zwischengeschaltet um die Nanostation mit Strom zu versorgen. Der mit "POE" bezeichnete Anschluß wird hierbei an die Nanostation angeschlossen, der mit "LAN" bezeichnete Anschluß an das heimische Netzwerk.
+
+Sowohl an der Bullet M2 wie auch am POE - Netzteil befinden sich ein Reset - Taster welche bspw. mit einer Büroklammer betätigt werden können.
+
+== Befestigung ==
+Die Befestigung erfolgt an einem Masten oder einem Balkongeländer, je nach verwendetem Antennentyp.
+
+== Versionsnummer ==
+Derzeit gibt es nur eine Version der Bullet M2: V1.
+
+
+== Bezugsquellen ==
+
+[https://www.wecanhelp.de/422305002/productsearch?pr=MTQ1MTMwMzc4&e=MDA4MTAzNTQwMjQ5MDA=&searchterm=bullet%20m2 Preisvergleich]
+
+[http://bit.ly/2ohGm2Z Conrad]
+
+== Fotos ==
+
+=== Bullet M2 ===
+<gallery style="text-align:center" mode="packed">
+Router_BulletM2_full.jpg
+Router_BulletM2_front.jpg
+Router_BulletM2_rear.jpg
+</gallery>
+
+=== POE Netzteil ===
+<gallery style="text-align:center" mode="packed">
+Router_BulletM2_poe1.jpg
+Router_BulletM2_poe2.jpg
+Router_BulletM2_poe3.jpg
+Router_BulletM2_poe4.jpg
+</gallery>
+
+=== Antennen ===
+<gallery style="text-align:center" mode="packed">
+Router_BulletEngenius.jpg
+Antenne_Alfa.jpg
+Antenne_Engenius.jpg
+</gallery>
+[[Category:Hardware]]

flamingo/content/attic/Eduroam.wiki

+disabled: true
+title: Eduroam
+
+
+''' Dies ist hoch experimental'''
+''' Dieser Artikel ist unvollständig '''
+
+Dieses Setup erlaubt es einen FF-route in das uni eduroam net zu hängen welcher dann widerum ein wlan aufmacht um in FF-netz zu gelangen.
+
+== TODO ==
+* Script scheiben
+* test fix für firewall auf neuem os
+
+== Benötigt ==
+* [[Einrichtung/TP-LINK_TL-WR_und_TL-WDR| FF auf nem router]]
+* [[SSH-Zugang|SSH-Zugang]]
+
+
+== Getestet ==
+* TL-WR841N
+
+
+== Einrichtung ==
+
+
+=== patches ===
+==== /etc/config/wireles ====
+An ende dies hinzufügen
+<pre>
+
+config wifi-iface 'wan_w_radio0'
+        option network 'wan_w'
+        option macaddr '<Deine Mac>'
+        option device 'radio0'
+        option mode 'sta'
+## Auskommentieren wenn ihr nur in nen gewöhnliches wpa2 wlan wollt letzten schriet weglassen
+#        option 'encryption' 'psk2'
+#        option 'ssid'       '<ESSID>'
+#        option 'key'        '<password>'
+</pre>
+==== /etc/config/netwok====
+add
+<pre>
+config interface 'wan_w'
+        option proto 'dhcp
+        option peerdns '0'
+        option auto '1'
+</pre>
+==== /etc/config/firewall ====
+in zone wan add:
+<pre>
+
+        list network 'wan_w'
+</pre>
+
+
+==== /etc/hotplug.d/iface/50-gluon-wan-dnsmasq ====
+add
+<pre>
+if [ "$INTERFACE" = 'wan_w' ]; then
+   /lib/gluon/wan-dnsmasq/update.lua
+fi
+</pre>
+
+==== /lib/gluon/wan-dnsmasq/update.lua ====
+ergänze die liste so
+<pre>
+  pcall(write_interface_servers, f, 'wan6')
+  pcall(write_interface_servers, f, 'wan')
+  pcall(write_interface_servers, f, 'wan_w')
+</pre>
+==== /etc/wpa_sup.conf ====
+Datei anlegen und deine Daten eintragen
+<pre>
+network={
+   ssid="eduroam"
+   key_mgmt=WPA-EAP
+   pairwise=CCMP TKIP
+   eap=TTLS
+   proto=WPA RSN
+   identity="[username/mail ding]"
+   anonymous_identity="anonymous@ostfalia.de" ##oder wie das bei euch heist
+   password="[Dein Password]"
+   phase2="auth=PAP"
+}
+</pre>
+=== weiters ===
+nach neustart
+ $ killall wpa_supplicant  # besser öfter damit das auch wirklich tot ist
+ $ wpa_supplicant  -P /var/run/wpa_supplicant-wlan0.pid -D nl80211 -i wlan0-1 -c /etc/wpa_sup.conf -C /var/run/wpa_supplicant -H /var/run/hostapd/wlan0-2
+
+
+wenn die jetzt Internet auf dem router hast aber dein vpn nicht verbindet versuch mal die firewal auszumachen mit 
+''' /etc/init.d/firewall stop '''
+nicht ratsam aber hilft kann man wider anmachen sobald die Verbindung hergestellt ist