From ffff3473966c42133b8faed7d8a120739c5451d4 Mon Sep 17 00:00:00 2001 From: James Vorderbruggen Date: Sun, 13 Jun 2021 12:09:57 -0400 Subject: [PATCH] yggdrasil: allow HTTPS connections Signed-off-by: James Vorderbruggen --- net/yggdrasil/Makefile | 2 +- net/yggdrasil/files/yggdrasil.defaults | 11 +++++++++++ 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/net/yggdrasil/Makefile b/net/yggdrasil/Makefile index 7b1a671fa..5be4aa075 100644 --- a/net/yggdrasil/Makefile +++ b/net/yggdrasil/Makefile @@ -2,7 +2,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=yggdrasil PKG_VERSION:=0.3.16 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/yggdrasil-network/yggdrasil-go/tar.gz/v$(PKG_VERSION)? diff --git a/net/yggdrasil/files/yggdrasil.defaults b/net/yggdrasil/files/yggdrasil.defaults index 09f1f87ab..22472404b 100644 --- a/net/yggdrasil/files/yggdrasil.defaults +++ b/net/yggdrasil/files/yggdrasil.defaults @@ -89,6 +89,17 @@ EOF set firewall.@rule[-1].target=ACCEPT EOF + # allow LuCI access with SSL from yggdrasil zone, needs to be explicitly enabled + uci -q batch <<-EOF >/dev/null + add firewall rule + set firewall.@rule[-1].enabled=0 + set firewall.@rule[-1].name='Allow-HTTPS-yggdrasil' + set firewall.@rule[-1].src=yggdrasil + set firewall.@rule[-1].proto=tcp + set firewall.@rule[-1].dest_port=443 + set firewall.@rule[-1].target=ACCEPT +EOF + uci commit firewall uci commit network