DiogoVieira14/lr-openwrt-tool
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
lr-openwrt-tool/README.md
T
litoral05 8075104243 Initial project structure cleanup
2026-05-08 16:57:55 +01:00

3.0 KiB
Raw Permalink Blame History

Litoral Regas VPN Orchestrator

A dark-themed Tauri desktop technician app for provisioning Litoral_Regas OpenWrt WireGuard production routers.

Production baseline

The app is structured around the validated router baseline:

  • OpenWrt 23.05 only
  • ZBT-WE826 16M target firmware
  • fw4/nftables only
  • no opkg upgrade
  • LAN subnet: 198.51.100.0/24
  • Router LAN IP: 198.51.100.1
  • Controller IP: 198.51.100.10
  • PLC IP: 198.51.100.50
  • Overlay route: 198.19.0.0/16
  • Router password: litoralr
  • Hostname format: Litoral_Regas_XXX
  • LuCI over WireGuard
  • VPN firewall zone and DNAT rules:
    • router WG IP :5900 -> 198.51.100.10:5900
    • router WG IP :20248 -> 198.51.100.10:20249
    • router WG IP :8000 -> 198.51.100.10:8000
    • router WG IP :81 -> 198.51.100.50:81

Install

npm install
npm install lucide-react recharts clsx tailwind-merge
npm install -D tailwindcss postcss autoprefixer

Development

npm run tauri:dev

Equivalent bootstrap command sequence:

npm create tauri-app@latest lr-openwrt-tool
# choose React, TypeScript, npm
cd lr-openwrt-tool
npm install
npm run tauri:dev

Build

npm run tauri:build

Backend assumptions

Development defaults are stored in app settings, not hardcoded as production secrets:

  • Base URL: http://localhost:8080
  • Header: X-API-Key: dev-api-key

Implemented API client calls:

  • GET /api/vpn/available-ip
  • GET /api/vpn/used-ips
  • POST /api/vpn/peers
  • GET /api/vps/health
  • POST /api/vps/wireguard/rollback-last-backup

Provisioning flow

The provisioning wizard models the technician workflow as a state machine:

  1. IDLE
  2. DETECT_ROUTER
  3. UPLOAD_FIRMWARE
  4. FLASHING
  5. WAITING_FOR_REBOOT
  6. WAITING_FOR_RECONNECT
  7. UPLOAD_PROVISIONING_BUNDLE
  8. RUN_PROVISIONING
  9. CAPTURE_PUBLIC_KEY
  10. REGISTER_PEER
  11. VERIFY
  12. COMPLETE
  13. ERROR

New router flow:

  1. Detect router at 192.168.1.1.
  2. Request next available VPN IP from the backend.
  3. Generate router.env using the production baseline.
  4. Upload firmware, flash router, and wait for SSH at 198.51.100.1.
  5. Upload router.env and provision.sh.
  6. Run provisioning.
  7. Capture WireGuard public key.
  8. Register peer with POST /api/vpn/peers.
  9. Verify final router state.

Reprovision flow keeps the selected existing VPN IP and replaces the public key through the same POST /api/vpn/peers endpoint.

Current Tauri command status

The following commands are implemented as mock placeholders with production-ready signatures:

  • detect_router(ip)
  • upload_firmware(ip, firmwarePath)
  • flash_router(ip, remoteFirmwarePath)
  • wait_for_ssh(ip)
  • upload_provisioning_bundle(ip, envContent, scriptContent)
  • run_provisioning(ip)
  • capture_wireguard_public_key(ip)
  • verify_router(ip)

Future work should replace the mock bodies with real SSH/SCP/sysupgrade logic and explicitly call remove_known_host before reconnect attempts for 192.168.1.1 and 198.51.100.1.

Reference in New Issue View Git Blame Copy Permalink