From patchwork Fri May 14 08:32:38 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Petr_=C5=A0tetiar?= X-Patchwork-Id: 1478359 X-Patchwork-Delegate: ynezz@true.cz Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.openwrt.org (client-ip=2001:8b0:10b:1:d65d:64ff:fe57:4e05; helo=desiato.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=desiato.20200630 header.b=KxpGu9GZ; dkim-atps=neutral Received: from desiato.infradead.org (desiato.infradead.org [IPv6:2001:8b0:10b:1:d65d:64ff:fe57:4e05]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4FhMK23qkSz9sW5 for ; Fri, 14 May 2021 18:34:46 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=desiato.20200630; h=Sender:Content-Transfer-Encoding :Content-Type:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To:Message-Id:Date: Subject:Cc:To:From:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=N7/x3SSRzVF37uUJ/A/Ptwd5nxQfApvCIANrlxcXl6A=; b=KxpGu9GZEfj+9UoAq6B23puOV CPDwVY/NRk1mnVVhU2x52BUuvJVxSDww8jTY9jndnP/PVNziNQ2zN6LoneAuDbn7MwtE2S3mkdmmG iKzriCOY6ltJ0+pyV3v3isqdKhSKvdDgATieewhsxSofUBfUgTiW8p03GmIhhzCVgKvW7y3vUxeGu 7orXEIXF7uvoPjg8/pyfMCUf0G7v4YjwKv9GSeKEpznxjLweGT4LabWB2PHyzV9/ZfbQFPtKZh3+D 8t9N+wsIM6wd/EJlCqJzsZYTWQm6ey8CVMMHtPcbUVang0NrCbCpL9u7B7SeBhOl0pGp+N+ZTPGC6 pHox3U4PA==; Received: from localhost ([::1] helo=desiato.infradead.org) by desiato.infradead.org with esmtp (Exim 4.94 #2 (Red Hat Linux)) id 1lhTFh-007WHv-OU; Fri, 14 May 2021 08:32:57 +0000 Received: from smtp-out.xnet.cz ([178.217.244.18]) by desiato.infradead.org with esmtps (Exim 4.94 #2 (Red Hat Linux)) id 1lhTFc-007WFd-Lq for openwrt-devel@lists.openwrt.org; Fri, 14 May 2021 08:32:54 +0000 Received: from meh.true.cz (meh.true.cz [108.61.167.218]) (Authenticated sender: petr@true.cz) by smtp-out.xnet.cz (Postfix) with ESMTPSA id 0B3311897A; Fri, 14 May 2021 10:32:47 +0200 (CEST) Received: by meh.true.cz (OpenSMTPD) with ESMTP id 9fe04a0b; Fri, 14 May 2021 10:32:21 +0200 (CEST) From: =?utf-8?q?Petr_=C5=A0tetiar?= To: openwrt-devel@lists.openwrt.org Cc: Jo-Philipp Wich , =?utf-8?q?Petr_=C5=A0tetiar?= Subject: [PATCH ansible] inventories: prod: 21.02: include TLS support Date: Fri, 14 May 2021 10:32:38 +0200 Message-Id: <20210514083238.13878-1-ynezz@true.cz> In-Reply-To: <6bb10925-e232-5668-9000-64dec426005c@hauke-m.de> References: <6bb10925-e232-5668-9000-64dec426005c@hauke-m.de> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210514_093252_835399_E18CACFB X-CRM114-Status: UNSURE ( 8.24 ) X-CRM114-Notice: Please train this message. X-Spam-Score: 0.0 (/) X-Spam-Report: Spam detection software, running on the system "desiato.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: OpenWrt 21.02 currently ships with wolfssl and LuCI for http. It would be nice to also have https support included in the default images. To add this the following packages have to be added: * luci-ssl (969 Bytes ipkg) * px5g-wolfssl (5216 bytes ipkg) Content analysis details: (0.0 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: OpenWrt Development List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org OpenWrt 21.02 currently ships with wolfssl and LuCI for http. It would be nice to also have https support included in the default images. To add this the following packages have to be added: * luci-ssl (969 Bytes ipkg) * px5g-wolfssl (5216 bytes ipkg) The ath79 images increased by 2.2 KBytes when these packages were included. Automatic redirection from HTTP to HTTPS was disabled in commit 0cf3c5dd7257 ("uhttpd: don't redirect to HTTPS by default") so folks willing to use HTTPS would need to reach that service explicitly. References: https://lists.infradead.org/pipermail/openwrt-devel/2021-May/035056.html Acked-by: Hauke Mehrtens Signed-off-by: Petr Štetiar Acked-by: Paul Spooren --- inventories/prod/group_vars/all/02-openwrt-prod.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/inventories/prod/group_vars/all/02-openwrt-prod.yml b/inventories/prod/group_vars/all/02-openwrt-prod.yml index 63ad0511b0de..f257fdcb10d5 100644 --- a/inventories/prod/group_vars/all/02-openwrt-prod.yml +++ b/inventories/prod/group_vars/all/02-openwrt-prod.yml @@ -149,6 +149,7 @@ buildmaster: CONFIG_KERNEL_KALLSYMS=n CONFIG_AUTOREMOVE=y CONFIG_PACKAGE_luci=y + CONFIG_PACKAGE_luci-ssl=y CONFIG_IB=y CONFIG_SDK=y