yggdrasil: allow HTTPS connections

Signed-off-by: James Vorderbruggen <jamesvorder@gmail.com>

diff --git a/net/yggdrasil/Makefile b/net/yggdrasil/Makefile
index 7b1a671fab77cbc59cc46465605a421bcc44d5bb..5be4aa0756ae207cf9d8601df9583d5d1f057b8a 100644 (file)
--- a/net/yggdrasil/Makefile
+++ b/net/yggdrasil/Makefile
@@ -2,7 +2,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=yggdrasil
 PKG_VERSION:=0.3.16
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/yggdrasil-network/yggdrasil-go/tar.gz/v$(PKG_VERSION)?

diff --git a/net/yggdrasil/files/yggdrasil.defaults b/net/yggdrasil/files/yggdrasil.defaults
index 09f1f87abdb7d5f3fde94c75a35f93f9d929c225..22472404b563b40243cd009d9a0c905bdce61165 100644 (file)
--- a/net/yggdrasil/files/yggdrasil.defaults
+++ b/net/yggdrasil/files/yggdrasil.defaults
@@ -89,6 +89,17 @@ EOF
     set firewall.@rule[-1].target=ACCEPT
 EOF
 
+  # allow LuCI access with SSL from yggdrasil zone, needs to be explicitly enabled
+  uci -q batch <<-EOF >/dev/null
+    add firewall rule
+    set firewall.@rule[-1].enabled=0
+    set firewall.@rule[-1].name='Allow-HTTPS-yggdrasil'
+    set firewall.@rule[-1].src=yggdrasil
+    set firewall.@rule[-1].proto=tcp
+    set firewall.@rule[-1].dest_port=443
+    set firewall.@rule[-1].target=ACCEPT
+EOF
+
   uci commit firewall
   uci commit network