From 1089939777d8011af019966aa18cf8cc182424bf Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@robotics.uk.to>
Date: Sat, 28 May 2016 12:16:00 +0100
Subject: [PATCH] Move mesh install functions

Otherwise dns lookups fail
---
 src/freedombone-image-customise | 525 ++++++++++++++++++++++++++++++--
 1 file changed, 501 insertions(+), 24 deletions(-)

diff --git a/src/freedombone-image-customise b/src/freedombone-image-customise
index a60d32d2..11ace563 100755
--- a/src/freedombone-image-customise
+++ b/src/freedombone-image-customise
@@ -394,17 +394,511 @@ atheros_wifi() {
 	fi
 }
 
+configure_wifi() {
+	if [[ $VARIANT == "mesh" ]]; then
+		return
+	fi
+
+	if [ -f $WIFI_NETWORKS_FILE ]; then
+		chroot "$rootdir" ${PROJECT_NAME}-wifi -i $WIFI_INTERFACE --networks $WIFI_NETWORKS_FILE
+		return
+	fi
+
+	if [[ $WIFI_TYPE != 'none' ]]; then
+		if [ ${#WIFI_PASSPHRASE} -lt 2 ]; then
+			return
+		fi
+		chroot "$rootdir" ${PROJECT_NAME}-wifi -i $WIFI_INTERFACE -s $WIFI_SSID -t $WIFI_TYPE -p $WIFI_PASSPHRASE --hotspot $WIFI_HOTSPOT
+	else
+		chroot "$rootdir" ${PROJECT_NAME}-wifi -i $WIFI_INTERFACE -s $WIFI_SSID -t $WIFI_TYPE --hotspot $WIFI_HOTSPOT
+	fi
+}
+
+##############################################################################
+# Mesh networking
+##############################################################################
+
+# for mesh installs
+TRACKER_PORT=6969
+
+WIFI_CHANNEL=2
+
+# B.A.T.M.A.N settings
+BATMAN_CELLID='02:BA:00:00:03:01'
+WIFI_SSID='mesh'
+
+rootdir=''
+FN=
+CHROOT_PREFIX=chroot "$rootdir"
+FRIENDS_MIRRORS_SERVER=
+
+# To avoid confusions these are obtained from the main project file
+TOXID_REPO=
+TOX_PORT=
+TOXCORE_REPO=
+TOXIC_REPO=
+TOXCORE_COMMIT=
+TOXIC_COMMIT=
+# These are some default nodes, but you can replace them with trusted nodes
+# as you prefer. See https://wiki.tox.im/Nodes
+TOX_NODES=
+#TOX_NODES=(
+#  '192.254.75.102,2607:5600:284::2,33445,951C88B7E75C867418ACDB5D273821372BB5BD652740BCDF623A4FA293E75D2F,Tox RELENG,US'
+#  '144.76.60.215,2a01:4f8:191:64d6::1,33445,04119E835DF3E78BACF0F84235B300546AF8B936F035185E2A8E9E0A67C8924F,sonOfRa,DE'
+#)
+
+# To avoid confusions these are obtained from the main project file
+ZERONET_REPO=
+ZERONET_COMMIT=
+ZERONET_PORT=
+
+# Directory where source code is downloaded and compiled
+INSTALL_DIR=$HOME/build
+
+function mesh_avahi {
+	chroot "$rootdir" apt-get -y install avahi-utils avahi-autoipd avahi-dnsconfd
+
+	decarray=( 1 2 3 4 5 6 7 8 9 0 )
+	PEER_ID=${decarray[$RANDOM%10]}${decarray[$RANDOM%10]}${decarray[$RANDOM%10]}${decarray[$RANDOM%10]}${decarray[$RANDOM%10]}${decarray[$RANDOM%10]}${decarray[$RANDOM%10]}${decarray[$RANDOM%10]}
+	sed -i "s|#host-name=.*|host-name=P$PEER_ID|g" $rootdir/etc/avahi/avahi-daemon.conf
+
+	if [ ! -d $rootdir/etc/avahi/services ]; then
+		mkdir -p $rootdir/etc/avahi/services
+	fi
+
+	# remove an avahi service which isn't used
+	if [ -f $rootdir/etc/avahi/services/udisks.service ]; then
+		rm $rootdir/etc/avahi/services/udisks.service
+	fi
+
+	# Add an ssh service
+	echo '<?xml version="1.0" standalone="no"?><!--*-nxml-*-->' > $rootdir/etc/avahi/services/ssh.service
+	echo '<!DOCTYPE service-group SYSTEM "avahi-service.dtd">' >> $rootdir/etc/avahi/services/ssh.service
+	echo '<service-group>' >> $rootdir/etc/avahi/services/ssh.service
+	echo '  <name replace-wildcards="yes">%h SSH</name>' >> $rootdir/etc/avahi/services/ssh.service
+	echo '  <service>' >> $rootdir/etc/avahi/services/ssh.service
+	echo '    <type>_ssh._tcp</type>' >> $rootdir/etc/avahi/services/ssh.service
+	echo "    <port>$SSH_PORT</port>" >> $rootdir/etc/avahi/services/ssh.service
+	echo '  </service>' >> $rootdir/etc/avahi/services/ssh.service
+	echo '</service-group>' >> $rootdir/etc/avahi/services/ssh.service
+
+	# keep the daemon running
+	WATCHDOG_SCRIPT_NAME="keepon"
+	echo '' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
+	echo '# keep avahi daemon running' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
+	echo 'AVAHI_RUNNING=$(pgrep avahi-daemon > /dev/null && echo Running)' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
+	echo 'if [ ! $AVAHI_RUNNING ]; then' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
+	echo '  systemctl start avahi-daemon' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
+	echo '  echo -n $CURRENT_DATE >> $LOGFILE' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
+	echo '  echo " Avahi daemon restarted" >> $LOGFILE' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
+	echo 'fi' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
+	chmod +x $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
+}
+
+function mesh_batman {
+	chroot "$rootdir" apt-get -y install iproute bridge-utils libnetfilter-conntrack3 batctl
+	chroot "$rootdir" apt-get -y install python-dev libevent-dev ebtables python-pip git
+	chroot "$rootdir" apt-get -y install wireless-tools rfkill
+
+	if ! grep -q "batman_adv" $rootdir/etc/modules; then
+		echo 'batman_adv' >> $rootdir/etc/modules
+	fi
+
+	BATMAN_SCRIPT=$rootdir/var/lib/batman
+
+	if [ -f /usr/local/bin/${PROJECT_NAME}-mesh-batman ]; then
+		cp /usr/local/bin/${PROJECT_NAME}-mesh-batman $BATMAN_SCRIPT
+	else
+		cp /usr/bin/${PROJECT_NAME}-mesh-batman $BATMAN_SCRIPT
+	fi
+
+	BATMAN_DAEMON=$rootdir/etc/systemd/system/batman.service
+	echo '[Unit]' > $BATMAN_DAEMON
+	echo 'Description=B.A.T.M.A.N. Advanced' >> $BATMAN_DAEMON
+	echo '' >> $BATMAN_DAEMON
+	echo '[Service]' >> $BATMAN_DAEMON
+	echo 'Type=oneshot' >> $BATMAN_DAEMON
+	echo "ExecStart=/var/lib/batman start" >> $BATMAN_DAEMON
+	echo "ExecStop=/var/lib/batman stop" >> $BATMAN_DAEMON
+	echo 'RemainAfterExit=yes' >> $BATMAN_DAEMON
+	echo '' >> $BATMAN_DAEMON
+	echo '# Allow time for the server to start/stop' >> $BATMAN_DAEMON
+	echo 'TimeoutSec=300' >> $BATMAN_DAEMON
+	echo '' >> $BATMAN_DAEMON
+	echo '[Install]' >> $BATMAN_DAEMON
+	echo 'WantedBy=multi-user.target' >> $BATMAN_DAEMON
+	chroot "$rootdir" systemctl enable batman
+}
+
+function mesh_firewall {
+	FIREWALL_FILENAME=${rootdir}/etc/systemd/system/meshfirewall.service
+	MESH_FIREWALL_SCRIPT=${rootdir}/usr/bin/mesh-firewall
+
+	echo '#!/bin/bash' > $MESH_FIREWALL_SCRIPT
+	echo 'iptables -P INPUT ACCEPT' >> $MESH_FIREWALL_SCRIPT
+	echo 'ip6tables -P INPUT ACCEPT' >> $MESH_FIREWALL_SCRIPT
+	echo 'iptables -F' >> $MESH_FIREWALL_SCRIPT
+	echo 'ip6tables -F' >> $MESH_FIREWALL_SCRIPT
+	echo 'iptables -t nat -F' >> $MESH_FIREWALL_SCRIPT
+	echo 'ip6tables -t nat -F' >> $MESH_FIREWALL_SCRIPT
+	echo 'iptables -X' >> $MESH_FIREWALL_SCRIPT
+	echo 'ip6tables -X' >> $MESH_FIREWALL_SCRIPT
+	echo 'iptables -P INPUT DROP' >> $MESH_FIREWALL_SCRIPT
+	echo 'ip6tables -P INPUT DROP' >> $MESH_FIREWALL_SCRIPT
+	echo 'iptables -A INPUT -i lo -j ACCEPT' >> $MESH_FIREWALL_SCRIPT
+	echo 'iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT' >> $MESH_FIREWALL_SCRIPT
+	echo '' >> $MESH_FIREWALL_SCRIPT
+	echo '# Make sure incoming tcp connections are SYN packets' >> $MESH_FIREWALL_SCRIPT
+	echo 'iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP' >> $MESH_FIREWALL_SCRIPT
+	echo '' >> $MESH_FIREWALL_SCRIPT
+	echo '# Drop packets with incoming fragments' >> $MESH_FIREWALL_SCRIPT
+	echo 'iptables -A INPUT -f -j DROP' >> $MESH_FIREWALL_SCRIPT
+	echo '' >> $MESH_FIREWALL_SCRIPT
+	echo '# Drop bogons' >> $MESH_FIREWALL_SCRIPT
+	echo 'iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP' >> $MESH_FIREWALL_SCRIPT
+	echo 'iptables -A INPUT -p tcp --tcp-flags ALL FIN,PSH,URG -j DROP' >> $MESH_FIREWALL_SCRIPT
+	echo 'iptables -A INPUT -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j DROP' >> $MESH_FIREWALL_SCRIPT
+	echo '' >> $MESH_FIREWALL_SCRIPT
+	echo '# Incoming malformed NULL packets:' >> $MESH_FIREWALL_SCRIPT
+	echo 'iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP' >> $MESH_FIREWALL_SCRIPT
+	echo '' >> $MESH_FIREWALL_SCRIPT
+	echo "iptables -A INPUT -p tcp --dport $TOX_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
+	echo "iptables -A INPUT -i $WIFI_INTERFACE -p udp --dport $ZERONET_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
+	echo "iptables -A INPUT -i $WIFI_INTERFACE -p tcp --dport $ZERONET_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
+	echo "iptables -A INPUT -i $WIFI_INTERFACE -p udp --dport $TRACKER_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
+	echo "iptables -A INPUT -i $WIFI_INTERFACE -p tcp --dport $TRACKER_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
+	echo "iptables -A INPUT -i $WIFI_INTERFACE -p udp --dport 1900 -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
+	chmod +x $MESH_FIREWALL_SCRIPT
+
+	echo '[Unit]' > $FIREWALL_FILENAME
+	echo 'Description=Mesh Firewall' >> $FIREWALL_FILENAME
+	echo '' >> $FIREWALL_FILENAME
+	echo '[Service]' >> $FIREWALL_FILENAME
+	echo 'Type=oneshot' >> $FIREWALL_FILENAME
+	echo 'ExecStart=/usr/bin/mesh-firewall' >> $FIREWALL_FILENAME
+	echo 'RemainAfterExit=no' >> $FIREWALL_FILENAME
+	echo '' >> $FIREWALL_FILENAME
+	echo 'TimeoutSec=30' >> $FIREWALL_FILENAME
+	echo '' >> $FIREWALL_FILENAME
+	echo '[Install]' >> $FIREWALL_FILENAME
+	echo 'WantedBy=multi-user.target' >> $FIREWALL_FILENAME
+	chroot "$rootdir" systemctl enable meshfirewall
+}
+
+function mesh_tox_node {
+	# obtain commits from the main file
+	if [ -f /usr/local/bin/${PROJECT_NAME} ]; then
+		TOXCORE_COMMIT_MAIN=$(cat /usr/local/bin/${PROJECT_NAME} | grep "TOXCORE_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
+	else
+		TOXCORE_COMMIT_MAIN=$(cat /usr/bin/${PROJECT_NAME} | grep "TOXCORE_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
+	fi
+	if [ ${#TOXCORE_COMMIT_MAIN} -gt 10 ]; then
+		TOXCORE_COMMIT=$TOXCORE_COMMIT_MAIN
+	fi
+	if [ ! $TOXCORE_COMMIT ]; then
+		echo $'No Tox commit was specified'
+		exit 76325
+	fi
+
+	if [ -f /usr/local/bin/${PROJECT_NAME} ]; then
+		TOXID_REPO_MAIN=$(cat /usr/local/bin/${PROJECT_NAME} | grep "TOXID_REPO=" | head -n 1 | awk -F '"' '{print $2}')
+	else
+		TOXID_REPO_MAIN=$(cat /usr/bin/${PROJECT_NAME} | grep "TOXID_REPO=" | head -n 1 | awk -F '"' '{print $2}')
+	fi
+	if [ ${#TOXID_REPO_MAIN} -gt 5 ]; then
+		TOXID_REPO=$TOXID_REPO_MAIN
+	fi
+	if [ ! $TOXID_REPO ]; then
+		echo $'No ToxID repo was specified'
+		exit 78252
+	fi
+
+	if [ -f /usr/local/bin/${PROJECT_NAME} ]; then
+		TOX_PORT_MAIN=$(cat /usr/local/bin/${PROJECT_NAME} | grep "TOX_PORT=" | head -n 1 | awk -F '=' '{print $2}')
+	else
+		TOX_PORT_MAIN=$(cat /usr/bin/${PROJECT_NAME} | grep "TOX_PORT=" | head -n 1 | awk -F '=' '{print $2}')
+	fi
+	if [ ${#TOX_PORT_MAIN} -gt 2 ]; then
+		TOX_PORT=$TOX_PORT_MAIN
+	fi
+	if [ ! $TOX_PORT ]; then
+		echo $'No Tox port was specified'
+		exit 32856
+	fi
+
+	if [ -f /usr/local/bin/${PROJECT_NAME} ]; then
+		TOXCORE_REPO_MAIN=$(cat /usr/local/bin/${PROJECT_NAME} | grep "TOXCORE_REPO=" | head -n 1 | awk -F '"' '{print $2}')
+	else
+		TOXCORE_REPO_MAIN=$(cat /usr/bin/${PROJECT_NAME} | grep "TOXCORE_REPO=" | head -n 1 | awk -F '"' '{print $2}')
+	fi
+	if [ ${#TOXCORE_REPO_MAIN} -gt 10 ]; then
+		TOXCORE_REPO=$TOXCORE_REPO_MAIN
+	fi
+	if [ ! $TOXCORE_REPO ]; then
+		echo $'No Tox repo was specified'
+		exit 16865
+	fi
+
+	chroot "$rootdir" apt-get -y install build-essential libtool autotools-dev
+	chroot "$rootdir" apt-get -y install automake checkinstall check git yasm
+	chroot "$rootdir" apt-get -y install libsodium13 libsodium-dev libcap2-bin
+	chroot "$rootdir" apt-get -y install libconfig9 libconfig-dev
+
+	chroot "$rootdir" git clone $TOXCORE_REPO $INSTALL_DIR/toxcore
+	chroot "$rootdir" cd $INSTALL_DIR/toxcore; git checkout $TOXCORE_COMMIT -b $TOXCORE_COMMIT
+
+	chroot "$rootdir" cd $INSTALL_DIR/toxcore; autoreconf -i
+	chroot "$rootdir" cd $INSTALL_DIR/toxcore; ./configure --enable-daemon --disable-av
+	if [ ! "$?" = "0" ]; then
+		return
+	fi
+	chroot "$rootdir" cd $INSTALL_DIR/toxcore; make
+	if [ ! "$?" = "0" ]; then
+		return
+	fi
+	chroot "$rootdir" cd $INSTALL_DIR/toxcore; make install
+	chroot "$rootdir" cp /usr/local/lib/libtoxcore* /usr/lib/
+
+	if [ ! -f $rootdir/usr/local/bin/tox-bootstrapd ]; then
+		echo $"File not found /usr/local/bin/tox-bootstrapd"
+		return
+	fi
+
+	chroot "$rootdir" useradd --home-dir /var/lib/tox-bootstrapd --create-home --system --shell /sbin/nologin --comment $"Account to run Tox's DHT bootstrap daemon" --user-group tox-bootstrapd
+	chroot "$rootdir" chmod 700 /var/lib/tox-bootstrapd
+	if [ ! -f $rootdir/$INSTALL_DIR/toxcore/other/bootstrap_daemon/tox-bootstrapd.conf ]; then
+		echo $"File not found $INSTALL_DIR/toxcore/other/bootstrap_daemon/tox-bootstrapd.conf"
+	fi
+	# remove Maildir
+	if [ -d $rootdir/var/lib/tox-bootstrapd/Maildir ]; then
+		rm -rf $rootdir/var/lib/tox-bootstrapd/Maildir
+	fi
+
+	# create configuration file
+	TOX_BOOTSTRAP_CONFIG=${rootdir}/etc/tox-bootstrapd.conf
+	echo "port = $TOX_PORT" > $TOX_BOOTSTRAP_CONFIG
+	echo 'keys_file_path = "/var/lib/tox-bootstrapd/keys"' >> $TOX_BOOTSTRAP_CONFIG
+	echo 'pid_file_path = "/var/run/tox-bootstrapd/tox-bootstrapd.pid"' >> $TOX_BOOTSTRAP_CONFIG
+	echo 'enable_ipv6 = true' >> $TOX_BOOTSTRAP_CONFIG
+	echo 'enable_ipv4_fallback = true' >> $TOX_BOOTSTRAP_CONFIG
+	echo 'enable_lan_discovery = true' >> $TOX_BOOTSTRAP_CONFIG
+	echo 'enable_tcp_relay = true' >> $TOX_BOOTSTRAP_CONFIG
+	echo "tcp_relay_ports = [443, 3389, $TOX_PORT]" >> $TOX_BOOTSTRAP_CONFIG
+	echo 'enable_motd = true' >> $TOX_BOOTSTRAP_CONFIG
+	echo 'motd = "tox-bootstrapd"' >> $TOX_BOOTSTRAP_CONFIG
+
+	if [ $TOX_NODES ]; then
+		echo 'bootstrap_nodes = (' >> $TOX_BOOTSTRAP_CONFIG
+		toxcount=0
+		while [ "x${TOX_NODES[toxcount]}" != "x" ]
+		do
+			toxval_ipv4=$(echo $TOX_NODES[toxcount] | awk -F ',' '{print $1}')
+			toxval_ipv6=$(echo $TOX_NODES[toxcount] | awk -F ',' '{print $2}')
+			toxval_port=$(echo $TOX_NODES[toxcount] | awk -F ',' '{print $3}')
+			toxval_pubkey=$(echo $TOX_NODES[toxcount] | awk -F ',' '{print $4}')
+			toxval_maintainer=$(echo $TOX_NODES[toxcount] | awk -F ',' '{print $5}')
+			echo "{ // $toxval_maintainer" >> $TOX_BOOTSTRAP_CONFIG
+			if [[ $toxval_ipv6 != 'NONE' ]]; then
+				echo "  address = \"$toxval_ipv6\"" >> $TOX_BOOTSTRAP_CONFIG
+			else
+				echo "  address = \"$toxval_ipv4\"" >> $TOX_BOOTSTRAP_CONFIG
+			fi
+			echo "  port = $toxval_port" >> $TOX_BOOTSTRAP_CONFIG
+			echo "  public_key = \"$toxval_pubkey\"" >> $TOX_BOOTSTRAP_CONFIG
+			toxcount=$(( $toxcount + 1 ))
+			if [ "x${TOX_NODES[toxcount]}" != "x" ]; then
+				echo "}," >> $TOX_BOOTSTRAP_CONFIG
+			else
+				echo "}" >> $TOX_BOOTSTRAP_CONFIG
+			fi
+		done
+		echo ')' >> $TOX_BOOTSTRAP_CONFIG
+	fi
+
+	if [ ! -f $rootdir/$INSTALL_DIR/toxcore/other/bootstrap_daemon/tox-bootstrapd.service ]; then
+		echo $"File not found $INSTALL_DIR/toxcore/other/bootstrap_daemon/tox-bootstrapd.service"
+		return
+	fi
+	cp $rootdir/$INSTALL_DIR/toxcore/other/bootstrap_daemon/tox-bootstrapd.service $rootdir/etc/systemd/system/
+	sed -i 's|ExecStart=.*|ExecStart=/usr/local/bin/tox-bootstrapd --config /etc/tox-bootstrapd.conf|g' $rootdir/etc/systemd/system/tox-bootstrapd.service
+
+	chroot "$rootdir" systemctl daemon-reload
+	chroot "$rootdir" systemctl enable tox-bootstrapd.service
+}
+
+function mesh_tox_client {
+	if [ -f /usr/local/bin/${PROJECT_NAME} ]; then
+		TOXIC_FILE=$(cat /usr/local/bin/${PROJECT_NAME} | grep "TOXIC_FILE=" | head -n 1 | awk -F '=' '{print $2}')
+	else
+		TOXIC_FILE=$(cat /usr/bin/${PROJECT_NAME} | grep "TOXIC_FILE=" | head -n 1 | awk -F '=' '{print $2}')
+	fi
+
+	# obtain commits from the main file
+	if [ -f /usr/local/bin/${PROJECT_NAME} ]; then
+		TOXIC_COMMIT_MAIN=$(cat /usr/local/bin/${PROJECT_NAME} | grep "TOXIC_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
+	else
+		TOXIC_COMMIT_MAIN=$(cat /usr/bin/${PROJECT_NAME} | grep "TOXIC_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
+	fi
+	if [ ${#TOXIC_COMMIT_MAIN} -gt 10 ]; then
+		TOXIC_COMMIT=$TOXIC_COMMIT_MAIN
+	fi
+
+	if [ -f /usr/local/bin/${PROJECT_NAME} ]; then
+		TOXIC_REPO_MAIN=$(cat /usr/local/bin/${PROJECT_NAME} | grep "TOXIC_REPO=" | head -n 1 | awk -F '"' '{print $2}')
+	else
+		TOXIC_REPO_MAIN=$(cat /usr/bin/${PROJECT_NAME} | grep "TOXIC_REPO=" | head -n 1 | awk -F '"' '{print $2}')
+	fi
+	if [ ${#TOXIC_REPO_MAIN} -gt 5 ]; then
+		TOXIC_REPO=$TOXIC_REPO_MAIN
+	fi
+
+	chroot "$rootdir" apt-get -y install libncursesw5-dev libconfig-dev libqrencode-dev
+	chroot "$rootdir" apt-get -y install libcurl4-openssl-dev libvpx-dev libopenal-dev
+
+	if [ ! -f $rootdir$INSTALL_DIR ]; then
+		mkdir -p $rootdir$INSTALL_DIR
+	fi
+	chroot "$rootdir" git clone $TOXIC_REPO $INSTALL_DIR/toxic
+	chroot "$rootdir" cd $INSTALL_DIR/toxic; git checkout $TOXIC_COMMIT -b $TOXIC_COMMIT
+	if ! grep -q "Toxic commit" $rootdir$COMPLETION_FILE; then
+		echo "Toxic commit:$TOXIC_COMMIT" >> $rootdir$COMPLETION_FILE
+	else
+		sed -i "s|Toxic commit.*|Toxic commit:$TOXIC_COMMIT|g" $rootdir$COMPLETION_FILE
+	fi
+
+	chroot "$rootdir" cd $INSTALL_DIR/toxic; make
+	if [ ! -f $INSTALL_DIR/toxic/build/toxic ]; then
+		exit 74872
+	fi
+	chroot "$rootdir" cd $INSTALL_DIR/toxic; make install
+	if [ ! -f $TOXIC_FILE ]; then
+		echo $'Tox client was not installed'
+		exit 63278
+	fi
+}
+
+function mesh_zeronet {
+	# obtain commits from the main file
+	if [ -f /usr/local/bin/${PROJECT_NAME} ]; then
+		ZERONET_COMMIT_MAIN=$(cat /usr/local/bin/${PROJECT_NAME} | grep "ZERONET_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
+	else
+		ZERONET_COMMIT_MAIN=$(cat /usr/bin/${PROJECT_NAME} | grep "ZERONET_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
+	fi
+	if [ ${#ZERONET_COMMIT_MAIN} -gt 10 ]; then
+		ZERONET_COMMIT=$ZERONET_COMMIT_MAIN
+	fi
+	if [ ! $ZERONET_COMMIT ]; then
+		echo $'No Tox commit was specified'
+		exit 37046
+	fi
+
+	if [ -f /usr/local/bin/${PROJECT_NAME} ]; then
+		ZERONET_REPO_MAIN=$(cat /usr/local/bin/${PROJECT_NAME} | grep "ZERONET_REPO=" | head -n 1 | awk -F '"' '{print $2}')
+	else
+		ZERONET_REPO_MAIN=$(cat /usr/bin/${PROJECT_NAME} | grep "ZERONET_REPO=" | head -n 1 | awk -F '"' '{print $2}')
+	fi
+	if [ ${#ZERONET_REPO_MAIN} -gt 5 ]; then
+		ZERONET_REPO=$ZERONET_REPO_MAIN
+	fi
+	if [ ! $ZERONET_REPO ]; then
+		echo $'No Tox commit was specified'
+		exit 37046
+	fi
+
+	if [ -f /usr/local/bin/${PROJECT_NAME} ]; then
+		ZERONET_PORT_MAIN=$(cat /usr/local/bin/${PROJECT_NAME} | grep "ZERONET_PORT=" | head -n 1 | awk -F '=' '{print $2}')
+	else
+		ZERONET_PORT_MAIN=$(cat /usr/bin/${PROJECT_NAME} | grep "ZERONET_PORT=" | head -n 1 | awk -F '=' '{print $2}')
+	fi
+	if [ ${#ZERONET_PORT_MAIN} -gt 1 ]; then
+		ZERONET_PORT=$ZERONET_PORT_MAIN
+	fi
+	if [ ! $ZERONET_PORT ]; then
+		echo $'No zeronet port was specified'
+		exit 67433
+	fi
+
+	chroot "$rootdir" apt-get -y install python python-msgpack python-gevent
+	chroot "$rootdir" apt-get -y install python-pip bittornado
+	chroot "$rootdir" pip install msgpack-python --upgrade
+
+	chroot "$rootdir" useradd -d /opt/zeronet/ -s /bin/false zeronet
+	git clone $ZERONET_REPO $rootdir/opt/zeronet
+	if [ ! -d $rootdir/opt/zeronet ]; then
+		echo 'WARNING: Unable to clone zeronet'
+		return
+	fi
+	cd $rootdir/opt/zeronet
+	git checkout $ZERONET_COMMIT -b $ZERONET_COMMIT
+	if ! grep -q "ZeroNet commit" $COMPLETION_FILE; then
+		echo "ZeroNet commit:$ZERONET_COMMIT" >> $rootdir$COMPLETION_FILE
+	else
+		sed -i "s/ZeroNet commit.*/ZeroNet commit:$ZERONET_COMMIT/g" $COMPLETION_FILE
+	fi
+	chown -R zeronet:zeronet $rootdir/opt/zeronet
+
+	# Hack to ensure that the file access port is opened
+	# This is because zeronet normally relies on an internet site
+	# to do this, but on a purely local mesh the internet isn't available
+	sed -i 's|fileserver_port = 0|fileserver_port = config.fileserver_port\n            sys.modules["main"].file_server.port_opened = True|g' $rootdir/opt/zeronet/src/Site/Site.py
+
+	ZERPNET_DAEMON=$rootdir/etc/systemd/system/zeronet.service
+	echo '[Unit]' > $ZERONET_DAEMON
+	echo 'Description=Zeronet Server' >> $ZERONET_DAEMON
+	echo 'After=syslog.target' >> $ZERONET_DAEMON
+	echo 'After=network.target' >> $ZERONET_DAEMON
+	echo '[Service]' >> $ZERONET_DAEMON
+	echo 'Type=simple' >> $ZERONET_DAEMON
+	echo 'User=zeronet' >> $ZERONET_DAEMON
+	echo 'Group=zeronet' >> $ZERONET_DAEMON
+	echo 'WorkingDirectory=/opt/zeronet' >> $ZERONET_DAEMON
+	echo 'ExecStart=/usr/bin/python zeronet.py --ip_external replace.local --trackers_file /opt/zeronet/bootstrap' >> $ZERONET_DAEMON
+	echo '' >> $ZERONET_DAEMON
+	echo 'TimeoutSec=300' >> $ZERONET_DAEMON
+	echo '' >> $ZERONET_DAEMON
+	echo '[Install]' >> $ZERONET_DAEMON
+	echo 'WantedBy=multi-user.target' >> $ZERONET_DAEMON
+
+	TRACKER_DAEMON=$rootdir/etc/systemd/system/tracker.service
+	echo '[Unit]' > $TRACKER_DAEMON
+	echo 'Description=Torrent Tracker' >> $TRACKER_DAEMON
+	echo 'After=syslog.target' >> $TRACKER_DAEMON
+	echo 'After=network.target' >> $TRACKER_DAEMON
+	echo '[Service]' >> $TRACKER_DAEMON
+	echo 'Type=simple' >> $TRACKER_DAEMON
+	echo 'User=tracker' >> $TRACKER_DAEMON
+	echo 'Group=tracker' >> $TRACKER_DAEMON
+	echo 'WorkingDirectory=/opt/tracker' >> $TRACKER_DAEMON
+	echo "ExecStart=/usr/bin/bttrack --port $TRACKER_PORT --dfile /opt/tracker/dstate --logfile /opt/tracker/tracker.log --nat_check 0 --scrape_allowed full --ipv6_enabled 0" >> $TRACKER_DAEMON
+	echo '' >> $TRACKER_DAEMON
+	echo 'TimeoutSec=300' >> $TRACKER_DAEMON
+	echo '' >> $TRACKER_DAEMON
+	echo '[Install]' >> $TRACKER_DAEMON
+	echo 'WantedBy=multi-user.target' >> $TRACKER_DAEMON
+
+	chroot "$rootdir" useradd -d /opt/tracker/ -s /bin/false tracker
+	if [ ! -d $rootdir/opt/tracker ]; then
+		mkdir $rootdir/opt/tracker
+	fi
+	chown -R tracker:tracker $rootdir/opt/tracker
+
+	# publish regularly
+	echo "* *     * * *   root    zeronetavahi > /dev/null" >> $rootdir/etc/crontab
+
+	chroot "$rootdir" systemctl enable tracker.service
+	chroot "$rootdir" systemctl enable zeronet.service
+}
 
 initialise_mesh() {
 	if [[ $VARIANT != "mesh" || $DEBIAN_INSTALL_ONLY != "no" ]]; then
 		return
 	fi
-	chroot "$rootdir" freedombone-mesh-install -f firewall
-	chroot "$rootdir" freedombone-mesh-install -f avahi
-	chroot "$rootdir" freedombone-mesh-install -f batman
-	chroot "$rootdir" freedombone-mesh-install -f tox_node
-	chroot "$rootdir" freedombone-mesh-install -f tox_client
-	chroot "$rootdir" freedombone-mesh-install -f zeronet
+	mesh_firewall
+	mesh_avahi
+	mesh_batman
+	mesh_tox_node
+	mesh_tox_client
+	mesh_zeronet
 
 	MESH_SERVICE='mesh-setup.service'
 	MESH_SETUP_DAEMON=$rootdir/etc/systemd/system/$MESH_SERVICE
@@ -427,25 +921,8 @@ initialise_mesh() {
 	chroot "$rootdir" systemctl enable $MESH_SERVICE
 }
 
-configure_wifi() {
-	if [[ $VARIANT == "mesh" ]]; then
-		return
-	fi
+##############################################################################
 
-	if [ -f $WIFI_NETWORKS_FILE ]; then
-		chroot "$rootdir" ${PROJECT_NAME}-wifi -i $WIFI_INTERFACE --networks $WIFI_NETWORKS_FILE
-		return
-	fi
-
-	if [[ $WIFI_TYPE != 'none' ]]; then
-		if [ ${#WIFI_PASSPHRASE} -lt 2 ]; then
-			return
-		fi
-		chroot "$rootdir" ${PROJECT_NAME}-wifi -i $WIFI_INTERFACE -s $WIFI_SSID -t $WIFI_TYPE -p $WIFI_PASSPHRASE --hotspot $WIFI_HOTSPOT
-	else
-		chroot "$rootdir" ${PROJECT_NAME}-wifi -i $WIFI_INTERFACE -s $WIFI_SSID -t $WIFI_TYPE --hotspot $WIFI_HOTSPOT
-	fi
-}
 
 # Set to true/false to control if eatmydata is used during build
 use_eatmydata=true