GitLab

That one is going to be postponed as there are some issues with that and
we will need to take a look

This should include now all revisions of Astrometa DVB receiver
available in OpenWrt repository.

On feeds clone the script feeds generates indexes. It is doing that
right after it is cloned. That resulted in errors being reported for
some of our packages depending on packages feed. The most of those
packages were Python packages that were unable to be resolved thanks to
including file from packages feed that at that time was missing. This
just postpones index creation after all requested feeds are
updated/pulled.

Python3, BIND (not as DNS Resolver) are necessary as this software is preinstalled on our
routers.

We are testing in Gitlab CI if patches apply and also that package
list can be generated and then we checked them. We should try to
generate and check for medkit as well.

Because someone on IRC (#turris on Freenode) complained that he could not
generate medkit.

It helped me to reproduce his issue with Gitlab CI and he didn't have installed pkg-config (dependency for Updater-ng, which is used to generate medkits), because it was working for me locally and also it works on our CI, but it does not provide any logs to public.
This can help users to know if medkits can be generated.

In some cases patches does not apply for some devices, let's try to
test Turris MOX as well.

There was an added test for package lists, but it runs twice.
If you check in the previous changes then there are two jobs, which
do practically the same. In generate pkglists there are generated
lists with debug parameter, but we don't work with that anymore, which
is wrong. And because of that, we had another job check generated
pkglists, where we are generating lists once again and then we are
checking if those have been generated.

Solution: Don't waste hardware resources and run it just once. When package lists
are generated then the artifact is uploaded and uses in the next job in
the next stage

This reverts commit 0c0b95f3.

The feature, which was introduced, was added to Git in version 2.28.
Thus unfortunately, it is not present in Git version like 2.20.1, which
is used in distributions like Debian Strech. It throws the following
error message: error: unknown option `initial-branch=master'.

New versions of git complain that the initial branch name is not
specified. It suggests specification in config but in our case the
better option is to not rely on user and just suppress this warning by
explicitly specifying master.

This is a pull and modification of changes introduced to
turris-os-packages 848af2d4e4cd4c8591fbe8b525d303570e079a46.

It introduces primarily project specific config that includes new
scripts and hooks. To enable it in local repository it is just:
  git config --local include.path ../.gitconfig

The hook checks if commit being pushed to Gitlab server is correct.
There are multiple checks:
* Check naming convention
* Check base (hbk vs hbl vs hbd)
* Protects against forgotten hbl and hbd pushes when pushing hbk or hbl

In terms of aliases this adds:
git new-mr:
  This opens web browser with new merge request on https://gitlab.nic.cz
  for current branch.
git new-branch:
  This creates new branch interactively and should help users with
  naming convention.

We dont think that it is necessary anymore as we have a workaround for
such case. More details in commit 7ca8dc88
("Revert "Revert "patches/openwrt: reload network on wpad update""")

We experienced this issue with recent update in OpenWrt 19.07 main
repository, when hostapd was updated due to vulnerability in P2P group
information and after update Wi-Fi was not working anymore and it was
required to do reboot of the router, but /etc/init.d/network restart
does its job as well.

This reverts commit e46d84a6.

Throw away PKG_RELEASE bump. We need to have same version in HBS for
now, which is there PKG_RELEASE=5

Throw away PKG_RELEASE downgrade as we are patching hostapd anyway in
another patch, so we dont need it.

We want to push Turris OS 5.1.9 as soon as possible and this commit is
issue for us as after updating all packages then Wi-Fi networks are down
and they came back only while doing reboot.

We will take a look at it further, this is quick&dirty solution.

The reforis plugin is installed automatically with sentinel-proxy. It is
even not wanted to install it as it should not be there when only HaaS
is selected.

In default we do not configure updater branch thus using default of
updater-ng's package. That works for HBS and thus is needed to be same
for HBT and HBK. In case of other branches this is not exactly true and
we can simply use default branch as default update branch.

Turris has rescue image that provides same and even better
functionality that can't be exploited from network at the same time.

The failsafe disable is even suggested in option as it clearly
recognizes that ability to break boot from network is a security risk.

Backport of upstreamed solution https://github.com/openwrt/packages/pull/14202

This is new-old service that feeds entropy from atsha.

We no longer need to have OpenWISP feed as OpenWISP was updated to the
latest version in these commits in branches: openwrt-19.07 [1] and master [2].

As it was updated, there are no differences and thus openwisp folder
(feed) on our repository is empty.

And if there are any differences, it should be added to OpenWrt's packages repository.

[1] https://github.com/openwrt/packages/blob/openwrt-19.07/admin/openwisp-config/Makefile
[2] https://github.com/openwrt/packages/commit/9f7b8088c374a5c8533c61baf56ae57343f6fb67

This uses base-min as base for medkit-min. This makes it more
transparent and makes as minimal medkit as possible.
The resulting medkit now contains no web interface and set of tools is
also tailored to be minimal as possible.