dan/openwrt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4c0982f854c994b2cf663f48204eb4f075ac2b0f
openwrt/README.md
Dan Head 4c0982f854 chore: initial repo setup with baseline config backup 
- Pull current config from router (OpenWRT 24.10.2)
- Add backup, safe-apply, and push-all scripts
- Add CLAUDE.md with workflow rules and context
- Add network-map.md with current topology and planned VLANs

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-02 23:14:06 +01:00

2.7 KiB
Raw Blame History

OpenWRT Router Config

Version-controlled configuration for a home network running OpenWRT, managed from this repo rather than the router directly.

Hardware

Device Role IP SSH
TP-Link Archer AX23 v1 (OpenWRT 24.10.2) Primary router 10.0.0.1 ssh openwrt
GL-XE300 Puli (GL.iNet 4.3.27) 4G WAN failover 10.0.100.1 ssh openwrtwan

WAN: full fibre, 1 Gbps down / 100 Mbps up. Failover via 4G LTE handled by mwan3.

Repository Layout

config/      UCI config files pulled from /etc/config/ on the router
scripts/     Backup, push, and safe-apply helpers
docs/        Network map, VLAN plan, change log
files/       Supporting config files (e.g. avahi-daemon.conf)

Workflow

Never edit the router directly for anything non-trivial. The pattern is:

  1. Run scripts/backup.sh at the start of any work session
  2. Edit files in config/
  3. Push with scripts/safe-apply.sh - this sets an auto-revert window so a bad config can't permanently lock you out
  4. Confirm the change at the prompt to cancel the revert
  5. Commit - the git log is the change history
# Pull current config from the router and optionally commit
./scripts/backup.sh

# Edit a config file, then push it with a 5-minute revert window
./scripts/safe-apply.sh network 5

# Push all configs (low-risk bulk changes only)
./scripts/push-all.sh

Config Files

File Controls
network Interfaces, VLANs, WAN, bridges
wireless SSIDs, radios, encryption
firewall Zones, rules, forwarding, NAT
dhcp DHCP pools, static leases, DNS
system Hostname, timezone, logging
dropbear SSH daemon

Network

See docs/network-map.md for the full topology, IP allocations, port forwards and planned VLAN layout.

Planned VLANs (not yet implemented)

VLAN Name Subnet SSID
1 trusted 10.0.1.0/24 Moonshield
10 servers 10.0.10.0/24 wired only
20 iot 10.0.20.0/24 Cloud Connected
30 media 10.0.30.0/24 Pinball Map
40 guest 10.0.40.0/24 Passenger

Full device inventory, static DHCP leases and cross-VLAN firewall rules are in docs/vlan-requirements.md. The implementation plan is in docs/implementation-plan.md.

Reference in New Issue View Git Blame Copy Permalink