aboutsummaryrefslogtreecommitdiffstats
path: root/doc/daily-psk.md
diff options
context:
space:
mode:
authorGravatar Christian Hesse <mail@eworm.de>2020-03-27 21:44:36 +0100
committerGravatar Christian Hesse <mail@eworm.de>2020-03-27 22:12:49 +0100
commite949e527f632927f806d3c0340bc5319d681106a (patch)
tree375d0f898bde46312f2a77e723dd10eaec533ed6 /doc/daily-psk.md
parent79e7b3229fcfb91c9cca0f7118aafc8dd0c60f37 (diff)
add doc/daily-psk.md
Diffstat (limited to 'doc/daily-psk.md')
-rw-r--r--doc/daily-psk.md56
1 files changed, 56 insertions, 0 deletions
diff --git a/doc/daily-psk.md b/doc/daily-psk.md
new file mode 100644
index 0000000..e6d7aae
--- /dev/null
+++ b/doc/daily-psk.md
@@ -0,0 +1,56 @@
+Use wireless network with daily psk
+===================================
+
+[◀ Go back to main README](../README.md)
+
+Description
+-----------
+
+This script is supposed to provide a wifi network which changes the
+passphrase to a pseudo-random string daily.
+
+Requirements and installation
+-----------------------------
+
+Just install this script and [global-wait](global-wait.md).
+
+Depending on whether you use CAPsMAN (`/ caps-man`) or local wireless
+interface (`/ interface wireless`) you need to install a different script.
+
+For CAPsMAN:
+
+ $ScriptInstallUpdate daily-psk.capsman,global-wait;
+
+For local interface:
+
+ $ScriptInstallUpdate daily-psk.local,global-wait;
+
+And add schedulers to run the script:
+
+ / system scheduler add interval=1d name=daily-psk-nightly on-event="/ system script run daily-psk.local;" start-date=may/23/2018 start-time=03:00:00;
+ / system scheduler add name=daily-psk-startup on-event=":global WaitTimeSync; / system script { run global-wait; \$WaitTimeSync; run daily-psk.local; }" start-time=startup;
+
+These will update the passphrase on boot and nightly at 3:00.
+
+Configuration
+-------------
+
+The configuration goes to `global-config-overlay`, these are the parameters:
+
+* `DailyPskMatchComment`: pattern to match the wireless access list comment
+* `DailyPskSecrets`: an array with pseudo random strings
+
+Then add an access list entry:
+
+ / interface wireless access-list add comment="Daily PSK" interface=wl-daily private-pre-shared-key="ToBeChangedDaily";
+
+Also notification settings are required for e-mail and telegram.
+
+See also
+--------
+
+* [Wait for configuration und functions](global-wait.md)
+
+---
+[◀ Go back to main README](../README.md)
+[▲ Go back to top](#top)