After feedback and some thought, I've come up with a revised plan. Mostly chosen some tools, namely purecss for front-end (I would like to mostly avoid angularJS because I don't want to require JavaScript), nginx+Lapis for Lua framework, etc.
I get the impression that we want something that offers the functionality of pfSense/dd-wrt, not just a UI for npf/blacklistd. New plan: Crude implementation (1-2 weeks): Implement a very basic router supporting DHCP client/server and PPPoE using a 'dumb' implementation, to experiment. Add a pile of features, refactor (1-2 months): Ordered by priority: - Add any feature supported by plain dd-wrt/pfSense. - NPF and blacklistd support - Refactor so each feature is its own extension, use Lua templates Optional things given remaining time: - Graphs that change in time. - Allow automatic updates of OS - UI for extensions - Add popular extensions (thinking of varnish, squid, clamav) - Translate (should be easy given templates) - Test a wide array of browsers to ensure everything looks good. Maybe: - If Lua templates removed most of our need for Lapis, take it out from all the other bits. - Switch to bozohttpd Feedback needed: Security: It seems like there's a big need for security. I've learned of one attack called cross-site request forgery. Seems like the way to tackle it is an awkward dance with embedding tokens in forms. I can already see that Sailor (other Lua framework)'s authentication scheme doesn't handle this... Are there other such concerns? Daemon: Should it run as an individual one for "base" even when I plan to have multiple packages? Having one per extension might get a bit silly when there's 30 of them, if every single feature is a daemon. Websockets: Not entirely convinced of the need of them here. What's the use case? I can only think of graphs and it's probably not worth the trouble.
