Push Tracker
ria-ran--sim-drop/android/README.md
A ashkan@beigi.net 8672b0de6b Add Phase-1 eSIM provisioning implementation
Full working closed-loop eSIM provisioning stack (spec in claude.md / plan/):
Flask API, SQLite subscriber store, credential/profile generator, Open5GS
and free5gc core adapters, captive portal, operational scripts, systemd
units, network configs, and a 44-test suite.

Profile generation currently returns a mock JSON profile; real SGP.22
generation via pySim is the planned Phase-2 upgrade.

Fixes two bugs found while getting the suite green:
- generate_imsi hardcoded a 10-digit MSIN, producing 16-digit IMSIs for a
  3-digit MNC; MSIN length is now 15 - len(mcc) - len(mnc).
- check_rate_limit compared timestamps as strings across mismatched formats
  (SQLite CURRENT_TIMESTAMP vs Python isoformat); both sides now normalized
  via SQLite datetime() so the window check is chronologically correct.

Add .gitignore for venv, caches, runtime config.yaml, and databases.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-07-01 05:56:31 +00:00

68 lines
2.1 KiB
Markdown

# Android / Termux Deployment
Run the eSIM provisioning server on an Android device using [Termux](https://termux.dev) (no root required for basic operation).
## Prerequisites
- Android 9 or later
- **Termux** installed from [F-Droid](https://f-droid.org/packages/com.termux/) (not the Play Store version — it is outdated)
- Optional: **Termux:Boot** (F-Droid) for automatic start on reboot
- 5G-capable device with a pre-provisioned SIM for gNB backhaul
## Install
```bash
# In Termux, from the repo root:
bash android/termux_setup.sh
```
The script will:
1. Update Termux packages
2. Install Python, nginx, and required libraries
3. Deploy the server files to `~/esim-provisioning/`
4. Write a localised `config.yaml`
5. Configure nginx on port 8080
6. Initialise the SQLite database
## Start the Server
```bash
~/esim-provisioning/start.sh
```
## WiFi Hotspot
1. Go to **Settings → Network → Hotspot & Tethering → WiFi Hotspot**
2. Set a name (e.g. `Emergency-5G`) and **remove the password** (open network)
3. Enable the hotspot
Clients connect to the hotspot, then navigate to:
```
http://192.168.43.1:8080/activate
```
> Most Android devices use `192.168.43.1` as the hotspot gateway. Samsung and Pixel devices may differ — check with `ip route` in Termux and update `config.yaml` accordingly.
## Captive Portal Limitation
Without root, full DNS hijacking is not possible. Clients will **not** be automatically redirected — they must open the URL manually or scan a QR code posted at the deployment site.
With root + Termux, install `dnsmasq` via `pkg install dnsmasq` and add:
```
address=/#/192.168.43.1
```
to `/data/data/com.termux/files/usr/etc/dnsmasq.conf`, then run `dnsmasq`.
## Configuration
Edit `~/esim-provisioning/config.yaml` to set your MCC, MNC, and OP key, then restart:
```bash
pkill -f server.app
CONFIG_PATH=~/esim-provisioning/config.yaml python -m server.app &
```
## Auto-Start on Reboot (Termux:Boot)
Install **Termux:Boot** from F-Droid. The setup script copies `start.sh` to
`~/.termux/boot/` automatically. Open Termux:Boot once to enable it.