iiab/vars/default_vars.yml

# DO NOT MODIFY THIS FILE!  CHANGES WILL BE LOST WHEN "git pull" IS RUN!
# PUT YOUR CUSTOMIZATIONS HERE: /etc/iiab/local_vars.yml
# READ "What is local_vars.yml and how do I customize it?" IN http://FAQ.IIAB.IO

# Internet-in-a-Box (IIAB) uses True/False to indicate boolean values.

# IIAB does NOT currently support uninstalling apps!  So: if any IIAB app is
# installed with 'APP_XYZ_install: True' below, do NOT later change that.

# WARNING: IF YOU CONNECT YOUR IIAB'S INTERNAL WIFI TO THE INTERNET OVER 5 GHz,
# YOU'LL PREVENT OLDER LAPTOPS/PHONES/TABLETS (WHICH REQUIRE 2.4 GHz) FROM
# CONNECTING TO YOUR IIAB'S INTERNAL HOTSPOT.  See "wifi_up_down: True" below.


# IIAB (PRE-)release version number, for {{ iiab_env_file }}
iiab_base_ver: 7.2
iiab_revision: 0

iiab_etc_path: /etc/iiab

# Main configuration file
iiab_local_vars_file: "{{ iiab_etc_path }}/local_vars.yml"

# Installation status files
iiab_env_file: "{{ iiab_etc_path }}/iiab.env"
iiab_ini_file: "{{ iiab_etc_path }}/iiab.ini"
iiab_state_file: "{{ iiab_etc_path }}/iiab_state.yml"

iiab_base: /opt/iiab
iiab_dir: "{{ iiab_base }}/iiab"
pip_packages_dir: "{{ iiab_base }}/pip-packages"
yum_packages_dir: "{{ iiab_base }}/yum-packages"
downloads_dir: "{{ iiab_base }}/downloads"
iiab_download_url: http://download.iiab.io/packages

content_base: "/library"
doc_base: "{{ content_base }}/www"
doc_root: "{{ doc_base }}/html"

# Python 3 dist path
py3_dist_path: /usr/lib/python3/dist-packages

# Ansible's default timeout for "get_url:" downloads (10 seconds) often fails
download_timeout: 200

# Languages (for Apache)
default_language: en
language_priority: en es fr

# Real-time clock: set RTC chip family here.  Future auto-detection plausible?
# rtc_id: ds3231

# Set iiab_admin_user_install: False if you don't want iiab_admin_user & wheel
# group auto-created in roles/iiab-admin/tasks/main.yml (hence disabling sudo-
# checks/warnings of published passwds like pi/raspberry & iiab-admin/g0adm1n).
iiab_admin_user_install: True
# If iiab_admin_user_install: False, set iiab_admin_user (below) to an existing
# Linux user that has sudo access, for login to Admin Console http://box/admin
iiab_admin_user: iiab-admin
iiab_admin_published_pwd: g0adm1n    # For live checks/alerts of published pwds
# Password hash to override above, if Ansible creates above user:
iiab_admin_pwd_hash: $6$xsce51$D.IrrEeLBYIuJkGDmi27pZUGOwPFp98qpl3hxMwWV4hXigFGmdSvy3s/j7tn6OnyTTLmlV7SsN0lCUAFzxSop.
# Obtain a password hash - NEW MORE SECURE WAY:
#    python3 -c 'import crypt; print(crypt.crypt("<plaintext>", crypt.mksalt(crypt.METHOD_SHA512)))'
# Obtain a password hash - OLD WAY:
#    python -c 'import crypt; print crypt.crypt("<plaintext>", "$6$<salt>")'

# Time Zone (php needs timezone to be set)
local_tz: "{{ ansible_date_time.tz }}"

# IIAB Admin Console is sometimes not needed, e.g. on Raspberry Pi Zero W
admin_console_install: True
admin_console_enabled: True
#
# Set to "False" if you want to revert to the older Dynamic Menuing system
# (prior to IIAB 6.7, this had used https://github.com/iiab/iiab-menu)
js_menu_install: True


# IIAB Networking README: https://github.com/iiab/iiab/tree/master/roles/network
# IIAB Networking Doc: https://github.com/iiab/iiab/wiki/IIAB-Networking
# Read it offline too: http://box/info > "IIAB Networking"

# NETWORK PARAMETERS FOLLOW ACROSS THE NEXT 100 LINES, as enabled by Ansible's
# NETWORK role (/opt/iiab/iiab/roles/network).  SEE ALSO:
# https://github.com/iiab/iiab/blob/master/roles/network/defaults/main.yml

# The following variable may be useful in debugging:
disregard_network: False    # Use cache, or error out if cache does not exist.

iiab_hostname: box
iiab_domain: lan
lan_ip: 172.18.96.1
lan_netmask: 255.255.224.0

# Homepage: set to /home or /wordpress or /wiki (for MediaWiki)
iiab_home_url: /home
# You might also want to set captiveportal_splash_page (below!)

# Internal Wi-Fi Access Point
# Values are used if there is an internal Wi-Fi adapter and hostapd is enabled.
#
# WARNING: IF YOU CONNECT YOUR IIAB'S INTERNAL WIFI TO THE INTERNET OVER 5 GHz,
# YOU'LL PREVENT OLDER LAPTOPS/PHONES/TABLETS (WHICH REQUIRE 2.4 GHz) FROM
# CONNECTING TO YOUR IIAB'S INTERNAL HOTSPOT.  See "wifi_up_down: True" below.
#
# Raspberry Pi OS requires WiFi country -- SET THIS IN /etc/iiab/local_vars.yml
host_country_code: US
host_ssid: "Internet in a Box"
host_wifi_mode: g
host_channel: 6
hostapd_secure: False
hostapd_password: changeme
hostapd_install: True    # 2020-01-21: this var MIGHT be implemented in future.
hostapd_enabled: True
wifi_hotspot_capacity_rpi_fix: True    # Restores the ability of RPi internal
# WiFi hotspots to service 30-to-32 client devices.  Background explanation:
# https://github.com/iiab/iiab/issues/823#issuecomment-662285202 and PR #2472.
wifi_up_down: True    # Creates a 2nd virtual WiFi adapter for upstream WiFi
# (e.g. to Internet) in addition to downstream WiFi (e.g. classroom hotspot).
# You can set iiab_gateway_enabled below, to enable "passthrough" to Internet.

# Gateway mode
iiab_lan_enabled: True
iiab_wan_enabled: True
# Ties in what the user populated in the GUI for static WAN IP address info:
gui_wan: True
adm_cons_force_ssl: False
adm_cons_allow_downloads: False

# Enable "campus access" to ~10 common IIAB services like Kiwix (3000), KA Lite
# (8008) and Calibre (8010 or 8080) etc, on the WAN side of your IIAB server.
# Only 1 of the 6 lines below should be uncommented:
#
#ports_externally_visible: 0    # none
#ports_externally_visible: 1    # ssh only
#ports_externally_visible: 2    # ssh + http-or-https (for Admin Console's box.lan/admin too)
ports_externally_visible: 3     # ssh + http-or-https + common IIAB services
#ports_externally_visible: 4    # ssh + http-or-https + common IIAB services + Samba
#ports_externally_visible: 5    # all but databases
#
# Or further customize your iptables firewall by editing:
# /opt/iiab/iiab/roles/network/templates/gateway/iiab-gen-iptables
# And then run: cd /opt/iiab/iiab; ./iiab-network

# Set True if client machines should have "passthrough" access to WAN/Internet:
iiab_gateway_enabled: False
gw_squid_whitelist: False
gw_block_https: False

dhcpd_install: False
dhcpd_enabled: False

# named (BIND)
named_install: False
named_enabled: False
block_DNS: False

# dnsmasq - handles DHCP and DNS
dnsmasq_install: True
dnsmasq_enabled: True

# Enable in local_vars.yml AFTER installing IIAB!  Then run "cd /opt/iiab/iiab; ./iiab-network"
dns_jail_enabled: False

# Python-based Captive Portal, that @m-anish & @jvonau experimented with in
# July 2018 (https://github.com/iiab/iiab/pull/870) and that @georgejhunt
# extensively later refined (PRs #1179, #1300, #1327, #2070).
captiveportal_install: True
captiveportal_enabled: False
captiveportal_port: 9090
captiveportal_splash_page: /
# You might also want to set iiab_home_url (above!)
# In a pinch, disable Captive Portal using instructions in http://FAQ.IIAB.IO

# Bluetooth PAN access to IIAB server
bluetooth_install: True
bluetooth_enabled: False
bluetooth_term_enabled: False

# UNMAINTAINED as of October 2017: https://github.com/iiab/iiab/pull/382
wondershaper_install: False
wondershaper_enabled: False

# Intended for developers: ONLY CHANGE THESE IF YOU KNOW WHAT YOU ARE DOING
# The following 2 override the detection when not "auto"
user_wan_iface: auto
user_lan_iface: auto

# See "How do I set a static IP address?" for Ethernet, in http://FAQ.IIAB.IO
# Ethernet - IF NECESSARY, CUSTOMIZE THESE 4+1 VARS IN /etc/iiab/local_vars.yml
wan_ip: dhcp       # wan_ip: 192.168.1.99
wan_netmask:       # wan_netmask: 255.255.255.0
wan_gateway:       # wan_gateway: 192.168.1.254
# If nec wan_nameserver can override ISP-provided DNS servers via dnsmasq:
# /etc/resolv.conf dictates which backend is used for the machine itself, so
# 127.0.0.1 means you get dnsmasq (so it works right away on RaspiOS) while
# 127.0.0.53 gives you systemd-networkd (so Ubuntu itself does NOT use this
# dnsmasq-specified upstream DNS [e.g. wan_nameserver] but its LAN clients do!)
wan_nameserver:    # wan_nameserver: 192.168.1.254 or 8.8.8.8 or 1.1.1.1
wan_try_dhcp_before_static_ip: True   # Facilitate field updates w/ cablemodems
# Details @ roles/network/templates/network/dhcpcd.conf.j2 for /etc/dhcpcd.conf


# 1-PREP

# SSHD runs here & also below in 4-SERVER-OPTIONS
sshd_install: True    # Required by OpenVPN
sshd_enabled: True
sshd_port: 22    # Not fully functional.  SEE: roles/sshd/tasks/install.yml

# IIAB-ADMIN runs here - see its vars near top of this file:
# e.g. iiab_admin_user_install, iiab_admin_user, iiab_admin_pwd_hash

openvpn_install: True
openvpn_enabled: False
# For /etc/iiab/openvpn_handle
openvpn_handle:
# cron seems necessary on CentOS:
openvpn_cron_enabled: False
# General OpenVPN settings
openvpn_server: xscenet.net
openvpn_server_real_ip: 3.89.148.185
openvpn_server_virtual_ip: 10.8.0.1
openvpn_server_port: 1194

# Some prefer 512MB for Zero W, others prefer 2048MB or higher for RPi 3 and 4.
# Please see recommendations at: https://itsfoss.com/swap-size/
pi_swap_file_size: 1024


# 2-COMMON

# /usr/libexec/iiab-startup.sh is much like autoexec.bat & /etc/rc.local
# It's put in place by 2-common/tasks/iiab-startup.yml at the end of Stage 2.


# 3-BASE-SERVER

# 2020-09-24: MySQL / MariaDB is MANDATORY but still evolving - please see:
# https://github.com/iiab/iiab/blob/master/roles/mysql/tasks/install.yml
# https://github.com/iiab/iiab/blob/master/roles/3-base-server/tasks/main.yml
# THESE 2 LEGACY VARS ARE PRESERVED BUT HAVE NO EFFECT:
mysql_install: True
mysql_enabled: True

# 2020-09-24: NGINX is MANDATORY but still evolving - please see:
# https://github.com/iiab/iiab/blob/master/roles/nginx/README.md
# https://github.com/iiab/iiab/blob/master/roles/3-base-server/tasks/main.yml
# THESE 2 LEGACY VARS ARE PRESERVED BUT HAVE NO EFFECT:
nginx_install: True
nginx_enabled: True
nginx_port: 80
nginx_interface: 0.0.0.0
nginx_conf_dir: /etc/nginx/conf.d
nginx_log_dir: /var/log/nginx
#
# For schools that use WordPress/Nextcloud/Moodle/PBX intensively:
nginx_high_php_limits: False
# WARNING: Enabling this might cause excess use of RAM/disk or other resources!
# SO AFTER INSTALLING IIAB, VERIFY THAT THESE 5 SETTINGS...
# https://github.com/iiab/iiab/blob/master/roles/www_options/tasks/main.yml#L52-L66
# ...ARE SUITABLE FOR YOUR HARDWARE, for: /etc/php/<VERSION>/fpm/php.ini

# Make this False to disable http://box/common/services/power_off.php button:
apache_allow_sudo: True

# See also Apache vars {default_language, language_priority} @ top of this file
#
# 2020-09-24: BOTH VALUES BELOW ARE IGNORED as Apache is installed on demand as
# a dependency -- by CUPS, Elgg, Lokole, Moodle, Node-RED, PBX &/or phpMyAdmin
apache_install: False
apache_enabled: False
#
# NGINX proxies to Apache for legacy IIAB services, using:
apache_port: 8090
apache_interface: 127.0.0.1    # 2020-01-13: Var unused


# 4-SERVER-OPTIONS

# SSHD runs here & also above in 1-PREP

# DNS prep (dnsmasq, named &/or dhcpd) run here.  The full network stage runs
# after 9-LOCAL-ADDONS (or manually run "cd /opt/iiab/iiab; ./iiab-network")

squid_install: False
squid_enabled: False

# DansGuardian REQUIRES Squid (above) be installed & enabled.
# DansGuardian is NO LONGER AVAILABLE in Debian Buster i.e. since June 2019.
dansguardian_install: False
dansguardian_enabled: False

# Common UNIX Printing System (CUPS)
cups_install: False
cups_enabled: False
cups_port: 631

# Samba.  Do a security audit seriously before deploying this.
samba_install: False
samba_enabled: False
samba_udp_ports: "137:138"
samba_tcp_mports: "139,445"
shared_dir : "{{ content_base }}/public"    # /library/public

# USB_LIB
usb_lib_install: True
usb_lib_enabled: True
# Show entire contents of USB sticks/drives (at http://box/usb)
iiab_usb_lib_show_all: True

# Toggle iiab-refresh-wiki-docs scraping for offline docs (http://box/info)
nodocs: False


# 5-XO-SERVICES

# Lesser-supported XO services need additional testing.  Please contact
# http://lists.laptop.org/pipermail/server-devel/ if you're able to help test.

# UNMAINTAINED since about 2012-2017
xo_services_install: False    # 2020-01-23: UNUSED
xo_services_enabled: False    # 2020-01-23: Used in idmgr/tasks/main.yml & iiab-admin-console/roles/console/files/htmlf/20-configure.html

# UNMAINTAINED since about 2012-2017
activity_server_install: False    # 2020-01-23: Used in 5-xo-services/tasks/main.yml (originally defined in activity-server/defaults/main.yml)
activity_server_enabled: False    # 2020-01-23: Used in activity-server/tasks/main.yml (originally defined in activity-server/defaults/main.yml)

# UNMAINTAINED since about 2012-2017: consider 'ejabberd' in Stage 6-GENERIC-APPS below?
ejabberd_xs_install: False    # 2020-01-23: Used in 5-xo-services/tasks/main.yml & roles/ejabberd_xs/tasks/main.yml
ejabberd_xs_enabled: False    # 2020-01-23: Used in roles/ejabberd_xs/tasks/main.yml

# UNMAINTAINED since about 2012-2017: change calibre_port from 8080 to 8010 below, if you use idmgr
idmgr_install: False    # 2020-01-23: Used in 5-xo-services/tasks/main.yml
idmgr_enabled: False    # 2020-01-23: UNUSED


# 6-GENERIC-APPS

# UNMAINTAINED as of September 2020
azuracast_install: False
azuracast_enabled: False    # This var is currently IGNORED
azuracast_http_port: 10080
azuracast_https_port: 10443
#
# AzuraCast needs many ports in the 8000:8100 range by default, but IIAB
# services conflict with those ports so this variable below sets a sane prefix.
# e.g. setting the below variable to 10 will result in port ranges 10000-10100
# being reserved for AzuraCast:
azuracast_port_range_prefix: 10

# UNMAINTAINED as of January 2020: https://github.com/iiab/iiab/issues/2056
dokuwiki_install: False
dokuwiki_enabled: False
dokuwiki_url: /dokuwiki

# UNMAINTAINED as of November 2019
ejabberd_install: False
ejabberd_enabled: False

elgg_install: False
elgg_enabled: False
# elgg_mysql_password: $6$iiab51$jeTwnATcbaa92xo0QBTgjLBU.5aVDDrbKeNyyC99R/TAWz6pvfzj.L7lfnOVVjD78nxqT.gkNn6XZmuRV0W3o1
elgg_mysql_password: elgg4kids

# Gitea (lightweight self-hosted "GitHub") from https://gitea.io
gitea_install: False
gitea_enabled: False
gitea_url: /gitea
gitea_port: 61734

# Lokole (email for rural communities) from https://ascoderu.ca
lokole_install: False
lokole_enabled: False

mediawiki_install: False
mediawiki_enabled: False

# MQTT pub-sub broker for IoT on Raspberry Pi etc
mosquitto_install: False
mosquitto_enabled: False
mosquitto_port: 1883

# 2020-09-24: BOTH VALUES BELOW ARE IGNORED as Node.js is installed on demand
# as a dependency -- by Node-RED, Sugarizer &/or Internet Archive
nodejs_install: False
nodejs_enabled: False
# Node.js version used by roles/nodejs/tasks/main.yml for 3 roles:
# nodered (Node-RED), pbx (Asterix, FreePBX) & sugarizer (Sugarizer)
nodejs_version: 12.x    # was 8.x until 2019-02-02, was 10.x until 2019-12-21

# Flow-based visual programming for wiring together IoT hardware devices etc
nodered_install: False
nodered_enabled: False
nodered_port: 1880
nodered_web_path: nodered

# Store your docs, calendar, contacts & photos on your local server not cloud!
# If using Nextcloud intensively, set nginx_high_php_limits further above.
nextcloud_install: False
nextcloud_enabled: False
#
# 2020-02-15: UNUSED at this time.  Legacy remains from Apache:
# nextcloud_allow_public_ips: True
#
# Configuration tips for IPv4 access controls and tuning RAM/resources:
# https://github.com/iiab/iiab/blob/master/roles/nextcloud/README.md
#
# 2020-01-07: If installing IIAB often, download.nextcloud.com may throttle
# you to ~100 kbit/sec, delaying your IIAB install by an hour or more (#2112).
# Uncomment the following line to end that: (might install an older Nextcloud!)
# nextcloud_dl_url: http://d.iiab.io/packages/latest.tar.bz2

# A full-featured PBX (for rural telephony, etc) based on Asterisk and FreePBX.
# Works on Ubuntu 18.04, Debian 9 w/ Node.js 10.x.  Experimental on RPi 3.
pbx_install: False
pbx_enabled: False
asterisk_chan_dongle: False
pbx_signaling_ports_chan_sip: "5160:5161"
pbx_signaling_ports_chan_pjsip: "5060"
pbx_data_ports: "10000:20000"
pbx_http_port: 83

# If using WordPress intensively, set nginx_high_php_limits further above.
wordpress_install: False
wordpress_enabled: False


# 7-EDU-APPS

# KA Lite - SEE THE "Transmission" BITTORRENT DOWNLOADER FURTHER BELOW, TO INSTALL THOUSANDS OF VIDEOS
kalite_install: True
kalite_enabled: True
kalite_server_port: 8008
kalite_root: "{{ content_base }}/ka-lite"    # /library/ka-lite

kolibri_install: False
kolibri_enabled: False
kolibri_language: en    # ar,bn-bd,en,es-es,fa,fr-fr,hi-in,mr,nyn,pt-br,sw-tz,ta,te,ur-pk,yo,zu
kolibri_http_port: 8009

# kiwix_install: True is REQUIRED, if you install IIAB's Admin Console
kiwix_install: True
kiwix_enabled: True
kiwix_port: 3000
iiab_zim_path: "{{ content_base }}/zims"    # /library/zims
kiwix_incl_apk: False
kiwix_apk_url: /software/kiwix
kiwix_apk_src: https://download.kiwix.org/release/kiwix-android/kiwix.apk

# 2020-09-24: BOTH VALUES BELOW ARE IGNORED as PostgreSQL is installed on
# demand as a dependency -- by Moodle &/or Pathagar
postgresql_install: False
postgresql_enabled: False

moodle_install: False
moodle_enabled: False
# If using Moodle intensively, set nginx_high_php_limits further above.

# Regional OSM vector maps use far less disk space than bitmap/raster versions.
# Instructions: https://github.com/iiab/iiab/wiki/IIAB-Maps
osm_vector_maps_install: True
osm_vector_maps_enabled: False
iiab_map_url : http://download.iiab.io/content/OSM/vector-tiles/maplist/hidden
vector_map_path: "{{ content_base }}/www/osm-vector-maps"    # /library/www/osm-vector-maps

# MongoDB (/library/dbdata/mongodb) greatly enhances the Sugarizer experience.
# This role was formerly installed by roles/sugarizer/meta/main.yml
#
# 2020-09-24: BOTH VALUES BELOW ARE IGNORED as MongoDB is installed on demand
# as a dependency -- by Sugarizer
mongodb_install: False
# 'mongodb_enabled: False' MAY work when Sugarizer is disabled.  Required by
# mongodb/tasks/enable.yml to shut down the service and log status, but that is
# misleading as Sugarizer starts mongodb's systemd service on its own, due to
# 'Requires=mongodb.service' within /etc/systemd/system/sugarizer.service
mongodb_enabled: False
mongodb_port: 27018

# roles/sugarizer/meta/main.yml auto-invokes 2 above prereqs: mongodb & nodejs
# Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879
# Sugarizer 1.0.1+ strategies to solve? github.com/iiab/iiab/pull/957
# 2020-09-22: Both vars WERE IGNORED on Deb 10 (MongoDB) but no longer?  #1437
sugarizer_install: False
sugarizer_enabled: False
sugarizer_port: 8089


# 8-MGMT-TOOLS

# Transmission is a BitTorrent downloader for large Content Packs etc
transmission_install: False
transmission_enabled: False
transmission_username: Admin
transmission_password: changeme

# Transmission download directory & general owner/group
transmission_download_dir: "{{ content_base }}/transmission/"    # /library/transmission/
transmission_user: debian-transmission
transmission_group: root

# Monitor downloads at http://box:9091 or http://box:9091/transmission using Admin/changeme
transmission_http_port: 9091
transmission_url : "/transmission/"
transmission_peer_port: 51413

# Provision Transmission with torrent(s) from http://pantry.learningequality.org/downloads/ka-lite/0.17/content/
transmission_provision: True
transmission_kalite_version: 0.17

# A. UNCOMMENT LANGUAGE(S) IN /etc/iiab/local_vars.yml TO DOWNLOAD KA Lite VIDEOS TO /library/transmission
transmission_kalite_languages:
  #- english
  #- french
  #- hindi
  #- portugal-portuguese
  #- brazilian-portuguese
  #- spanish
  #- swahili
# B. Monitor BitTorrent downloads at http://box:9091 using Admin/changeme
#    until the download is confirmed complete (can take hours if not days!)
# C. Carefully move all videos/thumbnails into /library/ka-lite/content
#    (DO NOT OVERWRITE SUBFOLDERS assessment, locale, srt !)
# D. Log in to KA Lite at http://box:8008/updates/videos/ using Admin/changeme
#    then click "Scan content folder for videos" (can take many minutes!)
# E. READ "KA Lite Administration: What tips & tricks exist?" AT http://FAQ.IIAB.IO

awstats_install: True
awstats_enabled: True

# 2020-09-22 WARNING: both vars are IGNORED on Debian 10 due to: iiab/iiab#1849
monit_install: False
monit_enabled: False
watchdog:
  - sshd
  - idmgr
  - ejabberd
  - httpd
  - postgresql
  - squid

munin_install: False
munin_enabled: False

# Handy for maintaining tables, but DANGEROUS if not locked down
phpmyadmin_install: False
phpmyadmin_enabled: False

vnstat_install: False
vnstat_enabled: False


# 9-LOCAL-ADDONS

# 2020-09-24: BOTH VALUES BELOW ARE IGNORED as Yarn is installed on demand as a
# dependency -- by Internet Archive
yarn_install: False
yarn_enabled: False

# Internet Archive Offline / Decentralized Web - create your own offline
# version (http://box:4244 or later http://box/archive?) arising from digital
# library https://dweb.archive.org
internetarchive_install: False
internetarchive_enabled: False
internetarchive_port: 4244    # for http://box:4244

# Minetest is an open source clone of the Minecraft building blocks game
minetest_install: False
minetest_enabled: False
minetest_port: 30000
minetest_server_admin: Admin
minetest_default_game: carbone-ng    # only carbone-ng and minetest are supported
minetest_flat_world: False

# Calibre E-Book Library
# WARNING: CALIBRE INSTALLS GRAPHICAL LIBRARIES SIMILAR TO X WINDOWS & OPENGL
# ON (HEADLESS, SERVER, LITE) OS'S THAT DON'T ALREADY HAVE THESE INSTALLED.
calibre_install: False
calibre_enabled: False
# vars/raspbian-9.yml tries the .deb upgrade of Calibre, overriding this default:
calibre_via_debs: False
calibre_unstable_debs: False
# vars/<most-OS's>.yml use Calibre's python installer/upgrader (x86_64), overriding this default:
calibre_via_python: False
# Change calibre_port to 8010 if you're using XO laptops needing above idmgr ?
calibre_port: 8080
# http://box:8080 & http://box:8080/mobile WORK FOR NOW, but short/mnemonic
# URL's like http://box/calibre DON'T YET WORK -- BOOKS RARELY DISPLAY:
calibre_web_path: calibre  #NEEDS WORK: https://github.com/iiab/iiab/issues/529
# Avoid URL collisions w/ calibreweb_url1, calibreweb_url2, calibreweb_url3 below!

# WARNING: Calibre-Web (below) depends on Calibre's own /usr/bin/ebook-convert
# program, so we recommend you also install Calibre (above!)

# Calibre-Web alternative to Calibre, offers a clean/modern UX
calibreweb_install: False
calibreweb_enabled: False
calibreweb_port: 8083       # PORT VARIABLE HAS NO EFFECT (as of January 2019)
# http://box/books works.  Add {box/libros, box/livres, box/livros, box/liv} etc?
calibreweb_url1: /books     # For SHORT URL http://box/books  (English)
calibreweb_url2: /libros    # For SHORT URL http://box/libros (Spanish)
calibreweb_url3: /livres    # For SHORT URL http://box/livres (French)
calibreweb_home: "{{ content_base }}/calibre-web"    # /library/calibre-web


# =============================================================================
# UNMAINTAINED LEGACY VARIABLES: YOU'RE TAKING BIG RISKS IF YOU USE ANY HERE...

# CONSIDER THESE NEW OPENSTREETMAP (OSM) APPROACHES INSTEAD:
#
# 2019: https://github.com/iiab/iiab/wiki/IIAB-Maps SEE ABOVE osm_vector_maps_*
# 2018: http://download.iiab.io/content/OSM/vector-tiles/
# 2017: http://oer2go.org/viewmod/en-worldmap-10
#
# Unmaintained
# osm_install: False
# osm_enabled: False
# Changed in June 2017, from the original:
# iiab_install: True
# iiab_enabled: False

# Unmaintained
# docker_install: False
# docker_enabled: False

# THOSE ABOVE WERE STILL OCCASIONALLY USED AS OF NOVEMBER 2019.
# =============================================================================
# THOSE BELOW WERE *NOT* USED FOR YEARS, AS OF NOVEMBER 2019.

# Unmaintained
# authserver_install: False
# authserver_enabled: False

# Unmaintained (better to install from http://teamviewer.com or prep scripts at http://download.iiab.io)
# teamviewer_install: False
# teamviewer_enabled: False

# Unmaintained
# schooltool_install: False
# schooltool_enabled: False

# Unmaintained
# debian_schooltool_install: False
# debian_schooltool_enabled: False

# Unmaintained (consider Calibre or Calibre-Web above?)
# pathagar_install: False
# pathagar_enabled: False

# Unmaintained
# sugar_stats_install: False
# sugar_stats_enabled: False

# Unmaintained
# xovis_install: False
# xovis_enabled: False
# xovis_target_host: "127.0.0.1:5984"
# xovis_deployment_name: olpc
# xovis_db_name: xovis
# xovis_db_user: admin
# xovis_db_password: admin
# xovis_root: "/opt/xovis"
# xovis_backup_dir: "/library/users"
# xovis_chart_heading: "My School: Usage Data Visualization"

# Unmaintained
# owncloud_install: False
# owncloud_enabled: False

# Unmaintained
# ajenti_install: False
# ajenti_enabled: False

# Unmaintained
# rachel_install: False
# rachel_enabled: False
# rachel_content_found: False
# #rachel_url: /rachel
# rachel_doc_root: "{{ doc_root }}/modules"
# =============================================================================


# OS-DEPENDENT VARS: TURN OFF ALL VARS BELOW AND THEN THE CORRECT
# /opt/iiab/iiab/vars/<OS>.yml WILL TURN ON WHAT'S APPROPRIATE.  See "How This
# Works" ~30 lines below, and https://github.com/iiab/iiab/wiki/IIAB-Platforms

# Wide to narrow (insofar as poss)
is_debuntu: False    # Covers all 4: Ubuntu, Linux Mint, Debian, Raspberry Pi OS (Raspbian)

is_ubuntu: False    # Covers: Ubuntu, Linux Mint
is_ubuntu_20: False
is_ubuntu_19: False
is_ubuntu_18: False
is_ubuntu_17: False
is_ubuntu_16: False

is_linuxmint: False    # Subset of is_ubuntu
is_linuxmint_20: False

is_debian: False    # Covers both: Debian, Raspberry Pi OS (Raspbian)
is_debian_10: False
is_debian_9: False
is_debian_8: False

is_raspbian: False    # Covers both: RPi HW + non-RPi HW versions of Raspberry Pi OS (Raspbian)
is_raspbian_10: False
is_raspbian_9: False
is_raspbian_8: False

is_redhat: False    # Not well supported as of 2019, see: https://github.com/iiab/iiab/issues/1434
is_centos: False
is_centos_7: False
is_fedora: False
is_fedora_22: False
is_fedora_18: False

# How This Works:
#
# 1. /opt/iiab/iiab/iiab-install copies /opt/iiab/iiab/scripts/local_facts.fact
#    to /etc/ansible/facts.d/local_facts.fact
# 2. Ansible runs /etc/ansible/facts.d/local_facts.fact to identify the OS
# 3. The correct /opt/iiab/iiab/vars/<OS>.yml is then invoked by any the
#    following high-level scripts in /opt/iiab/iiab for IIAB operators:
#       ./iiab-install (uses iiab-stages.yml)
#       ./iiab-network (uses iiab-network.yml)
#       ./runrole (uses run-one-role.yml)
# 4. Likewise behind the scenes:
#       ./iiab-configure (uses iiab-from-cmdline.yml)
#       Admin Console (uses iiab-from-console.yml)
#
# More details, including Order of Execution and Precedence:
# https://github.com/iiab/iiab/wiki/IIAB-Variables