From 6265dd337e3203faf3f015e589bf0352ed5fb9b0 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 13 Jul 2018 13:33:02 -0400 Subject: [PATCH 1/7] Update default_vars.yml --- vars/default_vars.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 3e08a701b..18beac3d4 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -109,6 +109,8 @@ block_DNS: False dnsmasq_install: True dnsmasq_enabled: False +dns_jail_enabled: False + # For @tim-moody's Nodogsplash approach to Captive Portal? High experimental as of June 2018: github.com/iiab/iiab/issues/608 captive_portal_install: False captive_portal_enabled: False @@ -163,8 +165,8 @@ schooltool_enabled: False # 3-BASE-SERVER -# Needed if you want http://box/common/services/power_off.php to work -allow_apache_sudo: False +# Make this False to disable http://box/common/services/power_off.php button: +allow_apache_sudo: True # roles/httpd runs here From 36c809aa470db63f42f6e39f1a31116419e8f3d1 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 13 Jul 2018 13:33:42 -0400 Subject: [PATCH 2/7] Update local_vars_min.yml --- vars/local_vars_min.yml | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/vars/local_vars_min.yml b/vars/local_vars_min.yml index f41915947..2029a64e5 100644 --- a/vars/local_vars_min.yml +++ b/vars/local_vars_min.yml @@ -31,7 +31,7 @@ iiab_domain: lan # Set to /home or /wordpress or /mediawiki or /wiki (for DokuWiki) iiab_home_url: /home -# Raspbian requires WiFi country since March 2018. Please set it here: +# Raspbian requires Wi-Fi country since March 2018. Please set it here: host_country_code: US host_ssid: "Internet in a Box" host_wifi_mode: g @@ -39,8 +39,6 @@ host_channel: 6 hostapd_secure: False hostapd_password: changeme -dns_jail_enabled: False - # Enables "campus access" to kiwix (3000), kalite (8008) & calibre (8010 or # 8080) on WAN side of server. See network/templates/gateway/iiab-gen-iptables # within github.com/iiab/iiab/blob/master/roles/ @@ -49,8 +47,15 @@ services_externally_visible: True # Make this True if client machines should have access to WAN/Internet: iiab_gateway_enabled: False -# Make this False to disable http://box/common/services/power_off.php button: -allow_apache_sudo: True +# dnsmasq +dnsmasq_install: True +dnsmasq_enabled: False + +dns_jail_enabled: False + +# Simple python Captive Portal, that @m-anish & @jvonau are experimenting with in July 2018: github.com/iiab/iiab/pull/870 +py_captive_portal_install: True +py_captive_portal_enabled: False # Stages 3 & 4 must be run (using iiab-install or runrole) if changing these: squid_install: False @@ -69,6 +74,9 @@ dansguardian_enabled: False # 3-BASE-SERVER +# Make this False to disable http://box/common/services/power_off.php button: +allow_apache_sudo: True + # roles/mysql runs here (mandatory) # 4-SERVER-OPTIONS From 403acbf51e353ed38a11356e5bbb3f814390a10b Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 13 Jul 2018 13:37:24 -0400 Subject: [PATCH 3/7] Update local_vars_min_vpn.yml --- vars/local_vars_min_vpn.yml | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/vars/local_vars_min_vpn.yml b/vars/local_vars_min_vpn.yml index f427a1888..55f57fefb 100644 --- a/vars/local_vars_min_vpn.yml +++ b/vars/local_vars_min_vpn.yml @@ -39,8 +39,6 @@ host_channel: 6 hostapd_secure: False hostapd_password: changeme -dns_jail_enabled: False - # Enables "campus access" to kiwix (3000), kalite (8008) & calibre (8010 or # 8080) on WAN side of server. See network/templates/gateway/iiab-gen-iptables # within github.com/iiab/iiab/blob/master/roles/ @@ -49,8 +47,15 @@ services_externally_visible: True # Make this True if client machines should have access to WAN/Internet: iiab_gateway_enabled: False -# Make this False to disable http://box/common/services/power_off.php button: -allow_apache_sudo: True +# dnsmasq +dnsmasq_install: True +dnsmasq_enabled: False + +dns_jail_enabled: False + +# Simple python Captive Portal, that @m-anish & @jvonau are experimenting with in July 2018: github.com/iiab/iiab/pull/870 +py_captive_portal_install: True +py_captive_portal_enabled: False # Stages 3 & 4 must be run (using iiab-install or runrole) if changing these: squid_install: False @@ -69,6 +74,9 @@ dansguardian_enabled: False # 3-BASE-SERVER +# Make this False to disable http://box/common/services/power_off.php button: +allow_apache_sudo: True + # roles/mysql runs here (mandatory) # 4-SERVER-OPTIONS From 67bbd31671926a156c7fc1395bb61722c73ac854 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 13 Jul 2018 13:38:29 -0400 Subject: [PATCH 4/7] Update local_vars_medium.yml --- vars/local_vars_medium.yml | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/vars/local_vars_medium.yml b/vars/local_vars_medium.yml index 21f7556f5..be4c943cc 100644 --- a/vars/local_vars_medium.yml +++ b/vars/local_vars_medium.yml @@ -39,8 +39,6 @@ host_channel: 6 hostapd_secure: False hostapd_password: changeme -dns_jail_enabled: False - # Enables "campus access" to kiwix (3000), kalite (8008) & calibre (8010 or # 8080) on WAN side of server. See network/templates/gateway/iiab-gen-iptables # within github.com/iiab/iiab/blob/master/roles/ @@ -49,8 +47,15 @@ services_externally_visible: True # Make this True if client machines should have access to WAN/Internet: iiab_gateway_enabled: False -# Make this False to disable http://box/common/services/power_off.php button: -allow_apache_sudo: True +# dnsmasq +dnsmasq_install: True +dnsmasq_enabled: False + +dns_jail_enabled: False + +# Simple python Captive Portal, that @m-anish & @jvonau are experimenting with in July 2018: github.com/iiab/iiab/pull/870 +py_captive_portal_install: True +py_captive_portal_enabled: False # Stages 3 & 4 must be run (using iiab-install or runrole) if changing these: squid_install: False @@ -69,6 +74,9 @@ dansguardian_enabled: False # 3-BASE-SERVER +# Make this False to disable http://box/common/services/power_off.php button: +allow_apache_sudo: True + # roles/mysql runs here (mandatory) # 4-SERVER-OPTIONS From 466000d1a8d674388c1fe38a9397c7a5eebdb9bb Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 13 Jul 2018 13:39:34 -0400 Subject: [PATCH 5/7] Update local_vars_medium_vpn.yml --- vars/local_vars_medium_vpn.yml | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/vars/local_vars_medium_vpn.yml b/vars/local_vars_medium_vpn.yml index 70ec6105e..6718b6ac4 100644 --- a/vars/local_vars_medium_vpn.yml +++ b/vars/local_vars_medium_vpn.yml @@ -39,8 +39,6 @@ host_channel: 6 hostapd_secure: False hostapd_password: changeme -dns_jail_enabled: False - # Enables "campus access" to kiwix (3000), kalite (8008) & calibre (8010 or # 8080) on WAN side of server. See network/templates/gateway/iiab-gen-iptables # within github.com/iiab/iiab/blob/master/roles/ @@ -49,8 +47,15 @@ services_externally_visible: True # Make this True if client machines should have access to WAN/Internet: iiab_gateway_enabled: False -# Make this False to disable http://box/common/services/power_off.php button: -allow_apache_sudo: True +# dnsmasq +dnsmasq_install: True +dnsmasq_enabled: False + +dns_jail_enabled: False + +# Simple python Captive Portal, that @m-anish & @jvonau are experimenting with in July 2018: github.com/iiab/iiab/pull/870 +py_captive_portal_install: True +py_captive_portal_enabled: False # Stages 3 & 4 must be run (using iiab-install or runrole) if changing these: squid_install: False @@ -69,6 +74,9 @@ dansguardian_enabled: False # 3-BASE-SERVER +# Make this False to disable http://box/common/services/power_off.php button: +allow_apache_sudo: True + # roles/mysql runs here (mandatory) # 4-SERVER-OPTIONS From b473873b5ec7a4c4dc6278c2e681c5306d2fef6f Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 13 Jul 2018 13:40:53 -0400 Subject: [PATCH 6/7] Update local_vars_big.yml --- vars/local_vars_big.yml | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/vars/local_vars_big.yml b/vars/local_vars_big.yml index db86484b7..50103c6fc 100644 --- a/vars/local_vars_big.yml +++ b/vars/local_vars_big.yml @@ -39,8 +39,6 @@ host_channel: 6 hostapd_secure: False hostapd_password: changeme -dns_jail_enabled: False - # Enables "campus access" to kiwix (3000), kalite (8008) & calibre (8010 or # 8080) on WAN side of server. See network/templates/gateway/iiab-gen-iptables # within github.com/iiab/iiab/blob/master/roles/ @@ -49,8 +47,15 @@ services_externally_visible: True # Make this True if client machines should have access to WAN/Internet: iiab_gateway_enabled: False -# Make this False to disable http://box/common/services/power_off.php button: -allow_apache_sudo: True +# dnsmasq +dnsmasq_install: True +dnsmasq_enabled: False + +dns_jail_enabled: False + +# Simple python Captive Portal, that @m-anish & @jvonau are experimenting with in July 2018: github.com/iiab/iiab/pull/870 +py_captive_portal_install: True +py_captive_portal_enabled: False # Stages 3 & 4 must be run (using iiab-install or runrole) if changing these: squid_install: True @@ -69,6 +74,9 @@ dansguardian_enabled: True # 3-BASE-SERVER +# Make this False to disable http://box/common/services/power_off.php button: +allow_apache_sudo: True + # roles/mysql runs here (mandatory) # 4-SERVER-OPTIONS From 729b089479d4c17b339ccaa42afc041efb2ee9ee Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 13 Jul 2018 13:49:31 -0400 Subject: [PATCH 7/7] Update local_vars_big_vpn.yml --- vars/local_vars_big_vpn.yml | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/vars/local_vars_big_vpn.yml b/vars/local_vars_big_vpn.yml index 78399b980..7664b19f3 100644 --- a/vars/local_vars_big_vpn.yml +++ b/vars/local_vars_big_vpn.yml @@ -39,8 +39,6 @@ host_channel: 6 hostapd_secure: False hostapd_password: changeme -dns_jail_enabled: False - # Enables "campus access" to kiwix (3000), kalite (8008) & calibre (8010 or # 8080) on WAN side of server. See network/templates/gateway/iiab-gen-iptables # within github.com/iiab/iiab/blob/master/roles/ @@ -49,8 +47,15 @@ services_externally_visible: True # Make this True if client machines should have access to WAN/Internet: iiab_gateway_enabled: False -# Make this False to disable http://box/common/services/power_off.php button: -allow_apache_sudo: True +# dnsmasq +dnsmasq_install: True +dnsmasq_enabled: False + +dns_jail_enabled: False + +# Simple python Captive Portal, that @m-anish & @jvonau are experimenting with in July 2018: github.com/iiab/iiab/pull/870 +py_captive_portal_install: True +py_captive_portal_enabled: False # Stages 3 & 4 must be run (using iiab-install or runrole) if changing these: squid_install: True @@ -69,6 +74,9 @@ dansguardian_enabled: True # 3-BASE-SERVER +# Make this False to disable http://box/common/services/power_off.php button: +allow_apache_sudo: True + # roles/mysql runs here (mandatory) # 4-SERVER-OPTIONS