get lan_ip soft coded everywhere

roles/captiveportal/templates/iiab-divert-to-nginx

@@ -1,4 +1,4 @@
 #!/bin/bash -x
-awk '{print("address=/" $1 "/172.18.96.1")}' /opt/iiab/captiveportal/checkurls > /etc/dnsmasq.d/capture
+awk '{print("address=/" $1 "/{{ lan_ip }}")}' /opt/iiab/captiveportal/checkurls > /etc/dnsmasq.d/capture
 echo "#following tells windows 7 that captive portal is active" >> /etc/dnsmasq.d/capture
 echo "address=/dns.msftncsi.com/131.107.255.255" >> /etc/dnsmasq.d/capture

roles/cups/tasks/install.yml

@@ -76,14 +76,14 @@
     name: cups
     state: started
 
-# - name: "Authorize Nearby IP Addresses: Run 'cupsctl --remote-admin --share-printers --user-cancel-any' to enable http://192.168.0.x:631 AND http://172.18.96.1:631 (if cups_enabled) -- REPEATED USE OF 'cupsctl' COMMANDS CAN *DAMAGE* /etc/cups/cupsd.conf BY ADDING DUPLICATE LINES (AND WORSE!) -- SO PLEASE ALSO MANUALLY RUN 'sudo cupsctl' AND 'sudo cupsd -t' TO VERIFY /etc/cups/cupsd.conf"
+# - name: "Authorize Nearby IP Addresses: Run 'cupsctl --remote-admin --share-printers --user-cancel-any' to enable http://192.168.0.x:631 AND http://{{ lan_ip }}:631 (if cups_enabled) -- REPEATED USE OF 'cupsctl' COMMANDS CAN *DAMAGE* /etc/cups/cupsd.conf BY ADDING DUPLICATE LINES (AND WORSE!) -- SO PLEASE ALSO MANUALLY RUN 'sudo cupsctl' AND 'sudo cupsd -t' TO VERIFY /etc/cups/cupsd.conf"
 #   command: cupsctl --remote-admin --share-printers --user-cancel-any
 
 # 2021-07-11: BOTH FLAGS *CANNOT* BE USED TOGETHER -- CHOOSE ONE OR THE OTHER:
 # (1) '--remote-admin' AS ABOVE, OR (2) '--remote-any' AS BELOW.
 # (RUN 'cupsctl' WITHOUT PARAMETERS TO CONFIRM THIS!)
 
-- name: "Authorize All IP Addresses: Run 'cupsctl --remote-any --share-printers --user-cancel-any' to enable http://192.168.0.x:631 AND http://172.18.96.1:631 AND http://10.8.0.y:631 (if cups_enabled) -- REPEATED USE OF 'cupsctl' COMMANDS CAN *DAMAGE* /etc/cups/cupsd.conf BY ADDING DUPLICATE LINES (AND WORSE!) -- SO PLEASE ALSO MANUALLY RUN 'sudo cupsctl' AND 'sudo cupsd -t' TO VERIFY /etc/cups/cupsd.conf"
+- name: "Authorize All IP Addresses: Run 'cupsctl --remote-any --share-printers --user-cancel-any' to enable http://192.168.0.x:631 AND http://{{ lan_ip }}:631 AND http://10.8.0.y:631 (if cups_enabled) -- REPEATED USE OF 'cupsctl' COMMANDS CAN *DAMAGE* /etc/cups/cupsd.conf BY ADDING DUPLICATE LINES (AND WORSE!) -- SO PLEASE ALSO MANUALLY RUN 'sudo cupsctl' AND 'sudo cupsd -t' TO VERIFY /etc/cups/cupsd.conf"
   command: cupsctl --remote-any --share-printers --user-cancel-any
 
 # 2021-07-11: In theory 'cupsctl' stanzas could be put in enable-or-disable.yml
@@ -96,7 +96,7 @@
 #   command: cupsctl --no-remote-admin --no-remote-any --no-share-printers --no-user-cancel-any --no-debug-logging
 #   when: not cups_enabled
 
-# - name: "2021-07-14: EXPERIMENTALLY ADD DIRECTIVES TO /etc/cups/cupsd.conf followed by 'systemctl restart cups'.  As should no longer be nec thanks to NEW cups/templates/cups.conf for /etc/nginx/conf.d/cups.conf (followed by 'systemctl restart nginx').  Which FIXED URL'S LIKE: http://box/print, http://box.lan/print, http://192.168.0.x/print, http://172.18.96.1/print and http://10.8.0.x/print (WITH OR WITHOUT THE TRAILING SLASH!)  RECAP: (1) So be it that these 2 URL'S STILL DON'T WORK: http://box:631, http://box.lan:631 (due to CUPS' internal web server's overly stringent hostname checks, i.e. '400 Bad Request' and 'Request from \"localhost\" using invalid Host: field \"box[.lan]:631\".' in /var/log/cups/error_log) -- (2) While these 2 URL'S STILL DO WORK: http://localhost:631, http://127.0.0.1:631 -- (3) Whereas these 3 URL'S MAY WORK, DEPENDING ON 'cupsctl' COMMAND(S) ABOVE: http://192.168.0.x:631, http://172.18.96.1:631, http://10.8.0.x:631"
+# - name: "2021-07-14: EXPERIMENTALLY ADD DIRECTIVES TO /etc/cups/cupsd.conf followed by 'systemctl restart cups'.  As should no longer be nec thanks to NEW cups/templates/cups.conf for /etc/nginx/conf.d/cups.conf (followed by 'systemctl restart nginx').  Which FIXED URL'S LIKE: http://box/print, http://box.lan/print, http://192.168.0.x/print, http://{{ lan_ip }}/print and http://10.8.0.x/print (WITH OR WITHOUT THE TRAILING SLASH!)  RECAP: (1) So be it that these 2 URL'S STILL DON'T WORK: http://box:631, http://box.lan:631 (due to CUPS' internal web server's overly stringent hostname checks, i.e. '400 Bad Request' and 'Request from \"localhost\" using invalid Host: field \"box[.lan]:631\".' in /var/log/cups/error_log) -- (2) While these 2 URL'S STILL DO WORK: http://localhost:631, http://127.0.0.1:631 -- (3) Whereas these 3 URL'S MAY WORK, DEPENDING ON 'cupsctl' COMMAND(S) ABOVE: http://192.168.0.x:631, http://{{ lan_ip }}:631, http://10.8.0.x:631"
 #   lineinfile:
 #     path: /etc/cups/cupsd.conf
 #     line: "{{ item }}"
@@ -105,7 +105,7 @@
 #     - "HostNameLookups On"    # More False Leads: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530027
 #     - "ServerAlias *"
 #     - "#ServerName {{ iiab_hostname }}.{{ iiab_domain }}"    # box.lan
-#     - "#Listen {{ lan_ip }}:631"    # 172.18.96.1
+#     - "#Listen {{ lan_ip }}:631"    # {{ lan_ip }}
 #     - "#Listen 127.0.0.1:631"
 #     - "#Listen 0.0.0.0:631"
 #     - "#Listen *:631"

roles/network/templates/dhcp/dhcpd-iiab.conf.j2

@@ -5,15 +5,22 @@ ddns-update-style interim;
 #ignore client-updates;
 
 option domain-name "{{ iiab_domain }}";
-option domain-name-servers      172.18.96.1;
+option domain-name-servers      {{ lan_ip }};
-option ntp-servers		172.18.96.1;
+option ntp-servers		{{ lan_ip }};
 
 subnet 172.18.96.0 netmask 255.255.224.0 {
 	{% if iiab_network_mode == "Gateway" %}
-	option routers			172.18.96.1;
+	option routers			{{ lan_ip }};
 	{% endif %}
-	option subnet-mask		255.255.224.0;
+	{% if 172_network %}
-	option broadcast-address	172.18.127.255;
+   	option subnet-mask		255.255.224.0;
+	   option broadcast-address	172.18.127.255;
+	{% else %}
+	   option subnet-mask		255.255.255.0;
+	   option broadcast-address	10.10.10.255;
+	{% endif %}
+
+   # Description of network allocations in old OLPC school server
 	# this is the whole range we have available - 8K addresses
 	# range                           172.18.96.2 172.18.127.254;
 	# instead, we'll save 510 addresses for later. 

roles/network/templates/gateway/iiab-gen-iptables

@@ -64,7 +64,7 @@ echo "iiab_gateway_enabled: $iiab_gateway_enabled"
 echo
 #network_mode=`grep iiab_network_mode_applied /etc/iiab/iiab.ini | gawk '{print $3}'`
 #echo -e "Network Mode: $network_mode\n"
-lan_ip=$(iiab_var_value lan_ip)    # 172.18.96.1
+lan_ip=$(iiab_var_value lan_ip)    # {{ lan_ip }}
 
 ports_externally_visible=$(iiab_var_value ports_externally_visible)
 gw_block_https=$(iiab_var_value gw_block_https)

roles/network/templates/named/school.internal.zone.db

@@ -1,19 +1,19 @@
 @ in soa localhost. root 1 3H 15M 1W 1D
   ns localhost.
 
-{{ iiab_hostname }}	IN	A	172.18.96.1
+{{ iiab_hostname }}	IN	A	{{ lan_ip }}
-schoolserver	IN	A	172.18.96.1
+schoolserver	IN	A	{{ lan_ip }}
-school		IN	A	172.18.96.1
+school		IN	A	{{ lan_ip }}
-www		IN	A	172.18.96.1
+www		IN	A	{{ lan_ip }}
-ntp		IN	A	172.18.96.1
+ntp		IN	A	{{ lan_ip }}
-time		IN	A	172.18.96.1
+time		IN	A	{{ lan_ip }}
-presence	IN	A	172.18.96.1
+presence	IN	A	{{ lan_ip }}
-xs		IN	A	172.18.96.1
+xs		IN	A	{{ lan_ip }}
-library		IN	A	172.18.96.1
+library		IN	A	{{ lan_ip }}
-box		IN	A	172.18.96.1
+box		IN	A	{{ lan_ip }}
 
 
-conference.schoolserver	IN	A	172.18.96.1
+conference.schoolserver	IN	A	{{ lan_ip }}
 
 
 ; translations of school - in plain latin script

roles/network/templates/named/school.local.zone.db

@@ -3,18 +3,18 @@
 @ in soa localhost. root 1 3H 15M 1W 1D
   ns localhost.
 
-{{ iiab_hostname }}	IN	A	172.18.96.1
+{{ iiab_hostname }}	IN	A	{{ lan_ip }}
-schoolserver	IN	A	172.18.96.1
+schoolserver	IN	A	{{ lan_ip }}
-school		IN	A	172.18.96.1
+school		IN	A	{{ lan_ip }}
-www		IN	A	172.18.96.1
+www		IN	A	{{ lan_ip }}
-ntp		IN	A	172.18.96.1
+ntp		IN	A	{{ lan_ip }}
-time		IN	A	172.18.96.1
+time		IN	A	{{ lan_ip }}
-presence	IN	A	172.18.96.1
+presence	IN	A	{{ lan_ip }}
-xs		IN	A	172.18.96.1
+xs		IN	A	{{ lan_ip }}
-library		IN	A	172.18.96.1
+library		IN	A	{{ lan_ip }}
-box		IN	A	172.18.96.1
+box		IN	A	{{ lan_ip }}
 
-conference.schoolserver	IN	A	172.18.96.1
+conference.schoolserver	IN	A	{{ lan_ip }}
 
 
 ; translations of school - in plain latin script

roles/nextcloud/README.md

@@ -43,7 +43,7 @@ Useful PHP recommendations for these settings (while largely tailored to WordPre
 
 ## Using It
 
-Log in to Nextcloud at http://box/nextcloud, http://box.lan/nextcloud, http://172.18.96.1/nextcloud (or similar) using:
+Log in to Nextcloud at http://box/nextcloud, http://box.lan/nextcloud, http://{{ lan_ip }}/nextcloud (or similar) using:
 
     Username: Admin
     Password: changeme

roles/samba/templates/smb.conf.j2

@@ -92,7 +92,7 @@
 ;	netbios name = MYSERVER
 
 ;	interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24
-	hosts allow = 127. 172.18.
+	hosts allow = 127. 172.18. 10.10.
 
 ;	max protocol = SMB2
 

roles/transmission/defaults/main.yml

@@ -12,7 +12,7 @@
 # Monitor downloads at http://box:9091 or http://box:9091/transmission using Admin/changeme
 # transmission_http_port: 9091
 # transmission_url: /transmission/
-# transmission_whitelist: 127.0.0.1,::1,192.168.*.*,172.18.96.*,10.8.0.*
+# transmission_whitelist: 127.0.0.1,::1,192.168.*.*,172.18.96.*,10.8.0.*,10.10.10.*
 # transmission_whitelist_enabled: "false"  # LOWERCASE STRING for settings.json
 # transmission_peer_port: 51413
 

vars/default_vars.yml

@@ -98,8 +98,11 @@ disregard_network: False    # Use cache, or error out if cache does not exist.
 
 iiab_hostname: box
 iiab_domain: lan
-lan_ip: 172.18.96.1
+lan_ip: 10.10.10.10
-lan_netmask: 255.255.224.0
+172_network: False
+#lan_ip: 172.18.96.1 # Use this ip for compatibility with older network systems
+lan_netmask: 255.255.255.0
+#lan_netmask: 255.255.224.0 # Older networks were larger
 
 # Internal Wi-Fi Access Point
 # Values are used if there is an internal Wi-Fi adapter and hostapd is enabled.
@@ -540,7 +543,7 @@ transmission_group: debian-transmission
 # Monitor downloads at http://box:9091 or http://box:9091/transmission using Admin/changeme
 transmission_http_port: 9091
 transmission_url: /transmission/
-transmission_whitelist: 127.0.0.1,::1,192.168.*.*,172.18.96.*,10.8.0.*
+transmission_whitelist: 127.0.0.1,::1,192.168.*.*,172.18.96.*,10.8.0.*,10.10.10,*
 transmission_whitelist_enabled: "false"    # LOWERCASE STRING for settings.json
 transmission_peer_port: 51413