1
0
Fork 0
mirror of https://github.com/iiab/iiab.git synced 2025-03-09 15:40:17 +00:00

default_vars.yml: Reorder gateway/iptables for clarity, PR #2947

This commit is contained in:
A Holt 2021-08-14 15:21:48 -04:00 committed by GitHub
parent a793a7028b
commit ad76f05e0d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -120,7 +120,11 @@ wifi_hotspot_capacity_rpi_fix: True # Restores the ability of RPi internal
# https://github.com/iiab/iiab/issues/823#issuecomment-662285202 and PR #2472.
wifi_up_down: True # Creates a 2nd virtual WiFi adapter for upstream WiFi
# (e.g. to Internet) in addition to downstream WiFi (e.g. classroom hotspot).
# You can set iiab_gateway_enabled below, to enable "passthrough" to Internet.
# Set True if client machines should have "passthrough" access to WAN/Internet:
iiab_gateway_enabled: False
gw_squid_whitelist: False
gw_block_https: False
# Gateway mode
iiab_lan_enabled: True
@ -130,6 +134,24 @@ gui_wan: True
adm_cons_force_ssl: False
adm_cons_allow_downloads: False
# Intended for developers: ONLY CHANGE THESE IF YOU KNOW WHAT YOU ARE DOING
# The following 2 override the detection when not "auto"
user_wan_iface: auto
user_lan_iface: auto
# See "How do I set a static IP address?" for Ethernet, in http://FAQ.IIAB.IO
wan_ip: dhcp # wan_ip: 192.168.1.99
wan_netmask: # wan_netmask: 255.255.255.0
wan_gateway: # wan_gateway: 192.168.1.254
# If nec wan_nameserver can override ISP-provided DNS servers via dnsmasq:
# /etc/resolv.conf dictates which backend is used for the machine itself, so
# 127.0.0.1 means you get dnsmasq (so it works right away on RaspiOS) while
# 127.0.0.53 gives you systemd-networkd (so Ubuntu itself does NOT use this
# dnsmasq-specified upstream DNS [e.g. wan_nameserver] but its LAN clients do!)
wan_nameserver: # wan_nameserver: 192.168.1.254 or 8.8.8.8 or 1.1.1.1
wan_try_dhcp_before_static_ip: True # Facilitate field updates w/ cablemodems
# Details @ roles/network/templates/network/dhcpcd.conf.j2 for /etc/dhcpcd.conf
# Enable "campus access" to ~10 common IIAB services like Kiwix (3000), KA Lite
# (8008) and Calibre (8010 or 8080) etc, on the WAN side of your IIAB server.
# Only 1 of the 6 lines below should be uncommented:
@ -145,10 +167,9 @@ ports_externally_visible: 3 # ssh + http-or-https + common IIAB services
# /opt/iiab/iiab/roles/network/templates/gateway/iiab-gen-iptables
# And then run: cd /opt/iiab/iiab; ./iiab-network
# Set True if client machines should have "passthrough" access to WAN/Internet:
iiab_gateway_enabled: False
gw_squid_whitelist: False
gw_block_https: False
# dnsmasq - handles DHCP and DNS
dnsmasq_install: True
dnsmasq_enabled: True
# UNMAINTAINED as of July 2021
dhcpd_install: False
@ -160,10 +181,6 @@ named_install: False
named_enabled: False
block_DNS: False
# dnsmasq - handles DHCP and DNS
dnsmasq_install: True
dnsmasq_enabled: True
# Enable in local_vars.yml AFTER installing IIAB! Then run "cd /opt/iiab/iiab; ./iiab-network"
dns_jail_enabled: False
@ -176,25 +193,6 @@ bluetooth_term_enabled: False
wondershaper_install: False
wondershaper_enabled: False
# Intended for developers: ONLY CHANGE THESE IF YOU KNOW WHAT YOU ARE DOING
# The following 2 override the detection when not "auto"
user_wan_iface: auto
user_lan_iface: auto
# See "How do I set a static IP address?" for Ethernet, in http://FAQ.IIAB.IO
# Ethernet - IF NECESSARY, CUSTOMIZE THESE 4+1 VARS IN /etc/iiab/local_vars.yml
wan_ip: dhcp # wan_ip: 192.168.1.99
wan_netmask: # wan_netmask: 255.255.255.0
wan_gateway: # wan_gateway: 192.168.1.254
# If nec wan_nameserver can override ISP-provided DNS servers via dnsmasq:
# /etc/resolv.conf dictates which backend is used for the machine itself, so
# 127.0.0.1 means you get dnsmasq (so it works right away on RaspiOS) while
# 127.0.0.53 gives you systemd-networkd (so Ubuntu itself does NOT use this
# dnsmasq-specified upstream DNS [e.g. wan_nameserver] but its LAN clients do!)
wan_nameserver: # wan_nameserver: 192.168.1.254 or 8.8.8.8 or 1.1.1.1
wan_try_dhcp_before_static_ip: True # Facilitate field updates w/ cablemodems
# Details @ roles/network/templates/network/dhcpcd.conf.j2 for /etc/dhcpcd.conf
# 1-PREP