mirror of
https://github.com/iiab/iiab.git
synced 2025-03-09 15:40:17 +00:00
default_vars.yml: Reorder gateway/iptables for clarity, PR #2947
This commit is contained in:
parent
a793a7028b
commit
ad76f05e0d
1 changed files with 26 additions and 28 deletions
|
@ -120,7 +120,11 @@ wifi_hotspot_capacity_rpi_fix: True # Restores the ability of RPi internal
|
||||||
# https://github.com/iiab/iiab/issues/823#issuecomment-662285202 and PR #2472.
|
# https://github.com/iiab/iiab/issues/823#issuecomment-662285202 and PR #2472.
|
||||||
wifi_up_down: True # Creates a 2nd virtual WiFi adapter for upstream WiFi
|
wifi_up_down: True # Creates a 2nd virtual WiFi adapter for upstream WiFi
|
||||||
# (e.g. to Internet) in addition to downstream WiFi (e.g. classroom hotspot).
|
# (e.g. to Internet) in addition to downstream WiFi (e.g. classroom hotspot).
|
||||||
# You can set iiab_gateway_enabled below, to enable "passthrough" to Internet.
|
|
||||||
|
# Set True if client machines should have "passthrough" access to WAN/Internet:
|
||||||
|
iiab_gateway_enabled: False
|
||||||
|
gw_squid_whitelist: False
|
||||||
|
gw_block_https: False
|
||||||
|
|
||||||
# Gateway mode
|
# Gateway mode
|
||||||
iiab_lan_enabled: True
|
iiab_lan_enabled: True
|
||||||
|
@ -130,6 +134,24 @@ gui_wan: True
|
||||||
adm_cons_force_ssl: False
|
adm_cons_force_ssl: False
|
||||||
adm_cons_allow_downloads: False
|
adm_cons_allow_downloads: False
|
||||||
|
|
||||||
|
# Intended for developers: ONLY CHANGE THESE IF YOU KNOW WHAT YOU ARE DOING
|
||||||
|
# The following 2 override the detection when not "auto"
|
||||||
|
user_wan_iface: auto
|
||||||
|
user_lan_iface: auto
|
||||||
|
|
||||||
|
# See "How do I set a static IP address?" for Ethernet, in http://FAQ.IIAB.IO
|
||||||
|
wan_ip: dhcp # wan_ip: 192.168.1.99
|
||||||
|
wan_netmask: # wan_netmask: 255.255.255.0
|
||||||
|
wan_gateway: # wan_gateway: 192.168.1.254
|
||||||
|
# If nec wan_nameserver can override ISP-provided DNS servers via dnsmasq:
|
||||||
|
# /etc/resolv.conf dictates which backend is used for the machine itself, so
|
||||||
|
# 127.0.0.1 means you get dnsmasq (so it works right away on RaspiOS) while
|
||||||
|
# 127.0.0.53 gives you systemd-networkd (so Ubuntu itself does NOT use this
|
||||||
|
# dnsmasq-specified upstream DNS [e.g. wan_nameserver] but its LAN clients do!)
|
||||||
|
wan_nameserver: # wan_nameserver: 192.168.1.254 or 8.8.8.8 or 1.1.1.1
|
||||||
|
wan_try_dhcp_before_static_ip: True # Facilitate field updates w/ cablemodems
|
||||||
|
# Details @ roles/network/templates/network/dhcpcd.conf.j2 for /etc/dhcpcd.conf
|
||||||
|
|
||||||
# Enable "campus access" to ~10 common IIAB services like Kiwix (3000), KA Lite
|
# Enable "campus access" to ~10 common IIAB services like Kiwix (3000), KA Lite
|
||||||
# (8008) and Calibre (8010 or 8080) etc, on the WAN side of your IIAB server.
|
# (8008) and Calibre (8010 or 8080) etc, on the WAN side of your IIAB server.
|
||||||
# Only 1 of the 6 lines below should be uncommented:
|
# Only 1 of the 6 lines below should be uncommented:
|
||||||
|
@ -145,10 +167,9 @@ ports_externally_visible: 3 # ssh + http-or-https + common IIAB services
|
||||||
# /opt/iiab/iiab/roles/network/templates/gateway/iiab-gen-iptables
|
# /opt/iiab/iiab/roles/network/templates/gateway/iiab-gen-iptables
|
||||||
# And then run: cd /opt/iiab/iiab; ./iiab-network
|
# And then run: cd /opt/iiab/iiab; ./iiab-network
|
||||||
|
|
||||||
# Set True if client machines should have "passthrough" access to WAN/Internet:
|
# dnsmasq - handles DHCP and DNS
|
||||||
iiab_gateway_enabled: False
|
dnsmasq_install: True
|
||||||
gw_squid_whitelist: False
|
dnsmasq_enabled: True
|
||||||
gw_block_https: False
|
|
||||||
|
|
||||||
# UNMAINTAINED as of July 2021
|
# UNMAINTAINED as of July 2021
|
||||||
dhcpd_install: False
|
dhcpd_install: False
|
||||||
|
@ -160,10 +181,6 @@ named_install: False
|
||||||
named_enabled: False
|
named_enabled: False
|
||||||
block_DNS: False
|
block_DNS: False
|
||||||
|
|
||||||
# dnsmasq - handles DHCP and DNS
|
|
||||||
dnsmasq_install: True
|
|
||||||
dnsmasq_enabled: True
|
|
||||||
|
|
||||||
# Enable in local_vars.yml AFTER installing IIAB! Then run "cd /opt/iiab/iiab; ./iiab-network"
|
# Enable in local_vars.yml AFTER installing IIAB! Then run "cd /opt/iiab/iiab; ./iiab-network"
|
||||||
dns_jail_enabled: False
|
dns_jail_enabled: False
|
||||||
|
|
||||||
|
@ -176,25 +193,6 @@ bluetooth_term_enabled: False
|
||||||
wondershaper_install: False
|
wondershaper_install: False
|
||||||
wondershaper_enabled: False
|
wondershaper_enabled: False
|
||||||
|
|
||||||
# Intended for developers: ONLY CHANGE THESE IF YOU KNOW WHAT YOU ARE DOING
|
|
||||||
# The following 2 override the detection when not "auto"
|
|
||||||
user_wan_iface: auto
|
|
||||||
user_lan_iface: auto
|
|
||||||
|
|
||||||
# See "How do I set a static IP address?" for Ethernet, in http://FAQ.IIAB.IO
|
|
||||||
# Ethernet - IF NECESSARY, CUSTOMIZE THESE 4+1 VARS IN /etc/iiab/local_vars.yml
|
|
||||||
wan_ip: dhcp # wan_ip: 192.168.1.99
|
|
||||||
wan_netmask: # wan_netmask: 255.255.255.0
|
|
||||||
wan_gateway: # wan_gateway: 192.168.1.254
|
|
||||||
# If nec wan_nameserver can override ISP-provided DNS servers via dnsmasq:
|
|
||||||
# /etc/resolv.conf dictates which backend is used for the machine itself, so
|
|
||||||
# 127.0.0.1 means you get dnsmasq (so it works right away on RaspiOS) while
|
|
||||||
# 127.0.0.53 gives you systemd-networkd (so Ubuntu itself does NOT use this
|
|
||||||
# dnsmasq-specified upstream DNS [e.g. wan_nameserver] but its LAN clients do!)
|
|
||||||
wan_nameserver: # wan_nameserver: 192.168.1.254 or 8.8.8.8 or 1.1.1.1
|
|
||||||
wan_try_dhcp_before_static_ip: True # Facilitate field updates w/ cablemodems
|
|
||||||
# Details @ roles/network/templates/network/dhcpcd.conf.j2 for /etc/dhcpcd.conf
|
|
||||||
|
|
||||||
|
|
||||||
# 1-PREP
|
# 1-PREP
|
||||||
|
|
||||||
|
|
Loading…
Add table
Add a link
Reference in a new issue