# WARNING: DO NOT MODIFY THIS FILE. # CHANGES WILL BE LOST IF YOU DO A GIT PULL OR FETCH. # Instead put changes in local_vars.yml which is not tracked by git: # http://wiki.iiab.io/local_vars.yml # By convention we use True/False to indicate boolean constants. # Installation Constants content_base: "/library" #doc_base: "/var" doc_base: "{{ content_base }}/www" doc_root: "{{ doc_base }}/html" iiab_base: /opt/iiab iiab_dir: "{{ iiab_base }}/iiab" pip_packages_dir: "{{ iiab_base }}/pip-packages" yum_packages_dir: "{{ iiab_base }}/yum-packages" downloads_dir: "{{ iiab_base }}/downloads" iiab_download_url: http://download.iiab.io/packages # Configuration File(s) iiab_config_file: /etc/iiab/iiab.ini service_filelist: "{{ iiab_config_file }}" # The following variable may be useful in debugging disregard_network: False # use cache or error out if cache does not exist # Users and Passwords # obtain a password hash with - python -c 'import crypt; print crypt.crypt("", "$6$<salt>")' iiab_admin_user: iiab-admin iiab_admin_passw_hash: $6$xsce51$D.IrrEeLBYIuJkGDmi27pZUGOwPFp98qpl3hxMwWV4hXigFGmdSvy3s/j7tn6OnyTTLmlV7SsN0lCUAFzxSop. # Languages default_language: en language_priority: en es # Time Zone (php needs timezone to be set) local_tz: "{{ ansible_date_time.tz }}" # Read https://github.com/iiab/iiab/wiki/IIAB-Networking # Also readable offline @ http://box/info/IIAB-Networking.html # NETWORK PARAMETERS FOLLOW ACROSS THE NEXT 60 LINES, as enabled by Ansible's # NETWORK role (/opt/iiab/iiab/roles/network/*) in 4-SERVER-OPTIONS. iiab_hostname: box iiab_domain: lan lan_ip: 172.18.96.1 lan_netmask: 255.255.224.0 # Gateway mode iiab_lan_enabled: True iiab_wan_enabled: True ssh_port: 22 gui_wan: True adm_cons_force_ssl: False adm_cons_allow_downloads: False # Internal Wi-Fi Access Point # Values are used if there is an internal Wi-Fi adapter and hostapd is enabled # The platform variable adapts install to specific hardware (raspberry pi=rpi2) hostapd_enabled: True host_ssid: "Internet in a Box" host_wifi_mode: g host_channel: 6 hostapd_secure: False hostapd_password: changeme # dhcpd dhcpd_install: True dhcpd_enabled: False # named named_install: True named_enabled: True block_DNS: False # DansGuardian dansguardian_install: False dansguardian_enabled: False # Squid squid_install: False squid_enabled: False # Wonder Shaper # Unmaintained as of October 2017: https://github.com/iiab/iiab/pull/382 wondershaper_install: False wondershaper_enabled: False # Gateway and Filters gw_squid_whitelist: False gw_block_https: False iiab_gateway_enabled: True # Intended for developers user_wan_iface: auto user_lan_iface: auto wan_ip: dhcp wan_netmask: wan_gateway: wan_nameserver: exFAT_enabled: False #only change these if you know what you are doing # Parameters by Aggregate Roles # Each Role must have the following variables which are either True or False: # <role-name>_install # <role-name>_enabled # Our past convention was to install everything in all aggregates # And to enable everything in 1-PREP, 2-COMMON, and 3-BASE-SERVER # 1-PREP # Docker (lesser-supported) docker_install: False docker_enabled: False # 2-COMMON # 3-BASE-SERVER # Needed if you want http://box/common/services/power_off.php to work allow_apache_sudo: False # HTTPD role runs here. # IIAB-ADMIN role runs here. # MySQL - SEE roles/1-prep/tasks/computed_vars.yml for de facto defaults mysql_install: True mysql_enabled: True # password is fixmysql # mysql_root_password: $6$iiab51$3ICIW0CLWxxMW2a3yrHZ38ukZItD5tcadL4rWcE9D.qIGStxhh8rRsaSxoj3b.MYxI/VRDNjpzSYK/V6zkWFI0 mysql_root_password: fixmysql # PostgreSQL postgresql_install: False postgresql_enabled: False # 4-SERVER-OPTIONS # sshd sshd_enabled: True # OpenVPN vpn_presence: xscenet.net openvpn_server_port: 1194 openvpn_cron_enabled: False openvpn_install: True openvpn_enabled: False # NETWORK role runs here. # Homepage # Default to the GUI where the selection is made or override in local_vars.yml iiab_home_url: /home # You can change iiab_home_url in local_vars.yml in order to get a different # homepage. For example one of the following: (assuming they are enabled) # iiab_home_url: /home # iiab_home_url: /wordpress # iiab_home_url: /wiki - either dokuwiki or mediawiki # authserver authserver_install: False authserver_enabled: False # Common UNIX Printing System (CUPS) cups_install: True cups_enabled: False # Samba. Take a security audit seriously before deploying this. samba_install: False samba_enabled: False # usb-lib usb_lib_install: True usb_lib_enabled: True # Toggle iiab-refresh-wiki-docs scraping for offline docs (http://box/info) nodocs: False # 5-XO-SERVICES # Lesser-supported XO services need additional testing. Please contact # http://lists.laptop.org/pipermail/server-devel/ if you're able to help test. xo_services_install: False xo_services_enabled: False # activity-server activity_server_install: False activity_server_enabled: False # ejabberd-xs ejabberd_xs_install: False ejabberd_xs_enabled: False # idmgr idmgr_install: False idmgr_enables: False # 6-GENERIC-APPS # Calibre calibre_install: True calibre_enabled: False calibre_port: 8080 # DokuWiki dokuwiki_install: False dokuwiki_enabled: False # Elgg elgg_install: True elgg_enabled: False # elgg_mysql_password: $6$iiab51$jeTwnATcbaa92xo0QBTgjLBU.5aVDDrbKeNyyC99R/TAWz6pvfzj.L7lfnOVVjD78nxqT.gkNn6XZmuRV0W3o1 elgg_mysql_password: elgg4kids # ejabberd ejabberd_install: False ejabberd_enabled: False # Nextcloud nextcloud_install: True nextcloud_enabled: False # ownCloud owncloud_install: False owncloud_enabled: False # WordPress wordpress_install: True wordpress_enabled: False # 7-EDU-APPS # KA Lite kalite_install: True kalite_root: "/library/ka-lite" kalite_user: kalite kalite_password_hash: $6$<salt>$KHET0XRRsgAY.wOWyTOI3W7dyDh0ESOr48uI5vtk2xdzsU7aw0TF4ZkNuM34RmHBGMJ1fTCmOyVobo0LOhBlJ/ kalite_password: kalite kalite_server_name: kalite kalite_server_port: 8008 kalite_enabled: False kalite_cron_enabled: False # Kiwix kiwix_install: True kiwix_enabled: True kiwix_port: 3000 iiab_zim_path: /library/zims # Moodle moodle_install: False moodle_enabled: False # OpenStreetMap (OSM) osm_install: True osm_enabled: False # changed in June 2017 from: # iiab_install: True # iiab_enabled: False # Pathagar - similar to Calibre, but unmaintained pathagar_install: False pathagar_enabled: False # Sugarizer sugarizer_install: True sugarizer_enabled: False # 8-MGMT-TOOLS # AWStats -- sumarizes http access logs awstats_install: True awstats_enabled: False # Monit monit_install: False monit_enabled: False watchdog: - sshd - idmgr - ejabberd - httpd - postgresql - squid # Munin munin_install: True munin_enabled: False # Handy for maintaining tables, but DANGEROUS if not locked down phpmyadmin_install: False phpmyadmin_enabled: False # sugar-stats sugar_stats_install: False sugar_stats_enabled: False # TeamViewer - unmaintained (better to install from http://teamviewer.com) teamviewer_install: False teamviewer_enabled: False # vnStat vnstat_install: True vnstat_enabled: False # XOVis xovis_install: False xovis_enabled: False xovis_target_host: "127.0.0.1:5984" xovis_deployment_name: olpc xovis_db_name: xovis xovis_db_user: admin xovis_db_password: admin xovis_root: "/opt/xovis" xovis_backup_dir: "/library/users" xovis_chart_heading: "My School: Usage Data Visualization" # ================================================================ # Ajenti - unmaintained # ajenti_install: False # ajenti_enabled: False # RACHEL - no longer in use # rachel_install: False # rachel_enabled: False # rachel_content_found: False # #rachel_url: /rachel # rachel_doc_root: "{{ doc_root }}/modules" # SchoolTool - unmaintained # schooltool_install: False # schooltool_enabled: False # ================================================================ # Platforms - turn all off and let <OS>.yml turn on as appropriate # wide to narrow is_debuntu: False is_ubuntu: False is_debian: False is_debian_9: False is_debian_8: False is_rpi: False is_redhat: False is_fedora: False is_centos: False