Skip to content
Snippets Groups Projects
Normal view Permalink
site.conf 8.73 KiB
Newer Older
  • Learn to ignore specific revisions
    • Nils Schneider's avatar
    docs: add site-example
    Nils Schneider committed
    1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 
    --[[	gluon site.conf example

		This file is loosely related to the original site.conf used in Lübeck.
		There are comments added to most switches to explain the usage of gluon.

	This is lua code now, not perl anymore.

	Happy compiling!
]]

{
	--[[	Community settings
	hostname_prefix:	Nodename prefix
		freifunk-abcdef123456 (hex-part is generated from node's MAC address)
	site_name:			Name of your community
	site_code:			Shortcode of your community
	]]
	hostname_prefix = 'freifunk',
	site_name = 'Freifunk Lübeck',
	site_code = 'ffhl',


	--[[	General network settings
	prefix4:			IPv4 range of your community
	prefix6:			IPv6 range of your community
		is also required for radvd
	]]
	prefix4 = '10.130.0.0/20',
	prefix6 = 'fdef:ffc0:3dd7::/64',


	--[[	NTP settings
			Synchronize the time of the nodes
	timezone:			Timezone of your community
		http://wiki.openwrt.org/doc/uci/system#time.zones
	ntp_servers:		List of NTP-Servers to query. You can use any public and/or your private NTP-Servers of your community.
		http://www.pool.ntp.org/zone/de
	 ]]
	timezone = 'CET-1CEST,M3.5.0,M10.5.0/3',
	ntp_servers = {'1.ntp.services.ffhl'},


	--[[	Wireless settings
	regdom:			IEEE 802.11 Regulatory Domain
		http://en.wikipedia.org/wiki/IEEE_802.11#Regulatory_domains_and_legal_compliance
	wifi24:			Wifi settings for 2.4 GHz frequency devices
	wifi5:			Wifi settings for 5 GHz frequency devices
		sub
	ssid:			Wifi name shown to the user (We recommend %site_code%.freifunk.net)
	channel:		Wifi channel to use
	htmode:			Specifies the channel width in 802.11n and 802.11ac mode, possible values are:
						HT20 (single 20MHz channel),
						HT40- (2x 20MHz channels, primary/control channel is upper, secondary channel is below)
						HT40+ (2x 20MHz channels, primary/control channel is lower, secondary channel is above).
						VHT20 / VHT40 / VHT80 / VHT160 (channel width in 802.11ac, extra channels are picked according to the specification)
		http://wiki.openwrt.org/doc/uci/wireless#common.options (-> htmode)
	mesh_ssid:		SSID of the mesh-interface, only used between nodes
	mesh_bssid:		BSSID of the mesh-interface
	                        The supplied default of ff:ff:ff:ff:ff:ff will not work.
	                        You'll need to replace it with randomly generated, non-broadcast BSSID!
	mesh_mcast_rate:	multicast rate of the mesh-interface
	]]
	regdom = 'DE',

	wifi24 = {
		ssid = 'luebeck.freifunk.net',
		channel = 1,
		htmode = 'HT40+',
		mesh_ssid = 'ff:ff:ff:ff:ff:ff',
		mesh_bssid = 'ff:ff:ff:ff:ff:ff',
		mesh_mcast_rate = 12000,
	},

	wifi5 = {
		ssid = 'luebeck.freifunk.net',
		channel = 44,
		htmode = 'HT40+',
		mesh_ssid = 'ff:ff:ff:ff:ff:ff',
		mesh_bssid = 'ff:ff:ff:ff:ff:ff',
		mesh_mcast_rate = 12000,
	},


	--[[	Next-Node
	next_node:		Howto reach the node you are currently connected to
			The node will always be reachable at that address, and it's the same on all nodes. Because next_node packets are redirected within the node itself, there will be no conflicts.
		sub
	ip4:			IPv4 Address to use
	ip6:			IPv6 Address to use
	mac:			MAC Address to use
		(TODO: What is the purpose of this MAC-Address here?)
	]]
	next_node = {
		ip4 = '10.130.0.1',
		ip6 = 'fdef:ffc0:3dd7::1',
		mac = '16:41:95:40:f7:dc',
	},


	--[[	Gateway settings
	fastd_mesh_vpn:	fastd vpn settings
		https://projects.universe-factory.net/projects/fastd/wiki/User_manual
		sub
	methods:		encryption algorithms to use
		https://projects.universe-factory.net/projects/fastd/wiki/Methods
		When multiple method statements are given, the first one has the highest preference.
	mtu:			package size
	backbone:		fastd vpn gateways of your community
		sub
	limit:			Number of gateways each node connects to
		On startup, each node tries to connect to every gateway, and then chooses the number of 'limit' fastest gateways it could reach
	peers:			Gateways
		sub sub
	key:			public fastd key of your gateway
		https://github.com/tcatm/ecdsautils
	remotes:		List of fastd configuration strings to connect to your gateway server
	]]
	fastd_mesh_vpn = {
		methods = {'salsa2012+gmac'},
		mtu = 1426,
		backbone = {
			limit = 2,
			peers = {
				burgtor = {
					key = '657af03e36ff1b8bbe5a5134982a4f110c8523a9a63293870caf548916a95a03',
					remotes = {'ipv4 "burgtor.mesh.ffhl.chaotikum.org" port 10000'},
				},
				holstentor = {
					key = '8c660f7511bf101ea1b599fe53af20e1146cd923c9e9d2a3a0d534ee75af9067',
					remotes = {'ipv4 "holstentor.mesh.ffhl.chaotikum.org" port 10000'},
				},
				huextertor = {
					key = 'a1b124f43eae4f5929850c09cda825ef35d659e3db4d7746e3d97627e9fa7238',
					remotes = {'ipv4 "huextertor.mesh.ffhl.chaotikum.org" port 10000'},
				},
				muehlentor = {
					key = 'bd4ec3cf87bb0042eed2fa121fbc402154d28fb1ae9dff9cdb71bb21892f401a',
					remotes = {'ipv4 "muehlentor.mesh.ffhl.chaotikum.org" port 10000'},
				},
			},
		},
	},


	--[[	Autoupdater settings
	branch:			Automatically update to this branch
	branches:		Available branches your community is publishing
		sub sub
	name:			Name of branch (is used when compiling images)
	mirrors:		List of urls where to find the firmware
		just serve the images on port 80 via http. a simple apache file-listing is enough.
		see: http://luebeck.freifunk.net/firmware/
	probability:	How often should a node search for updates
		1.0 - perform an update every hour
		0.5 - on average, perform an update every two hours
		0.0 - inhibit any automatic updates
	good_signatures:	How many signatures should be valid so the node decides to upgrade itself
	pubkeys:		public keys by developers used in manifest file of branch
		manifest file - see gluon readme
		$ make manifest GLUON_BRANCH=mybranch
		$ contrib/sign.sh $SECRETKEY.file images/sysupgrade/manifest
	]]
	autoupdater = {
		branch = 'experimental',
		branches = {
			stable = {
				name = 'stable',
				mirrors = {'http://1.updates.services.ffhl/stable/sysupgrade'},
				probability = 0.08,
				good_signatures = 2,
				pubkeys = {
					'daa19b44bbd7033965e02088127bad9516ba0fea8f34267a777144a23ec8900c', -- Linus
					'a8dd60765b07330a4bbfdf8406102befca132881a4b65f3efda32cf2d5b362d9', -- Nils
					'323bd3285c4e5547a89cd6da1f2aef67f1654b0928bbd5b104efc9dab2156d0b', -- NeoRaider
				},
			},
			experimental = {
				-- DE: Name des "braches" wird beim erstellen von Images / update generiert
				name = 'experimental',
				mirrors = {'http://1.updates.services.ffhl/experimental/sysupgrade'},
				probability = 1.00,
				good_signatures = 2,
				good_signatures = 1,
				-- DE: Oeffentlicher Schluessel / Public Key der Entwickler
				pubkeys = {
					'496136b37e5f561dfdf523611f14e4b6bc2a745cbc1ab7daffa59fded5f202d1', -- philae
				},
			},
		},
	},


	--[[	Simple TC settings to limit the bandwidth of the vpn-uplink
	mesh_vpn:
		sub
	ifname:		name of the interface/bridge
	enabled:	default-value
	limit_egress:	default-value
	limit_ingress:	default-value
	]]
	simple_tc = {
		mesh_vpn = {
			ifname = 'mesh-vpn',
			enabled = false,
			limit_egress = 200,
			limit_ingress = 3000,
		},
	},


	--[[	Config Mode settings
		Text shown on local website on node while in config mode (after initial flashing or after a long press and hold on the primary button and reboot). You can use html here.
	msg_welcome:		Welcome message shown at startup
	msg_pubkey:		Instructions for the user how your community handles the key exchange
		only shown if VPN setting is selected
	msg_reboot:		Message shown when configuration is finished while the node is rebooting.

		Variables
		Within the text given here you can use variables which are
		replaced when the respective website is delivered to the user.
		Variables must be used in the format <%=NAME%>. See msg_pubkey for an example.
	hostname		hostname of the node
	pubkey			fastd public key of the node
	sysconfig.primary_mac	the primary mac of the node, also found printed beneath the device
	... other sysconfig.* variables: config_ifname, lan_ifname, wan_ifname
	]]
	config_mode = {
		msg_welcome = [[
Willkommen zum Einrichtungsassistenten für deinen neuen Lübecker
Freifunk-Knoten. Fülle das folgende Formular deinen Vorstellungen
entsprechend aus und sende es ab.
]],
		msg_pubkey = [[
Dies ist der öffentliche Schlüssel deines Freifunk-Knotens. Erst nachdem
er auf den Servern des Lübecker Freifunk-Projektes eingetragen wurde,
kann sich dein Knoten mit dem Lübecker Mesh-VPN zu verbinden. Bitte
schicke dazu diesen Schlüssel und den Namen deines Knotens
(<em><%=hostname%></em>) an
<a href="mailto:keys@luebeck.freifunk.net">keys@luebeck.freifunk.net</a>.
]],
		msg_reboot = [[
<p>
Dein Knoten startet gerade neu und wird anschließend versuchen,
sich anschließend mit anderen Freifunk-Knoten in seiner Nähe zu
verbinden. Weitere Informationen zur
Lübecker Freifunk-Community findest du auf
<a href="https://luebeck.freifunk.net/">unserer Webseite</a>.
</p>
<p>
Viel Spaß mit deinem Knoten und der Erkundung von Freifunk!
</p>
]],
	},
}

    Impressum - Datenschutz