IIAB/local vars.yml: Difference between revisions
No edit summary |
No edit summary |
||
(6 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
{{xsce}} |
{{xsce}} |
||
Below is an example MEDIUM-sized <code>/etc/iiab/local_vars.yml</code> including a suite of about a dozen Internet-in-a-Box (IIAB) server apps — that have been well-tested on Raspberry Pi 3 and similar computers. |
|||
The latest/default version is generally here: https://github.com/iiab/iiab/blob/master/vars/local_vars_medium.yml |
|||
<br> |
|||
(Compare: MIN-sized with [[../local_vars_min.yml|local_vars_min.yml]] with ~6 apps, and BIG-sized with [[../local_vars_big.yml|local_vars_big.yml]] ~20 apps) |
|||
Please see [http://faq.iiab.io FAQ.IIAB.IO], specifically: [[../FAQ#What_is_local_vars.yml_and_how_do_I_customize_it.3F|"What is local_vars.yml and how do I customize it?"]] |
Please also see [http://faq.iiab.io FAQ.IIAB.IO], specifically: '''[[../FAQ#What_is_local_vars.yml_and_how_do_I_customize_it.3F|"What is local_vars.yml and how do I customize it?"]]''' |
||
WARNING: on small Internet-in-a-Box devices, it's common to want a [[IIAB/FAQ#Is_a_.22Rapid_Power_Off.22_button_possible_for_low-electricity_environments.3F|"Rapid Power Off" button]] clickable by '''''all''''' users in a clinic or home. Conversely, schoolteachers commonly want to disable this Power Off button, changing the "allow_apache_sudo" flag below to "False". |
|||
Here is an example MEDIUM-sized <code>/etc/iiab/local_vars.yml</code> including a suite of about a dozen Internet-in-a-Box (IIAB) server apps — that have been well-tested on Raspberry Pi 3 and similar computers: '''https://github.com/iiab/iiab/blob/master/vars/local_vars_medium.yml''' |
|||
<pre> |
|||
# This is local_vars_medium.yml -- copy it to /etc/iiab/local_vars.yml then... |
|||
# Put variables herein to override /opt/iiab/iiab/vars/default_vars.yml |
|||
(Compare: MIN-sized with [[../local_vars_min.yml|local_vars_min.yml]] with ~6 apps, and BIG-sized with [[../local_vars_big.yml|local_vars_big.yml]] ~20 apps ...using our '''[[../FAQ#What_services_.28IIAB_apps.29_are_suggested_during_installation.3F|new comparison table]]''') |
|||
# PLEASE READ http://wiki.iiab.io/local_vars.yml |
|||
# Orig Idea: branch github.com/xsce/xsce-local for your deployment/community |
|||
WARNING: on small Internet-in-a-Box devices, it's common to want a [[IIAB/FAQ#Is_a_.22Rapid_Power_Off.22_button_possible_for_low-electricity_environments.3F|"Rapid Power Off" button]] clickable by '''''all''''' users in a clinic or home. Conversely, schoolteachers commonly want to disable this Power Off button, changing the "allow_apache_sudo" flag to "False". |
|||
# Ansible's default timeout for "get_url:" downloads (10 seconds) often fails |
|||
download_timeout: 200 |
|||
# Users and Passwords |
|||
iiab_admin_user: iiab-admin |
|||
# Obtain a password hash with: |
|||
# python -c 'import crypt; print crypt.crypt("<plaintext>", "$6$<salt>")' |
|||
# iiab_admin_passw_hash: |
|||
admin_install: True |
|||
# Set admin_install: False if you don't want iiab_admin_user & wheel group |
|||
# auto-created in roles/iiab-admin/tasks/main.yml, thereby disabling sudo-based |
|||
# warnings on use of published passwords like pi/raspberry & iiab-admin/g0adm1n |
|||
# If admin_install: False, set iiab_admin_user (above) to an existing Linux |
|||
# user that has sudo access, so you can login to Admin Console http://box/admin |
|||
iiab_hostname: box |
|||
iiab_domain: lan |
|||
# Set to /home or /wordpress or /mediawiki or /wiki (for DokuWiki) |
|||
iiab_home_url: /home |
|||
# Raspbian requires WiFi country since March 2018. Please set it here: |
|||
host_country_code: US |
|||
host_ssid: "Internet in a Box" |
|||
host_wifi_mode: g |
|||
host_channel: 6 |
|||
hostapd_secure: False |
|||
hostapd_password: changeme |
|||
# Enables "campus access" to kiwix (3000), kalite (8008) & calibre (8010 or |
|||
# 8080) on WAN side of server. See network/templates/gateway/iiab-gen-iptables |
|||
# within github.com/iiab/iiab/blob/master/roles/ |
|||
services_externally_visible: True |
|||
# Make this True if client machines should have access to WAN/Internet: |
|||
iiab_gateway_enabled: False |
|||
# dnsmasq |
|||
dnsmasq_install: True |
|||
dnsmasq_enabled: False |
|||
# Enable AFTER installing IIAB! Then run "cd /opt/iiab/iiab; ./iiab-network" |
|||
dns_jail_enabled: False |
|||
# Simple python Captive Portal, that @m-anish & @jvonau are experimenting with in July 2018: github.com/iiab/iiab/pull/870 |
|||
py_captive_portal_install: True |
|||
py_captive_portal_enabled: False |
|||
# Stages 3 & 4 must be run (using iiab-install or runrole) if changing these: |
|||
squid_install: False |
|||
squid_enabled: False |
|||
dansguardian_install: False |
|||
dansguardian_enabled: False |
|||
# Unmaintained as of October 2017: https://github.com/iiab/iiab/pull/382 |
|||
# wondershaper_install: False |
|||
# wondershaper_enabled: False |
|||
# 1-PREP |
|||
# 2-COMMON |
|||
# 3-BASE-SERVER |
|||
# Make this False to disable http://box/common/services/power_off.php button: |
|||
allow_apache_sudo: True |
|||
# roles/mysql runs here (mandatory) |
|||
# 4-SERVER-OPTIONS |
|||
# SECURITY WARNING: See http://wiki.laptop.org/go/IIAB/Security |
|||
openvpn_install: True |
|||
openvpn_enabled: False |
|||
# Set /etc/iiab/openvpn_handle in advance here: |
|||
openvpn_handle: "" |
|||
# The following seems necessary on CentOS: |
|||
# openvpn_cron_enabled: True |
|||
# roles/network runs here (MANY SETTINGS ABOVE) |
|||
# PostgreSQL - auto-installed by Moodle and/or Pathagar - no need to touch! |
|||
postgresql_install: False |
|||
postgresql_enabled: False |
|||
# Unmaintained |
|||
# authserver_install: False |
|||
# authserver_enabled: False |
|||
# Common UNIX Printing System |
|||
cups_install: True |
|||
cups_enabled: False |
|||
# At Your Own Risk: take a security audit seriously before deploying this |
|||
samba_install: False |
|||
samba_enabled: False |
|||
# Show entire contents of USB sticks/drives (at http://box/usb) |
|||
iiab_usb_lib_show_all: True |
|||
# 5-XO-SERVICES |
|||
# Lesser-supported XO services need additional testing. Please contact |
|||
# http://lists.laptop.org/pipermail/server-devel/ if you're able to help test. |
|||
# xo_services_install: False |
|||
# xo_services_enabled: False |
|||
# activity_server_install: False |
|||
# activity_server_enabled: False |
|||
# Change calibre_port from 8080 to 8010 below, if you enable idmgr |
|||
# idmgr_install: False |
|||
# idmgr_enabled: False |
|||
# ejabberd_xs_install: False |
|||
# ejabberd_xs_enabled: False |
|||
# 6-GENERIC-APPS |
|||
# WARNING: CALIBRE REQUIRES X WINDOWS / OPENGL LIBRARIES. Consider installing |
|||
# an OS that includes a GUI (desktop) environment if you need Calibre E-Books. |
|||
calibre_install: True |
|||
calibre_enabled: True |
|||
# Try .deb upgrade of Calibre (like vars/raspbian-9.yml already does) |
|||
# calibre_via_debs: True |
|||
calibre_unstable_debs: False |
|||
# Try python x86_64 upgrade of Calibre (like vars/<most-OS's>.yml already do) |
|||
# calibre_via_python: True |
|||
# Change calibre_port to 8010 if you're using XO laptops needing above idmgr |
|||
calibre_port: 8080 |
|||
# Change calibre to XYZ to add your own mnemonic URL like: http://box/XYZ |
|||
calibre_web_path: calibre #NEEDS WORK: https://github.com/iiab/iiab/issues/529 |
|||
# In addition to: http://box/books box/libros box/livres box/livros box/liv |
|||
dokuwiki_install: False |
|||
dokuwiki_enabled: False |
|||
mediawiki_install: False |
|||
mediawiki_enabled: False |
|||
elgg_install: True |
|||
elgg_enabled: True |
|||
ejabberd_install: False |
|||
ejabberd_enabled: False |
|||
nextcloud_install: True |
|||
nextcloud_enabled: True |
|||
wordpress_install: True |
|||
wordpress_enabled: True |
|||
# 7-EDU-APPS |
|||
kalite_install: True |
|||
kalite_enabled: True |
|||
# Unused in 2018; but remains as placeholder for Fedora 18 legacy (XO laptops) |
|||
kalite_cron_enabled: True |
|||
kolibri_install: False |
|||
kolibri_enabled: False |
|||
kiwix_install: True |
|||
kiwix_enabled: True |
|||
# Warning: Moodle is a serious LMS, that takes a while to install |
|||
moodle_install: False |
|||
moodle_enabled: False |
|||
# OpenStreetMap: renamed from {iiab_install, iiab_enabled} in June 2017 |
|||
osm_install: True |
|||
osm_enabled: True |
|||
# Similar to Calibre, but unmaintained |
|||
pathagar_install: False |
|||
pathagar_enabled: False |
|||
# Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879 |
|||
# Sugarizer 1.0.1+ strategies to solve? github.com/iiab/iiab/pull/957 |
|||
sugarizer_install: True |
|||
sugarizer_enabled: True |
|||
# 8-MGMT-TOOLS |
|||
awstats_install: True |
|||
awstats_enabled: True |
|||
monit_install: False |
|||
monit_enabled: False |
|||
munin_install: True |
|||
munin_enabled: True |
|||
# Handy for maintaining tables, but DANGEROUS if not locked down |
|||
phpmyadmin_install: False |
|||
phpmyadmin_enabled: False |
|||
# Unmaintained (better to install from http://teamviewer.com) |
|||
teamviewer_install: False |
|||
teamviewer_enabled: False |
|||
vnstat_install: True |
|||
vnstat_enabled: True |
|||
# Unmaintained |
|||
# sugar_stats_install: False |
|||
# sugar_stats_enabled: False |
|||
# Unmaintained |
|||
# xovis_install: False |
|||
# xovis_enabled: False |
|||
# Unmaintained |
|||
# schooltool_install: False |
|||
# schooltool_enabled: False |
|||
# Unmaintained |
|||
# debian_schooltool_install: False |
|||
# debian_schooltool_enabled: False |
|||
</pre> |
Latest revision as of 18:03, 22 April 2019
This IIAB XSCE content does not reflect the opinion of OLPC. These pages were created by members of a volunteer community supporting OLPC and deployments.
Please also see FAQ.IIAB.IO, specifically: "What is local_vars.yml and how do I customize it?"
Here is an example MEDIUM-sized /etc/iiab/local_vars.yml
including a suite of about a dozen Internet-in-a-Box (IIAB) server apps — that have been well-tested on Raspberry Pi 3 and similar computers: https://github.com/iiab/iiab/blob/master/vars/local_vars_medium.yml
(Compare: MIN-sized with local_vars_min.yml with ~6 apps, and BIG-sized with local_vars_big.yml ~20 apps ...using our new comparison table)
WARNING: on small Internet-in-a-Box devices, it's common to want a "Rapid Power Off" button clickable by all users in a clinic or home. Conversely, schoolteachers commonly want to disable this Power Off button, changing the "allow_apache_sudo" flag to "False".