IIAB/local vars min.yml

From OLPC
< IIAB
Revision as of 12:50, 9 October 2017 by Holt (talk | contribs)
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

This IIAB XSCE content does not reflect the opinion of OLPC. These pages were created by members of a volunteer community supporting OLPC and deployments.

Below is an EXAMPLE /opt/iiab/iiab/vars/local_vars.yml including a very basic suite of a half-dozen Internet-in-a-Box (IIAB) server apps — to enable a rapid and compact install, e.g. on Raspberry Pi 3 and similar computers.

WARNING: on small Internet-in-a-Box devices, it's common to want a "Rapid Power Off" button clickable by all users in a clinic or home. Conversely, schoolteachers commonly want to disable this Power Off button, changing the "allow_apache_sudo" flag below to "False".

COMPARE: local_vars.yml (~12 apps), local_vars_big.yml (~20 apps)

Please see FAQ.IIAB.IO, specifically: "What is local_vars.yml and how do I customize it?" 

# Put variables here to override /opt/iiab/iiab/vars/default_vars.yml

# PLEASE READ http://wiki.laptop.org/go/IIAB/local_vars.yml
# SEE EXAMPLE http://download.iiab.io/6.4/rpi/local_vars_big.yml
# SEE EXAMPLE http://download.iiab.io/6.4/rpi/local_vars_min.yml

# Original Idea: branch github.com/xsce/xsce-local for your deployment

iiab_admin_user: iiab-admin

# Obtain a password hash with: python -c 'import crypt; print crypt.crypt("<plaintext>", "$6$<salt>")'
# iiab_admin_passw_hash:

iiab_hostname: box
iiab_domain: lan

iiab_home_url: /home
host_ssid: "Internet in a Box"
host_wifi_mode: g
host_channel: 6
hostapd_secure: False
hostapd_password: changeme

dns_jail_enabled: False

# Enables "campus access" to kiwix (3000), kalite (8008) & calibre (8010 or
# 8080) on WAN side of server. See network/templates/gateway/iiab-gen-iptables
# within github.com/iiab/iiab/blob/master/roles/
services_externally_visible: True

# Make this True if client machines should have access to WAN/Internet:
iiab_gateway_enabled: False

# Make this False to disable http://box/common/services/power_off.php button:
allow_apache_sudo: True

# 3-BASE

squid_install: False
squid_enabled: False

dansguardian_install: False
dansguardian_enabled: False

wondershaper_install: False
wondershaper_enabled: False

# 4-SERVER-OPTIONS

# SECURITY WARNING: See http://wiki.laptop.org/go/IIAB/Security
openvpn_install: True
openvpn_enabled: False
# The following seems necessary on CentOS:
# openvpn_cron_enabled: True
# If changing the above, remember to run "cd /opt/iiab/iiab; ./runtags openvpn"

# WARNING: Josh Dennis [April 2017] warned that CUPS printing can block Ansible
cups_install: False
cups_enabled: False

# At Your Own Risk: take a security audit seriously before deploying this
samba_install: False
samba_enabled: False

# Handy for maintaining tables, but DANGEROUS if not locked down
phpmyadmin_install: False
phpmyadmin_enabled: False

# 5-XO-SERVICES

# Lesser-supported XO services need additional testing.  Please uncomment
# the line containing 5-xo-services within /opt/iiab/iiab/iiab.yml and contact
# http://lists.laptop.org/pipermail/server-devel/ if you're able to help test.

# authserver_install: False
# authserver_enabled: False

# activity_server_install: False
# activity_server_enabled: False

# Change calibre_port from 8080 to 8010 below, if you enable idmgr
# idmgr_install: False
# idmgr_enabled: False

# ejabberd_install: False
# ejabberd_enabled: False

# xo_services_install: False
# xo_services_enabled: False

# sugar_stats_install: False
# sugar_stats_enabled: False

# xovis_install: False
# xovis_enabled: False

# 6-GENERIC-APPS

nextcloud_install: False
nextcloud_enabled: False

wordpress_install: False
wordpress_enabled: False

elgg_install: False
elgg_enabled: False

dokuwiki_install: False
dokuwiki_enabled: False

# 7-EDU-APPS

# OpenStreetMap: renamed from {iiab_install, iiab_enabled} in June 2017
osm_install: False
osm_enabled: False

kiwix_serve_install: True
kiwix_serve_enabled: True

kalite_install: True
kalite_enabled: True
kalite_cron_enabled: True

# Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879
sugarizer_install: False
sugarizer_enabled: False
# sugarizer_enabled is currently IGNORED as basic Sugarizer works w/o Journal!
# https://github.com/iiab/iiab/issues/193 Subsequent "./runtags sugarizer" fail
# https://github.com/iiab/iiab/issues/240 Sugarizer 0.8 to 0.9 ongoing issues

calibre_install: False
calibre_enabled: False
# Change calibre_port to 8010 if you're using XO laptops needing above idmgr
calibre_port: 8080

# Similar to Calibre, but unmaintained
pathagar_install: False
pathagar_enabled: False

# Warning: Moodle is a serious LMS, that takes a while to install
moodle_install: False
moodle_enabled: False

# 8-MGMT-TOOLS

munin_install: True
munin_enabled: True

vnstat_install: True
vnstat_enabled: True

awstats_install: True
awstats_enabled: True

monit_install: False
monit_enabled: False

# Unmaintained
# schooltool_install: False
# schooltool_enabled: False

# Unmaintained
# debian_schooltool_install: False
# debian_schooltool_enabled: False
Retrieved from "http://wiki.laptop.org/mediawiki/index.php?title=IIAB/local_vars_min.yml&oldid=300428"