IIAB/local vars big.yml

From OLPC
< IIAB
Revision as of 08:44, 20 July 2018 by Holt (talk | contribs)
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

This IIAB XSCE content does not reflect the opinion of OLPC. These pages were created by members of a volunteer community supporting OLPC and deployments.

Below is an EXAMPLE /etc/iiab/local_vars.yml including a full suite of almost 20 Internet-in-a-Box (IIAB) server apps — to help implementers explore and remix different LMS choices and educational apps.

The latest/default version is generally here: https://github.com/iiab/iiab/blob/master/vars/local_vars_big.yml

WARNING: on small Internet-in-a-Box devices, it's common to want a "Rapid Power Off" button clickable by all users in a clinic or home. Conversely, schoolteachers commonly want to disable this Power Off button, changing the "allow_apache_sudo" flag below to "False".

COMPARE: local_vars_min.yml (~6 apps), local_vars.yml (~12 apps)

Please see FAQ.IIAB.IO, specifically: "What is local_vars.yml and how do I customize it?" 

# This is local_vars_big.yml -- copy it to local_vars.yml then...

# Put variables herein to override /opt/iiab/iiab/vars/default_vars.yml

# PLEASE READ http://wiki.iiab.io/local_vars.yml

# Orig Idea: branch github.com/xsce/xsce-local for your deployment/community


# Ansible's default timeout for "get_url:" downloads (10 seconds) often fails
download_timeout: 200

# Users and Passwords

iiab_admin_user: iiab-admin
# Obtain a password hash with:
#    python -c 'import crypt; print crypt.crypt("<plaintext>", "$6$<salt>")'
# iiab_admin_passw_hash:
admin_install: True

# Set admin_install: False if you don't want iiab_admin_user & wheel group
# auto-created in roles/iiab-admin/tasks/main.yml, thereby disabling sudo-based
# warnings on use of published passwords like pi/raspberry & iiab-admin/g0adm1n

# If admin_install: False, set iiab_admin_user (above) to an existing Linux
# user that has sudo access, so you can login to Admin Console http://box/admin

iiab_hostname: box
iiab_domain: lan

# Set to /home or /wordpress or /mediawiki or /wiki (for DokuWiki)
iiab_home_url: /home

# Raspbian requires WiFi country since March 2018.  Please set it here:
host_country_code: US
host_ssid: "Internet in a Box"
host_wifi_mode: g
host_channel: 6
hostapd_secure: False
hostapd_password: changeme

dns_jail_enabled: False

# Enables "campus access" to kiwix (3000), kalite (8008) & calibre (8010 or
# 8080) on WAN side of server. See network/templates/gateway/iiab-gen-iptables
# within github.com/iiab/iiab/blob/master/roles/
services_externally_visible: True

# Make this True if client machines should have access to WAN/Internet:
iiab_gateway_enabled: False

# Make this False to disable http://box/common/services/power_off.php button:
allow_apache_sudo: True

# Stages 3 & 4 must be run (using iiab-install or runrole) if changing these:
squid_install: True
squid_enabled: True

dansguardian_install: True
dansguardian_enabled: True

# Unmaintained as of October 2017: https://github.com/iiab/iiab/pull/382
# wondershaper_install: False
# wondershaper_enabled: False

# 1-PREP

# 2-COMMON

# 3-BASE-SERVER

# roles/mysql runs here (mandatory)

# 4-SERVER-OPTIONS

# SECURITY WARNING: See http://wiki.laptop.org/go/IIAB/Security
openvpn_install: True
openvpn_enabled: False
# The following seems necessary on CentOS:
# openvpn_cron_enabled: True
# If changing the above, remember to run "cd /opt/iiab/iiab; ./runrole openvpn"

# roles/network runs here (MANY SETTINGS ABOVE)

# PostgreSQL - auto-installed by Moodle and/or Pathagar - no need to touch!
postgresql_install: False
postgresql_enabled: False

# Unmaintained
# authserver_install: False
# authserver_enabled: False

# Common UNIX Printing System
cups_install: True
cups_enabled: True

# At Your Own Risk: take a security audit seriously before deploying this
samba_install: True
samba_enabled: False

# Show entire contents of USB sticks/drives (at http://box/usb)
iiab_usb_lib_show_all: True

# 5-XO-SERVICES

# Lesser-supported XO services need additional testing.  Please contact
# http://lists.laptop.org/pipermail/server-devel/ if you're able to help test.

# xo_services_install: False
# xo_services_enabled: False

# activity_server_install: False
# activity_server_enabled: False

# Change calibre_port from 8080 to 8010 below, if you enable idmgr
# idmgr_install: False
# idmgr_enabled: False

# ejabberd_xs_install: False
# ejabberd_xs_enabled: False

# 6-GENERIC-APPS

# WARNING: CALIBRE REQUIRES X WINDOWS / OPENGL LIBRARIES.  Consider installing
# an OS that includes a GUI (desktop) environment if you need Calibre E-Books.

calibre_install: True
calibre_enabled: True
# Try .deb upgrade of Calibre (like vars/raspbian-9.yml already does)
# calibre_via_debs: True
calibre_unstable_debs: False
# Try python x86_64 upgrade of Calibre (like vars/<most-OS's>.yml already do)
# calibre_via_python: True
# Change calibre_port to 8010 if you're using XO laptops needing above idmgr
calibre_port: 8080
# Change calibre to XYZ to add your own mnemonic URL like: http://box/XYZ
calibre_web_path: calibre  #NEEDS WORK: https://github.com/iiab/iiab/issues/529
# In addition to: http://box/books box/libros box/livres box/livros box/liv

dokuwiki_install: True
dokuwiki_enabled: True

mediawiki_install: True
mediawiki_enabled: True

elgg_install: True
elgg_enabled: True

ejabberd_install: True
ejabberd_enabled: False

nextcloud_install: True
nextcloud_enabled: True

wordpress_install: True
wordpress_enabled: True

mosquitto_install: True
mosquitto_enabled: True

nodered_install: True
nodered_enabled: True

# 7-EDU-APPS

kalite_install: True
kalite_enabled: True
kalite_cron_enabled: True

kiwix_install: True
kiwix_enabled: True

# Warning: Moodle is a serious LMS, that takes a while to install
moodle_install: True
moodle_enabled: True

# OpenStreetMap: renamed from {iiab_install, iiab_enabled} in June 2017
osm_install: True
osm_enabled: True

# Similar to Calibre, but unmaintained
pathagar_install: False
pathagar_enabled: False

# Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879
sugarizer_install: True
sugarizer_enabled: True
# sugarizer_enabled is currently IGNORED as basic Sugarizer works w/o Journal!
# https://github.com/iiab/iiab/issues/193 Subsequent "./runrole sugarizer" fail
# https://github.com/iiab/iiab/issues/240 Sugarizer 0.8 to 0.9 ongoing issues

# 8-MGMT-TOOLS

awstats_install: True
awstats_enabled: True

monit_install: True
monit_enabled: True

munin_install: True
munin_enabled: True

# Handy for maintaining tables, but DANGEROUS if not locked down
phpmyadmin_install: True
phpmyadmin_enabled: False

# Unmaintained (better to install from http://teamviewer.com)
teamviewer_install: False
teamviewer_enabled: False

vnstat_install: True
vnstat_enabled: True

# Unmaintained
# sugar_stats_install: False
# sugar_stats_enabled: False

# Unmaintained
# xovis_install: False
# xovis_enabled: False

# Unmaintained
# schooltool_install: False
# schooltool_enabled: False

# Unmaintained
# debian_schooltool_install: False
# debian_schooltool_enabled: False
Retrieved from "http://wiki.laptop.org/mediawiki/index.php?title=IIAB/local_vars_big.yml&oldid=301034"