hurricos/site-nwm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f630691d941b517125edca801469dd7d2c4b71ae
site-nwm/site.conf
mkennedy f630691d94 feat: fastd keys
2026-02-05 18:56:48 -05:00

205 lines
6.2 KiB
Plaintext
Raw Blame History

-- This is an example site configuration for Gluon v2023.2.3
--
-- Take a look at the documentation located at
-- https://gluon.readthedocs.io/ for details.
--
-- This configuration will not work as is. You're required to make
-- community specific changes to it!
{
-- Used for generated hostnames, e.g. freifunk-abcdef123456. (optional)
hostname_prefix = 'NWM-',
-- Name of the community.
site_name = 'Newport Downtown',
-- Shorthand of the community.
site_code = 'ffnm',
-- 32 bytes of random data, encoded in hexadecimal
-- This data must be unique among all sites and domains!
-- Can be generated using: echo $(hexdump -v -n 32 -e '1/1 "%02x"' </dev/urandom)
domain_seed = '4bcecf6410cb3a0027e0a499078462d3c732c89154d9062a4801058638fe998b',
-- Prefixes used within the mesh.
-- prefix6 is required, prefix4 can be omitted if next_node.ip4
-- is not set.
prefix4 = '10.141.0.0/20',
prefix6 = 'fd14:ac14:41ac::/64',
-- Timezone of your community.
-- See https://openwrt.org/docs/guide-user/base-system/system_configuration#time_zones
timezone = 'CEST5EDT,M3.2.0,M11.1.0',
-- List of NTP servers in your community.
-- Must be reachable using IPv6!
ntp_servers = {'1.ntp.services.ffnm'},
-- Wireless regulatory domain of your community.
regdom = 'US',
-- Wireless configuration for 2.4 GHz interfaces.
wifi24 = {
-- Wireless channel.
channel = 1,
-- ESSIDs used for client network.
ap = {
-- ssid = 'newportmesh.org', (optional - SSID for open client network)
-- disabled = true, -- (optional)
-- Configuration for a backward compatible OWE network below.
owe_ssid = 'newportmesh.org', -- (optional - SSID for OWE client network)
-- owe_transition_mode = true, -- (optional - enables transition-mode - requires ssid as well as owe_ssid)
},
mesh = {
-- Adjust these values!
id = 'uAGorAnXe', -- usually you don't want users to connect to this mesh-SSID, so use a cryptic id that no one will accidentally mistake for the client WiFi
mcast_rate = 12000,
-- disabled = true, -- (optional)
},
},
-- Wireless configuration for 5 GHz interfaces.
-- This should be equal to the 2.4 GHz variant, except
-- for channel.
wifi5 = {
channel = 44,
outdoor_chanlist = '34-173',
ap = {
-- ssid = 'newportmesh.org',
owe_ssid = 'newportmesh.org', -- (optional - SSID for OWE client network)
},
mesh = {
-- Adjust these values!
id = 'uAGorAnXe',
mcast_rate = 12000,
},
},
mesh = {
vxlan = true,
batman_adv = {
routing_algo = 'BATMAN_V',
},
},
-- The next node feature allows clients to always reach the node it is
-- connected to using a known IP address.
next_node = {
-- anycast IPs of all nodes
-- name = { 'nextnode.location.community.example.org', 'nextnode', 'nn' },
-- ip4 = '10.xxx.0.xxx',
-- ip6 = 'fdxx:xxxx:xxxx::xxxx',
},
-- Options specific to routing protocols (optional)
-- mesh = {
-- Options specific to the batman-adv routing protocol (optional)
-- batman_adv = {
-- Gateway selection class (optional)
-- The default class 20 is based on the link quality (TQ) only,
-- class 1 is calculated from both the TQ and the announced bandwidth
-- gw_sel_class = 1,
-- },
-- },
mesh_vpn = {
-- enabled = true,
fastd = {
-- Refer to https://fastd.readthedocs.io/en/latest/ to better understand
-- what these options do.
-- List of crypto-methods to use.
methods = {'salsa2012+umac'},
mtu = 1312,
-- configurable = true,
-- syslog_level = 'warn',
groups = {
backbone = {
-- Limit number of connected peers to reduce bandwidth.
limit = 1,
-- List of peers.
peers = {
hashtag = {
key = '71c13aad659612721d93c2e0d6270bea4808b16480fe4db9bfdb7248d987e48d',
-- This is a list, so you might add multiple entries.
remotes = {
'ipv4 "home.laboratoryb.org" port 10001',
'ipv4 "10.0.7.226" port 10001',
'ipv4 "204.13.45.156" port 10001',
},
},
},
-- Optional: nested peer groups
-- groups = {
-- backbone_sub = {
-- ...
-- },
-- ...
-- },
},
-- Optional: additional peer groups, possibly with other limits
-- backbone2 = {
-- ...
-- },
},
},
bandwidth_limit = {
-- The bandwidth limit can be enabled by default here.
enabled = false,
-- Default upload limit (kbit/s).
egress = 200,
-- Default download limit (kbit/s).
ingress = 3000,
},
},
autoupdater = {
-- Default branch (optional), can be overridden by setting GLUON_AUTOUPDATER_BRANCH when building.
-- Set GLUON_AUTOUPDATER_ENABLED to enable the autoupdater by default for newly installed nodes.
branch = 'stable',
-- List of branches. You may define multiple branches.
branches = {
stable = {
name = 'stable',
-- List of mirrors to fetch images from. IPv6 required!
mirrors = {'http://1.updates.services.ffhl/stable/sysupgrade'},
-- Number of good signatures required.
-- Have multiple maintainers sign your build and only
-- accept it when a sufficient number of them have
-- signed it.
good_signatures = 1,
-- List of public keys of maintainers.
pubkeys = {
'deadbeef', -- Alice
-- 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx', -- Bob
-- 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx', -- Mary
},
},
},
},
interfaces = {
lan = {
default_roles = { 'mesh' },
},
},
authorized_keys = {
'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICZ8RzFOjUf3zskY8XDoZ4lxTE9kuRaGilYqd8P6EHMe mkennedy@jafar', -- Martin's work laptop
'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPh3R8BXv9geqJMaxi134Y5hcOVZPQ/rfghjszYMFG5z hurricos@zephyr', -- Martin's personal laptop
'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJt3mcqBbHq8En7WcVau1VQQZcIFQy5VLnELlROsMxEy admin@localhost.localdomain', -- the nagios/admin server SSH key
},
}
Reference in New Issue View Git Blame Copy Permalink