123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248 |
- {
- -- A new node's name will be autogenerated from
- -- it's primary MAC address and this prefix.
- -- e.g. freifunk-0123456789ab
- hostname_prefix = 'freifunk',
- -- name of this site
- -- site_name = 'Freifunk Hochstift - ${site}',
- site_name = '%SN',
- -- short name of this site
- -- site_code = 'ffho_${un-code}'
- site_code = '%SC',
- -- 32 bytes of random data, encoded in hexadecimal, used to seed other
- -- random values specific to the mesh domain. It must be the same for all
- -- nodes of one mesh, but should be different for firmwares that are not
- -- supposed to mesh with each other.
- -- TODO: Must be set individual by any domain
- domain_seed = '%DS',
- -- v4 and v6 prefixes in which nodes+clients might get an IP
- prefix4 = '%V4',
- prefix6 = '2a03:2260:2342:%V6::/64',
- -- timezone
- timezone = 'CET-1CEST,M3.5.0,M10.5.0/3', -- Europe/Berlin
- -- network-internal ntp service
- ntp_servers = {'ntp.srv.in.ffho.net'},
- -- OpenWRT Package Repository (IPv6 capable)
- opkg = {
- lede = 'http://firmware.srv.in.ffho.net/lede/packages-%v/%A',
- extra = {
- gluon = 'http://firmware.srv.in.ffho.net/%GR/modules/%S',
- },
- },
- -- regulatory domain of your wifi
- regdom = 'DE',
- mesh = {
- -- for now, we don't use vxlan on the mesh
- vxlan = false,
- },
- -- wifi settings (2.4 GHz and 5 GHz)
- -- ap.ssid = 'hochstift.freifunk.net/${kürzel}',
- -- mesh.id = 'ffho-mesh-${group-name}',
- wifi24 = {
- channel = 1,
- supported_rates = {6000, 9000, 12000, 18000, 24000, 36000, 48000, 54000},
- basic_rate = {6000, 9000, 18000, 36000, 54000},
- ap = {
- ssid = '%SS',
- },
- mesh = {
- id = 'ffho-mesh-%GN',
- mcast_rate = 12000,
- },
- },
- wifi5 = {
- channel = 44,
- ap = {
- ssid = '%SS',
- },
- mesh = {
- id = 'ffho-mesh-%GN',
- mcast_rate = 12000,
- },
- },
- -- IP address of each router
- -- At this IP a client can always connect to its
- -- currently connected node. Both v4 and v6 addr.
- -- must lie in the above prefix4 and prefix6.
- next_node = {
- ip4 = '%N4',
- ip6 = '2a03:2260:2342:%V6::1',
- name = { 'node.ffho.net' },
- -- mac address, must be unique in the client network
- -- (usually, you don't need to change this)
- mac = 'f2:ff:ff:%ID:ff:ff',
- },
- mesh_vpn = {
- -- the maximum transfer unit
- mtu = 1406,
- -- fastd (vpn) settings
- fastd = {
- -- cipher(s) to use
- methods = {'salsa2012+umac'},
- groups = {
- backbone = {
- -- specifies how many servers are contacted
- -- by a client simultanously
- limit = 1,
- -- list all available vpn servers
- peers = {
- gw01 = {
- -- public fastd key of the vpn server
- key = '97bc56ae561f67cfe15364134868c3553b5f1eab06f7bd9c5b93fbf280a52b51',
- -- remotes is an array of ways on how to reach the VPN server
- -- Use public addresses here, these addresses are used when the mesh might not be connected yet.
- -- format: '[|ipv4|ipv6] "hostname-or-ip-address" port 10000'
- remotes = {
- '"gw01.ffho.net" port 100%ID',
- 'ipv6 "2001:830:c:9::12" port 100%ID',
- 'ipv4 "80.242.130.70" port 100%ID',
- },
- },
- gw02 = {
- key = 'e8fa9bf402fd33dd1ba804a97f2e46c704423ff49e9c55312845a7bfb93121ad',
- remotes = {
- '"gw02.ffho.net" port 100%ID',
- 'ipv6 "2a01:4f8:190:6500::18:1" port 100%ID',
- 'ipv4 "78.46.242.24" port 100%ID',
- },
- },
- gw03 = {
- key = '629b2742922f068ef49558283aea4b75c1427d8cdd3fcd2dbd7c00880547d3b3',
- remotes = {
- '"gw03.ffho.net" port 100%ID',
- 'ipv6 "2a00:13c8:1000:2::165" port 100%ID',
- 'ipv4 "185.46.137.165" port 100%ID',
- },
- },
- gw04 = {
- key = 'cf3855e5fa04e4c04a294cb6e8902f91c7ff7ef82bf031cc842a2b79b936677c',
- remotes = {
- '"gw04.ffho.net" port 100%ID',
- 'ipv6 "2a02:450:1::22" port 100%ID',
- 'ipv4 "80.70.181.63" port 100%ID',
- },
- },
- gw05 = {
- key = 'd0d32a2f536a0fc1f0c848e6da15bd96851d5ff4fdf9239c830bab033ddcec1a',
- remotes = {
- '"gw05.ffho.net" port 100%ID',
- 'ipv6 "2001:638:502:1884::ff15" port 100%ID',
- 'ipv4 "192.26.175.183" port 100%ID',
- },
- },
- gw06 = {
- key = '88b570c4cc811259b7c4106943098c9bee1126d692ddacedd23cd48efc28b0bf',
- remotes = {
- '"gw06.ffho.net" port 100%ID',
- 'ipv6 "2a02:cbf4:102::22" port 100%ID',
- 'ipv4 "213.131.234.22" port 100%ID',
- },
- },
- },
- },
- },
- },
- -- default traffic shaping (bandwidth limit) settings
- bandwidth_limit = {
- enabled = false,
- egress = 500,
- ingress = 4000,
- },
- },
- -- configure the autoupdater
- autoupdater = {
- -- default branch for a firmware without enabled autoupdater
- branch = 'stable',
- -- available branches for the autoupdater
- branches = {
- stable = {
- -- visible name of this branch (why not use the internal identifier here, too)
- name = 'stable',
- -- where to get the manifest file (without the trailing /manifest)
- -- It's wise to use an internal address here,
- -- but specifying a publicly available update site does not hurt.
- mirrors = {'http://firmware.srv.in.ffho.net/%SC/stable/sysupgrade', 'http://[2a03:2260:2342:f251::6]/%SC/stable/sysupgrade'},
- -- Number of valid manifest signatures necessary to accept the manifest as "good".
- good_signatures = 3,
- -- list of public keys which are considered "good" for manifest signatures
- pubkeys = {
- 'ba2e6ff4de41ade9959702195d4c26c764e7aab85c627363681c29dbc4a8a2c5', -- oscar-
- 'fb9d6beba63dcb6175d0248c1e743b5fe4359474eb264d27f389d7a962e24477', -- northalpha
- 'f70f9ddeb307fff8fca31a76f4fbd0ac676dab8ad143625f0a4160d434d72876', -- Barbarossa
- '88d25b1abafe262cd3653ed573b9917eee48a62ceb30e405c051b0ea320c382f', -- KnicklichtJedi
- '39ef16b1853e54249dae2d06948329a93e3e13f354aaab792552aacd1d0b45ba', -- phimeas
- },
- },
- testing = {
- name = 'testing',
- mirrors = {'http://firmware.srv.in.ffho.net/%SC/testing/sysupgrade', 'http://[2a03:2260:2342:f251::6]/%SC/testing/sysupgrade'},
- good_signatures = 2,
- pubkeys = {
- 'ba2e6ff4de41ade9959702195d4c26c764e7aab85c627363681c29dbc4a8a2c5', -- oscar-
- 'fb9d6beba63dcb6175d0248c1e743b5fe4359474eb264d27f389d7a962e24477', -- northalpha
- 'f70f9ddeb307fff8fca31a76f4fbd0ac676dab8ad143625f0a4160d434d72876', -- Barbarossa
- '88d25b1abafe262cd3653ed573b9917eee48a62ceb30e405c051b0ea320c382f', -- KnicklichtJedi
- '39ef16b1853e54249dae2d06948329a93e3e13f354aaab792552aacd1d0b45ba', -- phimeas
- },
- },
- experimental = {
- name = 'experimental',
- mirrors = {'http://firmware.srv.in.ffho.net/%SC/experimental/sysupgrade', 'http://[2a03:2260:2342:f251::6]/%SC/experimental/sysupgrade'},
- good_signatures = 1,
- pubkeys = {
- 'ba2e6ff4de41ade9959702195d4c26c764e7aab85c627363681c29dbc4a8a2c5', -- oscar-
- 'fb9d6beba63dcb6175d0248c1e743b5fe4359474eb264d27f389d7a962e24477', -- northalpha
- 'f70f9ddeb307fff8fca31a76f4fbd0ac676dab8ad143625f0a4160d434d72876', -- Barbarossa
- '88d25b1abafe262cd3653ed573b9917eee48a62ceb30e405c051b0ea320c382f', -- KnicklichtJedi
- '39ef16b1853e54249dae2d06948329a93e3e13f354aaab792552aacd1d0b45ba', -- phimeas
- },
- },
- },
- },
- config_mode = {
- -- Show/hide the altitude field
- geo_location = {
- show_altitude = false,
- osm = {
- center = {
- lat = 51.695543946,
- lon = 8.958663940,
- },
- zoom = 11,
- },
- },
- -- define if the contact field is obligatory (optional)
- owner = {
- obligatory = false,
- },
- },
- -- configure DNS forwarding
- dns = {
- servers = { '2a03:2260:2342:f251::53' },
- },
- }
|