{ -- A new node's name will be autogenerated from -- it's primary MAC address and this prefix. -- e.g. freifunk-0123456789ab hostname_prefix = 'freifunk', -- name of this site -- site_name = 'Freifunk Hochstift - ${site}', site_name = 'Bitte wählen', -- short name of this site -- site_code = 'ffho_${un-code}' site_code = 'ffho', -- v4 and v6 prefixes in which nodes+clients might get an IP prefix4 = '10.132.0.0/18', prefix6 = 'fdca:ffee:ff12:132::/64', -- extra ipv6 prefixes used in this mesh area additional_prefix6 = { '2001:470:6d:860::/64', '2a03:2260:2342:2300::/64', }, -- timezone timezone = 'CET-1CEST,M3.5.0,M10.5.0/3', -- Europe/Berlin -- network-internal ntp service ntp_servers = {'ntp.in.ffho.net'}, -- OpenWRT Package Repository (IPv6 capable) opkg_repo = 'http://openwrt.draic.info/%n/%v/%S/packages', -- regulatory domain of your wifi regdom = 'DE', -- wifi settings (2.4 GHz and 5 GHz) -- ssid = 'hochstift.freifunk.net/${kürzel}', -- mesh_ssid = 'ffho-mesh-${un-code}', -- mesh_bssid = '${idividual-mac}' wifi24 = { ssid = 'paderborn.freifunk.net', channel = 1, htmode = 'HT20', mesh_ssid = '02:d1:11:13:87:ad', mesh_bssid = '02:d1:11:13:87:ad', mesh_mcast_rate = 12000, }, wifi5 = { ssid = 'paderborn.freifunk.net', channel = 44, htmode = 'HT40+', mesh_ssid = '02:d1:11:13:87:ad', mesh_bssid = '02:d1:11:13:87:ad', mesh_mcast_rate = 12000, }, -- IP address of each router -- At this IP a client can always connect to its -- currently connected node. Both v4 and v6 addr. -- must lie in the above prefix4 and prefix6. next_node = { ip4 = '10.132.0.1', ip6 = 'fdca:ffee:ff12:132::1', -- mac address, must be unique in the client network -- (usually, you don't need to change this) mac = '16:41:95:40:f7:dc', }, -- fastd (vpn) settings fastd_mesh_vpn = { -- cipher(s) to use methods = {'salsa2012+gmac'}, -- the maximum transfer unit -- use 1426 for IPv4 gateways mtu = 1406, groups = { backbone = { -- specifies how many servers are contacted -- by a client simultanously limit = 1, -- list all available vpn servers peers = { gw01 = { -- public fastd key of the vpn server key = '97bc56ae561f67cfe15364134868c3553b5f1eab06f7bd9c5b93fbf280a52b51', -- remotes is an array of ways on how to reach the VPN server -- Use public addresses here, these addresses are used when the mesh might not be connected yet. -- format: '[|ipv4|ipv6] "hostname-or-ip-address" port 10000' remotes = { 'ipv6 "v6.gw01.paderborn.freifunk.net" port 10000', 'ipv4 "v4.gw01.paderborn.freifunk.net" port 10000', 'ipv6 "2a01:4f8:190:2105::ff12" port 10000', 'ipv4 "85.10.248.243" port 10000', }, }, gw02 = { key = 'e8fa9bf402fd33dd1ba804a97f2e46c704423ff49e9c55312845a7bfb93121ad', remotes = { 'ipv6 "v6.gw02.paderborn.freifunk.net" port 10000', 'ipv4 "v4.gw02.paderborn.freifunk.net" port 10000', 'ipv6 "2a01:4f8:190:6500::18:1" port 10000', 'ipv4 "78.46.242.24" port 10000', }, }, gw04 = { key = 'cf3855e5fa04e4c04a294cb6e8902f91c7ff7ef82bf031cc842a2b79b936677c', remotes = { 'ipv6 "v6.gw04.paderborn.freifunk.net" port 10000', 'ipv4 "v4.gw04.paderborn.freifunk.net" port 10000', 'ipv6 "2a02:450:1:4::10" port 10000', 'ipv4 "80.70.181.57" port 10000', }, }, gw05 = { key = 'd0d32a2f536a0fc1f0c848e6da15bd96851d5ff4fdf9239c830bab033ddcec1a', remotes = { 'ipv6 "v6.gw05.paderborn.freifunk.net" port 10000', 'ipv4 "v4.gw05.paderborn.freifunk.net" port 10000', 'ipv6 "2001:638:502:1884::ff05" port 10000', 'ipv4 "192.26.175.182" port 10000', }, }, gw06 = { key = 'b912bcf1c1335390364b8030448e53d8869b650f32923e59bf01d763d3028840', remotes = { 'ipv6 "v6.gw06.paderborn.freifunk.net" port 10000', 'ipv4 "v4.gw06.paderborn.freifunk.net" port 10000', 'ipv6 "2a03:4000:6:20f0::ff12" port 10000', 'ipv4 "5.45.111.222" port 10000', }, }, gw08 = { key = '3da050bbf1c3e95af286af65553f546fd563d9cb5d4b3b3444069bef281de621', remotes = { 'ipv6 "v6.gw08.paderborn.freifunk.net" port 10000', 'ipv4 "v4.gw08.paderborn.freifunk.net" port 10000', 'ipv6 "2a03:4000:6:1151::ff12" port 10000', 'ipv4 "5.45.107.59" port 10000', }, }, }, }, }, }, -- configure the autoupdater autoupdater = { enabled = 1, -- default branch for a firmware -- In config-mode, the user can select a different branch from below branch = 'stable', -- available branches for the autoupdater branches = { stable = { -- visible name of this branch (why not use the internal identifier here, too) name = 'stable', -- where to get the manifest file (without the trailing /manifest) -- It's wise to use an internal address here, -- but specifying a publicly available update site does not hurt. mirrors = {'http://[fdca:ffee:ff12:a254::80]/stable', 'http://firmware.paderborn.freifunk.net/stable'}, -- Number of valid manifest signatures necessary to accept the manifest as "good". good_signatures = 3, -- list of public keys which are considered "good" for manifest signatures pubkeys = { '16b0e942929d6592d4a01b66b334427ba4db03b388a876432958d9010bd8d8b5', -- HeJ 'b0197042824a752c2dba717a4b2ded88852111bbe12e6b5f57fdfa3abb9312c0', -- thardes2 'ba2e6ff4de41ade9959702195d4c26c764e7aab85c627363681c29dbc4a8a2c5', -- oscar- 'fb9d6beba63dcb6175d0248c1e743b5fe4359474eb264d27f389d7a962e24477', -- northalpha 'f70f9ddeb307fff8fca31a76f4fbd0ac676dab8ad143625f0a4160d434d72876', -- Barbarossa '9841dde0b9f6485d5fcdc858fb15c1db1c3bc77fb81aef3f0d4b835f76a3d73b', -- kb-light }, }, testing = { name = 'testing', mirrors = {'http://[fdca:ffee:ff12:a254::80]/testing','http://firmware.paderborn.freifunk.net/testing'}, good_signatures = 2, pubkeys = { '16b0e942929d6592d4a01b66b334427ba4db03b388a876432958d9010bd8d8b5', -- HeJ 'b0197042824a752c2dba717a4b2ded88852111bbe12e6b5f57fdfa3abb9312c0', -- thardes2 'ba2e6ff4de41ade9959702195d4c26c764e7aab85c627363681c29dbc4a8a2c5', -- oscar- 'fb9d6beba63dcb6175d0248c1e743b5fe4359474eb264d27f389d7a962e24477', -- northalpha 'f70f9ddeb307fff8fca31a76f4fbd0ac676dab8ad143625f0a4160d434d72876', -- Barbarossa '9841dde0b9f6485d5fcdc858fb15c1db1c3bc77fb81aef3f0d4b835f76a3d73b', -- kb-light }, }, experimental = { name = 'experimental', mirrors = {'http://[fdca:ffee:ff12:a254::80]/experimental','http://firmware.paderborn.freifunk.net/experimental'}, good_signatures = 1, pubkeys = { '16b0e942929d6592d4a01b66b334427ba4db03b388a876432958d9010bd8d8b5', -- HeJ 'b0197042824a752c2dba717a4b2ded88852111bbe12e6b5f57fdfa3abb9312c0', -- thardes2 'ba2e6ff4de41ade9959702195d4c26c764e7aab85c627363681c29dbc4a8a2c5', -- oscar- 'fb9d6beba63dcb6175d0248c1e743b5fe4359474eb264d27f389d7a962e24477', -- northalpha 'f70f9ddeb307fff8fca31a76f4fbd0ac676dab8ad143625f0a4160d434d72876', -- Barbarossa '9841dde0b9f6485d5fcdc858fb15c1db1c3bc77fb81aef3f0d4b835f76a3d73b', -- kb-light }, }, }, }, -- default traffic shaping (bandwidth limit) settings simple_tc = { mesh_vpn = { ifname = 'mesh-vpn', enabled = false, limit_egress = 200, limit_ingress = 3000, }, }, -- configure ffho-debug debugserver = { host = { 'debugreport.ffho.net', 'fdca:ffee:ff12:a254::deb9' }, port = 1337, liveport = 1338, }, -- enable BATMAN on WAN interface by default (requires gluon-batman-on-wan package) batman_on_wan = 0, }