site.conf

-- This is an example site configuration for Gluon v2014.4
--
-- Take a look at the documentation located at
-- http://gluon.readthedocs.org/ for details.
--
-- This configuration will not work as it. You're required to make
-- community specific changes to it!
{
  -- Used for generated hostnames, e.g. freifunk-abcdef123456.
  hostname_prefix = 'freifunk',

  -- Name of the community.
  site_name = 'Freifunk Lübeck',

  -- Shorthand of the community.
  site_code = 'ffhl',

  -- Prefixes used within the mesh. Both are required.
  prefix4 = '10.130.0.0/20',
  prefix6 = 'fdef:ffc0:3dd7::/64',

  -- Timezone of your community.
  -- See http://wiki.openwrt.org/doc/uci/system#time_zones
  timezone = 'CET-1CEST,M3.5.0,M10.5.0/3',

  -- List of NTP servers in your community.
  -- Must be reachable using IPv6!
  ntp_servers = {'1.ntp.services.ffhl'},

  -- Wireless regulatory domain of your community.
  regdom = 'DE',

  -- Wireless configuratoin for 2.4 GHz interfaces.
  wifi24 = {
    -- Wireless channel.
    channel = 1,

    -- ESSID used for client network.
    ssid = 'luebeck.freifunk.net',

    -- Specifies the channel width in 802.11n and 802.11ac mode.
    -- Possible values are:
    -- HT20 (single 20MHz channel),
    -- HT40- (2x 20MHz channels, secondary below)
    -- HT40+ (2x 20MHz channels, secondary above)
    htmode = 'HT20',

    -- Adjust these values!
    mesh_ssid = 'XX:XX:XX:XX:XX:XX',  -- ESSID used for mesh
    mesh_bssid = 'XX:XX:XX:XX:XX:XX', -- BSSID used for mesh

    -- Bitrate used for multicast/broadcast packets.
    mesh_mcast_rate = 12000,
  },

  -- Wireless configuration for 5 GHz interfaces.
  -- This should be equal to the 2.4 GHz variant, except
  -- for channel and htmode.
  wifi5 = {
    ssid = 'luebeck.freifunk.net',
    channel = 44,
    htmode = 'HT20',
    mesh_ssid = 'XX:XX:XX:XX:XX:XX',
    mesh_bssid = 'XX:XX:XX:XX:XX:XX',
    mesh_mcast_rate = 12000,
  },

  -- The next node feature allows clients to always reach the node it is
  -- connected to using a known IP address.
  next_node = {
    -- anycast IPs of all nodes
    ip4 = '10.130.0.1',
    ip6 = 'fdef:ffc0:3dd7::1',

    -- anycast MAC of all nodes
    mac = '16:41:95:40:f7:dc',
  },

  -- Refer to http://fastd.readthedocs.org/en/latest/ to better understand
  -- what these options do.
  fastd_mesh_vpn = {
    -- List of crypto-methods to use.
    methods = {'salsa2012+gmac'},
    mtu = 1426,
    backbone = {
      -- Limit number of connected peers to reduce bandwidth.
      limit = 2,

      -- List of peers.
      peers = {
        burgtor = {
          key = '657af03e36ff1b8bbe5a5134982a4f110c8523a9a63293870caf548916a95a03',

          -- This is a list, so you might add multiple entries.
          remotes = {'ipv4 "burgtor.mesh.ffhl.chaotikum.org" port 10000'},
        },
        holstentor = {
          key = '8c660f7511bf101ea1b599fe53af20e1146cd923c9e9d2a3a0d534ee75af9067',
          remotes = {'ipv4 "holstentor.mesh.ffhl.chaotikum.org" port 10000'},
        },
      },
    },
  },

  autoupdater = {
    -- Default branch. Don't forget to set GLUON_BRANCH when building!
    branch = 'stable',

    -- List of branches. You may define multiple branches.
    branches = {
      stable = {
        name = 'stable',

        -- List of mirrors to fetch images from. IPv6 required!
        mirrors = {'http://1.updates.services.ffhl/stable/sysupgrade'},

        -- Number of good signatures required.
        -- Have multiple maintainers sign your build and only
        -- accept it when a sufficient number of them have
        -- signed it.
        good_signatures = 2,

        -- List of public keys of maintainers.
        pubkeys = {
                'daa19b44bbd7033965e02088127bad9516ba0fea8f34267a777144a23ec8900c', -- Linus
                'a8dd60765b07330a4bbfdf8406102befca132881a4b65f3efda32cf2d5b362d9', -- Nils
                '323bd3285c4e5547a89cd6da1f2aef67f1654b0928bbd5b104efc9dab2156d0b', -- NeoRaider
        },
      },
    },
  },

  -- Bandwidth limiting
  simple_tc = {
    mesh_vpn = {
      ifname = 'mesh-vpn',

      -- You may enable it by default here.
      enabled = false,

      -- Default upload limit (kbit/s).
      limit_egress = 200,

      -- Default download limit (kbit/s).
      limit_ingress = 3000,
    },
  },

  -- These strings are shown in config mode. Some HTML is permissible.
  --
  -- msg_welcome: shown at startup
  -- msg_pubkey:  shown when VPN is enabled
  -- msg_reboot:  shown during reboot (after finishing configuration)
  --
  -- You may use some variables, e.g.:
  --
  -- <%=hostname%>               - the node's hostname
  -- <%=pubkey%>                - the fastd public key
  -- <%=sysconfig.primary_mac%> - the node's primary MAC
  config_mode = {
    msg_welcome = [[
Willkommen zum Einrichtungsassistenten für deinen neuen Lübecker
Freifunk-Knoten. Fülle das folgende Formular deinen Vorstellungen
entsprechend aus und sende es ab.
]],
    msg_pubkey = [[
Dies ist der öffentliche Schlüssel deines Freifunk-Knotens. Erst nachdem
er auf den Servern des Lübecker Freifunk-Projektes eingetragen wurde,
kann sich dein Knoten mit dem Lübecker Mesh-VPN zu verbinden. Bitte
schicke dazu diesen Schlüssel und den Namen deines Knotens
(<em><%=hostname%></em>) an
<a href="mailto:keys@luebeck.freifunk.net">keys@luebeck.freifunk.net</a>.
]],
    msg_reboot = [[
<p>
Dein Knoten startet gerade neu und wird anschließend versuchen,
sich anschließend mit anderen Freifunk-Knoten in seiner Nähe zu
verbinden. Weitere Informationen zur
Lübecker Freifunk-Community findest du auf
<a href="https://luebeck.freifunk.net/">unserer Webseite</a>.
</p>
<p>
Viel Spaß mit deinem Knoten und der Erkundung von Freifunk!
</p>
]],
  },
}