| 1 | ## Building options
|
|---|
| 2 | dumpdev="NO" # No kernel dumps as we don't have a place to
|
|---|
| 3 | # store them
|
|---|
| 4 | gateway_enable="YES" # Act like a gateway please
|
|---|
| 5 | ipv6_enable="NO" # No IPv6 support for now, near feature... ;-)
|
|---|
| 6 |
|
|---|
| 7 | # Firewall needed for port redirection (captive portal, splash screen)
|
|---|
| 8 | firewall_enable="YES"
|
|---|
| 9 | firewall_script="/etc/ipfw.sh"
|
|---|
| 10 |
|
|---|
| 11 | # NTP server needs working config with WL network or internet on boot
|
|---|
| 12 | # so some warnings might pop up, but no harm
|
|---|
| 13 | ntpdate_enable="YES"
|
|---|
| 14 | ntpd_enable="YES"
|
|---|
| 15 | ntpd_sync_on_start="YES"
|
|---|
| 16 | ntpd_flags="-p /var/run/ntpd.pid -f /var/db/ntp.drift"
|
|---|
| 17 |
|
|---|
| 18 | # We need no running mail server
|
|---|
| 19 | sendmail_enable="NONE"
|
|---|
| 20 |
|
|---|
| 21 | # Don't let syslog accept input from other remote hosts
|
|---|
| 22 | syslogd_enable="YES"
|
|---|
| 23 | syslogd_flags="-s -A -c"
|
|---|
| 24 |
|
|---|
| 25 | # Remote login without DNS checking as it might not also be functionable
|
|---|
| 26 | # -u0 prevent sshd from making DNS requests unless the authentication mechanism
|
|---|
| 27 | # or configuration requires it.
|
|---|
| 28 | sshd_enable="YES"
|
|---|
| 29 | sshd_flags="-u0"
|
|---|
| 30 |
|
|---|
| 31 | # Don't update the motd as it not writeable, the update_nanobsd_motd is a
|
|---|
| 32 | # simple wrapper found at /usr/local/etc/rc.d supporting this featureg
|
|---|
| 33 | update_motd="NO"
|
|---|
| 34 | update_nanobsd_motd="YES"
|
|---|
| 35 |
|
|---|
| 36 | ## Port extentions
|
|---|
| 37 | # Serve our clients some pretty cool IP address to at least get connected
|
|---|
| 38 | # Also some low-memory footprint dns resolver
|
|---|
| 39 | dnsmasq_enable="YES"
|
|---|
| 40 |
|
|---|
| 41 | # Monitoring deamons
|
|---|
| 42 | nrpe2_enable="YES"
|
|---|
| 43 | snmpd_enable="YES"
|
|---|
| 44 | snmpd_flags="-a -LF w /var/log/snmpd.log"
|
|---|
| 45 |
|
|---|
| 46 | # Some nodes will serve as HTTP(S) proxy server
|
|---|
| 47 | tinyproxy_enable="NO"
|
|---|
| 48 |
|
|---|
| 49 | ## WL ports extentions
|
|---|
| 50 | thttpd_enable="YES"
|
|---|
| 51 | http302_enable="YES"
|
|---|
| 52 |
|
|---|
| 53 | lvrouted_enable="YES"
|
|---|
| 54 | lvrouted_flags="-u -s s00p3rs3kr3t -m 28 -z 172.16.2.254,172.17.0.1,172.23.25.66,172.17.169.66"
|
|---|
| 55 |
|
|---|
| 56 | # Make sure generated ssh keys are saved
|
|---|
| 57 | nanobsd_save_sshkeys_enable="YES"
|
|---|
| 58 |
|
|---|
| 59 | # Do some cool stuff with pen, like checking on best connections and reload, so
|
|---|
| 60 | # need a wrapper instead of the conventional startup script
|
|---|
| 61 | pen_wrapper_enable="YES"
|
|---|
| 62 |
|
|---|
| 63 | ## Initial (network) configuration
|
|---|
| 64 | #
|
|---|
| 65 | hostname="ChangeMe.example.org"
|
|---|
| 66 | # XXX: Maybe something cool (zero config) as initial configuration
|
|---|
| 67 |
|
|---|
| 68 | ## Iperf server mode
|
|---|
| 69 | #
|
|---|
| 70 | iperf_enable="YES"
|
|---|
