aboutsummaryrefslogtreecommitdiff
path: root/vars
diff options
context:
space:
mode:
Diffstat (limited to 'vars')
-rw-r--r--vars/common24
-rw-r--r--vars/hostclass/idm_server9
-rw-r--r--vars/hostclass/roadwarrior_laptop2
-rw-r--r--vars/hostname/rlaptop13
-rw-r--r--vars/os/freebsd4
5 files changed, 38 insertions, 4 deletions
diff --git a/vars/common b/vars/common
index 6ecfc24..845b0b8 100644
--- a/vars/common
+++ b/vars/common
@@ -12,11 +12,31 @@ root_mail_alias="you@${email_domain}"
smtp_host_ip=1.2.3.4
timezone=America/New_York
+# hostname id ipv4
+idm_server_list="\
+idm1 1 1.2.3.4
+idm2 2 5.6.7.8"
+
+reverse_dns_zones="0.168.192.in-addr.arpa 12.11.10.in-addr.arpa"
+
+
+###############################################################################
+# Variables following this line do not (generally) need to be changed.
+###############################################################################
nproc=$(nproc)
allowed_tcp_ports=ssh
bootstrap_resolvers='1.1.1.1'
+desktop_type=kde
fqdn="${BOXCONF_HOSTNAME}.${domain}"
+graphics_type=intel
+idm_admin_username='s-boxconf'
+idm_admin_uid='20000'
+idm_admin_groupname='sysadmins'
+idm_admin_gid='30000'
+nslcd_min_uid=1000
+nscd_ttl=600
+nscd_negative_ttl=20
smtp_host="smtp.${domain}"
ssh_authzkeys_user=_authzkeys
tcp_buffer_size=2097152 # suitable for 1 GigE
@@ -28,7 +48,3 @@ if $(( nproc > 4 )); then
else
nginx_worker_processes=$nproc
fi
-
-if [ "${idm_bootstrap:-}" = true ]; then
- resolvers=$bootstrap_resolvers
-fi
diff --git a/vars/hostclass/idm_server b/vars/hostclass/idm_server
new file mode 100644
index 0000000..eec6d1c
--- /dev/null
+++ b/vars/hostclass/idm_server
@@ -0,0 +1,9 @@
+#!/bin/sh
+
+allowed_tcp_ports='ssh ldap ldaps domain kerberos-sec kerberos-adm'
+allowed_udp_ports='domain kerberos-sec kpasswd'
+
+ssh_authorized_keys_user=nobody
+
+unbound_blocklists="\
+https://raw.githubusercontent.com/hagezi/dns-blocklists/main/unbound/pro.plus.blacklist.conf"
diff --git a/vars/hostclass/roadwarrior_laptop b/vars/hostclass/roadwarrior_laptop
new file mode 100644
index 0000000..99f8b9c
--- /dev/null
+++ b/vars/hostclass/roadwarrior_laptop
@@ -0,0 +1,2 @@
+#!/bin/sh
+resolvers=$bootstrap_resolvers
diff --git a/vars/hostname/rlaptop1 b/vars/hostname/rlaptop1
new file mode 100644
index 0000000..0eb1518
--- /dev/null
+++ b/vars/hostname/rlaptop1
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+desktop_type=i3
diff --git a/vars/os/freebsd b/vars/os/freebsd
index 0d4a6fb..17e7edb 100644
--- a/vars/os/freebsd
+++ b/vars/os/freebsd
@@ -10,7 +10,11 @@ intel_epp=50
export ASSUME_ALWAYS_YES=yes
acme_standalone_port=9080
acme_uid=169
+keytab_dir=/var/db/keytabs
nfscbd_port=7745
+python_version=311
+saslauthd_runtime_dir=/var/run/saslauthd
+saslauthd_user=cyrus
site_cacert_path=/usr/local/etc/ssl/certs/ca.crt
ssh_host_key_dir=/var/db/ssh
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-28 12:17:33 -0500