summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJonas Smedegaard <dr@jones.dk>2017-11-28 17:17:50 +0100
committerJonas Smedegaard <dr@jones.dk>2017-11-28 17:17:50 +0100
commitaf7a76bffbbf5516681f1de0a352996c5fdeb05f (patch)
tree181ff1299340c65b9bcda1658a24fc5d7d8c7295
parent64042927c3fee8ecc8fcfb66dc4f5e64bc53fc61 (diff)
Add node freedombox.1.0b10
-rw-r--r--nodes/freedombox.yml46
1 files changed, 46 insertions, 0 deletions
diff --git a/nodes/freedombox.yml b/nodes/freedombox.yml
new file mode 100644
index 0000000..a12b515
--- /dev/null
+++ b/nodes/freedombox.yml
@@ -0,0 +1,46 @@
+# Freedombox on LIME2 box
+# Targets: Debian (>= 9)
+# Depends: boxer-data (>= 10.5.14)
+classes:
+ - Console.setup
+ - Console.filemanager
+ - Admin.etc.functions
+ - Admin
+ - Service.ssh
+ - Service.mail.mta.dma
+# - Service.time.openntpd.force
+ - Hardware.motherboard.olimex.lime2
+ - Hardware.harden
+ - Hardware.net.interfaces.reset
+ - Framework.pkg.apt.autoremove-suggests
+ - Framework.pkg.apt.avoid-removals
+ - Framework.pkg.apt.aptitude.advance-on-action
+ - Framework.pkg.apt.aptitude.list-suite
+ - Framework.pkg.apt.proxy.reset
+ - Framework.pkg.apt.source.reset
+parameters:
+ doc:
+ gateway:
+ pkg:
+ - include freedombox-setup
+ tweak:
+ - limit video buffers (freeing memory for general use)
+ - use HDMI (not serial port) as initial boot console
+ - grant root access to users in POSIX (and LDAP) group 'admin'
+ pkg:
+ - plinth
+ tweak:
+ - >
+ _setappendvar /target/etc/default/flash-kernel \
+ LINUX_KERNEL_CMDLINE_DEFAULTS \
+ '"sunxi_ve_mem_reserve=0 sunxi_g2d_mem_reserve=0 sunxi_fb_mem_reserve=16"'
+ - >
+ file=/target/etc/flash-kernel/bootscript/bootscr.sunxi;\
+ _backup "$file";\
+ sed -i -r -e '2asetenv console tty1\''n' "$file"
+ - >
+ _setappendline /target/etc/sudoers.d/local-freedombox \
+ "%admin ALL=(root) ALL"
+ - >
+ _setappendvar /target/etc/sysctl.d/local-freedombox.conf \
+ net.ipv6.conf.all.forwarding 1