Remove "birchwood.private". Mention Institute/private/vars.yml.

Tried to explain why there is no private/ in the distribution.
Pointed out the example private/vars.yml file (in Institute/private/).

diff --git a/README.org b/README.org
index fcf8298983bdca7746a8b597c0618cf62349e5a8..1877b579af53635917e1ac9499126a8946711722 100644 (file)
--- a/README.org
+++ b/README.org
@@ -81,8 +81,10 @@ philosophy, attitude.
 
 The abbey's public particulars are included below.  They are the
 public particulars of a small institute, nothing more.  As for the
-abbey's private data, examples (only! ;-) are included in the
-following chapters.
+abbey's private parameters, in =private/vars-abbey.yml=, example lines
+(only! ;-) are included in the following chapters.  An example of the
+abbey's private institutional parameters, =private/vars.yml=, can be
+found in [[file:Institute/private/vars.yml][=Institute/private/vars.yml=]].
 
 #+CAPTION: =public/vars.yml=
 #+BEGIN_SRC conf :tangle public/vars.yml :mkdirp yes
@@ -1391,9 +1393,9 @@ TPE-R1300 (and at one time a Linksys WRT1900AC).  The ~isp~ interface
 is another USB3.0 Ethernet adapter connected with a cross-over cable
 to the Ethernet interface of a "cable modem" (a Starlink terminal).
 
-The MAC address of each interface is set in =private/vars.yml=, the
-values of the ~gate_lan_mac~, ~gate_wifi_mac~ and ~gate_isp_mac~
-variables.
+The MAC address of each interface is set in =private/vars.yml= (see
+[[file:Institute/private/vars.yml][=Institute/private/vars.yml=]]) as the values of the ~gate_lan_mac~,
+~gate_wifi_mac~ and ~gate_isp_mac~ variables.
 
 ** The Abbey's Starlink Configuration
 
@@ -2115,7 +2117,6 @@ the ~apg -n 1 -x 12 -m 12~ command.
 
 #+CAPTION: =private/vars-abbey.yml=
 #+BEGIN_SRC conf
----
 zoneminder_dbpass:           gakJopbikJadsEdd
 #+END_SRC
 
@@ -3584,10 +3585,10 @@ A wired device is assigned an IP address when it is added to Core's
 DHCP configuration (as in [[*Add to Core DHCP][Add to Core DHCP]]).  A private domain name is
 then associated with this address.  If the device is intended to
 operate wirelessly, the name for its address is modified with a ~-w~
-suffix.  Thus ~new-w.birchwood.private~ would be the name of the new
+suffix.  Thus ~new-w.small.private~ would be the name of the new
 device while it is temporarily connected to the cloister Ethernet, and
-~new.birchwood.private~ would be its "normal" name used when it is on
-the cloister Wi-Fi.
+~new.small.private~ would be its "normal" name used when it is on the
+cloister Wi-Fi.
 
 The private domain name is created by adding a line like the following
 to =private/db.domain= and incrementing the serial number at the top
@@ -3602,14 +3603,14 @@ following to =private/db.private= and incrementing the serial number
 at the top of that file.
 
 #+BEGIN_SRC conf
-4      IN      PTR     new-w.birchwood.private.
+4      IN      PTR     new-w.small.private.
 #+END_SRC
 
 After ~./abbey config core~ updates Core, resolution of the ~new-w~
 name can be tested.
 
 #+BEGIN_SRC sh
-resolvectl query new-w.birchwood.private.
+resolvectl query new-w.small.private.
 resolvectl query 192.168.56.4
 #+END_SRC
 
@@ -3617,7 +3618,7 @@ resolvectl query 192.168.56.4
 
 - Log in as ~sysadm~ on the console.
 - Create =/etc/apt/apt.conf.d/01proxy=.
-  : D=apt-cacher.birchwood.private.
+  : D=apt-cacher.small.private.
   : echo "Acquire::http::Proxy \"http://$D:3142\";" \
   : > | sudo tee /etc/apt/apt.conf.d/01proxy
 - Update the system and reboot.
@@ -3808,7 +3809,7 @@ rm campus.ovpn public.ovpn
 ssh sysadm@dicks-notebook.lan
 sudo apt install openvpn openvpn-systemd-resolved \
                  network-manager-openvpn-gnome
-ping -c1 core.birchwood.private.
+ping -c1 core.small.private.
 #+END_SRC
 
 Note that Dick's notebook does not need to connect to the cloister
@@ -3858,10 +3859,10 @@ cloister Wi-Fi, and a "VPN address" when it connects to Gate's OpenVPN
 server.  The VPN address can be discovered by running ~ip addr show
 dev ovpn~ on the machine, or inspecting =/etc/openvpn/ipp.txt= on
 Gate.  Once discovered, a private domain name,
-e.g. ~new.birchwood.private~, can be associated with the VPN address,
-e.g ~10.84.138.7~.  The administrator adds a line like the following
-to =private/db.domain= and increments the serial number at the top of
-the file.
+e.g. ~new.small.private~, can be associated with the VPN address, e.g
+~10.84.138.7~.  The administrator adds a line like the following to
+=private/db.domain= and increments the serial number at the top of the
+file.
 
 #+BEGIN_SRC conf
 new    IN      A       10.84.138.7
@@ -3872,20 +3873,20 @@ like the following to =private/db.campus_vpn= and incrementing the
 serial number at the top of that file.
 
 #+BEGIN_SRC conf
-7      IN      PTR     new.birchwood.private.
+7      IN      PTR     new.small.private.
 #+END_SRC
 
 After ~./abbey config core~ updates Core, the administrator can test
 resolution of the new name.
 
 #+BEGIN_SRC sh
-resolvectl query new.birchwood.private.
+resolvectl query new.small.private.
 resolvectl query 10.84.138.7
 #+END_SRC
 
 A wireless device with no Ethernet interface and unable to run OpenVPN
 gets just a Wi-Fi address.  It can be given a private domain name
-(e.g. ~new.birchwood.private~) associated with the Wi-Fi address
+(e.g. ~new.small.private~) associated with the Wi-Fi address
 (e.g. ~192.168.10.225~), but a reverse lookup on a machine connected
 to the Wi-Fi may yield a name like ~new.lan~ (provided by the access
 point) while elsewhere (e.g. on the cloister Ethernet) the IP address