From: Matt Birkholz Date: Mon, 1 Jan 2024 17:49:38 +0000 (-0700) Subject: Update README.html. Merge Institute. X-Git-Url: https://birchwood-abbey.net/git?a=commitdiff_plain;h=63990666666a3844f870e5584a78d6831476bb14;p=Network Update README.html. Merge Institute. --- diff --git a/Institute b/Institute index 7b40b58..fc757e9 160000 --- a/Institute +++ b/Institute @@ -1 +1 @@ -Subproject commit 7b40b58d92e692973165deb798b520bc2fce84d8 +Subproject commit fc757e938e48de0c563667a47c7a509eb31fb3ef diff --git a/README.html b/README.html index a285d2b..18d5193 100644 --- a/README.html +++ b/README.html @@ -3,7 +3,7 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - + Birchwood Abbey Networks @@ -64,7 +64,7 @@ map is very similar, with differences mainly in terminology, philosophy, attitude.

-
+
                 |                                                   
                 =                                                   
               _|||_                                                 
@@ -109,8 +109,10 @@ philosophy, attitude.
 

The abbey's public particulars are included below. They are the public particulars of a small institute, nothing more. As for the -abbey's private data, examples (only! ;-) are included in the -following chapters. +abbey's private parameters, in private/vars-abbey.yml, example lines +(only! ;-) are included in the following chapters. An example of the +abbey's private institutional parameters, private/vars.yml, can be +found in Institute/private/vars.yml.

@@ -134,8 +136,8 @@ with Apache2, spooling email with Postfix and serving it with Dovecot-IMAPd, and hosting a VPN with OpenVPN.

-
-

3.1. Install Emacs

+
+

3.1. Install Emacs

The monks of the abbey are masters of the staff (bo) and Emacs. @@ -787,7 +789,7 @@ certificate is a terminal session affair (with prompts and lines entered as shown below).

-
+
 $ sudo apt install python3-certbot-apache
 $ sudo certbot --apache -d birchwood-abbey.net
 ...
@@ -1310,8 +1312,8 @@ The abbey uses the Apt-Cacher:TNG package cache on Core.  The
 
-
-

4.7. Use Cloister Apt Cache

+
+

4.7. Use Cloister Apt Cache

Core itself will benefit from using the package cache. @@ -1808,9 +1810,9 @@ to the Ethernet interface of a "cable modem" (a Starlink terminal).

-The MAC address of each interface is set in private/vars.yml, the -values of the gate_lan_mac, gate_wifi_mac and gate_isp_mac -variables. +The MAC address of each interface is set in private/vars.yml (see +Institute/private/vars.yml) as the values of the gate_lan_mac, +gate_wifi_mac and gate_isp_mac variables.

@@ -1913,8 +1915,8 @@ clients: Android, Debian and Campus. The last type never roams, and is not associated with a member of the small institute.

-
-

6.1. Use Cloister Apt Cache

+
+

6.1. Use Cloister Apt Cache

The Apt-Cacher:TNG program does not work well on the frontier, so is @@ -1984,8 +1986,8 @@ Raspberry Pis (architecture aarch64) only.

-
-

6.3. Install Emacs

+
+

6.3. Install Emacs

The monks of the abbey are masters of the staff and Emacs. @@ -2052,7 +2054,7 @@ Listing them (e.g. running owdir /26.nnnnnnnn or owdir below. A test session is shown below.

-
+
 monkey@new$ owdir
 ...
     /26.2153B6000000/
@@ -2488,8 +2490,8 @@ described in the final section, Configure Cameras, bel
 

-
-

8.4. Include Abbey Variables

+
+

8.4. Include Abbey Variables

In this abbey specific document, most abbey particulars are not @@ -2658,8 +2660,7 @@ the apg -n 1 -x 12 -m 12 command.

-private/vars-abbey.yml
---
-zoneminder_dbpass:           gakJopbikJadsEdd
+private/vars-abbey.yml
zoneminder_dbpass:           gakJopbikJadsEdd
 
@@ -2923,8 +2924,8 @@ machine simply by adding it to the tvrs group.

-
-

9.3. Include Abbey Variables

+
+

9.3. Include Abbey Variables

In this abbey specific document, most abbey particulars are not @@ -3476,7 +3477,7 @@ the list of "inputs" available in a postal code typically ends with the OTA (over the air) broadcasts.

-
+
 $ tv_grab_zz_sdjson --configure --config-file .mythtv/Mr.Antenna.xmltv
 Cache file for lineups, schedules and programs.
 Cache file: [/home/mythtv/.xmltv/tv_grab_zz_sdjson.cache]
@@ -4474,10 +4475,10 @@ A wired device is assigned an IP address when it is added to Core's
 DHCP configuration (as in Add to Core DHCP).  A private domain name is
 then associated with this address.  If the device is intended to
 operate wirelessly, the name for its address is modified with a -w
-suffix.  Thus new-w.birchwood.private would be the name of the new
+suffix.  Thus new-w.small.private would be the name of the new
 device while it is temporarily connected to the cloister Ethernet, and
-new.birchwood.private would be its "normal" name used when it is on
-the cloister Wi-Fi.
+new.small.private would be its "normal" name used when it is on the
+cloister Wi-Fi.
 

@@ -4498,7 +4499,7 @@ at the top of that file.

-
4       IN      PTR     new-w.birchwood.private.
+
4       IN      PTR     new-w.small.private.
 
@@ -4508,7 +4509,7 @@ name can be tested.

-
resolvectl query new-w.birchwood.private.
+
resolvectl query new-w.small.private.
 resolvectl query 192.168.56.4
 
@@ -4523,7 +4524,7 @@ resolvectl query 192.168.56.4 Create /etc/apt/apt.conf.d/01proxy.

-D=apt-cacher.birchwood.private.
+D=apt-cacher.small.private.
 echo "Acquire::http::Proxy \"http://$D:3142\";" \
 > | sudo tee /etc/apt/apt.conf.d/01proxy
 
@@ -4777,7 +4778,7 @@ rm campus.ovpn public.ovpn ssh sysadm@dicks-notebook.lan sudo apt install openvpn openvpn-systemd-resolved \ network-manager-openvpn-gnome -ping -c1 core.birchwood.private. +ping -c1 core.small.private.
@@ -4843,10 +4844,10 @@ cloister Wi-Fi, and a "VPN address" when it connects to Gate's OpenVPN server. The VPN address can be discovered by running ip addr show dev ovpn on the machine, or inspecting /etc/openvpn/ipp.txt on Gate. Once discovered, a private domain name, -e.g. new.birchwood.private, can be associated with the VPN address, -e.g 10.84.138.7. The administrator adds a line like the following -to private/db.domain and increments the serial number at the top of -the file. +e.g. new.small.private, can be associated with the VPN address, e.g +10.84.138.7. The administrator adds a line like the following to +private/db.domain and increments the serial number at the top of the +file.

@@ -4861,7 +4862,7 @@ serial number at the top of that file.

-
7       IN      PTR     new.birchwood.private.
+
7       IN      PTR     new.small.private.
 
@@ -4871,7 +4872,7 @@ resolution of the new name.

-
resolvectl query new.birchwood.private.
+
resolvectl query new.small.private.
 resolvectl query 10.84.138.7
 
@@ -4879,7 +4880,7 @@ resolvectl query 10.84.138.7

A wireless device with no Ethernet interface and unable to run OpenVPN gets just a Wi-Fi address. It can be given a private domain name -(e.g. new.birchwood.private) associated with the Wi-Fi address +(e.g. new.small.private) associated with the Wi-Fi address (e.g. 192.168.10.225), but a reverse lookup on a machine connected to the Wi-Fi may yield a name like new.lan (provided by the access point) while elsewhere (e.g. on the cloister Ethernet) the IP address @@ -4892,7 +4893,7 @@ to private/db.campus_vpn.)

Author: Matt Birkholz

-

Created: 2023-12-30 Sat 14:12

+

Created: 2024-01-01 Mon 10:48

Validate