-- Configuration Template for Neanderfunk / Eulenfunk - Gluon 2023.2.x
{
  hostname_prefix = 'BRSD-',
  site_name = 'Freifunk RBK-Burscheid - Domain 45 (Neanderfunk)',
  site_code = 'bgl-45_brsd',

  -- Must be the same of all nodes in one mesh domain
  domain_names = { ['ffbgl-45brsd'] = 'Bergischgladbach-Burscheid' },
  domain_seed = '16912847a6f0bd9ed7f09381fef1cd2d4de8cc6aaa679f9ed552bfc8d121a232',

  config_mode = {
    hostname = {
      optional = false,
    },
    owner = {
      obligatory = false,
    },

    geo_location = {
      show_altitude = true,
      osm = {
      center = {
        lat = 51.08406,
        lon = 7.11596,
      },
      zoom = 15,
      tile_layer = {
        type = 'XYZ',
	url = 'https://tiles.ffdus.de/a.tile.openstreetmap.org/{z}/{x}/{y}.png',
	attributions = '&#169; <a href="https://www.openstreetmap.org/copyright" target="_blank">OpenStreetMap</a> contributors.',
	},
      },
    },
    owner = {
      optional = false,
      obligatory = true,
    },
    remote_login = {
      show_password_form = true,
      min_password_length = 12,
    },
  },

  setup_mode = {
    skip = false,
  },
  authorized_keys = { 
	'',
	},

  opkg = {
    openwrt = 'http://firmware.ffnef.de/firmware/packages/gluon2023.2.x/%A',
    extra = {
      gluonffnef = 'http://firmware.ffnef.de/firmware/modules/gluon-%GR/%S',
      modules= 'http://opkg.ffac.rocks/modules/gluon-%GS-%GR/%S',
      gluon = 'http://opkg.ffac.rocks/packages-%v/%A/gluon',
      gluon_base = 'http://opkg.ffac.rocks/packages-%v/%A/gluon_base',
      openwrtpackages = 'http://downloads.openwrt.org/releases/23.05.5/packages/%A/packages',
      openwrtpackages2 = 'http://downloads.openwrt.org/releases/23.05.5/targets/%S/packages',
      openwrtbase = 'http://downloads.openwrt.org/releases/23.05.5/packages/%A/base',
      openwrttelephony = 'http://downloads.openwrt.org/releases/23.05.5/packages/%A/telephony',
      openwrtrouting = 'http://downloads.openwrt.org/releases/23.05.5/packages/%A/routing',
    }, 
  },

  prefix4 = '10.0.0.0/8',
  prefix6 = 'fd66:666e:6566:642d::/64',
  extra_prefixes6 = {
    -- for ebtables-source-filter
    '2a03:2260::/32',
  },

  timezone = 'CET-1CEST,M3.5.0,M10.5.0/3',

  ntp_servers = {
    'ntp6.ffnef.de',
    'ntp.ffbgl.freifunk',
    '0.openwrt.pool.ntp.org',
    '2.openwrt.pool.ntp.org',
  },
  regdom = 'DE',

  wifi24 = {
    channel = 1,
    preserve_channels = 1,
    htmode = 'HT20',
    ap = {
      ssid = 'Freifunk',
    },
    mesh = {
      id = 'mesh-bcd',
      mcast_rate = 12000,
      disabled = false,
    },
  },
  wifi5 = {
    channel = 36,
    outdoor_chanlist = '100-140',
    htmode = 'HT40',
    ap = {
      ssid = 'Freifunk',
    },
    mesh = {
      id = 'mesh-bcd',
      mcast_rate = 12000,
      disabled = false,
    },
  },

  next_node = {
    name = {
      'nextnode',
      'nn',
    },
    -- anycast IPs of all nodes
    ip4 = '10.62.192.1',
    ip6 = 'fd66:666e:6566:642d::1',
  },
  interfaces = {
    lan = {
      default_roles = { 'mesh' },
    },
    wan = {
      default_roles = { 'uplink' },
    },
    single = {
      default_roles = { 'uplink' },
    },
  },
  poe_passthrough = true,

  -- Options specific to routing protocols (optional)
  mesh = {
      vxlan = false,
      filter_membership_reports = true,
      -- Options specific to the batman-adv routing protocol (optional)
      batman_adv = {
          -- Gateway selection class (optional)
          -- The default class 20 is based on the link quality (TQ) only,
          -- class 1 is calculated from both the TQ and the announced bandwidth
          gw_sel_class = 1,
          routing_algo = 'BATMAN_IV',
      },
  },

  mesh_vpn = {
    enabled = true,
    pubkey_privacy = true,
    tunneldigger = {
      mtu = 1364,
      brokers = {'ganymed.ffnef.de:20045','kallisto.ffnef.de:20045','amalthea.ffnef.de:20045','himalia.ffnef.de:20045','elara.ffnef.de:20045','pasophae.ffnef.de:20045'},
    },
    bandwidth_limit = {
      enabled = false,
      egress =  10000,
      ingress = 30000,
    },
  },


  autoupdater = {
    enabled = 1,
    branch = 'stable',
    branches = {
      stable = {
        name = 'stable',
	prefill = true, 
        mirrors = {
          'http://firmware.45-brsd.ffnef.de/firmware/stable/45_brsd/sysupgrade',
          'http://firmware.45-brsd.ffbgl/firmware/stable/45_brsd/sysupgrade',
          'http://firmware.ffnef.de/firmware/stable/45_brsd/sysupgrade',
          'http://[fd66:666e:6566:642d::733]/firmware/stable/45_brsd/sysupgrade',
        },
        good_signatures = 3,
        pubkeys = {
	'579de7b1ded1dc39583515f722d72524f6dce78da635a7ac2d11cfe1dc046e7e', -- tuennes
	'2a61930930a240c027f6ca4197203d400b6e4a32f9e92041e5f086907796c9bc', -- adorfer
	'96d644ff1ce07d6f67d9329a0eb9a1548d0d01a3519d17ec1fe9d49da3270bfc', -- plaste
	'cd97b5e735cdefb1da4aede68f127c8c2f4536df6f544b568df5c801b88a9225', -- alex
	'bd9e2ec7c5a1d420ff31543f27e02576b01ba5c887e726ab9388a25853b7d623', -- untrustworthy-buildbot
        },
      },
      broken = {
        name = 'broken',
        mirrors = {
          'http://firmware.45-brsd.ffnef.de/firmware/broken/45_brsd/sysupgrade',
          'http://firmware.45-brsd.ffbgl/firmware/broken/45_brsd/sysupgrade',
          'http://firmware.ffnef.de/firmware/broken/45_brsd/sysupgrade',
          'http://[fd66:666e:6566:642d::733]/firmware/broken/45_brsd/sysupgrade',
        },
        good_signatures = 1,
        pubkeys = {
	'579de7b1ded1dc39583515f722d72524f6dce78da635a7ac2d11cfe1dc046e7e', -- tuennes
	'2a61930930a240c027f6ca4197203d400b6e4a32f9e92041e5f086907796c9bc', -- adorfer
	'96d644ff1ce07d6f67d9329a0eb9a1548d0d01a3519d17ec1fe9d49da3270bfc', -- plaste
	'cd97b5e735cdefb1da4aede68f127c8c2f4536df6f544b568df5c801b88a9225', -- alex
	'bd9e2ec7c5a1d420ff31543f27e02576b01ba5c887e726ab9388a25853b7d623', -- untrustworthy-buildbot
        },
      },
    },
  },
  roguenets_filter = {
    allowed_prefix4 = '10.0.0.0/8',
    allowed_prefix6 = '2a03:2260::/29',
    additional_prefix6 = {
      'fda0:300e::/32',
    },
  },
  dns = {
    cacheentries = 1024,
    servers = { 'fd66:666e:6566:642d::5','2620:fe::10', '2001:4860:4860::8844', '2001:4860:4860::8888', },
  },
  ssid_changer = {
    enabled = true,
    switch_timeframe = 2,     -- only once every timeframe (in minutes) the SSID will change to OFFLINE
                              -- set to 1440 to change once a day
                              -- set to 1 minute to change every time the router gets offline
    first = 5,                -- the first few minutes directly after reboot within which an Offline-SSID always may be activated
    prefix = 'FF_Offline_',   -- use something short to leave space for the nodename (no '~' allowed!)
    suffix = 'nodename',      -- generate the SSID with either 'nodename', 'mac' or to use only the prefix: 'none'

    tq_limit_enabled = true,  -- if false, the offline SSID will only be set if there is no gateway reacheable
                              -- upper and lower limit to turn the offline_ssid on and off
                              -- in-between these two values the SSID will never be changed to prevent it from toggeling every minute.
    tq_limit_max = 45,        -- upper limit, above that the online SSID will be used
    tq_limit_min = 35         -- lower limit, below that the offline SSID will be used
  },

  ath9kblackout = {
    blackoutwait = 171,
    resetwait = 281,
    stepsize = 10,
  },
}