-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathshared.env.example
More file actions
36 lines (30 loc) · 1.86 KB
/
Copy pathshared.env.example
File metadata and controls
36 lines (30 loc) · 1.86 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
# shared.env — sourced by both pi-bootstrap.sh and printserver-bootstrap.sh
#
# Copy to shared.env, fill in values, then:
# chmod 600 shared.env
#
# Do NOT commit shared.env to version control.
# This example file is safe to commit.
# ── SSH public keys ────────────────────────────────────────────────────────────
# One key per line inside the quoted string. All keys are added to
# authorized_keys on every node.
# Single key:
# SSH_PUBKEYS="ssh-ed25519 AAAA...key1 user@host"
# Multiple keys (use a multiline string):
# SSH_PUBKEYS="ssh-ed25519 AAAA...key1 user@host1
# ssh-ed25519 AAAA...key2 user@host2"
SSH_PUBKEYS="ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMCqm+QaF5C4q/kYgyiWJBTlmk8bm9mVWdKUF/Bnd01I derek@pangolin"
# ── Network ────────────────────────────────────────────────────────────────────
# LAN subnet allowed to access services (CUPS, USB/IP, SSH firewall).
# Legacy/fallback — SSH_CIDRS and PRINT_CIDRS override this when set.
LAN_SUBNET=192.168.4.0/22
# CIDRs allowed SSH access (space-separated). When set, UFW restricts SSH
# to these ranges only. Leave blank to allow SSH from anywhere.
SSH_CIDRS="192.168.4.0/22"
# CIDRs allowed printing access — CUPS (631) and USB/IP proxy (3240).
# Space-separated list.
PRINT_CIDRS="192.168.4.0/22"
# ── USB/IP proxy (Raspberry Pi) ────────────────────────────────────────────────
# FQDN of the Pi running usbipd. Used by the printserver to attach remote printers
# and by pi-bootstrap.sh as the default hostname for the Pi itself.
USBPROXY_HOST=usbproxy.ancapistan.io