config.example

common: # Default settings
  mac: 00:??:??:??:??:?? # Make last 5 bytes random
  dns: 8.8.8.8, 8.8.4.4
  hostname: <name>s-MacBook-Pro # <name> is a table of generic names
  vpn: myvpn

ignored:
  interfaces:
  - br[0-9]+
  - docker[0-9]+ # Docker
  - tap[0-9]+
  - tun[0-9]+
  - vboxnet[0-9]+ # Virtualbox
  - veth.*
  - vmnet[0-9]+ # VMWare
  - wg.* # Probably WireGuard

vpn:
  myvpn:
    type: openvpn
    config: |
      client
      dev tun

      proto udp
      remote my-server-1 1194

      resolv-retry infinite
      nobind
      persist-key
      persist-tun

      ca ca.crt
      cert client.crt
      key client.key

      comp-lzo
      verb 3
  myvpn2:
    type: wireguard
    address: 10.0.0.1/8
    interface: wg0
    gateway: True
    config: |
      [Interface]
      ListenPort = 51820
      PrivateKey = QLa1x8ttCEl23cCIGpndDv9CIZ7Al7G7Kuj9yG0PIVk=

      [Peer]
      Endpoint = 198.51.100.1:51820
      PublicKey = cPybMYBdfrj0wp+FlvWoFfL2fI1kc7dhtKB+cqvNPCA=
      AllowedIPs = 0.0.0.0/0

office:
  vpn: myvpn
  routes:
    - 192.168.0.0/16 -> 192.168.1.1 # Local network

crappy-hotel-wifi:
  ssid: FreeWiFi
  # Pin access point address to avoid switching between a gazillion equally
  # crappy ones.  This tends to give a more reliable connection.
  ap-addr: 00:11:22:33:44:55
  vpn: myvpn # Connect to VPN when away from home

wired:
  dns: dhcp
  mac: default # The default is to pick a random Macbook Pro MAC address
  hostname: # Do not send a hostname

# Alias chooses different configuration for each host
static: static-$(hostname)

static-laptop:
  interface: eth0
  addr: 192.168.0.42/24
  gateway: 192.168.0.1
  routes:
    - default

static-desktop:
  interface: eth0
  addr: 192.168.0.43/24
  gateway: 192.168.0.1
  routes:
    - default

eduroam:
  ssid: eduroam
  wpa: |
    network={
      identity="YOUR-ID-HERE"
      password="YOUR-PASSPHRASE-HERE"
      key_mgmt=WPA-EAP
    }

my-home-network:
  ssid: SSID-HERE
  psk: PASSPHRASE-HERE
  vpn: # Do not connect to VPN when at home