# Colibri bridge configuration — systemd EnvironmentFile. # Install to /etc/colibri/bridge.env (root:root, 0644). # This is the systemd parallel to the sysrc vars in the FreeBSD rc.d script # (packaging/freebsd/colibri_bridge.in). # Tailscale IPv4 of THIS host. socat binds here — never 0.0.0.0 — so the control # plane is not exposed on any other interface even if the firewall rule is # removed. Fill in with this host's own address from `tailscale ip -4`. # (Real 100.x addresses are never committed to git — set it at deploy time.) COLIBRI_BRIDGE_LISTEN_ADDR=TAILSCALE_IP_REQUIRED # TCP port. MUST match the firewall allow-rule that scopes 9190 to tailscale0. COLIBRI_BRIDGE_LISTEN_PORT=9190 # colibri-daemon Unix socket. MUST equal the daemon's COLIBRI_DAEMON_SOCKET. # The daemon default is under $XDG_DATA_HOME; for a system bridge point both at # a stable /run path (and keep it off /home so ProtectHome=yes can stay on). COLIBRI_BRIDGE_SOCKET=/run/colibri/colibri.sock