cwinfo/yggdrasil-network.github.io
5
0
Fork 0
mirror of https://github.com/cwinfo/yggdrasil-network.github.io.git synced 2025-02-28 22:11:33 +00:00
Code Releases Activity

Update configuration.md

Browse Source
This commit is contained in:
Neil Alexander 2018-06-13 19:37:28 +01:00 committed by GitHub
parent 7eb728b426
commit bb66837b71
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 45 additions and 63 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

108
configuration.md
View File

@ -10,69 +10,57 @@ A new configuration file may be generated with `yggdrasil --genconf > path/to/co
``` ```
{ {
# Listen address for peer connections (default is to listen for all # Listen address for peer connections. Default is to listen for all
# connections over IPv4 and IPv6) # TCP connections over IPv4 and IPv6 with a random port.
Listen: "[::]:45744" Listen: "[::]:33228"
# Listen address for admin connections (default is to listen only # Listen address for admin connections Default is to listen for local
# for local connections) # connections only on TCP port 9001.
AdminListen: "[::1]:9001" AdminListen: localhost:9001
# List of connection strings for static peers (i.e. tcp://a.b.c.d:e) # List of connection strings for static peers in URI format, i.e.
# tcp://a.b.c.d:e or socks://a.b.c.d:e/f.g.h.i:j
Peers: [] Peers: []
# List of peer BoxPubs to allow incoming connections from # List of peer encryption public keys to allow or incoming TCP
# (if left empty/undefined then connections will be allowed by default) # connections from. If left empty/undefined then all connections
AllowedBoxPubs: [] # will be allowed by default.
AllowedEncryptionPublicKeys: []
# Your public encryption key (your peers may ask you for this to put # Your public encryption key. Your peers may ask you for this to put
# into their AllowedBoxPubs configuration) # into their AllowedEncryptionPublicKeys configuration.
BoxPub: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx EncryptionPublicKey: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
# Your private encryption key (do not share this with anyone!) # Your private encryption key. DO NOT share this with anyone!
BoxPriv: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx EncryptionPrivateKey: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
# Your public signing key # Your public signing key. You should not ordinarily need to share
SigPub: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx # this with anyone.
SigningPublicKey: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
# Your private signing key (do not share this with anyone!) # Your private signing key. DO NOT share this with anyone!
SigPriv: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx SigningPrivateKey: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
# Enable or disable automatic peer discovery on the same LAN using multicast # Regular expressions for which interfaces multicast peer discovery
Multicast: true # should be enabled on. If none specified, multicast peer discovery is
# disabled. The default value is .* which uses all interfaces.
MulticastInterfaces:
[
.*
]
# Regex for which interfaces multicast peer discovery should be enabled on # Local network interface name for TUN/TAP adapter, or "auto" to select
LinkLocal: "" # an interface automatically, or "none" to run without TUN/TAP.
# Local network interface name for TUN/TAP adapter, or "auto", or "none"
IfName: auto IfName: auto
# Set local network interface to TAP mode rather than TUN mode (if supported # Set local network interface to TAP mode rather than TUN mode if
# by your platform, option will be ignored if not) # supported by your platform - option will be ignored if not.
IfTAPMode: false IfTAPMode: false
# Maximux Transmission Unit (MTU) size for your local network interface # Maximux Transmission Unit (MTU) size for your local TUN/TAP interface.
# Default is the largest supported size for your platform. The lowest
# possible value is 1280.
IfMTU: 65535 IfMTU: 65535
# Extended options for interoperability with other networks
Net:
{
# Experimental options for configuring peerings over Tor
Tor:
{
OnionKeyfile: ""
ControlAddr: ""
Enabled: false
}
# Experimental options for configuring peerings over I2P
I2P:
{
Keyfile: ""
Addr: ""
Enabled: false
}
}
} }
``` ```
@ -89,37 +77,31 @@ Note that any field not specified in the configuration will use its default valu
- The default is to listen on the loopback interface (`localhost:9001`) which ensures that only local connections to the admin socket are allowed. - The default is to listen on the loopback interface (`localhost:9001`) which ensures that only local connections to the admin socket are allowed.
- Note that if you change the listen address to a non-loopback address, this will allow other hosts on the network to manage the Yggdrasil process. This probably isn't desirable. - Note that if you change the listen address to a non-loopback address, this will allow other hosts on the network to manage the Yggdrasil process. This probably isn't desirable.
- `Peers` - `Peers`
- A list of strings in the form `["peerAddress:peerPort", "peerAddress:peerPort", ...]` of peers to connect to. - A list of strings in the form `[ "peerAddress:peerPort", "peerAddress:peerPort", ... ]` of peers to connect to.
- Peer hostnames can be specified either using IPv4 addresses, IPv6 addresses or DNS names. - Peer hostnames can be specified either using IPv4 addresses, IPv6 addresses or DNS names.
- Each entry may optionally begin with `tcp://` or `socks://proxyAddress:proxyPort/` to manually force a connection over a specific protocol. - Each entry may optionally begin with `tcp://` or `socks://proxyAddress:proxyPort/` to manually force a connection over a specific protocol.
- If unspecified, the default is to connect over TCP. - `AllowedEncryptionPublicKeys`
- `AllowedBoxPubs`
- A list of strings in the form `["boxpub", "boxpub", ...]`, where `boxpub` is each node's `BoxPub` key which you would like to allow connections from. - A list of strings in the form `["boxpub", "boxpub", ...]`, where `boxpub` is each node's `BoxPub` key which you would like to allow connections from.
- This option allows you to restrict which other nodes can connect to your Yggdrasil node as a peer. It applies to incoming TCP connections. - This option allows you to restrict which other nodes can connect to your Yggdrasil node as a peer. It applies to incoming TCP connections.
- If the list is left empty, or the option is not specified, then Yggdrasil will automatically accept connections from any other node. - If the list is left empty, or the option is not specified, then Yggdrasil will automatically accept connections from any other node.
- Note that multicast link-local peerings (see below) will always override this option if enabled. - Note that multicast link-local peerings (see below) will always override this option if enabled.
- `BoxPub` - `EncryptionPublicKey`
- A hexadecimal string representing the node's public Curve25519 key. - A hexadecimal string representing the node's public Curve25519 key.
- A node's ID in the DHT is a (sha-512) hash of this public key. - A node's ID in the DHT is a (sha-512) hash of this public key.
- A node's IP address is derived from the ID. - A node's IP address is derived from the ID.
- `BoxPriv` - `EncryptionPrivateKey`
- A hexadecimal string representing the node's private Curve25519 key. - A hexadecimal string representing the node's private Curve25519 key.
- This is a private key, don't share it. - This is a private key, don't share it.
- `SigPub` - `SigningPublicKey`
- A hexadecimal string representing a node's public Ed25519 key. - A hexadecimal string representing a node's public Ed25519 key.
- Used primarily for signatures in the greedy routing scheme. - Used primarily for signatures in the greedy routing scheme.
- `SigPriv` - `SigningPrivateKey`
- A hexadecimal string representing the node's private Ed25519 key. - A hexadecimal string representing the node's private Ed25519 key.
- This is a private key, don't share it. - This is a private key, don't share it.
- `Multicast` - `MulticastInterfaces`
- If true (default), link-local multicast peering is enabled. This will attempt to discover other Yggdrasil nodes running on the same network and peer with them automatically, effectively creating a "zero-config" peering setup. - A list of regex strings for matching which interfaces to enable multicast peer discovery on. Interfaces that don't match any of the provided regexes are ignored.
- Link-local multicast listens for UDP announcement messages on `[ff02::114]:9001`.
- Upon discovery, link-local multicast peers are added as TCP peers.
- `LinkLocal`
- A regex string.
- Link-local multicast peering only connects over interfaces matching this regex.
- The default value (an empty string) matches all interfaces. - The default value (an empty string) matches all interfaces.
- This is useful if you want to prevent accidental peering over a layer 2 VPN running on top of Yggdrasil. - This is also useful if you want to prevent accidental peering over a layer 2 VPN running on top of Yggdrasil.
- `IfName` - `IfName`
- The name of the `tun` or `tap` network interface to create or use. Applications send packets over this interface to use the network. - The name of the `tun` or `tap` network interface to create or use. Applications send packets over this interface to use the network.
- On most platforms, an empty string or the default `"auto"` will create a new interface automatically. - On most platforms, an empty string or the default `"auto"` will create a new interface automatically.