|
NAMEcjdroute.conf - Cjdns configuration fileDESCRIPTIONThe cjdroute.conf file configures the cjdns routing engine, cjdns(8), generally through cjdroute(1).The configuration is written in a variation of the JSON format that also accepts traditional C-like comments such as single line comments (//) and multiline comments (/* and */). Additionally, unused JSON values found in cjdroute.conf are ignored by cjdns and can be used as a form of JSON-compliant comments. CONFIGURATION"privateKey": "..."Your node's private key. It should be kept secret because
your confidentiality and data integrity depend on it.
"publicKey": "..." Your node's public key. Based on your private key It is
fine for anyone to know this.
"ipv6": "..." Your node's IPv6 address when it is on the network. It is
generated by using the first 16 bytes of a double SHA-512 of your public key.
All cjdns IPv6 addresses must begin with "fc" or else they are
invalid.
"authorizedPasswords": [...] An array of passwords that may be used to connect (peer)
to your node.
"password": "..." A password which can be used to peer with your
node.
"user": "..." A human-readable string that identifies what password a
peer is using on the admin interface. If omitted, the password will be
identified by its position within the array (starting from 0)
Example:
"admin": {...} An object which defines where to bind to the admin RPC
server as well as the password for the admin RPC server. The two required
strings are "bind", which should be in the format
"IP:PORT", and "password", which should preferably be a
long random string of characters.
"interfaces": {...} An object that defines which interfaces cjdns will bind
to and what peers to connect to. There are two different interfaces,
UDPInterface and ETHInterface, both of which are arrays. Within each array
there are a variety of different options
"bind": "..." Defines what the interface should bind to. In
UDPInterface, the bind is an IP:PORT string, such as
"0.0.0.0:12345", while in ETHInterface the bind is a network
interface, such as "eth0".
"beacon": Integer This option is only found in ETHInterface and defines
whether auto-connecting beacons should be sent or listened to. This is useful
for a zeroconf local network.
0 -- Disabled.
1 -- Accept incoming beacons and try connecting to the sender. 2 -- Accept incoming beacons and broadcast beacons to the local network. "connectTo": {...} Defines which nodes cjdns should connect to with the
specified interface. Multiple nodes may be placed in a single
"connectTo" as long as each are seperated by commas. If a node
happens to be offline or become offline during runtime, cjdns will attempt to
reconnect at regular intervals. The one difference in this option between
UDPInterface and ETHInterface is that UDPInterface connects to an
"IP:PORT" while ETHInterface connects to a MAC address.
UDPInterface Example:
"1.2.3.4:54321":
}{ "login": "login From Your Peer's authorizedPasswords", "password": "password From Your Peer's authorizedPasswords", "publicKey": "Your Peer's publicKey.k" }, "5.6.7.8:46321": { "login": "cueball", "password": "Correct Horse Battery Staple", "publicKey": "Other Peer's publicKey.k" } "router": {...} An object that holds configuration information on the
router
"interface": {...} Defines the type of interface used for connecting to the
cjdns network. It requires a "type" string, and optionally a
"tunDevice" string. The "type" string defines the type of
interface used, however only "TUNInterface" is supported at the
moment. The "tunDevice" string defines the name of a persistent TUN
device to use, which is helpful for starting cjdroute as its own user instead
of root.
"ipTunnel": {...} A system for tunneling ICANN IPv4 and ICANN IPv6 through
cjdns. This is using the cjdns switch layer as a VPN carrier.
NOTE: Simply editing your configuration file is not sufficient to setting up an ipTunnel gateway. Please read through tunnel/README.md in the cjdns git tree for more information "allowedConnections": [...] Nodes allowed to connect to us, specified by their public
key, and what IP address(es) to give them. It is fine to only specify one
address.
Example: "allowedConnections":
"outgoingConnections": [...] An array of nodes to connect and ask for IP addresses.
Example: "outgoingConnections":
"security": [...] An array that defines what user to change to after
startup and whether to exempt the Angel process from this user change.
"setuser": "username" User to switch to after startup, for security purposes.
Default value is "nobody".
"exemptAngel": Integer Whether or not to exempt the Angel process from the user
change. The Angel is a small isolated piece of code which exists outside of
the core's strict sandbox but does not handle network traffic. This option
must be enabled for ipTunnel to automatically set IP addresses for the TUN
device.
0 -- False
"logging": {...} Add or uncomment "logTo":"stdout" to
have cjdns log to stdout rather than making logs available via the admin
socket
"noBackground": Integer If set to a non-zero value, cjdns will not fork to the
background. Recommended for use in conjunction with
"logTo":"stdout".
"dns": {...} This section is used to configure the dns capabilities
being added to cjdns. Unfortunetly, there is no documentation for this DNS
section at this time.
"keys": [...] "servers": [...] "MinSignatures": Integer FILES/etc/cjdroute.confA common location for the configuration file.
SEE ALSOcjdroute(1), cjdns(8)
Visit the GSP FreeBSD Man Page Interface. |