-
-
Save stevenleeg/14a929131b5415ca4808 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
// Private key: | |
// Your confidentiality and data integrity depend on this key, keep it secret! | |
"privateKey": "[removed]", | |
// This key corresponds to the public key and ipv6 address: | |
"publicKey": "[removed]", | |
"ipv6": "[removed]", | |
// Anyone connecting and offering these passwords on connection will be allowed. | |
// | |
// WARNING: Currently there is no key derivation done on the password field, | |
// DO NOT USE A PASSWORD HERE use something which is truly random and | |
// cannot be guessed. | |
// Including a username in the beginning of the password string is encouraged | |
// to aid in remembering which users are who. | |
// | |
"authorizedPasswords": | |
[ | |
// A unique string which is known to the client and server. | |
{"password": "[removed]"} | |
// Below is an example of your connection credentials | |
// that you can give to other people so they can connect | |
// to you using your default password (from above) | |
// Adding a unique password for each user is advisable | |
// so that leaks can be isolated. | |
// | |
], | |
// Settings for administering and extracting information from your router. | |
// This interface provides functions which can be called through a UDP socket. | |
// See admin/Readme.md for more information about the API and try: | |
// ./contrib/python/cexec 'functions' | |
// For a list of functions which can be called. | |
// For example: ./contrib/python/cexec 'memory()' | |
// will call a function which gets the core's current memory consumption. | |
// ./contrib/python/cjdnslog | |
// is a tool which uses this admin interface to get logs from cjdns. | |
"admin": | |
{ | |
// Port to bind the admin RPC server to. | |
"bind": "127.0.0.1:11234", | |
// Password for admin RPC server. | |
"password": "[removed]" | |
}, | |
// Interfaces to connect to the switch core. | |
"interfaces": | |
{ | |
// The interface which connects over UDP/IP based VPN tunnel. | |
"UDPInterface": | |
[ | |
{ | |
// Bind to this port. | |
"bind": "0.0.0.0:30481", | |
// Nodes to connect to. | |
"connectTo": | |
{ | |
[section removed] | |
} | |
} | |
] | |
}, | |
// Configuration for the router. | |
"router": | |
{ | |
// The interface which is used for connecting to the cjdns network. | |
"interface": | |
{ | |
// The type of interface (only TUNInterface is supported for now) | |
"type": "TUNInterface" | |
}, | |
// System for tunneling IPv4 and ICANN IPv6 through cjdns. | |
// This is using the cjdns switch layer as a VPN carrier. | |
"ipTunnel": | |
{ | |
// Nodes allowed to connect to us. | |
// When a node with the given public key connects, give them the | |
// ip4 and/or ip6 addresses listed. | |
"allowedConnections": | |
[ | |
// { | |
// "publicKey": "[removed]", | |
// "ip4Address": "192.168.1.24", | |
// "ip6Address": "2001:123:ab::10" | |
// }, | |
// It's ok to only specify one address. | |
// { | |
// "publicKey": "[removed]", | |
// "ip4Address": "192.168.1.24", | |
// "ip6Address": "2001:123:ab::10" | |
// } | |
], | |
"outgoingConnections": | |
[ | |
// Connect to one or more machines and ask them for IP addresses. | |
// "[removed]", | |
] | |
} | |
}, | |
// Tear down inactive CryptoAuth sessions after this number of seconds | |
// to make them more forgiving in the event that they become desynchronized. | |
"resetAfterInactivitySeconds": 100, | |
// Dropping permissions. | |
"security": | |
[ | |
// Change the user id to this user after starting up and getting resources. | |
{ | |
"setuser": "nobody", | |
// Exempt the Angel process from setting userId, the Angel is a small | |
// isolated piece of code which exists outside of the core's strict | |
// sandbox but does not handle network traffic. | |
// This must be enabled for IpTunnel to automatically set IP addresses | |
// for the TUN device. | |
"exemptAngel": 1 | |
} | |
], | |
// Logging | |
"logging": | |
{ | |
// Uncomment to have cjdns log to stdout rather than making logs available | |
// via the admin socket. | |
//"logTo":"stdout" | |
}, | |
// If set to non-zero, cjdns will not fork to the background. | |
// Recommended for use in conjunction with "logTo":"stdout". | |
"noBackground":1, | |
// DNS, this server will be available at address fc00::1 | |
"dns": | |
{ | |
// Who to trust | |
"keys": [ | |
"[removed]" | |
], | |
// Who to ask, if a request fails the next one will be tried | |
"servers": [ | |
"[removed]", | |
], | |
// At least this many of "keys" must agree or else the request will fail. | |
"minSignatures":2 | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment