sourCEntral - mobile manpages

pdf

GNUNET.CONF(5) BSD File Formats Manual GNUNET.CONF(5)

NAME

gnunet.conf — GNUnet configuration file

DESCRIPTION

A GNUnet setup typically consists of a set of service processes run by a user "gnunet" and a set of user-interface processes run by a standard account. The default location for the configuration file for the services is ~gnunet/.config/gnunet.conf. However, as normal users also may need read-access to this configuration, you might want to instead put the service process configuration in /etc/gnunet.conf. gnunet-setup(1), part of gnunet-gtk, can be used to edit this configuration. The parts of GNUnet that are run as a normal user may have config options too and they read from $HOME/.config/gnunet.conf. The latter config file can skip any options for the services.

The basic structure of the configuration file is the following.

The file is split into sections.

Every section begins with a token in square brakets. The current section ends when a new section starts or end of file is encountered.

A section contains a number of options of the form "OPTION=VALUE".

Whitespace surrounding the "=" token is striped out, in other words "OPTION = VALUE" and "OPTION=VALUE" are treated equal.

Empty lines and lines beginning with a "#" are treated as comments.

Boolean values are given as "YES" and "NO".

Almost all options are optional. The tools resort to reasonable defaults if an option is not present. Default values for all of the options can be found in the files in the $GNUNET_PREFIX/share/gnunet/config.d/ directory. A typical setup will work out of the box with those. See the examples section below for some common setups on top of that.

Variable naming conventions and data types
Boolean values for options are set via "YES" or "NO" values, without the double-quotes.

Options which include "PATH" or "path" define a path on the file-system and can take additional variables in the path, such as $GNUNET_TMP.

Section names as listed more in detail below, are small letters only enclosed by square brakets.

GENERAL OPTIONS
Many options will be common between sections. They can be repeated under each section with different values. The "[PATHS]" section is special. Here, it is possible to specify values for variables like "GNUNET_HOME". Then, in all filenames that begin with "$GNUNET_HOME" the "$GNUNET_HOME" will be replaced with the respective value at runtime. The main use of this is to redefine "$GNUNET_HOME", which by default points to $HOME/.config/. By setting this variable, you can change the location where GNUnet stores its internal data. gnunet.conf accepts the variable GNUNET_TMP which we suggest to use in place of the absolute definition of /tmp. So instead of /tmp/foo you would write $GNUNET_TMP/foo. The usage of $GNUNET_TMP/foo, will result in $TMPDIR/gnunet/foo, or $TMP/gnunet/foo and finally, if TMPDIR is undefined, /tmp/gnunet/foo. The following options are generic and shared by all services:

HOSTNAME

The hostname specifies the machine on which the service is running. This is usually "localhost".

BINARY

The filename that implements the service. For example "gnunet-service-ats".

IMMEDIATE_START

Start the service always when the peer starts. Set to YES for services that should always be launched, even if no other service explicitly needs them.

START_ON_DEMAND

Set to YES to automatically start the service when it is requested by another service. YES for most GNUnet services.

NOARMBIND

Set to YES to never have ARM bind to the respective socket. This option is mostly for debugging in situations where ARM cannot pass the pre-bound socket to the child due to interference from PREFIX-commands. This option is only effective in combination with IMMEDIATE_START being YES. NO by default.

PREFIX

PREFIX the given command (with its arguments) to the actual BINARY to be executed. Useful to run certain services under special supervisors like strace, dtrace, or valgrind. Typically used in combination with IMMEDIATE_START and NOARMBIND. Empty by default.

ACCEPT_FROM

A semi-column separated list of IPv4 addresses that are allowed to use the service; usually 127.0.0.1.

ACCEPT_FROM6

A semi-column separated list of IPv6 addresses that are allowed to use the service; usually ::1.

UNIXPATH

Path to use for the UNIX domain socket for inter process communication with the service on POSIX systems.

UNIX_MATCH_UID

If UNIX domain sockets are used, set this to YES if only users with the same UID are allowed to access the service.

UNIX_MATCH_GID

If UNIX domain sockets are used, set this to YES if only users with the same GID are allowed to access the service.

RUN_PER_USER

End-users should never have to change the defaults GNUnet provides for this option.

YES

Set to YES if this service should be run per-user.

NO

Set to NO if this is a system service.

In the following sections the absence of a default value is either expressed as "Default value:" followed by nothing, or the lack of this line.

ARM

PORT

Default value: 2087

HOSTNAME

Default value: localhost

BINARY

Default value: gnunet-service-arm

ACCEPT_FROM

Default value: 127.0.0.1;

ACCEPT_FROM6

Default value: ::1;

UNIXPATH

Special case, uses user runtime dir even for per-system service.

Default value: $GNUNET_USER_RUNTIME_DIR/gnunet-service-arm.sock

UNIX_MATCH_UID

Default value: YES

UNIX_MATCH_GID

Default value: YES

GLOBAL_POSTFIX

In the -l option, format characters from strftime(3) are allowed; In the GLOBAL_POSTFIX, "{}" stands for the name of the respective service. Thus the following example for this option would introduce per-service logging with a new log file each day. Note that only the last 3 log files are preserved. Example:

-l $GNUNET_CACHE_HOME/{}-%Y-%m-%d.log

Default value:

GLOBAL_PREFIX

Default value:

START_SYSTEM_SERVICES

If set to YES, ARM will only start services that are marked as system-level services (and we’ll expect a second ARM to be run per-user to run user-level services). Note that in this case you must have manually created a different configuration file with the user where at least this and the START_USER_SERVICES options differ.

START_USER_SERVICES

If set to YES, ARM will only start services that are marked as per-user services (and we’ll expect a system user to run ARM to provide system-level services). Per-user services enable better personalization and privilege separation and in particular ensures that personal data is stored under $HOME, which might be important in a multi-user system (or if $HOME is encrypted and /var/ is not).

Note that if you have different ARM services for SYSTEM and USER, and you are not on UNIX, you need to change the PORT option for the USER ARM instances to some free port (counting down from 2085 should provide free ports).

RESOURCE_DIAGNOSTICS

File where we should log per-service resource consumption on exit.

Default value: resource.log

USERNAME

Name of the user that will be used to provide the service.

Default value:

MAXBUF

Default value:

TIMEOUT

Default value:

DISABLEV6

Default value:

BINDTO

Default value:

REJECT_FROM

Default value:

REJECT_FROM6

Default value:

PREFIX

Default value:

ATS

PORT

Default value: 2098

HOSTNAME

Default value: localhost

BINARY

Default value: gnunet-service-ats

ACCEPT_FROM

Default value: 127.0.0.1;

ACCEPT_FROM6

Default value: ::1;

UNIXPATH

Default value: $GNUNET_RUNTIME_DIR/gnunet-service-ats.sock

UNIX_MATCH_UID

Default value: NO

UNIX_MATCH_GID

Default value: YES

MODE

Designated assignment mode. Possible values: PROPORTIONAL, MLP, RIL.

Default value: proportional

UNSPECIFIED_QUOTA_IN

quotes in KiB or MiB per seconds. Or use the word "unlimited". Default value: 64 KiB

UNSPECIFIED_QUOTA_OUT

quotes in KiB or MiB per seconds. Or use the word "unlimited". Default value: 64 KiB

LOOPBACK_QUOTA_IN

quotes in KiB or MiB per seconds. Or use the word "unlimited". Default value: unlimited

LOOPBACK_QUOTA_OUT

quotes in KiB or MiB per seconds. Or use the word "unlimited". Default value: unlimited

LAN_QUOTA_IN

quotes in KiB or MiB per seconds. Or use the word "unlimited". Default value: unlimited

LAN_QUOTA_OUT

quotes in KiB or MiB per seconds. Or use the word "unlimited". Default value: unlimited

WAN_QUOTA_IN

quotes in KiB or MiB per seconds. Or use the word "unlimited". Default value: 64 KiB

WAN_QUOTA_OUT

quotes in KiB or MiB per seconds. Or use the word "unlimited". Default value: 64 KiB

WLAN_QUOTA_IN

quotes in KiB or MiB per seconds. Or use the word "unlimited". Default value: 1 MiB

WLAN_QUOTA_OUT

quotes in KiB or MiB per seconds. Or use the word "unlimited". Default value: 1 MiB

BLUETOOTH_QUOTA_IN

Default value: 128 KiB

BLUETOOTH_QUOTA_OUT

Default value: 128 KiB

PROP_PROPORTIONALITY_FACTOR

How proportional to preferences is bandwidth distribution in a network? Default value: 2.00

1.0

Fair with respect to addresses without preferences.

> 1.0

The bigger, the more respect is paid to preferences.

PROP_STABILITY_FACTOR

Should we stick to existing connections are prefer to switch? [1.0...2.0], lower value prefers to switch, bigger value is more tolerant.

Default value: 1.25

MLP_MAX_DURATION

Maximum duration for a solution process (both LP and MILP). Default value: 3 s

MLP_MAX_ITERATIONS

Maximum numbero of iterations for a solution process (only LP). Tolerated MIP Gap [0.0 .. 1.0].

Default value: 0.025

MLP_MAX_MIP_GAP

Tolerated LP/MIP Gap [0.0 .. 1.0].

Default value: 0.025

MLP_MAX_LP_MIP_GAP

Default value: 0.025

MLP_MAX_ITERATIONS

Maximum number of iterations for a solution process.

Default value: 1024

MLP_COEFFICIENT_D

Default value: 1.0

MLP_COEFFICIENT_U

Default value: 1.0

MLP_COEFFICIENT_R

Default value: 1.0

MLP_MIN_BANDWIDTH

Default value: 1024

MLP_MIN_CONNECTIONS

Default value: 4

MLP_DUMP_PROBLEM_ALL

Dump all problems to disk.

Default value: YES

MLP_DUMP_SOLUTION_ALL

Dump all solution to disk.

Default value: YES

MLP_GLPK_VERBOSE

Print GLPK output.

Default value: YES

MLP_DUMP_PROBLEM_ON_FAIL

Dump all problems to disk.

Default value: YES

MLP_DUMP_SOLUTION_ON_FAIL

Dump all solution to disk.

Default value: YES

RIL_STEP_TIME_MIN

Default value: 500 ms

RIL_STEP_TIME_MAX

Default value: 1000 ms

RIL_ALGORITHM

Possible values: SARSA or Q-LEARNING.

Default value: Q-LEARNING

RIL_DISCOUNT_BETA

Default value: 0.7

RIL_GRADIENT_STEP_SIZE

Default value: 0.3

RIL_TRACE_DECAY

Default value: 0.2

RIL_EXPLORE_RATIO

Default value: 0.1

RIL_GLOBAL_REWARD_SHARE

Default value: 1

AUCTION

CADET
IMMEDIATE_START

Default value: YES

START_ON_DEMAND

Default value: YES

PORT

Default value: 2096

HOSTNAME

Default value: localhost

BINARY

Default value: gnunet-service-cadet

PREFIX
ACCEPT_FROM

Default value: 127.0.0.1;

ACCEPT_FROM6

Default value: ::1;

UNIXPATH

Default value: $GNUNET_RUNTIME_DIR/gnunet-service-cadet.sock

UNIX_MATCH_UID

Default value: NO

UNIX_MATCH_GID

Default value: YES

REFRESH_CONNECTION_TIME

How often do we send KEEPALIVE messages on connections to keep them from timing out?

Default value: 5 min

DROP_PERCENT

Percentage of packets CADET is artificially dropping. Used for testing only!

ID_ANNOUNCE_TIME

How frequently do we usually announce our presence in the DHT?

Default value: 1 h

CONNECT_TIMEOUT

Default value: 30 s

DHT_REPLICATION_LEVEL

What is the replication level we give to the DHT when announcing our existence? Usually there is no need to change this.

Default value: 3

MAX_TUNNELS

Not implemented

Default value: 1000

MAX_CONNECTIONS

Not implemented, replaced by MAX_ROUTES in NEW CADET!

Default value: 1000

MAX_ROUTES

How many routes do we participate in at most? Should be smaller than MAX_MSGS_QUEUE.

Default value: 5000

MAX_MSGS_QUEUE

Not implemented

Default value: 10000

MAX_PEERS

Not implemented

Default value: 1000

RATCHET_TIME

How often do we advance the ratchet even if there is not any traffic?

Default value: 1 h

RATCHET_MESSAGES

How often do we advance the ratched if there is traffic?

Default value: 64

COMMUNICATOR-UNIX
UNIXPATH

Default value: $GNUNET_RUNTIME_DIR/gnunet-communicator-unix.sock

CONSENSUS
START_ON_DEMAND

Default value: YES

PORT

Default value: 2103

HOSTNAME

Default value: localhost

BINARY

Default value: gnunet-service-consensus

ACCEPT_FROM

Default value: 127.0.0.1;

ACCEPT_FROM6

Default value: ::1;

UNIXPATH

Default value: $GNUNET_RUNTIME_DIR/gnunet-service-consensus.sock

UNIX_MATCH_UID

Default value: YES

UNIX_MATCH_GID

Default value: YES

CORE
START_ON_DEMAND

Default value: YES

PORT

Default value: 2092

HOSTNAME

Default value: localhost

BINARY

Default value: gnunet-service-core

ACCEPT_FROM

Default value: 127.0.0.1;

ACCEPT_FROM6

Default value: ::1;

UNIXPATH

Default value: $GNUNET_RUNTIME_DIR/gnunet-service-core.sock

UNIX_MATCH_UID

Default value: NO

UNIX_MATCH_GID

Default value: YES

DISABLE_SOCKET_FORWARDING

Default value: NO

USERNAME

MAXBUF
TIMEOUT

DISABLEV6

BINDTO
REJECT_FROM

REJECT_FROM6

PREFIX
USE_EPHEMERAL_KEYS

Default value: YES

This MUST be set to YES in production, only set to NO for testing for performance (testbed/cluster-scale use!).

DATACACHE-POSTGRES
CONFIG

Default value: postgres:///gnunet

DATASTORE
START_ON_DEMAND

Default value: YES

UNIXPATH

Default value: $GNUNET_RUNTIME_DIR/gnunet-service-datastore.sock

UNIX_MATCH_UID

Default value: NO

UNIX_MATCH_GID

Default value: YES

PORT

Default value: 2093

HOSTNAME

Default value: localhost

BINARY

Default value: gnunet-service-datastore

ACCEPT_FROM

Default value: 127.0.0.1;

ACCEPT_FROM6

Default value: ::1;

QUOTA

Default value: 5 GB

BLOOMFILTER

Default value: $GNUNET_DATA_HOME/datastore/bloomfilter

DATABASE

Default value: sqlite

DISABLE_SOCKET_FORWARDING

Default value: NO

DATASTORE-SQLITE
FILENAME

Default value: $GNUNET_DATA_HOME/datastore/sqlite.db

DATASTORE-POSTGRES
CONFIG

Default value: postgres:///gnunet

DATASTORE-MYSQL
DATABASE

Default value: gnunet

CONFIG

Default value: ~/.my.cnf

USER

Default value: gnunet

PASSWORD

HOST

Default value: localhost

PORT

Default value: 3306

DATASTORE-HEAP
HASHMAPSIZE

Default value: 1024

DHT
IMMEDIATE_START boolean

Default value: YES

START_ON_DEMAND boolean

Default value: YES

PORT integer

Default value: 2095

HOSTNAME string

Default value: localhost

BINARY string

Default value: gnunet-service-dht

ACCEPT_FROM string

Default value: 127.0.0.1;

ACCEPT_FROM6 string

Default value: ::1;

BUCKET_SIZE integer

Default value: 4

UNIXPATH path

Default value: $GNUNET_RUNTIME_DIR/gnunet-service-dht.sock

UNIX_MATCH_UID boolean

Default value: NO

UNIX_MATCH_GID boolean

Default value: YES

DISABLE_SOCKET_FORWARDING boolean

Default value: NO

USERNAME =

MAXBUF =

TIMEOUT =

DISABLEV6 =

BINDTO =

REJECT_FROM =

REJECT_FROM6 =

PREFIX =

# Should the DHT cache results that we are routing in the DATACACHE as well? CACHE_RESULTS = YES
# Special option to disable DHT calling ’try_connect’ (for testing) DISABLE_TRY_CONNECT = NO

DHTCACHE
DATABASE

Default value: heap

QUOTA

Default value: 50 MB

DISABLE_BF_RC boolean

Disable RC-file for Bloom filter? (for benchmarking with limited IO availability)

Default value: NO

EXIT

FS
GNS
HOSTLIST
IDENTITY
NAMECACHE
NAMESTORE
NAT-AUTO
NAT
NSE
PEERINFO
PEERSTORE
PT
REGEX
RESOLVER
REST

UNIXPATH

Default value: $GNUNET_USER_RUNTIME_DIR/gnunet-service-rest.sock

BINARY

Default value: gnunet-rest-server

BIND_TO

Default value: 127.0.0.1

BIND_TO6

Default value: ::1

REST_PORT

Default value: 7776

REST_ALLOW_HEADERS

Default value: Authorization,Accept,Content-Type

REST_ALLOW_ORIGIN

Default value: *

REST_ALLOW_CREDENTIALS

Default value: true

REVOCATION
SCALARPRODUCT
SECRETSHARING
SET
STATISTICS
TEMPLATE
TESTBED-LOGGER
TESTBED
TESTING
TOPOLOGY

IMMEDIATE_START

Default value: YES

NOARMBIND

Default value: YES

MINIMUM-FRIENDS

Default value: 0

FRIENDS-ONLY

Default value: NO

TARGET-CONNECTION-COUNT

Default value: 16

FRIENDS

Default value: $GNUNET_CONFIG_HOME/topology/friends.txt

BINARY

Default value: gnunet-daemon-topology

TRANSPORT
UTIL
VPN

START_ON_DEMAND

Default value: YES

PORT

Default value: 2105

HOSTNAME

Default value: localhost

BINARY

Default value: gnunet-service-vpn

ACCEPT_FROM

Default value: 127.0.0.1;

ACCEPT_FROM6

Default value: ::1;

UNIXPATH

Default value: $GNUNET_RUNTIME_DIR/gnunet-service-vpn.sock

UNIX_MATCH_UID

Default value: NO

UNIX_MATCH_GID

Default value: YES

IPV6ADDR

Default value: 1234::1

IPV6PREFIX

Default value: 32

IPV4ADDR

Default value: 10.11.10.1

IPV4MASK

Default value: 255.255.0.0

VIRTDNS

Default value: 10.11.10.2

VIRTDNS6

Default value: 1234::17

IFNAME

Default value: vpn-gnunet

ZONEMASTER
START_ON_DEMAND

Default value: YES

IMMEDIATE_START

Default value: YES

HOSTNAME

Default value: localhost

BINARY

Default value: gnunet-service-zonemaster

UNIXPATH

Default value: $GNUNET_USER_RUNTIME_DIR/gnunet-service-zonemaster.sock

PORT

Default value: 2123

UNIX_MATCH_UID

Do we require users that want to access GNS to run this process (usually not a good idea)?

Default value: NO

UNIX_MATCH_GID

Do we require users that want to access GNS to be in the ’gnunet’ group?

Default value: NO

MAX_PARALLEL_BACKGROUND_QUERIES

How many queries is GNS allowed to perform in the background at the same time?

Default value: 1000

ZONE_PUBLISH_TIME_WINDOW

How frequently do we try to publish our full zone?

Default value: 4 h

USE_CACHE

Using caching or always ask DHT?

Default value: YES

PREFIX
ZONEMASTER-MONITOR

START_ON_DEMAND

Default value: YES

IMMEDIATE_START

Default value: YES

HOSTNAME

Default value: localhost

BINARY

Default value: gnunet-service-zonemaster-monitor

UNIXPATH

Default value: $GNUNET_USER_RUNTIME_DIR/gnunet-service-zonemaster-monitor.sock

PORT

Default value: 2124

UNIX_MATCH_UID

Do we require users that want to access GNS to run this process (usually not a good idea)?

Default value: NO

UNIX_MATCH_GID

Do we require users that want to access GNS to be in the ’gnunet’ group?

Default value: NO

EXAMPLES

This example is a simple way to get started, using a server that has a known list of peers to get you started. Most users will be behind a firewall on IPv4, as such NAT is enabled. Please remember to change your IP address to the actual external address for your usage.

[hostlist]
OPTIONS = -b -e

[nat]
BEHIND_NAT = YES
ENABLE_UPNP = YES
DISABLEV6 = YES
EXTERNAL_ADDRESS = 157.166.249.10

[arm]
START_SYSTEM_SERVICES = YES
START_USER_SERVICES = NO

FILES

~gnunet/.config/gnunet.conf GNUnet system-user configuration file $HOME/.config/gnunet.conf User specific GNUnet configuration file /etc/gnunet.conf Systemwide GNUnet configuration file $GNUNET_PREFIX/share/gnunet/config.d/ GNUnet configuration directory with all default option values

SEE ALSO

env(1), gnunet-arm(1), gnunet-setup(1), strftime(3).

The full documentation for gnunet is maintained as a Texinfo manual. If the info(1) and gnunet programs are properly installed at your site, the command

info gnunet

should give you access to the complete handbook,

info gnunet-c-tutorial

will give you access to a tutorial for developers.

Depending on your installation, this information is also available in gnunet(7) and gnunet-c-tutorial(7).

BUGS

Report bugs by using https://bugs.gnunet.org or by sending electronic mail to ⟨ gnunet-developers AT gnu DOT org⟩ .

BSD October 26, 2018 BSD

pdf