[arm] PORT = 12087 HOSTNAME = localhost BINARY = gnunet-service-arm ACCEPT_FROM = 127.0.0.1; ACCEPT_FROM6 = ::1; # Special case, uses user runtime dir even for per-system service. UNIXPATH = $GNUNET_USER_RUNTIME_DIR/gnunet-service-arm.sock UNIX_MATCH_UID = YES UNIX_MATCH_GID = YES # In the "-l" option, format characters from 'strftime' are allowed; # In the GLOBAL_POSTFIX, "{}" stands for the name of the respective # service. Thus the following option would introduce per-service # logging with a new log file each day. Note that only the last 3 # log files are preserved. # GLOBAL_POSTFIX = -l $GNUNET_CACHE_HOME/{}-%Y-%m-%d.log GLOBAL_PREFIX = # If set to YES, ARM will only start services that are marked as # system-level services (and we'll expect a second ARM to be # run per-user to run user-level services). Note that in this # case you must have manually created a different configuration # file with the user where at least this and the USER_ONLY # options differ. # SYSTEM_ONLY = YES # If set to YES, ARM will only start services that are marked as # per-user services (and we'll expect a system user to run ARM to # provide system-level services). Per-user services enable # better personalization and priviledge separation and in particular # ensures that personal data is stored under $HOME, which might # be important in a multi-user system (or if $HOME is encrypted # and /var/ is not). # # Note that if you have different ARM services for SYSTEM and USER, # and you are not on UNIX, you need to change the PORT option for the # USER ARM instances to some free port (counting down from 2085 should # be sane). # # USER_ONLY = YES # File where we should log per-service resource consumption on exit. # RESOURCE_DIAGNOSTICS = resource.log # Name of the user that will be used to provide the service # USERNAME = # MAXBUF = # TIMEOUT = # DISABLEV6 = # BINDTO = # REJECT_FROM = # REJECT_FROM6 = # PREFIX = [ats] AUTOSTART = YES PORT = 12098 HOSTNAME = localhost BINARY = gnunet-service-ats ACCEPT_FROM = 127.0.0.1; ACCEPT_FROM6 = ::1; UNIXPATH = $GNUNET_HOME/gnunet-service-ats.sock UNIX_MATCH_UID = NO UNIX_MATCH_GID = YES # PREFIX = valgrind # Designated assignment mode: PROPORTIONAL / MLP / RIL MODE = proportional # Network specific inbound/outbound quotas UNSPECIFIED_QUOTA_IN = 64 KiB UNSPECIFIED_QUOTA_OUT = 64 KiB # LOOPBACK LOOPBACK_QUOTA_IN = unlimited LOOPBACK_QUOTA_OUT = unlimited # LAN LAN_QUOTA_IN = unlimited LAN_QUOTA_OUT = unlimited # WAN WAN_QUOTA_IN = 64 KiB WAN_QUOTA_OUT = 64 KiB # WLAN WLAN_QUOTA_IN = 1 MiB WLAN_QUOTA_OUT = 1 MiB # BLUETOOTH BLUETOOTH_QUOTA_IN = 128 KiB BLUETOOTH_QUOTA_OUT = 128 KiB # ATS options # Proportional specific settings # How proportional to preferences is bandwidth distribution in a network # 1.0: Fair with respect to addresses without preferences # > 1.0: The bigger, the more respect is payed to preferences PROP_PROPORTIONALITY_FACTOR = 2.00 # Should we stick to existing connections are prefer to switch? # [1.0...2.0], lower value prefers to switch, bigger value is more tolerant PROP_STABILITY_FACTOR = 1.25 # MLP specific settings # MLP defaults # Maximum duration for a solution process (both LP and MILP) # MLP_MAX_DURATION = 3 s # Maximum numbero of iterations for a solution process (only LP) # MLP_MAX_ITERATIONS = # Tolerated MIP Gap [0.0 .. 1.0], default 0.025 MLP_MAX_MIP_GAP = 0.025 # Tolerated LP/MIP Gap [0.0 .. 1.0], default 0.025 MLP_MAX_LP_MIP_GAP = 0.025 # Maximum number of iterations for a solution process # MLP_MAX_ITERATIONS = 1024 # MLP_COEFFICIENT_D = 1.0 # MLP_COEFFICIENT_U = 1.0 # MLP_COEFFICIENT_R = 1.0 # MLP_MIN_BANDWIDTH = 1024 # MLP_MIN_CONNECTIONS = 4 # MLP Log settings # Dump all problems to disk # MLP_DUMP_PROBLEM_ALL = YES # Dump all solution to disk # MLP_DUMP_SOLUTION_ALL = YES # Print GLPK output # MLP_GLPK_VERBOSE = YES # Dump all problems to disk MLP_DUMP_PROBLEM_ON_FAIL = YES # Dump all solution to disk MLP_DUMP_SOLUTION_ON_FAIL = YES # RIL specifc settings RIL_STEP_TIME_MIN = 500 ms RIL_STEP_TIME_MAX = 1000 ms # SARSA or Q-LEARNING RIL_ALGORITHM = Q-LEARNING RIL_DISCOUNT_BETA = 0.7 RIL_GRADIENT_STEP_SIZE = 0.3 RIL_TRACE_DECAY = 0.2 RIL_EXPLORE_RATIO = 0.1 RIL_GLOBAL_REWARD_SHARE = 1 [cadet] FORCESTART = YES AUTOSTART = YES PORT = 12096 HOSTNAME = localhost BINARY = gnunet-service-cadet # PREFIX = valgrind --leak-check=yes ACCEPT_FROM = 127.0.0.1; ACCEPT_FROM6 = ::1; UNIXPATH = $GNUNET_HOME/gnunet-service-cadet.sock UNIX_MATCH_UID = YES UNIX_MATCH_GID = YES # How often do we send KEEPALIVE messages on connections to keep them # from timing out? REFRESH_CONNECTION_TIME = 5 min # Percentage of packets CADET is artificially dropping. Used for testing only! # DROP_PERCENT = # How frequently do we usually anounce our presence in the DHT? ID_ANNOUNCE_TIME = 1 h # FIXME: document CONNECT_TIMEOUT = 30 s # What is the replication level we give to the DHT when announcing our # existence? Usually there is no need to change this. DHT_REPLICATION_LEVEL = 3 # FIXME: not implemented # MAX_TUNNELS = 1000 # FIXME: not implemented, replaced by MAX_ROUTES in NEW CADET! MAX_CONNECTIONS = 1000 # How many routes do we participate in at most? Should be smaller # than MAX_MSGS_QUEUE MAX_ROUTES = 5000 # FIXME: not implemented MAX_MSGS_QUEUE = 10000 # FIXME: not implemented MAX_PEERS = 1000 # How often do we advance the ratchet even if there is not # any traffic? RATCHET_TIME = 1 h # How often do we advance the ratched if there is traffic? RATCHET_MESSAGES = 64 [consensus] AUTOSTART = YES PORT = 12103 HOSTNAME = localhost BINARY = gnunet-service-consensus ACCEPT_FROM = 127.0.0.1; ACCEPT_FROM6 = ::1; UNIXPATH = $GNUNET_HOME/gnunet-service-consensus.sock UNIX_MATCH_UID = YES UNIX_MATCH_GID = YES [core] AUTOSTART = YES PORT = 12092 HOSTNAME = localhost BINARY = gnunet-service-core ACCEPT_FROM = 127.0.0.1; ACCEPT_FROM6 = ::1; UNIXPATH = $GNUNET_HOME/gnunet-service-core.sock UNIX_MATCH_UID = NO UNIX_MATCH_GID = YES # DISABLE_SOCKET_FORWARDING = NO # USERNAME = # MAXBUF = # TIMEOUT = # DISABLEV6 = # BINDTO = # REJECT_FROM = # REJECT_FROM6 = # PREFIX = # Note: this MUST be set to YES in production, only set to NO for testing # for performance (testbed/cluster-scale use!). USE_EPHEMERAL_KEYS = YES [datacache-postgres] CONFIG = connect_timeout=10; dbname=gnunet [datastore] AUTOSTART = YES UNIXPATH = $GNUNET_HOME/gnunet-service-datastore.sock UNIX_MATCH_UID = NO UNIX_MATCH_GID = YES PORT = 2093 HOSTNAME = localhost BINARY = gnunet-service-datastore ACCEPT_FROM = 127.0.0.1; ACCEPT_FROM6 = ::1; QUOTA = 5 GB BLOOMFILTER = $GNUNET_DATA_HOME/datastore/bloomfilter DATABASE = sqlite # DISABLE_SOCKET_FORWARDING = NO [datastore-sqlite] FILENAME = $GNUNET_DATA_HOME/datastore/sqlite.db [datastore-postgres] CONFIG = connect_timeout=10; dbname=gnunet [datastore-mysql] DATABASE = gnunet CONFIG = ~/.my.cnf # USER = gnunet # PASSWORD = # HOST = localhost PORT = 3306 [datastore-heap] HASHMAPSIZE = 1024 [dht] FORCESTART = YES AUTOSTART = YES PORT = 12095 HOSTNAME = localhost BINARY = gnunet-service-dht ACCEPT_FROM = 127.0.0.1; ACCEPT_FROM6 = ::1; BUCKET_SIZE = 4 UNIXPATH = $GNUNET_HOME/gnunet-service-dht.sock UNIX_MATCH_UID = NO UNIX_MATCH_GID = YES # DISABLE_SOCKET_FORWARDING = NO # USERNAME = # MAXBUF = # TIMEOUT = # DISABLEV6 = # BINDTO = # REJECT_FROM = # REJECT_FROM6 = # PREFIX = # Should the DHT cache results that we are routing in the DATACACHE as well? CACHE_RESULTS = YES # Special option to disable DHT calling 'try_connect' (for testing) DISABLE_TRY_CONNECT = NO [dhtcache] DATABASE = heap QUOTA = 50 MB # Disable RC-file for Bloom filter? (for benchmarking with limited IO availability) DISABLE_BF_RC = NO [dns] AUTOSTART = YES HOSTNAME = localhost BINARY = gnunet-service-dns UNIXPATH = $GNUNET_HOME/gnunet-service-dns.sock PORT = 2122 # Access to this service can compromise all DNS queries in this # system. Thus access should be restricted to the same UID. # (see https://gnunet.org/gnunet-access-control-model) UNIX_MATCH_UID = YES UNIX_MATCH_GID = YES # As there is no sufficiently restrictive access control for TCP, # we never use it, even if # is not set (just to be safe) PORT = 0 # Name of the virtual interface we use to intercept DNS traffic. IFNAME = gnunet-dns # Use RFC 3849-style documentation IPv6 address (RFC 4773 might provide an alternative in the future) # FIXME: or just default to a site-local address scope as we do for VPN!? IPV6ADDR = 2001:DB8::1 IPV6PREFIX = 126 # Use RFC 3927-style link-local address IPV4ADDR = 169.254.1.1 IPV4MASK = 255.255.0.0 # Enable GNUnet-wide DNS-EXIT service by setting this value to the IP address (IPv4 or IPv6) # of a DNS resolver to use. Only works if "PROVIDE_EXIT" is also set to YES. Must absolutely # NOT be an address of any of GNUnet's virtual tunnel interfaces. Use a well-known # public DNS resolver or your ISP's resolver from /etc/resolv.conf. DNS_EXIT = 8.8.8.8 [exit] BINARY = gnunet-daemon-exit # IPv6 address for the TUN interface (must be changed as this # must be within the global IPv6 range of your system!) IPV6ADDR = 2001:DB8::1 # Prefix for our IPv6 subnet on the TUN interface. IPV6PREFIX = 64 # IPv4 address to use on our TUN interface (may need to be # changed to avoid conflicts with existing addresses on your system). # Use RFC 3927-style link-local address IPV4ADDR = 169.254.86.1 # Netmask for the IPv4 subnet on the TUN interface. IPV4MASK = 255.255.255.0 # IPv4 networks to which we are allowed to exit. # The format is "(network[/netmask][:[!]SPORT-DPORT];)*" EXIT_RANGE_IPV4_POLICY = 0.0.0.0/0:!25; # IPv6 networks to which we are allowed to exit. # The format is "(network[/netmask][:[!]SPORT-DPORT];)*" EXIT_RANGE_IPV6_POLICY = ::/0:!25; # Not a service, tell ARM no binding! NOARMBIND = YES # Name of the (virtual) tunnel interface the exit daemon will manage TUN_IFNAME = exit-gnunet # Name of the "real" interface that IPv4 traffic from this system will # leave from; this is the name of the interface where we need to # enable NAT on postrouting (typically something like 'eth0' or 'eth1' # or 'wlan0'). Not needed if EXIT_IPv4 is disabled AND if all # offered services run on 'localhost'. In this case, the value # of the option can instead be set to "%" (to not enable NAT on any # interface). EXIT_IFNAME = eth0 # Set this to YES to allow exiting this system via IPv4 to the Internet EXIT_IPV4 = NO # Set this to YES to allow exiting this system via IPv6 to the Internet EXIT_IPV6 = NO # This option should be set to YES to allow the DNS service to # perform lookups against the locally configured DNS resolver. # (set to "NO" if no normal ISP is locally available and thus # requests for normal ".com"/".org"/etc. must be routed via # the GNUnet VPN (the GNUNET PT daemon then needs to be configured # to intercept and route DNS queries via cadet). # Set this to YES to allow using this system for DNS queries. EXIT_DNS = NO # Set this to an IPv4 or IPv6 address of a DNS resolver to use for DNS queries DNS_RESOLVER = 8.8.8.8 # For IPv4-services offered by this peer, we need to at least enable IPv4 ENABLE_IPV4 = YES # For IPv6-services offered by this peer, we need to at least enable IPv6 ENABLE_IPV6 = YES # Maximum number of concurrent connections this exit supports. MAX_CONNECTIONS = 256 [fs] AUTOSTART = YES FORCESTART = YES INDEXDB = $GNUNET_DATA_HOME/fs/idxinfo.lst RESPECT = $GNUNET_DATA_HOME/fs/credit/ STATE_DIR = $GNUNET_DATA_HOME/fs/persistence/ UPDATE_DIR = $GNUNET_DATA_HOME/fs/updates/ PORT = 2094 HOSTNAME = localhost BINARY = gnunet-service-fs ACCEPT_FROM = 127.0.0.1; ACCEPT_FROM6 = ::1; # Do we introduce artificial delays? (may improve anonymity) DELAY = YES # Do we cache content from other nodes? (may improve anonymity) CONTENT_CACHING = YES # Do we send unsolicited data to other nodes if we have excess bandwidth? # (may improve anonymity, probably not a good idea if content_caching is NO) CONTENT_PUSHING = YES UNIXPATH = $GNUNET_HOME/gnunet-service-fs.sock # Do we require users that want to access file-sharing to run this process # (usually not a good idea) UNIX_MATCH_UID = NO # Do we require users that want to access file-sharing to be in the 'gnunet' group? UNIX_MATCH_GID = YES # Maximum number of requests this peer tracks (important for # memory consumption; 2k RAM/request is not unusual) MAX_PENDING_REQUESTS = 65536 # How many requests do we have at most waiting in the queue towards # the datastore? (important for memory consumption) DATASTORE_QUEUE_SIZE = 32 # Maximum frequency we're allowed to poll the datastore # for content for migration (can be used to reduce # GNUnet's disk-IO rate) MIN_MIGRATION_DELAY = 100 ms # For how many neighbouring peers should we allocate hash maps? EXPECTED_NEIGHBOUR_COUNT = 128 # Disable anonymous file-sharing (but keep non-anonymous transfers)? # This option is mostly for testing. DISABLE_ANON_TRANSFER = NO # Maximum number of non-anonymous transfers this peer will support # at the same time. Excessive values mostly have the problem that # the service might use more memory, so we need to bound this at # some reasonable level. And if we have a very, very large # number, we probably won't have enough bandwidth to support them # well anyway, so better have a moderate cap. MAX_CADET_CLIENTS = 128 [gnunet-auto-share] BINARY = gnunet-auto-share FORCESTART = NO # Note: MUST specify path to auto-share directory and CAN specify other options # to gnunet-auto-share here! OPTIONS = $GNUNET_DATA_HOME/fs/share/ [gns] AUTOSTART = YES FORCESTART = YES HOSTNAME = localhost BINARY = gnunet-service-gns UNIXPATH = $GNUNET_USER_RUNTIME_DIR/gnunet-service-gns.sock PORT = 12102 # Do we require users that want to access GNS to run this process # (usually not a good idea) UNIX_MATCH_UID = NO # Do we require users that want to access GNS to be in the 'gnunet' group? UNIX_MATCH_GID = YES # How many queries is GNS allowed to perform in the background at the same time? MAX_PARALLEL_BACKGROUND_QUERIES = 1000 # Using caching or always ask DHT # USE_CACHE = YES # PREFIX = valgrind --leak-check=full --track-origins=yes [gns-proxy] BINARY = gnunet-gns-proxy AUTOSTART = NO USER_SERVICE = YES # Where is the certificate for the GNS proxy stored? PROXY_CACERT = $GNUNET_DATA_HOME/gns/gns_ca_cert.pem PROXY_UNIXPATH = $GNUNET_HOME/gnunet-gns-proxy.sock [dns2gns] BINARY = gnunet-dns2gns AUTOSTART = NO USER_SERVICE = YES # -d: DNS resolver to use, -s: suffix to use, -f: fcfs suffix to use OPTIONS = -d 8.8.8.8 [gnunet-fs-gtk] MAX_PARALLEL_DOWNLOADS = 128 MAX_PARALLEL_REQUESTS = 100000 # DEFAULT_DOWNLOAD_DIRECTORY = "~/Documents/Downloads" DEFAULT_DOWNLOAD_DIRECTORY = "~/Downloads" MAKE_UPDATEABLE_PUBLICATIONS_BY_DEFAULT = YES MAKE_NAMESPACE_PUBLICATIONS_BY_DEFAULT = NO MAKE_GLOBAL_PUBLICATIONS_BY_DEFAULT = YES [uri] fs = gnunet-fs-gtk [gnunet-namestore-gtk] NICK_EXPIRATION = 1 week [hostlist] FORCESTART = YES NOARMBIND = YES BINARY = gnunet-daemon-hostlist # port for hostlist http server HTTPPORT = 8080 # External DNS name other peers should use to access this hostlist # EXTERNAL_DNS_NAME = # Where do we store URLs of other hostlists we have learned? HOSTLISTFILE = $GNUNET_CONFIG_HOME/hostlist/learned.txt # Options: # -p : provide a hostlist as a hostlist servers # -b : bootstrap using configured hostlist servers # -e : enable learning advertised hostlists # -a : advertise hostlist to other servers OPTIONS = -b # Default list of hostlist servers for bootstrapping SERVERS = http://v10.gnunet.org/hostlist https://gnunet.io/hostlist # http://silent.0xdeadc0de.eu:8080/ # bind hostlist http server to a specific IPv4 # BINDTOIPV4 = # bind hostlist http server to a specific IPv6 # BINDTOIPV6 = # Hostname or IP of proxy server for downloading hostlists # PROXY = # User name for proxy server # PROXY_USERNAME = # User password for proxy server # PROXY_PASSWORD = # Type of proxy server, # Valid values: HTTP, HTTP_1_0, SOCKS4, SOCKS5, SOCKS4A, SOCKS5_HOSTNAME # Default: HTTP # PROXY_TYPE = HTTP [identity] AUTOSTART = YES USER_SERVICE = YES PORT = 12108 HOSTNAME = localhost BINARY = gnunet-service-identity ACCEPT_FROM = 127.0.0.1; ACCEPT_FROM6 = ::1; UNIXPATH = $GNUNET_USER_RUNTIME_DIR/gnunet-service-identity.sock UNIX_MATCH_UID = NO UNIX_MATCH_GID = YES # Directory where we store information about our egos EGODIR = $GNUNET_DATA_HOME/identity/egos/ # File where we store default identities for subsystems SUBSYSTEM_CFG = $GNUNET_CONFIG_HOME/identity/subsystem_defaults.conf [multicast] AUTOSTART = YES BINARY = gnunet-service-multicast UNIXPATH = $GNUNET_HOME/gnunet-service-multicast.sock UNIX_MATCH_UID = YES UNIX_MATCH_GID = YES PORT = 12109 HOSTNAME = localhost ACCEPT_FROM = 127.0.0.1; ACCEPT_FROM6 = ::1; # DISABLE_SOCKET_FORWARDING = NO # USERNAME = # MAXBUF = # TIMEOUT = # DISABLEV6 = # BINDTO = # REJECT_FROM = # REJECT_FROM6 = # PREFIX = [namecache] AUTOSTART = YES USER_SERVICE = NO UNIXPATH = $GNUNET_HOME/gnunet-service-namecache.sock UNIX_MATCH_UID = NO UNIX_MATCH_GID = YES PORT = 2113 HOSTNAME = localhost BINARY = gnunet-service-namecache ACCEPT_FROM = 127.0.0.1; ACCEPT_FROM6 = ::1; DATABASE = sqlite [namecache-sqlite] FILENAME = $GNUNET_DATA_HOME/namecache/sqlite.db [namecache-flat] FILENAME = $GNUNET_DATA_HOME/namecache/flat.db [namecache-postgres] CONFIG = connect_timeout=10; dbname=gnunet TEMPORARY_TABLE = NO [namestore] AUTOSTART = YES USER_SERVICE = YES UNIXPATH = $GNUNET_USER_RUNTIME_DIR/gnunet-service-namestore.sock UNIX_MATCH_UID = NO UNIX_MATCH_GID = YES PORT = 2099 HOSTNAME = localhost BINARY = gnunet-service-namestore ACCEPT_FROM = 127.0.0.1; ACCEPT_FROM6 = ::1; DATABASE = sqlite [namestore-sqlite] FILENAME = $GNUNET_DATA_HOME/namestore/sqlite.db [namestore-flat] FILENAME = $GNUNET_DATA_HOME/namestore/flat.db [namestore-postgres] CONFIG = connect_timeout=10; dbname=gnunet TEMPORARY_TABLE = NO [uri] gns = gnunet-namestore [fcfsd] # Name of the fcfs registration service binary (for ARM) BINARY = gnunet-namestore-fcfsd AUTOSTART = NO UNIXPATH = $GNUNET_HOME/gnunet-service-fcfsd.sock # On what port does the FCFS daemon listen for HTTP clients? HTTPPORT = 18080 [nat-auto] AUTOSTART = YES PORT = 2124 HOSTNAME = localhost BINARY = gnunet-service-nat-auto ACCEPT_FROM = 127.0.0.1; ACCEPT_FROM6 = ::1; UNIXPATH = $GNUNET_HOME/gnunet-service-nat-auto.sock UNIX_MATCH_UID = YES UNIX_MATCH_GID = YES [gnunet-nat-server] HOSTNAME = gnunet.org PORT = 5724 NOARMBIND = YES [nat] AUTOSTART = YES PORT = 2121 HOSTNAME = localhost BINARY = gnunet-service-nat ACCEPT_FROM = 127.0.0.1; ACCEPT_FROM6 = ::1; UNIXPATH = $GNUNET_HOME/gnunet-service-nat.sock UNIX_MATCH_UID = YES UNIX_MATCH_GID = YES # Enable UPNP by default? ENABLE_UPNP = YES # Disable IPv6 support # FIXME: move entirely to transport plugins! DISABLEV6 = NO # How often do we query the DNS resolver # for our hostname (to get our own IP) HOSTNAME_DNS_FREQUENCY = 20 min # How often do we iterate over our # network interfaces to check for changes # in our IP address? IFC_SCAN_FREQUENCY = 15 min # How often do we query the DNS resolver # for our hostname (to get our own IP) DYNDNS_FREQUENCY = 7 min # SHOULD USE STUN ? USE_STUN = YES STUN_FREQUENCY = 5 min # Default list of stun servers STUN_SERVERS = stun.gnunet.org stun.services.mozilla.com:3478 stun.ekiga.net:3478 # After how long do we consider STUN data stale? STUN_STALE = 60 min [nse] AUTOSTART = YES FORCESTART = YES PORT = 12097 HOSTNAME = localhost BINARY = gnunet-service-nse ACCEPT_FROM = 127.0.0.1; ACCEPT_FROM6 = ::1; UNIXPATH = $GNUNET_HOME/gnunet-service-nse.sock UNIX_MATCH_UID = NO UNIX_MATCH_GID = YES PROOFFILE = $GNUNET_DATA_HOME/nse/proof.dat # The directory where the NSE services logs timestamps everytime # a size estime flooding message is received # This option is only used for benchmarking, not in production. HISTOGRAM_DIR = $GNUNET_CACHE_HOME/nse/histogram # How 'slowly' should the proof-of-work be constructed (delay # between rounds); sane values between 0 and ~1000. # It should rarely make sense to change this value. # Only systems with slow CPUs where 5ms is a long time might # want it to be reduced. WORKDELAY = 5 ms # Note: changing any of the values below will make this peer # completely incompatible with other peers! # How often do peers exchange network size messages? # Note that all peers MUST use the same interval. # DO NOT CHANGE THIS VALUE, doing so will break the protocol! INTERVAL = 1 h # 2^22 hash operations take about 2-3h on a modern i7 (single-core) # for SCRYPT; with 2ms/op and 5ms workdelay, we can expect # the POW calculation to be done by a high-end peer in about 6h # DO NOT CHANGE THIS VALUE, doing so will break the protocol! WORKBITS = 22 [peerinfo] AUTOSTART = YES PORT = 12090 HOSTNAME = localhost BINARY = gnunet-service-peerinfo ACCEPT_FROM = 127.0.0.1; ACCEPT_FROM6 = ::1; UNIXPATH = $GNUNET_HOME/gnunet-service-peerinfo.sock UNIX_MATCH_UID = NO UNIX_MATCH_GID = YES # DISABLE_SOCKET_FORWARDING = NO # USERNAME = # MAXBUF = # TIMEOUT = # DISABLEV6 = # BINDTO = # REJECT_FROM = # REJECT_FROM6 = # PREFIX = HOSTS = $GNUNET_DATA_HOME/peerinfo/hosts/ # Option to disable all disk IO; only useful for testbed runs # (large-scale experiments); disables persistence of HELLOs! NO_IO = NO # Load HELLOs shipped with GNUnet USE_INCLUDED_HELLOS = YES [uri] hello = gnunet-peerinfo friend-hello = gnunet-peerinfo [peerstore] AUTOSTART = YES PORT = 12110 HOSTNAME = localhost BINARY = gnunet-service-peerstore UNIXPATH = $GNUNET_HOME/gnunet-service-peerstore.sock UNIX_MATCH_UID = NO UNIX_MATCH_GID = YES DATABASE = sqlite [peerstore-sqlite] FILENAME = $GNUNET_DATA_HOME/peerstore/sqlite.db [psyc] AUTOSTART = YES BINARY = gnunet-service-psyc UNIXPATH = $GNUNET_HOME/gnunet-service-psyc.sock UNIX_MATCH_UID = YES UNIX_MATCH_GID = YES PORT = 12115 HOSTNAME = localhost ACCEPT_FROM = 127.0.0.1; ACCEPT_FROM6 = ::1; [psycstore] AUTOSTART = YES BINARY = gnunet-service-psycstore UNIXPATH = $GNUNET_HOME/gnunet-service-psycstore.sock UNIX_MATCH_UID = YES UNIX_MATCH_GID = YES PORT = 12111 HOSTNAME = localhost ACCEPT_FROM = 127.0.0.1; ACCEPT_FROM6 = ::1; DATABASE = sqlite [psycstore-sqlite] FILENAME = $GNUNET_DATA_HOME/psycstore/sqlite.db [psycstore-mysql] DATABASE = gnunet CONFIG = ~/.my.cnf # USER = gnunet # PASSWORD = # HOST = localhost PORT = 3306 [psycstore-postgres] CONFIG = connect_timeout=10; dbname=gnunet [pt] BINARY = gnunet-daemon-pt NOARMBIND = YES # Set this to YES to tunnel IPv4 traffic over GNUnet TUNNEL_IPV4 = NO # Set this to YES to tunnel IPv6 traffic over GNUnet TUNNEL_IPV6 = NO # Set this to YES to tunnel DNS traffic over GNUnet TUNNEL_DNS = NO [regex] AUTOSTART = YES PORT = 2107 UNIXPATH = $GNUNET_HOME/gnunet-service-regex.sock HOSTNAME = localhost BINARY = gnunet-service-regex ACCEPT_FROM = 127.0.0.1; ACCEPT_FROM6 = ::1; [resolver] AUTOSTART = YES PORT = 12089 HOSTNAME = localhost BINARY = gnunet-service-resolver ACCEPT_FROM = 127.0.0.1; ACCEPT_FROM6 = ::1; UNIXPATH = $GNUNET_HOME/gnunet-service-resolver.sock UNIX_MATCH_UID = NO UNIX_MATCH_GID = NO # DISABLE_SOCKET_FORWARDING = NO # USERNAME = # MAXBUF = # TIMEOUT = # DISABLEV6 = # BINDTO = # REJECT_FROM = # REJECT_FROM6 = # PREFIX = [revocation] AUTOSTART = YES FORCESTART = YES PORT = 12112 HOSTNAME = localhost BINARY = gnunet-service-revocation ACCEPT_FROM = 127.0.0.1; ACCEPT_FROM6 = ::1; UNIXPATH = $GNUNET_HOME/gnunet-service-revocation.sock UNIX_MATCH_UID = NO UNIX_MATCH_GID = YES # 2^25 hash operations take about 16-24h on a modern i7 # (using only a single-core) with SCRYPT. # DO NOT CHANGE THIS VALUE, doing so will break the protocol! WORKBITS = 25 DATABASE = $GNUNET_DATA_HOME/revocation.dat [scalarproduct-alice] AUTOSTART = YES BINARY = gnunet-service-scalarproduct-ecc-alice UNIXPATH = $GNUNET_HOME/gnunet-service-scalarproduct-alice.sock PORT = 2117 #ACCEPT_FROM = 127.0.0.1; #ACCEPT_FROM6 = ::1; UNIX_MATCH_UID = NO UNIX_MATCH_GID = YES #OPTIONS = -L DEBUG #PREFIX = valgrind [scalarproduct-bob] AUTOSTART = YES HOSTNAME = localhost BINARY = gnunet-service-scalarproduct-ecc-bob UNIXPATH = $GNUNET_HOME/gnunet-service-scalarproduct-bob.sock PORT = 2118 #ACCEPT_FROM = 127.0.0.1; #ACCEPT_FROM6 = ::1; UNIX_MATCH_UID = NO UNIX_MATCH_GID = YES #OPTIONS = -L DEBUG #PREFIX = valgrind [secretsharing] AUTOSTART = NO PORT = 12114 HOSTNAME = localhost BINARY = gnunet-service-secretsharing ACCEPT_FROM = 127.0.0.1; ACCEPT_FROM6 = ::1; UNIXPATH = $GNUNET_HOME/gnunet-service-secretsharing.sock UNIX_MATCH_UID = YES UNIX_MATCH_GID = YES # DISABLE_SOCKET_FORWARDING = NO # USERNAME = # MAXBUF = # TIMEOUT = # DISABLEV6 = # BINDTO = # REJECT_FROM = # REJECT_FROM6 = # PREFIX = [set] AUTOSTART = YES PORT = 12106 HOSTNAME = localhost BINARY = gnunet-service-set ACCEPT_FROM = 127.0.0.1; ACCEPT_FROM6 = ::1; UNIXPATH = $GNUNET_HOME/gnunet-service-set.sock UNIX_MATCH_UID = YES UNIX_MATCH_GID = YES #PREFIX = valgrind [social] AUTOSTART = YES BINARY = gnunet-service-social USER_SERVICE = YES UNIXPATH = $GNUNET_USER_RUNTIME_DIR/gnunet-service-social.sock UNIX_MATCH_UID = YES UNIX_MATCH_GID = YES PORT = 12116 HOSTNAME = localhost ACCEPT_FROM = 127.0.0.1; ACCEPT_FROM6 = ::1; DATA_HOME = $GNUNET_DATA_HOME/social [statistics] AUTOSTART = YES PORT = 12088 HOSTNAME = localhost BINARY = gnunet-service-statistics ACCEPT_FROM = 127.0.0.1; ACCEPT_FROM6 = ::1; UNIXPATH = $GNUNET_HOME/gnunet-service-statistics.sock UNIX_MATCH_UID = NO UNIX_MATCH_GID = YES DATABASE = $GNUNET_DATA_HOME/statistics.dat # DISABLE_SOCKET_FORWARDING = NO # USERNAME = # MAXBUF = # TIMEOUT = # DISABLEV6 = # BINDTO = # REJECT_FROM = # REJECT_FROM6 = # PREFIX = [template] AUTOSTART = NO PORT = 9999 HOSTNAME = localhost BINARY = gnunet-service-template ACCEPT_FROM = 127.0.0.1; ACCEPT_FROM6 = ::1; UNIXPATH = $GNUNET_HOME/gnunet-service-template.sock UNIX_MATCH_UID = YES UNIX_MATCH_GID = YES # DISABLE_SOCKET_FORWARDING = NO # USERNAME = # MAXBUF = # TIMEOUT = # DISABLEV6 = # BINDTO = # REJECT_FROM = # REJECT_FROM6 = # PREFIX = [testbed] AUTOSTART = NO PORT = 2101 HOSTNAME = localhost BINARY = gnunet-service-testbed # How long should operations wait? OPERATION_TIMEOUT = 30 s # Set this to the path where the testbed helper is installed. By default the # helper binary is searched in /usr/local/lib/gnunet/libexec/ # HELPER_BINARY_PATH = /usr/local/lib/gnunet/libexec/gnunet-helper-testbed # Add your local network address here. For example, if you want to run # testbed on a group of hosts connected to network 192.168.1.0/24, then set # ACCEPT_FROM = 127.0.0.1; 192.168.1.0/24; # Multiple network addresses can be given. They should be separated by `;' ACCEPT_FROM = 127.0.0.1; ACCEPT_FROM6 = ::1; UNIXPATH = $GNUNET_HOME/gnunet-service-testbed.sock UNIX_MATCH_UID = YES UNIX_MATCH_GID = YES # How many maximum number of operations can be run in parallel. This number # should be decreased if the system is getting overloaded and to reduce the load # exerted by the emulation. MAX_PARALLEL_OPERATIONS = 1000 MAX_PARALLEL_TOPOLOGY_CONFIG_OPERATIONS = 1 # What topology should be generated by the helper functions GNUNET_TESTBED_run() # and GNUNET_TESTBED_test_run(). This option has no effect if testbed is # initialized with other functions. Valid values can be found at: # https://gnunet.org/supported-topologies OVERLAY_TOPOLOGY = NONE # Number of random links to be included to the generate the above topology. # Note that not all topologies require this option and ignore it. Topologies # requiring this option are RANDOM, SMALL_WORLD and SMALL_WORLD ring. # OVERLAY_RANDOM_LINKS = # This option is required if the OVERLAY_TOPOLOGY is set to FROM_FILE. It is # ignored for all other topologies. This option should contain the path to # the file containing the topology information. The format of the file is # presented at: https://gnunet.org/topology-file-format # OVERLAY_TOPOLOGY_FILE = /path/to/topology-file # The following options are required if the OVERLAY_TOPOLOGY is set to # SCALE_FREE. They are ignored in all other cases. # The number of maximum peers which can connect to a peer SCALE_FREE_TOPOLOGY_CAP = 70 # The minimum number of peers which a peer has to connect SCALE_FREE_TOPOLOGY_M = 5 # How many maximum number of handles to peers' services should be kept open at # any time. This number also keeps a check on the number of open descriptors as # opening a service connection results in opening a file descriptor. MAX_PARALLEL_SERVICE_CONNECTIONS = 256 # Size of the internal testbed cache. It is used to cache handles to peers # while trying to connect them. CACHE_SIZE = 30 # Maximum number of file descriptors a testbed controller is permitted to keep # open. MAX_OPEN_FDS = 512 # How long should we wait for testbed to setup while using helper functions # GNUNET_TESTBED_test_run() and GNUNET_TESTBED_run() SETUP_TIMEOUT = 5 m # Where should testbed write load statistics data # STATS_DIR = /tmp/load # What services should be shared among peers. # Format is "[] [] ...". The shared services are # started standalone without any other peer services or a hostkey. For this # reason, only services which doesn't depend on other services can only be # shared. Example: To share peerinfo among every 10 peers. The following spec # will start 5 peerinfo services when 50 peers are started: # # SHARED_SERVICES = peerinfo:10 # # To share multiple services # # SHARED_SERVICES = service1:n_share1 service2:n_share2 ... # # Default is to share no services SHARED_SERVICES = [testbed-barrier] AUTOSTART = NO PORT = 2103 HOSTNAME = localhost UNIXPATH = $GNUNET_HOME/gnunet-service-testbed-barrier.sock UNIX_MATCH_UID = YES UNIX_MATCH_GID = YES # This section is related to configuring underlay restrictions to simulate # connectivity restrictions of NAT boxes [testbed-underlay] AUTOSTART = NO NOARMBIND = YES BINARY = gnunet-daemon-testbed-underlay # The sqlite3 database file containing information about what underlay # restrictions to apply # DBFILE = [latency-logger] AUTOSTART = NO NOARMBIND = YES BINARY = gnunet-daemon-latency-logger # The sqlite3 database file where the latency values are to be stored # DBFILE = [testbed] AUTOSTART = NO PORT = 2101 HOSTNAME = localhost BINARY = gnunet-service-testbed # How long should operations wait? OPERATION_TIMEOUT = 30 s # Set this to the path where the testbed helper is installed. By default the # helper binary is searched in /usr/local/lib/gnunet/libexec/ # HELPER_BINARY_PATH = /usr/local/lib/gnunet/libexec/gnunet-helper-testbed # Add your local network address here. For example, if you want to run # testbed on a group of hosts connected to network 192.168.1.0/24, then set # ACCEPT_FROM = 127.0.0.1; 192.168.1.0/24; # Multiple network addresses can be given. They should be separated by `;' ACCEPT_FROM = 127.0.0.1; ACCEPT_FROM6 = ::1; UNIXPATH = $GNUNET_HOME/gnunet-service-testbed.sock UNIX_MATCH_UID = YES UNIX_MATCH_GID = YES # How many maximum number of operations can be run in parallel. This number # should be decreased if the system is getting overloaded and to reduce the load # exerted by the emulation. MAX_PARALLEL_OPERATIONS = 1000 MAX_PARALLEL_TOPOLOGY_CONFIG_OPERATIONS = 1 # What topology should be generated by the helper functions GNUNET_TESTBED_run() # and GNUNET_TESTBED_test_run(). This option has no effect if testbed is # initialized with other functions. Valid values can be found at: # https://gnunet.org/supported-topologies OVERLAY_TOPOLOGY = NONE # Number of random links to be included to the generate the above topology. # Note that not all topologies require this option and ignore it. Topologies # requiring this option are RANDOM, SMALL_WORLD and SMALL_WORLD ring. # OVERLAY_RANDOM_LINKS = # This option is required if the OVERLAY_TOPOLOGY is set to FROM_FILE. It is # ignored for all other topologies. This option should contain the path to # the file containing the topology information. The format of the file is # presented at: https://gnunet.org/topology-file-format # OVERLAY_TOPOLOGY_FILE = /path/to/topology-file # The following options are required if the OVERLAY_TOPOLOGY is set to # SCALE_FREE. They are ignored in all other cases. # The number of maximum peers which can connect to a peer SCALE_FREE_TOPOLOGY_CAP = 70 # The minimum number of peers which a peer has to connect SCALE_FREE_TOPOLOGY_M = 5 # How many maximum number of handles to peers' services should be kept open at # any time. This number also keeps a check on the number of open descriptors as # opening a service connection results in opening a file descriptor. MAX_PARALLEL_SERVICE_CONNECTIONS = 256 # Size of the internal testbed cache. It is used to cache handles to peers # while trying to connect them. CACHE_SIZE = 30 # Maximum number of file descriptors a testbed controller is permitted to keep # open. MAX_OPEN_FDS = 512 # How long should we wait for testbed to setup while using helper functions # GNUNET_TESTBED_test_run() and GNUNET_TESTBED_run() SETUP_TIMEOUT = 5 m # Where should testbed write load statistics data # STATS_DIR = /tmp/load # What services should be shared among peers. # Format is "[] [] ...". The shared services are # started standalone without any other peer services or a hostkey. For this # reason, only services which doesn't depend on other services can only be # shared. Example: To share peerinfo among every 10 peers. The following spec # will start 5 peerinfo services when 50 peers are started: # # SHARED_SERVICES = peerinfo:10 # # To share multiple services # # SHARED_SERVICES = service1:n_share1 service2:n_share2 ... # # Default is to share no services SHARED_SERVICES = [testbed-logger] AUTOSTART = NO PORT = 2102 HOSTNAME = localhost BINARY = gnunet-service-testbed-logger UNIXPATH = $GNUNET_HOME/gnunet-gnunet-testbed-logger.sock DIR = /tmp UNIX_MATCH_UID = YES UNIX_MATCH_GID = YES [testbed-barrier] AUTOSTART = NO PORT = 2103 HOSTNAME = localhost UNIXPATH = $GNUNET_HOME/gnunet-service-testbed-barrier.sock UNIX_MATCH_UID = YES UNIX_MATCH_GID = YES # This section is related to configuring underlay restrictions to simulate # connectivity restrictions of NAT boxes [testbed-underlay] AUTOSTART = NO NOARMBIND = YES BINARY = gnunet-daemon-testbed-underlay # The sqlite3 database file containing information about what underlay # restrictions to apply # DBFILE = [latency-logger] AUTOSTART = NO NOARMBIND = YES BINARY = gnunet-daemon-latency-logger # The sqlite3 database file where the latency values are to be stored # DBFILE = [TESTING] # How long before failing a connection? CONNECT_TIMEOUT = 30 s # How many connect attempts should we make? CONNECT_ATTEMPTS = 3 # How many connections can happen simultaneously? MAX_OUTSTANDING_CONNECTIONS = 50 # Should we clean up the files on peer group shutdown? DELETE_FILES = YES [topology] FORCESTART = YES NOARMBIND = YES MINIMUM-FRIENDS = 0 FRIENDS-ONLY = NO TARGET-CONNECTION-COUNT = 16 FRIENDS = $GNUNET_CONFIG_HOME/topology/friends.txt BINARY = gnunet-daemon-topology [transport] AUTOSTART = YES PORT = 12091 HOSTNAME = localhost BINARY = gnunet-service-transport # PREFIX = valgrind # Maximum number of neighbours PER PLUGIN (not in total). NEIGHBOUR_LIMIT = 50 ACCEPT_FROM = 127.0.0.1; ACCEPT_FROM6 = ::1; PLUGINS = tcp udp UNIXPATH = $GNUNET_HOME/gnunet-service-transport.sock BLACKLIST_FILE = $GNUNET_CONFIG_HOME/transport/blacklist UNIX_MATCH_UID = NO UNIX_MATCH_GID = YES # DISABLE_SOCKET_FORWARDING = NO # USERNAME = # MAXBUF = # TIMEOUT = # DISABLEV6 = # BINDTO = # REJECT_FROM = # REJECT_FROM6 = # PREFIX = valgrind --leak-check=full # Configuration settings related to traffic manipulation for testing purposes # Distance # MANIPULATE_DISTANCE_IN = 1 # MANIPULATE_DISTANCE_OUT = 1 # Delay; WARNING: to large values may lead to peers not connecting! # MANIPULATE_DELAY_IN = 1 ms # MANIPULATE_DELAY_OUT = 1 ms [transport-unix] UNIXPATH = $GNUNET_HOME/gnunet-transport-plugin-unix.sock TESTING_IGNORE_KEYS = ACCEPT_FROM; [transport-tcp] # Use 0 to ONLY advertise as a peer behind NAT (no port binding) PORT = 2086 # Obsolete option, to be replaced by HOLE_EXTERNAL (soon) ADVERTISED_PORT = 2086 # If we have a manually punched NAT, what is the external IP and port? # Can use DNS names for DynDNS-based detection of external IP. # Can use IPv6 addresses ([fefc::]:PORT). # Use "AUTO" for the hostname to automatically detect external IP. # Do not set if NAT is not manually punched. # HOLE_EXTERNAL = AUTO:2086 TESTING_IGNORE_KEYS = ACCEPT_FROM; # Maximum number of open TCP connections allowed MAX_CONNECTIONS = 128 TIMEOUT = 5 s # ACCEPT_FROM = # ACCEPT_FROM6 = # REJECT_FROM = # REJECT_FROM6 = # BINDTO = MAX_CONNECTIONS = 128 # Enable TCP stealth? TCP_STEALTH = NO [transport-udp] # Use PORT = 0 to autodetect a port available PORT = 2086 BROADCAST = YES BROADCAST_RECEIVE = YES BROADCAST_INTERVAL = 30 s # This limits UDP to 1MB/s for SENDING. Higher values are advised # for benchmarking or well-connected systems. Note that this quota # applies IN ADDITION to the system-wide transport-wide WAN/LAN # quotas. MAX_BPS = 1000000 TESTING_IGNORE_KEYS = ACCEPT_FROM; # If we have a manually punched NAT, what is the external IP and port? # Can use DNS names for DynDNS-based detection of external IP. # Can use IPv6 addresses ([fefc::]:PORT). # Use "AUTO" for the hostname to automatically detect external IP. # Do not set if NAT is not manually punched. # HOLE_EXTERNAL = AUTO:2086 [transport-http_client] MAX_CONNECTIONS = 128 TESTING_IGNORE_KEYS = ACCEPT_FROM; # Hostname or IP of proxy server # PROXY = # User name for proxy server # PROXY_USERNAME = # User password for proxy server # PROXY_PASSWORD = # Type of proxy server, # Valid values: HTTP, SOCKS4, SOCKS5, SOCKS4A, SOCKS5_HOSTNAME # Default: HTTP # PROXY_TYPE = HTTP # Enable tunneling proxy request instead of having proxy server evaluate it # Experimental, default: NO # PROXY_HTTP_TUNNELING = NO [transport-http_server] #EXTERNAL_HOSTNAME = PORT = 1080 # Obsolete option, to be replaced by HOLE_EXTERNAL (soon) ADVERTISED_PORT = 1080 # If we have a manually punched NAT, what is the external IP and port? # Can use DNS names for DynDNS-based detection of external IP. # Can use IPv6 addresses ([fefc::]:PORT). # Use "AUTO" for the hostname to automatically detect external IP. # Do not set if NAT is not manually punched. # HOLE_EXTERNAL = AUTO:1080 MAX_CONNECTIONS = 128 TESTING_IGNORE_KEYS = ACCEPT_FROM; # Enable TCP stealth? TCP_STEALTH = NO [transport-https_client] MAX_CONNECTIONS = 128 TESTING_IGNORE_KEYS = ACCEPT_FROM; # Hostname or IP of proxy server # PROXY = # User name for proxy server # PROXY_USERNAME = # User password for proxy server # PROXY_PASSWORD = # Type of proxy server, # Valid values: HTTP, SOCKS4, SOCKS5, SOCKS4A, SOCKS5_HOSTNAME # Default: HTTP # PROXY_TYPE = HTTP # Enable tunneling proxy request instead of having proxy server evaluate it # Experimental, default: NO # PROXY_HTTP_TUNNELING = NO [transport-https_server] # EXTERNAL_HOSTNAME = # EXTERNAL_HOSTNAME_ONLY = YES # If you have a valid SSL certificate for your external hostname tell, # clients to verify it # VERIFY_EXTERNAL_HOSTNAME = YES # Does the external hostname use the same port? # EXTERNAL_HOSTNAME_USE_PORT = YES PORT = 4433 # Obsolete option, to be replaced by HOLE_EXTERNAL (soon) ADVERTISED_PORT = 4433 # If we have a manually punched NAT, what is the external IP and port? # Can use DNS names for DynDNS-based detection of external IP. # Can use IPv6 addresses ([fefc::]:PORT). # Use "AUTO" for the hostname to automatically detect external IP. # Do not set if NAT is not manually punched. # HOLE_EXTERNAL = AUTO:4433 CRYPTO_INIT = NORMAL KEY_FILE = $GNUNET_DATA_HOME/transport/https.key CERT_FILE = $GNUNET_DATA_HOME/transport/https.cert MAX_CONNECTIONS = 128 TESTING_IGNORE_KEYS = ACCEPT_FROM; # Enable TCP stealth? TCP_STEALTH = NO [transport-wlan] # Name of the interface in monitor mode (typically monX) INTERFACE = mon0 # Real hardware, no testing TESTMODE = 0 TESTING_IGNORE_KEYS = ACCEPT_FROM; [transport-bluetooth] # Name of the interface (typically hciX) INTERFACE = hci0 # Real hardware, no testing TESTMODE = 0 TESTING_IGNORE_KEYS = ACCEPT_FROM; [PATHS] # The PATHS section is special, as filenames including $-expression are # expanded using the values from PATHS or the system environment (PATHS # is checked first). GNUnet also supports expanding $-expressions using # defaults with the syntax "${VAR:-default}". Here, "default" can again # be a $-expression. # # We usually want $HOME for $GNUNET_HOME, but we allow testcases to # easily override this by setting $GNUNET_TEST_HOME. # GNUNET_HOME = /tmp/gnunet/p2 # see XDG Base Directory Specification at # http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html # for how these should be used. # Persistant data storage GNUNET_DATA_HOME = ${XDG_DATA_HOME:-$GNUNET_HOME/.local/share}/gnunet/ # Configuration files GNUNET_CONFIG_HOME = ${XDG_CONFIG_HOME:-$GNUNET_HOME/.config}/gnunet/ # Cached data, no big deal if lost GNUNET_CACHE_HOME = ${XDG_CACHE_HOME:-$GNUNET_HOME/.cache}/gnunet/ # Runtime data (i.e UNIX domain sockets, locks, always lost on system boot) # This is the variable for system-wide services; use GNUNET_USER_RUNTIME_DIR # for per-user services (where USER_SERVICE=YES is set) # Note that the 'gnunet'/system user must have $TMPDIR/$TMP set to # exactly the same values as 'normal' users, otherwise this will fail. # If $TMPDIR or $TMP are set to different directories for different # users, this option should be changed to point to the same directory # for all users (i.e. by simply using "/tmp/gnunet-system-runtime/"). GNUNET_RUNTIME_DIR = ${TMPDIR:-${TMP:-/tmp}}/gnunet-system-runtime/ # Runtime data for per-user services GNUNET_USER_RUNTIME_DIR = ${TMPDIR:-${TMP:-/tmp}}/gnunet-${USERHOME:-${USER:-user}}-runtime/ # Override for GNUNET_HOME used by test cases. # GNUNET_TEST_HOME = /tmp/foo/bar # DEFAULTCONFIG = /etc/gnunet.conf # If 'DEFAULTCONFIG' is not defined, the current # configuration file is assumed to be the default, # which is what we want by default... [PEER] # Where do we store our private key? PRIVATE_KEY = $GNUNET_DATA_HOME/private_key.ecc # What kind of system are we on? Choices are # INFRASTRUCTURE (always-on, grid, data center) # DESKTOP (sometimes-on, grid, office) # NOTEBOOK (sometimes-on, mobile, often limited network, # if on-battery than large battery) # MOBILE (sometimes-on, mobile, always limited network, # always battery limited) # UNKNOWN (not configured/specified/known) SYSTEM_TYPE = UNKNOWN [TESTING] SPEEDUP_INTERVAL = 0 ms SPEEDUP_DELTA = 0 ms # This following option is applicable to LINUX. Enabling this option causes all # UNIX domain sockets to be opened as abstract sockets. Note that the # filesystem level restrictions no longer apply for abstract sockets. An # end-user should not modify this option. USE_ABSTRACT_SOCKETS = NO [vpn] AUTOSTART = YES PORT = 2105 HOSTNAME = localhost BINARY = gnunet-service-vpn ACCEPT_FROM = 127.0.0.1; ACCEPT_FROM6 = ::1; UNIXPATH = $GNUNET_HOME/gnunet-service-vpn.sock UNIX_MATCH_UID = NO UNIX_MATCH_GID = YES IPV6ADDR = 1234::1 IPV6PREFIX = 32 IPV4ADDR = 10.11.10.1 IPV4MASK = 255.255.0.0 VIRTDNS = 10.11.10.2 VIRTDNS6 = 1234::17 IFNAME = vpn-gnunet [zonemaster] AUTOSTART = YES FORCESTART = YES HOSTNAME = localhost BINARY = gnunet-service-zonemaster UNIXPATH = $GNUNET_USER_RUNTIME_DIR/gnunet-service-zonemaster.sock PORT = 2123 # Do we require users that want to access GNS to run this process # (usually not a good idea) UNIX_MATCH_UID = NO # Do we require users that want to access GNS to be in the 'gnunet' group? UNIX_MATCH_GID = NO # How many queries is GNS allowed to perform in the background at the same time? MAX_PARALLEL_BACKGROUND_QUERIES = 1000 # How frequently do we try to publish our full zone? ZONE_PUBLISH_TIME_WINDOW = 4 h # Using caching or always ask DHT # USE_CACHE = YES # PREFIX = valgrind --leak-check=full --track-origins=yes